teutat3s/os
2
0
Fork 0
forked from pub-solar/os
Code Pull requests Activity

Merge branch 'teutat3s-init-fae' into teutat3s

Browse source
This commit is contained in:
teutat3s 2022-02-25 13:34:48 +01:00
parent 23af3da5f3 a188dc9c6e
commit 8958a2df72
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
68 changed files with 880 additions and 471 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

79
.drone.yml
View file

@ -82,8 +82,85 @@ steps:
password: password:
from_secret: matrix_password from_secret: matrix_password
template: "Upstreaming {{ build.status }} [{{ build.branch }}#{{ truncate build.commit 8 }}]({{ build.link }}) by {{ build.author }}. [Pull requests](https://git.b12f.io/pub-solar/os/pulls)" template: "Upstreaming {{ build.status }} [{{ build.branch }}#{{ truncate build.commit 8 }}]({{ build.link }}) by {{ build.author }}. [Pull requests](https://git.b12f.io/pub-solar/os/pulls)"
trigger:
event:
- cron
---
kind: pipeline
type: docker
name: Check
steps:
- name: "Check"
image: nixpkgs/nix-flakes:nixos-21.05
when:
event:
- pull_request
- tag
commands:
- echo "" >> /etc/nix/nix.conf
- echo "system-features = nixos-test benchmark big-parallel kvm recursive-nix" >> /etc/nix/nix.conf
- echo "substituters = https://nrdxp.cachix.org https://nix-community.cachix.org https://cache.nixos.org" >> /etc/nix/nix.conf
- echo "trusted-public-keys = nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" >> /etc/nix/nix.conf
# Currently broken
#- nix -Lv flake check
- nix -Lv build ".#nixosConfigurations.PubSolarOS.config.system.build.toplevel"
- nix -Lv develop -c echo OK
- nix -Lv develop --command bud --help
---
kind: pipeline
type: docker
name: Publish ISO
steps:
- name: "Build ISO"
image: nixpkgs/nix-flakes:nixos-21.05
volumes:
- name: nix-store
path: /var/nix/iso-cache
commands:
- echo "" >> /etc/nix/nix.conf
- echo "system-features = nixos-test benchmark big-parallel kvm recursive-nix" >> /etc/nix/nix.conf
- echo "substituters = https://nrdxp.cachix.org https://nix-community.cachix.org https://cache.nixos.org" >> /etc/nix/nix.conf
- echo "trusted-public-keys = nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" >> /etc/nix/nix.conf
- nix -Lv develop --command bud build bootstrap bootstrapIso
- cp $(readlink -f result)/iso/*.iso /var/nix/iso-cache/
- name: "Publish ISO"
image: appleboy/drone-scp
volumes:
- name: nix-store
path: /var/nix/iso-cache
settings:
host:
from_secret: ssh_host
user:
from_secret: ssh_user
port:
from_secret: ssh_port
key:
from_secret: ssh_key
target: /var/www/pub.solar
source:
- /var/nix/iso-cache/*.iso
strip_components: 3
trigger:
event:
- push
branch:
- feature/basic-iso
volumes:
- name: nix-store
host:
path: "/var/nix/iso-cache"
--- ---
kind: signature kind: signature
hmac: 07d9a95e8f577483d753e9eea76229ffe0c369ecd642bfc364ae183f662d2167 hmac: 539937d723b620778939dcac3819b0f6a4c396f1c477a2783ae3fb6feab0f4d7
... ...

12
.envrc
View file

@ -1,2 +1,10 @@
watch_file shell/* flake.nix # reload when these files change
use flake || use nix watch_file flake.nix
watch_file shell.nix
{
# shell gc root dir
mkdir -p "$(direnv_layout_dir)"
eval "$(nix print-dev-env --profile $(direnv_layout_dir)/flake-profile)"
} || use nix

13
README.md
View file

@ -58,14 +58,15 @@ following giants][giants]:
- [devshell](https://github.com/numtide/devshell) - [devshell](https://github.com/numtide/devshell)
## Divnix ## Divnix
The divnix org is an open space that spontaniously formed out of "the Nix". The divnix org is an open space that spontaneously formed out of "the Nix".
It is really just a place where otherwise unrelated people a) get It is really just a place where otherwise unrelated people work
together and b) stuff done. together and get stuff done.
It's a place to stop "geeking out in isolation" (or within company boundaries), It's a place to stop "geeking out in isolation" (or within company boundaries).
experiment and learn together and iterate quickly on best practices. That's what it is. A place to experiment, learn together, and iterate quickly on best practices.
That's what it is.
It might eventually become a non-profit if that's not too complicated or if those It might eventually become a non-profit if that's not too complicated or, if those
goals are sufficiently upstreamed into "the Nix", dissolved. goals are sufficiently upstreamed into "the Nix", dissolved.
# License # License

2
doc/secrets.md
View file

@ -14,7 +14,7 @@ to easily setup those secret files declaratively.
[agenix][agenix] encrypts secrets and stores them as .age files in your repository. [agenix][agenix] encrypts secrets and stores them as .age files in your repository.
Age files are encrypted with multiple ssh public keys, so any host or user with a Age files are encrypted with multiple ssh public keys, so any host or user with a
matching ssh private key can read the data. The [age module][age module] will add those matching ssh private key can read the data. The [age module][age module] will add those
encrypted files to the nix store and decrypt them on activation to `/run/secrets`. encrypted files to the nix store and decrypt them on activation to `/run/agenix`.
### Setup ### Setup
All hosts must have openssh enabled, this is done by default in the core profile. All hosts must have openssh enabled, this is done by default in the core profile.

