From e5aaed7169e7a9b1ae537763ee94ea01aa401852 Mon Sep 17 00:00:00 2001 From: andromeda Date: Wed, 6 May 2026 19:37:56 +0200 Subject: neo layout --- files/.bashrc | 2 +- files/.config/sway/config | 7 +- galaxious/configuration.nix | 56 +++++ guix/home-configuration.scm | 7 +- laptop/configuration.nix | 247 +++++++++++++++++++++ laptop/home.nix | 145 +++++++++++++ laptop/home/sway_config | 79 +++++++ laptop/patches/change-default-search-engine.patch | 22 ++ nix/configuration.nix | 246 --------------------- nix/home.nix | 145 ------------- nix/home/sway_config | 79 ------- nix/npins/default.nix | 249 ---------------------- nix/npins/sources.json | 131 ------------ nix/patches/change-default-search-engine.patch | 22 -- nix/pub-keys.nix | 10 - nix/secrets.nix | 10 - nix/secrets/andromeda-pw.age | 7 - nix/secrets/secrets.nix | 9 - npins/default.nix | 249 ++++++++++++++++++++++ npins/sources.json | 131 ++++++++++++ pub-keys.nix | 10 + secrets.nix | 10 + secrets/andromeda-pw.age | 7 + secrets/secrets.nix | 9 + 24 files changed, 974 insertions(+), 915 deletions(-) create mode 100644 galaxious/configuration.nix create mode 100644 laptop/configuration.nix create mode 100644 laptop/home.nix create mode 100644 laptop/home/sway_config create mode 100644 laptop/patches/change-default-search-engine.patch delete mode 100644 nix/configuration.nix delete mode 100644 nix/home.nix delete mode 100644 nix/home/sway_config delete mode 100644 nix/npins/default.nix delete mode 100644 nix/npins/sources.json delete mode 100644 nix/patches/change-default-search-engine.patch delete mode 100644 nix/pub-keys.nix delete mode 100644 nix/secrets.nix delete mode 100644 nix/secrets/andromeda-pw.age delete mode 100644 nix/secrets/secrets.nix create mode 100644 npins/default.nix create mode 100644 npins/sources.json create mode 100644 pub-keys.nix create mode 100644 secrets.nix create mode 100644 secrets/andromeda-pw.age create mode 100644 secrets/secrets.nix diff --git a/files/.bashrc b/files/.bashrc index 46c8271..8e93e38 100644 --- a/files/.bashrc +++ b/files/.bashrc @@ -42,7 +42,7 @@ export GPG_TTY HISTFILESIZE=100000 HISTSIZE=10000 PS1="\u@\h:\w$" -SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt" +CURL_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" GUIX_PROFILE="/home/andromeda/.config/guix/current" . "$GUIX_PROFILE/etc/profile" diff --git a/files/.config/sway/config b/files/.config/sway/config index cd884db..f70efd1 100644 --- a/files/.config/sway/config +++ b/files/.config/sway/config @@ -58,7 +58,10 @@ bindsym $mod+Shift+0 move container to workspace number 0 seat * hide_cursor 100 input type:touchpad events disabled -input type:keyboard xkb_options ctrl:nocaps +input type:keyboard xkb_options lv5:ralt_switch +input type:keyboard xkb_options caps:mod3 +input type:keyboard xkb_layout de +input type:keyboard xkb_variant neo bindsym $mod+r exec 'swaymsg "seat * hide_cursor 100"; swaymsg "input type:touchpad events disabled"' bindsym $mod+t exec 'swaymsg "seat * hide_cursor 0"; swaymsg "input type:touchpad events enabled"' @@ -78,4 +81,4 @@ bindsym --locked XF86MonbrightnessUp exec brightnessctl set 2%+ default_border none font pango:monospace 0.001 titlebar_border_thickness 0 -titlebar_padding 0 \ No newline at end of file +titlebar_padding 0 diff --git a/galaxious/configuration.nix b/galaxious/configuration.nix new file mode 100644 index 0000000..9066c64 --- /dev/null +++ b/galaxious/configuration.nix @@ -0,0 +1,56 @@ +{ ... }: let + sources = import ../npins; + pkgs = import sources.nixpkgs {}; + modulesPath = "${nixpkgs}/nixos/modules"; +in { + boot = { + initrd = { + availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ]; + kernelModules = [ "nvme" ]; + }; + kernelPackages = pkgs.linuxPackages_latest; + loader = { + grub.device = "/dev/sda"; + timeout = 30; + }; + tmp.cleanOnBoot = true; + }; + fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + networking = { + domain = "contaboserver.net"; + hostName = "vmi2998419"; + useNetworkd = true; + usePredictableInterfaceNames = true; + }; + nix = { + channel.enable = false; + settings = { + experimental-features = "flakes nix-command"; + trusted-users = ["@wheel"]; + }; + }; + nixpkgs = { + config.allowUnfree = false; + flake.source = sources.nixpkgs; + hostPlatform = "x86_64-linux"; + }; + services.openssh.enable = true; + systemd.network = { + enable = true; + networks."40-wan" = { + address = [ "2a02:c207:2299:8419::1/64" "109.199.104.83/20" ]; + dns = [ "2020:fe::10" "9.9.9.10" ]; + matchConfig.Name = "enx0050565f4fff"; + routes = [ { Gateway = "109.199.96.1"; GatewayOnLink = true; } { Gateway = "fe80::1"; } ]; + }; + }; + system.stateVersion = "25.11"; + users = { + mutableUsers = false; + users.root = { + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJy2VD362wUcu0lKj2d6OIU8dbAna0Lu/NaAYIj8gdIA andromeda@lenovo" ]; + }; + }; + zramSwap.enable = true; +} diff --git a/guix/home-configuration.scm b/guix/home-configuration.scm index 12fa1ac..3bd8270 100644 --- a/guix/home-configuration.scm +++ b/guix/home-configuration.scm @@ -17,13 +17,12 @@ "cinny-desktop-bin" "du-dust" "emacs-no-x" + "emacs-nix-mode" "emacs-ement" "fzf" "fastfetch" "gdb" "git" - "glib" ; needed for cinny - "gsettings-desktop-schemas" ; needed for cinny "grim" "hello" "jmtpfs" @@ -56,9 +55,9 @@ "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA")))) (channel (name 'saayix) - (branch "main") + (branch "entropy") (url "https://codeberg.org/look/saayix") - (commit "f0e272e58c9b758f2923ccd298e7eb857718c55f") + (commit "ab0adebdf48794f7c0659785c6c4ddd2220e3cf0") (introduction (make-channel-introduction "12540f593092e9a177eb8a974a57bb4892327752" diff --git a/laptop/configuration.nix b/laptop/configuration.nix new file mode 100644 index 0000000..6efd55a --- /dev/null +++ b/laptop/configuration.nix @@ -0,0 +1,247 @@ +{config, ...}: let + sources = import ../npins; + pkgs = import sources.nixpkgs {}; +in { + boot = { + initrd = { + availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"]; + systemd = { + services.impermanent-btrfs = { + description = "saves old root and makes new one"; + unitConfig.DefaultDependencies = false; + serviceConfig = { + Type = "oneshot"; + StandardOutput = "journal+console"; + StandardError = "journal+console"; + }; + requiredBy = [ + "initrd.target" + ]; + before = [ + "sysroot.mount" + ]; + requires = [ + "initrd-root-device.target" + ]; + after = [ + "initrd-root-device.target" + "local-fs-pre.target" + ]; + script = '' + mkdir /btrfs_tmp + mount ${config.fileSystems."/".device} /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + mkdir /btrfs_tmp/root/persist + mkdir /btrfs_tmp/root/etc + mount ${config.fileSystems."