From 8c0f9076d8e71c56f0d49ad39f8ff54c470792a7 Mon Sep 17 00:00:00 2001 From: sstent Date: Fri, 1 Dec 2023 22:42:33 +0000 Subject: [PATCH] new flake --- configuration.nix | 119 ------- flake.lock | 169 +-------- flake.nix | 172 +++------ flake.nixold | 177 ++++++++++ home-manager/global.nix | 59 ++-- {lib => home-manager/lib}/hm_secrets.nix | 0 .../users/sstent/beets.nix | 333 +++++++++--------- home-manager/users/sstent/default.nix | 25 +- hosts/binfmt.nix | 59 ++-- hosts/common.nix | 170 ++++----- hosts/commonold.nix | 179 ---------- lib/attrs.nix | 24 -- lib/default.nix | 37 -- lib/generators.nix | 32 -- lib/modules.nix | 60 ---- lib/nixos.nix | 29 -- lib/options.nix | 16 - modules/home-manager/default.nix | 19 + modules/home-manager/keybase/default.nix | 34 -- modules/home-manager/ssh-proxy/default.nix | 45 --- modules/nixos/default.nix | 19 + modules/nixos/vpn/default.nix | 4 +- modules/nixos/vpn/secrets.nix | 8 +- pkgs/default.nix | 6 - pkgs/npiperelay/default.nix | 52 --- 25 files changed, 593 insertions(+), 1254 deletions(-) delete mode 100644 configuration.nix create mode 100644 flake.nixold rename {lib => home-manager/lib}/hm_secrets.nix (100%) rename modules/home-manager/beets/default.nix => home-manager/users/sstent/beets.nix (95%) delete mode 100644 hosts/commonold.nix delete mode 100644 lib/attrs.nix delete mode 100644 lib/default.nix delete mode 100644 lib/generators.nix delete mode 100644 lib/modules.nix delete mode 100644 lib/nixos.nix delete mode 100644 lib/options.nix create mode 100644 modules/home-manager/default.nix delete mode 100644 modules/home-manager/keybase/default.nix delete mode 100644 modules/home-manager/ssh-proxy/default.nix create mode 100644 modules/nixos/default.nix delete mode 100644 pkgs/default.nix delete mode 100644 pkgs/npiperelay/default.nix diff --git a/configuration.nix b/configuration.nix deleted file mode 100644 index 3ecc363..0000000 --- a/configuration.nix +++ /dev/null @@ -1,119 +0,0 @@ -{self, ...} @ inputs: -with inputs; let - ## Variable Declaration ## - # Supported Architectures - platforms = ["x86_64-linux"]; - - # NixOS Version - version = readFile ./.version; - - # System Libraries - inherit (self) files; - inherit (lib) eachSystem filters; - inherit (builtins) head readFile; - inherit (lib.util) build map pack; - lib = library.lib.extend (final: prev: - { - inherit (flatpak.lib) flatpak; - deploy = deploy.lib; - filters = ignore.lib // {inherit (filter.lib) filter matchExt;}; - hooks = hooks.lib; - image = generators.nixosGenerate; - wine = wine.lib; - util = import ./lib { - inherit self platforms; - lib = final; - }; - } - // home.lib - // utils.lib); -in - eachSystem platforms (system: let - # Default Package Channel - pkgs = self.legacyPackages."${system}"; - - # Package Calling Function - call = name: pkgs.callPackage name {inherit lib inputs pkgs files;}; - in { - ## Configuration Checks ## - checks = import ./modules/nix/checks.nix {inherit self system lib;}; - - ## Developer Shells ## - devShells = - map.modules' ./shells (file: pkgs.mkShell (import file pkgs)) - // { - default = import ./shells {inherit pkgs;}; - website = import ./site/shell.nix {inherit pkgs;}; - commit = - pkgs.mkShell {inherit (self.checks."${system}".commit) shellHook;}; - }; - - ## Code Formatter ## - formatter = pkgs.treefmt; - - ## Package Configuration ## - legacyPackages = self.channels."${system}".stable; - - # Channels - channels = { - stable = (build.channel stable [] ./packages/patches)."${system}"; - unstable = (build.channel unstable [nur.overlay] [])."${system}"; - wine = wine.packages."${system}"; - gaming = gaming.packages."${system}"; - apps = { - deploy = deploy.defaultPackage."${system}"; - generators = generators.defaultPackage."${system}"; - }; - }; - - # Custom Packages - # apps = map.modules ./scripts (name: lib.mkApp {drv = call name;}) // {default = self.apps."${system}".nixos;}; - # packages = map.modules ./packages call // map.modules ./scripts call // {default = self.packages."${system}".dotfiles;}; - }) - // { - # Overrides - overlays = map.modules ./packages/overlays import; - - ## Custom Library Functions ## - lib = lib.util; - - ## Program Configuration and 'dotfiles' ## - # files = import ./files lib self.legacyPackages."${head platforms}"; - - ## Custom Configuration Modules ## - nixosModules = - map.modules ./modules import - // {default = import ./modules {inherit version lib inputs files;};}; - - ## Configuration Templates ## - # templates = import ./.templates lib; - - ## Device Configuration ## - # deploy = import ./modules/nix/deploy.nix {inherit self lib;}; - # nixosConfigurations = - # map.modules ./devices (name: build.device (import name)); - - nixosConfigurations = { - go3-wsl = nixpkgs.lib.nixosSystem { - specialArgs = { inherit inputs outputs; }; - modules = [ - ./hosts/WSL/go3-wsl - ]; - }; - StuPC-WSL = nixpkgs.lib.nixosSystem { - specialArgs = { inherit inputs outputs; }; - modules = [ - ./hosts/WSL/StuPC-WSL - ]; - }; - - }; - - - ## Virtual Machines ## - # vmConfigurations = - # map.modules ./devices/vm (name: - # import name (head platforms) inputs self.channels."${head platforms}".stable); - - }; - } \ No newline at end of file diff --git a/flake.lock b/flake.lock index 59fe99e..bcb9af6 100644 --- a/flake.lock +++ b/flake.lock @@ -1,20 +1,5 @@ { "nodes": { - "filter": { - "locked": { - "lastModified": 1694857738, - "narHash": "sha256-bxxNyLHjhu0N8T3REINXQ2ZkJco0ABFPn6PIe2QUfqo=", - "owner": "numtide", - "repo": "nix-filter", - "rev": "41fd48e00c22b4ced525af521ead8792402de0ea", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "nix-filter", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -53,42 +38,6 @@ "inputs": { "systems": "systems_2" }, - "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_3": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_4": { - "inputs": { - "systems": "systems_4" - }, "locked": { "lastModified": 1681202837, "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", @@ -124,62 +73,10 @@ "type": "github" } }, - "ignore": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1694102001, - "narHash": "sha256-vky6VPK1n1od6vXbqzOXnekrQpTL4hbPAwUhT5J9c9E=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "9e21c80adf67ebcb077d75bd5e7d724d21eeafd6", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "library": { - "locked": { - "lastModified": 1674348806, - "narHash": "sha256-hKi7sFobRQg6sJxskRFCjt/d8gR+w0ClEWZatlr2rnw=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "af5239f892ae6e1c8bb560b11ed874cebbd10696", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "master", - "repo": "nixpkgs.lib", - "rev": "af5239f892ae6e1c8bb560b11ed874cebbd10696", - "type": "github" - } - }, - "nixos-hardware": { - "locked": { - "lastModified": 1696614066, - "narHash": "sha256-nAyYhO7TCr1tikacP37O9FnGr2USOsVBD3IgvndUYjM=", - "owner": "NixOS", - "repo": "nixos-hardware", - "rev": "bb2db418b616fea536b1be7f6ee72fb45c11afe0", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixos-hardware", - "type": "github" - } - }, "nixos-wsl": { "inputs": { "flake-compat": "flake-compat", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ] @@ -200,16 +97,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1696610053, - "narHash": "sha256-nMYt0iIt9OEdsP7XuNjwml+nweuHTWWx86f1t7Dp3FM=", + "lastModified": 1701362232, + "narHash": "sha256-GVdzxL0lhEadqs3hfRLuj+L1OJFGiL/L7gCcelgBlsw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f49c3d6bb60a6317e4c5137d50299b5c93a8a64b", + "rev": "d2332963662edffacfddfad59ff4f709dde80ffe", "type": "github" }, "original": { "owner": "nixos", - "ref": "release-23.05", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -278,17 +175,11 @@ }, "root": { "inputs": { - "filter": "filter", - "flake-utils": "flake-utils", "home-manager": "home-manager", - "ignore": "ignore", - "library": "library", - "nixos-hardware": "nixos-hardware", "nixos-wsl": "nixos-wsl", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix", - "utils": "utils", "vscode-server": "vscode-server" } }, @@ -341,57 +232,9 @@ "type": "github" } }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "utils": { - "inputs": { - "flake-utils": "flake-utils_3" - }, - "locked": { - "lastModified": 1696331477, - "narHash": "sha256-YkbRa/1wQWdWkVJ01JvV+75KIdM37UErqKgTf0L54Fk=", - "owner": "gytis-ivaskevicius", - "repo": "flake-utils-plus", - "rev": "bfc53579db89de750b25b0c5e7af299e0c06d7d3", - "type": "github" - }, - "original": { - "owner": "gytis-ivaskevicius", - "repo": "flake-utils-plus", - "type": "github" - } - }, "vscode-server": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_2", "nixpkgs": "nixpkgs_3" }, "locked": { diff --git a/flake.nix b/flake.nix index 391666e..364f172 100644 --- a/flake.nix +++ b/flake.nix @@ -3,141 +3,93 @@ inputs = { # Nixpkgs - nixpkgs.url = "github:nixos/nixpkgs/release-23.05"; - # You can access packages and modules from different nixpkgs revs - # at the same time. Here's an working example: + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Also see the 'unstable-packages' overlay at 'overlays/default.nix'. # Home manager home-manager.url = "github:nix-community/home-manager/release-23.05"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - - # TODO: Add any other flake you might need - # hardware.url = "github:nixos/nixos-hardware"; - - # Shameless plug: looking for a way to nixify your themes and make - # everything match nicely? Try nix-colors! - # nix-colors.url = "github:misterio77/nix-colors"; - nixos-hardware.url = "github:NixOS/nixos-hardware"; # Import nixos hardware quirks settings - # nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs";}; #import nixos-generators for building images nixos-wsl = { url = "github:nix-community/nixos-wsl"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix.url = github:Mic92/sops-nix; - flake-utils.url = "github:numtide/flake-utils"; - # nix.url = "github:NixOS/nix/2.12.0"; vscode-server.url = "github:msteen/nixos-vscode-server"; - - # homeage = {url = "github:jordanisaacs/homeage"; inputs.nixpkgs.follows = "nixpkgs";}; - # Nix Library Functions - library = { - type = "github"; - owner = "nix-community"; - repo = "nixpkgs.lib"; - ref = "master"; - rev = "af5239f892ae6e1c8bb560b11ed874cebbd10696"; - }; - # Source Filter Functions - filter.url = "github:numtide/nix-filter"; - ignore = { - url = "github:hercules-ci/gitignore.nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - # Flake Utility Functions - utils.url = "github:gytis-ivaskevicius/flake-utils-plus"; }; outputs = { self, nixpkgs, home-manager, - nixpkgs-unstable, ... } @ inputs: let - inherit (lib.my) mapModules mapModulesRec mapHosts; inherit (self) outputs; - - system = "x86_64-linux"; - - mkPkgs = pkgs: extraOverlays: - import pkgs { - inherit system; - config.allowUnfree = true; # forgive me Stallman senpai - overlays = extraOverlays ++ (lib.attrValues self.overlays); - }; - pkgs = mkPkgs nixpkgs [self.overlay]; - pkgs' = mkPkgs nixpkgs-unstable []; - - lib = - nixpkgs.lib.extend - (self: super: - { - my = import ./lib { - inherit pkgs inputs outputs; - lib = self; - }; - } - // home-manager.lib); + # Supported systems for your flake packages, shell, etc. + systems = [ + "aarch64-linux" + #"i686-linux" + "x86_64-linux" + #"aarch64-darwin" + #"x86_64-darwin" + ]; + # This is a function that generates an attribute by calling a function you + # pass to it, with each system as an argument + forAllSystems = nixpkgs.lib.genAttrs systems; + in { - lib = lib.my; - packages."${system}" = - mapModules ./pkgs (p: pkgs.callPackage p {}); - formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; + # lib = lib.my; - devShell."${system}" = - import ./shell.nix {inherit pkgs;}; + # Your custom packages + # Accessible through 'nix build', 'nix shell', etc + ##packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system}); - overlay = final: prev: { - #unstable = pkgs'; - my = self.packages."${system}"; - }; + # Formatter for your nix files, available through 'nix fmt' + # Other options beside 'alejandra' include 'nixpkgs-fmt' + formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); + # Your custom packages and modifications, exported as overlays overlays = import ./overlays {inherit inputs;}; - # Output all modules in ./modules to flake. Modules should be in - # individual subdirectories and contain a default.nix file - nixosModules = builtins.listToAttrs (map - (x: { - name = x; - value = import (./modules/nixos + "/${x}"); - }) - (builtins.attrNames (builtins.readDir ./modules/nixos))); + # Reusable nixos modules you might want to export + # These are usually stuff you would upstream into nixpkgs + nixosModules = import ./modules/nixos; - ##import our HM modules - ## -- imported in ./home-manger/general - - homeManagerModules = builtins.listToAttrs (map - (name: { - inherit name; - value = import (./modules/home-manager + "/${name}"); - }) - (builtins.attrNames (builtins.readDir ./modules/home-manager))); - - # nixosConfigurations = - # mapHosts ./hosts {}; + # Reusable home-manager modules you might want to export + # These are usually stuff you would upstream into home-manager + homeManagerModules = import ./modules/home-manager; # NixOS configuration entrypoint # Available through 'nixos-rebuild --flake .#your-hostname' nixosConfigurations = { - go3-wsl = nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs outputs lib; - hostName = "go3-wsl"; - }; - modules = [ - ./hosts/go3-wsl - ]; - }; + # FIXME replace with your hostname StuPC-WSL = nixpkgs.lib.nixosSystem { specialArgs = { - inherit inputs outputs lib; + inherit inputs outputs; hostName = "StuPC"; }; modules = [ ./hosts/StuPC-WSL + # home-manager + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.sstent = import ./home-manager/users/sstent; + home-manager.sharedModules = [ + inputs.sops-nix.homeManagerModules.sops + ]; + } + + ]; + }; + + your-hostname = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs outputs;}; + modules = [ + # > Our main nixos configuration file < + ./nixos/configuration.nix ]; }; }; @@ -146,30 +98,12 @@ # Available through 'home-manager --flake .