primrose/.files
1
0
Fork 0
mirror of https://codeberg.org/leana8959/.files.git synced 2025-12-06 06:39:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: primrose:57e19055c44983d7d5140f327a3c0be804de012a
Branches Tags
primrose:trunk
primrose:upgrade-25.11
primrose:btrfs-without-lvm
primrose:nixos-anywhere-hetzner-benchmark
primrose:hydrogen
primrose:iron-init
primrose:runner-test
primrose:update-locale-taiwan
primrose:s3cache
primrose:scopedImport
primrose:tungsten-btrfs-test
primrose:module-graph
primrose:xmonad-cursor-theme-repr
..
compare: primrose:efdba54fc475c2d584982c2cbed2a6f24dc1668a
Branches Tags
primrose:trunk
primrose:upgrade-25.11
primrose:btrfs-without-lvm
primrose:nixos-anywhere-hetzner-benchmark
primrose:hydrogen
primrose:iron-init
primrose:runner-test
primrose:update-locale-taiwan
primrose:s3cache
primrose:scopedImport
primrose:tungsten-btrfs-test
primrose:module-graph
primrose:xmonad-cursor-theme-repr

10 commits
57e19055c4 ... efdba54fc4

Author SHA1 Message Date
Léana 江
efdba54fc4
age: update sshconfig 2025-11-08 12:50:19 +08:00
Léana 江
eb9e567865
hydrogen: remove tools I might won't use 2025-11-08 12:50:19 +08:00
Léana 江
fb1f6624f9 hetzner_benchmark: init (#21) 
Reviewed-on: https://codeberg.org/leana8959/.files/pulls/21
Co-authored-by: Léana 江 <leana.jiang+git@icloud.com>
Co-committed-by: Léana 江 <leana.jiang+git@icloud.com>
 2025-11-08 05:50:00 +01:00
Léana 江
5fa1113757
hydrogen: remove leftovers from vanadium 2025-11-08 12:20:13 +08:00
Léana 江
a9701f83b3
npins: update sources 2025-11-08 10:46:06 +08:00
Léana 江
9e79cd2347
nvim/haskell: smartindent should be scoped to buffer 2025-11-08 10:20:00 +08:00
Léana 江
fe52691061
gitblame ignore nixfmt 2025-11-08 10:17:14 +08:00
Léana 江
ebf8468807
tree-wide: format with nixfmt 
Another saturday another useless formatter change.
It's my dotfiles, after all

alejandra doesn't handle c-style inline comments well.
 2025-11-08 10:15:58 +08:00
Léana 江
ec704b5272
vanadium: use nixfmt 2025-11-08 10:14:47 +08:00
Léana 江
e218086537
home/firefox: use leta by default 2025-11-07 09:43:04 +08:00
129 changed files with 2412 additions and 1810 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.config/nvim/ftplugin/haskell.lua
View file

@ -5,4 +5,4 @@ vim.bo.shiftwidth = 2
vim.bo.expandtab = true
-- useful for CPP extension
vim.o.smartindent = true
vim.bo.smartindent = true

2
.config/nvim/plugin/lsp.lua
View file

@ -21,7 +21,7 @@ local servers = {
tinymist = {},
nil_ls = {
settings = {
["nil"] = { formatting = { command = { "alejandra" } } },
["nil"] = { formatting = { command = { "nixfmt" } } },
},
},
}

3
.git-blame-ignore-revs
View file

@ -7,3 +7,6 @@ e91471432f7b7e3e5cb6cdb245819998d6653b5e
# Reformat with stylua
94ab5d51f10e609cee0159636c29cd404e3a6570
# Reformat with nixfmt
ebf84688079b537b3a34a7f5decdf30e165b7933

24
README.md
View file

@ -53,6 +53,30 @@ The `(modulesPath + "/installer/sd-card/sd-image-aarch64.nix")` allows this.
- profit
## Hetzner, nixos-anywhere
References:
- <https://github.com/nix-community/nixos-anywhere/blob/main/docs/quickstart.md>
- <https://wiki.nixos.org/wiki/Install_NixOS_on_Hetzner_Cloud>
I haven't figured out how to use raid on this machine, as it failed half-way
through the installer when I used the raid configuration.
### Pitfalls
- nixos-anywhere will wipe the disk, even if you use the flag `--generate-hardware-config`.
- The command is quite long and isn't non-flake friendly.
Note that the diskoScript has to come before toplevel derivation.
Read more on the order <https://github.com/nix-community/nixos-anywhere/issues/597>.
```fish
nixos-anywhere \
--generate-hardware-config nixos-generate-config ./hardware-configuration.nix \
-i <ssh_identity> \
--store-paths $(nix-build --no-out-link \
-A nixosConfigurations.hetzner_benchmark.config.system.build.diskoScript \
-A nixosConfigurations.hetzner_benchmark.config.system.build.toplevel) \
<user>@<host>
```
# Pitfalls
## `users.mutableUsers`
NEVER set this to true without declaratively setting the passwords.

43
default.nix
View file

@ -1,22 +1,33 @@
{sources ? import ./npins}: {
{
sources ? import ./npins,
}:
{
# for repl sessions
inherit sources;
lib = import (sources.nixpkgs + "/lib");
nixosConfigurations = builtins.mapAttrs (_: import (sources.nixpkgs + "/nixos/lib/eval-config.nix")) {
vanadium = {
system = "x86_64-linux";
modules = [./nix/configurations/vanadium.nix];
};
hydrogen = {
system = "aarch64-linux";
modules = [./nix/configurations/hydrogen.nix];
};
installer = {
system = "x86_64-linux";
modules = [./nix/configurations/installer.nix];
};
};
nixosConfigurations =
builtins.mapAttrs (_: import (sources.nixpkgs + "/nixos/lib/eval-config.nix"))
{
vanadium = {
system = "x86_64-linux";
modules = [ ./nix/configurations/vanadium.nix ];
};
hydrogen = {
system = "aarch64-linux";
modules = [ ./nix/configurations/hydrogen.nix ];
};
installer = {
system = "x86_64-linux";
modules = [ ./nix/configurations/installer.nix ];
};
packages = import ./nix/packages {inherit sources;};
# Not mine, rented on hetzner
hetzner_benchmark = {
system = "x86_64-linux";
modules = [ ./nix/configurations/hetzner_benchmark.nix ];
};
};
packages = import ./nix/packages { inherit sources; };
}

111
nix/configurations/hetzner_benchmark.nix Normal file
View file

@ -0,0 +1,111 @@
# The hetzner machine rented to benchmark the cabal comment parser
let
sources = import ../../npins;
hostname = "hetzner_benchmark";
username = "leana";
in
{
pkgs,
config,
lib,
...
}:
let
inherit (lib.modules) mkAliasOptionModule;
in
{
imports = [
#
# Shorthands
#
(mkAliasOptionModule [ "me" ] [ "users" "users" username ])
(mkAliasOptionModule [ "hm" ] [ "home-manager" "users" username ])
#
# hostname
#
{ _module.args = { inherit hostname; }; }
#
# nixpkgs
#
{
nixpkgs = {
overlays = map import [
../packages/overlay.nix
# use lix everywhere and wrap it with nom
../overlays/lix.nix
../overlays/nix-monitored.nix
];
# Set NIX_PATH and flake registry at the same time
# https://github.com/NixOS/nixpkgs/pull/254405
flake.source = sources.nixpkgs;
};
nix.package = pkgs.nix-monitored;
system.nixos.version = lib.substring 0 8 sources.nixpkgs.revision;
}
./hetzner_benchmark/nixos/hardware-configuration.nix
./hetzner_benchmark/nixos/misc.nix
../nixosModules/common/fish.nix
../nixosModules/common/disable-command-not-found.nix
../nixosModules/common/network.nix
../nixosModules/common/sudo-conf.nix
../nixosModules/common/system-nixconf.nix
../nixosModules/extra/leana.nix
#
# Extern modules
#
(sources.disko + "/module.nix")
../disko/hetzner_benchmark/ext4.nix
#
# home-manager
#
(sources.home-manager + "/nixos")
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
sharedModules = [ { home.stateVersion = lib.mkDefault config.system.stateVersion; } ];
};
hm.imports = [
#
# hostname
#
{ _module.args = { inherit hostname; }; }
#
# home modules
#
./hetzner_benchmark/home/programs.nix
./hetzner_benchmark/home/dev.nix
../homeModules/common/btop
../homeModules/common/fish
../homeModules/common/starship
../homeModules/common/fzf.nix
../homeModules/common/tmux
../homeModules/common/vim
../homeModules/common/direnv.nix
../homeModules/common/git.nix
../homeModules/common/gpg.nix
../homeModules/common/leana.nix
../homeModules/common/locale.nix
../homeModules/common/packages.nix
../homeModules/common/tealdeer.nix
../homeModules/extra/tmux-fish-integration.nix
];
}
];
}

23
nix/configurations/hetzner_benchmark/home/dev.nix Normal file
View file

@ -0,0 +1,23 @@
{
programs.git = {
enable = true;
signing.signByDefault = false; # no need to setup the key
};
programs.gpg.enable = true;
nix = {
settings = {
extra-substituters = [
"https://ghc-nix.cachix.org"
"https://haskell-language-server.cachix.org"
"https://cache.iog.io"
];
extra-trusted-public-keys = [
"ghc-nix.cachix.org-1:ziC/I4BPqeA4VbtOFpFpu6D1t6ymFvRWke/lc2+qjcg="
"haskell-language-server.cachix.org-1:juFfHrwkOxqIOZShtC4YC1uT1bBcq2RSvC7OMKx0Nz8="
"hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
];
};
};
}

54
nix/configurations/hetzner_benchmark/home/programs.nix Normal file
View file

@ -0,0 +1,54 @@
# TODO: remove some packages for this machine
{
pkgs,
lib,
config,
...
}:
{
home.sessionVariables =
let
fishCfg = config.programs.fish;
in
{
"SHELL" = lib.mkIf fishCfg.enable (lib.getExe fishCfg.package);
};
home.packages = [
pkgs.stow
pkgs.zip
pkgs.unzip
pkgs.gnutar
pkgs.p7zip
pkgs.bc
pkgs.dig
pkgs.hutils
# pretty tui tools
pkgs.du-dust
pkgs.tokei
pkgs.hyperfine
pkgs.watchexec
pkgs.onefetch
pkgs.just
];
programs = {
neovim = {
enable = true;
defaultEditor = true;
};
lazygit.enable = true;
fish.enable = true;
starship.enable = true;
tmux.enable = true;
direnv.enable = true;
ripgrep.enable = true;
btop.enable = true;
};
services = {
gpg-agent.enable = true;
};
}

35
nix/configurations/hetzner_benchmark/nixos/hardware-configuration.nix Normal file
View file

@ -0,0 +1,35 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp41s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

13
nix/configurations/hetzner_benchmark/nixos/misc.nix Normal file
View file

@ -0,0 +1,13 @@
{
boot.loader.grub.enable = true;
services.openssh.enable = true;
users.users = {
"root".openssh.authorizedKeys.keys = import ../../../identities.nix ++ [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFza3UN1gWQqh//FkJBzmssQ4lxHdllQGfqPHzG4LQI8 benchmark-machine"
];
};
system.stateVersion = "25.05";
}

249
nix/configurations/hydrogen.nix
View file

@ -4,133 +4,134 @@ let
hostname = "hydrogen";
username = "leana";
in
{
modulesPath,
config,
pkgs,
lib,
...
}: let
inherit (lib.modules) mkAliasOptionModule;
in {
imports = [
# The generator and hardware configuration
(modulesPath + "/installer/sd-card/sd-image-aarch64.nix")
{
modulesPath,
config,
pkgs,
lib,
...
}:
let
inherit (lib.modules) mkAliasOptionModule;
in
{
imports = [
# The generator and hardware configuration
(modulesPath + "/installer/sd-card/sd-image-aarch64.nix")
#
# Shorthands
#
(mkAliasOptionModule ["me"] ["users" "users" username])
(mkAliasOptionModule ["hm"] ["home-manager" "users" username])
#
# Shorthands
#
(mkAliasOptionModule [ "me" ] [ "users" "users" username ])
(mkAliasOptionModule [ "hm" ] [ "home-manager" "users" username ])
#
# hostname
#
{_module.args = {inherit hostname;};}
#
# hostname
#
{ _module.args = { inherit hostname; }; }
#
# nixpkgs
#
{
nixpkgs = {
overlays = map import [
../overlays/agenix.nix
../overlays/nur.nix
../overlays/nix-tree.nix
../packages/overlay.nix
#
# nixpkgs
#
{
nixpkgs = {
overlays = map import [
../overlays/agenix.nix
../overlays/nur.nix
../overlays/nix-tree.nix
../packages/overlay.nix
# use lix everywhere and wrap it with nom
../overlays/lix.nix
../overlays/nix-monitored.nix
];
# Set NIX_PATH and flake registry at the same time
# https://github.com/NixOS/nixpkgs/pull/254405
flake.source = sources.nixpkgs;
};
nix.package = pkgs.nix-monitored;
system.nixos.version = lib.substring 0 8 sources.nixpkgs.revision;
}
./hydrogen/nixos/misc.nix
./hydrogen/nixos/programs.nix
./hydrogen/nixos/connectivity.nix
../nixosModules/common/fish.nix
../nixosModules/common/disable-command-not-found.nix
../nixosModules/common/network.nix
../nixosModules/common/sudo-conf.nix
../nixosModules/common/system-nixconf.nix
# QUIRK:
# Had issue when building the installer as it fails to bootstrap itself
# Might be useful to disable for the first build.
# ../nixosModules/extra/secure_dns.nix
../nixosModules/extra/leana.nix
#
# Extern modules
#
(sources.agenix + "/modules/age.nix")
(sources.nixos-hardware + "/raspberry-pi/4")
#
# home-manager
#
(sources.home-manager + "/nixos")
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
sharedModules = [{home.stateVersion = lib.mkDefault config.system.stateVersion;}];
};
hm.imports = [
#
# hostname
#
{_module.args = {inherit hostname;};}
#
# home modules
#
./hydrogen/home/programs.nix
./hydrogen/home/dev.nix
../homeModules/common/btop
../homeModules/common/fish
../homeModules/common/starship
../homeModules/common/fzf.nix
../homeModules/common/tmux
../homeModules/common/vim
../homeModules/common/direnv.nix
../homeModules/common/git.nix
../homeModules/common/gpg.nix
../homeModules/common/leana.nix
../homeModules/common/locale.nix
../homeModules/common/packages.nix
../homeModules/common/tealdeer.nix
../homeModules/extra/tmux-fish-integration.nix
#
# Extern modules
#
(sources.agenix + "/modules/age-home.nix")
(import sources.wired-notify).homeManagerModules.default
# use lix everywhere and wrap it with nom
../overlays/lix.nix
../overlays/nix-monitored.nix
];
}
#
# Secrets
#
{
age.secrets = {
wpa_password.file = "${../secrets/wpa_password.age}";
};
}
];
}
# Set NIX_PATH and flake registry at the same time
# https://github.com/NixOS/nixpkgs/pull/254405
flake.source = sources.nixpkgs;
};
nix.package = pkgs.nix-monitored;
system.nixos.version = lib.substring 0 8 sources.nixpkgs.revision;
}
./hydrogen/nixos/misc.nix
./hydrogen/nixos/programs.nix
./hydrogen/nixos/connectivity.nix
../nixosModules/common/fish.nix
../nixosModules/common/disable-command-not-found.nix
../nixosModules/common/network.nix
../nixosModules/common/sudo-conf.nix
../nixosModules/common/system-nixconf.nix
# QUIRK:
# Had issue when building the installer as it fails to bootstrap itself
# Might be useful to disable for the first build.
# ../nixosModules/extra/secure_dns.nix
../nixosModules/extra/leana.nix
#
# Extern modules
#
(sources.agenix + "/modules/age.nix")
(sources.nixos-hardware + "/raspberry-pi/4")
#
# home-manager
#
(sources.home-manager + "/nixos")
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
sharedModules = [ { home.stateVersion = lib.mkDefault config.system.stateVersion; } ];
};
hm.imports = [
#
# hostname
#
{ _module.args = { inherit hostname; }; }
#
# home modules
#
./hydrogen/home/programs.nix
./hydrogen/home/dev.nix
../homeModules/common/btop
../homeModules/common/fish
../homeModules/common/starship
../homeModules/common/fzf.nix
../homeModules/common/tmux
../homeModules/common/vim
../homeModules/common/direnv.nix
../homeModules/common/git.nix
../homeModules/common/gpg.nix
../homeModules/common/leana.nix
../homeModules/common/locale.nix
../homeModules/common/packages.nix
../homeModules/common/tealdeer.nix
../homeModules/extra/tmux-fish-integration.nix
#
# Extern modules
#
(sources.agenix + "/modules/age-home.nix")
];
}
#
# Secrets
#
{
age.secrets = {
wpa_password.file = "${../secrets/wpa_password.age}";
};
}
];
}