/persist".device} /btrfs_tmp/root/persist -o subvol=persist + cp /btrfs_tmp/root/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r + umount /btrfs_tmp/root/persist + rm -r /btrfs_tmp/root/persist + umount /btrfs_tmp + ''; + }; + extraBin = { + "mkdir" = "${pkgs.coreutils}/bin/mkdir"; + "date" = "${pkgs.coreutils}/bin/date"; + "stat" = "${pkgs.coreutils}/bin/stat"; + "mv" = "${pkgs.coreutils}/bin/mv"; + "cp" = "${pkgs.coreutils}/bin/cp"; + "rm" = "${pkgs.coreutils}/bin/rm"; + "btrfs" = "${pkgs.btrfs-progs}/bin/btrfs"; + }; + }; + }; + kernelPackages = pkgs.linuxPackages_latest; + kernelModules = ["kvm-intel"]; + loader = { + efi.canTouchEfiVariables = true; + grub = { + device = "nodev"; + efiSupport = true; + enable = true; + extraEntries = '' + menuentry "Guix" { + search --set=drive1 --fs-uuid F425-55BA + chainloader ($drive1)//EFI/Guix/grubx64.efi + } + ''; + }; + }; + tmp.cleanOnBoot = true; + }; + documentation = { + dev.enable = true; + nixos.includeAllModules = true; + }; + environment.persistence."/persist" = { + directories = [ + "/etc/ly/custom-sessions" + "/etc/NetworkManager/system-connections" + "/etc/ssh" + "/gnu" + "/var/guix" + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + ]; + enable = true; + files = [ + "/etc/ly/save.txt" + "/etc/machine-id" + ]; + hideMounts = true; + users.andromeda = { + directories = [ + ".backups" + ".cache/guix" + ".config/guix" + ".gnupg" + #".local/share/AAAAXY" + ".local/share/Anki2" + #".local/share/chat.fluffy.fluffychat" + ".local/share/cinny" + ".local/share/in.cinny.app" + #".local/share/Mindustry" + ".local/share/zoxide" + ".ssh" + "conf" + "Downloads" + "pp" + ]; + files = [".bash_history"]; + }; + }; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; + fsType = "btrfs"; + options = ["subvol=root"]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/F425-55BA"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + "/nix" = { + device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6"; + fsType = "btrfs"; + }; + "/persist" = { + device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; + fsType = "btrfs"; + neededForBoot = true; + options = ["subvol=persist"]; + }; + }; + hardware = { + bluetooth = { + enable = true; + powerOnBoot = false; + }; + cpu.intel.updateMicrocode = true; + enableRedistributableFirmware = true; + }; + home-manager = { + backupFileExtension = "bak"; + useGlobalPkgs = true; + users.andromeda = import ./home.nix; + }; + i18n.defaultLocale = "de_DE.UTF-8"; + imports = [ + "${sources.Phoenix {inherit pkgs;}}/nix/module.nix" + "${sources.agenix {inherit pkgs;}}/modules/age.nix" + "${sources.impermanence {inherit pkgs;}}/nixos.nix" + "${sources.home-manager {inherit pkgs;}}/nixos" + ../secrets.nix + ]; + networking = { + domain = "nixos"; + hostName = "nixos"; + firewall.enable = true; + networkmanager.enable = true; + }; + nixpkgs = { + config.allowUnfree = false; + flake.source = sources.nixpkgs; + hostPlatform = "x86_64-linux"; + overlays = [ + ( + final: prev: { + phoenix = (final.callPackage "${sources.Phoenix {inherit pkgs;}}/nix/package.nix" {}).overrideAttrs { + patches = [./patches/change-default-search-engine.patch]; # default search to ddg html + }; + + withPhoenix = firefoxPackage: + firefoxPackage.override { + extraPoliciesFiles = ["${final.phoenix}/policies.json"]; + extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"]; + }; + } + ) + ]; + }; + nix = { + settings = { + experimental-features = ["nix-command" "flakes"]; + substituters = ["https://cache.dataaturservice.se/spectrum/"]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "spectrum-os.org-2:foQk3r7t2VpRx92CaXb5ROyy/NBdRJQG2uX2XJMYZfU=" + ]; + trusted-users = ["@wheel"]; + }; + channel.enable = false; + }; + programs.sway.enable = true; + services = { + blueman.enable = true; + displayManager = { + enable = true; + ly.enable = true; + }; + guix.enable = true; + libinput.enable = true; + openssh.enable = true; + printing.enable = true; + xserver.xkb.layout = "de(neo)"; + }; + system.stateVersion = "26.05"; + time.timeZone = "Europe/Berlin"; + users = { + mutableUsers = false; + users.andromeda = { + isNormalUser = true; + hashedPasswordFile = builtins.toString config.age.secrets.andromeda-pw.path; + extraGroups = [ + "networkmanager" + "wheel" + "dialout" + ]; + }; + }; + zramSwap = { + enable = true; + priority = 100; + algorithm = "zstd"; + memoryPercent = 35; + }; +} diff --git a/laptop/home.nix b/laptop/home.nix new file mode 100644 index 0000000..0f98005 --- /dev/null +++ b/laptop/home.nix @@ -0,0 +1,145 @@ +{ + config, + pkgs, + ... +}: let + sources = import ../npins; +in { + home = { + file.".profile".enable = false; + homeDirectory = "/home/${config.home.username}"; + packages = [ + (pkgs.callPackage "${sources.agenix}/pkgs/agenix.nix" {}) + pkgs.anki + pkgs.mindustry-wayland + pkgs.nix-output-monitor + pkgs.npins + ]; + stateVersion = "26.05"; + username = "andromeda"; + }; + imports = [(import sources.nvf).homeManagerModules.nvf]; + programs = { + firefox = { + enable = true; + package = pkgs.firefox.override { + cfg.enableTridactylNative = true; + }; + profiles.default = { + extensions = { + force = true; + packages = [(import sources.NUR {inherit pkgs;}).repos.rycee.firefox-addons.tridactyl]; + }; + settings = { + "extensions.autoDisableScopes" = 0; + "intl.accepted_languages" = "de_DE"; + }; + }; + }; + gpg.enable = true; + home-manager.enable = true; + nvf = { + enable = true; + settings.vim = { + startPlugins = [pkgs.vimPlugins.parinfer-rust]; + autocomplete.nvim-cmp.enable = false; + formatter.conform-nvim = { + enable = true; + setupOpts.format_on_save = { + lsp_format = "fallback"; + timeout_ms = 5000; + }; + }; + lsp.otter-nvim.enable = true; + git.enable = true; + keymaps = [ + { + key = ""; + mode = ["i" "n" "v" "c"]; + action = ""; + } + { + key = ""; + mode = ["i" "n" "v" "c"]; + action = ""; + } + { + key = ""; + mode = ["i" "n" "v" "c"]; + action = ""; + } + { + key = ""; + mode = ["i" "n" "v" "c"]; + action = ""; + } + { + key = "jj"; + mode = ["i"]; + action = ""; + } + { + key = "kk"; + mode = ["i"]; + action = ""; + } + { + key = "jk"; + mode = ["i"]; + action = ""; + } + { + key = "kj"; + mode = ["i"]; + action = ""; + } + { + key = ""; + mode = ["i"]; + action = ""; + } + ]; + languages = { + nix = { + enable = true; + format.enable = true; + lsp.enable = true; + }; + haskell = { + enable = true; + lsp.enable = true; + }; + rust = { + enable = true; + format.enable = true; + lsp.enable = true; + treesitter.enable = true; + }; + }; + lineNumberMode = "relative"; + options = { + tabstop = 2; + shiftwidth = 2; + expandtab = true; + smarttab = true; + foldmethod = "indent"; + number = true; + colorcolumn = "80"; + }; + statusline.lualine.enable = true; + syntaxHighlighting = true; + }; + }; + ssh.enable = true; + }; + services.gpg-agent = { + enable = true; + pinentry.package = pkgs.pinentry-curses; + }; + xdg = { + portal = { + enable = true; + extraPortals = [pkgs.xdg-desktop-portal-shana]; + }; + }; +} diff --git a/laptop/home/sway_config b/laptop/home/sway_config new file mode 100644 index 0000000..af46e4e --- /dev/null +++ b/laptop/home/sway_config @@ -0,0 +1,79 @@ +set $mod Mod4 +set $left h +set $down j +set $up k +set $right l +set $term alacritty +set $menu wmenu-run +set $screenshot grim -g "$(slurp)" +floating_modifier $mod normal + +workspace_layout stacking +output * bg @backgroundImagePath@ fill + +bindsym $mod+Shift+Return exec $term +bindsym $mod+Shift+d exec $menu +bindsym $mod+Shift+a exec anki +bindsym $mod+Shift+q exec firefox +bindsym $mod+Shift+s exec $screenshot + +bindsym $mod+Shift+c kill + +bindsym $mod+Shift+r reload + +bindsym $mod+Shift+Alt+q exit + +bindsym $mod+$left focus left +bindsym $mod+$down focus down +bindsym $mod+$up focus up +bindsym $mod+$right focus right + +bindsym $mod+Shift+$left move left +bindsym $mod+Shift+$down move down +bindsym $mod+Shift+$up move up +bindsym $mod+Shift+$right move right + +bindsym $mod+1 workspace number 1 +bindsym $mod+2 workspace number 2 +bindsym $mod+3 workspace number 3 +bindsym $mod+4 workspace number 4 +bindsym $mod+5 workspace number 5 +bindsym $mod+6 workspace number 6 +bindsym $mod+7 workspace number 7 +bindsym $mod+8 workspace number 8 +bindsym $mod+9 workspace number 9 +bindsym $mod+0 workspace number 0 + +bindsym $mod+Shift+1 move container to workspace number 1 +bindsym $mod+Shift+2 move container to workspace number 2 +bindsym $mod+Shift+3 move container to workspace number 3 +bindsym $mod+Shift+4 move container to workspace number 4 +bindsym $mod+Shift+5 move container to workspace number 5 +bindsym $mod+Shift+6 move container to workspace number 6 +bindsym $mod+Shift+7 move container to workspace number 7 +bindsym $mod+Shift+8 move container to workspace number 8 +bindsym $mod+Shift+9 move container to workspace number 9 +bindsym $mod+Shift+0 move container to workspace number 0 + +seat * hide_cursor 100 +input type:touchpad events disabled + +bindsym $mod+r exec 'swaymsg "seat * hide_cursor 100"; swaymsg "input type:touchpad events disabled"' +bindsym $mod+t exec 'swaymsg "seat * hide_cursor 0"; swaymsg "input type:touchpad events enabled"' + +bindsym $mod+f fullscreen +bindsym $mod+Shift+space floating toggle +bindsym $mod+Shift+minus move scratchpad +bindsym $mod+minus scratchpad show + +bindsym --locked XF86AudioMute exec pactl set-sink-mute \@DEFAULT_SINK@ toggle +bindsym --locked XF86AudioLowerVolume exec pactl set-sink-volume \@DEFAULT_SINK@ -5% +bindsym --locked XF86AudioRaiseVolume exec pactl set-sink-volume \@DEFAULT_SINK@ +5% +bindsym --locked XF86AudioMicMute exec pact set-source-mute \@DEFAULT_SOURCE@ toggle +bindsym --locked XF86MonBrightnessDown exec brightnessctl set 2%- +bindsym --locked XF86MonbrightnessUp exec brightnessctl set 2%+ + +default_border none +font pango:monospace 0.001 +titlebar_border_thickness 0 +titlebar_padding 0 diff --git a/laptop/patches/change-default-search-engine.patch b/laptop/patches/change-default-search-engine.patch new file mode 100644 index 0000000..eea0845 --- /dev/null +++ b/laptop/patches/change-default-search-engine.patch @@ -0,0 +1,22 @@ +diff --git a/build-resources/policies/phoenix-desktop.json b/build-resources/policies/phoenix-desktop.json +index 48efbe39..b5d2fe95 100644 +--- a/build-resources/policies/phoenix-desktop.json ++++ b/build-resources/policies/phoenix-desktop.json +@@ -102,8 +102,8 @@ + "URLTemplate": "https://eu.startpage.com/sp/search" + } + ], +- "Default": "DuckDuckGo‎", +- "DefaultPrivate": "DuckDuckGo‎", ++ "Default": "DuckDuckGo (HTML)", ++ "DefaultPrivate": "DuckDuckGo (HTML)", + "PreventInstalls": false, + "Remove": [ + "1&1 Suche", +@@ -170,4 +170,4 @@ + ] + } + } +-} +\ No newline at end of file ++} diff --git a/nix/configuration.nix b/nix/configuration.nix deleted file mode 100644 index 6be8100..0000000 --- a/nix/configuration.nix +++ /dev/null @@ -1,246 +0,0 @@ -{config, ...}: let - sources = import ./npins; - pkgs = import sources.nixpkgs {}; -in { - boot = { - initrd = { - availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"]; - systemd = { - services.impermanent-btrfs = { - description = "saves old root and makes new one"; - unitConfig.DefaultDependencies = false; - serviceConfig = { - Type = "oneshot"; - StandardOutput = "journal+console"; - StandardError = "journal+console"; - }; - requiredBy = [ - "initrd.target" - ]; - before = [ - "sysroot.mount" - ]; - requires = [ - "initrd-root-device.target" - ]; - after = [ - "initrd-root-device.target" - "local-fs-pre.target" - ]; - script = '' - mkdir /btrfs_tmp - mount ${config.fileSystems."/".device} /btrfs_tmp - if [[ -e /btrfs_tmp/root ]]; then - mkdir -p /btrfs_tmp/old_roots - timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S") - mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" - fi - - delete_subvolume_recursively() { - IFS=$'\n' - for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do - delete_subvolume_recursively "/btrfs_tmp/$i" - done - btrfs subvolume delete "$1" - } - - for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do - delete_subvolume_recursively "$i" - done - - btrfs subvolume create /btrfs_tmp/root - mkdir /btrfs_tmp/root/persist - mkdir /btrfs_tmp/root/etc - mount ${config.fileSystems."/persist".device} /btrfs_tmp/root/persist -o subvol=persist - cp /btrfs_tmp/root/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r - umount /btrfs_tmp/root/persist - rm -r /btrfs_tmp/root/persist - umount /btrfs_tmp - ''; - }; - extraBin = { - "mkdir" = "${pkgs.coreutils}/bin/mkdir"; - "date" = "${pkgs.coreutils}/bin/date"; - "stat" = "${pkgs.coreutils}/bin/stat"; - "mv" = "${pkgs.coreutils}/bin/mv"; - "cp" = "${pkgs.coreutils}/bin/cp"; - "rm" = "${pkgs.coreutils}/bin/rm"; - "btrfs" = "${pkgs.btrfs-progs}/bin/btrfs"; - }; - }; - }; - kernelPackages = pkgs.linuxPackages_latest; - kernelModules = ["kvm-intel"]; - loader = { - efi.canTouchEfiVariables = true; - grub = { - device = "nodev"; - efiSupport = true; - enable = true; - extraEntries = '' - menuentry "Guix" { - search --set=drive1 --fs-uuid F425-55BA - chainloader ($drive1)//EFI/Guix/grubx64.efi - } - ''; - }; - }; - tmp.cleanOnBoot = true; - }; - documentation = { - dev.enable = true; - nixos.includeAllModules = true; - }; - environment.persistence."