#your-username@your-hostname' homeConfigurations = { # FIXME replace with your username@hostname - "sstent@go3-wsl" = home-manager.lib.homeManagerConfiguration { - # pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance - pkgs = pkgs; - extraSpecialArgs = { - inherit inputs outputs lib; - hostName = "go3-wsl"; - }; + "your-username@your-hostname" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + extraSpecialArgs = {inherit inputs outputs;}; modules = [ # > Our main home-manager configuration file < - ./home-manager/users/sstent - inputs.sops-nix.homeManagerModules.sops - ]; - }; - "sstent@StuPC-WSL" = home-manager.lib.homeManagerConfiguration { - # pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance - pkgs = pkgs; - extraSpecialArgs = { - inherit inputs outputs lib; - hostName = "StuPC-WSL"; - }; - modules = [ - # > Our main home-manager configuration file < - ./home-manager/users/sstent - inputs.sops-nix.homeManagerModules.sops + ./home-manager/home.nix ]; }; }; diff --git a/flake.nixold b/flake.nixold new file mode 100644 index 0000000..391666e --- /dev/null +++ b/flake.nixold @@ -0,0 +1,177 @@ +{ + description = "Your new nix config"; + + inputs = { + # Nixpkgs + nixpkgs.url = "github:nixos/nixpkgs/release-23.05"; + # You can access packages and modules from different nixpkgs revs + # at the same time. Here's an working example: + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + # Also see the 'unstable-packages' overlay at 'overlays/default.nix'. + + # Home manager + home-manager.url = "github:nix-community/home-manager/release-23.05"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + + # TODO: Add any other flake you might need + # hardware.url = "github:nixos/nixos-hardware"; + + # Shameless plug: looking for a way to nixify your themes and make + # everything match nicely? Try nix-colors! + # nix-colors.url = "github:misterio77/nix-colors"; + nixos-hardware.url = "github:NixOS/nixos-hardware"; # Import nixos hardware quirks settings + # nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs";}; #import nixos-generators for building images + nixos-wsl = { + url = "github:nix-community/nixos-wsl"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + sops-nix.url = github:Mic92/sops-nix; + flake-utils.url = "github:numtide/flake-utils"; + # nix.url = "github:NixOS/nix/2.12.0"; + vscode-server.url = "github:msteen/nixos-vscode-server"; + + # homeage = {url = "github:jordanisaacs/homeage"; inputs.nixpkgs.follows = "nixpkgs";}; + # Nix Library Functions + library = { + type = "github"; + owner = "nix-community"; + repo = "nixpkgs.lib"; + ref = "master"; + rev = "af5239f892ae6e1c8bb560b11ed874cebbd10696"; + }; + # Source Filter Functions + filter.url = "github:numtide/nix-filter"; + ignore = { + url = "github:hercules-ci/gitignore.nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + # Flake Utility Functions + utils.url = "github:gytis-ivaskevicius/flake-utils-plus"; + }; + + outputs = { + self, + nixpkgs, + home-manager, + nixpkgs-unstable, + ... + } @ inputs: let + inherit (lib.my) mapModules mapModulesRec mapHosts; + inherit (self) outputs; + + system = "x86_64-linux"; + + mkPkgs = pkgs: extraOverlays: + import pkgs { + inherit system; + config.allowUnfree = true; # forgive me Stallman senpai + overlays = extraOverlays ++ (lib.attrValues self.overlays); + }; + pkgs = mkPkgs nixpkgs [self.overlay]; + pkgs' = mkPkgs nixpkgs-unstable []; + + lib = + nixpkgs.lib.extend + (self: super: + { + my = import ./lib { + inherit pkgs inputs outputs; + lib = self; + }; + } + // home-manager.lib); + in { + lib = lib.my; + packages."${system}" = + mapModules ./pkgs (p: pkgs.callPackage p {}); + formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; + + devShell."${system}" = + import ./shell.nix {inherit pkgs;}; + + overlay = final: prev: { + #unstable = pkgs'; + my = self.packages."${system}"; + }; + + overlays = import ./overlays {inherit inputs;}; + + # Output all modules in ./modules to flake. Modules should be in + # individual subdirectories and contain a default.nix file + nixosModules = builtins.listToAttrs (map + (x: { + name = x; + value = import (./modules/nixos + "/${x}"); + }) + (builtins.attrNames (builtins.readDir ./modules/nixos))); + + ##import our HM modules + ## -- imported in ./home-manger/general + + homeManagerModules = builtins.listToAttrs (map + (name: { + inherit name; + value = import (./modules/home-manager + "/${name}"); + }) + (builtins.attrNames (builtins.readDir ./modules/home-manager))); + + # nixosConfigurations = + # mapHosts ./hosts {}; + + # NixOS configuration entrypoint + # Available through 'nixos-rebuild --flake .#your-hostname' + nixosConfigurations = { + go3-wsl = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs lib; + hostName = "go3-wsl"; + }; + modules = [ + ./hosts/go3-wsl + ]; + }; + StuPC-WSL = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs lib; + hostName = "StuPC"; + }; + modules = [ + ./hosts/StuPC-WSL + ]; + }; + }; + + # Standalone home-manager configuration entrypoint + # Available through 'home-manager --flake .#your-username@your-hostname' + homeConfigurations = { + # FIXME replace with your username@hostname + "sstent@go3-wsl" = home-manager.lib.homeManagerConfiguration { + # pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + pkgs = pkgs; + extraSpecialArgs = { + inherit inputs outputs lib; + hostName = "go3-wsl"; + }; + modules = [ + # > Our main home-manager configuration file < + ./home-manager/users/sstent + inputs.sops-nix.homeManagerModules.sops + ]; + }; + "sstent@StuPC-WSL" = home-manager.lib.homeManagerConfiguration { + # pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + pkgs = pkgs; + extraSpecialArgs = { + inherit inputs outputs lib; + hostName = "StuPC-WSL"; + }; + modules = [ + # > Our main home-manager configuration file < + ./home-manager/users/sstent + inputs.sops-nix.homeManagerModules.sops + ]; + }; + }; + }; +} diff --git a/home-manager/global.nix b/home-manager/global.nix index e8e36fc..da18fc7 100644 --- a/home-manager/global.nix +++ b/home-manager/global.nix @@ -11,48 +11,29 @@ # ./beets.nix # ./keybase.nix "${inputs.vscode-server}/modules/vscode-server/home.nix" - ] - ++ (builtins.attrValues outputs.homeManagerModules); + outputs.homeManagerModules + ]; + # ++ (builtins.attrValues outputs.homeManagerModules); - ###dotfiles path variable - options._dotfiles = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/home-manager/dotfiles"; - description = "Path to the dotfiles in this repository"; - }; + + # config = { + # nixpkgs = { + # overlays = builtins.attrValues outputs.overlays; + # config = { + # allowUnfree = true; + # allowUnfreePredicate = _: true; + # }; + # }; - ###secrets path variable - options._secrets = lib.mkOption { - type = lib.types.str; - default = "/run/user/1000/secrets/"; - description = "Path to the Secrets runtime"; - }; + # nix = { + # package = lib.mkDefault pkgs.nix; + # settings = { + # experimental-features = ["nix-command" "flakes" "repl-flake"]; + # warn-dirty = false; + # }; + # }; - ###secretstore path variable - options._secretstore = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/secrets/"; - description = "Path to the Secrets storage"; - }; - - config = { - nixpkgs = { - overlays = builtins.attrValues outputs.overlays; - config = { - allowUnfree = true; - allowUnfreePredicate = _: true; - }; - }; - - nix = { - package = lib.mkDefault pkgs.nix; - settings = { - experimental-features = ["nix-command" "flakes" "repl-flake"]; - warn-dirty = false; - }; - }; - - ##VSCode + # ##VSCode services.vscode-server.enable = true; services.vscode-server.enableFHS = true; services.vscode-server.nodejsPackage = pkgs.nodejs-18_x; diff --git a/lib/hm_secrets.nix b/home-manager/lib/hm_secrets.nix similarity index 100% rename from lib/hm_secrets.nix rename to home-manager/lib/hm_secrets.nix diff --git a/modules/home-manager/beets/default.nix b/home-manager/users/sstent/beets.nix similarity index 95% rename from modules/home-manager/beets/default.nix rename to home-manager/users/sstent/beets.nix index a6b97d8..07b53ba 100644 --- a/modules/home-manager/beets/default.nix +++ b/home-manager/users/sstent/beets.nix @@ -1,172 +1,161 @@ -{ - config, - pkgs, - lib, - ... -}: -with lib; let - cfg = config.custom.beets; -in { - options.custom.beets = { - enable = mkOption { - type = types.bool; - default = false; - description = "Enable Beets"; - }; - }; - - config = mkIf cfg.enable { - home.packages = [ - pkgs.ffmpeg # for replaygain - ]; - - sops = { - secrets.discogs_json = { - path = "${config.xdg.configHome}/beets/discogs_token.json"; - }; - }; - programs.beets = { - enable = true; - settings = { - album_fields = { - artist_grouping = '' - albumartist_dev = ["devin townsend", "devin townsend project","punky brüster","strapping young lad"] - DevinFolder = "_Devin Townsend Projects" - if albumartist.lower() in albumartist_dev: - return DevinFolder - albumartist_les = ["primus", "les claypool","les claypool and the holy mackerel","les claypool’s duo de twang","oysterhead","colonel claypool’s bucket of bernie brains","the les claypool frog brigade","the claypool lennon delirium"] - LesFolder = "_Les Claypool Projects" - if albumartist.lower() in albumartist_les: - return LesFolder - ''; - atype = '' - atypes = ['EP', 'Single','Live'] - for atype in atypes: - if atype.lower() == albumtype.lower(): - return f' [{atype}]' - ''; - first_artist = "albumartist.split(', ',1)[0:1][0]"; - }; - albumtypes = { - bracket = "[]"; - ignore_va = "compilation"; - types = [ - {ep = "EP";} - {single = "Single";} - {soundtrack = "OST";} - {live = "Live";} - {compilation = "Anthology";} - {remix = "Remix";} - ]; - }; - aunique = { - bracket = "[]"; - disambiguators = "media"; - keys = "albumartist album"; - }; - copyartifacts = {extensions = ".cue .log .jpg .jpeg .png .txt";}; - directory = "/mnt/q/CleanMusic/"; - embedart = {auto = true;}; - extrafiles = { - paths = { - artworkdir = "$albumpath/Artwork"; - "ext:cue" = "$albumpath/$disc_folder/Data/"; - "ext:jpg" = "$albumpath/$disc_folder/"; - "ext:log" = "$albumpath/$disc_folder/Data/"; - }; - patterns = { - all = "*.*"; - artworkdir = ["[sS]cans/" "[aA]rtwork/" "[aA]rt/" "[cC]over/"]; - }; - }; - fetchart = { - auto = true; - sources = "filesystem coverart itunes amazon albumart fanarttv"; - }; - import = { - autotag = true; - bell = false; - copy = true; - languages = "en"; - log = "~/.config/beets/beet.log"; - move = false; - write = true; - }; - item_fields = { - isMultidisc = "1 if disctotal > 1 else 0"; - myBitDepth = "('' if bitdepth != 24 else '[24bit - '+ media + ']')"; - myDisc = "('' if disctotal <= 1 else str(disc) + ' - ')"; - mySongartist = "artist + ' - ' if artist != albumartist and artist != '' else ''"; - }; - library = "~/musiclibrary.db"; - match = { - max_rec = { - album = "strong"; - album_id = "strong"; - albumdisambig = "strong"; - artist = "strong"; - catalognum = "strong"; - country = "strong"; - label = "strong"; - media = "strong"; - mediums = "strong"; - missing_tracks = "medium"; - source = "strong"; - track_artist = "strong"; - track_id = "strong"; - track_index = "strong"; - track_length = "strong"; - track_title = "strong"; - tracks = "strong"; - unmatched_tracks = "medium"; - year = "strong"; - }; - strong_rec_thresh = 5.0e-2; - }; - missing = { - format_album = "$albumartist: ($year) $album $albumtype $atype"; - format_item = "$albumartist - $album [$albumtype]$atype: $track/$tracktotal $title"; - }; - musicbrainz = { - pass = "7ANCLPczDNFn6Sf65vdZ"; - user = "shapechecker"; - }; - original_date = true; - paths = { - "albumtype:soundtrack" = "Soundtracks/$albumartist - $album%aunique{} ($year)/$myDisc$track - $artist - $title"; - comp = "Compilations/$albumartist/($year) $album%aunique{}/$myDisc$track - $artist - $title"; - default = "%if{$artist_grouping,$artist_grouping/}$first_artist/$year - $album $atype%aunique{media}[%upper{$format}$bitdepth]%if{$media,[$media]}/%if{$isMultidisc,$disc - }$track - $mySongartist$title"; - }; - per_disc_numbering = true; - plugins = [ - "albumtypes" - "duplicates" - "fetchart" - "rewrite" - "missing" - "chroma" - "embedart" - "inline" - "discogs" - "mbcollection" - "replaygain" - "info" - ]; - replaygain = { - backend = "ffmpeg"; - }; - rewrite = { - "artist Björk & Tríó Guðmundar Ingólfssonar" = "Björk"; - "artist Brant Bjork and The Low Desert Punk Band" = "Brant Bjork"; - "artist King Gizzard & The Lizard Wizard with Mild High Club" = "King Gizzard & The Lizard Wizard"; - "artist Kyuss _ Queens of the Stone Age" = "Kyuss"; - "artist Professor Elemental & Tom Caruana" = "Professor Elemental"; - "artist Resin Dogs Feat Spikey Tee" = "Resin Dogs"; - "artist Sepultura _ Exodus" = "Sepultura"; - "artist The Knife in collaboration with Mount Sims and Planningtorock" = "The Knife"; - "artist Unida _ Dozer" = "Unida"; - }; - }; - }; - }; -} + { + inputs, + lib, + pkgs, + config, + outputs, + ... +}: { + home.packages = [ + pkgs.ffmpeg # for replaygain + ]; + + sops = { + secrets.discogs_json = { + path = "${config.xdg.configHome}/beets/discogs_token.json"; + }; + }; + programs.beets = { + enable = true; + settings = { + album_fields = { + artist_grouping = '' + albumartist_dev = ["devin townsend", "devin townsend project","punky brüster","strapping young lad"] + DevinFolder = "_Devin Townsend Projects" + if albumartist.lower() in albumartist_dev: + return DevinFolder + albumartist_les = ["primus", "les claypool","les claypool and the holy mackerel","les claypool’s duo de twang","oysterhead","colonel claypool’s bucket of bernie brains","the les claypool frog brigade","the claypool lennon delirium"] + LesFolder = "_Les Claypool Projects" + if albumartist.lower() in albumartist_les: + return LesFolder + ''; + atype = '' + atypes = ['EP', 'Single','Live'] + for atype in atypes: + if atype.lower() == albumtype.lower(): + return f' [{atype}]' + ''; + first_artist = "albumartist.split(', ',1)[0:1][0]"; + }; + albumtypes = { + bracket = "[]"; + ignore_va = "compilation"; + types = [ + {ep = "EP";} + {single = "Single";} + {soundtrack = "OST";} + {live = "Live";} + {compilation = "Anthology";} + {remix = "Remix";} + ]; + }; + aunique = { + bracket = "[]"; + disambiguators = "media"; + keys = "albumartist album"; + }; + copyartifacts = {extensions = ".cue .log .jpg .jpeg .png .txt";}; + directory = "/mnt/q/CleanMusic/"; + embedart = {auto = true;}; + extrafiles = { + paths = { + artworkdir = "$albumpath/Artwork"; + "ext:cue" = "$albumpath/$disc_folder/Data/"; + "ext:jpg" = "$albumpath/$disc_folder/"; + "ext:log" = "$albumpath/$disc_folder/Data/"; + }; + patterns = { + all = "*.