youthlic/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

init repo

Browse source 
update nvidia driver, install ghostty and other things

before refactor the arch of configuration.

move some nixos configuration to ./nixos/modules and ./nixos/configurations. try to find a good arch to conbine home-manager and nixos modules.

fix callPackage firefox-addons missing key immersive-translate.

wrap niri and spotx overlays into overlay.modifications.

build a brandnew architecture for configurations.

change the import method of homeManagerModules."${unixName}" to use outputs.

add ghostty overlay to replace ghostty.

add nix config in home/modules/nix.nix when not nixos

fix call nixpkgs.foldr. modify to call nixpkgs.lib.foldr.

modify firefox config, to use flake packages as extension

modify i18n config, to use flake packages as addons

remove ssh private key and add it to sops.

update partial flake inputs

update partial flake inputs, add some package to user config

move helix as home module, provide option youthlic.programs.helix.

change fcitx5 config to pkg, use rime-ice default config.

move spotify installation to default.nix neither spotify.nix

change gpg encrypt key

add gpg option to home-manager module

add fd as user level package

remove gpg option in system level

add git option

update flake inputs, and install all gpg pinentry

add gh to git module

change shell config to module, and ghostty also.

change gpg pinentry from pinentry-all to pinentry-qt.

change gh config, use ssh as git protocol

remove zed editor

move foot to module, and disable it.

add store as git credential helper

rename sops.secrets.gitea to sops.secrets.git-credential

add git delta config

move starship configuration to home/modules.

update flake inputs

add ssh config to sops encrypt file `secrets/ssh-config.yaml`

change niri to niri-unstable and update flake inputs

change encypt key from gnupg to age. And encrypt dae url

move home sops config to module

update flake inputs

add duf and doggo to home packages
This commit is contained in:
ulic-youthlic 2024-12-25 10:59:37 +08:00
parent 8f9953d42f
commit dd77858199
Signed by: youthlic
GPG key ID: 63E86C3C14A0D721
50 changed files with 3848 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
.sops.yaml Normal file
View file

@ -0,0 +1,7 @@
keys:
- &master age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g
creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *master

1097
flake.lock generated Normal file
View file

File diff suppressed because it is too large Load diff

212
flake.nix Normal file
View file

@ -0,0 +1,212 @@
{
description = "A simple NixOS flakes";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
helix = {
url = "github:helix-editor/helix/master";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
oskars-dotfiles = {
url = "github:oskardotglobal/.dotfiles/nix";
inputs.nixpkgs.follows = "nixpkgs";
};
niri-flake = {
url = "github:sodiboo/niri-flake";
};
nixos-cosmic = {
url = "github:lilyinstarlight/nixos-cosmic";
};
ghostty = {
url = "github:ghostty-org/ghostty";
};
nixos-hardware = {
url = "github:NixOS/nixos-hardware/master";
};
dae = {
url = "github:daeuniverse/flake.nix";
};
flake-parts = {
url = "github:hercules-ci/flake-parts";
};
flake-utils = {
url = "github:numtide/flake-utils";
};
nur-xddxdd = {
url = "github:xddxdd/nur-packages?ref=master&dir=/pkgs/uncategorized";
flake = false;
};
firefox-addons = {
url = "git+https://gitlab.com/rycee/nur-expressions.git?dir=pkgs/firefox-addons&ref=master";
flake = false;
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
{
self,
nixpkgs,
flake-parts,
flake-utils,
...
}@inputs:
let
inherit (self) outputs;
rootPath = ./.;
in
flake-parts.lib.mkFlake { inherit inputs; } {
systems = flake-utils.lib.defaultSystems;
perSystem = (
{ pkgs, system, ... }@args:
{
_module.args.pkgs = import inputs.nixpkgs {
inherit system;
config = {
allowUnfree = true;
};
};
packages = import ./pkgs (
args
// {
inherit inputs;
}
);
}
);
flake =
{
nix.settings = {
# substituters shared in home-manager and nixos configuration
substituters =
let
channelStore = x: "https://${x}/nix-channels/store";
mirrors = map (x: channelStore "mirrors.${x}.edu.cn") [
"bfsu"
"tuna.tsinghua"
"ustc"
];
cachix = x: "https://${x}.cachix.org";
in
nixpkgs.lib.flatten [
mirrors
(cachix "nix-community")
"https://cache.nixos.org"
(cachix "cosmic")
];
};
nixosModules.default = import ./nixos/modules;
overlays = {
modifications = (import ./overlays/modifications { inherit inputs; });
additions = (import ./overlays/additions { inherit inputs; });
};
nixosConfigurations =
let
nixosConfigDir = ./nixos/configurations;
in
nixpkgs.lib.genAttrs
(map (f: nixpkgs.lib.removeSuffix ".nix" f) (builtins.attrNames (builtins.readDir nixosConfigDir)))
(
hostName:
nixpkgs.lib.nixosSystem {
modules =
[
outputs.nixosModules.default
]
++ [
(
let
dirPath = nixosConfigDir + "/${hostName}";
filePath = nixosConfigDir + "/${hostName}.nix";
in
if builtins.pathExists dirPath then dirPath else filePath
)
];
specialArgs = {
inherit inputs outputs rootPath;
};
}
);
}
// (
let
mkHomeConfig =
{
hostName,
unixName ? "david",
system ? "x86_64-linux",
nixpkgs ? inputs.nixpkgs,
home-manager ? inputs.home-manager,
}:
{
"${unixName}@${hostName}" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages."${system}";
modules =
[
(./home + "/${unixName}/configurations/${hostName}")
]
++ (with outputs.homeManagerModules; [
default
"${unixName}"
]);
extraSpecialArgs = {
inherit
inputs
outputs
unixName
hostName
system
rootPath
;
};
};
};
in
{
homeConfigurations = nixpkgs.lib.foldr (a: b: a // b) { } (
map (hostName: mkHomeConfig { inherit hostName; }) [ "Tytonidae" ]
);
homeManagerModules =
{
default = import ./home/modules;
}
// (
let
allEntries = builtins.readDir ./home;
allUsers = nixpkgs.lib.filterAttrs (
key: value: value == "directory" && key != "modules"
) allEntries;
in
builtins.listToAttrs (
map (name: {
name = name;
value = import (./home + "/${name}/modules");
}) (builtins.attrNames allUsers)
)
);
}
);
};
}

127
home/david/configurations/Tytonidae/default.nix Normal file
View file

@ -0,0 +1,127 @@
{
pkgs,
config,
rootPath,
inputs,
unixName,
...
}:
{
imports = [
./firefox.nix
./niri
];
youthlic.programs = {
helix.enable = true;
gpg.enable = true;
git = {
email = "uilc.youthilc@gmail.com";
name = "ulic-youthlic";
signKey = "C6FCBD7F49E1CBBABD6661F7FC02063F04331A95";
};
fish.enable = true;
bash.enable = true;
ghostty.enable = true;
foot.enable = false;
starship.enable = true;
sops.enable = true;
};
xdg.userDirs = {
enable = true;
download = "${config.home.homeDirectory}/dls";
documents = "${config.home.homeDirectory}/doc";
music = "${config.home.homeDirectory}/mus";
pictures = "${config.home.homeDirectory}/pic";
videos = "${config.home.homeDirectory}/vid";
templates = "${config.home.homeDirectory}/tpl";
publicShare = "${config.home.homeDirectory}/pub";
desktop = "${config.home.homeDirectory}/dsk";
createDirectories = true;
};
home.username = "${unixName}";
home.homeDirectory = "/home/${unixName}";
home.stateVersion = "24.11";
programs.home-manager.enable = true;
programs.obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [
obs-source-record
input-overlay
];
};
home.packages = with pkgs; [
ripgrep
fzf
file
which
gnused
gnutar
bat
gawk
zstd
tree
ouch
dust
duf
doggo
qq
telegram-desktop
ghostty
scrcpy
ast-grep
lazygit
dig
fend
gitoxide
kdePackages.kdenlive
fd
];
programs.ssh = {
enable = true;
hashKnownHosts = true;
extraOptionOverrides = {
HostKeyAlgorithms = "ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256";
KexAlgorithms = "curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256";
MACs = "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com";
Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr";
};
matchBlocks = {
"github.com" = {
hostname = "ssh.github.com";
port = 443;
user = "git";
extraOptions = {
AddKeysToAgent = "yes";
};
};
};
includes = [ config.sops.secrets.ssh-config.path ];
};
programs.chromium = {
enable = true;
commandLineArgs = [
"--ozone-platform=wayland"
"--enable-wayland-ime=true"
"--enable-features=UseOzonePlatform"
];
};
dconf.settings = {
"org/virt-manager/virt-manager/connections" = {
autoconnect = [ "qemu:///system" ];
uris = [ "qemu:///system" ];
};
};
sops.secrets."ssh-private-key" = {
mode = "0600";
path = "${config.home.homeDirectory}/.ssh/id_ed25519";
};
sops.secrets."ssh-config" = {
mode = "0400";
format = "yaml";
sopsFile = rootPath + "/secrets/ssh-config.yaml";
};
}