4
nix/configurations/hydrogen/home/dev.nix
View file

@ -1,6 +1,6 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
home.packages = [
pkgs.nil # nix
pkgs.pyright # python
];

37
nix/configurations/hydrogen/home/programs.nix
View file

@ -3,12 +3,15 @@
lib,
config,
...
}: {
home.sessionVariables = let
fishCfg = config.programs.fish;
in {
"SHELL" = lib.mkIf fishCfg.enable (lib.getExe fishCfg.package);
};
}:
{
home.sessionVariables =
let
fishCfg = config.programs.fish;
in
{
"SHELL" = lib.mkIf fishCfg.enable (lib.getExe fishCfg.package);
};
home.packages = [
pkgs.nmap
@ -21,23 +24,15 @@
pkgs.dig
pkgs.hutils
pkgs.miniserve
pkgs.agenix
pkgs.nix-which
# pretty tui tools
pkgs.du-dust
pkgs.tokei
pkgs.hyperfine
pkgs.watchexec
pkgs.onefetch
pkgs.just
# nix tools
pkgs.alejandra
pkgs.nurl
pkgs.npins
pkgs.nix-tree
pkgs.nh
# # pretty tui tools
# pkgs.du-dust
# pkgs.tokei
# pkgs.hyperfine
# pkgs.watchexec
# pkgs.onefetch
# pkgs.just
];
programs = {

16
nix/configurations/hydrogen/nixos/connectivity.nix
View file

@ -2,7 +2,8 @@
config,
lib,
...
}: {
}:
{
users.users.root.openssh.authorizedKeys.keys = import ../../../identities.nix;
networking = {
@ -22,13 +23,12 @@
userControlled.enable = true;
secretsFile = config.age.secrets.wpa_password.path;
scanOnLowSignal = false;
networks = let
fromList = import ../../../networks/wpa_supplicant-compat.nix;
networks = import ../../../networks/list.nix;
in
fromList (
builtins.filter (x: x.ssid == "~") networks
);
networks =
let
fromList = import ../../../networks/wpa_supplicant-compat.nix;
networks = import ../../../networks/list.nix;
in
fromList (builtins.filter (x: x.ssid == "~") networks);
};
};

3
nix/configurations/hydrogen/nixos/misc.nix
View file

@ -13,8 +13,7 @@
# modprobe: FATAL: Module sun4i-drm not found in directory /nix/store/gvvwpdckzcr4iamp1iyrqw3nzb7bg6c4-linux-rpi-6.6.51-stable_20241008-modules/lib/modules/6.6.51
nixpkgs.overlays = [
(final: prev: {
makeModulesClosure = x:
prev.makeModulesClosure (x // {allowMissing = true;});
makeModulesClosure = x: prev.makeModulesClosure (x // { allowMissing = true; });
})
];
}

3
nix/configurations/hydrogen/nixos/programs.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
environment.systemPackages = [
pkgs.man-pages
pkgs.man-pages-posix

18
nix/configurations/installer.nix
View file

@ -9,7 +9,8 @@
lib,
modulesPath,
...
}: {
}:
{
imports = [
../nixosModules/common/system-nixconf.nix
../nixosModules/common/sudo-conf.nix
@ -18,10 +19,15 @@
];
nix.settings = {
extra-substituters = ["https://leana8959.cachix.org"];
extra-trusted-substituters = ["https://leana8959.cachix.org"];
extra-trusted-public-keys = ["leana8959.cachix.org-1:CxQSAp8lcgMv8Me459of0jdXRW2tcyeYRKTiiUq8z0M="];
experimental-features = ["nix-command" "flakes"];
extra-substituters = [ "https://leana8959.cachix.org" ];
extra-trusted-substituters = [ "https://leana8959.cachix.org" ];
extra-trusted-public-keys = [
"leana8959.cachix.org-1:CxQSAp8lcgMv8Me459of0jdXRW2tcyeYRKTiiUq8z0M="
];
experimental-features = [
"nix-command"
"flakes"
];
};
nixpkgs = {
@ -45,7 +51,7 @@
pkgs.btop
];
networking.firewall.allowedTCPPorts = [8080]; # in case you wanna nc
networking.firewall.allowedTCPPorts = [ 8080 ]; # in case you wanna nc
programs.tmux.enable = true;
users.users.nixos.shell = pkgs.fish;

420
nix/configurations/vanadium.nix
View file

@ -5,225 +5,227 @@ let
hostname = "vanadium";
username = "leana";
in
{
config,
lib,
pkgs,
...
}: let
inherit (lib.modules) mkAliasOptionModule;
in {
imports = [
#
# Shorthands
#
(mkAliasOptionModule ["me"] ["users" "users" username])
(mkAliasOptionModule ["hm"] ["home-manager" "users" username])
{
config,
lib,
pkgs,
...
}:
let
inherit (lib.modules) mkAliasOptionModule;
in
{
imports = [
#
# Shorthands
#
(mkAliasOptionModule [ "me" ] [ "users" "users" username ])
(mkAliasOptionModule [ "hm" ] [ "home-manager" "users" username ])
#
# hostname
#
{_module.args = {inherit hostname;};}
#
# hostname
#
{ _module.args = { inherit hostname; }; }
#
# nixpkgs
#
{
# affect the generated nix.conf, doesn't need to be turned off during nixos-install
nix = {
distributedBuilds = true;
settings.builders-use-substitutes = true;
#
# nixpkgs
#
{
# affect the generated nix.conf, doesn't need to be turned off during nixos-install
nix = {
distributedBuilds = true;
settings.builders-use-substitutes = true;
};
nixpkgs = {
config = {
# For btop, ROCm support is needed for AMD GPU
# https://github.com/aristocratos/btop?tab=readme-ov-file#gpu-compatibility
rocmSupport = true;
};
nixpkgs = {
config = {
# For btop, ROCm support is needed for AMD GPU
# https://github.com/aristocratos/btop?tab=readme-ov-file#gpu-compatibility
rocmSupport = true;
};
overlays = map import [
../overlays/agenix.nix
../overlays/disko.nix
../overlays/nur.nix
../overlays/wired-notify.nix
../overlays/nix-tree.nix
../overlays/wallpapers.nix
../overlays/nil.nix
../overlays/dix.nix
../overlays/eepy.nix
../overlays/calibre-no-mime.nix
../overlays/fcitx5-table-extra-taiwanese.nix
overlays = map import [
../overlays/agenix.nix
../overlays/disko.nix
../overlays/nur.nix
../overlays/wired-notify.nix
../overlays/nix-tree.nix
../overlays/wallpapers.nix
../overlays/nil.nix
../overlays/dix.nix
../overlays/eepy.nix
../overlays/calibre-no-mime.nix
../overlays/fcitx5-table-extra-taiwanese.nix
../overlays/iosevka.nix
../packages/overlay.nix
../overlays/iosevka.nix
../packages/overlay.nix
./vanadium/overlay.nix
./vanadium/kernel-overlay.nix
./vanadium/overlay.nix
./vanadium/kernel-overlay.nix
# removed, but I need it for PLFA!
../overlays/pin-emacs28.nix
# removed, but I need it for PLFA!
../overlays/pin-emacs28.nix
# use lix everywhere and wrap it with nom
../overlays/lix.nix
../overlays/nix-monitored.nix
];
# Set NIX_PATH and flake registry at the same time
# https://github.com/NixOS/nixpkgs/pull/254405
flake.source = sources.nixpkgs;
};
nix.package = pkgs.nix-monitored;
system.nixos.version = lib.substring 0 8 sources.nixpkgs.revision;
}
#
# NixOS modules
#
./vanadium/nixos/hardware-configuration.nix # generated
./vanadium/nixos/fs.nix
./vanadium/nixos/restic.nix
./vanadium/nixos/battery.nix
./vanadium/nixos/audio.nix
./vanadium/nixos/connectivity.nix
./vanadium/nixos/input.nix
./vanadium/nixos/misc.nix
./vanadium/nixos/display.nix
./vanadium/nixos/gui.nix
./vanadium/nixos/locale.nix
./vanadium/nixos/unfree-predicate.nix
./vanadium/nixos/programs.nix
../nixosModules/common/fish.nix
../nixosModules/common/disable-command-not-found.nix
../nixosModules/common/network.nix
../nixosModules/common/sudo-conf.nix
../nixosModules/common/system-nixconf.nix
../nixosModules/common/xscreensaver.nix
# QUIRK:
# Had issue when building the installer as it fails to bootstrap itself
# Might be useful to disable for the first build.
# ../nixosModules/extra/secure_dns.nix
../nixosModules/extra/zram.nix
../nixosModules/extra/leana.nix
#
# Extern modules
#
(sources.disko + "/module.nix")
../disko/vanadium/btrfs.nix
(sources.agenix + "/modules/age.nix")
(import sources.url-eater).nixosModules.default
(sources.nixos-hardware + "/framework/13-inch/7040-amd")
#
# home-manager
#
(sources.home-manager + "/nixos")
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
sharedModules = [{home.stateVersion = lib.mkDefault config.system.stateVersion;}];
};
hm.imports = [
#
# hostname
#
{_module.args = {inherit hostname;};}
#
# home modules
#
./vanadium/home/programs.nix
./vanadium/home/misc.nix
./vanadium/home/firefox.nix
./vanadium/home/xmobar.nix
# Language server packages, etc
./vanadium/home/dev.nix
../homeModules/common/btop
../homeModules/common/cmus
../homeModules/common/fcitx5
../homeModules/common/fish
../homeModules/common/nushell.nix
../homeModules/common/starship
../homeModules/common/tmux
../homeModules/common/vim
../homeModules/common/wired
../homeModules/common/atuin.nix
../homeModules/common/direnv.nix
../homeModules/common/feh.nix
../homeModules/common/firefox.nix
../homeModules/common/fzf.nix
../homeModules/common/git.nix
../homeModules/common/gpg.nix
../homeModules/common/kitty.nix
../homeModules/common/leana.nix
../homeModules/common/locale.nix
../homeModules/common/lazygit.nix
../homeModules/common/packages.nix
../homeModules/common/password-store.nix
../homeModules/common/sioyek.nix
../homeModules/common/tealdeer.nix
../homeModules/common/user-nixconf.nix
../homeModules/extra/tmux-fish-integration.nix
#
# Extern modules
#
(sources.agenix + "/modules/age-home.nix")
(import sources.wired-notify).homeManagerModules.default
# use lix everywhere and wrap it with nom
../overlays/lix.nix
../overlays/nix-monitored.nix
];
}
#
# Secrets
#
{
# Set NIX_PATH and flake registry at the same time
# https://github.com/NixOS/nixpkgs/pull/254405
flake.source = sources.nixpkgs;
};
nix.package = pkgs.nix-monitored;
system.nixos.version = lib.substring 0 8 sources.nixpkgs.revision;
}
#
# NixOS modules
#
./vanadium/nixos/hardware-configuration.nix # generated
./vanadium/nixos/fs.nix
./vanadium/nixos/restic.nix
./vanadium/nixos/battery.nix
./vanadium/nixos/audio.nix
./vanadium/nixos/connectivity.nix
./vanadium/nixos/input.nix
./vanadium/nixos/misc.nix
./vanadium/nixos/display.nix
./vanadium/nixos/gui.nix
./vanadium/nixos/locale.nix
./vanadium/nixos/unfree-predicate.nix
./vanadium/nixos/programs.nix
../nixosModules/common/fish.nix
../nixosModules/common/disable-command-not-found.nix
../nixosModules/common/network.nix
../nixosModules/common/sudo-conf.nix
../nixosModules/common/system-nixconf.nix
../nixosModules/common/xscreensaver.nix
# QUIRK:
# Had issue when building the installer as it fails to bootstrap itself
# Might be useful to disable for the first build.
# ../nixosModules/extra/secure_dns.nix
../nixosModules/extra/zram.nix
../nixosModules/extra/leana.nix
#
# Extern modules
#
(sources.disko + "/module.nix")
../disko/vanadium/btrfs.nix
(sources.agenix + "/modules/age.nix")
(import sources.url-eater).nixosModules.default
(sources.nixos-hardware + "/framework/13-inch/7040-amd")
#
# home-manager
#
(sources.home-manager + "/nixos")
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
sharedModules = [ { home.stateVersion = lib.mkDefault config.system.stateVersion; } ];
};
hm.imports = [
#
# hostname
#
{ _module.args = { inherit hostname; }; }
#
# home modules
#
./vanadium/home/programs.nix
./vanadium/home/misc.nix
./vanadium/home/firefox.nix
./vanadium/home/xmobar.nix
# Language server packages, etc
./vanadium/home/dev.nix
../homeModules/common/btop
../homeModules/common/cmus
../homeModules/common/fcitx5
../homeModules/common/fish
../homeModules/common/nushell.nix
../homeModules/common/starship
../homeModules/common/tmux
../homeModules/common/vim
../homeModules/common/wired
../homeModules/common/atuin.nix
../homeModules/common/direnv.nix
../homeModules/common/feh.nix
../homeModules/common/firefox.nix
../homeModules/common/fzf.nix
../homeModules/common/git.nix
../homeModules/common/gpg.nix
../homeModules/common/kitty.nix
../homeModules/common/leana.nix
../homeModules/common/locale.nix
../homeModules/common/lazygit.nix
../homeModules/common/packages.nix
../homeModules/common/password-store.nix
../homeModules/common/sioyek.nix
../homeModules/common/tealdeer.nix
../homeModules/common/user-nixconf.nix
../homeModules/extra/tmux-fish-integration.nix
#
# Extern modules
#
(sources.agenix + "/modules/age-home.nix")
(import sources.wired-notify).homeManagerModules.default
];
}
#
# Secrets
#
{
age.secrets = {
wpa_password.file = "${../secrets/wpa_password.age}";
restic_backblaze_pwd.file = "${../secrets/restic_backblaze_pwd.age}";
restic_backblaze_repo.file = "${../secrets/restic_backblaze_repo.age}";
restic_backblaze_env.file = "${../secrets/restic_backblaze_env.age}";
four_pwd.file = "${../secrets/four_pwd.age}";
restic_four_pwd.file = "${../secrets/restic_four_pwd.age}";
sgbk_pwd.file = "${../secrets/sgbk_pwd.age}";
restic_sgbk_pwd.file = "${../secrets/restic_sgbk_pwd.age}";
two_pwd.file = "${../secrets/two_pwd.age}";
};
hm = {
age.secrets = {
wpa_password.file = "${../secrets/wpa_password.age}";
restic_backblaze_pwd.file = "${../secrets/restic_backblaze_pwd.age}";
restic_backblaze_repo.file = "${../secrets/restic_backblaze_repo.age}";
restic_backblaze_env.file = "${../secrets/restic_backblaze_env.age}";
four_pwd.file = "${../secrets/four_pwd.age}";
restic_four_pwd.file = "${../secrets/restic_four_pwd.age}";
sgbk_pwd.file = "${../secrets/sgbk_pwd.age}";
restic_sgbk_pwd.file = "${../secrets/restic_sgbk_pwd.age}";
two_pwd.file = "${../secrets/two_pwd.age}";
};
hm = {
age.secrets = {
sshconfig = {
file = "${../secrets/sshconfig.age}";
path = "/home/leana/.ssh/config";
};
iambconfig = {
file = "${../secrets/iambconfig.age}";
path = "/home/leana/.config/iamb/config.toml";
};
sshconfig = {
file = "${../secrets/sshconfig.age}";
path = "/home/leana/.ssh/config";
};
iambconfig = {
file = "${../secrets/iambconfig.age}";
path = "/home/leana/.config/iamb/config.toml";
};
};
}
];
}
};
}
];
}

