aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions 1

A new start

Browse source
This commit is contained in:
Andrea Ciceri 2021-09-29 21:37:59 +02:00
commit 72271e8cae
78 changed files with 2472 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
.editorconfig Normal file
View file

@ -0,0 +1,41 @@
# Editor configuration, see http://editorconfig.org
root = true
[*]
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true
charset = utf-8
indent_style = space
indent_size = 2
# Ignore diffs/patches
[*.{diff,patch}]
end_of_line = unset
insert_final_newline = unset
trim_trailing_whitespace = unset
indent_size = unset
[{.*,secrets}/**]
end_of_line = unset
insert_final_newline = unset
trim_trailing_whitespace = unset
charset = unset
indent_style = unset
indent_size = unset
[*.py]
indent_size = 4
[*.md]
max_line_length = off
trim_trailing_whitespace = false
[*.{el,org}]
end_of_line = unset
insert_final_newline = unset
trim_trailing_whitespace = unset
charset = unset
indent_style = unset
indent_size = unset

2
.envrc Normal file
View file

@ -0,0 +1,2 @@
watch_file shell/* flake.nix
use flake || use nix

40
.github/workflows/check.yml vendored Normal file
View file

@ -0,0 +1,40 @@
name: "Check & Build (with Cachix)"
on:
push:
branches:
- master
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.4
- uses: cachix/install-nix-action@v13
with:
install_url: https://nixos-nix-install-tests.cachix.org/serve/8d8xah1f6ypccpmw9cfsl8ziw1chj4cl/install
install_options: '--tarball-url-prefix https://nixos-nix-install-tests.cachix.org/serve'
extra_nix_config: >
experimental-features = nix-command flakes
system-features = nixos-test benchmark big-parallel kvm recursive-nix
extra-platforms = aarch64-linux
keep-going = true
substituters =
https://aciceri-fleet.cachix.org
https://nrdxp.cachix.org
https://nix-community.cachix.org
arm.cachix.org
https://cache.nixos.org
trusted-public-keys = >
aciceri-fleet.cachix.org-1:WiHJIK4UFTdfvWx0lG3mCR4EddyYsRhIuMGSje3/YGI=
nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=
nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
arm.cachix.org-1:K3XjAeWPgWkFtSS9ge5LJSLw3xgnNqyOaG7MDecmTQ8=
cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
- uses: cachix/cachix-action@v10
with:
name: aciceri-fleet
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- run: sed -i 's/#\(.*checks.aarch64.*\)/\1/g' flake.nix # disabling aarch64 outputs
- run: nix -Lv flake check
- run: nix -Lv build ".#nixosConfigurations.pc.config.system.build.toplevel"
- run: nix -Lv develop -c echo OK

45
.github/workflows/release.yml vendored Normal file
View file

@ -0,0 +1,45 @@
name: "Release (with Cachix)"
on:
push:
tags:
- "v*"
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.4
- uses: cachix/install-nix-action@v13
with:
install_url: https://nixos-nix-install-tests.cachix.org/serve/8d8xah1f6ypccpmw9cfsl8ziw1chj4cl/install
install_options: '--tarball-url-prefix https://nixos-nix-install-tests.cachix.org/serve'
extra_nix_config: >
experimental-features = nix-command flakes
system-features = nixos-test benchmark big-parallel kvm recursive-nix
extra-platforms = aarch64-linux
keep-going = true
substituters =
https://aciceri-fleet.cachix.org
https://nrdxp.cachix.org
https://nix-community.cachix.org
arm.cachix.org
https://cache.nixos.org
trusted-public-keys = >
aciceri-fleet.cachix.org-1:WiHJIK4UFTdfvWx0lG3mCR4EddyYsRhIuMGSje3/YGI=
nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=
nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
arm.cachix.org-1:K3XjAeWPgWkFtSS9ge5LJSLw3xgnNqyOaG7MDecmTQ8=
cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
- uses: cachix/cachix-action@v10
with:
name: aciceri-fleet
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- run: nix -Lv develop -c bud build pc bootstrapIso
- uses: marvinpinto/action-automatic-releases@latest
with:
repo_token: '${{ secrets.GITHUB_TOKEN }}'
prerelease: false
automatic_release_tag: latest
title: Latest ISOs
files: |
result/iso/*.iso

12
.gitignore vendored Normal file
View file

@ -0,0 +1,12 @@
result
.direnv
doc/index.html
# Result of flk commands
vm
iso
doi
pkgs/_sources/.shake*
*.qcow2

56
README.org Normal file
View file

@ -0,0 +1,56 @@
* NixFleet
A complete, declarative and reproducible configuration of my entire Nix fleet, this includes the following machines:
- my main home workstation ~pc~
- homeserver (mainly a nas) ~hs~ *(to do, soon)*
- my arm based [[https://wiki.pine64.org/wiki/Pinebook_Pro][PineBook Pro]] ~pbp~, almost completely open hardware
- MacBook PRO that I use for work, for this I'll use [[https://github.com/LnL7/nix-darwin][nix-darwin]] keeping macOs 11 Big Sur *(to do, not soon)*
The different confgurations share many profiles, in fact my original goal was to avoid to rewrite the same Nix derivations for my different machines.
** Commands
Here I describe my most used commands.
All the commands are executed inside the Flake's development shell.
To enter in this shell is sufficent to ~cd~ in the folder (if you use ~direnv~) or run ~nix develop~.
*** Checking
To check that the Nix Flake is [[https://nixos.org/manual/nix/unstable/command-ref/new-cli/nix3-flake-check.html#evaluation-checks][well defined]]:
#+begin_src shell
nix flake check
#+end_src
*** Building
#+begin_src shell
nix -Lv build ".#nixosConfigurations.<host>.config.system.build.toplevel"
#+end_src
Where ~<host>~ is the hostname e.g. ~pc~.
*** Testing new config
#+begin_src shell
bud rebuild <host> test
#+end_src
Where ~<host>~ is the hostname e.g. ~pc~.
*** Switching
#+begin_src shell
bud rebuild <host> switch
#+end_src
Where ~<host>~ is the hostname e.g. ~pc~.
*** Remote deploy
Using ~deploy-rs~ I guess, still finding out how to do.
** Github Actions
*** Check and build
At every commit pushed on ~master~ a Github actions which ~nix flake check~ the flake is executed and then every system is build.
Currently this workflow will skip ~aarch64~ hosts since the runner is ~x86_64~ and I didn't find a way to make it cross compile.
*** Release
At every commit tagget with a ~v~ character a process that release all the bootstrap ISOs for the systems is started.
Here I've the same problem with ~aarch64~ hosts so the runner will skip them.

