hektor/nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: hektor:claude-nvim
Branches Tags
hektor:main hektor:claude-nvim hektor:feat/flakify-neovim hektor:disko
..
compare: hektor:26f542b34e20ecdfe88560082daf535760eba7cb
Branches Tags
hektor:main hektor:claude-nvim hektor:feat/flakify-neovim hektor:disko

1 Commits
claude-nvi ... 26f542b34e

Author SHA1 Message Date
Hektor Misplon
26f542b34e modularize NixOS secrets config 2025-11-23 21:46:07 +01:00
84 changed files with 489 additions and 1555 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -4,5 +4,3 @@ result
result-* result-*
nixos-efi-vars.fd nixos-efi-vars.fd
home/hosts/work/packages.local.nix

32
dots/.bin/pomo
View File

@@ -8,24 +8,19 @@ Pomodoro timer
- Notification on break finish - Notification on break finish
""" """
import atexit
import os import os
import atexit
from argparse import ArgumentParser from argparse import ArgumentParser
from time import sleep from time import sleep
from plyer import notification from plyer import notification
POMO_PATH = os.path.join( POMO_PATH = os.path.join(os.getenv("XDG_DATA_HOME", os.path.expanduser("~/.local/share")), "pomo")
os.getenv("XDG_DATA_HOME", os.path.expanduser("~/.local/share")), "pomo"
)
@atexit.register @atexit.register
def clear(): def clear():
if os.path.exists(POMO_PATH): if os.path.exists(POMO_PATH):
os.remove(POMO_PATH) os.remove(POMO_PATH)
def format_mins_secs(mins, secs): def format_mins_secs(mins, secs):
return f"{mins:02d}:{secs:02d}" return f"{mins:02d}:{secs:02d}"
@@ -39,7 +34,6 @@ def make_countdown():
os.system(f'echo -n "{time_str}" > {POMO_PATH}') os.system(f'echo -n "{time_str}" > {POMO_PATH}')
sleep(1) sleep(1)
duration -= 1 duration -= 1
return countdown return countdown
@@ -64,23 +58,21 @@ def main(args):
def handle_signal(signal, frame): def handle_signal(signal, frame):
# Wait for clear to finish # Wait for clear to finish
clear() clear()
print("Exiting") print('Exiting')
exit(0) exit(0)
if __name__ == "__main__": if __name__ == '__main__':
parser = ArgumentParser() parser = ArgumentParser()
parser.add_argument( parser.add_argument('-w', '--work-duration', type=int,
"-w", "--work-duration", type=int, help="Session duration", default=25 help='Session duration', default=25)
) parser.add_argument('-b', '--break-duration', type=int,
parser.add_argument( help='Break duration', default=5)
"-b", "--break-duration", type=int, help="Break duration", default=5 parser.add_argument('-r', '--repeats', type=int,
) help='Numer of sessions', default=1)
parser.add_argument( parser.add_argument('-c', '--clear', action='store_true',
"-r", "--repeats", type=int, help="Numer of sessions", default=1 help='Clear timer')
)
parser.add_argument("-c", "--clear", action="store_true", help="Clear timer")
args = parser.parse_args() args = parser.parse_args()

8
dots/.bin/r5rs
View File

@@ -2,8 +2,8 @@
session="r5rs" session="r5rs"
tmux attach-session -t "$session" || tmux new-session -s "$session" \; \ tmux attach-session -t $session || tmux new-session -s $session \; \
split-window -h -t $session \; \ split-window -h -t $session \; \
send-keys -t 1 "nvim -c \"set ft=scheme\"" C-m \; \ send-keys -t 0 "vim" C-m \; \
send-keys -t 2 "plt-r5rs --no-prim" C-m \; \ send-keys -t 1 "plt-r5rs --no-prim" C-m \; \
select-pane -t 1 select-pane -t 0

1
dots/.bin/save-home
View File

@@ -22,5 +22,4 @@ restic -r "$RESTIC_REPOSITORY:$HOSTNAME" backup \
--one-file-system \ --one-file-system \
--files-from="$HOME/.resticinclude" \ --files-from="$HOME/.resticinclude" \
--exclude-file="$HOME/.resticexclude" \ --exclude-file="$HOME/.resticexclude" \
--exclude-if-present=".nobackup" \
--verbose=3 --verbose=3

17
dots/.bin/screen-temperature
View File

@@ -1,12 +1,12 @@
#!/usr/bin/env python #!/usr/bin/env python
import subprocess
import sys import sys
import subprocess
DEFAULT_TEMPERATURE = 3500 DEFAULT_TEMPERATURE = 3500
try: try:
with open("/tmp/temperature", "r") as temp_file: with open('/tmp/temperature', 'r') as temp_file:
current_temperature = int(temp_file.read()) current_temperature = int(temp_file.read())
except FileNotFoundError: except FileNotFoundError:
current_temperature = DEFAULT_TEMPERATURE current_temperature = DEFAULT_TEMPERATURE
@@ -16,8 +16,7 @@ if len(sys.argv) == 1:
print(current_temperature) print(current_temperature)
sys.exit(0) sys.exit(0)
elif len(sys.argv) != 2: elif len(sys.argv) != 2:
print( print("""
"""
Usage: Usage:
screen-temperature screen-temperature
@@ -28,8 +27,7 @@ Usage:
screen-temperature <+|-><temperature> screen-temperature <+|-><temperature>
increase or decrease screen temperature by <temperature> increase or decrease screen temperature by <temperature>
""" """)
)
sys.exit(1) sys.exit(1)
temperature_change = sys.argv[1] temperature_change = sys.argv[1]
@@ -43,10 +41,11 @@ else:
try: try:
subprocess.run(["redshift", "-O", str(new_temperature), "-P"], check=True) subprocess.run(["redshift", "-O", str(new_temperature), "-P"], check=True)
with open("/tmp/temperature", "w") as temp_file: with open('/tmp/temperature', 'w') as temp_file:
temp_file.write(str(new_temperature) + "\n") temp_file.write(str(new_temperature) + '\n')
# Send notification # Send notification
subprocess.run(["notify-send", str(new_temperature) + "K"]) subprocess.run(
["notify-send", str(new_temperature) + "K"])
except subprocess.CalledProcessError: except subprocess.CalledProcessError:
print("Error: could not set screen temperature.") print("Error: could not set screen temperature.")
sys.exit(1) sys.exit(1)

144
dots/.bin/taskdeps Executable file
View File

@@ -0,0 +1,144 @@
#!/usr/bin/python
import argparse
import json
import subprocess
from collections import defaultdict
def get_task_data():
command = (
"task +PENDING or +WAITING -COMPLETED -DELETED export | "
"jq '[.[] | {uuid: .uuid, id, depends: .depends, description: .description, status: .status }]'"
)
output = subprocess.check_output(command, shell=True)
return json.loads(output)
def parse_task_data(data):
dependency_graph = defaultdict(list)
task_details = {}
dependent_tasks = set()
for task in data:
task_id = task["uuid"]
task_details[task_id] = {
"id": task.get("id", "?"),
"description": task.get("description", "No description"),
"status": task.get("status", "Unknown status"),
}
if task["depends"]:
for dependency in task["depends"]:
dependency_graph[dependency].append(task_id)
dependent_tasks.add(task_id)
root_tasks = set(task_details.keys()) - dependent_tasks
return task_details, dependency_graph, root_tasks
def get_all_parents(task_id, dependency_graph):
return [
parent for parent, children in dependency_graph.items() if task_id in children
]
def build_ascii_dag(
task_id,
task_details,
dependency_graph,
prefix="",
is_last=True,
show_id=True,
visited=None,
):
if visited is None:
visited = set()
if task_id in visited:
return [f"{prefix}{'└── ' if is_last else '├── '}... (cycle detected)"]
visited.add(task_id)
task_info = task_details[task_id]
task_line = f"{prefix}{'└── ' if is_last else '├── '}{task_info['id'] + ': ' if show_id else ''}{task_info['description']} ({task_info['status']})"
lines = [task_line]
children = dependency_graph.get(task_id, [])
for idx, child in enumerate(children):
child_is_last = idx == len(children) - 1
child_prefix = prefix + (" " if is_last else "│ ")
lines.extend(
build_ascii_dag(
child,
task_details,
dependency_graph,
child_prefix,
child_is_last,
show_id,
visited.copy(),
)
)
return lines
def render_dependency_dag(task_details, dependency_graph, root_tasks, show_id):
dag_lines = []
global_visited = set()
def dfs(task_id, prefix="", is_last=True, visited=None):
if visited is None:
visited = set()
if task_id in visited:
return
visited.add(task_id)
global_visited.add(task_id)
task_info = task_details[task_id]
task_line = f"{prefix}{'└── ' if is_last else '├── '}{str(task_info['id']) + ': ' if show_id else ''}{task_info['description']} ({task_info['status']})"
dag_lines.append(task_line)
children = dependency_graph.get(task_id, [])
for idx, child in enumerate(children):
child_is_last = idx == len(children) - 1
child_prefix = prefix + (" " if is_last else "│ ")
dfs(child, child_prefix, child_is_last, visited.copy())
root_tasks_with_children = [
root for root in root_tasks if dependency_graph.get(root, [])
]
for root in sorted(
root_tasks_with_children,
key=lambda x: len(dependency_graph.get(x, [])),
reverse=True,
):
if root not in global_visited:
dfs(root)
dag_lines.append("")
return "\n".join(dag_lines).rstrip()
def main(args):
data = get_task_data()
task_details, dependency_graph, root_tasks = parse_task_data(data)
ascii_dag = render_dependency_dag(
task_details, dependency_graph, root_tasks, show_id=args.show_id
)
print(ascii_dag)
if __name__ == "__main__":
parser = argparse.ArgumentParser(
description="Generates a task dependency DAG for Taskwarrior tasks."
)
parser.add_argument(
"--show-id",
action="store_true",
default=False,
help="Include task IDs in the output.",
)
args = parser.parse_args()
main(args)

8
dots/.bin/zk
View File

@@ -1,9 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
current_zettel_path="$ZK_PATH/$(cat "$ZK_PATH/current-zettel.txt")"
if [ "$TERM_PROGRAM" = tmux ]; then if [ "$TERM_PROGRAM" = tmux ]; then
cd "$ZK_PATH" && $EDITOR "$current_zettel_path" cd ~/.zk && $EDITOR "$(cat ~/.zk/current-zettel.txt)"
else else
echo 'Not in tmux' echo 'Not in tmux'
echo 'Choose an option:' echo 'Choose an option:'
@@ -20,12 +18,12 @@ else
else else
# Create session with a window named 'zk' and start nvim # Create session with a window named 'zk' and start nvim
tmux new-session -s zk -n zk -d tmux new-session -s zk -n zk -d
tmux send-keys -t zk:zk "cd $ZK_PATH && $EDITOR $current_zettel_path" Enter tmux send-keys -t zk:zk "cd ~/.zk && $EDITOR \"\$(cat ~/.zk/current-zettel.txt)\"" Enter
tmux attach -t zk tmux attach -t zk
fi fi
;; ;;
2) 2)
cd "$ZK_PATH" && $EDITOR "$current_zettel_path" cd ~/.zk && $EDITOR "$(cat ~/.zk/current-zettel.txt)"
;; ;;
*) *)
echo 'Not opening Zettelkasten' echo 'Not opening Zettelkasten'

