commit 57afd743b729333a6066e486bcff2d515107f5dd · hyl.st/helm

+221

apps/aarch64-darwin/apply

··· 1 + #!/usr/bin/env bash 2 + 3 + RED='\033[0;31m' 4 + GREEN='\033[0;32m' 5 + YELLOW='\033[1;33m' 6 + NC='\033[0m' # No Color 7 + 8 + # Determine the operating system 9 + export OS=$(uname) 10 + 11 + # Primary network interface 12 + if [[ "$OS" != "Darwin" ]]; then 13 + export PRIMARY_IFACE=$(ip -o -4 route show to default | awk '{print $5}') 14 + echo -e "${GREEN}Found primary network interface $PRIMARY_IFACE${NC}" 15 + fi 16 + 17 + # Custom print function 18 + _print() { 19 + if [[ "$OS" == "Darwin" ]]; then 20 + echo -e "$1" 21 + else 22 + echo "$1" 23 + fi 24 + } 25 + 26 + # Custom prompt function 27 + _prompt() { 28 + local message="$1" 29 + local variable="$2" 30 + 31 + _print "$message" 32 + read -r $variable 33 + } 34 + 35 + insert_secrets_output() { 36 + local pattern="outputs = { self, darwin, nix-homebrew, homebrew-bundle, homebrew-core, homebrew-cask, home-manager, nixpkgs, disko, agenix } @inputs:" 37 + local insert_text="secrets " 38 + 39 + awk -v pat="$pattern" -v insert="$insert_text" ' 40 + $0 ~ pat { 41 + sub(/} @inputs:/, ", " insert "} @inputs:"); # Replace the closing brace with the insert text followed by the brace 42 + gsub(/ ,/, ","); # Correct any spaces before commas 43 + print 44 + next 45 + } 46 + { print } 47 + ' flake.nix > flake.nix.tmp 48 + 49 + mv flake.nix.tmp flake.nix 50 + } 51 + 52 + insert_secrets_input() { 53 + # Define file path 54 + FILE_PATH="flake.nix" 55 + 56 + # Backup the original file 57 + cp "$FILE_PATH" "${FILE_PATH}.bak" 58 + 59 + # Temporary file for the text to insert 60 + TEMP_FILE="temp_insert.txt" 61 + 62 + # Write the formatted text to the temporary file 63 + cat > "$TEMP_FILE" << 'EOF' 64 + secrets = { 65 + url = "git+ssh://git@github.com/%GITHUB_USER%/%GITHUB_SECRETS_REPO%.git"; 66 + flake = false; 67 + }; 68 + EOF 69 + 70 + # Check if the 'secrets' block already exists 71 + if grep -q 'url = "git+ssh://git@github.com/%GITHUB_USER%/%GITHUB_SECRETS_REPO%.git"' "$FILE_PATH"; then 72 + echo "The 'secrets' block already exists in the file." 73 + rm "$TEMP_FILE" 74 + rm "${FILE_PATH}.bak" 75 + exit 0 76 + fi 77 + 78 + # Find the start and end line numbers of the 'disko' block 79 + START_LINE=$(grep -n 'disko = {' "$FILE_PATH" | head -n 1 | cut -d: -f1) 80 + END_LINE=$(tail -n +$START_LINE "$FILE_PATH" | grep -n '};' | head -n 1 | cut -d: -f1) 81 + END_LINE=$((START_LINE + END_LINE - 1)) 82 + 83 + # Create a new file with the insertion 84 + { 85 + sed -n "1,${END_LINE}p" "$FILE_PATH" 86 + cat "$TEMP_FILE" 87 + sed -n "$((END_LINE + 1)),\$p" "$FILE_PATH" 88 + } > "${FILE_PATH}.new" 89 + 90 + # Replace the original file with the new file 91 + mv "${FILE_PATH}.new" "$FILE_PATH" 92 + 93 + # Clean up the temporary files 94 + rm "$TEMP_FILE" 95 + rm "${FILE_PATH}.bak" 96 + } 97 + 98 + # Fetch username from the system 99 + export USERNAME=$(whoami) 100 + 101 + # If the username is 'nixos' or 'root', ask the user for their username 102 + if [[ "$USERNAME" == "nixos" ]] || [[ "$USERNAME" == "root" ]]; then 103 + _prompt "${YELLOW}You're running as $USERNAME. Please enter your desired username: ${NC}" USERNAME 104 + fi 105 + 106 + # Check if git is available 107 + if command -v git >/dev/null 2>&1; then 108 + # Fetch email and name from git config 109 + export GIT_EMAIL=$(git config --get user.email) 110 + export GIT_NAME=$(git config --get user.name) 111 + else 112 + _print "${RED}Git is not available on this system.${NC}" 113 + fi 114 + 115 + # If git email is not found or git is not available, ask the user 116 + if [[ -z "$GIT_EMAIL" ]]; then 117 + _prompt "${YELLOW}Please enter your email: ${NC}" GIT_EMAIL 118 + fi 119 + 120 + # If git name is not found or git is not available, ask the user 121 + if [[ -z "$GIT_NAME" ]]; then 122 + _prompt "${YELLOW}Please enter your name: ${NC}" GIT_NAME 123 + fi 124 + 125 + _prompt "${YELLOW}Please enter your Github username: ${NC}" GITHUB_USER 126 + _prompt "${YELLOW}Please enter your Github secrets repository name: ${NC}" GITHUB_SECRETS_REPO 127 + 128 + export GITHUB_USER 129 + export GITHUB_SECRETS_REPO 130 + 131 + select_boot_disk() { 132 + local disks 133 + local _boot_disk 134 + 135 + _print "${YELLOW}Available disks:${NC}" 136 + disks=$(lsblk -nd --output NAME,SIZE | grep -v loop) 137 + echo "$disks" 138 + 139 + # Warning message for data deletion 140 + _print "${RED}WARNING: All data on the chosen disk will be erased during the installation!${NC}" 141 + _prompt "${YELLOW}Please choose your boot disk (e.g., nvme0n1, sda): ${NC}" _boot_disk 142 + 143 + # Confirmation for disk selection to prevent accidental data loss 144 + _print "${YELLOW}You have selected $_boot_disk as the boot disk. This will delete everything on this disk. Are you sure? (Y/N): ${NC}" 145 + read -r confirmation 146 + if [[ "$confirmation" =~ ^[Yy]$ ]]; then 147 + export BOOT_DISK=$_boot_disk 148 + else 149 + _print "${RED}Disk selection cancelled by the user. Please run the script again to select the correct disk.${NC}" 150 + exit 1 151 + fi 152 + } 153 + 154 + # Set hostname and find primary disk if this is NixOS 155 + if [[ "$OS" != "Darwin" ]]; then 156 + _prompt "${YELLOW}Please enter a hostname for the system: ${NC}" HOST_NAME 157 + export HOST_NAME 158 + select_boot_disk 159 + fi 160 + 161 + # Confirmation step 162 + confirm_details() { 163 + _print "${GREEN}Username: $USERNAME" 164 + _print "Email: $GIT_EMAIL" 165 + _print "Name: $GIT_NAME${NC}" 166 + 167 + if([[ "$OS" != "Darwin" ]]); then 168 + _print "${GREEN}Primary interface: $PRIMARY_IFACE" 169 + _print "Boot disk: $BOOT_DISK" 170 + _print "Hostname: $HOST_NAME${NC}" 171 + fi 172 + 173 + _print "${GREEN}Secrets repository: $GITHUB_USER/$GITHUB_SECRETS_REPO${NC}" 174 + 175 + _prompt "${YELLOW}Is this correct? (Y/N): ${NC}" choice 176 + 177 + case "$choice" in 178 + [Nn] ) _print "${RED}Exiting script.${NC}" && exit 1;; 179 + [Yy] ) _print "${GREEN}Continuing...${NC}";; 180 + * ) _print "${RED}Invalid option. Exiting script.${NC}" && exit 1;; 181 + esac 182 + } 183 + 184 + # Call the confirmation function 185 + confirm_details 186 + 187 + # Function to replace tokens in each file 188 + replace_tokens() { 189 + local file="$1" 190 + if [[ $(basename $1) != "apply" ]]; then 191 + if [[ "$OS" == "Darwin" ]]; then 192 + # macOS 193 + LC_ALL=C LANG=C sed -i '' -e "s/%USER%/$USERNAME/g" "$file" 194 + LC_ALL=C LANG=C sed -i '' -e "s/%EMAIL%/$GIT_EMAIL/g" "$file" 195 + LC_ALL=C LANG=C sed -i '' -e "s/%NAME%/$GIT_NAME/g" "$file" 196 + LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file" 197 + LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file" 198 + else 199 + # Linux or other 200 + sed -i -e "s/%USER%/$USERNAME/g" "$file" 201 + sed -i -e "s/%EMAIL%/$GIT_EMAIL/g" "$file" 202 + sed -i -e "s/%NAME%/$GIT_NAME/g" "$file" 203 + sed -i -e "s/%INTERFACE%/$PRIMARY_IFACE/g" "$file" 204 + sed -i -e "s/%DISK%/$BOOT_DISK/g" "$file" 205 + sed -i -e "s/%HOST%/$HOST_NAME/g" "$file" 206 + sed -i -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file" 207 + sed -i -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file" 208 + fi 209 + fi 210 + } 211 + 212 + # Insert secrets repo into flake 213 + insert_secrets_input 214 + insert_secrets_output 215 + 216 + # Traverse directories and call replace_tokens on each Nix file 217 + export -f replace_tokens 218 + find . -type f -exec bash -c 'replace_tokens "$0"' {} \; 219 + 220 + echo "$USERNAME" > /tmp/username.txt 221 + _print "${GREEN}User $USERNAME information applied.${NC}"

+19

apps/aarch64-darwin/build

··· 1 + #!/bin/sh -e 2 + 3 + GREEN='\033[1;32m' 4 + YELLOW='\033[1;33m' 5 + RED='\033[1;31m' 6 + NC='\033[0m' 7 + 8 + SYSTEM_TYPE="aarch64-darwin" 9 + FLAKE_SYSTEM="darwinConfigurations.${SYSTEM_TYPE}.system" 10 + 11 + export NIXPKGS_ALLOW_UNFREE=1 12 + 13 + echo "${YELLOW}Starting build...${NC}" 14 + nix --extra-experimental-features 'nix-command flakes' build .#$FLAKE_SYSTEM $@ 15 + 16 + echo "${YELLOW}Cleaning up...${NC}" 17 + unlink ./result 18 + 19 + echo "${GREEN}Switch to new generation complete!${NC}"

+22

apps/aarch64-darwin/build-switch

··· 1 + #!/bin/sh -e 2 + 3 + GREEN='\033[1;32m' 4 + YELLOW='\033[1;33m' 5 + RED='\033[1;31m' 6 + NC='\033[0m' 7 + 8 + SYSTEM_TYPE="aarch64-darwin" 9 + FLAKE_SYSTEM="darwinConfigurations.${SYSTEM_TYPE}.system" 10 + 11 + export NIXPKGS_ALLOW_UNFREE=1 12 + 13 + echo "${YELLOW}Starting build...${NC}" 14 + nix --extra-experimental-features 'nix-command flakes' build .#$FLAKE_SYSTEM $@ 15 + 16 + echo "${YELLOW}Switching to new generation...${NC}" 17 + ./result/sw/bin/darwin-rebuild switch --flake .#${SYSTEM_TYPE} $@ 18 + 19 + echo "${YELLOW}Cleaning up...${NC}" 20 + unlink ./result 21 + 22 + echo "${GREEN}Switch to new generation complete!${NC}"

+33

apps/aarch64-darwin/check-keys

··· 1 + #!/usr/bin/env bash 2 + set -e 3 + 4 + RED='\033[0;31m' 5 + GREEN='\033[0;32m' 6 + NC='\033[0m' 7 + 8 + username=${USER} 9 + export SSH_DIR=/Users/${username}/.ssh 10 + 11 + lint_keys() { 12 + if [[ -f "${SSH_DIR}/id_ed25519" && -f "${SSH_DIR}/id_ed25519.pub" && -f "${SSH_DIR}/id_ed25519_agenix" && -f "${SSH_DIR}/id_ed25519_agenix.pub" ]]; then 13 + echo -e "${GREEN}All SSH keys are present.${NC}" 14 + else 15 + echo -e "${RED}Some SSH keys are missing.${NC}" 16 + if [[ ! -f "${SSH_DIR}/id_ed25519" ]]; then 17 + echo -e "${RED}Missing: id_ed25519${NC}" 18 + fi 19 + if [[ ! -f "${SSH_DIR}/id_ed25519.pub" ]]; then 20 + echo -e "${RED}Missing: id_ed25519.pub${NC}" 21 + fi 22 + if [[ ! -f "${SSH_DIR}/id_ed25519_agenix" ]]; then 23 + echo -e "${RED}Missing: id_ed25519_agenix${NC}" 24 + fi 25 + if [[ ! -f "${SSH_DIR}/id_ed25519_agenix.pub" ]]; then 26 + echo -e "${RED}Missing: id_ed25519_agenix.pub${NC}" 27 + fi 28 + echo -e "${GREEN}Run the createKeys command to generate the missing keys.${NC}" 29 + exit 1 30 + fi 31 + } 32 + 33 + lint_keys

