andreijiroh.dev / dotfiles
Personal dotfiles for Linux, mostly for Nixpkgs/NixOS-based and Termux setups. Mirrored using GitLab's push mirroring feature. gitlab.com/andreijiroh-dev/dotfiles
linux dotfiles
fork atom

Forgot to commit my stuff btw

andreijiroh.dev 6cdd7640 45e09b81

+362 -267
+9 -9
.config/nixos/flake.lock
··· 162 162 "nixpkgs": "nixpkgs_4" 163 163 }, 164 164 "locked": { 165 - "lastModified": 1735381016, 166 - "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=", 165 + "lastModified": 1735735907, 166 + "narHash": "sha256-/AOGn9qJMjrZQyWYbObHTKmWDUP0q9+0TAXOJnq6ik0=", 167 167 "owner": "nix-community", 168 168 "repo": "home-manager", 169 - "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2", 169 + "rev": "59a4c43e9ba6db24698c112720a58a334117de83", 170 170 "type": "github" 171 171 }, 172 172 "original": { ··· 328 328 }, 329 329 "nixpkgs_4": { 330 330 "locked": { 331 - "lastModified": 1734649271, 332 - "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", 331 + "lastModified": 1735471104, 332 + "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", 333 333 "owner": "NixOS", 334 334 "repo": "nixpkgs", 335 - "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", 335 + "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", 336 336 "type": "github" 337 337 }, 338 338 "original": { ··· 344 344 }, 345 345 "nixpkgs_5": { 346 346 "locked": { 347 - "lastModified": 1735291276, 348 - "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", 347 + "lastModified": 1735471104, 348 + "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", 349 349 "owner": "NixOS", 350 350 "repo": "nixpkgs", 351 - "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", 351 + "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", 352 352 "type": "github" 353 353 }, 354 354 "original": {
+8 -16
.config/nixos/flake.nix
··· 3 3 4 4 # try to be in-sync with the nix-channels 5 5 inputs = { 6 - nixpkgs = { 7 - url = "github:NixOS/nixpkgs/nixos-unstable"; 8 - }; 9 - home-manager = { 10 - url = "github:nix-community/home-manager/master"; 11 - }; 12 - nixos-hardware = { 13 - url = "github:NixOS/nixos-hardware/master"; 14 - }; 15 - determinate = { 16 - url = "https://flakehub.com/f/DeterminateSystems/determinate/0.1"; 17 - }; 18 - vscode-server = { 19 - url = "github:nix-community/nixos-vscode-server"; 20 - }; 6 + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; 7 + home-manager.url = "github:nix-community/home-manager/master"; 8 + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; 9 + determinate.url = "https://flakehub.com/f/DeterminateSystems/determinate/0.1"; 10 + vscode-server.url = "github:nix-community/nixos-vscode-server"; 21 11 }; 22 12 23 13 outputs = { ··· 32 22 stellapent-cier = nixpkgs.lib.nixosSystem { 33 23 system = "x86_64-linux"; 34 24 modules = [ 25 + ./hosts/stellapent-cier/configuration.nix 26 + 27 + # load Determinate Nix and the rest 35 28 determinate.nixosModules.default 36 29 vscode-server.nixosModules.default 37 30 home-manager.nixosModules.home-manager 38 - ./hosts/stellapent-cier/configuration.nix 39 31 ]; 40 32 }; 41 33 };
+12 -6
.config/nixos/hosts/stellapent-cier/configuration.nix
··· 9 9 [ 10 10 ./hardware-configuration.nix 11 11 ../../shared/meta-configs.nix 12 + ../../shared/systemd.nix 12 13 ../../shared/networking.nix 13 - ../../shared/firewall.nix 14 - ../../shared/tailscale.nix 15 - ../../shared/ssh.nix 16 14 ../../shared/locale.nix 17 - ../../shared/kde-plasma.nix 18 - ../../shared/bluetooth.nix 15 + ../../shared/server/tailscale.nix 16 + ../../shared/server/ssh.nix 17 + ../../shared/desktop/kde-plasma.nix 18 + ../../shared/desktop/bluetooth.nix 19 + ../../shared/desktop/firewall.nix 19 20 ]; 20 21 21 22 # Bootloader. ··· 94 95 # home-manager specifics 95 96 home-manager.useUserPackages = true; 96 97 home-manager.useGlobalPkgs = true; 97 - home-manager.users.gildedguy = (import ./users/gildedguy.nix); 98 + home-manager.users.gildedguy = import ./users/gildedguy.nix; 99 + #programs.home-manager.enable = true; # allow home-manager to manage itself 98 100 99 101 # Install firefox. 