comparing photoprism and main on nobbz.dev/nixos-config

+47 -46

.github/workflows/flake-update.yml

··· 7 7 8 8 jobs: 9 9 generate_matrix: 10 - runs-on: ubuntu-20.04 10 + runs-on: ubuntu-24.04 11 11 outputs: 12 12 packages: ${{ steps.gen_packages.outputs.packages }} 13 13 checks: ${{ steps.gen_checks.outputs.checks }} 14 14 steps: 15 15 - name: Clone repository 16 - uses: actions/checkout@v3 16 + uses: actions/checkout@v4 17 17 with: 18 - token: "${{ secrets.GITHUB_TOKEN }}" 18 + token: "${{ secrets.TEST_TOKEN }}" 19 19 - name: Install nix 20 - uses: cachix/install-nix-action@v21 20 + uses: cachix/install-nix-action@v31 21 21 with: 22 22 extra_nix_config: | 23 23 auto-optimise-store = true 24 - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} 24 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 25 25 experimental-features = nix-command flakes 26 26 substituters = https://cache.nixos.org/ https://nix-community.cachix.org 27 27 trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= 28 - install_url: https://releases.nixos.org/nix/nix-2.12.0/install 28 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 29 29 - name: Generate flake.json 30 30 run: | 31 31 nix flake show --json > flake.json ··· 39 39 printf "::set-output name=checks::%s" "$checks" 40 40 41 41 update_flake: 42 - runs-on: ubuntu-20.04 42 + runs-on: ubuntu-24.04 43 43 steps: 44 44 - name: Clone repository 45 - uses: actions/checkout@v3 45 + uses: actions/checkout@v4 46 46 with: 47 - token: "${{ secrets.GITHUB_TOKEN }}" 47 + token: "${{ secrets.TEST_TOKEN }}" 48 48 - name: Install nix 49 - uses: cachix/install-nix-action@v21 49 + uses: cachix/install-nix-action@v31 50 50 with: 51 51 extra_nix_config: | 52 52 auto-optimise-store = true 53 - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} 53 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 54 54 experimental-features = nix-command flakes 55 55 substituters = https://cache.nixos.org/ https://nix-community.cachix.org 56 56 trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= 57 - install_url: https://releases.nixos.org/nix/nix-2.12.0/install 57 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 58 58 - name: Set up git 59 59 run: | 60 60 git config user.email gitbot@nobbz.dev ··· 62 62 - name: Update the flake 63 63 run: nix flake update 64 64 - name: Store flake.lock 65 - uses: actions/upload-artifact@v3 65 + uses: actions/upload-artifact@v4 66 66 with: 67 67 name: flake_lock 68 68 path: flake.lock 69 69 70 70 build_flake: 71 - runs-on: ubuntu-20.04 71 + runs-on: ubuntu-24.04 72 72 needs: [generate_matrix, update_flake] 73 73 strategy: 74 74 fail-fast: false ··· 78 78 steps: 79 79 # - name: Prepare store folder 80 80 # run: sudo mkdir -p /nix 81 - # - name: Free diskspace 82 - # uses: easimon/maximize-build-space@master 83 - # with: 84 - # build-mount-path: /nix 85 - # remove-dotnet: true 86 - # remove-android: true 87 - # remove-haskell: true 81 + - name: Free diskspace 82 + uses: easimon/maximize-build-space@master 83 + with: 84 + build-mount-path: /nix 85 + root-reserve-mb: 5120 86 + remove-dotnet: true 87 + remove-android: true 88 + remove-haskell: true 88 89 - name: Clone repository 89 - uses: actions/checkout@v3 90 + uses: actions/checkout@v4 90 91 with: 91 - token: "${{ secrets.GITHUB_TOKEN }}" 92 + token: "${{ secrets.TEST_TOKEN }}" 92 93 - name: Install nix 93 - uses: cachix/install-nix-action@v21 94 + uses: cachix/install-nix-action@v31 94 95 with: 95 96 extra_nix_config: | 96 97 auto-optimise-store = true 97 - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} 98 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 98 99 experimental-features = nix-command flakes 99 100 substituters = https://cache.nixos.org/ https://nix-community.cachix.org 100 101 trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= 101 - install_url: https://releases.nixos.org/nix/nix-2.12.0/install 102 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 102 103 - name: Set up cachix 103 104 uses: cachix/cachix-action@master # pathsToPush, please update once we have v11! 104 105 with: ··· 106 107 signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}" 107 108 pathsToPush: result 108 109 - name: Restore flake.lock 109 - uses: actions/download-artifact@v3 110 + uses: actions/download-artifact@v4 110 111 with: 111 112 name: flake_lock 112 113 - name: Build everything 113 114 run: nix build .#${{ matrix.package }} 114 115 115 116 build_checks: 116 - runs-on: ubuntu-20.04 117 + runs-on: ubuntu-24.04 117 118 needs: [generate_matrix, update_flake] 118 119 strategy: 119 120 fail-fast: false ··· 122 123 check: ${{fromJson(needs.generate_matrix.outputs.checks)}} 123 124 steps: 124 125 - name: Clone repository 125 - uses: actions/checkout@v3 126 + uses: actions/checkout@v4 126 127 with: 127 - token: "${{ secrets.GITHUB_TOKEN }}" 128 + token: "${{ secrets.TEST_TOKEN }}" 128 129 - name: Install nix 129 - uses: cachix/install-nix-action@v21 130 + uses: cachix/install-nix-action@v31 130 131 with: 131 132 extra_nix_config: | 132 133 auto-optimise-store = true 133 - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} 134 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 134 135 experimental-features = nix-command flakes 135 136 substituters = https://cache.nixos.org/ https://nix-community.cachix.org 136 137 trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= 137 - install_url: https://releases.nixos.org/nix/nix-2.12.0/install 138 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 138 139 - name: Set up cachix 139 140 uses: cachix/cachix-action@master # pathsToPush, please update once we have v11! 140 141 with: ··· 142 143 signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}" 143 144 skipPush: true 144 145 - name: Restore flake.lock 145 - uses: actions/download-artifact@v3 146 + uses: actions/download-artifact@v4 146 147 with: 147 148 name: flake_lock 148 149 - name: Build everything 149 150 run: nix build .#checks.x86_64-linux.${{ matrix.check }} --no-link 150 151 151 152 check_flake: 152 - runs-on: ubuntu-20.04 153 + runs-on: ubuntu-24.04 153 154 needs: [update_flake] 154 155 continue-on-error: true 155 156 steps: 156 157 - name: Clone repository 157 - uses: actions/checkout@v3 158 + uses: actions/checkout@v4 158 159 with: 159 - token: "${{ secrets.GITHUB_TOKEN }}" 160 + token: "${{ secrets.TEST_TOKEN }}" 160 161 - name: Install nix 161 - uses: cachix/install-nix-action@v21 162 + uses: cachix/install-nix-action@v31 162 163 with: 163 164 extra_nix_config: | 164 165 auto-optimise-store = true 165 - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} 166 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 166 167 experimental-features = nix-command flakes 167 168 substituters = https://cache.nixos.org/ https://nix-community.cachix.org 168 169 trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= 169 - install_url: https://releases.nixos.org/nix/nix-2.12.0/install 170 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 170 171 - name: Restore flake.lock 171 - uses: actions/download-artifact@v3 172 + uses: actions/download-artifact@v4 172 173 with: 173 174 name: flake_lock 174 175 - name: Build everything ··· 176 177 nix flake check --keep-going 177 178 178 179 push_update: 179 - runs-on: ubuntu-20.04 180 + runs-on: ubuntu-24.04 180 181 permissions: write-all 181 182 needs: [update_flake, build_flake, build_checks, check_flake] 182 183 steps: 183 184 - name: Clone repository 184 - uses: actions/checkout@v3 185 + uses: actions/checkout@v4 185 186 with: 186 - token: "${{ secrets.GITHUB_TOKEN }}" 187 + token: "${{ secrets.TEST_TOKEN }}" 187 188 - name: Restore flake.lock 188 - uses: actions/download-artifact@v3 189 + uses: actions/download-artifact@v4 189 190 with: 190 191 name: flake_lock 191 192 - name: Set up git ··· 206 207 --title "Auto update $(date -I)") 207 208 gh pr merge $PR --merge --delete-branch 208 209 env: 209 - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 210 + GITHUB_TOKEN: ${{ secrets.TEST_TOKEN }}

+119

.github/workflows/pull-check.yml

··· 1 + name: PullRequest checker 2 + 3 + on: 4 + pull_request: 5 + 6 + jobs: 7 + generate_matrix: 8 + runs-on: ubuntu-24.04 9 + outputs: 10 + packages: ${{ steps.gen_packages.outputs.packages }} 11 + checks: ${{ steps.gen_checks.outputs.checks }} 12 + steps: 13 + - name: Clone repository 14 + uses: actions/checkout@v4 15 + with: 16 + token: "${{ secrets.TEST_TOKEN }}" 17 + - name: Install nix 18 + uses: cachix/install-nix-action@v31 19 + with: 20 + extra_nix_config: | 21 + auto-optimise-store = true 22 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 23 + experimental-features = nix-command flakes 24 + substituters = https://cache.nixos.org/ https://nix-community.cachix.org https://nobbz.cachix.org 25 + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= nobbz.cachix.org-1:fODxpqE4ni+pFDSuj2ybYZbMUjmxNTjA7rtUNHW61Ok= 26 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 27 + - name: Generate flake.json 28 + run: | 29 + nix flake show --json > flake.json 30 + - id: gen_packages 31 + run: | 32 + packages=$(jq -c '.packages."x86_64-linux" | keys' < flake.json) 33 + printf "packages=%s" "$packages" >> $GITHUB_OUTPUT 34 + - id: gen_checks 35 + run: | 36 + checks=$(jq -c '.checks."x86_64-linux" | keys' < flake.json) 37 + printf "checks=%s" "$checks" >> $GITHUB_OUTPUT 38 + 39 + build_flake: 40 + runs-on: ubuntu-24.04 41 + needs: [generate_matrix] 42 + strategy: 43 + fail-fast: false 44 + max-parallel: 5 45 + matrix: 46 + package: ${{fromJson(needs.generate_matrix.outputs.packages)}} 47 + steps: 48 + - name: Free diskspace 49 + uses: easimon/maximize-build-space@master 50 + with: 51 + build-mount-path: /nix 52 + root-reserve-mb: 5120 53 + remove-dotnet: true 54 + remove-android: true 55 + remove-haskell: true 56 + - name: Clone repository 57 + uses: actions/checkout@v4 58 + with: 59 + token: "${{ secrets.TEST_TOKEN }}" 60 + - name: Install nix 61 + uses: cachix/install-nix-action@v31 62 + with: 63 + extra_nix_config: | 64 + auto-optimise-store = true 65 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 66 + experimental-features = nix-command flakes 67 + substituters = https://cache.nixos.org/ https://nix-community.cachix.org https://nobbz.cachix.org 68 + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= nobbz.cachix.org-1:fODxpqE4ni+pFDSuj2ybYZbMUjmxNTjA7rtUNHW61Ok= 69 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 70 + - name: Build everything 71 + run: nix build .#${{ matrix.package }} 72 + 73 + build_checks: 74 + runs-on: ubuntu-24.04 75 + needs: [generate_matrix] 76 + strategy: 77 + fail-fast: false 78 + max-parallel: 5 79 + matrix: 80 + check: ${{fromJson(needs.generate_matrix.outputs.checks)}} 81 + steps: 82 + - name: Clone repository 83 + uses: actions/checkout@v4 84 + with: 85 + token: "${{ secrets.TEST_TOKEN }}" 86 + - name: Install nix 87 + uses: cachix/install-nix-action@v31 88 + with: 89 + extra_nix_config: | 90 + auto-optimise-store = true 91 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 92 + experimental-features = nix-command flakes 93 + substituters = https://cache.nixos.org/ https://nix-community.cachix.org https://nobbz.cachix.org 94 + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= nobbz.cachix.org-1:fODxpqE4ni+pFDSuj2ybYZbMUjmxNTjA7rtUNHW61Ok= 95 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 96 + - name: Build everything 97 + run: nix build .#checks.x86_64-linux.${{ matrix.check }} --no-link 98 + 99 + check_flake: 100 + runs-on: ubuntu-24.04 101 + continue-on-error: true 102 + steps: 103 + - name: Clone repository 104 + uses: actions/checkout@v4 105 + with: 106 + token: "${{ secrets.TEST_TOKEN }}" 107 + - name: Install nix 108 + uses: cachix/install-nix-action@v31 109 + with: 110 + extra_nix_config: | 111 + auto-optimise-store = true 112 + access-tokens = github.com=${{ secrets.TEST_TOKEN }} 113 + experimental-features = nix-command flakes 114 + substituters = https://cache.nixos.org/ https://nix-community.cachix.org https://nobbz.cachix.org 115 + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= nobbz.cachix.org-1:fODxpqE4ni+pFDSuj2ybYZbMUjmxNTjA7rtUNHW61Ok= 116 + install_url: https://releases.nixos.org/nix/nix-2.25.0/install 117 + - name: run the checks 118 + run: | 119 + nix flake check --keep-going

+12

.sops.yaml

··· 2 2 - &admin_nobbz age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r 3 3 - &host_mimas age10jl78vwyqk622dpn2890l9jl4et3p7lsr8wh8vusem3j8jdxle8qg000qa 4 4 - &user_nmelzer_mimas age1w6xjgskpxnlpleswumdhtt7x8zx35qn329yz3x7ftqdcmcxrrvnqnuf9d6 5 + - &user_nmelzer_phoebe age1vr0uq6mwv844yvm8pe7qxjxpqrekgel3lqfzuuqtfzj0ehz3hphqzsxjna 5 6 creation_rules: 6 7 - path_regex: secrets/[^/]+\.yaml$ 7 8 key_groups: ··· 18 19 - age: 19 20 - *admin_nobbz 20 21 - *user_nmelzer_mimas 22 + - path_regex: secrets/phoebe/nmelzer/[^/]+ 23 + key_groups: 24 + - age: 25 + - *admin_nobbz 26 + - *user_nmelzer_phoebe 27 + - path_regex: secrets/users/nmelzer/[^/]+$ 28 + key_groups: 29 + - age: 30 + - *admin_nobbz 31 + - *user_nmelzer_mimas 32 + - *user_nmelzer_phoebe

+25

README.md

··· 1 + Hosts 2 + ===== 3 + 4 + > [!CAUTION] 5 + > This hosts system and home configurations are public for your own learning and 6 + > research. They are not meant to be used with any hardware other than mine. 7 + > Trying to build and deploy them to other systems without appropriate changes 8 + > can render your machines unbootable and damage data. 9 + 10 + > [!NOTE] 11 + > I do not provide copy/pastable commands that would build/switch/install any 12 + > of these configurations because I mean what I wrote in the block before! 13 + 14 + A list of all hosts currently in use by me. this covers all the 15 + devices i can name on my behalf. Not all devices in this list are 16 + managed through nix or even run it. 17 + 18 + * `mimas`: My currently used main host. 19 + * ~~`enceladeus`~~: A secondary laptop, rarely used but still updated. 20 + * ~~`thetys`~~: A nixos VM solely used in the office for work related things, discontinued 21 + * ~~`dione`~~: company provided android phone, discontinued 22 + * `rhea`: self owned phone 23 + * ~~`titan`~~: MacOS VM to play and experiment with, discontinued 24 + * ~~`hyperion`~~: Linux-Aarch64 VM to play and experiment with, discontinued 25 + * `phoebe`: TuxedoOS (Ubuntu derivative) laptop, HM only.

-13

README.org

··· 1 - * Hosts 2 - 3 - A list of all hosts currently in use by me. this covers all the 4 - devices i can name on my behalf. Not all devices in this list are 5 - managed through nix or even run it. 6 - 7 - + =mimas= :: My currently used main host. 8 - + =enceladeus= :: A secondary laptop, rarely used but still updated. 9 - + =thetys= :: A nixos VM solely used in the office for work related things, discontinued 10 - + =dione= :: company provided android phone, discontinued 11 - + =rhea= :: self owned phone 12 - + =titan= :: MacOS VM to play and experiment with 13 - + =hyperion= :: Linux-Aarch64 VM to play and experiment with

+2 -3

checks/default.nix

··· 1 1 inputs: let 2 - pkgs = inputs.unstable.legacyPackages.x86_64-linux; 3 - apkgs = inputs.alejandra.packages.x86_64-linux; 2 + pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux; 4 3 5 - callPackage = pkgs.lib.callPackageWith (pkgs // apkgs // {inherit (inputs) self;}); 4 + callPackage = pkgs.lib.callPackageWith (pkgs // {inherit (inputs) self;}); 6 5 in { 7 6 alejandra = callPackage ./alejandra.nix {}; 8 7 statix = callPackage ./statix.nix {};