126
home/david/configurations/Tytonidae/firefox.nix Normal file
View file

@ -0,0 +1,126 @@
{
pkgs,
inputs,
outputs,
system,
...
}:
{
programs.firefox = {
enable = true;
languagePacks = [
"zh-CN"
"en-US"
];
profiles.default = {
name = "default";
isDefault = true;
extensions = [
outputs.packages."${system}".immersive-translate
];
search = {
force = true;
default = "DuckDuckGo";
engines = {
"Nix Packages" = {
urls = [
{
template = "https://search.nixos.org/packages";
params = [
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
};
"Nix Options" = {
urls = [
{
template = "https://search.nixos.org/options";
params = [
{
name = "channel";
value = "unstable";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
definedAliases = [ "@no" ];
};
"Home Manager Options" = {
urls = [
{
template = "https://home-manager-options.extranix.com";
params = [
{
name = "query";
value = "{searchTerms}";
}
{
name = "release";
value = "master";
}
];
}
];
definedAliases = [ "hm" ];
};
"NUR Packages" = {
urls = [
{
template = "https://nur.nix-community.org/";
}
];
definedAliases = [ "nu" ];
};
"Nix Flakes" = {
urls = [
{
template = "https://search.nixos.org/flakes";
params = [
{
name = "channel";
value = "unstable";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
definedAliases = [ "nf" ];
};
"NixOS Wiki" = {
urls = [
{
template = "https://nixos.wiki/index.php";
params = [
{
name = "search";
value = "{searchTerms}";
}
];
}
];
definedAliases = [ "nw" ];
};
"Bing".metaData.hidden = true;
"Google".metaData.alias = "@g"; # builtin engines only support specifying one additional alias
};
};
};
};
}

291
home/david/configurations/Tytonidae/niri/config.kdl Normal file
View file

@ -0,0 +1,291 @@
input {
keyboard {
xkb {
}
}
touchpad {
tap
natural-scroll
}
mouse {
}
trackpoint {
}
}
output "DP-1" {
mode "2560x1440@169.900"
scale 1
transform "normal"
position x=0 y=0
}
output "eDP-1" {
mode "2560x1440@165.003"
scale 1.5
transform "normal"
position x=2560 y=0
}
layout {
gaps 16
center-focused-column "never"
preset-column-widths {
proportion 0.33333
proportion 0.5
proportion 0.66667
}
// You can also customize the heights that "switch-preset-window-height" (Mod+Shift+R) toggles between.
// preset-window-heights { }
default-column-width {}
// By default focus ring and border are rendered as a solid background rectangle
// behind windows. That is, they will show up through semitransparent windows.
// This is because windows using client-side decorations can have an arbitrary shape.
//
// If you don't like that, you should uncomment `prefer-no-csd` below.
// Niri will draw focus ring and border *around* windows that agree to omit their
// client-side decorations.
//
// Alternatively, you can override it with a window rule called
// `draw-border-with-background`.
// You can change how the focus ring looks.
focus-ring {
// Uncomment this line to disable the focus ring.
// off
// How many logical pixels the ring extends out from the windows.
width 4
// Colors can be set in a variety of ways:
// - CSS named colors: "red"
// - RGB hex: "#rgb", "#rgba", "#rrggbb", "#rrggbbaa"
// - CSS-like notation: "rgb(255, 127, 0)", rgba(), hsl() and a few others.
// Color of the ring on the active monitor.
active-color "#7fc8ff"
// Color of the ring on inactive monitors.
inactive-color "#505050"
// You can also use gradients. They take precedence over solid colors.
// Gradients are rendered the same as CSS linear-gradient(angle, from, to).
// The angle is the same as in linear-gradient, and is optional,
// defaulting to 180 (top-to-bottom gradient).
// You can use any CSS linear-gradient tool on the web to set these up.
// Changing the color space is also supported, check the wiki for more info.
//
// active-gradient from="#80c8ff" to="#bbddff" angle=45
// You can also color the gradient relative to the entire view
// of the workspace, rather than relative to just the window itself.
// To do that, set relative-to="workspace-view".
//
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// You can also add a border. It's similar to the focus ring, but always visible.
border {
// The settings are the same as for the focus ring.
// If you enable the border, you probably want to disable the focus ring.
off
width 4
active-color "#ffc87f"
inactive-color "#505050"
// active-gradient from="#ffbb66" to="#ffc880" angle=45 relative-to="workspace-view"
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// Struts shrink the area occupied by windows, similarly to layer-shell panels.
// You can think of them as a kind of outer gaps. They are set in logical pixels.
// Left and right struts will cause the next window to the side to always be visible.
// Top and bottom struts will simply add outer gaps in addition to the area occupied by
// layer-shell panels and regular gaps.
struts {
// left 64
// right 64
// top 64
// bottom 64
}
}
// Add lines like this to spawn processes at startup.
// Note that running niri as a session supports xdg-desktop-autostart,
// which may be more convenient to use.
// See the binds section below for more spawn examples.
environment {
DISPLAY ":1"
}
spawn-at-startup "waybar"
spawn-at-startup "mako"
spawn-at-startup "swaybg" "-i" "/home/david/pic/wallpaper/screenbackground.png"
spawn-at-startup "fcitx5" "-d" "--replace"
spawn-at-startup "xwayland-satellite" ":1"
// Uncomment this line to ask the clients to omit their client-side decorations if possible.
// If the client will specifically ask for CSD, the request will be honored.
// Additionally, clients will be informed that they are tiled, removing some client-side rounded corners.
// This option will also fix border/focus ring drawing behind some semitransparent windows.
// After enabling or disabling this, you need to restart the apps for this to take effect.
// prefer-no-csd
screenshot-path "~/pic/screenshot%Y-%m-%d-%H-%M-%S.png"
// You can also set this to null to disable saving screenshots to disk.
// screenshot-path null
animations {
// Slow down all animations by this factor. Values below 1 speed them up instead.
// slowdown 3.0
}
window-rule {
match app-id=r#"^org\.wezfurlong\.wezterm$"#
default-column-width {}
}
window-rule {
match app-id=r#"^org\.keepassxc\.KeePassXC$"#
match app-id=r#"^org\.gnome\.World\.Secrets$"#
block-out-from "screen-capture"
}
window-rule {
draw-border-with-background false
}
// Example: enable rounded corners for all windows.
// (This example rule is commented out with a "/-" in front.)
/-window-rule {
geometry-corner-radius 12
clip-to-geometry true
}
binds {
Mod+Shift+Slash { show-hotkey-overlay; }
Mod+T { spawn "ghostty"; }
Mod+Space { spawn "fuzzel"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"; }
XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; }
Mod+Q { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
Mod+Up { focus-window-up; }
Mod+Right { focus-column-right; }
Mod+H { focus-column-left; }
Mod+J { focus-window-or-workspace-down; }
Mod+K { focus-window-or-workspace-up; }
Mod+L { focus-column-right; }
Mod+Shift+Left { move-column-left; }
Mod+Shift+Down { move-window-down; }
Mod+Shift+Up { move-window-up; }
Mod+Shift+Right { move-column-right; }
Mod+Shift+H { move-column-left; }
Mod+Shift+J { move-window-down-or-to-workspace-down; }
Mod+Shift+K { move-window-up-or-to-workspace-up; }
Mod+Shift+L { move-column-right; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Ctrl+Left { focus-monitor-left; }
Mod+Ctrl+Down { focus-monitor-down; }
Mod+Ctrl+Up { focus-monitor-up; }
Mod+Ctrl+Right { focus-monitor-right; }
Mod+Ctrl+H { focus-monitor-left; }
Mod+Ctrl+J { focus-monitor-down; }
Mod+Ctrl+K { focus-monitor-up; }
Mod+Ctrl+L { focus-monitor-right; }
Mod+Shift+Ctrl+Left { move-column-to-monitor-left; }
Mod+Shift+Ctrl+Down { move-column-to-monitor-down; }
Mod+Shift+Ctrl+Up { move-column-to-monitor-up; }
Mod+Shift+Ctrl+Right { move-column-to-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-monitor-down; }
Mod+Shift+Ctrl+K { move-column-to-monitor-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
Mod+Page_Down { focus-workspace-down; }
Mod+Page_Up { focus-workspace-up; }
Mod+U { focus-workspace-down; }
Mod+I { focus-workspace-up; }
Mod+Shift+Page_Down { move-column-to-workspace-down; }
Mod+Shift+Page_Up { move-column-to-workspace-up; }
Mod+Shift+U { move-column-to-workspace-down; }
Mod+Shift+I { move-column-to-workspace-up; }
Mod+Ctrl+Page_Down { move-workspace-down; }
Mod+Ctrl+Page_Up { move-workspace-up; }
Mod+Ctrl+U { move-workspace-down; }
Mod+Ctrl+I { move-workspace-up; }
Mod+Shift+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
Mod+Shift+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
Mod+WheelScrollDown { focus-column-right; }
Mod+WheelScrollUp { focus-column-left; }
Mod+1 { focus-workspace 1; }
Mod+2 { focus-workspace 2; }
Mod+3 { focus-workspace 3; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+Shift+1 { move-column-to-workspace 1; }
Mod+Shift+2 { move-column-to-workspace 2; }
Mod+Shift+3 { move-column-to-workspace 3; }
Mod+Shift+4 { move-column-to-workspace 4; }
Mod+Shift+5 { move-column-to-workspace 5; }
Mod+Shift+6 { move-column-to-workspace 6; }
Mod+Shift+7 { move-column-to-workspace 7; }
Mod+Shift+8 { move-column-to-workspace 8; }
Mod+Shift+9 { move-column-to-workspace 9; }
Mod+Tab { focus-workspace-previous; }
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
Mod+Comma { consume-window-into-column; }
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+M { maximize-column; }
Mod+Shift+M { fullscreen-window; }
Mod+Z { center-column; }
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
Mod+Shift+E { quit; }
}

