sstent/vmimages
1
0
Fork 0
mirror of https://github.com/sstent/vmimages.git synced 2026-02-14 19:32:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

new flake

Browse Source
This commit is contained in:
sstent
2023-12-01 22:42:33 +00:00
parent 5d7b023166
commit 8c0f9076d8
25 changed files with 593 additions and 1254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
configuration.nix
View File

@@ -1,119 +0,0 @@
{self, ...} @ inputs:
with inputs; let
## Variable Declaration ##
# Supported Architectures
platforms = ["x86_64-linux"];
# NixOS Version
version = readFile ./.version;
# System Libraries
inherit (self) files;
inherit (lib) eachSystem filters;
inherit (builtins) head readFile;
inherit (lib.util) build map pack;
lib = library.lib.extend (final: prev:
{
inherit (flatpak.lib) flatpak;
deploy = deploy.lib;
filters = ignore.lib // {inherit (filter.lib) filter matchExt;};
hooks = hooks.lib;
image = generators.nixosGenerate;
wine = wine.lib;
util = import ./lib {
inherit self platforms;
lib = final;
};
}
// home.lib
// utils.lib);
in
eachSystem platforms (system: let
# Default Package Channel
pkgs = self.legacyPackages."${system}";
# Package Calling Function
call = name: pkgs.callPackage name {inherit lib inputs pkgs files;};
in {
## Configuration Checks ##
checks = import ./modules/nix/checks.nix {inherit self system lib;};
## Developer Shells ##
devShells =
map.modules' ./shells (file: pkgs.mkShell (import file pkgs))
// {
default = import ./shells {inherit pkgs;};
website = import ./site/shell.nix {inherit pkgs;};
commit =
pkgs.mkShell {inherit (self.checks."${system}".commit) shellHook;};
};
## Code Formatter ##
formatter = pkgs.treefmt;
## Package Configuration ##
legacyPackages = self.channels."${system}".stable;
# Channels
channels = {
stable = (build.channel stable [] ./packages/patches)."${system}";
unstable = (build.channel unstable [nur.overlay] [])."${system}";
wine = wine.packages."${system}";
gaming = gaming.packages."${system}";
apps = {
deploy = deploy.defaultPackage."${system}";
generators = generators.defaultPackage."${system}";
};
};
# Custom Packages
# apps = map.modules ./scripts (name: lib.mkApp {drv = call name;}) // {default = self.apps."${system}".nixos;};
# packages = map.modules ./packages call // map.modules ./scripts call // {default = self.packages."${system}".dotfiles;};
})
// {
# Overrides
overlays = map.modules ./packages/overlays import;
## Custom Library Functions ##
lib = lib.util;
## Program Configuration and 'dotfiles' ##
# files = import ./files lib self.legacyPackages."${head platforms}";
## Custom Configuration Modules ##
nixosModules =
map.modules ./modules import
// {default = import ./modules {inherit version lib inputs files;};};
## Configuration Templates ##
# templates = import ./.templates lib;
## Device Configuration ##
# deploy = import ./modules/nix/deploy.nix {inherit self lib;};
# nixosConfigurations =
# map.modules ./devices (name: build.device (import name));
nixosConfigurations = {
go3-wsl = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
./hosts/WSL/go3-wsl
];
};
StuPC-WSL = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
./hosts/WSL/StuPC-WSL
];
};
};
## Virtual Machines ##
# vmConfigurations =
# map.modules ./devices/vm (name:
# import name (head platforms) inputs self.channels."${head platforms}".stable);
};
}

169
flake.lock generated
View File

@@ -1,20 +1,5 @@
{ {
"nodes": { "nodes": {
"filter": {
"locked": {
"lastModified": 1694857738,
"narHash": "sha256-bxxNyLHjhu0N8T3REINXQ2ZkJco0ABFPn6PIe2QUfqo=",
"owner": "numtide",
"repo": "nix-filter",
"rev": "41fd48e00c22b4ced525af521ead8792402de0ea",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "nix-filter",
"type": "github"
}
},
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
@@ -53,42 +38,6 @@
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_2"
}, },
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_4"
},
"locked": { "locked": {
"lastModified": 1681202837, "lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
@@ -124,62 +73,10 @@
"type": "github" "type": "github"
} }
}, },
"ignore": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1694102001,
"narHash": "sha256-vky6VPK1n1od6vXbqzOXnekrQpTL4hbPAwUhT5J9c9E=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "9e21c80adf67ebcb077d75bd5e7d724d21eeafd6",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"library": {
"locked": {
"lastModified": 1674348806,
"narHash": "sha256-hKi7sFobRQg6sJxskRFCjt/d8gR+w0ClEWZatlr2rnw=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "af5239f892ae6e1c8bb560b11ed874cebbd10696",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "nixpkgs.lib",
"rev": "af5239f892ae6e1c8bb560b11ed874cebbd10696",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1696614066,
"narHash": "sha256-nAyYhO7TCr1tikacP37O9FnGr2USOsVBD3IgvndUYjM=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "bb2db418b616fea536b1be7f6ee72fb45c11afe0",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixos-wsl": { "nixos-wsl": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
@@ -200,16 +97,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1696610053, "lastModified": 1701362232,
"narHash": "sha256-nMYt0iIt9OEdsP7XuNjwml+nweuHTWWx86f1t7Dp3FM=", "narHash": "sha256-GVdzxL0lhEadqs3hfRLuj+L1OJFGiL/L7gCcelgBlsw=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f49c3d6bb60a6317e4c5137d50299b5c93a8a64b", "rev": "d2332963662edffacfddfad59ff4f709dde80ffe",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "release-23.05", "ref": "nixos-23.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@@ -278,17 +175,11 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"filter": "filter",
"flake-utils": "flake-utils",
"home-manager": "home-manager", "home-manager": "home-manager",
"ignore": "ignore",
"library": "library",
"nixos-hardware": "nixos-hardware",
"nixos-wsl": "nixos-wsl", "nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"utils": "utils",
"vscode-server": "vscode-server" "vscode-server": "vscode-server"
} }
}, },
@@ -341,57 +232,9 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"flake-utils": "flake-utils_3"
},
"locked": {
"lastModified": 1696331477,
"narHash": "sha256-YkbRa/1wQWdWkVJ01JvV+75KIdM37UErqKgTf0L54Fk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "bfc53579db89de750b25b0c5e7af299e0c06d7d3",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"type": "github"
}
},
"vscode-server": { "vscode-server": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {

172
flake.nix
View File

@@ -3,141 +3,93 @@
inputs = { inputs = {
# Nixpkgs # Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/release-23.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
# You can access packages and modules from different nixpkgs revs
# at the same time. Here's an working example:
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Also see the 'unstable-packages' overlay at 'overlays/default.nix'. # Also see the 'unstable-packages' overlay at 'overlays/default.nix'.
# Home manager # Home manager
home-manager.url = "github:nix-community/home-manager/release-23.05"; home-manager.url = "github:nix-community/home-manager/release-23.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
# TODO: Add any other flake you might need
# hardware.url = "github:nixos/nixos-hardware";
# Shameless plug: looking for a way to nixify your themes and make
# everything match nicely? Try nix-colors!
# nix-colors.url = "github:misterio77/nix-colors";
nixos-hardware.url = "github:NixOS/nixos-hardware"; # Import nixos hardware quirks settings
# nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs";}; #import nixos-generators for building images
nixos-wsl = { nixos-wsl = {
url = "github:nix-community/nixos-wsl"; url = "github:nix-community/nixos-wsl";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
sops-nix.url = github:Mic92/sops-nix; sops-nix.url = github:Mic92/sops-nix;
flake-utils.url = "github:numtide/flake-utils";
# nix.url = "github:NixOS/nix/2.12.0";
vscode-server.url = "github:msteen/nixos-vscode-server"; vscode-server.url = "github:msteen/nixos-vscode-server";
# homeage = {url = "github:jordanisaacs/homeage"; inputs.nixpkgs.follows = "nixpkgs";};
# Nix Library Functions
library = {
type = "github";
owner = "nix-community";
repo = "nixpkgs.lib";
ref = "master";
rev = "af5239f892ae6e1c8bb560b11ed874cebbd10696";
};
# Source Filter Functions
filter.url = "github:numtide/nix-filter";
ignore = {
url = "github:hercules-ci/gitignore.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# Flake Utility Functions
utils.url = "github:gytis-ivaskevicius/flake-utils-plus";
}; };
outputs = { outputs = {
self, self,
nixpkgs, nixpkgs,
home-manager, home-manager,
nixpkgs-unstable,
... ...
} @ inputs: let } @ inputs: let
inherit (lib.my) mapModules mapModulesRec mapHosts;
inherit (self) outputs; inherit (self) outputs;
# Supported systems for your flake packages, shell, etc.
system = "x86_64-linux"; systems = [
"aarch64-linux"
mkPkgs = pkgs: extraOverlays: #"i686-linux"
import pkgs { "x86_64-linux"
inherit system; #"aarch64-darwin"
config.allowUnfree = true; # forgive me Stallman senpai #"x86_64-darwin"
overlays = extraOverlays ++ (lib.attrValues self.overlays); ];
}; # This is a function that generates an attribute by calling a function you
pkgs = mkPkgs nixpkgs [self.overlay]; # pass to it, with each system as an argument
pkgs' = mkPkgs nixpkgs-unstable []; forAllSystems = nixpkgs.lib.genAttrs systems;
lib =
nixpkgs.lib.extend
(self: super:
{
my = import ./lib {
inherit pkgs inputs outputs;
lib = self;
};
}
// home-manager.lib);
in { in {
lib = lib.my; # lib = lib.my;
packages."${system}" =
mapModules ./pkgs (p: pkgs.callPackage p {});
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
devShell."${system}" = # Your custom packages
import ./shell.nix {inherit pkgs;}; # Accessible through 'nix build', 'nix shell', etc
##packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
overlay = final: prev: { # Formatter for your nix files, available through 'nix fmt'
#unstable = pkgs'; # Other options beside 'alejandra' include 'nixpkgs-fmt'
my = self.packages."${system}"; formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
};
# Your custom packages and modifications, exported as overlays
overlays = import ./overlays {inherit inputs;}; overlays = import ./overlays {inherit inputs;};
# Output all modules in ./modules to flake. Modules should be in # Reusable nixos modules you might want to export
# individual subdirectories and contain a default.nix file # These are usually stuff you would upstream into nixpkgs
nixosModules = builtins.listToAttrs (map nixosModules = import ./modules/nixos;
(x: {
name = x;
value = import (./modules/nixos + "/${x}");
})
(builtins.attrNames (builtins.readDir ./modules/nixos)));
##import our HM modules # Reusable home-manager modules you might want to export
## -- imported in ./home-manger/general # These are usually stuff you would upstream into home-manager
homeManagerModules = import ./modules/home-manager;
homeManagerModules = builtins.listToAttrs (map
(name: {
inherit name;
value = import (./modules/home-manager + "/${name}");
})
(builtins.attrNames (builtins.readDir ./modules/home-manager)));
# nixosConfigurations =
# mapHosts ./hosts {};
# NixOS configuration entrypoint # NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname' # Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = { nixosConfigurations = {
go3-wsl = nixpkgs.lib.nixosSystem { # FIXME replace with your hostname
specialArgs = {
inherit inputs outputs lib;
hostName = "go3-wsl";
};
modules = [
./hosts/go3-wsl
];
};
StuPC-WSL = nixpkgs.lib.nixosSystem { StuPC-WSL = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
inherit inputs outputs lib; inherit inputs outputs;
hostName = "StuPC"; hostName = "StuPC";
}; };
modules = [ modules = [
./hosts/StuPC-WSL ./hosts/StuPC-WSL
# home-manager
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.sstent = import ./home-manager/users/sstent;
home-manager.sharedModules = [
inputs.sops-nix.homeManagerModules.sops
];
}
];
};
your-hostname = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
modules = [
# > Our main nixos configuration file <
./nixos/configuration.nix
]; ];
}; };
}; };
@@ -146,30 +98,12 @@
# Available through 'home-manager --flake .#your-username@your-hostname' # Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = { homeConfigurations = {
# FIXME replace with your username@hostname # FIXME replace with your username@hostname
"sstent@go3-wsl" = home-manager.lib.homeManagerConfiguration { "your-username@your-hostname" = home-manager.lib.homeManagerConfiguration {
# pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance
pkgs = pkgs; extraSpecialArgs = {inherit inputs outputs;};
extraSpecialArgs = {
inherit inputs outputs lib;
hostName = "go3-wsl";
};
modules = [ modules = [
# > Our main home-manager configuration file < # > Our main home-manager configuration file <
./home-manager/users/sstent ./home-manager/home.nix
inputs.sops-nix.homeManagerModules.sops
];
};
"sstent@StuPC-WSL" = home-manager.lib.homeManagerConfiguration {
# pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance
pkgs = pkgs;
extraSpecialArgs = {
inherit inputs outputs lib;
hostName = "StuPC-WSL";
};
modules = [
# > Our main home-manager configuration file <
./home-manager/users/sstent
inputs.sops-nix.homeManagerModules.sops
]; ];
}; };
}; };