279
flake.lock
View file

@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1637793790, "lastModified": 1641576265,
"narHash": "sha256-oPXavjxETEWGXq8g7kQHyRLKUmLX2yPtGn+t3V0mrTY=", "narHash": "sha256-G4W39k5hdu2kS13pi/RhyTOySAo7rmrs7yMUZRH0OZI=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "f85eea0e29fa9a8924571d0e398215e175f80d55", "rev": "08b9c96878b2f9974fc8bde048273265ad632357",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -27,11 +27,11 @@
"poetry2nix": "poetry2nix" "poetry2nix": "poetry2nix"
}, },
"locked": { "locked": {
"lastModified": 1630693543, "lastModified": 1641830469,
"narHash": "sha256-7Sly3ReaJZw60Qo0rpfN4jF6zy94nwQz6ENgUUFzJfg=", "narHash": "sha256-uhDmgNP/biOWe4FtOa6c2xZnREH+NP9rdrMm0LccRUk=",
"owner": "lovesegfault", "owner": "lovesegfault",
"repo": "beautysh", "repo": "beautysh",
"rev": "5609593961b70428f58d5c1b4b25cdda43b0d0bd", "rev": "e85d9736927c0fcf2abb05cb3a2d8d9b4502a2eb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -67,11 +67,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1640836100, "lastModified": 1642035816,
"narHash": "sha256-My9Lay6BCDwAZgrL4SuVXHkYPHIU7ypnuiS/pd7eg1M=", "narHash": "sha256-1Lq5c1AeUv/1SK08+O704JVfDdD/zodHzA0cv0TIga8=",
"owner": "divnix", "owner": "divnix",
"repo": "bud", "repo": "bud",
"rev": "b1d8ab3970f4dfb5fb90d7d8a9ab493c75d031fc", "rev": "a789d710851441ba7e7cd59be378623b1fe05688",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -87,11 +87,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1634994402, "lastModified": 1642495030,
"narHash": "sha256-xmlCVVOYGpZoxgOqsDOVF0B0ASrnbNGVAEzID9qh2xo=", "narHash": "sha256-u1ZlFbLWzkM6zOfuZ1tr0tzTuDWucOYwALPWDWLorkE=",
"owner": "LnL7", "owner": "LnL7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "44da835ac40dab5fd231298b59d83487382d2fab", "rev": "bcdb6022b3a300abf59cb5d0106c158940f5120e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -102,7 +102,6 @@
}, },
"deploy": { "deploy": {
"inputs": { "inputs": {
"fenix": "fenix",
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"nixpkgs": [ "nixpkgs": [
"nixos" "nixos"
@ -110,15 +109,15 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1637357482, "lastModified": 1643787431,
"narHash": "sha256-mMRxOlcQs3V9cZYsKGKWEjl+oqclhaH1SKT3QGeTQ0Q=", "narHash": "sha256-8IwuVgXulRE3ZWq6z8mytarawC32pKPKR20EyDtSH+w=",
"owner": "input-output-hk", "owner": "serokell",
"repo": "deploy-rs", "repo": "deploy-rs",
"rev": "5a6db26726ec8c7904aea5bcdf13589342386f9d", "rev": "4154ba1aaaf7333a916384c348d867d03b6f1409",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "input-output-hk", "owner": "serokell",
"repo": "deploy-rs", "repo": "deploy-rs",
"type": "github" "type": "github"
} }
@ -172,25 +171,6 @@
"type": "github" "type": "github"
} }
}, },
"fenix": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1637303083,
"narHash": "sha256-e2A5JBjxYNpjoGd53K0oVUUaS9ojwOT5rnThyPNS46M=",
"owner": "nix-community",
"repo": "fenix",
"rev": "8294ceadbbbe1a886640bfcc15f5a02a2b471955",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -225,11 +205,11 @@
}, },
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1623875721, "lastModified": 1631561581,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -288,11 +268,26 @@
}, },
"flake-utils_4": { "flake-utils_4": {
"locked": { "locked": {
"lastModified": 1631561581, "lastModified": 1638122382,
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", "rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_5": {
"locked": {
"lastModified": 1638122382,
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -323,22 +318,6 @@
} }
}, },
"latest": { "latest": {
"locked": {
"lastModified": 1638198142,
"narHash": "sha256-plU9b8r4St6q4U7VHtG9V7oF8k9fIpfXl/KDaZLuY9k=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "8a308775674e178495767df90c419425474582a1",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"latest_2": {
"locked": { "locked": {
"lastModified": 1643347846, "lastModified": 1643347846,
"narHash": "sha256-O0tyXF//ppRpe9yT1Uu5n34yI2MWDyY6ZiJ4Qn5zIkE=", "narHash": "sha256-O0tyXF//ppRpe9yT1Uu5n34yI2MWDyY6ZiJ4Qn5zIkE=",
@ -354,6 +333,38 @@
"type": "github" "type": "github"
} }
}, },
"latest_2": {
"locked": {
"lastModified": 1645433236,
"narHash": "sha256-4va4MvJ076XyPp5h8sm5eMQvCrJ6yZAbBmyw95dGyw4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7f9b6e2babf232412682c09e57ed666d8f84ac2d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"master": {
"locked": {
"lastModified": 1645740083,
"narHash": "sha256-re4GMWyI5zN6+daJv5ejFi22Bm77jf82iEZA6HHWRAc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cb7aad71e54deaaea8cb02c7303f3e081c10a7f8",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"naersk": { "naersk": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -361,11 +372,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1638203339, "lastModified": 1639947939,
"narHash": "sha256-Sz3iCvbWrVWOD/XfYQeRJgP/7MVYL3/VKsNXvDeWBFc=", "narHash": "sha256-pGsM8haJadVP80GFq4xhnSpNitYNQpaXk4cnA796Cso=",
"owner": "nmattia", "owner": "nmattia",
"repo": "naersk", "repo": "naersk",
"rev": "c3e56b8a4ffb6d906cdfcfee034581f9a8ece571", "rev": "2fc8ce9d3c025d59fee349c1f80be9785049d653",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -374,6 +385,27 @@
"type": "github" "type": "github"
} }
}, },
"nix-dram": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": [
"latest"
]
},
"locked": {
"lastModified": 1644066500,
"narHash": "sha256-15PCSlsvYQOwJ+Jvp9evrBiun4pquPAh5VZAUO5whcw=",
"owner": "dramforever",
"repo": "nix-dram",
"rev": "579d5a3db2cb4726653a0916e0f210dbb84cb0a5",
"type": "github"
},
"original": {
"owner": "dramforever",
"repo": "nix-dram",
"type": "github"
}
},
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1641688481, "lastModified": 1641688481,
@ -389,32 +421,13 @@
"type": "github" "type": "github"
} }
}, },
"nix-dram": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1628492639,
"narHash": "sha256-ffF/oEhLs/stAsXXobruKHyH9jnMC2rt/SM3ASrs2U8=",
"owner": "dramforever",
"repo": "nix-dram",
"rev": "fba426108ea6bdeb1e362bac9da06cbd33726f41",
"type": "github"
},
"original": {
"owner": "dramforever",
"repo": "nix-dram",
"type": "github"
}
},
"nixos": { "nixos": {
"locked": { "locked": {
"lastModified": 1643463207, "lastModified": 1645488570,
"narHash": "sha256-W0azAxucUq84BvWqDPt3gX8kyc8wYvGUynZV9COfByQ=", "narHash": "sha256-29Fvczhd20K3ol0wbQrFlsUiYUDoGnpOR2XJTdrRnZA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "03098169624f487eef37186b3214c40e6b6e919d", "rev": "491ad20776074706da6befe0cb8334f2df23fc00",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -427,10 +440,7 @@
"nixos-generators": { "nixos-generators": {
"inputs": { "inputs": {
"nixlib": "nixlib", "nixlib": "nixlib",
"nixpkgs": [ "nixpkgs": "nixpkgs_4"
"digga",
"blank"
]
}, },
"locked": { "locked": {
"lastModified": 1637655461, "lastModified": 1637655461,
@ -448,11 +458,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1638182287, "lastModified": 1641965797,
"narHash": "sha256-vBzf+hbTJz2ZdXV/DWirl6wOO7tjdqzTIU+0FANt65U=", "narHash": "sha256-AfxfIzAZbt9aAzpVBn0Bwhd/M4Wix7G91kEjm9H6FPo=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "6b3f79de09c3de7c91ab51e55e87879f61b6faec", "rev": "87a35a0d58f546dc23f37b4f6af575d0e4be6a7a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -463,11 +473,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1643428210, "lastModified": 1633971123,
"narHash": "sha256-ympCeHuXeGitpnegE0raAtWLNg3vZbjj5QbbMvvBGCQ=", "narHash": "sha256-WmI4NbH1IPGFWVkuBkKoYgOnxgwSfWDgdZplJlQ93vA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e1b353e890801a759efe9a4c42f6984e47721f0d", "rev": "e4ef597edfd8a0ba5f12362932fc9b1dd01a0aef",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -479,11 +489,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1643513770, "lastModified": 1643634174,
"narHash": "sha256-Q64SabfQLuhHQfhpIHS/fLCEO2NUFnI+EKsB5GnfWh8=", "narHash": "sha256-LpfTneNuLmXuTyR4hPXtr92g1YAZymJUQxdHjTCi79w=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "66ab3568d67b90275c0720aae8b911bad82c24fe", "rev": "589235201f2e0717bee4915bffff5330fa00ff41",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -494,28 +504,43 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1636976544, "lastModified": 1644972330,
"narHash": "sha256-9ZmdyoRz4Qu8bP5BKR1T10YbzcB9nvCeQjOEw2cRKR0=", "narHash": "sha256-6V2JFpTUzB9G+KcqtUR1yl7f6rd9495YrFECslEmbGw=",
"owner": "nixos", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "931ab058daa7e4cd539533963f95e2bb0dbd41e6", "rev": "19574af0af3ffaf7c9e359744ed32556f34536bd",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "NixOS",
"ref": "nixos-unstable", "ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1643381941,
"narHash": "sha256-pHTwvnN4tTsEKkWlXQ8JMY423epos8wUOhthpwJjtpc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5efc8ca954272c4376ac929f4c5ffefcc20551d5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1638231901, "lastModified": 1626378135,
"narHash": "sha256-XzuvFTmsXULdWynQWzgaPHikepNhjEpK4o5WXfmRqek=", "narHash": "sha256-koC6DBYmLCrgXA+AMHVaODf1uHYPmvcFygHfy3eg6vI=",
"owner": "nix-community", "path": "/nix/store/6mfkswqi67m35qwv0vh7kpk8rypbl2rq-source",
"repo": "NUR", "rev": "00c2ec8f0bbdf0cfb2135bde55fbae5d6b64aa6d",
"rev": "4e68fb3d8f48e91196deb13f44bcfb421da25afb", "type": "path"
"type": "github"
}, },
"original": { "original": {
"id": "nur", "id": "nur",
@ -525,17 +550,17 @@
"nvfetcher": { "nvfetcher": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_5",
"nixpkgs": [ "nixpkgs": [
"nixos" "nixos"
] ]
}, },
"locked": { "locked": {
"lastModified": 1634524567, "lastModified": 1643518077,
"narHash": "sha256-v9ZTZj1WNQaaVfs1P1mUPuh518mmwpqszj1EjdeGUmc=", "narHash": "sha256-FHhKjrPxvCv1aywLeqJi3kARDql7cwaj2jcpWp42Xhw=",
"owner": "berberman", "owner": "berberman",
"repo": "nvfetcher", "repo": "nvfetcher",
"rev": "807513f4bbd0e3b5863f4c3b91f8ac846ed6da9b", "rev": "1b4adc9dac4c5f2c3ce14fdaf2702f9ce6bec491",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -550,11 +575,11 @@
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1625240517, "lastModified": 1633382856,
"narHash": "sha256-2E1gaOP+bCplhf3kliVQWK5N1NV2h06mkJk2KTiRTJQ=", "narHash": "sha256-hYlet806M9xJj4yxf0g5fhDT2IEUVIMAl7sqIeZ8DUM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "poetry2nix", "repo": "poetry2nix",
"rev": "e40e8ed0e8c11e709e4c8c7c20174facd265a021", "rev": "705cbfa10e3d9bfed2e59e0256844ae3704dbd7e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -572,35 +597,15 @@
"digga": "digga", "digga": "digga",
"home": "home", "home": "home",
"latest": "latest_2", "latest": "latest_2",
"master": "master",
"naersk": "naersk", "naersk": "naersk",
"nix-dram": "nix-dram", "nix-dram": "nix-dram",
"nixlib": [
"digga",
"nixlib"
],
"nixos": "nixos", "nixos": "nixos",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nur": "nur", "nur": "nur",
"nvfetcher": "nvfetcher" "nvfetcher": "nvfetcher"
} }
}, },
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1637268320,
"narHash": "sha256-lxB1r+7cmZisiGLx0tZ2LaC6X/EcQTbRIWZfnLIIgs4=",
"owner": "rust-analyzer",
"repo": "rust-analyzer",
"rev": "f0da9406bcbde1bc727242b481d8de825e84f59a",
"type": "github"
},
"original": {
"owner": "rust-analyzer",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"utils": { "utils": {
"locked": { "locked": {
"lastModified": 1637014545, "lastModified": 1637014545,

36
flake.nix
View file

@ -9,6 +9,7 @@
{ {
nixos.url = "github:nixos/nixpkgs/release-21.11"; nixos.url = "github:nixos/nixpkgs/release-21.11";
latest.url = "github:nixos/nixpkgs/nixos-unstable"; latest.url = "github:nixos/nixpkgs/nixos-unstable";
master.url = "github:nixos/nixpkgs/master";
digga.url = "github:divnix/digga"; digga.url = "github:divnix/digga";
digga.inputs.nixpkgs.follows = "nixos"; digga.inputs.nixpkgs.follows = "nixos";
@ -26,7 +27,7 @@
darwin.url = "github:LnL7/nix-darwin"; darwin.url = "github:LnL7/nix-darwin";
darwin.inputs.nixpkgs.follows = "nixos"; darwin.inputs.nixpkgs.follows = "nixos";
deploy.url = "github:input-output-hk/deploy-rs"; deploy.url = "github:serokell/deploy-rs";
deploy.inputs.nixpkgs.follows = "nixos"; deploy.inputs.nixpkgs.follows = "nixos";
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
@ -42,6 +43,7 @@
# PubSolarOS additions # PubSolarOS additions
nix-dram.url = "github:dramforever/nix-dram"; nix-dram.url = "github:dramforever/nix-dram";
nix-dram.inputs.nixpkgs.follows = "latest";
}; };
outputs = outputs =
@ -64,6 +66,8 @@
channelsConfig = { allowUnfree = true; }; channelsConfig = { allowUnfree = true; };
supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
channels = { channels = {
nixos = { nixos = {
imports = [ (digga.lib.importOverlays ./overlays) ]; imports = [ (digga.lib.importOverlays ./overlays) ];
@ -71,11 +75,11 @@
nur.overlay nur.overlay
agenix.overlay agenix.overlay
nvfetcher.overlay nvfetcher.overlay
nix-dram.overlay
./pkgs/default.nix ./pkgs/default.nix
]; ];
}; };
latest = { }; latest = { };
master = { };
}; };
lib = import ./lib { lib = digga.lib // nixos.lib; }; lib = import ./lib { lib = digga.lib // nixos.lib; };
@ -107,18 +111,21 @@
imports = [ (digga.lib.importHosts ./hosts) ]; imports = [ (digga.lib.importHosts ./hosts) ];
hosts = { hosts = {
/* set host specific properties here */ /* set host specific properties here */
NixOS = { }; PubSolarOS = { };
fae = {
system = "aarch64-linux";
};
}; };
importables = rec { importables = rec {
profiles = digga.lib.rakeLeaves ./profiles // { profiles = digga.lib.rakeLeaves ./profiles // {
users = digga.lib.rakeLeaves ./users; users = digga.lib.rakeLeaves ./users;
}; };
suites = with profiles; rec { suites = with profiles; rec {
base = [ core users.nixos users.root ]; base = [ core users.pub-solar users.root ];
pubsolaros = [ core base-user users.root ]; iso = base ++ [ base-user graphical pub-solar-iso ];
anonymous = [ pubsolaros users.nixos ]; pubsolaros = [ core full-install base-user users.root ];
anonymous = [ pubsolaros users.pub-solar ];
teutat3s = pubsolaros ++ [ users.teutat3s ]; teutat3s = pubsolaros ++ [ users.teutat3s ];
con = teutat3s ++ [ graphical ];
dumpyourvms = teutat3s ++ [ graphical ]; dumpyourvms = teutat3s ++ [ graphical ];
ryzensun = teutat3s ++ [ graphical ]; ryzensun = teutat3s ++ [ graphical ];
}; };
@ -135,7 +142,7 @@
}; };
}; };
users = { users = {
nixos = { suites, ... }: { imports = suites.base; }; pub-solar = { suites, ... }: { imports = suites.base; };
teutat3s = { suites, ... }: { imports = suites.base; }; teutat3s = { suites, ... }: { imports = suites.base; };
}; # digga.lib.importers.rakeLeaves ./users/hm; }; # digga.lib.importers.rakeLeaves ./users/hm;
}; };
@ -144,7 +151,18 @@
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { }; deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {
fae = {
hostname = "fae.fritz.box:22";
sshUser = "pub-solar";
fastConnect = true;
profilesOrder = [ "system" "direnv" ];
profiles.direnv = {
user = "pub-solar";
path = deploy.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.pub-solar;
};
};
};
defaultTemplate = self.templates.bud; defaultTemplate = self.templates.bud;
templates.bud.path = ./.; templates.bud.path = ./.;

