ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

working lio config I think with new system

Browse source
This commit is contained in:
RingOfStorms (Joshua Bell) 2025-10-21 23:31:59 -05:00
parent 50825c9b84
commit 9de4c7892b
20 changed files with 625 additions and 677 deletions
Download patch file Download diff file Expand all files Collapse all files

3
common/flake.nix
View file

@ -4,6 +4,7 @@
home-manager.url = "github:rycee/home-manager/release-25.05"; home-manager.url = "github:rycee/home-manager/release-25.05";
ragenix.url = "github:yaxitech/ragenix"; ragenix.url = "github:yaxitech/ragenix";
hyprland.url = "github:hyprwm/Hyprland"; hyprland.url = "github:hyprwm/Hyprland";
nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest";
}; };
outputs = outputs =
@ -27,6 +28,8 @@
imports = [ imports = [
home-manager.nixosModules.default home-manager.nixosModules.default
ragenix.nixosModules.age ragenix.nixosModules.age
nix-flatpak.nixosModules.nix-flatpak
hyprland.nixosModules.default hyprland.nixosModules.default
./_home_manager ./_home_manager
./options.nix ./options.nix

1
common/programs/default.nix
View file

@ -14,6 +14,7 @@ in
./podman.nix ./podman.nix
./incus.nix ./incus.nix
./virt-manager.nix ./virt-manager.nix
./flatpaks.nix
]; ];
config = { config = {
assertions = [ assertions = [

66
common/programs/flatpaks.nix Normal file
View file

@ -0,0 +1,66 @@
{
config,
lib,
...
}:
let
ccfg = import ../config.nix;
cfg_path = [
ccfg.custom_config_key
"programs"
"flatpaks"
];
cfg = lib.attrsets.getAttrFromPath cfg_path config;
in
{
options =
{ }
// lib.attrsets.setAttrByPath cfg_path {
enable = lib.mkEnableOption "flatpaks";
packages = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = "List of Flatpak package names to install.";
};
};
config = lib.mkIf cfg.enable {
services.flatpak = {
enable = true;
packages = cfg.packages;
overrides = {
global = {
Context.sockets = [
"wayland"
"x11"
];
Context.devices = [ "dri" ]; # allow GPU access if desired
Environment = {
XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons";
GTK_THEME = "Adwaita:dark";
# Force wayland as much as possible.
ELECTRON_OZONE_PLATFORM_HINT = "auto"; # or 'auto'
GTK_USE_PORTAL = "1";
OZONE_PLATFORM = "wayland";
QT_QPA_PLATFORM = "xcb"; # force XCB for Flatpaks (XWayland)
};
};
"org.signal.Signal" = {
Environment = {
SIGNAL_PASSWORD_STORE = "gnome-libsecret";
};
Context = {
sockets = [
"xfg-settings"
];
};
};
"com.google.Chrome" = {
Environment = {
CHROME_EXTRA_ARGS = "--enable-features=WaylandWindowDecorations --ozone-platform-hint=auto";
};
};
};
};
};
}

8
flakes/common/flake.nix
View file

@ -1,7 +1,3 @@
let
utils = import ./utils.nix;
in
with utils;
{ {
description = "Common NixOS configuration modules and Home Manager modules that require not other inputs beyond nixpkgs or home-manager itself. This is made by me for me and not designed to be general purpose for anyone else, but could be useful nontheless."; description = "Common NixOS configuration modules and Home Manager modules that require not other inputs beyond nixpkgs or home-manager itself. This is made by me for me and not designed to be general purpose for anyone else, but could be useful nontheless.";
inputs = { }; inputs = { };
@ -9,6 +5,10 @@ with utils;
{ {
... ...
}: }:
let
utils = import ./utils.nix;
in
with utils;
{ {
nixosModules = importAll ./nix_modules; nixosModules = importAll ./nix_modules;
homeManagerModules = importAll ./hm_modules; homeManagerModules = importAll ./hm_modules;