+68

apps/aarch64-darwin/copy-keys

··· 1 + #!/usr/bin/env bash 2 + set -e 3 + 4 + RED='\033[0;31m' 5 + GREEN='\033[0;32m' 6 + NC='\033[0m' 7 + 8 + username=${USER} 9 + export SSH_DIR=/Users/${username}/.ssh 10 + 11 + handle_no_usb() { 12 + echo -e ${RED}No USB drive found or mounted.${NC}" 13 + echo -e ${GREEN}If you have not yet set up your keys, run the script to generate new SSH keys.${NC}" 14 + exit 1 15 + } 16 + 17 + mount_usb() { 18 + MOUNT_PATH="" 19 + for dev in $(diskutil list | grep -o 'disk[0-9]'); do 20 + MOUNT_PATH="$(diskutil info /dev/${dev} | grep \"Mount Point\" | awk -F: '{print $2}' | xargs)" 21 + if [ -n "${MOUNT_PATH}" ]; then 22 + echo -e "${GREEN}USB drive found at ${MOUNT_PATH}.${NC}" 23 + break 24 + fi 25 + done 26 + 27 + if [ -z "${MOUNT_PATH}" ]; then 28 + echo -e "${RED}No USB drive found.${NC}" 29 + fi 30 + } 31 + 32 + copy_keys() { 33 + if [ -n "${MOUNT_PATH}" ]; then 34 + cp "${MOUNT_PATH}/id_ed25519_agenix.pub" ${SSH_DIR} 35 + cp "${MOUNT_PATH}/id_ed25519_agenix" ${SSH_DIR} 36 + chmod 600 ${SSH_DIR}/id_ed25519_{agenix,agenix.pub} 37 + else 38 + echo -e "${RED}No USB drive found. Aborting.${NC}" 39 + exit 1 40 + fi 41 + } 42 + 43 + setup_ssh_directory() { 44 + mkdir -p ${SSH_DIR} 45 + } 46 + 47 + set_keys() { 48 + cp ${MOUNT_PATH}/id_ed25519_github.pub ${SSH_DIR}/id_ed25519.pub 49 + cp ${MOUNT_PATH}/id_ed25519_github ${SSH_DIR}/id_ed25519 50 + chmod 600 ${SSH_DIR}/id_ed25519 51 + chmod 644 ${SSH_DIR}/id_ed25519.pub 52 + } 53 + 54 + change_ownership() { 55 + chown ${username}:staff ${SSH_DIR}/id_ed25519{,.pub} 56 + chown ${username}:staff ${SSH_DIR}/id_ed25519_{agenix,agenix.pub} 57 + } 58 + 59 + setup_ssh_directory 60 + mount_usb 61 + 62 + if [ -z "${MOUNT_PATH}" ]; then 63 + handle_no_usb 64 + else 65 + copy_keys 66 + set_keys 67 + change_ownership 68 + fi

+46

apps/aarch64-darwin/create-keys

··· 1 + #!/usr/bin/env bash 2 + set -e 3 + 4 + RED='\033[0;31m' 5 + GREEN='\033[0;32m' 6 + NC='\033[0m' 7 + 8 + username=${USER} 9 + export SSH_DIR=/Users/${username}/.ssh 10 + 11 + setup_ssh_directory() { 12 + mkdir -p ${SSH_DIR} 13 + } 14 + 15 + prompt_for_key_generation() { 16 + local key_name=$1 17 + if [[ -f "${SSH_DIR}/${key_name}" ]]; then 18 + echo -e "${RED}Existing SSH key found for ${key_name}.${NC}" 19 + cat "${SSH_DIR}/${key_name}.pub" 20 + read -p "Do you want to replace it? (y/n) " -n 1 -r 21 + echo 22 + if [[ $REPLY =~ ^[Yy]$ ]]; then 23 + return 0 # Indicate key should be replaced 24 + else 25 + return 1 # Indicate key should be kept 26 + fi 27 + fi 28 + return 0 # Indicate no key exists, so it should be created 29 + } 30 + 31 + generate_key() { 32 + local key_name=$1 33 + if prompt_for_key_generation "$key_name"; then 34 + ssh-keygen -t ed25519 -f "${SSH_DIR}/${key_name}" -N "" 35 + chown ${username}:staff "${SSH_DIR}/${key_name}"{,.pub} 36 + else 37 + echo -e "${GREEN}Kept existing ${key_name}.${NC}" 38 + fi 39 + } 40 + 41 + setup_ssh_directory 42 + generate_key "id_ed25519" 43 + generate_key "id_ed25519_agenix" 44 + 45 + echo -e "${GREEN}SSH key setup complete.${NC}" 46 + echo -e "${GREEN}Remember to add the necessary keys to Github or other services as required.${NC}"

+24

apps/aarch64-darwin/rollback

··· 1 + #!/bin/sh -e 2 + 3 + GREEN='\033[1;32m' 4 + YELLOW='\033[1;33m' 5 + RED='\033[1;31m' 6 + NC='\033[0m' 7 + 8 + FLAKE="Dustins-MBP" 9 + 10 + echo "${YELLOW}Available generations:${NC}" 11 + /run/current-system/sw/bin/darwin-rebuild --list-generations 12 + 13 + echo "${YELLOW}Enter the generation number for rollback:${NC}" 14 + read GEN_NUM 15 + 16 + if [ -z "$GEN_NUM" ]; then 17 + echo "${RED}No generation number entered. Aborting rollback.${NC}" 18 + exit 1 19 + fi 20 + 21 + echo "${YELLOW}Rolling back to generation $GEN_NUM...${NC}" 22 + /run/current-system/sw/bin/darwin-rebuild switch --flake .#$FLAKE --switch-generation $GEN_NUM 23 + 24 + echo "${GREEN}Rollback to generation $GEN_NUM complete!${NC}"

+1

apps/aarch64-linux

··· 1 + x86_64-linux

+142

apps/x86_64-linux/apply

··· 1 + #!/usr/bin/env bash 2 + 3 + RED='\033[0;31m' 4 + GREEN='\033[0;32m' 5 + YELLOW='\033[1;33m' 6 + NC='\033[0m' # No Color 7 + 8 + # Determine the operating system 9 + export OS=$(uname) 10 + 11 + # Primary network interface 12 + if [[ "$OS" != "Darwin" ]]; then 13 + export PRIMARY_IFACE=$(ip -o -4 route show to default | awk '{print $5}') 14 + echo -e "${GREEN}Found primary network interface $PRIMARY_IFACE${NC}" 15 + fi 16 + 17 + # Custom print function 18 + _print() { 19 + if [[ "$OS" == "Darwin" ]]; then 20 + echo -e "$1" 21 + else 22 + echo "$1" 23 + fi 24 + } 25 + 26 + # Custom prompt function 27 + _prompt() { 28 + local message="$1" 29 + local variable="$2" 30 + 31 + _print "$message" 32 + read -r $variable 33 + } 34 + 35 + # Fetch username from the system 36 + export USERNAME=$(whoami) 37 + 38 + # If the username is 'nixos' or 'root', ask the user for their username 39 + if [[ "$USERNAME" == "nixos" ]] || [[ "$USERNAME" == "root" ]]; then 40 + _prompt "${YELLOW}You're running as $USERNAME. Please enter your desired username: ${NC}" USERNAME 41 + fi 42 + 43 + # Check if git is available 44 + if command -v git >/dev/null 2>&1; then 45 + # Fetch email and name from git config 46 + export GIT_EMAIL=$(git config --get user.email) 47 + export GIT_NAME=$(git config --get user.name) 48 + else 49 + _print "${RED}Git is not available on this system.${NC}" 50 + fi 51 + 52 + # If git email is not found or git is not available, ask the user 53 + if [[ -z "$GIT_EMAIL" ]]; then 54 + _prompt "${YELLOW}Please enter your email: ${NC}" GIT_EMAIL 55 + fi 56 + 57 + # If git name is not found or git is not available, ask the user 58 + if [[ -z "$GIT_NAME" ]]; then 59 + _prompt "${YELLOW}Please enter your name: ${NC}" GIT_NAME 60 + fi 61 + 62 + select_boot_disk() { 63 + local disks 64 + local _boot_disk 65 + 66 + _print "${YELLOW}Available disks:${NC}" 67 + disks=$(lsblk -nd --output NAME,SIZE | grep -v loop) 68 + echo "$disks" 69 + 70 + # Warning message for data deletion 71 + _print "${RED}WARNING: All data on the chosen disk will be erased during the installation!${NC}" 72 + _prompt "${YELLOW}Please choose your boot disk (e.g., nvme0n1, sda): ${NC}" _boot_disk 73 + 74 + # Confirmation for disk selection to prevent accidental data loss 75 + _print "${YELLOW}You have selected $_boot_disk as the boot disk. This will delete everything on this disk. Are you sure? (Y/N): ${NC}" 76 + read -r confirmation 77 + if [[ "$confirmation" =~ ^[Yy]$ ]]; then 78 + export BOOT_DISK=$_boot_disk 79 + else 80 + _print "${RED}Disk selection cancelled by the user. Please run the script again to select the correct disk.${NC}" 81 + exit 1 82 + fi 83 + } 84 + 85 + # Set hostname and find primary disk if this is NixOS 86 + if [[ "$OS" != "Darwin" ]]; then 87 + _prompt "${YELLOW}Please enter a hostname for the system: ${NC}" HOST_NAME 88 + export HOST_NAME 89 + select_boot_disk 90 + fi 91 + 92 + # Confirmation step 93 + confirm_details() { 94 + _print "${GREEN}Username: $USERNAME" 95 + _print "Email: $GIT_EMAIL" 96 + _print "Name: $GIT_NAME${NC}" 97 + 98 + if([[ "$OS" != "Darwin" ]]); then 99 + _print "${GREEN}Primary interface: $PRIMARY_IFACE" 100 + _print "Boot disk: $BOOT_DISK" 101 + _print "Hostname: $HOST_NAME${NC}" 102 + fi 103 + 104 + _prompt "${YELLOW}Is this correct? (Y/N): ${NC}" choice 105 + 106 + case "$choice" in 107 + [Nn] ) _print "${RED}Exiting script.${NC}" && exit 1;; 108 + [Yy] ) _print "${GREEN}Continuing...${NC}";; 109 + * ) _print "${RED}Invalid option. Exiting script.${NC}" && exit 1;; 110 + esac 111 + } 112 + 113 + # Call the confirmation function 114 + confirm_details 115 + 116 + # Function to replace tokens in each file 117 + replace_tokens() { 118 + local file="$1" 119 + if [[ $(basename $1) != "apply" ]]; then 120 + if [[ "$OS" == "Darwin" ]]; then 121 + # macOS 122 + LC_ALL=C LANG=C sed -i '' -e "s/%USER%/$USERNAME/g" "$file" 123 + LC_ALL=C LANG=C sed -i '' -e "s/%EMAIL%/$GIT_EMAIL/g" "$file" 124 + LC_ALL=C LANG=C sed -i '' -e "s/%NAME%/$GIT_NAME/g" "$file" 125 + else 126 + # Linux or other 127 + sed -i -e "s/%USER%/$USERNAME/g" "$file" 128 + sed -i -e "s/%EMAIL%/$GIT_EMAIL/g" "$file" 129 + sed -i -e "s/%NAME%/$GIT_NAME/g" "$file" 130 + sed -i -e "s/%INTERFACE%/$PRIMARY_IFACE/g" "$file" 131 + sed -i -e "s/%DISK%/$BOOT_DISK/g" "$file" 132 + sed -i -e "s/%HOST%/$HOST_NAME/g" "$file" 133 + fi 134 + fi 135 + } 136 + 137 + # Traverse directories and call replace_tokens on each Nix file 138 + export -f replace_tokens 139 + find . -type f -exec bash -c 'replace_tokens "$0"' {} \; 140 + 141 + echo "$USERNAME" > /tmp/username.txt 142 + _print "${GREEN}User $USERNAME information applied.${NC}"