5
hosts/PubSolarOS.nix
View file

@ -1,7 +1,10 @@
{ suites, ... }: { suites, ... }:
{ {
### root password is empty by default ### ### root password is empty by default ###
imports = suites.base; ### default password: pub-solar, optional: add your SSH keys
imports =
suites.iso
;
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;

5
hosts/bootstrap.nix
View file

@ -8,7 +8,10 @@
# profiles.networking # profiles.networking
profiles.core profiles.core
profiles.users.root # make sure to configure ssh keys profiles.users.root # make sure to configure ssh keys
profiles.users.nixos profiles.users.pub-solar
profiles.base-user
profiles.graphical
profiles.pub-solar-iso
]; ];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;

14
hosts/con/.config/sway/config.d/applications.conf
View file

@ -1,14 +0,0 @@
assign [app_id="firefox"] $ws2
# seahorse
for_window [title="seahorse"] floating enabled
# NetworkManager
for_window [title="Network Connections"] floating enabled
# thunderbird
for_window [title="New Task:*"] floating enabled
for_window [title="Edit Task:*"] floating enabled
for_window [title="New Event:*"] floating enabled
for_window [title="Edit Event:*"] floating enabled

6
hosts/con/.config/sway/config.d/autostart.conf
View file

@ -1,6 +0,0 @@
# Autostart applications
#
# Example:
# exec swayidle
#exec qMasterPassword

5
hosts/con/.config/sway/config.d/custom-keybindings.conf
View file

@ -1,5 +0,0 @@
# switch keyboard input language
bindsym $mod+tab exec swaymsg input "1:1:AT_Translated_Set_2_keyboard" xkb_switch_layout next
bindsym $mod+Shift+F2 exec chromium --enable-features=UseOzonePlatform --ozone-platform=wayland

35
hosts/con/.config/sway/config.d/input-defaults.conf
View file

@ -1,35 +0,0 @@
### Input configuration
#
# You can get the names of your inputs by running: swaymsg -t get_inputs
# Read `man 5 sway-input` for more information about this section.
input "type:keyboard" {
xkb_layout us,de
xkb_model pc105
xkb_options altwin:swap_alt_win
}
input "type:touchpad" {
tap enabled
natural_scroll enabled
}
# Touchpad controls
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
# Screen brightness controls
bindsym XF86MonBrightnessUp exec "brightnessctl -d intel_backlight set +10%; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ {print $4}')"
bindsym XF86MonBrightnessDown exec "brightnessctl -d intel_backlight set 10%-; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ { print $4}')"
# Keyboard backlight brightness controls
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
# Pulse Audio controls
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
# Media player controls
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"

41
hosts/con/.config/sway/config.d/screens.conf
View file

@ -1,41 +0,0 @@
### Output configuration
#
# Example configuration:
#
# output HDMI-A-1 resolution 1920x1080 position 1920,0
#
# You can get the names of your outputs by running: swaymsg -t get_outputs
set $main_screen eDP-1
set $displayport DP-1
set $hmdi HDMI-A-1
output $main_screen
output $displayport scale 2
output $hdmi scale 1
output $main_screen pos 0 1080
output $displayport pos 0 0
output $hdmi pos 1920 0
#bindswitch lid:on output $main_screen disable
#bindswitch lid:off output $main_screen enable
bindsym $mod+Shift+x output $main_screen toggle
# TODO when using more monitors
## Manual management of external displays
# Set the shortcuts and what they do
#set $mode_display HDMI (i) top, (j) left, (k) bottom, (l) right, (o) off
#mode "$mode_display" {
# bindsym i output HDMI-A-1 enable; output HDMI-A-1 pos 0 0 bg ~/Pictures/wallpapers/active.png fill; output eDP-1 pos 0 1080, mode "default"
# bindsym j output HDMI-A-1 enable; output HDMI-A-1 pos 0 0 bg ~/Pictures/wallpapers/active.png fill; output eDP-1 pos 1920 0, mode "default"
# bindsym k output HDMI-A-1 enable; output HDMI-A-1 pos 0 900 bg ~/Pictures/wallpapers/active.png fill; output eDP-1 pos 0 0, mode "default"
# bindsym l output HDMI-A-1 enable; output HDMI-A-1 pos 1440 0 bg ~/Pictures/wallpapers/active.png fill; output eDP-1 pos 0 0, mode "default"
# bindsym o output HDMI-A-1 disable, mode "default"
#
# # back to normal: Enter or Escape
# bindsym Return mode "default"
# bindsym Escape mode "default"
#}
## Declare here the shortcut to bring the display selection menu
#bindsym $mod+x mode "$mode_display"

40
hosts/con/con.nix
View file

@ -1,40 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in
{
imports = [
./hardware-configuration.nix
];
config = {
pub-solar.x-os.keyfile = "/etc/nixos/hosts/con/secrets/keyfile.bin";
pub-solar.nextcloud.enable = mkForce false;
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
home.sessionVariables = {
DOCKER_BUILDKIT = "1";
};
# Custom device sway configs
xdg.configFile = mkIf psCfg.sway.enable {
"sway/config.d/10-applications.conf".source = ./.config/sway/config.d/applications.conf;
"sway/config.d/autostart.conf".source = ./.config/sway/config.d/autostart.conf;
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
"sway/config.d/input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
"sway/config.d/screens.conf".source = ./.config/sway/config.d/screens.conf;
};
};
networking.hosts = {
"127.0.0.1" = [
"virtrex.test"
"api.virtrex.test"
"expo.test"
"proxy.test"
"dachfensterkonfigurator.test"
"handwerker.velux.test"
];
};
};
}

6
hosts/con/default.nix
View file

@ -1,6 +0,0 @@
{ suites, ... }:
{
imports = [
./con.nix
] ++ suites.con;
}

34
hosts/con/hardware-configuration.nix
View file

@ -1,34 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/382ae29a-ed0d-4e18-99db-6efb6afaae64";
fsType = "ext4";
};
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/fb2f9ace-ce72-4b0d-b8b5-a8792d374f3c";
fileSystems."/boot/efi" =
{
device = "/dev/disk/by-uuid/6BD6-50D2";
fsType = "vfat";
};
swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}

2
hosts/dumpyourvms/.config/sway/config.d/applications.conf
View file

@ -4,7 +4,7 @@ assign [app_id="firefox"] $ws2
for_window [title="seahorse"] floating enabled for_window [title="seahorse"] floating enabled
# NetworkManager # NetworkManager
for_window [title="Network Connections"] floating enabled for_window [app_id="nm-connection-editor"] floating enabled
# thunderbird # thunderbird
for_window [title="New Task:*"] floating enabled for_window [title="New Task:*"] floating enabled

12
hosts/dumpyourvms/dumpyourvms.nix
View file

@ -17,12 +17,17 @@ in
}; };
pub-solar.virtualisation.enable = true; pub-solar.virtualisation.enable = true;
pub-solar.audio.mopidy.enable = lib.mkForce false;
# fix backlight for keyboard and brightness, adjust function key binding # fix backlight for keyboard and brightness, adjust function key binding,
# intel_pstate for cpu schedutil, resume offset for swapfile, disable amdgpu driver
boot.kernelParams = [ "acpi_backlight=video" "hid_apple.fnmode=2" "intel_pstate=passive" "resume_offset=47366144" ]; boot.kernelParams = [ "acpi_backlight=video" "hid_apple.fnmode=2" "intel_pstate=passive" "resume_offset=47366144" ];
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.resumeDevice = "/dev/mapper/cryptroot"; boot.resumeDevice = "/dev/mapper/cryptroot";
boot.kernelPackages = pkgs.linuxPackages_5_15;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
systemd.sleep.extraConfig = '' systemd.sleep.extraConfig = ''
HibernateMode=shutdown HibernateMode=shutdown
''; '';
@ -43,8 +48,8 @@ in
# https://ubuntuforums.org/showthread.php?t=2409856 # https://ubuntuforums.org/showthread.php?t=2409856
services.cron.systemCronJobs = [ services.cron.systemCronJobs = [
"@reboot root ${pkgs.util-linux}/bin/rfkill block bluetooth" "@reboot root ${pkgs.util-linux}/bin/rfkill block bluetooth"
"@reboot root ${pkgs.coreutils}/bin/echo OFF > /sys/kernel/debug/vgaswitcheroo/switch" "@reboot root ${pkgs.coreutils}/bin/sleep 10; ${pkgs.coreutils}/bin/echo OFF > /sys/kernel/debug/vgaswitcheroo/switch"
"@reboot root ${pkgs.coreutils}/bin/echo 510 > /sys/class/backlight/gmux_backlight/brightness" "@reboot root ${pkgs.coreutils}/bin/sleep 11; ${pkgs.coreutils}/bin/echo 510 > /sys/class/backlight/gmux_backlight/brightness"
]; ];
# Increase console font size for HiDPI display # Increase console font size for HiDPI display
@ -116,7 +121,6 @@ in
hardware.firmware = with pkgs; [ wireless-regdb ]; hardware.firmware = with pkgs; [ wireless-regdb ];
boot.extraModprobeConfig = '' boot.extraModprobeConfig = ''
options cfg80211 ieee80211_regdom="DE" options cfg80211 ieee80211_regdom="DE"
blacklist amdgpu
''; '';
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default

