xbazzi/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: xbazzi:9cb72cd6178245159a0537e1a98c1b90993e65ee
Branches Tags
xbazzi:master
...
compare: xbazzi:e35fc32701064e77a24ae2c942b30df7ff9531ca
Branches Tags
xbazzi:master

10 Commits
9cb72cd617 ... e35fc32701

Author SHA1 Message Date
xbazzi
e35fc32701 ssh config additions 2025-07-10 19:52:33 -06:00
xbazzi
905bd594cc Update more stuff 2025-07-07 18:07:06 -06:00
xbazzi
3a42c2a461 Update more stuff 2025-07-07 18:04:56 -06:00
xbazzi
ae871cab70 Update more stuff 2025-07-06 21:22:07 -06:00
xbazzi
b7497a8bc7 Update more stuff 2025-04-19 14:44:49 -06:00
xbazzi
383b91777e Update flakes 2025-04-19 14:40:33 -06:00
xbazzi
ad72471747 Add more GNOME stuff 2025-03-30 13:59:19 -06:00
xbazzi
9488c6ea88 Add more GNOME stuff 2025-03-23 12:21:31 -06:00
xbazzi
e4c918b9c2 Switch from pipewire to pulse 2025-03-23 10:53:08 -06:00
xbazzi
2d6a58c953 Something something 2025-02-22 15:32:58 -07:00
18 changed files with 655 additions and 123 deletions
Show Stats Expand all files Collapse all files