177
flake.nixold Normal file
View File

@@ -0,0 +1,177 @@
{
description = "Your new nix config";
inputs = {
# Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/release-23.05";
# You can access packages and modules from different nixpkgs revs
# at the same time. Here's an working example:
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Also see the 'unstable-packages' overlay at 'overlays/default.nix'.
# Home manager
home-manager.url = "github:nix-community/home-manager/release-23.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
# TODO: Add any other flake you might need
# hardware.url = "github:nixos/nixos-hardware";
# Shameless plug: looking for a way to nixify your themes and make
# everything match nicely? Try nix-colors!
# nix-colors.url = "github:misterio77/nix-colors";
nixos-hardware.url = "github:NixOS/nixos-hardware"; # Import nixos hardware quirks settings
# nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs";}; #import nixos-generators for building images
nixos-wsl = {
url = "github:nix-community/nixos-wsl";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix.url = github:Mic92/sops-nix;
flake-utils.url = "github:numtide/flake-utils";
# nix.url = "github:NixOS/nix/2.12.0";
vscode-server.url = "github:msteen/nixos-vscode-server";
# homeage = {url = "github:jordanisaacs/homeage"; inputs.nixpkgs.follows = "nixpkgs";};
# Nix Library Functions
library = {
type = "github";
owner = "nix-community";
repo = "nixpkgs.lib";
ref = "master";
rev = "af5239f892ae6e1c8bb560b11ed874cebbd10696";
};
# Source Filter Functions
filter.url = "github:numtide/nix-filter";
ignore = {
url = "github:hercules-ci/gitignore.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# Flake Utility Functions
utils.url = "github:gytis-ivaskevicius/flake-utils-plus";
};
outputs = {
self,
nixpkgs,
home-manager,
nixpkgs-unstable,
...
} @ inputs: let
inherit (lib.my) mapModules mapModulesRec mapHosts;
inherit (self) outputs;
system = "x86_64-linux";
mkPkgs = pkgs: extraOverlays:
import pkgs {
inherit system;
config.allowUnfree = true; # forgive me Stallman senpai
overlays = extraOverlays ++ (lib.attrValues self.overlays);
};
pkgs = mkPkgs nixpkgs [self.overlay];
pkgs' = mkPkgs nixpkgs-unstable [];
lib =
nixpkgs.lib.extend
(self: super:
{
my = import ./lib {
inherit pkgs inputs outputs;
lib = self;
};
}
// home-manager.lib);
in {
lib = lib.my;
packages."${system}" =
mapModules ./pkgs (p: pkgs.callPackage p {});
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
devShell."${system}" =
import ./shell.nix {inherit pkgs;};
overlay = final: prev: {
#unstable = pkgs';
my = self.packages."${system}";
};
overlays = import ./overlays {inherit inputs;};
# Output all modules in ./modules to flake. Modules should be in
# individual subdirectories and contain a default.nix file
nixosModules = builtins.listToAttrs (map
(x: {
name = x;
value = import (./modules/nixos + "/${x}");
})
(builtins.attrNames (builtins.readDir ./modules/nixos)));
##import our HM modules
## -- imported in ./home-manger/general
homeManagerModules = builtins.listToAttrs (map
(name: {
inherit name;
value = import (./modules/home-manager + "/${name}");
})
(builtins.attrNames (builtins.readDir ./modules/home-manager)));
# nixosConfigurations =
# mapHosts ./hosts {};
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = {
go3-wsl = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs outputs lib;
hostName = "go3-wsl";
};
modules = [
./hosts/go3-wsl
];
};
StuPC-WSL = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs outputs lib;
hostName = "StuPC";
};
modules = [
./hosts/StuPC-WSL
];
};
};
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {
# FIXME replace with your username@hostname
"sstent@go3-wsl" = home-manager.lib.homeManagerConfiguration {
# pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance
pkgs = pkgs;
extraSpecialArgs = {
inherit inputs outputs lib;
hostName = "go3-wsl";
};
modules = [
# > Our main home-manager configuration file <
./home-manager/users/sstent
inputs.sops-nix.homeManagerModules.sops
];
};
"sstent@StuPC-WSL" = home-manager.lib.homeManagerConfiguration {
# pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance
pkgs = pkgs;
extraSpecialArgs = {
inherit inputs outputs lib;
hostName = "StuPC-WSL";
};
modules = [
# > Our main home-manager configuration file <
./home-manager/users/sstent
inputs.sops-nix.homeManagerModules.sops
];
};
};
};
}

59
home-manager/global.nix
View File

@@ -11,48 +11,29 @@
# ./beets.nix # ./beets.nix
# ./keybase.nix # ./keybase.nix
"${inputs.vscode-server}/modules/vscode-server/home.nix" "${inputs.vscode-server}/modules/vscode-server/home.nix"
] outputs.homeManagerModules
++ (builtins.attrValues outputs.homeManagerModules); ];
# ++ (builtins.attrValues outputs.homeManagerModules);
###dotfiles path variable
options._dotfiles = lib.mkOption { # config = {
type = lib.types.str; # nixpkgs = {
default = "${inputs.self}/home-manager/dotfiles"; # overlays = builtins.attrValues outputs.overlays;
description = "Path to the dotfiles in this repository"; # config = {
}; # allowUnfree = true;
# allowUnfreePredicate = _: true;
# };
# };
###secrets path variable # nix = {
options._secrets = lib.mkOption { # package = lib.mkDefault pkgs.nix;
type = lib.types.str; # settings = {
default = "/run/user/1000/secrets/"; # experimental-features = ["nix-command" "flakes" "repl-flake"];
description = "Path to the Secrets runtime"; # warn-dirty = false;
}; # };
# };
###secretstore path variable # ##VSCode
options._secretstore = lib.mkOption {
type = lib.types.str;
default = "${inputs.self}/secrets/";
description = "Path to the Secrets storage";
};
config = {
nixpkgs = {
overlays = builtins.attrValues outputs.overlays;
config = {
allowUnfree = true;
allowUnfreePredicate = _: true;
};
};
nix = {
package = lib.mkDefault pkgs.nix;
settings = {
experimental-features = ["nix-command" "flakes" "repl-flake"];
warn-dirty = false;
};
};
##VSCode
services.vscode-server.enable = true; services.vscode-server.enable = true;
services.vscode-server.enableFHS = true; services.vscode-server.enableFHS = true;
services.vscode-server.nodejsPackage = pkgs.nodejs-18_x; services.vscode-server.nodejsPackage = pkgs.nodejs-18_x;

0
lib/hm_secrets.nix → home-manager/lib/hm_secrets.nix
View File

333
modules/home-manager/beets/default.nix → home-manager/users/sstent/beets.nix
View File