2
flakes/common/hm_modules/de_sway/sway.nix
View file

@ -103,7 +103,7 @@
# Keybindings mirroring Hyprland # Keybindings mirroring Hyprland
keybindings = { keybindings = {
# Apps # Apps
"${modifier}+return" = "exec ${config.wayland.winfowManager.sway.config.terminal}"; "${modifier}+return" = "exec ${config.wayland.windowManager.sway.config.terminal}";
"${modifier}+space" = "exec pkill wofi || wofi --show drun"; "${modifier}+space" = "exec pkill wofi || wofi --show drun";
"${modifier}+q" = "kill"; "${modifier}+q" = "kill";
"${modifier}+shift+Escape" = "exit"; "${modifier}+shift+Escape" = "exit";

5
flakes/common/nix_modules/de_sway.nix
View file

@ -6,11 +6,6 @@
}: }:
{ {
# Enable for all users via Home Manager fragments in this module
home-manager = {
sharedModules = [ ./home_manager ];
};
services.greetd = { services.greetd = {
enable = true; enable = true;
vt = 2; vt = 2;

2
flakes/common/nix_modules/docker.nix
View file

@ -8,7 +8,7 @@
enable = true; enable = true;
autoPrune.enable = true; autoPrune.enable = true;
}; };
users.extraGroups.docker.members = builtins.AttrNames config.users.users; users.extraGroups.docker.members = builtins.attrNames config.users.users;
environment.shellAliases = { environment.shellAliases = {
dockerv = "docker volume"; dockerv = "docker volume";
dockeri = "docker image"; dockeri = "docker image";

0
flakes/test → flakes/common/nix_modules/flatpaks.nix
View file

1
flakes/common/nix_modules/hardening.nix
View file

@ -52,6 +52,7 @@
enable = true; enable = true;
settings = { settings = {
LogLevel = "VERBOSE"; LogLevel = "VERBOSE";
# TODO revisit allowing root login
PermitRootLogin = "yes"; PermitRootLogin = "yes";
PasswordAuthentication = false; PasswordAuthentication = false;
}; };

2
flakes/common/nix_modules/podman.nix
View file

@ -7,5 +7,5 @@
enable = true; enable = true;
autoPrune.enable = true; autoPrune.enable = true;
}; };
users.extraGroups.docker.members = builtins.AttrNames config.users.users; users.extraGroups.docker.members = builtins.attrNames config.users.users;
} }