308
flake.lock generated
View File

@ -5,11 +5,11 @@
"fromYaml": "fromYaml"
},
"locked": {
"lastModified": 1732200724,
"narHash": "sha256-+R1BH5wHhfnycySb7Sy5KbYEaTJZWm1h+LW1OtyhiTs=",
"lastModified": 1746562888,
"narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=",
"owner": "SenchoPens",
"repo": "base16.nix",
"rev": "153d52373b0fb2d343592871009a286ec8837aec",
"rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89",
"type": "github"
},
"original": {
@ -37,11 +37,11 @@
"base16-helix": {
"flake": false,
"locked": {
"lastModified": 1736852337,
"narHash": "sha256-esD42YdgLlEh7koBrSqcT7p2fsMctPAcGl/+2sYJa2o=",
"lastModified": 1748408240,
"narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=",
"owner": "tinted-theming",
"repo": "base16-helix",
"rev": "03860521c40b0b9c04818f2218d9cc9efc21e7a5",
"rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e",
"type": "github"
},
"original": {
@ -67,14 +67,29 @@
"type": "github"
}
},
"crane": {
"locked": {
"lastModified": 1731098351,
"narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=",
"owner": "ipetkov",
"repo": "crane",
"rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"firefox-gnome-theme": {
"flake": false,
"locked": {
"lastModified": 1736899990,
"narHash": "sha256-S79Hqn2EtSxU4kp99t8tRschSifWD4p/51++0xNWUxw=",
"lastModified": 1748383148,
"narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=",
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"rev": "91ca1f82d717b02ceb03a3f423cbe8082ebbb26d",
"rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf",
"type": "github"
},
"original": {
@ -86,11 +101,11 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
@ -99,24 +114,45 @@
"type": "github"
}
},
"flake-utils": {
"flake-parts": {
"inputs": {
"systems": [
"stylix",
"systems"
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"stylix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1743550720,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
@ -136,37 +172,11 @@
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": [
"stylix",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"stylix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1735882644,
"narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "a5a961387e75ae44cc20f0a57ae463da5e959656",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"stylix",
"git-hooks",
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
@ -187,16 +197,16 @@
"gnome-shell": {
"flake": false,
"locked": {
"lastModified": 1732369855,
"narHash": "sha256-JhUWbcYPjHO3Xs3x9/Z9RuqXbcp5yhPluGjwsdE2GMg=",
"lastModified": 1748186689,
"narHash": "sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0=",
"owner": "GNOME",
"repo": "gnome-shell",
"rev": "dadd58f630eeea41d645ee225a63f719390829dc",
"rev": "8c88f917db0f1f0d80fa55206c863d3746fa18d0",
"type": "github"
},
"original": {
"owner": "GNOME",
"ref": "47.2",
"ref": "48.2",
"repo": "gnome-shell",
"type": "github"
}
@ -208,11 +218,11 @@
]
},
"locked": {
"lastModified": 1738428726,
"narHash": "sha256-OUoEgorFHBVnqQ2lITqs6MGN7MH4t/8hLEO29OKu6CM=",
"lastModified": 1751824240,
"narHash": "sha256-aDDC0CHTlL7QDKWWhdbEgVPK6KwWt+ca0QkmHYZxMzI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "dae6d3460c8bab3ac9f38a86affe45b32818e764",
"rev": "fd9e55f5fac45a26f6169310afca64d56b681935",
"type": "github"
},
"original": {
@ -221,34 +231,39 @@
"type": "github"
}
},
"home-manager_2": {
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"nixpkgs": [
"stylix",
"nixpkgs"
]
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1736785676,
"narHash": "sha256-TY0jUwR3EW0fnS0X5wXMAVy6h4Z7Y6a3m+Yq++C9AyE=",
"lastModified": 1737639419,
"narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "fc52a210b60f2f52c74eac41a8647c1573d2071d",
"repo": "lanzaboote",
"rev": "a65905a09e2c43ff63be8c0e86a93712361f871e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"ref": "v0.4.2",
"repo": "lanzaboote",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1738142207,
"narHash": "sha256-NGqpVVxNAHwIicXpgaVqJEJWeyqzoQJ9oc8lnK9+WC4=",
"lastModified": 1751637120,
"narHash": "sha256-xVNy/XopSfIG9c46nRmPaKfH1Gn/56vQ8++xWA8itO4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9d3ae807ebd2981d593cddd0080856873139aa40",
"rev": "5c724ed1388e53cc231ed98330a60eb2f7be4be3",
"type": "github"
},
"original": {
@ -258,13 +273,104 @@
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1730741070,
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": [
"stylix",
"flake-parts"
],
"nixpkgs": [
"stylix",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1748730660,
"narHash": "sha256-5LKmRYKdPuhm8j5GFe3AfrJL8dd8o57BQ34AGjJl1R0=",
"owner": "nix-community",
"repo": "NUR",
"rev": "2c0bc52fe14681e9ef60e3553888c4f086e46ecb",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1731363552,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"nixpkgs": "nixpkgs",
"stylix": "stylix"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1731897198,
"narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "0be641045af6d8666c11c2c40e45ffc9667839b5",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"stylix": {
"inputs": {
"base16": "base16",
@ -272,26 +378,25 @@
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"git-hooks": "git-hooks",
"flake-parts": "flake-parts_2",
"gnome-shell": "gnome-shell",
"home-manager": "home-manager_2",
"nixpkgs": [
"nixpkgs"
],
"nur": "nur",
"systems": "systems",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
"tinted-tmux": "tinted-tmux",
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1738278499,
"narHash": "sha256-q1SUyXSQ9znHTME53/vPLe+Ga3V1wW3X3gWfa8JsBUM=",
"lastModified": 1751840923,
"narHash": "sha256-4HZxn+PrWytrWVg5c5SEetv3m9/k7rngJq27zKuRIfo=",
"owner": "danth",
"repo": "stylix",
"rev": "b00c9f46ae6c27074d24d2db390f0ac5ebcc329f",
"rev": "5259682ce58d935f248297bf1c9793a5cee0787e",
"type": "github"
},
"original": {
@ -335,28 +440,43 @@
"tinted-kitty": {
"flake": false,
"locked": {
"lastModified": 1716423189,
"narHash": "sha256-2xF3sH7UIwegn+2gKzMpFi3pk5DlIlM18+vj17Uf82U=",
"lastModified": 1735730497,
"narHash": "sha256-4KtB+FiUzIeK/4aHCKce3V9HwRvYaxX+F1edUrfgzb8=",
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "eb39e141db14baef052893285df9f266df041ff8",
"rev": "de6f888497f2c6b2279361bfc790f164bfd0f3fa",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "eb39e141db14baef052893285df9f266df041ff8",
"type": "github"
}
},
"tinted-schemes": {
"flake": false,
"locked": {
"lastModified": 1748180480,
"narHash": "sha256-7n0XiZiEHl2zRhDwZd/g+p38xwEoWtT0/aESwTMXWG4=",
"owner": "tinted-theming",
"repo": "schemes",
"rev": "87d652edd26f5c0c99deda5ae13dfb8ece2ffe31",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "schemes",
"type": "github"
}
},
"tinted-tmux": {
"flake": false,
"locked": {
"lastModified": 1735737224,
"narHash": "sha256-FO2hRBkZsjlIRqzNHCPc/52yxg11kHGA8MEtSun9RwE=",
"lastModified": 1748740859,
"narHash": "sha256-OEM12bg7F4N5WjZOcV7FHJbqRI6jtCqL6u8FtPrlZz4=",
"owner": "tinted-theming",
"repo": "tinted-tmux",
"rev": "aead506a9930c717ebf81cc83a2126e9ca08fa64",
"rev": "57d5f9683ff9a3b590643beeaf0364da819aedda",
"type": "github"
},
"original": {
@ -380,6 +500,28 @@
"repo": "base16-zed",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"stylix",
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733222881,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",