/persist" = { - directories = [ - "/etc/ly/custom-sessions" - "/etc/NetworkManager/system-connections" - "/etc/ssh" - "/gnu" - "/var/guix" - "/var/log" - "/var/lib/bluetooth" - "/var/lib/nixos" - "/var/lib/systemd/coredump" - ]; - enable = true; - files = [ - "/etc/ly/save.txt" - "/etc/machine-id" - ]; - hideMounts = true; - users.andromeda = { - directories = [ - ".backups" - ".cache/guix" - ".config/guix" - ".gnupg" - #".local/share/AAAAXY" - ".local/share/Anki2" - #".local/share/chat.fluffy.fluffychat" - ".local/share/cinny" - ".local/share/in.cinny.app" - #".local/share/Mindustry" - ".local/share/zoxide" - ".ssh" - "conf" - "Downloads" - "pp" - ]; - files = [".bash_history"]; - }; - }; - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; - fsType = "btrfs"; - options = ["subvol=root"]; - }; - "/boot" = { - device = "/dev/disk/by-uuid/F425-55BA"; - fsType = "vfat"; - options = ["fmask=0022" "dmask=0022"]; - }; - "/nix" = { - device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6"; - fsType = "btrfs"; - }; - "/persist" = { - device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; - fsType = "btrfs"; - neededForBoot = true; - options = ["subvol=persist"]; - }; - }; - hardware = { - bluetooth = { - enable = true; - powerOnBoot = false; - }; - cpu.intel.updateMicrocode = true; - enableRedistributableFirmware = true; - }; - home-manager = { - backupFileExtension = "bak"; - useGlobalPkgs = true; - users.andromeda = import ./home.nix; - }; - i18n.defaultLocale = "de_DE.UTF-8"; - imports = [ - "${sources.Phoenix {inherit pkgs;}}/nix/module.nix" - "${sources.agenix {inherit pkgs;}}/modules/age.nix" - "${sources.impermanence {inherit pkgs;}}/nixos.nix" - "${sources.home-manager {inherit pkgs;}}/nixos" - ./secrets.nix - ]; - networking = { - domain = "nixos"; - hostName = "nixos"; - firewall.enable = true; - networkmanager.enable = true; - }; - nixpkgs = { - config.allowUnfree = false; - flake.source = sources.nixpkgs; - hostPlatform = "x86_64-linux"; - overlays = [ - ( - final: prev: { - phoenix = (final.callPackage "${sources.Phoenix {inherit pkgs;}}/nix/package.nix" {}).overrideAttrs { - patches = [./patches/change-default-search-engine.patch]; # default search to ddg html - }; - - withPhoenix = firefoxPackage: - firefoxPackage.override { - extraPoliciesFiles = ["${final.phoenix}/policies.json"]; - extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"]; - }; - } - ) - ]; - }; - nix = { - settings = { - experimental-features = ["nix-command" "flakes"]; - substituters = ["https://cache.dataaturservice.se/spectrum/"]; - trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - "spectrum-os.org-2:foQk3r7t2VpRx92CaXb5ROyy/NBdRJQG2uX2XJMYZfU=" - ]; - trusted-users = ["@wheel"]; - }; - channel.enable = false; - }; - programs.sway.enable = true; - services = { - blueman.enable = true; - displayManager = { - enable = true; - ly.enable = true; - }; - guix.enable = true; - libinput.enable = true; - openssh.enable = true; - printing.enable = true; - }; - system.stateVersion = "26.05"; - time.timeZone = "Europe/Berlin"; - users = { - mutableUsers = false; - users.andromeda = { - isNormalUser = true; - hashedPasswordFile = builtins.toString config.age.secrets.andromeda-pw.path; - extraGroups = [ - "networkmanager" - "wheel" - "dialout" - ]; - }; - }; - zramSwap = { - enable = true; - priority = 100; - algorithm = "zstd"; - memoryPercent = 35; - }; -} diff --git a/nix/home.nix b/nix/home.nix deleted file mode 100644 index 5663bd2..0000000 --- a/nix/home.nix +++ /dev/null @@ -1,145 +0,0 @@ -{ - config, - pkgs, - ... -}: let - sources = import ./npins; -in { - home = { - file.".profile".enable = false; - homeDirectory = "/home/${config.home.username}"; - packages = [ - (pkgs.callPackage "${sources.agenix}/pkgs/agenix.nix" {}) - pkgs.anki - pkgs.mindustry-wayland - pkgs.nix-output-monitor - pkgs.npins - ]; - stateVersion = "26.05"; - username = "andromeda"; - }; - imports = [(import sources.nvf).homeManagerModules.nvf]; - programs = { - firefox = { - enable = true; - package = pkgs.firefox.override { - cfg.enableTridactylNative = true; - }; - profiles.default = { - extensions = { - force = true; - packages = [(import sources.NUR {inherit pkgs;}).repos.rycee.firefox-addons.tridactyl]; - }; - settings = { - "extensions.autoDisableScopes" = 0; - "intl.accepted_languages" = "de_DE"; - }; - }; - }; - gpg.enable = true; - home-manager.enable = true; - nvf = { - enable = true; - settings.vim = { - startPlugins = [pkgs.vimPlugins.parinfer-rust]; - autocomplete.nvim-cmp.enable = false; - formatter.conform-nvim = { - enable = true; - setupOpts.format_on_save = { - lsp_format = "fallback"; - timeout_ms = 5000; - }; - }; - lsp.otter-nvim.enable = true; - git.enable = true; - keymaps = [ - { - key = ""; - mode = ["i" "n" "v" "c"]; - action = ""; - } - { - key = ""; - mode = ["i" "n" "v" "c"]; - action = ""; - } - { - key = ""; - mode = ["i" "n" "v" "c"]; - action = ""; - } - { - key = ""; - mode = ["i" "n" "v" "c"]; - action = ""; - } - { - key = "jj"; - mode = ["i"]; - action = ""; - } - { - key = "kk"; - mode = ["i"]; - action = ""; - } - { - key = "jk"; - mode = ["i"]; - action = ""; - } - { - key = "kj"; - mode = ["i"]; - action = ""; - } - { - key = ""; - mode = ["i"]; - action = ""; - } - ]; - languages = { - nix = { - enable = true; - format.enable = true; - lsp.enable = true; - }; - haskell = { - enable = true; - lsp.enable = true; - }; - rust = { - enable = true; - format.enable = true; - lsp.enable = true; - treesitter.enable = true; - }; - }; - lineNumberMode = "relative"; - options = { - tabstop = 2; - shiftwidth = 2; - expandtab = true; - smarttab = true; - foldmethod = "indent"; - number = true; - colorcolumn = "80"; - }; - statusline.lualine.enable = true; - syntaxHighlighting = true; - }; - }; - ssh.enable = true; - }; - services.gpg-agent = { - enable = true; - pinentry.package = pkgs.pinentry-curses; - }; - xdg = { - portal = { - enable = true; - extraPortals = [pkgs.xdg-desktop-portal-shana]; - }; - }; -} diff --git a/nix/home/sway_config b/nix/home/sway_config deleted file mode 100644 index af46e4e..0000000 --- a/nix/home/sway_config +++ /dev/null @@ -1,79 +0,0 @@ -set $mod Mod4 -set $left h -set $down j -set $up k -set $right l -set $term alacritty -set $menu wmenu-run -set $screenshot grim -g "$(slurp)" -floating_modifier $mod normal - -workspace_layout stacking -output * bg @backgroundImagePath@ fill - -bindsym $mod+Shift+Return exec $term -bindsym $mod+Shift+d exec $menu -bindsym $mod+Shift+a exec anki -bindsym $mod+Shift+q exec firefox -bindsym $mod+Shift+s exec $screenshot - -bindsym $mod+Shift+c kill - -bindsym $mod+Shift+r reload - -bindsym $mod+Shift+Alt+q exit - -bindsym $mod+$left focus left -bindsym $mod+$down focus down -bindsym $mod+$up focus up -bindsym $mod+$right focus right - -bindsym $mod+Shift+$left move left -bindsym $mod+Shift+$down move down -bindsym $mod+Shift+$up move up -bindsym $mod+Shift+$right move right - -bindsym $mod+1 workspace number 1 -bindsym $mod+2 workspace number 2 -bindsym $mod+3 workspace number 3 -bindsym $mod+4 workspace number 4 -bindsym $mod+5 workspace number 5 -bindsym $mod+6 workspace number 6 -bindsym $mod+7 workspace number 7 -bindsym $mod+8 workspace number 8 -bindsym $mod+9 workspace number 9 -bindsym $mod+0 workspace number 0 - -bindsym $mod+Shift+1 move container to workspace number 1 -bindsym $mod+Shift+2 move container to workspace number 2 -bindsym $mod+Shift+3 move container to workspace number 3 -bindsym $mod+Shift+4 move container to workspace number 4 -bindsym $mod+Shift+5 move container to workspace number 5 -bindsym $mod+Shift+6 move container to workspace number 6 -bindsym $mod+Shift+7 move container to workspace number 7 -bindsym $mod+Shift+8 move container to workspace number 8 -bindsym $mod+Shift+9 move container to workspace number 9 -bindsym $mod+Shift+0 move container to workspace number 0 - -seat * hide_cursor 100 -input type:touchpad events disabled - -bindsym $mod+r exec 'swaymsg "seat * hide_cursor 100"; swaymsg "input type:touchpad events disabled"' -bindsym $mod+t exec 'swaymsg "seat * hide_cursor 0"; swaymsg "input type:touchpad events enabled"' - -bindsym $mod+f fullscreen -bindsym $mod+Shift+space floating toggle -bindsym $mod+Shift+minus move scratchpad -bindsym $mod+minus scratchpad show - -bindsym --locked XF86AudioMute exec pactl set-sink-mute \@DEFAULT_SINK@ toggle -bindsym --locked XF86AudioLowerVolume exec pactl set-sink-volume \@DEFAULT_SINK@ -5% -bindsym --locked XF86AudioRaiseVolume exec pactl set-sink-volume \@DEFAULT_SINK@ +5% -bindsym --locked XF86AudioMicMute exec pact set-source-mute \@DEFAULT_SOURCE@ toggle -bindsym --locked XF86MonBrightnessDown exec brightnessctl set 2%- -bindsym --locked XF86MonbrightnessUp exec brightnessctl set 2%+ - -default_border none -font pango:monospace 0.001 -titlebar_border_thickness 0 -titlebar_padding 0 diff --git a/nix/npins/default.nix b/nix/npins/default.nix deleted file mode 100644 index 884fc8c..0000000 --- a/nix/npins/default.nix +++ /dev/null @@ -1,249 +0,0 @@ -/* - This file is provided under the MIT licence: - - Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - - The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -*/ -# Generated by npins. Do not modify; will be overwritten regularly -let - # Backwards-compatibly make something that previously didn't take any arguments take some - # The function must return an attrset, and will unfortunately be eagerly evaluated - # Same thing, but it catches eval errors on the default argument so that one may still call it with other arguments - mkFunctor = - fn: - let - e = builtins.tryEval (fn { }); - in - (if e.success then e.value else { error = fn { }; }) // { __functor = _self: fn; }; - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 - range = - first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 - stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 - stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); - concatStrings = builtins.concatStringsSep ""; - - # If the environment variable NPINS_OVERRIDE_${name} is set, then use - # the path directly as opposed to the fetched source. - # (Taken from Niv for compatibility) - mayOverride = - name: path: - let - envVarName = "NPINS_OVERRIDE_${saneName}"; - saneName = stringAsChars (c: if (builtins.match "[a-zA-Z0-9]" c) == null then "_" else c) name; - ersatz = builtins.getEnv envVarName; - in - if ersatz == "" then - path - else - # this turns the string into an actual Nix path (for both absolute and - # relative paths) - builtins.trace "Overriding path of \"${name}\" with \"${ersatz}\" due to set \"${envVarName}\"" ( - if builtins.substring 0 1 ersatz == "/" then - /. + ersatz - else - /. + builtins.getEnv "PWD" + "/${ersatz}" - ); - - mkSource = - name: spec: - { - pkgs ? null, - }: - assert spec ? type; - let - # Unify across builtin and pkgs fetchers. - # `fetchGit` requires a wrapper because of slight API differences. - fetchers = - if pkgs == null then - { - inherit (builtins) fetchTarball fetchurl; - # For some fucking reason, fetchGit has a different signature than the other builtin fetchers … - fetchGit = args: (builtins.fetchGit args).outPath; - } - else - { - fetchTarball = - { - url, - sha256, - }: - pkgs.fetchzip { - inherit url sha256; - extension = "tar"; - }; - inherit (pkgs) fetchurl; - fetchGit = - { - url, - submodules, - rev, - name, - narHash, - }: - pkgs.fetchgit { - inherit url rev name; - fetchSubmodules = submodules; - hash = narHash; - }; - }; - - # Dispatch to the correct code path based on the type - path = - if spec.type == "Git" then - mkGitSource fetchers spec - else if spec.type == "GitRelease" then - mkGitSource fetchers spec - else if spec.type == "PyPi" then - mkPyPiSource fetchers spec - else if spec.type == "Channel" then - mkChannelSource fetchers spec - else if spec.type == "Tarball" then - mkTarballSource fetchers spec - else if spec.type == "Container" then - mkContainerSource pkgs spec - else - builtins.throw "Unknown source type ${spec.type}"; - in - spec // { outPath = mayOverride name path; }; - - mkGitSource = - { - fetchTarball, - fetchGit, - ... - }: - { - repository, - revision, - url ? null, - submodules, - hash, - ... - }: - assert repository ? type; - # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository - # In the latter case, there we will always be an url to the tarball - if url != null && !submodules then - fetchTarball { - inherit url; - sha256 = hash; - } - else - let - url = - if repository.type == "Git" then - repository.url - else if repository.type == "GitHub" then - "https://github.com/${repository.owner}/${repository.repo}.git" - else if repository.type == "GitLab" then - "${repository.server}/${repository.repo_path}.git" - else if repository.type == "Forgejo" then - "${repository.server}/${repository.owner}/${repository.repo}.git" - else - throw "Unrecognized repository type ${repository.type}"; - urlToName = - url: rev: - let - matched = builtins.match "^.*/([^/]*)(\\.git)?