5
bors.toml Normal file
View file

@ -0,0 +1,5 @@
status = [ "check" ]
required_approvals = 1
up_to_date_approvals = true

10
bud/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ pkgs, lib, budUtils, ... }: {
bud.cmds = with pkgs; {
get = {
writer = budUtils.writeBashWithPaths [ nixUnstable git coreutils ];
synopsis = "get [DEST]";
help = "Copy the desired template to DEST";
script = ./get.bash;
};
};
}

1
bud/get.bash Normal file
View file

@ -0,0 +1 @@
nix flake new -t "github:divnix/devos/core" "${2:-devos}"

31
default.nix Normal file
View file

@ -0,0 +1,31 @@
let
inherit (default.inputs.nixos) lib;
default = (import ./lib/compat).defaultNix;
ciSystems = [
"aarch64-linux"
"i686-linux"
"x86_64-linux"
];
filterSystems = lib.filterAttrs
(system: _: lib.elem system ciSystems);
recurseIntoAttrsRecursive = lib.mapAttrs (_: v:
if lib.isAttrs v
then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v)
else v
);
systemOutputs = lib.filterAttrs
(name: set: lib.isAttrs set
&& lib.any
(system: set ? ${system} && name != "legacyPackages")
ciSystems
)
default.outputs;
ciDrvs = lib.mapAttrs (_: system: filterSystems system) systemOutputs;
in
(recurseIntoAttrsRecursive ciDrvs) // { shell = import ./shell.nix; }

592
flake.lock generated Normal file
View file

@ -0,0 +1,592 @@
{
"nodes": {
"beautysh": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"bud",
"nixpkgs"
],
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1627571355,
"narHash": "sha256-iB+s0R/d/bBISo9+JtyytNtS2YMP5oLFqcyfqhXO1qU=",
"owner": "lovesegfault",
"repo": "beautysh",
"rev": "1ad178d756f1f7e77d5215b768bc5c9d4ff8e4fa",
"type": "github"
},
"original": {
"owner": "lovesegfault",
"repo": "beautysh",
"type": "github"
}
},
"blank": {
"locked": {
"lastModified": 1625557891,
"narHash": "sha256-O8/MWsPBGhhyPoPLHZAuoZiiHo9q6FLlEeIDEXuj6T4=",
"owner": "divnix",
"repo": "blank",
"rev": "5a5d2684073d9f563072ed07c871d577a6c614a8",
"type": "github"
},
"original": {
"owner": "divnix",
"repo": "blank",
"type": "github"
}
},
"bud": {
"inputs": {
"beautysh": "beautysh",
"devshell": [
"digga",
"devshell"
],
"nixpkgs": [
"unstable"
]
},
"locked": {
"lastModified": 1630939671,
"narHash": "sha256-ugNOm7DUHk9kxtD+FNZcRdzyiZKm/wpA0SYeBTg+DO4=",
"owner": "divnix",
"repo": "bud",
"rev": "26ba27616647dcd08dac2ee818721bc748c4ac61",
"type": "github"
},
"original": {
"owner": "divnix",
"repo": "bud",
"type": "github"
}
},
"cachix": {
"locked": {
"lastModified": 1632291606,
"narHash": "sha256-oEN24XJYAFK9tsD13TzLEizpgQigEfgC6i9x1b/1pVU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "83413f47809790e4ca012e314e7782adeae36cf2",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-21.05",
"repo": "nixpkgs",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"unstable"
]
},
"locked": {
"lastModified": 1631730143,
"narHash": "sha256-A8PaUyZu5WVp+IojG5q+39rjf5x57OFDYmVoDFPZLlY=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "e1a3f7292f085fd588d11f94ed0f47968c16df0c",
"type": "github"
},
"original": {
"owner": "LnL7",
"repo": "nix-darwin",
"type": "github"
}
},
"deploy": {
"inputs": {
"flake-compat": "flake-compat",
"naersk": "naersk",
"nixpkgs": [
"digga",
"nixpkgs"
],
"utils": [
"digga",
"flake-utils"
]
},
"locked": {
"lastModified": 1628752686,
"narHash": "sha256-Lzh9MYUJDsjgif+YEyOErXtj1IH+ci8J1C30g1ms69s=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "e5546f9c2503c26d175f08a81fc0a0f330be4cbe",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"devshell": {
"locked": {
"lastModified": 1629275356,
"narHash": "sha256-R17M69EKXP6q8/mNHaK53ECwjFo1pdF+XaJC9Qq8zjg=",
"owner": "numtide",
"repo": "devshell",
"rev": "26f25a12265f030917358a9632cd600b51af1d97",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"digga": {
"inputs": {
"blank": "blank",
"deploy": "deploy",
"devshell": "devshell",
"flake-utils": "flake-utils_2",
"flake-utils-plus": "flake-utils-plus",
"home-manager": [
"home"
],
"nix": "nix",
"nixlib": [
"stable"
],
"nixos-generators": "nixos-generators",
"nixpkgs": [
"stable"
]
},
"locked": {
"lastModified": 1631974852,
"narHash": "sha256-f2K83yDufQWp22kjtOQXHfsXXyUbndCMxrhG57mI9DE=",
"owner": "divnix",
"repo": "digga",
"rev": "8e91e1814ef0ab294731ceb106ffdac009363702",
"type": "github"
},
"original": {
"owner": "divnix",
"repo": "digga",
"type": "github"
}
},
"emacs-overlay": {
"locked": {
"lastModified": 1632503972,
"narHash": "sha256-nWVCMFZV5UbzVmdP4CjWlFcmi6YO/ssnS3X/p4oeTuE=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "b1513bd49d141a1df1f0a7692c896f6178182938",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "emacs-overlay",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1606424373,
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils-plus": {
"inputs": {
"flake-utils": [
"digga",
"flake-utils"
]
},
"locked": {
"lastModified": 1630859749,
"narHash": "sha256-qkoU2rIbbP2+T0dfcqXW35GCWNsi0Y1IgN9BELmt4Zo=",
"owner": "divnix",
"repo": "flake-utils-plus",
"rev": "a4e267e3fc87e60c5029c6c3855935ff1ff3018e",
"type": "github"
},
"original": {
"owner": "divnix",
"repo": "flake-utils-plus",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home": {
"inputs": {
"nixpkgs": [
"stable"
]
},
"locked": {
"lastModified": 1631573611,
"narHash": "sha256-u2E/wstadWNcn6vOIoK1xY86QPOzzBZQfT1FbePfdaI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "7d9ba15214004c979d2c8733f8be12ce6502cf8a",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-21.05",
"repo": "home-manager",
"type": "github"
}
},
"lowdown-src": {
"flake": false,
"locked": {
"lastModified": 1617481909,
"narHash": "sha256-SqnfOFuLuVRRNeVJr1yeEPJue/qWoCp5N6o5Kr///p4=",
"owner": "kristapsdz",
"repo": "lowdown",
"rev": "148f9b2f586c41b7e36e73009db43ea68c7a1a4d",
"type": "github"
},
"original": {
"owner": "kristapsdz",
"ref": "VERSION_0_8_4",
"repo": "lowdown",
"type": "github"
}
},
"naersk": {
"inputs": {
"nixpkgs": [
"digga",
"deploy",
"nixpkgs"
]
},
"locked": {
"lastModified": 1622810282,
"narHash": "sha256-4wmvM3/xfD0hCdNDIXVzRMfL4yB1J+DjH6Zte2xbAxk=",
"owner": "nmattia",
"repo": "naersk",
"rev": "e8061169e1495871b56be97c5c51d310fae01374",
"type": "github"
},
"original": {
"owner": "nmattia",
"ref": "master",
"repo": "naersk",
"type": "github"
}
},
"nix": {
"inputs": {
"lowdown-src": "lowdown-src",
"nixpkgs": [
"digga",
"nixpkgs"
]
},
"locked": {
"lastModified": 1630335771,
"narHash": "sha256-eljjEPJdLK3aDskF7qX4YM/6KCq+w9nr+IKhrKW/AIQ=",
"owner": "nixos",
"repo": "nix",
"rev": "50a35860ee9237d341948437c5f70a7f0987d393",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nix",
"type": "github"
}
},
"nixos": {
"locked": {
"lastModified": 1632257251,
"narHash": "sha256-obk4aD7DmB0yyKsw1tL8Pd1WQLFp/arZETIIMKTVx+E=",
"path": "/nix/store/r4y8hrjiix7zj2m2jgn2bjiqj2hd4rd4-source",
"rev": "12f3f58f48d4a610d8c4eb9feacbf13fc50c779d",
"type": "path"
},
"original": {
"id": "nixos",
"type": "indirect"
}
},
"nixos-generators": {
"inputs": {
"nixlib": [
"digga",
"nixlib"
],
"nixpkgs": [
"digga",
"blank"
]
},
"locked": {
"lastModified": 1624973746,
"narHash": "sha256-11JbJRduNwyf556gndGErR5/12ceyHOHBfEuha5Vws4=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "022ef440af8dc237ab1f59fa363cb1e25783ec3e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1632267580,
"narHash": "sha256-AvNXdmaPHYs6idbfgu1H40vEw4Wq15xLAgCnpCN1l1A=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "3cc8c47af31798040ea62499090540413279f832",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1631962327,
"narHash": "sha256-h2fgtNHozEcB42BQ1QVWAJUpQ1FA3gpgq/RrOKAxbfE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "bc9b956714ed6eac5f8888322aac5bc41389defa",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-wayland": {
"inputs": {
"cachix": "cachix",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1632342403,
"narHash": "sha256-LGHyTaXX7kO9V0zLLecBQLlZz8wPE4/DcpHGuRgs5aM=",
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"rev": "e30e03810b615aaf3beeb590fdad6009c16ccf2a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1632348381,
"narHash": "sha256-4TFmCNyQUCOqOmvObWpADyQcYLvwCP0n4Xm9D480QLE=",
"owner": "nix-community",
"repo": "NUR",
"rev": "752846b22288b693ee6428ec10dcd0e6cd96bc54",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"nvfetcher": {
"inputs": {
"flake-compat": [
"digga",
"deploy",
"flake-compat"
],
"flake-utils": [
"digga",
"flake-utils-plus",
"flake-utils"
],
"nixpkgs": [
"unstable"
]
},
"locked": {
"lastModified": 1628690139,
"narHash": "sha256-9bk59V0YjZnMfSQMCHuYVPA/Bc3enjTtoyTWt1B3/zE=",
"owner": "berberman",
"repo": "nvfetcher",
"rev": "e9600782adbf6fb8217087bd2f05335cad96e542",
"type": "github"
},
"original": {
"owner": "berberman",
"repo": "nvfetcher",
"type": "github"
}
},
"pinebook-pro": {
"flake": false,
"locked": {
"lastModified": 1630789867,
"narHash": "sha256-4dTNjvFFI7XODv3vW7Vg+rXx6VU2NMnxhh3HT3dKVq8=",
"owner": "samueldr",
"repo": "wip-pinebook-pro",
"rev": "7df87f4f3baecccba79807c291b3bbd62ac61e0f",
"type": "github"
},
"original": {
"owner": "samueldr",
"repo": "wip-pinebook-pro",
"rev": "7df87f4f3baecccba79807c291b3bbd62ac61e0f",
"type": "github"
}
},
"pinebook-pro-kernel-latest": {
"locked": {
"lastModified": 1620803068,
"narHash": "sha256-o4TpuMFs/OoSmssDNyLFwGn+84odwQDfQCHYJxblv6w=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "755db9a1e9a35c185f7d6c0463025e94ef44622e",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"rev": "755db9a1e9a35c185f7d6c0463025e94ef44622e",
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": [
"bud",
"beautysh",
"flake-utils"
],
"nixpkgs": [
"bud",
"beautysh",
"nixpkgs"
]
},
"locked": {
"lastModified": 1625240517,
"narHash": "sha256-2E1gaOP+bCplhf3kliVQWK5N1NV2h06mkJk2KTiRTJQ=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "e40e8ed0e8c11e709e4c8c7c20174facd265a021",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"root": {
"inputs": {
"bud": "bud",
"darwin": "darwin",
"deploy": [
"digga",
"deploy"
],
"digga": "digga",
"emacs-overlay": "emacs-overlay",
"home": "home",
"nixos": "nixos",
"nixos-hardware": "nixos-hardware",
"nixpkgs-wayland": "nixpkgs-wayland",
"nur": "nur",
"nvfetcher": "nvfetcher",
"pinebook-pro": "pinebook-pro",
"pinebook-pro-kernel-latest": "pinebook-pro-kernel-latest",
"stable": "stable",
"unstable": "unstable"
}
},
"stable": {
"locked": {
"lastModified": 1632342741,
"narHash": "sha256-8q12+qSkpVy+up1oGF2PeafBRLSslrUESRTdjn5y8u0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5c8efd0034e2f7565ff81a8897ca9dd761889265",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "release-21.05",
"repo": "nixpkgs",
"type": "github"
}
},
"unstable": {
"locked": {
"lastModified": 1631962327,
"narHash": "sha256-h2fgtNHozEcB42BQ1QVWAJUpQ1FA3gpgq/RrOKAxbfE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "bc9b956714ed6eac5f8888322aac5bc41389defa",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