30
flakes/common/readme.md
View file

@ -1,7 +1,10 @@
required settings? required settings?
- nixpkgs and home manager flake inputs
```nix ```nix
# Required system information # Required system information
system.stateVersion = "ORIGINAL VALUE"
networking.hostName = "system_name"; networking.hostName = "system_name";
# Where this config lives for this machine # Where this config lives for this machine
@ -14,14 +17,32 @@ users.users = {
josh = { josh = {
isNormalUser = true; isNormalUser = true;
initialPassword = "password1"; initialPassword = "password1";
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" "networkmanager" "video" "input" ];
openssh.authorizedKeys.keys = [ "replace" ];
}; };
}; };
# Home manager only below this line (optional)
security.polkit.enable = true;
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
backupFileExtension = "bak";
sharedModules = [
({}: {
home.stateVersion = "MATCH_HM_VERSION_AS_INPUT";
programs.home-manager.enable = true;
})
];
};
``` ```
# TODO add somewhere # TODO add somewhere
```nix ```nix
# allow mounting ntfs filesystems # allow mounting ntfs filesystems
boot.supportedFilesystems = [ "ntfs" ]; boot.supportedFilesystems = [ "ntfs" ];
@ -53,4 +74,9 @@ services.tailscale.extraUpFlags = ++ (lib.optionals cfg.enableExitNode [ "--adve
- rust dev (now using direnv local flakes for that) - rust dev (now using direnv local flakes for that)
- incus - incus
- virt-manager - virt-manager
- - hm not ported
- obs
- opensnitch
- homemanager `services.opensnitch-ui.enable = true;`
- hyprland config
- i3 isntead of sway?

27
flakes/flatpaks/flake.lock generated Normal file
View file

@ -0,0 +1,27 @@
{
"nodes": {
"nix-flatpak": {
"locked": {
"lastModified": 1739444422,
"narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=",
"owner": "gmodena",
"repo": "nix-flatpak",
"rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177",
"type": "github"
},
"original": {
"owner": "gmodena",
"ref": "latest",
"repo": "nix-flatpak",
"type": "github"
}
},
"root": {
"inputs": {
"nix-flatpak": "nix-flatpak"
}
}
},
"root": "root",
"version": 7
}

65
flakes/flatpaks/flake.nix Normal file
View file

@ -0,0 +1,65 @@
{
inputs = {
nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest";
};
outputs =
{
nix-flatpak,
...
}:
{
nixosModules = {
default =
{
config,
lib,
pkgs,
...
}:
{
imports = [
nix-flatpak.nixosModules.nix-flatpak
];
config = {
services.flatpak = {
enable = true;
overrides = {
global = {
Context.sockets = [
"wayland"
"x11"
];
Context.devices = [ "dri" ]; # allow GPU access if desired
Environment = {
XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons";
GTK_THEME = "Adwaita:dark";
# Force wayland as much as possible.
ELECTRON_OZONE_PLATFORM_HINT = "auto"; # or 'auto'
GTK_USE_PORTAL = "1";
OZONE_PLATFORM = "wayland";
QT_QPA_PLATFORM = "xcb"; # force XCB for Flatpaks (XWayland)
};
};
"org.signal.Signal" = {
Environment = {
SIGNAL_PASSWORD_STORE = "gnome-libsecret";
};
Context = {
sockets = [
"xfg-settings"
];
};
};
"com.google.Chrome" = {
Environment = {
CHROME_EXTRA_ARGS = "--enable-features=WaylandWindowDecorations --ozone-platform-hint=auto";
};
};
};
};
};
};
};
};
}

202
flakes/secrets/flake.lock generated Normal file
View file

@ -0,0 +1,202 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": [
"ragenix",
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1736955230,
"narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",
"owner": "ryantm",
"repo": "agenix",
"rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"crane": {
"locked": {
"lastModified": 1741481578,
"narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=",
"owner": "ipetkov",
"repo": "crane",
"rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"ragenix",
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"ragenix",
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1741379970,
"narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"ragenix": {
"inputs": {
"agenix": "agenix",
"crane": "crane",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1744897914,
"narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=",
"owner": "yaxitech",
"repo": "ragenix",
"rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223",
"type": "github"
},
"original": {
"owner": "yaxitech",
"repo": "ragenix",
"type": "github"
}
},
"root": {
"inputs": {
"ragenix": "ragenix"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"ragenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741400194,
"narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

3
flakes/secrets/flake.nix
View file

@ -20,7 +20,6 @@
{ {
imports = [ imports = [
ragenix.nixosModules.age ragenix.nixosModules.age
./secrets
]; ];
config = config =
let let
@ -64,7 +63,7 @@
in in
lib.nameValuePair base ( lib.nameValuePair base (
{ {
file = ./. + "/secrets/${name}"; file = ./. + "/${name}";
owner = user; owner = user;
} }
// lib.optionalAttrs (lib.elem base worldReadable) { // lib.optionalAttrs (lib.elem base worldReadable) {

27
hosts/lio/configuration.nix
View file

@ -1,4 +1,6 @@
{ {
upkgs,
pkgs,
... ...
}: }:
{ {
@ -11,8 +13,6 @@
# System76 # System76
hardware.system76.enableAll = true; hardware.system76.enableAll = true;
system.stateVersion = "23.11";
services = { services = {
# https://discourse.nixos.org/t/very-high-fan-noises-on-nixos-using-a-system76-thelio/23875/10 # https://discourse.nixos.org/t/very-high-fan-noises-on-nixos-using-a-system76-thelio/23875/10
# Fixes insane jet speed fan noise # Fixes insane jet speed fan noise
@ -28,4 +28,27 @@
# }; # };
}; };
}; };
# Also allow this key to work for root user, this will let us use this as a remote builder easier
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
];
# Allow emulation of aarch64-linux binaries for cross compiling
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
environment.systemPackages = with pkgs; [
lua
qdirstat
ffmpeg-full
appimage-run
nodejs_24
foot
vlc
upkgs.ladybird
google-chrome
trilium-desktop
dig
traceroute
# opensnitch-ui
];
} }

609
hosts/lio/flake.lock generated
View file

@ -5,11 +5,11 @@
"darwin": "darwin", "darwin": "darwin",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixpkgs": [ "nixpkgs": [
"common", "secrets",
"ragenix", "ragenix",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_2" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1736955230, "lastModified": 1736955230,
@ -25,64 +25,16 @@
"type": "github" "type": "github"
} }
}, },
"aquamarine": {
"inputs": {
"hyprutils": [
"common",
"hyprland",
"hyprutils"
],
"hyprwayland-scanner": [
"common",
"hyprland",
"hyprwayland-scanner"
],
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1759499898,
"narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=",
"owner": "hyprwm",
"repo": "aquamarine",
"rev": "655e067f96fd44b3f5685e17f566b0e4d535d798",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "aquamarine",
"type": "github"
}
},
"common": { "common": {
"inputs": {
"home-manager": "home-manager",
"hyprland": "hyprland",
"nix-flatpak": "nix-flatpak",
"nixpkgs": "nixpkgs_3",
"ragenix": "ragenix"
},
"locked": { "locked": {
"lastModified": 1760816431, "path": "../../flakes/common",
"narHash": "sha256-X3s7h60hnps26+KkRXn52E3Tq+j/vDcmNvWnDiHtWxI=", "type": "path"
"ref": "refs/heads/master",
"rev": "35cff92c209806bb76ad51e0c515dde6ad2b6a22",
"revCount": 725,
"type": "git",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
}, },
"original": { "original": {
"type": "git", "path": "../../flakes/common",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" "type": "path"
} },
"parent": []
}, },
"crane": { "crane": {
"locked": { "locked": {
@ -102,7 +54,7 @@
"darwin": { "darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"common", "secrets",
"ragenix", "ragenix",
"agenix", "agenix",
"nixpkgs" "nixpkgs"
@ -123,25 +75,9 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"inputs": { "inputs": {
"systems": "systems_3" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1731533236,
@ -157,28 +93,19 @@
"type": "github" "type": "github"
} }
}, },
"gitignore": { "flatpaks": {
"inputs": { "inputs": {
"nixpkgs": [ "nix-flatpak": "nix-flatpak"
"common",
"hyprland",
"pre-commit-hooks",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1709087332, "path": "../../flakes/flatpaks",
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", "type": "path"
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
}, },
"original": { "original": {
"owner": "hercules-ci", "path": "../../flakes/flatpaks",
"repo": "gitignore.nix", "type": "path"
"type": "github" },
} "parent": []
}, },
"home-manager": { "home-manager": {
"inputs": { "inputs": {
@ -202,7 +129,7 @@
"home-manager_2": { "home-manager_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"common", "secrets",
"ragenix", "ragenix",
"agenix", "agenix",
"nixpkgs" "nixpkgs"
@ -222,287 +149,6 @@
"type": "github" "type": "github"
} }
}, },
"hyprcursor": {
"inputs": {
"hyprlang": [
"common",
"hyprland",
"hyprlang"
],