$" url; - - short = builtins.substring 0 7 rev; - - appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else ""; - in - "${if matched == null then "source" else builtins.head matched}${appendShort}"; - name = urlToName url revision; - in - fetchGit { - rev = revision; - narHash = hash; - - inherit name submodules url; - }; - - mkPyPiSource = - { fetchurl, ... }: - { - url, - hash, - ... - }: - fetchurl { - inherit url; - sha256 = hash; - }; - - mkChannelSource = - { fetchTarball, ... }: - { - url, - hash, - ... - }: - fetchTarball { - inherit url; - sha256 = hash; - }; - - mkTarballSource = - { fetchTarball, ... }: - { - url, - locked_url ? url, - hash, - ... - }: - fetchTarball { - url = locked_url; - sha256 = hash; - }; - - mkContainerSource = - pkgs: - { - image_name, - image_tag, - image_digest, - ... - }: - if pkgs == null then - builtins.throw "container sources require passing in a Nixpkgs value: https://github.com/andir/npins/blob/master/README.md#using-the-nixpkgs-fetchers" - else - pkgs.dockerTools.pullImage { - imageName = image_name; - imageDigest = image_digest; - finalImageTag = image_tag; - }; -in -mkFunctor ( - { - input ? ./sources.json, - }: - let - data = - if builtins.isPath input then - # while `readFile` will throw an error anyways if the path doesn't exist, - # we still need to check beforehand because *our* error can be caught but not the one from the builtin - # *piegames sighs* - if builtins.pathExists input then - builtins.fromJSON (builtins.readFile input) - else - throw "Input path ${toString input} does not exist" - else if builtins.isAttrs input then - input - else - throw "Unsupported input type ${builtins.typeOf input}, must be a path or an attrset"; - version = data.version; - in - if version == 7 then - builtins.mapAttrs (name: spec: mkFunctor (mkSource name spec)) data.pins - else - throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`" -) diff --git a/nix/npins/sources.json b/nix/npins/sources.json deleted file mode 100644 index 93e4442..0000000 --- a/nix/npins/sources.json +++ /dev/null @@ -1,131 +0,0 @@ -{ - "pins": { - "NUR": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "NUR" - }, - "branch": "main", - "submodules": false, - "revision": "68c90674bf7614be9d0d4772a36416e8277717f6", - "url": "https://github.com/nix-community/NUR/archive/68c90674bf7614be9d0d4772a36416e8277717f6.tar.gz", - "hash": "sha256-fnqFNUir8uUsi8Qvh3216X6XaNS4NDtiZ3zxaMIkH1c=" - }, - "Phoenix": { - "type": "Git", - "repository": { - "type": "Forgejo", - "server": "https://codeberg.org/", - "owner": "celenity", - "repo": "Phoenix" - }, - "branch": "dev", - "submodules": false, - "revision": "54aeb09d23fce79346ef1f4c9f11304cfc812934", - "url": "https://codeberg.org/celenity/Phoenix/archive/54aeb09d23fce79346ef1f4c9f11304cfc812934.tar.gz", - "hash": "sha256-izTRnoyGXelLk9lEvgeD6Lsq3DTkWBAF0kqiYQ1+998=" - }, - "agenix": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "ryantm", - "repo": "agenix" - }, - "branch": "main", - "submodules": false, - "revision": "b027ee29d959fda4b60b57566d64c98a202e0feb", - "url": "https://github.com/ryantm/agenix/archive/b027ee29d959fda4b60b57566d64c98a202e0feb.tar.gz", - "hash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=" - }, - "anki-cli": { - "type": "Git", - "repository": { - "type": "Forgejo", - "server": "https://git.mtgmonkey.net/", - "owner": "andromeda", - "repo": "anki-cli" - }, - "branch": "master", - "submodules": false, - "revision": "d69a1d3852b0ab96e85f7efc4ea72462e1ea187b", - "url": "https://git.mtgmonkey.net/andromeda/anki-cli/archive/d69a1d3852b0ab96e85f7efc4ea72462e1ea187b.tar.gz", - "hash": "sha256-4HVpUe+7tC41A0V+s1hCWtHMagZDm0YRGnJFxA8YDEg=" - }, - "c3term": { - "type": "Git", - "repository": { - "type": "Forgejo", - "server": "https://git.mtgmonkey.net/", - "owner": "andromeda", - "repo": "c3term" - }, - "branch": "master", - "submodules": false, - "revision": "9a23671a55b4d8841154c18346ec3b8a9d5d3736", - "url": "https://git.mtgmonkey.net/andromeda/c3term/archive/9a23671a55b4d8841154c18346ec3b8a9d5d3736.tar.gz", - "hash": "sha256-YxWN5Rl2x+Itvd4vhDGbFA8F3x/Ze9fqoIBUdiLzKpg=" - }, - "home-manager": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "home-manager" - }, - "branch": "master", - "submodules": false, - "revision": "8ec5a714dbbeb3fda00bd9758175555ebbad4d07", - "url": "https://github.com/nix-community/home-manager/archive/8ec5a714dbbeb3fda00bd9758175555ebbad4d07.tar.gz", - "hash": "sha256-HWbn7WASXsXGADiBDt6/k9U/HpGBEmoeqIOzrf+z2HE=" - }, - "impermanence": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "impermanence" - }, - "branch": "master", - "submodules": false, - "revision": "7b1d382faf603b6d264f58627330f9faa5cba149", - "url": "https://github.com/nix-community/impermanence/archive/7b1d382faf603b6d264f58627330f9faa5cba149.tar.gz", - "hash": "sha256-03+JxvzmfwRu+5JafM0DLbxgHttOQZkUtDWBmeUkN8Y=" - }, - "nixpkgs": { - "type": "Channel", - "name": "nixos-unstable", - "url": "https://releases.nixos.org/nixos/unstable/nixos-26.05pre987561.1c3fe55ad329/nixexprs.tar.xz", - "hash": "sha256-e1tDUQMbFCxCnke314UpghgRqg3FJLtcXFfq/WTRLYI=" - }, - "nvf": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "NotAShelf", - "repo": "nvf" - }, - "branch": "main", - "submodules": false, - "revision": "5b4f9c63205e5b0ef180a2b0e4cc844111f96fa6", - "url": "https://github.com/NotAShelf/nvf/archive/5b4f9c63205e5b0ef180a2b0e4cc844111f96fa6.tar.gz", - "hash": "sha256-YLVqyn6LpFa+h697TmZIk0qVIbe7MxMpL8UTF4K+efA=" - }, - "stylix": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "stylix" - }, - "branch": "master", - "submodules": false, - "revision": "84971726c7ef0bb3669a5443e151cc226e65c518", - "url": "https://github.com/nix-community/stylix/archive/84971726c7ef0bb3669a5443e151cc226e65c518.tar.gz", - "hash": "sha256-AFD5cf9eNqXq1brHS63xeZy2xKZMgG9J86XJ9I2eLn8=" - } - }, - "version": 7 -} diff --git a/nix/patches/change-default-search-engine.patch b/nix/patches/change-default-search-engine.patch deleted file mode 100644 index eea0845..0000000 --- a/nix/patches/change-default-search-engine.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/build-resources/policies/phoenix-desktop.json b/build-resources/policies/phoenix-desktop.json -index 48efbe39..b5d2fe95 100644 ---- a/build-resources/policies/phoenix-desktop.json -+++ b/build-resources/policies/phoenix-desktop.json -@@ -102,8 +102,8 @@ - "URLTemplate": "https://eu.startpage.com/sp/search" - } - ], -- "Default": "DuckDuckGo‎", -- "DefaultPrivate": "DuckDuckGo‎", -+ "Default": "DuckDuckGo (HTML)", -+ "DefaultPrivate": "DuckDuckGo (HTML)", - "PreventInstalls": false, - "Remove": [ - "1&1 Suche", -@@ -170,4 +170,4 @@ - ] - } - } --} -\ No newline at end of file -+} diff --git a/nix/pub-keys.nix b/nix/pub-keys.nix deleted file mode 100644 index 8de2f7a..0000000 --- a/nix/pub-keys.