diff --git a/SwarselSystems.org b/SwarselSystems.org index 7843339..3d74d82 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -803,7 +803,6 @@ My work machine. Built for more security, this is the gold standard of my config { self, inputs, lib, primaryUser, ... }: let secretsDirectory = builtins.toString inputs.nix-secrets; - modulesPath = "${self}/modules"; sharedOptions = { isBtrfs = true; isLinux = true; @@ -823,24 +822,6 @@ My work machine. Built for more security, this is the gold standard of my config ./disk-config.nix ./hardware-configuration.nix - "${modulesPath}/nixos/optional/virtualbox.nix" - # "${modulesPath}/nixos/optional/vmware.nix" - "${modulesPath}/nixos/optional/autologin.nix" - "${modulesPath}/nixos/optional/nswitch-rcm.nix" - "${modulesPath}/nixos/optional/gaming.nix" - "${modulesPath}/nixos/optional/work.nix" - "${self}/profiles/nixos" - "${modulesPath}/nixos/server" - - inputs.home-manager.nixosModules.home-manager - { - home-manager.users."${primaryUser}".imports = [ - "${self}/profiles/home" - "${modulesPath}/home/server" - "${modulesPath}/home/optional/gaming.nix" - "${modulesPath}/home/optional/work.nix" - ]; - } ]; @@ -1217,24 +1198,20 @@ This is my main server that I run at home. It handles most tasks that require bi :CUSTOM_ID: h:8ad68406-4a75-45ba-97ad-4c310b921124 :END: #+begin_src nix :tangle hosts/nixos/winters/default.nix - { self, inputs, primaryUser, ... }: + { lib, primaryUser, ... }: let - modulesPath = "${self}/modules"; + sharedOptions = { + isBtrfs = false; + isLinux = true; + profiles = { + server.local = true; + }; + }; in { imports = [ ./hardware-configuration.nix - - "${modulesPath}/nixos/optional/autologin.nix" - "${modulesPath}/nixos/server" - - inputs.home-manager.nixosModules.home-manager - { - home-manager.users."${primaryUser}".imports = [ - "${modulesPath}/home/server" - ]; - } ]; boot = { @@ -1250,27 +1227,21 @@ This is my main server that I run at home. It handles most tasks that require bi firewall.allowedTCPPorts = [ 80 443 ]; }; - swarselsystems = { - isImpermanence = false; - isBtrfs = false; - isLinux = true; - server = { - kavita = true; - navidrome = true; - jellyfin = true; - spotifyd = true; - mpd = false; - matrix = true; - nextcloud = true; - immich = true; - paperless = true; - transmission = true; - syncthing = true; - monitoring = true; - freshrss = true; - }; - }; + swarselsystems = lib.recursiveUpdate + { + isImpermanence = false; + isSecureBoot = true; + isCrypted = true; + } + sharedOptions; + + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { } + sharedOptions; + }; } @@ -1441,25 +1412,16 @@ This machine mainly acts as an external sync helper. It manages the following th All of these are processes that use little cpu but can take a lot of storage. For this I use a free Ampere instance from OCI with 50G of space. In case my account gets terminated, all of this data is easily replaceable or backed up regularly anyways. #+begin_src nix :tangle hosts/nixos/sync/default.nix - { self, inputs, lib, primaryUser, ... }: + { lib, primaryUser, ... }: let - modulesPath = "${self}/modules"; + sharedOptions = { + isBtrfs = false; + isLinux = true; + }; in { imports = [ - - "${modulesPath}/nixos/server" - "${modulesPath}/nixos/common/sharedsetup.nix" - "${modulesPath}/home/common/sharedsetup.nix" ./hardware-configuration.nix - - inputs.home-manager.nixosModules.home-manager - { - home-manager.users."${primaryUser}".imports = [ - "${modulesPath}/home/server" - "${modulesPath}/home/common/sharedsetup.nix" - ]; - } ]; sops = { @@ -1494,7 +1456,7 @@ This machine mainly acts as an external sync helper. It manages the following th }; }; - # system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change + system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change services = { nginx = { @@ -1523,16 +1485,23 @@ This machine mainly acts as an external sync helper. It manages the following th }; }; + swarselsystems = lib.recursiveUpdate + { + flakePath = "/root/.dotfiles"; + isImpermanence = false; + isSecureBoot = false; + isCrypted = false; + profiles = { + server.sync = true; + }; + } + sharedOptions; - swarselsystems = { - isImpermanence = false; - isLinux = true; - isBtrfs = false; - flakePath = "/root/.dotfiles"; - modules.server = { - forgejo = true; - ankisync = true; - }; + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { } + sharedOptions; }; } @@ -1560,35 +1529,27 @@ This is a slim setup for developing base configuration. I do not track the hardw sharedOptions = { isBtrfs = true; isLinux = true; + profiles = { + toto = true; + }; }; in { imports = [ - "${self}/hosts/nixos/toto/disk-config.nix" + ./disk-config.nix ./hardware-configuration.nix - "${modulesPath}/nixos/optional/autologin.nix" - "${modulesPath}/nixos/common/settings.nix" "${modulesPath}/nixos/common/sharedsetup.nix" - "${modulesPath}/nixos/common/home-manager.nix" - "${modulesPath}/nixos/common/home-manager-extra.nix" - "${modulesPath}/nixos/common/xserver.nix" - "${modulesPath}/nixos/common/users.nix" - "${modulesPath}/nixos/common/impermanence.nix" - "${modulesPath}/nixos/common/lanzaboote.nix" - "${modulesPath}/nixos/common/sops.nix" - "${modulesPath}/nixos/server/ssh.nix" "${modulesPath}/home/common/sharedsetup.nix" + "${self}/profiles/nixos" inputs.home-manager.nixosModules.home-manager { home-manager.users."${primaryUser}".imports = [ inputs.sops-nix.homeManagerModules.sops - "${modulesPath}/home/common/settings.nix" - "${modulesPath}/home/common/sops.nix" - "${modulesPath}/home/common/ssh.nix" "${modulesPath}/home/common/sharedsetup.nix" + "${self}/profiles/home" ]; } ]; @@ -1632,13 +1593,15 @@ This is a slim setup for developing base configuration. I do not track the hardw } sharedOptions; - home-manager.users."${primaryUser}".swarselsystems = lib.recursiveUpdate - { - isLaptop = false; - isNixos = true; - } - sharedOptions; - + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { + isLaptop = false; + isNixos = true; + } + sharedOptions; + }; } @@ -1830,12 +1793,16 @@ Also, an initial bash history is provided to allow for a very quick local deploy } ]; - home-manager.users."${primaryUser}".home = { - file = { - ".bash_history" = { - source = self + /programs/bash/.bash_history; + home-manager.users."${primaryUser}" = { + home = { + stateVersion = "23.05"; + file = { + ".bash_history" = { + source = self + /programs/bash/.bash_history; + }; }; }; + swarselsystems.modules.general = lib.mkForce true; }; home-manager.users.root.home = { stateVersion = "23.05"; @@ -1981,12 +1948,19 @@ This is the "reference implementation" of a setup that runs without NixOS, only This is just a demo host. It applies all the configuration found in the common parts of the flake, but disables all secrets-related features (as they would not work without the proper SSH keys). I also set the =WLR_RENDERER_ALLOW_SOFTWARE=1= to allow this configuration to run in a virtualized environment. I also enable =qemuGuest= for a smoother experience when testing on QEMU. - +***** Main configuration #+begin_src nix :tangle hosts/nixos/chaostheatre/default.nix - { self, config, pkgs, lib, primaryUser, ... }: + { self, inputs, config, pkgs, lib, primaryUser, ... }: let - modulesPath = "${self}/modules"; + sharedOptions = { + isBtrfs = false; + isLinux = true; + isPublic = true; + profiles = { + chaostheatre = true; + }; + }; in { @@ -1996,7 +1970,15 @@ I also set the =WLR_RENDERER_ALLOW_SOFTWARE=1= to allow this configuration to ru { _module.args.diskDevice = config.swarselsystems.rootDisk; } - "${modulesPath}/nixos/optional/autologin.nix" + "${self}/hosts/nixos/chaostheatre/options.nix" + inputs.home-manager.nixosModules.home-manager + { + home-manager.users."