oysteikt/nix-dotfiles
oysteikt
/
nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

Compare commits

base: oysteikt:44c7f1234ec458cb5953476f625fd883d4b2a971
Branches Tags
oysteikt:main
oysteikt:home-wayland-migration
oysteikt:cleanup-x11-xmonad-environment
oysteikt:setup-ra-multiplexer
..
compare: oysteikt:6977f6f39979c4314aec7635384f16a9b9018716
Branches Tags
oysteikt:main
oysteikt:home-wayland-migration
oysteikt:cleanup-x11-xmonad-environment
oysteikt:setup-ra-multiplexer

1 Commits
44c7f1234e ... 6977f6f399

Author SHA1 Message Date
Oystein Kristoffer Tveit 6977f6f399
WIP: home/{hyprland,waybar}: init 2024-08-05 17:48:48 +02:00
43 changed files with 271 additions and 620 deletions
Show Stats Expand all files Collapse all files

12
home/config/gtk.nix
View File

@ -16,16 +16,14 @@
gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
gtk3.bookmarks = map (s: "file://${config.home.homeDirectory}/${s}") [
"Dropbox"
"Downloads"
"pictures"
"documents"
"music"
".config"
".local/share"
# "Dropbox"
"git"
"git/pvv"
"nix"
"NTNU"
"ng"
"git"
"music"
];
};
}

8
home/config/xdg/default.nix
View File

@ -9,13 +9,13 @@
userDirs = {
enable = true;
desktop = "${config.home.homeDirectory}/Desktop";
documents = "${config.home.homeDirectory}/documents";
documents = "${config.home.homeDirectory}/Documents";
download = "${config.home.homeDirectory}/Downloads";
music = "${config.home.homeDirectory}/music";
pictures = "${config.home.homeDirectory}/pictures";
pictures = "${config.home.homeDirectory}/Pictures";
publicShare = "${config.home.homeDirectory}/public";
templates = "${config.home.homeDirectory}/templates";
videos = "${config.home.homeDirectory}/videos";
videos = "${config.home.homeDirectory}/Videos";
};
};
}
}

10
home/home.nix
View File

@ -11,18 +11,19 @@ in {
./programs/atuin.nix
./programs/comma.nix
./programs/direnv
./programs/direnv.nix
./programs/gdb.nix
./programs/gh.nix
./programs/git
./programs/gpg
./programs/less.nix
./programs/neovim
./programs/neovim.nix
./programs/nix-index
./programs/tealdeer
./programs/tealdeer.nix
./programs/tmux.nix
./programs/zsh
./services/git-maintenance.nix
./services/nix-channel-update.nix
./services/pueue.nix
@ -40,12 +41,11 @@ in {
./programs/qutebrowser.nix
./programs/rofi.nix
./programs/taskwarrior.nix
./programs/vscode
./programs/vscode.nix
./programs/waybar.nix
# ./programs/xmobar
./programs/xmonad
./programs/zathura.nix
./programs/zed
./services/copyq.nix
./services/dunst.nix

2
home/packages.nix
View File

@ -13,9 +13,7 @@
ffmpeg
file
gh-dash
glances
gpg-tui
gping
graphviz
httpie
imagemagick

4
home/programs/direnv/default.nix → home/programs/direnv.nix
View File

@ -1,9 +1,5 @@
{ ... }:
{
imports = [
./auto-prune.nix
];
programs.direnv = {
enable = true;
enableZshIntegration = true;

38
home/programs/direnv/auto-prune.nix
View File

@ -1,38 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.programs.direnv;
in
{
config = {
systemd.user.services.prune-allowed-direnv-dirs = {
Unit = {
Description = "Prune unused allowed directories for direnv";
Documentation = [ "man:direnv(1)" ];
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = "${lib.getExe cfg.package} prune";
};
};
systemd.user.timers.prune-allowed-direnv-dirs = {
Unit = {
Description = "Prune unused allowed directories for direnv";
Documentation = [ "man:direnv(1)" ];
};
Timer = {
Unit = "prune-allowed-direnv-dirs.service";
OnCalendar = "daily";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
}

9
home/programs/git/default.nix
View File

@ -14,10 +14,6 @@ let
];
in
{
imports = [
./maintenance-timers.nix
];
# TODO: convert to template once nix-sops supports it in hm module
sops.secrets."git/nordicsemi-config" = { };
@ -54,7 +50,6 @@ in
authors = "shortlog --summary --numbered --email";
si = "switch-interactive";
rebase-author = "rebase -i -x \"git commit --amend --reset-author -CHEAD\"";
git = "!git";
};
extraConfig = {
@ -89,10 +84,6 @@ in
maintenance.strategy = "incremental";
scalar = {
repo = [ "${config.home.homeDirectory}/nixpkgs" ];
};
transfer.fsckObjects = true;
receive.fsckObjects = true;