+28

apps/x86_64-linux/build-switch

··· 1 + #!/bin/sh -e 2 + 3 + RED='\033[1;31m' 4 + GREEN='\033[1;32m' 5 + YELLOW='\033[1;33m' 6 + NC='\033[0m' 7 + 8 + SYSTEM=$(uname -m) 9 + 10 + case "$SYSTEM" in 11 + x86_64) 12 + FLAKE_TARGET="x86_64-linux" 13 + ;; 14 + aarch64) 15 + FLAKE_TARGET="aarch64-linux" 16 + ;; 17 + *) 18 + echo -e "${RED}Unsupported architecture: $SYSTEM${NC}" 19 + exit 1 20 + ;; 21 + esac 22 + 23 + echo -e "${YELLOW}Starting...${NC}" 24 + 25 + # We pass SSH from user to root so root can download secrets from our private Github 26 + sudo SSH_AUTH_SOCK=$SSH_AUTH_SOCK /run/current-system/sw/bin/nixos-rebuild switch --flake .#$FLAKE_TARGET $@ 27 + 28 + echo -e "${GREEN}Switch to new generation complete!${NC}"

+33

apps/x86_64-linux/check-keys

··· 1 + #!/usr/bin/env bash 2 + set -e 3 + 4 + RED='\033[0;31m' 5 + GREEN='\033[0;32m' 6 + NC='\033[0m' 7 + 8 + # We're assuming this is being run as root in the NixOS installer 9 + export SSH_DIR=/root/.ssh 10 + 11 + check_keys() { 12 + if [[ -f "${SSH_DIR}/id_ed25519" && -f "${SSH_DIR}/id_ed25519.pub" && -f "${SSH_DIR}/id_ed25519_agenix" && -f "${SSH_DIR}/id_ed25519_agenix.pub" ]]; then 13 + echo -e "${GREEN}All SSH keys are present.${NC}" 14 + else 15 + echo -e "${RED}Some SSH keys are missing.${NC}" 16 + if [[ ! -f "${SSH_DIR}/id_ed25519" ]]; then 17 + echo -e "${RED}Missing: id_ed25519${NC}" 18 + fi 19 + if [[ ! -f "${SSH_DIR}/id_ed25519.pub" ]]; then 20 + echo -e "${RED}Missing: id_ed25519.pub${NC}" 21 + fi 22 + if [[ ! -f "${SSH_DIR}/id_ed25519_agenix" ]]; then 23 + echo -e "${RED}Missing: id_ed25519_agenix${NC}" 24 + fi 25 + if [[ ! -f "${SSH_DIR}/id_ed25519_agenix.pub" ]]; then 26 + echo -e "${RED}Missing: id_ed25519_agenix.pub${NC}" 27 + fi 28 + echo -e "${GREEN}Run the createKeys script to generate the missing keys.${NC}" 29 + exit 1 30 + fi 31 + } 32 + 33 + check_keys

+71

apps/x86_64-linux/copy-keys

··· 1 + #!/usr/bin/env bash 2 + set -e 3 + 4 + unmount_usb() { 5 + if mountpoint -q /mnt/usb; then 6 + sudo umount /mnt/usb 7 + echo -e "\e[0;32mUSB drive unmounted.\e[0m" 8 + fi 9 + } 10 + 11 + mount_usb() { 12 + if mountpoint -q /mnt/usb; then 13 + echo -e "\e[0;32mUSB drive already mounted.\e[0m" 14 + else 15 + device_found=false 16 + for dev in sda sdb sdc sdd sde sdf sdg sdh sdi sdj sdk sdl; do 17 + if sudo blkid /dev/$dev | grep -iq 'TYPE="vfat"'; then 18 + device_found=true 19 + mkdir -p /mnt/usb 20 + sudo mount /dev/$dev /mnt/usb && { echo -e "\e[0;32mUSB drive mounted successfully on /dev/$dev.\e[0m"; break; } || echo -e "\e[0;31mFailed to mount /dev/$dev.\e[0m" 21 + fi 22 + done 23 + if [ "$device_found" = false ]; then 24 + echo -e "\e[0;31mNo USB devices found.\e[0m" 25 + fi 26 + fi 27 + } 28 + 29 + setup_ssh_directory() { 30 + export SSH_DIR=/root/.ssh 31 + mkdir -p $SSH_DIR 32 + } 33 + 34 + check_file_exists() { 35 + if [[ ! -f $1 ]]; then 36 + echo -e "\e[0;31mError: File $1 does not exist.\e[0m" 37 + exit 1 38 + fi 39 + } 40 + 41 + copy_keys() { 42 + check_file_exists "/mnt/usb/id_ed25519_agenix.pub" 43 + check_file_exists "/mnt/usb/id_ed25519_agenix" 44 + cp /mnt/usb/id_ed25519_agenix.pub $SSH_DIR 45 + cp /mnt/usb/id_ed25519_agenix $SSH_DIR 46 + chmod 600 $SSH_DIR/id_ed25519_{agenix,agenix.pub} 47 + echo -e "\e[0;32mKeys copied successfully.\e[0m" 48 + } 49 + 50 + set_keys() { 51 + check_file_exists "/mnt/usb/id_ed25519_github.pub" 52 + check_file_exists "/mnt/usb/id_ed25519_github" 53 + cp /mnt/usb/id_ed25519_github.pub $SSH_DIR/id_ed25519.pub 54 + cp /mnt/usb/id_ed25519_github $SSH_DIR/id_ed25519 55 + chmod 600 $SSH_DIR/id_ed25519 56 + chmod 644 $SSH_DIR/id_ed25519.pub 57 + } 58 + 59 + change_ownership() { 60 + chown nixos:wheel $SSH_DIR/id_ed25519{,.pub} 61 + chown nixos:wheel $SSH_DIR/id_ed25519_{agenix,agenix.pub} 62 + } 63 + 64 + trap unmount_usb EXIT 65 + 66 + setup_ssh_directory 67 + mount_usb 68 + copy_keys 69 + set_keys 70 + change_ownership 71 + unmount_usb

+27

apps/x86_64-linux/create-keys

··· 1 + #!/usr/bin/env bash 2 + set -e 3 + 4 + RED='\033[0;31m' 5 + GREEN='\033[0;32m' 6 + NC='\033[0m' 7 + 8 + # We're assuming this is being run as root in the NixOS installer 9 + export SSH_DIR=/root/.ssh 10 + 11 + setup_ssh_directory() { 12 + mkdir -p ${SSH_DIR} 13 + } 14 + 15 + generate_keys() { 16 + ssh-keygen -t ed25519 -f "${SSH_DIR}/id_ed25519" -N "" 17 + ssh-keygen -t ed25519 -f "${SSH_DIR}/id_ed25519_agenix" -N "" 18 + chmod 600 ${SSH_DIR}/id_ed25519{,_agenix}{,.pub} 19 + } 20 + 21 + setup_ssh_directory 22 + generate_keys 23 + 24 + echo -e "${GREEN}New SSH keys have been generated.${NC}" 25 + echo -e "${GREEN}1) Add the id_ed25519 key to Github.${NC}" 26 + cat "${SSH_DIR}/id_ed25519.pub" 27 + echo -e "${GREEN}2) Create a private nix-secrets repo in Github, even if it's empty.${NC}"

+80

apps/x86_64-linux/install

··· 1 + #!/usr/bin/env bash 2 + set -exu 3 + 4 + check_installer() { 5 + if [ -e /etc/NIXOS ]; then 6 + echo -e "\e[1;32mRunning in the NixOS installer environment.\e[0m" 7 + else 8 + echo -e "\e[1;31mNot running in the NixOS installer environment.\e[0m" 9 + exit 1 10 + fi 11 + } 12 + 13 + cleanup() { 14 + rm -rf nixos-config-main.zip nixos-config-main nixos-config 15 + } 16 + 17 + download_config() { 18 + curl -LJ0 https://github.com/dustinlyons/nixos-config/archive/main.zip -o nixos-config-main.zip 19 + unzip nixos-config-main.zip 20 + mv nixos-config-main/templates/starter nixos-config 21 + cd nixos-config 22 + } 23 + 24 + run_apply() { 25 + ./apps/x86_64-linux/apply 26 + if [ ! -f /tmp/username.txt ]; then 27 + echo -e "\e[1;31mError: /tmp/username.txt does not exist.\e[0m" 28 + exit 1 29 + fi 30 + export USERNAME=$(cat /tmp/username.txt) 31 + } 32 + 33 + run_disko() { 34 + sudo nix run --extra-experimental-features nix-command --extra-experimental-features flakes \ 35 + github:nix-community/disko -- --mode zap_create_mount ./modules/nixos/disk-config.nix 36 + } 37 + 38 + setup_files() { 39 + sudo mkdir -p /mnt/etc/nixos 40 + sudo cp -r * /mnt/etc/nixos 41 + cd /mnt/etc/nixos 42 + } 43 + 44 + install_nixos() { 45 + ARCH=$(uname -m) 46 + 47 + case "$ARCH" in 48 + x86_64) 49 + FLAKE_TARGET="x86_64-linux" 50 + ;; 51 + aarch64) 52 + FLAKE_TARGET="aarch64-linux" 53 + ;; 54 + *) 55 + echo -e "${RED}Unsupported architecture: $ARCH${CLEAR}" 56 + exit 1 57 + ;; 58 + esac 59 + 60 + sudo nixos-install --flake .#$FLAKE_TARGET $@ 61 + sudo chmod -R 775 /mnt/etc/nixos 62 + } 63 + 64 + prompt_reboot() { 65 + read -p "Do you want to reboot now? (y/yes) " choice 66 + case "$choice" in 67 + y|Y|yes|YES ) echo -e "\e[1;32mRebooting...\e[0m" && sudo reboot;; 68 + * ) echo -e "\e[1;33mReboot skipped.\e[0m";; 69 + esac 70 + } 71 + 72 + cleanup 73 + check_installer 74 + download_config 75 + run_apply 76 + run_disko 77 + setup_files 78 + install_nixos 79 + cleanup 80 + prompt_reboot

+104

apps/x86_64-linux/install-with-secrets

··· 1 + #!/usr/bin/env bash 2 + set -exu 3 + 4 + check_installer() { 5 + if [ -e /etc/NIXOS ]; then 6 + echo -e "\e[1;32mRunning in the NixOS installer environment.\e[0m" 7 + else 8 + echo -e "\e[1;31mNot running in the NixOS installer environment.\e[0m" 9 + exit 1 10 + fi 11 + } 12 + 13 + cleanup() { 14 + rm -rf nixos-config-main.zip nixos-config-main nixos-config 15 + } 16 + 17 + download_config() { 18 + curl -LJ0 https://github.com/dustinlyons/nixos-config/archive/main.zip -o nixos-config-main.zip 19 + unzip nixos-config-main.zip 20 + mv nixos-config-main/templates/starterWithSecrets nixos-config 21 + cd nixos-config 22 + } 23 + 24 + run_apply() { 25 + ./apps/x86_64-linux/apply 26 + if [ ! -f /tmp/username.txt ]; then 27 + echo -e "\e[1;31mError: /tmp/username.txt does not exist.\e[0m" 28 + exit 1 29 + fi 30 + export USERNAME=$(cat /tmp/username.txt) 31 + } 32 + 33 + run_disko() { 34 + sudo nix run --extra-experimental-features nix-command --extra-experimental-features flakes \ 35 + github:nix-community/disko -- --mode zap_create_mount ./modules/nixos/disk-config.nix 36 + } 37 + 38 + setup_files() { 39 + sudo mkdir -p /mnt/etc/nixos 40 + sudo cp -r * /mnt/etc/nixos 41 + cd /mnt/etc/nixos 42 + 43 + mkdir -p /root/.ssh 44 + touch /root/.ssh/known_hosts 45 + ssh-keyscan -t ed25519 github.com >> /root/.ssh/known_hosts 46 + } 47 + 48 + setup_ssh_keys() { 49 + mkdir -p /mnt/home/${USERNAME}/.ssh 50 + chown nixos /mnt/home/${USERNAME}/.ssh 51 + 52 + chown nixos /root/.ssh/id_ed25519_agenix{,.pub} 53 + cp --preserve=all /root/.ssh/id_ed25519_agenix /mnt/home/${USERNAME}/.ssh/id_ed25519 54 + cp --preserve=all /root/.ssh/id_ed25519_agenix.pub /mnt/home/${USERNAME}/.ssh/id_ed25519.pub 55 + cp --preserve=all /root/.ssh/id_ed25519 /mnt/home/${USERNAME}/.ssh/id_github 56 + cp --preserve=all /root/.ssh/id_ed25519.pub /mnt/home/${USERNAME}/.ssh/id_github.pub 57 + 58 + chmod 600 /mnt/home/${USERNAME}/.ssh/id_ed25519{,.pub} 59 + chmod 600 /mnt/home/${USERNAME}/.ssh/id_github{,.pub} 60 + } 61 + 62 + link_home_dir() { 63 + ln -s /mnt/home/${USERNAME} /home/${USERNAME} # Used to grab initial secrets 64 + } 65 + 66 + install_nixos() { 67 + ARCH=$(uname -m) 68 + 69 + case "$ARCH" in 70 + x86_64) 71 + FLAKE_TARGET="x86_64-linux" 72 + ;; 73 + aarch64) 74 + FLAKE_TARGET="aarch64-linux" 75 + ;; 76 + *) 77 + echo -e "${RED}Unsupported architecture: $ARCH${CLEAR}" 78 + exit 1 79 + ;; 80 + esac 81 + 82 + sudo nixos-install --flake .#$FLAKE_TARGET $@ 83 + sudo chmod -R 775 /mnt/etc/nixos 84 + } 85 + 86 + prompt_reboot() { 87 + read -p "Do you want to reboot now? (y/yes) " choice 88 + case "$choice" in 89 + y|Y|yes|YES ) echo -e "\e[1;32mRebooting...\e[0m" && sudo reboot;; 90 + * ) echo -e "\e[1;33mReboot skipped.\e[0m";; 91 + esac 92 + } 93 + 94 + cleanup 95 + check_installer 96 + download_config 97 + run_apply 98 + run_disko 99 + setup_files 100 + setup_ssh_keys 101 + link_home_dir 102 + install_nixos 103 + cleanup 104 + prompt_reboot

