diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs new file mode 100644 index 00000000..fd343581 --- /dev/null +++ b/.git-blame-ignore-revs @@ -0,0 +1,2 @@ +# Formatted code using treefmt and alejandra +73bf158392a427d188b7aad36244b94506f57a15 diff --git a/CHANGELOG.md b/CHANGELOG.md index b8d9a688..92f225f7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -77,7 +77,7 @@ **Fixed bugs:** -- My emacsGcc overlay is not working [\#146](https://github.com/divnix/devos/issues/146) +- My emacsGcc overlay is not working [\#146](https://github.com/divnix/devos/issues/146) - local flake registry freezes branches [\#142](https://github.com/divnix/devos/issues/142) - nixos-option no longer works after collect garbage [\#138](https://github.com/divnix/devos/issues/138) - Profiles imports are brittle, causing failure if imported twice [\#136](https://github.com/divnix/devos/issues/136) @@ -109,6 +109,4 @@ ## [07092020](https://github.com/divnix/devos/tree/07092020) (2020-07-09) - - -\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* +\* _This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)_ diff --git a/LICENSE.md b/LICENSE.md index cba6f6a1..74c892ae 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -204,23 +204,23 @@ produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: -- a) The work must carry prominent notices stating that you modified - it, and giving a relevant date. -- b) The work must carry prominent notices stating that it is - released under this License and any conditions added under - section 7. This requirement modifies the requirement in section 4 - to "keep intact all notices". -- c) You must license the entire work, as a whole, under this - License to anyone who comes into possession of a copy. This - License will therefore apply, along with any applicable section 7 - additional terms, to the whole of the work, and all its parts, - regardless of how they are packaged. This License gives no - permission to license the work in any other way, but it does not - invalidate such permission if you have separately received it. -- d) If the work has interactive user interfaces, each must display - Appropriate Legal Notices; however, if the Program has interactive - interfaces that do not display Appropriate Legal Notices, your - work need not make them do so. +- a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. +- b) The work must carry prominent notices stating that it is + released under this License and any conditions added under + section 7. This requirement modifies the requirement in section 4 + to "keep intact all notices". +- c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. +- d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, @@ -239,42 +239,42 @@ sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: -- a) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by the - Corresponding Source fixed on a durable physical medium - customarily used for software interchange. -- b) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by a - written offer, valid for at least three years and valid for as - long as you offer spare parts or customer support for that product - model, to give anyone who possesses the object code either (1) a - copy of the Corresponding Source for all the software in the - product that is covered by this License, on a durable physical - medium customarily used for software interchange, for a price no - more than your reasonable cost of physically performing this - conveying of source, or (2) access to copy the Corresponding - Source from a network server at no charge. -- c) Convey individual copies of the object code with a copy of the - written offer to provide the Corresponding Source. This - alternative is allowed only occasionally and noncommercially, and - only if you received the object code with such an offer, in accord - with subsection 6b. -- d) Convey the object code by offering access from a designated - place (gratis or for a charge), and offer equivalent access to the - Corresponding Source in the same way through the same place at no - further charge. You need not require recipients to copy the - Corresponding Source along with the object code. If the place to - copy the object code is a network server, the Corresponding Source - may be on a different server (operated by you or a third party) - that supports equivalent copying facilities, provided you maintain - clear directions next to the object code saying where to find the - Corresponding Source. Regardless of what server hosts the - Corresponding Source, you remain obligated to ensure that it is - available for as long as needed to satisfy these requirements. -- e) Convey the object code using peer-to-peer transmission, - provided you inform other peers where the object code and - Corresponding Source of the work are being offered to the general - public at no charge under subsection 6d. +- a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. +- b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the Corresponding + Source from a network server at no charge. +- c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. +- d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. +- e) Convey the object code using peer-to-peer transmission, + provided you inform other peers where the object code and + Corresponding Source of the work are being offered to the general + public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be @@ -350,23 +350,23 @@ Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: -- a) Disclaiming warranty or limiting liability differently from the - terms of sections 15 and 16 of this License; or -- b) Requiring preservation of specified reasonable legal notices or - author attributions in that material or in the Appropriate Legal - Notices displayed by works containing it; or -- c) Prohibiting misrepresentation of the origin of that material, - or requiring that modified versions of such material be marked in - reasonable ways as different from the original version; or -- d) Limiting the use for publicity purposes of names of licensors - or authors of the material; or -- e) Declining to grant rights under trademark law for use of some - trade names, trademarks, or service marks; or -- f) Requiring indemnification of licensors and authors of that - material by anyone who conveys the material (or modified versions - of it) with contractual assumptions of liability to the recipient, - for any liability that these contractual assumptions directly - impose on those licensors and authors. +- a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or +- b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or +- c) Prohibiting misrepresentation of the origin of that material, + or requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or +- d) Limiting the use for publicity purposes of names of licensors + or authors of the material; or +- e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or +- f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions + of it) with contractual assumptions of liability to the recipient, + for any liability that these contractual assumptions directly + impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you diff --git a/README.md b/README.md index 31e84212..7f27fd0b 100644 --- a/README.md +++ b/README.md @@ -10,37 +10,37 @@ At its core, it's a NixOS installation running our configuration. The UX decisions and the way the project is structured are what make it _PubSolarOS_: -* Reproducibility is king, and the future is with declarative and functional - programming. Even if Nix does not turn out to be the end-all-be-all of - reproducible package management (Guix looks good), it has a plethora - of packages, a very active and helpful community, and very solid - software engineering practices. -* Because reproducibility is king, we're using nix flakes for locking flake - dependencies. [Digga](https://github.com/divnix/digga) is our flake - utility library, made by the wonderful people of the Divnix community. -* Physical devices are not shared anymore nowadays. Only seldomly will you - find shared devices that need more than one user account. For this - reason, only one user (excluding `root`) is assumed. -* Keyboard navigation wins where it matters; ergonomics, programmability, - efficiency, and speed. We use a tiling window manager (`sway`) and - prioritize cli-based solutions where sensible. The editor is `neovim` - configured to be just as opiniated as the operating system it is a part - of. For mailing, `neomutt` is the default, but we're more divided on - that part. -* We like new and shiny things, so we've moved to Wayland and pipewire. -* SICHERHEIT is written in capital letters at pub.solar, so we have first- - class disk-encryption support. Currently in the works is a paranoid - mode where the device can only hibernate (no more sleep or lockscreen) - so your data is locked any time you leave the device. -* Free software is better. If we can avoid it, nonfree software is avoided. - By default, `allowUnfree` is `false` so we don't ship non-free software - in a basic PubSolarOS ISO. However, nothing prevents you from using - as much non-free software as you like. -* Automation is better. The reproducibility of nix feels so much more - powerful once you're deploying your new configuration from your laptop - to all your other devices with one command. [We have an automated CI using drone](https://ci.b12f.io/pub-solar/os). -* Community is important. We just like working on this together, and it - feels really good to see our progress at the end of a - [hakken.irl](https://pub.solar/hakken) session. +- Reproducibility is king, and the future is with declarative and functional + programming. Even if Nix does not turn out to be the end-all-be-all of + reproducible package management (Guix looks good), it has a plethora + of packages, a very active and helpful community, and very solid + software engineering practices. +- Because reproducibility is king, we're using nix flakes for locking flake + dependencies. [Digga](https://github.com/divnix/digga) is our flake + utility library, made by the wonderful people of the Divnix community. +- Physical devices are not shared anymore nowadays. Only seldomly will you + find shared devices that need more than one user account. For this + reason, only one user (excluding `root`) is assumed. +- Keyboard navigation wins where it matters; ergonomics, programmability, + efficiency, and speed. We use a tiling window manager (`sway`) and + prioritize cli-based solutions where sensible. The editor is `neovim` + configured to be just as opiniated as the operating system it is a part + of. For mailing, `neomutt` is the default, but we're more divided on + that part. +- We like new and shiny things, so we've moved to Wayland and pipewire. +- SICHERHEIT is written in capital letters at pub.solar, so we have first- + class disk-encryption support. Currently in the works is a paranoid + mode where the device can only hibernate (no more sleep or lockscreen) + so your data is locked any time you leave the device. +- Free software is better. If we can avoid it, nonfree software is avoided. + By default, `allowUnfree` is `false` so we don't ship non-free software + in a basic PubSolarOS ISO. However, nothing prevents you from using + as much non-free software as you like. +- Automation is better. The reproducibility of nix feels so much more + powerful once you're deploying your new configuration from your laptop + to all your other devices with one command. [We have an automated CI using drone](https://ci.b12f.io/pub-solar/os). +- Community is important. We just like working on this together, and it + feels really good to see our progress at the end of a + [hakken.irl](https://pub.solar/hakken) session. To get started, take a look at the quick start guide in our docs. diff --git a/default.nix b/default.nix index 0e6bdee2..0468b228 100644 --- a/default.nix +++ b/default.nix @@ -9,23 +9,28 @@ let "x86_64-linux" ]; - filterSystems = lib.filterAttrs + filterSystems = + lib.filterAttrs (system: _: lib.elem system ciSystems); - recurseIntoAttrsRecursive = lib.mapAttrs (_: v: - if lib.isAttrs v - then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v) - else v + recurseIntoAttrsRecursive = lib.mapAttrs ( + _: v: + if lib.isAttrs v + then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v) + else v ); - systemOutputs = lib.filterAttrs - (name: set: lib.isAttrs set - && lib.any - (system: set ? ${system} && name != "legacyPackages") - ciSystems + systemOutputs = + lib.filterAttrs + ( + name: set: + lib.isAttrs set + && lib.any + (system: set ? ${system} && name != "legacyPackages") + ciSystems ) default.outputs; ciDrvs = lib.mapAttrs (_: system: filterSystems system) systemOutputs; in -(recurseIntoAttrsRecursive ciDrvs) // { shell = import ./shell.nix; } + (recurseIntoAttrsRecursive ciDrvs) // {shell = import ./shell.nix;} diff --git a/doc/CONTRIBUTING.md b/doc/CONTRIBUTING.md index e3af7e20..c49667c3 100644 --- a/doc/CONTRIBUTING.md +++ b/doc/CONTRIBUTING.md @@ -1,13 +1,15 @@ # TL;DR; + - **Target Branch**: `main` - **Merge Policy**: green check: merge away. yellow circle: have patience. red x: try again. - **Docs**: every change set is expected to contain doc updates -- **Commit Msg**: be a poet! Comprehensive and explanatory commit messages +- **Commit Msg**: be a poet! Comprehensive and explanatory commit messages should cover the motivation and use case in an easily understandable manner even when read after a few months. - **Test Driven Development**: please default to test driven development you can - make use of the `./examples` & `./e2e` and wire test up in the devshell. + make use of the `./examples` & `./e2e` and wire test up in the devshell. ### Within the Devshell (`nix develop`) + - **Hooks**: please `git commit` within the devshell - **Fail Early**: please run `check-all` from within the devshell on your local machine diff --git a/doc/SUMMARY.md b/doc/SUMMARY.md index 09d2d626..ce86a255 100644 --- a/doc/SUMMARY.md +++ b/doc/SUMMARY.md @@ -28,4 +28,3 @@ - [NixOS](./api-reference-nixos.md) - [Library Reference]() - [Contributing](./CONTRIBUTING.md) - diff --git a/doc/api-reference-channels.md b/doc/api-reference-channels.md index 533e6e91..2ac2530a 100755 --- a/doc/api-reference-channels.md +++ b/doc/api-reference-channels.md @@ -1,91 +1,76 @@ # Channels API Container + Configure your channels that you can use throughout your configurations. > #### ⚠ Gotcha ⚠ +> > Devshell & (non-host-specific) Home-Manager `pkgs` instances are rendered off the > `nixos.hostDefaults.channelName` (default) channel. - ## channels + nixpkgs channels to create - -*_Type_*: +_*Type*_: attribute set of submodules or path convertible to it +_*Default*_ -*_Default_* ``` {} ``` - - - ## channels.\.config + nixpkgs config for this channel - -*_Type_*: +_*Type*_: attribute set or path convertible to it +_*Default*_ -*_Default_* ``` {} ``` - - - ## channels.\.input + nixpkgs flake input to use for this channel - -*_Type_*: +_*Type*_: nix flake +_*Default*_ -*_Default_* ``` "self.inputs." ``` - - - ## channels.\.overlays + overlays to apply to this channel these will get exported under the 'overlays' flake output as \/\ and any overlay pulled from \ will be filtered out - -*_Type_*: +_*Type*_: list of valid Nixpkgs overlay or path convertible to its or anything convertible to it or path convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## channels.