From 46c43e91d7feecbeb7aabe8b1a88777c96dd239d Mon Sep 17 00:00:00 2001 From: Ludovico Piero Date: Wed, 8 Feb 2023 06:41:32 +1000 Subject: [PATCH] init digga --- .editorconfig | 32 ++ .envrc | 2 + .gitignore | 5 + COPYING | 18 ++ README.md | 11 + default.nix | 35 +++ flake.lock | 470 ++++++++++++++++++++++++++++++ flake.nix | 223 ++++++++++++++ hosts/darwin/Mac.nix | 12 + hosts/nixos/NixOS.nix | 11 + hosts/nixos/bootstrap.nix | 13 + lib/compat/default.nix | 21 ++ lib/compat/nixos/default.nix | 9 + lib/default.nix | 12 + modules/hm-system-defaults.nix | 18 ++ modules/nix-path.nix | 11 + overlays/manix.nix | 5 + overlays/overrides.nix | 32 ++ pkgs/_sources/generated.nix | 18 ++ pkgs/default.nix | 5 + pkgs/sources.toml | 4 + profiles/cachix/default.nix | 13 + profiles/cachix/nix-community.nix | 10 + profiles/cachix/nrdxp.nix | 10 + profiles/core/common.nix | 103 +++++++ profiles/core/darwin.nix | 63 ++++ profiles/core/nixos.nix | 83 ++++++ profiles/core/starship.toml | 95 ++++++ secrets/secrets.nix | 8 + shell.nix | 1 + shell/default.nix | 10 + shell/devos.nix | 55 ++++ shell/hooks/default.nix | 6 + shell/hooks/pre-commit.sh | 28 ++ treefmt.toml | 22 ++ users/darwin/default.nix | 7 + users/modules/.flake-keep | 0 users/nixos/default.nix | 10 + users/profiles/direnv/default.nix | 8 + users/profiles/git/default.nix | 42 +++ users/root/default.nix | 5 + 41 files changed, 1546 insertions(+) create mode 100644 .editorconfig create mode 100644 .envrc create mode 100644 .gitignore create mode 100644 COPYING create mode 100644 README.md create mode 100644 default.nix create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 hosts/darwin/Mac.nix create mode 100644 hosts/nixos/NixOS.nix create mode 100644 hosts/nixos/bootstrap.nix create mode 100644 lib/compat/default.nix create mode 100644 lib/compat/nixos/default.nix create mode 100644 lib/default.nix create mode 100644 modules/hm-system-defaults.nix create mode 100644 modules/nix-path.nix create mode 100644 overlays/manix.nix create mode 100644 overlays/overrides.nix create mode 100644 pkgs/_sources/generated.nix create mode 100644 pkgs/default.nix create mode 100644 pkgs/sources.toml create mode 100644 profiles/cachix/default.nix create mode 100644 profiles/cachix/nix-community.nix create mode 100644 profiles/cachix/nrdxp.nix create mode 100644 profiles/core/common.nix create mode 100644 profiles/core/darwin.nix create mode 100644 profiles/core/nixos.nix create mode 100644 profiles/core/starship.toml create mode 100644 secrets/secrets.nix create mode 100644 shell.nix create mode 100644 shell/default.nix create mode 100644 shell/devos.nix create mode 100644 shell/hooks/default.nix create mode 100644 shell/hooks/pre-commit.sh create mode 100644 treefmt.toml create mode 100644 users/darwin/default.nix create mode 100644 users/modules/.flake-keep create mode 100644 users/nixos/default.nix create mode 100644 users/profiles/direnv/default.nix create mode 100644 users/profiles/git/default.nix create mode 100644 users/root/default.nix diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..96e5188 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,32 @@ +# Editor configuration, see http://editorconfig.org +root = true + +[*] +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true +charset = utf-8 +indent_style = space +indent_size = 2 + +# Ignore diffs/patches +[*.{diff,patch}] +end_of_line = unset +insert_final_newline = unset +trim_trailing_whitespace = unset +indent_size = unset + +[{.*,secrets}/**] +end_of_line = unset +insert_final_newline = unset +trim_trailing_whitespace = unset +charset = unset +indent_style = unset +indent_size = unset + +[*.py] +indent_size = 4 + +[*.md] +max_line_length = off +trim_trailing_whitespace = false diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..a6d5743 --- /dev/null +++ b/.envrc @@ -0,0 +1,2 @@ +watch_file shell/* flake.nix +use flake || use nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e8f2789 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +result +.direnv +doc/index.html + +pkgs/_sources/.shake* diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..c9b44cb --- /dev/null +++ b/COPYING @@ -0,0 +1,18 @@ +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..e8160b3 --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +# Nix Configuration + +This repository is home to the nix code that builds my systems. + +## Why Nix? + +Nix allows for easy to manage, collaborative, reproducible deployments. This means that once something is setup and configured once, it works forever. If someone else shares their configuration, anyone can make use of it. + +This flake is configured