27
flake.nix
View File

@ -9,6 +9,11 @@
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@ -30,7 +35,7 @@
# };
};
outputs = { nixpkgs, ... }@inputs:
outputs = { nixpkgs, lanzaboote, ... }@inputs:
let
system = "x86_64-linux";
pkgs = import nixpkgs { system = "x86_64-linux"; config = { allowUnfree = true; }; };
@ -62,6 +67,26 @@
modules = [
inputs.stylix.nixosModules.stylix
./system/default.nix
lanzaboote.nixosModules.lanzaboote
({ pkgs, lib, ... }: {
environment.systemPackages = [
# For debugging and troubleshooting Secure Boot.
pkgs.sbctl
];
# Lanzaboote currently replaces the systemd-boot module.
# This setting is usually set to true in configuration.nix
# generated at installation time. So we force it to false
# for now.
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
})
];
};
};

BIN
forest.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.2 MiB

29
home/dconf.nix
View File

@ -13,6 +13,8 @@
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom4/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom5/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom6/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom7/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom8/"
];
};
@ -36,7 +38,7 @@
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom3" = {
binding = "<Super>f";
command = "kitty -- zsh -c 'yazi; exec zsh'";
command = "kitty -- zsh -c 'exec yazi; exec zsh'";
name = "open-yazi";
};
@ -48,13 +50,26 @@
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom5" = {
binding = "<Super>i";
command = "firefox";
name = "open-firefox";
command = "brave";
name = "open-brave";
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom5" = {
binding = "<Super>y+e";
command = "kitty --start-as=normal -- bash -ic 'repo'";
name = "open-repos";
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom6" = {
binding = "<Super>y";
command = "kitty --start-as=normal -- zsh -ic 'repos'";
name = "open-projects";
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom7" = {
binding = "<Primary>q";
command = "true";
name = "disable-ctrl-q";
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom8" = {
binding = "<Super>u";
command = "kitty --start-as=normal -- zsh -ic 'home'";
name = "open-home";
};
"org/gnome/shell" = {

16
home/gtk.nix
View File

@ -9,15 +9,15 @@
package = pkgs.tokyo-night-gtk;
};
cursorTheme = {
name = "Vimix-Cursors";
package = pkgs.vimix-cursor-theme;
};
# cursorTheme = {
# name = "Vimix-Cursors";
# package = pkgs.vimix-cursors;
# };
iconTheme = {
name = "breeze-dark";
package = pkgs.breeze-icons;
};
# iconTheme = {
# name = "breeze-dark";
# package = pkgs.breeze-icons;
# };
};
# home.sessionVariables = {
# GTK_THEME = "Tokyonight-Dark-B";

2
home/kitty.nix
View File

@ -10,7 +10,7 @@
enable_audio_bell = false;
mouse_hide_wait = "-1.0";
window_padding_width = 5;
background_opacity = "0.90";
background_opacity = "0.95";
background_blur = 5;
background = "#17041c";
hide_window_decorations = true;