\.patches + patches to apply to this channel - -*_Type_*: +_*Type*_: list of paths +_*Default*_ -*_Default_* ``` [] ``` - - - - diff --git a/doc/api-reference-devshell.md b/doc/api-reference-devshell.md index 28f18087..64ad74f2 100755 --- a/doc/api-reference-devshell.md +++ b/doc/api-reference-devshell.md @@ -1,72 +1,59 @@ # Devshell API Container + Configure your devshell module collections of your environment. - ## devshell + Modules to include in your DevOS shell. the `modules` argument will be exported under the `devshellModules` output - -*_Type_*: +_*Type*_: submodule or path convertible to it +_*Default*_ -*_Default_* ``` {} ``` - - - ## devshell.exportedModules + modules to include in all hosts and export to devshellModules output - -*_Type_*: +_*Type*_: list of valid module or path convertible to its or anything convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## devshell.externalModules + The `externalModules` option has been removed. Any modules that should be exported should be defined with the `exportedModules` option and all other modules should just go into the `modules` option. - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## devshell.modules + modules to include that won't be exported meant importing modules from external flakes - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it or path convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - - diff --git a/doc/api-reference-home.md b/doc/api-reference-home.md index 0ab62f36..c2bd002c 100755 --- a/doc/api-reference-home.md +++ b/doc/api-reference-home.md @@ -1,119 +1,97 @@ # Home-Manager API Container + Configure your home manager modules, profiles & suites. - ## home + hosts, modules, suites, and profiles for home-manager - -*_Type_*: +_*Type*_: submodule or path convertible to it +_*Default*_ -*_Default_* ``` {} ``` - - - ## home.exportedModules + modules to include in all hosts and export to homeModules output - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it or path convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## home.externalModules + The `externalModules` option has been removed. Any modules that should be exported should be defined with the `exportedModules` option and all other modules should just go into the `modules` option. - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## home.importables + Packages of paths to be passed to modules as `specialArgs`. - -*_Type_*: +_*Type*_: attribute set +_*Default*_ -*_Default_* ``` {} ``` - - - ## home.importables.suites + collections of profiles - -*_Type_*: +_*Type*_: null or attribute set of list of paths or anything convertible to its or path convertible to it +_*Default*_ -*_Default_* ``` null ``` - - - ## home.modules + modules to include that won't be exported meant importing modules from external flakes - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it or path convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## home.users + HM users that can be deployed portably without a host. - -*_Type_*: +_*Type*_: attribute set of HM user configs +_*Default*_ -*_Default_* ``` {} ``` - - - - diff --git a/doc/api-reference-nixos.md b/doc/api-reference-nixos.md index 7428b161..d5a780c3 100755 --- a/doc/api-reference-nixos.md +++ b/doc/api-reference-nixos.md @@ -1,234 +1,191 @@ # NixOS API Container + Configure your nixos modules, profiles & suites. - ## nixos + hosts, modules, suites, and profiles for NixOS - -*_Type_*: +_*Type*_: submodule or path convertible to it +_*Default*_ -*_Default_* ``` {} ``` - - - ## nixos.hostDefaults + Defaults for all hosts. the modules passed under hostDefaults will be exported to the 'nixosModules' flake output. They will also be added to all hosts. - -*_Type_*: +_*Type*_: submodule +_*Default*_ -*_Default_* ``` {} ``` - - - ## nixos.hostDefaults.channelName + Channel this host should follow - -*_Type_*: +_*Type*_: channel defined in `channels` - - - - - ## nixos.hostDefaults.exportedModules + modules to include in all hosts and export to nixosModules output - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it or path convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## nixos.hostDefaults.externalModules + The `externalModules` option has been removed. Any modules that should be exported should be defined with the `exportedModules` option and all other modules should just go into the `modules` option. - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## nixos.hostDefaults.modules + modules to include that won't be exported meant importing modules from external flakes - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it or path convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## nixos.hostDefaults.system + system for this host - -*_Type_*: +_*Type*_: null or system defined in `supportedSystems` +_*Default*_ -*_Default_* ``` null ``` - - - ## nixos.hosts + configurations to include in the nixosConfigurations output - -*_Type_*: +_*Type*_: attribute set of submodules +_*Default*_ -*_Default_* ``` {} ``` - - - ## nixos.hosts.\.channelName + Channel this host should follow - -*_Type_*: +_*Type*_: null or channel defined in `channels` +_*Default*_ -*_Default_* ``` null ``` - - - ## nixos.hosts.\.modules + modules to include - -*_Type_*: +_*Type*_: list of valid modules or anything convertible to it or path convertible to it +_*Default*_ -*_Default_* ``` [] ``` - - - ## nixos.hosts.\.system + system for this host - -*_Type_*: +_*Type*_: null or system defined in `supportedSystems` +_*Default*_ -*_Default_* ``` null ``` - - - ## nixos.hosts.\.tests + tests to run - -*_Type_*: +_*Type*_: list of valid NixOS test or path convertible to its or anything convertible to it +_*Default*_ -*_Default_* ``` [] ``` +_*Example*_ -*_Example_* ``` {"_type":"literalExpression","text":"[\n {\n name = \"testname1\";\n machine = { ... };\n testScript = ''\n # ...\n '';\n }\n ({ corutils, writers, ... }: {\n name = \"testname2\";\n machine = { ... };\n testScript = ''\n # ...\n '';\n })\n ./path/to/test.nix\n];\n"} ``` - ## nixos.importables + Packages of paths to be passed to modules as `specialArgs`. - -*_Type_*: +_*Type*_: attribute set +_*Default*_ -*_Default_* ``` {} ``` - - - ## nixos.importables.suites + collections of profiles - -*_Type_*: +_*Type*_: null or attribute set of list of paths or anything convertible to its or path convertible to it +_*Default*_ -*_Default_* ``` null ``` - - - - diff --git a/doc/api-reference.md b/doc/api-reference.md index 47eb1284..ee2cb9e7 100755 --- a/doc/api-reference.md +++ b/doc/api-reference.md @@ -1,4 +1,5 @@ # Top Level API + `digga`'s top level API. API Containers are documented in their respective sub-chapter: - [Channels](./api-reference-channels.md) @@ -8,73 +9,55 @@ - [Darwin](./api-reference-darwin.md) ## channelsConfig + nixpkgs config for all channels - -*_Type_*: +_*Type*_: attribute set or path convertible to it +_*Default*_ -*_Default_* ``` {} ``` - - - ## inputs + The flake's inputs -*_Type_*: +_*Type*_: attribute set of nix flakes - - - - - ## outputsBuilder + builder for flake system-spaced outputs The builder gets passed an attrset of all channels - -*_Type_*: +_*Type*_: function that evaluates to a(n) attribute set or path convertible to it +_*Default*_ -*_Default_* ``` "channels: { }" ``` - - - ## self + The flake to create the DevOS outputs for -*_Type_*: +_*Type*_: nix flake - - - - - ## supportedSystems + The systems supported by this flake - -*_Type_*: +_*Type*_: list of strings +_*Default*_ -*_Default_* ``` ["aarch64-linux","aarch64-darwin","i686-linux","x86_64-darwin","x86_64-linux"] ``` - - - - diff --git a/doc/concepts/hosts.md b/doc/concepts/hosts.md index 1c3c3fa0..028f5870 100644 --- a/doc/concepts/hosts.md +++ b/doc/concepts/hosts.md @@ -28,10 +28,10 @@ is best saved for [profile modules](./profiles.md). This is a good place to import sets of profiles, called [suites](./suites.md), that you intend to use on your machine. - ## Example flake.nix: + ```nix { nixos = { @@ -47,6 +47,7 @@ flake.nix: ``` hosts/librem.nix: + ```nix { suites, ... }: { diff --git a/doc/concepts/overrides.md b/doc/concepts/overrides.md index 610fde04..46ef653b 100644 --- a/doc/concepts/overrides.md +++ b/doc/concepts/overrides.md @@ -1,8 +1,10 @@ # Overrides + Each NixOS host follows one channel. But many times it is useful to get packages or modules from different channels. ## Packages + You can make use of `overlays/overrides.nix` to override specific packages in the default channel to be pulled from other channels. That file is simply an example of how any overlay can get `channels` as their first argument. @@ -10,6 +12,7 @@ of how any overlay can get `channels` as their first argument. You can add overlays to any channel to override packages from other channels. Pulling the manix package from the `latest` channel: + ```nix channels: final: prev: { __dontExport = true; @@ -23,11 +26,12 @@ overrides and the property is already set for you. ## Modules -You can also pull modules from other channels. All modules have access to the +You can also pull modules from other channels. All modules have access to the `modulesPath` for each channel as `ModulesPath`. And you can use `disabledModules` to remove modules from the current channel. To pull zsh module from the `latest` channel this code can be placed in any module, whether its your host file, a profile, or a module in ./modules etc: + ```nix { latestModulesPath }: { @@ -37,6 +41,7 @@ To pull zsh module from the `latest` channel this code can be placed in any modu ``` > ##### _Note:_ +> > Sometimes a modules name will change from one branch to another. [nixpkgs-modules]: https://github.com/NixOS/nixpkgs/tree/master/nixos/modules diff --git a/doc/concepts/profiles.md b/doc/concepts/profiles.md index 7e592cc1..a9404955 100644 --- a/doc/concepts/profiles.md +++ b/doc/concepts/profiles.md @@ -6,20 +6,23 @@ built into the NixOS module system for a reason: to elegantly provide a clear separation of concerns. ## Creation + Profiles are created with the `rakeLeaves` function which recursively collects -`.nix` files from within a folder. The recursion stops at folders with a `default.nix` +`.nix` files from within a folder. The recursion stops at folders with a `default.nix` in them. You end up with an attribute set with leaves(paths to profiles) or nodes(attrsets leading to more nodes or leaves). A profile is used for quick modularization of [interelated bits](./profiles.md#subprofiles). > ##### _Notes:_ -> * For _declaring_ module options, there's the [modules](../outputs/modules.md) directory. -> * This directory takes inspiration from +> +> - For _declaring_ module options, there's the [modules](../outputs/modules.md) directory. +> - This directory takes inspiration from > [upstream](https://github.com/NixOS/nixpkgs/tree/master/nixos/modules/profiles) > . ### Nested profiles + Profiles can be nested in attribute sets due to the recursive nature of `rakeLeaves`. This can be useful to have a set of profiles created for a specific purpose. It is sometimes useful to have a `common` profile that has high level concerns related @@ -28,6 +31,7 @@ to all its sister profiles. ### Example profiles/develop/common.nix: + ```nix { imports = [ ./zsh ]; @@ -36,6 +40,7 @@ profiles/develop/common.nix: ``` profiles/develop/zsh.nix: + ```nix { ... }: { @@ -45,6 +50,7 @@ profiles/develop/zsh.nix: ``` The examples above will end up with a profiles set like this: + ```nix { develop = { @@ -55,6 +61,7 @@ The examples above will end up with a profiles set like this: ``` ## Conclusion + Profiles are the most important concept in DevOS. They allow us to keep our Nix expressions self contained and modular. This way we can maximize reuse across hosts while minimizing boilerplate. Remember, anything machine diff --git a/doc/concepts/suites.md b/doc/concepts/suites.md index e9eef34c..45d7ec46 100644 --- a/doc/concepts/suites.md +++ b/doc/concepts/suites.md @@ -1,4 +1,5 @@ # Suites + Suites provide a mechanism for users to easily combine and name collections of profiles. @@ -8,6 +9,7 @@ argument (one that can be use in an `imports` line) to your hosts. All lists def in `suites` are flattened and type-checked as paths. ## Definition + ```nix rec { workstation = [ profiles.develop profiles.graphical users.nixos ]; @@ -16,7 +18,9 @@ rec { ``` ## Usage + `hosts/my-laptop.nix`: + ```nix { suites, ... }: { diff --git a/doc/concepts/users.md b/doc/concepts/users.md index b3454244..3cb4480e 100644 --- a/doc/concepts/users.md +++ b/doc/concepts/users.md @@ -1,5 +1,6 @@ > ##### _Note:_ -> This section and its semantics need a conceptiual rework. +> +> This section and its semantics need a conceptiual rework. > Since recently [portable home configurations][portableuser] > that are not bound to any specific host are a thing. @@ -12,7 +13,9 @@ your users. For a fully fleshed out example, check out the developers personal [branch](https://github.com/divnix/devos/tree/nrd/users/nrd/default.nix). ## Basic Usage + `users/myuser/default.nix`: + ```nix { ... }: { @@ -28,6 +31,7 @@ your users. For a fully fleshed out example, check out the developers personal ``` ## Home Manager + Home Manager support follows the same principles as regular nixos configurations, it even gets its own namespace in your `flake.nix` as `home`. @@ -37,7 +41,9 @@ User profiles can be collected in a similar fashion as system ones into a `suite argument that gets passed to your home-manager users. ### Example + `flake.nix` + ```nix { home.users.nixos = { suites, ... }: { @@ -46,8 +52,8 @@ argument that gets passed to your home-manager users. } ``` - ## External Usage + You can easily use the defined home-manager configurations outside of NixOS using the `homeConfigurations` flake output. @@ -55,6 +61,7 @@ This is great for keeping your environment consistent across Unix-like systems, including macOS. ### From within the projects devshell: + ```sh # builds the pub-solar user defined in the PubSolarOS host nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage' @@ -64,6 +71,7 @@ nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage' && ./r ``` ### Manually from outside the project: + ```sh # build nix build "github:divnix/devos#homeConfigurations.nixos@NixOS.home.activationPackage" diff --git a/doc/integrations/cachix.md b/doc/integrations/cachix.md index b0254594..1b609f1c 100644 --- a/doc/integrations/cachix.md +++ b/doc/integrations/cachix.md @@ -1,4 +1,5 @@ # Cachix + The system will automatically pull a cachix.nix at the root if one exists. This is usually created automatically by a `sudo cachix use`. If you're more inclined to keep the root clean, you can drop any generated files in the diff --git a/doc/integrations/deploy.md b/doc/integrations/deploy.md index 2282eb7f..5c5e1676 100644 --- a/doc/integrations/deploy.md +++ b/doc/integrations/deploy.md @@ -1,4 +1,5 @@ # deploy-rs + [Deploy-rs][d-rs] is a tool for managing NixOS remote machines. It was chosen for devos after the author experienced some frustrations with the stateful nature of nixops' db. It was also designed from scratch to support @@ -11,6 +12,7 @@ the command line. ## Usage Just add your ssh key to the host: + ```nix { ... }: { @@ -21,6 +23,7 @@ Just add your ssh key to the host: ``` And the private key to your user: + ```nix { ... }: { @@ -39,16 +42,20 @@ And the private key to your user: ``` And run the deployment: + ```sh deploy '.#hostName' --hostname host.example.com ``` > ##### _Note:_ +> > Your user will need **passwordless** sudo access + ### Home Manager Digga's `lib.mkDeployNodes` provides only `system` profile. In order to deploy your `home-manager` configuration you should provide additional profile(s) to deploy-rs config: + ```nix # Initially, this line looks like this: deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { }; deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations @@ -67,10 +74,9 @@ deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations }; ``` -Substitute ``, `` and `` placeholders (omitting the `<>`). +Substitute ``, `` and `` placeholders (omitting the `<>`). `` is there to illustrate deploying multiple `home-manager` configurations. Either substitute those as well, or remove them altogether. Don't forget the `profileOrder` variable. - [d-rs]: https://github.com/serokell/deploy-rs diff --git a/doc/integrations/hercules.md b/doc/integrations/hercules.md index aa0185e4..aeb1daa0 100644 --- a/doc/integrations/hercules.md +++ b/doc/integrations/hercules.md @@ -1,4 +1,5 @@ # Hercules CI + If you start adding your own packages and configurations, you'll probably have at least a few binary artifacts. With hercules we can build every package in our configuration automatically, on every commit. Additionally, we can have it @@ -8,6 +9,7 @@ This will work whether your copy is a fork, or a bare template, as long as your repo is hosted on GitHub. ## Setup + Just head over to [hercules-ci.com](https://hercules-ci.com) to make an account. Then follow the docs to set up an [agent][agent], if you want to deploy to a @@ -15,6 +17,7 @@ binary cache (and of course you do), be sure _not_ to skip the [binary-caches.json][cache]. ## Ready to Use + The repo is already set up with the proper _default.nix_ file, building all declared packages, checks, profiles and shells. So you can see if something breaks, and never build the same package twice! @@ -23,6 +26,7 @@ If you want to get fancy, you could even have hercules [deploy your configuration](https://docs.hercules-ci.com/hercules-ci-effects/guide/deploy-a-nixos-machine/)! > ##### _Note:_ +> > Hercules doesn't have access to anything encrypted in the > [secrets folder](../../secrets), so none of your secrets will accidentally get > pushed to a cache by mistake. diff --git a/doc/integrations/index.md b/doc/integrations/index.md index 5ea739ec..ce9f3f1b 100644 --- a/doc/integrations/index.md +++ b/doc/integrations/index.md @@ -1,4 +1,5 @@ # Integrations + This section explores some of the optional tools included with devos to provide a solution to common concerns such as ci and remote deployment. An effort is made to choose tools that treat nix, and where possible flakes, as first class diff --git a/doc/integrations/nvfetcher.md b/doc/integrations/nvfetcher.md index c26c5fbe..75a0fd2e 100644 --- a/doc/integrations/nvfetcher.md +++ b/doc/integrations/nvfetcher.md @@ -1,4 +1,5 @@ # nvfetcher + [NvFetcher][nvf] is a workflow companion for updating nix sources. You can specify an origin source and an update configuration, and @@ -15,6 +16,7 @@ and commit the results. ## Usage Statically fetching (not tracking) a particular tag from a github repo: + ```toml [manix] src.manual = "v0.6.3" @@ -22,6 +24,7 @@ fetch.github = "mlvzk/manix" ``` Tracking the latest github _release_ from a github repo: + ```toml [manix] src.github = "mlvzk/manix" # responsible for tracking @@ -29,6 +32,7 @@ fetch.github = "mlvzk/manix" # responsible for fetching ``` Tracking the latest commit of a git repository and fetch from a git repo: + ```toml [manix] src.git = "https://github.com/mlvzk/manix.git" # responsible for tracking @@ -36,6 +40,7 @@ fetch.git = "https://github.com/mlvzk/manix.git" # responsible for fetching ``` > ##### _Note:_ +> > Please refer to the [NvFetcher Readme][nvf-readme] for more options. [nvf]: https://github.com/berberman/nvfetcher diff --git a/doc/outputs/index.md b/doc/outputs/index.md index 36207188..34f8e668 100644 --- a/doc/outputs/index.md +++ b/doc/outputs/index.md @@ -1,3 +1,4 @@ # Layout + Each of the following sections is a directory whose contents are output to the outside world via the flake's outputs. Check each chapter for details. diff --git a/doc/outputs/modules.md b/doc/outputs/modules.md index f698e9f6..208c910e 100644 --- a/doc/outputs/modules.md +++ b/doc/outputs/modules.md @@ -1,4 +1,5 @@ # Modules + The modules directory is a replica of nixpkg's NixOS [modules][nixpkgs-modules] , and follows the same semantics. This allows for trivial upstreaming into nixpkgs proper once your module is sufficiently stable. @@ -6,18 +7,21 @@ nixpkgs proper once your module is sufficiently stable. All modules linked in _module-list.nix_ are automatically exported via `nixosModules.