+267 -579

flake.lock

··· 1 1 { 2 2 "nodes": { 3 - "alejandra": { 4 - "inputs": { 5 - "fenix": "fenix", 6 - "flakeCompat": "flakeCompat", 7 - "nixpkgs": "nixpkgs" 8 - }, 9 - "locked": { 10 - "lastModified": 1660510326, 11 - "narHash": "sha256-xFumnivtVwu5fFBOrTxrv6fv3geHKF04RGP23EsDVaI=", 12 - "owner": "kamadorueda", 13 - "repo": "alejandra", 14 - "rev": "ef03f7ef74ec97fd91a016a51c9c9667fb315652", 15 - "type": "github" 16 - }, 17 - "original": { 18 - "owner": "kamadorueda", 19 - "ref": "3.0.0", 20 - "repo": "alejandra", 21 - "type": "github" 22 - } 23 - }, 24 - "crane": { 25 - "flake": false, 26 - "locked": { 27 - "lastModified": 1670900067, 28 - "narHash": "sha256-VXVa+KBfukhmWizaiGiHRVX/fuk66P8dgSFfkVN4/MY=", 29 - "owner": "ipetkov", 30 - "repo": "crane", 31 - "rev": "59b31b41a589c0a65e4a1f86b0e5eac68081468b", 32 - "type": "github" 33 - }, 34 - "original": { 35 - "owner": "ipetkov", 36 - "repo": "crane", 37 - "type": "github" 38 - } 39 - }, 40 - "devshell": { 41 - "flake": false, 42 - "locked": { 43 - "lastModified": 1663445644, 44 - "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=", 45 - "owner": "numtide", 46 - "repo": "devshell", 47 - "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66", 48 - "type": "github" 49 - }, 50 - "original": { 51 - "owner": "numtide", 52 - "repo": "devshell", 53 - "type": "github" 54 - } 55 - }, 56 - "dream2nix": { 3 + "cargo2nix": { 57 4 "inputs": { 58 - "all-cabal-json": [ 59 - "switcher", 60 - "nixpkgs" 61 - ], 62 - "crane": "crane", 63 - "devshell": "devshell", 64 - "drv-parts": "drv-parts", 65 - "flake-compat": "flake-compat_2", 66 - "flake-parts": [ 67 - "switcher", 68 - "flake-parts" 69 - ], 70 - "flake-utils-pre-commit": "flake-utils-pre-commit", 71 - "ghc-utils": "ghc-utils", 72 - "gomod2nix": "gomod2nix", 73 - "mach-nix": "mach-nix", 74 - "nix-pypi-fetcher": "nix-pypi-fetcher", 5 + "flake-compat": "flake-compat_3", 6 + "flake-utils": "flake-utils_3", 75 7 "nixpkgs": [ 76 8 "switcher", 77 9 "nixpkgs" 78 10 ], 79 - "nixpkgsV1": "nixpkgsV1", 80 - "poetry2nix": "poetry2nix", 81 - "pre-commit-hooks": "pre-commit-hooks", 82 - "pruned-racket-catalog": "pruned-racket-catalog" 83 - }, 84 - "locked": { 85 - "lastModified": 1680605243, 86 - "narHash": "sha256-dUrxj653kcLvjNKRI7NoTJoj+Q7G+vOYsl4iuwtnIWo=", 87 - "owner": "nix-community", 88 - "repo": "dream2nix", 89 - "rev": "34a80ab215f1f24068ea9c76f3a7e5bc19478653", 90 - "type": "github" 91 - }, 92 - "original": { 93 - "owner": "nix-community", 94 - "repo": "dream2nix", 95 - "type": "github" 96 - } 97 - }, 98 - "drv-parts": { 99 - "inputs": { 100 - "flake-compat": [ 101 - "switcher", 102 - "dream2nix", 103 - "flake-compat" 104 - ], 105 - "flake-parts": [ 106 - "switcher", 107 - "dream2nix", 108 - "flake-parts" 109 - ], 110 - "nixpkgs": [ 11 + "rust-overlay": [ 111 12 "switcher", 112 - "dream2nix", 113 - "nixpkgs" 13 + "rust-overlay" 114 14 ] 115 15 }, 116 16 "locked": { 117 - "lastModified": 1680172861, 118 - "narHash": "sha256-QMyI338xRxaHFDlCXdLCtgelGQX2PdlagZALky4ZXJ8=", 119 - "owner": "davhau", 120 - "repo": "drv-parts", 121 - "rev": "ced8a52f62b0a94244713df2225c05c85b416110", 17 + "lastModified": 1705129117, 18 + "narHash": "sha256-LgdDHibvimzYhxBK3kxCk2gAL7k4Hyigl5KI0X9cijA=", 19 + "owner": "cargo2nix", 20 + "repo": "cargo2nix", 21 + "rev": "ae19a9e1f8f0880c088ea155ab66cee1fa001f59", 122 22 "type": "github" 123 23 }, 124 24 "original": { 125 - "owner": "davhau", 126 - "repo": "drv-parts", 25 + "owner": "cargo2nix", 26 + "repo": "cargo2nix", 127 27 "type": "github" 128 28 } 129 29 }, 130 30 "emacs": { 131 31 "inputs": { 132 - "flake-utils": "flake-utils", 133 32 "nixpkgs": [ 134 - "master" 33 + "nixpkgs" 34 + ], 35 + "nixpkgs-stable": [ 36 + "nixpkgs" 135 37 ] 136 38 }, 137 39 "locked": { 138 - "lastModified": 1685442180, 139 - "narHash": "sha256-6b7VpvQhCObvyq28DheEL3V3etbKwbWBu+Siy58VJVY=", 40 + "lastModified": 1749090069, 41 + "narHash": "sha256-uN3Mp+o7IfVT9H/OuwEtJ17NktCaF4t9Ond3TKt+BE4=", 140 42 "owner": "nix-community", 141 43 "repo": "emacs-overlay", 142 - "rev": "7735f53ef8f28d80ca5339e486e29177ed7c8297", 44 + "rev": "c17506666090e412a50b01c57944386ab81d2aa8", 143 45 "type": "github" 144 46 }, 145 47 "original": { ··· 148 50 "type": "github" 149 51 } 150 52 }, 151 - "fenix": { 152 - "inputs": { 153 - "nixpkgs": [ 154 - "alejandra", 155 - "nixpkgs" 156 - ], 157 - "rust-analyzer-src": "rust-analyzer-src" 158 - }, 159 - "locked": { 160 - "lastModified": 1657607339, 161 - "narHash": "sha256-HaqoAwlbVVZH2n4P3jN2FFPMpVuhxDy1poNOR7kzODc=", 162 - "owner": "nix-community", 163 - "repo": "fenix", 164 - "rev": "b814c83d9e6aa5a28d0cf356ecfdafb2505ad37d", 165 - "type": "github" 166 - }, 167 - "original": { 168 - "owner": "nix-community", 169 - "repo": "fenix", 170 - "type": "github" 171 - } 172 - }, 173 53 "flake-compat": { 174 54 "flake": false, 175 55 "locked": { 176 - "lastModified": 1673956053, 177 - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", 56 + "lastModified": 1733328505, 57 + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", 178 58 "owner": "edolstra", 179 59 "repo": "flake-compat", 180 - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", 60 + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", 181 61 "type": "github" 182 62 }, 183 63 "original": { ··· 189 69 "flake-compat_2": { 190 70 "flake": false, 191 71 "locked": { 192 - "lastModified": 1673956053, 193 - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", 72 + "lastModified": 1696426674, 73 + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", 194 74 "owner": "edolstra", 195 75 "repo": "flake-compat", 196 - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", 76 + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", 197 77 "type": "github" 198 78 }, 199 79 "original": { ··· 202 82 "type": "github" 203 83 } 204 84 }, 205 - "flake-utils": { 85 + "flake-compat_3": { 86 + "flake": false, 206 87 "locked": { 207 - "lastModified": 1667395993, 208 - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", 209 - "owner": "numtide", 210 - "repo": "flake-utils", 211 - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", 88 + "lastModified": 1696426674, 89 + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", 90 + "owner": "edolstra", 91 + "repo": "flake-compat", 92 + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", 212 93 "type": "github" 213 94 }, 214 95 "original": { 215 - "owner": "numtide", 216 - "repo": "flake-utils", 96 + "owner": "edolstra", 97 + "repo": "flake-compat", 217 98 "type": "github" 218 99 } 219 100 }, 220 - "flake-utils-pre-commit": { 101 + "flake-utils": { 221 102 "locked": { 222 - "lastModified": 1644229661, 223 - "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", 103 + "lastModified": 1659877975, 104 + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", 224 105 "owner": "numtide", 225 106 "repo": "flake-utils", 226 - "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", 107 + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", 227 108 "type": "github" 228 109 }, 229 110 "original": { ··· 255 136 "systems": "systems_2" 256 137 }, 257 138 "locked": { 258 - "lastModified": 1681202837, 259 - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", 139 + "lastModified": 1694529238, 140 + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", 260 141 "owner": "numtide", 261 142 "repo": "flake-utils", 262 - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", 143 + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", 263 144 "type": "github" 264 145 }, 265 146 "original": { ··· 268 149 "type": "github" 269 150 } 270 151 }, 271 - "flake-utils_4": { 152 + "gen-luarc": { 272 153 "inputs": { 273 - "systems": "systems_3" 154 + "flake-parts": [ 155 + "nvim", 156 + "parts" 157 + ], 158 + "git-hooks": "git-hooks", 159 + "luvit-meta": "luvit-meta", 160 + "nixpkgs": [ 161 + "nvim", 162 + "nixpkgs" 163 + ] 274 164 }, 275 165 "locked": { 276 - "lastModified": 1681202837, 277 - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", 278 - "owner": "numtide", 279 - "repo": "flake-utils", 280 - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", 166 + "lastModified": 1724097937, 167 + "narHash": "sha256-Q4tgm8ZHAQUdvsNft86MqIbHQAm7OF7RT/wwYWXqSdY=", 168 + "owner": "mrcjkb", 169 + "repo": "nix-gen-luarc-json", 170 + "rev": "b36b69c4ded9f31b079523bc452e23458734cf00", 281 171 "type": "github" 282 172 }, 283 173 "original": { 284 - "owner": "numtide", 285 - "repo": "flake-utils", 174 + "owner": "mrcjkb", 175 + "repo": "nix-gen-luarc-json", 286 176 "type": "github" 287 177 } 288 178 }, 289 - "flake-utils_5": { 179 + "git-hooks": { 290 180 "inputs": { 291 - "systems": "systems_4" 181 + "flake-compat": "flake-compat_2", 182 + "gitignore": "gitignore", 183 + "nixpkgs": [ 184 + "nvim", 185 + "gen-luarc", 186 + "nixpkgs" 187 + ], 188 + "nixpkgs-stable": "nixpkgs-stable" 292 189 }, 293 190 "locked": { 294 - "lastModified": 1681202837, 295 - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", 296 - "owner": "numtide", 297 - "repo": "flake-utils", 298 - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", 191 + "lastModified": 1723803910, 192 + "narHash": "sha256-yezvUuFiEnCFbGuwj/bQcqg7RykIEqudOy/RBrId0pc=", 193 + "owner": "cachix", 194 + "repo": "git-hooks.nix", 195 + "rev": "bfef0ada09e2c8ac55bbcd0831bd0c9d42e651ba", 299 196 "type": "github" 300 197 }, 301 198 "original": { 302 - "owner": "numtide", 303 - "repo": "flake-utils", 199 + "owner": "cachix", 200 + "repo": "git-hooks.nix", 304 201 "type": "github" 305 202 } 306 203 }, 307 - "flakeCompat": { 308 - "flake": false, 204 + "git-hooks-nix": { 205 + "inputs": { 206 + "flake-compat": [ 207 + "nix" 208 + ], 209 + "gitignore": [ 210 + "nix" 211 + ], 212 + "nixpkgs": [ 213 + "nix", 214 + "nixpkgs" 215 + ], 216 + "nixpkgs-stable": [ 217 + "nix", 218 + "nixpkgs" 219 + ] 220 + }, 309 221 "locked": { 310 - "lastModified": 1650374568, 311 - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", 312 - "owner": "edolstra", 313 - "repo": "flake-compat", 314 - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", 222 + "lastModified": 1734279981, 223 + "narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=", 224 + "owner": "cachix", 225 + "repo": "git-hooks.nix", 226 + "rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785", 315 227 "type": "github" 316 228 }, 317 229 "original": { 318 - "owner": "edolstra", 319 - "repo": "flake-compat", 230 + "owner": "cachix", 231 + "repo": "git-hooks.nix", 320 232 "type": "github" 321 233 } 322 234 }, 323 - "ghc-utils": { 324 - "flake": false, 325 - "locked": { 326 - "lastModified": 1662774800, 327 - "narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=", 328 - "ref": "refs/heads/master", 329 - "rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea", 330 - "revCount": 1072, 331 - "type": "git", 332 - "url": "https://gitlab.haskell.org/bgamari/ghc-utils" 235 + "gitignore": { 236 + "inputs": { 237 + "nixpkgs": [ 238 + "nvim", 239 + "gen-luarc", 240 + "git-hooks", 241 + "nixpkgs" 242 + ] 333 243 }, 334 - "original": { 335 - "type": "git", 336 - "url": "https://gitlab.haskell.org/bgamari/ghc-utils" 337 - } 338 - }, 339 - "gomod2nix": { 340 - "flake": false, 341 244 "locked": { 342 - "lastModified": 1627572165, 343 - "narHash": "sha256-MFpwnkvQpauj799b4QTBJQFEddbD02+Ln5k92QyHOSk=", 344 - "owner": "tweag", 345 - "repo": "gomod2nix", 346 - "rev": "67f22dd738d092c6ba88e420350ada0ed4992ae8", 245 + "lastModified": 1709087332, 246 + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", 247 + "owner": "hercules-ci", 248 + "repo": "gitignore.nix", 249 + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", 347 250 "type": "github" 348 251 }, 349 252 "original": { 350 - "owner": "tweag", 351 - "repo": "gomod2nix", 253 + "owner": "hercules-ci", 254 + "repo": "gitignore.nix", 352 255 "type": "github" 353 256 } 354 257 }, 355 258 "home-manager": { 356 259 "inputs": { 357 260 "nixpkgs": [ 358 - "unstable" 261 + "nixpkgs" 359 262 ] 360 263 }, 361 264 "locked": { 362 - "lastModified": 1685438474, 363 - "narHash": "sha256-qQLHbg3mHYgWA3ngvWgWIdsirVkYA0StzKR3Qi72uWg=", 265 + "lastModified": 1749062139, 266 + "narHash": "sha256-gGGLujmeWU+ZjFzfMvFMI0hp9xONsSbm88187wJr82Q=", 364 267 "owner": "nix-community", 365 268 "repo": "home-manager", 366 - "rev": "9f82227b64245c273d98dd02dedd44fc7576041e", 269 + "rev": "86b95fc1ed2b9b04a451a08ccf13d78fb421859c", 367 270 "type": "github" 368 271 }, 369 272 "original": { ··· 372 275 "type": "github" 373 276 } 374 277 }, 375 - "lowdown-src": { 278 + "luvit-meta": { 376 279 "flake": false, 377 280 "locked": { 378 - "lastModified": 1633514407, 379 - "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", 380 - "owner": "kristapsdz", 381 - "repo": "lowdown", 382 - "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", 281 + "lastModified": 1705776742, 282 + "narHash": "sha256-zAAptV/oLuLAAsa2zSB/6fxlElk4+jNZd/cPr9oxFig=", 283 + "owner": "Bilal2453", 284 + "repo": "luvit-meta", 285 + "rev": "ce76f6f6cdc9201523a5875a4471dcfe0186eb60", 383 286 "type": "github" 384 287 }, 385 288 "original": { 386 - "owner": "kristapsdz", 387 - "repo": "lowdown", 388 - "type": "github" 389 - } 390 - }, 391 - "mach-nix": { 392 - "flake": false, 393 - "locked": { 394 - "lastModified": 1634711045, 395 - "narHash": "sha256-m5A2Ty88NChLyFhXucECj6+AuiMZPHXNbw+9Kcs7F6Y=", 396 - "owner": "DavHau", 397 - "repo": "mach-nix", 398 - "rev": "4433f74a97b94b596fa6cd9b9c0402104aceef5d", 399 - "type": "github" 400 - }, 401 - "original": { 402 - "id": "mach-nix", 403 - "type": "indirect" 404 - } 405 - }, 406 - "master": { 407 - "locked": { 408 - "lastModified": 1685445411, 409 - "narHash": "sha256-OE548e7er3EK7cqm3JoFoYl4aKBF7pk5k7H6PVbaDRg=", 410 - "owner": "nixos", 411 - "repo": "nixpkgs", 412 - "rev": "93ebabefb2108e7cb849d8eac9ab938dd02b6a11", 413 - "type": "github" 414 - }, 415 - "original": { 416 - "owner": "nixos", 417 - "ref": "master", 418 - "repo": "nixpkgs", 419 - "type": "github" 420 - } 421 - }, 422 - "nil": { 423 - "inputs": { 424 - "flake-utils": "flake-utils_3", 425 - "nixpkgs": "nixpkgs_2", 426 - "rust-overlay": "rust-overlay" 427 - }, 428 - "locked": { 429 - "lastModified": 1685439709, 430 - "narHash": "sha256-CZ0kT8Mxv09Sf47h97s7xdBXO0PDTFOEZdQA6nfw1Eg=", 431 - "owner": "oxalica", 432 - "repo": "nil", 433 - "rev": "0158d58d47abecd7f5f4e67c06365ff77bbedbc7", 434 - "type": "github" 435 - }, 436 - "original": { 437 - "owner": "oxalica", 438 - "repo": "nil", 289 + "owner": "Bilal2453", 290 + "repo": "luvit-meta", 439 291 "type": "github" 440 292 } 441 293 }, 442 294 "nix": { 443 295 "inputs": { 444 296 "flake-compat": "flake-compat", 445 - "lowdown-src": "lowdown-src", 446 - "nixpkgs": "nixpkgs_3", 297 + "flake-parts": [ 298 + "parts" 299 + ], 300 + "git-hooks-nix": "git-hooks-nix", 301 + "nixpkgs": "nixpkgs", 302 + "nixpkgs-23-11": "nixpkgs-23-11", 447 303 "nixpkgs-regression": "nixpkgs-regression" 448 304 }, 449 305 "locked": { 450 - "lastModified": 1685440754, 451 - "narHash": "sha256-bEYP4IeYLQTnJlcDzqw+dVhktHNhNYPbQl5gaSpiQmE=", 306 + "lastModified": 1749012568, 307 + "narHash": "sha256-7IltFTct/oe6pGkwB6f/1WhWA65hFnsBY6XaGjodf3k=", 452 308 "owner": "nixos", 453 309 "repo": "nix", 454 - "rev": "ecae62020b64914d9859a71ce197d03688c6133c", 310 + "rev": "4751cbef6303d10479f3db1b13db69197d9c3446", 455 311 "type": "github" 456 312 }, 457 313 "original": { ··· 460 316 "type": "github" 461 317 } 462 318 }, 463 - "nix-pypi-fetcher": { 464 - "flake": false, 319 + "nix-gl": { 320 + "inputs": { 321 + "flake-utils": "flake-utils", 322 + "nixpkgs": [ 323 + "nixpkgs" 324 + ] 325 + }, 465 326 "locked": { 466 - "lastModified": 1669065297, 467 - "narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=", 468 - "owner": "DavHau", 469 - "repo": "nix-pypi-fetcher", 470 - "rev": "a9885ac6a091576b5195d547ac743d45a2a615ac", 327 + "lastModified": 1713543440, 328 + "narHash": "sha256-lnzZQYG0+EXl/6NkGpyIz+FEOc/DSEG57AP1VsdeNrM=", 329 + "owner": "nix-community", 330 + "repo": "nixgl", 331 + "rev": "310f8e49a149e4c9ea52f1adf70cdc768ec53f8a", 471 332 "type": "github" 472 333 }, 473 334 "original": { 474 - "owner": "DavHau", 475 - "repo": "nix-pypi-fetcher", 335 + "owner": "nix-community", 336 + "repo": "nixgl", 476 337 "type": "github" 477 338 } 478 339 }, 479 340 "nixos-vscode-server": { 480 341 "inputs": { 481 - "flake-utils": "flake-utils_4", 482 - "nixpkgs": "nixpkgs_4" 342 + "flake-utils": "flake-utils_2", 343 + "nixpkgs": [ 344 + "nixpkgs" 345 + ] 483 346 }, 484 347 "locked": { 485 - "lastModified": 1684517665, 486 - "narHash": "sha256-SaAr66uCQ8CF75jIr23FZjk1+9Kfwm5sQnwV25206Gs=", 348 + "lastModified": 1729422940, 349 + "narHash": "sha256-DlvJv33ml5UTKgu4b0HauOfFIoDx6QXtbqUF3vWeRCY=", 487 350 "owner": "msteen", 488 351 "repo": "nixos-vscode-server", 489 - "rev": "1e1358493df6529d4c7bc4cc3066f76fd16d4ae6", 352 + "rev": "8b6db451de46ecf9b4ab3d01ef76e59957ff549f", 490 353 "type": "github" 491 354 }, 492 355 "original": { ··· 497 360 }, 498 361 "nixpkgs": { 499 362 "locked": { 500 - "lastModified": 1657425264, 501 - "narHash": "sha256-3aHvoI2e8vJKw3hvnHECaBpSsL5mxVsVtaLCnTdNcH8=", 502 - "owner": "nixos", 363 + "lastModified": 1747179050, 364 + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", 365 + "owner": "NixOS", 503 366 "repo": "nixpkgs", 504 - "rev": "de5b3dd17034e6106e75746e81618e5bd408de8a", 367 + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", 505 368 "type": "github" 506 369 }, 507 370 "original": { 508 - "owner": "nixos", 509 - "ref": "nixos-unstable-small", 371 + "owner": "NixOS", 372 + "ref": "nixos-unstable", 510 373 "repo": "nixpkgs", 511 374 "type": "github" 512 375 } 513 376 }, 514 - "nixpkgs-2211": { 377 + "nixpkgs-23-11": { 515 378 "locked": { 516 - "lastModified": 1685314633, 517 - "narHash": "sha256-8LXBPqTQXl5ofkjpJ18JcbmLJ/lWDoMxtUwiDYv0wro=", 518 - "owner": "nixos", 379 + "lastModified": 1717159533, 380 + "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", 381 + "owner": "NixOS", 519 382 "repo": "nixpkgs", 520 - "rev": "c8a17ce7abc03c50cd072e9e6c9b389c5f61836b", 383 + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", 521 384 "type": "github" 522 385 }, 523 386 "original": { 524 - "owner": "nixos", 525 - "ref": "nixos-22.11", 387 + "owner": "NixOS", 526 388 "repo": "nixpkgs", 389 + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", 527 390 "type": "github" 528 391 } 529 392 }, 530 - "nixpkgs-bls": { 393 + "nixpkgs-emmy": { 531 394 "locked": { 532 - "lastModified": 1684002532, 533 - "narHash": "sha256-FCBTXes9amxWt22F+66zwgGCPaGYUEW1+WthKtWYOJk=", 534 - "owner": "nixos", 395 + "lastModified": 1719675406, 396 + "narHash": "sha256-bZgaUZikDI7ZS1EY0jjZnbcO4vNeSRhIekb17FyUMf0=", 397 + "owner": "NixOS", 535 398 "repo": "nixpkgs", 536 - "rev": "64b347a30a7f82d9746bf95a34a648360c1199f4", 399 + "rev": "2feb215c297f2c9ae272336f55d54a962d71a9ff", 537 400 "type": "github" 538 401 }, 539 402 "original": { 540 - "owner": "nixos", 541 - "ref": "pull/231714/head", 403 + "owner": "NixOS", 404 + "ref": "pull/323401/head", 542 405 "repo": "nixpkgs", 543 406 "type": "github" 544 407 } 545 408 }, 546 - "nixpkgs-insync-v3": { 409 + "nixpkgs-pre-rust": { 547 410 "locked": { 548 - "lastModified": 1674552486, 549 - "narHash": "sha256-FK9Y4P5Q7lzq9hjXIflr9oW+Cxw+5gxP/dN9+R/bHnA=", 411 + "lastModified": 1723634395, 412 + "narHash": "sha256-K1ohl/M/HWXqieqNtsF39FbWqtaNX/mUgulrqcOO1KU=", 550 413 "owner": "nixos", 551 414 "repo": "nixpkgs", 552 - "rev": "32fdc268e921994e3f38088486ddfe765d11df93", 415 + "rev": "57d0d4a8f3025e2b902d2b4403bcece26ad1ea74", 553 416 "type": "github" 554 417 }, 555 418 "original": { 556 419 "owner": "nixos", 557 - "ref": "32fdc268e921994e3f38088486ddfe765d11df93", 558 - "repo": "nixpkgs", 559 - "type": "github" 560 - } 561 - }, 562 - "nixpkgs-lib": { 563 - "locked": { 564 - "dir": "lib", 565 - "lastModified": 1682879489, 566 - "narHash": "sha256-sASwo8gBt7JDnOOstnps90K1wxmVfyhsTPPNTGBPjjg=", 567 - "owner": "NixOS", 568 - "repo": "nixpkgs", 569 - "rev": "da45bf6ec7bbcc5d1e14d3795c025199f28e0de0", 570 - "type": "github" 571 - }, 572 - "original": { 573 - "dir": "lib", 574 - "owner": "NixOS", 575 - "ref": "nixos-unstable", 420 + "ref": "57d0d4a8f302", 576 421 "repo": "nixpkgs", 577 422 "type": "github" 578 423 } ··· 595 440 }, 596 441 "nixpkgs-stable": { 597 442 "locked": { 598 - "lastModified": 1685215858, 599 - "narHash": "sha256-IRMFoDXA6cYx3ifVw3B2JcC4JrjT5v7tRAx2vro2Ffs=", 600 - "owner": "NixOS", 601 - "repo": "nixpkgs", 602 - "rev": "ba6e4ddeb3e8ad3f3e3bec63dafbc9fe558729bb", 603 - "type": "github" 604 - }, 605 - "original": { 443 + "lastModified": 1720386169, 444 + "narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=", 606 445 "owner": "NixOS", 607 - "ref": "release-22.11", 608 446 "repo": "nixpkgs", 609 - "type": "github" 610 - } 611 - }, 612 - "nixpkgs-unstable": { 613 - "locked": { 614 - "lastModified": 1685383865, 615 - "narHash": "sha256-3uQytfnotO6QJv3r04ajSXbEFMII0dUtw0uqYlZ4dbk=", 616 - "owner": "nixos", 617 - "repo": "nixpkgs", 618 - "rev": "5e871d8aa6f57cc8e0dc087d1c5013f6e212b4ce", 447 + "rev": "194846768975b7ad2c4988bdb82572c00222c0d7", 619 448 "type": "github" 620 449 }, 621 450 "original": { 622 - "owner": "nixos", 623 - "ref": "nixos-unstable", 624 - "repo": "nixpkgs", 625 - "type": "github" 626 - } 627 - }, 628 - "nixpkgsV1": { 629 - "locked": { 630 - "lastModified": 1678500271, 631 - "narHash": "sha256-tRBLElf6f02HJGG0ZR7znMNFv/Uf7b2fFInpTHiHaSE=", 632 451 "owner": "NixOS", 452 + "ref": "nixos-24.05", 633 453 "repo": "nixpkgs", 634 - "rev": "5eb98948b66de29f899c7fe27ae112a47964baf8", 635 454 "type": "github" 636 - }, 637 - "original": { 638 - "id": "nixpkgs", 639 - "ref": "nixos-22.11", 640 - "type": "indirect" 641 455 } 642 456 }, 643 457 "nixpkgs_2": { 644 458 "locked": { 645 - "lastModified": 1682929865, 646 - "narHash": "sha256-jxVrgnf5QNjO+XoxDxUWtN2G5xyJSGZ5SWDQFxMuHxc=", 459 + "lastModified": 1748929857, 460 + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", 647 461 "owner": "nixos", 648 462 "repo": "nixpkgs", 649 - "rev": "f2e9a130461950270f87630b11132323706b4d91", 463 + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", 650 464 "type": "github" 651 465 }, 652 466 "original": { 653 467 "owner": "nixos", 654 - "ref": "nixpkgs-unstable", 468 + "ref": "nixos-unstable", 655 469 "repo": "nixpkgs", 656 470 "type": "github" 657 471 } 658 472 }, 659 473 "nixpkgs_3": { 660 474 "locked": { 661 - "lastModified": 1670461440, 662 - "narHash": "sha256-jy1LB8HOMKGJEGXgzFRLDU1CBGL0/LlkolgnqIsF0D8=", 475 + "lastModified": 1744868846, 476 + "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=", 663 477 "owner": "NixOS", 664 478 "repo": "nixpkgs", 665 - "rev": "04a75b2eecc0acf6239acf9dd04485ff8d14f425", 479 + "rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c", 666 480 "type": "github" 667 481 }, 668 482 "original": { 669 483 "owner": "NixOS", 670 - "ref": "nixos-22.11-small", 484 + "ref": "nixpkgs-unstable", 671 485 "repo": "nixpkgs", 672 486 "type": "github" 673 487 } 674 488 }, 675 489 "nixpkgs_4": { 676 490 "locked": { 677 - "lastModified": 1682134069, 678 - "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", 679 - "owner": "NixOS", 680 - "repo": "nixpkgs", 681 - "rev": "fd901ef4bf93499374c5af385b2943f5801c0833", 682 - "type": "github" 683 - }, 684 - "original": { 685 - "id": "nixpkgs", 686 - "type": "indirect" 687 - } 688 - }, 689 - "nixpkgs_5": { 690 - "locked": { 691 - "lastModified": 1685012353, 692 - "narHash": "sha256-U3oOge4cHnav8OLGdRVhL45xoRj4Ppd+It6nPC9nNIU=", 491 + "lastModified": 1728538411, 492 + "narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=", 693 493 "owner": "NixOS", 694 494 "repo": "nixpkgs", 695 - "rev": "aeb75dba965e790de427b73315d5addf91a54955", 495 + "rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221", 696 496 "type": "github" 697 497 }, 698 498 "original": { ··· 702 502 "type": "github" 703 503 } 704 504 }, 705 - "nixpkgs_6": { 505 + "nvim": { 506 + "inputs": { 507 + "gen-luarc": "gen-luarc", 508 + "nixpkgs": [ 509 + "nixpkgs" 510 + ], 511 + "nixpkgs-emmy": "nixpkgs-emmy", 512 + "parts": [ 513 + "parts" 514 + ], 515 + "wrapper-manager": "wrapper-manager" 516 + }, 706 517 "locked": { 707 - "lastModified": 1681358109, 708 - "narHash": "sha256-eKyxW4OohHQx9Urxi7TQlFBTDWII+F+x2hklDOQPB50=", 709 - "owner": "NixOS", 710 - "repo": "nixpkgs", 711 - "rev": "96ba1c52e54e74c3197f4d43026b3f3d92e83ff9", 518 + "lastModified": 1748686149, 519 + "narHash": "sha256-RdLAPiha8lr1wQiL158p4DTFhLcWcjRv6ioCTd3athQ=", 520 + "owner": "nobbz", 521 + "repo": "nobbz-vim", 522 + "rev": "a22303075cac32d83edfd79ef79c0386a38b02ce", 712 523 "type": "github" 713 524 }, 714 525 "original": { 715 - "owner": "NixOS", 716 - "ref": "nixpkgs-unstable", 717 - "repo": "nixpkgs", 526 + "owner": "nobbz", 527 + "repo": "nobbz-vim", 718 528 "type": "github" 719 529 } 720 530 }, 721 531 "parts": { 722 532 "inputs": { 723 - "nixpkgs-lib": "nixpkgs-lib" 533 + "nixpkgs-lib": [ 534 + "nixpkgs" 535 + ] 724 536 }, 725 537 "locked": { 726 - "lastModified": 1683560683, 727 - "narHash": "sha256-XAygPMN5Xnk/W2c1aW0jyEa6lfMDZWlQgiNtmHXytPc=", 538 + "lastModified": 1748821116, 539 + "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=", 728 540 "owner": "hercules-ci", 729 541 "repo": "flake-parts", 730 - "rev": "006c75898cf814ef9497252b022e91c946ba8e17", 542 + "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1", 731 543 "type": "github" 732 544 }, 733 545 "original": { ··· 736 548 "type": "github" 737 549 } 738 550 }, 739 - "poetry2nix": { 740 - "flake": false, 741 - "locked": { 742 - "lastModified": 1666918719, 743 - "narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=", 744 - "owner": "nix-community", 745 - "repo": "poetry2nix", 746 - "rev": "289efb187123656a116b915206e66852f038720e", 747 - "type": "github" 748 - }, 749 - "original": { 750 - "owner": "nix-community", 751 - "ref": "1.36.0", 752 - "repo": "poetry2nix", 753 - "type": "github" 754 - } 755 - }, 756 - "pre-commit-hooks": { 551 + "programsdb": { 757 552 "inputs": { 758 - "flake-utils": [ 759 - "switcher", 760 - "dream2nix", 761 - "flake-utils-pre-commit" 762 - ], 763 553 "nixpkgs": [ 764 - "switcher", 765 - "dream2nix", 766 554 "nixpkgs" 767 - ] 768 - }, 769 - "locked": { 770 - "lastModified": 1646153636, 771 - "narHash": "sha256-AlWHMzK+xJ1mG267FdT8dCq/HvLCA6jwmx2ZUy5O8tY=", 772 - "owner": "cachix", 773 - "repo": "pre-commit-hooks.nix", 774 - "rev": "b6bc0b21e1617e2b07d8205e7fae7224036dfa4b", 775 - "type": "github" 776 - }, 777 - "original": { 778 - "owner": "cachix", 779 - "repo": "pre-commit-hooks.nix", 780 - "type": "github" 781 - } 782 - }, 783 - "programsdb": { 784 - "inputs": { 785 - "nixpkgs": [ 786 - "unstable" 787 555 ], 788 556 "utils": "utils" 789 557 }, 790 558 "locked": { 791 - "lastModified": 1685425339, 792 - "narHash": "sha256-TEaY+iJkCJLl5pdwP04FRvOEEfP+yE6pmQbiG03OGx0=", 559 + "lastModified": 1749055058, 560 + "narHash": "sha256-OgCTSX0WXPpEi/ukjbBRrElSo+TR2/pzCCcY5yfou58=", 793 561 "owner": "wamserma", 794 562 "repo": "flake-programs-sqlite", 795 - "rev": "2a3d0b8def102ea075cd31aef4076b7d7d2659f5", 563 + "rev": "78d23d728abddce902528922f93967f0630f1cfe", 796 564 "type": "github" 797 565 }, 798 566 "original": { ··· 801 569 "type": "github" 802 570 } 803 571 }, 804 - "pruned-racket-catalog": { 805 - "flake": false, 806 - "locked": { 807 - "lastModified": 1672537287, 808 - "narHash": "sha256-SuOvXVcLfakw18oJB/PuRMyvGyGG1+CQD3R+TGHIv44=", 809 - "owner": "nix-community", 810 - "repo": "pruned-racket-catalog", 811 - "rev": "c8b89557fb53b36efa2ee48a769c7364df0f6262", 812 - "type": "github" 813 - }, 814 - "original": { 815 - "owner": "nix-community", 816 - "ref": "catalog", 817 - "repo": "pruned-racket-catalog", 818 - "type": "github" 819 - } 820 - }, 821 572 "root": { 822 573 "inputs": { 823 - "alejandra": "alejandra", 824 574 "emacs": "emacs", 825 - "flake-utils": "flake-utils_2", 826 575 "home-manager": "home-manager", 827 - "master": "master", 828 - "nil": "nil", 829 576 "nix": "nix", 577 + "nix-gl": "nix-gl", 830 578 "nixos-vscode-server": "nixos-vscode-server", 831 - "nixpkgs": [ 832 - "nixpkgs-unstable" 579 + "nixpkgs": "nixpkgs_2", 580 + "nixpkgs-insync-v3": [ 581 + "nixpkgs" 833 582 ], 834 - "nixpkgs-2211": "nixpkgs-2211", 835 - "nixpkgs-bls": "nixpkgs-bls", 836 - "nixpkgs-insync-v3": "nixpkgs-insync-v3", 837 - "nixpkgs-unstable": "nixpkgs-unstable", 583 + "nixpkgs-pre-rust": "nixpkgs-pre-rust", 584 + "nvim": "nvim", 838 585 "parts": "parts", 839 586 "programsdb": "programsdb", 840 587 "sops-nix": "sops-nix", 841 - "stable": [ 842 - "nixpkgs-2211" 843 - ], 844 - "switcher": "switcher", 845 - "unstable": [ 846 - "nixpkgs-unstable" 847 - ] 848 - } 849 - }, 850 - "rust-analyzer-src": { 851 - "flake": false, 852 - "locked": { 853 - "lastModified": 1657557289, 854 - "narHash": "sha256-PRW+nUwuqNTRAEa83SfX+7g+g8nQ+2MMbasQ9nt6+UM=", 855 - "owner": "rust-lang", 856 - "repo": "rust-analyzer", 857 - "rev": "caf23f29144b371035b864a1017dbc32573ad56d", 858 - "type": "github" 859 - }, 860 - "original": { 861 - "owner": "rust-lang", 862 - "ref": "nightly", 863 - "repo": "rust-analyzer", 864 - "type": "github" 588 + "switcher": "switcher" 865 589 } 866 590 }, 867 591 "rust-overlay": { 868 592 "inputs": { 869 - "flake-utils": [ 870 - "nil", 871 - "flake-utils" 872 - ], 873 - "nixpkgs": [ 874 - "nil", 875 - "nixpkgs" 876 - ] 593 + "nixpkgs": "nixpkgs_4" 877 594 }, 878 595 "locked": { 879 - "lastModified": 1682907601, 880 - "narHash": "sha256-FfUAYvRJ+6s9WWjXNPdRzuuvAeu2VHIXIbUkPJr4t14=", 596 + "lastModified": 1734402816, 597 + "narHash": "sha256-cgQ8mjUJz7J3fp97lnvl0dSJ6vLt8yzUSmw3B7QKw94=", 881 598 "owner": "oxalica", 882 599 "repo": "rust-overlay", 883 - "rev": "5eaff055dd57128c53ae373dc96af944f5849daa", 884 - "type": "github" 885 - }, 886 - "original": { 887 - "owner": "oxalica", 888 - "repo": "rust-overlay", 889 - "type": "github" 890 - } 891 - }, 892 - "rust-overlay_2": { 893 - "inputs": { 894 - "flake-utils": "flake-utils_5", 895 - "nixpkgs": "nixpkgs_6" 896 - }, 897 - "locked": { 898 - "lastModified": 1681438695, 899 - "narHash": "sha256-TSDCZwJ+mp1qOoOAvgK6hXeqn7wNacWT9RTxBJ6aZj4=", 900 - "owner": "oxalica", 901 - "repo": "rust-overlay", 902 - "rev": "db7bf4a2dd295adeeaa809d36387098926a15487", 600 + "rev": "e38fbd6e56e8cd1d61c65a21bbb7785e966707b4", 903 601 "type": "github" 904 602 }, 905 603 "original": { ··· 910 608 }, 911 609 "sops-nix": { 912 610 "inputs": { 913 - "nixpkgs": "nixpkgs_5", 914 - "nixpkgs-stable": "nixpkgs-stable" 611 + "nixpkgs": "nixpkgs_3" 915 612 }, 916 613 "locked": { 917 - "lastModified": 1685434555, 918 - "narHash": "sha256-aZl0yeaYX3T2L3W3yXOd3S9OfpS+8YUOT2b1KwrSf6E=", 614 + "lastModified": 1747603214, 615 + "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", 919 616 "owner": "Mic92", 920 617 "repo": "sops-nix", 921 - "rev": "876846cde9762ae563f018c17993354875e2538e", 618 + "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", 922 619 "type": "github" 923 620 }, 924 621 "original": { ··· 929 626 }, 930 627 "switcher": { 931 628 "inputs": { 932 - "dream2nix": "dream2nix", 629 + "cargo2nix": "cargo2nix", 933 630 "flake-parts": [ 934 631 "parts" 935 632 ], 936 633 "nixpkgs": [ 937 - "unstable" 634 + "nixpkgs" 938 635 ], 939 - "rust-overlay": "rust-overlay_2" 636 + "rust-overlay": "rust-overlay" 940 637 }, 941 638 "locked": { 942 - "lastModified": 1681470489, 943 - "narHash": "sha256-zyR6/biPWVZTNFn8CniXH3rnOoRb2VThkNb30kOAoZ0=", 639 + "lastModified": 1734435961, 640 + "narHash": "sha256-HIw4Naoc0Gcl9VOT4JkagzKDvAdBwyzlq2majy5pSks=", 944 641 "owner": "nobbz", 945 642 "repo": "nix-switcher", 946 - "rev": "99c68f39962f6b9404c07c8897154929fc897580", 643 + "rev": "6f12e77ff6b46d53a5e58567803f94708e15660e", 947 644 "type": "github" 948 645 }, 949 646 "original": { ··· 983 680 "type": "github" 984 681 } 985 682 }, 986 - "systems_3": { 987 - "locked": { 988 - "lastModified": 1681028828, 989 - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 990 - "owner": "nix-systems", 991 - "repo": "default", 992 - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 993 - "type": "github" 994 - }, 995 - "original": { 996 - "owner": "nix-systems", 997 - "repo": "default", 998 - "type": "github" 999 - } 1000 - }, 1001 - "systems_4": { 1002 - "locked": { 1003 - "lastModified": 1681028828, 1004 - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 1005 - "owner": "nix-systems", 1006 - "repo": "default", 1007 - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 1008 - "type": "github" 1009 - }, 1010 - "original": { 1011 - "owner": "nix-systems", 1012 - "repo": "default", 1013 - "type": "github" 1014 - } 1015 - }, 1016 683 "utils": { 1017 684 "locked": { 1018 685 "lastModified": 1678901627, ··· 1025 692 "original": { 1026 693 "owner": "numtide", 1027 694 "repo": "flake-utils", 695 + "type": "github" 696 + } 697 + }, 698 + "wrapper-manager": { 699 + "inputs": { 700 + "nixpkgs": [ 701 + "nvim", 702 + "nixpkgs" 703 + ] 704 + }, 705 + "locked": { 706 + "lastModified": 1747562021, 707 + "narHash": "sha256-XfF+5zjoWbAcAiGNb++og6yDGJRwWYpADr9P6WuieQA=", 708 + "owner": "viperml", 709 + "repo": "wrapper-manager", 710 + "rev": "f2b0bec5140403cf24cae96f6764d97b5d59b0e2", 711 + "type": "github" 712 + }, 713 + "original": { 714 + "owner": "viperml", 715 + "repo": "wrapper-manager", 1028 716 "type": "github" 1029 717 } 1030 718 }

+47 -44

flake.nix

··· 1 1 { 2 - inputs = { 3 - nixpkgs-2211.url = "github:nixos/nixpkgs/nixos-22.11"; 4 - nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; 5 - master.url = "github:nixos/nixpkgs/master"; 6 - nixpkgs-insync-v3.url = "github:nixos/nixpkgs?ref=32fdc268e921994e3f38088486ddfe765d11df93"; 7 - nixpkgs-bls.url = "github:nixos/nixpkgs?ref=pull/231714/head"; 8 - 9 - switcher.url = "github:nobbz/nix-switcher?ref=main"; 10 - switcher.inputs.nixpkgs.follows = "unstable"; 11 - switcher.inputs.flake-parts.follows = "parts"; 12 - 13 - parts.url = "github:hercules-ci/flake-parts"; 14 - 15 - programsdb.url = "github:wamserma/flake-programs-sqlite"; 16 - programsdb.inputs.nixpkgs.follows = "unstable"; 17 - 18 - # The following is required to make flake-parts work. 19 - nixpkgs.follows = "nixpkgs-unstable"; 20 - unstable.follows = "nixpkgs-unstable"; 21 - stable.follows = "nixpkgs-2211"; 22 - 23 - nix.url = "github:nixos/nix"; 24 - 25 - nil.url = "github:oxalica/nil"; 26 - 27 - home-manager.url = "github:nix-community/home-manager"; 28 - home-manager.inputs.nixpkgs.follows = "unstable"; 29 - 30 - flake-utils.url = "github:numtide/flake-utils"; 31 - 32 - emacs.url = "github:nix-community/emacs-overlay"; 33 - emacs.inputs.nixpkgs.follows = "master"; 34 - 35 - nixos-vscode-server.url = "github:msteen/nixos-vscode-server"; 36 - 37 - sops-nix.url = "github:Mic92/sops-nix"; 38 - 39 - alejandra.url = "github:kamadorueda/alejandra/3.0.0"; 40 - }; 41 - 42 2 outputs = {parts, ...} @ inputs: 43 3 parts.lib.mkFlake {inherit inputs;} { 44 4 systems = ["x86_64-linux" "aarch64-linux" "aarch64-darwin"]; ··· 48 8 imports = [ 49 9 ./parts/auxiliary.nix 50 10 ./parts/home_configs.nix 11 + ./parts/home_modules.nix 12 + ./parts/nixos_modules.nix 51 13 ./parts/system_configs.nix 52 14 53 15 ./nixos/configurations 54 16 ./home/configurations 55 17 18 + ./home/modules 19 + ./nixos/modules 20 + 56 21 ./packages 57 22 ]; 58 23 59 24 flake = { 60 - nixosModules = import ./nixos/modules inputs; 61 - 62 - homeModules = import ./home/modules inputs; 63 - 64 25 mixedModules = import ./mixed inputs; 65 26 66 27 checks.x86_64-linux = import ./checks inputs; 67 28 }; 68 29 }; 30 + 31 + inputs = { 32 + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; 33 + # nixpkgs-insync-v3.url = "github:nixos/nixpkgs?ref=32fdc268e921994e3f38088486ddfe765d11df93"; 34 + nixpkgs-insync-v3.follows = "nixpkgs"; 35 + nixpkgs-pre-rust.url = "github:nixos/nixpkgs?ref=57d0d4a8f302"; 36 + 37 + nvim.url = "github:nobbz/nobbz-vim"; 38 + nvim.inputs.parts.follows = "parts"; 39 + nvim.inputs.nixpkgs.follows = "nixpkgs"; 40 + 41 + switcher.url = "github:nobbz/nix-switcher?ref=main"; 42 + switcher.inputs.nixpkgs.follows = "nixpkgs"; 43 + switcher.inputs.flake-parts.follows = "parts"; 44 + 45 + parts.url = "github:hercules-ci/flake-parts"; 46 + parts.inputs.nixpkgs-lib.follows = "nixpkgs"; 47 + 48 + programsdb.url = "github:wamserma/flake-programs-sqlite"; 49 + programsdb.inputs.nixpkgs.follows = "nixpkgs"; 50 + 51 + nix.url = "github:nixos/nix"; 52 + nix.inputs.flake-parts.follows = "parts"; 53 + # a libgit2 in the current version fails to build with the nix provided patches. 54 + # therefore using upstreams pin for now. 55 + # nix.inputs.nixpkgs.follows = "nixpkgs"; 56 + 57 + nix-gl.url = "github:nix-community/nixgl"; 58 + nix-gl.inputs.nixpkgs.follows = "nixpkgs"; 59 + 60 + home-manager.url = "github:nix-community/home-manager"; 61 + home-manager.inputs.nixpkgs.follows = "nixpkgs"; 62 + 63 + emacs.url = "github:nix-community/emacs-overlay"; 64 + emacs.inputs.nixpkgs.follows = "nixpkgs"; 65 + emacs.inputs.nixpkgs-stable.follows = "nixpkgs"; 66 + 67 + nixos-vscode-server.url = "github:msteen/nixos-vscode-server"; 68 + nixos-vscode-server.inputs.nixpkgs.follows = "nixpkgs"; 69 + 70 + sops-nix.url = "github:Mic92/sops-nix"; 71 + }; 69 72 }