+196 -4

flake.lock

··· 47 47 "url": "ssh://gitea@git.sealight.xyz/aynish/basant" 48 48 } 49 49 }, 50 + "brew-src": { 51 + "flake": false, 52 + "locked": { 53 + "lastModified": 1705326576, 54 + "narHash": "sha256-9PvMgHgdbpb5vBO8fHCRufodR731ynzGMF9+68vKWck=", 55 + "owner": "Homebrew", 56 + "repo": "brew", 57 + "rev": "1c612baa096c69f2fcb221c74e6f5b9979efdcee", 58 + "type": "github" 59 + }, 60 + "original": { 61 + "owner": "Homebrew", 62 + "ref": "4.2.4", 63 + "repo": "brew", 64 + "type": "github" 65 + } 66 + }, 50 67 "darwin": { 51 68 "inputs": { 52 69 "nixpkgs": [ ··· 64 81 }, 65 82 "original": { 66 83 "owner": "lnl7", 84 + "ref": "master", 85 + "repo": "nix-darwin", 86 + "type": "github" 87 + } 88 + }, 89 + "darwin_2": { 90 + "inputs": { 91 + "nixpkgs": [ 92 + "nixpkgs" 93 + ] 94 + }, 95 + "locked": { 96 + "lastModified": 1709771483, 97 + "narHash": "sha256-Hjzu9nCknHLQvhdaRFfCEprH0o15KcaNu1QDr3J88DI=", 98 + "owner": "LnL7", 99 + "repo": "nix-darwin", 100 + "rev": "550340062c16d7ef8c2cc20a3d2b97bcd3c6b6f6", 101 + "type": "github" 102 + }, 103 + "original": { 104 + "owner": "LnL7", 67 105 "ref": "master", 68 106 "repo": "nix-darwin", 69 107 "type": "github" ··· 268 306 "systems": "systems_3" 269 307 }, 270 308 "locked": { 309 + "lastModified": 1687709756, 310 + "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", 311 + "owner": "numtide", 312 + "repo": "flake-utils", 313 + "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", 314 + "type": "github" 315 + }, 316 + "original": { 317 + "owner": "numtide", 318 + "repo": "flake-utils", 319 + "type": "github" 320 + } 321 + }, 322 + "flake-utils_5": { 323 + "inputs": { 324 + "systems": "systems_4" 325 + }, 326 + "locked": { 271 327 "lastModified": 1681202837, 272 328 "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", 273 329 "owner": "numtide", ··· 360 416 "type": "github" 361 417 } 362 418 }, 419 + "homebrew-bundle": { 420 + "flake": false, 421 + "locked": { 422 + "lastModified": 1709834002, 423 + "narHash": "sha256-KNRwMnyo6ZLphIh2bn02KNOtRf2X3NHqUbS7y4Vmn+M=", 424 + "owner": "homebrew", 425 + "repo": "homebrew-bundle", 426 + "rev": "bb1c80baa7fac67bbffe81a2862c75a5dc7ea4a7", 427 + "type": "github" 428 + }, 429 + "original": { 430 + "owner": "homebrew", 431 + "repo": "homebrew-bundle", 432 + "type": "github" 433 + } 434 + }, 435 + "homebrew-cask": { 436 + "flake": false, 437 + "locked": { 438 + "lastModified": 1709955474, 439 + "narHash": "sha256-pE5x579FqCieeeEmrUtNKoBsMG41WSOfGWtXCTI9FP4=", 440 + "owner": "homebrew", 441 + "repo": "homebrew-cask", 442 + "rev": "43b9db57368e350c116398c7da6cb5401cd37ebe", 443 + "type": "github" 444 + }, 445 + "original": { 446 + "owner": "homebrew", 447 + "repo": "homebrew-cask", 448 + "type": "github" 449 + } 450 + }, 451 + "homebrew-core": { 452 + "flake": false, 453 + "locked": { 454 + "lastModified": 1709956143, 455 + "narHash": "sha256-5eyfpnVhxVv3+n53vp4j9DNx7O+mqtQqUn90JKS1PMM=", 456 + "owner": "homebrew", 457 + "repo": "homebrew-core", 458 + "rev": "a38d7e99bc103e9564208f2d155701d70001c8cc", 459 + "type": "github" 460 + }, 461 + "original": { 462 + "owner": "homebrew", 463 + "repo": "homebrew-core", 464 + "type": "github" 465 + } 466 + }, 363 467 "llamacpp": { 364 468 "inputs": { 365 469 "flake-utils": "flake-utils_3", ··· 381 485 "type": "github" 382 486 } 383 487 }, 488 + "nix-darwin": { 489 + "inputs": { 490 + "nixpkgs": "nixpkgs" 491 + }, 492 + "locked": { 493 + "lastModified": 1688307440, 494 + "narHash": "sha256-7PTjbN+/+b799YN7Tk2SS5Vh8A0L3gBo8hmB7Y0VXug=", 495 + "owner": "LnL7", 496 + "repo": "nix-darwin", 497 + "rev": "b06bab83bdf285ea0ae3c8e145a081eb95959047", 498 + "type": "github" 499 + }, 500 + "original": { 501 + "owner": "LnL7", 502 + "repo": "nix-darwin", 503 + "type": "github" 504 + } 505 + }, 506 + "nix-homebrew": { 507 + "inputs": { 508 + "brew-src": "brew-src", 509 + "flake-utils": "flake-utils_4", 510 + "nix-darwin": "nix-darwin", 511 + "nixpkgs": "nixpkgs_2" 512 + }, 513 + "locked": { 514 + "lastModified": 1705952034, 515 + "narHash": "sha256-H0nk8Gk8kPw4yi2WwOTsSHgPrzSwyNgWEYHk10IJwfc=", 516 + "owner": "zhaofengli-wip", 517 + "repo": "nix-homebrew", 518 + "rev": "40f5ee46b58e7c5f1927e2c5a583dc3d7e571ed9", 519 + "type": "github" 520 + }, 521 + "original": { 522 + "owner": "zhaofengli-wip", 523 + "repo": "nix-homebrew", 524 + "type": "github" 525 + } 526 + }, 384 527 "nix-matrix-appservices": { 385 528 "inputs": { 386 529 "devshell": "devshell", 387 530 "flake-compat": "flake-compat_3", 388 531 "nixlib": "nixlib", 389 - "nixpkgs": "nixpkgs" 532 + "nixpkgs": "nixpkgs_3" 390 533 }, 391 534 "locked": { 392 535 "lastModified": 1683490239, ··· 435 578 }, 436 579 "nixpkgs": { 437 580 "locked": { 581 + "lastModified": 1687274257, 582 + "narHash": "sha256-TutzPriQcZ8FghDhEolnHcYU2oHIG5XWF+/SUBNnAOE=", 583 + "path": "/nix/store/22qgs3skscd9bmrxv9xv4q5d4wwm5ppx-source", 584 + "rev": "2c9ecd1f0400076a4d6b2193ad468ff0a7e7fdc5", 585 + "type": "path" 586 + }, 587 + "original": { 588 + "id": "nixpkgs", 589 + "type": "indirect" 590 + } 591 + }, 592 + "nixpkgs_2": { 593 + "locked": { 594 + "lastModified": 1688049487, 595 + "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", 596 + "owner": "NixOS", 597 + "repo": "nixpkgs", 598 + "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", 599 + "type": "github" 600 + }, 601 + "original": { 602 + "owner": "NixOS", 603 + "ref": "nixos-unstable", 604 + "repo": "nixpkgs", 605 + "type": "github" 606 + } 607 + }, 608 + "nixpkgs_3": { 609 + "locked": { 438 610 "lastModified": 1662099760, 439 611 "narHash": "sha256-MdZLCTJPeHi/9fg6R9fiunyDwP3XHJqDd51zWWz9px0=", 440 612 "owner": "NixOS", ··· 449 621 "type": "github" 450 622 } 451 623 }, 452 - "nixpkgs_2": { 624 + "nixpkgs_4": { 453 625 "locked": { 454 626 "lastModified": 1704874635, 455 627 "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", ··· 505 677 "inputs": { 506 678 "agenix": "agenix", 507 679 "basant": "basant", 680 + "darwin": "darwin_2", 508 681 "deploy-rs": "deploy-rs", 509 682 "disko": "disko", 510 683 "eww": "eww", 511 684 "grasp": "grasp", 512 685 "hardware": "hardware", 513 686 "home-manager": "home-manager_2", 687 + "homebrew-bundle": "homebrew-bundle", 688 + "homebrew-cask": "homebrew-cask", 689 + "homebrew-core": "homebrew-core", 514 690 "llamacpp": "llamacpp", 691 + "nix-homebrew": "nix-homebrew", 515 692 "nix-matrix-appservices": "nix-matrix-appservices", 516 693 "nixos-hardware": "nixos-hardware", 517 - "nixpkgs": "nixpkgs_2", 694 + "nixpkgs": "nixpkgs_4", 518 695 "nur": "nur", 519 696 "poonam": "poonam", 520 697 "rust-overlay": "rust-overlay", ··· 525 702 }, 526 703 "rust-overlay": { 527 704 "inputs": { 528 - "flake-utils": "flake-utils_4", 705 + "flake-utils": "flake-utils_5", 529 706 "nixpkgs": [ 530 707 "nixpkgs" 531 708 ] ··· 592 769 } 593 770 }, 594 771 "systems_3": { 772 + "locked": { 773 + "lastModified": 1681028828, 774 + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 775 + "owner": "nix-systems", 776 + "repo": "default", 777 + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 778 + "type": "github" 779 + }, 780 + "original": { 781 + "owner": "nix-systems", 782 + "repo": "default", 783 + "type": "github" 784 + } 785 + }, 786 + "systems_4": { 595 787 "locked": { 596 788 "lastModified": 1681028828, 597 789 "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