with the use of [digga][digga]. + +[digga]: https://github.com/divnix/digga diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..3d5b5f9 --- /dev/null +++ b/default.nix @@ -0,0 +1,35 @@ +let + inherit (default.inputs.nixos) lib; + + default = (import ./lib/compat).defaultNix; + + ciSystems = [ + "aarch64-linux" + "x86_64-linux" + ]; + + filterSystems = + lib.filterAttrs + (system: _: lib.elem system ciSystems); + + recurseIntoAttrsRecursive = lib.mapAttrs ( + _: v: + if lib.isAttrs v + then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v) + else v + ); + + systemOutputs = + lib.filterAttrs + ( + name: set: + lib.isAttrs set + && lib.any + (system: set ? ${system} && name != "legacyPackages") + ciSystems + ) + default.outputs; + + ciDrvs = lib.mapAttrs (_: system: filterSystems system) systemOutputs; +in + (recurseIntoAttrsRecursive ciDrvs) // {shell = import ./shell.nix;} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..6ab6496 --- /dev/null +++ b/flake.lock @@ -0,0 +1,470 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "nixpkgs": [ + "nixos" + ] + }, + "locked": { + "lastModified": 1665870395, + "narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=", + "owner": "ryantm", + "repo": "agenix", + "rev": "a630400067c6d03c9b3e0455347dc8559db14288", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs-darwin-stable" + ] + }, + "locked": { + "lastModified": 1672753581, + "narHash": "sha256-EIi2tqHoje5cE9WqH23ZghW28NOOWSUM7tcxKE1U9KI=", + "owner": "LnL7", + "repo": "nix-darwin", + "rev": "3db1d870b04b13411f56ab1a50cd32b001f56433", + "type": "github" + }, + "original": { + "owner": "LnL7", + "repo": "nix-darwin", + "type": "github" + } + }, + "darwin_2": { + "inputs": { + "nixpkgs": [ + "digga", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1651916036, + "narHash": "sha256-UuD9keUGm4IuVEV6wdSYbuRm7CwfXE63hVkzKDjVsh4=", + "owner": "LnL7", + "repo": "nix-darwin", + "rev": "2f2bdf658d2b79bada78dc914af99c53cad37cba", + "type": "github" + }, + "original": { + "owner": "LnL7", + "repo": "nix-darwin", + "type": "github" + } + }, + "deploy": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": [ + "nixos" + ], + "utils": "utils" + }, + "locked": { + "lastModified": 1672327199, + "narHash": "sha256-pFlngSHXKBhAmbaKZ4FYtu57LLunG+vWdL7a5vw1RvQ=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "a5619f5660a00f58c2b7c16d89058e92327ac9b8", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "devshell": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "digga", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1655976588, + "narHash": "sha256-VreHyH6ITkf/1EX/8h15UqhddJnUleb0HgbC3gMkAEQ=", + "owner": "numtide", + "repo": "devshell", + "rev": "899ca4629020592a13a46783587f6e674179d1db", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "digga": { + "inputs": { + "darwin": "darwin_2", + "deploy": [ + "deploy" + ], + "devshell": "devshell", + "flake-compat": "flake-compat_2", + "flake-utils-plus": "flake-utils-plus", + "home-manager": [ + "home" + ], + "nixlib": [ + "nixos" + ], + "nixpkgs": [ + "nixos" + ], + "nixpkgs-unstable": "nixpkgs-unstable" + }, + "locked": { + "lastModified": 1668250948, + "narHash": "sha256-qqyzJQHgb/Bgq3Zxwa0gmaDEpkuyVhvynnq6a0akMWw=", + "owner": "divnix", + "repo": "digga", + "rev": "54ede8e591d288c176a09d6fcf4b123896c0bf0f", + "type": "github" + }, + "original": { + "owner": "divnix", + "repo": "digga", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1642700792, + "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils-plus": { + "inputs": { + "flake-utils": "flake-utils_2" + }, + "locked": { + "lastModified": 1654029967, + "narHash": "sha256-my3GQ3mQIw/1f6GPV1IhUZrcYQSWh0YJAMPNBjhXJDw=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "6271cf3842ff9c8a9af9e3508c547f86bc77d199", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "ref": "refs/pull/120/head", + "repo": "flake-utils-plus", + "type": "github" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "locked": { + "lastModified": 1667077288, + "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home": { + "inputs": { + "nixpkgs": [ + "nixos" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1672244468, + "narHash": "sha256-xaZb8AZqoXRCSqPusCk4ouf+fUNP8UJdafmMTF1Ltlw=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "89a8ba0b5b43b3350ff2e3ef37b66736b2ef8706", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-22.11", + "repo": "home-manager", + "type": "github" + } + }, + "latest": { + "locked": { + "lastModified": 1672791794, + "narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixos": { + "locked": { + "lastModified": 