${primaryUser}".imports = [ + "${self}/modules/home/common/settings.nix" + "${self}/hosts/nixos/chaostheatre/options-home.nix" + "${self}/modules/home/common/sharedsetup.nix" + ]; + } ]; environment.variables = { @@ -2017,28 +1999,50 @@ I also set the =WLR_RENDERER_ALLOW_SOFTWARE=1= to allow this configuration to ru }; - swarselsystems = { - wallpaper = self + /wallpaper/lenovowp.png; - initialSetup = true; - isPublic = true; - isLinux = true; - isImpermanence = true; - isCrypted = true; - isSecureBoot = false; - isSwap = true; - swapSize = "4G"; - rootDisk = "/dev/vda"; - }; + swarselsystems = lib.recursiveUpdate + { + wallpaper = self + /wallpaper/lenovowp.png; + initialSetup = true; + isImpermanence = true; + isCrypted = true; + isSecureBoot = false; + isSwap = true; + swapSize = "4G"; + rootDisk = "/dev/vda"; + } + sharedOptions; - home-manager.users."${primaryUser}".swarselsystems = { - isNixos = true; - isPublic = true; + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { + isNixos = true; + } + sharedOptions; }; } #+end_src +***** NixOS dummy options configuration + +#+begin_src nix :tangle hosts/nixos/chaostheatre/options.nix + _: + { + } + +#+end_src + +***** home-manager dummy options configuration + +#+begin_src nix :tangle hosts/nixos/chaostheatre/options-home.nix + _: + { + } + +#+end_src + ** Additions and modifications :PROPERTIES: :CUSTOM_ID: h:ab272ab4-3c93-48b1-8f1e-f710aa9aae5d @@ -3163,189 +3167,221 @@ This program sets up a new NixOS host remotely. It also takes care of secret man :CUSTOM_ID: h:fbd8aaf2-9dca-4ca3-aca1-19d0d188a435 :END: +Autoformatting always puts the =EOF= with indentation, which makes shfmt check fail. When editing this block, unindent them manually. + #+begin_src shell :tangle scripts/swarsel-install.sh - set -eo pipefail +set -eo pipefail - target_config="chaostheatre" - target_hostname="chaostheatre" - target_user="swarsel" - persist_dir="" - target_disk="/dev/vda" - disk_encryption=0 +target_config="chaostheatre" +target_hostname="chaostheatre" +target_user="swarsel" +persist_dir="" +target_disk="/dev/vda" +disk_encryption=0 - function help_and_exit() { - echo - echo "Locally installs SwarselSystem on this machine." - echo - echo "USAGE: $0 -n -d [OPTIONS]" - echo - echo "ARGS:" - echo " -n specify the nixos config to deploy." - echo " Default: chaostheatre" - echo " -d specify disk to install on." - echo " Default: /dev/vda" - echo " -u specify user to deploy for." - echo " Default: swarsel" - echo " -h | --help Print this help." - exit 0 - } +function help_and_exit() { + echo + echo "Locally installs SwarselSystem on this machine." + echo + echo "USAGE: $0 -n -d [OPTIONS]" + echo + echo "ARGS:" + echo " -n specify the nixos config to deploy." + echo " Default: chaostheatre" + echo " -d specify disk to install on." + echo " Default: /dev/vda" + echo " -u specify user to deploy for." + echo " Default: swarsel" + echo " -h | --help Print this help." + exit 0 +} - function red() { - echo -e "\x1B[31m[!] $1 \x1B[0m" - if [ -n "${2-}" ]; then - echo -e "\x1B[31m[!] $($2) \x1B[0m" - fi - } - function green() { - echo -e "\x1B[32m[+] $1 \x1B[0m" - if [ -n "${2-}" ]; then - echo -e "\x1B[32m[+] $($2) \x1B[0m" - fi - } - function yellow() { - echo -e "\x1B[33m[*] $1 \x1B[0m" - if [ -n "${2-}" ]; then - echo -e "\x1B[33m[*] $($2) \x1B[0m" - fi - } +function red() { + echo -e "\x1B[31m[!] $1 \x1B[0m" + if [ -n "${2-}" ]; then + echo -e "\x1B[31m[!] $($2) \x1B[0m" + fi +} +function green() { + echo -e "\x1B[32m[+] $1 \x1B[0m" + if [ -n "${2-}" ]; then + echo -e "\x1B[32m[+] $($2) \x1B[0m" + fi +} +function yellow() { + echo -e "\x1B[33m[*] $1 \x1B[0m" + if [ -n "${2-}" ]; then + echo -e "\x1B[33m[*] $($2) \x1B[0m" + fi +} - while [[ $# -gt 0 ]]; do - case "$1" in - -n) - shift - target_config=$1 - target_hostname=$1 - ;; - -u) - shift - target_user=$1 - ;; - -d) - shift - target_disk=$1 - ;; - -h | --help) help_and_exit ;; - ,*) - echo "Invalid option detected." - help_and_exit - ;; - esac - shift - done +while [[ $# -gt 0 ]]; do + case "$1" in + -n) + shift + target_config=$1 + target_hostname=$1 + ;; + -u) + shift + target_user=$1 + ;; + -d) + shift + target_disk=$1 + ;; + -h | --help) help_and_exit ;; + ,*) + echo "Invalid option detected." + help_and_exit + ;; + esac + shift +done - function cleanup() { - sudo rm -rf .cache/nix - sudo rm -rf /root/.cache/nix - } - trap cleanup exit +function cleanup() { + sudo rm -rf .cache/nix + sudo rm -rf /root/.cache/nix +} +trap cleanup exit - green "~SwarselSystems~ local installer" +green "~SwarselSystems~ local installer" - cd /home/"$target_user" +cd /home/"$target_user" - sudo rm -rf /root/.cache/nix - sudo rm -rf .cache/nix - sudo rm -rf .dotfiles +sudo rm -rf /root/.cache/nix +sudo rm -rf .cache/nix +sudo rm -rf .dotfiles - green "Cloning repository from GitHub" - git clone https://github.com/Swarsel/.dotfiles.git +green "Cloning repository from GitHub" +git clone https://github.com/Swarsel/.dotfiles.git - local_keys=$(ssh-add -L || true) - pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/keys/ssh/yubikey.pub) - read -ra pub_arr <<< "$pub_key" +local_keys=$(ssh-add -L || true) +pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/keys/ssh/yubikey.pub) +read -ra pub_arr <<< "$pub_key" - cd .dotfiles - if [[ $local_keys != *"${pub_arr[1]}"* ]]; then - yellow "The ssh key for this configuration is not available." - green "Adjusting flake.nix so that the configuration is buildable ..." - sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix - sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix - sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix - rm modules/home/common/env.nix - rm modules/home/common/gammastep.nix - rm modules/home/common/git.nix - rm modules/home/common/mail.nix - rm modules/home/common/yubikey.nix - rm modules/nixos/common/home-manager-extra.nix - nix flake update vbc-nix - git add . - else - green "Valid SSH key found! Continuing with installation" - fi +cd .dotfiles +if [[ $local_keys != *"${pub_arr[1]}"* ]]; then + yellow "The ssh key for this configuration is not available." + green "Adjusting flake.nix so that the configuration is buildable ..." + sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix + sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix + sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix + rm modules/home/common/env.nix + rm modules/home/common/gammastep.nix + rm modules/home/common/git.nix + rm modules/home/common/mail.nix + rm modules/home/common/yubikey.nix + rm modules/nixos/common/home-manager-extra.nix + rm -rf modules/nixos/server + rm -rf modules/home/server + cat > hosts/nixos/chaostheatre/options.nix << EOF + { self, lib, ... }: + { + options = { + swarselsystems = { + modules = { + home-managerExtra = lib.mkEnableOption "dummy option for chaostheatre"; + }; + }; + }; + } +EOF + cat > hosts/nixos/chaostheatre/options-home.nix << EOF + { self, lib, ... }: + { + options = { + swarselsystems = { + modules = { + yubikey = lib.mkEnableOption "dummy option for chaostheatre"; + env = lib.mkEnableOption "dummy option for chaostheatre"; + git = lib.mkEnableOption "dummy option for chaostheatre"; + mail = lib.mkEnableOption "dummy option for chaostheatre"; + gammastep = lib.mkEnableOption "dummy option for chaostheatre"; + }; + }; + }; + } +EOF + nix flake update vbc-nix + git add . +else + green "Valid SSH key found! Continuing with installation" +fi - green "Reading system information for $target_config ..." - DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)" - green "Root Disk in config: $DISK - Root Disk passed in cli: $target_disk" +green "Reading system information for $target_config ..." +DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)" +green "Root Disk in config: $DISK - Root Disk passed in cli: $target_disk" - CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)" - if [[ $CRYPTED == "true" ]]; then - green "Encryption: ✓" - disk_encryption=1 - else - red "Encryption: X" - disk_encryption=0 - fi +CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)" +if [[ $CRYPTED == "true" ]]; then + green "Encryption: ✓" + disk_encryption=1 +else + red "Encryption: X" + disk_encryption=0 +fi - IMPERMANENCE="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isImpermanence)" - if [[ $IMPERMANENCE == "true" ]]; then - green "Impermanence: ✓" - persist_dir="/persist" - else - red "Impermanence: X" - persist_dir="" - fi +IMPERMANENCE="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isImpermanence)" +if [[ $IMPERMANENCE == "true" ]]; then + green "Impermanence: ✓" + persist_dir="/persist" +else + red "Impermanence: X" + persist_dir="" +fi - SWAP="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSwap)" - if [[ $SWAP == "true" ]]; then - green "Swap: ✓" - else - red "Swap: X" - fi +SWAP="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSwap)" +if [[ $SWAP == "true" ]]; then + green "Swap: ✓" +else + red "Swap: X" +fi - SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSecureBoot)" - if [[ $SECUREBOOT == "true" ]]; then - green "Secure Boot: ✓" - else - red "Secure Boot: X" - fi +SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSecureBoot)" +if [[ $SECUREBOOT == "true" ]]; then + green "Secure Boot: ✓" +else + red "Secure Boot: X" +fi - if [ "$disk_encryption" -eq 1 ]; then - while true; do - green "Set disk encryption passphrase:" - read -rs luks_passphrase - green "Please confirm passphrase:" - read -rs luks_passphrase_confirm - if [[ $luks_passphrase == "$luks_passphrase_confirm" ]]; then - echo "$luks_passphrase" > /tmp/disko-password - break - else - red "Passwords do not match" - fi - done - fi +if [ "$disk_encryption" -eq 1 ]; then + while true; do + green "Set disk encryption passphrase:" + read -rs luks_passphrase + green "Please confirm passphrase:" + read -rs luks_passphrase_confirm + if [[ $luks_passphrase == "$luks_passphrase_confirm" ]]; then + echo "$luks_passphrase" > /tmp/disko-password + break + else + red "Passwords do not match" + fi + done +fi - green "Setting up disk ..." - if [[ $target_config == "chaostheatre" ]]; then - sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/v1.10.0 -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks --arg diskDevice "$target_disk" - else - sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks - fi - sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/ - sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/ - sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user" +green "Setting up disk ..." +if [[ $target_config == "chaostheatre" ]]; then + sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/v1.10.0 -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks --arg diskDevice "$target_disk" +else + sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks +fi +sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/ +sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/ +sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user" - green "Generating hardware configuration ..." - sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/ +green "Generating hardware configuration ..." +sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/ - green "Injecting initialSetup ..." - sudo sed -i '/ boot.extraModulePackages /a \ swarselsystems.initialSetup = true;' /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix +green "Injecting initialSetup ..." +sudo sed -i '/ boot.extraModulePackages /a \ swarselsystems.initialSetup = true;' /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix - git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix - sudo mkdir -p /root/.local/share/nix/ - printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | sudo tee /root/.local/share/nix/trusted-settings.json > /dev/null - green "Installing flake $target_config" - sudo nixos-install --flake .#"$target_config" - green "Installation finished! Reboot to see changes" +git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix +sudo mkdir -p /root/.local/share/nix/ +printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | sudo tee /root/.local/share/nix/trusted-settings.json > /dev/null +green "Installing flake $target_config" +sudo nixos-install --flake .#"$target_config" +green "Installation finished! Reboot to see changes" #+end_src @@ -3907,6 +3943,97 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a #+end_src +***** Chaostheatre + +#+begin_src nix :tangle profiles/nixos/chaostheatre/default.nix :mkdirp yes + { lib, config, ... }: + { + options.swarselsystems.profiles.chaostheatre = lib.mkEnableOption "is this a chaostheatre host"; + config = lib.mkIf config.swarselsystems.profiles.chaostheatre { + swarselsystems.modules = { + packages = lib.mkDefault true; + general = lib.mkDefault true; + home-manager = lib.mkDefault true; + home-managerExtra = lib.mkDefault false; + xserver = lib.mkDefault true; + users = lib.mkDefault true; + env = lib.mkDefault true; + security = lib.mkDefault true; + gc = lib.mkDefault true; + storeOptimize = lib.mkDefault true; + systemdTimeout = lib.mkDefault true; + hardware = lib.mkDefault true; + pulseaudio = lib.mkDefault true; + pipewire = lib.mkDefault true; + network = lib.mkDefault true; + time = lib.mkDefault true; + commonSops = lib.mkDefault true; + stylix = lib.mkDefault true; + programs = lib.mkDefault true; + zsh = lib.mkDefault true; + syncthing = lib.mkDefault true; + blueman = lib.mkDefault true; + networkDevices = lib.mkDefault true; + gvfs = lib.mkDefault true; + interceptionTools = lib.mkDefault true; + ppd = lib.mkDefault true; + yubikey = lib.mkDefault true; + ledger = lib.mkDefault true; + keyboards = lib.mkDefault true; + login = lib.mkDefault true; + nix-ld = lib.mkDefault true; + impermanence = lib.mkDefault true; + nvd = lib.mkDefault true; + gnome-keyring = lib.mkDefault true; + sway = lib.mkDefault true; + xdg-portal = lib.mkDefault true; + distrobox = lib.mkDefault true; + appimage = lib.mkDefault true; + lid = lib.mkDefault true; + lowBattery = lib.mkDefault true; + lanzaboote = lib.mkDefault true; + + optional = { + autologin = lib.mkDefault true; + }; + }; + + }; + + } + +#+end_src + +***** toto + +#+begin_src nix :tangle profiles/nixos/toto/default.nix :mkdirp yes + { lib, config, ... }: + { + options.swarselsystems.profiles.toto = lib.mkEnableOption "is this a toto (setup) host"; + config = lib.mkIf config.swarselsystems.profiles.toto { + swarselsystems.modules = { + general = lib.mkDefault true; + home-manager = lib.mkDefault true; + home-managerExtra = lib.mkDefault true; + xserver = lib.mkDefault true; + users = lib.mkDefault true; + commonSops = lib.mkDefault true; + impermanence = lib.mkDefault true; + lanzaboote = lib.mkDefault true; + server = { + ssh = lib.mkDefault true; + }; + optional = { + autologin = lib.mkDefault true; + }; + }; + + }; + + } + +#+end_src + ***** Work #+begin_src nix :tangle profiles/nixos/work/default.nix :mkdirp yes @@ -3935,6 +4062,7 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a config = lib.mkIf config.swarselsystems.profiles.server.local { swarselsystems = { modules = { + general = lib.mkDefault true; nix-ld = lib.mkDefault true; home-manager = lib.mkDefault true; home-managerExtra = lib.mkDefault true; @@ -3981,6 +4109,7 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a config = lib.mkIf config.swarselsystems.profiles.server.sync { swarselsystems = { modules = { + general = lib.mkDefault true; nix-ld = lib.mkDefault true; home-manager = lib.mkDefault true; home-managerExtra = lib.mkDefault true; @@ -4077,6 +4206,74 @@ This holds modules that are to be used on most hosts. These are also the most im #+end_src +***** Chaostheatre + +#+begin_src nix :tangle profiles/home/chaostheatre/default.nix :mkdirp yes + { lib, config, ... }: + { + options.swarselsystems.profiles.chaostheatre = lib.mkEnableOption "is this a chaostheatre host"; + config = lib.mkIf config.swarselsystems.profiles.chaostheatre { + swarselsystems.modules = { + packages = lib.mkDefault