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1753964049,
"narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=",
"owner": "hyprwm",
"repo": "hyprcursor",
"rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprcursor",
"type": "github"
}
},
"hyprgraphics": {
"inputs": {
"hyprutils": [
"common",
"hyprland",
"hyprutils"
],
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1759490292,
"narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=",
"owner": "hyprwm",
"repo": "hyprgraphics",
"rev": "9431db625cd9bb66ac55525479dce694101d6d7a",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprgraphics",
"type": "github"
}
},
"hyprland": {
"inputs": {
"aquamarine": "aquamarine",
"hyprcursor": "hyprcursor",
"hyprgraphics": "hyprgraphics",
"hyprland-protocols": "hyprland-protocols",
"hyprland-qtutils": "hyprland-qtutils",
"hyprlang": "hyprlang",
"hyprutils": "hyprutils",
"hyprwayland-scanner": "hyprwayland-scanner",
"nixpkgs": "nixpkgs_2",
"pre-commit-hooks": "pre-commit-hooks",
"systems": "systems",
"xdph": "xdph"
},
"locked": {
"lastModified": 1760813095,
"narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "Hyprland",
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1749046714,
"narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-protocols",
"type": "github"
}
},
"hyprland-qt-support": {
"inputs": {
"hyprlang": [
"common",
"hyprland",
"hyprland-qtutils",
"hyprlang"
],
"nixpkgs": [
"common",
"hyprland",
"hyprland-qtutils",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"hyprland-qtutils",
"systems"
]
},
"locked": {
"lastModified": 1749154592,
"narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=",
"owner": "hyprwm",
"repo": "hyprland-qt-support",
"rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-qt-support",
"type": "github"
}
},
"hyprland-qtutils": {
"inputs": {
"hyprland-qt-support": "hyprland-qt-support",
"hyprlang": [
"common",
"hyprland",
"hyprlang"
],
"hyprutils": [
"common",
"hyprland",
"hyprland-qtutils",
"hyprlang",
"hyprutils"
],
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1759080228,
"narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=",
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"type": "github"
}
},
"hyprlang": {
"inputs": {
"hyprutils": [
"common",
"hyprland",
"hyprutils"
],
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1758927902,
"narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"hyprutils": {
"inputs": {
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1759619523,
"narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=",
"owner": "hyprwm",
"repo": "hyprutils",
"rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprutils",
"type": "github"
}
},
"hyprwayland-scanner": {
"inputs": {
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1755184602,
"narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=",
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"type": "github"
}
},
"nix-flatpak": { "nix-flatpak": {
"locked": { "locked": {
"lastModified": 1739444422, "lastModified": 1739444422,
@ -553,32 +199,31 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1759381078, "lastModified": 1760580664,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "narHash": "sha256-/YdfibIrnqXAL8p5kqCU345mzpHoOtuVIkMiI2pF4Dc=",
"owner": "NixOS", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "rev": "98ff3f9af2684f6136c24beef08f5e2033fc5389",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "nixos",
"ref": "nixos-unstable", "ref": "nixos-25.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1760524057, "lastModified": 1759772810,
"narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "rev": "2b78ecc45e163d655c08c9a4cffb4a91c66d0493",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -599,37 +244,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_5": {
"locked": {
"lastModified": 1760580664,
"narHash": "sha256-/YdfibIrnqXAL8p5kqCU345mzpHoOtuVIkMiI2pF4Dc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "98ff3f9af2684f6136c24beef08f5e2033fc5389",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1759772810,
"narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2b78ecc45e163d655c08c9a4cffb4a91c66d0493",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nvim_plugin-Almo7aya/openingh.nvim": { "nvim_plugin-Almo7aya/openingh.nvim": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -1510,37 +1124,13 @@
"type": "github" "type": "github"
} }
}, },
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
]
},
"locked": {
