diff --git a/.github/README.md b/.github/README.md index 99c65fec6..67a8cd545 100644 --- a/.github/README.md +++ b/.github/README.md @@ -1,32 +1,39 @@
-

-
- isabel's dotfiles -

- +

isabel's dotfiles

+ + stars ci - + repo size
-### Config layout +
-- ๐Ÿ  [home](../home/) -- ๐Ÿ–ฅ๏ธ [hosts](../hosts/) - - โ˜€๏ธ [Amaterasu](../hosts/amatarasu/) My high-end gaming machine - - ๐Ÿช„ [Luz](../hosts/luz/) A server configuration for some of my infrastructure - - ๐Ÿ‰ [Hydra](../hosts/hydra/) A super mid spec laptop - - โšธ [Lilith](../hosts/lilith/) A NixOS ISO image that can be quickly deployed and accessed via ssh -- ๐Ÿ“– [lib](../lib/) Useful repeated functions -- ๐Ÿงฉ [flake](../flake/) NixOS parts breaking down the complex configuration into smaller more manageable chunks -- ๐Ÿ”Œ [modules](../modules/) - - [common](../modules/base/) The base configuration settings, which are common between all systems - - [base](../modules/base/common/) Core parts of the configuration - - [options](../modules/base/options/) Selectable settings that can be used to toggle certain settings - - [extra](../modules/extra) Extra configuration modules, for home-manager and NixOS - - [profiles](../modules/profiles/) System type configurations (e.g. laptop, servers, desktop) + +- [What does this repo provided](#what-does-this-repo-provided) + - [Hyprland Shortcuts](#hyprland-shortcuts) +- [Config layout](#config-layout) +- [Install Notes](#install-notes) + - [Linux](#linux) + - [macOS (WIP)](#macos-wip) +- [Some Awesome people](#some-awesome-people) + + +### What does this repo provided + +- Several applications and tools for the same purpose, so you can choose the one that best suits your needs + - `neovim`, `micro` and `vscode` for text editing + - `firefox` and `chromium` for web browsing + - `alacritty`, `kitty` and `wezterm` for terminal emulators + - `bash`, `zsh`, `fish` and `nushell` for shells +- Modular configuration, so you can add or remove parts of the configuration +- Sensible defaults, so you can get started quickly +- [Catppuccin](https://github.com/catppuccin/catppucin) everywhere
- Hyprland Shortcuts + + +#### Hyprland Shortcuts + | Shortcut | What it does | | ------------------------------- | -------------------------- | @@ -43,6 +50,42 @@
+### Config layout + +- ๐Ÿ  [home](../home/) +- ๐Ÿ–ฅ๏ธ [hosts](../hosts/) + - โ˜€๏ธ [Amaterasu](../hosts/amatarasu/) My high-end gaming machine + - ๐Ÿ‰ [Hydra](../hosts/hydra/) A super mid spec laptop + - โšธ [Lilith](../hosts/lilith/) A NixOS ISO image that can be quickly deployed and accessed via ssh + - ๐Ÿช„ [Luz](../hosts/luz/) A server configuration for some of my infrastructure + - ๐–ค [Valkyrie](../hosts/valkyrie/) A WSL2 machine + - ๐Ÿ’ฎ [Tatsumaki](../hosts/tatsumaki/) A WIP macOS host +- ๐Ÿ“š [lib](../lib/) Useful repeated functions +- ๐Ÿงฉ [flake](../flake/) NixOS parts breaking down the complex configuration into smaller more manageable chunks +- ๐Ÿ“ [docs](../docs/) Documentation for the configuration which can be found [here](https://isabelroses.github.io/dotfiles/) +- ๐Ÿ”Œ [modules](../modules/) + - [base](../modules/base/) The base configuration settings, which are common between all systems + - [options](../modules/base/options/) Selectable settings that can be used to toggle certain settings + - [extra](../modules/extra) Extra configuration modules, for home-manager and Nix Darwin and NixOS + - [profiles](../modules/profiles/) System type configurations (e.g. laptop, servers, desktop) + +### Install Notes + +#### Linux + +- Install [NixOS](https://nixos.org/download.html) +- Clone this repository to `~/.config/flake` +- Run `sudo nixos-rebuild switch --flake ~/.config/flake#` + +#### macOS (WIP) + +- Install [homebrew](https://brew.sh/) + > `curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh | bash` +- Exclude nix from time machine backups + > `sudo tmutil addexclusion -v /nix` +- `nix run nix-darwin -- switch --flake ~/.config/flake# --experimental-features "nix-command flakes"` +- Then good news you can use the `rebuild` alias that exists for the future + ### Some Awesome people [NotAShelf](https://github.com/notashelf/nyx) - [numtide/srvos](https://github.com/numtide/srvos) - [nullishamy](https://github.com/nullishamy/derivation-station) - [nekowinston](https://github.com/nekowinston/dotfiles) - [getchoo](https://github.com/getchoo) - [nyxkrage](https://github.com/nyxkrage) diff --git a/.github/assets/flake.svg b/.github/assets/flake.svg deleted file mode 100644 index f71e2ca5c..000000000 --- a/.github/assets/flake.svg +++ /dev/null @@ -1,48 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml new file mode 100644 index 000000000..5345ef82e --- /dev/null +++ b/.github/workflows/docs.yml @@ -0,0 +1,31 @@ +name: Build and deploy docs + +on: + workflow_dispatch: + push: + paths: + - "modules/extra/**/*" + - "docs/*" + +jobs: + build: + name: Build and deploy docs + runs-on: ubuntu-latest + permissions: + contents: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install nix + uses: cachix/install-nix-action@v25 + + - name: Build Linux packages + run: "nix build -L .#docs-html" + + - name: Deploy to gh-pages branch + uses: peaceiris/actions-gh-pages@v3 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + publish_dir: ./result diff --git a/.gitignore b/.gitignore index 659459369..af032dbc6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ +# funny macos thing +.DS_Store + # Ingore nixos build outputs result .direnv/ diff --git a/docs/default.nix b/docs/default.nix new file mode 100644 index 000000000..f5241988e --- /dev/null +++ b/docs/default.nix @@ -0,0 +1,77 @@ +# All credits to @nekowinston for this script +# modfied from https://github.com/nekowinston/nur/blob/49cfefd3c252f4c56725df01f817d1a8b93447d8/docs/default.nix +{ + lib, + pkgs, + ... +}: let + inherit (lib) mkForce filterAttrs scrubDerivations removePrefix; + + mkEval = module: + lib.evalModules { + modules = [ + module + { + _module = { + pkgs = mkForce (scrubDerivations "pkgs" pkgs); + check = false; + }; + } + ]; + specialArgs = {inherit pkgs;}; + }; + + mkDoc = name: options: let + doc = pkgs.nixosOptionsDoc { + options = filterAttrs (n: _: n != "_module") options; + documentType = "none"; + transformOptions = opt: + opt + // { + declarations = + map + (decl: + if lib.hasPrefix (toString ../.) (toString decl) + then let + subpath = removePrefix "/" (removePrefix (toString ../.) (toString decl)); + in { + url = "https://github.com/isabelroses/dotfiles/tree/main/${subpath}"; + name = subpath; + } + else decl) + opt.declarations; + }; + }; + in + pkgs.runCommand "${name}-module-doc.md" {} '' + cat >$out <> $out + ''; + + convert = md: + pkgs.runCommand "isabelroses-dotfiles.html" {nativeBuildInputs = with pkgs; [pandoc texinfo];} '' + mkdir $out + cp ${./pandoc.css} style.css + pandoc -o file.texi ${builtins.concatStringsSep " " md} + texi2any ./file.texi --html --split=chapter --css-include=./style.css --document-language=en -o $out + ''; + + modulesPath = ../modules; + extraModulesPath = modulesPath + /extra; + + # internalEval = mkEval (import (modulesPath + /base)); + nixosEval = mkEval (import (extraModulesPath + /nixos)); + darwinEval = mkEval (import (extraModulesPath + /darwin)); + hmEval = mkEval (import (extraModulesPath + /home-manager)); + + # internal = mkDoc "internal" internalEval.options.modules; + nixos = mkDoc "nixos" nixosEval.options; + darwin = mkDoc "darwin" darwinEval.options; + hm = mkDoc "home-manager" hmEval.options; +in { + html = convert [nixos darwin hm]; + md = pkgs.linkFarm "md" (lib.mapAttrsToList (name: path: {inherit name path;}) ["nixos" "darwin" "hm"]); +} diff --git a/docs/pandoc.css b/docs/pandoc.css new file mode 100644 index 000000000..b7f2486ed --- /dev/null +++ b/docs/pandoc.css @@ -0,0 +1 @@ +/*! tailwindcss v3.3.3 | MIT License | https://tailwindcss.com*/*,:after,:before{box-sizing:border-box;border:0 solid #e5e7eb}:after,:before{--tw-content:""}html{line-height:1.5;-webkit-text-size-adjust:100%;-moz-tab-size:4;-o-tab-size:4;tab-size:4;font-family:ui-sans-serif,system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;font-feature-settings:normal;font-variation-settings:normal}body{margin:0;line-height:inherit}hr{height:0;color:inherit;border-top-width:1px}abbr:where([title]){-webkit-text-decoration:underline dotted;text-decoration:underline dotted}h1,h2,h3,h4,h5,h6{font-size:inherit;font-weight:inherit}a{color:inherit;text-decoration:inherit}b,strong{font-weight:bolder}code,kbd,pre,samp{font-family:ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,monospace;font-size:1em}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:initial}sub{bottom:-.25em}sup{top:-.5em}table{text-indent:0;border-color:inherit;border-collapse:collapse}button,input,optgroup,select,textarea{font-family:inherit;font-feature-settings:inherit;font-variation-settings:inherit;font-size:100%;font-weight:inherit;line-height:inherit;color:inherit;margin:0;padding:0}button,select{text-transform:none}[type=button],[type=reset],[type=submit],button{-webkit-appearance:button;background-color:initial;background-image:none}:-moz-focusring{outline:auto}:-moz-ui-invalid{box-shadow:none}progress{vertical-align:initial}::-webkit-inner-spin-button,::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;outline-offset:-2px}::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}summary{display:list-item}blockquote,dd,dl,figure,h1,h2,h3,h4,h5,h6,hr,p,pre{margin:0}fieldset{margin:0}fieldset,legend{padding:0}menu,ol,ul{list-style:none;margin:0;padding:0}dialog{padding:0}textarea{resize:vertical}input::-moz-placeholder,textarea::-moz-placeholder{opacity:1;color:#9ca3af}input::placeholder,textarea::placeholder{opacity:1;color:#9ca3af}[role=button],button{cursor:pointer}:disabled{cursor:default}audio,canvas,embed,iframe,img,object,svg,video{display:block;vertical-align:middle}img,video{max-width:100%;height:auto}[hidden]{display:none}*,::backdrop,:after,:before{--tw-border-spacing-x:0;--tw-border-spacing-y:0;--tw-translate-x:0;--tw-translate-y:0;--tw-rotate:0;--tw-skew-x:0;--tw-skew-y:0;--tw-scale-x:1;--tw-scale-y:1;--tw-pan-x: ;--tw-pan-y: ;--tw-pinch-zoom: ;--tw-scroll-snap-strictness:proximity;--tw-gradient-from-position: ;--tw-gradient-via-position: ;--tw-gradient-to-position: ;--tw-ordinal: ;--tw-slashed-zero: ;--tw-numeric-figure: ;--tw-numeric-spacing: ;--tw-numeric-fraction: ;--tw-ring-inset: ;--tw-ring-offset-width:0px;--tw-ring-offset-color:#fff;--tw-ring-color:#3b82f680;--tw-ring-offset-shadow:0 0 #0000;--tw-ring-shadow:0 0 #0000;--tw-shadow:0 0 #0000;--tw-shadow-colored:0 0 #0000;--tw-blur: ;--tw-brightness: ;--tw-contrast: ;--tw-grayscale: ;--tw-hue-rotate: ;--tw-invert: ;--tw-saturate: ;--tw-sepia: ;--tw-drop-shadow: ;--tw-backdrop-blur: ;--tw-backdrop-brightness: ;--tw-backdrop-contrast: ;--tw-backdrop-grayscale: ;--tw-backdrop-hue-rotate: ;--tw-backdrop-invert: ;--tw-backdrop-opacity: ;--tw-backdrop-saturate: ;--tw-backdrop-sepia: }html{--ctp-rosewater:220,138,120;--ctp-flamingo:221,120,120;--ctp-pink:234,118,203;--ctp-mauve:136,57,239;--ctp-red:210,15,57;--ctp-maroon:230,69,83;--ctp-peach:254,100,11;--ctp-yellow:223,142,29;--ctp-green:64,160,43;--ctp-teal:23,146,153;--ctp-sky:4,165,229;--ctp-sapphire:32,159,181;--ctp-blue:30,102,245;--ctp-lavender:114,135,253;--ctp-text:76,79,105;--ctp-subtext1:92,95,119;--ctp-subtext0:108,111,133;--ctp-overlay2:124,127,147;--ctp-overlay1:140,143,161;--ctp-overlay0:156,160,176;--ctp-surface2:172,176,190;--ctp-surface1:188,192,204;--ctp-surface0:204,208,218;--ctp-base:239,241,245;--ctp-mantle:230,233,239;--ctp-crust:220,224,232}@media (prefers-color-scheme:dark){html{--ctp-rosewater:245,224,220;--ctp-flamingo:242,205,205;--ctp-pink:245,194,231;--ctp-mauve:203,166,247;--ctp-red:243,139,168;--ctp-maroon:235,160,172;--ctp-peach:250,179,135;--ctp-yellow:249,226,175;--ctp-green:166,227,161;--ctp-teal:148,226,213;--ctp-sky:137,220,235;--ctp-sapphire:116,199,236;--ctp-blue:137,180,250;--ctp-lavender:180,190,254;--ctp-text:205,214,244;--ctp-subtext1:186,194,222;--ctp-subtext0:166,173,200;--ctp-overlay2:147,153,178;--ctp-overlay1:127,132,156;--ctp-overlay0:108,112,134;--ctp-surface2:88,91,112;--ctp-surface1:69,71,90;--ctp-surface0:49,50,68;--ctp-base:30,30,46;--ctp-mantle:24,24,37;--ctp-crust:17,17,27}}html{background-color:rgba(var(--ctp-mantle),var(--tw-bg-opacity))}body,html{--tw-bg-opacity:1;--tw-text-opacity:1;color:rgba(var(--ctp-text),var(--tw-text-opacity))}body{max-width:48rem;background-color:rgba(var(--ctp-base),var(--tw-bg-opacity));margin-left:auto;margin-right:auto;border-left-width:1px;border-right-width:1px;--tw-border-opacity:1;border-color:rgba(var(--ctp-surface2),var(--tw-border-opacity));padding-left:1rem;padding-right:1rem}pre{border-width:1px;border-style:dotted;--tw-border-opacity:1;border-color:rgba(var(--ctp-surface2),var(--tw-border-opacity));--tw-bg-opacity:1;background-color:rgba(var(--ctp-mantle),var(--tw-bg-opacity));padding:.5rem}code{font-family:ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,monospace}h1,h2,h3,h4,h5{--tw-text-opacity:1;color:rgba(var(--ctp-red),var(--tw-text-opacity));font-family:ui-sans-serif,system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;font-weight:700;padding-top:.75rem;padding-bottom:.25rem}h2,h3,h4,h5{border-bottom-width:1px;border-style:dotted;--tw-border-opacity:1;border-color:rgba(var(--ctp-surface2),var(--tw-border-opacity))}h1{font-size:1.25rem}h1,h2{line-height:1.75rem}h2{font-size:1.125rem}h4{font-size:.875rem;line-height:1.25rem}h5{font-size:.75rem;line-height:1rem}a{--tw-text-opacity:1;color:rgba(var(--ctp-sapphire),var(--tw-text-opacity))}a:hover{text-decoration-line:underline}p{padding-top:.5rem;padding-bottom:.5rem} diff --git a/flake.lock b/flake.lock index fb49ef961..91faa19a3 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1706913502, - "narHash": "sha256-7LrQ5HH4enwk0nc6/vx7uHqGtraUkHv2OoxBu4qGOg4=", + "lastModified": 1707523368, + "narHash": "sha256-41Fh1TKjW93QNkwZdH1x47+Lp4oAs99KgrW1Rqr6JrA=", "owner": "Aylur", "repo": "ags", - "rev": "fa590751134d713de5527cbbd42fdb50454444b1", + "rev": "16ca0fd29f46647850664ce93b022c3c4d857ce5", "type": "github" }, "original": { @@ -27,11 +27,11 @@ ] }, "locked": { - "lastModified": 1706070804, - "narHash": "sha256-+ri5fvKBoZfWKTXubGSNA+fqQdEG7DfkNE+u2KOvNJ4=", + "lastModified": 1707283909, + "narHash": "sha256-huycL9X55rvzNXmXYOdgxb6cniqqUHibnf7sBna7yr8=", "owner": "AdnanHodzic", "repo": "auto-cpufreq", - "rev": "68dec52bce39141fecb58b0a6ef096fb3f57ba14", + "rev": "3e8ee201178bc8e19dd531325af9de1debc5eebd", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "catppuccin": { "locked": { - "lastModified": 1705010618, - "narHash": "sha256-7mFUoNL0Ty/akEcXtAKueZbYbeDy0IOAS02w7ufgslU=", + "lastModified": 1707140582, + "narHash": "sha256-Wzq2W08mSfJ/M1yRQWGwvuEEwQn3+xDx82/9FrouDzw=", "owner": "Stonks3141", "repo": "ctp-nix", - "rev": "310ab70d9e690b641005ceafc6582305195c8711", + "rev": "948fe713ea548764a0a3f122975b8d79c44b7054", "type": "github" }, "original": { @@ -96,11 +96,11 @@ ] }, "locked": { - "lastModified": 1705522867, - "narHash": "sha256-NWelTZsf6OHFg2IQciDC5gE4/ajMjlAkgKKE7f7wmq8=", + "lastModified": 1707442730, + "narHash": "sha256-915Vs2YX3p3SgUzC7EOeyvpYoiUFniNv01Uj0zJnDos=", "owner": "catppuccin", "repo": "toolbox", - "rev": "38a3d162496f43b5776cf8862585a7780b8d6f50", + "rev": "c41c2725b8099d3a37b0beab6afdc99470dfaefa", "type": "github" }, "original": { @@ -116,11 +116,11 @@ ] }, "locked": { - "lastModified": 