diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..0da102d --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,7 @@ +keys: + - &master age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g +creation_rules: + - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *master diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..f80d5d2 --- /dev/null +++ b/flake.lock @@ -0,0 +1,1097 @@ +{ + "nodes": { + "crane": { + "locked": { + "lastModified": 1727974419, + "narHash": "sha256-WD0//20h+2/yPGkO88d2nYbb23WMWYvnRyDQ9Dx4UHg=", + "owner": "ipetkov", + "repo": "crane", + "rev": "37e4f9f0976cb9281cd3f0c70081e5e0ecaee93f", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "dae": { + "inputs": { + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1736423292, + "narHash": "sha256-b4Dsf7/2A+CpfpKYEwcj5Xs9ftJpoLT80onYb0WTedw=", + "owner": "daeuniverse", + "repo": "flake.nix", + "rev": "5022a7b3895d8cfa12cbb2c0db09ed4ecf0a02b8", + "type": "github" + }, + "original": { + "owner": "daeuniverse", + "repo": "flake.nix", + "type": "github" + } + }, + "firefox-addons": { + "flake": false, + "locked": { + "dir": "pkgs/firefox-addons", + "lastModified": 1736568198, + "narHash": "sha256-RBTk5KavYsPZ56m9C2evS4pDkEu3+NdxY6mFNbo8DH8=", + "ref": "master", + "rev": "7f8746a7ef2d15b8fb4acc63cb0d7e3a407739bf", + "revCount": 4035, + "type": "git", + "url": "https://gitlab.com/rycee/nur-expressions.git?dir=pkgs/firefox-addons" + }, + "original": { + "dir": "pkgs/firefox-addons", + "ref": "master", + "type": "git", + "url": "https://gitlab.com/rycee/nur-expressions.git?dir=pkgs/firefox-addons" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1717312683, + "narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=", + "owner": "nix-community", + "repo": "flake-compat", + "rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "revCount": 57, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_2" + }, + "locked": { + "lastModified": 1736143030, + "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_3" + }, + "locked": { + "lastModified": 1733312601, + "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_4": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_4" + }, + "locked": { + "lastModified": 1727826117, + "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "ghostty": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs-stable": "nixpkgs-stable", + "nixpkgs-unstable": "nixpkgs-unstable", + "zig": "zig" + }, + "locked": { + "lastModified": 1736664300, + "narHash": "sha256-R7X3dwXJ4EpldK8xAYc71NavYJIQy6F2PiCclBNXGlE=", + "owner": "ghostty-org", + "repo": "ghostty", + "rev": "e3b6bb71a051f572b04617194d9d82d1df6dc9df", + "type": "github" + }, + "original": { + "owner": "ghostty-org", + "repo": "ghostty", + "type": "github" + } + }, + "helix": { + "inputs": { + "crane": "crane", + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1736645984, + "narHash": "sha256-imC/8ohwtyn0z35diDMe322OCJvTh31ga+ma4S4FIz4=", + "owner": "helix-editor", + "repo": "helix", + "rev": "0f2ce303c5cac34ba88469d3ee13d44967f3e903", + "type": "github" + }, + "original": { + "owner": "helix-editor", + "ref": "master", + "repo": "helix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1736508663, + "narHash": "sha256-ZOaGwa+WnB7Zn3YXimqjmIugAnHePdXCmNu+AHkq808=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "2532b500c3ed2b8940e831039dcec5a5ea093afc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "oskars-dotfiles", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731880681, + "narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, + "niri-flake": { + "inputs": { + "niri-stable": "niri-stable", + "niri-unstable": "niri-unstable", + "nixpkgs": "nixpkgs_2", + "nixpkgs-stable": "nixpkgs-stable_2", + "xwayland-satellite-stable": "xwayland-satellite-stable", + "xwayland-satellite-unstable": "xwayland-satellite-unstable" + }, + "locked": { + "lastModified": 1736673871, + "narHash": "sha256-NdVXsCowp7EoljenuHyQDvdlAoSR1SM+AtdlgyqlqtY=", + "owner": "sodiboo", + "repo": "niri-flake", + "rev": "488841331264a7b1315830ab0425cfdd469d43a1", + "type": "github" + }, + "original": { + "owner": "sodiboo", + "repo": "niri-flake", + "type": "github" + } + }, + "niri-stable": { + "flake": false, + "locked": { + "lastModified": 1731483594, + "narHash": "sha256-Qjf7alRbPPERfiZsM9EMKX+HwjESky1tieh5PJIkLwE=", + "owner": "YaLTeR", + "repo": "niri", + "rev": "75c79116a7e40cbc0e110ce0cdd500e896458679", + "type": "github" + }, + "original": { + "owner": "YaLTeR", + "ref": "v0.1.10.1", + "repo": "niri", + "type": "github" + } + }, + "niri-unstable": { + "flake": false, + "locked": { + "lastModified": 1736614405, + "narHash": "sha256-AJ1rlgNOPb3/+DbS5hkhm21t6Oz8IgqLllwmZt0lyzk=", + "owner": "YaLTeR", + "repo": "niri", + "rev": "e05bc269e678ecf828b96ae79c991c13b00b38a5", + "type": "github" + }, + "original": { + "owner": "YaLTeR", + "repo": "niri", + "type": "github" + } + }, + "nix-citizen": { + "inputs": { + "nix-gaming": [ + "oskars-dotfiles", + "nix-gaming" + ], + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "oskars-dotfiles", + "nixpkgs" + ], + "nixpkgs-wine": "nixpkgs-wine", + "systems": "systems_4", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1731422383, + "narHash": "sha256-xSFuMAgozwnM4sllEab9HmKuYesZ5JZrlxwUP6+UNn8=", + "owner": "LovingMelody", + "repo": "nix-citizen", + "rev": "08463670bd3651795593d76581f54eec5f78c831", + "type": "github" + }, + "original": { + "owner": "LovingMelody", + "repo": "nix-citizen", + "type": "github" + } + }, + "nix-darwin": { + "inputs": { + "nixpkgs": [ + "oskars-dotfiles", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1735218083, + "narHash": "sha256-MoUAbmXz9TEr7zlKDRO56DBJHe30+7B5X7nhXm+Vpc8=", + "owner": "LnL7", + "repo": "nix-darwin", + "rev": "bc03f7818771a75716966ce8c23110b715eff2aa", + "type": "github" + }, + "original": { + "owner": "LnL7", + "repo": "nix-darwin", + "type": "github" + } + }, + "nix-gaming": { + "inputs": { + "flake-parts": "flake-parts_4", + "nixpkgs": [ + "oskars-dotfiles", + "nixpkgs" + ], + "umu": "umu" + }, + "locked": { + "lastModified": 1730186798, + "narHash": "sha256-rGrhFuH3d869rG1cmfuuuPksKyCJUfkBTenQbtnlsr8=", + "owner": "fufexan", + "repo": "nix-gaming", + "rev": "8756862665662edad5bbb098d0cba727cde57fec", + "type": "github" + }, + "original": { + "owner": "fufexan", + "repo": "nix-gaming", + "rev": "8756862665662edad5bbb098d0cba727cde57fec", + "type": "github" + } + }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "oskars-dotfiles", + "nix-citizen", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729742964, + "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, + "nixos-cosmic": { + "inputs": { + "flake-compat": "flake-compat_2", + "nixpkgs": "nixpkgs_3", + "nixpkgs-stable": "nixpkgs-stable_3" + }, + "locked": { + "lastModified": 1736577408, + "narHash": "sha256-h6hi94y9bTl9DQV4keGpYAfJhnH50rxxEdQlGL7QENw=", + "owner": "lilyinstarlight", + "repo": "nixos-cosmic", + "rev": "a934c861065b6b1aca9a859c45631336e0e8560c", + "type": "github" + }, + "original": { + "owner": "lilyinstarlight", + "repo": "nixos-cosmic", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1736441705, + "narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1730531603, + "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-darwin": { + "locked": { + "lastModified": 1735171749, + "narHash": "sha256-UA56kDQSztRWbpsG9bK+jIGyZ0YZAcIsYAhXDHIr8zs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "03b02bb3356e29e9d4d1200f9b1f5f36bf3780f0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-24.11-darwin", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1730504152, + "narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" + } + }, + "nixpkgs-lib_2": { + "locked": { + "lastModified": 1735774519, + "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + } + }, + "nixpkgs-lib_3": { + "locked": { + "lastModified": 1733096140, + "narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + } + }, + "nixpkgs-lib_4": { + "locked": { + "lastModified": 1727825735, + "narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1733423277, + "narHash": "sha256-TxabjxEgkNbCGFRHgM/b9yZWlBj60gUOUnRT/wbVQR8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e36963a147267afc055f7cf65225958633e536bf", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "release-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1736549401, + "narHash": "sha256-ibkQrMHxF/7TqAYcQE+tOnIsSEzXmMegzyBWza6uHKM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1dab772dd4a68a7bba5d9460685547ff8e17d899", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_3": { + "locked": { + "lastModified": 1736200483, + "narHash": "sha256-JO+lFN2HsCwSLMUWXHeOad6QUxOuwe9UOAF/iSl1J4I=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3f0a8ac25fb674611b98089ca3a5dd6480175751", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1733229606, + "narHash": "sha256-FLYY5M0rpa5C2QAE3CKLYAM6TwbKicdRK6qNrSHlNrE=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "566e53c2ad750c84f6d31f9ccb9d00f823165550", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable_2": { + "locked": { + "lastModified": 1731676054, + "narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-wine": { + "locked": { + "lastModified": 1729519156, + "narHash": "sha256-/T/nMj4oOfiyhiBol4Bzh2EYdJunNo8zXzBoR8vVChY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "03ddbd42cbdfbca5ce5583a8c1b526f36c0d46f3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "03ddbd42cbdfbca5ce5583a8c1b526f36c0d46f3", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1736523798, + "narHash": "sha256-Xb8mke6UCYjge9kPR9o4P1nVrhk7QBbKv3xQ9cj7h2s=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "130595eba61081acde9001f43de3248d8888ac4a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1736344531, + "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1736523798, + "narHash": "sha256-Xb8mke6UCYjge9kPR9o4P1nVrhk7QBbKv3xQ9cj7h2s=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "130595eba61081acde9001f43de3248d8888ac4a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1731941414, + "narHash": "sha256-2Xf90oIkzvOjzZBIgLxga6DqidvB6CSODE5+DODfLeI=", + "owner": "nix-community", + "repo": "NUR", + "rev": "23a30a846dc89a997f42f2d7e64d6f38564014ae", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, + "nur-xddxdd": { + "flake": false, + "locked": { + "dir": "/pkgs/uncategorized", + "lastModified": 