12
nix/configurations/vanadium/home/dev.nix
View file

@ -3,7 +3,8 @@
lib,
config,
...
}: {
}:
{
home.packages = [
# preview markdown
pkgs.python3Packages.grip
@ -42,10 +43,11 @@
"haskell/cabal"
];
};
includes = let
fromList = import ../../../git-identities/git-compat.nix;
identities = import ../../../git-identities/list.nix;
in
includes =
let
fromList = import ../../../git-identities/git-compat.nix;
identities = import ../../../git-identities/list.nix;
in
fromList identities;
};

216
nix/configurations/vanadium/home/firefox.nix
View file

@ -2,109 +2,97 @@
pkgs,
config,
...
}: let
}:
let
inherit (pkgs) nur;
in {
in
{
programs.firefox = {
enable = true;
policies = {
SearchEngines = {
Default = "leta";
Remove = ["Google"];
Add = [
{
Name = "leta";
Alias = "@lt";
IconURL = "https://leta.mullvad.net/favicon.ico";
URLTemplate = "https://leta.mullvad.net/search?q={searchTerms}&engine=brave";
SuggestURLTemplate = "https://suggestqueries.google.com/complete/search?q={searchTerms}";
}
policies.SearchEngines.Add = [
# Forges
{
Name = "GitHub";
Alias = "@gh";
IconURL = "https://github.com/favicon.ico";
Description = "Your code yum yum";
URLTemplate = "https://github.com/search?q={searchTerms}&type=repositories";
}
{
Name = "GitHub (Code Search)";
Alias = "@ghc";
IconURL = "https://github.com/favicon.ico";
Description = "Your code yum yum";
URLTemplate = "https://github.com/search?q={searchTerms}&type=code";
}
{
Name = "Codeberg";
Alias = "@cb";
IconURL = "https://codeberg.org/favicon.ico";
Description = "Software development, but free!";
URLTemplate = "https://codeberg.org/explore/repos?q={searchTerms}";
}
{
Name = "?C";
Alias = "@cc";
IconURL = "https://git.confusedcompiler.org/favicon.ico";
URLTemplate = "https://git.confusedcompiler.org/explore/repos?q={searchTerms}";
}
# Forges
{
Name = "GitHub";
Alias = "@gh";
IconURL = "https://github.com/favicon.ico";
Description = "Your code yum yum";
URLTemplate = "https://github.com/search?q={searchTerms}&type=repositories";
}
{
Name = "GitHub (Code Search)";
Alias = "@ghc";
IconURL = "https://github.com/favicon.ico";
Description = "Your code yum yum";
URLTemplate = "https://github.com/search?q={searchTerms}&type=code";
}
{
Name = "Codeberg";
Alias = "@cb";
IconURL = "https://codeberg.org/favicon.ico";
Description = "Software development, but free!";
URLTemplate = "https://codeberg.org/explore/repos?q={searchTerms}";
}
{
Name = "?C";
Alias = "@cc";
IconURL = "https://git.confusedcompiler.org/favicon.ico";
URLTemplate = "https://git.confusedcompiler.org/explore/repos?q={searchTerms}";
}
# Nix{,OS,pkgs}
{
Name = "NixOS Search (Package)";
Alias = "@np";
IconURL = "https://nixos.org/favicon.ico";
Description = "Search in nixpkgs";
URLTemplate = "https://search.nixos.org/packages?query={searchTerms}";
}
{
Name = "NixOS Search (Options)";
Alias = "@no";
IconURL = "https://nixos.org/favicon.ico";
Description = "Search in NixOS options";
URLTemplate = "https://search.nixos.org/options?query={searchTerms}";
}
# Nix{,OS,pkgs}
{
Name = "NixOS Search (Package)";
Alias = "@np";
IconURL = "https://nixos.org/favicon.ico";
Description = "Search in nixpkgs";
URLTemplate = "https://search.nixos.org/packages?query={searchTerms}";
}
{
Name = "NixOS Search (Options)";
Alias = "@no";
IconURL = "https://nixos.org/favicon.ico";
Description = "Search in NixOS options";
URLTemplate = "https://search.nixos.org/options?query={searchTerms}";
}
# Haskell
{
Name = "Flora";
Alias = "@hs";
IconURL = "https://flora.pm/static/icons/favicon-32x32.png";
URLTemplate = "https://flora.pm/search?q={searchTerms}";
}
# Haskell
{
Name = "Flora";
Alias = "@hs";
IconURL = "https://flora.pm/static/icons/favicon-32x32.png";
URLTemplate = "https://flora.pm/search?q={searchTerms}";
}
# Discourse
{
Name = "NixOS Discourse";
Alias = "@nd";
IconURL = "https://nixos.org/favicon.ico";
URLTemplate = "https://discourse.nixos.org/search?q={searchTerms}";
}
{
Name = "Framework Discourse";
Alias = "@fd";
IconURL = "https://frame.work/favicon.ico";
URLTemplate = "https://community.frame.work/search?q={searchTerms}";
}
# Discourse
{
Name = "NixOS Discourse";
Alias = "@nd";
IconURL = "https://nixos.org/favicon.ico";
URLTemplate = "https://discourse.nixos.org/search?q={searchTerms}";
}
{
Name = "Framework Discourse";
Alias = "@fd";
IconURL = "https://frame.work/favicon.ico";
URLTemplate = "https://community.frame.work/search?q={searchTerms}";
}
# Misc
{
Name = "YouTube";
Alias = "@yt";
IconURL = "https://youtube.com/favicon.ico";
SuggestURLTemplate = "http://suggestqueries.google.com/complete/search?q={searchTerms}&ds=yt";
URLTemplate = "https://www.youtube.com/results?search_query={searchTerms}";
}
{
Name = "Genius";
Alias = "@geni";
IconURL = "https://genius.com/favicon.ico";
URLTemplate = "https://genius.com/search?q={searchTerms}";
}
];
};
};
# Misc
{
Name = "YouTube";
Alias = "@yt";
IconURL = "https://youtube.com/favicon.ico";
SuggestURLTemplate = "http://suggestqueries.google.com/complete/search?q={searchTerms}&ds=yt";
URLTemplate = "https://www.youtube.com/results?search_query={searchTerms}";
}
{
Name = "Genius";
Alias = "@geni";
IconURL = "https://genius.com/favicon.ico";
URLTemplate = "https://genius.com/search?q={searchTerms}";
}
];
profiles = {
default = {
@ -120,26 +108,29 @@ in {
font-family: monospace;
}
'';
extensions.packages = let
addons = nur.repos.rycee.firefox-addons;
in [
addons.sponsorblock
addons.return-youtube-dislikes
addons.consent-o-matic
];
extensions.packages =
let
addons = nur.repos.rycee.firefox-addons;
in
[
addons.sponsorblock
addons.return-youtube-dislikes
addons.consent-o-matic
];
};
junk = {
id = 1;
inherit
(config.programs.firefox.profiles.default)
inherit (config.programs.firefox.profiles.default)
settings
userChrome
;
extensions.packages = let
addons = nur.repos.rycee.firefox-addons;
in [addons.multi-account-containers];
extensions.packages =
let
addons = nur.repos.rycee.firefox-addons;
in
[ addons.multi-account-containers ];
containers = {
raisin = {
@ -158,15 +149,16 @@ in {
# Isolate it because it's proprietary
tampermonkey = {
id = 2;
inherit
(config.programs.firefox.profiles.default)
inherit (config.programs.firefox.profiles.default)
settings
userChrome
;
extensions.packages = let
addons = nur.repos.rycee.firefox-addons;
in [addons.tampermonkey];
extensions.packages =
let
addons = nur.repos.rycee.firefox-addons;
in
[ addons.tampermonkey ];
};
};
};

23
nix/configurations/vanadium/home/misc.nix
View file

@ -1,19 +1,23 @@
{
pkgs,
lib,
nixosConfig ? {},
nixosConfig ? { },
...
}: {
}:
{
#
# fonts
#
fonts.fontconfig = {
enable = true;
defaultFonts = lib.mapAttrsRecursive (_: v: v ++ ["Last Resort"]) {
sansSerif = ["Ubuntu" "Noto Sans CJK TC"];
serif = ["Noto Serif CJK TC"];
monospace = ["Iosevka"];
emoji = ["Noto Color Emoji"];
defaultFonts = lib.mapAttrsRecursive (_: v: v ++ [ "Last Resort" ]) {
sansSerif = [
"Ubuntu"
"Noto Sans CJK TC"
];
serif = [ "Noto Serif CJK TC" ];
monospace = [ "Iosevka" ];
emoji = [ "Noto Color Emoji" ];
};
};
home.packages = [
@ -39,8 +43,7 @@
x11.enable = true;
gtk.enable = true;
inherit
(nixosConfig.services.xserver.displayManager.lightdm.greeters.gtk.cursorTheme)
inherit (nixosConfig.services.xserver.displayManager.lightdm.greeters.gtk.cursorTheme)
name
package
size
@ -55,7 +58,7 @@
xdg.mimeApps = {
enable = true;
defaultApplications = {
"x-scheme-handler/mailto" = ["org.gnome.Evolution.desktop"];
"x-scheme-handler/mailto" = [ "org.gnome.Evolution.desktop" ];
};
};
}

26
nix/configurations/vanadium/home/programs.nix
View file

@ -3,16 +3,19 @@
lib,
config,
...
}: {
}:
{
home.sessionPath = [
"${config.home.homeDirectory}/.local/bin"
];
home.sessionVariables = let
fishCfg = config.programs.fish;
in {
"SHELL" = lib.mkIf fishCfg.enable (lib.getExe fishCfg.package);
};
home.sessionVariables =
let
fishCfg = config.programs.fish;
in
{
"SHELL" = lib.mkIf fishCfg.enable (lib.getExe fishCfg.package);
};
home.packages = [
pkgs.ghc # my favorite calculator
@ -37,9 +40,7 @@
# lol
pkgs.macchanger
/*
The file picker is not ergonomic enough, sadly
*/
# The file picker is not ergonomic enough, sadly
# pkgs.helix
# pkgs.nushell
@ -69,7 +70,10 @@
pkgs.just
# nix tools
pkgs.alejandra
# # Alejandra handles inline comments poorly
# # https://github.com/kamadorueda/alejandra/issues/429
# pkgs.alejandra
pkgs.nixfmt-rfc-style
pkgs.nurl
pkgs.dix
pkgs.niv
@ -169,7 +173,7 @@
gnome-keyring = {
enable = true;
components = ["secrets"];
components = [ "secrets" ];
};
};
}

44
nix/configurations/vanadium/home/xmobar.nix
View file

@ -1,23 +1,31 @@
{pkgs, ...}: {
home.packages = let
inherit (pkgs) lib;
{ pkgs, ... }:
{
home.packages =
let
inherit (pkgs) lib;
ghc = pkgs.haskellPackages.ghc.withPackages (haskellPackages: [
haskellPackages.xmobar
]);
ghc = pkgs.haskellPackages.ghc.withPackages (haskellPackages: [
haskellPackages.xmobar
]);
wrapped-xmobar = pkgs.symlinkJoin {
name = "xmobar";
paths = [pkgs.xmobar];
buildInputs = [pkgs.makeWrapper];
postBuild = ''
wrapProgram $out/bin/xmobar \
--prefix PATH : "${lib.makeBinPath [ghc pkgs.libnotify]}"
'';
};
in [
wrapped-xmobar
];
wrapped-xmobar = pkgs.symlinkJoin {
name = "xmobar";
paths = [ pkgs.xmobar ];
buildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/xmobar \
--prefix PATH : "${
lib.makeBinPath [
ghc
pkgs.libnotify
]
}"
'';
};
in
[
wrapped-xmobar
];
xdg.configFile = {
"xmobar" = {

6
nix/configurations/vanadium/kernel-overlay.nix
View file

@ -1,6 +1,8 @@
final: prev: let
final: prev:
let
inherit (final) lib;
in {
in
{
linuxPackages = final.linuxPackagesFor (
prev.linuxPackages.kernel.override {
# TODO: The error message is quite unintuitive, maybe improve it?