2
dots/.config/kitty/kitty.conf
View File

@@ -136,7 +136,7 @@ map f5 goto_tab 5
map f6 goto_tab 6 map f6 goto_tab 6
map f7 goto_tab 7 map f7 goto_tab 7
map f8 goto_tab 8 map f8 goto_tab 8
# map kitty_mod+c new_tab # FIXME: conflict with 'copy' map kitty_mod+c new_tab
map cmd+t map cmd+t
map kitty_mod+q map kitty_mod+q
map cmd+w map cmd+w

1
dots/.config/nvim/after/plugin/claude-code.nvim.lua
View File

@@ -1 +0,0 @@
require("claude-code").setup()

32
dots/.config/nvim/after/plugin/codecompanion.nvim.lua
View File

@@ -1,16 +1,16 @@
-- require("codecompanion").setup({ require("codecompanion").setup({
-- extensions = { extensions = {
-- mcphub = { mcphub = {
-- callback = "mcphub.extensions.codecompanion", callback = "mcphub.extensions.codecompanion",
-- opts = { opts = {
-- make_vars = true, make_vars = true,
-- make_slash_commands = true, make_slash_commands = true,
-- show_result_in_chat = true show_result_in_chat = true
-- } }
-- } }
-- }, },
-- strategies = { strategies = {
-- chat = { adapter = "openai" }, chat = { adapter = "openai" },
-- inline = { adapter = "openai" }, inline = { adapter = "openai" },
-- }, },
-- }) })

6
dots/.config/nvim/after/plugin/conform.lua
View File

@@ -1,6 +1,6 @@
require("conform").setup({ require("conform").setup({
format_after_save = { format_after_save = {
lsp_fallback = true, lsp_fallback = false,
async = false, async = false,
timeout_ms = 500, timeout_ms = 500,
}, },
@@ -18,8 +18,8 @@ require("conform").setup({
nix = { "nixfmt" }, nix = { "nixfmt" },
javascript = { "eslint_d", "eslint", "prettierd", "prettier", stop_after_first = true }, javascript = { "eslint_d", "eslint", "prettierd", "prettier", stop_after_first = true },
javascriptreact = { "eslint_d", "eslint", "prettierd", "prettier", stop_after_first = true }, javascriptreact = { "eslint_d", "eslint", "prettierd", "prettier", stop_after_first = true },
-- json = { "prettierd", "prettier", stop_after_first = true }, json = { "prettierd", "prettier", stop_after_first = true },
-- jsonc = { "prettierd", "prettier", stop_after_first = true }, jsonc = { "prettierd", "prettier", stop_after_first = true },
python = { "isort", "black" }, python = { "isort", "black" },
svelte = { "eslint_d", "prettierd", "prettier", stop_after_first = true }, svelte = { "eslint_d", "prettierd", "prettier", stop_after_first = true },
typescript = { "eslint_d", "prettierd", "prettier", stop_after_first = true }, typescript = { "eslint_d", "prettierd", "prettier", stop_after_first = true },

1
dots/.config/nvim/after/plugin/fidget.nvim.lua
View File

@@ -1 +0,0 @@
require("fidget").setup()

78
dots/.config/nvim/after/plugin/formatter.nvim.lua
View File

@@ -1,78 +0,0 @@
-- require("formatter").setup({
-- logging = true,
-- filetype = {
-- typescriptreact = {
-- -- prettier
-- function()
-- return {
-- exe = "prettier",
-- args = { "--stdin-filepath", vim.api.nvim_buf_get_name(0) },
-- stdin = true,
-- }
-- end,
-- },
-- typescript = {
-- -- prettier
-- function()
-- return {
-- exe = "prettier",
-- args = { "--stdin-filepath", vim.api.nvim_buf_get_name(0) },
-- stdin = true,
-- }
-- end,
-- -- linter
-- -- function()
-- -- return {
-- -- exe = "eslint",
-- -- args = {
-- -- "--stdin-filename",
-- -- vim.api.nvim_buf_get_name(0),
-- -- "--fix",
-- -- "--cache"
-- -- },
-- -- stdin = false
-- -- }
-- -- end
-- },
-- javascript = {
-- -- prettier
-- function()
-- return {
-- exe = "prettier",
-- args = { "--stdin-filepath", vim.api.nvim_buf_get_name(0) },
-- stdin = true,
-- }
-- end,
-- },
-- javascriptreact = {
-- -- prettier
-- function()
-- return {
-- exe = "prettier",
-- args = { "--stdin-filepath", vim.api.nvim_buf_get_name(0) },
-- stdin = true,
-- }
-- end,
-- },
-- json = {
-- -- prettier
-- function()
-- return {
-- exe = "prettier",
-- args = { "--stdin-filepath", vim.api.nvim_buf_get_name(0) },
-- stdin = true,
-- }
-- end,
-- },
-- lua = {
-- -- luafmt
-- function()
-- return {
-- exe = "luafmt",
-- args = { "--indent-count", 2, "--stdin" },
-- stdin = true,
-- }
-- end,
-- },
-- },
-- })

6
dots/.config/nvim/after/plugin/fzf-lua.lua
View File

@@ -5,9 +5,7 @@ fzf.setup({ "max-perf" })
vim.keymap.set("n", "<leader>f<leader>", fzf.builtin) -- Help vim.keymap.set("n", "<leader>f<leader>", fzf.builtin) -- Help
vim.keymap.set("n", "<leader>fc", fzf.commands) vim.keymap.set("n", "<leader>fc", fzf.commands)
vim.keymap.set("n", "<leader>ff", fzf.files) vim.keymap.set("n", "<leader>ff", fzf.files)
vim.keymap.set("n", "<leader>fg", function() vim.keymap.set("n", "<leader>fg", fzf.live_grep_native)
fzf.live_grep_native({ resume = true })
end)
vim.keymap.set("n", "<leader>fb", fzf.buffers) vim.keymap.set("n", "<leader>fb", fzf.buffers)
vim.keymap.set("n", "<leader>fd", fzf.diagnostics_workspace) vim.keymap.set("n", "<leader>fd", fzf.diagnostics_workspace)
vim.keymap.set("n", "<leader>fhe", fzf.help_tags) vim.keymap.set("n", "<leader>fhe", fzf.help_tags)
@@ -15,4 +13,4 @@ vim.keymap.set("n", "<leader>fhi", fzf.search_history)
vim.keymap.set("n", "<leader>fma", fzf.marks) vim.keymap.set("n", "<leader>fma", fzf.marks)
vim.keymap.set("n", "<leader>fma", fzf.man_pages) vim.keymap.set("n", "<leader>fma", fzf.man_pages)
vim.keymap.set("i", "<c-f>", fzf.complete_file) vim.keymap.set("i", "<c-f>", fzf.complete_path)

20
dots/.config/nvim/after/plugin/image.nvim.lua
View File

@@ -1,10 +1,10 @@
-- require("image").setup({ require("image").setup({
-- backend = "kitty", backend = "kitty",
-- kitty_method = "normal", kitty_method = "normal",
-- processor = "magick_cli", processor = "magick_cli",
-- integrations = { integrations = {
-- markdown = { markdown = {
-- filetypes = { "markdown", "pandoc" }, filetypes = { "markdown", "pandoc" },
-- }, },
-- }, },
-- }) })

1
dots/.config/nvim/after/plugin/kubectl.nvim.lua
View File

@@ -1 +0,0 @@
require("kubectl").setup()

99
dots/.config/nvim/after/plugin/lspconfig.lua
View File

@@ -17,9 +17,11 @@ local servers = {
format = false, format = false,
}, },
}, },
-- emmet_language_server = {}, emmet_language_server = {},
gdscript = {}, gdscript = {},
helm_ls = { filetypes = { "helm", "yaml.helm-values" } }, helm_ls = {
filetypes = { "yaml", "helm", "yaml.helm-values" },
},
hls = { filetypes = { "haskell", "lhaskell", "cabal" } }, hls = { filetypes = { "haskell", "lhaskell", "cabal" } },
html = {}, html = {},
jsonls = { jsonls = {
@@ -63,26 +65,8 @@ local servers = {
}, },
}, },
-- marksman = {}, -- marksman = {},
-- TODO: This completion ain't working yet nixd = {},
nixd = {
nixpkgs = {
expr = "import <nixpkgs> { }",
},
formatting = {
command = { "nixfmt" },
},
options = {
home_manager = {
expr = '(builtins.getFlake "/home/hektor/.config/home-manager").homeConfigurations.work.options',
},
},
},
pyright = {}, pyright = {},
rust_analyzer = {
settings = {
["rust-analyzer"] = {},
},
},
-- tsserver = {}, -- tsserver = {},
svelte = { svelte = {
plugin = { plugin = {
@@ -92,43 +76,48 @@ local servers = {
}, },
}, },
tailwindcss = {}, tailwindcss = {},
terraformls = {}, -- vtsls = {},
-- ts_ls = {}, ts_ls = {},
vtsls = { -- vtsls = {
maxTsServerMemory = 16384, -- maxTsServerMemory = 16384,
filetypes = { -- filetypes = {
"javascript", -- "javascript",
"javascriptreact", -- "javascriptreact",
"javascript.jsx", -- "javascript.jsx",
"typescript", -- "typescript",
"typescriptreact", -- "typescriptreact",
"typescript.tsx", -- "typescript.tsx",
}, -- },
settings = { -- settings = {
complete_function_calls = true, -- complete_function_calls = true,
vtsls = { -- vtsls = {
enableMoveToFileCodeAction = true, -- enableMoveToFileCodeAction = true,
autoUseWorkspaceTsdk = true, -- autoUseWorkspaceTsdk = true,
experimental = { completion = { enableServerSideFuzzyMatch = true } }, -- experimental = {
}, -- completion = {
typescript = { -- enableServerSideFuzzyMatch = true,
updateImportsOnFileMove = { enabled = "always" }, -- },
suggest = { completeFunctionCalls = true }, -- },
inlayHints = { -- },
enumMemberValues = { enabled = true }, -- typescript = {
functionLikeReturnTypes = { enabled = true }, -- updateImportsOnFileMove = { enabled = "always" },
parameterNames = { enabled = "literals" }, -- suggest = {
parameterTypes = { enabled = true }, -- completeFunctionCalls = true,
propertyDeclarationTypes = { enabled = true }, -- },
variableTypes = { enabled = false }, -- inlayHints = {
}, -- enumMemberValues = { enabled = true },
}, -- functionLikeReturnTypes = { enabled = true },
}, -- parameterNames = { enabled = "literals" },
}, -- parameterTypes = { enabled = true },
-- propertyDeclarationTypes = { enabled = true },
-- variableTypes = { enabled = false },
-- },
-- },
-- },
-- },
yamlls = { yamlls = {
settings = { settings = {
yaml = { yaml = {
validate = true,
schemaStore = { schemaStore = {
-- You must disable built-in schemaStore support if you want to use -- You must disable built-in schemaStore support if you want to use
-- this plugin and its advanced options like `ignore`. -- this plugin and its advanced options like `ignore`.