100 102 programs.firefox.enable = true; ··· 109 111 btop 110 112 htop 111 113 google-chrome 114 + direnv 115 + cachix 112 116 ]; 113 117 114 118 # Some programs need SUID wrappers, can be configured further or are 115 119 # started in user sessions. 116 120 programs.mtr.enable = true; 121 + 122 + # enable gpg-agent with SSH support 117 123 programs.gnupg.agent = { 118 124 enable = true; 119 125 enableSSHSupport = true;
+6 -205
.config/nixos/hosts/stellapent-cier/users/gildedguy.nix
··· 1 1 { config, pkgs, lib, ... }: 2 2 3 - let 4 - vscExts = (import ../../../shared/vscode-extensions.nix) { 5 - pkgs = pkgs; 6 - lib = lib; 7 - }; 8 - #extList = lib.attrsets.mapAttrsToList (name: value: value) vscExts; 9 - in 10 - with pkgs; 11 3 { 12 - # https://fnordig.de/til/nix/home-manager-allow-unfree.html 13 - nixpkgs = { 14 - config = { 15 - allowUnfree = true; 16 - # https://github.com/nix-community/home-manager/issues/2942 17 - allowUnfreePredicate = (_: true); 18 - }; 19 - }; 20 - 21 - # Home Manager needs a bit of information about you and the paths it should 22 - # manage. Also don't ask how we got here on the roleplaying part. 23 - home.username = "gildedguy"; 24 - home.homeDirectory = "/home/gildedguy"; 25 - 26 - # This value determines the Home Manager release that your configuration is 27 - # compatible with. This helps avoid breakage when a new Home Manager release 28 - # introduces backwards incompatible changes. 29 - # 30 - # You should not change this value, even if you update Home Manager. If you do 31 - # want to update the value, then make sure to first check the Home Manager 32 - # release notes. 33 - home.stateVersion = "24.11"; # Please read the comment before changing. 34 - 35 - # The home.packages option allows you to install Nix packages into your 36 - # environment. 37 - home.packages = with pkgs; [ 38 - # # Adds the 'hello' command to your environment. It prints a friendly 39 - # # "Hello, world!" when run. 40 - # pkgs.hello 41 - 42 - # # It is sometimes useful to fine-tune packages, for example, by applying 43 - # # overrides. You can do that directly here, just don't forget the 44 - # # parentheses. Maybe you want to install Nerd Fonts with a limited number of 45 - # # fonts? 46 - # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) 47 - 48 - # # You can also create simple shell scripts directly inside your 49 - # # configuration. For example, this adds a command 'my-hello' to your 50 - # # environment: 51 - # (pkgs.writeShellScriptBin "my-hello" '' 52 - # echo "Hello, ${config.home.username}!" 53 - # '') 54 - 55 - ## devtools ## 56 - # https://httpie.io 57 - httpie 58 - # https://devenv.sh 59 - devenv 60 - # https://cli.github.com 61 - gh 62 - # bet we'll going to have a field day since Copilot is now available for free 63 - # (this is seperate from the gh copilot extension for those asking) 64 - # context: https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/ 65 - github-copilot-cli 66 - # markdownlint 67 - markdownlint-cli 68 - # https://doppler.com 69 - doppler 70 - 71 - ## programming languages 72 - deno 73 - nodejs_22 74 - python313 75 - pipx 76 - pipenv 77 - 78 - ## language servers ## 79 - # nix language server - https://github.com/oxalica/nil 80 - nil 81 - # https://github.com/alesbrelih/gitlab-ci-ls 82 - gitlab-ci-ls 4 + imports = [ 5 + ../../../shared/home-manager/main.nix 83 6 ]; 84 7 85 - home.sessionPath = [ 86 - "$HOME/bin" 87 - ]; 88 - 89 - # Home Manager is pretty good at managing dotfiles. The primary way to manage 90 - # plain files is through 'home.file'. 