*"; + artworkdir = ["[sS]cans/" "[aA]rtwork/" "[aA]rt/" "[cC]over/"]; + }; + }; + fetchart = { + auto = true; + sources = "filesystem coverart itunes amazon albumart fanarttv"; + }; + import = { + autotag = true; + bell = false; + copy = true; + languages = "en"; + log = "~/.config/beets/beet.log"; + move = false; + write = true; + }; + item_fields = { + isMultidisc = "1 if disctotal > 1 else 0"; + myBitDepth = "('' if bitdepth != 24 else '[24bit - '+ media + ']')"; + myDisc = "('' if disctotal <= 1 else str(disc) + ' - ')"; + mySongartist = "artist + ' - ' if artist != albumartist and artist != '' else ''"; + }; + library = "~/musiclibrary.db"; + match = { + max_rec = { + album = "strong"; + album_id = "strong"; + albumdisambig = "strong"; + artist = "strong"; + catalognum = "strong"; + country = "strong"; + label = "strong"; + media = "strong"; + mediums = "strong"; + missing_tracks = "medium"; + source = "strong"; + track_artist = "strong"; + track_id = "strong"; + track_index = "strong"; + track_length = "strong"; + track_title = "strong"; + tracks = "strong"; + unmatched_tracks = "medium"; + year = "strong"; + }; + strong_rec_thresh = 5.0e-2; + }; + missing = { + format_album = "$albumartist: ($year) $album $albumtype $atype"; + format_item = "$albumartist - $album [$albumtype]$atype: $track/$tracktotal $title"; + }; + musicbrainz = { + pass = "7ANCLPczDNFn6Sf65vdZ"; + user = "shapechecker"; + }; + original_date = true; + paths = { + "albumtype:soundtrack" = "Soundtracks/$albumartist - $album%aunique{} ($year)/$myDisc$track - $artist - $title"; + comp = "Compilations/$albumartist/($year) $album%aunique{}/$myDisc$track - $artist - $title"; + default = "%if{$artist_grouping,$artist_grouping/}$first_artist/$year - $album $atype%aunique{media}[%upper{$format}$bitdepth]%if{$media,[$media]}/%if{$isMultidisc,$disc - }$track - $mySongartist$title"; + }; + per_disc_numbering = true; + plugins = [ + "albumtypes" + "duplicates" + "fetchart" + "rewrite" + "missing" + "chroma" + "embedart" + "inline" + "discogs" + "mbcollection" + "replaygain" + "info" + ]; + replaygain = { + backend = "ffmpeg"; + }; + rewrite = { + "artist Björk & Tríó Guðmundar Ingólfssonar" = "Björk"; + "artist Brant Bjork and The Low Desert Punk Band" = "Brant Bjork"; + "artist King Gizzard & The Lizard Wizard with Mild High Club" = "King Gizzard & The Lizard Wizard"; + "artist Kyuss _ Queens of the Stone Age" = "Kyuss"; + "artist Professor Elemental & Tom Caruana" = "Professor Elemental"; + "artist Resin Dogs Feat Spikey Tee" = "Resin Dogs"; + "artist Sepultura _ Exodus" = "Sepultura"; + "artist The Knife in collaboration with Mount Sims and Planningtorock" = "The Knife"; + "artist Unida _ Dozer" = "Unida"; + }; + }; + }; +} \ No newline at end of file diff --git a/home-manager/users/sstent/default.nix b/home-manager/users/sstent/default.nix index eba67cf..6230c50 100644 --- a/home-manager/users/sstent/default.nix +++ b/home-manager/users/sstent/default.nix @@ -8,7 +8,10 @@ ... }: { imports = [ - ../../global.nix + # # ../../global.nix + # # outputs.homeManagerModules + ./beets.nix + ]; home.username = "sstent"; home.homeDirectory = "/home/sstent"; @@ -16,10 +19,10 @@ sops = { age.sshKeyPaths = ["/home/sstent/.ssh/id_ed25519"]; - defaultSopsFile = "${config._secretstore}/user-secrets.yaml"; + defaultSopsFile = ../../../secrets/user-secrets.yaml; secrets = { mrconfig = { - sopsFile = "${config._secretstore}/user_dotfiles/mrconfig"; + sopsFile = ../../../secrets/user_dotfiles/mrconfig; format = "binary"; path = "${config.home.homeDirectory}/.mrconfig"; }; @@ -58,11 +61,11 @@ gnumake ]; - custom = { - ssh-proxy.enable = false; - beets.enable = true; - keybase.enable = true; - }; + # custom = { + # # ssh-proxy.enable = false; + # beets.enable = true; + # # keybase.enable = true; + # }; # home.file.".mrconfig".source = config.lib.file.mkOutOfStoreSymlink "${config._secrets}/mrconfig"; programs = { @@ -104,9 +107,9 @@ ssh = { enable = true; extraConfig = '' - StrictHostKeyChecking no - UpdateHostKeys yes - identityFile = "~/.ssh/id_rsa" + StrictHostKeyChecking no + UpdateHostKeys yes + identityFile = "~/.ssh/id_rsa" ''; matchBlocks = { # "*" = { diff --git a/hosts/binfmt.nix b/hosts/binfmt.nix index b87b097..e64d747 100644 --- a/hosts/binfmt.nix +++ b/hosts/binfmt.nix @@ -1,26 +1,33 @@ - -{ lib, inputs, outputs, pkgs, config, ... }: -# Define qemu-arm-static source. -let qemu-arm-static = pkgs.stdenv.mkDerivation { - name = "qemu-arm-static"; - src = builtins.fetchurl { - url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static"; - sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3"; - }; - dontUnpack = true; - installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static"; -}; -in { - # Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple). - boot.binfmt.registrations.arm = { - interpreter = "${qemu-arm-static}/bin/qemu-arm-static"; - magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00''; - mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff''; - }; - - # Define additional settings for nix. - nix.extraOptions = '' - extra-platforms = armv7l-linux aarch64-linux - ''; - nix.settings.extra-sandbox-paths = [ "/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static" ]; -} +{ + lib, + inputs, + outputs, + pkgs, + config, + ... +}: +# Define qemu-arm-static source. +let + qemu-arm-static = pkgs.stdenv.mkDerivation { + name = "qemu-arm-static"; + src = builtins.fetchurl { + url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static"; + sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3"; + }; + dontUnpack = true; + installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static"; + }; +in { + # Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple). + boot.binfmt.registrations.arm = { + interpreter = "${qemu-arm-static}/bin/qemu-arm-static"; + magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00''; + mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff''; + }; + + # Define additional settings for nix. + nix.extraOptions = '' + extra-platforms = armv7l-linux aarch64-linux + ''; + nix.settings.extra-sandbox-paths = ["/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static"]; +} diff --git a/hosts/common.nix b/hosts/common.nix index 0d5a911..8ef38f8 100644 --- a/hosts/common.nix +++ b/hosts/common.nix @@ -1,85 +1,85 @@ -# This file (and the global directory) holds config that i use on all hosts -{ - lib, - inputs, - outputs, - pkgs, - config, - ... -}: { - imports = - [ - inputs.home-manager.nixosModules.home-manager - inputs.sops-nix.nixosModules.sops - ] - ++ (builtins.attrValues outputs.nixosModules); - - ###dotfiles path variable - options._dotfiles = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/home-manager/dotfiles"; - description = "Path to the dotfiles in this repository"; - }; - - ###secrets path variable - options._secrets = lib.mkOption { - type = lib.types.str; - default = "/run/user/1000/secrets"; - description = "Path to the Secrets runtime"; - }; - - ###secretstore path variable - options._secretstore = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/secrets"; - description = "Path to the Secrets storage"; - }; - - config = { - system.stateVersion = "23.05"; - - sops = { - defaultSopsFile = "${config._secretstore}/host-secrets.yaml"; - age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; - }; - - home-manager = { - useUserPackages = true; - extraSpecialArgs = {inherit inputs outputs;}; - sharedModules = [ - inputs.sops-nix.homeManagerModules.sops - ]; - }; - - nixpkgs.config.allowUnfree = true; - programs.fuse.userAllowOther = true; - security.sudo.wheelNeedsPassword = false; - virtualisation.docker.enable = true; - - # nixpkgs.overlays = overlays; - # Enable nix flakes - nix.package = pkgs.nixFlakes; - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; - nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"]; - # nix.nixPath = [ "nixpkgs=pkgs.outPath" ]; - networking.search = ["node.dc1.consul" "service.dc1.consul"]; - - #services.envfs.enable = true; - environment.systemPackages = [ - pkgs.git - pkgs.home-manager - pkgs.sops - pkgs.ssh-to-age - pkgs.age - pkgs.bitwarden-cli - ]; - - nix.gc = { - automatic = true; # Enable the automatic garbage collector - dates = "03:15"; # When to run the garbage collector - options = "-d"; # Arguments to pass to nix-collect-garbage - }; - }; -} +# This file (and the global directory) holds config that i use on all hosts +{ + lib, + inputs, + outputs, + pkgs, + config, + ... +}: { + imports = [ + # inputs.home-manager.nixosModules.home-manager + inputs.sops-nix.nixosModules.sops + outputs.nixosModules + ]; + # ++ (builtins.attrValues outputs.nixosModules); + + ###dotfiles path variable + # options._dotfiles = lib.mkOption { + # type = lib.types.str; + # default = "${inputs.self}/home-manager/dotfiles"; + # description = "Path to the dotfiles in this repository"; + # }; + + ###secrets path variable + options._secrets = lib.mkOption { + type = lib.types.str; + default = "/run/user/1000/secrets"; + description = "Path to the Secrets runtime"; + }; + + ###secretstore path variable + options._secretstore = lib.mkOption { + type = lib.types.str; + default = "${inputs.self}/secrets"; + description = "Path to the Secrets storage"; + }; + + config = { + system.stateVersion = "23.05"; + + sops = { + defaultSopsFile = "${config._secretstore}/host-secrets.yaml"; + age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; + }; + + # home-manager = { + # useUserPackages = true; + # extraSpecialArgs = {inherit inputs outputs;}; + # sharedModules = [ + # inputs.sops-nix.homeManagerModules.sops + # ]; + # }; + + nixpkgs.config.allowUnfree = true; + programs.fuse.userAllowOther = true; + security.sudo.wheelNeedsPassword = false; + virtualisation.docker.enable = true; + + # nixpkgs.overlays = overlays; + # Enable nix flakes + nix.package = pkgs.nixFlakes; + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; + nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"]; + # nix.nixPath = [ "nixpkgs=pkgs.outPath" ]; + networking.search = ["node.dc1.consul" "service.dc1.consul"]; + + #services.envfs.enable = true; + environment.systemPackages = [ + pkgs.git + pkgs.home-manager + pkgs.sops + pkgs.ssh-to-age + pkgs.age + pkgs.bitwarden-cli + ]; + + nix.gc = { + automatic = true; # Enable the automatic garbage collector + dates = "03:15"; # When to run the garbage collector + options = "-d"; # Arguments to pass to nix-collect-garbage + }; + }; +} diff --git a/hosts/commonold.nix b/hosts/commonold.nix deleted file mode 100644 index 9b8b1c1..0000000 --- a/hosts/commonold.nix +++ /dev/null @@ -1,179 +0,0 @@ -<<<<<<< HEAD -# This file (and the global directory) holds config that i use on all hosts -{ - lib, - inputs, - outputs, - pkgs, - config, - ... -}: { - imports = - [ - inputs.home-manager.nixosModules.home-manager - inputs.sops-nix.nixosModules.sops - ] - ++ (builtins.attrValues outputs.nixosModules); - - ###dotfiles path variable - options._dotfiles = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/home-manager/dotfiles"; - description = "Path to the dotfiles in this repository"; - }; - - ###secrets path variable - options._secrets = lib.mkOption { - type = lib.types.str; - default = "/run/user/1000/secrets"; - description = "Path to the Secrets runtime"; - }; - - ###secretstore path variable - options._secretstore = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/secrets"; - description = "Path to the Secrets storage"; - }; - - config = { - system.stateVersion = "23.05"; - - sops = { - defaultSopsFile = "${config._secretstore}/host-secrets.yaml"; - age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; - }; - - home-manager = { - useUserPackages = true; - extraSpecialArgs = {inherit inputs outputs;}; - sharedModules = [ - inputs.sops-nix.homeManagerModules.sops - ]; - }; - - nixpkgs.config.allowUnfree = true; - programs.fuse.userAllowOther = true; - security.sudo.wheelNeedsPassword = false; - - # nixpkgs.overlays = overlays; - # Enable nix flakes - nix.package = pkgs.nixFlakes; - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; - nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"]; - # nix.nixPath = [ "nixpkgs=pkgs.outPath" ]; - networking.search = ["node.dc1.consul" "service.dc1.consul"]; - - #services.envfs.enable = true; - environment.systemPackages = [ - pkgs.git - pkgs.home-manager - pkgs.sops - pkgs.ssh-to-age - pkgs.age - pkgs.bitwarden-cli - ]; - - nix.gc = { - automatic = true; # Enable the automatic garbage collector - dates = "03:15"; # When to run the garbage collector - options = "-d"; # Arguments to pass to nix-collect-garbage - }; - }; -} -======= -# This file (and the global directory) holds config that i use on all hosts -{ lib, inputs, outputs, pkgs, config, ... }: -{ - imports = [ - inputs.home-manager.nixosModules.home-manager - inputs.sops-nix.nixosModules.sops - # ./binfmt.nix - ]++ (builtins.attrValues outputs.nixosModules); - -###dotfiles path variable - options._dotfiles = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/home-manager/dotfiles"; - description = "Path to the dotfiles in this repository"; - }; - -###secrets path variable - options._secrets = lib.mkOption { - type = lib.types.str; - default = "/run/user/1000/secrets"; - description = "Path to the Secrets runtime"; - }; - - -###secretstore path variable - options._secretstore = lib.mkOption { - type = lib.types.str; - default = "${inputs.self}/secrets"; - description = "Path to the Secrets storage"; - }; - -config = { - system.stateVersion = "23.05"; - - - sops = { - defaultSopsFile = "${config._secretstore}/host-secrets.yaml"; - age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; -}; - - - home-manager = { - useUserPackages = true; - extraSpecialArgs = { inherit inputs outputs; }; - sharedModules = [ - inputs.sops-nix.homeManagerModules.sops - ]; - }; - - nixpkgs.config.allowUnfree = true; - programs.fuse.userAllowOther = true; - security.sudo.wheelNeedsPassword = false; - - # nixpkgs.overlays = overlays; - # Enable nix flakes - nix.package = pkgs.nixFlakes; - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; -nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; -# nix.extra-platforms = aarch64-linux i686-linux; - -# nix.nixPath = [ "nixpkgs=pkgs.outPath" ]; -# boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; -boot.binfmt.emulatedSystems = ["armv7l-linux" "aarch64-linux"]; - -nix.settings.substituters = [ - "https://fbleagh.cachix.org" - "https://cache.armv7l.xyz" - "https://arm.cachix.org" - "https://thefloweringash-armv7.cachix.org" ]; -nix.settings.trusted-public-keys = [ - "fbleagh.cachix.org-1:HNgEVkx9HfKmEQdR+9IeCwqFza0k8d8fJgcYvOTVDB8=" - "cache.armv7l.xyz-1:kBY/eGnBAYiqYfg0fy0inWhshUo+pGFM3Pj7kIkmlBk=" - "arm.cachix.org-1:K3XjAeWPgWkFtSS9ge5LJSLw3xgnNqyOaG7MDecmTQ8=" - "thefloweringash-armv7.cachix.org-1:v+5yzBD2odFKeXbmC+OPWVqx4WVoIVO6UXgnSAWFtso=" -]; -nix.settings.trusted-users = [ "root" "sstent" ]; - -#services.envfs.enable = true; - environment.systemPackages = [ - pkgs.git - pkgs.home-manager - pkgs.sops - pkgs.ssh-to-age - pkgs.age - pkgs.qemu - pkgs.cachix - ]; - -}; -} ->>>>>>> dacf7df (updates) diff --git a/lib/attrs.nix b/lib/attrs.nix deleted file mode 100644 index 99c74bd..0000000 --- a/lib/attrs.nix +++ /dev/null @@ -1,24 +0,0 @@ -{lib, ...}: -with builtins; -with lib; rec { - # attrsToList - attrsToList = attrs: - mapAttrsToList (name: value: {inherit name value;}) attrs; - - # mapFilterAttrs :: - # (name -> value -> bool) - # (name -> value -> { name = any; value = any; }) - # attrs - mapFilterAttrs = pred: f: attrs: filterAttrs pred (mapAttrs' f attrs); - - # Generate an attribute set by mapping a function over a list of values. - genAttrs' = values: f: listToAttrs (map f values); - - # anyAttrs :: (name -> value -> bool) attrs - anyAttrs = pred: attrs: - any (attr: pred attr.name attr.value) (attrsToList attrs); - - # countAttrs :: (name -> value -> bool) attrs - countAttrs = pred: attrs: - count (attr: pred attr.name attr.value) (attrsToList attrs); -} diff --git a/lib/default.nix b/lib/default.nix deleted file mode 100644 index a5404c6..0000000 --- a/lib/default.nix +++ /dev/null @@ -1,37 +0,0 @@ -# {lib}: -# lib.makeExtensible (self: -# let -# callLibs = file: import file { lib = self; }; -# in -# rec { -# ## Define your own library functions here! -# #id = x: x; -# ## Or in files, containing functions that take {lib} -# map = callLibs ./map.nix; -# ## In configs, they can be used under "lib.our" -# }) -{ - inputs, - lib, - pkgs, - ... -}: let - inherit (lib) makeExtensible attrValues foldr; - inherit (modules) mapModules; - - modules = import ./modules.nix { - inherit lib; - self.attrs = import ./attrs.nix { - inherit lib; - self = {}; - }; - }; - - mylib = makeExtensible (self: - with self; - mapModules ./. - (file: import file {inherit self lib pkgs inputs;})); -in - mylib.extend - (self: super: - foldr (a: b: a // b) {} (attrValues super)) diff --git a/lib/generators.nix b/lib/generators.nix deleted file mode 100644 index 6a34e80..0000000 --- a/lib/generators.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - lib, - pkgs, - ... -}: -with builtins; -with lib; { - toCSSFile = file: let - fileName = removeSuffix ".scss" (baseNameOf file); - compiledStyles = - pkgs.runCommand "compileScssFile" - {buildInputs = [pkgs.sass];} '' - mkdir "$out" - scss --sourcemap=none \ - --no-cache \ - --style compressed \ - --default-encoding utf-8 \ - "${file}" \ - >>"$out/${fileName}.css" - ''; - in "${compiledStyles}/${fileName}.css"; - - toFilteredImage = imageFile: options: let - result = "result.png"; - filteredImage = - pkgs.runCommand "filterWallpaper" - {buildInputs = [pkgs.imagemagick];} '' - mkdir "$out" - convert ${options} ${imageFile} $out/${result} - ''; - in "${filteredImage}/${result}"; -} diff --git a/lib/modules.nix b/lib/modules.nix deleted file mode 100644 index 97f1397..0000000 --- a/lib/modules.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ - self, - lib, - ... -}: let - inherit (builtins) attrValues readDir pathExists concatLists; - inherit (lib) id mapAttrsToList filterAttrs hasPrefix hasSuffix nameValuePair removeSuffix; - inherit (self.attrs) mapFilterAttrs; -in rec { - mapModules = dir: fn: - mapFilterAttrs - (n: v: - v - != null - && !(hasPrefix "_" n)) - (n: v: let - path = "${toString dir}/${n}"; - in - if v == "directory" && pathExists "${path}/default.nix" - then nameValuePair n (fn path) - else if - v - == "regular" - && n != "default.nix" - && hasSuffix ".nix" n - then nameValuePair (removeSuffix ".nix" n) (fn path) - else nameValuePair "" null) - (readDir dir); - - mapModules' = dir: fn: - attrValues (mapModules dir fn); - - mapModulesRec = dir: fn: - mapFilterAttrs - (n: v: - v - != null - && !(hasPrefix "_" n)) - (n: v: let - path = "${toString dir}/${n}"; - in - if v == "directory" - then nameValuePair n (mapModulesRec path fn) - else if v == "regular" && n != "default.nix" && hasSuffix ".nix" n - then nameValuePair (removeSuffix ".nix" n) (fn path) - else nameValuePair "" null) - (readDir dir); - - mapModulesRec' = dir: fn: let - dirs = - mapAttrsToList - (k: _: "${dir}/${k}") - (filterAttrs - (n: v: v == "directory" && !(hasPrefix "_" n)) - (readDir dir)); - files = attrValues (mapModules dir id); - paths = files ++ concatLists (map (d: mapModulesRec' d id) dirs); - in - map fn paths; -} diff --git a/lib/nixos.nix b/lib/nixos.nix deleted file mode 100644 index 95393db..0000000 --- a/lib/nixos.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - inputs, - lib, - pkgs, - ... -}: -with lib; -with lib.my; let - sys = "x86_64-linux"; -in { - mkHost = path: attrs @ {system ? sys, ...}: - nixosSystem { - inherit system; - specialArgs = {inherit lib inputs system;}; - modules = [ - { - nixpkgs.pkgs = pkgs; - networking.hostName = mkDefault (removeSuffix ".nix" (baseNameOf path)); - } - (filterAttrs (n: v: !elem n ["system"]) attrs) - ../. # /default.nix - (import path) - ]; - }; - - mapHosts = dir: attrs @ {system ? system, ...}: - mapModules dir - (hostPath: mkHost hostPath attrs); -} diff --git a/lib/options.nix b/lib/options.nix deleted file mode 100644 index 13d3843..0000000 --- a/lib/options.nix +++ /dev/null @@ -1,16 +0,0 @@ -{lib, ...}: let - inherit (lib) mkOption types; -in rec { - mkOpt = type: default: - mkOption {inherit type default;}; - - mkOpt' = type: default: description: - mkOption {inherit type default description;}; - - mkBoolOpt = default: - mkOption { - inherit default; - type = types.bool; - example = true; - }; -} diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix new file mode 100644 index 0000000..8e1c20a --- /dev/null +++ b/modules/home-manager/default.nix @@ -0,0 +1,19 @@ +{lib, ...