21
home/zsh.nix
View File

@ -18,18 +18,31 @@
fi
rm -f -- "$tmp"
}
function proj() {
lsn -ld ~/repos/* --color=never | \
function repos() {
eza -ld ~/repos/* --color=never | \
awk '{print $7}' | \
fzf --reverse | xargs -I{} code {} -n && exit
}
'';
function home() {
eza -ld ~/* --color=never | \
awk '{print $7}' | \
fzf --reverse | xargs -I{} code {} -n && exit
}
function makerole() {
mkdir -p "roles/$1/tasks"
mkdir -p "roles/$1/defaults"
mkdir -p "roles/$1/templates"
mkdir -p "roles/$1/handlers"
touch "roles/$1/tasks/main.yml"
touch "roles/$1/defaults/main.yml"
}
'';
history.size = 10000;
history.ignoreAllDups = true;
history.path = "$HOME/.zsh_history";
history.ignorePatterns = ["rm *" "pkill *" "cp *"];
shellAliases =
shellAliases =
let
flakePath = "~/nixos-config";
in

27
nix/sources.json Normal file
View File

@ -0,0 +1,27 @@
{
"lanzaboote": {
"branch": "master",
"description": "Secure Boot for NixOS [maintainers=@blitz @raitobezarius @nikstur]",
"homepage": "",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "v0.4.2",
"sha256": "0xc1wawnb0297h5khxblmf9pd1fry950xkcm7mwlck19s2906h80",
"type": "tarball",
"url": "https://github.com/nix-community/lanzaboote/archive/v0.4.2.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz",
"version": "0.4.2"
},
"nixpkgs": {
"branch": "nixos-unstable",
"description": "Nix Packages collection",
"homepage": null,
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6c43a3495a11e261e5f41e5d7eda2d71dae1b2fe",
"sha256": "16f329z831bq7l3wn1dfvbkh95l2gcggdwn6rk3cisdmv2aa3189",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/6c43a3495a11e261e5f41e5d7eda2d71dae1b2fe.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

198
nix/sources.nix Normal file
View File

@ -0,0 +1,198 @@
# This file has been generated by Niv.
let
#
# The fetchers. fetch_<type> fetches specs of type <type>.
#
fetch_file = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchurl { inherit (spec) url sha256; name = name'; }
else
pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
fetch_tarball = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
else
pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
fetch_git = name: spec:
let
ref =
spec.ref or (
if spec ? branch then "refs/heads/${spec.branch}" else
if spec ? tag then "refs/tags/${spec.tag}" else
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"
);
submodules = spec.submodules or false;
submoduleArg =
let
nixSupportsSubmodules = builtins.compareVersions builtins.nixVersion "2.4" >= 0;
emptyArgWithWarning =
if submodules
then
builtins.trace
(
"The niv input \"${name}\" uses submodules "
+ "but your nix's (${builtins.nixVersion}) builtins.fetchGit "
+ "does not support them"
)
{ }
else { };
in
if nixSupportsSubmodules
then { inherit submodules; }
else emptyArgWithWarning;
in
builtins.fetchGit
({ url = spec.repo; inherit (spec) rev; inherit ref; } // submoduleArg);
fetch_local = spec: spec.path;
fetch_builtin-tarball = name: throw
''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=tarball -a builtin=true'';
fetch_builtin-url = name: throw
''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=file -a builtin=true'';
#
# Various helpers
#
# https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695
sanitizeName = name:
(
concatMapStrings (s: if builtins.isList s then "-" else s)
(
builtins.split "[^[:alnum:]+._?=-]+"
((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)
)
);
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: system:
let
sourcesNixpkgs =
import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; };
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in
if builtins.hasAttr "nixpkgs" sources
then sourcesNixpkgs
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
import <nixpkgs> { }
else
abort
''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json.
'';
# The actual fetching function.
fetch = pkgs: name: spec:
if ! builtins.hasAttr "type" spec then
abort "ERROR: niv spec ${name} does not have a 'type' attribute"
else if spec.type == "file" then fetch_file pkgs name spec
else if spec.type == "tarball" then fetch_tarball pkgs name spec
else if spec.type == "git" then fetch_git name spec
else if spec.type == "local" then fetch_local spec
else if spec.type == "builtin-tarball" then fetch_builtin-tarball name
else if spec.type == "builtin-url" then fetch_builtin-url name
else
abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# If the environment variable NIV_OVERRIDE_${name} is set, then use
# the path directly as opposed to the fetched source.
replace = name: drv:
let
saneName = stringAsChars (c: if (builtins.match "[a-zA-Z0-9]" c) == null then "_" else c) name;
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
in
if ersatz == "" then drv else
# this turns the string into an actual Nix path (for both absolute and
# relative paths)
if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
mapAttrs = builtins.mapAttrs or (
f: set: with builtins;
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set))
);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
range = first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
concatMapStrings = f: list: concatStrings (map f list);
concatStrings = builtins.concatStringsSep "";
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
optionalAttrs = cond: as: if cond then as else { };
# fetchTarball version that is compatible between all the versions of Nix
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchTarball;
in
if lessThan nixVersion "1.12" then
fetchTarball ({ inherit url; } // (optionalAttrs (name != null) { inherit name; }))
else
fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchurl;
in
if lessThan nixVersion "1.12" then
fetchurl ({ inherit url; } // (optionalAttrs (name != null) { inherit name; }))
else
fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
mapAttrs
(
name: spec:
if builtins.hasAttr "outPath" spec
then
abort
"The values in sources.json should not have an 'outPath' attribute"
else
spec // { outPath = replace name (fetch config.pkgs name spec); }
)
config.sources;
# The "config" used by the fetchers
mkConfig =
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
, sources ? if sourcesFile == null then { } else builtins.fromJSON (builtins.readFile sourcesFile)
, system ? builtins.currentSystem
, pkgs ? mkPkgs sources system
}: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
inherit pkgs;
};
in
mkSources (mkConfig { }) // { __functor = _: settings: mkSources (mkConfig settings); }

