ngp.computer / nixos
Configuration for my NixOS based systems and Home Manager
fork atom

Compare changes

Choose any two refs to compare.

+4423 -1431
unified split
+1 -2
boot.nix
··· 1 - { ... }: 2 - { 1 + { ... }: { 3 2 # Use the systemd-boot EFI boot loader. 4 3 boot.loader.systemd-boot.enable = true; 5 4 boot.loader.efi.canTouchEfiVariables = true;
+31
common.nix
··· 1 + { ... }: 2 + { 3 + # Set your time zone. 4 + time.timeZone = "America/Chicago"; 5 + 6 + # Select internationalisation properties. 7 + i18n.defaultLocale = "en_US.UTF-8"; 8 + # console = { 9 + # font = "Lat2-Terminus16"; 10 + # keyMap = "us"; 11 + # useXkbConfig = true; # use xkb.options in tty. 12 + # }; 13 + 14 + # Automatic doc cache generation 15 + documentation.man.generateCaches = true; 16 + 17 + # Automatic system upgrades 18 + system.autoUpgrade = { 19 + enable = true; 20 + dates = "09:00"; 21 + randomizedDelaySec = "45min"; 22 + }; 23 + 24 + # Automatic Garbage Collection 25 + nix.gc.automatic = true; 26 + nix.gc.options = "--delete-older-than 8d"; 27 + nix.settings.trusted-users = [ "@wheel" ]; 28 + 29 + # I don't care that much about free vs unfree 30 + nixpkgs.config.allowUnfree = true; 31 + }
+254
default-home.nix
··· 1 + { 2 + pkgs, 3 + unstable, 4 + inputs, 5 + config, 6 + ... 7 + }: 8 + { 9 + imports = [ 10 + inputs.agenix.homeManagerModules.default 11 + ]; 12 + home.username = "noah"; 13 + home.homeDirectory = "/home/noah"; 14 + 15 + age.identityPaths = [ 16 + "${config.home.homeDirectory}/.ssh/id_rsa" 17 + "${config.home.homeDirectory}/.ssh/id_ed25519" 18 + "${config.home.homeDirectory}/.ssh/id_ed25519_age" 19 + ]; 20 + 21 + home.packages = with pkgs; [ 22 + inputs.agenix.packages."${system}".agenix 23 + # main tool 24 + direnv 25 + tree 26 + btop 27 + htop 28 + rsync 29 + unzip 30 + fd 31 + ripgrep 32 + catgirl 33 + netcat 34 + stunnel 35 + fzf 36 + iperf3 37 + entr 38 + lf 39 + #devenv # broken 40 + plan9port 41 + pwgen 42 + metastore 43 + isync 44 + pass 45 + tmux 46 + age 47 + 48 + # Dev tools 49 + gcc 50 + go 51 + unstable.gopls 52 + gnumake 53 + babashka 54 + # Babashka common aliases 55 + neil 56 + ccls 57 + clojure 58 + unstable.clj-kondo 59 + unstable.clojure-lsp 60 + unstable.janet 61 + unstable.jpm 62 + graalvmPackages.graalvm-ce 63 + cmake 64 + universal-ctags 65 + kotlin 66 + nodejs 67 + node2nix 68 + opam 69 + rustup 70 + zig 71 + scala_3 72 + scalafmt 73 + # scala LSP 74 + unstable.metals 75 + # Scala / Java build tool 76 + sbt 77 + luarocks 78 + luajit 79 + lua-language-server 80 + leiningen 81 + libressl 82 + erlang 83 + elixir 84 + ghc 85 + nil 86 + python3 87 + typescript 88 + #vscode-langservers-extracted 89 + scdoc 90 + #dockerfile-language-server-nodejs 91 + #yaml-language-server 92 + mkcert 93 + natscli 94 + poetry 95 + sqlite 96 + pandoc 97 + unstable.harec 98 + unstable.hare 99 + unstable.haredo 100 + unstable.haredoc 101 + unstable.gleam 102 + unstable.rebar3 103 + unstable.bun 104 + unstable.gh 105 + unstable.kraft 106 + #unstable.claude-code 107 + 108 + # Python dev tools 109 + pyright 110 + python313Packages.python-lsp-server 111 + python313Packages.python-lsp-ruff 112 + 113 + # Certificate Management 114 + minica 115 + mkcert 116 + step-cli 117 + 118 + ]; 119 + 120 + nix = { 121 + #package = pkgs.nix; 122 + settings = { 123 + experimental-features = [ 124 + "nix-command" 125 + "flakes" 126 + ]; 127 + extra-trusted-users = [ 128 + "noah" 129 + ]; 130 + extra-substituters = [ 131 + "https://cache.ngp.computer" 132 + ]; 133 + extra-trusted-public-keys = [ 134 + "misaki.packetlost.dev:y5Z/utaVBozpL0UAbUQDWLjpm2sVMOoKzyG76n/167A=" 135 + ]; 136 + }; 137 + }; 138 + 139 + programs.fish = { 140 + enable = true; 141 + #package = unstable.fish; 142 + }; 143 + programs.neovim = { 144 + #package = unstable.neovim-unwrapped; 145 + enable = true; 146 + defaultEditor = true; 147 + withNodeJs = true; 148 + withPython3 = true; 149 + extraPackages = with pkgs; [ 150 + unstable.fzf 151 + unstable.ripgrep 152 + luarocks 153 + unstable.tree-sitter 154 + ]; 155 + }; 156 + programs.home-manager.enable = true; 157 + programs.helix.enable = true; 158 + programs.jujutsu = { 159 + enable = true; 160 + }; 161 + programs.git = { 162 + enable = true; 163 + lfs.enable = true; 164 + settings.user.name = "Noah Pederson"; 165 + settings.user.email = "noah@packetlost.dev"; 166 + extraConfig = { 167 + sendemail = { 168 + smtpserver = "smtp.migadu.com"; 169 + smtpuser = "noah@packetlost.dev"; 170 + smptencryption = "tls"; 171 + smtpserverport = 587; 172 + }; 173 + init = { 174 + defaultBranch = "master"; 175 + }; 176 + pull = { 177 + rebase = true; 178 + }; 179 + credential = { 180 + helper = "cache"; 181 + }; 182 + rerere.enable = true; 183 + }; 184 + ignores = [ 185 + ".direnv/" 186 + ".envrc" 187 + "flake.nix" 188 + "shell.nix" 189 + ".env/" 190 + ".clj-kondo/" 191 + ]; 192 + }; 193 + programs.aerc = { 194 + enable = true; 195 + package = unstable.aerc; 196 + }; 197 + programs.ssh = { 198 + enable = true; 199 + matchBlocks."*".addKeysToAgent = "yes"; 200 + }; 201 + 202 + services.ssh-agent.enable = true; 203 + services.mako.enable = false; 204 + 205 + programs.ssh.extraConfig = builtins.readFile ./ssh/extra; 206 + services.gpg-agent = { 207 + enable = true; 208 + defaultCacheTtl = 1800; 209 + }; 210 + 211 + programs.direnv = { 212 + enable = true; 213 + nix-direnv.enable = true; 214 + }; 215 + 216 + xdg.enable = true; 217 + 218 + # Independent config files. 219 + xdg.configFile.nvim = { 220 + source = ./nvim; 221 + recursive = true; 222 + }; 223 + 224 + xdg.configFile.vis = { 225 + source = ./vis; 226 + recursive = true; 227 + }; 228 + 229 + xdg.configFile.fish = { 230 + source = ./fish; 231 + recursive = true; 232 + force = true; 233 + }; 234 + 235 + xdg.configFile.aerc = { 236 + source = ./aerc; 237 + recursive = true; 238 + }; 239 + 240 + home.file.".local/bin" = { 241 + source = ./scripts; 242 + recursive = true; 243 + }; 244 + age.secrets.catgirl-libera = { 245 + file = ./secrets/catgirl-libera.age; 246 + path = "${config.xdg.configHome}/catgirl/libera"; 247 + symlink = true; 248 + }; 249 + 250 + manual.manpages.enable = true; 251 + 252 + home.stateVersion = "23.11"; 253 + 254 + }
+11 -5
fish/config.fish
··· 29 29 alias r "cd ~/repos" 30 30 end 31 31 32 - # We start the ssh-agent in noah-home.nix, so we'll add the socket to the environment 33 32 set -Ux SSH_AUTH_SOCK /var/run/user/(id -u)/ssh-agent 34 - 35 33 # PATH stuff 36 34 35 + if test -z "(pgrep ssh-agent)" 36 + eval (ssh-agent -c) > /dev/null # no output 37 + set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK 38 + set -Ux SSH_AGENT_PID $SSH_AGENT_PID 39 + set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK 40 + end 41 + 42 + # Run ssh-agent 37 43 if type -q "direnv" 38 44 direnv hook fish | source 39 45 set -g direnv_fish_mode eval_on_arrow ··· 45 51 end 46 52 47 53 # NATS config 48 - set -Ux NATS_URL tls://nats.packetlost.dev 54 + set -Ux NATS_URL tls://misaki.local 49 55 set -Ux NATS_CA /srv/nats/minica.pem 50 - set -Ux NATS_CERT /srv/nats/odin.packetlost.dev/cert.pem 51 - set -Ux NATS_KEY /srv/nats/odin.packetlost.dev/key.pem 56 + set -Ux NATS_CERT /srv/nats/touma-nixos@packetlost.dev/cert.pem 57 + set -Ux NATS_KEY /srv/nats/touma-nixos@packetlost.dev/key.pem 52 58 53 59 # Keybindings 54 60 fish_default_key_bindings
+3
fish/functions/fish_user_key_bindings.fish
··· 1 1 function fish_user_key_bindings 2 + if command -s fzf-share >/dev/null 3 + source (fzf-share)/key-bindings.fish 4 + end 2 5 fzf_key_bindings 3 6 bind \co 'lfcd; commandline -f repaint' 4 7 end
+1 -1
fish/functions/lfcd.fish
··· 13 13 14 14 function lfcd 15 15 set tmp (mktemp) 16 - yazi --cwd-file=$tmp $argv 16 + lf -last-dir-path=$tmp $argv 17 17 if test -f "$tmp" 18 18 set dir (cat $tmp) 19 19 rm -f $tmp
-20
fish/functions/rfv.fish
··· 1 - # ripgrep->fzf->nvim [QUERY] 2 - # Ripped from: https://junegunn.github.io/fzf/tips/ripgrep-integration/ 3 - function rfv 4 - set -lx RELOAD 'reload:rg --column --color=always --smart-case {q} || :' 5 - set -lx OPENER 'if [[ $FZF_SELECT_COUNT -eq 0 ]]; then 6 - nvim {1} +{2} # No selection. Open the current line in Vim. 7 - else 8 - nvim +cw -q {+f} # Build quickfix list for the selected items. 9 - fi' 10 - fzf < /dev/null \ 11 - --disabled --ansi --multi \ 12 - --bind "start:$RELOAD" --bind "change:$RELOAD" \ 13 - --bind "enter:become:$OPENER" \ 14 - --bind "ctrl-o:execute:$OPENER" \ 15 - --bind 'alt-a:select-all,alt-d:deselect-all,ctrl-/:toggle-preview' \ 16 - --delimiter : \ 17 - --preview 'bat --style=full --color=always --highlight-line {2} {1}' \ 18 - --preview-window '~4,+{2}+4/3,<80(up)' \ 19 - --query "$argv" 20 - end
+240 -39
flake.lock
··· 4 4 "inputs": { 5 5 "darwin": "darwin", 6 6 "home-manager": "home-manager", 7 - "nixpkgs": "nixpkgs", 7 + "nixpkgs": [ 8 + "nixpkgs" 9 + ], 8 10 "systems": "systems" 9 11 }, 10 12 "locked": { 11 - "lastModified": 1754433428, 12 - "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=", 13 + "lastModified": 1762618334, 14 + "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", 13 15 "owner": "ryantm", 14 16 "repo": "agenix", 15 - "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d", 17 + "rev": "fcdea223397448d35d9b31f798479227e80183f6", 16 18 "type": "github" 17 19 }, 18 20 "original": { ··· 43 45 "type": "github" 44 46 } 45 47 }, 48 + "determinate-nixd-aarch64-darwin": { 49 + "flake": false, 50 + "locked": { 51 + "narHash": "sha256-zK2dgNHh/p92rk5jN+Y1LOMn0HEdTsS+7XXwb2g52oM=", 52 + "type": "file", 53 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.2/macOS" 54 + }, 55 + "original": { 56 + "type": "file", 57 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.2/macOS" 58 + } 59 + }, 60 + "determinate-nixd-aarch64-linux": { 61 + "flake": false, 62 + "locked": { 63 + "narHash": "sha256-ckvZP0zFcbzLXWYOJUqYXkKBt0b2IZcQEr7YjEVtwOI=", 64 + "type": "file", 65 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.2/aarch64-linux" 66 + }, 67 + "original": { 68 + "type": "file", 69 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.2/aarch64-linux" 70 + } 71 + }, 72 + "determinate-nixd-x86_64-linux": { 73 + "flake": false, 74 + "locked": { 75 + "narHash": "sha256-8dLtm8FJrpyBmrNpspJj30/6I5HGEfjjXuFqURcZ8pk=", 76 + "type": "file", 77 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.2/x86_64-linux" 78 + }, 79 + "original": { 80 + "type": "file", 81 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.2/x86_64-linux" 82 + } 83 + }, 84 + "determinite": { 85 + "inputs": { 86 + "determinate-nixd-aarch64-darwin": "determinate-nixd-aarch64-darwin", 87 + "determinate-nixd-aarch64-linux": "determinate-nixd-aarch64-linux", 88 + "determinate-nixd-x86_64-linux": "determinate-nixd-x86_64-linux", 89 + "nix": "nix", 90 + "nixpkgs": [ 91 + "nixpkgs" 92 + ] 93 + }, 94 + "locked": { 95 + "lastModified": 1768964099, 96 + "narHash": "sha256-sV1OJYyktJRl7I3HxeBvWTWXjqm2uCTS3gS1p+DLn7c=", 97 + "rev": "a5469e9aa3870941320cb92d899b66e141c5a3cd", 98 + "revCount": 394, 99 + "type": "tarball", 100 + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.15.2/019bde7d-0725-73ef-9705-498c50ef6e00/source.tar.gz" 101 + }, 102 + "original": { 103 + "type": "tarball", 104 + "url": "https://flakehub.com/f/DeterminateSystems/determinate/3" 105 + } 106 + }, 46 107 "flake-compat": { 47 108 "flake": false, 48 109 "locked": { 49 - "lastModified": 1747046372, 50 - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", 110 + "lastModified": 1696426674, 111 + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", 112 + "owner": "edolstra", 113 + "repo": "flake-compat", 114 + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", 115 + "type": "github" 116 + }, 117 + "original": { 118 + "owner": "edolstra", 119 + "repo": "flake-compat", 120 + "type": "github" 121 + } 122 + }, 123 + "flake-compat_2": { 124 + "flake": false, 125 + "locked": { 126 + "lastModified": 1767039857, 127 + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", 51 128 "owner": "edolstra", 52 129 "repo": "flake-compat", 53 - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", 130 + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", 54 131 "type": "github" 55 132 }, 56 133 "original": { ··· 59 136 "type": "github" 60 137 } 61 138 }, 139 + "flake-compat_3": { 140 + "flake": false, 141 + "locked": { 142 + "lastModified": 1767039857, 143 + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", 144 + "owner": "NixOS", 145 + "repo": "flake-compat", 146 + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", 147 + "type": "github" 148 + }, 149 + "original": { 150 + "owner": "NixOS", 151 + "repo": "flake-compat", 152 + "type": "github" 153 + } 154 + }, 155 + "flake-parts": { 156 + "inputs": { 157 + "nixpkgs-lib": [ 158 + "determinite", 159 + "nix", 160 + "nixpkgs" 161 + ] 162 + }, 163 + "locked": { 164 + "lastModified": 1748821116, 165 + "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=", 166 + "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1", 167 + "revCount": 377, 168 + "type": "tarball", 169 + "url": "https://api.flakehub.com/f/pinned/hercules-ci/flake-parts/0.1.377%2Brev-49f0870db23e8c1ca0b5259734a02cd9e1e371a1/01972f28-554a-73f8-91f4-d488cc502f08/source.tar.gz" 170 + }, 171 + "original": { 172 + "type": "tarball", 173 + "url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1" 174 + } 175 + }, 176 + "git-hooks-nix": { 177 + "inputs": { 178 + "flake-compat": "flake-compat", 179 + "gitignore": [ 180 + "determinite", 181 + "nix" 182 + ], 183 + "nixpkgs": [ 184 + "determinite", 185 + "nix", 186 + "nixpkgs" 187 + ] 188 + }, 189 + "locked": { 190 + "lastModified": 1747372754, 191 + "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", 192 + "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", 193 + "revCount": 1026, 194 + "type": "tarball", 195 + "url": "https://api.flakehub.com/f/pinned/cachix/git-hooks.nix/0.1.1026%2Brev-80479b6ec16fefd9c1db3ea13aeb038c60530f46/0196d79a-1b35-7b8e-a021-c894fb62163d/source.tar.gz" 196 + }, 197 + "original": { 198 + "type": "tarball", 199 + "url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941" 200 + } 201 + }, 62 202 "gitignore": { 63 203 "inputs": { 64 204 "nixpkgs": [ ··· 108 248 ] 109 249 }, 110 250 "locked": { 111 - "lastModified": 1753592768, 112 - "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", 251 + "lastModified": 1768949235, 252 + "narHash": "sha256-TtjKgXyg1lMfh374w5uxutd6Vx2P/hU81aEhTxrO2cg=", 113 253 "owner": "nix-community", 114 254 "repo": "home-manager", 115 - "rev": "fc3add429f21450359369af74c2375cb34a2d204", 255 + "rev": "75ed713570ca17427119e7e204ab3590cc3bf2a5", 116 256 "type": "github" 117 257 }, 118 258 "original": { 119 259 "owner": "nix-community", 120 - "ref": "release-25.05", 260 + "ref": "release-25.11", 121 261 "repo": "home-manager", 122 262 "type": "github" 123 263 } 124 264 }, 265 + "nix": { 266 + "inputs": { 267 + "flake-parts": "flake-parts", 268 + "git-hooks-nix": "git-hooks-nix", 269 + "nixpkgs": "nixpkgs", 270 + "nixpkgs-23-11": "nixpkgs-23-11", 271 + "nixpkgs-regression": "nixpkgs-regression" 272 + }, 273 + "locked": { 274 + "lastModified": 1768960381, 275 + "narHash": "sha256-32oMe1y+kwvIJNiJsIvozTuSmDxcwST06i+0ak+L4AU=", 276 + "rev": "45ce621408cb8c9a724193d5fe858eb839662db8", 277 + "revCount": 24453, 278 + "type": "tarball", 279 + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.15.2/019bde75-b4ee-74b2-a812-28dc2ee83d58/source.tar.gz" 280 + }, 281 + "original": { 282 + "type": "tarball", 283 + "url": "https://flakehub.com/f/DeterminateSystems/nix-src/%2A" 284 + } 285 + }, 286 + "nixos-wsl": { 287 + "inputs": { 288 + "flake-compat": "flake-compat_2", 289 + "nixpkgs": [ 290 + "nixpkgs" 291 + ] 292 + }, 293 + "locked": { 294 + "lastModified": 1769217863, 295 + "narHash": "sha256-RY9kJDXD6+2Td/59LkZ0PFSereCXHdBX9wIkbYjRKCY=", 296 + "owner": "nix-community", 297 + "repo": "NixOS-WSL", 298 + "rev": "38a5250e57f583662eac3b944830e4b9e169e965", 299 + "type": "github" 300 + }, 301 + "original": { 302 + "owner": "nix-community", 303 + "ref": "main", 304 + "repo": "NixOS-WSL", 305 + "type": "github" 306 + } 307 + }, 125 308 "nixpkgs": { 126 309 "locked": { 127 - "lastModified": 1754028485, 128 - "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", 310 + "lastModified": 1761597516, 311 + "narHash": "sha256-wxX7u6D2rpkJLWkZ2E932SIvDJW8+ON/0Yy8+a5vsDU=", 312 + "rev": "daf6dc47aa4b44791372d6139ab7b25269184d55", 313 + "revCount": 811874, 314 + "type": "tarball", 315 + "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.2505.811874%2Brev-daf6dc47aa4b44791372d6139ab7b25269184d55/019a3494-3498-707e-9086-1fb81badc7fe/source.tar.gz" 316 + }, 317 + "original": { 318 + "type": "tarball", 319 + "url": "https://flakehub.com/f/NixOS/nixpkgs/0.2505" 320 + } 321 + }, 322 + "nixpkgs-23-11": { 323 + "locked": { 324 + "lastModified": 1717159533, 325 + "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", 129 326 "owner": "NixOS", 130 327 "repo": "nixpkgs", 131 - "rev": "59e69648d345d6e8fef86158c555730fa12af9de", 328 + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", 132 329 "type": "github" 133 330 }, 134 331 "original": { 135 332 "owner": "NixOS", 136 - "ref": "nixos-25.05", 137 333 "repo": "nixpkgs", 334 + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", 138 335 "type": "github" 139 336 } 140 337 }, 141 - "nixpkgs-unstable": { 338 + "nixpkgs-regression": { 142 339 "locked": { 143 - "lastModified": 1755186698, 144 - "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", 145 - "owner": "nixos", 340 + "lastModified": 1643052045, 341 + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", 342 + "owner": "NixOS", 146 343 "repo": "nixpkgs", 147 - "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", 344 + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", 148 345 "type": "github" 149 346 }, 150 347 "original": { 151 - "owner": "nixos", 152 - "ref": "nixos-unstable", 348 + "owner": "NixOS", 153 349 "repo": "nixpkgs", 350 + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", 154 351 "type": "github" 155 352 } 156 353 }, 157 - "nixpkgs_2": { 354 + "nixpkgs-unstable": { 158 355 "locked": { 159 - "lastModified": 1755274400, 160 - "narHash": "sha256-rTInmnp/xYrfcMZyFMH3kc8oko5zYfxsowaLv1LVobY=", 356 + "lastModified": 1769018530, 357 + "narHash": "sha256-MJ27Cy2NtBEV5tsK+YraYr2g851f3Fl1LpNHDzDX15c=", 161 358 "owner": "nixos", 162 359 "repo": "nixpkgs", 163 - "rev": "ad7196ae55c295f53a7d1ec39e4a06d922f3b899", 360 + "rev": "88d3861acdd3d2f0e361767018218e51810df8a1", 164 361 "type": "github" 165 362 }, 166 363 "original": { 167 364 "owner": "nixos", 168 - "ref": "nixos-25.05", 365 + "ref": "nixos-unstable", 169 366 "repo": "nixpkgs", 170 367 "type": "github" 171 368 } 172 369 }, 173 - "nixpkgs_3": { 370 + "nixpkgs_2": { 174 371 "locked": { 175 - "lastModified": 1754340878, 176 - "narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=", 177 - "owner": "NixOS", 372 + "lastModified": 1769089682, 373 + "narHash": "sha256-9yA/LIuAVQq0lXelrZPjLuLVuZdm03p8tfmHhnDIkms=", 374 + "owner": "nixos", 178 375 "repo": "nixpkgs", 179 - "rev": "cab778239e705082fe97bb4990e0d24c50924c04", 376 + "rev": "078d69f03934859a181e81ba987c2bb033eebfc5", 180 377 "type": "github" 181 378 }, 182 379 "original": { 183 - "owner": "NixOS", 184 - "ref": "nixpkgs-unstable", 380 + "owner": "nixos", 381 + "ref": "nixos-25.11", 185 382 "repo": "nixpkgs", 186 383 "type": "github" 187 384 } 188 385 }, 189 386 "pre-commit-hooks": { 190 387 "inputs": { 191 - "flake-compat": "flake-compat", 388 + "flake-compat": "flake-compat_3", 192 389 "gitignore": "gitignore", 193 - "nixpkgs": "nixpkgs_3" 390 + "nixpkgs": [ 391 + "nixpkgs" 392 + ] 194 393 }, 195 394 "locked": { 196 - "lastModified": 1755446520, 197 - "narHash": "sha256-I0Ok1OGDwc1jPd8cs2VvAYZsHriUVFGIUqW+7uSsOUM=", 395 + "lastModified": 1769069492, 396 + "narHash": "sha256-Efs3VUPelRduf3PpfPP2ovEB4CXT7vHf8W+xc49RL/U=", 198 397 "owner": "cachix", 199 398 "repo": "git-hooks.nix", 200 - "rev": "4b04db83821b819bbbe32ed0a025b31e7971f22e", 399 + "rev": "a1ef738813b15cf8ec759bdff5761b027e3e1d23", 201 400 "type": "github" 202 401 }, 203 402 "original": { ··· 209 408 "root": { 210 409 "inputs": { 211 410 "agenix": "agenix", 411 + "determinite": "determinite", 212 412 "home-manager": "home-manager_2", 413 + "nixos-wsl": "nixos-wsl", 213 414 "nixpkgs": "nixpkgs_2", 214 415 "nixpkgs-unstable": "nixpkgs-unstable", 215 416 "pre-commit-hooks": "pre-commit-hooks"
+202 -30
flake.nix