4
hosts/dumpyourvms/networking.nix
View file

@ -1,8 +1,8 @@
{ {
hosts = { hosts = {
"10.0.0.42" = [ "nomad.service.consul" ]; "10.0.0.42" = [ "nomad.service.consul" ];
"10.0.0.48" = [ "consul.service.consul" ]; "10.0.0.66" = [ "consul.service.consul" ];
"10.0.0.49" = [ "vault.service.consul" ]; "10.0.0.67" = [ "vault.service.consul" ];
"10.0.0.200" = [ "headnode.cgn-1" ]; "10.0.0.200" = [ "headnode.cgn-1" ];
"10.0.0.201" = [ "cn01.cgn-1" ]; "10.0.0.201" = [ "cn01.cgn-1" ];
"10.0.0.202" = [ "cn02.cgn-1" ]; "10.0.0.202" = [ "cn02.cgn-1" ];

2
hosts/dumpyourvms/unbound.nix
View file

@ -30,13 +30,11 @@
forward-addr = [ forward-addr = [
"5.1.66.255@853#dot.ffmuc.net" "5.1.66.255@853#dot.ffmuc.net"
"185.150.99.255@853#dot.ffmuc.net" "185.150.99.255@853#dot.ffmuc.net"
"145.100.185.18@853#dnsovertls3.sinodun.com"
"89.233.43.71@853#unicast.censurfridns.dk" "89.233.43.71@853#unicast.censurfridns.dk"
"94.130.110.185@853#ns1.dnsprivacy.at" "94.130.110.185@853#ns1.dnsprivacy.at"
"2001:678:e68:f000::@853#dot.ffmuc.net" "2001:678:e68:f000::@853#dot.ffmuc.net"
"2001:678:ed0:f000::@853#dot.ffmuc.net" "2001:678:ed0:f000::@853#dot.ffmuc.net"
"2001:610:1:40ba:145:100:185:18@853#dnsovertls3.sinodun.com"
"2a01:3a0:53:53::0@853#unicast.censurfridns.dk" "2a01:3a0:53:53::0@853#unicast.censurfridns.dk"
"2a01:4f8:c0c:3c03::2@853#ns1.dnsprivacy.at" "2a01:4f8:c0c:3c03::2@853#ns1.dnsprivacy.at"
"2a01:4f8:c0c:3bfc::2@853#ns2.dnsprivacy.at" "2a01:4f8:c0c:3bfc::2@853#ns2.dnsprivacy.at"

85
hosts/fae.nix Normal file
View file

@ -0,0 +1,85 @@
{ config, lib, pkgs, profiles, ... }:
{
imports = [
# profiles.networking
#profiles.core
"${fetchTarball {
url = "https://github.com/NixOS/nixos-hardware/archive/8f1bf828d8606fe38a02df312cf14546ae200a72.tar.gz";
sha256 = "11milap153g3f63fcrcv4777vd64f7wlfkk9p3kpxi6dqd2sxvh4";
}
}/raspberry-pi/4"
profiles.users.root # make sure to configure ssh keys
profiles.users.pub-solar
profiles.base-user
profiles.pub-solar-iso
];
config = {
pub-solar.x-os.iso-options.enable = true;
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = [ "noatime" ];
};
};
environment.systemPackages = with pkgs; [
(kodi-gbm.withPackages (p: with p; [ jellyfin netflix youtube ]))
];
services.openssh.enable = true;
networking.firewall = {
allowedTCPPorts = [ 8080 ];
allowedUDPPorts = [ 8080 ];
};
security.sudo.extraConfig = lib.mkAfter ''
%wheel ALL=(ALL) NOPASSWD:ALL
'';
nix = {
autoOptimiseStore = true;
gc.automatic = true;
optimise.automatic = true;
useSandbox = true;
allowedUsers = [ "@wheel" ];
trustedUsers = [ "root" "@wheel" ];
extraOptions = ''
min-free = 536870912
keep-outputs = true
keep-derivations = true
fallback = true
'';
};
# Enable GPU acceleration
hardware.raspberry-pi."4".fkms-3d.enable = true;
# Define a user account for kodi
users.extraUsers.kodi.isNormalUser = true;
services.xserver = {
enable = true;
desktopManager.kodi.enable = true;
desktopManager.kodi.package = pkgs.kodi-gbm;
displayManager = {
autoLogin.enable = true;
autoLogin.user = "kodi";
};
};
hardware.pulseaudio.enable = true;
# custom raspi boot loader is already present
boot.loader.systemd-boot.enable = lib.mkForce false;
};
}

2
lib/compat/nixos/default.nix
View file

@ -2,7 +2,7 @@
let let
inherit (default.inputs.nixos) lib; inherit (default.inputs.nixos) lib;
host = configs.${hostname} or configs.NixOS; host = configs.${hostname} or configs.PubSolarOS;
configs = default.nixosConfigurations; configs = default.nixosConfigurations;
default = (import ../.).defaultNix; default = (import ../.).defaultNix;
hostname = lib.fileContents /etc/hostname; hostname = lib.fileContents /etc/hostname;

10
modules/audio/default.nix
View file

@ -8,6 +8,8 @@ in
{ {
options.pub-solar.audio = { options.pub-solar.audio = {
enable = mkEnableOption "Life in highs and lows"; enable = mkEnableOption "Life in highs and lows";
mopidy.enable = mkEnableOption "Life with mopidy";
bluetooth.enable = mkEnableOption "Life with bluetooth";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -43,7 +45,7 @@ in
config.pipewire-pulse = builtins.fromJSON (builtins.readFile ./pipewire-pulse.conf.json); config.pipewire-pulse = builtins.fromJSON (builtins.readFile ./pipewire-pulse.conf.json);
# Bluetooth configuration for pipewire # Bluetooth configuration for pipewire
media-session.config.bluez-monitor.rules = [ media-session.config.bluez-monitor.rules = mkIf cfg.bluetooth.enable [
{ {
# Matches all cards # Matches all cards
matches = [{ "device.name" = "~bluez_card.*"; }]; matches = [{ "device.name" = "~bluez_card.*"; }];
@ -70,10 +72,10 @@ in
}; };
# Enable bluetooth # Enable bluetooth
hardware.bluetooth.enable = true; hardware.bluetooth.enable = mkIf cfg.bluetooth.enable true;
services.blueman.enable = true; services.blueman.enable = mkIf cfg.bluetooth.enable true;
# Enable audio server & client # Enable audio server & client
services.mopidy = import ./mopidy.nix pkgs; services.mopidy = mkIf cfg.mopidy.enable ((import ./mopidy.nix) pkgs);
}; };
} }

3
modules/devops/default.nix
View file

@ -15,7 +15,8 @@ in
drone-cli drone-cli
nmap nmap
pgcli pgcli
python38Packages.ansible ansible
ansible-lint
restic restic
shellcheck shellcheck
terraform_0_15 terraform_0_15

17
modules/graphical/alacritty.nix
View file

@ -106,6 +106,23 @@
cursor = "0xe3e1e4"; cursor = "0xe3e1e4";
}; };
# Colors used for the search bar and match highlighting.
search = {
# Allowed values are CellForeground/CellBackground, which reference the
# affected cell, or hexadecimal colors like #ff00ff.
matches = {
foreground = "0xe5c463";
background = "0x1a181a";
};
focused_match = {
foreground = "0xe5c463";
background = "0xe3e1e4";
};
#bar =
# background = "#c5c8c6";
# foreground = "#1d1f21";
};
# Normal colors # Normal colors
normal = { normal = {
black = "0x1a181a"; black = "0x1a181a";

1
modules/graphical/default.nix
View file

@ -92,6 +92,7 @@ in
gnome3.adwaita-icon-theme gnome3.adwaita-icon-theme
gnome.eog gnome.eog
gnome3.nautilus gnome3.nautilus
gnome.yelp
wine wine

19
modules/server/default.nix
View file

@ -1,19 +0,0 @@
{ lib, config, pkgs, ... }:
with lib;
let
psCfg = config.pub-solar;
cfg = config.pub-solar.server;
in
{
options.pub-solar.server = {
enable = mkEnableOption "Enable server options like sshd";
};
config = mkIf cfg.enable {
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
};
}

3
modules/social/default.nix
View file

@ -12,10 +12,9 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
home.packages = [ home.packages = [
#mySignalDesktop
signal-desktop signal-desktop
tdesktop tdesktop
element-desktop-wayland element-desktop
irssi irssi
]; ];
}; };

2
modules/sway/config/config.d/custom-keybindings.conf
View file

@ -18,7 +18,7 @@ bindsym $mod+F2 exec firefox
bindsym $mod+F3 exec $term -e vifm bindsym $mod+F3 exec $term -e vifm
bindsym $mod+Shift+F3 exec gksu $term -e vifm bindsym $mod+Shift+F3 exec gksu $term -e vifm
bindsym $mod+F4 exec nautilus -w bindsym $mod+F4 exec nautilus -w
bindsym $mod+Shift+F4 exec signal-desktop --enable-features=UseOzonePlatform --ozone-platform=wayland bindsym $mod+Shift+F4 exec signal-desktop
bindsym $mod+F5 exec $term -e 'mocp -C $XDG_CONFIG_DIR/mocp/config' bindsym $mod+F5 exec $term -e 'mocp -C $XDG_CONFIG_DIR/mocp/config'
bindsym $mod+Shift+m exec mu bindsym $mod+Shift+m exec mu
bindsym $mod+Shift+h exec xdg-open /usr/share/doc/manjaro/i3_help.pdf bindsym $mod+Shift+h exec xdg-open /usr/share/doc/manjaro/i3_help.pdf

12
modules/sway/default.nix
View file

@ -32,7 +32,17 @@ in
xdg.portal = { xdg.portal = {
enable = true; enable = true;
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ]; wlr = {
enable = true;
settings = {
screencast = {
max_fps = 30;
chooser_type = "simple";
chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or";
};
};
};
extraPortals = with pkgs; [ xdg-desktop-portal-gtk ];
gtkUsePortal = true; gtkUsePortal = true;
}; };