9
dots/.config/nvim/after/plugin/m_taskwarrior_d.nvim.lua
View File

@@ -1,9 +0,0 @@
require("m_taskwarrior_d").setup()
vim.api.nvim_create_autocmd({ "BufEnter", "BufWritePost" }, {
group = vim.api.nvim_create_augroup("TWTask", { clear = true }),
pattern = "*.md",
callback = function()
vim.cmd("TWSyncTasks")
end,
})

2
dots/.config/nvim/after/plugin/mcphub.nvim.lua
View File

@@ -1 +1 @@
-- require("mcphub").setup({}) require("mcphub").setup({})

2
dots/.config/nvim/after/plugin/nvim-cmp.lua
View File

@@ -62,8 +62,8 @@ cmp.setup({
["<CR>"] = c_l, ["<CR>"] = c_l,
}), }),
sources = { sources = {
{ name = "zk" },
{ name = "copilot", group_index = 2 }, { name = "copilot", group_index = 2 },
{ name = "zk" },
{ name = "nvim_lsp", keyword_length = 8 }, { name = "nvim_lsp", keyword_length = 8 },
{ name = "luasnip", max_item_count = 16 }, { name = "luasnip", max_item_count = 16 },
{ name = "path" }, { name = "path" },

11
dots/.config/nvim/after/plugin/nvim-lint.lua
View File

@@ -12,8 +12,8 @@ require("lint").linters_by_ft = {
editorconfig = { "editorconfig-checker" }, editorconfig = { "editorconfig-checker" },
haskell = { "hlint" }, haskell = { "hlint" },
-- html = { "htmlhint" }, -- html = { "htmlhint" },
javascript = { eslint_linter }, -- javascript = { eslint_linter },
javascriptreact = { eslint_linter }, -- javascriptreact = { eslint_linter },
gdscript = { "gdlint" }, gdscript = { "gdlint" },
latex = { "chktex" }, latex = { "chktex" },
-- lua = { "luacheck", "selene" }, -- lua = { "luacheck", "selene" },
@@ -22,9 +22,10 @@ require("lint").linters_by_ft = {
-- python = { "pylint" }, -- python = { "pylint" },
sh = { "shellcheck" }, sh = { "shellcheck" },
svelte = { eslint_linter }, svelte = { eslint_linter },
typescript = { eslint_linter }, systemd = { "systemdlint" },
typescriptreact = { eslint_linter }, -- typescript = { eslint_linter },
-- yaml = { "yamllint" }, -- typescriptreact = { eslint_linter },
yaml = { "yamllint" },
} }
-- TODO: Wouldn't it be possible / nice to only try to load the linters when they are -- TODO: Wouldn't it be possible / nice to only try to load the linters when they are

9
dots/.config/nvim/after/plugin/obsidian-nvim.lua
View File

@@ -1,9 +0,0 @@
require("obsidian").setup({
legacy_commands = false,
workspaces = {
{
name = "test",
path = "~/zk/work",
},
},
})

7
dots/.config/nvim/after/plugin/treesitter.lua
View File

@@ -4,13 +4,10 @@ local keymap = vim.keymap
local opt = vim.opt local opt = vim.opt
local treesitter_configs = require("nvim-treesitter.configs") local treesitter_configs = require("nvim-treesitter.configs")
local nixCatsUtils = require("nixCatsUtils")
local is_nix = nixCatsUtils.isNixCats
treesitter_configs.setup({ treesitter_configs.setup({
-- Basically added what I might need from the docs -- Basically added what I might need from the docs
-- <https://github.com/nvim-treesitter/nvim-treesitter?tab=readme-ov-file#supported-languages> -- <https://github.com/nvim-treesitter/nvim-treesitter?tab=readme-ov-file#supported-languages>
ensure_installed = is_nix and {} or { ensure_installed = {
"awk", "awk",
"bash", "bash",
"bibtex", "bibtex",
@@ -89,7 +86,7 @@ treesitter_configs.setup({
enable = true, enable = true,
}, },
sync_install = false, sync_install = false,
auto_install = not is_nix, auto_install = true,
ignore_install = {}, ignore_install = {},
modules = {}, modules = {},
textobjects = { textobjects = {

4
dots/.config/nvim/after/plugin/wiki.vim.lua
View File

@@ -1,6 +1,6 @@
vim.cmd([[ vim.cmd([[
" " Change local buffer to directory of current file after the plugin has loaded " Change local buffer to directory of current file after the plugin has loaded
" autocmd VimEnter * lcd %:p:h autocmd VimEnter * lcd %:p:h
" " Override wiki index mapping to also cd into the wiki " " Override wiki index mapping to also cd into the wiki
nm <leader>ww <plug>(wiki-index) nm <leader>ww <plug>(wiki-index)

35
dots/.config/nvim/flake.lock generated
View File

@@ -2,11 +2,11 @@
"nodes": { "nodes": {
"nixCats": { "nixCats": {
"locked": { "locked": {
"lastModified": 1765766809, "lastModified": 1763330129,
"narHash": "sha256-3Xp41+Sb1zIzASa1Uu1k1RMUoJ9CGyYb0GtvvpRPBqg=", "narHash": "sha256-KbOeWIF52SV53BOeETGO2C5ewaV2Ex9iaXH7G72gOr8=",
"owner": "BirdeeHub", "owner": "BirdeeHub",
"repo": "nixCats-nvim", "repo": "nixCats-nvim",
"rev": "fe157e3ed69ed14b55ca81f597eac282caed58a2", "rev": "c81551ed87db2aefab30a12cf7425ff94dc0ad64",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -17,11 +17,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1765934234, "lastModified": 1763464769,
"narHash": "sha256-pJjWUzNnjbIAMIc5gRFUuKCDQ9S1cuh3b2hKgA7Mc4A=", "narHash": "sha256-AJHrsT7VoeQzErpBRlLJM1SODcaayp0joAoEA35yiwM=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "af84f9d270d404c17699522fab95bbf928a2d92f", "rev": "6f374686605df381de8541c072038472a5ea2e2d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -79,30 +79,14 @@
"type": "github" "type": "github"
} }
}, },
"plugins-m-taskwarrior-d-nvim": {
"flake": false,
"locked": {
"lastModified": 1764933759,
"narHash": "sha256-4lN/ZQTQ7uMcpjePbf2k913Bs9AYYS6da3iZbckA6oI=",
"owner": "huantrinh1802",
"repo": "m_taskwarrior_d.nvim",
"rev": "279d2c8bcd2779500c1bea71fb9249c97cdb503b",
"type": "github"
},
"original": {
"owner": "huantrinh1802",
"repo": "m_taskwarrior_d.nvim",
"type": "github"
}
},
"plugins-mcphub-nvim": { "plugins-mcphub-nvim": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1765628564, "lastModified": 1759035242,
"narHash": "sha256-nvWqCGRKhbUHsAM/zd+cwFdcoXXxf6EmcCkpN4mElf4=", "narHash": "sha256-I6EbgY/2sAdtrxtmH0qbAAQvMCHhOsfolJfblV0fXOk=",
"owner": "ravitemer", "owner": "ravitemer",
"repo": "mcphub.nvim", "repo": "mcphub.nvim",
"rev": "5193329d510a68f1f5bf189960642c925c177a3a", "rev": "8ff40b5edc649959bb7e89d25ae18e055554859a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -166,7 +150,6 @@
"plugins-beancount-nvim": "plugins-beancount-nvim", "plugins-beancount-nvim": "plugins-beancount-nvim",
"plugins-crazy-node-movement": "plugins-crazy-node-movement", "plugins-crazy-node-movement": "plugins-crazy-node-movement",
"plugins-helm-ls-nvim": "plugins-helm-ls-nvim", "plugins-helm-ls-nvim": "plugins-helm-ls-nvim",
"plugins-m-taskwarrior-d-nvim": "plugins-m-taskwarrior-d-nvim",
"plugins-mcphub-nvim": "plugins-mcphub-nvim", "plugins-mcphub-nvim": "plugins-mcphub-nvim",
"plugins-nvimkit-nvim": "plugins-nvimkit-nvim", "plugins-nvimkit-nvim": "plugins-nvimkit-nvim",
"plugins-shipwright-nvim": "plugins-shipwright-nvim", "plugins-shipwright-nvim": "plugins-shipwright-nvim",

17
dots/.config/nvim/flake.nix
View File

@@ -7,10 +7,6 @@
url = "github:rktjmp/shipwright.nvim"; url = "github:rktjmp/shipwright.nvim";
flake = false; flake = false;
}; };
plugins-m-taskwarrior-d-nvim = {
url = "github:huantrinh1802/m_taskwarrior_d.nvim";
flake = false;
};
plugins-crazy-node-movement = { plugins-crazy-node-movement = {
url = "github:theHamsta/crazy-node-movement"; url = "github:theHamsta/crazy-node-movement";
flake = false; flake = false;
@@ -69,15 +65,14 @@
gawk gawk
gdtoolkit_4 gdtoolkit_4
isort isort
tree-sitter
ormolu
nodePackages.prettier
nixd nixd
nixfmt nixfmt
nodePackages.prettier
ormolu
prettierd prettierd
rustfmt
shellcheck-minimal shellcheck-minimal
stylua stylua
tree-sitter
vscode-langservers-extracted vscode-langservers-extracted
]; ];
}; };
@@ -148,11 +143,7 @@
copilot-lua copilot-lua
copilot-cmp copilot-cmp
pkgs.neovimPlugins.helm-ls-nvim pkgs.neovimPlugins.helm-ls-nvim
kitty-scrollback-nvim pkgs.vimPlugins.kitty-scrollback-nvim
fidget-nvim
rustaceanvim
pkgs.neovimPlugins.m-taskwarrior-d-nvim
claude-code-nvim
]; ];
}; };

1
dots/.config/nvim/ftplugin/dotenv.lua
View File

@@ -1 +0,0 @@
vim.opt_local.filetype = "sh"

1
dots/.config/nvim/init.lua
View File

@@ -20,7 +20,6 @@ require("statusline")
require("diagnostic") require("diagnostic")
require("utils") require("utils")
require("zk") require("zk")
require("skeleton")
require("reload") require("reload")
require("paq-setup") -- when not on nixCats require("paq-setup") -- when not on nixCats