2
nix/configurations/vanadium/nixos/audio.nix
View file

@ -5,5 +5,5 @@
jack.enable = true;
};
me.extraGroups = ["audio"];
me.extraGroups = [ "audio" ];
}

17
nix/configurations/vanadium/nixos/connectivity.nix
View file

@ -3,12 +3,16 @@
pkgs,
lib,
...
}: {
}:
{
# For nautilius and iOS
services.gvfs.enable = true;
# iOS
services.usbmuxd.enable = true;
environment.systemPackages = with pkgs; [libimobiledevice idevicerestore];
environment.systemPackages = with pkgs; [
libimobiledevice
idevicerestore
];
# https://unix.stackexchange.com/questions/592775/how-can-i-enable-apple-ios-fast-charge-support
services.udev.extraRules = ''
@ -34,10 +38,11 @@
userControlled.enable = true;
secretsFile = config.age.secrets.wpa_password.path;
scanOnLowSignal = false;
networks = let
fromList = import ../../../networks/wpa_supplicant-compat.nix;
networks = import ../../../networks/list.nix;
in
networks =
let
fromList = import ../../../networks/wpa_supplicant-compat.nix;
networks = import ../../../networks/list.nix;
in
fromList networks;
};
};

278
nix/configurations/vanadium/nixos/display.nix
View file

@ -2,13 +2,14 @@
pkgs,
lib,
...
}: {
}:
{
imports = [
#
# builtin screen
#
{
me.extraGroups = ["video"];
me.extraGroups = [ "video" ];
programs.light.enable = true;
}
@ -16,10 +17,10 @@
# external screen
#
{
me.extraGroups = ["i2c"];
me.extraGroups = [ "i2c" ];
hardware.i2c.enable = true;
environment.systemPackages = [pkgs.ddcutil];
boot.kernelModules = ["i2c-dev"];
environment.systemPackages = [ pkgs.ddcutil ];
boot.kernelModules = [ "i2c-dev" ];
}
];
@ -33,145 +34,160 @@
"20_xmonad" = "${lib.getExe pkgs.haskellPackages.xmonad} --restart"; # make sure feh keeps up
};
profiles = let
singleton = k: v: {${k} = v;};
profiles =
let
singleton = k: v: { ${k} = v; };
fingerprints = {
built-in = singleton "eDP-1" "00ffffffffffff0009e5ca0b000000002f200104a51c137803de50a3544c99260f505400000001010101010101010101010101010101115cd01881e02d50302036001dbe1000001aa749d01881e02d50302036001dbe1000001a000000fe00424f452043510a202020202020000000fe004e4531333546424d2d4e34310a0073";
amethyst = device: singleton device "00ffffffffffff0006b35b27010101012c210103803c22782a29d5ad4f44a7240f5054bfef00714f81809500d1c0d1e8d1fc01010101565e00a0a0a029503020350055502100001a000000fd0030901edf3c000a202020202020000000fc005647323741514c33410a202020000000ff0052414c4d51533139373533370a0111020347f14a90030204014061603f1f230907078301000067030c002000384468d85dc401788003026d1a000002013090f00069096909e305ff01e6060701696900e2006ae20fc0eae70070a0a067500820980455502100001a6fc200a0a0a055503020350055502100001a5aa000a0a0a046503020350055502100001a0000bc";
orchid = device: singleton device "00ffffffffffff0004699a24642900002416010380341d782a2ac5a4564f9e280f5054b7ef00714f814081809500b300d1c081c08100023a801871382d40582c450009252100001e000000ff0043394c4d54463031303539360a000000fd00324b185311000a202020202020000000fc00415355532056533234370a20200173020322714f0102031112130414050e0f1d1e1f10230917078301000065030c0010008c0ad08a20e02d10103e9600092521000018011d007251d01e206e28550009252100001e011d00bc52d01e20b828554009252100001e8c0ad090204031200c4055000925210000180000000000000000000000000000000000000000005d";
};
fingerprints = {
built-in = singleton "eDP-1" "00ffffffffffff0009e5ca0b000000002f200104a51c137803de50a3544c99260f505400000001010101010101010101010101010101115cd01881e02d50302036001dbe1000001aa749d01881e02d50302036001dbe1000001a000000fe00424f452043510a202020202020000000fe004e4531333546424d2d4e34310a0073";
amethyst =
device:
singleton device "00ffffffffffff0006b35b27010101012c210103803c22782a29d5ad4f44a7240f5054bfef00714f81809500d1c0d1e8d1fc01010101565e00a0a0a029503020350055502100001a000000fd0030901edf3c000a202020202020000000fc005647323741514c33410a202020000000ff0052414c4d51533139373533370a0111020347f14a90030204014061603f1f230907078301000067030c002000384468d85dc401788003026d1a000002013090f00069096909e305ff01e6060701696900e2006ae20fc0eae70070a0a067500820980455502100001a6fc200a0a0a055503020350055502100001a5aa000a0a0a046503020350055502100001a0000bc";
orchid =
device:
singleton device "00ffffffffffff0004699a24642900002416010380341d782a2ac5a4564f9e280f5054b7ef00714f814081809500b300d1c081c08100023a801871382d40582c450009252100001e000000ff0043394c4d54463031303539360a000000fd00324b185311000a202020202020000000fc00415355532056533234370a20200173020322714f0102031112130414050e0f1d1e1f10230917078301000065030c0010008c0ad08a20e02d10103e9600092521000018011d007251d01e206e28550009252100001e011d00bc52d01e20b828554009252100001e8c0ad090204031200c4055000925210000180000000000000000000000000000000000000000005d";
};
devices = rec {
built-in = "eDP-1";
# Run `xrandr` to see the max number
extern = map (portNumber: "DP-${toString portNumber}") (lib.range 1 8);
all = [built-in] ++ extern;
};
devices = rec {
built-in = "eDP-1";
# Run `xrandr` to see the max number
extern = map (portNumber: "DP-${toString portNumber}") (lib.range 1 8);
all = [ built-in ] ++ extern;
};
switches = {
setDPI = {dpi}:
singleton "10_xrdb-dpi" "${lib.getExe pkgs.xorg.xrdb} -merge ${pkgs.writeText "xrdb-dpi-config" ''
Xcursor.size: 64
Xft.dpi: ${toString dpi}
''}";
switches = {
setDPI =
{ dpi }:
singleton "10_xrdb-dpi" "${lib.getExe pkgs.xorg.xrdb} -merge ${pkgs.writeText "xrdb-dpi-config" ''
Xcursor.size: 64
Xft.dpi: ${toString dpi}
''}";
# Is scoped to an output device, no need to be called on built-in display
setSoftwareBrightness = {
device, # obtain with `xrandr`
brightness, # [0..1]
}:
singleton "10_xrandr_brightness" ''
${lib.getExe pkgs.xorg.xrandr} --output ${device} --brightness ${toString brightness}
'';
# Is scoped to an output device, no need to be called on built-in display
setSoftwareBrightness =
{
device, # obtain with `xrandr`
brightness, # [0..1]
}:
singleton "10_xrandr_brightness" ''
${lib.getExe pkgs.xorg.xrandr} --output ${device} --brightness ${toString brightness}
'';
# Is scoped to an output device, no need to be called on built-in display
setDDCBrightness = {
modelName, # obtain with `ddcutil detect`
brightness, # [0..1]
}:
singleton "10_ddc_brightness" ''
${lib.getExe pkgs.ddcutil} --model ${modelName} setvcp 10 ${toString (builtins.floor (brightness * 100))}
'';
# Is scoped to an output device, no need to be called on built-in display
setDDCBrightness =
{
modelName, # obtain with `ddcutil detect`
brightness, # [0..1]
}:
singleton "10_ddc_brightness" ''
${lib.getExe pkgs.ddcutil} --model ${modelName} setvcp 10 ${
toString (builtins.floor (brightness * 100))
}
'';
setDDCContrast = {
modelName, # obtain with `ddcutil detect`
contrast, # [0..1]
}:
singleton "10_ddc_contrast" ''
${lib.getExe pkgs.ddcutil} --model ${modelName} setvcp 12 ${toString (builtins.floor (contrast * 100))}
'';
};
setDDCContrast =
{
modelName, # obtain with `ddcutil detect`
contrast, # [0..1]
}:
singleton "10_ddc_contrast" ''
${lib.getExe pkgs.ddcutil} --model ${modelName} setvcp 12 ${
toString (builtins.floor (contrast * 100))
}
'';
};
# Note: the "position" field corresponds to the "pos" field outputted by autorandr
# To get the current config, run `xrandr --auto` and then `autorandr --config`
configs = {
allOff = lib.genAttrs devices.all (_: {enable = lib.mkDefault false;});
enableBuiltin = {
eDP-1 = {
enable = true;
crtc = 0;
mode = "2256x1504";
rate = "60.00";
primary = true;
# Note: the "position" field corresponds to the "pos" field outputted by autorandr
# To get the current config, run `xrandr --auto` and then `autorandr --config`
configs = {
allOff = lib.genAttrs devices.all (_: {
enable = lib.mkDefault false;
});
enableBuiltin = {
eDP-1 = {
enable = true;
crtc = 0;
mode = "2256x1504";
rate = "60.00";
primary = true;
};
};
enableAmethyst = name: {
${name} = {
enable = true;
primary = true;
crtc = 1;
mode = "2560x1440";
rate = "59.95";
};
};
enableOrchid = name: {
${name} = {
enable = true;
primary = true;
crtc = 1;
mode = "1920x1080";
rate = "60.00";
};
};
};
enableAmethyst = name: {
${name} = {
enable = true;
primary = true;
crtc = 1;
mode = "2560x1440";
rate = "59.95";
};
frameworkBuiltin = {
fingerprint = fingerprints.built-in;
config = lib.mkMerge [
configs.allOff
configs.enableBuiltin
];
hooks.postswitch = switches.setDPI { dpi = 150; };
};
enableOrchid = name: {
${name} = {
enable = true;
primary = true;
crtc = 1;
mode = "1920x1080";
rate = "60.00";
};
mkAmethyst = name: {
fingerprint = lib.mkMerge [
fingerprints.built-in
(fingerprints.amethyst name)
];
config = lib.mkMerge [
configs.allOff
(configs.enableAmethyst name)
];
hooks.postswitch = lib.mkMerge [
(switches.setDPI { dpi = 110; })
(switches.setSoftwareBrightness {
device = name;
brightness = 1;
})
(switches.setDDCBrightness {
modelName = "VG27AQL3A";
brightness = 0;
})
(switches.setDDCContrast {
modelName = "VG27AQL3A";
contrast = 0.5;
})
];
};
};
frameworkBuiltin = {
fingerprint = fingerprints.built-in;
config = lib.mkMerge [
configs.allOff
configs.enableBuiltin
];
hooks.postswitch = switches.setDPI {dpi = 150;};
};
mkAmethyst = name: {
fingerprint = lib.mkMerge [
fingerprints.built-in
(fingerprints.amethyst name)
];
config = lib.mkMerge [
configs.allOff
(configs.enableAmethyst name)
];
hooks.postswitch = lib.mkMerge [
(switches.setDPI {dpi = 110;})
(switches.setSoftwareBrightness {
device = name;
brightness = 1;
})
(switches.setDDCBrightness {
modelName = "VG27AQL3A";
brightness = 0;
})
(switches.setDDCContrast {
modelName = "VG27AQL3A";
contrast = 0.5;
})
];
};
mkOrchid = name: {
fingerprint = lib.mkMerge [
fingerprints.built-in
(fingerprints.orchid name)
];
config = lib.mkMerge [
configs.allOff
(configs.enableOrchid name)
];
# seems like this display doesn't support DDC
hooks.postswitch = lib.mkMerge [
(switches.setDPI {dpi = 100;})
(switches.setSoftwareBrightness {
device = name;
brightness = 0.5;
})
];
};
in
mkOrchid = name: {
fingerprint = lib.mkMerge [
fingerprints.built-in
(fingerprints.orchid name)
];
config = lib.mkMerge [
configs.allOff
(configs.enableOrchid name)
];
# seems like this display doesn't support DDC
hooks.postswitch = lib.mkMerge [
(switches.setDPI { dpi = 100; })
(switches.setSoftwareBrightness {
device = name;
brightness = 0.5;
})
];
};
in
lib.mkMerge [
{default = frameworkBuiltin;}
{ default = frameworkBuiltin; }
(lib.genAttrs' devices.extern (name: lib.nameValuePair "amethyst-${name}" (mkAmethyst name)))
(lib.genAttrs' devices.extern (name: lib.nameValuePair "orchid-${name}" (mkOrchid name)))
];

39
nix/configurations/vanadium/nixos/fs.nix
View file

@ -2,7 +2,8 @@
config,
pkgs,
...
}: {
}:
{
services.btrfs.autoScrub = {
enable = true;
fileSystems = [
@ -21,9 +22,9 @@
fileSystems = {
/*
WARNING:
Use "noauto" if you want to mount the drive at a later time and not all the time
Otherwise the mount would fail and cascade into the graphical session being stopped
WARNING:
Use "noauto" if you want to mount the drive at a later time and not all the time
Otherwise the mount would fail and cascade into the graphical session being stopped
*/
"/home/leana/mnt/tdk32" = {
@ -53,21 +54,23 @@
sgbk /dev/disk/by-uuid/21b5207e-c3cf-49da-b944-fb405ae1eee2 ${config.age.secrets.sgbk_pwd.path} noauto
'';
systemd.mounts = let
bindToCryptDev = dev: {
what = "/dev/mapper/${dev}";
where = "/mnt/${dev}";
unitConfig = {
Requires = ["systemd-cryptsetup@${dev}.service"];
After = ["systemd-cryptsetup@${dev}.service"];
PropagatesStopTo = ["systemd-cryptsetup@${dev}.service"];
systemd.mounts =
let
bindToCryptDev = dev: {
what = "/dev/mapper/${dev}";
where = "/mnt/${dev}";
unitConfig = {
Requires = [ "systemd-cryptsetup@${dev}.service" ];
After = [ "systemd-cryptsetup@${dev}.service" ];
PropagatesStopTo = [ "systemd-cryptsetup@${dev}.service" ];
};
};
};
in [
(bindToCryptDev "four")
(bindToCryptDev "two")
(bindToCryptDev "sgbk")
];
in
[
(bindToCryptDev "four")
(bindToCryptDev "two")
(bindToCryptDev "sgbk")
];
environment.systemPackages = [
pkgs.lsof

