Code snapshot
This is safe enough for a commit, though it doesn't work yet. TODO: update home-manager module references
This commit is contained in:
parent
0327ca11ac
commit
a71149c0ed
|
@ -12,3 +12,6 @@ indent_style = space
|
|||
[*.md]
|
||||
max_line_length = 80
|
||||
trim_trailing_whitespace = false
|
||||
|
||||
[*.json]
|
||||
indent_style = tab
|
||||
|
|
8
.sops.yaml
Normal file
8
.sops.yaml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
keys:
|
||||
- &follie age1qjdsw949yvhlkttldda5ar4t0mma9vwey8gal425qckh67h7taws96vsey
|
||||
creation_rules:
|
||||
- path_regex: secrets\.json$
|
||||
key_groups:
|
||||
- age:
|
||||
- *follie
|
2
LICENSE
2
LICENSE
|
@ -1,6 +1,6 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2023 Hoang Nguyen <folliekazetani@protonmail.com>
|
||||
Copyright (c) 2023-2024 Hoang Nguyen <folliekazetani@protonmail.com>
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
|
|
50
NOTES.md
Normal file
50
NOTES.md
Normal file
|
@ -0,0 +1,50 @@
|
|||
# Notes for making stuff work
|
||||
|
||||
NOTE: move this file's content to <https://docs.folliehiyuki.com> when the site is set up properly.
|
||||
|
||||
## Darwin
|
||||
|
||||
- Start `minikube` with **qemu2** driver:
|
||||
```bash
|
||||
minikube start \
|
||||
--driver qemu \
|
||||
--network socket_vmnet \
|
||||
--qemu-firmware-path /etc/profiles/per-user/${USER}/share/qemu/edk2-aarch64-code.fd
|
||||
```
|
||||
|
||||
- `podman-machine` might not be able to find qemu's UEFI firmware files. Specify it in the machine configuration:
|
||||
|
||||
***~/.config/containers/podman/machine/qemu/podman-machine-${PODMAN_MACHINE_INSTANCE}.json***
|
||||
```json
|
||||
{
|
||||
...
|
||||
"CmdLine": [
|
||||
...
|
||||
"file=/etc/profiles/per-user/${USER}/share/qemu/edk2-aarch64-code.fd,if=pflash,format=raw,readonly=on",
|
||||
...
|
||||
],
|
||||
...
|
||||
}
|
||||
```
|
||||
|
||||
- Set up Docker host:
|
||||
|
||||
```bash
|
||||
# Start a lima VM hosting remote dockerd daemon
|
||||
# (all lima templates are available at https://github.com/lima-vm/lima/tree/master/examples)
|
||||
limactl create --name=docker template://docker
|
||||
|
||||
# Start the created VM
|
||||
limactl start docker
|
||||
|
||||
# Add a separated Docker context pointing to the VM
|
||||
docker context create lima-docker --docker "host=unix:///Users/${USER}/.lima/docker/sock/docker.sock"
|
||||
|
||||
# Switch to the new context
|
||||
docker context use lima-docker
|
||||
|
||||
# docker works now \(^-^)/
|
||||
docker images -a
|
||||
```
|
||||
|
||||
## NixOS
|
42
README.md
42
README.md
|
@ -1,10 +1,10 @@
|
|||
# FollieHiyuki's Nix configuration
|
||||
# folliehiyuki's Nix configuration
|
||||
|
||||
This Nix flake is used to manage:
|
||||
- my work laptop (an Apple Silicon M2 Macbook Air)
|
||||
- my work laptop (an Apple M2 Macbook Air)
|
||||
- my NixOS desktop
|
||||
|
||||
For the configuration of my other desktop hosts (mostly AlpineLinux), look at [dotfiles-ansible](/FollieHiyuki/dotfiles-ansible) and [sysconfig](/FollieHiyuki/sysconfig) repositories.
|
||||
For the configuration of my other desktop hosts running either [AlpineLinux](https://alpinelinux.org) or [ChimeraLinux](https://chimera-linux.org/), see [dotfiles-ansible](/folliehiyuki/dotfiles-ansible) and [sysconfig](/folliehiyuki/sysconfig) repositories.
|
||||
|
||||
<!--toc:start-->
|
||||
## Table of Content
|
||||
|
@ -17,7 +17,7 @@ For the configuration of my other desktop hosts (mostly AlpineLinux), look at [d
|
|||
|
||||
### Darwin
|
||||
|
||||
`nix` and `homebrew` need to be installed separatedly:
|
||||
`nix` and `homebrew` need to be installed separately:
|
||||
- **nix**: `sh <(curl -L https://nixos.org/nix/install)`
|
||||
- **homebrew**: `bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"`
|
||||
|
||||
|
@ -25,33 +25,13 @@ Currently, there is only 1 Darwin host, to configure it:
|
|||
|
||||
```bash
|
||||
nix build .#darwinConfigurations.hoangnguyenhuy.system
|
||||
|
||||
darwin-rebuild switch --flake .#hoangnguyenhuy
|
||||
```
|
||||
|
||||
**Caveats**:
|
||||
- `podman-machine` can't load `edk2-aarch64-code.fd` file: explicitly set the exposed path in
|
||||
|
||||
*~/.config/containers/podman/machine/qemu/podman-machine-default.json*
|
||||
```json
|
||||
{
|
||||
...
|
||||
"CmdLine": [
|
||||
...
|
||||
"file=/etc/profiles/per-user/<username>/share/qemu/edk2-aarch64-code.fd,if=pflash,format=raw,readonly=on",
|
||||
...
|
||||
],
|
||||
...