10
dots/.config/nvim/lua/paq-setup.lua
View File

@@ -34,17 +34,13 @@ require("nixCatsUtils.catPacker").setup({
{ "razak17/tailwind-fold.nvim" }, { "razak17/tailwind-fold.nvim" },
{ "rmagatti/auto-session" }, { "rmagatti/auto-session" },
{ "kndndrj/nvim-dbee" }, { "kndndrj/nvim-dbee" },
-- { "3rd/image.nvim", build = false }, { "3rd/image.nvim", build = false },
{ "polarmutex/beancount.nvim" }, { "polarmutex/beancount.nvim" },
-- { "jamesblckwell/nvimkit.nvim" }, { "jamesblckwell/nvimkit.nvim" },
{ "olimorris/codecompanion.nvim" }, { 'olimorris/codecompanion.nvim' },
{ "ravitemer/mcphub.nvim", build = "pnpm install -g mcp-hub@latest" }, { "ravitemer/mcphub.nvim", build = "pnpm install -g mcp-hub@latest" },
{ "zbirenbaum/copilot.lua" }, { "zbirenbaum/copilot.lua" },
{ "zbirenbaum/copilot-cmp" }, { "zbirenbaum/copilot-cmp" },
{ "qvalentin/helm-ls.nvim", ft = "helm" }, { "qvalentin/helm-ls.nvim", ft = "helm" },
{ "saghen/blink.download" },
{ "ramilito/kubectl.nvim" },
{ "mikesmithgh/kitty-scrollback.nvim" }, { "mikesmithgh/kitty-scrollback.nvim" },
{ "chrisgrieser/nvim-early-retirement" },
{ "euclio/vim-markdown-composer" },
}) })

4
dots/.config/nvim/skeletons/shell.nix
View File

@@ -1,4 +1,6 @@
{ {
pkgs ? import <nixpkgs> { }, pkgs ? import <nixpkgs> { },
}: }:
pkgs.mkShell { nativeBuildInputs = with pkgs.buildPackages; [ ]; } pkgs.mkShell {
nativeBuildInputs = with pkgs.buildPackages; [ ];
}

12
dots/.config/nvim/snips/typescriptreact.lua
View File

@@ -1,12 +0,0 @@
local ls = require("luasnip")
local s = ls.snippet
local t = ls.text_node
local i = ls.insert_node
return {
s("preJ", {
t("<pre>{JSON.stringify("),
i(1, "object"), -- first tab stop
t(", null, 2)}</pre>"),
}),
}

14
dots/.gitconfig
View File

@@ -1,11 +1,9 @@
[include]
path = ~/.gitconfig.email
[core] [core]
editor = nvim editor = nvim
excludesfile = ~/.gitignore excludesfile = ~/.gitignore
[user] [user]
email = hektor.misplon@pm.me
name = Hektor Misplon name = Hektor Misplon
username = hektor username = hektor
signingKey = AEB98353B8D72E465C4236435151AF79E723F21C signingKey = AEB98353B8D72E465C4236435151AF79E723F21C
@@ -78,6 +76,8 @@
[merge] [merge]
tool = nvimdiff tool = nvimdiff
conflictstyle = diff3 conflictstyle = diff3
[pull]
rebase = true
[diff] [diff]
colorMoved = zebra colorMoved = zebra
[commit] [commit]
@@ -85,11 +85,3 @@
[interactive] [interactive]
singleKey = true singleKey = true
[pull]
rebase = true
[rerere]
enabled = true
[includeIf "gitdir:~/work/"]
path = ~/.gitconfig.work

2
dots/.gitconfig.email.example
View File

@@ -1,2 +0,0 @@
[user]
email = your.email@example.com

13
dots/.gitconfig.work
View File

@@ -1,13 +0,0 @@
[include]
path = ~/.gitconfig.work.email
[core]
longpaths = true
[user]
name = Hektor Misplon
username = hektor.misplon
signingKey = 1C88BE828184CEE6
[commit]
gpgsign = false

2
dots/.gitconfig.work.email.example
View File

@@ -1,2 +0,0 @@
[user]
email = your.work.email@example.com

68
flake.lock generated
View File

@@ -29,11 +29,11 @@
}, },
"locked": { "locked": {
"dir": "pkgs/firefox-addons", "dir": "pkgs/firefox-addons",
"lastModified": 1765771449, "lastModified": 1763885608,
"narHash": "sha256-ZoHRPmTzwC1ndX3NQB/b/WKtU1WduAJdLI4j8eW/QFM=", "narHash": "sha256-eFRbKKMaEHC5EaL7sxfPVFPFsr0Plzx03e1VkJkcsBA=",
"owner": "rycee", "owner": "rycee",
"repo": "nur-expressions", "repo": "nur-expressions",
"rev": "5bcf9a2aeb4d361c2ff918a146b3fcc1e136b9ca", "rev": "c94982d5890f4ff0737d57ed97503c1c8d40195c",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@@ -68,15 +68,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1765682243, "lastModified": 1758463745,
"narHash": "sha256-yeCxFV/905Wr91yKt5zrVvK6O2CVXWRMSrxqlAZnLp0=", "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "58bf3ecb2d0bba7bdf363fc8a6c4d49b4d509d03", "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@@ -84,10 +85,10 @@
"nix-secrets": { "nix-secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1765747965, "lastModified": 1763919406,
"narHash": "sha256-EHZRRC3piD6vKd4hXiqC+CcDUQCOzrH/CNAF9zBqpDQ=", "narHash": "sha256-WaGxnH7dm63syPt8E4MXbg4XVxQveXPe+cZu3iPz25w=",
"ref": "main", "ref": "main",
"rev": "a8e8d953f579939bd72b5f5c6ed332910b598554", "rev": "4423bf215047474ecb89f4d8ad63a04e734b252a",
"shallow": true, "shallow": true,
"type": "git", "type": "git",
"url": "ssh://git@github.com/hektor/nix-secrets" "url": "ssh://git@github.com/hektor/nix-secrets"
@@ -101,11 +102,11 @@
}, },
"nixCats": { "nixCats": {
"locked": { "locked": {
"lastModified": 1765766809, "lastModified": 1763330129,
"narHash": "sha256-3Xp41+Sb1zIzASa1Uu1k1RMUoJ9CGyYb0GtvvpRPBqg=", "narHash": "sha256-KbOeWIF52SV53BOeETGO2C5ewaV2Ex9iaXH7G72gOr8=",
"owner": "BirdeeHub", "owner": "BirdeeHub",
"repo": "nixCats-nvim", "repo": "nixCats-nvim",
"rev": "fe157e3ed69ed14b55ca81f597eac282caed58a2", "rev": "c81551ed87db2aefab30a12cf7425ff94dc0ad64",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -137,11 +138,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1764440730, "lastModified": 1762847253,
"narHash": "sha256-ZlJTNLUKQRANlLDomuRWLBCH5792x+6XUJ4YdFRjtO4=", "narHash": "sha256-BWWnUUT01lPwCWUvS0p6Px5UOBFeXJ8jR+ZdLX8IbrU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "9154f4569b6cdfd3c595851a6ba51bfaa472d9f3", "rev": "899dc449bc6428b9ee6b3b8f771ca2b0ef945ab9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -153,16 +154,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1765472234, "lastModified": 1763622513,
"narHash": "sha256-9VvC20PJPsleGMewwcWYKGzDIyjckEz8uWmT0vCDYK0=", "narHash": "sha256-1jQnuyu82FpiSxowrF/iFK6Toh9BYprfDqfs4BB+19M=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2fbfb1d73d239d2402a8fe03963e37aab15abe8b", "rev": "c58bc7f5459328e4afac201c5c4feb7c818d604b",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-unstable", "ref": "nixos-25.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@@ -176,7 +177,6 @@
"plugins-beancount-nvim": "plugins-beancount-nvim", "plugins-beancount-nvim": "plugins-beancount-nvim",
"plugins-crazy-node-movement": "plugins-crazy-node-movement", "plugins-crazy-node-movement": "plugins-crazy-node-movement",
"plugins-helm-ls-nvim": "plugins-helm-ls-nvim", "plugins-helm-ls-nvim": "plugins-helm-ls-nvim",
"plugins-m-taskwarrior-d-nvim": "plugins-m-taskwarrior-d-nvim",
"plugins-mcphub-nvim": "plugins-mcphub-nvim", "plugins-mcphub-nvim": "plugins-mcphub-nvim",
"plugins-nvimkit-nvim": "plugins-nvimkit-nvim", "plugins-nvimkit-nvim": "plugins-nvimkit-nvim",
"plugins-shipwright-nvim": "plugins-shipwright-nvim", "plugins-shipwright-nvim": "plugins-shipwright-nvim",
@@ -240,30 +240,14 @@
"type": "github" "type": "github"
} }
}, },
"plugins-m-taskwarrior-d-nvim": {
"flake": false,
"locked": {
"lastModified": 1764933759,
"narHash": "sha256-4lN/ZQTQ7uMcpjePbf2k913Bs9AYYS6da3iZbckA6oI=",
"owner": "huantrinh1802",
"repo": "m_taskwarrior_d.nvim",
"rev": "279d2c8bcd2779500c1bea71fb9249c97cdb503b",
"type": "github"
},
"original": {
"owner": "huantrinh1802",
"repo": "m_taskwarrior_d.nvim",
"type": "github"
}
},
"plugins-mcphub-nvim": { "plugins-mcphub-nvim": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1765628564, "lastModified": 1759035242,
"narHash": "sha256-nvWqCGRKhbUHsAM/zd+cwFdcoXXxf6EmcCkpN4mElf4=", "narHash": "sha256-I6EbgY/2sAdtrxtmH0qbAAQvMCHhOsfolJfblV0fXOk=",
"owner": "ravitemer", "owner": "ravitemer",
"repo": "mcphub.nvim", "repo": "mcphub.nvim",
"rev": "5193329d510a68f1f5bf189960642c925c177a3a", "rev": "8ff40b5edc649959bb7e89d25ae18e055554859a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -340,11 +324,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1765684837, "lastModified": 1763870012,
"narHash": "sha256-fJCnsYcpQxxy/wit9EBOK33c0Z9U4D3Tvo3gf2mvHos=", "narHash": "sha256-AHxFfIu73SpNLAOZbu/AvpLhZ/Szhx6gRPj9ufZtaZA=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "94d8af61d8a603d33d1ed3500a33fcf35ae7d3bc", "rev": "4e7d74d92398b933cc0e0e25af5b0836efcfdde3",
"type": "github" "type": "github"
}, },
"original": { "original": {