12
home/david/configurations/Tytonidae/niri/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ pkgs, ... }:
{
programs.niri = {
config = builtins.readFile ./config.kdl;
};
home.packages = with pkgs; [
mako
swaybg
xwayland-satellite
waybar
];
}

1
home/david/modules/default.nix Normal file
View file

@ -0,0 +1 @@
{ ... }: { }

35
home/modules/default.nix Normal file
View file

@ -0,0 +1,35 @@
{ inputs, lib, ... }:
{
imports =
(with inputs; [
sops-nix.homeManagerModules.sops
])
++ [
./nix.nix
./helix
./gpg
./git.nix
./shell
./ghostty.nix
./foot
./starship
./sops.nix
];
options = {
youthlic.nixos.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = ''
whether the os is nixos
'';
};
};
config = {
programs.direnv = {
enable = true;
nix-direnv.enable = true;
};
};
}

25
home/modules/foot/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ config, lib, ... }:
let
cfg = config.youthlic.programs.foot;
in
{
options = {
youthlic.programs.foot = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = false;
description = ''
whether use foot terminal
'';
};
};
};
config = lib.mkIf cfg.enable {
programs.foot = {
enable = true;
server.enable = true;
settings = builtins.fromINI (builtins.readFile ./foot.ini);
};
};
}

256
home/modules/foot/foot.ini Normal file
View file

@ -0,0 +1,256 @@
# -*- conf -*-
# shell=$SHELL (if set, otherwise user's default shell from /etc/passwd)
term=foot
# login-shell=no
# app-id=foot # globally set wayland app-id. Default values are "foot" and "footclient" for desktop and server mode
# title=foot
# locked-title=no
font=FiraCode Nerd Font:size=15:lang=en-US
# font-bold=<bold variant of regular font>
# font-italic=<italic variant of regular font>
# font-bold-italic=<bold+italic variant of regular font>
# font-size-adjustment=0.5
# line-height=<font metrics>
# letter-spacing=0
horizontal-letter-offset=0
vertical-letter-offset=0
# underline-offset=<font metrics>
# underline-thickness=<font underline thickness>
# strikeout-thickness=<font strikeout thickness>
# box-drawings-uses-font-glyphs=no
dpi-aware=yes
# initial-window-size-pixels=700x500 # Or,
# initial-window-size-chars=<COLSxROWS>
# initial-window-mode=windowed
# pad=0x0
# resize-by-cells=yes
# resize-keep-grid=yes
# resize-delay-ms=100
# bold-text-in-bright=no
# word-delimiters=,│`|:"'()[]{}<>
selection-target=clipboard
# workers=<number of logical CPUs>
# utmp-helper=/usr/lib/utempter/utempter # When utmp backend is libutempter (Linux)
# utmp-helper=/usr/libexec/ulog-helper # When utmp backend is ulog (FreeBSD)
[environment]
# name=value
[bell]
# urgent=no
# notify=no
# visual=no
# command=
# command-focused=no
[desktop-notifications]
# command=notify-send --wait --app-name ${app-id} --icon ${app-id} --category ${category} --urgency ${urgency} --expire-time ${expire-time} --hint STRING:image-path:${icon} --hint BOOLEAN:suppress-sound:${muted} --hint STRING:sound-name:${sound-name} --replace-id ${replace-id} ${action-argument} --print-id -- ${title} ${body}
# command-action-argument=--action ${action-name}=${action-label}
# close=""
# inhibit-when-focused=yes
[scrollback]
# lines=1000
# multiplier=3.0
# indicator-position=relative
# indicator-format=""
[url]
# launch=xdg-open ${url}
# label-letters=sadfjklewcmpgh
# osc8-underline=url-mode
# protocols=http, https, ftp, ftps, file, gemini, gopher
# uri-characters=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[]
[cursor]
style=beam # block
# color=<inverse foreground/background>
# blink=no
# blink-rate=500
# beam-thickness=1.5
# underline-thickness=<font underline thickness>
[mouse]
hide-when-typing=yes
# alternate-scroll-mode=yes
[touch]
# long-press-delay=400
[colors]
# alpha=1.0
# background=242424
# foreground=ffffff
# flash=7f7f00
# flash-alpha=0.5
## Normal/regular colors (color palette 0-7)
# regular0=242424 # black
# regular1=f62b5a # red
# regular2=47b413 # green
# regular3=e3c401 # yellow
# regular4=24acd4 # blue
# regular5=f2affd # magenta
# regular6=13c299 # cyan
# regular7=e6e6e6 # white
## Bright colors (color palette 8-15)
# bright0=616161 # bright black
# bright1=ff4d51 # bright red
# bright2=35d450 # bright green
# bright3=e9e836 # bright yellow
# bright4=5dc5f8 # bright blue
# bright5=feabf2 # bright magenta
# bright6=24dfc4 # bright cyan
# bright7=ffffff # bright white
## dimmed colors (see foot.ini(5) man page)
# dim0=<not set>
# ...
# dim7=<not-set>
## The remaining 256-color palette
# 16 = <256-color palette #16>
# ...
# 255 = <256-color palette #255>
## Sixel colors
# sixel0 = 000000
# sixel1 = 3333cc
# sixel2 = cc2121
# sixel3 = 33cc33
# sixel4 = cc33cc
# sixel5 = 33cccc
# sixel6 = cccc33
# sixel7 = 878787
# sixel8 = 424242
# sixel9 = 545499
# sixel10 = 994242
# sixel11 = 549954
# sixel12 = 995499
# sixel13 = 549999
# sixel14 = 999954
# sixel15 = cccccc
## Misc colors
# selection-foreground=<inverse foreground/background>
# selection-background=<inverse foreground/background>
# jump-labels=<regular0> <regular3> # black-on-yellow
# scrollback-indicator=<regular0> <bright4> # black-on-bright-blue
# search-box-no-match=<regular0> <regular1> # black-on-red
# search-box-match=<regular0> <regular3> # black-on-yellow
# urls=<regular3>
[csd]
# preferred=server
# size=26
# font=<primary font>
# color=<foreground color>
# hide-when-maximized=no
# double-click-to-maximize=yes
# border-width=0
# border-color=<csd.color>
# button-width=26
# button-color=<background color>
# button-minimize-color=<regular4>
# button-maximize-color=<regular2>
# button-close-color=<regular1>
[key-bindings]
# scrollback-up-page=Shift+Page_Up
# scrollback-up-half-page=none
# scrollback-up-line=none
# scrollback-down-page=Shift+Page_Down
# scrollback-down-half-page=none
# scrollback-down-line=none
# scrollback-home=none
# scrollback-end=none
# clipboard-copy=Control+Shift+c XF86Copy
# clipboard-paste=Control+Shift+v XF86Paste
# primary-paste=Shift+Insert
# search-start=Control+Shift+r
# font-increase=Control+plus Control+equal Control+KP_Add
# font-decrease=Control+minus Control+KP_Subtract
# font-reset=Control+0 Control+KP_0
# spawn-terminal=Control+Shift+n
# minimize=none
# maximize=none
# fullscreen=none
# pipe-visible=[sh -c "xurls | fuzzel | xargs -r firefox"] none
# pipe-scrollback=[sh -c "xurls | fuzzel | xargs -r firefox"] none
# pipe-selected=[xargs -r firefox] none
# pipe-command-output=[wl-copy] none # Copy last command's output to the clipboard
# show-urls-launch=Control+Shift+o
# show-urls-copy=none
# show-urls-persistent=none
# prompt-prev=Control+Shift+z
# prompt-next=Control+Shift+x
# unicode-input=Control+Shift+u
# noop=none
# quit=none
[search-bindings]
# cancel=Control+g Control+c Escape
# commit=Return
# find-prev=Control+r
# find-next=Control+s
# cursor-left=Left Control+b
# cursor-left-word=Control+Left Mod1+b
# cursor-right=Right Control+f
# cursor-right-word=Control+Right Mod1+f
# cursor-home=Home Control+a
# cursor-end=End Control+e
# delete-prev=BackSpace
# delete-prev-word=Mod1+BackSpace Control+BackSpace
# delete-next=Delete
# delete-next-word=Mod1+d Control+Delete
# extend-char=Shift+Right
# extend-to-word-boundary=Control+w Control+Shift+Right
# extend-to-next-whitespace=Control+Shift+w
# extend-line-down=Shift+Down
# extend-backward-char=Shift+Left
# extend-backward-to-word-boundary=Control+Shift+Left
# extend-backward-to-next-whitespace=none
# extend-line-up=Shift+Up
# clipboard-paste=Control+v Control+Shift+v Control+y XF86Paste
# primary-paste=Shift+Insert
# unicode-input=none
# scrollback-up-page=Shift+Page_Up
# scrollback-up-half-page=none
# scrollback-up-line=none
# scrollback-down-page=Shift+Page_Down
# scrollback-down-half-page=none
# scrollback-down-line=none
# scrollback-home=none
# scrollback-end=none
[url-bindings]
# cancel=Control+g Control+c Control+d Escape
# toggle-url-visible=t
[text-bindings]
# \x03=Mod4+c # Map Super+c -> Ctrl+c
[mouse-bindings]
# scrollback-up-mouse=BTN_WHEEL_BACK
# scrollback-down-mouse=BTN_WHEEL_FORWARD
# font-increase=Control+BTN_WHEEL_BACK
# font-decrease=Control+BTN_WHEEL_FORWARD
# selection-override-modifiers=Shift
# primary-paste=BTN_MIDDLE
# select-begin=BTN_LEFT
# select-begin-block=Control+BTN_LEFT
# select-extend=BTN_RIGHT
# select-extend-character-wise=Control+BTN_RIGHT
# select-word=BTN_LEFT-2
# select-word-whitespace=Control+BTN_LEFT-2
# select-quote = BTN_LEFT-3
# select-row=BTN_LEFT-4
# vim: ft=dosini