1704923501, - "narHash": "sha256-Kz3pymvpNHTlKruepOZ3lbiWxfGhtlK5JiqF0Hk+h6I=", + "lastModified": 1707437352, + "narHash": "sha256-wHzxYUSnCNZ6FMH+LD+BUC6f+ifXVwO8VfbJrwJltIs=", "owner": "catppuccin", "repo": "vscode", - "rev": "cf7019fdeba269650940fb0bd2c4e50c7bf498d8", + "rev": "8aaecb6fc91c679caad5e211881a5c1cbdaad418", "type": "github" }, "original": { @@ -133,7 +133,7 @@ "inputs": { "crane": "crane", "flake-utils": [ - "pre-commit-hooks", + "neovim", "flake-utils" ], "nixpkgs": [ @@ -186,11 +186,11 @@ ] }, "locked": { - "lastModified": 1706473964, - "narHash": "sha256-Fq6xleee/TsX6NbtoRuI96bBuDHMU57PrcK9z1QEKbk=", + "lastModified": 1707075082, + "narHash": "sha256-PUplk5F5jlIyofxqn/xEDN9pbjrd0tnkd0pDsZ52db0=", "owner": "ipetkov", "repo": "crane", - "rev": "c798790eabec3e3da48190ae3698ac227aab770c", + "rev": "7d5b46c17d857ee9ddb2e8d88185729a3e5637b6", "type": "github" }, "original": { @@ -221,17 +221,37 @@ "type": "github" } }, + "darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1706833576, + "narHash": "sha256-w7BL0EWRts+nD1lbLECIuz6fRzmmV+z8oWwoY7womR0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "bdbae6ecff8fcc322bf6b9053c0b984912378af7", + "type": "github" + }, + "original": { + "owner": "lnl7", + "repo": "nix-darwin", + "type": "github" + } + }, "deploy-rs": { "inputs": { "flake-compat": [ - "pre-commit-hooks", + "neovim", "flake-compat" ], "nixpkgs": [ "nixpkgs" ], "utils": [ - "pre-commit-hooks", + "neovim", "flake-utils" ] }, @@ -386,11 +406,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1704982712, - "narHash": "sha256-2Ptt+9h8dczgle2Oo6z5ni5rt/uLMG47UFTR1ry/wgg=", + "lastModified": 1706830856, + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "07f6395285469419cf9d078f59b5b49993198c00", + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", "type": "github" }, "original": { @@ -469,6 +489,24 @@ "inputs": { "systems": "systems_3" }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_4" + }, "locked": { "lastModified": 1701680307, "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", @@ -483,9 +521,9 @@ "type": "github" } }, - "flake-utils_3": { + "flake-utils_4": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1705309234, @@ -501,9 +539,9 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1701680307, @@ -519,9 +557,9 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_6": { "inputs": { - "systems": "systems_6" + "systems": "systems_7" }, "locked": { "lastModified": 1705309234, @@ -537,9 +575,9 @@ "type": "github" } }, - "flake-utils_6": { + "flake-utils_7": { "inputs": { - "systems": "systems_7" + "systems": "systems_8" }, "locked": { "lastModified": 1681202837, @@ -610,11 +648,11 @@ ] }, "locked": { - "lastModified": 1706798041, - "narHash": "sha256-BbvuF4CsVRBGRP8P+R+JUilojk0M60D7hzqE0bEvJBQ=", + "lastModified": 1707467182, + "narHash": "sha256-/Bw/xgCXfj4nXDd8Xq+r1kaorfsYkkomMf5w5MpsDyA=", "owner": "nix-community", "repo": "home-manager", - "rev": "4d53427bce7bf3d17e699252fd84dc7468afc46e", + "rev": "5b9156fa9a8b8beba917b8f9adbfd27bf63e16af", "type": "github" }, "original": { @@ -653,11 +691,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1706888173, - "narHash": "sha256-D7bJTQeDqkNYYw6Tc+AJplFw2eutke1SjppsarU+N5I=", + "lastModified": 1707522420, + "narHash": "sha256-B7ofcGLTHssAZqZcyVydLXXDvyVUUE5mcCDRJxt5gnk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cf1886ca44c78de3424d96fd18023eb0db759af6", + "rev": "334a0f03ee2f80118418c16cc06005a1fe8cfd60", "type": "github" }, "original": { @@ -777,26 +815,6 @@ "type": "github" } }, - "icat-wrapper": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1689446829, - "narHash": "sha256-ouOU4MuqpngtSwcmlVRnuoECiRPpVIMY4QpC0EWjNEg=", - "owner": "nekowinston", - "repo": "icat", - "rev": "4c3497a35d4f5a665c25b6ad468025f4126eaa40", - "type": "github" - }, - "original": { - "owner": "nekowinston", - "repo": "icat", - "type": "github" - } - }, "isabelroses-website": { "inputs": { "nixpkgs": [ @@ -804,11 +822,11 @@ ] }, "locked": { - "lastModified": 1706814849, - "narHash": "sha256-DuJlFO7YnKYNAhx2DcVMIuus5JUn0So5ocw+xYAYOrg=", + "lastModified": 1707392929, + "narHash": "sha256-aCS2VmKM5CrTnqzUU627bbIjRYNIIquKlJ+WuQ5rCW0=", "owner": "isabelroses", "repo": "website", - "rev": "5f365989b73519bcbe4ad8b8c85e40a951e5ea73", + "rev": "85d58d66da76d7c136690c08c46a59bd66d66915", "type": "github" }, "original": { @@ -821,14 +839,14 @@ "inputs": { "crane": "crane_2", "flake-compat": [ - "pre-commit-hooks", + "neovim", "flake-compat" ], "flake-parts": [ "flake-parts" ], "flake-utils": [ - "pre-commit-hooks", + "neovim", "flake-utils" ], "nixpkgs": [ @@ -840,11 +858,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1706522979, - "narHash": "sha256-2wP2qEFVoZ9q8C9MZdAwXPKDkIIQiEwUzuzCxVKafDc=", + "lastModified": 1707121196, + "narHash": "sha256-drevc7MfnMD0Ya811UPDCY5hkCOYXgDYr+oKwWLvF+E=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "c42edac7eb881315bb2a8dfd5190c8c87b91e084", + "rev": "f2bc0af580f0bb6e6a2d0bcf0cfb237b357ffbbf", "type": "github" }, "original": { @@ -902,50 +920,22 @@ } }, "nekowinston-nur": { - "inputs": { - "flake-utils": [ - "pre-commit-hooks", - "flake-utils" - ], - "nixpkgs": [ - "nixpkgs" - ], - "rust-overlay": "rust-overlay_3" - }, - "locked": { - "lastModified": 1706857408, - "narHash": "sha256-fpuA3nyixEUh0PTjbFL+Rl47CtkX9Q25vL/YtsSskqQ=", - "owner": "nekowinston", - "repo": "nur", - "rev": "10a127983a67d26608a8338fe2b0a1627cef9689", - "type": "github" - }, - "original": { - "owner": "nekowinston", - "repo": "nur", - "type": "github" - } - }, - "nekowinston-nur_2": { "inputs": { "flake-utils": [ "neovim", "flake-utils" ], "nixpkgs": [ - "neovim", "nixpkgs" ], - "rust-overlay": [ - "neovim" - ] + "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1706598190, - "narHash": "sha256-mCsT7PSZ72lOlzaKj2Sofa0puykc20twlJ6BESSUAMY=", + "lastModified": 1707462201, + "narHash": "sha256-CCA5DoYJHwo3x8tH+XqVOTiAlNzN9ciIOUW5JCuBWi0=", "owner": "nekowinston", "repo": "nur", - "rev": "6f3113357a5a8096a222920c9a598004dca39675", + "rev": "e5c12b41a8803069b2c94b23cc4b3afd66713c42", "type": "github" }, "original": { @@ -960,11 +950,10 @@ "flake-parts": [ "flake-parts" ], - "flake-utils": [ - "pre-commit-hooks", - "flake-utils" + "flake-utils": "flake-utils_2", + "nekowinston-nur": [ + "nekowinston-nur" ], - "nekowinston-nur": "nekowinston-nur_2", "neovim-nix": "neovim-nix", "nil": [ "nil" @@ -977,11 +966,11 @@ ] }, "locked": { - "lastModified": 1706882735, - "narHash": "sha256-GRsIGjbftrsc3o3D2rrHlmiGoncFf4FffHtIAGYJRSQ=", + "lastModified": 1707491475, + "narHash": "sha256-SA8i5tyfhuxzzrYsAmoOcROeOvBOUn9cjW2/0Ek/kAA=", "owner": "isabelroses", "repo": "nvim", - "rev": "e09566296fbeb2dabb9b32849a18d899e71488ca", + "rev": "11423b337c6163f07b8fecf205043e5cd299a26f", "type": "github" }, "original": { @@ -997,9 +986,6 @@ "flake-parts" ], "lazy-nvim": "lazy-nvim", - "neovim": [ - "neovim" - ], "nixpkgs": [ "neovim", "nixpkgs" @@ -1010,11 +996,11 @@ ] }, "locked": { - "lastModified": 1706211048, - "narHash": "sha256-+1W6t08LQFwmM+sXDqXzbak36ihB1wPjl9RllhxrJnw=", + "lastModified": 1706936572, + "narHash": "sha256-pEBWnoZX4F7+rzzm3fpLENFmgj5Nl2vW60EVJwwSk/c=", "owner": "willruggiano", "repo": "neovim.nix", - "rev": "3fdda1758ffe8351e05aa580de6033025ba4b610", + "rev": "3384f3cabecfe536ce5cd68eb3872141c9dd9450", "type": "github" }, "original": { @@ -1045,7 +1031,7 @@ }, "nil": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" ], @@ -1075,11 +1061,11 @@ ] }, "locked": { - "lastModified": 1706750085, - "narHash": "sha256-y/+t2ctdeUD/b0DLWS96UgGUs/srj7vbWef709DPxW4=", + "lastModified": 1707095568, + "narHash": "sha256-6zZifK7cs9eWiC+3MQvlMsq2JeyH7hPSP0qZ6sTny68=", "owner": "fufexan", "repo": "nix-gaming", - "rev": "63fa64659760172fef0e4d674c6661b7ad53b16b", + "rev": "9bde4efca9e4750ed691520d68c4c6eb308015e7", "type": "github" }, "original": { @@ -1095,11 +1081,11 @@ ] }, "locked": { - "lastModified": 1706411424, - "narHash": "sha256-BzziJYucEZvdCE985vjPoo3ztWcmUiSQ1wJ2CoT6jCc=", + "lastModified": 1707016097, + "narHash": "sha256-V4lHr6hFQ3rK650dh64Xffxsf4kse9vUYWsM+ldjkco=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "c782f2a4f6fc94311ab5ef31df2f1149a1856181", + "rev": "3e3dad2808379c522138e2e8b0eb73500721a237", "type": "github" }, "original": { @@ -1154,17 +1140,17 @@ "nixos-wsl": { "inputs": { "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1706867893, - "narHash": "sha256-c5bADvtL35S3vsJaXR5YWTXe08W0gSwOrTOXfpJB4Ac=", + "lastModified": 1707476384, + "narHash": "sha256-9YortZTCO9r7wFHX92t+npUDmD5VcKrkVmwaPCvEiXI=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "bcae8dc73b931b7f0fc65f1f1ef93dc379dfd66b", + "rev": "76ca59d8d4423b27c0238bc31401692ebc571365", "type": "github" }, "original": { @@ -1248,11 +1234,11 @@ "nixpkgs-lib": { "locked": { "dir": "lib", - "lastModified": 1703961334, - "narHash": "sha256-M1mV/Cq+pgjk0rt6VxoyyD+O8cOUiai8t9Q6Yyq4noY=", + "lastModified": 1706550542, + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b0d36bd0a420ecee3bc916c91886caca87c894e9", + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", "type": "github" }, "original": { @@ -1347,11 +1333,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1706732774, - "narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=", + "lastModified": 1707268954, + "narHash": "sha256-2en1kvde3cJVc3ZnTy8QeD2oKcseLFjYPLKhIGDanQ0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d", + "rev": "f8e2ebd66d097614d51a56a755450d4ae1632df1", "type": "github" }, "original": { @@ -1379,7 +1365,7 @@ "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat_5", - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "gitignore": "gitignore", "nixpkgs": [ "nixpkgs" @@ -1389,11 +1375,11 @@ ] }, "locked": { - "lastModified": 1706424699, - "narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=", + "lastModified": 1707297608, + "narHash": "sha256-ADjo/5VySGlvtCW3qR+vdFF4xM9kJFlRDqcC9ZGI8EA=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf", + "rev": "0db2e67ee49910adfa13010e7f012149660af7f0", "type": "github" }, "original": { @@ -1405,7 +1391,7 @@ "prism-launcher": { "inputs": { "flake-compat": [ - "pre-commit-hooks", + "neovim", "flake-compat" ], "flake-parts": [ @@ -1420,11 +1406,11 @@ ] }, "locked": { - "lastModified": 1706807774, - "narHash": "sha256-buTFjfWcApTXxoSbfTKgrvDBsAI9MQ6dmARcFnapPXA=", + "lastModified": 1707037280, + "narHash": "sha256-HFs4VPF5yJY1ON14ZIZ6KLAd1QzyKo24OaZw69npG/o=", "owner": "PrismLauncher", "repo": "PrismLauncher", - "rev": "5d223f6f9359c7b9017583c13c5f538032380b73", + "rev": "6935c0dc3ba6463b95c66c12ff2e2e0de1fa5ec0", "type": "github" }, "original": { @@ -1442,13 +1428,13 @@ "catppuccin-toolbox": "catppuccin-toolbox", "catppuccin-vsc": "catppuccin-vsc", "catppuccinifier": "catppuccinifier", + "darwin": "darwin", "deploy-rs": "deploy-rs", "flake-parts": "flake-parts", "flake-schemas": "flake-schemas", "home-manager": "home-manager", "hyprland": "hyprland", "hyprpicker": "hyprpicker", - "icat-wrapper": "icat-wrapper", "isabelroses-website": "isabelroses-website", "lanzaboote": "lanzaboote", "nekowinston-nur": "nekowinston-nur", @@ -1511,11 +1497,11 @@ ] }, "locked": { - "lastModified": 1706494265, - "narHash": "sha256-4ilEUJEwNaY9r/8BpL3VmZiaGber0j09lvvx0e/bosA=", + "lastModified": 1707099356, + "narHash": "sha256-ph483MDKLi9I/gndYOieVP41es633DOOmPjEI50x5KU=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "246ba7102553851af60e0382f558f6bc5f63fa13", + "rev": "61dfa5a8129f7edbe9150253c68f673f87b16fb1", "type": "github" }, "original": { @@ -1536,11 +1522,11 @@ ] }, "locked": { - "lastModified": 1706407941, - "narHash": "sha256-MAz9Oz6ddtJzK0UFzYMRrO99cCVcpYD6+MfTMiJdN/8=", + "lastModified": 1707012820, + "narHash": "sha256-4cxIaHUx6/DSEVHJfK0gx4DZkJ5xHugan27KfuVPnj0=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "ca8b329ae48f3c760f0e7e0249e8afa50edc8ed1", + "rev": "b83b8c3ef16d15a4ae3843d74f32dfc86caed60f", "type": "github" }, "original": { @@ -1551,17 +1537,17 @@ }, "rust-overlay_4": { "inputs": { - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_6", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1706753617, - "narHash": "sha256-ZKqTFzhFwSWFEpQTJ0uXnfJBs5Y/po9/8TK4bzssdbs=", + "lastModified": 1707444620, + "narHash": "sha256-P8kRkiJLFttN+hbAOlm11wPxUrQZqKle+QtVCqFiGXY=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "58be43ae223034217ea1bd58c73210644031b687", + "rev": "78503e9199010a4df714f29a4f9c00eb2ccae071", "type": "github" }, "original": { @@ -1630,11 +1616,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1706219574, - "narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=", + "lastModified": 1706742486, + "narHash": "sha256-sv/MISTeD0rqeVivpZJpynboMWJp6i62OmrZX1rGl38=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf", + "rev": "9e36323ae3dde787f761420465c3ae560f3dbf29", "type": "gitlab" }, "original": { @@ -1654,11 +1640,11 @@ ] }, "locked": { - "lastModified": 1706410821, - "narHash": "sha256-iCfXspqUOPLwRobqQNAQeKzprEyVowLMn17QaRPQc+M=", + "lastModified": 1707397511, + "narHash": "sha256-pYqXcTjcPC/go3FzT1dYtYsbmzAjO1MHhT/xgiI6J7o=", "owner": "Mic92", "repo": "sops-nix", - "rev": "73bf36912e31a6b21af6e0f39218e067283c67ef", + "rev": "2168851d58595431ee11ebfc3a49d60d318b7312", "type": "github" }, "original": { @@ -1773,6 +1759,21 @@ } }, "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_9": { "locked": { "lastModified": 1689347949, "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", @@ -1794,11 +1795,11 @@ ] }, "locked": { - "lastModified": 1706462057, - "narHash": "sha256-7dG1D4iqqt0bEbBqUWk6lZiSqqwwAO0Hd1L5opVyhNM=", + "lastModified": 1707300477, + "narHash": "sha256-qQF0fEkHlnxHcrKIMRzOETnRBksUK048MXkX0SOmxvA=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "c6153c2a3ff4c38d231e3ae99af29b87f1df5901", + "rev": "ac599dab59a66304eb511af07b3883114f061b9d", "type": "github" }, "original": { @@ -1824,7 +1825,7 @@ }, "vscode-server": { "inputs": { - "flake-utils": "flake-utils_6", + "flake-utils": "flake-utils_7", "nixpkgs": [ "nixpkgs" ] @@ -1869,7 +1870,7 @@ "nixpkgs": [ "nixpkgs" ], - "systems": "systems_8" + "systems": "systems_9" }, "locked": { "lastModified": 1706521509, diff --git a/flake.nix b/flake.nix index 32d110791..b5fde3f76 100755 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,6 @@ outputs = { self, - nixpkgs, flake-parts, ... } @ inputs: @@ -11,43 +10,38 @@ # The system archtecitures, more can be added as needed systems = [ "x86_64-linux" + "x86_64-darwin" "aarch64-linux" + "aarch64-darwin" ]; imports = [ + # add self back to inputs to use as `inputs.self` + # I depend on inputs.self *at least* once {config._module.args._inputs = inputs // {inherit (inputs) self;};} inputs.flake-parts.flakeModules.easyOverlay # flake parts ./flake/makeSys.nix # args that is passsed to the flake, moved away from the main file - - # flake part programs - ./flake/programs/pre-commit.nix # pre-commit hooks - ./flake/programs/treefmt.nix # treefmt configuration - - ./flake/pkgs # packages exposed to the flake + ./flake/modules # nixos and home-manager modules ./flake/overlays # overlays that make the system that bit cleaner - ./flake/templates # programing templates for the quick setup of new programing enviorments + ./flake/pkgs # packages exposed to the flake + ./flake/programs # programs that run in the dev shell ./flake/schemas # nix schemas. whenever they actually work - ./flake/modules # nixos and home-manager modules + ./flake/templates # programing templates for the quick setup of new programing enviorments ]; flake = let # extended nixpkgs lib, with additonal features lib = import ./lib {inherit inputs;}; - in { - nixosConfigurations = import ./hosts {inherit nixpkgs self lib withSystem;}; - - # build with `nix build .