61
home/programs/gpg/auto-update-trust-db.nix
View File

@ -1,61 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.programs.gpg;
in
{
options = {
programs.gpg.auto-update-trust-db = {
enable = lib.mkEnableOption "a timer that automatically updates your trust db";
frequency = lib.mkOption {
default = "daily";
type = lib.types.str;
description = ''
How often to update trust db
:::{.note}
This value is passed to the systemd
timer configuration as the onCalendar option. See
{manpage}`systemd.time(7)`
for more information about the format.
:::
'';
};
};
};
config = {
systemd.user.services.update-trust-db = lib.mkIf cfg.auto-update-trust-db.enable {
Unit = {
Description = "Update gpg trust database";
Documentation = [ "man:gpg(1)" ];
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = "${lib.getExe cfg.package} --update-trustdb";
Environment = [
"GNUPGHOME=${cfg.homedir}"
];
};
};
systemd.user.timers.gpg-refresh-keys = lib.mkIf cfg.auto-update-trust-db.enable {
Unit = {
Description = "Update gpg trust database";
Documentation = [ "man:gpg(1)" ];
};
Timer = {
Unit = "update-trust-db.service";
OnCalendar = cfg.auto-update-trust-db.frequency;
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
}

1
home/programs/gpg/default.nix
View File

@ -2,7 +2,6 @@
{
imports = [
./auto-refresh-keys.nix
./auto-update-trust-db.nix
./declarative-key-fetcher.nix
];

4
home/programs/neovim/default.nix → home/programs/neovim.nix
View File

@ -1,9 +1,5 @@
{ pkgs, home, ... }:
{
imports = [
./auto-clean-swapfiles.nix
];
programs.neovim = {
enable = true;

56
home/programs/neovim/auto-clean-swapfiles.nix
View File

@ -1,56 +0,0 @@
{ config, pkgs, lib, ... }:
let
daysBeforeDeletion = 2;
in
{
config = {
systemd.user.services.clean-neovim-swap-files = {
Unit = {
Description = "Clean old swap files for neovim";
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = lib.getExe (pkgs.writeShellApplication {
name = "clean-neovim-swap-files";
runtimeInputs = with pkgs; [ findutils ];
text = ''
echo "Cleaning old swap files for neovim"
OLD_SWAPFILES=$(find "${config.xdg.stateHome}/nvim/swap" -type f -name '*.swp' -mtime +${toString daysBeforeDeletion})
if [ -z "$OLD_SWAPFILES" ]; then
echo "No old swap files found"
exit 0
fi
for swapfile in $OLD_SWAPFILES; do
echo "Removing $swapfile"
rm -- "$swapfile"
done
echo "Done"
'';
});
};
};
systemd.user.timers.clean-neovim-swap-files = {
Unit = {
Description = "Clean old swap files for neovim";
};
Timer = {
Unit = "clean-neovim-swap-files.service";
OnCalendar = "daily";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
}

4
home/programs/newsboat/default.nix
View File

@ -16,10 +16,6 @@ in {
maxItems = 50;
browser = ''"${defaultBrowser}"'';
extraConfig = lib.strings.concatStringsSep "\n" [
''
auto-reload no
''
''
macro m set browser "${videoViewer}"; open-in-browser ; set browser "${defaultBrowser}"
macro l set browser "${defaultBrowser}"; open-in-browser ; set browser "${defaultBrowser}"

1
home/programs/newsboat/sources.nix
View File

@ -37,6 +37,5 @@ in {
(mkSource [ "tech" "linux" "nixos" ] "https://myme.no/feed.xml")
(mkSource [ "tech" "linux" "nixos" "compilers" ] "https://flyx.org/feed.xml")
(mkSource [ "tech" "linux" ] "https://blog.jfx.ac/feed.xml")
(mkSource [ "tech" "linux" "nixos" ] "https://dandellion.xyz/atom.xml")
];
}

3
home/programs/nix-index/fetch-nix-index-database.nix
View File

@ -34,7 +34,6 @@ in
ExecStart = lib.getExe (pkgs.writeShellApplication {
name = "fetch-nix-index-database";
runtimeInputs = with pkgs; [
coreutils
gnused
wget
];
@ -56,4 +55,4 @@ in
};
};
};
}
}