`, and imported into all [hosts](../concepts/hosts.md). - > ##### _Note:_ +> > This is reserved for declaring brand new module options. If you just want to > declare a coherent configuration of already existing and related NixOS options > , use [profiles](../concepts/profiles.md) instead. ## Semantics + In case you've never written a module for nixpkgs before, here is a brief outline of the process. ### Declaration + modules/services/service-category/my-service.nix: + ```nix { config, lib, ... }: let @@ -37,7 +41,9 @@ in ``` ### Import + modules/module-list.nix: + ```nix [ ./services/service-category/my-service.nix @@ -47,7 +53,9 @@ modules/module-list.nix: ## Usage ### Internal + profiles/profile-category/my-profile.nix: + ```nix { ... }: { @@ -56,7 +64,9 @@ profiles/profile-category/my-profile.nix: ``` ### External + flake.nix: + ```nix { # inputs omitted diff --git a/doc/outputs/overlays.md b/doc/outputs/overlays.md index f463d1a7..607d751e 100644 --- a/doc/outputs/overlays.md +++ b/doc/outputs/overlays.md @@ -1,4 +1,5 @@ # Overlays + Writing overlays is a common occurence when using a NixOS system. Therefore, we want to keep the process as simple and straightforward as possible. @@ -9,7 +10,9 @@ exported via `overlays./` _as well as_ write it. ## Example + overlays/kakoune.nix: + ```nix final: prev: { kakoune = prev.kakoune.override { diff --git a/doc/outputs/pkgs.md b/doc/outputs/pkgs.md index 4de93a8d..5b733727 100644 --- a/doc/outputs/pkgs.md +++ b/doc/outputs/pkgs.md @@ -1,4 +1,5 @@ # Packages + Similar to [modules](./modules.md), the pkgs directory mirrors the upstream [nixpkgs/pkgs][pkgs], and for the same reason; if you ever want to upstream your package, it's as simple as dropping it into the nixpkgs/pkgs directory. @@ -13,26 +14,30 @@ the supported systems listed in the package's `meta.platforms` attribute. And, as usual, every package in the overlay is also available to any NixOS [host](../concepts/hosts.md). -Another convenient difference is that it is possible to use -[nvfetcher](https://github.com/berberman/nvfetcher) to keep packages up to +Another convenient difference is that it is possible to use +[nvfetcher](https://github.com/berberman/nvfetcher) to keep packages up to date. This is best understood by the simple example below. ## Example -It is possible to specify sources separately to keep them up to date semi + +It is possible to specify sources separately to keep them up to date semi automatically. The basic rules are specified in pkgs/sources.toml: + ```toml # nvfetcher.toml [libinih] src.github = "benhoyt/inih" fetch.github = "benhoyt/inih" ``` -After changes to this file as well as to update the packages specified in there run + +After changes to this file as well as to update the packages specified in there run nvfetcher (for more details see [nvfetcher](https://github.com/berberman/nvfetcher)). The pkgs overlay is managed in pkgs/default.nix: + ```nix final: prev: { # keep sources first, this makes sources available to the pkgs @@ -45,6 +50,7 @@ final: prev: { Lastly the example package is in pkgs/development/libraries/libinih/default.nix: + ```nix { stdenv, meson, ninja, lib, sources, ... }: stdenv.mkDerivation { @@ -59,16 +65,17 @@ stdenv.mkDerivation { } ``` - ## Migration from flake based approach + Previous to nvfetcher it was possible to manage sources via a pkgs/flake.nix, the main changes from there are that sources where in the attribute "srcs" (now "sources") and the contents of the sources where slightly different. In order to switch to the new system, rewrite pkgs/flake.nix to a pkgs/sources.toml file using the documentation of nvfetcher, -add the line that calls the sources at the beginning of pkgs/default.nix, and +add the line that calls the sources at the beginning of pkgs/default.nix, and accomodate the small changes in the packages as can be seen from the example. The example package looked like: pkgs/flake.nix: + ```nix { description = "Package sources"; @@ -81,6 +88,7 @@ pkgs/flake.nix: ``` pkgs/default.nix: + ```nix final: prev: { # then, call packages with `final.callPackage` @@ -89,6 +97,7 @@ final: prev: { ``` pkgs/development/libraries/libinih/default.nix: + ```nix { stdenv, meson, ninja, lib, srcs, ... }: let inherit (srcs) libinih; in diff --git a/doc/secrets.md b/doc/secrets.md index 8794925a..1ae1eb4d 100644 --- a/doc/secrets.md +++ b/doc/secrets.md @@ -1,9 +1,11 @@ # Secrets + Secrets are managed using [agenix][agenix] so you can keep your flake in a public repository like GitHub without exposing your password or other sensitive data. ## Agenix + Currently, there is [no mechanism][secrets-issue] in nix itself to deploy secrets within the nix store because it is world-readable. @@ -17,6 +19,7 @@ matching ssh private key can read the data. The [age module][age module] will ad encrypted files to the nix store and decrypt them on activation to `/run/agenix`. ### Setup + All hosts must have openssh enabled, this is done by default in the core profile. You need to populate your `secrets/secrets.nix` with the proper ssh public keys. @@ -24,6 +27,7 @@ Be extra careful to make sure you only add public keys, you should never share a private key!! secrets/secrets.nix: + ```nix let system = ""; @@ -37,22 +41,25 @@ this file doesn't exist you likely need to enable openssh and rebuild your syste Your users ssh public key is probably stored in `~/.ssh/id_ed25519.pub` or `~/.ssh/id_rsa.pub`. If you haven't generated a ssh key yet, be sure do so: + ```sh ssh-keygen -t ed25519 ``` > ##### _Note:_ +> > The underlying tool used by agenix, rage, doesn't work well with password protected > ssh keys. So if you have lots of secrets you might have to type in your password many > times. - ### Secrets + You will need the `agenix` command to create secrets. DevOS conveniently provides that in the devShell, so just run `nix develop` whenever you want to edit secrets. Make sure to always run `agenix` while in the `secrets/` folder, so it can pick up your `secrets.nix`. To create secrets, simply add lines to your `secrets/secrets.nix`: + ``` let ... @@ -62,21 +69,26 @@ in "secret.age".publicKeys = allKeys; } ``` + That would tell agenix to create a `secret.age` file that is encrypted with the `system` and `user` ssh public key. Then go into the `secrets` folder and run: + ```sh agenix -e secret.age ``` + This will create the `secret.age`, if it doesn't already exist, and allow you to edit it. If you ever change the `publicKeys` entry of any secret make sure to rekey the secrets: + ```sh agenix --rekey ``` ### Usage + Once you have your secret file encrypted and ready to use, you can utilize the [age module][age module] to ensure that your secrets end up in `/run/secrets`. @@ -89,15 +101,14 @@ In any profile that uses a NixOS module that requires a secret you can enable a } ``` - Then you can just pass the path `/run/agenix/mysecret` to the module. You can make use of the many options provided by the age module to customize where and how secrets get decrypted. You can learn about them by looking at the [age module][age module]. - > ##### _Note:_ +> > You can take a look at the [agenix repository][agenix] for more information > about the tool. diff --git a/doc/start/index.md b/doc/start/index.md index 9650ba05..06e41292 100644 --- a/doc/start/index.md +++ b/doc/start/index.md @@ -1,18 +1,24 @@ # Quick Start + The only dependency is nix, so make sure you have it [installed][install-nix]. ## Get the Template + If you currently don't have flakes setup, you can utilize the digga shell to pull the template: + ```sh nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \ --run "nix flake init -t github:divnix/digga" ``` + If you already have flakes support, you can directly pull the template: + ```sh nix flake init -t github:divnix/digga ``` Then make sure to create the git repository: + ```sh git init git add . @@ -20,11 +26,14 @@ git commit -m init ``` To drop into a nix-shell, if you don't have flakes setup, use the digga shell to create a `flake.lock`: + ```sh nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \ --run "nix flake lock" ``` + Or if you do have flakes support, just run: + ```sh nix flake lock ``` @@ -35,6 +44,7 @@ version required. You can run `menu` to confirm that you are using digga (expect In addition, the [binary cache](../integrations/cachix.md) is added for faster deployment. > ##### _Notes:_ +> > - Flakes ignore files that have not been added to git, so be sure to stage new > files before building the system. > - You can choose to simply clone the repo with git if you want to follow @@ -46,5 +56,4 @@ In addition, the [binary cache](../integrations/cachix.md) is added for faster d - [Make installable ISO](./iso.md) - [install-nix]: https://nixos.org/manual/nix/stable/#sect-multi-user-installation diff --git a/doc/start/iso.md b/doc/start/iso.md index b8fa6659..8ce30988 100644 --- a/doc/start/iso.md +++ b/doc/start/iso.md @@ -31,6 +31,6 @@ custom-made for your target host will maximise those local cache hits. For hosts that don't differ too much, a single USB stick might be ok, whereas when there are bigger differences, a custom-made USB stick will be considerably faster. -[nixos-generators]: https://github.com/nix-community/nixos-generators +[nixos-generators]: https://github.com/nix-community/nixos-generators [burn]: https://nixos.org/manual/nixos/stable/index.html#sec-booting-from-usb [formats]: https://github.com/nix-community/nixos-generators/tree/master/formats diff --git a/doc/tests.md b/doc/tests.md index 4844912d..aa2bda14 100644 --- a/doc/tests.md +++ b/doc/tests.md @@ -6,12 +6,14 @@ configuration, and, optionally, run them in [CI](./integrations/hercules.md). ## Unit Tests + Unit tests can be created from regular derivations, and they can do almost anything you can imagine. By convention, it is best to test your packages during their [check phase][check]. All packages and their tests will be built during CI. ## Integration Tests + All your profiles defined in suites will be tested in a NixOS VM. You can write integration tests for one or more NixOS VMs that can, diff --git a/flake.lock b/flake.lock index ebcef0ac..f62e3e63 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1665870395, - "narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=", + "lastModified": 1673301561, + "narHash": "sha256-gRUWHbBAtMuPDJQXotoI8u6+3DGBIUZHkyQWpIv7WpM=", "owner": "ryantm", "repo": "agenix", - "rev": "a630400067c6d03c9b3e0455347dc8559db14288", + "rev": "42d371d861a227149dc9a7e03350c9ab8b8ddd68", "type": "github" }, "original": { @@ -42,11 +42,11 @@ ] }, "locked": { - "lastModified": 1665392861, - "narHash": "sha256-bCd8fYJMAb0LzabsiXl4nxECDoz483bJOCa2hjox7N0=", + "lastModified": 1673295039, + "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "ef56fd8979b5f4e800c4716f62076e00600b1172", + "rev": "87b9d090ad39b25b2400029c64825fc2a8868943", "type": "github" }, "original": { @@ -85,11 +85,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1659725433, - "narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=", + "lastModified": 1674127017, + "narHash": "sha256-QO1xF7stu5ZMDLbHN30LFolMAwY6TVlzYvQoUs1RD68=", "owner": "serokell", "repo": "deploy-rs", - "rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb", + "rev": "8c9ea9605eed20528bf60fae35a2b613b901fd77", "type": "github" }, "original": { @@ -160,11 +160,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1648199409, - "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -192,11 +192,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { @@ -254,38 +254,24 @@ "type": "github" } }, - "flake-utils_3": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "home": { "inputs": { "nixpkgs": [ "nixos" - ] + ], + "utils": "utils_2" }, "locked": { - "lastModified": 1665996265, - "narHash": "sha256-/k9og6LDBQwT+f/tJ5ClcWiUl8kCX5m6ognhsAxOiCY=", + "lastModified": 1674440933, + "narHash": "sha256-CASRcD/rK3fn5vUCti3jzry7zi0GsqRsBohNq9wPgLs=", "owner": "nix-community", "repo": "home-manager", - "rev": "b81e128fc053ab3159d7b464d9b7dedc9d6a6891", + "rev": "65c47ced082e3353113614f77b1bc18822dc731f", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-22.05", + "ref": "release-22.11", "repo": "home-manager", "type": "github" } @@ -308,11 +294,11 @@ }, "latest_2": { "locked": { - "lastModified": 1665940183, - "narHash": "sha256-cPe3F7CtnxU9YbJpc3Adl4d9kX+turqTv5FxM98i8vg=", + "lastModified": 1674641431, + "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "104e8082de1b20f9d0e1f05b1028795ed0e0e4bc", + "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", "type": "github" }, "original": { @@ -329,11 +315,11 @@ ] }, "locked": { - "lastModified": 1662220400, - "narHash": "sha256-9o2OGQqu4xyLZP9K6kNe1pTHnyPz0Wr3raGYnr9AIgY=", + "lastModified": 1671096816, + "narHash": "sha256-ezQCsNgmpUHdZANDCILm3RvtO1xH8uujk/+EqNvzIOg=", "owner": "nmattia", "repo": "naersk", - "rev": "6944160c19cb591eb85bbf9b2f2768a935623ed3", + "rev": "d998160d6a076cfe8f9741e56aeec7e267e3e114", "type": "github" }, "original": { @@ -359,16 +345,16 @@ }, "nixos": { "locked": { - "lastModified": 1666014999, - "narHash": "sha256-gvKl8xlPJreezNG1NVTJv/HdGC69MSrM+IpCxS+eFvw=", + "lastModified": 1674868155, + "narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1935dd8fdab8e022a9d958419663162fd840014c", + "rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.05", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } @@ -379,11 +365,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1666016402, - "narHash": "sha256-Cm/nrdUMXwXiFQforG1Mv8OA4o8yhuVx6E1eDFH4rew=", + "lastModified": 1674666581, + "narHash": "sha256-KNI2s/xrL7WOYaPJAWKBtb7cCH3335rLfsL+B+ssuGY=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "688db42a1eb34853f050267ff65c975f664312f0", + "rev": "6a5dc1d3d557ea7b5c19b15ff91955124d0400fa", "type": "github" }, "original": { @@ -394,11 +380,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1665987993, - "narHash": "sha256-MvlaIYTRiqefG4dzI5p6vVCfl+9V8A1cPniUjcn6Ngc=", + "lastModified": 1674550793, + "narHash": "sha256-ljJlIFQZwtBbzWqWTmmw2O5BFmQf1A/DspwMOQtGXHk=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "0e6593630071440eb89cd97a52921497482b22c6", + "rev": "b7ac0a56029e4f9e6743b9993037a5aaafd57103", "type": "github" }, "original": { @@ -451,51 +437,44 @@ "type": "indirect" } }, - "nvfetcher": { - "inputs": { - "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_3", - "nixpkgs": [ - "nixos" - ] - }, - "locked": { - "lastModified": 1664550666, - "narHash": "sha256-eXfMRd9uItEp3PsYI31FSVGPG9dVC6yF++65ZrGwW8A=", - "owner": "berberman", - "repo": "nvfetcher", - "rev": "9763ad40d59a044e90726653d9253efaeeb053b2", - "type": "github" - }, - "original": { - "owner": "berberman", - "repo": "nvfetcher", - "type": "github" - } - }, "root": { "inputs": { "agenix": "agenix", "darwin": "darwin", "deploy": "deploy", "digga": "digga", + "flake-compat": "flake-compat_3", "home": "home", "latest": "latest_2", "naersk": "naersk", "nixos": "nixos", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nur": "nur", - "nvfetcher": "nvfetcher" + "nur": "nur" } }, "utils": { "locked": { - "lastModified": 1648297722, - "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 4ac60e8a..33ce736f 100644 --- a/flake.nix +++ b/flake.nix @@ -5,148 +5,153 @@ nixConfig.extra-substituters = "https://nix-dram.cachix.org https://dram.cachix.org https://nrdxp.cachix.org https://nix-community.cachix.org"; nixConfig.extra-trusted-public-keys = "nix-dram.cachix.org-1:CKjZ0L1ZiqH3kzYAZRt8tg8vewAx5yj8Du/+iR8Efpg= dram.cachix.org-1:baoy1SXpwYdKbqdTbfKGTKauDDeDlHhUpC+QuuILEMY= nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="; - inputs = - { - # Track channels with commits tested and built by hydra - nixos.url = "github:nixos/nixpkgs/nixos-22.05"; - latest.url = "github:nixos/nixpkgs/nixos-unstable"; + inputs = { + # Track channels with commits tested and built by hydra + nixos.url = "github:nixos/nixpkgs/nixos-22.11"; + latest.url = "github:nixos/nixpkgs/nixos-unstable"; - digga.url = "github:pub-solar/digga/fix/bootstrap-iso"; - digga.inputs.nixpkgs.follows = "nixos"; - digga.inputs.nixlib.follows = "nixos"; - digga.inputs.home-manager.follows = "home"; - digga.inputs.deploy.follows = "deploy"; + flake-compat.url = "github:edolstra/flake-compat"; + flake-compat.flake = false; - home.url = "github:nix-community/home-manager/release-22.05"; - home.inputs.nixpkgs.follows = "nixos"; + digga.url = "github:pub-solar/digga/fix/bootstrap-iso"; + digga.inputs.nixpkgs.follows = "nixos"; + digga.inputs.nixlib.follows = "nixos"; + digga.inputs.home-manager.follows = "home"; + digga.inputs.deploy.follows = "deploy"; - darwin.url = "github:LnL7/nix-darwin"; - darwin.inputs.nixpkgs.follows = "nixos"; + home.url = "github:nix-community/home-manager/release-22.11"; + home.inputs.nixpkgs.follows = "nixos"; - deploy.url = "github:serokell/deploy-rs"; - deploy.inputs.nixpkgs.follows = "nixos"; + darwin.url = "github:LnL7/nix-darwin"; + darwin.inputs.nixpkgs.follows = "nixos"; - agenix.url = "github:ryantm/agenix"; - agenix.inputs.nixpkgs.follows = "nixos"; + deploy.url = "github:serokell/deploy-rs"; + deploy.inputs.nixpkgs.follows = "nixos"; - nvfetcher.url = "github:berberman/nvfetcher"; - nvfetcher.inputs.nixpkgs.follows = "nixos"; + agenix.url = "github:ryantm/agenix"; + agenix.inputs.nixpkgs.follows = "nixos"; - naersk.url = "github:nmattia/naersk"; - naersk.inputs.nixpkgs.follows = "nixos"; + naersk.url = "github:nmattia/naersk"; + naersk.inputs.nixpkgs.follows = "nixos"; - nixos-hardware.url = "github:nixos/nixos-hardware"; + nixos-hardware.url = "github:nixos/nixos-hardware"; - nixos-generators.url = "github:nix-community/nixos-generators"; - }; + nixos-generators.url = "github:nix-community/nixos-generators"; + }; - outputs = - { self - , digga - , nixos - , home - , nixos-hardware - , nur - , agenix - , nvfetcher - , deploy - , ... - } @ inputs: + outputs = { + self, + digga, + nixos, + home, + nixos-hardware, + nur, + agenix, + deploy, + ... + } @ inputs: digga.lib.mkFlake - { - inherit self inputs; + { + inherit self inputs; - channelsConfig = { - # allowUnfree = true; - }; + channelsConfig = { + # allowUnfree = true; + }; - supportedSystems = [ "x86_64-linux" "aarch64-linux" ]; - - channels = { - nixos = { - imports = [ (digga.lib.importOverlays ./overlays) ]; - overlays = [ ]; - }; - latest = { }; - }; - - lib = import ./lib { lib = digga.lib // nixos.lib; }; - - sharedOverlays = [ - (final: prev: { - __dontExport = true; - lib = prev.lib.extend (lfinal: lprev: { - our = self.lib; - }); - }) - nur.overlay - agenix.overlay - - (import ./pkgs) - ]; + supportedSystems = ["x86_64-linux" "aarch64-linux"]; + channels = { nixos = { - hostDefaults = { - system = "x86_64-linux"; - channelName = "nixos"; - imports = [ (digga.lib.importExportableModules ./modules) ]; + imports = [(digga.lib.importOverlays ./overlays)]; + overlays = []; + }; + latest = {}; + }; + + lib = import ./lib {lib = digga.lib // nixos.lib;}; + + sharedOverlays = [ + (final: prev: { + __dontExport = true; + lib = prev.lib.extend (lfinal: lprev: { + our = self.lib; + }); + }) + nur.overlay + agenix.overlay + + (import ./pkgs) + ]; + + nixos = { + hostDefaults = { + system = "x86_64-linux"; + channelName = "nixos"; + imports = [(digga.lib.importExportableModules ./modules)]; + modules = [ + {lib.our = self.lib;} + # FIXME: upstream module causes a huge number of unnecessary + # dependencies to be pulled in for all systems -- many of them are + # graphical. should only be imported as needed. + # digga.nixosModules.bootstrapIso + digga.nixosModules.nixConfig + home.nixosModules.home-manager + agenix.nixosModules.age + ]; + }; + + imports = [(digga.lib.importHosts ./hosts)]; + hosts = { + /* + set host specific properties here + */ + bootstrap = { modules = [ - { lib.our = self.lib; } - # FIXME: upstream module causes a huge number of unnecessary - # dependencies to be pulled in for all systems -- many of them are - # graphical. should only be imported as needed. - # digga.nixosModules.bootstrapIso - digga.nixosModules.nixConfig - home.nixosModules.home-manager - agenix.nixosModules.age + digga.nixosModules.bootstrapIso ]; }; - - imports = [ (digga.lib.importHosts ./hosts) ]; - hosts = { - /* set host specific properties here */ - bootstrap = { - modules = [ - digga.nixosModules.bootstrapIso - ]; - }; - PubSolarOS = { - tests = [ - (import ./tests/first-test.nix { pkgs = nixos.legacyPackages.x86_64-linux; lib = nixos.lib; }) - ]; - }; + PubSolarOS = { + tests = [ + (import ./tests/first-test.nix { + pkgs = nixos.legacyPackages.x86_64-linux; + lib = nixos.lib; + }) + ]; }; - importables = rec { - profiles = digga.lib.rakeLeaves ./profiles // { + }; + importables = rec { + profiles = + digga.lib.rakeLeaves ./profiles + // { users = digga.lib.rakeLeaves ./users; }; - suites = with profiles; rec { - base = [ users.pub-solar users.root ]; - iso = base ++ [ base-user graphical pub-solar-iso ]; - pubsolaros = [ full-install base-user users.root ]; - anonymous = [ pubsolaros users.pub-solar ]; - }; + suites = with profiles; rec { + base = [users.pub-solar users.root]; + iso = base ++ [base-user graphical pub-solar-iso]; + pubsolaros = [full-install base-user users.root]; + anonymous = [pubsolaros users.pub-solar]; }; }; - - home = { - imports = [ (digga.lib.importExportableModules ./users/modules) ]; - modules = [ ]; - importables = rec { - profiles = digga.lib.rakeLeaves ./users/profiles; - suites = with profiles; rec { - base = [ direnv git ]; - }; - }; - users = { - pub-solar = { suites, ... }: { imports = suites.base; }; - }; # digga.lib.importers.rakeLeaves ./users/hm; - }; - - devshell = ./shell; - - homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; - - deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { }; }; + + home = { + imports = [(digga.lib.importExportableModules ./users/modules)]; + modules = []; + importables = rec { + profiles = digga.lib.rakeLeaves ./users/profiles; + suites = with profiles; rec { + base = [direnv git]; + }; + }; + users = { + pub-solar = {suites, ...}: {imports = suites.base;}; + }; # digga.lib.importers.rakeLeaves ./users/hm; + }; + + devshell = ./shell; + + homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; + + deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {}; + }; } diff --git a/hosts/PubSolarOS.nix b/hosts/PubSolarOS.nix index d741a4d1..da0375cd 100644 --- a/hosts/PubSolarOS.nix +++ b/hosts/PubSolarOS.nix @@ -1,17 +1,15 @@ -{ suites, ... }: -{ +{suites, ...}: { ### root password is empty by default ### ### default password: pub-solar, optional: add your SSH keys imports = - suites.iso - ; + suites.iso; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.networkmanager.enable = true; - fileSystems."/" = { device = "/dev/disk/by-label/nixos"; }; + fileSystems."/" = {device = "/dev/disk/by-label/nixos";}; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/hosts/bootstrap.nix b/hosts/bootstrap.nix index 49422675..c71f03cc 100644 --- a/hosts/bootstrap.nix +++ b/hosts/bootstrap.nix @@ -1,19 +1,22 @@ -{ config, lib, pkgs, profiles, ... }: -with lib; -let +{ + config, + lib, + pkgs, + profiles, + ... +}: +with lib; let # Gets hostname of host to be bundled inside iso # Copied from https://github.com/divnix/digga/blob/30ffa0b02272dc56c94fd3c7d8a5a0f07ca197bf/modules/bootstrap-iso.nix#L3-L11 - getFqdn = config: - let - net = config.networking; - fqdn = - if (net ? domain) && (net.domain != null) - then "${net.hostName}.${net.domain}" - else net.hostName; - in - fqdn; -in -{ + getFqdn = config: let + net = config.networking; + fqdn = + if (net ? domain) && (net.domain != null) + then "${net.hostName}.${net.domain}" + else net.hostName; + in + fqdn; +in { # build with: `nix build ".#nixosConfigurations.bootstrap.config.system.build.isoImage"` imports = [ # profiles.networking @@ -28,7 +31,7 @@ in boot.loader.systemd-boot.enable = true; # will be overridden by the bootstrapIso instrumentation - fileSystems."/" = { device = "/dev/disk/by-label/nixos"; }; + fileSystems."/" = {device = "/dev/disk/by-label/nixos";}; system.nixos.label = "PubSolarOS-" + config.system.nixos.version; @@ -36,7 +39,7 @@ in # https://github.com/divnix/digga/blob/30ffa0b02272dc56c94fd3c7d8a5a0f07ca197bf/modules/bootstrap-iso.nix#L17 # https://github.com/NixOS/nixpkgs/blob/aecd4d8349b94f9bd5718c74a5b789f233f67326/nixos/modules/installer/cd-dvd/installation-cd-base.nix#L21-L22 isoImage = { - isoBaseName = mkForce (getFqdn config); + isoBaseName = mkForce (getFqdn config); isoName = mkForce "${config.system.nixos.label}-${config.isoImage.isoBaseName}-${pkgs.stdenv.hostPlatform.system}.iso"; }; diff --git a/lib/compat/default.nix b/lib/compat/default.nix index 9d0c2837..fc1bc0cc 100644 --- a/lib/compat/default.nix +++ b/lib/compat/default.nix @@ -1,14 +1,21 @@ let - rev = "e7e5d481a0e15dcd459396e55327749989e04ce0"; - flake = (import + lock = builtins.fromJSON (builtins.readFile builtins.path { + path = ../../flake.lock; + name = "lockPath"; + }); + flake = + import ( fetchTarball { - url = "https://github.com/edolstra/flake-compat/archive/${rev}.tar.gz"; - sha256 = "0zd3x46fswh5n6faq4x2kkpy6p3c6j593xbdlbsl40ppkclwc80x"; + url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; + sha256 = lock.nodes.flake-compat.locked.narHash; } ) { - src = ../../.; - }); + src = builtins.path { + path = ../../.; + name = "projectRoot"; + }; + }; in -flake + flake diff --git a/lib/compat/nixos/default.nix b/lib/compat/nixos/default.nix index 83f05f9f..617c6a93 100644 --- a/lib/compat/nixos/default.nix +++ b/lib/compat/nixos/default.nix @@ -1,5 +1,4 @@ -{ ... }: -let +{...}: let inherit (default.inputs.nixos) lib; host = configs.${hostname} or configs.PubSolarOS; @@ -7,4 +6,4 @@ let default = (import ../.).defaultNix; hostname = lib.fileContents /etc/hostname; in -host + host diff --git a/lib/default.nix b/lib/default.nix index 2356e1f0..9bc86f1a 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,2 +1,2 @@ -{ lib }: -lib.makeExtensible (self: { }) +{lib}: +lib.makeExtensible (self: {}) diff --git a/modules/arduino/default.nix b/modules/arduino/default.nix index 926a0f62..4011735f 100644 --- a/modules/arduino/default.nix +++ b/modules/arduino/default.nix @@ -1,23 +1,27 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.devops; -in -{ +in { options.pub-solar.arduino = { enable = mkEnableOption "Life with home automation"; }; config = mkIf cfg.enable { - users.users = pkgs.lib.setAttrByPath [ psCfg.user.name ] { - extraGroups = [ "dialout" ]; + users.users = pkgs.lib.setAttrByPath [psCfg.user.name] { + extraGroups = ["dialout"]; }; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - arduino - arduino-cli - ]; - }; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + arduino + arduino-cli + ]; + }; }; } diff --git a/modules/audio/default.nix b/modules/audio/default.nix index be18e0fe..f6d52e71 100644 --- a/modules/audio/default.nix +++ b/modules/audio/default.nix @@ -1,11 +1,14 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.audio; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in -{ +in { options.pub-solar.audio = { enable = mkEnableOption "Life in highs and lows"; mopidy.enable = mkEnableOption "Life with mopidy"; @@ -20,40 +23,49 @@ in }; config = mkIf cfg.enable { - users.users = pkgs.lib.setAttrByPath [ psCfg.user.name ] { - extraGroups = [ "audio" ]; + users.users = pkgs.lib.setAttrByPath [psCfg.user.name] { + extraGroups = ["audio"]; }; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - # easyeffects, e.g. for microphone noise filtering - easyeffects - mu - pavucontrol - pa_applet - playerctl - # Needed for pactl cmd, until pw-cli is more mature (vol up/down hotkeys?) - pulseaudio - vimpc - ] ++ (if cfg.spotify.enable then [ pkgs.spotify-tui ] else [ ]); - xdg.configFile."vimpc/vimpcrc".source = ./.config/vimpc/vimpcrc; - systemd.user.services.easyeffects = import ./easyeffects.service.nix pkgs; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = + [ + # easyeffects, e.g. for microphone noise filtering + easyeffects + mu + pavucontrol + pa_applet + playerctl + # Needed for pactl cmd, until pw-cli is more mature (vol up/down hotkeys?) + pulseaudio + vimpc + ] + ++ ( + if cfg.spotify.enable + then [pkgs.spotify-tui] + else [] + ); + xdg.configFile."vimpc/vimpcrc".source = ./.config/vimpc/vimpcrc; + systemd.user.services.easyeffects = import ./easyeffects.service.nix pkgs; - services.spotifyd = mkIf cfg.spotify.enable { - enable = true; - settings = { - global = { - username = cfg.spotify.username; - password_cmd = "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus ${pkgs.libsecret}/bin/secret-tool lookup spotify password"; - bitrate = 320; - volume_normalisation = true; - no_audio_cache = false; - max_cache_size = 1000000000; + services.spotifyd = mkIf cfg.spotify.enable { + enable = true; + settings = { + global = { + username = cfg.spotify.username; + password_cmd = "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus ${pkgs.libsecret}/bin/secret-tool lookup spotify password"; + bitrate = 320; + volume_normalisation = true; + no_audio_cache = false; + max_cache_size = 1000000000; + }; }; }; }; - }; + # rtkit is optional but recommended + security.rtkit.enable = true; # Enable sound using pipewire-pulse services.pipewire = { enable = true; @@ -63,7 +75,7 @@ in config.pipewire = { context.default.clock = { - allowed-rates = [ 44100 48000 88200 96000 ]; + allowed-rates = [44100 48000 88200 96000]; rate = 44100; }; }; diff --git a/modules/audio/easyeffects.service.nix b/modules/audio/easyeffects.service.nix index e94d0abd..c172e2b3 100644 --- a/modules/audio/easyeffects.service.nix +++ b/modules/audio/easyeffects.service.nix @@ -1,5 +1,4 @@ -pkgs: -{ +pkgs: { Service = { Type = "dbus"; BusName = "com.github.wwmm.easyeffects"; diff --git a/modules/audio/pipewire-pulse.conf.json b/modules/audio/pipewire-pulse.conf.json index a37f6b75..97bedaaa 100644 --- a/modules/audio/pipewire-pulse.conf.json +++ b/modules/audio/pipewire-pulse.conf.json @@ -8,10 +8,7 @@ { "name": "libpipewire-module-rtkit", "args": {}, - "flags": [ - "ifexists", - "nofail" - ] + "flags": ["ifexists", "nofail"] }, { "name": "libpipewire-module-protocol-native" @@ -28,10 +25,7 @@ { "name": "libpipewire-module-protocol-pulse", "args": { - "server.address": [ - "unix:native", - "tcp:4713" - ], + "server.address": ["unix:native", "tcp:4713"], "vm.overrides": { "pulse.min.quantum": "1024/48000" } diff --git a/modules/ci-runner/default.nix b/modules/ci-runner/default.nix index 1460ab16..95c58970 100644 --- a/modules/ci-runner/default.nix +++ b/modules/ci-runner/default.nix @@ -1,10 +1,14 @@ -{ lib, config, pkgs, self, ... }: -with lib; -let +{ + lib, + config, + pkgs, + self, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.ci-runner; -in -{ +in { options.pub-solar.ci-runner = { enable = mkEnableOption "Enables a systemd service that runs drone-ci-runner"; }; @@ -26,8 +30,8 @@ in pkgs.libvirt ]; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "libvirtd.service" ]; + wantedBy = ["multi-user.target"]; + after = ["network.target" "libvirtd.service"]; script = ''${pkgs.drone-runner-exec}/bin/drone-runner-exec daemon /run/agenix/drone-runner-exec-config''; }; diff --git a/modules/compat/default.nix b/modules/compat/default.nix index af39a951..5c2dab36 100644 --- a/modules/compat/default.nix +++ b/modules/compat/default.nix @@ -1,6 +1,12 @@ -{ config, pkgs, lib, ... }: with lib; { +{ + config, + pkgs, + lib, + ... +}: +with lib; { # Both things below are for # https://github.com/NixOS/nixpkgs/issues/124215 documentation.info.enable = lib.mkForce false; - nix.sandboxPaths = [ "/bin/sh=${pkgs.bash}/bin/sh" ]; + nix.settings.extra-sandbox-paths = ["/bin/sh=${pkgs.bash}/bin/sh"]; } diff --git a/modules/core/boot.nix b/modules/core/boot.nix index cb16865d..0a7fc412 100644 --- a/modules/core/boot.nix +++ b/modules/core/boot.nix @@ -1,9 +1,12 @@ -{ config, pkgs, lib, ... }: -with lib; -let - cfg = config.pub-solar.core; -in { + config, + pkgs, + lib, + ... +}: +with lib; let + cfg = config.pub-solar.core; +in { options.pub-solar.core.iso-options.enable = mkOption { type = types.bool; default = false; @@ -36,7 +39,7 @@ in kernelPackages = pkgs.linuxPackages_5_15; # Support ntfs drives - supportedFilesystems = [ "ntfs" ]; + supportedFilesystems = ["ntfs"]; }; }; } diff --git a/modules/core/default.nix b/modules/core/default.nix index 4f74b46d..5f6161de 100644 --- a/modules/core/default.nix +++ b/modules/core/default.nix @@ -1,10 +1,11 @@ -{ config, lib, ... }: - -with lib; -let - cfg = config.pub-solar.core; -in { + config, + lib, + ... +}: +with lib; let + cfg = config.pub-solar.core; +in { imports = [ ./boot.nix ./hibernation.nix diff --git a/modules/core/fonts.nix b/modules/core/fonts.nix index 979ffc68..29734489 100644 --- a/modules/core/fonts.nix +++ b/modules/core/fonts.nix @@ -1,12 +1,14 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { fonts = { - fonts = with pkgs; [ powerline-fonts dejavu_fonts ]; + fonts = with pkgs; [powerline-fonts dejavu_fonts]; fontconfig.defaultFonts = { - monospace = [ "DejaVu Sans Mono for Powerline" ]; - sansSerif = [ "DejaVu Sans" ]; + monospace = ["DejaVu Sans Mono for Powerline"]; + sansSerif = ["DejaVu Sans"]; }; }; } - diff --git a/modules/core/hibernation.nix b/modules/core/hibernation.nix index a71ffd37..c0dd97bb 100644 --- a/modules/core/hibernation.nix +++ b/modules/core/hibernation.nix @@ -1,9 +1,12 @@ -{ config, pkgs, lib, ... }: -with lib; -let - cfg = config.pub-solar.core.hibernation; -in { + config, + pkgs, + lib, + ... +}: +with lib; let + cfg = config.pub-solar.core.hibernation; +in { options.pub-solar.core.hibernation = { enable = mkOption { type = types.bool; @@ -27,7 +30,7 @@ in config = { boot = mkIf cfg.enable { resumeDevice = cfg.resumeDevice; - kernelParams = mkIf (cfg.resumeOffset != null) [ "resume_offset=${builtins.toString cfg.resumeOffset}" ]; + kernelParams = mkIf (cfg.resumeOffset != null) ["resume_offset=${builtins.toString cfg.resumeOffset}"]; }; }; } diff --git a/modules/core/i18n.nix b/modules/core/i18n.nix index 3219160d..1b524282 100644 --- a/modules/core/i18n.nix +++ b/modules/core/i18n.nix @@ -1,6 +1,10 @@ -{ config, pkgs, lib, ... }: -with lib; { + config, + pkgs, + lib, + ... +}: +with lib; { config = { # Set your time zone. time.timeZone = "Europe/Berlin"; diff --git a/modules/core/networking.nix b/modules/core/networking.nix index c5ec9cbe..f5bd201d 100644 --- a/modules/core/networking.nix +++ b/modules/core/networking.nix @@ -1,10 +1,12 @@ -{ config, pkgs, lib, ... }: - -with lib; - -let cfg = config.pub-solar.core; -in { + config, + pkgs, + lib, + ... +}: +with lib; let + cfg = config.pub-solar.core; +in { options.pub-solar.core = { enableCaddy = mkOption { type = types.bool; @@ -17,18 +19,19 @@ in binaryCaches = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; description = "Binary caches to use."; }; publicKeys = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; description = "Public keys of binary caches."; }; }; config = { - # disable NetworkManager-wait-online by default + # disable NetworkManager and systemd-networkd -wait-online by default systemd.services.NetworkManager-wait-online.enable = lib.mkDefault false; + systemd.services.systemd-networkd-wait-online.enable = lib.mkDefault false; networking.networkmanager = { # Enable