}: +with lib; let + # Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype + getDir = dir: + mapAttrs ( + file: type: + if type == "directory" + then getDir "${dir}/${file}" + else type + ) (builtins.readDir dir); + + # Collects all files of a directory as a list of strings of paths + files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir)); + + # Filters out directories that don't end with .nix or are this file, also makes the strings absolute + validFiles = dir: map (file: ./. + "/${file}") (filter (file: hasSuffix ".nix" file && file != "default.nix" && ! lib.hasPrefix "x/taffybar/" file) (files dir)); +in { + imports = validFiles ./.; +} diff --git a/modules/home-manager/keybase/default.nix b/modules/home-manager/keybase/default.nix deleted file mode 100644 index 9ee8509..0000000 --- a/modules/home-manager/keybase/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - pkgs, - inputs, - lib, - util, - hostName, - ... -}: -with lib; -with lib.my; let - cfg = config.custom.keybase; - username = config.home.username; - secretstore = config._secretstore; -in { - options.custom.keybase = { - enable = mkOption { - type = types.bool; - default = false; - description = "Enable KeyBase"; - }; - }; - - config = mkIf cfg.enable { - services.keybase.enable = true; - services.kbfs.enable = true; - systemd.user.services.keybase.Unit.After = ["sops-nix.service"]; - systemd.user.services.kbfs.Unit.After = ["sops-nix.service"]; - - sops = { - secrets = hm_secrets "${secretstore}/user_dotfiles/${username}@${hostName}/keybase/" "${config.xdg.configHome}/keybase/"; - }; - }; -} diff --git a/modules/home-manager/ssh-proxy/default.nix b/modules/home-manager/ssh-proxy/default.nix deleted file mode 100644 index 50a7b33..0000000 --- a/modules/home-manager/ssh-proxy/default.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - lib, - pkgs, - config, - ... -}: -with lib; let - cfg = config.custom.ssh-proxy; -in { - options.custom.ssh-proxy = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Enable ssh-proxy for WSL - ''; - }; - }; - - config = mkIf cfg.enable { - home.packages = with pkgs; [ - npiperelay - socat - ]; - - systemd.user = { - startServices = true; - - services.ssh-proxy = { - Unit = { - Description = "WSL Proxy"; - After = "sops-nix.service"; - }; - Install = {WantedBy = ["default.target"];}; - Service = { - ExecStart = "${pkgs.writeShellScript "start-proxy" '' - set -x -o xtrace # print commands - ${pkgs.coreutils}/bin/rm -f /home/sstent/.ssh/wsl-ssh-agent.sock - ${pkgs.util-linux}/bin/setsid ${pkgs.socat}/bin/socat UNIX-LISTEN:/home/sstent/.ssh/wsl-ssh-agent.sock,fork EXEC:"${pkgs.npiperelay}/bin/npiperelay.exe -ei -s //./pipe/openssh-ssh-agent",nofork - ''}"; - }; - }; - }; - }; -} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix new file mode 100644 index 0000000..8e1c20a --- /dev/null +++ b/modules/nixos/default.nix @@ -0,0 +1,19 @@ +{lib, ...}: +with lib; let + # Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype + getDir = dir: + mapAttrs ( + file: type: + if type == "directory" + then getDir "${dir}/${file}" + else type + ) (builtins.readDir dir); + + # Collects all files of a directory as a list of strings of paths + files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir)); + + # Filters out directories that don't end with .nix or are this file, also makes the strings absolute + validFiles = dir: map (file: ./. + "/${file}") (filter (file: hasSuffix ".nix" file && file != "default.nix" && ! lib.hasPrefix "x/taffybar/" file) (files dir)); +in { + imports = validFiles ./.; +} diff --git a/modules/nixos/vpn/default.nix b/modules/nixos/vpn/default.nix index 9ef2140..5024a8a 100644 --- a/modules/nixos/vpn/default.nix +++ b/modules/nixos/vpn/default.nix @@ -5,13 +5,13 @@ ... }: with lib; let - secretstore = config._secretstore; + # secretstore = config._secretstore; host = config.networking.hostName; cfg = config.custom.mullvad; secret = - if builtins.pathExists "${secretstore}/hosts/${host}/mullvad/device.json" + if builtins.pathExists "../../..//hosts/${host}/mullvad/device.json" then ./secrets.nix else {}; in { diff --git a/modules/nixos/vpn/secrets.nix b/modules/nixos/vpn/secrets.nix index cad2f7d..6e78d8a 100644 --- a/modules/nixos/vpn/secrets.nix +++ b/modules/nixos/vpn/secrets.nix @@ -5,13 +5,13 @@ ... }: with lib; let - secretstore = config._secretstore; + # secretstore = config._secretstore; host = config.networking.hostName; - secretpath = "${secretstore}/hosts/${host}/mullvad/device.json"; + # secretpath = "../../../secrets/hosts/${host}/mullvad/device.json"; in { sops.secrets.device_json = { - sopsFile = "${secretstore}/hosts/${host}/mullvad/device.json"; - device_json.format = "binary"; + sopsFile = ../../../secrets/hosts/${host}/mullvad/device.json; + format = "binary"; }; environment.etc."mullvad-vpn/device.conf".source = config.sops.secrets.device_json.path; diff --git a/pkgs/default.nix b/pkgs/default.nix deleted file mode 100644 index fd49ac3..0000000 --- a/pkgs/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -# Custom packages, that can be defined similarly to ones from nixpkgs -# You can build them using 'nix build .#example' or (legacy) 'nix-build -A example' -{pkgs ? (import ../nixpkgs.nix) {}}: { - # example = pkgs.callPackage ./example { }; - npiperelay = pkgs.callPackage ./npiperelay {}; -} diff --git a/pkgs/npiperelay/default.nix b/pkgs/npiperelay/default.nix deleted file mode 100644 index 53e54ee..0000000 --- a/pkgs/npiperelay/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - lib, - stdenv, - fetchurl, - unzip, -}: let - version = "1.6.3"; - srcs = { - x86_64-linux = fetchurl { - url = "https://github.com/jstarks/npiperelay/releases/download/v0.1.0/npiperelay_windows_amd64.zip"; - sha256 = "sha256-a572H/0XwDUHqaPVTYFdzrPa5mmsZ/w79CJdHnZM5fY="; - }; - - # aarch64-linux = fetchurl { - # url = - # "https://deconz.dresden-elektronik.de/debian/stable/deconz_${version}-debian-buster-stable_arm64.deb"; - # sha256 = "sha256-zuy4e9bzcRqDeXP6mfzZLCDK/3we25LH6xktnO6HXps="; - # }; - }; -in - stdenv.mkDerivation rec { - pname = "npiperelay"; - inherit version; - - src = srcs.${stdenv.hostPlatform.system}; - - nativeBuildInputs = [unzip]; - - #buildInputs = [ qtserialport qtwebsockets ]; - unpackPhase = '' - mkdir npiperelay-$version - cd npiperelay-$version - unzip $src - ''; - #unpackPhase = "dpkg-deb -x $src ."; - - installPhase = '' - mkdir -p $out/bin - cp npiperelay.exe $out/bin/npiperelay.exe - chmod +x $out/bin/npiperelay.exe - ''; - - meta = with lib; { - description = "Helper to interface with Windows ssh-agent.exe service from Windows Subsystem for Linux (WSL)"; - # 2019-08-19: The homepage links to old software that doesn't even work -- - # it fails to detect ConBee2. - homepage = "https://github.com/rupor-github/wsl-ssh-agent"; - license = licenses.free; - platforms = ["x86_64-linux"]; - maintainers = with maintainers; [sstent]; - }; - }