12
home/programs/tealdeer/auto-update-tldr-db.nix → home/programs/tealdeer.nix
View File

@ -1,8 +1,10 @@
{ pkgs, lib, ... }:
{
systemd.user.services.update-tldr-db = {
programs.tealdeer.enable = true;
systemd.user.services.tealdeer-refresh = {
Unit = {
Description = "Update tealdeer database";
Description = "Refresh tealdeer contents";
};
Service = {
@ -13,13 +15,13 @@
};
};
systemd.user.timers.update-tldr-db = {
systemd.user.timers.tealdeer-refresh = {
Unit = {
Description = "Update tealdeer database";
Description = "Refresh tealdeer contents";
};
Timer = {
Unit = "update-tldr-db.service";
Unit = "tealdeer-refresh.service";
OnCalendar = "daily";
Persistent = true;
};

8
home/programs/tealdeer/default.nix
View File

@ -1,8 +0,0 @@
{ pkgs, lib, ... }:
{
imports = [
./auto-update-tldr-db.nix
];
programs.tealdeer.enable = true;
}

0
home/programs/vscode/extensions/noop-syslog.c → home/programs/vscode-extensions/noop-syslog.c
View File

0
home/programs/vscode/extensions/vsliveshare.nix → home/programs/vscode-extensions/vsliveshare.nix
View File

5
home/programs/vscode/default.nix → home/programs/vscode.nix
View File

@ -14,11 +14,6 @@ let
configFilePath = "${userDir}/settings.json";
in
{
imports = [
./auto-update-extensions.nix
# ./extensions
];
home.file.${configFilePath} = {
target = "${configFilePath}.ro";
onChange = ''install -m660 $(realpath "${configFilePath}.ro") "${configFilePath}"'';

35
home/programs/vscode/auto-update-extensions.nix
View File

@ -1,35 +0,0 @@
{ config, lib, ... }:
let
cfg = config.programs.vscode;
in
{
# TODO: add `dirname` to $PATH upstream
systemd.user.services.update-vscode-extensions = {
Unit = {
Description = "Update vscode extensions";
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = "${lib.getExe cfg.package} --update-extensions";
};
};
systemd.user.timers.update-vscode-extensions = {
Unit = {
Description = "Update vscode extensions";
};
Timer = {
Unit = "update-vscode-extensions.service";
OnCalendar = "daily";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
}

34
home/programs/zed/default.nix
View File

@ -1,34 +0,0 @@
{ config, pkgs, lib, ... }:
{
home.packages = with pkgs; [ zed-editor ];
xdg.configFile."zed/settings.json".source = let
format = pkgs.formats.json { };
in format.generate "zed-settings.json" {
autosave = "off";
buffer_font_family = "Fira Code";
load_direnv = "shell_hook";
format_on_save = "off";
telemetry = {
diagnostics = false;
metrics = false;
};
vim_mode = true;
theme = {
mod = "dark";
dark = "monokai Classic";
};
};
xdg.configFile."zed/themes/monokai.json".source = let
package = pkgs.fetchFromGitHub {
owner = "billgo";
repo = "monokai";
rev = "061a86ff4845b11ac2f183c2e26c77b15cfae7d0";
hash = "sha256-mlEcgnLStYH1pV3p1iqNSvfVu4MpvpEOc+vxI+90MJs=";
};
in "${package}/themes/monokai.json";
}

1
home/programs/git/maintenance-timers.nix → home/services/git-maintenance.nix
View File

@ -42,7 +42,6 @@ in
Timer = {
Persistent = true;
OnCalendar = "%i";
};
Install = {