91 - home.file = { 92 - # # Building this configuration will create a copy of 'dotfiles/screenrc' in 93 - # # the Nix store. Activating the configuration will then make '~/.screenrc' a 94 - # # symlink to the Nix store copy. 95 - # ".screenrc".source = dotfiles/screenrc; 96 - 97 - # # You can also set the file content immediately. 98 - # ".gradle/gradle.properties".text = '' 99 - # org.gradle.console=verbose 100 - # org.gradle.daemon.idletimeout=3600000 101 - # ''; 8 + config = { 9 + home.username = "gildedguy"; 10 + home.homeDirectory = "/home/gildedguy"; 102 11 }; 103 - 104 - # Home Manager can also manage your environment variables through 105 - # 'home.sessionVariables'. These will be explicitly sourced when using a 106 - # shell provided by Home Manager. If you don't want to manage your shell 107 - # through Home Manager then you have to manually source 'hm-session-vars.sh' 108 - # located at either 109 - # 110 - # ~/.nix-profile/etc/profile.d/hm-session-vars.sh 111 - # 112 - # or 113 - # 114 - # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh 115 - # 116 - # or 117 - # 118 - # /etc/profiles/per-user/gildedguy/etc/profile.d/hm-session-vars.sh 119 - # 120 - home.sessionVariables = { 121 - EDITOR = "nano"; 122 - NIXOS_ALLOW_UNFREE = "1"; # for impure builds 123 - GIT_EDITOR = "code --wait"; 124 - VISUAL = "code --wait"; 125 - DOCKER_BUILDKIT = "1"; 126 - }; 127 - 128 - # Let Home Manager install and manage itself. 129 - programs.home-manager.enable = true; 130 - 131 - # let me cook with the configs, starting with git 132 - programs.git = { 133 - enable = true; 134 - package = pkgs.gitAndTools.gitFull; 135 - lfs = { 136 - enable = true; 137 - }; 138 - userName = "Andrei Jiroh Halili"; 139 - userEmail = "ajhalili2006@andreijiroh.dev"; 140 - aliases = { 141 - signoff = "commit --signoff"; 142 - amend = "commit -a --amend"; 143 - remotes = "remote -v"; 144 - root = "rev-parse --show-toplevel"; 145 - unstage = "restore --staged"; 146 - stats = "status"; 147 - }; 148 - extraConfig = { 149 - format = { 150 - signOff = true; 151 - }; 152 - init = { 153 - defaultBranch = "main"; 154 - }; 155 - 156 - # https://groups.google.com/g/binary-transparency/c/f-BI4o8HZW0 157 - transfer = { 158 - fsckobjects = true; 159 - }; 160 - fetch = { 161 - fsckobjects = true; 162 - }; 163 - receive = { 164 - fsckobjects = true; 165 - }; 166 - push = { 167 - autoSetupRemote = true; 168 - }; 169 - 170 - 171 - }; 172 - }; 173 - 174 - programs.vscode = { 175 - enable = true; 176 - package = pkgs.vscode; 177 - enableExtensionUpdateCheck = true; 178 - mutableExtensionsDir = true; 179 - # userSettings = { 180 - # "nix.enableLanguageServer" = true; 181 - # "nix.serverPath" = "nil"; 182 - # "window.customTitleBarVisibility" = "auto"; 183 - # "window.titleBarStyle" = "custom"; 184 - # "window.menuBarVisibility" = "classic"; 185 - # "redhat.telemetry.enabled" = true; 186 - # "github.copilot.editor.enableAutoCompletions" = false; 187 - # "github.copilot.chat.followUps" = "always"; 188 - # "github.copilot.chat.terminalChatLocation" = "terminal"; 189 - # "git.confirmSync" = false; 190 - # "microsoft-authentication.implementation" = "msal"; 191 - # "workbench.colorTheme" = "GitHub Dark Colorblind (Beta)"; 192 - # "workbench.iconTheme" = "material-icon-theme"; 193 - # "workbench.productIconTheme" = "material-product-icons"; 194 - # }; 195 - # Note that not all extensions are available over gh:NixOS/nixpkgs repo, but 196 - # we'll work on that soon. 197 - extensions = with vscExts; [ 198 - pkief.material-icon-theme 199 - pkief.material-product-icons 200 - github.github-vscode-theme 201 - wakatime.vscode-wakatime 202 - doppler.doppler-vscode 203 - eamodio.gitlens 204 - vivaxy.vscode-conventional-commits 205 - denoland.vscode-deno 206 - jnoortheen.nix-ide 207 - #redhat.vscode-yaml 208 - unifiedjs.vscode-mdx 209 - ]; 210 - }; 211 - } 12 + }