3
nix/configurations/vanadium/nixos/gui.nix
View file

@ -2,7 +2,8 @@
pkgs,
lib,
...
}: {
}:
{
services.xserver.windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;

15
nix/configurations/vanadium/nixos/hardware-configuration.nix
View file

@ -7,15 +7,20 @@
pkgs,
modulesPath,
...
}: {
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt"];
boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"thunderbolt"
];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

2
nix/configurations/vanadium/nixos/input.nix
View file

@ -13,7 +13,7 @@
};
};
me.extraGroups = ["scanner"];
me.extraGroups = [ "scanner" ];
hardware.sane = {
enable = true;
brscan5.enable = true;

23
nix/configurations/vanadium/nixos/locale.nix
View file

@ -1,4 +1,5 @@
{lib, ...}: {
{ lib, ... }:
{
# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
# `timedatectl list-timezones`
time.timeZone = "Asia/Taipei";
@ -28,16 +29,16 @@
let
genLocale = locale: lib.flip lib.genAttrs (_: locale);
in
# - xscreensaver freaks out on the time display
# - evolution add event becomes hard to use
# https://gitlab.gnome.org/GNOME/evolution/-/issues/3120
genLocale "fr_FR.UTF-8" [
"LC_TIME"
]
// genLocale "zh_TW.UTF-8" [
"LC_MONETARY"
"LC_ADDRESS"
];
# - xscreensaver freaks out on the time display
# - evolution add event becomes hard to use
# https://gitlab.gnome.org/GNOME/evolution/-/issues/3120
genLocale "fr_FR.UTF-8" [
"LC_TIME"
]
// genLocale "zh_TW.UTF-8" [
"LC_MONETARY"
"LC_ADDRESS"
];
};
# Wireless Regulatory Domain, uses ISO / IEC 3166 country code

5
nix/configurations/vanadium/nixos/misc.nix
View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
system.stateVersion = "24.11";
boot.loader = {
@ -16,6 +17,6 @@
# Cross building
# https://discourse.nixos.org/t/how-do-i-get-my-aarch64-linux-machine-to-build-x86-64-linux-extra-platforms-doesnt-seem-to-work/38106/2?u=leana8959
boot.binfmt.emulatedSystems = ["aarch64-linux"];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
nix.settings.extra-platforms = config.boot.binfmt.emulatedSystems;
}

5
nix/configurations/vanadium/nixos/programs.nix
View file

@ -2,14 +2,15 @@
lib,
pkgs,
...
}: {
}:
{
imports = [
#
# Docker
#
{
virtualisation.docker.enable = true;
me.extraGroups = ["docker"];
me.extraGroups = [ "docker" ];
}
# #

149
nix/configurations/vanadium/nixos/restic.nix
View file

@ -1,91 +1,94 @@
{config, ...}: {
services.restic.backups = let
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 12"
"--keep-yearly 10"
];
in {
"backblaze" = {
paths = [
"/home/leana/Documents"
"/home/leana/Calibre"
{ config, ... }:
{
services.restic.backups =
let
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 12"
"--keep-yearly 10"
];
in
{
"backblaze" = {
paths = [
"/home/leana/Documents"
"/home/leana/Calibre"
];
passwordFile = config.age.secrets.restic_backblaze_pwd.path;
repositoryFile = config.age.secrets.restic_backblaze_repo.path;
environmentFile = config.age.secrets.restic_backblaze_env.path;
passwordFile = config.age.secrets.restic_backblaze_pwd.path;
repositoryFile = config.age.secrets.restic_backblaze_repo.path;
environmentFile = config.age.secrets.restic_backblaze_env.path;
timerConfig = {
OnCalendar = "daily";
Persistent = true;
RandomizedDelaySec = "1h";
timerConfig = {
OnCalendar = "daily";
Persistent = true;
RandomizedDelaySec = "1h";
};
inherit pruneOpts;
};
inherit pruneOpts;
"four" = {
paths = [
"/home/leana/Music"
"/home/leana/Documents"
"/home/leana/Calibre"
"/home/leana/Images"
];
repository = "/mnt/four/restic";
passwordFile = config.age.secrets.restic_four_pwd.path;
timerConfig = null;
inherit pruneOpts;
};
"sgbk" = {
paths = [
"/home/leana/Music"
"/home/leana/Documents"
"/home/leana/Calibre"
"/home/leana/Images"
];
timerConfig = null;
repository = "/mnt/sgbk/restic";
passwordFile = config.age.secrets.restic_sgbk_pwd.path;
inherit pruneOpts;
};
"two-to-four" = {
paths = [ "/mnt/two" ];
timerConfig = null;
repository = "/mnt/four/restic";
passwordFile = config.age.secrets.restic_four_pwd.path;
exclude = [ "lost+found" ];
inherit pruneOpts;
};
};
"four" = {
paths = [
"/home/leana/Music"
"/home/leana/Documents"
"/home/leana/Calibre"
"/home/leana/Images"
];
repository = "/mnt/four/restic";
passwordFile = config.age.secrets.restic_four_pwd.path;
timerConfig = null;
inherit pruneOpts;
};
"sgbk" = {
paths = [
"/home/leana/Music"
"/home/leana/Documents"
"/home/leana/Calibre"
"/home/leana/Images"
];
timerConfig = null;
repository = "/mnt/sgbk/restic";
passwordFile = config.age.secrets.restic_sgbk_pwd.path;
inherit pruneOpts;
};
"two-to-four" = {
paths = ["/mnt/two"];
timerConfig = null;
repository = "/mnt/four/restic";
passwordFile = config.age.secrets.restic_four_pwd.path;
exclude = ["lost+found"];
inherit pruneOpts;
};
};
systemd.services = {
# TODO:
# Wait for upstream to introduce direct access to unitConfig
# c.f. https://github.com/NixOS/nixpkgs/pull/368234
"restic-backups-four" = {
requires = ["mnt-four.mount"];
after = ["mnt-four.mount"];
unitConfig.PropagatesStopTo = ["mnt-four.mount"];
requires = [ "mnt-four.mount" ];
after = [ "mnt-four.mount" ];
unitConfig.PropagatesStopTo = [ "mnt-four.mount" ];
};
"restic-backups-sgbk" = {
requires = ["mnt-sgbk.mount"];
after = ["mnt-sgbk.mount"];
unitConfig.PropagatesStopTo = ["mnt-sgbk.mount"];
requires = [ "mnt-sgbk.mount" ];
after = [ "mnt-sgbk.mount" ];
unitConfig.PropagatesStopTo = [ "mnt-sgbk.mount" ];
};
"restic-backups-two-to-four" = {

34
nix/configurations/vanadium/nixos/unfree-predicate.nix
View file

@ -1,27 +1,29 @@
{lib, ...}: {
{ lib, ... }:
{
nixpkgs.config.allowUnfreePredicate = lib.mkDefault (
pkg: let
pkg:
let
name = lib.getName pkg;
in
builtins.elem name [
"languagetool"
builtins.elem name [
"languagetool"
"vscode"
"code"
"vscode"
"code"
"tampermonkey"
"tampermonkey"
"aseprite"
"aseprite"
"posy-cursors"
"posy-cursors"
"discord"
]
|| builtins.any (lib.flip lib.hasInfix name) [
# Scanner
"brscan5"
"discord"
]
|| builtins.any (lib.flip lib.hasInfix name) [
# Scanner
"brscan5"
"steam"
]
"steam"
]
);
}

126
nix/configurations/vanadium/overlay.nix
View file

@ -9,73 +9,75 @@ let
infuse = lib.flip infuse-lib.v1.infuse;
in
# Why shouldn't I go crazy with overlays?
final:
infuse {
cmus.__input.alsaSupport = _: false;
# Why shouldn't I go crazy with overlays?
final:
infuse {
cmus.__input.alsaSupport = _: false;
fish.__input.usePython = _: false;
fish.__input.usePython = _: false;
tmux.__input.withSixel = _: false;
tmux.__input.withSixel = _: false;
vlc.__input.chromecastSupport = _: false;
vlc.__input.waylandSupport = _: false;
vlc.__input.chromecastSupport = _: false;
vlc.__input.waylandSupport = _: false;
# I don't really use helix, but it's nice to have the W alias just in case
helix.__output.patches.__append = [
./patches/helix/W-as-write.patch
];
# I don't really use helix, but it's nice to have the W alias just in case
helix.__output.patches.__append = [
./patches/helix/W-as-write.patch
];
# Too loud
alejandra.__output.patches.__append = [
./patches/alejandra/no-ads.patch
];
alejandra.__output.doCheck = _: false;
# Too loud
alejandra.__output.patches.__append = [
./patches/alejandra/no-ads.patch
];
alejandra.__output.doCheck = _: false;
# TODO:
# pinned branch of https://github.com/astrand/xclip/tree/xerror
# use this until #43 gets resolved properly
xclip.__output.src = _:
final.fetchFromGitHub {
owner = "astrand";
repo = "xclip";
rev = "2c3b811002b35d3be7f39cc1145dd06bdb32e31c";
hash = "sha256-hHbq97GTKiRw8LZa/LY4LUOFOd/5H4+S+NR0BJfcu6M=";
};
# TODO:
# pinned branch of https://github.com/astrand/xclip/tree/xerror
# use this until #43 gets resolved properly
xclip.__output.src =
_:
final.fetchFromGitHub {
owner = "astrand";
repo = "xclip";
rev = "2c3b811002b35d3be7f39cc1145dd06bdb32e31c";
hash = "sha256-hHbq97GTKiRw8LZa/LY4LUOFOd/5H4+S+NR0BJfcu6M=";
};
fcitx5.__output.cmakeFlags.__append = [
(lib.cmakeFeature "ENABLE_EMOJI" "Off")
(lib.cmakeFeature "ENABLE_WAYLAND" "Off")
];
fcitx5.__output.patches.__append = [
./patches/fcitx5/disable-clipboard.patch
./patches/fcitx5/disable-quickphrase.patch
./patches/fcitx5/disable-unicode.patch
];
fcitx5-chinese-addons.__output.cmakeFlags.__append = [
(lib.cmakeFeature "ENABLE_BROWSER" "Off")
(lib.cmakeFeature "ENABLE_CLOUDPINYIN" "Off")
(lib.cmakeFeature "ENABLE_DATA" "Off")
];
fcitx5-chinese-addons.__output.patches.__append = [
./patches/fcitx5-chinese-addons/disable-chttrans.patch
./patches/fcitx5-chinese-addons/disable-fullwidth.patch
# Note: disabling pinyin helper breaks canjie
];
fcitx5.__output.cmakeFlags.__append = [
(lib.cmakeFeature "ENABLE_EMOJI" "Off")
(lib.cmakeFeature "ENABLE_WAYLAND" "Off")
];
fcitx5.__output.patches.__append = [
./patches/fcitx5/disable-clipboard.patch
./patches/fcitx5/disable-quickphrase.patch
./patches/fcitx5/disable-unicode.patch
];
fcitx5-chinese-addons.__output.cmakeFlags.__append = [
(lib.cmakeFeature "ENABLE_BROWSER" "Off")
(lib.cmakeFeature "ENABLE_CLOUDPINYIN" "Off")
(lib.cmakeFeature "ENABLE_DATA" "Off")
];
fcitx5-chinese-addons.__output.patches.__append = [
./patches/fcitx5-chinese-addons/disable-chttrans.patch
./patches/fcitx5-chinese-addons/disable-fullwidth.patch
# Note: disabling pinyin helper breaks canjie
];
# Security, Xorg vuln
# Backport has failed in upstream currently <https://github.com/NixOS/nixpkgs/pull/457804>,
# might as well patch it while people are blogging about it <https://github.com/Xe/site/pull/1062>
# Upstream talks about it here https://lists.x.org/archives/xorg-announce/2025-October/003635.html
xorg.xorgserver.__output.version = oldVersion: let
version = "21.1.20";
in
if oldVersion == version
then throw "This patch has been merged upstream"
else version;
xorg.xorgserver.__output.src = _:
final.fetchurl {
url = "mirror://xorg/individual/xserver/xorg-server-21.1.20.tar.xz";
sha256 = "sha256-dpW8YYJLOoG2utL3iwVADKAVAD3kAtGzIhFxBbcC6Tc=";
};
}
# Security, Xorg vuln
# Backport has failed in upstream currently <https://github.com/NixOS/nixpkgs/pull/457804>,
# might as well patch it while people are blogging about it <https://github.com/Xe/site/pull/1062>
# Upstream talks about it here https://lists.x.org/archives/xorg-announce/2025-October/003635.html
xorg.xorgserver.__output.version =
oldVersion:
let
version = "21.1.20";
in
if oldVersion == version then throw "This patch has been merged upstream" else version;
xorg.xorgserver.__output.src =
_:
final.fetchurl {
url = "mirror://xorg/individual/xserver/xorg-server-21.1.20.tar.xz";
sha256 = "sha256-dpW8YYJLOoG2utL3iwVADKAVAD3kAtGzIhFxBbcC6Tc=";
};
}