|
||||
}
|
||||
```
|
||||
|
||||
- `minikube` needs to be started like this with qemu2 driver:
|
||||
```bash
|
||||
# `socket_vmnet` is available via HomeBrew
|
||||
minikube start \
|
||||
--driver qemu \
|
||||
--network socket_vmnet \
|
||||
--qemu-firmware-path /etc/profiles/per-user/<username>/share/qemu/edk2-aarch64-code.fd
|
||||
./result/sw/bin/darwin-rebuild switch --flake .#hoangnguyenhuy
|
||||
```
|
||||
|
||||
### NixOS
|
||||
|
||||
## Credits
|
||||
|
||||
- [NotAShelf/nyx](https://github.com/notashelf/nyx)
|
||||
- [hlissner/dotfiles](https://github.com/hlissner/dotfiles)
|
||||
- [Mic92/dotfiles](https://github.com/Mic92/dotfiles)
|
||||
|
|
9
darwin/amethyst.nix
Normal file
9
darwin/amethyst.nix
Normal file
|
@ -0,0 +1,9 @@
|
|||
{ config, lib, ... }: {
|
||||
options.programs.amethyst.enable = lib.mkEnableOption "amethyst";
|
||||
|
||||
# NOTE: allow the app to control the computer in Privacy & Security > Accessibility
|
||||
config = lib.mkIf config.programs.amethyst.enable {
|
||||
homebrew.casks = [ "amethyst" ];
|
||||
system.defaults.dock.mru-spaces = false;
|
||||
};
|
||||
}
|
|
@ -1,18 +1,15 @@
|
|||
{ config, lib, myLib, ... }:
|
||||
let
|
||||
username = config.personal.user.name;
|
||||
in
|
||||
{
|
||||
imports = myLib.listModules ./.;
|
||||
{ inputs, config, lib, ... }: {
|
||||
imports = with inputs; [
|
||||
home-manager.darwinModules.home-manager
|
||||
../nixos/common.nix
|
||||
] ++ (self.lib.listModules ./.);
|
||||
|
||||
config = {
|
||||
users.users.${username}.home = "/Users/${username}";
|
||||
|
||||
environment.variables = {
|
||||
HOMEBREW_NO_ANALYTICS = "1";
|
||||
};
|
||||
|
||||
# Make `nix doctor` happy
|
||||
# Make `nix config check` happy
|
||||
environment.profiles = lib.mkForce [
|
||||
"$HOME/.nix-profile"
|
||||
|
||||
|
@ -30,10 +27,7 @@ in
|
|||
global.autoUpdate = false;
|
||||
};
|
||||
|
||||
services.nix-daemon = {
|
||||
enable = true;
|
||||
enableSocketListener = true;
|
||||
};
|
||||
services.nix-daemon.enable = true;
|
||||
|
||||
system.defaults = {
|
||||
NSGlobalDomain = {
|
169
flake.lock
169
flake.lock
|
@ -8,11 +8,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699218802,
|
||||
"narHash": "sha256-5l0W4Q7z7A4BCstaF5JuBqXOVrZ3Vqst5+hUnP7EdUc=",
|
||||
"lastModified": 1707075082,
|
||||
"narHash": "sha256-PUplk5F5jlIyofxqn/xEDN9pbjrd0tnkd0pDsZ52db0=",
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"rev": "2d6c2aaff5a05e443eb15efddc21f9c73720340c",
|
||||
"rev": "7d5b46c17d857ee9ddb2e8d88185729a3e5637b6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -28,11 +28,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704277720,
|
||||
"narHash": "sha256-meAKNgmh3goankLGWqqpw73pm9IvXjEENJloF0coskE=",
|
||||
"lastModified": 1706833576,
|
||||
"narHash": "sha256-w7BL0EWRts+nD1lbLECIuz6fRzmmV+z8oWwoY7womR0=",
|
||||
"owner": "LnL7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "0dd382b70c351f528561f71a0a7df82c9d2be9a4",
|
||||
"rev": "bdbae6ecff8fcc322bf6b9053c0b984912378af7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -48,11 +48,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704318910,
|
||||
"narHash": "sha256-wOIJwAsnZhM0NlFRwYJRgO4Lldh8j9viyzwQXtrbNtM=",
|
||||
"lastModified": 1707385478,
|
||||
"narHash": "sha256-xwKXoBeiwfp+jqQxt3O0mUxrBXsNfdBn15teMMWbw0U=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "aef9a509db64a081186af2dc185654d78dc8e344",
|
||||
"rev": "15b52c3c8a718253e66f1b92f595dc47873fdfea",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -84,11 +84,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704152458,
|
||||
"narHash": "sha256-DS+dGw7SKygIWf9w4eNBUZsK+4Ug27NwEWmn2tnbycg=",
|
||||
"lastModified": 1706830856,
|
||||
"narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "88a2cd8166694ba0b6cb374700799cec53aef527",
|
||||
"rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -102,11 +102,11 @@
|
|||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1694529238,
|
||||
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
||||
"lastModified": 1705309234,
|
||||
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
||||
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -124,11 +124,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1660459072,
|
||||
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
|
||||
"lastModified": 1703887061,
|
||||
"narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
|
||||
"rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -144,11 +144,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704498488,
|
||||
"narHash": "sha256-yINKdShHrtjdiJhov+q0s3Y3B830ujRoSbHduUNyKag=",
|
||||
"lastModified": 1707175763,
|
||||
"narHash": "sha256-0MKHC6tQ4KEuM5rui6DjKZ/VNiSANB4E+DJ/+wPS1PU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "51e44a13acea71b36245e8bd8c7db53e0a3e61ee",
|
||||
"rev": "f99eace7c167b8a6a0871849493b1c613d0f1b80",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -159,11 +159,11 @@
|
|||
},
|
||||
"impermanence": {
|
||||
"locked": {
|
||||
"lastModified": 1703656108,
|
||||
"narHash": "sha256-hCSUqdFJKHHbER8Cenf5JRzjMlBjIdwdftGQsO0xoJs=",
|
||||
"lastModified": 1706639736,
|
||||
"narHash": "sha256-CaG4j9+UwBDfinxxvJMo6yOonSmSo0ZgnbD7aj2Put0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"rev": "033643a45a4a920660ef91caa391fbffb14da466",
|
||||
"rev": "cd13c2917eaa68e4c49fea0ff9cada45440d7045",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -175,11 +175,15 @@
|
|||
"lanzaboote": {
|
||||
"inputs": {
|
||||
"crane": "crane",
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-parts": [
|
||||
"flake-parts"
|
||||
],
|
||||
"flake-utils": "flake-utils",
|
||||
"flake-utils": [
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
|
@ -187,11 +191,11 @@
|
|||
"rust-overlay": "rust-overlay"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704497899,
|
||||
"narHash": "sha256-eyImNjgTHaF+be2fnNFY+Lv73rWVj7yOGxrafZNB/gI=",
|
||||
"lastModified": 1707121196,
|
||||
"narHash": "sha256-drevc7MfnMD0Ya811UPDCY5hkCOYXgDYr+oKwWLvF+E=",
|
||||
"owner": "nix-community",
|
||||
"repo": "lanzaboote",
|
||||
"rev": "a454a5894700db8b85d0e08ae1bb870c4b88ef77",
|
||||
"rev": "f2bc0af580f0bb6e6a2d0bcf0cfb237b357ffbbf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -207,11 +211,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704596958,
|
||||
"narHash": "sha256-BK3Ohsz7m8X6qVKFxDtr8KVcHipfr5hYE9PDIJevHbQ=",
|
||||
"lastModified": 1707016097,
|
||||
"narHash": "sha256-V4lHr6hFQ3rK650dh64Xffxsf4kse9vUYWsM+ldjkco=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "f46800ac5a6e9f892fe36e50821c5d85794ecc62",
|
||||
"rev": "3e3dad2808379c522138e2e8b0eb73500721a237",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -222,11 +226,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1704194953,
|
||||