4
modules/terminal-life/default.nix
View file

@ -18,7 +18,6 @@ in
environment.shells = with pkgs; [ environment.shells = with pkgs; [
zsh zsh
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
screen screen
]; ];
@ -27,13 +26,16 @@ in
home.packages = [ home.packages = [
ack ack
ag ag
asciinema
bat bat
exa exa
fd fd
gh gh
glow glow
mdbook-multilang
nnn nnn
powerline powerline
python-wiki-fetch
vifm vifm
watson watson
]; ];

5
modules/terminal-life/nvim/default.nix
View file

@ -74,9 +74,7 @@ in
nodePackages.typescript-language-server nodePackages.typescript-language-server
nodePackages.vim-language-server nodePackages.vim-language-server
nodePackages.vue-language-server nodePackages.vue-language-server
nodePackages.vscode-css-languageserver-bin nodePackages.vscode-langservers-extracted
nodePackages.vscode-html-languageserver-bin
nodePackages.vscode-json-languageserver-bin
nodePackages.yaml-language-server nodePackages.yaml-language-server
python39Packages.python-lsp-server python39Packages.python-lsp-server
python3Full python3Full
@ -131,6 +129,7 @@ in
vim-go vim-go
vim-javascript vim-javascript
vim-json vim-json
SchemaStore-nvim
vim-markdown vim-markdown
vim-nix vim-nix
vim-ruby vim-ruby

36
modules/terminal-life/nvim/lsp.vim
View file

@ -33,24 +33,26 @@ lua <<EOF
buf_set_keymap('n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts) buf_set_keymap('n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
buf_set_keymap('n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts) buf_set_keymap('n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
buf_set_keymap('n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts) buf_set_keymap('n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
buf_set_keymap('n', '<space>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts) buf_set_keymap('n', '<leader>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
buf_set_keymap('n', '<space>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts) buf_set_keymap('n', '<leader>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
buf_set_keymap('n', '<space>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts) buf_set_keymap('n', '<leader>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
buf_set_keymap('n', '<space>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts) buf_set_keymap('n', '<leader>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
buf_set_keymap('n', '<space>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts) buf_set_keymap('n', '<leader>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
buf_set_keymap('n', '<space>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts) buf_set_keymap('n', '<leader>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
buf_set_keymap('n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts) buf_set_keymap('n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
buf_set_keymap('n', '<space>e', '<cmd>lua vim.lsp.diagnostic.show_line_diagnostics()<CR>', opts) buf_set_keymap('n', '<leader>e', '<cmd>lua vim.lsp.diagnostic.show_line_diagnostics()<CR>', opts)
buf_set_keymap('n', '[d', '<cmd>lua vim.lsp.diagnostic.goto_prev()<CR>', opts) buf_set_keymap('n', '<leader>dp', '<cmd>lua vim.lsp.diagnostic.goto_prev()<CR>', opts)
buf_set_keymap('n', ']d', '<cmd>lua vim.lsp.diagnostic.goto_next()<CR>', opts) buf_set_keymap('n', '<leader>dn', '<cmd>lua vim.lsp.diagnostic.goto_next()<CR>', opts)
buf_set_keymap('n', '<space>q', '<cmd>lua vim.lsp.diagnostic.set_loclist()<CR>', opts) buf_set_keymap('n', '<leader>q', '<cmd>lua vim.lsp.diagnostic.set_loclist()<CR>', opts)
buf_set_keymap('n', '<space>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts) buf_set_keymap('n', '<leader>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
end end
-- Add additional capabilities supported by nvim-cmp -- Add additional capabilities supported by nvim-cmp
local capabilities = vim.lsp.protocol.make_client_capabilities() local capabilities = vim.lsp.protocol.make_client_capabilities()
capabilities = require('cmp_nvim_lsp').update_capabilities(capabilities) capabilities = require('cmp_nvim_lsp').update_capabilities(capabilities)
-- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
capabilities.textDocument.completion.completionItem.snippetSupport = true
for lsp_key, lsp_settings in pairs({ for lsp_key, lsp_settings in pairs({
'bashls', ------------------------------- Bash 'bashls', ------------------------------- Bash
@ -76,10 +78,14 @@ lua <<EOF
} }
}, },
['jsonls'] = { -------------------------- JSON ['jsonls'] = { -------------------------- JSON
['cmd'] = {"json-languageserver", "--stdio"} ['settings'] = {
['json'] = {
['schemas' ] = require('schemastore').json.schemas()
}
}
}, },
'phpactor', ----------------------------- PHP 'phpactor', ----------------------------- PHP
'pylsp', --------------------------------- Python 'pylsp', -------------------------------- Python
'rnix', --------------------------------- Nix 'rnix', --------------------------------- Nix
'solargraph', --------------------------- Ruby 'solargraph', --------------------------- Ruby
'rust_analyzer', ------------------------ Rust 'rust_analyzer', ------------------------ Rust
@ -90,7 +96,6 @@ lua <<EOF
['filetypes'] = { "terraform", "hcl", "tf" } ['filetypes'] = { "terraform", "hcl", "tf" }
}, },
'tsserver', ----------------------------- Typescript / JavaScript 'tsserver', ----------------------------- Typescript / JavaScript
'angularls', ---------------------------- Angular
'vuels', -------------------------------- Vue 'vuels', -------------------------------- Vue
'svelte', ------------------------------- Svelte 'svelte', ------------------------------- Svelte
['yamlls'] = { -------------------------- YAML ['yamlls'] = { -------------------------- YAML
@ -101,6 +106,7 @@ lua <<EOF
['https://json.schemastore.org/github-action'] = '.github/action.{yml,yaml}', ['https://json.schemastore.org/github-action'] = '.github/action.{yml,yaml}',
['https://json.schemastore.org/ansible-stable-2.9'] = 'roles/tasks/*.{yml,yaml}', ['https://json.schemastore.org/ansible-stable-2.9'] = 'roles/tasks/*.{yml,yaml}',
['https://json.schemastore.org/drone'] = '*.drone.{yml,yaml}', ['https://json.schemastore.org/drone'] = '*.drone.{yml,yaml}',
['https://json.schemastore.org/swagger-2.0'] = 'swagger.{yml,yaml}',
} }
} }
} }
@ -116,7 +122,7 @@ lua <<EOF
capabilities = capabilities, capabilities = capabilities,
} }
else -- Use the LSP's configuration. else -- Use the LSP's configuration.
local on_attach_setting = lsp_settings.on_attach local on_attach_setting = on_attach
lsp_settings.on_attach = function() lsp_settings.on_attach = function()
if on_attach_setting then on_attach_setting() end if on_attach_setting then on_attach_setting() end

99
modules/terminal-life/nvim/neovim-0.6.1.patch Normal file
View file

@ -0,0 +1,99 @@
diff --git a/modules/terminal-life/nvim/default.nix b/modules/terminal-life/nvim/default.nix
index e46c82e..02102c4 100644
--- a/modules/terminal-life/nvim/default.nix
+++ b/modules/terminal-life/nvim/default.nix
@@ -74,9 +74,7 @@ in
nodePackages.typescript-language-server
nodePackages.vim-language-server
nodePackages.vue-language-server
- nodePackages.vscode-css-languageserver-bin
- nodePackages.vscode-html-languageserver-bin
- nodePackages.vscode-json-languageserver-bin
+ nodePackages.vscode-langservers-extracted
nodePackages.yaml-language-server
python39Packages.python-lsp-server
python3Full
@@ -131,6 +129,7 @@ in
vim-go
vim-javascript
vim-json
+ SchemaStore-nvim
vim-markdown
vim-nix
vim-ruby
diff --git a/modules/terminal-life/nvim/lsp.vim b/modules/terminal-life/nvim/lsp.vim
index 1d5bf4d..83e5d8c 100644
--- a/modules/terminal-life/nvim/lsp.vim
+++ b/modules/terminal-life/nvim/lsp.vim
@@ -40,10 +40,10 @@ lua <<EOF
buf_set_keymap('n', '<space>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
buf_set_keymap('n', '<space>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
buf_set_keymap('n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
- buf_set_keymap('n', '<space>e', '<cmd>lua vim.lsp.diagnostic.show_line_diagnostics()<CR>', opts)
- buf_set_keymap('n', '[d', '<cmd>lua vim.lsp.diagnostic.goto_prev()<CR>', opts)
- buf_set_keymap('n', ']d', '<cmd>lua vim.lsp.diagnostic.goto_next()<CR>', opts)
- buf_set_keymap('n', '<space>q', '<cmd>lua vim.lsp.diagnostic.set_loclist()<CR>', opts)
+ buf_set_keymap('n', '<space>e', '<cmd>lua vim.diagnostic.open_float()<CR>', opts)
+ buf_set_keymap('n', 'g[', '<cmd>lua vim.diagnostic.goto_prev()<CR>', opts)
+ buf_set_keymap('n', 'g]', '<cmd>lua vim.diagnostic.goto_next()<CR>', opts)
+ buf_set_keymap('n', '<space>q', '<cmd>lua vim.diagnostic.setloclist()<CR>', opts)
buf_set_keymap('n', '<space>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
end
@@ -51,6 +51,8 @@ lua <<EOF
-- Add additional capabilities supported by nvim-cmp
local capabilities = vim.lsp.protocol.make_client_capabilities()
capabilities = require('cmp_nvim_lsp').update_capabilities(capabilities)
+ -- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
+ capabilities.textDocument.completion.completionItem.snippetSupport = true
for lsp_key, lsp_settings in pairs({
'bashls', ------------------------------- Bash
@@ -76,10 +78,14 @@ lua <<EOF
}
},
['jsonls'] = { -------------------------- JSON
- ['cmd'] = {"json-languageserver", "--stdio"}
+ ['settings'] = {
+ ['json'] = {
+ ['schemas' ] = require('schemastore').json.schemas()
+ }
+ }
},
'phpactor', ----------------------------- PHP
- 'pylsp', --------------------------------- Python
+ 'pylsp', -------------------------------- Python
'rnix', --------------------------------- Nix
'solargraph', --------------------------- Ruby
'rust_analyzer', ------------------------ Rust
@@ -90,7 +96,6 @@ lua <<EOF
['filetypes'] = { "terraform", "hcl", "tf" }
},
'tsserver', ----------------------------- Typescript / JavaScript
- 'angularls', ---------------------------- Angular
'vuels', -------------------------------- Vue
'svelte', ------------------------------- Svelte
['yamlls'] = { -------------------------- YAML
@@ -126,6 +131,13 @@ lua <<EOF
end
end -- ‡
+ -- configure floating diagnostics appearance, symbols
+ local signs = { Error = " ", Warn = " ", Hint = " ", Info = " " }
+ for type, icon in pairs(signs) do
+ local hl = "DiagnosticSign" .. type
+ vim.fn.sign_define(hl, { text = icon, texthl = hl, numhl = hl })
+ end
+
-- Set completeopt to have a better completion experience
vim.o.completeopt = 'menuone,noselect'
@@ -184,7 +196,7 @@ let g:diagnostic_trimmed_virtual_text = '40'
let g:diagnostic_insert_delay = 1
" Show diagnostic popup on cursor hold
-autocmd CursorHold * lua vim.lsp.diagnostic.show_line_diagnostics({ focusable = false })
+autocmd CursorHold,CursorHoldI * lua vim.diagnostic.open_float(nil, { focus = false, scope = "cursor" })
" Goto previous/next diagnostic warning/error
" nnoremap <silent> g[ <cmd>PrevDiagnosticCycle<cr>