13
system/configuration.nix
View File

@ -12,11 +12,17 @@
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# OpenRGB
services.hardware.openrgb.enable = true;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot";
# systemd
systemd.network.wait-online.timeout = 10;
# Set your time zone.
time.timeZone = "America/Denver";
@ -68,18 +74,19 @@
# Enable sound with pipewire.
services.pulseaudio.enable = false;
# hardware.pulseaudio.support32Bit = true;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
# media-session.enable = true;
};
# Enable touchpad support (enabled default in most desktopManager).

2
system/default.nix
View File

@ -6,8 +6,10 @@
./configuration.nix
./fonts.nix
./ssh.nix
# ./openrgb.nix
# ./stylix.nix
./gnome.nix
# ./lanzaboote.nix
./yazi.nix
./nvidia.nix
./network.nix

6
system/gnome.nix
View File

@ -17,8 +17,12 @@
undecorate
pastafarian-holy-days
just-perfection
appindicator
]) ++ (with pkgs; [
# gnome-tweaks
#vimix-cursors
# breeze-icons
tokyonight-gtk-theme
gnome-tweaks
# adwaita-icon-theme
]);
}

19
system/lanzaboote.nix Normal file
View File

@ -0,0 +1,19 @@
{ pkgs, lib, ... }:
let
sources = import ./nix/sources.nix;
lanzaboote = import sources.lanzaboote;
in
{
imports = [ lanzaboote.nixosModules.lanzaboote ];
# Lanzaboote currently replaces the systemd-boot module.
# This setting is usually set to true in configuration.nix
# generated at installation time. So we force it to false
# for now.
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
}

15
system/network.nix
View File

@ -4,30 +4,31 @@
# networking.networkmanager.enable = true;
systemd.services."NetworkManager-wait-online" = {
serviceConfig.TimeoutStartSec = "20s";
};
# systemd.services."NetworkManager-wait-online" = {
# serviceConfig.TimeoutStartSec = "20s";
# };
networking = {
hostName = "nixos";
wireless.enable = false;
interfaces.enp6s0d1 = {
interfaces.enp6s0f1 = {
ipv4.addresses = [{
address = "10.29.90.110";
prefixLength = 22;
}];
mtu = 9000;
};
nameservers = [ "10.29.90.1" "10.133.7.1" ];
nameservers = [ "10.29.90.1" ];
search = [ "lan.xbazzi.com" ];
defaultGateway = {
address = "10.29.90.1";
interface = "enp6s0d1";
interface = "enp6s0f0";
};
hosts = {
"127.0.0.1" = [ "localhost" ];
"10.29.90.110" = [ "nixos" "nixos.lan.xbazzi.com" ];
"10.29.90.110" = [ "nixos" ];
};
};