1672844754, + "narHash": "sha256-o26WabuHABQsaHxxmIrR3AQRqDFUEdLckLXkVCpIjSU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e9ade2c8240e00a4784fac282a502efff2786bdc", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1672644464, + "narHash": "sha256-RYlvRMcQNT7FDoDkViijQBHg9g+blsB+U6AvL/gAsPI=", + "owner": "nixos", + "repo": "nixos-hardware", + "rev": "ca29e25c39b8e117d4d76a81f1e229824a9b3a26", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1671525405, + "narHash": "sha256-MEgNxm/oRt5w4ycMENewfZQKOak0ixmjVPfXM96N1FA=", + "path": "/nix/store/d2flirhsd337gm8j8rxlqklslryx6g3q-source", + "rev": "cbe419ed4c8f98bd82d169c321d339ea30904f1f", + "type": "path" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs-darwin-stable": { + "locked": { + "lastModified": 1672907623, + "narHash": "sha256-hI1wQVjYDdnEX0DxFbxNqUgkg/L3BAUb6Ocy5DJS0Yw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c013ff8cc1e5186fd459f95e757d572700190fec", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-22.11-darwin", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1667629849, + "narHash": "sha256-P+v+nDOFWicM4wziFK9S/ajF2lc0N2Rg9p6Y35uMoZI=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "3bacde6273b09a21a8ccfba15586fb165078fb62", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1672971053, + "narHash": "sha256-d2w/OvdsBkg7jf9n6diLASirdY0XstSqpUXPtWLfKrM=", + "owner": "nix-community", + "repo": "NUR", + "rev": "37aa8904d0a5687eb3eca8a72737e1e3e75113b3", + "type": "github" + }, + "original": { + "id": "nur", + "type": "indirect" + } + }, + "nvfetcher": { + "inputs": { + "flake-compat": "flake-compat_4", + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixos" + ] + }, + "locked": { + "lastModified": 1667620329, + "narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=", + "owner": "berberman", + "repo": "nvfetcher", + "rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116", + "type": "github" + }, + "original": { + "owner": "berberman", + "repo": "nvfetcher", + "type": "github" + } + }, + "root": { + "inputs": { + "agenix": "agenix", + "darwin": "darwin", + "deploy": "deploy", + "digga": "digga", + "flake-compat": "flake-compat_3", + "home": "home", + "latest": "latest", + "nixos": "nixos", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs", + "nixpkgs-darwin-stable": "nixpkgs-darwin-stable", + "nur": "nur", + "nvfetcher": "nvfetcher" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..f796a2f --- /dev/null +++ b/flake.nix @@ -0,0 +1,223 @@ +{ + description = "A highly structured configuration database."; + + nixConfig = { + extra-experimental-features = "nix-command flakes"; + extra-substituters = [ + "https://nrdxp.cachix.org" + "https://nix-community.cachix.org" + ]; + extra-trusted-public-keys = [ + "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; + + inputs = { + flake-compat = { + url = "github:edolstra/flake-compat"; + flake = false; + }; + + # Track channels with commits tested and built by hydra + nixos.url = "github:nixos/nixpkgs/nixos-22.11"; + latest.url = "github:nixos/nixpkgs/nixos-unstable"; + # For darwin hosts: it can be helpful to track this darwin-specific stable + # channel equivalent to the `nixos-*` channels for NixOS. For one, these + # channels are more likely to provide cached binaries for darwin systems. + # But, perhaps even more usefully, it provides a place for adding + # darwin-specific overlays and packages which could otherwise cause build + # failures on Linux systems. + nixpkgs-darwin-stable.url = "github:NixOS/nixpkgs/nixpkgs-22.11-darwin"; + + digga.url = "github:divnix/digga"; + digga.inputs.nixpkgs.follows = "nixos"; + digga.inputs.nixlib.follows = "nixos"; + digga.inputs.home-manager.follows = "home"; + digga.inputs.deploy.follows = "deploy"; + + home.url = "github:nix-community/home-manager/release-22.11"; + home.inputs.nixpkgs.follows = "nixos"; + + darwin.url = "github:LnL7/nix-darwin"; + darwin.inputs.nixpkgs.follows = "nixpkgs-darwin-stable"; + + deploy.url = "github:serokell/deploy-rs"; + deploy.inputs.nixpkgs.follows = "nixos"; + + agenix.url = "github:ryantm/agenix"; + agenix.inputs.nixpkgs.follows = "nixos"; + + nvfetcher.url = "github:berberman/nvfetcher"; + nvfetcher.inputs.nixpkgs.follows = "nixos"; + + nixos-hardware.url = "github:nixos/nixos-hardware"; + }; + + outputs = { + self, + digga, + nixos, + home, + nixos-hardware, + nur, + agenix, + nvfetcher, + deploy, + nixpkgs, + ... + } @ inputs: + digga.lib.mkFlake + { + inherit self inputs; + + channelsConfig = {allowUnfree = true;}; + + channels = { + nixos = { + imports = [(digga.lib.importOverlays ./overlays)]; + overlays = []; + }; + nixpkgs-darwin-stable = { + imports = [(digga.lib.importOverlays ./overlays)]; + overlays = [ + # TODO: restructure overlays directory for per-channel overrides + # `importOverlays` will import everything under the path given + (channels: final: prev: + { + inherit (channels.latest) mas; + } + // prev.lib.optionalAttrs true {}) + ]; + }; + latest = {}; + }; + + lib = import ./lib {lib = digga.lib // nixos.lib;}; + + sharedOverlays = [ + (final: prev: { + __dontExport = true; + lib = prev.lib.extend (lfinal: lprev: { + our = self.lib; + }); + }) + + nur.overlay + agenix.overlay + nvfetcher.overlay + + (import ./pkgs) + ]; + + nixos = { + hostDefaults = { + system = "x86_64-linux"; + channelName = "nixos"; + imports = [(digga.lib.importExportableModules ./modules)]; + modules = [ + {lib.our = self.lib;} + digga.nixosModules.bootstrapIso + digga.nixosModules.nixConfig + home.nixosModules.home-manager + agenix.nixosModules.age + ]; + }; + + imports = [(digga.lib.importHosts ./hosts/nixos)]; + hosts = { + # set host-specific properties here + NixOS = {}; + }; + importables = rec { + profiles = + digga.lib.rakeLeaves ./profiles + // { + users = digga.lib.rakeLeaves ./users; + }; + suites = with profiles; rec { + base = [core.nixos users.nixos users.root]; + }; + }; + }; + + darwin = { + hostDefaults = { + system = "x86_64-darwin"; + channelName = "nixpkgs-darwin-stable"; + imports = [(digga.lib.importExportableModules ./modules)]; + modules = [ + {lib.our = self.lib;} + digga.darwinModules.nixConfig + home.darwinModules.home-manager + agenix.nixosModules.age + ]; + }; + + imports = [(digga.lib.importHosts ./hosts/darwin)]; + hosts = { + # set host-specific properties here + Mac = {}; + }; + importables = rec { + profiles = + digga.lib.rakeLeaves ./profiles + // { + users = digga.lib.rakeLeaves ./users; + }; + suites = with profiles; rec { + base = [core.darwin users.darwin]; + }; + }; + }; + + home = { + imports = [(digga.lib.importExportableModules ./users/modules)]; + modules = []; + importables = rec { + profiles = digga.lib.rakeLeaves ./users/profiles; + suites = with profiles; rec { + base = [direnv git]; + }; + }; + users = { + # TODO: does this naming convention still make sense with darwin support? + # + # - it doesn't make sense to make a 'nixos' user available on + # darwin, and vice versa + # + # - the 'nixos' user might have special significance as the default + # user for fresh systems + # + # - perhaps a system-agnostic home-manager user is more appropriate? + # something like 'primaryuser'? + # + # all that said, these only exist within the `hmUsers` attrset, so + # it could just be left to the developer to determine what's + # appropriate. after all, configuring these hm users is one of the + # first steps in customizing the template. + nixos = {suites, ...}: { + imports = suites.base; + + home.stateVersion = "22.11"; + }; + darwin = {suites, ...}: { + imports = suites.base; + + home.stateVersion = "22.11"; + }; + }; # digga.lib.importers.rakeLeaves ./users/hm; + }; + + devshell = ./shell; + + # TODO: similar to the above note: does it make sense to make all of + # these users available on all systems? + homeConfigurations = + digga.lib.mergeAny + (digga.lib.mkHomeConfigurations self.darwinConfigurations) + (digga.lib.mkHomeConfigurations self.nixosConfigurations); + + deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {}; + }; +} diff --git a/hosts/darwin/Mac.nix b/hosts/darwin/Mac.nix new file mode 100644 index 0000000..73aee0b --- /dev/null +++ b/hosts/darwin/Mac.nix @@ -0,0 +1,12 @@ +{ + config, + pkgs, + suites, + ... +}: { + imports = with suites; base; + + # The `mas` package is included here as a test for platform-specific package + # support in Digga. Feel free to remove it in your config. + environment.systemPackages = with pkgs; [mas]; +} diff --git a/hosts/nixos/NixOS.nix b/hosts/nixos/NixOS.nix new file mode 100644 index 0000000..7c1fc35 --- /dev/null +++ b/hosts/nixos/NixOS.nix @@ -0,0 +1,11 @@ +{suites, ...}: { + ### root password is empty by default ### + imports = suites.base; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.networkmanager.enable = true; + + fileSystems."/" = {device = "/dev/disk/by-label/nixos";}; +} diff --git a/hosts/nixos/bootstrap.nix b/hosts/nixos/bootstrap.nix new file mode 100644 index 0000000..f6b8e34 --- /dev/null +++ b/hosts/nixos/bootstrap.nix @@ -0,0 +1,13 @@ +{profiles, ...}: { + imports = [ + # profiles.networking + profiles.core.nixos + profiles.users.root # make sure to configure ssh keys + profiles.users.nixos + ]; + + boot.loader.systemd-boot.enable = true; + + # Required, but will be overridden in the resulting installer ISO. + fileSystems."