250
hosts/common/default.nix
View File

@ -3,28 +3,102 @@ let
inherit (config) machineVars;
in {
imports = [
./fonts.nix
./nix.nix
./programs/gnupg.nix
./programs/neovim.nix
./programs/nix-ld.nix
./programs/ssh.nix
./programs/usbtop.nix
./services/dbus.nix
./services/openssh.nix
./services/pcscd.nix
./services/pipewire.nix
./services/printing.nix
./services/resolved.nix
./services/smartd.nix
./services/systemd-lock-handler.nix
./services/xserver.nix
./nix-builders/bob.nix
./nix-builders/isvegg.nix
./nix-builders/tsuki.nix
];
sops.defaultSopsFile = ./../.. + "/secrets/${config.networking.hostName}.yaml";
sops.secrets = {
"nix/access-tokens" = { sopsFile = ./../../secrets/common.yaml; };
"ssh/secret-config" = {
sopsFile = ./../../secrets/common.yaml;
mode = "0444";
};
};
nix = {
package = unstable-pkgs.nixVersions.stable;
distributedBuilds = config.networking.hostName != "tsuki";
settings = {
allow-dirty = true;
allowed-uris = [ "http://" "https://" ];
auto-optimise-store = true;
binary-caches = [ "https://cache.nixos.org/" ];
builders-use-substitutes = true;
experimental-features = [ "nix-command" "flakes" ];
log-lines = 50;
trusted-users = [ "h7x4" "nix-builder" ];
use-xdg-base-directories = true;
};
extraOptions = ''
!include ${config.sops.secrets."nix/access-tokens".path}
'';
registry = {
home.to = {
type = "path";
path = "/home/h7x4/nix";
};
wack.to = {
type = "path";
path = "/home/h7x4/git/wack-ctf-flake";
};
nxpt.to = {
type = "path";
path = "/home/h7x4/git/nixpkgs-tools";
};
};
};
programs.nix-ld = {
enable = true;
libraries = with pkgs; [
libusb1
];
};
programs.ssh = {
extraConfig = ''
Include ${config.sops.secrets."ssh/secret-config".path}
'';
knownHosts = {
bob = {
hostNames = [
"bob.pvv.ntnu.no"
"bob.pvv.org"
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJSgh20qDIYEXiK4MUZhc879dJIyH0K/s0RZ+9wFI0F";
};
hildring = {
hostNames = [
"hildring.pvv.ntnu.no"
"hildring.pvv.org"
"login.pvv.ntnu.no"
"login.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
isvegg = {
hostNames = [
"isvegg.pvv.ntnu.no"
"isvegg.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
# tsukir = {
# hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
# # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
# publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
# };
};
};
time.timeZone = "Europe/Oslo";
console = {
@ -88,6 +162,49 @@ in {
else (lib.mkIf (fixDisplayCommand != null) fixDisplayCommand));
};
fonts = {
fontDir.enable = true;
enableDefaultPackages = true;
packages = with pkgs; [
ark-pixel-font
cm_unicode
corefonts
dejavu_fonts
fira-code
fira-code-symbols
iosevka
ipaexfont
ipafont
liberation_ttf
migmix
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
ocr-a
open-sans
powerline-fonts
source-han-sans
source-sans
symbola
texlivePackages.asana-math
ubuntu_font_family
victor-mono
yasashisa-gothic
(nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
];
fontconfig = {
defaultFonts = {
serif = [ "Droid Sans Serif" "Ubuntu" ];
sansSerif = [ "Droid Sans" "Ubuntu" ];
monospace = [ "Fira Code" "Ubuntu" ];
emoji = [ "Noto Sans Emoji" ];
};
};
};
users = {
users.h7x4 = {
isNormalUser = true;
@ -116,7 +233,21 @@ in {
};
services = {
tumbler.enable = !config.machineVars.headless;
gnome.gnome-keyring.enable = !config.machineVars.headless;
printing.enable = !config.machineVars.headless;
resolved.enable = true;
openssh = {
startWhenNeeded = true;
settings = {
StreamLocalBindUnlink = true;
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
};
udev.packages = with pkgs; [
yubikey-personalization
@ -124,10 +255,54 @@ in {
light
];
pcscd.enable = true;
dbus = {
enable = true;
packages = with pkgs; [
gcr
dconf
];
};
libinput = {
enable = !config.machineVars.headless;
touchpad.disableWhileTyping = true;
};
displayManager = {
enable = true;
defaultSession = "none+xmonad";
sddm = {
enable = !config.machineVars.headless;
wayland.enable = true;
};
};
xserver = {
enable = !config.machineVars.headless;
xkb = {
layout = "us";
options = "caps:escape";
};
# desktopManager = {
# xterm.enable = false;
# xfce.enable = !config.machineVars.headless;
# };
# displayManager.lightdm.enable = !config.machineVars.headless;
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
enableConfiguredRecompile = true;
extraPackages = hPkgs: with hPkgs; [
dbus
];
};
};
};
programs = {
@ -135,7 +310,40 @@ in {
git.enable = true;
tmux.enable = true;
zsh.enable = true;
hyprland.enable = true;
gnupg.agent.enable = true;
gnupg.agent.pinentryPackage = pkgs.pinentry-curses;
neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
configure = {
packages.myVimPackage = with pkgs.vimPlugins; {
start = [
direnv-vim
vim-nix
vim-polyglot
];
opt = [
vim-monokai
];
};
customRC = ''
set number relativenumber
set undofile
set undodir=~/.cache/vim/undodir
packadd! vim-monokai
colorscheme monokai
'';
};
};
};
system.extraDependencies =
@ -178,6 +386,12 @@ in {
]);
security.rtkit.enable = !config.machineVars.headless;
services.pipewire = {
enable = !config.machineVars.headless;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
security.sudo.extraConfig = let
sudoLecture = pkgs.writeText "sudo-lecture.txt" (extendedLib.termColors.front.red "Be careful or something, idk...\n");