+1 -7

home/configurations/default.nix

··· 1 1 _: { 2 2 nobbz.homeConfigurations."nmelzer@mimas".system = "x86_64-linux"; 3 - nobbz.homeConfigurations."nmelzer@enceladeus".system = "x86_64-linux"; 4 - nobbz.homeConfigurations."nmelzer@hyperion".system = "aarch64-linux"; 5 - 6 - nobbz.homeConfigurations."nmelzer@Titan.local" = { 7 - system = "aarch64-darwin"; 8 - hostname = "titan"; 9 - }; 3 + nobbz.homeConfigurations."nmelzer@phoebe".system = "x86_64-linux"; 10 4 }

-37

home/configurations/nmelzer@enceladeus.nix

··· 1 - {self, ...}: { 2 - config, 3 - pkgs, 4 - lib, 5 - ... 6 - }: { 7 - config = { 8 - nixpkgs.allowedUnfree = ["google-chrome" "vscode"]; 9 - 10 - nixpkgs.config.contentAddressedByDefault = false; 11 - 12 - activeProfiles = ["browsing" "development"]; 13 - 14 - xsession.windowManager.awesome.autostart = [ 15 - "${pkgs.blueman}/bin/blueman-applet" 16 - "${pkgs.networkmanagerapplet}/bin/nm-applet" 17 - ]; 18 - 19 - programs.emacs.enable = lib.mkForce false; 20 - 21 - services.rustic = { 22 - enable = true; 23 - globs = let 24 - mkHome = e: "${config.home.homeDirectory}/${e}"; 25 - mkIgnore = e: "!${e}"; 26 - 27 - home = map mkHome [".cache" ".cabal" ".cargo" ".emacs.d/eln-cache" ".emacs.d/.cache" ".gem" ".gradle" ".hex" ".kube" ".local" ".m2" ".minikube" ".minishift" ".mix" ".mozilla" "npm" ".opam" ".rancher" ".vscode-oss" "go/pkg"]; 28 - patterns = ["_build" "deps" "result" "target" ".elixir_ls" "ccls-cache" ".direnv"]; 29 - in 30 - map mkIgnore (home ++ patterns); 31 - oneFileSystem = true; 32 - repo = "rest:https://restic.mimas.internal.nobbz.dev/nobbz"; 33 - }; 34 - 35 - home.packages = [pkgs.vscode]; 36 - }; 37 - }

-42

home/configurations/nmelzer@hyperion.nix

··· 1 - { 2 - unstable, 3 - self, 4 - ... 5 - }: { 6 - config, 7 - pkgs, 8 - lib, 9 - ... 10 - }: { 11 - config = { 12 - nixpkgs.allowedUnfree = ["vscode"]; 13 - # nixpkgs.config.allowBroken = true; 14 - 15 - activeProfiles = ["development"]; 16 - 17 - dconf.enable = true; 18 - 19 - enabledLanguages = []; 20 - 21 - xsession.enable = lib.mkForce false; 22 - xsession.windowManager.awesome.enable = lib.mkForce false; 23 - xsession.numlock.enable = lib.mkForce false; 24 - 25 - programs.emacs.splashScreen = false; 26 - 27 - home.packages = builtins.attrValues { 28 - inherit (pkgs) vscode keepassxc nix-output-monitor; 29 - inherit (pkgs.gnome) gnome-tweaks; 30 - inherit (self.packages.aarch64-linux) gnucash-de; 31 - }; 32 - 33 - programs.htop = { 34 - settings = { 35 - detailed_cpu_time = true; 36 - }; 37 - }; 38 - }; 39 - # environment.pathsToLink = [ "/share/zsh" ]; 40 - } 41 - # /nix/store/7skqa8vxfydq7w3cix55ffvkmjb3b5da-python-2.7.18 42 -

-93

home/configurations/nmelzer@mimas.nix

··· 1 - { 2 - unstable, 3 - self, 4 - ... 5 - }: { 6 - config, 7 - pkgs, 8 - ... 9 - }: { 10 - config = { 11 - nixpkgs.allowedUnfree = ["google-chrome" "vscode" "discord"]; 12 - nixpkgs.config.allowBroken = true; 13 - 14 - activeProfiles = ["browsing" "development"]; 15 - 16 - sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"]; 17 - sops.defaultSopsFile = "${self}/secrets/mimas/nmelzer/default.yaml"; 18 - 19 - sops.secrets.rustic.path = "${config.xdg.configHome}/rustic/password"; 20 - sops.secrets.gh_hosts.path = "${config.xdg.configHome}/gh/hosts.yml"; 21 - 22 - dconf.enable = true; 23 - 24 - enabledLanguages = ["nix"]; 25 - 26 - programs.emacs.splashScreen = false; 27 - 28 - home.packages = builtins.attrValues { 29 - inherit (pkgs) keybase-gui freerdp vscode keepassxc nix-output-monitor discord; 30 - inherit (pkgs.gnome) gnome-tweaks; 31 - inherit (self.packages.x86_64-linux) gnucash-de; 32 - }; 33 - 34 - programs.obs-studio.enable = true; 35 - programs.htop = { 36 - settings = { 37 - detailed_cpu_time = true; 38 - }; 39 - # meters.right = [ 40 - # { kind = "Battery"; mode = 1; } 41 - # "Tasks" 42 - # "LoadAverage" 43 - # "Uptime" 44 - # ]; 45 - }; 46 - 47 - xsession.windowManager.awesome.autostart = [ 48 - "${pkgs.blueman}/bin/blueman-applet" 49 - "${pkgs.networkmanagerapplet}/bin/nm-applet" 50 - ]; 51 - 52 - services = { 53 - keybase.enable = true; 54 - kbfs.enable = true; 55 - insync.enable = true; 56 - playerctld.enable = true; 57 - 58 - rustic = { 59 - enable = true; 60 - passwordFile = config.sops.secrets.rustic.path; 61 - globs = let 62 - mkHome = e: "${config.home.homeDirectory}/${e}"; 63 - mkIgnore = e: "!${e}"; 64 - 65 - home = map mkHome ["Downloads" ".cache" ".cabal" ".cargo" ".emacs.d/eln-cache" ".emacs.d/.cache" ".gem" ".gradle" ".hex" ".kube" ".local" ".m2" ".minikube" ".minishift" ".mix" ".mozilla" "npm" ".opam" ".rancher" ".vscode-oss" "go/pkg" "timmelzer@gmail.com/restic_repos"]; 66 - patterns = ["_build" "Cache" "deps" "result" "target" ".elixir_ls" "ccls-cache" ".direnv" "direnv" "node_modules"]; 67 - in 68 - map mkIgnore (home ++ patterns); 69 - oneFileSystem = true; 70 - repo = "rest:https://restic.mimas.internal.nobbz.dev/nobbz"; 71 - }; 72 - }; 73 - 74 - systemd.user.services = { 75 - rustic.Unit.After = ["sops-nix.service"]; 76 - keybase-gui = { 77 - Unit = { 78 - Description = "Keybase GUI"; 79 - Requires = ["keybase.service" "kbfs.service"]; 80 - After = ["keybase.service" "kbfs.service"]; 81 - }; 82 - Service = { 83 - ExecStart = "${pkgs.keybase-gui}/share/keybase/Keybase"; 84 - PrivateTmp = true; 85 - # Slice = "keybase.slice"; 86 - }; 87 - }; 88 - }; 89 - }; 90 - # environment.pathsToLink = [ "/share/zsh" ]; 91 - } 92 - # /nix/store/7skqa8vxfydq7w3cix55ffvkmjb3b5da-python-2.7.18 93 -

-20

home/configurations/nmelzer@titan.nix

··· 1 - {self, ...}: { 2 - pkgs, 3 - lib, 4 - ... 5 - }: { 6 - nixpkgs.allowedUnfree = []; 7 - 8 - activeProfiles = ["base" "development"]; 9 - enabledLanguages = []; 10 - 11 - xsession.enable = lib.mkForce false; 12 - xsession.windowManager.awesome.enable = lib.mkForce false; 13 - xsession.numlock.enable = lib.mkForce false; 14 - 15 - gtk.theme.package = lib.mkForce null; 16 - 17 - home.packages = builtins.attrValues { 18 - inherit (pkgs) neovim; 19 - }; 20 - }

+130

home/configurations/nmelzer_at_mimas.nix

··· 1 + {self, ...}: { 2 + config, 3 + pkgs, 4 + lib, 5 + ... 6 + }: { 7 + nixpkgs.allowedUnfree = ["google-chrome" "vscode" "discord" "obsidian"]; 8 + 9 + activeProfiles = ["browsing" "development"]; 10 + 11 + sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"]; 12 + sops.defaultSopsFile = "${self}/secrets/mimas/nmelzer/default.yaml"; 13 + 14 + sops.secrets.rustic.path = "${config.xdg.configHome}/rustic/password"; 15 + 16 + dconf.enable = true; 17 + 18 + home.packages = builtins.attrValues { 19 + inherit (pkgs) keybase-gui freerdp keepassxc nix-output-monitor discord; 20 + inherit (pkgs) obsidian; 21 + inherit (pkgs) gnome-tweaks; 22 + inherit (pkgs) vscode wezterm; 23 + }; 24 + 25 + programs.obs-studio.enable = true; 26 + programs.obs-studio.plugins = builtins.attrValues { 27 + inherit (pkgs.obs-studio-plugins) obs-backgroundremoval; 28 + }; 29 + programs.htop = { 30 + settings = { 31 + detailed_cpu_time = true; 32 + }; 33 + # meters.right = [ 34 + # { kind = "Battery"; mode = 1; } 35 + # "Tasks" 36 + # "LoadAverage" 37 + # "Uptime" 38 + # ]; 39 + }; 40 + 41 + programs.yazi.enable = true; 42 + 43 + xsession.windowManager.awesome.autostart = [ 44 + "${pkgs.blueman}/bin/blueman-applet" 45 + "${pkgs.networkmanagerapplet}/bin/nm-applet" 46 + ]; 47 + 48 + systemd.user.tmpfiles.rules = [ 49 + "d ${config.home.homeDirectory}/tmp 700 ${config.home.username} users 14d" 50 + ]; 51 + 52 + services = { 53 + keybase.enable = true; 54 + kbfs.enable = true; 55 + insync.enable = true; 56 + playerctld.enable = true; 57 + flameshot.enable = true; 58 + 59 + rustic = { 60 + enable = true; 61 + passwordFile = config.sops.secrets.rustic.path; 62 + globs = let 63 + mkHome = e: "${config.home.homeDirectory}/${e}"; 64 + mkIgnore = e: "!${e}"; 65 + 66 + home = map mkHome ["Downloads" ".cache" ".cabal" ".cargo" ".emacs.d/eln-cache" ".emacs.d/.cache" ".gem" ".gradle" ".hex" ".kube" ".local" ".m2" ".minikube" ".minishift" ".mix" ".mozilla" "npm" ".opam" ".rancher" ".vscode-oss" "go/pkg" "timmelzer@gmail.com/restic_repos" ".local/share/libvirt" ".bitmonero"]; 67 + patterns = ["_build" "Cache" "deps" "result" "target" ".elixir_ls" "ccls-cache" ".direnv" "direnv" "node_modules"]; 68 + in 69 + map mkIgnore (home ++ patterns); 70 + oneFileSystem = true; 71 + repo = "rest:https://restic.mimas.internal.nobbz.dev/nobbz"; 72 + }; 73 + }; 74 + 75 + systemd.user.services = { 76 + rustic.Unit.After = ["sops-nix.service"]; 77 + keybase-gui = { 78 + Unit = { 79 + Description = "Keybase GUI"; 80 + Requires = ["keybase.service" "kbfs.service"]; 81 + After = ["keybase.service" "kbfs.service"]; 82 + }; 83 + Service = { 84 + ExecStart = "${pkgs.keybase-gui}/share/keybase/Keybase"; 85 + PrivateTmp = true; 86 + # Slice = "keybase.slice"; 87 + }; 88 + }; 89 + }; 90 + 91 + xdg.configFile = { 92 + "rustic/mimas-hetzner.toml".text = 93 + # toml 94 + '' 95 + [repository] 96 + repository = "rclone:hetzner-restic:mimas" 97 + password-file = "${config.sops.secrets.rustic.path}" 98 + ''; 99 + "rustic/mimas.toml".text = 100 + # toml 101 + '' 102 + [repository] 103 + repository = "rest:https://restic.mimas.internal.nobbz.dev/mimas" 104 + password-file = "${config.sops.secrets.rustic.path}" 105 + 106 + [copy] 107 + targets = ["mimas-hetzner"] 108 + ''; 109 + 110 + "rustic/nobbz-hetzner.toml".text = 111 + # toml 112 + '' 113 + [repository] 114 + repository = "rclone:hetzner-restic:nobbz" 115 + password-file = "${config.sops.secrets.rustic.path}" 116 + ''; 117 + "rustic/nobbz.toml".text = 118 + # toml 119 + '' 120 + [repository] 121 + repository = "rest:https://restic.mimas.internal.nobbz.dev/nobbz" 122 + password-file = "${config.sops.secrets.rustic.path}" 123 + 124 + [copy] 125 + targets = ["nobbz-hetzner"] 126 + ''; 127 + }; 128 + 129 + home.stateVersion = "20.09"; 130 + }

+93

home/configurations/nmelzer_at_phoebe.nix

··· 1 + { 2 + self, 3 + nix, 4 + ... 5 + }: { 6 + config, 7 + pkgs, 8 + lib, 9 + ... 10 + }: let 11 + sshConfigPath = "${config.home.homeDirectory}/.ssh"; 12 + inherit (lib.hm) dag; 13 + spkgs = self.packages.${pkgs.system}; 14 + in { 15 + nixpkgs.allowedUnfree = ["google-chrome" "vscode" "discord" "obsidian" "slack"]; 16 + nixpkgs.config.permittedInsecurePackages = ["electron-25.9.0"]; 17 + profiles.base.needsGL = true; 18 + 19 + nix.checkConfig = false; 20 + nix.settings.extra-experimental-features = ["flakes" "nix-command"]; 21 + nix.extraOptions = "!include ${config.sops.secrets."access-tokens".path}"; 22 + nix.package = nix.packages.${pkgs.system}.nix-cli; 23 + 24 + activeProfiles = ["development"]; 25 + 26 + sops.age.sshKeyPaths = ["${sshConfigPath}/id_ed25519"]; 27 + sops.defaultSopsFile = "${self}/secrets/phoebe/nmelzer/default.yaml"; 28 + 29 + sops.secrets.ssh.path = "${sshConfigPath}/nightwing_config"; 30 + 31 + sops.secrets."access-tokens" = { 32 + path = "${config.home.homeDirectory}/.config/nix/access-tokens.conf"; 33 + mode = "0400"; 34 + sopsFile = "${self}/secrets/users/nmelzer/default.yaml"; 35 + }; 36 + 37 + sops.secrets."github" = { 38 + path = "${sshConfigPath}/github"; 39 + mode = "0400"; 40 + sopsFile = "${self}/secrets/users/nmelzer/github"; 41 + format = "binary"; 42 + }; 43 + 44 + sops.secrets."gitlab" = { 45 + path = "${sshConfigPath}/gitlab"; 46 + mode = "0400"; 47 + sopsFile = "${self}/secrets/users/nmelzer/gitlab"; 48 + format = "binary"; 49 + }; 50 + 51 + sops.secrets."nobbz_dev" = { 52 + path = "${sshConfigPath}/nobbz_dev"; 53 + mode = "0400"; 54 + sopsFile = "${self}/secrets/users/nmelzer/nobbz_dev"; 55 + format = "binary"; 56 + }; 57 + 58 + dconf.enable = true; 59 + 60 + home.packages = builtins.attrValues { 61 + inherit (pkgs) keepassxc nix-output-monitor discord obsidian vscode slack; 62 + inherit (config.nix) package; 63 + inherit (spkgs) switcher; 64 + }; 65 + 66 + xsession.windowManager.awesome.enable = lib.mkForce false; 67 + xsession.enable = lib.mkForce false; 68 + 69 + services.playerctld.enable = true; 70 + 71 + gtk.gtk2.force = true; 72 + 73 + programs.ssh.includes = [ 74 + config.sops.secrets.ssh.path 75 + ]; 76 + 77 + programs.ssh.matchBlocks = { 78 + # TODO: properly use seperate key 79 + "gitlab.com-bravo" = dag.entryAfter ["gitlab.com"] { 80 + hostname = "gitlab.com"; 81 + addressFamily = "inet"; 82 + identityFile = "~/.ssh/id_ed25519"; 83 + }; 84 + 85 + # TODO: Make the actual hosts identity file configurable by other means. Actually moving all the logic over to `home/modules/profiles/base/default.nix`. 86 + "*.internal.nobbz.dev" = lib.mkForce (dag.entryAfter ["delly-nixos.adoring_suess.zerotier" "tux-nixos.adoring_suess.zerotier" "nixos.adoring_suess.zerotier"] { 87 + identityFile = "~/.ssh/id_ed25519"; 88 + user = "nmelzer"; 89 + }); 90 + }; 91 + 92 + home.stateVersion = "20.09"; 93 + }

+19 -28

home/modules/default.nix

··· 1 - inputs: { 2 - "profiles" = import ./profiles inputs; 3 - "profiles/base" = import ./profiles/base inputs; 4 - "profiles/browsing" = import ./profiles/browsing inputs; 5 - "profiles/development" = import ./profiles/development inputs; 1 + { 2 + nobbz.homeManagerModules = { 3 + "profiles" = ./profiles; 4 + "profiles/base" = ./profiles/base; 5 + "profiles/browsing" = ./profiles/browsing; 6 + "profiles/development" = ./profiles/development; 6 7 7 - "languages" = import ./languages inputs; 8 - "languages/nix" = import ./languages/nix inputs; 8 + "programs/advcp" = ./programs/advcp; 9 + "programs/eza" = ./programs/eza; 10 + "programs/ghostty" = ./programs/ghostty; 11 + "programs/nixpkgs" = ./programs/nixpkgs; 12 + "programs/p10k" = ./programs/p10k; 13 + "programs/rbw" = ./programs/rbw; 14 + "programs/wezterm" = ./programs/wezterm; 9 15 10 - "programs/advcp" = import ./programs/advcp inputs; 11 - "programs/emacs" = import ./programs/emacs inputs; 12 - "programs/emacs/beacon" = import ./programs/emacs/beacon.nix inputs; 13 - "programs/emacs/company" = import ./programs/emacs/company.nix inputs; 14 - "programs/emacs/helm" = import ./programs/emacs/helm.nix inputs; 15 - "programs/emacs/lib" = import ./programs/emacs/lib.nix inputs; 16 - "programs/emacs/lsp" = import ./programs/emacs/lsp.nix inputs; 17 - "programs/emacs/projectile" = import ./programs/emacs/projectile.nix inputs; 18 - "programs/emacs/telephoneline" = import ./programs/emacs/telephoneline.nix inputs; 19 - "programs/emacs/whichkey" = import ./programs/emacs/whichkey inputs; 20 - "programs/exa" = import ./programs/exa inputs; 21 - "programs/nixpkgs" = import ./programs/nixpkgs inputs; 22 - "programs/openshift" = import ./programs/openshift inputs; 23 - "programs/p10k" = import ./programs/p10k inputs; 16 + "services/insync" = ./services/insync; 17 + "services/rustic" = ./services/rustic; 24 18 25 - "services/insync" = import ./services/insync inputs; 26 - "services/restic" = import ./services/restic inputs; 27 - "services/rustic" = import ./services/rustic inputs; 28 - 29 - "misc/awesome" = import ./misc/awesome inputs; 30 - "misc/home" = import ./misc/home inputs; 31 - "misc/rofi" = import ./misc/rofi inputs; 19 + "misc/awesome" = ./misc/awesome; 20 + "misc/home" = ./misc/home; 21 + "misc/rofi" = ./misc/rofi; 22 + }; 32 23 }

-17

home/modules/languages/default.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - langsEnabler = let 7 - reducer = l: r: {"${r}".enable = true;} // l; 8 - in 9 - builtins.foldl' reducer {} config.enabledLanguages; 10 - in { 11 - options.enabledLanguages = lib.mkOption { 12 - default = []; 13 - type = lib.types.listOf lib.types.str; 14 - }; 15 - 16 - config = {languages = langsEnabler;}; 17 - }

-37

home/modules/languages/nix/default.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - pkgs, 5 - ... 6 - }: let 7 - cfg = config.languages.nix; 8 - 9 - # rnixLsp = rnix-lsp.defaultPackage.x86_64-linux; 10 - rnixLsp = pkgs.rnix-lsp; 11 - in { 12 - options.languages.nix = { 13 - enable = lib.mkEnableOption "Enable support for the nix language"; 14 - }; 15 - 16 - config = lib.mkIf cfg.enable { 17 - programs.emacs.extraPackages = ep: [ep.lsp-mode ep.nix-mode ep.flycheck]; 18 - 19 - programs.emacs.extraInit = '' 20 - (require 'lsp-mode) 21 - 22 - ;; make lsp-mode aware of nix 23 - (add-to-list 'lsp-language-id-configuration '(nix-mode . "nix")) 24 - (lsp-register-client 25 - (make-lsp-client :new-connection (lsp-stdio-connection '("${rnixLsp}/bin/rnix-lsp")) 26 - :major-modes '(nix-mode) 27 - :server-id 'nix)) 28 - 29 - (add-hook 'nix-mode-hook 30 - (lambda () 31 - (lsp) 32 - (subword-mode) 33 - (company-mode) 34 - (flycheck-mode))) 35 - ''; 36 - }; 37 - }

+10 -10

home/modules/misc/awesome/default.nix

··· 1 - { 2 - self, 3 - nixpkgs-bls, 4 - ... 5 - }: { 1 + {self, ...}: { 6 2 config, 7 3 lib, 8 4 pkgs, ··· 10 6 }: let 11 7 cfg = config.xsession.windowManager.awesome; 12 8 13 - bls = lib.getExe (nixpkgs-bls.legacyPackages.${pkgs.system}.betterlockscreen.override {withDunst = false;}); 9 + flameshot = lib.getExe pkgs.flameshot; 10 + 11 + bls = lib.getExe (pkgs.betterlockscreen.override {withDunst = false;}); 14 12 scrot = lib.getExe pkgs.scrot; 15 13 16 14 locker = pkgs.writeShellScript "betterlockscreen-with-screenshot" '' ··· 84 82 options.xsession.windowManager.awesome = { 85 83 terminalEmulator = lib.mkOption { 86 84 type = lib.types.str; 87 - default = "${pkgs.konsole}/bin/konsole"; 85 + default = "${lib.getExe pkgs.wezterm}"; 88 86 }; 89 87 90 88 lockCommand = lib.mkOption { ··· 435 433 awful.key({ modkey }, "r", function () awful.screen.focused().mypromptbox:run() end, 436 434 {description = "run prompt", group = "launcher"}), 437 435 438 - awful.key({ modkey }, "d", function () awful.util.spawn('${cfg.launcher}') end, {description = "open launcher", group = "launcher"}), 436 + awful.key({ modkey }, "d", function () awful.util.spawn('${cfg.launcher}') end, {description = "open launcher", group = "launcher"}), 439 437 awful.key({ modkey }, "w", function () awful.util.spawn('${cfg.windowSwitcher}') end, {description = "open window selecter", group = "launcher"}), 440 - awful.key({ modkey }, "e", function () awful.util.spawn('${cfg.emojiPicker}') end, {description = "open emoji picker", group = "launcher"}), 441 - awful.key({ modkey }, "y", function () awful.util.spawn('${cfg.lockCommand}') end, {description = "lock screen", group = "client"}), 438 + awful.key({ modkey, "Shift" }, "e", function () awful.util.spawn('${cfg.emojiPicker}') end, {description = "open emoji picker", group = "launcher"}), 439 + 440 + awful.key({ modkey }, "y", function () awful.util.spawn('${cfg.lockCommand}') end, {description = "lock screen", group = "client" }), 441 + awful.key({ modkey }, "b", function () awful.util.spawn('${flameshot} gui') end, {description = "create screenshot", group = "client" }), 442 442 443 443 awful.key({ modkey }, "x", 444 444 function ()

+5 -12

home/modules/misc/home/default.nix

··· 1 - { 2 - nixpkgs-2211, 3 - unstable, 4 - self, 5 - ... 6 - }: { 1 + {self, ...}: { 7 2 config, 8 3 pkgs, 9 4 lib, ··· 25 20 26 21 packages = let 27 22 p = pkgs; 28 - s = self'; 29 23 in [ 30 24 p.cachix 31 - p.element-desktop 32 25 p.exercism 33 - p.nixpkgs-review 34 26 p.tmate 35 - s."dracula/konsole" 27 + 28 + # There is a conflict with the ZSH completion plugin, installed by default 29 + # therefore we need to override here 30 + (lib.setPrio 0 p.nixpkgs-review) 36 31 37 32 p.fira-code 38 33 p.cascadia-code ··· 44 39 exec ${p.timewarrior}/bin/timew "$@" 45 40 '') 46 41 ]; 47 - 48 - stateVersion = "20.09"; 49 42 }; 50 43 }

+2 -2

home/modules/misc/rofi/common.rasi

··· 1 1 configuration { 2 - font: "Cascadia Mono PL 20"; 3 - terminal: "konsole"; 2 + font: "Departure Mono 22"; 3 + terminal: "@TERMINAL@"; 4 4 fixed-num-lines: false; 5 5 show-icons: true; 6 6 drun-show-actions: false;

+23 -15

home/modules/misc/rofi/default.nix

··· 1 1 {self, ...}: { 2 2 pkgs, 3 3 lib, 4 + npins, 4 5 ... 5 6 }: let 6 7 self' = self.packages.x86_64-linux; 7 8 8 - launcherConfig = pkgs.writeText "launcher-config" '' 9 - configuration { 10 - modes: "drun#run#ssh"; 11 - } 12 - @import "${./common.rasi}" 9 + common_rasi = pkgs.runCommandNoCC "common.rasi" {preferLocalBuild = true;} '' 10 + substitute ${./common.rasi} $out \ 11 + --subst-var-by TERMINAL ${lib.getExe pkgs.wezterm} 13 12 ''; 14 13 15 - windowSwitcherConfig = pkgs.writeText "window-switcher-config" '' 16 - configuration { 17 - modes: "window"; 18 - } 19 - @import "${./common.rasi}" 14 + catppuccin = pkgs.runCommandNoCC "catppuccin.rasi" {preferLocalBuild = true;} '' 15 + substitute ${npins.catppuccin-rofi}/catppuccin-default.rasi $out \ 16 + --replace-fail '"catppuccin-mocha"' '"${npins.catppuccin-rofi}/themes/catppuccin-mocha.rasi"' 20 17 ''; 21 18 22 - emojiConfig = pkgs.writeText "window-switcher-config" '' 23 - configuration { 24 - modes: "emoji#unicode:${self'."rofi/unicode"}/bin/rofiunicode.sh"; 25 - } 26 - @import "${./common.rasi}" 19 + writeConfig = name: body: 20 + pkgs.writeText name 21 + # rasi 22 + '' 23 + configuration { 24 + ${body} 25 + } 26 + @theme "${catppuccin}" 27 + @import "${common_rasi}" 28 + ''; 29 + 30 + windowSwitcherConfig = writeConfig "window-switcher-config" ''modes: "window";''; 31 + emojiConfig = writeConfig "emoji-config" ''modes: "emoji#unicode:${self'."rofi/unicode"}/bin/rofiunicode.sh";''; 32 + launcherConfig = writeConfig "launcher-config" '' 33 + modes: "drun#run#ssh"; 34 + ssh-command: "{terminal} ssh {host}"; 27 35 ''; 28 36 29 37 wrapper = rofi: config:

+11

home/modules/profiles/base/colums-fix.patch

··· 1 + --- a/fzf-tab.zsh 2 + +++ b/fzf-tab.zsh 3 + @@ -102,7 +102,7 @@ builtin unalias -m '[^+]*' 4 + 5 + # must run with user options; don't move `emulate -L zsh` above this line 6 + (( $+builtins[fzf-tab-compcap-generate] )) && fzf-tab-compcap-generate -i 7 + - COLUMNS=500 _ftb__main_complete "$@" || ret=$? 8 + + _ftb__main_complete "$@" || ret=$? 9 + (( $+builtins[fzf-tab-compcap-generate] )) && fzf-tab-compcap-generate -o 10 + 11 + emulate -L zsh -o extended_glob