1736677919, + "narHash": "sha256-dH8Orqzi/cAL3lPG59+31uUXKekLFjzKNk8aNVw9i1w=", + "owner": "xddxdd", + "repo": "nur-packages", + "rev": "fe4bc65d52bda9cffbf839d18b86a6ee1e7bc700", + "type": "github" + }, + "original": { + "dir": "/pkgs/uncategorized", + "owner": "xddxdd", + "ref": "master", + "repo": "nur-packages", + "type": "github" + } + }, + "oskars-dotfiles": { + "inputs": { + "flake-parts": "flake-parts_3", + "home-manager": "home-manager_2", + "nix-citizen": "nix-citizen", + "nix-darwin": "nix-darwin", + "nix-gaming": "nix-gaming", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-darwin": "nixpkgs-darwin", + "nixpkgs-unstable": "nixpkgs-unstable_2", + "nur": "nur", + "rust-overlay": "rust-overlay_2", + "winapps": "winapps" + }, + "locked": { + "lastModified": 1736534254, + "narHash": "sha256-l+vqwraGjPfvRd5bEOsF9x/y5zy0ITmpZH63z94aQiU=", + "owner": "oskardotglobal", + "repo": ".dotfiles", + "rev": "7dc008853645606d0e2f9607c0ea62b5ee2d3ac0", + "type": "github" + }, + "original": { + "owner": "oskardotglobal", + "ref": "nix", + "repo": ".dotfiles", + "type": "github" + } + }, + "root": { + "inputs": { + "dae": "dae", + "firefox-addons": "firefox-addons", + "flake-parts": "flake-parts_2", + "flake-utils": "flake-utils", + "ghostty": "ghostty", + "helix": "helix", + "home-manager": "home-manager", + "niri-flake": "niri-flake", + "nixos-cosmic": "nixos-cosmic", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_4", + "nur-xddxdd": "nur-xddxdd", + "oskars-dotfiles": "oskars-dotfiles", + "sops-nix": "sops-nix" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "helix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1728268235, + "narHash": "sha256-lJMFnMO4maJuNO6PQ5fZesrTmglze3UFTTBuKGwR1Nw=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "25685cc2c7054efc31351c172ae77b21814f2d42", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "oskars-dotfiles", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731897198, + "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1736515725, + "narHash": "sha256-4P99yL8vGehwzytkpP87eklBePt6aqeEC5JFsIzhfUs=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "f214c1b76c347a4e9c8fb68c73d4293a6820d125", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "oskars-dotfiles", + "nix-citizen", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1730321837, + "narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "746901bb8dba96d154b66492a29f5db0693dbfcc", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "umu": { + "inputs": { + "nixpkgs": [ + "oskars-dotfiles", + "nix-gaming", + "nixpkgs" + ] + }, + "locked": { + "dir": "packaging/nix", + "lastModified": 1729978972, + "narHash": "sha256-Zox0iAi4CRPn4rxrhOetFFZ2jcSipe8tGD8nMTgcjhE=", + "ref": "refs/heads/main", + "rev": "72499f349ca81cb2838eced9d7c465b2cf71c4a2", + "revCount": 825, + "submodules": true, + "type": "git", + "url": "https://github.com/Open-Wine-Components/umu-launcher/?dir=packaging/nix" + }, + "original": { + "dir": "packaging/nix", + "submodules": true, + "type": "git", + "url": "https://github.com/Open-Wine-Components/umu-launcher/?dir=packaging/nix" + } + }, + "winapps": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_4", + "nixpkgs": [ + "oskars-dotfiles", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731240784, + "narHash": "sha256-KWgQFapYdja8b67NBoEnJEEXmmVg7z9kRAcUfaMGM7Y=", + "owner": "winapps-org", + "repo": "winapps", + "rev": "9073afa69d7b4eeffdbbe05ccfc3dca4fdf8f43e", + "type": "github" + }, + "original": { + "owner": "winapps-org", + "repo": "winapps", + "type": "github" + } + }, + "xwayland-satellite-stable": { + "flake": false, + "locked": { + "lastModified": 1730166465, + "narHash": "sha256-nq7bouXQXaaPPo/E+Jbq+wNHnatD4dY8OxSrRqzvy6s=", + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "rev": "a713cf46cb7db84a0d1b57c3a397c610cad3cf98", + "type": "github" + }, + "original": { + "owner": "Supreeeme", + "ref": "v0.5", + "repo": "xwayland-satellite", + "type": "github" + } + }, + "xwayland-satellite-unstable": { + "flake": false, + "locked": { + "lastModified": 1736487362, + "narHash": "sha256-4kGoOA7FgK9N2mzS+TFEn41kUUNY6KwdiA/0rqlr868=", + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "rev": "8f55e27f63a749881c4bbfbb6b1da028342a91d1", + "type": "github" + }, + "original": { + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "type": "github" + } + }, + "zig": { + "inputs": { + "flake-compat": [ + "ghostty" + ], + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "ghostty", + "nixpkgs-stable" + ] + }, + "locked": { + "lastModified": 1717848532, + "narHash": "sha256-d+xIUvSTreHl8pAmU1fnmkfDTGQYCn2Rb/zOwByxS2M=", + "owner": "mitchellh", + "repo": "zig-overlay", + "rev": "02fc5cc555fc14fda40c42d7c3250efa43812b43", + "type": "github" + }, + "original": { + "owner": "mitchellh", + "repo": "zig-overlay", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..c398bf3 --- /dev/null +++ b/flake.nix @@ -0,0 +1,212 @@ +{ + description = "A simple NixOS flakes"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + + helix = { + url = "github:helix-editor/helix/master"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + oskars-dotfiles = { + url = "github:oskardotglobal/.dotfiles/nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + niri-flake = { + url = "github:sodiboo/niri-flake"; + }; + + nixos-cosmic = { + url = "github:lilyinstarlight/nixos-cosmic"; + }; + + ghostty = { + url = "github:ghostty-org/ghostty"; + }; + + nixos-hardware = { + url = "github:NixOS/nixos-hardware/master"; + }; + + dae = { + url = "github:daeuniverse/flake.nix"; + }; + + flake-parts = { + url = "github:hercules-ci/flake-parts"; + }; + + flake-utils = { + url = "github:numtide/flake-utils"; + }; + + nur-xddxdd = { + url = "github:xddxdd/nur-packages?ref=master&dir=/pkgs/uncategorized"; + flake = false; + }; + + firefox-addons = { + url = "git+https://gitlab.com/rycee/nur-expressions.git?dir=pkgs/firefox-addons&ref=master"; + flake = false; + }; + + sops-nix = { + url = "github:Mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + outputs = + { + self, + nixpkgs, + flake-parts, + flake-utils, + ... + }@inputs: + let + inherit (self) outputs; + rootPath = ./.; + in + flake-parts.lib.mkFlake { inherit inputs; } { + systems = flake-utils.lib.defaultSystems; + perSystem = ( + { pkgs, system, ... }@args: + { + _module.args.pkgs = import inputs.nixpkgs { + inherit system; + config = { + allowUnfree = true; + }; + }; + packages = import ./pkgs ( + args + // { + inherit inputs; + } + ); + } + ); + flake = + { + nix.settings = { + # substituters shared in home-manager and nixos configuration + substituters = + let + channelStore = x: "https://${x}/nix-channels/store"; + mirrors = map (x: channelStore "mirrors.${x}.edu.cn") [ + "bfsu" + "tuna.tsinghua" + "ustc" + ]; + cachix = x: "https://${x}.cachix.org"; + in + nixpkgs.lib.flatten [ + mirrors + (cachix "nix-community") + "https://cache.nixos.org" + (cachix "cosmic") + ]; + }; + + nixosModules.default = import ./nixos/modules; + + overlays = { + modifications = (import ./overlays/modifications { inherit inputs; }); + additions = (import ./overlays/additions { inherit inputs; }); + }; + + nixosConfigurations = + let + nixosConfigDir = ./nixos/configurations; + in + nixpkgs.lib.genAttrs + (map (f: nixpkgs.lib.removeSuffix ".nix" f) (builtins.attrNames (builtins.readDir nixosConfigDir))) + ( + hostName: + nixpkgs.lib.nixosSystem { + modules = + [ + outputs.nixosModules.default + ] + ++ [ + ( + let + dirPath = nixosConfigDir + "/${hostName}"; + filePath = nixosConfigDir + "/${hostName}.nix"; + in + if builtins.pathExists dirPath then dirPath else filePath + ) + ]; + specialArgs = { + inherit inputs outputs rootPath; + }; + } + ); + } + // ( + let + mkHomeConfig = + { + hostName, + unixName ? "david", + system ? "x86_64-linux", + nixpkgs ? inputs.nixpkgs, + home-manager ? inputs.home-manager, + }: + { + "${unixName}@${hostName}" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages."${system}"; + modules = + [ + (./home + "/${unixName}/configurations/${hostName}") + ] + ++ (with outputs.homeManagerModules; [ + default + "${unixName}" + ]); + extraSpecialArgs = { + inherit + inputs + outputs + unixName + hostName + system + rootPath + ; + }; + }; + }; + in + { + homeConfigurations = nixpkgs.lib.foldr (a: b: a // b) { } ( + map (hostName: mkHomeConfig { inherit hostName; }) [ "Tytonidae" ] + ); + homeManagerModules = + { + default = import ./home/modules; + } + // ( + let + allEntries = builtins.readDir ./home; + allUsers = nixpkgs.lib.filterAttrs ( + key: value: value == "directory" && key != "modules" + ) allEntries; + in + builtins.listToAttrs ( + map (name: { + name = name; + value = import (./home + "/${name}/modules"); + }) (builtins.attrNames allUsers) + ) + ); + } + ); + }; +} diff --git a/home/david/configurations/Tytonidae/default.nix b/home/david/configurations/Tytonidae/default.nix new file mode 100644 index 0000000..164c9f5 --- /dev/null +++ b/home/david/configurations/Tytonidae/default.nix @@ -0,0 +1,127 @@ +{ + pkgs, + config, + rootPath, + inputs, + unixName, + ... +}: +{ + imports = [ + ./firefox.nix + ./niri + ]; + + youthlic.programs = { + helix.enable = true; + gpg.enable = true; + git = { + email = "uilc.youthilc@gmail.com"; + name = "ulic-youthlic"; + signKey = "C6FCBD7F49E1CBBABD6661F7FC02063F04331A95"; + }; + fish.enable = true; + bash.enable = true; + ghostty.enable = true; + foot.enable = false; + starship.enable = true; + sops.enable = true; + }; + + xdg.userDirs = { + enable = true; + download = "${config.home.homeDirectory}/dls"; + documents = "${config.home.homeDirectory}/doc"; + music = "${config.home.homeDirectory}/mus"; + pictures = "${config.home.homeDirectory}/pic"; + videos = "${config.home.homeDirectory}/vid"; + templates = "${config.home.homeDirectory}/tpl"; + publicShare = "${config.home.homeDirectory}/pub"; + desktop = "${config.home.homeDirectory}/dsk"; + createDirectories = true; + }; + home.username = "${unixName}"; + home.homeDirectory = "/home/${unixName}"; + home.stateVersion = "24.11"; + programs.home-manager.enable = true; + programs.obs-studio = { + enable = true; + plugins = with pkgs.obs-studio-plugins; [ + obs-source-record + input-overlay + ]; + }; + home.packages = with pkgs; [ + ripgrep + fzf + file + which + gnused + gnutar + bat + gawk + zstd + tree + ouch + dust + duf + doggo + qq + telegram-desktop + ghostty + scrcpy + ast-grep + lazygit + dig + fend + gitoxide + kdePackages.kdenlive + fd + ]; + programs.ssh = { + enable = true; + hashKnownHosts = true; + extraOptionOverrides = { + HostKeyAlgorithms = "ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256"; + KexAlgorithms = "curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256"; + MACs = "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com"; + Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr"; + }; + matchBlocks = { + "github.com" = { + hostname = "ssh.github.com"; + port = 443; + user = "git"; + extraOptions = { + AddKeysToAgent = "yes"; + }; + }; + }; + includes = [ config.sops.secrets.ssh-config.path ]; + }; + programs.chromium = { + enable = true; + commandLineArgs = [ + "--ozone-platform=wayland" + "--enable-wayland-ime=true" + "--enable-features=UseOzonePlatform" + ]; + }; + dconf.settings = { + "org/virt-manager/virt-manager/connections" = { + autoconnect = [ "qemu:///system" ]; + uris = [ "qemu:///system" ]; + }; + }; + + sops.secrets."ssh-private-key" = { + mode = "0600"; + path = "${config.home.homeDirectory}/.ssh/id_ed25519"; + }; + + sops.secrets."ssh-config" = { + mode = "0400"; + format = "yaml"; + sopsFile = rootPath + "/secrets/ssh-config.yaml"; + }; +} diff --git a/home/david/configurations/Tytonidae/firefox.nix b/home/david/configurations/Tytonidae/firefox.nix new file mode 100644 index 0000000..f85ac31 --- /dev/null +++ b/home/david/configurations/Tytonidae/firefox.nix @@ -0,0 +1,126 @@ +{ + pkgs, + inputs, + outputs, + system, + ... +}: +{ + programs.firefox = { + enable = true; + languagePacks = [ + "zh-CN" + "en-US" + ]; + profiles.default = { + name = "default"; + isDefault = true; + extensions = [ + outputs.packages."${system}".immersive-translate + ]; + search = { + force = true; + default = "DuckDuckGo"; + engines = { + "Nix Packages" = { + urls = [ + { + template = "https://search.nixos.org/packages"; + params = [ + { + name = "type"; + value = "packages"; + } + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@np" ]; + }; + "Nix Options" = { + urls = [ + { + template = "https://search.nixos.org/options"; + params = [ + { + name = "channel"; + value = "unstable"; + } + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + definedAliases = [ "@no" ]; + }; + "Home Manager Options" = { + urls = [ + { + template = "https://home-manager-options.extranix.com"; + params = [ + { + name = "query"; + value = "{searchTerms}"; + } + { + name = "release"; + value = "master"; + } + ]; + } + ]; + definedAliases = [ "hm" ]; + }; + "NUR Packages" = { + urls = [ + { + template = "https://nur.nix-community.org/"; + } + ]; + definedAliases = [ "nu" ]; + }; + "Nix Flakes" = { + urls = [ + { + template = "https://search.nixos.org/flakes"; + params = [ + { + name = "channel"; + value = "unstable"; + } + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + definedAliases = [ "nf" ]; + }; + "NixOS Wiki" = { + urls = [ + { + template = "https://nixos.wiki/index.php"; + params = [ + { + name = "search"; + value = "{searchTerms}"; + } + ]; + } + ]; + definedAliases = [ "nw" ]; + }; + "Bing".metaData.hidden = true; + "Google".metaData.alias = "@g"; # builtin engines only support specifying one additional alias + }; + }; + }; + }; +} diff --git a/home/david/configurations/Tytonidae/niri/config.kdl b/home/david/configurations/Tytonidae/niri/config.kdl new file mode 100644 index 0000000..987f344 --- /dev/null +++ b/home/david/configurations/Tytonidae/niri/config.kdl @@ -0,0 +1,291 @@ +input { + keyboard { + xkb { + } + } + + touchpad { + tap + natural-scroll + } + + mouse { + } + + trackpoint { + } +} + +output "DP-1" { + mode "2560x1440@169.900" + scale 1 + transform "normal" + position x=0 y=0 +} + + +output "eDP-1" { + mode "2560x1440@165.003" + scale 1.5 + transform "normal" + position x=2560 y=0 +} + +layout { + gaps 16 + center-focused-column "never" + preset-column-widths { + proportion 0.33333 + proportion 0.5 + proportion 0.66667 + } + + // You can also customize the heights that "switch-preset-window-height" (Mod+Shift+R) toggles between. + // preset-window-heights { } + + default-column-width {} + + // By default focus ring and border are rendered as a solid background rectangle + // behind windows. That is, they will show up through semitransparent windows. + // This is because windows using client-side decorations can have an arbitrary shape. + // + // If you don't like that, you should uncomment `prefer-no-csd` below. + // Niri will draw focus ring and border *around* windows that agree to omit their + // client-side decorations. + // + // Alternatively, you can override it with a window rule called + // `draw-border-with-background`. + + // You can change how the focus ring looks. + focus-ring { + // Uncomment this line to disable the focus ring. + // off + + // How many logical pixels the ring extends out from the windows. + width 4 + + // Colors can be set in a variety of ways: + // - CSS named colors: "red" + // - RGB hex: "#rgb", "#rgba", "#rrggbb", "#rrggbbaa" + // - CSS-like notation: "rgb(255, 127, 0)", rgba(), hsl() and a few others. + + // Color of the ring on the active monitor. + active-color "#7fc8ff" + + // Color of the ring on inactive monitors. + inactive-color "#505050" + + // You can also use gradients. They take precedence over solid colors. + // Gradients are rendered the same as CSS linear-gradient(angle, from, to). + // The angle is the same as in linear-gradient, and is optional, + // defaulting to 180 (top-to-bottom gradient). + // You can use any CSS linear-gradient tool on the web to set these up. + // Changing the color space is also supported, check the wiki for more info. + // + // active-gradient from="#80c8ff" to="#bbddff" angle=45 + + // You can also color the gradient relative to the entire view + // of the workspace, rather than relative to just the window itself. + // To do that, set relative-to="workspace-view". + // + // inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view" + } + + // You can also add a border. It's similar to the focus ring, but always visible. + border { + // The settings are the same as for the focus ring. + // If you enable the border, you probably want to disable the focus ring. + off + + width 4 + active-color "#ffc87f" + inactive-color "#505050" + + // active-gradient from="#ffbb66" to="#ffc880" angle=45 relative-to="workspace-view" + // inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view" + } + + // Struts shrink the area occupied by windows, similarly to layer-shell panels. + // You can think of them as a kind of outer gaps. They are set in logical pixels. + // Left and right struts will cause the next window to the side to always be visible. + // Top and bottom struts will simply add outer gaps in addition to the area occupied by + // layer-shell panels and regular gaps. + struts { + // left 64 + // right 64 + // top 64 + // bottom 64 + } +} + +// Add lines like this to spawn processes at startup. +// Note that running niri as a session supports xdg-desktop-autostart, +// which may be more convenient to use. +// See the binds section below for more spawn examples. +environment { + DISPLAY ":1" +} +spawn-at-startup "waybar" +spawn-at-startup "mako" +spawn-at-startup "swaybg" "-i" "/home/david/pic/wallpaper/screenbackground.png" +spawn-at-startup "fcitx5" "-d" "--replace" +spawn-at-startup "xwayland-satellite" ":1" + +// Uncomment this line to ask the clients to omit their client-side decorations if possible. +// If the client will specifically ask for CSD, the request will be honored. +// Additionally, clients will be informed that they are tiled, removing some client-side rounded corners. +// This option will also fix border/focus ring drawing behind some semitransparent windows. +// After enabling or disabling this, you need to restart the apps for this to take effect. +// prefer-no-csd + +screenshot-path "~/pic/screenshot%Y-%m-%d-%H-%M-%S.png" + +// You can also set this to null to disable saving screenshots to disk. +// screenshot-path null + +animations { + // Slow down all animations by this factor. Values below 1 speed them up instead. + // slowdown 3.0 +} + +window-rule { + match app-id=r#"^org\.wezfurlong\.wezterm$"# + default-column-width {} +} +window-rule { + match app-id=r#"^org\.keepassxc\.KeePassXC$"# + match app-id=r#"^org\.gnome\.World\.Secrets$"# + + block-out-from "screen-capture" +} +window-rule { + draw-border-with-background false +} + +// Example: enable rounded corners for all windows. +// (This example rule is commented out with a "/-" in front.) +/-window-rule { + geometry-corner-radius 12 + clip-to-geometry true +} + +binds { + Mod+Shift+Slash { show-hotkey-overlay; } + + Mod+T { spawn "ghostty"; } + Mod+Space { spawn "fuzzel"; } + + XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"; } + XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"; } + XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; } + XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; } + + Mod+Q { close-window; } + + Mod+Left { focus-column-left; } + Mod+Down { focus-window-down; } + Mod+Up { focus-window-up; } + Mod+Right { focus-column-right; } + Mod+H { focus-column-left; } + Mod+J { focus-window-or-workspace-down; } + Mod+K { focus-window-or-workspace-up; } + Mod+L { focus-column-right; } + + Mod+Shift+Left { move-column-left; } + Mod+Shift+Down { move-window-down; } + Mod+Shift+Up { move-window-up; } + Mod+Shift+Right { move-column-right; } + Mod+Shift+H { move-column-left; } + Mod+Shift+J { move-window-down-or-to-workspace-down; } + Mod+Shift+K { move-window-up-or-to-workspace-up; } + Mod+Shift+L { move-column-right; } + + Mod+Home { focus-column-first; } + Mod+End { focus-column-last; } + Mod+Ctrl+Home { move-column-to-first; } + Mod+Ctrl+End { move-column-to-last; } + + Mod+Ctrl+Left { focus-monitor-left; } + Mod+Ctrl+Down { focus-monitor-down; } + Mod+Ctrl+Up { focus-monitor-up; } + Mod+Ctrl+Right { focus-monitor-right; } + Mod+Ctrl+H { focus-monitor-left; } + Mod+Ctrl+J { focus-monitor-down; } + Mod+Ctrl+K { focus-monitor-up; } + Mod+Ctrl+L { focus-monitor-right; } + + Mod+Shift+Ctrl+Left { move-column-to-monitor-left; } + Mod+Shift+Ctrl+Down { move-column-to-monitor-down; } + Mod+Shift+Ctrl+Up { move-column-to-monitor-up; } + Mod+Shift+Ctrl+Right { move-column-to-monitor-right; } + Mod+Shift+Ctrl+H { move-column-to-monitor-left; } + Mod+Shift+Ctrl+J { move-column-to-monitor-down; } + Mod+Shift+Ctrl+K { move-column-to-monitor-up; } + Mod+Shift+Ctrl+L { move-column-to-monitor-right; } + + Mod+Page_Down { focus-workspace-down; } + Mod+Page_Up { focus-workspace-up; } + Mod+U { focus-workspace-down; } + Mod+I { focus-workspace-up; } + Mod+Shift+Page_Down { move-column-to-workspace-down; } + Mod+Shift+Page_Up { move-column-to-workspace-up; } + Mod+Shift+U { move-column-to-workspace-down; } + Mod+Shift+I { move-column-to-workspace-up; } + + Mod+Ctrl+Page_Down { move-workspace-down; } + Mod+Ctrl+Page_Up { move-workspace-up; } + Mod+Ctrl+U { move-workspace-down; } + Mod+Ctrl+I { move-workspace-up; } + + Mod+Shift+WheelScrollDown cooldown-ms=150 { focus-workspace-down; } + Mod+Shift+WheelScrollUp cooldown-ms=150 { focus-workspace-up; } + Mod+WheelScrollDown { focus-column-right; } + Mod+WheelScrollUp { focus-column-left; } + + Mod+1 { focus-workspace 1; } + Mod+2 { focus-workspace 2; } + Mod+3 { focus-workspace 3; } + Mod+4 { focus-workspace 4; } + Mod+5 { focus-workspace 5; } + Mod+6 { focus-workspace 6; } + Mod+7 { focus-workspace 7; } + Mod+8 { focus-workspace 8; } + Mod+9 { focus-workspace 9; } + Mod+Shift+1 { move-column-to-workspace 1; } + Mod+Shift+2 { move-column-to-workspace 2; } + Mod+Shift+3 { move-column-to-workspace 3; } + Mod+Shift+4 { move-column-to-workspace 4; } + Mod+Shift+5 { move-column-to-workspace 5; } + Mod+Shift+6 { move-column-to-workspace 6; } + Mod+Shift+7 { move-column-to-workspace 7; } + Mod+Shift+8 { move-column-to-workspace 8; } + Mod+Shift+9 { move-column-to-workspace 9; } + + Mod+Tab { focus-workspace-previous; } + + Mod+BracketLeft { consume-or-expel-window-left; } + Mod+BracketRight { consume-or-expel-window-right; } + + Mod+Comma { consume-window-into-column; } + + Mod+Period { expel-window-from-column; } + + Mod+R { switch-preset-column-width; } + Mod+Shift+R { switch-preset-window-height; } + Mod+Ctrl+R { reset-window-height; } + Mod+M { maximize-column; } + Mod+Shift+M { fullscreen-window; } + Mod+Z { center-column; } + + Mod+Minus { set-column-width "-10%"; } + Mod+Equal { set-column-width "+10%"; } + + Mod+Shift+Minus { set-window-height "-10%"; } + Mod+Shift+Equal { set-window-height "+10%"; } + + Print { screenshot; } + Ctrl+Print { screenshot-screen; } + Alt+Print { screenshot-window; } + + Mod+Shift+E { quit; } +} diff --git a/home/david/configurations/Tytonidae/niri/default.nix b/home/david/configurations/Tytonidae/niri/default.nix new file mode 100644 index 0000000..a970217 --- /dev/null +++ b/home/david/configurations/Tytonidae/niri/default.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: +{ + programs.niri = { + config = builtins.readFile ./config.kdl; + }; + home.packages = with pkgs; [ + mako + swaybg + xwayland-satellite + waybar + ]; +} diff --git a/home/david/modules/default.nix b/home/david/modules/default.nix new file mode 100644 index 0000000..c915eb0 --- /dev/null +++ b/home/david/modules/default.nix @@ -0,0 +1 @@ +{ ... }: { } diff --git a/home/modules/default.nix b/home/modules/default.nix new file mode 100644 index 0000000..af9e2c7 --- /dev/null +++ b/home/modules/default.nix @@ -0,0 +1,35 @@ +{ inputs, lib, ... }: +{ + imports = + (with inputs; [ + sops-nix.homeManagerModules.sops + ]) + ++ [ + ./nix.nix + ./helix + ./gpg + ./git.nix + ./shell + ./ghostty.nix + ./foot + ./starship + ./sops.nix + ]; + + options = { + youthlic.nixos.enable = lib.mkOption { + type = lib.types.bool; + default = false; + example = true; + description = '' + whether the os is nixos + ''; + }; + }; + config = { + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + }; +} diff --git a/home/modules/foot/default.nix b/home/modules/foot/default.nix new file mode 100644 index 0000000..ec0490c --- /dev/null +++ b/home/modules/foot/default.nix @@ -0,0 +1,25 @@ +{ config, lib, ... }: +let + cfg = config.youthlic.programs.foot; +in +{ + options = { + youthlic.programs.foot = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + example = false; + description = '' + whether use foot terminal + ''; + }; + }; + }; + config = lib.mkIf cfg.enable { + programs.foot = { + enable = true; + server.enable = true; + settings = builtins.fromINI (builtins.readFile ./foot.ini); + }; + }; +} diff --git a/home/modules/foot/foot.ini b/home/modules/foot/foot.ini new file mode 100644 index 0000000..f09e4e6 --- /dev/null +++ b/home/modules/foot/foot.ini @@ -0,0 +1,256 @@ +# -*- conf -*- + +# shell=$SHELL (if set, otherwise user's default shell from /etc/passwd) +term=foot +# login-shell=no + +# app-id=foot # globally set wayland app-id. Default values are "foot" and "footclient" for desktop and server mode +# title=foot +# locked-title=no + +font=FiraCode Nerd Font:size=15:lang=en-US +# font-bold= +# font-italic= +# font-bold-italic= +# font-size-adjustment=0.5 +# line-height= +# letter-spacing=0 +horizontal-letter-offset=0 +vertical-letter-offset=0 +# underline-offset= +# underline-thickness= +# strikeout-thickness= +# box-drawings-uses-font-glyphs=no +dpi-aware=yes + +# initial-window-size-pixels=700x500 # Or, +# initial-window-size-chars= +# initial-window-mode=windowed +# pad=0x0 +# resize-by-cells=yes +# resize-keep-grid=yes +# resize-delay-ms=100 + +# bold-text-in-bright=no +# word-delimiters=,│`|:"'()[]{}<> +selection-target=clipboard +# workers= +# utmp-helper=/usr/lib/utempter/utempter # When utmp backend is ‘libutempter’ (Linux) +# utmp-helper=/usr/libexec/ulog-helper # When utmp backend is ‘ulog’ (FreeBSD) + +[environment] +# name=value + +[bell] +# urgent=no +# notify=no +# visual=no +# command= +# command-focused=no + +[desktop-notifications] +# command=notify-send --wait --app-name ${app-id} --icon ${app-id} --category ${category} --urgency ${urgency} --expire-time ${expire-time} --hint STRING:image-path:${icon} --hint BOOLEAN:suppress-sound:${muted} --hint STRING:sound-name:${sound-name} --replace-id ${replace-id} ${action-argument} --print-id -- ${title} ${body} +# command-action-argument=--action ${action-name}=${action-label} +# close="" +# inhibit-when-focused=yes + + +[scrollback] +# lines=1000 +# multiplier=3.0 +# indicator-position=relative +# indicator-format="" + +[url] +# launch=xdg-open ${url} +# label-letters=sadfjklewcmpgh +# osc8-underline=url-mode +# protocols=http, https, ftp, ftps, file, gemini, gopher +# uri-characters=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[] + +[cursor] +style=beam # block +# color= +# blink=no +# blink-rate=500 +# beam-thickness=1.5 +# underline-thickness= + +[mouse] +hide-when-typing=yes +# alternate-scroll-mode=yes + +[touch] +# long-press-delay=400 + +[colors] +# alpha=1.0 +# background=242424 +# foreground=ffffff +# flash=7f7f00 +# flash-alpha=0.5 + +## Normal/regular colors (color palette 0-7) +# regular0=242424 # black +# regular1=f62b5a # red +# regular2=47b413 # green +# regular3=e3c401 # yellow +# regular4=24acd4 # blue +# regular5=f2affd # magenta +# regular6=13c299 # cyan +# regular7=e6e6e6 # white + +## Bright colors (color palette 8-15) +# bright0=616161 # bright black +# bright1=ff4d51 # bright red +# bright2=35d450 # bright green +# bright3=e9e836 # bright yellow +# bright4=5dc5f8 # bright blue +# bright5=feabf2 # bright magenta +# bright6=24dfc4 # bright cyan +# bright7=ffffff # bright white + +## dimmed colors (see foot.ini(5) man page) +# dim0= +# ... +# dim7= + +## The remaining 256-color palette +# 16 = <256-color palette #16> +# ... +# 255 = <256-color palette #255> + +## Sixel colors +# sixel0 = 000000 +# sixel1 = 3333cc +# sixel2 = cc2121 +# sixel3 = 33cc33 +# sixel4 = cc33cc +# sixel5 = 33cccc +# sixel6 = cccc33 +# sixel7 = 878787 +# sixel8 = 424242 +# sixel9 = 545499 +# sixel10 = 994242 +# sixel11 = 549954 +# sixel12 = 995499 +# sixel13 = 549999 +# sixel14 = 999954 +# sixel15 = cccccc + +## Misc colors +# selection-foreground= +# selection-background= +# jump-labels= # black-on-yellow +# scrollback-indicator= # black-on-bright-blue +# search-box-no-match= # black-on-red +# search-box-match= # black-on-yellow +# urls= + +[csd] +# preferred=server +# size=26 +# font= +# color= +# hide-when-maximized=no +# double-click-to-maximize=yes +# border-width=0 +# border-color= +# button-width=26 +# button-color= +# button-minimize-color= +# button-maximize-color= +# button-close-color= + +[key-bindings] +# scrollback-up-page=Shift+Page_Up +# scrollback-up-half-page=none +# scrollback-up-line=none +# scrollback-down-page=Shift+Page_Down +# scrollback-down-half-page=none +# scrollback-down-line=none +# scrollback-home=none +# scrollback-end=none +# clipboard-copy=Control+Shift+c XF86Copy +# clipboard-paste=Control+Shift+v XF86Paste +# primary-paste=Shift+Insert +# search-start=Control+Shift+r +# font-increase=Control+plus Control+equal Control+KP_Add +# font-decrease=Control+minus Control+KP_Subtract +# font-reset=Control+0 Control+KP_0 +# spawn-terminal=Control+Shift+n +# minimize=none +# maximize=none +# fullscreen=none +# pipe-visible=[sh -c "xurls | fuzzel | xargs -r firefox"] none +# pipe-scrollback=[sh -c "xurls | fuzzel | xargs -r firefox"] none +# pipe-selected=[xargs -r firefox] none +# pipe-command-output=[wl-copy] none # Copy last command's output to the clipboard +# show-urls-launch=Control+Shift+o +# show-urls-copy=none +# show-urls-persistent=none +# prompt-prev=Control+Shift+z +# prompt-next=Control+Shift+x +# unicode-input=Control+Shift+u +# noop=none +# quit=none + +[search-bindings] +# cancel=Control+g Control+c Escape +# commit=Return +# find-prev=Control+r +# find-next=Control+s +# cursor-left=Left Control+b +# cursor-left-word=Control+Left Mod1+b +# cursor-right=Right Control+f +# cursor-right-word=Control+Right Mod1+f +# cursor-home=Home Control+a +# cursor-end=End Control+e +# delete-prev=BackSpace +# delete-prev-word=Mod1+BackSpace Control+BackSpace +# delete-next=Delete +# delete-next-word=Mod1+d Control+Delete +# extend-char=Shift+Right +# extend-to-word-boundary=Control+w Control+Shift+Right +# extend-to-next-whitespace=Control+Shift+w +# extend-line-down=Shift+Down +# extend-backward-char=Shift+Left +# extend-backward-to-word-boundary=Control+Shift+Left +# extend-backward-to-next-whitespace=none +# extend-line-up=Shift+Up +# clipboard-paste=Control+v Control+Shift+v Control+y XF86Paste +# primary-paste=Shift+Insert +# unicode-input=none +# scrollback-up-page=Shift+Page_Up +# scrollback-up-half-page=none +# scrollback-up-line=none +# scrollback-down-page=Shift+Page_Down +# scrollback-down-half-page=none +# scrollback-down-line=none +# scrollback-home=none +# scrollback-end=none + +[url-bindings] +# cancel=Control+g Control+c Control+d Escape +# toggle-url-visible=t + +[text-bindings] +# \x03=Mod4+c # Map Super+c -> Ctrl+c + +[mouse-bindings] +# scrollback-up-mouse=BTN_WHEEL_BACK +# scrollback-down-mouse=BTN_WHEEL_FORWARD +# font-increase=Control+BTN_WHEEL_BACK +# font-decrease=Control+BTN_WHEEL_FORWARD +# selection-override-modifiers=Shift +# primary-paste=BTN_MIDDLE +# select-begin=BTN_LEFT +# select-begin-block=Control+BTN_LEFT +# select-extend=BTN_RIGHT +# select-extend-character-wise=Control+BTN_RIGHT +# select-word=BTN_LEFT-2 +# select-word-whitespace=Control+BTN_LEFT-2 +# select-quote = BTN_LEFT-3 +# select-row=BTN_LEFT-4 + +# vim: ft=dosini diff --git a/home/modules/ghostty.nix b/home/modules/ghostty.nix new file mode 100644 index 0000000..f884d23 --- /dev/null +++ b/home/modules/ghostty.nix @@ -0,0 +1,61 @@ +{ + pkgs, + config, + lib, + ... +}: +{ + options = { + youthlic.programs.ghostty = { + enable = lib.mkOption { + type = lib.types.bool; + example = false; + default = true; + description = '' + whether enable ghostty + ''; + }; + }; + }; + config = + let + cfg = config.youthlic.programs.ghostty; + in + (lib.mkIf cfg.enable { + programs.ghostty = lib.mkMerge [ + { + enable = true; + package = pkgs.ghostty; + settings = { + font-family = "FiraCode Nerd Font"; + font-feature = [ + "calt=1" + "clig=1" + "liga=1" + "cv01" + "cv02" + "cv06" + "zero" + "onum" + "cv17" + "ss05" + "ss03" + "cv16" + "cv31" + "cv29" + "cv30" + ]; + font-size = 17; + theme = "ayu"; + background-opacity = 0.8; + }; + } + (lib.mkIf config.youthlic.programs.fish.enable { + enableFishIntegration = true; + }) + (lib.mkIf config.youthlic.programs.bash.enable { + enableBashIntegration = true; + }) + ]; + }); +} diff --git a/home/modules/git.nix b/home/modules/git.nix new file mode 100644 index 0000000..5c541fe --- /dev/null +++ b/home/modules/git.nix @@ -0,0 +1,78 @@ +{ + config, + lib, + ... +}: +{ + options = { + youthlic.programs.git = { + email = lib.mkOption { + type = lib.types.str; + description = '' + git email + ''; + }; + name = lib.mkOption { + type = lib.types.str; + example = ''youthlic''; + description = '' + git name + ''; + }; + signKey = lib.mkOption { + type = lib.types.addCheck (lib.types.nullOr lib.types.str) ( + x: (x == null || config.youthlic.programs.gpg.enable) + ); + default = null; + description = '' + key fingerprint for sign commit + ''; + }; + }; + }; + config = + let + cfg = config.youthlic.programs.git; + in + { + programs.lazygit = { + enable = true; + }; + programs.gh = { + enable = true; + gitCredentialHelper.enable = true; + settings = { + git_protocol = "ssh"; + }; + }; + sops.secrets."git-credential" = { + mode = "0640"; + }; + programs.git = lib.mkMerge [ + { + enable = true; + userEmail = cfg.email; + userName = cfg.name; + delta = { + enable = true; + options = { + line-number = true; + hyperlinks = true; + side-by-side = true; + }; + }; + extraConfig = { + credential = { + helper = "store --file=${config.sops.secrets."git-credential".path}"; + }; + }; + } + (lib.mkIf (cfg.signKey != null) { + signing = { + signByDefault = true; + key = cfg.signKey; + }; + }) + ]; + }; +} diff --git a/home/modules/gpg/default.nix b/home/modules/gpg/default.nix new file mode 100644 index 0000000..f70087f --- /dev/null +++ b/home/modules/gpg/default.nix @@ -0,0 +1,50 @@ +{ + pkgs, + config, + lib, + ... +}: +{ + options = { + youthlic.programs.gpg = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + example = false; + description = '' + whether enable gpg + ''; + }; + }; + }; + config = + let + cfg = config.youthlic.programs.gpg; + in + lib.mkIf cfg.enable { + services.gpg-agent = lib.mkMerge [ + { + enable = true; + enableSshSupport = true; + pinentryPackage = pkgs.pinentry-qt; + } + (lib.mkIf config.youthlic.programs.fish.enable { + enableFishIntegration = true; + }) + (lib.mkIf config.youthlic.programs.bash.enable { + enableBashIntegration = true; + }) + ]; + programs.gpg = { + enable = true; + mutableKeys = true; + mutableTrust = true; + publicKeys = [ + { + source = ./public-key.txt; + trust = "ultimate"; + } + ]; + }; + }; +} diff --git a/home/modules/gpg/public-key.txt b/home/modules/gpg/public-key.txt new file mode 100644 index 0000000..be8175e --- /dev/null +++ b/home/modules/gpg/public-key.txt @@ -0,0 +1,23 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEZ4EP8BYJKwYBBAHaRw8BAQdAKGtsoTz2OMi6ZaUyE2IuGFuOniKDLX7WI5OH +iPoaH+K0LXlvdXRobGljIChtYWluIGtleSkgPHVsaWMueW91dGhsaWNAZ21haWwu +Y29tPoiTBBMWCgA7FiEExvy9f0nhy7q9ZmH3/AIGPwQzGpUFAmeBD/ACGwEFCwkI +BwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQ/AIGPwQzGpUEWwD+IMXd5CYtwkJD +GWv7w4LB8SkmMkzSAtCfn0rsLk5AAsUBAIHZGP869EO+MsiyzzbYzKEYeoULECc5 +RSu4kvcTIAoDuDMEZ4EQHRYJKwYBBAHaRw8BAQdAnmKX2VX5V1XJyI5J91KiqAk+ +bgssUJ5LUq+4RtJBguWI7wQYFgoAIBYhBMb8vX9J4cu6vWZh9/wCBj8EMxqVBQJn +gRAdAhsCAIEJEPwCBj8EMxqVdiAEGRYKAB0WIQQYMd5Sc/DTvN/HQadj6Gw8FKDX +IQUCZ4EQHQAKCRBj6Gw8FKDXISn7AP9CF4qs4EtwOqE/ghFrF4LxloGvIz9iPssI +5g1GrFE2awD/QM7ltH6lPgMNfa6/+fQeERWiz5jXCks/Cl/Sb+ydIAr0dQD/dQQH +MpFGntmx0vkhoZnx34sGHyjTwPM2lHHJMYwrmRcBAKqSa5mVb/wpDcR0CNyfusjC +HxQM6MgBQouDLP+ANtsMuDgEZ4EQORIKKwYBBAGXVQEFAQEHQCqKIhwfA/Jf5pNl +KZ60KG1rMwuE2jBM/buKmVK51xczAwEIB4h4BBgWCgAgFiEExvy9f0nhy7q9ZmH3 +/AIGPwQzGpUFAmeBEDkCGwwACgkQ/AIGPwQzGpXbiQEAwRhX1oMVLzsruiKVqNL+ +rMq+U6kTuadbh9fJAjCQ9QEA/AjFXS7hNvrsxzv3O+8P1nOZOMKB9p1aM2EDgpF7 +q0QNuDMEZ4EZ/xYJKwYBBAHaRw8BAQdAsw7WxrMq/qv2tvLRsGhCdauGAoL8L91b +TJQmvqWADjCIeAQYFgoAIBYhBMb8vX9J4cu6vWZh9/wCBj8EMxqVBQJngRn/Ahsg +AAoJEPwCBj8EMxqVSe0A/0vlCUek4APS09osNpUyLWcboq9x7Jw4ycChcqDTfweP +AQCRDLL8wMjSlwONCLmERl8KoXnQhaEz/f3TiInUYbdkCw== +=Rq0o +-----END PGP PUBLIC KEY BLOCK----- diff --git a/home/modules/helix/config.toml b/home/modules/helix/config.toml new file mode 100644 index 0000000..dedc232 --- /dev/null +++ b/home/modules/helix/config.toml @@ -0,0 +1,84 @@ +theme = "ayu_evolve" + +[editor] +line-number = "relative" +cursorline = true +cursorcolumn = false +true-color = true +undercurl = true +bufferline = "multiple" +color-modes = true +default-line-ending = "lf" +popup-border = "all" + +[editor.statusline] +left = [ + "mode", + "spacer", + "version-control", + "file-type", + "separator", + "read-only-indicator", + "file-name", + "file-modification-indicator", + "spacer", + "spinner", +] +center = ["diagnostics"] +right = [ + "register", + "file-line-ending", + "file-encoding", + "separator", + "total-line-numbers", + "position", + "position-percentage", +] +separator = "|" +mode.normal = "NORMAL" +mode.insert = "INSERT" +mode.select = "SELECT" + +[editor.lsp] +display-messages = true +display-inlay-hints = true + +[editor.cursor-shape] +insert = "bar" +normal = "block" +select = "underline" + +[editor.file-picker] +hidden = false + +[editor.auto-save] +focus-lost = true +after-delay.enable = true + +[editor.whitespace.render] +space = "all" +tab = "all" +newline = "none" + +[editor.whitespace.characters] +space = "·" +nbsp = "⍽" +tab = "→" +newline = "⏎" +tabpad = "·" + +[editor.indent-guides] +render = true + +[editor.gutters] +layout = ["diagnostics", "spacer", "line-numbers", "spacer", "diff"] +line-numbers.min-width = 1 + +[editor.soft-wrap] +enable = true +wrap-at-text-width = true + +[editor.inline-diagnostics] +cursor-line = "hint" +other-lines = "error" +prefix-len = 2 diff --git a/home/modules/helix/default.nix b/home/modules/helix/default.nix new file mode 100644 index 0000000..813aaf4 --- /dev/null +++ b/home/modules/helix/default.nix @@ -0,0 +1,56 @@ +{ + lib, + pkgs, + config, + ... +}: +{ + options = { + youthlic.programs.helix = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + example = false; + description = '' + enable helix editor + ''; + }; + extraPackages = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = with pkgs; [ + taplo + markdown-oxide + nixd + deno + nixfmt-rfc-style + ]; + example = ( + with pkgs; + [ + deno + ] + ); + description = '' + extra packages for helix lsp and formatter + ''; + }; + }; + }; + config = + let + cfg = config.youthlic.programs.helix; + in + { + programs.helix = lib.mkIf cfg.enable { + enable = true; + defaultEditor = true; + settings = + let + config-file = builtins.readFile ./config.toml; + config = builtins.fromTOML config-file; + in + config; + }; + home.packages = cfg.extraPackages; + }; +} diff --git a/home/modules/nix.nix b/home/modules/nix.nix new file mode 100644 index 0000000..86a2de8 --- /dev/null +++ b/home/modules/nix.nix @@ -0,0 +1,51 @@ +{ + inputs, + lib, + config, + pkgs, + outputs, + ... +}: +{ + config = + let + cfg = config.youthlic.nixos; + in + (lib.mkIf (!cfg.enable) { + nixpkgs = { + config = { + allowUnfree = true; + allowUnfreePredicate = (_: true); + }; + overlays = [ + outputs.overlays.modifications + outputs.overlays.additions + ]; + }; + nix = { + package = pkgs.nix; + settings = { + inherit (outputs.nix.settings) substituters; + trusted-public-keys = [ + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" + ]; + auto-optimise-store = lib.mkDefault true; + experimental-features = [ + "nix-command" + "flakes" + ]; + warn-dirty = false; + use-xdg-base-directories = true; + }; + registry.home = lib.mkDefault { + from = { + type = "indirect"; + id = "home"; + }; + flake = inputs.nixpkgs; + }; + }; + }); +} diff --git a/home/modules/shell/default.nix b/home/modules/shell/default.nix new file mode 100644 index 0000000..2b0a6bf --- /dev/null +++ b/home/modules/shell/default.nix @@ -0,0 +1,88 @@ +{ config, lib, ... }: +let + inherit (lib) mkOption mkIf mkMerge; + inherit (lib.types) bool; + fish-cfg = config.youthlic.programs.fish; + bash-cfg = config.youthlic.programs.bash; + cfg-helper = + conf: + mkMerge [ + conf + (mkIf fish-cfg.enable { + enableFishIntegration = true; + }) + (mkIf bash-cfg.enable { + enableBashIntegration = true; + }) + ]; +in +{ + options = { + youthlic.programs = { + fish = { + enable = mkOption { + type = bool; + default = true; + description = '' + whether to use fish shell + ''; + example = false; + }; + }; + bash = { + enable = mkOption { + type = bool; + default = true; + description = '' + whether to use bash shell + ''; + example = false; + }; + }; + }; + }; + config = mkMerge [ + { + programs = { + zoxide = cfg-helper { + enable = true; + }; + yazi = cfg-helper { + enable = true; + }; + fzf = cfg-helper { + enable = true; + }; + eza = cfg-helper { + enable = true; + }; + }; + } + (mkIf fish-cfg.enable { + programs = { + fish = { + enable = true; + functions = { + __fish_command_not_found_handler = { + body = "__fish_default_command_not_found_handler $argv[1]"; + onEvent = "fish_command_not_found"; + }; + fish_greeting = { + body = '' + fastfetch + ''; + }; + }; + }; + fastfetch.enable = true; + }; + }) + (mkIf bash-cfg.enable { + programs = { + bash = { + enable = true; + }; + }; + }) + ]; +} diff --git a/home/modules/sops.nix b/home/modules/sops.nix new file mode 100644 index 0000000..90f84d4 --- /dev/null +++ b/home/modules/sops.nix @@ -0,0 +1,48 @@ +{ + lib, + config, + pkgs, + rootPath, + ... +}: +{ + options = { + youthlic.programs.sops = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + example = true; + description = '' + whether enable sops-nix or not + ''; + }; + keyFile = lib.mkOption { + type = lib.types.nonEmptyStr; + default = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; + description = '' + path to age key file + ''; + }; + }; + }; + config = + let + cfg = config.youthlic.programs.sops; + in + lib.mkIf cfg.enable { + home.packages = ( + with pkgs; + [ + sops + age + ] + ); + sops = { + age = { + keyFile = cfg.keyFile; + generateKey = false; + }; + defaultSopsFile = rootPath + "/secrets/general.yaml"; + }; + }; +} diff --git a/home/modules/starship/config.toml b/home/modules/starship/config.toml new file mode 100644 index 0000000..09f1906 --- /dev/null +++ b/home/modules/starship/config.toml @@ -0,0 +1,213 @@ +"$schema" = 'https://starship.rs/config-schema.json' + +[character] +success_symbol = '[λ](bold blue)' +error_symbol = '[λ](bold red)' +vimcmd_symbol = '[Λ](bold blue)' +vimcmd_replace_one_symbol = '[Λ](bold purple)' +vimcmd_replace_symbol = '[Λ](bold purple)' +vimcmd_visual_symbol = '[Λ](bold yellow)' + +[[battery.display]] +threshold = 10 +style = 'bold red' + +[[battery.display]] +threshold = 30 +style = 'bold yellow' +discharging_symbol = '💦' + +[[battery.display]] +threshold = 100 +style = 'green' + +[git_branch] +format = 'on [$symbol$branch(:$remote_branch)]($style) ' +symbol = " " + +[git_status] +diverged = '⇕⇡${ahead_count}⇣${behind_count}' +conflicted = "[⚔️${count}](red)" +ahead = '[⇡${count}](bold green)' +behind = '[⇣${count}](bold yellow)' +untracked = '[!${count}](red)' +stashed = "[📦${count}](purple)" +modified = '[M${count}](bold yellow)' +staged = "[+${count}](green)" +renamed = "[»${count}](bold yellow)" +deleted = '[-${count}](blue)' +up_to_date = '[✓](green)' +format = '([(\[$all_status\])(\[$ahead_behind\])]($style) ) ' + +[git_commit] +format = '([\($hash$tag\)]($style) )' +only_detached = false + +[directory] +fish_style_pwd_dir_length = 2 +truncation_length = 2 +truncate_to_repo = false +repo_root_style = "bold green" +use_os_path_sep = false +read_only = " 󰌾" + + +[aws] +symbol = " " + +[buf] +symbol = " " + +[c] +symbol = " " + +[conda] +symbol = " " + +[crystal] +symbol = " " + +[dart] +symbol = " " + +[docker_context] +symbol = " " + +[elixir] +symbol = " " + +[elm] +symbol = " " + +[fennel] +symbol = " " + +[fossil_branch] +symbol = " " + +[golang] +symbol = " " + +[guix_shell] +symbol = " " + +[haskell] +symbol = " " + +[haxe] +symbol = " " + +[hg_branch] +symbol = " " + +[hostname] +ssh_symbol = " " + +[java] +symbol = " " + +[julia] +symbol = " " + +[kotlin] +symbol = " " + +[lua] +symbol = " " + +[memory_usage] +symbol = "󰍛 " + +[meson] +symbol = "󰔷 " + +[nim] +symbol = "󰆥 " + +[nix_shell] +symbol = " " + +[nodejs] +symbol = " " + +[ocaml] +symbol = " " + +[os.symbols] +Alpaquita = " " +Alpine = " " +AlmaLinux = " " +Amazon = " " +Android = " " +Arch = " " +Artix = " " +CentOS = " " +Debian = " " +DragonFly = " " +Emscripten = " " +EndeavourOS = " " +Fedora = " " +FreeBSD = " " +Garuda = "󰛓 " +Gentoo = " " +HardenedBSD = "󰞌 " +Illumos = "󰈸 " +Kali = " " +Linux = " " +Mabox = " " +Macos = " " +Manjaro = " " +Mariner = " " +MidnightBSD = " " +Mint = " " +NetBSD = " " +NixOS = " " +OpenBSD = "󰈺 " +openSUSE = " " +OracleLinux = "󰌷 " +Pop = " " +Raspbian = " " +Redhat = " " +RedHatEnterprise = " " +RockyLinux = " " +Redox = "󰀘 " +Solus = "󰠳 " +SUSE = " " +Ubuntu = " " +Unknown = " " +Void = " " +Windows = "󰍲 " + +[package] +symbol = "󰏗 " + +[perl] +symbol = " " + +[php] +symbol = " " + +[pijul_channel] +symbol = " " + +[python] +symbol = " " + +[rlang] +symbol = "󰟔 " + +[ruby] +symbol = " " + +[rust] +symbol = "󱘗 " + +[scala] +symbol = " " + +[swift] +symbol = " " + +[zig] +symbol = " " + diff --git a/home/modules/starship/default.nix b/home/modules/starship/default.nix new file mode 100644 index 0000000..cf8691e --- /dev/null +++ b/home/modules/starship/default.nix @@ -0,0 +1,36 @@ +{ lib, config, ... }: +let + cfg = config.youthlic.programs.starship; +in +{ + options = { + youthlic.programs.starship = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + example = false; + description = '' + whether enable starship + ''; + }; + }; + }; + config = lib.mkIf cfg.enable { + programs.starship = lib.mkMerge [ + { + enable = true; + settings = + let + config-file = builtins.readFile ./config.toml; + in + builtins.fromTOML config-file; + } + (lib.mkIf config.youthlic.programs.fish.enable { + enableFishIntegration = true; + }) + (lib.mkIf config.youthlic.programs.bash.enable { + enableBashIntegration = true; + }) + ]; + }; +} diff --git a/nixos/configurations/Tytonidae/dae/config.dae b/nixos/configurations/Tytonidae/dae/config.dae new file mode 100644 index 0000000..6137588 --- /dev/null +++ b/nixos/configurations/Tytonidae/dae/config.dae @@ -0,0 +1,89 @@ +include { + proxy.d/*.dae +} + +global { + lan_interface: auto + wan_interface: auto + + log_level: trace + allow_insecure: false + auto_config_kernel_parameter: true + dial_mode: domain + + tcp_check_url: 'http://cp.cloudflare.com' + udp_check_dns: 'dns.google.com:53' + check_interval: 600s + check_tolerance: 50ms + + tproxy_port: 12345 +} + +dns { + ipversion_prefer: 4 + + upstream { + googledns: 'tcp+udp://8.8.8.8:53' + alidns: 'udp://dns.alidns.com:53' + } + routing { + request { + qname(geosite: category-ads) -> reject + qname(geosite: category-ads-all) -> reject + qname(geosite: cn) -> alidns + fallback: googledns + } + response { + upstream(googledns) && ip(geoip: private) -> alidns + fallback: accept + } + } +} + +group { + proxy { + filter: subtag(wget) + policy: min_moving_avg + } + us { + filter: subtag(wget) && name(keyword: "美国") + policy: min_moving_avg + } + hk { + filter: subtag(wget) && name(keyword: "香港") + policy: min_moving_avg + } +} + +# 更多的 Routing 样例见 https://github.com/daeuniverse/dae/blob/main/docs/en/configuration/routing.md +routing { + pname(hickory-dns) && dport(53) -> must_direct + pname(mihomo) -> must_direct + pname(systemd-resolved) -> must_direct + + domain(full: time.windows.com) -> must_direct + domain(regex: ".*wgetcloud.*v2ray.