dave/nix-config
1
0
Fork 0
mirror of https://github.com/davegallant/nix-config synced 2025-08-14 14:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: dave:main
Branches Tags
dave:main
..
compare: dave:ca57b0fd8d851749d085af6c96d1374d8046da97
Branches Tags
dave:main

1 Commits
main ... ca57b0fd8d

Author SHA1 Message Date
Dave Gallant
ca57b0fd8d Add android-studio 2024-01-14 16:57:20 -05:00
46 changed files with 1774 additions and 2315 deletions
Expand all files Collapse all files

3
.envrc Normal file
View File

@@ -0,0 +1,3 @@
if has nix-shell; then
use_nix
fi

4
.git-crypt/.gitattributes vendored Normal file
View File

@@ -0,0 +1,4 @@
# Do not edit this file. To specify the files to encrypt, create your own
# .gitattributes file in the directory where your files are.
* !filter !diff
*.gpg binary

BIN
.git-crypt/keys/default/0/A9C4B3F91586EC1B98A55175EA778DE0976D354B.gpg Normal file
View File

Binary file not shown.

1
.gitattributes vendored Normal file
View File

@@ -0,0 +1 @@
**/.aws/** filter=git-crypt diff=git-crypt

10
.github/dependabot.yml vendored Normal file
View File

@@ -0,0 +1,10 @@
version: 2
updates:
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
reviewers:
- davegallant
assignees:
- davegallant

4
.github/workflows/cachix.yml vendored
View File

@@ -15,10 +15,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v31
- uses: cachix/install-nix-action@v24
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v16
- uses: cachix/cachix-action@v14
with:
name: davegallant
authToken: '${{ secrets.CACHIX_API_KEY }}'

1
.gitignore vendored
View File

@@ -1,3 +1,4 @@
.pre-commit-config.yaml
.vscode
git-crypt-key
result

30
Makefile Normal file
View File

@@ -0,0 +1,30 @@
SHELL := bash
.SHELLFLAGS := -eu -o pipefail -c
.DELETE_ON_ERROR:
MAKEFLAGS += --warn-undefined-variables
MAKEFLAGS += --no-builtin-rules
HOSTNAME ?= $(shell hostname)
UNAME_S := $(shell uname -s)
export NIXPKGS_ALLOW_UNFREE := 1
ifeq ($(UNAME_S),Linux)
SWITCH_CMD := nixos-rebuild --use-remote-sudo -I nixos-config="modules/machines/$(HOSTNAME)/configuration.nix" switch --flake '.\#' \
--impure # Impure because of: https://discourse.nixos.org/t/vscode-remote-wsl-extension-works-on-nixos-without-patching-thanks-to-nix-ld/14615
endif
ifeq ($(UNAME_S),Darwin)
SWITCH_CMD := exec darwin-rebuild switch --flake .
endif
switch:
$(SWITCH_CMD)
rollback:
nixos-rebuild --use-remote-sudo switch --rollback -I nixos-config="modules/machines/$(HOSTNAME)/configuration.nix"
update:
nix flake update
fmt:
alejandra .

32
README.md
View File

@@ -1,20 +1,18 @@
# nix-config
This repo stores nix configuration to manage my hosts running [NixOS](https://nixos.org/) and macOS.
This repo stores nix to manage my machines running [NixOS](https://nixos.org/) and macOS.
The configuration is very specific to my own machines and setup, but it may be a useful reference for anyone else learning or experimenting with nix, whether it be on a personal workstation or a server environment.
## Prerequisites
## Setup
- [Determinate Nix](https://determinate.systems/nix-installer)
- [just](https://github.com/casey/just)
> on macOS: install the latest unstable nix from https://github.com/numtide/nix-unstable-installer (for nix flakes),
> and nix-darwin: https://github.com/LnL7/nix-darwin
## Build
To run a build/rebuild:
To run a rebuild:
```sh
just rebuild
make
```
## Update
@@ -22,7 +20,7 @@ just rebuild
To update nixpkgs defined in [flake.nix](./flake.nix), run:
```sh
just update
make update
```
If there are updates, they should be reflected in [flake.lock](./flake.lock).
@@ -32,17 +30,13 @@ If there are updates, they should be reflected in [flake.lock](./flake.lock).
To rollback to the previous generation:
```sh
just rollback
```
## Garbage collection
To cleanup previous files, run nix garbage collection:
```sh
just clean
make rollback
```
## Pre-commit hooks
Run `nix develop` to install the pre-commit hooks.
Pre-commit hooks are automatically activated when [direnv](https://github.com/direnv/direnv) is installed.
## Encryption
Overly sensitive configuration is encrypted with [git-crypt](https://www.agwa.name/projects/git-crypt/).

102
common-packages.nix
View File

@@ -1,102 +0,0 @@
{
pkgs,
unstable,
...
}:
{
environment.systemPackages = with pkgs; [
# essentials
curl
gnumake
gnupg
jq
unzip
xclip
xdg-utils
zip
# modern cli
atuin
bat
cd-fzf
doggo
eza
fd
github-cli
hadolint
pre-commit
progress
ripgrep
shellcheck
shfmt
viddy
yq-go
# containers
unstable.k9s
unstable.krew
unstable.kubecolor
unstable.kubectl
unstable.kubectx
unstable.kubernetes-helm
unstable.stern
# cloud
awscli2
google-cloud-sdk
terraform
# lsp
nodePackages.bash-language-server
nodePackages.eslint
nodePackages.yaml-language-server
terraform-ls
# monitoring
btop
# golang
gofumpt
golangci-lint
gopls
# rust
rustup
# js
nodejs
nodePackages.prettier
nodePackages.yarn
# networking
arp-scan
dnsutils
iperf
nmap
openssl
openvpn
tcpdump
# rice
fastfetch
# nix
nix-tree
nixfmt-rfc-style
nixpkgs-review
# python
poetry
(unstable.python3.withPackages (ps: [
ps.llm
ps.llm-ollama
]))
virtualenv
# media
yt-dlp
# llm
llm
];
}

13
default.nix Normal file
View File

@@ -0,0 +1,13 @@
let
nix-pre-commit-hooks =
import (builtins.fetchTarball
"https://github.com/cachix/pre-commit-hooks.nix/tarball/master");
in {
pre-commit-check = nix-pre-commit-hooks.run {
src = ./.;
hooks = {
shellcheck.enable = true;
alejandra.enable = true;
};
};
}