+94 -24

home/modules/profiles/base/default.nix

··· 1 - {self, ...}: { 1 + { 2 + self, 3 + nix, 4 + nvim, 5 + nix-gl, 6 + ... 7 + }: { 2 8 config, 3 9 lib, 4 10 pkgs, ··· 7 13 }: let 8 14 cfg = config.profiles.base; 9 15 10 - inherit (self.packages.${pkgs.system}) emacs; 11 16 inherit (lib.hm) dag; 12 17 13 18 # TODO: make these a bit more nice, so that repeating the hosts and individual config isn't necessary. ··· 26 31 cp $src $out/_nix 27 32 ''; 28 33 }; 34 + 35 + fzf-tab = pkgs.stdenv.mkDerivation { 36 + pname = "fzf-tab"; 37 + version = "0-unstable-${npins.fzf-tab.revision}"; 38 + 39 + src = npins.fzf-tab; 40 + 41 + # we need this patch due to a bug between fzf-tab and p10k: 42 + # https://github.com/Aloxaf/fzf-tab/issues/176 43 + patches = [./colums-fix.patch]; 44 + 45 + installPhase = '' 46 + mkdir -p $out 47 + cp -rv . $out 48 + ''; 49 + }; 29 50 in { 30 51 options.profiles.base = { 31 52 enable = lib.mkEnableOption "The base profile, should be always enabled"; 53 + 54 + needsGL = lib.mkEnableOption "nix-gl wrappers"; 32 55 }; 33 56 34 57 config = lib.mkIf cfg.enable { 58 + sops.secrets.nix-community = { 59 + path = "${config.home.homeDirectory}/.ssh/nix-community"; 60 + mode = "0400"; 61 + sopsFile = "${self}/secrets/users/nmelzer/nix-community"; 62 + format = "binary"; 63 + }; 64 + 65 + programs.rbw.enable = true; 66 + 35 67 manual.manpages.enable = false; 36 68 37 69 services.vscode-server.enable = lib.mkDefault pkgs.stdenv.isLinux; 38 70 39 - home.sessionVariables = rec { 40 - EDITOR = "emacs -nw"; 41 - VISUAL = "emacs"; 42 - GIT_EDITOR = EDITOR; 71 + home.sessionVariables = { 72 + EDITOR = "nvim"; 43 73 }; 44 74 45 75 gtk.enable = true; 46 - gtk.theme.package = pkgs.gnome.gnome-themes-extra; 76 + gtk.theme.package = pkgs.gnome-themes-extra; 47 77 gtk.theme.name = "Adwaita-dark"; 48 78 79 + services.pueue.enable = true; 80 + 49 81 home.keyboard.layout = "de"; 50 82 home.packages = let 51 83 optisave = ··· 69 101 | sed -E 's/([0-9])([A-Za-z])/\1 \2/')" \ 70 102 "$(numfmt --to=none --format="%'f" ''${saved})" 71 103 ''; 104 + neovide = 105 + if cfg.needsGL 106 + then 107 + pkgs.writeShellScriptBin nvim.packages.x86_64-linux.neovide.meta.mainProgram '' 108 + exec ${lib.getExe nix-gl.packages.x86_64-linux.nixGLIntel} ${lib.getExe nvim.packages.x86_64-linux.neovide} "$@" 109 + '' 110 + else nvim.packages.x86_64-linux.neovide; 72 111 in 73 - [optisave pkgs.hydra-check] ++ lib.optionals pkgs.stdenv.isLinux [pkgs.dconf]; 112 + lib.mkMerge [ 113 + [optisave pkgs.departure-mono pkgs.hydra-check nvim.packages.x86_64-linux.neovim neovide] 114 + (lib.mkIf pkgs.stdenv.isLinux [pkgs.dconf]) 115 + ]; 74 116 75 117 # dconf.enable = lib.mkMerge [ 76 118 # (lib.mkIf pkgs.stdenv.isLinux true) ··· 87 129 88 130 programs = { 89 131 advancedCopy.enable = true; 90 - bat.enable = true; 91 132 direnv.enable = true; 92 133 direnv.nix-direnv.enable = true; 93 - exa.enable = true; 134 + direnv.nix-direnv.package = pkgs.nix-direnv.override {nix = nix.packages.${pkgs.system}.default;}; 135 + eza.enable = true; 94 136 fzf.enable = true; 95 137 home-manager.enable = true; 96 138 htop.enable = true; 97 139 jq.enable = true; 98 140 p10k.enable = true; 141 + zoxide.enable = true; 142 + 143 + bat = { 144 + enable = true; 145 + 146 + config.theme = "mocha"; 147 + 148 + themes.mocha = { 149 + src = npins.catppuccin-bat; 150 + file = "themes/Catppuccin Mocha.tmTheme"; 151 + }; 152 + }; 99 153 100 154 ssh = { 101 155 enable = true; ··· 108 162 user = "nmelzer"; 109 163 }; 110 164 165 + "build-box.nix-community.org" = { 166 + identityFile = config.sops.secrets.nix-community.path; 167 + user = "nobbz"; 168 + }; 169 + 170 + "aarch64-build-box.nix-community.org" = { 171 + identityFile = config.sops.secrets.nix-community.path; 172 + user = "nobbz"; 173 + }; 174 + 111 175 "ryzen-ubuntu.adoring_suess.zerotier" = { 112 176 hostname = "172.24.237.73"; 113 177 }; ··· 135 199 identityFile = "~/.ssh/github"; 136 200 }; 137 201 }; 138 - }; 139 - 140 - emacs = { 141 - enable = true; 142 - package = emacs; 143 202 }; 144 203 145 204 tmux = { ··· 147 206 148 207 clock24 = true; 149 208 historyLimit = 10000; 150 - terminal = "screen-256color"; 209 + terminal = "tmux-256color"; 210 + 211 + plugins = [ 212 + { 213 + plugin = pkgs.tmuxPlugins.catppuccin; 214 + extraConfig = '' 215 + set -g @catppuccin_flavor "mocha" 216 + set -g @catppuccin_window_status_style "rounded" 217 + ''; 218 + } 219 + ]; 220 + 221 + extraConfig = '' 222 + set -ag terminal-overrides ",xterm-256color:RGB" 223 + ''; 151 224 }; 152 225 153 226 zsh = { 154 227 enable = true; 155 228 156 229 enableCompletion = true; 157 - enableAutosuggestions = true; 230 + autosuggestion.enable = true; 158 231 159 232 autocd = true; 160 233 ··· 165 238 plugins = [ 166 239 { 167 240 name = "fzf-tab"; 168 - src = npins.fzf-tab; 241 + src = fzf-tab; 169 242 } 170 243 { 171 244 name = "nix-zsh-complete.zsh"; ··· 178 251 } 179 252 ]; 180 253 181 - initExtra = '' 254 + initContent = '' 182 255 bindkey "^[[1;5D" backward-word 183 256 bindkey "^[[1;5C" forward-word 184 257 ··· 186 259 ''; 187 260 188 261 sessionVariables = { 189 - # NIX_PATH = builtins.concatStringsSep ":" [ 190 - # "nixpkgs=${inputs.nixpkgs}" 191 - # "nixos-config=/etc/nixos/configuration.nix" 192 - # "/nix/var/nix/profiles/per-user/root/channels" 193 - # ]; 262 + PROMPT_EOL_MARK = "%F{243}¶%f"; 194 263 }; 195 264 196 265 shellAliases.fixstore = "sudo nix-store --verify --check-contents --repair"; 266 + shellAliases.pq = "pueue"; 197 267 }; 198 268 }; 199 269 };

+4 -1

home/modules/profiles/default.nix

··· 8 8 in 9 9 builtins.foldl' reducer {} config.activeProfiles; 10 10 in { 11 - options.activeProfiles = lib.mkOption {type = lib.types.listOf lib.types.str;}; 11 + options.activeProfiles = lib.mkOption { 12 + type = lib.types.listOf lib.types.str; 13 + default = []; 14 + }; 12 15 13 16 config.profiles = profileEnabler; 14 17 }

+27 -12

home/modules/profiles/development/default.nix

··· 13 13 }; 14 14 15 15 config = lib.mkIf cfg.enable { 16 - programs.emacs = { 17 - extraPackages = ep: [ep.magit]; 18 - extraInit = '' 19 - ;; prepare magit use from shell 20 - (require 'magit) 21 - (global-git-commit-mode) 16 + programs.jujutsu = { 17 + enable = true; 18 + settings = { 19 + user = { 20 + name = config.programs.git.userName; 21 + email = config.programs.git.userEmail; 22 + }; 22 23 23 - ;; let magit autorefresh on file save within emacs 24 - (add-hook 'after-save-hook 'magit-after-save-refresh-status t) 25 - ''; 24 + ui.diff.tool = [config.programs.git.extraConfig.diff.external "$left" "$right"]; 25 + }; 26 26 }; 27 27 28 28 programs.gh.enable = true; ··· 38 38 inputs = builtins.attrValues {inherit (pkgs) git fzf ripgrep;}; 39 39 interpreter = "${pkgs.bash}/bin/bash"; 40 40 execer = ["cannot:${pkgs.git}/bin/git" "cannot:${pkgs.fzf}/bin/fzf"]; 41 - } '' 41 + } 42 + # bash 43 + '' 42 44 git log --graph --color=always --format="%C(auto)%h%d %s0x09%C(white)%C(bold)%cr" "$@" | 43 45 fzf --ansi --no-sort --reverse --tiebreak=index \ 44 46 --bind=ctrl-s:toggle-sort \ ··· 51 53 inputs = builtins.attrValues {inherit (pkgs) git fzf coreutils gawk;}; 52 54 interpreter = "${pkgs.bash}/bin/bash"; 53 55 execer = ["cannot:${pkgs.git}/bin/git" "cannot:${pkgs.fzf}/bin/fzf"]; 54 - } '' 56 + } 57 + # bash 58 + '' 55 59 # Function to determine the ref type 56 60 function get_ref_type() { 57 61 local ref="$1" ··· 123 127 graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold cyan)%h%C(reset) - %C(green)(%ar)%C(reset)%C(bold yellow)%d%C(reset)%n %C(white)%s%C(reset) %C(dim white)- %an%C(reset)' --all"; 124 128 pl = "pull"; 125 129 ps = "push"; 130 + psf = "push --force-with-lease"; 126 131 root = "rev-parse --show-toplevel"; 127 132 st = "status"; 128 133 sw = "!${gitSwitchFzf}"; ··· 130 135 hopbase = ''!f() { set -o nounset; tag=$(git describe --abbrev=0 --tag "$1") && git rebase -i "''${tag}"; }; f''; 131 136 comfix = "!${mkFixupAlias "fixup"}"; 132 137 comreb = "!${mkFixupAlias "rebase"}"; 138 + show = "show --ext-diff"; 139 + lp = "log -p --ext-diff"; 133 140 }; 134 141 135 142 extraConfig = { 136 143 init.defaultBranch = "main"; 144 + diff.external = lib.getExe pkgs.difftastic; 137 145 pull.rebase = false; 146 + rerere.enabled = true; 138 147 }; 139 148 140 149 ignores = [ ··· 168 177 user.email = "norbert.melzer@cloudseeds.de"; 169 178 }; 170 179 } 180 + { 181 + condition = "gitdir:~/Projects/BravoBike/**"; 182 + contents = { 183 + user.email = "norbert.melzer@bravobike.de"; 184 + }; 185 + } 171 186 ]; 172 187 }; 173 188 174 - home.packages = [pkgs.ripgrep]; 189 + home.packages = [pkgs.ripgrep pkgs.difftastic]; 175 190 }; 176 191 }

-31

home/modules/programs/emacs/beacon.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - cfg = config.programs.emacs.packages.beacon; 7 - in { 8 - options.programs.emacs.packages.beacon = { 9 - enable = lib.mkOption { 10 - type = lib.types.bool; 11 - default = true; 12 - description = '' 13 - Enable `beacon' for emacs. 14 - ''; 15 - }; 16 - }; 17 - 18 - config = lib.mkIf cfg.enable { 19 - programs.emacs.localPackages."init-beacon" = { 20 - tag = "Setup beacon"; 21 - comments = []; 22 - requires = []; 23 - code = '' 24 - ;; enable the beacon minor mode globally. 25 - (beacon-mode 1) 26 - ''; 27 - }; 28 - 29 - programs.emacs.extraPackages = ep: [ep.beacon]; 30 - }; 31 - }

-38

home/modules/programs/emacs/company.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - # emacs = config.programs.emacs; 7 - inherit (config.programs) emacs; 8 - in { 9 - config = lib.mkIf emacs.enable { 10 - programs.emacs.extraPackages = ep: [ep.company]; 11 - 12 - programs.emacs.localPackages."init-company" = { 13 - tag = "Setup and initialise company"; 14 - comments = []; 15 - requires = []; 16 - code = '' 17 - ;; company 18 - (setq tab-always-indent 'complete) 19 - (add-to-list 'completion-styles 'initials t) 20 - 21 - ;; (eval-when-compile (require 'company)) 22 - 23 - (add-hook 'after-init-hook 'global-company-mode) 24 - (with-eval-after-load 'company 25 - 26 - ;; (diminish 'company-mode "CMP") 27 - (define-key company-mode-map (kbd "M-+") '("complete" . 'company-complete)) 28 - (define-key company-active-map (kbd "M-+") '("change backend" . 'company-other-backend)) 29 - (define-key company-active-map (kbd "C-n") '("next" . 'company-select-next)) 30 - (define-key company-active-map (kbd "C-p") '("previous" . 'company-select-previous)) 31 - (setq-default company-dabbrev-other-buffers 'all 32 - company-tooltip-align-annotations t 33 - company-minimum-prefix-length 1 34 - company-idle-delay 0.05)) 35 - ''; 36 - }; 37 - }; 38 - }

-179

home/modules/programs/emacs/default.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - pkgs, 5 - ... 6 - }: let 7 - emacsEnabled = config.programs.emacs.enable; 8 - cfg = config.programs.emacs; 9 - 10 - bool2Lisp = b: 11 - if b 12 - then "t" 13 - else "nil"; 14 - 15 - confPackages = let 16 - fileContent = 17 - lib.attrsets.mapAttrs' 18 - (k: v: { 19 - name = "${k}"; 20 - value = { 21 - ep = v.packageRequires; 22 - src = 23 - config.lib.emacs.generatePackage k v.tag v.comments v.requires 24 - v.code; 25 - }; 26 - }) 27 - cfg.localPackages; 28 - derivations = 29 - lib.attrsets.mapAttrs 30 - (k: v: { 31 - # ep = v.ep; 32 - inherit (v) ep; 33 - src = pkgs.writeText "${k}.el" v.src; 34 - }) 35 - fileContent; 36 - in 37 - derivations; 38 - 39 - lispRequires = let 40 - names = lib.attrsets.mapAttrsToList (n: _: n) cfg.localPackages; 41 - sorted = builtins.sort (l: r: l < r) names; 42 - required = builtins.map (r: "(require '${r})") sorted; 43 - in 44 - builtins.concatStringsSep "\n" required; 45 - in { 46 - options.programs.emacs = { 47 - splashScreen = lib.mkOption { 48 - type = lib.types.bool; 49 - default = true; 50 - example = false; 51 - description = '' 52 - Enable the startup screen. 53 - ''; 54 - }; 55 - 56 - localPackages = lib.mkOption { 57 - type = lib.types.attrsOf (lib.types.submodule (_: { 58 - options = { 59 - tag = lib.mkOption {type = lib.types.str;}; 60 - comments = lib.mkOption {type = lib.types.listOf lib.types.str;}; 61 - requires = lib.mkOption {type = lib.types.listOf lib.types.str;}; 62 - code = lib.mkOption {type = lib.types.str;}; 63 - packageRequires = lib.mkOption { 64 - type = lib.types.unspecified; 65 - default = _: []; 66 - }; 67 - }; 68 - })); 69 - }; 70 - 71 - extraInit = lib.mkOption { 72 - type = lib.types.lines; 73 - default = ""; 74 - description = '' 75 - Extra preferences to add to <filename>init.el</filename>. 76 - ''; 77 - }; 78 - 79 - module = lib.mkOption { 80 - description = "Attribute set of modules to link into emacs configuration"; 81 - default = {}; 82 - }; 83 - }; 84 - 85 - config = lib.mkIf emacsEnabled { 86 - programs.emacs.extraInit = '' 87 - ;; adjust the load-path to find further down required files 88 - (add-to-list 'load-path 89 - (expand-file-name "lisp" user-emacs-directory)) 90 - 91 - (fset 'yes-or-no-p 'y-or-n-p) 92 - 93 - ;; Move backups and autosaves out of the way 94 - (setq backup-directory-alist 95 - `((".*" . ,temporary-file-directory))) 96 - (setq auto-save-file-name-transforms 97 - `((".*" ,temporary-file-directory))) 98 - 99 - ;; use a dark theme 100 - (load-theme 'dracula t) 101 - 102 - ;; Set a font 103 - (add-to-list 'default-frame-alist 104 - '(font . "Cascadia Code PL-10")) 105 - 106 - ;; require all those local packages 107 - ${lispRequires} 108 - (require 'pest-mode) 109 - (add-to-list #'auto-mode-alist '("\\.pest\\'" . pest-mode)) 110 - 111 - (global-auto-revert-mode) 112 - (global-whitespace-mode) 113 - (global-linum-mode) 114 - 115 - (setq-default indent-tabs-mode nil) 116 - (setq-default tab-width 2) 117 - (setq-default whitespace-style 118 - '(face 119 - tabs 120 - spaces 121 - trailing 122 - lines-tail 123 - newline 124 - missing-newline-at-eof 125 - space-before-tab 126 - indentation 127 - empty 128 - space-after-tab 129 - space-mark 130 - tab-mark 131 - newline-mark)) 132 - 133 - ;; set splash screen 134 - (setq inhibit-startup-screen ${bool2Lisp (!cfg.splashScreen)}) 135 - ''; 136 - 137 - programs.emacs.extraPackages = ep: 138 - [ 139 - ep.company-go 140 - ep.dracula-theme 141 - ep.docker-compose-mode 142 - ep.dockerfile-mode 143 - ep.go-mode 144 - ep.markdown-mode 145 - ep.yaml-mode 146 - ep.adoc-mode 147 - ep.k8s-mode 148 - ep.buttercup 149 - ep.adoc-mode 150 - ep.hledger-mode 151 - ep.typescript-mode 152 - ep.earthfile-mode 153 - ep.ledger-mode 154 - ep.pest-mode 155 - 156 - # ep.bazel-mode 157 - 158 - # (ep.trivialBuild { pname = "configuration"; src = confPackages; }) 159 - ] 160 - ++ lib.attrsets.mapAttrsToList 161 - (pname: v: 162 - ep.trivialBuild { 163 - inherit pname; 164 - inherit (v) src; 165 - # src = v.src; 166 - packageRequires = v.ep ep; 167 - }) 168 - confPackages; 169 - 170 - home.file = { 171 - ".emacs.d/init.el" = { 172 - text = 173 - config.lib.emacs.generatePackage "init" 174 - "Initialises emacs configuration" [] [] 175 - cfg.extraInit; 176 - }; 177 - }; 178 - }; 179 - }

-33

home/modules/programs/emacs/helm.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - emacsCfg = config.programs.emacs; 7 - in { 8 - config = lib.mkIf emacsCfg.enable { 9 - programs.emacs = { 10 - localPackages."init-helm" = { 11 - tag = "Setup helm"; 12 - comments = []; 13 - requires = ["helm"]; 14 - packageRequires = ep: [ep.helm ep.helm-rg]; 15 - code = '' 16 - ;; enable and configure auto resize 17 - (helm-autoresize-mode t) 18 - (setq-default 19 - helm-autoresize-max-height 20 ; take at most 20% of the screen 20 - helm-autoresize-min-height 1) ; get as small as necessary 21 - 22 - ;; set up key bindings 23 - (global-set-key (kbd "M-x") 'helm-M-x) 24 - (global-set-key (kbd "C-x C-f") 'helm-find-files) 25 - (global-set-key (kbd "C-x C-b") 'helm-buffers-list) 26 - 27 - ;; enable helm 28 - (helm-mode t) 29 - ''; 30 - }; 31 - }; 32 - }; 33 - }

-60

home/modules/programs/emacs/lib.nix

··· 1 - _: let 2 - generatePackage = { 3 - name, 4 - tagLine, 5 - commentLines, 6 - requireList, 7 - code, 8 - }: let 9 - prelude = generatePrelude {inherit name tagLine commentLines;}; 10 - requires = generateRequires requireList; 11 - postlude = generatePostlude name; 12 - in '' 13 - ${prelude} 14 - 15 - ${requires} 16 - 17 - ${code} 18 - 19 - ${postlude} 20 - ''; 21 - 22 - generatePrelude = { 23 - name, 24 - tagLine, 25 - commentLines, 26 - }: let 27 - generated = "This file is generated! DO NOT CHANGE!"; 28 - comments = 29 - builtins.concatStringsSep "\n" 30 - (builtins.map (l: 31 - if l == "" 32 - then "" 33 - else ";; ${l}") 34 - ([generated] ++ commentLines)); 35 - in '' 36 - ;;; ${name} --- ${tagLine} 37 - 38 - ;;; Commentary: 39 - 40 - ${comments} 41 - 42 - ;;; Code: 43 - ''; 44 - 45 - generatePostlude = name: '' 46 - (provide '${name}) 47 - ;;; ${name}.el ends here 48 - ''; 49 - 50 - generateRequires = list: let 51 - sorted = builtins.sort (l: r: l < r) list; 52 - required = builtins.map (r: "(require '${r})") sorted; 53 - in 54 - builtins.concatStringsSep "\n" required; 55 - in { 56 - config.lib.emacs.generatePackage = name: tagLine: commentLines: requireList: code: 57 - generatePackage { 58 - inherit name code tagLine commentLines requireList; 59 - }; 60 - }

-65

home/modules/programs/emacs/lsp.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - cfg = config.programs.emacs.lsp-mode; 7 - 8 - mode-hooks = with lib; let 9 - sorted = builtins.sort (l: r: l < r) cfg.languages; 10 - uni = unique sorted; 11 - hooks = builtins.map (l: "'${l}-mode-hook") uni; 12 - add-hooks = builtins.map (h: "(add-hook ${h} #'lsp)") hooks; 13 - in 14 - builtins.concatStringsSep "\n" add-hooks; 15 - in { 16 - options.programs.emacs.lsp-mode = { 17 - enable = lib.mkEnableOption "Enables and installs lsp-mode"; 18 - 19 - languages = lib.mkOption { 20 - type = lib.types.listOf lib.types.str; 21 - default = []; 22 - description = '' 23 - The prefixes of the prog-mode that shall be handled through lsp-mode. 24 - ''; 25 - example = ["erlang"]; 26 - }; 27 - }; 28 - 29 - config = lib.mkIf cfg.enable { 30 - programs.emacs = { 31 - localPackages."init-lsp" = { 32 - tag = "Setup and prepare the LSP mode"; 33 - comments = []; 34 - requires = ["lsp-mode"]; 35 - packageRequires = ep: [ 36 - # ep.company-lsp 37 - ep.helm-lsp 38 - ep.lsp-mode 39 - ep.lsp-origami 40 - ep.lsp-ui 41 - ep.yasnippet 42 - ]; 43 - code = '' 44 - (yas-global-mode t) 45 - 46 - (setq lsp-log-io t) 47 - (setq lsp-ui-sideline-enable t) 48 - (setq lsp-ui-doc-enable t) 49 - (setq lsp-ui-doc-position 'bottom) 50 - 51 - (eval-after-load 'company 52 - '(push 'company-lsp company-backend)) 53 - 54 - (dolist (match 55 - '("[/\\\\].direnv$" 56 - "[/\\\\]node_modules$" 57 - "/nix/store")) 58 - (add-to-list 'lsp-file-watch-ignored match)) 59 - 60 - ${mode-hooks} 61 - ''; 62 - }; 63 - }; 64 - }; 65 - }

-34

home/modules/programs/emacs/polymode/default.nix

··· 1 - { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - inherit (config.programs) emacs; 7 - in { 8 - config = lib.mkIf emacs.enable { 9 - programs.emacs.extraPackages = ep: [ep.polymode]; 10 - 11 - programs.emacs.localPackages."init-polymode" = { 12 - tag = "Setup and initialise polymode"; 13 - comments = []; 14 - requires = []; 15 - code = '' 16 - ;; polymode 17 - (add-to-list 'auto-mode-alist '("\\.nix$" . poly-nix-mode)) 18 - 19 - (define-hostmode poly-nix-hostmode :mode 'nix-mode) 20 - 21 - (define-innermode poly-elisp-expr-nix-innermode 22 - :mode 'emacs-lisp-mode 23 - :head-matcher (cons "'''\n\$ *;;.*\n\$" 1) 24 - :tail-matcher " *''';$" 25 - :head-mode 'body 26 - :tail-mode 'host) 27 - 28 - (define-polymode poly-nix-mode 29 - :hostmode 'poly-nix-hostmode 30 - :innermodes '(poly-elisp-expr-nix-innermode)) 31 - ''; 32 - }; 33 - }; 34 - }

-25

home/modules/programs/emacs/projectile.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - emacsCfg = config.programs.emacs; 7 - in { 8 - config = lib.mkIf emacsCfg.enable { 9 - programs.emacs = { 10 - localPackages."init-projectile" = { 11 - tag = "Setup projectile"; 12 - comments = []; 13 - requires = ["projectile" "helm-projectile" "tramp"]; 14 - packageRequires = ep: [ep.projectile ep.helm-projectile]; 15 - code = '' 16 - ;; enable projectile 17 - (projectile-mode t) 18 - (helm-projectile-on) 19 - 20 - (define-key projectile-mode-map (kbd "C-c p") 'projectile-command-map) 21 - ''; 22 - }; 23 - }; 24 - }; 25 - }

-31

home/modules/programs/emacs/telephoneline.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: let 6 - ecfg = config.programs.emacs; 7 - in { 8 - config = lib.mkIf ecfg.enable { 9 - programs.emacs.localPackages."init-telephoneline" = { 10 - tag = "Setup telephone line"; 11 - comments = []; 12 - requires = []; 13 - code = '' 14 - ;; set up telephone line 15 - (setq-default 16 - telephone-line-lhs '((accent . (telephone-line-vc-segment 17 - telephone-line-erc-modified-channels-segment 18 - telephone-line-process-segment)) 19 - (nil . (telephone-line-minor-mode-segment 20 - telephone-line-buffer-segment))) 21 - telephone-line-rhs '((nil . (telephone-line-misc-info-segment)) 22 - (accent . (telephone-line-major-mode-segment)) 23 - (accent . (telephone-line-airline-position-segment)))) 24 - 25 - (telephone-line-mode t) 26 - ''; 27 - }; 28 - 29 - programs.emacs.extraPackages = ep: [ep.telephone-line]; 30 - }; 31 - }

-72

home/modules/programs/emacs/whichkey/default.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: 6 - with lib; let 7 - cfg = config.programs.emacs.whichkey; 8 - enabled = config.programs.emacs.enable; 9 - 10 - keyReplacementType = types.listOf (types.submodule (_: { 11 - options = { 12 - keys = lib.mkOption { 13 - type = types.str; 14 - description = '' 15 - Keys that shall get a description. 16 - ''; 17 - }; 18 - replace = lib.mkOption { 19 - type = types.str; 20 - description = '' 21 - Human readable description for the keycombination 22 - ''; 23 - }; 24 - }; 25 - })); 26 - 27 - replacements = 28 - lib.concatStringsSep "\n " 29 - (builtins.map ({ 30 - keys, 31 - replace, 32 - ... 33 - }: ''"${keys}" "${replace}"'') 34 - cfg.replacement); 35 - in { 36 - options.programs.emacs.whichkey = { 37 - replacement = lib.mkOption {type = keyReplacementType;}; 38 - }; 39 - 40 - config = lib.mkIf enabled { 41 - programs.emacs = { 42 - whichkey.replacement = [ 43 - { 44 - keys = "C-x C-f"; 45 - replace = "find file"; 46 - } 47 - { 48 - keys = "C-x C-s"; 49 - replace = "write file"; 50 - } 51 - { 52 - keys = "C-x C-c"; 53 - replace = "leave emacs"; 54 - } 55 - ]; 56 - extraPackages = ep: [ep.which-key]; 57 - localPackages."init-whichkey" = { 58 - tag = "Setup and initialise whichkey"; 59 - comments = []; 60 - requires = []; 61 - code = '' 62 - ;; which-key 63 - (which-key-mode t) 64 - (setq-default which-key-idle-delay 0.1) 65 - 66 - (which-key-add-key-based-replacements 67 - ${replacements}) 68 - ''; 69 - }; 70 - }; 71 - }; 72 - }

-16

home/modules/programs/exa/default.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - pkgs, 5 - ... 6 - }: let 7 - cfg = config.programs.exa; 8 - in { 9 - config = lib.mkIf cfg.enable { 10 - home.packages = [pkgs.exa]; 11 - 12 - programs.zsh.shellAliases = { 13 - ll = "exa --header --git --classify --long --binary --group --time-style=long-iso --links --all --all --group-directories-first --sort=name"; 14 - }; 15 - }; 16 - }

+16

home/modules/programs/eza/default.nix

··· 1 + _: { 2 + config, 3 + lib, 4 + pkgs, 5 + ... 6 + }: let 7 + cfg = config.programs.eza; 8 + in { 9 + config = lib.mkIf cfg.enable { 10 + programs.eza.package = pkgs.eza; 11 + programs.zsh.shellAliases = { 12 + ll = "eza --header --git --classify --long --binary --group --time-style=long-iso --links --all --all --group-directories-first --sort=name"; 13 + tree = "eza --tree"; 14 + }; 15 + }; 16 + }

+15

home/modules/programs/ghostty/default.nix

··· 1 + _: {pkgs, ...}: { 2 + xdg.configFile."ghostty/config".text = 3 + # toml 4 + '' 5 + font-family = "Departure Mono" 6 + 7 + ## uncomment once keybindings have been set to something I am familiar 8 + ## with. The bar contains the menu, which I need for splits for now… 9 + # gtk-titlebar = false 10 + 11 + theme = "catppuccin-mocha" 12 + ''; 13 + 14 + home.packages = [pkgs.ghostty]; 15 + }

+1 -1

home/modules/programs/nixpkgs/default.nix

··· 6 6 allowed = config.nixpkgs.allowedUnfree; 7 7 in { 8 8 options.nixpkgs.allowedUnfree = lib.mkOption { 9 - type = lib.types.listOf lib.types.string; 9 + type = lib.types.listOf lib.types.str; 10 10 default = []; 11 11 description = '' 12 12 Allows for unfree packages by their name.