35
flake.nix
View File

@@ -1,10 +1,11 @@
{ {
inputs = { inputs = {
nixpkgs = { nixpkgs = {
url = "github:nixos/nixpkgs/nixos-unstable"; url = "github:nixos/nixpkgs?ref=nixos-25.05";
}; };
nixos-hardware = { nixos-hardware = {
url = "github:NixOS/nixos-hardware/master"; url = "github:NixOS/nixos-hardware/master";
inputs.nixpkgs.follows = "nixpkgs";
}; };
disko = { disko = {
url = "github:nix-community/disko/latest"; url = "github:nix-community/disko/latest";
@@ -19,7 +20,7 @@
flake = false; flake = false;
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixgl = { nixgl = {
@@ -50,9 +51,6 @@
nvim, nvim,
}@inputs: }@inputs:
let let
lib = inputs.nixpkgs.lib;
utils = import ./utils { inherit lib; };
hostDirNames = utils.dirNames ./hosts;
system = "x86_64-linux"; system = "x86_64-linux";
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
@@ -60,21 +58,28 @@
}; };
in in
{ {
nix.nixPath = [ nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; # <https://github.com/nix-community/nixd/blob/main/nixd/docs/configuration.md>
"nixpkgs=${inputs.nixpkgs}" nixosConfigurations = {
]; # <https://github.com/nix-community/nixd/blob/main/nixd/docs/configuration.md> vm = nixpkgs.lib.nixosSystem {
nixosConfigurations = lib.genAttrs hostDirNames ( modules = [ ./hosts/vm ];
host:
nixpkgs.lib.nixosSystem {
modules = [ ./hosts/${host} ];
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
} };
); andromache = nixpkgs.lib.nixosSystem {
modules = [ ./hosts/andromache ];
specialArgs = { inherit inputs; };
};
astyanax = nixpkgs.lib.nixosSystem {
modules = [ ./hosts/astyanax ];
specialArgs = { inherit inputs; };
};
};
homeConfigurations = { homeConfigurations = {
work = home-manager.lib.homeManagerConfiguration { work = home-manager.lib.homeManagerConfiguration {
inherit pkgs; inherit pkgs;
modules = [ ./home/hosts/work ]; modules = [ ./home/hosts/work ];
extraSpecialArgs = { inherit inputs; }; extraSpecialArgs = {
inherit inputs;
};
}; };
}; };
}; };

84
home/hosts/andromache/default.nix
View File

@@ -1,83 +1 @@
{ import ../astyanax
lib,
inputs,
config,
pkgs,
...
}:
let
username = "h";
in
{
imports = [
../../modules/desktop/niri
../../modules/git.nix
../../modules/k9s.nix
(import ../../modules/taskwarrior.nix {
inherit config;
inherit pkgs;
})
(import ../../modules/keepassxc.nix { inherit pkgs; })
(import ../../modules/anki.nix {
inherit config;
inherit pkgs;
})
];
home.stateVersion = "25.05";
home.username = username;
home.homeDirectory = "/home/${username}";
xdg.userDirs.createDirectories = false;
xdg.userDirs.download = "${config.home.homeDirectory}/dl";
programs = {
bash = {
enable = true;
enableCompletion = true;
initExtra = ''
for f in /home/${username}/.bashrc.d/*; do
[ -f "$f" ] && source "$f"
done
source /home/${username}/.bash_aliases/all
source /home/${username}/.bash_aliases/lang-js
# host-specific config goes here
# ...
export PATH=${../../../dots/.bin}:$PATH
'';
};
firefox = import ../../modules/firefox.nix {
inherit inputs;
inherit pkgs;
inherit config;
};
fzf = {
enable = true;
enableBashIntegration = true;
};
home-manager.enable = true;
taskwarrior.config.recurrence = lib.mkForce "on";
};
home.packages = import ../packages.nix {
inherit pkgs;
inherit config;
};
home.file = {
".inputrc".source = ../../../dots/.inputrc;
".bashrc.d/prompt".source = ../../../dots/.bashrc.d/prompt;
".bashrc.d/editor".source = ../../../dots/.bashrc.d/editor;
".bash_aliases/all".source = ../../../dots/.bash_aliases/all;
".bash_aliases/lang-js".source = ../../../dots/.bash_aliases/lang-js;
".config/kitty/kitty.conf".source = ../../../dots/.config/kitty/kitty.conf;
".config/kitty/themes/zenwritten_light.conf".source =
../../../dots/.config/kitty/themes/zenwritten_light.conf;
".config/kitty/themes/zenwritten_dark.conf".source =
../../../dots/.config/kitty/themes/zenwritten_dark.conf;
};
}

13
home/hosts/astyanax/default.nix
View File

@@ -10,14 +10,12 @@ let
in in
{ {
imports = [ imports = [
../../modules/desktop/niri ../../modules/dconf.nix # TODO: Only enable when on Gnome?
../../modules/git.nix ../../modules/git.nix
../../modules/k9s.nix
(import ../../modules/taskwarrior.nix { (import ../../modules/taskwarrior.nix {
inherit config; inherit config;
inherit pkgs; inherit pkgs;
}) })
(import ../../modules/keepassxc.nix { inherit pkgs; })
]; ];
home.stateVersion = "25.05"; home.stateVersion = "25.05";
@@ -32,12 +30,12 @@ in
enable = true; enable = true;
enableCompletion = true; enableCompletion = true;
initExtra = '' initExtra = ''
for f in /home/${username}/.bashrc.d/*; do for f in /home/h/.bashrc.d/*; do
[ -f "$f" ] && source "$f" [ -f "$f" ] && source "$f"
done done
source /home/${username}/.bash_aliases/all source /home/h/.bash_aliases/all
source /home/${username}/.bash_aliases/lang-js source /home/h/.bash_aliases/lang-js
# host-specific config goes here # host-specific config goes here
# ... # ...
@@ -55,9 +53,10 @@ in
enableBashIntegration = true; enableBashIntegration = true;
}; };
home-manager.enable = true; home-manager.enable = true;
keepassxc = import ../../modules/keepassxc.nix;
}; };
home.packages = import ../packages.nix { home.packages = import ./packages.nix {
inherit pkgs; inherit pkgs;
inherit config; inherit config;
}; };

53
home/hosts/astyanax/packages.nix Normal file
View File

@@ -0,0 +1,53 @@
{ pkgs, ... }:
with pkgs;
[
bash-completion
bash-language-server
bat
brightnessctl
entr
eslint_d
feh
fzf
gh
git
haskell-language-server
haskellPackages.pandoc-crossref
haskellPackages.hadolint
htop
jq
kitty
lua-language-server
nixfmt-rfc-style
nmap
nodejs_24
nodePackages.ts-node
nvimpager
ormolu
pandoc
parallel
pass
pnpm
ripgrep
silver-searcher
sops
sshfs
stylelint
svelte-language-server
tailwindcss-language-server
tldr
tmux
tmuxp
tree
tree-sitter
typescript-language-server
unzip
vim-language-server
vimPlugins.vim-plug
vtsls
wget
xbanish
xclip
yaml-language-server
]

36
home/hosts/packages.nix
View File

@@ -1,36 +0,0 @@
{ pkgs, ... }:
with pkgs;
[
bash-completion
bat
entr
feh
fzf
gh
git
haskellPackages.pandoc-crossref
htop
jq
kitty
nixfmt-rfc-style
nmap
nodejs_24
nvimpager
pandoc
parallel
pass
pnpm
ripgrep
signal-desktop
silver-searcher
sops
sshfs
tldr
tmux
tmuxp
tree
unzip
vimPlugins.vim-plug
wget
]

27
home/hosts/work/default.nix
View File

@@ -10,37 +10,38 @@ let
in in
{ {
imports = [ imports = [
../../modules/dconf.nix ../../modules/dconf.nix # TODO: Only enable when on Gnome?
../../modules/git.nix
../../modules/k9s.nix
(import ../../modules/keepassxc.nix { inherit pkgs; })
]; ];
nixpkgs.config.allowUnfree = true;
home.stateVersion = "25.05"; home.stateVersion = "25.05";
home.username = username; home.username = username;
home.homeDirectory = "/home/${username}"; home.homeDirectory = "/home/${username}";
targets.genericLinux.nixGL = { sops = {
defaultSopsFile = "${builtins.toString inputs.nix-secrets}/secrets.yaml";
defaultSopsFormat = "yaml";
age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
secrets."test" = { };
};
nixGL = {
packages = inputs.nixgl.packages; packages = inputs.nixgl.packages;
defaultWrapper = "mesa"; defaultWrapper = "mesa";
}; };
programs = { programs = {
# editorconfig.enable = true; anki = import ../../modules/anki.nix;
firefox = import ../../modules/firefox.nix { firefox = import ../../modules/firefox.nix {
inherit inputs; inherit inputs;
inherit pkgs; inherit pkgs;
inherit config; inherit config;
}; };
gh.enable = true; git = import ../../modules/git.nix;
kubecolor.enable = true; keepassxc = import ../../modules/keepassxc.nix;
}; };
home.packages = import ./packages.nix { home.packages = import ./packages.nix {
inherit inputs;
inherit config;
inherit pkgs; inherit pkgs;
inherit config;
}; };
} }

98
home/hosts/work/packages.local.nix
View File

@@ -1,98 +0,0 @@
{
inputs,
config,
pkgs,
...
}:
with pkgs;
[
age
aider-chat
argocd
azure-cli
bat
biome
(config.lib.nixGL.wrap bruno)
chromium
clang
claude-code
(config.lib.nixGL.wrap code-cursor)
curl
dconf2nix
dive
emmet-language-server
eslint_d
flameshot
fluxcd
fzf
fzf-git-sh
git-machete
github-copilot-cli
glab
go
hadolint
hello
helm-ls
htop
input-leap
jira-cli-go
jq
k3d
(config.lib.nixGL.wrap kitty)
kubectl
kubernetes
kubernetes-helm
kustomize
lua
lua-language-server
minikube
ncspot
nil
nixd
nixfmt-rfc-style
# nodejs
nodejs_24
nvimpager
(config.lib.nixGL.wrap obsidian)
pavucontrol
# pgadmin4
prettierd
responder
ripgrep
rust-analyzer
rustlings
shellcheck
(config.lib.nixGL.wrap signal-desktop)
silver-searcher
sleuthkit
spotify
starship
stylua
taskopen
taskwarrior3
(config.lib.nixGL.wrap teams-for-linux)
opentofu
sops
tldr
tmux
tree
tree-sitter
tsx
upbound
vault-bin
(config.lib.nixGL.wrap vscode)
vscode-langservers-extracted
vtsls
yaml-language-server
xclip
xmage
yamllint
yarn
(python311.withPackages (ppkgs: [
ppkgs.plyer
ppkgs.dbus-python
]))
# flakes
inputs.nvim.packages.x86_64-linux.nvim
]

21
home/hosts/work/packages.nix
View File

@@ -1,19 +1,4 @@
{ { pkgs, config, ... }:
inputs,
config,
pkgs,
...
}:
let with pkgs;
localPackages = [ ]
if builtins.pathExists ./packages.local.nix then
import ./packages.local.nix { inherit inputs config pkgs; }
else
[ ];
in
(with pkgs; [
inputs.nvim.packages.x86_64-linux.nvim
])
++ localPackages