"lastModified": 1758108966,
"narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"ragenix": { "ragenix": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"crane": "crane", "crane": "crane",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_4",
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay_2"
}, },
"locked": { "locked": {
"lastModified": 1744897914, "lastModified": 1744897914,
@ -1559,14 +1149,17 @@
"root": { "root": {
"inputs": { "inputs": {
"common": "common", "common": "common",
"nixpkgs": "nixpkgs_5", "flatpaks": "flatpaks",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"ros_neovim": "ros_neovim" "ros_neovim": "ros_neovim",
"secrets": "secrets"
} }
}, },
"ros_neovim": { "ros_neovim": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_6", "nixpkgs": "nixpkgs_3",
"nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim",
"nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim",
"nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring",
@ -1622,7 +1215,7 @@
"nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag",
"nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp",
"nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua",
"rust-overlay": "rust-overlay_2" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1760630879, "lastModified": 1760630879,
@ -1639,28 +1232,6 @@
} }
}, },
"rust-overlay": { "rust-overlay": {
"inputs": {
"nixpkgs": [
"common",
"ragenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741400194,
"narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"ros_neovim", "ros_neovim",
@ -1681,18 +1252,54 @@
"type": "github" "type": "github"
} }
}, },
"rust-overlay_2": {
"inputs": {
"nixpkgs": [
"secrets",
"ragenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741400194,
"narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"secrets": {
"inputs": {
"ragenix": "ragenix"
},
"locked": {
"path": "../../flakes/secrets",
"type": "path"
},
"original": {
"path": "../../flakes/secrets",
"type": "path"
},
"parent": []
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1689347949, "lastModified": 1681028828,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default-linux", "repo": "default",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default-linux", "repo": "default",
"type": "github" "type": "github"
} }
}, },
@ -1710,68 +1317,6 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"xdph": {
"inputs": {
"hyprland-protocols": [
"common",
"hyprland",
"hyprland-protocols"
],
"hyprlang": [
"common",
"hyprland",
"hyprlang"
],
"hyprutils": [
"common",
"hyprland",
"hyprutils"
],
"hyprwayland-scanner": [
"common",
"hyprland",
"hyprwayland-scanner"
],
"nixpkgs": [
"common",
"hyprland",
"nixpkgs"
],
"systems": [
"common",
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1755354946,
"narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

192
hosts/lio/flake.nix
View file

@ -1,11 +1,15 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
home-manager.url = "github:rycee/home-manager/release-25.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Use relative to get current version for testing # Use relative to get current version for testing
# common.url = "path:../../common"; common.url = "path:../../flakes/common";
common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles";
secrets.url = "path:../../flakes/secrets";
flatpaks.url = "path:../../flakes/flatpaks";
ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim";
}; };
@ -13,7 +17,10 @@
outputs = outputs =
{ {
nixpkgs, nixpkgs,
home-manager,
common, common,
secrets,
flatpaks,
ros_neovim, ros_neovim,
... ...
}@inputs: }@inputs:
@ -33,14 +40,35 @@
}; };
}; };
modules = [ modules = [
common.nixosModules.default home-manager.nixosModules.default
secrets.nixosModules.default
ros_neovim.nixosModules.default ros_neovim.nixosModules.default
flatpaks.nixosModules.default
common.nixosModules.essentials
common.nixosModules.git
common.nixosModules.tmux
common.nixosModules.boot_systemd
common.nixosModules.de_sway
common.nixosModules.hardening
common.nixosModules.jetbrains_font
common.nixosModules.nix_options
common.nixosModules.no_sleep
common.nixosModules.podman
common.nixosModules.q_flipper
common.nixosModules.tailnet
common.nixosModules.timezone_auto
common.nixosModules.tty_caps_esc
common.nixosModules.zsh
./configuration.nix ./configuration.nix
./hardware-configuration.nix ./hardware-configuration.nix
(import ./containers.nix { inherit inputs; }) (import ./containers.nix { inherit inputs; })