911
flake.lock generated
View File

@@ -1,72 +1,5 @@
{
"nodes": {
"base16": {
"inputs": {
"fromYaml": "fromYaml"
},
"locked": {
"lastModified": 1746562888,
"narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=",
"owner": "SenchoPens",
"repo": "base16.nix",
"rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89",
"type": "github"
},
"original": {
"owner": "SenchoPens",
"repo": "base16.nix",
"type": "github"
}
},
"base16-fish": {
"flake": false,
"locked": {
"lastModified": 1622559957,
"narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
"owner": "tomyun",
"repo": "base16-fish",
"rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
"type": "github"
},
"original": {
"owner": "tomyun",
"repo": "base16-fish",
"type": "github"
}
},
"base16-helix": {
"flake": false,
"locked": {
"lastModified": 1748408240,
"narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=",
"owner": "tinted-theming",
"repo": "base16-helix",
"rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-helix",
"type": "github"
}
},
"base16-vim": {
"flake": false,
"locked": {
"lastModified": 1732806396,
"narHash": "sha256-e0bpPySdJf0F68Ndanwm+KWHgQiZ0s7liLhvJSWDNsA=",
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@@ -74,868 +7,128 @@
]
},
"locked": {
"lastModified": 1749744770,
"narHash": "sha256-MEM9XXHgBF/Cyv1RES1t6gqAX7/tvayBC1r/KPyK1ls=",
"lastModified": 1704277720,
"narHash": "sha256-meAKNgmh3goankLGWqqpw73pm9IvXjEENJloF0coskE=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "536f951efb1ccda9b968e3c9dee39fbeb6d3fdeb",
"rev": "0dd382b70c351f528561f71a0a7df82c9d2be9a4",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "nix-darwin-25.05",
"repo": "nix-darwin",
"type": "github"
}
},
"determinate": {
"inputs": {
"determinate-nixd-aarch64-darwin": "determinate-nixd-aarch64-darwin",
"determinate-nixd-aarch64-linux": "determinate-nixd-aarch64-linux",
"determinate-nixd-x86_64-darwin": [
"determinate",
"determinate-nixd-aarch64-darwin"
],
"determinate-nixd-x86_64-linux": "determinate-nixd-x86_64-linux",
"nix": "nix",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1754347137,
"narHash": "sha256-IxwxFY1vD3K1lNi7zKb3O31K/gjB0QRs5G+66R5uKXc=",
"rev": "7afeca4a33051c0b132d42ffef66c1cfb10291e0",
"revCount": 265,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.8.5/01987740-2f8d-724e-be76-f9fdc4169391/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/determinate/%2A"
}
},
"determinate-nixd-aarch64-darwin": {
"flake": false,
"locked": {
"narHash": "sha256-qZLIbSP6ic9/ozzFP0QqSk5CcQdbQ4iJHuCd03wV4i8=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.8.5/macOS"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.8.5/macOS"
}
},
"determinate-nixd-aarch64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-QK06CsX8jhocJlUmv+LGJL+67OqkaFutt4kyU9VYshE=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.8.5/aarch64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.8.5/aarch64-linux"
}
},
"determinate-nixd-x86_64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-WewOOmK0rZ7yDBaA1xie1wHYTMkB96scY4Fjt6MPxfQ=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.8.5/x86_64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.8.5/x86_64-linux"
}
},
"firefox-gnome-theme": {
"flake": false,
"locked": {
"lastModified": 1748383148,
"narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=",
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf",
"type": "github"
},
"original": {
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"determinate",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1748821116,
"narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=",
"rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1",
"revCount": 377,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/hercules-ci/flake-parts/0.1.377%2Brev-49f0870db23e8c1ca0b5259734a02cd9e1e371a1/01972f28-554a-73f8-91f4-d488cc502f08/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754091436,
"narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "67df8c627c2c39c41dbec76a1f201929929ab0bd",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"stylix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1749398372,
"narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_4"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"fromYaml": {
"flake": false,
"locked": {
"lastModified": 1731966426,
"narHash": "sha256-lq95WydhbUTWig/JpqiB7oViTcHFP8Lv41IGtayokA8=",
"owner": "SenchoPens",
"repo": "fromYaml",
"rev": "106af9e2f715e2d828df706c386a685698f3223b",
"type": "github"
},
"original": {
"owner": "SenchoPens",
"repo": "fromYaml",
"type": "github"
}
},
"git-hooks-nix": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": [
"determinate",
"nix"
],
"nixpkgs": [
"determinate",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1747372754,
"narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
"rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
"revCount": 1026,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/cachix/git-hooks.nix/0.1.1026%2Brev-80479b6ec16fefd9c1db3ea13aeb038c60530f46/0196d79a-1b35-7b8e-a021-c894fb62163d/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gnome-shell": {
"flake": false,
"locked": {
"lastModified": 1744584021,
"narHash": "sha256-0RJ4mJzf+klKF4Fuoc8VN8dpQQtZnKksFmR2jhWE1Ew=",
"owner": "GNOME",
"repo": "gnome-shell",
"rev": "52c517c8f6c199a1d6f5118fae500ef69ea845ae",
"type": "github"
},
"original": {
"owner": "GNOME",
"ref": "48.1",
"repo": "gnome-shell",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1753592768,
"narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "fc3add429f21450359369af74c2375cb34a2d204",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
"nixvim",
"nuschtosSearch",
"flake-utils"
],
"nixpkgs": [
"nixvim",
"nuschtosSearch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1748294338,
"narHash": "sha256-FVO01jdmUNArzBS7NmaktLdGA5qA3lUMJ4B7a05Iynw=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "cc5f390f7caf265461d4aab37e98d2292ebbdb85",
"lastModified": 1704980875,
"narHash": "sha256-IPZmMjk5f4TBbEpzUFBc3OC1W6OwDNEXk2w/0uVXX1o=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "5f0ab0eedc6ede69beb8f45561ffefa54edc6e65",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.0.8",
"repo": "ixx",
"owner": "nix-community",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
},
"nix": {
"nix-ld": {
"inputs": {
"flake-parts": "flake-parts",
"git-hooks-nix": "git-hooks-nix",
"nixpkgs": "nixpkgs",
"nixpkgs-23-11": "nixpkgs-23-11",
"nixpkgs-regression": "nixpkgs-regression"
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1754344628,
"narHash": "sha256-xVsqhMfsQzjf4XDO/GHVyk/D760uqlnOQ1NZ8Iyvpr0=",
"rev": "55219f9b36914a19b45a7989ad664f3fd8dfbc35",
"revCount": 21608,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.8.5/0198772e-696e-72c6-9382-7ad2a9198f03/source.tar.gz"
"lastModified": 1701153607,
"narHash": "sha256-h+odOVyiGmEERMECoFOj5P7FPiMR8IPRzroFA4sKivg=",
"owner": "Mic92",
"repo": "nix-ld",
"rev": "bf5aa84a713c31d95b4307e442e966d6c7fd7ae7",
"type": "github"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/nix-src/%2A"
"owner": "Mic92",
"repo": "nix-ld",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1705187059,
"narHash": "sha256-dSj+iIYqLA+7/5rLXWfUxw9IXRm0w8Mrm39af8klUH0=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "ef811636cc847355688804593282078bac7758d4",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1747179050,
"narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=",
"rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e",
"revCount": 799423,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.799423%2Brev-adaa24fbf46737f3f1b5497bf64bae750f82942e/0196d1c3-1974-7bf1-bcf6-06620ac40c8c/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/NixOS/nixpkgs/%3D0.1.799423"
}
},
"nixpkgs-23-11": {
"locked": {
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"lastModified": 1686752049,
"narHash": "sha256-GtSbXZ6ia/o+f/I5O/5ee8HGmKuwQWZhtyd2u5y5TOk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"rev": "eafbb465a91939b9a47bc05fcef0f948903755c1",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1755052809,
"narHash": "sha256-b6VCFcs4fjKtLLSMfnT8laUg6m4S+jfGUGehcbOVzV8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f4824b044a60268c24fd20a25468a1138e535d83",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1754725699,
"narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
"lastModified": 1705204527,
"narHash": "sha256-WVz9WdaFBhAwO/7A+HlW8HPJ4VQ8QnpCD1WZAcAPneo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
"rev": "dd5621df6dcb90122b50da5ec31c411a0de3e538",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1753722563,
"narHash": "sha256-FK8iq76wlacriq3u0kFCehsRYTAqjA9nfprpiSWRWIc=",
"rev": "648f70160c03151bc2121d179291337ad6bc564b",
"revCount": 836323,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.836323%2Brev-648f70160c03151bc2121d179291337ad6bc564b/019854b4-edf3-7ab3-ba79-b30d6017d043/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/0.1"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1753345091,
"narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=",
"lastModified": 1705183652,
"narHash": "sha256-rnfkyUH0x72oHfiSDhuCHDHg3gFgF+lF8zkkg5Zihsw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9",
"rev": "428544ae95eec077c7f823b422afae5f174dee4b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1754937576,
"narHash": "sha256-3sWA5WJybUE16kIMZ3+uxcxKZY/JRR4DFBqLdSLBo7w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ddae11e58c0c345bf66efbddbf2192ed0e58f896",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1754340878,
"narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cab778239e705082fe97bb4990e0d24c50924c04",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1751211869,
"narHash": "sha256-1Cu92i1KSPbhPCKxoiVG5qnoRiKTgR5CcGSRyLpOd7Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b43c397f6c213918d6cfe6e3550abfe79b5d1c51",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1743814133,
"narHash": "sha256-drDyYyUmjeYGiHmwB9eOPTQRjmrq3Yz26knwmMPLZFk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "250b695f41e0e2f5afbf15c6b12480de1fe0001b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
],
"nuschtosSearch": "nuschtosSearch",
"systems": "systems_2"
},
"locked": {
"lastModified": 1754262585,
"narHash": "sha256-Yz5dJ0VzGRzSRHdHldsWQbuFYmtP3NWNreCvPfCi9CI=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "ab1b5962e1ca90b42de47e1172e0d24ca80e6256",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "nixos-25.05",
"repo": "nixvim",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": [
"stylix",
"flake-parts"
],
"nixpkgs": [
"stylix",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1751320053,
"narHash": "sha256-3m6RMw0FbbaUUa01PNaMLoO7D99aBClmY5ed9V3vz+0=",
"owner": "nix-community",
"repo": "NUR",
"rev": "cbde1735782f9c2bb2c63d5e05fba171a14a4670",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils",
"ixx": "ixx",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1753771532,
"narHash": "sha256-Pmpke0JtLRzgdlwDC5a+aiLVZ11JPUO5Bcqkj0nHE/k=",
"owner": "NuschtOS",
"repo": "search",
"rev": "2a65adaf2c0c428efb0f4a2bc406aab466e96a06",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat_2",
"gitignore": "gitignore",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1754416808,
"narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"darwin": "darwin",
"determinate": "determinate",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs_4",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim",
"pre-commit-hooks": "pre-commit-hooks",
"stylix": "stylix",
"vpngate": "vpngate"
}
},
"stylix": {
"inputs": {
"base16": "base16",
"base16-fish": "base16-fish",
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_3",
"gnome-shell": "gnome-shell",
"nixpkgs": "nixpkgs_6",
"nur": "nur",
"systems": "systems_3",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
"tinted-tmux": "tinted-tmux",
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1755029507,
"narHash": "sha256-dtLgSAkU6o3skigUB1U6CCdg9Uu+yu3OM3m+Zu2XnPk=",
"owner": "danth",
"repo": "stylix",
"rev": "13e783747d8b90f27bc1e69e3302b5b5e18cf776",
"type": "github"
},
"original": {
"owner": "danth",
"ref": "release-25.05",
"repo": "stylix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": {
"flake": false,
"locked": {
"lastModified": 1726913040,
"narHash": "sha256-+eDZPkw7efMNUf3/Pv0EmsidqdwNJ1TaOum6k7lngDQ=",
"owner": "tinted-theming",
"repo": "tinted-foot",
"rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-foot",
"rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
"type": "github"
}
},
"tinted-kitty": {
"flake": false,
"locked": {
"lastModified": 1735730497,
"narHash": "sha256-4KtB+FiUzIeK/4aHCKce3V9HwRvYaxX+F1edUrfgzb8=",
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "de6f888497f2c6b2279361bfc790f164bfd0f3fa",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-kitty",
"type": "github"
}
},
"tinted-schemes": {
"flake": false,
"locked": {
"lastModified": 1750770351,
"narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=",
"owner": "tinted-theming",
"repo": "schemes",
"rev": "5a775c6ffd6e6125947b393872cde95867d85a2a",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "schemes",
"type": "github"
}
},
"tinted-tmux": {
"flake": false,
"locked": {
"lastModified": 1751159871,
"narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=",
"owner": "tinted-theming",
"repo": "tinted-tmux",
"rev": "bded5e24407cec9d01bd47a317d15b9223a1546c",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-tmux",
"type": "github"
}
},
"tinted-zed": {
"flake": false,
"locked": {
"lastModified": 1751158968,
"narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=",
"owner": "tinted-theming",
"repo": "base16-zed",
"rev": "86a470d94204f7652b906ab0d378e4231a5b3384",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-zed",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"stylix",
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733222881,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"vpngate": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1753748785,
"narHash": "sha256-IPdoF8KSFbAKp9gpTWi9qQv5+9qPjGDVPZKawIE0H+8=",
"owner": "davegallant",
"repo": "vpngate",
"rev": "0167804252a2297c1f81b5cbf1fbb772d26d3e1f",
"type": "github"
},
"original": {
"owner": "davegallant",
"repo": "vpngate",
"type": "github"
"nix-ld": "nix-ld",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable"
}
}
},