183
flake.nix Normal file
View file

@ -0,0 +1,183 @@
{
description = "A highly structured configuration database.";
inputs =
{
stable.url = "github:nixos/nixpkgs/release-21.05";
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nur.url = "github:nix-community/NUR";
digga.url = "github:divnix/digga";
digga.inputs.nixpkgs.follows = "stable";
digga.inputs.nixlib.follows = "stable";
digga.inputs.home-manager.follows = "home";
bud.url = "github:divnix/bud";
bud.inputs.nixpkgs.follows = "unstable";
bud.inputs.devshell.follows = "digga/devshell";
home.url = "github:nix-community/home-manager/release-21.05";
home.inputs.nixpkgs.follows = "stable";
darwin.url = "github:LnL7/nix-darwin";
darwin.inputs.nixpkgs.follows = "unstable";
deploy.follows = "digga/deploy";
nvfetcher.url = "github:berberman/nvfetcher";
nvfetcher.inputs.nixpkgs.follows = "unstable";
nvfetcher.inputs.flake-compat.follows = "digga/deploy/flake-compat";
nvfetcher.inputs.flake-utils.follows = "digga/flake-utils-plus/flake-utils";
emacs-overlay.url = github:nix-community/emacs-overlay;
nixos-hardware.url = "github:nixos/nixos-hardware";
pinebook-pro = {
url = "github:samueldr/wip-pinebook-pro/7df87f4f3baecccba79807c291b3bbd62ac61e0f";
flake = false;
};
pinebook-pro-kernel-latest.url = github:nixos/nixpkgs/755db9a1e9a35c185f7d6c0463025e94ef44622e;
nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
# nixpkgs-wayland.inputs.nixpkgs.follows = "unstable";
# nixpkgs-wayland.inputs.cachix.follows = "stable";
};
outputs =
{ self
, digga
, bud
, nixos
, home
, nixos-hardware
, pinebook-pro
, pinebook-pro-kernel-latest
, nixpkgs-wayland
, emacs-overlay
, nur
, nvfetcher
, deploy
, ...
} @ inputs:
digga.lib.mkFlake
{
inherit self inputs;
channelsConfig = { allowUnfree = true; };
channels =
let
commonOverlays = [
digga.overlays.patchedNix
nur.overlay
emacs-overlay.overlay
nvfetcher.overlay
deploy.overlay
nixpkgs-wayland.overlay
./pkgs/default.nix
];
in
{
stable = {
imports = [ (digga.lib.importOverlays ./overlays) ];
overlays = commonOverlays;
};
unstable = {
imports = [ (digga.lib.importOverlays ./overlays) ];
overlays = commonOverlays;
};
};
lib = import ./lib { lib = digga.lib // nixos.lib; };
sharedOverlays = [
(
final: prev: {
__dontExport = true;
lib = prev.lib.extend (
lfinal: lprev: {
our = self.lib;
}
);
}
)
];
nixos = {
hostDefaults = {
channelName = "unstable";
imports = [ (digga.lib.importModules ./modules) ];
externalModules = [
{ lib.our = self.lib; }
digga.nixosModules.bootstrapIso
digga.nixosModules.nixConfig
home.nixosModules.home-manager
bud.nixosModules.bud
];
};
hosts = {
pc = {
system = "x86_64-linux";
};
pbp = {
system = "aarch64-linux";
modules = [
"${pinebook-pro}/pinebook_pro.nix"
];
};
};
imports = [ (digga.lib.importHosts ./hosts) ];
importables = rec {
profiles = digga.lib.rakeLeaves ./profiles // {
users = digga.lib.rakeLeaves ./users;
};
suites = with profiles; rec {
base = [ core users.ccr users.root ];
};
pbpKernelLatest = (
import pinebook-pro-kernel-latest {
system = "aarch64-linux";
overlays = [
(import "${pinebook-pro}/overlay.nix")
];
config.allowUnfree = true;
}
).pkgs.linuxPackages_pinebookpro_latest;
};
};
home = {
imports = [ (digga.lib.importModules ./users/modules) ];
externalModules = [];
importables = rec {
profiles = digga.lib.rakeLeaves ./users/profiles;
suites = with profiles; rec {
base = [ direnv git zsh gpg password-store ];
shell = [ zsh exa fzf ];
gui = [ sway xdg gtk foot bat ];
browser = [ firefox chromium qutebrowser ];
multimedia = [ mpv zathura ];
dev = [ vim emacs vscode lorri direnv ];
};
};
};
devshell = ./shell;
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {};
defaultTemplate = self.templates.bud;
templates.bud.path = ./.;
templates.bud.description = "bud template";
}
// {
budModules = { devos = import ./bud; };
# checks.aarch64-linux = { }; # this line will be uncommented by Github Action in order since it can't build aarch64 derivations
};
}