-23

home/modules/programs/openshift/default.nix

··· 1 - _: { 2 - pkgs, 3 - lib, 4 - config, 5 - ... 6 - }: let 7 - cfg = config.programs.openshift; 8 - in { 9 - options.programs.openshift = { 10 - enable = lib.mkEnableOption "Tools to manage openshift instances"; 11 - }; 12 - 13 - config = lib.mkIf cfg.enable { 14 - home.packages = [pkgs.sops pkgs.openshift (lib.setPrio 0 pkgs.kubectl) pkgs.kubernetes-helm]; 15 - 16 - programs.zsh.initExtra = '' 17 - # Enable autocomplete for oc, kubectl and helm 18 - eval "$(${pkgs.openshift}/bin/oc completion zsh)" 19 - eval "$(${pkgs.kubectl}/bin/kubectl completion zsh)" 20 - eval "$(${pkgs.kubernetes-helm}/bin/helm completion zsh)" 21 - ''; 22 - }; 23 - }

+17

home/modules/programs/rbw/default.nix

··· 1 + _: { 2 + config, 3 + lib, 4 + pkgs, 5 + ... 6 + }: let 7 + cfg = config.programs.rbw; 8 + in { 9 + config = lib.mkIf cfg.enable { 10 + programs.rbw.settings = { 11 + inherit (pkgs) pinentry; 12 + 13 + email = "timmelzer@gmail.com"; 14 + base_url = "https://passwords.mimas.internal.nobbz.dev"; 15 + }; 16 + }; 17 + }

+60

home/modules/programs/wezterm/default.nix

··· 1 + _: { 2 + config, 3 + pkgs, 4 + ... 5 + }: { 6 + home.packages = [pkgs.wezterm]; 7 + 8 + xdg.configFile."wezterm/wezterm.lua".text = 9 + # lua 10 + '' 11 + -- Pull in the wezterm API 12 + local wezterm = require 'wezterm' 13 + 14 + -- This table will hold the configuration. 15 + local config = {} 16 + 17 + -- In newer versions of wezterm, use the config_builder which will 18 + -- help provide clearer error messages 19 + if wezterm.config_builder then 20 + config = wezterm.config_builder() 21 + end 22 + 23 + -- This is where you actually apply your config choices 24 + 25 + -- bells 26 + config.audible_bell = "Disabled" 27 + config.visual_bell = { 28 + fade_in_function = "EaseIn", 29 + fade_in_duration_ms = 150, 30 + fade_out_function = "EaseOut", 31 + fade_out_duration_ms = 150, 32 + } 33 + 34 + -- For example, changing the color scheme: 35 + config.color_scheme = "Catppuccin Mocha" 36 + 37 + -- show a scrollbar 38 + config.enable_scroll_bar = true 39 + 40 + -- forbid window size change on change of fontsize 41 + config.adjust_window_size_when_changing_font_size = false 42 + 43 + -- disable ligatures 44 + config.harfbuzz_features = { 'calt=0', 'clig=0', 'liga=0' } 45 + 46 + -- set the font 47 + config.font_dirs = { '${pkgs.departure-mono}/share/fonts/otf' } 48 + config.font_size = 11.0 * 1.25 49 + config.font = wezterm.font("Departure Mono") 50 + 51 + -- setting up keybindings 52 + config.keys = { 53 + -- The default is `C-Z` (so also pressing SHIFT), I prefer to not have SHIFT pressed 54 + { key = 'z', mods = 'CTRL', action = wezterm.action.TogglePaneZoomState, }, 55 + } 56 + 57 + -- and finally, return the configuration to wezterm 58 + return config 59 + ''; 60 + }

+1 -1

home/modules/services/insync/default.nix

··· 21 21 inherit (config.nixpkgs) config; 22 22 }; 23 23 in 24 - ipkgs.insync-v3; 24 + ipkgs.insync; 25 25 description = '' 26 26 The insync package to use. 27 27

-85

home/modules/services/restic/default.nix

··· 1 - {self, ...}: { 2 - config, 3 - lib, 4 - pkgs, 5 - self, 6 - ... 7 - }: let 8 - cfg = config.services.restic; 9 - 10 - bin = "${cfg.package}/bin/restic"; 11 - excludes = builtins.concatStringsSep " " (builtins.map (e: "--exclude=${e}") cfg.exclude); 12 - xFlags = lib.optionalString cfg.oneFileSystem "-x"; 13 - compressFlag = "--compression ${cfg.compression}"; 14 - flags = "${xFlags} ${compressFlag} ${excludes}"; 15 - 16 - command = "${bin} --tag home -vv backup ${flags} %h"; 17 - in { 18 - options.services.restic = { 19 - enable = lib.mkEnableOption "Restic Backup Tool"; 20 - 21 - package = lib.mkOption { 22 - type = lib.types.package; 23 - default = pkgs.restic; 24 - description = "Restic derivation to use"; 25 - }; 26 - 27 - exclude = lib.mkOption { 28 - type = lib.types.listOf lib.types.str; 29 - default = []; 30 - description = "Corresponds to `--exclude`. Use `%h` instead of `~`"; 31 - }; 32 - 33 - oneFileSystem = lib.mkOption { 34 - type = lib.types.bool; 35 - default = false; 36 - description = "If true, exclude other file systems, don't cross filesystem boundaries and subvolumes"; 37 - }; 38 - 39 - repo = lib.mkOption { 40 - type = lib.types.str; 41 - description = "Location of the repository"; 42 - }; 43 - 44 - compression = lib.mkOption { 45 - type = lib.types.enum ["off" "auto" "max"]; 46 - description = "The compression mode to use"; 47 - default = "auto"; 48 - }; 49 - 50 - # TODO: Add options for inlcude, password file, etc 51 - }; 52 - 53 - config = lib.mkIf cfg.enable { 54 - home.packages = [cfg.package]; 55 - 56 - systemd.user.services.restic-backup = { 57 - Unit = { 58 - Description = "Restic Backup Tool"; 59 - StartLimitIntervalSec = "25m"; 60 - StartLimitBurst = "4"; 61 - }; 62 - 63 - Service = { 64 - Environment = [ 65 - "PATH=${lib.makeBinPath [pkgs.openssh]}" 66 - "RESTIC_PASSWORD_FILE=%h/.config/restic/password" 67 - "RESTIC_REPOSITORY=${cfg.repo}" 68 - ]; 69 - Type = "oneshot"; 70 - ExecStart = command; 71 - Restart = "on-failure"; 72 - RestartSec = "2m"; 73 - }; 74 - }; 75 - 76 - systemd.user.timers.restic-backup = { 77 - Unit.Description = "Restic periodic backup"; 78 - Timer = { 79 - Unit = "restic-backup.service"; 80 - OnCalendar = "hourly"; 81 - }; 82 - Install.WantedBy = ["timers.target"]; 83 - }; 84 - }; 85 - }

+46

home/modules/services/rustic/default.nix

··· 18 18 flags = lib.concatStringsSep " " flagList; 19 19 20 20 command = "${bin} backup ${flags} %h"; 21 + 22 + profileModule = { 23 + name, 24 + config, 25 + ... 26 + }: { 27 + enable = lib.mkEnableOption name // {default = true;}; 28 + 29 + repo = lib.mkOption { 30 + type = lib.types.str; 31 + description = "Location of the repository"; 32 + }; 33 + 34 + globs = lib.mkOption { 35 + type = lib.types.listOf lib.types.str; 36 + default = []; 37 + description = "Patterns to apply to backup. Use a hardcoded prefix for the home directory"; 38 + }; 39 + 40 + oneFileSystem = lib.mkOption { 41 + type = lib.types.bool; 42 + default = false; 43 + description = "If true, exclude other file systems, don't cross filesystem boundaries and subvolumes"; 44 + }; 45 + 46 + passwordFile = lib.mkOption { 47 + type = lib.types.path; 48 + default = "${config.xdg.configHome}/rustic/password"; 49 + description = "Location of the password file"; 50 + }; 51 + 52 + source = lib.mkOption { 53 + type = lib.types.path; 54 + description = "Location of the base directory for the backup.Of "; 55 + }; 56 + 57 + settings = lib.mkOption { 58 + type = lib.types.attrsOf lib.types.any; 59 + description = "A nix representation of the profile settings which gets converted to a TOML file"; 60 + }; 61 + }; 21 62 in { 22 63 options.services.rustic = { 23 64 enable = lib.mkEnableOption "rustic"; ··· 49 90 type = lib.types.path; 50 91 default = "${config.xdg.configHome}/rustic/password"; 51 92 description = "Location of the password file"; 93 + }; 94 + 95 + profile = lib.mkOption { 96 + type = lib.types.attrsOf profileModule; 97 + description = "Specifies the backup profile to use and its settings"; 52 98 }; 53 99 }; 54 100

-1

nixos/configurations/bootloader/enceladeus.nix

··· 1 1 { 2 2 # Use the GRUB 2 boot loader. 3 3 boot.loader.grub.enable = true; 4 - boot.loader.grub.version = 2; 5 4 boot.loader.grub.useOSProber = false; 6 5 7 6 # boot.loader.grub.efiSupport = true;

+3

nixos/configurations/bootloader/janus.nix

··· 1 + _: {} 2 + # TODO: Move BL relevant config here! 3 +

-2

nixos/configurations/default.nix

··· 1 1 _: { 2 2 nobbz.nixosConfigurations.mimas.system = "x86_64-linux"; 3 - nobbz.nixosConfigurations.enceladeus.system = "x86_64-linux"; 4 - nobbz.nixosConfigurations.hyperion.system = "aarch64-linux"; 5 3 }

-162

nixos/configurations/enceladeus.nix

··· 1 - # Edit this configuration file to define what should be installed on 2 - # your system. Help is available in the configuration.nix(5) man page 3 - # and in the NixOS manual (accessible by running ‘nixos-help’). 4 - _: { 5 - config, 6 - pkgs, 7 - lib, 8 - ... 9 - }: { 10 - nix.allowedUnfree = ["b43-firmware" "zerotierone"]; 11 - nixpkgs.config.contentAddressedByDefault = false; 12 - nix.distributedBuilds = true; 13 - # nix.enabledMachines = ["mimas"]; 14 - 15 - # nixpkgs.hostPlatform.gcc.arch = "core2"; 16 - # nixpkgs.hostPlatform.system = "x86_64-linux"; 17 - # nixpkgs.buildPlatform.gcc.arch = "haswell"; 18 - # nixpkgs.buildPlatform.system = "x86_64-linux"; 19 - 20 - nixpkgs.overlays = [ 21 - # (final: prev: { 22 - # abseil-cpp = nixpkgs.legacyPackages.${final.system}.abseil-cpp; 23 - # #bash = prev.bash.override { stdenv = nixpkgs.legacyPackages.${final.system}.stdenv; }; 24 - # }) 25 - ]; 26 - 27 - services.lvm.boot.thin.enable = true; 28 - boot.kernelPackages = pkgs.linuxPackages_5_15; # TODO: Figure why I have this and nothing newer? 29 - services.lvm.dmeventd.enable = true; 30 - boot.blacklistedKernelModules = ["rtl8xxxu"]; 31 - boot.extraModulePackages = with config.boot.kernelPackages; [ 32 - rtl8192eu 33 - ]; 34 - 35 - boot.kernel.sysctl = { 36 - "vm.swappiness" = 75; 37 - }; 38 - 39 - # The global useDHCP flag is deprecated, therefore explicitly set to false here. 40 - # Per-interface useDHCP will be mandatory in the future, so this generated config 41 - # replicates the default behaviour. 42 - networking.networkmanager.enable = true; 43 - networking.networkmanager.unmanaged = [ 44 - "mac:0c:60:76:3f:c1:31" 45 - ]; 46 - networking.enableB43Firmware = true; 47 - 48 - networking.useDHCP = false; 49 - networking.interfaces.enp0s25.useDHCP = false; 50 - networking.interfaces.wlan0.useDHCP = false; 51 - networking.hostId = "62a007d6"; # required by ZFS 52 - 53 - # Configure network proxy if necessary 54 - # networking.proxy.default = "http://user:password@proxy:port/"; 55 - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 56 - 57 - # Select internationalisation properties. 58 - i18n.defaultLocale = "en_US.UTF-8"; 59 - console = { 60 - font = "Lat2-Terminus16"; 61 - keyMap = "de"; 62 - }; 63 - 64 - # Set your time zone. 65 - time.timeZone = "Europe/Berlin"; 66 - 67 - # List packages installed in system profile. To search, run: 68 - # $ nix search wget 69 - environment.systemPackages = with pkgs; [ 70 - unison # Sadly required on the host for unison copy to work :( 71 - nix-output-monitor 72 - ]; 73 - 74 - # Some programs need SUID wrappers, can be configured further or are 75 - # started in user sessions. 76 - programs.gnupg.agent = { 77 - enable = true; 78 - enableSSHSupport = true; 79 - }; 80 - programs.zsh.enable = true; 81 - 82 - # List services that you want to enable: 83 - 84 - # Enable the OpenSSH daemon. 85 - services.openssh.enable = true; 86 - 87 - # Open ports in the firewall. 88 - networking.firewall.allowedTCPPorts = [9002]; 89 - # networking.firewall.allowedUDPPorts = [ ... ]; 90 - # Or disable the firewall altogether. 91 - # networking.firewall.enable = false; 92 - networking.firewall.trustedInterfaces = [ 93 - "ztrta4jrxj" 94 - ]; 95 - 96 - # Enable CUPS to print documents. 97 - # services.printing.enable = true; 98 - 99 - # Enable sound. 100 - sound.enable = true; 101 - hardware.pulseaudio.enable = true; 102 - 103 - # Enable the X11 windowing system. 104 - services.xserver.enable = true; 105 - services.xserver.layout = "de"; 106 - # services.xserver.xkbOptions = "eurosign:e"; 107 - 108 - # Enable touchpad support. 109 - services.xserver.libinput.enable = true; 110 - 111 - # Enable the KDE Desktop Environment. 112 - services.xserver.displayManager.lightdm.enable = true; 113 - services.xserver.desktopManager.plasma5.enable = false; 114 - services.xserver.windowManager.awesome.enable = true; 115 - 116 - virtualisation.docker.enable = false; 117 - 118 - # Define a user account. Don't forget to set a password with ‘passwd’. 119 - users.users = { 120 - nmelzer = { 121 - isNormalUser = true; 122 - shell = pkgs.zsh; 123 - extraGroups = ["wheel" "networkmanager"]; 124 - }; 125 - 126 - aroemer = { 127 - isNormalUser = true; 128 - }; 129 - 130 - proemer = { 131 - isNormalUser = true; 132 - }; 133 - }; 134 - 135 - services.prometheus = { 136 - exporters = { 137 - node = { 138 - enable = true; 139 - enabledCollectors = ["systemd"]; 140 - port = 9002; 141 - }; 142 - }; 143 - }; 144 - 145 - # This value determines the NixOS release with which your system is to be 146 - # compatible, in order to avoid breaking some software such as database 147 - # servers. You should change this only after NixOS release notes say you 148 - # should. 149 - system.stateVersion = "19.09"; # Did you read the comment? 150 - 151 - security.sudo.extraRules = [ 152 - { 153 - commands = [ 154 - { 155 - command = "/run/current-system/sw/bin/nixos-rebuild"; 156 - options = ["NOPASSWD"]; 157 - } 158 - ]; 159 - groups = ["wheel"]; 160 - } 161 - ]; 162 - }

+1 -8

nixos/configurations/hardware/enceladeus.nix

··· 1 1 # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 2 # and may be overwritten by future invocations. Please make changes 3 3 # to /etc/nixos/configuration.nix instead. 4 - { 5 - config, 6 - lib, 7 - pkgs, 8 - ... 9 - }: { 10 - imports = []; 11 - 4 + {lib, ...}: { 12 5 boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "firewire_ohci" "usbhid" "usb_storage" "sd_mod" "sr_mod" "sdhci_pci"]; 13 6 boot.initrd.kernelModules = ["dm-snapshot"]; 14 7 boot.kernelModules = ["kvm-intel" "wl"];

-2

nixos/configurations/hardware/hyperion.nix

··· 2 2 # and may be overwritten by future invocations. Please make changes 3 3 # to /etc/nixos/configuration.nix instead. 4 4 { 5 - config, 6 5 lib, 7 - pkgs, 8 6 modulesPath, 9 7 ... 10 8 }: {

+55

nixos/configurations/hardware/janus.nix

··· 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 + # and may be overwritten by future invocations. Please make changes 3 + # to /etc/nixos/configuration.nix instead. 4 + { 5 + config, 6 + lib, 7 + pkgs, 8 + modulesPath, 9 + ... 10 + }: { 11 + imports = [ 12 + (modulesPath + "/installer/scan/not-detected.nix") 13 + ]; 14 + 15 + boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "sdhci_pci"]; 16 + boot.initrd.kernelModules = ["dm-snapshot"]; 17 + boot.initrd.luks.devices.cryptroot.device = "/dev/disk/by-partlabel/nixoscrypt"; 18 + boot.kernelModules = ["kvm-intel"]; 19 + boot.extraModulePackages = []; 20 + 21 + fileSystems."/" = { 22 + device = "/dev/mainpool/vdo-root"; 23 + fsType = "xfs"; 24 + }; 25 + 26 + fileSystems."/boot" = { 27 + device = "/dev/nvme0n1p1"; 28 + fsType = "vfat"; 29 + }; 30 + 31 + fileSystems."/nix" = { 32 + device = "/dev/mainpool/vdo-nix"; 33 + fsType = "xfs"; 34 + }; 35 + 36 + fileSystems."/home" = { 37 + device = "/dev/mainpool/vdo-home"; 38 + fsType = "xfs"; 39 + }; 40 + 41 + swapDevices = []; 42 + 43 + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 44 + # (the default) this is the recommended approach. When using systemd-networkd it's 45 + # still possible to use this option, but it's recommended to use it in conjunction 46 + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. 47 + networking.useDHCP = lib.mkDefault true; 48 + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; 49 + # networking.interfaces.enp56s0u1u1.useDHCP = lib.mkDefault true; 50 + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; 51 + 52 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 53 + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; 54 + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 55 + }

+6 -6

nixos/configurations/hardware/mimas.nix

··· 2 2 # and may be overwritten by future invocations. Please make changes 3 3 # to /etc/nixos/configuration.nix instead. 4 4 { 5 - config, 6 5 lib, 7 6 pkgs, 8 7 ... ··· 14 13 boot.kernelModules = ["kvm-intel"]; 15 14 boot.kernelParams = ["intel_pstate=active"]; 16 15 boot.extraModulePackages = []; 17 - boot.supportedFilesystems = ["ntfs" "exfat" "avfs"]; 16 + boot.supportedFilesystems = ["ntfs" "exfat" "avfs" "xfs"]; 18 17 19 18 hardware.cpu.intel.updateMicrocode = true; 20 19 hardware.enableRedistributableFirmware = true; ··· 76 75 options = ["nofail"]; 77 76 }; 78 77 79 - fileSystems."/var/lib/pool-photoprism" = { 80 - device = "/dev/pool/photoprism"; 81 - fsType = "ext4"; 78 + fileSystems."/var/lib/actual" = { 79 + device = "/dev/pool/actual"; 80 + fsType = "xfs"; 81 + options = ["nofail"]; 82 82 }; 83 83 84 84 fileSystems."/boot" = { ··· 96 96 nix.settings.max-jobs = lib.mkDefault 4; 97 97 powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; 98 98 99 - hardware.opengl.extraPackages = with pkgs; [ 99 + hardware.graphics.extraPackages = with pkgs; [ 100 100 vaapiIntel 101 101 vaapiVdpau 102 102 libvdpau-va-gl

-51

nixos/configurations/hyperion.nix

··· 1 - _: {pkgs, ...}: { 2 - nix.allowedUnfree = ["zerotierone"]; 3 - 4 - networking.hostName = "hyperion"; 5 - networking.networkmanager.enable = true; 6 - 7 - time.timeZone = "Europe/Berlin"; 8 - 9 - i18n.defaultLocale = "en_US.UTF-8"; 10 - 11 - services.xserver.enable = true; 12 - 13 - # Enable the LXQT Desktop Environment. 14 - services.xserver.displayManager.lightdm.enable = true; 15 - services.xserver.desktopManager.lxqt.enable = true; 16 - services.xserver.desktopManager.plasma5.enable = true; 17 - services.xserver.desktopManager.enlightenment.enable = true; 18 - 19 - services.qemuGuest.enable = true; 20 - services.spice-vdagentd.enable = true; 21 - 22 - services.openssh.enable = true; 23 - 24 - services.acpid.enable = true; 25 - 26 - # Configure keymap in X11 27 - services.xserver = { 28 - layout = "de"; 29 - xkbVariant = ""; 30 - }; 31 - 32 - # Configure console keymap 33 - console.keyMap = "de"; 34 - 35 - services.printing.enable = true; 36 - 37 - programs.zsh.enable = true; 38 - 39 - users.users.nmelzer = { 40 - isNormalUser = true; 41 - description = "Norbert Melzer"; 42 - extraGroups = ["networkmanager" "wheel"]; 43 - shell = pkgs.zsh; 44 - packages = [ 45 - pkgs.firefox 46 - # thunderbird 47 - ]; 48 - }; 49 - 50 - system.stateVersion = "22.11"; 51 - }

+71

nixos/configurations/mimas/gitea.nix

··· 1 + { 2 + pkgs, 3 + lib, 4 + config, 5 + ... 6 + }: let 7 + writeNuBin = pkgs.writers.writeNuBin.override {makeBinaryWrapper = pkgs.makeShellWrapper;}; 8 + 9 + find = lib.getExe pkgs.findutils; 10 + git = lib.getExe pkgs.git; 11 + systemd-notify = lib.getExe' pkgs.systemd "systemd-notify"; 12 + 13 + gitea-gc-script = 14 + writeNuBin "gitea-gc" 15 + # nu 16 + '' 17 + use std log 18 + 19 + def main [ 20 + repositories_base_folder: string, 21 + ] { 22 + log info $"Performing garbage collection for all repos in ($repositories_base_folder)" 23 + 24 + let repo_paths = run-external ${find} $repositories_base_folder "-maxdepth" 2 "-name" '*.git' | lines 25 + let repo_count = $repo_paths | length 26 + 27 + run-external ${systemd-notify} "--ready" 28 + 29 + $repo_paths | enumerate | each {|itm| 30 + let repo = $itm.item 31 + let idx = $itm.index 32 + 33 + let short_name = $repo | str substring --grapheme-clusters ($repositories_base_folder + "/" | str length)..-1 34 + 35 + log info $"Starting garbage collection for ($short_name)" 36 + run-external ${systemd-notify} $"--status=($idx + 1)/($repo_count): ($short_name)" 37 + run-external ${git} "-C" $repo gc "--aggressive" "--no-quiet" 38 + log info $"Finished garbage collection for ($short_name)" 39 + } 40 + 41 + run-external ${systemd-notify} "--stopping" 42 + 43 + log info "Overall garbage collection suceeded" 44 + } 45 + ''; 46 + in { 47 + systemd = { 48 + services.gitea-gc = { 49 + description = "Garbage Collect gitea repositories"; 50 + restartIfChanged = false; 51 + environment = { 52 + NU_LOG_LEVEL = "DEBUG"; 53 + }; 54 + serviceConfig = { 55 + CPUAccounting = true; 56 + CPUQuota = "200%"; 57 + CPUWeight = "idle"; 58 + ExecStart = "${lib.getExe gitea-gc-script} /var/lib/gitea/repositories"; 59 + NotifyAccess = "all"; 60 + Type = "notify"; 61 + User = config.services.gitea.user; 62 + }; 63 + }; 64 + 65 + timers.gitea-gc = { 66 + description = "Garbage Collection for gitea repositories - timer"; 67 + wantedBy = ["timers.target"]; 68 + timerConfig.OnCalendar = "Mon 01:00:00"; 69 + }; 70 + }; 71 + }

+2 -2

nixos/configurations/mimas/paperless.nix

··· 1 - {nixpkgs-2211, ...}: {config, ...}: { 1 + _: {config, ...}: { 2 2 services.paperless = { 3 3 enable = true; 4 4 address = "0.0.0.0"; 5 5 port = 58080; 6 - extraConfig.PAPERLESS_OCR_LANGUAGE = "deu+eng"; 6 + settings.PAPERLESS_OCR_LANGUAGE = "deu+eng"; 7 7 }; 8 8 9 9 systemd.services.paperless-consumer.after = ["var-lib-paperless.mount"];

-47

nixos/configurations/mimas/photoprism.nix

··· 1 - _: { 2 - config, 3 - lib, 4 - ... 5 - }: { 6 - _file = ./photoprism.nix; 7 - 8 - services.photoprism = { 9 - enable = true; 10 - 11 - port = 2343; 12 - # address = "photos.mimas.internal.nobbz.dev"; 13 - address = "localhost"; 14 - 15 - settings = { 16 - PHOTOPRISM_ORIGINALS_LIMIT = "-1"; 17 - PHOTOPRISM_RESOLUTION_LIMIT = "-1"; 18 - }; 19 - 20 - passwordFile = "${config.sops.secrets.photoprismAdmin.path}"; 21 - 22 - storagePath = "/var/lib/photoprism"; 23 - originalsPath = "${config.services.photoprism.storagePath}/originals"; 24 - }; 25 - 26 - systemd.services.photoprism.after = ["var-lib-pool\x2dphotoprism.mount"]; 27 - # systemd.services.photoprism.serviceConfig.DynamicUser = lib.mkForce false; 28 - systemd.services.photoprism.serviceConfig.BindPaths = [ 29 - "/var/lib/pool-photoprism:/var/lib/pool-photoprism" 30 - ]; 31 - 32 - services.traefik.dynamicConfigOptions.http.routers.photoprism = { 33 - entryPoints = ["http" "https"]; 34 - # rule = "Host(`${config.services.photoprism.address}`)"; 35 - rule = "Host(`photos.mimas.internal.nobbz.dev`)"; 36 - service = "photoprism"; 37 - tls.domains = [{main = "*.mimas.internal.nobbz.dev";}]; 38 - tls.certResolver = "mimasWildcard"; 39 - }; 40 - 41 - services.traefik.dynamicConfigOptions.http.services.photoprism.loadBalancer = { 42 - passHostHeader = true; 43 - servers = [{url = "http://localhost:${toString config.services.photoprism.port}";}]; 44 - }; 45 - 46 - sops.secrets.photoprismAdmin = {}; 47 - }

+3 -35

nixos/configurations/mimas/restic.nix

··· 38 38 lvremoves = lib.concatStringsSep "\n" (lib.mapAttrsToList (name: _: "lvs | grep -E '${name}' && lvremove pool/${name}") snaps); 39 39 40 40 rest_repo = "rest:https://restic.mimas.internal.nobbz.dev/mimas"; 41 - gdrv_repo = "/home/nmelzer/timmelzer@gmail.com/restic_repos/mimas"; 42 41 pass = config.sops.secrets.restic.path; 43 42 44 43 preStart = '' ··· 55 54 ${mkdirs} 56 55 57 56 ${mountCmds} 57 + 58 + /run/wrappers/bin/sudo -u vaultwarden ${pkgs.sqlite}/bin/sqlite3 /var/lib/bitwarden_rs/db.sqlite3 .dump > /var/lib/bitwarden_rs/dump.sql 58 59 ''; 59 60 60 61 script = '' ··· 62 63 63 64 # TODO: Make the latter from snapshots as well! 64 65 proot ${lib.escapeShellArgs mounts} \ 66 + -b /var/lib/bitwarden_rs:/var/lib/bitwarden_rs \ 65 67 -b /nix:/nix \ 66 68 -b ''${CREDENTIALS_DIRECTORY}:''${CREDENTIALS_DIRECTORY} \ 67 69 -b /etc:/etc \ ··· 123 125 }; 124 126 serviceConfig = { 125 127 Type = "oneshot"; 126 - }; 127 - }; 128 - 129 - systemd.timers.restic-system-snapshot-sync-and-prune = { 130 - wantedBy = ["timers.target"]; 131 - timerConfig.OnCalendar = "daily"; 132 - }; 133 - 134 - systemd.services.restic-system-snapshot-sync-and-prune = { 135 - path = [restic]; 136 - after = ["run-secrets.d.mount"]; 137 - serviceConfig.Type = "oneshot"; 138 - serviceConfig.LoadCredential = [ 139 - "b2:${config.sops.secrets.backblaze.path}" 140 - "pass:${pass}" 141 - ]; 142 - script = '' 143 - eval $(cat "$CREDENTIALS_DIRECTORY/b2") 144 - 145 - restic copy --repo ${rest_repo} --repo2 ${gdrv_repo} -vvv 146 - 147 - restic forget --repo ${rest_repo} --keep-hourly 12 --keep-daily 4 --keep-weekly 3 --keep-monthly 7 --keep-yearly 10 148 - restic forget --repo ${gdrv_repo} --keep-daily 30 --keep-weekly 4 --keep-monthly 12 --keep-yearly 20 149 - 150 - restic prune --repo ${rest_repo} --max-unused 0 151 - restic prune --repo ${gdrv_repo} --max-unused 0 152 - 153 - chown -Rv nmelzer:users /home/nmelzer/timmelzer@gmail.com/restic_repos 154 - ''; 155 - environment = { 156 - RESTIC_PASSWORD_FILE = "%d/pass"; 157 - RESTIC_PASSWORD_FILE2 = "%d/pass"; 158 - RESTIC_COMPRESSION = "max"; 159 - XDG_CACHE_HOME = "%C"; 160 128 }; 161 129 }; 162 130 }

+212

nixos/configurations/mimas/rustic-timers.nix

··· 1 + _: { 2 + config, 3 + pkgs, 4 + lib, 5 + ... 6 + }: let 7 + profile_name = template: lib.removeSuffix ".toml" config.sops.templates."${template}".path; 8 + 9 + environment = { 10 + RUSTIC_NO_PROGRESS = "true"; 11 + RUSTIC_CACHE_DIR = "%T/rustic"; 12 + }; 13 + 14 + mimas_template = 15 + # toml 16 + '' 17 + [repository] 18 + repository = "rest:https://restic.mimas.internal.nobbz.dev/mimas" 19 + password-file = "${config.sops.secrets.rustic.path}" 20 + 21 + [copy] 22 + targets = ["${profile_name "mimas_hetzner.toml"}"] 23 + ''; 24 + mimas_hetzner_template = 25 + # toml 26 + '' 27 + [repository] 28 + repository = "opendal:sftp" 29 + password-file = "${config.sops.secrets.rustic.path}" 30 + 31 + [repository.options] 32 + endpoint = "ssh://${config.sops.placeholder.rustic-user}.your-storagebox.de:23" 33 + user = "${config.sops.placeholder.rustic-user}" 34 + key = "/root/.ssh/id_ed25519" 35 + root = "/home/mimas" 36 + ''; 37 + 38 + nobbz_template = 39 + # toml 40 + '' 41 + [repository] 42 + repository = "rest:https://restic.mimas.internal.nobbz.dev/nobbz" 43 + password-file = "${config.sops.secrets.rustic.path}" 44 + 45 + [copy] 46 + targets = ["${profile_name "nobbz_hetzner.toml"}"] 47 + ''; 48 + 49 + nobbz_hetzner_template = 50 + # toml 51 + '' 52 + [repository] 53 + repository = "opendal:sftp" 54 + password-file = "${config.sops.secrets.rustic.path}" 55 + 56 + [repository.options] 57 + endpoint = "ssh://${config.sops.placeholder.rustic-user}.your-storagebox.de:23" 58 + user = "${config.sops.placeholder.rustic-user}" 59 + key = "/root/.ssh/id_ed25519" 60 + root = "/home/nobbz" 61 + ''; 62 + 63 + schedule = { 64 + rustic-mimas-clean = "*-*-* 01:00:00"; 65 + rustic-nobbz-clean = "*-*-* 01:30:00"; 66 + rustic-mimas-hetzner-clean = "*-*-* 02:00:00"; 67 + rustic-nobbz-hetzner-clean = "*-*-* 03:00:00"; 68 + }; 69 + 70 + mkTimer = name: calendar: { 71 + "${name}" = { 72 + wantedBy = ["timers.target"]; 73 + timerConfig.OnCalendar = calendar; 74 + }; 75 + }; 76 + 77 + notify = lib.getExe' pkgs.systemd "systemd-notify"; 78 + in { 79 + sops.secrets.rustic = {}; 80 + sops.secrets.rustic-user = {}; 81 + 82 + sops.templates."mimas.toml".content = mimas_template; 83 + sops.templates."mimas_hetzner.toml".content = mimas_hetzner_template; 84 + sops.templates."nobbz.toml".content = nobbz_template; 85 + sops.templates."nobbz_hetzner.toml".content = nobbz_hetzner_template; 86 + 87 + systemd.timers = lib.pipe schedule [ 88 + (lib.mapAttrsToList mkTimer) 89 + lib.mkMerge 90 + ]; 91 + 92 + systemd.services = { 93 + rustic-mimas-clean = { 94 + path = [pkgs.rustic pkgs.openssh]; 95 + inherit environment; 96 + serviceConfig = { 97 + NotifyAccess = "all"; 98 + Type = "notify"; 99 + }; 100 + script = '' 101 + ${notify} --ready 102 + ${notify} --status=forget 103 + rustic forget -P ${profile_name "mimas.toml"} \ 104 + --keep-last 4 \ 105 + --keep-within-hourly 1d \ 106 + --keep-within-daily 5d \ 107 + --keep-within-weekly 35d \ 108 + --keep-within-monthly 100d \ 109 + --keep-within-yearly 2y 110 + 111 + ${notify} --status=prune 112 + rustic prune -P ${profile_name "mimas.toml"} \ 113 + --max-unused=0B \ 114 + --keep-delete=12h \ 115 + --max-repack=50GiB 116 + 117 + ${notify} --status=copy 118 + rustic copy -P ${profile_name "mimas.toml"} 119 + 120 + ${notify} --stopping --status="" 121 + ''; 122 + }; 123 + 124 + rustic-nobbz-clean = { 125 + path = [pkgs.rustic pkgs.openssh]; 126 + inherit environment; 127 + serviceConfig = { 128 + NotifyAccess = "all"; 129 + Type = "notify"; 130 + }; 131 + script = '' 132 + ${notify} --ready 133 + ${notify} --status=forget 134 + rustic forget -P ${profile_name "nobbz.toml"} \ 135 + --filter-tags home \ 136 + --keep-last 4 \ 137 + --keep-within-hourly 1d \ 138 + --keep-within-daily 5d \ 139 + --keep-within-weekly 35d \ 140 + --keep-within-monthly 100d \ 141 + --keep-within-yearly 2y 142 + 143 + ${notify} --status=prune 144 + rustic prune -P ${profile_name "nobbz.toml"} \ 145 + --max-unused=0B \ 146 + --keep-delete=12h \ 147 + --max-repack=50GiB 148 + 149 + ${notify} --status=copy 150 + rustic copy -P ${profile_name "nobbz.toml"} 151 + 152 + ${notify} --stopping --status="" 153 + ''; 154 + }; 155 + 156 + rustic-nobbz-hetzner-clean = { 157 + path = [pkgs.rustic pkgs.openssh]; 158 + inherit environment; 159 + serviceConfig = { 160 + NotifyAccess = "all"; 161 + Type = "notify"; 162 + }; 163 + script = '' 164 + ${notify} --ready 165 + ${notify} --status=forget 166 + rustic forget -P ${profile_name "nobbz_hetzner.toml"} \ 167 + --keep-last 1 \ 168 + --keep-within-hourly 2h \ 169 + --keep-within-daily 10d \ 170 + --keep-within-weekly 65d \ 171 + --keep-within-monthly 190d \ 172 + --keep-within-yearly 5y 173 + 174 + ${notify} --status=prune 175 + rustic prune -P ${profile_name "nobbz_hetzner.toml"} \ 176 + --max-unused 0B \ 177 + --max-repack 20GiB \ 178 + --keep-delete 11h 179 + 180 + ${notify} --stopping --status="" 181 + ''; 182 + }; 183 + 184 + rustic-mimas-hetzner-clean = { 185 + path = [pkgs.rustic pkgs.openssh]; 186 + inherit environment; 187 + serviceConfig = { 188 + NotifyAccess = "all"; 189 + Type = "notify"; 190 + }; 191 + script = '' 192 + ${notify} --ready 193 + ${notify} --status=forget 194 + rustic forget -P ${profile_name "mimas_hetzner.toml"} \ 195 + --keep-last 1 \ 196 + --keep-within-hourly 2h \ 197 + --keep-within-daily 10d \ 198 + --keep-within-weekly 65d \ 199 + --keep-within-monthly 190d \ 200 + --keep-within-yearly 5y 201 + 202 + ${notify} --status=prune 203 + rustic prune -P ${profile_name "mimas_hetzner.toml"} \ 204 + --max-unused 0B \ 205 + --max-repack 20GiB \ 206 + --keep-delete 11h 207 + 208 + ${notify} --stopping --status="" 209 + ''; 210 + }; 211 + }; 212 + }