186
flake.nix
View File

@@ -2,183 +2,21 @@
description = "nixos and macos configurations";
inputs = {
determinate.url = "https://flakehub.com/f/DeterminateSystems/determinate/*";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-master.url = "github:NixOS/nixpkgs/master";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
pre-commit-hooks.url = "github:cachix/git-hooks.nix";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
home-manager.url = "github:nix-community/home-manager/release-23.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nix-ld.url = "github:Mic92/nix-ld";
nixos-hardware.url = "github:NixOS/nixos-hardware";
darwin = {
url = "github:lnl7/nix-darwin/nix-darwin-25.05";
url = "github:lnl7/nix-darwin";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager.url = "github:nix-community/home-manager/release-25.05";
nixvim = {
url = "github:nix-community/nixvim/nixos-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
stylix.url = "github:danth/stylix/release-25.05";
vpngate.url = "github:davegallant/vpngate";
};
outputs =
{
self,
darwin,
determinate,
home-manager,
nixpkgs,
nixpkgs-unstable,
nixpkgs-master,
stylix,
vpngate,
...
}@inputs:
let
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
in
{
checks = forAllSystems (system: {
pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
nixfmt-rfc-style.enable = true;
};
};
});
devShells = forAllSystems (system: {
default = nixpkgs.legacyPackages.${system}.mkShell {
inherit (self.checks.${system}.pre-commit-check) shellHook;
buildInputs = self.checks.${system}.pre-commit-check.enabledPackages;
};
});
nixosConfigurations =
let
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config.allowUnfree = true;
};
master = import nixpkgs-master {
system = "x86_64-linux";
config.allowUnfree = true;
};
in
{
hephaestus = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit unstable;
inherit master;
inherit vpngate;
};
modules = [
./hosts/hephaestus.nix
./common-packages.nix
./upgrade-diff.nix
determinate.nixosModules.default
home-manager.nixosModules.home-manager
stylix.nixosModules.stylix
(
{ ... }:
{
config = {
nix = {
settings = {
auto-optimise-store = true;
sandbox = false;
substituters = [ "https://davegallant.cachix.org" ];
trusted-users = [
"root"
];
trusted-public-keys = [
"davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08="
];
};
registry = {
nixpkgs.flake = nixpkgs;
};
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 14d";
};
};
nixpkgs.overlays = [ (import ./overlays) ];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.dave.imports = [
./home.nix
inputs.nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
inherit master;
};
};
};
}
)
];
};
};
darwinConfigurations =
let
system = "aarch64-darwin";
unstable = import nixpkgs-unstable {
config.allowUnfree = true;
inherit system;
};
master = import nixpkgs-master {
config.allowUnfree = true;
inherit system;
};
in
{
zelus = darwin.lib.darwinSystem {
inherit system;
specialArgs = {
inherit unstable;
inherit master;
};
modules = [
home-manager.darwinModules.home-manager
stylix.darwinModules.stylix
./hosts/zelus.nix
./common-packages.nix
./upgrade-diff.nix
(
{ ... }:
{
config = {
nixpkgs.overlays = [ (import ./overlays) ];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."dave.gallant".imports = [
./home.nix
inputs.nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
inherit master;
};
};
};
}
)
];
};
};
};
outputs = {...} @ args: import ./outputs.nix args;
}

414
home.nix
View File

@@ -1,414 +0,0 @@
{
lib,
pkgs,
unstable,
...
}:
let
inherit (pkgs) stdenv;
in
{
home.stateVersion = "25.05";
home.packages = with pkgs; [ just ];
stylix = {
enable = true;
base16Scheme = "${pkgs.base16-schemes}/share/themes/tokyo-night-dark.yaml";
fonts.monospace = {
name = "FiraCode Nerd Font Mono";
package = "${pkgs.fira-mono}";
};
fonts.sansSerif = {
name = "FiraCode Nerd Font";
package = "${pkgs.fira-code}";
};
};
services = {
gpg-agent = {
enable = stdenv.isLinux;
defaultCacheTtl = 3600;
defaultCacheTtlSsh = 3600;
enableSshSupport = true;
};
};
services.lorri.enable = stdenv.isLinux;
fonts.fontconfig.enable = true;
programs = {
home-manager.enable = true;
direnv.enable = true;
git = {
enable = true;
userName = "Dave Gallant";
diff-so-fancy.enable = true;
lfs.enable = true;
aliases = {
aa = "add -A .";
br = "branch";
c = "commit -S";
cm = "commit -S -m";
ca = "commit -S --amend";
cane = "commit -S --amend --no-edit";
cb = "checkout -b";
co = "checkout";
cmp = "! git checkout main && git pl";
d = "diff";
dc = "diff --cached";
dcn = "diff --cached --name-only";
ds = "! git diff origin | sed -r 's/value: (.*)/value: \"************\"/'";
l = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
ms = "merge --squash";
p = "push origin";
pf = "push -f";
pl = "! git pull origin $(git rev-parse --abbrev-ref HEAD)";
st = "status";
wip = "for-each-ref --sort='authordate:iso8601' --format=' %(color:green)%(authordate:relative)%09%(color:white)%(refname:short)' refs/heads";
};
includes = [ { path = "~/.gitconfig-work"; } ];
extraConfig = {
push = {
default = "current";
};
pull = {
rebase = true;
};
};
};
starship = {
enable = true;
enableZshIntegration = true;
settings = {
add_newline = false;
gcloud = {
format = "";
};
kubernetes = {
disabled = false;
};
};
};
zsh = {
enable = true;
autosuggestion.enable = true;
enableCompletion = true;
syntaxHighlighting.enable = true;
history.size = 1000000;
localVariables = {
CASE_SENSITIVE = "true";
DISABLE_UNTRACKED_FILES_DIRTY = "true";
RPROMPT = ""; # override because macOS defaults to filepath
ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE = "fg=#838383,underline";
ZSH_DISABLE_COMPFIX = "true";
};
envExtra = ''
export PAGER=less
export EDITOR=vim
export DOCKER_CLI_HINTS=false
export TERM=xterm-256color
export PATH=$PATH:~/.cargo/bin
export PATH=$PATH:~/.local/bin
export PATH=$PATH:~/.npm-packages/bin
export PATH=$PATH:/opt/homebrew/bin
export PATH=$PATH:~/.krew/bin
export PATH=$PATH:~/bin
export GOPATH=~/go
export GOBIN=$GOPATH/bin
export PATH=$PATH:$GOBIN
'';
initContent = ''
setopt noincappendhistory
source $HOME/.zsh-work
if [[ "$OSTYPE" == "darwin"* ]];
then
export PATH="$(brew --prefix)/opt/gnu-tar/libexec/gnubin:$PATH"
alias xdg-open=open
fi
source <(helm completion zsh)
source <(kubectl completion zsh)
eval "$(atuin init zsh)"
# kubecolor
source <(kubectl completion zsh)
alias kubectl=kubecolor
# make completion work with kubecolor
compdef kubecolor=kubectl
'';
shellAliases = {
".." = "cd ..";
c = "code";
g = "git";
gc = "git checkout $(git branch | fzf)";
gco = "git checkout $(git branch -r | sed -e 's/^ origin\\///' | fzf)";
gho = "gh repo view --web >/dev/null";
gr = "cd $(git rev-parse --show-toplevel)";
grep = "rg --smart-case";
j = "just";
k = "kubecolor";
kp = "viddy 'kubectl get pods'";
kcx = "kubectx";
kns = "kubens";
l = "eza -la --git --group-directories-first";
m = "make";
nix-install = "nix-env -iA";
t = "cd-fzf";
tf = "terraform";
tree = "eza --tree";
v = "nvim";
};
"oh-my-zsh" = {
enable = true;
};
};
go = {
enable = true;
};
fzf = {
enable = true;
};
nixvim = {
enable = true;
viAlias = true;
vimAlias = true;
keymaps = [
{
key = "<C-n>";
mode = [ "n" ];
action = "<cmd>tabnew<cr>";
options = {
silent = true;
};
}
{
key = "<leader>y";
mode = [ "v" ];
action = ''"+y''; # copy to OS clipboard
}
{
key = "<leader>t";
mode = [ "n" ];
action = "<cmd>NvimTreeFindFileToggle<CR>";
}
{
key = "gD";
mode = [ "n" ];
action = "<cmd>lua vim.lsp.buf.declaration()<CR>";
}
{
key = "gd";
mode = [ "n" ];
action = "<cmd>lua vim.lsp.buf.definition()<CR>";
}
{
key = "gr";
mode = [ "n" ];
action = "<cmd>lua vim.lsp.buf.references()<CR>";
}
{
key = "<leader>ff";
mode = [ "n" ];
action = "<cmd>Telescope find_files<CR>";
}
{
key = "<leader>fg";
mode = [ "n" ];
action = "<cmd>Telescope live_grep<CR>";
}
];
plugins = {
auto-save.enable = true;
cmp-path.enable = true;
cmp-treesitter.enable = true;
commentary.enable = true;
diffview.enable = true;
gitblame.enable = true;
gitsigns.enable = true;
gitlinker.enable = true;
lualine.enable = true;
lsp.enable = true;
lsp.servers = {
ansiblels.enable = true;
bashls.enable = true;
dockerls.enable = true;
gopls.enable = true;
helm_ls.enable = true;
jsonls.enable = true;
nixd.enable = true;
terraformls.enable = true;
yamlls.enable = true;
};
lsp-format = {
enable = true;
settings = {
terraform = { };
nix = { };
go = { };
};
};
cmp.enable = true;
nvim-tree.enable = true;
rainbow-delimiters.enable = true;
treesitter.enable = true;
telescope = {
enable = true;
settings.defaults = {
layout_strategy = "vertical";
layout_config = {
vertical = {
width = 0.9;
};
};
};
package = pkgs.vimPlugins.telescope-fzy-native-nvim;
};
web-devicons.enable = true;
};
opts = {
autoindent = true;
backup = false;
belloff = "all";
completeopt = [
"menuone"
"noselect"
];
cursorline = true;
expandtab = true;
fillchars = {
diff = "";
eob = " ";
vert = "";
};
hlsearch = true;
ignorecase = true;
incsearch = true;
modelines = 5;
mouse = "a";
number = true;
pumblend = 10;
scrolloff = 3;
shell = "bash";
shiftround = false;
shiftwidth = 2;
showbreak = " ";
showcmd = true;
sidescroll = 0;
sidescrolloff = 3;
smartcase = true;
smarttab = true;
spellcapcheck = "";
splitbelow = true;
splitright = true;
swapfile = false;
switchbuf = "usetab";
tabstop = 2;
termguicolors = true;
wildmenu = true;
};
extraConfigLua = ''
-- https://github.com/orgs/community/discussions/108329
vim.cmd([[let g:copilot_filetypes = {'yaml': v:true}]])
vim.cmd([[let g:copilot_filetypes = {'gitcommit': v:true}]])
-- Format JSON
vim.cmd([[command! JsonFormat execute "::%!jq '.'"]])
-- Remember line number
vim.cmd([[au BufReadPost * if line("'\"") > 0 && line("'\"") <= line("$") | exe "normal! g`\"" | endif]])
-- Replace visual selection
vim.cmd([[vnoremap <C-r> "hy:%s/<C-r>h//g<left><left>]])
-- Indent YAML
vim.cmd([[au FileType yaml setlocal ts=2 sts=2 sw=2 expandtab]])
-- Indent Python
vim.cmd([[au BufNewFile,BufRead *.py set tabstop=4 softtabstop=4 shiftwidth=4 textwidth=79 expandtab autoindent fileformat=unix]])
-- Highlight whitespace
vim.cmd([[highlight ExtraWhitespace ctermbg=red guibg=red]])
vim.cmd([[match ExtraWhitespace /\s\+$/]])
-- folding
vim.api.nvim_exec(
[[
set foldmethod=expr
set foldlevel=20
set nofoldenable
set foldexpr=nvim_treesitter#foldexpr()
]],
true
)
'';
};
vscode = {
enable = stdenv.isLinux;
package = unstable.vscode;
profiles.default.extensions =
with unstable.vscode-extensions;
[
bbenoist.nix
github.vscode-pull-request-github
golang.go
hashicorp.terraform
ms-dotnettools.csharp
ms-kubernetes-tools.vscode-kubernetes-tools
redhat.vscode-yaml
]
++ lib.optionals stdenv.isLinux [ ms-python.python ];
};
firefox = {
enable = stdenv.isLinux;
package = unstable.librewolf;
profiles = {
default = {
id = 0;
isDefault = true;
settings = {
"privacy.resistFingerprinting" = false; # breaks timezone
"dom.push.connection.enabled" = false;
"dom.push.enabled" = false;
"geo.enabled" = false;
"intl.regional_prefs.use_os_locales" = true;
"services.sync.prefs.sync.intl.regional._prefs.use_os_locates" = false;
};
};
};
};
};
}

BIN
home/.aws/config Executable file
View File

Binary file not shown.