··· 1 1 { 2 - description = "NixOS Configuration module"; 2 + description = "Home Manager configuration for noah"; 3 3 4 4 inputs = { 5 5 # Specify the source of Home Manager and Nixpkgs. 6 - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; 6 + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; 7 7 nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; 8 + nixos-wsl = { 9 + url = "github:nix-community/NixOS-WSL/main"; 10 + inputs.nixpkgs.follows = "nixpkgs"; 11 + }; 12 + determinite = { 13 + url = "https://flakehub.com/f/DeterminateSystems/determinate/3"; 14 + inputs.nixpkgs.follows = "nixpkgs"; 15 + }; 8 16 home-manager = { 9 - url = "github:nix-community/home-manager/release-25.05"; 17 + url = "github:nix-community/home-manager/release-25.11"; 18 + inputs.nixpkgs.follows = "nixpkgs"; 19 + }; 20 + pre-commit-hooks = { 21 + url = "github:cachix/git-hooks.nix"; 10 22 inputs.nixpkgs.follows = "nixpkgs"; 11 23 }; 12 - pre-commit-hooks.url = "github:cachix/git-hooks.nix"; 13 - agenix.url = "github:ryantm/agenix"; 24 + agenix = { 25 + url = "github:ryantm/agenix"; 26 + inputs.nixpkgs.follows = "nixpkgs"; 27 + }; 14 28 }; 15 29 16 - outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, pre-commit-hooks, ... }@inputs: 30 + outputs = 31 + { 32 + self, 33 + nixpkgs, 34 + nixpkgs-unstable, 35 + nixos-wsl, 36 + determinite, 37 + home-manager, 38 + pre-commit-hooks, 39 + agenix, 40 + ... 41 + }@inputs: 17 42 let 18 - supportedSystems = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ]; 43 + supportedSystems = [ 44 + "x86_64-linux" 45 + "aarch64-linux" 46 + "x86_64-darwin" 47 + "aarch64-darwin" 48 + ]; 19 49 forAllSystems = nixpkgs.lib.genAttrs supportedSystems; 50 + basicSystem = 51 + { 52 + system ? "x86_64-linux", 53 + modules ? [ ], 54 + useUnstable ? false, 55 + extraGroups ? [ ], 56 + overlays ? [ ], 57 + enableNFTables ? true, 58 + }: 59 + let 60 + unstable = import nixpkgs-unstable { 61 + inherit system overlays; 62 + config.allowUnfree = true; 63 + }; 64 + in 65 + inputs.nixpkgs.lib.nixosSystem { 66 + inherit system; 67 + specialArgs = { 68 + inherit inputs extraGroups enableNFTables; 69 + } 70 + // nixpkgs.lib.optionalAttrs useUnstable { 71 + inherit unstable; 72 + }; 73 + modules = [ 74 + determinite.nixosModules.default 75 + ./common.nix 76 + ./users.nix 77 + ./services.nix 78 + agenix.nixosModules.default 79 + home-manager.nixosModules.home-manager 80 + { 81 + home-manager.useGlobalPkgs = true; 82 + home-manager.useUserPackages = true; 83 + home-manager.users.noah = ./default-home.nix; 84 + home-manager.extraSpecialArgs = { 85 + inherit inputs; 86 + } 87 + // nixpkgs.lib.optionalAttrs useUnstable { 88 + inherit unstable; 89 + }; 90 + } 91 + ] 92 + ++ modules; 93 + }; 20 94 in 21 95 { 96 + # incomplete 97 + nixosConfigurations.odin = basicSystem { 98 + extraGroups = [ 99 + "libvirtd" 100 + "qemu-libvirtd" 101 + "docker" 102 + ]; 103 + useUnstable = true; 104 + modules = [ 105 + ./host-specific/odin/configuration.nix 106 + ]; 107 + }; 108 + nixosConfigurations.shizuri = basicSystem { 109 + useUnstable = true; 110 + modules = [ 111 + ./host-specific/shizuri/configuration.nix 112 + ]; 113 + }; 114 + nixosConfigurations.misaki = basicSystem { 115 + useUnstable = true; 116 + extraGroups = [ 117 + "render" 118 + "nats" 119 + "litterbox" 120 + "httpd" 121 + ]; 122 + modules = [ 123 + ./host-specific/misaki/configuration.nix 124 + ]; 125 + overlays = [ 126 + (final: prev: { 127 + # Override the version of Plex installed to be the latest 128 + plexRaw = prev.plexRaw.overrideAttrs rec { 129 + version = "1.43.0.10389-8be686aa6"; 130 + src = final.fetchurl { 131 + url = "https://downloads.plex.tv/plex-media-server-new/${version}/debian/plexmediaserver_${version}_amd64.deb"; 132 + sha256 = "0HjB8Ggekwl5dKwM1Kh51Ic25t3V6veKbuzM7czrpeg="; 133 + }; 134 + }; 135 + ## Override the json object that contains verions and hashes for Immich 136 + #immich = prev.immich.override { sourcesJSON = ./overrides/immich-sources.json; }; 137 + ## Fix errors wit numpy version failing to resolve in the immich ML package 138 + #immich-machine-learning = prev.immich-machine-learning.overrideAttrs 139 + # (finalAttrs: prevAttrs: { 140 + # pythonRelaxDeps = prevAttrs.pythonRelaxDeps ++ [ "numpy" ]; 141 + # }); 142 + }) 143 + ]; 144 + }; 145 + nixosConfigurations.touma-wsl = basicSystem { 146 + useUnstable = true; 147 + modules = [ 148 + ./host-specific/touma-wsl.nix 149 + nixos-wsl.nixosModules.default 150 + ]; 151 + enableNFTables = false; 152 + }; 153 + nixosConfigurations.edge = basicSystem { 154 + useUnstable = true; 155 + modules = [ 156 + ./host-specific/edge/configuration.nix 157 + ]; 158 + }; 159 + homeConfigurations."noah-aleister" = home-manager.lib.homeManagerConfiguration { 160 + pkgs = import nixpkgs { 161 + system = "aarch64-darwin"; 162 + config.allowUnfree = true; 163 + }; 164 + # Specify your home configuration modules here, for example, 165 + # the path to your home.nix. 166 + modules = [ 167 + ./host-specific/aleister-noah.nix 168 + agenix.homeManagerModules.default 169 + ]; 170 + 171 + # Optionally use extraSpecialArgs 172 + # to pass through arguments to home.nix 173 + extraSpecialArgs = { 174 + unstable = import nixpkgs-unstable { 175 + system = "aarch64-darwin"; 176 + config.allowUnfree = true; 177 + }; 178 + }; 179 + }; 180 + homeConfigurations."noah" = 181 + let 182 + system = "x86_64-linux"; 183 + pkgs = import nixpkgs { 184 + inherit system; 185 + config.allowUnfree = true; 186 + }; 187 + unstable = import nixpkgs-unstable { 188 + inherit system; 189 + config.allowUnfree = true; 190 + }; 191 + in 192 + home-manager.lib.homeManagerConfiguration { 193 + inherit pkgs; 194 + # Specify your home configuration modules here, for example, 195 + # the path to your home.nix. 196 + modules = [ 197 + ./default-home.nix 198 + { 199 + nix.package = pkgs.nix; 200 + } 201 + ]; 202 + 203 + # Optionally use extraSpecialArgs 204 + # to pass through arguments to home.nix 205 + extraSpecialArgs = { 206 + inherit unstable; 207 + inputs = inputs; 208 + }; 209 + }; 22 210 checks = forAllSystems (system: { 23 - pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run { 211 + pre-commit-check = pre-commit-hooks.lib.${system}.run { 24 212 src = ./.; 25 213 # If your hooks are intrusive, avoid running on each commit with a default_states like this: 26 214 # default_stages = ["manual" "push"]; 27 215 hooks = { 28 - nixpkgs-fmt.enable = true; 216 + nixfmt-rfc-style.enable = true; 29 217 nil.enable = true; 30 218 luacheck.enable = true; 31 219 }; ··· 34 222 devShells = forAllSystems (system: { 35 223 default = nixpkgs.legacyPackages.${system}.mkShell { 36 224 inherit (self.checks.${system}.pre-commit-check) shellHook; 37 - buildInputs = self.checks.${system}.pre-commit-check.enabledPackages; 225 + buildInputs = [ 226 + nixpkgs.legacyPackages.${system}.nixfmt-rfc-style 227 + ] 228 + ++ self.checks.${system}.pre-commit-check.enabledPackages; 38 229 }; 39 230 }); 40 - nixosConfigurations = { 41 - odin = nixpkgs.lib.nixosSystem { 42 - system = "x86_64-linux"; 43 - specialArgs = { inherit inputs; }; 44 - modules = [ 45 - ./odin.nix 46 - home-manager.nixosModules.home-manager 47 - { 48 - # I manage my home with home-manager 49 - # Don't store packages in ~/.nix-profile, use /etc/profiles so we can build-vm 50 - home-manager.useUserPackages = true; 51 - # No more NIX_PATH, use system pkgs 52 - home-manager.useGlobalPkgs = true; 53 - 54 - home-manager.users.noah = import ./home.nix; 55 - home-manager.extraSpecialArgs = inputs; 56 - } 57 - ]; 58 - }; 59 - }; 231 + formatter = forAllSystems (system: inputs.nixpkgs.legacyPackages.${system}.nixfmt-rfc-style); 60 232 }; 61 233 }
+12 -4
ghostty/config
··· 1 - font-size = 13 2 - font-family = Berkeley Mono 3 - theme = catppuccin-macchiato 1 + #font-size = 13 2 + font-family = TX-02 Medium 3 + theme = flat-remix-light 4 + #theme = dark:catppuccin-frappe,light:catppuccin-latte 4 5 shell-integration = fish 6 + link-url = true 7 + clipboard-read = allow 5 8 6 - window-decoration = false 9 + #window-decoration = true 7 10 8 11 font-feature = calt 9 12 font-feature = ccmp ··· 20 23 #font-feature = ss06 21 24 #font-feature = ss07 22 25 #font-feature = ss08 26 + 27 + custom-shader = ~/.config/ghostty/shaders/galaxy.glsl 28 + #custom-shader = ~/.config/ghostty/shaders/tft.glsl 29 + #custom-shader = ~/.config/ghostty/shaders/retro-terminal.glsl 30 + #custom-shader = ~/.config/ghostty/shaders/bettercrt.glsl
+42
ghostty/themes/flat-remix-light
··· 1 + # standard colors 2 + # black 3 + palette = 0=#404040 4 + # red 5 + palette = 1=#d41919 6 + # green 7 + palette = 2=#12715f 8 + # yellow 9 + palette = 3=#fea44c 10 + # blue 11 + palette = 4=#367bf0 12 + # purple 13 + palette = 5=#8c42ab 14 + # cyan 15 + palette = 6=#4aaee6 16 + # white 17 + palette = 7=#ffffff 18 + 19 + # intense colors 20 + # black (grey) 21 + palette = 8=#737680 22 + # red 23 + palette = 9=#811035 24 + # green 25 + palette = 10=#23bac2 26 + # yellow 27 + palette = 11=#fe7171 28 + # blue 29 + palette = 12=#54bd8e 30 + # purple 31 + palette = 13=#d41919 32 + # cyan 33 + palette = 14=#367bf0 34 + # white 35 + palette = 15=#aaaaaa 36 + 37 + background = #e4e4e7 38 + foreground = #404040 39 + cursor-color = #272a34 40 + cursor-text = #b8174c 41 + selection-background = #737680 42 + selection-foreground = #ffffff
+11 -33
gui.nix
··· 1 - { pkgs, ... }: 1 + { pkgs, unstable, ... }: 2 2 { 3 3 # Enable the X11 windowing system. 4 - services.xserver = { 5 - enable = true; 6 - videoDrivers = [ "amdgpu" ]; 7 - }; 8 - 9 - # Fix for HIP libraries 10 - systemd.tmpfiles.rules = [ 11 - "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" 12 - ]; 4 + services.xserver.enable = true; 13 5 14 6 # Configure keymap in X11 15 7 # services.xserver.xkb.layout = "us"; ··· 29 21 }; 30 22 31 23 # Graphics and parallel compute configuration 32 - hardware.graphics = { 33 - enable = true; 34 - extraPackages = with pkgs; [ 35 - amdvlk 36 - libva 37 - mesa 38 - rocmPackages.clr.icd 39 - ]; 40 - }; 41 - 24 + hardware.opengl.extraPackages = [ 25 + pkgs.libva 26 + ]; 42 27 43 28 # Enable touchpad support (enabled default in most desktopManager). 44 29 # services.xserver.libinput.enable = true; ··· 48 33 fira-code 49 34 fira-code-symbols 50 35 noto-fonts 51 - noto-fonts-cjk-sans 36 + noto-fonts-cjk 52 37 noto-fonts-emoji 53 38 noto-fonts-extra 54 - nerd-fonts.fira-code 39 + (nerdfonts.override { fonts = [ "FiraCode" ]; }) 55 40 ]; 56 41 57 42 # Polkit is a dependency of Sway. It's responsible for handling security policies ··· 60 45 # Enable the sway window manager 61 46 programs.sway = { 62 47 enable = true; 63 - #package = unstable.sway; 48 + package = unstable.sway; 64 49 wrapperFeatures.gtk = true; 65 50 }; 66 51 # Use greetd as the displaymanager 67 52 #services.xserver.displayManager.greetd.enable = true; 68 53 #services.xserver.displayManager.lightdm.enable = false; 69 - services.displayManager.sddm.enable = true; 70 - services.displayManager.defaultSession = "sway"; 71 - services.displayManager.autoLogin = { 54 + services.xserver.displayManager.sddm.enable = true; 55 + services.xserver.displayManager.defaultSession = "none+i3"; 56 + services.xserver.displayManager.autoLogin = { 72 57 enable = true; 73 58 user = "noah"; 74 59 }; ··· 88 73 enable = true; 89 74 wlr.enable = true; 90 75 extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; 91 - }; 92 - xdg.mime = { 93 - enable = true; 94 - defaultApplications = { 95 - "x-scheme-handler/http" = "org.firefox.firefox.desktop"; 96 - "x-scheme-handler/https" = "org.firefox.firefox.desktop"; 97 - }; 98 76 }; 99 77 services.dbus.enable = true; 100 78 services.gnome.gnome-keyring.enable = true;
-63
hardware-configuration.nix
··· 1 - # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 - # and may be overwritten by future invocations. Please make changes 3 - # to /etc/nixos/configuration.nix instead. 4 - { config, lib, modulesPath, pkgs, ... }: 5 - 6 - { 7 - imports = 8 - [ 9 - (modulesPath + "/installer/scan/not-detected.nix") 10 - ]; 11 - 12 - boot.kernelPackages = pkgs.linuxPackages_latest; 13 - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ]; 14 - boot.initrd.kernelModules = [ "kvm-amd" "amdgpu" "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ]; 15 - boot.kernelModules = [ "kvm-amd" "amdgpu" "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ]; 16 - virtualisation.libvirtd = { 17 - enable = true; 18 - qemu = { 19 - runAsRoot = false; 20 - ovmf = { 21 - enable = true; 22 - }; 23 - }; 24 - }; 25 - #boot.extraModulePackages = with config.boot.kernelPackages; [ ]; 26 - boot.kernelParams = [ ]; 27 - 28 - hardware.enableRedistributableFirmware = true; 29 - 30 - fileSystems."/" = 31 - { 32 - device = "/dev/disk/by-uuid/07019c69-2597-410d-a8a0-a8ffb0f58883"; 33 - fsType = "ext4"; 34 - }; 35 - 36 - fileSystems."/boot" = 37 - { 38 - device = "/dev/disk/by-uuid/4B85-C90A"; 39 - fsType = "vfat"; 40 - }; 41 - 42 - swapDevices = [{ 43 - device = "/swapfile"; 44 - size = 32 * 1024; 45 - }]; 46 - 47 - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 48 - # (the default) this is the recommended approach. When using systemd-networkd it's 49 - # still possible to use this option, but it's recommended to use it in conjunction 50 - # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. 51 - networking.useDHCP = lib.mkDefault true; 52 - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; 53 - # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; 54 - 55 - nixpkgs.hostPlatform = { 56 - #gcc.arch = "znver2"; 57 - #gcc.tune = "znver2"; 58 - system = "x86_64-linux"; 59 - #gcc.arch = "x86-64-v3"; 60 - }; 61 - #nix.settings.system-features = ["gccarch-znver2" "big-parallel" "nixos-test" "benchmark" "kvm"]; 62 - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 63 - }
-290
home.nix
··· 1 - { pkgs, unstable, ... }: 2 - { 3 - home.sessionVariables = { 4 - NIXOS_OZONE_WL = "1"; 5 - }; 6 - 7 - home.packages = with pkgs; [ 8 - # main tool 9 - firefox-devedition 10 - direnv 11 - fish 12 - tree 13 - btop 14 - htop 15 - mtr 16 - pavucontrol 17 - moreutils 18 - picocom 19 - # Disabled because even unstable is too out-of-date 20 - # unstable.logseq 21 - element-desktop 22 - rsync 23 - unzip 24 - fd 25 - jq 26 - ripgrep 27 - bat 28 - netcat 29 - stunnel 30 - fzf 31 - iperf3 32 - entr 33 - bitwarden-cli 34 - # Previewer for LF 35 - unstable.pistol 36 - sqlite 37 - age 38 - just 39 - unstable.catgirl 40 - #devenv 41 - plan9port 42 - killall 43 - 44 - # Dev tools 45 - git 46 - gcc 47 - go 48 - gopls 49 - gnumake 50 - babashka 51 - ccls 52 - unstable.clojure 53 - unstable.cljfmt 54 - unstable.clojure-lsp 55 - unstable.janet 56 - unstable.jpm 57 - unstable.fennel-ls 58 - graalvm-ce 59 - cmake 60 - ctags 61 - kotlin 62 - nodejs 63 - node2nix 64 - opam 65 - unstable.rustup # includes rust-analyzer 66 - # Scala stuff 67 - #scala_3 68 - #scalafmt 69 - #metals 70 - # Scala / Java build tool 71 - #sbt 72 - # Haskell 73 - #cabal-install 74 - luarocks 75 - luajit 76 - lua-language-server 77 - luaformatter 78 - #leiningen 79 - libressl 80 - erlang 81 - elixir 82 - #ghc 83 - nil # nix language server 84 - typescript 85 - # This is currently broken 86 - #vscode-langservers-extracted 87 - scdoc 88 - dockerfile-language-server-nodejs 89 - yaml-language-server 90 - mkcert 91 - natscli 92 - python3 93 - python311Packages.pip 94 - sqlite 95 - unstable.harec 96 - unstable.hare 97 - unstable.haredoc 98 - unstable.haredo 99 - unstable.gleam 100 - unstable.rebar3 101 - #unstable.flyctl 102 - unstable.bun 103 - unstable.gh 104 - unstable.kraft 105 - unstable.doctl 106 - 107 - # JetBrains 108 - unstable.jetbrains-toolbox 109 - 110 - # GUI tools 111 - i3status 112 - i3lock 113 - maim 114 - slurp 115 - grim 116 - wl-clipboard 117 - playerctl 118 - barrier 119 - xclip 120 - zathura 121 - fuzzel 122 - thunderbird 123 - ghostty 124 - slack 125 - 126 - # Python dev tools 127 - pyright 128 - python311Packages.python-lsp-server 129 - python311Packages.python-lsp-ruff 130 - 131 - # Certificate Management 132 - minica 133 - mkcert 134 - step-cli 135 - unstable.ollama 136 - 137 - 138 - # Unfree 139 - discord 140 - spotify 141 - telegram-desktop 142 - google-chrome 143 - ]; 144 - 145 - nix = { 146 - settings.experimental-features = [ "nix-command" "flakes" ]; 147 - }; 148 - 149 - programs.fish = { 150 - enable = true; 151 - #package = unstable.fish; 152 - }; 153 - programs.neovim = { 154 - #package = unstable.neovim-unwrapped; 155 - enable = true; 156 - defaultEditor = true; 157 - withNodeJs = true; 158 - withPython3 = true; 159 - extraPackages = with pkgs; [ fzf ripgrep luarocks unstable.tree-sitter ]; 160 - }; 161 - programs.git = { 162 - enable = true; 163 - lfs.enable = true; 164 - userName = "Noah Pederson"; 165 - userEmail = "noah@packetlost.dev"; 166 - extraConfig = { 167 - sendemail = { 168 - smtpserver = "smtp.migadu.com"; 169 - smtpuser = "noah@packetlost.dev"; 170 - smtpencryption = "ssl"; 171 - smtpserverport = 465; 172 - }; 173 - init = { 174 - defaultBranch = "master"; 175 - }; 176 - pull = { 177 - rebase = true; 178 - }; 179 - credential = { 180 - helper = "cache"; 181 - }; 182 - }; 183 - ignores = [ 184 - ".direnv/" 185 - ".envrc" 186 - "flake.nix" 187 - "shell.nix" 188 - ".env/" 189 - ".clj-kondo/" 190 - ]; 191 - }; 192 - 193 - programs.aerc = { 194 - enable = true; 195 - package = unstable.aerc; 196 - }; 197 - 198 - programs.ssh = { 199 - enable = true; 200 - extraConfig = builtins.readFile ./ssh/extra; 201 - addKeysToAgent = "yes"; 202 - }; 203 - 204 - programs.yazi = { 205 - enable = true; 206 - package = unstable.yazi; 207 - enableFishIntegration = true; 208 - settings = { 209 - preview = { 210 - image_quality = 90; 211 - }; 212 - tasks = { 213 - image_bound = [ 214 - 0 215 - 0 216 - ]; 217 - }; 218 - }; 219 - plugins = { 220 - rsync = unstable.yaziPlugins.rsync; 221 - piper = unstable.yaziPlugins.piper; 222 - nord = unstable.yaziPlugins.nord; 223 - mediainfo = unstable.yaziPlugins.mediainfo; 224 - glow = unstable.yaziPlugins.glow; 225 - git = unstable.yaziPlugins.git; 226 - diff = unstable.yaziPlugins.diff; 227 - duckdb = unstable.yaziPlugins.duckdb; 228 - }; 229 - }; 230 - 231 - services.ssh-agent.enable = true; 232 - 233 - programs.direnv = { 234 - enable = true; 235 - nix-direnv.enable = true; 236 - }; 237 - 238 - # Independent config files. 239 - xdg.configFile.nvim = { 240 - source = ./nvim; 241 - recursive = true; 242 - }; 243 - 244 - xdg.configFile.vis = { 245 - source = ./vis; 246 - recursive = true; 247 - }; 248 - 249 - xdg.configFile.fish = { 250 - source = ./fish; 251 - recursive = true; 252 - }; 253 - 254 - xdg.configFile.kitty = { 255 - source = ./kitty; 256 - recursive = true; 257 - }; 258 - 259 - xdg.configFile.aerc = { 260 - source = ./aerc; 261 - recursive = true; 262 - }; 263 - 264 - xdg.configFile.sway = { 265 - source = ./sway; 266 - recursive = true; 267 - }; 268 - 269 - xdg.configFile.i3 = { 270 - source = ./i3; 271 - recursive = true; 272 - }; 273 - xdg.configFile.i3status = { 274 - source = ./i3status; 275 - recursive = true; 276 - }; 277 - 278 - xdg.configFile.ghostty = { 279 - source = ./ghostty; 280 - recursive = true; 281 - }; 282 - 283 - home.file.".local/bin" = { 284 - source = ./scripts; 285 - recursive = true; 286 - }; 287 - 288 - home.stateVersion = "23.11"; 289 - 290 - }
+397
host-specific/aleister-noah.nix
··· 1 + { 2 + pkgs, 3 + unstable, 4 + lib, 5 + inputs, 6 + ... 7 + }: 8 + { 9 + # Home Manager needs a bit of information about you and the paths it should 10 + # manage. 11 + home.username = "noah"; 12 + home.homeDirectory = "/Users/noah"; 13 + imports = [ 14 + inputs.agenix.homeManagerModules.default 15 + ]; 16 + nix = { 17 + package = pkgs.nix; 18 + settings = { 19 + experimental-features = [ 20 + "nix-command" 21 + "flakes" 22 + ]; 23 + }; 24 + }; 25 + 26 + # I generally don't care about unfree stuff 27 + nixpkgs.config.allowUnfree = true; 28 + nixpkgs.config.allowUnfreePredicte = _: true; 29 + 30 + home.packages = with pkgs; [ 31 + # main tool 32 + direnv 33 + #fish 34 + tree 35 + btop 36 + # Apple Silicon top monitoring 37 + macpm 38 + htop 39 + mtr 40 + moreutils 41 + rsync 42 + bash 43 + tmux 44 + coreutils 45 + util-linux 46 + p7zip 47 + unar 48 + watch 49 + 50 + unzip 51 + fd 52 + jq 53 + ripgrep 54 + bat 55 + netcat 56 + stunnel 57 + iperf3 58 + entr 59 + ncdu 60 + # broken? 