"narHash": "sha256-RtDKd8Mynhe5CFnVT8s0/0yqtWFMM9LmCzXv/YKxnq4=",
|
||||
"lastModified": 1707268954,
|
||||
"narHash": "sha256-2en1kvde3cJVc3ZnTy8QeD2oKcseLFjYPLKhIGDanQ0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "bd645e8668ec6612439a9ee7e71f7eac4099d4f6",
|
||||
"rev": "f8e2ebd66d097614d51a56a755450d4ae1632df1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -238,36 +242,59 @@
|
|||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1685801374,
|
||||
"narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
|
||||
"lastModified": 1704874635,
|
||||
"narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
|
||||
"rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-23.05",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1704290814,
|
||||
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
|
||||
"lastModified": 1707391491,
|
||||
"narHash": "sha256-TyDXcq8Z3slMNeyeF+ke0BzISWuM6NrBklr7XyiRbZA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
|
||||
"rev": "bc6cb3d59b7aab88e967264254f8c1aa4c0284e9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "release-23.05",
|
||||
"ref": "release-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"plasma-manager": {
|
||||
"inputs": {
|
||||
"home-manager": [
|
||||
"home-manager"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1707045317,
|
||||
"narHash": "sha256-o2NZJcNu2/M3qycZ2Z9sgIESQEBFmihbbA7//sp7yVA=",
|
||||
"owner": "pjones",
|
||||
"repo": "plasma-manager",
|
||||
"rev": "290cd65b65e2da11ca9fda69781ea9beb8a6f6ac",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "pjones",
|
||||
"repo": "plasma-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"pre-commit-hooks-nix": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
|
@ -286,11 +313,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699271226,
|
||||
"narHash": "sha256-8Jt1KW3xTjolD6c6OjJm9USx/jmL+VVmbooADCkdDfU=",
|
||||
"lastModified": 1706424699,
|
||||
"narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=",
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"rev": "ea758da1a6dcde6dc36db348ed690d09b9864128",
|
||||
"rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -303,14 +330,18 @@
|
|||
"inputs": {
|
||||
"darwin": "darwin",
|
||||
"disko": "disko",
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-parts": "flake-parts",
|
||||
"flake-utils": "flake-utils",
|
||||
"home-manager": "home-manager",
|
||||
"impermanence": "impermanence",
|
||||
"lanzaboote": "lanzaboote",
|
||||
"nix-index-database": "nix-index-database",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"plasma-manager": "plasma-manager",
|
||||
"sops-nix": "sops-nix",
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
"treefmt-nix": "treefmt-nix",
|
||||
"vscode-extensions": "vscode-extensions"
|
||||
}
|
||||
},
|
||||
"rust-overlay": {
|
||||
|
@ -325,11 +356,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699409596,
|
||||
"narHash": "sha256-L3g1smIol3dGTxkUQOlNShJtZLvjLzvtbaeTRizwZBU=",
|
||||
"lastModified": 1707099356,
|
||||
"narHash": "sha256-ph483MDKLi9I/gndYOieVP41es633DOOmPjEI50x5KU=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "58240e1ac627cef3ea30c7732fedfb4f51afd8e7",
|
||||
"rev": "61dfa5a8129f7edbe9150253c68f673f87b16fb1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -346,11 +377,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704596510,
|
||||
"narHash": "sha256-tupdwwg1WeX2hNMOQrvtyafTaTVty0QC/gQp7yaYJic=",
|
||||
"lastModified": 1707397511,
|
||||
"narHash": "sha256-pYqXcTjcPC/go3FzT1dYtYsbmzAjO1MHhT/xgiI6J7o=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "f5fbcc0f50e7fc60c4f806fa7a09abccf0826d8a",
|
||||
"rev": "2168851d58595431ee11ebfc3a49d60d318b7312",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -381,11 +412,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704233915,
|
||||
"narHash": "sha256-GYDC4HjyVizxnyKRbkrh1GugGp8PP3+fJuh40RPCN7k=",
|
||||
"lastModified": 1707300477,
|
||||
"narHash": "sha256-qQF0fEkHlnxHcrKIMRzOETnRBksUK048MXkX0SOmxvA=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "e434da615ef74187ba003b529cc72f425f5d941e",
|
||||
"rev": "ac599dab59a66304eb511af07b3883114f061b9d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -393,6 +424,32 @@
|
|||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"vscode-extensions": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-utils": [
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1707441271,
|
||||
"narHash": "sha256-VbhPwJ6JDLklCClM1T14pzKrgsnIvWOg/2YUmYBmLFk=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-vscode-extensions",
|
||||
"rev": "a008981410d7da870988b5415ebd33165d98084d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-vscode-extensions",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
47
flake.nix
47
flake.nix
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
description = "FollieHiyuki's Nix Configuration";
|
||||
description = "folliehiyuki's Nix Configuration";
|
||||
|
||||
nixConfig = {
|
||||
extra-substituters = [
|
||||
|
@ -46,44 +46,73 @@
|
|||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
plasma-manager = {
|
||||
url = "github:pjones/plasma-manager";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.home-manager.follows = "home-manager";
|
||||
};
|
||||
|
||||
vscode-extensions = {
|
||||
url = "github:nix-community/nix-vscode-extensions";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.flake-compat.follows = "flake-compat";
|
||||
inputs.flake-utils.follows = "flake-utils";
|
||||
};
|
||||
|
||||
lanzaboote = {
|
||||
url = "github:nix-community/lanzaboote";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.flake-compat.follows = "flake-compat";
|
||||
inputs.flake-parts.follows = "flake-parts";
|
||||
inputs.flake-utils.follows = "flake-utils";
|
||||
};
|
||||
|
||||
sops-nix = {
|
||||
url = "github:Mic92/sops-nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
# These are used only for common dependencies lock
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
flake-compat = {
|
||||
url = "github:edolstra/flake-compat";
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
|
||||
outputs = inputs @ { flake-parts, nixpkgs, ... }:
|
||||
let
|
||||
myLib = import ./lib { inherit (nixpkgs) lib; };
|
||||
in
|
||||
flake-parts.lib.mkFlake { inherit inputs; specialArgs = { inherit myLib; }; } {
|
||||
flake-parts.lib.mkFlake { inherit inputs; } {
|
||||
systems = [ "x86_64-linux" "aarch64-darwin" ];
|
||||
|
||||
imports = (myLib.listModules ./flake) ++ [ ./hosts ];
|
||||
imports = myLib.listModules ./flake;
|
||||
|
||||
perSystem = { system, ... }: {
|
||||
_module.args = {
|
||||
inherit myLib;
|
||||
inherit (nixpkgs) lib;
|
||||
|
||||
# Allow installing unfree packages like terraform, vault, ...
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
|
||||
overlays = [ inputs.vscode-extensions.overlays.default ];