454
home/default.nix Normal file
View File

@@ -0,0 +1,454 @@
{
lib,
pkgs,
unstable,
...
}: let
hound-nvim = pkgs.vimUtils.buildVimPlugin {
name = "hound-nvim";
nativeBuildInputs = with pkgs; [lua53Packages.luacheck stylua];
src = pkgs.fetchFromGitHub {
owner = "davegallant";
repo = "hound.nvim";
rev = "e85ba4f65ece79fe6332d8a0ccc594a0d367f4ed";
sha256 = "sha256-fxPtixVB6dVjrxpJ1oP+eA00JSiKxWuii8pMxVeuyMY=";
};
};
inherit (pkgs) stdenv;
in {
home.stateVersion = "23.11";
services = {
gpg-agent = {
enable = stdenv.isLinux;
defaultCacheTtl = 3600;
defaultCacheTtlSsh = 3600;
enableSshSupport = true;
};
};
fonts.fontconfig.enable = true;
programs = {
home-manager.enable = true;
direnv.enable = true;
git = {
enable = true;
userName = "Dave Gallant";
lfs.enable = true;
aliases = {
aa = "add -A .";
br = "branch";
c = "commit -S";
ca = "commit -S --amend";
cane = "commit -S --amend --no-edit";
cb = "checkout -b";
co = "checkout";
cmp = "! git checkout main && git pl";
d = "diff";
dc = "diff --cached";
dcn = "diff --cached --name-only";
ds = "! git diff origin | sed -r 's/value: (.*)/value: \"************\"/'";
l = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
ms = "merge --squash";
p = "push origin";
pf = "push -f";
pl = "! git pull origin $(git rev-parse --abbrev-ref HEAD)";
st = "status";
wip = "for-each-ref --sort='authordate:iso8601' --format=' %(color:green)%(authordate:relative)%09%(color:white)%(refname:short)' refs/heads";
};
includes = [{path = "~/.gitconfig-work";}];
delta = {
enable = true;
options = {
features = "line-numbers decorations";
whitespace-error-style = "22 reverse";
plus-style = "green bold ul '#198214'";
decorations = {
commit-decoration-style = "bold yellow box ul";
file-style = "bold yellow ul";
file-decoration-style = "none";
};
};
};
extraConfig = {
push = {default = "current";};
pull = {rebase = true;};
};
};
starship = {
enable = true;
enableZshIntegration = true;
settings = {
add_newline = false;
scan_timeout = 10;
character = {error_symbol = "[](bold red)";};
gcloud = {
format = "[$symbol($project) ~ $region]($style)";
};
kubernetes = {
disabled = false;
context_aliases = {
".*stg_.*" = "stg";
".*test_.*" = "test";
".*prd_.*" = "prd";
};
};
};
};
zsh = {
enable = true;
enableAutosuggestions = true;
enableCompletion = true;
syntaxHighlighting.enable = true;
history.size = 1000000;
localVariables = {
CASE_SENSITIVE = "true";
DISABLE_UNTRACKED_FILES_DIRTY = "true";
RPROMPT = ""; # override because macOS defaults to filepath
ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE = "fg=#838383,underline";
ZSH_DISABLE_COMPFIX = "true";
};
envExtra = ''
export PAGER=less
export EDITOR=vim
export PATH=$PATH:~/.cargo/bin
export PATH=$PATH:~/.local/bin
export PATH=$PATH:~/.npm-packages/bin
export PATH=$PATH:/opt/homebrew/bin
export PATH=$PATH:~/.krew/bin
export PATH=$PATH:~/bin
export GOPATH=~/go
export GOBIN=$GOPATH/bin
export PATH=$PATH:$GOBIN
export WINEPREFIX=~/.wine32
# homebrew for x86
export PATH=$PATH:/usr/local/homebrew/bin
'';
initExtra = ''
setopt noincappendhistory
source $HOME/.zsh-work
if [[ "$OSTYPE" == "darwin"* ]];
then
export PATH = "$(brew --prefix)/opt/gnu-tar/libexec/gnubin:$PATH"
export
PATH="$(brew --prefix)/opt/gnu-sed/libexec/gnubin:$PATH"
alias xdg-open=open
fi
# helm
source <(helm completion zsh)
# kubectl
source <(kubectl completion zsh)
# kubecolor
source <(kubectl completion zsh)
alias kubectl=kubecolor
# make completion work with kubecolor
compdef kubecolor=kubectl
pfetch
'';
shellAliases = {
".." = "cd ..";
c = "code";
g = "git";
gc = "git checkout $(git branch | fzf)";
gco = "git checkout $(git branch -r | sed -e 's/^ origin\\///' | fzf)";
gr = "cd $(git rev-parse --show-toplevel)";
gho = "gh repo view --web >/dev/null";
grep = "rg --smart-case";
k = "kubecolor";
kcx = "kubectx";
kns = "kubens";
l = "eza -la --git --group-directories-first";
m = "make";
pia = "sudo openvpn --config ~/pia/$(find ~/pia -execdir basename {} .ovpn ';' -iname \"*.ovpn\" -type f | fzf --exact).ovpn --auth-user-pass ~/pia/pass";
ps = "procs";
t = "tmux-sessionizer";
tf = "terraform";
tree = "eza --tree";
v = "nvim";
nix-install = "nix-env -iA";
brew-x86 = "arch -x86_64 /usr/local/homebrew/bin/brew";
};
"oh-my-zsh" = {
enable = true;
plugins = [
"gitfast"
"last-working-dir"
"tmux"
];
};
};
alacritty = {
enable = true;
settings = {
window.padding.x = 10;
window.padding.y = 10;
scrolling.history = 100000;
live_config_reload = true;
mouse.hide_when_typing = false;
font =
if stdenv.isLinux
then {
normal.family = "Fira Code";
size = 12;
}
else {
normal.family = "FiraCode Nerd Font";
size = 16;
};
shell = {
program = "zsh";
args = ["-l" "-c" "tmux" "u"];
};
colors = {
primary.background = "0x282828";
primary.foreground = "0xebdbb2";
normal = {
black = "0x282828";
red = "0xcc241d";
green = "0x98971a";
yellow = "0xd79921";
blue = "0x458588";
magenta = "0xb16286";
cyan = "0x689d6a";
white = "0xa89984";
};
bright = {
black = "0x928374";
red = "0xfb4934";
green = "0xb8bb26";
yellow = "0xfabd2f";
blue = "0x83a598";
magenta = "0xd3869b";
cyan = "0x8ec07c";
white = "0xebdbb2";
};
key_bindings = [
{
key = "Home";
mods = "Control";
action = "ResetFontSize";
}
{
key = "Plus";
mods = "Control";
action = "IncreaseFontSize";
}
{
key = "Minus";
mods = "Control";
action = "DecreaseFontSize";
}
];
};
};
};
autojump = {
enable = true;
enableZshIntegration = true;
};
go = {
enable = true;
};
tmux = {
enable = true;
clock24 = true;
terminal = "xterm-256color";
customPaneNavigationAndResize = true;
plugins = with pkgs.tmuxPlugins; [
{
plugin = pain-control;
extraConfig = "set -g @plugin 'tmux-plugins/tmux-pain-control'";
}
{
plugin = sensible;
extraConfig = "set -g @plugin 'tmux-plugins/tmux-sensible'";
}
{
plugin = sessionist;
extraConfig = "set -g @plugin 'tmux-plugins/tmux-sessionist'";
}
{
plugin = yank;
extraConfig = "set -g @plugin 'tmux-plugins/tmux-yank'";
}
{
plugin = sensible;
extraConfig = "set -g @plugin 'tmux-plugins/tmux-sensible'";
}
{
plugin = tmux-colors-solarized;
extraConfig = ''
set -g @plugin 'seebi/tmux-colors-solarized'
set -g @colors-solarized 'dark'
'';
}
{
plugin = resurrect;
extraConfig = ''
set -g @plugin 'tmux-plugins/tmux-resurrect'
'';
}
{
plugin = continuum;
extraConfig = ''
set -g @plugin 'tmux-plugins/tmux-continuum'
set -g @continuum-restore 'on'
'';
}
];
extraConfig = ''
set-window-option -g automatic-rename on
set-option -g set-titles on
set -g mouse on
set -g status-left-length 30
set -g status-right-length 150
set -g xterm-keys on
set -g pane-border-status top
set -g set-titles on
set -g display-panes-time 800
set -g display-time 2000
set -q -g utf8 on
set -g monitor-activity on
set -g visual-activity off
set -g status-right '#(gitmux #{pane_current_path})'
'';
};
fzf = {
enable = true;
enableZshIntegration = true;
};
neovim = {
enable = true;
viAlias = true;
vimAlias = true;
# home-manager doesn't yet support `init.lua`
extraConfig = "lua require('init')";
plugins = with pkgs.vimPlugins; [
cmp-nvim-lsp
cmp-path
cmp-treesitter
diffview-nvim
git-blame-nvim
gitsigns-nvim
gruvbox-nvim
lualine-nvim
luasnip
nvim-cmp
nvim-lspconfig
nvim-tree-lua
nvim-treesitter.withAllGrammars
nvim-ts-rainbow
nvim-web-devicons
plenary-nvim
telescope-fzy-native-nvim
vim-commentary
vim-markdown
vim-repeat
vim-sneak
vim-surround
];
};
vscode = {
enable = true;
package = pkgs.vscode;
extensions = with pkgs.vscode-extensions;
[
bbenoist.nix
github.vscode-pull-request-github
golang.go
hashicorp.terraform
ms-dotnettools.csharp
ms-kubernetes-tools.vscode-kubernetes-tools
redhat.vscode-yaml
]
++ lib.optionals stdenv.isLinux [
ms-vsliveshare.vsliveshare
ms-python.python
];
};
firefox = {
enable = stdenv.isLinux;
package = unstable.firefox-devedition;
profiles = {
default = {
id = 0;
isDefault = true;
settings = {
"privacy.resistFingerprinting" = false; # breaks timezone
"dom.push.connection.enabled" = false;
"dom.push.enabled" = false;
"geo.enabled" = false;
"intl.regional_prefs.use_os_locales" = true;
"services.sync.prefs.sync.intl.regional._prefs.use_os_locates" = false;
};
name = "dev-edition-default";
path = "6b7pm104.dev-edition-default";
};
};
};
};
home.file = {
".config/nvim/lua".source = ./nvim/lua;
".aws/config".source = ./.aws/config;
};
home.file.".config/autostart/albert.desktop" = lib.mkIf stdenv.isLinux {
source = pkgs.albert + "/share/applications/albert.desktop";
};
}