true; + ownpackages = lib.mkDefault true; + general = lib.mkDefault true; + nixgl = lib.mkDefault true; + sops = lib.mkDefault true; + yubikey = lib.mkDefault false; + ssh = lib.mkDefault true; + stylix = lib.mkDefault true; + desktop = lib.mkDefault true; + symlink = lib.mkDefault true; + env = lib.mkDefault false; + programs = lib.mkDefault true; + nix-index = lib.mkDefault true; + direnv = lib.mkDefault true; + eza = lib.mkDefault true; + git = lib.mkDefault false; + fuzzel = lib.mkDefault true; + starship = lib.mkDefault true; + kitty = lib.mkDefault true; + zsh = lib.mkDefault true; + zellij = lib.mkDefault true; + tmux = lib.mkDefault true; + mail = lib.mkDefault false; + emacs = lib.mkDefault true; + waybar = lib.mkDefault true; + firefox = lib.mkDefault true; + gnome-keyring = lib.mkDefault true; + kdeconnect = lib.mkDefault true; + mako = lib.mkDefault true; + swayosd = lib.mkDefault true; + yubikeytouch = lib.mkDefault true; + sway = lib.mkDefault true; + kanshi = lib.mkDefault true; + gpgagent = lib.mkDefault true; + gammastep = lib.mkDefault false; + }; + }; + + } + +#+end_src + +***** toto + +#+begin_src nix :tangle profiles/home/toto/default.nix :mkdirp yes + { lib, config, ... }: + { + options.swarselsystems.profiles.toto = lib.mkEnableOption "is this a toto (setup) host"; + config = lib.mkIf config.swarselsystems.profiles.toto { + swarselsystems.modules = { + general = lib.mkDefault true; + sops = lib.mkDefault true; + ssh = lib.mkDefault true; + }; + }; + + } + +#+end_src + ***** Work #+begin_src nix :tangle profiles/home/work/default.nix :mkdirp yes @@ -4205,38 +4402,41 @@ TODO _module.args.primaryUser = linuxUser; } ] ++ - (if (host == "toto" || host == "iso") then [ ] else + (if (host == "iso") then [ ] else ([ # put nixos imports here that are for all servers and normal hosts inputs.nix-topology.nixosModules.default - ] ++ - (if (host == "winters" || host == "sync") then [ ] else [ - # put nixos imports here that are for all normal hosts "${self}/modules/${type}/common" inputs.stylix.nixosModules.stylix inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm - ]) ++ (if (type == "nixos") then [ + ] ++ (if (type == "nixos") then [ inputs.home-manager.nixosModules.home-manager + "${self}/profiles/nixos" + "${self}/modules/nixos/server" + "${self}/modules/nixos/optional" { - home-manager.users."${linuxUser}".imports = ( - if (host == "winters" || host == "sync") then [ ] else [ - # put home-manager imports here that are for all normal hosts - "${self}/modules/home/common" - ] - ) ++ [ - # put home-manager imports here that are for all servers and normal hosts + home-manager.users."${linuxUser}".imports = [ + # put home-manager imports here that are for all normal hosts inputs.sops-nix.homeManagerModules.sops inputs.nix-index-database.hmModules.nix-index + "${self}/modules/home/common" + "${self}/modules/home/server" + "${self}/modules/home/optional" + "${self}/profiles/home" ]; } ] else [ # put nixos imports here that are for darwin hosts "${self}/modules/darwin/nixos/common" + "${self}/profiles/darwin" inputs.home-manager.darwinModules.home-manager { home-manager.users."${macUser}".imports = [ # put home-manager imports here that are for darwin hosts "${self}/modules/darwin/home" + "${self}/modules/home/server" + "${self}/modules/home/optional" + "${self}/profiles/home" ]; } ]) @@ -6210,6 +6410,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in }; }; config = lib.mkIf config.swarselsystems.modules.server.general { + environment.shellAliases = lib.recursiveUpdate { npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;"; @@ -8646,9 +8847,9 @@ Set in firefox =about:config > toolkit.legacyUserProfileCustomizations.styleshee search = { # default = "Kagi"; - default = "Google"; + default = "google"; # privateDefault = "Kagi"; - privateDefault = "Google"; + privateDefault = "google"; engines = { "Kagi" = { urls = [{ @@ -8657,7 +8858,7 @@ Set in firefox =about:config > toolkit.legacyUserProfileCustomizations.styleshee { name = "q"; value = "{searchTerms}"; } ]; }]; - iconUpdateURL = "https://kagi.com/favicon.ico"; + icon = "https://kagi.com/favicon.ico"; updateInterval = 24 * 60 * 60 * 1000; # every day definedAliases = [ "@k" ]; }; @@ -8678,7 +8879,7 @@ Set in firefox =about:config > toolkit.legacyUserProfileCustomizations.styleshee urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }]; - iconUpdateURL = "https://nixos.wiki/favicon.png"; + icon = "https://nixos.wiki/favicon.png"; updateInterval = 24 * 60 * 60 * 1000; # every day definedAliases = [ "@nw" ]; }; @@ -8707,7 +8908,7 @@ Set in firefox =about:config > toolkit.legacyUserProfileCustomizations.styleshee definedAliases = [ "@hm" "@ho" "@hmo" ]; }; - "Google".metaData.alias = "@g"; + "google".metaData.alias = "@g"; }; force = true; # this is required because otherwise the search.json.mozlz4 symlink gets replaced on every firefox restart }; @@ -12412,10 +12613,12 @@ Used here: [[#h:877c9401-a354-4e44-a235-db1a90d19e00][General org-mode]] #+begin_src emacs-lisp - (defun swarsel/org-mode-setup () - (variable-pitch-mode 1) - (add-hook 'org-tab-first-hook 'org-end-of-line) - (visual-line-mode 1)) + (defun swarsel/org-mode-setup () + (variable-pitch-mode 1) + (add-hook 'org-tab-first-hook 'org-end-of-line) + (org-indent-mode) + (visual-line-mode 1) + (org-mode)) #+end_src **** org-mode: Visual-fill column @@ -13603,6 +13806,7 @@ This part of the configuration mostly makes some aesthetic changes, enables neat (use-package org ;;:diminish (org-indent-mode) :hook (org-mode . swarsel/org-mode-setup) + ;; :mode "\\.nix\\'" :bind (("C-" . org-fold-outer) ("C-c s" . org-store-link)) @@ -14751,12 +14955,12 @@ Dirvish is an improvement upon the dired-framework and has more features like fi :config (dirvish-peek-mode) (dirvish-side-follow-mode) - (setq dirvish-open-with-programs - (append dirvish-open-with-programs '( - (("xlsx" "docx" "doc" "odt" "ods") "libreoffice" "%f") - (("jpg" "jpeg" "png") "imv" "%f") - (("pdf") "sioyek" "%f") - (("xopp") "xournalpp" "%f")))) + ;; (setq dirvish-open-with-programs + ;; (append dirvish-open-with-programs '( + ;; (("xlsx" "docx" "doc" "odt" "ods") "libreoffice" "%f") + ;; (("jpg" "jpeg" "png") "imv" "%f") + ;; (("pdf") "sioyek" "%f") + ;; (("xopp") "xournalpp" "%f")))) :custom (delete-by-moving-to-trash t) (dired-listing-switches diff --git a/checks/default.nix b/checks/default.nix index bc7b41c..4830423 100644 --- a/checks/default.nix +++ b/checks/default.nix @@ -12,7 +12,7 @@ detect-private-keys.enable = true; end-of-file-fixer.enable = true; fix-byte-order-marker.enable = true; - flake-checker.enable = false; + flake-checker.enable = true; forbid-new-submodules.enable = true; mixed-line-endings.enable = true; nixpkgs-fmt.enable = true; diff --git a/flake.lock b/flake.lock index f33e468..c4b3ad4 100644 --- a/flake.lock +++ b/flake.lock @@ -84,11 +84,11 @@ }, "crane_2": { "locked": { - "lastModified": 1739053031, - "narHash": "sha256-LrMDRuwAlRFD2T4MgBSRd1s2VtOE+Vl1oMCNu3RpPE0=", + "lastModified": 1743700120, + "narHash": "sha256-8BjG/P0xnuCyVOXlYRwdI1B8nVtyYLf3oDwPSimqREY=", "owner": "ipetkov", "repo": "crane", - "rev": "112e6591b2d6313b1bd05a80a754a8ee42432a7e", + "rev": "e316f19ee058e6db50075115783be57ac549c389", "type": "github" }, "original": { @@ -125,11 +125,11 @@ ] }, "locked": { - "lastModified": 1741684000, - "narHash": "sha256-NQykaWIrn5zilncefIvW4jPQ76YMXVK/dMTzkSVDmdk=", + "lastModified": 1744145203, + "narHash": "sha256-I2oILRiJ6G+BOSjY+0dGrTPe080L3pbKpc+gCV3Nmyk=", "owner": "nix-community", "repo": "disko", - "rev": "2db1d64fc084b1d15e3871dffc02c62a94ed6ed7", + "rev": "76c0a6dba345490508f36c1aa3c7ba5b6b460989", "type": "github" }, "original": { @@ -146,11 +146,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1741710368, - "narHash": "sha256-P9Qt8QQC6cFssiIvNEmj8BabRZS7EWMqCrA3oNj70x4=", + "lastModified": 