*") -> must_direct + domain(suffix: "hit.edu.cn") -> must_direct + domain(geosite: microsoft) -> proxy + # domain(geosite: onedrive) -> must_direct + domain(geosite: "category-ai-chat-!cn") -> us + domain(geosite: google) -> us + domain(geosite: google-play) -> proxy + domain(geosite: apple) -> us + domain(geosite: spotify) -> us + domain(geosite: tiktok) -> us + domain(geosite: cn) -> direct + + dip(geoip:private) -> direct + dip(geoip:cn) -> direct + # dport(63434) && sip(192.168.31.170) -> hk + dip(223.5.5.5) -> direct + + # ban qq dns over http + # dip(43.136.0.0/13) -> block + # dip(109.244.0.0/16) -> block + # dip(175.27.0.0/16) -> block + # dip('2409:8C1E:75B0:80::/64') -> block + + fallback: proxy +} diff --git a/nixos/configurations/Tytonidae/dae/default.nix b/nixos/configurations/Tytonidae/dae/default.nix new file mode 100644 index 0000000..f4fa4d9 --- /dev/null +++ b/nixos/configurations/Tytonidae/dae/default.nix @@ -0,0 +1,119 @@ +{ + pkgs, + config, + rootPath, + ... +}: +{ + services.dae = { + enable = true; + openFirewall = { + enable = true; + port = 12345; + }; + disableTxChecksumIpGeneric = false; + config = builtins.readFile ./config.dae; + }; + sops.secrets.url = { + mode = "0444"; + sopsFile = rootPath + "/secrets/general.yaml"; + }; + systemd.services = + let + new_proxy = "/etc/dae/proxy.d.new"; + head = "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36"; + update = '' + num=0 + check=1 + urls="$(${pkgs.coreutils}/bin/cat ${config.sops.secrets.url.path})" + mkdir -p ${new_proxy} + for url in "''${urls}"; do + txt=${new_proxy}/''${num}.txt + config="${new_proxy}/''${num}.dae" + ${pkgs.curl}/bin/curl -H "${head}" "''${url}" > "''${txt}" + ${pkgs.coreutils}/bin/echo "" > ''${config} + ${pkgs.coreutils}/bin/echo 'subscription {' >> ''${config} + ${pkgs.coreutils}/bin/echo \ \ wget:\ \"file\://proxy.d/''${num}.txt\" >> ''${config} + ${pkgs.coreutils}/bin/echo } >> ''${config} + if [[ ! -s ''${txt} ]]; then + check=0 + fi + ${pkgs.coreutils}/bin/chmod 0640 ''${txt} + ${pkgs.coreutils}/bin/chmod 0640 ''${config} + link=$((link+1)) + + if [[ ''${check} -eq 0 ]]; then + exit -1 + fi + done + ${pkgs.coreutils}/bin/rm -r /etc/dae/proxy.d + ${pkgs.coreutils}/bin/mv ${new_proxy} /etc/dae/proxy.d + ''; + in + { + "update-dae-subscription-immediate" = { + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + before = [ "dae.service" ]; + serviceConfig = { + Type = "oneshot"; + User = "root"; + ExecStart = + let + script = pkgs.writeTextFile { + name = "update-dae-subscription-immediate"; + executable = true; + destination = "/bin/script"; + text = '' + ${pkgs.coreutils}/bin/mkdir -p /etc/proxy.d + if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then + ${pkgs.coreutils}/bin/echo "No subscription file found in /etc/dae/proxy.d. Update now..." + ${update} + else + ${pkgs.coreutils}/bin/echo "Found existing subscription files. Skipping immediate update." + fi + ''; + }; + in + [ + "${pkgs.bash}/bin/bash ${script}/bin/script" + ]; + }; + wantedBy = [ "multi-user.target" ]; + }; + + # "update-dae-subscription-weekly" = { + # after = [ "network-online.target" ]; + # wants = [ "network-online.target" ]; + # wantedBy = [ "multi-user.target" ]; + # serviceConfig = { + # Type = "oneshot"; + # ExecStart = + # let + # script = pkgs.writeTextFile { + # name = "update-dae-subscription-weekly"; + # executable = true; + # destination = "/bin/script"; + # text = '' + # ${pkgs.coreutils}/bin/echo "Force subscription update..." + # ${pkgs.coreutils}/bin/mkdir -p /etc/proxy.d + # ${update} + # ''; + # }; + # in + # [ + # "${pkgs.bash}/bin/bash ${script}/bin/script" + # ]; + # }; + # }; + }; + + # systemd.timers."dae-update" = { + # wantedBy = [ "timers.target" ]; + # timerConfig = { + # OnCalendar = "weekly"; + # Unit = "dae-update.service"; + # Persistent = true; + # }; + # }; +} diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix new file mode 100644 index 0000000..373137f --- /dev/null +++ b/nixos/configurations/Tytonidae/default.nix @@ -0,0 +1,80 @@ +{ pkgs, inputs, ... }: +{ + imports = + (with inputs; [ + nixos-hardware.nixosModules.asus-fx506hm + ]) + ++ [ + ./i18n.nix + ./gui.nix + ./users + ./openssh.nix + ./kvm.nix + ./dae + ./nh.nix + ./steam.nix + + # Include the hardware related config + ./hardware-configuration.nix + ./networking.nix + ]; + + youthlic.home-manager = { + enable = true; + unixName = "david"; + hostName = "Tytonidae"; + }; + + programs.gnupg.agent = { + enable = true; + }; + + networking.hostName = "Tytonidae"; + + time.timeZone = "Asia/Shanghai"; + + services.printing.enable = true; + + environment.systemPackages = with pkgs; [ + nix-output-monitor + wget + git + vim + helix + nixd + nixfmt-rfc-style + + element-desktop + discord-ptb + asusctl + vlc + btop + handbrake + wechat-uos + nvtopPackages.full + spotify + ]; + + environment.variables.EDITOR = "hx"; + + nixpkgs = { + config = { + allowUnfree = true; + }; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_zen; + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + + system.stateVersion = "24.11"; # Did you read the comment? +} diff --git a/nixos/configurations/Tytonidae/gui.nix b/nixos/configurations/Tytonidae/gui.nix new file mode 100644 index 0000000..c5a3268 --- /dev/null +++ b/nixos/configurations/Tytonidae/gui.nix @@ -0,0 +1,72 @@ +{ pkgs, ... }: +{ + # Enable the X11 windowing system. + # You can disable this if you're only using the Wayland session. + services.xserver = { + display = 0; + enable = true; + }; + # Enable the KDE Plasma Desktop Environment. + # services.displayManager.sddm.enable = true; + # services.desktopManager.plasma6.enable = true; + services.desktopManager.cosmic.enable = true; + services.displayManager.cosmic-greeter.enable = true; + programs.niri = { + enable = true; + package = pkgs.niri-unstable; + }; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "cn"; + variant = ""; + }; + + environment.systemPackages = with pkgs; [ + fontconfig + ]; + programs.firefox.enable = true; + programs.localsend.enable = true; + + fonts = { + enableDefaultPackages = false; + packages = with pkgs; [ + nerd-fonts.fira-code + noto-fonts + noto-fonts-cjk-sans + noto-fonts-cjk-serif + noto-fonts-emoji + lxgw-wenkai + ]; + fontconfig.defaultFonts = pkgs.lib.mkForce { + serif = [ + "LXGW WenKai" + "Noto Serif CJK SC" + "Noto Serif" + ]; + sansSerif = [ + "Noto Serif CJK SC" + "Noto Serif" + ]; + monospace = [ + "FiraCode Nerd Font" + ]; + emoji = [ "Noto Color Emoji" ]; + }; + }; + + services.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; +} diff --git a/nixos/configurations/Tytonidae/hardware-configuration.nix b/nixos/configurations/Tytonidae/hardware-configuration.nix new file mode 100644 index 0000000..6c18642 --- /dev/null +++ b/nixos/configurations/Tytonidae/hardware-configuration.nix @@ -0,0 +1,58 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/b638dbc9-8945-482d-9d10-193271d3df98"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/A779-6930"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/7f7e95f2-8f2a-4998-bd71-01466e8ecc98"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno2.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s13f0u1u1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/configurations/Tytonidae/i18n.nix b/nixos/configurations/Tytonidae/i18n.nix new file mode 100644 index 0000000..9f8576a --- /dev/null +++ b/nixos/configurations/Tytonidae/i18n.nix @@ -0,0 +1,43 @@ +{ + pkgs, + outputs, + ... +}: +{ + i18n = { + defaultLocale = "C.UTF-8"; + extraLocaleSettings = { + LC_ADDRESS = "zh_CN.UTF-8"; + LC_IDENTIFICATION = "zh_CN.UTF-8"; + LC_MEASUREMENT = "zh_CN.UTF-8"; + LC_MONETARY = "zh_CN.UTF-8"; + LC_NAME = "zh_CN.UTF-8"; + LC_NUMERIC = "zh_CN.UTF-8"; + LC_PAPER = "zh_CN.UTF-8"; + LC_TELEPHONE = "zh_CN.UTF-8"; + LC_TIME = "zh_CN.UTF-8"; + }; + inputMethod = { + enable = true; + type = "fcitx5"; + fcitx5 = { + addons = with pkgs; [ + libsForQt5.fcitx5-qt + fcitx5-gtk + fcitx5-configtool + fcitx5-chinese-addons + (fcitx5-rime.override { + rimeDataPkgs = ( + with (outputs.packages."${pkgs.system}"); + [ + rime-ice + ] + ); + }) + ]; + waylandFrontend = true; + }; + }; + }; + +} diff --git a/nixos/configurations/Tytonidae/kvm.nix b/nixos/configurations/Tytonidae/kvm.nix new file mode 100644 index 0000000..6d8045b --- /dev/null +++ b/nixos/configurations/Tytonidae/kvm.nix @@ -0,0 +1,9 @@ +{ ... }: +{ + programs.virt-manager.enable = true; + virtualisation = { + libvirtd.enable = true; + spiceUSBRedirection.enable = true; + }; + +} diff --git a/nixos/configurations/Tytonidae/networking.nix b/nixos/configurations/Tytonidae/networking.nix new file mode 100644 index 0000000..5211ff3 --- /dev/null +++ b/nixos/configurations/Tytonidae/networking.nix @@ -0,0 +1,36 @@ +{ ... }: +{ + systemd.network = { + enable = true; + wait-online.enable = false; + networks = { + "eno2" = { + matchConfig.Name = "eno2"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + }; + }; + }; + + networking = { + networkmanager.enable = false; + useNetworkd = true; + useDHCP = false; + + wireless.iwd = { + enable = true; + settings = { + General = { + EnableNetworkConfiguration = true; + }; + Network = { + EnableIPv6 = true; + NameResolvingService = "systemd"; + }; + }; + }; + firewall.enable = false; + }; +} diff --git a/nixos/configurations/Tytonidae/nh.nix b/nixos/configurations/Tytonidae/nh.nix new file mode 100644 index 0000000..02b15ef --- /dev/null +++ b/nixos/configurations/Tytonidae/nh.nix @@ -0,0 +1,11 @@ +{ + ... +}: +{ + programs.nh = { + enable = true; + clean.enable = true; + clean.extraArgs = "--keep-since 4d --keep 3"; + flake = ./..; + }; +} diff --git a/nixos/configurations/Tytonidae/openssh.nix b/nixos/configurations/Tytonidae/openssh.nix new file mode 100644 index 0000000..9a20b0f --- /dev/null +++ b/nixos/configurations/Tytonidae/openssh.nix @@ -0,0 +1,37 @@ +{ ... }: +{ + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + X11Forwarding = true; + PermitRootLogin = "no"; + LogLevel = "VERBOSE"; + Macs = [ + "hmac-sha2-512-etm@openssh.com" + "hmac-sha2-256-etm@openssh.com" + "umac-128-etm@openssh.com" + "hmac-sha2-512" + "hmac-sha2-256" + "umac-128@openssh.com" + ]; + Ciphers = [ + "chacha20-poly1305@openssh.com" + "aes256-gcm@openssh.com" + "aes128-gcm@openssh.com" + "aes256-ctr" + "aes192-ctr" + "aes128-ctr" + ]; + KexAlgorithms = [ + "curve25519-sha256@libssh.org" + "ecdh-sha2-nistp521" + "ecdh-sha2-nistp384" + "ecdh-sha2-nistp256" + "diffie-hellman-group-exchange-sha256" + ]; + }; + ports = [ 3022 ]; + }; +} diff --git a/nixos/configurations/Tytonidae/steam.nix b/nixos/configurations/Tytonidae/steam.nix new file mode 100644 index 0000000..c0b639e --- /dev/null +++ b/nixos/configurations/Tytonidae/steam.nix @@ -0,0 +1,12 @@ +{ ... }: +{ + config = { + hardware.graphics.enable32Bit = true; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play + dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers + }; + }; +} diff --git a/nixos/configurations/Tytonidae/users/david.nix b/nixos/configurations/Tytonidae/users/david.nix new file mode 100644 index 0000000..81f564b --- /dev/null +++ b/nixos/configurations/Tytonidae/users/david.nix @@ -0,0 +1,18 @@ +{ pkgs, ... }: +{ + users.users.david = { + isNormalUser = true; + description = "david"; + extraGroups = [ + "networkmanager" + "libvirtd" + "wheel" + ]; + }; + + programs.fish.enable = true; + users.users.david.shell = pkgs.fish; + users.users.david.openssh.authorizedKeys.keyFiles = [ + ./tytonidae.pub + ]; +} diff --git a/nixos/configurations/Tytonidae/users/default.nix b/nixos/configurations/Tytonidae/users/default.nix new file mode 100644 index 0000000..63da96d --- /dev/null +++ b/nixos/configurations/Tytonidae/users/default.