#images.` - # alternatively hosts can be built with `nix build .#nixosConfigurations.hostName.config.system.build.isoImage` - images = import ./hosts/images.nix {inherit inputs self lib;}; - }; + in + import ./hosts {inherit self lib withSystem;}; perSystem = { - config, - # inputs', pkgs, + config, + inputs', ... }: { imports = [{_module.args.pkgs = config.legacyPackages;}]; @@ -68,16 +62,18 @@ # tell direnv to shut up DIRENV_LOG_FORMAT = ""; - packages = with pkgs; [ - # inputs'.deploy-rs.packages.deploy-rs # remote deployment - git # flakes require git - nil # nix language server - statix # lints and suggestions - deadnix # clean up unused nix code - alejandra # nix formatter - nodejs # ags - config.treefmt.build.wrapper # treewide formatter - ]; + packages = with pkgs; + [ + # inputs'.deploy-rs.packages.deploy-rs # remote deployment + git # flakes require git + nil # nix language server + statix # lints and suggestions + deadnix # clean up unused nix code + alejandra # nix formatter + nodejs # ags + config.treefmt.build.wrapper # treewide formatter + ] + ++ lib.optionals stdenv.isDarwin [inputs'.darwin.packages.darwin-rebuild]; inputsFrom = [config.treefmt.build.devShell]; }; @@ -88,8 +84,15 @@ # choose our nixpkgs version nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - nix-gaming = { - url = "github:fufexan/nix-gaming"; + # darwin systems are important + darwin = { + url = "github:lnl7/nix-darwin"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + # nixos on wsl + nixos-wsl = { + url = "github:nix-community/NixOS-WSL"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -104,9 +107,8 @@ inputs.nixpkgs-lib.follows = "nixpkgs"; }; - # nixos on wsl - nixos-wsl = { - url = "github:nix-community/NixOS-WSL"; + nix-gaming = { + url = "github:fufexan/nix-gaming"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -151,8 +153,8 @@ url = "github:serokell/deploy-rs"; inputs = { nixpkgs.follows = "nixpkgs"; - utils.follows = "pre-commit-hooks/flake-utils"; - flake-compat.follows = "pre-commit-hooks/flake-compat"; + utils.follows = "neovim/flake-utils"; + flake-compat.follows = "neovim/flake-compat"; }; }; @@ -163,8 +165,8 @@ nixpkgs.follows = "nixpkgs"; flake-parts.follows = "flake-parts"; pre-commit-hooks-nix.follows = "pre-commit-hooks"; - flake-utils.follows = "pre-commit-hooks/flake-utils"; - flake-compat.follows = "pre-commit-hooks/flake-compat"; + flake-utils.follows = "neovim/flake-utils"; + flake-compat.follows = "neovim/flake-compat"; }; }; @@ -189,7 +191,7 @@ url = "github:nekowinston/nur"; inputs = { nixpkgs.follows = "nixpkgs"; - flake-utils.follows = "pre-commit-hooks/flake-utils"; + flake-utils.follows = "neovim/flake-utils"; }; }; @@ -200,8 +202,8 @@ nixpkgs.follows = "nixpkgs"; nil.follows = "nil"; flake-parts.follows = "flake-parts"; + nekowinston-nur.follows = "nekowinston-nur"; pre-commit-nix.follows = "pre-commit-hooks"; - flake-utils.follows = "pre-commit-hooks/flake-utils"; }; }; @@ -260,7 +262,7 @@ nixpkgs.follows = "nixpkgs"; flake-parts.follows = "flake-parts"; pre-commit-hooks.follows = "pre-commit-hooks"; - flake-compat.follows = "pre-commit-hooks/flake-compat"; + flake-compat.follows = "neovim/flake-compat"; }; }; @@ -269,7 +271,7 @@ url = "github:lighttigerXIV/catppuccinifier"; inputs = { nixpkgs.follows = "nixpkgs"; - flake-utils.follows = "pre-commit-hooks/flake-utils"; + flake-utils.follows = "neovim/flake-utils"; }; }; catppuccin.url = "github:Stonks3141/ctp-nix"; @@ -282,12 +284,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - # icat wrapper - icat-wrapper = { - url = "github:nekowinston/icat"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - # Schemas flake-schemas.url = "github:DeterminateSystems/flake-schemas"; nixSchemas.url = "github:DeterminateSystems/nix/flake-schemas"; diff --git a/flake/modules/default.nix b/flake/modules/default.nix index 1fd1f17f0..c9bf20543 100644 --- a/flake/modules/default.nix +++ b/flake/modules/default.nix @@ -6,14 +6,21 @@ in { flake = { nixosModules = { - wakapi = mkModule /modules/extra/nixos/wakapi; + internal = mkModule /modules/base; + + wakapi = mkModule /modules/extra/nixos/wakapi.nix; # i do not provide a default module, so throw an error default = builtins.throw "There is no default module."; }; + # Currently there are no darwin modules + darwinModules = { + default = builtins.throw "There is no default module."; + }; + homeManagerModules = { - gtklock = mkModule /modules/extra/home-manager/gtklock; + gtklock = mkModule /modules/extra/home-manager/gtklock.nix; default = builtins.throw "There is no default module."; }; diff --git a/flake/pkgs/default.nix b/flake/pkgs/default.nix index 78618c52c..a535c3668 100644 --- a/flake/pkgs/default.nix +++ b/flake/pkgs/default.nix @@ -4,7 +4,12 @@ _: { inputs', ... }: { - packages = { + packages = let + docs = pkgs.callPackage ../../docs {}; + in { + # docs-md = docs.md; + docs-html = docs.html; + lutgen-rs = pkgs.callPackage ./lutgen-rs.nix {}; patched-gjs = pkgs.callPackage ./patched-gjs.nix {}; plymouth-theme-catppuccin = pkgs.callPackage ./plymouth-theme-catppuccin.nix {}; diff --git a/flake/programs/default.nix b/flake/programs/default.nix new file mode 100644 index 000000000..855e3315c --- /dev/null +++ b/flake/programs/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ./treefmt.nix + ./pre-commit.nix + ]; +} diff --git a/home/isabel/default.nix b/home/isabel/default.nix index 3cf62aeed..1917b5d2e 100644 --- a/home/isabel/default.nix +++ b/home/isabel/default.nix @@ -1,14 +1,13 @@ { - inputs, lib, + pkgs, self, ... }: let - inherit (lib) mkDefault; + inherit (lib) mkDefault ldTernary; in { imports = [ # imported home-manager modules - inputs.catppuccin.homeManagerModules.catppuccin self.homeManagerModules.gtklock # important system environment config @@ -20,13 +19,14 @@ in { # Application themeing ./themes ]; + config = { # reload system units when changing configs systemd.user.startServices = mkDefault "sd-switch"; # or "legacy" if "sd-switch" breaks again home = { username = "isabel"; - homeDirectory = "/home/isabel"; + homeDirectory = ldTernary pkgs "/home/isabel" "/Users/isabel"; extraOutputsToInstall = ["doc" "devdoc"]; stateVersion = mkDefault "23.05"; diff --git a/home/isabel/programs/cli/desktop.nix b/home/isabel/programs/cli/desktop.nix index ff1f3b579..7d9cd7437 100644 --- a/home/isabel/programs/cli/desktop.nix +++ b/home/isabel/programs/cli/desktop.nix @@ -7,7 +7,7 @@ ... }: let inherit (lib) mkIf isAcceptedDevice optionals; - acceptedTypes = ["desktop" "laptop" "lite" "hybrid"]; + acceptedTypes = ["desktop" "laptop" "wsl" "lite" "hybrid"]; cfg = osConfig.modules.programs; in { @@ -18,10 +18,10 @@ in { bitwarden-cli # bitwarden, my chosen password manager trash-cli # `rm` skips the "rubish bin", this cli tool uses that brightnessctl # brightness managed via cli - self'.packages.catppuccinifier-cli ] ++ optionals cfg.cli.modernShell.enable [ inputs'.catppuccin-toolbox.packages.catwalk + self'.packages.catppuccinifier-cli ]; }; } diff --git a/home/isabel/programs/configs/cli/bat.nix b/home/isabel/programs/configs/cli/bat.nix index 5bd9457dc..ef91891ae 100644 --- a/home/isabel/programs/configs/cli/bat.nix +++ b/home/isabel/programs/configs/cli/bat.nix @@ -3,7 +3,7 @@ lib, ... }: let - acceptedTypes = ["desktop" "laptop" "lite" "hybrid"]; + acceptedTypes = ["desktop" "laptop" "wsl" "lite" "hybrid"]; in { config = lib.mkIf ((lib.isAcceptedDevice osConfig acceptedTypes) && lib.isModernShell osConfig) { programs.bat = { diff --git a/home/isabel/programs/configs/cli/fzf.nix b/home/isabel/programs/configs/cli/fzf.nix index d0802c732..e033839e7 100644 --- a/home/isabel/programs/configs/cli/fzf.nix +++ b/home/isabel/programs/configs/cli/fzf.nix @@ -4,7 +4,7 @@ lib, ... }: let - acceptedTypes = ["desktop" "laptop" "lite" "hybrid"]; + acceptedTypes = ["desktop" "laptop" "wsl" "lite" "hybrid"]; in { config = lib.mkIf ((lib.isAcceptedDevice osConfig acceptedTypes) && lib.isModernShell osConfig) { programs.fzf = { diff --git a/home/isabel/programs/configs/cli/git.nix b/home/isabel/programs/configs/cli/git.nix index 4daee4e1c..928f0da7c 100644 --- a/home/isabel/programs/configs/cli/git.nix +++ b/home/isabel/programs/configs/cli/git.nix @@ -1,11 +1,20 @@ { - osConfig, + lib, pkgs, + osConfig, ... }: let cfg = osConfig.modules.programs.agnostic.git; in { config = { + # `programs.git` will generate the config file: ~/.config/git/config + # to make git use this config file, `~/.gitconfig` should not exist! + home.activation = lib.mkIf pkgs.stdenv.isDarwin { + removeExistingGitconfig = lib.hm.dag.entryBefore ["checkLinkTargets"] '' + rm -f ~/.gitconfig + ''; + }; + home.packages = with pkgs; [ gist # manage github gists act # local github actions diff --git a/home/isabel/programs/configs/cli/shells/default.nix b/home/isabel/programs/configs/cli/shells/default.nix index 968cfec6e..251a93b06 100644 --- a/home/isabel/programs/configs/cli/shells/default.nix +++ b/home/isabel/programs/configs/cli/shells/default.nix @@ -1,8 +1,9 @@ _: { imports = [ - ./bash.nix - ./fish.nix - ./nushell.nix - ./shellAlias.nix + ./bash.nix # bash configurations + ./fish.nix # fish configurations + ./nushell.nix # nushell configurations + ./shellAlias.nix # shell alias + ./zsh.nix # zsh configurations ]; } diff --git a/home/isabel/programs/configs/cli/shells/zsh.nix b/home/isabel/programs/configs/cli/shells/zsh.nix new file mode 100644 index 000000000..329476028 --- /dev/null +++ b/home/isabel/programs/configs/cli/shells/zsh.nix @@ -0,0 +1,11 @@ +{pkgs, ...}: { + programs.zsh = { + enable = pkgs.stdenv.isDarwin; + + enableAutosuggestions = true; + enableCompletion = true; + syntaxHighlighting.enable = true; + + dotDir = ".config/zsh"; + }; +} diff --git a/home/isabel/programs/configs/cli/tealdear.nix b/home/isabel/programs/configs/cli/tealdear.nix index 36e5358c5..3db8adedb 100644 --- a/home/isabel/programs/configs/cli/tealdear.nix +++ b/home/isabel/programs/configs/cli/tealdear.nix @@ -3,7 +3,7 @@ lib, ... }: let - acceptedTypes = ["desktop" "laptop" "lite" "hybrid"]; + acceptedTypes = ["desktop" "laptop" "wsl" "lite" "hybrid"]; in { config = lib.mkIf ((lib.isAcceptedDevice osConfig acceptedTypes) && lib.isModernShell osConfig) { programs.tealdeer = { diff --git a/home/isabel/programs/configs/editors/vscode/default.nix b/home/isabel/programs/configs/editors/vscode/default.nix index 6a82e5661..f5c8f47d2 100644 --- a/home/isabel/programs/configs/editors/vscode/default.nix +++ b/home/isabel/programs/configs/editors/vscode/default.nix @@ -1,14 +1,20 @@ { lib, pkgs, - osConfig, config, + osConfig, ... }: let - inherit (osConfig.modules.environment) flakePath; - inherit (osConfig.modules.system) mainUser; + inherit (pkgs.stdenv) isLinux isDarwin; + inherit (lib) mkIf; + + mkLink = config.lib.file.mkOutOfStoreSymlink; + + vscodeStore = "${osConfig.modules.environment.flakePath}/home/${osConfig.modules.system.mainUser}/programs/configs/editors/vscode"; + keybindingsFile = mkLink "${vscodeStore}/keybindings.json"; + settingsFile = mkLink "${vscodeStore}/settings.json"; in { - config = lib.mkIf osConfig.modules.programs.agnostic.editors.vscode.enable { + config = mkIf osConfig.modules.programs.agnostic.editors.vscode.enable { programs.vscode = { enable = true; package = pkgs.vscode; @@ -76,9 +82,14 @@ in { mutableExtensionsDir = true; }; - xdg.configFile = { - "VSCode/User/keybindings.json".source = config.lib.file.mkOutOfStoreSymlink "${flakePath}/home/${mainUser}/programs/configs/editors/vscode/keybindings.json"; - "VSCode/User/settings.json".source = config.lib.file.mkOutOfStoreSymlink "${flakePath}/home/${mainUser}/programs/configs/editors/vscode/settings.json"; + xdg.configFile = mkIf isLinux { + "VSCode/User/keybindings.json".source = keybindingsFile; + "VSCode/User/settings.json".source = settingsFile; + }; + + home.file = mkIf isDarwin { + "Library/Application Support/Code/User/keybindings.json".source = keybindingsFile; + "Library/Application Support/Code/User/settings.json".source = settingsFile; }; }; } diff --git a/home/isabel/programs/configs/gui/bars/ags/themes.js b/home/isabel/programs/configs/gui/bars/ags/themes.js index 4eacd743a..e9cd41325 100644 --- a/home/isabel/programs/configs/gui/bars/ags/themes.js +++ b/home/isabel/programs/configs/gui/bars/ags/themes.js @@ -1,10 +1,10 @@ -import { Theme, WP, lightColors } from "./settings/theme.js"; +import { lightColors, Theme, WP } from "./settings/theme.js"; export default [ Theme({ name: "Mocha", icon: "๏††", - "desktop.wallpaper.img": WP + "wallhaven-qzp8dr.png", + "desktop.wallpaper.img": WP + "00387.jpg", }), Theme({ name: "Latte", diff --git a/home/isabel/programs/configs/gui/terminals/wezterm/wezterm.lua b/home/isabel/programs/configs/gui/terminals/wezterm/wezterm.lua index 2b192e546..de9e8bc04 100644 --- a/home/isabel/programs/configs/gui/terminals/wezterm/wezterm.lua +++ b/home/isabel/programs/configs/gui/terminals/wezterm/wezterm.lua @@ -8,16 +8,15 @@ end -- theme require("catppuccin").apply_to_config(config) +require("bar").apply_to_config(config) if utils.is_linux() then config.window_background_opacity = 0.90 - config.enable_tab_bar = false else config.window_background_image = "C:\\Users\\Isabel\\Pictures\\wallpapers\\wallhaven-qzp8dr.png" config.window_background_image_hsb = { brightness = 0.03, -- make the bg darker so we can see what we are doing } - require("bar").apply_to_config(config) end -- shell @@ -54,5 +53,7 @@ config.adjust_window_size_when_changing_font_size = false config.audible_bell = "Disabled" config.default_cursor_style = "BlinkingBar" config.front_end = "WebGpu" +config.window_close_confirmation = "NeverPrompt" +config.prefer_to_spawn_tabs = true return config diff --git a/home/isabel/programs/configs/tui/btop.nix b/home/isabel/programs/configs/tui/btop.nix index 898a82233..0f0133c0d 100644 --- a/home/isabel/programs/configs/tui/btop.nix +++ b/home/isabel/programs/configs/tui/btop.nix @@ -3,7 +3,7 @@ lib, ... }: let - acceptedTypes = ["desktop" "laptop" "lite" "hybrid"]; + acceptedTypes = ["desktop" "laptop" "wsl" "lite" "hybrid"]; in { config = lib.mkIf ((lib.isAcceptedDevice osConfig acceptedTypes) && osConfig.modules.programs.tui.enable) { programs.btop = { diff --git a/home/isabel/programs/configs/tui/ranger.nix b/home/isabel/programs/configs/tui/ranger.nix index 0c14f7571..dc2d1adfa 100644 --- a/home/isabel/programs/configs/tui/ranger.nix +++ b/home/isabel/programs/configs/tui/ranger.nix @@ -5,7 +5,7 @@ lib, ... }: let - acceptedTypes = ["desktop" "laptop" "lite" "hybrid"]; + acceptedTypes = ["desktop" "laptop" "wsl" "lite" "hybrid"]; in { config = lib.mkIf ((lib.isAcceptedDevice osConfig acceptedTypes) && osConfig.modules.programs.tui.enable) { home.packages = with pkgs; [ diff --git a/home/isabel/programs/scripts/preview.nix b/home/isabel/programs/scripts/preview.nix index 72339ca6b..994db9eff 100644 --- a/home/isabel/programs/scripts/preview.nix +++ b/home/isabel/programs/scripts/preview.nix @@ -15,7 +15,7 @@ ${lib.getExe pkgs.bat} --color always --plain "$1" ;; *image*) - ${lib.getExe inputs'.icat-wrapper.packages.default} "$1" + ${lib.getExe inputs'.nekowinston-nur.packages.icat} "$1" ;; *pdf) ${lib.getExe pkgs.catimg} -w 100 -r 2 "$1" diff --git a/home/isabel/services/shared/polkit.nix b/home/isabel/services/shared/polkit.nix index 