diff --git a/README.md b/README.md index 275714ca..29d450dc 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,9 @@ expected. There are unstable versions (0._x_._x_) to help users keep track of changes and progress, and a [`develop`](https://github.com/divnix/devos/tree/develop) branch for the brave 😜 ## In the Wild -* The original [authors][please] +* @Pacman99: [Personal](https://gitlab.com/coffeetables/lower), [Server](https://gitlab.com/coffeetables/myrdd) +* [@danielphan2003](https://github.com/danielphan2003/flk) and make sure to also check out [devos-ext-lib][devos-ext-lib] +* [PubSolarOS](https://git.sr.ht/~b12f/pub-solar-os) ## Shoulders This work does not reinvent the wheel. It stands on the [shoulders of the @@ -89,3 +91,4 @@ DevOS is licensed under the [MIT License][mit]. [nvfetcher]: https://github.com/berberman/nvfetcher [please]: https://github.com/nrdxp/devos/tree/nrd [matrix]: https://matrix.to/#/#devos:nixos.org +[devos-ext-lib]: https://github.com/divnix/devos-ext-lib diff --git a/doc/concepts/users.md b/doc/concepts/users.md index 3ab7c39c..b2a6c2a3 100644 --- a/doc/concepts/users.md +++ b/doc/concepts/users.md @@ -37,9 +37,10 @@ User profiles can be collected in a similar fashion as system ones into a `suite argument that gets passed to your home-manager users. ### Example +`flake.nix` ```nix { - home-manager.users.nixos = { suites, ... }: { + home.users.nixos = { suites, ... }: { imports = suites.base; }; } diff --git a/doc/secrets.md b/doc/secrets.md index 996f4180..47ca43d4 100644 --- a/doc/secrets.md +++ b/doc/secrets.md @@ -90,7 +90,7 @@ In any profile that uses a NixOS module that requires a secret you can enable a ``` -Then you can just pass the path `/run/secrets/mysecret` to the module. +Then you can just pass the path `/run/agenix/mysecret` to the module. You can make use of the many options provided by the age module to customize where and how secrets get decrypted. You can learn about them by looking at the diff --git a/flake.lock b/flake.lock index dd3ae7e1..4d8ae3f3 100644 --- a/flake.lock +++ b/flake.lock @@ -23,10 +23,7 @@ "beautysh": { "inputs": { "flake-utils": "flake-utils", - "nixpkgs": [ - "bud", - "nixpkgs" - ], + "nixpkgs": "nixpkgs", "poetry2nix": "poetry2nix" }, "locked": { @@ -148,7 +145,6 @@ "deploy" ], "devshell": "devshell", - "flake-utils": "flake-utils_3", "flake-utils-plus": "flake-utils-plus", "home-manager": [ "home" @@ -163,11 +159,11 @@ ] }, "locked": { - "lastModified": 1640031018, - "narHash": "sha256-ZzyS803XuCl99XE4581m0Suni+q1Hz+Mpw6A9bs7VKM=", + "lastModified": 1643510242, + "narHash": "sha256-9C9DyJhQ5bevk0CEEjGct+U9EqUgHg8T70nxz47zjMI=", "owner": "divnix", "repo": "digga", - "rev": "3157889810e51a1ae03f82bf6bf6657ba8cf93c6", + "rev": "33bfb05b8a148d8ad6a842de74e22209bf9fe5d7", "type": "github" }, "original": { @@ -178,7 +174,7 @@ }, "fenix": { "inputs": { - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "rust-analyzer-src": "rust-analyzer-src" }, "locked": { @@ -244,29 +240,29 @@ }, "flake-utils-plus": { "inputs": { - "flake-utils": "flake-utils_4" + "flake-utils": "flake-utils_3" }, "locked": { - "lastModified": 1638994888, - "narHash": "sha256-iz/ynGNZlvqKCOnFrEKqGA+BVKGQMG+g2JT+e3OOLN8=", - "owner": "divnix", + "lastModified": 1639385028, + "narHash": "sha256-oqorKz3mwf7UuDJwlbCEYCB2LfcWLL0DkeCWhRIL820=", + "owner": "gytis-ivaskevicius", "repo": "flake-utils-plus", - "rev": "b4f9f517574cb7bd6ee3f19c72c19634c9f536e1", + "rev": "be1be083af014720c14f3b574f57b6173b4915d0", "type": "github" }, "original": { - "owner": "divnix", + "owner": "gytis-ivaskevicius", "repo": "flake-utils-plus", "type": "github" } }, "flake-utils_2": { "locked": { - "lastModified": 1638122382, - "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=", + "lastModified": 