@@ -1,172 +1,161 @@
{ {
config, inputs,
pkgs, lib,
lib, pkgs,
... config,
}: outputs,
with lib; let ...
cfg = config.custom.beets; }: {
in { home.packages = [
options.custom.beets = { pkgs.ffmpeg # for replaygain
enable = mkOption { ];
type = types.bool;
default = false; sops = {
description = "Enable Beets"; secrets.discogs_json = {
}; path = "${config.xdg.configHome}/beets/discogs_token.json";
}; };
};
config = mkIf cfg.enable { programs.beets = {
home.packages = [ enable = true;
pkgs.ffmpeg # for replaygain settings = {
]; album_fields = {
artist_grouping = ''
sops = { albumartist_dev = ["devin townsend", "devin townsend project","punky brüster","strapping young lad"]
secrets.discogs_json = { DevinFolder = "_Devin Townsend Projects"
path = "${config.xdg.configHome}/beets/discogs_token.json"; if albumartist.lower() in albumartist_dev:
}; return DevinFolder
}; albumartist_les = ["primus", "les claypool","les claypool and the holy mackerel","les claypools duo de twang","oysterhead","colonel claypools bucket of bernie brains","the les claypool frog brigade","the claypool lennon delirium"]
programs.beets = { LesFolder = "_Les Claypool Projects"
enable = true; if albumartist.lower() in albumartist_les:
settings = { return LesFolder
album_fields = { '';
artist_grouping = '' atype = ''
albumartist_dev = ["devin townsend", "devin townsend project","punky brüster","strapping young lad"] atypes = ['EP', 'Single','Live']
DevinFolder = "_Devin Townsend Projects" for atype in atypes:
if albumartist.lower() in albumartist_dev: if atype.lower() == albumtype.lower():
return DevinFolder return f' [{atype}]'
albumartist_les = ["primus", "les claypool","les claypool and the holy mackerel","les claypools duo de twang","oysterhead","colonel claypools bucket of bernie brains","the les claypool frog brigade","the claypool lennon delirium"] '';
LesFolder = "_Les Claypool Projects" first_artist = "albumartist.split(', ',1)[0:1][0]";
if albumartist.lower() in albumartist_les: };
return LesFolder albumtypes = {
''; bracket = "[]";
atype = '' ignore_va = "compilation";
atypes = ['EP', 'Single','Live'] types = [
for atype in atypes: {ep = "EP";}
if atype.lower() == albumtype.lower(): {single = "Single";}
return f' [{atype}]' {soundtrack = "OST";}
''; {live = "Live";}
first_artist = "albumartist.split(', ',1)[0:1][0]"; {compilation = "Anthology";}
}; {remix = "Remix";}
albumtypes = { ];
bracket = "[]"; };
ignore_va = "compilation"; aunique = {
types = [ bracket = "[]";
{ep = "EP";} disambiguators = "media";
{single = "Single";} keys = "albumartist album";
{soundtrack = "OST";} };
{live = "Live";} copyartifacts = {extensions = ".cue .log .jpg .jpeg .png .txt";};
{compilation = "Anthology";} directory = "/mnt/q/CleanMusic/";
{remix = "Remix";} embedart = {auto = true;};
]; extrafiles = {
}; paths = {
aunique = { artworkdir = "$albumpath/Artwork";
bracket = "[]"; "ext:cue" = "$albumpath/$disc_folder/Data/";
disambiguators = "media"; "ext:jpg" = "$albumpath/$disc_folder/";
keys = "albumartist album"; "ext:log" = "$albumpath/$disc_folder/Data/";
}; };
copyartifacts = {extensions = ".cue .log .jpg .jpeg .png .txt";}; patterns = {
directory = "/mnt/q/CleanMusic/"; all = "*.*";
embedart = {auto = true;}; artworkdir = ["[sS]cans/" "[aA]rtwork/" "[aA]rt/" "[cC]over/"];
extrafiles = { };
paths = { };
artworkdir = "$albumpath/Artwork"; fetchart = {
"ext:cue" = "$albumpath/$disc_folder/Data/"; auto = true;
"ext:jpg" = "$albumpath/$disc_folder/"; sources = "filesystem coverart itunes amazon albumart fanarttv";
"ext:log" = "$albumpath/$disc_folder/Data/"; };
}; import = {
patterns = { autotag = true;
all = "*.*"; bell = false;
artworkdir = ["[sS]cans/" "[aA]rtwork/" "[aA]rt/" "[cC]over/"]; copy = true;
}; languages = "en";
}; log = "~/.config/beets/beet.log";
fetchart = { move = false;
auto = true; write = true;
sources = "filesystem coverart itunes amazon albumart fanarttv"; };
}; item_fields = {
import = { isMultidisc = "1 if disctotal > 1 else 0";
autotag = true; myBitDepth = "('' if bitdepth != 24 else '[24bit - '+ media + ']')";
bell = false; myDisc = "('' if disctotal <= 1 else str(disc) + ' - ')";
copy = true; mySongartist = "artist + ' - ' if artist != albumartist and artist != '' else ''";
languages = "en"; };
log = "~/.config/beets/beet.log"; library = "~/musiclibrary.db";
move = false; match = {
write = true; max_rec = {
}; album = "strong";
item_fields = { album_id = "strong";
isMultidisc = "1 if disctotal > 1 else 0"; albumdisambig = "strong";
myBitDepth = "('' if bitdepth != 24 else '[24bit - '+ media + ']')"; artist = "strong";
myDisc = "('' if disctotal <= 1 else str(disc) + ' - ')"; catalognum = "strong";
mySongartist = "artist + ' - ' if artist != albumartist and artist != '' else ''"; country = "strong";
}; label = "strong";
library = "~/musiclibrary.db"; media = "strong";
match = { mediums = "strong";
max_rec = { missing_tracks = "medium";
album = "strong"; source = "strong";
album_id = "strong"; track_artist = "strong";
albumdisambig = "strong"; track_id = "strong";
artist = "strong"; track_index = "strong";
catalognum = "strong"; track_length = "strong";
country = "strong"; track_title = "strong";
label = "strong"; tracks = "strong";
media = "strong"; unmatched_tracks = "medium";
mediums = "strong"; year = "strong";
missing_tracks = "medium"; };
source = "strong"; strong_rec_thresh = 5.0e-2;
track_artist = "strong"; };
track_id = "strong"; missing = {
track_index = "strong"; format_album = "$albumartist: ($year) $album $albumtype $atype";
track_length = "strong"; format_item = "$albumartist - $album [$albumtype]$atype: $track/$tracktotal $title";
track_title = "strong"; };
tracks = "strong"; musicbrainz = {
unmatched_tracks = "medium"; pass = "7ANCLPczDNFn6Sf65vdZ";
year = "strong"; user = "shapechecker";
}; };
strong_rec_thresh = 5.0e-2; original_date = true;
}; paths = {
missing = { "albumtype:soundtrack" = "Soundtracks/$albumartist - $album%aunique{} ($year)/$myDisc$track - $artist - $title";
format_album = "$albumartist: ($year) $album $albumtype $atype"; comp = "Compilations/$albumartist/($year) $album%aunique{}/$myDisc$track - $artist - $title";
format_item = "$albumartist - $album [$albumtype]$atype: $track/$tracktotal $title"; default = "%if{$artist_grouping,$artist_grouping/}$first_artist/$year - $album $atype%aunique{media}[%upper{$format}$bitdepth]%if{$media,[$media]}/%if{$isMultidisc,$disc - }$track - $mySongartist$title";
}; };
musicbrainz = { per_disc_numbering = true;
pass = "7ANCLPczDNFn6Sf65vdZ"; plugins = [
user = "shapechecker"; "albumtypes"
}; "duplicates"
original_date = true; "fetchart"
paths = { "rewrite"
"albumtype:soundtrack" = "Soundtracks/$albumartist - $album%aunique{} ($year)/$myDisc$track - $artist - $title"; "missing"
comp = "Compilations/$albumartist/($year) $album%aunique{}/$myDisc$track - $artist - $title"; "chroma"
default = "%if{$artist_grouping,$artist_grouping/}$first_artist/$year - $album $atype%aunique{media}[%upper{$format}$bitdepth]%if{$media,[$media]}/%if{$isMultidisc,$disc - }$track - $mySongartist$title"; "embedart"
}; "inline"
per_disc_numbering = true; "discogs"
plugins = [ "mbcollection"
"albumtypes" "replaygain"
"duplicates" "info"
"fetchart" ];
"rewrite" replaygain = {
"missing" backend = "ffmpeg";
"chroma" };
"embedart" rewrite = {
"inline" "artist Björk & Tríó Guðmundar Ingólfssonar" = "Björk";
"discogs" "artist Brant Bjork and The Low Desert Punk Band" = "Brant Bjork";
"mbcollection" "artist King Gizzard & The Lizard Wizard with Mild High Club" = "King Gizzard & The Lizard Wizard";
"replaygain" "artist Kyuss _ Queens of the Stone Age" = "Kyuss";
"info" "artist Professor Elemental & Tom Caruana" = "Professor Elemental";
]; "artist Resin Dogs Feat Spikey Tee" = "Resin Dogs";
replaygain = { "artist Sepultura _ Exodus" = "Sepultura";
backend = "ffmpeg"; "artist The Knife in collaboration with Mount Sims and Planningtorock" = "The Knife";
}; "artist Unida _ Dozer" = "Unida";
rewrite = { };
"artist Björk & Tríó Guðmundar Ingólfssonar" = "Björk"; };
"artist Brant Bjork and The Low Desert Punk Band" = "Brant Bjork"; };
"artist King Gizzard & The Lizard Wizard with Mild High Club" = "King Gizzard & The Lizard Wizard"; }
"artist Kyuss _ Queens of the Stone Age" = "Kyuss";
"artist Professor Elemental & Tom Caruana" = "Professor Elemental";
"artist Resin Dogs Feat Spikey Tee" = "Resin Dogs";
"artist Sepultura _ Exodus" = "Sepultura";
"artist The Knife in collaboration with Mount Sims and Planningtorock" = "The Knife";
"artist Unida _ Dozer" = "Unida";
};
};
};
};
}