+64 -3

flake.nix

··· 34 34 # Matrix 35 35 nix-matrix-appservices.url = "gitlab:coffeetables/nix-matrix-appservices"; 36 36 37 + # OSX 38 + darwin = { 39 + url = "github:LnL7/nix-darwin/master"; 40 + inputs.nixpkgs.follows = "nixpkgs"; 41 + }; 42 + nix-homebrew = { 43 + url = "github:zhaofengli-wip/nix-homebrew"; 44 + }; 45 + homebrew-bundle = { 46 + url = "github:homebrew/homebrew-bundle"; 47 + flake = false; 48 + }; 49 + homebrew-core = { 50 + url = "github:homebrew/homebrew-core"; 51 + flake = false; 52 + }; 53 + homebrew-cask = { 54 + url = "github:homebrew/homebrew-cask"; 55 + flake = false; 56 + }; 57 + 37 58 # Others 38 59 nur.url = "github:nix-community/NUR"; 39 60 rust-overlay = { ··· 76 97 , eww 77 98 , llamacpp 78 99 , vimwikicli 100 + , darwin 101 + , nix-homebrew 102 + , homebrew-bundle 103 + , homebrew-core 104 + , homebrew-cask 79 105 , ... 80 106 }@inputs: 81 107 let ··· 118 144 nix-matrix-appservices.overlay 119 145 unstableOverlay 120 146 llamaOverlay 121 - vimwikiOverlay 147 + # TODO Not available publically 148 + # vimwikiOverlay 122 149 self.overlays.additions 123 150 self.overlays.modifications 124 151 ]; ··· 136 163 tidalcycles.overlays.default # needed for nvim which comes pre-installed lol 137 164 ]; 138 165 }); 166 + 167 + darwinSystems = [ "aarch64-darwin" "x86_64-darwin" ]; 139 168 in 140 169 { 141 - # Your custom packages 142 - # Acessible through 'nix build', 'nix shell', etc 143 170 packages = forAllSystems (system: 144 171 let pkgs = nixpkgsFor.${system}; 145 172 in import ./pkgs { pkgs = pkgs; } 146 173 ); 174 + 147 175 # Devshell for bootstrapping 148 176 # Acessible through 'nix develop' or 'nix-shell' (legacy) 149 177 devShells = forAllSystems (system: ··· 159 187 # Reusable home-manager modules you might want to export 160 188 # These are usually stuff you would upstream into home-manager 161 189 homeManagerModules = import ./modules/home-manager; 190 + 191 + darwinConfigurations = { 192 + "Anishs-MacBook-Pro" = darwin.lib.darwinSystem rec { 193 + system = "aarch64-darwin"; 194 + pkgs = nixpkgsFor.${system}; 195 + specialArgs = { inherit inputs self; }; 196 + modules = [ 197 + ./hosts/darwin 198 + # agenix.darwinModule.age 199 + home-manager.darwinModules.home-manager 200 + nix-homebrew.darwinModules.nix-homebrew 201 + { 202 + users.users.anishlakhwara.home = "/Users/anishlakhwara"; 203 + home-manager = { 204 + users.anishlakhwara = import ./home/darwin; 205 + useGlobalPkgs = true; 206 + useUserPackages = true; 207 + }; 208 + nix-homebrew = { 209 + user = "anishlakhwara"; 210 + enable = true; 211 + taps = { 212 + "homebrew/homebrew-core" = homebrew-core; 213 + "homebrew/homebrew-cask" = homebrew-cask; 214 + "homebrew/homebrew-bundle" = homebrew-bundle; 215 + }; 216 + mutableTaps = false; 217 + autoMigrate = true; 218 + }; 219 + } 220 + ]; 221 + }; 222 + }; 162 223 163 224 # NixOS configuration entrypoint 164 225 nixosConfigurations = {

+26

home/darwin/default.nix

··· 1 + { self, pkgs, ... }: 2 + { 3 + imports = [ 4 + ../profiles/nvim 5 + ../profiles/cli 6 + ../profiles/direnv 7 + ../profiles/git 8 + ../profiles/task 9 + ../profiles/kitty 10 + # ../profiles/firefox 11 + ]; 12 + 13 + home.username = "anishlakhwara"; 14 + home.homeDirectory = "/Users/anishlakhwara"; 15 + home.stateVersion = "22.05"; 16 + 17 + programs.zsh.initExtra = "PATH=/Users/anishlakhwara/.sg:/opt/homebrew/bin:$PATH"; 18 + 19 + # Managing sketchybar plugins from home-manager 20 + home.file = { 21 + ".config/sketchybar" = { 22 + source = ./sketchybar; 23 + recursive = true; 24 + }; 25 + }; 26 + }

+20

home/darwin/sketchybar/items/battery.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + COLOR="$CYAN" 4 + 5 + sketchybar --add item battery right \ 6 + --set battery \ 7 + update_freq=60 \ 8 + icon.color="$COLOR" \ 9 + icon.padding_left=10 \ 10 + label.padding_right=10 \ 11 + label.color="$COLOR" \ 12 + background.height=26 \ 13 + background.corner_radius="$CORNER_RADIUS" \ 14 + background.padding_right=5 \ 15 + background.border_width="$BORDER_WIDTH" \ 16 + background.border_color="$COLOR" \ 17 + background.color="$BAR_COLOR" \ 18 + background.drawing=on \ 19 + script="$PLUGIN_DIR/power.sh" \ 20 + --subscribe battery power_source_change

+18

home/darwin/sketchybar/items/calendar.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + COLOR="$BLUE" 4 + 5 + sketchybar --add item calendar right \ 6 + --set calendar update_freq=15 \ 7 + icon.color="$COLOR" \ 8 + icon.padding_left=10 \ 9 + label.color="$COLOR" \ 10 + label.padding_right=10 \ 11 + background.height=26 \ 12 + background.corner_radius="$CORNER_RADIUS" \ 13 + background.padding_right=5 \ 14 + background.border_width="$BORDER_WIDTH" \ 15 + background.border_color="$COLOR" \ 16 + background.color="$BAR_COLOR" \ 17 + background.drawing=on \ 18 + script="$PLUGIN_DIR/calendar.sh"

+21

home/darwin/sketchybar/items/clock.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + COLOR="$MAGENTA" 4 + 5 + sketchybar --add item clock right \ 6 + --set clock update_freq=60 \ 7 + icon.padding_left=10 \ 8 + icon.color="$COLOR" \ 9 + icon=" " \ 10 + label.color="$COLOR" \ 11 + label.padding_right=5 \ 12 + label.width=43 \ 13 + align=center \ 14 + background.height=26 \ 15 + background.corner_radius="$CORNER_RADIUS" \ 16 + background.padding_right=2 \ 17 + background.border_width="$BORDER_WIDTH" \ 18 + background.border_color="$COLOR" \ 19 + background.color="$BAR_COLOR" \ 20 + background.drawing=on \ 21 + script="$PLUGIN_DIR/clock.sh"

+19

home/darwin/sketchybar/items/cpu.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + COLOR="$YELLOW" 4 + 5 + sketchybar --add item cpu right \ 6 + --set cpu \ 7 + update_freq=3 \ 8 + icon.color="$COLOR" \ 9 + icon.padding_left=10 \ 10 + label.color="$COLOR" \ 11 + label.padding_right=10 \ 12 + background.height=26 \ 13 + background.corner_radius="$CORNER_RADIUS" \ 14 + background.padding_right=5 \ 15 + background.border_width="$BORDER_WIDTH" \ 16 + background.border_color="$COLOR" \ 17 + background.color="$BAR_COLOR" \ 18 + background.drawing=on \ 19 + script="$PLUGIN_DIR/cpu.sh"

+20

home/darwin/sketchybar/items/front_app.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + COLOR="$WHITE" 4 + 5 + sketchybar \ 6 + --add item front_app left \ 7 + --set front_app script="$PLUGIN_DIR/front_app.sh" \ 8 + icon.drawing=off \ 9 + background.height=26 \ 10 + background.padding_left=0 \ 11 + background.padding_right=10 \ 12 + background.border_width="$BORDER_WIDTH" \ 13 + background.border_color="$COLOR" \ 14 + background.corner_radius="$CORNER_RADIUS" \ 15 + background.color="$BAR_COLOR" \ 16 + label.color="$COLOR" \ 17 + label.padding_left=10 \ 18 + label.padding_right=10 \ 19 + associated_display=active \ 20 + --subscribe front_app front_app_switched

+44

home/darwin/sketchybar/items/spaces.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + SPACE_ICONS=("1" "2" "3" "4" "5" "6" "7" "8" "9" "10") 4 + 5 + sketchybar --add item spacer.1 left \ 6 + --set spacer.1 background.drawing=off \ 7 + label.drawing=off \ 8 + icon.drawing=off \ 9 + width=10 10 + 11 + for i in {0..9}; do 12 + sid=$((i + 1)) 13 + sketchybar --add space space.$sid left \ 14 + --set space.$sid associated_space=$sid \ 15 + label.drawing=off \ 16 + icon.padding_left=10 \ 17 + icon.padding_right=10 \ 18 + background.padding_left=-5 \ 19 + background.padding_right=-5 \ 20 + script="$PLUGIN_DIR/space.sh" 21 + done 22 + 23 + sketchybar --add item spacer.2 left \ 24 + --set spacer.2 background.drawing=off \ 25 + label.drawing=off \ 26 + icon.drawing=off \ 27 + width=5 28 + 29 + sketchybar --add bracket spaces '/space.*/' \ 30 + --set spaces background.border_width="$BORDER_WIDTH" \ 31 + background.border_color="$RED" \ 32 + background.corner_radius="$CORNER_RADIUS" \ 33 + background.color="$BAR_COLOR" \ 34 + background.height=26 \ 35 + background.drawing=on 36 + 37 + sketchybar --add item separator left \ 38 + --set separator icon= \ 39 + icon.font="$FONT:Regular:16.0" \ 40 + background.padding_left=26 \ 41 + background.padding_right=15 \ 42 + label.drawing=off \ 43 + associated_display=active \ 44 + icon.color="$YELLOW"

+23

home/darwin/sketchybar/items/spotify.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + COLOR="$ORANGE" 4 + 5 + sketchybar --add item spotify q \ 6 + --set spotify \ 7 + scroll_texts=on \ 8 + icon=󰎆 \ 9 + icon.color="$COLOR" \ 10 + icon.padding_left=10 \ 11 + background.color="$BAR_COLOR" \ 12 + background.height=26 \ 13 + background.corner_radius="$CORNER_RADIUS" \ 14 + background.border_width="$BORDER_WIDTH" \ 15 + background.border_color="$COLOR" \ 16 + background.padding_right=-5 \ 17 + background.drawing=on \ 18 + label.padding_right=10 \ 19 + label.max_chars=20 \ 20 + associated_display=active \ 21 + updates=on \ 22 + script="$PLUGIN_DIR/spotify.sh" \ 23 + --subscribe spotify media_change

+20

home/darwin/sketchybar/items/volume.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + COLOR="$GREEN" 4 + 5 + sketchybar \ 6 + --add item sound right \ 7 + --set sound \ 8 + icon.color="$COLOR" \ 9 + icon.padding_left=10 \ 10 + label.color="$COLOR" \ 11 + label.padding_right=10 \ 12 + background.height=26 \ 13 + background.corner_radius="$CORNER_RADIUS" \ 14 + background.padding_right=5 \ 15 + background.border_width="$BORDER_WIDTH" \ 16 + background.border_color="$COLOR" \ 17 + background.color="$BAR_COLOR" \ 18 + background.drawing=on \ 19 + script="$PLUGIN_DIR/sound.sh" \ 20 + --subscribe sound volume_change

+3

home/darwin/sketchybar/plugins/calendar.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + sketchybar --set "$NAME" icon="󰸗 " label="$(date '+%a %d. %b')"

+4

home/darwin/sketchybar/plugins/clock.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + LABEL=$(date '+%H:%M') 4 + sketchybar --set "$NAME" icon=" " label="$LABEL"

+3

home/darwin/sketchybar/plugins/cpu.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + sketchybar --set "$NAME" icon="" label="$(ps -A -o %cpu | awk '{s+=$1} END {s /= 8} END {printf "%.1f%%\n", s}')"

+7

home/darwin/sketchybar/plugins/front_app.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + case "$SENDER" in 4 + "front_app_switched") 5 + sketchybar --set "$NAME" label="$INFO" 6 + ;; 7 + esac

+30

home/darwin/sketchybar/plugins/power.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + PERCENTAGE=$(pmset -g batt | grep -Eo "\d+%" | cut -d% -f1) 4 + CHARGING=$(pmset -g batt | grep 'AC Power') 5 + 6 + if [ "$PERCENTAGE" = "" ]; then 7 + exit 0 8 + fi 9 + 10 + case ${PERCENTAGE} in 11 + 9[0-9] | 100) 12 + ICON=" " 13 + ;; 14 + [6-8][0-9]) 15 + ICON=" " 16 + ;; 17 + [3-5][0-9]) 18 + ICON=" " 19 + ;; 20 + [1-2][0-9]) 21 + ICON=" " 22 + ;; 23 + *) ICON=" " ;; 24 + esac 25 + 26 + if [ "$CHARGING" != "" ]; then 27 + ICON="" 28 + fi 29 + 30 + sketchybar --set "$NAME" icon="$ICON" label="${PERCENTAGE}% "

+20

home/darwin/sketchybar/plugins/sound.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + VOLUME=$(osascript -e "output volume of (get volume settings)") 4 + MUTED=$(osascript -e "output muted of (get volume settings)") 5 + 6 + if [ "$MUTED" != "false" ]; then 7 + ICON="󰖁 " 8 + VOLUME=0 9 + else 10 + case ${VOLUME} in 11 + 100) ICON=" " ;; 12 + [5-9]*) ICON=" " ;; 13 + [0-9]*) ICON=" " ;; 14 + *) ICON=" " ;; 15 + esac 16 + fi 17 + 18 + sketchybar -m \ 19 + --set "$NAME" icon=$ICON \ 20 + --set "$NAME" label="$VOLUME%"

