diff --git a/.envrc b/.envrc index e28b175..1d953f4 100644 --- a/.envrc +++ b/.envrc @@ -1,2 +1 @@ -export ISO=".#nixosConfigurations.niximg.config.system.build.isoImage" use nix diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes deleted file mode 100644 index 665b10e..0000000 --- a/.git-crypt/.gitattributes +++ /dev/null @@ -1,4 +0,0 @@ -# Do not edit this file. To specify the files to encrypt, create your own -# .gitattributes file in the directory where your files are. -* !filter !diff -*.gpg binary diff --git a/.git-crypt/keys/default/0/54718D2B78DCAA9C770296F18985725DB5B0C122.gpg b/.git-crypt/keys/default/0/54718D2B78DCAA9C770296F18985725DB5B0C122.gpg deleted file mode 100644 index bc59e42..0000000 --- a/.git-crypt/keys/default/0/54718D2B78DCAA9C770296F18985725DB5B0C122.gpg +++ /dev/null @@ -1,3 +0,0 @@ - jzqa3۫B:b҅ =ul- *EկD4! WU|$2^l ).薕 a` 'i1! -6q~ -INy8)["#0\8: b d^g)gh0cM`M!SG~e"u:$]cBM"ljAKN24Q+^iX|f̏XA.RX> jWRWi:e'3XȂėˉWCX0B'yҹd~(""SqԴA0_{H'S"d 7PA}0UPZ/Acjүtmߜ%[WQGFXdLO\ R* r+2 EEVq{}"fFk5I/kJ3ۦ@quy%ȍФu3c$; Oj -C \ No newline at end of file diff --git a/README.md b/README.md index 281432e..645a7a7 100644 --- a/README.md +++ b/README.md @@ -5,24 +5,51 @@ NixOS configuration, using the experimental [flakes][rfc] mechanism. Its aim is to provide a generic template repository, to neatly separate concerns and allow one to get up and running with NixOS faster. Flakes are still an experimental feature, but once they finally get merged, even more will become possible, -including nixops support. +including [nixops](https://nixos.org/nixops) support. #### [Flake Talk][video] # Usage + Enter a nix-shell either manually or automatically using [direnv][direnv]. This will set up the exerimental nix features that need to be available to use -[flakes][pr]. A basic `rebuild` command is included in the shell to replace +[flakes][pr]. + +Start a new branch based on the template branch: +``` +git checkout -b template +``` + +You may want to use a generated hardware config for your machine: +``` +nixos-generate-config --show-hardware-config > ./hosts/.nix +``` + + +A basic `rebuild` command is included in the shell to replace `nixos-rebuild` for now. ``` Usage: rebuild [host] {switch|boot|test} + +#example using above generated config +rebuild switch ``` You can specify one of the host configurations from the [hosts](hosts) directory. If omitted, it will default to your systems current hostname. +And now you should be ready to start writing your nix configuration or import +some of the already existing profiles. Review [contributing](#contributing) +below on how to structure your expressions. And be sure to update the +[locale.nix](local/locale.nix) for your region. + +You can always check out my personal branch `nrdxp`, to get an idea of how to +structure your work. + +## Additional Capabilities + In addtion: ``` rebuild iso @@ -38,11 +65,19 @@ to install NixOS. For example: nix profile install ".#packages.x86_64-linux.purs" ``` +A similar mechanism exists to import the modules and overlays declared in the +flake to allow for seemless sharing between configurations. + # Contributing -The purpose of this repository is to allow for simpler modularity and -maintainability than was achieved in a previous effort. Flakes, along with a -standardized structure, make this simple. +The purpose of this repository is to provide a standardized template structure +for NixOS machine expressions, thus enabling simpler sharing and resue of nix +expressions. + +Say your friend and you are using this repository, each with your own unique +nix epxpressions. By simply importing your friends flake from `flake.nix` as an +input, you can have access to all of the packages, modules, overlays, and even +entire system configurations your friend has defined! ## Hosts Distributions for particular machines should be stored in the [hosts](hosts) @@ -52,12 +87,20 @@ output. See the [`default.nix`](hosts/default.nix) for implementation details. ## Profiles More abstract configurations that can be reused by multiple machines should -go in the [profiles](profiles) directory. It's structure is pretty straight -forward. Just have a look to get an idea. Every profile should have a -`default.nix` to easily import it. You can also stick things in the profile's -subdirectory which are not automatically imported by its `default.nix` but are -meant to be manually imported from a host (useful for less common, or -specialized configurations). +go in the [profiles](profiles) directory. We make a distinction between a module +and profile, in that a profile is simly a regular NixOS module, without any new +option declarations. + +Every profile should have a `default.nix` to easily import it. You can also +stick things in the profile's subdirectory which are not automatically +imported, but are meant to be manually imported from a host (useful for less +common, or specialized configurations). + +Importantly, every subdirectory in a profile should be independantly importable. +For example, a zsh directory lives under [profiles/develop](profiles/develop/zsh). +It's written in a generic way to allow in to be imported without the entire +[develop](profiles/develop) if one so wished. This provides a wonderful level of +granularity. In addition, profiles can depend on other profiles. For example, The [graphical](profiles/graphical) profile depends on [develop](profiles/develop) @@ -70,7 +113,7 @@ is available automatically for home directory setup. ## Secrets Anything you wish to keep encrypted goes in the [secrets](secrets) directory. -Be sure to run `git-crypt init`, before committing anything to this repo. +Be sure to run `git crypt init`, before committing anything to this repo. Be sure to check out the [documentation](https://github.com/AGWA/git-crypt) if your not familiar. @@ -89,14 +132,20 @@ outputs to import them easily into an external NixOS configuration as well. ## Pull Requests -If you'd like to add a package, module, profile or host configuration please -be sure to format your code with [`nixpkgs-fmt`][nixpkgs-fmt] before +While much of your work in this template may be idiosyncratic in nature. Anything +that might be generally useful to the broader NixOS community can be synced to +the `template` branch to provide a host of useful NixOS configurations available +"out of the box". If you wish to contribute such an expression please follow +the following guidelines. + +Be sure to format your code with [`nixpkgs-fmt`][nixpkgs-fmt] before opening a pull-request. The commit message follows the same semantics as [nixpkgs][nixpkgs]. You can use a `#` symbol to specify abiguities. For example, `develop#zsh: ` would tell me that your updating the `zsh` configuration living under the `develop` profile. + # License This software is licensed under the [MIT License](COPYING). @@ -109,7 +158,7 @@ which they apply. The aforementioned artifacts are all covered by the licenses of the respective packages. [direnv]: https://direnv.net -[home-manager]: https://github.com/nrdxp/home-manager +[home-manager]: https://github.com/rycee/home-manager [NixOS]: https://nixos.org [nixpkgs-fmt]: https://github.com/nix-community/nixpkgs-fmt [nixpkgs]: https://github.com/NixOS/nixpkgs diff --git a/hosts/hp500281.nix b/hosts/hp500281.nix deleted file mode 100644 index c07a197..0000000 --- a/hosts/hp500281.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ lib, pkgs, ... }: -let - inherit (builtins) readFile; -in -{ - imports = [ - ../profiles/games - ../profiles/misc - ../profiles/misc/plex.nix - ../profiles/misc/torrent.nix - ../users/nrd - ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/5c0bf17c-6df1-4618-88f8-48a4249adb30"; - fsType = "xfs"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/B361-1241"; - fsType = "vfat"; - }; - - fileSystems."/srv" = { - device = "/dev/disk/by-uuid/2a21bc0b-f30a-4001-8976-f39adf805daa"; - fsType = "xfs"; - }; - - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ehci_pci" - "ahci" - "usbhid" - "sd_mod" - ]; - - boot.kernelModules = [ "kvm-intel" ]; - - environment.sessionVariables = { - LIBVA_DRIVER_NAME = "iHD"; - }; - - hardware.cpu.intel.updateMicrocode = true; - - hardware.opengl.extraPackages = with pkgs; [ - vaapiIntel - vaapiVdpau - libvdpau-va-gl - intel-media-driver - ]; - - networking.networkmanager = { - enable = true; - }; - - nix.maxJobs = lib.mkDefault 4; - nix.systemFeatures = [ "gccarch-haswell" ]; - - boot.loader.systemd-boot = { - enable = true; - editor = false; - }; -} diff --git a/pkgs/data/fonts/dejavu-nerdfont/default.nix b/pkgs/data/fonts/dejavu-nerdfont/default.nix index fe2f717..b6e8eb7 100644 --- a/pkgs/data/fonts/dejavu-nerdfont/default.nix +++ b/pkgs/data/fonts/dejavu-nerdfont/default.nix @@ -17,5 +17,7 @@ stdenv.mkDerivation rec { description = "Nerdfont version of DejaVu"; homepage = https://github.com/ryanoasis/nerd-fonts; license = licenses.mit; + maintainers = [ maintainers.nrdxp ]; + inherit version; }; } diff --git a/profiles/develop/zsh/cdr-skim.zsh b/profiles/develop/zsh/cdr-skim.zsh index 017bb35..4149da0 100644 --- a/profiles/develop/zsh/cdr-skim.zsh +++ b/profiles/develop/zsh/cdr-skim.zsh @@ -1 +1 @@ -while read line; do line=${(Q)line}; [[ -d $line ]] && echo $line; done < /home/nrd/.cache/zsh-cdr/recent-dirs +while read line; do line=${(Q)line}; [[ -d $line ]] && echo $line; done < $HOME/.cache/zsh-cdr/recent-dirs