25
home-manager/users/sstent/default.nix
View File

@@ -8,7 +8,10 @@
... ...
}: { }: {
imports = [ imports = [
../../global.nix # # ../../global.nix
# # outputs.homeManagerModules
./beets.nix
]; ];
home.username = "sstent"; home.username = "sstent";
home.homeDirectory = "/home/sstent"; home.homeDirectory = "/home/sstent";
@@ -16,10 +19,10 @@
sops = { sops = {
age.sshKeyPaths = ["/home/sstent/.ssh/id_ed25519"]; age.sshKeyPaths = ["/home/sstent/.ssh/id_ed25519"];
defaultSopsFile = "${config._secretstore}/user-secrets.yaml"; defaultSopsFile = ../../../secrets/user-secrets.yaml;
secrets = { secrets = {
mrconfig = { mrconfig = {
sopsFile = "${config._secretstore}/user_dotfiles/mrconfig"; sopsFile = ../../../secrets/user_dotfiles/mrconfig;
format = "binary"; format = "binary";
path = "${config.home.homeDirectory}/.mrconfig"; path = "${config.home.homeDirectory}/.mrconfig";
}; };
@@ -58,11 +61,11 @@
gnumake gnumake
]; ];
custom = { # custom = {
ssh-proxy.enable = false; # # ssh-proxy.enable = false;
beets.enable = true; # beets.enable = true;
keybase.enable = true; # # keybase.enable = true;
}; # };
# home.file.".mrconfig".source = config.lib.file.mkOutOfStoreSymlink "${config._secrets}/mrconfig"; # home.file.".mrconfig".source = config.lib.file.mkOutOfStoreSymlink "${config._secrets}/mrconfig";
programs = { programs = {
@@ -104,9 +107,9 @@
ssh = { ssh = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''
StrictHostKeyChecking no StrictHostKeyChecking no
UpdateHostKeys yes UpdateHostKeys yes
identityFile = "~/.ssh/id_rsa" identityFile = "~/.ssh/id_rsa"
''; '';
matchBlocks = { matchBlocks = {
# "*" = { # "*" = {

59
hosts/binfmt.nix
View File

@@ -1,26 +1,33 @@
{
{ lib, inputs, outputs, pkgs, config, ... }: lib,
# Define qemu-arm-static source. inputs,
let qemu-arm-static = pkgs.stdenv.mkDerivation { outputs,
name = "qemu-arm-static"; pkgs,
src = builtins.fetchurl { config,
url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static"; ...
sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3"; }:
}; # Define qemu-arm-static source.
dontUnpack = true; let
installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static"; qemu-arm-static = pkgs.stdenv.mkDerivation {
}; name = "qemu-arm-static";
in { src = builtins.fetchurl {
# Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple). url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static";
boot.binfmt.registrations.arm = { sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3";
interpreter = "${qemu-arm-static}/bin/qemu-arm-static"; };
magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00''; dontUnpack = true;
mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff''; installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static";
}; };
in {
# Define additional settings for nix. # Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple).
nix.extraOptions = '' boot.binfmt.registrations.arm = {
extra-platforms = armv7l-linux aarch64-linux interpreter = "${qemu-arm-static}/bin/qemu-arm-static";
''; magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00'';
nix.settings.extra-sandbox-paths = [ "/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static" ]; mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff'';
} };
# Define additional settings for nix.
nix.extraOptions = ''
extra-platforms = armv7l-linux aarch64-linux
'';
nix.settings.extra-sandbox-paths = ["/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static"];
}