61
home/modules/ghostty.nix Normal file
View file

@ -0,0 +1,61 @@
{
pkgs,
config,
lib,
...
}:
{
options = {
youthlic.programs.ghostty = {
enable = lib.mkOption {
type = lib.types.bool;
example = false;
default = true;
description = ''
whether enable ghostty
'';
};
};
};
config =
let
cfg = config.youthlic.programs.ghostty;
in
(lib.mkIf cfg.enable {
programs.ghostty = lib.mkMerge [
{
enable = true;
package = pkgs.ghostty;
settings = {
font-family = "FiraCode Nerd Font";
font-feature = [
"calt=1"
"clig=1"
"liga=1"
"cv01"
"cv02"
"cv06"
"zero"
"onum"
"cv17"
"ss05"
"ss03"
"cv16"
"cv31"
"cv29"
"cv30"
];
font-size = 17;
theme = "ayu";
background-opacity = 0.8;
};
}
(lib.mkIf config.youthlic.programs.fish.enable {
enableFishIntegration = true;
})
(lib.mkIf config.youthlic.programs.bash.enable {
enableBashIntegration = true;
})
];
});
}

78
home/modules/git.nix Normal file
View file

@ -0,0 +1,78 @@
{
config,
lib,
...
}:
{
options = {
youthlic.programs.git = {
email = lib.mkOption {
type = lib.types.str;
description = ''
git email
'';
};
name = lib.mkOption {
type = lib.types.str;
example = ''youthlic'';
description = ''
git name
'';
};
signKey = lib.mkOption {
type = lib.types.addCheck (lib.types.nullOr lib.types.str) (
x: (x == null || config.youthlic.programs.gpg.enable)
);
default = null;
description = ''
key fingerprint for sign commit
'';
};
};
};
config =
let
cfg = config.youthlic.programs.git;
in
{
programs.lazygit = {
enable = true;
};
programs.gh = {
enable = true;
gitCredentialHelper.enable = true;
settings = {
git_protocol = "ssh";
};
};
sops.secrets."git-credential" = {
mode = "0640";
};
programs.git = lib.mkMerge [
{
enable = true;
userEmail = cfg.email;
userName = cfg.name;
delta = {
enable = true;
options = {
line-number = true;
hyperlinks = true;
side-by-side = true;
};
};
extraConfig = {
credential = {
helper = "store --file=${config.sops.secrets."git-credential".path}";
};
};
}
(lib.mkIf (cfg.signKey != null) {
signing = {
signByDefault = true;
key = cfg.signKey;
};
})
];
};
}

50
home/modules/gpg/default.nix Normal file
View file

@ -0,0 +1,50 @@
{
pkgs,
config,
lib,
...
}:
{
options = {
youthlic.programs.gpg = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = false;
description = ''
whether enable gpg
'';
};
};
};
config =
let
cfg = config.youthlic.programs.gpg;
in
lib.mkIf cfg.enable {
services.gpg-agent = lib.mkMerge [
{
enable = true;
enableSshSupport = true;
pinentryPackage = pkgs.pinentry-qt;
}
(lib.mkIf config.youthlic.programs.fish.enable {
enableFishIntegration = true;
})
(lib.mkIf config.youthlic.programs.bash.enable {
enableBashIntegration = true;
})
];
programs.gpg = {
enable = true;
mutableKeys = true;
mutableTrust = true;
publicKeys = [
{
source = ./public-key.txt;
trust = "ultimate";
}
];
};
};
}

23
home/modules/gpg/public-key.txt Normal file
View file

@ -0,0 +1,23 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZ4EP8BYJKwYBBAHaRw8BAQdAKGtsoTz2OMi6ZaUyE2IuGFuOniKDLX7WI5OH
iPoaH+K0LXlvdXRobGljIChtYWluIGtleSkgPHVsaWMueW91dGhsaWNAZ21haWwu
Y29tPoiTBBMWCgA7FiEExvy9f0nhy7q9ZmH3/AIGPwQzGpUFAmeBD/ACGwEFCwkI
BwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQ/AIGPwQzGpUEWwD+IMXd5CYtwkJD
GWv7w4LB8SkmMkzSAtCfn0rsLk5AAsUBAIHZGP869EO+MsiyzzbYzKEYeoULECc5
RSu4kvcTIAoDuDMEZ4EQHRYJKwYBBAHaRw8BAQdAnmKX2VX5V1XJyI5J91KiqAk+
bgssUJ5LUq+4RtJBguWI7wQYFgoAIBYhBMb8vX9J4cu6vWZh9/wCBj8EMxqVBQJn
gRAdAhsCAIEJEPwCBj8EMxqVdiAEGRYKAB0WIQQYMd5Sc/DTvN/HQadj6Gw8FKDX
IQUCZ4EQHQAKCRBj6Gw8FKDXISn7AP9CF4qs4EtwOqE/ghFrF4LxloGvIz9iPssI
5g1GrFE2awD/QM7ltH6lPgMNfa6/+fQeERWiz5jXCks/Cl/Sb+ydIAr0dQD/dQQH
MpFGntmx0vkhoZnx34sGHyjTwPM2lHHJMYwrmRcBAKqSa5mVb/wpDcR0CNyfusjC
HxQM6MgBQouDLP+ANtsMuDgEZ4EQORIKKwYBBAGXVQEFAQEHQCqKIhwfA/Jf5pNl
KZ60KG1rMwuE2jBM/buKmVK51xczAwEIB4h4BBgWCgAgFiEExvy9f0nhy7q9ZmH3
/AIGPwQzGpUFAmeBEDkCGwwACgkQ/AIGPwQzGpXbiQEAwRhX1oMVLzsruiKVqNL+
rMq+U6kTuadbh9fJAjCQ9QEA/AjFXS7hNvrsxzv3O+8P1nOZOMKB9p1aM2EDgpF7
q0QNuDMEZ4EZ/xYJKwYBBAHaRw8BAQdAsw7WxrMq/qv2tvLRsGhCdauGAoL8L91b
TJQmvqWADjCIeAQYFgoAIBYhBMb8vX9J4cu6vWZh9/wCBj8EMxqVBQJngRn/Ahsg
AAoJEPwCBj8EMxqVSe0A/0vlCUek4APS09osNpUyLWcboq9x7Jw4ycChcqDTfweP
AQCRDLL8wMjSlwONCLmERl8KoXnQhaEz/f3TiInUYbdkCw==
=Rq0o
-----END PGP PUBLIC KEY BLOCK-----