4
modules/terminal-life/nvim/plugins.vim
View file

@ -5,8 +5,10 @@ autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
let g:gutentags_file_list_command = 'git ls-files' let g:gutentags_file_list_command = 'git ls-files'
" Golang " Golang
" Go test shortcut " Go test, Def, Decls shortcut
nmap <Leader>got :GoTest<CR>:botright copen<CR> nmap <Leader>got :GoTest<CR>:botright copen<CR>
autocmd FileType go nmap gd :GoDef<CR>
autocmd FileType go nmap gD :GoDecls<CR>
" Go formatting " Go formatting
autocmd FileType go setlocal noexpandtab shiftwidth=4 tabstop=4 softtabstop=4 nolist autocmd FileType go setlocal noexpandtab shiftwidth=4 tabstop=4 softtabstop=4 nolist

16
modules/terminal-life/zsh/default.nix
View file

@ -22,7 +22,6 @@ in
[ "$(tty)" = "/dev/tty1" ] && exec sway [ "$(tty)" = "/dev/tty1" ] && exec sway
''; '';
shellAliases = { shellAliases = {
nano = "nvim"; nano = "nvim";
vi = "nvim"; vi = "nvim";
@ -72,13 +71,14 @@ in
bindkey '^R' fzf-history-widget bindkey '^R' fzf-history-widget
# ArrowUp/Down start searching history with current input # ArrowUp/Down start searching history with current input
autoload -U history-search-end autoload -U up-line-or-beginning-search
zle -N history-beginning-search-backward-end history-search-end autoload -U down-line-or-beginning-search
zle -N history-beginning-search-forward-end history-search-end zle -N up-line-or-beginning-search
bindkey "^[[A" history-beginning-search-backward-end zle -N down-line-or-beginning-search
bindkey "^[[B" history-beginning-search-forward-end bindkey "^[[A" up-line-or-beginning-search
bindkey "^P" history-beginning-search-backward-end bindkey "^[[B" down-line-or-beginning-search
bindkey "^N" history-beginning-search-forward-end bindkey "^P" up-line-or-beginning-search
bindkey "^N" down-line-or-beginning-search
# MAKE CTRL+S WORK IN VIM # MAKE CTRL+S WORK IN VIM
stty -ixon stty -ixon

5
modules/user/default.nix
View file

@ -21,6 +21,11 @@ in
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
}; };
publicKeys = mkOption {
description = "User SSH public keys";
type = types.listOf types.path;
default = [ ];
};
fullName = mkOption { fullName = mkOption {
description = "User full name"; description = "User full name";
type = types.nullOr types.str; type = types.nullOr types.str;

2
modules/virtualisation/default.nix
View file

@ -19,7 +19,7 @@ in
virtualisation.libvirtd = { virtualisation.libvirtd = {
enable = true; enable = true;
qemuOvmf = true; qemu.ovmf.enable = true;
}; };
users.users = pkgs.lib.setAttrByPath [ psCfg.user.name ] { users.users = pkgs.lib.setAttrByPath [ psCfg.user.name ] {
extraGroups = [ "libvirtd" ]; extraGroups = [ "libvirtd" ];

10
modules/x-os/boot.nix
View file

@ -1,16 +1,22 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
with lib;
let let
cfg = config.pub-solar.x-os; cfg = config.pub-solar.x-os;
in in
{ {
options.pub-solar.x-os.iso-options.enable = mkOption {
type = types.bool;
default = false;
description = "Feature flag for iso builds";
};
config = { config = {
# Enable plymouth for better experience of booting # Enable plymouth for better experience of booting
boot.plymouth.enable = true; boot.plymouth.enable = true;
# Mount / luks device in initrd # Mount / luks device in initrd
# Allow fstrim to work on it. # Allow fstrim to work on it.
boot.initrd = { # The ! makes this enabled by default
boot.initrd = mkIf (!cfg.iso-options.enable) {
luks.devices."cryptroot" = { luks.devices."cryptroot" = {
allowDiscards = true; allowDiscards = true;
}; };

20
overlays/mdbook-multilang.nix Normal file
View file

@ -0,0 +1,20 @@
final: prev: {
mdbook-multilang = prev.mdbook.overrideAttrs (oldAttrs: rec {
pname = "mdbook";
version = "pr1306";
src = prev.fetchFromGitHub {
owner = "Ruin0x11";
repo = "mdBook";
rev = "9d8147c52dd9d50047ba5b29e4af99f92577806e";
sha256 = "sha256-gJnQKHssO2ChiT4d037Lncd7hiOa5uh756p8TzPzbgQ=";
};
cargoDeps = oldAttrs.cargoDeps.overrideAttrs (prev.lib.const {
name = "${pname}-vendor.tar.gz";
inherit src;
outputHash = "sha256-QCEyl5FZqECYYb5eRm8mn+R6owt+CLQwCq/AMMPygE0=";
});
});
}

20
overlays/overrides.nix
View file

@ -4,31 +4,28 @@ channels: final: prev: {
inherit (channels.latest) inherit (channels.latest)
cachix cachix
deploy-rs
docker
docker-compose_2
dhall dhall
discord discord
element-desktop element-desktop
rage rage
nixpkgs-fmt nixpkgs-fmt
nomad qutebrowser
rage
signal-desktop signal-desktop
starship starship
deploy-rs deploy-rs
element-desktop-wayland docker
neovim-unwrapped docker-compose_2
nomad
tdesktop tdesktop
xdg-desktop-portal
xdg-desktop-portal-gtk
xdg-desktop-portal-wlr
obs-studio obs-studio
obs-studio-plugins obs-studio-plugins
looking-glass-client looking-glass-client
; ;
inherit (channels.master)
qMasterPassword
;
haskellPackages = prev.haskellPackages.override haskellPackages = prev.haskellPackages.override
(old: { (old: {
@ -41,4 +38,7 @@ channels: final: prev: {
haskell-language-server; haskell-language-server;
}); });
}); });
# Example to override node package
# nodePackages = prev.nodePackages // { inherit (channels.latest.nodePackages) manta; };
} }

26
overlays/python-wiki-fetch.nix Normal file
View file

@ -0,0 +1,26 @@
final: prev: with prev.python39Packages; {
python-wiki-fetch = buildPythonPackage rec {
pname = "fetch";
version = "unstable-2022-02-25";
src = prev.fetchFromGitHub {
owner = "yashsinghcodes";
repo = "fetch";
rev = "3a490a2c2f0b6d2491397fe77939e850056963fd";
sha256 = "sha256-VsZ8YEXZOIf3UbPmJSn84DYaINavLXCzC0nUOqkvOh4=";
};
checkPhase = ''
cd test
${python.interpreter} test.py
'';
propagatedBuildInputs = [
beautifulsoup4
requests
wheel
];
patches = ./python-wiki-fetch.patch;
};
}

32
overlays/python-wiki-fetch.patch Normal file
View file

@ -0,0 +1,32 @@
--- a/setup.py
+++ b/setup.py
@@ -3,13 +3,6 @@ from os import name, path
from sys import version
import setuptools
-req_pkgs = [
- 'bs4',
- 'requests',
- 'wheel'
-]
-
-
with open("README.md","r") as f:
long_description = f.read()
@@ -25,7 +18,7 @@ setuptools.setup(
packages = setuptools.find_packages(),
entry_points={
'console_scripts': [
- 'fetch=fetch.fetch:arguments',
+ 'wiki=fetch.fetch:arguments',
]
},
python_requires='>=3.*',
@@ -36,6 +29,4 @@ setuptools.setup(
"Development Status :: 5 - Production/Stable",
"Environment :: Console",
],
- install_requires=req_pkgs,
- setup_requires=req_pkgs,
)

1
pkgs/default.nix
View file

@ -3,6 +3,7 @@ with final; {
# keep sources this first # keep sources this first
sources = prev.callPackage (import ./_sources/generated.nix) { }; sources = prev.callPackage (import ./_sources/generated.nix) { };
# then, call packages with `final.callPackage` # then, call packages with `final.callPackage`
gpu-switch = writeShellScriptBin "gpu-switch" (import ./gpu-switch.nix final);
import-gtk-settings = writeShellScriptBin "import-gtk-settings" (import ./import-gtk-settings.nix final); import-gtk-settings = writeShellScriptBin "import-gtk-settings" (import ./import-gtk-settings.nix final);
lgcl = writeShellScriptBin "lgcl" (import ./lgcl.nix final); lgcl = writeShellScriptBin "lgcl" (import ./lgcl.nix final);
mailto-mutt = writeShellScriptBin "mailto-mutt" (import ./mailto-mutt.nix final); mailto-mutt = writeShellScriptBin "mailto-mutt" (import ./mailto-mutt.nix final);