170
hosts/common.nix
View File

@@ -1,85 +1,85 @@
# This file (and the global directory) holds config that i use on all hosts # This file (and the global directory) holds config that i use on all hosts
{ {
lib, lib,
inputs, inputs,
outputs, outputs,
pkgs, pkgs,
config, config,
... ...
}: { }: {
imports = imports = [
[ # inputs.home-manager.nixosModules.home-manager
inputs.home-manager.nixosModules.home-manager inputs.sops-nix.nixosModules.sops
inputs.sops-nix.nixosModules.sops outputs.nixosModules
] ];
++ (builtins.attrValues outputs.nixosModules); # ++ (builtins.attrValues outputs.nixosModules);
###dotfiles path variable ###dotfiles path variable
options._dotfiles = lib.mkOption { # options._dotfiles = lib.mkOption {
type = lib.types.str; # type = lib.types.str;
default = "${inputs.self}/home-manager/dotfiles"; # default = "${inputs.self}/home-manager/dotfiles";
description = "Path to the dotfiles in this repository"; # description = "Path to the dotfiles in this repository";
}; # };
###secrets path variable ###secrets path variable
options._secrets = lib.mkOption { options._secrets = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = "/run/user/1000/secrets"; default = "/run/user/1000/secrets";
description = "Path to the Secrets runtime"; description = "Path to the Secrets runtime";
}; };
###secretstore path variable ###secretstore path variable
options._secretstore = lib.mkOption { options._secretstore = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = "${inputs.self}/secrets"; default = "${inputs.self}/secrets";
description = "Path to the Secrets storage"; description = "Path to the Secrets storage";
}; };
config = { config = {
system.stateVersion = "23.05"; system.stateVersion = "23.05";
sops = { sops = {
defaultSopsFile = "${config._secretstore}/host-secrets.yaml"; defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
}; };
home-manager = { # home-manager = {
useUserPackages = true; # useUserPackages = true;
extraSpecialArgs = {inherit inputs outputs;}; # extraSpecialArgs = {inherit inputs outputs;};
sharedModules = [ # sharedModules = [
inputs.sops-nix.homeManagerModules.sops # inputs.sops-nix.homeManagerModules.sops
]; # ];
}; # };
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
programs.fuse.userAllowOther = true; programs.fuse.userAllowOther = true;
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
# nixpkgs.overlays = overlays; # nixpkgs.overlays = overlays;
# Enable nix flakes # Enable nix flakes
nix.package = pkgs.nixFlakes; nix.package = pkgs.nixFlakes;
nix.extraOptions = '' nix.extraOptions = ''
experimental-features = nix-command flakes experimental-features = nix-command flakes
''; '';
nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"]; nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"];
# nix.nixPath = [ "nixpkgs=pkgs.outPath" ]; # nix.nixPath = [ "nixpkgs=pkgs.outPath" ];
networking.search = ["node.dc1.consul" "service.dc1.consul"]; networking.search = ["node.dc1.consul" "service.dc1.consul"];
#services.envfs.enable = true; #services.envfs.enable = true;
environment.systemPackages = [ environment.systemPackages = [
pkgs.git pkgs.git
pkgs.home-manager pkgs.home-manager
pkgs.sops pkgs.sops
pkgs.ssh-to-age pkgs.ssh-to-age
pkgs.age pkgs.age
pkgs.bitwarden-cli pkgs.bitwarden-cli
]; ];
nix.gc = { nix.gc = {
automatic = true; # Enable the automatic garbage collector automatic = true; # Enable the automatic garbage collector
dates = "03:15"; # When to run the garbage collector dates = "03:15"; # When to run the garbage collector
options = "-d"; # Arguments to pass to nix-collect-garbage options = "-d"; # Arguments to pass to nix-collect-garbage
}; };
}; };
} }

179
hosts/commonold.nix
View File

@@ -1,179 +0,0 @@
<<<<<<< HEAD
# This file (and the global directory) holds config that i use on all hosts
{
lib,
inputs,
outputs,
pkgs,
config,
...
}: {
imports =
[
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
]
++ (builtins.attrValues outputs.nixosModules);
###dotfiles path variable
options._dotfiles = lib.mkOption {
type = lib.types.str;
default = "${inputs.self}/home-manager/dotfiles";
description = "Path to the dotfiles in this repository";
};
###secrets path variable
options._secrets = lib.mkOption {
type = lib.types.str;
default = "/run/user/1000/secrets";
description = "Path to the Secrets runtime";
};
###secretstore path variable
options._secretstore = lib.mkOption {
type = lib.types.str;
default = "${inputs.self}/secrets";
description = "Path to the Secrets storage";
};
config = {
system.stateVersion = "23.05";
sops = {
defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
};
home-manager = {
useUserPackages = true;
extraSpecialArgs = {inherit inputs outputs;};
sharedModules = [
inputs.sops-nix.homeManagerModules.sops
];
};
nixpkgs.config.allowUnfree = true;
programs.fuse.userAllowOther = true;
security.sudo.wheelNeedsPassword = false;
# nixpkgs.overlays = overlays;
# Enable nix flakes
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"];
# nix.nixPath = [ "nixpkgs=pkgs.outPath" ];
networking.search = ["node.dc1.consul" "service.dc1.consul"];
#services.envfs.enable = true;
environment.systemPackages = [
pkgs.git
pkgs.home-manager
pkgs.sops
pkgs.ssh-to-age
pkgs.age
pkgs.bitwarden-cli
];
nix.gc = {
automatic = true; # Enable the automatic garbage collector
dates = "03:15"; # When to run the garbage collector
options = "-d"; # Arguments to pass to nix-collect-garbage
};
};
}
=======
# This file (and the global directory) holds config that i use on all hosts
{ lib, inputs, outputs, pkgs, config, ... }:
{
imports = [
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
# ./binfmt.nix
]++ (builtins.attrValues outputs.nixosModules);
###dotfiles path variable
options._dotfiles = lib.mkOption {
type = lib.types.str;
default = "${inputs.self}/home-manager/dotfiles";
description = "Path to the dotfiles in this repository";
};
###secrets path variable
options._secrets = lib.mkOption {
type = lib.types.str;
default = "/run/user/1000/secrets";
description = "Path to the Secrets runtime";
};
###secretstore path variable
options._secretstore = lib.mkOption {
type = lib.types.str;
default = "${inputs.self}/secrets";
description = "Path to the Secrets storage";
};
config = {
system.stateVersion = "23.05";
sops = {
defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
};
home-manager = {
useUserPackages = true;
extraSpecialArgs = { inherit inputs outputs; };
sharedModules = [
inputs.sops-nix.homeManagerModules.sops
];
};
nixpkgs.config.allowUnfree = true;
programs.fuse.userAllowOther = true;
security.sudo.wheelNeedsPassword = false;
# nixpkgs.overlays = overlays;
# Enable nix flakes
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
# nix.extra-platforms = aarch64-linux i686-linux;
# nix.nixPath = [ "nixpkgs=pkgs.outPath" ];
# boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
boot.binfmt.emulatedSystems = ["armv7l-linux" "aarch64-linux"];
nix.settings.substituters = [
"https://fbleagh.cachix.org"
"https://cache.armv7l.xyz"
"https://arm.cachix.org"
"https://thefloweringash-armv7.cachix.org" ];
nix.settings.trusted-public-keys = [
"fbleagh.cachix.org-1:HNgEVkx9HfKmEQdR+9IeCwqFza0k8d8fJgcYvOTVDB8="
"cache.armv7l.xyz-1:kBY/eGnBAYiqYfg0fy0inWhshUo+pGFM3Pj7kIkmlBk="
"arm.cachix.org-1:K3XjAeWPgWkFtSS9ge5LJSLw3xgnNqyOaG7MDecmTQ8="
"thefloweringash-armv7.cachix.org-1:v+5yzBD2odFKeXbmC+OPWVqx4WVoIVO6UXgnSAWFtso="
];
nix.settings.trusted-users = [ "root" "sstent" ];
#services.envfs.enable = true;
environment.systemPackages = [
pkgs.git
pkgs.home-manager
pkgs.sops
pkgs.ssh-to-age
pkgs.age
pkgs.qemu
pkgs.cachix
];
};
}
>>>>>>> dacf7df (updates)