61 + #unstable.bitwarden-cli 62 + sqlite 63 + age 64 + just 65 + mdr 66 + unstable.catgirl 67 + plan9port 68 + unstable.rc 69 + unstable.glow 70 + unstable.vis 71 + # Tcl/Tk 72 + #unstable.tcl 73 + #unstable.tk 74 + #unstable.tclPackages.tclx 75 + nodejs 76 + 77 + # Dev tools 78 + git 79 + git-filter-repo 80 + unstable.ruff 81 + # Rust REPL 82 + evcxr 83 + #unstable.gcc 84 + #unstable.clang 85 + # Swift stuff 86 + #swift 87 + #swift-format 88 + # Swift LSP 89 + #sourcekit-lsp 90 + unstable.go 91 + unstable.gopls 92 + gnumake 93 + #unstable.babashka 94 + #unstable.ccls 95 + unstable.clojure 96 + unstable.cljfmt 97 + unstable.clojure-lsp 98 + unstable.janet 99 + unstable.jpm 100 + unstable.fennel-ls 101 + unstable.graalvmPackages.graalvm-ce 102 + unstable.crystal 103 + unstable.crystalline 104 + cmake 105 + ctags 106 + #kotlin 107 + #nodejs 108 + #yarn 109 + #node2nix 110 + #opam 111 + # Scala stuff 112 + #unstable.scala_3 113 + #unstable.scalafmt 114 + #unstable.metals 115 + # Scala / Java build tool 116 + #unstable.sbt 117 + # Haskell 118 + #cabal-install 119 + #ghc 120 + 121 + # Lua 122 + luarocks 123 + luajit 124 + unstable.lua-language-server 125 + luaformatter 126 + libressl 127 + # Erlang 128 + #erlang 129 + #elixir 130 + unstable.nil # nix language server 131 + unstable.nixd 132 + #typescript 133 + # This is currently broken 134 + #vscode-langservers-extracted 135 + scdoc 136 + #dockerfile-language-server-nodejs 137 + # BROKEN 138 + #yaml-language-server 139 + mkcert 140 + natscli 141 + python314 142 + unstable.uv 143 + sqlite 144 + #unstable.gleam 145 + #unstable.rebar3 146 + #unstable.flyctl 147 + unstable.bun 148 + unstable.gh 149 + unstable.kraft 150 + unstable.doctl 151 + 152 + # GUI tools 153 + zathura 154 + unstable.opencode 155 + 156 + # Python dev tools 157 + #unstable.pyright 158 + unstable.basedpyright 159 + unstable.python313Packages.python-lsp-server 160 + unstable.python313Packages.python-lsp-ruff 161 + 162 + # JavaScript tools 163 + #typescript-language-server 164 + 165 + # Certificate Management 166 + minica 167 + mkcert 168 + step-cli 169 + unstable.claude-code 170 + 171 + # Fish Plugins 172 + #fishPlugins.fzf 173 + #fishPlugins.pure 174 + 175 + # Libraries because MacOS is kinda stupid 176 + ncurses 177 + ]; 178 + 179 + #programs.fish = { 180 + # enable = true; 181 + # package = unstable.fish; 182 + #}; 183 + programs.fzf = { 184 + enable = true; 185 + enableFishIntegration = true; 186 + }; 187 + programs.pistol.enable = true; 188 + programs.home-manager.enable = true; 189 + programs.neovim = { 190 + package = unstable.neovim-unwrapped; 191 + enable = true; 192 + defaultEditor = true; 193 + withNodeJs = false; 194 + withPython3 = true; 195 + extraPackages = with pkgs; [ 196 + fzf 197 + ripgrep 198 + luarocks 199 + tree-sitter 200 + ]; 201 + }; 202 + programs.git = { 203 + enable = true; 204 + lfs.enable = true; 205 + userName = "Noah Pederson"; 206 + userEmail = "noah@packetlost.dev"; 207 + extraConfig = { 208 + sendemail = { 209 + smtpserver = "smtp.migadu.com"; 210 + smtpuser = "noah@packetlost.dev"; 211 + smtpauth = "plain"; 212 + smtpencryption = "tls"; 213 + smtpserverport = 465; 214 + }; 215 + init = { 216 + defaultBranch = "master"; 217 + }; 218 + pull = { 219 + rebase = true; 220 + }; 221 + push = { 222 + default = "simple"; 223 + autoSetupRemote = true; 224 + followTags = true; 225 + }; 226 + credential = { 227 + helper = "cache"; 228 + }; 229 + alias = { 230 + out = "log @{u}.."; 231 + }; 232 + column = { 233 + ui = "auto"; 234 + }; 235 + branch = { 236 + sort = "-committerdate"; 237 + }; 238 + tag = { 239 + sort = "version:refname"; 240 + }; 241 + diff = { 242 + algorithm = "histogram"; 243 + colorMoved = "plain"; 244 + mnemonicPrefix = true; 245 + renames = true; 246 + }; 247 + fetch = { 248 + prune = true; 249 + pruneTags = true; 250 + all = true; 251 + }; 252 + help = { 253 + autocorrect = "prompt"; 254 + }; 255 + commit = { 256 + verbose = true; 257 + }; 258 + rerere = { 259 + enabled = true; 260 + autoupdate = true; 261 + }; 262 + rebase = { 263 + autoSquash = true; 264 + autoStash = true; 265 + updateRefs = true; 266 + }; 267 + merge = { 268 + conflictStyle = "zdiff3"; 269 + }; 270 + }; 271 + ignores = [ 272 + ".direnv/" 273 + ".envrc" 274 + ".env/" 275 + ".clj-kondo/" 276 + ]; 277 + }; 278 + programs.aerc = { 279 + enable = true; 280 + }; 281 + programs.ssh = { 282 + enable = true; 283 + extraConfig = builtins.readFile ../ssh/extra; 284 + addKeysToAgent = "yes"; 285 + forwardAgent = true; 286 + }; 287 + 288 + programs.yazi = 289 + let 290 + localPkgs = pkgs; 291 + yaziPlugins = localPkgs.yaziPlugins; 292 + plugins = lib.attrsets.getAttrs [ 293 + "rsync" 294 + "piper" 295 + "nord" 296 + "mediainfo" 297 + "glow" 298 + "git" 299 + "diff" 300 + "duckdb" 301 + ] yaziPlugins; 302 + in 303 + { 304 + inherit plugins; 305 + enable = true; 306 + package = localPkgs.yazi; 307 + enableFishIntegration = true; 308 + settings = { 309 + preview = { 310 + image_quality = 90; 311 + }; 312 + tasks = { 313 + image_bound = [ 314 + 0 315 + 0 316 + ]; 317 + }; 318 + }; 319 + }; 320 + 321 + programs.direnv = { 322 + enable = true; 323 + nix-direnv.enable = true; 324 + }; 325 + 326 + programs.nix-index = { 327 + enable = true; 328 + enableFishIntegration = true; 329 + }; 330 + programs.helix = { 331 + enable = true; 332 + settings = { 333 + theme = "everforest_dark"; 334 + editor.cursor-shape = { 335 + normal = "block"; 336 + insert = "bar"; 337 + select = "underline"; 338 + }; 339 + }; 340 + languages.language = [ 341 + { 342 + name = "nix"; 343 + auto-format = true; 344 + formatter.command = "${pkgs.nixfmt}/bin/nixfmt"; 345 + } 346 + { 347 + name = "rust"; 348 + auto-format = true; 349 + formatter.command = "${pkgs.rustfmt}/bin/rustfmt"; 350 + } 351 + ]; 352 + }; 353 + 354 + # Independent config files. 355 + xdg.configFile.nvim = { 356 + source = ../nvim; 357 + recursive = true; 358 + }; 359 + 360 + xdg.configFile.vis = { 361 + source = ../vis; 362 + recursive = true; 363 + }; 364 + 365 + xdg.configFile.fish = { 366 + source = ../fish; 367 + recursive = true; 368 + }; 369 + xdg.configFile."fish/completions/nix.fish".source = 370 + "${pkgs.nix}/share/fish/vendor_completions.d/nix.fish"; 371 + 372 + xdg.configFile.aerc = { 373 + source = ../aerc; 374 + recursive = true; 375 + }; 376 + 377 + xdg.configFile.ghostty = { 378 + source = ../ghostty; 379 + recursive = true; 380 + }; 381 + 382 + home.file.".local/bin" = { 383 + source = ../scripts; 384 + recursive = true; 385 + }; 386 + home.file.".luacheckrc" = { 387 + text = '' 388 + globals = { 389 + "vim", 390 + "vis", 391 + } 392 + ''; 393 + }; 394 + 395 + home.stateVersion = "24.11"; 396 + 397 + }
+207
host-specific/edge/configuration.nix
··· 1 + # Edit this configuration file to define what should be installed on 2 + # your system. Help is available in the configuration.nix(5) man page, on 3 + # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). 4 + 5 + { 6 + config, 7 + lib, 8 + pkgs, 9 + inputs, 10 + ... 11 + }: 12 + let 13 + system = pkgs.stdenv.targetPlatform.system; 14 + agave = (builtins.getFlake "/home/noah/repos/agave"); 15 + in 16 + { 17 + imports = [ 18 + # Include the results of the hardware scan. 19 + ./hardware-configuration.nix 20 + agave.nixosModules.default 21 + ]; 22 + 23 + nix.settings.experimental-features = [ 24 + "nix-command" 25 + "flakes" 26 + ]; 27 + 28 + # Use the systemd-boot EFI boot loader. 29 + boot.loader.systemd-boot.enable = true; 30 + #boot.loader.grub.device = "nodev"; 31 + #boot.loader.grub.efiSupport = true; 32 + #boot.loader.grub.useOSProber = true; 33 + boot.loader.efi.canTouchEfiVariables = true; 34 + 35 + # Use latest kernel. 36 + boot.kernelPackages = pkgs.linuxPackages_latest; 37 + 38 + networking.hostName = "edge"; # Define your hostname. 39 + 40 + # Configure network connections interactively with nmcli or nmtui. 41 + networking.networkmanager.enable = true; 42 + 43 + # Set your time zone. 44 + # time.timeZone = "Europe/Amsterdam"; 45 + 46 + # Configure network proxy if necessary 47 + # networking.proxy.default = "http://user:password@proxy:port/"; 48 + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 49 + 50 + # Select internationalisation properties. 51 + i18n.defaultLocale = "en_US.UTF-8"; 52 + console = { 53 + font = "Lat2-Terminus16"; 54 + keyMap = "us"; 55 + #useXkbConfig = true; # use xkb.options in tty. 56 + }; 57 + 58 + # Enable the X11 windowing system. 59 + # services.xserver.enable = true; 60 + 61 + # Configure keymap in X11 62 + # services.xserver.xkb.layout = "us"; 63 + # services.xserver.xkb.options = "eurosign:e,caps:escape"; 64 + 65 + # Enable CUPS to print documents. 66 + # services.printing.enable = true; 67 + 68 + # Enable sound. 69 + # services.pulseaudio.enable = true; 70 + # OR 71 + # services.pipewire = { 72 + # enable = true; 73 + # pulse.enable = true; 74 + # }; 75 + 76 + # Enable touchpad support (enabled default in most desktopManager). 77 + # services.libinput.enable = true; 78 + 79 + # Define a user account. Don't forget to set a password with ‘passwd’. 80 + # users.users.alice = { 81 + # isNormalUser = true; 82 + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. 83 + # packages = with pkgs; [ 84 + # tree 85 + # ]; 86 + # }; 87 + 88 + # programs.firefox.enable = true; 89 + 90 + # List packages installed in system profile. 91 + # You can use https://search.nixos.org/ to find more packages (and options). 92 + environment.systemPackages = with pkgs; [ 93 + neovim 94 + wget 95 + git 96 + htop 97 + inputs.agenix.packages."${system}".agenix 98 + agave.packages.${system}.solana 99 + agave.packages.${system}.solana-keygen 100 + ]; 101 + 102 + services.tailscale.useRoutingFeatures = "both"; 103 + 104 + # Some programs need SUID wrappers, can be configured further or are 105 + # started in user sessions. 106 + # programs.mtr.enable = true; 107 + # programs.gnupg.agent = { 108 + # enable = true; 109 + # enableSSHSupport = true; 110 + # }; 111 + 112 + # List services that you want to enable: 113 + 114 + # Enable the OpenSSH daemon. 115 + services.openssh.enable = true; 116 + services.openssh.openFirewall = true; 117 + 118 + # Open ports in the firewall. 119 + # networking.firewall.allowedTCPPorts = [ ... ]; 120 + # networking.firewall.allowedUDPPorts = [ ... ]; 121 + # Or disable the firewall altogether. 122 + networking.firewall.enable = true; 123 + networking.firewall = { 124 + allowPing = true; 125 + allowedUDPPorts = [ ]; 126 + allowedUDPPortRanges = [ 127 + # Agave 128 + { 129 + from = 8000; 130 + to = 8020; 131 + } 132 + ]; 133 + allowedTCPPorts = [ 134 + 2375 135 + 3000 136 + # Agave 137 + 8001 138 + 8899 139 + 8900 140 + 10000 141 + ]; 142 + }; 143 + security.pam.loginLimits = [ 144 + { 145 + domain = "*"; 146 + type = "soft"; 147 + item = "nofile"; 148 + value = "100000"; 149 + } 150 + { 151 + domain = "*"; 152 + type = "hard"; 153 + item = "nofile"; 154 + value = "1000000"; 155 + } 156 + ]; 157 + 158 + age.secrets.validator-identity = { 159 + file = ../../secrets/validator-identity.age; 160 + owner = "sol"; 161 + group = "sol"; 162 + }; 163 + services.ambient-validator = { 164 + enable = true; 165 + package = agave.packages.${system}.ambient-validator; 166 + # this needs to be a secret 167 + identityKeypair = config.age.secrets.validator-identity.path; 168 + rpcBindAddress = "0.0.0.0"; 169 + geyserPluginConfig = { 170 + libpath = "${agave.packages.${system}.yellowstone-geyser}/lib/libyellowstone_grpc_geyser.so"; 171 + log = { 172 + level = "info"; 173 + }; 174 + tokio = { 175 + worker_threads = 4; 176 + affinity = null; 177 + }; 178 + grpc = { 179 + address = "0.0.0.0:10000"; 180 + }; 181 + }; 182 + }; 183 + # Copy the NixOS configuration file and link it from the resulting system 184 + # (/run/current-system/configuration.nix). This is useful in case you 185 + # accidentally delete configuration.nix. 186 + # system.copySystemConfiguration = true; 187 + 188 + # This option defines the first version of NixOS you have installed on this particular machine, 189 + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. 190 + # 191 + # Most users should NEVER change this value after the initial install, for any reason, 192 + # even if you've upgraded your system to a new NixOS release. 193 + # 194 + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, 195 + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how 196 + # to actually do that. 197 + # 198 + # This value being lower than the current NixOS release does NOT mean your system is 199 + # out of date, out of support, or vulnerable. 200 + # 201 + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, 202 + # and migrated your data accordingly. 203 + # 204 + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . 205 + system.stateVersion = "25.11"; # Did you read the comment? 206 + 207 + }
+46
host-specific/edge/hardware-configuration.nix
··· 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 + # and may be overwritten by future invocations. Please make changes 3 + # to /etc/nixos/configuration.nix instead. 4 + { config, lib, pkgs, modulesPath, ... }: 5 + 6 + { 7 + imports = 8 + [ (modulesPath + "/installer/scan/not-detected.nix") 9 + ]; 10 + 11 + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" ]; 12 + boot.initrd.kernelModules = [ ]; 13 + boot.kernelModules = [ "kvm-amd" ]; 14 + boot.extraModulePackages = [ ]; 15 + 16 + fileSystems."/" = 17 + { device = "/dev/disk/by-uuid/8101a0a8-a8c6-4083-85b6-c136d3c80f2e"; 18 + fsType = "ext4"; 19 + }; 20 + 21 + fileSystems."/boot" = 22 + { device = "/dev/disk/by-uuid/E7AD-32DA"; 23 + fsType = "vfat"; 24 + options = [ "fmask=0077" "dmask=0077" ]; 25 + }; 26 + 27 + swapDevices = [ ]; 28 + 29 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 30 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 31 + boot.swraid = { 32 + enable = true; 33 + #mdadmConf = '' 34 + # ARRAY /dev/md126 metadata=1.2 UUID=27cd6eab:f0304d07:b859f0f2:1a8f29b7 35 + # MAILADDR noah 36 + #''; 37 + }; 38 + 39 + # stuff for Agave 40 + boot.kernel.sysctl."net.core.rmem_default" = 134217728; 41 + boot.kernel.sysctl."net.core.rmem_max" = 134217728; 42 + boot.kernel.sysctl."net.core.wmem_default" = 134217728; 43 + boot.kernel.sysctl."net.core.wmem_max" = 134217728; 44 + boot.kernel.sysctl."vm.max_map_count" = 1000000; 45 + boot.kernel.sysctl."fs.nr_open" = 1000000; 46 + }
+13
host-specific/misaki/boot.nix
··· 1 + { ... }: 2 + { 3 + # Use the systemd-boot EFI boot loader. 4 + boot.loader.systemd-boot.enable = true; 5 + boot.loader.efi.canTouchEfiVariables = true; 6 + 7 + boot.supportedFilesystems = [ "zfs" ]; 8 + boot.zfs.forceImportRoot = false; 9 + boot.zfs.extraPools = [ 10 + "shokuhou" 11 + "mentalout" 12 + ]; 13 + }
+13
host-specific/misaki/configuration.nix
··· 1 + { ... }: 2 + { 3 + imports = [ 4 + ./boot.nix 5 + ./users.nix 6 + ./hardware-configuration.nix 7 + ./networking.nix 8 + ./packages.nix 9 + ./services.nix 10 + ]; 11 + nixpkgs.config.allowUnfree = true; 12 + system.stateVersion = "23.11"; # Did you read the comment? 13 + }
+1
host-specific/misaki/coredns/localhost.hosts
··· 1 + 127.0.0.1 *.localhost
+11
host-specific/misaki/coredns/ngp.computer.hosts
··· 1 + 192.168.1.3 img.ngp.computer 2 + 192.168.1.3 photos.ngp.computer 3 + 192.168.1.3 misaki.ngp.computer 4 + 192.168.1.3 files.ngp.computer 5 + 192.168.1.3 cache.ngp.computer 6 + 7 + fe80::9ab7:85ff:fe1e:dfe8 img.ngp.computer 8 + fe80::9ab7:85ff:fe1e:dfe8 photos.ngp.computer 9 + fe80::9ab7:85ff:fe1e:dfe8 misaki.ngp.computer 10 + fe80::9ab7:85ff:fe1e:dfe8 files.ngp.computer 11 + fe80::9ab7:85ff:fe1e:dfe8 cache.ngp.computer
+17
host-specific/misaki/coredns/packetlost.dev.hosts
··· 1 + # Services 2 + 192.168.1.3 git.packetlost.dev 3 + 192.168.1.3 plex.packetlost.dev 4 + 192.168.1.3 jellyfin.packetlost.dev 5 + 192.168.1.3 nats.packetlost.dev 6 + 7 + # LAN Hosts 8 + 192.168.1.3 misaki.packetlost.dev misaki 9 + 192.168.1.3 cache.packetlost.dev cache 10 + 192.168.1.5 komoe.packetlost.dev komoe 11 + 192.168.1.6 rainbow.packetlost.dev rainbow 12 + 192.168.1.10 ichika.packetlost.dev ichika 13 + 192.168.1.11 futaba.packetlost.dev futaba 14 + 192.168.1.12 mitsumi.packetlost.dev mitsumi 15 + 192.168.1.13 orangepi5.packetlost.dev orangepi5 16 + 192.168.1.30 touma.packetlost.dev touma 17 + 192.168.1.33 kamijou.packetlost.dev kamijou
+91
host-specific/misaki/hardware-configuration.nix
··· 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 + # and may be overwritten by future invocations. Please make changes 3 + # to /etc/nixos/configuration.nix instead. 4 + { 5 + config, 6 + lib, 7 + pkgs, 8 + modulesPath, 9 + ... 10 + }: 11 + 12 + { 13 + imports = [ 14 + (modulesPath + "/installer/scan/not-detected.nix") 15 + ]; 16 + 17 + boot.kernelPackages = pkgs.linuxPackages; 18 + boot.initrd.availableKernelModules = [ 19 + "nvme" 20 + "xhci_pci" 21 + "ahci" 22 + "usbhid" 23 + "usb_storage" 24 + "sd_mod" 25 + "dm-raid" 26 + "raid1" 27 + ]; 28 + boot.initrd.kernelModules = [ 29 + "dm-snapshot" 30 + "dm-raid" 31 + "raid1" 32 + ]; 33 + boot.kernelModules = [ 34 + "kvm-amd" 35 + "zfs" 36 + ]; 37 + boot.kernelParams = [ "i915.enable_guc=3" ]; 38 + boot.extraModulePackages = [ ]; 39 + 40 + fileSystems."/" = { 41 + device = "/dev/disk/by-uuid/1988fa0d-ff4a-44aa-a93e-7f0bf3cea5cf"; 42 + fsType = "ext4"; 43 + }; 44 + 45 + fileSystems."/boot" = { 46 + device = "/dev/disk/by-uuid/81D4-01CD"; 47 + fsType = "vfat"; 48 + }; 49 + 50 + swapDevices = [ ]; 51 + 52 + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 53 + # (the default) this is the recommended approach. When using systemd-networkd it's 54 + # still possible to use this option, but it's recommended to use it in conjunction 55 + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. 56 + networking.useDHCP = lib.mkDefault true; 57 + # networking.interfaces.enp4s0f0.useDHCP = lib.mkDefault true; 58 + # networking.interfaces.enp4s0f1.useDHCP = lib.mkDefault true; 59 + # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true; 60 + 61 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 62 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 63 + 64 + #nixpkgs.config.packageOverrides = pkgs: { 65 + # vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; 66 + #}; 67 + hardware.graphics = { 68 + enable = true; 69 + extraPackages = with pkgs; [ 70 + intel-media-driver 71 + #vaapiVdpau 72 + #libvdpau-va-gl # unmaintained, very old 73 + intel-compute-runtime 74 + vpl-gpu-rt 75 + ]; 76 + #extraPackages32 = with pkgs; [ 77 + # intel-media-driver 78 + # vaapiVdpau 79 + # #libvdpau-va-gl 80 + # intel-compute-runtime 81 + # vpl-gpu-rt 82 + #]; 83 + }; 84 + environment.variables = { 85 + VDPAU_DRIVER = "va_gl"; 86 + LIBVA_DRIVER_NAME = "iHD"; 87 + LIBVA_DRIVERS_PATH = "/run/opengl-driver/lib/dri"; 88 + GST_VAAPI_ALL_DRIVERS = "1"; 89 + }; 90 + #services.xserver.videoDrivers = [ "intel" ]; 91 + }
+115
host-specific/misaki/networking.nix
··· 1 + { config, ... }: 2 + { 3 + # networking.hostName = "nixos"; # Define your hostname. 4 + # Pick only one of the below networking options. 5 + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. 6 + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. 7 + networking.hostName = "misaki"; 8 + # I like systemd-networkd 9 + systemd.network.enable = true; 10 + systemd.network.networks."50-wlp2s0" = { 11 + matchConfig.name = "wlp2s0"; 12 + networkConfig.DHCP = "yes"; 13 + linkConfig.RequiredForOnline = "no"; 14 + }; 15 + 16 + networking.tempAddresses = "disabled"; 17 + 18 + networking.interfaces = { 19 + enp4s0f1 = { 20 + ipv4.addresses = [ 21 + { 22 + address = "192.168.1.3"; 23 + prefixLength = 24; 24 + } 25 + ]; 26 + }; 27 + }; 28 + networking.defaultGateway = { 29 + address = "192.168.1.1"; 30 + interface = "enp4s0f1"; 31 + }; 32 + 33 + networking.defaultGateway6 = { 34 + address = "fe80::2870:4eff:fe84:d884"; 35 + interface = "enp4s0f1"; 36 + }; 37 + 38 + networking.nameservers = [ 39 + "192.168.1.3" 40 + "45.90.28.93" 41 + "45.90.30.93" 42 + ]; 43 + 44 + # This is necessary for ZFS 45 + networking.hostId = "5beebabe"; 46 + 47 + networking.useNetworkd = true; 48 + # TODO: static IP @ 192.168.1.2 49 + 50 + # Configure network proxy if necessary 51 + # networking.proxy.default = "http://user:password@proxy:port/"; 52 + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 53 + # Open ports in the firewall. 54 + # networking.firewall.allowedTCPPorts = [ ... ]; 55 + # networking.firewall.allowedUDPPorts = [ ... ]; 56 + # Or disable the firewall altogether. 57 + # TODO: allow some ports 58 + networking.firewall = { 59 + enable = true; 60 + allowPing = true; 61 + trustedInterfaces = [ 62 + "tailscale0" 63 + ]; 64 + allowedUDPPorts = [ 65 + # DNS 66 + 53 67 + config.services.tailscale.port 68 + ]; 69 + allowedTCPPorts = [ 70 + # DNS over TCP 71 + 53 72 + # NFSv4 73 + 2049 74 + # HTTP(s) 75 + 443 76 + 80 77 + # iperf3 78 + 5201 79 + 5301 80 + 5401 81 + # NATS 82 + 4222 83 + # Prometheus 84 + 9001 85 + # Minio 86 + 9003 87 + # Minio web 88 + 9004 89 + # AFP via Netatalk 90 + 548 91 + #9p 92 + 564 93 + # Misc development 94 + 3000 95 + ]; 96 + }; 97 + 98 + services.tailscale.useRoutingFeatures = "both"; 99 + 100 + services.avahi = { 101 + enable = true; 102 + nssmdns4 = true; 103 + nssmdns6 = true; 104 + ipv6 = true; 105 + openFirewall = true; 106 + publish = { 107 + enable = true; 108 + addresses = true; 109 + workstation = true; 110 + userServices = true; 111 + domain = true; 112 + }; 113 + }; 114 + 115 + }
+67
host-specific/misaki/packages.nix
··· 1 + { 2 + pkgs, 3 + lib, 4 + inputs, 5 + ... 6 + }: 7 + { 8 + 9 + # List packages installed in system profile. To search, run: 10 + # $ nix search wget 11 + environment.systemPackages = with pkgs; [ 12 + neovim 13 + appimage-run 14 + wget 15 + kitty 16 + w3m 17 + fishPlugins.fzf-fish 18 + fzf 19 + qemu 20 + OVMF 21 + metastore 22 + # 9p 23 + diod 24 + plan9port 25 + vis 26 + rc 27 + ncdu 28 + inputs.agenix.packages."${system}".agenix 29 + 30 + # ZFS / filesystem stuff 31 + zfs 32 + 33 + # GPU stuff 34 + intel-gpu-tools 35 + #(ffmpeg-full.override { 36 + # withUnfree = true; 37 + # withMfx = false; 38 + # withSmallBuild = false; 39 + # withTensorflow = false; 40 + #}) 41 + libva 42 + libva-utils 43 + nvtopPackages.intel 44 + ]; 45 + 46 + # Fix dynamically linked libraries for unpackaged binaries 47 + programs.nix-ld = { 48 + enable = true; 49 + libraries = with pkgs; [ 50 + # Add missing dynamic libraries for unpackaged programs HERE 51 + # NOT in environment.systemPackages 52 + zlib 53 + ]; 54 + }; 55 + 56 + programs.fuse.userAllowOther = true; 57 + 58 + # Whitelist some unfree packages 59 + #nixpkgs.config.allowUnfreePredicate = 60 + # pkg: 61 + # builtins.elem (lib.getName pkg) [ 62 + # "tailscale" 63 + # "plexmediaserver" 64 + # "teamspeak-server" 65 + # "ffmpeg-full" 66 + # ]; 67 + }
+3
host-specific/misaki/scripts/fix-jpeg-raw-duplicates-immich.rcsh
··· 1 + #!/usr/bin/env rc 2 + 3 + nix run 'github:nixos/nixpkgs?ref=nixos-unstable-small#immich-go' -- stack -k `{pa show immich-api} -s 'https://photos.ngp.computer' --manage-raw-jpeg StackCoverJPG
+13
host-specific/misaki/scripts/nr
··· 1 + #!/usr/bin/env rc 2 + 3 + flag x + 4 + 5 + if(~ $1 -x) { 6 + flake e + 7 + shift 8 + } 9 + 10 + pkg=$1 11 + shift 12 + 13 + exec nix run --impure 'nixpkgs#'^$pkg -- $*
+8
host-specific/misaki/scripts/oclip
··· 1 + #!/usr/bin/env rc 2 + flag e + 3 + 4 + if (~ $1 -x) { 5 + flag x + 6 + } 7 + data=`{base64 <[0=0]} 8 + printf '\033]52;c;%s\007' $"data
+14
host-specific/misaki/scripts/update-src
··· 1 + #!/usr/bin/env rc 2 + 3 + background=() 4 + for(repo in `{cat downstream}) { 5 + echo Updating $repo 6 + git -C $repo fetch --all --tags --prune --force & 7 + background=($apid $background) 8 + } 9 + 10 + for (i in $background) { 11 + wait $i 12 + } 13 + 14 + echo Done!