.config/nixos/shared/bluetooth.nix .config/nixos/shared/desktop/bluetooth.nix
+25
.config/nixos/shared/desktop/firewall.nix
··· 1 + { config, pkgs, lib, ... }: 2 + 3 + { 4 + # Open ports in the firewall. 5 + networking.firewall.allowedTCPPortRanges = [ 6 + { from = 1714; to = 1764; } # used by KDE Connect 7 + { from = 3000; to = 3999; } 8 + { from = 8000; to = 8999; } 9 + ]; 10 + networking.firewall.allowedUDPPortRanges = [ 11 + { from = 1714; to = 1764; } # used by KDE Connect 12 + { from = 3000; to = 3999; } 13 + { from = 8000; to = 8999; } 14 + ]; 15 + networking.firewall.allowedTCPPorts = [ 16 + 22 17 + 80 18 + 443 19 + ]; 20 + networking.firewall.allowedUDPPorts = [ 21 + 22 22 + 80 23 + 443 24 + ]; 25 + }
-27
.config/nixos/shared/firewall.nix
··· 1 - { config, pkgs, lib, ... }: 2 - 3 - { 4 - # Open ports in the firewall. 5 - networking.firewall.allowedTCPPortRanges = [ 6 - { from = 1714; to = 1764; } 7 - ]; 8 - networking.firewall.allowedUDPPortRanges = [ 9 - { from = 1714; to = 1764; } 10 - ]; 11 - networking.firewall.allowedTCPPorts = [ 12 - 22 13 - 80 14 - 443 15 - 3000 16 - 8000 17 - ]; 18 - networking.firewall.allowedUDPPorts = [ 19 - 22 20 - 80 21 - 443 22 - 3000 23 - 8000 24 - ]; 25 - # Or disable the firewall altogether. 26 - # networking.firewall.enable = false; 27 - }
+193
.config/nixos/shared/home-manager/main.nix
··· 1 + # This is the meta configuration for my dotfiles with home-manager, except 2 + # some home.{username,userDirectory} configs to ensure portability between 3 + # hosts 4 + 5 + { config, pkgs, lib, ... }: 6 + 7 + { 8 + # https://fnordig.de/til/nix/home-manager-allow-unfree.html 9 + nixpkgs = { 10 + config = { 11 + allowUnfree = true; 12 + # https://github.com/nix-community/home-manager/issues/2942 13 + allowUnfreePredicate = (_: true); 14 + }; 15 + }; 16 + 17 + # This value determines the Home Manager release that your configuration is 18 + # compatible with. This helps avoid breakage when a new Home Manager release 19 + # introduces backwards incompatible changes. 20 + # 21 + # You should not change this value, even if you update Home Manager. If you do 22 + # want to update the value, then make sure to first check the Home Manager 23 + # release notes. 24 + home.stateVersion = "24.11"; # Please read the comment before changing. 25 + 26 + # The home.packages option allows you to install Nix packages into your 27 + # environment. 28 + home.packages = with pkgs; [ 29 + # # Adds the 'hello' command to your environment. It prints a friendly 30 + # # "Hello, world!" when run. 31 + # pkgs.hello 32 + 33 + # # It is sometimes useful to fine-tune packages, for example, by applying 34 + # # overrides. You can do that directly here, just don't forget the 35 + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of 36 + # # fonts? 37 + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) 38 + 39 + # # You can also create simple shell scripts directly inside your 40 + # # configuration. For example, this adds a command 'my-hello' to your 41 + # # environment: 42 + # (pkgs.writeShellScriptBin "my-hello" '' 43 + # echo "Hello, ${config.home.username}!" 