4f6e23078..295f90d01 100644 --- a/home/isabel/services/shared/polkit.nix +++ b/home/isabel/services/shared/polkit.nix @@ -6,7 +6,7 @@ }: let inherit (lib) mkIf isAcceptedDevice mkGraphicalService; inherit (osConfig.modules.system) video; - acceptedTypes = ["desktop" "laptop" "lite" "hybrid"]; + acceptedTypes = ["desktop" "laptop" "wsl" "lite" "hybrid"]; in { config = mkIf ((isAcceptedDevice osConfig acceptedTypes) && video.enable) { # gnome polkit agent diff --git a/home/isabel/system/gpg.nix b/home/isabel/system/gpg.nix index da5639366..9cce86bab 100644 --- a/home/isabel/system/gpg.nix +++ b/home/isabel/system/gpg.nix @@ -1,31 +1,30 @@ { - osConfig, - config, lib, + pkgs, inputs, + config, + osConfig, ... }: let inherit (osConfig.modules.system) video; in { imports = [inputs.sops.homeManagerModules.sops]; - services = { - gpg-agent = { - enable = true; - enableBashIntegration = config.programs.bash.enable; - enableFishIntegration = config.programs.fish.enable; - enableZshIntegration = config.programs.zsh.enable; - pinentryFlavor = - if video.enable - then "gnome3" - else "curses"; - enableSshSupport = true; - defaultCacheTtl = 1209600; - defaultCacheTtlSsh = 1209600; - maxCacheTtl = 1209600; - maxCacheTtlSsh = 1209600; - extraConfig = "allow-preset-passphrase"; - }; + services.gpg-agent = { + enable = true; + enableBashIntegration = config.programs.bash.enable; + enableFishIntegration = config.programs.fish.enable; + enableZshIntegration = config.programs.zsh.enable; + pinentryFlavor = + if video.enable + then "gnome3" + else "curses"; + enableSshSupport = true; + defaultCacheTtl = 1209600; + defaultCacheTtlSsh = 1209600; + maxCacheTtl = 1209600; + maxCacheTtlSsh = 1209600; + extraConfig = "allow-preset-passphrase"; }; # Allow manually restarting gpg-agent if it fails @@ -33,53 +32,51 @@ in { sops.gnupg.home = config.programs.gpg.homedir; - programs = { - gpg = { - enable = true; - homedir = "${config.xdg.dataHome}/gnupg"; - settings = { - keyserver = "keys.openpgp.org"; - # https://github.com/drduh/config/blob/master/gpg.conf - # https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html - # https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html - # Use AES256, 192, or 128 as cipher - personal-cipher-preferences = "AES256 AES192 AES"; - # Use SHA512, 384, or 256 as digest - personal-digest-preferences = "SHA512 SHA384 SHA256"; - # Use ZLIB, BZIP2, ZIP, or no compression - personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed"; - # Default preferences for new keys - default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed"; - # SHA512 as digest to sign keys - cert-digest-algo = "SHA512"; - # SHA512 as digest for symmetric ops - s2k-digest-algo = "SHA512"; - # AES256 as cipher for symmetric ops - s2k-cipher-algo = "AES256"; - # UTF-8 support for compatibility - charset = "utf-8"; - # Show Unix timestamps - fixed-list-mode = ""; - # No comments in signature - no-comments = ""; - # No version in signature - no-emit-version = ""; - # Disable banner - no-greeting = ""; - # Long hexidecimal key format - keyid-format = "0xlong"; - # Display UID validity - list-options = "show-uid-validity"; - verify-options = "show-uid-validity"; - # Display all keys and their fingerprints - with-fingerprint = ""; - # Cross-certify subkeys are present and valid - require-cross-certification = ""; - # Disable caching of passphrase for symmetrical ops - no-symkey-cache = ""; - # Enable smartcard - use-agent = ""; - }; + programs.gpg = { + enable = true; + homedir = "${config.xdg.dataHome}/gnupg"; + settings = { + keyserver = "keys.openpgp.org"; + # https://github.com/drduh/config/blob/master/gpg.conf + # https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html + # https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html + # Use AES256, 192, or 128 as cipher + personal-cipher-preferences = "AES256 AES192 AES"; + # Use SHA512, 384, or 256 as digest + personal-digest-preferences = "SHA512 SHA384 SHA256"; + # Use ZLIB, BZIP2, ZIP, or no compression + personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed"; + # Default preferences for new keys + default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed"; + # SHA512 as digest to sign keys + cert-digest-algo = "SHA512"; + # SHA512 as digest for symmetric ops + s2k-digest-algo = "SHA512"; + # AES256 as cipher for symmetric ops + s2k-cipher-algo = "AES256"; + # UTF-8 support for compatibility + charset = "utf-8"; + # Show Unix timestamps + fixed-list-mode = ""; + # No comments in signature + no-comments = ""; + # No version in signature + no-emit-version = ""; + # Disable banner + no-greeting = ""; + # Long hexidecimal key format + keyid-format = "0xlong"; + # Display UID validity + list-options = "show-uid-validity"; + verify-options = "show-uid-validity"; + # Display all keys and their fingerprints + with-fingerprint = ""; + # Cross-certify subkeys are present and valid + require-cross-certification = ""; + # Disable caching of passphrase for symmetrical ops + no-symkey-cache = ""; + # Enable smartcard + use-agent = ""; }; }; } diff --git a/home/isabel/system/xdg.nix b/home/isabel/system/xdg.nix index d3d010163..56d75ac27 100644 --- a/home/isabel/system/xdg.nix +++ b/home/isabel/system/xdg.nix @@ -4,6 +4,8 @@ pkgs, ... }: let + inherit (pkgs.stdenv) isLinux; + browser = [ "text/html" "x-scheme-handler/http" @@ -65,7 +67,7 @@ in { stateHome = "${config.home.homeDirectory}/.local/state"; userDirs = { - enable = true; + enable = isLinux; createDirectories = true; documents = "${config.home.homeDirectory}/documents"; @@ -84,7 +86,7 @@ in { }; mimeApps = { - enable = true; + enable = isLinux; associations.added = associations; defaultApplications = associations; }; diff --git a/home/isabel/themes/global.nix b/home/isabel/themes/global.nix index 8e974afa0..047352e98 100644 --- a/home/isabel/themes/global.nix +++ b/home/isabel/themes/global.nix @@ -1,10 +1,16 @@ -{osConfig, ...}: let +{ + osConfig, + inputs, + ... +}: let cfg = osConfig.modules.style; in { + imports = [inputs.catppuccin.homeManagerModules.catppuccin]; + # pointer / cursor theming home.pointerCursor = { + name = cfg.pointerCursor.name; package = cfg.pointerCursor.package; - name = "${cfg.pointerCursor.name}"; size = cfg.pointerCursor.size; gtk.enable = true; x11.enable = true; diff --git a/home/isabel/themes/gtk.nix b/home/isabel/themes/gtk.nix index 738e5cfe7..99705d7a1 100644 --- a/home/isabel/themes/gtk.nix +++ b/home/isabel/themes/gtk.nix @@ -37,18 +37,15 @@ in { enable = true; theme = { - name = "${cfg.gtk.theme.name}"; - package = cfg.gtk.theme.package; + inherit (cfg.gtk.theme) name package; }; iconTheme = { - name = "${cfg.gtk.iconTheme.name}"; - package = cfg.gtk.iconTheme.package; + inherit (cfg.gtk.iconTheme) name package; }; font = { - name = "${cfg.gtk.font.name}"; - size = cfg.gtk.font.size; + inherit (cfg.gtk.font) name size; }; gtk2 = { @@ -62,15 +59,42 @@ in { }; gtk3.extraConfig = { + # make things look nice + gtk-application-prefer-dark-theme = true; + + gtk-decoration-layout = "appmenu:none"; + gtk-xft-antialias = 1; gtk-xft-hinting = 1; gtk-xft-hintstyle = "hintslight"; - gtk-xft-rgba = "rgb"; - gtk-application-prefer-dark-theme = 1; + + # stop annoying sounds + gtk-enable-event-sounds = 0; + gtk-enable-input-feedback-sounds = 0; + gtk-error-bell = 0; + + # config that is not the same as gtk4 + gtk-toolbar-style = "GTK_TOOLBAR_BOTH"; + gtk-toolbar-icon-size = "GTK_ICON_SIZE_LARGE_TOOLBAR"; + + gtk-button-images = 1; + gtk-menu-images = 1; }; gtk4.extraConfig = { - gtk-application-prefer-dark-theme = 1; + # make things look nice + gtk-application-prefer-dark-theme = true; + + gtk-decoration-layout = "appmenu:none"; + + gtk-xft-antialias = 1; + gtk-xft-hinting = 1; + gtk-xft-hintstyle = "hintslight"; + + # stop annoying sounds again + gtk-enable-event-sounds = 0; + gtk-enable-input-feedback-sounds = 0; + gtk-error-bell = 0; }; }; }; diff --git a/home/isabel/themes/qt.nix b/home/isabel/themes/qt.nix index b47160d05..c8ca79670 100644 --- a/home/isabel/themes/qt.nix +++ b/home/isabel/themes/qt.nix @@ -35,9 +35,9 @@ in { qt = { enable = true; - platformTheme = mkIf cfg.forceGtk "gtk"; # just an override for QT_QPA_PLATFORMTHEME, takes โ€œgtkโ€, โ€œgnomeโ€, โ€œqtctโ€ or โ€œkdeโ€ + platformTheme = mkIf cfg.forceGtk "gtk"; # an override for QT_QPA_PLATFORMTHEME style = mkIf (!cfg.forceGtk) { - name = "${cfg.qt.theme.name}"; + name = cfg.qt.theme.name; package = cfg.qt.theme.package; }; }; diff --git a/hosts/default.nix b/hosts/default.nix index 8099809d2..543d0a802 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,15 +1,9 @@ { - self, lib, withSystem, ... }: let - inherit (self) inputs; - inherit (lib) mkMerge mapAttrs concatLists mkNixosSystem mkNixosIso; - - # additional modules - hm = inputs.home-manager.nixosModules.home-manager; - ctp = inputs.catppuccin.nixosModules.catppuccin; + inherit (lib) mkMerge concatLists mkSystems mkNixosIsos; # modules modulePath = ../modules; # the base module path @@ -17,33 +11,36 @@ # base modules, are the base of this system configuration and are shared across all systems (so the basics) base = modulePath + /base; - # extra modules, these add extra functionality to the system configuration, not provided by nixpkgs or another source - extra = modulePath + /extra; + # profiles module, these are sensible defaults for given hardware sets + # or meta profiles that are used to configure the system based on the requirements of the given machine + profilesPath = modulePath + /profiles; # the base directory for the types module + hardwareProfilesPath = profilesPath + /hardware; # the base directory for the hardware profiles + metaProfilesPath = profilesPath + /meta; # the base directory for the meta profiles - # options module, these allow for quick configuration - options = modulePath + /options; + # hardware profiles + laptop = hardwareProfilesPath + /laptop; # for laptop type configurations + # desktop = hardwareProfilesPath + /desktop; # for desktop type configurations + server = [(hardwareProfilesPath + /server) headless]; # for server type configurations + wsl = [(hardwareProfilesPath + /wsl) headless]; # for wsl systems - # profiles are hardware based, system optimised defaults - profilesPath = modulePath + /profiles; # the base directory for the types module - server = profilesPath + /server; # for server type configurations - laptop = profilesPath + /laptop; # for laptop type configurations - # desktop = profilesPath + /desktop; # for desktop type configurations - workstation = profilesPath + /workstation; # for server type configurations - wsl = profilesPath + /wsl; # for wsl systems + # meta profiles + workstation = metaProfilesPath + /workstation; # for server type configurations + headless = metaProfilesPath + /headless; # for headless systems + darwin = metaProfilesPath + /darwin; # for darwin systems (macOS) # home-manager - home = ../home; # home-manager configurations - homes = [hm home]; # combine hm input module and the home module + homes = ../home; # home-manager configurations # a list of shared modules - shared = [base options extra ctp]; + shared = [base homes]; # extra specialArgs that are on all machines - sharedArgs = {inherit inputs self lib;}; + sharedArgs = {inherit lib;}; in mkMerge [ - (mapAttrs mkNixosSystem { - hydra = { + (mkSystems [ + { + host = "hydra"; inherit withSystem; system = "x86_64-linux"; modules = @@ -51,11 +48,12 @@ in workstation laptop ] - ++ concatLists [shared homes]; + ++ concatLists [shared]; specialArgs = sharedArgs; - }; + } - amaterasu = { + { + host = "amaterasu"; inherit withSystem; system = "x86_64-linux"; modules = @@ -63,33 +61,41 @@ in # desktop workstation ] - ++ concatLists [shared homes]; + ++ concatLists [shared]; specialArgs = sharedArgs; - }; + } - valkyrie = { + { + host = "valkyrie"; inherit withSystem; system = "x86_64-linux"; - modules = [wsl] ++ concatLists [shared homes]; + modules = concatLists [wsl shared]; specialArgs = sharedArgs; - }; + } - luz = { + { + host = "luz"; inherit withSystem; system = "x86_64-linux"; - modules = - [ - server - ] - ++ concatLists [shared homes]; + modules = concatLists [server shared]; + specialArgs = sharedArgs; + } + + { + host = "tatsumaki"; + inherit withSystem; + system = "aarch64-darwin"; + modules = [workstation] ++ concatLists [darwin shared]; specialArgs = sharedArgs; - }; - }) + } + ]) - (mapAttrs mkNixosIso { - lilith = { + (mkNixosIsos [ + { + host = "lilith"; system = "x86_64-linux"; + modules = [headless]; specialArgs = sharedArgs; - }; - }) + } + ]) ] diff --git a/hosts/hydra/default.nix b/hosts/hydra/default.nix index f49628ea4..1ef11540f 100644 --- a/hosts/hydra/default.nix +++ b/hosts/hydra/default.nix @@ -43,7 +43,7 @@ _: { wirelessBackend = "iwd"; tailscale = { - enable = true; + enable = false; isClient = true; }; }; diff --git a/hosts/images.nix b/hosts/images.nix deleted file mode 100644 index f3ac3020a..000000000 --- a/hosts/images.nix +++ /dev/null @@ -1,3 +0,0 @@ -{self, ...}: { - lilith = self.nixosConfigurations.lilith.config.system.build.isoImage; -} diff --git a/hosts/valkyrie/default.nix b/hosts/valkyrie/default.nix index 0a1efa7ee..ac955412b 100644 --- a/hosts/valkyrie/default.nix +++ b/hosts/valkyrie/default.nix @@ -2,7 +2,7 @@ config = { modules = { device = { - type = "lite"; + type = "wsl"; cpu = "intel"; gpu = null; hasTPM = true; diff --git a/lib/builders.nix b/lib/builders.nix index b62069420..57565cda8 100644 --- a/lib/builders.nix +++ b/lib/builders.nix @@ -5,13 +5,16 @@ }: let inherit (inputs) self; - # just an alias to nixpkgs.lib.nixosSystem + inherit (import ./hardware.nix {inherit lib;}) ldTernary; + + # mkSystem is a helper function that wraps lib.nixosSystem mkSystem = lib.nixosSystem; - # mkNixosSystem wraps mkSystem (or lib.nixosSystem) with flake-parts' withSystem to give us inputs' and self' from flake-parts + # mkNixSystem wraps mkSystem with flake-parts' withSystem to give us inputs' and self' from flake-parts # which can also be used as a template for nixos hosts with system type and modules to be imported with ease # specialArgs is also defined here to avoid defining them for each host - mkNixosSystem = host: { + mkNixSystem = { + host, modules, system, withSystem, @@ -21,22 +24,39 @@ inputs', self', ... - }: - mkSystem { + }: let + pkgs = inputs.nixpkgs.legacyPackages.${system}; + + mkSystem' = ldTernary pkgs mkSystem inputs.darwin.lib.darwinSystem; + # this is used to determin the target system and modules that are going to be needed + # for this specific system + target = ldTernary pkgs "nixosConfigurations" "darwinConfigurations"; + mod = ldTernary pkgs "nixosModules" "darwinModules"; + + hm = inputs.home-manager.${mod}.home-manager; + in { + ${target}.${args.host} = mkSystem' { inherit system; modules = [ - "${self}/hosts/${host}" - {config.modules.system.hostname = host;} + hm + "${self}/hosts/${args.host}" + {config.modules.system.hostname = args.host;} ] ++ args.modules or []; specialArgs = {inherit lib inputs self inputs' self';} // args.specialArgs or {}; - }); + }; + }); # mkIso is should be a set that extends mkSystem (again) with necessary modules to create an Iso image - # don't use mkNixosSystem as it is complelty overkill for an iso and will have too much data, we need a light weight image - mkNixosIso = host: {system, ...} @ args: - mkSystem { + # don't use mkNixSystem as it is complelty overkill for an iso and will have too much data, we need a light weight image + mkNixosIso = { + host, + system, + modules, + ... + } @ args: { + nixosConfigurations.