45
hosts/common/fonts.nix
View File

@ -1,45 +0,0 @@
{ pkgs, ... }:
{
fonts = {
fontDir.enable = true;
enableDefaultPackages = true;
packages = with pkgs; [
ark-pixel-font
cm_unicode
corefonts
dejavu_fonts
fira-code
fira-code-symbols
iosevka
ipaexfont
ipafont
liberation_ttf
migmix
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
ocr-a
open-sans
powerline-fonts
source-han-sans
source-sans
symbola
texlivePackages.asana-math
ubuntu_font_family
victor-mono
yasashisa-gothic
(nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
];
fontconfig = {
defaultFonts = {
serif = [ "Droid Sans Serif" "Ubuntu" ];
sansSerif = [ "Droid Sans" "Ubuntu" ];
monospace = [ "Fira Code" "Ubuntu" ];
emoji = [ "Noto Sans Emoji" ];
};
};
};
}

26
hosts/common/nix-builders/bob.nix
View File

@ -18,21 +18,11 @@
# sshKey = config.sops.secrets."ssh/nix-builders/bob/key".path;
}];
programs.ssh = {
extraConfig = ''
Host nix-builder-bob
HostName bob.pvv.ntnu.no
ProxyJump nix-builder-isvegg
User oysteikt
IdentityFile ${config.sops.secrets."ssh/nix-builders/bob/key".path}
'';
knownHosts.bob = {
hostNames = [
"bob.pvv.ntnu.no"
"bob.pvv.org"
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJSgh20qDIYEXiK4MUZhc879dJIyH0K/s0RZ+9wFI0F";
};
};
}
programs.ssh.extraConfig = ''
Host nix-builder-bob
HostName bob.pvv.ntnu.no
ProxyJump nix-builder-isvegg
User oysteikt
IdentityFile ${config.sops.secrets."ssh/nix-builders/bob/key".path}
'';
}

2
hosts/common/nix-builders/isvegg.nix
View File

@ -20,4 +20,4 @@
User oysteikt
IdentityFile ${config.sops.secrets."ssh/nix-builders/isvegg/key".path}
'';
}
}

20
hosts/common/nix-builders/tsuki.nix
View File

@ -22,17 +22,9 @@
sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;
}];
programs.ssh = {
extraConfig = ''
Host nix-builder-tsukir
HostName gingakei.loginto.me
Port ${toString secrets.ports.ssh.home-in}
'';
# knownHosts.tsukir = {
# hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
# # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
# publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
# };
};
}
programs.ssh.extraConfig = ''
Host nix-builder-tsukir
HostName gingakei.loginto.me
Port ${toString secrets.ports.ssh.home-in}
'';
}

48
hosts/common/nix.nix
View File

@ -1,48 +0,0 @@
{ config, unstable-pkgs, ... }:
{
imports = [
./nix-builders/bob.nix
./nix-builders/isvegg.nix
./nix-builders/tsuki.nix
];
sops.secrets = {
"nix/access-tokens" = { sopsFile = ./../../secrets/common.yaml; };
};
nix = {
package = unstable-pkgs.nixVersions.stable;
distributedBuilds = config.networking.hostName != "tsuki";
settings = {
allow-dirty = true;
allowed-uris = [ "http://" "https://" ];
auto-optimise-store = true;
binary-caches = [ "https://cache.nixos.org/" ];
builders-use-substitutes = true;
experimental-features = [ "nix-command" "flakes" ];
log-lines = 50;
trusted-users = [ "h7x4" "nix-builder" ];
use-xdg-base-directories = true;
};
extraOptions = ''
!include ${config.sops.secrets."nix/access-tokens".path}
'';
registry = {
home.to = {
type = "path";
path = "/home/h7x4/nix";
};
wack.to = {
type = "path";
path = "/home/h7x4/git/wack-ctf-flake";
};
nxpt.to = {
type = "path";
path = "/home/h7x4/git/nixpkgs-tools";
};
};
};
}