1642700792, + "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", "owner": "numtide", "repo": "flake-utils", - "rev": "74f7e4319258e287b0f9cb95426c9853b282730b", + "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", "type": "github" }, "original": { @@ -291,21 +287,6 @@ } }, "flake-utils_4": { - "locked": { - "lastModified": 1638122382, - "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "74f7e4319258e287b0f9cb95426c9853b282730b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_5": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -327,11 +308,11 @@ ] }, "locked": { - "lastModified": 1637917557, - "narHash": "sha256-3u5bLyGn5NUG3RJA7/v1Bqa/QCFGqp/01Bh/4REf9m4=", + "lastModified": 1642653493, + "narHash": "sha256-22mGPjiHUo2Jmze4IjXCJLjeK2mbvvCztHmUyUMr4yw=", "owner": "nix-community", "repo": "home-manager", - "rev": "4daff26495ca9ac67476cba8cf15c3e36d91ab18", + "rev": "28b9ae40c45c5e7711c353fee1b7af734e293979", "type": "github" }, "original": { @@ -359,11 +340,11 @@ }, "latest_2": { "locked": { - "lastModified": 1638198142, - "narHash": "sha256-plU9b8r4St6q4U7VHtG9V7oF8k9fIpfXl/KDaZLuY9k=", + "lastModified": 1643347846, + "narHash": "sha256-O0tyXF//ppRpe9yT1Uu5n34yI2MWDyY6ZiJ4Qn5zIkE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8a308775674e178495767df90c419425474582a1", + "rev": "5bb20f9dc70e9ee16e21cc404b6508654931ce41", "type": "github" }, "original": { @@ -395,11 +376,11 @@ }, "nixlib": { "locked": { - "lastModified": 1640478849, - "narHash": "sha256-S4lNc3fb9UpYgVtTa/mZZXphq7+xGy74YGIlOWB1ceE=", + "lastModified": 1641688481, + "narHash": "sha256-6L+EU12xLDHby7y8elgFtRKVBxix+7qV8DhVgXqrKZo=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "c85a293f7d094a799dcf1197c31925bc44e94d6b", + "rev": "f697717b3d3a074ffc16c8c8227504f0db292886", "type": "github" }, "original": { @@ -429,11 +410,11 @@ }, "nixos": { "locked": { - "lastModified": 1638231428, - "narHash": "sha256-Sm5loBKdeusSvIAC+LtzRT6I7tAcqZdIPnHcxZt7NaE=", + "lastModified": 1643463207, + "narHash": "sha256-W0azAxucUq84BvWqDPt3gX8kyc8wYvGUynZV9COfByQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "393c5357a0071d51668bcdc69dfc25ddacbd5840", + "rev": "03098169624f487eef37186b3214c40e6b6e919d", "type": "github" }, "original": { @@ -446,7 +427,10 @@ "nixos-generators": { "inputs": { "nixlib": "nixlib", - "nixpkgs": "nixpkgs_3" + "nixpkgs": [ + "digga", + "blank" + ] }, "locked": { "lastModified": 1637655461, @@ -479,11 +463,27 @@ }, "nixpkgs": { "locked": { - "lastModified": 1640831728, - "narHash": "sha256-KK5SKqqfAt+ev3bHLrVXJ6i4zx9YQW6k19oUInY8T2M=", + "lastModified": 1643428210, + "narHash": "sha256-ympCeHuXeGitpnegE0raAtWLNg3vZbjj5QbbMvvBGCQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5d90841dd0179430db010dfc2c58b2a7de4371be", + "rev": "e1b353e890801a759efe9a4c42f6984e47721f0d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1643513770, + "narHash": "sha256-Q64SabfQLuhHQfhpIHS/fLCEO2NUFnI+EKsB5GnfWh8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "66ab3568d67b90275c0720aae8b911bad82c24fe", "type": "github" }, "original": { @@ -492,7 +492,7 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_3": { "locked": { "lastModified": 1636976544, "narHash": "sha256-9ZmdyoRz4Qu8bP5BKR1T10YbzcB9nvCeQjOEw2cRKR0=", @@ -508,22 +508,6 @@ "type": "github" } }, - "nixpkgs_3": { - "locked": { - "lastModified": 1640418986, - "narHash": "sha256-a8GGtxn2iL3WAkY5H+4E0s3Q7XJt6bTOvos9qqxT5OQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "5c37ad87222cfc1ec36d6cd1364514a9efc2f7f2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nur": { "locked": { "lastModified": 1638231901, @@ -541,7 +525,7 @@ "nvfetcher": { "inputs": { "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixos" ] @@ -563,7 +547,7 @@ "poetry2nix": { "inputs": { "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1625240517, diff --git a/modules/terminal-life/zsh/default.nix b/modules/terminal-life/zsh/default.nix index d892170c..9bb5b28d 100644 --- a/modules/terminal-life/zsh/default.nix +++ b/modules/terminal-life/zsh/default.nix @@ -38,6 +38,7 @@ in no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix"; # fix nixos-option nixos-option = "nixos-option -I nixpkgs=${self}/lib/compat"; + myip = "dig +short myip.opendns.com @208.67.222.222 2>&1"; }; zplug = { enable = true; diff --git a/overlays/overrides.nix b/overlays/overrides.nix index 477c1f8a..ec90a9df 100644 --- a/overlays/overrides.nix +++ b/overlays/overrides.nix @@ -29,8 +29,6 @@ channels: final: prev: { looking-glass-client ; - # nix is set to 2.3 in 21.11 - nix-direnv = prev.nix-direnv.override { nix = prev.nixUnstable; }; haskellPackages = prev.haskellPackages.override (old: { diff --git a/pkgs/mopidy-jellyfin.nix b/pkgs/mopidy-jellyfin.nix index 8c99ac21..a3cde276 100644 --- a/pkgs/mopidy-jellyfin.nix +++ b/pkgs/mopidy-jellyfin.nix @@ -1,20 +1,20 @@ self: with self; let - websocket-client = python38.pkgs.buildPythonPackage rec { + websocket-client = python39.pkgs.buildPythonPackage rec { pname = "websocket-client"; - version = "1.0.0"; + version = "1.2.1"; doCheck = false; - src = python38.pkgs.fetchPypi { + src = python39.pkgs.fetchPypi { inherit pname version; - sha256 = "sha256-UFGzii9MJ/vXygd+uyPsaWWmJt7VqVY382vhs1tsT4E="; + sha256 = "sha256-jftxXYqZL1cS//jIQ62ulOIrIqmbLF5rDsShqYHMTg0="; }; }; in -python38.pkgs.buildPythonPackage rec { +python39.pkgs.buildPythonPackage rec { pname = "Mopidy-Jellyfin"; version = "1.0.2"; doCheck = false; - propagatedBuildInputs = with python38.pkgs; [ + propagatedBuildInputs = with python39.pkgs; [ unidecode websocket-client requests @@ -22,7 +22,7 @@ python38.pkgs.buildPythonPackage rec { pykka mopidy ]; - src = python38.pkgs.fetchPypi { + src = python39.pkgs.fetchPypi { inherit pname version; sha256 = "sha256-5XimIIQSpvNyQbSOFtSTkA0jhA0V68BbyQEQNnov+0g="; }; diff --git a/profiles/core/default.nix b/profiles/core/default.nix index dc7ce5ec..85414700 100644 --- a/profiles/core/default.nix +++ b/profiles/core/default.nix @@ -2,6 +2,7 @@ let inherit (lib) fileContents; in { + # Sets nrdxp.cachix.org binary cache which just speeds up some builds imports = [ ../cachix ]; config = { @@ -16,6 +17,7 @@ in pub-solar.server.enable = true; pub-solar.printing.enable = true; + # This is just a representation of the nix default nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; environment = { @@ -91,20 +93,21 @@ in }; nix = { + # use nix-dram, a patched nix command, see: https://github.com/dramforever/nix-dram package = pkgs.nix-dram; + # Improve nix store disk usage autoOptimiseStore = true; - gc.automatic = true; - optimise.automatic = true; + # Prevents impurities in builds useSandbox = true; - allowedUsers = [ "@wheel" ]; - + # give root and @wheel special privileges with nix trustedUsers = [ "root" "@wheel" ]; + # Generally useful nix option defaults extraOptions = '' min-free = 536870912 keep-outputs = true @@ -117,12 +120,7 @@ in system.autoUpgrade.enable = true; - # For rage encryption, all hosts need a ssh key pair - services.openssh = { - enable = true; - openFirewall = lib.mkDefault false; - }; - + # Service that makes Out of Memory Killer more effective services.earlyoom.enable = true; boot.supportedFilesystems = [ "ntfs" ]; diff --git a/shell/bud/get.bash b/shell/bud/get.bash index 7c10d1ba..89e2af3d 100644 --- a/shell/bud/get.bash +++ b/shell/bud/get.bash @@ -1 +1 @@ -git clone https://github.com/divnix/devos.git "${2:-devos}" + nix flake new -t "github:divnix/devos/main" "${2:-devos}"