69
pkgs/gpu-switch.nix Normal file
View file

@ -0,0 +1,69 @@
self: with self; ''
# Copyright (c) 2014-2015 Bruno Bierbaumer, Andreas Heider
readonly sysfs_efi_vars='/sys/firmware/efi/efivars'
readonly efi_gpu='gpu-power-prefs-fa4ce28d-b62f-4c99-9cc3-6815686e30f9'
usage(){
cat <<EOF
Usage:
$(basename $0) --integrated # Switch to the integrated GPU
$(basename $0) --dedicated # Switch to the dedicated GPU
$(basename $0) --help # Show this message
Switches between the integrated and dedicated graphics cards of a dual-GPU
MacBook Pro for the next reboot.
Arguments:
-i, --integrated
-d, --dedicated
-h, --help
Tested hardware:
MacBook Pro 5,2 (Early 2009, Non-Retina)
MacBook Pro 5,3 (Mid 2009, Non-Retina)
MacBook Pro 8,2 (Late 2011, Non-Retina)
MacBook Pro 9,1 (Mid 2012, Non-Retina)
MacBook Pro 10,1 (Mid 2012, Retina)
MacBook Pro 11,3 (Late 2013, Retina)
MacBook Pro 11,5 (Mid 2015, Retina)
EOF
}
switch_gpu(){
if ! [ -d /sys/firmware/efi ]; then
printf "Fatal: $(basename $0) has to be run in EFI mode.\n" 1>&2
exit 1
fi
if ! mount | grep -q $sysfs_efi_vars; then
if ! mount -t efivarfs none $sysfs_efi_vars; then
printf "Fatal: Couldn't mount ''${sysfs_efi_vars}.\n" 1>&2
exit 1
fi
fi
chattr -i "''${sysfs_efi_vars}/''${efi_gpu}" 2> /dev/null
printf "\x07\x00\x00\x00\x''${1}\x00\x00\x00" > "''${sysfs_efi_vars}/''${efi_gpu}"
}
if [ $# -ne 1 ]; then
usage 1>&2
exit 1
fi
case "$1" in
-i|--integrated)
switch_gpu 1
;;
-d|--dedicated)
switch_gpu 0
;;
-h|--help)
usage
;;
*)
usage 1>&2
exit 1
;;
esac
''

10
pkgs/lgcl.nix
View file

@ -1,3 +1,9 @@
self: with self; '' self: with self;
${self.looking-glass-client}/bin/looking-glass-client -f /dev/shm/looking-glass input:ignoreWindowsKeys=yes input:grabKeyboardOnFocus=no let
looking-glass-client = self.looking-glass-client.overrideAttrs (old: {
meta.platforms = [ "x86_64-linux" "aarch64-linux" ];
});
in
''
${looking-glass-client}/bin/looking-glass-client -f /dev/shm/looking-glass input:ignoreWindowsKeys=yes input:grabKeyboardOnFocus=no
'' ''

6
profiles/audio/default.nix Normal file
View file

@ -0,0 +1,6 @@
{ self, config, lib, pkgs, ... }:
let inherit (lib) fileContents;
in
{
pub-solar.audio.enable = true;
}

4
profiles/base-user/.config/waybar/config
View file

@ -4,7 +4,7 @@
"height": 26, // Waybar height "height": 26, // Waybar height
"modules-left": ["sway/workspaces", "sway/mode"], "modules-left": ["sway/workspaces", "sway/mode"],
"modules-center": ["mpd"], //"modules-center": ["mpd"],
"modules-right": ["sway/language", "pulseaudio", "network", "idle_inhibitor", "battery", "clock", "tray"], "modules-right": ["sway/language", "pulseaudio", "network", "idle_inhibitor", "battery", "clock", "tray"],
"sway/workspaces": { "sway/workspaces": {
"disable-scroll": true "disable-scroll": true
@ -62,7 +62,7 @@
"network": { "network": {
"interval": 3, "interval": 3,
"tooltip": true, "tooltip": true,
//"interface": "wlp4s0", // (Optional) To force the use of this interface   \uF2E7, "interface": "wlp4s0", // (Optional) To force the use of this interface   \uF2E7,
"format-wifi": "<span font='10'></span> \uf062 {bandwidthUpBits} | \uf063 {bandwidthDownBits}", "format-wifi": "<span font='10'></span> \uf062 {bandwidthUpBits} | \uf063 {bandwidthDownBits}",
"format-ethernet": "<span font='10'></span> \uf062 {bandwidthUpBits} | \uf063 {bandwidthDownBits}", "format-ethernet": "<span font='10'></span> \uf062 {bandwidthUpBits} | \uf063 {bandwidthDownBits}",
"format-disconnected": "", "format-disconnected": "",

1
profiles/base-user/default.nix
View file

@ -19,6 +19,7 @@ in
extraGroups = [ "wheel" "docker" "input" "audio" "video" "networkmanager" "lp" "scanner" ]; extraGroups = [ "wheel" "docker" "input" "audio" "video" "networkmanager" "lp" "scanner" ];
initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else ""; initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else "";
shell = pkgs.zsh; shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [];
}; };
}; };
} }

2
profiles/base-user/home.nix
View file

@ -20,7 +20,7 @@ in
home.packages = with pkgs; [ ]; home.packages = with pkgs; [ ];
fonts.fontconfig.enable = true; fonts.fontconfig.enable = mkForce true;
programs.dircolors.enable = true; programs.dircolors.enable = true;
programs.dircolors.enableZshIntegration = true; programs.dircolors.enableZshIntegration = true;

3
profiles/base-user/session-variables.nix
View file

@ -58,6 +58,9 @@ let
# experimental wayland in firefox/thunderbird # experimental wayland in firefox/thunderbird
MOZ_ENABLE_WAYLAND = "1"; MOZ_ENABLE_WAYLAND = "1";
# chromium / electron on wayland: enable ozone (native wayland mode)
NIXOS_OZONE_WL = "1";
# Vagrant # Vagrant
VAGRANT_HOME = "${xdg.dataHome}/vagrant"; VAGRANT_HOME = "${xdg.dataHome}/vagrant";
VAGRANT_DEFAULT_PROVIDER = "libvirt"; VAGRANT_DEFAULT_PROVIDER = "libvirt";

18
profiles/core/default.nix
View file

@ -1,4 +1,4 @@
{ self, config, lib, pkgs, ... }: { self, config, lib, pkgs, inputs, ... }:
let inherit (lib) fileContents; let inherit (lib) fileContents;
in in
{ {
@ -10,12 +10,6 @@ in
pub-solar.audio.enable = true; pub-solar.audio.enable = true;
pub-solar.crypto.enable = true; pub-solar.crypto.enable = true;
pub-solar.devops.enable = true; pub-solar.devops.enable = true;
pub-solar.docker.enable = true;
pub-solar.nextcloud.enable = true;
pub-solar.office.enable = true;
# pub-solar.printing.enable = true; # this is enabled automatically if office is enabled
pub-solar.server.enable = true;
pub-solar.printing.enable = true;
# This is just a representation of the nix default # This is just a representation of the nix default
nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
@ -65,6 +59,7 @@ in
p7zip p7zip
croc croc
jq jq
jless
# Nix specific utilities # Nix specific utilities
niv niv
@ -74,6 +69,7 @@ in
# Build broken, python2.7-PyJWT-2.0.1.drv' failed # Build broken, python2.7-PyJWT-2.0.1.drv' failed
#nixops #nixops
psos psos
nvd
# Fun # Fun
neofetch neofetch
@ -94,7 +90,7 @@ in
nix = { nix = {
# use nix-dram, a patched nix command, see: https://github.com/dramforever/nix-dram # use nix-dram, a patched nix command, see: https://github.com/dramforever/nix-dram
package = pkgs.nix-dram; package = inputs.nix-dram.packages.${pkgs.system}.nix-dram;
# Improve nix store disk usage # Improve nix store disk usage
autoOptimiseStore = true; autoOptimiseStore = true;
@ -118,7 +114,11 @@ in
''; '';
}; };
system.autoUpgrade.enable = true; # For rage encryption, all hosts need a ssh key pair
services.openssh = {
enable = true;
openFirewall = lib.mkDefault false;
};
# Service that makes Out of Memory Killer more effective # Service that makes Out of Memory Killer more effective
services.earlyoom.enable = true; services.earlyoom.enable = true;

15
profiles/full-install/default.nix Normal file
View file

@ -0,0 +1,15 @@
{ self, config, lib, pkgs, ... }:
let inherit (lib) fileContents;
in
{
imports = [ ../cachix ];
config = {
pub-solar.audio.mopidy.enable = true;
pub-solar.audio.bluetooth.enable = true;
pub-solar.docker.enable = true;
pub-solar.nextcloud.enable = true;
pub-solar.office.enable = true;
# pub-solar.printing.enable = true; # this is enabled automatically if office is enabled
};
}

1
profiles/graphical/default.nix
View file

@ -4,5 +4,4 @@ in
{ {
pub-solar.graphical.enable = true; pub-solar.graphical.enable = true;
pub-solar.sway.enable = true; pub-solar.sway.enable = true;
pub-solar.social.enable = true;
} }

9
profiles/pub-solar-iso/default.nix Normal file
View file

@ -0,0 +1,9 @@
{ self, config, lib, pkgs, ... }:
let inherit (lib) fileContents;
in
{
imports = [ ../cachix ];
config = {
pub-solar.x-os.iso-options.enable = true;
};
}

6
profiles/social/default.nix Normal file
View file

@ -0,0 +1,6 @@
{ self, config, lib, pkgs, ... }:
let inherit (lib) fileContents;
in
{
pub-solar.social.enable = true;
}

20
secrets/environment-secrets.age
View file

@ -1,11 +1,11 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 Wp/X/Q C++E2jLATPQMAxb63nkqjPrgHoVDm1ZsUGr7niplsRY -> ssh-ed25519 Wp/X/Q IKfNl3gr5ua8kmzHnvIxSSF9BRFVyoLVBaQ5jzuFARI
K6dtOxlstQTNdKUNJA7UU1SwLzZ59loADXyQ1Li4Jos uzHWNCEVtzi5dTqro2ybcKZk9eIH55EW3XQ3PN694Z4
-> ssh-ed25519 8U1+ng yNH7UiUtOvW9H0Ff9XTVRi7nxQXqNRlUxRrWkvbYjwA -> ssh-ed25519 8U1+ng utu6wEkelk2/T/y/NAOgjZuz30CT/epmQqU15pgsmSI
mJc/c+tLP7kRrR6OCV+b9Z7WkvDwuagbP3e8Nm67738 eH+xU7pl7Ok/tYVQBjumMMUo58UQWaOnbfE7bYxIyM8
-> ssh-ed25519 BVsyTA o7UF3e1fMZKyN6wg3u5j4uHjc4tYZCABSCq0TxbwYnU -> ssh-ed25519 BVsyTA 34Fk/GSuH8FJWNLZxE9798zfLawgJucGk7M8bEazHng
X6OG6ySS92rDBXMy5yC7rRqAfxzYe4Ahrpc/fqTd2Gk Z5B0o32wZLAK0u7iTrWUn8he4G5AW+z1DDhkYZeSDXA
-> H-grease z7xB6LqI RK 4QF L, -> :|0NxJA-grease Ko8o7 vL#k|]M
nLqd2fYqYz7wfoQ5IWc41v5AMQeKeNZkabRMkYo GmDtTyzO8xSd51y5FYQ9uGUe/dTbQYI/7UqK4CtH078GDYn4PIGNlIdqTca5MQ
--- 7JewEr1iERrpdhFYTlscmFemDbUvKxxc2QWq482abjo --- mHoGm+wNh2RKcaqRVO3AFX2ravHNTHlIfq2ADiZPVmg
â‡1+/ 4'»ã¤GQbkÚqf˜ ¥|B}ÛŸ*Ñå|Ñ=¾§‰ð侸wbö™£Y9©ÓÃ\Q â<>mèú<16>Ú•ž&£Œ-‰ è$C0 S¾C¹ÖF"ÅW`6}­¹ib§ö+ ·<E28093>LVd<64>ðýχöFðêrüæ¿~?HP±Cè~Ïχ<C38F>Js5WM¶y³ÁÈXççëxÚøžÞƒDÃáGH