18
hosts/bootstrap.nix Normal file
View file

@ -0,0 +1,18 @@
{ profiles, ... }:
{
# build with: `bud build bootstrap bootstrapIso`
# reachable on the local link via ssh root@fe80::47%eno1
# where 'eno1' is replaced by your own machine's network
# interface that has the local link to the target machine
imports = [
# profiles.networking
profiles.core
profiles.users.root # make sure to configure ssh keys
profiles.users.ccr
];
boot.loader.systemd-boot.enable = true;
# will be overridden by the bootstrapIso instrumentation
fileSystems."/" = { device = "/dev/disk/by-label/nixos"; };
}

51
hosts/pbp/configuration.nix Normal file
View file

@ -0,0 +1,51 @@
{ config, lib, pkgs, profiles, pbpKernelLatest, ... }:
{
imports = with profiles; [ mount-nas sshd dbus ];
boot = {
initrd.availableKernelModules = [ "usbhid" ];
kernelPackages = pbpKernelLatest;
kernelModules = [ ];
extraModulePackages = with config.boot.kernelPackages; [
v4l2loopback
];
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
hardware = {
opengl.enable = true;
pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
};
};
networking = {
useDHCP = false;
interfaces.wlan0.useDHCP = true;
networkmanager.enable = true;
};
time.timeZone = "Europe/Rome";
location.provider = "geoclue2";
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/5aa67d2d-93fd-4e7c-b634-aa8d7b65bbb8";
fsType = "btrfs";
};
"/boot" = {
device = "/dev/disk/by-uuid/C406-2AFC";
fsType = "vfat";
};
};
swapDevices =
[{ device = "/dev/disk/by-uuid/e236d328-496e-4cf8-ba54-857789ca258f"; }];
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}

9
hosts/pbp/default.nix Normal file
View file

@ -0,0 +1,9 @@
{ suites, ... }:
{
imports = [
./configuration.nix
] ++ suites.base;
bud.enable = true;
bud.localFlakeClone = "/home/andrea/fleet";
}

47
hosts/pc/configuration.nix Normal file
View file

@ -0,0 +1,47 @@
{ config, lib, pkgs, profiles, ... }:
{
imports = with profiles; [ mount-nas sshd dbus avahi printing ];
boot = {
initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-intel" ];
extraModulePackages = with config.boot.kernelPackages; [
v4l2loopback
];
extraModprobeConfig = ''
options v42loopback exclusive_caps=1 max_buffers=2
'';
binfmt.emulatedSystems = [ "aarch64-linux" ];
loader.grub = pkgs.lib.mkForce {
enable = true;
version = 2;
device = "/dev/sda";
};
};
sound.enable = true;
hardware = {
opengl.enable = true;
pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
};
};
fileSystems."/" =
{
device = "/dev/disk/by-label/nixos";
fsType = "btrfs";
};
swapDevices =
[{ device = "/dev/disk/by-label/swap"; }];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}

9
hosts/pc/default.nix Normal file
View file

@ -0,0 +1,9 @@
{ suites, ... }:
{
imports = [
./configuration.nix
] ++ suites.base;
bud.enable = true;
bud.localFlakeClone = "/home/andrea/fleet";
}

14
lib/compat/default.nix Normal file
View file

@ -0,0 +1,14 @@
let
rev = "e7e5d481a0e15dcd459396e55327749989e04ce0";
flake = (import
(
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${rev}.tar.gz";
sha256 = "0zd3x46fswh5n6faq4x2kkpy6p3c6j593xbdlbsl40ppkclwc80x";
}
)
{
src = ../../.;
});
in
flake

10
lib/compat/nixos/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }:
let
inherit (default.inputs.nixos) lib;
host = configs.${hostname} or configs.NixOS;
configs = default.nixosConfigurations;
default = (import ../.).defaultNix;
hostname = lib.fileContents /etc/hostname;
in
host

2
lib/default.nix Normal file
View file

@ -0,0 +1,2 @@
{ lib }:
lib.makeExtensible (self: { })

11
modules/hm-system-defaults.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, ... }: {
home-manager.sharedModules = [
{
home.sessionVariables = {
inherit (config.environment.sessionVariables) NIX_PATH;
};
xdg.configFile."nix/registry.json".text =
config.environment.etc."nix/registry.json".text;
}
];
}

7
modules/nix-path.nix Normal file
View file

@ -0,0 +1,7 @@
{ channel, inputs, ... }: {
nix.nixPath = [
"nixpkgs=${channel.input}"
"nixos-config=${../lib/compat/nixos}"
"home-manager=${inputs.home}"
];
}

5
overlays/manix.nix Normal file
View file

@ -0,0 +1,5 @@
final: prev: {
manix = prev.manix.overrideAttrs (o: rec{
inherit (prev.sources.manix) pname version src;
});
}

28
overlays/overrides.nix Normal file
View file

@ -0,0 +1,28 @@
channels: final: prev: {
__dontExport = true; # overrides clutter up actual creations
# inherit (channels.latest)
# cachix
# dhall
# discord
# element-desktop
# rage
# nixpkgs-fmt
# qutebrowser
# signal-desktop
# starship;
haskellPackages = prev.haskellPackages.override
(old: {
overrides = prev.lib.composeExtensions (old.overrides or (_: _: { })) (hfinal: hprev:
let version = prev.lib.replaceChars [ "." ] [ "" ] prev.ghc.version;
in
{
# same for haskell packages, matching ghc versions
inherit (channels.latest.haskell.packages."ghc${version}")
haskell-language-server;
});
});
}

11
overlays/various-flake-fixes.nix Normal file
View file

@ -0,0 +1,11 @@
final: prev: {
# Since: https://github.com/NixOS/nixpkgs/pull/126137
nix-direnv =
if builtins.hasAttr "enableFlakes" prev.nix-direnv.override.__functionArgs
then
prev.nix-direnv.override
{
enableFlakes = true;
}
else prev.nix-direnv;
}