+578
host-specific/misaki/services.nix
··· 1 + { 2 + config, 3 + pkgs, 4 + unstable, 5 + ... 6 + }: 7 + { 8 + 9 + services.zfs = { 10 + autoScrub.enable = true; 11 + }; 12 + services.nfs.server.enable = true; 13 + # Some programs need SUID wrappers, can be configured further or are 14 + # started in user sessions. 15 + # programs.mtr.enable = true; 16 + programs.gnupg.agent = { 17 + enable = true; 18 + enableSSHSupport = false; 19 + }; 20 + 21 + # Fish shell, the best 22 + programs.fish.enable = true; 23 + 24 + # MOSH, SSH over flakey connections 25 + programs.mosh.enable = true; 26 + 27 + # List services that you want to enable: 28 + 29 + # Enable the OpenSSH daemon. 30 + services.openssh = { 31 + enable = true; 32 + openFirewall = true; 33 + settings.PasswordAuthentication = false; 34 + }; 35 + 36 + # This option is for enabling the bolt daemon for managing Thunderbolt/USB4 Devices. 37 + services.hardware.bolt.enable = true; 38 + 39 + services.ergochat.enable = true; 40 + 41 + # Containers and VMs 42 + virtualisation = { 43 + podman = { 44 + enable = true; 45 + dockerCompat = true; 46 + defaultNetwork.settings.dns_enabled = true; 47 + }; 48 + }; 49 + 50 + # Samba, for shares 51 + # TODO 52 + services.samba = { 53 + enable = true; 54 + openFirewall = true; 55 + nmbd.enable = true; 56 + winbindd.enable = true; 57 + settings = { 58 + global = { 59 + workgroup = "WORKGROUP"; 60 + "server string" = "misaki"; 61 + security = "user"; 62 + "use sendfile" = "yes"; 63 + "hosts allow" = "192.168.1. 127.0.0.1 localhost"; 64 + "hosts deny" = "0.0.0.0/0"; 65 + "guest account" = "nobody"; 66 + "map to guest" = "bad user"; 67 + deadtime = 30; 68 + }; 69 + shokuhou = { 70 + path = "/srv/shokuhou"; 71 + browseable = "yes"; 72 + "read only" = "no"; 73 + "guest ok" = "no"; 74 + "create mask" = "0644"; 75 + "directory mask" = "0755"; 76 + "force user" = "noah"; 77 + "force group" = "nas"; 78 + }; 79 + mentalout = { 80 + path = "/srv/mentalout"; 81 + browseable = "yes"; 82 + "read only" = "no"; 83 + "guest ok" = "no"; 84 + "create mask" = "0644"; 85 + "directory mask" = "0755"; 86 + "force user" = "noah"; 87 + "force group" = "nas"; 88 + }; 89 + }; 90 + }; 91 + services.samba-wsdd = { 92 + enable = true; 93 + openFirewall = true; 94 + }; 95 + 96 + services.coredns = { 97 + enable = true; 98 + config = '' 99 + packetlost.dev { 100 + hosts ${./coredns/packetlost.dev.hosts} packetlost.dev { 101 + fallthrough 102 + } 103 + bind enp4s0f1 104 + } 105 + ngp.computer { 106 + hosts ${./coredns/ngp.computer.hosts} ngp.computer { 107 + fallthrough 108 + } 109 + bind enp4s0f1 110 + } 111 + localhost { 112 + hosts ${./coredns/localhost.hosts} localhost { 113 + fallthrough 114 + } 115 + bind enp4s0f1 116 + } 117 + . { 118 + # NextDNS 119 + forward . tls://2a07:a8c0::dd:2feb:853 tls://2a07:a8c1::dd:2feb:853 tls://45.90.28.93:853 tls://45.90.30.93:853 { 120 + tls_servername dd2feb.dns.nextdns.io 121 + health_check 5s 122 + } 123 + bind enp4s0f1 124 + cache 125 + errors 126 + log 127 + } 128 + ''; 129 + }; 130 + 131 + services.nats = { 132 + enable = true; 133 + jetstream = true; 134 + user = "nats"; 135 + group = "nats"; 136 + serverName = "misaki"; 137 + dataDir = "/srv/shokuhou/applications/nats"; 138 + validateConfig = false; 139 + settings = { 140 + authorization = { 141 + users = [ 142 + { 143 + user = "seedbox@packetlost.dev"; 144 + permissions = { 145 + publish = [ 146 + "torrents" 147 + "torrents.>" 148 + "$JS.API.INFO" 149 + #"$JS.API.STREAM.INFO.>" 150 + "$KV.torrents.>" 151 + #"$JS.API.STREAM.*.*.OBJ_torrents" 152 + "$JS.API.*.*.OBJ_torrents" 153 + "$JS.API.STREAM.MSG.GET.OBJ_torrents" 154 + "$JS.API.*.*.OBJ_torrents.>" 155 + "$O.torrents.>" 156 + ]; 157 + subscribe = [ 158 + "torrents.>" 159 + "_INBOX.>" 160 + ]; 161 + allow_responses = false; 162 + }; 163 + } 164 + { user = "odin@packetlost.dev"; } 165 + { user = "misaki@packetlost.dev"; } 166 + { user = "noah@packetlost.dev"; } 167 + { user = "touma-nixos@packetlost.dev"; } 168 + ]; 169 + }; 170 + tls = { 171 + cert_file = "/srv/nats/nats.packetlost.dev/cert.pem"; 172 + key_file = "/srv/nats/nats.packetlost.dev/key.pem"; 173 + ca_file = "/srv/nats/minica.pem"; 174 + verify_and_map = true; 175 + }; 176 + jetstream = { 177 + # 50GB 178 + max_file_store = 53687091200; 179 + max_mem = 8589934592; 180 + }; 181 + }; 182 + }; 183 + 184 + # Minio's object storage has been mostly replaced with NATS. If I specifically need a 185 + # S3-like API, this will be revived. 186 + services.minio = { 187 + enable = false; 188 + listenAddress = ":9003"; 189 + consoleAddress = ":9004"; 190 + dataDir = [ 191 + /srv/shokuhou/applications/minio 192 + ]; 193 + }; 194 + 195 + services.netatalk = { 196 + enable = true; 197 + settings = { 198 + time-machine = { 199 + path = "/srv/shokuhou/backup/timemachine"; 200 + "valid users" = "noah"; 201 + "time machine" = true; 202 + }; 203 + }; 204 + }; 205 + 206 + services.webdav.enable = false; 207 + services.sftpgo = { 208 + enable = false; 209 + dataDir = /srv/shokuhou/documents/sftpgo; 210 + group = "nas"; 211 + }; 212 + services.syncthing = { 213 + enable = false; 214 + openDefaultPorts = true; 215 + # disable the sync folder creation 216 + extraFlags = [ "--no-default-folder" ]; 217 + settings = { 218 + folders = { 219 + "Sync" = { 220 + path = "/srv/shokuhou/documents/sync"; 221 + }; 222 + }; 223 + }; 224 + }; 225 + 226 + services.grafana = { 227 + enable = false; 228 + settings.server.http_port = 2342; 229 + settings.server.domain = "grafana.packetlost.dev"; 230 + settings.server.http_addr = "127.0.0.1"; 231 + }; 232 + 233 + services.prometheus = { 234 + enable = false; 235 + port = 9001; 236 + exporters = { 237 + node = { 238 + enable = true; 239 + enabledCollectors = [ "systemd" ]; 240 + port = 9002; 241 + }; 242 + }; 243 + 244 + scrapeConfigs = [ 245 + { 246 + job_name = "chrysalis"; 247 + static_configs = [ 248 + { targets = [ "127.0.0.1:${builtins.toString config.services.prometheus.exporters.node.port}" ]; } 249 + ]; 250 + } 251 + ]; 252 + }; 253 + 254 + # TODO: figure out how to appropriately configure this 255 + services.step-ca = { 256 + enable = false; 257 + openFirewall = true; 258 + port = 8443; 259 + address = "0.0.0.0"; 260 + intermediatePasswordFile = /etc/nixos/step-ca-intermediate-ca-password; 261 + settings = builtins.fromJSON (builtins.readFile /home/noah/.step/config/ca.json); 262 + }; 263 + 264 + age.secrets.acme = { 265 + file = ../../secrets/porkbun-api-key.age; 266 + owner = "root"; 267 + group = "acme"; 268 + }; 269 + 270 + security.acme = { 271 + acceptTerms = true; 272 + defaults.email = "noah@packetlost.dev"; 273 + certs."plex.packetlost.dev" = { 274 + group = "httpd"; 275 + dnsProvider = "porkbun"; 276 + environmentFile = config.age.secrets.acme.path; 277 + }; 278 + certs."img.ngp.computer" = { 279 + group = "httpd"; 280 + dnsProvider = "porkbun"; 281 + environmentFile = config.age.secrets.acme.path; 282 + }; 283 + certs."files.ngp.computer" = { 284 + group = "httpd"; 285 + dnsProvider = "porkbun"; 286 + environmentFile = config.age.secrets.acme.path; 287 + }; 288 + certs."cache.ngp.computer" = { 289 + group = "httpd"; 290 + dnsProvider = "porkbun"; 291 + environmentFile = config.age.secrets.acme.path; 292 + }; 293 + certs."photos.ngp.computer" = { 294 + group = "httpd"; 295 + dnsProvider = "porkbun"; 296 + environmentFile = config.age.secrets.acme.path; 297 + }; 298 + certs."jellyfin.packetlost.dev" = { 299 + group = "httpd"; 300 + dnsProvider = "porkbun"; 301 + environmentFile = config.age.secrets.acme.path; 302 + }; 303 + }; 304 + 305 + # A test email server that only works on LAN 306 + services.maddy = { 307 + enable = true; 308 + openFirewall = true; 309 + primaryDomain = "misaki.local"; 310 + ensureAccounts = [ 311 + "noah@misaki.local" 312 + "postmaster@misaki.local" 313 + "test@misaki.local" 314 + ]; 315 + ensureCredentials = { 316 + "noah@misaki.local".passwordFile = "${pkgs.writeText "noah" "Password123"}"; 317 + "postmaster@misaki.local".passwordFile = "${pkgs.writeText "noah" "Password123"}"; 318 + "test@misaki.local".passwordFile = "${pkgs.writeText "test" "Password123"}"; 319 + }; 320 + }; 321 + 322 + age.secrets.nix-serve = { 323 + file = ../../secrets/nix-serve-secret-key.age; 324 + owner = "root"; 325 + group = "root"; 326 + }; 327 + services.nix-serve = { 328 + enable = true; 329 + package = unstable.nix-serve-ng; 330 + secretKeyFile = config.age.secrets.nix-serve.path; 331 + openFirewall = true; 332 + }; 333 + 334 + services.plex = { 335 + enable = true; 336 + openFirewall = false; # we proxy this with nginx 337 + group = "nas"; 338 + user = "noah"; 339 + package = unstable.plex; 340 + }; 341 + 342 + services.jellyfin = { 343 + enable = true; 344 + openFirewall = true; 345 + user = "noah"; 346 + group = "nas"; 347 + logDir = "/srv/shokuhou/applications/jellyfin/log"; 348 + cacheDir = "/srv/shokuhou/applications/jellyfin/cache"; 349 + dataDir = "/srv/shokuhou/applications/jellyfin/data"; 350 + configDir = "/srv/shokuhou/applications/jellyfin/config"; 351 + }; 352 + 353 + services.gitea = { 354 + enable = false; 355 + user = "git"; 356 + domain = "git.packetlost.dev"; 357 + }; 358 + 359 + # Litterbox, collect my IRC logs 360 + systemd = { 361 + services = { 362 + "litterbox@" = { 363 + path = [ pkgs.litterbox ]; 364 + serviceConfig = { 365 + StartLimitIntervalSec = 5; 366 + StartLimitBurst = 10; 367 + Restart = "on-failure"; 368 + RestartSec = "10s"; 369 + Type = "simple"; 370 + ExecStart = "${pkgs.litterbox}/bin/litterbox /srv/litterbox/%i.conf"; 371 + ExecReload = "kill -USR1 $MAINPID"; 372 + User = "noah"; 373 + Group = "litterbox"; 374 + }; 375 + }; 376 + 377 + #"litterbox@libera.irc.packetlost.dev" = { 378 + # overrideStrategy = "asDropin"; 379 + # wantedBy = [ "multi-user.target" ]; 380 + #}; 381 + "update-downstream-src" = { 382 + path = with pkgs; [ 383 + rc 384 + coreutils 385 + git 386 + openssh 387 + ]; 388 + script = "exec ${./scripts/update-src}"; 389 + serviceConfig = { 390 + Type = "oneshot"; 391 + User = "noah"; 392 + WorkingDirectory = "/srv/src"; 393 + }; 394 + }; 395 + }; 396 + timers = { 397 + "update-downstream-src" = { 398 + wantedBy = [ "timers.target" ]; 399 + timerConfig = { 400 + OnCalendar = "daily"; 401 + Persistent = true; 402 + }; 403 + }; 404 + }; 405 + }; 406 + 407 + services.teamspeak3 = { 408 + enable = true; 409 + openFirewall = true; 410 + }; 411 + 412 + services.immich = { 413 + enable = true; 414 + package = unstable.immich; 415 + accelerationDevices = [ "/dev/dri/renderD128" ]; 416 + mediaLocation = "/srv/shokuhou/pictures/immich"; 417 + }; 418 + users.users.immich.extraGroups = [ 419 + "video" 420 + "render" 421 + "nas" 422 + ]; 423 + 424 + # Nginx Reverse SSL Proxy 425 + services.nginx = { 426 + enable = true; 427 + group = "nas"; 428 + user = "noah"; 429 + recommendedGzipSettings = true; 430 + recommendedOptimisation = true; 431 + #recommendedProxySettings = true; 432 + recommendedTlsSettings = true; 433 + 434 + virtualHosts."photos.ngp.computer" = { 435 + enableACME = true; 436 + acmeRoot = null; 437 + forceSSL = true; 438 + locations."/" = { 439 + proxyPass = "http://[::1]:${toString config.services.immich.port}"; 440 + proxyWebsockets = true; 441 + recommendedProxySettings = true; 442 + extraConfig = '' 443 + client_max_body_size 50000M; 444 + proxy_read_timeout 600s; 445 + proxy_send_timeout 600s; 446 + send_timeout 600s; 447 + ''; 448 + }; 449 + }; 450 + virtualHosts."img.ngp.computer" = { 451 + forceSSL = true; 452 + enableACME = true; 453 + acmeRoot = null; 454 + root = "/srv/shokuhou/pictures/public"; 455 + extraConfig = '' 456 + sendfile on; 457 + autoindex_exact_size on; 458 + tcp_nopush on; 459 + ''; 460 + locations."/" = { 461 + extraConfig = '' 462 + autoindex on; 463 + autoindex_exact_size on; 464 + alias /srv/shokuhou/pictures/public/$1; 465 + ''; 466 + }; 467 + }; 468 + virtualHosts."files.ngp.computer" = { 469 + forceSSL = true; 470 + enableACME = true; 471 + acmeRoot = null; 472 + root = null; 473 + extraConfig = '' 474 + sendfile on; 475 + tcp_nopush on; 476 + ''; 477 + locations."/books/" = { 478 + extraConfig = '' 479 + autoindex on; 480 + autoindex_exact_size on; 481 + alias /srv/shokuhou/books/sync/$1; 482 + ''; 483 + }; 484 + }; 485 + virtualHosts."jellyfin.packetlost.dev" = { 486 + forceSSL = true; 487 + enableACME = true; 488 + acmeRoot = null; 489 + http2 = true; 490 + locations."/" = { 491 + proxyPass = "http://localhost:8096/"; 492 + }; 493 + }; 494 + virtualHosts."cache.ngp.computer" = { 495 + forceSSL = true; 496 + enableACME = true; 497 + acmeRoot = null; 498 + http2 = true; 499 + locations."/".proxyPass = 500 + "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}"; 501 + }; 502 + 503 + # give a name to the virtual host. It also becomes the server name. 504 + virtualHosts."plex.packetlost.dev" = { 505 + # Since we want a secure connection, we force SSL 506 + forceSSL = true; 507 + enableACME = true; 508 + acmeRoot = null; 509 + 510 + # http2 can more performant for streaming: https://blog.cloudflare.com/introducing-http2/ 511 + http2 = true; 512 + 513 + # Provide the ssl cert and key for the vhost 514 + # These are filled in automatically with ACME 515 + extraConfig = '' 516 + 517 + #Some players don't reopen a socket and playback stops totally instead of resuming after an extended pause 518 + send_timeout 100m; 519 + 520 + # Why this is important: https://blog.cloudflare.com/ocsp-stapling-how-cloudflare-just-made-ssl-30/ 521 + ssl_stapling on; 522 + ssl_stapling_verify on; 523 + 524 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 525 + ssl_prefer_server_ciphers on; 526 + #Intentionally not hardened for security for player support and encryption video streams has a lot of overhead with something like AES-256-GCM-SHA384. 527 + ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; 528 + 529 + # Forward real ip and host to Plex 530 + proxy_set_header X-Real-IP $remote_addr; 531 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 532 + proxy_set_header X-Forwarded-Proto $scheme; 533 + proxy_set_header Host $server_addr; 534 + proxy_set_header Referer $server_addr; 535 + proxy_set_header Origin $server_addr; 536 + 537 + # Plex has A LOT of javascript, xml and html. This helps a lot, but if it causes playback issues with devices turn it off. 538 + gzip on; 539 + gzip_vary on; 540 + gzip_min_length 1000; 541 + gzip_proxied any; 542 + gzip_types text/plain text/css text/xml application/xml text/javascript application/x-javascript image/svg+xml; 543 + gzip_disable "MSIE [1-6]\."; 544 + 545 + # Nginx default client_max_body_size is 1MB, which breaks Camera Upload feature from the phones. 546 + # Increasing the limit fixes the issue. Anyhow, if 4K videos are expected to be uploaded, the size might need to be increased even more 547 + client_max_body_size 100M; 548 + 549 + # Plex headers 550 + proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier; 551 + proxy_set_header X-Plex-Device $http_x_plex_device; 552 + proxy_set_header X-Plex-Device-Name $http_x_plex_device_name; 553 + proxy_set_header X-Plex-Platform $http_x_plex_platform; 554 + proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version; 555 + proxy_set_header X-Plex-Product $http_x_plex_product; 556 + proxy_set_header X-Plex-Token $http_x_plex_token; 557 + proxy_set_header X-Plex-Version $http_x_plex_version; 558 + proxy_set_header X-Plex-Nocache $http_x_plex_nocache; 559 + proxy_set_header X-Plex-Provides $http_x_plex_provides; 560 + proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor; 561 + proxy_set_header X-Plex-Model $http_x_plex_model; 562 + 563 + # Websockets 564 + proxy_http_version 1.1; 565 + proxy_set_header Upgrade $http_upgrade; 566 + proxy_set_header Connection "upgrade"; 567 + 568 + # Buffering off send to the client as soon as the data is received from Plex. 569 + proxy_redirect off; 570 + proxy_buffering off; 571 + ''; 572 + 573 + locations."/" = { 574 + proxyPass = "http://localhost:32400/"; 575 + }; 576 + }; 577 + }; 578 + }
+6
host-specific/misaki/users.nix
··· 1 + { ... }: 2 + { 3 + users.groups.nas.gid = 1001; 4 + users.groups.httpd.gid = 1002; 5 + users.groups.litterbox.gid = 1003; 6 + }
+6
host-specific/odin/boot.nix
··· 1 + { ... }: 2 + { 3 + # Use the systemd-boot EFI boot loader. 4 + boot.loader.systemd-boot.enable = true; 5 + boot.loader.efi.canTouchEfiVariables = true; 6 + }
+62
host-specific/odin/configuration.nix
··· 1 + # Edit this configuration file to define what should be installed on 2 + ## your system. Help is available in the configuration.nix(5) man page, on 3 + # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). 4 + 5 + { ... }: 6 + { 7 + imports = [ 8 + # Include the results of the hardware scan. 9 + ./hardware-configuration.nix 10 + ./boot.nix 11 + ./networking.nix 12 + #./gui.nix 13 + ./packages.nix 14 + ./services.nix 15 + ]; 16 + 17 + nixpkgs.config.allowUnfree = true; 18 + 19 + # Set your time zone. 20 + time.timeZone = "America/Chicago"; 21 + 22 + # Select internationalisation properties. 23 + i18n.defaultLocale = "en_US.UTF-8"; 24 + # console = { 25 + # font = "Lat2-Terminus16"; 26 + # keyMap = "us"; 27 + # useXkbConfig = true; # use xkb.options in tty. 28 + # }; 29 + 30 + # Automatic doc cache generation 31 + documentation.man.generateCaches = true; 32 + 33 + # Automatic system upgrades 34 + system.autoUpgrade = { 35 + enable = true; 36 + dates = "09:00"; 37 + randomizedDelaySec = "45min"; 38 + }; 39 + 40 + # Automatic Garbage Collection 41 + nix.gc.automatic = true; 42 + nix.gc.options = "--delete-older-than 8d"; 43 + 44 + # This option defines the first version of NixOS you have installed on this particular machine, 45 + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. 46 + # 47 + # Most users should NEVER change this value after the initial install, for any reason, 48 + # even if you've upgraded your system to a new NixOS release. 49 + # 50 + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, 51 + # so changing it will NOT upgrade your system. 52 + # 53 + # This value being lower than the current NixOS release does NOT mean your system is 54 + # out of date, out of support, or vulnerable. 55 + # 56 + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, 57 + # and migrated your data accordingly. 58 + # 59 + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . 60 + system.stateVersion = "23.11"; # Did you read the comment? 61 + 62 + }
+9
host-specific/odin/default.nix
··· 1 + { ... }: 2 + { 3 + imports = [ 4 + ./hardware-configuration.nix 5 + ./networking.nix 6 + ./packages.nix 7 + ./services.nix 8 + ]; 9 + }
+98
host-specific/odin/gui.nix
··· 1 + { pkgs, ... }: 2 + { 3 + # Enable the X11 windowing system. 4 + services.xserver = { 5 + enable = true; 6 + videoDrivers = [ "amdgpu" ]; 7 + }; 8 + 9 + # Fix for HIP libraries 10 + systemd.tmpfiles.rules = [ 11 + "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" 12 + ]; 13 + 14 + # Configure keymap in X11 15 + # services.xserver.xkb.layout = "us"; 16 + # services.xserver.xkb.options = "eurosign:e,caps:escape"; 17 + 18 + # Enable CUPS to print documents. 19 + # services.printing.enable = true; 20 + 21 + # Enable sound. 22 + security.rtkit.enable = true; 23 + services.pipewire = { 24 + enable = true; 25 + alsa.enable = true; 26 + alsa.support32Bit = true; 27 + pulse.enable = true; 28 + wireplumber.enable = true; 29 + }; 30 + 31 + # Graphics and parallel compute configuration 32 + hardware.graphics = { 33 + enable = true; 34 + extraPackages = with pkgs; [ 35 + libva 36 + mesa 37 + rocmPackages.clr.icd 38 + ]; 39 + }; 40 + 41 + # Enable touchpad support (enabled default in most desktopManager). 42 + # services.xserver.libinput.enable = true; 43 + 44 + # Fonts 45 + fonts.packages = with pkgs; [ 46 + fira-code 47 + fira-code-symbols 48 + noto-fonts 49 + noto-fonts-cjk-sans 50 + noto-fonts-color-emoji 51 + nerd-fonts.fira-code 52 + ]; 53 + 54 + # Polkit is a dependency of Sway. It's responsible for handling security policies 55 + security.polkit.enable = true; 56 + 57 + # Enable the sway window manager 58 + programs.sway = { 59 + enable = true; 60 + #package = unstable.sway; 61 + wrapperFeatures.gtk = true; 62 + }; 63 + # Use greetd as the displaymanager 64 + #services.xserver.displayManager.greetd.enable = true; 65 + #services.xserver.displayManager.lightdm.enable = false; 66 + services.displayManager.sddm.enable = true; 67 + services.displayManager.defaultSession = "sway"; 68 + services.displayManager.autoLogin = { 69 + enable = true; 70 + user = "noah"; 71 + }; 72 + 73 + # i3, for when I need XOrg 74 + services.xserver.windowManager.i3 = { 75 + enable = true; 76 + extraPackages = with pkgs; [ 77 + dmenu 78 + i3status 79 + i3lock 80 + i3blocks 81 + ]; 82 + }; 83 + 84 + xdg.portal = { 85 + enable = true; 86 + wlr.enable = true; 87 + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; 88 + }; 89 + xdg.mime = { 90 + enable = true; 91 + defaultApplications = { 92 + "x-scheme-handler/http" = "org.firefox.firefox.desktop"; 93 + "x-scheme-handler/https" = "org.firefox.firefox.desktop"; 94 + }; 95 + }; 96 + services.dbus.enable = true; 97 + services.gnome.gnome-keyring.enable = true; 98 + }
+93
host-specific/odin/hardware-configuration.nix
··· 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 + # and may be overwritten by future invocations. Please make changes 3 + # to /etc/nixos/configuration.nix instead. 4 + { 5 + config, 6 + lib, 7 + modulesPath, 8 + pkgs, 9 + ... 10 + }: 11 + 12 + { 13 + imports = [ 14 + (modulesPath + "/installer/scan/not-detected.nix") 15 + ]; 16 + 17 + boot.kernelPackages = pkgs.linuxPackages_latest; 18 + boot.initrd.availableKernelModules = [ 19 + "nvme" 20 + "xhci_pci" 21 + "thunderbolt" 22 + "usb_storage" 23 + "usbhid" 24 + "sd_mod" 25 + "sdhci_pci" 26 + ]; 27 + boot.initrd.kernelModules = [ 28 + "kvm-amd" 29 + "amdgpu" 30 + "nvme" 31 + "xhci_pci" 32 + "thunderbolt" 33 + "usb_storage" 34 + "usbhid" 35 + "sd_mod" 36 + "sdhci_pci" 37 + ]; 38 + boot.kernelModules = [ 39 + "kvm-amd" 40 + "amdgpu" 41 + "nvme" 42 + "xhci_pci" 43 + "thunderbolt" 44 + "usb_storage" 45 + "usbhid" 46 + "sd_mod" 47 + "sdhci_pci" 48 + ]; 49 + virtualisation.libvirtd = { 50 + enable = true; 51 + qemu = { 52 + runAsRoot = false; 53 + }; 54 + }; 55 + #boot.extraModulePackages = with config.boot.kernelPackages; [ ]; 56 + boot.kernelParams = [ ]; 57 + 58 + hardware.enableRedistributableFirmware = true; 59 + 60 + fileSystems."/" = { 61 + device = "/dev/disk/by-uuid/07019c69-2597-410d-a8a0-a8ffb0f58883"; 62 + fsType = "ext4"; 63 + }; 64 + 65 + fileSystems."/boot" = { 66 + device = "/dev/disk/by-uuid/4B85-C90A"; 67 + fsType = "vfat"; 68 + }; 69 + 70 + swapDevices = [ 71 + { 72 + device = "/swapfile"; 73 + size = 32 * 1024; 74 + } 75 + ]; 76 + 77 + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 78 + # (the default) this is the recommended approach. When using systemd-networkd it's 79 + # still possible to use this option, but it's recommended to use it in conjunction 80 + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. 81 + networking.useDHCP = lib.mkDefault true; 82 + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; 83 + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; 84 + 85 + nixpkgs.hostPlatform = { 86 + #gcc.arch = "znver2"; 87 + #gcc.tune = "znver2"; 88 + system = "x86_64-linux"; 89 + #gcc.arch = "x86-64-v3"; 90 + }; 91 + #nix.settings.system-features = ["gccarch-znver2" "big-parallel" "nixos-test" "benchmark" "kvm"]; 92 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 93 + }