${args.host} = mkSystem { inherit system; specialArgs = {inherit inputs lib self;} // args.specialArgs or {}; modules = @@ -44,10 +64,17 @@ # get an installer profile from nixpkgs to base the Isos off of "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/channel.nix" - "${self}/hosts/${host}" + "${self}/hosts/${args.host}" + + {config.networking.hostName = args.host;} ] ++ args.modules or []; }; + }; + + mkSystems = systems: lib.mkMerge (map mkNixSystem systems); + + mkNixosIsos = systems: lib.mkMerge (map mkNixosIso systems); in { - inherit mkSystem mkNixosSystem mkNixosIso; + inherit mkSystems mkNixosIsos; } diff --git a/lib/hardware.nix b/lib/hardware.nix index 315d1a3df..1536cb172 100644 --- a/lib/hardware.nix +++ b/lib/hardware.nix @@ -3,10 +3,20 @@ _: let # (isx86Linux pkgs) -> true isx86Linux = pkgs: with pkgs.stdenv; hostPlatform.isLinux && hostPlatform.isx86; + # ldTernary, short for linux darwin ternary, is a ternary operator that takes 3 arguments + # the pkgs used to determine the standard environment, l: the linux result, d: the darwin result + # https://github.com/nekowinston/dotfiles/blob/36f7f4a86af4d1ecd3d2da483585e4d2503a978a/machines/lib.nix#L32 + ldTernary = pkgs: l: d: + if pkgs.stdenv.isLinux + then l + else if pkgs.stdenv.isDarwin + then d + else throw "Unsupported system: ${pkgs.stdenv.system}"; + # assume the first monitor in the list of monitors is primary # get its name from the list of monitors # `primaryMonitor osConfig` -> "DP-1" primaryMonitor = config: builtins.elemAt config.modules.device.monitors 0; in { - inherit isx86Linux primaryMonitor; + inherit isx86Linux primaryMonitor ldTernary; } diff --git a/modules/base/default.nix b/modules/base/default.nix index eb150d806..dba0fc302 100644 --- a/modules/base/default.nix +++ b/modules/base/default.nix @@ -1,7 +1,8 @@ -_: { +{ imports = [ ./host # host configurations ./gaming # super cool procrastinations related things + ./options # options module, these allow for quick configuration ./secrets # shhh ./services # allows for per-system system services to be enabled ]; diff --git a/modules/base/host/activation/default.nix b/modules/base/host/activation/default.nix index 1fe12a53d..3d63ac405 100644 --- a/modules/base/host/activation/default.nix +++ b/modules/base/host/activation/default.nix @@ -1,13 +1,16 @@ { - config, - pkgs, lib, + pkgs, + config, ... -}: { +}: let + inherit (pkgs.stdenv) isDarwin; + inherit (lib) mkIf; +in { system.activationScripts = { # if system declares that it wants closure diffs, then run the diff script on activation # this is useless if you are using nh, which does this for you in a different way - diff = lib.mkIf config.modules.system.activation.diffGenerations { + diff = mkIf config.modules.system.activation.diffGenerations { supportsDryActivation = true; text = '' if [[ -e /run/current-system ]]; then @@ -18,11 +21,22 @@ ''; }; + # https://github.com/ryan4yin/nix-darwin-kickstarter/blob/main/minimal/modules/system.nix#L14-L19 + postUserActivation = mkIf isDarwin { + text = '' + # activateSettings -u will reload the settings from the database and apply them to the current session, + # so we do not need to logout and login again to make the changes take effect. + /System/Library/PrivateFrameworks/SystemAdministration.framework/Resources/activateSettings -u + ''; + }; + # https://github.com/colemickens/nixcfg/blob/main/mixins/ssh.nix # symlink root's ssh config to ours # to fix nix-daemon's ability to remote build since it sshs from the root account root_ssh_config = let - sshDir = "/home/${config.modules.system.mainUser}/.ssh"; + inherit (config.modules.system) mainUser; + + sshDir = "${config.users.users.${mainUser}.home}/.ssh"; in { text = '' ( diff --git a/modules/base/host/default.nix b/modules/base/host/default.nix index 4fbac4434..1dedc7c2c 100644 --- a/modules/base/host/default.nix +++ b/modules/base/host/default.nix @@ -4,10 +4,10 @@ _: { ./hardware # hardware - bluetooth etc. ./os # system configurations ./security # keeping the system safe + ./nix # all nix related configurations ./emulation.nix # emulation setup ./encryption.nix # keeping my stuff hidden from you strange people - ./nix.nix # nix the package manger options ./virtualization.nix # docker, QEMU, waydroid etc. ]; } diff --git a/modules/base/host/hardware/media/sound/default.nix b/modules/base/host/hardware/media/sound/default.nix index ed6bc1ec9..94514cb82 100644 --- a/modules/base/host/hardware/media/sound/default.nix +++ b/modules/base/host/hardware/media/sound/default.nix @@ -1,7 +1,7 @@ { lib, - config, pkgs, + config, inputs, ... }: let diff --git a/modules/base/host/nix/default.nix b/modules/base/host/nix/default.nix new file mode 100644 index 000000000..a9022ea45 --- /dev/null +++ b/modules/base/host/nix/default.nix @@ -0,0 +1,8 @@ +{ + imports = [ + ./environment.nix # environment settings that nix requires + ./nix.nix # nix the package manager's settings + ./nixpkgs.nix # nixpkgs configuration + ./system.nix # system settings that nix needs + ]; +} diff --git a/modules/base/host/nix/environment.nix b/modules/base/host/nix/environment.nix new file mode 100644 index 000000000..b27075719 --- /dev/null +++ b/modules/base/host/nix/environment.nix @@ -0,0 +1,20 @@ +{ + pkgs, + inputs, + ... +}: { + environment = { + etc = with inputs; { + # set channels (backwards compatibility) + "nix/flake-channels/system".source = self; + "nix/flake-channels/nixpkgs".source = nixpkgs; + "nix/flake-channels/home-manager".source = home-manager; + + # preserve current flake in /etc + "nixos/flake".source = self; + }; + + # git is reqired for flakes, and cachix for binary substituters + systemPackages = with pkgs; [git cachix]; + }; +} diff --git a/modules/base/host/nix.nix b/modules/base/host/nix/nix.nix similarity index 77% rename from modules/base/host/nix.nix rename to modules/base/host/nix/nix.nix index b297daec5..4b7101789 100644 --- a/modules/base/host/nix.nix +++ b/modules/base/host/nix/nix.nix @@ -1,69 +1,25 @@ { - config, - pkgs, lib, + pkgs, + config, inputs, - inputs', - self, ... -}: { - system = { - autoUpgrade.enable = false; - stateVersion = lib.mkDefault "23.05"; - }; - - environment = { - etc = with inputs; { - # set channels (backwards compatibility) - "nix/flake-channels/system".source = self; - "nix/flake-channels/nixpkgs".source = nixpkgs; - "nix/flake-channels/home-manager".source = home-manager; - - # preserve current flake in /etc - "nixos/flake".source = self; - }; - - # git is reqired for flakes, and cachix for binary substituters - systemPackages = with pkgs; [git cachix]; - }; - - nixpkgs = { - # pkgs = self.legacyPackages.${config.nixpkgs.system}; - - config = { - allowUnfree = true; - allowBroken = false; - allowUnsupportedSystem = true; - permittedInsecurePackages = ["electron-25.9.0"]; - }; - - overlays = [ - self.overlays.defaults - inputs.rust-overlay.overlays.default - inputs.catppuccin-vsc.overlays.default - - (_: _: { - nixSchemas = inputs'.nixSchemas.packages.default; - }) - ]; - }; +}: let + inherit (builtins) attrValues mapAttrs; + inherit (lib) filterAttrs mkForce ldTernary; - nix = let - mappedRegistry = lib.pipe inputs [ - (lib.filterAttrs (_: lib.isType "flake")) - (lib.mapAttrs (_: flake: {inherit flake;})) - (x: x // {nixpkgs.flake = inputs.nixpkgs;}) - ]; - in { + flakeInputs = filterAttrs (name: value: (value ? outputs) && (name != "self")) inputs; +in { + nix = { # https://github.com/nix-community/home-manager/issues/4692#issuecomment-1848832609 # package = pkgs.nixVersions.unstable; package = pkgs.nixVersions.nix_2_17; # pin the registry to avoid downloading and evaluating a new nixpkgs version everytime - registry = mappedRegistry; + registry = mapAttrs (_: v: {flake = v;}) flakeInputs; # We love legacy support (for now) - nixPath = lib.mapAttrsToList (key: _: "${key}=flake:${key}") config.nix.registry; + nixPath = ldTernary pkgs (attrValues (mapAttrs (k: v: "${k}=${v.outPath}") flakeInputs)) (mkForce (mapAttrs (_: v: v.outPath) flakeInputs)); # Make builds run with a low priority, keeping the system fast daemonCPUSchedPolicy = "idle"; @@ -91,11 +47,13 @@ min-free = "${toString (5 * 1024 * 1024 * 1024)}"; max-free = "${toString (20 * 1024 * 1024 * 1024)}"; # automatically optimise symlinks + # Disable auto-optimise-store because of this issue: + # https://github.com/NixOS/nix/issues/7273 auto-optimise-store = pkgs.stdenv.isLinux; # allow sudo users to mark the following values as trusted - allowed-users = ["root" "@wheel"]; + allowed-users = ["@wheel" "root" "isabel"]; # only allow sudo users to manage the nix store - trusted-users = ["@wheel"]; + trusted-users = ["@wheel" "root" "isabel"]; # let the system decide the number of max jobs max-jobs = "auto"; # build inside sandboxed environments diff --git a/modules/base/host/nix/nixpkgs.nix b/modules/base/host/nix/nixpkgs.nix new file mode 100644 index 000000000..b5be1b4ce --- /dev/null +++ b/modules/base/host/nix/nixpkgs.nix @@ -0,0 +1,27 @@ +{ + self, + inputs, + inputs', + ... +}: { + nixpkgs = { + # pkgs = self.legacyPackages.${config.nixpkgs.system}; + + config = { + allowUnfree = true; + allowBroken = false; + allowUnsupportedSystem = true; + permittedInsecurePackages = ["electron-25.9.0"]; + }; + + overlays = [ + self.overlays.defaults + inputs.rust-overlay.overlays.default + inputs.catppuccin-vsc.overlays.default + + (_: _: { + nixSchemas = inputs'.nixSchemas.packages.default; + }) + ]; + }; +} diff --git a/modules/base/host/nix/system.nix b/modules/base/host/nix/system.nix new file mode 100644 index 000000000..78a1dc61a --- /dev/null +++ b/modules/base/host/nix/system.nix @@ -0,0 +1,12 @@ +{ + lib, + pkgs, + ... +}: let + inherit (lib) mkDefault ldTernary; +in { + system = { + autoUpgrade.enable = false; + stateVersion = ldTernary pkgs (mkDefault "23.05") (mkDefault 4); + }; +} diff --git a/modules/base/host/os/boot/generic/default.nix b/modules/base/host/os/boot/generic/default.nix index ae6e5402f..0fe7e7cfb 100644 --- a/modules/base/host/os/boot/generic/default.nix +++ b/modules/base/host/os/boot/generic/default.nix @@ -117,19 +117,26 @@ in { # disable boot logo "logo.nologo" - # disable systemd status messages - # rd prefix means systemd-udev will be used instead of initrd - "rd.systemd.show_status=auto" - - # lower the udev log level to show only errors or worse - "rd.udev.log_level=3" - # disable the cursor in vt to get a black screen during intermissions "vt.global_cursor_default=0" ]) ++ (optionals sys.boot.silentBoot [ # tell the kernel to not be verbose, the voices are too loud "quite" + + # kernel log message level + "loglevel=3" # 1: sustem is unusable | 3: error condition | 7: very verbose + + # udev log message level + "udev.log_level=3" + + # lower the udev log level to show only errors or worse + "rd.udev.log_level=3" + + # disable systemd status messages + # rd prefix means systemd-udev will be used instead of initrd + "systemd.show_status=auto" + "rd.systemd.show_status=auto" ]); }; }; diff --git a/modules/base/host/os/environment/aliases.nix b/modules/base/host/os/environment/aliases.nix index 9d80fab46..3d09dfeb9 100644 --- a/modules/base/host/os/environment/aliases.nix +++ b/modules/base/host/os/environment/aliases.nix @@ -1,9 +1,16 @@ -{config, ...}: let +{ + lib, + pkgs, + config, + ... +}: let inherit (config.modules) system environment; in { environment.shellAliases = { - # nix stuff - rebuild = "nix-store --verify; sudo nixos-rebuild switch --flake ${environment.flakePath}#${system.hostname} --use-remote-sudo"; + rebuild = + lib.ldTernary pkgs + "nix-store --verify; sudo nixos-rebuild switch --flake ${environment.flakePath}#${system.hostname}" + "nix-store --verify; darwin-rebuild switch --flake ${environment.flakePath}#${system.hostname}"; nixclean = "sudo nix-collect-garbage --delete-older-than 3d && nix-collect-garbage -d"; nixrepair = "nix-store --verify --check-contents --repair"; }; diff --git a/modules/base/host/os/environment/paths.nix b/modules/base/host/os/environment/paths.nix index beb974ca7..30b7ecdab 100644 --- a/modules/base/host/os/environment/paths.nix +++ b/modules/base/host/os/environment/paths.nix @@ -1,5 +1,11 @@ -_: { +{ # enable completions for system packages # and other stuff - environment.pathsToLink = ["/share/zsh" "/share/nushell" "/share/fish" "/share/bash-completion" "/share/nix-direnv"]; + environment.pathsToLink = [ + "/share/zsh" + "/share/nushell" + "/share/fish" + "/share/bash-completion" + "/share/nix-direnv" + ]; } diff --git a/modules/base/host/os/networking/default.nix b/modules/base/host/os/networking/default.nix index 872533c9c..992b8eb56 100644 --- a/modules/base/host/os/networking/default.nix +++ b/modules/base/host/os/networking/default.nix @@ -40,7 +40,7 @@ in { usePredictableInterfaceNames = mkDefault true; # dns - nameservers = [ + nameservers = mkIf (dev.type != "wsl") [ "1.1.1.1" "1.0.0.1" "9.9.9.9" @@ -52,6 +52,10 @@ in { userControlled.enable = true; allowAuxiliaryImperativeNetworks = true; + extraConfig = '' + update_config=1 + ''; + # iwd iwd = { enable = wirelessBackend == "iwd"; diff --git a/modules/base/host/os/programs/default.nix b/modules/base/host/os/programs/default.nix index 8b197e17f..3aa04f63e 100644 --- a/modules/base/host/os/programs/default.nix +++ b/modules/base/host/os/programs/default.nix @@ -1,20 +1,20 @@ { - config, - pkgs, lib, + pkgs, + config, ... }: let inherit (lib) mkIf isModernShell; in { programs = { - bash = { - promptInit = mkIf (isModernShell config) '' - eval "$(${lib.getExe pkgs.starship} init bash)" - ''; - }; # less pager less.enable = true; + bash.promptInit = mkIf (isModernShell config) '' + eval "$(${lib.getExe pkgs.starship} init bash)" + ''; + fish.enable = true; + zsh.enable = pkgs.stdenv.isDarwin; }; } diff --git a/modules/base/host/os/users/isabel.nix b/modules/base/host/os/users/isabel.nix index 1f4be1540..8f2ffe7e8 100644 --- a/modules/base/host/os/users/isabel.nix +++ b/modules/base/host/os/users/isabel.nix @@ -4,41 +4,48 @@ lib, ... }: let - keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMQDiHbMSinj8twL9cTgPOfI6OMexrTZyHX27T8gnMj2 isabel@isabelroses.com'' - ]; + inherit (lib) ldTernary mkIf ifTheyExist; + inherit (pkgs.stdenv) isLinux; + + keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMQDiHbMSinj8twL9cTgPOfI6OMexrTZyHX27T8gnMj2 isabel@isabelroses.com"]; in { - boot.initrd.network.ssh.authorizedKeys = keys; + boot.initrd.network.ssh.authorizedKeys = mkIf isLinux keys; - users.users.isabel = { - isNormalUser = true; - extraGroups = - [ - "wheel" - "nix" - ] - ++ lib.ifTheyExist config [ - "network" - "networkmanager" - "systemd-journal" - "audio" - "video" - "input" - "plugdev" - "lp" - "tss" - "power" - "wireshark" - "mysql" - "docker" - "podman" - "git" - "libvirtd" - "cloudflared" - ]; - uid = 1000; - shell = pkgs.fish; - hashedPasswordFile = config.sops.secrets.user-isabel-password.path; - openssh.authorizedKeys.keys = keys; - }; + users.users.isabel = + { + hashedPasswordFile = config.sops.secrets.user-isabel-password.path; + openssh.authorizedKeys.keys = keys; + home = ldTernary pkgs "/home/isabel" "/Users/isabel"; + shell = ldTernary pkgs pkgs.fish pkgs.zsh; + } + // ( + ldTernary pkgs { + isNormalUser = true; + uid = 1000; + extraGroups = + [ + "wheel" + "nix" + ] + ++ ifTheyExist config [ + "network" + "networkmanager" + "systemd-journal" + "audio" + "video" + "input" + "plugdev" + "lp" + "tss" + "power" + "wireshark" + "mysql" + "docker" + "podman" + "git" + "libvirtd" + "cloudflared" + ]; + } {} + ); } diff --git a/modules/base/host/os/users/root.nix b/modules/base/host/os/users/root.nix index db37098b4..335d0be38 100644 --- a/modules/base/host/os/users/root.nix +++ b/modules/base/host/os/users/root.nix @@ -1,9 +1,14 @@ -{config, ...