84
home/modules/helix/config.toml Normal file
View file

@ -0,0 +1,84 @@
theme = "ayu_evolve"
[editor]
line-number = "relative"
cursorline = true
cursorcolumn = false
true-color = true
undercurl = true
bufferline = "multiple"
color-modes = true
default-line-ending = "lf"
popup-border = "all"
[editor.statusline]
left = [
"mode",
"spacer",
"version-control",
"file-type",
"separator",
"read-only-indicator",
"file-name",
"file-modification-indicator",
"spacer",
"spinner",
]
center = ["diagnostics"]
right = [
"register",
"file-line-ending",
"file-encoding",
"separator",
"total-line-numbers",
"position",
"position-percentage",
]
separator = "|"
mode.normal = "NORMAL"
mode.insert = "INSERT"
mode.select = "SELECT"
[editor.lsp]
display-messages = true
display-inlay-hints = true
[editor.cursor-shape]
insert = "bar"
normal = "block"
select = "underline"
[editor.file-picker]
hidden = false
[editor.auto-save]
focus-lost = true
after-delay.enable = true
[editor.whitespace.render]
space = "all"
tab = "all"
newline = "none"
[editor.whitespace.characters]
space = "·"
nbsp = "⍽"
tab = "→"
newline = "⏎"
tabpad = "·"
[editor.indent-guides]
render = true
[editor.gutters]
layout = ["diagnostics", "spacer", "line-numbers", "spacer", "diff"]
line-numbers.min-width = 1
[editor.soft-wrap]
enable = true
wrap-at-text-width = true
[editor.inline-diagnostics]
cursor-line = "hint"
other-lines = "error"
prefix-len = 2

56
home/modules/helix/default.nix Normal file
View file

@ -0,0 +1,56 @@
{
lib,
pkgs,
config,
...
}:
{
options = {
youthlic.programs.helix = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = false;
description = ''
enable helix editor
'';
};
extraPackages = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = with pkgs; [
taplo
markdown-oxide
nixd
deno
nixfmt-rfc-style
];
example = (
with pkgs;
[
deno
]
);
description = ''
extra packages for helix lsp and formatter
'';
};
};
};
config =
let
cfg = config.youthlic.programs.helix;
in
{
programs.helix = lib.mkIf cfg.enable {
enable = true;
defaultEditor = true;
settings =
let
config-file = builtins.readFile ./config.toml;
config = builtins.fromTOML config-file;
in
config;
};
home.packages = cfg.extraPackages;
};
}

51
home/modules/nix.nix Normal file
View file

@ -0,0 +1,51 @@
{
inputs,
lib,
config,
pkgs,
outputs,
...
}:
{
config =
let
cfg = config.youthlic.nixos;
in
(lib.mkIf (!cfg.enable) {
nixpkgs = {
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
};
overlays = [
outputs.overlays.modifications
outputs.overlays.additions
];
};
nix = {
package = pkgs.nix;
settings = {
inherit (outputs.nix.settings) substituters;
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
];
auto-optimise-store = lib.mkDefault true;
experimental-features = [
"nix-command"
"flakes"
];
warn-dirty = false;
use-xdg-base-directories = true;
};
registry.home = lib.mkDefault {
from = {
type = "indirect";
id = "home";
};
flake = inputs.nixpkgs;
};
};
});
}

88
home/modules/shell/default.nix Normal file
View file

@ -0,0 +1,88 @@
{ config, lib, ... }:
let
inherit (lib) mkOption mkIf mkMerge;
inherit (lib.types) bool;
fish-cfg = config.youthlic.programs.fish;
bash-cfg = config.youthlic.programs.bash;
cfg-helper =
conf:
mkMerge [
conf
(mkIf fish-cfg.enable {
enableFishIntegration = true;
})
(mkIf bash-cfg.enable {
enableBashIntegration = true;
})
];
in
{
options = {
youthlic.programs = {
fish = {
enable = mkOption {
type = bool;
default = true;
description = ''
whether to use fish shell
'';
example = false;
};
};
bash = {
enable = mkOption {
type = bool;
default = true;
description = ''
whether to use bash shell
'';
example = false;
};
};
};
};
config = mkMerge [
{
programs = {
zoxide = cfg-helper {
enable = true;
};
yazi = cfg-helper {
enable = true;
};
fzf = cfg-helper {
enable = true;
};
eza = cfg-helper {
enable = true;
};
};
}
(mkIf fish-cfg.enable {
programs = {
fish = {
enable = true;
functions = {
__fish_command_not_found_handler = {
body = "__fish_default_command_not_found_handler $argv[1]";
onEvent = "fish_command_not_found";
};
fish_greeting = {
body = ''
fastfetch
'';
};
};
};
fastfetch.enable = true;
};
})
(mkIf bash-cfg.enable {
programs = {
bash = {
enable = true;
};
};
})
];
}

48
home/modules/sops.nix Normal file
View file

@ -0,0 +1,48 @@
{
lib,
config,
pkgs,
rootPath,
...
}:
{
options = {
youthlic.programs.sops = {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = ''
whether enable sops-nix or not
'';
};
keyFile = lib.mkOption {
type = lib.types.nonEmptyStr;
default = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
description = ''
path to age key file
'';
};
};
};
config =
let
cfg = config.youthlic.programs.sops;
in
lib.mkIf cfg.enable {
home.packages = (
with pkgs;
[
sops
age
]
);
sops = {
age = {
keyFile = cfg.keyFile;
generateKey = false;
};
defaultSopsFile = rootPath + "/secrets/general.yaml";
};
};
}

213
home/modules/starship/config.toml Normal file
View file

@ -0,0 +1,213 @@
"$schema" = 'https://starship.rs/config-schema.json'
[character]
success_symbol = '[λ](bold blue)'
error_symbol = '[λ](bold red)'
vimcmd_symbol = '[Λ](bold blue)'
vimcmd_replace_one_symbol = '[Λ](bold purple)'
vimcmd_replace_symbol = '[Λ](bold purple)'
vimcmd_visual_symbol = '[Λ](bold yellow)'
[[battery.display]]
threshold = 10
style = 'bold red'
[[battery.display]]
threshold = 30
style = 'bold yellow'
discharging_symbol = '💦'
[[battery.display]]
threshold = 100
style = 'green'
[git_branch]
format = 'on [$symbol$branch(:$remote_branch)]($style) '
symbol = " "
[git_status]
diverged = '⇕⇡${ahead_count}⇣${behind_count}'
conflicted = "[⚔️${count}](red)"
ahead = '[⇡${count}](bold green)'
behind = '[⇣${count}](bold yellow)'
untracked = '[!${count}](red)'
stashed = "[📦${count}](purple)"
modified = '[M${count}](bold yellow)'
staged = "[+${count}](green)"
renamed = "[»${count}](bold yellow)"
deleted = '[-${count}](blue)'
up_to_date = '[✓](green)'
format = '([(\[$all_status\])(\[$ahead_behind\])]($style) ) '
[git_commit]
format = '([\($hash$tag\)]($style) )'
only_detached = false
[directory]
fish_style_pwd_dir_length = 2
truncation_length = 2
truncate_to_repo = false
repo_root_style = "bold green"
use_os_path_sep = false
read_only = " 󰌾"
[aws]
symbol = " "
[buf]
symbol = " "
[c]
symbol = " "
[conda]
symbol = " "
[crystal]
symbol = " "
[dart]
symbol = " "
[docker_context]
symbol = " "
[elixir]
symbol = " "
[elm]
symbol = " "
[fennel]
symbol = " "
[fossil_branch]
symbol = " "
[golang]
symbol = " "
[guix_shell]
symbol = " "
[haskell]
symbol = " "
[haxe]
symbol = " "
[hg_branch]
symbol = " "
[hostname]
ssh_symbol = " "
[java]
symbol = " "
[julia]
symbol = " "
[kotlin]
symbol = " "
[lua]
symbol = " "
[memory_usage]
symbol = "󰍛 "
[meson]
symbol = "󰔷 "
[nim]
symbol = "󰆥 "
[nix_shell]
symbol = " "
[nodejs]
symbol = " "
[ocaml]
symbol = " "
[os.symbols]
Alpaquita = " "
Alpine = " "
AlmaLinux = " "
Amazon = " "
Android = " "
Arch = " "
Artix = " "
CentOS = " "
Debian = " "
DragonFly = " "
Emscripten = " "
EndeavourOS = " "
Fedora = " "
FreeBSD = " "
Garuda = "󰛓 "
Gentoo = " "
HardenedBSD = "󰞌 "
Illumos = "󰈸 "
Kali = " "
Linux = " "
Mabox = " "
Macos = " "
Manjaro = " "
Mariner = " "
MidnightBSD = " "
Mint = " "
NetBSD = " "
NixOS = " "
OpenBSD = "󰈺 "
openSUSE = " "
OracleLinux = "󰌷 "
Pop = " "
Raspbian = " "
Redhat = " "
RedHatEnterprise = " "
RockyLinux = " "
Redox = "󰀘 "
Solus = "󰠳 "
SUSE = " "
Ubuntu = " "
Unknown = " "
Void = " "
Windows = "󰍲 "
[package]
symbol = "󰏗 "
[perl]
symbol = " "
[php]
symbol = " "
[pijul_channel]
symbol = " "
[python]
symbol = " "
[rlang]
symbol = "󰟔 "
[ruby]
symbol = " "
[rust]
symbol = "󱘗 "
[scala]
symbol = " "
[swift]
symbol = " "
[zig]
symbol = " "