+78
host-specific/odin/networking.nix
··· 1 + { ... }: 2 + { 3 + # networking.hostName = "nixos"; # Define your hostname. 4 + # Pick only one of the below networking options. 5 + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. 6 + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. 7 + networking.hostName = "odin"; 8 + # I like systemd-networkd 9 + systemd.network.enable = true; 10 + systemd.network.networks."50-wlp2s0" = { 11 + matchConfig.name = "wlp2s0"; 12 + networkConfig.DHCP = "yes"; 13 + linkConfig.RequiredForOnline = "no"; 14 + }; 15 + 16 + networking.tempAddresses = "disabled"; 17 + 18 + networking.useNetworkd = true; 19 + # TODO: static IP @ 192.168.1.6 20 + 21 + # Configure network proxy if necessary 22 + # networking.proxy.default = "http://user:password@proxy:port/"; 23 + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 24 + # Open ports in the firewall. 25 + # networking.firewall.allowedTCPPorts = [ ... ]; 26 + # networking.firewall.allowedUDPPorts = [ ... ]; 27 + # Or disable the firewall altogether. 28 + networking.firewall = { 29 + enable = true; 30 + allowPing = true; 31 + allowedUDPPorts = [ ]; 32 + allowedUDPPortRanges = [ ]; 33 + allowedTCPPorts = [ 34 + 2375 35 + 3000 36 + ]; 37 + }; 38 + 39 + services.avahi = { 40 + enable = true; 41 + nssmdns4 = true; 42 + nssmdns6 = true; 43 + ipv6 = true; 44 + openFirewall = true; 45 + publish = { 46 + enable = true; 47 + addresses = true; 48 + workstation = true; 49 + userServices = true; 50 + domain = true; 51 + }; 52 + }; 53 + 54 + # NFS mounts 55 + 56 + fileSystems = { 57 + "/srv/shokuhou" = { 58 + device = "192.168.1.3:/srv/shokuhou"; 59 + fsType = "nfs"; 60 + options = [ 61 + "nfsvers=4" 62 + "user" 63 + "x-system.automount" 64 + "x-system.idle-timeout=600" 65 + ]; 66 + }; 67 + "/srv/mentalout" = { 68 + device = "192.168.1.3:/srv/mentalout"; 69 + fsType = "nfs"; 70 + options = [ 71 + "nfsvers=4" 72 + "user" 73 + "x-system.automount" 74 + "x-system.idle-timeout=600" 75 + ]; 76 + }; 77 + }; 78 + }
+129
host-specific/odin/packages.nix
··· 1 + { pkgs, lib, ... }: 2 + let # bash script to let dbus know about important env variables and 3 + # propagate them to relevent services run at the end of sway config 4 + # see 5 + # https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist 6 + # note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts 7 + # some user services to make sure they have the correct environment variables 8 + dbus-sway-environment = pkgs.writeTextFile { 9 + name = "dbus-sway-environment"; 10 + destination = "/bin/dbus-sway-environment"; 11 + executable = true; 12 + 13 + text = '' 14 + dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway 15 + systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 16 + systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 17 + ''; 18 + }; 19 + 20 + # currently, there is some friction between sway and gtk: 21 + # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland 22 + # the suggested way to set gtk settings is with gsettings 23 + # for gsettings to work, we need to tell it where the schemas are 24 + # using the XDG_DATA_DIR environment variable 25 + # run at the end of sway config 26 + configure-gtk = pkgs.writeTextFile { 27 + name = "configure-gtk"; 28 + destination = "/bin/configure-gtk"; 29 + executable = true; 30 + text = 31 + let 32 + # TODO: figure out why these bindings exist or where they're used 33 + schema = pkgs.gsettings-desktop-schemas; 34 + datadir = "${schema}/share/gsettings-schemas/${schema.name}"; 35 + in 36 + '' 37 + 6 gnome_schema=org.gnome.desktop.interface 38 + gsettings set $gnome_schema gtk-theme 'Dracula' 39 + ''; 40 + }; 41 + in 42 + { 43 + 44 + # List packages installed in system profile. To search, run: 45 + # $ nix search wget 46 + environment.systemPackages = with pkgs; [ 47 + neovim 48 + appimage-run 49 + tzdata 50 + wget 51 + kitty 52 + file 53 + w3m 54 + fishPlugins.fzf-fish 55 + fzf 56 + qemu 57 + qemu-user 58 + qemu-utils 59 + qemu_full 60 + OVMF 61 + #9p stuff 62 + diod 63 + plan9port 64 + vis 65 + rc 66 + ncdu 67 + 68 + smartmontools 69 + 70 + # Sway stuff 71 + wdisplays 72 + mako 73 + bemenu 74 + wl-clipboard 75 + slurp 76 + grim 77 + swayidle 78 + swaylock 79 + adwaita-icon-theme 80 + dracula-theme 81 + glib 82 + xdg-utils 83 + wayland 84 + configure-gtk 85 + dbus-sway-environment 86 + dbus 87 + pkg-config 88 + zlib 89 + # why wouldn't I want documentation on my system 90 + man-pages 91 + man-pages-posix 92 + perf 93 + ]; 94 + documentation.dev.enable = true; 95 + 96 + # Fix dynamically linked libraries for unpackaged binaries 97 + programs.nix-ld = { 98 + enable = true; 99 + libraries = with pkgs; [ 100 + # Add missing dynamic libraries for unpackaged programs HERE 101 + # NOT in environment.systemPackages 102 + zlib 103 + openssl 104 + sqlite 105 + libunwind 106 + libglvnd 107 + libclang 108 + systemdLibs 109 + ]; 110 + }; 111 + programs.nix-index = { 112 + enable = true; 113 + enableFishIntegration = true; 114 + enableBashIntegration = false; 115 + enableZshIntegration = false; 116 + }; 117 + 118 + # Run other bins in QEMU 119 + boot.binfmt.emulatedSystems = [ 120 + "aarch64-linux" 121 + "riscv64-linux" 122 + ]; 123 + # UEFI firmware support for QEMU 124 + systemd.tmpfiles.rules = [ "L+ /var/lib/qemu/firmware - - - - ${pkgs.qemu}/share/qemu/firmware" ]; 125 + 126 + # Logseq uses an ancient version of Electron, so we enable that 127 + nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; 128 + nixpkgs.config.allowUnfree = true; 129 + }
+33
host-specific/odin/services.nix
··· 1 + { ... }: 2 + { 3 + # Some programs need SUID wrappers, can be configured further or are 4 + # started in user sessions. 5 + # programs.mtr.enable = true; 6 + programs.gnupg.agent = { 7 + enable = true; 8 + enableSSHSupport = false; 9 + }; 10 + 11 + # Fish shell, the best 12 + programs.fish.enable = true; 13 + 14 + services.tailscale.useRoutingFeatures = "client"; 15 + 16 + services.redis.servers."" = { 17 + enable = true; 18 + }; 19 + 20 + # Containers and VMs 21 + virtualisation = { 22 + podman = { 23 + enable = false; 24 + dockerCompat = true; 25 + defaultNetwork.settings.dns_enabled = true; 26 + dockerSocket.enable = true; 27 + }; 28 + docker = { 29 + enable = true; 30 + storageDriver = "overlay2"; 31 + }; 32 + }; 33 + }
+6
host-specific/shizuri/boot.nix
··· 1 + { ... }: 2 + { 3 + # Use the systemd-boot EFI boot loader. 4 + boot.loader.systemd-boot.enable = true; 5 + boot.loader.efi.canTouchEfiVariables = true; 6 + }
+13
host-specific/shizuri/configuration.nix
··· 1 + { ... }: 2 + { 3 + imports = [ 4 + # Include the results of the hardware scan. 5 + ./hardware-configuration.nix 6 + ./boot.nix 7 + ./networking.nix 8 + ./gui.nix 9 + ./packages.nix 10 + ./services.nix 11 + ]; 12 + system.stateVersion = "23.11"; # Did you read the comment? 13 + }
+27
host-specific/shizuri/gs.sh
··· 1 + #!/usr/bin/env bash 2 + set -xeuo pipefail 3 + 4 + gamescopeArgs=( 5 + --adaptive-sync # VRR support 6 + --hdr-enabled 7 + --mangoapp # performance overlay 8 + --rt 9 + --steam 10 + ) 11 + steamArgs=( 12 + -pipewire-dmabuf 13 + -tenfoot 14 + ) 15 + mangoConfig=( 16 + cpu_temp 17 + gpu_temp 18 + ram 19 + vram 20 + ) 21 + mangoVars=( 22 + MANGOHUD=1 23 + MANGOHUD_CONFIG="$(IFS=,; echo "${mangoConfig[*]}")" 24 + ) 25 + 26 + export "${mangoVars[@]}" 27 + exec gamescope "${gamescopeArgs[@]}" -- steam "${steamArgs[@]}"
+115
host-specific/shizuri/gui.nix
··· 1 + { pkgs, ... }: 2 + { 3 + # Enable the X11 windowing system. 4 + services.xserver = { 5 + enable = true; 6 + videoDrivers = [ "amdgpu" ]; 7 + }; 8 + 9 + # Fix for HIP libraries 10 + systemd.tmpfiles.rules = [ 11 + "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" 12 + ]; 13 + 14 + # Configure keymap in X11 15 + services.xserver.xkb = { 16 + layout = "us"; 17 + variant = ""; 18 + }; 19 + # services.xserver.xkb.options = "eurosign:e,caps:escape"; 20 + 21 + # Enable CUPS to print documents. 22 + # services.printing.enable = true; 23 + 24 + # Enable sound. 25 + security.rtkit.enable = true; 26 + services.pipewire = { 27 + enable = true; 28 + alsa.enable = true; 29 + alsa.support32Bit = true; 30 + pulse.enable = true; 31 + wireplumber.enable = true; 32 + }; 33 + 34 + # Graphics and parallel compute configuration 35 + hardware.graphics = { 36 + enable = true; 37 + extraPackages = with pkgs; [ 38 + libva 39 + mesa 40 + rocmPackages.clr.icd 41 + ]; 42 + }; 43 + 44 + # Enable touchpad support (enabled default in most desktopManager). 45 + # services.xserver.libinput.enable = true; 46 + 47 + # Fonts 48 + fonts.packages = with pkgs; [ 49 + fira-code 50 + fira-code-symbols 51 + noto-fonts 52 + noto-fonts-cjk-sans 53 + noto-fonts-color-emoji 54 + nerd-fonts.fira-code 55 + ]; 56 + 57 + # Polkit is a dependency of Sway. It's responsible for handling security policies 58 + security.polkit.enable = true; 59 + 60 + # Enable the sway window manager 61 + programs.sway = { 62 + enable = false; 63 + #package = unstable.sway; 64 + wrapperFeatures.gtk = true; 65 + }; 66 + # Use greetd as the displaymanager 67 + #services.xserver.displayManager.greetd.enable = true; 68 + 69 + services.xserver.displayManager.lightdm.enable = false; 70 + 71 + #services.displayManager.sddm.enable = true; 72 + #services.displayManager.defaultSession = "sway"; 73 + #services.displayManager.autoLogin = { 74 + # enable = true; 75 + # user = "noah"; 76 + #}; 77 + services.xserver.desktopManager.xfce.enable = false; 78 + services.xserver.desktopManager.lxqt = { 79 + enable = true; 80 + }; 81 + services.xscreensaver.enable = true; 82 + security.pam.services.xscreensaver.enable = true; 83 + 84 + # i3, for when I need XOrg 85 + services.xserver.windowManager.i3 = { 86 + enable = false; 87 + extraPackages = with pkgs; [ 88 + dmenu 89 + i3status 90 + i3lock 91 + i3blocks 92 + ]; 93 + }; 94 + 95 + xdg.portal = { 96 + enable = true; 97 + wlr.enable = true; 98 + extraPortals = [ 99 + pkgs.xdg-desktop-portal 100 + pkgs.xdg-desktop-portal-wlr 101 + pkgs.xdg-desktop-portal-gtk 102 + pkgs.xdg-desktop-portal-termfilechooser 103 + pkgs.lxqt.xdg-desktop-portal-lxqt 104 + ]; 105 + }; 106 + xdg.mime = { 107 + enable = true; 108 + defaultApplications = { 109 + "x-scheme-handler/http" = "org.firefox.firefox.desktop"; 110 + "x-scheme-handler/https" = "org.firefox.firefox.desktop"; 111 + }; 112 + }; 113 + services.dbus.enable = true; 114 + services.gnome.gnome-keyring.enable = true; 115 + }
+84
host-specific/shizuri/hardware-configuration.nix
··· 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 + # and may be overwritten by future invocations. Please make changes 3 + # to /etc/nixos/configuration.nix instead. 4 + { 5 + config, 6 + lib, 7 + pkgs, 8 + modulesPath, 9 + ... 10 + }: 11 + 12 + { 13 + imports = [ 14 + (modulesPath + "/installer/scan/not-detected.nix") 15 + ]; 16 + 17 + boot.kernelPackages = pkgs.linuxPackages_latest; 18 + boot.initrd.availableKernelModules = [ 19 + "nvme" 20 + "xhci_pci" 21 + "thunderbolt" 22 + "usb_storage" 23 + "usbhid" 24 + "uas" 25 + "sd_mod" 26 + ]; 27 + boot.initrd.kernelModules = [ ]; 28 + boot.kernelModules = [ "kvm-amd" ]; 29 + boot.extraModulePackages = [ ]; 30 + 31 + # Bluetooth / wireless configuration 32 + hardware.bluetooth = { 33 + enable = true; 34 + powerOnBoot = true; 35 + settings = { 36 + General = { 37 + # Shows battery charge of connected devices on supported 38 + # Bluetooth adapters. Defaults to 'false'. 39 + Experimental = true; 40 + # When enabled other devices can connect faster to us, however 41 + # the tradeoff is increased power consumption. Defaults to 42 + # 'false'. 43 + FastConnectable = true; 44 + }; 45 + Policy = { 46 + # Enable all controllers when they are found. This includes 47 + # adapters present on start as well as adapters that are plugged 48 + # in later on. Defaults to 'true'. 49 + AutoEnable = true; 50 + }; 51 + }; 52 + }; 53 + 54 + fileSystems."/" = { 55 + device = "/dev/disk/by-uuid/9a7cbffe-6c10-4220-bb99-4dcea8181dcc"; 56 + fsType = "ext4"; 57 + }; 58 + 59 + fileSystems."/boot" = { 60 + device = "/dev/disk/by-uuid/9AC5-62C3"; 61 + fsType = "vfat"; 62 + options = [ 63 + "fmask=0077" 64 + "dmask=0077" 65 + ]; 66 + }; 67 + 68 + swapDevices = [ { device = "/dev/disk/by-uuid/a19d8fad-d8d2-4bbe-a233-e645020419ff"; } ]; 69 + fileSystems."/srv/mugino" = { 70 + device = "/dev/disk/by-uuid/d832dd9f-1fbb-4ca7-9097-0ba329b838af"; 71 + fsType = "ext4"; 72 + }; 73 + 74 + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 75 + # (the default) this is the recommended approach. When using systemd-networkd it's 76 + # still possible to use this option, but it's recommended to use it in conjunction 77 + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. 78 + networking.useDHCP = lib.mkDefault true; 79 + # networking.interfaces.enp191s0.useDHCP = lib.mkDefault true; 80 + # networking.interfaces.wlp192s0.useDHCP = lib.mkDefault true; 81 + 82 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 83 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 84 + }
+78
host-specific/shizuri/networking.nix
··· 1 + { ... }: 2 + { 3 + # networking.hostName = "nixos"; # Define your hostname. 4 + # Pick only one of the below networking options. 5 + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. 6 + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. 7 + networking.hostName = "shizuri"; 8 + # I like systemd-networkd 9 + systemd.network.enable = true; 10 + systemd.network.networks."50-wlp2s0" = { 11 + matchConfig.name = "wlp2s0"; 12 + networkConfig.DHCP = "yes"; 13 + linkConfig.RequiredForOnline = "no"; 14 + }; 15 + 16 + networking.tempAddresses = "disabled"; 17 + 18 + networking.useNetworkd = true; 19 + # TODO: static IP @ 192.168.1.2 20 + 21 + # Configure network proxy if necessary 22 + # networking.proxy.default = "http://user:password@proxy:port/"; 23 + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 24 + # Open ports in the firewall. 25 + # networking.firewall.allowedTCPPorts = [ ... ]; 26 + # networking.firewall.allowedUDPPorts = [ ... ]; 27 + # Or disable the firewall altogether. 28 + # TODO: allow some ports 29 + networking.firewall = { 30 + enable = false; 31 + allowPing = true; 32 + allowedUDPPorts = [ ]; 33 + allowedTCPPorts = [ 34 + 1234 35 + 2375 36 + ]; 37 + }; 38 + 39 + services.avahi = { 40 + enable = true; 41 + nssmdns4 = true; 42 + nssmdns6 = true; 43 + ipv6 = true; 44 + openFirewall = true; 45 + publish = { 46 + enable = true; 47 + addresses = true; 48 + workstation = true; 49 + userServices = true; 50 + domain = true; 51 + }; 52 + }; 53 + 54 + # NFS mounts 55 + 56 + fileSystems = { 57 + "/srv/shokuhou" = { 58 + device = "192.168.1.3:/srv/shokuhou"; 59 + fsType = "nfs"; 60 + options = [ 61 + "nfsvers=4" 62 + "user" 63 + "x-system.automount" 64 + "x-system.idle-timeout=600" 65 + ]; 66 + }; 67 + "/srv/mentalout" = { 68 + device = "192.168.1.3:/srv/mentalout"; 69 + fsType = "nfs"; 70 + options = [ 71 + "nfsvers=4" 72 + "user" 73 + "x-system.automount" 74 + "x-system.idle-timeout=600" 75 + ]; 76 + }; 77 + }; 78 + }
+173
host-specific/shizuri/packages.nix
··· 1 + { pkgs, lib, ... }: 2 + let # bash script to let dbus know about important env variables and 3 + # propagate them to relevent services run at the end of sway config 4 + # see 5 + # https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist 6 + # note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts 7 + # some user services to make sure they have the correct environment variables 8 + dbus-sway-environment = pkgs.writeTextFile { 9 + name = "dbus-sway-environment"; 10 + destination = "/bin/dbus-sway-environment"; 11 + executable = true; 12 + 13 + text = '' 14 + dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway 15 + systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 16 + systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 17 + ''; 18 + }; 19 + 20 + # currently, there is some friction between sway and gtk: 21 + # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland 22 + # the suggested way to set gtk settings is with gsettings 23 + # for gsettings to work, we need to tell it where the schemas are 24 + # using the XDG_DATA_DIR environment variable 25 + # run at the end of sway config 26 + configure-gtk = pkgs.writeTextFile { 27 + name = "configure-gtk"; 28 + destination = "/bin/configure-gtk"; 29 + executable = true; 30 + text = 31 + let 32 + # TODO: figure out why these bindings exist or where they're used 33 + schema = pkgs.gsettings-desktop-schemas; 34 + datadir = "${schema}/share/gsettings-schemas/${schema.name}"; 35 + in 36 + '' 37 + 6 gnome_schema=org.gnome.desktop.interface 38 + gsettings set $gnome_schema gtk-theme 'Dracula' 39 + ''; 40 + }; 41 + in 42 + { 43 + 44 + # List packages installed in system profile. To search, run: 45 + # $ nix search wget 46 + environment.systemPackages = with pkgs; [ 47 + mangohud 48 + neovim 49 + appimage-run 50 + tzdata 51 + wget 52 + kitty 53 + file 54 + w3m 55 + fishPlugins.fzf-fish 56 + fzf 57 + qemu 58 + qemu-user 59 + qemu-utils 60 + qemu_full 61 + OVMF 62 + #9p stuff 63 + diod 64 + plan9port 65 + vis 66 + rc 67 + 68 + smartmontools 69 + 70 + # Sway stuff 71 + wdisplays 72 + mako 73 + bemenu 74 + wl-clipboard 75 + slurp 76 + grim 77 + swayidle 78 + swaylock 79 + adwaita-icon-theme 80 + dracula-theme 81 + glib 82 + xdg-utils 83 + xdg-desktop-portal 84 + wayland 85 + configure-gtk 86 + lxqt.lxqt-menu-data # for lxqt 87 + dbus-sway-environment 88 + dbus 89 + pkg-config 90 + zlib 91 + # why wouldn't I want documentation on my system 92 + man-pages 93 + man-pages-posix 94 + linuxPackages_latest.perf 95 + ]; 96 + 97 + environment.loginShellInit = '' 98 + [[ "$(tty)" = "/dev/tty1" ]] && /home/noah/repos/nixos/gs.sh 99 + ''; 100 + 101 + documentation.dev.enable = true; 102 + 103 + # Fix dynamically linked libraries for unpackaged binaries 104 + programs.nix-ld = { 105 + enable = true; 106 + libraries = with pkgs; [ 107 + # Add missing dynamic libraries for unpackaged programs HERE 108 + # NOT in environment.systemPackages 109 + zlib 110 + openssl 111 + sqlite 112 + libunwind 113 + libglvnd 114 + libclang 115 + systemdLibs 116 + ]; 117 + }; 118 + programs.nix-index = { 119 + enable = true; 120 + enableFishIntegration = true; 121 + enableBashIntegration = false; 122 + enableZshIntegration = false; 123 + }; 124 + 125 + programs.steam = { 126 + enable = true; 127 + remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play 128 + dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server 129 + localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers 130 + gamescopeSession.enable = true; 131 + }; 132 + programs.gamescope = { 133 + enable = true; 134 + capSysNice = true; 135 + }; 136 + # Boot to bigpicture 137 + services.getty.autologinUser = "noah"; 138 + 139 + programs.appimage = { 140 + enable = true; 141 + binfmt = true; 142 + }; 143 + 144 + # Run other bins in QEMU 145 + boot.binfmt.emulatedSystems = [ 146 + "aarch64-linux" 147 + "riscv64-linux" 148 + ]; 149 + # UEFI firmware support for QEMU 150 + systemd.tmpfiles.rules = [ "L+ /var/lib/qemu/firmware - - - - ${pkgs.qemu}/share/qemu/firmware" ]; 151 + 152 + # Logseq uses an ancient version of Electron, so we enable that 153 + nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; 154 + 155 + # I don't care too much about unfree 156 + nixpkgs.config.allowUnfree = true; 157 + # Whitelist some unfree packages 158 + nixpkgs.config.allowUnfreePredicate = 159 + pkg: 160 + builtins.elem (lib.getName pkg) [ 161 + "discord" 162 + "spotify" 163 + "obsidian" 164 + "unstable.obsidian" 165 + "tailscale" 166 + "google-chrome" 167 + "slack" 168 + "steam" 169 + "steam-original" 170 + "steam-unwrapped" 171 + "steam-run" 172 + ]; 173 + }
+44
host-specific/shizuri/services.nix
··· 1 + { pkgs, ... }: 2 + { 3 + # Some programs need SUID wrappers, can be configured further or are 4 + # started in user sessions. 5 + # programs.mtr.enable = true; 6 + programs.gnupg.agent = { 7 + enable = true; 8 + enableSSHSupport = false; 9 + }; 10 + 11 + # Enable the OpenSSH daemon. 12 + services.openssh = { 13 + enable = true; 14 + settings.X11Forwarding = true; 15 + }; 16 + 17 + # Smart Card daemon 18 + services.pcscd.enable = true; 19 + 20 + # This option is for enabling the bolt daemon for managing Thunderbolt/USB4 Devices. 21 + services.hardware.bolt.enable = true; 22 + 23 + services.fwupd.enable = true; 24 + 25 + services.xrdp = { 26 + enable = true; 27 + openFirewall = true; 28 + defaultWindowManager = "${pkgs.lxqt.lxqt-session}/bin/lxqt-session"; 29 + }; 30 + 31 + # Containers and VMs 32 + virtualisation = { 33 + podman = { 34 + enable = false; 35 + dockerCompat = true; 36 + defaultNetwork.settings.dns_enabled = true; 37 + dockerSocket.enable = true; 38 + }; 39 + docker = { 40 + enable = true; 41 + storageDriver = "overlay2"; 42 + }; 43 + }; 44 + }
+55
host-specific/touma-wsl.nix
··· 1 + # Edit this configuration file to define what should be installed on 2 + # your system. Help is available in the configuration.nix(5) man page, on 3 + # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). 4 + 5 + # NixOS-WSL specific options are documented on the NixOS-WSL repository: 6 + # https://github.com/nix-community/NixOS-WSL 7 + 8 + { pkgs, inputs, ... }: 9 + { 10 + imports = [ 11 + # WSL has no hardware configuration 12 + ../users.nix 13 + ../services.nix 14 + ]; 15 + wsl = { 16 + enable = true; 17 + defaultUser = "noah"; 18 + wslConf.network.hostname = "touma-wsl-nixos"; 19 + }; 20 + # List packages installed in system profile. To search, run: 21 + # $ nix search wget 22 + environment.systemPackages = with pkgs; [ 23 + neovim 24 + appimage-run 25 + wget 26 + kitty 27 + w3m 28 + fishPlugins.fzf-fish 29 + fzf 30 + qemu 31 + OVMF 32 + gitFull 33 + # plan9 34 + diod 35 + plan9port 36 + vis 37 + rc 38 + 39 + xdg-utils 40 + inputs.agenix.packages."${system}".agenix 41 + ]; 42 + services.openssh.enable = true; 43 + 44 + # Fix dynamically linked libraries for unpackaged binaries 45 + programs.nix-ld = { 46 + enable = true; 47 + libraries = with pkgs; [ 48 + # Add missing dynamic libraries for unpackaged programs HERE 49 + # NOT in environment.systemPackages 50 + zlib 51 + fuse3 52 + ]; 53 + }; 54 + system.stateVersion = "24.11"; 55 + }