diff --git a/secrets/cargo b/secrets/cargo deleted file mode 100644 index b201258..0000000 Binary files a/secrets/cargo and /dev/null differ diff --git a/secrets/ec2 b/secrets/ec2 deleted file mode 100644 index 3fad1d1..0000000 Binary files a/secrets/ec2 and /dev/null differ diff --git a/secrets/github b/secrets/github deleted file mode 100644 index 6f90dc6..0000000 Binary files a/secrets/github and /dev/null differ diff --git a/secrets/gitlab b/secrets/gitlab deleted file mode 100644 index 1d8976a..0000000 Binary files a/secrets/gitlab and /dev/null differ diff --git a/secrets/nrd b/secrets/nrd deleted file mode 100644 index 1bc7413..0000000 Binary files a/secrets/nrd and /dev/null differ diff --git a/secrets/root b/secrets/root deleted file mode 100644 index d8f05b8..0000000 Binary files a/secrets/root and /dev/null differ diff --git a/users/nrd/default.nix b/users/nrd/default.nix deleted file mode 100644 index 99dacdf..0000000 --- a/users/nrd/default.nix +++ /dev/null @@ -1,202 +0,0 @@ -{ config, lib, pkgs, ... }: -let - inherit (builtins) - toFile - readFile - ; - - inherit (lib) - fileContents - mkForce - ; - - - name = "Timothy DeHerrera"; -in -{ - - imports = [ - ../../profiles/graphical - ]; - - users.users.root.hashedPassword = fileContents ../../secrets/root; - - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - environment.systemPackages = with pkgs; [ - nrd-logo - pinentry_gnome - ]; - - home-manager.users.nrd = { - home = { - packages = mkForce []; - - file = { - ".ec2-keys".source = ../../secrets/ec2; - ".cargo/credentials".source = ../../secrets/cargo; - ".zshrc".text = "#"; - }; - }; - - programs.alacritty = { - enable = true; - settings = { - env.TERM = "xterm-256color"; - window.decorations = "full"; - tabspaces = 2; - font.size = 9.0; - cursor.style = "Beam"; - - # snazzy theme - colors = { - # Default colors - primary = { - background = "0x282a36"; - foreground = "0xeff0eb"; - }; - - # Normal colors - normal = { - black = "0x282a36"; - red = "0xff5c57"; - green = "0x5af78e"; - yellow = "0xf3f99d"; - blue = "0x57c7ff"; - magenta = "0xff6ac1"; - cyan = "0x9aedfe"; - white = "0xf1f1f0"; - }; - - # Bright colors - bright = { - black = "0x686868"; - red = "0xff5c57"; - green = "0x5af78e"; - yellow = "0xf3f99d"; - blue = "0x57c7ff"; - magenta = "0xff6ac1"; - cyan = "0x9aedfe"; - white = "0xf1f1f0"; - }; - }; - }; - }; - - programs.mpv = { - enable = true; - config = { - ytdl-format = "bestvideo[height<=?1080]+bestaudio/best"; - hwdec = "auto"; - vo = "gpu"; - }; - }; - - programs.git = { - enable = true; - - aliases = { - a = "add -p"; - co = "checkout"; - cob = "checkout -b"; - f = "fetch -p"; - c = "commit"; - p = "push"; - ba = "branch -a"; - bd = "branch -d"; - bD = "branch -D"; - d = "diff"; - dc = "diff --cached"; - ds = "diff --staged"; - r = "restore"; - rs = "restore --staged"; - st = "status -sb"; - - # logging - lg = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"; - plog = "log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'"; - tlog = "log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative"; - rank = "shortlog -sn --no-merges"; - - # delete merged branches - bdm = "!git branch --merged | grep -v '*' | xargs -n 1 git branch -d"; - }; - - userName = name; - userEmail = "tim.deh@pm.me"; - signing = { - key = "8985725DB5B0C122"; - signByDefault = true; - }; - }; - - programs.ssh = { - enable = true; - hashKnownHosts = true; - - matchBlocks = let - githubKey = toFile "github" - (readFile ../../secrets/github); - - gitlabKey = toFile "gitlab" - (readFile ../../secrets/gitlab); - in - { - github = { - host = "github.com"; - identityFile = githubKey; - extraOptions = { - AddKeysToAgent = "yes"; - }; - }; - gitlab = { - host = "gitlab.com"; - identityFile = gitlabKey; - extraOptions = { - AddKeysToAgent = "yes"; - }; - }; - "gitlab.company" = { - host = "gitlab.company.com"; - identityFile = gitlabKey; - extraOptions = { - AddKeysToAgent = "yes"; - }; - }; - }; - }; - }; - - users.groups.media.members = [ "nrd" ]; - - users.users.nrd = { - uid = 1000; - description = name; - isNormalUser = true; - hashedPassword = fileContents ../../secrets/nrd; - extraGroups = [ - "wheel" - "input" - "networkmanager" - "adbusers" - ]; - }; - - nixpkgs.overlays = let - overlay = self: super: { - nrd-logo = super.stdenv.mkDerivation { - name = "nrdxp-logo"; - src = ./logo.png; - dontUnpack = true; - installPhase = '' - mkdir -p $out/share/sddm/faces - cp $src $out/share/sddm/faces/nrd.face.icon - ''; - }; - }; - in - [ overlay ]; -} diff --git a/users/nrd/logo.png b/users/nrd/logo.png deleted file mode 100644 index efae713..0000000 Binary files a/users/nrd/logo.png and /dev/null differ