|
||||
|
||||
# Allow installing unfree packages like terraform, vault, ...
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Make sure my custom functions don't do anything stupid
|
||||
flake.tests = import ./tests {
|
||||
inherit myLib;
|
||||
inherit (nixpkgs) lib;
|
||||
flake = {
|
||||
# exposed for other submodules to use
|
||||
lib = myLib;
|
||||
|
||||
# Make sure my custom functions don't do anything stupid
|
||||
tests = import ./tests {
|
||||
inherit myLib;
|
||||
inherit (nixpkgs) lib;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
36
flake/hosts.nix
Normal file
36
flake/hosts.nix
Normal file
|
@ -0,0 +1,36 @@
|
|||
{ inputs, lib, ... }:
|
||||
let
|
||||
darwinHosts = [
|
||||
"hoangnguyenhuy"
|
||||
];
|
||||
nixosHosts = [
|
||||
"artoria"
|
||||
];
|
||||
in
|
||||
{
|
||||
flake = {
|
||||
darwinConfigurations = lib.genAttrs darwinHosts
|
||||
(name: inputs.darwin.lib.darwinSystem {
|
||||
specialArgs = { inherit inputs; };
|
||||
modules = [
|
||||
../darwin
|
||||
../home-manager
|
||||
{
|
||||
system.stateVersion = 4;
|
||||
networking.computerName = name;
|
||||
networking.hostName = name;
|
||||
}
|
||||
] ++ (inputs.self.lib.listModules ../hosts/${name});
|
||||
});
|
||||
|
||||
nixosConfigurations = lib.genAttrs nixosHosts
|
||||
(name: lib.nixosSystem {
|
||||
specialArgs = { inherit inputs; };
|
||||
modules = [
|
||||
../nixos
|
||||
../home-manager
|
||||
{ networking.hostName = name; }
|
||||
] ++ (inputs.self.lib.listModules ../hosts/${name});
|
||||
});
|
||||
};
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
_: {
|
||||
perSystem = { pkgs, config, ... }: {
|
||||
devShells.default = pkgs.mkShellNoCC {
|
||||
name = "dotfiles-nix";
|
||||
name = "nixconfig";
|
||||
meta.description = "Development shell for the Nix dotfiles";
|
||||
inputsFrom = [ config.treefmt.build.devShell ];
|
||||
packages = with pkgs; [
|
||||
|
@ -12,9 +12,6 @@ _: {
|
|||
sops
|
||||
vim
|
||||
];
|
||||
shellHook = ''
|
||||
export NIX_CONFIG="experimental-features = nix-command flakes"
|
||||
'';
|
||||
};
|
||||
|
||||
checks = {
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
perSystem = _: {
|
||||
treefmt = {
|
||||
projectRootFile = "flake.nix";
|
||||
projectRootFile = "flake.lock";
|
||||
|
||||
programs = {
|
||||
statix.enable = true;
|
||||
|
|
19
home-manager/default.nix
Normal file
19
home-manager/default.nix
Normal file
|
@ -0,0 +1,19 @@
|
|||
{ inputs, ... }: {
|
||||
home-manager = {
|
||||
verbose = true;
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
extraSpecialArgs = { inherit inputs; };
|
||||
backupFileExtension = "old";
|
||||
|
||||
sharedModules = with inputs; [
|
||||
nix-index-database.hmModules.nix-index
|
||||
sops-nix.homeManagerModules.sops
|
||||
{
|
||||
home.stateVersion = "24.05";
|
||||
programs.home-manager.enable = true;
|
||||
}
|
||||
]
|
||||
++ (self.lib.listModuleDirsRecursive ./.);
|
||||
};
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
{ osConfig, pkgs, lib, ... }: {
|
||||
config = lib.mkIf (osConfig.personal.dotfiles.amethyst.enable && pkgs.stdenv.isDarwin) {
|
||||
config = lib.mkIf (osConfig.programs.amethyst.enable && pkgs.stdenv.isDarwin) {
|
||||
xdg.configFile."amethyst/amethyst.yml" = {
|
||||
source = ./amethyst.yml;
|
||||
};
|
|
@ -23,7 +23,7 @@
|
|||
cd "$nvim_confdir"
|
||||
git pull origin main
|
||||
else
|
||||
git clone --depth=1 --branch=main https://gitlab.com/FollieHiyuki/nvim.git "$nvim_confdir"
|
||||
git clone --depth=1 --branch=main https://gitlab.com/folliehiyuki/nvim.git "$nvim_confdir"
|
||||
fi
|
||||
'';
|
||||
};
|
15
home-manager/programs/editors/vscode/default.nix
Normal file
15
home-manager/programs/editors/vscode/default.nix
Normal file
|
@ -0,0 +1,15 @@
|
|||
{ osConfig, lib, pkgs, ... }: {
|
||||
config = lib.mkIf osConfig.personal.dotfiles.vscode.enable {
|
||||
programs.vscode = {
|
||||
enable = true;
|
||||
package = pkgs.vscodium;
|
||||
enableUpdateCheck = false;
|
||||
enableExtensionUpdateCheck = false;
|
||||
};
|
||||
|
||||
home.activation.enableVscodeKeyRepeating = lib.mkIf pkgs.stdenv.isDarwin ''
|
||||
/usr/bin/defaults write com.vscodium ApplePressAndHoldEnabled -bool false
|
||||
/usr/bin/defaults write com.microsoft.VSCode ApplePressAndHoldEnabled -bool false
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,104 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
username = config.personal.user.name;
|
||||
in
|
||||
{
|
||||
personal.dotfiles = import ./home.nix { inherit lib; };
|
||||
|
||||
personal.user = {
|
||||
name = "hoang.nguyenhuy";
|
||||
description = "Hoang Nguyen Huy";
|
||||
email = "hoang.nguyenhuy@optimizely.com";
|
||||
gpgPubKey = "4DDE6212A7FDB0E1";
|
||||
|
||||
# Ref: https://github.com/LnL7/nix-darwin/issues/122
|
||||
# so no fish-shell then
|
||||
shell = "zsh";
|
||||
|
||||
packages = with pkgs; [
|
||||
age
|
||||
aws-sso-cli
|
||||
awscli2
|
||||
cargo
|
||||
chafa
|
||||
croc
|
||||
cue
|
||||
dbeaver
|
||||
delve
|
||||
fd
|
||||
ghq
|
||||
gnumake
|
||||
go
|
||||
go-tools
|
||||
gojq
|
||||
golangci-lint
|
||||
gopls
|
||||
gvproxy # used for podman-machine's host network
|
||||
(hunspellWithDicts (with hunspellDicts; [ en_US-large ]))
|
||||
iterm2
|
||||
kubectl
|
||||
kubectx
|
||||
kubernetes-helm
|
||||
lima
|
||||
mage
|
||||
minikube
|
||||
nil
|
||||
packer
|
||||
podman
|
||||
qemu_kvm
|
||||
s5cmd
|
||||
shellcheck
|
||||
sops
|
||||
ssm-session-manager-plugin
|
||||
stern
|
||||
terraform
|
||||
terraform-ls
|
||||
vault
|
||||
youtube-music
|
||||
];
|
||||
};
|
||||
|
||||
environment.pathsToLink = [
|
||||
"/share/qemu" # expose edk2-aarch64-code.fd in a stable path for podman/minikube
|
||||
];
|
||||
|
||||
fonts.fonts = with pkgs; [
|
||||
sarasa-gothic