16
pkgs/_sources/generated.nix Normal file
View file

@ -0,0 +1,16 @@
# This file was generated by nvfetcher, please do not modify it manually.
{ fetchgit, fetchurl }:
{
manix = {
pname = "manix";
version = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
src = fetchgit {
url = "https://github.com/mlvzk/manix";
rev = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
fetchSubmodules = false;
deepClone = false;
leaveDotGit = false;
sha256 = "1b7xi8c2drbwzfz70czddc4j33s7g1alirv12dwl91hbqxifx8qs";
};
};
}

5
pkgs/default.nix Normal file
View file

@ -0,0 +1,5 @@
final: prev: {
# keep sources this first
sources = prev.callPackage (import ./_sources/generated.nix) { };
# then, call packages with `final.callPackage`
}

4
pkgs/sources.toml Normal file
View file

@ -0,0 +1,4 @@
# nvfetcher.toml
[manix]
src.git = "https://github.com/mlvzk/manix"
fetch.github = "mlvzk/manix"

6
profiles/avahi/default.nix Normal file
View file

@ -0,0 +1,6 @@
{
services.avahi = {
enable = true;
nssmdns = true;
};
}

10
profiles/cachix/aciceri-fleet.nix Normal file
View file

@ -0,0 +1,10 @@
{
nix = {
binaryCaches = [
"https://aciceri-fleet.cachix.org"
];
binaryCachePublicKeys = [
"aciceri-fleet.cachix.org-1:WiHJIK4UFTdfvWx0lG3mCR4EddyYsRhIuMGSje3/YGI="
];
};
}

10
profiles/cachix/arm.nix Normal file
View file

@ -0,0 +1,10 @@
{
nix = {
binaryCaches = [
"https://arm.cachix.org"
];
binaryCachePublicKeys = [
"arm.cachix.org-1:K3XjAeWPgWkFtSS9ge5LJSLw3xgnNqyOaG7MDecmTQ8="
];
};
}

11
profiles/cachix/default.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, lib, ... }:
let
folder = ./.;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix";
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in
{
inherit imports;
nix.binaryCaches = [ "https://cache.nixos.org/" ];
}

10
profiles/cachix/nix-community.nix Normal file
View file

@ -0,0 +1,10 @@
{
nix = {
binaryCaches = [
"https://nix-community.cachix.org"
];
binaryCachePublicKeys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
};
}

10
profiles/cachix/nixpkgs-wayland.nix Normal file
View file

@ -0,0 +1,10 @@
{
nix = {
binaryCaches = [
"https://nixpkgs-wayland.cachix.org"
];
binaryCachePublicKeys = [
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
};
}

10
profiles/cachix/nrdxp.nix Normal file
View file

@ -0,0 +1,10 @@
{
nix = {
binaryCaches = [
"https://nrdxp.cachix.org"
];
binaryCachePublicKeys = [
"nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="
];
};
}

70
profiles/core/default.nix Normal file
View file

@ -0,0 +1,70 @@
{ self, config, lib, pkgs, ... }:
let
inherit (lib) fileContents;
in
{
imports = [ ../cachix ];
nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
environment = {
systemPackages = with pkgs; [
binutils
coreutils
curl
dnsutils
dosfstools
fd
git
bottom
gptfdisk
iputils
jq
manix
moreutils
nix-index
nmap
ripgrep
skim
tealdeer
tmux
usbutils
utillinux
whois
];
};
fonts = {
fonts = with pkgs; [ powerline-fonts dejavu_fonts fira-code fira-code-symbols emacs-all-the-icons-fonts ];
fontconfig.defaultFonts = {
monospace = [ "DejaVu Sans Mono for Powerline" ];
sansSerif = [ "DejaVu Sans" ];
};
};
time.timeZone = "Europe/Rome";
location.provider = "geoclue2";
xdg.portal.enable = true; # is this needed?
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk pkgs.xdg-desktop-portal-wlr ];
xdg.portal.gtkUsePortal = true;
nix = {
autoOptimiseStore = true;
gc.automatic = true;
optimise.automatic = true;
useSandbox = true;
allowedUsers = [ "@wheel" ];
trustedUsers = [ "root" "@wheel" ];
extraOptions = ''
min-free = 536870912
keep-outputs = true
keep-derivations = true
fallback = true
'';
};
services.earlyoom.enable = true;
}

95
profiles/core/starship.toml Normal file
View file

@ -0,0 +1,95 @@
[aws]
symbol = " "
[character]
success_symbol = "[](bold purple)"
vicmd_symbol = "[](bold purple)"
[battery]
full_symbol = ""
charging_symbol = ""
discharging_symbol = ""
[conda]
symbol = " "
[directory]
style = "cyan"
read_only = " 🔒"
[docker]
symbol = " "
[elixir]
symbol = " "
[elm]
symbol = " "
[git_branch]
format = "[$symbol$branch]($style) "
symbol = " "
style = "bold dimmed white"
[git_status]
format = '([「$all_status$ahead_behind」]($style) )'
conflicted = "⚠️"
ahead = "⟫${count} "
behind = "⟪${count}"
diverged = "🔀 "
untracked = "📁 "
stashed = "↪ "
modified = "𝚫 "
staged = "✔ "
renamed = "⇆ "
deleted = "✘ "
style = "bold bright-white"
[golang]
symbol = " "
[haskell]
symbol = " "
[hg_branch]
symbol = " "
[java]
symbol = " "
[julia]
symbol = " "
[memory_usage]
symbol = " "
disabled = false
[nim]
symbol = " "
[nix_shell]
format = '[$symbol$state]($style) '
symbol = " "
pure_msg = "λ"
impure_msg = "⎔"
[nodejs]
symbol = " "
[package]
symbol = " "
[php]
symbol = " "
[python]
symbol = " "
[ruby]
symbol = " "
[rust]
symbol = " "
[status]
disabled = false

4
profiles/dbus/default.nix Normal file
View file

@ -0,0 +1,4 @@
{ pkgs, ... }:
{
services.dbus.packages = with pkgs; [ gnome3.dconf ];
}

57
profiles/mount-nas/default.nix Normal file
View file

@ -0,0 +1,57 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.sshfs ];
fileSystems = let
nasUser = "andrea";
nasHost = "ccr.ydns.eu";
fsType = "fuse.sshfs";
target = "/home/ccr/nas";
options = [
"delay_connect"
"_netdev,user"
"idmap=user"
"transform_symlinks"
"identityfile=/home/andrea/.ssh/id_rsa"
"allow_other"
"default_permissions"
"uid=1000"
"gid=100"
"nofail"
];
in
{
"${target}/amule" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/archivio/amule";
};
"${target}/transmission" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/archivio/transmission";
};
"${target}/calibre" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/archivio/calibre";
};
"${target}/archivio" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/archivio/archivio";
};
"${target}/film" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/film/film";
};
"${target}/syncthing" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/archivio/syncthing";
};
"${target}/aria" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/archivio/aria2";
};
"${target}/musica" = {
inherit fsType options;
device = "${nasUser}@${nasHost}:/mnt/film/musica";
};
};
}

7
profiles/printing/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ pkgs, ... }:
{
services.printing = {
enable = true;
drivers = [ pkgs.hplip ];
};
}

5
profiles/sshd/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
services.openssh = {
enable = true;
};
}

4
secrets/.gitattributes vendored Normal file
View file

@ -0,0 +1,4 @@
* filter=git-crypt diff=git-crypt
.gitattributes !filter !diff
secrets.nix !filter !diff
README.md !filter !diff

9
secrets/secrets.nix Normal file
View file

@ -0,0 +1,9 @@
let
# set ssh public keys here for your system and user
system = "";
user = "";
allKeys = [ system user ];
in
{
"secret.age".publicKeys = allKeys;
}

1
shell.nix Normal file
View file

@ -0,0 +1 @@
(import ./lib/compat).shellNix

10
shell/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ self, inputs, ... }:
{
externalModules = with inputs; [
bud.devshellModules.bud
];
modules = [
./devos.nix
];
}

62
shell/devos.nix Normal file
View file

@ -0,0 +1,62 @@
{ pkgs, extraModulesPath, ... }:
let
hooks = import ./hooks;
pkgWithCategory = category: package: { inherit package category; };
linter = pkgWithCategory "linter";
docs = pkgWithCategory "docs";
devos = pkgWithCategory "devos";
in
{
_file = toString ./.;
imports = [ "${extraModulesPath}/git/hooks.nix" ];
git = { inherit hooks; };
# tempfix: remove when merged https://github.com/numtide/devshell/pull/123
devshell.startup.load_profiles = pkgs.lib.mkForce (
pkgs.lib.noDepEntry ''
# PATH is devshell's exorbitant privilige:
# fence against its pollution
_PATH=''${PATH}
# Load installed profiles
for file in "$DEVSHELL_DIR/etc/profile.d/"*.sh; do
# If that folder doesn't exist, bash loves to return the whole glob
[[ -f "$file" ]] && source "$file"
done
# Exert exorbitant privilige and leave no trace
export PATH=''${_PATH}
unset _PATH
''
);
packages = with pkgs; [
git-crypt
];
commands = with pkgs; [
(devos nixUnstable)
{
category = "devos";
name = nvfetcher-bin.pname;
help = nvfetcher-bin.meta.description;
command = "cd $DEVSHELL_ROOT/pkgs; ${pkgs.nvfetcher-bin}/bin/nvfetcher -c ./sources.toml --no-output $@";
}
(linter nixpkgs-fmt)
(linter editorconfig-checker)
# (docs python3Packages.grip) too many deps
(docs mdbook)
]
++ lib.optional
(pkgs ? deploy-rs)
(devos deploy-rs.deploy-rs)
++ lib.optional
(system != "i686-linux")
(devos cachix)
;
}

4
shell/hooks/default.nix Normal file
View file

@ -0,0 +1,4 @@
{
enable = true;
pre-commit.text = builtins.readFile ./pre-commit.sh;
}

29
shell/hooks/pre-commit.sh Executable file
View file

@ -0,0 +1,29 @@
#!/usr/bin/env bash
if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
against=$(${git}/bin/git hash-object -t tree /dev/null)
fi
diff="git diff-index --name-only --cached $against --diff-filter d"
nix_files=($($diff -- '*.nix'))
all_files=($($diff))
# Format staged nix files.
if [[ -n "${nix_files[@]}" ]]; then
nixpkgs-fmt "${nix_files[@]}" \
&& git add "${nix_files[@]}"
fi
# check editorconfig
editorconfig-checker -- "${all_files[@]}"
if [[ $? != '0' ]]; then
printf "%b\n" \
"\nCode is not aligned with .editorconfig" \
"Review the output and commit your fixes" >&2
exit 1
fi

33
users/ccr/default.nix Normal file
View file

@ -0,0 +1,33 @@
{ pkgs, suites, ... }:
{
home-manager.users.ccr = { suites, ... }: {
imports = with suites; shell ++ gui ++ browser ++ multimedia ++ dev ++ base;
home.packages = with pkgs; [
nixpkgs-fmt
rnix-lsp
ranger
calibre
element-desktop
];
};
users.users.ccr = {
uid = 1000;
hashedPassword = "$6$JGOefuRk7kL$fK9.5DFnLLoW08GL4eKRyf958jyZdw//hLMaz4pp28jJuSFb24H6R3dgt1.sMs0huPY85rludSw4dnQJG5xSw1"; #mkpasswd -m sha-512
description = "Andrea Ciceri";
isNormalUser = true;
extraGroups = [
"wheel"
"fuse"
"video"
"adbusers"
"docker"
"networkmanager"
"dialout"
"bluetooth"
"camera"
];
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJmn7H6wxrxCHypvY74Z6pBr5G6v564NaUZb9xIILV92JEdpZzuTLLlP+JkMx/8MLRy+pC7prMwR+FhH+LaTm/9x3T6FYP/q9UIAL3cFwBAwj5XQXQKzx9f6pX/7iJrMfAUQ+ZrRUNJHt5Gl+8UypmDgnQLuv5vmQSMRzKnUPuu4lCJtWOpSPhXffz3Ec1tm5nAMuxIMRPY91PYu1fMLlFrjB1FX1goVHKB1uWx16GjJszYCVbN6xcPac0sgUg+qNGBhWkUh0F073rhepQJeWp5FtwIxe2zRsZBxxTy5qxNLmHzBeNDxlOkcy2/Lr+BxVy+mhF/2fJziX80/bWSEA1" ];
};
}

0
users/modules/.flake-keep Normal file
View file

5
users/profiles/bat/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.bat = {
enable = true;
};
}

7
users/profiles/chromium/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ pkgs, ... }:
{
programs.chromium = {
enable = true;
package = pkgs.ungoogled-chromium;
};
}

12
users/profiles/direnv/default.nix Normal file
View file

@ -0,0 +1,12 @@
{
programs.direnv = {
enable = true;
config = {
warn_timeout = "60s"; # default was 5s
};
nix-direnv = {
enable = true;
enableFlakes = true;
};
};
}

41
users/profiles/emacs/default.nix Normal file
View file

@ -0,0 +1,41 @@
{ pkgs, ... }:
{
home.file."emacs" = {
recursive = true;
source = ./emacs.d;
target = ".emacs.d";
};
programs.emacs = {
enable = true;
package =
let
myEmacs = pkgs.emacsPgtkGcc;
emacsWithPackages = (pkgs.emacsPackagesFor myEmacs).emacsWithPackages;
in
emacsWithPackages (
epkgs: (
with epkgs.melpaStablePackages; [ ]
) ++ (
with epkgs.melpaPackages; [
all-the-icons
use-package
evil
evil-collection
projectile
magit
fira-code-mode
nix-mode
lispy
lsp-mode
dap-mode
which-key
]
) ++ (
with epkgs.elpaPackages; [
modus-themes
]
) ++ [ ]
);
};
}

28
users/profiles/emacs/emacs.d/config/aesthetics.el Normal file
View file

@ -0,0 +1,28 @@
(use-package modus-themes
:init
(setq
modus-themes-region '(bg-only no-extend))
(modus-themes-load-themes)
:config
(modus-themes-load-vivendi)
:bind ("<f5>" . modus-themes-toggle)
)
(use-package fira-code-mode
:custom (fira-code-mode-disabled-ligatures '(":")) ;; List of ligatures to turn off
:config (global-fira-code-mode))
(defalias 'yes-or-no-p 'y-or-n-p)
(setq use-dialog-box nil
display-time-format "%H:%M"
mouse-autoselect-window 't
inhibit-startup-screen t)
(menu-bar-mode -1)
(tool-bar-mode -1)
(scroll-bar-mode -1)
(fringe-mode 1)
(display-time-mode 1)
(provide 'aesthetics)

19
users/profiles/emacs/emacs.d/config/config-evil.el Normal file
View file

@ -0,0 +1,19 @@
(use-package evil
:init
(setq evil-want-keybinding nil)
:config
(progn
(evil-mode 1) ; globally enable evil-mode except for the following modes
(mapcar (lambda (mode) (evil-set-initial-state mode 'emacs))
'(vterm-mode
eshell-mode
dired-mode
))))
;; (use-package evil-collection
;; ; :after (evil company-mode vterm)
;; :config
;; (evil-collection-init))
(provide 'config-evil)

26
users/profiles/emacs/emacs.d/config/lsp.el Normal file
View file

@ -0,0 +1,26 @@
(use-package lsp-mode
:init
;; set prefix for lsp-command-keymap (few alternatives - "C-l", "C-c l")
(setq lsp-keymap-prefix "C-c l")
:hook (;; replace XXX-mode with concrete major-mode(e. g. python-mode)
(nix-mode . lsp)
;; if you want which-key integration
(lsp-mode . lsp-enable-which-key-integration))
:commands lsp)
;; optionally
(use-package lsp-ui :commands lsp-ui-mode)
;; if you are helm user
(use-package helm-lsp :commands helm-lsp-workspace-symbol)
(use-package lsp-treemacs :commands lsp-treemacs-errors-list)
;; optionally if you want to use debugger
(use-package dap-mode)
;; (use-package dap-LANGUAGE) to load the dap adapter for your language
;; optional if you want which-key integration
(use-package which-key
:config
(which-key-mode))
(provide 'lsp)

4
users/profiles/emacs/emacs.d/config/nix.el Normal file
View file

@ -0,0 +1,4 @@
(use-package nix-mode
:mode "\\.nix\\'")
(provide 'nix)

10
users/profiles/emacs/emacs.d/init.el Normal file
View file

@ -0,0 +1,10 @@
(add-to-list 'load-path "~/.emacs.d/config")
(setq gc-cons-threshold 100000000
read-process-output-max (* 1024 1024)
)
(require 'aesthetics)
(require 'config-evil)
(require 'lsp)
(require 'nix)

6
users/profiles/exa/default.nix Normal file
View file

@ -0,0 +1,6 @@
{
programs.exa = {
enable = true;
enableAliases = true;
};
}

50
users/profiles/firefox/default.nix Normal file
View file

@ -0,0 +1,50 @@
{ pkgs, ... }:
{
programs.firefox = {
enable = true;
#package = (pkgs.firefox.override { extraNativeMessagingHosts = [
# pkgs.browserpass
# pkgs.passff-host
#]; });
#extensions = with pkgs.nur.repos.rycee.firefox-addons; [
#https-everywhere
#privacy-badger
#ublock-origin
#react-devtools
#org-capture
#clearurls
#browserpass # not working, manually installed passff
#firefox-color
#darkreader
#cookie-autodelete
# and manually installed ghost-text for atomic-chrome
#];
profiles.ccr = {
id = 0; # implies isDefault = true
settings = {
"browser.startup.homepage" = "https://google.it";
"browser.search.region" = "IT";
"browser.search.isUS" = false;
"distribution.searchplugins.defaultLocale" = "it-IT";
"general.useragent.locale" = "it-IT";
"browser.bookmarks.showMobileBookmarks" = true;
"browser.download.folderList" = 2;
"browser.download.lastDir" = "~/downloads/";
};
userChrome = ''
/* Hide tab bar in FF Quantum * /
@-moz-document url("chrome://browser/content/browser.xul") {
#TabsToolbar {
visibility: collapse !important;
margin-bottom: 21px !emportant;
}
#sidebar-box[sidebarcommand="treestyletab_piro_sakura_ne_jp-sidebar-action"] #sidebar-header {
visibility: collapse !important;
}
}
'';
userContent = "";
};
};
}

18
users/profiles/foot/default.nix Normal file
View file

@ -0,0 +1,18 @@
{
programs.foot = {
enable = true;
server.enable = true;
settings = {
main = {
term = "xterm-256color";
font = "Fira Code:size=11";
dpi-aware = "yes";
};
mouse = {
hide-when-typing = "yes";
};
};
};
}

5
users/profiles/fzf/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.fzf = {
enable = true;
};
}

22
users/profiles/git/default.nix Normal file
View file

@ -0,0 +1,22 @@
{
programs.git = {
enable = true;
extraConfig = {
pull.rebase = false;
};
userName = "aciceri";
userEmail = "andrea.ciceri@autistici.org";
signing = {
signByDefault = true;
key = "andrea.ciceri@autistici.org";
};
extraConfig = {
url = {
"ssh://git@github.com/" = { insteadOf = https://github.com/; };
};
};
};
}

12
users/profiles/gpg/default.nix Normal file
View file

@ -0,0 +1,12 @@
{
services.gpg-agent = {
enable = true;
enableSshSupport = true;
sshKeys = [ "CE2FD0D9BECBD8876811714925066CC257413416" ];
};
programs.gpg = {
enable = true;
settings = { };
};
}

11
users/profiles/gtk/default.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, ... }:
{
gtk = {
enable = true;
font.name = "DejaVu Sans";
iconTheme = {
name = "Adwaita";
package = pkgs.gnome.adwaita-icon-theme;
};
};
}

5
users/profiles/lorri/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
services.lorri = {
enable = true;
};
}

5
users/profiles/mpv/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.mpv = {
enable = true;
};
}

5
users/profiles/password-store/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
services.pass-secret-service.enable = true;
services.password-store-sync.enable = true;
programs.password-store.enable = true;
}

5
users/profiles/qutebrowser/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.qutebrowser = {
enable = true;
};
}

129
users/profiles/sway/default.nix Normal file
View file

@ -0,0 +1,129 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [ wl-clipboard ];
wayland = {
windowManager.sway =
let
modifier = "Mod4";
in
{
enable = true;
config = {
modifier = modifier;
menu = "${pkgs.bemenu}/bin/bemenu-run -b -m 1 -p 'λ'";
output = {
HDMI-A-2 = {
#bg = "~/dotfiles/dotfiles/xorg/wallpaper.jpg fill";
};
};
#fonts = [ "Font Awesome" "Fira Code" ];
terminal = "${pkgs.foot}/bin/footclient";
bars = [
{
command = "${pkgs.waybar}/bin/waybar";
}
];
#startup = [{
#command = "systemctl --user restart redshift";
# always = true;
#}];
window.commands = [
{ criteria = { app_id = "mpv"; }; command = "sticky enable"; }
{ criteria = { app_id = "mpv"; }; command = "floating enable"; }
{ criteria = { title = "MetaMask Notification.*"; }; command = "floating enable"; }
];
input = {
"*" = {
xkb_layout = "us";
xkb_variant = "intl";
};
};
};
extraConfig = ''
bindsym ${modifier}+p move workspace to output right
#exec systemctl --user import-environment
#exec systemctl --user start graphical-session.target
'';
xwayland = true;
systemdIntegration = true;
};
};
programs.waybar = {
enable = true;
style = builtins.readFile ./style.css;
settings = [
{
layer = "top";
position = "top";
output = [ "HDMI-A-2" ];
modules-left = [
"sway/mode"
"sway/workspaces"
];
modules-center = [ ];
modules-right = [
"idle_inhibitor"
"tray"
"network"
"cpu"
"memory"
"pulseaudio"
"clock"
"backlight"
"battery"
];
modules = {
"sway/workspaces" = {
all-outputs = true;
disable-scroll-wraparound = true;
};
"sway/mode" = { tooltip = false; };
idle_inhibitor = {
format = "{icon}";
format-icons = {
activated = "unlocked";
deactivated = "locking";
};
};
pulseaudio = {
format = "vol {volume}%";
on-click-middle = "${pkgs.sway}/bin/swaymsg exec \"${pkgs.pavucontrol}/bin/pavucontrol\"";
};
network = {
format-wifi = "{essid} {signalStrength}% {bandwidthUpBits} {bandwidthDownBits}";
format-ethernet = "{ifname} eth {bandwidthUpBits} {bandwidthDownBits}";
};
cpu = {
interval = 2;
format = "cpu {load}% {usage}%";
};
memory.format = "mem {}%";
backlight = {
format = "nit {percent}%";
on-scroll-up = "${pkgs.light}/bin/light -A 2";
on-scroll-down = "${pkgs.light}/bin/light -U 2";
};
tray.spacing = 10;
clock.format = "{:%a %b %d %H:%M}";
battery = {
format = "bat {}";
};
};
}
];
};
}

219
users/profiles/sway/style.css Normal file
View file

@ -0,0 +1,219 @@
* {
border: none;
border-radius: 5;
/* `otf-font-awesome` is required to be installed for icons */
/* font matches sway-config.nix */
font-family: "DejaVu Sans";
font-weight: bold;
font-size: 9pt;
min-height: 0;
}
window#waybar {
background-color: rgba(43, 48, 59, 0.5);
border-bottom: 3px solid rgba(100, 114, 125, 0.5);
color: #ffffff;
transition-property: background-color;
transition-duration: .5s;
}
window#waybar.hidden {
opacity: 0.2;
}
/*
window#waybar.empty {
background-color: transparent;
}
window#waybar.solo {
background-color: #FFFFFF;
}
*/
window#waybar.termite {
background-color: #3F3F3F;
}
window#waybar.chromium {
background-color: #000000;
border: none;
}
#workspaces button {
padding: 0 5px;
background-color: transparent;
color: #ffffff;
border-bottom: 3px solid transparent;
}
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
#workspaces button:hover {
background: rgba(0, 0, 0, 0.2);
box-shadow: inherit;
border-bottom: 3px solid #ffffff;
}
#workspaces button.current_output {
border-bottom: 3px solid #64727D;
}
#workspaces button.focused {
background-color: #64727D;
}
#workspaces button.focused.current_output {
border-bottom: 3px solid #ffffff;
}
#workspaces button.urgent {
background-color: #eb4d4b;
}
#mode {
background-color: #64727D;
border-bottom: 3px solid #ffffff;
}
#clock,
#battery,
#cpu,
#memory,
#temperature,
#backlight,
#network,
#pulseaudio,
#custom-media,
.srht-failed,
.srht-success,
#tray,
#mode,
#idle_inhibitor,
#mpd {
padding: 0 10px;
margin: 0 4px;
color: #ffffff;
}
#clock {
background-color: #000000;
}
#battery {
background-color: #ffffff;
color: #000000;
}
#battery.charging {
color: #ffffff;
background-color: #26A65B;
}
@keyframes blink {
to {
background-color: #ffffff;
color: #000000;
}
}
#battery.critical:not(.charging) {
background-color: #f53c3c;
color: #ffffff;
animation-name: blink;
animation-duration: 0.5s;
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
label:focus {
background-color: #000000;
}
#cpu {
background-color: #06989A;
}
#memory {
background-color: #2980b9;
}
#backlight {
background-color: #555753;
}
#network {
background-color: #4E9A06;
}
#network.disconnected {
background-color: #f53c3c;
}
#pulseaudio {
background-color: #75507B;
}
#pulseaudio.muted {
background-color: #90b1b1;
color: #2a5c45;
}
#custom-media {
background-color: #66cc99;
color: #2a5c45;
min-width: 100px;
}
#custom-media.custom-spotify {
background-color: #66cc99;
}
#custom-media.custom-vlc {
background-color: #ffa000;
}
#temperature {
background-color: #f0932b;
}
#temperature.critical {
background-color: #eb4d4b;
}
#tray {
background-color: #C4A000;
}
#idle_inhibitor {
background-color: #2d3436;
}
#idle_inhibitor.activated {
background-color: #ecf0f1;
color: #2d3436;
}
#mpd {
background-color: #66cc99;
color: #2a5c45;
}
#mpd.disconnected {
background-color: #f53c3c;
}
#mpd.stopped {
background-color: #90b1b1;
}
#mpd.paused {
background-color: #51a37a;
}
.srht-success {
background-color: #4E9A06;
}
.srht-failed {
background-color: #f53c3c;
}

5
users/profiles/vim/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.vim = {
enable = true;
};
}

23
users/profiles/vscode/default.nix Normal file
View file

@ -0,0 +1,23 @@
{ pkgs, ... }:
{
# only purpose of this is to make vscode login to Github
services.gnome-keyring = {
enable = true;
};
programs.vscode = {
enable = true;
userSettings = {
"update.channel" = "none";
"editor"."formatOnSave" = true;
"window"."menuBarVisibility" = "classic";
"[nix]"."editor.tabSize" = 2;
"nix"."enableLanguageServer" = true;
};
extensions = with pkgs.vscode-extensions; [
eamodio.gitlens
jnoortheen.nix-ide
];
};
}

7
users/profiles/xdg/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ pkgs, ... }:
{
home.packages = [ pkgs.xdg-utils ];
xdg = {
enable = true;
};
}

5
users/profiles/zathura/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.zathura = {
enable = true;
};
}

58
users/profiles/zsh/default.nix Normal file
View file

@ -0,0 +1,58 @@
{ pkgs, ... }:
{
programs.zsh = {
enable = true;
enableAutosuggestions = true;
enableCompletion = true;
autocd = true;
plugins = [
{
name = "nix-zsh-completions";
src = pkgs.nix-zsh-completions;
file = "share/zsh/plugins/nix/nix-zsh-completions.plugin.zsh";
}
{
name = "spaceship";
file = "share/zsh/themes/spaceship.zsh-theme";
src = pkgs.spaceship-prompt;
}
{
name = "zsh-fzf-tab";
file = "share/fzf-tab/fzf-tab.plugin.zsh";
src = pkgs.zsh-fzf-tab;
}
{
name = "fast-zsh-syntax-highlighting";
file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
src = pkgs.zsh-fast-syntax-highlighting;
}
];
oh-my-zsh = {
enable = true;
plugins = [
"git"
"sudo"
"command-not-found"
"colored-man-pages"
"colorize"
];
};
shellAliases = {
"screenshot" = "scrot '~/shots/%F_%T_$wx$h.png' -e 'xclip -selection clipboard -target image/png -i $f' -s";
"pass-clone" = "[ -d .password-store ] && echo 'Password store archive already exists' || git clone git@git.sr.ht:~zrsk/pass ~/.password-store";
"getpass" = "pass show $(find .password-store/ -name \"*.gpg\" | sed \"s/\\.password-store\\/\\(.*\\)\\.gpg$/\\1/g\" | fzf) | wl-copy; ((sleep 60 && wl-copy --clear) &)";
"cat" = "bat";
"em" = "emacsclient -c";
"emnw" = "emacsclient -c -nw";
};
localVariables = {
PASSWORD_STORE_DIR = "/home/ccr/.password-store";
SPACESHIP_TIME_SHOW = "true";
SPACESHIP_USER_SHOW = "always";
SPACESHIP_HOST_SHOW = "always";
EDITOR = "vim";
NIX_BUILD_SHELL = "${pkgs.zsh-nix-shell}/scripts/buildShellShim.zsh";
PROMPT = "\\\${IN_NIX_SHELL:+[nix-shell] }$PROMPT";
};
};
}

8
users/root/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ pkgs, ... }:
# recommend using `hashedPassword`
{
users.users.root = {
password = "nixos";
shell = pkgs.zsh;
};
}