+4 -4
kitty/kitty.conf
··· 1 - font_family Berkeley Mono Regular 1 + font_family Berkeley Mono Variable Regular 2 2 #font_family CommitMono Variable Regular 3 3 #symbol_map U+E0A0-U+E0A3,U+E0C0-U+E0C7 JetBrains Mono Bold 4 4 #symbol_map U+E0A0-U+E0A3,U+E0C0-U+E0C7 Fira Code Bold 5 5 symbol_map U+E0A0-U+E0A3,U+E0C0-U+E0C7 FiraCode Nerd Font Bold 6 - bold_font Berkeley Mono Bold 7 - italic_font Berkeley Mono Italic 8 - bold_italic_font Berkeley Mono BoldItalic 6 + bold_font auto 7 + italic_font auto 8 + bold_italic_font auto 9 9 font_size 13.0 10 10 #font_size 12.0 11 11
-67
networking.nix
··· 1 - { ... }: 2 - { 3 - # networking.hostName = "nixos"; # Define your hostname. 4 - # Pick only one of the below networking options. 5 - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. 6 - # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. 7 - networking.hostName = "odin"; 8 - # I like systemd-networkd 9 - systemd.network.enable = true; 10 - systemd.network.networks."50-wlp2s0" = { 11 - matchConfig.name = "wlp2s0"; 12 - networkConfig.DHCP = "yes"; 13 - linkConfig.RequiredForOnline = "no"; 14 - }; 15 - 16 - networking.tempAddresses = "disabled"; 17 - 18 - networking.useNetworkd = true; 19 - # TODO: static IP @ 192.168.1.2 20 - 21 - # Configure network proxy if necessary 22 - # networking.proxy.default = "http://user:password@proxy:port/"; 23 - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 24 - # Open ports in the firewall. 25 - # networking.firewall.allowedTCPPorts = [ ... ]; 26 - # networking.firewall.allowedUDPPorts = [ ... ]; 27 - # Or disable the firewall altogether. 28 - # TODO: allow some ports 29 - networking.firewall = { 30 - enable = true; 31 - allowPing = true; 32 - allowedUDPPorts = [ ]; 33 - allowedTCPPorts = [ 34 - 2375 35 - ]; 36 - }; 37 - 38 - services.avahi = { 39 - enable = true; 40 - nssmdns4 = true; 41 - nssmdns6 = true; 42 - ipv6 = true; 43 - openFirewall = true; 44 - publish = { 45 - enable = true; 46 - addresses = true; 47 - workstation = true; 48 - userServices = true; 49 - domain = true; 50 - }; 51 - }; 52 - 53 - # NFS mounts 54 - 55 - fileSystems = { 56 - "/srv/shokuhou" = { 57 - device = "192.168.1.3:/srv/shokuhou"; 58 - fsType = "nfs"; 59 - options = [ "nfsvers=4" "user" "x-system.automount" "x-system.idle-timeout=600" ]; 60 - }; 61 - "/srv/mentalout" = { 62 - device = "192.168.1.3:/srv/mentalout"; 63 - fsType = "nfs"; 64 - options = [ "nfsvers=4" "user" "x-system.automount" "x-system.idle-timeout=600" ]; 65 - }; 66 - }; 67 - }
+2
nvim/after/ftplugin/janet.lua
··· 1 + vim.o.tabstop = 2 2 + vim.o.shiftwidth = 2
+44 -42
nvim/init.lua
··· 7 7 -- Config for Nord, which I usually use 8 8 -- vim.g.nord_italic = false 9 9 -- vim.g.nord_bold = false 10 - -- vim.opt.background = "light" 10 + local known_hosts = { 11 + ["aleister.packetlost.dev"] = "light", 12 + ["aleister.local"] = "light", 13 + ["accelerator"] = "light" 14 + } 15 + local background = known_hosts[vim.loop.os_gethostname()] 16 + if not background then 17 + background = "dark" 18 + end 19 + vim.opt.background = background 11 20 --vim.opt.background = "dark" 12 21 13 22 -- Formatting and vim config ··· 28 37 vim.opt.lcs = vim.opt.lcs + "space:·" 29 38 vim.opt.list = true 30 39 vim.opt.textwidth = 88 31 - 32 - -- LuaLine Config 33 - 34 - local noirbuddy_lualine = require("noirbuddy.plugins.lualine") 35 - 36 - require("lualine").setup { 37 - options = { 38 - icons_enabled = true, 39 - --theme = "auto" 40 - theme = noirbuddy_lualine.theme 41 - }, 42 - sections = noirbuddy_lualine.sections, 43 - inactive_sections = noirbuddy_lualine.inactive_sections, 44 - } 40 + vim.cmd [[ colorscheme alabaster ]] 45 41 46 42 -- Force OSC-52 47 43 vim.g.clipboard = { 48 - name = 'OSC 52', 49 - copy = { 50 - ['+'] = require('vim.ui.clipboard.osc52').copy('+'), 51 - ['*'] = require('vim.ui.clipboard.osc52').copy('*'), 52 - }, 53 - paste = { 54 - ['+'] = require('vim.ui.clipboard.osc52').paste('+'), 55 - ['*'] = require('vim.ui.clipboard.osc52').paste('*'), 56 - }, 44 + name = 'OSC 52', 45 + copy = { 46 + ['+'] = require('vim.ui.clipboard.osc52').copy('+'), 47 + ['*'] = require('vim.ui.clipboard.osc52').copy('*'), 48 + }, 49 + paste = { 50 + ['+'] = require('vim.ui.clipboard.osc52').paste('+'), 51 + ['*'] = require('vim.ui.clipboard.osc52').paste('*'), 52 + }, 57 53 } 58 54 59 55 -- CTags ··· 64 60 65 61 -- Gerbil Scheme 66 62 local set_gerbil = function() 67 - vim.g["conjure#client#scheme#stdio#command"] = "gxi" 68 - vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "%d*> " 69 - vim.g["conjure#client#scheme#stdio#value_prefix_pattern"] = false 63 + vim.g["conjure#client#scheme#stdio#command"] = "gxi" 64 + vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "%d*> " 65 + vim.g["conjure#client#scheme#stdio#value_prefix_pattern"] = false 70 66 end 71 67 set_gerbil() 72 68 vim.api.nvim_create_user_command("ConjureGerbil", set_gerbil, {}) 73 69 74 70 -- Chibi-scheme 75 71 local set_chibi = function() 76 - vim.g["conjure#client#scheme#stdio#command"] = "chibi-scheme -R" 77 - vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "=> $?" 78 - vim.g["conjure#client#scheme#stdio#value_prefix_pattern"] = true 72 + vim.g["conjure#client#scheme#stdio#command"] = "chibi-scheme -R" 73 + vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "=> $?" 74 + vim.g["conjure#client#scheme#stdio#value_prefix_pattern"] = true 79 75 end 80 76 vim.api.nvim_create_user_command("ConjureChibi", set_chibi, {}) 81 77 -- Chicken Scheme 82 78 local set_chicken = function() 83 - vim.g["conjure#client#scheme#stdio#command"] = "csi -quiet -:c" 84 - vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "\n-#;%d-> " 85 - vim.g["conjure#client#scheme#stdio#value_prefix_pattern"] = true 79 + vim.g["conjure#client#scheme#stdio#command"] = "csi -quiet -:c" 80 + vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "\n-#;%d-> " 81 + vim.g["conjure#client#scheme#stdio#value_prefix_pattern"] = true 86 82 end 87 83 vim.api.nvim_create_user_command("ConjureChicken", set_chicken, {}) 88 84 ··· 90 86 local keymap = vim.keymap.set 91 87 local noremap = { noremap = true } 92 88 local silentnoremap = { noremap = true, silent = true } 89 + --Toggle background 90 + keymap("n", "<leader>bg", function() if vim.o.background == "light" then vim.o.background = "dark" else vim.o.background = "light" end end, noremap) 93 91 -- Easier breaking from edit modes 94 92 keymap("n", ";;", "<Esc>", noremap) 95 93 keymap("v", ";;", "<Esc>", noremap) ··· 155 153 156 154 -- Autoformat! 157 155 vim.api.nvim_create_user_command("Format", function(args) 158 - local range = nil 159 - if args.count ~= -1 then 160 - local end_line = vim.api.nvim_buf_get_lines(0, args.line2 - 1, args.line2, true)[1] 161 - range = { 162 - start = { args.line1, 0 }, 163 - ["end"] = { args.line2, end_line:len() }, 164 - } 165 - end 166 - require("conform").format({ async = true, lsp_format = "fallback", range = range }) 156 + local range = nil 157 + if args.count ~= -1 then 158 + local end_line = vim.api.nvim_buf_get_lines(0, args.line2 - 1, args.line2, true)[1] 159 + range = { 160 + start = { args.line1, 0 }, 161 + ["end"] = { args.line2, end_line:len() }, 162 + } 163 + end 164 + require("conform").format({ async = true, lsp_format = "fallback", range = range }) 167 165 end, { range = true }) 168 166 keymap("n", "<C-n>", "<cmd>Format<CR>", silentnoremap) 169 167 ··· 175 173 -- ######################## 176 174 -- LSP 177 175 require("lsp") 176 + 177 + if vim.uv.fs_stat(vim.fn.stdpath("config") .. "/lua/local.lua") then 178 + require("local") 179 + end
+8
nvim/lua/ambient.lua
··· 1 + function setup() 2 + return require("codecompanion.adapters").extend("openai_compatible", { 3 + env = { 4 + url = "http://34.46.152.76", 5 + chat_url = "/run-auction" 6 + } 7 + }) 8 + end
+3
nvim/lua/lsp/fennel_ls.lua
··· 1 + return { 2 + root_markers = {".git", "fnl"}, 3 + }
+8
nvim/lua/lsp/janet_lsp.lua
··· 1 + return { 2 + cmd = { 3 + "janet", 4 + "-i", 5 + "/Users/noah/repos/janet-lsp/build/janet-lsp.jimage", 6 + "--stdio", 7 + } 8 + }
+20
nvim/lua/lsp/lua_ls.lua
··· 1 + return { 2 + settings = { 3 + Lua = { 4 + runtime = { 5 + -- Tell the language server which version of Lua you're using (most likely LuaJIT in the case of Neovim) 6 + version = "LuaJIT" 7 + }, 8 + diagnostics = { 9 + -- Get the language server to recognize the `vim` global 10 + globals = { "vim", "vis" } 11 + }, 12 + workspace = { 13 + -- Make the server aware of Neovim runtime files 14 + library = vim.api.nvim_get_runtime_file("", true) 15 + }, 16 + -- Do not send telemetry data containing a randomized but unique identifier 17 + telemetry = { enable = false } 18 + } 19 + } 20 + }
+5
nvim/lua/lsp/pylsp.lua
··· 1 + return { 2 + -- cmd = {"/home/noah/.envs/nvim/bin/pylsp"}, 3 + cmd = "basedpyright", 4 + root_markers = { "pants.toml", "pyproject.toml", "setup.py", "setup.cfg", "Pipfile" }, 5 + }
+74 -126
nvim/lua/lsp.lua
··· 1 - local nvim_lsp = require("lspconfig") 2 1 local capabilities = require('cmp_nvim_lsp').default_capabilities() 3 2 -- ######################## 4 3 -- #### Set up LSPs #### 5 4 -- ######################## 6 5 7 - local util = require("lspconfig.util") 8 - 9 - -- Rust 10 - -- Python LSP 11 - nvim_lsp.pylsp.setup({ 12 - -- cmd = {"/home/noah/.envs/nvim/bin/pylsp"}, 13 - root_dir = function(fname) 14 - local root_files = { 15 - "pants.toml", "pyproject.toml", "setup.py", "setup.cfg", "Pipfile" 16 - } 17 - return util.find_git_ancestor(fname) or 18 - util.root_pattern(unpack(root_files))(fname) 19 - end 6 + vim.lsp.config("*", { 7 + capabilities = capabilities 20 8 }) 21 - nvim_lsp.lua_ls.setup { 22 - settings = { 23 - Lua = { 24 - runtime = { 25 - -- Tell the language server which version of Lua you're using (most likely LuaJIT in the case of Neovim) 26 - version = "LuaJIT" 27 - }, 28 - diagnostics = { 29 - -- Get the language server to recognize the `vim` global 30 - globals = { "vim" } 31 - }, 32 - workspace = { 33 - -- Make the server aware of Neovim runtime files 34 - library = vim.api.nvim_get_runtime_file("", true) 35 - }, 36 - -- Do not send telemetry data containing a randomized but unique identifier 37 - telemetry = { enable = false } 38 - } 39 - } 40 - } 41 9 42 - nvim_lsp.janet_lsp.setup { 43 - cmd = { 44 - "janet", 45 - "-i", 46 - "/home/noah/repos/janet-lsp/jpm_tree/lib/janet-lsp.jimage", 47 - "--stdio", 48 - } 49 - } 50 - 51 - -- LSPs that just use default config 52 - local simple_lsps = { 53 - --"htmx", 54 - "nil_ls", "bzl", "buf_ls", "crystalline", "dockerls", 55 - "erlangls", "elixirls", "fortls", "gleam", "gopls", "hls", "jsonls", 56 - "vimls", "asm_lsp", "ccls", "pyright", 57 - "ruff", "clojure_lsp", "guile_ls", 58 - -- Of course the Java-based ones are verbose af 59 - "kotlin_language_server", "java_language_server", "jsonls", "pest_ls", 60 - "ocamllsp", "reason_ls", "racket_langserver", "rust_analyzer", 61 - "scheme_langserver", "sqls", "thriftls", "tinymist", "vhdl_ls", "yamlls", 62 - "zls", "ts_ls", "eslint", "metals", "futhark_lsp", "roc_ls", 63 - -- disabled because it's broken 64 - -- "scheme_langserver", 10 + local servers = { 11 + "pylsp", "lua_ls", "janet_lsp", 12 + --"htmx", 13 + "nil_ls", "bzl", "buf_ls", "crystalline", "dockerls", 14 + "erlangls", "elixirls", "fortls", "gleam", "gopls", "hls", "jsonls", 15 + "vimls", "asm_lsp", "ccls", "pyright", 16 + "ruff", "clojure_lsp", "guile_ls", 17 + -- Of course the Java-based ones are verbose af 18 + "kotlin_language_server", "java_language_server", "jsonls", "pest_ls", 19 + "ocamllsp", "reason_ls", "racket_langserver", "rust_analyzer", 20 + "scheme_langserver", "sqls", "thriftls", "tinymist", "vhdl_ls", "yamlls", 21 + "zls", "ts_ls", "eslint", "metals", "futhark_lsp", "roc_ls", "sourcekit" 22 + -- disabled because it's broken 23 + -- "scheme_langserver", 65 24 } 66 - -- #simple_lsps is the length of the table when treated as a list... funky! 67 - for _, v in pairs(simple_lsps) do 68 - nvim_lsp[v].setup { 69 - capabilities = capabilities 70 - } 71 - end 25 + vim.lsp.enable(servers) 72 26 73 - nvim_lsp.fennel_ls.setup({ 74 - capabilities = capabilities, 75 - root_dir = nvim_lsp.util.root_pattern(".git", "fnl") 76 - }) 77 - 78 - -- Whenever an LSP is attached to a buffer 79 27 local on_attach = function(ev) 80 - -- Enable completion triggered by <c-x><x-o> 81 - vim.bo[ev.buf].omnifunc = 'v:lua.vim.lsp.omnifunc' 28 + -- Enable completion triggered by <c-x><x-o> 29 + vim.bo[ev.buf].omnifunc = 'v:lua.vim.lsp.omnifunc' 82 30 83 - local opts = { noremap = true, silent = true, buffer = ev.buf } 84 - local protocol = require("vim.lsp.protocol") 85 - -- Mappings. 86 - -- See `:help vim.lsp.*` for documentation on any of the below functions 87 - vim.keymap.set("n", "gD", vim.lsp.buf.declaration, opts) 88 - vim.keymap.set("n", "gd", vim.lsp.buf.definition, opts) 89 - vim.keymap.set("n", "K", vim.lsp.buf.hover, opts) 90 - vim.keymap.set("n", "gi", vim.lsp.buf.implementation, opts) 91 - vim.keymap.set("n", "<C-k>", vim.lsp.buf.signature_help, opts) 92 - vim.keymap.set("n", "<space>wa", vim.lsp.buf.add_workspace_folder, opts) 93 - vim.keymap.set("n", "<space>wr", vim.lsp.buf.remove_workspace_folder, opts) 94 - vim.keymap.set("n", "<space>wl", function() 95 - print(vim.inspect(vim.lsp.buf.list_workspace_folders())) 96 - end, opts) 97 - vim.keymap.set("n", "<space>D", vim.lsp.buf.type_definition, opts) 98 - vim.keymap.set("n", "<space>rn", vim.lsp.buf.rename, opts) 99 - vim.keymap.set("n", "<space>ca", vim.lsp.buf.code_action, opts) 100 - vim.keymap.set("n", "gr", vim.lsp.buf.references, opts) 101 - vim.keymap.set("n", "<space>e", vim.diagnostic.open_float, opts) 102 - vim.keymap.set("n", "[d", vim.diagnostic.goto_prev, opts) 103 - vim.keymap.set("n", "]d", vim.diagnostic.goto_next, opts) 104 - vim.keymap.set("n", "<space>q", vim.diagnostic.setloclist, opts) 105 - vim.keymap.set("n", "<space>f", 106 - function() vim.lsp.buf.format { async = true } end, opts) 107 - vim.keymap.set("n", "<space>s", vim.lsp.buf.workspace_symbol, opts) 31 + local opts = { noremap = true, silent = true, buffer = ev.buf } 32 + local protocol = require("vim.lsp.protocol") 33 + -- Mappings. 34 + -- See `:help vim.lsp.*` for documentation on any of the below functions 35 + vim.keymap.set("n", "gD", vim.lsp.buf.declaration, opts) 36 + vim.keymap.set("n", "gd", vim.lsp.buf.definition, opts) 37 + vim.keymap.set("n", "K", vim.lsp.buf.hover, opts) 38 + vim.keymap.set("n", "gi", vim.lsp.buf.implementation, opts) 39 + vim.keymap.set("n", "<C-k>", vim.lsp.buf.signature_help, opts) 40 + vim.keymap.set("n", "<space>wa", vim.lsp.buf.add_workspace_folder, opts) 41 + vim.keymap.set("n", "<space>wr", vim.lsp.buf.remove_workspace_folder, opts) 42 + vim.keymap.set("n", "<space>wl", function() 43 + print(vim.inspect(vim.lsp.buf.list_workspace_folders())) 44 + end, opts) 45 + vim.keymap.set("n", "<space>D", vim.lsp.buf.type_definition, opts) 46 + vim.keymap.set("n", "<space>rn", vim.lsp.buf.rename, opts) 47 + vim.keymap.set("n", "<leader>ca", vim.lsp.buf.code_action, opts) 48 + vim.keymap.set("n", "gr", vim.lsp.buf.references, opts) 49 + vim.keymap.set("n", "<space>e", vim.diagnostic.open_float, opts) 50 + vim.keymap.set("n", "[d", function () vim.diagnostic.jump {count = -1, float = true} end, opts) 51 + vim.keymap.set("n", "]d", function () vim.diagnostic.jump {count = 1, float = true} end, opts) 52 + vim.keymap.set("n", "<space>q", vim.diagnostic.setloclist, opts) 53 + vim.keymap.set("n", "<space>f", 54 + function() vim.lsp.buf.format { async = true } end, opts) 55 + vim.keymap.set("n", "<space>s", vim.lsp.buf.workspace_symbol, opts) 108 56 109 - -- require'completion'.on_attach(client, bufnr) 110 - protocol.CompletionItemKind = { 111 - "", -- Text 112 - "⋙", -- Method 113 - "𝑓", -- Function 114 - "", -- Constructor 115 - "", -- Field 116 - "", -- Variable 117 - "", -- Class 118 - "ﰮ", -- Interface 119 - "", -- Module 120 - "", -- Property 121 - "", -- Unit 122 - "", -- Value 123 - "", -- Enum 124 - "", -- Keyword 125 - "﬌", -- Snippet 126 - "", -- Color 127 - "", -- File 128 - "", -- Reference 129 - "", -- Folder 130 - "", -- EnumMember 131 - "", -- Constant 132 - "", -- Struct 133 - "", -- Event 134 - "ﬦ", -- Operator 135 - "" -- TypeParameter 136 - } 57 + -- require'completion'.on_attach(client, bufnr) 58 + protocol.CompletionItemKind = { 59 + "", -- Text 60 + "⋙", -- Method 61 + "𝑓", -- Function 62 + "", -- Constructor 63 + "", -- Field 64 + "", -- Variable 65 + "", -- Class 66 + "ﰮ", -- Interface 67 + "", -- Module 68 + "", -- Property 69 + "", -- Unit 70 + "", -- Value 71 + "", -- Enum 72 + "", -- Keyword 73 + "﬌", -- Snippet 74 + "", -- Color 75 + "", -- File 76 + "", -- Reference 77 + "", -- Folder 78 + "", -- EnumMember 79 + "", -- Constant 80 + "", -- Struct 81 + "", -- Event 82 + "ﬦ", -- Operator 83 + "" -- TypeParameter 84 + } 137 85 end 138 86 vim.api.nvim_create_autocmd('LspAttach', { 139 - group = vim.api.nvim_create_augroup('UserLspConfig', {}), 140 - callback = on_attach 87 + group = vim.api.nvim_create_augroup('UserLspConfig', {}), 88 + callback = on_attach 141 89 })
+334 -402
nvim/lua/plugins.lua
··· 1 1 -- Bootstrap lazy.nvim 2 2 local ensure_lazy = function() 3 - local lazypath = vim.fn.stdpath("data") .. "/lazy/lazy.nvim" 4 - if not vim.loop.fs_stat(lazypath) then 5 - vim.fn.system({ 6 - "git", "clone", "--filter=blob:none", 7 - "https://github.com/folke/lazy.nvim.git", "--branch=stable", -- latest stable release 8 - lazypath 9 - }) 10 - end 11 - vim.opt.rtp:prepend(lazypath) 3 + local lazypath = vim.fn.stdpath("data") .. "/lazy/lazy.nvim" 4 + if not vim.loop.fs_stat(lazypath) then 5 + vim.fn.system({ 6 + "git", "clone", "--filter=blob:none", 7 + "https://github.com/folke/lazy.nvim.git", "--branch=stable", -- latest stable release 8 + lazypath 9 + }) 10 + end 11 + vim.opt.rtp:prepend(lazypath) 12 12 end 13 13 14 14 local lazy_bootstrap = ensure_lazy() 15 15 if lazy_bootstrap then print("Bootstrapped lazy.nvim") end 16 16 17 17 require("lazy").setup({ 18 - install = { colorscheme = { "noirbuddy" } }, 19 - checker = { enabled = false }, 20 - spec = { 21 - -- Color themes 22 - { "shaunsingh/nord.nvim", priority = 1000, lazy = true }, 23 - { "shaunsingh/moonlight.nvim", priority = 1000, lazy = true }, 24 - { "folke/tokyonight.nvim", priority = 1000, lazy = true }, 25 - { "cranberry-clockworks/coal.nvim", priority = 1000, lazy = true }, 26 - { "hardselius/warlock", priority = 1000, lazy = true }, 27 - { "sontungexpt/witch", priority = 1000, lazy = true, config = true }, 28 - { "catppuccin/nvim", name = "catppuccin", priority = 1000, lazy = true }, 29 - { 30 - "neanias/everforest-nvim", 31 - version = false, 32 - lazy = true, 33 - priority = 1000, -- make sure to load this before all the other start plugins 34 - main = "everforest", 35 - opts = { background = "hard" } 36 - }, 37 - { "rebelot/kanagawa.nvim", opts = { compile = true }, priority = 1000, lazy = true }, 38 - { 39 - 'jesseleite/nvim-noirbuddy', 40 - dependencies = { 41 - 'tjdevries/colorbuddy.nvim', 42 - }, 43 - lazy = true, 44 - priority = 1000, 45 - opts = { 46 - -- All of your `setup(opts)` will go here 47 - preset = "oxide", 48 - colors = { 49 - noir_8 = "#3A4649" 50 - } 51 - }, 52 - }, 53 - { 54 - "plan9-for-vimspace/acme-colors" 55 - }, 56 - -- Completion 57 - { 58 - "hrsh7th/nvim-cmp", 59 - dependencies = { 60 - "hrsh7th/cmp-nvim-lsp", 61 - "hrsh7th/cmp-buffer", 62 - "hrsh7th/cmp-path", 63 - "hrsh7th/cmp-vsnip", 64 - "hrsh7th/vim-vsnip", 65 - "petertriho/cmp-git", 66 - "hrsh7th/cmp-cmdline" 67 - }, 68 - config = require('completion') 69 - }, -- nvim lsp plugins 70 - { 71 - "neovim/nvim-lspconfig", 72 - }, 73 - -- LSP Goodness 74 - { 75 - "ray-x/navigator.lua", 76 - dependencies = { 77 - { 'ray-x/guihua.lua', build = 'cd lua/fzy && make' }, 78 - { 'neovim/nvim-lspconfig' }, 79 - } 18 + install = { colorscheme = { "alabaster" } }, 19 + checker = { enabled = false }, 20 + spec = { 21 + -- Color themes 22 + { "shaunsingh/nord.nvim", priority = 1000, lazy = true }, 23 + { "shaunsingh/moonlight.nvim", priority = 1000, lazy = true }, 24 + { "folke/tokyonight.nvim", priority = 1000, lazy = true }, 25 + { "cranberry-clockworks/coal.nvim", priority = 1000, lazy = true }, 26 + { "hardselius/warlock", priority = 1000, lazy = true }, 27 + { "sontungexpt/witch", priority = 1000, lazy = true, config = true }, 28 + { "rose-pine/neovim", priority = 1000, lazy = true }, 29 + { "catppuccin/nvim", name = "catppuccin", priority = 1000, lazy = true }, 30 + { "p00f/alabaster.nvim", priority = 1000, lazy = true }, 31 + { 32 + "neanias/everforest-nvim", 33 + version = false, 34 + lazy = true, 35 + priority = 1000, -- make sure to load this before all the other start plugins 36 + main = "everforest", 37 + opts = { background = "hard" } 38 + }, 39 + { "rebelot/kanagawa.nvim", opts = { compile = true }, priority = 1000, lazy = true }, 40 + { 41 + 'jesseleite/nvim-noirbuddy', 42 + dependencies = { 43 + 'tjdevries/colorbuddy.nvim', 44 + 'nvim-lualine/lualine.nvim' 45 + }, 46 + lazy = true, 47 + priority = 1000, 48 + config = function(_, opts) 49 + -- configure lualine 50 + require('noirbuddy').setup(opts) 51 + local noirbuddy_lualine = require("noirbuddy.plugins.lualine") 52 + require("lualine").setup { 53 + options = { 54 + icons_enabled = true, 55 + --theme = "auto" 56 + theme = noirbuddy_lualine.theme 57 + }, 58 + sections = noirbuddy_lualine.sections, 59 + inactive_sections = noirbuddy_lualine.inactive_sections, 60 + } 61 + end, 62 + opts = { 63 + -- All of your `setup(opts)` will go here 64 + preset = "oxide", 65 + colors = { 66 + noir_8 = "#3A4649" 67 + } 68 + }, 69 + }, 70 + { 71 + "plan9-for-vimspace/acme-colors" 72 + }, 73 + -- Completion 74 + { 75 + "hrsh7th/nvim-cmp", 76 + dependencies = { 77 + "hrsh7th/cmp-nvim-lsp", 78 + "hrsh7th/cmp-buffer", 79 + "hrsh7th/cmp-path", 80 + "hrsh7th/cmp-vsnip", 81 + "hrsh7th/vim-vsnip", 82 + "petertriho/cmp-git", 83 + "hrsh7th/cmp-cmdline" 84 + }, 85 + config = require('completion') 86 + }, -- nvim lsp plugins 87 + { 88 + "neovim/nvim-lspconfig", 89 + config = false 90 + }, 91 + -- LSP Goodness 92 + { 93 + "ray-x/navigator.lua", 94 + dependencies = { 95 + { 'ray-x/guihua.lua', build = 'cd lua/fzy && make' }, 96 + { 'neovim/nvim-lspconfig' }, 97 + } 80 98 81 - }, 82 - { 83 - -- Syntax Highlighting from the future 84 - "nvim-treesitter/nvim-treesitter", 85 - --init = function() vim.cmd([[":TSUpdate"]]) end, 86 - main = "nvim-treesitter.configs", 87 - opts = { 88 - ensure_installed = 'all', 89 - ignore_install = { 'norg' }, 90 - sync_intall = true, 91 - highlight = { 92 - enable = true, 93 - }, 94 - indent = { 95 - enable = false, 96 - }, 97 - }, 98 - build = ":TSUpdate", 99 - version = false, 100 - dependencies = { 101 - "nvim-treesitter/nvim-treesitter-textobjects", 102 - "nvim-treesitter/nvim-treesitter-context", 103 - }, 104 - }, -- Git stuff 105 - -- GitGutter, shows inline difs 106 - "airblade/vim-gitgutter", 107 - { 108 - "NeogitOrg/neogit", 109 - dependencies = { 110 - "nvim-lua/plenary.nvim", -- required 111 - "sindrets/diffview.nvim", -- optional - Diff integration 112 - "nvim-telescope/telescope.nvim" 113 - }, 114 - config = true 115 - }, 116 - -- Auto format tool 117 - { 118 - "stevearc/conform.nvim", 119 - lazy = true, 120 - opts = { 121 - python = { "isort", "black" }, 122 - lua = { "lua-format" }, 123 - clojure = { "cljfmt" }, 124 - rust = { "rustfmt" }, 125 - haskell = { "ormolu", "stylish-haskell" }, 126 - go = { "goimports", "gofmt" }, 127 - java = { "google-java-format" }, 128 - javascript = { "prettier" }, 129 - html = { "prettier" }, 130 - yaml = { "prettier" }, 131 - sh = { "shfmt" }, 132 - c = { "clang-format" }, 133 - } 134 - }, 135 - { 136 - "hedyhli/outline.nvim", 137 - lazy = true, 138 - cmd = { "Outline", "OutlineOpen" }, 139 - config = true, 140 - keys = { 141 - { "<leader>o", "<cmd>Outline<cr>", desc = "Toggle outline" }, 142 - }, 143 - }, 144 - { 145 - "ray-x/go.nvim", 146 - ft = "go", 147 - lazy = true, 148 - dependencies = { 149 - "ray-x/guihua.lua", "neovim/nvim-lspconfig", 150 - "nvim-treesitter/nvim-treesitter" 151 - } 152 - }, 153 - { 154 - "nvim-lualine/lualine.nvim", 155 - config = function(_spec, _opt) 156 - local noirbuddy_lualine = require("noirbuddy.plugins.lualine") 157 - require("lualine").setup { 158 - options = { 159 - icons_enabled = true, 160 - -- when not using noirbuddy, uncomment this 161 - --theme = "auto" 162 - theme = noirbuddy_lualine.theme 163 - }, 164 - sections = noirbuddy_lualine.sections, 165 - inactive_sections = noirbuddy_lualine.inactive_sections, 166 - } 167 - end, 168 - dependencies = { "nvim-tree/nvim-web-devicons", "jesseleite/nvim-noirbuddy" } 169 - }, 170 - -- Fuzzy finding stuff 171 - "junegunn/fzf.vim", 172 - -- A lua + nvim stdlib sort of thing 173 - { "nvim-lua/plenary.nvim", lazy = true, }, 174 - -- Telescope, find anything fast 175 - { 176 - "nvim-telescope/telescope.nvim", 177 - config = true, 178 - dependencies = { 179 - "nvim-lua/plenary.nvim", 180 - "nvim-telescope/telescope-symbols.nvim", 181 - "nvim-telescope/telescope-fzf-native.nvim" 182 - } 183 - }, 184 - { 185 - "folke/trouble.nvim", 186 - dependencies = "nvim-tree/nvim-web-devicons", 187 - config = true, 188 - }, 189 - -- Which key is bound? 