networkmanager. REMEMBER to add yourself to group in order to use nm related stuff. @@ -39,15 +42,16 @@ in networking.firewall.enable = true; # Customized binary caches list (with fallback to official binary cache) - nix.binaryCaches = cfg.binaryCaches; - nix.binaryCachePublicKeys = cfg.publicKeys; + nix.settings.substituters = cfg.binaryCaches; + nix.settings.trusted-public-keys = cfg.publicKeys; # These entries get added to /etc/hosts networking.hosts = { - "127.0.0.1" = [ ] - ++ lib.optionals cfg.enableCaddy [ "caddy.local" ] - ++ lib.optionals config.pub-solar.printing.enable [ "cups.local" ] - ++ lib.optionals cfg.enableHelp [ "help.local" ]; + "127.0.0.1" = + [] + ++ lib.optionals cfg.enableCaddy ["caddy.local"] + ++ lib.optionals config.pub-solar.printing.enable ["cups.local"] + ++ lib.optionals cfg.enableHelp ["help.local"]; }; # Caddy reverse proxy for local services like cups diff --git a/modules/core/nix.nix b/modules/core/nix.nix index f7ff5fa4..711304ba 100644 --- a/modules/core/nix.nix +++ b/modules/core/nix.nix @@ -1,19 +1,25 @@ -{ config, pkgs, lib, inputs, ... }: - { + config, + pkgs, + lib, + inputs, + ... +}: { nix = { # Use default version alias for nix package package = pkgs.nix; - # Improve nix store disk usage - autoOptimiseStore = true; gc.automatic = true; optimise.automatic = true; - # Prevents impurities in builds - useSandbox = true; - # give root and @wheel special privileges with nix - trustedUsers = [ "root" "@wheel" ]; - # This is just a representation of the nix default - systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + settings = { + # Improve nix store disk usage + auto-optimise-store = true; + # Prevents impurities in builds + sandbox = true; + # give root and @wheel special privileges with nix + trusted-users = ["root" "@wheel"]; + # This is just a representation of the nix default + system-features = ["nixos-test" "benchmark" "big-parallel" "kvm"]; + }; # Generally useful nix option defaults extraOptions = '' min-free = 536870912 diff --git a/modules/core/packages.nix b/modules/core/packages.nix index f6867816..f0a35d17 100644 --- a/modules/core/packages.nix +++ b/modules/core/packages.nix @@ -1,75 +1,78 @@ -{ config, pkgs, lib, ... }: - -with lib; -let +{ + config, + pkgs, + lib, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.core; -in -{ +in { environment = { - systemPackages = with pkgs; [ - # Core unix utility packages - coreutils-full - dnsutils - inetutils - progress - pciutils - usbutils + systemPackages = with pkgs; + [ + # Core unix utility packages + coreutils-full + dnsutils + inetutils + progress + pciutils + usbutils - wget - openssl - openssh - curl - htop - lsof - psmisc - file + wget + openssl + openssh + curl + htop + lsof + psmisc + file - # zippit - zip - unzip + # zippit + zip + unzip - # Modern modern utilities - p7zip - croc - jq - ] + # Modern modern utilities + p7zip + croc + jq + ] + ++ lib.optionals (!cfg.lite) [ + mtr - ++ lib.optionals (!cfg.lite) [ - mtr + gitFull + git-lfs + git-bug - gitFull - git-lfs - git-bug + xdg-utils + sysfsutils + renameutils + nfs-utils + moreutils + mailutils + keyutils + input-utils + elfutils + binutils + dateutils + diffutils + findutils + exfat - xdg-utils - sysfsutils - renameutils - nfs-utils - moreutils - mailutils - keyutils - input-utils - elfutils - binutils - dateutils - diffutils - findutils - exfat + # Nix specific utilities + alejandra + niv + manix + nix-index + nix-tree + nixpkgs-review + # Build broken, python2.7-PyJWT-2.0.1.drv' failed + #nixops + psos + nvd - # Nix specific utilities - niv - manix - nix-index - nix-tree - nixpkgs-review - # Build broken, python2.7-PyJWT-2.0.1.drv' failed - #nixops - psos - nvd - - # Fun - neofetch - ]; + # Fun + neofetch + ]; }; } diff --git a/modules/core/services.nix b/modules/core/services.nix index 6ce74472..7a825bc8 100644 --- a/modules/core/services.nix +++ b/modules/core/services.nix @@ -1,6 +1,9 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { # For rage encryption, all hosts need a ssh key pair services.openssh = { enable = true; diff --git a/modules/crypto/default.nix b/modules/crypto/default.nix index 712787aa..8dad1d70 100644 --- a/modules/crypto/default.nix +++ b/modules/crypto/default.nix @@ -1,41 +1,45 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.crypto; -in -{ +in { options.pub-solar.crypto = { enable = mkEnableOption "Life in private"; }; config = mkIf cfg.enable { - services.udev.packages = [ pkgs.yubikey-personalization ]; - services.dbus.packages = [ pkgs.gcr ]; + services.udev.packages = [pkgs.yubikey-personalization]; + services.dbus.packages = [pkgs.gcr]; services.pcscd.enable = true; services.gnome.gnome-keyring.enable = true; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - systemd.user.services.polkit-gnome-authentication-agent = import ./polkit-gnome-authentication-agent.service.nix pkgs; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + systemd.user.services.polkit-gnome-authentication-agent = import ./polkit-gnome-authentication-agent.service.nix pkgs; - services.gpg-agent = { - enable = true; - pinentryFlavor = "gnome3"; - verbose = true; + services.gpg-agent = { + enable = true; + pinentryFlavor = "gnome3"; + verbose = true; + }; + + programs.gpg = { + enable = true; + }; + + home.packages = [ + gnome.seahorse + keepassxc + libsecret + qMasterPassword + restic + ]; }; - - programs.gpg = { - enable = true; - }; - - home.packages = [ - gnome.seahorse - keepassxc - libsecret - qMasterPassword - restic - ]; - }; }; } diff --git a/modules/crypto/polkit-gnome-authentication-agent.service.nix b/modules/crypto/polkit-gnome-authentication-agent.service.nix index 1194c860..ffa5b78d 100644 --- a/modules/crypto/polkit-gnome-authentication-agent.service.nix +++ b/modules/crypto/polkit-gnome-authentication-agent.service.nix @@ -1,16 +1,15 @@ -pkgs: -{ +pkgs: { Unit = { Description = "Legacy polkit authentication agent for GNOME"; - Documentation = [ "https://gitlab.freedesktop.org/polkit/polkit/" ]; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" ]; + Documentation = ["https://gitlab.freedesktop.org/polkit/polkit/"]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target"]; }; Service = { Type = "simple"; ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/devops/default.nix b/modules/devops/default.nix index 9c0d9a9e..e26f1156 100644 --- a/modules/devops/default.nix +++ b/modules/devops/default.nix @@ -1,26 +1,30 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.devops; -in -{ +in { options.pub-solar.devops = { enable = mkEnableOption "Life automated"; }; config = mkIf cfg.enable { - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - drone-cli - nmap - pgcli - ansible - ansible-lint - restic - shellcheck - terraform_0_15 - ]; - }; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + drone-cli + nmap + pgcli + ansible + ansible-lint + restic + shellcheck + terraform + ]; + }; }; } diff --git a/modules/docker/default.nix b/modules/docker/default.nix index 668c4005..ef733b45 100644 --- a/modules/docker/default.nix +++ b/modules/docker/default.nix @@ -1,19 +1,23 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.docker; -in -{ +in { options.pub-solar.docker = { enable = mkEnableOption "Life in metal boxes"; }; config = mkIf cfg.enable { virtualisation.docker.enable = true; - users.users = with pkgs; pkgs.lib.setAttrByPath [ psCfg.user.name ] { - extraGroups = [ "docker" ]; - }; + users.users = with pkgs; + pkgs.lib.setAttrByPath [psCfg.user.name] { + extraGroups = ["docker"]; + }; environment.systemPackages = with pkgs; [ docker-compose diff --git a/modules/email/default.nix b/modules/email/default.nix index d61bf1bc..db41c6fe 100644 --- a/modules/email/default.nix +++ b/modules/email/default.nix @@ -1,29 +1,33 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.email; -in -{ +in { options.pub-solar.email = { enable = mkEnableOption "Life in headers"; }; config = mkIf cfg.enable { - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - w3m - urlscan - neomutt - offlineimap - msmtp - mailto-mutt - ]; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + w3m + urlscan + neomutt + offlineimap + msmtp + mailto-mutt + ]; - programs.offlineimap = { - enable = true; - pythonFile = builtins.readFile ./offlineimap.py; + programs.offlineimap = { + enable = true; + pythonFile = builtins.readFile ./offlineimap.py; + }; }; - }; }; } diff --git a/modules/email/offlineimap.nix b/modules/email/offlineimap.nix deleted file mode 100644 index 8b137891..00000000 --- a/modules/email/offlineimap.nix +++ /dev/null @@ -1 +0,0 @@ - diff --git a/modules/gaming/default.nix b/modules/gaming/default.nix index 00939e82..0992c51c 100644 --- a/modules/gaming/default.nix +++ b/modules/gaming/default.nix @@ -1,10 +1,13 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.gaming; -in -{ +in { options.pub-solar.gaming = { enable = mkEnableOption "Life in shooters"; }; @@ -12,16 +15,17 @@ in config = mkIf cfg.enable { programs.steam.enable = true; nixpkgs.config.packageOverrides = pkgs: { - steam = pkgs.steam.override { }; + steam = pkgs.steam.override {}; }; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - playonlinux - godot - obs-studio - obs-studio-plugins.wlrobs - ]; - }; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + playonlinux + godot + obs-studio + obs-studio-plugins.wlrobs + ]; + }; }; } diff --git a/modules/gaming/steam.nix b/modules/gaming/steam.nix deleted file mode 100644 index 8b137891..00000000 --- a/modules/gaming/steam.nix +++ /dev/null @@ -1 +0,0 @@ - diff --git a/modules/graphical/alacritty.nix b/modules/graphical/alacritty.nix index b389343c..d52a6cad 100644 --- a/modules/graphical/alacritty.nix +++ b/modules/graphical/alacritty.nix @@ -66,29 +66,97 @@ x = 0; y = 0; }; - - use_thin_strokes = true; }; key_bindings = [ - { key = "V"; mods = "Control|Alt"; action = "Paste"; } - { key = "C"; mods = "Control|Alt"; action = "Copy"; } - { key = "Paste"; action = "Paste"; } - { key = "Copy"; action = "Copy"; } - { key = "Q"; mods = "Command"; action = "Quit"; } - { key = "W"; mods = "Command"; action = "Quit"; } - { key = "Insert"; mods = "Shift"; action = "PasteSelection"; } - { key = "Key0"; mods = "Control"; action = "ResetFontSize"; } - { key = "Equals"; mods = "Control"; action = "IncreaseFontSize"; } - { key = "PageUp"; mods = "Shift"; action = "ScrollPageUp"; } - { key = "PageDown"; mods = "Shift"; action = "ScrollPageDown"; } - { key = "Minus"; mods = "Control"; action = "DecreaseFontSize"; } - { key = "H"; mode = "Vi|~Search"; action = "ScrollToBottom"; } - { key = "H"; mode = "Vi|~Search"; action = "ToggleViMode"; } - { key = "I"; mode = "Vi|~Search"; action = "Up"; } - { key = "K"; mode = "Vi|~Search"; action = "Down"; } - { key = "J"; mode = "Vi|~Search"; action = "Left"; } - { key = "L"; mode = "Vi|~Search"; action = "Right"; } + { + key = "V"; + mods = "Control|Alt"; + action = "Paste"; + } + { + key = "C"; + mods = "Control|Alt"; + action = "Copy"; + } + { + key = "Paste"; + action = "Paste"; + } + { + key = "Copy"; + action = "Copy"; + } + { + key = "Q"; + mods = "Command"; + action = "Quit"; + } + { + key = "W"; + mods = "Command"; + action = "Quit"; + } + { + key = "Insert"; + mods = "Shift"; + action = "PasteSelection"; + } + { + key = "Key0"; + mods = "Control"; + action = "ResetFontSize"; + } + { + key = "Equals"; + mods = "Control"; + action = "IncreaseFontSize"; + } + { + key = "PageUp"; + mods = "Shift"; + action = "ScrollPageUp"; + } + { + key = "PageDown"; + mods = "Shift"; + action = "ScrollPageDown"; + } + { + key = "Minus"; + mods = "Control"; + action = "DecreaseFontSize"; + } + { + key = "H"; + mode = "Vi|~Search"; + action = "ScrollToBottom"; + } + { + key = "H"; + mode = "Vi|~Search"; + action = "ToggleViMode"; + } + { + key = "I"; + mode = "Vi|~Search"; + action = "Up"; + } + { + key = "K"; + mode = "Vi|~Search"; + action = "Down"; + } + { + key = "J"; + mode = "Vi|~Search"; + action = "Left"; + } + { + key = "L"; + mode = "Vi|~Search"; + action = "Right"; + } ]; # Base16 Burn 256 - alacritty color config @@ -164,12 +232,30 @@ }; indexed_colors = [ - { index = 16; color = "0xdf5923"; } - { index = 17; color = "0xd70000"; } - { index = 18; color = "0x2d2a2e"; } - { index = 19; color = "0x303030"; } - { index = 20; color = "0xd3d1d4"; } - { index = 21; color = "0x303030"; } + { + index = 16; + color = "0xdf5923"; + } + { + index = 17; + color = "0xd70000"; + } + { + index = 18; + color = "0x2d2a2e"; + } + { + index = 19; + color = "0x303030"; + } + { + index = 20; + color = "0xd3d1d4"; + } + { + index = 21; + color = "0x303030"; + } ]; }; } diff --git a/modules/graphical/default.nix b/modules/graphical/default.nix index ede262b3..39f6be5d 100644 --- a/modules/graphical/default.nix +++ b/modules/graphical/default.nix @@ -1,31 +1,34 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.graphical; - yamlFormat = pkgs.formats.yaml { }; - recursiveMerge = attrList: - let - f = attrPath: - zipAttrsWith (n: values: - if tail values == [ ] + yamlFormat = pkgs.formats.yaml {}; + recursiveMerge = attrList: let + f = attrPath: + zipAttrsWith ( + n: values: + if tail values == [] then head values else if all isList values then unique (concatLists values) else if all isAttrs values - then f (attrPath ++ [ n ]) values + then f (attrPath ++ [n]) values else last values - ); - in - f [ ] attrList; -in -{ + ); + in + f [] attrList; +in { options.pub-solar.graphical = { enable = mkEnableOption "Life in color"; alacritty = { settings = mkOption { type = yamlFormat.type; - default = { }; + default = {}; }; }; autologin.enable = mkOption { @@ -71,7 +74,7 @@ in # Required for running Gnome apps outside the Gnome DE, see https://nixos.wiki/wiki/GNOME#Running_GNOME_programs_outside_of_GNOME programs.dconf.enable = true; - services.udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ]; + services.udev.packages = with pkgs; [gnome3.gnome-settings-daemon]; # Enable Sushi, a quick previewer for nautilus services.gnome.sushi.enable = true; # Enable GVfs, a userspace virtual filesystem @@ -92,65 +95,65 @@ in source-sans-pro ]; - home-manager = with pkgs; setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - alacritty - foot - chromium - firefox-wayland + home-manager = with pkgs; + setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + alacritty + foot + chromium + firefox-wayland - flameshot - libnotify - gnome.adwaita-icon-theme - gnome.eog - gnome.nautilus - gnome.yelp - hicolor-icon-theme + flameshot + libnotify + gnome.adwaita-icon-theme + gnome.eog + gnome.nautilus + gnome.yelp + hicolor-icon-theme - wine + wine - toggle-kbd-layout + toggle-kbd-layout - wcwd + wcwd - vlc + vlc - gimp - ]; + gimp + ]; - xdg.configFile."alacritty/alacritty.yml" = { - source = yamlFormat.generate "alacritty.yml" (recursiveMerge [ (import ./alacritty.nix) cfg.alacritty.settings ]); + xdg.configFile."alacritty/alacritty.yml" = { + source = yamlFormat.generate "alacritty.yml" (recursiveMerge [(import ./alacritty.nix) cfg.alacritty.settings]); + }; + + gtk = { + enable = true; + font.name = "Lato"; + iconTheme = { + package = pkgs.papirus-icon-theme; + name = "Papirus-Adapta-Nokto-Maia"; + }; + theme = { + package = pkgs.matcha-gtk-theme; + name = "Matcha-dark-aliz"; + }; + + gtk3.extraConfig = { + gtk-xft-antialias = "1"; + gtk-xft-hinting = "1"; + gtk-xft-hintstyle = "hintfull"; + gtk-xft-rgba = "rgb"; + gtk-application-prefer-dark-theme = "true"; + }; + }; + + # Fix KeepassXC rendering issue + # https://github.com/void-linux/void-packages/issues/23517 + systemd.user.sessionVariables.QT_AUTO_SCREEN_SCALE_FACTOR = "0"; + + xresources.extraConfig = builtins.readFile ./.Xdefaults; + + systemd.user.services.network-manager-applet = import ./network-manager-applet.service.nix pkgs; }; - - gtk = { - enable = true; - font.name = "Lato"; - iconTheme = { - package = pkgs.papirus-icon-theme; - name = "Papirus-Adapta-Nokto-Maia"; - }; - theme = { - package = pkgs.matcha-gtk-theme; - name = "Matcha-dark-aliz"; - }; - - gtk3.extraConfig = { - gtk-xft-antialias = "1"; - gtk-xft-hinting = "1"; - gtk-xft-hintstyle = "hintfull"; - gtk-xft-rgba = "rgb"; - gtk-application-prefer-dark-theme = "true"; - }; - - }; - - # Fix KeepassXC rendering issue - # https://github.com/void-linux/void-packages/issues/23517 - systemd.user.sessionVariables.QT_AUTO_SCREEN_SCALE_FACTOR = "0"; - - xresources.extraConfig = builtins.readFile ./.Xdefaults; - - systemd.user.services.network-manager-applet = import ./network-manager-applet.service.nix pkgs; - }; }; } diff --git a/modules/graphical/network-manager-applet.service.nix b/modules/graphical/network-manager-applet.service.nix index 71480a62..4252c065 100644 --- a/modules/graphical/network-manager-applet.service.nix +++ b/modules/graphical/network-manager-applet.service.nix @@ -1,16 +1,15 @@ -pkgs: -{ +pkgs: { Unit = { Description = "Lightweight Wayland notification daemon"; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" ]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target"]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; + ConditionEnvironment = ["WAYLAND_DISPLAY"]; }; Service = { ExecStart = "${pkgs.networkmanagerapplet}/bin/nm-applet --sm-disable --indicator"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/hm-system-defaults.nix b/modules/hm-system-defaults.nix index 7b442a61..4bc6cf67 100644 --- a/modules/hm-system-defaults.nix +++ b/modules/hm-system-defaults.nix @@ -1,4 +1,4 @@ -{ config, ... }: { +{config, ...