+19

home/darwin/sketchybar/plugins/space.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + source "$HOME/.config/sketchybar/variables.sh" # Loads all defined colors 4 + 5 + SPACE_ICONS=(" " " " "󰺻 " " " " " "6" "7" "8" "9" "10") 6 + 7 + SPACE_CLICK_SCRIPT="yabai -m space --focus $SID 2>/dev/null" 8 + 9 + if [ "$SELECTED" = "true" ]; then 10 + sketchybar --animate tanh 5 --set "$NAME" \ 11 + icon.color="$RED" \ 12 + icon="${SPACE_ICONS[$SID - 1]}" \ 13 + click_script="$SPACE_CLICK_SCRIPT" 14 + else 15 + sketchybar --animate tanh 5 --set "$NAME" \ 16 + icon.color="$COMMENT" \ 17 + icon="${SPACE_ICONS[$SID - 1]}" \ 18 + click_script="$SPACE_CLICK_SCRIPT" 19 + fi

+11

home/darwin/sketchybar/plugins/spotify.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + STATE="$(echo "$INFO" | jq -r '.state')" 4 + APP="$(echo "$INFO" | jq -r '.app')" 5 + 6 + if [ "$STATE" = "playing" ] && [ "$APP" == "Spotify" ]; then 7 + MEDIA="$(echo "$INFO" | jq -r '.title + " - " + .artist')" 8 + sketchybar --set "$NAME" label="$MEDIA" drawing=on 9 + else 10 + sketchybar --set "$NAME" drawing=off 11 + fi

+50

home/darwin/sketchybar/variables.sh

··· 1 + #!/usr/bin/env sh 2 + 3 + # Color Palette 4 + # Tokyonight Night 5 + BLACK=0xff24283b 6 + WHITE=0xffa9b1d6 7 + MAGENTA=0xffbb9af7 8 + BLUE=0xff7aa2f7 9 + CYAN=0xff7dcfff 10 + GREEN=0xff9ece6a 11 + YELLOW=0xffe0af68 12 + ORANGE=0xffff9e64 13 + RED=0xfff7768e 14 + BAR_COLOR=0xff1a1b26 15 + COMMENT=0xff565f89 16 + 17 + # Tokyonight Day 18 + # BLACK=0xffe9e9ed 19 + # WHITE=0xff3760bf 20 + # MAGENTA=0xff9854f1 21 + # BLUE=0xff2e7de9 22 + # CYAN=0xff007197 23 + # GREEN=0xff587539 24 + # YELLOW=0xff8c6c3e 25 + # ORANGE=0xffb15c00 26 + # RED=0xfff52a65 27 + # BAR_COLOR=0xffe1e2e7 28 + 29 + TRANSPARENT=0x00000000 30 + 31 + # General bar colors 32 + ICON_COLOR=$WHITE # Color of all icons 33 + LABEL_COLOR=$WHITE # Color of all labels 34 + 35 + ITEM_DIR="$HOME/.config/sketchybar/items" 36 + PLUGIN_DIR="$HOME/.config/sketchybar/plugins" 37 + 38 + FONT="Iosevka Nerd Font" 39 + 40 + PADDINGS=3 41 + 42 + POPUP_BORDER_WIDTH=2 43 + POPUP_CORNER_RADIUS=11 44 + POPUP_BACKGROUND_COLOR=$BLACK 45 + POPUP_BORDER_COLOR=$COMMENT 46 + 47 + CORNER_RADIUS=15 48 + BORDER_WIDTH=2 49 + 50 + SHADOW=on

+1

home/gui/default.nix

··· 8 8 ../profiles/cal 9 9 ../profiles/sync/kitaab 10 10 ../profiles/ssh 11 + ../profiles/kitty 11 12 ]; 12 13 }

+24 -20

home/profiles/cli/default.nix

··· 2 2 { 3 3 home.packages = with pkgs; [ 4 4 binutils 5 - coreutils 5 + # coreutils 6 6 dnsutils 7 7 dasht 8 8 dosfstools 9 - #git 9 + # git 10 10 bottom 11 11 gptfdisk 12 12 starship 13 - iputils 14 - jq 13 + # TODO Not available on Darwin 14 + # iputils 15 + # usbutils 16 + # cached-nix-shell 17 + # utillinux 18 + # strace 19 + # mtr 20 + # gdb 21 + # fontconfig 22 + # whois 23 + 24 + # jq 15 25 manix 16 26 moreutils 17 27 nix-index 18 - cached-nix-shell 19 28 nmap 20 29 ripgrep 21 30 skim 22 31 tealdeer 23 - usbutils 24 - utillinux 25 - whois 26 32 iftop 27 33 wget 28 34 curl 29 - exa 35 + eza 30 36 bat 31 37 fd 32 38 ncdu ··· 35 41 nix-index 36 42 silver-searcher 37 43 tcpdump 38 - mtr 39 44 file 40 45 lsof 41 46 atool 42 - strace 43 47 zip 44 48 unzip 45 49 rsync ··· 48 52 glow 49 53 pass 50 54 less 51 - gdb 52 55 xxd 53 56 taskwarrior 54 57 gnupg 55 58 syncthing 56 59 dijo 57 - #ssb-patchwork 58 - fontconfig 60 + # ssb-patchwork 59 61 pandoc 60 62 taskwarrior-tui 61 - python3Packages.howdoi 62 - vimwiki-cli 63 + # TODO marked broken 64 + # python3Packages.howdoi 63 65 64 66 (pkgs.writeScriptBin "jq-repl" '' 65 67 #!/usr/bin/env bash ··· 202 204 enableZshIntegration = true; 203 205 }; 204 206 205 - services.kdeconnect.enable = true; 207 + # Only available on Linux 208 + # services.kdeconnect.enable = true; 206 209 207 210 home.shellAliases = { 208 211 # quick cd ··· 216 219 gen-secret = "< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c\${1:-32};echo;"; 217 220 218 221 # modern cli tools 219 - ls = "exa --icons"; 220 - l = "exa -l --icons"; 221 - la = "exa -la --icons"; 222 + ls = "eza --icons"; 223 + l = "eza -l --icons"; 224 + la = "eza -la --icons"; 222 225 tree = "ls --tree --icons"; 223 226 cat = "bat"; 224 227 unzip = "aunpack"; ··· 272 275 srch = "ns nixpkgs"; 273 276 orch = "ns override"; 274 277 nrb = "cd /tmp; sudo nixos-rebuild switch --flake '/home/anish/usr/helm#curve'; cd $OLDPWD"; 278 + nrd = "cd /tmp; darwin-rebuild switch --flake /Users/anishlakhwara/usr/helm#Anishs-MacBook-Pro; cd $OLDPWD"; 275 279 nrt = "cd /tmp; sudo nixos-rebuild test --flake '/home/anish/usr/helm#curve'; cd $OLDPWD"; 276 280 ned = "cd /home/anish/usr/helm; vim; cd $OLDPWD"; 277 281 ncd = "cd /home/anish/usr/helm";

home/profiles/desktop/ayu-dark-kitty.conf home/profiles/kitty/ayu-dark-kitty.conf

home/profiles/desktop/ayu-kitty.conf home/profiles/kitty/ayu-kitty.conf

-3

home/profiles/desktop/default.nix

··· 26 26 gtk-engine-murrine 27 27 gtk_engines 28 28 maim 29 - kitty 30 29 libreoffice 31 30 inotify-tools 32 31 offpunk ··· 66 65 recursive = true; 67 66 }; 68 67 ".config/dunst/dunstrc".source = ./dunstrc; 69 - ".config/kitty/kitty.conf".source = ./kitty.conf; 70 - ".config/kitty/ayu.conf".source = ./ayu-kitty.conf; 71 68 ".config/zathura/zathurarc".source = ./zathurarc; 72 69 ".background-image".source = ./background.jpg; 73 70 #gtk4 theme

+1

home/profiles/desktop/kitty.conf home/profiles/kitty/kitty.conf

··· 8 8 mouse_map left click ungrabbed mouse_click_url_or_select 9 9 confirm_os_window_close 0 10 10 enable_audio_bell no 11 + hide_window_decorations titlebar-only 11 12 -- Allows zen-mode.nvim to increase font size 12 13 -- allow_remote_control socket-only 13 14 -- listen_on unix:/tmp/kitty

+11

home/profiles/kitty/default.nix

··· 1 + { pkgs, config, lib, ... }: 2 + 3 + { 4 + home.packages = with pkgs; [ 5 + kitty 6 + ]; 7 + home.file = { 8 + ".config/kitty/kitty.conf".source = ./kitty.conf; 9 + ".config/kitty/ayu.conf".source = ./ayu-kitty.conf; 10 + }; 11 + }

+44 -44

home/profiles/nvim/default.nix

··· 624 624 625 625 capabilities = require('cmp_nvim_lsp').default_capabilities() 626 626 627 - -- fennel-ls is bleeding edge 628 627 local lspconfig = require('lspconfig') 629 - require("lspconfig.configs")["fennel-ls"] = { 630 - default_config = { 631 - cmd = {"fennel-ls"}, 632 - filetypes = {"fennel"}, 633 - root_dir = function(dir) return lspconfig.util.find_git_ancestor(dir) end, 634 - settings = {} 635 - } 636 - } 628 + -- fennel-ls is bleeding edge 629 + -- require("lspconfig.configs")["fennel-ls"] = { 630 + -- default_config = { 631 + -- cmd = {"fennel-ls"}, 632 + -- filetypes = {"fennel"}, 633 + -- root_dir = function(dir) return lspconfig.util.find_git_ancestor(dir) end, 634 + -- settings = {} 635 + -- } 636 + -- } 637 637 638 638 local servers = { 'clojure_lsp', 'terraform_lsp', 'zls', 'pyright', 'rust_analyzer', 'tsserver', 'lua_ls'} 639 639 for _, lsp in ipairs(servers) do ··· 653 653 capabilities = capabilities, 654 654 } 655 655 -- fennel-ls doesn't support gps 656 - lspconfig['fennel-ls'].setup { 657 - on_attach = function(client, bufnr) 658 - format.on_attach(client) 659 - end, 660 - capabilities = capabilities, 661 - } 656 + -- lspconfig['fennel-ls'].setup { 657 + -- on_attach = function(client, bufnr) 658 + -- format.on_attach(client) 659 + -- end, 660 + -- capabilities = capabilities, 661 + -- } 662 662 663 663 -- deprecated pylsp 664 664 -- require('lspconfig').pylsp.setup { ··· 781 781 require('leap').set_default_keymaps() 782 782 783 783 -- supercollider 784 - local scnvim = require 'scnvim' 785 - local map = scnvim.map 786 - local map_expr = scnvim.map_expr 787 - scnvim.setup { 788 - keymaps = { 789 - ['<localleader>e'] = map('editor.send_line', {'i', 'n'}), 790 - ['<localleader>s'] = map_expr('CmdPeriod.run', {'i', 'n'}), 791 - ['<localleader>t'] = { 792 - map('editor.send_block', {'i', 'n'}), 793 - map('editor.send_selection', 'x'), 794 - }, 795 - ['<CR>'] = map('postwin.toggle'), 796 - ['<M-CR>'] = map('postwin.toggle', 'i'), 797 - ['<M-L>'] = map('postwin.clear', {'n', 'i'}), 798 - ['<C-k>'] = map('signature.show', {'n', 'i'}), 799 - ['<F12>'] = map('sclang.hard_stop', {'n', 'x', 'i'}), 800 - ['<leader>st'] = map('sclang.start'), 801 - ['<leader>sk'] = map('sclang.recompile'), 802 - ['<F1>'] = map_expr('s.boot'), 803 - ['<F2>'] = map_expr('s.meter'), 804 - } 805 - } 784 + -- local scnvim = require 'scnvim' 785 + -- local map = scnvim.map 786 + -- local map_expr = scnvim.map_expr 787 + -- scnvim.setup { 788 + -- keymaps = { 789 + -- ['<localleader>e'] = map('editor.send_line', {'i', 'n'}), 790 + -- ['<localleader>s'] = map_expr('CmdPeriod.run', {'i', 'n'}), 791 + -- ['<localleader>t'] = { 792 + -- map('editor.send_block', {'i', 'n'}), 793 + -- map('editor.send_selection', 'x'), 794 + -- }, 795 + -- ['<CR>'] = map('postwin.toggle'), 796 + -- ['<M-CR>'] = map('postwin.toggle', 'i'), 797 + -- ['<M-L>'] = map('postwin.clear', {'n', 'i'}), 798 + -- ['<C-k>'] = map('signature.show', {'n', 'i'}), 799 + -- ['<F12>'] = map('sclang.hard_stop', {'n', 'x', 'i'}), 800 + -- ['<leader>st'] = map('sclang.start'), 801 + -- ['<leader>sk'] = map('sclang.recompile'), 802 + -- ['<F1>'] = map_expr('s.boot'), 803 + -- ['<F2>'] = map_expr('s.meter'), 804 + -- } 805 + -- } 806 806 -- You gotta run :SCNvimGenerateAssets for this first 807 - require("luasnip").add_snippets("supercollider", require("scnvim/utils").get_snippets()) 807 + -- require("luasnip").add_snippets("supercollider", require("scnvim/utils").get_snippets()) 808 808 809 809 -- zen mode 810 810 require('zen-mode').setup{ ··· 863 863 # used to compile tree-sitter grammar 864 864 python-with-my-packages 865 865 nodejs 866 - clojure-lsp 866 + # clojure-lsp 867 867 clojure 868 868 rnix-lsp 869 869 terraform-lsp 870 870 rust-analyzer 871 - clj-kondo 871 + # clj-kondo 872 872 zls 873 873 gcc 874 874 nodePackages_latest.pyright ··· 878 878 nodePackages.typescript 879 879 nodePackages.typescript-language-server 880 880 luajitPackages.lua-lsp 881 - fennel-ls 881 + # fennel-ls 882 882 ]; 883 883 884 884 plugins = with pkgs.vimPlugins // customPlugins; [ ··· 895 895 telescope-nvim 896 896 plenary-nvim 897 897 nvim-navic 898 - (nvim-treesitter.withPlugins (p: [ p.nix p.clojure p.python p.fennel p.lua p.html p.css p.regex p.supercollider p.beancount p.markdown p.glsl p.yaml p.toml p.dockerfile p.json ])) 898 + (nvim-treesitter.withPlugins (p: [ p.nix p.clojure p.python p.fennel p.lua p.html p.css p.regex p.beancount p.markdown p.glsl p.yaml p.toml p.dockerfile p.json ])) 899 899 nvim-treesitter-context 900 900 my-fterm 901 901 barbar-nvim ··· 953 953 vim-sexp-mappings-for-regular-people 954 954 fennel-vim 955 955 956 - vim-tidal 956 + # vim-tidal 957 957 # experimental 958 958 nvim-luapad 959 - scnvim 959 + # scnvim 960 960 leap 961 961 vim-beancount 962 962 # vimtex