190 - -- literally the best plugin ever 191 - { 192 - "folke/which-key.nvim", 193 - init = function() 194 - vim.o.timeout = true 195 - vim.o.timeoutlen = 300 196 - end, 197 - config = true 198 - }, 199 - -- Developing my neovim 200 - { 201 - "folke/lazydev.nvim", 202 - config = true, 203 - ft = "lua", 204 - lazy = true, 205 - opts = { 206 - library = { 207 - path = "luvit-meta/library", words = { "vim%.uv" }, 208 - }, 209 - }, 210 - dependencies = { 211 - "Bilal2453/luvit-meta" 212 - }, 213 - }, 214 - -- Lithsps 215 - { 216 - "windwp/nvim-autopairs", 217 - event = "InsertEnter", 218 - config = function() 219 - local pairs = require("nvim-autopairs") 99 + }, 100 + { 101 + -- Syntax Highlighting from the future 102 + "nvim-treesitter/nvim-treesitter", 103 + --init = function() vim.cmd([[":TSUpdate"]]) end, 104 + main = "nvim-treesitter.configs", 105 + opts = { 106 + ensure_installed = 'all', 107 + ignore_install = { 'norg' }, 108 + sync_intall = true, 109 + highlight = { 110 + enable = true, 111 + }, 112 + indent = { 113 + enable = false, 114 + }, 115 + }, 116 + build = ":TSUpdate", 117 + version = false, 118 + dependencies = { 119 + "nvim-treesitter/nvim-treesitter-textobjects", 120 + "nvim-treesitter/nvim-treesitter-context", 121 + }, 122 + }, -- Git stuff 123 + -- GitGutter, shows inline difs 124 + --"airblade/vim-gitgutter", 125 + { 126 + "NeogitOrg/neogit", 127 + dependencies = { 128 + "nvim-lua/plenary.nvim", -- required 129 + "sindrets/diffview.nvim", -- optional - Diff integration 130 + "nvim-telescope/telescope.nvim" 131 + }, 132 + config = true 133 + }, 134 + -- Auto format tool 135 + { 136 + "stevearc/conform.nvim", 137 + lazy = true, 138 + opts = { 139 + python = { "isort", "black" }, 140 + lua = { "lua-format" }, 141 + clojure = { "cljfmt" }, 142 + rust = { "rustfmt" }, 143 + haskell = { "ormolu", "stylish-haskell" }, 144 + go = { "goimports", "gofmt" }, 145 + java = { "google-java-format" }, 146 + javascript = { "prettier" }, 147 + html = { "prettier" }, 148 + yaml = { "prettier" }, 149 + sh = { "shfmt" }, 150 + c = { "clang-format" }, 151 + } 152 + }, 153 + { 154 + "hedyhli/outline.nvim", 155 + lazy = true, 156 + cmd = { "Outline", "OutlineOpen" }, 157 + config = true, 158 + keys = { 159 + { "<leader>o", "<cmd>Outline<cr>", desc = "Toggle outline" }, 160 + }, 161 + }, 162 + { 163 + "ray-x/go.nvim", 164 + ft = "go", 165 + lazy = true, 166 + dependencies = { 167 + "ray-x/guihua.lua", "neovim/nvim-lspconfig", 168 + "nvim-treesitter/nvim-treesitter" 169 + } 170 + }, 171 + { 172 + "nvim-lualine/lualine.nvim", 173 + config = true, 174 + dependencies = { "nvim-tree/nvim-web-devicons" } 175 + }, 176 + -- Fuzzy finding stuff 177 + --"junegunn/fzf.vim", 178 + "ibhagwan/fzf-lua", 179 + -- A lua + nvim stdlib sort of thing 180 + { "nvim-lua/plenary.nvim", lazy = true, }, 181 + -- Telescope, find anything fast 182 + { 183 + "nvim-telescope/telescope.nvim", 184 + config = true, 185 + dependencies = { 186 + "nvim-lua/plenary.nvim", 187 + "nvim-telescope/telescope-symbols.nvim", 188 + "nvim-telescope/telescope-fzf-native.nvim" 189 + } 190 + }, 191 + { 192 + "folke/trouble.nvim", 193 + dependencies = "nvim-tree/nvim-web-devicons", 194 + config = true, 195 + }, 196 + -- Which key is bound? 197 + -- literally the best plugin ever 198 + { 199 + "folke/which-key.nvim", 200 + init = function() 201 + vim.o.timeout = true 202 + vim.o.timeoutlen = 300 203 + end, 204 + config = true 205 + }, 206 + -- Developing my neovim 207 + { 208 + "folke/lazydev.nvim", 209 + config = true, 210 + ft = "lua", 211 + lazy = true, 212 + opts = { 213 + library = { 214 + path = "luvit-meta/library", words = { "vim%.uv" }, 215 + }, 216 + }, 217 + dependencies = { 218 + "Bilal2453/luvit-meta" 219 + }, 220 + }, 221 + -- Lithsps 222 + { 223 + "windwp/nvim-autopairs", 224 + event = "InsertEnter", 225 + config = function() 226 + local pairs = require("nvim-autopairs") 220 227 221 - pairs.setup({ 222 - check_ts = true, 223 - enable_check_bracket_line = false, 224 - }) 228 + pairs.setup({ 229 + check_ts = true, 230 + enable_check_bracket_line = false, 231 + }) 225 232 226 - pairs.get_rules("`")[1].not_filetypes = { "clojure", "scheme", "scm", "janet" } 227 - pairs.get_rules("'")[1].not_filetypes = { "clojure", "scheme", "scm", "janet", "rust" } 228 - end, 229 - }, 230 - -- This gives me the paredit engine, it's pretty nifty 231 - { 232 - "gpanders/nvim-parinfer", 233 - ft = { "hy", "scheme", "scm", "clojure", "fennel", "janet", "lisp", "python", "lua" }, 234 - lazy = true, 235 - config = function() 236 - vim.g.parinfer_comment_chars = { ";", "#" } 237 - vim.g.parinfer_force_balance = true 238 - end 239 - }, -- )))))) 240 - -- This one gives me vim-sexp like structural editing 241 - { 242 - "julienvincent/nvim-paredit", 243 - config = function() 244 - local paredit = require('nvim-paredit') 245 - paredit.setup({ 246 - indent = { 247 - enabled = true, 248 - }, 249 - --filetypes = {"clojure", "fennel", "janet"}, 250 - keys = { 251 - ["<localleader>w"] = { 252 - function() 253 - -- place cursor and set mode to `insert` 254 - paredit.cursor.place_cursor( 255 - -- wrap element under cursor with `( ` and `)` 256 - paredit.wrap.wrap_element_under_cursor("( ", ")"), 257 - -- cursor placement opts 258 - { placement = "inner_start", mode = "insert" } 259 - ) 260 - end, 261 - "Wrap element insert head", 262 - }, 233 + pairs.get_rules("`")[1].not_filetypes = { "clojure", "scheme", "scm", "janet" } 234 + pairs.get_rules("'")[1].not_filetypes = { "clojure", "scheme", "scm", "janet", "rust" } 235 + end, 236 + }, 237 + -- This gives me the paredit engine, it's pretty nifty 238 + { 239 + "gpanders/nvim-parinfer", 240 + ft = { "hy", "scheme", "scm", "clojure", "fennel", "janet", "lisp", "python", "lua" }, 241 + lazy = true, 242 + config = function() 243 + --vim.g.parinfer_comment_chars = { ";" } 244 + vim.g.parinfer_force_balance = true 245 + end 246 + }, -- )))))) 247 + -- This one gives me vim-sexp like structural editing 248 + { 249 + "julienvincent/nvim-paredit", 250 + config = function() 251 + local paredit = require('nvim-paredit') 252 + paredit.setup({ 253 + indent = { 254 + enabled = true, 255 + }, 256 + filetypes = { "clojure", "fennel", "janet" }, 257 + }) 258 + end, 259 + lazy = true, 260 + ft = { "hy", "scheme", "scm", "clojure", "fennel", "janet", "lisp", "python", "lua" } 261 + }, 262 + --{ "hiphish/rainbow-delimiters.nvim", priority = 1050, }, 263 + -- Conjure, lisp is magical 264 + { 265 + "Olical/conjure", 266 + dependencies = { "PaterJason/cmp-conjure" }, 267 + config = function() 268 + vim.g["conjure#client#scheme#stdio#command"] = "gxi" 269 + vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "%d*> $?" 270 + end, 271 + lazy = true, 272 + ft = { "scheme", "scm", "lisp", "fennel", "clojure", "lua", "janet" }, 273 + }, 274 + { "PaterJason/cmp-conjure", lazy = true }, 275 + { "p1xelHer0/gerbil.nvim", lazy = true, ft = "scheme", config = true }, -- Fennel, Luasthp 276 + { "jaawerth/fennel.vim", lazy = true, ft = "fennel", config = true }, 277 + { "rktjmp/hotpot.nvim", lazy = true, ft = "fennel", config = true }, 278 + { "Olical/nfnl", lazy = true, ft = "fennel", config = true }, -- Rust stuff 279 + { 280 + "mrcjkb/rustaceanvim", 281 + lazy = false, 282 + version = "^6" 283 + }, 284 + { "mfussenegger/nvim-dap", lazy = true, ft = { "c", "rust" } }, 285 + { 286 + "saecki/crates.nvim", 287 + tag = "v0.4.0", 288 + dependencies = { "nvim-lua/plenary.nvim" }, 289 + config = function() require("crates").setup() end, 290 + lazy = true, 291 + ft = { "rust" } 292 + }, -- RISC-V Assembly syntax highlighting 293 + { "kylelaker/riscv.vim", ft = "riscv" }, -- Hare Stuff 294 + -- Hare stuff 295 + -- Haredoc 296 + { 297 + url = "https://git.sr.ht/~torresjrjr/vim-haredoc", 298 + lazy = true, 299 + ft = { "hare" }, 300 + branch = "dev" 301 + }, 302 + { url = "https://git.sr.ht/~sircmpwn/hare.vim", ft = { "hare" } }, 303 + -- TCL 304 + { "lewis6991/tree-sitter-tcl", lazy = true, build = "make" }, 305 + -- LF 306 + { 307 + "ptzz/lf.vim", 308 + lazy = true, 309 + cmd = { "Lf" }, 310 + dependencies = { "voldikss/vim-floaterm" } 311 + }, 312 + { "imsnif/kdl.vim", lazy = true, ft = "kdl" }, 313 + { "catgoose/nvim-colorizer.lua", lazy = true, ft = { "css", "html", "toml", "conf" } }, 314 + { "github/copilot.vim", lazy = true, cmd = { "Copilot" } }, 315 + { 316 + "cshuaimin/ssr.nvim", 317 + config = function() 318 + local ssr = require("ssr") 319 + ssr.setup { 320 + border = "rounded", 321 + min_width = 50, 322 + min_height = 5, 323 + max_width = 120, 324 + max_height = 25, 325 + adjust_window = true, 326 + keymaps = { 327 + close = "q", 328 + next_match = "n", 329 + prev_match = "N", 330 + replace_confirm = "<cr>", 331 + replace_all = "<leader><cr>", 332 + }, 333 + } 334 + vim.keymap.set({ "n", "x" }, "<leader>sr", function() ssr.open() end) 335 + end 336 + }, 337 + { "lewis6991/gitsigns.nvim", config = true }, 338 + { 339 + "greggh/claude-code.nvim", 340 + dependencies = { 341 + "nvim-lua/plenary.nvim" 342 + }, 343 + config = true 344 + } 263 345 264 - ["<localleader>W"] = { 265 - function() 266 - paredit.cursor.place_cursor( 267 - paredit.wrap.wrap_element_under_cursor("(", ")"), 268 - { placement = "inner_end", mode = "insert" } 269 - ) 270 - end, 271 - "Wrap element insert tail", 272 - }, 273 - -- same as above but for enclosing form 274 - ["<localleader>i"] = { 275 - function() 276 - paredit.cursor.place_cursor( 277 - paredit.wrap.wrap_enclosing_form_under_cursor("( ", ")"), 278 - { placement = "inner_start", mode = "insert" } 279 - ) 280 - end, 281 - "Wrap form insert head", 282 - }, 283 - ["<localleader>I"] = { 284 - function() 285 - paredit.cursor.place_cursor( 286 - paredit.wrap.wrap_enclosing_form_under_cursor("(", ")"), 287 - { placement = "inner_end", mode = "insert" } 288 - ) 289 - end, 290 - "Wrap form insert tail", 291 - }, 292 - ["<localleader>["] = { 293 - function() 294 - paredit.cursor.place_cursor( 295 - paredit.wrap.wrap_enclosing_form_under_cursor("[", "]"), 296 - { placement = "inner_start", mode = "insert" } 297 - ) 298 - end, 299 - }, 300 - ["<localleader>{"] = { 301 - function() 302 - paredit.cursor.place_cursor( 303 - paredit.wrap.wrap_enclosing_form_under_cursor("{", "}"), 304 - { placement = "inner_end", mode = "insert" } 305 - ) 306 - end, 307 - }, 308 - }, 309 - }) 310 - end, 311 - lazy = true, 312 - ft = { "hy", "scheme", "scm", "clojure", "fennel", "janet", "lisp", "python", "lua" } 313 - }, 314 - { 315 - "chiefnoah/nvim-paredit-janet", 316 - dependencies = { "julienvincent/nvim-paredit" }, 317 - lazy = true, 318 - ft = { "janet" }, 319 - config = function() 320 - require("nvim-paredit-janet").setup() 321 - end, 322 - }, 323 - { 324 - "julienvincent/nvim-paredit-fennel", 325 - dependencies = { "julienvincent/nvim-paredit" }, 326 - lazy = true, 327 - ft = { "fennel" }, 328 - config = true, 329 - }, 330 - { 331 - "ekaitz-zarraga/nvim-paredit-scheme", 332 - lazy = true, 333 - ft = { "scheme" }, 334 - config = function() 335 - require("nvim-paredit-scheme").setup(require("nvim-paredit")) 336 - end, 337 - }, 338 - --{ "hiphish/rainbow-delimiters.nvim", priority = 1050, }, 339 - -- Conjure, lisp is magical 340 - { 341 - "Olical/conjure", 342 - dependencies = { "PaterJason/cmp-conjure" }, 343 - config = function() 344 - vim.g["conjure#client#scheme#stdio#command"] = "gxi" 345 - vim.g["conjure#client#scheme#stdio#prompt_pattern"] = "%d*> $?" 346 - end, 347 - lazy = true, 348 - ft = { "scheme", "scm", "lisp", "fennel", "clojure", "lua", "janet" }, 349 - }, 350 - { "PaterJason/cmp-conjure", lazy = true }, 351 - { "p1xelHer0/gerbil.nvim", lazy = true, ft = "scheme", config = true }, -- Fennel, Luasthp 352 - { "jaawerth/fennel.vim", lazy = true, ft = "fennel", config = true }, 353 - { "rktjmp/hotpot.nvim", lazy = true, ft = "fennel", config = true }, 354 - { "Olical/nfnl", lazy = true, ft = "fennel", config = true }, -- Rust stuff 355 - { 356 - "simrat39/rust-tools.nvim", 357 - lazy = true, 358 - ft = { "rust" }, 359 - config = function() 360 - local rt = require("rust-tools") 361 - rt.setup({ 362 - server = { 363 - on_attach = function(_, bufnr) 364 - -- Hover actions 365 - vim.keymap.set("n", "<C-space>", 366 - rt.hover_actions.hover_actions, 367 - { buffer = bufnr }) 368 - -- Code action groups 369 - vim.keymap.set("n", "<Leader>a", 370 - rt.code_action_group.code_action_group, 371 - { buffer = bufnr }) 372 - end 373 - } 374 - }) 375 - end, 376 - dependencies = { "nvim-lua/plenary.nvim" } 377 - }, 378 - { "mfussenegger/nvim-dap", lazy = true, ft = { "c", "rust" } }, 379 - { 380 - "saecki/crates.nvim", 381 - tag = "v0.4.0", 382 - dependencies = { "nvim-lua/plenary.nvim" }, 383 - config = function() require("crates").setup() end, 384 - lazy = true, 385 - ft = { "rust" } 386 - }, -- RISC-V Assembly syntax highlighting 387 - { "kylelaker/riscv.vim", ft = "riscv" }, -- Hare Stuff 388 - -- Hare stuff 389 - -- Haredoc 390 - { 391 - url = "https://git.sr.ht/~torresjrjr/vim-haredoc", 392 - lazy = true, 393 - ft = { "hare" }, 394 - branch = "dev" 395 - }, 396 - { url = "https://git.sr.ht/~sircmpwn/hare.vim", ft = { "hare" } }, 397 - -- TCL 398 - { "lewis6991/tree-sitter-tcl", lazy = true, build = "make" }, 399 - -- LF 400 - { 401 - "ptzz/lf.vim", 402 - lazy = true, 403 - cmd = { "Lf" }, 404 - dependencies = { "voldikss/vim-floaterm" } 405 - }, 406 - -- SuperMaven, another AI coding tool 407 - { 408 - "supermaven-inc/supermaven-nvim", 409 - opts = { keymaps = { accept_suggestion = "<C-f>" } }, 410 - lazy = true, 411 - cmd = "SupermavenStart" 412 - }, 413 - { "imsnif/kdl.vim", lazy = true, ft = "kdl" }, 414 - } 346 + } 415 347 })
+133
nvim/syntax/infsh.vim
··· 1 + " Vim syntax file 2 + " Language: OS Inferno sh 3 + " Maintainer: Alex Efros <powerman-asdf@ya.ru> 4 + " URL: http://powerman.name/download/vim/syntax/infsh.vim 5 + " Version: 1.10 6 + " Last Change: 2012-12-09 7 + 8 + if version < 600 9 + syntax clear 10 + elseif exists("b:current_syntax") 11 + finish 12 + endif 13 + 14 + 15 + syn cluster infshTOP contains=infshError 16 + " usual typo 17 + syn match infshError +"+ 18 + 19 + syn cluster infshTOP add=infshSubst,infshCmdOut,infshBlock 20 + " substitution command 21 + syn region infshSubst matchgroup=infshSubstDelimiter keepend extend start="\$["#]\?{\w\@=" end="}" contains=@infshTOP,@NoSpell 22 + syn match infshSubstName contained "\(\$["#]\?{\)\@<=\w\+" containedin=infshSubst 23 + " get command output 24 + syn region infshCmdOut matchgroup=infshCmdOutDelimiter keepend extend start="[`"]{" end="}" contains=@infshTOP,@NoSpell 25 + " command block 26 + syn region infshBlock matchgroup=infshDelimiter keepend extend start="{" end="}" contains=@infshTOP,@NoSpell 27 + 28 + syn cluster infshTOP add=infshDelimiter,infshRedir,infshConditional,infshOperator,infshPatternClass,infshPattern 29 + " top-level delimiters 30 + syn match infshDelimiter "[;&()]" 31 + syn match infshRedir "[|<>]\(\[\d\+\(=\d\+\)\?\]\)\?" 32 + syn match infshConditional "&&\|||" 33 + syn match infshOperator "\(:=\|=\|\^\)" 34 + syn region infshPatternClass matchgroup=infshPattern keepend extend oneline start="\[^\?" end="\]" contains=infshPatternInClass 35 + syn match infshPatternInClass contained "\(\[^\?\)\@<!-\]\@!" 36 + syn match infshPattern "[*?]" 37 + 38 + syn cluster infshTOP add=infshVar,infshSpecVar,infshError 39 + " references to variables 40 + syn match infshVar "\$["#]\?[$(']\@=" 41 + syn match infshVar "\$["#]\?\(`{\)\@=" 42 + syn match infshVar "\$["#]\(\"{\)\@=" 43 + " variables with single-char names (spec chars & unicode) 44 + syn match infshVar "\$["#]\?[!%+,\-./:?@\[\\\]~]" 45 + syn match infshVar "\$["#]\?[^\x0-\x7f]" 46 + " special variables 47 + syn match infshSpecVar "\$["#]\?[*]" 48 + syn match infshSpecVar "\$["#]\?[0]" 49 + syn match infshSpecVar "\$["#]\?[1-9][0-9]*" 50 + " variables with usual names 51 + syn match infshVar "\$["#]\?[a-zA-Z_][*0-9a-zA-Z_]*" 52 + syn match infshVar "\$["#]\?[*0][*0-9a-zA-Z_]\+" 53 + syn match infshVar "\$["#]\?[1-9][0-9]*[*a-zA-Z_][*0-9a-zA-Z_]*" 54 + " more special variables 55 + syn match infshSpecVar "\$["#]\?\(status\|apid\|ifs\|prompt\|autoload\)[*0-9a-zA-Z_]\@!" 56 + " bad variables 57 + syn match infshError "\$["#]\?[ \t\n&);<=>^|}]\@=" 58 + syn match infshError "\$["#]\?\((\s*)\)\@=" 59 + syn match infshError "\$["#]\?\(''[^']\@=\)\@=" 60 + syn match infshError "\$["#]\?\([`]{\@!\)\@=" 61 + syn match infshError "\$["#]\(["]{\@!\)\@=" 62 + syn match infshError "\$["#][#]\@=" 63 + 64 + syn cluster infshTOP add=infshStr,infshComment,infshShebang 65 + " quoted string 66 + syn region infshStr matchgroup=infshStrQ keepend extend start="'" skip="''" end="'" contains=infshStrQQ 67 + syn match infshStrQQ contained "''" 68 + " comment 69 + syn match infshComment "#.*" contains=infshTodo,@Spell extend 70 + syn keyword infshTodo contained TODO TBD FIXME XXX NOTE BUG WARNING DEBUG OPTIMIZATION WORKAROUND 71 + " shebang 72 + syn match infshShebang "^#!/dis/sh\(\.dis\)\?\(\s\+-[nlvx]\+\)*\s*$" contains=infshOpts 73 + syn match infshOpts contained "-[nlvx]\+" 74 + 75 + syn cluster infshTOP add=infshStatement,infshConditional,infshRepeat,infshOperator,infshKeyword,infshException,infshPctlType 76 + " keywords 77 + syn keyword infshStatement fn subfn 78 + syn keyword infshConditional and or if 79 + syn keyword infshRepeat apply getlines for in while 80 + syn keyword infshOperator run builtin exit load unload 81 + syn keyword infshOperator no pctl status 82 + syn match infshOperator "[@!~]" 83 + syn keyword infshKeyword flag loaded whatis 84 + syn keyword infshException raise rescue 85 + syn keyword infshPctlType newfd forkfd newns forkns newpgrp nodevs 86 + 87 + 88 + if version >= 508 || !exists("did_infsh_syn_inits") 89 + if version < 508 90 + let did_infsh_syn_inits = 1 91 + command -nargs=+ HiLink hi link <args> 92 + else 93 + command -nargs=+ HiLink hi def link <args> 94 + endif 95 + 96 + HiLink infshSubstDelimiter Identifier 97 + HiLink infshSubstName Operator 98 + 99 + HiLink infshCmdOutDelimiter Include 100 + 101 + HiLink infshDelimiter Delimiter 102 + HiLink infshRedir Type 103 + HiLink infshConditional Conditional 104 + HiLink infshOperator Operator 105 + HiLink infshPattern SpecialChar 106 + HiLink infshPatternInClass SpecialChar 107 + 108 + HiLink infshVar Identifier 109 + HiLink infshSpecVar Special 110 + 111 + HiLink infshError Error 112 + 113 + HiLink infshStr String 114 + HiLink infshStrQ String 115 + HiLink infshStrQQ SpecialChar 116 + 117 + HiLink infshComment Comment 118 + HiLink infshTodo Todo 119 + HiLink infshShebang Comment 120 + HiLink infshOpts PreProc 121 + 122 + HiLink infshStatement Statement 123 + HiLink infshConditional Conditional 124 + HiLink infshRepeat Repeat 125 + HiLink infshOperator Operator 126 + HiLink infshKeyword Keyword 127 + HiLink infshException Exception 128 + HiLink infshPctlType Type 129 + 130 + delcommand HiLink 131 + endif 132 + 133 + let b:current_syntax = "infsh"
+97
nvim/syntax/mkfile.vim
··· 1 + " Vim syntax file 2 + " Language: mkfile (used by OS Inferno mk(1)) 3 + " Maintainer: Alex Efros <powerman-asdf@ya.ru> 4 + " URL: http://powerman.name/download/vim/syntax/mkfile.vim 5 + " Version: 1.10 6 + " Last Change: 2012-12-09 7 + 8 + if version < 600 9 + syntax clear 10 + elseif exists("b:current_syntax") 11 + finish 12 + endif 13 + 14 + 15 + syn include @ShOs syntax/sh.vim 16 + unlet b:current_syntax 17 + syn include @ShInferno syntax/infsh.vim 18 + unlet b:current_syntax 19 + 20 + 21 + syn match mkfileComment "\\\@<!#.\{-}\(\\\?\n\)\@=" contains=mkfileTodo,@Spell 22 + syn keyword mkfileTodo contained TODO TBD FIXME XXX NOTE BUG WARNING DEBUG OPTIMIZATION WORKAROUND 23 + syn match mkfileEscaped "\\." 24 + syn match mkfileError contained "^\s\+\S.*" 25 + 26 + syn match mkfileDelimiter contained "[=:%<|]" 27 + syn match mkfileNextLine contained "\\\n" 28 + \ containedin=mkfileAssignment,mkfileVarWithAttr,mkfileVar,mkfileTargetWithAttr,mkfileTargets 29 + 30 + syn match mkfileVarValue contained "\$\w\+" 31 + syn match mkfileVarValue contained "\${\w\+}" 32 + syn match mkfileVarValue contained "\${\w\+:[^}]*}" contains=mkfileVarSubst 33 + syn match mkfileVarSubst contained ":[^}]*" contains=mkfileDelimiter,mkfileVarValue 34 + syn match mkfileVarDelimiter contained "[${}]" 35 + \ containedin=mkfileVarValue 36 + 37 + syn region mkfileExternal excludenl keepend start="^<" end="$" contains=mkfileDelimiter,mkfileVarValue 38 + 39 + syn region mkfileAssignment excludenl keepend start="^\w\(\w\|\\\n\)*\(\s\|\\\n\)*=" skip="\\\n" end="$" 40 + \ contains=mkfileVarWithAttr,mkfileVarValue,mkfileComment,mkfileEscaped 41 + \ skipempty nextgroup=mkfileError 42 + syn match mkfileVarWithAttr contained "^\w\(\w\|\\\n\)*\(\s\|\\\n\)*=\(\(\\\n\)*\(=\|U\(\\\n\)*=\)\)\?" 43 + \ contains=mkfileVar,mkfileDelimiter,mkfileVarAttr 44 + syn match mkfileVar contained "^\(\w\|\\\n\)*\w" 45 + syn match mkfileVarAttr contained "\(=\(\\\n\)*\)\@<=U\(\(\\\n\)*=\)\@=" 46 + 47 + syn region mkfileRule excludenl keepend start="^[^ \t#=:]\([^#=:]\|\\\n\)*:" skip="\\\n" end="$" 48 + \ contains=mkfileTargetWithAttr,mkfilePrereq,mkfileVarValue,mkfileComment,mkfileEscaped 49 + \ skipempty nextgroup=mkfileError,mkfileRecipe 50 + syn region mkfileRule_os excludenl keepend start="^[^ \t#=:]\([^ \t#=:]\|\\\n\)*-\(os\|sh\):" skip="\\\n" end="$" 51 + \ contains=mkfileTargetWithAttr,mkfilePrereq,mkfileVarValue,mkfileComment,mkfileEscaped 52 + \ skipempty nextgroup=mkfileError,mkfileRecipe_os 53 + syn match mkfileTargetWithAttr contained "^[^ \t#=:]\([^#=:]\|\\\n\)*:\(\(\\\n\)*\(:\|[<DENnPQRUV]\+\(\\\n\)*:\)\)\?" 54 + \ contains=mkfileTargets,mkfileDelimiter,mkfileTargetAttr 55 + syn match mkfileTargets contained "^\([^#=:]\|\\\n\)*[^ \t#=:]" 56 + \ contains=mkfileDelimiter,mkfileVarValue 57 + syn match mkfileTargetAttr contained "\(:\(\\\n\)*\)\@<=[<DENnPQRUV]\+\(\(\\\n\)*:\)\@=" 58 + syn match mkfilePrereq contained "\(:\(\\\n\)*\)\@<=.*" 59 + \ contains=mkfileDelimiter,mkfileVarValue,mkfileComment,mkfileEscaped 60 + syn region mkfileRecipe contained excludenl keepend start="^\s.*" skip="\n\s" end="$" 61 + \ contains=@ShInferno 62 + syn region mkfileRecipe_os contained excludenl keepend start="^\s.*" skip="\n\s" end="$" 63 + \ contains=@ShOs 64 + " without including @Sh…: 65 + " \ contains=mkfileVarValue,mkfileComment,mkfileEscaped 66 + 67 + 68 + if version >= 508 || !exists("did_mkfile_syn_inits") 69 + if version < 508 70 + let did_mkfile_syn_inits = 1 71 + command -nargs=+ HiLink hi link <args> 72 + else 73 + command -nargs=+ HiLink hi def link <args> 74 + endif 75 + 76 + HiLink mkfileError Error 77 + HiLink mkfileComment Comment 78 + HiLink mkfileTodo Todo 79 + HiLink mkfileEscaped Special 80 + 81 + HiLink mkfileDelimiter Operator 82 + HiLink mkfileNextLine Special 83 + 84 + HiLink mkfileVarValue Identifier 85 + HiLink mkfileVarSubst String 86 + HiLink mkfileVarDelimiter Delimiter 87 + 88 + HiLink mkfileVar Identifier 89 + HiLink mkfileVarAttr Type 90 + 91 + HiLink mkfileTargets Function 92 + HiLink mkfileTargetAttr Type 93 + 94 + delcommand HiLink 95 + endif 96 + 97 + let b:current_syntax = "mkfile"
-72
odin.nix
··· 1 - # Edit this configuration file to define what should be installed on 2 - ## your system. Help is available in the configuration.nix(5) man page, on 3 - # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). 4 - 5 - { pkgs, config, nixpkgs-unstable, unstable, ... }: 6 - { 7 - imports = 8 - [ 9 - # Include the results of the hardware scan. 10 - ./hardware-configuration.nix 11 - ./boot.nix 12 - ./networking.nix 13 - ./gui.nix 14 - ./users.nix 15 - ./packages.nix 16 - ./services.nix 17 - ]; 18 - _module.args.unstable = import nixpkgs-unstable { 19 - inherit (pkgs.stdenv.hostPlatform) system; 20 - inherit (config.nixpkgs) config; 21 - }; 22 - 23 - nixpkgs.config.allowUnfree = true; 24 - # Set your time zone. 25 - time.timeZone = "America/Chicago"; 26 - 27 - # Select internationalisation properties. 28 - i18n.defaultLocale = "en_US.UTF-8"; 29 - # console = { 30 - # font = "Lat2-Terminus16"; 31 - # keyMap = "us"; 32 - # useXkbConfig = true; # use xkb.options in tty. 33 - # }; 34 - 35 - # Copy the NixOS configuration file and link it from the resulting system 36 - # (/run/current-system/configuration.nix). This is useful in case you 37 - # accidentally delete configuration.nix. 38 - system.copySystemConfiguration = true; 39 - 40 - # Automatic doc cache generation 41 - documentation.man.generateCaches = true; 42 - 43 - # Automatic system upgrades 44 - system.autoUpgrade = { 45 - enable = true; 46 - dates = "09:00"; 47 - randomizedDelaySec = "45min"; 48 - }; 49 - 50 - # Automatic Garbage Collection 51 - nix.gc.automatic = true; 52 - nix.gc.options = "--delete-older-than 8d"; 53 - 54 - # This option defines the first version of NixOS you have installed on this particular machine, 55 - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. 56 - # 57 - # Most users should NEVER change this value after the initial install, for any reason, 58 - # even if you've upgraded your system to a new NixOS release. 59 - # 60 - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, 61 - # so changing it will NOT upgrade your system. 62 - # 63 - # This value being lower than the current NixOS release does NOT mean your system is 64 - # out of date, out of support, or vulnerable. 65 - # 66 - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, 67 - # and migrated your data accordingly. 68 - # 69 - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . 70 - system.stateVersion = "23.11"; # Did you read the comment? 71 - 72 - }
-140
packages.nix
··· 1 - { pkgs, lib, ... }: 2 - let # bash script to let dbus know about important env variables and 3 - # propagate them to relevent services run at the end of sway config 4 - # see 5 - # https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist 6 - # note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts 7 - # some user services to make sure they have the correct environment variables 8 - dbus-sway-environment = pkgs.writeTextFile { 9 - name = "dbus-sway-environment"; 10 - destination = "/bin/dbus-sway-environment"; 11 - executable = true; 12 - 13 - text = '' 14 - dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway 15 - systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 16 - systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 17 - ''; 18 - }; 19 - 20 - # currently, there is some friction between sway and gtk: 21 - # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland 22 - # the suggested way to set gtk settings is with gsettings 23 - # for gsettings to work, we need to tell it where the schemas are 24 - # using the XDG_DATA_DIR environment variable 25 - # run at the end of sway config 26 - configure-gtk = pkgs.writeTextFile { 27 - name = "configure-gtk"; 28 - destination = "/bin/configure-gtk"; 29 - executable = true; 30 - text = 31 - let 32 - # TODO: figure out why these bindings exist or where they're used 33 - schema = pkgs.gsettings-desktop-schemas; 34 - datadir = "${schema}/share/gsettings-schemas/${schema.name}"; 35 - in 36 - '' 37 - 6 gnome_schema=org.gnome.desktop.interface 38 - gsettings set $gnome_schema gtk-theme 'Dracula' 39 - ''; 40 - }; 41 - in 42 - { 43 - 44 - # List packages installed in system profile. To search, run: 45 - # $ nix search wget 46 - environment.systemPackages = with pkgs; [ 47 - neovim 48 - appimage-run 49 - tzdata 50 - wget 51 - kitty 52 - file 53 - w3m 54 - fishPlugins.fzf-fish 55 - fzf 56 - qemu 57 - qemu-user 58 - qemu-utils 59 - qemu_full 60 - OVMF 61 - #9p stuff 62 - diod 63 - plan9port 64 - vis 65 - rc 66 - 67 - smartmontools 68 - 69 - # Sway stuff 70 - wdisplays 71 - mako 72 - bemenu 73 - wl-clipboard 74 - slurp 75 - grim 76 - swayidle 77 - swaylock 78 - adwaita-icon-theme 79 - dracula-theme 80 - glib 81 - xdg-utils 82 - wayland 83 - configure-gtk 84 - dbus-sway-environment 85 - dbus 86 - pkg-config 87 - zlib 88 - # why wouldn't I want documentation on my system 89 - man-pages 90 - man-pages-posix 91 - linuxPackages_latest.perf 92 - ]; 93 - documentation.dev.enable = true; 94 - 95 - # Fix dynamically linked libraries for unpackaged binaries 96 - programs.nix-ld = { 97 - enable = true; 98 - libraries = with pkgs; [ 99 - # Add missing dynamic libraries for unpackaged programs HERE 100 - # NOT in environment.systemPackages 101 - zlib 102 - openssl 103 - sqlite 104 - libunwind 105 - libglvnd 106 - libclang 107 - systemdLibs 108 - ]; 109 - }; 110 - programs.nix-index = { 111 - enable = true; 112 - enableFishIntegration = true; 113 - enableBashIntegration = false; 114 - enableZshIntegration = false; 115 - }; 116 - 117 - # Run other bins in QEMU 118 - boot.binfmt.emulatedSystems = [ 119 - "aarch64-linux" 120 - "riscv64-linux" 121 - ]; 122 - # UEFI firmware support for QEMU 123 - systemd.tmpfiles.rules = [ "L+ /var/lib/qemu/firmware - - - - ${pkgs.qemu}/share/qemu/firmware" ]; 124 - 125 - 126 - 127 - # Logseq uses an ancient version of Electron, so we enable that 128 - nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; 129 - 130 - # Whitelist some unfree packages 131 - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ 132 - "discord" 133 - "spotify" 134 - "obsidian" 135 - "unstable.obsidian" 136 - "tailscale" 137 - "google-chrome" 138 - "slack" 139 - ]; 140 - }
+5 -2
scripts/nr
··· 1 1 #!/usr/bin/env rc 2 2 3 3 flag e + 4 - flag x + 4 + 5 + if(~ $1 -x) { 6 + flag x + 7 + shift 8 + } 5 9 6 10 pkg=$1 7 - 8 11 shift 9 12 10 13 exec nix run 'nixpkgs#'^$pkg -- $*
-8
scripts/oclip
··· 1 - #!/usr/bin/env rc 2 - flag e + 3 - 4 - if (~ $1 -x) { 5 - flag x + 6 - } 7 - data=`{base64 <[0=0]} 8 - printf '\033]52;c;%s\007' $"data
+3
scripts/ocopy
··· 1 + #!/usr/bin/env sh 2 + 3 + printf "\033]52;c;%s\007" "$(base64 <&0)"
+1
secrets/cache-pub-key.pem
··· 1 + misaki.packetlost.dev:y5Z/utaVBozpL0UAbUQDWLjpm2sVMOoKzyG76n/167A=
+10
secrets/catgirl-libera.age
··· 1 + age-encryption.org/v1 2 + -> ssh-ed25519 QBbeMw PrgR2RT7HMRapTw8QcRtBU1vfOdrvOdFR+dxlaTMSH4 3 + 2oG68+hYV5W90Beaqpi/VonPwXzB52NTwwJGKmV8YM0 4 + -> ssh-ed25519 Wv0Urw LvqWE5p2G3QnxbqOQMSd631mCqfhJvE9P/yRuwTTkFk 5 + 3jGowP4TKe3T92NXcZjmqU+QFGcyuT2+H3EU/nqTF8s 6 + -> ssh-ed25519 WVNCXA YGX6M8E4JGpJNeZIhiN/t+tx1NQNc+Ewy9HC2dxm3yY 7 + mhxXrgnbh4ng2tIeQrYfxlnlSCk/fTEBDDOg2MEVP2g 8 + --- JpMgqNty36r0OAyDTaLY8yiFHGXzQLm8gh6XXmJQ094 9 + E~�ƿ ׭ #2%%��`Ϳ�~��~�Si<�3� 10 + 7k��b�+OMr�3GxžhG�WY9.�xU1�Re�*%���v�!����������2�wJ_B�)�"��I� �k��[u�jvV5��8n�D��2���H�|
secrets/nix-serve-secret-key.age

This is a binary file and will not be displayed.

+13
secrets/noah-hashed-password.age
··· 1 + age-encryption.org/v1 2 + -> ssh-ed25519 e6zq8g Y6AKrd+CWu2+QqPEslYof/XQTTSMf/WNlW9t8FagYgQ 3 + +hiVmTdBt2w/CUusGWOmHgPB3/A3NlcVJ6a4hieWKaE 4 + -> ssh-ed25519 FcROng uBO/aCTSS5JU9ZTkyRgFeYhmkcXdifUycQk8CEGADx0 5 + LZE8JNFrlOeySFamABnZuZHdXdLPYB8/X4gic3stCuw 6 + -> ssh-ed25519 OV+2QQ m13opn5yD0oMLSR8j1jiI9CkzwDSZI37UhJdLQ/KzjE 7 + 6arhn/OFKiGrFabcFCF/yTtTSQImORJX5Ohq50I3xpU 8 + -> ssh-ed25519 h/Fm0A HfM3i56ldP9EvwYTNorzdtkwn21zvFd6cEqUINsg8hg 9 + RJo7z0Nk179ZiazofToA+0KOD3CWfpzaFcZWrSeVsuo 10 + -> ssh-ed25519 Aoo1Gg DKY2avQ+UMyIytEefP6C3LTXTT7QaDBDguxu4G3j/iY 11 + EqCq0BeV+rToFnOCbD9ru9KroXxGcYKRnryKF7N8Uoo 12 + --- L0JkNEz2vJ0m7+8PQELugzzhQAKV/6z/JrU2qeTDPWI 13 + /g�DQ�ӳ`�����< �S��U���p}E+(��2H�'��͖�������Av6p.P#,����l �����@��7���|F�;;�Dޓ,�8@���E{
+9
secrets/porkbun-api-key.age
··· 1 + age-encryption.org/v1 2 + -> ssh-ed25519 e6zq8g x6PGKDva9Uj/rVaeOiWSBKTgNsi6ZT1XtHdUEAPn7Wo 3 + hziH64vy2Dx0dMEEKphhw54hzyzhgAYONxaSqDgguP0 4 + -> ssh-ed25519 QBbeMw G775f6PEJrogzi+h0cDKhCmfZ4t8uaJSsGqSuLdwq1M 5 + TR9UfYVljeb+DtttBpMlinZjbPNKL7+omEasEo0nEjE 6 + -> ssh-ed25519 Wv0Urw jXwjCKuCW6z7ZGu0hp/igks4vgCcGGng0VGXeHakJRI 7 + b6fciWjygpGMI83E3C3JBjJZ7X5tDXRPRKgn1Uy/1P0 8 + --- X67NLqQNueHXFrw9Z2SBA880xnUEPLbKRjADgdiBfIs 9 + &u&6�=�ڌ5�!,B[��e������F�[��9�� "lU����<�9�D$m̆��6`JU �dB~S�A6D;s��љ: M��p g�Y��@pBj�6���f����p�;��{�H�y�2{�?���#Pl�D@#ye��3��jD��tץ����6���=�A�������lJڊQ'���..>�(񵑅|wn��Zf<= _
+29
secrets/secrets.nix
··· 1 + let 2 + noah = [ 3 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQFlX3hhXxsqAUYLvF+IX1YWQ+k22OHlqMOjgyNBe9e noah@misaki" 4 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/cXL1cV6QUW5z2bJp1mCu0CXrcc0Dntdxaeo3fg60N noah@odin" 5 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIChbA8oSqYgmjIGYjlpAPLf+Nl6IlcSb2Zmh/Hl6xm88 noah@accelerator" 6 + ]; 7 + misaki = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO+Rcf4Lr+JPWGKQol6eAml6SMgERkGJWgN7y1qYUUvX root@nixos"; 8 + edge = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINCmFKYXpQf1E8E7fj5s+3R33HPRjPhXrv++FCKYBCd4 root@nixos"; 9 + odin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJIuvOXEK7M2i/Q8FeableBS+L20zwQpLetOuFGUhba2 root@nixos"; 10 + touma-wsl = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFeyj52bQ/nf5k4HwDckeHy8wU3weDtY6IF6VlUJ/hAH root@nixos"; 11 + shizuri = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIaMdVtl8UlDa9kI/PO62Glu/PeJXfgXNsVg92b+BibE root@nixos"; 12 + hosts = [ 13 + misaki 14 + edge 15 + odin 16 + touma-wsl 17 + shizuri 18 + ]; 19 + in 20 + { 21 + "porkbun-api-key.age".publicKeys = [ misaki ] ++ noah; 22 + "noah-hashed-password.age".publicKeys = hosts; 23 + "nix-serve-secret-key.age".publicKeys = [ 24 + misaki 25 + noah 26 + ]; 27 + "validator-identity.age".publicKeys = [ edge ]; 28 + "catgirl-libera.age".publicKeys = noah; 29 + }
secrets/validator-identity.age

This is a binary file and will not be displayed.

+24 -30
services.nix
··· 1 - { ... }: 1 + { enableNFTables, lib, ... }: 2 2 { 3 + 3 4 # Some programs need SUID wrappers, can be configured further or are 4 5 # started in user sessions. 5 - # programs.mtr.enable = true; 6 - programs.gnupg.agent = { 7 - enable = true; 8 - enableSSHSupport = false; 9 - }; 6 + programs.mtr.enable = true; 10 7 11 8 # Fish shell, the best 12 9 programs.fish.enable = true; 13 10 14 - # List services that you want to enable: 15 - 16 - # Enable the OpenSSH daemon. 17 - services.openssh.enable = true; 18 - 19 - # Smart Card daemon 20 - services.pcscd.enable = true; 21 - 22 - # This option is for enabling the bolt daemon for managing Thunderbolt/USB4 Devices. 23 - services.hardware.bolt.enable = true; 24 - 25 11 # Tailscale 26 12 services.tailscale = { 27 13 enable = true; 28 - useRoutingFeatures = "client"; 14 + openFirewall = true; 29 15 }; 16 + # Don't wait for networks on boot, should speed up boot 17 + systemd.network.wait-online.enable = false; 18 + boot.initrd.systemd.network.wait-online.enable = false; 19 + networking.firewall.trustedInterfaces = [ "tailscale0" ]; 30 20 31 - # Containers and VMs 32 - virtualisation = { 33 - podman = { 34 - enable = false; 35 - dockerCompat = true; 36 - defaultNetwork.settings.dns_enabled = true; 37 - dockerSocket.enable = true; 38 - }; 39 - docker = { 40 - enable = true; 41 - storageDriver = "overlay2"; 42 - }; 21 + # Enable the OpenSSH daemon. 22 + services.openssh = { 23 + enable = true; 24 + openFirewall = true; 25 + settings.PasswordAuthentication = false; 43 26 }; 27 + 28 + # MOSH, SSH over flakey connections 29 + programs.mosh.enable = true; 30 + } 31 + // lib.optionalAttrs enableNFTables { 32 + # Use nftables 33 + networking.nftables.enable = true; 34 + # Support native nftables in tailscale 35 + systemd.services.tailscaled.serviceConfig.Environment = [ 36 + "TS_DEBUG_FIREWALL_MODE=nftables" 37 + ]; 44 38 }
+2
shell.nix
··· 1 + { pkgs ? import <nixos-unstable> { } }: 2 + pkgs.mkShell { packages = with pkgs; [ nil lua-language-server ]; }
+46 -22
ssh/extra
··· 1 1 AddKeysToAgent yes 2 2 ServerAliveInterval 60 3 - ForwardAgent no 3 + ForwardAgent yes 4 4 ControlMaster auto 5 5 ControlPath ~/.ssh/master-%r@%h:%p 6 6 7 - Host 192.168.1.* 8 - ForwardAgent yes 9 - 10 - Host *.local 11 - ForwardAgent yes 12 - 13 7 Host home 14 8 Hostname packetlostandfound.us 15 9 User noah 16 10 IdentityFile ~/.ssh/id_ed25519 17 11 IdentitiesOnly yes 18 - ForwardAgent yes 19 12 20 13 Host git.sr.ht 21 14 HostName git.sr.ht ··· 33 26 IdentityFile ~/.ssh/id_ed25519 34 27 ForwardAgent yes 35 28 29 + Host aleister 30 + HostName 192.168.1.16 31 + User noah 32 + IdentityFile ~/.ssh/id_ed25519 33 + ForwardAgent yes 34 + 36 35 Host komoe 37 36 HostName 192.168.1.5 38 37 User noah 39 38 IdentityFile ~/.ssh/id_ed25519 40 39 ForwardAgent yes 41 40 41 + Host othinus 42 + HostName 192.168.1.4 43 + User noah 44 + IdentityFile ~/.ssh/id_ed25519 45 + ForwardAgent yes 46 + 47 + Host odin 48 + HostName 192.168.1.6 49 + User noah 50 + IdentityFile ~/.ssh/id_ed25519 51 + ForwardAgent yes 52 + 53 + Host accelerator 54 + HostName 192.168.1.7 55 + User noah 56 + IdentityFile ~/.ssh/id_ed25519 57 + ForwardAgent yes 58 + 59 + Host shizuri 60 + HostName 192.168.1.15 61 + User noah 62 + IdentityFile ~/.ssh/id_ed25519 63 + ForwardAgent yes 64 + ForwardX11 yes 65 + 42 66 Host sdf 43 67 HostName tty.sdf.org 44 68 User ngp 45 69 IdentityFile ~/.ssh/id_ed25519 46 - ForwardAgent yes 47 70 48 71 Host tildeclub 49 72 HostName tilde.club 50 73 User ngp 51 74 IdentityFile ~/.ssh/id_ed25519 52 - ForwardAgent yes 53 75 54 76 Host envs 55 77 HostName envs.net 56 78 User ngp 57 79 IdentityFile ~/.ssh/id_ed25519 58 - ForwardAgent yes 59 80 60 81 Host tildeteam 61 82 HostName tilde.team 62 83 User ngp 63 84 IdentityFile ~/.ssh/id_ed25519 64 - ForwardAgent yes 65 85 66 86 Host ctrl-c 67 87 HostName ctrl-c.club 68 88 User ngp 69 89 IdentityFile ~/.ssh/id_ed25519 70 - ForwardAgent yes 71 90 72 91 Host tildetown 73 92 HostName tilde.town 74 93 User ngp 75 94 IdentityFile ~/.ssh/id_ed25519 76 - ForwardAgent yes 77 95 78 96 Host yourtilde 79 97 HostName yourtilde.com 80 98 User ngp 81 99 IdentityFile ~/.ssh/id_ed25519 82 - ForwardAgent yes 83 100 84 101 Host hashbang 85 - HostName to1.hashbang.sh 86 - IdentitiesOnly yes 87 - User ngp 88 - IdentityFile ~/.ssh/id_ed25519 89 - ForwardAgent yes 102 + HostName to1.hashbang.sh 103 + IdentitiesOnly yes 104 + User ngp 105 + IdentityFile ~/.ssh/id_ed25519 90 106 91 107 Host tiny 92 108 HostName tiny.packetlost.dev 93 109 User noah 94 110 IdentityFile ~/.ssh/id_ed25519 95 - ForwardAgent yes 111 + 112 + Host tinybsd 113 + HostName tinybsd.packetlost.dev 114 + User noah 115 + IdentityFile ~/.ssh/id_ed25519 96 116 97 117 Host seedbox 98 118 HostName canopus.usbx.me 99 119 User ngp 100 120 IdentityFile ~/.ssh/id_ed25519 101 - ForwardAgent no 121 + 122 + Host saten 123 + HostName saten.packetlost.dev 124 + User noah 125 + IdentityFile ~/.ssh/id_ed25519 102 126 103 127 Host launchpad 104 128 HostName git.launchpad.net
+4 -11
sway/config
··· 14 14 set $right l 15 15 16 16 # Your preferred terminal emulator 17 - set $term ghostty 17 + set $term kitty 18 18 # Your preferred application launcher 19 19 # Note: it's recommended that you pass the final command to sway 20 20 #set $menu dmenu_path | dmenu | xargs swaymsg exec -- 21 21 22 - #set $menu exec kitty --class 'launcher' sh -c 'compgen -c | sort -u | fzf | xargs -r swaymsg -t command exec' 23 - #for_window [app_id="^launcher$"] floating enable, border none, resize set width 25 ppt height 100 ppt, move position 0 px 0 px 24 - 25 - set $menu exec fuzzel 22 + set $menu exec kitty --class 'launcher' sh -c 'compgen -c | sort -u | fzf | xargs -r swaymsg -t command exec' 23 + for_window [app_id="^launcher$"] floating enable, border none, resize set width 25 ppt height 100 ppt, move position 0 px 0 px 26 24 27 25 # Lockscreen 28 26 set $lock swaylock -c 892243 -e ··· 45 43 ### Idle configuration 46 44 set $idle swayidle -w \ 47 45 timeout 300 '$lock' \ 48 - timeout 360 'swaymsg "output * dpms off"' \ 46 + timeout 600 'swaymsg "output * dpms off"' \ 49 47 timeout 15 'if pgrep -x swaylock; then swaymsg "output * dpms off"; fi' \ 50 48 resume 'swaymsg "output * dpms on"' \ 51 49 before-sleep '$lock' ··· 73 71 74 72 input "1133:45081:MX_Master_2S_Mouse" { 75 73 pointer_accel 0 76 - accel_profile flat 77 - } 78 - 79 - input "1133:50504:Logitech_USB_Receiver_Mouse" { 80 - pointer_accel 0.2 81 74 accel_profile flat 82 75 } 83 76
+2 -2
sway/odin
··· 2 2 #workspace $ws1 output DP-6 3 3 #workspace $ws2 output HDMI-A-1 4 4 5 - output "Acer Technologies XV272U 0x8520810C" { 5 + output "Acer Technologies XV272U 0x0000A50C" { 6 6 mode 2560x1440@143.999Hz 7 7 pos 440 0 8 8 transform normal ··· 17 17 transform normal 18 18 scale 1.0 19 19 scale_filter nearest 20 - adaptive_sync off 20 + adaptive_sync on 21 21 dpms on 22 22 }
+30 -14
users.nix
··· 1 - { pkgs, lib, ... }: 1 + { 2 + pkgs, 3 + lib, 4 + config, 5 + extraGroups ? [ ], 6 + ... 7 + }: 2 8 { 3 - 4 - imports = [ ]; 5 9 6 10 # Declarative only optoins. 7 11 # I don't want to allow ad-hoc modifying users on the system. 8 12 # Users must be declared either as part of a package or in this file. 9 13 users.mutableUsers = false; 10 14 15 + age.secrets.noah-password = { 16 + file = ./secrets/noah-hashed-password.age; 17 + owner = "root"; 18 + group = "root"; 19 + }; 11 20 12 21 # Define a user account. Don't forget to set a password with ‘passwd’. 13 22 users.users.noah = { 14 23 isNormalUser = true; 15 24 shell = pkgs.fish; 16 - extraGroups = [ "wheel" "video" "nas" "libvirtd" "qemu-libvirtd" "docker" ]; # Enable ‘sudo’ for the user. 17 - hashedPasswordFile = "/etc/nixos/noah-password"; 18 - openssh.authorizedKeys.keys = 19 - lib.strings.splitString "\n" (builtins.readFile (builtins.fetchurl { 20 - url = "https://meta.sr.ht/~chiefnoah.keys"; 21 - name = "chiefnoah.keys"; 22 - # Update this with: 23 - # `curl https://meta.sr.ht/~chiefnoah.keys | sha256sum` 24 - sha256 = "0l295n3i2b1agx8xl8l12zlck35qn9vja8fgvhk4g0v4132wfzgg"; 25 - })); 25 + extraGroups = [ 26 + "wheel" 27 + "video" 28 + "nas" 29 + ] 30 + ++ extraGroups; # Enable ‘sudo’ for the user. 31 + hashedPasswordFile = config.age.secrets.noah-password.path; 32 + openssh.authorizedKeys.keys = lib.strings.splitString "\n" ( 33 + builtins.readFile ( 34 + builtins.fetchurl { 35 + url = "https://meta.sr.ht/~chiefnoah.keys"; 36 + name = "chiefnoah.keys"; 37 + # Update this with: 38 + # `curl https://meta.sr.ht/~chiefnoah.keys | sha256sum` 39 + sha256 = "0wdnx25blqihbgaa0hzd39mjqwki92ambar097hjfmlrxg1s4lk7"; 40 + } 41 + ) 42 + ); 26 43 }; 27 - 28 44 users.groups.nas.gid = 1001; 29 45 }
+2 -2
vis/visrc.lua
··· 1 1 require('vis') 2 2 local plugin_manager = 'plugins/vis-plug' 3 3 local plugins = { 4 - { 'timoha/vis-acme', theme = true, file = 'acme' }, 4 + --{ 'timoha/vis-acme', theme = true, file = 'acme' }, 5 5 { 'milhnl/vis-format' }, 6 6 { url = 'https://git.cepl.eu/cgit/vis/vis-fzf-open' }, 7 7 { url = 'https://gitlab.com/muhq/vis-lspc.git' }, ··· 56 56 --per-window configuration-- 57 57 --vis:command('set number') 58 58 --vis:command('set showtab on') 59 - vis:command('set showspace off') 59 + --vis:command('set showspace off') 60 60 vis:command('set autoindent on') 61 61 vis:command('set cursorline on') 62 62 vis:command('set tabwidth 4')