24
lib/attrs.nix
View File

@@ -1,24 +0,0 @@
{lib, ...}:
with builtins;
with lib; rec {
# attrsToList
attrsToList = attrs:
mapAttrsToList (name: value: {inherit name value;}) attrs;
# mapFilterAttrs ::
# (name -> value -> bool)
# (name -> value -> { name = any; value = any; })
# attrs
mapFilterAttrs = pred: f: attrs: filterAttrs pred (mapAttrs' f attrs);
# Generate an attribute set by mapping a function over a list of values.
genAttrs' = values: f: listToAttrs (map f values);
# anyAttrs :: (name -> value -> bool) attrs
anyAttrs = pred: attrs:
any (attr: pred attr.name attr.value) (attrsToList attrs);
# countAttrs :: (name -> value -> bool) attrs
countAttrs = pred: attrs:
count (attr: pred attr.name attr.value) (attrsToList attrs);
}

37
lib/default.nix
View File

@@ -1,37 +0,0 @@
# {lib}:
# lib.makeExtensible (self:
# let
# callLibs = file: import file { lib = self; };
# in
# rec {
# ## Define your own library functions here!
# #id = x: x;
# ## Or in files, containing functions that take {lib}
# map = callLibs ./map.nix;
# ## In configs, they can be used under "lib.our"
# })
{
inputs,
lib,
pkgs,
...
}: let
inherit (lib) makeExtensible attrValues foldr;
inherit (modules) mapModules;
modules = import ./modules.nix {
inherit lib;
self.attrs = import ./attrs.nix {
inherit lib;
self = {};
};
};
mylib = makeExtensible (self:
with self;
mapModules ./.
(file: import file {inherit self lib pkgs inputs;}));
in
mylib.extend
(self: super:
foldr (a: b: a // b) {} (attrValues super))

32
lib/generators.nix
View File

@@ -1,32 +0,0 @@
{
lib,
pkgs,
...
}:
with builtins;
with lib; {
toCSSFile = file: let
fileName = removeSuffix ".scss" (baseNameOf file);
compiledStyles =
pkgs.runCommand "compileScssFile"
{buildInputs = [pkgs.sass];} ''
mkdir "$out"
scss --sourcemap=none \
--no-cache \
--style compressed \
--default-encoding utf-8 \
"${file}" \
>>"$out/${fileName}.css"
'';
in "${compiledStyles}/${fileName}.css";
toFilteredImage = imageFile: options: let
result = "result.png";
filteredImage =
pkgs.runCommand "filterWallpaper"
{buildInputs = [pkgs.imagemagick];} ''
mkdir "$out"
convert ${options} ${imageFile} $out/${result}
'';
in "${filteredImage}/${result}";
}

60
lib/modules.nix
View File

@@ -1,60 +0,0 @@
{
self,
lib,
...
}: let
inherit (builtins) attrValues readDir pathExists concatLists;
inherit (lib) id mapAttrsToList filterAttrs hasPrefix hasSuffix nameValuePair removeSuffix;
inherit (self.attrs) mapFilterAttrs;
in rec {
mapModules = dir: fn:
mapFilterAttrs
(n: v:
v
!= null
&& !(hasPrefix "_" n))
(n: v: let
path = "${toString dir}/${n}";
in
if v == "directory" && pathExists "${path}/default.nix"
then nameValuePair n (fn path)
else if
v
== "regular"
&& n != "default.nix"
&& hasSuffix ".nix" n
then nameValuePair (removeSuffix ".nix" n) (fn path)
else nameValuePair "" null)
(readDir dir);
mapModules' = dir: fn:
attrValues (mapModules dir fn);
mapModulesRec = dir: fn:
mapFilterAttrs
(n: v:
v
!= null
&& !(hasPrefix "_" n))
(n: v: let
path = "${toString dir}/${n}";
in
if v == "directory"
then nameValuePair n (mapModulesRec path fn)
else if v == "regular" && n != "default.nix" && hasSuffix ".nix" n
then nameValuePair (removeSuffix ".nix" n) (fn path)
else nameValuePair "" null)
(readDir dir);
mapModulesRec' = dir: fn: let
dirs =
mapAttrsToList
(k: _: "${dir}/${k}")
(filterAttrs
(n: v: v == "directory" && !(hasPrefix "_" n))
(readDir dir));
files = attrValues (mapModules dir id);
paths = files ++ concatLists (map (d: mapModulesRec' d id) dirs);
in
map fn paths;
}

29
lib/nixos.nix
View File

@@ -1,29 +0,0 @@
{
inputs,
lib,
pkgs,
...
}:
with lib;
with lib.my; let
sys = "x86_64-linux";
in {
mkHost = path: attrs @ {system ? sys, ...}:
nixosSystem {
inherit system;
specialArgs = {inherit lib inputs system;};
modules = [
{
nixpkgs.pkgs = pkgs;
networking.hostName = mkDefault (removeSuffix ".nix" (baseNameOf path));
}
(filterAttrs (n: v: !elem n ["system"]) attrs)
../. # /default.nix
(import path)
];
};
mapHosts = dir: attrs @ {system ? system, ...}:
mapModules dir
(hostPath: mkHost hostPath attrs);
}

16
lib/options.nix
View File

@@ -1,16 +0,0 @@
{lib, ...}: let
inherit (lib) mkOption types;
in rec {
mkOpt = type: default:
mkOption {inherit type default;};
mkOpt' = type: default: description:
mkOption {inherit type default description;};
mkBoolOpt = default:
mkOption {
inherit default;
type = types.bool;
example = true;
};
}