# ./jails_text.nix # ./jails_text.nix
# ./hyprland_customizations.nix # ./hyprland_customizations.nix
./sway_customizations.nix ./sway_customizations.nix
./opencode-shim.nix
( (
{ {
config, config,
@ -49,76 +77,64 @@
lib, lib,
... ...
}: }:
{ rec {
programs = { # Home Manager
nix-ld = { home-manager = {
enable = true; useUserPackages = true;
libraries = with pkgs; [ useGlobalPkgs = true;
icu backupFileExtension = "bak";
gmp # add all normal users to home manager so it applies to them
glibc users = lib.mapAttrs (name: user: {
openssl home.stateVersion = "25.05";
stdenv.cc.cc programs.home-manager.enable = true;
]; }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users);
};
};
environment.shellAliases = {
"oc" =
"all_proxy='' http_proxy='' https_proxy='' /home/josh/other/opencode/node_modules/opencode-linux-x64/bin/opencode";
"occ" = "oc -c";
};
environment.systemPackages = with pkgs; [ sharedModules = [
lua common.homeManagerModules.de_sway
qdirstat common.homeManagerModules.tmux
ffmpeg-full common.homeManagerModules.atuin
appimage-run common.homeManagerModules.direnv
nodejs_24 common.homeManagerModules.foot
foot common.homeManagerModules.git
vlc common.homeManagerModules.kitty
upkgs.ladybird common.homeManagerModules.postgres_cli_options
google-chrome common.homeManagerModules.slicer
trilium-desktop common.homeManagerModules.ssh
dig common.homeManagerModules.starship
traceroute common.homeManagerModules.zoxide
# opensnitch-ui common.homeManagerModules.zsh
]; ];
# Also allow this key to work for root user, this will let us use this as a remote builder easier
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
];
# Allow emulation of aarch64-linux binaries for cross compiling
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
home-manager.extraSpecialArgs = { extraSpecialArgs = {
inherit inputs; inherit inputs;
inherit upkgs; inherit upkgs;
}; };
};
ringofstorms_common = { # System configuration
systemName = configuration_name; system.stateVersion = "23.11";
boot.systemd.enable = true; networking.hostName = configuration_name;
secrets.enable = true; programs.nh.flake = "/home/josh/.config/nixos-config/hosts/${config.networking.hostName}";
general = { nixpkgs.config.allowUnfree = true;
reporting.enable = true;
disableRemoteBuildsOnLio = true; # Users
users.users = {
josh = {
isNormalUser = true;
initialPassword = "password1";
extraGroups = [
"wheel"
"networkmanager"
"video"
"input"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
];
}; };
desktopEnvironment.sway = {
enable = true;
waybar.enable = true;
swaync.enable = true;
}; };
programs = {
rustDev.enable = true; services.flatpak.packages = [
uhkAgent.enable = true;
tailnet.enable = true;
tailnet.enableExitNode = true;
ssh.enable = true;
podman.enable = true;
virt-manager.enable = true;
flatpaks = {
enable = true;
packages = [
"org.signal.Signal" "org.signal.Signal"
"dev.vencord.Vesktop" "dev.vencord.Vesktop"
"md.obsidian.Obsidian" "md.obsidian.Obsidian"
@ -128,57 +144,9 @@
"org.blender.Blender" "org.blender.Blender"
"com.rustdesk.RustDesk" "com.rustdesk.RustDesk"
]; ];
};
};
users = {
# Users are all normal users and default password is password1
admins = [ "josh" ]; # First admin is also the primary user owning nix config
users = {
josh = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
];
extraGroups = [
"networkmanager"
"video"
"input"
];
shell = pkgs.zsh;
packages = with pkgs; [
sabnzbd
];
};
};
};
homeManager = {
users = {
josh = {
imports = with common.homeManagerModules; [
tmux
atuin
kitty
foot
direnv
git
nix_deprecations
obs
postgres
slicer
ssh
starship
zoxide
zsh
];
# services.opensnitch-ui.enable = true;
};
};
};
};
} }
) )
]; ];
} }
); );
}; };

20
hosts/lio/opencode-shim.nix Normal file
View file

@ -0,0 +1,20 @@
{ pkgs, ... }:
{
programs = {
nix-ld = {
enable = true;
libraries = with pkgs; [
icu
gmp
glibc
openssl
stdenv.cc.cc
];
};
};
environment.shellAliases = {
"oc" =
"all_proxy='' http_proxy='' https_proxy='' /home/josh/other/opencode/node_modules/opencode-linux-x64/bin/opencode";
"occ" = "oc -c";
};
}

11
hosts/lio/sway_customizations.nix
View file

@ -74,8 +74,15 @@ in
options = { }; options = { };
config = { config = {
environment.systemPackages = [ ]; # ringofstorms_common.desktopEnvironment.sway.extraOptions = swayExtraOptions;
ringofstorms_common.desktopEnvironment.sway.extraOptions = swayExtraOptions; home-manager.sharedModules = [
(
{ ... }:
{
wayland.windowManager.sway.config = swayExtraOptions;
}
)
];
}; };
} }