13
home/modules/anki.nix
View File

@@ -1,16 +1,3 @@
{ config, pkgs, ... }:
{ {
programs.anki = {
enable = true; enable = true;
addons = with pkgs.ankiAddons; [
anki-connect
puppy-reinforcement
review-heatmap
];
sync = {
usernameFile = "${config.sops.secrets."anki_sync_user".path}";
keyFile = "${config.sops.secrets."anki_sync_key".path}";
};
};
} }

102
home/modules/dconf.nix
View File

@@ -7,107 +7,5 @@
"org/gnome/desktop/interface" = { "org/gnome/desktop/interface" = {
color-scheme = "prefer-dark"; color-scheme = "prefer-dark";
}; };
"org/gnome/desktop/applications/terminal" = {
exec = "kitty";
exec-arg = "";
};
"org/gnome/desktop/background" = {
color-shading-type = "solid";
picture-opacity = 100;
picture-options = "zoom";
picture-uri = "none";
picture-uri-dark = "none";
primary-color = "#555555";
secondary-color = "#555555";
show-desktop-icons = false;
};
# "org/gnome/desktop/input-sources" = {
# sources = [
# (mkTuple [
# "xkb"
# "us"
# ])
# ];
# xkb-options = [ "caps:none" ];
# };
"org/gnome/desktop/wm/keybindings" = {
close = [ "<Shift><Super>Delete" ];
cycle-group = [ ];
cycle-group-backward = [ ];
cycle-panels = [ ];
cycle-panels-backward = [ ];
cycle-windows = [ ];
cycle-windows-backward = [ ];
maximize = [ "<Super> " ];
minimize = [ ];
move-to-workspace-1 = [ "<Super><Shift>a" ];
move-to-workspace-2 = [ "<Super><Shift>s" ];
move-to-workspace-3 = [ "<Super><Shift>d" ];
move-to-workspace-4 = [ "<Super><Shift>f" ];
move-to-workspace-5 = [ "<Super><Shift>g" ];
move-to-workspace-last = [ ];
move-to-workspace-left = [ "<Super><Shift>h" ];
move-to-workspace-right = [ "<Super><Shift>l" ];
panel-run-dialog = [ ];
switch-applications = [ "<Super>j" ];
switch-applications-backward = [ "<Super>k" ];
switch-group = [ ];
switch-group-backward = [ ];
switch-input-source = [ ];
switch-input-source-backward = [ ];
switch-panels = [ ];
switch-panels-backward = [ ];
switch-to-workspace-1 = [ "<Super>a" ];
switch-to-workspace-2 = [ "<Super>s" ];
switch-to-workspace-3 = [ "<Super>d" ];
switch-to-workspace-4 = [ "<Super>f" ];
switch-to-workspace-5 = [ "<Super>g" ];
switch-to-workspace-last = [ ];
switch-to-workspace-left = [ "<Super>h" ];
switch-to-workspace-right = [ "<Super>l" ];
switch-windows = [ ];
switch-windows-backward = [ ];
toggle-maximized = [ "<Super>space" ];
unmaximize = [ ];
};
"org/gnome/desktop/wm/preferences" = {
num-workspaces = 5;
workspace-names = [
"sh"
"www"
"dev"
"info"
"etc"
];
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/"
];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "Print";
command = "flameshot gui";
name = "flameshot";
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = {
binding = "<Super>Return";
command = "kitty";
name = "Kitty";
};
"org/gnome/shell/keybindings" = {
screenshot = [ "Print" ];
toggle-application-view = [ "<Super>p" ];
toggle-quick-settings = [ ];
};
}; };
} }

183
home/modules/desktop/niri/config.kdl
View File

@@ -1,183 +0,0 @@
input {
touchpad {
tap
natural-scroll
}
mouse {
accel-profile "flat"
}
}
// NOTE: monitors are managed using `shikane` instead, as I assume this to be
// too limited for multiple multimonitor configurations. Below is an example
// for a simple, fixed, vertical dual monitor setup
// output "eDP-1" {
// position x=0 y=1440
// }
//
// output "DP-5" {
// position x=0 y=0
// }
layout {
gaps 4
struts {}
center-focused-column "never"
preset-column-widths {
proportion 0.382
proportion 0.618
proportion 1.0
}
default-column-width { }
focus-ring {
off
}
border {
width 2
active-color "#555555"
inactive-color "#55555511"
urgent-color "#ff0000"
}
shadow {
on
softness 32
spread 4
offset x=0 y=0
color "#0007"
}
}
spawn-at-startup "wlsunset -l 51.05 -L 3.72"
spawn-at-startup "waybar"
hotkey-overlay {
skip-at-startup
}
prefer-no-csd
screenshot-path "~/doc/screenshots/%Y-%m-%d %H-%M-%S.png"
// https://yalter.github.io/niri/Configuration:-Animations
animations {
slowdown 0.66
}
window-rule {
match app-id=r#"firefox$"# title="^Picture-in-Picture$"
open-floating true
}
window-rule {
match app-id=r#"^org\.keepassxc\.KeePassXC$"#
block-out-from "screen-capture"
}
window-rule {
geometry-corner-radius 0
clip-to-geometry true
}
gestures {
hot-corners {
off
}
}
binds {
Mod+Slash { show-hotkey-overlay; }
Mod+Return hotkey-overlay-title="Open a Terminal: kitty" { spawn "kitty"; }
Mod+P hotkey-overlay-title="Run an Application: fuzzel" { spawn "fuzzel"; }
Super+Alt+L hotkey-overlay-title="Lock the Screen: swaylock" { spawn "swaylock"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.1-"; }
XF86AudioMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"; }
Mod+Shift+XF86Display { power-off-monitors; }
XF86MonBrightnessUp allow-when-locked=true { spawn "brightnessctl" "--class=backlight" "set" "+10%"; }
XF86MonBrightnessDown allow-when-locked=true { spawn "brightnessctl" "--class=backlight" "set" "10%-"; }
Mod+O repeat=false { toggle-overview; }
Mod+Delete repeat=false { close-window; }
Mod+H { focus-column-left; }
Mod+J { focus-window-or-workspace-down; }
Mod+K { focus-window-or-workspace-up; }
Mod+L { focus-column-right; }
Mod+Shift+H { move-column-left; }
Mod+Shift+J { move-window-down-or-to-workspace-down; }
Mod+Shift+K { move-window-up-or-to-workspace-up; }
Mod+Shift+L { move-column-right; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Left { focus-monitor-left; }
Mod+Down { focus-monitor-down; }
Mod+Up { focus-monitor-up; }
Mod+Right { focus-monitor-right; }
Mod+Shift+Left { move-column-to-monitor-left; }
Mod+Shift+Down { move-column-to-monitor-down; }
Mod+Shift+Up { move-column-to-monitor-up; }
Mod+Shift+Right { move-column-to-monitor-right; }
Mod+Ctrl+Up { move-workspace-down; }
Mod+Ctrl+Down { move-workspace-up; }
// Mod+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
// Mod+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
// Mod+Shift+WheelScrollDown cooldown-ms=150 { move-window-down-or-to-workspace-down; }
// Mod+Shift+WheelScrollUp cooldown-ms=150 { move-window-up-or-to-workspace-up; }
// Mod+A { focus-workspace 1; }
// Mod+S { focus-workspace 2; }
// Mod+D { focus-workspace 3; }
// Mod+F { focus-workspace 4; }
// Mod+Shift+A { move-column-to-workspace 1; }
// Mod+Shift+S { move-column-to-workspace 2; }
// Mod+Shift+D { move-column-to-workspace 3; }
// Mod+Shift+F { move-column-to-workspace 4; }
Mod+Tab { focus-workspace-previous; }
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
Mod+Comma { consume-window-into-column; }
Mod+Period { expel-window-from-column; }
Mod+N { switch-preset-column-width; }
Mod+Shift+N { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+Space { maximize-column; }
Mod+Shift+Space { fullscreen-window; }
Mod+Escape { toggle-window-floating; }
Mod+Shift+Escape { switch-focus-between-floating-and-tiling; }
Mod+Ctrl+F { expand-column-to-available-width; }
Mod+C { center-column; }
Mod+Ctrl+C { center-visible-columns; }
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
Mod+W { toggle-column-tabbed-display; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
Mod+Shift+Delete { quit; }
}

18
home/modules/desktop/niri/default.nix
View File

@@ -1,18 +0,0 @@
{ pkgs, ... }:
{
imports = [
../../fuzzel
../../mako
../../shikane
../../waybar
];
home = {
file.".config/niri/config.kdl".source = ./config.kdl;
packages = with pkgs; [
wl-clipboard
wlsunset
];
};
}

4
home/modules/firefox.nix
View File

@@ -5,6 +5,9 @@
nativeMessagingHosts = with pkgs; [ nativeMessagingHosts = with pkgs; [
tridactyl-native tridactyl-native
]; ];
policies = {
DefaultDownloadDirectory = "\${home}/dl";
};
profiles = { profiles = {
default = { default = {
settings = { settings = {
@@ -54,7 +57,6 @@
}; };
}; };
policies = { policies = {
DefaultDownloadDirectory = "\${home}/dl";
ExtensionSettings = { ExtensionSettings = {
"jid1-ZAdIEUB7XOzOJw@jetpack" = { "jid1-ZAdIEUB7XOzOJw@jetpack" = {
default_area = "navbar"; default_area = "navbar";

28
home/modules/fuzzel/default.nix
View File

@@ -1,28 +0,0 @@
{
programs.fuzzel = {
enable = true;
settings = {
main = {
font = "Iosevka Term SS08";
horizontal-pad = 0;
vertical-pad = 0;
};
colors = {
background = "ccccccff";
text = "111111ff";
prompt = "ccccccff";
placeholder = "aaaaaaff";
input = "111111ff";
selection = "eeeeeeff";
selection-text = "111111ff";
selection-match = "333333ff";
counter = "111111ff";
border = "111111ff";
};
border = {
width = 2;
radius = 0;
};
};
};
}

1
home/modules/git.nix
View File

@@ -2,7 +2,6 @@
programs.git.enable = true; programs.git.enable = true;
home.file = { home.file = {
".gitconfig".source = ../../dots/.gitconfig; ".gitconfig".source = ../../dots/.gitconfig;
".gitconfig.work".source = ../../dots/.gitconfig.work;
".gitignore".source = ../../dots/.gitignore; ".gitignore".source = ../../dots/.gitignore;
}; };
} }

11
home/modules/k9s.nix
View File

@@ -1,11 +0,0 @@
{
programs.k9s = {
enable = true;
settings.k9s = {
ui = {
logoless = true;
reactive = true;
};
};
};
}