36
home/modules/starship/default.nix Normal file
View file

@ -0,0 +1,36 @@
{ lib, config, ... }:
let
cfg = config.youthlic.programs.starship;
in
{
options = {
youthlic.programs.starship = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = false;
description = ''
whether enable starship
'';
};
};
};
config = lib.mkIf cfg.enable {
programs.starship = lib.mkMerge [
{
enable = true;
settings =
let
config-file = builtins.readFile ./config.toml;
in
builtins.fromTOML config-file;
}
(lib.mkIf config.youthlic.programs.fish.enable {
enableFishIntegration = true;
})
(lib.mkIf config.youthlic.programs.bash.enable {
enableBashIntegration = true;
})
];
};
}

89
nixos/configurations/Tytonidae/dae/config.dae Normal file
View file

@ -0,0 +1,89 @@
include {
proxy.d/*.dae
}
global {
lan_interface: auto
wan_interface: auto
log_level: trace
allow_insecure: false
auto_config_kernel_parameter: true
dial_mode: domain
tcp_check_url: 'http://cp.cloudflare.com'
udp_check_dns: 'dns.google.com:53'
check_interval: 600s
check_tolerance: 50ms
tproxy_port: 12345
}
dns {
ipversion_prefer: 4
upstream {
googledns: 'tcp+udp://8.8.8.8:53'
alidns: 'udp://dns.alidns.com:53'
}
routing {
request {
qname(geosite: category-ads) -> reject
qname(geosite: category-ads-all) -> reject
qname(geosite: cn) -> alidns
fallback: googledns
}
response {
upstream(googledns) && ip(geoip: private) -> alidns
fallback: accept
}
}
}
group {
proxy {
filter: subtag(wget)
policy: min_moving_avg
}
us {
filter: subtag(wget) && name(keyword: "美国")
policy: min_moving_avg
}
hk {
filter: subtag(wget) && name(keyword: "香港")
policy: min_moving_avg
}
}
# 更多的 Routing 样例见 https://github.com/daeuniverse/dae/blob/main/docs/en/configuration/routing.md
routing {
pname(hickory-dns) && dport(53) -> must_direct
pname(mihomo) -> must_direct
pname(systemd-resolved) -> must_direct
domain(full: time.windows.com) -> must_direct
domain(regex: ".*wgetcloud.*v2ray.*") -> must_direct
domain(suffix: "hit.edu.cn") -> must_direct
domain(geosite: microsoft) -> proxy
# domain(geosite: onedrive) -> must_direct
domain(geosite: "category-ai-chat-!cn") -> us
domain(geosite: google) -> us
domain(geosite: google-play) -> proxy
domain(geosite: apple) -> us
domain(geosite: spotify) -> us
domain(geosite: tiktok) -> us
domain(geosite: cn) -> direct
dip(geoip:private) -> direct
dip(geoip:cn) -> direct
# dport(63434) && sip(192.168.31.170) -> hk
dip(223.5.5.5) -> direct
# ban qq dns over http
# dip(43.136.0.0/13) -> block
# dip(109.244.0.0/16) -> block
# dip(175.27.0.0/16) -> block
# dip('2409:8C1E:75B0:80::/64') -> block
fallback: proxy
}

119
nixos/configurations/Tytonidae/dae/default.nix Normal file
View file

@ -0,0 +1,119 @@
{
pkgs,
config,
rootPath,
...
}:
{
services.dae = {
enable = true;
openFirewall = {
enable = true;
port = 12345;
};
disableTxChecksumIpGeneric = false;
config = builtins.readFile ./config.dae;
};
sops.secrets.url = {
mode = "0444";
sopsFile = rootPath + "/secrets/general.yaml";
};
systemd.services =
let
new_proxy = "/etc/dae/proxy.d.new";
head = "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36";
update = ''
num=0
check=1
urls="$(${pkgs.coreutils}/bin/cat ${config.sops.secrets.url.path})"
mkdir -p ${new_proxy}
for url in "''${urls}"; do
txt=${new_proxy}/''${num}.txt
config="${new_proxy}/''${num}.dae"
${pkgs.curl}/bin/curl -H "${head}" "''${url}" > "''${txt}"
${pkgs.coreutils}/bin/echo "" > ''${config}
${pkgs.coreutils}/bin/echo 'subscription {' >> ''${config}
${pkgs.coreutils}/bin/echo \ \ wget:\ \"file\://proxy.d/''${num}.txt\" >> ''${config}
${pkgs.coreutils}/bin/echo } >> ''${config}
if [[ ! -s ''${txt} ]]; then
check=0
fi
${pkgs.coreutils}/bin/chmod 0640 ''${txt}
${pkgs.coreutils}/bin/chmod 0640 ''${config}
link=$((link+1))
if [[ ''${check} -eq 0 ]]; then
exit -1
fi
done
${pkgs.coreutils}/bin/rm -r /etc/dae/proxy.d
${pkgs.coreutils}/bin/mv ${new_proxy} /etc/dae/proxy.d
'';
in
{
"update-dae-subscription-immediate" = {
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
before = [ "dae.service" ];
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart =
let
script = pkgs.writeTextFile {
name = "update-dae-subscription-immediate";
executable = true;
destination = "/bin/script";
text = ''
${pkgs.coreutils}/bin/mkdir -p /etc/proxy.d
if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then
${pkgs.coreutils}/bin/echo "No subscription file found in /etc/dae/proxy.d. Update now..."
${update}
else
${pkgs.coreutils}/bin/echo "Found existing subscription files. Skipping immediate update."
fi
'';
};
in
[
"${pkgs.bash}/bin/bash ${script}/bin/script"
];
};
wantedBy = [ "multi-user.target" ];
};
# "update-dae-subscription-weekly" = {
# after = [ "network-online.target" ];
# wants = [ "network-online.target" ];
# wantedBy = [ "multi-user.target" ];
# serviceConfig = {
# Type = "oneshot";
# ExecStart =
# let
# script = pkgs.writeTextFile {
# name = "update-dae-subscription-weekly";
# executable = true;
# destination = "/bin/script";
# text = ''
# ${pkgs.coreutils}/bin/echo "Force subscription update..."
# ${pkgs.coreutils}/bin/mkdir -p /etc/proxy.d
# ${update}
# '';
# };
# in
# [
# "${pkgs.bash}/bin/bash ${script}/bin/script"
# ];
# };
# };
};
# systemd.timers."dae-update" = {
# wantedBy = [ "timers.target" ];
# timerConfig = {
# OnCalendar = "weekly";
# Unit = "dae-update.service";
# Persistent = true;
# };
# };
}

80
nixos/configurations/Tytonidae/default.nix Normal file
View file

@ -0,0 +1,80 @@
{ pkgs, inputs, ... }:
{
imports =
(with inputs; [
nixos-hardware.nixosModules.asus-fx506hm
])
++ [
./i18n.nix
./gui.nix
./users
./openssh.nix
./kvm.nix
./dae
./nh.nix
./steam.nix
# Include the hardware related config
./hardware-configuration.nix
./networking.nix
];
youthlic.home-manager = {
enable = true;
unixName = "david";
hostName = "Tytonidae";
};
programs.gnupg.agent = {
enable = true;
};
networking.hostName = "Tytonidae";
time.timeZone = "Asia/Shanghai";
services.printing.enable = true;
environment.systemPackages = with pkgs; [
nix-output-monitor
wget
git
vim
helix
nixd
nixfmt-rfc-style
element-desktop
discord-ptb
asusctl
vlc
btop
handbrake
wechat-uos
nvtopPackages.full
spotify
];
environment.variables.EDITOR = "hx";
nixpkgs = {
config = {
allowUnfree = true;
};
};
boot = {
kernelPackages = pkgs.linuxPackages_zen;
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.11"; # Did you read the comment?
}