+2 -2

home/profiles/task/default.nix

··· 8 8 # taskwarrior needs write access to this file for centexts 9 9 # this way, we get a copy of the file, and we make sure it's writable 10 10 ".taskrc".source = ./taskrc; 11 - ".taskrc".executable = true; 12 - ".taskrc".onChange = "cp ~/.taskrc ~/.taskrc2;rm ~/.taskrc;mv ~/.taskrc2 ~/.taskrc;chmod +w ~/.taskrc"; 11 + # ".taskrc".executable = true; 12 + # ".taskrc".onChange = "cp ~/.taskrc ~/.taskrc2;rm ~/.taskrc;mv ~/.taskrc2 ~/.taskrc;chmod +w ~/.taskrc"; 13 13 ".task/keys/ca.cert".source = ./ca.cert; 14 14 ".task/keys/public.cert".source = ./public.cert; 15 15

+34

hosts/darwin/casks/default.nix

··· 1 + { pkgs, ... }: 2 + 3 + { 4 + homebrew.enable = true; 5 + homebrew.brews = [ 6 + "kind" 7 + "kubectl" 8 + ]; 9 + homebrew.casks = [ 10 + # Development Tools 11 + "homebrew/cask/docker" 12 + # "insomnia" 13 + # "tableplus" 14 + # "ngrok" 15 + "postico" 16 + "wireshark" 17 + 18 + # Communication Tools 19 + # Already installed manually 20 + # "loom" 21 + # "slack" 22 + # "zoom" 23 + # "firefox" 24 + 25 + # Utility Tools 26 + # "syncthing" 27 + 28 + # Productivity Tools 29 + "raycast" 30 + 31 + # AI 32 + # "diffusionbee" 33 + ]; 34 + }

+125

hosts/darwin/default.nix

··· 1 + { agenix, config, pkgs, ... }: 2 + 3 + { 4 + imports = [ 5 + ./sketchybar 6 + ./yabai 7 + ./casks 8 + # ../../modules/darwin/secrets.nix 9 + # ../../modules/darwin/home-manager.nix 10 + # ../../modules/shared 11 + # ../../modules/shared/cachix 12 + # agenix.darwinModules.default 13 + ]; 14 + 15 + environment.systemPackages = [ 16 + pkgs.go 17 + ]; 18 + 19 + # Auto upgrade nix package and the daemon service. 20 + services.nix-daemon.enable = true; 21 + nixpkgs.hostPlatform = "aarch64-darwin"; 22 + programs.zsh.enable = true; 23 + 24 + # Setup user, packages, programs 25 + nix = { 26 + # package = pkgs.nixUnstable; 27 + settings.trusted-users = [ "@admin" "anishlakhwara" ]; 28 + 29 + gc = { 30 + user = "root"; 31 + automatic = true; 32 + interval = { Weekday = 0; Hour = 2; Minute = 0; }; 33 + options = "--delete-older-than 30d"; 34 + }; 35 + 36 + # Turn this on to make command line easier 37 + extraOptions = '' 38 + experimental-features = nix-command flakes 39 + ''; 40 + }; 41 + 42 + # Turn off NIX_PATH warnings now that we're using flakes 43 + system.checks.verifyNixPath = false; 44 + 45 + # Load configuration that is shared across systems 46 + # environment.systemPackages = with pkgs; [ 47 + # 48 + # ] ++ (import ../../modules/shared/packages.nix { inherit pkgs; }); 49 + 50 + # Enable fonts dir 51 + fonts.fontDir.enable = true; 52 + fonts.fonts = with pkgs; [ 53 + fira-code 54 + fira-code-symbols 55 + hermit 56 + #hack 57 + siji 58 + font-awesome 59 + proggyfonts 60 + (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "Iosevka" ]; }) 61 + ]; 62 + 63 + system = { 64 + stateVersion = 4; 65 + 66 + keyboard = { 67 + enableKeyMapping = true; 68 + }; 69 + 70 + defaults = { 71 + LaunchServices = { 72 + LSQuarantine = false; 73 + }; 74 + 75 + NSGlobalDomain = { 76 + AppleShowAllExtensions = true; 77 + ApplePressAndHoldEnabled = false; 78 + 79 + # 120, 90, 60, 30, 12, 6, 2 80 + KeyRepeat = 2; 81 + 82 + # 120, 94, 68, 35, 25, 15 83 + InitialKeyRepeat = 15; 84 + 85 + "com.apple.mouse.tapBehavior" = 1; 86 + "com.apple.sound.beep.volume" = 0.0; 87 + "com.apple.sound.beep.feedback" = 0; 88 + }; 89 + 90 + loginwindow = { 91 + # disable guest account 92 + GuestEnabled = false; 93 + # show name instead of username 94 + SHOWFULLNAME = false; 95 + }; 96 + 97 + dock = { 98 + autohide = true; 99 + autohide-delay = 0.0; 100 + autohide-time-modifier = 1.0; 101 + static-only = false; 102 + showhidden = false; 103 + show-recents = false; 104 + launchanim = true; 105 + mouse-over-hilite-stack = true; 106 + orientation = "bottom"; 107 + tilesize = 48; 108 + }; 109 + 110 + finder = { 111 + _FXShowPosixPathInTitle = false; 112 + }; 113 + 114 + trackpad = { 115 + Clicking = false; 116 + TrackpadThreeFingerDrag = true; 117 + }; 118 + }; 119 + 120 + # keyboard = { 121 + # enableKeyMapping = true; 122 + # remapCapsLockToControl = true; 123 + # }; 124 + }; 125 + }

+10

hosts/darwin/sketchybar/default.nix

··· 1 + { pkgs, ... }: 2 + 3 + { 4 + services.sketchybar = { 5 + enable = true; 6 + config = (builtins.readFile ./sketchybarrc); 7 + extraPackages = [ pkgs.jq ]; 8 + }; 9 + 10 + }

+58

hosts/darwin/sketchybar/sketchybarrc

··· 1 + #!/usr/bin/env bash 2 + 3 + source "$HOME/.config/sketchybar/variables.sh" # Loads all defined colors 4 + 5 + # General bar and defaults 6 + # parts I didn't want 7 + # y_offset=5 \ 8 + # margin=5 \ 9 + 10 + sketchybar --bar height=35 \ 11 + color="$BAR_COLOR" \ 12 + shadow="$SHADOW" \ 13 + position=top \ 14 + sticky=on \ 15 + padding_right=0 \ 16 + padding_left=3 \ 17 + corner_radius="$CORNER_RADIUS" \ 18 + blur_radius=20 \ 19 + notch_width=200 \ 20 + --default updates=when_shown \ 21 + icon.font="$FONT:Bold:13.5" \ 22 + icon.color="$ICON_COLOR" \ 23 + icon.padding_left="$PADDINGS" \ 24 + icon.padding_right="$PADDINGS" \ 25 + label.font="$FONT:Bold:13.0" \ 26 + label.color="$LABEL_COLOR" \ 27 + label.padding_left="$PADDINGS" \ 28 + label.padding_right="$PADDINGS" \ 29 + background.padding_right="$PADDINGS" \ 30 + background.padding_left="$PADDINGS" \ 31 + popup.background.border_width=1 \ 32 + popup.background.corner_radius=11 \ 33 + popup.background.border_color="$POPUP_BORDER_COLOR" \ 34 + popup.background.color="$POPUP_BACKGROUND_COLOR" \ 35 + popup.background.shadow.drawing="$SHADOW" 36 + 37 + # Left 38 + # source "$ITEM_DIR/apple.sh" 39 + source "$ITEM_DIR/spaces.sh" 40 + 41 + # Center (of notch) 42 + # source "$ITEM_DIR/spotify.sh" 43 + source "$ITEM_DIR/front_app.sh" 44 + 45 + # Right 46 + source "$ITEM_DIR/clock.sh" 47 + source "$ITEM_DIR/calendar.sh" 48 + source "$ITEM_DIR/battery.sh" 49 + source "$ITEM_DIR/volume.sh" 50 + source "$ITEM_DIR/cpu.sh" 51 + 52 + #################### Finalizing Setup #################### 53 + 54 + # sketchybar --hotload true 55 + 56 + sketchybar --update 57 + 58 + echo "sketchybar configuration loaded.."

+102

hosts/darwin/yabai/default.nix

··· 1 + {pkgs, ... }: 2 + 3 + { 4 + services.yabai = { 5 + enable = true; 6 + config = { 7 + mouse_follows_focus = "off"; 8 + focus_follows_mouse = "off"; 9 + window_placement = "second_child"; 10 + window_topmost = "off"; 11 + window_opacity = "off"; 12 + window_opacity_duration = 0.0; 13 + window_shadow = "on"; 14 + window_border = "off"; 15 + window_border_placement = "inset"; 16 + window_border_width = 4; 17 + window_border_radius = -1.0; 18 + active_window_border_topmost = "off"; 19 + active_window_border_color = "0xff775759"; 20 + normal_window_border_color = "0xff505050"; 21 + insert_window_border_color = "0xffd75f5f"; 22 + active_window_opacity = 1.0; 23 + normal_window_opacity = 0.9; 24 + split_ratio = 0.73; 25 + auto_balance = "on"; 26 + mouse_modifier = "fn"; 27 + mouse_action1 = "move"; 28 + mouse_action2 = "resize"; 29 + layout = "bsp"; 30 + top_padding = 5; 31 + bottom_padding = 5; 32 + left_padding = 5; 33 + right_padding = 5; 34 + window_gap = 5; 35 + }; 36 + extraConfig = '' 37 + # Do not manage windows with certain titles eg. Copying files or moving to bin 38 + yabai -m rule --add title="(Copy|Bin|About This Mac|Info)" manage=off 39 + # Do not manage some apps which are not resizable 40 + yabai -m rule --add app="^(Calculator|System Preferences|[sS]tats|[Jj]et[Bb]rains [Tt]ool[Bb]ox|kftray)$" manage=off 41 + ''; 42 + }; 43 + 44 + system.activationScripts.yabai = { 45 + enable = true; 46 + text = '' 47 + yabai --install-service && yabai --start-service 48 + ''; 49 + }; 50 + 51 + services.skhd = { 52 + enable = true; 53 + skhdConfig = '' 54 + # Open iTerm2 55 + cmd - enter : kitty --single-instance -d ~ 56 + 57 + ################## 58 + # Window Motions # 59 + ################## 60 + # Rotate 61 + lalt - r : yabai -m space --rotate 90 62 + # Mirror verticaly 63 + lalt - x : yabai -m space --mirror y-axis 64 + # Mirror horizontaly 65 + lalt - y : yabai -m space --mirror x-axis 66 + # yes, i know i swapped x and y, but I mainly use y-axis and y is further... 67 + # Fullscreen 68 + cmd - f : yabai -m window --toggle zoom-fullscreen 69 + # Swap 70 + lalt - q : yabai -m window --swap west 71 + lalt - s : yabai -m window --swap south 72 + lalt - z : yabai -m window --swap north 73 + lalt - d : yabai -m window --swap east 74 + # Warp 75 + shift + lalt - q : yabai -m window --warp west 76 + shift + lalt - s : yabai -m window --warp south 77 + shift + lalt - z : yabai -m window --warp north 78 + shift + lalt - d : yabai -m window --warp east 79 + 80 + ######### 81 + # Focus # 82 + ######### 83 + # Clockwise 84 + # alt - tab : yabai -m window --focus "$(yabai -m query --windows --space | jq -re "[sort_by(.id, .frame) | .[] | select(.role == \"AXWindow\" and .subrole == \"AXStandardWindow\") | .id] | nth(index($(yabai -m query --windows --window | jq -re ".id")) - 1)")" 85 + # Counter-clockwise 86 + # shift - tab : yabai -m window --focus "$(yabai -m query --windows --space | jq -re "[sort_by(.id, .frame) | reverse | .[] | select(.role == \"AXWindow\" and .subrole == \"AXStandardWindow\") | .id] | nth(index($(yabai -m query --windows --window | jq -re ".id")) - 1)")" 87 + 88 + ########## 89 + # Spaces # 90 + ########## 91 + ctrl - left : yabai -m space --focus prev 92 + ctrl - right : yabai -m space --focus next 93 + ctrl + shift - right : yabai -m window --space next; yabai -m space --focus next 94 + ctrl + shift - left : yabai -m window --space prev; yabai -m space --focus prev 95 + cmd - 1 : yabai -m window --space 1; yabai -m space --focus 1 96 + cmd - 2 : yabai -m window --space 2; yabai -m space --focus 2 97 + cmd - 3 : yabai -m window --space 3; yabai -m space --focus 3 98 + cmd - 4 : yabai -m window --space 4; yabai -m space --focus 4 99 + cmd - 5 : yabai -m window --space 5; yabai -m space --focus 5 100 + ''; 101 + }; 102 + }