9
hosts/common/programs/gnupg.nix
View File

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
programs.gnupg = {
agent = {
enable = true;
pinentryPackage = pkgs.pinentry-curses;
};
};
}

31
hosts/common/programs/neovim.nix
View File

@ -1,31 +0,0 @@
{ pkgs, ... }:
{
programs.neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
configure = {
packages.myVimPackage = with pkgs.vimPlugins; {
start = [
direnv-vim
vim-nix
vim-polyglot
];
opt = [
vim-monokai
];
};
customRC = ''
set number relativenumber
set undofile
set undodir=~/.cache/vim/undodir
packadd! vim-monokai
colorscheme monokai
'';
};
};
}

9
hosts/common/programs/nix-ld.nix
View File

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
programs.nix-ld = {
enable = true;
libraries = with pkgs; [
libusb1
];
};
}

32
hosts/common/programs/ssh.nix
View File

@ -1,32 +0,0 @@
{ config, ... }:
{
sops.secrets."ssh/secret-config" = {
sopsFile = ./../../../secrets/common.yaml;
mode = "0444";
};
programs.ssh = {
extraConfig = ''
Include ${config.sops.secrets."ssh/secret-config".path}
'';
knownHosts = {
hildring = {
hostNames = [
"hildring.pvv.ntnu.no"
"hildring.pvv.org"
"login.pvv.ntnu.no"
"login.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
isvegg = {
hostNames = [
"isvegg.pvv.ntnu.no"
"isvegg.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
};
};
}

22
hosts/common/programs/usbtop.nix
View File

@ -1,22 +0,0 @@
{ pkgs, lib, ... }:
{
# programs.usbtop.enable = true;
boot.kernelModules = [ "usbmon" ];
security.wrappers."usbtop" = {
owner = "root";
group = "usbmon";
setgid = true;
source = lib.getExe pkgs.usbtop;
};
users.groups.usbmon = {
# NOTE: picked at random
gid = 872;
};
services.udev.extraRules = ''
SUBSYSTEM=="usbmon", MODE="0660", OWNER="root", GROUP="usbmon"
'';
}

10
hosts/common/services/dbus.nix
View File

@ -1,10 +0,0 @@
{ pkgs, ... }:
{
services.dbus = {
enable = true;
packages = with pkgs; [
gcr
dconf
];
};
}

12
hosts/common/services/openssh.nix
View File

@ -1,12 +0,0 @@
{ ... }:
{
services.openssh = {
startWhenNeeded = true;
settings = {
StreamLocalBindUnlink = true;
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
};
}

4
hosts/common/services/pcscd.nix
View File

@ -1,4 +0,0 @@
{ ... }:
{
services.pcscd.enable = true;
}

9
hosts/common/services/pipewire.nix
View File

@ -1,9 +0,0 @@
{ config, ... }:
{
services.pipewire = {
enable = !config.machineVars.headless;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
}

4
hosts/common/services/printing.nix
View File

@ -1,4 +0,0 @@
{ config, ... }:
{
services.printing.enable = !config.machineVars.headless;
}

4
hosts/common/services/resolved.nix
View File

@ -1,4 +0,0 @@
{ ... }:
{
services.resolved.enable = true;
}

4
hosts/common/services/smartd.nix
View File

@ -1,4 +0,0 @@
{ ... }:
{
services.smartd.enable = true;
}

4
hosts/common/services/systemd-lock-handler.nix
View File

@ -1,4 +0,0 @@
{ ... }:
{
services.systemd-lock-handler.enable = true;
}

36
hosts/common/services/xserver.nix
View File

@ -1,36 +0,0 @@
{ config, ... }:
{
services.displayManager = {
enable = true;
defaultSession = "none+xmonad";
sddm = {
enable = !config.machineVars.headless;
wayland.enable = true;
};
};
services.xserver = {
enable = !config.machineVars.headless;
xkb = {
layout = "us";
options = "caps:escape";
};
# desktopManager = {
# xterm.enable = false;
# xfce.enable = !config.machineVars.headless;
# };
# displayManager.lightdm.enable = !config.machineVars.headless;
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
enableConfiguredRecompile = true;
extraPackages = hPkgs: with hPkgs; [
dbus
];
};
};
}

2
hosts/dosei/configuration.nix
View File

@ -66,6 +66,8 @@
# hostId = "";
};
programs.usbtop.enable = true;
services = {
openssh = {
enable = true;