19
modules/home-manager/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{lib, ...}:
with lib; let
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
getDir = dir:
mapAttrs (
file: type:
if type == "directory"
then getDir "${dir}/${file}"
else type
) (builtins.readDir dir);
# Collects all files of a directory as a list of strings of paths
files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
# Filters out directories that don't end with .nix or are this file, also makes the strings absolute
validFiles = dir: map (file: ./. + "/${file}") (filter (file: hasSuffix ".nix" file && file != "default.nix" && ! lib.hasPrefix "x/taffybar/" file) (files dir));
in {
imports = validFiles ./.;
}

34
modules/home-manager/keybase/default.nix
View File

@@ -1,34 +0,0 @@
{
config,
pkgs,
inputs,
lib,
util,
hostName,
...
}:
with lib;
with lib.my; let
cfg = config.custom.keybase;
username = config.home.username;
secretstore = config._secretstore;
in {
options.custom.keybase = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable KeyBase";
};
};
config = mkIf cfg.enable {
services.keybase.enable = true;
services.kbfs.enable = true;
systemd.user.services.keybase.Unit.After = ["sops-nix.service"];
systemd.user.services.kbfs.Unit.After = ["sops-nix.service"];
sops = {
secrets = hm_secrets "${secretstore}/user_dotfiles/${username}@${hostName}/keybase/" "${config.xdg.configHome}/keybase/";
};
};
}

45
modules/home-manager/ssh-proxy/default.nix
View File

@@ -1,45 +0,0 @@
{
lib,
pkgs,
config,
...
}:
with lib; let
cfg = config.custom.ssh-proxy;
in {
options.custom.ssh-proxy = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Enable ssh-proxy for WSL
'';
};
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
npiperelay
socat
];
systemd.user = {
startServices = true;
services.ssh-proxy = {
Unit = {
Description = "WSL Proxy";
After = "sops-nix.service";
};
Install = {WantedBy = ["default.target"];};
Service = {
ExecStart = "${pkgs.writeShellScript "start-proxy" ''
set -x -o xtrace # print commands
${pkgs.coreutils}/bin/rm -f /home/sstent/.ssh/wsl-ssh-agent.sock
${pkgs.util-linux}/bin/setsid ${pkgs.socat}/bin/socat UNIX-LISTEN:/home/sstent/.ssh/wsl-ssh-agent.sock,fork EXEC:"${pkgs.npiperelay}/bin/npiperelay.exe -ei -s //./pipe/openssh-ssh-agent",nofork
''}";
};
};
};
};
}

19
modules/nixos/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{lib, ...}:
with lib; let
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
getDir = dir:
mapAttrs (
file: type:
if type == "directory"
then getDir "${dir}/${file}"
else type
) (builtins.readDir dir);
# Collects all files of a directory as a list of strings of paths
files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
# Filters out directories that don't end with .nix or are this file, also makes the strings absolute
validFiles = dir: map (file: ./. + "/${file}") (filter (file: hasSuffix ".nix" file && file != "default.nix" && ! lib.hasPrefix "x/taffybar/" file) (files dir));
in {
imports = validFiles ./.;
}

4
modules/nixos/vpn/default.nix
View File

@@ -5,13 +5,13 @@
... ...
}: }:
with lib; let with lib; let
secretstore = config._secretstore; # secretstore = config._secretstore;
host = config.networking.hostName; host = config.networking.hostName;
cfg = config.custom.mullvad; cfg = config.custom.mullvad;
secret = secret =
if builtins.pathExists "${secretstore}/hosts/${host}/mullvad/device.json" if builtins.pathExists "../../..//hosts/${host}/mullvad/device.json"
then ./secrets.nix then ./secrets.nix
else {}; else {};
in { in {

8
modules/nixos/vpn/secrets.nix
View File

@@ -5,13 +5,13 @@
... ...
}: }:
with lib; let with lib; let
secretstore = config._secretstore; # secretstore = config._secretstore;
host = config.networking.hostName; host = config.networking.hostName;
secretpath = "${secretstore}/hosts/${host}/mullvad/device.json"; # secretpath = "../../../secrets/hosts/${host}/mullvad/device.json";
in { in {
sops.secrets.device_json = { sops.secrets.device_json = {
sopsFile = "${secretstore}/hosts/${host}/mullvad/device.json"; sopsFile = ../../../secrets/hosts/${host}/mullvad/device.json;
device_json.format = "binary"; format = "binary";
}; };
environment.etc."mullvad-vpn/device.conf".source = config.sops.secrets.device_json.path; environment.etc."mullvad-vpn/device.conf".source = config.sops.secrets.device_json.path;

6
pkgs/default.nix
View File

@@ -1,6 +0,0 @@
# Custom packages, that can be defined similarly to ones from nixpkgs
# You can build them using 'nix build .#example' or (legacy) 'nix-build -A example'
{pkgs ? (import ../nixpkgs.nix) {}}: {
# example = pkgs.callPackage ./example { };
npiperelay = pkgs.callPackage ./npiperelay {};
}

52
pkgs/npiperelay/default.nix
View File

@@ -1,52 +0,0 @@
{
lib,
stdenv,
fetchurl,
unzip,
}: let
version = "1.6.3";
srcs = {
x86_64-linux = fetchurl {
url = "https://github.com/jstarks/npiperelay/releases/download/v0.1.0/npiperelay_windows_amd64.zip";
sha256 = "sha256-a572H/0XwDUHqaPVTYFdzrPa5mmsZ/w79CJdHnZM5fY=";
};
# aarch64-linux = fetchurl {
# url =
# "https://deconz.dresden-elektronik.de/debian/stable/deconz_${version}-debian-buster-stable_arm64.deb";
# sha256 = "sha256-zuy4e9bzcRqDeXP6mfzZLCDK/3we25LH6xktnO6HXps=";
# };
};
in
stdenv.mkDerivation rec {
pname = "npiperelay";
inherit version;
src = srcs.${stdenv.hostPlatform.system};
nativeBuildInputs = [unzip];
#buildInputs = [ qtserialport qtwebsockets ];
unpackPhase = ''
mkdir npiperelay-$version
cd npiperelay-$version
unzip $src
'';
#unpackPhase = "dpkg-deb -x $src .";
installPhase = ''
mkdir -p $out/bin
cp npiperelay.exe $out/bin/npiperelay.exe
chmod +x $out/bin/npiperelay.exe
'';
meta = with lib; {
description = "Helper to interface with Windows ssh-agent.exe service from Windows Subsystem for Linux (WSL)";
# 2019-08-19: The homepage links to old software that doesn't even work --
# it fails to detect ConBee2.
homepage = "https://github.com/rupor-github/wsl-ssh-agent";
license = licenses.free;
platforms = ["x86_64-linux"];
maintainers = with maintainers; [sstent];
};
}