1
secrets/teutat3s-yubikey.pub Normal file
View file

@ -0,0 +1 @@
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFro/k4Mgqyh8yV/7Zwjc0dv60ZM7bROBU9JNd99P/4co6fxPt1pJiU/pEz2Dax/HODxgcO+jFZfvPEuLMCeAl0= YubiKey #10593996 PIV Slot 9a

2
shell/bud/default.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, budUtils, ... }: { { pkgs, lib, budUtils, ... }: {
bud.cmds = with pkgs; { bud.cmds = with pkgs; {
get = { get = {
writer = budUtils.writeBashWithPaths [ nixUnstable git coreutils ]; writer = budUtils.writeBashWithPaths [ nixFlakes git coreutils ];
synopsis = "get [DEST]"; synopsis = "get [DEST]";
help = "Copy the desired template to DEST"; help = "Copy the desired template to DEST";
script = ./get.bash; script = ./get.bash;

5
shell/devos.nix
View file

@ -15,6 +15,9 @@ in
imports = [ "${extraModulesPath}/git/hooks.nix" ]; imports = [ "${extraModulesPath}/git/hooks.nix" ];
git = { inherit hooks; }; git = { inherit hooks; };
# override for our own welcome
devshell.name = pkgs.lib.mkForce "PubSolarOS";
# tempfix: remove when merged https://github.com/numtide/devshell/pull/123 # tempfix: remove when merged https://github.com/numtide/devshell/pull/123
devshell.startup.load_profiles = pkgs.lib.mkForce (pkgs.lib.noDepEntry '' devshell.startup.load_profiles = pkgs.lib.mkForce (pkgs.lib.noDepEntry ''
# PATH is devshell's exorbitant privilige: # PATH is devshell's exorbitant privilige:
@ -31,7 +34,7 @@ in
''); '');
commands = with pkgs; [ commands = with pkgs; [
(devos nixUnstable) (devos nixFlakes)
(devos agenix) (devos agenix)
{ {
category = "devos"; category = "devos";

11
users/nixos/default.nix
View file

@ -1,11 +0,0 @@
{ hmUsers, ... }:
{
home-manager.users = { inherit (hmUsers) nixos; };
users.users.nixos = {
password = "nixos";
description = "default";
isNormalUser = true;
extraGroups = [ "wheel" ];
};
}

18
users/pub-solar/default.nix Normal file
View file

@ -0,0 +1,18 @@
{ hmUsers, ... }:
{
home-manager.users = { inherit (hmUsers) pub-solar; };
pub-solar = {
# These are your personal settings
# The only required settings are `name` and `password`,
# for convenience, use publicKeys to add your SSH keys
# The rest is used for programs like git
user = {
name = "pub-solar";
password = "$6$Kv0BCLU2Jg7GN8Oa$hc2vERKCbZdczFqyHPfgCaleGP.JuOWyd.bfcIsLDNmExGXI6Rnkze.SWzVzVS311KBznN/P4uUYAUADXkVtr.";
fullName = "Pub Solar";
email = "iso@pub.solar";
publicKeys = [ ../../secrets/teutat3s-yubikey.pub ];
};
};
}

8
users/teutat3s/.config/git/config.nix
View file

@ -1,7 +1,13 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
in in
pkgs.lib.mkAfter ''[includeIf "gitdir:~/CodeRoom/greenbaum.cloud/"] pkgs.lib.mkAfter ''[sendemail]
smtpserver = smtp.mailbox.org
smtpuser = jhonas@mailbox.org
smtpencryption = tls
smtpserverport = 587
[includeIf "gitdir:~/CodeRoom/greenbaum.cloud/"]
path = ~/.config/git/config_greenbaum.cloud path = ~/.config/git/config_greenbaum.cloud
[includeIf "gitdir:~/CodeRoom/git.b12f.io/"] [includeIf "gitdir:~/CodeRoom/git.b12f.io/"]

29
users/teutat3s/.config/watson/config.nix Normal file
View file

@ -0,0 +1,29 @@
{ config, pkgs, ... }:
let
in
''# Watson configuration
# showing defaults commented out
# not implemented yet as of 2.0.1
#[backend]
#url = https://api.crick.fr
#token = yourapitoken
[options]
#options.confirm_new_project = false
#options.confirm_new_tag = false
date_format = %d.%m.%Y
#log_current = false
pager = false
#report_current = false
#reverse_log = true
stop_on_start = true
#stop_on_restart = false
time_format = %H:%M%z
#week_start = monday
#[default_tags]
#project-name = tag1 tag2
#python101 = teaching python
#voyager2 = nasa 'space mission'
''

10
users/teutat3s/home.nix
View file

@ -10,22 +10,26 @@ in
]; ];
config = { config = {
pub-solar.social.enable = true;
pub-solar.graphical.alacritty.settings.font.size = 12; pub-solar.graphical.alacritty.settings.font.size = 12;
pub-solar.graphical.alacritty.settings.key_bindings = [ pub-solar.graphical.alacritty.settings.key_bindings = [
{ key = "V"; mods = "Control|Super"; action = "Paste"; } { key = "V"; mods = "Control|Super"; action = "Paste"; }
{ key = "C"; mods = "Control|Super"; action = "Copy"; } { key = "C"; mods = "Control|Super"; action = "Copy"; }
]; ];
services.kbfs.enable = false; services.kbfs.enable = true;
services.keybase.enable = false; services.keybase.enable = true;
services.yubikey-agent.enable = true; services.yubikey-agent.enable = true;
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
xdg.configFile."git/config".text = import ./.config/git/config.nix { inherit config; inherit pkgs; }; xdg.configFile."git/config".text = import ./.config/git/config.nix { inherit config; inherit pkgs; };
xdg.configFile."git/config_greenbaum.cloud".text = import ./.config/git/config_greenbaum.cloud.nix { inherit config; inherit pkgs; }; xdg.configFile."git/config_greenbaum.cloud".text = import ./.config/git/config_greenbaum.cloud.nix { inherit config; inherit pkgs; };
xdg.configFile."git/config_git.b12f.io".text = import ./.config/git/config_git.b12f.io.nix { inherit config; inherit pkgs; }; xdg.configFile."git/config_git.b12f.io".text = import ./.config/git/config_git.b12f.io.nix { inherit config; inherit pkgs; };
xdg.configFile."watson/config".text = import ./.config/watson/config.nix { inherit config; inherit pkgs; };
home.packages = with pkgs; [ home.packages = with pkgs; [
AusweisApp2 AusweisApp2
consul consul
gpu-switch
ifmetric ifmetric
ipmitool ipmitool
keybase-gui keybase-gui
@ -67,7 +71,7 @@ in
}; };
programs.zsh = { programs.zsh = {
initExtra = import ./zshrc.nix pkgs; initExtra = import ./zshrc.nix { inherit config; inherit pkgs; };
}; };
# xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg; # xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;

1
users/teutat3s/session-variables.nix
View file

@ -7,6 +7,7 @@ in
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
home.sessionVariables = { home.sessionVariables = {
DRONE_SERVER = "https://ci.b12f.io"; DRONE_SERVER = "https://ci.b12f.io";
GOPATH = "/home/${psCfg.user.name}/CodeRoom/go";
}; };
}; };
} }

28
users/teutat3s/zshrc.nix
View file

@ -1,4 +1,4 @@
pkgs: { config, pkgs, ... }:
'' ''
bindkey "^[[1;3D" backward-word bindkey "^[[1;3D" backward-word
bindkey "^[[1;3C" forward-word bindkey "^[[1;3C" forward-word
@ -54,18 +54,32 @@ pkgs:
alias wg-down="sudo systemctl stop wg-quick@wg0.service" alias wg-down="sudo systemctl stop wg-quick@wg0.service"
# Helper function for docker on triton # Helper function for docker on triton
ttdo () { ttp() {
if [[ "$1" == "set" ]]; then if [[ "$1" == "set" ]]; then
if [[ -n "$2" ]]; then if [[ -n "$2" ]]; then
source unset-env.sh
triton profile set "$2" triton profile set "$2"
fi fi
source ~/CodeRoom/greenbaum.cloud/triton-docker.env.sh source ~/CodeRoom/greenbaum.cloud/tritonshell/template/pkgs/utils/triton-docker.env.sh
elif [[ "$1" == "unset" ]]; then elif [[ "$1" == "unset" ]]; then
eval "$(triton env --unset)" && unset TRITON_CNS_SEARCH_DOMAIN_PRIVATE TRITON_CNS_SEARCH_DOMAIN_PUBLIC source ~/CodeRoom/greenbaum.cloud/tritonshell/template/pkgs/utils/unset-env.sh
elif [[ "$1" == "env" ]]; then elif [[ "$1" == "env" ]]; then
env | grep "DOCKER\|TRITON\|SDC" env | grep "DOCKER\|MANTA\|SDC\|TRITON" | sort
else else
/usr/bin/docker $@ echo "this is a helper function to quickly switch triton profiles"
echo "and setup the required environment variables"
echo "for triton, manta and the remote docker host (API)"
echo
echo 'use "ttp set your-profile" to switch to a profile'
echo
echo 'use "ttp unset" to clear all environment variables used by these CLIs'
echo "useful if you'd like to run a docker command against the"
echo "local docker host"
echo
echo 'use "ttp env" to view the currently set environment variables'
echo "used by the triton & manta CLIs"
echo
echo 'use "ttp help" to view this help'
fi fi
} }
@ -83,5 +97,5 @@ pkgs:
complete -o nospace -C ${pkgs.waypoint}/bin/waypoint waypoint complete -o nospace -C ${pkgs.waypoint}/bin/waypoint waypoint
complete -C '${pkgs.awscli2}/bin/aws_completer' ${pkgs.awscli2}/bin/aws complete -C '${pkgs.awscli2}/bin/aws_completer' ${pkgs.awscli2}/bin/aws
source /run/secrets/environment-secrets source ${config.age.secrets.environment-secrets.path}
'' ''