|
||||
iosevka-bin
|
||||
(iosevka-bin.override { variant = "aile"; })
|
||||
(iosevka-bin.override { variant = "etoile"; })
|
||||
(nerdfonts.override { fonts = [ "IosevkaTerm" ]; })
|
||||
];
|
||||
|
||||
homebrew = {
|
||||
casks = [
|
||||
"aws-vpn-client"
|
||||
"displaylink"
|
||||
"keepassxc" # the brew formulae comes with keepassxc-cli, while the package from nixpkgs only has .app file
|
||||
"maccy"
|
||||
"openlens"
|
||||
];
|
||||
|
||||
# NOTE: these are used for pkgs.minikube
|
||||
# Ref: https://minikube.sigs.k8s.io/docs/drivers/qemu/
|
||||
brews = [
|
||||
"socket_vmnet" # remember to run `brew services start socket_vmnet` as root afterward
|
||||
"pulumi" # pulumi packages in NixOS repository are pretty outdated (and no pulumi-language-yaml)
|
||||
];
|
||||
taps = [
|
||||
"homebrew/services"
|
||||
];
|
||||
};
|
||||
|
||||
nix.settings.allowed-users = [ "@admin" "@nixbld" "${username}" ];
|
||||
|
||||
# NOTE: re-apply this configuration whenever MacOS does a system upgrade
|
||||
security.pam.enableSudoTouchIdAuth = true;
|
||||
|
||||
system.activationScripts.postActivation.text = ''
|
||||
sudo chsh -s ${pkgs.zsh}/bin/zsh ${username}
|
||||
sudo -u ${username} /opt/homebrew/bin/brew analytics off
|
||||
'';
|
||||
|
||||
nixpkgs.hostPlatform = "aarch64-darwin";
|
||||
}
|
|
@ -1,25 +0,0 @@
|
|||
{ lib, ... }: lib.recursiveUpdate
|
||||
(builtins.listToAttrs (builtins.map
|
||||
(elem: {
|
||||
name = elem;
|
||||
value.enable = true;
|
||||
})
|
||||
[
|
||||
"amethyst"
|
||||
"bat"
|
||||
"direnv"
|
||||
"emacs"
|
||||
"fzf"
|
||||
"gh"
|
||||
"git"
|
||||
"gpg"
|
||||
"k9s"
|
||||
"lsd"
|
||||
"neovim"
|
||||
"pnpm"
|
||||
"ripgrep"
|
||||
"starship"
|
||||
"vscode"
|
||||
"zoxide"
|
||||
]))
|
||||
{ neovim.defaultEditor = true; }
|
|
@ -1,55 +0,0 @@
|
|||
{ inputs, lib, myLib, ... }:
|
||||
let
|
||||
machines = lib.mapAttrs
|
||||
(x: _: builtins.attrNames (myLib.filterDirs ./${x}))
|
||||
(myLib.filterDirs ./.);
|
||||
|
||||
osConfigurations = os: builtins.listToAttrs (builtins.map
|
||||
(host:
|
||||
let
|
||||
hostModules = with inputs; {
|
||||
nixos = [
|
||||
disko.nixosModules.disko
|
||||
home-manager.nixosModules.home-manager
|
||||
impermanence.nixosModules.impermanence
|
||||
sops-nix.nixosModules.sops
|
||||
../modules/nixos
|
||||
];
|
||||
|
||||
darwin = [
|
||||
home-manager.darwinModules.home-manager
|
||||
{
|
||||
system.stateVersion = 4;
|
||||
networking.computerName = host;
|
||||
}
|
||||
../modules/darwin
|
||||
];
|
||||
};
|
||||
|
||||
commonModules = [
|
||||
{ networking.hostName = host; }
|
||||
../modules/common
|
||||
../modules/home-manager
|
||||
./${os}/${host}/configuration.nix
|
||||
];
|
||||
|
||||
osSystem = {
|
||||
nixos = inputs.nixpkgs.lib.nixosSystem;
|
||||
darwin = inputs.darwin.lib.darwinSystem;
|
||||
};
|
||||
in
|
||||
{
|
||||
name = host;
|
||||
value = osSystem.${os} {
|
||||
specialArgs = { inherit inputs lib myLib; };
|
||||
modules = commonModules ++ hostModules.${os};
|
||||
};
|
||||
})
|
||||
machines.${os});
|
||||
in
|
||||
{
|
||||
flake = {
|
||||
darwinConfigurations = osConfigurations "darwin";
|
||||
nixosConfigurations = osConfigurations "nixos";
|
||||
};
|
||||
}
|
47
hosts/hoangnguyenhuy/configuration.nix
Normal file
47
hosts/hoangnguyenhuy/configuration.nix
Normal file
|
@ -0,0 +1,47 @@
|
|||
{ pkgs, ... }: {
|
||||
environment.pathsToLink = [
|
||||
"/share/qemu" # expose edk2-aarch64-code.fd in a stable path for podman/minikube
|
||||
];
|
||||
|
||||
environment.shells = [ pkgs.zsh ];
|
||||
|
||||
programs = {
|
||||
amethyst.enable = true;
|
||||
zsh.enable = true;
|
||||
};
|
||||
|
||||
fonts.fonts = with pkgs; [
|
||||
sarasa-gothic
|
||||
iosevka-bin
|
||||
(iosevka-bin.override { variant = "aile"; })
|
||||
(iosevka-bin.override { variant = "etoile"; })
|
||||
(nerdfonts.override { fonts = [ "IosevkaTerm" ]; })
|
||||
];
|
||||
|
||||
homebrew = {
|
||||
casks = [
|
||||
"aws-vpn-client"
|
||||
"displaylink"
|
||||
"keepassxc" # the brew formulae comes with keepassxc-cli, while the package from nixpkgs only has .app file
|
||||
"maccy"
|
||||
"openlens"
|
||||
];
|
||||
|
||||
# NOTE: these are used for pkgs.minikube
|
||||
# Ref: https://minikube.sigs.k8s.io/docs/drivers/qemu/
|
||||
brews = [
|
||||
"socket_vmnet" # remember to run `brew services start socket_vmnet` as root afterward
|
||||
"pulumi" # pulumi packages in NixOS repository are pretty outdated (and no pulumi-language-yaml)
|
||||
];
|
||||
taps = [
|
||||
"homebrew/services"
|
||||
];
|
||||
};
|
||||
|
||||
# NOTE: re-apply this configuration whenever MacOS does a system upgrade
|
||||
security.pam.enableSudoTouchIdAuth = true;
|
||||
|
||||
nix.settings.allowed-users = [ "@admin" ];
|
||||
|
||||
nixpkgs.hostPlatform = "aarch64-darwin";
|
||||
}
|
134
hosts/hoangnguyenhuy/user.nix
Normal file
134
hosts/hoangnguyenhuy/user.nix
Normal file
|
@ -0,0 +1,134 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
username = "hoang.nguyenhuy";
|
||||
in
|
||||
{
|
||||
nix.settings.allowed-users = [ username ];
|
||||
|
||||
users.users.${username} = {
|
||||
home = "/Users/${username}";
|
||||
description = "Hoang Nguyen Huy";
|
||||
|
||||
# Ref: https://github.com/LnL7/nix-darwin/issues/122
|
||||
# so no fish-shell then
|
||||
shell = pkgs.zsh;
|
||||
|
||||
packages = with pkgs; [
|
||||
age
|
||||
aws-sso-cli
|
||||
awscli2
|
||||
cargo
|
||||
chafa
|
||||
croc
|
||||
cue
|
||||
dbeaver
|
||||
docker-buildx
|
||||
docker-client
|
||||
docker-compose
|
||||
fd
|
||||
ghq
|
||||
gnumake
|
||||
go
|
||||
gojq
|
||||
golangci-lint
|
||||
(hunspellWithDicts (with hunspellDicts; [ en_US-large ]))
|
||||
iterm2
|
||||
kubectl
|
||||
kubectx
|
||||
kubernetes-helm
|
||||
lima