308
home/nvim/lua/init.lua Normal file
View File

@@ -0,0 +1,308 @@
-----------------------------------------------------------------------------
-- Options {{{1 ---------------------------------------------------------------
-------------------------------------------------------------------------------
vim.opt.autoindent = true
vim.opt.backup = false
vim.opt.belloff = "all"
vim.opt.completeopt = "menuone"
vim.opt.completeopt = vim.opt.completeopt + "noselect"
vim.opt.cursorline = true
vim.opt.expandtab = true
vim.opt.fillchars = {
diff = "",
eob = " ",
vert = "",
}
vim.opt.hlsearch = true
vim.opt.ignorecase = true
vim.opt.incsearch = true
vim.opt.modelines = 5
vim.opt.mouse = "a"
vim.opt.number = true
vim.opt.pumblend = 10
vim.opt.scrolloff = 3
vim.opt.shell = "bash"
vim.opt.shiftround = false
vim.opt.shiftwidth = 2
vim.opt.shortmess = vim.opt.shortmess + "A"
vim.opt.shortmess = vim.opt.shortmess + "I"
vim.opt.shortmess = vim.opt.shortmess + "O"
vim.opt.shortmess = vim.opt.shortmess + "T"
vim.opt.shortmess = vim.opt.shortmess + "W"
vim.opt.shortmess = vim.opt.shortmess + "a"
vim.opt.shortmess = vim.opt.shortmess + "c"
vim.opt.shortmess = vim.opt.shortmess + "o"
vim.opt.shortmess = vim.opt.shortmess + "t"
vim.opt.showbreak = ""
vim.opt.showcmd = true
vim.opt.sidescroll = 0
vim.opt.sidescrolloff = 3
vim.opt.smartcase = true
vim.opt.smarttab = true
vim.opt.spellcapcheck = ""
vim.opt.splitbelow = true
vim.opt.splitright = true
vim.opt.swapfile = false
vim.opt.switchbuf = "usetab"
vim.opt.tabstop = 2
vim.opt.termguicolors = true
vim.opt.wildmenu = true
-- Format JSON
vim.cmd([[command! JsonFormat execute "::%!jq '.'"]])
-- Tab shortcuts
vim.api.nvim_set_keymap("n", "<C-n>", "<cmd>tabnew<cr>", { noremap = true })
-- Copy to OS clipboard
vim.api.nvim_set_keymap("v", "<leader>y", '"+y', { noremap = true })
-- Folding
vim.api.nvim_set_keymap("n", "<space>", "za", { silent = true, noremap = true })
-- Map gx to xdg-open
vim.api.nvim_set_keymap(
"n",
"gx",
":execute 'silent! !xdg-open ' . shellescape(expand('<cWORD>'), 1)<cr>",
{ silent = true, noremap = true }
)
-- Remember line number
vim.cmd([[au BufReadPost * if line("'\"") > 0 && line("'\"") <= line("$") | exe "normal! g`\"" | endif]])
-- Replace visual selection
vim.cmd([[vnoremap <C-r> "hy:%s/<C-r>h//g<left><left>]])
-- Indent YAML
vim.cmd([[au FileType yaml setlocal ts=2 sts=2 sw=2 expandtab]])
-- Indent Python
vim.cmd([[au BufNewFile,BufRead *.py set tabstop=4 softtabstop=4 shiftwidth=4 textwidth=79 expandtab autoindent fileformat=unix]])
-- Highlight whitespace
vim.cmd([[highlight ExtraWhitespace ctermbg=red guibg=red]])
vim.cmd([[match ExtraWhitespace /\s\+$/]])
-------------------------------------------------------------------------------
-- LSP {{{1 -------------------------------------------------------------------
-------------------------------------------------------------------------------
-- See `:help vim.lsp.*` for documentation on any of the below functions
local opts = { noremap=true, silent=true }
vim.api.nvim_set_keymap('n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
vim.api.nvim_set_keymap('n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
vim.api.nvim_set_keymap('n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
vim.api.nvim_set_keymap('n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
vim.api.nvim_set_keymap('n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
vim.api.nvim_set_keymap('n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>e', '<cmd>lua vim.diagnostic.open_float()<CR>', opts)
vim.api.nvim_set_keymap('n', '[d', '<cmd>lua vim.diagnostic.goto_prev()<CR>', opts)
vim.api.nvim_set_keymap('n', ']d', '<cmd>lua vim.diagnostic.goto_next()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>q', '<cmd>lua vim.diagnostic.setloclist()<CR>', opts)
vim.api.nvim_set_keymap('n', '<space>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
vim.api.nvim_set_keymap("n", "<space>", "za", { silent = true, noremap = true })
-------------------------------------------------------------------------------
-- packer {{{1 -------------------------------------------------------------------
-------------------------------------------------------------------------------
-- require("packer").startup(function()
-- use({ "MunifTanjim/nui.nvim" })
-- use({ "dpayne/CodeGPT.nvim" })
-- end)
-------------------------------------------------------------------------------
-- completion {{{1 -------------------------------------------------------------------
-------------------------------------------------------------------------------
local has_words_before = function()
local line, col = unpack(vim.api.nvim_win_get_cursor(0))
return col ~= 0 and vim.api.nvim_buf_get_lines(0, line - 1, line, true)[1]:sub(col, col):match("%s") == nil
end
local luasnip = require("luasnip")
local cmp = require("cmp")
cmp.setup {
sources = {
{ name = 'nvim_lsp' },
{ name = 'path' },
{ name = 'treesitter' },
},
preselect = cmp.PreselectMode.None,
mapping = {
["<Tab>"] = cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_next_item()
elseif luasnip.expand_or_jumpable() then
luasnip.expand_or_jump()
elseif has_words_before() then
cmp.complete()
else
fallback()
end
end, { "i", "s" }),
["<S-Tab>"] = cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_prev_item()
elseif luasnip.jumpable(-1) then
luasnip.jump(-1)
else
fallback()
end
end, { "i", "s" }),
}
}
-------------------------------------------------------------------------------
-- lsp {{{1 -------------------------------------------------------------------
-------------------------------------------------------------------------------
local lspconfig = require "lspconfig"
local capabilities = require('cmp_nvim_lsp').default_capabilities(vim.lsp.protocol.make_client_capabilities())
lspconfig.ansiblels.setup({
capabilities = capabilities,
cmd = {os.getenv("HOME") .. "/.npm-packages/bin/ansible-language-server", "--stdio"};
})
lspconfig.bashls.setup({
capabilities = capabilities,
})
lspconfig.gopls.setup({
capabilities = capabilities,
})
-- lspconfig.lua_ls.setup({
-- capabilities = capabilities,
-- settings = {
-- Lua = {
-- diagnostics = {
-- globals = { 'vim' }
-- }
-- }
-- }
-- })
lspconfig.pyright.setup({
capabilities = capabilities,
})
lspconfig.rls.setup({
capabilities = capabilities,
})
lspconfig.rnix.setup({
capabilities = capabilities,
})
lspconfig.solargraph.setup({
capabilities = capabilities,
})
lspconfig.terraformls.setup({
filetypes={"terraform","tf","hcl"},
capabilities = capabilities,
})
lspconfig.tflint.setup({
capabilities = capabilities,
})
lspconfig.yamlls.setup({
capabilities = capabilities,
})
require'luasnip'.filetype_extend("go", {"go"})
require'luasnip'.filetype_extend("ruby", {"rails"})
-------------------------------------------------------------------------------
-- Plugins {{{1 ---------------------------------------------------------------
-------------------------------------------------------------------------------
-- status line
require("lualine").setup({
options = {
theme = "gruvbox",
},
})
-- nvim-telescope
require('telescope').setup({
defaults = {
layout_strategy='vertical',
layout_config = {
vertical = { width = 0.9 }
},
},
})
-- nvim-tree
require'nvim-tree'.setup {}
-- gitsigns
require('gitsigns').setup()
-- treesitter
require("nvim-treesitter.configs").setup({
ensure_installed = {},
highlight = {
enable = true,
},
indent = {
enable = true,
},
rainbow = {
enable = true,
extended_mode = true,
},
})
-- folding
vim.api.nvim_exec(
[[
set foldmethod=expr
set foldlevel=20
set nofoldenable
set foldexpr=nvim_treesitter#foldexpr()
]],
true
)
-- vim-markdown
vim.g.vim_markdown_override_foldtext = 0
vim.g.vim_markdown_no_default_key_mappings = 1
vim.g.vim_markdown_emphasis_multiline = 0
vim.g.vim_markdown_conceal = 0
vim.g.vim_markdown_frontmatter = 1
vim.g.vim_markdown_new_list_item_indent = 0
-- vim-prettier
vim.g["prettier#autoformat"] = 1
-- git-blame
vim.g.gitblame_enabled = 1
vim.api.nvim_set_keymap("n", "<leader>ff", "<cmd>Telescope find_files find_command=rg,--ignore,--hidden,--files,-g,!.git prompt_prefix=🔍<cr>", { silent = true, noremap = true })
vim.api.nvim_set_keymap("n", "<leader>fg", "<cmd>Telescope live_grep<cr>", { silent = true, noremap = true })
-- NvimTree
vim.api.nvim_set_keymap("n", "<leader>n", "<cmd>NvimTreeToggle<cr>", { noremap = true })
vim.api.nvim_set_keymap("n", "<leader>r", "<cmd>NvimTreeRefresh<cr>", { noremap = true })
vim.api.nvim_set_keymap("n", "<leader>nf", "<cmd>NvimTreeFindFile<cr>", { noremap = true })
--Set colorscheme
vim.o.termguicolors = true
vim.cmd([[colorscheme gruvbox]])