/" = {device = "/dev/disk/by-label/nixos";}; +} diff --git a/lib/compat/default.nix b/lib/compat/default.nix new file mode 100644 index 0000000..51c427c --- /dev/null +++ b/lib/compat/default.nix @@ -0,0 +1,21 @@ +let + lock = builtins.fromJSON (builtins.readFile (builtins.path { + path = ../../flake.lock; + name = "lockPath"; + })); + flake = + import + ( + fetchTarball { + url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; + sha256 = lock.nodes.flake-compat.locked.narHash; + } + ) + { + src = builtins.path { + path = ../../.; + name = "projectRoot"; + }; + }; +in + flake diff --git a/lib/compat/nixos/default.nix b/lib/compat/nixos/default.nix new file mode 100644 index 0000000..c7040a6 --- /dev/null +++ b/lib/compat/nixos/default.nix @@ -0,0 +1,9 @@ +{...}: let + inherit (default.inputs.nixos) lib; + + host = configs.${hostname} or configs.NixOS; + configs = default.nixosConfigurations; + default = (import ../.).defaultNix; + hostname = lib.fileContents /etc/hostname; +in + host diff --git a/lib/default.nix b/lib/default.nix new file mode 100644 index 0000000..c7ff93f --- /dev/null +++ b/lib/default.nix @@ -0,0 +1,12 @@ +{lib}: +lib.makeExtensible (self: +let + callLibs = file: import file { lib = self; }; +in +rec { + ## Define your own library functions here! + #id = x: x; + ## Or in files, containing functions that take {lib} + #foo = callLibs ./foo.nix; + ## In configs, they can be used under "lib.our" +}) diff --git a/modules/hm-system-defaults.nix b/modules/hm-system-defaults.nix new file mode 100644 index 0000000..86a9e9c --- /dev/null +++ b/modules/hm-system-defaults.nix @@ -0,0 +1,18 @@ +{ + config, + pkgs, + ... +}: { + home-manager.sharedModules = [ + { + home.sessionVariables = { + # environment.sessionVariables is not currently available in nix-darwin + NIX_PATH = + config.environment.sessionVariables.NIX_PATH + or config.environment.variables.NIX_PATH; + }; + xdg.configFile."nix/registry.json".text = + config.environment.etc."nix/registry.json".text; + } + ]; +} diff --git a/modules/nix-path.nix b/modules/nix-path.nix new file mode 100644 index 0000000..5967fd2 --- /dev/null +++ b/modules/nix-path.nix @@ -0,0 +1,11 @@ +{ + channel, + inputs, + ... +}: { + nix.nixPath = [ + "nixpkgs=${channel.input}" + "nixos-config=${../lib/compat/nixos}" + "home-manager=${inputs.home}" + ]; +} diff --git a/overlays/manix.nix b/overlays/manix.nix new file mode 100644 index 0000000..c98724b --- /dev/null +++ b/overlays/manix.nix @@ -0,0 +1,5 @@ +final: prev: { + manix = prev.manix.overrideAttrs (o: rec { + inherit (prev.sources.manix) pname version src; + }); +} diff --git a/overlays/overrides.nix b/overlays/overrides.nix new file mode 100644 index 0000000..013d4aa --- /dev/null +++ b/overlays/overrides.nix @@ -0,0 +1,32 @@ +channels: final: prev: { + __dontExport = true; # overrides clutter up actual creations + + inherit + (channels.latest) + cachix + dhall + discord + element-desktop + rage + nix-index + qutebrowser + alejandra + signal-desktop + starship + deploy-rs + ; + + haskellPackages = + prev.haskellPackages.override + (old: { + overrides = prev.lib.composeExtensions (old.overrides or (_: _: {})) (hfinal: hprev: let + version = prev.lib.replaceChars ["."] [""] prev.ghc.version; + in { + # same for haskell packages, matching ghc versions + inherit + (channels.latest.haskell.packages."ghc${version}") + haskell-language-server + ; + }); + }); +} diff --git a/pkgs/_sources/generated.nix b/pkgs/_sources/generated.nix new file mode 100644 index 0000000..9c81f22 --- /dev/null +++ b/pkgs/_sources/generated.nix @@ -0,0 +1,18 @@ +# This file was generated by nvfetcher, please do not modify it manually. +{ + fetchgit, + fetchurl, +}: { + manix = { + pname = "manix"; + version = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4"; + src = fetchgit { + url = "https://github.com/mlvzk/manix"; + rev = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4"; + fetchSubmodules = false; + deepClone = false; + leaveDotGit = false; + sha256 = "1b7xi8c2drbwzfz70czddc4j33s7g1alirv12dwl91hbqxifx8qs"; + }; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix new file mode 100644 index 0000000..1addf90 --- /dev/null +++ b/pkgs/default.nix @@ -0,0 +1,5 @@ +final: prev: { + # keep sources this first + sources = prev.callPackage (import ./_sources/generated.nix) {}; + # then, call packages with `final.callPackage` +} diff --git a/pkgs/sources.toml b/pkgs/sources.toml new file mode 100644 index 0000000..f7af168 --- /dev/null +++ b/pkgs/sources.toml @@ -0,0 +1,4 @@ +# nvfetcher.toml +[manix] +src.git = "https://github.com/mlvzk/manix" +fetch.github = "mlvzk/manix" diff --git a/profiles/cachix/default.nix