93
nix/devShells/flora.nix
View file

@ -4,56 +4,65 @@
let
sources = import ../../npins;
in
{pkgs ? import sources.pin-florashell {}}:
pkgs.mkShell (let
libs = with pkgs; [
zlib
libpq
libsodium
];
{
pkgs ? import sources.pin-florashell { },
}:
pkgs.mkShell (
let
libs = with pkgs; [
zlib
libpq
libsodium
];
hlib = pkgs.haskell.lib;
hlib = pkgs.haskell.lib;
callHackage = {
callHackage =
{
name,
version,
}: let
pkg = pkgs.haskell.packages.ghc910.callHackage name version {};
}:
let
pkg = pkgs.haskell.packages.ghc910.callHackage name version { };
in
hlib.dontCheck (hlib.doJailbreak pkg);
in {
name = "flora";
packages = with pkgs; let
hlib.dontCheck (hlib.doJailbreak pkg);
in
{
name = "flora";
packages =
with pkgs;
let
haskellPackages = haskell.packages.ghc910;
in
# These don't build directly and need to be pinned
map callHackage [
{
name = "fourmolu";
version = "0.17.0.0";
}
{
name = "postgresql-migration";
version = "0.2.1.8";
}
]
++ [
haskellPackages.ghcid
haskellPackages.cabal-fmt
haskellPackages.cabal-install
haskellPackages.ghc
haskellPackages.haskell-language-server
# These don't build directly and need to be pinned
map callHackage [
{
name = "fourmolu";
version = "0.17.0.0";
}
{
name = "postgresql-migration";
version = "0.2.1.8";
}
]
++ [
haskellPackages.ghcid
haskellPackages.cabal-fmt
haskellPackages.cabal-install
haskellPackages.ghc
haskellPackages.haskell-language-server
postgresql_14
postgresqlTestHook
postgresql_14
postgresqlTestHook
yarn
yarn
pkg-config
esbuild
changelog-d
]
++ libs;
pkg-config
esbuild
changelog-d
]
++ libs;
LD_LIBRARY_PATH = pkgs.lib.makeLibraryPath libs;
})
LD_LIBRARY_PATH = pkgs.lib.makeLibraryPath libs;
}
)

34
nix/devShells/forgejo.nix
View file

@ -1,20 +1,26 @@
{pkgs ? import <nixpkgs> {}}: let
{
pkgs ? import <nixpkgs> { },
}:
let
inherit (pkgs) lib;
in
pkgs.mkShell {
name = "forgejo";
packages = with pkgs; [
gnumake
pkgs.mkShell {
name = "forgejo";
packages = with pkgs; [
gnumake
go
golangci-lint
gofumpt
go
golangci-lint
gofumpt
nodejs
nodePackages.npm
];
nodejs
nodePackages.npm
];
LD_LIBRARY_PATH = lib.makeLibraryPath (with pkgs; [
LD_LIBRARY_PATH = lib.makeLibraryPath (
with pkgs;
[
libuuid
]);
}
]
);
}

4
nix/devShells/haddock2.nix
View file

@ -1,4 +1,6 @@
{pkgs ? import <nixpkgs> {}}:
{
pkgs ? import <nixpkgs> { },
}:
pkgs.mkShell rec {
name = "haddock2";

86
nix/devShells/masna3.nix
View file

@ -1,53 +1,59 @@
let
sources = import ../../npins;
in
{pkgs ? import sources.pin-masna3shell {}}:
pkgs.mkShell (let
libs = with pkgs; [
zlib
libpq
libsodium
];
{
pkgs ? import sources.pin-masna3shell { },
}:
pkgs.mkShell (
let
libs = with pkgs; [
zlib
libpq
libsodium
];
hlib = pkgs.haskell.lib;
hlib = pkgs.haskell.lib;
callHackage = {
callHackage =
{
name,
version,
haskellPackages ? pkgs.haskellPackages,
}: let
pkg = haskellPackages.callHackage name version {};
}:
let
pkg = haskellPackages.callHackage name version { };
in
hlib.dontCheck (hlib.doJailbreak pkg);
hlib.dontCheck (hlib.doJailbreak pkg);
haskellPackages = pkgs.haskell.packages.ghc910;
in {
name = "masna3";
packages =
[
pkgs.haskell.packages.ghc9102.ghc
pkgs.haskell.packages.ghc9102.haskell-language-server
haskellPackages = pkgs.haskell.packages.ghc910;
in
{
name = "masna3";
packages = [
pkgs.haskell.packages.ghc9102.ghc
pkgs.haskell.packages.ghc9102.haskell-language-server
haskellPackages.cabal-install
haskellPackages.postgresql-migration
(callHackage {
name = "fourmolu";
version = "0.18.0.0";
haskellPackages = pkgs.haskell.packages.ghc912;
})
(callHackage {
name = "hlint";
version = "3.10";
haskellPackages = pkgs.haskell.packages.ghc912;
})
pkgs.haskell.packages.ghc98.apply-refact
haskellPackages.ghc-tags
haskellPackages.cabal-gild
haskellPackages.cabal-install
haskellPackages.postgresql-migration
(callHackage {
name = "fourmolu";
version = "0.18.0.0";
haskellPackages = pkgs.haskell.packages.ghc912;
})
(callHackage {
name = "hlint";
version = "3.10";
haskellPackages = pkgs.haskell.packages.ghc912;
})
pkgs.haskell.packages.ghc98.apply-refact
haskellPackages.ghc-tags
haskellPackages.cabal-gild
pkgs.gnumake
pkgs.pkg-config
]
++ libs;
pkgs.gnumake
pkgs.pkg-config
]
++ libs;
LD_LIBRARY_PATH = pkgs.lib.makeLibraryPath libs;
})
LD_LIBRARY_PATH = pkgs.lib.makeLibraryPath libs;
}
)

57
nix/devShells/necro-man.nix
View file

@ -1,37 +1,40 @@
let
sources = import ../../npins;
in
{pkgs ? import sources.pin-necro-man-nixpkgs {}}: let
shell = {
{
pkgs ? import sources.pin-necro-man-nixpkgs { },
}:
let
shell =
{
mkShell,
#
pkgs,
python310Packages,
texlive,
}:
mkShell {
name = "necro-manual";
packages = [
pkgs.emacs
python310Packages.pygments
mkShell {
name = "necro-manual";
packages = [
pkgs.emacs
python310Packages.pygments
(texlive.combine {
inherit
(texlive)
scheme-medium
#
wrapfig
capt-of
minted
upquote
todonotes
fvextra
catchfile
xstring
framed
;
})
];
};
in
pkgs.callPackage shell {}
(texlive.combine {
inherit (texlive)
scheme-medium
#
wrapfig
capt-of
minted
upquote
todonotes
fvextra
catchfile
xstring
framed
;
})
];
};
in
pkgs.callPackage shell { }

24
nix/devShells/vim-tw.nix
View file

@ -1,14 +1,16 @@
let
sources = import ../../npins;
in
{pkgs ? import sources.pin-vim-tw {}}:
pkgs.mkShell {
name = "vim-tw";
packages = with pkgs; [
haskellPackages.cabal-fmt
haskellPackages.cabal-install
haskellPackages.ghc
haskellPackages.haskell-language-server
haskellPackages.retrie
];
}
{
pkgs ? import sources.pin-vim-tw { },
}:
pkgs.mkShell {
name = "vim-tw";
packages = with pkgs; [
haskellPackages.cabal-fmt
haskellPackages.cabal-install
haskellPackages.ghc
haskellPackages.haskell-language-server
haskellPackages.retrie
];
}

37
nix/disko/hetzner_benchmark/ext4.nix Normal file
View file

@ -0,0 +1,37 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme1n1";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02";
priority = 1;
};
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

93
nix/disko/hetzner_benchmark/raid.nix Normal file
View file

@ -0,0 +1,93 @@
# I can't get this working for now :(
# Only nvme1n1 is detected in the installer environment
{
disko.devices = {
disk = {
one = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
BOOT = {
size = "1M";
type = "EF02"; # for grub MBR
};
ESP = {
size = "500M";
type = "EF00";
content = {
type = "mdraid";
name = "boot";
};
};
mdadm = {
size = "100%";
content = {
type = "mdraid";
name = "raid1";
};
};
};
};
};
two = {
type = "disk";
device = "/dev/nvme1n1";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
ESP = {
size = "500M";
type = "EF00";
content = {
type = "mdraid";
name = "boot";
};
};
mdadm = {
size = "100%";
content = {
type = "mdraid";
name = "raid1";
};
};
};
};
};
};
mdadm = {
boot = {
type = "mdadm";
level = 1;
metadata = "1.0";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
raid1 = {
type = "mdadm";
level = 1;
content = {
type = "gpt";
partitions.primary = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
}

11
nix/disko/tungsten/btrfs.nix
View file

@ -14,7 +14,7 @@
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
mountOptions = [ "umask=0077" ];
};
};
@ -24,7 +24,7 @@
content = {
type = "luks";
name = "crypted";
extraOpenArgs = [];
extraOpenArgs = [ ];
settings.allowDiscards = true;
content = {
type = "lvm_pv";
@ -74,12 +74,15 @@
};
"/home" = {
mountOptions = ["compress=zstd"];
mountOptions = [ "compress=zstd" ];
mountpoint = "/home";
};
"/nix" = {
mountOptions = ["compress=zstd" "noatime"];
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};

8
nix/disko/tungsten/default.nix
View file

@ -18,7 +18,7 @@
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
mountOptions = [ "umask=0077" ];
};
};
luks = {
@ -26,7 +26,7 @@
content = {
type = "luks";
name = "crypted";
extraOpenArgs = [];
extraOpenArgs = [ ];
settings = {
allowDiscards = true;
};
@ -50,7 +50,7 @@
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = ["defaults"];
mountOptions = [ "defaults" ];
};
};
nix = {
@ -59,7 +59,7 @@
type = "filesystem";
format = "ext4";
mountpoint = "/nix";
mountOptions = ["noatime"];
mountOptions = [ "noatime" ];
};
};
swap = {

13
nix/disko/vanadium/btrfs.nix
View file

@ -14,7 +14,7 @@
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
mountOptions = [ "umask=0077" ];
};
};
@ -24,7 +24,7 @@
content = {
type = "luks";
name = "crypted";
extraOpenArgs = [];
extraOpenArgs = [ ];
settings.allowDiscards = true;
content = {
type = "lvm_pv";
@ -70,17 +70,20 @@
subvolumes = {
"/root" = {
mountOptions = ["noatime"];
mountOptions = [ "noatime" ];
mountpoint = "/";
};
"/home" = {
mountOptions = ["noatime"];
mountOptions = [ "noatime" ];
mountpoint = "/home";
};
"/nix" = {
mountOptions = ["compress=zstd" "noatime"];
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};

8
nix/disko/vanadium/default.nix
View file

@ -15,7 +15,7 @@
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
mountOptions = [ "umask=0077" ];
};
};
luks = {
@ -23,7 +23,7 @@
content = {
type = "luks";
name = "crypted";
extraOpenArgs = [];
extraOpenArgs = [ ];
settings = {
allowDiscards = true;
};
@ -47,7 +47,7 @@
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = ["defaults"];
mountOptions = [ "defaults" ];
};
};
nix = {
@ -56,7 +56,7 @@
type = "filesystem";
format = "ext4";
mountpoint = "/nix";
mountOptions = ["noatime"];
mountOptions = [ "noatime" ];
};
};
swap = {

30
nix/git-identities/git-compat.nix
View file

@ -1,14 +1,20 @@
let
hasconfigRemoteCondition = {
# Custom arguments
url,
path ? "*/**",
...
} @ cfg: let
cfg' = builtins.removeAttrs cfg ["url" "path"];
in [
(cfg' // {condition = "hasconfig:remote.*.url:git@${url}:${path}";})
(cfg' // {condition = "hasconfig:remote.*.url:https://${url}/${path}";})
];
hasconfigRemoteCondition =
{
# Custom arguments
url,
path ? "*/**",
...
}@cfg:
let
cfg' = builtins.removeAttrs cfg [
"url"
"path"
];
in
[
(cfg' // { condition = "hasconfig:remote.*.url:git@${url}:${path}"; })
(cfg' // { condition = "hasconfig:remote.*.url:https://${url}/${path}"; })
];
in
builtins.concatMap hasconfigRemoteCondition
builtins.concatMap hasconfigRemoteCondition

3
nix/git-identities/list.nix
View file

@ -16,7 +16,8 @@ let
blameIgnore = {
blame.ignoreRevsFile = ".git-blame-ignore-revs";
};
in [
in
[
# Univ stuff
{
url = "gitlab.istic.univ-rennes1.fr";

2
nix/homeModules/common/atuin.nix
View file

@ -1,6 +1,6 @@
{
programs.atuin = {
flags = ["--disable-up-arrow"];
flags = [ "--disable-up-arrow" ];
settings = {
history_filter = [
# privacy

3
nix/homeModules/common/btop/default.nix
View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
programs.btop = {
settings.color_theme = "${config.programs.btop.package}/share/btop/themes/onedark.theme";
extraConfig = builtins.readFile ./btop.conf;

82
nix/homeModules/common/cmus/default.nix
View file

@ -2,49 +2,51 @@
pkgs,
lib,
...
}: {
programs.cmus.extraConfig = let
# dispatch to multiple callbacks
callback-script = pkgs.writeShellApplication {
name = "cmus-callback-script";
runtimeInputs = [
pkgs.cmusfm
pkgs.libnotify
];
text = ''
# All keys contain only chars a-z. Values are UTF-8 strings.
#
# Keys: status file url artist album discnumber tracknumber title date
# - status (stopped, playing, paused) is always given
# - file or url is given only if track is 'loaded' in cmus
# - other keys/values are given only if they are available
}:
{
programs.cmus.extraConfig =
let
# dispatch to multiple callbacks
callback-script = pkgs.writeShellApplication {
name = "cmus-callback-script";
runtimeInputs = [
pkgs.cmusfm
pkgs.libnotify
];
text = ''
# All keys contain only chars a-z. Values are UTF-8 strings.
#
# Keys: status file url artist album discnumber tracknumber title date
# - status (stopped, playing, paused) is always given
# - file or url is given only if track is 'loaded' in cmus
# - other keys/values are given only if they are available
# Use a map so that we can redirect all the args to cmusfm
argv=("$@")
declare -A map
while [ $# -gt 0 ]; do
map["$1"]="$2"
shift
shift
done
# Use a map so that we can redirect all the args to cmusfm
argv=("$@")
declare -A map
while [ $# -gt 0 ]; do
map["$1"]="$2"
shift
shift
done
# Setup pretty symbols
case ''${map[status]} in
paused)
SYMB=""
;;
playing)
SYMB=""
;;
esac
# Setup pretty symbols
case ''${map[status]} in
paused)
SYMB=""
;;
playing)
SYMB=""
;;
esac
notify-send \
"$SYMB ''${map[title]}" \
"''${map[artist]} / ''${map[album]}"
cmusfm "''${argv[@]}"
'';
};
in
notify-send \
"$SYMB ''${map[title]}" \
"''${map[artist]} / ''${map[album]}"
cmusfm "''${argv[@]}"
'';
};
in
builtins.readFile ./rc
+ lib.optionalString pkgs.stdenv.isLinux ''
set status_display_program=${lib.getExe callback-script}

3
nix/homeModules/common/direnv.nix
View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
programs.direnv = {
nix-direnv.enable = true;
config = {