1744770066, + "narHash": "sha256-zzcONhPfZpJSla9Yzl/tFHxGecLXaLgOBicYl0W0Kl8=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "2695d53827b4200a195f932a5beb47fe5f9e3213", + "rev": "fd7813213109317254eeb74ff07ac6bf32c7d56b", "type": "github" }, "original": { @@ -162,11 +162,11 @@ "firefox-gnome-theme": { "flake": false, "locked": { - "lastModified": 1741628778, - "narHash": "sha256-RsvHGNTmO2e/eVfgYK7g+eYEdwwh7SbZa+gZkT24MEA=", + "lastModified": 1743774811, + "narHash": "sha256-oiHLDHXq7ymsMVYSg92dD1OLnKLQoU/Gf2F1GoONLCE=", "owner": "rafaelmardojai", "repo": "firefox-gnome-theme", - "rev": "5a81d390bb64afd4e81221749ec4bffcbeb5fa80", + "rev": "df53a7a31872faf5ca53dd0730038a62ec63ca9e", "type": "github" }, "original": { @@ -446,11 +446,11 @@ ] }, "locked": { - "lastModified": 1741868525, - "narHash": "sha256-jikLF3o6cmIwTq3BNE1KZADzL/OprjACoVkrJEKf8hQ=", + "lastModified": 1743661097, + "narHash": "sha256-ZSx9BdbW+/4k3Pmecl7ZhpHXnpreuAgYxrRaJC8VmuU=", "owner": "TamtamHero", "repo": "fw-fanctrl", - "rev": "f97a5e9447c6def10f097d8dbd449ebb4e3ed253", + "rev": "473575cd1753cb4ec429ea085975e48d32970894", "type": "github" }, "original": { @@ -473,11 +473,11 @@ ] }, "locked": { - "lastModified": 1741379162, - "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=", + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "type": "github" }, "original": { @@ -597,11 +597,11 @@ ] }, "locked": { - "lastModified": 1741701235, - "narHash": "sha256-gBlb8R9gnjUAT5XabJeel3C2iEUiBHx3+91651y3Sqo=", + "lastModified": 1744735751, + "narHash": "sha256-OPpfgL3qUIbQdbmp1/ZwnlsuTLooHN4or0EABnZTFRY=", "owner": "nix-community", "repo": "home-manager", - "rev": "c630dfa8abcc65984cc1e47fb25d4552c81dd37e", + "rev": "db7738e67a101ad945abbcb447e1310147afaf1b", "type": "github" }, "original": { @@ -639,11 +639,11 @@ ] }, "locked": { - "lastModified": 1741635347, - "narHash": "sha256-2aYfV44h18alHXopyfL4D9GsnpE5XlSVkp4MGe586VU=", + "lastModified": 1743869639, + "narHash": "sha256-Xhe3whfRW/Ay05z9m1EZ1/AkbV1yo0tm1CbgjtCi4rQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "7fb8678716c158642ac42f9ff7a18c0800fea551", + "rev": "d094c6763c6ddb860580e7d3b4201f8f496a6836", "type": "github" }, "original": { @@ -697,11 +697,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1740094523, - "narHash": "sha256-vGxTGexcKN8BVunczdqps1dbu0khOFp0++Gvip9QZJ8=", + "lastModified": 1744704014, + "narHash": "sha256-UGq8nYSq/feyP0bUjd88jHXA7wJMaSPbtRByp7ZOD30=", "owner": "thiagokokada", "repo": "nix-alien", - "rev": "ab175cdbbad2a93afc86125eb0835694b005b2fb", + "rev": "9b92bd3b3d54e02aa0b1881af435802567c2dca9", "type": "github" }, "original": { @@ -717,11 +717,11 @@ ] }, "locked": { - "lastModified": 1741229100, - "narHash": "sha256-0HwrTDXp9buEwal/1ymK9uQmzUD5ozIA7CJGqnT/gLs=", + "lastModified": 1744478979, + "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "adf5c88ba1fe21af5c083b4d655004431f20c5ab", + "rev": "43975d782b418ebf4969e9ccba82466728c2851b", "type": "github" }, "original": { @@ -761,11 +761,11 @@ ] }, "locked": { - "lastModified": 1739071773, - "narHash": "sha256-/Ak+Quinhmdxa9m3shjm4lwwwqmzG8zzGhhhhgR1k9I=", + "lastModified": 1744518957, + "narHash": "sha256-RLBSWQfTL0v+7uyskC5kP6slLK1jvIuhaAh8QvB75m4=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "895d81b6228bbd50a6ef22f5a58a504ca99763ea", + "rev": "4fc9ea78c962904f4ea11046f3db37c62e8a02fd", "type": "github" }, "original": { @@ -781,11 +781,11 @@ ] }, "locked": { - "lastModified": 1741619381, - "narHash": "sha256-koZtlJRqi0/MD/AKd0KrXLA2NuBOVzlIyAJprjzpxZE=", + "lastModified": 1744518957, + "narHash": "sha256-RLBSWQfTL0v+7uyskC5kP6slLK1jvIuhaAh8QvB75m4=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "66537fb185462ba9b07f4e6f2d54894a1b2d04ab", + "rev": "4fc9ea78c962904f4ea11046f3db37c62e8a02fd", "type": "github" }, "original": { @@ -846,11 +846,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1738246091, - "narHash": "sha256-2+KkZsRO+XlOFbXbRgMZbRtlqn5MBNYj4HNmZ/2Tojg=", + "lastModified": 1744142264, + "narHash": "sha256-h5KyodobZm8dx/HSNN+basgdmjxrQxudjrss4gAQpZk=", "owner": "oddlama", "repo": "nix-topology", - "rev": "5526269fa3eedf4f4bc00c0bf7a03db31d24b029", + "rev": "f49121cbbf4a86c560638ade406d99ee58deb7aa", "type": "github" }, "original": { @@ -901,11 +901,11 @@ ] }, "locked": { - "lastModified": 1740947705, - "narHash": "sha256-Co2kAD2SZalOm+5zoxmzEVZNvZ17TyafuFsD46BwSdY=", + "lastModified": 1742568034, + "narHash": "sha256-QaMEhcnscfF2MqB7flZr+sLJMMYZPnvqO4NYf9B4G38=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "507911df8c35939050ae324caccc7cf4ffb76565", + "rev": "42ee229088490e3777ed7d1162cb9e9d8c3dbb11", "type": "github" }, "original": { @@ -916,11 +916,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1741325094, - "narHash": "sha256-RUAdT8dZ6k/486vnu3tiNRrNW6+Q8uSD2Mq7gTX4jlo=", + "lastModified": 1744633460, + "narHash": "sha256-fbWE4Xpw6eH0Q6in+ymNuDwTkqmFmtxcQEmtRuKDTTk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b48cc4dab0f9711af296fc367b6108cf7b8ccb16", + "rev": "9a049b4a421076d27fee3eec664a18b2066824cb", "type": "github" }, "original": { @@ -992,11 +992,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1741600792, - "narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ebe2788eafd539477f83775ef93c3c7e244421d3", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { @@ -1008,11 +1008,11 @@ }, "nixpkgs-stable24_11": { "locked": { - "lastModified": 1744309437, - "narHash": "sha256-QZnNHM823am8apCqKSPdtnzPGTy2ZB4zIXOVoBp5+W0=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f9ebe33a928b5d529c895202263a5ce46bdf12f7", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { @@ -1024,11 +1024,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1741600792, - "narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ebe2788eafd539477f83775ef93c3c7e244421d3", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { @@ -1040,11 +1040,11 @@ }, "nixpkgs_10": { "locked": { - "lastModified": 1739138025, - "narHash": "sha256-M4ilIfGxzbBZuURokv24aqJTbdjPA9K+DtKUzrJaES4=", + "lastModified": 1743689281, + "narHash": "sha256-y7Hg5lwWhEOgflEHRfzSH96BOt26LaYfrYWzZ+VoVdg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b2243f41e860ac85c0b446eadc6930359b294e79", + "rev": "2bfc080955153be0be56724be6fa5477b4eefabb", "type": "github" }, "original": { @@ -1056,11 +1056,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1739446958, - "narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2ff53fe64443980e139eaa286017f53f88336dd0", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -1135,11 +1135,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1741513245, - "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -1151,11 +1151,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1731763621, - "narHash": "sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk=", + "lastModified": 1744502386, + "narHash": "sha256-QAd1L37eU7ktL2WeLLLTmI6P9moz9+a/ONO8qNBYJgM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c69a9bffbecde46b4b939465422ddc59493d3e4d", + "rev": "f6db44a8daa59c40ae41ba6e5823ec77fe0d2124", "type": "github" }, "original": { @@ -1167,11 +1167,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1741513245, - "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", + "lastModified": 1743583204, + "narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1", + "rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434", "type": "github" }, "original": { @@ -1261,11 +1261,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1741723036, - "narHash": "sha256-L9tVnZpa6Cb0DgSStIbV5QPRAQ8F94UvKcfiQ1ZZSAA=", + "lastModified": 1744793674, + "narHash": "sha256-rYha6a3Austfc5bPmpio8UHaxlZn8XE38J5+VZ7s/KY=", "owner": "nix-community", "repo": "NUR", - "rev": "20ff961c7fbaf9ecb7a808c0e27bb0984d93f74f", + "rev": "50c9703a2f9da7abf3f18b3941e127e546a7f4c4", "type": "github" }, "original": { @@ -1284,11 +1284,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1741693509, - "narHash": "sha256-emkxnsZstiJWmGACimyAYqIKz2Qz5We5h1oBVDyQjLw=", + "lastModified": 1743884191, + "narHash": "sha256-foVcginhVvjg8ZnTzY5wwMeZ4wjJ8yX66PW5kgyivPE=", "owner": "nix-community", "repo": "NUR", - "rev": "5479646b2574837f1899da78bdf9a48b75a9fb27", + "rev": "fde90f5f52e13eed110a0e53a2818a2b09e4d37c", "type": "github" }, "original": { @@ -1359,11 +1359,11 @@ ] }, "locked": { - "lastModified": 1741379162, - "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=", + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "type": "github" }, "original": { @@ -1431,11 +1431,11 @@ ] }, "locked": { - "lastModified": 1739240901, - "narHash": "sha256-YDtl/9w71m5WcZvbEroYoWrjECDhzJZLZ8E68S3BYok=", + "lastModified": 1743682350, + "narHash": "sha256-S/MyKOFajCiBm5H5laoE59wB6w0NJ4wJG53iAPfYW3k=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "03473e2af8a4b490f4d2cdb2e4d3b75f82c8197c", + "rev": "c4a8327b0f25d1d81edecbb6105f74d7cf9d7382", "type": "github" }, "original": { @@ -1465,11 +1465,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1741644481, - "narHash": "sha256-E0RrMykMtEv15V3QhpsFutgoSKhL1JBhidn+iZajOyg=", + "lastModified": 1744669848, + "narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e653d71e82575a43fe9d228def8eddb73887b866", + "rev": "61154300d945f0b147b30d24ddcafa159148026a", "type": "github" }, "original": { @@ -1500,11 +1500,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1741706258, - "narHash": "sha256-Frn1vjiJlyzI9QcosZNWDrgKQjoCbsNAkCrLw2pUYZ4=", + "lastModified": 1744668092, + "narHash": "sha256-XDmpI3ywMkypsHKRF2am6BzZ5OjwpQMulAe8L87Ek8U=", "owner": "danth", "repo": "stylix", - "rev": "4a8718e5a14faeef3e57ededb4efb88b0deed329", + "rev": "38aff11a7097f4da6b95d4c4d2c0438f25a08d52", "type": "github" }, "original": { @@ -1625,11 +1625,11 @@ "tinted-schemes": { "flake": false, "locked": { - "lastModified": 1741468895, - "narHash": "sha256-YKM1RJbL68Yp2vESBqeZQBjTETXo8mCTTzLZyckCfZk=", + "lastModified": 1742851696, + "narHash": "sha256-sR4K+OVFKeUOvNIqcCr5Br7NLxOBEwoAgsIyjsZmb8s=", "owner": "tinted-theming", "repo": "schemes", - "rev": "47c8c7726e98069cade5827e5fb2bfee02ce6991", + "rev": "c37771c4ae8ff1667e27ddcf24991ebeb94a4e77", "type": "github" }, "original": { @@ -1641,11 +1641,11 @@ "tinted-tmux": { "flake": false, "locked": { - "lastModified": 1740877430, - "narHash": "sha256-zWcCXgdC4/owfH/eEXx26y5BLzTrefjtSLFHWVD5KxU=", + "lastModified": 1743296873, + "narHash": "sha256-8IQulrb1OBSxMwdKijO9fB70ON//V32dpK9Uioy7FzY=", "owner": "tinted-theming", "repo": "tinted-tmux", - "rev": "d48ee86394cbe45b112ba23ab63e33656090edb4", + "rev": "af5152c8d7546dfb4ff6df94080bf5ff54f64e3a", "type": "github" }, "original": { @@ -1743,11 +1743,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1740510704, - "narHash": "sha256-AMGLqcSS9eNWM1K2lm7lZz5t6RFHgLSNTAGI1vYF2VY=", + "lastModified": 1743838985, + "narHash": "sha256-7fmg1fPEJWdCrw2QsanIAA0TT10IvUImZyWbvoSPebA=", "owner": "dj95", "repo": "zjstatus", - "rev": "331ae24595e0c1c612f343547559d1e058128646", + "rev": "d27f0819903b5f31d527affa875c71cb5c2a8578", "type": "github" }, "original": { diff --git a/hosts/nixos/chaostheatre/default.nix b/hosts/nixos/chaostheatre/default.nix index 78629e1..6531933 100644 --- a/hosts/nixos/chaostheatre/default.nix +++ b/hosts/nixos/chaostheatre/default.nix @@ -1,6 +1,13 @@ -{ self, config, pkgs, lib, primaryUser, ... }: +{ self, inputs, config, pkgs, lib, primaryUser, ... }: let - modulesPath = "${self}/modules"; + sharedOptions = { + isBtrfs = false; + isLinux = true; + isPublic = true; + profiles = { + chaostheatre = true; + }; + }; in { @@ -10,7 +17,15 @@ in { _module.args.diskDevice = config.swarselsystems.rootDisk; } - "${modulesPath}/nixos/optional/autologin.nix" + "${self}/hosts/nixos/chaostheatre/options.nix" + inputs.home-manager.nixosModules.home-manager + { + home-manager.users."${primaryUser}".imports = [ + "${self}/modules/home/common/settings.nix" + "${self}/hosts/nixos/chaostheatre/options-home.nix" + "${self}/modules/home/common/sharedsetup.nix" + ]; + } ]; environment.variables = { @@ -31,21 +46,25 @@ in }; - swarselsystems = { - wallpaper = self + /wallpaper/lenovowp.png; - initialSetup = true; - isPublic = true; - isLinux = true; - isImpermanence = true; - isCrypted = true; - isSecureBoot = false; - isSwap = true; - swapSize = "4G"; - rootDisk = "/dev/vda"; - }; + swarselsystems = lib.recursiveUpdate + { + wallpaper = self + /wallpaper/lenovowp.png; + initialSetup = true; + isImpermanence = true; + isCrypted = true; + isSecureBoot = false; + isSwap = true; + swapSize = "4G"; + rootDisk = "/dev/vda"; + } + sharedOptions; - home-manager.users."${primaryUser}".swarselsystems = { - isNixos = true; - isPublic = true; + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { + isNixos = true; + } + sharedOptions; }; } diff --git a/hosts/nixos/chaostheatre/options-home.nix b/hosts/nixos/chaostheatre/options-home.nix new file mode 100644 index 0000000..4fdd76d --- /dev/null +++ b/hosts/nixos/chaostheatre/options-home.nix @@ -0,0 +1,2 @@ +_: +{ } diff --git a/hosts/nixos/chaostheatre/options.nix b/hosts/nixos/chaostheatre/options.nix new file mode 100644 index 0000000..4fdd76d --- /dev/null +++ b/hosts/nixos/chaostheatre/options.nix @@ -0,0 +1,2 @@ +_: +{ } diff --git a/hosts/nixos/iso/default.nix b/hosts/nixos/iso/default.nix index 34beaeb..28829b7 100644 --- a/hosts/nixos/iso/default.nix +++ b/hosts/nixos/iso/default.nix @@ -21,12 +21,16 @@ in } ]; - home-manager.users."${primaryUser}".home = { - file = { - ".bash_history" = { - source = self + /programs/bash/.bash_history; + home-manager.users."${primaryUser}" = { + home = { + stateVersion = "23.05"; + file = { + ".bash_history" = { + source = self + /programs/bash/.bash_history; + }; }; }; + swarselsystems.modules.general = lib.mkForce true; }; home-manager.users.root.home = { stateVersion = "23.05"; diff --git a/hosts/nixos/nbl-imba-2/default.nix b/hosts/nixos/nbl-imba-2/default.nix index 9d3f41d..0a3c021 100644 --- a/hosts/nixos/nbl-imba-2/default.nix +++ b/hosts/nixos/nbl-imba-2/default.nix @@ -1,7 +1,6 @@ { self, inputs, lib, primaryUser, ... }: let secretsDirectory = builtins.toString inputs.nix-secrets; - modulesPath = "${self}/modules"; sharedOptions = { isBtrfs = true; isLinux = true; @@ -21,24 +20,6 @@ in ./disk-config.nix ./hardware-configuration.nix - "${modulesPath}/nixos/optional/virtualbox.nix" - # "${modulesPath}/nixos/optional/vmware.nix" - "${modulesPath}/nixos/optional/autologin.nix" - "${modulesPath}/nixos/optional/nswitch-rcm.nix" - "${modulesPath}/nixos/optional/gaming.nix" - "${modulesPath}/nixos/optional/work.nix" - "${self}/profiles/nixos" - "${modulesPath}/nixos/server" - - inputs.home-manager.nixosModules.home-manager - { - home-manager.users."${primaryUser}".imports = [ - "${self}/profiles/home" - "${modulesPath}/home/server" - "${modulesPath}/home/optional/gaming.nix" - "${modulesPath}/home/optional/work.nix" - ]; - } ]; diff --git a/hosts/nixos/sync/default.nix b/hosts/nixos/sync/default.nix index 2967f59..d233fdd 100644 --- a/hosts/nixos/sync/default.nix +++ b/hosts/nixos/sync/default.nix @@ -1,22 +1,13 @@ -{ self, inputs, lib, primaryUser, ... }: +{ lib, primaryUser, ... }: let - modulesPath = "${self}/modules"; + sharedOptions = { + isBtrfs = false; + isLinux = true; + }; in { imports = [ - - "${modulesPath}/nixos/server" - "${modulesPath}/nixos/common/sharedsetup.nix" - "${modulesPath}/home/common/sharedsetup.nix" ./hardware-configuration.nix - - inputs.home-manager.nixosModules.home-manager - { - home-manager.users."