b/profiles/cachix/default.nix new file mode 100644 index 0000000..636d357 --- /dev/null +++ b/profiles/cachix/default.nix @@ -0,0 +1,13 @@ +{ + pkgs, + lib, + ... +}: let + folder = ./.; + toImport = name: value: folder + ("/" + name); + filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix"; + imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); +in { + inherit imports; + nix.binaryCaches = ["https://cache.nixos.org/"]; +} diff --git a/profiles/cachix/nix-community.nix b/profiles/cachix/nix-community.nix new file mode 100644 index 0000000..7e4be28 --- /dev/null +++ b/profiles/cachix/nix-community.nix @@ -0,0 +1,10 @@ +{ + nix = { + binaryCaches = [ + "https://nix-community.cachix.org" + ]; + binaryCachePublicKeys = [ + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; +} diff --git a/profiles/cachix/nrdxp.nix b/profiles/cachix/nrdxp.nix new file mode 100644 index 0000000..bb3b4a5 --- /dev/null +++ b/profiles/cachix/nrdxp.nix @@ -0,0 +1,10 @@ +{ + nix = { + binaryCaches = [ + "https://nrdxp.cachix.org" + ]; + binaryCachePublicKeys = [ + "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=" + ]; + }; +} diff --git a/profiles/core/common.nix b/profiles/core/common.nix new file mode 100644 index 0000000..efd9af0 --- /dev/null +++ b/profiles/core/common.nix @@ -0,0 +1,103 @@ +{ + self, + config, + lib, + pkgs, + ... +}: let + inherit (lib) fileContents; + inherit (pkgs.stdenv.hostPlatform) isDarwin; +in { + # Sets binary caches which speeds up some builds + imports = [../cachix]; + + environment = { + # Selection of sysadmin tools that can come in handy + systemPackages = with pkgs; [ + binutils + coreutils + curl + direnv + dnsutils + fd + git + bottom + jq + manix + moreutils + nix-index + nmap + ripgrep + skim + tealdeer + whois + ]; + + # Starship is a fast and featureful shell prompt + # starship.toml has sane defaults that can be changed there + shellInit = '' + export STARSHIP_CONFIG=${ + pkgs.writeText "starship.toml" + (fileContents ./starship.toml) + } + ''; + + shellAliases = let + # The `security.sudo.enable` option does not exist on darwin because + # sudo is always available. + ifSudo = lib.mkIf (isDarwin || config.security.sudo.enable); + in { + # quick cd + ".." = "cd .."; + "..." = "cd ../.."; + "...." = "cd ../../.."; + "....." = "cd ../../../.."; + + # git + g = "git"; + + # grep + grep = "rg"; + gi = "grep -i"; + + # internet ip + # TODO: explain this hard-coded IP address + myip = "dig +short myip.opendns.com @208.67.222.222 2>&1"; + + # nix + n = "nix"; + np = "n profile"; + ni = "np install"; + nr = "np remove"; + ns = "n search --no-update-lock-file"; + nf = "n flake"; + nepl = "n repl ''"; + srch = "ns nixos"; + orch = "ns override"; + mn = '' + manix "" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | sk --preview="manix '{}'" | xargs manix + ''; + top = "btm"; + + # sudo + s = ifSudo "sudo -E "; + si = ifSudo "sudo -i"; + se = ifSudo "sudoedit"; + }; + }; + + fonts.fonts = with pkgs; [powerline-fonts dejavu_fonts]; + + nix = { + # Improve nix store disk usage + gc.automatic = true; + + # Generally useful nix option defaults + extraOptions = '' + min-free = 536870912 + keep-outputs = true + keep-derivations = true + fallback = true + ''; + }; +} diff --git a/profiles/core/darwin.nix b/profiles/core/darwin.nix new file mode 100644 index 0000000..9c9e45a --- /dev/null +++ b/profiles/core/darwin.nix @@ -0,0 +1,63 @@ +{ + self, + config, + lib, + pkgs, + ... +}: { + imports = [ + ./common.nix + ]; + + # Recreate /run/current-system symlink after boot + services.activate-system.enable = true; + + services.nix-daemon.enable = true; + users.nix.configureBuildUsers = true; + + environment = { + systemPackages = with pkgs; [ + m-cli + terminal-notifier + ]; + + darwinConfig = "${self}/lib/compat"; + + shellAliases = { + nrb = "sudo darwin-rebuild switch --flake"; + }; + }; + + nix = { + nixPath = [ + # TODO: This entry should be added automatically via FUP's + # `nix.linkInputs` and `nix.generateNixPathFromInputs` options, but + # currently that doesn't work because nix-darwin doesn't export packages, + # which FUP expects. + # + # This entry should be removed once the upstream issues are fixed. + # + # https://github.com/LnL7/nix-darwin/issues/277 + # https://github.com/gytis-ivaskevicius/flake-utils-plus/issues/107 + "darwin=/etc/nix/inputs/darwin" + ]; + + # Prevents impurities in builds + useSandbox = true; + + # Give special Nix privileges. + trustedUsers = ["root" "@wheel" "@admin"]; + }; + + programs.bash = { + # nix-darwin's shell options are very different from those on nixos. there + # is no `promptInit` option, for example. so