33
system/openrgb.nix Normal file
View File

@ -0,0 +1,33 @@
{ pkgs, lib, ... }:
{
# OpenRGB
services.hardware.openrgb.enable = true;
# NO RGB
let
no-rgb = pkgs.writeScriptBin "no-rgb" ''
#!/bin/sh
NUM_DEVICES=$(${pkgs.openrgb}/bin/openrgb --noautoconnect --list-devices | grep -E '^[0-9]+: ' | wc -l)
for i in $(seq 0 $(($NUM_DEVICES - 1))); do
${pkgs.openrgb}/bin/openrgb --noautoconnect --device $i --mode static --color 000000
done
'';
in {
config = {
services.udev.packages = [ pkgs.openrgb ];
boot.kernelModules = [ "i2c-dev" ];
hardware.i2c.enable = true;
systemd.services.no-rgb = {
description = "no-rgb";
serviceConfig = {
ExecStart = "${no-rgb}/bin/no-rgb";
Type = "oneshot";
};
wantedBy = [ "multi-user.target" ];
};
};
}
}

20
system/packages.nix
View File

@ -1,6 +1,10 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
# modrinth-app
ansible
niv
sbctl
vim
wget
xournalpp
@ -24,31 +28,31 @@
htop
btop
yazi
#google-chrome
dig
prismlauncher
inetutils
ansible-builder
ansible-lint
hollywood
cmatrix
nmap
#intellephense
firefoxpwa
brave
ffmpeg
variety
fzf
eza
linuxPackages_latest.perf
minicom
wireshark
];
programs.nix-ld.enable = true;
programs.thunderbird.enable = true;
# Install firefox.
# Install noisetorch.
programs.noisetorch.enable = true;
# Install firefox.
programs.firefox = {
enable = true;
package = pkgs.firefox;
nativeMessagingHosts.packages = [ pkgs.firefoxpwa ];
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;

33
system/ssh.nix
View File

@ -2,6 +2,24 @@
{
programs.ssh.extraConfig = ''
Host fw-mgmt
HostName fw-mgmt
ForwardAgent yes
User xbazzi
Port 22
PubkeyAuthentication yes
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
Host db1
HostName db1
ForwardAgent yes
User xbazzi
Port 22
PubkeyAuthentication yes
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
Host prod1
HostName prod1
ForwardAgent yes
@ -9,28 +27,43 @@
User xbazzi
PubkeyAuthentication yes
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
Host prod3
HostName prod3
ForwardAgent yes
Port 22
User xbazzi
PubkeyAuthentication yes
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
Host nas-mgmt
HostName nas-mgmt
ForwardAgent yes
User xbazzi
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
Host nas
HostName nas
ForwardAgent yes
User xbazzi
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
Host school
HostName school
ForwardAgent yes
User xbazzi
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
Host ext1-mgmt
HostName ext1-mgmt
ForwardAgent yes
User xbazzi
IdentityFile ~/.ssh/lan_id_ed25519
IdentitiesOnly yes
'';
}

9
system/vscode.nix
View File

@ -4,6 +4,8 @@
environment.systemPackages = with pkgs; [
(vscode-with-extensions.override {
vscodeExtensions = with vscode-extensions; [
redhat.vscode-yaml
redhat.ansible
bbenoist.nix
ms-python.python
ms-azuretools.vscode-docker
@ -46,6 +48,13 @@
#sha256 = "lcaomgk91hnjwqaw4i0fagtowr8kwv7zhvgcgkokkuy=";
sha256 = "LcAomgK91hnJWqAW4I0FAgTOwr8Kwv7ZhvGCgkokKuY=";
}
{
name = "vscode-postgres";
publisher = "ckolkman";
version = "1.4.3";
sha256 = "OCy2Nc35vmynoKxoUoTL2qyUoiByTMMPebEjySIZihQ=";
}
];
})
];