6
nix/homeModules/common/fcitx5/default.nix
View file

@ -3,9 +3,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.i18n.inputMethod;
in {
in
{
i18n.inputMethod = {
fcitx5.addons = [
pkgs.fcitx5-chinese-addons

64
nix/homeModules/common/firefox.nix
View file

@ -3,11 +3,13 @@
config,
lib,
...
}: let
}:
let
inherit (pkgs) nur;
cfg = config.programs.firefox;
in {
in
{
programs.firefox = {
# https://mozilla.github.io/policy-templates
# The following have more complex logic, keep them as policies and not profiles
@ -19,7 +21,31 @@ in {
];
SearchEngines = {
Remove = ["Bing" "DuckDuckGo" "Qwant" "eBay" "Perplexity"];
Remove = [
"Google"
"Bing"
"DuckDuckGo"
"Qwant"
"eBay"
"Perplexity"
];
Default = "leta";
Add = [
{
Name = "leta";
Alias = "@lt";
IconURL = "https://leta.mullvad.net/favicon.ico";
URLTemplate = "https://leta.mullvad.net/search?q={searchTerms}&engine=brave";
SuggestURLTemplate = "https://suggestqueries.google.com/complete/search?q={searchTerms}";
}
{
Name = "leta";
Alias = "@ltfr";
IconURL = "https://leta.mullvad.net/favicon.ico";
URLTemplate = "https://leta.mullvad.net/search?q={searchTerms}&engine=brave&language=fr";
SuggestURLTemplate = "https://suggestqueries.google.com/complete/search?q={searchTerms}";
}
];
};
NoDefaultBookmarks = true;
DisplayMenuBar = "never";
@ -85,23 +111,25 @@ in {
"media.peerconnection.enabled" = false;
};
extensions.packages = let
addons = nur.repos.rycee.firefox-addons;
in [
addons.ublock-origin
addons.privacy-badger
addons.user-agent-string-switcher
extensions.packages =
let
addons = nur.repos.rycee.firefox-addons;
in
[
addons.ublock-origin
addons.privacy-badger
addons.user-agent-string-switcher
/*
Here's to you who want to remove news feed eradicator because you find it annoying:
It is here to annoy you so it is less likely for you to be on the agency inversion path.
DO NOT REMOVE IT. I repeat, DO NOT REMOVE IT.
/*
Here's to you who want to remove news feed eradicator because you find it annoying:
It is here to annoy you so it is less likely for you to be on the agency inversion path.
DO NOT REMOVE IT. I repeat, DO NOT REMOVE IT.
If you think it's annoying, go do some jump rope, sing, live.
*/
addons.news-feed-eradicator # did you read the comment above?
addons.multi-account-containers
];
If you think it's annoying, go do some jump rope, sing, live.
*/
addons.news-feed-eradicator # did you read the comment above?
addons.multi-account-containers
];
};
};

3
nix/homeModules/common/fish/aliasesAbbrs.nix
View file

@ -2,7 +2,8 @@
pkgs,
lib,
...
}: {
}:
{
programs.fish = {
shellAbbrs = lib.mkMerge [
(lib.mkIf pkgs.stdenv.isLinux {

13
nix/homeModules/common/fish/default.nix
View file

@ -2,7 +2,8 @@
lib,
pkgs,
...
}: {
}:
{
imports = [
./aliasesAbbrs.nix
];
@ -10,7 +11,7 @@
#
# Script dependencies
#
home.packages = [pkgs.vivid];
home.packages = [ pkgs.vivid ];
programs = {
fd.enable = true;
fzf.enable = true;
@ -24,11 +25,9 @@
#
# Scripts and functions
#
xdg.configFile =
lib.mapAttrs'
(path: _:
lib.nameValuePair "fish/functions/${path}" {source = "${./functions}/${path}";})
(builtins.readDir ./functions);
xdg.configFile = lib.mapAttrs' (
path: _: lib.nameValuePair "fish/functions/${path}" { source = "${./functions}/${path}"; }
) (builtins.readDir ./functions);
programs.fish = {
interactiveShellInit = builtins.readFile ./shellInit.fish;

15
nix/homeModules/common/git.nix
View file

@ -3,7 +3,8 @@
config,
pkgs,
...
}: {
}:
{
# git plugins
programs.git = {
lfs.enable = true;
@ -11,18 +12,18 @@
# known to fail on aarch64-linux
(lib.mkIf (pkgs.system == "aarch64-linux") (
# TODO: investigate this
lib.warn "patdiff has been forcibly disabled because it has previously failed to build"
lib.mkForce
false
lib.warn "patdiff has been forcibly disabled because it has previously failed to build" lib.mkForce
false
))
(lib.mkDefault true)
];
};
# 懶惰鬼賴皮
programs.lazygit = let
patdiffCfg = config.programs.git.patdiff;
in
programs.lazygit =
let
patdiffCfg = config.programs.git.patdiff;
in
lib.mkIf patdiffCfg.enable {
settings = {
git.paging.externalDiffCommand = "${lib.getExe' patdiffCfg.package "patdiff-git-wrapper"}";

34
nix/homeModules/common/gpg.nix
View file

@ -1,25 +1,27 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
services = {
gpg-agent.defaultCacheTtl = 1209600;
gpg-agent.pinentry.package = pkgs.pinentry-tty;
};
programs.gpg.publicKeys = let
fromUrl = {
url,
hash,
trust ? 5,
}: {
source = pkgs.fetchurl {inherit url hash;};
inherit trust;
};
programs.gpg.publicKeys =
let
fromUrl =
{
url,
hash,
trust ? 5,
}:
{
source = pkgs.fetchurl { inherit url hash; };
inherit trust;
};
github = {user, ...} @ args:
fromUrl (
builtins.removeAttrs args ["user"]
// {url = "https://github.com/${user}.gpg";}
);
in
github =
{ user, ... }@args:
fromUrl (builtins.removeAttrs args [ "user" ] // { url = "https://github.com/${user}.gpg"; });
in
map github [
# Do not depend on my own forgejo instance / self-host server to avoid a single point of failure
{

6
nix/homeModules/common/kitty.nix
View file

@ -3,9 +3,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.programs.kitty;
in {
in
{
config = lib.mkIf cfg.enable {
home.packages = [
pkgs.nerd-fonts.iosevka

6
nix/homeModules/common/lazygit.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.programs.lazygit;
in {
in
{
programs.tmux.extraConfig = lib.mkIf cfg.enable ''
bind g run-shell "tmux new-window ${lib.getExe cfg.package}"
'';

10
nix/homeModules/common/leana.nix
View file

@ -3,12 +3,14 @@
lib,
config,
...
}: {
}:
{
home = {
username = lib.mkDefault "leana";
homeDirectory = let
inherit (config.home) username;
in
homeDirectory =
let
inherit (config.home) username;
in
lib.mkMerge [
(lib.mkIf pkgs.stdenv.isLinux ("/home/" + username))
(lib.mkIf pkgs.stdenv.isDarwin ("/Users/" + username))

3
nix/homeModules/common/locale.nix
View file

@ -2,7 +2,8 @@
nixosConfig ? null,
lib,
...
}: {
}:
{
home.language = {
base = lib.mkDefault nixosConfig.i18n.defaultLocale or "en_US.UTF-8";
};

26
nix/homeModules/common/packages.nix
View file

@ -2,21 +2,21 @@
pkgs,
lib,
...
}: {
}:
{
programs = {
vim.enable = true;
};
home.packages =
[
pkgs.file
pkgs.gnused
pkgs.tree
pkgs.findutils # xargs and more
pkgs.rsync
pkgs.parallel
pkgs.jq
]
# coreutils for darwin
++ lib.optional pkgs.stdenv.isDarwin pkgs.uutils-coreutils-noprefix;
home.packages = [
pkgs.file
pkgs.gnused
pkgs.tree
pkgs.findutils # xargs and more
pkgs.rsync
pkgs.parallel
pkgs.jq
]
# coreutils for darwin
++ lib.optional pkgs.stdenv.isDarwin pkgs.uutils-coreutils-noprefix;
}

6
nix/homeModules/common/password-store.nix
View file

@ -3,9 +3,11 @@
pkgs,
lib,
...
}: let
}:
let
cfg = config.programs.password-store;
in {
in
{
home.packages = lib.mkIf cfg.enable [
pkgs.pwgen
pkgs.diceware

12
nix/homeModules/common/sioyek.nix
View file

@ -2,7 +2,8 @@
config,
lib,
...
}: {
}:
{
programs.sioyek = {
bindings = {
"move_up" = "k";
@ -17,8 +18,11 @@
"u"
"<C-u>"
];
"toggle_two_page_mode" = ["T"];
"goto_mark" = ["`" "'"];
"toggle_two_page_mode" = [ "T" ];
"goto_mark" = [
"`"
"'"
];
};
config.should_launch_new_window = "1";
@ -27,7 +31,7 @@
xdg.mimeApps = lib.mkIf config.programs.sioyek.enable {
enable = true;
defaultApplications = {
"application/pdf" = ["sioyek.desktop"];
"application/pdf" = [ "sioyek.desktop" ];
};
};
}

6
nix/homeModules/common/starship/default.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.programs.starship;
in {
in
{
xdg.configFile = lib.mkIf cfg.enable {
"starship.toml".source = "${./starship.toml}";
};

3
nix/homeModules/common/tmux/default.nix
View file

@ -2,7 +2,8 @@
pkgs,
lib,
...
}: {
}:
{
programs.tmux.extraConfig =
builtins.readFile ./tmux.conf
+ lib.optionalString pkgs.stdenv.isDarwin ''

3
nix/homeModules/common/user-nixconf.nix
View file

@ -3,7 +3,8 @@
lib,
pkgs,
...
}: {
}:
{
nix = {
package = lib.mkDefault (nixosConfig.nix.package or pkgs.nix);

45
nix/homeModules/common/vim/default.nix
View file

@ -1,27 +1,30 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.vim = {
extraConfig = builtins.readFile ./vimrc;
plugins = let
vpkgs = pkgs.vimPlugins;
plugins =
let
vpkgs = pkgs.vimPlugins;
paramount = pkgs.vimUtils.buildVimPlugin {
name = "paramount";
src = pkgs.fetchFromGitHub {
owner = "owickstrom";
repo = "vim-colors-paramount";
rev = "a5601d36fb6932e8d1a6f8b37b179a99b1456798";
hash = "sha256-j9nMjKYK7bqrGHprYp0ddLEWs1CNMudxXD13sOROVmY=";
paramount = pkgs.vimUtils.buildVimPlugin {
name = "paramount";
src = pkgs.fetchFromGitHub {
owner = "owickstrom";
repo = "vim-colors-paramount";
rev = "a5601d36fb6932e8d1a6f8b37b179a99b1456798";
hash = "sha256-j9nMjKYK7bqrGHprYp0ddLEWs1CNMudxXD13sOROVmY=";
};
};
};
in [
vpkgs.vim-sleuth
vpkgs.vim-surround
vpkgs.vim-fugitive
vpkgs.vim-commentary
vpkgs.undotree
vpkgs.tabular
vpkgs.vim-caddyfile
paramount
];
in
[
vpkgs.vim-sleuth
vpkgs.vim-surround
vpkgs.vim-fugitive
vpkgs.vim-commentary
vpkgs.undotree
vpkgs.tabular
vpkgs.vim-caddyfile
paramount
];
};
}

5
nix/homeModules/common/wired/default.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: {
home.packages = [pkgs.iosevka];
{ pkgs, ... }:
{
home.packages = [ pkgs.iosevka ];
services.wired = {
config = "${./wired.ron}";
};

7
nix/homeModules/extra/tmux-fish-integration.nix
View file

@ -4,7 +4,8 @@
lib,
config,
...
}: {
}:
{
assertions = [
{
assertion = config.programs.fish.enable;
@ -22,7 +23,9 @@
WORKTREE_PATH = "wt";
};
programs.direnv.config.whitelist.prefix = [(config.home.sessionVariables.REPO_PATH + "/leana8959")];
programs.direnv.config.whitelist.prefix = [
(config.home.sessionVariables.REPO_PATH + "/leana8959")
];
programs.tmux.extraConfig = lib.mkBefore ''
# sessionizer binds
bind -n C-f run-shell "tmux new-window tmux-sessionizer"

45
nix/lib/mkNerdFont.nix
View file

@ -3,19 +3,20 @@
nerd-font-patcher,
parallel,
stdenvNoCC,
}: {
}:
{
font,
extraArgs ? [],
extraArgs ? [ ],
useDefaultsArgs ? true,
}:
stdenvNoCC.mkDerivation {
/*
Credits:
https://github.com/NixOS/nixpkgs/issues/44329#issuecomment-1231189572
https://github.com/NixOS/nixpkgs/issues/44329#issuecomment-1544597422
Credits:
https://github.com/NixOS/nixpkgs/issues/44329#issuecomment-1231189572
https://github.com/NixOS/nixpkgs/issues/44329#issuecomment-1544597422
long font names is not problematic:
https://github.com/ryanoasis/nerd-fonts/issues/1018#issuecomment-1953555781
long font names is not problematic:
https://github.com/ryanoasis/nerd-fonts/issues/1018#issuecomment-1953555781
*/
name = "${font.name}-NerdFont";
src = font;
@ -24,20 +25,22 @@ stdenvNoCC.mkDerivation {
parallel
];
buildPhase = let
args =
lib.optionals useDefaultsArgs [
"--careful"
"--complete"
"--quiet"
"--no-progressbars"
]
++ extraArgs;
in ''
mkdir -p nerd-font
find \( -name \*.ttf -o -name \*.otf \) | parallel --jobs=$NIX_BUILD_CORES nerd-font-patcher {} \
--outputdir nerd-font ${builtins.concatStringsSep " " args}
'';
buildPhase =
let
args =
lib.optionals useDefaultsArgs [
"--careful"
"--complete"
"--quiet"
"--no-progressbars"
]
++ extraArgs;
in
''
mkdir -p nerd-font
find \( -name \*.ttf -o -name \*.otf \) | parallel --jobs=$NIX_BUILD_CORES nerd-font-patcher {} \
--outputdir nerd-font ${builtins.concatStringsSep " " args}
'';
installPhase = ''
exists() { [ -e "$1" ]; }