instead, we throw the prompt + # init line into `interactiveShellInit`. + # + # https://github.com/LnL7/nix-darwin/blob/master/modules/programs/bash/default.nix + interactiveShellInit = '' + eval "$(${pkgs.starship}/bin/starship init bash)" + eval "$(${pkgs.direnv}/bin/direnv hook bash)" + ''; + }; +} diff --git a/profiles/core/nixos.nix b/profiles/core/nixos.nix new file mode 100644 index 0000000..5fb3580 --- /dev/null +++ b/profiles/core/nixos.nix @@ -0,0 +1,83 @@ +{ + config, + lib, + pkgs, + self, + ... +}: { + imports = [ + ./common.nix + ]; + + environment = { + # Selection of sysadmin tools that can come in handy + systemPackages = with pkgs; [ + dosfstools + gptfdisk + iputils + usbutils + utillinux + ]; + + shellAliases = let + ifSudo = lib.mkIf config.security.sudo.enable; + in { + # nix + nrb = ifSudo "sudo nixos-rebuild"; + + # fix nixos-option for flake compat + nixos-option = "nixos-option -I nixpkgs=${self}/lib/compat"; + + # systemd + ctl = "systemctl"; + stl = ifSudo "s systemctl"; + utl = "systemctl --user"; + ut = "systemctl --user start"; + un = "systemctl --user stop"; + up = ifSudo "s systemctl start"; + dn = ifSudo "s systemctl stop"; + jtl = "journalctl"; + }; + }; + + fonts.fontconfig.defaultFonts = { + monospace = ["DejaVu Sans Mono for Powerline"]; + sansSerif = ["DejaVu Sans"]; + }; + + nix = { + settings = { + # Prevent impurities in builds + sandbox = true; + + # Give root user and wheel group special Nix privileges. + trusted-users = ["root" "@wheel"]; + allowed-users = ["@wheel"]; + }; + + # Improve nix store disk usage + settings.auto-optimise-store = true; + optimise.automatic = true; + }; + + programs.bash = { + # Enable starship + promptInit = '' + eval "$(${pkgs.starship}/bin/starship init bash)" + ''; + + # Enable direnv, a tool for managing shell environments + interactiveShellInit = '' + eval "$(${pkgs.direnv}/bin/direnv hook bash)" + ''; + }; + + # For rage encryption, all hosts need a ssh key pair + services.openssh = { + enable = true; + openFirewall = lib.mkDefault false; + }; + + # Service that makes Out of Memory Killer more effective + services.earlyoom.enable = true; +} diff --git a/profiles/core/starship.toml b/profiles/core/starship.toml new file mode 100644 index 0000000..8bf0a9c --- /dev/null +++ b/profiles/core/starship.toml @@ -0,0 +1,95 @@ +[aws] +symbol = " " + +[character] +success_symbol = "[❯](bold purple)" +vicmd_symbol = "[❮](bold purple)" + +[battery] +full_symbol = "" +charging_symbol = "" +discharging_symbol = "" + +[conda] +symbol = " " + +[directory] +style = "cyan" +read_only = " 🔒" + +[docker_context] +symbol = " " + +[elixir] +symbol = " " + +[elm] +symbol = " " + +[git_branch] +format = "[$symbol$branch]($style) " +symbol = " " +style = "bold dimmed white" + +[git_status] +format = '([「$all_status$ahead_behind」]($style) )' +conflicted = "⚠️" +ahead = "⟫${count} " +behind = "⟪${count}" +diverged = "🔀 " +untracked = "📁 " +stashed = "↪ " +modified = "𝚫 " +staged = "✔ " +renamed = "⇆ " +deleted = "✘ " +style = "bold bright-white" + +[golang] +symbol = " " + +[haskell] +symbol = " " + +[hg_branch] +symbol = " " + +[java] +symbol = " " + +[julia] +symbol = " " + +[memory_usage] +symbol = " " +disabled = false + +[nim] +symbol = " " + +[nix_shell] +format = '[$symbol$state]($style) ' +symbol = " " +pure_msg = "λ" +impure_msg = "⎔" + +[nodejs] +symbol = " " + +[package] +symbol = " " + +[php] +symbol = " " + +[python] +symbol = " " + +[ruby] +symbol = " " + +[rust] +symbol = " " + +[status] +disabled = false diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 0000000..641ef20 --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1,8 @@ +let + # set ssh public keys here for your system and user + system = ""; + user = ""; + allKeys = [system user]; +in { + "secret.age".publicKeys = allKeys; +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..575a5d8 --- /dev/null +++ b/shell.nix @@ -0,0 +1 @@ +(import ./lib/compat).shellNix diff --git a/shell/default.nix b/shell/default.nix new file mode 100644 index 0000000..3b1fadc --- /dev/null +++ b/shell/default.nix @@ -0,0 +1,10 @@ +{ + self, + inputs, + ... +}: { + modules = with inputs; []; + exportedModules = [ + ./devos.nix + ]; +} diff --git a/shell/devos.nix b/shell/devos.nix new file mode 100644 index 0000000..b7c2264 --- /dev/null +++ b/shell/devos.nix @@ -0,0 +1,55 @@ +{ + pkgs, + extraModulesPath, + inputs, + lib, + ... +}: let + inherit + (pkgs) + agenix + alejandra + cachix + editorconfig-checker + nixUnstable + nodePackages + shfmt + treefmt + nvfetcher-bin + nixos-generators + ; + + pkgWithCategory = category: package: {inherit package category;}; + devos = pkgWithCategory "devos"; + formatter = pkgWithCategory "linter"; +in { + imports = ["${extraModulesPath}/git/hooks.nix" ./hooks]; + + packages = [ + alejandra + nodePackages.prettier + shfmt + editorconfig-checker + ]; + + commands = + [ + (devos nixUnstable) + (devos agenix) + { + category = "devos"; + name = nvfetcher-bin.pname; + help = nvfetcher-bin.meta.description; + command = "cd $PRJ_ROOT/pkgs; ${nvfetcher-bin}/bin/nvfetcher -c ./sources.toml $@"; + } + + (formatter treefmt) + ] + ++ lib.optionals (!pkgs.stdenv.buildPlatform.isi686) [ + (devos cachix) + ] + ++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [ + (devos nixos-generators) + (devos inputs.deploy.packages.