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - age.secrets.andromeda-pw.file = ./secrets/andromeda-pw.age; - pub-keys = { - ssh = { - andromeda = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJy2VD362wUcu0lKj2d6OIU8dbAna0Lu/NaAYIj8gdIA andromeda@lenovo"; - lenovo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHG4eqsLTq2os2mxfwhys3BpVnowcJrqt2CbRFzN2pJb root@lenovo"; - _109-199-104-83 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPkg4vbyGDxrAtKFK7Pecr/qDK9cUjv+kfhQMjO6M/Ft root@vmi2998419"; - }; - }; -} diff --git a/nix/secrets.nix b/nix/secrets.nix deleted file mode 100644 index fd1c166..0000000 --- a/nix/secrets.nix +++ /dev/null @@ -1,10 +0,0 @@ -{lib, ...}: { - imports = [./pub-keys.nix]; - options = { - pub-keys.ssh = lib.mkOption { - type = lib.types.attrsOf lib.types.str; - default = {}; - description = "set of public keys as `name = key`"; - }; - }; -} diff --git a/nix/secrets/andromeda-pw.age b/nix/secrets/andromeda-pw.age deleted file mode 100644 index 0c65df4..0000000 --- a/nix/secrets/andromeda-pw.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 mT2fyg yzvchL+ecw88Wd2dNEUQU3mKAXeqto9YEww2awKZ/yg -2uOU8NpVFgTrQvma4UfMcilZvMszgF9g+WUfj5448mg --> ssh-ed25519 UHxfvA nOOKWcp+Ldjlo1qhymb7IuSPB509Sz9bfGBR9VGpDzM -0W5MTMkkG1Xuj2ZdE74HK3O/+zXziMQWyF/NL/bAKPQ ---- oxkTA1FKsss5n01prQMlDe5u1/L+bTqaPpsCuGDlpp0 -tcc#\\@ ^O@jKs&ꨲS13g4>Z CRpZ| H^M vL' Yڨsjug' \ No newline at end of file diff --git a/nix/secrets/secrets.nix b/nix/secrets/secrets.nix deleted file mode 100644 index 6dc4059..0000000 --- a/nix/secrets/secrets.nix +++ /dev/null @@ -1,9 +0,0 @@ -let - pub-keys = (import ../pub-keys.nix).pub-keys; - andromeda = pub-keys.ssh.andromeda; - lenovo = pub-keys.ssh.lenovo; - _109-199-104-83 = pub-keys.ssh._109-199-104-83; -in { - # user passwords - "andromeda-pw.age".publicKeys = [andromeda lenovo]; -} diff --git a/npins/default.nix b/npins/default.nix new file mode 100644 index 0000000..884fc8c --- /dev/null +++ b/npins/default.nix @@ -0,0 +1,249 @@ +/* + This file is provided under the MIT licence: + + Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +*/ +# Generated by npins. Do not modify; will be overwritten regularly +let + # Backwards-compatibly make something that previously didn't take any arguments take some + # The function must return an attrset, and will unfortunately be eagerly evaluated + # Same thing, but it catches eval errors on the default argument so that one may still call it with other arguments + mkFunctor = + fn: + let + e = builtins.tryEval (fn { }); + in + (if e.success then e.value else { error = fn { }; }) // { __functor = _self: fn; }; + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 + range = + first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1); + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 + stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 + stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); + concatStrings = builtins.concatStringsSep ""; + + # If the environment variable NPINS_OVERRIDE_${name} is set, then use + # the path directly as opposed to the fetched source. + # (Taken from Niv for compatibility) + mayOverride = + name: path: + let + envVarName = "NPINS_OVERRIDE_${saneName}"; + saneName = stringAsChars (c: if (builtins.match "[a-zA-Z0-9]" c) == null then "_" else c) name; + ersatz = builtins.getEnv envVarName; + in + if ersatz == "" then + path + else + # this turns the string into an actual Nix path (for both absolute and + # relative paths) + builtins.trace "Overriding path of \"${name}\" with \"${ersatz}\" due to set \"${envVarName}\"" ( + if builtins.substring 0 1 ersatz == "/" then + /. + ersatz + else + /. + builtins.getEnv "PWD" + "/${ersatz}" + ); + + mkSource = + name: spec: + { + pkgs ? null, + }: + assert spec ? type; + let + # Unify across builtin and pkgs fetchers. + # `fetchGit` requires a wrapper because of slight API differences. + fetchers = + if pkgs == null then + { + inherit (builtins) fetchTarball fetchurl; + # For some fucking reason, fetchGit has a different signature than the other builtin fetchers … + fetchGit = args: (builtins.fetchGit args).outPath; + } + else + { + fetchTarball = + { + url, + sha256, + }: + pkgs.fetchzip { + inherit url sha256; + extension = "tar"; + }; + inherit (pkgs) fetchurl; + fetchGit = + { + url, + submodules, + rev, + name, + narHash, + }: + pkgs.fetchgit { + inherit url rev name; + fetchSubmodules = submodules; + hash = narHash; + }; + }; + + # Dispatch to the correct code path based on the type + path = + if spec.type == "Git" then + mkGitSource fetchers spec + else if spec.type == "GitRelease" then + mkGitSource fetchers spec + else if spec.type == "PyPi" then + mkPyPiSource fetchers spec + else if spec.type == "Channel" then + mkChannelSource fetchers spec + else if spec.type == "Tarball" then + mkTarballSource fetchers spec + else if spec.type == "Container" then + mkContainerSource pkgs spec + else + builtins.throw "Unknown source type ${spec.type}"; + in + spec // { outPath = mayOverride name path; }; + + mkGitSource = + { + fetchTarball, + fetchGit, + ... + }: + { + repository, + revision, + url ? null, + submodules, + hash, + ... + }: + assert repository ? type; + # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository + # In the latter case, there we will always be an url to the tarball + if url != null && !submodules then + fetchTarball { + inherit url; + sha256 = hash; + } + else + let + url = + if repository.type == "Git" then + repository.url + else if repository.type == "GitHub" then + "https://github.com/${repository.owner}/${repository.repo}.git" + else if repository.type == "GitLab" then + "${repository.server}/${repository.repo_path}.git" + else if repository.type == "Forgejo" then + "${repository.server}/${repository.owner}/${repository.repo}.git" + else + throw "Unrecognized repository type ${repository.type}"; + urlToName = + url: rev: + let + matched = builtins.match "^.*/([^/]*)(\\.git)?$" url; + + short = builtins.substring 0 7 rev; + + appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else ""; + in + "${if matched == null then "source" else builtins.head matched}${appendShort}"; + name = urlToName url revision; + in + fetchGit { + rev = revision; + narHash = hash; + + inherit name submodules url; + }; + + mkPyPiSource = + { fetchurl, ... }: + { + url, + hash, + ... + }: + fetchurl { + inherit url; + sha256 = hash; + }; + + mkChannelSource = + { fetchTarball, ... }: + { + url, + hash, + ... + }: + fetchTarball { + inherit url; + sha256 = hash; + }; + + mkTarballSource = + { fetchTarball, ... }: + { + url, + locked_url ? url, + hash, + ... + }: + fetchTarball { + url = locked_url; + sha256 = hash; + }; + + mkContainerSource = + pkgs: + { + image_name, + image_tag, + image_digest, + ... + }: + if pkgs == null then + builtins.throw "container sources require passing in a Nixpkgs value: https://github.com/andir/npins/blob/master/README.md#using-the-nixpkgs-fetchers" + else + pkgs.dockerTools.pullImage { + imageName = image_name; + imageDigest = image_digest; + finalImageTag = image_tag; + }; +in +mkFunctor ( + { + input ? ./sources.json, + }: + let + data = + if builtins.isPath input then + # while `readFile` will throw an error anyways if the path doesn't exist, + # we still need to check beforehand because *our* error can be caught but not the one from the builtin + # *piegames sighs* + if builtins.pathExists input then + builtins.fromJSON (builtins.readFile input) + else + throw "Input path ${toString input} does not exist" + else if builtins.isAttrs input then + input + else + throw "Unsupported input type ${builtins.typeOf input}, must be a path or an attrset"; + version = data.version; + in + if version == 7 then + builtins.mapAttrs (name: spec: mkFunctor (mkSource name spec)) data.pins + else + throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`" +) diff --git a/npins/sources.json b/npins/sources.json new file mode 100644 index 0000000..93e4442 --- /dev/null +++ b/npins/sources.json @@ -0,0 +1,131 @@ +{ + "pins": { + "NUR": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "NUR" + }, + "branch": "main", + "submodules": false, + "revision": "68c90674bf7614be9d0d4772a36416e8277717f6", + "url": "https://github.com/nix-community/NUR/archive/68c90674bf7614be9d0d4772a36416e8277717f6.tar.gz", + "hash": "sha256-fnqFNUir8uUsi8Qvh3216X6XaNS4NDtiZ3zxaMIkH1c=" + }, + "Phoenix": { + "type": "Git", + "repository": { + "type": "Forgejo", + "server": "https://codeberg.org/", + "owner": "celenity", + "repo": "Phoenix" + }, + "branch": "dev", + "submodules": false, + "revision": "54aeb09d23fce79346ef1f4c9f11304cfc812934", + "url": "https://codeberg.org/celenity/Phoenix/archive/54aeb09d23fce79346ef1f4c9f11304cfc812934.tar.gz", + "hash": "sha256-izTRnoyGXelLk9lEvgeD6Lsq3DTkWBAF0kqiYQ1+998=" + }, + "agenix": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "ryantm", + "repo": "agenix" + }, + "branch": "main", + "submodules": false, + "revision": "b027ee29d959fda4b60b57566d64c98a202e0feb", + "url": "https://github.com/ryantm/agenix/archive/b027ee29d959fda4b60b57566d64c98a202e0feb.tar.gz", + "hash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=" + }, + "anki-cli": { + "type": "Git", + "repository": { + "type": "Forgejo", + "server": "https://git.mtgmonkey.net/", + "owner": "andromeda", + "repo": "anki-cli" + }, + "branch": "master", + "submodules": false, + "revision": "d69a1d3852b0ab96e85f7efc4ea72462e1ea187b", + "url": "https://git.mtgmonkey.net/andromeda/anki-cli/archive/d69a1d3852b0ab96e85f7efc4ea72462e1ea187b.tar.gz", + "hash": "sha256-4HVpUe+7tC41A0V+s1hCWtHMagZDm0YRGnJFxA8YDEg=" + }, + "c3term": { + "type": "Git", + "repository": { + "type": "Forgejo", + "server": "https://git.mtgmonkey.net/", + "owner": "andromeda", + "repo": "c3term" + }, + "branch": "master", + "submodules": false, + "revision": "9a23671a55b4d8841154c18346ec3b8a9d5d3736", + "url": "https://git.mtgmonkey.net/andromeda/c3term/archive/9a23671a55b4d8841154c18346ec3b8a9d5d3736.tar.gz", + "hash": "sha256-YxWN5Rl2x+Itvd4vhDGbFA8F3x/Ze9fqoIBUdiLzKpg=" + }, + "home-manager": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "home-manager" + }, + "branch": "master", + "submodules": false, + "revision": "8ec5a714dbbeb3fda00bd9758175555ebbad4d07", + "url": "https://github.com/nix-community/home-manager/archive/8ec5a714dbbeb3fda00bd9758175555ebbad4d07.tar.gz", + "hash": "sha256-HWbn7WASXsXGADiBDt6/k9U/HpGBEmoeqIOzrf+z2HE=" + }, + "impermanence": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "impermanence" + }, + "branch": "master", + "submodules": false, + "revision": "7b1d382faf603b6d264f58627330f9faa5cba149", + "url": "https://github.com/nix-community/impermanence/archive/7b1d382faf603b6d264f58627330f9faa5cba149.tar.gz", + "hash": "sha256-03+JxvzmfwRu+5JafM0DLbxgHttOQZkUtDWBmeUkN8Y=" + }, + "nixpkgs": { + "type": "Channel", + "name": "nixos-unstable", + "url": "https://releases.nixos.org/nixos/unstable/nixos-26.05pre987561.1c3fe55ad329/nixexprs.tar.xz", + "hash": "sha256-e1tDUQMbFCxCnke314UpghgRqg3FJLtcXFfq/WTRLYI=" + }, + "nvf": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "NotAShelf", + "repo": "nvf" + }, + "branch": "main", + "submodules": false, + "revision": "5b4f9c63205e5b0ef180a2b0e4cc844111f96fa6", + "url": "https://github.com/NotAShelf/nvf/archive/5b4f9c63205e5b0ef180a2b0e4cc844111f96fa6.tar.gz", + "hash": "sha256-YLVqyn6LpFa+h697TmZIk0qVIbe7MxMpL8UTF4K+efA=" + }, + "stylix": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "stylix" + }, + "branch": "master", + "submodules": false, + "revision": "84971726c7ef0bb3669a5443e151cc226e65c518", + "url": "https://github.com/nix-community/stylix/archive/84971726c7ef0bb3669a5443e151cc226e65c518.tar.gz", + "hash": "sha256-AFD5cf9eNqXq1brHS63xeZy2xKZMgG9J86XJ9I2eLn8=" + } + }, + "version": 7 +} diff --git a/pub-keys.nix b/pub-keys.nix new file mode 100644 index 0000000..8de2f7a --- /dev/null +++ b/pub-keys.nix @@ -0,0 +1,10 @@ +{ + age.secrets.andromeda-pw.file = ./secrets/andromeda-pw.age; + pub-keys = { + ssh = { + andromeda = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJy2VD362wUcu0lKj2d6OIU8dbAna0Lu/NaAYIj8gdIA andromeda@lenovo"; + lenovo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHG4eqsLTq2os2mxfwhys3BpVnowcJrqt2CbRFzN2pJb root@lenovo"; + _109-199-104-83 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPkg4vbyGDxrAtKFK7Pecr/qDK9cUjv+kfhQMjO6M/Ft root@vmi2998419"; + }; + }; +} diff --git a/secrets.nix b/secrets.nix new file mode 100644 index 0000000..fd1c166 --- /dev/null +++ b/secrets.nix @@ -0,0 +1,10 @@ +{lib, ...}: { + imports = [./pub-keys.nix]; + options = { + pub-keys.ssh = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + default = {}; + description = "set of public keys as `name = key`"; + }; + }; +} diff --git a/secrets/andromeda-pw.age b/secrets/andromeda-pw.age new file mode 100644 index 0000000..0c65df4 --- /dev/null +++ b/secrets/andromeda-pw.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 mT2fyg yzvchL+ecw88Wd2dNEUQU3mKAXeqto9YEww2awKZ/yg +2uOU8NpVFgTrQvma4UfMcilZvMszgF9g+WUfj5448mg +-> ssh-ed25519 UHxfvA nOOKWcp+Ldjlo1qhymb7IuSPB509Sz9bfGBR9VGpDzM +0W5MTMkkG1Xuj2ZdE74HK3O/+zXziMQWyF/NL/bAKPQ +--- oxkTA1FKsss5n01prQMlDe5u1/L+bTqaPpsCuGDlpp0 +tcc#\\@ ^O@jKs&ꨲS13g4>Z CRpZ| H^M vL' Yڨsjug' \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 0000000..6dc4059 --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1,9 @@ +let + pub-keys = (import ../pub-keys.nix).pub-keys; + andromeda = pub-keys.ssh.andromeda; + lenovo = pub-keys.ssh.lenovo; + _109-199-104-83 = pub-keys.ssh._109-199-104-83; +in { + # user passwords + "andromeda-pw.age".publicKeys = [andromeda lenovo]; +} -- cgit v1.3