9
home/modules/keepassxc.nix
View File

@@ -1,11 +1,4 @@
{ pkgs, ... }:
{ {
programs.keepassxc = {
enable = true; enable = true;
settings = { # TODO: https://mynixos.com/home-manager/option/programs.keepassxc.settings
Browser.Enabled = true;
};
};
# programs.firefox.nativeMessagingHosts = [ pkgs.keepassxc ]; # FIXME: Resolve 'Access error for config file $HOME/.config/keepassxc/keepassxc.ini' error
} }

5
home/modules/mako/default.nix
View File

@@ -1,5 +0,0 @@
{
services.mako = {
enable = true;
};
}

6
home/modules/shikane/default.nix
View File

@@ -1,6 +0,0 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [ wdisplays ];
services.shikane.enable = true;
}

2
home/modules/taskwarrior.nix
View File

@@ -44,7 +44,7 @@
# config.sops.secrets."taskwarrior_sync_encryption_secret".path # config.sops.secrets."taskwarrior_sync_encryption_secret".path
# }"; # }";
# }; # };
recurrence = "off"; recurrence = "off"; # TODO: enable only on andromache
}; };
extraConfig = "include ${config.sops.templates."taskrc.d/sync".path}"; extraConfig = "include ${config.sops.templates."taskrc.d/sync".path}";
}; };

57
home/modules/waybar/config.jsonc
View File

@@ -1,57 +0,0 @@
[
{
"height": 16,
"spacing": 4,
"modules-left": ["niri/workspaces"],
"modules-right": [
"pulseaudio",
"memory",
"cpu",
"network",
"clock",
"battery",
],
"clock": {
"format": "W{:%V %d %b %H:%M}",
"tooltip-format": "{calendar}",
"format-alt": "{:%Y-%m-%d %H:%M:%S}",
},
"battery": {
"bat": "BAT0",
"adapter": "ADP1",
"interval": 5,
"full-at": 99,
"states": {
"good": 80,
"warning": 20,
"critical": 10,
},
"format": "{capacity}%--",
"format-charging": "{capacity}%++",
"format-plugged": "{capacity}%",
"format-alt": "{time} {power}W",
},
"pulseaudio": {
"format": "VOL {volume}%",
"format-muted": "muted",
"on-click": "pavucontrol",
},
"memory": {
"interval": 2,
"format": "RAM {percentage}%",
"format-alt": "RAM {used:0.1f}G/{total:0.1f}G",
},
"cpu": {
"interval": 2,
"format": "CPU {usage}%",
"format-alt": "CPU {avg_frequency}GHz",
},
"network": {
"interval": 5,
"format-wifi": "{ifname} {ipaddr} {essid}",
"format-ethernet": "{ifname} {ipaddr}",
"format-disconnected": "{ifname} disconnected",
"tooltip-format": "{ifname}: {ipaddr}/{cidr}",
},
},
]

8
home/modules/waybar/default.nix
View File

@@ -1,8 +0,0 @@
{
programs.waybar = {
enable = true;
};
home.file.".config/waybar/config.jsonc".source = ./config.jsonc;
home.file.".config/waybar/style.css".source = ./style.css;
}

56
home/modules/waybar/style.css
View File

@@ -1,56 +0,0 @@
* {
font-family:
Iosevka Term SS08,
monospace;
font-size: 12px;
border-radius: 0px;
}
.modules-left,
.modules-center,
.modules-right {
margin: 4px;
margin-bottom: 0;
}
window#waybar {
background-color: transparent;
}
window#waybar.hidden {
opacity: 0.2;
}
#workspaces button {
padding: 0;
background-color: transparent;
}
#workspaces button:hover {
background: #000000;
}
#workspaces button.focused,
#workspaces button.active {
background-color: #111111;
}
#workspaces button.urgent {
background-color: #eb4d4b;
}
#clock,
#battery,
#pulseaudio,
#memory,
#cpu,
#network {
padding: 0 4px;
color: #ffffff;
background-color: #111111;
}
#window,
#workspaces {
margin: 0;
}

58
hosts/andromache/default.nix
View File

@@ -8,28 +8,28 @@
let let
username = "h"; username = "h";
wolInterfaces = import ./wol-interfaces.nix;
in in
{ {
system.stateVersion = "25.05";
imports = [ imports = [
../../modules/common
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default
./hard.nix ./hard.nix
../../modules/boot/bootloader.nix ../../modules/bootloader.nix
(import ../../modules/disko/zfs-encrypted-root.nix { (import ../../modules/disko.zfs-encrypted-root.nix {
device = "/dev/nvme1n1"; device = "/dev/nvme1n1";
inherit lib; inherit lib;
inherit config; inherit config;
}) })
../../modules/desktops/niri ../../modules/gnome.nix
../../modules/bluetooth ../../modules/bluetooth.nix
../../modules/keyboard ../../modules/keyboard
(import ../../modules/networking { hostName = "andromache"; }) (import ../../modules/networking.nix { hostName = "andromache"; })
../../modules/users ../../modules/users.nix
../../modules/audio ../../modules/audio.nix
../../modules/localization ../../modules/localization.nix
../../modules/fonts ../../modules/fonts
../../modules/ssh/hardened-openssh.nix ../../modules/ssh/hardened-openssh.nix
(import ../../modules/secrets { (import ../../modules/secrets {
@@ -37,11 +37,9 @@ in
inherit inputs; inherit inputs;
inherit config; inherit config;
}) })
../../modules/docker
]; ];
secrets.username = username; secrets.username = username;
docker.user = username;
disko.devices = { disko.devices = {
disk.data = { disk.data = {
@@ -78,17 +76,27 @@ in
environment.systemPackages = [ inputs.nvim.packages.x86_64-linux.nvim ]; environment.systemPackages = [ inputs.nvim.packages.x86_64-linux.nvim ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true;
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
users.${username} = import ../../home/hosts/andromache { users.${username} = import ../../home/hosts/andromache {
inherit lib;
inherit inputs; inherit inputs;
inherit config; inherit config;
inherit pkgs; inherit pkgs;
}; };
}; };
networking = {
hostId = "80eef97e";
};
services.xserver = { services.xserver = {
videoDrivers = [ "nvidia" ]; videoDrivers = [ "nvidia" ];
}; };
@@ -101,18 +109,16 @@ in
services.syncthing = { services.syncthing = {
enable = true; enable = true;
openDefaultPorts = true; openDefaultPorts = true;
settings = {
devices = {
# "device1" = {
# id = "DEVICE-ID-GOES-HERE";
# };
};
folders = { folders = {
"/home/${username}/sync" = { "/home/${username}/sync" = {
id = "sync"; id = "sync";
devices = [ ]; devices = [ ];
}; };
}; };
devices = {
# "device1" = {
# id = "DEVICE-ID-GOES-HERE";
# };
}; };
}; };
@@ -120,18 +126,4 @@ in
enable = true; enable = true;
package = pkgs.plocate; package = pkgs.plocate;
}; };
networking = {
# TODO: generate unique hostId on actual host with: head -c 8 /etc/machine-id
hostId = "80eef97e";
interfaces = {
eno1 = {
wakeOnLan.enable = true;
macAddress = wolInterfaces.eno1.macAddress;
};
};
firewall = {
allowedUDPPorts = [ 9 ];
};
};
} }

23
hosts/andromache/hard.nix
View File

@@ -1,29 +1,14 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, pkgs, modulesPath, ... }:
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = [ imports =
(modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [ "vmd" "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "uas" "sd_mod" ];
"vmd"
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"uas"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];

3
hosts/andromache/wol-interfaces.nix
View File

@@ -1,3 +0,0 @@
{
eno1.macAddress = "02:68:b3:29:da:98";
}

61
hosts/astyanax/default.nix
View File

@@ -8,30 +8,29 @@
let let
username = "h"; username = "h";
hostName = "astyanax"; hostName = "astynanax";
wolInterfaces = import ../andromache/wol-interfaces.nix;
in in
{ {
system.stateVersion = "25.05";
imports = [ imports = [
../../modules/common
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-e14-intel
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default
./hard.nix ./hard.nix
../../modules/boot/bootloader.nix ../../modules/bootloader.nix
(import ../../modules/disko/zfs-encrypted-root.nix { (import ../../modules/disko.zfs-encrypted-root.nix {
inherit lib; inherit lib;
inherit config; inherit config;
device = "/dev/nvme0n1"; device = "/dev/nvme0n1";
}) })
../../modules/desktops/niri ../../modules/gnome.nix
../../modules/bluetooth ../../modules/bluetooth.nix
../../modules/keyboard ../../modules/keyboard
(import ../../modules/networking { hostName = hostName; }) (import ../../modules/networking.nix { hostName = hostName; })
../../modules/users ../../modules/users.nix
../../modules/audio ../../modules/audio.nix
../../modules/localization ../../modules/localization.nix
../../modules/fonts ../../modules/fonts
../../modules/ssh/hardened-openssh.nix ../../modules/ssh/hardened-openssh.nix
(import ../../modules/secrets { (import ../../modules/secrets {
@@ -42,40 +41,21 @@ in
}) })
]; ];
hardware = {
cpu.intel.updateMicrocode = true;
# https://wiki.nixos.org/wiki/Intel_Graphics
graphics = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
vpl-gpu-rt
];
};
};
# https://wiki.nixos.org/wiki/Intel_Graphics
environment.sessionVariables = {
LIBVA_DRIVER_NAME = "iHD";
};
secrets.username = username; secrets.username = username;
environment.systemPackages = [ environment.systemPackages = [ inputs.nvim.packages.x86_64-linux.nvim ];
inputs.nvim.packages.x86_64-linux.nvim
(pkgs.writeShellApplication { nix.settings.experimental-features = [
name = "wol-andromache"; "nix-command"
runtimeInputs = [ pkgs.wakeonlan ]; "flakes"
text = ''
wakeonlan ${wolInterfaces.eno1.macAddress}
'';
})
]; ];
nixpkgs.config.allowUnfree = true;
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
users.${username} = import ../../home/hosts/astyanax { users.${username} = import ../../home/hosts/${hostName} {
inherit inputs; inherit inputs;
inherit config; inherit config;
inherit pkgs; inherit pkgs;
@@ -83,12 +63,9 @@ in
}; };
networking = { networking = {
# TODO: generate unique hostId on actual host with: head -c 8 /etc/machine-id
hostId = "80eef97e"; hostId = "80eef97e";
}; };
services.throttled.enable = false;
services.openssh = { services.openssh = {
enable = true; enable = true;
harden = true; harden = true;