}: { home-manager.sharedModules = [ { home.sessionVariables = { diff --git a/modules/nextcloud/default.nix b/modules/nextcloud/default.nix index e37fb8e1..915a9065 100644 --- a/modules/nextcloud/default.nix +++ b/modules/nextcloud/default.nix @@ -1,17 +1,21 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.nextcloud; -in -{ +in { options.pub-solar.nextcloud = { enable = mkEnableOption "Life in sync"; }; config = mkIf cfg.enable { - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - systemd.user.services.nextcloud-client = import ./nextcloud.service.nix pkgs; - }; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + systemd.user.services.nextcloud-client = import ./nextcloud.service.nix pkgs; + }; }; } diff --git a/modules/nextcloud/nextcloud.service.nix b/modules/nextcloud/nextcloud.service.nix index 29045f0f..f326797c 100644 --- a/modules/nextcloud/nextcloud.service.nix +++ b/modules/nextcloud/nextcloud.service.nix @@ -1,12 +1,11 @@ -pkgs: -{ +pkgs: { Unit = { Description = "Nextcloud Client"; - BindsTo = [ "sway-session.target" ]; - Wants = [ "graphical-session-pre.target" ]; - After = [ "graphical-session-pre.target" ]; + BindsTo = ["sway-session.target"]; + Wants = ["graphical-session-pre.target"]; + After = ["graphical-session-pre.target"]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; + ConditionEnvironment = ["WAYLAND_DISPLAY"]; }; Service = { Type = "simple"; @@ -16,6 +15,6 @@ pkgs: Restart = "on-failure"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/nix-path.nix b/modules/nix-path.nix index 273f67a6..5967fd2e 100644 --- a/modules/nix-path.nix +++ b/modules/nix-path.nix @@ -1,4 +1,8 @@ -{ channel, inputs, ... }: { +{ + channel, + inputs, + ... +}: { nix.nixPath = [ "nixpkgs=${channel.input}" "nixos-config=${../lib/compat/nixos}" diff --git a/modules/office/default.nix b/modules/office/default.nix index 204e3ae8..dcfb688a 100644 --- a/modules/office/default.nix +++ b/modules/office/default.nix @@ -1,10 +1,13 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.office; -in -{ +in { options.pub-solar.office = { enable = mkEnableOption "Install office programs, also enables printing server"; }; @@ -14,15 +17,16 @@ in # Gnome PDF viewer programs.evince.enable = true; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - libreoffice-fresh - gnome.simple-scan - # Tools like pdfunite - poppler_utils - # tool for annotating PDFs - xournalpp - ]; - }; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + libreoffice-fresh + gnome.simple-scan + # Tools like pdfunite + poppler_utils + # tool for annotating PDFs + xournalpp + ]; + }; }; } diff --git a/modules/paranoia/default.nix b/modules/paranoia/default.nix index 2dc439cf..5e8c7a70 100644 --- a/modules/paranoia/default.nix +++ b/modules/paranoia/default.nix @@ -1,11 +1,12 @@ -{ config, lib, ... }: - -with lib; -let +{ + config, + lib, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.paranoia; -in -{ +in { options.pub-solar.paranoia = { enable = mkOption { description = '' @@ -34,7 +35,7 @@ in # Remove the complete default environment of packages like # nano, perl and rsync - environment.defaultPackages = lib.mkForce [ ]; + environment.defaultPackages = lib.mkForce []; # fileSystems."/".options = [ "noexec" ]; diff --git a/modules/printing/default.nix b/modules/printing/default.nix index 4688c842..77f782f7 100644 --- a/modules/printing/default.nix +++ b/modules/printing/default.nix @@ -1,10 +1,13 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.printing; -in -{ +in { options.pub-solar.printing = { enable = mkEnableOption "CUPSSSss"; }; @@ -16,8 +19,8 @@ in services.avahi.publish.userServices = true; services.printing.enable = true; services.printing.browsing = true; - services.printing.listenAddresses = [ "localhost:631" ]; - services.printing.allowFrom = [ "all" ]; + services.printing.listenAddresses = ["localhost:631"]; + services.printing.allowFrom = ["all"]; services.printing.defaultShared = false; services.printing.drivers = [ pkgs.gutenprint diff --git a/modules/social/default.nix b/modules/social/default.nix index e0d12449..af0de8b8 100644 --- a/modules/social/default.nix +++ b/modules/social/default.nix @@ -1,22 +1,26 @@ -{ lib, config, pkgs, ... }: -with lib; -let +{ + lib, + config, + pkgs, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.social; -in -{ +in { options.pub-solar.social = { enable = mkEnableOption "Life with others"; }; config = mkIf cfg.enable { - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - signal-desktop - tdesktop - element-desktop - irssi - ]; - }; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + signal-desktop + tdesktop + element-desktop + irssi + ]; + }; }; } diff --git a/modules/sway/config/config.d/mode_system.conf.nix b/modules/sway/config/config.d/mode_system.conf.nix index f01921c4..5545c3f6 100644 --- a/modules/sway/config/config.d/mode_system.conf.nix +++ b/modules/sway/config/config.d/mode_system.conf.nix @@ -1,23 +1,45 @@ -{ pkgs, psCfg, ... }: '' +{ + pkgs, + psCfg, + ... +}: +'' # Set shut down, restart and locking features -'' + (if psCfg.core.hibernation.enable && !psCfg.paranoia.enable then '' - set $mode_system (e)xit, (h)ibernate, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown -'' else if psCfg.paranoia.enable then '' - set $mode_system (e)xit, (h)ibernate, (r)eboot, (Shift+s)hutdown -'' else '' - set $mode_system (e)xit, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown -'') +'' ++ ( + if psCfg.core.hibernation.enable && !psCfg.paranoia.enable + then '' + set $mode_system (e)xit, (h)ibernate, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown + '' + else if psCfg.paranoia.enable + then '' + set $mode_system (e)xit, (h)ibernate, (r)eboot, (Shift+s)hutdown + '' + else '' + set $mode_system (e)xit, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown + '' +) + '' bindsym $mod+0 mode "$mode_system" mode "$mode_system" { bindsym e exec swaymsg exit, mode "default" -'' + (if psCfg.core.hibernation.enable then '' - bindsym h exec systemctl hibernate, mode "default" -'' else "") -+ (if !psCfg.paranoia.enable then '' - bindsym l exec ${pkgs.swaylock-bg}/bin/swaylock-bg, mode "default" - bindsym s exec systemctl suspend, mode "default" -'' else "") + '' +'' ++ ( + if psCfg.core.hibernation.enable + then '' + bindsym h exec systemctl hibernate, mode "default" + '' + else "" +) ++ ( + if !psCfg.paranoia.enable + then '' + bindsym l exec ${pkgs.swaylock-bg}/bin/swaylock-bg, mode "default" + bindsym s exec systemctl suspend, mode "default" + '' + else "" +) ++ '' bindsym r exec systemctl reboot, mode "default" bindsym Shift+s exec systemctl poweroff, mode "default" diff --git a/modules/sway/config/config.nix b/modules/sway/config/config.nix index 2375d616..db660d77 100644 --- a/modules/sway/config/config.nix +++ b/modules/sway/config/config.nix @@ -1,5 +1,8 @@ -{ config, pkgs, ... }: -'' +{ + config, + pkgs, + ... +}: '' # Default config for sway # # Copy this to ~/.config/sway/config and edit it to your liking. diff --git a/modules/sway/default.nix b/modules/sway/default.nix index c173e9ce..019119bd 100644 --- a/modules/sway/default.nix +++ b/modules/sway/default.nix @@ -1,9 +1,12 @@ -{ lib, config, pkgs, ... }: -with lib; -let - psCfg = config.pub-solar; -in { + lib, + config, + pkgs, + ... +}: +with lib; let + psCfg = config.pub-solar; +in { options.pub-solar.sway = { enable = mkEnableOption "Life in boxes"; @@ -22,14 +25,14 @@ in config = mkIf psCfg.sway.enable (mkMerge [ (mkIf (psCfg.sway.v4l2loopback.enable) { - boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - boot.kernelModules = [ "v4l2loopback" ]; + boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; + boot.kernelModules = ["v4l2loopback"]; boot.extraModprobeConfig = '' options v4l2loopback exclusive_caps=1 devices=3 ''; }) - ({ + { environment.systemPackages = with pkgs; [ linuxPackages.v4l2loopback ]; @@ -48,60 +51,60 @@ in }; }; }; - extraPortals = with pkgs; [ xdg-desktop-portal-gtk ]; - gtkUsePortal = true; + extraPortals = with pkgs; [xdg-desktop-portal-gtk]; }; services.pipewire.enable = true; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = with pkgs; [ - sway - grim - kanshi - mako - slurp - swayidle - swaylock - swaybg - xwayland + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = with pkgs; [ + sway + grim + kanshi + mako + slurp + swayidle + swaylock + swaybg + xwayland - libappindicator-gtk3 + libappindicator-gtk3 - wl-clipboard - wf-recorder - brightnessctl - gammastep - geoclue2 - xsettingsd - ydotool + wl-clipboard + wf-recorder + brightnessctl + gammastep + geoclue2 + xsettingsd + ydotool - sway-launcher - record-screen - import-gtk-settings - s - wcwd - ]; + sway-launcher + record-screen + import-gtk-settings + s + wcwd + ]; - programs.waybar.enable = true; - #programs.waybar.systemd.enable = true; + programs.waybar.enable = true; + #programs.waybar.systemd.enable = true; - systemd.user.services.mako = import ./mako.service.nix { inherit pkgs psCfg; }; - systemd.user.services.sway = import ./sway.service.nix { inherit pkgs psCfg; }; - systemd.user.services.swayidle = import ./swayidle.service.nix { inherit pkgs psCfg; }; - systemd.user.services.xsettingsd = import ./xsettingsd.service.nix { inherit pkgs psCfg; }; - systemd.user.services.waybar = import ./waybar.service.nix { inherit pkgs psCfg; }; - systemd.user.targets.sway-session = import ./sway-session.target.nix { inherit pkgs psCfg; }; + systemd.user.services.mako = import ./mako.service.nix {inherit pkgs psCfg;}; + systemd.user.services.sway = import ./sway.service.nix {inherit pkgs psCfg;}; + systemd.user.services.swayidle = import ./swayidle.service.nix {inherit pkgs psCfg;}; + systemd.user.services.xsettingsd = import ./xsettingsd.service.nix {inherit pkgs psCfg;}; + systemd.user.services.waybar = import ./waybar.service.nix {inherit pkgs psCfg;}; + systemd.user.targets.sway-session = import ./sway-session.target.nix {inherit pkgs psCfg;}; - xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; }; - xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf; - xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf; - xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf; - xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf; - xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix { inherit pkgs psCfg; }; - xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf; - xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf; - }; - }) + xdg.configFile."sway/config".text = import ./config/config.nix {inherit config pkgs;}; + xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf; + xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf; + xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf; + xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf; + xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix {inherit pkgs psCfg;}; + xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf; + xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf; + }; + } ]); } diff --git a/modules/sway/gammastep.service.nix b/modules/sway/gammastep.service.nix index 3960d1ae..d488ea5c 100644 --- a/modules/sway/gammastep.service.nix +++ b/modules/sway/gammastep.service.nix @@ -1,18 +1,17 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "set color temperature of display according to time of day"; - Documentation = [ "man:gammastep(1)" ]; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" ]; + Documentation = ["man:gammastep(1)"]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target"]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; + ConditionEnvironment = ["WAYLAND_DISPLAY"]; }; Service = { Type = "simple"; ExecStart = "${pkgs.gammastep}/bin/gammastep -l geoclue2 -m wayland -v"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/sway/libinput-gestures.service.nix b/modules/sway/libinput-gestures.service.nix index 798d10d6..eed95180 100644 --- a/modules/sway/libinput-gestures.service.nix +++ b/modules/sway/libinput-gestures.service.nix @@ -1,10 +1,9 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "Actions gestures on your touchpad using libinput"; - Documentation = [ "https://github.com/bulletmark/libinput-gestures" ]; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" ]; + Documentation = ["https://github.com/bulletmark/libinput-gestures"]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target"]; }; Service = { Type = "simple"; @@ -14,6 +13,6 @@ TimeoutStopSec = "10"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/sway/mako.service.nix b/modules/sway/mako.service.nix index 1f210c74..22524d32 100644 --- a/modules/sway/mako.service.nix +++ b/modules/sway/mako.service.nix @@ -1,11 +1,10 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "Lightweight Wayland notification daemon"; - Documentation = [ "man:mako(1)" ]; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" ]; - ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; + Documentation = ["man:mako(1)"]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target"]; + ConditionEnvironment = ["WAYLAND_DISPLAY"]; }; Service = { Type = "dbus"; @@ -14,6 +13,6 @@ ExecReload = "${pkgs.mako}/bin/makoctl reload"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/sway/sway-session.target.nix b/modules/sway/sway-session.target.nix index 7b25376a..f35ed280 100644 --- a/modules/sway/sway-session.target.nix +++ b/modules/sway/sway-session.target.nix @@ -1,10 +1,9 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "sway compositor session"; - Documentation = [ "man:systemd.special(7)" ]; - BindsTo = [ "graphical-session.target" ]; - Wants = [ "graphical-session-pre.target" ]; - After = [ "graphical-session-pre.target" ]; + Documentation = ["man:systemd.special(7)"]; + BindsTo = ["graphical-session.target"]; + Wants = ["graphical-session-pre.target"]; + After = ["graphical-session-pre.target"]; }; } diff --git a/modules/sway/sway.service.nix b/modules/sway/sway.service.nix index 0d0d782c..fbca3acd 100644 --- a/modules/sway/sway.service.nix +++ b/modules/sway/sway.service.nix @@ -1,11 +1,10 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "sway - SirCmpwn's Wayland window manager"; - Documentation = [ "man:sway(5)" ]; - BindsTo = [ "graphical-session.target" ]; - Wants = [ "graphical-session-pre.target" ]; - After = [ "graphical-session-pre.target" ]; + Documentation = ["man:sway(5)"]; + BindsTo = ["graphical-session.target"]; + Wants = ["graphical-session-pre.target"]; + After = ["graphical-session-pre.target"]; }; Service = { Type = "simple"; diff --git a/modules/sway/swayidle.service.nix b/modules/sway/swayidle.service.nix index 80a04518..f92c577f 100644 --- a/modules/sway/swayidle.service.nix +++ b/modules/sway/swayidle.service.nix @@ -1,26 +1,35 @@ -{ pkgs, psCfg, ... }: { + pkgs, + psCfg, + ... +}: { Unit = { Description = "Idle manager for Wayland"; - Documentation = [ "man:swayidle(1)" ]; - BindsTo = [ "graphical-session.target" ]; - Wants = [ "graphical-session-pre.target" ]; - After = [ "graphical-session-pre.target" ]; + Documentation = ["man:swayidle(1)"]; + BindsTo = ["graphical-session.target"]; + Wants = ["graphical-session-pre.target"]; + After = ["graphical-session-pre.target"]; }; Service = { Type = "simple"; Environment = "PATH=/run/current-system/sw/bin:${pkgs.sway}/bin:${pkgs.swaylock-bg}/bin:${pkgs.swayidle}/bin"; - ExecStart = ''swayidle -w \ - after-resume 'swaymsg "output * dpms on"' \ - before-sleep 'swaylock-bg' '' + (if psCfg.paranoia.enable then '' \ - timeout 120 'swaymsg "output * dpms off"' resume 'swaymsg "output * dpms on"' \ - timeout 150 'systemctl hibernate' - '' else '' \ - timeout 600 'swaylock-bg' \ - timeout 900 'swaymsg "output * dpms off"' resume 'swaymsg "output * dpms on"' - ''); + ExecStart = + '' swayidle -w \ + after-resume 'swaymsg "output * dpms on"' \ + before-sleep 'swaylock-bg' '' + + ( + if psCfg.paranoia.enable + then '' \ + timeout 120 'swaymsg "output * dpms off"' resume 'swaymsg "output * dpms on"' \ + timeout 150 'systemctl hibernate' + '' + else '' \ + timeout 600 'swaylock-bg' \ + timeout 900 'swaymsg "output * dpms off"' resume 'swaymsg "output * dpms on"' + '' + ); }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/sway/waybar.service.nix b/modules/sway/waybar.service.nix index 0237612f..4715fe81 100644 --- a/modules/sway/waybar.service.nix +++ b/modules/sway/waybar.service.nix @@ -1,12 +1,11 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "Highly customizable Wayland bar for Sway and Wlroots based compositors."; Documentation = "https://github.com/Alexays/Waybar/wiki/"; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" "network-online.target" ]; - Wants = [ "graphical-session-pre.target" "network-online.target" "blueman-applet.service" ]; - ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target" "network-online.target"]; + Wants = ["graphical-session-pre.target" "network-online.target" "blueman-applet.service"]; + ConditionEnvironment = ["WAYLAND_DISPLAY"]; }; Service = { @@ -17,6 +16,6 @@ }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/sway/xsettingsd.service.nix b/modules/sway/xsettingsd.service.nix index db3e842c..39057264 100644 --- a/modules/sway/xsettingsd.service.nix +++ b/modules/sway/xsettingsd.service.nix @@ -1,12 +1,11 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "X Settings Daemon"; - Documentation = [ "https://github.com/derat/xsettingsd/wiki/Installation" ]; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" ]; + Documentation = ["https://github.com/derat/xsettingsd/wiki/Installation"]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target"]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; + ConditionEnvironment = ["WAYLAND_DISPLAY"]; }; Service = { Type = "simple"; @@ -14,6 +13,6 @@ ExecStop = "/run/current-system/sw/bin/env pkill xsettingsd"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/sway/ydotool.service.nix b/modules/sway/ydotool.service.nix index 24b64432..4ef76464 100644 --- a/modules/sway/ydotool.service.nix +++ b/modules/sway/ydotool.service.nix @@ -1,10 +1,9 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { Unit = { Description = "ydotool - Generic command-line automation tool (no X!)"; - Documentation = [ "https://github.com/ReimuNotMoe/ydotool" ]; - BindsTo = [ "sway-session.target" ]; - After = [ "sway-session.target" ]; + Documentation = ["https://github.com/ReimuNotMoe/ydotool"]; + BindsTo = ["sway-session.target"]; + After = ["sway-session.target"]; }; Service = { Type = "simple"; @@ -14,6 +13,6 @@ TimeoutStopSec = "10"; }; Install = { - WantedBy = [ "sway-session.target" ]; + WantedBy = ["sway-session.target"]; }; } diff --git a/modules/terminal-life/default.nix b/modules/terminal-life/default.nix index 6bd0312f..3b58243f 100644 --- a/modules/terminal-life/default.nix +++ b/modules/terminal-life/default.nix @@ -1,10 +1,14 @@ -{ lib, config, pkgs, self, ... }: -with lib; -let +{ + lib, + config, + pkgs, + self, + ... +}: +with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.terminal-life; -in -{ +in { options.pub-solar.terminal-life = { enable = mkEnableOption "Life in black and white"; @@ -21,7 +25,7 @@ in programs.command-not-found.enable = false; # Needed to get zsh completion for system packages (e.g. systemd). - environment.pathsToLink = [ "/share/zsh" ]; + environment.pathsToLink = ["/share/zsh"]; environment.shells = with pkgs; [ zsh @@ -31,25 +35,36 @@ in screen ]; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ - ack - asciinema - bat - exa - fd - gh - glow - nnn - powerline - silver-searcher - vifm - watson - ]; + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ + ack + asciinema + bat + exa + fd + gh + glow + nnn + powerline + silver-searcher + vifm + watson + ]; - programs.neovim = import ./nvim { inherit config; inherit pkgs; }; - programs.fzf = import ./fzf { inherit config; inherit pkgs; }; - programs.zsh = import ./zsh { inherit config; inherit pkgs; inherit self; }; - }; + programs.neovim = import ./nvim { + inherit config; + inherit pkgs; + }; + programs.fzf = import ./fzf { + inherit config; + inherit pkgs; + }; + programs.zsh = import ./zsh { + inherit config; + inherit pkgs; + inherit self; + }; + }; }; } diff --git a/modules/terminal-life/fzf/default.nix b/modules/terminal-life/fzf/default.nix index 6d9e4a7c..0cc6fd94 100644 --- a/modules/terminal-life/fzf/default.nix +++ b/modules/terminal-life/fzf/default.nix @@ -1,5 +1,8 @@ -{ config, pkgs, ... }: { + config, + pkgs, + ... +}: { enable = true; defaultCommand = "fd --hidden --type f --exclude .git"; defaultOptions = [ diff --git a/modules/terminal-life/nvim/default.nix b/modules/terminal-life/nvim/default.nix index 4df1892a..93c8b15b 100644 --- a/modules/terminal-life/nvim/default.nix +++ b/modules/terminal-life/nvim/default.nix @@ -1,12 +1,14 @@ -{ config, pkgs, ... }: -let +{ + config, + pkgs, + ... +}: let psCfg = config.pub-solar; cfg = config.pub-solar.terminal-life; xdg = config.home-manager.users."${psCfg.user.name}".xdg; preview-file = pkgs.writeShellScriptBin "preview-file" (import ./preview-file.nix pkgs); -in -{ +in { enable = true; viAlias = true; @@ -17,27 +19,28 @@ in withRuby = true; withPython3 = true; - extraPackages = with pkgs; lib.mkIf (!cfg.lite) [ - ccls - gopls - nodejs - nodePackages.bash-language-server - nodePackages.dockerfile-language-server-nodejs - nodePackages.svelte-language-server - nodePackages.typescript - nodePackages.typescript-language-server - nodePackages.vim-language-server - nodePackages.vue-language-server - nodePackages.vscode-langservers-extracted - nodePackages.yaml-language-server - python39Packages.python-lsp-server - python3Full - solargraph - rnix-lsp - rust-analyzer - terraform-ls - universal-ctags - ]; + extraPackages = with pkgs; + lib.mkIf (!cfg.lite) [ + ccls + gopls + nodejs + nodePackages.bash-language-server + nodePackages.dockerfile-language-server-nodejs + nodePackages.svelte-language-server + nodePackages.typescript + nodePackages.typescript-language-server + nodePackages.vim-language-server + nodePackages.vue-language-server + nodePackages.vscode-langservers-extracted + nodePackages.yaml-language-server + python39Packages.python-lsp-server + python3Full + solargraph + rnix-lsp + rust-analyzer + terraform-ls + universal-ctags + ]; plugins = with pkgs.vimPlugins; [ nvim-cmp diff --git a/modules/terminal-life/nvim/init.vim b/modules/terminal-life/nvim/init.vim index 9d4ac597..4ce8a197 100644 --- a/modules/terminal-life/nvim/init.vim +++ b/modules/terminal-life/nvim/init.vim @@ -13,6 +13,7 @@ set expandtab set shiftwidth=2 set number set relativenumber +set mouse= set undolevels=1000 set undoreload=10000 diff --git a/modules/terminal-life/nvim/lsp.vim b/modules/terminal-life/nvim/lsp.vim index 97e9e21a..ef238fe6 100644 --- a/modules/terminal-life/nvim/lsp.vim +++ b/modules/terminal-life/nvim/lsp.vim @@ -73,8 +73,7 @@ lua <: : ... expression="" diff --git a/pkgs/lgcl.nix b/pkgs/lgcl.nix index 1d973e81..235fbe5e 100644 --- a/pkgs/lgcl.nix +++ b/pkgs/lgcl.nix @@ -1,9 +1,7 @@ -self: with self; -let +self: with self; let looking-glass-client = self.looking-glass-client.overrideAttrs (old: { - meta.platforms = [ "x86_64-linux" "aarch64-linux" ]; + meta.platforms = ["x86_64-linux" "aarch64-linux"]; }); -in -'' +in '' ${looking-glass-client}/bin/looking-glass-client -f /dev/shm/looking-glass input:ignoreWindowsKeys=yes input:grabKeyboardOnFocus=no '' diff --git a/pkgs/mailto-mutt.nix b/pkgs/mailto-mutt.nix index 80543277..7e014e0f 100644 --- a/pkgs/mailto-mutt.nix +++ b/pkgs/mailto-mutt.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' mkdir -p $XDG_CACHE_HOME/log LOGFILE=$XDG_CACHE_HOME/log/mailto.log diff --git a/pkgs/mopidy-jellyfin.nix b/pkgs/mopidy-jellyfin.nix index a3cde276..ec0d64a5 100644 --- a/pkgs/mopidy-jellyfin.nix +++ b/pkgs/mopidy-jellyfin.nix @@ -1,5 +1,4 @@ -self: with self; -let +self: with self; let websocket-client = python39.pkgs.buildPythonPackage rec { pname = "websocket-client"; version = "1.2.1"; @@ -10,20 +9,20 @@ let }; }; in -python39.pkgs.buildPythonPackage rec { - pname = "Mopidy-Jellyfin"; - version = "1.0.2"; - doCheck = false; - propagatedBuildInputs = with python39.pkgs; [ - unidecode - websocket-client - requests - setuptools - pykka - mopidy - ]; - src = python39.pkgs.fetchPypi { - inherit pname version; - sha256 = "sha256-5XimIIQSpvNyQbSOFtSTkA0jhA0V68BbyQEQNnov+0g="; - }; -} + python39.pkgs.buildPythonPackage rec { + pname = "Mopidy-Jellyfin"; + version = "1.0.2"; + doCheck = false; + propagatedBuildInputs = with python39.pkgs; [ + unidecode + websocket-client + requests + setuptools + pykka + mopidy + ]; + src = python39.pkgs.fetchPypi { + inherit pname version; + sha256 = "sha256-5XimIIQSpvNyQbSOFtSTkA0jhA0V68BbyQEQNnov+0g="; + }; + } diff --git a/pkgs/mu.nix b/pkgs/mu.nix index 90afaa4a..3b4c351f 100644 --- a/pkgs/mu.nix +++ b/pkgs/mu.nix @@ -1,3 +1,4 @@ -self: with self; '' +self: +with self; '' exec ${alacritty}/bin/alacritty --class mu_vimpc --option dimensions.columns=120 --option dimensions.lines=80 -e vimpc -- "$@" '' diff --git a/pkgs/psos-docs.nix b/pkgs/psos-docs.nix index 112e39bc..24e86bff 100644 --- a/pkgs/psos-docs.nix +++ b/pkgs/psos-docs.nix @@ -1,26 +1,27 @@ -self: with self; -stdenv.mkDerivation rec { - pname = "psos-docs"; - version = "0.0.1"; - buildInputs = [ - mdbook - mdbook-pdf - ]; +self: +with self; + stdenv.mkDerivation rec { + pname = "psos-docs"; + version = "0.0.1"; + buildInputs = [ + mdbook + mdbook-pdf + ]; - src = ../docs/..; # wut + src = ../docs/..; # wut - phases = [ "buildPhase" "installPhase" ]; + phases = ["buildPhase" "installPhase"]; - buildPhase = '' - cp -r $src/doc ./doc - cp $src/README.md ./README.md - chmod ug+w -R . - ls -la . - mdbook build doc - ''; + buildPhase = '' + cp -r $src/doc ./doc + cp $src/README.md ./README.md + chmod ug+w -R . + ls -la . + mdbook build doc + ''; - installPhase = '' - mkdir -p $out/lib/ - cp -r doc/book $out/lib/html - ''; -} + installPhase = '' + mkdir -p $out/lib/ + cp -r doc/book $out/lib/html + ''; + } diff --git a/pkgs/psos.nix b/pkgs/psos.nix index eb050bfb..7846f80a 100644 --- a/pkgs/psos.nix +++ b/pkgs/psos.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' case $1 in rebuild) shift; diff --git a/pkgs/record-screen.nix b/pkgs/record-screen.nix index d8d7f4a3..eb2d0bf1 100644 --- a/pkgs/record-screen.nix +++ b/pkgs/record-screen.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' mkdir -p "$HOME/Videos/Screenrecordings" GEOMETRY="$(slurp -d -b \#ffffff11)" RESOLUTION="$(echo $GEOMETRY | awk '{print $2}')" diff --git a/pkgs/s.nix b/pkgs/s.nix index 668d5553..1b003b6b 100644 --- a/pkgs/s.nix +++ b/pkgs/s.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' case $1 in d) shift; diff --git a/pkgs/sway-launcher.nix b/pkgs/sway-launcher.nix index 57c7afe4..aed2cd1e 100644 --- a/pkgs/sway-launcher.nix +++ b/pkgs/sway-launcher.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' #!/usr/bin/env zsh # terminal application launcher for sway, using fzf # original command: diff --git a/pkgs/sway-service.nix b/pkgs/sway-service.nix index 2ab84c62..9ba8bb12 100644 --- a/pkgs/sway-service.nix +++ b/pkgs/sway-service.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' # first import environment variables from the login manager systemctl --user import-environment; # then start the service diff --git a/pkgs/swaylock-bg.nix b/pkgs/swaylock-bg.nix index 75bcd7de..78a96813 100644 --- a/pkgs/swaylock-bg.nix +++ b/pkgs/swaylock-bg.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' # Dependencies: # swaylock diff --git a/pkgs/toggle-kbd-layout.nix b/pkgs/toggle-kbd-layout.nix index 6418d043..a35de234 100644 --- a/pkgs/toggle-kbd-layout.nix +++ b/pkgs/toggle-kbd-layout.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' set -e current_layout=$(${sway}/bin/swaymsg -t get_inputs | ${jq}/bin/jq -r '.[] | select(.type == "keyboard") | .xkb_active_layout_index' | head -1) diff --git a/pkgs/uhk-agent.nix b/pkgs/uhk-agent.nix index 3143b054..bccf06db 100644 --- a/pkgs/uhk-agent.nix +++ b/pkgs/uhk-agent.nix @@ -1,5 +1,4 @@ -self: with self; -let +self: with self; let uhk-agent-bin = stdenv.mkDerivation rec { pname = "uhk-agent-bin"; version = "1.5.14"; @@ -7,7 +6,7 @@ let url = "https://github.com/UltimateHackingKeyboard/agent/releases/download/v1.5.14/UHK.Agent-1.5.14-linux-x86_64.AppImage"; sha256 = "sha256:1yzh4ixy0cqg02xf84vcqj3h67mkxyzs6jf1h935ay582n70nyqg"; }; - phases = [ "installPhase" "patchPhase" ]; + phases = ["installPhase" "patchPhase"]; installPhase = '' mkdir -p $out/bin cp $src $out/bin/uhk-agent @@ -21,24 +20,24 @@ let ${appimage-run}/bin/appimage-run ${uhk-agent-bin}/bin/uhk-agent ''; in -stdenv.mkDerivation rec { - pname = "uhk-agent"; - version = "1.5.14"; - buildInputs = [ - bash - uhk-agent-bin - appimage-run - ]; + stdenv.mkDerivation rec { + pname = "uhk-agent"; + version = "1.5.14"; + buildInputs = [ + bash + uhk-agent-bin + appimage-run + ]; - phases = [ "buildPhase" "installPhase" "patchPhase" ]; + phases = ["buildPhase" "installPhase" "patchPhase"]; - buildPhase = '' - echo "${script}" >> uhk-agent - ''; + buildPhase = '' + echo "${script}" >> uhk-agent + ''; - installPhase = '' - mkdir -p $out/bin - cp uhk-agent $out/bin/uhk-agent - chmod +x $out/bin/uhk-agent - ''; -} + installPhase = '' + mkdir -p $out/bin + cp uhk-agent $out/bin/uhk-agent + chmod +x $out/bin/uhk-agent + ''; + } diff --git a/pkgs/wcwd.nix b/pkgs/wcwd.nix index e5ebcca8..3f5e676d 100644 --- a/pkgs/wcwd.nix +++ b/pkgs/wcwd.nix @@ -1,4 +1,5 @@ -self: with self; '' +self: +with self; '' pid=$(${sway}/bin/swaymsg -t get_tree | jq '.. | select(.type?) | select(.type=="con") | select(.focused==true).pid') ppid=$(pgrep --newest --parent ''${pid}) readlink /proc/''${ppid}/cwd || echo $HOME diff --git a/profiles/audio/default.nix b/profiles/audio/default.nix index 22b64af5..10e186d6 100644 --- a/profiles/audio/default.nix +++ b/profiles/audio/default.nix @@ -1,6 +1,11 @@ -{ self, config, lib, pkgs, ... }: -let inherit (lib) fileContents; -in { + self, + config, + lib, + pkgs, + ... +}: let + inherit (lib) fileContents; +in { pub-solar.audio.enable = true; } diff --git a/profiles/base-user/.config/git/config.nix b/profiles/base-user/.config/git/config.nix index 2553ec66..dc50bd82 100644 --- a/profiles/base-user/.config/git/config.nix +++ b/profiles/base-user/.config/git/config.nix @@ -1,33 +1,47 @@ -{ config, pkgs, ... }: -let +{ + config, + pkgs, + ... +}: let user = config.pub-solar.user; xdg = config.home-manager.users."${user.name}".xdg; -in -''[user] - ${if user.email != null then "email = ${user.email}" else ""} - ${if user.fullName != null then "name = ${user.fullName}" else ""} - ${if user.gpgKeyId != null then "signingkey = ${user.gpgKeyId}" else ""} -[core] - editor = /etc/profiles/per-user/${config.pub-solar.user.name}/bin/nvim - excludesFile = /home/${config.pub-solar.user.name}/.config/git/global_gitignore -[alias] - pol = pull - ack = -c color.grep.linenumber=\"bold yellow\"\n -c color.grep.filename=\"bold green\"\n -c color.grep.match=\"reverse yellow\"\n grep --break --heading --line-number -# define command which will be used when "nvim"is set as a merge tool +in '' [user] + ${ + if user.email != null + then "email = ${user.email}" + else "" + } + ${ + if user.fullName != null + then "name = ${user.fullName}" + else "" + } + ${ + if user.gpgKeyId != null + then "signingkey = ${user.gpgKeyId}" + else "" + } + [core] + editor = /etc/profiles/per-user/${config.pub-solar.user.name}/bin/nvim + excludesFile = /home/${config.pub-solar.user.name}/.config/git/global_gitignore + [alias] + pol = pull + ack = -c color.grep.linenumber=\"bold yellow\"\n -c color.grep.filename=\"bold green\"\n -c color.grep.match=\"reverse yellow\"\n grep --break --heading --line-number + # define command which will be used when "nvim"is set as a merge tool -[mergetool] - prompt = false -[merge] - tool = nvim -[mergetool "nvim"] - cmd = /etc/profiles/per-user/${config.pub-solar.user.name}/bin/nvim -f -c \"Gdiffsplit!\" \"$MERGED\" + [mergetool] + prompt = false + [merge] + tool = nvim + [mergetool "nvim"] + cmd = /etc/profiles/per-user/${config.pub-solar.user.name}/bin/nvim -f -c \"Gdiffsplit!\" \"$MERGED\" -[commit] - gpgsign = true - template = ${xdg.configHome}/git/gitmessage -[tag] - gpgsign = true -[init] - defaultBranch = main -[pull] - rebase = false'' + [commit] + gpgsign = true + template = ${xdg.configHome}/git/gitmessage + [tag] + gpgsign = true + [init] + defaultBranch = main + [pull] + rebase = false'' diff --git a/profiles/base-user/.config/git/gitmessage.nix b/profiles/base-user/.config/git/gitmessage.nix index 0d80f469..839ca0dc 100644 --- a/profiles/base-user/.config/git/gitmessage.nix +++ b/profiles/base-user/.config/git/gitmessage.nix @@ -1,22 +1,24 @@ -{ config, pkgs, ... }: -let +{ + config, + pkgs, + ... +}: let user = config.pub-solar.user; xdg = config.home-manager.users."${user.name}".xdg; -in -'' -# Title: Summary, imperative, start upper case, don't end with a period -# No more than 50 chars. #### 50 chars is here: # -# - - -# ^ Remember ending with an extra blank line -# Body: Explain *what* and *why* (not *how*). Include issue number. -# Wrap at 72 chars. ################################## which is here: # -# - - -# ^ Remember ending with an extra blank line -# At the end: Include Co-authored-by for all contributors. -# -# Co-authored-by: Example Name +in '' + # Title: Summary, imperative, start upper case, don't end with a period + # No more than 50 chars. #### 50 chars is here: # + # + + + # ^ Remember ending with an extra blank line + # Body: Explain *what* and *why* (not *how*). Include issue number. + # Wrap at 72 chars. ################################## which is here: # + # + + + # ^ Remember ending with an extra blank line + # At the end: Include Co-authored-by for all contributors. + # + # Co-authored-by: Example Name '' diff --git a/profiles/base-user/.config/git/global_gitignore.nix b/profiles/base-user/.config/git/global_gitignore.nix index 1ee11f34..ece329a7 100644 --- a/profiles/base-user/.config/git/global_gitignore.nix +++ b/profiles/base-user/.config/git/global_gitignore.nix @@ -1,4 +1,6 @@ -{ config, pkgs, ... }: -let -in -''tags'' +{ + config, + pkgs, + ... +}: let +in ''tags'' diff --git a/profiles/base-user/default.nix b/profiles/base-user/default.nix index 374dca40..92e297d0 100644 --- a/profiles/base-user/default.nix +++ b/profiles/base-user/default.nix @@ -1,8 +1,11 @@ -{ config, pkgs, lib, ... }: -let - psCfg = config.pub-solar; -in { + config, + pkgs, + lib, + ... +}: let + psCfg = config.pub-solar; +in { imports = [ ./home.nix ]; @@ -10,22 +13,29 @@ in users = { mutableUsers = false; - users = with pkgs; pkgs.lib.setAttrByPath [ psCfg.user.name ] { - # Indicates whether this is an account for a “real” user. - # This automatically sets group to users, createHome to true, - # home to /home/username, useDefaultShell to true, and isSystemUser to false. - isNormalUser = true; - description = psCfg.user.description; - extraGroups = [ - "wheel" - "input" - "networkmanager" - "lp" - "scanner" - ]; - initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else ""; - shell = pkgs.zsh; - openssh.authorizedKeys.keys = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ]; - }; + users = with pkgs; + pkgs.lib.setAttrByPath [psCfg.user.name] { + # Indicates whether this is an account for a “real” user. + # This automatically sets group to users, createHome to true, + # home to /home/username, useDefaultShell to true, and isSystemUser to false. + isNormalUser = true; + description = psCfg.user.description; + extraGroups = [ + "wheel" + "input" + "networkmanager" + "lp" + "scanner" + ]; + initialHashedPassword = + if psCfg.user.password != null + then psCfg.user.password + else ""; + shell = pkgs.zsh; + openssh.authorizedKeys.keys = + if psCfg.user.publicKeys != null + then psCfg.user.publicKeys + else []; + }; }; } diff --git a/profiles/base-user/home.nix b/profiles/base-user/home.nix index f87c136a..27a7c32c 100644 --- a/profiles/base-user/home.nix +++ b/profiles/base-user/home.nix @@ -1,15 +1,18 @@ -{ config, pkgs, lib, ... }: -with lib; -let +{ + config, + pkgs, + lib, + ... +}: +with lib; let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in -{ +in { imports = [ ./session-variables.nix ]; - home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { + home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] { # Let Home Manager install and manage itself. programs.home-manager.enable = true; @@ -18,7 +21,7 @@ in home.username = psCfg.user.name; home.homeDirectory = "/home/${psCfg.user.name}"; - home.packages = with pkgs; [ ]; + home.packages = with pkgs; []; fonts.fontconfig.enable = mkForce true; @@ -31,9 +34,18 @@ in xdg.mime.enable = true; xdg.mimeApps = import ./mimeapps.nix; - xdg.configFile."git/config".text = import ./.config/git/config.nix { inherit config; inherit pkgs; }; - xdg.configFile."git/gitmessage".text = import ./.config/git/gitmessage.nix { inherit config; inherit pkgs; }; - xdg.configFile."git/global_gitignore".text = import ./.config/git/global_gitignore.nix { inherit config; inherit pkgs; }; + xdg.configFile."git/config".text = import ./.config/git/config.nix { + inherit config; + inherit pkgs; + }; + xdg.configFile."git/gitmessage".text = import ./.config/git/gitmessage.nix { + inherit config; + inherit pkgs; + }; + xdg.configFile."git/global_gitignore".text = import ./.config/git/global_gitignore.nix { + inherit config; + inherit pkgs; + }; xdg.configFile."dircolors".source = ./.config/dircolors; xdg.configFile."xmodmap".source = ./.config/xmodmap; xdg.configFile."user-dirs.dirs".source = ./.config/user-dirs.dirs; diff --git a/profiles/base-user/mimeapps.nix b/profiles/base-user/mimeapps.nix index 395c1b87..ab3fd495 100644 --- a/profiles/base-user/mimeapps.nix +++ b/profiles/base-user/mimeapps.nix @@ -1,27 +1,27 @@ { enable = true; defaultApplications = { - "application/octet-stream" = [ "firefox.desktop" ]; - "application/pdf" = [ "org.gnome.Evince.desktop" ]; - "application/x-bittorrent" = [ "deluge.desktop" ]; - "application/x-extension-htm" = [ "firefox.desktop" ]; - "application/x-extension-html" = [ "firefox.desktop" ]; - "application/x-extension-shtml" = [ "firefox.desktop" ]; - "application/x-extension-xhtml" = [ "firefox.desktop" ]; - "application/x-extension-xht" = [ "firefox.desktop" ]; - "application/xhtml+xml" = [ "firefox.desktop" ]; - "image/jpeg" = [ "org.gnome.eog.desktop" ]; - "image/png" = [ "org.gnome.eog.desktop" ]; - "message/rfc822" = [ "userapp-Thunderbird.desktop" ]; - "text/html" = [ "firefox.desktop" ]; - "text/plain" = [ "firefox.desktop" ]; - "video/mp4" = [ "vlc.desktop" ]; - "x-scheme-handler/chrome" = [ "firefox.desktop" ]; - "x-scheme-handler/ftp" = [ "firefox.desktop" ]; - "x-scheme-handler/http" = [ "firefox.desktop" ]; - "x-scheme-handler/https" = [ "firefox.desktop" ]; - "x-scheme-handler/mailto" = [ "userapp-Thunderbird.desktop" ]; - "x-scheme-handler/msteams" = [ "teams.desktop" ]; - "x-scheme-handler/tg" = [ "userapp-Telegram Desktop-JBKFU0.desktop" ]; + "application/octet-stream" = ["firefox.desktop"]; + "application/pdf" = ["org.gnome.Evince.desktop"]; + "application/x-bittorrent" = ["deluge.desktop"]; + "application/x-extension-htm" = ["firefox.desktop"]; + "application/x-extension-html" = ["firefox.desktop"]; + "application/x-extension-shtml" = ["firefox.desktop"]; + "application/x-extension-xhtml" = ["firefox.desktop"]; + "application/x-extension-xht" = ["firefox.desktop"]; + "application/xhtml+xml" = ["firefox.desktop"]; + "image/jpeg" = ["org.gnome.eog.desktop"]; + "image/png" = ["org.gnome.eog.desktop"]; + "message/rfc822" = ["userapp-Thunderbird.desktop"]; + "text/html" = ["firefox.desktop"]; + "text/plain" = ["firefox.desktop"]; + "video/mp4" = ["vlc.desktop"]; + "x-scheme-handler/chrome" = ["firefox.desktop"]; + "x-scheme-handler/ftp" = ["firefox.desktop"]; + "x-scheme-handler/http" = ["firefox.desktop"]; + "x-scheme-handler/https" = ["firefox.desktop"]; + "x-scheme-handler/mailto" = ["userapp-Thunderbird.desktop"]; + "x-scheme-handler/msteams" = ["teams.desktop"]; + "x-scheme-handler/tg" = ["userapp-Telegram Desktop-JBKFU0.desktop"]; }; } diff --git a/profiles/base-user/session-variables.nix b/profiles/base-user/session-variables.nix index e922781b..5bac79c1 100644 --- a/profiles/base-user/session-variables.nix +++ b/profiles/base-user/session-variables.nix @@ -1,5 +1,9 @@ -{ config, pkgs, lib, ... }: -let +{ + config, + pkgs, + lib, + ... +}: let psCfg = config.pub-solar; wlroots = psCfg.graphical.wayland; xdg = config.home-manager.users."${psCfg.user.name}".xdg; @@ -16,7 +20,10 @@ let ECORE_EVAS_ENGINE = "wayland_egl"; ELM_ENGINE = "wayland_egl"; SDL_VIDEODRIVER = "wayland"; - WLR_RENDERER = if wlroots.software-renderer.enable then "pixman" else "gles2"; + WLR_RENDERER = + if wlroots.software-renderer.enable + then "pixman" + else "gles2"; EDITOR = "/etc/profiles/per-user/${psCfg.user.name}/bin/nvim"; VISUAL = "/etc/profiles/per-user/${psCfg.user.name}/bin/nvim"; @@ -85,11 +92,10 @@ let # We can use this to tell `systemctl import-environment` to import the full list above. variablesWithMeta = lib.attrsets.zipAttrsWith (name: values: builtins.head values) [ variables - { IMPORT_ENVIRONMENT_ENV_LIST = lib.lists.foldl (a: b: a + " " + b) "IMPORT_ENVIRONMENT_ENV_LIST" envListNames; } + {IMPORT_ENVIRONMENT_ENV_LIST = lib.lists.foldl (a: b: a + " " + b) "IMPORT_ENVIRONMENT_ENV_LIST" envListNames;} ]; -in -{ - home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { +in { + home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] { home.sessionVariables = variablesWithMeta; systemd.user.sessionVariables = variablesWithMeta; }; diff --git a/profiles/cachix/default.nix b/profiles/cachix/default.nix index d88a3f75..9b810da7 100644 --- a/profiles/cachix/default.nix +++ b/profiles/cachix/default.nix @@ -1,11 +1,13 @@ -{ pkgs, lib, ... }: -let +{ + pkgs, + lib, + ... +}: let folder = ./.; toImport = name: value: folder + ("/" + name); filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix"; imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); -in -{ +in { inherit imports; - nix.binaryCaches = [ "https://cache.nixos.org/" ]; + nix.settings.substituters = ["https://cache.nixos.org/"]; } diff --git a/profiles/cachix/nix-community.nix b/profiles/cachix/nix-community.nix index 7e4be286..3c957fcd 100644 --- a/profiles/cachix/nix-community.nix +++ b/profiles/cachix/nix-community.nix @@ -1,9 +1,9 @@ { - nix = { - binaryCaches = [ + nix.settings = { + substituters = [ "https://nix-community.cachix.org" ]; - binaryCachePublicKeys = [ + trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; }; diff --git a/profiles/cachix/nrdxp.nix b/profiles/cachix/nrdxp.nix index bb3b4a59..ddced9c3 100644 --- a/profiles/cachix/nrdxp.nix +++ b/profiles/cachix/nrdxp.nix @@ -1,9 +1,9 @@ { - nix = { - binaryCaches = [ + nix.settings = { + substituters = [ "https://nrdxp.cachix.org" ]; - binaryCachePublicKeys = [ + trusted-public-keys = [ "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=" ]; }; diff --git a/profiles/full-install/default.nix b/profiles/full-install/default.nix index ba136554..d3c03da7 100644 --- a/profiles/full-install/default.nix +++ b/profiles/full-install/default.nix @@ -1,8 +1,13 @@ -{ self, config, lib, pkgs, ... }: -let inherit (lib) fileContents; -in { - imports = [ ../cachix ]; + self, + config, + lib, + pkgs, + ... +}: let + inherit (lib) fileContents; +in { + imports = [../cachix]; config = { pub-solar.audio.mopidy.enable = true; diff --git a/profiles/gaming/default.nix b/profiles/gaming/default.nix index a833f192..c65c16d1 100644 --- a/profiles/gaming/default.nix +++ b/profiles/gaming/default.nix @@ -1,9 +1,12 @@ -{ self, config, lib, pkgs, ... }: -let inherit (lib) fileContents; -in { + self, + config, + lib, + pkgs, + ... +}: let + inherit (lib) fileContents; +in { pub-solar.gaming.enable = true; pub-solar.docker.enable = true; - pub-solar.docker.enable = true; - pub-solar.docker.enable = true; -}; +} diff --git a/profiles/graphical/default.nix b/profiles/graphical/default.nix index 237a74e5..c4937b38 100644 --- a/profiles/graphical/default.nix +++ b/profiles/graphical/default.nix @@ -1,7 +1,12 @@ -{ self, config, lib, pkgs, ... }: -let inherit (lib) fileContents; -in { + self, + config, + lib, + pkgs, + ... +}: let + inherit (lib) fileContents; +in { pub-solar.graphical.enable = true; pub-solar.sway.enable = true; } diff --git a/profiles/pub-solar-iso/default.nix b/profiles/pub-solar-iso/default.nix index 4aa8c6fd..2b3669c5 100644 --- a/profiles/pub-solar-iso/default.nix +++ b/profiles/pub-solar-iso/default.nix @@ -1,8 +1,13 @@ -{ self, config, lib, pkgs, ... }: -let inherit (lib) fileContents; -in { - imports = [ ../cachix ]; + self, + config, + lib, + pkgs, + ... +}: let + inherit (lib) fileContents; +in { + imports = [../cachix]; config = { pub-solar.graphical.wayland.software-renderer.enable = true; pub-solar.sway.terminal = "foot"; diff --git a/profiles/social/default.nix b/profiles/social/default.nix index cad05d33..fb04d9e6 100644 --- a/profiles/social/default.nix +++ b/profiles/social/default.nix @@ -1,6 +1,11 @@ -{ self, config, lib, pkgs, ... }: -let inherit (lib) fileContents; -in { + self, + config, + lib, + pkgs, + ... +}: let + inherit (lib) fileContents; +in { pub-solar.social.enable = true; } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index bac30e03..641ef20d 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -2,8 +2,7 @@ let # set ssh public keys here for your system and user system = ""; user = ""; - allKeys = [ system user ]; -in -{ + allKeys = [system user]; +in { "secret.age".publicKeys = allKeys; } diff --git a/shell/default.nix b/shell/default.nix index 597a2d2d..4d00b9ef 100644 --- a/shell/default.nix +++ b/shell/default.nix @@ -1,9 +1,11 @@ -{ self, inputs, ... }: { + self, + inputs, + ... +}: { modules = with inputs; [ ]; exportedModules = [ ./devos.nix ]; } - diff --git a/shell/devos.nix b/shell/devos.nix index 9aefcc6f..5a922b4b 100644 --- a/shell/devos.nix +++ b/shell/devos.nix @@ -1,68 +1,68 @@ -{ pkgs, extraModulesPath, inputs, lib, ... }: -let - - inherit (pkgs) +{ + pkgs, + extraModulesPath, + inputs, + lib, + ... +}: let + inherit + (pkgs) agenix cachix editorconfig-checker mdbook nix - nixpkgs-fmt + alejandra nvfetcher + shellcheck + shfmt + treefmt + ; + + inherit + (pkgs.nodePackages) + prettier ; hooks = import ./hooks; - pkgWithCategory = category: package: { inherit package category; }; + pkgWithCategory = category: package: {inherit package category;}; devos = pkgWithCategory "devos"; linter = pkgWithCategory "linter"; docs = pkgWithCategory "docs"; - -in -{ +in { _file = toString ./.; - imports = [ "${extraModulesPath}/git/hooks.nix" ]; - git = { inherit hooks; }; + imports = ["${extraModulesPath}/git/hooks.nix"]; + git = {inherit hooks;}; # override for our own welcome devshell.name = pkgs.lib.mkForce "PubSolarOS"; - # tempfix: remove when merged https://github.com/numtide/devshell/pull/123 - devshell.startup.load_profiles = pkgs.lib.mkForce (pkgs.lib.noDepEntry '' - # PATH is devshell's exorbitant privilige: - # fence against its pollution - _PATH=''${PATH} - # Load installed profiles - for file in "$DEVSHELL_DIR/etc/profile.d/"*.sh; do - # If that folder doesn't exist, bash loves to return the whole glob - [[ -f "$file" ]] && source "$file" - done - # Exert exorbitant privilige and leave no trace - export PATH=''${_PATH} - unset _PATH - ''); + commands = with pkgs; + [ + (devos nix) + (devos agenix) + { + category = "devos"; + name = pkgs.nvfetcher.pname; + help = pkgs.nvfetcher.meta.description; + command = "cd $PRJ_ROOT/pkgs; ${pkgs.nvfetcher}/bin/nvfetcher -c ./sources.toml $@"; + } + (linter alejandra) + (linter editorconfig-checker) + (linter nodePackages.prettier) + (linter shfmt) + (linter shellcheck) + (linter treefmt) - commands = with pkgs; [ - (devos nix) - (devos agenix) - { - category = "devos"; - name = pkgs.nvfetcher.pname; - help = pkgs.nvfetcher.meta.description; - command = "cd $PRJ_ROOT/pkgs; ${pkgs.nvfetcher}/bin/nvfetcher -c ./sources.toml $@"; - } - (linter nixpkgs-fmt) - (linter editorconfig-checker) - - (docs mdbook) - ] - ++ lib.optionals (!pkgs.stdenv.buildPlatform.isi686) [ - (devos cachix) - ] - ++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [ - (devos inputs.nixos-generators.defaultPackage.${pkgs.system}) - (devos deploy-rs) - ] - ; + (docs mdbook) + ] + ++ lib.optionals (!pkgs.stdenv.buildPlatform.isi686) [ + (devos cachix) + ] + ++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [ + (devos inputs.nixos-generators.defaultPackage.${pkgs.system}) + (devos deploy-rs) + ]; } diff --git a/shell/hooks/pre-commit.sh b/shell/hooks/pre-commit.sh index a7fa9083..4ce4fa13 100755 --- a/shell/hooks/pre-commit.sh +++ b/shell/hooks/pre-commit.sh @@ -1,7 +1,6 @@ #!/usr/bin/env bash -if git rev-parse --verify HEAD >/dev/null 2>&1 -then +if git rev-parse --verify HEAD >/dev/null 2>&1; then against=HEAD else # Initial commit: diff against an empty tree object @@ -10,23 +9,20 @@ fi diff="git diff-index --name-only --cached $against --diff-filter d" -nix_files=($($diff -- '*.nix')) all_files=($($diff)) -# Format staged nix files. -if (( ${#nix_files[@]} != 0 )); then - nixpkgs-fmt "${nix_files[@]}" \ - && git add "${nix_files[@]}" +# Format staged files. +if ((${#all_files[@]} != 0)); then + treefmt "${all_files[@]}" && + git add "${all_files[@]}" fi # check editorconfig -if (( ${#all_files[@]} != 0 )); then - editorconfig-checker -- "${all_files[@]}" -fi - -if [[ $? != '0' ]]; then - printf "%b\n" \ - "\nCode is not aligned with .editorconfig" \ - "Review the output and commit your fixes" >&2 - exit 1 +if ((${#all_files[@]} != 0)); then + if ! editorconfig-checker -- "${all_files[@]}"; then + printf "%b\n" \ + "\nCode is not aligned with .editorconfig" \ + "Review the output and commit your fixes" >&2 + exit 1 + fi fi diff --git a/tests/first-test.nix b/tests/first-test.nix index 251779a1..a1da457d 100644 --- a/tests/first-test.nix +++ b/tests/first-test.nix @@ -1,8 +1,11 @@ -{ pkgs, lib, ... }: { + pkgs, + lib, + ... +}: { name = "firstTest"; - nodes.test-machine = { suites ? null, ... }: { + nodes.test-machine = {suites ? null, ...}: { imports = suites.iso; home-manager.users.pub-solar.programs.zsh.shellAliases = { @@ -13,7 +16,7 @@ # source: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/tests/sway.nix environment = { # For glinfo and wayland-info: - systemPackages = with pkgs; [ mesa-demos wayland-utils alacritty ]; + systemPackages = with pkgs; [mesa-demos wayland-utils alacritty]; # Use a fixed SWAYSOCK path (for swaymsg): variables = { "SWAYSOCK" = "/tmp/sway-ipc.sock"; @@ -26,7 +29,7 @@ }; # To help with OCR: - etc."xdg/foot/foot.ini".text = lib.generators.toINI { } { + etc."xdg/foot/foot.ini".text = lib.generators.toINI {} { main = { font = "inconsolata:size=14"; }; @@ -38,10 +41,10 @@ }; }; - fonts.fonts = [ pkgs.inconsolata ]; + fonts.fonts = [pkgs.inconsolata]; # Need to switch to a different GPU driver than the default one (-vga std) so that Sway can launch: - virtualisation.qemu.options = [ "-vga none -device virtio-gpu-pci" ]; + virtualisation.qemu.options = ["-vga none -device virtio-gpu-pci"]; virtualisation.cores = 4; virtualisation.memorySize = 2048; }; diff --git a/tests/second-test.nix b/tests/second-test.nix index d6409820..ac007d0d 100644 --- a/tests/second-test.nix +++ b/tests/second-test.nix @@ -1,8 +1,7 @@ -{ }: -{ +{}: { name = "secondTest"; - nodes.test-machine2 = { suites ? null, ... }: { + nodes.test-machine2 = {suites ? null, ...}: { imports = [ suites.iso ]; diff --git a/treefmt.toml b/treefmt.toml new file mode 100644 index 00000000..c7c1710d --- /dev/null +++ b/treefmt.toml @@ -0,0 +1,22 @@ +[formatter.nix] +command = "alejandra" +includes = ["*.nix"] + +[formatter.prettier] +command = "prettier" +options = ["--write"] +includes = [ + "*.json", + "*.yaml", + "*.md", +] + +[formatter.shell] +command = "shfmt" +options = [ + "-s", + "-w", + "-i", + "2", +] +includes = ["*.sh"] diff --git a/users/profiles/git/default.nix b/users/profiles/git/default.nix index 4c9637e5..f827f5b3 100644 --- a/users/profiles/git/default.nix +++ b/users/profiles/git/default.nix @@ -30,12 +30,9 @@ h1rd = "hard HEAD~1"; # logging - lg = - "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"; - plog = - "log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'"; - tlog = - "log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative"; + lg = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"; + plog = "log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'"; + tlog = "log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative"; rank = "shortlog -sn --no-merges"; # delete merged branches diff --git a/users/pub-solar/default.nix b/users/pub-solar/default.nix index e80b64dd..ce4b74b6 100644 --- a/users/pub-solar/default.nix +++ b/users/pub-solar/default.nix @@ -1,6 +1,5 @@ -{ hmUsers, ... }: -{ - home-manager.users = { inherit (hmUsers) pub-solar; }; +{hmUsers, ...}: { + home-manager.users = {inherit (hmUsers) pub-solar;}; pub-solar = { # These are your personal settings @@ -13,7 +12,7 @@ password = "$6$Kv0BCLU2Jg7GN8Oa$hc2vERKCbZdczFqyHPfgCaleGP.JuOWyd.bfcIsLDNmExGXI6Rnkze.SWzVzVS311KBznN/P4uUYAUADXkVtr."; fullName = "Pub Solar"; email = "iso@pub.solar"; - publicKeys = [ ]; + publicKeys = []; }; }; } diff --git a/users/root/default.nix b/users/root/default.nix index f38c7391..c9f1ef71 100644 --- a/users/root/default.nix +++ b/users/root/default.nix @@ -1,4 +1,4 @@ -{ ... }: +{...}: # recommend using `hashedPassword` { users.users.root.password = "";