${primaryUser}".imports = [ - "${modulesPath}/home/server" - "${modulesPath}/home/common/sharedsetup.nix" - ]; - } ]; sops = { @@ -51,7 +42,7 @@ in }; }; - # system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change + system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change services = { nginx = { @@ -80,16 +71,23 @@ in }; }; + swarselsystems = lib.recursiveUpdate + { + flakePath = "/root/.dotfiles"; + isImpermanence = false; + isSecureBoot = false; + isCrypted = false; + profiles = { + server.sync = true; + }; + } + sharedOptions; - swarselsystems = { - isImpermanence = false; - isLinux = true; - isBtrfs = false; - flakePath = "/root/.dotfiles"; - modules.server = { - forgejo = true; - ankisync = true; - }; + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { } + sharedOptions; }; } diff --git a/hosts/nixos/toto/default.nix b/hosts/nixos/toto/default.nix index f2a50b3..c20aa2e 100644 --- a/hosts/nixos/toto/default.nix +++ b/hosts/nixos/toto/default.nix @@ -4,35 +4,27 @@ let sharedOptions = { isBtrfs = true; isLinux = true; + profiles = { + toto = true; + }; }; in { imports = [ - "${self}/hosts/nixos/toto/disk-config.nix" + ./disk-config.nix ./hardware-configuration.nix - "${modulesPath}/nixos/optional/autologin.nix" - "${modulesPath}/nixos/common/settings.nix" "${modulesPath}/nixos/common/sharedsetup.nix" - "${modulesPath}/nixos/common/home-manager.nix" - "${modulesPath}/nixos/common/home-manager-extra.nix" - "${modulesPath}/nixos/common/xserver.nix" - "${modulesPath}/nixos/common/users.nix" - "${modulesPath}/nixos/common/impermanence.nix" - "${modulesPath}/nixos/common/lanzaboote.nix" - "${modulesPath}/nixos/common/sops.nix" - "${modulesPath}/nixos/server/ssh.nix" "${modulesPath}/home/common/sharedsetup.nix" + "${self}/profiles/nixos" inputs.home-manager.nixosModules.home-manager { home-manager.users."${primaryUser}".imports = [ inputs.sops-nix.homeManagerModules.sops - "${modulesPath}/home/common/settings.nix" - "${modulesPath}/home/common/sops.nix" - "${modulesPath}/home/common/ssh.nix" "${modulesPath}/home/common/sharedsetup.nix" + "${self}/profiles/home" ]; } ]; @@ -76,11 +68,13 @@ in } sharedOptions; - home-manager.users."${primaryUser}".swarselsystems = lib.recursiveUpdate - { - isLaptop = false; - isNixos = true; - } - sharedOptions; - + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { + isLaptop = false; + isNixos = true; + } + sharedOptions; + }; } diff --git a/hosts/nixos/winters/default.nix b/hosts/nixos/winters/default.nix index c396364..eabf9de 100644 --- a/hosts/nixos/winters/default.nix +++ b/hosts/nixos/winters/default.nix @@ -1,21 +1,17 @@ -{ self, inputs, primaryUser, ... }: +{ lib, primaryUser, ... }: let - modulesPath = "${self}/modules"; + sharedOptions = { + isBtrfs = false; + isLinux = true; + profiles = { + server.local = true; + }; + }; in { imports = [ ./hardware-configuration.nix - - "${modulesPath}/nixos/optional/autologin.nix" - "${modulesPath}/nixos/server" - - inputs.home-manager.nixosModules.home-manager - { - home-manager.users."${primaryUser}".imports = [ - "${modulesPath}/home/server" - ]; - } ]; boot = { @@ -31,25 +27,19 @@ in firewall.allowedTCPPorts = [ 80 443 ]; }; - swarselsystems = { - isImpermanence = false; - isBtrfs = false; - isLinux = true; - server = { - kavita = true; - navidrome = true; - jellyfin = true; - spotifyd = true; - mpd = false; - matrix = true; - nextcloud = true; - immich = true; - paperless = true; - transmission = true; - syncthing = true; - monitoring = true; - freshrss = true; - }; - }; + swarselsystems = lib.recursiveUpdate + { + isImpermanence = false; + isSecureBoot = true; + isCrypted = true; + } + sharedOptions; + + home-manager.users."${primaryUser}" = { + home.stateVersion = lib.mkForce "23.05"; + swarselsystems = lib.recursiveUpdate + { } + sharedOptions; + }; } diff --git a/lib/default.nix b/lib/default.nix index e792cdd..00970c6 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -53,38 +53,41 @@ in _module.args.primaryUser = linuxUser; } ] ++ - (if (host == "toto" || host == "iso") then [ ] else + (if (host == "iso") then [ ] else ([ # put nixos imports here that are for all servers and normal hosts inputs.nix-topology.nixosModules.default - ] ++ - (if (host == "winters" || host == "sync") then [ ] else [ - # put nixos imports here that are for all normal hosts "${self}/modules/${type}/common" inputs.stylix.nixosModules.stylix inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm - ]) ++ (if (type == "nixos") then [ + ] ++ (if (type == "nixos") then [ inputs.home-manager.nixosModules.home-manager + "${self}/profiles/nixos" + "${self}/modules/nixos/server" + "${self}/modules/nixos/optional" { - home-manager.users."${linuxUser}".imports = ( - if (host == "winters" || host == "sync") then [ ] else [ - # put home-manager imports here that are for all normal hosts - "${self}/modules/home/common" - ] - ) ++ [ - # put home-manager imports here that are for all servers and normal hosts + home-manager.users."${linuxUser}".imports = [ + # put home-manager imports here that are for all normal hosts inputs.sops-nix.homeManagerModules.sops inputs.nix-index-database.hmModules.nix-index + "${self}/modules/home/common" + "${self}/modules/home/server" + "${self}/modules/home/optional" + "${self}/profiles/home" ]; } ] else [ # put nixos imports here that are for darwin hosts "${self}/modules/darwin/nixos/common" + "${self}/profiles/darwin" inputs.home-manager.darwinModules.home-manager { home-manager.users."${macUser}".imports = [ # put home-manager imports here that are for darwin hosts "${self}/modules/darwin/home" + "${self}/modules/home/server" + "${self}/modules/home/optional" + "${self}/profiles/home" ]; } ]) diff --git a/modules/home/common/sharedsetup.nix b/modules/home/common/sharedsetup.nix index c017737..eb46a89 100644 --- a/modules/home/common/sharedsetup.nix +++ b/modules/home/common/sharedsetup.nix @@ -183,9 +183,9 @@ in search = { # default = "Kagi"; - default = "Google"; + default = "google"; # privateDefault = "Kagi"; - privateDefault = "Google"; + privateDefault = "google"; engines = { "Kagi" = { urls = [{ @@ -194,7 +194,7 @@ in { name = "q"; value = "{searchTerms}"; } ]; }]; - iconUpdateURL = "https://kagi.com/favicon.ico"; + icon = "https://kagi.com/favicon.ico"; updateInterval = 24 * 60 * 60 * 1000; # every day definedAliases = [ "@k" ]; }; @@ -215,7 +215,7 @@ in urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }]; - iconUpdateURL = "https://nixos.wiki/favicon.png"; + icon = "https://nixos.wiki/favicon.png"; updateInterval = 24 * 60 * 60 * 1000; # every day definedAliases = [ "@nw" ]; }; @@ -244,7 +244,7 @@ in definedAliases = [ "@hm" "@ho" "@hmo" ]; }; - "Google".metaData.alias = "@g"; + "google".metaData.alias = "@g"; }; force = true; # this is required because otherwise the search.json.mozlz4 symlink gets replaced on every firefox restart }; diff --git a/modules/home/optional/default.nix b/modules/home/optional/default.nix new file mode 100644 index 0000000..59351fd --- /dev/null +++ b/modules/home/optional/default.nix @@ -0,0 +1,7 @@ +{ lib, ... }: +let + importNames = lib.swarselsystems.readNix "modules/home/optional"; +in +{ + imports = lib.swarselsystems.mkImports importNames "modules/home/optional"; +} diff --git a/modules/nixos/optional/default.nix b/modules/nixos/optional/default.nix new file mode 100644 index 0000000..a6237f7 --- /dev/null +++ b/modules/nixos/optional/default.nix @@ -0,0 +1,12 @@ +{ self, lib, ... }: +let + importNames = lib.swarselsystems.readNix "modules/nixos/optional"; + modulesPath = "${self}/modules"; +in +{ + imports = lib.swarselsystems.mkImports importNames "modules/nixos/optional" ++ [ + "${modulesPath}/home/common/sharedsetup.nix" + ]; + + +} diff --git a/modules/nixos/server/settings.nix b/modules/nixos/server/settings.nix index e3e9043..11ddcac 100644 --- a/modules/nixos/server/settings.nix +++ b/modules/nixos/server/settings.nix @@ -11,6 +11,7 @@ in }; }; config = lib.mkIf config.swarselsystems.modules.server.general { + environment.shellAliases = lib.recursiveUpdate { npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;"; diff --git a/profiles/home/chaostheatre/default.nix b/profiles/home/chaostheatre/default.nix new file mode 100644 index 0000000..37bd0c4 --- /dev/null +++ b/profiles/home/chaostheatre/default.nix @@ -0,0 +1,44 @@ +{ lib, config, ... }: +{ + options.swarselsystems.profiles.chaostheatre = lib.mkEnableOption "is this a chaostheatre host"; + config = lib.mkIf config.swarselsystems.profiles.chaostheatre { + swarselsystems.modules = { + packages = lib.mkDefault true; + ownpackages = lib.mkDefault true; + general = lib.mkDefault true; + nixgl = lib.mkDefault true; + sops = lib.mkDefault true; + yubikey = lib.mkDefault false; + ssh = lib.mkDefault true; + stylix = lib.mkDefault true; + desktop = lib.mkDefault true; + symlink = lib.mkDefault true; + env = lib.mkDefault false; + programs = lib.mkDefault true; + nix-index = lib.mkDefault true; + direnv = lib.mkDefault true; + eza = lib.mkDefault true; + git = lib.mkDefault false; + fuzzel = lib.mkDefault true; + starship = lib.mkDefault true; + kitty = lib.mkDefault true; + zsh = lib.mkDefault true; + zellij = lib.mkDefault true; + tmux = lib.mkDefault true; + mail = lib.mkDefault false; + emacs = lib.mkDefault true; + waybar = lib.mkDefault true; + firefox = lib.mkDefault true; + gnome-keyring = lib.mkDefault true; + kdeconnect = lib.mkDefault true; + mako = lib.mkDefault true; + swayosd = lib.mkDefault true; + yubikeytouch = lib.mkDefault true; + sway = lib.mkDefault true; + kanshi = lib.mkDefault true; + gpgagent = lib.mkDefault true; + gammastep = lib.mkDefault false; + }; + }; + +} diff --git a/profiles/home/toto/default.nix b/profiles/home/toto/default.nix new file mode 100644 index 0000000..97814f1 --- /dev/null +++ b/profiles/home/toto/default.nix @@ -0,0 +1,12 @@ +{ lib, config, ... }: +{ + options.swarselsystems.profiles.toto = lib.mkEnableOption "is this a toto (setup) host"; + config = lib.mkIf config.swarselsystems.profiles.toto { + swarselsystems.modules = { + general = lib.mkDefault true; + sops = lib.mkDefault true; + ssh = lib.mkDefault true; + }; + }; + +} diff --git a/profiles/nixos/chaostheatre/default.nix b/profiles/nixos/chaostheatre/default.nix new file mode 100644 index 0000000..4904a0e --- /dev/null +++ b/profiles/nixos/chaostheatre/default.nix @@ -0,0 +1,55 @@ +{ lib, config, ... }: +{ + options.swarselsystems.profiles.chaostheatre = lib.mkEnableOption "is this a chaostheatre host"; + config = lib.mkIf config.swarselsystems.profiles.chaostheatre { + swarselsystems.modules = { + packages = lib.mkDefault true; + general = lib.mkDefault true; + home-manager = lib.mkDefault true; + home-managerExtra = lib.mkDefault false; + xserver = lib.mkDefault true; + users = lib.mkDefault true; + env = lib.mkDefault true; + security = lib.mkDefault true; + gc = lib.mkDefault true; + storeOptimize = lib.mkDefault true; + systemdTimeout = lib.mkDefault true; + hardware = lib.mkDefault true; + pulseaudio = lib.mkDefault true; + pipewire = lib.mkDefault true; + network = lib.mkDefault true; + time = lib.mkDefault true; + commonSops = lib.mkDefault true; + stylix = lib.mkDefault true; + programs = lib.mkDefault true; + zsh = lib.mkDefault true; + syncthing = lib.mkDefault true; + blueman = lib.mkDefault true; + networkDevices = lib.mkDefault true; + gvfs = lib.mkDefault true; + interceptionTools = lib.mkDefault true; + ppd = lib.mkDefault true; + yubikey = lib.mkDefault true; + ledger = lib.mkDefault true; + keyboards = lib.mkDefault true; + login = lib.mkDefault true; + nix-ld = lib.mkDefault true; + impermanence = lib.mkDefault true; + nvd = lib.mkDefault true; + gnome-keyring = lib.mkDefault true; + sway = lib.mkDefault true; + xdg-portal = lib.mkDefault true; + distrobox = lib.mkDefault true; + appimage = lib.mkDefault true; + lid = lib.mkDefault true; + lowBattery = lib.mkDefault true; + lanzaboote = lib.mkDefault true; + + optional = { + autologin = lib.mkDefault true; + }; + }; + + }; + +} diff --git a/profiles/nixos/localserver/default.nix b/profiles/nixos/localserver/default.nix index d7b3329..fb1bb29 100644 --- a/profiles/nixos/localserver/default.nix +++ b/profiles/nixos/localserver/default.nix @@ -4,6 +4,7 @@ config = lib.mkIf config.swarselsystems.profiles.server.local { swarselsystems = { modules = { + general = lib.mkDefault true; nix-ld = lib.mkDefault true; home-manager = lib.mkDefault true; home-managerExtra = lib.mkDefault true; diff --git a/profiles/nixos/syncserver/default.nix b/profiles/nixos/syncserver/default.nix index a26ce36..93ab5a7 100644 --- a/profiles/nixos/syncserver/default.nix +++ b/profiles/nixos/syncserver/default.nix @@ -4,6 +4,7 @@ config = lib.mkIf config.swarselsystems.profiles.server.sync { swarselsystems = { modules = { + general = lib.mkDefault true; nix-ld = lib.mkDefault true; home-manager = lib.mkDefault true; home-managerExtra = lib.mkDefault true; diff --git a/profiles/nixos/toto/default.nix b/profiles/nixos/toto/default.nix new file mode 100644 index 0000000..0f8db97 --- /dev/null +++ b/profiles/nixos/toto/default.nix @@ -0,0 +1,24 @@ +{ lib, config, ... }: +{ + options.swarselsystems.profiles.toto = lib.mkEnableOption "is this a toto (setup) host"; + config = lib.mkIf config.swarselsystems.profiles.toto { + swarselsystems.modules = { + general = lib.mkDefault true; + home-manager = lib.mkDefault true; + home-managerExtra = lib.mkDefault true; + xserver = lib.mkDefault true; + users = lib.mkDefault true; + commonSops = lib.mkDefault true; + impermanence = lib.mkDefault true; + lanzaboote = lib.mkDefault true; + server = { + ssh = lib.mkDefault true; + }; + optional = { + autologin = lib.mkDefault true; + }; + }; + + }; + +} diff --git a/programs/emacs/init.el b/programs/emacs/init.el index 8bdef99..8b896c1 100644 --- a/programs/emacs/init.el +++ b/programs/emacs/init.el @@ -159,7 +159,9 @@ create a new one." (defun swarsel/org-mode-setup () (variable-pitch-mode 1) (add-hook 'org-tab-first-hook 'org-end-of-line) - (visual-line-mode 1)) + (org-indent-mode) + (visual-line-mode 1) + (org-mode)) (defun swarsel/org-mode-visual-fill () (setq visual-fill-column-width 150 @@ -802,6 +804,7 @@ create a new one." (use-package org ;;:diminish (org-indent-mode) :hook (org-mode . swarsel/org-mode-setup) + ;; :mode "\\.nix\\'" :bind (("C-" . org-fold-outer) ("C-c s" . org-store-link)) @@ -1401,12 +1404,12 @@ create a new one." :config (dirvish-peek-mode) (dirvish-side-follow-mode) - (setq dirvish-open-with-programs - (append dirvish-open-with-programs '( - (("xlsx" "docx" "doc" "odt" "ods") "libreoffice" "%f") - (("jpg" "jpeg" "png") "imv" "%f") - (("pdf") "sioyek" "%f") - (("xopp") "xournalpp" "%f")))) + ;; (setq dirvish-open-with-programs + ;; (append dirvish-open-with-programs '( + ;; (("xlsx" "docx" "doc" "odt" "ods") "libreoffice" "%f") + ;; (("jpg" "jpeg" "png") "imv" "%f") + ;; (("pdf") "sioyek" "%f") + ;; (("xopp") "xournalpp" "%f")))) :custom (delete-by-moving-to-trash t) (dired-listing-switches diff --git a/scripts/swarsel-install.sh b/scripts/swarsel-install.sh index 6e7cb18..5f105b8 100644 --- a/scripts/swarsel-install.sh +++ b/scripts/swarsel-install.sh @@ -101,6 +101,36 @@ if [[ $local_keys != *"${pub_arr[1]}"* ]]; then rm modules/home/common/mail.nix rm modules/home/common/yubikey.nix rm modules/nixos/common/home-manager-extra.nix + rm -rf modules/nixos/server + rm -rf modules/home/server + cat > hosts/nixos/chaostheatre/options.nix << EOF + { self, lib, ... }: + { + options = { + swarselsystems = { + modules = { + home-managerExtra = lib.mkEnableOption "dummy option for chaostheatre"; + }; + }; + }; + } +EOF + cat > hosts/nixos/chaostheatre/options-home.nix << EOF + { self, lib, ... }: + { + options = { + swarselsystems = { + modules = { + yubikey = lib.mkEnableOption "dummy option for chaostheatre"; + env = lib.mkEnableOption "dummy option for chaostheatre"; + git = lib.mkEnableOption "dummy option for chaostheatre"; + mail = lib.mkEnableOption "dummy option for chaostheatre"; + gammastep = lib.mkEnableOption "dummy option for chaostheatre"; + }; + }; + }; + } +EOF nix flake update vbc-nix git add . else