44 + # '') 45 + 46 + ## devtools ## 47 + # https://httpie.io 48 + httpie 49 + # https://devenv.sh 50 + devenv 51 + # https://cli.github.com 52 + gh 53 + # bet we'll going to have a field day since Copilot is now available for free 54 + # (this is seperate from the gh copilot extension for those asking) 55 + # context: https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/ 56 + github-copilot-cli 57 + # markdownlint 58 + markdownlint-cli 59 + # https://doppler.com 60 + doppler 61 + direnv 62 + shellcheck 63 + hadolint 64 + 65 + ## programming languages 66 + deno 67 + nodejs_22 68 + python313 69 + pipx 70 + pipenv 71 + 72 + ## language servers ## 73 + # nix language server - https://github.com/oxalica/nil 74 + nil 75 + # https://github.com/alesbrelih/gitlab-ci-ls 76 + gitlab-ci-ls 77 + ]; 78 + 79 + home.sessionPath = [ 80 + "${config.home.homeDirectory}/bin" 81 + ]; 82 + 83 + # Home Manager is pretty good at managing dotfiles. The primary way to manage 84 + # plain files is through 'home.file'. 85 + home.file = { 86 + # # Building this configuration will create a copy of 'dotfiles/screenrc' in 87 + # # the Nix store. Activating the configuration will then make '~/.screenrc' a 88 + # # symlink to the Nix store copy. 89 + # ".screenrc".source = dotfiles/screenrc; 90 + 91 + # # You can also set the file content immediately. 92 + # ".gradle/gradle.properties".text = '' 93 + # org.gradle.console=verbose 94 + # org.gradle.daemon.idletimeout=3600000 95 + # ''; 96 + }; 97 + 98 + # Home Manager can also manage your environment variables through 99 + # 'home.sessionVariables'. These will be explicitly sourced when using a 100 + # shell provided by Home Manager. If you don't want to manage your shell 101 + # through Home Manager then you have to manually source 'hm-session-vars.sh' 102 + # located at either 103 + # 104 + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh 105 + # 106 + # or 107 + # 108 + # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh 109 + # 110 + # or 111 + # 112 + # /etc/profiles/per-user/gildedguy/etc/profile.d/hm-session-vars.sh 113 + # 114 + home.sessionVariables = { 115 + EDITOR = "nano"; 116 + NIXOS_ALLOW_UNFREE = "1"; # for impure builds 117 + GIT_EDITOR = "code --wait"; 118 + VISUAL = "code --wait"; 119 + DOCKER_BUILDKIT = "1"; 120 + }; 121 + 122 + # Let Home Manager install and manage itself. 123 + programs.home-manager.enable = true; 124 + 125 + # let me cook with the configs, starting with git 126 + programs.git = { 127 + enable = true; 128 + package = pkgs.gitAndTools.gitFull; 129 + lfs = { 130 + enable = true; 131 + }; 132 + userName = "Andrei Jiroh Halili"; 133 + userEmail = "ajhalili2006@andreijiroh.dev"; 134 + aliases = { 135 + signoff = "commit --signoff"; 136 + amend = "commit -a --amend"; 137 + remotes = "remote -v"; 138 + root = "rev-parse --show-toplevel"; 139 + unstage = "restore --staged"; 140 + stats = "status"; 141 + }; 142 + extraConfig = { 143 + format = { 144 + signOff = true; 145 + }; 146 + init = { 147 + defaultBranch = "main"; 148 + }; 149 + 150 + # https://groups.google.com/g/binary-transparency/c/f-BI4o8HZW0 151 + transfer = { 152 + fsckobjects = true; 153 + }; 154 + fetch = { 155 + fsckobjects = true; 156 + }; 157 + receive = { 158 + fsckobjects = true; 159 + }; 160 + push = { 161 + autoSetupRemote = true; 162 + }; 163 + 164 + 165 + }; 166 + }; 167 + 168 + programs.vscode = { 169 + enable = true; 170 + package = pkgs.vscode; 171 + enableExtensionUpdateCheck = true; 172 + mutableExtensionsDir = true; 173 + # userSettings = { 174 + # "nix.enableLanguageServer" = true; 175 + # "nix.serverPath" = "nil"; 176 + # "window.customTitleBarVisibility" = "auto"; 177 + # "window.titleBarStyle" = "custom"; 178 + # "window.menuBarVisibility" = "classic"; 179 + # "redhat.telemetry.enabled" = true; 180 + # "github.copilot.editor.enableAutoCompletions" = false; 181 + # "github.copilot.chat.followUps" = "always"; 182 + # "github.copilot.chat.terminalChatLocation" = "terminal"; 183 + # "git.confirmSync" = false; 184 + # "microsoft-authentication.implementation" = "msal"; 185 + # "workbench.colorTheme" = "GitHub Dark Colorblind (Beta)"; 186 + # "workbench.iconTheme" = "material-icon-theme"; 187 + # "workbench.productIconTheme" = "material-product-icons"; 188 + # }; 189 + # We're importing what's generated from nix4vscode here as a workaround 190 + # for now. 191 + #extensions = lib.attrsets.mapAttrsToList (_: v: v) vscExts; 192 + }; 193 + }