}: { - users.users.root = { +{ + lib, + pkgs, + config, + ... +}: { + users.users.root = lib.mkIf pkgs.stdenv.isLinux { hashedPasswordFile = config.sops.secrets.user-root-password.path; openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMQDiHbMSinj8twL9cTgPOfI6OMexrTZyHX27T8gnMj2'' + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMQDiHbMSinj8twL9cTgPOfI6OMexrTZyHX27T8gnMj2" ]; }; } diff --git a/modules/base/host/security/apparmor.nix b/modules/base/host/security/apparmor.nix new file mode 100644 index 000000000..83d66b102 --- /dev/null +++ b/modules/base/host/security/apparmor.nix @@ -0,0 +1,54 @@ +{ + config, + pkgs, + ... +}: { + services.dbus.apparmor = "disabled"; + + # apparmor configuration + security.apparmor = { + enable = true; + + # whether to enable the AppArmor cache + # in /var/cache/apparmore + enableCache = true; + + # whether to kill processes which have an AppArmor profile enabled + # but are not confined + killUnconfinedConfinables = true; + + # packages to be added to AppArmorโ€™s include path + packages = [pkgs.apparmor-profiles]; + + # apparmor policies + policies = { + "default_deny" = { + enforce = false; + enable = false; + profile = '' + profile default_deny /** { } + ''; + }; + + "sudo" = { + enforce = false; + enable = false; + profile = '' + ${pkgs.sudo}/bin/sudo { + file /** rwlkUx, + } + ''; + }; + + "nix" = { + enforce = false; + enable = false; + profile = '' + ${config.nix.package}/bin/nix { + unconfined, + } + ''; + }; + }; + }; +} diff --git a/modules/base/host/security/default.nix b/modules/base/host/security/default.nix index c866ca627..527820596 100644 --- a/modules/base/host/security/default.nix +++ b/modules/base/host/security/default.nix @@ -1,5 +1,6 @@ _: { imports = [ + ./apparmor.nix # apparmor ./auditd.nix # auditd ./clamav.nix # clamav antivirus ./kernel.nix # kernel hardening diff --git a/modules/base/host/security/kernel.nix b/modules/base/host/security/kernel.nix index 7ca381ec8..71e6f94c2 100644 --- a/modules/base/host/security/kernel.nix +++ b/modules/base/host/security/kernel.nix @@ -1,11 +1,10 @@ { config, lib, - pkgs, ... }: let sys = config.modules.system; - inherit (lib) optionals concatLists isx86Linux; + inherit (lib) mkIf optionals concatLists; in { security = { protectKernelImage = true; @@ -19,17 +18,10 @@ in { # Disable unprivileged user namespaces, unless containers are enabled unprivilegedUsernsClone = config.virtualisation.containers.enable; - - # apparmor configuration - apparmor = { - enable = isx86Linux pkgs; - killUnconfinedConfinables = true; - packages = [pkgs.apparmor-profiles]; - }; }; boot = { - kernel.sysctl = { + kernel.sysctl = mkIf (config.modules.device.type != "wsl") { # The Magic SysRq key is a key combo that allows users connected to the # system console of a Linux kernel to perform some low-level commands. # Disable it, since we don't need it, and is a potential security concern. diff --git a/modules/base/host/security/pam.nix b/modules/base/host/security/pam.nix index c80560e98..836ea477e 100644 --- a/modules/base/host/security/pam.nix +++ b/modules/base/host/security/pam.nix @@ -1,4 +1,4 @@ -_: { +{ security = { pam = { # fix "too many files open" errors while writing a lot of data at once diff --git a/modules/base/host/security/sudo.nix b/modules/base/host/security/sudo.nix index bd24b6351..24037903b 100644 --- a/modules/base/host/security/sudo.nix +++ b/modules/base/host/security/sudo.nix @@ -51,6 +51,10 @@ in { command = "${currentSystem}/sw/bin/nixos-rebuild"; options = ["NOPASSWD"]; } + { + command = "${currentSystem}/sw/bin/darwin-rebuild"; + options = ["NOPASSWD"]; + } { # let wheel group collect garbage without password command = "${currentSystem}/sw/bin/nix-collect-garbage"; diff --git a/modules/options/changed.nix b/modules/base/options/changed.nix similarity index 100% rename from modules/options/changed.nix rename to modules/base/options/changed.nix diff --git a/modules/options/default.nix b/modules/base/options/default.nix similarity index 100% rename from modules/options/default.nix rename to modules/base/options/default.nix diff --git a/modules/options/device/capabilities.nix b/modules/base/options/device/capabilities.nix similarity index 100% rename from modules/options/device/capabilities.nix rename to modules/base/options/device/capabilities.nix diff --git a/modules/options/device/default.nix b/modules/base/options/device/default.nix similarity index 92% rename from modules/options/device/default.nix rename to modules/base/options/device/default.nix index 5a9dd8b75..aa3fbd64b 100644 --- a/modules/options/device/default.nix +++ b/modules/base/options/device/default.nix @@ -1,4 +1,4 @@ -_: { +{ imports = [ ./capabilities.nix ./hardware.nix diff --git a/modules/options/device/hardware.nix b/modules/base/options/device/hardware.nix similarity index 92% rename from modules/options/device/hardware.nix rename to modules/base/options/device/hardware.nix index b4aac5f30..a8c5fb3ba 100644 --- a/modules/options/device/hardware.nix +++ b/modules/base/options/device/hardware.nix @@ -3,7 +3,7 @@ in { options.modules.device = { type = mkOption { - type = types.enum ["laptop" "desktop" "server" "hybrid" "lite" "vm"]; + type = types.enum ["laptop" "desktop" "server" "hybrid" "wsl" "lite" "vm"]; default = ""; }; diff --git a/modules/options/environment/default.nix b/modules/base/options/environment/default.nix similarity index 68% rename from modules/options/environment/default.nix rename to modules/base/options/environment/default.nix index 96d9b2a84..3a8742b60 100644 --- a/modules/options/environment/default.nix +++ b/modules/base/options/environment/default.nix @@ -1,21 +1,25 @@ { lib, + pkgs, config, ... }: let - inherit (lib) mkEnableOption mkOption types; + inherit (lib) ldTernary mkEnableOption mkOption types; + + inherit (config.modules.system) mainUser; + cfg = config.modules.environment; in { options.modules.environment = { useHomeManager = mkEnableOption "Whether to use home-manager or not." // {default = true;}; flakePath = mkOption { type = types.str; - default = "/home/${config.modules.system.mainUser}/.config/flake"; + default = ldTernary pkgs "/home/${mainUser}/.config/flake" "/Users/${mainUser}/.config/flake"; description = "The path to the configuration"; }; desktop = mkOption { - type = types.enum ["Hyprland" "Sway"]; + type = types.nullOr (types.enum ["Hyprland" "Sway"]); default = "Hyprland"; description = "The desktop environment to be used."; }; @@ -26,7 +30,11 @@ in { description = "The login manager to be used by the system."; }; - isWayland = mkEnableOption "Infered data based on the desktop environment." // {default = config.modules.environment.desktop == "Hyprland";}; + isWayland = + mkEnableOption "Infered data based on the desktop environment." + // { + default = cfg.desktop == "Hyprland" || cfg.desktop == "Sway"; + }; }; config.assertions = [ diff --git a/modules/options/programs/default.nix b/modules/base/options/programs/default.nix similarity index 100% rename from modules/options/programs/default.nix rename to modules/base/options/programs/default.nix diff --git a/modules/options/programs/defaults.nix b/modules/base/options/programs/defaults.nix similarity index 100% rename from modules/options/programs/defaults.nix rename to modules/base/options/programs/defaults.nix diff --git a/modules/options/programs/gaming.nix b/modules/base/options/programs/gaming.nix similarity index 100% rename from modules/options/programs/gaming.nix rename to modules/base/options/programs/gaming.nix diff --git a/modules/options/services/default.nix b/modules/base/options/services/default.nix similarity index 100% rename from modules/options/services/default.nix rename to modules/base/options/services/default.nix diff --git a/modules/options/system/activation.nix b/modules/base/options/system/activation.nix similarity index 100% rename from modules/options/system/activation.nix rename to modules/base/options/system/activation.nix diff --git a/modules/options/system/boot.nix b/modules/base/options/system/boot.nix similarity index 100% rename from modules/options/system/boot.nix rename to modules/base/options/system/boot.nix diff --git a/modules/options/system/default.nix b/modules/base/options/system/default.nix similarity index 71% rename from modules/options/system/default.nix rename to modules/base/options/system/default.nix index ab6fe7692..f413a80df 100644 --- a/modules/options/system/default.nix +++ b/modules/base/options/system/default.nix @@ -16,14 +16,23 @@ in { ./virtualization.nix ]; - options.modules.system = { - warnings = optionals (config.modules.system.users == []) [ + config.warnings = + (optionals (config.modules.system.fs == []) [ + '' + You have not added any filesystems to be supported by your system. You may end up with an unbootable system! + + Consider setting {option}`config.modules.system.fs` in your configuration + '' + ]) + ++ (optionals (config.modules.system.users == []) [ '' You have not added any users to be supported by your system. You may end up with an unbootable system! - Consider setting `config.modules.system.users` in your configuration + + Consider setting {option}`config.modules.system.users` in your configuration '' - ]; + ]); + options.modules.system = { mainUser = mkOption { type = types.enum config.modules.system.users; description = "The username of the main user for your system"; @@ -67,25 +76,14 @@ in { yubikeySupport = { enable = mkEnableOption "yubikey support"; deviceType = mkOption { - type = with types; nullOr enum ["NFC5" "nano"]; + type = with types; nullOr (enum ["NFC5" "nano"]); default = null; description = "A list of devices to enable Yubikey support for"; }; }; - sound = { - enable = mkEnableOption "sound"; - description = "Does the device have sound and its related programs be enabled"; - }; - - video = { - enable = mkEnableOption "video drivers"; - description = "Does the device allow for graphical programs"; - }; - - bluetooth = { - enable = mkEnableOption "bluetooth"; - description = "should the device load bluetooth drivers and enable blueman"; - }; + sound.enable = mkEnableOption "Does the device have sound and its related programs be enabled"; + video.enable = mkEnableOption "Does the device allow for graphical programs"; + bluetooth.enable = mkEnableOption "Should the device load bluetooth drivers and enable blueman"; }; } diff --git a/modules/options/system/emulation.nix b/modules/base/options/system/emulation.nix similarity index 100% rename from modules/options/system/emulation.nix rename to modules/base/options/system/emulation.nix diff --git a/modules/options/system/encryption.nix b/modules/base/options/system/encryption.nix similarity index 100% rename from modules/options/system/encryption.nix rename to modules/base/options/system/encryption.nix diff --git a/modules/options/system/networking.nix b/modules/base/options/system/networking.nix similarity index 97% rename from modules/options/system/networking.nix rename to modules/base/options/system/networking.nix index e171da5ed..6a8481e4a 100644 --- a/modules/options/system/networking.nix +++ b/modules/base/options/system/networking.nix @@ -23,8 +23,9 @@ in { tailscale = { enable = mkEnableOption "Tailscale VPN"; + defaultFlags = mkOption { - type = with types; list (list string); + type = with types; listOf str; default = ["--ssh"]; description = '' A list of command-line flags that will be passed to the Tailscale daemon on startup diff --git a/modules/options/system/printing.nix b/modules/base/options/system/printing.nix similarity index 100% rename from modules/options/system/printing.nix rename to modules/base/options/system/printing.nix diff --git a/modules/options/system/security.nix b/modules/base/options/system/security.nix similarity index 100% rename from modules/options/system/security.nix rename to modules/base/options/system/security.nix diff --git a/modules/options/system/virtualization.nix b/modules/base/options/system/virtualization.nix similarity index 100% rename from modules/options/system/virtualization.nix rename to modules/base/options/system/virtualization.nix diff --git a/modules/base/options/themes/default.nix b/modules/base/options/themes/default.nix new file mode 100644 index 000000000..70e6666ba --- /dev/null +++ b/modules/base/options/themes/default.nix @@ -0,0 +1,33 @@ +{ + lib, + pkgs, + ... +}: let + inherit (lib) mkOption mkEnableOption types; +in { + imports = [./gtk.nix ./qt.nix]; + options.modules.style = { + forceGtk = mkEnableOption "Force GTK applications to use the GTK theme"; + useKvantum = mkEnableOption "Use Kvantum to theme QT applications"; + + pointerCursor = { + name = mkOption { + type = types.str; + description = "The name of the cursor inside the package"; + default = "Catppuccin-Mocha-Dark-Cursors"; + }; + + package = mkOption { + type = types.package; + description = "The package providing the cursors"; + default = pkgs.catppuccin-cursors.mochaDark; + }; + + size = mkOption { + type = types.int; + description = "The size of the cursor"; + default = 24; + }; + }; + }; +} diff --git a/modules/base/options/themes/gtk.nix b/modules/base/options/themes/gtk.nix new file mode 100644 index 000000000..d8baeb558 --- /dev/null +++ b/modules/base/options/themes/gtk.nix @@ -0,0 +1,62 @@ +{ + lib, + pkgs, + ... +}: let + inherit (lib) mkOption mkEnableOption types; +in { + options.modules.style.gtk = { + enable = mkEnableOption "GTK theming optionss"; + usePortal = mkEnableOption "native desktop portal use for filepickers"; + + theme = { + name = mkOption { + type = types.str; + default = "Catppuccin-Mocha-Standard-Sapphire-Dark"; + description = "The name for the GTK theme package"; + }; + + package = mkOption { + type = types.package; + description = "The theme package to be used for GTK programs"; + default = pkgs.catppuccin-gtk.override { + size = "standard"; + accents = ["sapphire"]; + variant = "mocha"; + tweaks = ["normal"]; + }; + }; + }; + + iconTheme = { + name = mkOption { + type = types.str; + description = "The name for the icon theme that will be used for GTK programs"; + default = "Papirus-Dark"; + }; + + package = mkOption { + type = types.package; + description = "The GTK icon theme to be used"; + default = pkgs.catppuccin-papirus-folders.override { + accent = "sapphire"; + flavor = "mocha"; + }; + }; + }; + + font = { + name = mkOption { + type = types.str; + description = "The name of the font that will be used for GTK applications"; + default = "RobotoMono Nerd Font Regular"; + }; + + size = mkOption { + type = types.int; + description = "The size of the font"; + default = 14; + }; + }; + }; +} diff --git a/modules/options/themes/qt.nix b/modules/base/options/themes/qt.nix similarity index 100% rename from modules/options/themes/qt.nix rename to modules/base/options/themes/qt.nix diff --git a/modules/base/services/dev/wakapi.nix b/modules/base/services/dev/wakapi.nix index 8f1339af1..444dd2165 100644 --- a/modules/base/services/dev/wakapi.nix +++ b/modules/base/services/dev/wakapi.nix @@ -1,7 +1,8 @@ { - config, - pkgs, lib, + pkgs, + self, + config, ... }: let inherit (lib) mkIf template; @@ -9,6 +10,8 @@ rdomain = config.networking.domain; cfg = config.modules.services.dev.wakapi; in { + imports = [self.nixosModules.wakapi]; + config = mkIf cfg.enable { modules.services = { networking.nginx.enable = true; diff --git a/modules/extra/darwin/default.nix b/modules/extra/darwin/default.nix new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/modules/extra/darwin/default.nix @@ -0,0 +1 @@ +{} diff --git a/modules/extra/default.nix b/modules/extra/default.nix index 8e403dbe3..220fe13b0 100644 --- a/modules/extra/default.nix +++ b/modules/extra/default.nix @@ -1,6 +1,7 @@ { imports = [ ./nixos + ./darwin ./home-manager ]; } diff --git a/modules/extra/home-manager/default.nix b/modules/extra/home-manager/default.nix index 0967ef424..aa72d9913 100644 --- a/modules/extra/home-manager/default.nix +++ b/modules/extra/home-manager/default.nix @@ -1 +1,5 @@ -{} +{ + imports = [ + ./gtklock.nix + ]; +} diff --git a/modules/extra/home-manager/gtklock/default.nix b/modules/extra/home-manager/gtklock.nix similarity index 100% rename from modules/extra/home-manager/gtklock/default.nix rename to modules/extra/home-manager/gtklock.nix diff --git a/modules/extra/nixos/default.nix b/modules/extra/nixos/default.nix index 32b1dff3b..62a9ab2af 100644 --- a/modules/extra/nixos/default.nix +++ b/modules/extra/nixos/default.nix @@ -1,5 +1,5 @@ -_: { +{ imports = [ - ./wakapi + ./wakapi.nix ]; } diff --git a/modules/extra/nixos/wakapi/default.nix b/modules/extra/nixos/wakapi.nix similarity index 97% rename from modules/extra/nixos/wakapi/default.nix rename to modules/extra/nixos/wakapi.nix index 9f227e962..e359dce5f 100644 --- a/modules/extra/nixos/wakapi/default.nix +++ b/modules/extra/nixos/wakapi.nix @@ -10,7 +10,7 @@ group = config.users.groups.wakapi.name; settingsFormat = pkgs.formats.yaml {}; - inherit (lib) mkOption mkEnableOption mkPackageOption types mkIf optional mkMerge mkDoc mkDefault singleton; + inherit (lib) mkOption mkEnableOption mkPackageOption types mkIf optional mkMerge mkDefault singleton; settingsFile = settingsFormat.generate "wakapi-settings" cfg.settings; @@ -75,7 +75,7 @@ assertions = [ { assertion = cfg.passwordSalt != null || cfg.passwordSaltFile != null; - message = "Either `passwordSalt` or `passwordSaltFile` must be set."; + message = "Either `services.wakapi.passwordSalt` or `services.wakapi.passwordSaltFile` must be set."; } { assertion = cfg.smtpPassword != null -> cfg.smtpPasswordFile != null; @@ -217,7 +217,7 @@ in { settings = mkOption { inherit (settingsFormat) type; default = {}; - description = mkDoc '' + description = '' Settings for Wakapi. See [config.default.yml](https://github.com/muety/wakapi/blob/master/config.default.yml) for a list of all possible options. diff --git a/modules/options/themes/default.nix b/modules/options/themes/default.nix deleted file mode 100644 index bcff091e3..000000000 --- a/modules/options/themes/default.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - lib, - pkgs, - config, - ... -}: let - inherit (lib) mkOption mkEnableOption types; - cfg = config.modules.style; -in { - imports = [./gtk.nix ./qt.nix]; - options = { - modules = { - style = { - forceGtk = mkEnableOption "Force GTK applications to use the GTK theme"; - useKvantum = mkEnableOption "Use Kvantum to theme QT applications"; - - # choose a colorscheme - colorScheme = { - # "Name Of The Scheme" - name = mkOption { - type = with types; nullOr (enum ["Catppuccin Mocha" "Tokyo Night"]); - description = "The colorscheme that should be used globally to theme your system."; - default = "Catppuccin Mocha"; - }; - - # "name-of-the-scheme" - slug = mkOption { - type = types.str; - default = lib.serializeTheme "${cfg.colorScheme.name}"; - description = '' - The serialized slug for the colorScheme you are using. Defaults to a lowercased version of the theme name with spaces - replaced with hyphens. Only change if the slug is expected to be different." - ''; - }; - }; - - pointerCursor = { - package = mkOption { - type = types.package; - description = "The package providing the cursors"; - default = pkgs.catppuccin-cursors.mochaDark; - }; - - name = mkOption { - type = types.str; - description = "The name of the cursor inside the package"; - default = "Catppuccin-Mocha-Dark-Cursors"; - }; - - size = mkOption { - type = types.int; - description = "The size of the cursor"; - default = 24; - }; - }; - }; - }; - }; -} diff --git a/modules/options/themes/gtk.nix b/modules/options/themes/gtk.nix deleted file mode 100644 index 0501f5d15..000000000 --- a/modules/options/themes/gtk.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ - lib, - pkgs, - ... -}: let - inherit (lib) mkOption mkEnableOption types; -in { - options = { - modules = { - style = { - gtk = { - enable = mkEnableOption "GTK theming optionss"; - usePortal = mkEnableOption "native desktop portal use for filepickers"; - - theme = { - name = mkOption { - type = types.str; - default = "Catppuccin-Mocha-Standard-Sapphire-Dark"; - description = "The name for the GTK theme package"; - }; - - package = mkOption { - type = types.package; - description = "The theme package to be used for GTK programs"; - default = pkgs.catppuccin-gtk.override { - size = "standard"; - accents = ["sapphire"]; - variant = "mocha"; - tweaks = ["normal"]; - }; - }; - }; - - iconTheme = { - name = mkOption { - type = types.str; - description = "The name for the icon theme that will be used for GTK programs"; - default = "Papirus-Dark"; - }; - - package = mkOption { - type = types.package; - description = "The GTK icon theme to be used"; - default = pkgs.catppuccin-papirus-folders.override { - accent = "sapphire"; - flavor = "mocha"; - }; - }; - }; - - font = { - name = mkOption { - type = types.str; - description = "The name of the font that will be used for GTK applications"; - default = "RobotoMono Nerd Font Regular"; - }; - - size = mkOption { - type = types.int; - description = "The size of the font"; - default = 14; - }; - }; - }; - }; - }; - }; -} diff --git a/modules/profiles/laptop/adb.nix b/modules/profiles/hardware/laptop/adb.nix similarity index 100% rename from modules/profiles/laptop/adb.nix rename to modules/profiles/hardware/laptop/adb.nix diff --git a/modules/profiles/laptop/default.nix b/modules/profiles/hardware/laptop/default.nix similarity index 100% rename from modules/profiles/laptop/default.nix rename to modules/profiles/hardware/laptop/default.nix diff --git a/modules/profiles/laptop/power/default.nix b/modules/profiles/hardware/laptop/power/default.nix similarity index 100% rename from modules/profiles/laptop/power/default.nix rename to modules/profiles/hardware/laptop/power/default.nix diff --git a/modules/profiles/laptop/power/plugged.nix b/modules/profiles/hardware/laptop/power/plugged.nix similarity index 100% rename from modules/profiles/laptop/power/plugged.nix rename to modules/profiles/hardware/laptop/power/plugged.nix diff --git a/modules/profiles/laptop/power/tlp.nix b/modules/profiles/hardware/laptop/power/tlp.nix similarity index 100% rename from modules/profiles/laptop/power/tlp.nix rename to modules/profiles/hardware/laptop/power/tlp.nix diff --git a/modules/profiles/laptop/touchpad.nix b/modules/profiles/hardware/laptop/touchpad.nix similarity index 100% rename from modules/profiles/laptop/touchpad.nix rename to modules/profiles/hardware/laptop/touchpad.nix diff --git a/modules/profiles/server/default.nix b/modules/profiles/hardware/server/default.nix similarity index 66% rename from modules/profiles/server/default.nix rename to modules/profiles/hardware/server/default.nix index 57a36a0aa..fd666d096 100644 --- a/modules/profiles/server/default.nix +++ b/modules/profiles/hardware/server/default.nix @@ -1,5 +1,5 @@ _: { imports = [ - ./system + ./users ]; } diff --git a/modules/profiles/server/system/users/default.nix b/modules/profiles/hardware/server/users/default.nix similarity index 100% rename from modules/profiles/server/system/users/default.nix rename to modules/profiles/hardware/server/users/default.nix diff --git a/modules/profiles/server/system/users/git.nix b/modules/profiles/hardware/server/users/git.nix similarity index 100% rename from modules/profiles/server/system/users/git.nix rename to modules/profiles/hardware/server/users/git.nix diff --git a/modules/profiles/wsl/default.nix b/modules/profiles/hardware/wsl/default.nix similarity index 68% rename from modules/profiles/wsl/default.nix rename to modules/profiles/hardware/wsl/default.nix index c9c9e71a3..c2149e56d 100644 --- a/modules/profiles/wsl/default.nix +++ b/modules/profiles/hardware/wsl/default.nix @@ -14,7 +14,11 @@ in { startMenuLaunchers = true; }; - services.smartd.enable = mkForce false; # Unavailable - device lacks SMART capability. + services = { + smartd.enable = mkForce false; # Unavailable - device lacks SMART capability. + xserver.enable = mkForce false; + }; + networking.tcpcrypt.enable = mkForce false; }; } diff --git a/modules/profiles/meta/darwin/brew/default.nix b/modules/profiles/meta/darwin/brew/default.nix new file mode 100644 index 000000000..2cb6dd6d1 --- /dev/null +++ b/modules/profiles/meta/darwin/brew/default.nix @@ -0,0 +1,39 @@ +{ + imports = [./environment.nix]; + + config = { + # homebrew need to be installed manually, see https://brew.sh + # The apps installed by homebrew are not managed by nix, and not reproducible! + homebrew = { + enable = true; + caskArgs.require_sha = true; + + onActivation = { + autoUpdate = true; + upgrade = true; + # 'zap': uninstalls all formulae(and related files) not listed here. + cleanup = "zap"; + }; + + # TODO: put pkgs here + + # Applications to install from Mac App Store using mas. + # You need to install all these Apps manually first so that your apple account have records for them. + # otherwise Apple Store will refuse to install them. + # For details, see https://github.com/mas-cli/mas + masApps = {}; + + taps = [ + "homebrew/cask" + ]; + + # `brew install` + brews = [ + "m-cli" + ]; + + # `brew install --cask` + casks = []; + }; + }; +} diff --git a/modules/profiles/meta/darwin/brew/environment.nix b/modules/profiles/meta/darwin/brew/environment.nix new file mode 100644 index 000000000..ccc3f6eff --- /dev/null +++ b/modules/profiles/meta/darwin/brew/environment.nix @@ -0,0 +1,9 @@ +{config, ...}: { + environment = { + variables = { + HOMEBREW_NO_ANALYTICS = "1"; + }; + + systemPath = [config.homebrew.brewPrefix]; + }; +} diff --git a/modules/profiles/meta/darwin/config.nix b/modules/profiles/meta/darwin/config.nix new file mode 100644 index 000000000..82ef68507 --- /dev/null +++ b/modules/profiles/meta/darwin/config.nix @@ -0,0 +1,67 @@ +# All the configuration options are documented here: https://daiderd.com/nix-darwin/manual/index.html#sec-options +# Incomplete list of macOS `defaults` commands: https://macos-defaults.com/ +{ + system.defaults = { + menuExtraClock = { + Show24Hour = false; # show 24 hour clock + IsAnalog = false; # show digital clock + ShowAMPM = true; # show AM/PM + ShowDate = 2; # 0 = Show the date 1 = Donโ€™t show 2 = Donโ€™t show (theres a todo marked for the diffrence between 1 and 2 upstream) + ShowDayOfMonth = false; # show day of month + ShowDayOfWeek = false; # show day of week + ShowSeconds = false; # show seconds + }; + + dock = { + autohide = true; + autohide-delay = 0; # autohide delay + autohide-time-modifier = 0; # autohide animation duration + show-recents = false; # disable recent apps + + # customize Hot Corners + wvous-tl-corner = 2; # top-left - Mission Control + wvous-tr-corner = 13; # top-right - Lock Screen + wvous-bl-corner = 3; # bottom-left - Application Windows + wvous-br-corner = 4; # bottom-right - Desktop + }; + + finder = { + _FXShowPosixPathInTitle = true; # show full path in finder title + FXRemoveOldTrashItems = true; # remove items from trash after 30 days + AppleShowAllExtensions = true; # show all file extensions + AppleShowAllFiles = true; # show hidden files + FXEnableExtensionChangeWarning = false; # disable warning when changing file extension + QuitMenuItem = true; # hide the quit button on finder + ShowPathbar = true; # show path bar + ShowStatusBar = true; # show status bar + + # cusomize the desktop + CreateDesktop = false; # disable icons on the desktop + }; + + NSGlobalDomain = { + "com.apple.swipescrolldirection" = false; # enable natural scrolling + "com.apple.sound.beep.feedback" = 0; # disable beep sound when pressing volume up/down key + "com.apple.sound.beep.volume" = 0; # disable beep sound + "com.apple.keyboard.fnState" = true; # use function keys as standard function keys + AppleInterfaceStyle = "Dark"; # dark mode + AppleKeyboardUIMode = 3; # Mode 3 enables full keyboard control. + ApplePressAndHoldEnabled = true; # enable press and hold + + # If you press and hold certain keyboard keys when in a text area, the keyโ€™s character begins to repeat. + # This is very useful for vim users, they use `hjkl` to move cursor. + # sets how long it takes before it starts repeating. + InitialKeyRepeat = 15; # normal minimum is 15 (225 ms), maximum is 120 (1800 ms) + # sets how fast it repeats once it starts. + KeyRepeat = 3; # normal minimum is 2 (30 ms), maximum is 120 (1800 ms) + + NSAutomaticCapitalizationEnabled = false; # disable auto capitalization + NSAutomaticDashSubstitutionEnabled = false; # disable auto dash substitution + NSAutomaticPeriodSubstitutionEnabled = false; # disable auto period substitution + NSAutomaticQuoteSubstitutionEnabled = false; # disable auto quote substitution + NSAutomaticSpellingCorrectionEnabled = false; # disable auto spelling correction + NSNavPanelExpandedStateForSaveMode = true; # expand save panel by default + NSNavPanelExpandedStateForSaveMode2 = true; # ^ + }; + }; +} diff --git a/modules/profiles/meta/darwin/default.nix b/modules/profiles/meta/darwin/default.nix new file mode 100644 index 000000000..e1054e5f6 --- /dev/null +++ b/modules/profiles/meta/darwin/default.