72
nixos/configurations/Tytonidae/gui.nix Normal file
View file

@ -0,0 +1,72 @@
{ pkgs, ... }:
{
# Enable the X11 windowing system.
# You can disable this if you're only using the Wayland session.
services.xserver = {
display = 0;
enable = true;
};
# Enable the KDE Plasma Desktop Environment.
# services.displayManager.sddm.enable = true;
# services.desktopManager.plasma6.enable = true;
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
programs.niri = {
enable = true;
package = pkgs.niri-unstable;
};
# Configure keymap in X11
services.xserver.xkb = {
layout = "cn";
variant = "";
};
environment.systemPackages = with pkgs; [
fontconfig
];
programs.firefox.enable = true;
programs.localsend.enable = true;
fonts = {
enableDefaultPackages = false;
packages = with pkgs; [
nerd-fonts.fira-code
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
lxgw-wenkai
];
fontconfig.defaultFonts = pkgs.lib.mkForce {
serif = [
"LXGW WenKai"
"Noto Serif CJK SC"
"Noto Serif"
];
sansSerif = [
"Noto Serif CJK SC"
"Noto Serif"
];
monospace = [
"FiraCode Nerd Font"
];
emoji = [ "Noto Color Emoji" ];
};
};
services.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
}

58
nixos/configurations/Tytonidae/hardware-configuration.nix Normal file
View file

@ -0,0 +1,58 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/b638dbc9-8945-482d-9d10-193271d3df98";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/A779-6930";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
swapDevices = [
{ device = "/dev/disk/by-uuid/7f7e95f2-8f2a-4998-bd71-01466e8ecc98"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno2.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s13f0u1u1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

43
nixos/configurations/Tytonidae/i18n.nix Normal file
View file

@ -0,0 +1,43 @@
{
pkgs,
outputs,
...
}:
{
i18n = {
defaultLocale = "C.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "zh_CN.UTF-8";
LC_IDENTIFICATION = "zh_CN.UTF-8";
LC_MEASUREMENT = "zh_CN.UTF-8";
LC_MONETARY = "zh_CN.UTF-8";
LC_NAME = "zh_CN.UTF-8";
LC_NUMERIC = "zh_CN.UTF-8";
LC_PAPER = "zh_CN.UTF-8";
LC_TELEPHONE = "zh_CN.UTF-8";
LC_TIME = "zh_CN.UTF-8";
};
inputMethod = {
enable = true;
type = "fcitx5";
fcitx5 = {
addons = with pkgs; [
libsForQt5.fcitx5-qt
fcitx5-gtk
fcitx5-configtool
fcitx5-chinese-addons
(fcitx5-rime.override {
rimeDataPkgs = (
with (outputs.packages."${pkgs.system}");
[
rime-ice
]
);
})
];
waylandFrontend = true;
};
};
};
}

9
nixos/configurations/Tytonidae/kvm.nix Normal file
View file

@ -0,0 +1,9 @@
{ ... }:
{
programs.virt-manager.enable = true;
virtualisation = {
libvirtd.enable = true;
spiceUSBRedirection.enable = true;
};
}

36
nixos/configurations/Tytonidae/networking.nix Normal file
View file

@ -0,0 +1,36 @@
{ ... }:
{
systemd.network = {
enable = true;
wait-online.enable = false;
networks = {
"eno2" = {
matchConfig.Name = "eno2";
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
};
};
};
};
networking = {
networkmanager.enable = false;
useNetworkd = true;
useDHCP = false;
wireless.iwd = {
enable = true;
settings = {
General = {
EnableNetworkConfiguration = true;
};
Network = {
EnableIPv6 = true;
NameResolvingService = "systemd";
};
};
};
firewall.enable = false;
};
}

11
nixos/configurations/Tytonidae/nh.nix Normal file
View file

@ -0,0 +1,11 @@
{
...
}:
{
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = ./..;
};
}

37
nixos/configurations/Tytonidae/openssh.nix Normal file
View file

@ -0,0 +1,37 @@
{ ... }:
{
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
X11Forwarding = true;
PermitRootLogin = "no";
LogLevel = "VERBOSE";
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
"hmac-sha2-512"
"hmac-sha2-256"
"umac-128@openssh.com"
];
Ciphers = [
"chacha20-poly1305@openssh.com"
"aes256-gcm@openssh.com"
"aes128-gcm@openssh.com"
"aes256-ctr"
"aes192-ctr"
"aes128-ctr"
];
KexAlgorithms = [
"curve25519-sha256@libssh.org"
"ecdh-sha2-nistp521"
"ecdh-sha2-nistp384"
"ecdh-sha2-nistp256"
"diffie-hellman-group-exchange-sha256"
];
};
ports = [ 3022 ];
};
}

12
nixos/configurations/Tytonidae/steam.nix Normal file
View file

@ -0,0 +1,12 @@
{ ... }:
{
config = {
hardware.graphics.enable32Bit = true;
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
};
}

18
nixos/configurations/Tytonidae/users/david.nix Normal file
View file

@ -0,0 +1,18 @@
{ pkgs, ... }:
{
users.users.david = {
isNormalUser = true;
description = "david";
extraGroups = [
"networkmanager"
"libvirtd"
"wheel"
];
};
programs.fish.enable = true;
users.users.david.shell = pkgs.fish;
users.users.david.openssh.authorizedKeys.keyFiles = [
./tytonidae.pub
];
}

6
nixos/configurations/Tytonidae/users/default.nix Normal file
View file

@ -0,0 +1,6 @@
{ ... }:
{
imports = [
./david.nix
];
}

1
nixos/configurations/Tytonidae/users/tytonidae.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETMs9b4xfFRsgPZUzrVce3J27p0LBKLfZwhNMen0Da9 david@nixos

30
nixos/modules/default.nix Normal file
View file

@ -0,0 +1,30 @@
{
inputs,
outputs,
pkgs,
...
}:
{
imports =
(with inputs; [
niri-flake.nixosModules.niri
nixos-cosmic.nixosModules.default
home-manager.nixosModules.home-manager
dae.nixosModules.dae
sops-nix.nixosModules.sops
])
++ [
./nix.nix
./home.nix
./sops.nix
];
config = {
nixpkgs = {
overlays = with outputs.overlays; [
modifications
additions
];
};
};
}

68
nixos/modules/home.nix Normal file
View file

@ -0,0 +1,68 @@
{
inputs,
outputs,
lib,
config,
pkgs,
rootPath,
...
}:
{
options.youthlic.home-manager = {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = ''
whether enable home-manager or not
'';
};
unixName = lib.mkOption {
type = lib.types.str;
default = "david";
example = "youthlic";
description = ''
unix name of home-manager user
'';
};
hostName = lib.mkOption {
type = lib.types.str;
example = "Tytonidae";
description = ''
host name of home-manager user
'';
};
};
config =
let
cfg = config.youthlic.home-manager;
unixName = cfg.unixName;
hostName = cfg.hostName;
in
lib.mkIf cfg.enable {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."${cfg.unixName}" = (
{ ... }:
{
imports = [
outputs.homeManagerModules."${unixName}"
(rootPath + "/home/${unixName}/configurations/${hostName}")
];
config = {
youthlic.nixos.enable = true;
};
}
);
extraSpecialArgs = {
inherit outputs inputs rootPath;
inherit (cfg) unixName hostName;
inherit (pkgs) system;
};
backupFileExtension = "backup";
sharedModules = [ outputs.homeManagerModules.default ];
};
};
}

45
nixos/modules/nix.nix Normal file
View file

@ -0,0 +1,45 @@
{
inputs,
outputs,
pkgs,
lib,
...
}:
{
config = {
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
settings = {
inherit (outputs.nix.settings) substituters;
trusted-users = [
"root"
"@wheel"
];
trusted-public-keys = [
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
auto-optimise-store = lib.mkDefault true;
experimental-features = [
"nix-command"
"flakes"
];
warn-dirty = false;
system-features = [
"kvm"
"big-parallel"
];
use-xdg-base-directories = true;
builders-use-substitutes = true;
};
package = pkgs.nix;
registry.sys = lib.mkDefault {
from = {
type = "indirect";
id = "sys";
};
flake = inputs.nixpkgs;
};
};
};
}

20
nixos/modules/sops.nix Normal file
View file

@ -0,0 +1,20 @@
{
rootPath,
config,
...
}:
{
config = {
sops.defaultSopsFile = rootPath + "/secrets/general.yaml";
sops.age =
let
unixName = config.youthlic.home-manager.unixName;
cfg = config.users.users."${unixName}";
in
{
keyFile = "${cfg.home}/.config/sops/age/keys.txt";
sshKeyPaths = [ ];
generateKey = false;
};
};
}

7
nixpkgs.nix Normal file
View file

@ -0,0 +1,7 @@
let
lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked;
in
import (fetchTarball {
url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz";
sha256 = lock.narHash;
})

9
overlays/additions/default.nix Normal file
View file

@ -0,0 +1,9 @@
{ ... }@args:
final: prev:
let
inherit (prev) lib;
overlay-files = [
];
overlay-list = map (file: import file args) overlay-files;
in
(lib.composeManyExtensions overlay-list) final prev

13
overlays/modifications/default.nix Normal file
View file

@ -0,0 +1,13 @@
{ ... }@args:
final: prev:
let
inherit (prev) lib;
overlay-files = [
./helix.nix
./spotify.nix
./niri.nix
./ghostty.nix
];
overlay-list = map (file: import file args) overlay-files;
in
(lib.composeManyExtensions overlay-list) final prev

9
overlays/modifications/ghostty.nix Normal file
View file

@ -0,0 +1,9 @@
{ inputs, ... }:
final: prev:
let
inherit (final) stdenv;
inherit (stdenv.hostPlatform) system;
in
{
ghostty = inputs.ghostty.packages."${system}".default;
}

9
overlays/modifications/helix.nix Normal file
View file

@ -0,0 +1,9 @@
{ inputs, ... }:
final: prev:
let
inherit (final) stdenv;
inherit (stdenv.hostPlatform) system;
in
{
helix = inputs.helix.packages."${system}".default;
}

1
overlays/modifications/niri.nix Normal file
View file

@ -0,0 +1 @@
{ inputs, ... }: inputs.niri-flake.overlays.niri

1
overlays/modifications/spotify.nix Normal file
View file

@ -0,0 +1 @@
{ inputs, ... }: inputs.oskars-dotfiles.overlays.spotx

24
pkgs/default.nix Normal file
View file

@ -0,0 +1,24 @@
{
pkgs,
inputs,
...
}:
{
immersive-translate =
(pkgs.callPackage "${inputs.firefox-addons}/default.nix" { }).firefox-addons.immersive-translate;
}
// (
let
nur-xddxdd = (pkgs.callPackage "${inputs.nur-xddxdd}/default.nix" { });
in
pkgs.lib.genAttrs [ "rime-zhwiki" "rime-moegirl" ] (name: nur-xddxdd."${name}")
// {
rime-ice = nur-xddxdd.rime-ice.overrideAttrs {
buildPhase = ''
runHook preBuild
runHook postBuild
'';
};
}
)

23
secrets/general.yaml Normal file
View file

@ -0,0 +1,23 @@
ssh-private-key: ENC[AES256_GCM,data:hT2/OaZBAXK8eQe0qAxHw8nO6Z9ErzUdGWUgN/0c04NKUz6dyynKXsSEE7sC/P/WfUCOTXVgf7u/SY2/hMBG2tpceEwx2FDVJnUDF6Wi/2U8C1z3TjBitjYY1apku3lMTNYF7GwflUA+lB3xcKJ9dKnJlU/5moPqCf58G5w9DFXM1YJcUfVQ1Cl5MKguJkxpSw4MMm7QxGhruX5C/a84TYIZC/IHll3f1e6qvM+5TEibXIa9LBMcT7pxw4SQ/vhPmAJO54/GHbktTHxkjPbo2keGr3J1Im+TlX9OB81cbNZMxIn++Igw9iffF0LZmudmndLhWFPUK0itpkP8pjMY3rIrI6KsPG/7w4zQMO0p6rNfeGjkLvKp3mj5mYRlBdMaqtiqngAxzelsKaVhXlO+JXR+qdpONico8mRP+f3KSJU6gmGCIw0RNFcBlV/NN2VNUTxBS7/cwYGKF1kkb4Or9h5l5N7Ta1U5m2PEYclrneuclx6fdKXfChLG65E0l86EgpMyC6hHSL1x51e8QJSnHBkbjAMI59Kj9sy4QE8J4/a3q1D/sr/bn2t2Y7W0CckK7iPqyeiA0RSXiIVZ,iv:QVQCQJyc2ZgSzBpJ2MIrjgxBKghpr48k9yGzBUIoffg=,tag:3zo3vzwqWhQkAWB4N4R0NQ==,type:str]
git-credential: ENC[AES256_GCM,data:Rt6ccMJ+D/Jv1U7Ex51j4zIKp5KIyPFJdWZwJyW6liU5CHxBfrFWeNOJobhT5tFPrhzHRUI=,iv:f2SYFKpAcHoKG3dMsniKRi02EFDzwgzzli5Qzw8CWqo=,tag:hUi0FAZ7+2+mcqUsz5HtbQ==,type:str]
url: ENC[AES256_GCM,data:n152X334cpUJXgm/0D+mbF2xDOSq/xT4xO3rBLjxEkcAexkn7lIm2mHKLaumBO0M7YC6gP/AVZlhOrpC7EtwwyzvxFgZIYBT0u3pKRpp2ifedMXd/7iKq45vu3xltX8blFF5TcMslO4UsXJEc+NxnCMS/PvO,iv:RWFUzHi2t06CqY1fHPTFUJevyW0bXc1xuhsjfZd3UAw=,tag:BWGxxAtfoJ8tbbbKbkzQRw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjQ2IrRG90eUJUT1grZEtV
N25XNDI0Z0JlZ2RJWU5LN05jbDQwL0hMMkU4Cm5sVHpiVHV5UVdIY24xNFZYTmpm
TUlyZmQ1TTZuaHB3aFpzV2hPZnNNZGcKLS0tIGJrN1lqWUFOU09XcFJ5Mys0WjV6
dTkwcThVQTNYZ0RKWnIwMEgzQ2lYMVEKWs0OsGlPCRfsjZwntyVa6RGhZLye35kX
3PDxZ66jP63OGi5Hai17fp5IvT3/mIRWh6UMq44TFz9OQoUWCymakg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-12T08:58:47Z"
mac: ENC[AES256_GCM,data:XXdGGA/S6tg3xlsLwEtRjLHIVRRQHR2MBIeZv+9VtGYG1cBJD64RGZBCAJ5Jaw7WctcqZqj0Q1C9rIgNyv8ZYJTum3ok469WNFfcoDkPCr12nAO7vujvZp5xA5KfOdiP3wrHmorD4hl8qfv2oURm2RDcfzMIL2LWgNiwWndXs+I=,iv:RVHpsunJlOzN3QxxPfQdkUiC+Tf71j4L7SGEeTfDzYM=,tag:BgMqfCz1RG5Kl5PCIf/HdQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.2

21
secrets/ssh-config.yaml Normal file
View file

@ -0,0 +1,21 @@
ssh-config: ENC[AES256_GCM,data:kQe12czlvgScrtOae32PpKNrXREh1XP5n7WrFvBb4NcGLRj0j61T490D5v6vgTzppyQnU84tTNVtMBUfdLN6jjdli8cEM71qcKy4eLw=,iv:FaUEI9dYamBt7kI9quCNBXZwDzTosR4ad1JQq6IatBE=,tag:R4TTA6iMrRQPt1ApYBGfEg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmWklncVlZbTFXdndXUmJ4
bTlyOEkvZE5aUnJHQzRJVjRBK2dja2RmaGpZCnNQRTdJeXJHSTFLaGx3SUpBUUI5
R1p5Y0w3OG1KYmZScDczelVkdFBReDAKLS0tIHZSM2Y5NExYVzArVWppK01vQUtF
K1A5bnBxMjJPV2NyRzNuOXVSY2tkZFUKinl6fL9caEM/bzTfQYk8ZCYLsMdgwmJE
LhNSWMFL9zqxSFFZ5GrrT/hATR+5AckKydD+3uYxQbGKO8TO39HVKQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-12T08:59:41Z"
mac: ENC[AES256_GCM,data:uJ7GrffSlgKCxxmCVrrs1gNTpEEs/B8F9aEHHTdwlSFCTxcueNbIP2RaQVRQmyZO5CDTD/srmCT1dwPwAaxQE49OFUwUDgpn2JMjQdTyLmbK5+JDfvvMNnv/OVNaQUvVPsPoA1CqCqrpKOLh6kfp1FpYkPpZFOoQWByKw/FmSL8=,iv:CX4RJvRJce7wLUxyM1Fi89G1PINte9gxXoBfYMHn4NQ=,tag:12eZ1TZLsdlDpUZa/1HPWA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.2