.config/nixos/shared/kde-plasma.nix .config/nixos/shared/desktop/kde-plasma.nix
+56 -4
.config/nixos/shared/meta-configs.nix
··· 1 - # This is the meta config file for nixpkgs and nix cli 1 + # This is the meta config file for nixpkgs and nix cli itself, including 2 + # trusted keys for cachnix caches 2 3 3 4 { config, pkgs, lib, ... }: 4 5 ··· 13 14 }; 14 15 }; 15 16 16 - # Enable the Flakes feature and the accompanying new nix command-line tool 17 - nix.settings.experimental-features = [ "nix-command" "flakes" ]; 18 - } 17 + nix = { 18 + settings = { 19 + # See https://nix.dev/manual/nix/latest/development/experimental-features 20 + # for latest supported feature flags. 21 + experimental-features = [ 22 + "nix-command" 23 + "flakes" 24 + "ca-derivations" 25 + "cgroups" 26 + "impure-derivations" 27 + "git-hashing" 28 + "fetch-tree" 29 + "fetch-closure" 30 + "local-overlay-store" 31 + "mounted-ssh-store" 32 + # "verified-fetches" 33 + ]; 34 + 35 + trusted-users = [ 36 + "root" 37 + "gildedguy" 38 + "ajhalili2006" 39 + ]; 40 + 41 + # just sync with trusted-users, but w/o root 42 + allowed-users = [ 43 + "gildedguy" 44 + "ajhalili2006" 45 + ]; 46 + 47 + trusted-public-keys = [ 48 + # devenv.sh 49 + "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw=" 50 + 51 + # my caches for nixos and nixpkgs related builds (including devenvs) 52 + "ajhalili2006-nixos-builds.cachix.org-1:fA8HXvGR1i792D+CxL2iW/TQzUcyoW7zPUmC9Q4mQLg=" 53 + 54 + # the main cache itself 55 + "andreijiroh-dev.cachix.org-1:7Jd0STdBOLiNu5fiA+AKwcMqQD2PA1j9zLDGyDkuyBo=" 56 + 57 + # recaptime.dev cache 58 + "recaptime-dev.cachix.org-1:b0UBO1zONf6ceTIoR06AKhgid4ZOl5kxB/gOIdZ9J6g=" 59 + ]; 60 + 61 + # also list them all too 62 + trusted-substituters = [ 63 + "https://devenv.cachix.org" 64 + "https://andreijiroh-dev.cachix.org" 65 + "https://ajhalili2006-nixos-builds.cachix.org" 66 + "https://recaptime-dev.cachix.org" 67 + ]; 68 + }; 69 + }; 70 + }
+22
.config/nixos/shared/server/firewall.nix
··· 1 + { config, pkgs, lib, ... }: 2 + 3 + { 4 + networking.firewall.allowedTCPPortRanges = [ 5 + { from = 3000; to = 3999; } 6 + { from = 8000; to = 8999; } 7 + ]; 8 + networking.firewall.allowedUDPPortRanges = [ 9 + { from = 3000; to = 3999; } 10 + { from = 8000; to = 8999; } 11 + ]; 12 + networking.firewall.allowedTCPPorts = [ 13 + 22 14 + 80 15 + 443 16 + ]; 17 + networking.firewall.allowedUDPPorts = [ 18 + 22 19 + 80 20 + 443 21 + ]; 22 + }
+12
.config/nixos/shared/ssh-keys.nix
··· 1 + { 2 + personal = { 3 + y2022 = ""; 4 + }; 5 + rp_ssh_keys = { 6 + gildedguy = ""; 7 + }; 8 + 9 + recaptime-dev = { 10 + tbd = ""; 11 + }; 12 + }
.config/nixos/shared/ssh.nix .config/nixos/shared/server/ssh.nix
+19
.config/nixos/shared/systemd.nix
··· 1 + { ... }: 2 + 3 + { 4 + services.timesyncd = { 5 + enable = true; 6 + servers = [ 7 + # https://pubfiles.pagasa.dost.gov.ph/tamss/oras/time_synchronization_for_windows_7_and_8.pdf 8 + "ntp.pagasa.dost.gov.ph" 9 + # https://www.cloudflare.com/time/ 10 + "time.cloudflare.com" 11 + ]; 12 + fallbackServers = [ 13 + "0.asia.pool.ntp.org" 14 + "1.asia.pool.ntp.org" 15 + "2.asia.pool.ntp.org" 16 + "3.asia.pool.ntp.org" 17 + ]; 18 + }; 19 + }
.config/nixos/shared/tailscale.nix .config/nixos/shared/server/tailscale.nix
.config/nixos/shared/vscode-extensions.nix .config/nixos/shared/vscode/extensions.nix