${pkgs.system}.deploy-rs) + ]; +} diff --git a/shell/hooks/default.nix b/shell/hooks/default.nix new file mode 100644 index 0000000..1d60d49 --- /dev/null +++ b/shell/hooks/default.nix @@ -0,0 +1,6 @@ +{ + git.hooks = { + enable = true; + pre-commit.text = builtins.readFile ./pre-commit.sh; + }; +} diff --git a/shell/hooks/pre-commit.sh b/shell/hooks/pre-commit.sh new file mode 100644 index 0000000..4ce4fa1 --- /dev/null +++ b/shell/hooks/pre-commit.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +if git rev-parse --verify HEAD >/dev/null 2>&1; then + against=HEAD +else + # Initial commit: diff against an empty tree object + against=$(${git}/bin/git hash-object -t tree /dev/null) +fi + +diff="git diff-index --name-only --cached $against --diff-filter d" + +all_files=($($diff)) + +# Format staged files. +if ((${#all_files[@]} != 0)); then + treefmt "${all_files[@]}" && + git add "${all_files[@]}" +fi + +# check editorconfig +if ((${#all_files[@]} != 0)); then + if ! editorconfig-checker -- "${all_files[@]}"; then + printf "%b\n" \ + "\nCode is not aligned with .editorconfig" \ + "Review the output and commit your fixes" >&2 + exit 1 + fi +fi diff --git a/treefmt.toml b/treefmt.toml new file mode 100644 index 0000000..c7c1710 --- /dev/null +++ b/treefmt.toml @@ -0,0 +1,22 @@ +[formatter.nix] +command = "alejandra" +includes = ["*.nix"] + +[formatter.prettier] +command = "prettier" +options = ["--write"] +includes = [ + "*.json", + "*.yaml", + "*.md", +] + +[formatter.shell] +command = "shfmt" +options = [ + "-s", + "-w", + "-i", + "2", +] +includes = ["*.sh"] diff --git a/users/darwin/default.nix b/users/darwin/default.nix new file mode 100644 index 0000000..45d18c9 --- /dev/null +++ b/users/darwin/default.nix @@ -0,0 +1,7 @@ +{hmUsers, ...}: { + home-manager.users = {inherit (hmUsers) darwin;}; + + users.users.darwin = { + description = "default"; + }; +} diff --git a/users/modules/.flake-keep b/users/modules/.flake-keep new file mode 100644 index 0000000..e69de29 diff --git a/users/nixos/default.nix b/users/nixos/default.nix new file mode 100644 index 0000000..2b13833 --- /dev/null +++ b/users/nixos/default.nix @@ -0,0 +1,10 @@ +{hmUsers, ...}: { + home-manager.users = {inherit (hmUsers) nixos;}; + + users.users.nixos = { + password = "nixos"; + description = "default"; + isNormalUser = true; + extraGroups = ["wheel"]; + }; +} diff --git a/users/profiles/direnv/default.nix b/users/profiles/direnv/default.nix new file mode 100644 index 0000000..67ff211 --- /dev/null +++ b/users/profiles/direnv/default.nix @@ -0,0 +1,8 @@ +{ + programs.direnv = { + enable = true; + nix-direnv = { + enable = true; + }; + }; +} diff --git a/users/profiles/git/default.nix b/users/profiles/git/default.nix new file mode 100644 index 0000000..f827f5b --- /dev/null +++ b/users/profiles/git/default.nix @@ -0,0 +1,42 @@ +{ + programs.git = { + enable = true; + + extraConfig = { + pull.rebase = false; + }; + + aliases = { + a = "add -p"; + co = "checkout"; + cob = "checkout -b"; + f = "fetch -p"; + c = "commit"; + p = "push"; + ba = "branch -a"; + bd = "branch -d"; + bD = "branch -D"; + d = "diff"; + dc = "diff --cached"; + ds = "diff --staged"; + r = "restore"; + rs = "restore --staged"; + st = "status -sb"; + + # reset + soft = "reset --soft"; + hard = "reset --hard"; + s1ft = "soft HEAD~1"; + h1rd = "hard HEAD~1"; + + # logging + lg = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"; + plog = "log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'"; + tlog = "log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative"; + rank = "shortlog -sn --no-merges"; + + # delete merged branches + bdm = "!git branch --merged | grep -v '*' | xargs -n 1 git branch -d"; + }; + }; +} diff --git a/users/root/default.nix b/users/root/default.nix new file mode 100644 index 0000000..c9f1ef7 --- /dev/null +++ b/users/root/default.nix @@ -0,0 +1,5 @@ +{...}: +# recommend using `hashedPassword` +{ + users.users.root.password = ""; +}