+34

nixos/configurations/mimas/vaultwarden.nix

··· 1 + _: {config, ...}: let 2 + host = "passwords.mimas.internal.nobbz.dev"; 3 + wardenPort = 10000; 4 + in { 5 + sops.secrets.warden = {}; 6 + 7 + services.vaultwarden = { 8 + enable = true; 9 + environmentFile = config.sops.secrets.warden.path; 10 + config = { 11 + DOMAIN = "https://${host}"; 12 + DATABASE_MAX_CONNS = "5"; 13 + 14 + # LOG_LEVEL = "debug"; 15 + 16 + ROCKET_ADDRESS = "127.0.0.1"; 17 + ROCKET_PORT = "${toString wardenPort}"; 18 + ROCKET_WORKERS = "5"; 19 + }; 20 + }; 21 + 22 + services.traefik.dynamicConfigOptions.http.routers.warden = { 23 + entryPoints = ["https" "http"]; 24 + rule = "Host(`${host}`)"; 25 + service = "vaultwarden"; 26 + tls.domains = [{main = "*.mimas.internal.nobbz.dev";}]; 27 + tls.certResolver = "mimasWildcard"; 28 + }; 29 + 30 + services.traefik.dynamicConfigOptions.http.services.vaultwarden.loadBalancer = { 31 + passHostHeader = false; 32 + servers = [{url = "http://127.0.0.1:${toString wardenPort}";}]; 33 + }; 34 + }

+50 -35

nixos/configurations/mimas.nix

··· 1 1 # Edit this configuration file to define what should be installed on 2 2 # your system. Help is available in the configuration.nix(5) man page 3 3 # and in the NixOS manual (accessible by running ‘nixos-help’). 4 - { 5 - self, 6 - unstable, 7 - nixpkgs-2211, 8 - ... 9 - } @ inputs: { 4 + {self, ...} @ inputs: { 10 5 config, 11 6 pkgs, 12 7 lib, 13 8 ... 14 9 }: let 15 - upkgs = unstable.legacyPackages.x86_64-linux; 16 - steamPackages = ["steam" "steam-run" "steam-original" "steam-runtime"]; 17 - printerPackages = ["hplip" "samsung-UnifiedLinuxDriver"]; 10 + steamPackages = ["steam" "steam-run" "steam-original" "steam-runtime" "steam-unwrapped"]; 18 11 in { 19 12 imports = [ 20 13 (import ./mimas/paperless.nix inputs) 21 - (import ./mimas/photoprism.nix inputs) 22 14 (import ./mimas/restic.nix inputs) 15 + (import ./mimas/rustic-timers.nix inputs) 16 + (import ./mimas/vaultwarden.nix inputs) 17 + ./mimas/gitea.nix 23 18 ]; 24 19 20 + services.tailscale.enable = true; 21 + 22 + security.pam.services.i3lock.enable = true; 23 + security.pam.services.i3lock-color.enable = true; 24 + 25 25 sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; 26 26 sops.defaultSopsFile = "${self}/secrets/mimas/default.yaml"; 27 27 28 28 sops.secrets.restic = {}; 29 - sops.secrets.backblaze = {}; 29 + sops.secrets.traefik = {}; 30 30 31 - nix.allowedUnfree = ["zerotierone"] ++ printerPackages ++ steamPackages; 31 + nix.allowedUnfree = ["zerotierone"] ++ steamPackages; 32 32 nix.settings.experimental-features = ["ca-derivations" "impure-derivations"]; 33 33 nix.distributedBuilds = true; 34 34 # nix.enabledMachines = ["enceladeus"]; ··· 102 102 103 103 # Enable CUPS to print documents. 104 104 services.printing.enable = true; 105 - services.printing.drivers = [pkgs.hplipWithPlugin pkgs.samsung-unified-linux-driver]; 105 + 106 + services.avahi.enable = true; 107 + services.avahi.nssmdns4 = true; 108 + services.avahi.openFirewall = true; 106 109 107 110 services.ratbagd.enable = true; 111 + 112 + programs.partition-manager.enable = true; 113 + # security.polkit.enable = true; 108 114 109 115 # services.hydra = { 110 116 # enable = true; ··· 117 123 # }; 118 124 # networking.firewall.allowedTCPPorts = [ 3000 ]; 119 125 120 - # Enable sound. 121 - sound.enable = true; 122 - hardware.pulseaudio = { 123 - enable = true; 124 - package = pkgs.pulseaudioFull; 125 - }; 126 + # Enable pulse compat. 127 + services.pipewire.pulse.enable = true; 128 + 126 129 hardware.bluetooth.enable = true; 127 130 128 131 # Enable the X11 windowing system. 129 132 services.xserver.enable = true; 130 - services.xserver.layout = "de"; 131 - # services.xserver.xkbOptions = "eurosign:e"; 133 + services.xserver.xkb.layout = "de"; 132 134 133 135 # Enable touchpad support. 134 136 # services.xserver.libinput.enable = true; 135 137 136 138 # Enable the KDE Desktop Environment. 137 - services.xserver.displayManager.sddm.enable = true; 139 + services.displayManager.sddm.enable = true; 138 140 services.xserver.desktopManager.plasma5.enable = true; 139 141 services.xserver.windowManager.awesome.enable = true; 140 142 ··· 149 151 150 152 programs = { 151 153 steam.enable = true; 154 + 152 155 zsh.enable = true; 153 156 zsh.enableCompletion = false; 154 157 }; 155 158 156 - hardware.opengl.driSupport32Bit = true; 157 - hardware.pulseaudio.support32Bit = true; 158 - 159 - hardware.opengl.enable = true; 160 - hardware.opengl.extraPackages = [pkgs.vaapiIntel pkgs.beignet]; 159 + hardware.graphics.enable = true; 160 + hardware.graphics.extraPackages = [pkgs.vaapiIntel]; 161 161 162 162 services.gitea = { 163 163 enable = true; 164 - httpAddress = "127.0.0.1"; 165 - domain = "gitea.mimas.internal.nobbz.dev"; 164 + settings.server.DOMAIN = "gitea.mimas.internal.nobbz.dev"; 165 + settings.server.HTTP_ADDR = "127.0.0.1"; 166 166 settings.server.ROOT_URL = lib.mkForce "https://gitea.mimas.internal.nobbz.dev/"; 167 167 settings."git.timeout".DEFAULT = 3600; # 1 hour 168 168 settings."git.timeout".MIGRATE = 3600; # 1 hour 169 169 settings."git.timeout".MIRROR = 3600; # 1 hour 170 170 settings."git.timeout".CLONE = 3600; # 1 hour 171 171 settings."git.timeout".PULL = 3600; # 1 hour 172 - settings."git.timeout".GC = 3600; 173 - }; # 1 hour 172 + settings."git.timeout".GC = 3600; # 1 hour 173 + }; 174 174 systemd.services.gitea.after = ["var-lib-gitea.mount"]; 175 175 176 176 virtualisation = { ··· 178 178 enable = true; 179 179 # storageDriver = "zfs"; 180 180 # extraOptions = "--storage-opt zfs.fsname=rpool/local/docker"; 181 - package = upkgs.docker; 181 + package = pkgs.docker; 182 182 extraOptions = "--dns 1.1.1.1"; 183 183 }; 184 184 ··· 252 252 253 253 hardware.keyboard.zsa.enable = true; 254 254 hardware.sane.enable = true; 255 - hardware.sane.extraBackends = [pkgs.hplipWithPlugin]; 256 255 257 256 services.traefik.enable = true; 258 - systemd.services.traefik.serviceConfig.EnvironmentFile = "/etc/traefik/env"; 257 + systemd.services.traefik.serviceConfig.EnvironmentFile = [config.sops.secrets.traefik.path]; 259 258 services.traefik.staticConfigOptions = { 260 259 log.level = "DEBUG"; 261 260 ··· 337 336 fritz.loadBalancer.servers = [{url = "http://fritz.box";}]; 338 337 339 338 gitea.loadBalancer.passHostHeader = true; 340 - gitea.loadBalancer.servers = [{url = "http://localhost:${toString config.services.gitea.httpPort}";}]; 339 + gitea.loadBalancer.servers = [{url = "http://localhost:${toString config.services.gitea.settings.server.HTTP_PORT}";}]; 341 340 342 341 grafana.loadBalancer.passHostHeader = true; 343 342 grafana.loadBalancer.servers = [{url = "http://localhost:${toString config.services.grafana.settings.server.http_port}";}]; ··· 388 387 } 389 388 ]; 390 389 }; 390 + 391 + nix.buildMachines = let 392 + communityBuilder = name: system: { 393 + hostName = "${name}.nix-community.org"; 394 + inherit system; 395 + sshKey = "/root/.ssh/id_ed25519"; 396 + sshUser = "NobbZ"; 397 + maxJobs = 8; 398 + protocol = "ssh"; 399 + speedFactor = 4; 400 + supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"]; 401 + }; 402 + in [ 403 + (communityBuilder "build-box" "x86_64-linux") 404 + (communityBuilder "aarch64-build.box" "aarch64-linux") 405 + ]; 391 406 392 407 # This value determines the NixOS release with which your system is to be 393 408 # compatible, in order to avoid breaking some software such as database

+12 -10

nixos/modules/default.nix

··· 1 - inputs: { 2 - cachix = import ./cachix inputs; 3 - distributed = import ./distributed.nix inputs; 4 - flake = import ./flake.nix inputs; 5 - hostnames = import ./hostnames.nix inputs; 6 - kernel = import ./kernel.nix inputs; 7 - moonlander = import ./moonlander.nix inputs; 8 - nix = import ./nix.nix inputs; 9 - switcher = import ./switcher.nix inputs; 10 - zerotier = import ./zerotier.nix inputs; 1 + { 2 + nobbz.nixosModules = { 3 + cachix = ./cachix; 4 + distributed = ./distributed.nix; 5 + flake = ./flake.nix; 6 + hostnames = ./hostnames.nix; 7 + kernel = ./kernel.nix; 8 + moonlander = ./moonlander.nix; 9 + nix = ./nix.nix; 10 + switcher = ./switcher.nix; 11 + zerotier = ./zerotier.nix; 12 + }; 11 13 }

-2

nixos/modules/distributed.nix

··· 36 36 37 37 selfRemote = builtins.elem hostName enabledMachines; 38 38 in { 39 - _file = ./distributed.nix; 40 - 41 39 options.nix = { 42 40 enabledMachines = lib.mkOption { 43 41 type = listOf (enum names);

+5 -9

nixos/modules/flake.nix

··· 1 1 { 2 - unstable, 3 - nixpkgs-2211, 4 2 nix, 3 + nixpkgs, 5 4 programsdb, 6 5 ... 7 6 }: { ··· 12 11 }: let 13 12 base = "/etc/nixpkgs/channels"; 14 13 nixpkgsPath = "${base}/nixpkgs"; 15 - nixpkgs2211Path = "${base}/nixpkgs2211"; 16 14 in { 17 15 options.nix.flakes.enable = lib.mkEnableOption "nix flakes"; 18 16 ··· 20 18 programs.command-not-found.dbPath = programsdb.packages.${pkgs.system}.programs-sqlite; 21 19 22 20 nix = { 23 - package = lib.mkDefault nix.packages.${pkgs.system}.nix; 21 + package = lib.mkDefault nix.packages.${pkgs.system}.nix-cli; 22 + 24 23 settings.experimental-features = ["nix-command" "flakes"]; 25 24 26 - registry.nixpkgs.flake = unstable; 27 - registry.nixpkgs2211.flake = nixpkgs-2211; 25 + registry.nixpkgs.flake = nixpkgs; 28 26 29 27 nixPath = [ 30 28 "nixpkgs=${nixpkgsPath}" 31 - "nixpkgs2211=${nixpkgs2211Path}" 32 29 "/nix/var/nix/profiles/per-user/root/channels" 33 30 ]; 34 31 }; 35 32 36 33 systemd.tmpfiles.rules = [ 37 - "L+ ${nixpkgsPath} - - - - ${unstable}" 38 - "L+ ${nixpkgs2211Path} - - - - ${nixpkgs-2211}" 34 + "L+ ${nixpkgsPath} - - - - ${nixpkgs}" 39 35 ]; 40 36 }; 41 37 }

+5 -1

nixos/modules/kernel.nix

··· 4 4 config, 5 5 ... 6 6 }: let 7 - zfsUsed = lib.lists.elem "zfs" (config.boot.supportedFilesystems ++ config.boot.initrd.supportedFilesystems); 7 + supportedFilesystems = 8 + if builtins.isList config.boot.supportedFilesystems 9 + then config.boot.supportedFilesystems ++ config.boot.initrd.supportedFilesystems 10 + else builtins.attrNames (lib.filterAttrs (_name: value: value) (config.boot.supportedFilesystems // config.boot.initrd.supportedFilesystems)); 11 + zfsUsed = lib.lists.elem "zfs" supportedFilesystems; 8 12 in { 9 13 boot.kernelPackages = lib.mkDefault ( 10 14 if zfsUsed

+1 -1

nixos/modules/nix.nix

··· 10 10 in { 11 11 options.nix = { 12 12 allowedUnfree = lib.mkOption { 13 - type = lib.types.listOf lib.types.string; 13 + type = lib.types.listOf lib.types.str; 14 14 default = []; 15 15 description = '' 16 16 Allows for unfree packages by their name.

+13 -20

nixos/modules/switcher.nix

··· 3 3 config, 4 4 ... 5 5 }: { 6 - _file = ./switcher.nix; 7 - 8 6 environment.systemPackages = [self.packages."${pkgs.system}".switcher]; 9 7 10 8 security.sudo.extraRules = let 11 9 storePrefix = "/nix/store/*"; 10 + commandPrefix = "/run/current-system/sw"; 12 11 systemName = "nixos-system-${config.networking.hostName}-*"; 12 + nixEnvCmd = "${commandPrefix}/bin/nix-env"; 13 + systemdPath = "${commandPrefix}/bin/systemd-run"; 14 + systemdRunCmd = "${systemdPath} -E LOCALE_ARCHIVE -E NIXOS_INSTALL_BOOTLOADER --collect --no-ask-password --pty --quiet --same-dir --service-type=exec --unit=nixos-rebuild-switch-to-configuration"; 15 + systemdRunEqCmd = "${systemdPath} -E LOCALE_ARCHIVE -E NIXOS_INSTALL_BOOTLOADER= --collect --no-ask-password --pty --quiet --same-dir --service-type=exec --unit=nixos-rebuild-switch-to-configuration"; 16 + options = ["NOPASSWD"]; 17 + mkRule = command: { 18 + commands = [{inherit command options;}]; 19 + groups = ["wheel"]; 20 + }; 13 21 in [ 14 - { 15 - commands = [ 16 - { 17 - command = "${storePrefix}-nix-*/bin/nix-env -p /nix/var/nix/profiles/system --set ${storePrefix}-${systemName}"; 18 - options = ["NOPASSWD"]; 19 - } 20 - ]; 21 - groups = ["wheel"]; 22 - } 23 - { 24 - commands = [ 25 - { 26 - command = "${storePrefix}-${systemName}/bin/switch-to-configuration"; 27 - options = ["NOPASSWD"]; 28 - } 29 - ]; 30 - groups = ["wheel"]; 31 - } 22 + (mkRule "${nixEnvCmd} -p /nix/var/nix/profiles/system --set ${storePrefix}-${systemName}") 23 + (mkRule "${systemdRunCmd} --wait true") 24 + (mkRule "${systemdRunEqCmd} --wait ${storePrefix}-${systemName}/bin/switch-to-configuration switch") 32 25 ]; 33 26 }

+14 -1

nixos/modules/zerotier.nix

··· 1 - _: { 1 + {nixpkgs-pre-rust, ...}: { 2 + config, 3 + pkgs, 4 + ... 5 + }: { 2 6 services.zerotierone.enable = true; 3 7 services.zerotierone.joinNetworks = ["8286ac0e4768c8ae"]; 8 + 9 + services.zerotierone.localConf = {}; 10 + 11 + services.zerotierone.package = 12 + (import nixpkgs-pre-rust { 13 + inherit (config.nixpkgs) config; 14 + inherit (pkgs) system; 15 + }) 16 + .zerotierone; 4 17 }

+28 -16

npins/sources.json

··· 1 1 { 2 2 "pins": { 3 - "fzf-tab": { 3 + "catppuccin-bat": { 4 4 "type": "Git", 5 5 "repository": { 6 6 "type": "GitHub", 7 - "owner": "Aloxaf", 8 - "repo": "fzf-tab" 7 + "owner": "catppuccin", 8 + "repo": "bat" 9 9 }, 10 - "branch": "master", 11 - "revision": "5a81e13792a1eed4a03d2083771ee6e5b616b9ab", 12 - "url": "https://github.com/Aloxaf/fzf-tab/archive/5a81e13792a1eed4a03d2083771ee6e5b616b9ab.tar.gz", 13 - "hash": "0lfl4r44ci0wflfzlzzxncrb3frnwzghll8p365ypfl0n04bkxvl" 10 + "branch": "main", 11 + "revision": "699f60fc8ec434574ca7451b444b880430319941", 12 + "url": "https://github.com/catppuccin/bat/archive/699f60fc8ec434574ca7451b444b880430319941.tar.gz", 13 + "hash": "1lirgwgh2hnz6j60py19bbmhvgaqs7i6wf6702k6n83lgw4aixg9" 14 14 }, 15 - "konsole": { 15 + "catppuccin-rofi": { 16 16 "type": "Git", 17 17 "repository": { 18 18 "type": "GitHub", 19 - "owner": "dracula", 20 - "repo": "konsole" 19 + "owner": "catppuccin", 20 + "repo": "rofi" 21 + }, 22 + "branch": "main", 23 + "revision": "c24a212a6b07c2d45f32d01d7f10b4d88ddc9f45", 24 + "url": "https://github.com/catppuccin/rofi/archive/c24a212a6b07c2d45f32d01d7f10b4d88ddc9f45.tar.gz", 25 + "hash": "0236bcwad4cmr1fhnywvcnzf7xdmhhwgrkrq8jdg8livhh1h8rjq" 26 + }, 27 + "fzf-tab": { 28 + "type": "Git", 29 + "repository": { 30 + "type": "GitHub", 31 + "owner": "Aloxaf", 32 + "repo": "fzf-tab" 21 33 }, 22 34 "branch": "master", 23 - "revision": "030486c75f12853e9d922b59eb37c25aea4f66f4", 24 - "url": "https://github.com/dracula/konsole/archive/030486c75f12853e9d922b59eb37c25aea4f66f4.tar.gz", 25 - "hash": "123dll2w2mbflgxfgdjg0a3gbr4srnwbyj3zd6wg1hx5miki48xj" 35 + "revision": "6aced3f35def61c5edf9d790e945e8bb4fe7b305", 36 + "url": "https://github.com/Aloxaf/fzf-tab/archive/6aced3f35def61c5edf9d790e945e8bb4fe7b305.tar.gz", 37 + "hash": "1brljd9744wg8p9v3q39kdys33jb03d27pd0apbg1cz0a2r1wqqi" 26 38 }, 27 39 "zsh-syntax-highlighting": { 28 40 "type": "Git", ··· 32 44 "repo": "zsh-syntax-highlighting" 33 45 }, 34 46 "branch": "master", 35 - "revision": "754cefe0181a7acd42fdcb357a67d0217291ac47", 36 - "url": "https://github.com/zsh-users/zsh-syntax-highlighting/archive/754cefe0181a7acd42fdcb357a67d0217291ac47.tar.gz", 37 - "hash": "1kjh42payg8mwgpa91cy20ilkqxmqy36vy6brl8k35h9nixhys4i" 47 + "revision": "5eb677bb0fa9a3e60f0eff031dc13926e093df92", 48 + "url": "https://github.com/zsh-users/zsh-syntax-highlighting/archive/5eb677bb0fa9a3e60f0eff031dc13926e093df92.tar.gz", 49 + "hash": "1x33gk7hhp07jqq7yjvrsp2vmdbxmadlv3335ixx29bc6h8106r9" 38 50 } 39 51 }, 40 52 "version": 3

+1

packages/advcp/default.nix

··· 7 7 stdenv.mkDerivation rec { 8 8 name = "advcp"; 9 9 version = "9.1"; 10 + strictDeps = true; 10 11 11 12 src = fetchurl { 12 13 name = "source-${name}-${version}.tar.xz";

+2 -25

packages/default.nix

··· 6 6 inputs', 7 7 ... 8 8 }: let 9 - upkgs = inputs'.nixpkgs-unstable.legacyPackages; 9 + upkgs = inputs'.nixpkgs.legacyPackages; 10 10 11 - epkgs = upkgs.extend inputs.emacs.overlay; 12 - chromePkgs = import inputs.master { 11 + chromePkgs = import inputs.nixpkgs { 13 12 inherit system; 14 13 config.allowUnfree = true; 15 14 config.google-chrome.enableWideVine = true; 16 15 }; 17 - 18 - nilBase = 19 - if upkgs.stdenv.isLinux 20 - then inputs'.nil.packages.nil 21 - else upkgs.nil; 22 - 23 - rnil-lsp = upkgs.writeShellScriptBin "rnix-lsp" '' 24 - exec ${nilBase}/bin/nil "$@" 25 - ''; 26 - 27 - nil = upkgs.symlinkJoin { 28 - name = "nil"; 29 - paths = [nilBase rnil-lsp]; 30 - }; 31 16 in { 32 17 packages = lib.mkMerge [ 33 18 { 34 - inherit nil; 35 - 36 19 advcp = upkgs.callPackage ./advcp {}; 37 - "dracula/konsole" = upkgs.callPackage ./dracula/konsole {}; 38 - emacs = epkgs.emacsUnstable; 39 20 "rofi/unicode" = upkgs.callPackage ./rofi-unicode {}; 40 - "zx" = upkgs.nodePackages.zx; 41 - 42 - alejandra = inputs'.alejandra.packages.default; 43 21 } 44 22 (lib.mkIf pkgs.stdenv.isLinux { 45 23 inherit (inputs'.switcher.packages) switcher; 46 - gnucash-de = upkgs.callPackage ./gnucash-de {}; 47 24 }) 48 25 (lib.mkIf (system == "x86_64-linux") { 49 26 inherit (chromePkgs) google-chrome;

-16

packages/dracula/konsole/default.nix

··· 1 - {stdenv}: let 2 - npins = import ../../../npins; 3 - in 4 - stdenv.mkDerivation (self: { 5 - pname = "dracula-konsole-theme"; 6 - version = npins.konsole.revision; 7 - 8 - src = npins.konsole; 9 - 10 - phases = ["unpackPhase" "installPhase"]; 11 - 12 - installPhase = '' 13 - mkdir -p $out/share/konsole 14 - cp Dracula.colorscheme $out/share/konsole 15 - ''; 16 - })

-14

packages/gnucash-de/default.nix

··· 1 - { 2 - runCommand, 3 - makeWrapper, 4 - gnucash, 5 - }: 6 - runCommand "gnucash-de-${gnucash.version}" 7 - { 8 - nativeBuildInputs = [makeWrapper]; 9 - } '' 10 - mkdir -p $out/{bin,share/applications} 11 - makeWrapper ${gnucash}/bin/gnucash $out/bin/gnucash \ 12 - --set LANG de_DE.UTF-8 13 - ln -s ${gnucash}/share/applications/gnucash.desktop $out/share/applications/gnucash.desktop 14 - ''

+1

packages/rofi-unicode/default.nix

··· 8 8 stdenvNoCC.mkDerivation (self: { 9 9 pname = "rofiemoji-rofiunicode"; 10 10 version = "${source.rev}"; 11 + strictDeps = true; 11 12 12 13 src = fetchgit { 13 14 inherit (source) rev url sha256;

+6 -6

parts/auxiliary.nix

··· 1 - {self, ...}: { 1 + _: { 2 2 perSystem = { 3 3 config, 4 4 pkgs, ··· 7 7 system, 8 8 ... 9 9 }: { 10 - formatter = self.packages.${system}.alejandra; 10 + formatter = pkgs.alejandra; 11 11 12 + apps.rotate.meta.description = "rotate keys for sops"; 12 13 apps.rotate.program = let 13 14 sopsrotate = pkgs.writeShellScript "sops-rotate" '' 14 15 file=$1 ··· 17 18 ${pkgs.sops}/bin/sops -r -i "''${file}" 18 19 ''; 19 20 rotate = pkgs.writeShellScript "rotate" '' 20 - ${pkgs.git}/bin/git -c rotate-$(${pkgs.coreutils}/bin/date -Idate) >/dev/null || true 21 + ${pkgs.git}/bin/git switch -c rotate-$(${pkgs.coreutils}/bin/date -Idate) >/dev/null || true 21 22 22 - ${pkgs.findutils}/bin/find secrets $ -name '*.yaml' -o -name '*.yml' $ -a -type f -exec ${sopsrotate} '{}' \; 23 + ${pkgs.findutils}/bin/find secrets -type f -exec ${sopsrotate} '{}' \; 23 24 24 25 ${pkgs.git}/bin/git add secrets 25 26 ${pkgs.git}/bin/git commit -m "chore: rotate secrets $(${pkgs.coreutils}/bin/date -Idate)" ··· 28 29 29 30 devShells.default = pkgs.mkShell { 30 31 packages = builtins.attrValues { 31 - inherit (self'.packages) nil alejandra; 32 - inherit (inputs'.unstable.legacyPackages) npins sops age ssh-to-age; 32 + inherit (pkgs) npins sops age ssh-to-age nil alejandra; 33 33 }; 34 34 }; 35 35 };

+11 -6

parts/home_configs.nix

··· 8 8 }: let 9 9 cfg = config.nobbz.homeConfigurations; 10 10 11 - configs = builtins.mapAttrs (_: config: config.finalHome) cfg; 11 + enabledCfgs = lib.filterAttrs (_: config: config.enable) cfg; 12 12 13 - packages = builtins.attrValues (builtins.mapAttrs (_: config: config.packageModule) cfg); 13 + configs = builtins.mapAttrs (_: config: config.finalHome) enabledCfgs; 14 + 15 + packages = builtins.attrValues (builtins.mapAttrs (_: config: config.packageModule) enabledCfgs); 14 16 in { 15 17 options = { 16 18 nobbz.homeConfigurations = lib.mkOption { ··· 20 22 ... 21 23 }: { 22 24 options = { 25 + enable = lib.mkEnableOption "Enable this home configuration." // {default = true;}; 26 + 23 27 nixpkgs = lib.mkOption { 24 28 type = lib.types.unspecified; 25 29 default = inputs.nixpkgs; ··· 83 87 }; 84 88 }; 85 89 86 - config = { 87 - entryPoint = import "${self}/home/configurations/${config.username}@${config.hostname}.nix" (inputs // {inherit self;}); 90 + config = lib.mkIf config.enable { 91 + entryPoint = import "${self}/home/configurations/${config.username}_at_${config.hostname}.nix" (inputs // {inherit self;}); 88 92 base = 89 93 if lib.strings.hasSuffix "-darwin" config.system 90 94 then "Users" ··· 95 99 [ 96 100 config.entryPoint 97 101 {home = {inherit (config) username homeDirectory;};} 98 - {systemd.user.startServices = "legacy";} 102 + {systemd.user.startServices = "sd-switch";} 103 + {news.display = "silent";} 99 104 inputs.nixos-vscode-server.nixosModules.home 100 105 inputs.sops-nix.homeManagerModules.sops 101 106 ] 102 107 ++ config.modules 103 - ++ builtins.attrValues self.homeModules 108 + ++ builtins.attrValues self.homeManagerModules 104 109 ++ builtins.attrValues self.mixedModules; 105 110 106 111 packageName = "home/config/${name}";

+21

parts/home_modules.nix

··· 1 + { 2 + self, 3 + inputs, 4 + config, 5 + lib, 6 + ... 7 + }: let 8 + cfg = config.nobbz.homeManagerModules; 9 + 10 + inherit (import ./module_helpers.nix lib inputs) submodule; 11 + 12 + modules = builtins.mapAttrs (_: config: config.wrappedModule) cfg; 13 + in { 14 + options = { 15 + nobbz.homeManagerModules = lib.mkOption { 16 + type = lib.types.attrsOf submodule; 17 + }; 18 + }; 19 + 20 + config.flake.homeManagerModules = modules; 21 + }

+51

parts/module_helpers.nix

··· 1 + lib: inputs: let 2 + inherit (builtins) isString isPath; 3 + 4 + callModule = module: args: let 5 + moduleToImport = 6 + if args == null 7 + then module 8 + else import module args; 9 + in 10 + {imports = [moduleToImport];} 11 + // lib.optionalAttrs (builtins.any (p: p module) [isPath isString]) {_file = module;}; 12 + 13 + from = lib.types.oneOf [lib.types.str lib.types.path]; 14 + 15 + submodule = lib.types.coercedTo from (m: {module = m;}) (lib.types.submodule ({ 16 + name, 17 + config, 18 + ... 19 + }: { 20 + options = { 21 + name = lib.mkOption { 22 + type = lib.types.str; 23 + default = name; 24 + }; 25 + 26 + module = lib.mkOption { 27 + type = lib.types.oneOf [ 28 + lib.types.str 29 + lib.types.path 30 + # TODO: add sets and functions 31 + ]; 32 + }; 33 + 34 + extraArgs = lib.mkOption { 35 + type = lib.types.nullOr (lib.types.attrsOf lib.types.unspecified); 36 + default = inputs; 37 + }; 38 + 39 + wrappedModule = lib.mkOption { 40 + type = lib.types.unspecified; 41 + readOnly = true; 42 + }; 43 + }; 44 + 45 + config = { 46 + wrappedModule = callModule config.module config.extraArgs; 47 + }; 48 + })); 49 + in { 50 + inherit callModule submodule; 51 + }

+21

parts/nixos_modules.nix

··· 1 + { 2 + self, 3 + inputs, 4 + config, 5 + lib, 6 + ... 7 + }: let 8 + cfg = config.nobbz.nixosModules; 9 + 10 + inherit (import ./module_helpers.nix lib inputs) submodule; 11 + 12 + modules = builtins.mapAttrs (_: config: config.wrappedModule) cfg; 13 + in { 14 + options = { 15 + nobbz.nixosModules = lib.mkOption { 16 + type = lib.types.attrsOf submodule; 17 + }; 18 + }; 19 + 20 + config.flake.nixosModules = modules; 21 + }

+3 -4

parts/system_configs.nix

··· 84 84 85 85 finalModules = 86 86 [ 87 - {boot.cleanTmpDir = true;} 87 + {boot.tmp.cleanOnBoot = true;} 88 88 {networking.hostName = name;} 89 89 {nix.flakes.enable = true;} 90 - {system.configurationRevision = self.rev or "dirty";} 90 + {system.configurationRevision = self.rev or "${self.dirtyRev or "unknown"}-dirty";} 91 91 {documentation.man.enable = true;} 92 92 {documentation.man.generateCaches = true;} 93 + {nixpkgs.hostPlatform.system = config.system;} 93 94 inputs.sops-nix.nixosModules.sops 94 95 ] 95 96 ++ config.modules ··· 105 106 packageModule = {${config.system}.${config.packageName} = config.finalPackage;}; 106 107 107 108 finalSystem = config.nixpkgs.lib.nixosSystem { 108 - inherit (config) system; 109 - 110 109 modules = config.finalModules; 111 110 }; 112 111 };

+18 -16

secrets/mimas/default.yaml

··· 1 - restic: ENC[AES256_GCM,data:CoCgNPIOSG6UXw==,iv:9NdaTuhLR57mv8OaCSyso9cfr8V1iQNuQuWInKyi3bI=,tag:qYB3FWJlg6IZlj+hzI80Jw==,type:str] 2 - backblaze: ENC[AES256_GCM,data:GGTO5yNe9zVFY9itFxSzcKBeaG3cler8hrVnrLnktdLnOkgUCp9JUpAYOLeQiAH/5xwBPuMabQULXr7y3a5RbbmcXpgrKf7KKOzV3TDMwVWCan4/c0dzu/w48B83PuZw/Fg6uIg=,iv:kGHjUYWYpY5XBVr9EpPMwxaEsFFBwn+aMgmHScK9quo=,tag:tJyw6851kSGcOB14d3BKkg==,type:str] 3 - photoprismAdmin: ENC[AES256_GCM,data:/MYWdbmA/6sUtg==,iv:jCaIZLYUCFj9XLr35KiUJFMfyfmGfF/rgoJ4aHb67Ok=,tag:2HwQc+N96yyFXEhJaHsQAQ==,type:str] 1 + restic: ENC[AES256_GCM,data:XMkh9jvehbD3Zg==,iv:9NdaTuhLR57mv8OaCSyso9cfr8V1iQNuQuWInKyi3bI=,tag:Kz08EadPaIWcytF6ASJssw==,type:str] 2 + rustic: ENC[AES256_GCM,data:ETWxyvBz3AlXNp0=,iv:MXlQuvTJa2mZuXeiCX/YYpbqKpT1+RE5TNahBrUMM3Y=,tag:Vl7n0JF5M9Q+xZD32G1njQ==,type:str] 3 + rustic-user: ENC[AES256_GCM,data:2hwYQS4nAA==,iv:y0pbF5axrPRdYRGAmx+kp7jkmSl77R8LQMUKQaiDWak=,tag:8kgcxNtvjmyT9PPc/WjrOg==,type:str] 4 + traefik: ENC[AES256_GCM,data:kMnWaxpt0fLxJeX3oYLQrnZPS+pq/xjqVINleaCfaiXeMlJ8qno0eHBkx82gjldeObvTO1ENFz5k5EJ0ICbnS0ny6qHxeBAMaNVF3dZ+XmKx7w==,iv:ZL90s3YuBmwafBz7VEwCTr2flnkguUxJgPp9OrnyfGA=,tag:UeyiUtdQwOlyQoHObL+80w==,type:str] 5 + warden: ENC[AES256_GCM,data:H3So3oZfZ6MBKsjxJNnxk/6UZi6J5D6H5bCMsb1E7rk/r51qYDe+1z2Gq1o0qqwX0k/O4Dxq7wJPaelLO4kE9bxQHvoT1NJQIZolnYF5G/PMqMKWIE4bxq6uLmxNKBmjOkJLo3hBiOHT8MjD/S6rOkUAB6Mn4YRKqcG+EG1Wz0sw1a+6KcNFMqO9xdcwD44MZYrreexOiwVx6UMPSJc/67fvzJ4ms/E3gQEOq6VvCHpxmk4bujo9ucqajfPGK4ewHqkdn4r0vQvrYxXMBkX7AXcL6CHSZ+ht0Hcw0A+m12GuTSHC0g38Avz5klP3FIruzj7oWcjv6XPBYfk=,iv:OauSp63ywmrkENIqBVGVQ99Ozyom0o+DfSqYaL46Ujg=,tag:ZcYkapCUZZE9DDh0PSfZEg==,type:str] 4 6 sops: 5 7 kms: [] 6 8 gcp_kms: [] ··· 10 12 - recipient: age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r 11 13 enc: | 12 14 -----BEGIN AGE ENCRYPTED FILE----- 13 - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuQXZTRjF0b0pIK1JxZUFt 14 - NHlPZzFUR0VTL1dUQTVPRXNESUJoRkw3MEc0Ci9qUjc2SmE2d3R1ckdBWjF4Q3RV 15 - UEtDSGI3VGVGNlJNc0xsU3BBVVZhM3MKLS0tIEtmODNrVGpDaEJ2K0ZyRk1GT08z 16 - ajFTR1NUSlc1NC9HVDlZWDM2MzdiTDgKOmYAKA/bOgAesezmYUHH+ZR/BFMyUqzp 17 - q3ORVxE8DAiPtc6MSREnO8saNKNMv18qVVY0SKPCyhWFYg4sLbnEng== 15 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVRkRBcWlnM25ablJBdit2 16 + b0Y1Zy9PM2FjRmg5ajN0YWpsaitJUStTTXlBCnpuL2wvU0hxZFpDREhiTmhnaFFi 17 + LzkxMmVHYWo4TkZOaStJeHZsK3pIZG8KLS0tIC9DSjUyUVk0SG9mNHd0aGdXN1ow 18 + N2Q4QWk3RU83dUxuSG85V1N5TzFkSVEK58cE6fE6mxjRCgtHRMqqahqMkwYeUnhx 19 + F2Bdg5oPPQxoqIf769fZD9L1y/+LZ6Vi4YhJkjfMVFXk6YtEjKJSmQ== 18 20 -----END AGE ENCRYPTED FILE----- 19 21 - recipient: age10jl78vwyqk622dpn2890l9jl4et3p7lsr8wh8vusem3j8jdxle8qg000qa 20 22 enc: | 21 23 -----BEGIN AGE ENCRYPTED FILE----- 22 - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBndStma1NtRzN4VWFSR0N1 23 - dlBGT2lrZkxzandzT2RBa3R4QmZNRkl1NTFFCkhNOGhsZjFhWmpLS2tzQWs0TC85 24 - cVhXQ1lrN05OalJRL29OenZaOHcyWUUKLS0tIG9FcVF0NzZERnV4V0pYM3VNVTJJ 25 - N2FoNkFKRDhZUE8xa29LVmJnTjUwUkUK+IiaSZycxZgl5GHoFom2Fs92gBQQZ/QO 26 - DepPksFFqqG9YW7V6c16ejMc7SNtt0szQwbmqoTviIadiv26+XS8Cw== 24 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkY3EzZyt1YXFTTlVhK3Rk 25 + djUvWmVjeDBSajlENCtNc0RZMVRVWUVuRWtBCnFpa0NnVjBvb0J2NCtpYitoMngv 26 + WkxNaDNIQnRSSm0vSXF4a1RYcmNsK2MKLS0tIE5zSkExNVVJYkZsV244eElwMTd0 27 + N3ZuTHhVdFo0aGZVMXFlaTdsRi9lRUUK+K5CUVCdjtMVegVydoKRIb6kpPnfBiy1 28 + FxkXAp3a1qU2WqNvXCSO3gtUwYaMG+MPSCWI1gA3oBjGGtTasHyHsQ== 27 29 -----END AGE ENCRYPTED FILE----- 28 - lastmodified: "2023-05-30T19:00:14Z" 29 - mac: ENC[AES256_GCM,data:bQ4qc2Bi4kfRFLL4yHx0RV41vvpAyVdnqQhWhvfRpsUKFG5RruboZCrmUPeovyuPJBmXylO4Utj/T5tldtoreYuhTSQ7vhzCNz9EivnLNbGz/be1g28cWXisHV3X72AsKfugz1QyrWGQkByLZstZKKteb5PjZVxp2O4ZmG7KwGM=,iv:taLvrbJpBBsazhuJ6f08AF1dVUe1DqYO4mkDLZntA+I=,tag:XAsxaxFeSkkxhA6S2Jo2cQ==,type:str] 30 + lastmodified: "2025-03-08T10:44:25Z" 31 + mac: ENC[AES256_GCM,data:iKKmalnJnmm8EkDupTPKmKJydLLYkbAabLy5KJdQfKGvRj6vbJAQHZ3u0Pu2TI0oi5Xv3dtPh7ww04kT0Whe1E97p4t3RPyNCCGNqA8OqQiCPDUn6uqTQwOo1//3xIGFnnRC0VSYrQT0rjebbL96RnWE9XF67TefycxIMHusUXU=,iv:FU6VTW2zkEIlH5P/rr58gmuMnz16TCLP+UtEVkiLueg=,tag:uf7I1GwWxXOT190y8Hddow==,type:str] 30 32 pgp: [] 31 33 unencrypted_suffix: _unencrypted 32 - version: 3.7.3 34 + version: 3.9.4

+14 -15

secrets/mimas/nmelzer/default.yaml

··· 1 - rustic: ENC[AES256_GCM,data:qDoatHOkAICPWEU=,iv:NHuqnSibmY/RkJrSUWm0TbgG45iSdjso9ABI8SGqUTg=,tag:BMgRaRPhA0Y9sD9369+Xkg==,type:str] 2 - gh_hosts: ENC[AES256_GCM,data:xFkw5xITdqyFXWqrK2HgkRzcArmkm84LnIkB+thATDkFAag/8xqV3hZG7NAdZhxVR597lNZiag0xXmTXNM62Wvw6Uuti36Zc6RlgPwiUwJxsaoY2AUdGUKW+8sjrMC/h0pY1DwF5,iv:iFRFCY7y00O3hTi2Ba7stqfVAGPm9M4QRgpbI7X5u1E=,tag:gBsjuo0tAHlr/KlYZZerUQ==,type:str] 1 + rustic: ENC[AES256_GCM,data:aYi1wQgLgRL3n40=,iv:NHuqnSibmY/RkJrSUWm0TbgG45iSdjso9ABI8SGqUTg=,tag:k13fNK3kDcylC53d/haqog==,type:str] 3 2 sops: 4 3 kms: [] 5 4 gcp_kms: [] ··· 9 8 - recipient: age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r 10 9 enc: | 11 10 -----BEGIN AGE ENCRYPTED FILE----- 12 - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxdnA1UFJWdmpWYXMrWlZx 13 - V1RZZjdwaEs4SkJtRjdsbzhhRHR1ZlFwZ0ZRCktxMHBWeCs3cFFXeDNxVzFzakRt 14 - aDFOSTFRQksvUmFTUCtFMUVOQ3BWYWcKLS0tIDhWdTREYitBL25mUGM5d0dKQjM1 15 - UTlaQjJ3S3gvSjFPRHBlYktxamsxN0UKE5iFGf/5o3mEPPIk5fuCfTRifAFI92sp 16 - O3/gUqv4dPkv8nA49WkyiBSqMqwjg2ZjDkKYFWOpK9qlc5/MKGr1KQ== 11 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3U1ExOVN2aWVRVnB2M3RR 12 + QmxQNDZnSWVWMW1IZWh5YmFmNTZYbGRzSFVRCjdvSGp1WThzc29aNUZQMHJDMThJ 13 + MXNURHJUVVpDQ1hmUDBFamJ3TnRUSzQKLS0tIExXdWNoRm9aL29nUldQemwxOXdV 14 + aktSY1lQZmxkTThpcU82Q0dwSUUzUmcKm2VCJHEUzjz2vXAJH1wOovNqzK6Hkk2z 15 + hoIQzqgfQL3a4WA1q0Oj+R8wBChuRMUAYW4+TWCIAckKKwLqRyzBcQ== 17 16 -----END AGE ENCRYPTED FILE----- 18 17 - recipient: age1w6xjgskpxnlpleswumdhtt7x8zx35qn329yz3x7ftqdcmcxrrvnqnuf9d6 19 18 enc: | 20 19 -----BEGIN AGE ENCRYPTED FILE----- 21 - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2czR3cVhSWFcvb3FWSnlx 22 - KzFCV081QXlodEY1MCtBT01rSWtucFVXOW40Clg0S0VFT0FaK24xQkZ6Q2JiQmtH 23 - UzMzZmY1ZElTMEltSVYzTi9MR3hsMG8KLS0tIE92bzRhK21yYzgyTzQxQkcvYzBo 24 - dHhuUzRoMFVRTFRwT2oxbWQyTE83NkEKSsWJJRK3vznYSmXOP6CwPAhj10bov2cs 25 - rV29NQj1K6i6Sc7gmuMW0mtir7n3uZ0HZIUvIOyuk7O2oyzDDqEyNw== 20 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSamQ1R0tHZGIxUlN3NWtV 21 + Q1htSVdJMG5rUEN6Rm1QTStONys3YjNiVEdzCmE0bDJCa1VaVTIyK1IvTDBFbVhs 22 + ZWVGSzdwUWpVZTNSYUkvNjNtTERnZHMKLS0tIHRLSnBxTm8rVVo5ME4vS0dKZXF5 23 + MjdaWk9mZEczVGVxZEpnN3pCQTdMOFEKO4oemn8P9PYZVTsJ81oDy17PRAaeu3pn 24 + zxZ5a8/IrS/lZfMJ1vYwlZf0AEgOMTSyjVMNyOkWAgWIq8z1UkrpUA== 26 25 -----END AGE ENCRYPTED FILE----- 27 - lastmodified: "2023-04-30T09:35:52Z" 28 - mac: ENC[AES256_GCM,data:rUod4d7lCZkmV8U+iPkXNkOWU0THmQDzPqi+xdN3w+lPwZIBbToYhH0WLikUqO44txzHbwmUjP33iHDw+es5o8vxhczSn0e3uVszUg0+sL4MfZ5DkYeLLNMs3p5LCKDwYWBRP8QACBcZXREOsBjljdpgWUQzxalEUY2n6BjoKEI=,iv:t+zk5WceV5rvcOCbSV/D0g8l8awSEiG6y8xnippOnlw=,tag:tG33AtrJPi8pCt9s+qDMzg==,type:str] 26 + lastmodified: "2025-03-08T10:28:45Z" 27 + mac: ENC[AES256_GCM,data:k+Ui8hxJM/W4vHxZtSkTO86L81ZnzXHcX+VEzef438dfoB6rhIUhz6OaVfLnF6v3RSzRPsYCoDP8L2p1vHAY42ljl4jzZvMqrIYU2N7ATTNFc+m2FO1lcfmKbsOqjkrVQxnux8lwBdD9e2H4/xOB+nAivuCEDd3rihYR0yRYiMI=,iv:yMu0MA0VTdwUsKkZUZAVo91iI9qaT+qOVVI3hlmZC0c=,tag:bbKM/vE0lEpvPHIKWk9llQ==,type:str] 29 28 pgp: [] 30 29 unencrypted_suffix: _unencrypted 31 - version: 3.7.3 30 + version: 3.8.1

+30

secrets/phoebe/nmelzer/default.yaml

··· 1 + ssh: ENC[AES256_GCM,data:Ti7PvRp+ooyu/MHGv90zlACZVzE5EseJUFk5KvxwYbE+bLcEKnTWW8yV+BBa3xoOe50P4X0GeNFHLsaCcCtrjNshNJSxZ3QHt1TQjLABvKrQvpU8BgN3qT3RMo019NMj0+UxWL4/5icaR4XAax+JWCTBXhncqFzyXqcB/IbLLJKKqqFTWe4zYhvQitBDF+oU6nTv/qTtj/6B7XN6byTbGPjTJrEXLotmbvl8ll/LiEkTPmuu,iv:poHvd4U4dJha27Bqf4hA1pFhna29kO/RnFNjJsflpaA=,tag:uUfl6tjzVQQ5oaKOcmUYQA==,type:str] 2 + sops: 3 + kms: [] 4 + gcp_kms: [] 5 + azure_kv: [] 6 + hc_vault: [] 7 + age: 8 + - recipient: age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r 9 + enc: | 10 + -----BEGIN AGE ENCRYPTED FILE----- 11 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwMnNzT2dFWWVPRjh2QUdF 12 + VUZkUzdsQXRISG9kaHVqSGp2UWhCNlN3cVFJCmtQbE9LelRkbW4yU3ZyWG9MdnZB 13 + b1k1QUwrOXBZQTVoRTArNGFtTEJSU0kKLS0tIG5KS3ZFd0hKMEhsSkV4ck5za2VQ 14 + YzFLSjNUVXNRaklnczVKdGQ4V0JYUE0KGVHj8sWKKvVGwMrYmx0Js1uI1DmD028V 15 + R+Y+p8H766496hBt6Eza6r7JhKtLXR5CrcoItq8m+fWU6lu+ElsnAw== 16 + -----END AGE ENCRYPTED FILE----- 17 + - recipient: age1vr0uq6mwv844yvm8pe7qxjxpqrekgel3lqfzuuqtfzj0ehz3hphqzsxjna 18 + enc: | 19 + -----BEGIN AGE ENCRYPTED FILE----- 20 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRSTB0dGxWOFhTK0FHcGxI 21 + VkFKV2NkZTlJRVNSZ1dnWVBKQk02YmZ3aERnClZaeTFSYzRJZ3ZWQjNPc1BnanhU 22 + ak1RZ0w0MDExZVlJWVNrYjZxMHZsNEkKLS0tIE9tWHlVMEFpek1VTFdROE8zUFZa 23 + VU9yempBMGVXenkxdkpHZC9YdlFZYm8KsdOmOI4ah0pEjqPt9XnJNxMyFSY4eYsI 24 + UOgJZqRhlG8Y4NL6J1DyJPfeKeIroTAbNoCb65lxWHHWfoPvt3gU3A== 25 + -----END AGE ENCRYPTED FILE----- 26 + lastmodified: "2025-03-08T10:28:45Z" 27 + mac: ENC[AES256_GCM,data:ycmOZIduc6cbx9daCGmLOL6eNSroAkGJw9dSnR79feaplXi6hmvycijcSJkys2vA3m81K2E7MW465GfodkpW1YWT1xW8RPp+WOOlqZvu3qoSu3F2T/VJxx4wCzTaXwvkcY9APAqb+WydN5KQDzakWaJfw+gTP3OS8LTRkYCDtcc=,iv:soCcQcGoi41g+g5X1SVDNH7iH28BCSImZqY1OE/H1Bo=,tag:RGY47osA22GETBuOynX1Dg==,type:str] 28 + pgp: [] 29 + unencrypted_suffix: _unencrypted 30 + version: 3.9.1

+57

secrets/users/nmelzer/default.yaml

··· 1 + access-tokens: ENC[AES256_GCM,data:sLkIWAyispOwNUZJqXfTFVl8NbUcLhWhgLIVI2rahROYHMO3aU/0x8BOtmm0QkPYHA3C7GwzyvatMoASJWrqn6ife48=,iv:BPI8HwuKwfzOMT2gs7U0cpbpP77f+X/HvCcfvIJh9Q4=,tag:Kf2wZ+3xtKhaSY5S1QjTuw==,type:str] 2 + sops: 3 + kms: [] 4 + gcp_kms: [] 5 + azure_kv: [] 6 + hc_vault: [] 7 + age: 8 + - recipient: age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r 9 + enc: | 10 + -----BEGIN AGE ENCRYPTED FILE----- 11 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcVV6MWRlWjhSQUt6V2E4 12 + R3h5ZTlTei9QaTBnSm0zQXU4Q2dkVFdkL0JRCjVnbHFpQ0VaVis1TENCbVQ0Tm9F 13 + bmxZakNpMmIyTmZTdy9aRDJKNGU0dWMKLS0tIHYwMGJxV3VhNTd3b1gwRUREMWVW 14 + MUVzclBGZmV5d2lZcFJyMzViZGxXbFkKpgyVR4xv8NA6J7keZwVvJX0QSjoTAaW7 15 + 9fu5UR/d/pYIoJswd7jPNdhnClRLnTpJB62RZf+HHzGU2uq6aND1AA== 16 + -----END AGE ENCRYPTED FILE----- 17 + - recipient: age18p8x2cxam2l0trtpyhj4x9amcppp9ruzkqxzgapy9wnfpzl9hgaqlkht86 18 + enc: | 19 + -----BEGIN AGE ENCRYPTED FILE----- 20 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXeGFqL0NVaFYxaWVNdVFa 21 + Y3JKdFE3dnh0cFhQRVFqZjdXWHJ6VjV4eVdZCmZQUmJXNDZUbmVvWjRaMk5VSkxL 22 + dFpVTDRqR05xcm5OMDYxc2NjNXNJYTAKLS0tIFNmZ0JsR2MwSzhWeWhwUEx0WlUy 23 + ZlM1NXhPSjdQaGZlVDN1UGZLNDJRNVEKLmyd5dcZhNPKltxgVgHjJR1KQEcYOJ1V 24 + 6jY2Pq1dw8n8CswcThH4GmWBTqttEirFV8tB8CkYvHGk7oJCpX8gIg== 25 + -----END AGE ENCRYPTED FILE----- 26 + - recipient: age1w6xjgskpxnlpleswumdhtt7x8zx35qn329yz3x7ftqdcmcxrrvnqnuf9d6 27 + enc: | 28 + -----BEGIN AGE ENCRYPTED FILE----- 29 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwTEZRbk42bk9UdWh5bUFY 30 + MlBoVUFScE0yUlJNeUlDOFNkZTNmZ2ZYZXg4CnV0a3JTOEZmZXdJYmxUOUlQR2pm 31 + QzRmcGhWZW5RcGpLYURTWGoxcEtZVVUKLS0tIHVieWVteHcyMFRUOEZFVVYxN1oz 32 + SklxWSs3RDhtNHdjZ2tZb0ZSRG4ydlkKvjxtjpOtaNmzeGnVqVLbkI8cEh0wKsLH 33 + k5J7At247/4BFnQApfnw2cbeve2aQVsDjO6a6aZwcVrYQrErq/Ltog== 34 + -----END AGE ENCRYPTED FILE----- 35 + - recipient: age1tf0zelmw4lh9gvkl0qycdk83fut9t4q3tfcdzk8cvlyhjp7z0g2q7hklgq 36 + enc: | 37 + -----BEGIN AGE ENCRYPTED FILE----- 38 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvemdIMXNVSFNibjBmc3cz 39 + YXR3dHNGVGpUZDhtWGtSZVMwWHdKcU9zQ0VjCnNpdmMzNldvYi91ZWdGTkJyaWlF 40 + R2tBcHg5aXpFR2x3M2Q0RU0vVWU0OUEKLS0tIEZYRWVpc2JLWGEvVExpSktDcFNQ 41 + ZDFySCtOdk1Kdm1yRnlaTzFZRkpvQVUKGZoNU9KJgFOJau7Gxge47txwpAlMh2rQ 42 + 6Hfjf8E1igzLnbjvxQcGa2xVvI95KqhKZZclzPX9Vagl1z3XnoCvSw== 43 + -----END AGE ENCRYPTED FILE----- 44 + - recipient: age1vr0uq6mwv844yvm8pe7qxjxpqrekgel3lqfzuuqtfzj0ehz3hphqzsxjna 45 + enc: | 46 + -----BEGIN AGE ENCRYPTED FILE----- 47 + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1ci9GbWNmMWU4S1lGelFi 48 + TVAvUUE0TmtxNE9nSURqQjVSb244bnBjdlJBCkY5eHhaRUxiOXA2OFhSTkthR0d4 49 + dDhMUGhNeXA3aHcvemNZczU2bVpsQkkKLS0tIFZEMFFyTGJwWkR6QXFvYnZHVnNs 50 + OUR3N2IyMkxJc3RqcmorUFBOYjRpa2cKPQT3cmtP7I2C38OPaRqxudCXv6CEObnp 51 + DOVPG5JpeQGEu74kK5WTqbWlQU8AToOXmJdc+ru7ea1wAiXZiKEG4Q== 52 + -----END AGE ENCRYPTED FILE----- 53 + lastmodified: "2025-03-08T10:28:45Z" 54 + mac: ENC[AES256_GCM,data:VktkGG1xk+tFtgdmLrM7rLQ+NEqDMATyu0kdm4iRe61mcMppNVR7ZxjP7Ryfz6kkiwAfqrv5g8pzaoHHCJoLAOShgCDdHB49USDVR7OZHp/BiNJkSwSYgSWsWQf4Wxve2lADcGJNrOD/l8jmO9DcUDldLdGEGJeZ6waej3g7z7Q=,iv:FhfHa/LN9UVC8fnilYv2NxlNT+xRRXdsKIejOqug4cc=,tag:mTBuhaR2AxulRrfPSB6F+Q==,type:str] 55 + pgp: [] 56 + unencrypted_suffix: _unencrypted 57 + version: 3.9.1

+36

secrets/users/nmelzer/github

··· 1 + { 2 + "data": "ENC[AES256_GCM,data:WaE9ywj9g4TvMdjrRmKjwxwTuak4gsPENMaP37qdxQTSvp+dhklwaIh+LIAIMhPHYtrhBMNj1viHnaIETwMIB7uUsblKIYa6AOxpi9CU9xPkpBhKGw7vMEfCjlj9rHPjB41W9EN/EDVgY0phYFRF7DSoOa1wpHouKwKbbaO3r8L+ZbN4BOiizquzMOVOxp1b71xsc34WvrAIQc7+0H5f145I+KPAKGkUSMrV7t0RJTC24ENa9Zz7n0NduoLokK/IGXt6tsQNnzdS/DTmLw2W6fVkb5b4uzEvkqgnQOuQilH4CMX+xsuEkUkWqe3E8sUlzvdUszAjfruQUvJDuC//Vvx0vE1Kx70h+8BCqDGPLIs/4aEtW7xfu5B09WOQKByyd86NArZsC6R+sbmTCPD7WLFV9NI7Sg+E1wkPSmtYUYeMTmvPwfNISLKC4KHNm0cp5rb0EhmZTxKu1qId59vNdpjTnTEz0AZAGoVB1pGi45Bb0pUE/n54WsNhuscOVHk2XdYH/BTcEU8VYpLvcNAWFX/a1MWc0Bx21e8Qk/KNZGuATrWLiXIhGxT33bmlm2/Lb+5LS7xwMxomu1g0xGzSzD3z2B9CExekUw7q9VWfAinVecHA8NbMLrajkqGQb7fbcTqXOQqXL6BrQDbaOb/hC/AffYq4SEurvP4BI30E1hArLIlHabLwxBOaNLB/Ii7i51BKWqQGaof01ziAWChptvSic/oN6xnF6CbpXLr1r/z5WoLm4MqEQJ4Qvp+vsAChan/1kG3S93xpgYof3PZsrSpxxfGSJq2qBZq5Xd//6CfHdwhdulaciKi32F0GV+DTkDAWTwOOy5fo8IC3bLnWr8rFo3iS0DhETR2V7s1/w6MU/0iuPz95TrBffNvaI9uSehJaQwI4a3Y2M79nxB9xfgHIsbh4+fef8OFa53snckCCzY74Rsv3Th7HliBLVcpAUNvaw5xFnECFkjq/uJVd3cJ3GnYO01InxRqkHm7Bl4RqA0tctpzM98p6RtidTAZ1RHZD3rwgU/oPoV8a32gcmhdRbm8m1/nBXDg2aoSXYJ9NhGtJ2hK+ufsW+szAv240SVX/JH5vk7w7T6H7n6UcZqxYozjAqawP7hUSB/eYfY3uKJIxUdJmGfnDq+L8/d15Pnbqb6zD9qSHi38OfKUTAe8WONWSiziK9EEO5R1EPAdsZod3CFBx0K/TfrBC2mpCZIUUY1HqIDICsDUoFdzj377tLQqcF6K/b0r0sL5rw8L0I6pZiYCCz4LfaBg+oCJwupTqnm1Lusstw1EZP0Psqt+pabj30wA5JPPbo+EB7X5oK6P9N7b/Hw9MpQNNddTvZk0bHI9l5hUZF/rv6TY/qVVCKcAH06bCbQfPvzV9Q6fc+e6/k401zVplq73+WjiqxUWm9iNhrWodXpLWH7Zj3Tcn/mmWNRYUvJE9IccTd+mQ+rvfAM8om66NH68zISbPlDeBuEUIhUlCihpUOerE5j/SasBuTqnrXNz1Z+aR3LT40r4QH2OMEeBR93pPbsZ2l/2zoqL8t685U8B3nimYAE6bwpdn6tErT3MnO2+R6VKIISaUm29Kang6jfDPgPaOZPVXCN05O35Of555TjbSn2XXsh7jqnnp7qW6zUXCcM2Q470yAlQXF9VAXLTI0zKkTVK5b4g0jNs9IFHXelw4vZNM26L5wsTVsvvjW8TpJm8Hkf/Flv3hjLQql21YyAejxRe/vu4ku80Gglwrqyu6wVdZtL28lqZwt0k06z19JuxbTwyck7cSQpMiHg5Ou/0ThqHJdEbCv10d61Be6bZ/kGaqG7mjzX16BjGJamzrRsW+dB96WGipFfLswFka4slB0Bsn5uA9awhNTR9JJyAk+6LvXDg/YigSYiwpXqcOoSPY8KrfBapNussU9oYPqIumdocMGvIzg9MOqpR4Kl9E/ZOyf0gzomIYqdP7elFNnmcxDmuGBwexqO188w2pRIQ7C/GrCwmarMJfe2ZKozmVAbMPaze9B3lLs2gb059tj6WF2xTJd/3HYxbdmUtMeGIrQkxKhFxBY/+bU8M4rhbR5HZiOJIfqko/lAPPQIB9UMGC0yBfGofaZYndHtJAjf9LKLtj3crHAPd1vsS7zyy8rhGkNGFHJNnYgyvYZT1A3eM36W7MlCnVImgENg50uV6xFFKzruiVLTLhF68bfKRKnncxw2sb0dKBGvVcOFm6At7ZgtM8bX2HIlM+7A==,iv:+pnvwKJLNUD+0tpxurFocDgK0qOGzVsYkcV6b6KYock=,tag:oVCamxWlyuQU7McVwxZUKw==,type:str]", 3 + "sops": { 4 + "kms": null, 5 + "gcp_kms": null, 6 + "azure_kv": null, 7 + "hc_vault": null, 8 + "age": [ 9 + { 10 + "recipient": "age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r", 11 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOSEw0c0dWY0JhdGpMVFo1\nc2kzQm1FdHZIaEtuRG4zYUIyU0Z0QmVOdVZFCkpNTFJpTi9ha1VFb2l5czJONnl4\na3lYU1VmNmpBNzNBdVZEMjNRVjF0RG8KLS0tIFRhTEs1RFF0cTRnNTJqbDVJajh5\naG5UWExpVVl5YjZKUUQrT3gxR09CbVkKc64s7ROfryegUfEr+lS1KkbUDJo7+hso\nBvdJ4EJqS1Uu6H2XugpwBco640PKknJABrkL68LdUGlsUsITqK/MFQ==\n-----END AGE ENCRYPTED FILE-----\n" 12 + }, 13 + { 14 + "recipient": "age18p8x2cxam2l0trtpyhj4x9amcppp9ruzkqxzgapy9wnfpzl9hgaqlkht86", 15 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGOFBxeFNVU1RTSUNCOG1B\nZGhZQm1WSjR1NmsrYkpBd3A0M3liNlNEYXdZCkJKUkp3TGRsMzMrZ2RvU1YxVU0y\nMDJGT0dwQzM3T2pHZFplcFozYi9Pek0KLS0tIFlEb3VuaVJ1QlJPRWlVVDJaMnV4\nQzNhNzBuL1JZeFljb1hwMkp6NE9hY0EKtSZY/B+DbKkDW6cof3sjud77Qz+S6qO4\n81N0I13ywjMmLKLE/eXKEwRXvZkTV8o4AfkZIZo+JPvMgXcujrTFzA==\n-----END AGE ENCRYPTED FILE-----\n" 16 + }, 17 + { 18 + "recipient": "age1w6xjgskpxnlpleswumdhtt7x8zx35qn329yz3x7ftqdcmcxrrvnqnuf9d6", 19 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKMHA0ZHRjU2tYSEZna2ZV\nUjFTRDdMV1B1Ny9YbGlXVmEyRUNuMlRWSDFjClR6cjhHaHVKRFFGWEJHdERZZDRw\nQU9sVC9SNGZUUGxrVUdJWlVwbGpBa1EKLS0tIHYyeWZtS2ZjWTVJZWExTkJWdzFJ\na3NDMUNhSEtiamhIVUV6T2luNjI0S1UKIVHr+P3jpJY/k44EEE1RYB/PQxI4E3lw\n1DdyulRw0CvhuxVoZsINckTjgNIfRSeJlqS2OYEYfHPvqg2xcBNlGg==\n-----END AGE ENCRYPTED FILE-----\n" 20 + }, 21 + { 22 + "recipient": "age1tf0zelmw4lh9gvkl0qycdk83fut9t4q3tfcdzk8cvlyhjp7z0g2q7hklgq", 23 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArRWhuWVNScC9IK0Vya2oz\nZ1JSRERnSmpJVEVNY3VlWnZLcUFESUxVM2dBCjFSdUtEbTVDZ3V1eERja1hnb09I\nWGNLcmNKcW5wOHFIMjJUWTJrTXh4M2MKLS0tIGI2OFh2ak5PTEV4MFZKWjhIVSsv\nZXA1dFFRY2FjVnI1MnE0TUtJemoxTEkKcCGDk5Mj16JL4/fevQCXYuTdY5ZVE2rb\n7nP+oqXXRTQAMVYsWwWIftNjd2XCM43UkTUKetMktGlcBMd/vNh/Xg==\n-----END AGE ENCRYPTED FILE-----\n" 24 + }, 25 + { 26 + "recipient": "age1vr0uq6mwv844yvm8pe7qxjxpqrekgel3lqfzuuqtfzj0ehz3hphqzsxjna", 27 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1RE0rOU1pYWVQOFU0N3da\nd2NmNjlZVWtEdisvcTVJa2ExRzVsK2lFcDNvCnkzb0dTQ1ZkM085VFpLQ09NZXBR\nd2VKNWtmWVp4YVViV2dpeUJyblBoNHcKLS0tIGUybXNsQ2tsaU81MURmKzJ5YThY\nS280YUMyL2JyK2pHMWlRTnNpSjRqNmsKg80xYn2ZE2zjt/t6pSUpXm0umg1+OM3h\niWJzu2RPayXglUc22hIiC08kahueHA+iJ+OPvMkl+NEM0FBMHotGLA==\n-----END AGE ENCRYPTED FILE-----\n" 28 + } 29 + ], 30 + "lastmodified": "2025-03-08T10:28:45Z", 31 + "mac": "ENC[AES256_GCM,data:xbFr0rhkcvO/+fTrGrOLCcmE52QVVxvwEu2Zg2vQ8DIt9aa+8p/aXI5ndY8TDoHsrl27IqZUetTYReXgyNBWuYhCbh6pLlJ/9GBipq+HTtyTuorj/hAREnaWDI049awM9yR6S6jELBSvPfUSKDi8JfBYelO04D9a2VinuAyP8/A=,iv:HzqLaMQbsNhwgBCX2YZj4pNbnLf73hc/IpJ8Hm5+pDQ=,tag:3rBwAgrscRB7hSKKj8ps6Q==,type:str]", 32 + "pgp": null, 33 + "unencrypted_suffix": "_unencrypted", 34 + "version": "3.8.1" 35 + } 36 + }

+36

secrets/users/nmelzer/gitlab

··· 1 + { 2 + "data": "ENC[AES256_GCM,data:Ogl6BZFz2S1TTDdGDckoF2Mb8KD6G+tD1gIKsiiGBJBQFkC62fT/bEPKNEQ1kndIsLQAcsU26tBEn9YhCLyWkeIIcFDSnq58u9La4HVtydpNo8f+jrvWeDqp3lfXPgIMKRUywC499Oa0HtIyUGs5Xf3DuwoaECS/hhNBNUG9gSb2X6iLb0C7mV+Gd66kJf31DX0cm0JFChiwdQyLlxgnxRMeeBeUhXETMQBVPlRtEs1WxUnvn8D8WkHRcZBs+/TRIRaJ3rY7oG62iBAum/UmVBgs3kt5ZfsK9wBkIFuujwd1wVlTZjWkUYnte87G2p2My2khEQX0A9AXatAxRowRUMI/BS7nq51iv4RLGuHEWK/2IOwmfKPShPvUOZsRx+b16GT2/Xeaq5WnIdW2PaBcfYJV4GaLUwFSlsFHq8D1E/DnlD1s3msmoy0IppNwvk4zkK9zdZxoWIhldq1Baa+GpFHhqPjRIgpN9Gd/hulcygvDKr/rrekOiz/xdjBREXvwW2siwnMIr2SfnKLlGYyb+P8KmYXdPgHh2+X8k767b6fzQ6WmoqzeXVlsLtjPHK32nOz0T5eilQYrL5oC1Mi0u+4wmD8QiIS7KvMC/pU6B5lCb0yjpsdLET5gbQ5Xqo0vn4inftGMwHl7HoQbB9bokHhCmZSoI7DQCUjIYlKCHR5we46IZv55RzLCkmMpBlHCjhqn6nK08+Kj34jl65BBx1BjUR/digio29VhCgL8NwYgwk1k2YABVuFJFnCERBPiDLpL9v0zTQzB1Z8qfFpwxmLw/e/4UbqhPl7z2uhlFMkMjF01kgqBpZNzXTEwUm+kWegURdGdo+XJhHs634QuCZKsKExODCw4Lgl5jUCBgSxHYdnqzyN1MH9ws6xrvywAMmzTwMX19gb3q/NGijlX/Ipt5hrOGlmteNuhepW4KVuTanxhdtRfU9CeSBsHxabZkglkl2tQhfaXoW1OwE/Sp/NF4pYfxy09kOqH/c+Yp2j9WGyxrLTnNlS5XNPY+NCVDk31/zQno2hV77EbXK7pW10TThlu0iNOa2X0OhkJEZV9nWhN8QeKwN/Xao8F29JZ0WDYmcXMWrTPAmSsDob2SnQwgEvRpmxxtuum53IYnTxdGZGpL7DBWLdKZBMsJ9bP5vgeHClSHPyjpro1zK4VhxW/U6Yzpi3PCEyx+KpV/v8sG1DnvSReYd5RHga+p2ekYE8zWD0BzeNfvucroKMFcX2erZHYBKliMuAM85jXLXEohMhoOVdLm/1gAPt49LJnz2QFaU91G89QRxSjXaIqNjZdCDM/jE4Oa3qx3P7QtBzKzS9q6EYjvKzoFlo8I33X7CpAZ0PZuJttD3jDLHmmoOaVnIiquq0I7ESBjIbCtzjuerhDEhkaQDlHPUlFthK5Dg21/cPUbKL1xrZLYoOC6UfWa0lkayz8m7+o6NQAEJYJmvGd4pWVPoHPuYKCtmXWHeNNH8GIcGLvwUe87F5LeC/QFe+oPix8FHOfjZS3vzQRTDdEp057UewWMvodChFnZV+73rl1WOHhqGWghi58ghIY7pkhzj76lrMBhRq8ryyefrDq00uVYntoIbetxwH/GducP7JBvNPbFVvRn4/n3u6/3/0ZrdzyuXKtgwW17YP6UOexvQmkzgyBnTVs+JW1hnS/BToIliMtBg6KlUXcQR+0X+6hLF5mms1oPmX7wH1sC01iMKpt/jpnfIhq5tjySaebCahjqDJ7XC3HuvBjCvGmVpLYFWBjJoUX8fnPcaVI50zUtwqofF0BPcsSCg5U8S9vjVB61A9mTqOcH/6p5lThL/8yAii76XRn+tLA8UoabuQs+Z1bPb6DowkMnmT93Ye22NRX6fxFrXyJCr0puRkh2Qn9xbPmcIwx3CxRhO4DmBivtVtZtmYhoxYvcs3dNV/ergk6O7FKwM+q8c6Ia363GAhATHJkNyjxmDZRvaSY7v9CeqMyFmGobp0ZohWyfgXRuMO20CU9Ub7VdIct1mgMslhYSOfW4UStc66tGvozsMdyvnCo5lzjQUBHxOq93HxkSTedP9FB03WFyVWZEH2++nYyc3IsExGnq7ce6YQwL5rPThMNw5Ur09zrf4aX9Rl4mQJaMQyQWES9BfO0fDRIMciZXwWW0FDSlMCeBwesQwlnBpVIjPixsy8r09LMd3LxxPw1pt7vtfJh1R+6y4ye8/1VdVsGBp6AFLTvpaYW/aZUFAr8SP/mVYhlfms=,iv:wutx8cOVSjjC69NzlIrojwRLhs28QvNXRnRJSC6MMb0=,tag:cPf78d+51Op/58UiaM8IqQ==,type:str]", 3 + "sops": { 4 + "kms": null, 5 + "gcp_kms": null, 6 + "azure_kv": null, 7 + "hc_vault": null, 8 + "age": [ 9 + { 10 + "recipient": "age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r", 11 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJc1N0MUNwVFNlTEdjUElq\nUWlsTG8vc2xQYitYNWlUTlRGRTVLVzRyY1dBCmlMVG9OcUU5bjhzNDhpWStDaWVn\nRTcxZ1QySFhabklhQzJKL3BqSVVydncKLS0tIGhIamdINjdJZERnbXowZTlNRGtY\nOVVJSEZ1Q2NNNXNXV3UrbldUTy8yTlUKeLwquuhjLHDwzzL8JERFELXD9b6HWlKD\n6YXv+mHaeKtcN0y61uzH2O51U13e79ipex9AeYj8YSIZx1DRiJAg5Q==\n-----END AGE ENCRYPTED FILE-----\n" 12 + }, 13 + { 14 + "recipient": "age18p8x2cxam2l0trtpyhj4x9amcppp9ruzkqxzgapy9wnfpzl9hgaqlkht86", 15 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlU2tFSTgwSXFyVEo4YVdO\naUx5R2F3UGxhY0RBbStMNDdpMWZCdkVzMEc4CmcwOVVFbDBGRlZDS3dhdGZNNUtI\nWWNCRDRUelhvVzA2ZFIwZ09QYUhZWk0KLS0tIDRORmpMZk5CcDdOL2pvMW51clA2\naFpFS1k2dW9rY1dQR2hwb2FlMWVrREUKL3F0eiR8lKlDfQMYekRvxUo/c/qDVgKJ\nl5+yOsCMh6iu2u696gRcrnzrZ/aX23TJE98ttYS97DeUjUCc0Dpo1w==\n-----END AGE ENCRYPTED FILE-----\n" 16 + }, 17 + { 18 + "recipient": "age1w6xjgskpxnlpleswumdhtt7x8zx35qn329yz3x7ftqdcmcxrrvnqnuf9d6", 19 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHcUhZOU9kQ1FkMWY4TkdS\neStwOThKdkpWa04xYUU4MENrbjZRQ29ya3pZCkpqaHRGeVUyeGdDemZUeXNkMlo5\nTkg3dFNlL3c1NWJNS1FzWUJ3b3FSYkkKLS0tIG9aUkxYTTVDRitCWTh1TmRFMXoy\nU3p6RHk4cUVOOTlDamNSZFdIVmc3STQKdvB/aVmyKhVAA+JKT8aQo1VmDa2WhGl7\nzGIGX77gsjDiy9Jb15Z3KWGu4AP+bonUTmTkUWA5Oiqe1rhOe9MDMA==\n-----END AGE ENCRYPTED FILE-----\n" 20 + }, 21 + { 22 + "recipient": "age1tf0zelmw4lh9gvkl0qycdk83fut9t4q3tfcdzk8cvlyhjp7z0g2q7hklgq", 23 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaNWhBaWQycm1EZ0JwKzIv\nSit2UjFhNUsrd00wSzhua2xONXZwZlA1WjMwCk80WG5acXNGTkFEdmxyYlRCNlIv\nc05CY0RQM3Z0ZXZNTkswOXVsaVcwS0EKLS0tIHBrNnpZbFRpY1BuMm5ocnlYWXNZ\nTXdBMkhROGxBM0R1MDdPNHhKM1NYYVUKjZaHwqh/0OKB+ybatAfxEF4OmskYW2E9\nYEjuhy9jdcqi2a3hm2bI6rdSCsemAADJPW2PWsqjNc2TB9QeAK9ZgQ==\n-----END AGE ENCRYPTED FILE-----\n" 24 + }, 25 + { 26 + "recipient": "age1vr0uq6mwv844yvm8pe7qxjxpqrekgel3lqfzuuqtfzj0ehz3hphqzsxjna", 27 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTUEJ4ZjV5aUhLNUVxNlZp\nY1N1WUEwNE5odUQ2ZkdqdFV5cjB6WW1LWkRNCndObExzUDB4ZFdsYVVNbUtBbFE2\nSU5kZy9iK3RlY3FLWXFrR1pzZmhYOU0KLS0tIG04dm85SGtMQmZmT2RqTGYyRWlS\nTVhCRVUwWGhUaGdpUExPVjIxUVl1ZzQKkcnzuMCngr9oWFDynRENTlJQEFIbRJV/\nY8THko3rajg5QrIcoDTHeQ85WM6ucapUakAUTbis+Sa9xBoQ2coqDg==\n-----END AGE ENCRYPTED FILE-----\n" 28 + } 29 + ], 30 + "lastmodified": "2025-03-08T10:28:45Z", 31 + "mac": "ENC[AES256_GCM,data:1Y93EdZwSxZ3u+F0umtNc0jxzHHR7CdF2OUDb+DhxhmJrt9dEBoK1pRAN2qkdTMRMu5SDZVh0oilbQQC8HSC0iegpvlJo7lkG/qXyo1ixqEdp/P+mjqZTRqyxt2F/fFTPU9ggXhpQKyJcDgV6fjGm1pyYcTSMsvm0hOyrFq2+fE=,iv:rBYnAsB8PFoK2y0rb3G8YgX7e0yACTSE/AO1fYoRV8Q=,tag:TR6ZqCdPll7zPVSL/qUTzg==,type:str]", 32 + "pgp": null, 33 + "unencrypted_suffix": "_unencrypted", 34 + "version": "3.8.1" 35 + } 36 + }

+36

secrets/users/nmelzer/nix-community

··· 1 + { 2 + "data": "ENC[AES256_GCM,data:beYSt9kq8a7NhS+FQcWQFFz0AjJP+Ybz1o5tYhAXkFo88OlxooLKCEpFgSDmN8jKgoE/IItxuLNVJJmPmo7+QUbQZgZq2Gs5xE5Am40ckfWc5vdGshxa5cPFqt1v+Sq/D6+oMj+8wxRC8zbUXGAH7Pah9Zaht/O/8gYcdnuypokYz6iKn9J713JbKAUHNNK358UUQhkEuVHWIgsWjbe6FylP+GlNtziYm2d4FwhAebuoOmZx3prQidP2qAcuul/FWjvRa5tJX3mEEa/oA1z44Q54jkPyWHvaMbsXMwdmq/3iFL26pMMZJl7FrM5OjfcxsTPNFHZFe9zonVWzffvdgu3KDpNcGTDK2OZRbOszr6kXy3BZYkzt/EMHoqH75mJ+WNCaGIZ41c3MMWBjEr0AkDLrLWA59EcVAJdH0WQ0TaVUErncLG6kR9UfGTMNm6dFs50IJy0PfGISHAKrnNL+2NkAdEVKlhHouP/0nlCqgB9Zg33nWzHniP7e4j2yDz6jfIkoIUjBHuwYPh44MEFE,iv:liL/qeyXe5Wbm3WtMCR8iIUk0O7gdIqYTOS9sBJSyqo=,tag:pkKFZEKNNBvl3/SfjH2nwQ==,type:str]", 3 + "sops": { 4 + "kms": null, 5 + "gcp_kms": null, 6 + "azure_kv": null, 7 + "hc_vault": null, 8 + "age": [ 9 + { 10 + "recipient": "age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r", 11 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtZ2c0aUJiRENZM1FNamJX\ndElNRmNsdlRBMFZNeG5vRHdVcjFyWEhYTnhBClJEbWF4ZFkxM3NoS0hXS2tnaTJY\nM29oY2xzQldidzdBcE54c2pTdkhCNncKLS0tIEFLNC94aUZmUkdLc09oSEkrb0VS\nM29wT2h4SEdjUE9CMWtFMmYwSHVSaUEKN9MEDf76Wa5JNjk0DSy8MExMDjyxhpSu\nBCPeuJpyYqac2vpwc09ttV4vqbzRzrGHlMGPpgFkgkYvvzX5lqehkQ==\n-----END AGE ENCRYPTED FILE-----\n" 12 + }, 13 + { 14 + "recipient": "age18p8x2cxam2l0trtpyhj4x9amcppp9ruzkqxzgapy9wnfpzl9hgaqlkht86", 15 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXeGZtQ2xERDlxd3l1TzFW\nTFhmRDJnOUJxUW0vemtZM1FORCsyMHFyTkJFCmtvR3I4eWhuSjFrNTJDdkd4Z29k\nRkt4eHM0aWVtNTZuc2txVGNKc2N1SDQKLS0tIEZ4bE5qU3hSSGpXb3lGWHp6MGti\nb2QzWDRYRmluWDllTVNJNmJaMlMxZDAKB0LOonMk7ypELophUHLnR2eEOclM5CgD\nrbgkmmKZPXMSvXLXDoQDICxleDNoFD2mWi4JvwZWZuRpaNs/1KPraw==\n-----END AGE ENCRYPTED FILE-----\n" 16 + }, 17 + { 18 + "recipient": "age1w6xjgskpxnlpleswumdhtt7x8zx35qn329yz3x7ftqdcmcxrrvnqnuf9d6", 19 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGdTVoVUI4UzM1VmlTZWVy\nblZxZE04TmIxaU1zOGhrREh6NnJaaTIwSjBBClFHejZwdHlFRTQyMC9YOFFsczhI\nMjh6cjJzcklFUGlHV1p6TnJUdzNPVGsKLS0tIFVQTDI1K0Jydno1ZVgrN2p2aDdi\nQ01mR3lNVzRmSEptQklBR0tIbWR0WE0KKND3aAMOLmMLjQV4iexO+XnjZIgZSSOj\nbK3qtICJ7E9lcRgoXtHDJm6+e5BzpBOUVkfX7cKAEWWtbfwrHbYnyA==\n-----END AGE ENCRYPTED FILE-----\n" 20 + }, 21 + { 22 + "recipient": "age1tf0zelmw4lh9gvkl0qycdk83fut9t4q3tfcdzk8cvlyhjp7z0g2q7hklgq", 23 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYZTVyRU9DQmNIRm1HWDQy\nUmhQUGVPM21ldGhCSzMydGpMK2JBdUNZU1JrCkpTa1krT1haWGo3OEdnLzFQZzh5\nTkFYb21JZjhGdmZxTjU1U1hRU0hkaGMKLS0tIDl0M3NaeE0vOTlTU0psSnVpYUw1\nYUE3ZGxXUmk0WUZmWUlQdjJNMTRBclEKPCZVzELeRe9jUC+dY/LTFrk0yrk4uWn0\nhNCROYc6jQPAHLhYRnCbWkENCQHfhBrxVLeyzLmELoU5ZdM0KgtPyA==\n-----END AGE ENCRYPTED FILE-----\n" 24 + }, 25 + { 26 + "recipient": "age1vr0uq6mwv844yvm8pe7qxjxpqrekgel3lqfzuuqtfzj0ehz3hphqzsxjna", 27 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3aU02ZFlIcDFpUXU5ZUg3\nUFZTR0Uya2JDUkw5L29tK3d2cmg2N05XVFRJClZnWVpwVHo3cFp2b0h3QVh0Wk15\nWGFOclBuQVMvcVdMcklGOUVST2JGYVkKLS0tIHFrRUl1aW1OZ1Z2SkF5K3FMRmFu\nQXlDZjdlWVFVZWEzaXN5NnNFc25iRkUKk6/f0mFEON/gplXSDCviVm4+e+duQJlw\nBT1oJflU2VHXK9RJBiUl9sV3tGHF41MeXpt3WoEO1AKMsk8Q3Q++1w==\n-----END AGE ENCRYPTED FILE-----\n" 28 + } 29 + ], 30 + "lastmodified": "2025-03-08T10:28:45Z", 31 + "mac": "ENC[AES256_GCM,data:yenOYHB/Eax95Z8YqLd2kWq6bHUIbDXHj/qQntzLgLmBTUpnWW4DKuyligR3iBH91WD4evWBc+bDU5sMfGuozDQpgynsoIjPiOsNXPlLOURZLQf4tnqPzd4VzSkWsH2Q+b5bQvEteqYwYt9EI0XUxOfIF0X10yrjCM6axV6bsu8=,iv:du8kmJ2P/33SsLOih+5oCMrdvIEgWsFEC4ys51ASLJ4=,tag:4jsUew+WAfIj6pAUTGymLg==,type:str]", 32 + "pgp": null, 33 + "unencrypted_suffix": "_unencrypted", 34 + "version": "3.9.2" 35 + } 36 + }

+36

secrets/users/nmelzer/nobbz_dev

··· 1 + { 2 + "data": "ENC[AES256_GCM,data:JbATH1rQff0rUhJUxXAKwqq+KO8hjLXnwp6uwBwCpQXK1OAD88l/4StWTZ94oSqUwcwjT8DtI2M0DLFdGFQTmmQrrt/Or8XKHnZc1zu5axgJ8H/Ey3m+CFDgz6Wg9rOuc1nz0EBTBk6XIGvyeXc4AMMfUuVDo14ijarTL34JqPy4sB0ayzCGCWZTyxy0VKQoQnYQBK5D2JTqG4P2IjFY4yh/2R+IRmK+MghErz3gKg5ORKPfIqH4rFAszGbUjYZt9TKpVGiidW2lYVn0nqVHHzMgZGokst+jkrcriKQS4CLLLk/zh0Dx0fHo1QrJyRYzry5cFFQVCQZKyTe3nbkuExPbxfm13hROCC7jK+XYgn6T+MowJ4u6/B6F//UgjTLQ9by58lhbG7N1IUbXcgGYpWYib9bavF1ELk2PXdazP+WQJTQXMYT/f++eT80m6PdPbmHVbm1cjVD22SjnMa8g695eTUcvx8jwFbTKVEkE9kMEMOlAG6hVvf6/+8G+xvoCYXu/C35/mf9k6n62ii5QkoPiqT5yKKiGv/GXht+24d9NQGX4f1CF4p/6s3yRfKaOnnOF2MLseY8eYGrlLdGqdr3QWet0cAcraTXP62OH3gBBPhTW0U4N0EciBsX3/9atVxoiq4y9C/SQOYla6MIRRK6NTrWlWLCRif/MOBja+Ya7BG3s51umZgS8v3uPL9OyjpWutRpYvBPkherfHpKKzUUNJx+o/2De0yFtQx659bVddBQ1dBmJPjYkUbSzQBJE767pEyZf1oac88SC0wizxPFLDcI7ZzFvQlO9XYs5pgoO9aZKqYDx97rT6BJeOyUmLE4XhURliQtpL18fRqIqHu6SoAQoLZpjLx9A5JUHyI2iem7FyZJKFVeA/bL1hdXL1hby/VpnuP3PmbGP90Y4FOHPozUsLgBLObqbgf6SMKZBEs7JWWEK4i9A1uYbv7LIvxslqYvB+qwdCDEa+tFfz8TG9pBerJ2oqCpaNbO0UGruvpwJ7HXSpn4VdAXgG5zy4glupIqkGUNoERpYEVJMRZxx4K8ST9OZ+0qwpAOOTXTwYuqkcEw5TNwcoNswUNzu9Ck2/An0307fhOYXjO0D8IDvTDIF5CSESILjASB5H7qhbR4hbUE4G09fIChKi6DLyTP/zMAwWpgUBwxByZGMrttH+EzntFNbgL2EGbbdCfr8Vf7XWHhXT/bNYhlGJp2dkdOOBnV3XdPMIkyl4zJqzzAFySx4cpFTfCQ/zwWOEQN7H58sEsqcUxeYOtnSwccWkuP0+9Z4nrdJrAjq32RLeLSzTJ8cMStB85E3h/Gqx+O0Jw9fA+H4sE49JGkIobiuioz0wC/6uMQvyMBs5cyDvpiWFQ3dj2bKgpCtBVrAlcNG1Q8Hljc55WblkFiQRxVix1xB13yCpFMeNuIdCifGXUbTWuA64H4QjG5/P5KgH5IkT6Ry0wDPGw7CSqMXCXhCiRLsyzByGfy+LMkjL4LZk8GP21+6NlUkc+5j+cNZkjZ22J5LhxIdz4eE7MXSMKTno0iMrvUKYPJe0+NgIrXtprsacHLDyDSXowS3FUPWqPfPLG6vOBfz+99DMumFY1UU6eHSdFHVovBdp50kHnu3LbsiNh4iNvl8rtctgVl7PGRMvU+tF4GtiIrxHt0MRZzQ6WemRVvRIvZBYMXEEjn5p6Xn9Lg5p9HjsnvpjdmJOZCp4CCwYrkm9kzk+f2qwPVy/J6DQBwgr41k0Pd8fbCQjdICkGSU8yJxwCsWvP5I2T5NWrPiUdav0doc2i5fEi02NnDcL1ncChBooqrVjD0mLIbQ9ra9F+f+51RGZO+Y7XjfFH8E2uUb8GS3u/bZbhmoCvouVKHLurOCcmFfs14ZGek0bZT7Q+PHChWzv890MkA1S5A3x9orY6WmhR4Zy86Bsi9PA3YNL59jUQTl0nWknbrxuhPdPcsmCL+DgdSV7E5zesUaeRJi7QuL/GCZ2E8PKKSuh9Kq56pYk8HsYMsrqNqyU80QM8aRc1o++YSq6SLwEmY1Pm8fsssZTjP9PT2RZIXt5LjskQbkA4Q4rECm4JQepx9jHZeFAgo0tDOfAmj7q1QQq3bxEfvRO1dxJ212tvcFpR5ehDO8d4CLyTMqprBvG9/0r2qO8xp7ifJQKHx4CDpiiZaNS9Fyl1QdfqADvrT9z15ucRsmoQuL5zjVdbC05lAie4wswlcOUUvu3qoj6RikDC+xFG6AXd+e33un1v9rT2XmVzz+47WKPCQLfRqCDkNgwpjxUkrgCsiFun3+EhzWxLxzXLIEkVfE8c7eJnQSDu3IEShZ2vF2sT5FFJScN8tf888J7mCgLsHpnWbSplXxa4RMjO1rHD1S04tLC80EPGl/rdaraHmnEtt4mc9boo7IyusR19gotEjRRnZDZJaplDt72IdgC6hBCQM=,iv:iwfQiWkkxmB52x5mVXlhS3pbzKL3/ctoJMctdhHGQuk=,tag:VQ0GWz0xyQiCx/WpYq1itA==,type:str]", 3 + "sops": { 4 + "kms": null, 5 + "gcp_kms": null, 6 + "azure_kv": null, 7 + "hc_vault": null, 8 + "age": [ 9 + { 10 + "recipient": "age1wpwkf2g475umw3wwns57r8ucykvy6lflpc7uphs0mx9exsj04quqpy7t6r", 11 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtQUpwZ2JXYTUybXc5Tm9T\na1p6azYvbno0NzY0UGNrWnNjQUd3SnJMakV3CjVMemhwQ3NmOWFJSGEzQ2ZsL1pF\najgrM2g2THQ2dkxTUUM0QlpnODRjbUkKLS0tIDZKaFYydnZRYWdxZFIzYnNZbjZ3\nWkxPcWdHbm9ZZnZNNVpIQmZ5djVHTGcKAiKFm4r93FBNXxt/jgofvKS3pn0NbdWW\njDacQ7VUubSqpmHax/s/FNV75g5ynIm8ldOJVoW6lgNxPWxcfucTLA==\n-----END AGE ENCRYPTED FILE-----\n" 12 + }, 13 + { 14 + "recipient": "age18p8x2cxam2l0trtpyhj4x9amcppp9ruzkqxzgapy9wnfpzl9hgaqlkht86", 15 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLMU5ycnhZSlJyQ0UrRXVo\naVIra1o2TkRmbTFFMHFzeTN2d1NGQUluTVRzCk4wRm41Sy8rNWh4OXI0eUdKdDhH\nRjZwcE80K1NUbGxubGp1akh1WVFTWU0KLS0tIFZraWFpdmU3dlRCMnVtMHN3RnFD\nYmN5dmIwRUlJQktKTmUzZllTb1lOUTQKkJLBrTeUlPaZ1C/pGWu9WQNFCBgsJVqS\nYnPpsvYJiOE/6WmCzB34OVpO8vdrv1mE5jR/Ila3YQVjBt8JHo7Zqw==\n-----END AGE ENCRYPTED FILE-----\n" 16 + }, 17 + { 18 + "recipient": "age1w6xjgskpxnlpleswumdhtt7x8zx35qn329yz3x7ftqdcmcxrrvnqnuf9d6", 19 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVUEx6UkEveUI1UVRqQm1n\ncE9OcFNnZFM4eU5iM2NpQjQ5R0NteFZOMlhZCk1Kd3JxVy9tTk5oTU1GSUgyTjNO\nY1hmaTZjYmZkZHVnazl3Q1ViT1R6RVUKLS0tIE9udElPWU9vNWpYYWtmMmluTWQ2\nK0hWL25OemxpVStNMFZJUGI4UUc4MmsKs7DTAfnY74yp33cmdyYiF6fPiNgheehm\nRO9PDQ/Yh6wIq/6j/brPsMJLyYrC7+Mjgx/oX5lNmMwTVLBrCe/qdg==\n-----END AGE ENCRYPTED FILE-----\n" 20 + }, 21 + { 22 + "recipient": "age1tf0zelmw4lh9gvkl0qycdk83fut9t4q3tfcdzk8cvlyhjp7z0g2q7hklgq", 23 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqVW5aVUVpZk14U1pYK2NJ\nRVpGbGdXVzlLQ25PSWYyWjR6bGRCWkIxM3dVCnlGd1h3Z2pJNmNweTgwRmUyL1Bo\nNVBoaFprQWVUK1pQbi9YOTgreFBpcDgKLS0tIFhCUE5WQ2w4R3J1eXVhSFJEOGRp\nMlZpSnovWnpvc3lGemE3WmJkK2xQWVkKkNZaVbq8X99+MXfei0BzbXBwzibERWvR\nV26mOEEYcfv/3/KqCLOjBVCLEE3RSuB9AtniAAFC6Fj0/jHnMzaghQ==\n-----END AGE ENCRYPTED FILE-----\n" 24 + }, 25 + { 26 + "recipient": "age1vr0uq6mwv844yvm8pe7qxjxpqrekgel3lqfzuuqtfzj0ehz3hphqzsxjna", 27 + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQdlIzc3NQM2JkdW1TQzVX\nYVRjR2hEY3NrME9GeHJhbitpQURVbUdoTWlrCm81Wmt5dWpWWlVtaHJKcnNnMVJm\nekZnM0gycDdlZi9ZdUhYMTRpTFhjK28KLS0tIHcrcFQ3SEphOW1oeEsvcDdBUFRI\nU1psVWVldkZ0TXp3QnBmMUxHdm1ocmsKn/oYX+0hYRZvC32KGQ9hNRDMdlxclv5x\nekDM5wPeI9wT/j62bxmykEtNnI40WEpEopz7MSZvRnj6B8zF9boFPw==\n-----END AGE ENCRYPTED FILE-----\n" 28 + } 29 + ], 30 + "lastmodified": "2025-03-08T10:28:45Z", 31 + "mac": "ENC[AES256_GCM,data:7XBQhTfVn9Uq4ZjjpLdMyvw+kDhIJ+dUEjI1j7Lq8QzoxLN7kqWyrotavl4T7x3kbhGseqA/RtuldK5cvw90OK7FVvWD0H5WSsxDCG2zuNRCELmiOEM8O4Iw47J6ye3wY9F+05F7ggG/GrZGJK09YojuZyek4G+/slHfp/Zgxy0=,iv:vAqJx7GT28f4wC0iH0w+K/HRywJlMb6/N/5Lb1/4q80=,tag:L3odjAh/IWuddrzg7vP/Sg==,type:str]", 32 + "pgp": null, 33 + "unencrypted_suffix": "_unencrypted", 34 + "version": "3.8.1" 35 + } 36 + }

Compare changes