|
||||
minikube
|
||||
packer
|
||||
qemu_kvm
|
||||
s5cmd
|
||||
shellcheck
|
||||
sops
|
||||
(ssm-session-manager-plugin.overrideAttrs { doCheck = false; })
|
||||
stern
|
||||
(terraform.overrideAttrs { doCheck = false; })
|
||||
(vault.overrideAttrs { doCheck = false; })
|
||||
youtube-music
|
||||
];
|
||||
};
|
||||
|
||||
system.activationScripts.postActivation.text = ''
|
||||
sudo chsh -s ${pkgs.zsh}/bin/zsh ${username}
|
||||
sudo -u ${username} /opt/homebrew/bin/brew analytics off
|
||||
'';
|
||||
|
||||
home-manager.users.${username}.programs = {
|
||||
bat.enable = true;
|
||||
direnv.enable = true;
|
||||
emacs.enable = true;
|
||||
fzf.enable = true;
|
||||
gh.enable = true;
|
||||
git = {
|
||||
enable = true;
|
||||
signing.key = "4DDE6212A7FDB0E1";
|
||||
userEmail = "hoang.nguyenhuy@optimizely.com";
|
||||
};
|
||||
gpg.enable = true;
|
||||
k9s.enable = true;
|
||||
lsd.enable = true;
|
||||
neovim = {
|
||||
enable = true;
|
||||
defaultEditor = true;
|
||||
};
|
||||
pnpm.enable = true;
|
||||
ripgrep.enable = true;
|
||||
starship.enable = true;
|
||||
vscode = {
|
||||
enable = true;
|
||||
|
||||
# These extensions come from `nix-vscode-extensions` overlay (set via nixpkgs.overlays)
|
||||
extensions = with pkgs; [
|
||||
open-vsx-release.arcticicestudio.nord-visual-studio-code
|
||||
open-vsx-release.asciidoctor.asciidoctor-vscode
|
||||
open-vsx-release.brody715.vscode-cuelang
|
||||
open-vsx-release.coenraads.bracket-pair-colorizer-2
|
||||
open-vsx-release.editorconfig.editorconfig
|
||||
open-vsx-release.golang.go
|
||||
open-vsx-release.grafana.vscode-jsonnet
|
||||
open-vsx-release.hashicorp.terraform
|
||||
open-vsx-release.jnoortheen.nix-ide
|
||||
open-vsx-release.mads-hartmann.bash-ide-vscode
|
||||
open-vsx-release.ms-kubernetes-tools.vscode-kubernetes-tools
|
||||
open-vsx-release.pkief.material-icon-theme
|
||||
# open-vsx-release.tabbyml.vscode-tabby
|
||||
vscode-marketplace.tsandall.opa
|
||||
open-vsx-release.vscodevim.vim
|
||||
];
|
||||
|
||||
userSettings = {
|
||||
"workbench.colorTheme" = "Nord";
|
||||
"workbench.iconTheme" = "material-icon-theme";
|
||||
"asciidoc.preview.fontSize" = 16;
|
||||
"markdown.preview.fontSize" = 16;
|
||||
"terminal.integrated.fontFamily" = "'IosevkaTerm Nerd Font', Iosevka, monospace";
|
||||
"terminal.integrated.fontSize" = 16;
|
||||
"chat.editor.fontSize" = 16;
|
||||
"debug.console.fontSize" = 16;
|
||||
"scm.inputFontSize" = 16;
|
||||
"editor.fontSize" = 16;
|
||||
"editor.fontFamily" = "Iosevka, Menlo, Monaco, 'Courier New', monospace";
|
||||
"telemetry.telemetryLevel" = "off";
|
||||
"terraform.codelens.referenceCount" = true;
|
||||
"nix.enableLanguageServer" = true;
|
||||
"nix.serverPath" = "nil";
|
||||
"bracket-pair-colorizer-2.showHorizontalScopeLine" = false;
|
||||
"bracket-pair-colorizer-2.forceUniqueOpeningColor" = true;
|
||||
"bracket-pair-colorizer-2.colors" = [ "#d08770" "#ebcb8b" "#a3be8c" "#88c0d0" "#81a1c1" "#b48ead" ];
|
||||
"bracket-pair-colorizer-2.unmatchedScopeColor" = "#bf616a";
|
||||
"redhat.telemetry.enabled" = false;
|
||||
"yaml.format.printWidth" = 120;
|
||||
"jsonnet.languageServer.enableAutoUpdate" = false;
|
||||
|
||||
# To start tabby local API service: `tabby serve --port 10069 --device metal --model TabbyML/StarCoder-3B`
|
||||
"tabby.api.endpoint" = "http://127.0.0.1:10069";
|
||||
"tabby.inlineCompletion.triggerMode" = "manual";
|
||||
"tabby.usage.anonymousUsageTracking" = true; # this settings actually disables telemetry (pretty weird naming)
|
||||
};
|
||||
};
|
||||
zoxide.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,68 +0,0 @@
|
|||
{ inputs, config, options, lib, pkgs, ... }: {
|
||||
options.personal.user =
|
||||
let
|
||||
inherit (lib) types;
|
||||
in
|
||||
with lib; {
|
||||
packages = mkOption {
|
||||
type = with types; listOf package;
|
||||
default = [ ];
|
||||
description = "Mirror of users.users.<name>.packages and home.packages";
|
||||
};
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
default = "follie";
|
||||
description = "Username of the configured user";
|
||||
};
|
||||
description = mkOption {
|
||||
type = types.str;
|
||||
default = "Hoang Nguyen";
|
||||
description = "The full name of the configured user";
|
||||
};
|
||||
shell = mkOption {
|
||||
type = types.enum [ "zsh" "fish" ];
|
||||
default = "fish";
|
||||
description = "The name of user's login shell";
|
||||
};
|
||||
email = mkOption {
|
||||
type = types.str;
|
||||
default = "folliekazetani@protonmail.com";
|
||||
description = "Email address of the configured user";
|
||||
};
|
||||
gpgPubKey = mkOption {
|
||||
type = types.str;
|
||||
default = "B0567C20730E9B11";
|
||||
};
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
inherit (config.personal) user;
|
||||
in
|
||||
{
|
||||
users.users.${config.personal.user.name} = {
|
||||
inherit (config.personal.user) name description;
|
||||
|
||||
shell = pkgs.${user.shell};
|
||||
packages = lib.mkAliasDefinitions options.personal.user.packages;
|
||||
};
|
||||
|
||||
# I don't use GNU's info
|
||||
documentation.info.enable = false;
|
||||
|
||||
programs.${user.shell}.enable = true;
|
||||
environment.shells = [ pkgs.${user.shell} ];
|
||||
|
||||
# Just expose everything possible so shell completion works
|
||||
environment.pathsToLink = [
|
||||
"/share/fish"
|
||||
"/share/zsh"
|
||||
"/share/bash-completion"
|
||||
];
|
||||
|
||||
fonts.fontDir.enable = true;
|
||||
|
||||
nix = import ./nix-conf.nix { inherit inputs lib pkgs; };
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
};
|
||||
}
|
|
@ -1,47 +0,0 @@
|
|||
{ inputs, lib, ... }:
|
||||
let
|
||||
registryInputs =
|
||||
lib.mapAttrs (_: val: { flake = val; })
|
||||