509
hosts/hephaestus.nix
View File

@@ -1,509 +0,0 @@
{
config,
lib,
master,
modulesPath,
pkgs,
unstable,
vpngate,
...
}:
let
gnomeExtensions = with pkgs.gnomeExtensions; [
caffeine
clipboard-history
grand-theft-focus
];
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
stylix = {
enable = true;
base16Scheme = "${pkgs.base16-schemes}/share/themes/tokyo-night-dark.yaml";
image = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/davegallant/nix-config/refs/heads/main/nixos-wallpaper.png";
sha256 = "Ztqn9+CHslr6wZdnOTeo/YNi/ICerpcFLyMArsZ/PIY=";
};
polarity = "dark";
fonts.sizes.desktop = 24;
};
security.sudo-rs = {
enable = true;
execWheelOnly = true;
wheelNeedsPassword = true;
};
boot = {
kernelModules = [
"kvm-amd"
"vfio_pci"
"vfio"
"vfio_iommu_type1"
"vfio_virqfd"
];
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [
"amd_iommu=on"
];
loader = {
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot/efi";
grub = {
enable = true;
device = "nodev";
efiSupport = true;
enableCryptodisk = true;
};
};
supportedFilesystems = [
"ntfs"
];
initrd = {
availableKernelModules = [
"ahci"
"nvme"
"sd_mod"
"usb_storage"
"usbhid"
"xhci_pci"
];
luks.devices."root" = {
allowDiscards = true;
device = "/dev/disk/by-uuid/21cd166c-1528-49a4-b31b-0d408d48aa80";
preLVM = true;
keyFile = "./keyfile0.bin";
};
secrets = {
"keyfile0.bin" = "/etc/secrets/initrd/keyfile0.bin";
};
};
};
environment.systemPackages =
with pkgs;
[
android-studio
android-tools
bleachbit
calibre
chromium
cryptsetup
dbeaver-bin
discord
docker-compose
freefilesync
gimp-with-plugins
gnome-tweaks
google-chrome
httpie-desktop
iputils
libation
mission-center
mupen64plus
nfs-utils
onlyoffice-desktopeditors
opensnitch-ui
pavucontrol
pciutils
pika-backup
pinentry-curses
protonvpn-gui
qemu
terminator
traceroute
unityhub
unstable.beszel
unstable.obsidian
unstable.ryubing
unstable.signal-desktop-bin
unstable.spotify
unstable.tailscale
unstable.zoom-us
usbutils
virt-manager
vlc
vpngate.packages.x86_64-linux.default
whois
wine
]
++ gnomeExtensions;
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/a6723178-6f18-428e-b541-9ac901861125";
fsType = "ext4";
};
"/home" = {
device = "/dev/disk/by-uuid/e3ab2e1a-bddf-4ae0-b00a-bf954c6c182b";
fsType = "ext4";
};
"/boot/efi" = {
device = "/dev/disk/by-uuid/3CFD-D749";
fsType = "vfat";
};
"/mnt/synology-2b/media" = {
device = "192.168.1.178:/volume1/Media";
fsType = "nfs";
};
"/mnt/truenas/home/backups" = {
device = "192.168.1.132:/mnt/wd4t/data/home/backup/";
fsType = "nfs";
};
};
fonts.packages = with pkgs; [
dejavu_fonts
fira-mono
font-awesome
google-fonts
liberation_ttf
nerd-fonts.droid-sans-mono
nerd-fonts.fira-code
nerd-fonts.symbols-only
nerd-fonts.ubuntu
nerd-fonts.ubuntu-mono
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
noto-fonts-extra
];
fonts.fontconfig.defaultFonts = {
sansSerif = [ "Noto Sans" ];
serif = [ "Noto Serif" ];
monospace = [ "Noto Sans Mono" ];
emoji = [ "Noto Color Emoji" ];
};
nixpkgs = {
hostPlatform = "x86_64-linux";
config = {
allowUnfree = true;
};
};
networking = {
iproute2.enable = true;
hostName = "hephaestus";
hostId = "0e8aad53";
interfaces."enp34s0" = {
useDHCP = true;
wakeOnLan = {
enable = true;
policy = [ "magic" ];
};
};
firewall = {
allowPing = false;
enable = true;
checkReversePath = "loose";
trustedInterfaces = [ "tailscale0" ];
};
};
users.users.beszel = {
isSystemUser = true;
group = "beszel";
description = "Beszel Agent service user";
};
users.groups.beszel = { };
systemd.services = {
NetworkManager-wait-online.enable = false;
beszel-agent = {
description = "Beszel Agent Service";
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Environment = [
"PORT=45876"
''KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaNtnkc+3+fJU+bTO6fibID9FHgFjei0sjJNqvcYtG8"''
];
ExecStart = "${lib.getBin unstable.beszel}/bin/beszel-agent";
User = "beszel";
Restart = "always";
RestartSec = 5;
};
};
};
system = {
autoUpgrade.enable = true;
stateVersion = "25.05";
};
nix = {
extraOptions = "experimental-features = nix-command flakes";
};
users.users.dave = {
isNormalUser = true;
extraGroups = [
"docker"
"wheel"
"libvirtd"
"corectrl"
];
shell = pkgs.zsh;
};
i18n.defaultLocale = "en_US.UTF-8";
i18n.inputMethod = {
enable = true;
type = "ibus";
ibus.engines = with pkgs.ibus-engines; [ anthy ];
};
time.timeZone = "America/Toronto";
hardware.graphics = {
enable = true;
enable32Bit = true;
};
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
programs = {
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
nix-ld.enable = true;
steam = {
enable = true;
remotePlay.openFirewall = true;
};
zsh.enable = true;
};
services.avahi = {
enable = true;
nssmdns4 = true;
publish = {
enable = true;
addresses = true;
domain = true;
hinfo = true;
userServices = true;
workstation = true;
};
};
services.flatpak.enable = true;
services.gnome.gnome-keyring.enable = true;
services.printing.enable = true;
services.resolved.enable = true;
services.sshd.enable = true;
services.tailscale = {
enable = true;
package = unstable.tailscale;
};
services.xserver = {
enable = true;
displayManager = {
gdm = {
enable = true;
wayland = true;
};
};
desktopManager.gnome.enable = true;
videoDrivers = [ "amdgpu" ];
};
services.ollama = {
package = master.ollama;
enable = true;
acceleration = "rocm";
host = "0.0.0.0";
environmentVariables = {
HSA_OVERRIDE_GFX_VERSION = "11.0.2";
};
loadModels = [
"dolphin3:8b"
"llama3.1"
"llava"
];
};
services.open-webui = {
enable = true;
package = pkgs.open-webui;
host = "0.0.0.0";
environment = {
ANONYMIZED_TELEMETRY = "False";
DO_NOT_TRACK = "True";
SCARF_NO_ANALYTICS = "True";
OLLAMA_API_BASE_URL = "http://127.0.0.1:11434/api";
OLLAMA_BASE_URL = "http://127.0.0.1:11434";
};
};
services.opensnitch = {
enable = true;
rules = {
avahi-ipv4 = {
name = "Allow avahi daemon IPv4";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "list";
operand = "list";
list = [
{
type = "simple";
operand = "process.path";
sensitive = false;
data = "${lib.getBin pkgs.avahi}/bin/avahi-daemon";
}
{
type = "network";
operand = "dest.network";
data = "224.0.0.0/24";
}
];
};
};
systemd-timesyncd = {
name = "systemd-timesyncd";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "simple";
sensitive = false;
operand = "process.path";
data = "${lib.getBin pkgs.systemd}/lib/systemd/systemd-timesyncd";
};
};
systemd-resolved = {
name = "systemd-resolved";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "simple";
sensitive = false;
operand = "process.path";
data = "${lib.getBin pkgs.systemd}/lib/systemd/systemd-resolved";
};
};
localhost = {
name = "Allow all localhost";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "regexp";
operand = "dest.ip";
sensitive = false;
data = "^(127\\.0\\.0\\.1|::1)$";
list = [ ];
};
};
nix-update = {
name = "Allow Nix";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "list";
operand = "list";
list = [
{
type = "simple";
sensitive = false;
operand = "process.path";
data = "${lib.getBin pkgs.nix}/bin/nix";
}
{
type = "regexp";
operand = "dest.host";
sensitive = false;
data = "^(([a-z0-9|-]+\\.)*github\\.com|([a-z0-9|-]+\\.)*nixos\\.org)$";
}
];
};
};
NetworkManager = {
name = "Allow NetworkManager";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "list";
operand = "list";
list = [
{
type = "simple";
sensitive = false;
operand = "process.path";
data = "${lib.getBin pkgs.networkmanager}/bin/NetworkManager";
}
{
type = "simple";
operand = "dest.port";
sensitive = false;
data = "67";
}
{
type = "simple";
operand = "protocol";
sensitive = false;
data = "udp";
}
];
};
};
ssh-github = {
name = "Allow SSH to github";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "list";
operand = "list";
list = [
{
type = "simple";
sensitive = false;
operand = "process.path";
data = "${lib.getBin pkgs.openssh}/bin/ssh";
}
{
type = "simple";
operand = "dest.host";
sensitive = false;
data = "github.com";
}
];
};
};
};
};
virtualisation = {
docker.enable = true;
podman.enable = true;
libvirtd = {
enable = true;
qemu.swtpm.enable = true;
};
};
}

137
hosts/zelus.nix
View File

@@ -1,137 +0,0 @@
{ pkgs, ... }:
{
nixpkgs = {
config = {
allowUnfree = true;
};
};
networking = {
hostName = "zelus";
};
nix.enable = false;
programs.zsh = {
enable = true;
# https://github.com/nix-community/home-manager/issues/108#issuecomment-340397178
enableCompletion = false;
};
system.stateVersion = 4;
users.users."dave.gallant".home = "/Users/dave.gallant";
system.primaryUser = "dave.gallant";
system.defaults = {
trackpad = {
ActuationStrength = 0;
Clicking = true;
FirstClickThreshold = 1;
SecondClickThreshold = 1;
TrackpadRightClick = true;
};
dock = {
autohide = true;
tilesize = 50;
orientation = "bottom";
persistent-apps = [
"/Applications/iTerm.app"
"/Applications/Google Chrome.app"
"/Applications/LibreWolf.app"
"/Applications/Obsidian.app"
"/Applications/Slack.app"
"/Applications/Visual Studio Code.app"
"/Applications/zoom.us.app"
];
};
NSGlobalDomain.AppleShowAllExtensions = true;
NSGlobalDomain.AppleShowScrollBars = "Always";
NSGlobalDomain.NSUseAnimatedFocusRing = false;
NSGlobalDomain.NSNavPanelExpandedStateForSaveMode = true;
NSGlobalDomain.NSNavPanelExpandedStateForSaveMode2 = true;
NSGlobalDomain.PMPrintingExpandedStateForPrint = true;
NSGlobalDomain.PMPrintingExpandedStateForPrint2 = true;
NSGlobalDomain.NSDocumentSaveNewDocumentsToCloud = false;
NSGlobalDomain.ApplePressAndHoldEnabled = false;
NSGlobalDomain.InitialKeyRepeat = 25;
NSGlobalDomain.KeyRepeat = 2;
NSGlobalDomain."com.apple.mouse.tapBehavior" = 1;
NSGlobalDomain.NSWindowShouldDragOnGesture = true;
NSGlobalDomain.NSAutomaticSpellingCorrectionEnabled = false;
LaunchServices.LSQuarantine = false; # disables "Are you sure?" for new apps
loginwindow.GuestEnabled = false;
finder.FXPreferredViewStyle = "Nlsv";
};
security.pam.services.sudo_local.touchIdAuth = true;
homebrew = {
enable = true;
onActivation = {
cleanup = "zap";
autoUpdate = true;
upgrade = true;
};
global = {
brewfile = true;
};
brews = [
"argocd"
"azure-cli"
"coreutils"
"gnu-sed"
"gnu-tar"
"k6"
"node"
"oras"
"vault"
];
casks = [
"discord"
"dbeaver-community"
"font-fira-code-nerd-font"
"font-hack-nerd-font"
"fork"
"freelens"
"iterm2"
"karabiner-elements"
"knockknock"
"librewolf"
"lulu"
"notunes"
"obsidian"
"ollama"
"raycast"
"rectangle"
"signal"
"slack"
"spotify"
"stats"
"steam"
"taskexplorer"
"tailscale"
"vlc"
];
taps = [
"hashicorp/tap"
"homebrew/bundle"
"homebrew/cask-fonts"
"homebrew/cask-versions"
"homebrew/services"
];
};
stylix = {
enable = true;
image = "/Library/tokyo-night.jpg";
};
}

30
justfile
View File

@@ -1,30 +0,0 @@
set export
alias u := update
alias r := rebuild
arch := `uname -s`
cmd := if arch == "Linux" { "nixos-rebuild --use-remote-sudo" } else { "darwin-rebuild" }
rebuild:
sudo $cmd switch --flake . -I nixos-config="hosts/$(hostname).nix"
rollback:
$cmd switch --rollback --flake .
channel-update:
nix-channel --update
sudo nix-channel --update
update:
@./update-flake.sh
fmt:
nixfmt *.nix
clean:
echo 'Cleaning user...'
nix-collect-garbage -d
echo 'Cleaning root...'
sudo nix-collect-garbage -d

3
modules/common/darwin.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
nix.extraOptions = "experimental-features = nix-command flakes";
}

22
modules/common/fonts.nix Normal file
View File

@@ -0,0 +1,22 @@
{pkgs, ...}: {
fonts.packages = with pkgs; [
dejavu_fonts
fira-code
fira-code-symbols
fira-mono
font-awesome
google-fonts
liberation_ttf
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
noto-fonts-extra
];
fonts.fontconfig.defaultFonts = {
sansSerif = ["Noto Sans"];
serif = ["Noto Serif"];
monospace = ["Noto Sans Mono"];
emoji = ["Noto Color Emoji"];
};
}

101
modules/common/linux.nix Normal file
View File

@@ -0,0 +1,101 @@
{pkgs, ...}: {
boot.kernelPackages = pkgs.linuxPackages;
boot.supportedFilesystems = ["ntfs"];
system = {
autoUpgrade.enable = true;
stateVersion = "23.11";
};
nix = {
extraOptions = "experimental-features = nix-command flakes";
package = pkgs.nixUnstable;
};
users.users.dave = {
isNormalUser = true;
extraGroups = ["docker" "wheel" "libvirtd" "corectrl"];
shell = pkgs.zsh;
};
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
time.timeZone = "America/Toronto";
hardware.pulseaudio.enable = true;
# Enable Vulkan
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
# Enable Steam
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [libva];
hardware.pulseaudio.support32Bit = true;
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
virtualisation = {
docker.enable = true;
libvirtd.enable = true;
podman.enable = true;
};
programs = {
corectrl.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
zsh.enable = true;
};
services = {
avahi = {
enable = true;
nssmdns = true;
publish = {
enable = true;
addresses = true;
domain = true;
hinfo = true;
userServices = true;
workstation = true;
};
};
gnome.gnome-keyring.enable = true;
mullvad-vpn.enable = false;
printing.enable = true;
resolved.enable = true;
xserver = {
enable = true;
displayManager = {
gdm = {
enable = true;
wayland = false;
};
};
desktopManager = {
gnome = {
enable = true;
};
};
};
};
networking = {
iproute2.enable = true;
firewall = {
allowPing = false;
enable = true;
checkReversePath = "loose";
trustedInterfaces = ["tailscale0"];
};
};
}

59
modules/darwin/brew.nix Normal file
View File

@@ -0,0 +1,59 @@
{
config,
lib,
pkgs,
...
}: let
checkBrew = "command -v brew > /dev/null";
in {
environment = {
extraInit = ''
${checkBrew} || >&2 echo "brew is not installed (install it via https://brew.sh)"
'';
};
homebrew = {
enable = true;
onActivation.autoUpdate = false;
onActivation.upgrade = false;
global = {
brewfile = true;
};
brews = [
"azure-cli"
"coreutils"
"gnu-sed"
"gnu-tar"
"helm"
"netdata"
"node"
"podman"
"podman-compose"
];
casks = [
"dbeaver-community"
"font-fira-code-nerd-font"
"font-hack-nerd-font"
"karabiner-elements"
"lulu"
"notunes"
"podman-desktop"
"postman"
"raycast"
"rectangle"
"stats"
];
taps = [
"azure/bicep"
"homebrew/bundle"
"homebrew/cask"
"homebrew/cask-fonts"
"homebrew/cask-versions"
"homebrew/core"
"homebrew/services"
];
};
}

7
modules/darwin/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{pkgs, ...}: {
users.users."dave.gallant".home = "/Users/dave.gallant";
imports = [
./brew.nix
./preferences.nix
];
}

57
modules/darwin/preferences.nix Normal file
View File

@@ -0,0 +1,57 @@
{
config,
pkgs,
...
}: {
system.defaults = {
loginwindow = {
GuestEnabled = false;
SHOWFULLNAME = false;
};
finder = {
AppleShowAllExtensions = true;
FXEnableExtensionChangeWarning = true;
_FXShowPosixPathInTitle = true;
};
trackpad = {
ActuationStrength = 0;
Clicking = true;
FirstClickThreshold = 1;
SecondClickThreshold = 1;
TrackpadRightClick = false;
};
# firewall
alf = {
# 0 = disabled 1 = enabled 2 = blocks all connections except for essential services
globalstate = 1;
loggingenabled = 0;
stealthenabled = 1;
};
dock = {
autohide = true;
autohide-delay = 0.0;
autohide-time-modifier = 1.0;
tilesize = 50;
static-only = false;
showhidden = false;
show-recents = false;
show-process-indicators = true;
orientation = "bottom";
mru-spaces = false;
};
NSGlobalDomain = {
"com.apple.sound.beep.feedback" = 0;
"com.apple.sound.beep.volume" = 0.000;
ApplePressAndHoldEnabled = false;
InitialKeyRepeat = 10;
KeyRepeat = 2;
AppleShowAllExtensions = true;
AppleShowScrollBars = "Automatic";
};
};
}

29
modules/machines/hephaestus/configuration.nix Normal file
View File

@@ -0,0 +1,29 @@
{
config,
pkgs,
...
}: {
imports = [./hardware.nix];
hardware.opengl.enable = true;
nixpkgs.config.allowUnfree = true;
networking = {
hostName = "hephaestus";
interfaces.enp34s0 = {
useDHCP = true;
};
firewall = {
allowedUDPPorts = [
41641 # tailscale
];
};
};
services = {
sshd.enable = true;
tailscale.enable = true;
xserver.videoDrivers = ["amdgpu"];
};
}

76
modules/machines/hephaestus/hardware.nix Normal file
View File

@@ -0,0 +1,76 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules = [
"ahci"
"nvme"
"sd_mod"
"usb_storage"
"usbhid"
"xhci_pci"
];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = with config.boot.kernelPackages; [
xpadneo
];
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.grub = {
enable = true;
device = "nodev";
efiSupport = true;
enableCryptodisk = true;
};
boot.initrd = {
luks.devices."root" = {
allowDiscards = true;
device = "/dev/disk/by-uuid/21cd166c-1528-49a4-b31b-0d408d48aa80";
preLVM = true;
keyFile = "./keyfile0.bin";
};
secrets = {
"keyfile0.bin" = "/etc/secrets/initrd/keyfile0.bin";
};
};
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
fileSystems."/" = {
device = "/dev/disk/by-uuid/a6723178-6f18-428e-b541-9ac901861125";
fsType = "ext4";
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/e3ab2e1a-bddf-4ae0-b00a-bf954c6c182b";
fsType = "ext4";
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/3CFD-D749";
fsType = "vfat";
};
fileSystems."/mnt/synology-2b/media" = {
device = "192.168.1.178:/volume1/Media";
fsType = "nfs";
};
fileSystems."/mnt/synology-2b/backups" = {
device = "192.168.1.178:/volume1/Backups";
fsType = "nfs";
};
swapDevices = [
{device = "/dev/disk/by-uuid/5d6d0388-2b15-4ff1-9f0f-391818a76090";}
];
}

19
modules/machines/zelus/configuration.nix Normal file
View File

@@ -0,0 +1,19 @@
{pkgs, ...}: {
nixpkgs.config.allowUnfree = true;
environment = {variables = {LANG = "en_US.UTF-8";};};
networking = {hostName = "zelus";};
# Auto upgrade nix package and the daemon service.
services.nix-daemon.enable = true;
nix.package = pkgs.nixVersions.stable;
programs.zsh = {
enable = true;
# https://github.com/nix-community/home-manager/issues/108#issuecomment-340397178
enableCompletion = false;
};
system.stateVersion = 4;
}

5
modules/overlays/default.nix Normal file
View File

@@ -0,0 +1,5 @@
final: prev: {
rfd = prev.callPackage ./rfd {};
tmux-sessionizer = prev.callPackage ./tmux-sessionizer {};
vpngate = prev.callPackage ./vpngate {};
}

24
modules/overlays/tmux-sessionizer/default.nix Normal file
View File

@@ -0,0 +1,24 @@
{
stdenv,
lib,
fetchurl,
}:
stdenv.mkDerivation rec {
pname = "tmux-sessionizer";
version = "0.0.0";
executable = ./tmux-sessionizer;
phases = ["unpackPhase"]; # Remove all other phases
unpackPhase = ''
mkdir -p $out/bin
cp ${executable} $out/bin/tmux-sessionizer
'';
meta = with lib; {
description = "
Tmux sessionizer adapted from https://sourcegraph.com/github.com/ThePrimeagen/.dotfiles@5cd09f06d6683b91c26822a73b40e3d7fb9af57a/-/blob/bin/.local/bin/tmux-sessionizer";
platforms = platforms.unix;
};
}

31
modules/overlays/tmux-sessionizer/tmux-sessionizer Executable file
View File

@@ -0,0 +1,31 @@
#!/usr/bin/env bash
# Credit to ThePrimeagen for this:
# https://sourcegraph.com/github.com/ThePrimeagen/.dotfiles@5cd09f06d6683b91c26822a73b40e3d7fb9af57a/-/blob/bin/.local/bin/tmux-sessionizer
readarray -t directories < ~/.config/tmux-sessionizer
if [[ $# -eq 1 ]]; then
selected=$1
else
selected=$(find "${directories[@]}" -mindepth 1 -maxdepth 1 -type d | fzf --exact)
fi
if [[ -z $selected ]]; then
exit 0
fi
selected_name=$(basename "$selected" | tr . _)
tmux_running=$(pgrep tmux)
if [[ -z $TMUX ]] && [[ -z $tmux_running ]]; then
tmux new-session -s "$selected_name" -c "$selected"
exit 0
fi
if ! tmux has-session -t "$selected_name" 2> /dev/null; then
tmux new-session -ds "$selected_name" -c "$selected"
fi
tmux switch-client -t "$selected_name"

28
modules/overlays/vpngate/default.nix Normal file
View File

@@ -0,0 +1,28 @@
{
lib,
fetchFromGitHub,
buildGoModule,
}:
buildGoModule rec {
pname = "vpngate";
version = "v0.1.5";
vendorHash = "sha256-TQLHvoVAMvDtm/9EQUaNVVjQajyMBnJu8NF6Kt0+RJ8=";
src = fetchFromGitHub {
owner = "davegallant";
repo = "vpngate";
rev = version;
sha256 = "sha256-+KZ6/h8JLEisnIja4lstJYVHzEC/8PdHL3czK/mJCAs=";
};
doCheck = false;
meta = with lib; {
homepage = "https://www.vpngate.net";
description = "a client for vpngate.net";
license = licenses.gpl3;
maintainers = with maintainers; [davegallant];
platforms = platforms.linux ++ platforms.darwin;
};
}

138
modules/packages/common.nix Normal file
View File

@@ -0,0 +1,138 @@
{
config,
lib,
pkgs,
unstable,
...
}: let
inherit (pkgs) stdenv;
in {
environment.systemPackages = with pkgs; let
common = [
# essentials
curl
gcc
git-crypt
gnumake
gnupg
imagemagick
jq
unzip
viddy
wget
xclip
xdg-utils
zip
# modern cli
bat
eza
fd
unstable.github-cli
progress
glab
hadolint
nodePackages.eslint
oha
pre-commit
ripgrep
yq-go
shellcheck
shfmt
starship
tldr
tmux-sessionizer
# containers
krew
kubecolor
kubectl
kubectx
minikube
stern
unstable.helm-docs
unstable.k9s
unstable.skaffold
# cloud
unstable.flyctl
# language servers
nodePackages.bash-language-server
nodePackages.pyright
nodePackages.yaml-language-server
sumneko-lua-language-server
# monitoring
ctop
glances
htop
procs
# lua
lua53Packages.luacheck
stylua
# golang
gofumpt
golangci-lint
gopls
# rust
rustup
# js
nodejs
nodePackages.prettier
nodePackages.yarn
# networking
arp-scan
dnsutils
iperf
nmap
openssl
openvpn
sshfs # mac requires https://osxfuse.github.io/
vpngate
# rice
neofetch
pfetch
# infra
terraform-ls
terraformer
tflint
# nix
alejandra
cachix
nix-diff
nix-tree
nixfmt
nixpkgs-fmt
nixpkgs-review
rnix-lsp
# python
poetry
python310
python310Packages.black
python310Packages.ipython
python310Packages.pip
python310Packages.poetry-core
python310Packages.setuptools
python310Packages.virtualenv
# media
youtube-dl
# blog
hugo
];
in
common;
programs.gnupg.agent.enable = true;
}

80
modules/packages/linux.nix Normal file
View File

@@ -0,0 +1,80 @@
{
config,
lib,
pkgs,
unstable,
...
}: let
inherit (pkgs) stdenv;
in {
environment.systemPackages = with pkgs; let
linux = [
albert
bitwarden
bitwarden-cli
chromium
cpu-x
cryptsetup
deja-dup
discord
docker
docker-compose
foliate
ghostscript
gimp-with-plugins
glibcLocales
gnome.gnome-sound-recorder
gnome.gnome-tweaks
gnome.seahorse
gnomeExtensions.appindicator
gnomeExtensions.bluetooth-quick-connect
gnomeExtensions.blur-my-shell
gnomeExtensions.caffeine
gnomeExtensions.clipboard-indicator
gnomeExtensions.dash-to-dock
gnomeExtensions.grand-theft-focus
gnomeExtensions.night-theme-switcher
gnomeExtensions.notification-banner-reloaded
gnomeExtensions.quick-settings-tweaker
iputils
gnomeExtensions.tailscale-status
gnomeExtensions.tray-icons-reloaded
gnomeExtensions.vitals
google-cloud-sdk
kazam
legendary-gl
lm_sensors
mullvad-vpn
netdata
nfs-utils
obs-studio
pavucontrol
pinentry-curses
podman
prismlauncher
psst
qemu
rustup
ryujinx
strace
tailscale
traceroute
unstable.android-studio
unstable.obsidian
unstable.signal-desktop
unstable.unityhub
unstable.yuzu
unstable.zoom-us
usbutils
virt-manager
vlc
whois
wine
wine64
wireshark-qt
];
in
linux;
programs.gnupg.agent.enable = true;
}

45
modules/services/netdata/default.nix Normal file
View File

@@ -0,0 +1,45 @@
{
config,
pkgs,
...
}: let
netdata = pkgs.netdata;
netdataConf = ./netdata.conf;
netdataDir = "/var/lib/netdata";
in {
users.extraGroups.netdata.gid = 220008;
users.users.netdata.group = "netdata";
users.extraUsers.netdata = {
description = "Netdata server user";
isSystemUser = true;
name = "netdata";
uid = 200008;
};
systemd.services.netdata = {
wantedBy = ["multi-user.target"];
after = ["network.target"];
preStart = ''
mkdir -p ${netdataDir}/config
mkdir -p ${netdataDir}/logs
cp -r ${netdata}/share/netdata/web ${netdataDir}/web
chmod -R 700 ${netdataDir}
chown -R netdata:netdata ${netdataDir}
'';
serviceConfig = {
Type = "forking";
ExecStart = "${netdata}/bin/netdata -c ${netdataConf} -u netdata";
Restart = "on-failure";
};
};
services.nginx.httpConfig = ''
server {
server_name netdata.thume.net;
location / {
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://127.0.0.1:19999;
}
}
'';
}

21
modules/services/netdata/netdata.conf Normal file
View File

@@ -0,0 +1,21 @@
[global]
run as user = netdata
config directory = /var/lib/netdata/config
web files directory = /var/lib/netdata/web
cache directory = /var/lib/netdata
log directory = /var/lib/netdata/logs
# the default database size - 1 hour
history = 3600
# some defaults to run netdata with least priority
process scheduling policy = idle
OOM score = 1000
[web]
# web files owner = root
web files group = netdata
# by default do not expose the netdata port
bind to = localhost

3
upgrade-diff.nix → modules/upgrade-diff.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
system.activationScripts.diff = {
supportsDryActivation = true;
text = ''

BIN
nixos-wallpaper.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 297 KiB

120
outputs.nix Normal file
View File

@@ -0,0 +1,120 @@
{
self,
darwin,
home-manager,
nixpkgs,
nixpkgs-unstable,
nixos-hardware,
nix-ld,
...
} @ inputs: {
nixosConfigurations = let
modulesDir = ./modules;
unstable = import nixpkgs-unstable {};
defaultModules = [
home-manager.nixosModules.home-manager
./modules/common/fonts.nix
./modules/packages/common.nix
./modules/upgrade-diff.nix
({
config,
lib,
lib',
...
}: {
config = {
_module.args = {
lib' = lib // import ./lib {inherit config lib;};
};
nix = {
settings = {
auto-optimise-store = true;
sandbox = false;
substituters = ["https://davegallant.cachix.org"];
trusted-users = ["root" "dave"];
trusted-public-keys = [
"davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08="
];
};
registry = {nixpkgs.flake = nixpkgs;};
};
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
nixpkgs.overlays = [
(import ./modules/overlays)
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.dave.imports = [./home/default.nix];
extraSpecialArgs = {
inherit unstable;
};
};
};
})
];
desktopLinuxModules = [
./modules/common/linux.nix
./modules/packages/linux.nix
./modules/services/netdata/default.nix
];
in {
hephaestus = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {inherit unstable;};
modules =
[
./modules/machines/hephaestus/configuration.nix
./modules/machines/hephaestus/hardware.nix
]
++ defaultModules
++ desktopLinuxModules;
};
};
darwinConfigurations = let
system = "aarch64-darwin";
unstable = import nixpkgs-unstable {
inherit system;
};
in {
zelus = darwin.lib.darwinSystem {
inherit system;
specialArgs = {inherit unstable;};
modules = [
home-manager.darwinModules.home-manager
./modules/common/darwin.nix
./modules/packages/common.nix
./modules/machines/zelus/configuration.nix
./modules/darwin/default.nix
./modules/upgrade-diff.nix
({config, ...}: {
config = {
nixpkgs.overlays = [
(import ./modules/overlays)
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."dave.gallant".imports = [./home/default.nix];
extraSpecialArgs = {
inherit unstable;
};
};
};
})
];
};
};
}

17
overlays/cd-fzf/cd-fzf
View File

@@ -1,17 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
readarray -t directories < ~/.config/cd-fzf
if [[ $# -eq 1 ]]; then
selected=$1
else
selected=$(find "${directories[@]}" -mindepth 1 -maxdepth 1 -type d | fzf --exact)
fi
if [[ -z $selected ]]; then
exit 0
fi
cd "$selected"
$SHELL

19
overlays/cd-fzf/default.nix
View File

@@ -1,19 +0,0 @@
{
stdenv,
lib,
fetchurl,
}:
stdenv.mkDerivation rec {
pname = "cd-fzf";
version = "0.0.1";
executable = ./cd-fzf;
phases = [ "unpackPhase" ]; # Remove all other phases
unpackPhase = ''
mkdir -p $out/bin
cp ${executable} $out/bin/cd-fzf
'';
meta = with lib; {
description = "\n Fuzzy find change directory";
platforms = platforms.unix;
};
}

3
overlays/default.nix
View File

@@ -1,3 +0,0 @@
final: prev: {
cd-fzf = prev.callPackage ./cd-fzf { };
}

9
renovate.json
View File

@@ -1,9 +0,0 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"schedule": [
"every weekend"
],
"extends": [
"config:recommended"
]
}

5
shell.nix Normal file
View File

@@ -0,0 +1,5 @@
(import <nixpkgs> {}).mkShell {
shellHook = ''
${(import ./default.nix).pre-commit-check.shellHook}
'';
}

19
update-flake.sh
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
git pull
update_msg=$(nix flake update 2>&1 | grep -v 'warning:')
just rebuild
git add .
read -p "Commit and push changes? [yN]? " -r
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
exit 1
fi
git commit -S -m "nix flake update: $(TZ=UTC date '+%Y-%m-%d %H:%M:%S %Z')
$update_msg"
echo "$update_msg"
git push