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + imports = [ + ./david.nix + ]; +} diff --git a/nixos/configurations/Tytonidae/users/tytonidae.pub b/nixos/configurations/Tytonidae/users/tytonidae.pub new file mode 100644 index 0000000..8ada3ea --- /dev/null +++ b/nixos/configurations/Tytonidae/users/tytonidae.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETMs9b4xfFRsgPZUzrVce3J27p0LBKLfZwhNMen0Da9 david@nixos diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix new file mode 100644 index 0000000..0179a9b --- /dev/null +++ b/nixos/modules/default.nix @@ -0,0 +1,30 @@ +{ + inputs, + outputs, + pkgs, + ... +}: +{ + imports = + (with inputs; [ + niri-flake.nixosModules.niri + nixos-cosmic.nixosModules.default + home-manager.nixosModules.home-manager + dae.nixosModules.dae + sops-nix.nixosModules.sops + ]) + ++ [ + ./nix.nix + ./home.nix + ./sops.nix + ]; + + config = { + nixpkgs = { + overlays = with outputs.overlays; [ + modifications + additions + ]; + }; + }; +} diff --git a/nixos/modules/home.nix b/nixos/modules/home.nix new file mode 100644 index 0000000..644ee18 --- /dev/null +++ b/nixos/modules/home.nix @@ -0,0 +1,68 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + rootPath, + ... +}: +{ + options.youthlic.home-manager = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + example = true; + description = '' + whether enable home-manager or not + ''; + }; + unixName = lib.mkOption { + type = lib.types.str; + default = "david"; + example = "youthlic"; + description = '' + unix name of home-manager user + ''; + }; + hostName = lib.mkOption { + type = lib.types.str; + example = "Tytonidae"; + description = '' + host name of home-manager user + ''; + }; + }; + config = + let + cfg = config.youthlic.home-manager; + unixName = cfg.unixName; + hostName = cfg.hostName; + in + lib.mkIf cfg.enable { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users."${cfg.unixName}" = ( + { ... }: + { + imports = [ + outputs.homeManagerModules."${unixName}" + (rootPath + "/home/${unixName}/configurations/${hostName}") + ]; + + config = { + youthlic.nixos.enable = true; + }; + } + ); + extraSpecialArgs = { + inherit outputs inputs rootPath; + inherit (cfg) unixName hostName; + inherit (pkgs) system; + }; + backupFileExtension = "backup"; + sharedModules = [ outputs.homeManagerModules.default ]; + }; + }; +} diff --git a/nixos/modules/nix.nix b/nixos/modules/nix.nix new file mode 100644 index 0000000..127cb66 --- /dev/null +++ b/nixos/modules/nix.nix @@ -0,0 +1,45 @@ +{ + inputs, + outputs, + pkgs, + lib, + ... +}: +{ + config = { + nix = { + nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; + settings = { + inherit (outputs.nix.settings) substituters; + trusted-users = [ + "root" + "@wheel" + ]; + trusted-public-keys = [ + "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + auto-optimise-store = lib.mkDefault true; + experimental-features = [ + "nix-command" + "flakes" + ]; + warn-dirty = false; + system-features = [ + "kvm" + "big-parallel" + ]; + use-xdg-base-directories = true; + builders-use-substitutes = true; + }; + package = pkgs.nix; + registry.sys = lib.mkDefault { + from = { + type = "indirect"; + id = "sys"; + }; + flake = inputs.nixpkgs; + }; + }; + }; +} diff --git a/nixos/modules/sops.nix b/nixos/modules/sops.nix new file mode 100644 index 0000000..8728615 --- /dev/null +++ b/nixos/modules/sops.nix @@ -0,0 +1,20 @@ +{ + rootPath, + config, + ... +}: +{ + config = { + sops.defaultSopsFile = rootPath + "/secrets/general.yaml"; + sops.age = + let + unixName = config.youthlic.home-manager.unixName; + cfg = config.users.users."${unixName}"; + in + { + keyFile = "${cfg.home}/.config/sops/age/keys.txt"; + sshKeyPaths = [ ]; + generateKey = false; + }; + }; +} diff --git a/nixpkgs.nix b/nixpkgs.nix new file mode 100644 index 0000000..b0652ee --- /dev/null +++ b/nixpkgs.nix @@ -0,0 +1,7 @@ +let + lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked; +in +import (fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz"; + sha256 = lock.narHash; +}) diff --git a/overlays/additions/default.nix b/overlays/additions/default.nix new file mode 100644 index 0000000..da50d99 --- /dev/null +++ b/overlays/additions/default.nix @@ -0,0 +1,9 @@ +{ ... }@args: +final: prev: +let + inherit (prev) lib; + overlay-files = [ + ]; + overlay-list = map (file: import file args) overlay-files; +in +(lib.composeManyExtensions overlay-list) final prev diff --git a/overlays/modifications/default.nix b/overlays/modifications/default.nix new file mode 100644 index 0000000..5a51b49 --- /dev/null +++ b/overlays/modifications/default.nix @@ -0,0 +1,13 @@ +{ ... }@args: +final: prev: +let + inherit (prev) lib; + overlay-files = [ + ./helix.nix + ./spotify.nix + ./niri.nix + ./ghostty.nix + ]; + overlay-list = map (file: import file args) overlay-files; +in +(lib.composeManyExtensions overlay-list) final prev diff --git a/overlays/modifications/ghostty.nix b/overlays/modifications/ghostty.nix new file mode 100644 index 0000000..dbc8773 --- /dev/null +++ b/overlays/modifications/ghostty.nix @@ -0,0 +1,9 @@ +{ inputs, ... }: +final: prev: +let + inherit (final) stdenv; + inherit (stdenv.hostPlatform) system; +in +{ + ghostty = inputs.ghostty.packages."${system}".default; +} diff --git a/overlays/modifications/helix.nix b/overlays/modifications/helix.nix new file mode 100644 index 0000000..21756b5 --- /dev/null +++ b/overlays/modifications/helix.nix @@ -0,0 +1,9 @@ +{ inputs, ... }: +final: prev: +let + inherit (final) stdenv; + inherit (stdenv.hostPlatform) system; +in +{ + helix = inputs.helix.packages."${system}".default; +} diff --git a/overlays/modifications/niri.nix b/overlays/modifications/niri.nix new file mode 100644 index 0000000..5ba2cf6 --- /dev/null +++ b/overlays/modifications/niri.nix @@ -0,0 +1 @@ +{ inputs, ... }: inputs.niri-flake.overlays.niri diff --git a/overlays/modifications/spotify.nix b/overlays/modifications/spotify.nix new file mode 100644 index 0000000..6db04ec --- /dev/null +++ b/overlays/modifications/spotify.nix @@ -0,0 +1 @@ +{ inputs, ... }: inputs.oskars-dotfiles.overlays.spotx diff --git a/pkgs/default.nix b/pkgs/default.nix new file mode 100644 index 0000000..db05879 --- /dev/null +++ b/pkgs/default.nix @@ -0,0 +1,24 @@ +{ + pkgs, + inputs, + ... +}: +{ + immersive-translate = + (pkgs.callPackage "${inputs.firefox-addons}/default.nix" { }).firefox-addons.immersive-translate; +} +// ( + let + nur-xddxdd = (pkgs.callPackage "${inputs.nur-xddxdd}/default.nix" { }); + in + pkgs.lib.genAttrs [ "rime-zhwiki" "rime-moegirl" ] (name: nur-xddxdd."${name}") + // { + rime-ice = nur-xddxdd.rime-ice.overrideAttrs { + buildPhase = '' + runHook preBuild + + runHook postBuild + ''; + }; + } +) diff --git a/secrets/general.yaml b/secrets/general.yaml new file mode 100644 index 0000000..b8eac3b --- /dev/null +++ b/secrets/general.yaml @@ -0,0 +1,23 @@ +ssh-private-key: ENC[AES256_GCM,data:hT2/OaZBAXK8eQe0qAxHw8nO6Z9ErzUdGWUgN/0c04NKUz6dyynKXsSEE7sC/P/WfUCOTXVgf7u/SY2/hMBG2tpceEwx2FDVJnUDF6Wi/2U8C1z3TjBitjYY1apku3lMTNYF7GwflUA+lB3xcKJ9dKnJlU/5moPqCf58G5w9DFXM1YJcUfVQ1Cl5MKguJkxpSw4MMm7QxGhruX5C/a84TYIZC/IHll3f1e6qvM+5TEibXIa9LBMcT7pxw4SQ/vhPmAJO54/GHbktTHxkjPbo2keGr3J1Im+TlX9OB81cbNZMxIn++Igw9iffF0LZmudmndLhWFPUK0itpkP8pjMY3rIrI6KsPG/7w4zQMO0p6rNfeGjkLvKp3mj5mYRlBdMaqtiqngAxzelsKaVhXlO+JXR+qdpONico8mRP+f3KSJU6gmGCIw0RNFcBlV/NN2VNUTxBS7/cwYGKF1kkb4Or9h5l5N7Ta1U5m2PEYclrneuclx6fdKXfChLG65E0l86EgpMyC6hHSL1x51e8QJSnHBkbjAMI59Kj9sy4QE8J4/a3q1D/sr/bn2t2Y7W0CckK7iPqyeiA0RSXiIVZ,iv:QVQCQJyc2ZgSzBpJ2MIrjgxBKghpr48k9yGzBUIoffg=,tag:3zo3vzwqWhQkAWB4N4R0NQ==,type:str] +git-credential: ENC[AES256_GCM,data:Rt6ccMJ+D/Jv1U7Ex51j4zIKp5KIyPFJdWZwJyW6liU5CHxBfrFWeNOJobhT5tFPrhzHRUI=,iv:f2SYFKpAcHoKG3dMsniKRi02EFDzwgzzli5Qzw8CWqo=,tag:hUi0FAZ7+2+mcqUsz5HtbQ==,type:str] +url: ENC[AES256_GCM,data:n152X334cpUJXgm/0D+mbF2xDOSq/xT4xO3rBLjxEkcAexkn7lIm2mHKLaumBO0M7YC6gP/AVZlhOrpC7EtwwyzvxFgZIYBT0u3pKRpp2ifedMXd/7iKq45vu3xltX8blFF5TcMslO4UsXJEc+NxnCMS/PvO,iv:RWFUzHi2t06CqY1fHPTFUJevyW0bXc1xuhsjfZd3UAw=,tag:BWGxxAtfoJ8tbbbKbkzQRw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjQ2IrRG90eUJUT1grZEtV + N25XNDI0Z0JlZ2RJWU5LN05jbDQwL0hMMkU4Cm5sVHpiVHV5UVdIY24xNFZYTmpm + TUlyZmQ1TTZuaHB3aFpzV2hPZnNNZGcKLS0tIGJrN1lqWUFOU09XcFJ5Mys0WjV6 + dTkwcThVQTNYZ0RKWnIwMEgzQ2lYMVEKWs0OsGlPCRfsjZwntyVa6RGhZLye35kX + 3PDxZ66jP63OGi5Hai17fp5IvT3/mIRWh6UMq44TFz9OQoUWCymakg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-01-12T08:58:47Z" + mac: ENC[AES256_GCM,data:XXdGGA/S6tg3xlsLwEtRjLHIVRRQHR2MBIeZv+9VtGYG1cBJD64RGZBCAJ5Jaw7WctcqZqj0Q1C9rIgNyv8ZYJTum3ok469WNFfcoDkPCr12nAO7vujvZp5xA5KfOdiP3wrHmorD4hl8qfv2oURm2RDcfzMIL2LWgNiwWndXs+I=,iv:RVHpsunJlOzN3QxxPfQdkUiC+Tf71j4L7SGEeTfDzYM=,tag:BgMqfCz1RG5Kl5PCIf/HdQ==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.2 diff --git a/secrets/ssh-config.yaml b/secrets/ssh-config.yaml new file mode 100644 index 0000000..8835406 --- /dev/null +++ b/secrets/ssh-config.yaml @@ -0,0 +1,21 @@ +ssh-config: ENC[AES256_GCM,data:kQe12czlvgScrtOae32PpKNrXREh1XP5n7WrFvBb4NcGLRj0j61T490D5v6vgTzppyQnU84tTNVtMBUfdLN6jjdli8cEM71qcKy4eLw=,iv:FaUEI9dYamBt7kI9quCNBXZwDzTosR4ad1JQq6IatBE=,tag:R4TTA6iMrRQPt1ApYBGfEg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmWklncVlZbTFXdndXUmJ4 + bTlyOEkvZE5aUnJHQzRJVjRBK2dja2RmaGpZCnNQRTdJeXJHSTFLaGx3SUpBUUI5 + R1p5Y0w3OG1KYmZScDczelVkdFBReDAKLS0tIHZSM2Y5NExYVzArVWppK01vQUtF + K1A5bnBxMjJPV2NyRzNuOXVSY2tkZFUKinl6fL9caEM/bzTfQYk8ZCYLsMdgwmJE + LhNSWMFL9zqxSFFZ5GrrT/hATR+5AckKydD+3uYxQbGKO8TO39HVKQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-01-12T08:59:41Z" + mac: ENC[AES256_GCM,data:uJ7GrffSlgKCxxmCVrrs1gNTpEEs/B8F9aEHHTdwlSFCTxcueNbIP2RaQVRQmyZO5CDTD/srmCT1dwPwAaxQE49OFUwUDgpn2JMjQdTyLmbK5+JDfvvMNnv/OVNaQUvVPsPoA1CqCqrpKOLh6kfp1FpYkPpZFOoQWByKw/FmSL8=,iv:CX4RJvRJce7wLUxyM1Fi89G1PINte9gxXoBfYMHn4NQ=,tag:12eZ1TZLsdlDpUZa/1HPWA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.2