+12

modules/darwin/README.md

··· 1 + 2 + ## Layout 3 + ``` 4 + . 5 + ├── dock # MacOS dock configuration 6 + ├── casks.nix # List of homebrew casks 7 + ├── default.nix # Defines module, system-level config 8 + ├── files.nix # Non-Nix, static configuration files (now immutable!) 9 + ├── home-manager.nix # Defines user programs 10 + ├── packages.nix # List of packages to install for MacOS 11 + ├── secrets.nix # Age-encrypted secrets with agenix 12 + ```

+26

modules/darwin/casks.nix

··· 1 + _: 2 + 3 + [ 4 + # Development Tools 5 + "homebrew/cask/docker" 6 + # "insomnia" 7 + # "tableplus" 8 + # "ngrok" 9 + "postico" 10 + "wireshark" 11 + 12 + # Communication Tools 13 + "loom" 14 + # Already installed manually 15 + # "slack" 16 + # "zoom" 17 + 18 + # Utility Tools 19 + "syncthing" 20 + 21 + # Productivity Tools 22 + "raycast" 23 + 24 + # AI 25 + # "diffusionbee" 26 + ]

+67

modules/darwin/dock/default.nix

··· 1 + { config, pkgs, lib, ... }: 2 + with lib; 3 + let 4 + cfg = config.local.dock; 5 + inherit (pkgs) stdenv dockutil; 6 + in 7 + { 8 + options = { 9 + local.dock.enable = mkOption { 10 + description = "Enable dock"; 11 + default = stdenv.isDarwin; 12 + example = false; 13 + }; 14 + 15 + local.dock.entries = mkOption 16 + { 17 + description = "Entries on the Dock"; 18 + type = with types; listOf (submodule { 19 + options = { 20 + path = lib.mkOption { type = str; }; 21 + section = lib.mkOption { 22 + type = str; 23 + default = "apps"; 24 + }; 25 + options = lib.mkOption { 26 + type = str; 27 + default = ""; 28 + }; 29 + }; 30 + }); 31 + readOnly = true; 32 + }; 33 + }; 34 + 35 + config = 36 + mkIf cfg.enable 37 + ( 38 + let 39 + normalize = path: if hasSuffix ".app" path then path + "/" else path; 40 + entryURI = path: "file://" + (builtins.replaceStrings 41 + [" " "!" "\"" "#" "$" "%" "&" "'" "(" ")"] 42 + ["%20" "%21" "%22" "%23" "%24" "%25" "%26" "%27" "%28" "%29"] 43 + (normalize path) 44 + ); 45 + wantURIs = concatMapStrings 46 + (entry: "${entryURI entry.path}\n") 47 + cfg.entries; 48 + createEntries = concatMapStrings 49 + (entry: "${dockutil}/bin/dockutil --no-restart --add '${entry.path}' --section ${entry.section} ${entry.options}\n") 50 + cfg.entries; 51 + in 52 + { 53 + system.activationScripts.postUserActivation.text = '' 54 + echo >&2 "Setting up the Dock..." 55 + haveURIs="$(${dockutil}/bin/dockutil --list | ${pkgs.coreutils}/bin/cut -f2)" 56 + if ! diff -wu <(echo -n "$haveURIs") <(echo -n '${wantURIs}') >&2 ; then 57 + echo >&2 "Resetting Dock." 58 + ${dockutil}/bin/dockutil --no-restart --remove all 59 + ${createEntries} 60 + killall Dock 61 + else 62 + echo >&2 "Dock setup complete." 63 + fi 64 + ''; 65 + } 66 + ); 67 + }

+54

modules/darwin/files.nix

··· 1 + { user, config, pkgs, ... }: 2 + 3 + let 4 + xdg_configHome = "${config.users.users.${user}.home}/.config"; 5 + xdg_dataHome = "${config.users.users.${user}.home}/.local/share"; 6 + xdg_stateHome = "${config.users.users.${user}.home}/.local/state"; in 7 + { 8 + 9 + # Raycast script so that "Run Emacs" is available and uses Emacs daemon 10 + "${xdg_dataHome}/bin/emacsclient" = { 11 + executable = true; 12 + text = '' 13 + #!/bin/zsh 14 + # 15 + # Required parameters: 16 + # @raycast.schemaVersion 1 17 + # @raycast.title Run Emacs 18 + # @raycast.mode silent 19 + # 20 + # Optional parameters: 21 + # @raycast.packageName Emacs 22 + # @raycast.icon ${xdg_dataHome}/img/icons/Emacs.icns 23 + # @raycast.iconDark ${xdg_dataHome}/img/icons/Emacs.icns 24 + 25 + if [[ $1 = "-t" ]]; then 26 + # Terminal mode 27 + ${pkgs.emacs}/bin/emacsclient -t $@ 28 + else 29 + # GUI mode 30 + ${pkgs.emacs}/bin/emacsclient -c -n $@ 31 + fi 32 + ''; 33 + }; 34 + 35 + # Script to import Drafts into Emacs org-roam 36 + "${xdg_dataHome}/bin/import-drafts" = { 37 + executable = true; 38 + text = '' 39 + #!/bin/sh 40 + 41 + for f in ${xdg_stateHome}/drafts/* 42 + do 43 + if [[ ! "$f" =~ "done" ]]; then 44 + echo "Importing $f" 45 + filename="$(head -c 10 $f)" 46 + output="${xdg_dataHome}/org-roam/daily/$filename.org" 47 + echo '\n' >> "$output" 48 + tail -n +3 $f >> "$output" 49 + mv $f done 50 + fi 51 + done 52 + ''; 53 + }; 54 + }

+85

modules/darwin/home-manager.nix

··· 1 + { config, pkgs, lib, home-manager, ... }: 2 + 3 + let 4 + user = "anishlakhwara"; 5 + # Define the content of your file as a derivation 6 + myEmacsLauncher = pkgs.writeScript "emacs-launcher.command" '' 7 + #!/bin/sh 8 + emacsclient -c -n & 9 + ''; 10 + sharedFiles = import ../shared/files.nix { inherit config pkgs; }; 11 + additionalFiles = import ./files.nix { inherit user config pkgs; }; 12 + in 13 + { 14 + imports = [ 15 + ./dock 16 + ]; 17 + 18 + # It me 19 + users.users.${user} = { 20 + name = "${user}"; 21 + home = "/Users/${user}"; 22 + isHidden = false; 23 + shell = pkgs.zsh; 24 + }; 25 + 26 + # Enable home-manager 27 + home-manager = { 28 + useGlobalPkgs = true; 29 + users.${user} = { pkgs, config, lib, ... }:{ 30 + home = { 31 + enableNixpkgsReleaseCheck = false; 32 + packages = pkgs.callPackage ./packages.nix {}; 33 + file = lib.mkMerge [ 34 + sharedFiles 35 + additionalFiles 36 + { "emacs-launcher.command".source = myEmacsLauncher; } 37 + ]; 38 + 39 + stateVersion = "23.11"; 40 + }; 41 + 42 + programs = {} // import ../shared/home-manager.nix { inherit config pkgs lib; }; 43 + 44 + # Marked broken Oct 20, 2022 check later to remove this 45 + # https://github.com/nix-community/home-manager/issues/3344 46 + manual.manpages.enable = false; 47 + }; 48 + }; 49 + 50 + # Fully declarative dock using the latest from Nix Store 51 + local = { 52 + dock.enable = true; 53 + dock.entries = [ 54 + { path = "/Applications/Slack.app/"; } 55 + { path = "/System/Applications/Messages.app/"; } 56 + { path = "/System/Applications/Facetime.app/"; } 57 + { path = "/Applications/Telegram.app/"; } 58 + { path = "${pkgs.alacritty}/Applications/Alacritty.app/"; } 59 + { path = "/System/Applications/Music.app/"; } 60 + { path = "/System/Applications/News.app/"; } 61 + { path = "/System/Applications/Photos.app/"; } 62 + { path = "/System/Applications/Photo Booth.app/"; } 63 + { path = "/System/Applications/TV.app/"; } 64 + { path = "${pkgs.jetbrains.phpstorm}/Applications/PhpStorm.app/"; } 65 + { path = "/Applications/TablePlus.app/"; } 66 + { path = "/Applications/Asana.app/"; } 67 + { path = "/Applications/Drafts.app/"; } 68 + { path = "/System/Applications/Home.app/"; } 69 + { 70 + path = toString myEmacsLauncher; 71 + section = "others"; 72 + } 73 + { 74 + path = "${config.users.users.${user}.home}/.local/share/"; 75 + section = "others"; 76 + options = "--sort name --view grid --display folder"; 77 + } 78 + { 79 + path = "${config.users.users.${user}.home}/.local/share/downloads"; 80 + section = "others"; 81 + options = "--sort name --view grid --display stack"; 82 + } 83 + ]; 84 + }; 85 + }

+7

modules/darwin/packages.nix

··· 1 + { pkgs }: 2 + 3 + with pkgs; 4 + let shared-packages = import ../shared/packages.nix { inherit pkgs; }; in 5 + shared-packages ++ [ 6 + dockutil 7 + ]

+47

modules/darwin/secrets.nix

··· 1 + { config, pkgs, agenix, secrets, ... }: 2 + 3 + let user = "dustin"; in 4 + { 5 + age = { 6 + identityPaths = [ 7 + "/Users/${user}/.ssh/id_ed25519" 8 + ]; 9 + 10 + secrets = { 11 + "syncthing-cert" = { 12 + symlink = true; 13 + path = "/Users/${user}/Library/Application Support/Syncthing/cert.pem"; 14 + file = "${secrets}/darwin-syncthing-cert.age"; 15 + mode = "644"; 16 + owner = "${user}"; 17 + group = "staff"; 18 + }; 19 + 20 + "syncthing-key" = { 21 + symlink = true; 22 + path = "/Users/${user}/Library/Application Support/Syncthing/key.pem"; 23 + file = "${secrets}/darwin-syncthing-key.age"; 24 + mode = "600"; 25 + owner = "${user}"; 26 + group = "staff"; 27 + }; 28 + 29 + "github-ssh-key" = { 30 + symlink = true; 31 + path = "/Users/${user}/.ssh/id_github"; 32 + file = "${secrets}/github-ssh-key.age"; 33 + mode = "600"; 34 + owner = "${user}"; 35 + group = "staff"; 36 + }; 37 + 38 + "github-signing-key" = { 39 + symlink = false; 40 + path = "/Users/${user}/.ssh/pgp_github.key"; 41 + file = "${secrets}/github-signing-key.age"; 42 + mode = "600"; 43 + owner = "${user}"; 44 + }; 45 + }; 46 + }; 47 + }