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ./brew # homebrew the package manager + ./services # services exclusive to nix-darwin + + ./config.nix # native nix-darwin configuration + ./non-native.nix # functionality not provided by nix-darwin + ./security.nix # security settings + ]; +} diff --git a/modules/profiles/meta/darwin/hardware/default.nix b/modules/profiles/meta/darwin/hardware/default.nix new file mode 100644 index 000000000..df4d2ab33 --- /dev/null +++ b/modules/profiles/meta/darwin/hardware/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ./keyboard.nix + ./trackpad.nix + ]; +} diff --git a/modules/profiles/meta/darwin/hardware/keyboard.nix b/modules/profiles/meta/darwin/hardware/keyboard.nix new file mode 100644 index 000000000..f6504dda6 --- /dev/null +++ b/modules/profiles/meta/darwin/hardware/keyboard.nix @@ -0,0 +1,17 @@ +{ + # keyboard settings is not very useful on macOS + # the most important thing is to remap option key to alt key globally, + # but it's not supported by macOS yet. + system.defaults.keyboard = { + enableKeyMapping = true; # enable key mapping so that we can use `option` as `control` + + # NOTE: do NOT support remap capslock to both control and escape at the same time + remapCapsLockToControl = false; # remap caps lock to control + remapCapsLockToEscape = true; # remap caps lock to escape + + # swap left command and left alt + # so it matches common keyboard layout: `ctrl | command | alt` + # disabled as it only causes problems + swapLeftCommandAndLeftAlt = false; + }; +} diff --git a/modules/profiles/meta/darwin/hardware/trackpad.nix b/modules/profiles/meta/darwin/hardware/trackpad.nix new file mode 100644 index 000000000..9fef4b490 --- /dev/null +++ b/modules/profiles/meta/darwin/hardware/trackpad.nix @@ -0,0 +1,7 @@ +{ + system.defaults.trackpad = { + Clicking = true; # enable tap to click + TrackpadRightClick = true; # enable two finger right click + TrackpadThreeFingerDrag = true; # enable three finger drag + }; +} diff --git a/modules/profiles/meta/darwin/non-native.nix b/modules/profiles/meta/darwin/non-native.nix new file mode 100644 index 000000000..9422502ce --- /dev/null +++ b/modules/profiles/meta/darwin/non-native.nix @@ -0,0 +1,57 @@ +{ + # Customize settings that not supported by nix-darwin directly + # see the source code of this project to get more undocumented options: + # https://github.com/rgcr/m-cli + # + # All custom entries can be found by running `defaults read` command. + # or `defaults read xxx` to read a specific domain. + system.defaults.CustomUserPreferences = { + NSGlobalDomain = { + # Add a context menu item for showing the Web Inspector in web views + WebKitDeveloperExtras = true; + }; + "com.apple.finder" = { + ShowExternalHardDrivesOnDesktop = true; + ShowHardDrivesOnDesktop = true; + ShowMountedServersOnDesktop = true; + ShowRemovableMediaOnDesktop = true; + _FXSortFoldersFirst = true; + # When performing a search, search the current folder by default + FXDefaultSearchScope = "SCcf"; + }; + "com.apple.desktopservices" = { + # Avoid creating .DS_Store files on network or USB volumes + DSDontWriteNetworkStores = true; + DSDontWriteUSBStores = true; + }; + "com.apple.spaces" = { + "spans-displays" = 0; # Display have seperate spaces + }; + "com.apple.WindowManager" = { + EnableStandardClickToShowDesktop = 0; # Click wallpaper to reveal desktop + StandardHideDesktopIcons = 0; # Show items on desktop + HideDesktop = 0; # Do not hide items on desktop & stage manager + StageManagerHideWidgets = 0; + StandardHideWidgets = 0; + }; + "com.apple.screensaver" = { + # Require password immediately after sleep or screen saver begins + askForPassword = 1; + askForPasswordDelay = 0; + }; + "com.apple.screencapture" = { + location = "~/media/pictures/screenshots"; + type = "png"; + }; + "com.apple.AdLib" = { + allowApplePersonalizedAdvertising = false; + }; + # Prevent Photos from opening automatically when devices are plugged in + "com.apple.ImageCapture".disableHotPlug = true; + }; + + loginwindow = { + GuestEnabled = false; # disable guest user + SHOWFULLNAME = true; # show full name in login window + }; +} diff --git a/modules/profiles/meta/darwin/security.nix b/modules/profiles/meta/darwin/security.nix new file mode 100644 index 000000000..12f20cdb5 --- /dev/null +++ b/modules/profiles/meta/darwin/security.nix @@ -0,0 +1,3 @@ +{ + security.pam.enableSudoTouchIdAuth = true; +} diff --git a/modules/profiles/meta/darwin/services/default.nix b/modules/profiles/meta/darwin/services/default.nix new file mode 100644 index 000000000..be0590720 --- /dev/null +++ b/modules/profiles/meta/darwin/services/default.nix @@ -0,0 +1,3 @@ +{ + imports = [./yabai.nix]; +} diff --git a/modules/profiles/meta/darwin/services/yabai.nix b/modules/profiles/meta/darwin/services/yabai.nix new file mode 100644 index 000000000..ae5988f7c --- /dev/null +++ b/modules/profiles/meta/darwin/services/yabai.nix @@ -0,0 +1,46 @@ +{ + # addopted from https://github.com/nekowinston/dotfiles/blob/36f7f4a86af4d1ecd3d2da483585e4d2503a978a/machines/common/darwin/default.nix + # at least until I figure out how I prefer it + services.yabai = { + enable = true; + enableScriptingAddition = true; + + logFile = "/var/tmp/yabai.log"; + + config = { + auto_balance = "off"; + focus_follows_mouse = "off"; + layout = "bsp"; + mouse_drop_action = "swap"; + mouse_follows_focus = "off"; + window_animation_duration = "0.0"; + window_gap = 5; + left_padding = 5; + right_padding = 5; + top_padding = 5; + bottom_padding = 5; + window_origin_display = "default"; + window_placement = "second_child"; + window_shadow = "float"; + }; + + extraConfig = let + rule = "yabai -m rule --add"; + ignored = app: builtins.concatStringsSep "\n" (map (e: ''${rule} app="${e}" manage=off sticky=off layer=above'') app); + unmanaged = app: builtins.concatStringsSep "\n" (map (e: ''${rule} app="${e}" manage=off'') app); + in '' + # auto-inject scripting additions + yabai -m signal --add event=dock_did_restart action="sudo yabai --load-sa" + sudo yabai --load-sa + + ${ignored ["JetBrains Toolbox" "Sip" "iStat Menus"]} + ${unmanaged ["Steam" "System Settings"]} + yabai -m rule --add label="Finder" app="^Finder$" title="(Co(py|nnect)|Move|Info|Pref)" manage=off + yabai -m rule --add label="Safari" app="^Safari$" title="^(General|(Tab|Password|Website|Extension)s|AutoFill|Se(arch|curity)|Privacy|Advance)$" manage=off + + # etc. + ${rule} manage=off app="CleanShot" + ${rule} manage=off sticky=on app="OBS Studio" + ''; + }; +} diff --git a/modules/profiles/server/system/default.nix b/modules/profiles/meta/headless/default.nix similarity index 52% rename from modules/profiles/server/system/default.nix rename to modules/profiles/meta/headless/default.nix index 1e0b005e3..3bcf9f084 100644 --- a/modules/profiles/server/system/default.nix +++ b/modules/profiles/meta/headless/default.nix @@ -1,8 +1,9 @@ -_: { +{ imports = [ - ./users - ./environment.nix ./systemd.nix + ./documentation.nix + ./fonts.nix + ./xdg.nix ]; } diff --git a/modules/profiles/meta/headless/documentation.nix b/modules/profiles/meta/headless/documentation.nix new file mode 100644 index 000000000..d5068a159 --- /dev/null +++ b/modules/profiles/meta/headless/documentation.nix @@ -0,0 +1,17 @@ +{lib, ...}: let + inherit (lib) mkForce mapAttrs; +in { + documentation = mapAttrs (_: mkForce) { + enable = false; + dev.enable = false; + doc.enable = false; + info.enable = false; + nixos.enable = false; + man = { + enable = false; + generateCaches = false; + man-db.enable = false; + mandoc.enable = false; + }; + }; +} diff --git a/modules/profiles/server/system/environment.nix b/modules/profiles/meta/headless/environment.nix similarity index 98% rename from modules/profiles/server/system/environment.nix rename to modules/profiles/meta/headless/environment.nix index 81ee97390..89418be66 100644 --- a/modules/profiles/server/system/environment.nix +++ b/modules/profiles/meta/headless/environment.nix @@ -1,4 +1,4 @@ -_: { +{ environment = { # normally we wouldn't need any Xlibs on a headless server but for whatever reason # this affects whether or not some programs can build - such as pipewire diff --git a/modules/profiles/meta/headless/fonts.nix b/modules/profiles/meta/headless/fonts.nix new file mode 100644 index 000000000..352ce398d --- /dev/null +++ b/modules/profiles/meta/headless/fonts.nix @@ -0,0 +1,5 @@ +{lib, ...}: { + # we don't need fontconfig on a server + # since there are no fonts to be configured outside the console + fonts.fontconfig.enable = lib.mkDefault false; +} diff --git a/modules/profiles/meta/headless/services.nix b/modules/profiles/meta/headless/services.nix new file mode 100644 index 000000000..67c7e67c5 --- /dev/null +++ b/modules/profiles/meta/headless/services.nix @@ -0,0 +1,5 @@ +{ + # a headless system shoudld not mount any removable media + # without explicit user action + services.udisks2.enable = false; +} diff --git a/modules/profiles/server/system/systemd.nix b/modules/profiles/meta/headless/systemd.nix similarity index 99% rename from modules/profiles/server/system/systemd.nix rename to modules/profiles/meta/headless/systemd.nix index e222280a3..4b1281e1d 100644 --- a/modules/profiles/server/system/systemd.nix +++ b/modules/profiles/meta/headless/systemd.nix @@ -1,4 +1,4 @@ -_: { +{ # https://github.com/numtide/srvos/blob/main/nixos/server/default.nix systemd = { # given that our systems are headless, emergency mode is useless. diff --git a/modules/profiles/meta/headless/xdg.nix b/modules/profiles/meta/headless/xdg.nix new file mode 100644 index 000000000..490309c96 --- /dev/null +++ b/modules/profiles/meta/headless/xdg.nix @@ -0,0 +1,11 @@ +{lib, ...}: let + inherit (lib) mkForce mapAttrs; +in { + xdg = mapAttrs (_: mkForce) { + sounds.enable = false; + mime.enable = false; + menus.enable = false; + icons.enable = false; + autostart.enable = false; + }; +} diff --git a/modules/profiles/workstation/default.nix b/modules/profiles/meta/workstation/default.nix similarity index 100% rename from modules/profiles/workstation/default.nix rename to modules/profiles/meta/workstation/default.nix diff --git a/modules/profiles/workstation/programs/ccache.nix b/modules/profiles/meta/workstation/programs/ccache.nix similarity index 100% rename from modules/profiles/workstation/programs/ccache.nix rename to modules/profiles/meta/workstation/programs/ccache.nix diff --git a/modules/profiles/workstation/programs/cli.nix b/modules/profiles/meta/workstation/programs/cli.nix similarity index 100% rename from modules/profiles/workstation/programs/cli.nix rename to modules/profiles/meta/workstation/programs/cli.nix diff --git a/modules/profiles/workstation/programs/default.nix b/modules/profiles/meta/workstation/programs/default.nix similarity index 100% rename from modules/profiles/workstation/programs/default.nix rename to modules/profiles/meta/workstation/programs/default.nix diff --git a/modules/profiles/workstation/programs/flatpak.nix b/modules/profiles/meta/workstation/programs/flatpak.nix similarity index 100% rename from modules/profiles/workstation/programs/flatpak.nix rename to modules/profiles/meta/workstation/programs/flatpak.nix diff --git a/modules/profiles/workstation/programs/gui.nix b/modules/profiles/meta/workstation/programs/gui.nix similarity index 100% rename from modules/profiles/workstation/programs/gui.nix rename to modules/profiles/meta/workstation/programs/gui.nix diff --git a/modules/profiles/workstation/programs/xdg.nix b/modules/profiles/meta/workstation/programs/xdg.nix similarity index 100% rename from modules/profiles/workstation/programs/xdg.nix rename to modules/profiles/meta/workstation/programs/xdg.nix diff --git a/modules/profiles/workstation/services/default.nix b/modules/profiles/meta/workstation/services/default.nix similarity index 100% rename from modules/profiles/workstation/services/default.nix rename to modules/profiles/meta/workstation/services/default.nix diff --git a/modules/profiles/workstation/services/gnome.nix b/modules/profiles/meta/workstation/services/gnome.nix similarity index 89% rename from modules/profiles/workstation/services/gnome.nix rename to modules/profiles/meta/workstation/services/gnome.nix index 859eb4163..3dc838a61 100644 --- a/modules/profiles/workstation/services/gnome.nix +++ b/modules/profiles/meta/workstation/services/gnome.nix @@ -5,7 +5,7 @@ ... }: let inherit (config.modules) device; - acceptedTypes = ["desktop" "laptop" "hybrid" "lite"]; + acceptedTypes = ["desktop" "laptop" "wsl" "hybrid" "lite"]; in { config = lib.mkIf (builtins.elem device.type acceptedTypes) { services = { diff --git a/modules/profiles/workstation/services/location.nix b/modules/profiles/meta/workstation/services/location.nix similarity index 100% rename from modules/profiles/workstation/services/location.nix rename to modules/profiles/meta/workstation/services/location.nix diff --git a/modules/profiles/workstation/services/login.nix b/modules/profiles/meta/workstation/services/login.nix similarity index 100% rename from modules/profiles/workstation/services/login.nix rename to modules/profiles/meta/workstation/services/login.nix diff --git a/modules/profiles/workstation/services/misc.nix b/modules/profiles/meta/workstation/services/misc.nix similarity index 97% rename from modules/profiles/workstation/services/misc.nix rename to modules/profiles/meta/workstation/services/misc.nix index f87851a1a..b288e9f05 100644 --- a/modules/profiles/workstation/services/misc.nix +++ b/modules/profiles/meta/workstation/services/misc.nix @@ -6,7 +6,7 @@ }: let inherit (lib) mkIf; inherit (config.modules) device; - acceptedTypes = ["desktop" "laptop" "hybrid" "lite"]; + acceptedTypes = ["desktop" "laptop" "wsl" "hybrid" "lite"]; in { config = mkIf (builtins.elem device.type acceptedTypes) { services = { diff --git a/modules/profiles/workstation/services/printing.nix b/modules/profiles/meta/workstation/services/printing.nix similarity index 100% rename from modules/profiles/workstation/services/printing.nix rename to modules/profiles/meta/workstation/services/printing.nix diff --git a/modules/profiles/workstation/services/runners.nix b/modules/profiles/meta/workstation/services/runners.nix similarity index 100% rename from modules/profiles/workstation/services/runners.nix rename to modules/profiles/meta/workstation/services/runners.nix diff --git a/modules/profiles/workstation/services/tor.nix b/modules/profiles/meta/workstation/services/tor.nix similarity index 100% rename from modules/profiles/workstation/services/tor.nix rename to modules/profiles/meta/workstation/services/tor.nix diff --git a/modules/profiles/workstation/services/xserver.nix b/modules/profiles/meta/workstation/services/xserver.nix similarity index 93% rename from modules/profiles/workstation/services/xserver.nix rename to modules/profiles/meta/workstation/services/xserver.nix index 4493b3ed3..968d72694 100644 --- a/modules/profiles/workstation/services/xserver.nix +++ b/modules/profiles/meta/workstation/services/xserver.nix @@ -11,6 +11,7 @@ in { config = mkIf (system.video.enable && builtins.elem device.type acceptedTypes) { services.xserver = { enable = environment.loginManager != "greetd"; + displayManager = { gdm.enable = environment.loginManager == "gdm"; lightdm.enable = environment.loginManager == "lightdm"; @@ -23,6 +24,10 @@ in { }; }; }; + + excludePackages = [ + pkgs.xterm + ]; }; }; } diff --git a/modules/profiles/workstation/system/default.nix b/modules/profiles/meta/workstation/system/default.nix similarity index 100% rename from modules/profiles/workstation/system/default.nix rename to modules/profiles/meta/workstation/system/default.nix diff --git a/modules/profiles/workstation/system/fonts.nix b/modules/profiles/meta/workstation/system/fonts.nix similarity index 54% rename from modules/profiles/workstation/system/fonts.nix rename to modules/profiles/meta/workstation/system/fonts.nix index 0edd3f6ca..6e2e32882 100644 --- a/modules/profiles/workstation/system/fonts.nix +++ b/modules/profiles/meta/workstation/system/fonts.nix @@ -7,15 +7,15 @@ enable = true; defaultFonts = { - monospace = [ - "RobotoMono Nerd Font Mono" - ]; - sansSerif = ["Ubuntu Nerd Font"]; + monospace = ["RobotoMono Nerd Font Mono"]; + sansSerif = ["Roboto Nerd Font"]; serif = ["Noto Serif"]; emoji = ["Noto Color Emoji"]; }; }; + # will be removed after this PR is merged: + # https://github.com/LnL7/nix-darwin/pull/754 fontDir = { enable = true; decompressFonts = true; @@ -23,14 +23,31 @@ packages = with pkgs; [ corefonts + material-icons material-design-icons + + source-sans + source-serif + dejavu_fonts inter + noto-fonts noto-fonts-cjk noto-fonts-emoji - (nerdfonts.override {fonts = ["RobotoMono" "JetBrainsMono" "Mononoki" "Ubuntu" "UbuntuMono" "Noto"];}) + + (nerdfonts.override { + fonts = [ + "NerdFontsSymbolsOnly" + "RobotoMono" + "JetBrainsMono" + "Mononoki" + "Ubuntu" + "UbuntuMono" + "Noto" + ]; + }) ]; }; }; diff --git a/modules/profiles/workstation/system/misc.nix b/modules/profiles/meta/workstation/system/misc.nix similarity index 100% rename from modules/profiles/workstation/system/misc.nix rename to modules/profiles/meta/workstation/system/misc.nix