(lib.filterAttrs (name: _: name != "self") inputs);
|
||||
in
|
||||
{
|
||||
nixPath = [
|
||||
"nixpkgs=${inputs.nixpkgs}"
|
||||
"/nix/var/nix/profiles/per-user/root/channels"
|
||||
];
|
||||
|
||||
registry = registryInputs // { dotfiles.flake = inputs.self; };
|
||||
|
||||
settings = {
|
||||
auto-allocate-uids = false;
|
||||
auto-optimise-store = true;
|
||||
sandbox = true;
|
||||
keep-outputs = true;
|
||||
use-xdg-base-directories = true;
|
||||
http-connections = 0;
|
||||
max-jobs = "auto";
|
||||
trusted-users = [ "root" ];
|
||||
|
||||
# Flakes are used explicitly, so don't imply any URLs
|
||||
flake-registry = builtins.toFile "empty-registry.json" (builtins.toJSON {
|
||||
flakes = [ ];
|
||||
version = 2;
|
||||
});
|
||||
|
||||
experimental-features = [
|
||||
"auto-allocate-uids"
|
||||
"ca-derivations"
|
||||
"flakes"
|
||||
"nix-command"
|
||||
];
|
||||
|
||||
trusted-substituters = [
|
||||
"https://cache.nixos.org"
|
||||
"https://nix-community.cachix.org"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,7 +0,0 @@
|
|||
{ config, lib, ... }:
|
||||
lib.mkIf config.personal.dotfiles.amethyst.enable
|
||||
{
|
||||
# Allow the app to control the computer in Privacy & Security > Accessibility
|
||||
homebrew.casks = [ "amethyst" ];
|
||||
system.defaults.dock.mru-spaces = false;
|
||||
}
|
|
@ -1,75 +0,0 @@
|
|||
{ inputs, config, lib, myLib, pkgs, ... }: {
|
||||
options.personal.dotfiles =
|
||||
let
|
||||
inherit (lib) types;
|
||||
in
|
||||
with lib; {
|
||||
amethyst.enable = mkEnableOption "amethyst";
|
||||
|
||||
bat.enable = mkEnableOption "bat";
|
||||
|
||||
direnv.enable = mkEnableOption "direnv";
|
||||
|
||||
emacs = {
|
||||
enable = mkEnableOption "emacs";
|
||||
defaultEditor = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Whether to set Emacs client as the default EDITOR";
|
||||
};
|
||||
};
|
||||
|
||||
fzf.enable = mkEnableOption "fzf";
|
||||
|
||||
gh.enable = mkEnableOption "gh";
|
||||
|
||||
git.enable = mkEnableOption "git";
|
||||
|
||||
gpg = {
|
||||
enable = mkEnableOption "gpg";
|
||||
pinentryFlavor = mkOption {
|
||||
type = types.nullOr (types.enum pkgs.pinentry.flavors);
|
||||
default = "qt";
|
||||
description = "The pinentry interface to use";
|
||||
};
|
||||
};
|
||||
|
||||
k9s.enable = mkEnableOption "k9s";
|
||||
|
||||
lsd.enable = mkEnableOption "lsd";
|
||||
|
||||
neovim = {
|
||||
enable = mkEnableOption "neovim";
|
||||
defaultEditor = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Whether to set Neovim as the default EDITOR";
|
||||
};
|
||||
};
|
||||
|
||||
pnpm.enable = mkEnableOption "pnpm";
|
||||
|
||||
ripgrep.enable = mkEnableOption "ripgrep";
|
||||
|
||||
starship.enable = mkEnableOption "starship";
|
||||
|
||||
vscode.enable = mkEnableOption "vscode";
|
||||
|
||||
zoxide.enable = mkEnableOption "zoxide";
|
||||
};
|
||||
|
||||
config.home-manager = {
|
||||
verbose = true;
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
extraSpecialArgs = { inherit inputs myLib; };
|
||||
backupFileExtension = "old";
|
||||
|
||||
sharedModules = with inputs; [
|
||||
nix-index-database.hmModules.nix-index
|
||||
sops-nix.homeManagerModules.sops
|
||||
];
|
||||
|
||||
users.${config.personal.user.name} = import ./home.nix;
|
||||
};
|
||||
}
|
|
@ -1,18 +0,0 @@
|
|||
{ osConfig, myLib, ... }: {
|
||||
imports = myLib.listModuleDirsRecursive ./.;
|
||||
|
||||
config =
|
||||
let
|
||||
inherit (osConfig.personal.user) name;
|
||||
in
|
||||
{
|
||||
home = {
|
||||
stateVersion = "23.11";
|
||||
|
||||
username = name;
|
||||
homeDirectory = osConfig.users.users.${name}.home;
|
||||
};
|
||||
|
||||
programs.home-manager.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,64 +0,0 @@
|
|||
# NOTE: don't install extensions via `programs.vscode.extensions`, since the packages from Nix repo might be outdated
|
||||
# List of extensions to install:
|
||||
# - arcticicestudio.nord-visual-studio-code
|
||||
# - asciidoctor.asciidoctor-vscode
|
||||
# - brody715.vscode-cuelang
|
||||
# - coenraads.bracket-pair-colorizer-2
|
||||
# - editorconfig.editorconfig
|
||||
# - golang.go
|
||||
# - grafana.vscode-jsonnet
|
||||
# - hashicorp.hcl
|
||||
# - hashicorp.terraform
|
||||
# - jnoortheen.nix-ide
|
||||
# - mads-hartmann.bash-ide-vscode
|
||||
# - ms-kubernetes-tools.vscode-kubernetes-tools
|
||||
# - pkief.material-icon-theme
|
||||
# - tabbyml.vscode-tabby
|
||||
# - tsandall.opa
|
||||
# - vscodevim.vim
|
||||
|
||||
{ osConfig, lib, pkgs, ... }: {
|
||||
config = lib.mkIf osConfig.personal.dotfiles.vscode.enable {
|
||||
programs.vscode = {
|
||||
enable = true;
|
||||
package = pkgs.vscodium;
|
||||
enableUpdateCheck = false;
|
||||
enableExtensionUpdateCheck = false;
|
||||
userSettings = {
|
||||
"workbench.colorTheme" = "Nord";
|
||||
"workbench.iconTheme" = "material-icon-theme";
|
||||
"asciidoc.preview.fontSize" = 16;
|
||||
"markdown.preview.fontSize" = 16;
|
||||
"terminal.integrated.fontFamily" = "'IosevkaTerm Nerd Font', Iosevka, monospace";
|
||||
"terminal.integrated.fontSize" = 16;
|
||||
"chat.editor.fontSize" = 16;
|
||||
"debug.console.fontSize" = 16;
|
||||
"scm.inputFontSize" = 16;
|
||||
"editor.fontSize" = 16;
|
||||
"editor.fontFamily" = "Iosevka, Menlo, Monaco, 'Courier New', monospace";
|
||||
"telemetry.telemetryLevel" = "off";
|
||||
"terraform.codelens.referenceCount" = true;
|
||||
"nix.enableLanguageServer" = true;
|
||||
"nix.serverPath" = "nil";
|
||||
"bracket-pair-colorizer-2.showHorizontalScopeLine" = false;
|
||||
"bracket-pair-colorizer-2.forceUniqueOpeningColor" = true;
|
||||
"bracket-pair-colorizer-2.colors" = [ "#d08770" "#ebcb8b" "#a3be8c" "#88c0d0" "#81a1c1" "#b48ead" ];
|
||||
"bracket-pair-colorizer-2.unmatchedScopeColor" = "#bf616a";