60
hosts/hecuba/default.nix
View File

@@ -1,60 +0,0 @@
{ pkgs, ... }:
# Also see <https://wiki.nixos.org/wiki/Install_NixOS_on_Hetzner_Cloud>
{
imports = [
./hard.nix
../../modules/common
../../modules/ssh/hardened-openssh.nix
];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "ext4";
};
swapDevices = [
{
device = "/dev/disk/by-label/swap";
}
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
users.users = {
root.hashedPassword = "!";
username = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOOXPEhdKOVnb6mkeLLUcFGt+mnUR5pMie17JtjrxwgO h@andromache"
];
};
};
security.sudo.wheelNeedsPassword = false;
networking = {
firewall.enable = true;
};
environment.systemPackages = with pkgs; [
vim
git
];
services.fail2ban = {
enable = true;
maxretry = 5;
};
services.openssh = {
enable = true;
harden = true;
};
}

37
hosts/hecuba/hard.nix
View File

@@ -1,37 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

37
hosts/vm/default.nix
View File

@@ -1,42 +1,39 @@
{ {
lib,
inputs, inputs,
config, config,
pkgs, pkgs,
... ...
}: }:
let
username = "h";
in
{ {
system.stateVersion = "25.05";
imports = [ imports = [
../../modules/common inputs.nixos-hardware.nixosModules.lenovo-thinkpad-e14-intel
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
inputs.sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default
./hard.nix ./hard.nix
./disk.nix ./disk.nix
../../modules/boot/bootloader.nix ../../modules/bootloader.nix
../../modules/keyboard ../../modules/keyboard
(import ../../modules/networking { hostName = "vm"; }) (import ../../modules/networking.nix { hostName = "vm"; })
../../modules/users ../../modules/users.nix
../../modules/audio ../../modules/audio.nix
../../modules/localization ../../modules/localization.nix
../../modules/x ../../modules/x.nix
../../modules/fonts ../../modules/fonts
../../modules/ssh/hardened-openssh.nix ../../modules/ssh/hardened-openssh.nix
(import ../../modules/secrets {
inherit lib;
inherit inputs;
inherit config;
})
]; ];
secrets.username = username;
environment.systemPackages = [ inputs.nvim.packages.x86_64-linux.nvim ]; environment.systemPackages = [ inputs.nvim.packages.x86_64-linux.nvim ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true;
disko = { disko = {
devices.disk.main.device = "/dev/vda"; devices.disk.main.device = "/dev/vda";
devices.disk.main.imageName = "nixos-vm"; devices.disk.main.imageName = "nixos-vm";
@@ -58,7 +55,7 @@ in
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
users.${username} = import ../../home/hosts/vm { users.h = import ../../home/hosts/vm {
inherit inputs; inherit inputs;
inherit config; inherit config;
inherit pkgs; inherit pkgs;

1
modules/audio/default.nix → modules/audio.nix
View File

@@ -9,5 +9,4 @@
alsa.support32Bit = true; alsa.support32Bit = true;
pulse.enable = true; pulse.enable = true;
}; };
services.pulseaudio.extraConfig = "load-module module-switch-on-connect";
} }

3
modules/bluetooth.nix Normal file
View File

@@ -0,0 +1,3 @@
{
hardware.bluetooth.enable = true;
}

15
modules/bluetooth/default.nix
View File

@@ -1,15 +0,0 @@
{
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Experimental = true;
FastConnectable = true;
};
Policy = {
AutoEnable = true;
};
};
};
}

0
modules/boot/bootloader.nix → modules/bootloader.nix
View File

10
modules/common/default.nix
View File

@@ -1,10 +0,0 @@
{
system.stateVersion = "25.05";
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true;
}

8
modules/desktops/niri/default.nix
View File

@@ -1,8 +0,0 @@
{
programs.niri.enable = true;
services.dbus.enable = true;
xdg = {
portal.enable = true;
};
}

0
modules/disko/zfs-encrypted-root.nix → modules/disko.zfs-encrypted-root.nix
View File

44
modules/docker/default.nix
View File

@@ -1,44 +0,0 @@
{ config, lib, ... }:
let
cfg = config.docker;
in
{
options.docker = {
rootless = lib.mkOption {
type = lib.types.bool;
default = false;
};
user = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
};
};
config = lib.mkMerge [
{
warnings = lib.flatten [
(lib.optional (
cfg.rootless && cfg.user != null
) "'virtualisation.docker.user' is ignored when rootless mode is enabled")
(lib.optional (
!cfg.rootless && cfg.user == null
) "'virtualisation.docker.user' is not set (no user is added to the docker group)")
];
}
(lib.mkIf cfg.rootless {
virtualisation.docker = {
enable = false;
rootless = {
enable = true;
setSocketVariable = true;
};
};
})
(lib.mkIf (!cfg.rootless && cfg.user != null) {
virtualisation.docker = {
enable = true;
};
users.users.${cfg.user}.extraGroups = [ "docker" ];
})
];
}

0
modules/desktops/gnome.nix → modules/gnome.nix
View File

79
modules/k3s/default.nix
View File

@@ -1,79 +0,0 @@
{ pkgs, ... }:
{
# TODO: see if this works with podman
# TODO: check if docker/podman is enabled
# Rootless K3S
# FIXME
environment.systemPackages = with pkgs; [
k3s
rootlesskit
slirp4netns
];
# running K3S on rootless docker was causing the following error: "failed to find cpuset cgroup (v2)" (in `docker logs k3d-lab-server-0` output)
#
# see <https://docs.k3s.io/advanced#known-issues-with-rootless-mode>
# see <https://rootlesscontaine.rs/getting-started/common/cgroup2/>
# see <https://discourse.nixos.org/t/declarative-rootless-k3s/49839>
systemd.services."user@".serviceConfig.Delegate = "cpu cpuset io memory pids";
# taken from <https://github.com/k3s-io/k3s/blob/main/k3s-rootless.service> as described in <https://docs.k3s.io/advanced#known-issues-with-rootless-mode#Rootless>
systemd.user.services."k3s-rootless" = with pkgs; {
path = with pkgs; [
"${rootlesskit}"
"${slirp4netns}"
"${fuse-overlayfs}"
"${fuse3}"
"/run/wrappers"
];
# systemd unit file for k3s (rootless)
#
# Usage:
# - [Optional] Enable cgroup v2 delegation, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .
# This step is optional, but highly recommended for enabling CPU and memory resource limtitation.
#
# - Copy this file as `~/.config/systemd/user/k3s-rootless.service`.
# Installing this file as a system-wide service (`/etc/systemd/...`) is not supported.
# Depending on the path of `k3s` binary, you might need to modify the `ExecStart=/usr/local/bin/k3s ...` line of this file.
#
# - Run `systemctl --user daemon-reload`
#
# - Run `systemctl --user enable --now k3s-rootless`
#
# - Run `KUBECONFIG=~/.kube/k3s.yaml kubectl get pods -A`, and make sure the pods are running.
#
# Troubleshooting:
# - See `systemctl --user status k3s-rootless` to check the daemon status
# - See `journalctl --user -f -u k3s-rootless` to see the daemon log
# - See also https://rootlesscontaine.rs/
enable = true;
description = "k3s (Rootless)";
serviceConfig = {
# NOTE: Don't try to run `k3s server --rootless` on a terminal, as it doesn't enable cgroup v2 delegation.
# If you really need to try it on a terminal, prepend `systemd-run --user -p Delegate=yes --tty` to create a systemd scope.
ExecStart = "${k3s}/bin/k3s server --rootless --snapshotter=fuse-overlayfs";
ExecReload = "/run/current-system/sw/bin/kill -s HUP $MAINPID";
TimeoutSec = 0;
RestartSec = 2;
Restart = "always";
StartLimitBurst = 3;
StartLimitInterval = "60s";
LimitNOFILE = "infinity";
LimitNPROC = "infinity";
LimitCORE = "infinity";
TasksMax = "infinity";
Delegate = "yes";
Type = "simple";
KillMode = "mixed";
};
wantedBy = [ "default.target" ];
};
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
};
}

0
modules/localization/default.nix → modules/localization.nix
View File

0
modules/networking/default.nix → modules/networking.nix
View File

0
modules/printing/default.nix → modules/printing.nix
View File

22
modules/secrets/default.nix
View File

@@ -25,10 +25,6 @@ in
"taskwarrior_sync_server_url".owner = config.users.users.${cfg.username}.name; "taskwarrior_sync_server_url".owner = config.users.users.${cfg.username}.name;
"taskwarrior_sync_server_client_id".owner = config.users.users.${cfg.username}.name; "taskwarrior_sync_server_client_id".owner = config.users.users.${cfg.username}.name;
"taskwarrior_sync_encryption_secret".owner = config.users.users.${cfg.username}.name; "taskwarrior_sync_encryption_secret".owner = config.users.users.${cfg.username}.name;
"email_personal".owner = config.users.users.${cfg.username}.name;
"email_work".owner = config.users.users.${cfg.username}.name;
"anki_sync_user".owner = config.users.users.${cfg.username}.name;
"anki_sync_key".owner = config.users.users.${cfg.username}.name;
}; };
templates."taskrc.d/sync" = { templates."taskrc.d/sync" = {
@@ -39,24 +35,6 @@ in
sync.encryption_secret=${config.sops.placeholder."taskwarrior_sync_encryption_secret"} sync.encryption_secret=${config.sops.placeholder."taskwarrior_sync_encryption_secret"}
''; '';
}; };
templates.".gitconfig.email" = {
owner = config.users.users.${cfg.username}.name;
path = "/home/${cfg.username}/.gitconfig.email";
content = ''
[user]
email = ${config.sops.placeholder."email_personal"}
'';
};
templates.".gitconfig.work.email" = {
owner = config.users.users.${cfg.username}.name;
path = "/home/${cfg.username}/.gitconfig.work.email";
content = ''
[user]
email = ${config.sops.placeholder."email_work"}
'';
};
}; };
}; };
} }

1
modules/ssh/hardened-openssh.nix
View File

@@ -10,7 +10,6 @@ in
services.openssh.settings = optionalAttrs cfg.harden { services.openssh.settings = optionalAttrs cfg.harden {
PermitRootLogin = "no"; PermitRootLogin = "no";
PasswordAuthentication = false; PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
ChallengeResponseAuthentication = false; ChallengeResponseAuthentication = false;
X11Forwarding = false; X11Forwarding = false;
AllowAgentForwarding = false; AllowAgentForwarding = false;

0
modules/users/default.nix → modules/users.nix
View File

2
modules/x/default.nix → modules/x.nix
View File

@@ -4,7 +4,7 @@
services.xserver.windowManager.xmonad = { services.xserver.windowManager.xmonad = {
enable = true; enable = true;
enableContribAndExtras = true; enableContribAndExtras = true;
config = builtins.readFile ../../dots/.xmonad/xmonad.hs; config = builtins.readFile ../dots/.xmonad/xmonad.hs;
}; };
services.xserver = { services.xserver = {

7
utils/default.nix
View File

@@ -1,7 +0,0 @@
{ lib }:
{
dirNames =
path:
builtins.attrNames (lib.filterAttrs (name: type: type == "directory") (builtins.readDir path));
}