19
nix/networks/list.nix
View file

@ -2,7 +2,8 @@ let
preferredPriority = 20;
privatePriority = 10;
limitedPriority = -10;
in [
in
[
{
ssid = "~";
priority = preferredPriority;
@ -36,7 +37,7 @@ in [
priority = privatePriority;
scanOnLowSignal = true;
authProtocols = ["WPA-EAP"];
authProtocols = [ "WPA-EAP" ];
auth = ''
pairwise=CCMP
group=CCMP TKIP
@ -81,13 +82,13 @@ in [
randomizeMac = true;
}
{ssid = "_SNCF_WIFI_INOUI";}
{ssid = "_WIFI_LYRIA";}
{ssid = "EurostarTrainsWiFi";}
{ssid = "SBB-FREE";}
{ssid = "AOT Airport Free Wi-Fi by NT";}
{ssid = "NewTaipei";}
{ssid = "Fami-WiFi";}
{ ssid = "_SNCF_WIFI_INOUI"; }
{ ssid = "_WIFI_LYRIA"; }
{ ssid = "EurostarTrainsWiFi"; }
{ ssid = "SBB-FREE"; }
{ ssid = "AOT Airport Free Wi-Fi by NT"; }
{ ssid = "NewTaipei"; }
{ ssid = "Fami-WiFi"; }
{
ssid = "iPhone de Léana ";

61
nix/networks/wpa_supplicant-compat.nix
View file

@ -6,32 +6,39 @@ let
lib = import (sources.nixpkgs + "/lib");
# wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`.
escapePwdKey = lib.replaceStrings ["="] ["_"];
escapePwdKey = lib.replaceStrings [ "=" ] [ "_" ];
go = networkArgs @ {
ssid,
# Custom fields wrapping nixpkgs module options
hasPassword ? false,
scanOnLowSignal ? false,
randomizeMac ? false,
...
}: {
${ssid} = lib.mkMerge [
(builtins.removeAttrs networkArgs ["ssid" "hasPassword" "scanOnLowSignal" "randomizeMac"])
(lib.optionalAttrs hasPassword {
pskRaw = "ext:${escapePwdKey ssid}";
})
(lib.optionalAttrs scanOnLowSignal {
extraConfig = ''
bgscan="simple:30:-70:3600"
'';
})
(lib.optionalAttrs randomizeMac {
extraConfig = ''
mac_addr=1
'';
})
];
};
go =
networkArgs@{
ssid,
# Custom fields wrapping nixpkgs module options
hasPassword ? false,
scanOnLowSignal ? false,
randomizeMac ? false,
...
}:
{
${ssid} = lib.mkMerge [
(builtins.removeAttrs networkArgs [
"ssid"
"hasPassword"
"scanOnLowSignal"
"randomizeMac"
])
(lib.optionalAttrs hasPassword {
pskRaw = "ext:${escapePwdKey ssid}";
})
(lib.optionalAttrs scanOnLowSignal {
extraConfig = ''
bgscan="simple:30:-70:3600"
'';
})
(lib.optionalAttrs randomizeMac {
extraConfig = ''
mac_addr=1
'';
})
];
};
in
ns: lib.mkMerge (map go ns)
ns: lib.mkMerge (map go ns)

2
nix/nixosModules/common/disable-command-not-found.nix
View file

@ -1 +1 @@
{programs.command-not-found.enable = false;}
{ programs.command-not-found.enable = false; }

13
nix/nixosModules/common/fish.nix
View file

@ -5,15 +5,18 @@
config,
lib,
...
}: let
}:
let
fishNixOSEnabled = config.programs.fish.enable;
fishHMEnabled =
if config ? home-manager
then lib.any (userConfig: userConfig.programs.fish.enable) (lib.attrValues config.home-manager.users)
else false;
if config ? home-manager then
lib.any (userConfig: userConfig.programs.fish.enable) (lib.attrValues config.home-manager.users)
else
false;
fishEnabled = fishNixOSEnabled || fishHMEnabled;
in {
in
{
environment.pathsToLink = lib.mkIf fishEnabled [
"/share/fish/vendor_conf.d"
"/share/fish/vendor_completions.d"

3
nix/nixosModules/common/network.nix
View file

@ -1,4 +1,5 @@
{hostname, ...}: {
{ hostname, ... }:
{
networking.hostName = hostname;
services.openssh = {

7
nix/nixosModules/common/sudo-conf.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
security.sudo.enable = false;
environment.systemPackages = [
@ -18,8 +19,8 @@
# doas's docs says it searches in a "limited subset of PATH" if it's relative.
# I suspect that it doesn't search the PATH added ad-hoc by the nix-shell, also not a good solution.
# Also, for some reason, the rule won't match.
users = [":wheel"];
setEnv = ["PATH"];
users = [ ":wheel" ];
setEnv = [ "PATH" ];
}
];
};

3
nix/nixosModules/common/system-nixconf.nix
View file

@ -2,7 +2,8 @@
lib,
pkgs,
...
}: {
}:
{
nix = {
package = lib.mkDefault pkgs.nix;

43
nix/nixosModules/common/xscreensaver.nix
View file

@ -5,14 +5,16 @@
config,
lib,
...
}: let
}:
let
cfg = config.services.xscreensaver;
in {
in
{
options = {
services.xscreensaver.hooks = lib.mkOption {
type = with lib.types; attrsOf str;
description = "An attrset of events mapped a block of shell command to be run";
default = {};
default = { };
};
};
@ -20,26 +22,29 @@ in {
systemd.user.services = {
"xscreensaver-hooks" = {
description = "Run commands on xscreensaver events";
after = ["graphical-session.target" "xscreensaver.service"];
partOf = ["graphical-session.target"];
wantedBy = ["graphical-session.target"];
script = let
handlers =
lib.concatMapAttrsStringSep "\n" (event: action: ''
after = [
"graphical-session.target"
"xscreensaver.service"
];
partOf = [ "graphical-session.target" ];
wantedBy = [ "graphical-session.target" ];
script =
let
handlers = lib.concatMapAttrsStringSep "\n" (event: action: ''
"${event}")
( ${action}
)
;;
'')
cfg.hooks;
in ''
xscreensaver-command -watch | while read event rest; do
echo "The handler script got \"$event\""
case $event in
${handlers}
esac
done
'';
'') cfg.hooks;
in
''
xscreensaver-command -watch | while read event rest; do
echo "The handler script got \"$event\""
case $event in
${handlers}
esac
done
'';
path = [
cfg.package # contains xscreensaver-command
];

9
nix/nixosModules/extra/leana.nix
View file

@ -2,21 +2,22 @@
config,
pkgs,
...
}: {
}:
{
#
# My user
#
nix.settings.trusted-users = ["leana"];
nix.settings.trusted-users = [ "leana" ];
users.users."leana" = {
isNormalUser = true;
home = "/home/leana";
description = "Leana";
group = "leana";
extraGroups = ["wheel"];
extraGroups = [ "wheel" ];
shell = pkgs.bash;
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
};
users.groups.leana = {};
users.groups.leana = { };
#
# My nix binary cache

2
nix/nixosModules/extra/macbook-pro-radeon.nix
View file

@ -1,5 +1,5 @@
{
# This will temporarily disable the dedicated graphics and boot into the system.
# If your computer suffers from the GPU's death it won't boot unless you do this.
boot.kernelParams = ["radeon.modeset=0"];
boot.kernelParams = [ "radeon.modeset=0" ];
}

12
nix/nixosModules/extra/parrot.nix
View file

@ -3,10 +3,12 @@
lib,
config,
...
}: let
}:
let
cfg = config.services.parrot;
t = lib.types;
in {
in
{
options = {
services.parrot = {
enable = lib.mkEnableOption "parrot";
@ -23,12 +25,12 @@ in {
group = "parrot";
isSystemUser = true;
};
users.groups."parrot" = {};
users.groups."parrot" = { };
systemd.services."parrot" = {
description = " A hassle-free, highly performant, self-hosted Discord music bot with YouTube and Spotify support. Powered by yt-dlp.";
after = ["network.target"];
wantedBy = ["multi-user.target"];
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "parrot";

10
nix/nixosModules/extra/secure_dns.nix
View file

@ -1,7 +1,11 @@
# https://nixos.wiki/wiki/Encrypted_DNS
{pkgs, ...}: {
{ pkgs, ... }:
{
networking = {
nameservers = ["127.0.0.1" "::1"];
nameservers = [
"127.0.0.1"
"::1"
];
dhcpcd.extraConfig = "nohook resolv.conf";
# networkmanager.dns = "none";
};
@ -13,7 +17,7 @@
# Settings reference:
# https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml
settings = {
listen_addresses = ["127.0.0.1:53"];
listen_addresses = [ "127.0.0.1:53" ];
ipv4_servers = true;
require_dnssec = true;

14
nix/nixosModules/extra/typst-bot.nix
View file

@ -3,10 +3,12 @@
config,
lib,
...
}: let
}:
let
cfg = config.services.typst-bot;
t = lib.types;
in {
in
{
options = {
services.typst-bot = {
enable = lib.mkEnableOption "typst-bot";
@ -30,7 +32,7 @@ in {
isSystemUser = true;
home = cfg.dataDir;
};
users.groups."typst-bot" = {};
users.groups."typst-bot" = { };
systemd.tmpfiles.rules = [
"d ${cfg.dataDir}/cache 700 typst-bot typst-bot - -"
@ -39,15 +41,15 @@ in {
systemd.services."typst-bot" = {
description = "A discord bot to render Typst code";
after = ["network.target"];
wantedBy = ["multi-user.target"];
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
: >${cfg.dataDir}/sqlite/db.sqlite
'';
# Don't pollute the global path
path = [pkgs.typst-bot];
path = [ pkgs.typst-bot ];
script = "typst-bot";
serviceConfig = {

2
nix/nixosModules/extra/zram.nix
View file

@ -1 +1 @@
{zramSwap.enable = true;}
{ zramSwap.enable = true; }

8
nix/overlays/agenix.nix
View file

@ -1,7 +1,7 @@
let
sources = import ../../npins;
in
final: _: {
# Use flake so the package inputs is pinned
agenix = sources.agenix.asFlake.packages.${final.system}.default;
}
final: _: {
# Use flake so the package inputs is pinned
agenix = sources.agenix.asFlake.packages.${final.system}.default;
}

4
nix/overlays/calibre-no-mime.nix
View file

@ -2,8 +2,8 @@
final: prev: {
calibre = final.symlinkJoin {
name = "calibre";
paths = [prev.calibre];
buildInputs = [final.makeWrapper];
paths = [ prev.calibre ];
buildInputs = [ final.makeWrapper ];
postBuild = ''
rm -r $out/share/mime
'';

6
nix/overlays/disko.nix
View file

@ -1,6 +1,6 @@
let
sources = import ../../npins;
in
final: _: {
disko = sources.disko.asFlake.packages.${final.system}.default;
}
final: _: {
disko = sources.disko.asFlake.packages.${final.system}.default;
}

6
nix/overlays/dix.nix
View file

@ -1,6 +1,6 @@
let
sources = import ../../npins;
in
final: _: {
dix = sources.dix.asFlake.packages.${final.system}.default;
}
final: _: {
dix = sources.dix.asFlake.packages.${final.system}.default;
}

6
nix/overlays/eepy.nix
View file

@ -1,6 +1,6 @@
let
sources = import ../../npins;
in
final: _: {
eepy = sources.eepy.asFlake.packages.${final.system}.default;
}
final: _: {
eepy = sources.eepy.asFlake.packages.${final.system}.default;
}

26
nix/overlays/fcitx5-table-extra-taiwanese.nix
View file

@ -1,18 +1,14 @@
let
sources = import ../../npins;
in
final: prev: {
fcitx5-table-extra = prev.fcitx5-table-extra.overrideAttrs (oldAttrs: {
src = sources.fcitx5-table-extra;
nativeBuildInputs =
oldAttrs.nativeBuildInputs or []
++ [
final.python3
];
preConfigure =
oldAttrs.preConfigure or ""
+ ''
python3 ./generate.py
'';
});
}
final: prev: {
fcitx5-table-extra = prev.fcitx5-table-extra.overrideAttrs (oldAttrs: {
src = sources.fcitx5-table-extra;
nativeBuildInputs = oldAttrs.nativeBuildInputs or [ ] ++ [
final.python3
];
preConfigure = oldAttrs.preConfigure or "" + ''
python3 ./generate.py
'';
});
}

7
nix/overlays/iosevka.nix
View file

@ -1,7 +1,8 @@
final: prev: rec {
nerd-fonts = let
mkNerdFont = final.callPackage ../lib/mkNerdFont.nix {};
in
nerd-fonts =
let
mkNerdFont = final.callPackage ../lib/mkNerdFont.nix { };
in
prev.nerd-fonts
// {
iosevka = mkNerdFont {

29
nix/overlays/nil.nix
View file

@ -2,21 +2,18 @@
let
sources = import ../../npins;
in
final: _: {
nil = let
final: _: {
nil =
let
pkg = sources.nil.asFlake.packages.${final.system}.default;
in
pkg.overrideAttrs (
oldAttrs: {
patches =
oldAttrs.patches or []
++ [
(final.fetchpatch {
name = "fix-handling-inherit-and-patfield-in-inline-assist";
url = "https://github.com/oxalica/nil/pull/178.patch";
hash = "sha256-4f7DeWJtt63IyOjqlwzz0f05rv1NBYZO4JWEkFeDimk=";
})
];
}
);
}
pkg.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [
(final.fetchpatch {
name = "fix-handling-inherit-and-patfield-in-inline-assist";
url = "https://github.com/oxalica/nil/pull/178.patch";
hash = "sha256-4f7DeWJtt63IyOjqlwzz0f05rv1NBYZO4JWEkFeDimk=";
})
];
});
}

16
nix/overlays/nix-monitored.nix
View file

@ -1,12 +1,10 @@
let
sources = import ../../npins;
in
# The final nix is lix in this case
final: prev: {
nix-monitored =
sources.nix-monitored.asFlake.packages.${final.system}.default
.override {
inherit (final) nix;
withNotify = false; # noisy, spams "command completed" even for nix shells
};
}
# The final nix is lix in this case
final: prev: {
nix-monitored = sources.nix-monitored.asFlake.packages.${final.system}.default.override {
inherit (final) nix;
withNotify = false; # noisy, spams "command completed" even for nix shells
};
}

6
nix/overlays/nix-tree.nix
View file

@ -3,6 +3,6 @@
let
sources = import ../../npins;
in
final: _: {
nix-tree = (import sources.nix-tree).packages.${final.system}.default;
}
final: _: {
nix-tree = (import sources.nix-tree).packages.${final.system}.default;
}

2
nix/overlays/nur.nix
View file

@ -1,4 +1,4 @@
let
sources = import ../../npins;
in
sources.nur.asFlake.overlays.default
sources.nur.asFlake.overlays.default

Some files were not shown because too many files have changed in this diff Show more