|
||||
"redhat.telemetry.enabled" = false;
|
||||
"yaml.format.printWidth" = 120;
|
||||
"jsonnet.languageServer.enableAutoUpdate" = false;
|
||||
|
||||
# To start tabby local API service: `tabby serve --port 10069 --device metal --model TabbyML/StarCoder-3B`
|
||||
"tabby.api.endpoint" = "http://127.0.0.1:10069";
|
||||
"tabby.inlineCompletion.triggerMode" = "manual";
|
||||
"tabby.usage.anonymousUsageTracking" = true; # this settings actually disables telemetry (pretty weird naming)
|
||||
};
|
||||
};
|
||||
|
||||
home.activation.enableVscodeKeyRepeating = lib.mkIf pkgs.stdenv.isDarwin ''
|
||||
/usr/bin/defaults write com.vscodium ApplePressAndHoldEnabled -bool false
|
||||
/usr/bin/defaults write com.microsoft.VSCode ApplePressAndHoldEnabled -bool false
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
|
@ -1,24 +0,0 @@
|
|||
{ config, ... }:
|
||||
let
|
||||
username = config.personal.user.name;
|
||||
in
|
||||
{
|
||||
config = {
|
||||
users.users.${username} = {
|
||||
home = "/home/${username}";
|
||||
group = "users";
|
||||
isNormalUser = true;
|
||||
};
|
||||
|
||||
documentation.man.generateCaches = true;
|
||||
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
options = "--delete-older-than 7d";
|
||||
dates = "weekly";
|
||||
persistent = true;
|
||||
};
|
||||
|
||||
nix.nixPath = [ "nixos-config=/etc/nixos/configuration.nix" ];
|
||||
};
|
||||
}
|
78
nixos/common.nix
Normal file
78
nixos/common.nix
Normal file
|
@ -0,0 +1,78 @@
|
|||
# INFO: this module is also sourced by Darwin hosts
|
||||
{ inputs, lib, ... }:
|
||||
let
|
||||
registryInputs =
|
||||
lib.mapAttrs (_: val: { flake = val; })
|
||||
(lib.filterAttrs (name: value: name != "self" && value.flake) inputs);
|
||||
in
|
||||
{
|
||||
# I don't use GNU's info
|
||||
documentation.info.enable = false;
|
||||
|
||||
# Just expose everything possible so shell completion works
|
||||
environment.pathsToLink = [
|
||||
"/share/fish"
|
||||
"/share/zsh"
|
||||
"/share/bash-completion"
|
||||
];
|
||||
|
||||
fonts.fontDir.enable = true;
|
||||
|
||||
nix.nixPath = [
|
||||
"nixpkgs=${inputs.nixpkgs}"
|
||||
"/nix/var/nix/profiles/per-user/root/channels"
|
||||
];
|
||||
|
||||
nix.registry = registryInputs // { dotfiles.flake = inputs.self; };
|
||||
|
||||
nix.settings = {
|
||||
auto-allocate-uids = true;
|
||||
auto-optimise-store = true;
|
||||
sandbox = true;
|
||||
keep-outputs = true;
|
||||
use-xdg-base-directories = true;
|
||||
http-connections = 0;
|
||||
max-jobs = "auto";
|
||||
trusted-users = [ "root" ];
|
||||
|
||||
# Fallback quickly if substituters are not available.
|
||||
connect-timeout = 5;
|
||||
|
||||
# Avoid copying unnecessary stuff over SSH
|
||||
builders-use-substitutes = true;
|
||||
|
||||
# Avoid disk full issues
|
||||
max-free = 3000 * 1024 * 1024;
|
||||
min-free = 512 * 1024 * 1024;
|
||||
|
||||
# The default at 10 is rarely enough.
|
||||
log-lines = 25;
|
||||
|
||||
# Flakes are set explicitly via nix.registry, so don't imply any URLs here
|
||||
flake-registry = builtins.toFile "empty-registry.json" (builtins.toJSON {
|
||||
flakes = [ ];
|
||||
version = 2;
|
||||
});
|
||||
|
||||
experimental-features = [
|
||||
"auto-allocate-uids"
|
||||
"ca-derivations"
|
||||
"flakes"
|
||||
"nix-command"
|
||||
];
|
||||
|
||||
trusted-substituters = [
|
||||
"https://cache.nixos.org"
|
||||
"https://nix-community.cachix.org"
|
||||
# "https://numtide.cachix.org"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
# "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
nixpkgs.overlays = [ inputs.vscode-extensions.overlays.default ];
|
||||
}
|
25
nixos/default.nix
Normal file
25
nixos/default.nix
Normal file
|
@ -0,0 +1,25 @@
|
|||
{ inputs, ... }: {
|
||||
imports = with inputs; [
|
||||
disko.nixosModules.disko
|
||||
home-manager.nixosModules.home-manager
|
||||
impermanence.nixosModules.impermanence
|
||||
sops-nix.nixosModules.sops
|
||||
] ++ (self.lib.listModules ./.);
|
||||
|
||||
config = {
|
||||
documentation.man.generateCaches = true;
|
||||
|
||||
# cgroups isn't available on MacOS
|
||||
nix.use-cgroups = true;
|
||||
nix.settings.experimental-features = [ "cgroups" ];
|
||||
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
options = "--delete-older-than 7d";
|
||||
dates = "weekly";
|
||||
persistent = true;
|
||||
};
|
||||
|
||||
nix.nixPath = [ "nixos-config=/etc/nixos/configuration.nix" ];
|
||||
};
|
||||
}
|
27
secrets.json
Normal file
27
secrets.json
Normal file
|
@ -0,0 +1,27 @@
|
|||
{
|
||||
"home-manager": {
|
||||
"gallery-dl": {
|
||||
"pixiv_refresh_token": "ENC[AES256_GCM,data:Th15zT4X079p/SDHGIuMISyRndgx0mmhBLKOSG/LIbY0eSqhGHV4egSoCg==,iv:17kRRV7mYpelaa2DALnn6vpfUHZz1/mSayr31i8sJAE=,tag:JhFBJhU9EreRUpOrCkADDw==,type:str]"
|
||||
}
|
||||
},
|
||||
"hosts": {
|
||||
"artoria": {}
|
||||
},
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1qjdsw949yvhlkttldda5ar4t0mma9vwey8gal425qckh67h7taws96vsey",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1WEhYenJXeUJZWHhoZ2x6\nblBqR1VwM2JieFExMkpGYm5BTm55RjI1QW1BCjJ2bVVrQUhrVUJIWGVnM0ZLWkRK\nZk56L2Q4Nk5tQWswQ3B2cHVDeVIzZWsKLS0tIFFLbW5vY1hNaENjKzVFMmViOC9Q\nV0FyQlNlWUw2QThjK0ZOdWpadER3eUUK6b2u46sgIq3wkTgwKN0iZCR2TaFeJF7X\nbkyMjhTvGFOzh/KSMQDFoZMGaP/Tna04PLvXIYj3HOMnU3q3VV6IjQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2024-01-25T16:35:08Z",
|
||||
"mac": "ENC[AES256_GCM,data:XAtK4hHr5IMg1Mbo/MUf9wBBocbDmMv0iN9+R5rkRw/6D2vUo9GtTe6YNkJuDVeDIQO5z2nwkbMob0rDa7za4eDv4QckuD2nbIE1WLBP+Fn9lpRlluFuZBks2SxWmwk36je1b6cw0lvmjqi/6uaKtkGJ8nTT9K4JdZNxirsA+mg=,iv:vPh6bydN2yO7qLHqDVwOmWdkZvTEaDf87ErQZEwbQWk=,tag:ibPyyVa0iWiQx+cHZlL4XA==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.8.1"
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue