From 5bf2521f8d4b8d27513cbd196709ef36b57755c7 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 20 Sep 2025 10:45:42 -0500 Subject: [PATCH 001/109] more tmux bindings for pane control --- .../_home_manager/mods/tmux/tmux-reset.conf | 9 + common/flake.lock | 465 +----------------- flake.lock | 12 +- 3 files changed, 26 insertions(+), 460 deletions(-) diff --git a/common/_home_manager/mods/tmux/tmux-reset.conf b/common/_home_manager/mods/tmux/tmux-reset.conf index fd5dd3d..f9cf961 100644 --- a/common/_home_manager/mods/tmux/tmux-reset.conf +++ b/common/_home_manager/mods/tmux/tmux-reset.conf @@ -35,11 +35,20 @@ bind -r right select-pane -R bind x kill-pane bind -r space resize-pane -Z bind S select-layout tiled + bind -r h select-pane -L bind -r j select-pane -D bind -r k select-pane -U bind -r l select-pane -R +bind -r C-h swap-pane -L +bind -r C-j swap-pane -D +bind -r C-k swap-pane -U +bind -r C-l swap-pane -R +bind -n C-Left resize-pane -L 5 +bind -n C-Down resize-pane -D 5 +bind -n C-Up resize-pane -U 5 +bind -n C-Right resize-pane -R 5 # Sessions bind $ command-prompt "rename-session %%" diff --git a/common/flake.lock b/common/flake.lock index 77b5f3c..78e7a15 100644 --- a/common/flake.lock +++ b/common/flake.lock @@ -8,7 +8,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems_2" + "systems": "systems" }, "locked": { "lastModified": 1736955230, @@ -24,39 +24,6 @@ "type": "github" } }, - "aquamarine": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", - "owner": "hyprwm", - "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "aquamarine", - "type": "github" - } - }, "crane": { "locked": { "lastModified": 1741481578, @@ -95,25 +62,9 @@ "type": "github" } }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-utils": { "inputs": { - "systems": "systems_3" + "systems": "systems_2" }, "locked": { "lastModified": 1731533236, @@ -129,38 +80,16 @@ "type": "github" } }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "hyprland", - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1756245065, - "narHash": "sha256-aAZNbGcWrVRZgWgkQbkabSGcDVRDMgON4BipMy69gvI=", + "lastModified": 1758313341, + "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", "owner": "rycee", "repo": "home-manager", - "rev": "54b2879ce622d44415e727905925e21b8f833a98", + "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", "type": "github" }, "original": { @@ -192,265 +121,6 @@ "type": "github" } }, - "hyprcursor": { - "inputs": { - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1753964049, - "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", - "owner": "hyprwm", - "repo": "hyprcursor", - "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprcursor", - "type": "github" - } - }, - "hyprgraphics": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755678602, - "narHash": "sha256-uEC5O/NIUNs1zmc1aH1+G3GRACbODjk2iS0ET5hXtuk=", - "owner": "hyprwm", - "repo": "hyprgraphics", - "rev": "157cc52065a104fc3b8fa542ae648b992421d1c7", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprgraphics", - "type": "github" - } - }, - "hyprland": { - "inputs": { - "aquamarine": "aquamarine", - "hyprcursor": "hyprcursor", - "hyprgraphics": "hyprgraphics", - "hyprland-protocols": "hyprland-protocols", - "hyprland-qtutils": "hyprland-qtutils", - "hyprlang": "hyprlang", - "hyprutils": "hyprutils", - "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs_2", - "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems", - "xdph": "xdph" - }, - "locked": { - "lastModified": 1756498600, - "narHash": "sha256-09FSU9GTVyDlTcXjsjzumfUkIJUwht1DESNh41kufdc=", - "owner": "hyprwm", - "repo": "Hyprland", - "rev": "ea42041f936d5810c5cfa45d6bece12dde2fd9b6", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "Hyprland", - "type": "github" - } - }, - "hyprland-protocols": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1749046714, - "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", - "owner": "hyprwm", - "repo": "hyprland-protocols", - "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-protocols", - "type": "github" - } - }, - "hyprland-qt-support": { - "inputs": { - "hyprlang": [ - "hyprland", - "hyprland-qtutils", - "hyprlang" - ], - "nixpkgs": [ - "hyprland", - "hyprland-qtutils", - "nixpkgs" - ], - "systems": [ - "hyprland", - "hyprland-qtutils", - "systems" - ] - }, - "locked": { - "lastModified": 1749154592, - "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "type": "github" - } - }, - "hyprland-qtutils": { - "inputs": { - "hyprland-qt-support": "hyprland-qt-support", - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprland-qtutils", - "hyprlang", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1753819801, - "narHash": "sha256-tHe6XeNeVeKapkNM3tcjW4RuD+tB2iwwoogWJOtsqTI=", - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "rev": "b308a818b9dcaa7ab8ccab891c1b84ebde2152bc", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "type": "github" - } - }, - "hyprlang": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1753622892, - "narHash": "sha256-0K+A+gmOI8IklSg5It1nyRNv0kCNL51duwnhUO/B8JA=", - "owner": "hyprwm", - "repo": "hyprlang", - "rev": "23f0debd2003f17bd65f851cd3f930cff8a8c809", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprlang", - "type": "github" - } - }, - "hyprutils": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", - "owner": "hyprwm", - "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprutils", - "type": "github" - } - }, - "hyprwayland-scanner": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755184602, - "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "type": "github" - } - }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -483,39 +153,7 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1756542300, - "narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d7600c775f877cd87b4f5a831c28aa94137377aa", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { - "locked": { - "lastModified": 1756266583, - "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -531,35 +169,12 @@ "type": "github" } }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": "flake-compat", - "gitignore": "gitignore", - "nixpkgs": [ - "hyprland", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1755960406, - "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "rust-overlay": "rust-overlay" }, "locked": { @@ -579,9 +194,7 @@ "root": { "inputs": { "home-manager": "home-manager", - "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", - "nixpkgs-unstable": "nixpkgs-unstable", "ragenix": "ragenix" } }, @@ -608,16 +221,16 @@ }, "systems": { "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default-linux", + "repo": "default", "type": "github" } }, @@ -635,62 +248,6 @@ "repo": "default", "type": "github" } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "xdph": { - "inputs": { - "hyprland-protocols": [ - "hyprland", - "hyprland-protocols" - ], - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755354946, - "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "type": "github" - } } }, "root": "root", diff --git a/flake.lock b/flake.lock index 28bbb05..0caa2b5 100644 --- a/flake.lock +++ b/flake.lock @@ -85,11 +85,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1753592768, - "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "lastModified": 1758313341, + "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", "owner": "rycee", "repo": "home-manager", - "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", "type": "github" }, "original": { @@ -155,11 +155,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1753694789, - "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "lastModified": 1758277210, + "narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "rev": "8eaee110344796db060382e15d3af0a9fc396e0e", "type": "github" }, "original": { From 3dfb4d2764357761d1abbc27cdfad58b877caffa Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 20 Sep 2025 11:09:45 -0500 Subject: [PATCH 002/109] add sway window resizing --- common/desktop_environment/sway/home_manager/sway.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/common/desktop_environment/sway/home_manager/sway.nix b/common/desktop_environment/sway/home_manager/sway.nix index 4ceea67..d14f573 100644 --- a/common/desktop_environment/sway/home_manager/sway.nix +++ b/common/desktop_environment/sway/home_manager/sway.nix @@ -163,6 +163,11 @@ in "${modifier}+shift+9" = "move container to workspace number 9"; "${modifier}+shift+0" = "move container to workspace number 10"; + "${modifier}+left" = "resize shrink width 10 px or 10 ppt"; + "${modifier}+down" = "resize shrink height 10 px or 10 ppt"; + "${modifier}+up" = "resize grow height 10 px or 10 ppt"; + "${modifier}+right" = "resize grow width 10 px or 10 ppt"; + # Mouse bindings (Mod + drag) "${modifier}+button1" = "move"; "${modifier}+button3" = "resize"; From a859058d94ea20e69806f051be89915039baa096 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 23 Sep 2025 09:30:20 -0500 Subject: [PATCH 003/109] additional improvements for wayland... I think --- common/desktop_environment/sway/default.nix | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/common/desktop_environment/sway/default.nix b/common/desktop_environment/sway/default.nix index 44c664b..71a46c1 100644 --- a/common/desktop_environment/sway/default.nix +++ b/common/desktop_environment/sway/default.nix @@ -104,11 +104,27 @@ with lib; ]; }; + # Enable PipeWire + WirePlumber so xdg-desktop-portal can do screencast + services.pipewire = { + enable = true; + # Enable WirePlumber session manager via the pipewire module option + wireplumber = { + enable = true; + }; + }; + + # Ensure graphics/OpenGL are enabled so Sway uses GPU-backed rendering hardware.graphics = { enable = true; # Keep defaults; Sway runs fine with mesa in system }; + hardware.opengl = { + enable = true; + # extraPackages can be used to force vendor-specific mesa/drivers if needed + extraPackages = with pkgs; []; + }; + # Environment variables environment.sessionVariables = lib.mkMerge [ { @@ -116,11 +132,14 @@ with lib; XDG_SESSION_TYPE = "wayland"; XDG_CURRENT_DESKTOP = "sway"; XDG_SESSION_DESKTOP = "sway"; - WLR_RENDERER = "auto"; + # prefer EGL renderer (can be changed back to "auto" if needed) + WLR_RENDERER = "egl"; # Tell apps to run native wayland NIXOS_OZONE_WL = "1"; ELECTRON_OZONE_PLATFORM_HINT = "wayland"; + ELECTRON_ENABLE_WAYLAND = "1"; + ELECTRON_DISABLE_SANDBOX = "0"; GDK_BACKEND = "wayland,x11"; # GTK QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 MOZ_ENABLE_WAYLAND = "1"; # Firefox From 69caf326670bd6ced3e65e956f50d79dd1ac7853 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 24 Sep 2025 19:29:06 -0500 Subject: [PATCH 004/109] update oren to latest common --- .../wallpapers/pixel_neon.png | Bin .../wallpapers/pixel_neon_v.png | Bin hosts/lio/sway_customizations.nix | 4 +- hosts/oren/flake.lock | 170 +++++++++--------- hosts/oren/flake.nix | 1 + hosts/oren/sway_customizations.nix | 30 ++++ 6 files changed, 118 insertions(+), 87 deletions(-) rename hosts/{lio => _shared_assets}/wallpapers/pixel_neon.png (100%) rename hosts/{lio => _shared_assets}/wallpapers/pixel_neon_v.png (100%) create mode 100644 hosts/oren/sway_customizations.nix diff --git a/hosts/lio/wallpapers/pixel_neon.png b/hosts/_shared_assets/wallpapers/pixel_neon.png similarity index 100% rename from hosts/lio/wallpapers/pixel_neon.png rename to hosts/_shared_assets/wallpapers/pixel_neon.png diff --git a/hosts/lio/wallpapers/pixel_neon_v.png b/hosts/_shared_assets/wallpapers/pixel_neon_v.png similarity index 100% rename from hosts/lio/wallpapers/pixel_neon_v.png rename to hosts/_shared_assets/wallpapers/pixel_neon_v.png diff --git a/hosts/lio/sway_customizations.nix b/hosts/lio/sway_customizations.nix index f37b83f..007bc3f 100644 --- a/hosts/lio/sway_customizations.nix +++ b/hosts/lio/sway_customizations.nix @@ -57,14 +57,14 @@ let scale = "1"; pos = "0 0"; mode = "3840x2160@97.983Hz"; - bg = "${./wallpapers/pixel_neon.png} fill"; + bg = "${../_shared_assets/wallpapers/pixel_neon.png} fill"; }; "DP-2" = { scale = "1"; transform = "270"; pos = "-1440 -640"; mode = "3440x1440@99.982Hz"; - bg = "${./wallpapers/pixel_neon_v.png} fill"; + bg = "${../_shared_assets/wallpapers/pixel_neon_v.png} fill"; }; }; }; diff --git a/hosts/oren/flake.lock b/hosts/oren/flake.lock index 28c778f..fb53e33 100644 --- a/hosts/oren/flake.lock +++ b/hosts/oren/flake.lock @@ -103,11 +103,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1756245065, - "narHash": "sha256-aAZNbGcWrVRZgWgkQbkabSGcDVRDMgON4BipMy69gvI=", + "lastModified": 1758313341, + "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", "owner": "rycee", "repo": "home-manager", - "rev": "54b2879ce622d44415e727905925e21b8f833a98", + "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", "type": "github" }, "original": { @@ -174,11 +174,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1756787288, - "narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=", + "lastModified": 1758427187, + "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1", + "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46", "type": "github" }, "original": { @@ -206,11 +206,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1756886854, - "narHash": "sha256-6tooT142NLcFjt24Gi4B0G1pgWLvfw7y93sYEfSHlLI=", + "lastModified": 1758589230, + "narHash": "sha256-zMTCFGe8aVGTEr2RqUi/QzC1nOIQ0N1HRsbqB4f646k=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0e6684e6c5755325f801bda1751a8a4038145d7d", + "rev": "d1d883129b193f0b495d75c148c2c3a7d95789a0", "type": "github" }, "original": { @@ -222,11 +222,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1755648324, - "narHash": "sha256-+2TxwJEXWXGC7JBsRGUHtmQ66lRGPcDI2kFKTTU5e2s=", + "lastModified": 1757952092, + "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "226bb7c9df5f953fd7533e199b8d9e5475458a8a", + "rev": "fd76dc9e7c68ac7c3941ba2af2bedcd79c5cf4ed", "type": "github" }, "original": { @@ -254,11 +254,11 @@ "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { "flake": false, "locked": { - "lastModified": 1755636100, - "narHash": "sha256-EeU6AfMISnXUmKdNHXN35srj+fuQiHoWx5uYRKCjsTE=", + "lastModified": 1757950300, + "narHash": "sha256-IQTP3jOmFNc2nphV9jdFbJXkmAN5Wj+/PIGmaZ8gP24=", "owner": "CopilotC-Nvim", "repo": "CopilotChat.nvim", - "rev": "f7bb32dbbe2ff5e26f5033e2142b5920cf427236", + "rev": "87615648ff4dc852d1cf7ec099f0a7c37b1b2c87", "type": "github" }, "original": { @@ -286,11 +286,11 @@ "nvim_plugin-L3MON4D3/LuaSnip": { "flake": false, "locked": { - "lastModified": 1754037237, - "narHash": "sha256-JhTqTGQfIryJ7MElcOGOfb48uaNDnd9RM9Fl1Fs4QV0=", + "lastModified": 1756990415, + "narHash": "sha256-5FsUVPy8pAiwBh3c+bPDMtypFEHj6qIwGQIo3hjqV4M=", "owner": "L3MON4D3", "repo": "LuaSnip", - "rev": "de10d8414235b0a8cabfeba60d07c24304e71f5c", + "rev": "21f74f7ba8c49f95f9d7c8293b147c2901dd2d3a", "type": "github" }, "original": { @@ -302,11 +302,11 @@ "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { "flake": false, "locked": { - "lastModified": 1755631821, - "narHash": "sha256-+/GVSb3uQ5HktPv6HFwdywX85hScsAI1IHqXmwDH9PU=", + "lastModified": 1757910669, + "narHash": "sha256-PWbFcGRbTMRhDJrj+kx73HLduMLOSrAhZTLL2YgrAjQ=", "owner": "MeanderingProgrammer", "repo": "render-markdown.nvim", - "rev": "0087ee1d505d4fc4886d8d3121ae7848b7c0e49b", + "rev": "2c6cf127c577712bd29d38f6391b3045c5f0180a", "type": "github" }, "original": { @@ -350,11 +350,11 @@ "nvim_plugin-Saecki/crates.nvim": { "flake": false, "locked": { - "lastModified": 1754466592, - "narHash": "sha256-b40E121rJrEmlor3fHmh4Y1TXKdfiqsBGBcpbY//eTw=", + "lastModified": 1755956579, + "narHash": "sha256-jfmST/S9ymwgQ99PTCOlJkk5zaxE5HiDV16TmTISDII=", "owner": "Saecki", "repo": "crates.nvim", - "rev": "a49df0f70171adc77704eac70dd2c0d179065933", + "rev": "ac9fa498a9edb96dc3056724ff69d5f40b898453", "type": "github" }, "original": { @@ -382,11 +382,11 @@ "nvim_plugin-b0o/schemastore.nvim": { "flake": false, "locked": { - "lastModified": 1755594039, - "narHash": "sha256-XU+PtvXlgoHFouyyceUIZ4L5AvZThUR2AegmCQAYt1A=", + "lastModified": 1757653237, + "narHash": "sha256-94NKAVWPV2sLkGWWL9G07QxA90Ise6tNWaYyKBcS/vI=", "owner": "b0o", "repo": "schemastore.nvim", - "rev": "e906ac3ed0bd273781759e7635b5b824393c925c", + "rev": "3146720ee3a0c6e2446eedd492fb519d16f2e467", "type": "github" }, "original": { @@ -414,11 +414,11 @@ "nvim_plugin-chrisgrieser/nvim-early-retirement": { "flake": false, "locked": { - "lastModified": 1755590055, - "narHash": "sha256-989Zf6SCy+vakFac4KmElUn8+ErJMtYJ8zlOi999UJI=", + "lastModified": 1757363000, + "narHash": "sha256-hfoJDD4ZKIx1IZjmZba117wRe3ELyGqG8ZqxDnRVmIk=", "owner": "chrisgrieser", "repo": "nvim-early-retirement", - "rev": "ef9fc0267da4204432ab7bf3ab9df359874cfeb6", + "rev": "14aba23ce4168e6d6acbf78ab1d33739c3894f68", "type": "github" }, "original": { @@ -558,11 +558,11 @@ "nvim_plugin-j-hui/fidget.nvim": { "flake": false, "locked": { - "lastModified": 1755048367, - "narHash": "sha256-Hcnbk6go2vYCYqSfXLWQ+KimpU+NPbIkjBTKGMFoNQM=", + "lastModified": 1755700851, + "narHash": "sha256-KRlUqUdcliKpLnEJqyA2OAWto73F6iGTbMrsiAdc24M=", "owner": "j-hui", "repo": "fidget.nvim", - "rev": "2cb5edb2dd6700a958a446b20bb2be04d318da9d", + "rev": "4d5858bd4c471c895060e1b9f3575f1551184dc5", "type": "github" }, "original": { @@ -590,11 +590,11 @@ "nvim_plugin-lewis6991/gitsigns.nvim": { "flake": false, "locked": { - "lastModified": 1755014582, - "narHash": "sha256-zBUrqL+00Y8j4eVNAgI0nYn2i35zhQo2BVl4mL1cgfs=", + "lastModified": 1757668552, + "narHash": "sha256-L5WbNiFUn014hThvGfb5r858O6iLOBhOQHfVUdIlFI4=", "owner": "lewis6991", "repo": "gitsigns.nvim", - "rev": "6e3c66548035e50db7bd8e360a29aec6620c3641", + "rev": "f780609807eca1f783a36a8a31c30a48fbe150c5", "type": "github" }, "original": { @@ -638,11 +638,11 @@ "nvim_plugin-m4xshen/hardtime.nvim": { "flake": false, "locked": { - "lastModified": 1753760289, - "narHash": "sha256-BgJ0gKy/zxU82L7WocXLkXwD97pnCvpGyJVzSHeUtG0=", + "lastModified": 1757738091, + "narHash": "sha256-Jy9ARUHU1ySpSxxoS3hLRjxp5Lqt7juWN5Jnbdo0rg0=", "owner": "m4xshen", "repo": "hardtime.nvim", - "rev": "6d7664d5bdfaea44c5f50b29f5239fab7b00c273", + "rev": "b4e431934af1fe224a3a801f632c008278cb7628", "type": "github" }, "original": { @@ -654,11 +654,11 @@ "nvim_plugin-mbbill/undotree": { "flake": false, "locked": { - "lastModified": 1752437854, - "narHash": "sha256-5WofUOTYE+Nmx3A5OoZBneJBHZ8bdGEYDZ6vTMx1OE0=", + "lastModified": 1756538456, + "narHash": "sha256-tudR+46nd63jY1VTCNEfZ2CofxCODXaHos0+NdFI6wU=", "owner": "mbbill", "repo": "undotree", - "rev": "28f2f54a34baff90ea6f4a735ef1813ad875c743", + "rev": "fe9a9d0645f0f5532360b5e5f5c550d7bb4f1869", "type": "github" }, "original": { @@ -670,11 +670,11 @@ "nvim_plugin-mfussenegger/nvim-lint": { "flake": false, "locked": { - "lastModified": 1753951521, - "narHash": "sha256-GmXScmbXJx74RMgPhkdKtdODZqkOarFHE1XOiSnt5Bo=", + "lastModified": 1757878177, + "narHash": "sha256-8X9z0pRWx9xg9nQhhQtuOu3TunObg2CIgnlPXZtx86A=", "owner": "mfussenegger", "repo": "nvim-lint", - "rev": "7ef127aaede2a4d5ad8df8321e2eb4e567f29594", + "rev": "0864f81c681e15d9bdc1156fe3a17bd07db5a3ed", "type": "github" }, "original": { @@ -686,11 +686,11 @@ "nvim_plugin-mrcjkb/rustaceanvim": { "flake": false, "locked": { - "lastModified": 1755599388, - "narHash": "sha256-4o20Hf+rFD2zejPZr5oe3ZkaynW3xAw/wtbF3sMjNnQ=", + "lastModified": 1757809469, + "narHash": "sha256-bijgDZozBNmHW3cASmOrQlaSE80d8V3XRxi1BNmfzRI=", "owner": "mrcjkb", "repo": "rustaceanvim", - "rev": "eb9beab7d80eb052f78165b28d18f55844b26aef", + "rev": "370b85298e5afdfd8b5d3da0c60c04e3873499a4", "type": "github" }, "original": { @@ -702,11 +702,11 @@ "nvim_plugin-neovim/nvim-lspconfig": { "flake": false, "locked": { - "lastModified": 1755617152, - "narHash": "sha256-PSu5zQi/rzBAnALX8WrYckhqM5lI6hGAhsWWgS7ln7A=", + "lastModified": 1757886255, + "narHash": "sha256-lIlFgHkesAK7fRcoEEQO84/0BpE29dBgNzBnCv/0Tf0=", "owner": "neovim", "repo": "nvim-lspconfig", - "rev": "5f1c9a90c8db9c647da40ce6cf5be9e49ccbf0c7", + "rev": "d9879110d0422a566fa01d732556f4d5515e1738", "type": "github" }, "original": { @@ -718,11 +718,11 @@ "nvim_plugin-nosduco/remote-sshfs.nvim": { "flake": false, "locked": { - "lastModified": 1755623332, - "narHash": "sha256-hnTDzd3eRsDUYYf9WPknYZ126d0XKXO1hjlY7WH4bDI=", + "lastModified": 1755703322, + "narHash": "sha256-xy+50CsRd0LfRyDtNNMI8KhzvjH2nt8ogwiXf7H3fYY=", "owner": "nosduco", "repo": "remote-sshfs.nvim", - "rev": "8ab43934caea0eacc986d112e5680c316b8a7944", + "rev": "8b0974c0e23ef086f5598ebbb1980257171dc370", "type": "github" }, "original": { @@ -846,11 +846,11 @@ "nvim_plugin-nvim-tree/nvim-tree.lua": { "flake": false, "locked": { - "lastModified": 1755174669, - "narHash": "sha256-Cdd7m2ondica5yDgm8THEm8LttJwDWQTNPnKO4vKr2c=", + "lastModified": 1757312802, + "narHash": "sha256-Km+PWXJJLl8zsBjwIGL//qT/eUEZna4yYRPsWXMXG1E=", "owner": "nvim-tree", "repo": "nvim-tree.lua", - "rev": "f0e9951778802526b14c934f7bf746e1e0ae5ed0", + "rev": "e179ad2f83b5955ab0af653069a493a1828c2697", "type": "github" }, "original": { @@ -862,11 +862,11 @@ "nvim_plugin-nvim-tree/nvim-web-devicons": { "flake": false, "locked": { - "lastModified": 1754884337, - "narHash": "sha256-Zftd4xFYdCtof6IusN+E079yY2oMTNhJ/yznvLiiur0=", + "lastModified": 1756936794, + "narHash": "sha256-2Q6ZZQj5HFXTw1YwX3ibdGOTwfbfPUBbcPOsuBUpSjc=", "owner": "nvim-tree", "repo": "nvim-web-devicons", - "rev": "c2599a81ecabaae07c49ff9b45dcd032a8d90f1a", + "rev": "6e51ca170563330e063720449c21f43e27ca0bc1", "type": "github" }, "original": { @@ -878,11 +878,11 @@ "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { "flake": false, "locked": { - "lastModified": 1754488703, - "narHash": "sha256-f4a9Abwb265Rm+hpUXz+rKWXvaFVrmXf1h7d7eh9jJc=", + "lastModified": 1757521884, + "narHash": "sha256-+yj8bstmffVByX3Z/1vkUYdXvpmWGbPt+RDfkBnV11w=", "owner": "nvim-treesitter", "repo": "nvim-treesitter-context", - "rev": "dca8726fea2c14e1ce6adbaa76a04816fbfaff61", + "rev": "41847d3dafb5004464708a3db06b14f12bde548a", "type": "github" }, "original": { @@ -910,11 +910,11 @@ "nvim_plugin-rcarriga/nvim-notify": { "flake": false, "locked": { - "lastModified": 1753086914, - "narHash": "sha256-uQBB3fajHowivArxbtmEJvVU3+QO0VApYpVNMA58UkI=", + "lastModified": 1757190131, + "narHash": "sha256-h7STMjY+CBTqBkIDJXgtJz4WhNeQ02ES2Jesi3jZXeM=", "owner": "rcarriga", "repo": "nvim-notify", - "rev": "397c7c1184745fca649e5104de659e6392ef5a4d", + "rev": "8701bece920b38ea289b457f902e2ad184131a5d", "type": "github" }, "original": { @@ -926,11 +926,11 @@ "nvim_plugin-rmagatti/auto-session": { "flake": false, "locked": { - "lastModified": 1755285297, - "narHash": "sha256-x8oPN7JqcY0scFO0vGREerT3dRiQA+k/qeWsug1sGiU=", + "lastModified": 1757864222, + "narHash": "sha256-FbN36vVLX3DUXwefTbi6511R6KTHqLiNHeAR0kXiarg=", "owner": "rmagatti", "repo": "auto-session", - "rev": "d27a29f5754e3a8b8d89a4069814e53ac583e951", + "rev": "5a269bb5bec50b8b60564aa00f6454d9e82fbe8d", "type": "github" }, "original": { @@ -990,11 +990,11 @@ "nvim_plugin-stevearc/conform.nvim": { "flake": false, "locked": { - "lastModified": 1755640282, - "narHash": "sha256-WYGvppnMsBaVYnMmv9WJRuKuyk4F/rzJ3DRBh+72tRY=", + "lastModified": 1756334700, + "narHash": "sha256-j9TOSx2L19AHABdg9pLtmEUtPOCIUSo0qe2YUPBlZ5g=", "owner": "stevearc", "repo": "conform.nvim", - "rev": "04bfa5f35706410376bf7618a01fcf44e3f35b59", + "rev": "b4aab989db276993ea5dcb78872be494ce546521", "type": "github" }, "original": { @@ -1070,11 +1070,11 @@ "nvim_plugin-windwp/nvim-ts-autotag": { "flake": false, "locked": { - "lastModified": 1739910276, - "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "lastModified": 1757545454, + "narHash": "sha256-nT2W5gKFEfzP7MztLjm7yqwam3ADk0svcMdLg2nmI/4=", "owner": "windwp", "repo": "nvim-ts-autotag", - "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "rev": "c4ca798ab95b316a768d51eaaaee48f64a4a46bc", "type": "github" }, "original": { @@ -1102,11 +1102,11 @@ "nvim_plugin-zbirenbaum/copilot.lua": { "flake": false, "locked": { - "lastModified": 1755448417, - "narHash": "sha256-KV+Wno4aB5uTSBxIZzQKC/0KfjQLM7x8wCDkVSnaPeA=", + "lastModified": 1757884406, + "narHash": "sha256-sXobILIsV4nnk9//PbFT4L1BsHP1xSJiuibVbGwYXJ8=", "owner": "zbirenbaum", "repo": "copilot.lua", - "rev": "3fd7b50810ae4cccf8b38e4c509b1608f141a9e9", + "rev": "8aebaa3a102125fedf08c98773a0a8def92fff37", "type": "github" }, "original": { @@ -1206,11 +1206,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1755648539, - "narHash": "sha256-zElmY3ieHOxJtn5Q3KKXZw3i6/e63jRtHowzOM4jERw=", + "lastModified": 1758041510, + "narHash": "sha256-vcK6ZwAWNfjdDFYKLVrWk+azva58AiDpm8nMfIniFWA=", "ref": "refs/heads/master", - "rev": "1f8444ad78e85c902818ab48479f3f3a1e909031", - "revCount": 300, + "rev": "b3dbdf3f7360747987bf38bcdd9baf01b4906929", + "revCount": 304, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/nvim" }, @@ -1249,11 +1249,11 @@ ] }, "locked": { - "lastModified": 1755571033, - "narHash": "sha256-V8gmZBfMiFGCyGJQx/yO81LFJ4d/I5Jxs2id96rLxrM=", + "lastModified": 1757930296, + "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "95487740bb7ac11553445e9249041a6fa4b5eccf", + "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", "type": "github" }, "original": { diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index d2745e1..5581200 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -31,6 +31,7 @@ ros_neovim.nixosModules.default ./configuration.nix ./hardware-configuration.nix + ./sway_customizations.nix ( { config, pkgs, ... }: { diff --git a/hosts/oren/sway_customizations.nix b/hosts/oren/sway_customizations.nix new file mode 100644 index 0000000..5769532 --- /dev/null +++ b/hosts/oren/sway_customizations.nix @@ -0,0 +1,30 @@ +{ ... }: +let + swayExtraOptions = { + startup = [ + { + command = "exec sh -c 'sleep 0.01; swaymsg workspace number 1'"; + } + ]; + + # Optional output settings + output = { + "eDP-1" = { + scale = "1"; + pos = "0 0"; + mode = "2560x1600@165.000Hz"; + bg = "${../_shared_assets/wallpapers/pixel_neon.png} fill"; + }; + }; + }; + +in +{ + options = { }; + + config = { + environment.systemPackages = [ ]; + + ringofstorms_common.desktopEnvironment.sway.extraOptions = swayExtraOptions; + }; +} From c51ea11b2ee18ae2654416ab72822cfb0cbd5cb7 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 25 Sep 2025 21:32:05 -0500 Subject: [PATCH 005/109] fix foot font size --- common/_home_manager/mods/foot.nix | 2 +- hosts/oren/flake.nix | 1 - hosts/oren/sway_customizations.nix | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/common/_home_manager/mods/foot.nix b/common/_home_manager/mods/foot.nix index cffbb53..706ffec 100644 --- a/common/_home_manager/mods/foot.nix +++ b/common/_home_manager/mods/foot.nix @@ -20,7 +20,7 @@ settings = { main = { # Use the same font and size as your Kitty config - font = "JetBrainsMonoNL Nerd Font:size=${toString config.components.kitty.font_size}"; + font = "JetBrainsMonoNL Nerd Font:size=${toString config.components.foot.font_size}"; # Initial window size in character cells (Kitty used 160c x 55c) "initial-window-size-chars" = "160x55"; diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 5581200..5f9a69c 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -126,7 +126,6 @@ homeManager = { users = { josh = { - components.kitty.font_size = 20.0; imports = with common.homeManagerModules; [ zsh ssh diff --git a/hosts/oren/sway_customizations.nix b/hosts/oren/sway_customizations.nix index 5769532..ad72ca6 100644 --- a/hosts/oren/sway_customizations.nix +++ b/hosts/oren/sway_customizations.nix @@ -10,7 +10,7 @@ let # Optional output settings output = { "eDP-1" = { - scale = "1"; + scale = "1.7"; pos = "0 0"; mode = "2560x1600@165.000Hz"; bg = "${../_shared_assets/wallpapers/pixel_neon.png} fill"; From 4015310d8f400e90c7c4ce95c6679bf04835e64d Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 26 Sep 2025 21:58:10 -0500 Subject: [PATCH 006/109] updates --- hosts/oren/flake.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 5f9a69c..4a204db 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -35,6 +35,14 @@ ( { config, pkgs, ... }: { + networking = { + firewall = { + allowedTCPPorts = [ + 9991 + ]; + }; + }; + programs = { nix-ld = { enable = true; @@ -62,6 +70,7 @@ appimage-run nodejs_24 foot + ttyd ]; services.ollama = { From aee99712f8d1460bca6cc92bf7188339aaab3301 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 28 Sep 2025 23:25:25 -0500 Subject: [PATCH 007/109] hyprland update to latest stuff --- common/desktop_environment/default.nix | 10 +- .../desktop_environment/hyprland/default.nix | 27 +- .../hyprland/home_manager/default.nix | 1 + .../hyprland/home_manager/hyprland.nix | 3 +- .../hyprland/home_manager/hyprpaper.nix | 22 + .../hyprland/home_manager/waybar.nix | 285 +++++------ .../home_manager/waybar/power_menu.xml | 26 + .../hyprland/home_manager/waybar/waybar.css | 102 ++++ .../sway/home_manager/waybar.nix | 1 - common/flake.lock | 442 +++++++++++++++- common/flake.nix | 16 +- hosts/oren/flake.lock | 484 +++++++++++++++++- hosts/oren/flake.nix | 9 +- hosts/oren/hyprland_customizations.nix | 30 ++ 14 files changed, 1269 insertions(+), 189 deletions(-) create mode 100644 common/desktop_environment/hyprland/home_manager/hyprpaper.nix create mode 100644 common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml create mode 100644 common/desktop_environment/hyprland/home_manager/waybar/waybar.css create mode 100644 hosts/oren/hyprland_customizations.nix diff --git a/common/desktop_environment/default.nix b/common/desktop_environment/default.nix index 8c7f2a5..4004ada 100644 --- a/common/desktop_environment/default.nix +++ b/common/desktop_environment/default.nix @@ -6,7 +6,7 @@ in { imports = [ ./gnome - # ./hyprland + ./hyprland ./sway ./cosmic ]; @@ -19,10 +19,10 @@ in name = "gnome"; enabled = cfg.gnome.enable; } - # { - # name = "hyprland"; - # enabled = cfg.hyprland.enable; - # } + { + name = "hyprland"; + enabled = cfg.hyprland.enable; + } { name = "sway"; enabled = cfg.sway.enable; diff --git a/common/desktop_environment/hyprland/default.nix b/common/desktop_environment/hyprland/default.nix index 40d332a..ae74ecf 100644 --- a/common/desktop_environment/hyprland/default.nix +++ b/common/desktop_environment/hyprland/default.nix @@ -31,6 +31,11 @@ with lib; default = { }; description = "Extra options for Hyprland configuration."; }; + hyprpaperSettings = lib.mkOption { + type = lib.types.attrs; + default = { }; + description = "Extra options for hyprpaper configuration."; + }; swaync = { enable = lib.mkEnableOption "Enable Swaync (notification center for Hyprland)"; }; @@ -94,7 +99,7 @@ with lib; programs.hyprland = { enable = true; # xwayland.enable = false; - withUWSM = true; + # withUWSM = true; # set the flake package package = hyprlandPkgs.hyprland; @@ -115,6 +120,15 @@ with lib; ]; }; + # Enable PipeWire + WirePlumber so xdg-desktop-portal can do screencast + services.pipewire = { + enable = true; + # Enable WirePlumber session manager via the pipewire module option + wireplumber = { + enable = true; + }; + }; + hardware.graphics = { enable = true; package = hyprlandPkgs.mesa; @@ -127,18 +141,21 @@ with lib; environment.sessionVariables = { GTK_THEME = "Adwaita:dark"; XDG_SESSION_TYPE = "wayland"; - XDG_CURRENT_DESKTOP = "Hyprland"; - XDG_SESSION_DESKTOP = "Hyprland"; - WLR_RENDERER = "auto"; + XDG_CURRENT_DESKTOP = "sway"; + XDG_SESSION_DESKTOP = "sway"; + # prefer EGL renderer (can be changed back to "auto" if needed) + WLR_RENDERER = "egl"; # Tell apps to run native wayland NIXOS_OZONE_WL = "1"; ELECTRON_OZONE_PLATFORM_HINT = "wayland"; + ELECTRON_ENABLE_WAYLAND = "1"; + ELECTRON_DISABLE_SANDBOX = "0"; GDK_BACKEND = "wayland,x11"; # GTK QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 MOZ_ENABLE_WAYLAND = "1"; # Firefox SDL_VIDEODRIVER = "wayland"; # SDL apps/games - CLUTTER_BACKEND = "wayland"; # You already have this + CLUTTER_BACKEND = "wayland"; }; # Qt theming diff --git a/common/desktop_environment/hyprland/home_manager/default.nix b/common/desktop_environment/hyprland/home_manager/default.nix index 9533253..57dac88 100644 --- a/common/desktop_environment/hyprland/home_manager/default.nix +++ b/common/desktop_environment/hyprland/home_manager/default.nix @@ -3,6 +3,7 @@ imports = [ ./theme.nix ./hyprland.nix + ./hyprpaper.nix # ./quickshell.nix ./waybar.nix ./hyprpolkitagent.nix diff --git a/common/desktop_environment/hyprland/home_manager/hyprland.nix b/common/desktop_environment/hyprland/home_manager/hyprland.nix index dc17934..3d8b6b7 100644 --- a/common/desktop_environment/hyprland/home_manager/hyprland.nix +++ b/common/desktop_environment/hyprland/home_manager/hyprland.nix @@ -26,7 +26,7 @@ in debug.disable_logs = false; debug.disable_time = false; - exec-once = [ "pgrep waybar>/dev/null || waybar" ]; + # exec-once = [ "pgrep waybar>/dev/null || waybar" ]; # Default monitor configuration monitor = "monitor = , preferred, auto, 1"; @@ -95,6 +95,7 @@ in "$mainMod SHIFT, escape, exit" "$mainMod SHIFT, q, exec, swaylock" "$mainMod, f, togglefloating" + "$mainMod SHIFT, F, fullscreen" "$mainMod, g, pseudo" "$mainMod, t, togglesplit" diff --git a/common/desktop_environment/hyprland/home_manager/hyprpaper.nix b/common/desktop_environment/hyprland/home_manager/hyprpaper.nix new file mode 100644 index 0000000..06d6820 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/hyprpaper.nix @@ -0,0 +1,22 @@ +{ + osConfig, + lib, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = { + services.hyprpaper = { + enable = true; + settings = cfg.hyprpaperSettings; + }; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/waybar.nix b/common/desktop_environment/hyprland/home_manager/waybar.nix index 25c5986..66f3349 100644 --- a/common/desktop_environment/hyprland/home_manager/waybar.nix +++ b/common/desktop_environment/hyprland/home_manager/waybar.nix @@ -1,8 +1,4 @@ -{ - lib, - osConfig, - ... -}: +{ lib, osConfig, ... }: let ccfg = import ../../../config.nix; cfg_path = [ @@ -15,6 +11,7 @@ let in { config = lib.mkIf cfg.enable { + programs.waybar = { enable = true; systemd.enable = true; @@ -22,7 +19,7 @@ in mainBar = { layer = "top"; position = "top"; - height = 30; + height = 28; spacing = 6; margin-top = 0; margin-bottom = 0; @@ -32,7 +29,6 @@ in modules-left = [ "hyprland/workspaces" ]; - modules-center = [ "clock" "temperature" @@ -40,16 +36,19 @@ in "memory" "disk" ]; - modules-right = [ + "battery" + "battery#bat2" "pulseaudio" "network" "bluetooth" + "power-profiles-daemon" + "backlight" "custom/notifications" - "hyprland/language" + "tray" + "custom/power" ]; - # Workspaces configuration "hyprland/workspaces" = { format = "{icon}"; format-icons = { @@ -74,7 +73,65 @@ in "19" = "十九"; "20" = "二十"; }; - show-special = false; + disable-scroll = false; + }; + + # CENTER + clock = { + format = "{:%b %d, %H:%M}"; + tooltip-format = "{:%Y %B}\n{calendar}"; + }; + + temperature = { + thermal-zone = 2; + hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + format-critical = "󰔏 {temperatureC}°C"; + format = "󰔏 {temperatureC}°C"; + }; + + cpu = { + format = "󰻠 {usage}%"; + tooltip = true; + on-click = "btop"; + }; + + memory = { + format = "󰍛 {}%"; + on-click = "btop"; + }; + + disk = { + interval = 30; + format = "󰋊 {percentage_used}%"; + path = "/"; + on-click = "btop"; + }; + + # RIGHT + "battery" = { + "states" = { + # "good"= 95; + "warning" = 30; + "critical" = 15; + }; + "format" = "{capacity}% {icon}"; + "format-full" = "{capacity}% {icon}"; + "format-charging" = "{capacity}% "; + "format-plugged" = "{capacity}% "; + "format-alt" = "{time} {icon}"; + # "format-good"= ""; // An empty format will hide the module + # "format-full"= ""; + "format-icons" = [ + "" + "" + "" + "" + "" + ]; + }; + "battery#bat2" = { + "bat" = "BAT2"; }; pulseaudio = { @@ -98,8 +155,57 @@ in ]; }; scroll-step = 5; - on-click = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; - on-click-right = "swaync-client -t -sw"; + on-click = "pavucontrol"; + on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + }; + + network = { + format-wifi = "󰤨 {essid} ({signalStrength}%)"; + format-ethernet = "󰈀 {ipaddr}/{cidr}"; + tooltip-format = "{ifname} via {gwaddr} "; + format-linked = "󰈀 {ifname} (No IP)"; + format-disconnected = "󰖪 Disconnected"; + # on-click = "wofi-wifi-menu"; + # on-click-right = "nmcli radio wifi toggle"; + }; + + bluetooth = { + format = "󰂯 {status}"; + format-connected = "󰂱 {device_alias}"; + format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + # on-click = "wofi-bluetooth-menu"; + # on-click-right = "bluetoothctl power toggle"; + }; + + "power-profiles-daemon" = { + format = "{icon}"; + "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; + tooltip = true; + "format-icons" = { + default = ""; + performance = ""; + balanced = ""; + "power-saver" = ""; + }; + }; + + backlight = { + format = "{percent}% {icon}"; + "format-icons" = [ + "" + "" + "" + "" + "" + "" + "" + "" + "" + ]; }; "custom/notifications" = { @@ -123,145 +229,30 @@ in tooltip = false; }; - # Clock - clock = { - format = "{:%b %d, %H:%M}"; - }; - - temperature = { - thermal-zone = 2; - hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; - critical-threshold = 80; - format-critical = "󰔏 {temperatureC}°C"; - format = "󰔏 {temperatureC}°C"; - }; - - cpu = { - format = "󰻠 {usage}%"; - tooltip = false; - on-click = "btop"; - }; - - memory = { - format = "󰍛 {}%"; - on-click = "btop"; - }; - - disk = { - interval = 30; - format = "󰋊 {percentage_used}%"; - path = "/"; - on-click = "btop"; - }; - - network = { - format-wifi = "󰤨 {essid} ({signalStrength}%)"; - format-ethernet = "󰈀 {ipaddr}/{cidr}"; - tooltip-format = "{ifname} via {gwaddr} "; - format-linked = "󰈀 {ifname} (No IP)"; - format-disconnected = "󰖪 Disconnected"; - on-click = "wofi-wifi-menu"; - on-click-right = "nmcli radio wifi toggle"; - }; - - bluetooth = { - format = "󰂯 {status}"; - format-connected = "󰂱 {device_alias}"; - format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; - tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; - tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; - tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; - tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; - on-click = "wofi-bluetooth-menu"; - on-click-right = "bluetoothctl power toggle"; - }; - - # Keyboard input (language) - "hyprland/language" = { + "sway/language" = { format = "{}"; - format-en = "EN"; - format-ja = "JP"; }; + + "tray" = { + "spacing" = 10; + }; + + "custom/power" = { + format = "⏻ "; + tooltip = false; + menu = "on-click"; + "menu-file" = ./waybar/power_menu.xml; + "menu-actions" = { + shutdown = "shutdown 0"; + reboot = "reboot"; + logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; + }; + }; + }; }; - style = '' - * { - font-family: "JetBrainsMonoNL Nerd Font"; - font-size: 12px; - border: none; - border-radius: 0; - min-height: 0; - } - - window#waybar { - background: transparent; - border-radius: 10px; - margin: 0px; - } - - .modules-left, - .modules-center, - .modules-right { - background: rgba(26, 27, 38, 0.8); - border-radius: 10px; - margin: 4px; - padding: 0 10px; - } - - #workspaces { - padding: 0 5px; - } - - #workspaces button { - padding: 0 8px; - background: transparent; - color: #c0caf5; - border-radius: 5px; - margin: 2px; - } - - #workspaces button:hover { - background: rgba(125, 196, 228, 0.2); - color: #7dcae4; - } - - #workspaces button.active { - background: #7dcae4; - color: #1a1b26; - } - - #pulseaudio, - #custom-notifications, - #clock, - #temperature, - #cpu, - #memory, - #disk, - #network, - #bluetooth, - #language { - padding: 0 8px; - color: #c0caf5; - margin: 2px; - } - - #temperature.critical { - color: #f7768e; - } - - #network.disconnected { - color: #f7768e; - } - - #bluetooth.disabled { - color: #565f89; - } - - #pulseaudio.muted { - color: #565f89; - } - ''; + style = builtins.readFile ./waybar/waybar.css; }; }; } diff --git a/common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml b/common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml new file mode 100644 index 0000000..a061b18 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml @@ -0,0 +1,26 @@ + + + + + + Logout + + + + + + + + Reboot + + + + + + + + Shutdown + + + + diff --git a/common/desktop_environment/hyprland/home_manager/waybar/waybar.css b/common/desktop_environment/hyprland/home_manager/waybar/waybar.css new file mode 100644 index 0000000..6ed5a8c --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/waybar/waybar.css @@ -0,0 +1,102 @@ +* { + /* `otf-font-awesome` is required to be installed for icons */ + font-family: "JetBrainsMonoNL Nerd Font", FontAwesome, Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + border: none; + border-radius: 0; + min-height: 0; + color: #f1f1f1; +} + +window#waybar { + background: transparent; +} + +#workspaces button.focused, +#workspaces button.active { + background-color: rgba(220, 220, 220, 0.2); +} + +#workspaces button.urgent { + background-color: rgba(214, 82, 82, 0.3); +} + +button, +#clock, +#battery, +#cpu, +#memory, +#disk, +#temperature, +#backlight, +#network, +#pulseaudio, +#wireplumber, +#custom-media, +#custom-notifications, +#custom-power, +#tray, +#mode, +#idle_inhibitor, +#scratchpad, +#power-profiles-daemon, +#bluetooth, +#language, +#mpd { + padding: 0 5px; + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.1); + border-radius: 6px; +} + + +button:hover, +#clock:hover, +#battery:hover, +#cpu:hover, +#memory:hover, +#disk:hover, +#temperature:hover, +#backlight:hover, +#network:hover, +#pulseaudio:hover, +#wireplumber:hover, +#custom-media:hover, +#custom-notifications:hover, +#tray:hover, +#mode:hover, +#idle_inhibitor:hover, +#scratchpad:hover, +#power-profiles-daemon:hover, +#bluetooth:hover, +#language:hover, +#mpd:hover { + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.2); + border-radius: 6px; +} + +#power-profiles-daemon { + padding-right: 15px; +} + +#power-profiles-daemon.performance { + color: #fff7d6; +} + +#power-profiles-daemon.balanced { + color: #d6efff; +} + +#power-profiles-daemon.power-saver { + color:#dcffd6; +} + +#tray>.passive { + -gtk-icon-effect: dim; +} + +#tray>.needs-attention { + -gtk-icon-effect: highlight; + background-color: #eb4d4b; +} diff --git a/common/desktop_environment/sway/home_manager/waybar.nix b/common/desktop_environment/sway/home_manager/waybar.nix index addb94c..3fc38be 100644 --- a/common/desktop_environment/sway/home_manager/waybar.nix +++ b/common/desktop_environment/sway/home_manager/waybar.nix @@ -50,7 +50,6 @@ in "custom/power" ]; - # LEFT "sway/workspaces" = { format = "{icon}"; format-icons = { diff --git a/common/flake.lock b/common/flake.lock index 78e7a15..a227765 100644 --- a/common/flake.lock +++ b/common/flake.lock @@ -8,7 +8,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1736955230, @@ -24,6 +24,39 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755946532, + "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "crane": { "locked": { "lastModified": 1741481578, @@ -62,9 +95,25 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -80,6 +129,28 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" @@ -121,6 +192,265 @@ "type": "github" } }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1758192433, + "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1759076381, + "narHash": "sha256-ZWAsJnJvjjLMjH6hl5o4zVOTEuL3tmBzaJcoQYJE+aE=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "c30036bdacbe5e87b49d6de6df652d56681ef457", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1757694755, + "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756810301, + "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756117388, + "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755184602, + "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -154,6 +484,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -169,12 +515,35 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { @@ -194,6 +563,7 @@ "root": { "inputs": { "home-manager": "home-manager", + "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", "ragenix": "ragenix" } @@ -221,16 +591,16 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -248,6 +618,62 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755354946, + "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", diff --git a/common/flake.nix b/common/flake.nix index 3070bb6..5a915e4 100644 --- a/common/flake.nix +++ b/common/flake.nix @@ -6,7 +6,7 @@ nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; # disabled for now - # hyprland.url = "github:hyprwm/Hyprland"; + hyprland.url = "github:hyprwm/Hyprland"; }; outputs = @@ -14,7 +14,7 @@ home-manager, ragenix, nix-flatpak, - # hyprland, + hyprland, ... }: { @@ -31,7 +31,7 @@ home-manager.nixosModules.default ragenix.nixosModules.age nix-flatpak.nixosModules.nix-flatpak - # hyprland.nixosModules.default + hyprland.nixosModules.default ./_home_manager ./options.nix ./general @@ -50,11 +50,11 @@ ]; _module.args = { inherit ragenix; - # inherit hyprland; - # hyprlandPkgs = import hyprland.inputs.nixpkgs { - # system = pkgs.stdenv.hostPlatform.system; - # config = config.nixpkgs.config or { }; - # }; + inherit hyprland; + hyprlandPkgs = import hyprland.inputs.nixpkgs { + system = pkgs.stdenv.hostPlatform.system; + config = config.nixpkgs.config or { }; + }; }; }; }; diff --git a/hosts/oren/flake.lock b/hosts/oren/flake.lock index fb53e33..d657c0d 100644 --- a/hosts/oren/flake.lock +++ b/hosts/oren/flake.lock @@ -9,7 +9,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1736955230, @@ -25,9 +25,47 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755946532, + "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "common": { "inputs": { "home-manager": "home-manager", + "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", "ragenix": "ragenix" }, @@ -80,9 +118,25 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -98,6 +152,29 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" @@ -140,6 +217,287 @@ "type": "github" } }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1758192433, + "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1759076381, + "narHash": "sha256-ZWAsJnJvjjLMjH6hl5o4zVOTEuL3tmBzaJcoQYJE+aE=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "c30036bdacbe5e87b49d6de6df652d56681ef457", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1757694755, + "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756810301, + "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756117388, + "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755184602, + "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -189,6 +547,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -204,7 +578,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1758589230, "narHash": "sha256-zMTCFGe8aVGTEr2RqUi/QzC1nOIQ0N1HRsbqB4f646k=", @@ -220,7 +594,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1757952092, "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", @@ -1115,12 +1489,36 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { @@ -1140,14 +1538,14 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1264,16 +1662,16 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1291,6 +1689,68 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "common", + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755354946, + "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 4a204db..3a82e1d 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -31,10 +31,15 @@ ros_neovim.nixosModules.default ./configuration.nix ./hardware-configuration.nix - ./sway_customizations.nix + # ./sway_customizations.nix + ./hyprland_customizations.nix ( { config, pkgs, ... }: { + services.devmon.enable = true; + services.gvfs.enable = true; + services.udisks2.enable = true; + networking = { firewall = { allowedTCPPorts = [ @@ -87,7 +92,7 @@ reporting.enable = true; }; secrets.enable = true; - desktopEnvironment.sway = { + desktopEnvironment.hyprland = { enable = true; waybar.enable = true; swaync.enable = true; diff --git a/hosts/oren/hyprland_customizations.nix b/hosts/oren/hyprland_customizations.nix new file mode 100644 index 0000000..9c5d114 --- /dev/null +++ b/hosts/oren/hyprland_customizations.nix @@ -0,0 +1,30 @@ +{ lib, pkgs, ... }: +let + hyprlandExtraOptions = { + exec-once = [ + # Wait a moment for monitors/workspaces to settle, then "prime" 6 and return to 1 + "sh -lc 'sleep 0.2; hyprctl dispatch workspace 1'" + ]; + monitor = [ + "eDP-1,2560x1600@165.000Hz,0x0,1.666667,transform,0" + ]; + }; +in +{ + options = { }; + + config = { + ringofstorms_common.desktopEnvironment.hyprland.extraOptions = hyprlandExtraOptions; + ringofstorms_common.desktopEnvironment.hyprland.hyprpaperSettings = { + mode = "fill"; # Wallpaper display mode: fill, fit, stretch, center, tile + + preload = [ + "${../_shared_assets/wallpapers/pixel_neon.png}" + ]; + + wallpaper = [ + "eDP-1,${../_shared_assets/wallpapers/pixel_neon.png}" + ]; + }; + }; +} From 17073d45e0eec8f30e16863231252ae7fefba564 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 28 Sep 2025 23:29:50 -0500 Subject: [PATCH 008/109] update deps --- common/flake.lock | 12 +- common/flake.nix | 2 - flake.lock | 458 +++++++++++++++++++++++++++++++++++++++++-- flake.nix | 1 + hosts/oren/flake.nix | 4 +- 5 files changed, 451 insertions(+), 26 deletions(-) diff --git a/common/flake.lock b/common/flake.lock index a227765..3516b6e 100644 --- a/common/flake.lock +++ b/common/flake.lock @@ -156,11 +156,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1758313341, - "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -266,11 +266,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759076381, - "narHash": "sha256-ZWAsJnJvjjLMjH6hl5o4zVOTEuL3tmBzaJcoQYJE+aE=", + "lastModified": 1759094452, + "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c30036bdacbe5e87b49d6de6df652d56681ef457", + "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", "type": "github" }, "original": { diff --git a/common/flake.nix b/common/flake.nix index 5a915e4..b60ed01 100644 --- a/common/flake.nix +++ b/common/flake.nix @@ -4,8 +4,6 @@ home-manager.url = "github:rycee/home-manager/release-25.05"; ragenix.url = "github:yaxitech/ragenix"; nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; - - # disabled for now hyprland.url = "github:hyprwm/Hyprland"; }; diff --git a/flake.lock b/flake.lock index 0caa2b5..3175bc7 100644 --- a/flake.lock +++ b/flake.lock @@ -8,7 +8,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1736955230, @@ -24,6 +24,39 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755946532, + "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "crane": { "locked": { "lastModified": 1741481578, @@ -62,9 +95,25 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -80,16 +129,38 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1758313341, - "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -121,6 +192,265 @@ "type": "github" } }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1758192433, + "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1759094452, + "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1757694755, + "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756810301, + "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756117388, + "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755184602, + "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -155,11 +485,27 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1758277210, - "narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=", + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8eaee110344796db060382e15d3af0a9fc396e0e", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", "type": "github" }, "original": { @@ -169,7 +515,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -185,12 +531,35 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -210,8 +579,9 @@ "root": { "inputs": { "home-manager": "home-manager", + "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" } }, @@ -238,16 +608,16 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -265,6 +635,62 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755354946, + "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 8dab2ba..e5eadfd 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,7 @@ home-manager.url = "github:rycee/home-manager/release-25.05"; ragenix.url = "github:yaxitech/ragenix"; nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; + hyprland.url = "github:hyprwm/Hyprland"; # ====== }; diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 3a82e1d..2945294 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -4,8 +4,8 @@ nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - common.url = "path:../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; From 8a439b509c9d2bd20687822d6444ee55234280e4 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 28 Sep 2025 23:31:31 -0500 Subject: [PATCH 009/109] update oren --- hosts/oren/flake.lock | 67 ++++++++++++++++++++++++++++--------------- 1 file changed, 44 insertions(+), 23 deletions(-) diff --git a/hosts/oren/flake.lock b/hosts/oren/flake.lock index d657c0d..0e234a7 100644 --- a/hosts/oren/flake.lock +++ b/hosts/oren/flake.lock @@ -67,17 +67,22 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "path": "../../common", - "type": "path" + "lastModified": 1759120190, + "narHash": "sha256-uWm+KzZvcuS82aXof9EGciTOMhIxD5H557lfy+oTCak=", + "ref": "refs/heads/master", + "rev": "17073d45e0eec8f30e16863231252ae7fefba564", + "revCount": 667, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../common", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -180,11 +185,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1758313341, - "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -297,11 +302,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759076381, - "narHash": "sha256-ZWAsJnJvjjLMjH6hl5o4zVOTEuL3tmBzaJcoQYJE+aE=", + "lastModified": 1759094452, + "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c30036bdacbe5e87b49d6de6df652d56681ef457", + "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", "type": "github" }, "original": { @@ -532,11 +537,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1758427187, - "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=", + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", "type": "github" }, "original": { @@ -563,6 +568,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -578,13 +599,13 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { - "lastModified": 1758589230, - "narHash": "sha256-zMTCFGe8aVGTEr2RqUi/QzC1nOIQ0N1HRsbqB4f646k=", + "lastModified": 1758791193, + "narHash": "sha256-F8WmEwFoHsnix7rt290R0rFXNJiMbClMZyIC/e+HYf0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d1d883129b193f0b495d75c148c2c3a7d95789a0", + "rev": "25e53aa156d47bad5082ff7618f5feb1f5e02d01", "type": "github" }, "original": { @@ -594,7 +615,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1757952092, "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", @@ -1518,7 +1539,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -1538,14 +1559,14 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", From 04d63142387b52d51cb2efa9380d4144166a84c2 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 30 Sep 2025 13:27:41 -0500 Subject: [PATCH 010/109] wip updates on h001 --- common/flake.lock | 6 +- flake.lock | 12 +- hosts/h001/flake.lock | 219 +++++++++++++++++-------------------- hosts/h001/flake.nix | 8 +- hosts/h001/mods/nixarr.nix | 2 +- 5 files changed, 113 insertions(+), 134 deletions(-) diff --git a/common/flake.lock b/common/flake.lock index 78e7a15..1b8f723 100644 --- a/common/flake.lock +++ b/common/flake.lock @@ -85,11 +85,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1758313341, - "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { diff --git a/flake.lock b/flake.lock index 0caa2b5..383a409 100644 --- a/flake.lock +++ b/flake.lock @@ -85,11 +85,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1758313341, - "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -155,11 +155,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1758277210, - "narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=", + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8eaee110344796db060382e15d3af0a9fc396e0e", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", "type": "github" }, "original": { diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock index fa96251..4f92c53 100644 --- a/hosts/h001/flake.lock +++ b/hosts/h001/flake.lock @@ -29,22 +29,17 @@ "inputs": { "home-manager": "home-manager", "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_2", "ragenix": "ragenix" }, "locked": { - "lastModified": 1755841247, - "narHash": "sha256-oAMTVNjPhTfN4nyTZcW7J0HvdWirid+OYd45ORX3TyA=", - "ref": "refs/heads/master", - "rev": "a53d0510d1accc5799baecf7da85e6621d4152f5", - "revCount": 615, - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + "path": "../../common", + "type": "path" }, "original": { - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" - } + "path": "../../common", + "type": "path" + }, + "parent": [] }, "crane": { "locked": { @@ -108,11 +103,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1753592768, - "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -163,7 +158,7 @@ }, "nixarr": { "inputs": { - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "vpnconfinement": "vpnconfinement", "website-builder": "website-builder" }, @@ -199,27 +194,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1756902501, - "narHash": "sha256-a89pyAbY2qVZaiFxYdt9+fvXI8pLKgu/g7CqkCUUf94=", - "owner": "wrvsrx", - "repo": "nixpkgs", - "rev": "898a1df732414f7d293a207459c8e47679b33364", - "type": "github" - }, - "original": { - "owner": "wrvsrx", - "ref": "fix-open-webui", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1753694789, - "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", "type": "github" }, "original": { @@ -229,7 +208,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_2": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -245,7 +224,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { "lastModified": 1748662220, "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", @@ -261,13 +240,13 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { - "lastModified": 1755704039, - "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=", + "lastModified": 1758791193, + "narHash": "sha256-F8WmEwFoHsnix7rt290R0rFXNJiMbClMZyIC/e+HYf0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545", + "rev": "25e53aa156d47bad5082ff7618f5feb1f5e02d01", "type": "github" }, "original": { @@ -277,13 +256,13 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { - "lastModified": 1755648324, - "narHash": "sha256-+2TxwJEXWXGC7JBsRGUHtmQ66lRGPcDI2kFKTTU5e2s=", + "lastModified": 1757952092, + "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "226bb7c9df5f953fd7533e199b8d9e5475458a8a", + "rev": "fd76dc9e7c68ac7c3941ba2af2bedcd79c5cf4ed", "type": "github" }, "original": { @@ -311,11 +290,11 @@ "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { "flake": false, "locked": { - "lastModified": 1755636100, - "narHash": "sha256-EeU6AfMISnXUmKdNHXN35srj+fuQiHoWx5uYRKCjsTE=", + "lastModified": 1757950300, + "narHash": "sha256-IQTP3jOmFNc2nphV9jdFbJXkmAN5Wj+/PIGmaZ8gP24=", "owner": "CopilotC-Nvim", "repo": "CopilotChat.nvim", - "rev": "f7bb32dbbe2ff5e26f5033e2142b5920cf427236", + "rev": "87615648ff4dc852d1cf7ec099f0a7c37b1b2c87", "type": "github" }, "original": { @@ -343,11 +322,11 @@ "nvim_plugin-L3MON4D3/LuaSnip": { "flake": false, "locked": { - "lastModified": 1754037237, - "narHash": "sha256-JhTqTGQfIryJ7MElcOGOfb48uaNDnd9RM9Fl1Fs4QV0=", + "lastModified": 1756990415, + "narHash": "sha256-5FsUVPy8pAiwBh3c+bPDMtypFEHj6qIwGQIo3hjqV4M=", "owner": "L3MON4D3", "repo": "LuaSnip", - "rev": "de10d8414235b0a8cabfeba60d07c24304e71f5c", + "rev": "21f74f7ba8c49f95f9d7c8293b147c2901dd2d3a", "type": "github" }, "original": { @@ -359,11 +338,11 @@ "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { "flake": false, "locked": { - "lastModified": 1755631821, - "narHash": "sha256-+/GVSb3uQ5HktPv6HFwdywX85hScsAI1IHqXmwDH9PU=", + "lastModified": 1757910669, + "narHash": "sha256-PWbFcGRbTMRhDJrj+kx73HLduMLOSrAhZTLL2YgrAjQ=", "owner": "MeanderingProgrammer", "repo": "render-markdown.nvim", - "rev": "0087ee1d505d4fc4886d8d3121ae7848b7c0e49b", + "rev": "2c6cf127c577712bd29d38f6391b3045c5f0180a", "type": "github" }, "original": { @@ -407,11 +386,11 @@ "nvim_plugin-Saecki/crates.nvim": { "flake": false, "locked": { - "lastModified": 1754466592, - "narHash": "sha256-b40E121rJrEmlor3fHmh4Y1TXKdfiqsBGBcpbY//eTw=", + "lastModified": 1755956579, + "narHash": "sha256-jfmST/S9ymwgQ99PTCOlJkk5zaxE5HiDV16TmTISDII=", "owner": "Saecki", "repo": "crates.nvim", - "rev": "a49df0f70171adc77704eac70dd2c0d179065933", + "rev": "ac9fa498a9edb96dc3056724ff69d5f40b898453", "type": "github" }, "original": { @@ -439,11 +418,11 @@ "nvim_plugin-b0o/schemastore.nvim": { "flake": false, "locked": { - "lastModified": 1755594039, - "narHash": "sha256-XU+PtvXlgoHFouyyceUIZ4L5AvZThUR2AegmCQAYt1A=", + "lastModified": 1757653237, + "narHash": "sha256-94NKAVWPV2sLkGWWL9G07QxA90Ise6tNWaYyKBcS/vI=", "owner": "b0o", "repo": "schemastore.nvim", - "rev": "e906ac3ed0bd273781759e7635b5b824393c925c", + "rev": "3146720ee3a0c6e2446eedd492fb519d16f2e467", "type": "github" }, "original": { @@ -471,11 +450,11 @@ "nvim_plugin-chrisgrieser/nvim-early-retirement": { "flake": false, "locked": { - "lastModified": 1755590055, - "narHash": "sha256-989Zf6SCy+vakFac4KmElUn8+ErJMtYJ8zlOi999UJI=", + "lastModified": 1757363000, + "narHash": "sha256-hfoJDD4ZKIx1IZjmZba117wRe3ELyGqG8ZqxDnRVmIk=", "owner": "chrisgrieser", "repo": "nvim-early-retirement", - "rev": "ef9fc0267da4204432ab7bf3ab9df359874cfeb6", + "rev": "14aba23ce4168e6d6acbf78ab1d33739c3894f68", "type": "github" }, "original": { @@ -615,11 +594,11 @@ "nvim_plugin-j-hui/fidget.nvim": { "flake": false, "locked": { - "lastModified": 1755048367, - "narHash": "sha256-Hcnbk6go2vYCYqSfXLWQ+KimpU+NPbIkjBTKGMFoNQM=", + "lastModified": 1755700851, + "narHash": "sha256-KRlUqUdcliKpLnEJqyA2OAWto73F6iGTbMrsiAdc24M=", "owner": "j-hui", "repo": "fidget.nvim", - "rev": "2cb5edb2dd6700a958a446b20bb2be04d318da9d", + "rev": "4d5858bd4c471c895060e1b9f3575f1551184dc5", "type": "github" }, "original": { @@ -647,11 +626,11 @@ "nvim_plugin-lewis6991/gitsigns.nvim": { "flake": false, "locked": { - "lastModified": 1755014582, - "narHash": "sha256-zBUrqL+00Y8j4eVNAgI0nYn2i35zhQo2BVl4mL1cgfs=", + "lastModified": 1757668552, + "narHash": "sha256-L5WbNiFUn014hThvGfb5r858O6iLOBhOQHfVUdIlFI4=", "owner": "lewis6991", "repo": "gitsigns.nvim", - "rev": "6e3c66548035e50db7bd8e360a29aec6620c3641", + "rev": "f780609807eca1f783a36a8a31c30a48fbe150c5", "type": "github" }, "original": { @@ -695,11 +674,11 @@ "nvim_plugin-m4xshen/hardtime.nvim": { "flake": false, "locked": { - "lastModified": 1753760289, - "narHash": "sha256-BgJ0gKy/zxU82L7WocXLkXwD97pnCvpGyJVzSHeUtG0=", + "lastModified": 1757738091, + "narHash": "sha256-Jy9ARUHU1ySpSxxoS3hLRjxp5Lqt7juWN5Jnbdo0rg0=", "owner": "m4xshen", "repo": "hardtime.nvim", - "rev": "6d7664d5bdfaea44c5f50b29f5239fab7b00c273", + "rev": "b4e431934af1fe224a3a801f632c008278cb7628", "type": "github" }, "original": { @@ -711,11 +690,11 @@ "nvim_plugin-mbbill/undotree": { "flake": false, "locked": { - "lastModified": 1752437854, - "narHash": "sha256-5WofUOTYE+Nmx3A5OoZBneJBHZ8bdGEYDZ6vTMx1OE0=", + "lastModified": 1756538456, + "narHash": "sha256-tudR+46nd63jY1VTCNEfZ2CofxCODXaHos0+NdFI6wU=", "owner": "mbbill", "repo": "undotree", - "rev": "28f2f54a34baff90ea6f4a735ef1813ad875c743", + "rev": "fe9a9d0645f0f5532360b5e5f5c550d7bb4f1869", "type": "github" }, "original": { @@ -727,11 +706,11 @@ "nvim_plugin-mfussenegger/nvim-lint": { "flake": false, "locked": { - "lastModified": 1753951521, - "narHash": "sha256-GmXScmbXJx74RMgPhkdKtdODZqkOarFHE1XOiSnt5Bo=", + "lastModified": 1757878177, + "narHash": "sha256-8X9z0pRWx9xg9nQhhQtuOu3TunObg2CIgnlPXZtx86A=", "owner": "mfussenegger", "repo": "nvim-lint", - "rev": "7ef127aaede2a4d5ad8df8321e2eb4e567f29594", + "rev": "0864f81c681e15d9bdc1156fe3a17bd07db5a3ed", "type": "github" }, "original": { @@ -743,11 +722,11 @@ "nvim_plugin-mrcjkb/rustaceanvim": { "flake": false, "locked": { - "lastModified": 1755599388, - "narHash": "sha256-4o20Hf+rFD2zejPZr5oe3ZkaynW3xAw/wtbF3sMjNnQ=", + "lastModified": 1757809469, + "narHash": "sha256-bijgDZozBNmHW3cASmOrQlaSE80d8V3XRxi1BNmfzRI=", "owner": "mrcjkb", "repo": "rustaceanvim", - "rev": "eb9beab7d80eb052f78165b28d18f55844b26aef", + "rev": "370b85298e5afdfd8b5d3da0c60c04e3873499a4", "type": "github" }, "original": { @@ -759,11 +738,11 @@ "nvim_plugin-neovim/nvim-lspconfig": { "flake": false, "locked": { - "lastModified": 1755617152, - "narHash": "sha256-PSu5zQi/rzBAnALX8WrYckhqM5lI6hGAhsWWgS7ln7A=", + "lastModified": 1757886255, + "narHash": "sha256-lIlFgHkesAK7fRcoEEQO84/0BpE29dBgNzBnCv/0Tf0=", "owner": "neovim", "repo": "nvim-lspconfig", - "rev": "5f1c9a90c8db9c647da40ce6cf5be9e49ccbf0c7", + "rev": "d9879110d0422a566fa01d732556f4d5515e1738", "type": "github" }, "original": { @@ -775,11 +754,11 @@ "nvim_plugin-nosduco/remote-sshfs.nvim": { "flake": false, "locked": { - "lastModified": 1755623332, - "narHash": "sha256-hnTDzd3eRsDUYYf9WPknYZ126d0XKXO1hjlY7WH4bDI=", + "lastModified": 1755703322, + "narHash": "sha256-xy+50CsRd0LfRyDtNNMI8KhzvjH2nt8ogwiXf7H3fYY=", "owner": "nosduco", "repo": "remote-sshfs.nvim", - "rev": "8ab43934caea0eacc986d112e5680c316b8a7944", + "rev": "8b0974c0e23ef086f5598ebbb1980257171dc370", "type": "github" }, "original": { @@ -903,11 +882,11 @@ "nvim_plugin-nvim-tree/nvim-tree.lua": { "flake": false, "locked": { - "lastModified": 1755174669, - "narHash": "sha256-Cdd7m2ondica5yDgm8THEm8LttJwDWQTNPnKO4vKr2c=", + "lastModified": 1757312802, + "narHash": "sha256-Km+PWXJJLl8zsBjwIGL//qT/eUEZna4yYRPsWXMXG1E=", "owner": "nvim-tree", "repo": "nvim-tree.lua", - "rev": "f0e9951778802526b14c934f7bf746e1e0ae5ed0", + "rev": "e179ad2f83b5955ab0af653069a493a1828c2697", "type": "github" }, "original": { @@ -919,11 +898,11 @@ "nvim_plugin-nvim-tree/nvim-web-devicons": { "flake": false, "locked": { - "lastModified": 1754884337, - "narHash": "sha256-Zftd4xFYdCtof6IusN+E079yY2oMTNhJ/yznvLiiur0=", + "lastModified": 1756936794, + "narHash": "sha256-2Q6ZZQj5HFXTw1YwX3ibdGOTwfbfPUBbcPOsuBUpSjc=", "owner": "nvim-tree", "repo": "nvim-web-devicons", - "rev": "c2599a81ecabaae07c49ff9b45dcd032a8d90f1a", + "rev": "6e51ca170563330e063720449c21f43e27ca0bc1", "type": "github" }, "original": { @@ -935,11 +914,11 @@ "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { "flake": false, "locked": { - "lastModified": 1754488703, - "narHash": "sha256-f4a9Abwb265Rm+hpUXz+rKWXvaFVrmXf1h7d7eh9jJc=", + "lastModified": 1757521884, + "narHash": "sha256-+yj8bstmffVByX3Z/1vkUYdXvpmWGbPt+RDfkBnV11w=", "owner": "nvim-treesitter", "repo": "nvim-treesitter-context", - "rev": "dca8726fea2c14e1ce6adbaa76a04816fbfaff61", + "rev": "41847d3dafb5004464708a3db06b14f12bde548a", "type": "github" }, "original": { @@ -967,11 +946,11 @@ "nvim_plugin-rcarriga/nvim-notify": { "flake": false, "locked": { - "lastModified": 1753086914, - "narHash": "sha256-uQBB3fajHowivArxbtmEJvVU3+QO0VApYpVNMA58UkI=", + "lastModified": 1757190131, + "narHash": "sha256-h7STMjY+CBTqBkIDJXgtJz4WhNeQ02ES2Jesi3jZXeM=", "owner": "rcarriga", "repo": "nvim-notify", - "rev": "397c7c1184745fca649e5104de659e6392ef5a4d", + "rev": "8701bece920b38ea289b457f902e2ad184131a5d", "type": "github" }, "original": { @@ -983,11 +962,11 @@ "nvim_plugin-rmagatti/auto-session": { "flake": false, "locked": { - "lastModified": 1755285297, - "narHash": "sha256-x8oPN7JqcY0scFO0vGREerT3dRiQA+k/qeWsug1sGiU=", + "lastModified": 1757864222, + "narHash": "sha256-FbN36vVLX3DUXwefTbi6511R6KTHqLiNHeAR0kXiarg=", "owner": "rmagatti", "repo": "auto-session", - "rev": "d27a29f5754e3a8b8d89a4069814e53ac583e951", + "rev": "5a269bb5bec50b8b60564aa00f6454d9e82fbe8d", "type": "github" }, "original": { @@ -1047,11 +1026,11 @@ "nvim_plugin-stevearc/conform.nvim": { "flake": false, "locked": { - "lastModified": 1755640282, - "narHash": "sha256-WYGvppnMsBaVYnMmv9WJRuKuyk4F/rzJ3DRBh+72tRY=", + "lastModified": 1756334700, + "narHash": "sha256-j9TOSx2L19AHABdg9pLtmEUtPOCIUSo0qe2YUPBlZ5g=", "owner": "stevearc", "repo": "conform.nvim", - "rev": "04bfa5f35706410376bf7618a01fcf44e3f35b59", + "rev": "b4aab989db276993ea5dcb78872be494ce546521", "type": "github" }, "original": { @@ -1127,11 +1106,11 @@ "nvim_plugin-windwp/nvim-ts-autotag": { "flake": false, "locked": { - "lastModified": 1739910276, - "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "lastModified": 1757545454, + "narHash": "sha256-nT2W5gKFEfzP7MztLjm7yqwam3ADk0svcMdLg2nmI/4=", "owner": "windwp", "repo": "nvim-ts-autotag", - "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "rev": "c4ca798ab95b316a768d51eaaaee48f64a4a46bc", "type": "github" }, "original": { @@ -1159,11 +1138,11 @@ "nvim_plugin-zbirenbaum/copilot.lua": { "flake": false, "locked": { - "lastModified": 1755448417, - "narHash": "sha256-KV+Wno4aB5uTSBxIZzQKC/0KfjQLM7x8wCDkVSnaPeA=", + "lastModified": 1757884406, + "narHash": "sha256-sXobILIsV4nnk9//PbFT4L1BsHP1xSJiuibVbGwYXJ8=", "owner": "zbirenbaum", "repo": "copilot.lua", - "rev": "3fd7b50810ae4cccf8b38e4c509b1608f141a9e9", + "rev": "8aebaa3a102125fedf08c98773a0a8def92fff37", "type": "github" }, "original": { @@ -1177,7 +1156,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "rust-overlay": "rust-overlay" }, "locked": { @@ -1198,14 +1177,14 @@ "inputs": { "common": "common", "nixarr": "nixarr", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1264,11 +1243,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1755648539, - "narHash": "sha256-zElmY3ieHOxJtn5Q3KKXZw3i6/e63jRtHowzOM4jERw=", + "lastModified": 1758041510, + "narHash": "sha256-vcK6ZwAWNfjdDFYKLVrWk+azva58AiDpm8nMfIniFWA=", "ref": "refs/heads/master", - "rev": "1f8444ad78e85c902818ab48479f3f3a1e909031", - "revCount": 300, + "rev": "b3dbdf3f7360747987bf38bcdd9baf01b4906929", + "revCount": 304, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/nvim" }, @@ -1307,11 +1286,11 @@ ] }, "locked": { - "lastModified": 1755571033, - "narHash": "sha256-V8gmZBfMiFGCyGJQx/yO81LFJ4d/I5Jxs2id96rLxrM=", + "lastModified": 1757930296, + "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "95487740bb7ac11553445e9249041a6fa4b5eccf", + "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", "type": "github" }, "original": { diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix index a3b5646..a0e5624 100644 --- a/hosts/h001/flake.nix +++ b/hosts/h001/flake.nix @@ -1,12 +1,12 @@ { inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; - nixpkgs-unstable.url = "github:wrvsrx/nixpkgs/fix-open-webui"; - # nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + # nixpkgs-unstable.url = "github:wrvsrx/nixpkgs/fix-open-webui"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - # common.url = "path:../../common"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + common.url = "path:../../common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; diff --git a/hosts/h001/mods/nixarr.nix b/hosts/h001/mods/nixarr.nix index 2c86273..e561c25 100644 --- a/hosts/h001/mods/nixarr.nix +++ b/hosts/h001/mods/nixarr.nix @@ -17,7 +17,7 @@ jellyfin.enable = true; # jellyfinnnnnn! jellyfin.vpn.enable = true; jellyseerr.enable = true; # request manager for media - jellyseerr.vpn.enable = true; + # jellyseerr.vpn.enable = true; # NOTE makes it not able to communicate to *arr apps sabnzbd.enable = true; # Usenet downloader transmission = { enable = true; # Torrent downloader From e8f3324000c8cb7f2fd1d5d73a6bae064dc49de5 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 30 Sep 2025 13:33:45 -0500 Subject: [PATCH 011/109] yay things work again, dep update for h001 --- hosts/h001/flake.lock | 492 ++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 476 insertions(+), 16 deletions(-) diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock index 4f92c53..6f707b8 100644 --- a/hosts/h001/flake.lock +++ b/hosts/h001/flake.lock @@ -9,7 +9,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1736955230, @@ -25,9 +25,47 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755946532, + "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "common": { "inputs": { "home-manager": "home-manager", + "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", "ragenix": "ragenix" }, @@ -80,9 +118,25 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -98,6 +152,29 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" @@ -140,6 +217,287 @@ "type": "github" } }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1758192433, + "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1759094452, + "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1757694755, + "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756810301, + "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756117388, + "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755184602, + "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -158,7 +516,7 @@ }, "nixarr": { "inputs": { - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "vpnconfinement": "vpnconfinement", "website-builder": "website-builder" }, @@ -194,11 +552,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1758690382, - "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", + "lastModified": 1759036355, + "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e643668fd71b949c53f8626614b21ff71a07379d", + "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", "type": "github" }, "original": { @@ -209,6 +567,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -224,7 +598,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1748662220, "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", @@ -240,13 +614,13 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { - "lastModified": 1758791193, - "narHash": "sha256-F8WmEwFoHsnix7rt290R0rFXNJiMbClMZyIC/e+HYf0=", + "lastModified": 1759143472, + "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "25e53aa156d47bad5082ff7618f5feb1f5e02d01", + "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23", "type": "github" }, "original": { @@ -256,7 +630,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1757952092, "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", @@ -1151,12 +1525,36 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { @@ -1177,14 +1575,14 @@ "inputs": { "common": "common", "nixarr": "nixarr", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1300,6 +1698,21 @@ } }, "systems": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, + "systems_2": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -1314,7 +1727,7 @@ "type": "github" } }, - "systems_2": { + "systems_3": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -1364,6 +1777,53 @@ "repo": "website-builder", "type": "github" } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "common", + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755354946, + "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", From 772ac8b54ece5196bbbf5cd2f3420e301ca02b96 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 30 Sep 2025 16:04:06 -0500 Subject: [PATCH 012/109] tried and failed hyprland on lio again, kvm switch still fails --- .../_home_manager/mods/tmux/tmux-reset.conf | 4 +- .../desktop_environment/hyprland/default.nix | 2 + common/flake.nix | 2 - hosts/lio/flake.lock | 502 +++++++++++++++++- hosts/lio/hyprland_customizations.nix | 13 + 5 files changed, 498 insertions(+), 25 deletions(-) diff --git a/common/_home_manager/mods/tmux/tmux-reset.conf b/common/_home_manager/mods/tmux/tmux-reset.conf index f9cf961..1ab2830 100644 --- a/common/_home_manager/mods/tmux/tmux-reset.conf +++ b/common/_home_manager/mods/tmux/tmux-reset.conf @@ -40,10 +40,10 @@ bind -r h select-pane -L bind -r j select-pane -D bind -r k select-pane -U bind -r l select-pane -R -bind -r C-h swap-pane -L +bind -r C-h swap-pane -t '{left-of}' bind -r C-j swap-pane -D bind -r C-k swap-pane -U -bind -r C-l swap-pane -R +bind -r C-l swap-pane -t '{right-of}' bind -n C-Left resize-pane -L 5 bind -n C-Down resize-pane -D 5 diff --git a/common/desktop_environment/hyprland/default.nix b/common/desktop_environment/hyprland/default.nix index ae74ecf..531471f 100644 --- a/common/desktop_environment/hyprland/default.nix +++ b/common/desktop_environment/hyprland/default.nix @@ -112,10 +112,12 @@ with lib; enable = true; extraPortals = lib.mkForce [ hyprlandPkgs.xdg-desktop-portal-hyprland + # hyprlandPkgs.xdg-desktop-portal-wlr hyprlandPkgs.xdg-desktop-portal-gtk ]; config.common.default = [ "hyprland" + # "wlr" "gtk" ]; }; diff --git a/common/flake.nix b/common/flake.nix index b60ed01..9fcfe30 100644 --- a/common/flake.nix +++ b/common/flake.nix @@ -61,8 +61,6 @@ }; }; homeManagerModules = { - # hyprland = hyprland.homeManagerModules.default; - zsh = import ./_home_manager/mods/zsh.nix; tmux = import ./_home_manager/mods/tmux/tmux.nix; atuin = import ./_home_manager/mods/atuin.nix; diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 547d122..a533c16 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -9,7 +9,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1736955230, @@ -25,9 +25,47 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755946532, + "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "common": { "inputs": { "home-manager": "home-manager", + "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", "ragenix": "ragenix" }, @@ -80,9 +118,25 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -98,16 +152,39 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1756245065, - "narHash": "sha256-aAZNbGcWrVRZgWgkQbkabSGcDVRDMgON4BipMy69gvI=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "54b2879ce622d44415e727905925e21b8f833a98", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -140,6 +217,287 @@ "type": "github" } }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1758192433, + "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1759094452, + "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1757694755, + "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756810301, + "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1756117388, + "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755184602, + "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -174,11 +532,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1755186698, - "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", + "lastModified": 1759036355, + "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", + "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", "type": "github" }, "original": { @@ -189,6 +547,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -204,13 +578,13 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1755471983, - "narHash": "sha256-axUoWcm4cNQ36jOlnkD9D40LTfSQgk8ExfHSRm3rTtg=", + "lastModified": 1759143472, + "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "48f4c982de68d966421d2b6f1ddbeb6227cc5ceb", + "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23", "type": "github" }, "original": { @@ -220,7 +594,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1757952092, "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", @@ -1115,12 +1489,36 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { @@ -1140,14 +1538,14 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1264,16 +1662,16 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1291,6 +1689,68 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "common", + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755354946, + "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", diff --git a/hosts/lio/hyprland_customizations.nix b/hosts/lio/hyprland_customizations.nix index 201b04a..7629e2e 100644 --- a/hosts/lio/hyprland_customizations.nix +++ b/hosts/lio/hyprland_customizations.nix @@ -121,6 +121,19 @@ in ringofstorms_common.desktopEnvironment.hyprland.extraOptions = hyprlandExtraOptions; + ringofstorms_common.desktopEnvironment.hyprland.hyprpaperSettings = { + mode = "fill"; # Wallpaper display mode: fill, fit, stretch, center, tile + + preload = [ + "${../_shared_assets/wallpapers/pixel_neon.png}" + ]; + + wallpaper = [ + "${mainMonitor},${../_shared_assets/wallpapers/pixel_neon.png}" + "${secondaryMonitor},${../_shared_assets/wallpapers/pixel_neon_v.png}" + ]; + }; + # User-level systemd service that follows your Hyprland session and watches for monitor changes # systemd.user.services.hyprland-move-workspaces = { # description = "Keep workspaces 1–6 on main and 7–10 on secondary; react to monitor changes"; From 24b716ec9d68866f4c0171ab5b9571e9e014dde1 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 30 Sep 2025 19:02:23 -0500 Subject: [PATCH 013/109] remove LAG port, modem directly to router on NIC 1 and all other routing on NIC 2 to switch. --- hosts/h003/mods/networking.nix | 59 ++++++++++++++-------------------- 1 file changed, 24 insertions(+), 35 deletions(-) diff --git a/hosts/h003/mods/networking.nix b/hosts/h003/mods/networking.nix index e07611e..6fa5e56 100644 --- a/hosts/h003/mods/networking.nix +++ b/hosts/h003/mods/networking.nix @@ -6,36 +6,18 @@ { networking = { # My Switch seems to not let me change management vlan so this is assume native default here for proper routing - # Configure bonding (LAG) - bonds = { - bond0 = { - interfaces = [ - "enp1s0" - "enp2s0" - ]; - driverOptions = { - # My shitty switch doesn't support this - # mode = "802.3ad"; # LACP - # lacp_rate = "fast"; - mode = "balance-xor"; - miimon = "100"; - }; - }; - }; - # Configure VLANs on the bonded interface + # Configure VLANs on the trunk interface (enp2s0) vlans = { vlan10 = { + # management id = 10; - interface = "bond0"; + interface = "enp2s0"; }; vlan20 = { + # normal devices id = 20; - interface = "bond0"; - }; - vlan30 = { - id = 30; - interface = "bond0"; + interface = "enp2s0"; }; }; @@ -44,8 +26,8 @@ # Interface configuration interfaces = { - # WAN interface (VLAN 10 - to modem) - vlan10 = { + # WAN interface (physical enp1s0 - to modem) + enp1s0 = { useDHCP = true; # Get IP from modem/ISP tempAddress = lib.mkIf config.networking.enableIPv6 "disabled"; # For IPv6 privacy }; @@ -64,8 +46,8 @@ } ]; }; - # Management VLAN 1 - vlan30 = { + # Management VLAN 10 + vlan10 = { ipv4.addresses = [ { address = "10.12.16.1"; # Management network @@ -84,10 +66,10 @@ # NAT configuration nat = { enable = true; - externalInterface = "vlan10"; # WAN + externalInterface = "enp1s0"; # WAN (physical) internalInterfaces = [ + "vlan10" "vlan20" - "vlan30" ]; # LAN/Management enableIPv6 = lib.mkIf config.networking.enableIPv6 true; # Enable IPv6 NAT }; @@ -108,10 +90,11 @@ # --- Inter-VLAN Security --- # Block any NEW connection attempts between LAN and Management - iifname "vlan20" oifname "vlan30" drop - iifname "vlan30" oifname "vlan20" drop + iifname "vlan20" oifname "vlan10" drop + iifname "vlan10" oifname "vlan20" drop # Explicitly allow LAN and Management to go to the WAN + oifname "enp1s0" accept oifname "vlan10" accept # Drop any other forwarding attempts between internal networks @@ -120,6 +103,12 @@ interfaces = { # WAN interface - allow nothing inbound by default + enp1s0 = { + # Block all WAN + allowedTCPPorts = [ ]; + allowedUDPPorts = [ ]; + }; + vlan10 = { # Block all WAN allowedTCPPorts = [ ]; @@ -141,8 +130,8 @@ ]; }; - # Management interface (VLAN 1) - LIMITED SERVICE - vlan30 = { + # NOTE check this... + vlan10 = { allowedTCPPorts = [ 22 # SSH (for remote admin access) 53 # DNS @@ -176,7 +165,7 @@ # Listen only on LAN interface interface = [ "vlan20" - "vlan30" + "vlan10" ]; bind-interfaces = true; @@ -218,7 +207,7 @@ # interface, min interval, max interval ra-param = lib.mkIf config.networking.enableIPv6 [ "vlan20,60,120" - "vlan30,60,120" + "vlan10,60,120" ]; # DNS settings (not needed since we use adguard for dns) From a048e58d5f9cad7445222d976be2926e11c40e2b Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 2 Oct 2025 17:04:51 -0500 Subject: [PATCH 014/109] add trilium --- hosts/h001/mods/default.nix | 1 + hosts/h001/mods/trilium.nix | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 hosts/h001/mods/trilium.nix diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix index 5408430..309625e 100644 --- a/hosts/h001/mods/default.nix +++ b/hosts/h001/mods/default.nix @@ -7,5 +7,6 @@ ./monitoring.nix ./pinchflat.nix ./openwebui.nix + ./trilium.nix ]; } diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix new file mode 100644 index 0000000..10e4154 --- /dev/null +++ b/hosts/h001/mods/trilium.nix @@ -0,0 +1,35 @@ +{ lib, pkgs, config, ... }: +{ + config = { + services.trilium-server = { + enable = true; + port = 9111; + host = "127.0.0.1"; + dataDir = "/var/lib/trilium"; + # noAuthentication = true; # keep authentication for now + }; + + # systemd.tmpfiles.rules = [ + # "d /var/lib/trilium 0755 trilium trilium -" + # ]; + + services.nginx = { + virtualHosts = { + "trilium" = { + serverName = "h001.net.joshuabell.xyz"; + listen = [ + { + port = 9111; + addr = "0.0.0.0"; + } + ]; + locations."/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:9111"; + }; + }; + }; + }; + }; +} From 8abe444031a36a1818be155dd24aeb4afa0e25aa Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 2 Oct 2025 17:08:37 -0500 Subject: [PATCH 015/109] updates --- hosts/h001/mods/trilium.nix | 38 ++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 10e4154..5e9703f 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -4,7 +4,7 @@ services.trilium-server = { enable = true; port = 9111; - host = "127.0.0.1"; + host = "0.0.0.0"; dataDir = "/var/lib/trilium"; # noAuthentication = true; # keep authentication for now }; @@ -13,23 +13,23 @@ # "d /var/lib/trilium 0755 trilium trilium -" # ]; - services.nginx = { - virtualHosts = { - "trilium" = { - serverName = "h001.net.joshuabell.xyz"; - listen = [ - { - port = 9111; - addr = "0.0.0.0"; - } - ]; - locations."/" = { - proxyWebsockets = true; - recommendedProxySettings = true; - proxyPass = "http://127.0.0.1:9111"; - }; - }; - }; - }; + # services.nginx = { + # virtualHosts = { + # "trilium" = { + # serverName = "h001.net.joshuabell.xyz"; + # listen = [ + # { + # port = 9111; + # addr = "0.0.0.0"; + # } + # ]; + # locations."/" = { + # proxyWebsockets = true; + # recommendedProxySettings = true; + # proxyPass = "http://127.0.0.1:9111"; + # }; + # }; + # }; + # }; }; } From c3779adac3ebc4a11dec4cab6198165b5fac663e Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 10:48:21 -0500 Subject: [PATCH 016/109] updates --- hosts/h001/mods/trilium.nix | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 5e9703f..4292165 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -1,17 +1,20 @@ -{ lib, pkgs, config, ... }: +{ + ... +}: { config = { services.trilium-server = { enable = true; port = 9111; - host = "0.0.0.0"; + host = "127.0.0.1"; dataDir = "/var/lib/trilium"; - # noAuthentication = true; # keep authentication for now + noAuthentication = true; + instanceName = "joshuabell"; }; - # systemd.tmpfiles.rules = [ - # "d /var/lib/trilium 0755 trilium trilium -" - # ]; + systemd.services.trilium-server.environment = { + TRILIUM_NO_UPLOAD_LIMIT = true; + }; # services.nginx = { # virtualHosts = { From d4ebe5826466516ae3351a3490b22a86ac535035 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 11:13:10 -0500 Subject: [PATCH 017/109] add trilium desktop --- hosts/lio/flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 4916043..0aed330 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -78,6 +78,7 @@ vlc upkgs.ladybird google-chrome + trilium-desktop ]; # Also allow this key to work for root user, this will let us use this as a remote builder easier users.users.root.openssh.authorizedKeys.keys = [ From e122f8d410f293c8e66854b1c6add6ace91458a6 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 15:24:25 -0500 Subject: [PATCH 018/109] many new stuff for zitadel --- .../oauth2_proxy_zitadel_client_secret.age | 15 + common/secrets/secrets/secrets.nix | 3 + hosts/h001/mods/default.nix | 1 + hosts/h001/mods/oauth2-proxy.nix | 34 ++ hosts/h001/mods/openwebui.nix | 38 +- hosts/oracle/o001/flake.lock | 525 +++++++++++++++++- hosts/oracle/o001/flake.nix | 4 +- hosts/oracle/o001/nginx.nix | 10 + 8 files changed, 600 insertions(+), 30 deletions(-) create mode 100644 common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age create mode 100644 hosts/h001/mods/oauth2-proxy.nix diff --git a/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age b/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age new file mode 100644 index 0000000..2327447 --- /dev/null +++ b/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB3RkMx +ZStZdnpMT3M2aVloTHNlRnVjcE94UGYxUkpMZWNEMWIwZjEwcWtRClNLekxXa0lw +RHBVandkY2h4akRKMDVNZzdvR2pGVEVrQUo5Q3Y0amZINVUKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIDVKa3VXVXZsK2toL1dUTkNNWnJxcXVFTjlOdXVkUnFjc0JtSEVm +TURPaGMKekV0a1g4R0FEZ0p5RzVhaVR5dkhCRHdOV0JrNE1Ec1p5aU9saGxJcmg1 +MAotPiBzc2gtZWQyNTUxOSA5di8ySEEgeW1SbEpvUTlTcitrUFEwZzhzWjVVT3pT +R3I4eEdJQ1FNYmxUeFQxcXZFbwp1Z0dWOVRDTm5GTk5HZkk1d2hmK1Vzczdyd2la +TkhKdkpFQ0pELzBvQkNnCi0+IEs9WyYtZ3JlYXNlIFRlbQpDWXVCL0p0YzJSRy92 +SFZDcncKLS0tIFNhSEJoREhkNXIxS3FWL0htM0lnV2R1Um8vZ1RvY1U5UFNiZnJp +TWpHeDQKc2D0yWrCV1Q4Bbx7GSCCGKIBj+pXjBaRu9vLP/L+wPdxwsQ1LBTsqHnh +Q9xPd8/T7cDBNO0dC4azdEpTWu1fe15THhkyBR4qkKLBohO7jUrzAg98tx6HkgHS +N888dGejARmrpyDfy3zekeWsSEjv31XpI6MI36ysgpE4aze6EDkKKPlSxC8i8eNI +rGQy5+lNW3pnk3e+yVZWUTpwt/4wjuhkMAHWiw== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/secrets.nix b/common/secrets/secrets/secrets.nix index b402367..502d58c 100644 --- a/common/secrets/secrets/secrets.nix +++ b/common/secrets/secrets/secrets.nix @@ -126,6 +126,9 @@ in "zitadel_master_key.age" = { publicKeys = authorityKey ++ h001; }; + "oauth2_proxy_zitadel_client_secret.age" = { + publicKeys = authorityKey ++ h001; + }; "openwebui_env.age" = { publicKeys = authorityKey ++ h001; }; diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix index 309625e..2332292 100644 --- a/hosts/h001/mods/default.nix +++ b/hosts/h001/mods/default.nix @@ -8,5 +8,6 @@ ./pinchflat.nix ./openwebui.nix ./trilium.nix + ./oauth2-proxy.nix ]; } diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix new file mode 100644 index 0000000..f26f50a --- /dev/null +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -0,0 +1,34 @@ +{ config, ... }: +{ + services.oauth2-proxy = { + enable = true; + httpAddress = "http://127.0.0.1:4180"; + # package = pkgsUnstable.oauth2-proxy; + provider = "oidc"; + reverseProxy = true; + redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback"; + validateURL = "https://sso.joshuabell.xyz/oauth2/"; + oidcIssuerUrl = "https://sso.joshuabell.xyz:443"; + keyFile = config.age.secrets.oauth2_proxy_zitadel_client_secret.path; + # nginx.domain = "sso-proxy.joshuabell.xyz"; + # email.domains = [ ]; + # extraConfig = { + # whitelist-domain = ".joshuabell.xyz"; + # cookie-domain = ".joshuabell.xyz"; + # }; + }; + + services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:4180"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; + }; + }; + }; + +} diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix index 68a03a4..2d11428 100644 --- a/hosts/h001/mods/openwebui.nix +++ b/hosts/h001/mods/openwebui.nix @@ -17,7 +17,6 @@ options = { }; config = { - services.nginx.virtualHosts."chat.joshuabell.xyz" = { locations = { "/" = { @@ -89,7 +88,7 @@ model_name = "GPT-5"; litellm_params = { model = "azure/gpt-5-2025-08-07"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -98,7 +97,25 @@ model_name = "GPT-5-mini"; litellm_params = { model = "azure/gpt-5-mini-2025-08-07"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-5-nano"; + litellm_params = { + model = "azure/gpt-5-nano-2025-08-07"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-5-codex"; + litellm_params = { + model = "azure/gpt-5-codex-2025-09-15"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -107,7 +124,7 @@ model_name = "GPT-4.1"; litellm_params = { model = "azure/gpt-4.1-2025-04-14"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -116,7 +133,7 @@ model_name = "GPT-4.1-mini"; litellm_params = { model = "azure/gpt-4.1-mini-2025-04-14"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; @@ -125,7 +142,16 @@ model_name = "GPT-4o"; litellm_params = { model = "azure/gpt-4o-2024-05-13"; - api_base = "http://100.64.0.8:9001"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "dall-e-3-3.0"; + litellm_params = { + model = "azure/dall-e-3-3.0"; + api_base = "http://100.64.0.8:9010/azure"; api_version = "2025-04-01-preview"; api_key = "na"; }; diff --git a/hosts/oracle/o001/flake.lock b/hosts/oracle/o001/flake.lock index a4afc77..29986eb 100644 --- a/hosts/oracle/o001/flake.lock +++ b/hosts/oracle/o001/flake.lock @@ -9,7 +9,7 @@ "ragenix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1736955230, @@ -25,21 +25,64 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "common": { "inputs": { "home-manager": "home-manager", + "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "path": "../../../common", - "type": "path" + "lastModified": 1759276943, + "narHash": "sha256-/l8jI6XRejmD01IBA/yI9Kb4bgbqunJUW9EKtLLJMtw=", + "ref": "refs/heads/master", + "rev": "24b716ec9d68866f4c0171ab5b9571e9e014dde1", + "revCount": 673, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../../common", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -82,8 +125,8 @@ }, "deploy-rs": { "inputs": { - "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_3", + "flake-compat": "flake-compat_2", + "nixpkgs": "nixpkgs_5", "utils": "utils" }, "locked": { @@ -101,6 +144,22 @@ } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1733328505, @@ -118,7 +177,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -134,6 +193,29 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": "nixpkgs" @@ -176,6 +258,287 @@ "type": "github" } }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1759521131, + "narHash": "sha256-24RveTqV09t0RvTDUHBcrgrQ3D3734DG7XzvNohCV3M=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "b7ef892ecf9c07e742239102056da950ebb42eee", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "common", + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1759490926, + "narHash": "sha256-7IbZGJ5qAAfZsGhBHIsP8MBsfuFYS0hsxYHVkkeDG5Q=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "94cce794344538c4d865e38682684ec2bbdb2ef3", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755184602, + "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -209,6 +572,38 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -224,7 +619,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_5": { "locked": { "lastModified": 1743014863, "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", @@ -240,7 +635,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_6": { "locked": { "lastModified": 1750622754, "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", @@ -256,7 +651,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_7": { "locked": { "lastModified": 1750188666, "narHash": "sha256-yAfLvtbCzSigTfbsJeOrvljS7VYLAwi2RZ6F+qd+A5E=", @@ -1167,12 +1562,36 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -1193,13 +1612,13 @@ "inputs": { "common": "common", "deploy-rs": "deploy-rs", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_6", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_7", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1317,16 +1736,16 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1360,9 +1779,24 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1731533236, @@ -1377,6 +1811,53 @@ "repo": "flake-utils", "type": "github" } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "common", + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "common", + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "common", + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "common", + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "common", + "hyprland", + "nixpkgs" + ], + "systems": [ + "common", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1755354946, + "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", diff --git a/hosts/oracle/o001/flake.nix b/hosts/oracle/o001/flake.nix index 80c48ff..07f132a 100644 --- a/hosts/oracle/o001/flake.nix +++ b/hosts/oracle/o001/flake.nix @@ -3,8 +3,8 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; deploy-rs.url = "github:serokell/deploy-rs"; - common.url = "path:../../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index 3866fb5..5548495 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -172,6 +172,16 @@ ''; }; }; + "sso-proxy.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://100.64.0.13"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; + }; + }; # "obsidiansync.joshuabell.xyz" = { # enableACME = true; # forceSSL = true; From 189559a1b7f8801dd1d2b79bde3ffab0a93b6be3 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 15:35:45 -0500 Subject: [PATCH 019/109] attempt trillium with oauth proxy --- hosts/h001/mods/oauth2-proxy.nix | 2 +- hosts/h001/mods/trilium.nix | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index f26f50a..3e6fc29 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -10,7 +10,7 @@ validateURL = "https://sso.joshuabell.xyz/oauth2/"; oidcIssuerUrl = "https://sso.joshuabell.xyz:443"; keyFile = config.age.secrets.oauth2_proxy_zitadel_client_secret.path; - # nginx.domain = "sso-proxy.joshuabell.xyz"; + nginx.domain = "sso-proxy.joshuabell.xyz"; # email.domains = [ ]; # extraConfig = { # whitelist-domain = ".joshuabell.xyz"; diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 4292165..e756d6f 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -13,7 +13,18 @@ }; systemd.services.trilium-server.environment = { - TRILIUM_NO_UPLOAD_LIMIT = true; + TRILIUM_NO_UPLOAD_LIMIT = "true"; + }; + + services.oauth2-proxy.nginx.virtualHosts."notes.joshuabell.xyz".allowed_groups = [ "notes" ]; + services.nginx.virtualHosts."notes.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:9111"; + }; + }; }; # services.nginx = { From 6c5b08444a5d1479eaa2d17daad0140acd9fdda9 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 15:35:52 -0500 Subject: [PATCH 020/109] add proxies --- hosts/oracle/o001/nginx.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index 5548495..5c74ace 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -162,6 +162,14 @@ proxyPass = "http://100.64.0.13"; }; }; + "notes.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://100.64.0.13"; + }; + }; "sso.joshuabell.xyz" = { enableACME = true; forceSSL = true; From d9d1ba507621e5052f22174e6697558ecdb38a91 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 16:53:12 -0500 Subject: [PATCH 021/109] fix hyprland --- .../desktop_environment/hyprland/default.nix | 4 ++-- hosts/oren/flake.lock | 20 +++++++++---------- hosts/oren/flake.nix | 1 + 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/common/desktop_environment/hyprland/default.nix b/common/desktop_environment/hyprland/default.nix index 531471f..8b96a31 100644 --- a/common/desktop_environment/hyprland/default.nix +++ b/common/desktop_environment/hyprland/default.nix @@ -143,8 +143,8 @@ with lib; environment.sessionVariables = { GTK_THEME = "Adwaita:dark"; XDG_SESSION_TYPE = "wayland"; - XDG_CURRENT_DESKTOP = "sway"; - XDG_SESSION_DESKTOP = "sway"; + # XDG_CURRENT_DESKTOP = "sway"; + # XDG_SESSION_DESKTOP = "sway"; # prefer EGL renderer (can be changed back to "auto" if needed) WLR_RENDERER = "egl"; diff --git a/hosts/oren/flake.lock b/hosts/oren/flake.lock index 0e234a7..9a578a9 100644 --- a/hosts/oren/flake.lock +++ b/hosts/oren/flake.lock @@ -71,11 +71,11 @@ "ragenix": "ragenix" }, "locked": { - "lastModified": 1759120190, - "narHash": "sha256-uWm+KzZvcuS82aXof9EGciTOMhIxD5H557lfy+oTCak=", + "lastModified": 1759523753, + "narHash": "sha256-5AsVQRTlf7Gv6LeRWCUbbwbmbXxyNC4am8CoA6Is71c=", "ref": "refs/heads/master", - "rev": "17073d45e0eec8f30e16863231252ae7fefba564", - "revCount": 667, + "rev": "82178521d17a743dbf46350406da64b691446c71", + "revCount": 681, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, @@ -537,11 +537,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1758690382, - "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e643668fd71b949c53f8626614b21ff71a07379d", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -601,11 +601,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1758791193, - "narHash": "sha256-F8WmEwFoHsnix7rt290R0rFXNJiMbClMZyIC/e+HYf0=", + "lastModified": 1759281824, + "narHash": "sha256-FIBE1qXv9TKvSNwst6FumyHwCRH3BlWDpfsnqRDCll0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "25e53aa156d47bad5082ff7618f5feb1f5e02d01", + "rev": "5b5be50345d4113d04ba58c444348849f5585b4a", "type": "github" }, "original": { diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 2945294..488711e 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -14,6 +14,7 @@ { nixpkgs, nixpkgs-unstable, + common, ros_neovim, ... From 02363bb01e0449bbcbd2cb91a4790ee8133e893f Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 18:04:43 -0500 Subject: [PATCH 022/109] not sure yet --- .../secrets/oauth2_proxy_cookie_secret.age | 15 +++++++++++++++ common/secrets/secrets/secrets.nix | 3 +++ hosts/h001/mods/oauth2-proxy.nix | 2 +- 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 common/secrets/secrets/oauth2_proxy_cookie_secret.age diff --git a/common/secrets/secrets/oauth2_proxy_cookie_secret.age b/common/secrets/secrets/oauth2_proxy_cookie_secret.age new file mode 100644 index 0000000..e510df6 --- /dev/null +++ b/common/secrets/secrets/oauth2_proxy_cookie_secret.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBDdER5 +WmpUMmlPLzVpaXYvcllYN04yayt4SmNRZjVpSzE0N3ZUeHFHTEJvClNQYjB4Y1hh +UVNpUjdrSkpoZU9za3M4bkNpNVVBTzN3WktJQ0dEV1JiNUEKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIEwvNGJTaDdSTTlnSjZ3Y0tjdFJkNmFpQVZUL0ZVUkczOE9sNnhz +YmJjbnMKWjdCRHhiQ2NZMENlQlBhV1NTL1hnay90OU95WDZaVUg0RlRZUFRucE94 +awotPiBzc2gtZWQyNTUxOSA5di8ySEEgOGJ3TlUyTm54dS9MNjNVakJaTWFweEtK +SkUvQXdpZmU3dHFzSDBqNHZrbwpmK2VIaDRmY3lFNVJUY0NiMTNIK2k4UUk0eFVH +a3JTZHFTZ0g0U0NISzVzCi0+IENtfC1ncmVhc2UgWFMgM1clUiUgMAo1TlJLUFND +WkVtKzJQMDJqQS90Nk1rMHZBS2FiTHVxQy9CWFZ3R1gzMEMvZUZRckFJZE56enBP +WGlGOS92bTNLCjVuM2dmdHd2WU1weWtQWEgvemhNSCtocmw2MTVoeG1ORUZQcU1F +czZ4QkhHcWlNUE9qL0d5dkUKLS0tIGVPNU81WkNRVXFkSmFWc3dDWnVnZHA0MUV4 +U1FBQzRIM1NyVHFzend0SEkK0A/M77A5p2fcxe6rAm7RUCkXfrQU9ZRI3/psue2z +6Cd1B5LW8gsCKgsKKBFD7O0mPQXF5Rs8s2ShqtjKBlVva6NqRy5S7VKbY2Gv8lc= +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/secrets.nix b/common/secrets/secrets/secrets.nix index 502d58c..58f6c6f 100644 --- a/common/secrets/secrets/secrets.nix +++ b/common/secrets/secrets/secrets.nix @@ -129,6 +129,9 @@ in "oauth2_proxy_zitadel_client_secret.age" = { publicKeys = authorityKey ++ h001; }; + "oauth2_proxy_cookie_secret.age" = { + publicKeys = authorityKey ++ h001; + }; "openwebui_env.age" = { publicKeys = authorityKey ++ h001; }; diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index 3e6fc29..9a5001c 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -11,7 +11,7 @@ oidcIssuerUrl = "https://sso.joshuabell.xyz:443"; keyFile = config.age.secrets.oauth2_proxy_zitadel_client_secret.path; nginx.domain = "sso-proxy.joshuabell.xyz"; - # email.domains = [ ]; + email.domains = [ "*" ]; # extraConfig = { # whitelist-domain = ".joshuabell.xyz"; # cookie-domain = ".joshuabell.xyz"; From 289997196f9f275177f6ccbce8bc47fea1cf0a0f Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 18:37:59 -0500 Subject: [PATCH 023/109] add cookie secret --- ...ookie_secret.age => oauth2_proxy_key_file.age} | 0 .../oauth2_proxy_zitadel_client_secret.age | 15 --------------- common/secrets/secrets/secrets.nix | 5 +---- 3 files changed, 1 insertion(+), 19 deletions(-) rename common/secrets/secrets/{oauth2_proxy_cookie_secret.age => oauth2_proxy_key_file.age} (100%) delete mode 100644 common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age diff --git a/common/secrets/secrets/oauth2_proxy_cookie_secret.age b/common/secrets/secrets/oauth2_proxy_key_file.age similarity index 100% rename from common/secrets/secrets/oauth2_proxy_cookie_secret.age rename to common/secrets/secrets/oauth2_proxy_key_file.age diff --git a/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age b/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age deleted file mode 100644 index 2327447..0000000 --- a/common/secrets/secrets/oauth2_proxy_zitadel_client_secret.age +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB3RkMx -ZStZdnpMT3M2aVloTHNlRnVjcE94UGYxUkpMZWNEMWIwZjEwcWtRClNLekxXa0lw -RHBVandkY2h4akRKMDVNZzdvR2pGVEVrQUo5Q3Y0amZINVUKLT4gc3NoLWVkMjU1 -MTkgcGVGQlFnIDVKa3VXVXZsK2toL1dUTkNNWnJxcXVFTjlOdXVkUnFjc0JtSEVm -TURPaGMKekV0a1g4R0FEZ0p5RzVhaVR5dkhCRHdOV0JrNE1Ec1p5aU9saGxJcmg1 -MAotPiBzc2gtZWQyNTUxOSA5di8ySEEgeW1SbEpvUTlTcitrUFEwZzhzWjVVT3pT -R3I4eEdJQ1FNYmxUeFQxcXZFbwp1Z0dWOVRDTm5GTk5HZkk1d2hmK1Vzczdyd2la -TkhKdkpFQ0pELzBvQkNnCi0+IEs9WyYtZ3JlYXNlIFRlbQpDWXVCL0p0YzJSRy92 -SFZDcncKLS0tIFNhSEJoREhkNXIxS3FWL0htM0lnV2R1Um8vZ1RvY1U5UFNiZnJp -TWpHeDQKc2D0yWrCV1Q4Bbx7GSCCGKIBj+pXjBaRu9vLP/L+wPdxwsQ1LBTsqHnh -Q9xPd8/T7cDBNO0dC4azdEpTWu1fe15THhkyBR4qkKLBohO7jUrzAg98tx6HkgHS -N888dGejARmrpyDfy3zekeWsSEjv31XpI6MI36ysgpE4aze6EDkKKPlSxC8i8eNI -rGQy5+lNW3pnk3e+yVZWUTpwt/4wjuhkMAHWiw== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/secrets.nix b/common/secrets/secrets/secrets.nix index 58f6c6f..55a44d2 100644 --- a/common/secrets/secrets/secrets.nix +++ b/common/secrets/secrets/secrets.nix @@ -126,10 +126,7 @@ in "zitadel_master_key.age" = { publicKeys = authorityKey ++ h001; }; - "oauth2_proxy_zitadel_client_secret.age" = { - publicKeys = authorityKey ++ h001; - }; - "oauth2_proxy_cookie_secret.age" = { + "oauth2_proxy_key_file.age" = { publicKeys = authorityKey ++ h001; }; "openwebui_env.age" = { From efa102cfdeec660c034e664d4d00749a7aff32b4 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 3 Oct 2025 18:43:15 -0500 Subject: [PATCH 024/109] more weasdsouidhfksdhfosidf --- common/secrets/default.nix | 2 +- hosts/h001/mods/oauth2-proxy.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/common/secrets/default.nix b/common/secrets/default.nix index 7944a47..047b382 100644 --- a/common/secrets/default.nix +++ b/common/secrets/default.nix @@ -4,7 +4,7 @@ lib, pkgs, ... -}@args: +}: let ccfg = import ../config.nix; diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index 9a5001c..a5829a9 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -9,7 +9,7 @@ redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback"; validateURL = "https://sso.joshuabell.xyz/oauth2/"; oidcIssuerUrl = "https://sso.joshuabell.xyz:443"; - keyFile = config.age.secrets.oauth2_proxy_zitadel_client_secret.path; + keyFile = config.age.secrets.oauth2_key_file.path; nginx.domain = "sso-proxy.joshuabell.xyz"; email.domains = [ "*" ]; # extraConfig = { From cdd516b62d0367fb56b8791032212ef6bd8ea292 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 4 Oct 2025 00:13:24 -0500 Subject: [PATCH 025/109] secretsssss --- .../secrets/secrets/oauth2_proxy_key_file.age | 29 ++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/common/secrets/secrets/oauth2_proxy_key_file.age b/common/secrets/secrets/oauth2_proxy_key_file.age index e510df6..f402ab9 100644 --- a/common/secrets/secrets/oauth2_proxy_key_file.age +++ b/common/secrets/secrets/oauth2_proxy_key_file.age @@ -1,15 +1,18 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBDdER5 -WmpUMmlPLzVpaXYvcllYN04yayt4SmNRZjVpSzE0N3ZUeHFHTEJvClNQYjB4Y1hh -UVNpUjdrSkpoZU9za3M4bkNpNVVBTzN3WktJQ0dEV1JiNUEKLT4gc3NoLWVkMjU1 -MTkgcGVGQlFnIEwvNGJTaDdSTTlnSjZ3Y0tjdFJkNmFpQVZUL0ZVUkczOE9sNnhz -YmJjbnMKWjdCRHhiQ2NZMENlQlBhV1NTL1hnay90OU95WDZaVUg0RlRZUFRucE94 -awotPiBzc2gtZWQyNTUxOSA5di8ySEEgOGJ3TlUyTm54dS9MNjNVakJaTWFweEtK -SkUvQXdpZmU3dHFzSDBqNHZrbwpmK2VIaDRmY3lFNVJUY0NiMTNIK2k4UUk0eFVH -a3JTZHFTZ0g0U0NISzVzCi0+IENtfC1ncmVhc2UgWFMgM1clUiUgMAo1TlJLUFND -WkVtKzJQMDJqQS90Nk1rMHZBS2FiTHVxQy9CWFZ3R1gzMEMvZUZRckFJZE56enBP -WGlGOS92bTNLCjVuM2dmdHd2WU1weWtQWEgvemhNSCtocmw2MTVoeG1ORUZQcU1F -czZ4QkhHcWlNUE9qL0d5dkUKLS0tIGVPNU81WkNRVXFkSmFWc3dDWnVnZHA0MUV4 -U1FBQzRIM1NyVHFzend0SEkK0A/M77A5p2fcxe6rAm7RUCkXfrQU9ZRI3/psue2z -6Cd1B5LW8gsCKgsKKBFD7O0mPQXF5Rs8s2ShqtjKBlVva6NqRy5S7VKbY2Gv8lc= +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBlczVm +dFFYQWhXV0w1OG1kTXoyQU5BbFVZeThLY09ucnJHdjlPZ0w5YzJzCkxNQ2hzcU5t +RVRNcGRTZU00b1hQV2t4RGg0RW5xVUFFcjVvSy95WnF0TkEKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIE0vYWxBSWFCcmRMM3pNSlJMMXZIQ05RdSsyTzVIZzJUZ0o2M0N0 +Rm5jbkEKZm10T2s3bDFtclQvR2FDRUlUbW54ZlppYnFqWWpGSmpoaHQzbXJCOTkr +SQotPiBzc2gtZWQyNTUxOSA5di8ySEEgL25ZRytYQWMzMzl6MEVxMXVtemRkVGlJ +Rm9IcWZJVE1JT2NFWDZsaHZGSQpvQkVwaFNvUDkzRndZZUxNbVlaRTljUUxaWSsz +MmZBdTF4bjd1OEdZUElzCi0+IGlDOiRlcixlLWdyZWFzZSAjeTBEMgo2MFpjVTlM +TDJaWjdndjJqQnAxLzltMDk2d0ozUE1maC9NUEJtY2lmZlVRdnBxNnJ1N3FzbXRx +RkpNMjYxRnhPClh1c3Q2azNWdzM0QzBOa2VaTGsKLS0tIEpQSzgrUFBGZ0wxOTcx +bFVjSlJvais2U3lTcFh3cmovUndPQ0RBWXYxVXMKVJ80r3AYVssomONAnVcY4XJf +swwJewnU1RWWeRs3X6t4CQcozuG2zBp0Dpn8BCEMbjw/XeM803rePDQ3R0OM1JcS +C+bex9mH/9IiQvevMfxIIIrxjUpU48J5Jx1CIH5iqo4leOd9nX98UeCQjYxeiVdE +t7f6E03wAJhfCibDArXgiFVLLxYI10nQGNgZ/eDt6Am6U0Vbu/Eq6nikwvOgJ9Mp +X/4TlMMCJsQMYmaTsJD9PUhPdIf5OHE34A2UqxUcd1Wcga9EJ7MmsohDlEAkylOn +YJl+17t5TdJjfLihO0TXZTEqgX6FkaEconT43Q== -----END AGE ENCRYPTED FILE----- From e8b9a4bbd01e458a1f7499f8b3d9d228a18de568 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 4 Oct 2025 00:15:56 -0500 Subject: [PATCH 026/109] idk maybe works --- .../secrets/secrets/oauth2_proxy_key_file.age | 31 +++++++++---------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/common/secrets/secrets/oauth2_proxy_key_file.age b/common/secrets/secrets/oauth2_proxy_key_file.age index f402ab9..d5a36a9 100644 --- a/common/secrets/secrets/oauth2_proxy_key_file.age +++ b/common/secrets/secrets/oauth2_proxy_key_file.age @@ -1,18 +1,17 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBlczVm -dFFYQWhXV0w1OG1kTXoyQU5BbFVZeThLY09ucnJHdjlPZ0w5YzJzCkxNQ2hzcU5t -RVRNcGRTZU00b1hQV2t4RGg0RW5xVUFFcjVvSy95WnF0TkEKLT4gc3NoLWVkMjU1 -MTkgcGVGQlFnIE0vYWxBSWFCcmRMM3pNSlJMMXZIQ05RdSsyTzVIZzJUZ0o2M0N0 -Rm5jbkEKZm10T2s3bDFtclQvR2FDRUlUbW54ZlppYnFqWWpGSmpoaHQzbXJCOTkr -SQotPiBzc2gtZWQyNTUxOSA5di8ySEEgL25ZRytYQWMzMzl6MEVxMXVtemRkVGlJ -Rm9IcWZJVE1JT2NFWDZsaHZGSQpvQkVwaFNvUDkzRndZZUxNbVlaRTljUUxaWSsz -MmZBdTF4bjd1OEdZUElzCi0+IGlDOiRlcixlLWdyZWFzZSAjeTBEMgo2MFpjVTlM -TDJaWjdndjJqQnAxLzltMDk2d0ozUE1maC9NUEJtY2lmZlVRdnBxNnJ1N3FzbXRx -RkpNMjYxRnhPClh1c3Q2azNWdzM0QzBOa2VaTGsKLS0tIEpQSzgrUFBGZ0wxOTcx -bFVjSlJvais2U3lTcFh3cmovUndPQ0RBWXYxVXMKVJ80r3AYVssomONAnVcY4XJf -swwJewnU1RWWeRs3X6t4CQcozuG2zBp0Dpn8BCEMbjw/XeM803rePDQ3R0OM1JcS -C+bex9mH/9IiQvevMfxIIIrxjUpU48J5Jx1CIH5iqo4leOd9nX98UeCQjYxeiVdE -t7f6E03wAJhfCibDArXgiFVLLxYI10nQGNgZ/eDt6Am6U0Vbu/Eq6nikwvOgJ9Mp -X/4TlMMCJsQMYmaTsJD9PUhPdIf5OHE34A2UqxUcd1Wcga9EJ7MmsohDlEAkylOn -YJl+17t5TdJjfLihO0TXZTEqgX6FkaEconT43Q== +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1QW9y +bVYrZzh3ZDJRaUJOdEZRcGVhNUNvNG1JbENuVVJVcXFPbXVmNVNnCmZCenlWMVRY +YkgwRXpwYmQ4NmNrUkZQNitRM21FbzA3Z0x0TzBZVGxsa2sKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIDBsYW5qa09pNnptSk9rTndaZ2ZFQWs2cTlUdkp0S2k1TkFiNHFh +bG1zVkUKYXlRdTBVMGpOcEQ2bDN4Z2ZLbVFPZ1RBT0lmMitqRk5wdjF2bjJPRXRF +VQotPiBzc2gtZWQyNTUxOSA5di8ySEEgaFlLSm5Qd2dML2d6UVlJWEN0NHdiS2lp +WDNHeithZmg5ZFJjQ3BrV0pXYwpYdEFwR0J2RVJjaHJISHBMb3VxSlpTREVxcjEy +ZExZTUdocGNWcVJTb01FCi0+IDF7LWdyZWFzZQpFaGhVdVpjdVo1a2xXUjYwWUww +Z1hmUkorV2l3Rkt5MGFmUUczVVEKLS0tIHR4SzJCYTZOdFFERFRlS0QyV0tJeks3 +ZDNYS05jR1QvU3RhN2ZUd0dCODgKvyfa6+kFUuN2DAi1vb8vszdAw3Jlb9gLsdsM +6d7ILyLkmolgmpfpFwyzP5KVrYn8vkjuZDB6iJvAJjDgBhX9p4Bt7uSggNGz7O8z +7p3NsCdzLGHLygYok+D2TyupWiUs/YIyUx3rdjleO/QOiJlO8n63xx9hvp2A/25q +n6BvBLA0CuecVFs9pLC8a91VpTyZrI/f71lmS6wvpW3HwrRldDDCqzPB3UG3ceTz +9O0iCjST/c5ETO7HadKKT63aMALdHQYc3QMATxeMfwHlMmwf42Z4ON4d9A6q1CWO +hQ0LmyFhrg== -----END AGE ENCRYPTED FILE----- From e2816c34aa858523086954c77f0af731b17add2e Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 4 Oct 2025 00:22:42 -0500 Subject: [PATCH 027/109] idk --- hosts/h001/mods/oauth2-proxy.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index a5829a9..b285900 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -8,14 +8,14 @@ reverseProxy = true; redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback"; validateURL = "https://sso.joshuabell.xyz/oauth2/"; - oidcIssuerUrl = "https://sso.joshuabell.xyz:443"; - keyFile = config.age.secrets.oauth2_key_file.path; + oidcIssuerUrl = "https://sso.joshuabell.xyz"; + keyFile = config.age.secrets.oauth2_proxy_key_file.path; nginx.domain = "sso-proxy.joshuabell.xyz"; email.domains = [ "*" ]; - # extraConfig = { - # whitelist-domain = ".joshuabell.xyz"; - # cookie-domain = ".joshuabell.xyz"; - # }; + extraConfig = { + whitelist-domain = ".joshuabell.xyz"; + cookie-domain = ".joshuabell.xyz"; + }; }; services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { From 4905c2061bcc6731a40979f3c413699b0e74776b Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 4 Oct 2025 00:26:05 -0500 Subject: [PATCH 028/109] will this work? --- hosts/h001/mods/trilium.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index e756d6f..2a36f21 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -23,6 +23,22 @@ proxyWebsockets = true; recommendedProxySettings = true; proxyPass = "http://127.0.0.1:9111"; + extraConfig = '' + auth_request /oauth2/auth; + error_page 401 = @error401; + + location = /oauth2/auth { + internal; + proxy_pass https://sso-proxy.joshuabell.xyz/oauth2/auth; + proxy_set_header Host sso-proxy.joshuabell.xyz; + proxy_set_header X-Auth-Request-Redirect $request_uri; + proxy_set_header X-Forwarded-Proto https; + } + + location @error401 { + return 302 https://sso-proxy.joshuabell.xyz/oauth2/start?rd=https://$host$request_uri; + } + ''; }; }; }; From 92397eadb42982b3f6b39bdd468839f99ab0baed Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 4 Oct 2025 00:31:39 -0500 Subject: [PATCH 029/109] remove shit --- hosts/h001/mods/trilium.nix | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 2a36f21..e756d6f 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -23,22 +23,6 @@ proxyWebsockets = true; recommendedProxySettings = true; proxyPass = "http://127.0.0.1:9111"; - extraConfig = '' - auth_request /oauth2/auth; - error_page 401 = @error401; - - location = /oauth2/auth { - internal; - proxy_pass https://sso-proxy.joshuabell.xyz/oauth2/auth; - proxy_set_header Host sso-proxy.joshuabell.xyz; - proxy_set_header X-Auth-Request-Redirect $request_uri; - proxy_set_header X-Forwarded-Proto https; - } - - location @error401 { - return 302 https://sso-proxy.joshuabell.xyz/oauth2/start?rd=https://$host$request_uri; - } - ''; }; }; }; From 723dead6d65472e92bf6a8bca17eb7a789425bac Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 4 Oct 2025 00:59:42 -0500 Subject: [PATCH 030/109] idk --- hosts/h001/mods/trilium.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index e756d6f..e354ed3 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -23,6 +23,24 @@ proxyWebsockets = true; recommendedProxySettings = true; proxyPass = "http://127.0.0.1:9111"; + extraConfig = '' + auth_request /oauth2/auth; + error_page 401 = @error401; + + location = /oauth2/auth { + internal; + proxy_pass http://127.0.0.1:4180/oauth2/auth; + proxy_set_header Host sso-proxy.joshuabell.xyz; + proxy_set_header Cookie $http_cookie; + proxy_set_header X-Auth-Request-Redirect $request_uri; + proxy_set_header X-Original-URI $request_uri; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location @error401 { + return 302 https://sso-proxy.joshuabell.xyz/oauth2/start?rd=https://$host$request_uri; + } + ''; }; }; }; From 751e584775de3f4ce070e2b0b1245cfbada3aafb Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 13:30:19 -0500 Subject: [PATCH 031/109] asd --- hosts/h001/mods/trilium.nix | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index e354ed3..e756d6f 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -23,24 +23,6 @@ proxyWebsockets = true; recommendedProxySettings = true; proxyPass = "http://127.0.0.1:9111"; - extraConfig = '' - auth_request /oauth2/auth; - error_page 401 = @error401; - - location = /oauth2/auth { - internal; - proxy_pass http://127.0.0.1:4180/oauth2/auth; - proxy_set_header Host sso-proxy.joshuabell.xyz; - proxy_set_header Cookie $http_cookie; - proxy_set_header X-Auth-Request-Redirect $request_uri; - proxy_set_header X-Original-URI $request_uri; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location @error401 { - return 302 https://sso-proxy.joshuabell.xyz/oauth2/start?rd=https://$host$request_uri; - } - ''; }; }; }; From aa0d2d3bc346faa52caf73c7d3cfe178ff8cab44 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 17:01:50 -0500 Subject: [PATCH 032/109] idk --- hosts/h001/mods/oauth2-proxy.nix | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index b285900..cbc8826 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -1,9 +1,9 @@ -{ config, ... }: +{ upkgs, config, ... }: { services.oauth2-proxy = { enable = true; httpAddress = "http://127.0.0.1:4180"; - # package = pkgsUnstable.oauth2-proxy; + package = upkgs.oauth2-proxy; provider = "oidc"; reverseProxy = true; redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback"; @@ -13,9 +13,11 @@ nginx.domain = "sso-proxy.joshuabell.xyz"; email.domains = [ "*" ]; extraConfig = { - whitelist-domain = ".joshuabell.xyz"; + whitelist-domain = "*.joshuabell.xyz"; cookie-domain = ".joshuabell.xyz"; }; + cookie.refresh = "30m"; + setXauthrequest = true; }; services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { @@ -24,11 +26,7 @@ proxyWebsockets = true; recommendedProxySettings = true; proxyPass = "http://127.0.0.1:4180"; - extraConfig = '' - proxy_set_header X-Forwarded-Proto https; - ''; }; }; }; - } From ff193e9ce7c68c070037edd0329cc9bc141b5476 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 17:17:56 -0500 Subject: [PATCH 033/109] hmm claims; --- hosts/h001/mods/trilium.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index e756d6f..ecff3ba 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -16,7 +16,9 @@ TRILIUM_NO_UPLOAD_LIMIT = "true"; }; - services.oauth2-proxy.nginx.virtualHosts."notes.joshuabell.xyz".allowed_groups = [ "notes" ]; + services.oauth2-proxy.nginx.virtualHosts."notes.joshuabell.xyz" = { + allowed_groups = [ "notes" ]; + }; services.nginx.virtualHosts."notes.joshuabell.xyz" = { locations = { "/" = { From 72e0759fa4ae8aad968725ef798af3e0b6957757 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 18:31:37 -0500 Subject: [PATCH 034/109] it works!? --- hosts/h001/containers/zitadel.md | 43 ++++++++++++++++++++++++++++++++ hosts/h001/mods/oauth2-proxy.nix | 11 +++++++- hosts/h001/mods/trilium.nix | 19 -------------- 3 files changed, 53 insertions(+), 20 deletions(-) create mode 100644 hosts/h001/containers/zitadel.md diff --git a/hosts/h001/containers/zitadel.md b/hosts/h001/containers/zitadel.md new file mode 100644 index 0000000..aa24c27 --- /dev/null +++ b/hosts/h001/containers/zitadel.md @@ -0,0 +1,43 @@ +Note that in zitadel there are several settings that many of the apps need. Specifically the flat roles complement on tokens + +flatRolesClaim , timeout in seconds = 10 +flowType: complement_token +-> pre user info creation +-> pre access token creation + +```js +/** + * Adds an additional claim in the token with roles in flat format. + * + * The role claims of the token look like the following: + * + * // added by the code below + * "flatRolesClaim": ["test", "role2", ...], + * // added automatically + * "urn:zitadel:iam:org:project:roles": { + * "test": { + * "201982826478953724": "zitadel.localhost" + * } + * } + * + * Flow: Complement token, Triggers: Pre Userinfo creation, Pre access token creation + * + * @param ctx + * @param api + */ + +function flatRolesClaim(ctx, api) { + if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) { + return; + } + + let grants = []; + ctx.v1.user.grants.grants.forEach(claim => { + claim.roles.forEach(role => { + grants.push(role); + }) + }) + + api.v1.claims.setClaim('flatRolesClaim', grants); +} +``` diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index cbc8826..f39e837 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -15,9 +15,18 @@ extraConfig = { whitelist-domain = "*.joshuabell.xyz"; cookie-domain = ".joshuabell.xyz"; + oidc-groups-claim = "flatRolesClaim"; + # scope = "openid email profiles"; + + # pass-access-token = "true"; + # set-authorization-header = "true"; + # pass-user-headers = "true"; + + # show-debug-on-error = "true"; + # errors-to-info-log = "true"; }; cookie.refresh = "30m"; - setXauthrequest = true; + # setXauthrequest = true; }; services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index ecff3ba..0797cda 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -28,24 +28,5 @@ }; }; }; - - # services.nginx = { - # virtualHosts = { - # "trilium" = { - # serverName = "h001.net.joshuabell.xyz"; - # listen = [ - # { - # port = 9111; - # addr = "0.0.0.0"; - # } - # ]; - # locations."/" = { - # proxyWebsockets = true; - # recommendedProxySettings = true; - # proxyPass = "http://127.0.0.1:9111"; - # }; - # }; - # }; - # }; }; } From 3a572a9222e74724f9640678e86603e351b08937 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 23:06:34 -0500 Subject: [PATCH 035/109] add a tailnet overlay network verison for trillium to test the android app --- hosts/h001/mods/trilium.nix | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 0797cda..94f600c 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -1,10 +1,12 @@ { + upkgs, ... }: { config = { services.trilium-server = { enable = true; + package = upkgs.trilium-server; port = 9111; host = "127.0.0.1"; dataDir = "/var/lib/trilium"; @@ -19,12 +21,30 @@ services.oauth2-proxy.nginx.virtualHosts."notes.joshuabell.xyz" = { allowed_groups = [ "notes" ]; }; - services.nginx.virtualHosts."notes.joshuabell.xyz" = { - locations = { - "/" = { - proxyWebsockets = true; - recommendedProxySettings = true; - proxyPass = "http://127.0.0.1:9111"; + services.nginx.virtualHosts = { + "notes.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:9111"; + }; + }; + }; + "trilium_overlay" = { + serverName = "h001.net.joshuabell.xyz"; + listen = [ + { + port = 9112; + addr = "100.64.0.13"; + } + ]; + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:9111"; + }; }; }; }; From 52b440b5b3d6f8a248f754855bd502611694b52c Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 23:15:57 -0500 Subject: [PATCH 036/109] add max body size --- hosts/h001/nginx.nix | 51 ++++++++++++++++++++----------------- hosts/oracle/o001/nginx.nix | 3 +++ 2 files changed, 31 insertions(+), 23 deletions(-) diff --git a/hosts/h001/nginx.nix b/hosts/h001/nginx.nix index 1095170..f7c0bac 100644 --- a/hosts/h001/nginx.nix +++ b/hosts/h001/nginx.nix @@ -8,32 +8,37 @@ let }; in { - services.nginx.virtualHosts = { - "10.12.14.10" = { - locations = { - "/" = { - return = "301 http://h001.local.joshuabell.xyz"; + services.nginx = { + appendHttpConfig = '' + client_max_body_size 500M; + ''; + virtualHosts = { + "10.12.14.10" = { + locations = { + "/" = { + return = "301 http://h001.local.joshuabell.xyz"; + }; }; }; - }; - "h001.local.joshuabell.xyz" = { - locations = { - "/" = homarr; - }; - }; - "100.64.0.13" = { - locations."/" = { - return = "301 http://h001.net.joshuabell.xyz"; - }; - }; - "h001.net.joshuabell.xyz" = { - locations = { - "/grafana/" = { - proxyPass = "http://localhost:3001"; - proxyWebsockets = true; - recommendedProxySettings = true; + "h001.local.joshuabell.xyz" = { + locations = { + "/" = homarr; + }; + }; + "100.64.0.13" = { + locations."/" = { + return = "301 http://h001.net.joshuabell.xyz"; + }; + }; + "h001.net.joshuabell.xyz" = { + locations = { + "/grafana/" = { + proxyPass = "http://localhost:3001"; + proxyWebsockets = true; + recommendedProxySettings = true; + }; + "/" = homarr; }; - "/" = homarr; }; }; }; diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index 5c74ace..29b484c 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -30,6 +30,9 @@ recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; + appendHttpConfig = '' + client_max_body_size 500M; + ''; virtualHosts = let tailnetConfig = { From adf514c054954d70717c0e06637c940540d26a61 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 23:19:19 -0500 Subject: [PATCH 037/109] client max body size setting --- hosts/h001/nginx.nix | 4 +--- hosts/oracle/o001/nginx.nix | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/hosts/h001/nginx.nix b/hosts/h001/nginx.nix index f7c0bac..8a52091 100644 --- a/hosts/h001/nginx.nix +++ b/hosts/h001/nginx.nix @@ -9,9 +9,7 @@ let in { services.nginx = { - appendHttpConfig = '' - client_max_body_size 500M; - ''; + clientMaxBodySize = "500m"; virtualHosts = { "10.12.14.10" = { locations = { diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index 29b484c..2188c0b 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -30,9 +30,7 @@ recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; - appendHttpConfig = '' - client_max_body_size 500M; - ''; + clientMaxBodySize = "500m"; virtualHosts = let tailnetConfig = { From 05fc8a71c5ae86aeeb227582b4ee4b85f0104e13 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 5 Oct 2025 23:21:36 -0500 Subject: [PATCH 038/109] add tr to ll command alias --- common/general/shell/common.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/general/shell/common.nix b/common/general/shell/common.nix index c7bd3df..2d79ea5 100644 --- a/common/general/shell/common.nix +++ b/common/general/shell/common.nix @@ -40,7 +40,7 @@ with lib; date_compact = "date +'%Y%m%d'"; date_short = "date +'%Y-%m-%d'"; ls = "ls --color -Gah"; - ll = "ls --color -Galh"; + ll = "ls --color -Galhtr"; lss = "du --max-depth=0 -h {.,}* 2>/dev/null | sort -hr"; psg = "ps aux | head -n 1 && ps aux | grep -v 'grep' | grep"; cl = "clear"; From b89d0a67fa87c7291b96cbadde28661bca667e18 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 7 Oct 2025 18:06:37 -0500 Subject: [PATCH 039/109] update litellm --- hosts/h001/mods/openwebui.nix | 60 ++++++++++++++++++++++++----------- 1 file changed, 42 insertions(+), 18 deletions(-) diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix index 2d11428..2c847b6 100644 --- a/hosts/h001/mods/openwebui.nix +++ b/hosts/h001/mods/openwebui.nix @@ -111,15 +111,15 @@ api_key = "na"; }; } - { - model_name = "GPT-5-codex"; - litellm_params = { - model = "azure/gpt-5-codex-2025-09-15"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } + # { + # model_name = "GPT-5-codex"; + # litellm_params = { + # model = "azure/gpt-5-codex-2025-09-15"; + # api_base = "http://100.64.0.8:9010/azure"; + # api_version = "2025-04-01-preview"; + # api_key = "na"; + # }; + # } { model_name = "GPT-4.1"; litellm_params = { @@ -147,15 +147,15 @@ api_key = "na"; }; } - { - model_name = "dall-e-3-3.0"; - litellm_params = { - model = "azure/dall-e-3-3.0"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } + # { + # model_name = "dall-e-3-3.0"; + # litellm_params = { + # model = "azure/dall-e-3-3.0"; + # api_base = "http://100.64.0.8:9010/azure"; + # api_version = "2025-04-01-preview"; + # api_key = "na"; + # }; + # } # Copilot { @@ -170,6 +170,30 @@ }; }; } + { + model_name = "copilot-google-gemini-2.5-pro"; + litellm_params = { + model = "github_copilot/gemini-2.5-pro"; + extra_headers = { + "editor-version" = "vscode/1.85.1"; + "Copilot-Integration-Id" = "vscode-chat"; + "user-agent" = "GithubCopilot/1.155.0"; + "editor-plugin-version" = "copilot/1.155.0"; + }; + }; + } + # { + # model_name = "copilot-google-gemini-2.0-flash"; + # litellm_params = { + # model = "github_copilot/gemini-2.0-flash"; + # extra_headers = { + # "editor-version" = "vscode/1.85.1"; + # "Copilot-Integration-Id" = "vscode-chat"; + # "user-agent" = "GithubCopilot/1.155.0"; + # "editor-plugin-version" = "copilot/1.155.0"; + # }; + # }; + # } ]; }; }; From 3a0b2e754d7c6ebcb5e521acfadd843c802a6594 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 7 Oct 2025 19:22:43 -0500 Subject: [PATCH 040/109] pin all leading edge apps to their own nixpkgs so they can update independently --- common/flake.lock | 42 ++--- hosts/h001/flake.lock | 275 ++++++++++++++++++------------- hosts/h001/flake.nix | 9 +- hosts/h001/mods/default.nix | 1 + hosts/h001/mods/litellm.nix | 169 +++++++++++++++++++ hosts/h001/mods/oauth2-proxy.nix | 84 ++++++---- hosts/h001/mods/openwebui.nix | 152 ++--------------- hosts/h001/mods/trilium.nix | 14 +- 8 files changed, 431 insertions(+), 315 deletions(-) create mode 100644 hosts/h001/mods/litellm.nix diff --git a/common/flake.lock b/common/flake.lock index 3516b6e..2ba0955 100644 --- a/common/flake.lock +++ b/common/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", "type": "github" }, "original": { @@ -237,11 +237,11 @@ ] }, "locked": { - "lastModified": 1758192433, - "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", "type": "github" }, "original": { @@ -266,11 +266,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759094452, - "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "lastModified": 1759837778, + "narHash": "sha256-12GZqSrRYyhKl7NpNMUQECDi/Zyx17QZhhQ7+mBJMns=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "rev": "5ba2d2217b649c4ca2db7e3f383b3f6af6e70d65", "type": "github" }, "original": { @@ -359,11 +359,11 @@ ] }, "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "type": "github" }, "original": { @@ -388,11 +388,11 @@ ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "type": "github" }, "original": { @@ -413,11 +413,11 @@ ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1759490926, + "narHash": "sha256-7IbZGJ5qAAfZsGhBHIsP8MBsfuFYS0hsxYHVkkeDG5Q=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "94cce794344538c4d865e38682684ec2bbdb2ef3", "type": "github" }, "original": { @@ -485,11 +485,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1758198701, - "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock index 6f707b8..95d159e 100644 --- a/hosts/h001/flake.lock +++ b/hosts/h001/flake.lock @@ -49,11 +49,11 @@ ] }, "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", "type": "github" }, "original": { @@ -268,11 +268,11 @@ ] }, "locked": { - "lastModified": 1758192433, - "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", "type": "github" }, "original": { @@ -297,11 +297,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759094452, - "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "lastModified": 1759837778, + "narHash": "sha256-12GZqSrRYyhKl7NpNMUQECDi/Zyx17QZhhQ7+mBJMns=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "rev": "5ba2d2217b649c4ca2db7e3f383b3f6af6e70d65", "type": "github" }, "original": { @@ -399,11 +399,11 @@ ] }, "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "type": "github" }, "original": { @@ -431,11 +431,11 @@ ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "type": "github" }, "original": { @@ -458,11 +458,11 @@ ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1759490926, + "narHash": "sha256-7IbZGJ5qAAfZsGhBHIsP8MBsfuFYS0hsxYHVkkeDG5Q=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "94cce794344538c4d865e38682684ec2bbdb2ef3", "type": "github" }, "original": { @@ -498,6 +498,22 @@ "type": "github" } }, + "litellm-nixpkgs": { + "locked": { + "lastModified": 1759733170, + "narHash": "sha256-TXnlsVb5Z8HXZ6mZoeOAIwxmvGHp1g4Dw89eLvIwKVI=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "8913c168d1c56dc49a7718685968f38752171c3b", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -550,29 +566,13 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1759036355, - "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { - "lastModified": 1758198701, - "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -616,11 +616,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1759143472, - "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", + "lastModified": 1759735786, + "narHash": "sha256-a0+h02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23", + "rev": "20c4598c84a671783f741e02bf05cbfaf4907cff", "type": "github" }, "original": { @@ -632,11 +632,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1757952092, - "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", + "lastModified": 1759772810, + "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fd76dc9e7c68ac7c3941ba2af2bedcd79c5cf4ed", + "rev": "2b78ecc45e163d655c08c9a4cffb4a91c66d0493", "type": "github" }, "original": { @@ -664,11 +664,11 @@ "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { "flake": false, "locked": { - "lastModified": 1757950300, - "narHash": "sha256-IQTP3jOmFNc2nphV9jdFbJXkmAN5Wj+/PIGmaZ8gP24=", + "lastModified": 1759715887, + "narHash": "sha256-9wXyswKnUenlZyO/aIy0gr1hF0IhuEJ0UOwvqjDSGjA=", "owner": "CopilotC-Nvim", "repo": "CopilotChat.nvim", - "rev": "87615648ff4dc852d1cf7ec099f0a7c37b1b2c87", + "rev": "92f269971c33a6e2f405da8b14f01cd109b9a3a3", "type": "github" }, "original": { @@ -696,11 +696,11 @@ "nvim_plugin-L3MON4D3/LuaSnip": { "flake": false, "locked": { - "lastModified": 1756990415, - "narHash": "sha256-5FsUVPy8pAiwBh3c+bPDMtypFEHj6qIwGQIo3hjqV4M=", + "lastModified": 1759157591, + "narHash": "sha256-sicE0/Vgc03X+Qxqlu5CM7NGd+6FE9RGx6OjZUa6Umw=", "owner": "L3MON4D3", "repo": "LuaSnip", - "rev": "21f74f7ba8c49f95f9d7c8293b147c2901dd2d3a", + "rev": "73813308abc2eaeff2bc0d3f2f79270c491be9d7", "type": "github" }, "original": { @@ -712,11 +712,11 @@ "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { "flake": false, "locked": { - "lastModified": 1757910669, - "narHash": "sha256-PWbFcGRbTMRhDJrj+kx73HLduMLOSrAhZTLL2YgrAjQ=", + "lastModified": 1759424904, + "narHash": "sha256-Smt9v6/XyHUdUiIPyCPQSRvWCeMMhYITSZWd9M7Jlvs=", "owner": "MeanderingProgrammer", "repo": "render-markdown.nvim", - "rev": "2c6cf127c577712bd29d38f6391b3045c5f0180a", + "rev": "7e6af36c846017122e07e68803bbf95f3c729ca3", "type": "github" }, "original": { @@ -776,11 +776,11 @@ "nvim_plugin-aznhe21/actions-preview.nvim": { "flake": false, "locked": { - "lastModified": 1745779150, - "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "lastModified": 1759462626, + "narHash": "sha256-YUeWBXxxeurfWBi0PjUi6izqYAvUw9DHmvsuPXm7ohw=", "owner": "aznhe21", "repo": "actions-preview.nvim", - "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "rev": "cb938c25edaac38d362555f19244a9cb85d561e8", "type": "github" }, "original": { @@ -792,11 +792,11 @@ "nvim_plugin-b0o/schemastore.nvim": { "flake": false, "locked": { - "lastModified": 1757653237, - "narHash": "sha256-94NKAVWPV2sLkGWWL9G07QxA90Ise6tNWaYyKBcS/vI=", + "lastModified": 1759454886, + "narHash": "sha256-T6mWvScsU0IsB3wFre5+TrNIbpQCA0flf7BNrGQIb+M=", "owner": "b0o", "repo": "schemastore.nvim", - "rev": "3146720ee3a0c6e2446eedd492fb519d16f2e467", + "rev": "8e17e50b519ba360bcfd5dfb5843ccac9be500ba", "type": "github" }, "original": { @@ -808,11 +808,11 @@ "nvim_plugin-catppuccin/nvim": { "flake": false, "locked": { - "lastModified": 1755621274, - "narHash": "sha256-o8VLMPriOh4+Ay5Ff0cWQYXjmihdr3x9131bKHHTsQE=", + "lastModified": 1759668198, + "narHash": "sha256-WmWGygttH78KajAaIvlwRW47G7UGJuPV0YIfEZkse6I=", "owner": "catppuccin", "repo": "nvim", - "rev": "30fa4d122d9b22ad8b2e0ab1b533c8c26c4dde86", + "rev": "e79d09fa347b367e0e7f693bfe87dba932a8cbd1", "type": "github" }, "original": { @@ -856,11 +856,11 @@ "nvim_plugin-folke/lazy.nvim": { "flake": false, "locked": { - "lastModified": 1740511197, - "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "lastModified": 1759439283, + "narHash": "sha256-FjQ2rj3BvC8fh60IT0ExrBOmdDLdXFexffef6iKcPFQ=", "owner": "folke", "repo": "lazy.nvim", - "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "rev": "59334064f8604ca073791c25dcc5c9698865406e", "type": "github" }, "original": { @@ -888,11 +888,11 @@ "nvim_plugin-folke/which-key.nvim": { "flake": false, "locked": { - "lastModified": 1740233407, - "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "lastModified": 1758639622, + "narHash": "sha256-JNkjlv6QpnuaYCAFcBPjV7IavVLzj8QEX/Zi3sbdyrU=", "owner": "folke", "repo": "which-key.nvim", - "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "rev": "904308e6885bbb7b60714c80ab3daf0c071c1492", "type": "github" }, "original": { @@ -968,11 +968,11 @@ "nvim_plugin-j-hui/fidget.nvim": { "flake": false, "locked": { - "lastModified": 1755700851, - "narHash": "sha256-KRlUqUdcliKpLnEJqyA2OAWto73F6iGTbMrsiAdc24M=", + "lastModified": 1758578970, + "narHash": "sha256-ieY3zaQAydzadpPiW1/IYakVHhp+wyEOpCQntgDOObs=", "owner": "j-hui", "repo": "fidget.nvim", - "rev": "4d5858bd4c471c895060e1b9f3575f1551184dc5", + "rev": "3f5475949679953af6d78654db29b944fa826e6a", "type": "github" }, "original": { @@ -1000,11 +1000,11 @@ "nvim_plugin-lewis6991/gitsigns.nvim": { "flake": false, "locked": { - "lastModified": 1757668552, - "narHash": "sha256-L5WbNiFUn014hThvGfb5r858O6iLOBhOQHfVUdIlFI4=", + "lastModified": 1759324477, + "narHash": "sha256-GDK9I3SNRyZe59+GsnDC0L2KjGr150dWo4S3DUwhT7U=", "owner": "lewis6991", "repo": "gitsigns.nvim", - "rev": "f780609807eca1f783a36a8a31c30a48fbe150c5", + "rev": "1ee5c1fd068c81f9dd06483e639c2aa4587dc197", "type": "github" }, "original": { @@ -1064,11 +1064,11 @@ "nvim_plugin-mbbill/undotree": { "flake": false, "locked": { - "lastModified": 1756538456, - "narHash": "sha256-tudR+46nd63jY1VTCNEfZ2CofxCODXaHos0+NdFI6wU=", + "lastModified": 1759186837, + "narHash": "sha256-EWOH08KAWyoT9m45/B1d5aKQQJtd3k4orJbagVsxe08=", "owner": "mbbill", "repo": "undotree", - "rev": "fe9a9d0645f0f5532360b5e5f5c550d7bb4f1869", + "rev": "0f1c9816975b5d7f87d5003a19c53c6fd2ff6f7f", "type": "github" }, "original": { @@ -1080,11 +1080,11 @@ "nvim_plugin-mfussenegger/nvim-lint": { "flake": false, "locked": { - "lastModified": 1757878177, - "narHash": "sha256-8X9z0pRWx9xg9nQhhQtuOu3TunObg2CIgnlPXZtx86A=", + "lastModified": 1758714671, + "narHash": "sha256-POnQfsZAv93+0uCbKFcNgyQxn3u8nNqgnx0uTqCkCq8=", "owner": "mfussenegger", "repo": "nvim-lint", - "rev": "0864f81c681e15d9bdc1156fe3a17bd07db5a3ed", + "rev": "335a6044be16d7701001059cba9baa36fbeef422", "type": "github" }, "original": { @@ -1096,11 +1096,11 @@ "nvim_plugin-mrcjkb/rustaceanvim": { "flake": false, "locked": { - "lastModified": 1757809469, - "narHash": "sha256-bijgDZozBNmHW3cASmOrQlaSE80d8V3XRxi1BNmfzRI=", + "lastModified": 1759623626, + "narHash": "sha256-Cz4LDzz7v3kBS1mbxZjprogqHFghYr5xMfSN3us2Ltk=", "owner": "mrcjkb", "repo": "rustaceanvim", - "rev": "370b85298e5afdfd8b5d3da0c60c04e3873499a4", + "rev": "96a4f5efc7705f613ddd47fb5d1445c172acb213", "type": "github" }, "original": { @@ -1112,11 +1112,11 @@ "nvim_plugin-neovim/nvim-lspconfig": { "flake": false, "locked": { - "lastModified": 1757886255, - "narHash": "sha256-lIlFgHkesAK7fRcoEEQO84/0BpE29dBgNzBnCv/0Tf0=", + "lastModified": 1759548517, + "narHash": "sha256-K56vjTUkQ/NdA6vq5942zUknPiCUbMByiEW540dR8R0=", "owner": "neovim", "repo": "nvim-lspconfig", - "rev": "d9879110d0422a566fa01d732556f4d5515e1738", + "rev": "e688b486fe9291f151eae7e5c0b5a5c4ef980847", "type": "github" }, "original": { @@ -1128,11 +1128,11 @@ "nvim_plugin-nosduco/remote-sshfs.nvim": { "flake": false, "locked": { - "lastModified": 1755703322, - "narHash": "sha256-xy+50CsRd0LfRyDtNNMI8KhzvjH2nt8ogwiXf7H3fYY=", + "lastModified": 1759193354, + "narHash": "sha256-FfUxpRfqrf0r56/gi76N2ZooWnXWO0aRtaQBS7m+SvY=", "owner": "nosduco", "repo": "remote-sshfs.nvim", - "rev": "8b0974c0e23ef086f5598ebbb1980257171dc370", + "rev": "45502b3892774811153aeab5f7f9b0033c82005c", "type": "github" }, "original": { @@ -1256,11 +1256,11 @@ "nvim_plugin-nvim-tree/nvim-tree.lua": { "flake": false, "locked": { - "lastModified": 1757312802, - "narHash": "sha256-Km+PWXJJLl8zsBjwIGL//qT/eUEZna4yYRPsWXMXG1E=", + "lastModified": 1759222332, + "narHash": "sha256-TmQd8Xx9xw3G9PfPH+DZeSECfiUoO7XKCUSyQ4O0hMk=", "owner": "nvim-tree", "repo": "nvim-tree.lua", - "rev": "e179ad2f83b5955ab0af653069a493a1828c2697", + "rev": "87d096a39cb2d5d43e6771563575ff042a79f48b", "type": "github" }, "original": { @@ -1272,11 +1272,11 @@ "nvim_plugin-nvim-tree/nvim-web-devicons": { "flake": false, "locked": { - "lastModified": 1756936794, - "narHash": "sha256-2Q6ZZQj5HFXTw1YwX3ibdGOTwfbfPUBbcPOsuBUpSjc=", + "lastModified": 1759188261, + "narHash": "sha256-lVrakFrpIP9lp7sMfMb33KeMPIkcn1qBFVytJzKCfuE=", "owner": "nvim-tree", "repo": "nvim-web-devicons", - "rev": "6e51ca170563330e063720449c21f43e27ca0bc1", + "rev": "b8221e42cf7287c4dcde81f232f58d7b947c210d", "type": "github" }, "original": { @@ -1336,11 +1336,11 @@ "nvim_plugin-rmagatti/auto-session": { "flake": false, "locked": { - "lastModified": 1757864222, - "narHash": "sha256-FbN36vVLX3DUXwefTbi6511R6KTHqLiNHeAR0kXiarg=", + "lastModified": 1759618137, + "narHash": "sha256-+RYQi685tyV73WNXpgr/Q5p3o21dSUkQmSoif+EPBVM=", "owner": "rmagatti", "repo": "auto-session", - "rev": "5a269bb5bec50b8b60564aa00f6454d9e82fbe8d", + "rev": "0385a9ad378d70608c2e6e4c14b3b126ce30fc51", "type": "github" }, "original": { @@ -1400,11 +1400,11 @@ "nvim_plugin-stevearc/conform.nvim": { "flake": false, "locked": { - "lastModified": 1756334700, - "narHash": "sha256-j9TOSx2L19AHABdg9pLtmEUtPOCIUSo0qe2YUPBlZ5g=", + "lastModified": 1759554032, + "narHash": "sha256-JX+vFs+8n4PS7Xwq68MW2mjlDaLlUx6CxMqhf9ArfXQ=", "owner": "stevearc", "repo": "conform.nvim", - "rev": "b4aab989db276993ea5dcb78872be494ce546521", + "rev": "9d859cbfbde7a1bd1770e7c97aef30ec5a237a71", "type": "github" }, "original": { @@ -1512,11 +1512,11 @@ "nvim_plugin-zbirenbaum/copilot.lua": { "flake": false, "locked": { - "lastModified": 1757884406, - "narHash": "sha256-sXobILIsV4nnk9//PbFT4L1BsHP1xSJiuibVbGwYXJ8=", + "lastModified": 1759697885, + "narHash": "sha256-PwqJ7/FCfK4AqFgguZ2Tac5RWhehSEfI1N6ySSuTbZc=", "owner": "zbirenbaum", "repo": "copilot.lua", - "rev": "8aebaa3a102125fedf08c98773a0a8def92fff37", + "rev": "30b98a4c25d6152c14084020f703b6d56e1f1122", "type": "github" }, "original": { @@ -1525,6 +1525,38 @@ "type": "github" } }, + "oauth2-proxy-nixpkgs": { + "locked": { + "lastModified": 1759733170, + "narHash": "sha256-TXnlsVb5Z8HXZ6mZoeOAIwxmvGHp1g4Dw89eLvIwKVI=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "8913c168d1c56dc49a7718685968f38752171c3b", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "open-webui-nixpkgs": { + "locked": { + "lastModified": 1759036355, + "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", + "type": "github" + } + }, "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat", @@ -1574,10 +1606,13 @@ "root": { "inputs": { "common": "common", + "litellm-nixpkgs": "litellm-nixpkgs", "nixarr": "nixarr", "nixpkgs": "nixpkgs_5", - "nixpkgs-unstable": "nixpkgs-unstable", - "ros_neovim": "ros_neovim" + "oauth2-proxy-nixpkgs": "oauth2-proxy-nixpkgs", + "open-webui-nixpkgs": "open-webui-nixpkgs", + "ros_neovim": "ros_neovim", + "trilium-nixpkgs": "trilium-nixpkgs" } }, "ros_neovim": { @@ -1641,11 +1676,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1758041510, - "narHash": "sha256-vcK6ZwAWNfjdDFYKLVrWk+azva58AiDpm8nMfIniFWA=", + "lastModified": 1759881611, + "narHash": "sha256-OrWyZDLEafAP90pCun/6mE1F88znpJYi3rRIHQo8Wrs=", "ref": "refs/heads/master", - "rev": "b3dbdf3f7360747987bf38bcdd9baf01b4906929", - "revCount": 304, + "rev": "31a6fc294d8db6fc3c89e60321e052bae8b9e96b", + "revCount": 308, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/nvim" }, @@ -1684,11 +1719,11 @@ ] }, "locked": { - "lastModified": 1757930296, - "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", + "lastModified": 1759718104, + "narHash": "sha256-TbkLsgdnXHUXR4gOQBmhxkEE9ne+eHmX1chZHWRogy0=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", + "rev": "edea9f33f9a03f615ad3609a40fbcefe0ec835ca", "type": "github" }, "original": { @@ -1742,6 +1777,22 @@ "type": "github" } }, + "trilium-nixpkgs": { + "locked": { + "lastModified": 1759733170, + "narHash": "sha256-TXnlsVb5Z8HXZ6mZoeOAIwxmvGHp1g4Dw89eLvIwKVI=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "8913c168d1c56dc49a7718685968f38752171c3b", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "vpnconfinement": { "locked": { "lastModified": 1743810720, diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix index a0e5624..9a7b684 100644 --- a/hosts/h001/flake.nix +++ b/hosts/h001/flake.nix @@ -2,7 +2,10 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; # nixpkgs-unstable.url = "github:wrvsrx/nixpkgs/fix-open-webui"; - nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + open-webui-nixpkgs.url = "github:nixos/nixpkgs/e9f00bd893984bc8ce46c895c3bf7cac95331127"; + litellm-nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + trilium-nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + oauth2-proxy-nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing common.url = "path:../../common"; @@ -31,10 +34,6 @@ lib.nixosSystem { specialArgs = { inherit inputs; - upkgs = import inputs.nixpkgs-unstable { - system = "x86_64-linux"; - config.allowUnfree = true; - }; }; modules = [ common.nixosModules.default diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix index 2332292..89dfef1 100644 --- a/hosts/h001/mods/default.nix +++ b/hosts/h001/mods/default.nix @@ -3,6 +3,7 @@ }: { imports = [ + ./litellm.nix ./nixarr.nix ./monitoring.nix ./pinchflat.nix diff --git a/hosts/h001/mods/litellm.nix b/hosts/h001/mods/litellm.nix new file mode 100644 index 0000000..b04b31b --- /dev/null +++ b/hosts/h001/mods/litellm.nix @@ -0,0 +1,169 @@ +{ + inputs, + ... +}: +let + declaration = "services/misc/litellm.nix"; + nixpkgs = inputs.open-webui-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; + port = 8094; +in +{ + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; + options = { }; + config = { + networking.firewall.enable = true; + # Expose litellm to my overlay network as well + networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ port ]; + + services.litellm = { + enable = true; + inherit port; + host = "0.0.0.0"; + openFirewall = false; + package = pkgs.litellm; + environment = { + SCARF_NO_ANALYTICS = "True"; + DO_NOT_TRACK = "True"; + ANONYMIZED_TELEMETRY = "False"; + GITHUB_COPILOT_TOKEN_DIR = "/var/lib/litellm/github_copilot"; + XDG_CONFIG_HOME = "/var/lib/litellm/.config"; + }; + settings = { + environment_variables = { + LITELLM_PROXY_API_KEY = "na"; + }; + litellm_settings = { + check_provider_endpoints = true; + }; + model_list = [ + # existing + { + model_name = "GPT-5"; + litellm_params = { + model = "azure/gpt-5-2025-08-07"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-5-mini"; + litellm_params = { + model = "azure/gpt-5-mini-2025-08-07"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-5-nano"; + litellm_params = { + model = "azure/gpt-5-nano-2025-08-07"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + # { + # model_name = "GPT-5-codex"; + # litellm_params = { + # model = "azure/gpt-5-codex-2025-09-15"; + # api_base = "http://100.64.0.8:9010/azure"; + # api_version = "2025-04-01-preview"; + # api_key = "na"; + # }; + # } + { + model_name = "GPT-4.1"; + litellm_params = { + model = "azure/gpt-4.1-2025-04-14"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-4.1-mini"; + litellm_params = { + model = "azure/gpt-4.1-mini-2025-04-14"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-4o"; + litellm_params = { + model = "azure/gpt-4o-2024-05-13"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + # { + # model_name = "dall-e-3-3.0"; + # litellm_params = { + # model = "azure/dall-e-3-3.0"; + # api_base = "http://100.64.0.8:9010/azure"; + # api_version = "2025-04-01-preview"; + # api_key = "na"; + # }; + # } + + # Copilot + { + model_name = "copilot-claude-sonnet-4"; + litellm_params = { + model = "github_copilot/claude-sonnet-4"; + extra_headers = { + "editor-version" = "vscode/1.85.1"; + "Copilot-Integration-Id" = "vscode-chat"; + "user-agent" = "GithubCopilot/1.155.0"; + "editor-plugin-version" = "copilot/1.155.0"; + }; + }; + } + { + model_name = "copilot-google-gemini-2.5-pro"; + litellm_params = { + model = "github_copilot/gemini-2.5-pro"; + extra_headers = { + "editor-version" = "vscode/1.85.1"; + "Copilot-Integration-Id" = "vscode-chat"; + "user-agent" = "GithubCopilot/1.155.0"; + "editor-plugin-version" = "copilot/1.155.0"; + }; + }; + } + # { + # model_name = "copilot-google-gemini-2.0-flash"; + # litellm_params = { + # model = "github_copilot/gemini-2.0-flash"; + # extra_headers = { + # "editor-version" = "vscode/1.85.1"; + # "Copilot-Integration-Id" = "vscode-chat"; + # "user-agent" = "GithubCopilot/1.155.0"; + # "editor-plugin-version" = "copilot/1.155.0"; + # }; + # }; + # } + + # 宙 Proxy + # { + # model_name = "litellm_proxy/*"; + # litellm_params = { + # model = "litellm_proxy/*"; + # api_base = "http://100.64.0.8:9010/air_key"; + # api_key = "os.environ/LITELLM_PROXY_API_KEY"; + # }; + # } + ]; + }; + }; + }; +} diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index f39e837..ca06729 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -1,40 +1,56 @@ -{ upkgs, config, ... }: { - services.oauth2-proxy = { - enable = true; - httpAddress = "http://127.0.0.1:4180"; - package = upkgs.oauth2-proxy; - provider = "oidc"; - reverseProxy = true; - redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback"; - validateURL = "https://sso.joshuabell.xyz/oauth2/"; - oidcIssuerUrl = "https://sso.joshuabell.xyz"; - keyFile = config.age.secrets.oauth2_proxy_key_file.path; - nginx.domain = "sso-proxy.joshuabell.xyz"; - email.domains = [ "*" ]; - extraConfig = { - whitelist-domain = "*.joshuabell.xyz"; - cookie-domain = ".joshuabell.xyz"; - oidc-groups-claim = "flatRolesClaim"; - # scope = "openid email profiles"; - - # pass-access-token = "true"; - # set-authorization-header = "true"; - # pass-user-headers = "true"; - - # show-debug-on-error = "true"; - # errors-to-info-log = "true"; - }; - cookie.refresh = "30m"; - # setXauthrequest = true; + inputs, + config, + ... +}: +let + declaration = "services/security/oauth2-proxy.nix"; + nixpkgs = inputs.open-webui-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; }; +in +{ + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; + config = { + services.oauth2-proxy = { + enable = true; + httpAddress = "http://127.0.0.1:4180"; + package = pkgs.oauth2-proxy; + provider = "oidc"; + reverseProxy = true; + redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback"; + validateURL = "https://sso.joshuabell.xyz/oauth2/"; + oidcIssuerUrl = "https://sso.joshuabell.xyz"; + keyFile = config.age.secrets.oauth2_proxy_key_file.path; + nginx.domain = "sso-proxy.joshuabell.xyz"; + email.domains = [ "*" ]; + extraConfig = { + whitelist-domain = "*.joshuabell.xyz"; + cookie-domain = ".joshuabell.xyz"; + oidc-groups-claim = "flatRolesClaim"; + # scope = "openid email profiles"; - services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { - locations = { - "/" = { - proxyWebsockets = true; - recommendedProxySettings = true; - proxyPass = "http://127.0.0.1:4180"; + # pass-access-token = "true"; + # set-authorization-header = "true"; + # pass-user-headers = "true"; + + # show-debug-on-error = "true"; + # errors-to-info-log = "true"; + }; + cookie.refresh = "30m"; + # setXauthrequest = true; + }; + + services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:4180"; + }; }; }; }; diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix index 2c847b6..6b9c994 100644 --- a/hosts/h001/mods/openwebui.nix +++ b/hosts/h001/mods/openwebui.nix @@ -1,20 +1,19 @@ { - upkgs, inputs, config, ... }: +let + declaration = "services/misc/open-webui.nix"; + nixpkgs = inputs.open-webui-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; +in { - # Use unstable services - disabledModules = [ - "services/misc/open-webui.nix" - "services/misc/litellm.nix" - ]; - imports = [ - "${inputs.nixpkgs-unstable}/nixos/modules/services/misc/open-webui.nix" - "${inputs.nixpkgs-unstable}/nixos/modules/services/misc/litellm.nix" - ]; - + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; options = { }; config = { services.nginx.virtualHosts."chat.joshuabell.xyz" = { @@ -35,7 +34,7 @@ port = 8084; host = "127.0.0.1"; openFirewall = false; - package = upkgs.open-webui; + package = pkgs.open-webui; environmentFile = config.age.secrets.openwebui_env.path; environment = { # Declarative config, we don't use admin panel for anything @@ -68,134 +67,5 @@ # OAUTH_UPDATE_PICTURE_ON_LOGIN = "True"; }; }; - - services.litellm = { - enable = true; - port = 8094; - openFirewall = false; - package = upkgs.litellm; - environment = { - SCARF_NO_ANALYTICS = "True"; - DO_NOT_TRACK = "True"; - ANONYMIZED_TELEMETRY = "False"; - GITHUB_COPILOT_TOKEN_DIR = "/var/lib/litellm/github_copilot"; - XDG_CONFIG_HOME = "/var/lib/litellm/.config"; - }; - settings = { - model_list = [ - # existing - { - model_name = "GPT-5"; - litellm_params = { - model = "azure/gpt-5-2025-08-07"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-5-mini"; - litellm_params = { - model = "azure/gpt-5-mini-2025-08-07"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-5-nano"; - litellm_params = { - model = "azure/gpt-5-nano-2025-08-07"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - # { - # model_name = "GPT-5-codex"; - # litellm_params = { - # model = "azure/gpt-5-codex-2025-09-15"; - # api_base = "http://100.64.0.8:9010/azure"; - # api_version = "2025-04-01-preview"; - # api_key = "na"; - # }; - # } - { - model_name = "GPT-4.1"; - litellm_params = { - model = "azure/gpt-4.1-2025-04-14"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-4.1-mini"; - litellm_params = { - model = "azure/gpt-4.1-mini-2025-04-14"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-4o"; - litellm_params = { - model = "azure/gpt-4o-2024-05-13"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - # { - # model_name = "dall-e-3-3.0"; - # litellm_params = { - # model = "azure/dall-e-3-3.0"; - # api_base = "http://100.64.0.8:9010/azure"; - # api_version = "2025-04-01-preview"; - # api_key = "na"; - # }; - # } - - # Copilot - { - model_name = "copilot-claude-sonnet-4"; - litellm_params = { - model = "github_copilot/claude-sonnet-4"; - extra_headers = { - "editor-version" = "vscode/1.85.1"; - "Copilot-Integration-Id" = "vscode-chat"; - "user-agent" = "GithubCopilot/1.155.0"; - "editor-plugin-version" = "copilot/1.155.0"; - }; - }; - } - { - model_name = "copilot-google-gemini-2.5-pro"; - litellm_params = { - model = "github_copilot/gemini-2.5-pro"; - extra_headers = { - "editor-version" = "vscode/1.85.1"; - "Copilot-Integration-Id" = "vscode-chat"; - "user-agent" = "GithubCopilot/1.155.0"; - "editor-plugin-version" = "copilot/1.155.0"; - }; - }; - } - # { - # model_name = "copilot-google-gemini-2.0-flash"; - # litellm_params = { - # model = "github_copilot/gemini-2.0-flash"; - # extra_headers = { - # "editor-version" = "vscode/1.85.1"; - # "Copilot-Integration-Id" = "vscode-chat"; - # "user-agent" = "GithubCopilot/1.155.0"; - # "editor-plugin-version" = "copilot/1.155.0"; - # }; - # }; - # } - ]; - }; - }; }; } diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 94f600c..63db1f4 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -1,12 +1,22 @@ { - upkgs, + inputs, ... }: +let + declaration = "services/web-apps/trilium.nix"; + nixpkgs = inputs.open-webui-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; +in { + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; config = { services.trilium-server = { enable = true; - package = upkgs.trilium-server; + package = pkgs.trilium-server; port = 9111; host = "127.0.0.1"; dataDir = "/var/lib/trilium"; From 58f5e8b91c47d9c36882b4149a22ff312103a83e Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 7 Oct 2025 19:47:50 -0500 Subject: [PATCH 041/109] update lio --- hosts/lio/flake.lock | 140 +++++++++++++++++++++---------------------- 1 file changed, 70 insertions(+), 70 deletions(-) diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index a533c16..329e4fb 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -596,11 +596,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1757952092, - "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", + "lastModified": 1759772810, + "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fd76dc9e7c68ac7c3941ba2af2bedcd79c5cf4ed", + "rev": "2b78ecc45e163d655c08c9a4cffb4a91c66d0493", "type": "github" }, "original": { @@ -628,11 +628,11 @@ "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { "flake": false, "locked": { - "lastModified": 1757950300, - "narHash": "sha256-IQTP3jOmFNc2nphV9jdFbJXkmAN5Wj+/PIGmaZ8gP24=", + "lastModified": 1759715887, + "narHash": "sha256-9wXyswKnUenlZyO/aIy0gr1hF0IhuEJ0UOwvqjDSGjA=", "owner": "CopilotC-Nvim", "repo": "CopilotChat.nvim", - "rev": "87615648ff4dc852d1cf7ec099f0a7c37b1b2c87", + "rev": "92f269971c33a6e2f405da8b14f01cd109b9a3a3", "type": "github" }, "original": { @@ -660,11 +660,11 @@ "nvim_plugin-L3MON4D3/LuaSnip": { "flake": false, "locked": { - "lastModified": 1756990415, - "narHash": "sha256-5FsUVPy8pAiwBh3c+bPDMtypFEHj6qIwGQIo3hjqV4M=", + "lastModified": 1759157591, + "narHash": "sha256-sicE0/Vgc03X+Qxqlu5CM7NGd+6FE9RGx6OjZUa6Umw=", "owner": "L3MON4D3", "repo": "LuaSnip", - "rev": "21f74f7ba8c49f95f9d7c8293b147c2901dd2d3a", + "rev": "73813308abc2eaeff2bc0d3f2f79270c491be9d7", "type": "github" }, "original": { @@ -676,11 +676,11 @@ "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { "flake": false, "locked": { - "lastModified": 1757910669, - "narHash": "sha256-PWbFcGRbTMRhDJrj+kx73HLduMLOSrAhZTLL2YgrAjQ=", + "lastModified": 1759424904, + "narHash": "sha256-Smt9v6/XyHUdUiIPyCPQSRvWCeMMhYITSZWd9M7Jlvs=", "owner": "MeanderingProgrammer", "repo": "render-markdown.nvim", - "rev": "2c6cf127c577712bd29d38f6391b3045c5f0180a", + "rev": "7e6af36c846017122e07e68803bbf95f3c729ca3", "type": "github" }, "original": { @@ -740,11 +740,11 @@ "nvim_plugin-aznhe21/actions-preview.nvim": { "flake": false, "locked": { - "lastModified": 1745779150, - "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "lastModified": 1759462626, + "narHash": "sha256-YUeWBXxxeurfWBi0PjUi6izqYAvUw9DHmvsuPXm7ohw=", "owner": "aznhe21", "repo": "actions-preview.nvim", - "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "rev": "cb938c25edaac38d362555f19244a9cb85d561e8", "type": "github" }, "original": { @@ -756,11 +756,11 @@ "nvim_plugin-b0o/schemastore.nvim": { "flake": false, "locked": { - "lastModified": 1757653237, - "narHash": "sha256-94NKAVWPV2sLkGWWL9G07QxA90Ise6tNWaYyKBcS/vI=", + "lastModified": 1759454886, + "narHash": "sha256-T6mWvScsU0IsB3wFre5+TrNIbpQCA0flf7BNrGQIb+M=", "owner": "b0o", "repo": "schemastore.nvim", - "rev": "3146720ee3a0c6e2446eedd492fb519d16f2e467", + "rev": "8e17e50b519ba360bcfd5dfb5843ccac9be500ba", "type": "github" }, "original": { @@ -772,11 +772,11 @@ "nvim_plugin-catppuccin/nvim": { "flake": false, "locked": { - "lastModified": 1755621274, - "narHash": "sha256-o8VLMPriOh4+Ay5Ff0cWQYXjmihdr3x9131bKHHTsQE=", + "lastModified": 1759668198, + "narHash": "sha256-WmWGygttH78KajAaIvlwRW47G7UGJuPV0YIfEZkse6I=", "owner": "catppuccin", "repo": "nvim", - "rev": "30fa4d122d9b22ad8b2e0ab1b533c8c26c4dde86", + "rev": "e79d09fa347b367e0e7f693bfe87dba932a8cbd1", "type": "github" }, "original": { @@ -820,11 +820,11 @@ "nvim_plugin-folke/lazy.nvim": { "flake": false, "locked": { - "lastModified": 1740511197, - "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "lastModified": 1759439283, + "narHash": "sha256-FjQ2rj3BvC8fh60IT0ExrBOmdDLdXFexffef6iKcPFQ=", "owner": "folke", "repo": "lazy.nvim", - "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "rev": "59334064f8604ca073791c25dcc5c9698865406e", "type": "github" }, "original": { @@ -852,11 +852,11 @@ "nvim_plugin-folke/which-key.nvim": { "flake": false, "locked": { - "lastModified": 1740233407, - "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "lastModified": 1758639622, + "narHash": "sha256-JNkjlv6QpnuaYCAFcBPjV7IavVLzj8QEX/Zi3sbdyrU=", "owner": "folke", "repo": "which-key.nvim", - "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "rev": "904308e6885bbb7b60714c80ab3daf0c071c1492", "type": "github" }, "original": { @@ -932,11 +932,11 @@ "nvim_plugin-j-hui/fidget.nvim": { "flake": false, "locked": { - "lastModified": 1755700851, - "narHash": "sha256-KRlUqUdcliKpLnEJqyA2OAWto73F6iGTbMrsiAdc24M=", + "lastModified": 1758578970, + "narHash": "sha256-ieY3zaQAydzadpPiW1/IYakVHhp+wyEOpCQntgDOObs=", "owner": "j-hui", "repo": "fidget.nvim", - "rev": "4d5858bd4c471c895060e1b9f3575f1551184dc5", + "rev": "3f5475949679953af6d78654db29b944fa826e6a", "type": "github" }, "original": { @@ -964,11 +964,11 @@ "nvim_plugin-lewis6991/gitsigns.nvim": { "flake": false, "locked": { - "lastModified": 1757668552, - "narHash": "sha256-L5WbNiFUn014hThvGfb5r858O6iLOBhOQHfVUdIlFI4=", + "lastModified": 1759324477, + "narHash": "sha256-GDK9I3SNRyZe59+GsnDC0L2KjGr150dWo4S3DUwhT7U=", "owner": "lewis6991", "repo": "gitsigns.nvim", - "rev": "f780609807eca1f783a36a8a31c30a48fbe150c5", + "rev": "1ee5c1fd068c81f9dd06483e639c2aa4587dc197", "type": "github" }, "original": { @@ -1028,11 +1028,11 @@ "nvim_plugin-mbbill/undotree": { "flake": false, "locked": { - "lastModified": 1756538456, - "narHash": "sha256-tudR+46nd63jY1VTCNEfZ2CofxCODXaHos0+NdFI6wU=", + "lastModified": 1759186837, + "narHash": "sha256-EWOH08KAWyoT9m45/B1d5aKQQJtd3k4orJbagVsxe08=", "owner": "mbbill", "repo": "undotree", - "rev": "fe9a9d0645f0f5532360b5e5f5c550d7bb4f1869", + "rev": "0f1c9816975b5d7f87d5003a19c53c6fd2ff6f7f", "type": "github" }, "original": { @@ -1044,11 +1044,11 @@ "nvim_plugin-mfussenegger/nvim-lint": { "flake": false, "locked": { - "lastModified": 1757878177, - "narHash": "sha256-8X9z0pRWx9xg9nQhhQtuOu3TunObg2CIgnlPXZtx86A=", + "lastModified": 1758714671, + "narHash": "sha256-POnQfsZAv93+0uCbKFcNgyQxn3u8nNqgnx0uTqCkCq8=", "owner": "mfussenegger", "repo": "nvim-lint", - "rev": "0864f81c681e15d9bdc1156fe3a17bd07db5a3ed", + "rev": "335a6044be16d7701001059cba9baa36fbeef422", "type": "github" }, "original": { @@ -1060,11 +1060,11 @@ "nvim_plugin-mrcjkb/rustaceanvim": { "flake": false, "locked": { - "lastModified": 1757809469, - "narHash": "sha256-bijgDZozBNmHW3cASmOrQlaSE80d8V3XRxi1BNmfzRI=", + "lastModified": 1759623626, + "narHash": "sha256-Cz4LDzz7v3kBS1mbxZjprogqHFghYr5xMfSN3us2Ltk=", "owner": "mrcjkb", "repo": "rustaceanvim", - "rev": "370b85298e5afdfd8b5d3da0c60c04e3873499a4", + "rev": "96a4f5efc7705f613ddd47fb5d1445c172acb213", "type": "github" }, "original": { @@ -1076,11 +1076,11 @@ "nvim_plugin-neovim/nvim-lspconfig": { "flake": false, "locked": { - "lastModified": 1757886255, - "narHash": "sha256-lIlFgHkesAK7fRcoEEQO84/0BpE29dBgNzBnCv/0Tf0=", + "lastModified": 1759548517, + "narHash": "sha256-K56vjTUkQ/NdA6vq5942zUknPiCUbMByiEW540dR8R0=", "owner": "neovim", "repo": "nvim-lspconfig", - "rev": "d9879110d0422a566fa01d732556f4d5515e1738", + "rev": "e688b486fe9291f151eae7e5c0b5a5c4ef980847", "type": "github" }, "original": { @@ -1092,11 +1092,11 @@ "nvim_plugin-nosduco/remote-sshfs.nvim": { "flake": false, "locked": { - "lastModified": 1755703322, - "narHash": "sha256-xy+50CsRd0LfRyDtNNMI8KhzvjH2nt8ogwiXf7H3fYY=", + "lastModified": 1759193354, + "narHash": "sha256-FfUxpRfqrf0r56/gi76N2ZooWnXWO0aRtaQBS7m+SvY=", "owner": "nosduco", "repo": "remote-sshfs.nvim", - "rev": "8b0974c0e23ef086f5598ebbb1980257171dc370", + "rev": "45502b3892774811153aeab5f7f9b0033c82005c", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ "nvim_plugin-nvim-tree/nvim-tree.lua": { "flake": false, "locked": { - "lastModified": 1757312802, - "narHash": "sha256-Km+PWXJJLl8zsBjwIGL//qT/eUEZna4yYRPsWXMXG1E=", + "lastModified": 1759222332, + "narHash": "sha256-TmQd8Xx9xw3G9PfPH+DZeSECfiUoO7XKCUSyQ4O0hMk=", "owner": "nvim-tree", "repo": "nvim-tree.lua", - "rev": "e179ad2f83b5955ab0af653069a493a1828c2697", + "rev": "87d096a39cb2d5d43e6771563575ff042a79f48b", "type": "github" }, "original": { @@ -1236,11 +1236,11 @@ "nvim_plugin-nvim-tree/nvim-web-devicons": { "flake": false, "locked": { - "lastModified": 1756936794, - "narHash": "sha256-2Q6ZZQj5HFXTw1YwX3ibdGOTwfbfPUBbcPOsuBUpSjc=", + "lastModified": 1759188261, + "narHash": "sha256-lVrakFrpIP9lp7sMfMb33KeMPIkcn1qBFVytJzKCfuE=", "owner": "nvim-tree", "repo": "nvim-web-devicons", - "rev": "6e51ca170563330e063720449c21f43e27ca0bc1", + "rev": "b8221e42cf7287c4dcde81f232f58d7b947c210d", "type": "github" }, "original": { @@ -1300,11 +1300,11 @@ "nvim_plugin-rmagatti/auto-session": { "flake": false, "locked": { - "lastModified": 1757864222, - "narHash": "sha256-FbN36vVLX3DUXwefTbi6511R6KTHqLiNHeAR0kXiarg=", + "lastModified": 1759618137, + "narHash": "sha256-+RYQi685tyV73WNXpgr/Q5p3o21dSUkQmSoif+EPBVM=", "owner": "rmagatti", "repo": "auto-session", - "rev": "5a269bb5bec50b8b60564aa00f6454d9e82fbe8d", + "rev": "0385a9ad378d70608c2e6e4c14b3b126ce30fc51", "type": "github" }, "original": { @@ -1364,11 +1364,11 @@ "nvim_plugin-stevearc/conform.nvim": { "flake": false, "locked": { - "lastModified": 1756334700, - "narHash": "sha256-j9TOSx2L19AHABdg9pLtmEUtPOCIUSo0qe2YUPBlZ5g=", + "lastModified": 1759554032, + "narHash": "sha256-JX+vFs+8n4PS7Xwq68MW2mjlDaLlUx6CxMqhf9ArfXQ=", "owner": "stevearc", "repo": "conform.nvim", - "rev": "b4aab989db276993ea5dcb78872be494ce546521", + "rev": "9d859cbfbde7a1bd1770e7c97aef30ec5a237a71", "type": "github" }, "original": { @@ -1476,11 +1476,11 @@ "nvim_plugin-zbirenbaum/copilot.lua": { "flake": false, "locked": { - "lastModified": 1757884406, - "narHash": "sha256-sXobILIsV4nnk9//PbFT4L1BsHP1xSJiuibVbGwYXJ8=", + "lastModified": 1759697885, + "narHash": "sha256-PwqJ7/FCfK4AqFgguZ2Tac5RWhehSEfI1N6ySSuTbZc=", "owner": "zbirenbaum", "repo": "copilot.lua", - "rev": "8aebaa3a102125fedf08c98773a0a8def92fff37", + "rev": "30b98a4c25d6152c14084020f703b6d56e1f1122", "type": "github" }, "original": { @@ -1604,11 +1604,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1758041510, - "narHash": "sha256-vcK6ZwAWNfjdDFYKLVrWk+azva58AiDpm8nMfIniFWA=", + "lastModified": 1759884037, + "narHash": "sha256-b7NRujkErYwxiTIYBLFHO07plS0caVR5CQZbcitBIgE=", "ref": "refs/heads/master", - "rev": "b3dbdf3f7360747987bf38bcdd9baf01b4906929", - "revCount": 304, + "rev": "468195ab00baa215392dbef52018e180579498b5", + "revCount": 309, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/nvim" }, @@ -1647,11 +1647,11 @@ ] }, "locked": { - "lastModified": 1757930296, - "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", + "lastModified": 1759718104, + "narHash": "sha256-TbkLsgdnXHUXR4gOQBmhxkEE9ne+eHmX1chZHWRogy0=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", + "rev": "edea9f33f9a03f615ad3609a40fbcefe0ec835ca", "type": "github" }, "original": { From 14b0eaff084f6003eae64c73bfe9fa5bcd185133 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 8 Oct 2025 14:03:31 -0500 Subject: [PATCH 042/109] n8n stuff --- hosts/h001/mods/default.nix | 1 + hosts/h001/mods/n8n.nix | 33 +++++++++++++++++++++++++++++++++ hosts/oracle/o001/nginx.nix | 8 ++++++++ 3 files changed, 42 insertions(+) create mode 100644 hosts/h001/mods/n8n.nix diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix index 89dfef1..214f3c6 100644 --- a/hosts/h001/mods/default.nix +++ b/hosts/h001/mods/default.nix @@ -10,5 +10,6 @@ ./openwebui.nix ./trilium.nix ./oauth2-proxy.nix + ./n8n.nix ]; } diff --git a/hosts/h001/mods/n8n.nix b/hosts/h001/mods/n8n.nix new file mode 100644 index 0000000..33581f4 --- /dev/null +++ b/hosts/h001/mods/n8n.nix @@ -0,0 +1,33 @@ +{ + ... +}: +let + port = 5678; +in +{ + options = { }; + config = { + services.nginx.virtualHosts = { + "n8n.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:${port}"; + }; + }; + }; + }; + + # Expose litellm to my overlay network as well + networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ port ]; + + services.n8n = { + enable = true; + }; + systemd.services.n8n.environment = { + # N8N_SECURE_COOKIE = "false"; + N8N_EDITOR_BASE_URL = "https://n8n.joshuabell.xyz/"; + }; + }; +} diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index 2188c0b..ace5c87 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -163,6 +163,14 @@ proxyPass = "http://100.64.0.13"; }; }; + "n8n.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://100.64.0.13"; + }; + }; "notes.joshuabell.xyz" = { enableACME = true; forceSSL = true; From c22f742013e63c6895648b9597f340a0d2891961 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 8 Oct 2025 14:20:50 -0500 Subject: [PATCH 043/109] change n8n to be behind reverse proxy --- hosts/h001/mods/n8n.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/hosts/h001/mods/n8n.nix b/hosts/h001/mods/n8n.nix index 33581f4..ae23187 100644 --- a/hosts/h001/mods/n8n.nix +++ b/hosts/h001/mods/n8n.nix @@ -1,9 +1,6 @@ { ... }: -let - port = 5678; -in { options = { }; config = { @@ -13,21 +10,27 @@ in "/" = { proxyWebsockets = true; recommendedProxySettings = true; - proxyPass = "http://127.0.0.1:${port}"; + proxyPass = "http://127.0.0.1:5678"; }; }; }; }; # Expose litellm to my overlay network as well - networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ port ]; + # networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ port ]; services.n8n = { enable = true; }; systemd.services.n8n.environment = { # N8N_SECURE_COOKIE = "false"; + N8N_LISTEN_ADDRESS = "127.0.0.1"; N8N_EDITOR_BASE_URL = "https://n8n.joshuabell.xyz/"; + N8N_HOST = "n8n.joshuabell.xyz"; + VUE_APP_URL_BASE_API = "https://n8n.joshuabell.xyz/"; + N8N_HIRING_BANNER_ENABLED = "false"; + N8N_PUBLIC_API_DISABLED = "true"; + N8N_PUBLIC_API_SWAGGERUI_DISABLED = "true"; }; }; } From 9e58c219460500d5f0f66378170eb5254ab8f519 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 14:27:36 -0500 Subject: [PATCH 044/109] add postgres for fun data --- hosts/h001/mods/default.nix | 1 + hosts/h001/mods/n8n.nix | 4 ++-- hosts/h001/mods/postgresql.nix | 24 ++++++++++++++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 hosts/h001/mods/postgresql.nix diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix index 214f3c6..d75545c 100644 --- a/hosts/h001/mods/default.nix +++ b/hosts/h001/mods/default.nix @@ -11,5 +11,6 @@ ./trilium.nix ./oauth2-proxy.nix ./n8n.nix + ./postgresql.nix ]; } diff --git a/hosts/h001/mods/n8n.nix b/hosts/h001/mods/n8n.nix index ae23187..463919a 100644 --- a/hosts/h001/mods/n8n.nix +++ b/hosts/h001/mods/n8n.nix @@ -29,8 +29,8 @@ N8N_HOST = "n8n.joshuabell.xyz"; VUE_APP_URL_BASE_API = "https://n8n.joshuabell.xyz/"; N8N_HIRING_BANNER_ENABLED = "false"; - N8N_PUBLIC_API_DISABLED = "true"; - N8N_PUBLIC_API_SWAGGERUI_DISABLED = "true"; + # N8N_PUBLIC_API_DISABLED = "true"; + # N8N_PUBLIC_API_SWAGGERUI_DISABLED = "true"; }; }; } diff --git a/hosts/h001/mods/postgresql.nix b/hosts/h001/mods/postgresql.nix new file mode 100644 index 0000000..7397377 --- /dev/null +++ b/hosts/h001/mods/postgresql.nix @@ -0,0 +1,24 @@ +{ + pkgs, + ... +}: +{ + config = { + services.postgresql = { + enable = true; + package = pkgs.postgresql_17.withJIT; + enableJIT = true; + authentication = '' + local all all trust + host all all 127.0.0.1/8 trust + host all all ::1/128 trust + host all all fc00::1/128 trust + ''; + }; + + # Backup database + services.postgresqlBackup = { + enable = true; + }; + }; +} From 58348b3c83cfb669cd90c6ccec014603ebd5a897 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 16:06:18 -0500 Subject: [PATCH 045/109] fix nixpkgs and trillium --- hosts/h001/flake.lock | 6 +++--- hosts/h001/mods/litellm.nix | 2 +- hosts/h001/mods/oauth2-proxy.nix | 4 ++-- hosts/h001/mods/trilium.nix | 14 +++++++++++++- 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock index 95d159e..33f95d6 100644 --- a/hosts/h001/flake.lock +++ b/hosts/h001/flake.lock @@ -1779,11 +1779,11 @@ }, "trilium-nixpkgs": { "locked": { - "lastModified": 1759733170, - "narHash": "sha256-TXnlsVb5Z8HXZ6mZoeOAIwxmvGHp1g4Dw89eLvIwKVI=", + "lastModified": 1759831965, + "narHash": "sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH+47XEBo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8913c168d1c56dc49a7718685968f38752171c3b", + "rev": "c9b6fb798541223bbb396d287d16f43520250518", "type": "github" }, "original": { diff --git a/hosts/h001/mods/litellm.nix b/hosts/h001/mods/litellm.nix index b04b31b..10b53d2 100644 --- a/hosts/h001/mods/litellm.nix +++ b/hosts/h001/mods/litellm.nix @@ -4,7 +4,7 @@ }: let declaration = "services/misc/litellm.nix"; - nixpkgs = inputs.open-webui-nixpkgs; + nixpkgs = inputs.litellm-nixpkgs; pkgs = import nixpkgs { system = "x86_64-linux"; config.allowUnfree = true; diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index ca06729..bfb34fa 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -5,7 +5,7 @@ }: let declaration = "services/security/oauth2-proxy.nix"; - nixpkgs = inputs.open-webui-nixpkgs; + nixpkgs = inputs.oauth2-proxy-nixpkgs; pkgs = import nixpkgs { system = "x86_64-linux"; config.allowUnfree = true; @@ -40,7 +40,7 @@ in # show-debug-on-error = "true"; # errors-to-info-log = "true"; }; - cookie.refresh = "30m"; + cookie.refresh = "12h"; # setXauthrequest = true; }; diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 63db1f4..863246d 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -1,10 +1,11 @@ { inputs, + lib, ... }: let declaration = "services/web-apps/trilium.nix"; - nixpkgs = inputs.open-webui-nixpkgs; + nixpkgs = inputs.trilium-nixpkgs; pkgs = import nixpkgs { system = "x86_64-linux"; config.allowUnfree = true; @@ -20,12 +21,23 @@ in port = 9111; host = "127.0.0.1"; dataDir = "/var/lib/trilium"; + # NOTE using oauth2-proxy for auth, ensure that is not removed below while keeping this on noAuthentication = true; instanceName = "joshuabell"; }; systemd.services.trilium-server.environment = { TRILIUM_NO_UPLOAD_LIMIT = "true"; + + # TRILIUM_PUBLIC_URL = "https://notes.joshuabell.xyz"; + + # TODO this did not work... sad we use oauth2-proxy instead + # TRILIUM_OAUTH_BASE_URL = "https://notes.joshuabell.xyz"; + # TRILIUM_OAUTH_CLIENT_ID = "REPLACE"; + # TRILIUM_OAUTH_CLIENT_SECRET = "REPLACE"; + # TRILIUM_OAUTH_ISSUER_BASE_URL = "https://sso.joshuabell.xyz/.well-known/openid-configuration"; + # TRILIUM_OAUTH_ISSUER_NAME = "SSO"; + # TRILIUM_OAUTH_ISSUER_ICON = "https://cdn.jsdelivr.net/gh/selfhst/icons/svg/zitadel.svg"; }; services.oauth2-proxy.nginx.virtualHosts."notes.joshuabell.xyz" = { From 645300b0e4a150b530d48b6d0226a5d107bf2e71 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 16:29:11 -0500 Subject: [PATCH 046/109] add media dns split --- hosts/h003/mods/networking.nix | 36 +++++++++++++++------------------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/hosts/h003/mods/networking.nix b/hosts/h003/mods/networking.nix index 6fa5e56..b756eb9 100644 --- a/hosts/h003/mods/networking.nix +++ b/hosts/h003/mods/networking.nix @@ -110,9 +110,17 @@ }; vlan10 = { - # Block all WAN - allowedTCPPorts = [ ]; - allowedUDPPorts = [ ]; + allowedTCPPorts = [ + 22 # SSH (for remote admin access) + 53 # DNS + 80 + 443 # HTTP + ]; + allowedUDPPorts = [ + 53 # DNS + 67 # DHCP server + 68 + ]; }; # LAN interface (VLAN 20) - FULL SERVICE @@ -129,21 +137,6 @@ 68 # DHCP client responses ]; }; - - # NOTE check this... - vlan10 = { - allowedTCPPorts = [ - 22 # SSH (for remote admin access) - 53 # DNS - 80 - 443 # HTTP - ]; - allowedUDPPorts = [ - 53 # DNS - 67 # DHCP server - 68 - ]; - }; }; }; @@ -164,8 +157,8 @@ settings = { # Listen only on LAN interface interface = [ - "vlan20" "vlan10" + "vlan20" ]; bind-interfaces = true; @@ -174,6 +167,9 @@ # Note in Ad GuardHome in DNS Settings add localhost:9053 to Private reverse DNS servers and enable them listen-address = "127.0.0.1"; port = 9053; + host-record = [ + "media.joshuabell.xyz,10.12.14.10" + ]; # DHCP range and settings dhcp-range = [ @@ -206,8 +202,8 @@ enable-ra = lib.mkIf config.networking.enableIPv6 true; # interface, min interval, max interval ra-param = lib.mkIf config.networking.enableIPv6 [ - "vlan20,60,120" "vlan10,60,120" + "vlan20,60,120" ]; # DNS settings (not needed since we use adguard for dns) From 10d8d5008439d8d36b679848d276ded357550ec9 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 16:55:08 -0500 Subject: [PATCH 047/109] add networking dns splits for jellyfin stuff --- hosts/h003/mods/networking.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/h003/mods/networking.nix b/hosts/h003/mods/networking.nix index b756eb9..3a547c6 100644 --- a/hosts/h003/mods/networking.nix +++ b/hosts/h003/mods/networking.nix @@ -169,6 +169,10 @@ port = 9053; host-record = [ "media.joshuabell.xyz,10.12.14.10" + "jellyfin.joshuabell.xyz,10.12.14.10" + ]; + address = [ + "/h001.local.joshuabell.xyz/10.12.14.10" ]; # DHCP range and settings From af6af71f5c3ea1beba32f83862fda045858ff676 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 18:36:46 -0500 Subject: [PATCH 048/109] use forgejo in local system config --- common/_containers/forgejo.nix | 196 --------------------------- common/_containers/obsidian_sync.md | 7 - common/_containers/obsidian_sync.nix | 61 --------- common/flake.nix | 3 - hosts/h001/containers/default.nix | 30 +--- hosts/h001/containers/forgejo.nix | 19 +++ hosts/h001/containers/opengist.nix | 2 + hosts/h001/containers/zitadel.nix | 2 + hosts/h001/flake.nix | 2 +- hosts/h001/mods/n8n.nix | 2 + hosts/h001/mods/nixarr.nix | 40 +++--- hosts/h001/mods/oauth2-proxy.nix | 6 +- hosts/h001/mods/openwebui.nix | 2 + hosts/h001/mods/trilium.nix | 3 +- hosts/h001/nginx.nix | 7 + 15 files changed, 65 insertions(+), 317 deletions(-) delete mode 100644 common/_containers/forgejo.nix delete mode 100644 common/_containers/obsidian_sync.md delete mode 100644 common/_containers/obsidian_sync.nix diff --git a/common/_containers/forgejo.nix b/common/_containers/forgejo.nix deleted file mode 100644 index 92793a9..0000000 --- a/common/_containers/forgejo.nix +++ /dev/null @@ -1,196 +0,0 @@ -{ - config, - lib, - ... -}: -let - name = "forgejo"; - - hostDataDir = "/var/lib/${name}"; - - hostAddress = "10.0.0.1"; - containerAddress = "10.0.0.2"; - hostAddress6 = "fc00::1"; - containerAddress6 = "fc00::2"; - - binds = [ - # Postgres data, must use postgres user in container and host - { - host = "${hostDataDir}/postgres"; - # Adjust based on container postgres data dir - container = "/var/lib/postgresql/17"; - user = "postgres"; - uid = config.ids.uids.postgres; - gid = config.ids.gids.postgres; - } - # Postgres backups - { - host = "${hostDataDir}/backups/postgres"; - container = "/var/backup/postgresql"; - user = "postgres"; - uid = config.ids.uids.postgres; - gid = config.ids.gids.postgres; - } - # App data, uses custom user uid - { - host = "${hostDataDir}/data"; - container = "/var/lib/forgejo"; - user = "forgejo"; - uid = 115; - gid = 115; - } - ]; - uniqueUsers = lib.foldl' ( - acc: bind: if lib.lists.any (item: item.user == bind.user) acc then acc else acc ++ [ bind ] - ) [ ] binds; - users = { - users = lib.listToAttrs ( - lib.map (u: { - name = u.user; - value = { - isSystemUser = true; - name = u.user; - uid = u.uid; - group = u.user; - }; - }) uniqueUsers - ); - - groups = lib.listToAttrs ( - lib.map (g: { - name = g.user; - value.gid = g.gid; - }) uniqueUsers - ); - }; -in -{ - # Ensure users exists on host machine with same IDs as container - inherit users; - - # Ensure directories exist on host machine - system.activationScripts.createMediaServerDirs = '' - ${lib.concatStringsSep "\n" ( - lib.map (bind: '' - mkdir -p ${bind.host} - chown -R ${toString bind.user}:${toString bind.gid} ${bind.host} - chmod -R 750 ${bind.host} - '') binds - )} - ''; - - containers.${name} = { - ephemeral = true; - autoStart = true; - privateNetwork = true; - hostAddress = hostAddress; - localAddress = containerAddress; - hostAddress6 = hostAddress6; - localAddress6 = containerAddress6; - bindMounts = lib.foldl ( - acc: bind: - { - "${bind.container}" = { - hostPath = bind.host; - isReadOnly = false; - }; - } - // acc - ) { } binds; - config = - { config, pkgs, ... }: - { - system.stateVersion = "24.11"; - - networking = { - firewall = { - enable = true; - allowedTCPPorts = [ - 3000 - 3032 - ]; - }; - # Use systemd-resolved inside the container - # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686 - useHostResolvConf = lib.mkForce false; - }; - services.resolved.enable = true; - - # Ensure users exist on container - inherit users; - - services.postgresql = { - enable = true; - package = pkgs.postgresql_17.withJIT; - enableJIT = true; - authentication = '' - local all all trust - host all all 127.0.0.1/8 trust - host all all ::1/128 trust - host all all fc00::1/128 trust - ''; - }; - - # Backup database - services.postgresqlBackup = { - enable = true; - }; - - services.forgejo = { - enable = true; - dump = { - enable = false; - type = "tar.gz"; - }; - database = { - type = "postgres"; - }; - settings = { - DEFAULT = { - APP_NAME = "Josh's Git"; - }; - server = { - PROTOCOL = "http"; - DOMAIN = "git.joshuabell.xyz"; - HTTP_ADDR = "0.0.0.0"; - HTTP_PORT = 3000; - - START_SSH_SERVER = true; - SSH_DOMAIN = "git.joshuabell.xyz"; - SSH_LISTEN_HOST = "0.0.0.0"; - SSH_LISTEN_PORT = 3032; # actual listen port - SSH_PORT = 3032; # used in UI - BUILTIN_SSH_SERVER_USER = "git"; - - LANDING_PAGE = "explore"; - }; - service = { - DISABLE_REGISTRATION = true; - ENABLE_BASIC_AUTHENTICATION = false; - DISABLE_USERS_PAGE = true; - DISABLE_ORGANIZATIONS_PAGE = true; - }; - repository = { - # ENABLE_PUSH_CREATE_USER = true; - # ENABLE_PUSH_CREATE_ORG = true; - DISABLE_STARS = true; - DEFAULT_PRIVATE = "private"; - }; - admin = { - DISABLE_REGULAR_ORG_CREATION = true; - USER_DISABLED_FEATURES = "deletion"; - }; - other = { - SHOW_FOOTER_POWERED_BY = false; - SHOW_FOOTER_VERSION = false; - SHOW_FOOTER_TEMPLATE_LOAD_TIME = false; - }; - migrations = { - ALLOWED_DOMAINS = "*.github.com,github.com"; - ALLOW_LOCALNETWORKS = true; - }; - }; - }; - }; - }; -} diff --git a/common/_containers/obsidian_sync.md b/common/_containers/obsidian_sync.md deleted file mode 100644 index 98f7e11..0000000 --- a/common/_containers/obsidian_sync.md +++ /dev/null @@ -1,7 +0,0 @@ -docker run \ - -e hostname=https://obsidiansync.joshuabell.xyz \ - -e database=obsidian_sync \ - -e username=obsidian_admin \ - -e password=$REPLACE \ - docker.io/oleduc/docker-obsidian-livesync-couchdb:master \ - deno -A /scripts/generate_setupuri.ts diff --git a/common/_containers/obsidian_sync.nix b/common/_containers/obsidian_sync.nix deleted file mode 100644 index 42f8b52..0000000 --- a/common/_containers/obsidian_sync.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ - config, - pkgs, - ... -}: -let - cfg = config.services.obsidian_sync; -in -{ - options.services.obsidian_sync = - let - lib = pkgs.lib; - in - { - port = lib.mkOption { - type = lib.types.port; - default = 5984; - description = "Port number for Obsidian Sync CouchDB server"; - }; - dataDir = lib.mkOption { - type = lib.types.path; - default = "/var/lib/obsidian_sync"; - description = "Directory to store Obsidian Sync data"; - }; - serverUrl = lib.mkOption { - type = lib.types.str; - description = "URL of the Obsidian Sync server"; - }; - dockerEnvFiles = lib.mkOption { - type = lib.types.listOf lib.types.path; - default = [ ]; - description = "List of environment files to be used by the Obsidian Sync container. When provided you must supply chouchdb user/password env files they will not be supplied by default."; - }; - }; - - config = { - virtualisation.oci-containers.containers = { - ############# - # obsidian_sync # - ############# - obsidian_sync = { - user = "root"; - image = "docker.io/oleduc/docker-obsidian-livesync-couchdb:master"; - ports = [ - "${toString cfg.port}:${toString cfg.port}" - ]; - environment = { - SERVER_URL = cfg.serverUrl; - COUCHDB_DATABASE = "obsidian_sync"; - COUCHDB_USER = pkgs.lib.mkIf (cfg.dockerEnvFiles == [ ]) "adminu"; - COUCHDB_PASSWORD = pkgs.lib.mkIf (cfg.dockerEnvFiles == [ ]) "Password123"; - }; - environmentFiles = cfg.dockerEnvFiles; - volumes = [ - "${cfg.dataDir}/data:/opt/couchdb/data" - "${cfg.dataDir}/config:/opt/couchdb/etc/local.d" - ]; - }; - }; - }; -} diff --git a/common/flake.nix b/common/flake.nix index 9fcfe30..1b299be 100644 --- a/common/flake.nix +++ b/common/flake.nix @@ -56,9 +56,6 @@ }; }; }; - containers = { - forgejo = import ./_containers/forgejo.nix; - }; }; homeManagerModules = { zsh = import ./_home_manager/mods/zsh.nix; diff --git a/hosts/h001/containers/default.nix b/hosts/h001/containers/default.nix index 59cb9cd..bf033b0 100644 --- a/hosts/h001/containers/default.nix +++ b/hosts/h001/containers/default.nix @@ -1,13 +1,9 @@ -{ inputs }: -let - common = inputs.common; -in { ... }: { imports = [ - common.nixosModules.containers.forgejo + ./forgejo.nix ./opengist.nix ./homarr.nix ./zitadel.nix @@ -55,14 +51,7 @@ in virtualisation.oci-containers.backend = "podman"; - security.acme.acceptTerms = true; - security.acme.defaults.email = "admin@joshuabell.xyz"; services.nginx = { - enable = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; virtualHosts = { "localhost" = { locations."/" = { @@ -70,13 +59,6 @@ in }; }; - # forgejo http traffic - "git.joshuabell.xyz" = { - locations."/" = { - proxyPass = "http://10.0.0.2:3000"; - }; - }; - "_" = { default = true; locations."/" = { @@ -84,16 +66,6 @@ in }; }; }; - - # STREAMS - # Forgejo ssh - streamConfig = '' - server { - listen 3032; - proxy_pass 10.0.0.2:3032; - } - ''; - }; networking.firewall.allowedTCPPorts = [ diff --git a/hosts/h001/containers/forgejo.nix b/hosts/h001/containers/forgejo.nix index 92793a9..bc14238 100644 --- a/hosts/h001/containers/forgejo.nix +++ b/hosts/h001/containers/forgejo.nix @@ -65,6 +65,25 @@ let }; in { + services.nginx = { + virtualHosts = { + # forgejo http traffic + "git.joshuabell.xyz" = { + locations."/" = { + proxyPass = "http://10.0.0.2:3000"; + }; + }; + }; + # STREAMS + # Forgejo ssh + streamConfig = '' + server { + listen 3032; + proxy_pass 10.0.0.2:3032; + } + ''; + }; + # Ensure users exists on host machine with same IDs as container inherit users; diff --git a/hosts/h001/containers/opengist.nix b/hosts/h001/containers/opengist.nix index e529b94..c7fb282 100644 --- a/hosts/h001/containers/opengist.nix +++ b/hosts/h001/containers/opengist.nix @@ -29,6 +29,8 @@ in ''; services.nginx.virtualHosts."gist.joshuabell.xyz" = { + # enableACME = true; + # forceSSL = true; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/containers/zitadel.nix b/hosts/h001/containers/zitadel.nix index 5c24427..9dc0aca 100644 --- a/hosts/h001/containers/zitadel.nix +++ b/hosts/h001/containers/zitadel.nix @@ -68,6 +68,8 @@ in options = { }; config = { services.nginx.virtualHosts."sso.joshuabell.xyz" = { + # enableACME = true; + # forceSSL = true; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix index 9a7b684..e88622d 100644 --- a/hosts/h001/flake.nix +++ b/hosts/h001/flake.nix @@ -43,7 +43,7 @@ ./hardware-configuration.nix ./mods ./nginx.nix - (import ./containers { inherit inputs; }) + ./containers ( { config, pkgs, ... }: { diff --git a/hosts/h001/mods/n8n.nix b/hosts/h001/mods/n8n.nix index 463919a..e80ed5e 100644 --- a/hosts/h001/mods/n8n.nix +++ b/hosts/h001/mods/n8n.nix @@ -6,6 +6,8 @@ config = { services.nginx.virtualHosts = { "n8n.joshuabell.xyz" = { + # enableACME = true; + # forceSSL = true; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/mods/nixarr.nix b/hosts/h001/mods/nixarr.nix index e561c25..0f10ce6 100644 --- a/hosts/h001/mods/nixarr.nix +++ b/hosts/h001/mods/nixarr.nix @@ -47,35 +47,39 @@ services.nginx = { virtualHosts = { "jellyfin.joshuabell.xyz" = { + enableACME = true; + # forceSSL = true; locations."/" = { proxyWebsockets = true; proxyPass = "http://localhost:8096"; }; }; "media.joshuabell.xyz" = { + enableACME = true; + # forceSSL = true; locations."/" = { proxyWebsockets = true; proxyPass = "http://localhost:5055"; }; }; - "10.12.14.10" = { - locations."/" = { - proxyWebsockets = true; - proxyPass = "http://localhost:8096"; - }; - }; - "jellyfin.h001.local.joshuabell.xyz" = { - locations."/" = { - proxyWebsockets = true; - proxyPass = "http://localhost:8096"; - }; - }; - "media.h001.local.joshuabell.xyz" = { - locations."/" = { - proxyWebsockets = true; - proxyPass = "http://localhost:5055"; - }; - }; + # "10.12.14.10" = { + # locations."/" = { + # proxyWebsockets = true; + # proxyPass = "http://localhost:8096"; + # }; + # }; + # "jellyfin.h001.local.joshuabell.xyz" = { + # locations."/" = { + # proxyWebsockets = true; + # proxyPass = "http://localhost:8096"; + # }; + # }; + # "media.h001.local.joshuabell.xyz" = { + # locations."/" = { + # proxyWebsockets = true; + # proxyPass = "http://localhost:5055"; + # }; + # }; }; }; }; diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index bfb34fa..a2da192 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -45,11 +45,15 @@ in }; services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { + # enableACME = true; + # forceSSL = true; locations = { "/" = { proxyWebsockets = true; - recommendedProxySettings = true; proxyPass = "http://127.0.0.1:4180"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; }; }; }; diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix index 6b9c994..2df829d 100644 --- a/hosts/h001/mods/openwebui.nix +++ b/hosts/h001/mods/openwebui.nix @@ -17,6 +17,8 @@ in options = { }; config = { services.nginx.virtualHosts."chat.joshuabell.xyz" = { + # enableACME = true; + # forceSSL = true; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index 863246d..d532b6e 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -1,6 +1,5 @@ { inputs, - lib, ... }: let @@ -45,6 +44,8 @@ in }; services.nginx.virtualHosts = { "notes.joshuabell.xyz" = { + # enableACME = true; + # forceSSL = true; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/nginx.nix b/hosts/h001/nginx.nix index 8a52091..052aa94 100644 --- a/hosts/h001/nginx.nix +++ b/hosts/h001/nginx.nix @@ -8,7 +8,14 @@ let }; in { + security.acme.acceptTerms = true; + security.acme.defaults.email = "admin@joshuabell.xyz"; services.nginx = { + enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; clientMaxBodySize = "500m"; virtualHosts = { "10.12.14.10" = { From 028a1f55318deb45692ced31faabccb83cd273a9 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 18:37:55 -0500 Subject: [PATCH 049/109] pin common --- hosts/h001/flake.lock | 89 ++++++++++++++++++++++++++----------------- hosts/h001/flake.nix | 4 +- 2 files changed, 57 insertions(+), 36 deletions(-) diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock index 33f95d6..bd42873 100644 --- a/hosts/h001/flake.lock +++ b/hosts/h001/flake.lock @@ -49,11 +49,11 @@ ] }, "locked": { - "lastModified": 1759499898, - "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", + "lastModified": 1755946532, + "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", + "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", "type": "github" }, "original": { @@ -67,17 +67,22 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "path": "../../common", - "type": "path" + "lastModified": 1760053007, + "narHash": "sha256-0csJRXdWM+ybfB41g6Ptndi0WRU33onQRH0SdNKZmio=", + "ref": "refs/heads/master", + "rev": "8e5e514b169b62833457d6d851bb1437fb8a8257", + "revCount": 711, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../common", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -268,11 +273,11 @@ ] }, "locked": { - "lastModified": 1759490292, - "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", + "lastModified": 1758192433, + "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", + "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", "type": "github" }, "original": { @@ -297,11 +302,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759837778, - "narHash": "sha256-12GZqSrRYyhKl7NpNMUQECDi/Zyx17QZhhQ7+mBJMns=", + "lastModified": 1759094452, + "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5ba2d2217b649c4ca2db7e3f383b3f6af6e70d65", + "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", "type": "github" }, "original": { @@ -399,11 +404,11 @@ ] }, "locked": { - "lastModified": 1759080228, - "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", + "lastModified": 1757694755, + "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", + "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", "type": "github" }, "original": { @@ -431,11 +436,11 @@ ] }, "locked": { - "lastModified": 1758927902, - "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", + "lastModified": 1756810301, + "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", + "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", "type": "github" }, "original": { @@ -458,11 +463,11 @@ ] }, "locked": { - "lastModified": 1759490926, - "narHash": "sha256-7IbZGJ5qAAfZsGhBHIsP8MBsfuFYS0hsxYHVkkeDG5Q=", + "lastModified": 1756117388, + "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "94cce794344538c4d865e38682684ec2bbdb2ef3", + "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", "type": "github" }, "original": { @@ -532,7 +537,7 @@ }, "nixarr": { "inputs": { - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "vpnconfinement": "vpnconfinement", "website-builder": "website-builder" }, @@ -568,11 +573,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1759381078, - "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", "type": "github" }, "original": { @@ -583,6 +588,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -598,7 +619,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1748662220, "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", @@ -614,7 +635,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1759735786, "narHash": "sha256-a0+h02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0=", @@ -630,7 +651,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1759772810, "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", @@ -1586,7 +1607,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -1608,7 +1629,7 @@ "common": "common", "litellm-nixpkgs": "litellm-nixpkgs", "nixarr": "nixarr", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "oauth2-proxy-nixpkgs": "oauth2-proxy-nixpkgs", "open-webui-nixpkgs": "open-webui-nixpkgs", "ros_neovim": "ros_neovim", @@ -1617,7 +1638,7 @@ }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_7", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix index e88622d..3ef255e 100644 --- a/hosts/h001/flake.nix +++ b/hosts/h001/flake.nix @@ -8,8 +8,8 @@ oauth2-proxy-nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - common.url = "path:../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; From ddabfbc9885493cfa5cc0a144901f61435dc1f0e Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 18:38:05 -0500 Subject: [PATCH 050/109] pin common on lio --- hosts/lio/flake.lock | 43 ++++++++++++++++++++++++++++++++----------- hosts/lio/flake.nix | 4 ++-- 2 files changed, 34 insertions(+), 13 deletions(-) diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 329e4fb..44cf53f 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -67,17 +67,22 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "path": "../../common", - "type": "path" + "lastModified": 1760053007, + "narHash": "sha256-0csJRXdWM+ybfB41g6Ptndi0WRU33onQRH0SdNKZmio=", + "ref": "refs/heads/master", + "rev": "8e5e514b169b62833457d6d851bb1437fb8a8257", + "revCount": 711, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../common", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -563,6 +568,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -578,7 +599,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1759143472, "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", @@ -594,7 +615,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1759772810, "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", @@ -1518,7 +1539,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -1538,14 +1559,14 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 0aed330..c6e45c0 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -4,8 +4,8 @@ nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - common.url = "path:../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; From 24f648449652f21b5c2eddd63841827c44959562 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 19:36:56 -0500 Subject: [PATCH 051/109] add linode key --- common/secrets/secrets/linode_rw_domains.age | 43 ++++++++++++++++++++ common/secrets/secrets/secrets.nix | 6 +-- hosts/oracle/o001/nginx.nix | 15 +------ 3 files changed, 47 insertions(+), 17 deletions(-) create mode 100644 common/secrets/secrets/linode_rw_domains.age diff --git a/common/secrets/secrets/linode_rw_domains.age b/common/secrets/secrets/linode_rw_domains.age new file mode 100644 index 0000000..70be86f --- /dev/null +++ b/common/secrets/secrets/linode_rw_domains.age @@ -0,0 +1,43 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXV0xI +dU9KUHlVWG1uRWh5ODUydVRmSTMrWXdsRUg4bEFldmZtK3M4WkZVCkNYaTQxM01I +Tld6YVJiMnN3MVF4T2RHakRDT1Q5U21zNThPTUJkWEc2TWMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGp4d3ZqcGxHM2ZDUmVUcHJiWGI0WXcxMVVCRkhOMm05bDNVQXN4 +RFFyeTQKL1FiSmxhZUZOMzRqaTdkNUNIMVJJaU1XbDkydHJpWkhJUWx6dWI3dnZs +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgT3pxVzgvMkZ3ays4cm1WWVkwUUVIT3h0 +UDhxL0lzZmN6WjNjbE9rT3JCQQo1TldzNExWSkRTQUtFeHJVcXRyWmJkVmhtRy9Q +a3lkcEUxaUhJbUhvR2gwCi0+IHNzaC1lZDI1NTE5IEY0YmI4ZyBORFZ5K0xoWmxy +cEE2bmFmc2RoUHZITDhhVFhYdG4zbWpISnd5UUt3VFVvCkRvNi85TXpPRWZKS1VY +VktuaWhIcXhEaXpBTUtQRWpzYjFwNW9oMUJQYU0KLT4gc3NoLWVkMjU1MTkgd2Ry +WkpBIDMweFFGSmdXbXMwM01xN3BvZVdCT1dqc24yTGtZeDM5aXhZSUlMOGxMd3cK +M3BLTTlkdGRKM3FRMHhuSFNPdmtKbFRsQXdqRjA0bnczNDlGVnoyV1BzQQotPiBz +c2gtZWQyNTUxOSBCWUtHK3cgYTFNM3lTdmxSM1Bta2dPcTFQaHdMYjhYRlhBZFhR +ZTJXTnlHWE9uMEZVdwpwVnNCaHFSZDR5MytVeXpRYVd4RHUvQXhvN1VVS3V2Z3Iw +Njc3YlgxSWpJCi0+IHNzaC1lZDI1NTE5IFh6Zm1hUSBONHcrcE5JYVV6UnBFNm0w +TXpZSHdIN216bzVxREhTQWpJSFlmU3ViWEZzCktKcW5vSmRZRXJVL1RUMUFoYWFh +VFlOLzFwQXpBUzFoYzFRNWhGMitCR00KLT4gc3NoLWVkMjU1MTkgNWFkcU1nIGFp +MGhSOS85eU9GZ1RGWGNVZWV4aFBFNGlvY3Z0RzNBcThjSTBFYWkreE0KL3d4SDVB +eUc2WTdHRXdGa0l3eWk3ajJsNThFNk1mSVEwS0xGMFo2WW1qMAotPiBzc2gtZWQy +NTUxOSBaZTFNd1Egekk5Z25lRjYrYlhDRzNyY3E0MUR1bHI5a2hoZGNoWnNjODlN +K29tbUJRNApZUDl2M2E0RTVRRFlINEgxRkd3Q2pIandQNlBhVTZiRVhtQUlPS1NC +RHRrCi0+IHNzaC1lZDI1NTE5IHBlRkJRZyB4OGRJbGVLOFdSaXljcC9tVjBkUjlQ +ZE9RSzNwNE0xK0w1bDdmay9JbFJFClRRa3JRSzZVNmNOMFR0WUw5MGxRalNlakJE +bm9MOVFMSkk4RGFCWGdrY2sKLT4gc3NoLWVkMjU1MTkgOXYvMkhBIGQ4QXhoczRI +QnJRTGFjanFBenE4MXRqUTRSQkFPUmNiSkJGRHBpQjVxeEkKZjBOcjRMVVBqZ1dp +L2Zjak05eVE5YVMwVVRNRkk1aHEwSkVaWE1ReWU5awotPiBzc2gtZWQyNTUxOSBS +NSt4ZncgYzhHdVZINWYyNjcvNE02NUozc1k4SjMvbTV3MGZNT1VkUFVXbjZlaHJn +UQpGV0IvTXNDQUtjeWtIVGhEdmdsRWNRQTZDdGc1NGlYdVVudkNCaXlPZ3RZCi0+ +IHNzaC1lZDI1NTE5IFJvWDVQUSB1NnVjSWdUSCtsMDRjT2p6TXAvczVaNnFXQ2dL +bTFNMDcvRVJzV0xVUVJzCnorNTlvUGJlcGk3ei9CdmxNczVsOU9DUjdTWjY5VE03 +bnVNUnNHcjkxSWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGhyM0x5MVhiYUQvbmYz +MnVHTWpjYyt0WWQ2c2FzSkYzS0U1UUZRdXZSQkUKU0VZV1NJaHNhS1djZTY0SW9N +VGhObDB3ODg2bVVxcFRwUFFFbFBYaG01RQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +VFRSajdzckRtZU9ZK0dwcWNld0F4Q0RCb0JOOVJBWTU3Sm9WQUh1K2xEawpXQW9X +WGYyRnNMcmZ0TFZ5R0FaYmdqMENPVmU2b3B6K00rUFYzQmxEVFdrCi0+IDs4NnMp +bCktZ3JlYXNlIEVkR1IgKgowVGZnVEg4cU9kMmIzdWFZeE1nS2RCYVNXV1hHb2p6 +WVpqLzRzTWVOb0owbHhweUdpc0pHQ0lRY2hMQXlqOXpFCmJhR0lBWFo5L0JGeTgw +QTlHcVhIM1YvOC9UTnlCeVA4a3ZNcQotLS0gSHYyY1BSc0NqRExDL0FWSG84VGhT +OXRKaThvamhmNTdiUjF0QnNRTGkzWQo3Bxz+qj6gbLsTNNM/3Dp9ppYrGXHccgee +o9KJs6L9AadYB+PrcseM6DtNEhupvy8zXP6txbVbfP2Xus7j2sXmj9uM30HUn60i +4XRoL1snQIhfjP+YNp0QkvkHtZvXzraM +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/secrets.nix b/common/secrets/secrets/secrets.nix index 55a44d2..80c241c 100644 --- a/common/secrets/secrets/secrets.nix +++ b/common/secrets/secrets/secrets.nix @@ -117,9 +117,6 @@ in "headscale_auth.age" = { publicKeys = trustedKeys; }; - # "obsidian_sync_env.age" = { - # publicKeys = trustedKeys; - # }; "us_chi_wg.age" = { publicKeys = trustedKeys; }; @@ -135,4 +132,7 @@ in "vaultwarden_env.age" = { publicKeys = authorityKey ++ o001; }; + "linode_rw_domains.age" = { + publicKeys = trustedKeys; + }; } diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index ace5c87..a1ea33b 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -199,20 +199,6 @@ ''; }; }; - # "obsidiansync.joshuabell.xyz" = { - # enableACME = true; - # forceSSL = true; - # locations."/" = { - # proxyPass = "http://100.64.0.1:5984"; - # }; - # extraConfig = '' - # client_max_body_size 100M; - # proxy_redirect off; - # proxy_buffering off; - # proxy_set_header Host $host; - # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # ''; - # }; "jellyfin.joshuabell.xyz" = { enableACME = true; forceSSL = true; @@ -229,6 +215,7 @@ }; "_" = { + rejectSSL = true; default = true; locations."/" = { return = "444"; # 404 for not found or 444 for drop From 160be6071ed631881c8707ae0bdbc9152eabe316 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 21:54:06 -0500 Subject: [PATCH 052/109] add media to ssl cert --- hosts/h001/containers/default.nix | 7 ----- hosts/h001/flake.lock | 47 +++++++++---------------------- hosts/h001/flake.nix | 4 +-- hosts/h001/mods/nixarr.nix | 28 ++++-------------- hosts/h001/nginx.nix | 26 +++++++++++++++-- 5 files changed, 45 insertions(+), 67 deletions(-) diff --git a/hosts/h001/containers/default.nix b/hosts/h001/containers/default.nix index bf033b0..2e987c3 100644 --- a/hosts/h001/containers/default.nix +++ b/hosts/h001/containers/default.nix @@ -58,13 +58,6 @@ proxyPass = "http://10.0.0.111"; }; }; - - "_" = { - default = true; - locations."/" = { - return = "404"; # or 444 for drop - }; - }; }; }; diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock index bd42873..bda5dde 100644 --- a/hosts/h001/flake.lock +++ b/hosts/h001/flake.lock @@ -67,22 +67,17 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "lastModified": 1760053007, - "narHash": "sha256-0csJRXdWM+ybfB41g6Ptndi0WRU33onQRH0SdNKZmio=", - "ref": "refs/heads/master", - "rev": "8e5e514b169b62833457d6d851bb1437fb8a8257", - "revCount": 711, - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + "path": "../../common", + "type": "path" }, "original": { - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" - } + "path": "../../common", + "type": "path" + }, + "parent": [] }, "crane": { "locked": { @@ -537,7 +532,7 @@ }, "nixarr": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "vpnconfinement": "vpnconfinement", "website-builder": "website-builder" }, @@ -588,22 +583,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1758690382, - "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "e643668fd71b949c53f8626614b21ff71a07379d", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -619,7 +598,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { "lastModified": 1748662220, "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", @@ -635,7 +614,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1759735786, "narHash": "sha256-a0+h02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0=", @@ -651,7 +630,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1759772810, "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", @@ -1607,7 +1586,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { @@ -1629,7 +1608,7 @@ "common": "common", "litellm-nixpkgs": "litellm-nixpkgs", "nixarr": "nixarr", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "oauth2-proxy-nixpkgs": "oauth2-proxy-nixpkgs", "open-webui-nixpkgs": "open-webui-nixpkgs", "ros_neovim": "ros_neovim", @@ -1638,7 +1617,7 @@ }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_7", + "nixpkgs": "nixpkgs_6", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix index 3ef255e..e88622d 100644 --- a/hosts/h001/flake.nix +++ b/hosts/h001/flake.nix @@ -8,8 +8,8 @@ oauth2-proxy-nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - # common.url = "path:../../common"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + common.url = "path:../../common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; diff --git a/hosts/h001/mods/nixarr.nix b/hosts/h001/mods/nixarr.nix index 0f10ce6..54cf34d 100644 --- a/hosts/h001/mods/nixarr.nix +++ b/hosts/h001/mods/nixarr.nix @@ -47,39 +47,23 @@ services.nginx = { virtualHosts = { "jellyfin.joshuabell.xyz" = { - enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations."/" = { proxyWebsockets = true; proxyPass = "http://localhost:8096"; }; }; "media.joshuabell.xyz" = { - enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations."/" = { proxyWebsockets = true; proxyPass = "http://localhost:5055"; }; }; - # "10.12.14.10" = { - # locations."/" = { - # proxyWebsockets = true; - # proxyPass = "http://localhost:8096"; - # }; - # }; - # "jellyfin.h001.local.joshuabell.xyz" = { - # locations."/" = { - # proxyWebsockets = true; - # proxyPass = "http://localhost:8096"; - # }; - # }; - # "media.h001.local.joshuabell.xyz" = { - # locations."/" = { - # proxyWebsockets = true; - # proxyPass = "http://localhost:5055"; - # }; - # }; }; }; }; diff --git a/hosts/h001/nginx.nix b/hosts/h001/nginx.nix index 052aa94..788dfe6 100644 --- a/hosts/h001/nginx.nix +++ b/hosts/h001/nginx.nix @@ -1,4 +1,5 @@ { + config, ... }: let @@ -8,8 +9,21 @@ let }; in { - security.acme.acceptTerms = true; - security.acme.defaults.email = "admin@joshuabell.xyz"; + # TODO transfer these to o001 to use same certs? + security.acme = { + acceptTerms = true; + defaults.email = "admin@joshuabell.xyz"; + certs."joshuabell.xyz" = { + domain = "joshuabell.xyz"; + extraDomainNames = [ "*.joshuabell.xyz" ]; + credentialFiles = { + LINODE_TOKEN_FILE = config.age.secrets.linode_rw_domains.path; + }; + dnsProvider = "linode"; + group = "nginx"; + }; + }; + services.nginx = { enable = true; recommendedGzipSettings = true; @@ -45,6 +59,14 @@ in "/" = homarr; }; }; + + "_" = { + rejectSSL = true; + default = true; + locations."/" = { + return = "444"; # 404 for not found or 444 for drop + }; + }; }; }; } From 1717f8e3e9ee2a920e78db6a8d382b8461224f23 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 23:02:10 -0500 Subject: [PATCH 053/109] bunch of updates to use more effecient DNS split paths --- common/flake.lock | 12 +- flake.lock | 48 +- hosts/h001/containers/forgejo.nix | 3 + hosts/h001/containers/opengist.nix | 5 +- hosts/h001/containers/zitadel.nix | 5 +- hosts/h001/mods/n8n.nix | 5 +- hosts/h001/mods/oauth2-proxy.nix | 5 +- hosts/h001/mods/openwebui.nix | 5 +- hosts/h001/mods/trilium.nix | 7 +- hosts/linode/l001/flake.lock | 1115 ++-------------------------- hosts/linode/l001/flake.nix | 12 +- hosts/linode/l001/headscale.nix | 26 +- hosts/linode/l001/nginx.nix | 41 +- hosts/lio/flake.nix | 2 + hosts/oracle/o001/flake.nix | 5 +- 15 files changed, 151 insertions(+), 1145 deletions(-) diff --git a/common/flake.lock b/common/flake.lock index 2ba0955..9d1e421 100644 --- a/common/flake.lock +++ b/common/flake.lock @@ -266,11 +266,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759837778, - "narHash": "sha256-12GZqSrRYyhKl7NpNMUQECDi/Zyx17QZhhQ7+mBJMns=", + "lastModified": 1759988134, + "narHash": "sha256-uVaAXjJgo2/uGJz6lD+Bn5nBBmW5AAr2n8lW7v7h0PI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5ba2d2217b649c4ca2db7e3f383b3f6af6e70d65", + "rev": "b965fb2a40b132209b58f511e2604a2939461818", "type": "github" }, "original": { @@ -413,11 +413,11 @@ ] }, "locked": { - "lastModified": 1759490926, - "narHash": "sha256-7IbZGJ5qAAfZsGhBHIsP8MBsfuFYS0hsxYHVkkeDG5Q=", + "lastModified": 1759619523, + "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "94cce794344538c4d865e38682684ec2bbdb2ef3", + "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", "type": "github" }, "original": { diff --git a/flake.lock b/flake.lock index 3175bc7..c7983c7 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", "type": "github" }, "original": { @@ -237,11 +237,11 @@ ] }, "locked": { - "lastModified": 1758192433, - "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", "type": "github" }, "original": { @@ -266,11 +266,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759094452, - "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "lastModified": 1759988134, + "narHash": "sha256-uVaAXjJgo2/uGJz6lD+Bn5nBBmW5AAr2n8lW7v7h0PI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "rev": "b965fb2a40b132209b58f511e2604a2939461818", "type": "github" }, "original": { @@ -359,11 +359,11 @@ ] }, "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "type": "github" }, "original": { @@ -388,11 +388,11 @@ ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "type": "github" }, "original": { @@ -413,11 +413,11 @@ ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1759619523, + "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", "type": "github" }, "original": { @@ -485,11 +485,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1758198701, - "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -501,11 +501,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1758690382, - "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", + "lastModified": 1759831965, + "narHash": "sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH+47XEBo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e643668fd71b949c53f8626614b21ff71a07379d", + "rev": "c9b6fb798541223bbb396d287d16f43520250518", "type": "github" }, "original": { diff --git a/hosts/h001/containers/forgejo.nix b/hosts/h001/containers/forgejo.nix index bc14238..672721a 100644 --- a/hosts/h001/containers/forgejo.nix +++ b/hosts/h001/containers/forgejo.nix @@ -69,6 +69,9 @@ in virtualHosts = { # forgejo http traffic "git.joshuabell.xyz" = { + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations."/" = { proxyPass = "http://10.0.0.2:3000"; }; diff --git a/hosts/h001/containers/opengist.nix b/hosts/h001/containers/opengist.nix index c7fb282..0295f3a 100644 --- a/hosts/h001/containers/opengist.nix +++ b/hosts/h001/containers/opengist.nix @@ -29,8 +29,9 @@ in ''; services.nginx.virtualHosts."gist.joshuabell.xyz" = { - # enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/containers/zitadel.nix b/hosts/h001/containers/zitadel.nix index 9dc0aca..48435a3 100644 --- a/hosts/h001/containers/zitadel.nix +++ b/hosts/h001/containers/zitadel.nix @@ -68,8 +68,9 @@ in options = { }; config = { services.nginx.virtualHosts."sso.joshuabell.xyz" = { - # enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/mods/n8n.nix b/hosts/h001/mods/n8n.nix index e80ed5e..a99d889 100644 --- a/hosts/h001/mods/n8n.nix +++ b/hosts/h001/mods/n8n.nix @@ -6,8 +6,9 @@ config = { services.nginx.virtualHosts = { "n8n.joshuabell.xyz" = { - # enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix index a2da192..5f95f00 100644 --- a/hosts/h001/mods/oauth2-proxy.nix +++ b/hosts/h001/mods/oauth2-proxy.nix @@ -45,8 +45,9 @@ in }; services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = { - # enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix index 2df829d..f0c80f7 100644 --- a/hosts/h001/mods/openwebui.nix +++ b/hosts/h001/mods/openwebui.nix @@ -17,8 +17,9 @@ in options = { }; config = { services.nginx.virtualHosts."chat.joshuabell.xyz" = { - # enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations = { "/" = { proxyWebsockets = true; diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index d532b6e..ff7cb20 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -44,8 +44,9 @@ in }; services.nginx.virtualHosts = { "notes.joshuabell.xyz" = { - # enableACME = true; - # forceSSL = true; + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; locations = { "/" = { proxyWebsockets = true; @@ -54,6 +55,8 @@ in }; }; }; + # TODO revisit, am I going to use the native app or web version + # this is only needed for the app that can't handle the oauth flow "trilium_overlay" = { serverName = "h001.net.joshuabell.xyz"; listen = [ diff --git a/hosts/linode/l001/flake.lock b/hosts/linode/l001/flake.lock index ea531e7..26cba9a 100644 --- a/hosts/linode/l001/flake.lock +++ b/hosts/linode/l001/flake.lock @@ -3,7 +3,7 @@ "agenix": { "inputs": { "darwin": "darwin", - "home-manager": "home-manager_2", + "home-manager": "home-manager", "nixpkgs": [ "common", "ragenix", @@ -27,22 +27,25 @@ }, "common": { "inputs": { - "home-manager": "home-manager", - "nixpkgs": "nixpkgs_2", + "home-manager": [ + "home-manager" + ], + "nixpkgs": "nixpkgs", "ragenix": "ragenix" }, "locked": { - "lastModified": 1742406125, - "narHash": "sha256-+NQNj2IMJuEiymB+YrcZkxeZt7QlC+Bwe5rWgRRHKrU=", + "lastModified": 1745855931, + "narHash": "sha256-8lxgNWqlRXH2Fen6RRfqmy9tckUXiOV5/Fcr4jh2smQ=", "ref": "refs/heads/master", - "rev": "138565efadeed6baf2a632c5dcc95a2031c77f86", - "revCount": 371, + "rev": "39edfefa5871d07c9f88ce92a55995eb347d9b09", + "revCount": 407, "type": "git", - "url": "https://git.joshuabell.xyz/dotfiles" + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { + "rev": "39edfefa5871d07c9f88ce92a55995eb347d9b09", "type": "git", - "url": "https://git.joshuabell.xyz/dotfiles" + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" } }, "crane": { @@ -87,7 +90,7 @@ "deploy-rs": { "inputs": { "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "utils": "utils" }, "locked": { @@ -139,25 +142,6 @@ } }, "home-manager": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1742234739, - "narHash": "sha256-zFL6zsf/5OztR1NSNQF33dvS1fL/BzVUjabZq4qrtY4=", - "owner": "rycee", - "repo": "home-manager", - "rev": "f6af7280a3390e65c2ad8fd059cdc303426cbd59", - "type": "github" - }, - "original": { - "owner": "rycee", - "ref": "release-24.11", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { "inputs": { "nixpkgs": [ "common", @@ -180,23 +164,26 @@ "type": "github" } }, - "nixpkgs": { + "home-manager_2": { + "inputs": { + "nixpkgs": "nixpkgs_4" + }, "locked": { - "lastModified": 1731755305, - "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4", + "lastModified": 1747688870, + "narHash": "sha256-ypL9WAZfmJr5V70jEVzqGjjQzF0uCkz+AFQF7n9NmNc=", + "owner": "rycee", + "repo": "home-manager", + "rev": "d5f1f641b289553927b3801580598d200a501863", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-24.11", - "repo": "nixpkgs", + "owner": "rycee", + "ref": "release-24.11", + "repo": "home-manager", "type": "github" } }, - "nixpkgs_2": { + "nixpkgs": { "locked": { "lastModified": 1742069588, "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", @@ -212,7 +199,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_2": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -228,7 +215,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { "lastModified": 1702272962, "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", @@ -244,6 +231,22 @@ "type": "github" } }, + "nixpkgs_4": { + "locked": { + "lastModified": 1746055187, + "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_5": { "locked": { "lastModified": 1742268799, @@ -260,939 +263,12 @@ "type": "github" } }, - "nixpkgs_6": { - "locked": { - "lastModified": 1742225912, - "narHash": "sha256-HCD3GrAAJb1jYTEc221DPlBk2VDkBt43hww7DXC1tyc=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "9df17ad16500057b7b081137ff7af1a8a6a32f6e", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "type": "github" - } - }, - "nvim_plugin-Almo7aya/openingh.nvim": { - "flake": false, - "locked": { - "lastModified": 1733158448, - "narHash": "sha256-JP3+goMgs3SiMHS9IVE7NAV/iKxyXi0fZgJb8hojtNQ=", - "owner": "Almo7aya", - "repo": "openingh.nvim", - "rev": "9131016c1167e23522a8e874b62217829fd327b8", - "type": "github" - }, - "original": { - "owner": "Almo7aya", - "repo": "openingh.nvim", - "type": "github" - } - }, - "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { - "flake": false, - "locked": { - "lastModified": 1742210958, - "narHash": "sha256-+1dSGYeUpW/EUbP0scgGz48UB5RAPZYIWCglTFyntaU=", - "owner": "CopilotC-Nvim", - "repo": "CopilotChat.nvim", - "rev": "62b1249aa4a4fc7afe11c7e647cba0cef743826f", - "type": "github" - }, - "original": { - "owner": "CopilotC-Nvim", - "repo": "CopilotChat.nvim", - "type": "github" - } - }, - "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { - "flake": false, - "locked": { - "lastModified": 1733574156, - "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", - "owner": "JoosepAlviste", - "repo": "nvim-ts-context-commentstring", - "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", - "type": "github" - }, - "original": { - "owner": "JoosepAlviste", - "repo": "nvim-ts-context-commentstring", - "type": "github" - } - }, - "nvim_plugin-L3MON4D3/LuaSnip": { - "flake": false, - "locked": { - "lastModified": 1736009707, - "narHash": "sha256-3ecm5SDTcSOh256xSQPHhddQfMpepiEIpv58fHXrVg0=", - "owner": "L3MON4D3", - "repo": "LuaSnip", - "rev": "c9b9a22904c97d0eb69ccb9bab76037838326817", - "type": "github" - }, - "original": { - "owner": "L3MON4D3", - "repo": "LuaSnip", - "type": "github" - } - }, - "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { - "flake": false, - "locked": { - "lastModified": 1742156824, - "narHash": "sha256-n+pT7FiQONHhiZQH4BGjERrikGNSFTNciMx92oQGA1c=", - "owner": "MeanderingProgrammer", - "repo": "render-markdown.nvim", - "rev": "9721ffe230ec90e49c49ee33b5ca44c3fc689214", - "type": "github" - }, - "original": { - "owner": "MeanderingProgrammer", - "repo": "render-markdown.nvim", - "type": "github" - } - }, - "nvim_plugin-MunifTanjim/nui.nvim": { - "flake": false, - "locked": { - "lastModified": 1741233810, - "narHash": "sha256-BYTY2ezYuxsneAl/yQbwL1aQvVWKSsN3IVqzTlrBSEU=", - "owner": "MunifTanjim", - "repo": "nui.nvim", - "rev": "8d3bce9764e627b62b07424e0df77f680d47ffdb", - "type": "github" - }, - "original": { - "owner": "MunifTanjim", - "repo": "nui.nvim", - "type": "github" - } - }, - "nvim_plugin-RRethy/vim-illuminate": { - "flake": false, - "locked": { - "lastModified": 1740540215, - "narHash": "sha256-jSny+5RHgxcsoxWwIaFUZ022dk3mDRKZ7dibvE6I2fE=", - "owner": "RRethy", - "repo": "vim-illuminate", - "rev": "19cb21f513fc2b02f0c66be70107741e837516a1", - "type": "github" - }, - "original": { - "owner": "RRethy", - "repo": "vim-illuminate", - "type": "github" - } - }, - "nvim_plugin-Saecki/crates.nvim": { - "flake": false, - "locked": { - "lastModified": 1741644182, - "narHash": "sha256-hmUqhAVLBiCUl16+S/hvRxqA/pTXcWejpLtwvqxBPaY=", - "owner": "Saecki", - "repo": "crates.nvim", - "rev": "403a0abef0e2aec12749a534dc468d6fd50c6741", - "type": "github" - }, - "original": { - "owner": "Saecki", - "repo": "crates.nvim", - "type": "github" - } - }, - "nvim_plugin-aznhe21/actions-preview.nvim": { - "flake": false, - "locked": { - "lastModified": 1740589350, - "narHash": "sha256-MP1hohDL2JFembwW+cb2S+v2Y7j0iZw1jPPKTZiNCWI=", - "owner": "aznhe21", - "repo": "actions-preview.nvim", - "rev": "4ab7842eb6a5b6d2b004f8234dcf33382a0fdde2", - "type": "github" - }, - "original": { - "owner": "aznhe21", - "repo": "actions-preview.nvim", - "type": "github" - } - }, - "nvim_plugin-b0o/schemastore.nvim": { - "flake": false, - "locked": { - "lastModified": 1741996938, - "narHash": "sha256-eAqM/n0DDwl3WUO987c2mk3z7uJ4gAE0hkPg4Twyr4w=", - "owner": "b0o", - "repo": "schemastore.nvim", - "rev": "56d8ed0fa1516242085ba5e95d7f49fad50d5754", - "type": "github" - }, - "original": { - "owner": "b0o", - "repo": "schemastore.nvim", - "type": "github" - } - }, - "nvim_plugin-catppuccin/nvim": { - "flake": false, - "locked": { - "lastModified": 1740764472, - "narHash": "sha256-4h/fzFY8JR9r+QnoiWEqgQKPMuu8i9HTC4v0Jp7iuUo=", - "owner": "catppuccin", - "repo": "nvim", - "rev": "5b5e3aef9ad7af84f463d17b5479f06b87d5c429", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "nvim", - "type": "github" - } - }, - "nvim_plugin-chrisgrieser/nvim-early-retirement": { - "flake": false, - "locked": { - "lastModified": 1735588187, - "narHash": "sha256-ZjXG+POJFRsc79i1BuAJB9K6UBUfHT05oYvZaUr+RqA=", - "owner": "chrisgrieser", - "repo": "nvim-early-retirement", - "rev": "9ae6fcc933fc865ddf2728460194b67985e06e27", - "type": "github" - }, - "original": { - "owner": "chrisgrieser", - "repo": "nvim-early-retirement", - "type": "github" - } - }, - "nvim_plugin-declancm/cinnamon.nvim": { - "flake": false, - "locked": { - "lastModified": 1722992123, - "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", - "owner": "declancm", - "repo": "cinnamon.nvim", - "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", - "type": "github" - }, - "original": { - "owner": "declancm", - "repo": "cinnamon.nvim", - "type": "github" - } - }, - "nvim_plugin-folke/lazy.nvim": { - "flake": false, - "locked": { - "lastModified": 1740511197, - "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", - "owner": "folke", - "repo": "lazy.nvim", - "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", - "type": "github" - }, - "original": { - "owner": "folke", - "repo": "lazy.nvim", - "type": "github" - } - }, - "nvim_plugin-folke/neodev.nvim": { - "flake": false, - "locked": { - "lastModified": 1720260306, - "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", - "owner": "folke", - "repo": "neodev.nvim", - "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", - "type": "github" - }, - "original": { - "owner": "folke", - "repo": "neodev.nvim", - "type": "github" - } - }, - "nvim_plugin-folke/which-key.nvim": { - "flake": false, - "locked": { - "lastModified": 1740233407, - "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", - "owner": "folke", - "repo": "which-key.nvim", - "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", - "type": "github" - }, - "original": { - "owner": "folke", - "repo": "which-key.nvim", - "type": "github" - } - }, - "nvim_plugin-hrsh7th/cmp-buffer": { - "flake": false, - "locked": { - "lastModified": 1660101488, - "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", - "owner": "hrsh7th", - "repo": "cmp-buffer", - "rev": "3022dbc9166796b644a841a02de8dd1cc1d311fa", - "type": "github" - }, - "original": { - "owner": "hrsh7th", - "repo": "cmp-buffer", - "type": "github" - } - }, - "nvim_plugin-hrsh7th/cmp-nvim-lsp": { - "flake": false, - "locked": { - "lastModified": 1733823748, - "narHash": "sha256-iaihXNCF5bB5MdeoosD/kc3QtpA/QaIDZVLiLIurBSM=", - "owner": "hrsh7th", - "repo": "cmp-nvim-lsp", - "rev": "99290b3ec1322070bcfb9e846450a46f6efa50f0", - "type": "github" - }, - "original": { - "owner": "hrsh7th", - "repo": "cmp-nvim-lsp", - "type": "github" - } - }, - "nvim_plugin-hrsh7th/cmp-path": { - "flake": false, - "locked": { - "lastModified": 1664784283, - "narHash": "sha256-thppiiV3wjIaZnAXmsh7j3DUc6ceSCvGzviwFUnoPaI=", - "owner": "hrsh7th", - "repo": "cmp-path", - "rev": "91ff86cd9c29299a64f968ebb45846c485725f23", - "type": "github" - }, - "original": { - "owner": "hrsh7th", - "repo": "cmp-path", - "type": "github" - } - }, - "nvim_plugin-hrsh7th/nvim-cmp": { - "flake": false, - "locked": { - "lastModified": 1741936119, - "narHash": "sha256-zl/rgbZF3+nsLI7Sd6xzQFlcpa5n/8pyganS+u0jD/s=", - "owner": "hrsh7th", - "repo": "nvim-cmp", - "rev": "1e1900b0769324a9675ef85b38f99cca29e203b3", - "type": "github" - }, - "original": { - "owner": "hrsh7th", - "repo": "nvim-cmp", - "type": "github" - } - }, - "nvim_plugin-j-hui/fidget.nvim": { - "flake": false, - "locked": { - "lastModified": 1738817426, - "narHash": "sha256-AFUx/ZQVWV7s5Wlppjk6N9QXoJKNKqxtf990FFlTEhw=", - "owner": "j-hui", - "repo": "fidget.nvim", - "rev": "d9ba6b7bfe29b3119a610892af67602641da778e", - "type": "github" - }, - "original": { - "owner": "j-hui", - "repo": "fidget.nvim", - "type": "github" - } - }, - "nvim_plugin-johmsalas/text-case.nvim": { - "flake": false, - "locked": { - "lastModified": 1722628320, - "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", - "owner": "johmsalas", - "repo": "text-case.nvim", - "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", - "type": "github" - }, - "original": { - "owner": "johmsalas", - "repo": "text-case.nvim", - "type": "github" - } - }, - "nvim_plugin-lewis6991/gitsigns.nvim": { - "flake": false, - "locked": { - "lastModified": 1742140868, - "narHash": "sha256-qWusbKY+3d1dkW5oLYDyfSLdt1qFlJdDeXgFWqQ4hUI=", - "owner": "lewis6991", - "repo": "gitsigns.nvim", - "rev": "7010000889bfb6c26065e0b0f7f1e6aa9163edd9", - "type": "github" - }, - "original": { - "owner": "lewis6991", - "repo": "gitsigns.nvim", - "type": "github" - } - }, - "nvim_plugin-lnc3l0t/glow.nvim": { - "flake": false, - "locked": { - "lastModified": 1693233815, - "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", - "owner": "lnc3l0t", - "repo": "glow.nvim", - "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", - "type": "github" - }, - "original": { - "owner": "lnc3l0t", - "repo": "glow.nvim", - "type": "github" - } - }, - "nvim_plugin-lukas-reineke/indent-blankline.nvim": { - "flake": false, - "locked": { - "lastModified": 1742224677, - "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", - "owner": "lukas-reineke", - "repo": "indent-blankline.nvim", - "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", - "type": "github" - }, - "original": { - "owner": "lukas-reineke", - "repo": "indent-blankline.nvim", - "type": "github" - } - }, - "nvim_plugin-lvimuser/lsp-inlayhints.nvim": { - "flake": false, - "locked": { - "lastModified": 1686236485, - "narHash": "sha256-06CiJ+xeMO4+OJkckcslqwloJyt2gwg514JuxV6KOfQ=", - "owner": "lvimuser", - "repo": "lsp-inlayhints.nvim", - "rev": "d981f65c9ae0b6062176f0accb9c151daeda6f16", - "type": "github" - }, - "original": { - "owner": "lvimuser", - "repo": "lsp-inlayhints.nvim", - "type": "github" - } - }, - "nvim_plugin-m4xshen/hardtime.nvim": { - "flake": false, - "locked": { - "lastModified": 1741414159, - "narHash": "sha256-tigKgK1yGc5JEHd4RLXCd6Hq7ia3en3Xtk8X6L5+ef4=", - "owner": "m4xshen", - "repo": "hardtime.nvim", - "rev": "f87c86d1aa1e05dcf3c6ecd97fbfd237e2de0bf5", - "type": "github" - }, - "original": { - "owner": "m4xshen", - "repo": "hardtime.nvim", - "type": "github" - } - }, - "nvim_plugin-mbbill/undotree": { - "flake": false, - "locked": { - "lastModified": 1741878850, - "narHash": "sha256-HGf4Toe+12YZtIalvANDXAtksCsnxQkZbcevOAnl5G4=", - "owner": "mbbill", - "repo": "undotree", - "rev": "b951b87b46c34356d44aa71886aecf9dd7f5788a", - "type": "github" - }, - "original": { - "owner": "mbbill", - "repo": "undotree", - "type": "github" - } - }, - "nvim_plugin-mfussenegger/nvim-lint": { - "flake": false, - "locked": { - "lastModified": 1738838825, - "narHash": "sha256-E/KcQr4RM4gz+ItENI9e7hMicyBKyzoIaDO5D1VDYSw=", - "owner": "mfussenegger", - "repo": "nvim-lint", - "rev": "6e9dd545a1af204c4022a8fcd99727ea41ffdcc8", - "type": "github" - }, - "original": { - "owner": "mfussenegger", - "repo": "nvim-lint", - "type": "github" - } - }, - "nvim_plugin-mrcjkb/rustaceanvim": { - "flake": false, - "locked": { - "lastModified": 1742147378, - "narHash": "sha256-I2H/0VNKWKK49EReXT81SVTHHHW9hT1+6n7h1cbLD0A=", - "owner": "mrcjkb", - "repo": "rustaceanvim", - "rev": "448c76451ecf3c0edabcde427b7f1c8c219be2dd", - "type": "github" - }, - "original": { - "owner": "mrcjkb", - "repo": "rustaceanvim", - "type": "github" - } - }, - "nvim_plugin-neovim/nvim-lspconfig": { - "flake": false, - "locked": { - "lastModified": 1742142850, - "narHash": "sha256-CppHawmKEopPbK6HO4RFd7Kc1iMoCVwpIyN2Z6wiMfo=", - "owner": "neovim", - "repo": "nvim-lspconfig", - "rev": "2574ad38c6ee4f0bef3a1ca305cd5df627a52bb3", - "type": "github" - }, - "original": { - "owner": "neovim", - "repo": "nvim-lspconfig", - "type": "github" - } - }, - "nvim_plugin-nosduco/remote-sshfs.nvim": { - "flake": false, - "locked": { - "lastModified": 1724901856, - "narHash": "sha256-vFEIISxhTIGSl9LzDYHuEIkjLGkU0y5XhfWI/i5DgN4=", - "owner": "nosduco", - "repo": "remote-sshfs.nvim", - "rev": "03f6c40c4032eeb1ab91368e06db9c3f3a97a75d", - "type": "github" - }, - "original": { - "owner": "nosduco", - "repo": "remote-sshfs.nvim", - "type": "github" - } - }, - "nvim_plugin-numToStr/Comment.nvim": { - "flake": false, - "locked": { - "lastModified": 1717957420, - "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", - "owner": "numToStr", - "repo": "Comment.nvim", - "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", - "type": "github" - }, - "original": { - "owner": "numToStr", - "repo": "Comment.nvim", - "type": "github" - } - }, - "nvim_plugin-nvim-lua/plenary.nvim": { - "flake": false, - "locked": { - "lastModified": 1739311008, - "narHash": "sha256-8FV5RjF7QbDmQOQynpK7uRKONKbPRYbOPugf9ZxNvUs=", - "owner": "nvim-lua", - "repo": "plenary.nvim", - "rev": "857c5ac632080dba10aae49dba902ce3abf91b35", - "type": "github" - }, - "original": { - "owner": "nvim-lua", - "repo": "plenary.nvim", - "type": "github" - } - }, - "nvim_plugin-nvim-lualine/lualine.nvim": { - "flake": false, - "locked": { - "lastModified": 1742039150, - "narHash": "sha256-qYKykdCcXd+OHmK3WvsUCbn0zDKTQDj49VYsQ8iVvgs=", - "owner": "nvim-lualine", - "repo": "lualine.nvim", - "rev": "b8b60c7f1d0d95ad74ee215b2291280b30482476", - "type": "github" - }, - "original": { - "owner": "nvim-lualine", - "repo": "lualine.nvim", - "type": "github" - } - }, - "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { - "flake": false, - "locked": { - "lastModified": 1729728595, - "narHash": "sha256-VJbRi91TTOwUkQYyTM6Njl7MtX8/mOjINiqWYWEtyxg=", - "owner": "nvim-telescope", - "repo": "telescope-file-browser.nvim", - "rev": "626998e5c1b71c130d8bc6cf7abb6709b98287bb", - "type": "github" - }, - "original": { - "owner": "nvim-telescope", - "repo": "telescope-file-browser.nvim", - "type": "github" - } - }, - "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { - "flake": false, - "locked": { - "lastModified": 1741765009, - "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", - "owner": "nvim-telescope", - "repo": "telescope-fzf-native.nvim", - "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", - "type": "github" - }, - "original": { - "owner": "nvim-telescope", - "repo": "telescope-fzf-native.nvim", - "type": "github" - } - }, - "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { - "flake": false, - "locked": { - "lastModified": 1701723223, - "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", - "owner": "nvim-telescope", - "repo": "telescope-ui-select.nvim", - "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", - "type": "github" - }, - "original": { - "owner": "nvim-telescope", - "repo": "telescope-ui-select.nvim", - "type": "github" - } - }, - "nvim_plugin-nvim-telescope/telescope.nvim": { - "flake": false, - "locked": { - "lastModified": 1742171408, - "narHash": "sha256-mHucOyrgQc3wVdK7lUQANW8Jka+m5gQ2z8JWtwo99bU=", - "owner": "nvim-telescope", - "repo": "telescope.nvim", - "rev": "a17d611a0e111836a1db5295f04945df407c5135", - "type": "github" - }, - "original": { - "owner": "nvim-telescope", - "repo": "telescope.nvim", - "type": "github" - } - }, - "nvim_plugin-nvim-tree/nvim-tree.lua": { - "flake": false, - "locked": { - "lastModified": 1740787655, - "narHash": "sha256-KSrY1K64yC6dPDd3DF15bVWs2N7B0BPS9enfmJgTzC4=", - "owner": "nvim-tree", - "repo": "nvim-tree.lua", - "rev": "c09ff35de503a41fa62465c6b4ae72d96e7a7ce4", - "type": "github" - }, - "original": { - "owner": "nvim-tree", - "repo": "nvim-tree.lua", - "type": "github" - } - }, - "nvim_plugin-nvim-tree/nvim-web-devicons": { - "flake": false, - "locked": { - "lastModified": 1742215722, - "narHash": "sha256-JKOvXJr1s2lpP5aeRE7OC3IeOrF5uJxg/Tal3eScd6g=", - "owner": "nvim-tree", - "repo": "nvim-web-devicons", - "rev": "4c3a5848ee0b09ecdea73adcd2a689190aeb728c", - "type": "github" - }, - "original": { - "owner": "nvim-tree", - "repo": "nvim-web-devicons", - "type": "github" - } - }, - "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { - "flake": false, - "locked": { - "lastModified": 1742201688, - "narHash": "sha256-rpmHIOXiD/mh0PHBdo1k1Wdb213KtBevmyCFrP89tME=", - "owner": "nvim-treesitter", - "repo": "nvim-treesitter-context", - "rev": "83ded3bbff8bc13abc9704bf1c5e426f3ba343c4", - "type": "github" - }, - "original": { - "owner": "nvim-treesitter", - "repo": "nvim-treesitter-context", - "type": "github" - } - }, - "nvim_plugin-rafamadriz/friendly-snippets": { - "flake": false, - "locked": { - "lastModified": 1733106470, - "narHash": "sha256-I8SRZxnoNC6SOWW+scoA77Jwyxcb4eUczppLdyOiZe0=", - "owner": "rafamadriz", - "repo": "friendly-snippets", - "rev": "efff286dd74c22f731cdec26a70b46e5b203c619", - "type": "github" - }, - "original": { - "owner": "rafamadriz", - "repo": "friendly-snippets", - "type": "github" - } - }, - "nvim_plugin-rcarriga/nvim-notify": { - "flake": false, - "locked": { - "lastModified": 1737405174, - "narHash": "sha256-6vNfc7E9DMXF0IBXJCLA8Rp+uOgbDch/Q7beW0ys3Vo=", - "owner": "rcarriga", - "repo": "nvim-notify", - "rev": "22f29093eae7785773ee9d543f8750348b1a195c", - "type": "github" - }, - "original": { - "owner": "rcarriga", - "repo": "nvim-notify", - "type": "github" - } - }, - "nvim_plugin-rmagatti/auto-session": { - "flake": false, - "locked": { - "lastModified": 1742136796, - "narHash": "sha256-Tc4EfcucGAR+5qURjoYqG5gW24PCYJLVd47OrFhyfRo=", - "owner": "rmagatti", - "repo": "auto-session", - "rev": "317412742990371f8e4709074da5c378456a27ff", - "type": "github" - }, - "original": { - "owner": "rmagatti", - "repo": "auto-session", - "type": "github" - } - }, - "nvim_plugin-ron/ron.vim": { - "flake": false, - "locked": { - "lastModified": 1660904719, - "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", - "owner": "ron-rs", - "repo": "ron.vim", - "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", - "type": "github" - }, - "original": { - "owner": "ron-rs", - "repo": "ron.vim", - "type": "github" - } - }, - "nvim_plugin-saadparwaiz1/cmp_luasnip": { - "flake": false, - "locked": { - "lastModified": 1730707109, - "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", - "owner": "saadparwaiz1", - "repo": "cmp_luasnip", - "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", - "type": "github" - }, - "original": { - "owner": "saadparwaiz1", - "repo": "cmp_luasnip", - "type": "github" - } - }, - "nvim_plugin-sindrets/diffview.nvim": { - "flake": false, - "locked": { - "lastModified": 1718279802, - "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", - "owner": "sindrets", - "repo": "diffview.nvim", - "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", - "type": "github" - }, - "original": { - "owner": "sindrets", - "repo": "diffview.nvim", - "type": "github" - } - }, - "nvim_plugin-stevearc/conform.nvim": { - "flake": false, - "locked": { - "lastModified": 1741136809, - "narHash": "sha256-8uC+6rQdLqpfF/lf25mppqK/xgM1+6RGIyZaheaPd48=", - "owner": "stevearc", - "repo": "conform.nvim", - "rev": "db8a4a9edb217067b1d7a2e0362c74bfe9cc944d", - "type": "github" - }, - "original": { - "owner": "stevearc", - "repo": "conform.nvim", - "type": "github" - } - }, - "nvim_plugin-stevearc/dressing.nvim": { - "flake": false, - "locked": { - "lastModified": 1739381641, - "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", - "owner": "stevearc", - "repo": "dressing.nvim", - "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", - "type": "github" - }, - "original": { - "owner": "stevearc", - "repo": "dressing.nvim", - "type": "github" - } - }, - "nvim_plugin-tpope/vim-sleuth": { - "flake": false, - "locked": { - "lastModified": 1726718493, - "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", - "owner": "tpope", - "repo": "vim-sleuth", - "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", - "type": "github" - }, - "original": { - "owner": "tpope", - "repo": "vim-sleuth", - "type": "github" - } - }, - "nvim_plugin-tpope/vim-surround": { - "flake": false, - "locked": { - "lastModified": 1666730476, - "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", - "owner": "tpope", - "repo": "vim-surround", - "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", - "type": "github" - }, - "original": { - "owner": "tpope", - "repo": "vim-surround", - "type": "github" - } - }, - "nvim_plugin-uga-rosa/ccc.nvim": { - "flake": false, - "locked": { - "lastModified": 1735970087, - "narHash": "sha256-53WsxOfWULlO4VbSXA4DW6wjkbCzpQjkzv4O8pReuEc=", - "owner": "uga-rosa", - "repo": "ccc.nvim", - "rev": "b57cbaf8db3ac43c56c9e2c7f3812944638260ed", - "type": "github" - }, - "original": { - "owner": "uga-rosa", - "repo": "ccc.nvim", - "type": "github" - } - }, - "nvim_plugin-windwp/nvim-ts-autotag": { - "flake": false, - "locked": { - "lastModified": 1739910276, - "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", - "owner": "windwp", - "repo": "nvim-ts-autotag", - "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", - "type": "github" - }, - "original": { - "owner": "windwp", - "repo": "nvim-ts-autotag", - "type": "github" - } - }, - "nvim_plugin-yetone/avante.nvim": { - "flake": false, - "locked": { - "lastModified": 1742209600, - "narHash": "sha256-XmyRo20+VhyjP5CLgSy0Tr/7R031EJSmMEN/wK9JNk8=", - "owner": "yetone", - "repo": "avante.nvim", - "rev": "540cc53f0c30214e3e4b5688f030bb2d8277b8ce", - "type": "github" - }, - "original": { - "owner": "yetone", - "repo": "avante.nvim", - "type": "github" - } - }, - "nvim_plugin-zbirenbaum/copilot-cmp": { - "flake": false, - "locked": { - "lastModified": 1733947099, - "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", - "owner": "zbirenbaum", - "repo": "copilot-cmp", - "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", - "type": "github" - }, - "original": { - "owner": "zbirenbaum", - "repo": "copilot-cmp", - "type": "github" - } - }, - "nvim_plugin-zbirenbaum/copilot.lua": { - "flake": false, - "locked": { - "lastModified": 1739230958, - "narHash": "sha256-632UIbG1jwam+tug5+jODkT509+uBfJgUN21C3ppnEo=", - "owner": "zbirenbaum", - "repo": "copilot.lua", - "rev": "30321e33b03cb924fdcd6a806a0dc6fa0b0eafb9", - "type": "github" - }, - "original": { - "owner": "zbirenbaum", - "repo": "copilot.lua", - "type": "github" - } - }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "rust-overlay": "rust-overlay" }, "locked": { @@ -1213,84 +289,8 @@ "inputs": { "common": "common", "deploy-rs": "deploy-rs", - "nixpkgs": "nixpkgs_5", - "ros_neovim": "ros_neovim" - } - }, - "ros_neovim": { - "inputs": { - "nixpkgs": "nixpkgs_6", - "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", - "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", - "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", - "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", - "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", - "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", - "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", - "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", - "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", - "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", - "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", - "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", - "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", - "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", - "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", - "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", - "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", - "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", - "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", - "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", - "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", - "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", - "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", - "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", - "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", - "nvim_plugin-lvimuser/lsp-inlayhints.nvim": "nvim_plugin-lvimuser/lsp-inlayhints.nvim", - "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", - "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", - "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", - "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", - "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", - "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", - "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", - "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", - "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", - "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", - "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", - "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", - "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", - "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", - "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", - "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", - "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", - "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", - "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", - "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", - "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", - "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", - "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", - "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", - "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", - "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", - "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", - "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", - "nvim_plugin-yetone/avante.nvim": "nvim_plugin-yetone/avante.nvim", - "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", - "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", - "rust-overlay": "rust-overlay_2" - }, - "locked": { - "lastModified": 1742226527, - "narHash": "sha256-CT9227XXn1t8H1ivNBBkBcf+npB7tWk5yzEQoJvbGVU=", - "ref": "refs/heads/master", - "rev": "e8bafafc36fb2227dab8f0ddb67a2439d9077091", - "revCount": 268, - "type": "git", - "url": "https://git.joshuabell.xyz/nvim" - }, - "original": { - "type": "git", - "url": "https://git.joshuabell.xyz/nvim" + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs_5" } }, "rust-overlay": { @@ -1315,27 +315,6 @@ "type": "github" } }, - "rust-overlay_2": { - "inputs": { - "nixpkgs": [ - "ros_neovim", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1742178793, - "narHash": "sha256-S2onMdoDS4tIYd3/Jc5oFEZBr2dJOgPrh9KzSO/bfDw=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "954582a766a50ebef5695a9616c93b5386418c08", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, "systems": { "locked": { "lastModified": 1681028828, diff --git a/hosts/linode/l001/flake.nix b/hosts/linode/l001/flake.nix index 8c929dc..c313290 100644 --- a/hosts/linode/l001/flake.nix +++ b/hosts/linode/l001/flake.nix @@ -1,9 +1,10 @@ { inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + home-manager.url = "github:rycee/home-manager/release-24.11"; deploy-rs.url = "github:serokell/deploy-rs"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; - ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?rev=39edfefa5871d07c9f88ce92a55995eb347d9b09"; + common.inputs.home-manager.follows = "home-manager"; }; outputs = @@ -11,7 +12,6 @@ self, nixpkgs, common, - ros_neovim, deploy-rs, ... }: @@ -40,7 +40,6 @@ lib.nixosSystem { modules = [ common.nixosModules.default - ros_neovim.nixosModules.default ./configuration.nix ./hardware-configuration.nix ./linode.nix @@ -49,11 +48,6 @@ ( { config, pkgs, ... }: { - environment.systemPackages = with pkgs; [ - bitwarden - vaultwarden - ]; - ringofstorms_common = { systemName = configuration_name; general = { diff --git a/hosts/linode/l001/headscale.nix b/hosts/linode/l001/headscale.nix index a2bc52c..8e9a184 100644 --- a/hosts/linode/l001/headscale.nix +++ b/hosts/linode/l001/headscale.nix @@ -1,6 +1,5 @@ { pkgs, ... }: { - config = { # TODO backup /var/lib/headscale data # TODO https://github.com/gurucomputing/headscale-ui ? @@ -17,6 +16,31 @@ dns = { magic_dns = true; base_domain = "net.joshuabell.xyz"; + extra_records = + let + h001ARecord = name: { + type = "A"; + name = "${name}.joshuabell.xyz"; + value = "100.64.0.13"; + }; + + in + [ + # { + # type = "A"; + # name = "jellyfin.joshuabell.xyz"; + # value = "100.64.0.13"; + # } + h001ARecord "jellyfin" + h001ARecord "media" + h001ARecord "notes" + h001ARecord "chat" + h001ARecord "sso-proxy" + h001ARecord "n8n" + h001ARecord "sso" + h001ARecord "gist" + h001ARecord "git" + ]; }; }; }; diff --git a/hosts/linode/l001/nginx.nix b/hosts/linode/l001/nginx.nix index 00c8fc5..e262731 100644 --- a/hosts/linode/l001/nginx.nix +++ b/hosts/linode/l001/nginx.nix @@ -4,6 +4,7 @@ { security.acme.acceptTerms = true; security.acme.email = "admin@joshuabell.xyz"; + # security.acme.default.email = "admin@joshuabell.xyz"; services.nginx = { enable = true; recommendedGzipSettings = true; @@ -11,29 +12,16 @@ recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts = { - # default that is put first for fallbacks - # Note that order here doesn't matter it orders alphabetically so `0` puts it first - # I had an issue tha the first SSL port 443 site would catch any https traffic instead - # of hitting my default fallback and this fixes that issue and ensure this is hit instead - "001.linodes.joshuabell.xyz" = { - default = true; - enableACME = true; - forceSSL = true; - locations."/" = { - return = "444"; # 404 for not found or 444 for drop - }; - }; - "172.236.111.33" = { - locations."/" = { - return = "444"; - }; - }; - "2600:3c06::f03c:95ff:fe1c:84d3" = { - locations."/" = { - return = "444"; - }; - }; - + # "172.236.111.33" = { + # locations."/" = { + # return = "444"; + # }; + # }; + # "2600:3c06::f03c:95ff:fe1c:84d3" = { + # locations."/" = { + # return = "444"; + # }; + # }; "headscale.joshuabell.xyz" = { enableACME = true; forceSSL = true; @@ -42,6 +30,13 @@ proxyPass = "http://localhost:8080"; # headscale }; }; + "_" = { + rejectSSL = true; + default = true; + locations."/" = { + return = "444"; # 404 for not found or 444 for drop + }; + }; }; }; diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index c6e45c0..99fbebf 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -79,6 +79,8 @@ upkgs.ladybird google-chrome trilium-desktop + dig + traceroute ]; # Also allow this key to work for root user, this will let us use this as a remote builder easier users.users.root.openssh.authorizedKeys.keys = [ diff --git a/hosts/oracle/o001/flake.nix b/hosts/oracle/o001/flake.nix index 07f132a..8cc5889 100644 --- a/hosts/oracle/o001/flake.nix +++ b/hosts/oracle/o001/flake.nix @@ -19,6 +19,7 @@ }: let configuration_name = "o001"; + system = "aarch64-linux"; lib = nixpkgs.lib; in { @@ -30,7 +31,7 @@ ]; nodes.${configuration_name} = { hostname = "64.181.210.7"; - targetPlatform = "aarch64-linux"; + targetPlatform = system; profiles.system = { user = "root"; path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.${configuration_name}; @@ -41,7 +42,7 @@ nixosConfigurations = { nixos = self.nixosConfigurations.${configuration_name}; "${configuration_name}" = lib.nixosSystem { - system = "aarch64-linux"; + inherit system; modules = [ common.nixosModules.default ros_neovim.nixosModules.default From 75d49c9f2799081fa4b116a1015e90b310483869 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 23:17:50 -0500 Subject: [PATCH 054/109] add doc note for dnsmasq dns routes --- hosts/h003/mods/networking.nix | 8 +++++--- hosts/linode/l001/headscale.nix | 23 +++++++++-------------- 2 files changed, 14 insertions(+), 17 deletions(-) diff --git a/hosts/h003/mods/networking.nix b/hosts/h003/mods/networking.nix index 3a547c6..7173678 100644 --- a/hosts/h003/mods/networking.nix +++ b/hosts/h003/mods/networking.nix @@ -167,13 +167,15 @@ # Note in Ad GuardHome in DNS Settings add localhost:9053 to Private reverse DNS servers and enable them listen-address = "127.0.0.1"; port = 9053; + # NOTE these make it so my other devices don't hit the open net to stream movies + # while on the local network. Note that this is being paired with stateful settings + # in Adguardhome upstream dns servers: + # [/media.joshuabell.xyz/]127.0.0.1:9053 + # [/jellyfin.joshuabell.xyz/]127.0.0.1:9053 host-record = [ "media.joshuabell.xyz,10.12.14.10" "jellyfin.joshuabell.xyz,10.12.14.10" ]; - address = [ - "/h001.local.joshuabell.xyz/10.12.14.10" - ]; # DHCP range and settings dhcp-range = [ diff --git a/hosts/linode/l001/headscale.nix b/hosts/linode/l001/headscale.nix index 8e9a184..73d12bb 100644 --- a/hosts/linode/l001/headscale.nix +++ b/hosts/linode/l001/headscale.nix @@ -26,20 +26,15 @@ in [ - # { - # type = "A"; - # name = "jellyfin.joshuabell.xyz"; - # value = "100.64.0.13"; - # } - h001ARecord "jellyfin" - h001ARecord "media" - h001ARecord "notes" - h001ARecord "chat" - h001ARecord "sso-proxy" - h001ARecord "n8n" - h001ARecord "sso" - h001ARecord "gist" - h001ARecord "git" + (h001ARecord "jellyfin") + (h001ARecord "media") + (h001ARecord "notes") + (h001ARecord "chat") + (h001ARecord "sso-proxy") + (h001ARecord "n8n") + (h001ARecord "sso") + (h001ARecord "gist") + (h001ARecord "git") ]; }; }; From 3b5258646f1a66bb7da76e1d94512b84aa874c88 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 9 Oct 2025 23:52:00 -0500 Subject: [PATCH 055/109] remove auth from shared routes --- hosts/h001/mods/trilium.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index ff7cb20..c3394cf 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -53,6 +53,14 @@ in recommendedProxySettings = true; proxyPass = "http://127.0.0.1:9111"; }; + "/share" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:9111"; + extraConfig = '' + auth_request off; + ''; + }; }; }; # TODO revisit, am I going to use the native app or web version From 4ff663dfdf0f885c1cb1fff12906029396ecd8b8 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 10 Oct 2025 12:32:40 -0500 Subject: [PATCH 056/109] add blog site share --- hosts/h001/mods/trilium.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/hosts/h001/mods/trilium.nix b/hosts/h001/mods/trilium.nix index c3394cf..cc05344 100644 --- a/hosts/h001/mods/trilium.nix +++ b/hosts/h001/mods/trilium.nix @@ -50,12 +50,23 @@ in locations = { "/" = { proxyWebsockets = true; - recommendedProxySettings = true; proxyPass = "http://127.0.0.1:9111"; }; + }; + }; + "blog.joshuabell.xyz" = { + addSSL = true; + sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem"; + locations = { "/share" = { proxyWebsockets = true; - recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:9111"; + extraConfig = '' + auth_request off; + ''; + }; + "/assets" = { proxyPass = "http://127.0.0.1:9111"; extraConfig = '' auth_request off; From 9c31b6ccda95713aebabbc33a5f7d44705505671 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 14 Oct 2025 09:04:46 -0500 Subject: [PATCH 057/109] add blog domain --- hosts/linode/l001/headscale.nix | 1 + hosts/lio/flake.nix | 4 ++-- hosts/oracle/o001/nginx.nix | 8 ++++++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/hosts/linode/l001/headscale.nix b/hosts/linode/l001/headscale.nix index 73d12bb..98f93bb 100644 --- a/hosts/linode/l001/headscale.nix +++ b/hosts/linode/l001/headscale.nix @@ -35,6 +35,7 @@ (h001ARecord "sso") (h001ARecord "gist") (h001ARecord "git") + (h001ARecord "blog") ]; }; }; diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 99fbebf..74da5a6 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -4,8 +4,8 @@ nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - # common.url = "path:../../common"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + common.url = "path:../../common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix index a1ea33b..a87fa9b 100644 --- a/hosts/oracle/o001/nginx.nix +++ b/hosts/oracle/o001/nginx.nix @@ -179,6 +179,14 @@ proxyPass = "http://100.64.0.13"; }; }; + "blog.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://100.64.0.13"; + }; + }; "sso.joshuabell.xyz" = { enableACME = true; forceSSL = true; From f6cbad0373297b12a7bcc3651720a149788b42fc Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 14 Oct 2025 22:12:32 -0500 Subject: [PATCH 058/109] add more models to copilot --- hosts/h001/mods/litellm.nix | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/hosts/h001/mods/litellm.nix b/hosts/h001/mods/litellm.nix index 10b53d2..d67a905 100644 --- a/hosts/h001/mods/litellm.nix +++ b/hosts/h001/mods/litellm.nix @@ -116,15 +116,29 @@ in # } # Copilot + { + model_name = "copilot-claude-sonnet-4.5"; + litellm_params = { + model = "github_copilot/claude-sonnet-4.5"; + extra_headers = { + editor-version = "vscode/${pkgs.vscode.version}"; + editor-plugin-version = "copilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; + Copilot-Integration-Id = "vscode-chat"; + Copilot-Vision-Request = "true"; + user-agent = "GithubCopilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; + }; + }; + } { model_name = "copilot-claude-sonnet-4"; litellm_params = { model = "github_copilot/claude-sonnet-4"; extra_headers = { - "editor-version" = "vscode/1.85.1"; - "Copilot-Integration-Id" = "vscode-chat"; - "user-agent" = "GithubCopilot/1.155.0"; - "editor-plugin-version" = "copilot/1.155.0"; + editor-version = "vscode/${pkgs.vscode.version}"; + editor-plugin-version = "copilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; + Copilot-Integration-Id = "vscode-chat"; + Copilot-Vision-Request = "true"; + user-agent = "GithubCopilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; }; }; } @@ -133,10 +147,11 @@ in litellm_params = { model = "github_copilot/gemini-2.5-pro"; extra_headers = { - "editor-version" = "vscode/1.85.1"; - "Copilot-Integration-Id" = "vscode-chat"; - "user-agent" = "GithubCopilot/1.155.0"; - "editor-plugin-version" = "copilot/1.155.0"; + editor-version = "vscode/${pkgs.vscode.version}"; + editor-plugin-version = "copilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; + Copilot-Integration-Id = "vscode-chat"; + Copilot-Vision-Request = "true"; + user-agent = "GithubCopilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; }; }; } From d62189c56601ef5ea7c0323cad6596630b858d97 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 14 Oct 2025 23:12:25 -0500 Subject: [PATCH 059/109] improvements on litellm and chat interfaces --- hosts/h001/mods/litellm.nix | 217 ++++++++++++++-------------------- hosts/h001/mods/openwebui.nix | 2 + 2 files changed, 90 insertions(+), 129 deletions(-) diff --git a/hosts/h001/mods/litellm.nix b/hosts/h001/mods/litellm.nix index d67a905..178d4c4 100644 --- a/hosts/h001/mods/litellm.nix +++ b/hosts/h001/mods/litellm.nix @@ -36,140 +36,15 @@ in settings = { environment_variables = { LITELLM_PROXY_API_KEY = "na"; + LITELLM_PROXY_API_BASE = "http://100.64.0.8:9010/air_key"; }; litellm_settings = { check_provider_endpoints = true; + drop_params = true; }; model_list = [ - # existing - { - model_name = "GPT-5"; - litellm_params = { - model = "azure/gpt-5-2025-08-07"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-5-mini"; - litellm_params = { - model = "azure/gpt-5-mini-2025-08-07"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-5-nano"; - litellm_params = { - model = "azure/gpt-5-nano-2025-08-07"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - # { - # model_name = "GPT-5-codex"; - # litellm_params = { - # model = "azure/gpt-5-codex-2025-09-15"; - # api_base = "http://100.64.0.8:9010/azure"; - # api_version = "2025-04-01-preview"; - # api_key = "na"; - # }; - # } - { - model_name = "GPT-4.1"; - litellm_params = { - model = "azure/gpt-4.1-2025-04-14"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-4.1-mini"; - litellm_params = { - model = "azure/gpt-4.1-mini-2025-04-14"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - { - model_name = "GPT-4o"; - litellm_params = { - model = "azure/gpt-4o-2024-05-13"; - api_base = "http://100.64.0.8:9010/azure"; - api_version = "2025-04-01-preview"; - api_key = "na"; - }; - } - # { - # model_name = "dall-e-3-3.0"; - # litellm_params = { - # model = "azure/dall-e-3-3.0"; - # api_base = "http://100.64.0.8:9010/azure"; - # api_version = "2025-04-01-preview"; - # api_key = "na"; - # }; - # } - - # Copilot - { - model_name = "copilot-claude-sonnet-4.5"; - litellm_params = { - model = "github_copilot/claude-sonnet-4.5"; - extra_headers = { - editor-version = "vscode/${pkgs.vscode.version}"; - editor-plugin-version = "copilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; - Copilot-Integration-Id = "vscode-chat"; - Copilot-Vision-Request = "true"; - user-agent = "GithubCopilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; - }; - }; - } - { - model_name = "copilot-claude-sonnet-4"; - litellm_params = { - model = "github_copilot/claude-sonnet-4"; - extra_headers = { - editor-version = "vscode/${pkgs.vscode.version}"; - editor-plugin-version = "copilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; - Copilot-Integration-Id = "vscode-chat"; - Copilot-Vision-Request = "true"; - user-agent = "GithubCopilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; - }; - }; - } - { - model_name = "copilot-google-gemini-2.5-pro"; - litellm_params = { - model = "github_copilot/gemini-2.5-pro"; - extra_headers = { - editor-version = "vscode/${pkgs.vscode.version}"; - editor-plugin-version = "copilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; - Copilot-Integration-Id = "vscode-chat"; - Copilot-Vision-Request = "true"; - user-agent = "GithubCopilot/${pkgs.vscode-marketplace-release.github.copilot.version}"; - }; - }; - } - # { - # model_name = "copilot-google-gemini-2.0-flash"; - # litellm_params = { - # model = "github_copilot/gemini-2.0-flash"; - # extra_headers = { - # "editor-version" = "vscode/1.85.1"; - # "Copilot-Integration-Id" = "vscode-chat"; - # "user-agent" = "GithubCopilot/1.155.0"; - # "editor-plugin-version" = "copilot/1.155.0"; - # }; - # }; - # } - # 宙 Proxy - # { + # { # NOTE model discovery not working yet? https://canary.discord.com/channels/1123360753068540065/1409974123987210350/1427864010241609752 # model_name = "litellm_proxy/*"; # litellm_params = { # model = "litellm_proxy/*"; @@ -177,7 +52,91 @@ in # api_key = "os.environ/LITELLM_PROXY_API_KEY"; # }; # } - ]; + ] + # Azure + ++ (builtins.map + (m: { + model_name = "azure-${m}"; + litellm_params = { + model = "azure/${m}"; + api_base = "http://100.64.0.8:9010/azure"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + }) + [ + "gpt-4o-2024-05-13" + "gpt-4.1-2025-04-14" + "gpt-4.1-mini-2025-04-14" + "gpt-5-nano-2025-08-07" + "gpt-5-mini-2025-08-07" + "gpt-5-2025-08-07" + # "gpt-5-codex-2025-09-15" + ] + ) + # Copilot + ++ (builtins.map + (m: { + model_name = "copilot-${m}"; + litellm_params = { + model = "github_copilot/${m}"; + extra_headers = { + editor-version = "vscode/${pkgs.vscode.version}"; + editor-plugin-version = "copilot/${pkgs.vscode-extensions.github.copilot.version}"; + Copilot-Integration-Id = "vscode-chat"; + Copilot-Vision-Request = "true"; + user-agent = "GithubCopilot/${pkgs.vscode-extensions.github.copilot.version}"; + }; + }; + + }) + # List from https://github.com/settings/copilot/features enabled models + [ + "claude-sonnet-4.5" + "claude-sonnet-4" + "gemini-2.5-pro" + ] + ) + # 宙 Proxy + ++ (builtins.map + (m: { + model_name = "air-${m}"; + litellm_params = { + model = "litellm_proxy/${m}"; + api_base = "http://100.64.0.8:9010/air_key"; + api_key = "os.environ/LITELLM_PROXY_API_KEY"; + }; + }) + # curl -L t.net.joshuabell.xyz:9010/air_key/models | jq '.data.[].id' + [ + "gpt-5-mini" + "gpt-5" + "gpt-4.1" + "gpt-4.1-mini" + "gpt-4o" + "gpt-4o-mini" + "o3-mini" + "o4-mini" + "gemini-2.5-pro" + "gemini-2.0-flash" + "gemini-2.5-flash" + "gemini-2.0-flash-lite" + "gemini-2.5-flash-lite" + "claude-opus-4.1" + "claude-opus-4" + "claude-sonnet-4" + "claude-3.7-sonnet" + "text-embedding-3-small" + "text-embedding-3-large" + "text-embedding-ada-002" + "text-embedding-large-exp-03-07" + "text-embedding-005" + "llama7b" + "medgemma-4b" + "qwen3-instruct" + "bge-small-en-v1.5" + ] + ); }; }; }; diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix index f0c80f7..a1dd64c 100644 --- a/hosts/h001/mods/openwebui.nix +++ b/hosts/h001/mods/openwebui.nix @@ -68,6 +68,8 @@ in OAUTH_ADMIN_ROLES = "admin"; # OAUTH_PICTURE_CLAIM = "picture"; # OAUTH_UPDATE_PICTURE_ON_LOGIN = "True"; + + BYPASS_MODEL_ACCESS_CONTROL="True"; }; }; }; From 9b31ad84877c92b2d64c4dc7891317b9c305273b Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Fri, 17 Oct 2025 10:16:25 -0500 Subject: [PATCH 060/109] disable opensnitch for now need to work on rules for it --- common/desktop_environment/sway/default.nix | 8 +- .../sway/home_manager/sway.nix | 5 +- common/general/default.nix | 14 +++ hosts/lio/flake.lock | 105 +++++++----------- hosts/lio/flake.nix | 3 + 5 files changed, 65 insertions(+), 70 deletions(-) diff --git a/common/desktop_environment/sway/default.nix b/common/desktop_environment/sway/default.nix index 71a46c1..3afa420 100644 --- a/common/desktop_environment/sway/default.nix +++ b/common/desktop_environment/sway/default.nix @@ -115,14 +115,10 @@ with lib; # Ensure graphics/OpenGL are enabled so Sway uses GPU-backed rendering hardware.graphics = { - enable = true; - # Keep defaults; Sway runs fine with mesa in system - }; - - hardware.opengl = { enable = true; # extraPackages can be used to force vendor-specific mesa/drivers if needed - extraPackages = with pkgs; []; + # Keep defaults; Sway runs fine with mesa in system + # extraPackages = with pkgs; []; }; # Environment variables diff --git a/common/desktop_environment/sway/home_manager/sway.nix b/common/desktop_environment/sway/home_manager/sway.nix index d14f573..49a95f4 100644 --- a/common/desktop_environment/sway/home_manager/sway.nix +++ b/common/desktop_environment/sway/home_manager/sway.nix @@ -18,6 +18,8 @@ in enable = true; xwayland = true; + systemd.enable = true; + config = lib.mkMerge [ rec { modifier = "Mod4"; # SUPER @@ -181,7 +183,8 @@ in { command = "exec sh -c 'sleep 0.01; swaymsg workspace number 7 ; sleep 0.01; swaymsg workspace number 1'"; } - { command = "pgrep waybar >/dev/null || waybar"; } + # Waybar is managed by Home Manager systemd unit + # { command = "pgrep waybar >/dev/null || waybar"; } ]; } cfg.extraOptions diff --git a/common/general/default.nix b/common/general/default.nix index 49e8900..9212944 100644 --- a/common/general/default.nix +++ b/common/general/default.nix @@ -65,10 +65,24 @@ in networking = { hostName = top_cfg.systemName; nftables.enable = true; + # Clears firewall rules on reboot, only ones set in config will be remade nftables.flushRuleset = true; firewall.enable = true; }; + # services.opensnitch = { + # enable = true; + # settings = { + # Firewall = if config.networking.nftables.enable then "nftables" else "iptables"; + # InterceptUknown = true; + # ProcMonitorMethod = "ebpf"; + # DefaultAction = "deny"; + # }; + # rules = { + # + # }; + # }; + # Enable flakes nix.settings.experimental-features = lib.mkIf cfg.flakeOptions [ "nix-command" diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 44cf53f..00f1791 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -49,11 +49,11 @@ ] }, "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", "type": "github" }, "original": { @@ -67,22 +67,17 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "lastModified": 1760053007, - "narHash": "sha256-0csJRXdWM+ybfB41g6Ptndi0WRU33onQRH0SdNKZmio=", - "ref": "refs/heads/master", - "rev": "8e5e514b169b62833457d6d851bb1437fb8a8257", - "revCount": 711, - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + "path": "../../common", + "type": "path" }, "original": { - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" - } + "path": "../../common", + "type": "path" + }, + "parent": [] }, "crane": { "locked": { @@ -273,11 +268,11 @@ ] }, "locked": { - "lastModified": 1758192433, - "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", "type": "github" }, "original": { @@ -302,11 +297,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759094452, - "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "lastModified": 1759988134, + "narHash": "sha256-uVaAXjJgo2/uGJz6lD+Bn5nBBmW5AAr2n8lW7v7h0PI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "rev": "b965fb2a40b132209b58f511e2604a2939461818", "type": "github" }, "original": { @@ -404,11 +399,11 @@ ] }, "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "type": "github" }, "original": { @@ -436,11 +431,11 @@ ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "type": "github" }, "original": { @@ -463,11 +458,11 @@ ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1759619523, + "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", "type": "github" }, "original": { @@ -537,11 +532,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1759036355, - "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=", + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "type": "github" }, "original": { @@ -553,11 +548,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1758198701, - "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -568,22 +563,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1758690382, - "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "e643668fd71b949c53f8626614b21ff71a07379d", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -599,13 +578,13 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { - "lastModified": 1759143472, - "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", + "lastModified": 1760423683, + "narHash": "sha256-Tb+NYuJhWZieDZUxN6PgglB16yuqBYQeMJyYBGCXlt8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23", + "rev": "a493e93b4a259cd9fea8073f89a7ed9b1c5a1da2", "type": "github" }, "original": { @@ -615,7 +594,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1759772810, "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", @@ -1539,7 +1518,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { @@ -1559,14 +1538,14 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1625,11 +1604,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1759884037, - "narHash": "sha256-b7NRujkErYwxiTIYBLFHO07plS0caVR5CQZbcitBIgE=", + "lastModified": 1760630879, + "narHash": "sha256-H1ZHzlSpu2dxnM69OYCB6qJVZfVIbR3hBu3LcVW2eKw=", "ref": "refs/heads/master", - "rev": "468195ab00baa215392dbef52018e180579498b5", - "revCount": 309, + "rev": "d1172c40fd221200a1c7f924d0e43b395f3338ad", + "revCount": 310, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/nvim" }, diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 74da5a6..fff7388 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -81,6 +81,7 @@ trilium-desktop dig traceroute + # opensnitch-ui ]; # Also allow this key to work for root user, this will let us use this as a remote builder easier users.users.root.openssh.authorizedKeys.keys = [ @@ -168,6 +169,8 @@ zoxide zsh ]; + + # services.opensnitch-ui.enable = true; }; }; }; From 35cff92c209806bb76ad51e0c515dde6ad2b6a22 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 18 Oct 2025 14:40:31 -0500 Subject: [PATCH 061/109] update common --- common/flake.lock | 6 +++--- common/general/shell/common.sh | 2 +- flake.lock | 12 ++++++------ 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/common/flake.lock b/common/flake.lock index 9d1e421..9b7c9cb 100644 --- a/common/flake.lock +++ b/common/flake.lock @@ -266,11 +266,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759988134, - "narHash": "sha256-uVaAXjJgo2/uGJz6lD+Bn5nBBmW5AAr2n8lW7v7h0PI=", + "lastModified": 1760813095, + "narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b965fb2a40b132209b58f511e2604a2939461818", + "rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a", "type": "github" }, "original": { diff --git a/common/general/shell/common.sh b/common/general/shell/common.sh index 3c23918..6f9fcb9 100644 --- a/common/general/shell/common.sh +++ b/common/general/shell/common.sh @@ -145,7 +145,7 @@ stash() { read -e -p "Stash label [default: $default_label]: " label fi label=${label:-$default_label} - git stash push -m "$label" + git stash push -u -k -m "$label" } pop() { diff --git a/flake.lock b/flake.lock index c7983c7..ba2bf35 100644 --- a/flake.lock +++ b/flake.lock @@ -266,11 +266,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759988134, - "narHash": "sha256-uVaAXjJgo2/uGJz6lD+Bn5nBBmW5AAr2n8lW7v7h0PI=", + "lastModified": 1760813095, + "narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b965fb2a40b132209b58f511e2604a2939461818", + "rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a", "type": "github" }, "original": { @@ -501,11 +501,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1759831965, - "narHash": "sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH+47XEBo=", + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c9b6fb798541223bbb396d287d16f43520250518", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "type": "github" }, "original": { From 2238aaf36795a140ce099d6dad07d19b8cd1356b Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 18 Oct 2025 14:41:59 -0500 Subject: [PATCH 062/109] update and pin lio to remote common --- hosts/h001/flake.nix | 4 +-- hosts/lio/flake.lock | 55 ++++++++++++++++++++++++++++------------- hosts/lio/flake.nix | 4 +-- hosts/testbed/flake.nix | 4 +-- 4 files changed, 44 insertions(+), 23 deletions(-) diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix index e88622d..3ef255e 100644 --- a/hosts/h001/flake.nix +++ b/hosts/h001/flake.nix @@ -8,8 +8,8 @@ oauth2-proxy-nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - common.url = "path:../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 00f1791..5892055 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -67,17 +67,22 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "path": "../../common", - "type": "path" + "lastModified": 1760816431, + "narHash": "sha256-X3s7h60hnps26+KkRXn52E3Tq+j/vDcmNvWnDiHtWxI=", + "ref": "refs/heads/master", + "rev": "35cff92c209806bb76ad51e0c515dde6ad2b6a22", + "revCount": 725, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../common", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -297,11 +302,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759988134, - "narHash": "sha256-uVaAXjJgo2/uGJz6lD+Bn5nBBmW5AAr2n8lW7v7h0PI=", + "lastModified": 1760813095, + "narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b965fb2a40b132209b58f511e2604a2939461818", + "rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a", "type": "github" }, "original": { @@ -563,6 +568,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -578,13 +599,13 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { - "lastModified": 1760423683, - "narHash": "sha256-Tb+NYuJhWZieDZUxN6PgglB16yuqBYQeMJyYBGCXlt8=", + "lastModified": 1760580664, + "narHash": "sha256-/YdfibIrnqXAL8p5kqCU345mzpHoOtuVIkMiI2pF4Dc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a493e93b4a259cd9fea8073f89a7ed9b1c5a1da2", + "rev": "98ff3f9af2684f6136c24beef08f5e2033fc5389", "type": "github" }, "original": { @@ -594,7 +615,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1759772810, "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", @@ -1518,7 +1539,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -1538,14 +1559,14 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-unstable": "nixpkgs-unstable", "ros_neovim": "ros_neovim" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index fff7388..4212ba1 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -4,8 +4,8 @@ nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - common.url = "path:../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; diff --git a/hosts/testbed/flake.nix b/hosts/testbed/flake.nix index 3f4a148..58c3842 100644 --- a/hosts/testbed/flake.nix +++ b/hosts/testbed/flake.nix @@ -4,8 +4,8 @@ # nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - common.url = "path:../../common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; disko.url = "github:nix-community/disko/latest"; disko.inputs.nixpkgs.follows = "nixpkgs"; From b2bb9f44c4d4a0bc301c40eda23cda17763aa1a6 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 18 Oct 2025 14:44:46 -0500 Subject: [PATCH 063/109] update and lock h001 --- hosts/h001/flake.lock | 121 +++++++++++++++++++++++++----------------- 1 file changed, 71 insertions(+), 50 deletions(-) diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock index bda5dde..65be22d 100644 --- a/hosts/h001/flake.lock +++ b/hosts/h001/flake.lock @@ -49,11 +49,11 @@ ] }, "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", "type": "github" }, "original": { @@ -67,17 +67,22 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_3", "ragenix": "ragenix" }, "locked": { - "path": "../../common", - "type": "path" + "lastModified": 1760816519, + "narHash": "sha256-f6xAZROOBHWrmKdmVxmVpNjg6Q7EwwBRcaQ+VmnWBeQ=", + "ref": "refs/heads/master", + "rev": "2238aaf36795a140ce099d6dad07d19b8cd1356b", + "revCount": 726, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../common", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -268,11 +273,11 @@ ] }, "locked": { - "lastModified": 1758192433, - "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", "type": "github" }, "original": { @@ -297,11 +302,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759094452, - "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", + "lastModified": 1760813095, + "narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", + "rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a", "type": "github" }, "original": { @@ -399,11 +404,11 @@ ] }, "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "type": "github" }, "original": { @@ -431,11 +436,11 @@ ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "type": "github" }, "original": { @@ -458,11 +463,11 @@ ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1759619523, + "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", "type": "github" }, "original": { @@ -500,11 +505,11 @@ }, "litellm-nixpkgs": { "locked": { - "lastModified": 1759733170, - "narHash": "sha256-TXnlsVb5Z8HXZ6mZoeOAIwxmvGHp1g4Dw89eLvIwKVI=", + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8913c168d1c56dc49a7718685968f38752171c3b", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "type": "github" }, "original": { @@ -532,7 +537,7 @@ }, "nixarr": { "inputs": { - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "vpnconfinement": "vpnconfinement", "website-builder": "website-builder" }, @@ -568,11 +573,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1758198701, - "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -583,6 +588,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1741379970, "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", @@ -598,7 +619,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1748662220, "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", @@ -614,13 +635,13 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { - "lastModified": 1759735786, - "narHash": "sha256-a0+h02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0=", + "lastModified": 1760580664, + "narHash": "sha256-/YdfibIrnqXAL8p5kqCU345mzpHoOtuVIkMiI2pF4Dc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "20c4598c84a671783f741e02bf05cbfaf4907cff", + "rev": "98ff3f9af2684f6136c24beef08f5e2033fc5389", "type": "github" }, "original": { @@ -630,7 +651,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1759772810, "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", @@ -1527,11 +1548,11 @@ }, "oauth2-proxy-nixpkgs": { "locked": { - "lastModified": 1759733170, - "narHash": "sha256-TXnlsVb5Z8HXZ6mZoeOAIwxmvGHp1g4Dw89eLvIwKVI=", + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8913c168d1c56dc49a7718685968f38752171c3b", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "type": "github" }, "original": { @@ -1586,7 +1607,7 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "rust-overlay": "rust-overlay" }, "locked": { @@ -1608,7 +1629,7 @@ "common": "common", "litellm-nixpkgs": "litellm-nixpkgs", "nixarr": "nixarr", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "oauth2-proxy-nixpkgs": "oauth2-proxy-nixpkgs", "open-webui-nixpkgs": "open-webui-nixpkgs", "ros_neovim": "ros_neovim", @@ -1617,7 +1638,7 @@ }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_7", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1676,11 +1697,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1759881611, - "narHash": "sha256-OrWyZDLEafAP90pCun/6mE1F88znpJYi3rRIHQo8Wrs=", + "lastModified": 1760630879, + "narHash": "sha256-H1ZHzlSpu2dxnM69OYCB6qJVZfVIbR3hBu3LcVW2eKw=", "ref": "refs/heads/master", - "rev": "31a6fc294d8db6fc3c89e60321e052bae8b9e96b", - "revCount": 308, + "rev": "d1172c40fd221200a1c7f924d0e43b395f3338ad", + "revCount": 310, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/nvim" }, @@ -1779,11 +1800,11 @@ }, "trilium-nixpkgs": { "locked": { - "lastModified": 1759831965, - "narHash": "sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH+47XEBo=", + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c9b6fb798541223bbb396d287d16f43520250518", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "type": "github" }, "original": { From 7215fd37bf82afba198482b634c543f96f0b894f Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Mon, 20 Oct 2025 20:45:26 -0500 Subject: [PATCH 064/109] WIP new top level flakes break down --- common/flake.nix | 2 - common/programs/default.nix | 1 - common/programs/flatpaks.nix | 66 ----- flakes/common/flake.nix | 16 ++ flakes/common/hm_modules/alacritty.nix | 34 +++ flakes/common/hm_modules/atuin.nix | 18 ++ flakes/common/hm_modules/de_sway/default.nix | 12 + flakes/common/hm_modules/de_sway/polkit.nix | 4 + flakes/common/hm_modules/de_sway/sway.nix | 180 ++++++++++++ flakes/common/hm_modules/de_sway/swaylock.nix | 15 + flakes/common/hm_modules/de_sway/swaync.nix | 100 +++++++ flakes/common/hm_modules/de_sway/theme.nix | 15 + flakes/common/hm_modules/de_sway/waybar.nix | 246 +++++++++++++++++ .../hm_modules/de_sway/waybar/power_menu.xml | 26 ++ .../hm_modules/de_sway/waybar/waybar.css | 101 +++++++ flakes/common/hm_modules/de_sway/wofi.nix | 23 ++ flakes/common/hm_modules/direnv.nix | 23 ++ flakes/common/hm_modules/foot.nix | 47 ++++ flakes/common/hm_modules/git.nix | 67 +++++ flakes/common/hm_modules/kitty.nix | 56 ++++ flakes/common/hm_modules/launcher_rofi.nix | 18 ++ .../hm_modules/postgres_cli_options.nix | 7 + flakes/common/hm_modules/slicer.nix | 33 +++ flakes/common/hm_modules/ssh.nix | 162 +++++++++++ flakes/common/hm_modules/starship.nix | 52 ++++ flakes/common/hm_modules/tmux/default.nix | 76 ++++++ flakes/common/hm_modules/tmux/tmux-reset.conf | 76 ++++++ flakes/common/hm_modules/zoxide.nix | 8 + flakes/common/hm_modules/zsh.nix | 42 +++ flakes/common/nix_modules/boot_grub.nix | 10 + flakes/common/nix_modules/boot_systemd.nix | 15 + flakes/common/nix_modules/de_sway.nix | 121 ++++++++ flakes/common/utils.nix | 56 ++++ flakes/hyprland/default.nix | 170 ++++++++++++ flakes/hyprland/flake.nix | 36 +++ flakes/hyprland/home_manager/default.nix | 15 + flakes/hyprland/home_manager/hyprland.nix | 176 ++++++++++++ flakes/hyprland/home_manager/hyprpaper.nix | 22 ++ .../hyprland/home_manager/hyprpolkitagent.nix | 8 + flakes/hyprland/home_manager/quickshell.nix | 93 +++++++ flakes/hyprland/home_manager/scripts.nix | 10 + .../home_manager/scripts/confirm-action.sh | 14 + .../scripts/toggle-airplane-mode.sh | 6 + .../scripts/toggle-power-profile.sh | 6 + .../scripts/wofi-bluetooth-menu.sh | 21 ++ .../home_manager/scripts/wofi-wifi-menu.sh | 24 ++ flakes/hyprland/home_manager/swaylock.nix | 17 ++ flakes/hyprland/home_manager/swaync.nix | 251 +++++++++++++++++ flakes/hyprland/home_manager/template.nix | 18 ++ flakes/hyprland/home_manager/theme.nix | 32 +++ flakes/hyprland/home_manager/waybar.nix | 258 ++++++++++++++++++ .../home_manager/waybar/power_menu.xml | 26 ++ .../hyprland/home_manager/waybar/waybar.css | 102 +++++++ flakes/hyprland/home_manager/wofi.nix | 26 ++ flakes/secrets/flake.nix | 33 +++ flakes/test | 0 hosts/lio/home_manager.nix | 10 + 57 files changed, 3033 insertions(+), 69 deletions(-) delete mode 100644 common/programs/flatpaks.nix create mode 100644 flakes/common/flake.nix create mode 100644 flakes/common/hm_modules/alacritty.nix create mode 100644 flakes/common/hm_modules/atuin.nix create mode 100644 flakes/common/hm_modules/de_sway/default.nix create mode 100644 flakes/common/hm_modules/de_sway/polkit.nix create mode 100644 flakes/common/hm_modules/de_sway/sway.nix create mode 100644 flakes/common/hm_modules/de_sway/swaylock.nix create mode 100644 flakes/common/hm_modules/de_sway/swaync.nix create mode 100644 flakes/common/hm_modules/de_sway/theme.nix create mode 100644 flakes/common/hm_modules/de_sway/waybar.nix create mode 100644 flakes/common/hm_modules/de_sway/waybar/power_menu.xml create mode 100644 flakes/common/hm_modules/de_sway/waybar/waybar.css create mode 100644 flakes/common/hm_modules/de_sway/wofi.nix create mode 100644 flakes/common/hm_modules/direnv.nix create mode 100644 flakes/common/hm_modules/foot.nix create mode 100644 flakes/common/hm_modules/git.nix create mode 100644 flakes/common/hm_modules/kitty.nix create mode 100644 flakes/common/hm_modules/launcher_rofi.nix create mode 100644 flakes/common/hm_modules/postgres_cli_options.nix create mode 100644 flakes/common/hm_modules/slicer.nix create mode 100644 flakes/common/hm_modules/ssh.nix create mode 100644 flakes/common/hm_modules/starship.nix create mode 100644 flakes/common/hm_modules/tmux/default.nix create mode 100644 flakes/common/hm_modules/tmux/tmux-reset.conf create mode 100644 flakes/common/hm_modules/zoxide.nix create mode 100644 flakes/common/hm_modules/zsh.nix create mode 100644 flakes/common/nix_modules/boot_grub.nix create mode 100644 flakes/common/nix_modules/boot_systemd.nix create mode 100644 flakes/common/nix_modules/de_sway.nix create mode 100644 flakes/common/utils.nix create mode 100644 flakes/hyprland/default.nix create mode 100644 flakes/hyprland/flake.nix create mode 100644 flakes/hyprland/home_manager/default.nix create mode 100644 flakes/hyprland/home_manager/hyprland.nix create mode 100644 flakes/hyprland/home_manager/hyprpaper.nix create mode 100644 flakes/hyprland/home_manager/hyprpolkitagent.nix create mode 100644 flakes/hyprland/home_manager/quickshell.nix create mode 100644 flakes/hyprland/home_manager/scripts.nix create mode 100755 flakes/hyprland/home_manager/scripts/confirm-action.sh create mode 100755 flakes/hyprland/home_manager/scripts/toggle-airplane-mode.sh create mode 100755 flakes/hyprland/home_manager/scripts/toggle-power-profile.sh create mode 100755 flakes/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh create mode 100755 flakes/hyprland/home_manager/scripts/wofi-wifi-menu.sh create mode 100644 flakes/hyprland/home_manager/swaylock.nix create mode 100644 flakes/hyprland/home_manager/swaync.nix create mode 100644 flakes/hyprland/home_manager/template.nix create mode 100644 flakes/hyprland/home_manager/theme.nix create mode 100644 flakes/hyprland/home_manager/waybar.nix create mode 100644 flakes/hyprland/home_manager/waybar/power_menu.xml create mode 100644 flakes/hyprland/home_manager/waybar/waybar.css create mode 100644 flakes/hyprland/home_manager/wofi.nix create mode 100644 flakes/secrets/flake.nix create mode 100644 flakes/test create mode 100644 hosts/lio/home_manager.nix diff --git a/common/flake.nix b/common/flake.nix index 1b299be..05bf7ab 100644 --- a/common/flake.nix +++ b/common/flake.nix @@ -3,7 +3,6 @@ # NOTE if you add/change any inputs here also add them in the TOP level repo's flake.nix home-manager.url = "github:rycee/home-manager/release-25.05"; ragenix.url = "github:yaxitech/ragenix"; - nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; hyprland.url = "github:hyprwm/Hyprland"; }; @@ -28,7 +27,6 @@ imports = [ home-manager.nixosModules.default ragenix.nixosModules.age - nix-flatpak.nixosModules.nix-flatpak hyprland.nixosModules.default ./_home_manager ./options.nix diff --git a/common/programs/default.nix b/common/programs/default.nix index c56a1ab..82c2679 100644 --- a/common/programs/default.nix +++ b/common/programs/default.nix @@ -13,7 +13,6 @@ in ./docker.nix ./podman.nix ./incus.nix - ./flatpaks.nix ./virt-manager.nix ]; config = { diff --git a/common/programs/flatpaks.nix b/common/programs/flatpaks.nix deleted file mode 100644 index 307fff2..0000000 --- a/common/programs/flatpaks.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "flatpaks" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "flatpaks"; - packages = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - description = "List of Flatpak package names to install."; - }; - }; - - config = lib.mkIf cfg.enable { - services.flatpak = { - enable = true; - packages = cfg.packages; - overrides = { - global = { - Context.sockets = [ - "wayland" - "x11" - ]; - Context.devices = [ "dri" ]; # allow GPU access if desired - Environment = { - XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons"; - GTK_THEME = "Adwaita:dark"; - # Force wayland as much as possible. - ELECTRON_OZONE_PLATFORM_HINT = "auto"; # or 'auto' - GTK_USE_PORTAL = "1"; - OZONE_PLATFORM = "wayland"; - QT_QPA_PLATFORM = "xcb"; # force XCB for Flatpaks (XWayland) - }; - }; - "org.signal.Signal" = { - Environment = { - SIGNAL_PASSWORD_STORE = "gnome-libsecret"; - }; - Context = { - sockets = [ - "xfg-settings" - ]; - }; - }; - "com.google.Chrome" = { - Environment = { - CHROME_EXTRA_ARGS = "--enable-features=WaylandWindowDecorations --ozone-platform-hint=auto"; - }; - }; - }; - }; - }; -} diff --git a/flakes/common/flake.nix b/flakes/common/flake.nix new file mode 100644 index 0000000..bed3399 --- /dev/null +++ b/flakes/common/flake.nix @@ -0,0 +1,16 @@ +let + utils = import ./utils.nix; +in +with utils; +{ + description = "Common NixOS configuration modules and Home Manager modules that require not other inputs beyond nixpkgs or home-manager itself. This is made by me for me and not designed to be general purpose for anyone else, but could be useful nontheless."; + inputs = { }; + outputs = + { + ... + }: + { + nixosModules = importAll ./nix_modules; + homeManagerModules = importAll ./hm_modules; + }; +} diff --git a/flakes/common/hm_modules/alacritty.nix b/flakes/common/hm_modules/alacritty.nix new file mode 100644 index 0000000..0794c15 --- /dev/null +++ b/flakes/common/hm_modules/alacritty.nix @@ -0,0 +1,34 @@ +{ ... }: +{ + programs.alacritty = { + enable = true; + settings = { + window = { + decorations = "None"; + dynamic_title = false; + }; + colors = { + primary = { + foreground = "#e0e0e0"; + background = "#262626"; + }; + normal = { + # Catppuccin Coal + black = "#1f1f1f"; + red = "#f38ba8"; + green = "#a6e3a1"; + yellow = "#f9e2af"; + blue = "#89b4fa"; + magenta = "#cba6f7"; + cyan = "#89dceb"; + white = "#e0e0e0"; + }; + }; + font = { + normal = { family = "JetBrainsMonoNL Nerd Font"; style = "Regular"; }; + size = 12.0; + }; + }; + }; +} + diff --git a/flakes/common/hm_modules/atuin.nix b/flakes/common/hm_modules/atuin.nix new file mode 100644 index 0000000..021745f --- /dev/null +++ b/flakes/common/hm_modules/atuin.nix @@ -0,0 +1,18 @@ +{ ... }: +# TODO setup auto secret/login for sync +{ + programs.atuin = { + enable = true; + enableZshIntegration = true; # TODO make dynamic? + flags = [ "--disable-up-arrow" ]; + settings = { + workspaces = true; + exit-mode = "return-query"; + enter_accept = true; + sync_address = "https://atuin.joshuabell.xyz"; + sync = { + records = true; + }; + }; + }; +} diff --git a/flakes/common/hm_modules/de_sway/default.nix b/flakes/common/hm_modules/de_sway/default.nix new file mode 100644 index 0000000..09539e5 --- /dev/null +++ b/flakes/common/hm_modules/de_sway/default.nix @@ -0,0 +1,12 @@ +{ ... }: +{ + imports = [ + ./theme.nix + ./sway.nix + ./waybar.nix + ./wofi.nix + ./swaync.nix + ./swaylock.nix + ./polkit.nix + ]; +} diff --git a/flakes/common/hm_modules/de_sway/polkit.nix b/flakes/common/hm_modules/de_sway/polkit.nix new file mode 100644 index 0000000..785abb2 --- /dev/null +++ b/flakes/common/hm_modules/de_sway/polkit.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + services.polkit-gnome.enable = true; +} diff --git a/flakes/common/hm_modules/de_sway/sway.nix b/flakes/common/hm_modules/de_sway/sway.nix new file mode 100644 index 0000000..9854d05 --- /dev/null +++ b/flakes/common/hm_modules/de_sway/sway.nix @@ -0,0 +1,180 @@ +{ + config, + ... +}: + +{ + wayland.windowManager.sway = { + enable = true; + xwayland = true; + + systemd.enable = true; + + config = rec { + modifier = "Mod4"; # SUPER + terminal = "foot"; + menu = "wofi --show drun"; + + # Per-output workspace mapping (user can extend via extraOptions) + # Example (left as defaults): users can add `output HDMI-A-1 workspace 1,3,5` in extraOptions + + input = { + "type:keyboard" = { + xkb_layout = "us"; + xkb_options = "caps:escape"; + }; + "type:touchpad" = { + natural_scroll = "enabled"; + tap = "enabled"; + dwt = "enabled"; + }; + # Disable focus follows mouse to avoid accidental focus changes + # In Sway this behavior is controlled by focus_follows_mouse + }; + + focus = { + followMouse = "no"; + # onWindowActivation = "urgent"; # don't steal focus; mark urgent instead + }; + + gaps = { + inner = 2; + outer = 5; + smartGaps = false; + smartBorders = "on"; + }; + + colors = { + focused = { + background = "#444444"; + border = "#555555"; + childBorder = "#444444"; + indicator = "#595959"; + text = "#f1f1f1"; + }; + unfocused = { + background = "#222222"; + border = "#333333"; + childBorder = "#222222"; + indicator = "#292d2e"; + text = "#888888"; + }; + }; + + window = { + border = 1; + titlebar = false; + commands = [ + # Bitwarden chrome popup as floating example from Hyprland rules + { + criteria = { + app_id = "chrome-nngceckbapebfimnlniiiahkandclblb-Default"; + }; + command = "floating enable"; + } + { + criteria = { + app_id = "pavucontrol"; + }; + command = "floating enable, move position center, resize set 620 1200"; + } + { + criteria = { + class = "Google-chrome"; + window_role = "pop-up"; + }; + command = "floating enable, move position center, resize set 720 480"; + } + { + criteria = { + window_role = "pop-up"; + }; + command = "floating enable, move position center, resize set 640 420"; + } + { + criteria = { + window_role = "About"; + }; + command = "floating enable, move position center, resize set 640 420"; + } + ]; + }; + + # Keybindings mirroring Hyprland + keybindings = { + # Apps + "${modifier}+return" = "exec ${config.wayland.winfowManager.sway.config.terminal}"; + "${modifier}+space" = "exec pkill wofi || wofi --show drun"; + "${modifier}+q" = "kill"; + "${modifier}+shift+Escape" = "exit"; + "${modifier}+shift+q" = "exec swaylock"; + "${modifier}+f" = "floating toggle"; + + # Focus + "${modifier}+h" = "focus left"; + "${modifier}+l" = "focus right"; + "${modifier}+k" = "focus up"; + "${modifier}+j" = "focus down"; + + # Workspaces (numbers and vim-like mirror) + "${modifier}+1" = "workspace number 1"; + "${modifier}+n" = "workspace number 1"; + "${modifier}+2" = "workspace number 2"; + "${modifier}+m" = "workspace number 2"; + "${modifier}+3" = "workspace number 3"; + "${modifier}+comma" = "workspace number 3"; + "${modifier}+4" = "workspace number 4"; + "${modifier}+period" = "workspace number 4"; + "${modifier}+5" = "workspace number 5"; + "${modifier}+slash" = "workspace number 5"; + "${modifier}+6" = "workspace number 6"; + "${modifier}+7" = "workspace number 7"; + "${modifier}+8" = "workspace number 8"; + "${modifier}+9" = "workspace number 9"; + "${modifier}+0" = "workspace number 10"; + + # Move windows + "${modifier}+shift+h" = "move left"; + "${modifier}+shift+l" = "move right"; + "${modifier}+shift+k" = "move up"; + "${modifier}+shift+j" = "move down"; + "${modifier}+shift+1" = "move container to workspace number 1"; + "${modifier}+shift+n" = "move container to workspace number 1"; + "${modifier}+shift+2" = "move container to workspace number 2"; + "${modifier}+shift+m" = "move container to workspace number 2"; + "${modifier}+shift+3" = "move container to workspace number 3"; + "${modifier}+shift+comma" = "move container to workspace number 3"; + "${modifier}+shift+4" = "move container to workspace number 4"; + "${modifier}+shift+period" = "move container to workspace number 4"; + "${modifier}+shift+5" = "move container to workspace number 5"; + "${modifier}+shift+slash" = "move container to workspace number 5"; + "${modifier}+shift+6" = "move container to workspace number 6"; + "${modifier}+shift+7" = "move container to workspace number 7"; + "${modifier}+shift+8" = "move container to workspace number 8"; + "${modifier}+shift+9" = "move container to workspace number 9"; + "${modifier}+shift+0" = "move container to workspace number 10"; + + "${modifier}+left" = "resize shrink width 10 px or 10 ppt"; + "${modifier}+down" = "resize shrink height 10 px or 10 ppt"; + "${modifier}+up" = "resize grow height 10 px or 10 ppt"; + "${modifier}+right" = "resize grow width 10 px or 10 ppt"; + + # Mouse bindings (Mod + drag) + "${modifier}+button1" = "move"; + "${modifier}+button3" = "resize"; + + # Screenshot + "Print" = "exec grim -g \"$(slurp)\" - | wl-copy"; + }; + + bars = [ ]; # Use Waybar via Home Manager + startup = [ + { + command = "exec sh -c 'sleep 0.01; swaymsg workspace number 7 ; sleep 0.01; swaymsg workspace number 1'"; + } + # Waybar is managed by Home Manager systemd unit + # { command = "pgrep waybar >/dev/null || waybar"; } + ]; + }; + }; +} diff --git a/flakes/common/hm_modules/de_sway/swaylock.nix b/flakes/common/hm_modules/de_sway/swaylock.nix new file mode 100644 index 0000000..86243aa --- /dev/null +++ b/flakes/common/hm_modules/de_sway/swaylock.nix @@ -0,0 +1,15 @@ +{ ... }: +{ + programs.swaylock = { + enable = true; + settings = { + color = "#000000"; + indicator-caps-lock = true; + indicator-idle-visible = true; + indicator-radius = 100; + indicator-thickness = 10; + font = "JetBrainsMono Nerd Font Regular"; + font-size = 20; + }; + }; +} diff --git a/flakes/common/hm_modules/de_sway/swaync.nix b/flakes/common/hm_modules/de_sway/swaync.nix new file mode 100644 index 0000000..a60df5d --- /dev/null +++ b/flakes/common/hm_modules/de_sway/swaync.nix @@ -0,0 +1,100 @@ +{ ... }: +{ + services.swaync = { + enable = true; + settings = { + ignore = [ "com.spotify.Client" ]; + positionX = "right"; + positionY = "top"; + layer = "overlay"; + control-center-layer = "top"; + layer-shell = true; + cssPriority = "application"; + control-center-margin-top = 0; + control-center-margin-bottom = 0; + control-center-margin-right = 0; + control-center-margin-left = 0; + notification-2fa-action = true; + notification-inline-replies = false; + notification-icon-size = 64; + notification-body-image-height = 100; + notification-body-image-width = 200; + timeout = 10; + timeout-low = 5; + timeout-critical = 0; + control-center-width = 500; + control-center-height = 600; + notification-window-width = 500; + keyboard-shortcuts = true; + image-visibility = "when-available"; + transition-time = 200; + hide-on-clear = false; + hide-on-action = true; + script-fail-notify = true; + widgets = [ + "inhibitors" + "title" + "dnd" + "volume" + "backlight" + "mpris" + "buttons-grid#quick" + "notifications" + ]; + widget-config = { + inhibitors = { + text = "Inhibitors"; + button-text = "Clear All"; + clear-all-button = true; + }; + title = { + text = "Notifications"; + clear-all-button = true; + button-text = "Clear All"; + }; + dnd.text = "Do Not Disturb"; + mpris = { + image-size = 96; + image-radius = 12; + }; + volume = { + label = "󰕾"; + show-per-app = true; + }; + backlight = { + label = "󰃟"; + device = "intel_backlight"; + }; + # "buttons-grid#quick" = { + # columns = 4; + # icon-size = 20; + # actions = [ + # { label = "󰐥"; tooltip = "Shutdown"; command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; } + # { label = "󰜉"; tooltip = "Reboot"; command = "confirm-action 'systemctl reboot' 'Reboot?'"; } + # { label = "󰍃"; tooltip = "Logout"; command = "confirm-action 'swaymsg exit' 'Logout?'"; } + # ]; + # }; + }; + }; + style = '' + .control-center { background: #1a1b26; border: 2px solid #7dcae4; border-radius: 12px; } + .control-center-list { background: transparent; } + .control-center .notification-row:focus, .control-center .notification-row:hover { opacity: 1; background: #24283b; } + .notification { border-radius: 8px; margin: 6px 12px; box-shadow: 0 0 0 1px rgba(125,196,228,.3), 0 1px 3px 1px rgba(0,0,0,.7), 0 2px 6px 2px rgba(0,0,0,.3); padding: 0; } + .widget-title { margin: 8px; font-size: 1.5rem; color: #c0caf5; } + .widget-dnd { margin: 8px; font-size: 1.1rem; color: #c0caf5; } + .widget-dnd > switch { font-size: initial; border-radius: 8px; background: #414868; border: 1px solid #7dcae4; } + .widget-dnd > switch:checked { background: #7dcae4; } + .widget-mpris { color: #c0caf5; background: #24283b; padding: 8px; margin: 8px; border-radius: 8px; } + .widget-mpris-player { padding: 8px; margin: 8px; } + .widget-mpris-title { font-weight: bold; font-size: 1.25rem; } + .widget-mpris-subtitle { font-size: 1.1rem; color: #9ece6a; } + .widget-volume, .widget-backlight, .widget-menubar { background: #24283b; padding: 8px; margin: 8px; border-radius: 8px; color: #c0caf5; } + .widget-menubar .menu-item button { background: #1f2335; color: #c0caf5; border-radius: 8px; padding: 6px 10px; margin: 4px; border: 1px solid #2e3440; font-family: "JetBrainsMonoNL Nerd Font"; } + .widget-menubar .menu-item button:hover { background: #414868; border-color: #7dcae4; } + .topbar-buttons button { border: none; background: transparent; color: #c0caf5; font-size: 1.1rem; border-radius: 8px; margin: 0 4px; padding: 8px; } + .topbar-buttons button:hover { background: #414868; } + .topbar-buttons button:active { background: #7dcae4; color: #1a1b26; } + ''; + }; +} diff --git a/flakes/common/hm_modules/de_sway/theme.nix b/flakes/common/hm_modules/de_sway/theme.nix new file mode 100644 index 0000000..5a3fbf7 --- /dev/null +++ b/flakes/common/hm_modules/de_sway/theme.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }: +{ + home.pointerCursor = { + gtk.enable = true; + package = pkgs.bibata-cursors; + name = "Bibata-Modern-Classic"; + size = 16; + }; + gtk = { + enable = true; + theme = { package = pkgs.flat-remix-gtk; name = "Flat-Remix-GTK-Grey-Darkest"; }; + iconTheme = { package = pkgs.adwaita-icon-theme; name = "Adwaita"; }; + font = { name = "Sans"; size = 11; }; + }; +} diff --git a/flakes/common/hm_modules/de_sway/waybar.nix b/flakes/common/hm_modules/de_sway/waybar.nix new file mode 100644 index 0000000..cf2afff --- /dev/null +++ b/flakes/common/hm_modules/de_sway/waybar.nix @@ -0,0 +1,246 @@ +{ ... }: +{ + programs.waybar = { + enable = true; + systemd.enable = true; + settings = { + mainBar = { + layer = "top"; + position = "top"; + height = 28; + spacing = 6; + margin-top = 0; + margin-bottom = 0; + margin-left = 10; + margin-right = 10; + + modules-left = [ + "sway/workspaces" + ]; + modules-center = [ + "clock" + "temperature" + "cpu" + "memory" + "disk" + ]; + modules-right = [ + "battery" + "battery#bat2" + "pulseaudio" + "network" + "bluetooth" + "power-profiles-daemon" + "backlight" + "custom/notifications" + "sway/language" + "tray" + "custom/power" + ]; + + "sway/workspaces" = { + format = "{icon}"; + format-icons = { + "1" = "一"; + "2" = "二"; + "3" = "三"; + "4" = "四"; + "5" = "五"; + "6" = "六"; + "7" = "七"; + "8" = "八"; + "9" = "九"; + "10" = "十"; + "11" = "十一"; + "12" = "十二"; + "13" = "十三"; + "14" = "十四"; + "15" = "十五"; + "16" = "十六"; + "17" = "十七"; + "18" = "十八"; + "19" = "十九"; + "20" = "二十"; + }; + disable-scroll = false; + }; + + # CENTER + clock = { + format = "{:%b %d, %H:%M}"; + tooltip-format = "{:%Y %B}\n{calendar}"; + }; + + temperature = { + thermal-zone = 2; + hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + format-critical = "󰔏 {temperatureC}°C"; + format = "󰔏 {temperatureC}°C"; + }; + + cpu = { + format = "󰻠 {usage}%"; + tooltip = true; + on-click = "btop"; + }; + + memory = { + format = "󰍛 {}%"; + on-click = "btop"; + }; + + disk = { + interval = 30; + format = "󰋊 {percentage_used}%"; + path = "/"; + on-click = "btop"; + }; + + # RIGHT + "battery" = { + "states" = { + # "good"= 95; + "warning" = 30; + "critical" = 15; + }; + "format" = "{capacity}% {icon}"; + "format-full" = "{capacity}% {icon}"; + "format-charging" = "{capacity}% "; + "format-plugged" = "{capacity}% "; + "format-alt" = "{time} {icon}"; + # "format-good"= ""; // An empty format will hide the module + # "format-full"= ""; + "format-icons" = [ + "" + "" + "" + "" + "" + ]; + }; + "battery#bat2" = { + "bat" = "BAT2"; + }; + + pulseaudio = { + format = "{icon} {volume}%"; + format-bluetooth = "󰂰 {volume}%"; + format-bluetooth-muted = "󰂲 "; + format-muted = "󰖁 "; + format-source = "󰍬 {volume}%"; + format-source-muted = "󰍭 "; + format-icons = { + headphone = "󰋋"; + hands-free = "󰂑"; + headset = "󰂑"; + phone = "󰏲"; + portable = "󰦧"; + car = "󰄋"; + default = [ + "󰕿" + "󰖀" + "󰕾" + ]; + }; + scroll-step = 5; + on-click = "pavucontrol"; + on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + }; + + network = { + format-wifi = "󰤨 {essid} ({signalStrength}%)"; + format-ethernet = "󰈀 {ipaddr}/{cidr}"; + tooltip-format = "{ifname} via {gwaddr} "; + format-linked = "󰈀 {ifname} (No IP)"; + format-disconnected = "󰖪 Disconnected"; + # on-click = "wofi-wifi-menu"; + # on-click-right = "nmcli radio wifi toggle"; + }; + + bluetooth = { + format = "󰂯 {status}"; + format-connected = "󰂱 {device_alias}"; + format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + # on-click = "wofi-bluetooth-menu"; + # on-click-right = "bluetoothctl power toggle"; + }; + + "power-profiles-daemon" = { + format = "{icon}"; + "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; + tooltip = true; + "format-icons" = { + default = ""; + performance = ""; + balanced = ""; + "power-saver" = ""; + }; + }; + + backlight = { + format = "{percent}% {icon}"; + "format-icons" = [ + "" + "" + "" + "" + "" + "" + "" + "" + "" + ]; + }; + + "custom/notifications" = { + format = "{icon} {}"; + format-icons = { + notification = ""; + none = ""; + dnd-notification = "󰂛"; + dnd-none = "󰂛"; + inhibited-notification = ""; + inhibited-none = ""; + dnd-inhibited-notification = "󰂛"; + dnd-inhibited-none = "󰂛"; + }; + return-type = "json"; + exec-if = "which swaync-client"; + exec = "swaync-client -swb"; + on-click = "swaync-client -t -sw"; + on-click-right = "swaync-client -d -sw"; + escape = true; + tooltip = false; + }; + + "sway/language" = { + format = "{}"; + }; + + "tray" = { + "spacing" = 10; + }; + + "custom/power" = { + format = "⏻ "; + tooltip = false; + menu = "on-click"; + "menu-file" = ./waybar/power_menu.xml; + "menu-actions" = { + shutdown = "shutdown 0"; + reboot = "reboot"; + logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; + }; + }; + + }; + }; + + style = builtins.readFile ./waybar/waybar.css; + }; +} diff --git a/flakes/common/hm_modules/de_sway/waybar/power_menu.xml b/flakes/common/hm_modules/de_sway/waybar/power_menu.xml new file mode 100644 index 0000000..a061b18 --- /dev/null +++ b/flakes/common/hm_modules/de_sway/waybar/power_menu.xml @@ -0,0 +1,26 @@ + + + + + + Logout + + + + + + + + Reboot + + + + + + + + Shutdown + + + + diff --git a/flakes/common/hm_modules/de_sway/waybar/waybar.css b/flakes/common/hm_modules/de_sway/waybar/waybar.css new file mode 100644 index 0000000..efeba06 --- /dev/null +++ b/flakes/common/hm_modules/de_sway/waybar/waybar.css @@ -0,0 +1,101 @@ +* { + /* `otf-font-awesome` is required to be installed for icons */ + font-family: "JetBrainsMonoNL Nerd Font", FontAwesome, Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + border: none; + border-radius: 0; + min-height: 0; + color: #f1f1f1; +} + +window#waybar { + background: transparent; +} + +#workspaces button.focused { + background-color: rgba(220, 220, 220, 0.2); +} + +#workspaces button.urgent { + background-color: rgba(214, 82, 82, 0.3); +} + +button, +#clock, +#battery, +#cpu, +#memory, +#disk, +#temperature, +#backlight, +#network, +#pulseaudio, +#wireplumber, +#custom-media, +#custom-notifications, +#custom-power, +#tray, +#mode, +#idle_inhibitor, +#scratchpad, +#power-profiles-daemon, +#bluetooth, +#language, +#mpd { + padding: 0 5px; + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.1); + border-radius: 6px; +} + + +button:hover, +#clock:hover, +#battery:hover, +#cpu:hover, +#memory:hover, +#disk:hover, +#temperature:hover, +#backlight:hover, +#network:hover, +#pulseaudio:hover, +#wireplumber:hover, +#custom-media:hover, +#custom-notifications:hover, +#tray:hover, +#mode:hover, +#idle_inhibitor:hover, +#scratchpad:hover, +#power-profiles-daemon:hover, +#bluetooth:hover, +#language:hover, +#mpd:hover { + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.2); + border-radius: 6px; +} + +#power-profiles-daemon { + padding-right: 15px; +} + +#power-profiles-daemon.performance { + color: #fff7d6; +} + +#power-profiles-daemon.balanced { + color: #d6efff; +} + +#power-profiles-daemon.power-saver { + color:#dcffd6; +} + +#tray>.passive { + -gtk-icon-effect: dim; +} + +#tray>.needs-attention { + -gtk-icon-effect: highlight; + background-color: #eb4d4b; +} diff --git a/flakes/common/hm_modules/de_sway/wofi.nix b/flakes/common/hm_modules/de_sway/wofi.nix new file mode 100644 index 0000000..8c0ba40 --- /dev/null +++ b/flakes/common/hm_modules/de_sway/wofi.nix @@ -0,0 +1,23 @@ +{ ... }: +{ + programs.wofi = { + enable = true; + settings = { + width = 500; + height = 600; + location = "bottom"; + show = "drun"; + prompt = "..."; + filter_rate = 100; + allow_markup = true; + no_actions = true; + halign = "fill"; + orientation = "vertical"; + content_halign = "fill"; + insensitive = true; + allow_images = true; + image_size = 40; + gtk_dark = true; + }; + }; +} diff --git a/flakes/common/hm_modules/direnv.nix b/flakes/common/hm_modules/direnv.nix new file mode 100644 index 0000000..b36ce49 --- /dev/null +++ b/flakes/common/hm_modules/direnv.nix @@ -0,0 +1,23 @@ +{ ... }: +{ + programs.direnv = { + enable = true; + enableZshIntegration = true; + nix-direnv.enable = true; + config = { + nix-direnv = true; + global = { + strict_env = true; + load_dotenv = true; + hide_env_diff = true; + }; + whitelist = { + prefix = [ + "~/projects" + "~/.config" + "~/.local/share/git_worktrees/" + ]; + }; + }; + }; +} diff --git a/flakes/common/hm_modules/foot.nix b/flakes/common/hm_modules/foot.nix new file mode 100644 index 0000000..d52af61 --- /dev/null +++ b/flakes/common/hm_modules/foot.nix @@ -0,0 +1,47 @@ +{ ... }: +{ + programs.foot = { + enable = true; + + # This renders to ~/.config/foot/foot.ini + settings = { + main = { + # Use the same font and size as your Kitty config + font = "JetBrainsMonoNL Nerd Font:size=12"; + + # Initial window size in character cells (Kitty used 160c x 55c) + "initial-window-size-chars" = "160x55"; + }; + + colors = { + # Background opacity (1.0 = opaque) + alpha = "0.94"; + + # Foreground/background + foreground = "e0e0e0"; + background = "262626"; + + # 16-color palette + # normal (0–7) + regular0 = "1f1f1f"; # black + regular1 = "f38ba8"; # red + regular2 = "a6e3a1"; # green + regular3 = "f9e2af"; # yellow + regular4 = "89b4fa"; # blue + regular5 = "cba6f7"; # magenta + regular6 = "89dceb"; # cyan + regular7 = "e0e0e0"; # white + + # bright (8–15) + bright0 = "565656"; # bright black + bright1 = "f38ba8"; # bright red + bright2 = "a6e3a1"; # bright green + bright3 = "f9e2af"; # bright yellow + bright4 = "89b4fa"; # bright blue + bright5 = "cba6f7"; # bright magenta + bright6 = "89dceb"; # bright cyan + bright7 = "ffffff"; # bright white + }; + }; + }; +} diff --git a/flakes/common/hm_modules/git.nix b/flakes/common/hm_modules/git.nix new file mode 100644 index 0000000..34e6d18 --- /dev/null +++ b/flakes/common/hm_modules/git.nix @@ -0,0 +1,67 @@ +{ ... }: +{ + programs.git = { + enable = true; + # TODO make configurable + userEmail = "ringofstorms@gmail.com"; + userName = "RingOfStorms (Joshua Bell)"; + + extraConfig = { + core.pager = "bat"; + core.editor = "nano"; + + pull.rebase = false; + + init.defaultBranch = "main"; + + rerere.enabled = true; + }; + + difftastic = { + enable = true; + background = "dark"; + }; + + ignores = [ + # -------------- + # Intellij + # -------------- + "*.iml" + # -------------- + # MAC OS + # -------------- + ".DS_Store" + ".AppleDouble" + ".LSOverride" + # Icon must end with two \r + "Icon" + # Thumbnails + "._*" + # Files that might appear in the root of a volume + ".DocumentRevisions-V100" + ".fseventsd" + ".Spotlight-V100" + ".TemporaryItems" + ".Trashes" + ".VolumeIcon.icns" + ".com.apple.timemachine.donotpresent" + + # Directories potentially created on remote AFP share + ".AppleDB" + ".AppleDesktop" + "Network Trash Folder" + "Temporary Items" + ".apdisk" + + # direnv things + ".direnv" + + # local only files + "*.local" + + # AI tooling + ".aider*" + "aider" + ]; + }; +} diff --git a/flakes/common/hm_modules/kitty.nix b/flakes/common/hm_modules/kitty.nix new file mode 100644 index 0000000..236c6ef --- /dev/null +++ b/flakes/common/hm_modules/kitty.nix @@ -0,0 +1,56 @@ +{ ... }: +{ + # Enable Kitty terminal + programs.kitty = { + enable = true; + + settings = { + # Window settings + background_opacity = 1.0; + os_window_class = "kitty"; + remember_window_size = false; + placement_strategy = "center"; + initial_window_width = "160c"; + initial_window_height = "55c"; + + # Remove window borders + hide_window_decorations = "titlebar-only"; + tab_title_template = "none"; + active_tab_title_template = "none"; + draw_minimal_borders = "yes"; + window_border_width = "0.1pt"; + + # Colors (Catppuccin Coal) + foreground = "#e0e0e0"; + background = "#262626"; + color0 = "#1f1f1f"; + color1 = "#f38ba8"; + color2 = "#a6e3a1"; + color3 = "#f9e2af"; + color4 = "#89b4fa"; + color5 = "#cba6f7"; + color6 = "#89dceb"; + color7 = "#e0e0e0"; + color8 = "#565656"; + color9 = "#f38ba8"; + color10 = "#a6e3a1"; + color11 = "#f9e2af"; + color12 = "#89b4fa"; + color13 = "#cba6f7"; + color14 = "#89dceb"; + color15 = "#ffffff"; + + # Font settings + font_family = "JetBrainsMonoNL Nerd Font"; + font_size = 12.0; + bold_font = "auto"; + italic_font = "auto"; + italic_bold_font = "auto"; + }; + + # If you want to include extra configuration this way instead of through the main `settings` attribute + extraConfig = '' + # You can add additional config here if needed + ''; + }; +} diff --git a/flakes/common/hm_modules/launcher_rofi.nix b/flakes/common/hm_modules/launcher_rofi.nix new file mode 100644 index 0000000..353b29e --- /dev/null +++ b/flakes/common/hm_modules/launcher_rofi.nix @@ -0,0 +1,18 @@ +{ + pkgs, + ... +}: +{ + programs.rofi = { + enable = true; + plugins = with pkgs; [ rofi-calc ]; + extraConfig = { + modi = "drun,run,ssh,window,calc"; + terminal = "alacritty"; + }; + theme = "glue_pro_blue"; + }; + programs.wofi = { + enable = true; + }; +} diff --git a/flakes/common/hm_modules/postgres_cli_options.nix b/flakes/common/hm_modules/postgres_cli_options.nix new file mode 100644 index 0000000..053099b --- /dev/null +++ b/flakes/common/hm_modules/postgres_cli_options.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + home.file.".psqlrc".text = '' + \pset pager off + ''; +} + diff --git a/flakes/common/hm_modules/slicer.nix b/flakes/common/hm_modules/slicer.nix new file mode 100644 index 0000000..4361d5a --- /dev/null +++ b/flakes/common/hm_modules/slicer.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: +let + orca-slicer-fix = pkgs.stdenv.mkDerivation { + name = "orca-slicer"; + buildInputs = [ pkgs.makeWrapper ]; + unpackPhase = "true"; + buildPhase = '' + mkdir -p $out/bin + makeWrapper ${pkgs.orca-slicer}/bin/orca-slicer $out/bin/orca-slicer \ + --set WEBKIT_DISABLE_DMABUF_RENDERER 1 + ''; + + installPhase = '' + mkdir -p $out/share/applications + cat > $out/share/applications/orca-slicer.desktop </dev/null || waybar" ]; + + # Default monitor configuration + monitor = "monitor = , preferred, auto, 1"; + + windowrulev2 = [ + # Bitwarden password manager popup for chrome, always float it + "float, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" + "center, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" + "size 720 600, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" + ]; + + # Input configuration + input = { + kb_layout = "us"; + kb_options = "caps:escape"; + + follow_mouse = 2; + touchpad = { + natural_scroll = true; + disable_while_typing = true; + }; + }; + + # General settings + general = { + gaps_in = 2; + gaps_out = 4; + border_size = 1; + "col.active_border" = "rgba(797979aa)"; + "col.inactive_border" = "rgba(393939aa)"; + layout = "dwindle"; + }; + + # Decoration + decoration = { + rounding = 4; + blur.enabled = false; + }; + + # Animations + animations = { + enabled = false; + }; + + # Layout + dwindle = { + pseudotile = true; + preserve_split = true; + }; + + # Misc + misc = { + force_default_wallpaper = 0; + disable_hyprland_logo = true; + disable_splash_rendering = true; + }; + + # Key bindings + "$mainMod" = "SUPER"; + + bind = [ + # Applications + "$mainMod, Return, exec, ${cfg.terminalCommand}" + "$mainMod, Space, exec, pkill wofi || wofi --show drun" + "$mainMod, q, killactive" + "$mainMod SHIFT, escape, exit" + "$mainMod SHIFT, q, exec, swaylock" + "$mainMod, f, togglefloating" + "$mainMod SHIFT, F, fullscreen" + "$mainMod, g, pseudo" + "$mainMod, t, togglesplit" + + # Move focus with mainMod + hjkl + "$mainMod, h, movefocus, l" + "$mainMod, l, movefocus, r" + "$mainMod, k, movefocus, u" + "$mainMod, j, movefocus, d" + + # Switch workspaces with mainMod + [0-9] + "$mainMod, 1, workspace, 1" + "$mainMod, n, workspace, 1" + "$mainMod, 2, workspace, 2" + "$mainMod, m, workspace, 2" + "$mainMod, 3, workspace, 3" + "$mainMod, comma, workspace, 3" + "$mainMod, 4, workspace, 4" + "$mainMod, period, workspace, 4" + "$mainMod, 5, workspace, 5" + "$mainMod, slash, workspace, 5" + "$mainMod, 6, workspace, 6" + "$mainMod, 7, workspace, 7" + "$mainMod, 8, workspace, 8" + "$mainMod, 9, workspace, 9" + "$mainMod, 0, workspace, 10" + + # Window management (similar to your GNOME setup) + "$mainMod SHIFT, h, movewindow, l" + "$mainMod SHIFT, l, movewindow, r" + "$mainMod SHIFT, k, movewindow, u" + "$mainMod SHIFT, j, movewindow, d" + "$mainMod SHIFT, 1, movetoworkspacesilent, 1" + "$mainMod SHIFT, n, movetoworkspacesilent, 1" + "$mainMod SHIFT, 2, movetoworkspacesilent, 2" + "$mainMod SHIFT, m, movetoworkspacesilent, 2" + "$mainMod SHIFT, 3, movetoworkspacesilent, 3" + "$mainMod SHIFT, comma, movetoworkspacesilent, 3" + "$mainMod SHIFT, 4, movetoworkspacesilent, 4" + "$mainMod SHIFT, period, movetoworkspacesilent, 4" + "$mainMod SHIFT, 5, movetoworkspacesilent, 5" + "$mainMod SHIFT, slash, movetoworkspacesilent, 5" + "$mainMod SHIFT, 6, movetoworkspacesilent, 6" + "$mainMod SHIFT, 7, movetoworkspacesilent, 7" + "$mainMod SHIFT, 8, movetoworkspacesilent, 8" + "$mainMod SHIFT, 9, movetoworkspacesilent, 9" + "$mainMod SHIFT, 0, movetoworkspacesilent, 10" + + # Screenshots + ", Print, exec, grimblast copy area" + ]; + + bindr = [ + # overview + # "$mainMod, SUPER_L, overview:toggle" $ hyprspace plugin + "$mainMod SHIFT, R, exec, systemctl --user restart hyprpanel.service" + ]; + + binde = [ + # Move between workspaces + # "$mainMod, n, workspace, r+1" + # "$mainMod, p, workspace, r-1" + + # Resize windows + "$mainMod CTRL, h, resizeactive, -40 0" + "$mainMod CTRL, l, resizeactive, 40 0" + "$mainMod CTRL, k, resizeactive, 0 -20" + "$mainMod CTRL, j, resizeactive, 0 20" + ]; + + # Mouse bindings + bindm = [ + "$mainMod, mouse:272, movewindow" + "$mainMod, mouse:273, resizewindow" + ]; + + } cfg.extraOptions; + }; +} diff --git a/flakes/hyprland/home_manager/hyprpaper.nix b/flakes/hyprland/home_manager/hyprpaper.nix new file mode 100644 index 0000000..06d6820 --- /dev/null +++ b/flakes/hyprland/home_manager/hyprpaper.nix @@ -0,0 +1,22 @@ +{ + osConfig, + lib, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = { + services.hyprpaper = { + enable = true; + settings = cfg.hyprpaperSettings; + }; + }; +} diff --git a/flakes/hyprland/home_manager/hyprpolkitagent.nix b/flakes/hyprland/home_manager/hyprpolkitagent.nix new file mode 100644 index 0000000..dc68933 --- /dev/null +++ b/flakes/hyprland/home_manager/hyprpolkitagent.nix @@ -0,0 +1,8 @@ +{ + ... +}: +{ + services.hyprpolkitagent = { + enable = true; + }; +} diff --git a/flakes/hyprland/home_manager/quickshell.nix b/flakes/hyprland/home_manager/quickshell.nix new file mode 100644 index 0000000..2f5032c --- /dev/null +++ b/flakes/hyprland/home_manager/quickshell.nix @@ -0,0 +1,93 @@ +{ + osConfig, + lib, + pkgs, + upkgs, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + home.packages = with pkgs; [ + upkgs.quickshell + pulseaudio + brightnessctl + networkmanager + bluez + bluez-tools + power-profiles-daemon + upower + systemd + hyprlock + ]; + + # Ensure CLI quickshell can resolve modules when not using --config-path + home.sessionVariables = { + QML_IMPORT_PATH = "$HOME/.config/quickshell"; + QML2_IMPORT_PATH = "$HOME/.config/quickshell"; + }; + + # install config files + home.file = { + ".config/quickshell/shell.qml".source = ./quickshell/shell.qml; + ".config/quickshell/panels/TopBar.qml".source = ./quickshell/panels/TopBar.qml; + ".config/quickshell/notifications/NotificationServer.qml".source = + ./quickshell/notifications/NotificationServer.qml; + ".config/quickshell/notifications/NotificationPopup.qml".source = + ./quickshell/notifications/NotificationPopup.qml; + ".config/quickshell/notifications/NotificationCenter.qml".source = + ./quickshell/notifications/NotificationCenter.qml; + ".config/quickshell/widgets/status/Workspaces.qml".source = + ./quickshell/widgets/status/Workspaces.qml; + ".config/quickshell/widgets/status/Clock.qml".source = ./quickshell/widgets/status/Clock.qml; + ".config/quickshell/widgets/status/SystemTrayWidget.qml".source = + ./quickshell/widgets/status/SystemTrayWidget.qml; + ".config/quickshell/widgets/status/Battery.qml".source = ./quickshell/widgets/status/Battery.qml; + ".config/quickshell/widgets/controls/QuickSettings.qml".source = + ./quickshell/widgets/controls/QuickSettings.qml; + ".config/quickshell/widgets/controls/Audio.qml".source = ./quickshell/widgets/controls/Audio.qml; + ".config/quickshell/widgets/controls/Network.qml".source = + ./quickshell/widgets/controls/Network.qml; + ".config/quickshell/widgets/controls/Bluetooth.qml".source = + ./quickshell/widgets/controls/Bluetooth.qml; + ".config/quickshell/widgets/controls/Brightness.qml".source = + ./quickshell/widgets/controls/Brightness.qml; + ".config/quickshell/widgets/controls/PowerProfilesWidget.qml".source = + ./quickshell/widgets/controls/PowerProfilesWidget.qml; + ".config/quickshell/panels/qmldir".source = ./quickshell/panels/qmldir; + ".config/quickshell/notifications/qmldir".source = ./quickshell/notifications/qmldir; + ".config/quickshell/widgets/status/qmldir".source = ./quickshell/widgets/status/qmldir; + ".config/quickshell/widgets/controls/qmldir".source = ./quickshell/widgets/controls/qmldir; + # optional: .qmlls.ini should be gitignored; create empty to enable LSP + ".config/quickshell/.qmlls.ini".text = ""; + }; + + systemd.user.services.quickshell = { + Unit = { + Description = "Quickshell Desktop Shell"; + PartOf = [ "graphical-session.target" ]; + After = [ "graphical-session.target" ]; + }; + Service = { + ExecStart = "${upkgs.quickshell}/bin/quickshell --config-path %h/.config/quickshell"; + Restart = "on-failure"; + RestartSec = 2; + Environment = [ + "QML_IMPORT_PATH=%h/.config/quickshell" + "QT_QPA_PLATFORM=wayland" + # Ensure we find icons + "XDG_CURRENT_DESKTOP=quickshell" + ]; + }; + Install = { + WantedBy = [ "graphical-session.target" ]; + }; + }; +} diff --git a/flakes/hyprland/home_manager/scripts.nix b/flakes/hyprland/home_manager/scripts.nix new file mode 100644 index 0000000..6c3d1c5 --- /dev/null +++ b/flakes/hyprland/home_manager/scripts.nix @@ -0,0 +1,10 @@ +{ pkgs, ... }: +{ + home.packages = with pkgs; [ + (writeShellScriptBin "toggle-airplane-mode" (builtins.readFile ./scripts/toggle-airplane-mode.sh)) + (writeShellScriptBin "toggle-power-profile" (builtins.readFile ./scripts/toggle-power-profile.sh)) + (writeShellScriptBin "wofi-wifi-menu" (builtins.readFile ./scripts/wofi-wifi-menu.sh)) + (writeShellScriptBin "wofi-bluetooth-menu" (builtins.readFile ./scripts/wofi-bluetooth-menu.sh)) + (writeShellScriptBin "confirm-action" (builtins.readFile ./scripts/confirm-action.sh)) + ]; +} diff --git a/flakes/hyprland/home_manager/scripts/confirm-action.sh b/flakes/hyprland/home_manager/scripts/confirm-action.sh new file mode 100755 index 0000000..5c30d11 --- /dev/null +++ b/flakes/hyprland/home_manager/scripts/confirm-action.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +COMMAND_TO_RUN="$1" +PROMPT_MESSAGE="$2" + +if [ -z "$PROMPT_MESSAGE" ]; then + PROMPT_MESSAGE="Are you sure?" +fi + +choice=$(echo -e "No\nYes" | wofi --dmenu --location center -p "$PROMPT_MESSAGE") + +if [ "$choice" == "Yes" ]; then + eval "$COMMAND_TO_RUN" +fi diff --git a/flakes/hyprland/home_manager/scripts/toggle-airplane-mode.sh b/flakes/hyprland/home_manager/scripts/toggle-airplane-mode.sh new file mode 100755 index 0000000..7a6636a --- /dev/null +++ b/flakes/hyprland/home_manager/scripts/toggle-airplane-mode.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +if [ "$(nmcli radio all)" = "enabled" ]; then + nmcli radio all off +else + nmcli radio all on +fi diff --git a/flakes/hyprland/home_manager/scripts/toggle-power-profile.sh b/flakes/hyprland/home_manager/scripts/toggle-power-profile.sh new file mode 100755 index 0000000..1d14395 --- /dev/null +++ b/flakes/hyprland/home_manager/scripts/toggle-power-profile.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +if [ "$(powerprofilesctl get)" = "performance" ]; then + powerprofilesctl set balanced +else + powerprofilesctl set performance +fi diff --git a/flakes/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh b/flakes/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh new file mode 100755 index 0000000..b7a05dc --- /dev/null +++ b/flakes/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +devices=$(bluetoothctl devices | awk '{print $2, $3}') + +if [ -z "$devices" ]; then + options="󰂲 Power On\n󰂬 Scan for devices" +else + options="$devices\n󰂲 Power Off\n󰂬 Scan for devices" +fi + +chosen=$(echo -e "$options" | wofi --dmenu --location 3 --yoffset 40 --xoffset -20 -p "Bluetooth") + +case "$chosen" in + "󰂲 Power On") bluetoothctl power on;; + "󰂲 Power Off") bluetoothctl power off;; + "󰂬 Scan for devices") bluetoothctl scan on;; + *) + mac=$(echo "$chosen" | awk '{print $1}') + bluetoothctl connect "$mac" + ;; +esac diff --git a/flakes/hyprland/home_manager/scripts/wofi-wifi-menu.sh b/flakes/hyprland/home_manager/scripts/wofi-wifi-menu.sh new file mode 100755 index 0000000..6e4dbbe --- /dev/null +++ b/flakes/hyprland/home_manager/scripts/wofi-wifi-menu.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# Get a list of available Wi-Fi networks +nets=$(nmcli --terse --fields SSID,SECURITY,BARS device wifi list | sed '/^--/d' | sed 's/\\:/__/g') + +# Get the current connection status +connected_ssid=$(nmcli -t -f active,ssid dev wifi | egrep '^yes' | cut -d: -f2) + +if [[ ! -z "$connected_ssid" ]]; then + toggle="󰖪 Toggle Wi-Fi Off" +else + toggle="󰖩 Toggle Wi-Fi On" +fi + +# Present the menu to the user +chosen_network=$(echo -e "$toggle\n$nets" | wofi --dmenu --location 3 --yoffset 40 --xoffset -20 -p "Wi-Fi Networks") + +# Perform an action based on the user's choice +if [ "$chosen_network" = "$toggle" ]; then + nmcli radio wifi $([ "$connected_ssid" = "" ] && echo "on" || echo "off") +elif [ ! -z "$chosen_network" ]; then + ssid=$(echo "$chosen_network" | sed 's/__/\\:/g' | awk -F' ' '{print $1}') + nmcli device wifi connect "$ssid" +fi diff --git a/flakes/hyprland/home_manager/swaylock.nix b/flakes/hyprland/home_manager/swaylock.nix new file mode 100644 index 0000000..06ebf13 --- /dev/null +++ b/flakes/hyprland/home_manager/swaylock.nix @@ -0,0 +1,17 @@ +{ + ... +}: +{ + programs.swaylock = { + enable = true; + settings = { + color = "#000000"; + indicator-caps-lock = true; + indicator-idle-visible = true; + indicator-radius = 100; + indicator-thickness = 10; + font = "JetBrainsMono Nerd Font Regular"; + font-size = 20; + }; + }; +} diff --git a/flakes/hyprland/home_manager/swaync.nix b/flakes/hyprland/home_manager/swaync.nix new file mode 100644 index 0000000..b26fa58 --- /dev/null +++ b/flakes/hyprland/home_manager/swaync.nix @@ -0,0 +1,251 @@ +{ + lib, + osConfig, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + "swaync" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = lib.mkIf cfg.enable { + services.swaync = { + enable = true; + settings = { + ignore = [ + "com.spotify.Client" + ]; + + positionX = "right"; + positionY = "top"; + layer = "overlay"; + control-center-layer = "top"; + layer-shell = true; + cssPriority = "application"; + + control-center-margin-top = 0; + control-center-margin-bottom = 0; + control-center-margin-right = 0; + control-center-margin-left = 0; + + notification-2fa-action = true; + notification-inline-replies = false; + notification-icon-size = 64; + notification-body-image-height = 100; + notification-body-image-width = 200; + + timeout = 10; + timeout-low = 5; + timeout-critical = 0; + + control-center-width = 500; + control-center-height = 600; + notification-window-width = 500; + + keyboard-shortcuts = true; + image-visibility = "when-available"; + transition-time = 200; + hide-on-clear = false; + hide-on-action = true; + script-fail-notify = true; + + widgets = [ + "inhibitors" + "title" + "dnd" + "volume" + "backlight" + "mpris" + "buttons-grid#quick" + "notifications" + ]; + + # Widget configurations + widget-config = { + inhibitors = { + text = "Inhibitors"; + button-text = "Clear All"; + clear-all-button = true; + }; + title = { + text = "Notifications"; + clear-all-button = true; + button-text = "Clear All"; + }; + dnd.text = "Do Not Disturb"; + mpris = { + image-size = 96; + image-radius = 12; + }; + volume = { + label = "󰕾"; + show-per-app = true; + }; + backlight = { + label = "󰃟"; + device = "intel_backlight"; + }; + "buttons-grid#quick" = { + columns = 4; # adjust: 3/4/5 + icon-size = 20; # tweak to taste + actions = [ + # Power + { + label = "󰐥"; + tooltip = "Shutdown"; + command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; + } + { + label = "󰜉"; + tooltip = "Reboot"; + command = "confirm-action 'systemctl reboot' 'Reboot?'"; + } + { + label = "󰍃"; + tooltip = "Logout"; + command = "confirm-action 'hyprctl dispatch exit' 'Logout?'"; + } + ]; + }; + }; + }; + + # Custom CSS for the control center + style = '' + .control-center { + background: #1a1b26; + border: 2px solid #7dcae4; + border-radius: 12px; + } + + .control-center-list { + background: transparent; + } + + .control-center .notification-row:focus, + .control-center .notification-row:hover { + opacity: 1; + background: #24283b; + } + + .notification { + border-radius: 8px; + margin: 6px 12px; + box-shadow: 0 0 0 1px rgba(125, 196, 228, 0.3), 0 1px 3px 1px rgba(0, 0, 0, 0.7), 0 2px 6px 2px rgba(0, 0, 0, 0.3); + padding: 0; + } + + /* Widget styling */ + .widget-title { + margin: 8px; + font-size: 1.5rem; + color: #c0caf5; + } + + .widget-dnd { + margin: 8px; + font-size: 1.1rem; + color: #c0caf5; + } + + .widget-dnd > switch { + font-size: initial; + border-radius: 8px; + background: #414868; + border: 1px solid #7dcae4; + } + + .widget-dnd > switch:checked { + background: #7dcae4; + } + + .widget-mpris { + color: #c0caf5; + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + } + + .widget-mpris-player { + padding: 8px; + margin: 8px; + } + + .widget-mpris-title { + font-weight: bold; + font-size: 1.25rem; + } + + .widget-mpris-subtitle { + font-size: 1.1rem; + color: #9ece6a; + } + + .widget-volume { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-backlight { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-menubar { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-menubar .menu-item button { + background: #1f2335; + color: #c0caf5; + border-radius: 8px; + padding: 6px 10px; + margin: 4px; + border: 1px solid #2e3440; + font-family: "JetBrainsMonoNL Nerd Font"; + } + + .widget-menubar .menu-item button:hover { + background: #414868; + border-color: #7dcae4; + } + + .topbar-buttons button { + border: none; + background: transparent; + color: #c0caf5; + font-size: 1.1rem; + border-radius: 8px; + margin: 0 4px; + padding: 8px; + } + + .topbar-buttons button:hover { + background: #414868; + } + + .topbar-buttons button:active { + background: #7dcae4; + color: #1a1b26; + } + ''; + }; + }; +} diff --git a/flakes/hyprland/home_manager/template.nix b/flakes/hyprland/home_manager/template.nix new file mode 100644 index 0000000..905d5e4 --- /dev/null +++ b/flakes/hyprland/home_manager/template.nix @@ -0,0 +1,18 @@ +{ + osConfig, + lib, + pkgs, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + +} diff --git a/flakes/hyprland/home_manager/theme.nix b/flakes/hyprland/home_manager/theme.nix new file mode 100644 index 0000000..c6045d0 --- /dev/null +++ b/flakes/hyprland/home_manager/theme.nix @@ -0,0 +1,32 @@ +{ + pkgs, + ... +}: +{ + home.pointerCursor = { + gtk.enable = true; + # x11.enable = true; + package = pkgs.bibata-cursors; + name = "Bibata-Modern-Classic"; + size = 16; + }; + # GTK theming + gtk = { + enable = true; + + theme = { + package = pkgs.flat-remix-gtk; + name = "Flat-Remix-GTK-Grey-Darkest"; + }; + + iconTheme = { + package = pkgs.adwaita-icon-theme; + name = "Adwaita"; + }; + + font = { + name = "Sans"; + size = 11; + }; + }; +} diff --git a/flakes/hyprland/home_manager/waybar.nix b/flakes/hyprland/home_manager/waybar.nix new file mode 100644 index 0000000..66f3349 --- /dev/null +++ b/flakes/hyprland/home_manager/waybar.nix @@ -0,0 +1,258 @@ +{ lib, osConfig, ... }: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + "waybar" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = lib.mkIf cfg.enable { + + programs.waybar = { + enable = true; + systemd.enable = true; + settings = { + mainBar = { + layer = "top"; + position = "top"; + height = 28; + spacing = 6; + margin-top = 0; + margin-bottom = 0; + margin-left = 10; + margin-right = 10; + + modules-left = [ + "hyprland/workspaces" + ]; + modules-center = [ + "clock" + "temperature" + "cpu" + "memory" + "disk" + ]; + modules-right = [ + "battery" + "battery#bat2" + "pulseaudio" + "network" + "bluetooth" + "power-profiles-daemon" + "backlight" + "custom/notifications" + "tray" + "custom/power" + ]; + + "hyprland/workspaces" = { + format = "{icon}"; + format-icons = { + "1" = "一"; + "2" = "二"; + "3" = "三"; + "4" = "四"; + "5" = "五"; + "6" = "六"; + "7" = "七"; + "8" = "八"; + "9" = "九"; + "10" = "十"; + "11" = "十一"; + "12" = "十二"; + "13" = "十三"; + "14" = "十四"; + "15" = "十五"; + "16" = "十六"; + "17" = "十七"; + "18" = "十八"; + "19" = "十九"; + "20" = "二十"; + }; + disable-scroll = false; + }; + + # CENTER + clock = { + format = "{:%b %d, %H:%M}"; + tooltip-format = "{:%Y %B}\n{calendar}"; + }; + + temperature = { + thermal-zone = 2; + hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + format-critical = "󰔏 {temperatureC}°C"; + format = "󰔏 {temperatureC}°C"; + }; + + cpu = { + format = "󰻠 {usage}%"; + tooltip = true; + on-click = "btop"; + }; + + memory = { + format = "󰍛 {}%"; + on-click = "btop"; + }; + + disk = { + interval = 30; + format = "󰋊 {percentage_used}%"; + path = "/"; + on-click = "btop"; + }; + + # RIGHT + "battery" = { + "states" = { + # "good"= 95; + "warning" = 30; + "critical" = 15; + }; + "format" = "{capacity}% {icon}"; + "format-full" = "{capacity}% {icon}"; + "format-charging" = "{capacity}% "; + "format-plugged" = "{capacity}% "; + "format-alt" = "{time} {icon}"; + # "format-good"= ""; // An empty format will hide the module + # "format-full"= ""; + "format-icons" = [ + "" + "" + "" + "" + "" + ]; + }; + "battery#bat2" = { + "bat" = "BAT2"; + }; + + pulseaudio = { + format = "{icon} {volume}%"; + format-bluetooth = "󰂰 {volume}%"; + format-bluetooth-muted = "󰂲 "; + format-muted = "󰖁 "; + format-source = "󰍬 {volume}%"; + format-source-muted = "󰍭 "; + format-icons = { + headphone = "󰋋"; + hands-free = "󰂑"; + headset = "󰂑"; + phone = "󰏲"; + portable = "󰦧"; + car = "󰄋"; + default = [ + "󰕿" + "󰖀" + "󰕾" + ]; + }; + scroll-step = 5; + on-click = "pavucontrol"; + on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + }; + + network = { + format-wifi = "󰤨 {essid} ({signalStrength}%)"; + format-ethernet = "󰈀 {ipaddr}/{cidr}"; + tooltip-format = "{ifname} via {gwaddr} "; + format-linked = "󰈀 {ifname} (No IP)"; + format-disconnected = "󰖪 Disconnected"; + # on-click = "wofi-wifi-menu"; + # on-click-right = "nmcli radio wifi toggle"; + }; + + bluetooth = { + format = "󰂯 {status}"; + format-connected = "󰂱 {device_alias}"; + format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + # on-click = "wofi-bluetooth-menu"; + # on-click-right = "bluetoothctl power toggle"; + }; + + "power-profiles-daemon" = { + format = "{icon}"; + "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; + tooltip = true; + "format-icons" = { + default = ""; + performance = ""; + balanced = ""; + "power-saver" = ""; + }; + }; + + backlight = { + format = "{percent}% {icon}"; + "format-icons" = [ + "" + "" + "" + "" + "" + "" + "" + "" + "" + ]; + }; + + "custom/notifications" = { + format = "{icon} {}"; + format-icons = { + notification = ""; + none = ""; + dnd-notification = "󰂛"; + dnd-none = "󰂛"; + inhibited-notification = ""; + inhibited-none = ""; + dnd-inhibited-notification = "󰂛"; + dnd-inhibited-none = "󰂛"; + }; + return-type = "json"; + exec-if = "which swaync-client"; + exec = "swaync-client -swb"; + on-click = "swaync-client -t -sw"; + on-click-right = "swaync-client -d -sw"; + escape = true; + tooltip = false; + }; + + "sway/language" = { + format = "{}"; + }; + + "tray" = { + "spacing" = 10; + }; + + "custom/power" = { + format = "⏻ "; + tooltip = false; + menu = "on-click"; + "menu-file" = ./waybar/power_menu.xml; + "menu-actions" = { + shutdown = "shutdown 0"; + reboot = "reboot"; + logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; + }; + }; + + }; + }; + + style = builtins.readFile ./waybar/waybar.css; + }; + }; +} diff --git a/flakes/hyprland/home_manager/waybar/power_menu.xml b/flakes/hyprland/home_manager/waybar/power_menu.xml new file mode 100644 index 0000000..a061b18 --- /dev/null +++ b/flakes/hyprland/home_manager/waybar/power_menu.xml @@ -0,0 +1,26 @@ + + + + + + Logout + + + + + + + + Reboot + + + + + + + + Shutdown + + + + diff --git a/flakes/hyprland/home_manager/waybar/waybar.css b/flakes/hyprland/home_manager/waybar/waybar.css new file mode 100644 index 0000000..6ed5a8c --- /dev/null +++ b/flakes/hyprland/home_manager/waybar/waybar.css @@ -0,0 +1,102 @@ +* { + /* `otf-font-awesome` is required to be installed for icons */ + font-family: "JetBrainsMonoNL Nerd Font", FontAwesome, Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + border: none; + border-radius: 0; + min-height: 0; + color: #f1f1f1; +} + +window#waybar { + background: transparent; +} + +#workspaces button.focused, +#workspaces button.active { + background-color: rgba(220, 220, 220, 0.2); +} + +#workspaces button.urgent { + background-color: rgba(214, 82, 82, 0.3); +} + +button, +#clock, +#battery, +#cpu, +#memory, +#disk, +#temperature, +#backlight, +#network, +#pulseaudio, +#wireplumber, +#custom-media, +#custom-notifications, +#custom-power, +#tray, +#mode, +#idle_inhibitor, +#scratchpad, +#power-profiles-daemon, +#bluetooth, +#language, +#mpd { + padding: 0 5px; + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.1); + border-radius: 6px; +} + + +button:hover, +#clock:hover, +#battery:hover, +#cpu:hover, +#memory:hover, +#disk:hover, +#temperature:hover, +#backlight:hover, +#network:hover, +#pulseaudio:hover, +#wireplumber:hover, +#custom-media:hover, +#custom-notifications:hover, +#tray:hover, +#mode:hover, +#idle_inhibitor:hover, +#scratchpad:hover, +#power-profiles-daemon:hover, +#bluetooth:hover, +#language:hover, +#mpd:hover { + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.2); + border-radius: 6px; +} + +#power-profiles-daemon { + padding-right: 15px; +} + +#power-profiles-daemon.performance { + color: #fff7d6; +} + +#power-profiles-daemon.balanced { + color: #d6efff; +} + +#power-profiles-daemon.power-saver { + color:#dcffd6; +} + +#tray>.passive { + -gtk-icon-effect: dim; +} + +#tray>.needs-attention { + -gtk-icon-effect: highlight; + background-color: #eb4d4b; +} diff --git a/flakes/hyprland/home_manager/wofi.nix b/flakes/hyprland/home_manager/wofi.nix new file mode 100644 index 0000000..f2df05b --- /dev/null +++ b/flakes/hyprland/home_manager/wofi.nix @@ -0,0 +1,26 @@ +{ + ... +}: +{ + programs.wofi = { + enable = true; + settings = { + width = 500; + height = 600; + location = "bottom"; + show = "drun"; + prompt = "..."; + filter_rate = 100; + allow_markup = true; + no_actions = true; + halign = "fill"; + orientation = "vertical"; + content_halign = "fill"; + insensitive = true; + allow_images = true; + image_size = 40; + gtk_dark = true; + }; + }; + +} diff --git a/flakes/secrets/flake.nix b/flakes/secrets/flake.nix new file mode 100644 index 0000000..a282f79 --- /dev/null +++ b/flakes/secrets/flake.nix @@ -0,0 +1,33 @@ +{ + inputs = { + ragenix.url = "github:yaxitech/ragenix"; + }; + + outputs = + { + ragenix, + ... + }: + { + nixosModules = { + default = + { + config, + lib, + pkgs, + ... + }: + { + imports = [ + ragenix.nixosModules.age + ./secrets + ]; + config = { + _module.args = { + inherit ragenix; + }; + }; + }; + }; + }; +} diff --git a/flakes/test b/flakes/test new file mode 100644 index 0000000..e69de29 diff --git a/hosts/lio/home_manager.nix b/hosts/lio/home_manager.nix new file mode 100644 index 0000000..f42762b --- /dev/null +++ b/hosts/lio/home_manager.nix @@ -0,0 +1,10 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: +{ + +} From 50825c9b84ef5a393e89535cfdf49b7a365d0d47 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 21 Oct 2025 22:12:23 -0500 Subject: [PATCH 065/109] refactoring to more granular flakes and modules --- flakes/common/hm_modules/tmux/default.nix | 5 - flakes/common/nix_modules/docker.nix | 17 ++ .../common/nix_modules/essentials/default.nix | 55 +++++ .../nix_modules/essentials/nixpkg.func.sh | 13 ++ .../nix_modules/essentials/unix_utils.func.sh | 65 ++++++ flakes/common/nix_modules/git/branch.func.sh | 213 ++++++++++++++++++ flakes/common/nix_modules/git/branchd.func.sh | 131 +++++++++++ flakes/common/nix_modules/git/default.nix | 32 +++ .../nix_modules/git/link_ignored.func.sh | 159 +++++++++++++ flakes/common/nix_modules/git/utils.func.sh | 133 +++++++++++ flakes/common/nix_modules/hardening.nix | 87 +++++++ flakes/common/nix_modules/jetbrains_font.nix | 33 +++ flakes/common/nix_modules/nix_options.nix | 62 +++++ flakes/common/nix_modules/no_sleep.nix | 11 + flakes/common/nix_modules/podman.nix | 11 + flakes/common/nix_modules/q_flipper.nix | 14 ++ .../common/nix_modules/remote_lio_builds.nix | 35 +++ flakes/common/nix_modules/tailnet.nix | 22 ++ flakes/common/nix_modules/timezone_auto.nix | 7 + flakes/common/nix_modules/tmux/default.nix | 19 ++ .../common/nix_modules/tmux/tmux_helpers.sh | 34 +++ flakes/common/nix_modules/tty_caps_esc.nix | 13 ++ flakes/common/nix_modules/uhk_agent.nix | 11 + flakes/common/nix_modules/zsh.nix | 9 + flakes/common/readme.md | 56 +++++ flakes/secrets/flake.nix | 55 ++++- flakes/secrets/github_read_token.age | 42 ++++ flakes/secrets/headscale_auth.age | 40 ++++ flakes/secrets/linode_rw_domains.age | 43 ++++ flakes/secrets/nix2bitbucket.age | 50 ++++ flakes/secrets/nix2gitforgejo.age | 49 ++++ flakes/secrets/nix2github.age | 49 ++++ flakes/secrets/nix2gitjosh.age | 50 ++++ flakes/secrets/nix2gpdPocket3.age | 50 ++++ flakes/secrets/nix2h001.age | 48 ++++ flakes/secrets/nix2h002.age | 48 ++++ flakes/secrets/nix2h003.age | 50 ++++ flakes/secrets/nix2joe.age | 49 ++++ flakes/secrets/nix2l002.age | 49 ++++ flakes/secrets/nix2linode.age | 49 ++++ flakes/secrets/nix2lio.age | 50 ++++ flakes/secrets/nix2nix.age | 51 +++++ flakes/secrets/nix2oracle.age | 49 ++++ flakes/secrets/nix2oren.age | 49 ++++ flakes/secrets/nix2t.age | 49 ++++ flakes/secrets/oauth2_proxy_key_file.age | 17 ++ flakes/secrets/obsidian_sync_env.age | 43 ++++ flakes/secrets/openwebui_env.age | 15 ++ flakes/secrets/secrets.nix | 138 ++++++++++++ flakes/secrets/us_chi_wg.age | 46 ++++ flakes/secrets/vaultwarden_env.age | 20 ++ flakes/secrets/zitadel_master_key.age | 15 ++ 52 files changed, 2501 insertions(+), 9 deletions(-) create mode 100644 flakes/common/nix_modules/docker.nix create mode 100644 flakes/common/nix_modules/essentials/default.nix create mode 100644 flakes/common/nix_modules/essentials/nixpkg.func.sh create mode 100644 flakes/common/nix_modules/essentials/unix_utils.func.sh create mode 100644 flakes/common/nix_modules/git/branch.func.sh create mode 100644 flakes/common/nix_modules/git/branchd.func.sh create mode 100644 flakes/common/nix_modules/git/default.nix create mode 100644 flakes/common/nix_modules/git/link_ignored.func.sh create mode 100644 flakes/common/nix_modules/git/utils.func.sh create mode 100644 flakes/common/nix_modules/hardening.nix create mode 100644 flakes/common/nix_modules/jetbrains_font.nix create mode 100644 flakes/common/nix_modules/nix_options.nix create mode 100644 flakes/common/nix_modules/no_sleep.nix create mode 100644 flakes/common/nix_modules/podman.nix create mode 100644 flakes/common/nix_modules/q_flipper.nix create mode 100644 flakes/common/nix_modules/remote_lio_builds.nix create mode 100644 flakes/common/nix_modules/tailnet.nix create mode 100644 flakes/common/nix_modules/timezone_auto.nix create mode 100644 flakes/common/nix_modules/tmux/default.nix create mode 100644 flakes/common/nix_modules/tmux/tmux_helpers.sh create mode 100644 flakes/common/nix_modules/tty_caps_esc.nix create mode 100644 flakes/common/nix_modules/uhk_agent.nix create mode 100644 flakes/common/nix_modules/zsh.nix create mode 100644 flakes/common/readme.md create mode 100644 flakes/secrets/github_read_token.age create mode 100644 flakes/secrets/headscale_auth.age create mode 100644 flakes/secrets/linode_rw_domains.age create mode 100644 flakes/secrets/nix2bitbucket.age create mode 100644 flakes/secrets/nix2gitforgejo.age create mode 100644 flakes/secrets/nix2github.age create mode 100644 flakes/secrets/nix2gitjosh.age create mode 100644 flakes/secrets/nix2gpdPocket3.age create mode 100644 flakes/secrets/nix2h001.age create mode 100644 flakes/secrets/nix2h002.age create mode 100644 flakes/secrets/nix2h003.age create mode 100644 flakes/secrets/nix2joe.age create mode 100644 flakes/secrets/nix2l002.age create mode 100644 flakes/secrets/nix2linode.age create mode 100644 flakes/secrets/nix2lio.age create mode 100644 flakes/secrets/nix2nix.age create mode 100644 flakes/secrets/nix2oracle.age create mode 100644 flakes/secrets/nix2oren.age create mode 100644 flakes/secrets/nix2t.age create mode 100644 flakes/secrets/oauth2_proxy_key_file.age create mode 100644 flakes/secrets/obsidian_sync_env.age create mode 100644 flakes/secrets/openwebui_env.age create mode 100644 flakes/secrets/secrets.nix create mode 100644 flakes/secrets/us_chi_wg.age create mode 100644 flakes/secrets/vaultwarden_env.age create mode 100644 flakes/secrets/zitadel_master_key.age diff --git a/flakes/common/hm_modules/tmux/default.nix b/flakes/common/hm_modules/tmux/default.nix index 7e3038b..6d67f51 100644 --- a/flakes/common/hm_modules/tmux/default.nix +++ b/flakes/common/hm_modules/tmux/default.nix @@ -68,9 +68,4 @@ } ]; }; - - home.shellAliases = { - t = "tmux"; - tat = "tmux attach-session"; - }; } diff --git a/flakes/common/nix_modules/docker.nix b/flakes/common/nix_modules/docker.nix new file mode 100644 index 0000000..416d2fc --- /dev/null +++ b/flakes/common/nix_modules/docker.nix @@ -0,0 +1,17 @@ +{ + config, + ... +}: + +{ + virtualisation.docker = { + enable = true; + autoPrune.enable = true; + }; + users.extraGroups.docker.members = builtins.AttrNames config.users.users; + environment.shellAliases = { + dockerv = "docker volume"; + dockeri = "docker image"; + dockerc = "docker container"; + }; +} diff --git a/flakes/common/nix_modules/essentials/default.nix b/flakes/common/nix_modules/essentials/default.nix new file mode 100644 index 0000000..e6f2ce0 --- /dev/null +++ b/flakes/common/nix_modules/essentials/default.nix @@ -0,0 +1,55 @@ +{ + lib, + pkgs, + ... +}: +with lib; +{ + environment.systemPackages = with pkgs; [ + # Essentials + vim + nano + wget + curl + traceroute + dig + fastfetch + jq + bat + htop + unzip + fzf + ripgrep + lsof + killall + speedtest-cli + ]; + + environment.shellAliases = { + n = "nvim"; + nn = "nvim --headless '+SessionDelete' +qa > /dev/null 2>&1 && nvim"; + bat = "bat --theme Coldark-Dark"; + cat = "bat --pager=never -p"; + + # TODO this may not be needed now that I am using `nh` clean mode (see /hosts/_common/configuration.nix#programs.nh) + nix-boot-clean = "find '/boot/loader/entries' -type f ! -name 'windows.conf' | head -n -4 | xargs -I {} rm {}; nix store gc; nixos-rebuild boot; echo; df"; + ndr = "nix-direnv-reload"; + + # general unix + date_compact = "date +'%Y%m%d'"; + date_short = "date +'%Y-%m-%d'"; + ls = "ls --color -Gah"; + ll = "ls --color -Galhtr"; + lss = "du --max-depth=0 -h {.,}* 2>/dev/null | sort -hr"; + psg = "ps aux | head -n 1 && ps aux | grep -v 'grep' | grep"; + + # ripgrep + rg = "rg --no-ignore"; + rgf = "rg --files --glob '!/nix/store/**' 2>/dev/null | rg"; + }; + + environment.shellInit = lib.concatStringsSep "\n\n" [ + (builtins.readFile ./unix_utils.func.sh) + (builtins.readFile ./nixpkg.func.sh) + ]; +} diff --git a/flakes/common/nix_modules/essentials/nixpkg.func.sh b/flakes/common/nix_modules/essentials/nixpkg.func.sh new file mode 100644 index 0000000..956a539 --- /dev/null +++ b/flakes/common/nix_modules/essentials/nixpkg.func.sh @@ -0,0 +1,13 @@ +# nix +alias nixpkgs=nixpkg +nixpkg () { + if [ $# -eq 0 ]; then + echo "Error: No arguments provided. Please specify at least one package." + return 1 + fi + cmd="nix shell" + for pkg in "$@"; do + cmd="$cmd \"nixpkgs#$pkg\"" + done + eval $cmd +} diff --git a/flakes/common/nix_modules/essentials/unix_utils.func.sh b/flakes/common/nix_modules/essentials/unix_utils.func.sh new file mode 100644 index 0000000..3120f6d --- /dev/null +++ b/flakes/common/nix_modules/essentials/unix_utils.func.sh @@ -0,0 +1,65 @@ +# Check if ~/.config/environment exists and source all files within it +if [ -d "$HOME/.config/environment" ]; then + for file in "$HOME/.config/environment/"*; do + if [ -r "$file" ]; then + if ! . "$file"; then + echo "Failed to source $file" + fi + fi + done +fi + +htop_psg () { + htop -p $(psg $1 | awk '{r=r s $2;s=","} END{print r}') +} + +htop_pid () { + htop -p $(ps -ef | awk -v proc=$1 '$3 == proc { cnt++;if (cnt == 1) { printf "%s",$2 } else { printf ",%s",$2 } }') +} + +psg_kill() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "killing ${pid}" + kill -9 "${pid}" &> /dev/null + fi + done +} + +psg_terminate() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "Terminating ${pid}" + kill -15 "${pid}" &> /dev/null + fi + done +} + +psg_skill() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "Killing ${pid}" + sudo kill -9 "${pid}" &> /dev/null + fi + done +} + +mail_clear() { + : > /var/mail/$USER +} + +speedtest_fs () { + dir=$(pwd) + drive=$(df -h ${dir} | awk 'NR==2 {print $1}') + echo Testing read speeds on drive ${drive} + sudo hdparm -Tt ${drive} + test_file=$(date +%u%m%d) + test_file="${dir}/speedtest_fs_${test_file}" + echo + echo Testing write speeds into test file: ${test_file} + dd if=/dev/zero of=${test_file} bs=8k count=10k; rm -f ${test_file} +} + +speedtest_internet () { + speedtest-cli +} diff --git a/flakes/common/nix_modules/git/branch.func.sh b/flakes/common/nix_modules/git/branch.func.sh new file mode 100644 index 0000000..03908fc --- /dev/null +++ b/flakes/common/nix_modules/git/branch.func.sh @@ -0,0 +1,213 @@ +branch() { + local branch_name=${1:-} + + # helper: set tmux window name. If tmux is in auto mode, always rename. + # If tmux is manual but the current window name matches the previous branch, + # allow renaming from previous branch name to the new one. + _branch__maybe_set_tmux_name() { + if ! command -v tmux_window >/dev/null 2>&1; then + return 1 + fi + local new_name prev_branch tmux_status tmux_cur + new_name=${1:-} + prev_branch=${2:-} + tmux_status=$(tmux_window status 2>/dev/null || true) + if [ "$tmux_status" = "auto" ]; then + tmux_window rename "$new_name" 2>/dev/null || true + return 0 + fi + # tmux is manual. If the current tmux name matches the previous branch, + # we consider it safe to update it to the new branch name. + if [ -n "$prev_branch" ]; then + tmux_cur=$(tmux_window get 2>/dev/null || true) + if [ "$tmux_cur" = "$prev_branch" ]; then + tmux_window rename "$new_name" 2>/dev/null || true + fi + fi + } + + # helper: revert tmux to automatic rename only if current tmux name matches previous branch + _branch__revert_tmux_auto() { + if ! command -v tmux_window >/dev/null 2>&1; then + return 1 + fi + local prev_branch=${1:-} + if [ -z "$prev_branch" ]; then + tmux_window rename 2>/dev/null || true + return 0 + fi + local tmux_cur + tmux_cur=$(tmux_window get 2>/dev/null || true) + if [ "$tmux_cur" = "$prev_branch" ]; then + tmux_window rename 2>/dev/null || true + fi + } + + # Determine repo root early so we can run branches inside it + local common_dir + if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then + echo "Not inside a git repository." >&2 + return 1 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + local repo_dir="${common_dir%%/.git*}" + if [ -z "$repo_dir" ]; then + echo "Unable to determine repository root." >&2 + return 1 + fi + + # If no branch was provided, present an interactive selector combining local and remote branches + if [ -z "$branch_name" ]; then + if ! command -v fzf >/dev/null 2>&1; then + echo "Usage: branch " >&2 + return 2 + fi + + local branches_list_raw branches_list selection + # Gather local and remote branches with fallbacks to ensure locals appear + branches_list_raw="" + if declare -f local_branches >/dev/null 2>&1; then + branches_list_raw=$(cd "$repo_dir" && local_branches 2>/dev/null || true; cd "$repo_dir" && remote_branches 2>/dev/null || true) + fi + branches_list=$(printf "%s +" "$branches_list_raw" | awk '!seen[$0]++') + if [ -z "$branches_list" ]; then + echo "No branches found." >&2 + return 1 + fi + + fzf_out=$(printf "%s\n" "$branches_list" | fzf --height=40% --prompt="Select branch: " --print-query) + if [ -z "$fzf_out" ]; then + echo "No branch selected." >&2 + return 1 + fi + branch_query=$(printf "%s\n" "$fzf_out" | sed -n '1p') + branch_selection=$(printf "%s\n" "$fzf_out" | sed -n '2p') + if [ -n "$branch_selection" ]; then + branch_name="$branch_selection" + else + # user typed something in fzf but didn't select: use that as new branch name + branch_name=$(printf "%s" "$branch_query" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + fi + fi + + local repo_base repo_hash default_branch + repo_base=$(basename "$repo_dir") + repo_hash=$(printf "%s" "$repo_dir" | sha1sum | awk '{print $1}') + + default_branch=$(getdefault) + + # capture current branch name as seen by tmux so we can decide safe renames later + local prev_branch + prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + + # Special-case: jump to the main working tree on the default branch + if [ "$branch_name" = "default" ] || [ "$branch_name" = "master" ] || [ "$branch_name" = "$default_branch" ]; then + if [ "$repo_dir" = "$PWD" ]; then + echo "Already in the main working tree on branch '$default_branch'." + return 0 + fi + echo "Switching to main working tree on branch '$default_branch'." + # capture current branch name as seen by tmux so we only revert if it matches + prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + cd "$repo_dir" || return 1 + _branch__revert_tmux_auto "$prev_branch" || true + return 0 + fi + + # If a worktree for this branch is already registered elsewhere, open a shell there + local existing + existing=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="$branch_name" 'BEGIN{RS="";FS="\n"} $0 ~ "refs/heads/"b{for(i=1;i<=NF;i++) if ($i ~ /^worktree /){ sub(/^worktree /,"",$i); print $i }}') + if [ -n "$existing" ]; then + echo "Opening existing worktree for branch '$branch_name' at '$existing'." + cd "$existing" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + # Ensure we have up-to-date remote info + git -C "$repo_dir" fetch --all --prune || true + + local wt_root wt_path + if [ -z "$xdg" ]; then + xdg="${XDG_DATA_HOME:-$HOME/.local/share}" + fi + wt_root="$xdg/git_worktrees/${repo_base}_${repo_hash}" + wt_path="$wt_root/$branch_name" + + # ensure worktree root exists + if [ ! -d "$wt_root" ]; then + mkdir -p "$wt_root" || { echo "Failed to create worktree root: $wt_root" >&2; return 1; } + fi + + # If worktree already exists at our expected path, open a shell there + if [ -d "$wt_path" ]; then + echo "Opening existing worktree at '$wt_path'." + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + local branch_exists branch_from local_exists + branch_exists=$(git -C "$repo_dir" ls-remote --heads origin "$branch_name" | wc -l) + # check if a local branch exists + if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch_name"; then + local_exists=1 + else + local_exists=0 + fi + + branch_from="$default_branch" + if [ "$branch_exists" -eq 0 ]; then + if [ "$local_exists" -eq 1 ]; then + branch_from="$branch_name" + echo "Branch '$branch_name' exists locally; creating worktree from local branch." + else + echo "Branch '$branch_name' does not exist on remote; creating from '$branch_from'." + fi + else + branch_from="origin/$branch_name" + echo "Branch '$branch_name' exists on remote; creating worktree tracking it." + fi + + echo "Creating new worktree for branch '$branch_name' at '$wt_path'." + + # Try to add or update worktree from the resolved ref. Use a fallback path if needed. + if [ "$local_exists" -eq 1 ]; then + if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + else + if git -C "$repo_dir" worktree add -b "$branch_name" "$wt_path" "$branch_from" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + fi + + # Fallback: try to resolve a concrete SHA and create the branch ref locally, then add worktree + local start_sha + if start_sha=$(git -C "$repo_dir" rev-parse --verify "$branch_from" 2>/dev/null); then + if git -C "$repo_dir" branch "$branch_name" "$start_sha" 2>/dev/null; then + if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + else + git -C "$repo_dir" branch -D "$branch_name" 2>/dev/null || true + rmdir "$wt_path" 2>/dev/null || true + echo "Failed to add worktree after creating branch ref." >&2 + return 1 + fi + fi + fi + + echo "Failed to add worktree for branch '$branch_name'." >&2 + rmdir "$wt_path" 2>/dev/null || true + return 1 +} diff --git a/flakes/common/nix_modules/git/branchd.func.sh b/flakes/common/nix_modules/git/branchd.func.sh new file mode 100644 index 0000000..a7769d2 --- /dev/null +++ b/flakes/common/nix_modules/git/branchd.func.sh @@ -0,0 +1,131 @@ +branchdel() { + # branchdel — remove a branch worktree (optional branch arg) + local branch_arg + branch_arg="$1" + local wt_path + wt_path=$(pwd) + local common_dir repo_dir + if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then + echo "Not inside a git repository." >&2 + return 1 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + repo_dir="${common_dir%%/.git*}" + if [ -z "$repo_dir" ]; then + echo "Unable to determine repository root." >&2 + return 1 + fi + + # determine current branch in this worktree + local current default_branch branch target_wt + current=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) || { echo "Not inside a git repository." >&2; return 1; } + + default_branch=$(getdefault) + + # choose branch: provided arg or current + if [ -z "$branch_arg" ]; then + branch="$current" + else + branch="$branch_arg" + fi + # normalize branch name if refs/heads/ was provided + branch="${branch#refs/heads/}" + + # don't remove default + if [ "$branch" = "$default_branch" ] || [ "$branch" = "default" ]; then + echo "Refusing to remove default branch worktree ($default_branch)." >&2 + return 1 + fi + + # find the worktree path for the requested branch + target_wt=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="refs/heads/$branch" ' + $1=="worktree" { w=$2 } + $1=="branch" && $2==b { print w; exit } + ') + + # if not found in worktree list, check main worktree branch + if [ -z "$target_wt" ]; then + local main_branch + main_branch=$(git -C "$repo_dir" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + if [ "$main_branch" = "$branch" ]; then + target_wt="$repo_dir" + fi + fi + + if [ -z "$target_wt" ]; then + echo "No worktree found for branch '$branch'." >&2 + return 1 + fi + + if [ "$target_wt" = "$repo_dir" ]; then + echo "Branch '$branch' is the main worktree at '$repo_dir'. Will not delete main worktree." >&2 + return 1 + fi + + # if we're currently in that branch/worktree, switch to default and cd to repo root first + if [ "$current" = "$branch" ]; then + echo "Currently on branch '$branch' in '$wt_path'. Switching to default branch '$default_branch' in main worktree..." + if declare -f branch >/dev/null 2>&1; then + branch default || { echo "Failed to switch to default branch" >&2; return 1; } + else + git -C "$repo_dir" checkout "$default_branch" || { echo "Failed to checkout default branch" >&2; return 1; } + fi + cd "$repo_dir" || { echo "Failed to change directory to repo root: $repo_dir" >&2; return 1; } + fi + + echo "Removing worktree at: $target_wt" + # helper: attempt a guarded, forceful removal of a directory + remove_dir_forcefully() { + local dir="$1" + if [ -z "$dir" ]; then + return 1 + fi + # resolve absolute paths + local abs_dir abs_repo + abs_dir=$(readlink -f -- "$dir" 2>/dev/null) || abs_dir="$dir" + abs_repo=$(readlink -f -- "$repo_dir" 2>/dev/null) || abs_repo="$repo_dir" + + # safety checks: do not remove repository root or / + if [ "$abs_dir" = "/" ] || [ "$abs_dir" = "$abs_repo" ]; then + echo "Refusing to remove unsafe path: $abs_dir" >&2 + return 1 + fi + + # try plain rm -rf + rm -rf -- "$abs_dir" 2>/dev/null && return 0 + + # fix permissions then try again + chmod -R u+rwx "$abs_dir" 2>/dev/null || true + rm -rf -- "$abs_dir" 2>/dev/null && return 0 + + # try removing contents first, then remove directory + if find "$abs_dir" -mindepth 1 -exec rm -rf -- {} + 2>/dev/null; then + rmdir "$abs_dir" 2>/dev/null || true + fi + + # final existence check + [ ! -e "$abs_dir" ] + } + + # try unregistering the worktree, prefer normal then fallback to --force + if git -C "$repo_dir" worktree remove "$target_wt" 2>/dev/null || git -C "$repo_dir" worktree remove --force "$target_wt" 2>/dev/null; then + if remove_dir_forcefully "$target_wt"; then + echo "Removed worktree: $target_wt" + else + echo "Worktree removed from git, but failed to fully delete directory: $target_wt" >&2 + echo "Attempted to force-delete; you may need to remove it manually with sudo." >&2 + fi + + # delete local branch if it exists + if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch"; then + git -C "$repo_dir" branch -D "$branch" 2>/dev/null || true + echo "Deleted local branch: $branch" + fi + return 0 + fi + + echo "Failed to remove worktree: $target_wt" >&2 + return 1 +} diff --git a/flakes/common/nix_modules/git/default.nix b/flakes/common/nix_modules/git/default.nix new file mode 100644 index 0000000..d3157a8 --- /dev/null +++ b/flakes/common/nix_modules/git/default.nix @@ -0,0 +1,32 @@ +{ + lib, + pkgs, + ... +}: +with lib; +{ + environment.systemPackages = with pkgs; [ + git + ]; + + environment.shellAliases = { + # git + status = "git status"; + diff = "git diff"; + branches = "git branch -a"; + gcam = "git commit -a -m"; + gcm = "git commit -m"; + stashes = "git stash list"; + bd = "branch default"; + li = "link_ignored"; + bx = "branchdel"; + b = "branch"; + }; + + environment.shellInit = lib.concatStringsSep "\n\n" [ + (builtins.readFile ./utils.func.sh) + (builtins.readFile ./branch.func.sh) + (builtins.readFile ./branchd.func.sh) + (builtins.readFile ./link_ignored.func.sh) + ]; +} diff --git a/flakes/common/nix_modules/git/link_ignored.func.sh b/flakes/common/nix_modules/git/link_ignored.func.sh new file mode 100644 index 0000000..0043ed9 --- /dev/null +++ b/flakes/common/nix_modules/git/link_ignored.func.sh @@ -0,0 +1,159 @@ +link_ignored() { + local DRY_RUN=0 + local USE_FZF=1 + local -a PATTERNS=() + + while [ $# -gt 0 ]; do + case "$1" in + --dry-run) DRY_RUN=1; shift ;; + --no-fzf) USE_FZF=0; shift ;; + -h|--help) link_ignored_usage; return 0 ;; + --) shift; break ;; + *) PATTERNS+=("$1"); shift ;; + esac + done + + link_ignored_usage() { + cat </dev/null); then + echo "Error: not in a git repository." >&2 + return 2 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + repo_root="${common_dir%%/.git*}" + if [ -z "$repo_root" ]; then + echo "Error: unable to determine repository root." >&2 + return 2 + fi + + local -a candidates=() + while IFS= read -r -d '' file; do + candidates+=("$file") + done < <(git -C "$repo_root" ls-files --others --ignored --exclude-standard -z || true) + + if [ ${#candidates[@]} -eq 0 ]; then + echo "No untracked/ignored files found in $repo_root" + return 0 + fi + + local -a tops=() + for c in "${candidates[@]}"; do + c="${c%/}" + local top="${c%%/*}" + [ -z "$top" ] && continue + local found=0 + for existing in "${tops[@]}"; do + [ "$existing" = "$top" ] && found=1 && break + done + [ "$found" -eq 0 ] && tops+=("$top") + done + + if [ ${#tops[@]} -eq 0 ]; then + echo "No top-level ignored/untracked entries found in $repo_root" + return 0 + fi + + local -a filtered + if [ ${#PATTERNS[@]} -gt 0 ]; then + for t in "${tops[@]}"; do + for p in "${PATTERNS[@]}"; do + if [[ "$t" == *"$p"* ]]; then + filtered+=("$t") + break + fi + done + done + else + filtered=("${tops[@]}") + fi + + if [ ${#filtered[@]} -eq 0 ]; then + echo "No candidates match the provided patterns." >&2 + return 0 + fi + + local -a chosen + if command -v fzf >/dev/null 2>&1 && [ "$USE_FZF" -eq 1 ]; then + local selected + selected=$(printf "%s\n" "${filtered[@]}" | fzf --multi --height=40% --border --prompt="Select files to link: " --preview "if [ -f '$repo_root'/{} ]; then bat --color always --paging=never --style=plain '$repo_root'/{}; else ls -la '$repo_root'/{}; fi") + if [ -z "$selected" ]; then + echo "No files selected." && return 0 + fi + chosen=() + while IFS= read -r line; do + chosen+=("$line") + done <&2 + errors+=("$rel (link failed)") + fi + fi + done + + echo + echo "Summary:" + echo " Linked: ${#created[@]}" + [ ${#created[@]} -gt 0 ] && printf ' %s\n' "${created[@]}" + echo " Skipped: ${#skipped[@]}" + [ ${#skipped[@]} -gt 0 ] && printf ' %s\n' "${skipped[@]}" + echo " Errors: ${#errors[@]}" + [ ${#errors[@]} -gt 0 ] && printf ' %s\n' "${errors[@]}" + + return 0 +} diff --git a/flakes/common/nix_modules/git/utils.func.sh b/flakes/common/nix_modules/git/utils.func.sh new file mode 100644 index 0000000..1ebdae3 --- /dev/null +++ b/flakes/common/nix_modules/git/utils.func.sh @@ -0,0 +1,133 @@ +# git +getdefault () { + git remote show origin | grep "HEAD branch" | sed 's/.*: //' +} + +master () { + branch $(getdefault) + git checkout $(getdefault) + pull +} + +mp () { + master + prunel +} + +pullmaster () { + git pull origin $(getdefault) +} + +push () { + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git pull origin $B + git push origin $B --no-verify +} + +pull () { + git fetch + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git pull origin $B +} + +forcepush () { + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git push origin $B --force +} + +remote_branches () { + git for-each-ref --format='%(refname:short)' refs/remotes 2>/dev/null | sed 's#^[^/]*/##' | grep -v '^HEAD$' || true +} + +local_branches () { + git for-each-ref --format='%(refname:short)' refs/heads 2>/dev/null || true +} + +prunel () { + git fetch + git remote prune origin + + for local in $(local_branches); do + in=false + for remote in $(remote_branches); do + if [[ ${local} = ${remote} ]]; then + in=true + fi + done; + if [[ $in = 'false' ]]; then + git branch -D ${local} + else + echo 'Skipping branch '${local} + fi + done; +} + +from_master () { + git checkout $(getdefault) $@ +} + +stash() { + local branch + branch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) + local datetime + datetime=$(date +"%Y-%m-%d_%H-%M") + local default_label="${datetime}_${branch}" + if [ -n "$ZSH_VERSION" ]; then + read "label?Stash label [default: $default_label]: " + else + read -e -p "Stash label [default: $default_label]: " label + fi + label=${label:-$default_label} + git stash push -u -k -m "$label" +} + +pop() { + local selection + selection=$(git stash list | \ + fzf --prompt="Select stash to pop: " \ + --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") + [ -z "$selection" ] && echo "No stash selected." && return 1 + local stash_ref + stash_ref=$(echo "$selection" | awk -F: '{print $1}') + echo "Popping $stash_ref..." + git stash pop "$stash_ref" +} + +delstash() { + local selection + selection=$(git stash list | \ + fzf --prompt="Select stash to pop: " \ + --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") + [ -z "$selection" ] && echo "No stash selected." && return 1 + local stash_ref + stash_ref=$(echo "$selection" | awk -F: '{print $1}') + echo "About to delete $stash_ref." + git stash drop "$stash_ref" +} + +# Marks some files as in "git" but they won't actually get pushed up to the git repo +# Usefull for `gintent .envrc flake.lock flake.nix` to add nix items required by flakes in a git repo that won't want flakes added +gintent() { + for file in "$@"; do + if [ -f "$file" ]; then + git add --intent-to-add "$file" + git update-index --assume-unchanged "$file" + echo "Intent added for $file" + else + echo "File not found: $file" + fi + done +} +alias gintentnix="gintent .envrc flake.lock flake.nix" + +gintent_undo() { + for file in "$@"; do + if [ -f "$file" ]; then + git update-index --no-assume-unchanged "$file" + echo "Intent removed for $file" + else + echo "File not found: $file" + fi + done +} +alias gintentnix_undo="gintent_undo .envrc flake.lock flake.nix" diff --git a/flakes/common/nix_modules/hardening.nix b/flakes/common/nix_modules/hardening.nix new file mode 100644 index 0000000..9e3ac3f --- /dev/null +++ b/flakes/common/nix_modules/hardening.nix @@ -0,0 +1,87 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + environment.systemPackages = with pkgs; [ + openssh + autossh + ]; + + # name this computer + networking = { + # hostName = top_cfg.systemName; + nftables.enable = true; + # Clears firewall rules on reboot, only ones set in config will be remade + nftables.flushRuleset = true; + firewall.enable = true; + }; + + # TODO invesitgate onensnitch usage and rules I may want. It is cumbersome with flushRuleset above... + # services.opensnitch = { + # enable = true; + # settings = { + # Firewall = if config.networking.nftables.enable then "nftables" else "iptables"; + # InterceptUknown = true; + # ProcMonitorMethod = "ebpf"; + # DefaultAction = "deny"; + # }; + # rules = { + # + # }; + # }; + + # Use fail2ban + services.fail2ban = { + enable = true; + # Ignore my tailnet + ignoreIP = [ + "100.64.0.0/10" + ]; + }; + + # Open ports in the firewall if enabled. + networking.firewall.allowedTCPPorts = [ + 22 # sshd + ]; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + settings = { + LogLevel = "VERBOSE"; + PermitRootLogin = "yes"; + PasswordAuthentication = false; + }; + }; + + # Ensure SSH key pair generation for non-root users + systemd.services = lib.mapAttrs' (name: _: { + name = "generate_ssh_key_${name}"; + value = { + description = "Generate SSH key pair for ${name}"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = name; + Type = "oneshot"; + }; + script = '' + #!/run/current-system/sw/bin/bash + if [ ! -f /home/${name}/.ssh/id_ed25519 ]; then + if [ -v DRY_RUN ]; then + echo "DRY_RUN is set. Would generate SSH key for ${name}."; + else + echo "Generating SSH key for ${name}."; + mkdir -p /home/${name}/.ssh; + chmod 700 /home/${name}/.ssh; + /run/current-system/sw/bin/ssh-keygen -t ed25519 -f /home/${name}/.ssh/id_ed25519 -N ""; + fi + else + echo "SSH key already exists for ${name}."; + fi + ''; + }; + }) config.users.users; +} diff --git a/flakes/common/nix_modules/jetbrains_font.nix b/flakes/common/nix_modules/jetbrains_font.nix new file mode 100644 index 0000000..22d217c --- /dev/null +++ b/flakes/common/nix_modules/jetbrains_font.nix @@ -0,0 +1,33 @@ +{ + pkgs, + ... +}: +let + hasNewJetbrainsMono = + if builtins.hasAttr "nerd-fonts" pkgs then + builtins.hasAttr "jetbrains-mono" pkgs."nerd-fonts" + else + false; + + jetbrainsMonoFont = + if hasNewJetbrainsMono then + pkgs.nerd-fonts.jetbrains-mono + else + (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); +in +{ + config = { + fonts.fontconfig.enable = true; + + fonts.packages = [ + jetbrainsMonoFont + ] + # TODO verify if these are needed/working + # ++ (with pkgs; [ + # ipafont + # kochi-substitute + # noto-fonts-cjk-sans # Or another CJK font + # ]) + ; + }; +} diff --git a/flakes/common/nix_modules/nix_options.nix b/flakes/common/nix_modules/nix_options.nix new file mode 100644 index 0000000..db45356 --- /dev/null +++ b/flakes/common/nix_modules/nix_options.nix @@ -0,0 +1,62 @@ +{ + config, + lib, + ... +}: +{ + # Enable flakes + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + # Allow unfree if set in config + nixpkgs.config.allowUnfreePredicate = lib.mkIf config.nixpkgs.config.allowUnfree (pkg: true); + environment.variables = lib.mkIf config.nixpkgs.config.allowUnfree { + NIXPKGS_ALLOW_UNFREE = "1"; + }; + + nix.settings = { + max-jobs = "auto"; + # Fallback quickly if substituters are not available. + connect-timeout = 5; + download-attempts = 3; + download-buffer-size = 524288000; # default is 67108864, this increases to ~500MB + # The default at 10 is rarely enough. + log-lines = 50; + # Avoid disk full issues + max-free = (3000 * 1024 * 1024); + min-free = (1000 * 1024 * 1024); + # Avoid copying unnecessary stuff over SSH + builders-use-substitutes = true; + auto-optimise-store = true; + trusted-users = [ + "root" + "@wheel" + ]; + substituters = [ + "https://cache.nixos.org/" + "https://nix-community.cachix.org" + ]; + trusted-substituters = config.nix.settings.substituters; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; + nix.extraOptions = '' + keep-outputs = true + keep-derivations = true + ${lib.optionalString ( + # TODO revisit this should it move? + config ? age && config.age ? secrets && config.age.secrets ? github_read_token + ) "!include ${config.age.secrets.github_read_token.path}"} + ''; + + # nix helper + programs.nh = { + enable = true; + # clean.enable = true; # TODO revist does this solve my re-building issues? + clean.extraArgs = "--keep 10"; + }; +} diff --git a/flakes/common/nix_modules/no_sleep.nix b/flakes/common/nix_modules/no_sleep.nix new file mode 100644 index 0000000..66f7060 --- /dev/null +++ b/flakes/common/nix_modules/no_sleep.nix @@ -0,0 +1,11 @@ +{ ... }: +{ + # Turn off sleep + systemd.sleep.extraConfig = '' + [Sleep] + AllowSuspend=no + AllowHibernation=no + AllowSuspendThenHibernate=no + AllowHybridSleep=no + ''; +} diff --git a/flakes/common/nix_modules/podman.nix b/flakes/common/nix_modules/podman.nix new file mode 100644 index 0000000..0408e28 --- /dev/null +++ b/flakes/common/nix_modules/podman.nix @@ -0,0 +1,11 @@ +{ + config, + ... +}: +{ + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + }; + users.extraGroups.docker.members = builtins.AttrNames config.users.users; +} diff --git a/flakes/common/nix_modules/q_flipper.nix b/flakes/common/nix_modules/q_flipper.nix new file mode 100644 index 0000000..21fea44 --- /dev/null +++ b/flakes/common/nix_modules/q_flipper.nix @@ -0,0 +1,14 @@ +{ + pkgs, + ... +}: +{ + hardware.flipperzero.enable = true; + environment.systemPackages = with pkgs; [ qFlipper ]; + services.udev.extraRules = '' + #Flipper Zero serial port + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="5740", ATTRS{manufacturer}=="Flipper Devices Inc.", GROUP="users", TAG+="uaccess" + #Flipper Zero DFU + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", ATTRS{manufacturer}=="STMicroelectronics", GROUP="users", TAG+="uaccess" + ''; +} diff --git a/flakes/common/nix_modules/remote_lio_builds.nix b/flakes/common/nix_modules/remote_lio_builds.nix new file mode 100644 index 0000000..c4731e0 --- /dev/null +++ b/flakes/common/nix_modules/remote_lio_builds.nix @@ -0,0 +1,35 @@ +{ + config, + ... +}: +{ + # Remote build off home lio computer + programs.ssh.extraConfig = '' + Host lio_ + PubkeyAcceptedKeyTypes ssh-ed25519 + ServerAliveInterval 60 + IPQoS throughput + IdentityFile ${config.age.secrets.nix2lio.path} + ''; + nix = { + distributedBuilds = true; + buildMachines = [ + { + # TODO require hostname in ssh config? + hostName = "lio_"; + system = "x86_64-linux"; + protocol = "ssh-ng"; + maxJobs = 32; + speedFactor = 2; + supportedFeatures = [ + "nixos-test" + "benchmark" + "big-parallel" + "kvm" + "uid-range" # Often helpful + ]; + mandatoryFeatures = [ ]; + } + ]; + }; +} diff --git a/flakes/common/nix_modules/tailnet.nix b/flakes/common/nix_modules/tailnet.nix new file mode 100644 index 0000000..c7cef7f --- /dev/null +++ b/flakes/common/nix_modules/tailnet.nix @@ -0,0 +1,22 @@ +{ + config, + pkgs, + ... +}: +{ + environment.systemPackages = with pkgs; [ tailscale ]; + services.tailscale = { + enable = true; + openFirewall = true; + useRoutingFeatures = "client"; + authKeyFile = config.age.secrets.headscale_auth.path; + extraUpFlags = [ + "--login-server=https://headscale.joshuabell.xyz" + ]; + extraDaemonFlags = [ + "--no-logs-no-support" + ]; + }; + networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; + networking.firewall.checkReversePath = "loose"; +} diff --git a/flakes/common/nix_modules/timezone_auto.nix b/flakes/common/nix_modules/timezone_auto.nix new file mode 100644 index 0000000..223aef1 --- /dev/null +++ b/flakes/common/nix_modules/timezone_auto.nix @@ -0,0 +1,7 @@ +{ + ... +}: +{ + time.timeZone = null; + services.automatic-timezoned.enable = true; +} diff --git a/flakes/common/nix_modules/tmux/default.nix b/flakes/common/nix_modules/tmux/default.nix new file mode 100644 index 0000000..c9224df --- /dev/null +++ b/flakes/common/nix_modules/tmux/default.nix @@ -0,0 +1,19 @@ +{ + lib, + pkgs, + ... +}: +{ + environment.systemPackages = [ + pkgs.tmux + ]; + + environment.shellAliases = { + tat = "tmux attach-session"; + t = "tmux"; + }; + + environment.shellInit = lib.concatStringsSep "\n\n" [ + (builtins.readFile ./tmux_helpers.sh) + ]; +} diff --git a/flakes/common/nix_modules/tmux/tmux_helpers.sh b/flakes/common/nix_modules/tmux/tmux_helpers.sh new file mode 100644 index 0000000..b644b4b --- /dev/null +++ b/flakes/common/nix_modules/tmux/tmux_helpers.sh @@ -0,0 +1,34 @@ +tmux_window () { + cmd=${1:-} + case "${cmd}" in + rename) + if [ -z "${2:-}" ]; then + tmux setw automatic-rename + else + tmux rename-window "$2" + fi + ;; + get) + printf '%s' "$(tmux display-message -p '#W')" + ;; + status) + out="$(tmux show-window-options automatic-rename 2>/dev/null || true)" + if printf '%s' "$out" | grep -q 'automatic-rename on'; then + printf 'auto' + elif printf '%s' "$out" | grep -q 'automatic-rename off'; then + printf 'manual' + else + # If tmux returns nothing (option not set), default to auto + if [ -z "$out" ]; then + printf 'auto' + else + return 1 + fi + fi + ;; + *) + printf 'Usage: tmux_window {rename [NAME]|get|status}\n' >&2 + return 2 + ;; + esac +} diff --git a/flakes/common/nix_modules/tty_caps_esc.nix b/flakes/common/nix_modules/tty_caps_esc.nix new file mode 100644 index 0000000..f7c1fc9 --- /dev/null +++ b/flakes/common/nix_modules/tty_caps_esc.nix @@ -0,0 +1,13 @@ +{ + pkgs, + ... +}: +{ + services.xserver.xkb.options = "caps:escape"; + console = { + earlySetup = true; + packages = with pkgs; [ terminus_font ]; + # use xkb.options in tty. (caps -> escape) + useXkbConfig = true; + }; +} diff --git a/flakes/common/nix_modules/uhk_agent.nix b/flakes/common/nix_modules/uhk_agent.nix new file mode 100644 index 0000000..ab5d503 --- /dev/null +++ b/flakes/common/nix_modules/uhk_agent.nix @@ -0,0 +1,11 @@ +{ + pkgs, + ... +}: +{ + environment.systemPackages = with pkgs; [ + uhk-agent + uhk-udev-rules + ]; + services.udev.packages = [ pkgs.uhk-udev-rules ]; +} diff --git a/flakes/common/nix_modules/zsh.nix b/flakes/common/nix_modules/zsh.nix new file mode 100644 index 0000000..264a74a --- /dev/null +++ b/flakes/common/nix_modules/zsh.nix @@ -0,0 +1,9 @@ +{ + pkgs, + ... +}: +{ + programs.zsh.enable = true; + environment.pathsToLink = [ "/share/zsh" ]; + users.defaultUserShell = pkgs.zsh; +} diff --git a/flakes/common/readme.md b/flakes/common/readme.md new file mode 100644 index 0000000..1897981 --- /dev/null +++ b/flakes/common/readme.md @@ -0,0 +1,56 @@ +required settings? + +```nix +# Required system information +networking.hostName = "system_name"; + +# Where this config lives for this machine +programs.nh.flake = "/home/josh/.config/nixos-config/hosts/${config.networking.hostName}"; + +# Optionally allow unfree software +nixpkgs.config.allowUnfree = true; + +users.users = { + josh = { + isNormalUser = true; + initialPassword = "password1"; + extraGroups = [ "wheel" ]; + }; +}; +``` + +# TODO add somewhere + +```nix + # allow mounting ntfs filesystems + boot.supportedFilesystems = [ "ntfs" ]; + + # make shutdown faster for waiting + systemd.extraConfig = '' + DefaultTimeoutStopSec=8s + ''; + + nix.settings = { + substituters = [ + "https://hyprland.cachix.org" + "https://cosmic.cachix.org/" + ]; + trusted-substituters = config.nix.settings.substituters; + trusted-public-keys = [ + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" + ]; + }; + +services.tailscale.extraUpFlags = ++ (lib.optionals cfg.enableExitNode [ "--advertise-exit-node" ]); + +``` + +# TODO + +- New reporting for machine stats +- programs not ported, yet + - rust dev (now using direnv local flakes for that) + - incus + - virt-manager + - diff --git a/flakes/secrets/flake.nix b/flakes/secrets/flake.nix index a282f79..80731ba 100644 --- a/flakes/secrets/flake.nix +++ b/flakes/secrets/flake.nix @@ -22,11 +22,58 @@ ragenix.nixosModules.age ./secrets ]; - config = { - _module.args = { - inherit ragenix; + config = + let + secretsRaw = import ./secrets.nix; + systemName = config.networking.hostName; + # TODO revisit this slightly kinda scary method for choosing owners... + user = builtins.head ( + builtins.filter (name: config.users.users.${name}.isNormalUser or false) ( + builtins.attrNames config.users.users + ) + ); + authorityMarker = "authority"; + + # Key matches this host if its trailing comment contains "@" + matchesThisSystem = key: lib.strings.hasInfix "@${systemName}" key; + # Key is the authority key if its comment contains the marker string + matchesAuthority = key: lib.strings.hasInfix authorityMarker key; + + keepSecret = + attrs: + let + keys = attrs.publicKeys or [ ]; + in + lib.any (k: matchesThisSystem k) keys; + + # Any secrets that should be world-readable even after auto-import + worldReadable = [ + "zitadel_master_key" + "openwebui_env" + "vaultwarden_env" + ]; + + # Keep only secrets intended for this host (or that include the authority key) + filteredSecrets = lib.attrsets.filterAttrs (_name: attrs: keepSecret attrs) secretsRaw; + in + { + age.secrets = lib.attrsets.mapAttrs' ( + name: _attrs: + let + base = lib.removeSuffix ".age" name; + in + lib.nameValuePair base ( + { + file = ./. + "/secrets/${name}"; + owner = user; + } + // lib.optionalAttrs (lib.elem base worldReadable) { + mode = "444"; + } + ) + ) filteredSecrets; + }; - }; }; }; }; diff --git a/flakes/secrets/github_read_token.age b/flakes/secrets/github_read_token.age new file mode 100644 index 0000000..3ddcbd6 --- /dev/null +++ b/flakes/secrets/github_read_token.age @@ -0,0 +1,42 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBJRmpU +K2tCT1RTNzBhQlNzSHlIZDB4UFNCRDhiY1puVHQxN0QzSDNIbWhFCkdPVTFLYUcv +MW1FMnUyVG9xVE5KaVJQWlhFYmtaeGl2RGYyWWhtbEtTTFEKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDBNalFocUZXRkZxMU10L1pWN1I5eUlGWXlrMVNLazR5RExycnZJ +K3BsaDQKVlZCUjRNL1hvMXFjRkd1VGVZNUp3ZnZBdW1qMEFpY3ZhYWFacmlZZEFa +SQotPiBzc2gtZWQyNTUxOSBTcENqQlEgSWRpT3BZZ0pHOWZjWkszZVg3OEZaZld5 +d2hOdXpYZ2tXVThMb0FTK2ZEQQpKY2xXT1dDeEp1LzlDcnoreVNvSHdCL2dDVFVs +bUUwQlU4Y3pXV0F1S3RNCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBrMFJOd0xrcGp4 +TkpxTW1DZWUxc1BQVTc3S05scHEzQ2hVT1I3bWhQVnlZCkVZQ0dZMm82VG81Yzda +MUpmWjZRUUx3NVBwVTlUZmtaS2JJem5ETkR6eVUKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGhoSVhmVVNlc0toR1pBemk5WGp4R0NYdFF0dWFjVlpVcWRQT0hIUlNhazAK +czdFNlIydWFYSnBuTXNBQXE3eTZtUTBpUUJrdFFZMUZldFh4TXpVWEswSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgYXp5MElHS04vVlV2b1RoU3RRUTRCeFlHWjRLajFt +L01Pdi83YnRjNndWTQpFVDk2djEyVFVaUHQyTGliZDRFM0Y0Vi96STFJR0Nqa1hn +a2VYVFhzelNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBET2dPUk5rYm9wVHczaE0w +L2hpa0F3emZqNDBxR2c1OUVVNnBNeVc1SzBRCmhIWmFKTnl2TFFBRUpyejhEMFBj +cVR6RkZHS3lpZzd6MzgrQml5QXpWdjAKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFVk +cE1YSS9rdzBsTk0xNGtlRjJSV2llNVhYOUsvdVVFam1wUU82czNTUlkKQTdLcFdk +akErdWRrUXZET1hjL2J4UFJzdkNFVTlEUWJFWTFaczQ1VmxDNAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgQVNMandOOVFiN2xuQTd2MC9UUmt2MVg2YUlzcHBHaEJBWG1E +Y0srMU9UYwpGQnh6L09qY2JvL0tqcGNnWldkWUVzRHk1QVJvN1N0YlRVNCtlMlV6 +MUNVCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJR0RzZWpCNHNHcXBhQVErVUwxcG9t +K0M5RSt0M2R6SFpwYzB5MXZFQVM4Cll2NmJrQkMwNkFGbWM2bHJ2THhNbG9XS0dk +cmEzWUFCdXBLS1dyNWh0aU0KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIElaN2h2aHRO +bDRtNUlrMlNmOWVSYlpvR2VVeWRxL25vMnFjVUVmc215ejAKVlBmcTFtN3BUZXJx +eUg0eXY2S3V0ZklGNzFnK09yRUJacnZYUllkUzF0bwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgU1J3VG1lVDlCNmNVZ2hZbXI4ZDhZdE9jYnNkNHpQclpqQmdGcFhuYTBI +RQpkMnhjZlYrWjBPZVk0UGt5UEZmQzZoOUxSVG8zMVl6MlZCT1JneWJuWVdnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSA5RldGVWx4aU9ZVUNQdlJTRUVqbS9CajlnTEdR +NFlCZnEwSy9rRGNIM1RRCkxKN2FUQTBVbVA5SnVZSDlGcXFKL0M1NGhONFhLamF3 +Z0VNZ1VSSEFKSlkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIElkSFNJWnZ3WFA3V1J0 +aFNqN0RTQUEvNkRkeHI5QkR3K0RuQ2NnZTFQU1UKb0dKd3gyYWdPd0NyUEZDWUhB +eUdaZzIzWEtkNGdUZzZScWpOUzN6K2dCTQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +eGNINUY0UElXbUQvUklPY2c1S1A4OXh0UWRsTjFGUTg3dW9BM0dyTVgwNApyN3pV +eHhUSnAxZ1ZpdmUva0lScWJxNGFWZDRMdm8zd09kay9ORXdOVkljCi0+IDMtZ3Jl +YXNlCldFN1JnNGM4Vmh1dE5wZUNGOC9NdktlSEFnCi0tLSByVzE2ZHZSdXRxQTZN +SjRTNlRtUHlRL2JPS1Yxd1lnalFFUGlWR1lKTjZvCgfzY9S+Cm6zaEAcrAr3fsev +9enyx9OmVTIIZltr52uqCYbWcsuCkDjHtwR3NXiSQB2HWhNe38l4l2K1+HGcoS7i +2TMD7o9Jx6QoWLHgmrn/zXL/VKyOj5a7P530AMzdqcgJ4U8641VN0W7L9u1Cw5EB +Ujzb1rKthf+txuP04aWYit69ZBdH7r+VkOGghXngwvBapwFF8AGUug== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/headscale_auth.age b/flakes/secrets/headscale_auth.age new file mode 100644 index 0000000..867be94 --- /dev/null +++ b/flakes/secrets/headscale_auth.age @@ -0,0 +1,40 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBvbGZC +ZFZWZ2ZPWUlNdEZCSXBuYThubHpiNkFzb3Jldlh1QlF0UTZ0NHlZCjlHSTVrekQw +MDBsaU56Yk9IQVZaQWJDMVNoUWFlQmpJV2gyTXBXNEhNdDQKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDU0eDdqTStiUUlCUUcrYWhDWVRSQmxPNEIySk9NallHaVdNVFg5 +YXNPa1kKQ25PNGxjc1hid25Nd2R5RCttbHN1ci84T1pmQ0ZkNDM0R3FLbGdHRnRm +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgNjR5WkE4eUQrUGk1NHFMY3BjclZKWkd2 +TVd1QVNoVm96QkcwcHZmdG16dwpRQjY2V3dOOGo3VlJ5aTNLS0NqUVJ3VHNTWC8x +V05kbm5yQ3F0MWNFM2ZJCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFeDIrUWEyYjVw +QUdjSlBWQ0Y2N01uL3hxTWJiNkdCVkM3UTBZbDhBZWhNCnRraHhUb2NEMzJWbWl5 +SjJEenN0VjJCWlM3TXEyREN0ZysxSG9Rak9hMVUKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGxYRDJta0x6QnNkTXJnQmZwWFlRL0wrNS9EUS9TVDJMRFhZWDBUKzRWaWcK +VXlwL01IYTdTTTY4Zk1FOHBMc3E4ck1DZHp6aHhEaXFBWFN3SGErcjhmUQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgVUozU1kvVVJsZ0F2Nnk4bmZnUUNyTU8rM1FCRjFY +bWVBZWNNUFZIcFQyTQpzK0Z1SXVFQWhFSnp0UGs0RHJIQlZrUUtlY0ZFTjdwSTZS +MXhjSTNpOHNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBvQkd5UlNUakhGY0dkRFly +SU4vM3A1Sm5xNnhIZm5PUjR5WFNLZ1ZmL21NCk00M3k0RnNjL2dkRVd6MmdGSW1G +aGt1dmwxN0VTQm1zeklDN2MzRmFqSUUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFBQ +TGdvVjdEaEJDQ1FxbjhTOVdZTVdjLzJhc3lwdy83UHNyOWJPNk5ZRjQKMTdNemRQ +L1h6Tk1EVTdZcnFPRVdEZjhnU21hLzcrWk0zS05YSTV3ZGJQNAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTFcyc05mMnNVdWFDQWZUMGN6OWNZeGkrWlMyakV5RVhHaFJw +bmxiZ0lrYwozcit3dU84L0lVU0JXbVN3YnJoK0NPOUZKS3EvSkNPQ3FCWWhYZnhx +azhFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBNWWJtTlVQTUo1SFh4b1Q4Vk8vUHdG +V0xLWjRXdVZxVVl0L2JMeTBrdWxJCmJvNGJ5Q0JUR0g4Q0pISmxTVll0OHl2dTFJ +dlNtR1A2aGVTUEZRMU5Hc1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFkxendRYm0y +aEc5dTAwQy9pLzBrbUpVVlpFbnlDdlI4bGh0Zy9oMmtVWHcKNDZuaTBDV1o5MXFV +NlBLVzlqc0ZzOUdMT3c2SmRYV3hVd044bzZoenFqVQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgQ3VDSnNLMHc4N0dCQ0NOY0lscStpeHlKdXA2UGpqRVhjNDVzV0NCQUx3 +VQpkeU9FOE13bFlaQ0ErWlBFZ0VWWTVZZElQdEg5UFo1SVRSeEhqRnk2NEtFCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBaREtQS2ZsSmxSQml0bkZzd0prUXdvdkhBZzhY +VkNRZWZqdVNvODIxMDNNCkJVMWZUc0o5Q0g0Yi95czFaVkhwejh0QW5HcXZ1Tmdl +bWFKSUhITkxFYlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGlNcjZMWEdjdHNpNWNl +ZzlrNklvVklXM0tDMGVnRWhuL3BYV3dMa1U2ajQKd2owZXUxSGlIVUI3cFRxbjA3 +eWFhZXVudlBpQnRMTEVwZXhSSFgyOEsvSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +OXR4MFc0eDZQQ1IwclIxYm9kYk1DSkZBZ1RDMm4wYlEyb1VrRTBaNmpWNApwY1pu +RE9VTU9Mbm9Ea0twcnBNRUc5ZjdzYXRyRmw0MlVHZDZmTVVLZFBrCi0+IHwqflMt +Z3JlYXNlCgotLS0gNWpFR3lvdmVsN1V2WG01aHN2VjVUeDZORzRpRDZGK0RWTFRM +SytLcVZYZwrYTHZo/oozQZasJAFNVb3ZrSAjREvZzRRyz6Mj71Pj2H+dbFz9sZ+c ++B4DEN/4xfhm5FUsU2w8VCQ/E+186igURD2AyhUZxNFFVPUPJKUM9rY= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/linode_rw_domains.age b/flakes/secrets/linode_rw_domains.age new file mode 100644 index 0000000..70be86f --- /dev/null +++ b/flakes/secrets/linode_rw_domains.age @@ -0,0 +1,43 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXV0xI +dU9KUHlVWG1uRWh5ODUydVRmSTMrWXdsRUg4bEFldmZtK3M4WkZVCkNYaTQxM01I +Tld6YVJiMnN3MVF4T2RHakRDT1Q5U21zNThPTUJkWEc2TWMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGp4d3ZqcGxHM2ZDUmVUcHJiWGI0WXcxMVVCRkhOMm05bDNVQXN4 +RFFyeTQKL1FiSmxhZUZOMzRqaTdkNUNIMVJJaU1XbDkydHJpWkhJUWx6dWI3dnZs +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgT3pxVzgvMkZ3ays4cm1WWVkwUUVIT3h0 +UDhxL0lzZmN6WjNjbE9rT3JCQQo1TldzNExWSkRTQUtFeHJVcXRyWmJkVmhtRy9Q +a3lkcEUxaUhJbUhvR2gwCi0+IHNzaC1lZDI1NTE5IEY0YmI4ZyBORFZ5K0xoWmxy +cEE2bmFmc2RoUHZITDhhVFhYdG4zbWpISnd5UUt3VFVvCkRvNi85TXpPRWZKS1VY +VktuaWhIcXhEaXpBTUtQRWpzYjFwNW9oMUJQYU0KLT4gc3NoLWVkMjU1MTkgd2Ry +WkpBIDMweFFGSmdXbXMwM01xN3BvZVdCT1dqc24yTGtZeDM5aXhZSUlMOGxMd3cK +M3BLTTlkdGRKM3FRMHhuSFNPdmtKbFRsQXdqRjA0bnczNDlGVnoyV1BzQQotPiBz +c2gtZWQyNTUxOSBCWUtHK3cgYTFNM3lTdmxSM1Bta2dPcTFQaHdMYjhYRlhBZFhR +ZTJXTnlHWE9uMEZVdwpwVnNCaHFSZDR5MytVeXpRYVd4RHUvQXhvN1VVS3V2Z3Iw +Njc3YlgxSWpJCi0+IHNzaC1lZDI1NTE5IFh6Zm1hUSBONHcrcE5JYVV6UnBFNm0w +TXpZSHdIN216bzVxREhTQWpJSFlmU3ViWEZzCktKcW5vSmRZRXJVL1RUMUFoYWFh +VFlOLzFwQXpBUzFoYzFRNWhGMitCR00KLT4gc3NoLWVkMjU1MTkgNWFkcU1nIGFp +MGhSOS85eU9GZ1RGWGNVZWV4aFBFNGlvY3Z0RzNBcThjSTBFYWkreE0KL3d4SDVB +eUc2WTdHRXdGa0l3eWk3ajJsNThFNk1mSVEwS0xGMFo2WW1qMAotPiBzc2gtZWQy +NTUxOSBaZTFNd1Egekk5Z25lRjYrYlhDRzNyY3E0MUR1bHI5a2hoZGNoWnNjODlN +K29tbUJRNApZUDl2M2E0RTVRRFlINEgxRkd3Q2pIandQNlBhVTZiRVhtQUlPS1NC +RHRrCi0+IHNzaC1lZDI1NTE5IHBlRkJRZyB4OGRJbGVLOFdSaXljcC9tVjBkUjlQ +ZE9RSzNwNE0xK0w1bDdmay9JbFJFClRRa3JRSzZVNmNOMFR0WUw5MGxRalNlakJE +bm9MOVFMSkk4RGFCWGdrY2sKLT4gc3NoLWVkMjU1MTkgOXYvMkhBIGQ4QXhoczRI +QnJRTGFjanFBenE4MXRqUTRSQkFPUmNiSkJGRHBpQjVxeEkKZjBOcjRMVVBqZ1dp +L2Zjak05eVE5YVMwVVRNRkk1aHEwSkVaWE1ReWU5awotPiBzc2gtZWQyNTUxOSBS +NSt4ZncgYzhHdVZINWYyNjcvNE02NUozc1k4SjMvbTV3MGZNT1VkUFVXbjZlaHJn +UQpGV0IvTXNDQUtjeWtIVGhEdmdsRWNRQTZDdGc1NGlYdVVudkNCaXlPZ3RZCi0+ +IHNzaC1lZDI1NTE5IFJvWDVQUSB1NnVjSWdUSCtsMDRjT2p6TXAvczVaNnFXQ2dL +bTFNMDcvRVJzV0xVUVJzCnorNTlvUGJlcGk3ei9CdmxNczVsOU9DUjdTWjY5VE03 +bnVNUnNHcjkxSWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGhyM0x5MVhiYUQvbmYz +MnVHTWpjYyt0WWQ2c2FzSkYzS0U1UUZRdXZSQkUKU0VZV1NJaHNhS1djZTY0SW9N +VGhObDB3ODg2bVVxcFRwUFFFbFBYaG01RQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +VFRSajdzckRtZU9ZK0dwcWNld0F4Q0RCb0JOOVJBWTU3Sm9WQUh1K2xEawpXQW9X +WGYyRnNMcmZ0TFZ5R0FaYmdqMENPVmU2b3B6K00rUFYzQmxEVFdrCi0+IDs4NnMp +bCktZ3JlYXNlIEVkR1IgKgowVGZnVEg4cU9kMmIzdWFZeE1nS2RCYVNXV1hHb2p6 +WVpqLzRzTWVOb0owbHhweUdpc0pHQ0lRY2hMQXlqOXpFCmJhR0lBWFo5L0JGeTgw +QTlHcVhIM1YvOC9UTnlCeVA4a3ZNcQotLS0gSHYyY1BSc0NqRExDL0FWSG84VGhT +OXRKaThvamhmNTdiUjF0QnNRTGkzWQo3Bxz+qj6gbLsTNNM/3Dp9ppYrGXHccgee +o9KJs6L9AadYB+PrcseM6DtNEhupvy8zXP6txbVbfP2Xus7j2sXmj9uM30HUn60i +4XRoL1snQIhfjP+YNp0QkvkHtZvXzraM +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2bitbucket.age b/flakes/secrets/nix2bitbucket.age new file mode 100644 index 0000000..0dd3a93 --- /dev/null +++ b/flakes/secrets/nix2bitbucket.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAxNHJi +QjBYYnZsZTl1OXRwUDRXSGx4MmJOdzhHZXY2NUlaQ0hocFdlV240Ckw4U0FNSGFt +SmF1aW5mM0lseFZDUDR1ZkgyRFdkbHYrUHdITWUxanBrWHcKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIC9vS1U5ajZ1MS9sdFZZbWs0cmlvc1VQRVNLZUxiQkRrS0xtWWx3 +LzMxQm8KdmU2V0pqZnNMajc4SVk5Skhnd0VQTmViMERIMWtqMEcrUGpHTXkzMGk0 +QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgS0FzbGFCY2xtQjdlQ3p4UjJjUVdNRGsv +ekwvcWhEK2o1OFkzYW1zMy94ZwpSQTlwRVlKb2x3SlR2QkEwSFlhRi81bGRObWhw +OU9pdVBJcWRyZm8xQWpnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA5ZGMrR0xRcXJz +STlKbGhEYkdOYlYzZHBmZkJHUTVYSndEZk1ab09Pb25vCmJWVDZCYmVTSW5nRTVX +YzFHTnRMeGt5WE1Ydk0vZ3l3K0NhckwzbU5kN2MKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHlJZG02U1JaZkVxVnhSc2VVZ21sdmJlMUh6eWhhK05lSkhES2J0L3JEUUUK +K3FacHVNbEIvWk5QQTV5RHpOU0tpYitJek96YjF1a2o3dTJmTnZya3lpSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUmcyWU94VEI0Vm1vUnpBWW9ieTYvQjFBM0hyY0ZU +QWZoaUFmSTRlTEFIZwpINEFkeFJnVVNINWlBaS9UK0V5aExoMnY0TDVjSFdITEJi +dzFpdm9wRGJBCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB0MVR0bE9tMEw2bzc0SHpY +N0JFWXFDbFJ3M3Rab2VtQUlLeUNUU2l1aTBNClNPTGpSTnFGeXpBcStjdnlmWllx +K20wdUVVVlZnb1FJbEdlQXVTWWpudDgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDF0 +ZFlkaTNOMVNsV29rREJpaUdXSnFuQTlyd3pyM2I2bUtPL0ErUm9wR3MKenNsdEhl +TDVjSmdQSXR4S1ZWR285RTF1T0hhNEg2TFZCUXAraFkzdXo3awotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgVVNrblluWm1Dck1yelpURWZoeVFjaUJFaXdkZldOcCtFVzJQ +ajZUTmVsUQoyUmI4Tmttc21HemZDTmdERFhxZXlpdG1RVStiems5cVNaQWNIM3dv +RlI0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyAvS3AwTW1kaUtlQnpjaXByQU1uRVM5 +RDgzMVhBSFRWSVdwczhxVXdUWDBFCnBDNjEzU3BUcCtRM2tDUVRBb0Jqd1pkK0Zo +WWJEb2gzaUlPTGRsZVlzZ0EKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHRnQndCVU9J +ZlQrdi81b2J2cmNzdXR6NHI0bW9LaHJqRlprTWZJM1RiRm8KSmpVQjF2U3BuVWVz +Y2orSlc2dUYrQWRYSHFPb0JRZloxZHo1KzduQkJycwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgVG9LQnRwemt5T2VSVFBVK21acngxMHRDNDNxQlFxZU92NzRuK2U2aUwy +OApXamtRUENLSVBBM2ZmSVNtWkh1TW41dEQrRkNYQndBcUlOQnU2Ky9BMzA4Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBveE5LTWhRZEhzeHBQVmo4amNBTzlHWlFVYURx +T3plT0lPaEpsb2F0RWhVCmh3aCtsU21zV0pYQzNmU3VqUXhhOHlYVEhsWDN1eHpD +UjRjVkEyTVhrVjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDNMWEtrbWh1SWRwVUc0 +Vm9uYlcvK01xcEdSWkZuZzl4eng3NjlwRXNPamcKYlArYXkxYlMybTE0UnhvempS +bmlncUJtWjVZMWdHY3VvTHNvdExib2lzYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZnJtVEdzL1RFK3M3TGFpVGo1Mi9aN1pLRS9TajQ1MlNqODVad1M4ZDh3cwpVSWpy +elZlT2dWTmhFaWJFUVFXWU5pT0dlam1jU0R2di9TUzVjUlY5b0RnCi0+IEJ6cnpI +NVktZ3JlYXNlID1YU3I8WkNjClRpZ2dHWkJIaVZVVkNwY1JwOFg2bTdzTnJBRjRs +SytLdFUyRldoTlpHSkRPY1ZQODRYY3RiVS9VNWtPeXBIc0MKeEdJY3UvTWdEZTVa +RXNvCi0tLSBLcUNEU1JhQnRCK0RMS1F3VEt1Ykl2MkhROG02NmY5bjVIem1JeWdQ +TXZnChn2UP3yo7fmH9JimBCsA8X6WLurks8pKMf5lb/yh92Uj+mbIz5R07Fpq0aC +nLa9VhNeQU4nYkotJUVPRGhBlh7xaVRoeaRfRy8n34TKNU+PQUFz6gv0OHkMDOKh +B3Z73OAJGaFAX1Q1SlM96ejHVMRdr8SNQao9QJvZq9EXyrejV1L8oS7cKHObfkEi +ylUPlNsH375zQ+rizYqO3jLBGNXpK3RTOX/3xadbAeccyBLrSaoE+eQi2nba2fSb +iLd6xNtltmDy4AzRwpmMPpD2EUlTV7iBCBlstK6v7k+VOAyH0PGIXTVUlHs8VORI +PHx8boVaGNn1b3XSD3CTflCRHxo7gSfXzcDEnfIbPsz97Z8GdQmV6fqIoWyWS3ZM +DFYdS7VBuKA7lUy9fu+UbP6OFjTu05rg35OcM6uzF6U4TVbKrGzaeyZzrokcXCbo +LNYJaI0FY+/bznL8/YqU/EJsAzgSZLApIzo3wLJhd6YK9Si17Lgf5N8sfUvHN8ax +naRZp7SlPmmzyhO82KwI8FXM7E+0mZ3CjfiEUmq9dz2plRGJaWCdMJ/SUv9EcTvG +Z/Uo +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2gitforgejo.age b/flakes/secrets/nix2gitforgejo.age new file mode 100644 index 0000000..9e9ac24 --- /dev/null +++ b/flakes/secrets/nix2gitforgejo.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBtRTlJ +RHRaRVFZZ2Y2Uzl5dEZXSnplMlpYdy9UVVdvb0dSVFNGd25rcHhNCmp3ZHFneUJU +eW1PaGlncUdmVHNWblQvbkVxUDJpQ2p2OFJFVGtNb0pZcXMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGdJOTRGVktSY21ob0JKam8zaDN0bkhIQjNieTVEcFl3aVBpSjhw +Nk9OSGsKVENrTkd4cmdaUnE2VWR4SU1ySWdvZGo3VnMxTFo2dklwSTFieUwycTdr +RQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0plOWVNNTNNTkxhSVN6ai92aTd6RFJ2 +WjFRMzdJUjAvbDN6MHVOMTNncwp3bVREblZMUE12WEVaOGpLVDBYZHdILzQ2UVBI +V3MwTTFwb2dwcDMxSFBnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2L0NONmxjcGFr +T0xaRnhHQ0FFVVlseUtKcWJZbi9ISlZIclVOdTRNRDJBCitWRDBvQXdackV6QTRu +S1FPeXdLZGpvbjhBYllVY0UvZ3JEWWQvMHNOS0UKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIG9XOEhybjJFclFKWEhQeDlrY0xVRHZOcHQrK2RWa0hsZTc0eU1qRWlNMTAK +cnpLdGRDejAraERuNnVlZDBVV202TmdlSVREMVlPWFhpckdPY3Q4OTY0UQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgQWk4Q25xSFZSbHo1NDJ5VnJWcVN5L2NIQi9SQVJ2 +aWtWSHR6azk3QmhEYwpXQUtjb1JZSHNuOFZHWFZYcy9HdktJVGpvQ2xuQXU1Sndi +YlRWYWhiVmd3Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBOZWtBQ2NDVmViYm9uZ2hu +akhMVzNlQ0hiNWEybVE0dTFwWGRpMlZGZlZJCkJncE1nTlZTaEl2dW90bERnQUhO +SWd5dzhYa2RMRVRFYS9rdkdEVTZIcVkKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHNi +OVZVblBBdVFuVE4xVGt1UzlMNDVtWGdBakVJaDVjanhmYWVPV3RXRjgKYTBOREpS +bVowSHlySFg1QWJFK0pPdnZJS0VQcjdXdERRbmdsOUFTeldMdwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgdWY5U1BNTndYYWwveCtjeUxHOERGTEhMMXlSSEpyV0gva2pw +ZHNzSTRsMApQSm5BUmdMODZ2YmVaaFNxQVFaYk5KWFVEOVoyQjBQQzBxM2kwZEl6 +eXJjCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBVbG9ONlVPbW1QNmxENGJERGs1VEJU +Q0FhMlowVlZVVG8veG5tUWt2T0VJClJPZUY1T00vZitSRmdhWklrY202ci9yRG9M +RDRiTGpKWis5ditDVjJIRmcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE1SY3pidWpw +TmVNbEV0ZXQwTDkzdEtkbVIwd1BrSG10UVhBRUY5VUt2eXcKSCs2VEc1VXhXWXBY +UHdRVFVtaGJUK2tBWWYvQTk5V1dEcDVReFJ6WkNJdwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgVE51VHdqeEF5ckRqTUVGWGw5SGtkRGJCd0xoZzdNbDRUajZPdThCQk8y +cwprTW9tU2Z5d1RVRWNkR2M0WWNCRTRwb2VWcDNQdHFCWDBHZDhINUduN0djCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBOZlB6aHRWRmthWkpuekNza2tBUzRiNGFkSTUv +WVRNRGFKZXZ1Sm0rUDJvCjV1dzlyTFZxYndvZ3BKNGU0K0hwK2VhSmNYcmFHZk41 +RTlscS9uODR0R0UKLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9sLzYvYnVpenRFUlZO +cTVmVnBpLzIwNlJrU0xYOEhKWStkOGRDU0dkVFUKbjlVQTlsRnBCci9ucUNMNkJC +WWpueFlqclA4YVc3RVpXeWZDQ25mWEE5YwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +bjJNa0RIcGZWdkxCUnBsU0p4L3lwUDdia3Q4L0Y3cllYVGJuQ3pZcjV3UQo5SGxu +SlQ0cFVOM3ZRZ3l0SkdVdk5vY0NLcVUrRXJ3SU5SekxaM1NWYy9NCi0+IEdTTEFp +OSF6LWdyZWFzZSAoJmR3Vi4gU3A/ICNuLSA7Ck9ZSjhhci9nVjl1L2dIR0twUm1i +NzRSOU1DM2Rwa3RsYnp4ZQotLS0gRGVpRXZiS2Vlc25HN1M2M0kxbUo0Uyt6OHgr +Q2loS1MwVzB3Uk9mcTd3MAr1KliXDwBENE5rxqhvy1XX1d59XdiWeqCepnPm78ET +YbVM6FN9H6UBwiwClc+os59UY1lxNyjvefVOfW4V0Jpo2f2aFWdsJxoJWSdomKzG +N2wQ4Yq8ESeuz4g7pwxWB3RsTr0w6Rnzuf7D4Syg9rpX1pqVinFhLOki1aK3ZIdk +tqhjkKFgWQbBM/6540W14uw1fPTIcdX8v5KHbTc9XyNA2MHamFc1GooYduqL6Ylr +ij3hM7/z+TdXxGu3+kqs3Yh5MFd+ePB+LFgAqiW3gv9nD5RmH3s/x8Oip+RLpoTw +7fwo8wgHByoDK6gz2SAOZ2Q/Px5YBqivleT0oVdrd/quLN5lU2aQt3OANTxzF+bP +DaAWwv/7pTaLB7lyqCTSw+C+UmgVXmnOi2MO7ex3tImNzwGVQfZG9mc5k13ltwsq +uxC3T9l8+fuo4iFUwCXfXlm3ZmcIcpjYE6rOlV4Y2EdmwwvwRhMljWf2OfNHlq4e +hLtKvsHf7+pMAX0ZsZMig6KH09V/RtGUr9KBWVG8CABPnPJBIzlGZPJdmO+G5eAx +cEUUkJzlcSCF6SDo1zG7QcT7vRSX4FjvOY579w== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2github.age b/flakes/secrets/nix2github.age new file mode 100644 index 0000000..f56d0f8 --- /dev/null +++ b/flakes/secrets/nix2github.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBYU2N0 +a1MzODQzb2JUbjJyQ0xTbUxlbjhJOExjNm1JOFd6bDNNZEp1TlJ3CktCUXFwWTJ0 +cUZVUldoRStJRHc2cjdwa0szQ0VPZTBsV0NiK2ZmQUQybW8KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEk0R0lSUitzVkRQb2hQamt3cGdQK1ptYXVkUkdXb2w2N3VsY3hY +emdNM0kKYXhod0FVMzJ4dFRCZXZBQTBJcFc0RWRsZUdqV1FkSldkVHFnbU50VlNx +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgaG5Fc0VOUHdJWlFsRGtOSEwxM2RHZHdh +anVJZWlOZ2dBRStmRkc5WU5nTQpiQzRwMnBIVHJoQldJeEdrOGVha1phbGRKZGZW +SGZiWUV3Rk5XdGxUZjFvCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAzN1A4amFYM3Jt +UDNidlBaRDdpSTNLb1dmTDY5VDArc24yUWcwVGwrenpnCmoxVnlEMTFlZFhEeE92 +ZHJaeFJCY25sWTM4NWFnQlhpbCtodWZyeTVoaVkKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIENONGFuM2ViOHRGa1gzQS93a1RTaXkwVFlYd0tadG1nOFhra0VHa0Jua0EK +OElXcXgxd0FuVys4eUZwSXA2eCthRFNRTWpmSDFLU0FqSVlCUDJSNVJCOAotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgOUtUeUFubGN2RUp3eGM4d1J3ejFaSXdaeWg4MnBu +VVNmUE9VRzdUNThtYwpVazRGNS9GMytrOGdBSVJhcWJ3TDNDUWVOMHFBd216a3dB +UkJmNmpSSkZNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFaUVFcE1aVnNrekwrZjdN +L2ZYZ0JreGRRM3FkYnFzdlViVk0zajE3ZFVRCjA0OUlLczBmaEJMMC9EU0k1K1Vq +Wmk4eC9wbXdvWG5UTlNMYlBiSTN2RVUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHdI +RHY3U0VuekdYOS9FUVhBQlVtUlNQTDg1dEt3TnFzVzMwOTgyQktEeWsKRC9TUnJJ +cytpaTRGMm5wcXFuSE5ReU9seGFUWlBSa2FxbHQ3eE9Idmc0YwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTmp6SnhHV09BbzczdmVoaCtnOFdYaHorNWpmSDQwVmtJVFFx +Z2FTTnZWVQpnK0lTem9uTE9BZ3FqdVJ5YThmZ3o5RjlZNlhTUW5Zc1NsM2FBa1gx +RGdFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB4ME5DK1BQUVFLcU1tYVZadG9hRVlM +WGFnd2lIVVNXSTNkZnhIaDNNSUY0CnpiUEZKeTVHTkFyYUdaeU4rWE54RmIxVjhC +NVkvQURrY1N6b0doN3MrYXcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFZraHhvbndT +c085d1BFeXE5bGNWcitZaTBKdVduOGtPeVFRam1aWVpyQ3MKbE92VWFqVXF4dkZo +dElDN0p5S0xXemplSzFWUlJaZ2M3Uzl4UlhmOHllUQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbndmTFpuR3o5QzZsZzVBMzBnUlU5UGFoNFIrc1dYUmdCdHhYa1N6d2JG +awo5amhkT0p3YytiRmFLc05GRU1hL3FMbEppd1Vpd0xCbXE2T0dLanpTQ1pnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBUQ3c1Rm52cjl6ZzhQNTQ5R2NEWTlWUlVNWVJ3 +VndHUmg4eWIzNERGZWxRCkNRZk43YWUvc05nYWtFYVlZNjBQbnNhK3RXTjZJMkU1 +OG1hcUtoUDQyUjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIHJGTk5SYXlKZkx5cEVJ +dUJQTVNkUWVkVCthU1c0eDMvbGJWN0dKU1dSeU0KYUVQMTFSNVNnZEFxV09UVHJm +VDhMcElMZ2NRQWVKSXJITU53NlZwK2dPWQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +YVgyMDhXL0RsaEFxSUhGTVh6c1BUeFgrd0lMUDg3blk0a2pocVJMbVZnRQpBb1hJ +c3pBOFRXMG9kTEt1Q1IvZW5GR0F6UTNLU3J6QmxGWGljT1pzb0NBCi0+IHN8OGhP +LTVaLWdyZWFzZSBKcTpVVyAvQlZYawp6bHZOYWpabVJhN3BNVEpQbDRWbUh1c3BP +UXlsSzJWdUdPMHpuWmF2QjNQd0ltUQotLS0gemVvbWt5LzErUlpmZXFxQmpMZFVq +czhiSVBFQVBVVFo2Q2hiaXNWQ1Zwcwrm4hQtiHjacGXqxDf8QBf6AdsiCFad+cAu +RA/fKJMnq8zc6NUDkvEAxrWxFLpLD9amqaxgh5889mWstPGaeCQEcWfjO7jl2jsM +duZsH2rtqfsaoWI1tsUiVKGtgprkI1TBwbtFYQ/aC+1AzOP4rnmuu4T/kIDbP+rn +SlILVnc458dAsDIUO0vYzNhy7z6oG0Nf6TnPehPocIakRXoLSN0d7fYmC5GDD+8m +v0ucVjpVlyXCyOHbl6COgLmz0HglXaQba+K1ZFWJJXwB3Ej/wYaS6r5rChe9RKJJ +tlCCDfOmUC1BgNH2PbPsaDwVmPe5itsAoJrzvq2mR5ho6kTX0dAPnu6A50G2TkTq +7OtmvcjVarHKO5mRLSaGKgBnxcdI9MPvKdLKb79mBgmp7lWbKqOfQL8W+mfdxWjI +F6DEPQ478W7QF5tIWYlHsDS4R7hKr7DPBxGLZEhKUYl6UJd8BietDQ+Pti19uoiC +1qwFIGoKGteEsW5HHfvxdp1hdboVoOh/MzwpksNqMOZIhS2aAr2EKQsUBB5TLL+v +JdEKGcLiRuxqa/6mVuEw2iqUfSBK+A== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2gitjosh.age b/flakes/secrets/nix2gitjosh.age new file mode 100644 index 0000000..3abe011 --- /dev/null +++ b/flakes/secrets/nix2gitjosh.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXQXoz +bGYwc2NqNDBVYzVkeGxldnJxbjZ6elgxUmFoMFhuK0pvTTRLWkhBCmx4RUxONTYw +VXZGZUtQcnFaRXhuODNQQjhCRmFtOG1TQzQ5Qk5ua0RNQ1UKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHgyQjZBUjVNMTV6cG9LNE5NSFBMc0xid01PQUEyeVd1ZnBEaUVM +Rjh4bncKVHpqQ09XVk5od2F1MW1namloTUVMaEpuamlZcWIxRmsyRVIzV0RYZGxL +awotPiBzc2gtZWQyNTUxOSBTcENqQlEgN2s0Zmx1YjEvMlIzdElmeTcycEpNcHNJ +UUM4RzBaZWJEYTNUK29vOEdHMApkKy9SSk5PT3ZaQXQ1UGFCUFFvVE95V0tBZk5v +UlR1M2tEYWtMK1hSU09JCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2YzQzQ1J1L1JG +MXFjbzE5eUhnZDBjNTJGOEZwOGwzSmsyRUZhQzhtakFFCjVQYzM3VlpWR1I4THd3 +Ky8xOEd0UE1hVjRRS2RiVmUxbkpmdGxLR2RLcWcKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIG5ybjFTUEZ5OFhpUkpVdnZHNnZ1eWZGYnNQeFFvaVNoQ1pVaXJ0ZkNna0UK +cUx6OWtid1FRaTRLMy9EaGk0K2NKWE00UC9Ec0FsUDJCODJzNG0yYXJPTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgdG5DRTY0QzU4MjBXTnFWT0NiclJ5M0g3eG9HVm92 +M1RIdFdidm9hVlpsTQpFZEd6QVFjY3NLOWVXeDFTdXZPenc3L284bG12V3dIVzRB +QUZ3ZmU0VldRCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBHQm9ObTBXWUh3YkRSb2VW +ZGE0aGFYM3RkbURpYlRTL3NMek5kZEpwcXprCjFHL2JIMFRKVitiamRSM3dHNzlj +ZENNZHFIOVdLS2ZOb29RU2FKd1NCWTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIG1z +ZGpQQ1ZDSVdLVE1EVUFRVW9RZ0QwbVJPSUtIYTcveUdBaGIwb2oxbVUKZGRQcHNB +WmJuN3B2VGVlUEJLem9ja25wSjlreXpCOEZUUnZnY3F5YXR1VQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTmtoYlhWL2YxZFFheEVCbWMzOFpwendzaFZsOEIvN3VzNjlZ +cXNsUUduQQpacFI5ckx4TGZPRnp1RFM0SHJlS2hLMnU3NURJcWJKTEZscEpLVU5k +MXVNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyA4dFFyS1h2bWJFYXZFSkpaNGVkam55 +RXMzSW94NXZTVy8rRHBWOGl4NVFrCktPVWI3VUhWZGZtYlNaVm8xTHZiTk9FbWZ6 +OE5WYUhaTjAvQWFxWDdyQmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHZYT3dNK2cx +UFpSV2dabnhIcW5HMlYzK2UzNEorQ3BaRTg3NVJwYVM3MlUKeVJqaE93N1lLdkg4 +UU9VaWRpeCtWQ2V1bmkwMkJvbE56U0lXcEhMVE81WQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgMzJUS0hEQjlNTUEveGxXdHZGVlY5ZjNrZTF1QWc4eEhiUmVsUWRBc1FV +awpkYXgwL0E2cUNvQzRCQlVHQWM0djh5RVJ0SFl2R1p5ZzlEZ2lZV2trTit3Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSB5bDh3ZTBqWE5wNWdVczhsaXFJaXdEZXVBSzND +ajN3WlRVcmp4dW1FN1dzCkxMN0wzV3BIdHRqYXhmSzlLWE0veWJHVlNBOWFncFZ1 +M0x0MWY1dmM5TlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpINTFDeUVTbCswN3F3 +QXp4eWMzTUdPTWFGeENOWWhkTTl3WnRIdk5sRDQKWk80VFJGTW5xdkwzMDdaSGFW +ei9RTTg5SFFVRktFYUlPYjNOT1FQSklZRQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZVhldEpReS9jMDRzcXhrZVRhSGFCeWphQjBUU3JiUVVYZnc0d1FUNFUwYwpLenBY +YXMxREFRRjZZTHBIUUwxQVplL3J2WGszNUhXSzhZL2hDNXUvUnI0Ci0+IFUtaS1n +cmVhc2UgPnMjfCFtCjcwT2hGeVY3b0VBSTZIZkI2bEVSUzR0bzNQQUVjNkpYZTJl +a2l5b3FNbmpQQ1F3ZTNDTUE5ZmNBbmhzZE1uam8Ka3BqWEtQVEIzOUFFQlV0TUl0 +QWgzU3QwdlRTWkdUWUNRRlB1Ci0tLSBaeUtEanlxcDV5Q0Uxa25hVnFiVW9KMTlw +TElTNVdoWmxlWFNsMXFlY0VzCpnuSzzkIeZRg56GdBS2gOTaXV70O7kR/9F7deO5 +XJOWo7ES0V1Y3WqNHmCsWHiqHj/yKT3JYBPd5p8tPzW/uwO/4KKfqaG5xY3l01Uk ++zsFTkQh5xRP5vtQ5Q9ztTVV3hp4QLVsBLSwGHMiJyL2BGawLD5OsSehBQ26nU4x +gmE2ZP8WWm2dCTGJBf/JQ7rl7+G54GRK6akWRCT+ZzL9OMA5u3dgyvE3w5Q04K34 +sY8WJIDaUm/Gr6JB3gHTfHaSsqx5NE69EZ2we4qdUW/ATeIa42NLPOYvShGzJdNO +nWC1vemKsUUDR1KzfoZ6W5KM1Dl6f0IzC2e3gAztH0FtZO47is1Lx9jsbVN/FRh1 +aM2bk4LUfsH0CtVqRxEqVg1gXzB+ICe/K4xU8OB1g7uzTYS/rZc1KG2sHJ0fjXUV +m0EdIMiJi4uTltakDrVGBKiNhQAz4V6t/kKkONvFg6wFoVzgm3kOxfRcryWfF0sc +VDaa0kOnDFS/MuIsMENJ0XP5mTO/BQERY4m423nY7hH4Ud+kU9k8zQ3gdNIGwCEK +1j0P61nlu6Y4lSO6UaNgr7xl +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2gpdPocket3.age b/flakes/secrets/nix2gpdPocket3.age new file mode 100644 index 0000000..206918c --- /dev/null +++ b/flakes/secrets/nix2gpdPocket3.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBGdVY4 +TnVkZlJ0elRhQkRSMnlXUjNNb3BQQmVBbmhYYVpqOUx5cE81TXpvCmNYUG5rTjlo +RmpNQmFtZlBwWXY1eDVzOFh0T0F3d210QWRvOEZnN3VyK0EKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHd4TmdIeWdiTXk4QWwvdURNQ3NtUlpNZWpnT2hubUk1RTUvMFRG +MUtEQnMKTEZBV1dPOXlQOTNSNVZVcXUweWZjc0RlQzFybE42Szl3WkJCOWszMHdN +WQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0V5bUpxNTVNQXh1UU8xYmJLWEROTkRr +UmtNOWQxbllTMW5BZzdNR1JpcwpCMExaYmpNbW5ma3N6SHBDR0lZdHljNDNlNHlM +TTJrTnpKanIvYldhcU4wCi0+IHNzaC1lZDI1NTE5IEJZS0crdyB6UHBMWXNCZ3ds +S1RQL25SdjVkRElKMjYzUXFKV3cyZFl5VlhvQ3ExeUQ0CkdGaGZrNGdZZ2ZsTUsy +amVPVjhjMEg2ZkM1NnF0cTZFNGhFSGpYQzRNRWsKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIEN2bWhSc3AyWjlXWk80NTVpbkkvTllWbnJScS9XWjQ2RUd1OTkzMHRzZ2MK +bzNETWVrVFdIQ0VvUEZSY0N4T2Nqd3c2WEZWS3JqZTAxaTZBaTlmOHpZQQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgQUsycFZocFZPdUxQM3MrU0o1OGE3Rjh3SFlNcXdo +MExnb2hBbHdoTk13QQppenB5THpDV3VXRHdZYjJJc3dPUW9qcFBydUs4ZXA3Z1JO +ckl1ZVJjNzdNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB1MzRNMUwxb1ZESWJrMVdv +RkMzOGJHYnhnOFdHQ2Y3cjAyemI2bDJoRUIwClpnTys1eEFlNkZ3cStndjFyVFZF +eExaQ0JDRlhGWDVyRFNPR3lBRUdITkUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEJB +RkJ2QVZsWjdqQW1TeVpCS0tpSTFiZDVYOG5ybG5rMjg0SWVTRnlwd28KZnJMVE5C +M1hkRHc2K3RCZFRjU1ZyeVR2YXhWT3ExNGVRNGRMU1NrYk50QQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgYmIwbXd5aXlFUUhJd1VORmxjb0hQWmRZb2lMZ2xBdXJaTmx5 +TEU2Y2wwbwpOZzNJQ2kwVUxBRVcrYjBOMWx2V0F0dWJCdnB3cXU5S2tnZmpQc25P +NnZBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBCU3QwNjdGYXE2RHZtNGtHTVdRbmsr +QzgweFB6V0xyV0c1NldBeGR1UEVjCjBKN2pJT2FJeFZUNDFKRnJMOFBWRGRDa1JK +UExOZkhwcW9WZWxqSGVwbkkKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEE5TFYrV0wv +MzlicXhsUHNoblUxa1FlSFlmMUhnYy90OXROUkIycWFFRTgKclNPSFdtVzF6Mml2 +KzJhK0hmWDIvUmFlSGVLQ3l5bElLY2N4aWxkNFU1MAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgOVkvd3dmV0hhUmwzQlFBOEs5a1hGUmMxRU5heFNaZWhGcDRYdTd4ZktW +NAo1dGsyMUFlV29hOEt4R1l3S3Y4NndrbHVUR29sSkMvZ0R2SXM3TG9MQXI0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBTclIxdXQycVZlckR6aTZvSzJxY1ZmSVJWNk9j +MWJBYkp0ZUtvNHR5Tnc0CitlQzZDUWw4M3JNSHVkQ2U3MTdtTFBGTmpLenR3SmRw +NWFaNzFJSHZhYzAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDcyU0ZjeWREdFJrTEdk +c2RGY3Q3cE0wdDh4SGRJUVAvSzR5WmFENWQvQzAKVTZraTduUVg2RHlEME9CcnVq +MFpCbHBKVFNTOG1aUnNIWWJHUXg5T0k0UQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +YSsrbmdVOHplU29GTzNMNVh2aE5OaENXWHE3SlIxa1NuVHI0WEV1SG5sQQpuQWJP +MnllQkFSMDd3S09DNXhxU0pEcEFGRzZabGkzTlM4ZXBNWlRkMU4wCi0+ICEtZ3Jl +YXNlIHlEWmUtSzZeCm56bkR2UUV0OVJGNENzRWt0M0NQSG5acHdQazJFb1JFdGdq +aG5Lb3BtTUF5QmtKaXV3YVJOTWpMdnRodUx3NkoKNmpkeGw1dlB1NmFpUk1RbFEw +dwotLS0gc3lycXhWZXBmd0srSjhPTW1vMmN2REs4TWI0VUhiaEt6ays0akJQSkhs +UQoyTVD7Gbo16BII9fA/kbWQA9cLwAIJC2eJldhHa1Z+/nCLTYoolHFvhDF1kNNU +Q1VUi7Hwh3WfIZ5U9S8Bb1gtesAXrjAVoa07IuuELmY8P1aVnhO1Dh1E9bXhvjs7 +T9Qz5iA0R/IcMGzP1khAwda9urAqjtqjgNJOO9tOnKGOfCuUDhsPVqCZAfag4MeB +A/UbjmKvQuoMLnx4r8AdZB6hEC6OvT0d26e1EzT7o4C4nXYk4+ocvNY2kp+9N8d6 +C5qxI5juVeZenESlAxQKqaih6wUI5Hb7vlbMM3LvQqmSdwspOCYvji34LTzE2Vl7 +fTb9us7PpueVWLfzF2ea19B2CNZR6VWJ8d2WNDSGhoq80H5k9fawhq/PzgB/CLzB +dArCKrT7pL/L4oQVXuRC+2dKSmOm+hlrWHS1rwWEbgA7iQV8MR7eaHjUKEpRYC/W +0oSyCsBNRTJrTQEZfknGgIK9dAKM2Mx1rw/1AbPrtcJe7aHI0R1wK+bSgXOrYgWX +78V0+RseYYzyPgb6LUwkrA1MAsMp3NqQFts50DZ/x5ZBrKGWyEWO96Sg6oMCz+Gh +2S5P02QBaoTSyuhHpg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2h001.age b/flakes/secrets/nix2h001.age new file mode 100644 index 0000000..07148ef --- /dev/null +++ b/flakes/secrets/nix2h001.age @@ -0,0 +1,48 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBqZkZV +ZFlDOTkvSkM0NmFlOHlIak5KUkdEZnZJRnJOQ1hLc2pkc1pGODFvCm91Ulc3aEkv +NTUzblR2ejRzM0I4TnoyYVlkQTk4d2RNSTRUVDJ5bzQwVnMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDlwQlRHSS9Nd1VZV1BRRUVRRTdjWGdKQ1hiRitPMi9KcW1JMEts +eWpnVFEKZ0thUVhWbDZxSHY1eFQ3OHl1R2JzRDFRbkpnMkVQRGhUYi9oa2luaEtx +MAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWTA4bTNxL3E2Q0h5MWhnN0x1a1N2NWRI +K0JteUdIVTY4dlhtc1JYQ0pFTQp1Y05ob2hRcVNhbzJpSE5ReE1hN3BlTEsvdUtJ +STVRdlZCWW8vQWhOblhjCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBRYk42V20xZS84 +WGd5NWs0d3ZmcVdKNWU2NlBrVjM0OEdXRHlVaWRORlRzCjBZQ3JaOVFYazVDeHBa +RVhieEZJRkY2KzRSZy9LOU50VGFiRWtsV1FyUUEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIE5JNWQ3SHkzcXpGZEZVRVRZZC9GRVRvWDVvNHZkbGpEMTIzUjdNME9YMEEK +UytTTVlUUUhjaGpVZ1lYV0ZETk04elYwZ1FUdGVlMURGV3JwM01qK1M2bwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgRkNvUjEzdVRvbUxyMGQvQXlTU1NTM1NWd2tMdW01 +RE1zd1ppRGt6QndoTQpJckl2VitBR2poRHhmV3RWSXN6amg2aFkvcTd3aTRIRkxU +SFBMSkVERG9JCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFcStmN29VTG1jTEtiMTho +V0hJUWFxemRrNnJxL0I0T296bmlvQmt4eEdvCkR0MFFORzExZlhDVXpYT0VlQ2xY +SklsRkFMVDJzQkpPemQwa3NOYUg3VVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDdF +YXNFY1F5MElweVhtQjdkQTAxYWo5Zkp5R1VoQ2s4dkhnUmRwV3R3eVkKQlZ4dTNS +QVlkR2FnR0pyQTlhSWRQNWtnT0dCbTE2YThiZWV5UGdUNFc0MAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgT3luM1VmQm9tSG5majdWeEh6ODBLSm56ZFpSTUVmYzY4K1M3 +RSt3cGMwcwpLUWpGREU3dFc2NFFtNVZGSDIzem0xZGF0aXVhUHFhUEIzWGMzUDFT +L3I0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBwUml2WFlKSFdnWWw0YXczS3hvZ1dH +d1BLYWNpL1plYXhldDg4d1BHYjJRClZzNkx4S0ZYY1MzeU1aU3d0TlBhcHVvNlJn +NDN0Q0wvTCs5eS8zTnFaK0kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDAzRk83R0Zw +ckFzZjNuSHRpQjA2cEsvTnRKdDBRT3hTK1krWTA1Ykh0WDgKWjlEN0NlYjYwb2NH +RzU2N1lzWjI3eTlCSXgyZUIrY2UxUzdwRVY1a3FVOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgYmNEaW9ESGVaS21NQWlITmMrbWQrekxQZXI5SExYbE94ZFhNcWtxSzd4 +OApkMzVTSHBSR1BLS25vaFUyaXZQZHE1cDhrTmZENGZNTElINUxwUzNONzdnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBqRXVCUEdEY21xblVXV25sTW5FTkxMTTJPL2pt +U0VDV3hZRC83TVVnelRNCmZXRnYzS2NqcDNIV1k1WHFOVy92aURVVStDQU50VmZl +T3lSZTNveWpNVEkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFc2c2lrVWZpbCtXS1Jr +TFI2RFRYM1BNWEJjeFUzclpXTUF2OGE3MmFNSHcKV0dHQngwRE14VlZRdDJqTHhQ +dTMyL0JMN3VRWlNRTVZka3VuelF3QW92cwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +d3JwUyszcTl6TU1XVHA0d2RNb3VPa2I1ZzFqdzJyR0ZTTTIzNi9VcnJqQQp5VHVh +TTBjWXgvb0daeWN0Ty9DTytRMkVES1hBR3M5YWdEanlYdDJSdU8wCi0+IF99LWdy +ZWFzZQpnZHBVTGZvYm1sWk85SzVOV3FOZkZtM3NKNlFLdUxDRkxBTQotLS0ga2JS +NGc3N3o1YjBOeEl0L3NVZVprNDA3VFpJdmt4eW0yYnJ4VWdkdXBoRQqosYCeWC24 +SETTy8dVYTN0kWZBhYxUQDb6mhHPZrLOmlNyDeambLNwpoGHGpxUy1vrYL5cOmBA +pZ4lLKvAvm+lj7FCqX7+uhQi5FohVTm9bz1IsJcId82yf6lLjc4p7M+ww6icM0vH +DHHsZ2ecQiJKOvf8BUGgAxBkkdy0MWVRAAtOAqadBRtaGB5902FOI0gWLyAyFqlk ++P/pHRfob8PlnWb7MTYsUVgIBtbV/hIcpSx7BIsPTsdr7yFirhfoC4giBMT//2Mz +e7NGN2bX93pAUPWK2P/k3geArT1zJoFeyOpkyIhnfeXaA8WKb5juA/Rly4aGUJO0 +oQKJkNGg3DPQMAEwwaijjuz19wd3o46o5la+2L/Yx2fCPDcwOyYzh8wVdc2eq6Ab +y3y1wlFfMLpsuBSENnCQTPCWimTOk2lPUKEjDtLXCtucwyd/fzjHCjF1iR5twVrw +id5+60bFV73v2QsQ6+qnNRj2Ea+LRHA48NtQH4Nedv8xlhgqkR0tD8mZc6Xo65MT +1Lj9suIPCf5L/j7GiX4MPDt/uptHJEckGMEo0rrwINBps7K7XrQLfw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2h002.age b/flakes/secrets/nix2h002.age new file mode 100644 index 0000000..c69d953 --- /dev/null +++ b/flakes/secrets/nix2h002.age @@ -0,0 +1,48 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBLNmRV +NlNNT0Y0cTZVY083b2U3K0tORkdxR0IxNExrL2EzWmM4a2hoUkF3CmlDWmVaY2tV +OVVrYTBXeHpIM1lkOVBPeG9qOW0vL0hmSlM5OTVjcFVNUEkKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEJJcGRpcnlSRGFtNzFlUWt2OGpxTUI1WG9zdzRZakpwUjkybW1J +MkdhaDQKNEMrT0VVSnZKYzZscWNBdkQzbXBsc0liYzI5bVBkZC84NnZKYzBtVEZ1 +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR0tSZVk3M0hBd3djZklhVmdOQk5lcXpm +d2NoL2RrVk0xLzNxRWVIWU9YdwpXQk0yQStOY1JFNjF0ZWhkS1gyWGRhTXpkUGdI +RGlOZlBLMnFaMGVVSjMwCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBBZDluVnlKQ2FV +NFBpZDZJQmorYXVsV2lHMTdLRkVjSjZPNHhCUk5iSVV3CjdIU1RaaEpocDF5MHNj +blFVdGJjR2hwczNOZmpZdElXSURLd3hpQ0xvQncKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRICtWcXVMLzdGOE5xajlBaWdoMk5lL1J0U3JCL1dZQmxnOFpsK0Z2ZzFvbjQK +ekFWSVgxdjZjQlkxMTlCYnNPMWN4MW1YY0xSZFltSk83RXkyUmZBakZjNAotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgZDByMm1IanR4ZE5EUExyTnNNVVN1RTdTV1BJak9E +TmZYbEZOSHNZbFBDRQo5YTZjcVBrbTExazV1a3ppQ1Y1NUZhUUNqWWhLaTR3NkVx +YlpzR2xNVWQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNMEt4UFIwb21GOHk2c25j +a0hpMkRQVGhCM2NFWmNlWXA4SElZUlQ1TlY0Cm9CVVBDQ21PbU1Fd2ZCclduMjdq +aXNuZS9lN0dicElXckxhZmxpRjJDL3cKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHA3 +aTJ5VUJROE1PZXlGZjF6R2J1OVBDUWF0N09TNmRkZ0x0YStxK2ZTU1EKWDBkK3FF +c1FCSHZvZW5YMHBVSis5N1pRTW83bnpQZGY3dTlOOGNJT011ZwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgNFhxRTdZNm9OUm1zOGpadi9jckxOMnRhbzUwL09SLy9JRncy +TTlzWUVuTQpVdUFtWTZhRStkN1F0cEh5bU84YW45YmxtYzlXR2NOdTY4bHRZZWs0 +RjlJCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBXdWo2c3pPY3hmRmp5Z1FFdERUUzcz +MXRRNjI0ZVlLUzArRFhodS9FNDFNClZyREpwb1IxdG14TFFSVHlkTFNVOVlzS3kx +M2FpSkhReXljSytVczR5MHcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGdIeFpXODY1 +QkM3QkNkMllnWXFyTlBpYjd2SkI5TlNoT1ZxSldCN2xGeUEKaU9XSkQ4Tm56Tk9B +Y1l3OGozSVk4M2ZFejdwR29Sb0NsQ0xrMmZzai9DawotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgUXVkZUJhbEJ1ZnFKSWRaVUIyK2JCcC9PbDZjQ2VlTURWMzBOM1loV2hV +dwo3OFVtR1JldEwwSjE5NGJKUEVyYlBzTmJIYzBYSCsyWWU2TnRwaEZLeWM0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSAwTkpuekFzUHZmWFdRSjRnY3YweTlWYlRjOW1U +a1hXRXFPakRNUzdxVWxJCnhIYU8rUGh4dy9HMGUrVi9aaU5uL3djU2JrYktaaTZI +QVlMc1VyaTUxTjQKLT4gc3NoLWVkMjU1MTkga0hrMmdBIERkVmp6eDBvZ2dXdURq +WlNwZjJMN3FLVXJEa2taYWJjbVlLVXBsbkl1MjgKdUhtQ1RFS2Z6U2t1M1MraWo3 +VWFCZERRZXJPTjBNS1FkdFZtdnQ5T0pBUQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +TUpKaThiUVJWUEF4aHZQMXpkdER3TzY3cWxWV1BEbEd2TVRkT2Y2MitqYwpsbDU4 +U05mN0xmY3pkNWtiRTBPSVgyUUhBTTA5cDc1aFJEUDBjU2owd0VvCi0+IHAtZ3Jl +YXNlIGxgcisvJiUgXWVsIHZrIE4KCi0tLSAvREZvRE9zUlRIOHZpYUVWZ0pyQmlh +K2ZubG02bjRjdmxBcVdLVENIejlVCtydnNICLzNyabsA6H8fhwkySlITewQ0vFBQ +GvfvDobgKzac8kmjDDwiIBwRI+EgVznSecv+Oqi2sJaodIxGaYgvEh+FURMfYOPX +K95ykf+R4bAowyG66i+mg9vthJU2O4v43R4qN4+0CVrArqhQp+ywNERsTV/2pU3f +bTFAYaLaLihEFDjCy9+p/D5l33Ns54FYAtBtQ/Ut4VY43i9inE/qohM6vy1W1SgY +THW3pLHvB6WlZvv4uD+IXK7GJXkedKxIuH0pGWLTF28aIlWTV8QYlCYpqpqaYs4X +87oze8zgPCNa2xODkQnYUI0GX4Fg3vP1K6R4G4DtCOytZdDYXncEIC4+opOoNmfg +xuhjELH+eZLXXRRd8PPrPTWXQ9CjPOK20vwc2To3Oljt940di6+886j2vFEBd44v +A1cjFG+K4mQ9GvdAk98EgRVXasmXyKnRdc7kFym9EY7guZtoA0Bav7YCn2vMwF7G +yLmxss4Wa7UA9v3GF270M/fb6D5u9qcDG7v41wYSldfaqSDs0Vw1ZfaGBYAXF5v7 +GgU0MSWaFyHej5xq5UVTlMtWh2YR +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2h003.age b/flakes/secrets/nix2h003.age new file mode 100644 index 0000000..01a858b --- /dev/null +++ b/flakes/secrets/nix2h003.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USA0dTdj +TDY2STIxTm8rbnNWS2J2VlZxcVRFYzdBRElDT2RUR1pRd2piaDFZCnl2d0xoUmg3 +OEs2bXNUY29RQWJ2WG9GMXIzZCsvcHRRUDFvRFl2elR0a28KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIFJsbjBZbFhEanBaSW1BOXBwbVQ5eUtHSDRQRzJleTBGc3BlY0dv +VzljVk0KZEg2M09TNVlvYXAxaEFaUlpkLzljZXVQUE53aEVLQlZXbVBpdEM2b1Za +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgLzQ0MVpLWXMvSXkwTnk2VWFrQWNtdVJj +bURKUzMrMmRqeW9TcTF4V3FtdwpVQmducWt2dkVPQklma3h0QVkwZk11cW9SMkxa +Ykp6amg4RWUrZEpFb3NBCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBDNjhjTlovT1J2 +QXFPOVZrQ1ZFWUV2cnF0eFdTR3g0M3VFd0dvU2hVNEFRCjdzR2hZR1pKUkpJL3Uv +VEdPNzE4TGtWRVpZeEROZGFNMXRtc2pFYTJoMEEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGlhUGZSUVhtSDBuaTF4a2pCbFNqUk8wN1NGT1cvbkVqUmk0cEVCTkhoa2MK +OGZGdlZBLzJCOG0rN09BQlFlTm41NVh1VEdZWFRjVTVMeFBRMXB5dktUZwotPiBz +c2gtZWQyNTUxOSBSNSt4Zncgc3EwWEY0dmZPT2ZnUlN4Sk83WkE1c0FldGhYclFK +T092dm9rQjY3TEh6UQpFQlFTdXBJWVY3aUx6Y3lKVDBGQ3ZHbVJqMm16R243Z3VU +T2lHWVdNMTk0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBuUTNLUGIwMzhKcVVyeUNG +NmJ1WkRtdS9FWHQvTGROL2ZiUmxmVlBIQWtZCjZJMUduWVNQMXVZRk1CbjhCTnFX +RkxoaTJuelV2bW01T0hiTHgvNTVZc0EKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEl1 +SnJKZ1Bwb0lsN1dTZ1I4YVN0c0NaUDVEd2c4SjNTRkw1d0ZpaTF0RHcKTzBabFNx +d0ZjTjNoemY1UzVBemd6QzNIQTl3b0N2WVdWUE9CV1VzcVVtcwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgbGI0MjhMbDFZblFud0U0Qi9ibHhSMlJTa0cyRHFJNW1tcnZQ +ZUNma0VoTQpuNG5ra2hwRlpneWxkTEgzQWlhMkRJVUMxR1RVZWZXWGloUEtkcWdI +RlFFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyAwNHF6Zmt5YXViL3o2aVVKVTNSakVX +eFpuSHN5Ty90bGI5K0l5VFVtL1NvClBsa2tRMm1QSVlBNmJ6T2JlT0V5cFNmV1c4 +Tm5nL1NiOWtGWm95VE1Ya0UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFwdWhWNnBQ +N1lYeC82NzNHZ2d3TzBzUTcrcm0wWGNPdEc1cUtndTZRM1EKTmxadlp6WC9BQzhJ +S2NIbjM4OHNpUGJiZkhOSXJDSitiNndOYm5VWDlCcwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgUTFOZUtZSFJRUkw0eE9wd1ZCcXd6Z2RvUFVsUnZBcWlSRXlHU0lWcVpH +TQo0ZUszNFF0NUdib1BpZ1FnM0hBUjFsMHdSTE1ma01OUHRIWXFUMmJRbWRRCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBocFJ1aGpicCtUTjR5dEw3RTNya1dINTN1emZl +OVF4Ykd2SmMyNUNqUlJNCkV2ekVCNk1uNEZiTlJYVDVsREQ2cCtRR3pVRVZZek12 +aTlLelNZOVVXZG8KLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9aT0pJSEZiMTA4c0Vi +dExPN0ZtT1BOY2ltNk95TzB2K0J6WEJaTUJ6bG8KdWo1OFpTWm1JWkRrWmhYUzRl +TUFJTHp5Mk9hVXZSNXFHM09IZHZOblpqQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZUpiN0RMRUhKM1ZvRWJQYVNCVzROckZ4SDY3NU4xb1djcUgyQW9xRnkzbwpOZ2Fu +dXNnTERuOHFoVVZGMUhpb2N3MDhRK29NVjhuRFhyZTdjL0orQXZvCi0+IDtXeHd7 +YFBpLWdyZWFzZSB7PCBcfkRZey4gI1d4Tn4gXwpIVDhGeFk2K3dOUkhBWkU3SnRP +THVSUXBWTVJBSlZVWERqL1F6NjFYQUJHZitiWXJhYjFHS3lmd1dDVW4rWDZRCmxC +bmt3NTUvZ0dScGFUaFJ0dwotLS0gTTRUejRxU2ZKZVN4MXkrSG52dHJzamxpdjBC +aWo0a0lmS0xWeStFN1UzTQrI0E7L65ZYdi9LJwZ3nSgT7WwwQJovYBqw7YO8jE+n +1iAUsxo+nj7V7ub7D6IxBaXupMwqqEGX/fUgLyHrckL8V6RmVfvoJROp1Vm7HncW +xqoFr1cj3n6p+O+xQPFy+1uVSktCTvLgHDNHavRPaoT6vP2FcvQkI7jczbGJel55 +YBA6bLrMLsn1+MmY5oT61huymRbKFyt3c7+u/vqYwD9/J4/KPW7nO0hCQ8LBJEm4 +KFwj/6d8zyLFGRB+wwH3pEPFWZ17/7tK4xRR3jUw3ertMKnLtpYpI7sCOhCStH5G +6CTMGgmWOyPmccVfWF3RSnuj5I53nnkYktWcc3o+ak8GCw8PBJvAfkAJyNjrSo6V +QTMX9qsrL8SydAXXFk2lNcv3maH6RgRB9ycPGak/ZsrFP0VkMFpOLIfqjJMnfChY +CUi2b1iTMlmw9VITSfgh82mue+bcevSaP6KboeksBq2ah8hSN80WPtb7VQNUNl/u +cQT5DoyvaIxOstiVpBy7DY4pvb6c5iWkUuuDiHrn0AA4XB2skTNhGU1oty0YrDFB +tnRtsOYgu5d/53Fcd8aUNg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2joe.age b/flakes/secrets/nix2joe.age new file mode 100644 index 0000000..befdff7 --- /dev/null +++ b/flakes/secrets/nix2joe.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrRFlo +VzhEcDJmTStuQUxxcms4am9idGpZYm5HVndISDlDMzVVVGl1ejJBCldYZllDcGEx +QVl6NU1vVjBPQXpLTndDdUZIRWJmMC8vRWhjOTRDUm5yTUUKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHl3SGo5eEdyRWlYSmVZaWhJNEt0VWRiY29IN3AyeGdYQWtuKzRL +NzJrVUEKaGdSelBON1JrbUZGVnJUL2RwZzZVWWJxVUkxUmVrVHdTcno1aWYvbGwv +cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgQU5Ia294NGsweUI2NUs1S3VZaVVEWUtZ +d1l6WGdPcnBmck81UGQ1Kyt4QQpwUG5iaFVUNG43a3A3M1FvUjZGd3ZtZzMrTUFm +amUzcHI4Smp0OXdpdWJVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFRkd4U2hvcGRk +ZjhleWdheUtqVjBRMXdwZ01KY3cyck5tOCtBaXlBc1ZBCjNvUURFdEFpZ0VteCti +Z2t3SlhRbWMxakRHbFlPMU5HZDlOV2R5d3pWdHMKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIFVZRlYzSU9FZUpoMnp6dVJPR21Zam96R1NQOXJQSldXOHNGYkZnR3ZxaGMK +eEJvbzFKY1R3WTJVaTN1c1hnTWJ3ZU5OZjlZR1kxMXd5bmJYNDRBSWNqVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUHBaY3ZaVjcvZXMxLzRiUisxMnNwV2hlM3NxR05Q +aE4rQjJ5ZDl2eDcwVQpUM1NKNHg2UmtPeFhGbkxTUlFtTFJ5bjNSZVNEWmVKaHg0 +cWpmT1VZZFZnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBKZnF6enhLS3BzUis2azFK +VlFDVTZTRTQ0czdNclBGYzROUEJHYlpod1gwCkpMb2hSRHVFTzVTZ1dmM1Fid2tl +bkhrK1dMdmxZSWxhMFBFM0wvZ2tuTW8KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEov +MGpzVlFwSi9RUDlQSmNCRXRqaGNpSHFwa1o5emdOcmY5UFREejdtencKVHE3OGlT +NnQxL0xJdTdYTnJQRTl1bjJNZDJ2MVdnWHlzb0pZS3JvYW1GbwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgVVVrQ2ZJdnY0WHRrdFBidDh6ZGxCQThjMk1DcG1UZ1hhMiti +WENKclB6dwpCZHRhU2NWZTFQYUFWYUxCUlBUenZPVDdQa3pXaVE3ZUdSNm91MWxB +SGZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB3QnVtWjlsOHJvVmltSkdVY0wwcmhk +S2prNGg5UE0ydWdSck4vMFY2cFdzCnAvOUR6VWtEOXd3OE16ZVROMEJraXVTZHV4 +OFdmQlRXcStLa1l1eE5yR1UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9NbklVa3V4 +aU5ubnk4WUJyRTdXRmIxT2YwODJQOWZ2eFdYUHphSGlwWFkKT2ZWWWF6eGc5YXJy +NWNqNE4yVXc3MFA3eVJQbDd2Zm1FUkF3M25LT0FGRQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgNEZaNzVhZlVrS2FXTlRXZUZMcWhwNnVORGJKYmErQ2FIRDl2b2wvNDB4 +OAp3NWdNcjVXb2RLczJGdGpyaFo4bTVLMGk5QWNQbkJpMjh5U09kbENVS05VCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSAwbXFvZWVaTEp4eUkxVGkvcWpZbmRnWGdjeXdW +QzgvbzBnbU5KWE5Ba1cwCkxUNnkwTkFFdHpuRlovWjh0RVE3U3pIc0tVcXY3RTc0 +NjRaRnE0YXp4NDgKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGtraTV0YWxFVDVkb1pE +NHpVQ2h6VGh3LzVRTG02cVdGRHpmak4rT2h6QWMKS0N0SFpyY3lhYlZxc1NQbkZW +VkVvQlAwejF4aUpnZmY2RnlHNDhQVHhXcwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +dytPUnI3MW1TckplUDZWRUZrUVN0aXhtSG1OeWkrcEIvVitxOGR1UHdFNApxaVFP +cVNrV2YxNGZQalZ1aTZLbjFYM1hWRkpFM2xhRlZTN3VNNFlaR09JCi0+IFEtZ3Jl +YXNlIEVPUgo1b3AzSWtZdkdwWEM0bVM2cU8rdTkxMFpTV3BZUGgzQ1NwWlJ1UXMr +dVIyMktqZjBRSzlrQkh2V1dGM3NoUQotLS0gSW9aS2RLNzZMQXlVakF1WDNzNWl3 +VEpQSVVWVVZkQU1FZjBaNHFxdmFzSQoHZa1y31EyfxcF5zL9Tp0efLfm1Ak/v9N3 +IqCds1BYhPDeCECA1zHdGZojhrxFuOyr1H/uSKuksPktfi0K7F73NsQ8Prf3hiVg +C5Ckh540/7lv8Y+f6eOSlbUUHkO/UftqyPqPwl+L3cHApoSN5OZJz+nVgJROQMBY +63lxHjw170/E1BNsf2jqdHHJUwyFd7hia212PqCQOyh0wbc+6E0t/9gDQXphBxC2 +/EpwLgBf0b8+nzGVZ0RP3wkegZyl2LYwkh+PLhRTTJOulE664eaJBFRpW/wfw1el +QaoEHw52O92IE6KbM7lQ2ujmHYG2aKBf/u16DfkDBrHSplz9bolcueppa7ubLgfU +mEacucUtRN2k+kA8S0UVZDsbo2oQfQL+fgq6Hcx1shpIFpugyhDMMHDD90cvAs8w +Keg8jHbTEtVJAtBmLYraeyGXsla1vPCcoXfHr49ej3Q4B7pMmReMtMEP/BDKy6pK +csPW/lebooacQpu1fjVyYyW/AgJHa0U6oZTr5i65FNYd0nQa07D3bYO3o7JUFZoB +Ah7b2Pj3Wv5Uzxka0R13xtr0Ud7jqw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2l002.age b/flakes/secrets/nix2l002.age new file mode 100644 index 0000000..0866e44 --- /dev/null +++ b/flakes/secrets/nix2l002.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBPODJ1 +Q2VxRFlMeUcrS0V0ZEhGdlRnRE92TDA4aXUwdDVKYUhBaG11R1NVClRUNnlJd1ow +MkliL08zZE12bHRyaFZuQkszMU1nL2pxT3hIWWlObW5IUE0KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDUzVXpLblJLZmY2UHJnQ1FIV25WRjJEWEYva2RjRUFNbkU2TkIw +Mk9hUTQKK2pMSytja2ppbE1Vb3hYVWhNMG1wUW1lNjRGMGpseVVpeUV4dkY1eTA4 +NAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWmV5NW1rVGk0Y0VBTFJ1bEpGbVFqdEp3 +ZVhyWkpaWm1uUHl0L2N4WStRYwo5WE5LYnUrTldDMGQrbDhtTEl3cmZGT21FNkZt +NmJ6eVBGeG5ZUjhCZE5BCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBVcWZqVVl5VDBP +azJjL0p4VEJnTzJrdkRZdXNSRGpIdXM3ZWttWkluMlc4ClJOV0xTOU9PeHhMeWpD +a0twcCtxYklUSjF1R2NseFF3NDk5eFI1Z2Z3Y1UKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGhONk1uMk5xRVdFUGZhNkpHUWhMUTN5bkkxdzNTRExqOGlGZzdOZzk5U3cK +NzJVSFppeGpGSWdob3ArTDhpcEhNSmVNMm8xcXRUS1crN0FubTR0T1BnTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgcmZ4MzRQQW03MWpwK2EzYUtaL3pPQmhhVzVBK1U4 +K3lOSDhNSzJreUwzWQpKN3BYSUg1ZmZQMEFyMUJRUU53bDJGZ0ovd0hoRWFOdEpK +WVJUOGErZkFzCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBSblVTemNRb3M1T25yYlhS +M3dLQ0oxZmhLQ1Nldkc5NVY4bDVMcWpPaEc0ClFDalVaZzMzUGxNN0x1eEJRUklQ +aWwybzJhNmJNNkJBSkp0WVd4WGxEZEUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHUv +ZWdmZ1RUZWZIckkzVENjblk4a0lVbVRzL3lDOFZhQk15SnU3REJwaDQKQVNncVdL +R01RM2FQekJXcHdYb084SzRRVGcrcVdMMmIrWXozM1BXcFdJRQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgeGhtdkMyTUQza2t2Y2ZGbmRNbXhFSmt6MGNNTWVGV2xGKzhN +bzB6REhrWQpIUTNPanVNZXQzMHlWQUduZUMzdk51bnNqM3Raem9pRG9iR1FRRzBm +aTIwCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJaUM0QkV3M2R1czdwYy94VWlyb1Jr +eUUxRU5zWU9tUGN5R2lMdk4rUFMwCk1ZMkJ1NW1abXRicjRkcE9CUmRqVFRjRlFv +d2hHYmVKNTVYc090ditMYTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEpFYTNQSDk5 +Y2JXL29YaTExc1ZiWkFKZUdFcDBjd1p0NWh0bkVXSk41aTgKRmZuWHRuNnpqUFNp +OFVZeVhDeXJMbUxuWnBvQVE2R2NwOXFQYXNnOUFsSQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgNmlsV251TVpneWttdGVKVldSbzg3RE9ablQ3ZDhSZE9Sc3Q0VDRUc0Vp +VQpXZ282cnFmczRvb1Q5cWtrd2NsdXBlejFMSUJwK2Z3Zmd6NEpNNUxJMDBJCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBLOTNlbFFPdVBMbElNcUtaVGVtVHFjTGJHQlFz +NUdDYnRsbGJEbWVsdURRClVnWnpuT2dhUDV6dVp0d0FoT0gxcXR3cVJDL2d3Mm5G +dzArWjhsczd2QVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFIvZGVGTmJ2TmJxR2Vm +b05RMy8za0liMGRLQU5XR25DNmladkgwd091Z00KTElBRTF4N29pbHVHYzAydVgv +TU5BRlVJeW93NVFtZEkyK1puUnBEVUJhVQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZU5EY2kyZWVVWDdEZDdZSUIxQ2lneWJrL1g4Ry9NcWwzOXo2ck9nam1WYwpRWlMw +SEhMR2VHMWNyS01TV0RQSGJiZzNjWXRRYTc2U2w0QnhpbFZzS0pFCi0+IFBBQC1n +cmVhc2UgXU0neTEgXkd1TDhHLHwgWEc+ICExVwpSanE3MWgrYWtEQ3JYbm9POE92 +cVVLK1pBaEdGTnVBMQotLS0gQk5Ud2dJZHRzN0RZTTlZLzdvTVp6c0pEejFBZU9l +bnA2Q3hGcmVOT3NnZwopOnc+QlhQ9rs4u1VZzBGuVT1C/M1+of1PrkVrG9FspsTv +k9M3NSrz1aCMHSgX+YdH59xr56PqsRjP6nok8+2XMMs04g/sfbQsBG6GIy0l2ke9 ++RgoIQ/7yBY6HhcSfBK8OGHsBTypj2iWsXmHji+JJHgXelLBQxPhiPh721Y+aR/g +6dhgaSkeiztKbzuXX8Y4idAx22vln+a9IhCeh9ObUucxXoQ7PsJXJqPFr4tqJfWe +R2wluD3RtZxzbkvKcmiVvgJt2pRRoMPC5tn6Se2Hl08fDoTR9Z24wK5igtu0+rBp +tALfNh62Nl2U1s4Ukd+5eH28vC1QEz9UqnTNvi7o+1usmLsMIjwagEgfUB+yzaT+ +8VJDj4Y4xfI5WdgbWe9A9JFk4ve8Xmqkkg8zlaveEg/wSMDbiZP5NV20xHDIr6kP +yrctn77Vohff0iYL4Fm38FgJfODFCLsHYOok3OgGGySLdTZcYZ69yJjlDm5m47ea +vz2zRL4m9MxS4vE9eR04T5G+isZnLZJP/T6SImvSKHKNpeXLSFbycRLYJkf0jNCS +g1ym3Ql3lTyozQVBCg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2linode.age b/flakes/secrets/nix2linode.age new file mode 100644 index 0000000..21529d3 --- /dev/null +++ b/flakes/secrets/nix2linode.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1ak9y +UTJwcVZCbmd4d1RPaWw5MDd3TTc5WU96MVptcVYyQVIwMzJDMGhzCkUrV1JQMlc5 +SnNxUm9UY3V2Tm0rVDV5ZTFLeEdYcG9qZWc3M013RjVpVTQKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDJBK09UZk9jOEFPL3NXRmFaOTJjM2FlalRaSEhESlFSZjBmN1hr +RUNoQmMKcXRlMGFnOXpCWjMvTGRLd0FmcDlQSmF1TUhXdXcrNXRIcUh5dEZqbDlz +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgSnphbHkzZjU1V3VzTzF6K1ZkcVNvcmp1 +VkxhWDZPTHp5bmlxWGVTOHp5SQowZXc0OS8vOHYreEJXbVZudUtKVVQzR3cxT3RC +RlpJNVFKN09kcmFtaTVFCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA1RzdxQjVqZG5G +UWtlUXpnT1FsODhaQlcwclFvZGZmb1pJY3MyRWtuZG5jCjI2QXFGMEFRVzR5MlF5 +QmNXbHQrOG8zbWpCU2FWVEhKNkhuT2JtNko2REEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHB3bXM1TVNBUmt2VFJPSEhzZjBZQVdVcFVNM3k5Y1ZCTmVtTHpObXZablUK +RVllREl1eGNJUmIwZkhtUy9JeEo3VHpWRFFGNG5QbTZNdzN5bGpWeXlwSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgVmVqYUdWVFdYbThTUFIrZThYOWI1cGNFWTJnT2NS +RHBzbnArbkM2YXVqbwpzSEowTi9oU3dnOTY2R29GODRpU2piRWFUSXFBcjlXanlR +SlNZaEFCaWFvCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFRGd1TWViVFRHQlhEd1NY +RC9DRXJxUE5VazhkUHkvQWRLT3lrY0xaOUFzCndNUk1USXJ4eUtLQ3hjOEtLaXBJ +emhmRjJFT2xreGRtWjlZaVo5ZjRLYTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIGZ5 +VUQwRlVnUTZFcXZ6ckFvQUhRZzJFMVB3dS9RT0ZOWm4wSEJGVExaWFUKYlFzSHNs +VUhZTWJjb3doQ1hQTU5tRWQrTWhjR2E2cVlLUWltZGhaWWM1RQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgK0I3MS80aC9MV1ZYZUkwMGk4VjV4Tml5OG5Na3dyS1JWM1V0 +a2FUaWhVZwpKSGJJY0RwaW5lYzUxc0dWaTlxdFBwV2o0c2lQWnFlQng4Tlp1bWtn +OWhBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBRVXJYMmp1d0RXNFlPWno4d3pDVUVD +Vmt0YmhyQy9Zdk1QdmdweTlaVlFRCkEyVmttUjhZSDBaYk53ci9UbERiaDhyRGR3 +V2lpcFJBK3crTFZlVnBvNTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFiQ1E3bGlr +bDVXMTNyVzVwNHdwQ2hnVi9Ld20wSnczeXZ4WVJ6MlZnQkEKOGlTUVVBZkVCOWg0 +N0tFTlNxZXFqaUJEellpRVlZM0JyaUZNUWV5dTRCRQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgSFhTUEx0N3FIVzAyYy9rRkZ2OUZBYWVQcmhnYWU3N1J0V2pEZktVQTIz +cwpoZzhPRThka2JoY254VEZFeVFaN2RDVDBKZ09MUXI3c2VSZmJyRUMwYUd3Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSArazcwb0lLb1NxbTVpbFlKWmJWcXdnK2pXd2xi +ZmpxNkliZ3RCQ3VBaUc4CjNUOFRJaG9kZEZFKy84ZTJ4aU83U1NEcWJNd3hJZFFY +amdqV3hIZit2M2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFNmNHFrdDlpb05EQlE0 +ZVhqcGpqNFY4M1Y3aHVlTUNOdnJ4VktxbFZobHcKTWd0emd6RFMxY25kbDlNM2I3 +Sy91ZVlOVkl6V3JqTFBuekFLMUs4NjYycwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +aWFYT1A0MDBSMHpzb3YrNXNHNjc4dUtoNkZ1RHlSL0tWV3RscTlocUd3NApMT0FS +MFZIVytLeGF1WDRKN0ZydEltVkxmaWF3TVdWV1FraTcwd0xzODVvCi0+IGY7cUxl +Ni1ncmVhc2UgOUwtR28geWMkcTwibyB0LVU/Qyt5SiBZNzxsYEJEQAowTUVXa0Yx +ZStNYWIwdzI0bXo2R1NWTURCMVVRK1F3WW1QcwotLS0geFBtNS9vMlE1V2Npb2lh +KzgzWkcrNS9SRG1ZeC8zdUhQbkludVJwbVc3QQo1QQm19YZ6VMz/+vhRhATkrYwD +KP/ZH7wMl9n40mzx5U1g87ERd3zoDyirTsgMn1N05fpnW24a71FKddHpDUuFc7Fx +xLc0Xst+uuSD8lj8H309fBBLn6yfvq4vu+/XNqsUvTwkBVFRN6EkWTr0XoFTBrlr +AwkEzL2hvC8Gt5U2sjNkJR9GLSZhwOFwTrFMZRW6ZcR42o+6GRUtFmRX7iUMKJ6a +2LIn3i7Qlc8pkvtEWB8yHQ8iLxa0SbWPKWnMcTV8LK/JvhSebBHxx35AhbjZAwc1 +oLmichP61qIGUGb3r3Y5U1C7dWpAwMp12Z2efk1uOfO8QzM1GYqIRvsXSPzfB80w +OCdnZez4iEIvxslbcLSRNZn1R8mwj5deMK4ZfU+26khzqBAtrjAA+tlCtViGKqUE +e7eOBujnBz67YbUYFyepBd8UfDsqM9jtl3PW07Bgvi1MJY0S2dzopgTlzYnS3PNS +8xyLi7Z/McMmHg5RZs2jKHScQlcs/+Y5y000UiqtWy2UmoY6zYwGW08eqgZLZKDS +QYY/0MHWQGO469J3uNdCx6qkzPygWchlGEKpxA== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2lio.age b/flakes/secrets/nix2lio.age new file mode 100644 index 0000000..1ea57d4 --- /dev/null +++ b/flakes/secrets/nix2lio.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB3dHp2 +QS9lSENJbC9VR1RpaWYyRG1KQWFXVGFsYTJyU3VqNCtub2RYMkRvCk5pMitVV2xZ +Y3hqTU9jSllaVXFReklodnVpUVVHeENpdGpBaTc2ZHN5Mm8KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHhIMGkwQmxYZjdBdFk3Wi9BQm12Qkh5NmExNklZbnVsZTdoZVI2 +bk9rSFkKMjZGc1o2SER1d24vVjcxVktjZmc2NXlJand1WE9zZDFZVG1WS1dNY1NG +cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgSEZhMldYaEFyUktESkttclBUV3JlSldl +UzQ0T3MrdzNmS2ZJWndVMTJTYwpoazNQMUt3d1A0ZHV0bC84b282R0NlRzhuQTE0 +V1M2QVp2NXdVWTVpelp3Ci0+IHNzaC1lZDI1NTE5IEJZS0crdyBKRUhKZTgwSnc1 +YkJlb3FLdkxRdFNRK3gvTDVzM2RnRDdqT1g4b21pNnlJCmFwK0pGNWR6M3BNRmF3 +aVRHRlVrZzZ5NlgydG5VTkRqTkVnOFZLVmlaelkKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGRrS3AzeE9jR05udXZVczdvaElkT2NFWkhyMGRLM1VRVmE3d0Jpek1DbG8K +UHNJYlFrME5FWmtoT3JZa042N0pzRlFESGl4U0dJNGtmT1Fad0J3VGdkbwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgaGd3SVN2MHZlQlhFaFFCRjR5eVV3Wk5LTE1PTHVO +S1pFK29GRXRhcC9SawpRTE5BcTRIMFE3Y3NTZEtwa1V1cUlodzBXb3dUODJ5ZEVV +eEdPdjRGcDNJCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNanV1Qkk3THV6SVZCOEUz +Q0NBSW16dTMzdWtpa29ncTRmd0o3eUVKb1dVCmFzd20wa29HVkRRRjhZMkFaSGtL +Z2M1SzRPNHdRMG10MFZQYTRtRGZDZ28KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHcz +UUlraHJNd3QwMC9Ta3cxekVCYWJrQit0QWhuSWkwenp6OUdBRG9oVXcKQk84OFpt +S0RqcGsvN1FMMy9SaWpnTVlwT0VsMGltMzdueVlISWZDblJiMAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgMVA0RzFwQ21YNVVBdlRuNWhRVjhaVEk2MkxmU21IeXp0VFNM +U0RYN1pBawpiMWJCV0JUMFZNVWxROFByNXBBSzV5LzlxTmJxd211OHI2VGw4RTdJ +WEZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBkU3RiRThocHh5QjRKSzJ5cVVIZlRU +NlJ2VTByL0VQZU9DLzhPN1ZxVmtRCldWTkx6Ty8rbHFDT0RpNER2MVA1dVFiT2ND +bzBsbHZ5d3hzaWlRM0VyYW8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHFrNVRPQmta +L3YwZjZ0MTNrK3lWeWdCRmF4MmdFMmszeTRlT09uVDlkVE0KYjlINldYK0VuNjBa +NVY1bFg4VkdyQU9DRk4yNHpGREs5cWthMzBad2hwOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgU1ZRclhTL2FkU09HcEtiNkY3OUo3Mmw5bUMwdisyL3JoMG9tSG00SGZR +VQpMZ0NvYXh5N0gySHBMZnF3MC9oc1g5cC82Si9ybjh2ZW9XRlN1SkY5RXdFCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBUZTJXY1Z4a3RSNnRvaHFhbC9BTlNvWVRIazVE +QVU2RTVrcU9NRDNERXhrCkdmbHJYM2xSUFM5TEs1Q0xnQkgrRnNzQndDRWlXQ05o +MWdRRU9xQlhuNVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE5tZVV3aUhlWEZkeHFs +SUpTU013RmcwZzc2SlBlZlA0RERnTDg4SmVVVXMKbS9LZHlaNlRJV3dPRjFzMTha +bU80WXR0SkRINGRxc2NXQVo4N2xqZXhDMAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +SUtVNWZjY3o1UkJvbFZ5WStqWG9IMjMyUmRYL3FYbXRPOG94ckM0TUxVWQo1MFRE +VUU5Wm1NZGQ3MFpRa3BBcWx0Kzd2UlMvOEM4Z1NoOFFYSWNLOWFFCi0+IHAmdml2 +V3NCLWdyZWFzZSBKKCklSyNAaSBSCnowSWtOYndCZmNoZ2gyYjNMejJpbHpNekZ6 +OStGcGFTVGJYeURqK0xYaUpkbFdLR01WdkRlMmY5UlIwVEQxYnUKLzNGUGJaUWhR +T2hwc1RXS0pzUi9KUi9QRkdzVmRKYnJVMS9pN0pMdTZIck93d2JmSFhNCi0tLSB4 +K2RSaVBENkNwY3hWbFFJRzRMYVZSY0pXTFI3MENkMVVzRTJoYmdNN1JVCv7Oz2Fi +S5/m0Lpgzb8jvETd0PIqOImElU7dg60vsww+++Ci7oo1Qw9l/bNdqOhIi4FjsGJp +vQZz6OsqpvF7Ou+YauUvdx6STlnkwrh9J7BVSkG++oduf16bTsV1rqSE/e3hHe2I +6rPv29MFmOxd3Ym4g+RAni/Ib/Ti7MdJJ3GDxOozAlHJrymtZ5NNa21UipoQpeWr +QauxkectXbeVZ8dsss+1sPI/z0CYFHhsEyiKGzZv6LFkdERuTGRmLHfYEwpCeeuZ +nJg5ztWBmvbwmbnbv4hbRaDNf5lpZA/sJV7OuJ/1iX2yuhBywI3808ioFtq3vScr +uUusVwaktQTpoj7yr1OuUltgeuALegw/DwnzZE9mNpGtUjbIbMmq/vJYhH3rC1wv +f2NuCvUN9GvWDt4IQkWDw7m3W6DUaNhoHE5NwcZ8GdScQ2j6IlEEdDAZ/da2Cm4B +o/heA/LGRkgwldpABIVdp2rZAsoU07SgENteaWTk281yBBbiG/QxTHFzgxw0wNjo +ShrXQQMnXWC2Fdz8ogj0RLesMsfjRnEIRwexxNLf0ihBwvet+JxKD6hL +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2nix.age b/flakes/secrets/nix2nix.age new file mode 100644 index 0000000..4877bbb --- /dev/null +++ b/flakes/secrets/nix2nix.age @@ -0,0 +1,51 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBiSHRC +QUVCMnBYdDJXUjgweVNiQ1loTlkxMWxjV3haODdWeFFOOXVrb0NrCkVZRzZYZVNR +RkRBTlRtOFhLZUkxRnM0UmR6S3hzdTcvUGwvV083RU5Hc1UKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIG1HWmhGSG9ZQmNoWEZvWDBta3V0L1I0cTE3c1orMlp3ZTI0OW5F +TDBaeUkKSWFjSlQrdGtnVlVzNWp3VHBhcm05QTNKZUZrK0g5RWRJY1ROWHYrUWpY +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR09DZnpLcW04TkpDa1crTHg4RG1FdmJh +T2V2VGJhWC94cm9IbWY3bmtrWQpmSGMrRHdreDNXOUlZRXdUQ3IzU3dMOVU4c2hH +YlpTMHdBZkxKcWJrMjBRCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBaZ0RPdUhTV29y +QXN5N04vU2gwc0VEdzUyNDdBMU55VHZmK2Fjc0N1bTFvClRDY0hoRDRsd3ZSSlVr +RlJHR2VHbGxZYlRKK0hkV2lYWXFMUEM2UzZYUW8KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIFBqUlZoWW9oMWtoM00yU2oybzNuTXFvYXJjS3I0MHpFN3owUWZtQWdrRWcK +S0RGOU9jUFJxY0ZmWFJmaU9GaFNjNjhSZk84MFRmcE12SjliSmpEMWpFcwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgZ3A0NUtnS0JMN1dINStSOUlNSitxWWZRaEk1Qld0 +aXp1V3Z3dVM1TUcxcwo1cENLMTNiSlJkeHNNamQyMGFvQ3FWNHBJYVVNSzhVdE9P +MkZVWnJmeWI4Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBObzFBR1pKbTdpVlIvMWpa +bWlxd2Uwb01KYkZtMmhXRmZCRlgySW82bERNCk9kaDlRV0JxRDRvdTlxWU1xM1hF +YUtnL2lKQTQ5T0dFdEEvT2hTaXdmbVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIC8w +d1hwSEw0Rkg1RE10Nm9oUlk5a1hKS1dJdGNyTHV3anhtcU9Ob0EwWG8KNXNHeWxp +Q296SjRsR1lSQmpDU1JCbngrVWQ1M2NNOGhLdkQ5REQ5dkFiUQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgM1FWOGVtdzVERTl1dXpzYndmbGd2c0w0a1phczlaZy9wSzZw +Z20wZFpXTQp2azFzbkVDeWR3eFFhZTloRFlhK3c1Z01vaXdGYkVBNit0QWErRVNL +MWdRCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBmMG0wRHJDVzJBU1ZoRFRzdlRvOWZi +TDM0VWpKcUY4V3EyTzlBbWZlOWlZCmI3VHlqYitMODE1LzUvWkhoODl1WVVCM3hl +YWg2WWFlUUhkQ0lvbXovVTQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJON3RGNDYy +Sk82TnNwUHhOYVE0WGoxTFdIUXAwSlROMkl6YWVEYk5tMkUKd3M3VzA4dWVoVVZH +VW9zcHd5cEtadUJMWTJacFhkcUkwNDcyT2xHNUxBOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbGdIakg4b1JzMkgybmpScFE4bmFreTF6ck9aM0hXbm1nYXl1V09CUVBq +OApLaGJHdEpjUEdjNVJEQXZvOUVxcllEckxmWVdCVkJPeXFDVnQ1cFI3cEE0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSB0NXNaZEtyQk1SMm93b2t6OGp1OHRUWXZwdWpa +Z21sVlJ0QmM3bW55MUdnCnZCRlVCdWRqN0hIVHRIWVBIYUdvTGYzWUxpRHY4WVZ6 +MFlXcUk5anlrMGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIG5TTllCeWJtUkpTbVpQ +NzF4S1lIWk41aHR1Skw3ZDJxSnBhZ2NHNTdra1kKRW8yeit2SDA2S2xCU1pueHlY +NXo5WVIxaDBiS3dFMURkbnBQM3M5V09hQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +K1pUM1pkWDIrd3djSThuNVFrTlBQQ2pOa0ZIRHRLZERnV2xkRitWNXBHNAozZjZs +MXhvUWM0elJkdEw3MlcvU2xBUXU5VThMVFB5NUZmTnhsVDBncVBBCi0+IHFjeUMt +Z3JlYXNlIGU3KmRuajM7IDZWCjJ0TWVnSmZRYy9aK3RSNWludGI4emdrSU9KV1dw +OUtYK3NUZldNcFZid2ZZMzRPZlFKRCtZbitPZ3hMV3FZaDAKdjJjeEVWUjc4Q1pk +L2tuSUZ0cVFDQ1YzOWxHdWVoT1hZQ2IyNW5XMEJ1UmJDckdTTzY2TnZmNGIwRy9H +S3JWbQoKLS0tIHVNQTFWNkhLMlVMMCtPU1plSVVBQ0FtZGlKNktSbXJKMjlsaVJx +L2RkNmMKL4QzBzzSOYmRx+8QC3YrvNX3hbfvPPP5gp2kfFK0clqTId3/UZu4qkOt +jUlhRTRWqv+ggJAHjyBCIPQP3BgHb6EDH0B2+ZaE/fXepvIaPnvInIoc+W7Dr8wA +JqgeDOtBWwuKKonGvPcATT3URZ8i5oGGHbyYGyQmeDjw7XdOQU78n8/sgm9bvOPK +woEE1G5tBvOXPWZXxgIlb01J/1LxLhmk7mmB5hyGgzG1kXyDHxcNmSytWNLe/6ly +v9mZSXAT97PPLJJcdwzd57tDav7yXXiNq8Wg5jxZR+YtyhmDX5BHcw/0nJr6CU0R +8bAsraBf1+zUoGYG0XKnqSCCb0Ky8rZYtG+KlN/aFRJ4T2RgLVIzncRvzL3evOa1 +52POfhB26YyMdV2kQ82V5UJXEFHkjdjwixp7n5jxg3MKxZlCumyPCuUe11W9tRtV +UQPNxdhgOH8GZAm8m6JxECtJ3Xx3XpGG5nZSLPCDoIQnetqShb1vyc06AQKMdUnP +FBXj0edHQE1DRQoVtcSq1+1v7CmLb4iR7yFGgbiuuRzyn2I2YNX6jxsn+u8z/roD +jvGrIE8= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2oracle.age b/flakes/secrets/nix2oracle.age new file mode 100644 index 0000000..a25f102 --- /dev/null +++ b/flakes/secrets/nix2oracle.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrU045 +Mk9iL1AzbG5LK1dKZEtTK1BENmZqc2wzWTdhMU9lL0NscXpJQ1dZCm5VWTh4eCtK +QWhVRjU3c3NXOElYQVh5RUZUQy9jcVA1NG9EZEhpKzZLUEkKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIElhTGVrcnk5emJ0ME1hU2xXOTMyTEIxV1l0TVFrc3ppQjc1VTNU +TmJyaFUKVlJrSVhCcm4xbHhwWUx5TXhlbTBwNzBoN21hcU1hVVZHeTNibUVSZXB6 +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgOFRvYXZFZjZJcXRsbUJUQ3U3Q3lLK3U4 +OEhiYWxqckMrZEszMXI1SStYOApzN3NCQ2U3TTkxVzB5dEUwWXA0dDMxblVEV3E3 +MXNXQVpKSURyV2ZmNDVZCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBJNUdKOGFDSHd5 +VDUrL3VSeEY3NWNoZlFWS3pvZnRBSjRIZEJnYzBSQ1h3CnpERHlkYXJsTCtUV2Y0 +RVN5NDB4UWF3Vm1pdzN0OHFuZ3ZRK0Fnd0V1cW8KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDU0aFQrN1pydWd0bkJLaE5KUTNyWU5Vak1tTlhKTDNHWHBJQ3ZSK0VNWFEK +UDkyTkFoSG5aL2tBTmxESWVpWXRpbWtTeEY1L0JZSmlEdVlRekN4ZmdxTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUXRLZjg3UStKMm9MNzFrcTVaVzhMR25DVk9oMGdP +UzErclNkQnhiRnNnawpRY01QWnhFQnFqT1AwcDIyeDZiaG4yeVBzaUptQ2RMeWxz +QkhyMDJnU3hrCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSArWjA3RVlZL2lyVjRFR2Zr +b1FIK2Y4dlhUejN5Nm42VWV3Nmp4cTB0T2dnCmNXZ0d0V2R0RnZHNGliZ0pwNkEv +a2Y4UHlmRnpOZ0dLZGIzTXJ0eWx0K00KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIERw +MkNqci80MXZibkF0Rk02YjBqalhhMmUxelJubWdQMG9mZE9lRzhXbVkKeURhVlhU +bVZDd0l2bFlKVjBKYmZkdHk0OFFNNTM2YlNYWG1SS3pXS1V3NAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgdnQrOCtiYWJrU3lveStlRzJrYWE0SEVHUEsrcm4xa0ZZNTA0 +UTZ4dWFBZwo3M0QzZEpFV1BFdGh4RC9DZ1l2M1FRWEdzZUtjbnN4cFRveE9KWU5W +NVFNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBSU1ZSd3Q3c1NWVUQyNTczMHBqMDVp +SUowUkhwTEMraWZZS1l4Nlk1eFJVClBjcVYyUndxdjM4ekIxOS90KzNHMXVPQ25Z +UlB1SW9BQzhyVHJnSU5TUG8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDB0WkxkYjBF +cVBuVFpiUFhmcGxwNW9BWmRzTU10R0prMmZsVVk2TWR3V1EKTHdySU8xK21hMzJ0 +c2NOZ0NSdHUzSHpnVWE0WU1DZXFjSjBXbHhvd1JDZwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbGFyTzdIaWF2b0w4QlVVUVFyNnNSMklzVGNhM2Rka2FDNm16S0R0MTIx +SQo4bkQ1cWtEVURORTcyREtDdUVPM3p6aFQ4ZVBXNWpCcXhUS1lOcG5tTUFVCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBDenFma2swTUdNalVpalVRT3ZCU2NyMlBOb2o0 +V0tCQ1gycmRoek5oMFVnCmNCRUlxU0F0ZmZyOXFLY0I2QXpuSTVqRUEvSHBHaHBF +SENVeDIxcU94Qk0KLT4gc3NoLWVkMjU1MTkga0hrMmdBIGRjYldMZndtVGRuMHIv +Q2RZNjlwVFkxS0xRQUpselRtS0l1MnNDLzhlR2cKSnF6MEdZRFhFOWtzUzlVZWEz +SlpHZzYySEpEVW5TOCtiZTJIYWdLL3dYYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +bThlZVZ4Q2s1OEFWbGNqSHRIQUpxYUNEZzFzNE5qejVnTUs2djFOYjFHUQo1T2lP +aktEaGFOYkw4T3JsVmIvTGp2WVE1dkxSczgzcjNaZDllaHRyVU1jCi0+IGo8IWFS +RS1ncmVhc2UgNHtmWAp1dVJtdTRlMFROaHVzVGx4UkEwcGJycitqSTFvbVFFOWl2 +ZGZVWHFHMjUwTEljRnlDVUpMK0lBQ1Npc3VRMW1uCjRDVXRhdDRRRG93Ci0tLSBa +U2JtM1c4dDd4OHBwK21jNXNqTFdDQ08xTXdWS2xLbjc3dllsUDE4MUpnCheeS5Ao +jdiBXm9dtTEcTgilutkhBaP6NL2MI7TCkratQvinVxVFc3A2XXGD1Dp+/YGhHMx9 +x0l5flisRyCK3Xz8WJWbVi1VZ6DuGaossLHxfIeVWQhzGGlX/4Xu2Ly26BpTDLmi +OpZ4WLHy3kMmt7VOon1xQmlZv7NBj4R4/u7QdPnIt60BwoDF6dGUEVBk/AcRnF2P +23fA0ZlpmSCRCfyMwgdo7TXMq72w/VL4y50y0H1lgexGwsgtOwWsj0HeOxwleSCS +3vHozKZd61AF898IIJh8/YW/A2AQkD0V+BN5Yn9A5PpN7HEQ2cQtsU2KB2LY7Ws8 +/l2diGyNu8V7CmONQh5Rjg5ON0Vj4xMpmsSQO9VyGzwVzkwXPpYadLYF82xP20UR +IieybEz/3n6ihpDPJ3aJ6JN31lZJnCmFkQ2sgvizuxwQnIpuN5nVav8laq4Xjm04 +55r37ZJG4SQUzOMjYdnViq6B/LMslVf3B80vMKXlm/lc8cXXQ5ZErcKJs7WsKD10 +GsAE+kvrxpwBDykMNwluExFxYACp1a+1bZZuzdRITMEstbWQgBK36s/e +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2oren.age b/flakes/secrets/nix2oren.age new file mode 100644 index 0000000..a4d820f --- /dev/null +++ b/flakes/secrets/nix2oren.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBpSGZS +bkFWQXAyazF5empVcGtuQ3NIQkpBK0RWWnI3WG9vOTdQMW9SNlh3Ck94MlNBSjRS +NTA3ZjAzZXJtTk5WaTFUd0VYWFFseUVTOFF2aUFmaUtCbU0KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIFZHS0Mvd2NUSHk0TnRFSWhmTk5VSm9LSnI4cE80OXpYMzJKbzV3 +UDdtZ2cKeTlsTGhmazNycElZLzN3R1FZcWdpK1Z4SGRPbGNKcjJzTnlXZFBJSTJl +UQotPiBzc2gtZWQyNTUxOSBTcENqQlEga09qRnptd0dqN1ByU2JZL1JuMTVJNlNY +eGYvRG96RXhtZFhxN2lpbWZXOApTYnNOYUkxWmMwZjlOMHJzZjdkajJHTHprbXlV +aUFZOWtOT2dMY3MzYWFVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2bnBFcnE5T2Jh +bmc2dmRQRUdDL0crYXl3ZTI1RkFDSkw5N3VxT2k0Z0dJCkpsdnFjN2xQeXBnQmVx +RlhTd3hudUNyMzQ4WlN1SGZvRldNNlBFV0ZlaTAKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIExzZGsvbmQ5NWRHdi9iSmVxVG0zbHg3T2V1NGFqREg1V0YyS2Y2bVNsaTAK +UUNicjhwajgvckxIblMzNk9HUDhLNTFBSmpMdzN4VkpoVjMybWVIc2hpZwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgNnJiMnVQcUd6aUVzblZMN3cwM3VoZXZRd2xaRlgr +SmpqYm52OXozZnZodwpKMFdsMVl2Zm9qNkIzOU1MM2dmWGRJTFd3bzMwWTVBdDNP +L05HUEpxRktFCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBUbW5pRVFHaUFlQ2JKZEEw +RDJxUVhiRUxxMGNkczgzUGlBVmtiTDQ0RG1JCnhjZVdlcW1LYkZyOXBqSithVXI5 +YytEYmltaFdLYkl1Uy9IV0xTcVR2YlEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIE4r +ZC91UURXRHFUWEM2OTJMWjRuUTBDUzZyZjR0MTdlMGJ5NHBBV2lBbDgKcEN0dXln +Z292L25SejhhVjAwdEthdTkrSVo1NzloSWlpQm5IeEgyeVQrbwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTFpMWnlXY1czQWpIdFl6SXpHeHg1K3hEeTBYdUxnREFmL2RF +NUhFRENpWQo4ZUswdFVMZXdnMGE3ODZTRFdOc2hBdzVMQllvczMvZk04QnRoWDVI +ME1jCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBUejNUVWEvWm8zSVFSRkFpQ2tIM3Vs +UFdTVlBhR3dIL2x4aDZvNUJWd0JVCldXQjRVY0g4KzRhTVRYdzZoRWZPbGlPSDA3 +cUhNTVJVZmpLTmxwN1UwN1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJTb3dMQUpW +b1htTm1JQlV2TDBXcGk5RzR2ay9JZ2NwSXpWUFlNeW1PVWMKTjV0S2JSd0dhTm02 +VzFzOUZmbXk4d2RweDRtREppZ2NaUmdXZXFQT2xPZwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgYTlGK3NsUUpJeW51SXFSaWRZMktZY1JVSWR1RHdxMkVCZ3JpOG5VeThI +VQpmL2pER3pkVVpRMG4yUkpoNmZCb2NzMjBqcm9mWUtpd2JYVE9PR1N4S29zCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBqcjhlR0ZQK1V0eFJINm1uUzRRTzBJZ2xnUk5S +b1BzTUVJdmoyWkVNNVVnCkZZM21DRkR3eDdWSHRtNTQ1WFF5K0hxMk1vMmd1MUJK +ejl2dW1keFhuWHcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpTM2NuU2RFVUJVcDB5 +REI4VE9LQzk5UEJVZEE3NTliNGRlVDhQSHZobWsKVlQwWU52cGErRHlMSUs5SllW +YWZtZWI5SXJoSFk4UGxHVFFqOHJqQjhaYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +MFAxUXVaZXM3ckZHbWxhY090T1UzaTZpQTRqZXMvaG5VYTl4U2ZYRThEdwpNa25V +cXp5Wk5WOEdjdGFWck5Qc1hjRitRMWdXd09CVGc3RDhxSVhlZkFZCi0+IDUxdmZm +LWdyZWFzZSAqcik9QzxMXSB+UTsgX0hDCmxiUXF0YnRnamt1RC9IaDRkYnFsSHYx +QkhRUU40TkI3MVFVSlN6WDJVY05KNDN3cGg3R0lVSDk4WGNQM2NFMEIKcncKLS0t +IE12R3FidXBvMFlMSkl3MkJleHgwOXB3Y1BhaGs4QlBPaTY3aTZBSUtwYW8KBn0h +p0tQ4FYu7/wPAIJc1Ful9XEfvky2NA1q4xI/gtfeaXvUY1tS5IeVkTQwfEsb6uCa +2m/MRGsWSmfBYHPzBtl/eHNODZ7EHECHjVpq/i0BLOH5a/GJ1lAImY8MDT/1dd6S +iqJPUTOWgH+mczo6BMsQBBmfg987oI/WRMeMAr0xZeFbunSw8yglLbopkFY1sv0V +OgBBUFj06tBhYBivB42fmaFSO/bTYkwD6FSzCfUGSG0p8PPaMIPPF1MU9xtgjW5A +PkN3OGeTDrDJ6AnVjTY64nzSEwILPRoSKXfErEX7Q3oEzSgIdzCVKUqt+Z9S8do1 +Huc3JOc7ZxxotGr9AHPPGYxT6hgkxxQOIrw6W03wnj6oS2XsFoU3X7uATZP5hc8o +p2W0knCKHPjqxb0cCZORSdae3FOQpF3RY3hFOIHTHqR3dfl//D/OdW+9+qZx47JW +hoXDNmdrBjUXW6t/i/rRhcoocomUxo/rLbxdE+/JP86Yg0pb0fPEP6zCMHJusuHo +EojSeWMeRHZ+cF61ee1+8cHGrvXcShJ7uicIXRTFdbdclfM10to7cijub+U= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2t.age b/flakes/secrets/nix2t.age new file mode 100644 index 0000000..843600e --- /dev/null +++ b/flakes/secrets/nix2t.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBVUy9q +SDc5SjNYT3djMmVnbmZrSkpDQlQ5VmJQZlFzaUhJS1hja3R0bEV3CnMvK2NKd05q +OUltdUUzWlFUZkhMa3c1UkdaVm1aQlk3MmtGalFsV1dRWkEKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEh1VWxrNnZoN0tabE85NTJuUFVmTGw0c09IVWI1Q3Ird3BWb0p1 +ZSt4eVEKWWlFMzc2SzVwRE5CNVk1N3haRW9UTGpMdjk2d2cxa3BQOUFrSTk1MmtW +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgVHRUTnhwckpoVEFpMUxWbk1yekRDTzA1 +WWZvSXpDZWxEaCtDVHNKVENpMApncXZIY3ZFbHJxY3VkTGVsclBTQ09jaWxRdDdO +VEsxdmFKYWNEdkUvT29FCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2ZUhRa3o1V20r +a2tQNmQrYk9wemFhNytRY3FuOTFmMmRad0FNNXExWEQwCmp1RjFDS0xwSGtHQUUy +RDlWVVdxWjhvRGVEeHo4TEdzT1JSRmIxcDgrZU0KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDZYYXVwaWdrTTBKYlZhQk9STGNPV3ZqeW5yZDVpcFUxSTVsNW9JcXF6eTAK +VEk2Skk3bFdtWEhoaDllYjloQkcyT2tUaTFtdHYvcFQyalpuaTFac29FWQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgS1I0NWdPY3ZSU2xENDFFeEVtNVU4dkdGRVVkUWYw +bjhYWlNXMm9jU0UwdwpPQU5KMTVuODVhUzFxWnIzclhCU05mMnU0R3FtanVxK0xn +VFFJSTFvWHA0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBhSStkek51ZWQ4a1dVaG9w +TFN3Vm5oMUwraUx3MFR4bXVnenpPNE0xVmdjCjhORitCVU9nRWpQNERDMElBZk94 +a09LMHFhM2V1dDZvamltUnY4TENqYnMKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHVP +SCtCUWc1N3E5Zzd3aHllS0owQ2d3anhSYnRFOWh4SlgyOG5ZWFlJbEkKNHVzMjZD +T3QvYXZPaTU1SDNCTnNFNlRtRFpSZy9wQ1F6WkNxNUg2bCtDVQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgYVdKNk41MGxMMXl6SkNWVmdsREhTeFJ6RTJzdkxTcWhtY3NT +bXYzTnRnZwpnaXBHKzNYYzNDd0ErbDhBNEVOZ1FWcFJZT09TY3FBanZIRU9nTldu +L293Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBWSUFiQjBLVjVjdUdIdUR2b1Q3LzJJ +c01VMS8yZWJxQkN5bXVuNjhXUkFzClpuT2k5aFFWQjNsNjlNSHc0Q2xZWFdDeGxY +V2ZBNDNYN3lsZlFrTUkvNmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDBrYkk1akZE +NFc0UUsrV1RlbW02NU9ZTlcyRGRMUGVmOWtwOW9VaXY4U1UKeklYZUdtci8xYzg5 +Rnc0V1M4QktScUVwSG1JcnprT2pMdDJWYVJmVTdDcwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgQzdTcmtaZER3Zk40OVFpRU9pTDhqTHBFWTA4SS9NY0g1RE10ejJtdjlU +RQptZ3FQMmNnYzBEc3BpUDdNYTg4U3U1SFhDb05KdnIzV0VzT3pXT1psOVE0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBzRko3NGlWUmpDb1U0WXpKN0lraDYzTWlIYTFj +OStWa2NzMEQvNzN0UlFRCk1LeUZSVFdPa3NpY2M1eUIxRHhqV1BFNlpjN2Ntb2Rq +dkFveVdxRFpod2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEEzOTVLTzg3d0ZYaTgz +TXdJYkZlcVVqQm5KaXVDaEZlbWw5OU1jNkw0eFEKVjZra3dac0NUQ2pBZnRFMGND +Qm8wbkdVQytxQnpGSzNjSjJtVTk2dEhSSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +UVpVWHV2OWdWYnhydTJZODRzVEdWQVhFODFQWFVVSWw5NWJocXduY2hDMApnUDNM +UXkxL2NTQWVVeUdkeHdHbnE4cFJXMExLK0IxWUxlQlBFVlllOWVZCi0+ICozLWdy +ZWFzZSBgS1gtOiBuK18KbThIa1FGM25sc0o1UU1yWlFoY20vNS9oRGdpQmQxWXBr +cnVwaHd1cDgwdGpGQkQrREs4dwotLS0gUHRYWjF4OUV4NVhESlo3LytqdzVOTHNU +Z1ROdmJ4SHkyZGhzQlJXeWw4MApz+OC1nGrL+AgkWWYC3bYmEZ4WE7wUiBGSQjuu +MFlv1EBOveOzJ9eKKdR+zOl0Zo+pL6TrUUju6iaIvPd16x8NBiiDGmiAkpM9qcQv +CG/KFcP5kq5Ddx9rGqvOTn8YTk7Se10BmBEduERWtSuv6yEngrAJzF1QaeBM2PXH ++TxPlblCbiE3g9Dk6c+0S74izVAz+1cD8Lwx7n/7DX6gHtIoSMIDi38mfy9baZdl +Zcaw8Nr/wgBT61U2ywXGc9h50Jec1zUXfBEdLZQCFNpnZjntxh+obvdM43HJzRkz +sF9UXXWrvQrP21xxxa1wYy2UNANAHqMegUVNIZZfncF0lnA38sJDX8nsYKaIsnce +CnacNDrf2gpZkk6Ml5Pjcc85B1dE3DOrogg/Dq84c+JtN9r5N3mrzBHeg4xc8dOX +GGq1+9a4w/w2CvvoRbFXxSxo7a/B73oeNggsHCcZ+o2CG/eR1mDNznU6XSW/1dMg +FnEBJB4vAG/fejLMHHWNb4bfa89Oba7wN2oHKm41cf+JWHJ0/Thn1k6DzcWRoHtc +kJS1Zr8mQw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/oauth2_proxy_key_file.age b/flakes/secrets/oauth2_proxy_key_file.age new file mode 100644 index 0000000..d5a36a9 --- /dev/null +++ b/flakes/secrets/oauth2_proxy_key_file.age @@ -0,0 +1,17 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1QW9y +bVYrZzh3ZDJRaUJOdEZRcGVhNUNvNG1JbENuVVJVcXFPbXVmNVNnCmZCenlWMVRY +YkgwRXpwYmQ4NmNrUkZQNitRM21FbzA3Z0x0TzBZVGxsa2sKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIDBsYW5qa09pNnptSk9rTndaZ2ZFQWs2cTlUdkp0S2k1TkFiNHFh +bG1zVkUKYXlRdTBVMGpOcEQ2bDN4Z2ZLbVFPZ1RBT0lmMitqRk5wdjF2bjJPRXRF +VQotPiBzc2gtZWQyNTUxOSA5di8ySEEgaFlLSm5Qd2dML2d6UVlJWEN0NHdiS2lp +WDNHeithZmg5ZFJjQ3BrV0pXYwpYdEFwR0J2RVJjaHJISHBMb3VxSlpTREVxcjEy +ZExZTUdocGNWcVJTb01FCi0+IDF7LWdyZWFzZQpFaGhVdVpjdVo1a2xXUjYwWUww +Z1hmUkorV2l3Rkt5MGFmUUczVVEKLS0tIHR4SzJCYTZOdFFERFRlS0QyV0tJeks3 +ZDNYS05jR1QvU3RhN2ZUd0dCODgKvyfa6+kFUuN2DAi1vb8vszdAw3Jlb9gLsdsM +6d7ILyLkmolgmpfpFwyzP5KVrYn8vkjuZDB6iJvAJjDgBhX9p4Bt7uSggNGz7O8z +7p3NsCdzLGHLygYok+D2TyupWiUs/YIyUx3rdjleO/QOiJlO8n63xx9hvp2A/25q +n6BvBLA0CuecVFs9pLC8a91VpTyZrI/f71lmS6wvpW3HwrRldDDCqzPB3UG3ceTz +9O0iCjST/c5ETO7HadKKT63aMALdHQYc3QMATxeMfwHlMmwf42Z4ON4d9A6q1CWO +hQ0LmyFhrg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/obsidian_sync_env.age b/flakes/secrets/obsidian_sync_env.age new file mode 100644 index 0000000..b35ab57 --- /dev/null +++ b/flakes/secrets/obsidian_sync_env.age @@ -0,0 +1,43 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBsTGRH +YXJwM1JGbFY1c1dtV28xSlBYTWdObkJRUmdRVTROcm1hNlh4ZWlzClVEemdrc3ov +NzVqVFk0RjV2eVBCaVF6WUcrVWh2MWxpSjhyUWZsT0Y2ZVUKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGFYWUZqRnhMdjVZQ3BsTXcxcXNaeWQ4YUZMRytSbm0xYXJpeXd1 +MWlNMlUKb3ZCOVdJRGF6V2xaOGUvKzV6N1FvYkJkVlo4VlZPeE9BYk9xYk9qbEF0 +dwotPiBzc2gtZWQyNTUxOSBTcENqQlEgTGFZbytBdXJjYWdRdHlrVE5vbGs5UzJp +dUkxUzk5QmlZR2lvQi9UYVpYNAozK1JwREZQaWxtYzhzUit1eHFldGJXbHNGdktH +SFFJcGJ3U21MQWx4M3FnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAxaTdFQ00xei9L +TEdCd216MGRXbmRrTEdvTVJwdEVmUlFLVGsxOXlJOUQ4CkdobFNlSTdHaFVMUU12 +VUhUdzlDWVMrZ0VaeVlmZlliZkhmbWhCU1RlSTQKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHFJU2JRWEJrL0ljZkVSamwreW1KOTgwWGFkZ3lGWnFXY2tMVmZKclF6R28K +ZXlOOEdIanFUWEdGdys1R3RWNjNvWDY0RytSeXVmdEkyOWJuK09JNERKVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgYU1pWk51WmZZMjJnaUpQdjJxdjA4VCtVQzhtS0N1 +U1A1aUJRYkY2S1kzawo0c3Vzb2EzZWVLV3NOVWJZc0tOMXNrd3ZscnFkeXpCcWRj +ZEZIWFFFSFQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSByWG96bDI0Sys5bEZVYzNk +RDg2eSt2d2Z1R25zVWsxWGhDTHBaNkJWdVNRCmRhK3M5Q3VZeVR0RkpGbVZmZHhz +ZlVqbWNaVmVxbTRrejNQUFVwRDlYU1kKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHE5 +blF5dTNhd1RIUTZTdCtIdXViaXN5VFg5Zy9paVdDT2ZhZktNTlpQaHcKM2cvQWJE +aUh5OWRmRTh5dmgxc3dMMlZZRlBJcWlTVnpCTTZnSUIvSVhCTQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgQWRJTVQ3ODN5NmllaXRzL0Y1NE1jZ1NZNmJXUFJSUU9qRGFn +aTBKVzlETQptUHlNeDJxcW5qcWVxYVBpb3docHdjM0pyaXErTzdRMTFuQnJVZjhJ +akc4Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBMY1NDelF0NUlERjdFTWhwMGxJdnR3 +NzBQWG1tbHhEYmdwQWtYeHgyNVZ3CkNzR3JySUxPUXJTMVJ1R2ZRZHpkNjZLcEZU +U2pWaTIyS0lyTloyeDdGKzQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9QeWRVUXZE +NDNFS1Fmck5mRWc2bVlDeHh1VW11K1BONU9KSit0dkZCbTgKMmo0VVcyR09oeVBC +RkpyeFpOcVZUaitCL0pvclhmL2JLZE9nSFJYanJVOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgY1gxbkNxTEtXV2F3WWQraXJFMGkwQWZBazNKVTdNZTI3VG10L0hkTzN4 +YwpJcDYvRUxwQnVzSEVEbWNtOGVicm1aVURoZDBxR214dTUyVjdudjBjamFJCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBKcUs5TTE2Mk45SmgrWTRpMXZVb2YycCtldTRD +UWt5T0J2Q1NGRU5BVTJJCk5RYlFVMk1Jai9KYzhOQUtobGFnZlhaWmhQSGxFcmpY +aG01aXFGQ09PdGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIENnbEo4UXZWRldwcDZq +ank4aFlZa01KWTFURUo5ZXJ5aGMxcXNwTDM1R0kKcFJpN2QzcVdNcHJIbXIrMHF0 +Q1RROFV3NCt4RW1BVjVmVTV4U01OSW8zOAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +SGtkdTUrTDd2ZU0zeTR3L3VLbWlqWElRUlQ5QmxCcmNMWm9qMk41aUEyMApKSHF5 +VlpjUXRTQWJ2bmRhOTZ3Wk5DbktiVmpwaS9EQ0hEckordTFwSUhRCi0+IDVwSS1n +cmVhc2UgRVo1IEguX2EKa3p5cCt2WjYwWDB1TXNMeU9FTG1LRFQ1NTd6VlA3eDVU +Vys4NFRJckdVcVdialVKV2hyUk5uK0J6SkJTYzZHdApaZlkKLS0tIDMxSmJtLzZD +T0NQaWlEcVY0eTBFVVVKVUkwRnlNbDdnNEl4Qk5jY2FWNnMKUzvOMuRTZl8GtwWB +GUg2RISUPDZ3kmzzN6gUe2NlJfzSE/dW3zYuSZQ8qFXPLp6JTsJlfNmPqV4KTwOu +y0a1GymZ3/q29nOSIuAW9Dgi/t8yBpHnQn7hp1ptOM9KZBCrEqwY4j5q+uSwPQwY +R+vqTRjL3UA/z0Q= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/openwebui_env.age b/flakes/secrets/openwebui_env.age new file mode 100644 index 0000000..66eee18 --- /dev/null +++ b/flakes/secrets/openwebui_env.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBORVRn +WmpIQStaRnV3QU9wMStQWHJMTklhb21nM3YyRE1xdWNxcWZEelRnCnZvckQ1K0hE +UkNyZGIvTFhpU1JtcXgzTy9QK2hhV2JYcm9nczJSbXgyS1kKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIFU4QndCcjhFbG05M1prbGkwcFlYWU1WT1NkU3ZCZ09SQm9sMERC +OGZnMGMKbnBqNzd2dnBQT3R2YXBraEZKVFBJeHJXU1RhOWwwNHdGbC95TzhDM1g4 +MAotPiBzc2gtZWQyNTUxOSA5di8ySEEgOGdMRXZ4cnd0VFdxNlBHYlI0S2pCTkZo +dGtnUm4vaGFQanpKMFRjVjdHSQo1aStST0hFdkR4T0syekFZZXM1b1JBbXV4bFB0 +RVIyRG0raEZDVmt3L3owCi0+IGxLPUBZOS1ncmVhc2UgOyAqIH06U1EgQCRXdn1K +CnpSdjUwaDI1eWE3ckNBCi0tLSB2ZTJVTHphZVhBQndhUU1GZTYvYlFMT3h6cVRE +SzBoK2sySStmWm9SSnU4CjTkglKu9/CMRrbdagHF1uNxTOBSthOhyAgfcHLXHwXe +dtZiEnev479tMoIo2OXi5ODZpz1LTCkBMO0yRY6JlmNVlwpByNJkyij5bwXbUiPy +Mk9airOI/s5fIEIStb6ei8TMgy68trToK8JUmBtK8JzL9fkJDET9YyQh8N3BTUMR +8M2cUXX1qFjP7dyRDOQiq3LQEKpywUIuGNASDw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/secrets.nix b/flakes/secrets/secrets.nix new file mode 100644 index 0000000..80c241c --- /dev/null +++ b/flakes/secrets/secrets.nix @@ -0,0 +1,138 @@ +## To onboard a new machine, you must use a machine that is already onboarded, or the backup authority key saved in a secure location +## Once the new machine is setup at least once, then we can generate/fetch ssh keys from it and add to this list. Then rekey the secrets and commit the changes and pull down from the nix repo + +# System key: `cat /etc/ssh/ssh_host_ed25519_key.pub` +# +# from authority +# `nix run github:yaxitech/ragenix -- -i ~/.ssh/ragenix_authority --rules ~/.config/nixos-config/common/secrets/secrets.nix` <-r(eykey)|-e(edit) > + +let + authorityKey = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdG4tG18VeuEr/g4GM7HWUzHuUVcR9k6oS3TPBs4JRF authority" + ]; + + gpdPocket3 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzAQ2Dzl8EvQtYLjEZS5K0bQeNop8QRkwrfxMkBagW2 root@gpdPocket3" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIr/aS0qyn5hCLR6wH1P2GhH3hGOqniewMkIseGZ23HB josh@gpdPocket3" + ]; + + lio = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGp6oInUcGVnDl5axV1EHflMfZUiHxtqNa4eAuye/av root@lio" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxNhtJNx/y4W54kAGmm2pF80l437z1RLWl/GTVKy0Pd josh@lio" + ]; + + joe = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4PwrrOuZJWRjlc2dKBUKKE4ybqifJeVOn7x9J5IxIS josh@joe" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+GYfPPKxR/18RdD736G7IQhImX/CYU3A+Gifud3CHg root@joe" + ]; + + oren = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7bNX7R9ApoX/cHdXIhQdpA2sHrC9ii6VAulboAIJM2 root@oren" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICauUtSa71+oQAiLxp3GMMbmNXcbr9Mc7eK8b/lqZbbS josh@oren" + ]; + + h001 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGTAz6n35c3r8kSuWJM1JzMVx6jK+0EBwpJA5eTIvy3N root@h001" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICRHer3NrJiklp4oDNRCzDxc9fXpXn5rPAXGFce8ugy2 luser@h001" + ]; + + h002 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9GW9W3DT9AqTonG5rDta3ziZdYOEEdukh2ErJfHxoP root@h002" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC60tzOVF0mcyfnYK2V/omzikuyE8Ol0K+yAjGxBV7q4 luser@h002" + ]; + + h003 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHsV5r9sWYgrr9t9p12Epzm6WtxN/XsKSCb46+ODQvVT root@h003" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILQLt2Hc+CN6+e7/sf3Fv0FQlp6+yrIbIJ/J9AdnJCjI luser@h003" + ]; + + trustedKeys = authorityKey ++ gpdPocket3 ++ lio ++ joe ++ oren ++ h001 ++ h002 ++ h003; + + o001 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrwvahx1x4rue28QHCzyADQndOeTESIv80f7d00NXWT root@o001" + ]; +in +{ + ## To make a new secret: + # - FIRST add file below that you want to create + # - cd to the secrets directory here + # - `ragenix --editor=vi -v -e FILE.age` add file below and in the ragenix.nix file + # + # TODO come up with a rotate method/encrypt the device keys better. This isn't very secure feeling to me the way I am doing this now. If anyone gains access to any one of my devices, then my secrets are no longer secret. This is not a good model. + + # Git keys + "nix2github.age" = { + publicKeys = trustedKeys; + }; + "nix2bitbucket.age" = { + publicKeys = trustedKeys; + }; + "nix2gitforgejo.age" = { + publicKeys = trustedKeys; + }; + "nix2gitjosh.age" = { + publicKeys = trustedKeys; + }; + "nix2nix.age" = { + publicKeys = trustedKeys; + }; + # Server keys + "nix2h001.age" = { + publicKeys = trustedKeys; + }; + "nix2h002.age" = { + publicKeys = trustedKeys; + }; + "nix2h003.age" = { + publicKeys = trustedKeys; + }; + "nix2joe.age" = { + publicKeys = trustedKeys; + }; + "nix2gpdPocket3.age" = { + publicKeys = trustedKeys; + }; + "nix2t.age" = { + publicKeys = trustedKeys; + }; + "nix2l002.age" = { + publicKeys = trustedKeys; + }; + "nix2linode.age" = { + publicKeys = trustedKeys; + }; + "nix2oracle.age" = { + publicKeys = trustedKeys; + }; + "nix2lio.age" = { + publicKeys = trustedKeys; + }; + "nix2oren.age" = { + publicKeys = trustedKeys; + }; + # Others + "github_read_token.age" = { + publicKeys = trustedKeys; + }; + "headscale_auth.age" = { + publicKeys = trustedKeys; + }; + "us_chi_wg.age" = { + publicKeys = trustedKeys; + }; + "zitadel_master_key.age" = { + publicKeys = authorityKey ++ h001; + }; + "oauth2_proxy_key_file.age" = { + publicKeys = authorityKey ++ h001; + }; + "openwebui_env.age" = { + publicKeys = authorityKey ++ h001; + }; + "vaultwarden_env.age" = { + publicKeys = authorityKey ++ o001; + }; + "linode_rw_domains.age" = { + publicKeys = trustedKeys; + }; +} diff --git a/flakes/secrets/us_chi_wg.age b/flakes/secrets/us_chi_wg.age new file mode 100644 index 0000000..94a440b --- /dev/null +++ b/flakes/secrets/us_chi_wg.age @@ -0,0 +1,46 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBFazhx +VVN3VXgrWXdWZzNwOHdIVzZSSTlRa2lEYjhXRzlCWXZhMmQ2QXdzCms5MmpGZ0hW +c3JYM25mNWliNHlxNG14ZHppcWU3QmhxVHVwS0QwaWNaN0kKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIE5Cd0M1S0ZCWTVXZ2lLR3NzV2lTb3dubHRyQmlsMDF2TFZLM1B2 +bnBMaGMKSE9ad3BrSEF1T0g2bkN5SjAxOEdjSytIWGxSN0t4ZDlQSkpVRzE5ellm +QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgYllQVWlYUnZ2cjJ5N0t2WFJWMG5ReG03 +V3pkSzFEK2syRzd5R0NyVFdEdwpNODJLenpIZVByL0hPSEFFbG1FVnBpeU1relhl +R1dpamwwV1JoWG9CNmprCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFTSt3Z2UrQStY +Vk5LeXFETkdmeXdGSVcwTlA4bzJKK2poZFNUL1Qvb1NFClpIUHVWV3Q0RTViRzBI +aG5QTTZCazUralExS0NRUWF0cVNZTlZIaC9mQ0kKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDF4Z1RmZkJrblIrQ1NqU0hDNWpPYS9sUUJJTWFQOGNJejduTkdLbFBJQ2MK +b3hXd09EaGNPaUQ5ZnIyNHlpK2hSWm5WV0lERm5xcWQxa3hGaDVTRzFYVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgY09RbXM3WmlDMVVRMTdKRjN6aktFY20zNjJmMFBY +ajQ1VjRwQXVqRkN6WQpiaDdRNmtBUy8xMksyQld5bTMzTXlMVnhQQzU2a1RQdE5z +dGhpWWxXRThNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBTQzhUY01rOFlCV1ZQbGhJ +dGFTK00wZnNyRGVYNjQ5T3dtZENDSHpycUdzCjNZNVd5dWkrWG9lMWdhZVJQUE4w +SHl4dmpwU25PSDZWVkZUTjZtWmNhSjgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEFH +WmNFL1ZYazFZNVB0R1JYTFpBNk50U0VWazBhOGh2SDhHdGlwRWdSeHMKemUwNXN0 +aEdMdGJVZmdpWFN2Zm1BT2wrQzFBR0hIUi85ZHFSSVd3NklXMAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgejVkVURQd3hrQ2pyMU9MVG9VTG9VZmtKbmtDZHU0RjdHM2lz +c2VTTy9FYwpUZTBkaU1rQmsxaWRzTjhvdis2VUZJV09Vb3g2VTNNVHN0Z1llazRL +U0VBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBrRXNWcHk2akc1bVZBbitQcUlLYU5B +cmRnSWM2dkVKU1p3dk1ueUo0bUc0CmEzdjF0dUgrOXhETWRDaGlDQU4zTWxXNXBS +TUs4V3U5VWNNczNTVDNLb00KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIERULzFFSERl +b2ZNa2tzSDhZbDVJb0RndDFBRzlBc2dxcWJMcmcrMFJUaDQKY25kejI4VDVrYkUx +OWo2M0hLRFBLNi9HeXc1elVVTTY5Q094RFUxQUlTUQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgTlpTeVFPOUFMc0hNNkZJZGxJSVltS0JEVnFoRWNBWGpLUVNwR1pPZXlT +YwpUTjJPak8xTWtlUEdFNDZhMVBxWE5xMGZlUFFmQlpkWkh5UDdqeW1SeHlRCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBZVWtxQWNwcDdxMUdtSVNzT3hkNjMvVXUzd1Vp +bXp2YTVOOGFyMDJPV0dzClhkZXNpbGVLUGV4SE5CSDIzYTNRRkg0ZXh0MEdDNnhz +aEtReUJES3ZsbWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE1iRkpLbzJnZFVObkNQ +SzI5K3krcjJvMDNhRXduWFhXd2RWUDBTdWpVaHMKMnFlRGFsSnlTMStZbnhYeG5U +Yng1TXZOTSswc1FXY00wSTErUzNDTzhvawotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +QVFhZlJhRjNsdndHa0RPaVJoYUMrNTRoY29iUWNXdXJvS0hBb3VMU0oydwp0dmdo +amFxNGJnanRCREt3ZFhld0M4UFk1WmM2RmJmVTY4b0g0RkJXYnJVCi0+IGgnMTZv +d2dGLWdyZWFzZSBQMkEKbThTYkxNa3YwK2xXbUhxb2RqQnd6UUl6a0JVcnVPR050 +ZFZCNmpjCi0tLSA0QVdjZEIrOWhUaVpHNytqY0h3eExLVWc0djlDRWtQVEZuWHM5 +YlVydnljCo/0r5CGdm/VW7wxgZhkhisHJbstH3r3YrghiSORsBwxX+GaKIziS1ns +MyRg6TWoWjIUe4epfGzqton35ekvrXWxGlLCuIkQgY1frgPTE4kZdm/T1pqzZpQ0 +4vZkl7nVd4k9oayv2LfpN8loG8npcwLfSKeVFCEooTOs+M3eH+wCEUd4r+TjfG3D +ZT2eAX9HethENX4GQxN+RQagyWOlnZVpf6QYnwg/bzRGtRSDLVYqmLJd5BbOrON7 +XN65I5DX2kBGtB3Y3F15hHjGxHFyded4bO9w/SF+jOM+yGnTnTQ1G7FSw0T8dwWo +7laPDx5WSM1zop0jLJ5iyZjNWJJt/j8t9FBGdqxtPUxP4jPVTTEiYJbtTauZtRUN +rc3UbQvDJTArGbwAQsTlYuMd59oIy2+cgpYHyhW2cPixL/VHxRYupNWj8g== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/vaultwarden_env.age b/flakes/secrets/vaultwarden_env.age new file mode 100644 index 0000000..083ba6c --- /dev/null +++ b/flakes/secrets/vaultwarden_env.age @@ -0,0 +1,20 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBMZ0VT +QWNCOUNSZ3ZPcmFFcXMvZkFqMVkxV1dRSDNLOTFzUExoc0F3dENFCldFZHdNSDdm +ZUR2eC94Y0cyRWJnTTRnSTlTRUlUSHlLS09IS2ZwZmVhOU0KLT4gc3NoLWVkMjU1 +MTkgc2EwSmpnIGlNaHFLQ0tZeFFLR1ZPZnpCbHEzdlZXWUxjWFNmMUdMVjdQUHlJ +cTJUVkEKcERQMVNNcmxQekUra2tUNUhyVTAxVThSb3RPRFBOOWMwRlFqUnRQQm13 +RQotPiAiXzVSX3wtZ3JlYXNlICpQMQpHUk5aSHJPRnNjQVR4Y2Q2TkhzU01SWWhh +TjBpb1JXbVFwSUxlT1BObEg0N2syNUJjUlc2TVJueVlyTXJRckQwCnhNOUZIVlVh +UG96d0pibVJsdmdNekJFUHg0NXFpa1JSd2lBdzN2S2JxenVMNVpWQ2hxRXlWUjFy +TWcKLS0tIG1QMHV3VW5VM25QVW80aUZOeEpTNG1qYksvQnE5emhBdzBuM2VMZE5n +VTQK6avsHayBgGGdjkwRORdaAz8mwLcxvI3YCMYwXjXCvJmIvlQerUEkDOU9D8sL +I+aSD5YCoHoJ5FsIOox5WWYEVcPxR/y1G2m3pAhZh1ner0Ckw29gsjdmckNwtSSr +tTrSve34ZEij1O7gfO30hW+Kd4579QWH/diFTrP88DjopqsaTWyh+A5A3WP6NxhJ +U0uL5RIPPGCMs0peqZG1Y44KRlt79hKELop4CwyF/06a3Oxuze5vifGl7+mogq0A +Xp3NgWR5AM2Fu+NfEQDUHU1R/CpyY6+VcTZWi8iu0/XfEiIQ4n5JSYNtd3ZL0ldL +WRoNdpA04IiCWM7fnRdDRVRGw9bDJ840oeBiSvbRqIt+uykEndEzKCxXh/jWvP+X +tBj05Rt2Qj3xAsq7yzsvK7vzacjV8fU2kNpxDvhVLQO8TBI5z7Sofu4Cy2fFY1F7 +J7JABO+kciZ23gdEofrHusv3oZvu2eQ5PO1FXCSsZzalum2cWWou11QDi3Vt65kN +wjleyKCDx4a68n7IoS2GOCpDw/G0ACmHrTSnztaO +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/zitadel_master_key.age b/flakes/secrets/zitadel_master_key.age new file mode 100644 index 0000000..3b07b55 --- /dev/null +++ b/flakes/secrets/zitadel_master_key.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAyWGFw +bUJNQkwvcjRKUWU5WWozTWZHb21IdDNlT0VwK21LQ2FZNEJWWWxJCjBBUDV4MkRt +Y3F5TWVMN0xLMjBibkJMcmUwdEwxM2pONUlLSU1EOXV5dXMKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIGJPcEx2TnFZZjVicDlYaVdwRmJHSnIvZlpRNkx5RG8zVmZTaTFq +bmkwM1kKK0o3ZVViNnBjS2NZbFV4TERBczJNQWxtWU1IYTNoL1EzQlNxWHhFNDZL +TQotPiBzc2gtZWQyNTUxOSA5di8ySEEgZm5nYXdJMElxVTE4TnVnY0xSVFVtMXFs +NTNobnI1MjdMNDhWRmpkL1BnSQpXRHcwSVVCajFhQlp4N2J5VGhKc3E2eHpYZmd6 +TlU2MXdtdmNrSUJpZjFFCi0+IG5wImA0LWdyZWFzZQpuSHRTckxXVTd4eTFETWE4 +MEQ0QXNaTzhSTmFOdjI5Vyt1bDVRU1k5dExiUVk3bEdCeGN2UFV4Y3RTR1MvalNn +CkhHWFF4TGtPcktieDZnQTRkdk9ndnllU05zSVlMOWh0R1ZncUlWNy9WZURiCi0t +LSAxdW84VUg5d21jT2hrNEJ0NlBES1NRRjU4b05JQW80dk9IL29LZGlST0FjCnt8 +t+yvFWU0LlFGAWmLc9i4XFUpexZf8rC2bfw3FkNPuCzAyvbowhBJnGkqK+2C+mtL +za43EsGaLvA5s8ObhLw= +-----END AGE ENCRYPTED FILE----- From 9de4c7892bdf28735875d43849d67d9b16b6d700 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 21 Oct 2025 23:31:59 -0500 Subject: [PATCH 066/109] working lio config I think with new system --- common/flake.nix | 3 + common/programs/default.nix | 1 + common/programs/flatpaks.nix | 66 ++ flakes/common/flake.nix | 8 +- flakes/common/hm_modules/de_sway/sway.nix | 2 +- flakes/common/nix_modules/de_sway.nix | 5 - flakes/common/nix_modules/docker.nix | 2 +- .../{test => common/nix_modules/flatpaks.nix} | 0 flakes/common/nix_modules/hardening.nix | 1 + flakes/common/nix_modules/podman.nix | 2 +- flakes/common/readme.md | 30 +- flakes/flatpaks/flake.lock | 27 + flakes/flatpaks/flake.nix | 65 ++ flakes/secrets/flake.lock | 202 ++++++ flakes/secrets/flake.nix | 3 +- hosts/lio/configuration.nix | 27 +- hosts/lio/flake.lock | 609 +++--------------- hosts/lio/flake.nix | 218 +++---- hosts/lio/opencode-shim.nix | 20 + hosts/lio/sway_customizations.nix | 11 +- 20 files changed, 625 insertions(+), 677 deletions(-) create mode 100644 common/programs/flatpaks.nix rename flakes/{test => common/nix_modules/flatpaks.nix} (100%) create mode 100644 flakes/flatpaks/flake.lock create mode 100644 flakes/flatpaks/flake.nix create mode 100644 flakes/secrets/flake.lock create mode 100644 hosts/lio/opencode-shim.nix diff --git a/common/flake.nix b/common/flake.nix index 05bf7ab..a91557d 100644 --- a/common/flake.nix +++ b/common/flake.nix @@ -4,6 +4,7 @@ home-manager.url = "github:rycee/home-manager/release-25.05"; ragenix.url = "github:yaxitech/ragenix"; hyprland.url = "github:hyprwm/Hyprland"; + nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; }; outputs = @@ -27,6 +28,8 @@ imports = [ home-manager.nixosModules.default ragenix.nixosModules.age + + nix-flatpak.nixosModules.nix-flatpak hyprland.nixosModules.default ./_home_manager ./options.nix diff --git a/common/programs/default.nix b/common/programs/default.nix index 82c2679..e856d4f 100644 --- a/common/programs/default.nix +++ b/common/programs/default.nix @@ -14,6 +14,7 @@ in ./podman.nix ./incus.nix ./virt-manager.nix + ./flatpaks.nix ]; config = { assertions = [ diff --git a/common/programs/flatpaks.nix b/common/programs/flatpaks.nix new file mode 100644 index 0000000..307fff2 --- /dev/null +++ b/common/programs/flatpaks.nix @@ -0,0 +1,66 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "flatpaks" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "flatpaks"; + packages = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = "List of Flatpak package names to install."; + }; + }; + + config = lib.mkIf cfg.enable { + services.flatpak = { + enable = true; + packages = cfg.packages; + overrides = { + global = { + Context.sockets = [ + "wayland" + "x11" + ]; + Context.devices = [ "dri" ]; # allow GPU access if desired + Environment = { + XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons"; + GTK_THEME = "Adwaita:dark"; + # Force wayland as much as possible. + ELECTRON_OZONE_PLATFORM_HINT = "auto"; # or 'auto' + GTK_USE_PORTAL = "1"; + OZONE_PLATFORM = "wayland"; + QT_QPA_PLATFORM = "xcb"; # force XCB for Flatpaks (XWayland) + }; + }; + "org.signal.Signal" = { + Environment = { + SIGNAL_PASSWORD_STORE = "gnome-libsecret"; + }; + Context = { + sockets = [ + "xfg-settings" + ]; + }; + }; + "com.google.Chrome" = { + Environment = { + CHROME_EXTRA_ARGS = "--enable-features=WaylandWindowDecorations --ozone-platform-hint=auto"; + }; + }; + }; + }; + }; +} diff --git a/flakes/common/flake.nix b/flakes/common/flake.nix index bed3399..39470ef 100644 --- a/flakes/common/flake.nix +++ b/flakes/common/flake.nix @@ -1,7 +1,3 @@ -let - utils = import ./utils.nix; -in -with utils; { description = "Common NixOS configuration modules and Home Manager modules that require not other inputs beyond nixpkgs or home-manager itself. This is made by me for me and not designed to be general purpose for anyone else, but could be useful nontheless."; inputs = { }; @@ -9,6 +5,10 @@ with utils; { ... }: + let + utils = import ./utils.nix; + in + with utils; { nixosModules = importAll ./nix_modules; homeManagerModules = importAll ./hm_modules; diff --git a/flakes/common/hm_modules/de_sway/sway.nix b/flakes/common/hm_modules/de_sway/sway.nix index 9854d05..09b7b09 100644 --- a/flakes/common/hm_modules/de_sway/sway.nix +++ b/flakes/common/hm_modules/de_sway/sway.nix @@ -103,7 +103,7 @@ # Keybindings mirroring Hyprland keybindings = { # Apps - "${modifier}+return" = "exec ${config.wayland.winfowManager.sway.config.terminal}"; + "${modifier}+return" = "exec ${config.wayland.windowManager.sway.config.terminal}"; "${modifier}+space" = "exec pkill wofi || wofi --show drun"; "${modifier}+q" = "kill"; "${modifier}+shift+Escape" = "exit"; diff --git a/flakes/common/nix_modules/de_sway.nix b/flakes/common/nix_modules/de_sway.nix index 21d3cbe..02eea3f 100644 --- a/flakes/common/nix_modules/de_sway.nix +++ b/flakes/common/nix_modules/de_sway.nix @@ -6,11 +6,6 @@ }: { - # Enable for all users via Home Manager fragments in this module - home-manager = { - sharedModules = [ ./home_manager ]; - }; - services.greetd = { enable = true; vt = 2; diff --git a/flakes/common/nix_modules/docker.nix b/flakes/common/nix_modules/docker.nix index 416d2fc..1d9b1ff 100644 --- a/flakes/common/nix_modules/docker.nix +++ b/flakes/common/nix_modules/docker.nix @@ -8,7 +8,7 @@ enable = true; autoPrune.enable = true; }; - users.extraGroups.docker.members = builtins.AttrNames config.users.users; + users.extraGroups.docker.members = builtins.attrNames config.users.users; environment.shellAliases = { dockerv = "docker volume"; dockeri = "docker image"; diff --git a/flakes/test b/flakes/common/nix_modules/flatpaks.nix similarity index 100% rename from flakes/test rename to flakes/common/nix_modules/flatpaks.nix diff --git a/flakes/common/nix_modules/hardening.nix b/flakes/common/nix_modules/hardening.nix index 9e3ac3f..be2e326 100644 --- a/flakes/common/nix_modules/hardening.nix +++ b/flakes/common/nix_modules/hardening.nix @@ -52,6 +52,7 @@ enable = true; settings = { LogLevel = "VERBOSE"; + # TODO revisit allowing root login PermitRootLogin = "yes"; PasswordAuthentication = false; }; diff --git a/flakes/common/nix_modules/podman.nix b/flakes/common/nix_modules/podman.nix index 0408e28..27a456b 100644 --- a/flakes/common/nix_modules/podman.nix +++ b/flakes/common/nix_modules/podman.nix @@ -7,5 +7,5 @@ enable = true; autoPrune.enable = true; }; - users.extraGroups.docker.members = builtins.AttrNames config.users.users; + users.extraGroups.docker.members = builtins.attrNames config.users.users; } diff --git a/flakes/common/readme.md b/flakes/common/readme.md index 1897981..38def10 100644 --- a/flakes/common/readme.md +++ b/flakes/common/readme.md @@ -1,7 +1,10 @@ required settings? +- nixpkgs and home manager flake inputs + ```nix # Required system information +system.stateVersion = "ORIGINAL VALUE" networking.hostName = "system_name"; # Where this config lives for this machine @@ -14,14 +17,32 @@ users.users = { josh = { isNormalUser = true; initialPassword = "password1"; - extraGroups = [ "wheel" ]; + extraGroups = [ "wheel" "networkmanager" "video" "input" ]; + openssh.authorizedKeys.keys = [ "replace" ]; }; }; + +# Home manager only below this line (optional) +security.polkit.enable = true; +home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + backupFileExtension = "bak"; + sharedModules = [ + ({}: { + home.stateVersion = "MATCH_HM_VERSION_AS_INPUT"; + programs.home-manager.enable = true; + }) + ]; +}; ``` # TODO add somewhere ```nix + + + # allow mounting ntfs filesystems boot.supportedFilesystems = [ "ntfs" ]; @@ -53,4 +74,9 @@ services.tailscale.extraUpFlags = ++ (lib.optionals cfg.enableExitNode [ "--adve - rust dev (now using direnv local flakes for that) - incus - virt-manager - - +- hm not ported + - obs +- opensnitch + - homemanager `services.opensnitch-ui.enable = true;` +- hyprland config +- i3 isntead of sway? diff --git a/flakes/flatpaks/flake.lock b/flakes/flatpaks/flake.lock new file mode 100644 index 0000000..cc6c6bf --- /dev/null +++ b/flakes/flatpaks/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "root": { + "inputs": { + "nix-flatpak": "nix-flatpak" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flakes/flatpaks/flake.nix b/flakes/flatpaks/flake.nix new file mode 100644 index 0000000..3cebad2 --- /dev/null +++ b/flakes/flatpaks/flake.nix @@ -0,0 +1,65 @@ +{ + inputs = { + nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; + }; + + outputs = + { + nix-flatpak, + ... + }: + { + nixosModules = { + default = + { + config, + lib, + pkgs, + ... + }: + { + imports = [ + nix-flatpak.nixosModules.nix-flatpak + ]; + config = { + services.flatpak = { + enable = true; + overrides = { + global = { + Context.sockets = [ + "wayland" + "x11" + ]; + Context.devices = [ "dri" ]; # allow GPU access if desired + Environment = { + XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons"; + GTK_THEME = "Adwaita:dark"; + # Force wayland as much as possible. + ELECTRON_OZONE_PLATFORM_HINT = "auto"; # or 'auto' + GTK_USE_PORTAL = "1"; + OZONE_PLATFORM = "wayland"; + QT_QPA_PLATFORM = "xcb"; # force XCB for Flatpaks (XWayland) + }; + }; + "org.signal.Signal" = { + Environment = { + SIGNAL_PASSWORD_STORE = "gnome-libsecret"; + }; + Context = { + sockets = [ + "xfg-settings" + ]; + }; + }; + "com.google.Chrome" = { + Environment = { + CHROME_EXTRA_ARGS = "--enable-features=WaylandWindowDecorations --ozone-platform-hint=auto"; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/flakes/secrets/flake.lock b/flakes/secrets/flake.lock new file mode 100644 index 0000000..190b4a5 --- /dev/null +++ b/flakes/secrets/flake.lock @@ -0,0 +1,202 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager", + "nixpkgs": [ + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "ragenix": "ragenix" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flakes/secrets/flake.nix b/flakes/secrets/flake.nix index 80731ba..70fc8d8 100644 --- a/flakes/secrets/flake.nix +++ b/flakes/secrets/flake.nix @@ -20,7 +20,6 @@ { imports = [ ragenix.nixosModules.age - ./secrets ]; config = let @@ -64,7 +63,7 @@ in lib.nameValuePair base ( { - file = ./. + "/secrets/${name}"; + file = ./. + "/${name}"; owner = user; } // lib.optionalAttrs (lib.elem base worldReadable) { diff --git a/hosts/lio/configuration.nix b/hosts/lio/configuration.nix index 07eba39..7f454ba 100644 --- a/hosts/lio/configuration.nix +++ b/hosts/lio/configuration.nix @@ -1,4 +1,6 @@ { + upkgs, + pkgs, ... }: { @@ -11,8 +13,6 @@ # System76 hardware.system76.enableAll = true; - system.stateVersion = "23.11"; - services = { # https://discourse.nixos.org/t/very-high-fan-noises-on-nixos-using-a-system76-thelio/23875/10 # Fixes insane jet speed fan noise @@ -28,4 +28,27 @@ # }; }; }; + + # Also allow this key to work for root user, this will let us use this as a remote builder easier + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" + ]; + # Allow emulation of aarch64-linux binaries for cross compiling + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + environment.systemPackages = with pkgs; [ + lua + qdirstat + ffmpeg-full + appimage-run + nodejs_24 + foot + vlc + upkgs.ladybird + google-chrome + trilium-desktop + dig + traceroute + # opensnitch-ui + ]; } diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 5892055..0bc2223 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -5,11 +5,11 @@ "darwin": "darwin", "home-manager": "home-manager_2", "nixpkgs": [ - "common", + "secrets", "ragenix", "nixpkgs" ], - "systems": "systems_2" + "systems": "systems" }, "locked": { "lastModified": 1736955230, @@ -25,64 +25,16 @@ "type": "github" } }, - "aquamarine": { - "inputs": { - "hyprutils": [ - "common", - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "common", - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759499898, - "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", - "owner": "hyprwm", - "repo": "aquamarine", - "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "aquamarine", - "type": "github" - } - }, "common": { - "inputs": { - "home-manager": "home-manager", - "hyprland": "hyprland", - "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_3", - "ragenix": "ragenix" - }, "locked": { - "lastModified": 1760816431, - "narHash": "sha256-X3s7h60hnps26+KkRXn52E3Tq+j/vDcmNvWnDiHtWxI=", - "ref": "refs/heads/master", - "rev": "35cff92c209806bb76ad51e0c515dde6ad2b6a22", - "revCount": 725, - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + "path": "../../flakes/common", + "type": "path" }, "original": { - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" - } + "path": "../../flakes/common", + "type": "path" + }, + "parent": [] }, "crane": { "locked": { @@ -102,7 +54,7 @@ "darwin": { "inputs": { "nixpkgs": [ - "common", + "secrets", "ragenix", "agenix", "nixpkgs" @@ -123,25 +75,9 @@ "type": "github" } }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-utils": { "inputs": { - "systems": "systems_3" + "systems": "systems_2" }, "locked": { "lastModified": 1731533236, @@ -157,28 +93,19 @@ "type": "github" } }, - "gitignore": { + "flatpaks": { "inputs": { - "nixpkgs": [ - "common", - "hyprland", - "pre-commit-hooks", - "nixpkgs" - ] + "nix-flatpak": "nix-flatpak" }, "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" + "path": "../../flakes/flatpaks", + "type": "path" }, "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } + "path": "../../flakes/flatpaks", + "type": "path" + }, + "parent": [] }, "home-manager": { "inputs": { @@ -202,7 +129,7 @@ "home-manager_2": { "inputs": { "nixpkgs": [ - "common", + "secrets", "ragenix", "agenix", "nixpkgs" @@ -222,287 +149,6 @@ "type": "github" } }, - "hyprcursor": { - "inputs": { - "hyprlang": [ - "common", - "hyprland", - "hyprlang" - ], - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1753964049, - "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", - "owner": "hyprwm", - "repo": "hyprcursor", - "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprcursor", - "type": "github" - } - }, - "hyprgraphics": { - "inputs": { - "hyprutils": [ - "common", - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759490292, - "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", - "owner": "hyprwm", - "repo": "hyprgraphics", - "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprgraphics", - "type": "github" - } - }, - "hyprland": { - "inputs": { - "aquamarine": "aquamarine", - "hyprcursor": "hyprcursor", - "hyprgraphics": "hyprgraphics", - "hyprland-protocols": "hyprland-protocols", - "hyprland-qtutils": "hyprland-qtutils", - "hyprlang": "hyprlang", - "hyprutils": "hyprutils", - "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs_2", - "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems", - "xdph": "xdph" - }, - "locked": { - "lastModified": 1760813095, - "narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=", - "owner": "hyprwm", - "repo": "Hyprland", - "rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "Hyprland", - "type": "github" - } - }, - "hyprland-protocols": { - "inputs": { - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1749046714, - "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", - "owner": "hyprwm", - "repo": "hyprland-protocols", - "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-protocols", - "type": "github" - } - }, - "hyprland-qt-support": { - "inputs": { - "hyprlang": [ - "common", - "hyprland", - "hyprland-qtutils", - "hyprlang" - ], - "nixpkgs": [ - "common", - "hyprland", - "hyprland-qtutils", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "hyprland-qtutils", - "systems" - ] - }, - "locked": { - "lastModified": 1749154592, - "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "type": "github" - } - }, - "hyprland-qtutils": { - "inputs": { - "hyprland-qt-support": "hyprland-qt-support", - "hyprlang": [ - "common", - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "common", - "hyprland", - "hyprland-qtutils", - "hyprlang", - "hyprutils" - ], - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759080228, - "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "type": "github" - } - }, - "hyprlang": { - "inputs": { - "hyprutils": [ - "common", - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1758927902, - "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", - "owner": "hyprwm", - "repo": "hyprlang", - "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprlang", - "type": "github" - } - }, - "hyprutils": { - "inputs": { - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759619523, - "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", - "owner": "hyprwm", - "repo": "hyprutils", - "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprutils", - "type": "github" - } - }, - "hyprwayland-scanner": { - "inputs": { - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755184602, - "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "type": "github" - } - }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -553,32 +199,31 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1759381078, - "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", - "owner": "NixOS", + "lastModified": 1760580664, + "narHash": "sha256-/YdfibIrnqXAL8p5kqCU345mzpHoOtuVIkMiI2pF4Dc=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", + "rev": "98ff3f9af2684f6136c24beef08f5e2033fc5389", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", + "owner": "nixos", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { "locked": { - "lastModified": 1760524057, - "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", + "lastModified": 1759772810, + "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", + "rev": "2b78ecc45e163d655c08c9a4cffb4a91c66d0493", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -599,37 +244,6 @@ "type": "github" } }, - "nixpkgs_5": { - "locked": { - "lastModified": 1760580664, - "narHash": "sha256-/YdfibIrnqXAL8p5kqCU345mzpHoOtuVIkMiI2pF4Dc=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "98ff3f9af2684f6136c24beef08f5e2033fc5389", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_6": { - "locked": { - "lastModified": 1759772810, - "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "2b78ecc45e163d655c08c9a4cffb4a91c66d0493", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "type": "github" - } - }, "nvim_plugin-Almo7aya/openingh.nvim": { "flake": false, "locked": { @@ -1510,37 +1124,13 @@ "type": "github" } }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": "flake-compat", - "gitignore": "gitignore", - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1758108966, - "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, "ragenix": { "inputs": { "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", "nixpkgs": "nixpkgs_4", - "rust-overlay": "rust-overlay" + "rust-overlay": "rust-overlay_2" }, "locked": { "lastModified": 1744897914, @@ -1559,14 +1149,17 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_5", + "flatpaks": "flatpaks", + "home-manager": "home-manager", + "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", - "ros_neovim": "ros_neovim" + "ros_neovim": "ros_neovim", + "secrets": "secrets" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_3", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1622,7 +1215,7 @@ "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", - "rust-overlay": "rust-overlay_2" + "rust-overlay": "rust-overlay" }, "locked": { "lastModified": 1760630879, @@ -1639,28 +1232,6 @@ } }, "rust-overlay": { - "inputs": { - "nixpkgs": [ - "common", - "ragenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1741400194, - "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_2": { "inputs": { "nixpkgs": [ "ros_neovim", @@ -1681,18 +1252,54 @@ "type": "github" } }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "secrets", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "secrets": { + "inputs": { + "ragenix": "ragenix" + }, + "locked": { + "path": "../../flakes/secrets", + "type": "path" + }, + "original": { + "path": "../../flakes/secrets", + "type": "path" + }, + "parent": [] + }, "systems": { "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default-linux", + "repo": "default", "type": "github" } }, @@ -1710,68 +1317,6 @@ "repo": "default", "type": "github" } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "xdph": { - "inputs": { - "hyprland-protocols": [ - "common", - "hyprland", - "hyprland-protocols" - ], - "hyprlang": [ - "common", - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "common", - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "common", - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "common", - "hyprland", - "nixpkgs" - ], - "systems": [ - "common", - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755354946, - "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "type": "github" - } } }, "root": "root", diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 4212ba1..dda521b 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -1,11 +1,15 @@ { inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + home-manager.url = "github:rycee/home-manager/release-25.05"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - # common.url = "path:../../common"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + common.url = "path:../../flakes/common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + secrets.url = "path:../../flakes/secrets"; + flatpaks.url = "path:../../flakes/flatpaks"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; @@ -13,7 +17,10 @@ outputs = { nixpkgs, + home-manager, common, + secrets, + flatpaks, ros_neovim, ... }@inputs: @@ -33,14 +40,35 @@ }; }; modules = [ - common.nixosModules.default + home-manager.nixosModules.default + + secrets.nixosModules.default ros_neovim.nixosModules.default + flatpaks.nixosModules.default + + common.nixosModules.essentials + common.nixosModules.git + common.nixosModules.tmux + common.nixosModules.boot_systemd + common.nixosModules.de_sway + common.nixosModules.hardening + common.nixosModules.jetbrains_font + common.nixosModules.nix_options + common.nixosModules.no_sleep + common.nixosModules.podman + common.nixosModules.q_flipper + common.nixosModules.tailnet + common.nixosModules.timezone_auto + common.nixosModules.tty_caps_esc + common.nixosModules.zsh + ./configuration.nix ./hardware-configuration.nix (import ./containers.nix { inherit inputs; }) # ./jails_text.nix # ./hyprland_customizations.nix ./sway_customizations.nix + ./opencode-shim.nix ( { config, @@ -49,136 +77,76 @@ lib, ... }: - { - programs = { - nix-ld = { - enable = true; - libraries = with pkgs; [ - icu - gmp - glibc - openssl - stdenv.cc.cc + rec { + # Home Manager + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + backupFileExtension = "bak"; + # add all normal users to home manager so it applies to them + users = lib.mapAttrs (name: user: { + home.stateVersion = "25.05"; + programs.home-manager.enable = true; + }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users); + + sharedModules = [ + common.homeManagerModules.de_sway + common.homeManagerModules.tmux + common.homeManagerModules.atuin + common.homeManagerModules.direnv + common.homeManagerModules.foot + common.homeManagerModules.git + common.homeManagerModules.kitty + common.homeManagerModules.postgres_cli_options + common.homeManagerModules.slicer + common.homeManagerModules.ssh + common.homeManagerModules.starship + common.homeManagerModules.zoxide + common.homeManagerModules.zsh + ]; + + extraSpecialArgs = { + inherit inputs; + inherit upkgs; + }; + }; + + # System configuration + system.stateVersion = "23.11"; + networking.hostName = configuration_name; + programs.nh.flake = "/home/josh/.config/nixos-config/hosts/${config.networking.hostName}"; + nixpkgs.config.allowUnfree = true; + + # Users + users.users = { + josh = { + isNormalUser = true; + initialPassword = "password1"; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "input" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" ]; }; }; - environment.shellAliases = { - "oc" = - "all_proxy='' http_proxy='' https_proxy='' /home/josh/other/opencode/node_modules/opencode-linux-x64/bin/opencode"; - "occ" = "oc -c"; - }; - environment.systemPackages = with pkgs; [ - lua - qdirstat - ffmpeg-full - appimage-run - nodejs_24 - foot - vlc - upkgs.ladybird - google-chrome - trilium-desktop - dig - traceroute - # opensnitch-ui + services.flatpak.packages = [ + "org.signal.Signal" + "dev.vencord.Vesktop" + "md.obsidian.Obsidian" + "com.spotify.Client" + "com.bitwarden.desktop" + "org.openscad.OpenSCAD" + "org.blender.Blender" + "com.rustdesk.RustDesk" ]; - # Also allow this key to work for root user, this will let us use this as a remote builder easier - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" - ]; - # Allow emulation of aarch64-linux binaries for cross compiling - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - - home-manager.extraSpecialArgs = { - inherit inputs; - inherit upkgs; - }; - - ringofstorms_common = { - systemName = configuration_name; - boot.systemd.enable = true; - secrets.enable = true; - general = { - reporting.enable = true; - disableRemoteBuildsOnLio = true; - }; - desktopEnvironment.sway = { - enable = true; - waybar.enable = true; - swaync.enable = true; - }; - programs = { - rustDev.enable = true; - uhkAgent.enable = true; - tailnet.enable = true; - tailnet.enableExitNode = true; - ssh.enable = true; - podman.enable = true; - virt-manager.enable = true; - flatpaks = { - enable = true; - packages = [ - "org.signal.Signal" - "dev.vencord.Vesktop" - "md.obsidian.Obsidian" - "com.spotify.Client" - "com.bitwarden.desktop" - "org.openscad.OpenSCAD" - "org.blender.Blender" - "com.rustdesk.RustDesk" - ]; - }; - }; - users = { - # Users are all normal users and default password is password1 - admins = [ "josh" ]; # First admin is also the primary user owning nix config - users = { - josh = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" - ]; - extraGroups = [ - "networkmanager" - "video" - "input" - ]; - shell = pkgs.zsh; - packages = with pkgs; [ - sabnzbd - ]; - }; - }; - }; - homeManager = { - users = { - josh = { - imports = with common.homeManagerModules; [ - tmux - atuin - kitty - foot - direnv - git - nix_deprecations - obs - postgres - slicer - ssh - starship - zoxide - zsh - ]; - - # services.opensnitch-ui.enable = true; - }; - }; - }; - }; } ) ]; - } ); }; diff --git a/hosts/lio/opencode-shim.nix b/hosts/lio/opencode-shim.nix new file mode 100644 index 0000000..e4ecdd4 --- /dev/null +++ b/hosts/lio/opencode-shim.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: +{ + programs = { + nix-ld = { + enable = true; + libraries = with pkgs; [ + icu + gmp + glibc + openssl + stdenv.cc.cc + ]; + }; + }; + environment.shellAliases = { + "oc" = + "all_proxy='' http_proxy='' https_proxy='' /home/josh/other/opencode/node_modules/opencode-linux-x64/bin/opencode"; + "occ" = "oc -c"; + }; +} diff --git a/hosts/lio/sway_customizations.nix b/hosts/lio/sway_customizations.nix index 007bc3f..a58f2e2 100644 --- a/hosts/lio/sway_customizations.nix +++ b/hosts/lio/sway_customizations.nix @@ -74,8 +74,15 @@ in options = { }; config = { - environment.systemPackages = [ ]; + # ringofstorms_common.desktopEnvironment.sway.extraOptions = swayExtraOptions; - ringofstorms_common.desktopEnvironment.sway.extraOptions = swayExtraOptions; + home-manager.sharedModules = [ + ( + { ... }: + { + wayland.windowManager.sway.config = swayExtraOptions; + } + ) + ]; }; } From 741363b361dbb1f7f08dad81c3d7b3bd2cdae093 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 21 Oct 2025 23:33:33 -0500 Subject: [PATCH 067/109] pin to remote --- hosts/lio/flake.lock | 54 +++++++++++++++++++++++++++++--------------- hosts/lio/flake.nix | 10 ++++---- 2 files changed, 42 insertions(+), 22 deletions(-) diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 0bc2223..34e025f 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -27,14 +27,20 @@ }, "common": { "locked": { - "path": "../../flakes/common", - "type": "path" + "dir": "flakes/common", + "lastModified": 1761107519, + "narHash": "sha256-HV+W8peuB0elo/32CgwfITp/ox4dFDXaM22z/HlmZ2c=", + "ref": "refs/heads/master", + "rev": "9de4c7892bdf28735875d43849d67d9b16b6d700", + "revCount": 731, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../flakes/common", - "type": "path" - }, - "parent": [] + "dir": "flakes/common", + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "crane": { "locked": { @@ -98,14 +104,20 @@ "nix-flatpak": "nix-flatpak" }, "locked": { - "path": "../../flakes/flatpaks", - "type": "path" + "dir": "flakes/flatpaks", + "lastModified": 1761107519, + "narHash": "sha256-HV+W8peuB0elo/32CgwfITp/ox4dFDXaM22z/HlmZ2c=", + "ref": "refs/heads/master", + "rev": "9de4c7892bdf28735875d43849d67d9b16b6d700", + "revCount": 731, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../flakes/flatpaks", - "type": "path" - }, - "parent": [] + "dir": "flakes/flatpaks", + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "home-manager": { "inputs": { @@ -1279,14 +1291,20 @@ "ragenix": "ragenix" }, "locked": { - "path": "../../flakes/secrets", - "type": "path" + "dir": "flakes/secrets", + "lastModified": 1761107519, + "narHash": "sha256-HV+W8peuB0elo/32CgwfITp/ox4dFDXaM22z/HlmZ2c=", + "ref": "refs/heads/master", + "rev": "9de4c7892bdf28735875d43849d67d9b16b6d700", + "revCount": 731, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../flakes/secrets", - "type": "path" - }, - "parent": [] + "dir": "flakes/secrets", + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "systems": { "locked": { diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index dda521b..c8b9294 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -6,10 +6,12 @@ nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - common.url = "path:../../flakes/common"; - # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; - secrets.url = "path:../../flakes/secrets"; - flatpaks.url = "path:../../flakes/flatpaks"; + # common.url = "path:../../flakes/common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; + # secrets.url = "path:../../flakes/secrets"; + secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; + # flatpaks.url = "path:../../flakes/flatpaks"; + flatpaks.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/flatpaks"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; From 303afdceb6aef84ee17dceca04ea57374efe05a8 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 21 Oct 2025 23:48:27 -0500 Subject: [PATCH 068/109] remove old common, using new sub flakes and modules --- common/_home_manager/default.nix | 52 -- common/_home_manager/mods/alacritty.nix | 34 - common/_home_manager/mods/atuin.nix | 16 - common/_home_manager/mods/direnv.nix | 23 - common/_home_manager/mods/foot.nix | 61 -- common/_home_manager/mods/git.nix | 67 -- common/_home_manager/mods/kitty.nix | 65 -- common/_home_manager/mods/launcher_rofi.nix | 18 - .../_home_manager/mods/nix_deprecations.nix | 18 - common/_home_manager/mods/obs.nix | 4 - common/_home_manager/mods/postgres.nix | 7 - common/_home_manager/mods/slicer.nix | 33 - common/_home_manager/mods/ssh.nix | 162 ----- common/_home_manager/mods/starship.nix | 52 -- .../_home_manager/mods/tmux/tmux-reset.conf | 76 -- common/_home_manager/mods/tmux/tmux.nix | 76 -- common/_home_manager/mods/zoxide.nix | 8 - common/_home_manager/mods/zsh.nix | 42 -- common/boot/default.nix | 35 - common/boot/grub.nix | 35 - common/boot/systemd.nix | 33 - common/config.nix | 3 - common/desktop_environment/cosmic/default.nix | 57 -- common/desktop_environment/default.nix | 45 -- common/desktop_environment/gnome/black.png | Bin 70 -> 0 bytes common/desktop_environment/gnome/dconf.nix | 208 ------ common/desktop_environment/gnome/default.nix | 86 --- common/desktop_environment/gnome/wofi.css | 51 -- common/desktop_environment/gnome/wofi.nix | 31 - .../desktop_environment/hyprland/default.nix | 170 ----- .../hyprland/home_manager/default.nix | 15 - .../hyprland/home_manager/hyprland.nix | 176 ----- .../hyprland/home_manager/hyprpaper.nix | 22 - .../hyprland/home_manager/hyprpolkitagent.nix | 8 - .../hyprland/home_manager/quickshell.nix | 93 --- .../hyprland/home_manager/scripts.nix | 10 - .../home_manager/scripts/confirm-action.sh | 14 - .../scripts/toggle-airplane-mode.sh | 6 - .../scripts/toggle-power-profile.sh | 6 - .../scripts/wofi-bluetooth-menu.sh | 21 - .../home_manager/scripts/wofi-wifi-menu.sh | 24 - .../hyprland/home_manager/swaylock.nix | 17 - .../hyprland/home_manager/swaync.nix | 251 ------- .../hyprland/home_manager/template.nix | 18 - .../hyprland/home_manager/theme.nix | 32 - .../hyprland/home_manager/waybar.nix | 258 ------- .../home_manager/waybar/power_menu.xml | 26 - .../hyprland/home_manager/waybar/waybar.css | 102 --- .../hyprland/home_manager/wofi.nix | 26 - common/desktop_environment/sway/default.nix | 154 ---- .../sway/home_manager/default.nix | 12 - .../sway/home_manager/polkit.nix | 4 - .../sway/home_manager/sway.nix | 193 ----- .../sway/home_manager/swaylock.nix | 15 - .../sway/home_manager/swaync.nix | 112 --- .../sway/home_manager/theme.nix | 15 - .../sway/home_manager/waybar.nix | 259 ------- .../sway/home_manager/waybar/power_menu.xml | 26 - .../sway/home_manager/waybar/waybar.css | 101 --- .../sway/home_manager/wofi.nix | 23 - common/flake.lock | 681 ------------------ common/flake.nix | 83 --- common/general/default.nix | 225 ------ common/general/fonts.nix | 59 -- common/general/reporting.nix | 80 -- common/general/shell/branch.func.sh | 213 ------ common/general/shell/branchd.func.sh | 131 ---- common/general/shell/common.nix | 73 -- common/general/shell/common.sh | 220 ------ common/general/shell/link_ignored.func.sh | 159 ---- common/general/shell/tmux_helpers.sh | 34 - common/general/tty_caps_esc.nix | 33 - common/options.nix | 18 - common/programs/default.nix | 43 -- common/programs/docker.nix | 36 - common/programs/flatpaks.nix | 66 -- common/programs/incus.nix | 33 - common/programs/podman.nix | 32 - common/programs/qFlipper.nix | 33 - common/programs/rustDev.nix | 53 -- common/programs/ssh.nix | 97 --- common/programs/tailnet.nix | 53 -- common/programs/uhkAgent.nix | 31 - common/programs/virt-manager.nix | 42 -- common/secrets/default.nix | 77 -- common/secrets/secrets/github_read_token.age | 42 -- common/secrets/secrets/headscale_auth.age | 40 - common/secrets/secrets/linode_rw_domains.age | 43 -- common/secrets/secrets/nix2bitbucket.age | 50 -- common/secrets/secrets/nix2gitforgejo.age | 49 -- common/secrets/secrets/nix2github.age | 49 -- common/secrets/secrets/nix2gitjosh.age | 50 -- common/secrets/secrets/nix2gpdPocket3.age | 50 -- common/secrets/secrets/nix2h001.age | 48 -- common/secrets/secrets/nix2h002.age | 48 -- common/secrets/secrets/nix2h003.age | 50 -- common/secrets/secrets/nix2joe.age | 49 -- common/secrets/secrets/nix2l002.age | 49 -- common/secrets/secrets/nix2linode.age | 49 -- common/secrets/secrets/nix2lio.age | 50 -- common/secrets/secrets/nix2nix.age | 51 -- common/secrets/secrets/nix2oracle.age | 49 -- common/secrets/secrets/nix2oren.age | 49 -- common/secrets/secrets/nix2t.age | 49 -- .../secrets/secrets/oauth2_proxy_key_file.age | 17 - common/secrets/secrets/obsidian_sync_env.age | 43 -- common/secrets/secrets/openwebui_env.age | 15 - common/secrets/secrets/secrets.nix | 138 ---- common/secrets/secrets/us_chi_wg.age | 46 -- common/secrets/secrets/vaultwarden_env.age | 20 - common/secrets/secrets/zitadel_master_key.age | 15 - common/users/default.nix | 56 -- hosts/lio/configuration.nix | 2 + hosts/lio/flake.nix | 12 +- hosts/template.nix | 130 ++++ readme.md | 29 +- 116 files changed, 156 insertions(+), 7493 deletions(-) delete mode 100644 common/_home_manager/default.nix delete mode 100644 common/_home_manager/mods/alacritty.nix delete mode 100644 common/_home_manager/mods/atuin.nix delete mode 100644 common/_home_manager/mods/direnv.nix delete mode 100644 common/_home_manager/mods/foot.nix delete mode 100644 common/_home_manager/mods/git.nix delete mode 100644 common/_home_manager/mods/kitty.nix delete mode 100644 common/_home_manager/mods/launcher_rofi.nix delete mode 100644 common/_home_manager/mods/nix_deprecations.nix delete mode 100644 common/_home_manager/mods/obs.nix delete mode 100644 common/_home_manager/mods/postgres.nix delete mode 100644 common/_home_manager/mods/slicer.nix delete mode 100644 common/_home_manager/mods/ssh.nix delete mode 100644 common/_home_manager/mods/starship.nix delete mode 100644 common/_home_manager/mods/tmux/tmux-reset.conf delete mode 100644 common/_home_manager/mods/tmux/tmux.nix delete mode 100644 common/_home_manager/mods/zoxide.nix delete mode 100644 common/_home_manager/mods/zsh.nix delete mode 100644 common/boot/default.nix delete mode 100644 common/boot/grub.nix delete mode 100644 common/boot/systemd.nix delete mode 100644 common/config.nix delete mode 100644 common/desktop_environment/cosmic/default.nix delete mode 100644 common/desktop_environment/default.nix delete mode 100644 common/desktop_environment/gnome/black.png delete mode 100644 common/desktop_environment/gnome/dconf.nix delete mode 100644 common/desktop_environment/gnome/default.nix delete mode 100644 common/desktop_environment/gnome/wofi.css delete mode 100644 common/desktop_environment/gnome/wofi.nix delete mode 100644 common/desktop_environment/hyprland/default.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/default.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/hyprland.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/hyprpaper.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/hyprpolkitagent.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/quickshell.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/scripts.nix delete mode 100755 common/desktop_environment/hyprland/home_manager/scripts/confirm-action.sh delete mode 100755 common/desktop_environment/hyprland/home_manager/scripts/toggle-airplane-mode.sh delete mode 100755 common/desktop_environment/hyprland/home_manager/scripts/toggle-power-profile.sh delete mode 100755 common/desktop_environment/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh delete mode 100755 common/desktop_environment/hyprland/home_manager/scripts/wofi-wifi-menu.sh delete mode 100644 common/desktop_environment/hyprland/home_manager/swaylock.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/swaync.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/template.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/theme.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/waybar.nix delete mode 100644 common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml delete mode 100644 common/desktop_environment/hyprland/home_manager/waybar/waybar.css delete mode 100644 common/desktop_environment/hyprland/home_manager/wofi.nix delete mode 100644 common/desktop_environment/sway/default.nix delete mode 100644 common/desktop_environment/sway/home_manager/default.nix delete mode 100644 common/desktop_environment/sway/home_manager/polkit.nix delete mode 100644 common/desktop_environment/sway/home_manager/sway.nix delete mode 100644 common/desktop_environment/sway/home_manager/swaylock.nix delete mode 100644 common/desktop_environment/sway/home_manager/swaync.nix delete mode 100644 common/desktop_environment/sway/home_manager/theme.nix delete mode 100644 common/desktop_environment/sway/home_manager/waybar.nix delete mode 100644 common/desktop_environment/sway/home_manager/waybar/power_menu.xml delete mode 100644 common/desktop_environment/sway/home_manager/waybar/waybar.css delete mode 100644 common/desktop_environment/sway/home_manager/wofi.nix delete mode 100644 common/flake.lock delete mode 100644 common/flake.nix delete mode 100644 common/general/default.nix delete mode 100644 common/general/fonts.nix delete mode 100644 common/general/reporting.nix delete mode 100644 common/general/shell/branch.func.sh delete mode 100644 common/general/shell/branchd.func.sh delete mode 100644 common/general/shell/common.nix delete mode 100644 common/general/shell/common.sh delete mode 100644 common/general/shell/link_ignored.func.sh delete mode 100644 common/general/shell/tmux_helpers.sh delete mode 100644 common/general/tty_caps_esc.nix delete mode 100644 common/options.nix delete mode 100644 common/programs/default.nix delete mode 100644 common/programs/docker.nix delete mode 100644 common/programs/flatpaks.nix delete mode 100644 common/programs/incus.nix delete mode 100644 common/programs/podman.nix delete mode 100644 common/programs/qFlipper.nix delete mode 100644 common/programs/rustDev.nix delete mode 100644 common/programs/ssh.nix delete mode 100644 common/programs/tailnet.nix delete mode 100644 common/programs/uhkAgent.nix delete mode 100644 common/programs/virt-manager.nix delete mode 100644 common/secrets/default.nix delete mode 100644 common/secrets/secrets/github_read_token.age delete mode 100644 common/secrets/secrets/headscale_auth.age delete mode 100644 common/secrets/secrets/linode_rw_domains.age delete mode 100644 common/secrets/secrets/nix2bitbucket.age delete mode 100644 common/secrets/secrets/nix2gitforgejo.age delete mode 100644 common/secrets/secrets/nix2github.age delete mode 100644 common/secrets/secrets/nix2gitjosh.age delete mode 100644 common/secrets/secrets/nix2gpdPocket3.age delete mode 100644 common/secrets/secrets/nix2h001.age delete mode 100644 common/secrets/secrets/nix2h002.age delete mode 100644 common/secrets/secrets/nix2h003.age delete mode 100644 common/secrets/secrets/nix2joe.age delete mode 100644 common/secrets/secrets/nix2l002.age delete mode 100644 common/secrets/secrets/nix2linode.age delete mode 100644 common/secrets/secrets/nix2lio.age delete mode 100644 common/secrets/secrets/nix2nix.age delete mode 100644 common/secrets/secrets/nix2oracle.age delete mode 100644 common/secrets/secrets/nix2oren.age delete mode 100644 common/secrets/secrets/nix2t.age delete mode 100644 common/secrets/secrets/oauth2_proxy_key_file.age delete mode 100644 common/secrets/secrets/obsidian_sync_env.age delete mode 100644 common/secrets/secrets/openwebui_env.age delete mode 100644 common/secrets/secrets/secrets.nix delete mode 100644 common/secrets/secrets/us_chi_wg.age delete mode 100644 common/secrets/secrets/vaultwarden_env.age delete mode 100644 common/secrets/secrets/zitadel_master_key.age delete mode 100644 common/users/default.nix create mode 100644 hosts/template.nix diff --git a/common/_home_manager/default.nix b/common/_home_manager/default.nix deleted file mode 100644 index de3d9b7..0000000 --- a/common/_home_manager/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - config, - lib, - hyprland, - hyprlandPkgs, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "homeManager" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - users = lib.mkOption { - type = lib.types.attrsOf lib.types.attrs; - default = { }; - description = "Home manager users to configure. Should match nix options of home-manager.users..*"; - }; - stateVersion = lib.mkOption { - type = lib.types.str; - default = "25.05"; - description = "Home manager state version"; - }; - }; - config = { - # Home manager options - security.polkit.enable = true; - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - home-manager.backupFileExtension = "bak"; - - home-manager.extraSpecialArgs = { - inherit hyprland hyprlandPkgs; - }; - - home-manager.users = lib.mapAttrs' (name: userConfig: { - inherit name; - value = userConfig // { - home.stateVersion = cfg.stateVersion; - programs.home-manager.enable = true; - home.username = name; - home.homeDirectory = lib.mkForce (if name == "root" then "/root" else "/home/${name}"); - }; - }) cfg.users; - }; -} diff --git a/common/_home_manager/mods/alacritty.nix b/common/_home_manager/mods/alacritty.nix deleted file mode 100644 index 0794c15..0000000 --- a/common/_home_manager/mods/alacritty.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ ... }: -{ - programs.alacritty = { - enable = true; - settings = { - window = { - decorations = "None"; - dynamic_title = false; - }; - colors = { - primary = { - foreground = "#e0e0e0"; - background = "#262626"; - }; - normal = { - # Catppuccin Coal - black = "#1f1f1f"; - red = "#f38ba8"; - green = "#a6e3a1"; - yellow = "#f9e2af"; - blue = "#89b4fa"; - magenta = "#cba6f7"; - cyan = "#89dceb"; - white = "#e0e0e0"; - }; - }; - font = { - normal = { family = "JetBrainsMonoNL Nerd Font"; style = "Regular"; }; - size = 12.0; - }; - }; - }; -} - diff --git a/common/_home_manager/mods/atuin.nix b/common/_home_manager/mods/atuin.nix deleted file mode 100644 index 2eb52df..0000000 --- a/common/_home_manager/mods/atuin.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ ... }: -{ - programs.atuin = { - enable = true; - enableZshIntegration = true; - flags = [ "--disable-up-arrow" ]; - settings = { - workspaces = true; - exit-mode = "return-query"; - enter_accept = true; - sync_address = "https://atuin.joshuabell.xyz"; - sync = { records = true; }; - }; - }; -} - diff --git a/common/_home_manager/mods/direnv.nix b/common/_home_manager/mods/direnv.nix deleted file mode 100644 index b36ce49..0000000 --- a/common/_home_manager/mods/direnv.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ ... }: -{ - programs.direnv = { - enable = true; - enableZshIntegration = true; - nix-direnv.enable = true; - config = { - nix-direnv = true; - global = { - strict_env = true; - load_dotenv = true; - hide_env_diff = true; - }; - whitelist = { - prefix = [ - "~/projects" - "~/.config" - "~/.local/share/git_worktrees/" - ]; - }; - }; - }; -} diff --git a/common/_home_manager/mods/foot.nix b/common/_home_manager/mods/foot.nix deleted file mode 100644 index 706ffec..0000000 --- a/common/_home_manager/mods/foot.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ config, lib, ... }: -{ - options.components.foot = { - font_size = lib.mkOption { - type = lib.types.float; - default = 12.0; - description = "Font size for Foot terminal"; - }; - alpha = lib.mkOption { - type = lib.types.float; - default = 0.94; - description = "Background opacity for Foot terminal (1.0 = opaque)"; - }; - }; - config = { - programs.foot = { - enable = true; - - # This renders to ~/.config/foot/foot.ini - settings = { - main = { - # Use the same font and size as your Kitty config - font = "JetBrainsMonoNL Nerd Font:size=${toString config.components.foot.font_size}"; - - # Initial window size in character cells (Kitty used 160c x 55c) - "initial-window-size-chars" = "160x55"; - }; - - colors = { - # Background opacity (1.0 = opaque) - alpha = toString config.components.foot.alpha; - - # Foreground/background - foreground = "e0e0e0"; - background = "262626"; - - # 16-color palette - # normal (0–7) - regular0 = "1f1f1f"; # black - regular1 = "f38ba8"; # red - regular2 = "a6e3a1"; # green - regular3 = "f9e2af"; # yellow - regular4 = "89b4fa"; # blue - regular5 = "cba6f7"; # magenta - regular6 = "89dceb"; # cyan - regular7 = "e0e0e0"; # white - - # bright (8–15) - bright0 = "565656"; # bright black - bright1 = "f38ba8"; # bright red - bright2 = "a6e3a1"; # bright green - bright3 = "f9e2af"; # bright yellow - bright4 = "89b4fa"; # bright blue - bright5 = "cba6f7"; # bright magenta - bright6 = "89dceb"; # bright cyan - bright7 = "ffffff"; # bright white - }; - }; - }; - }; -} diff --git a/common/_home_manager/mods/git.nix b/common/_home_manager/mods/git.nix deleted file mode 100644 index 34e6d18..0000000 --- a/common/_home_manager/mods/git.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ ... }: -{ - programs.git = { - enable = true; - # TODO make configurable - userEmail = "ringofstorms@gmail.com"; - userName = "RingOfStorms (Joshua Bell)"; - - extraConfig = { - core.pager = "bat"; - core.editor = "nano"; - - pull.rebase = false; - - init.defaultBranch = "main"; - - rerere.enabled = true; - }; - - difftastic = { - enable = true; - background = "dark"; - }; - - ignores = [ - # -------------- - # Intellij - # -------------- - "*.iml" - # -------------- - # MAC OS - # -------------- - ".DS_Store" - ".AppleDouble" - ".LSOverride" - # Icon must end with two \r - "Icon" - # Thumbnails - "._*" - # Files that might appear in the root of a volume - ".DocumentRevisions-V100" - ".fseventsd" - ".Spotlight-V100" - ".TemporaryItems" - ".Trashes" - ".VolumeIcon.icns" - ".com.apple.timemachine.donotpresent" - - # Directories potentially created on remote AFP share - ".AppleDB" - ".AppleDesktop" - "Network Trash Folder" - "Temporary Items" - ".apdisk" - - # direnv things - ".direnv" - - # local only files - "*.local" - - # AI tooling - ".aider*" - "aider" - ]; - }; -} diff --git a/common/_home_manager/mods/kitty.nix b/common/_home_manager/mods/kitty.nix deleted file mode 100644 index 1b58b46..0000000 --- a/common/_home_manager/mods/kitty.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ config, lib, ... }: -{ - options.components.kitty = { - font_size = lib.mkOption { - type = lib.types.float; - default = 12.0; - description = "Font size for Kitty terminal"; - }; - }; - config = { - # Enable Kitty terminal - programs.kitty = { - enable = true; - - settings = { - # Window settings - background_opacity = 1.0; - os_window_class = "kitty"; - remember_window_size = false; - placement_strategy = "center"; - initial_window_width = "160c"; - initial_window_height = "55c"; - - # Remove window borders - hide_window_decorations = "titlebar-only"; - tab_title_template = "none"; - active_tab_title_template = "none"; - draw_minimal_borders = "yes"; - window_border_width = "0.1pt"; - - # Colors (Catppuccin Coal) - foreground = "#e0e0e0"; - background = "#262626"; - color0 = "#1f1f1f"; - color1 = "#f38ba8"; - color2 = "#a6e3a1"; - color3 = "#f9e2af"; - color4 = "#89b4fa"; - color5 = "#cba6f7"; - color6 = "#89dceb"; - color7 = "#e0e0e0"; - color8 = "#565656"; - color9 = "#f38ba8"; - color10 = "#a6e3a1"; - color11 = "#f9e2af"; - color12 = "#89b4fa"; - color13 = "#cba6f7"; - color14 = "#89dceb"; - color15 = "#ffffff"; - - # Font settings - font_family = "JetBrainsMonoNL Nerd Font"; - font_size = config.components.kitty.font_size; - bold_font = "auto"; - italic_font = "auto"; - italic_bold_font = "auto"; - }; - - # If you want to include extra configuration this way instead of through the main `settings` attribute - extraConfig = '' - # You can add additional config here if needed - ''; - }; - }; -} diff --git a/common/_home_manager/mods/launcher_rofi.nix b/common/_home_manager/mods/launcher_rofi.nix deleted file mode 100644 index 353b29e..0000000 --- a/common/_home_manager/mods/launcher_rofi.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - pkgs, - ... -}: -{ - programs.rofi = { - enable = true; - plugins = with pkgs; [ rofi-calc ]; - extraConfig = { - modi = "drun,run,ssh,window,calc"; - terminal = "alacritty"; - }; - theme = "glue_pro_blue"; - }; - programs.wofi = { - enable = true; - }; -} diff --git a/common/_home_manager/mods/nix_deprecations.nix b/common/_home_manager/mods/nix_deprecations.nix deleted file mode 100644 index d281d87..0000000 --- a/common/_home_manager/mods/nix_deprecations.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ ... }: -{ - programs.zsh.shellAliases = { - # Nix deprecations - nix-hash = "echo 'The functionality of nix-hash may be covered by various subcommands or options in the new `nix` command.'"; - nix-build = "echo 'Use `nix build` instead.'"; - nix-info = "echo 'Use `nix flake info` or other `nix` subcommands to obtain system and Nix information.'"; - nix-channel = "echo 'Channels are being phased out in favor of flakes. Use `nix flake` subcommands.'"; - nix-instantiate = "echo 'Use `nix eval` or `nix-instantiate` with flakes.'"; - nix-collect-garbage = "echo 'Use `nix store gc` instead.'"; - nix-prefetch-url = "echo 'Use `nix-prefetch` or fetchers in Nix expressions.'"; - nix-copy-closure = "echo 'Use `nix copy` instead.'"; - nix-shell = "echo 'Use `nix shell` instead.'"; - # nix-daemon # No direct replacement: The Nix daemon is still in use and managed by the system service manager. - nix-store = "echo 'Use `nix store` subcommands for store operations.'"; - nix-env = "echo 'Use `nix profile` instead'"; - }; -} diff --git a/common/_home_manager/mods/obs.nix b/common/_home_manager/mods/obs.nix deleted file mode 100644 index 68d6d68..0000000 --- a/common/_home_manager/mods/obs.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - programs.obs-studio.enable = true; -} diff --git a/common/_home_manager/mods/postgres.nix b/common/_home_manager/mods/postgres.nix deleted file mode 100644 index 053099b..0000000 --- a/common/_home_manager/mods/postgres.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ ... }: -{ - home.file.".psqlrc".text = '' - \pset pager off - ''; -} - diff --git a/common/_home_manager/mods/slicer.nix b/common/_home_manager/mods/slicer.nix deleted file mode 100644 index 4361d5a..0000000 --- a/common/_home_manager/mods/slicer.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ pkgs, ... }: -let - orca-slicer-fix = pkgs.stdenv.mkDerivation { - name = "orca-slicer"; - buildInputs = [ pkgs.makeWrapper ]; - unpackPhase = "true"; - buildPhase = '' - mkdir -p $out/bin - makeWrapper ${pkgs.orca-slicer}/bin/orca-slicer $out/bin/orca-slicer \ - --set WEBKIT_DISABLE_DMABUF_RENDERER 1 - ''; - - installPhase = '' - mkdir -p $out/share/applications - cat > $out/share/applications/orca-slicer.desktop < /tmp/dconf_dump_start && watch -n0.5 "dconf dump / > /tmp/dconf_dump_current && \diff --color /tmp/dconf_dump_start /tmp/dconf_dump_current -U12" - # To get nix specific diff: - # \diff -u /tmp/dconf_dump_start /tmp/dconf_dump_current | grep '^+[^+]' | sed 's/^+//' | dconf2nix - # OR (Must be logged into user directly, no SU to user will work): `dconf watch /` - # OR get the exact converted nixConfig from `dconf dump / | dconf2nix | less` and search with forward slash - dconf.settings = { - "org/gnome/shell" = { - favorite-apps = [ ]; - enabled-extensions = with pkgs.gnomeExtensions; [ - vertical-workspaces.extensionUuid - compact-top-bar.extensionUuid - tray-icons-reloaded.extensionUuid - vitals.extensionUuid - ] ++ lib.optionals cfg.enableRotate [ - screen-rotate.extensionUuid - ]; - }; - - # Plugin Settings - "org/gnome/shell/extensions/vertical-workspaces" = { - animation-speed-factor = 42; - center-dash-to-ws = false; - dash-bg-color = 0; - dash-position = 2; - dash-position-adjust = 0; - hot-corner-action = 0; - startup-state = 1; - ws-switcher-wraparound = true; - }; - "org/gnome/shell/extensions/compact-top-bar" = { - fade-text-on-fullscreen = true; - }; - "org/gnome/shell/extensions/vitals" = { - position-in-panel = 1; - }; - - # Built in settings - "org/gnome/desktop/session" = { - idle-delay = mkUint32 0; - }; - "org/gnome/desktop/wm/preferences" = { - resize-with-right-button = true; - button-layout = "maximize:appmenu,close"; - audible-bell = false; - wrap-around = true; - }; - "org/gnome/settings-daemon/plugins/media-keys" = { - # Disable the lock screen shortcut - screensaver = [ "" ]; - custom-keybindings = [ - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/" - ]; - }; - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { - binding = "Return"; - command = cfg.terminalCommand; - name = "Launch terminal"; - }; - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = { - binding = "Space"; - command = "wofi"; - name = "Launcher"; - }; - "org/gnome/desktop/wm/keybindings" = { - minimize = [ "" ]; - move-to-workspace-1 = [ "" ]; - move-to-workspace-2 = [ "" ]; - move-to-workspace-3 = [ "" ]; - move-to-workspace-4 = [ "" ]; - move-to-workspace-last = [ "" ]; - move-to-workspace-down = [ "j" ]; - move-to-workspace-up = [ "k" ]; - # move-to-workspace-left = [ "h" ]; - # move-to-workspace-right = [ "l" ]; - switch-input-source = [ ]; - switch-input-source-backward = [ ]; - switch-to-workspace-1 = [ "1" ]; - switch-to-workspace-2 = [ "2" ]; - switch-to-workspace-3 = [ "3" ]; - switch-to-workspace-4 = [ "4" ]; - switch-to-workspace-last = [ "" ]; - switch-to-workspace-down = [ "j" ]; - switch-to-workspace-up = [ "k" ]; - # switch-to-workspace-left = [ "k" ]; - # switch-to-workspace-right = [ "j" ]; - # move-to-monitor-down = [ "j" ]; - # move-to-monitor-up = [ "k" ]; - move-to-monitor-left = [ "h" ]; - move-to-monitor-right = [ "l" ]; - unmaximize = [ "j" ]; - maximize = [ "k" ]; - }; - "org/gnome/mutter" = { - dynamic-workspaces = true; - edge-tiling = true; - workspaces-only-on-primary = true; - center-new-windows = true; - }; - "org/gnome/mutter/keybindings" = { - toggle-tiled-right = [ "l" ]; - toggle-tiled-left = [ "h" ]; - }; - "org/gnome/settings-daemon/plugins/power" = { - power-button-action = "nothing"; - sleep-inactive-ac-type = "nothing"; - sleep-inactive-battery-type = "nothing"; - idle-brightness = 15; - power-saver-profile-on-low-battery = false; - }; - "org/gnome/desktop/background" = { - color-shading-type = "solid"; - picture-options = "zoom"; - picture-uri = "file://" + (./black.png); - picture-uri-dark = "file://" + (./black.png); - primary-color = "#000000000000"; - secondary-color = "#000000000000"; - }; - "org/gnome/desktop/screensaver" = { - lock-enabled = false; - idle-activation-enabled = false; - picture-options = "zoom"; - picture-uri = "file://" + (./black.png); - picture-uri-dark = "file://" + (./black.png); - }; - "org/gnome/desktop/applications/terminal" = { - exec = "alacritty"; - }; - "org/gnome/settings-daemon/plugins/color" = { - night-light-enabled = false; - night-light-schedule-automatic = false; - }; - "org/gnome/shell/keybindings" = { - shift-overview-down = [ "" ]; - shift-overview-up = [ "" ]; - switch-to-application-1 = [ "" ]; - switch-to-application-2 = [ "" ]; - switch-to-application-3 = [ "" ]; - switch-to-application-4 = [ "" ]; - switch-to-application-5 = [ "" ]; - switch-to-application-6 = [ "" ]; - switch-to-application-7 = [ "" ]; - switch-to-application-8 = [ "" ]; - switch-to-application-9 = [ "" ]; - toggle-quick-settings = [ "" ]; - toggle-application-view = [ "" ]; - }; - "org/gtk/gtk4/settings/file-chooser" = { - show-hidden = true; - }; - - "org/gnome/desktop/interface" = { - accent-color = "orange"; - show-battery-percentage = true; - clock-show-date = true; - clock-show-seconds = true; - clock-show-weekday = true; - color-scheme = "prefer-dark"; - cursor-size = 24; - enable-animations = true; - enable-hot-corners = false; - font-antialiasing = "grayscale"; - font-hinting = "slight"; - gtk-theme = "Adwaita-dark"; - # icon-theme = "Yaru-magenta-dark"; - }; - - "org/gnome/desktop/notifications" = { - application-children = [ "org-gnome-tweaks" ]; - }; - - "org/gnome/desktop/notifications/application/org-gnome-tweaks" = { - application-id = "org.gnome.tweaks.desktop"; - }; - - "org/gnome/desktop/peripherals/mouse" = { - natural-scroll = false; - }; - - "org/gnome/desktop/peripherals/touchpad" = { - disable-while-typing = true; - two-finger-scrolling-enabled = true; - natural-scroll = true; - }; - - "org/gnome/tweaks" = { - show-extensions-notice = false; - }; - }; - } - ) - ]; - }; -} diff --git a/common/desktop_environment/gnome/default.nix b/common/desktop_environment/gnome/default.nix deleted file mode 100644 index 9f36b57..0000000 --- a/common/desktop_environment/gnome/default.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - ccfg = import ../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "gnome" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -with lib; -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "gnome desktop environment"; - terminalCommand = mkOption { - type = lib.types.str; - default = "kitty"; - description = "The terminal command to use."; - }; - enableRotate = lib.mkEnableOption "enable screen rotation"; - }; - - imports = [ - (import ./dconf.nix { inherit cfg; }) - (import ./wofi.nix { inherit cfg; }) - ]; - - config = lib.mkIf cfg.enable { - services.xserver = { - enable = true; - desktopManager.gnome.enable = true; - displayManager.gdm = { - enable = true; - autoSuspend = false; - wayland = true; - }; - }; - services.gnome.gnome-initial-setup.enable = false; - - environment.gnome.excludePackages = with pkgs; [ - gnome-backgrounds - gnome-video-effects - gnome-maps - gnome-music - gnome-tour - gnome-text-editor - gnome-user-docs - ]; - environment.systemPackages = with pkgs; [ - dconf-editor - dconf2nix - gnome-tweaks - wayland - wayland-utils - wl-clipboard - numix-cursor-theme - gnomeExtensions.vertical-workspaces - gnomeExtensions.compact-top-bar - gnomeExtensions.tray-icons-reloaded - gnomeExtensions.vitals - ] ++ lib.optionals cfg.enableRotate [ - gnomeExtensions.screen-rotate - ]; - environment.sessionVariables = { - NIXOS_OZONE_WL = "1"; - GTK_THEME = "Adwaita:dark"; - }; - - qt = { - enable = true; - platformTheme = "gnome"; - style = "adwaita-dark"; - }; - - hardware.graphics = { - enable = true; - }; - }; -} diff --git a/common/desktop_environment/gnome/wofi.css b/common/desktop_environment/gnome/wofi.css deleted file mode 100644 index 976c0ef..0000000 --- a/common/desktop_environment/gnome/wofi.css +++ /dev/null @@ -1,51 +0,0 @@ -window { - margin: 0px; - border: 1px solid #171717; - background-color: #262626; -} - -#input { - margin: 5px; - border: none; - color: #e0e0e0; - background-color: #1f1f1f; -} - -#inner-box { - margin: 5px; - border: none; - background-color: #171717; -} - -#outer-box { - margin: 5px; - border: none; - background-color: #191919; -} - -#scroll { - margin: 0px; - border: none; -} - -#text { - margin: 5px; - border: none; - color: #e0e0e0; -} - -#entry.activatable #text { - color: #cccccc; -} - -#entry>* { - color: #e0e0e0; -} - -#entry:selected { - background-color: #4f4f4f; -} - -#entry:selected #text { - font-weight: bold; -} diff --git a/common/desktop_environment/gnome/wofi.nix b/common/desktop_environment/gnome/wofi.nix deleted file mode 100644 index d3cd8e2..0000000 --- a/common/desktop_environment/gnome/wofi.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ cfg }: -{ lib, ... }: -{ - config = lib.mkIf cfg.enable { - home-manager.sharedModules = [ - ( - { lib, ... }: - { - programs.wofi = { - enable = true; - settings = { - width = "28%"; - height = "38%"; - show = "drun"; - location = "center"; - gtk_dark = true; - valign = "center"; - key_backward = "Ctrl+k"; - key_forward = "Ctrl+j"; - insensitive = true; - prompt = "Run"; - allow_images = true; - }; - style = builtins.readFile ./wofi.css; - }; - } - ) - ]; - - }; -} diff --git a/common/desktop_environment/hyprland/default.nix b/common/desktop_environment/hyprland/default.nix deleted file mode 100644 index 8b96a31..0000000 --- a/common/desktop_environment/hyprland/default.nix +++ /dev/null @@ -1,170 +0,0 @@ -{ - config, - lib, - pkgs, - hyprland, - hyprlandPkgs, - ... -}: -let - ccfg = import ../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -with lib; -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "hyprland desktop environment"; - terminalCommand = mkOption { - type = lib.types.str; - default = "foot"; - description = "The terminal command to use."; - }; - extraOptions = mkOption { - type = lib.types.attrs; - default = { }; - description = "Extra options for Hyprland configuration."; - }; - hyprpaperSettings = lib.mkOption { - type = lib.types.attrs; - default = { }; - description = "Extra options for hyprpaper configuration."; - }; - swaync = { - enable = lib.mkEnableOption "Enable Swaync (notification center for Hyprland)"; - }; - waybar = { - enable = lib.mkEnableOption "Enable Waybar (status bar for Hyprland)"; - }; - }; - - config = lib.mkIf cfg.enable { - # Enable for all users - home-manager = { - sharedModules = [ - hyprland.homeManagerModules.default - ./home_manager - ]; - }; - - services.greetd = { - enable = true; - vt = 2; - settings = { - default_session = { - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${hyprlandPkgs.hyprland}/bin/Hyprland'"; - user = "greeter"; - }; - }; - }; - - # Caps Lock as Escape for console/tty - console.useXkbConfig = true; - services.xserver.xkb = { - layout = "us"; - options = "caps:escape"; - }; - - environment.systemPackages = with pkgs; [ - wl-clipboard - wl-clip-persist - wofi # application launcher - nemo # file manager (x11) - # nautilus # file manager - feh # image viewer (x11) - # imv # image viewer - networkmanager # network management - upower # power management - brightnessctl # screen/keyboard brightness control - wireplumber # media session manager - libgtop # system monitor library - bluez # Bluetooth support - power-profiles-daemon # power profiles - grim - slurp - hyprpicker - grimblast # screenshot tool - wf-recorder # screen recording tool - btop # system monitor - ]; - - services.blueman.enable = config.hardware.bluetooth.enable; - - programs.hyprland = { - enable = true; - # xwayland.enable = false; - # withUWSM = true; - - # set the flake package - package = hyprlandPkgs.hyprland; - # make sure to also set the portal package, so that they are in sync - # This is set below now in xdf portal directly so we can also add things like gtk - # portalPackage = hyprlandPkgs.xdg-desktop-portal-hyprland; - }; - - xdg.portal = { - enable = true; - extraPortals = lib.mkForce [ - hyprlandPkgs.xdg-desktop-portal-hyprland - # hyprlandPkgs.xdg-desktop-portal-wlr - hyprlandPkgs.xdg-desktop-portal-gtk - ]; - config.common.default = [ - "hyprland" - # "wlr" - "gtk" - ]; - }; - - # Enable PipeWire + WirePlumber so xdg-desktop-portal can do screencast - services.pipewire = { - enable = true; - # Enable WirePlumber session manager via the pipewire module option - wireplumber = { - enable = true; - }; - }; - - hardware.graphics = { - enable = true; - package = hyprlandPkgs.mesa; - # if you also want 32-bit support (e.g for Steam) - # enable32Bit = true; - package32 = hyprlandPkgs.pkgsi686Linux.mesa; - }; - - # Environment variables - environment.sessionVariables = { - GTK_THEME = "Adwaita:dark"; - XDG_SESSION_TYPE = "wayland"; - # XDG_CURRENT_DESKTOP = "sway"; - # XDG_SESSION_DESKTOP = "sway"; - # prefer EGL renderer (can be changed back to "auto" if needed) - WLR_RENDERER = "egl"; - - # Tell apps to run native wayland - NIXOS_OZONE_WL = "1"; - ELECTRON_OZONE_PLATFORM_HINT = "wayland"; - ELECTRON_ENABLE_WAYLAND = "1"; - ELECTRON_DISABLE_SANDBOX = "0"; - GDK_BACKEND = "wayland,x11"; # GTK - QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 - MOZ_ENABLE_WAYLAND = "1"; # Firefox - SDL_VIDEODRIVER = "wayland"; # SDL apps/games - CLUTTER_BACKEND = "wayland"; - }; - - # Qt theming - qt = { - enable = true; - platformTheme = "gtk2"; - style = "adwaita-dark"; - }; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/default.nix b/common/desktop_environment/hyprland/home_manager/default.nix deleted file mode 100644 index 57dac88..0000000 --- a/common/desktop_environment/hyprland/home_manager/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ ... }: -{ - imports = [ - ./theme.nix - ./hyprland.nix - ./hyprpaper.nix - # ./quickshell.nix - ./waybar.nix - ./hyprpolkitagent.nix - ./wofi.nix - ./swaync.nix - ./scripts.nix - ./swaylock.nix - ]; -} diff --git a/common/desktop_environment/hyprland/home_manager/hyprland.nix b/common/desktop_environment/hyprland/home_manager/hyprland.nix deleted file mode 100644 index 3d8b6b7..0000000 --- a/common/desktop_environment/hyprland/home_manager/hyprland.nix +++ /dev/null @@ -1,176 +0,0 @@ -{ - osConfig, - lib, - hyprlandPkgs, - ... -}: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - wayland.windowManager.hyprland = { - enable = true; - xwayland.enable = osConfig.programs.hyprland.xwayland.enable; - # plugins = with hyprlandPkgs.hyprlandPlugins; [ - # hyprspace - # ]; - - settings = lib.attrsets.recursiveUpdate { - # Debug logs enabled when this is uncommented - debug.disable_logs = false; - debug.disable_time = false; - - # exec-once = [ "pgrep waybar>/dev/null || waybar" ]; - - # Default monitor configuration - monitor = "monitor = , preferred, auto, 1"; - - windowrulev2 = [ - # Bitwarden password manager popup for chrome, always float it - "float, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" - "center, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" - "size 720 600, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" - ]; - - # Input configuration - input = { - kb_layout = "us"; - kb_options = "caps:escape"; - - follow_mouse = 2; - touchpad = { - natural_scroll = true; - disable_while_typing = true; - }; - }; - - # General settings - general = { - gaps_in = 2; - gaps_out = 4; - border_size = 1; - "col.active_border" = "rgba(797979aa)"; - "col.inactive_border" = "rgba(393939aa)"; - layout = "dwindle"; - }; - - # Decoration - decoration = { - rounding = 4; - blur.enabled = false; - }; - - # Animations - animations = { - enabled = false; - }; - - # Layout - dwindle = { - pseudotile = true; - preserve_split = true; - }; - - # Misc - misc = { - force_default_wallpaper = 0; - disable_hyprland_logo = true; - disable_splash_rendering = true; - }; - - # Key bindings - "$mainMod" = "SUPER"; - - bind = [ - # Applications - "$mainMod, Return, exec, ${cfg.terminalCommand}" - "$mainMod, Space, exec, pkill wofi || wofi --show drun" - "$mainMod, q, killactive" - "$mainMod SHIFT, escape, exit" - "$mainMod SHIFT, q, exec, swaylock" - "$mainMod, f, togglefloating" - "$mainMod SHIFT, F, fullscreen" - "$mainMod, g, pseudo" - "$mainMod, t, togglesplit" - - # Move focus with mainMod + hjkl - "$mainMod, h, movefocus, l" - "$mainMod, l, movefocus, r" - "$mainMod, k, movefocus, u" - "$mainMod, j, movefocus, d" - - # Switch workspaces with mainMod + [0-9] - "$mainMod, 1, workspace, 1" - "$mainMod, n, workspace, 1" - "$mainMod, 2, workspace, 2" - "$mainMod, m, workspace, 2" - "$mainMod, 3, workspace, 3" - "$mainMod, comma, workspace, 3" - "$mainMod, 4, workspace, 4" - "$mainMod, period, workspace, 4" - "$mainMod, 5, workspace, 5" - "$mainMod, slash, workspace, 5" - "$mainMod, 6, workspace, 6" - "$mainMod, 7, workspace, 7" - "$mainMod, 8, workspace, 8" - "$mainMod, 9, workspace, 9" - "$mainMod, 0, workspace, 10" - - # Window management (similar to your GNOME setup) - "$mainMod SHIFT, h, movewindow, l" - "$mainMod SHIFT, l, movewindow, r" - "$mainMod SHIFT, k, movewindow, u" - "$mainMod SHIFT, j, movewindow, d" - "$mainMod SHIFT, 1, movetoworkspacesilent, 1" - "$mainMod SHIFT, n, movetoworkspacesilent, 1" - "$mainMod SHIFT, 2, movetoworkspacesilent, 2" - "$mainMod SHIFT, m, movetoworkspacesilent, 2" - "$mainMod SHIFT, 3, movetoworkspacesilent, 3" - "$mainMod SHIFT, comma, movetoworkspacesilent, 3" - "$mainMod SHIFT, 4, movetoworkspacesilent, 4" - "$mainMod SHIFT, period, movetoworkspacesilent, 4" - "$mainMod SHIFT, 5, movetoworkspacesilent, 5" - "$mainMod SHIFT, slash, movetoworkspacesilent, 5" - "$mainMod SHIFT, 6, movetoworkspacesilent, 6" - "$mainMod SHIFT, 7, movetoworkspacesilent, 7" - "$mainMod SHIFT, 8, movetoworkspacesilent, 8" - "$mainMod SHIFT, 9, movetoworkspacesilent, 9" - "$mainMod SHIFT, 0, movetoworkspacesilent, 10" - - # Screenshots - ", Print, exec, grimblast copy area" - ]; - - bindr = [ - # overview - # "$mainMod, SUPER_L, overview:toggle" $ hyprspace plugin - "$mainMod SHIFT, R, exec, systemctl --user restart hyprpanel.service" - ]; - - binde = [ - # Move between workspaces - # "$mainMod, n, workspace, r+1" - # "$mainMod, p, workspace, r-1" - - # Resize windows - "$mainMod CTRL, h, resizeactive, -40 0" - "$mainMod CTRL, l, resizeactive, 40 0" - "$mainMod CTRL, k, resizeactive, 0 -20" - "$mainMod CTRL, j, resizeactive, 0 20" - ]; - - # Mouse bindings - bindm = [ - "$mainMod, mouse:272, movewindow" - "$mainMod, mouse:273, resizewindow" - ]; - - } cfg.extraOptions; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/hyprpaper.nix b/common/desktop_environment/hyprland/home_manager/hyprpaper.nix deleted file mode 100644 index 06d6820..0000000 --- a/common/desktop_environment/hyprland/home_manager/hyprpaper.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - osConfig, - lib, - ... -}: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - config = { - services.hyprpaper = { - enable = true; - settings = cfg.hyprpaperSettings; - }; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/hyprpolkitagent.nix b/common/desktop_environment/hyprland/home_manager/hyprpolkitagent.nix deleted file mode 100644 index dc68933..0000000 --- a/common/desktop_environment/hyprland/home_manager/hyprpolkitagent.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ - ... -}: -{ - services.hyprpolkitagent = { - enable = true; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/quickshell.nix b/common/desktop_environment/hyprland/home_manager/quickshell.nix deleted file mode 100644 index 2f5032c..0000000 --- a/common/desktop_environment/hyprland/home_manager/quickshell.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ - osConfig, - lib, - pkgs, - upkgs, - ... -}: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - home.packages = with pkgs; [ - upkgs.quickshell - pulseaudio - brightnessctl - networkmanager - bluez - bluez-tools - power-profiles-daemon - upower - systemd - hyprlock - ]; - - # Ensure CLI quickshell can resolve modules when not using --config-path - home.sessionVariables = { - QML_IMPORT_PATH = "$HOME/.config/quickshell"; - QML2_IMPORT_PATH = "$HOME/.config/quickshell"; - }; - - # install config files - home.file = { - ".config/quickshell/shell.qml".source = ./quickshell/shell.qml; - ".config/quickshell/panels/TopBar.qml".source = ./quickshell/panels/TopBar.qml; - ".config/quickshell/notifications/NotificationServer.qml".source = - ./quickshell/notifications/NotificationServer.qml; - ".config/quickshell/notifications/NotificationPopup.qml".source = - ./quickshell/notifications/NotificationPopup.qml; - ".config/quickshell/notifications/NotificationCenter.qml".source = - ./quickshell/notifications/NotificationCenter.qml; - ".config/quickshell/widgets/status/Workspaces.qml".source = - ./quickshell/widgets/status/Workspaces.qml; - ".config/quickshell/widgets/status/Clock.qml".source = ./quickshell/widgets/status/Clock.qml; - ".config/quickshell/widgets/status/SystemTrayWidget.qml".source = - ./quickshell/widgets/status/SystemTrayWidget.qml; - ".config/quickshell/widgets/status/Battery.qml".source = ./quickshell/widgets/status/Battery.qml; - ".config/quickshell/widgets/controls/QuickSettings.qml".source = - ./quickshell/widgets/controls/QuickSettings.qml; - ".config/quickshell/widgets/controls/Audio.qml".source = ./quickshell/widgets/controls/Audio.qml; - ".config/quickshell/widgets/controls/Network.qml".source = - ./quickshell/widgets/controls/Network.qml; - ".config/quickshell/widgets/controls/Bluetooth.qml".source = - ./quickshell/widgets/controls/Bluetooth.qml; - ".config/quickshell/widgets/controls/Brightness.qml".source = - ./quickshell/widgets/controls/Brightness.qml; - ".config/quickshell/widgets/controls/PowerProfilesWidget.qml".source = - ./quickshell/widgets/controls/PowerProfilesWidget.qml; - ".config/quickshell/panels/qmldir".source = ./quickshell/panels/qmldir; - ".config/quickshell/notifications/qmldir".source = ./quickshell/notifications/qmldir; - ".config/quickshell/widgets/status/qmldir".source = ./quickshell/widgets/status/qmldir; - ".config/quickshell/widgets/controls/qmldir".source = ./quickshell/widgets/controls/qmldir; - # optional: .qmlls.ini should be gitignored; create empty to enable LSP - ".config/quickshell/.qmlls.ini".text = ""; - }; - - systemd.user.services.quickshell = { - Unit = { - Description = "Quickshell Desktop Shell"; - PartOf = [ "graphical-session.target" ]; - After = [ "graphical-session.target" ]; - }; - Service = { - ExecStart = "${upkgs.quickshell}/bin/quickshell --config-path %h/.config/quickshell"; - Restart = "on-failure"; - RestartSec = 2; - Environment = [ - "QML_IMPORT_PATH=%h/.config/quickshell" - "QT_QPA_PLATFORM=wayland" - # Ensure we find icons - "XDG_CURRENT_DESKTOP=quickshell" - ]; - }; - Install = { - WantedBy = [ "graphical-session.target" ]; - }; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/scripts.nix b/common/desktop_environment/hyprland/home_manager/scripts.nix deleted file mode 100644 index 6c3d1c5..0000000 --- a/common/desktop_environment/hyprland/home_manager/scripts.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = with pkgs; [ - (writeShellScriptBin "toggle-airplane-mode" (builtins.readFile ./scripts/toggle-airplane-mode.sh)) - (writeShellScriptBin "toggle-power-profile" (builtins.readFile ./scripts/toggle-power-profile.sh)) - (writeShellScriptBin "wofi-wifi-menu" (builtins.readFile ./scripts/wofi-wifi-menu.sh)) - (writeShellScriptBin "wofi-bluetooth-menu" (builtins.readFile ./scripts/wofi-bluetooth-menu.sh)) - (writeShellScriptBin "confirm-action" (builtins.readFile ./scripts/confirm-action.sh)) - ]; -} diff --git a/common/desktop_environment/hyprland/home_manager/scripts/confirm-action.sh b/common/desktop_environment/hyprland/home_manager/scripts/confirm-action.sh deleted file mode 100755 index 5c30d11..0000000 --- a/common/desktop_environment/hyprland/home_manager/scripts/confirm-action.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env bash - -COMMAND_TO_RUN="$1" -PROMPT_MESSAGE="$2" - -if [ -z "$PROMPT_MESSAGE" ]; then - PROMPT_MESSAGE="Are you sure?" -fi - -choice=$(echo -e "No\nYes" | wofi --dmenu --location center -p "$PROMPT_MESSAGE") - -if [ "$choice" == "Yes" ]; then - eval "$COMMAND_TO_RUN" -fi diff --git a/common/desktop_environment/hyprland/home_manager/scripts/toggle-airplane-mode.sh b/common/desktop_environment/hyprland/home_manager/scripts/toggle-airplane-mode.sh deleted file mode 100755 index 7a6636a..0000000 --- a/common/desktop_environment/hyprland/home_manager/scripts/toggle-airplane-mode.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash -if [ "$(nmcli radio all)" = "enabled" ]; then - nmcli radio all off -else - nmcli radio all on -fi diff --git a/common/desktop_environment/hyprland/home_manager/scripts/toggle-power-profile.sh b/common/desktop_environment/hyprland/home_manager/scripts/toggle-power-profile.sh deleted file mode 100755 index 1d14395..0000000 --- a/common/desktop_environment/hyprland/home_manager/scripts/toggle-power-profile.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash -if [ "$(powerprofilesctl get)" = "performance" ]; then - powerprofilesctl set balanced -else - powerprofilesctl set performance -fi diff --git a/common/desktop_environment/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh b/common/desktop_environment/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh deleted file mode 100755 index b7a05dc..0000000 --- a/common/desktop_environment/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/env bash - -devices=$(bluetoothctl devices | awk '{print $2, $3}') - -if [ -z "$devices" ]; then - options="󰂲 Power On\n󰂬 Scan for devices" -else - options="$devices\n󰂲 Power Off\n󰂬 Scan for devices" -fi - -chosen=$(echo -e "$options" | wofi --dmenu --location 3 --yoffset 40 --xoffset -20 -p "Bluetooth") - -case "$chosen" in - "󰂲 Power On") bluetoothctl power on;; - "󰂲 Power Off") bluetoothctl power off;; - "󰂬 Scan for devices") bluetoothctl scan on;; - *) - mac=$(echo "$chosen" | awk '{print $1}') - bluetoothctl connect "$mac" - ;; -esac diff --git a/common/desktop_environment/hyprland/home_manager/scripts/wofi-wifi-menu.sh b/common/desktop_environment/hyprland/home_manager/scripts/wofi-wifi-menu.sh deleted file mode 100755 index 6e4dbbe..0000000 --- a/common/desktop_environment/hyprland/home_manager/scripts/wofi-wifi-menu.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env bash - -# Get a list of available Wi-Fi networks -nets=$(nmcli --terse --fields SSID,SECURITY,BARS device wifi list | sed '/^--/d' | sed 's/\\:/__/g') - -# Get the current connection status -connected_ssid=$(nmcli -t -f active,ssid dev wifi | egrep '^yes' | cut -d: -f2) - -if [[ ! -z "$connected_ssid" ]]; then - toggle="󰖪 Toggle Wi-Fi Off" -else - toggle="󰖩 Toggle Wi-Fi On" -fi - -# Present the menu to the user -chosen_network=$(echo -e "$toggle\n$nets" | wofi --dmenu --location 3 --yoffset 40 --xoffset -20 -p "Wi-Fi Networks") - -# Perform an action based on the user's choice -if [ "$chosen_network" = "$toggle" ]; then - nmcli radio wifi $([ "$connected_ssid" = "" ] && echo "on" || echo "off") -elif [ ! -z "$chosen_network" ]; then - ssid=$(echo "$chosen_network" | sed 's/__/\\:/g' | awk -F' ' '{print $1}') - nmcli device wifi connect "$ssid" -fi diff --git a/common/desktop_environment/hyprland/home_manager/swaylock.nix b/common/desktop_environment/hyprland/home_manager/swaylock.nix deleted file mode 100644 index 06ebf13..0000000 --- a/common/desktop_environment/hyprland/home_manager/swaylock.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - ... -}: -{ - programs.swaylock = { - enable = true; - settings = { - color = "#000000"; - indicator-caps-lock = true; - indicator-idle-visible = true; - indicator-radius = 100; - indicator-thickness = 10; - font = "JetBrainsMono Nerd Font Regular"; - font-size = 20; - }; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/swaync.nix b/common/desktop_environment/hyprland/home_manager/swaync.nix deleted file mode 100644 index b26fa58..0000000 --- a/common/desktop_environment/hyprland/home_manager/swaync.nix +++ /dev/null @@ -1,251 +0,0 @@ -{ - lib, - osConfig, - ... -}: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - "swaync" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - config = lib.mkIf cfg.enable { - services.swaync = { - enable = true; - settings = { - ignore = [ - "com.spotify.Client" - ]; - - positionX = "right"; - positionY = "top"; - layer = "overlay"; - control-center-layer = "top"; - layer-shell = true; - cssPriority = "application"; - - control-center-margin-top = 0; - control-center-margin-bottom = 0; - control-center-margin-right = 0; - control-center-margin-left = 0; - - notification-2fa-action = true; - notification-inline-replies = false; - notification-icon-size = 64; - notification-body-image-height = 100; - notification-body-image-width = 200; - - timeout = 10; - timeout-low = 5; - timeout-critical = 0; - - control-center-width = 500; - control-center-height = 600; - notification-window-width = 500; - - keyboard-shortcuts = true; - image-visibility = "when-available"; - transition-time = 200; - hide-on-clear = false; - hide-on-action = true; - script-fail-notify = true; - - widgets = [ - "inhibitors" - "title" - "dnd" - "volume" - "backlight" - "mpris" - "buttons-grid#quick" - "notifications" - ]; - - # Widget configurations - widget-config = { - inhibitors = { - text = "Inhibitors"; - button-text = "Clear All"; - clear-all-button = true; - }; - title = { - text = "Notifications"; - clear-all-button = true; - button-text = "Clear All"; - }; - dnd.text = "Do Not Disturb"; - mpris = { - image-size = 96; - image-radius = 12; - }; - volume = { - label = "󰕾"; - show-per-app = true; - }; - backlight = { - label = "󰃟"; - device = "intel_backlight"; - }; - "buttons-grid#quick" = { - columns = 4; # adjust: 3/4/5 - icon-size = 20; # tweak to taste - actions = [ - # Power - { - label = "󰐥"; - tooltip = "Shutdown"; - command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; - } - { - label = "󰜉"; - tooltip = "Reboot"; - command = "confirm-action 'systemctl reboot' 'Reboot?'"; - } - { - label = "󰍃"; - tooltip = "Logout"; - command = "confirm-action 'hyprctl dispatch exit' 'Logout?'"; - } - ]; - }; - }; - }; - - # Custom CSS for the control center - style = '' - .control-center { - background: #1a1b26; - border: 2px solid #7dcae4; - border-radius: 12px; - } - - .control-center-list { - background: transparent; - } - - .control-center .notification-row:focus, - .control-center .notification-row:hover { - opacity: 1; - background: #24283b; - } - - .notification { - border-radius: 8px; - margin: 6px 12px; - box-shadow: 0 0 0 1px rgba(125, 196, 228, 0.3), 0 1px 3px 1px rgba(0, 0, 0, 0.7), 0 2px 6px 2px rgba(0, 0, 0, 0.3); - padding: 0; - } - - /* Widget styling */ - .widget-title { - margin: 8px; - font-size: 1.5rem; - color: #c0caf5; - } - - .widget-dnd { - margin: 8px; - font-size: 1.1rem; - color: #c0caf5; - } - - .widget-dnd > switch { - font-size: initial; - border-radius: 8px; - background: #414868; - border: 1px solid #7dcae4; - } - - .widget-dnd > switch:checked { - background: #7dcae4; - } - - .widget-mpris { - color: #c0caf5; - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - } - - .widget-mpris-player { - padding: 8px; - margin: 8px; - } - - .widget-mpris-title { - font-weight: bold; - font-size: 1.25rem; - } - - .widget-mpris-subtitle { - font-size: 1.1rem; - color: #9ece6a; - } - - .widget-volume { - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - color: #c0caf5; - } - - .widget-backlight { - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - color: #c0caf5; - } - - .widget-menubar { - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - color: #c0caf5; - } - - .widget-menubar .menu-item button { - background: #1f2335; - color: #c0caf5; - border-radius: 8px; - padding: 6px 10px; - margin: 4px; - border: 1px solid #2e3440; - font-family: "JetBrainsMonoNL Nerd Font"; - } - - .widget-menubar .menu-item button:hover { - background: #414868; - border-color: #7dcae4; - } - - .topbar-buttons button { - border: none; - background: transparent; - color: #c0caf5; - font-size: 1.1rem; - border-radius: 8px; - margin: 0 4px; - padding: 8px; - } - - .topbar-buttons button:hover { - background: #414868; - } - - .topbar-buttons button:active { - background: #7dcae4; - color: #1a1b26; - } - ''; - }; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/template.nix b/common/desktop_environment/hyprland/home_manager/template.nix deleted file mode 100644 index 905d5e4..0000000 --- a/common/desktop_environment/hyprland/home_manager/template.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - osConfig, - lib, - pkgs, - ... -}: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - -} diff --git a/common/desktop_environment/hyprland/home_manager/theme.nix b/common/desktop_environment/hyprland/home_manager/theme.nix deleted file mode 100644 index c6045d0..0000000 --- a/common/desktop_environment/hyprland/home_manager/theme.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - pkgs, - ... -}: -{ - home.pointerCursor = { - gtk.enable = true; - # x11.enable = true; - package = pkgs.bibata-cursors; - name = "Bibata-Modern-Classic"; - size = 16; - }; - # GTK theming - gtk = { - enable = true; - - theme = { - package = pkgs.flat-remix-gtk; - name = "Flat-Remix-GTK-Grey-Darkest"; - }; - - iconTheme = { - package = pkgs.adwaita-icon-theme; - name = "Adwaita"; - }; - - font = { - name = "Sans"; - size = 11; - }; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/waybar.nix b/common/desktop_environment/hyprland/home_manager/waybar.nix deleted file mode 100644 index 66f3349..0000000 --- a/common/desktop_environment/hyprland/home_manager/waybar.nix +++ /dev/null @@ -1,258 +0,0 @@ -{ lib, osConfig, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - "waybar" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - config = lib.mkIf cfg.enable { - - programs.waybar = { - enable = true; - systemd.enable = true; - settings = { - mainBar = { - layer = "top"; - position = "top"; - height = 28; - spacing = 6; - margin-top = 0; - margin-bottom = 0; - margin-left = 10; - margin-right = 10; - - modules-left = [ - "hyprland/workspaces" - ]; - modules-center = [ - "clock" - "temperature" - "cpu" - "memory" - "disk" - ]; - modules-right = [ - "battery" - "battery#bat2" - "pulseaudio" - "network" - "bluetooth" - "power-profiles-daemon" - "backlight" - "custom/notifications" - "tray" - "custom/power" - ]; - - "hyprland/workspaces" = { - format = "{icon}"; - format-icons = { - "1" = "一"; - "2" = "二"; - "3" = "三"; - "4" = "四"; - "5" = "五"; - "6" = "六"; - "7" = "七"; - "8" = "八"; - "9" = "九"; - "10" = "十"; - "11" = "十一"; - "12" = "十二"; - "13" = "十三"; - "14" = "十四"; - "15" = "十五"; - "16" = "十六"; - "17" = "十七"; - "18" = "十八"; - "19" = "十九"; - "20" = "二十"; - }; - disable-scroll = false; - }; - - # CENTER - clock = { - format = "{:%b %d, %H:%M}"; - tooltip-format = "{:%Y %B}\n{calendar}"; - }; - - temperature = { - thermal-zone = 2; - hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; - critical-threshold = 80; - format-critical = "󰔏 {temperatureC}°C"; - format = "󰔏 {temperatureC}°C"; - }; - - cpu = { - format = "󰻠 {usage}%"; - tooltip = true; - on-click = "btop"; - }; - - memory = { - format = "󰍛 {}%"; - on-click = "btop"; - }; - - disk = { - interval = 30; - format = "󰋊 {percentage_used}%"; - path = "/"; - on-click = "btop"; - }; - - # RIGHT - "battery" = { - "states" = { - # "good"= 95; - "warning" = 30; - "critical" = 15; - }; - "format" = "{capacity}% {icon}"; - "format-full" = "{capacity}% {icon}"; - "format-charging" = "{capacity}% "; - "format-plugged" = "{capacity}% "; - "format-alt" = "{time} {icon}"; - # "format-good"= ""; // An empty format will hide the module - # "format-full"= ""; - "format-icons" = [ - "" - "" - "" - "" - "" - ]; - }; - "battery#bat2" = { - "bat" = "BAT2"; - }; - - pulseaudio = { - format = "{icon} {volume}%"; - format-bluetooth = "󰂰 {volume}%"; - format-bluetooth-muted = "󰂲 "; - format-muted = "󰖁 "; - format-source = "󰍬 {volume}%"; - format-source-muted = "󰍭 "; - format-icons = { - headphone = "󰋋"; - hands-free = "󰂑"; - headset = "󰂑"; - phone = "󰏲"; - portable = "󰦧"; - car = "󰄋"; - default = [ - "󰕿" - "󰖀" - "󰕾" - ]; - }; - scroll-step = 5; - on-click = "pavucontrol"; - on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; - }; - - network = { - format-wifi = "󰤨 {essid} ({signalStrength}%)"; - format-ethernet = "󰈀 {ipaddr}/{cidr}"; - tooltip-format = "{ifname} via {gwaddr} "; - format-linked = "󰈀 {ifname} (No IP)"; - format-disconnected = "󰖪 Disconnected"; - # on-click = "wofi-wifi-menu"; - # on-click-right = "nmcli radio wifi toggle"; - }; - - bluetooth = { - format = "󰂯 {status}"; - format-connected = "󰂱 {device_alias}"; - format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; - tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; - tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; - tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; - tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; - # on-click = "wofi-bluetooth-menu"; - # on-click-right = "bluetoothctl power toggle"; - }; - - "power-profiles-daemon" = { - format = "{icon}"; - "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; - tooltip = true; - "format-icons" = { - default = ""; - performance = ""; - balanced = ""; - "power-saver" = ""; - }; - }; - - backlight = { - format = "{percent}% {icon}"; - "format-icons" = [ - "" - "" - "" - "" - "" - "" - "" - "" - "" - ]; - }; - - "custom/notifications" = { - format = "{icon} {}"; - format-icons = { - notification = ""; - none = ""; - dnd-notification = "󰂛"; - dnd-none = "󰂛"; - inhibited-notification = ""; - inhibited-none = ""; - dnd-inhibited-notification = "󰂛"; - dnd-inhibited-none = "󰂛"; - }; - return-type = "json"; - exec-if = "which swaync-client"; - exec = "swaync-client -swb"; - on-click = "swaync-client -t -sw"; - on-click-right = "swaync-client -d -sw"; - escape = true; - tooltip = false; - }; - - "sway/language" = { - format = "{}"; - }; - - "tray" = { - "spacing" = 10; - }; - - "custom/power" = { - format = "⏻ "; - tooltip = false; - menu = "on-click"; - "menu-file" = ./waybar/power_menu.xml; - "menu-actions" = { - shutdown = "shutdown 0"; - reboot = "reboot"; - logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; - }; - }; - - }; - }; - - style = builtins.readFile ./waybar/waybar.css; - }; - }; -} diff --git a/common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml b/common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml deleted file mode 100644 index a061b18..0000000 --- a/common/desktop_environment/hyprland/home_manager/waybar/power_menu.xml +++ /dev/null @@ -1,26 +0,0 @@ - - - - - - Logout - - - - - - - - Reboot - - - - - - - - Shutdown - - - - diff --git a/common/desktop_environment/hyprland/home_manager/waybar/waybar.css b/common/desktop_environment/hyprland/home_manager/waybar/waybar.css deleted file mode 100644 index 6ed5a8c..0000000 --- a/common/desktop_environment/hyprland/home_manager/waybar/waybar.css +++ /dev/null @@ -1,102 +0,0 @@ -* { - /* `otf-font-awesome` is required to be installed for icons */ - font-family: "JetBrainsMonoNL Nerd Font", FontAwesome, Roboto, Helvetica, Arial, sans-serif; - font-size: 14px; - border: none; - border-radius: 0; - min-height: 0; - color: #f1f1f1; -} - -window#waybar { - background: transparent; -} - -#workspaces button.focused, -#workspaces button.active { - background-color: rgba(220, 220, 220, 0.2); -} - -#workspaces button.urgent { - background-color: rgba(214, 82, 82, 0.3); -} - -button, -#clock, -#battery, -#cpu, -#memory, -#disk, -#temperature, -#backlight, -#network, -#pulseaudio, -#wireplumber, -#custom-media, -#custom-notifications, -#custom-power, -#tray, -#mode, -#idle_inhibitor, -#scratchpad, -#power-profiles-daemon, -#bluetooth, -#language, -#mpd { - padding: 0 5px; - color: #f1f1f1; - background-color: rgba(220, 220, 220, 0.1); - border-radius: 6px; -} - - -button:hover, -#clock:hover, -#battery:hover, -#cpu:hover, -#memory:hover, -#disk:hover, -#temperature:hover, -#backlight:hover, -#network:hover, -#pulseaudio:hover, -#wireplumber:hover, -#custom-media:hover, -#custom-notifications:hover, -#tray:hover, -#mode:hover, -#idle_inhibitor:hover, -#scratchpad:hover, -#power-profiles-daemon:hover, -#bluetooth:hover, -#language:hover, -#mpd:hover { - color: #f1f1f1; - background-color: rgba(220, 220, 220, 0.2); - border-radius: 6px; -} - -#power-profiles-daemon { - padding-right: 15px; -} - -#power-profiles-daemon.performance { - color: #fff7d6; -} - -#power-profiles-daemon.balanced { - color: #d6efff; -} - -#power-profiles-daemon.power-saver { - color:#dcffd6; -} - -#tray>.passive { - -gtk-icon-effect: dim; -} - -#tray>.needs-attention { - -gtk-icon-effect: highlight; - background-color: #eb4d4b; -} diff --git a/common/desktop_environment/hyprland/home_manager/wofi.nix b/common/desktop_environment/hyprland/home_manager/wofi.nix deleted file mode 100644 index f2df05b..0000000 --- a/common/desktop_environment/hyprland/home_manager/wofi.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - ... -}: -{ - programs.wofi = { - enable = true; - settings = { - width = 500; - height = 600; - location = "bottom"; - show = "drun"; - prompt = "..."; - filter_rate = 100; - allow_markup = true; - no_actions = true; - halign = "fill"; - orientation = "vertical"; - content_halign = "fill"; - insensitive = true; - allow_images = true; - image_size = 40; - gtk_dark = true; - }; - }; - -} diff --git a/common/desktop_environment/sway/default.nix b/common/desktop_environment/sway/default.nix deleted file mode 100644 index 3afa420..0000000 --- a/common/desktop_environment/sway/default.nix +++ /dev/null @@ -1,154 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - ccfg = import ../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "sway" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -with lib; -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "sway (Wayland i3) desktop environment"; - terminalCommand = mkOption { - type = lib.types.str; - default = "foot"; - description = "The terminal command to use."; - }; - extraOptions = mkOption { - type = lib.types.attrs; - default = { }; - description = "Extra options for Sway configuration."; - }; - swaync = { - enable = lib.mkEnableOption "Enable Sway Notification Center"; - }; - waybar = { - enable = lib.mkEnableOption "Enable Waybar (status bar for Sway)"; - }; - }; - - config = lib.mkIf cfg.enable { - # Enable for all users via Home Manager fragments in this module - home-manager = { - sharedModules = [ ./home_manager ]; - }; - - services.greetd = { - enable = true; - vt = 2; - settings = { - default_session = { - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${pkgs.sway}/bin/sway'"; - user = "greeter"; - }; - }; - }; - - # Caps Lock as Escape for console/tty and Wayland - console.useXkbConfig = true; - services.xserver.xkb = { - layout = "us"; - options = "caps:escape"; - }; - - # Core packages and tools - environment.systemPackages = with pkgs; [ - wl-clipboard - wl-clip-persist - wofi # application launcher - nemo # file manager (x11) - feh # image viewer (x11) - networkmanager - upower - brightnessctl - wireplumber - libgtop - bluez - power-profiles-daemon - grim - slurp - wf-recorder - btop - pavucontrol - ]; - - services.blueman.enable = config.hardware.bluetooth.enable; - - programs.sway = { - enable = true; - wrapperFeatures.gtk = true; # include GTK integration env - extraPackages = with pkgs; [ - xwayland # allow legacy X11 apps - ]; - }; - - xdg.portal = { - enable = true; - extraPortals = lib.mkForce [ - pkgs.xdg-desktop-portal-wlr - pkgs.xdg-desktop-portal-gtk - ]; - config.common.default = [ - "wlr" - "gtk" - ]; - }; - - # Enable PipeWire + WirePlumber so xdg-desktop-portal can do screencast - services.pipewire = { - enable = true; - # Enable WirePlumber session manager via the pipewire module option - wireplumber = { - enable = true; - }; - }; - - # Ensure graphics/OpenGL are enabled so Sway uses GPU-backed rendering - hardware.graphics = { - enable = true; - # extraPackages can be used to force vendor-specific mesa/drivers if needed - # Keep defaults; Sway runs fine with mesa in system - # extraPackages = with pkgs; []; - }; - - # Environment variables - environment.sessionVariables = lib.mkMerge [ - { - GTK_THEME = "Adwaita:dark"; - XDG_SESSION_TYPE = "wayland"; - XDG_CURRENT_DESKTOP = "sway"; - XDG_SESSION_DESKTOP = "sway"; - # prefer EGL renderer (can be changed back to "auto" if needed) - WLR_RENDERER = "egl"; - - # Tell apps to run native wayland - NIXOS_OZONE_WL = "1"; - ELECTRON_OZONE_PLATFORM_HINT = "wayland"; - ELECTRON_ENABLE_WAYLAND = "1"; - ELECTRON_DISABLE_SANDBOX = "0"; - GDK_BACKEND = "wayland,x11"; # GTK - QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 - MOZ_ENABLE_WAYLAND = "1"; # Firefox - SDL_VIDEODRIVER = "wayland"; # SDL apps/games - CLUTTER_BACKEND = "wayland"; - } - ]; - - # Qt theming - qt = { - enable = true; - platformTheme = "gtk2"; - style = "adwaita-dark"; - }; - }; -} diff --git a/common/desktop_environment/sway/home_manager/default.nix b/common/desktop_environment/sway/home_manager/default.nix deleted file mode 100644 index 09539e5..0000000 --- a/common/desktop_environment/sway/home_manager/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ ... }: -{ - imports = [ - ./theme.nix - ./sway.nix - ./waybar.nix - ./wofi.nix - ./swaync.nix - ./swaylock.nix - ./polkit.nix - ]; -} diff --git a/common/desktop_environment/sway/home_manager/polkit.nix b/common/desktop_environment/sway/home_manager/polkit.nix deleted file mode 100644 index 785abb2..0000000 --- a/common/desktop_environment/sway/home_manager/polkit.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - services.polkit-gnome.enable = true; -} diff --git a/common/desktop_environment/sway/home_manager/sway.nix b/common/desktop_environment/sway/home_manager/sway.nix deleted file mode 100644 index 49a95f4..0000000 --- a/common/desktop_environment/sway/home_manager/sway.nix +++ /dev/null @@ -1,193 +0,0 @@ -{ - config, - osConfig, - lib, - ... -}: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "sway" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - wayland.windowManager.sway = { - enable = true; - xwayland = true; - - systemd.enable = true; - - config = lib.mkMerge [ - rec { - modifier = "Mod4"; # SUPER - terminal = cfg.terminalCommand; - menu = "wofi --show drun"; - - # Per-output workspace mapping (user can extend via extraOptions) - # Example (left as defaults): users can add `output HDMI-A-1 workspace 1,3,5` in extraOptions - - input = { - "type:keyboard" = { - xkb_layout = "us"; - xkb_options = "caps:escape"; - }; - "type:touchpad" = { - natural_scroll = "enabled"; - tap = "enabled"; - dwt = "enabled"; - }; - # Disable focus follows mouse to avoid accidental focus changes - # In Sway this behavior is controlled by focus_follows_mouse - }; - - focus = { - followMouse = "no"; - # onWindowActivation = "urgent"; # don't steal focus; mark urgent instead - }; - - gaps = { - inner = 2; - outer = 5; - smartGaps = false; - smartBorders = "on"; - }; - - colors = { - focused = { - background = "#444444"; - border = "#555555"; - childBorder = "#444444"; - indicator = "#595959"; - text = "#f1f1f1"; - }; - unfocused = { - background = "#222222"; - border = "#333333"; - childBorder = "#222222"; - indicator = "#292d2e"; - text = "#888888"; - }; - }; - - window = { - border = 1; - titlebar = false; - commands = [ - # Bitwarden chrome popup as floating example from Hyprland rules - { - criteria = { - app_id = "chrome-nngceckbapebfimnlniiiahkandclblb-Default"; - }; - command = "floating enable"; - } - { - criteria = { - app_id = "pavucontrol"; - }; - command = "floating enable, move position center, resize set 620 1200"; - } - { - criteria = { - class = "Google-chrome"; - window_role = "pop-up"; - }; - command = "floating enable, move position center, resize set 720 480"; - } - { - criteria = { - window_role = "pop-up"; - }; - command = "floating enable, move position center, resize set 640 420"; - } - { - criteria = { - window_role = "About"; - }; - command = "floating enable, move position center, resize set 640 420"; - } - ]; - }; - - # Keybindings mirroring Hyprland - keybindings = { - # Apps - "${modifier}+return" = "exec ${cfg.terminalCommand}"; - "${modifier}+space" = "exec pkill wofi || wofi --show drun"; - "${modifier}+q" = "kill"; - "${modifier}+shift+Escape" = "exit"; - "${modifier}+shift+q" = "exec swaylock"; - "${modifier}+f" = "floating toggle"; - - # Focus - "${modifier}+h" = "focus left"; - "${modifier}+l" = "focus right"; - "${modifier}+k" = "focus up"; - "${modifier}+j" = "focus down"; - - # Workspaces (numbers and vim-like mirror) - "${modifier}+1" = "workspace number 1"; - "${modifier}+n" = "workspace number 1"; - "${modifier}+2" = "workspace number 2"; - "${modifier}+m" = "workspace number 2"; - "${modifier}+3" = "workspace number 3"; - "${modifier}+comma" = "workspace number 3"; - "${modifier}+4" = "workspace number 4"; - "${modifier}+period" = "workspace number 4"; - "${modifier}+5" = "workspace number 5"; - "${modifier}+slash" = "workspace number 5"; - "${modifier}+6" = "workspace number 6"; - "${modifier}+7" = "workspace number 7"; - "${modifier}+8" = "workspace number 8"; - "${modifier}+9" = "workspace number 9"; - "${modifier}+0" = "workspace number 10"; - - # Move windows - "${modifier}+shift+h" = "move left"; - "${modifier}+shift+l" = "move right"; - "${modifier}+shift+k" = "move up"; - "${modifier}+shift+j" = "move down"; - "${modifier}+shift+1" = "move container to workspace number 1"; - "${modifier}+shift+n" = "move container to workspace number 1"; - "${modifier}+shift+2" = "move container to workspace number 2"; - "${modifier}+shift+m" = "move container to workspace number 2"; - "${modifier}+shift+3" = "move container to workspace number 3"; - "${modifier}+shift+comma" = "move container to workspace number 3"; - "${modifier}+shift+4" = "move container to workspace number 4"; - "${modifier}+shift+period" = "move container to workspace number 4"; - "${modifier}+shift+5" = "move container to workspace number 5"; - "${modifier}+shift+slash" = "move container to workspace number 5"; - "${modifier}+shift+6" = "move container to workspace number 6"; - "${modifier}+shift+7" = "move container to workspace number 7"; - "${modifier}+shift+8" = "move container to workspace number 8"; - "${modifier}+shift+9" = "move container to workspace number 9"; - "${modifier}+shift+0" = "move container to workspace number 10"; - - "${modifier}+left" = "resize shrink width 10 px or 10 ppt"; - "${modifier}+down" = "resize shrink height 10 px or 10 ppt"; - "${modifier}+up" = "resize grow height 10 px or 10 ppt"; - "${modifier}+right" = "resize grow width 10 px or 10 ppt"; - - # Mouse bindings (Mod + drag) - "${modifier}+button1" = "move"; - "${modifier}+button3" = "resize"; - - # Screenshot - "Print" = "exec grim -g \"$(slurp)\" - | wl-copy"; - }; - - bars = [ ]; # Use Waybar via Home Manager - startup = [ - { - command = "exec sh -c 'sleep 0.01; swaymsg workspace number 7 ; sleep 0.01; swaymsg workspace number 1'"; - } - # Waybar is managed by Home Manager systemd unit - # { command = "pgrep waybar >/dev/null || waybar"; } - ]; - } - cfg.extraOptions - ]; - }; -} diff --git a/common/desktop_environment/sway/home_manager/swaylock.nix b/common/desktop_environment/sway/home_manager/swaylock.nix deleted file mode 100644 index 86243aa..0000000 --- a/common/desktop_environment/sway/home_manager/swaylock.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ ... }: -{ - programs.swaylock = { - enable = true; - settings = { - color = "#000000"; - indicator-caps-lock = true; - indicator-idle-visible = true; - indicator-radius = 100; - indicator-thickness = 10; - font = "JetBrainsMono Nerd Font Regular"; - font-size = 20; - }; - }; -} diff --git a/common/desktop_environment/sway/home_manager/swaync.nix b/common/desktop_environment/sway/home_manager/swaync.nix deleted file mode 100644 index 7fb0c8c..0000000 --- a/common/desktop_environment/sway/home_manager/swaync.nix +++ /dev/null @@ -1,112 +0,0 @@ -{ lib, osConfig, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "sway" - "swaync" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - config = lib.mkIf cfg.enable { - services.swaync = { - enable = true; - settings = { - ignore = [ "com.spotify.Client" ]; - positionX = "right"; - positionY = "top"; - layer = "overlay"; - control-center-layer = "top"; - layer-shell = true; - cssPriority = "application"; - control-center-margin-top = 0; - control-center-margin-bottom = 0; - control-center-margin-right = 0; - control-center-margin-left = 0; - notification-2fa-action = true; - notification-inline-replies = false; - notification-icon-size = 64; - notification-body-image-height = 100; - notification-body-image-width = 200; - timeout = 10; - timeout-low = 5; - timeout-critical = 0; - control-center-width = 500; - control-center-height = 600; - notification-window-width = 500; - keyboard-shortcuts = true; - image-visibility = "when-available"; - transition-time = 200; - hide-on-clear = false; - hide-on-action = true; - script-fail-notify = true; - widgets = [ - "inhibitors" - "title" - "dnd" - "volume" - "backlight" - "mpris" - "buttons-grid#quick" - "notifications" - ]; - widget-config = { - inhibitors = { - text = "Inhibitors"; - button-text = "Clear All"; - clear-all-button = true; - }; - title = { - text = "Notifications"; - clear-all-button = true; - button-text = "Clear All"; - }; - dnd.text = "Do Not Disturb"; - mpris = { - image-size = 96; - image-radius = 12; - }; - volume = { - label = "󰕾"; - show-per-app = true; - }; - backlight = { - label = "󰃟"; - device = "intel_backlight"; - }; - # "buttons-grid#quick" = { - # columns = 4; - # icon-size = 20; - # actions = [ - # { label = "󰐥"; tooltip = "Shutdown"; command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; } - # { label = "󰜉"; tooltip = "Reboot"; command = "confirm-action 'systemctl reboot' 'Reboot?'"; } - # { label = "󰍃"; tooltip = "Logout"; command = "confirm-action 'swaymsg exit' 'Logout?'"; } - # ]; - # }; - }; - }; - style = '' - .control-center { background: #1a1b26; border: 2px solid #7dcae4; border-radius: 12px; } - .control-center-list { background: transparent; } - .control-center .notification-row:focus, .control-center .notification-row:hover { opacity: 1; background: #24283b; } - .notification { border-radius: 8px; margin: 6px 12px; box-shadow: 0 0 0 1px rgba(125,196,228,.3), 0 1px 3px 1px rgba(0,0,0,.7), 0 2px 6px 2px rgba(0,0,0,.3); padding: 0; } - .widget-title { margin: 8px; font-size: 1.5rem; color: #c0caf5; } - .widget-dnd { margin: 8px; font-size: 1.1rem; color: #c0caf5; } - .widget-dnd > switch { font-size: initial; border-radius: 8px; background: #414868; border: 1px solid #7dcae4; } - .widget-dnd > switch:checked { background: #7dcae4; } - .widget-mpris { color: #c0caf5; background: #24283b; padding: 8px; margin: 8px; border-radius: 8px; } - .widget-mpris-player { padding: 8px; margin: 8px; } - .widget-mpris-title { font-weight: bold; font-size: 1.25rem; } - .widget-mpris-subtitle { font-size: 1.1rem; color: #9ece6a; } - .widget-volume, .widget-backlight, .widget-menubar { background: #24283b; padding: 8px; margin: 8px; border-radius: 8px; color: #c0caf5; } - .widget-menubar .menu-item button { background: #1f2335; color: #c0caf5; border-radius: 8px; padding: 6px 10px; margin: 4px; border: 1px solid #2e3440; font-family: "JetBrainsMonoNL Nerd Font"; } - .widget-menubar .menu-item button:hover { background: #414868; border-color: #7dcae4; } - .topbar-buttons button { border: none; background: transparent; color: #c0caf5; font-size: 1.1rem; border-radius: 8px; margin: 0 4px; padding: 8px; } - .topbar-buttons button:hover { background: #414868; } - .topbar-buttons button:active { background: #7dcae4; color: #1a1b26; } - ''; - }; - }; -} diff --git a/common/desktop_environment/sway/home_manager/theme.nix b/common/desktop_environment/sway/home_manager/theme.nix deleted file mode 100644 index 5a3fbf7..0000000 --- a/common/desktop_environment/sway/home_manager/theme.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: -{ - home.pointerCursor = { - gtk.enable = true; - package = pkgs.bibata-cursors; - name = "Bibata-Modern-Classic"; - size = 16; - }; - gtk = { - enable = true; - theme = { package = pkgs.flat-remix-gtk; name = "Flat-Remix-GTK-Grey-Darkest"; }; - iconTheme = { package = pkgs.adwaita-icon-theme; name = "Adwaita"; }; - font = { name = "Sans"; size = 11; }; - }; -} diff --git a/common/desktop_environment/sway/home_manager/waybar.nix b/common/desktop_environment/sway/home_manager/waybar.nix deleted file mode 100644 index 3fc38be..0000000 --- a/common/desktop_environment/sway/home_manager/waybar.nix +++ /dev/null @@ -1,259 +0,0 @@ -{ lib, osConfig, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "sway" - "waybar" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - config = lib.mkIf cfg.enable { - - programs.waybar = { - enable = true; - systemd.enable = true; - settings = { - mainBar = { - layer = "top"; - position = "top"; - height = 28; - spacing = 6; - margin-top = 0; - margin-bottom = 0; - margin-left = 10; - margin-right = 10; - - modules-left = [ - "sway/workspaces" - ]; - modules-center = [ - "clock" - "temperature" - "cpu" - "memory" - "disk" - ]; - modules-right = [ - "battery" - "battery#bat2" - "pulseaudio" - "network" - "bluetooth" - "power-profiles-daemon" - "backlight" - "custom/notifications" - "sway/language" - "tray" - "custom/power" - ]; - - "sway/workspaces" = { - format = "{icon}"; - format-icons = { - "1" = "一"; - "2" = "二"; - "3" = "三"; - "4" = "四"; - "5" = "五"; - "6" = "六"; - "7" = "七"; - "8" = "八"; - "9" = "九"; - "10" = "十"; - "11" = "十一"; - "12" = "十二"; - "13" = "十三"; - "14" = "十四"; - "15" = "十五"; - "16" = "十六"; - "17" = "十七"; - "18" = "十八"; - "19" = "十九"; - "20" = "二十"; - }; - disable-scroll = false; - }; - - # CENTER - clock = { - format = "{:%b %d, %H:%M}"; - tooltip-format = "{:%Y %B}\n{calendar}"; - }; - - temperature = { - thermal-zone = 2; - hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; - critical-threshold = 80; - format-critical = "󰔏 {temperatureC}°C"; - format = "󰔏 {temperatureC}°C"; - }; - - cpu = { - format = "󰻠 {usage}%"; - tooltip = true; - on-click = "btop"; - }; - - memory = { - format = "󰍛 {}%"; - on-click = "btop"; - }; - - disk = { - interval = 30; - format = "󰋊 {percentage_used}%"; - path = "/"; - on-click = "btop"; - }; - - # RIGHT - "battery" = { - "states" = { - # "good"= 95; - "warning" = 30; - "critical" = 15; - }; - "format" = "{capacity}% {icon}"; - "format-full" = "{capacity}% {icon}"; - "format-charging" = "{capacity}% "; - "format-plugged" = "{capacity}% "; - "format-alt" = "{time} {icon}"; - # "format-good"= ""; // An empty format will hide the module - # "format-full"= ""; - "format-icons" = [ - "" - "" - "" - "" - "" - ]; - }; - "battery#bat2" = { - "bat" = "BAT2"; - }; - - pulseaudio = { - format = "{icon} {volume}%"; - format-bluetooth = "󰂰 {volume}%"; - format-bluetooth-muted = "󰂲 "; - format-muted = "󰖁 "; - format-source = "󰍬 {volume}%"; - format-source-muted = "󰍭 "; - format-icons = { - headphone = "󰋋"; - hands-free = "󰂑"; - headset = "󰂑"; - phone = "󰏲"; - portable = "󰦧"; - car = "󰄋"; - default = [ - "󰕿" - "󰖀" - "󰕾" - ]; - }; - scroll-step = 5; - on-click = "pavucontrol"; - on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; - }; - - network = { - format-wifi = "󰤨 {essid} ({signalStrength}%)"; - format-ethernet = "󰈀 {ipaddr}/{cidr}"; - tooltip-format = "{ifname} via {gwaddr} "; - format-linked = "󰈀 {ifname} (No IP)"; - format-disconnected = "󰖪 Disconnected"; - # on-click = "wofi-wifi-menu"; - # on-click-right = "nmcli radio wifi toggle"; - }; - - bluetooth = { - format = "󰂯 {status}"; - format-connected = "󰂱 {device_alias}"; - format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; - tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; - tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; - tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; - tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; - # on-click = "wofi-bluetooth-menu"; - # on-click-right = "bluetoothctl power toggle"; - }; - - "power-profiles-daemon" = { - format = "{icon}"; - "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; - tooltip = true; - "format-icons" = { - default = ""; - performance = ""; - balanced = ""; - "power-saver" = ""; - }; - }; - - backlight = { - format = "{percent}% {icon}"; - "format-icons" = [ - "" - "" - "" - "" - "" - "" - "" - "" - "" - ]; - }; - - "custom/notifications" = { - format = "{icon} {}"; - format-icons = { - notification = ""; - none = ""; - dnd-notification = "󰂛"; - dnd-none = "󰂛"; - inhibited-notification = ""; - inhibited-none = ""; - dnd-inhibited-notification = "󰂛"; - dnd-inhibited-none = "󰂛"; - }; - return-type = "json"; - exec-if = "which swaync-client"; - exec = "swaync-client -swb"; - on-click = "swaync-client -t -sw"; - on-click-right = "swaync-client -d -sw"; - escape = true; - tooltip = false; - }; - - "sway/language" = { - format = "{}"; - }; - - "tray" = { - "spacing" = 10; - }; - - "custom/power" = { - format = "⏻ "; - tooltip = false; - menu = "on-click"; - "menu-file" = ./waybar/power_menu.xml; - "menu-actions" = { - shutdown = "shutdown 0"; - reboot = "reboot"; - logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; - }; - }; - - }; - }; - - style = builtins.readFile ./waybar/waybar.css; - }; - }; -} diff --git a/common/desktop_environment/sway/home_manager/waybar/power_menu.xml b/common/desktop_environment/sway/home_manager/waybar/power_menu.xml deleted file mode 100644 index a061b18..0000000 --- a/common/desktop_environment/sway/home_manager/waybar/power_menu.xml +++ /dev/null @@ -1,26 +0,0 @@ - - - - - - Logout - - - - - - - - Reboot - - - - - - - - Shutdown - - - - diff --git a/common/desktop_environment/sway/home_manager/waybar/waybar.css b/common/desktop_environment/sway/home_manager/waybar/waybar.css deleted file mode 100644 index efeba06..0000000 --- a/common/desktop_environment/sway/home_manager/waybar/waybar.css +++ /dev/null @@ -1,101 +0,0 @@ -* { - /* `otf-font-awesome` is required to be installed for icons */ - font-family: "JetBrainsMonoNL Nerd Font", FontAwesome, Roboto, Helvetica, Arial, sans-serif; - font-size: 14px; - border: none; - border-radius: 0; - min-height: 0; - color: #f1f1f1; -} - -window#waybar { - background: transparent; -} - -#workspaces button.focused { - background-color: rgba(220, 220, 220, 0.2); -} - -#workspaces button.urgent { - background-color: rgba(214, 82, 82, 0.3); -} - -button, -#clock, -#battery, -#cpu, -#memory, -#disk, -#temperature, -#backlight, -#network, -#pulseaudio, -#wireplumber, -#custom-media, -#custom-notifications, -#custom-power, -#tray, -#mode, -#idle_inhibitor, -#scratchpad, -#power-profiles-daemon, -#bluetooth, -#language, -#mpd { - padding: 0 5px; - color: #f1f1f1; - background-color: rgba(220, 220, 220, 0.1); - border-radius: 6px; -} - - -button:hover, -#clock:hover, -#battery:hover, -#cpu:hover, -#memory:hover, -#disk:hover, -#temperature:hover, -#backlight:hover, -#network:hover, -#pulseaudio:hover, -#wireplumber:hover, -#custom-media:hover, -#custom-notifications:hover, -#tray:hover, -#mode:hover, -#idle_inhibitor:hover, -#scratchpad:hover, -#power-profiles-daemon:hover, -#bluetooth:hover, -#language:hover, -#mpd:hover { - color: #f1f1f1; - background-color: rgba(220, 220, 220, 0.2); - border-radius: 6px; -} - -#power-profiles-daemon { - padding-right: 15px; -} - -#power-profiles-daemon.performance { - color: #fff7d6; -} - -#power-profiles-daemon.balanced { - color: #d6efff; -} - -#power-profiles-daemon.power-saver { - color:#dcffd6; -} - -#tray>.passive { - -gtk-icon-effect: dim; -} - -#tray>.needs-attention { - -gtk-icon-effect: highlight; - background-color: #eb4d4b; -} diff --git a/common/desktop_environment/sway/home_manager/wofi.nix b/common/desktop_environment/sway/home_manager/wofi.nix deleted file mode 100644 index 8c0ba40..0000000 --- a/common/desktop_environment/sway/home_manager/wofi.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ ... }: -{ - programs.wofi = { - enable = true; - settings = { - width = 500; - height = 600; - location = "bottom"; - show = "drun"; - prompt = "..."; - filter_rate = 100; - allow_markup = true; - no_actions = true; - halign = "fill"; - orientation = "vertical"; - content_halign = "fill"; - insensitive = true; - allow_images = true; - image_size = 40; - gtk_dark = true; - }; - }; -} diff --git a/common/flake.lock b/common/flake.lock deleted file mode 100644 index 9b7c9cb..0000000 --- a/common/flake.lock +++ /dev/null @@ -1,681 +0,0 @@ -{ - "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager_2", - "nixpkgs": [ - "ragenix", - "nixpkgs" - ], - "systems": "systems_2" - }, - "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", - "owner": "ryantm", - "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, - "aquamarine": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759499898, - "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", - "owner": "hyprwm", - "repo": "aquamarine", - "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "aquamarine", - "type": "github" - } - }, - "crane": { - "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", - "owner": "ipetkov", - "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "ragenix", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1700795494, - "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-utils": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "hyprland", - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1758463745, - "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", - "owner": "rycee", - "repo": "home-manager", - "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", - "type": "github" - }, - "original": { - "owner": "rycee", - "ref": "release-25.05", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "ragenix", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1703113217, - "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "hyprcursor": { - "inputs": { - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1753964049, - "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", - "owner": "hyprwm", - "repo": "hyprcursor", - "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprcursor", - "type": "github" - } - }, - "hyprgraphics": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759490292, - "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", - "owner": "hyprwm", - "repo": "hyprgraphics", - "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprgraphics", - "type": "github" - } - }, - "hyprland": { - "inputs": { - "aquamarine": "aquamarine", - "hyprcursor": "hyprcursor", - "hyprgraphics": "hyprgraphics", - "hyprland-protocols": "hyprland-protocols", - "hyprland-qtutils": "hyprland-qtutils", - "hyprlang": "hyprlang", - "hyprutils": "hyprutils", - "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs_2", - "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems", - "xdph": "xdph" - }, - "locked": { - "lastModified": 1760813095, - "narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=", - "owner": "hyprwm", - "repo": "Hyprland", - "rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "Hyprland", - "type": "github" - } - }, - "hyprland-protocols": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1749046714, - "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", - "owner": "hyprwm", - "repo": "hyprland-protocols", - "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-protocols", - "type": "github" - } - }, - "hyprland-qt-support": { - "inputs": { - "hyprlang": [ - "hyprland", - "hyprland-qtutils", - "hyprlang" - ], - "nixpkgs": [ - "hyprland", - "hyprland-qtutils", - "nixpkgs" - ], - "systems": [ - "hyprland", - "hyprland-qtutils", - "systems" - ] - }, - "locked": { - "lastModified": 1749154592, - "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "type": "github" - } - }, - "hyprland-qtutils": { - "inputs": { - "hyprland-qt-support": "hyprland-qt-support", - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprland-qtutils", - "hyprlang", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759080228, - "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "type": "github" - } - }, - "hyprlang": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1758927902, - "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", - "owner": "hyprwm", - "repo": "hyprlang", - "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprlang", - "type": "github" - } - }, - "hyprutils": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759619523, - "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", - "owner": "hyprwm", - "repo": "hyprutils", - "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprutils", - "type": "github" - } - }, - "hyprwayland-scanner": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755184602, - "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "type": "github" - } - }, - "nix-flatpak": { - "locked": { - "lastModified": 1739444422, - "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", - "owner": "gmodena", - "repo": "nix-flatpak", - "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", - "type": "github" - }, - "original": { - "owner": "gmodena", - "ref": "latest", - "repo": "nix-flatpak", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1753345091, - "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1759381078, - "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1741379970, - "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": "flake-compat", - "gitignore": "gitignore", - "nixpkgs": [ - "hyprland", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1758108966, - "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "ragenix": { - "inputs": { - "agenix": "agenix", - "crane": "crane", - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_3", - "rust-overlay": "rust-overlay" - }, - "locked": { - "lastModified": 1744897914, - "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", - "owner": "yaxitech", - "repo": "ragenix", - "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", - "type": "github" - }, - "original": { - "owner": "yaxitech", - "repo": "ragenix", - "type": "github" - } - }, - "root": { - "inputs": { - "home-manager": "home-manager", - "hyprland": "hyprland", - "nix-flatpak": "nix-flatpak", - "ragenix": "ragenix" - } - }, - "rust-overlay": { - "inputs": { - "nixpkgs": [ - "ragenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1741400194, - "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "systems": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "xdph": { - "inputs": { - "hyprland-protocols": [ - "hyprland", - "hyprland-protocols" - ], - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755354946, - "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "type": "github" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/common/flake.nix b/common/flake.nix deleted file mode 100644 index a91557d..0000000 --- a/common/flake.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ - inputs = { - # NOTE if you add/change any inputs here also add them in the TOP level repo's flake.nix - home-manager.url = "github:rycee/home-manager/release-25.05"; - ragenix.url = "github:yaxitech/ragenix"; - hyprland.url = "github:hyprwm/Hyprland"; - nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; - }; - - outputs = - { - home-manager, - ragenix, - nix-flatpak, - hyprland, - ... - }: - { - nixosModules = { - default = - { - config, - lib, - pkgs, - ... - }: - { - imports = [ - home-manager.nixosModules.default - ragenix.nixosModules.age - - nix-flatpak.nixosModules.nix-flatpak - hyprland.nixosModules.default - ./_home_manager - ./options.nix - ./general - ./boot - ./desktop_environment - ./users - ./programs - ./secrets - ]; - config = { - nixpkgs.overlays = [ - # (final: prev: { - # wayland-protocols = - # nixpkgs-unstable.legacyPackages.${prev.stdenv.hostPlatform.system}.wayland-protocols; - # }) - ]; - _module.args = { - inherit ragenix; - inherit hyprland; - hyprlandPkgs = import hyprland.inputs.nixpkgs { - system = pkgs.stdenv.hostPlatform.system; - config = config.nixpkgs.config or { }; - }; - }; - }; - }; - }; - homeManagerModules = { - zsh = import ./_home_manager/mods/zsh.nix; - tmux = import ./_home_manager/mods/tmux/tmux.nix; - atuin = import ./_home_manager/mods/atuin.nix; - zoxide = import ./_home_manager/mods/zoxide.nix; - starship = import ./_home_manager/mods/starship.nix; - direnv = import ./_home_manager/mods/direnv.nix; - ssh = import ./_home_manager/mods/ssh.nix; - git = import ./_home_manager/mods/git.nix; - nix_deprecations = import ./_home_manager/mods/nix_deprecations.nix; - - alacritty = import ./_home_manager/mods/alacritty.nix; - foot = import ./_home_manager/mods/foot.nix; - kitty = import ./_home_manager/mods/kitty.nix; - launcher_rofi = import ./_home_manager/mods/launcher_rofi.nix; - - obs = import ./_home_manager/mods/obs.nix; - postgres = import ./_home_manager/mods/postgres.nix; - slicer = import ./_home_manager/mods/slicer.nix; - - }; - }; -} diff --git a/common/general/default.nix b/common/general/default.nix deleted file mode 100644 index 9212944..0000000 --- a/common/general/default.nix +++ /dev/null @@ -1,225 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "general" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - top_cfg = config.${ccfg.custom_config_key}; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - flakeOptions = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable nix flake options"; - }; - unfree = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable unfree packages"; - }; - readWindowsDrives = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Read windows drives"; - }; - disableRemoteBuildsOnLio = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Disable remote builds on lio"; - }; - timezone = lib.mkOption { - type = lib.types.str; - default = "America/Chicago"; - description = "Timezone"; - }; - defaultLocal = lib.mkOption { - type = lib.types.str; - default = "en_US.UTF-8"; - description = "Default locale"; - }; - fastShutdown = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Fast shutdown"; - }; - enableSleep = lib.mkEnableOption (lib.mdDoc "Enable auto sleeping"); - hideBootLogs = lib.mkEnableOption (lib.mdDoc "Hide boot logs on startup"); - }; - imports = [ - ./shell/common.nix - ./fonts.nix - ./tty_caps_esc.nix - ./reporting.nix - ]; - config = { - # name this computer - networking = { - hostName = top_cfg.systemName; - nftables.enable = true; - # Clears firewall rules on reboot, only ones set in config will be remade - nftables.flushRuleset = true; - firewall.enable = true; - }; - - # services.opensnitch = { - # enable = true; - # settings = { - # Firewall = if config.networking.nftables.enable then "nftables" else "iptables"; - # InterceptUknown = true; - # ProcMonitorMethod = "ebpf"; - # DefaultAction = "deny"; - # }; - # rules = { - # - # }; - # }; - - # Enable flakes - nix.settings.experimental-features = lib.mkIf cfg.flakeOptions [ - "nix-command" - "flakes" - ]; - - # Allow unfree - nixpkgs.config.allowUnfree = cfg.unfree; - nixpkgs.config.allowUnfreePredicate = (pkg: cfg.unfree); - environment.variables = lib.mkIf cfg.unfree { - NIXPKGS_ALLOW_UNFREE = "1"; - }; - - # allow mounting ntfs filesystems - boot.supportedFilesystems = lib.mkIf cfg.readWindowsDrives [ "ntfs" ]; - - # make shutdown faster for waiting - systemd.extraConfig = lib.mkIf cfg.fastShutdown '' - DefaultTimeoutStopSec=8s - ''; - - nix.settings = { - max-jobs = "auto"; - # Fallback quickly if substituters are not available. - connect-timeout = 5; - download-attempts = 3; - download-buffer-size = 524288000; # default is 67108864, this increases to ~500MB - # The default at 10 is rarely enough. - log-lines = 50; - # Avoid disk full issues - max-free = (3000 * 1024 * 1024); - min-free = (1000 * 1024 * 1024); - # Avoid copying unnecessary stuff over SSH - builders-use-substitutes = true; - auto-optimise-store = true; - trusted-users = [ - "root" - "@wheel" - ]; - substituters = [ - "https://cache.nixos.org/" - "https://hyprland.cachix.org" - "https://cosmic.cachix.org/" - "https://nix-community.cachix.org" - ]; - trusted-substituters = config.nix.settings.substituters; - trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" - "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - }; - nix.extraOptions = '' - keep-outputs = true - keep-derivations = true - ${lib.optionalString ( - # TODO revisit this should it move? - config ? age && config.age ? secrets && config.age.secrets ? github_read_token - ) "!include ${config.age.secrets.github_read_token.path}"} - ''; - - # Enable zsh - programs.zsh.enable = true; - environment.pathsToLink = [ "/share/zsh" ]; - - # nix helper - programs.nh = { - enable = true; - # clean.enable = true; # TODO revist does this solve my re-building issues? - clean.extraArgs = "--keep 10"; - # `flake` path is set in users/default.nix for the primary user if set - }; - - # Remote build off home lio computer - programs.ssh.extraConfig = lib.mkIf (!cfg.disableRemoteBuildsOnLio) '' - Host lio_ - PubkeyAcceptedKeyTypes ssh-ed25519 - ServerAliveInterval 60 - IPQoS throughput - ${lib.optionalString ( - config ? age && config.age ? secrets && config.age.secrets ? nix2lio - ) "IdentityFile ${config.age.secrets.nix2lio.path}"} - ''; - nix = { - distributedBuilds = lib.mkIf (!cfg.disableRemoteBuildsOnLio) true; - buildMachines = lib.mkIf (!cfg.disableRemoteBuildsOnLio) [ - { - hostName = "lio"; - system = "x86_64-linux"; - protocol = "ssh-ng"; - maxJobs = 32; - speedFactor = 2; - supportedFeatures = [ - "nixos-test" - "benchmark" - "big-parallel" - "kvm" - "uid-range" # Often helpful - ]; - mandatoryFeatures = [ ]; - } - ]; - }; - - # TODO can I make this Roaming automatically somehow? - time.timeZone = cfg.timezone; - # Select internationalization properties. - i18n.defaultLocale = cfg.defaultLocal; - i18n.extraLocaleSettings = { - LC_ADDRESS = cfg.defaultLocal; - LC_IDENTIFICATION = cfg.defaultLocal; - LC_MEASUREMENT = cfg.defaultLocal; - LC_MONETARY = cfg.defaultLocal; - LC_NAME = cfg.defaultLocal; - LC_NUMERIC = cfg.defaultLocal; - LC_PAPER = cfg.defaultLocal; - LC_TELEPHONE = cfg.defaultLocal; - LC_TIME = cfg.defaultLocal; - }; - - # Turn off sleep - systemd.sleep.extraConfig = lib.mkIf (!cfg.enableSleep) '' - [Sleep] - AllowSuspend=no - AllowHibernation=no - AllowSuspendThenHibernate=no - AllowHybridSleep=no - ''; - - # Hide boot logs - boot.initrd.verbose = cfg.hideBootLogs; - boot.consoleLogLevel = lib.mkIf cfg.hideBootLogs 3; - boot.kernelParams = lib.mkIf cfg.hideBootLogs [ - "quiet" - "loglevel=3" - "systemd.show_status=false" - ]; - }; -} diff --git a/common/general/fonts.nix b/common/general/fonts.nix deleted file mode 100644 index ebc1014..0000000 --- a/common/general/fonts.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: -let - hasNewJetbrainsMono = - if builtins.hasAttr "nerd-fonts" pkgs then - builtins.hasAttr "jetbrains-mono" pkgs."nerd-fonts" - else - false; - - jetbrainsMonoFont = - if hasNewJetbrainsMono then - pkgs.nerd-fonts.jetbrains-mono - else - (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); - - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "general" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - jetbrainsMonoFont = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable jetbrains mono font"; - }; - japaneseFonts = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable japanese fonts"; - }; - }; - - config = { - fonts.packages = - lib.optionals cfg.jetbrainsMonoFont [ - jetbrainsMonoFont - ] - ++ lib.optionals cfg.japaneseFonts ( - with pkgs; - [ - ipafont - kochi-substitute - noto-fonts-cjk-sans # Or another CJK font - ] - ); - - fonts.fontconfig.enable = true; - }; -} diff --git a/common/general/reporting.nix b/common/general/reporting.nix deleted file mode 100644 index f769402..0000000 --- a/common/general/reporting.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ - lib, - config, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "general" - "reporting" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "Reporting node info and logs to grafana"; - lokiUrl = lib.mkOption { - type = lib.types.str; - default = "http://h001.net.joshuabell.xyz:3100/loki/api/v1/push"; - description = "URL of the Loki instance to send logs to"; - }; - }; - - config = lib.mkIf cfg.enable { - services.prometheus.exporters.node = { - enable = true; - port = 9100; - }; - - # Create necessary directories with appropriate permissions - systemd.tmpfiles.rules = [ - "d /tmp/positions 1777 - - -" # World-writable directory for positions file - "f /tmp/positions.yaml 0666 - - -" # World-writable positions file - ]; - users.groups.systemd-journal.members = [ "promtail" ]; - services.promtail = { - enable = true; - extraFlags = [ - "-config.expand-env=true" - ]; - configuration = { - server = { - http_listen_port = 9080; - grpc_listen_port = 0; - }; - positions = { - filename = "/tmp/positions.yaml"; # Changed from /var/lib/promtail/positions.yaml - }; - clients = [ - { - url = cfg.lokiUrl; - } - ]; - scrape_configs = [ - { - job_name = "journal"; - journal = { - json = false; - max_age = "12h"; - path = "/var/log/journal"; - labels = { - job = "systemd-journal"; - host = config.networking.hostName; - }; - }; - relabel_configs = [ - { - source_labels = [ "__journal__systemd_unit" ]; - target_label = "unit"; - } - ]; - } - ]; - }; - }; - }; -} diff --git a/common/general/shell/branch.func.sh b/common/general/shell/branch.func.sh deleted file mode 100644 index 03908fc..0000000 --- a/common/general/shell/branch.func.sh +++ /dev/null @@ -1,213 +0,0 @@ -branch() { - local branch_name=${1:-} - - # helper: set tmux window name. If tmux is in auto mode, always rename. - # If tmux is manual but the current window name matches the previous branch, - # allow renaming from previous branch name to the new one. - _branch__maybe_set_tmux_name() { - if ! command -v tmux_window >/dev/null 2>&1; then - return 1 - fi - local new_name prev_branch tmux_status tmux_cur - new_name=${1:-} - prev_branch=${2:-} - tmux_status=$(tmux_window status 2>/dev/null || true) - if [ "$tmux_status" = "auto" ]; then - tmux_window rename "$new_name" 2>/dev/null || true - return 0 - fi - # tmux is manual. If the current tmux name matches the previous branch, - # we consider it safe to update it to the new branch name. - if [ -n "$prev_branch" ]; then - tmux_cur=$(tmux_window get 2>/dev/null || true) - if [ "$tmux_cur" = "$prev_branch" ]; then - tmux_window rename "$new_name" 2>/dev/null || true - fi - fi - } - - # helper: revert tmux to automatic rename only if current tmux name matches previous branch - _branch__revert_tmux_auto() { - if ! command -v tmux_window >/dev/null 2>&1; then - return 1 - fi - local prev_branch=${1:-} - if [ -z "$prev_branch" ]; then - tmux_window rename 2>/dev/null || true - return 0 - fi - local tmux_cur - tmux_cur=$(tmux_window get 2>/dev/null || true) - if [ "$tmux_cur" = "$prev_branch" ]; then - tmux_window rename 2>/dev/null || true - fi - } - - # Determine repo root early so we can run branches inside it - local common_dir - if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then - echo "Not inside a git repository." >&2 - return 1 - fi - if [ "${common_dir#/}" = "$common_dir" ]; then - common_dir="$(pwd)/$common_dir" - fi - local repo_dir="${common_dir%%/.git*}" - if [ -z "$repo_dir" ]; then - echo "Unable to determine repository root." >&2 - return 1 - fi - - # If no branch was provided, present an interactive selector combining local and remote branches - if [ -z "$branch_name" ]; then - if ! command -v fzf >/dev/null 2>&1; then - echo "Usage: branch " >&2 - return 2 - fi - - local branches_list_raw branches_list selection - # Gather local and remote branches with fallbacks to ensure locals appear - branches_list_raw="" - if declare -f local_branches >/dev/null 2>&1; then - branches_list_raw=$(cd "$repo_dir" && local_branches 2>/dev/null || true; cd "$repo_dir" && remote_branches 2>/dev/null || true) - fi - branches_list=$(printf "%s -" "$branches_list_raw" | awk '!seen[$0]++') - if [ -z "$branches_list" ]; then - echo "No branches found." >&2 - return 1 - fi - - fzf_out=$(printf "%s\n" "$branches_list" | fzf --height=40% --prompt="Select branch: " --print-query) - if [ -z "$fzf_out" ]; then - echo "No branch selected." >&2 - return 1 - fi - branch_query=$(printf "%s\n" "$fzf_out" | sed -n '1p') - branch_selection=$(printf "%s\n" "$fzf_out" | sed -n '2p') - if [ -n "$branch_selection" ]; then - branch_name="$branch_selection" - else - # user typed something in fzf but didn't select: use that as new branch name - branch_name=$(printf "%s" "$branch_query" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') - fi - fi - - local repo_base repo_hash default_branch - repo_base=$(basename "$repo_dir") - repo_hash=$(printf "%s" "$repo_dir" | sha1sum | awk '{print $1}') - - default_branch=$(getdefault) - - # capture current branch name as seen by tmux so we can decide safe renames later - local prev_branch - prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) - - # Special-case: jump to the main working tree on the default branch - if [ "$branch_name" = "default" ] || [ "$branch_name" = "master" ] || [ "$branch_name" = "$default_branch" ]; then - if [ "$repo_dir" = "$PWD" ]; then - echo "Already in the main working tree on branch '$default_branch'." - return 0 - fi - echo "Switching to main working tree on branch '$default_branch'." - # capture current branch name as seen by tmux so we only revert if it matches - prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) - cd "$repo_dir" || return 1 - _branch__revert_tmux_auto "$prev_branch" || true - return 0 - fi - - # If a worktree for this branch is already registered elsewhere, open a shell there - local existing - existing=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="$branch_name" 'BEGIN{RS="";FS="\n"} $0 ~ "refs/heads/"b{for(i=1;i<=NF;i++) if ($i ~ /^worktree /){ sub(/^worktree /,"",$i); print $i }}') - if [ -n "$existing" ]; then - echo "Opening existing worktree for branch '$branch_name' at '$existing'." - cd "$existing" || return 1 - _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true - return 0 - fi - - # Ensure we have up-to-date remote info - git -C "$repo_dir" fetch --all --prune || true - - local wt_root wt_path - if [ -z "$xdg" ]; then - xdg="${XDG_DATA_HOME:-$HOME/.local/share}" - fi - wt_root="$xdg/git_worktrees/${repo_base}_${repo_hash}" - wt_path="$wt_root/$branch_name" - - # ensure worktree root exists - if [ ! -d "$wt_root" ]; then - mkdir -p "$wt_root" || { echo "Failed to create worktree root: $wt_root" >&2; return 1; } - fi - - # If worktree already exists at our expected path, open a shell there - if [ -d "$wt_path" ]; then - echo "Opening existing worktree at '$wt_path'." - cd "$wt_path" || return 1 - _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true - return 0 - fi - - local branch_exists branch_from local_exists - branch_exists=$(git -C "$repo_dir" ls-remote --heads origin "$branch_name" | wc -l) - # check if a local branch exists - if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch_name"; then - local_exists=1 - else - local_exists=0 - fi - - branch_from="$default_branch" - if [ "$branch_exists" -eq 0 ]; then - if [ "$local_exists" -eq 1 ]; then - branch_from="$branch_name" - echo "Branch '$branch_name' exists locally; creating worktree from local branch." - else - echo "Branch '$branch_name' does not exist on remote; creating from '$branch_from'." - fi - else - branch_from="origin/$branch_name" - echo "Branch '$branch_name' exists on remote; creating worktree tracking it." - fi - - echo "Creating new worktree for branch '$branch_name' at '$wt_path'." - - # Try to add or update worktree from the resolved ref. Use a fallback path if needed. - if [ "$local_exists" -eq 1 ]; then - if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then - cd "$wt_path" || return 1 - _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true - return 0 - fi - - else - if git -C "$repo_dir" worktree add -b "$branch_name" "$wt_path" "$branch_from" 2>/dev/null; then - cd "$wt_path" || return 1 - _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true - return 0 - fi - fi - - # Fallback: try to resolve a concrete SHA and create the branch ref locally, then add worktree - local start_sha - if start_sha=$(git -C "$repo_dir" rev-parse --verify "$branch_from" 2>/dev/null); then - if git -C "$repo_dir" branch "$branch_name" "$start_sha" 2>/dev/null; then - if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then - cd "$wt_path" || return 1 - _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true - return 0 - else - git -C "$repo_dir" branch -D "$branch_name" 2>/dev/null || true - rmdir "$wt_path" 2>/dev/null || true - echo "Failed to add worktree after creating branch ref." >&2 - return 1 - fi - fi - fi - - echo "Failed to add worktree for branch '$branch_name'." >&2 - rmdir "$wt_path" 2>/dev/null || true - return 1 -} diff --git a/common/general/shell/branchd.func.sh b/common/general/shell/branchd.func.sh deleted file mode 100644 index a7769d2..0000000 --- a/common/general/shell/branchd.func.sh +++ /dev/null @@ -1,131 +0,0 @@ -branchdel() { - # branchdel — remove a branch worktree (optional branch arg) - local branch_arg - branch_arg="$1" - local wt_path - wt_path=$(pwd) - local common_dir repo_dir - if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then - echo "Not inside a git repository." >&2 - return 1 - fi - if [ "${common_dir#/}" = "$common_dir" ]; then - common_dir="$(pwd)/$common_dir" - fi - repo_dir="${common_dir%%/.git*}" - if [ -z "$repo_dir" ]; then - echo "Unable to determine repository root." >&2 - return 1 - fi - - # determine current branch in this worktree - local current default_branch branch target_wt - current=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) || { echo "Not inside a git repository." >&2; return 1; } - - default_branch=$(getdefault) - - # choose branch: provided arg or current - if [ -z "$branch_arg" ]; then - branch="$current" - else - branch="$branch_arg" - fi - # normalize branch name if refs/heads/ was provided - branch="${branch#refs/heads/}" - - # don't remove default - if [ "$branch" = "$default_branch" ] || [ "$branch" = "default" ]; then - echo "Refusing to remove default branch worktree ($default_branch)." >&2 - return 1 - fi - - # find the worktree path for the requested branch - target_wt=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="refs/heads/$branch" ' - $1=="worktree" { w=$2 } - $1=="branch" && $2==b { print w; exit } - ') - - # if not found in worktree list, check main worktree branch - if [ -z "$target_wt" ]; then - local main_branch - main_branch=$(git -C "$repo_dir" rev-parse --abbrev-ref HEAD 2>/dev/null || true) - if [ "$main_branch" = "$branch" ]; then - target_wt="$repo_dir" - fi - fi - - if [ -z "$target_wt" ]; then - echo "No worktree found for branch '$branch'." >&2 - return 1 - fi - - if [ "$target_wt" = "$repo_dir" ]; then - echo "Branch '$branch' is the main worktree at '$repo_dir'. Will not delete main worktree." >&2 - return 1 - fi - - # if we're currently in that branch/worktree, switch to default and cd to repo root first - if [ "$current" = "$branch" ]; then - echo "Currently on branch '$branch' in '$wt_path'. Switching to default branch '$default_branch' in main worktree..." - if declare -f branch >/dev/null 2>&1; then - branch default || { echo "Failed to switch to default branch" >&2; return 1; } - else - git -C "$repo_dir" checkout "$default_branch" || { echo "Failed to checkout default branch" >&2; return 1; } - fi - cd "$repo_dir" || { echo "Failed to change directory to repo root: $repo_dir" >&2; return 1; } - fi - - echo "Removing worktree at: $target_wt" - # helper: attempt a guarded, forceful removal of a directory - remove_dir_forcefully() { - local dir="$1" - if [ -z "$dir" ]; then - return 1 - fi - # resolve absolute paths - local abs_dir abs_repo - abs_dir=$(readlink -f -- "$dir" 2>/dev/null) || abs_dir="$dir" - abs_repo=$(readlink -f -- "$repo_dir" 2>/dev/null) || abs_repo="$repo_dir" - - # safety checks: do not remove repository root or / - if [ "$abs_dir" = "/" ] || [ "$abs_dir" = "$abs_repo" ]; then - echo "Refusing to remove unsafe path: $abs_dir" >&2 - return 1 - fi - - # try plain rm -rf - rm -rf -- "$abs_dir" 2>/dev/null && return 0 - - # fix permissions then try again - chmod -R u+rwx "$abs_dir" 2>/dev/null || true - rm -rf -- "$abs_dir" 2>/dev/null && return 0 - - # try removing contents first, then remove directory - if find "$abs_dir" -mindepth 1 -exec rm -rf -- {} + 2>/dev/null; then - rmdir "$abs_dir" 2>/dev/null || true - fi - - # final existence check - [ ! -e "$abs_dir" ] - } - - # try unregistering the worktree, prefer normal then fallback to --force - if git -C "$repo_dir" worktree remove "$target_wt" 2>/dev/null || git -C "$repo_dir" worktree remove --force "$target_wt" 2>/dev/null; then - if remove_dir_forcefully "$target_wt"; then - echo "Removed worktree: $target_wt" - else - echo "Worktree removed from git, but failed to fully delete directory: $target_wt" >&2 - echo "Attempted to force-delete; you may need to remove it manually with sudo." >&2 - fi - - # delete local branch if it exists - if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch"; then - git -C "$repo_dir" branch -D "$branch" 2>/dev/null || true - echo "Deleted local branch: $branch" - fi - return 0 - fi - - echo "Failed to remove worktree: $target_wt" >&2 - return 1 -} diff --git a/common/general/shell/common.nix b/common/general/shell/common.nix deleted file mode 100644 index 2d79ea5..0000000 --- a/common/general/shell/common.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ - lib, - pkgs, - ... -}: -with lib; -{ - config = { - environment.systemPackages = with pkgs; [ - # Basics - vim - nano - wget - curl - jq - fastfetch - bat - htop - unzip - git - fzf - ripgrep - lsof - killall - hdparm - speedtest-cli - lf - ]; - - environment.shellAliases = { - n = "nvim"; - nn = "nvim --headless '+SessionDelete' +qa > /dev/null 2>&1 && nvim"; - bat = "bat --theme Coldark-Dark"; - cat = "bat --pager=never -p"; - # TODO this may not be needed now that I am using `nh` clean mode (see /hosts/_common/configuration.nix#programs.nh) - nix-boot-clean = "find '/boot/loader/entries' -type f ! -name 'windows.conf' | head -n -4 | xargs -I {} rm {}; nix store gc; nixos-rebuild boot; echo; df"; - ndr = "nix-direnv-reload"; - - # general unix - date_compact = "date +'%Y%m%d'"; - date_short = "date +'%Y-%m-%d'"; - ls = "ls --color -Gah"; - ll = "ls --color -Galhtr"; - lss = "du --max-depth=0 -h {.,}* 2>/dev/null | sort -hr"; - psg = "ps aux | head -n 1 && ps aux | grep -v 'grep' | grep"; - cl = "clear"; - - # git - status = "git status"; - diff = "git diff"; - branches = "git branch -a"; - gcam = "git commit -a -m"; - gcm = "git commit -m"; - stashes = "git stash list"; - bd = "branch default"; - li = "link_ignored"; - bx = "branchdel"; - b = "branch"; - - # ripgrep - rg = "rg --no-ignore"; - rgf = "rg --files --glob '!/nix/store/**' 2>/dev/null | rg"; - }; - - environment.shellInit = lib.concatStringsSep "\n\n" [ - (builtins.readFile ./common.sh) - (builtins.readFile ./tmux_helpers.sh) - (builtins.readFile ./branch.func.sh) - (builtins.readFile ./branchd.func.sh) - (builtins.readFile ./link_ignored.func.sh) - ]; - }; -} diff --git a/common/general/shell/common.sh b/common/general/shell/common.sh deleted file mode 100644 index 6f9fcb9..0000000 --- a/common/general/shell/common.sh +++ /dev/null @@ -1,220 +0,0 @@ -# Check if ~/.config/environment exists and source all files within it -if [ -d "$HOME/.config/environment" ]; then - for file in "$HOME/.config/environment/"*; do - if [ -r "$file" ]; then - if ! . "$file"; then - echo "Failed to source $file" - fi - fi - done -fi - -# Basics -htop_psg () { - htop -p $(psg $1 | awk '{r=r s $2;s=","} END{print r}') -} - -htop_pid () { - htop -p $(ps -ef | awk -v proc=$1 '$3 == proc { cnt++;if (cnt == 1) { printf "%s",$2 } else { printf ",%s",$2 } }') -} - -psg_kill() { - ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do - if [ -n "${pid}" ]; then - echo "killing ${pid}" - kill -9 "${pid}" &> /dev/null - fi - done -} - -psg_terminate() { - ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do - if [ -n "${pid}" ]; then - echo "Terminating ${pid}" - kill -15 "${pid}" &> /dev/null - fi - done -} - -psg_skill() { - ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do - if [ -n "${pid}" ]; then - echo "Killing ${pid}" - sudo kill -9 "${pid}" &> /dev/null - fi - done -} - -mail_clear() { - : > /var/mail/$USER -} - -speedtest_fs () { - dir=$(pwd) - drive=$(df -h ${dir} | awk 'NR==2 {print $1}') - echo Testing read speeds on drive ${drive} - sudo hdparm -Tt ${drive} - test_file=$(date +%u%m%d) - test_file="${dir}/speedtest_fs_${test_file}" - echo - echo Testing write speeds into test file: ${test_file} - dd if=/dev/zero of=${test_file} bs=8k count=10k; rm -f ${test_file} -} - -speedtest_internet () { - speedtest-cli -} - -# git -getdefault () { - git remote show origin | grep "HEAD branch" | sed 's/.*: //' -} - -master () { - branch $(getdefault) - git checkout $(getdefault) - pull -} - -mp () { - master - prunel -} - -pullmaster () { - git pull origin $(getdefault) -} - -push () { - B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') - git pull origin $B - git push origin $B --no-verify -} - -pull () { - git fetch - B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') - git pull origin $B -} - -forcepush () { - B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') - git push origin $B --force -} - -remote_branches () { - git for-each-ref --format='%(refname:short)' refs/remotes 2>/dev/null | sed 's#^[^/]*/##' | grep -v '^HEAD$' || true -} - -local_branches () { - git for-each-ref --format='%(refname:short)' refs/heads 2>/dev/null || true -} - -prunel () { - git fetch - git remote prune origin - - for local in $(local_branches); do - in=false - for remote in $(remote_branches); do - if [[ ${local} = ${remote} ]]; then - in=true - fi - done; - if [[ $in = 'false' ]]; then - git branch -D ${local} - else - echo 'Skipping branch '${local} - fi - done; -} - -from_master () { - git checkout $(getdefault) $@ -} - -stash() { - local branch - branch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) - local datetime - datetime=$(date +"%Y-%m-%d_%H-%M") - local default_label="${datetime}_${branch}" - if [ -n "$ZSH_VERSION" ]; then - read "label?Stash label [default: $default_label]: " - else - read -e -p "Stash label [default: $default_label]: " label - fi - label=${label:-$default_label} - git stash push -u -k -m "$label" -} - -pop() { - local selection - selection=$(git stash list | \ - fzf --prompt="Select stash to pop: " \ - --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") - [ -z "$selection" ] && echo "No stash selected." && return 1 - local stash_ref - stash_ref=$(echo "$selection" | awk -F: '{print $1}') - echo "Popping $stash_ref..." - git stash pop "$stash_ref" -} - -delstash() { - local selection - selection=$(git stash list | \ - fzf --prompt="Select stash to pop: " \ - --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") - [ -z "$selection" ] && echo "No stash selected." && return 1 - local stash_ref - stash_ref=$(echo "$selection" | awk -F: '{print $1}') - echo "About to delete $stash_ref." - git stash drop "$stash_ref" -} - -# nix -alias nixpkgs=nixpkg -nixpkg () { - if [ $# -eq 0 ]; then - echo "Error: No arguments provided. Please specify at least one package." - return 1 - fi - cmd="nix shell" - for pkg in "$@"; do - cmd="$cmd \"nixpkgs#$pkg\"" - done - eval $cmd -} - -# Marks some files as in "git" but they won't actually get pushed up to the git repo -# Usefull for `gintent .envrc flake.lock flake.nix` to add nix items required by flakes in a git repo that won't want flakes added -gintent() { - for file in "$@"; do - if [ -f "$file" ]; then - git add --intent-to-add "$file" - git update-index --assume-unchanged "$file" - echo "Intent added for $file" - else - echo "File not found: $file" - fi - done -} -alias gintentnix="gintent .envrc flake.lock flake.nix" - -gintent_undo() { - for file in "$@"; do - if [ -f "$file" ]; then - git update-index --no-assume-unchanged "$file" - echo "Intent removed for $file" - else - echo "File not found: $file" - fi - done -} -alias gintentnix_undo="gintent_undo .envrc flake.lock flake.nix" - - -# Aider -aider () { - http_proxy="" all_proxy="" https_proxy="" AZURE_API_BASE=http://100.64.0.8 AZURE_API_VERSION=2025-01-01-preview AZURE_API_KEY=1 nix run "nixpkgs#aider-chat-full" -- aider --dark-mode --no-gitignore --no-check-update --no-auto-commits --model azure/gpt-4.1-2025-04-14 $@ -} diff --git a/common/general/shell/link_ignored.func.sh b/common/general/shell/link_ignored.func.sh deleted file mode 100644 index 0043ed9..0000000 --- a/common/general/shell/link_ignored.func.sh +++ /dev/null @@ -1,159 +0,0 @@ -link_ignored() { - local DRY_RUN=0 - local USE_FZF=1 - local -a PATTERNS=() - - while [ $# -gt 0 ]; do - case "$1" in - --dry-run) DRY_RUN=1; shift ;; - --no-fzf) USE_FZF=0; shift ;; - -h|--help) link_ignored_usage; return 0 ;; - --) shift; break ;; - *) PATTERNS+=("$1"); shift ;; - esac - done - - link_ignored_usage() { - cat </dev/null); then - echo "Error: not in a git repository." >&2 - return 2 - fi - if [ "${common_dir#/}" = "$common_dir" ]; then - common_dir="$(pwd)/$common_dir" - fi - repo_root="${common_dir%%/.git*}" - if [ -z "$repo_root" ]; then - echo "Error: unable to determine repository root." >&2 - return 2 - fi - - local -a candidates=() - while IFS= read -r -d '' file; do - candidates+=("$file") - done < <(git -C "$repo_root" ls-files --others --ignored --exclude-standard -z || true) - - if [ ${#candidates[@]} -eq 0 ]; then - echo "No untracked/ignored files found in $repo_root" - return 0 - fi - - local -a tops=() - for c in "${candidates[@]}"; do - c="${c%/}" - local top="${c%%/*}" - [ -z "$top" ] && continue - local found=0 - for existing in "${tops[@]}"; do - [ "$existing" = "$top" ] && found=1 && break - done - [ "$found" -eq 0 ] && tops+=("$top") - done - - if [ ${#tops[@]} -eq 0 ]; then - echo "No top-level ignored/untracked entries found in $repo_root" - return 0 - fi - - local -a filtered - if [ ${#PATTERNS[@]} -gt 0 ]; then - for t in "${tops[@]}"; do - for p in "${PATTERNS[@]}"; do - if [[ "$t" == *"$p"* ]]; then - filtered+=("$t") - break - fi - done - done - else - filtered=("${tops[@]}") - fi - - if [ ${#filtered[@]} -eq 0 ]; then - echo "No candidates match the provided patterns." >&2 - return 0 - fi - - local -a chosen - if command -v fzf >/dev/null 2>&1 && [ "$USE_FZF" -eq 1 ]; then - local selected - selected=$(printf "%s\n" "${filtered[@]}" | fzf --multi --height=40% --border --prompt="Select files to link: " --preview "if [ -f '$repo_root'/{} ]; then bat --color always --paging=never --style=plain '$repo_root'/{}; else ls -la '$repo_root'/{}; fi") - if [ -z "$selected" ]; then - echo "No files selected." && return 0 - fi - chosen=() - while IFS= read -r line; do - chosen+=("$line") - done <&2 - errors+=("$rel (link failed)") - fi - fi - done - - echo - echo "Summary:" - echo " Linked: ${#created[@]}" - [ ${#created[@]} -gt 0 ] && printf ' %s\n' "${created[@]}" - echo " Skipped: ${#skipped[@]}" - [ ${#skipped[@]} -gt 0 ] && printf ' %s\n' "${skipped[@]}" - echo " Errors: ${#errors[@]}" - [ ${#errors[@]} -gt 0 ] && printf ' %s\n' "${errors[@]}" - - return 0 -} diff --git a/common/general/shell/tmux_helpers.sh b/common/general/shell/tmux_helpers.sh deleted file mode 100644 index b644b4b..0000000 --- a/common/general/shell/tmux_helpers.sh +++ /dev/null @@ -1,34 +0,0 @@ -tmux_window () { - cmd=${1:-} - case "${cmd}" in - rename) - if [ -z "${2:-}" ]; then - tmux setw automatic-rename - else - tmux rename-window "$2" - fi - ;; - get) - printf '%s' "$(tmux display-message -p '#W')" - ;; - status) - out="$(tmux show-window-options automatic-rename 2>/dev/null || true)" - if printf '%s' "$out" | grep -q 'automatic-rename on'; then - printf 'auto' - elif printf '%s' "$out" | grep -q 'automatic-rename off'; then - printf 'manual' - else - # If tmux returns nothing (option not set), default to auto - if [ -z "$out" ]; then - printf 'auto' - else - return 1 - fi - fi - ;; - *) - printf 'Usage: tmux_window {rename [NAME]|get|status}\n' >&2 - return 2 - ;; - esac -} diff --git a/common/general/tty_caps_esc.nix b/common/general/tty_caps_esc.nix deleted file mode 100644 index 7223bfe..0000000 --- a/common/general/tty_caps_esc.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - lib, - pkgs, - config, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "general" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - ttyCapsEscape = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable caps for escape key"; - }; - }; - config = lib.mkIf cfg.ttyCapsEscape { - services.xserver.xkb.options = "caps:escape"; - console = { - earlySetup = true; - packages = with pkgs; [ terminus_font ]; - useXkbConfig = true; # use xkb.options in tty. (caps -> escape) - }; - }; -} diff --git a/common/options.nix b/common/options.nix deleted file mode 100644 index 7bcb038..0000000 --- a/common/options.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ./config.nix; - cfg_path = "${ccfg.custom_config_key}"; - cfg = config.${cfg_path}; -in -{ - options.${cfg_path} = { - systemName = lib.mkOption { - type = lib.types.str; - description = "The name of the system."; - }; - }; -} diff --git a/common/programs/default.nix b/common/programs/default.nix deleted file mode 100644 index e856d4f..0000000 --- a/common/programs/default.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ config, lib, ... }: -let - ccfg = import ../config.nix; - cfg = config.${ccfg.custom_config_key}.programs; -in -{ - imports = [ - ./qFlipper.nix - ./rustDev.nix - ./uhkAgent.nix - ./tailnet.nix - ./ssh.nix - ./docker.nix - ./podman.nix - ./incus.nix - ./virt-manager.nix - ./flatpaks.nix - ]; - config = { - assertions = [ - ( - let - enabledVirtualizers = lib.filter (x: x.enabled) [ - { - name = "docker"; - enabled = cfg.docker.enable; - } - { - name = "podman"; - enabled = cfg.podman.enable; - } - ]; - in - { - assertion = lib.length enabledVirtualizers <= 1; - message = - "Only one virtualizer can be enabled at a time. Enabled: " - + lib.concatStringsSep ", " (map (x: x.name) enabledVirtualizers); - } - ) - ]; - }; -} diff --git a/common/programs/docker.nix b/common/programs/docker.nix deleted file mode 100644 index c3aea93..0000000 --- a/common/programs/docker.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "docker" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - users_cfg = config.${ccfg.custom_config_key}.users; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "docker"; - }; - - config = lib.mkIf cfg.enable { - virtualisation.docker = { - enable = true; - autoPrune.enable = true; - }; - # TODO add admins? - users.extraGroups.docker.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; - environment.shellAliases = { - dockerv = "docker volume"; - dockeri = "docker image"; - dockerc = "docker container"; - }; - }; -} diff --git a/common/programs/flatpaks.nix b/common/programs/flatpaks.nix deleted file mode 100644 index 307fff2..0000000 --- a/common/programs/flatpaks.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "flatpaks" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "flatpaks"; - packages = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - description = "List of Flatpak package names to install."; - }; - }; - - config = lib.mkIf cfg.enable { - services.flatpak = { - enable = true; - packages = cfg.packages; - overrides = { - global = { - Context.sockets = [ - "wayland" - "x11" - ]; - Context.devices = [ "dri" ]; # allow GPU access if desired - Environment = { - XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons"; - GTK_THEME = "Adwaita:dark"; - # Force wayland as much as possible. - ELECTRON_OZONE_PLATFORM_HINT = "auto"; # or 'auto' - GTK_USE_PORTAL = "1"; - OZONE_PLATFORM = "wayland"; - QT_QPA_PLATFORM = "xcb"; # force XCB for Flatpaks (XWayland) - }; - }; - "org.signal.Signal" = { - Environment = { - SIGNAL_PASSWORD_STORE = "gnome-libsecret"; - }; - Context = { - sockets = [ - "xfg-settings" - ]; - }; - }; - "com.google.Chrome" = { - Environment = { - CHROME_EXTRA_ARGS = "--enable-features=WaylandWindowDecorations --ozone-platform-hint=auto"; - }; - }; - }; - }; - }; -} diff --git a/common/programs/incus.nix b/common/programs/incus.nix deleted file mode 100644 index 01f0980..0000000 --- a/common/programs/incus.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "incus" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - users_cfg = config.${ccfg.custom_config_key}.users; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "incus"; - }; - - config = lib.mkIf cfg.enable { - virtualisation.incus = { - enable = true; - agent.enable = true; - ui.enable = true; - }; - - users.extraGroups.incus_admin.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; - users.extraGroups.incus.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; - }; -} diff --git a/common/programs/podman.nix b/common/programs/podman.nix deleted file mode 100644 index 8be88f9..0000000 --- a/common/programs/podman.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "podman" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - users_cfg = config.${ccfg.custom_config_key}.users; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "podman"; - }; - - config = lib.mkIf cfg.enable { - virtualisation.podman = { - enable = true; - dockerSocket.enable = true; - autoPrune.enable = true; - }; - # TODO add admins? - users.extraGroups.podman.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; - }; -} diff --git a/common/programs/qFlipper.nix b/common/programs/qFlipper.nix deleted file mode 100644 index 823ef99..0000000 --- a/common/programs/qFlipper.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "qFlipper" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "qFlipper"; - }; - - config = lib.mkIf cfg.enable { - hardware.flipperzero.enable = true; - environment.systemPackages = with pkgs; [ qFlipper ]; - services.udev.extraRules = '' - #Flipper Zero serial port - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="5740", ATTRS{manufacturer}=="Flipper Devices Inc.", GROUP="users", TAG+="uaccess" - #Flipper Zero DFU - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", ATTRS{manufacturer}=="STMicroelectronics", GROUP="users", TAG+="uaccess" - ''; - }; -} diff --git a/common/programs/rustDev.nix b/common/programs/rustDev.nix deleted file mode 100644 index dd226fb..0000000 --- a/common/programs/rustDev.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "rustDev" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "rust development tools"; - repl = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable the evcxr repl for `rust` command."; - }; - # TODO? - # channel = lib.mkOption { - # type = lib.types.str; - # default = "stable"; - # description = "The Rust release channel to use (e.g., stable, beta, nightly)."; - # }; - # version = lib.mkOption { - # type = lib.types.str; - # default = "latest"; - # description = "The specific version of Rust to use. Use 'latest' for the latest stable release."; - # }; - }; - - config = lib.mkIf cfg.enable { - environment.systemPackages = - with pkgs; - [ - rustup - gcc - ] - ++ (if cfg.repl then [ pkgs.evcxr ] else [ ]); - - environment.shellAliases = lib.mkIf cfg.repl { - rust = "evcxr"; - }; - }; - -} diff --git a/common/programs/ssh.nix b/common/programs/ssh.nix deleted file mode 100644 index 6b0cea7..0000000 --- a/common/programs/ssh.nix +++ /dev/null @@ -1,97 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "ssh" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - users_cfg = config.${ccfg.custom_config_key}.users; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "ssh"; - sshPortOpen = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Open the ssh port."; - }; - fail2Ban = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable fail2ban."; - }; - allowPasswordLogin = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Allow root password login."; - }; - }; - - config = lib.mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - openssh - autossh - ]; - - # Use fail2ban - services.fail2ban = lib.mkIf cfg.fail2Ban { - enable = true; - # Ignore my tailnet - ignoreIP = [ - "100.64.0.0/10" - ]; - }; - - # Open ports in the firewall if enabled. - networking.firewall.allowedTCPPorts = lib.mkIf cfg.sshPortOpen [ - 22 # sshd - ]; - - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - settings = { - LogLevel = "VERBOSE"; - PermitRootLogin = "yes"; - PasswordAuthentication = cfg.allowPasswordLogin; - }; - }; - - # Ensure SSH key pair generation for non-root users - systemd.services = lib.mapAttrs' (name: _: { - name = "generate_ssh_key_${name}"; - value = { - description = "Generate SSH key pair for ${name}"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - User = name; - Type = "oneshot"; - }; - script = '' - #!/run/current-system/sw/bin/bash - if [ ! -f /home/${name}/.ssh/id_ed25519 ]; then - if [ -v DRY_RUN ]; then - echo "DRY_RUN is set. Would generate SSH key for ${name}."; - else - echo "Generating SSH key for ${name}."; - mkdir -p /home/${name}/.ssh; - chmod 700 /home/${name}/.ssh; - /run/current-system/sw/bin/ssh-keygen -t ed25519 -f /home/${name}/.ssh/id_ed25519 -N ""; - fi - else - echo "SSH key already exists for ${name}."; - fi - ''; - }; - }) users_cfg.users; - }; -} diff --git a/common/programs/tailnet.nix b/common/programs/tailnet.nix deleted file mode 100644 index bcbe53f..0000000 --- a/common/programs/tailnet.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "tailnet" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "enable tailnet"; - useHeadscale = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Whether to use headscale login server."; - }; - enableExitNode = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Whether to enable exit node."; - }; - }; - - config = lib.mkIf cfg.enable { - environment.systemPackages = with pkgs; [ tailscale ]; - services.tailscale = { - enable = true; - openFirewall = true; - useRoutingFeatures = if cfg.enableExitNode then "both" else "client"; - authKeyFile = lib.mkIf ( - config ? age && config.age ? secrets && config.age.secrets ? headscale_auth - ) config.age.secrets.headscale_auth.path; - extraUpFlags = - (lib.optionals cfg.useHeadscale [ - "--login-server=https://headscale.joshuabell.xyz" - ]) - ++ (lib.optionals cfg.enableExitNode [ "--advertise-exit-node" ]); - - }; - networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; - networking.firewall.checkReversePath = "loose"; - }; - -} diff --git a/common/programs/uhkAgent.nix b/common/programs/uhkAgent.nix deleted file mode 100644 index 90a9c3a..0000000 --- a/common/programs/uhkAgent.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "uhkAgent" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "uhk agent (ultimate hacking keyboard)"; - }; - - config = lib.mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - uhk-agent - uhk-udev-rules - ]; - services.udev.packages = [ pkgs.uhk-udev-rules ]; - }; - -} diff --git a/common/programs/virt-manager.nix b/common/programs/virt-manager.nix deleted file mode 100644 index fb837b1..0000000 --- a/common/programs/virt-manager.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "programs" - "virt-manager" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - users_cfg = config.${ccfg.custom_config_key}.users; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "Enable virt manager/quemu"; - users = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = builtins.attrNames users_cfg; - description = "Users to configure for virt-manager."; - }; - }; - - config = lib.mkIf cfg.enable { - services.qemuGuest.enable = true; - services.spice-vdagentd.enable = true; - programs.virt-manager = { - enable = true; - }; - - virtualisation = { - libvirtd.enable = true; - spiceUSBRedirection.enable = true; - }; - - users.groups.libvirtd.members = cfg.users; - }; -} diff --git a/common/secrets/default.nix b/common/secrets/default.nix deleted file mode 100644 index 047b382..0000000 --- a/common/secrets/default.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ - config, - ragenix, - lib, - pkgs, - ... -}: - -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "secrets" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - users_cfg = config.${ccfg.custom_config_key}.users; - - secretsRaw = import ./secrets/secrets.nix; - systemName = lib.attrsets.getAttrFromPath [ - ccfg.custom_config_key - "systemName" - ] config; - authorityMarker = "authority"; - - # Key matches this host if its trailing comment contains "@" - matchesThisSystem = key: lib.strings.hasInfix "@${systemName}" key; - # Key is the authority key if its comment contains the marker string - matchesAuthority = key: lib.strings.hasInfix authorityMarker key; - - keepSecret = - attrs: - let - keys = attrs.publicKeys or [ ]; - in - lib.any (k: matchesThisSystem k) keys; - - # Any secrets that should be world-readable even after auto-import - worldReadable = [ - "zitadel_master_key" - "openwebui_env" - "vaultwarden_env" - ]; - - # Keep only secrets intended for this host (or that include the authority key) - filteredSecrets = lib.attrsets.filterAttrs (_name: attrs: keepSecret attrs) secretsRaw; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "secrets"; - }; - config = lib.mkIf cfg.enable { - environment.systemPackages = [ - ragenix.packages.${pkgs.system}.default - pkgs.rage - ]; - - age = { - secrets = lib.attrsets.mapAttrs' ( - name: _attrs: - let - base = lib.removeSuffix ".age" name; - in - lib.nameValuePair base ( - { - file = ./. + "/secrets/${name}"; - owner = users_cfg.primary; - } - // lib.optionalAttrs (lib.elem base worldReadable) { - mode = "444"; - } - ) - ) filteredSecrets; - }; - }; -} diff --git a/common/secrets/secrets/github_read_token.age b/common/secrets/secrets/github_read_token.age deleted file mode 100644 index 3ddcbd6..0000000 --- a/common/secrets/secrets/github_read_token.age +++ /dev/null @@ -1,42 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBJRmpU -K2tCT1RTNzBhQlNzSHlIZDB4UFNCRDhiY1puVHQxN0QzSDNIbWhFCkdPVTFLYUcv -MW1FMnUyVG9xVE5KaVJQWlhFYmtaeGl2RGYyWWhtbEtTTFEKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIDBNalFocUZXRkZxMU10L1pWN1I5eUlGWXlrMVNLazR5RExycnZJ -K3BsaDQKVlZCUjRNL1hvMXFjRkd1VGVZNUp3ZnZBdW1qMEFpY3ZhYWFacmlZZEFa -SQotPiBzc2gtZWQyNTUxOSBTcENqQlEgSWRpT3BZZ0pHOWZjWkszZVg3OEZaZld5 -d2hOdXpYZ2tXVThMb0FTK2ZEQQpKY2xXT1dDeEp1LzlDcnoreVNvSHdCL2dDVFVs -bUUwQlU4Y3pXV0F1S3RNCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBrMFJOd0xrcGp4 -TkpxTW1DZWUxc1BQVTc3S05scHEzQ2hVT1I3bWhQVnlZCkVZQ0dZMm82VG81Yzda -MUpmWjZRUUx3NVBwVTlUZmtaS2JJem5ETkR6eVUKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIGhoSVhmVVNlc0toR1pBemk5WGp4R0NYdFF0dWFjVlpVcWRQT0hIUlNhazAK -czdFNlIydWFYSnBuTXNBQXE3eTZtUTBpUUJrdFFZMUZldFh4TXpVWEswSQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgYXp5MElHS04vVlV2b1RoU3RRUTRCeFlHWjRLajFt -L01Pdi83YnRjNndWTQpFVDk2djEyVFVaUHQyTGliZDRFM0Y0Vi96STFJR0Nqa1hn -a2VYVFhzelNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBET2dPUk5rYm9wVHczaE0w -L2hpa0F3emZqNDBxR2c1OUVVNnBNeVc1SzBRCmhIWmFKTnl2TFFBRUpyejhEMFBj -cVR6RkZHS3lpZzd6MzgrQml5QXpWdjAKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFVk -cE1YSS9rdzBsTk0xNGtlRjJSV2llNVhYOUsvdVVFam1wUU82czNTUlkKQTdLcFdk -akErdWRrUXZET1hjL2J4UFJzdkNFVTlEUWJFWTFaczQ1VmxDNAotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgQVNMandOOVFiN2xuQTd2MC9UUmt2MVg2YUlzcHBHaEJBWG1E -Y0srMU9UYwpGQnh6L09qY2JvL0tqcGNnWldkWUVzRHk1QVJvN1N0YlRVNCtlMlV6 -MUNVCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJR0RzZWpCNHNHcXBhQVErVUwxcG9t -K0M5RSt0M2R6SFpwYzB5MXZFQVM4Cll2NmJrQkMwNkFGbWM2bHJ2THhNbG9XS0dk -cmEzWUFCdXBLS1dyNWh0aU0KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIElaN2h2aHRO -bDRtNUlrMlNmOWVSYlpvR2VVeWRxL25vMnFjVUVmc215ejAKVlBmcTFtN3BUZXJx -eUg0eXY2S3V0ZklGNzFnK09yRUJacnZYUllkUzF0bwotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgU1J3VG1lVDlCNmNVZ2hZbXI4ZDhZdE9jYnNkNHpQclpqQmdGcFhuYTBI -RQpkMnhjZlYrWjBPZVk0UGt5UEZmQzZoOUxSVG8zMVl6MlZCT1JneWJuWVdnCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSA5RldGVWx4aU9ZVUNQdlJTRUVqbS9CajlnTEdR -NFlCZnEwSy9rRGNIM1RRCkxKN2FUQTBVbVA5SnVZSDlGcXFKL0M1NGhONFhLamF3 -Z0VNZ1VSSEFKSlkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIElkSFNJWnZ3WFA3V1J0 -aFNqN0RTQUEvNkRkeHI5QkR3K0RuQ2NnZTFQU1UKb0dKd3gyYWdPd0NyUEZDWUhB -eUdaZzIzWEtkNGdUZzZScWpOUzN6K2dCTQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -eGNINUY0UElXbUQvUklPY2c1S1A4OXh0UWRsTjFGUTg3dW9BM0dyTVgwNApyN3pV -eHhUSnAxZ1ZpdmUva0lScWJxNGFWZDRMdm8zd09kay9ORXdOVkljCi0+IDMtZ3Jl -YXNlCldFN1JnNGM4Vmh1dE5wZUNGOC9NdktlSEFnCi0tLSByVzE2ZHZSdXRxQTZN -SjRTNlRtUHlRL2JPS1Yxd1lnalFFUGlWR1lKTjZvCgfzY9S+Cm6zaEAcrAr3fsev -9enyx9OmVTIIZltr52uqCYbWcsuCkDjHtwR3NXiSQB2HWhNe38l4l2K1+HGcoS7i -2TMD7o9Jx6QoWLHgmrn/zXL/VKyOj5a7P530AMzdqcgJ4U8641VN0W7L9u1Cw5EB -Ujzb1rKthf+txuP04aWYit69ZBdH7r+VkOGghXngwvBapwFF8AGUug== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/headscale_auth.age b/common/secrets/secrets/headscale_auth.age deleted file mode 100644 index 867be94..0000000 --- a/common/secrets/secrets/headscale_auth.age +++ /dev/null @@ -1,40 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBvbGZC -ZFZWZ2ZPWUlNdEZCSXBuYThubHpiNkFzb3Jldlh1QlF0UTZ0NHlZCjlHSTVrekQw -MDBsaU56Yk9IQVZaQWJDMVNoUWFlQmpJV2gyTXBXNEhNdDQKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIDU0eDdqTStiUUlCUUcrYWhDWVRSQmxPNEIySk9NallHaVdNVFg5 -YXNPa1kKQ25PNGxjc1hid25Nd2R5RCttbHN1ci84T1pmQ0ZkNDM0R3FLbGdHRnRm -OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgNjR5WkE4eUQrUGk1NHFMY3BjclZKWkd2 -TVd1QVNoVm96QkcwcHZmdG16dwpRQjY2V3dOOGo3VlJ5aTNLS0NqUVJ3VHNTWC8x -V05kbm5yQ3F0MWNFM2ZJCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFeDIrUWEyYjVw -QUdjSlBWQ0Y2N01uL3hxTWJiNkdCVkM3UTBZbDhBZWhNCnRraHhUb2NEMzJWbWl5 -SjJEenN0VjJCWlM3TXEyREN0ZysxSG9Rak9hMVUKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIGxYRDJta0x6QnNkTXJnQmZwWFlRL0wrNS9EUS9TVDJMRFhZWDBUKzRWaWcK -VXlwL01IYTdTTTY4Zk1FOHBMc3E4ck1DZHp6aHhEaXFBWFN3SGErcjhmUQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgVUozU1kvVVJsZ0F2Nnk4bmZnUUNyTU8rM1FCRjFY -bWVBZWNNUFZIcFQyTQpzK0Z1SXVFQWhFSnp0UGs0RHJIQlZrUUtlY0ZFTjdwSTZS -MXhjSTNpOHNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBvQkd5UlNUakhGY0dkRFly -SU4vM3A1Sm5xNnhIZm5PUjR5WFNLZ1ZmL21NCk00M3k0RnNjL2dkRVd6MmdGSW1G -aGt1dmwxN0VTQm1zeklDN2MzRmFqSUUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFBQ -TGdvVjdEaEJDQ1FxbjhTOVdZTVdjLzJhc3lwdy83UHNyOWJPNk5ZRjQKMTdNemRQ -L1h6Tk1EVTdZcnFPRVdEZjhnU21hLzcrWk0zS05YSTV3ZGJQNAotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgTFcyc05mMnNVdWFDQWZUMGN6OWNZeGkrWlMyakV5RVhHaFJw -bmxiZ0lrYwozcit3dU84L0lVU0JXbVN3YnJoK0NPOUZKS3EvSkNPQ3FCWWhYZnhx -azhFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBNWWJtTlVQTUo1SFh4b1Q4Vk8vUHdG -V0xLWjRXdVZxVVl0L2JMeTBrdWxJCmJvNGJ5Q0JUR0g4Q0pISmxTVll0OHl2dTFJ -dlNtR1A2aGVTUEZRMU5Hc1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFkxendRYm0y -aEc5dTAwQy9pLzBrbUpVVlpFbnlDdlI4bGh0Zy9oMmtVWHcKNDZuaTBDV1o5MXFV -NlBLVzlqc0ZzOUdMT3c2SmRYV3hVd044bzZoenFqVQotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgQ3VDSnNLMHc4N0dCQ0NOY0lscStpeHlKdXA2UGpqRVhjNDVzV0NCQUx3 -VQpkeU9FOE13bFlaQ0ErWlBFZ0VWWTVZZElQdEg5UFo1SVRSeEhqRnk2NEtFCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBaREtQS2ZsSmxSQml0bkZzd0prUXdvdkhBZzhY -VkNRZWZqdVNvODIxMDNNCkJVMWZUc0o5Q0g0Yi95czFaVkhwejh0QW5HcXZ1Tmdl -bWFKSUhITkxFYlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGlNcjZMWEdjdHNpNWNl -ZzlrNklvVklXM0tDMGVnRWhuL3BYV3dMa1U2ajQKd2owZXUxSGlIVUI3cFRxbjA3 -eWFhZXVudlBpQnRMTEVwZXhSSFgyOEsvSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -OXR4MFc0eDZQQ1IwclIxYm9kYk1DSkZBZ1RDMm4wYlEyb1VrRTBaNmpWNApwY1pu -RE9VTU9Mbm9Ea0twcnBNRUc5ZjdzYXRyRmw0MlVHZDZmTVVLZFBrCi0+IHwqflMt -Z3JlYXNlCgotLS0gNWpFR3lvdmVsN1V2WG01aHN2VjVUeDZORzRpRDZGK0RWTFRM -SytLcVZYZwrYTHZo/oozQZasJAFNVb3ZrSAjREvZzRRyz6Mj71Pj2H+dbFz9sZ+c -+B4DEN/4xfhm5FUsU2w8VCQ/E+186igURD2AyhUZxNFFVPUPJKUM9rY= ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/linode_rw_domains.age b/common/secrets/secrets/linode_rw_domains.age deleted file mode 100644 index 70be86f..0000000 --- a/common/secrets/secrets/linode_rw_domains.age +++ /dev/null @@ -1,43 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXV0xI -dU9KUHlVWG1uRWh5ODUydVRmSTMrWXdsRUg4bEFldmZtK3M4WkZVCkNYaTQxM01I -Tld6YVJiMnN3MVF4T2RHakRDT1Q5U21zNThPTUJkWEc2TWMKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIGp4d3ZqcGxHM2ZDUmVUcHJiWGI0WXcxMVVCRkhOMm05bDNVQXN4 -RFFyeTQKL1FiSmxhZUZOMzRqaTdkNUNIMVJJaU1XbDkydHJpWkhJUWx6dWI3dnZs -VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgT3pxVzgvMkZ3ays4cm1WWVkwUUVIT3h0 -UDhxL0lzZmN6WjNjbE9rT3JCQQo1TldzNExWSkRTQUtFeHJVcXRyWmJkVmhtRy9Q -a3lkcEUxaUhJbUhvR2gwCi0+IHNzaC1lZDI1NTE5IEY0YmI4ZyBORFZ5K0xoWmxy -cEE2bmFmc2RoUHZITDhhVFhYdG4zbWpISnd5UUt3VFVvCkRvNi85TXpPRWZKS1VY -VktuaWhIcXhEaXpBTUtQRWpzYjFwNW9oMUJQYU0KLT4gc3NoLWVkMjU1MTkgd2Ry -WkpBIDMweFFGSmdXbXMwM01xN3BvZVdCT1dqc24yTGtZeDM5aXhZSUlMOGxMd3cK -M3BLTTlkdGRKM3FRMHhuSFNPdmtKbFRsQXdqRjA0bnczNDlGVnoyV1BzQQotPiBz -c2gtZWQyNTUxOSBCWUtHK3cgYTFNM3lTdmxSM1Bta2dPcTFQaHdMYjhYRlhBZFhR -ZTJXTnlHWE9uMEZVdwpwVnNCaHFSZDR5MytVeXpRYVd4RHUvQXhvN1VVS3V2Z3Iw -Njc3YlgxSWpJCi0+IHNzaC1lZDI1NTE5IFh6Zm1hUSBONHcrcE5JYVV6UnBFNm0w -TXpZSHdIN216bzVxREhTQWpJSFlmU3ViWEZzCktKcW5vSmRZRXJVL1RUMUFoYWFh -VFlOLzFwQXpBUzFoYzFRNWhGMitCR00KLT4gc3NoLWVkMjU1MTkgNWFkcU1nIGFp -MGhSOS85eU9GZ1RGWGNVZWV4aFBFNGlvY3Z0RzNBcThjSTBFYWkreE0KL3d4SDVB -eUc2WTdHRXdGa0l3eWk3ajJsNThFNk1mSVEwS0xGMFo2WW1qMAotPiBzc2gtZWQy -NTUxOSBaZTFNd1Egekk5Z25lRjYrYlhDRzNyY3E0MUR1bHI5a2hoZGNoWnNjODlN -K29tbUJRNApZUDl2M2E0RTVRRFlINEgxRkd3Q2pIandQNlBhVTZiRVhtQUlPS1NC -RHRrCi0+IHNzaC1lZDI1NTE5IHBlRkJRZyB4OGRJbGVLOFdSaXljcC9tVjBkUjlQ -ZE9RSzNwNE0xK0w1bDdmay9JbFJFClRRa3JRSzZVNmNOMFR0WUw5MGxRalNlakJE -bm9MOVFMSkk4RGFCWGdrY2sKLT4gc3NoLWVkMjU1MTkgOXYvMkhBIGQ4QXhoczRI -QnJRTGFjanFBenE4MXRqUTRSQkFPUmNiSkJGRHBpQjVxeEkKZjBOcjRMVVBqZ1dp -L2Zjak05eVE5YVMwVVRNRkk1aHEwSkVaWE1ReWU5awotPiBzc2gtZWQyNTUxOSBS -NSt4ZncgYzhHdVZINWYyNjcvNE02NUozc1k4SjMvbTV3MGZNT1VkUFVXbjZlaHJn -UQpGV0IvTXNDQUtjeWtIVGhEdmdsRWNRQTZDdGc1NGlYdVVudkNCaXlPZ3RZCi0+ -IHNzaC1lZDI1NTE5IFJvWDVQUSB1NnVjSWdUSCtsMDRjT2p6TXAvczVaNnFXQ2dL -bTFNMDcvRVJzV0xVUVJzCnorNTlvUGJlcGk3ei9CdmxNczVsOU9DUjdTWjY5VE03 -bnVNUnNHcjkxSWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGhyM0x5MVhiYUQvbmYz -MnVHTWpjYyt0WWQ2c2FzSkYzS0U1UUZRdXZSQkUKU0VZV1NJaHNhS1djZTY0SW9N -VGhObDB3ODg2bVVxcFRwUFFFbFBYaG01RQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -VFRSajdzckRtZU9ZK0dwcWNld0F4Q0RCb0JOOVJBWTU3Sm9WQUh1K2xEawpXQW9X -WGYyRnNMcmZ0TFZ5R0FaYmdqMENPVmU2b3B6K00rUFYzQmxEVFdrCi0+IDs4NnMp -bCktZ3JlYXNlIEVkR1IgKgowVGZnVEg4cU9kMmIzdWFZeE1nS2RCYVNXV1hHb2p6 -WVpqLzRzTWVOb0owbHhweUdpc0pHQ0lRY2hMQXlqOXpFCmJhR0lBWFo5L0JGeTgw -QTlHcVhIM1YvOC9UTnlCeVA4a3ZNcQotLS0gSHYyY1BSc0NqRExDL0FWSG84VGhT -OXRKaThvamhmNTdiUjF0QnNRTGkzWQo3Bxz+qj6gbLsTNNM/3Dp9ppYrGXHccgee -o9KJs6L9AadYB+PrcseM6DtNEhupvy8zXP6txbVbfP2Xus7j2sXmj9uM30HUn60i -4XRoL1snQIhfjP+YNp0QkvkHtZvXzraM ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2bitbucket.age b/common/secrets/secrets/nix2bitbucket.age deleted file mode 100644 index 0dd3a93..0000000 --- a/common/secrets/secrets/nix2bitbucket.age +++ /dev/null @@ -1,50 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAxNHJi -QjBYYnZsZTl1OXRwUDRXSGx4MmJOdzhHZXY2NUlaQ0hocFdlV240Ckw4U0FNSGFt -SmF1aW5mM0lseFZDUDR1ZkgyRFdkbHYrUHdITWUxanBrWHcKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIC9vS1U5ajZ1MS9sdFZZbWs0cmlvc1VQRVNLZUxiQkRrS0xtWWx3 -LzMxQm8KdmU2V0pqZnNMajc4SVk5Skhnd0VQTmViMERIMWtqMEcrUGpHTXkzMGk0 -QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgS0FzbGFCY2xtQjdlQ3p4UjJjUVdNRGsv -ekwvcWhEK2o1OFkzYW1zMy94ZwpSQTlwRVlKb2x3SlR2QkEwSFlhRi81bGRObWhw -OU9pdVBJcWRyZm8xQWpnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA5ZGMrR0xRcXJz -STlKbGhEYkdOYlYzZHBmZkJHUTVYSndEZk1ab09Pb25vCmJWVDZCYmVTSW5nRTVX -YzFHTnRMeGt5WE1Ydk0vZ3l3K0NhckwzbU5kN2MKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIHlJZG02U1JaZkVxVnhSc2VVZ21sdmJlMUh6eWhhK05lSkhES2J0L3JEUUUK -K3FacHVNbEIvWk5QQTV5RHpOU0tpYitJek96YjF1a2o3dTJmTnZya3lpSQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgUmcyWU94VEI0Vm1vUnpBWW9ieTYvQjFBM0hyY0ZU -QWZoaUFmSTRlTEFIZwpINEFkeFJnVVNINWlBaS9UK0V5aExoMnY0TDVjSFdITEJi -dzFpdm9wRGJBCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB0MVR0bE9tMEw2bzc0SHpY -N0JFWXFDbFJ3M3Rab2VtQUlLeUNUU2l1aTBNClNPTGpSTnFGeXpBcStjdnlmWllx -K20wdUVVVlZnb1FJbEdlQXVTWWpudDgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDF0 -ZFlkaTNOMVNsV29rREJpaUdXSnFuQTlyd3pyM2I2bUtPL0ErUm9wR3MKenNsdEhl -TDVjSmdQSXR4S1ZWR285RTF1T0hhNEg2TFZCUXAraFkzdXo3awotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgVVNrblluWm1Dck1yelpURWZoeVFjaUJFaXdkZldOcCtFVzJQ -ajZUTmVsUQoyUmI4Tmttc21HemZDTmdERFhxZXlpdG1RVStiems5cVNaQWNIM3dv -RlI0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyAvS3AwTW1kaUtlQnpjaXByQU1uRVM5 -RDgzMVhBSFRWSVdwczhxVXdUWDBFCnBDNjEzU3BUcCtRM2tDUVRBb0Jqd1pkK0Zo -WWJEb2gzaUlPTGRsZVlzZ0EKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHRnQndCVU9J -ZlQrdi81b2J2cmNzdXR6NHI0bW9LaHJqRlprTWZJM1RiRm8KSmpVQjF2U3BuVWVz -Y2orSlc2dUYrQWRYSHFPb0JRZloxZHo1KzduQkJycwotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgVG9LQnRwemt5T2VSVFBVK21acngxMHRDNDNxQlFxZU92NzRuK2U2aUwy -OApXamtRUENLSVBBM2ZmSVNtWkh1TW41dEQrRkNYQndBcUlOQnU2Ky9BMzA4Ci0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBveE5LTWhRZEhzeHBQVmo4amNBTzlHWlFVYURx -T3plT0lPaEpsb2F0RWhVCmh3aCtsU21zV0pYQzNmU3VqUXhhOHlYVEhsWDN1eHpD -UjRjVkEyTVhrVjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDNMWEtrbWh1SWRwVUc0 -Vm9uYlcvK01xcEdSWkZuZzl4eng3NjlwRXNPamcKYlArYXkxYlMybTE0UnhvempS -bmlncUJtWjVZMWdHY3VvTHNvdExib2lzYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -ZnJtVEdzL1RFK3M3TGFpVGo1Mi9aN1pLRS9TajQ1MlNqODVad1M4ZDh3cwpVSWpy -elZlT2dWTmhFaWJFUVFXWU5pT0dlam1jU0R2di9TUzVjUlY5b0RnCi0+IEJ6cnpI -NVktZ3JlYXNlID1YU3I8WkNjClRpZ2dHWkJIaVZVVkNwY1JwOFg2bTdzTnJBRjRs -SytLdFUyRldoTlpHSkRPY1ZQODRYY3RiVS9VNWtPeXBIc0MKeEdJY3UvTWdEZTVa -RXNvCi0tLSBLcUNEU1JhQnRCK0RMS1F3VEt1Ykl2MkhROG02NmY5bjVIem1JeWdQ -TXZnChn2UP3yo7fmH9JimBCsA8X6WLurks8pKMf5lb/yh92Uj+mbIz5R07Fpq0aC -nLa9VhNeQU4nYkotJUVPRGhBlh7xaVRoeaRfRy8n34TKNU+PQUFz6gv0OHkMDOKh -B3Z73OAJGaFAX1Q1SlM96ejHVMRdr8SNQao9QJvZq9EXyrejV1L8oS7cKHObfkEi -ylUPlNsH375zQ+rizYqO3jLBGNXpK3RTOX/3xadbAeccyBLrSaoE+eQi2nba2fSb -iLd6xNtltmDy4AzRwpmMPpD2EUlTV7iBCBlstK6v7k+VOAyH0PGIXTVUlHs8VORI -PHx8boVaGNn1b3XSD3CTflCRHxo7gSfXzcDEnfIbPsz97Z8GdQmV6fqIoWyWS3ZM -DFYdS7VBuKA7lUy9fu+UbP6OFjTu05rg35OcM6uzF6U4TVbKrGzaeyZzrokcXCbo -LNYJaI0FY+/bznL8/YqU/EJsAzgSZLApIzo3wLJhd6YK9Si17Lgf5N8sfUvHN8ax -naRZp7SlPmmzyhO82KwI8FXM7E+0mZ3CjfiEUmq9dz2plRGJaWCdMJ/SUv9EcTvG -Z/Uo ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2gitforgejo.age b/common/secrets/secrets/nix2gitforgejo.age deleted file mode 100644 index 9e9ac24..0000000 --- a/common/secrets/secrets/nix2gitforgejo.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBtRTlJ -RHRaRVFZZ2Y2Uzl5dEZXSnplMlpYdy9UVVdvb0dSVFNGd25rcHhNCmp3ZHFneUJU -eW1PaGlncUdmVHNWblQvbkVxUDJpQ2p2OFJFVGtNb0pZcXMKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIGdJOTRGVktSY21ob0JKam8zaDN0bkhIQjNieTVEcFl3aVBpSjhw -Nk9OSGsKVENrTkd4cmdaUnE2VWR4SU1ySWdvZGo3VnMxTFo2dklwSTFieUwycTdr -RQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0plOWVNNTNNTkxhSVN6ai92aTd6RFJ2 -WjFRMzdJUjAvbDN6MHVOMTNncwp3bVREblZMUE12WEVaOGpLVDBYZHdILzQ2UVBI -V3MwTTFwb2dwcDMxSFBnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2L0NONmxjcGFr -T0xaRnhHQ0FFVVlseUtKcWJZbi9ISlZIclVOdTRNRDJBCitWRDBvQXdackV6QTRu -S1FPeXdLZGpvbjhBYllVY0UvZ3JEWWQvMHNOS0UKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIG9XOEhybjJFclFKWEhQeDlrY0xVRHZOcHQrK2RWa0hsZTc0eU1qRWlNMTAK -cnpLdGRDejAraERuNnVlZDBVV202TmdlSVREMVlPWFhpckdPY3Q4OTY0UQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgQWk4Q25xSFZSbHo1NDJ5VnJWcVN5L2NIQi9SQVJ2 -aWtWSHR6azk3QmhEYwpXQUtjb1JZSHNuOFZHWFZYcy9HdktJVGpvQ2xuQXU1Sndi -YlRWYWhiVmd3Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBOZWtBQ2NDVmViYm9uZ2hu -akhMVzNlQ0hiNWEybVE0dTFwWGRpMlZGZlZJCkJncE1nTlZTaEl2dW90bERnQUhO -SWd5dzhYa2RMRVRFYS9rdkdEVTZIcVkKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHNi -OVZVblBBdVFuVE4xVGt1UzlMNDVtWGdBakVJaDVjanhmYWVPV3RXRjgKYTBOREpS -bVowSHlySFg1QWJFK0pPdnZJS0VQcjdXdERRbmdsOUFTeldMdwotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgdWY5U1BNTndYYWwveCtjeUxHOERGTEhMMXlSSEpyV0gva2pw -ZHNzSTRsMApQSm5BUmdMODZ2YmVaaFNxQVFaYk5KWFVEOVoyQjBQQzBxM2kwZEl6 -eXJjCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBVbG9ONlVPbW1QNmxENGJERGs1VEJU -Q0FhMlowVlZVVG8veG5tUWt2T0VJClJPZUY1T00vZitSRmdhWklrY202ci9yRG9M -RDRiTGpKWis5ditDVjJIRmcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE1SY3pidWpw -TmVNbEV0ZXQwTDkzdEtkbVIwd1BrSG10UVhBRUY5VUt2eXcKSCs2VEc1VXhXWXBY -UHdRVFVtaGJUK2tBWWYvQTk5V1dEcDVReFJ6WkNJdwotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgVE51VHdqeEF5ckRqTUVGWGw5SGtkRGJCd0xoZzdNbDRUajZPdThCQk8y -cwprTW9tU2Z5d1RVRWNkR2M0WWNCRTRwb2VWcDNQdHFCWDBHZDhINUduN0djCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBOZlB6aHRWRmthWkpuekNza2tBUzRiNGFkSTUv -WVRNRGFKZXZ1Sm0rUDJvCjV1dzlyTFZxYndvZ3BKNGU0K0hwK2VhSmNYcmFHZk41 -RTlscS9uODR0R0UKLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9sLzYvYnVpenRFUlZO -cTVmVnBpLzIwNlJrU0xYOEhKWStkOGRDU0dkVFUKbjlVQTlsRnBCci9ucUNMNkJC -WWpueFlqclA4YVc3RVpXeWZDQ25mWEE5YwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -bjJNa0RIcGZWdkxCUnBsU0p4L3lwUDdia3Q4L0Y3cllYVGJuQ3pZcjV3UQo5SGxu -SlQ0cFVOM3ZRZ3l0SkdVdk5vY0NLcVUrRXJ3SU5SekxaM1NWYy9NCi0+IEdTTEFp -OSF6LWdyZWFzZSAoJmR3Vi4gU3A/ICNuLSA7Ck9ZSjhhci9nVjl1L2dIR0twUm1i -NzRSOU1DM2Rwa3RsYnp4ZQotLS0gRGVpRXZiS2Vlc25HN1M2M0kxbUo0Uyt6OHgr -Q2loS1MwVzB3Uk9mcTd3MAr1KliXDwBENE5rxqhvy1XX1d59XdiWeqCepnPm78ET -YbVM6FN9H6UBwiwClc+os59UY1lxNyjvefVOfW4V0Jpo2f2aFWdsJxoJWSdomKzG -N2wQ4Yq8ESeuz4g7pwxWB3RsTr0w6Rnzuf7D4Syg9rpX1pqVinFhLOki1aK3ZIdk -tqhjkKFgWQbBM/6540W14uw1fPTIcdX8v5KHbTc9XyNA2MHamFc1GooYduqL6Ylr -ij3hM7/z+TdXxGu3+kqs3Yh5MFd+ePB+LFgAqiW3gv9nD5RmH3s/x8Oip+RLpoTw -7fwo8wgHByoDK6gz2SAOZ2Q/Px5YBqivleT0oVdrd/quLN5lU2aQt3OANTxzF+bP -DaAWwv/7pTaLB7lyqCTSw+C+UmgVXmnOi2MO7ex3tImNzwGVQfZG9mc5k13ltwsq -uxC3T9l8+fuo4iFUwCXfXlm3ZmcIcpjYE6rOlV4Y2EdmwwvwRhMljWf2OfNHlq4e -hLtKvsHf7+pMAX0ZsZMig6KH09V/RtGUr9KBWVG8CABPnPJBIzlGZPJdmO+G5eAx -cEUUkJzlcSCF6SDo1zG7QcT7vRSX4FjvOY579w== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2github.age b/common/secrets/secrets/nix2github.age deleted file mode 100644 index f56d0f8..0000000 --- a/common/secrets/secrets/nix2github.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBYU2N0 -a1MzODQzb2JUbjJyQ0xTbUxlbjhJOExjNm1JOFd6bDNNZEp1TlJ3CktCUXFwWTJ0 -cUZVUldoRStJRHc2cjdwa0szQ0VPZTBsV0NiK2ZmQUQybW8KLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIEk0R0lSUitzVkRQb2hQamt3cGdQK1ptYXVkUkdXb2w2N3VsY3hY -emdNM0kKYXhod0FVMzJ4dFRCZXZBQTBJcFc0RWRsZUdqV1FkSldkVHFnbU50VlNx -TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgaG5Fc0VOUHdJWlFsRGtOSEwxM2RHZHdh -anVJZWlOZ2dBRStmRkc5WU5nTQpiQzRwMnBIVHJoQldJeEdrOGVha1phbGRKZGZW -SGZiWUV3Rk5XdGxUZjFvCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAzN1A4amFYM3Jt -UDNidlBaRDdpSTNLb1dmTDY5VDArc24yUWcwVGwrenpnCmoxVnlEMTFlZFhEeE92 -ZHJaeFJCY25sWTM4NWFnQlhpbCtodWZyeTVoaVkKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIENONGFuM2ViOHRGa1gzQS93a1RTaXkwVFlYd0tadG1nOFhra0VHa0Jua0EK -OElXcXgxd0FuVys4eUZwSXA2eCthRFNRTWpmSDFLU0FqSVlCUDJSNVJCOAotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgOUtUeUFubGN2RUp3eGM4d1J3ejFaSXdaeWg4MnBu -VVNmUE9VRzdUNThtYwpVazRGNS9GMytrOGdBSVJhcWJ3TDNDUWVOMHFBd216a3dB -UkJmNmpSSkZNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFaUVFcE1aVnNrekwrZjdN -L2ZYZ0JreGRRM3FkYnFzdlViVk0zajE3ZFVRCjA0OUlLczBmaEJMMC9EU0k1K1Vq -Wmk4eC9wbXdvWG5UTlNMYlBiSTN2RVUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHdI -RHY3U0VuekdYOS9FUVhBQlVtUlNQTDg1dEt3TnFzVzMwOTgyQktEeWsKRC9TUnJJ -cytpaTRGMm5wcXFuSE5ReU9seGFUWlBSa2FxbHQ3eE9Idmc0YwotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgTmp6SnhHV09BbzczdmVoaCtnOFdYaHorNWpmSDQwVmtJVFFx -Z2FTTnZWVQpnK0lTem9uTE9BZ3FqdVJ5YThmZ3o5RjlZNlhTUW5Zc1NsM2FBa1gx -RGdFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB4ME5DK1BQUVFLcU1tYVZadG9hRVlM -WGFnd2lIVVNXSTNkZnhIaDNNSUY0CnpiUEZKeTVHTkFyYUdaeU4rWE54RmIxVjhC -NVkvQURrY1N6b0doN3MrYXcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFZraHhvbndT -c085d1BFeXE5bGNWcitZaTBKdVduOGtPeVFRam1aWVpyQ3MKbE92VWFqVXF4dkZo -dElDN0p5S0xXemplSzFWUlJaZ2M3Uzl4UlhmOHllUQotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgbndmTFpuR3o5QzZsZzVBMzBnUlU5UGFoNFIrc1dYUmdCdHhYa1N6d2JG -awo5amhkT0p3YytiRmFLc05GRU1hL3FMbEppd1Vpd0xCbXE2T0dLanpTQ1pnCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBUQ3c1Rm52cjl6ZzhQNTQ5R2NEWTlWUlVNWVJ3 -VndHUmg4eWIzNERGZWxRCkNRZk43YWUvc05nYWtFYVlZNjBQbnNhK3RXTjZJMkU1 -OG1hcUtoUDQyUjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIHJGTk5SYXlKZkx5cEVJ -dUJQTVNkUWVkVCthU1c0eDMvbGJWN0dKU1dSeU0KYUVQMTFSNVNnZEFxV09UVHJm -VDhMcElMZ2NRQWVKSXJITU53NlZwK2dPWQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -YVgyMDhXL0RsaEFxSUhGTVh6c1BUeFgrd0lMUDg3blk0a2pocVJMbVZnRQpBb1hJ -c3pBOFRXMG9kTEt1Q1IvZW5GR0F6UTNLU3J6QmxGWGljT1pzb0NBCi0+IHN8OGhP -LTVaLWdyZWFzZSBKcTpVVyAvQlZYawp6bHZOYWpabVJhN3BNVEpQbDRWbUh1c3BP -UXlsSzJWdUdPMHpuWmF2QjNQd0ltUQotLS0gemVvbWt5LzErUlpmZXFxQmpMZFVq -czhiSVBFQVBVVFo2Q2hiaXNWQ1Zwcwrm4hQtiHjacGXqxDf8QBf6AdsiCFad+cAu -RA/fKJMnq8zc6NUDkvEAxrWxFLpLD9amqaxgh5889mWstPGaeCQEcWfjO7jl2jsM -duZsH2rtqfsaoWI1tsUiVKGtgprkI1TBwbtFYQ/aC+1AzOP4rnmuu4T/kIDbP+rn -SlILVnc458dAsDIUO0vYzNhy7z6oG0Nf6TnPehPocIakRXoLSN0d7fYmC5GDD+8m -v0ucVjpVlyXCyOHbl6COgLmz0HglXaQba+K1ZFWJJXwB3Ej/wYaS6r5rChe9RKJJ -tlCCDfOmUC1BgNH2PbPsaDwVmPe5itsAoJrzvq2mR5ho6kTX0dAPnu6A50G2TkTq -7OtmvcjVarHKO5mRLSaGKgBnxcdI9MPvKdLKb79mBgmp7lWbKqOfQL8W+mfdxWjI -F6DEPQ478W7QF5tIWYlHsDS4R7hKr7DPBxGLZEhKUYl6UJd8BietDQ+Pti19uoiC -1qwFIGoKGteEsW5HHfvxdp1hdboVoOh/MzwpksNqMOZIhS2aAr2EKQsUBB5TLL+v -JdEKGcLiRuxqa/6mVuEw2iqUfSBK+A== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2gitjosh.age b/common/secrets/secrets/nix2gitjosh.age deleted file mode 100644 index 3abe011..0000000 --- a/common/secrets/secrets/nix2gitjosh.age +++ /dev/null @@ -1,50 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXQXoz -bGYwc2NqNDBVYzVkeGxldnJxbjZ6elgxUmFoMFhuK0pvTTRLWkhBCmx4RUxONTYw -VXZGZUtQcnFaRXhuODNQQjhCRmFtOG1TQzQ5Qk5ua0RNQ1UKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIHgyQjZBUjVNMTV6cG9LNE5NSFBMc0xid01PQUEyeVd1ZnBEaUVM -Rjh4bncKVHpqQ09XVk5od2F1MW1namloTUVMaEpuamlZcWIxRmsyRVIzV0RYZGxL -awotPiBzc2gtZWQyNTUxOSBTcENqQlEgN2s0Zmx1YjEvMlIzdElmeTcycEpNcHNJ -UUM4RzBaZWJEYTNUK29vOEdHMApkKy9SSk5PT3ZaQXQ1UGFCUFFvVE95V0tBZk5v -UlR1M2tEYWtMK1hSU09JCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2YzQzQ1J1L1JG -MXFjbzE5eUhnZDBjNTJGOEZwOGwzSmsyRUZhQzhtakFFCjVQYzM3VlpWR1I4THd3 -Ky8xOEd0UE1hVjRRS2RiVmUxbkpmdGxLR2RLcWcKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIG5ybjFTUEZ5OFhpUkpVdnZHNnZ1eWZGYnNQeFFvaVNoQ1pVaXJ0ZkNna0UK -cUx6OWtid1FRaTRLMy9EaGk0K2NKWE00UC9Ec0FsUDJCODJzNG0yYXJPTQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgdG5DRTY0QzU4MjBXTnFWT0NiclJ5M0g3eG9HVm92 -M1RIdFdidm9hVlpsTQpFZEd6QVFjY3NLOWVXeDFTdXZPenc3L284bG12V3dIVzRB -QUZ3ZmU0VldRCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBHQm9ObTBXWUh3YkRSb2VW -ZGE0aGFYM3RkbURpYlRTL3NMek5kZEpwcXprCjFHL2JIMFRKVitiamRSM3dHNzlj -ZENNZHFIOVdLS2ZOb29RU2FKd1NCWTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIG1z -ZGpQQ1ZDSVdLVE1EVUFRVW9RZ0QwbVJPSUtIYTcveUdBaGIwb2oxbVUKZGRQcHNB -WmJuN3B2VGVlUEJLem9ja25wSjlreXpCOEZUUnZnY3F5YXR1VQotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgTmtoYlhWL2YxZFFheEVCbWMzOFpwendzaFZsOEIvN3VzNjlZ -cXNsUUduQQpacFI5ckx4TGZPRnp1RFM0SHJlS2hLMnU3NURJcWJKTEZscEpLVU5k -MXVNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyA4dFFyS1h2bWJFYXZFSkpaNGVkam55 -RXMzSW94NXZTVy8rRHBWOGl4NVFrCktPVWI3VUhWZGZtYlNaVm8xTHZiTk9FbWZ6 -OE5WYUhaTjAvQWFxWDdyQmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHZYT3dNK2cx -UFpSV2dabnhIcW5HMlYzK2UzNEorQ3BaRTg3NVJwYVM3MlUKeVJqaE93N1lLdkg4 -UU9VaWRpeCtWQ2V1bmkwMkJvbE56U0lXcEhMVE81WQotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgMzJUS0hEQjlNTUEveGxXdHZGVlY5ZjNrZTF1QWc4eEhiUmVsUWRBc1FV -awpkYXgwL0E2cUNvQzRCQlVHQWM0djh5RVJ0SFl2R1p5ZzlEZ2lZV2trTit3Ci0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSB5bDh3ZTBqWE5wNWdVczhsaXFJaXdEZXVBSzND -ajN3WlRVcmp4dW1FN1dzCkxMN0wzV3BIdHRqYXhmSzlLWE0veWJHVlNBOWFncFZ1 -M0x0MWY1dmM5TlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpINTFDeUVTbCswN3F3 -QXp4eWMzTUdPTWFGeENOWWhkTTl3WnRIdk5sRDQKWk80VFJGTW5xdkwzMDdaSGFW -ei9RTTg5SFFVRktFYUlPYjNOT1FQSklZRQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -ZVhldEpReS9jMDRzcXhrZVRhSGFCeWphQjBUU3JiUVVYZnc0d1FUNFUwYwpLenBY -YXMxREFRRjZZTHBIUUwxQVplL3J2WGszNUhXSzhZL2hDNXUvUnI0Ci0+IFUtaS1n -cmVhc2UgPnMjfCFtCjcwT2hGeVY3b0VBSTZIZkI2bEVSUzR0bzNQQUVjNkpYZTJl -a2l5b3FNbmpQQ1F3ZTNDTUE5ZmNBbmhzZE1uam8Ka3BqWEtQVEIzOUFFQlV0TUl0 -QWgzU3QwdlRTWkdUWUNRRlB1Ci0tLSBaeUtEanlxcDV5Q0Uxa25hVnFiVW9KMTlw -TElTNVdoWmxlWFNsMXFlY0VzCpnuSzzkIeZRg56GdBS2gOTaXV70O7kR/9F7deO5 -XJOWo7ES0V1Y3WqNHmCsWHiqHj/yKT3JYBPd5p8tPzW/uwO/4KKfqaG5xY3l01Uk -+zsFTkQh5xRP5vtQ5Q9ztTVV3hp4QLVsBLSwGHMiJyL2BGawLD5OsSehBQ26nU4x -gmE2ZP8WWm2dCTGJBf/JQ7rl7+G54GRK6akWRCT+ZzL9OMA5u3dgyvE3w5Q04K34 -sY8WJIDaUm/Gr6JB3gHTfHaSsqx5NE69EZ2we4qdUW/ATeIa42NLPOYvShGzJdNO -nWC1vemKsUUDR1KzfoZ6W5KM1Dl6f0IzC2e3gAztH0FtZO47is1Lx9jsbVN/FRh1 -aM2bk4LUfsH0CtVqRxEqVg1gXzB+ICe/K4xU8OB1g7uzTYS/rZc1KG2sHJ0fjXUV -m0EdIMiJi4uTltakDrVGBKiNhQAz4V6t/kKkONvFg6wFoVzgm3kOxfRcryWfF0sc -VDaa0kOnDFS/MuIsMENJ0XP5mTO/BQERY4m423nY7hH4Ud+kU9k8zQ3gdNIGwCEK -1j0P61nlu6Y4lSO6UaNgr7xl ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2gpdPocket3.age b/common/secrets/secrets/nix2gpdPocket3.age deleted file mode 100644 index 206918c..0000000 --- a/common/secrets/secrets/nix2gpdPocket3.age +++ /dev/null @@ -1,50 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBGdVY4 -TnVkZlJ0elRhQkRSMnlXUjNNb3BQQmVBbmhYYVpqOUx5cE81TXpvCmNYUG5rTjlo -RmpNQmFtZlBwWXY1eDVzOFh0T0F3d210QWRvOEZnN3VyK0EKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIHd4TmdIeWdiTXk4QWwvdURNQ3NtUlpNZWpnT2hubUk1RTUvMFRG -MUtEQnMKTEZBV1dPOXlQOTNSNVZVcXUweWZjc0RlQzFybE42Szl3WkJCOWszMHdN -WQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0V5bUpxNTVNQXh1UU8xYmJLWEROTkRr -UmtNOWQxbllTMW5BZzdNR1JpcwpCMExaYmpNbW5ma3N6SHBDR0lZdHljNDNlNHlM -TTJrTnpKanIvYldhcU4wCi0+IHNzaC1lZDI1NTE5IEJZS0crdyB6UHBMWXNCZ3ds -S1RQL25SdjVkRElKMjYzUXFKV3cyZFl5VlhvQ3ExeUQ0CkdGaGZrNGdZZ2ZsTUsy -amVPVjhjMEg2ZkM1NnF0cTZFNGhFSGpYQzRNRWsKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIEN2bWhSc3AyWjlXWk80NTVpbkkvTllWbnJScS9XWjQ2RUd1OTkzMHRzZ2MK -bzNETWVrVFdIQ0VvUEZSY0N4T2Nqd3c2WEZWS3JqZTAxaTZBaTlmOHpZQQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgQUsycFZocFZPdUxQM3MrU0o1OGE3Rjh3SFlNcXdo -MExnb2hBbHdoTk13QQppenB5THpDV3VXRHdZYjJJc3dPUW9qcFBydUs4ZXA3Z1JO -ckl1ZVJjNzdNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB1MzRNMUwxb1ZESWJrMVdv -RkMzOGJHYnhnOFdHQ2Y3cjAyemI2bDJoRUIwClpnTys1eEFlNkZ3cStndjFyVFZF -eExaQ0JDRlhGWDVyRFNPR3lBRUdITkUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEJB -RkJ2QVZsWjdqQW1TeVpCS0tpSTFiZDVYOG5ybG5rMjg0SWVTRnlwd28KZnJMVE5C -M1hkRHc2K3RCZFRjU1ZyeVR2YXhWT3ExNGVRNGRMU1NrYk50QQotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgYmIwbXd5aXlFUUhJd1VORmxjb0hQWmRZb2lMZ2xBdXJaTmx5 -TEU2Y2wwbwpOZzNJQ2kwVUxBRVcrYjBOMWx2V0F0dWJCdnB3cXU5S2tnZmpQc25P -NnZBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBCU3QwNjdGYXE2RHZtNGtHTVdRbmsr -QzgweFB6V0xyV0c1NldBeGR1UEVjCjBKN2pJT2FJeFZUNDFKRnJMOFBWRGRDa1JK -UExOZkhwcW9WZWxqSGVwbkkKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEE5TFYrV0wv -MzlicXhsUHNoblUxa1FlSFlmMUhnYy90OXROUkIycWFFRTgKclNPSFdtVzF6Mml2 -KzJhK0hmWDIvUmFlSGVLQ3l5bElLY2N4aWxkNFU1MAotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgOVkvd3dmV0hhUmwzQlFBOEs5a1hGUmMxRU5heFNaZWhGcDRYdTd4ZktW -NAo1dGsyMUFlV29hOEt4R1l3S3Y4NndrbHVUR29sSkMvZ0R2SXM3TG9MQXI0Ci0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBTclIxdXQycVZlckR6aTZvSzJxY1ZmSVJWNk9j -MWJBYkp0ZUtvNHR5Tnc0CitlQzZDUWw4M3JNSHVkQ2U3MTdtTFBGTmpLenR3SmRw -NWFaNzFJSHZhYzAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDcyU0ZjeWREdFJrTEdk -c2RGY3Q3cE0wdDh4SGRJUVAvSzR5WmFENWQvQzAKVTZraTduUVg2RHlEME9CcnVq -MFpCbHBKVFNTOG1aUnNIWWJHUXg5T0k0UQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -YSsrbmdVOHplU29GTzNMNVh2aE5OaENXWHE3SlIxa1NuVHI0WEV1SG5sQQpuQWJP -MnllQkFSMDd3S09DNXhxU0pEcEFGRzZabGkzTlM4ZXBNWlRkMU4wCi0+ICEtZ3Jl -YXNlIHlEWmUtSzZeCm56bkR2UUV0OVJGNENzRWt0M0NQSG5acHdQazJFb1JFdGdq -aG5Lb3BtTUF5QmtKaXV3YVJOTWpMdnRodUx3NkoKNmpkeGw1dlB1NmFpUk1RbFEw -dwotLS0gc3lycXhWZXBmd0srSjhPTW1vMmN2REs4TWI0VUhiaEt6ays0akJQSkhs -UQoyTVD7Gbo16BII9fA/kbWQA9cLwAIJC2eJldhHa1Z+/nCLTYoolHFvhDF1kNNU -Q1VUi7Hwh3WfIZ5U9S8Bb1gtesAXrjAVoa07IuuELmY8P1aVnhO1Dh1E9bXhvjs7 -T9Qz5iA0R/IcMGzP1khAwda9urAqjtqjgNJOO9tOnKGOfCuUDhsPVqCZAfag4MeB -A/UbjmKvQuoMLnx4r8AdZB6hEC6OvT0d26e1EzT7o4C4nXYk4+ocvNY2kp+9N8d6 -C5qxI5juVeZenESlAxQKqaih6wUI5Hb7vlbMM3LvQqmSdwspOCYvji34LTzE2Vl7 -fTb9us7PpueVWLfzF2ea19B2CNZR6VWJ8d2WNDSGhoq80H5k9fawhq/PzgB/CLzB -dArCKrT7pL/L4oQVXuRC+2dKSmOm+hlrWHS1rwWEbgA7iQV8MR7eaHjUKEpRYC/W -0oSyCsBNRTJrTQEZfknGgIK9dAKM2Mx1rw/1AbPrtcJe7aHI0R1wK+bSgXOrYgWX -78V0+RseYYzyPgb6LUwkrA1MAsMp3NqQFts50DZ/x5ZBrKGWyEWO96Sg6oMCz+Gh -2S5P02QBaoTSyuhHpg== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2h001.age b/common/secrets/secrets/nix2h001.age deleted file mode 100644 index 07148ef..0000000 --- a/common/secrets/secrets/nix2h001.age +++ /dev/null @@ -1,48 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBqZkZV -ZFlDOTkvSkM0NmFlOHlIak5KUkdEZnZJRnJOQ1hLc2pkc1pGODFvCm91Ulc3aEkv -NTUzblR2ejRzM0I4TnoyYVlkQTk4d2RNSTRUVDJ5bzQwVnMKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIDlwQlRHSS9Nd1VZV1BRRUVRRTdjWGdKQ1hiRitPMi9KcW1JMEts -eWpnVFEKZ0thUVhWbDZxSHY1eFQ3OHl1R2JzRDFRbkpnMkVQRGhUYi9oa2luaEtx -MAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWTA4bTNxL3E2Q0h5MWhnN0x1a1N2NWRI -K0JteUdIVTY4dlhtc1JYQ0pFTQp1Y05ob2hRcVNhbzJpSE5ReE1hN3BlTEsvdUtJ -STVRdlZCWW8vQWhOblhjCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBRYk42V20xZS84 -WGd5NWs0d3ZmcVdKNWU2NlBrVjM0OEdXRHlVaWRORlRzCjBZQ3JaOVFYazVDeHBa -RVhieEZJRkY2KzRSZy9LOU50VGFiRWtsV1FyUUEKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIE5JNWQ3SHkzcXpGZEZVRVRZZC9GRVRvWDVvNHZkbGpEMTIzUjdNME9YMEEK -UytTTVlUUUhjaGpVZ1lYV0ZETk04elYwZ1FUdGVlMURGV3JwM01qK1M2bwotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgRkNvUjEzdVRvbUxyMGQvQXlTU1NTM1NWd2tMdW01 -RE1zd1ppRGt6QndoTQpJckl2VitBR2poRHhmV3RWSXN6amg2aFkvcTd3aTRIRkxU -SFBMSkVERG9JCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFcStmN29VTG1jTEtiMTho -V0hJUWFxemRrNnJxL0I0T296bmlvQmt4eEdvCkR0MFFORzExZlhDVXpYT0VlQ2xY -SklsRkFMVDJzQkpPemQwa3NOYUg3VVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDdF -YXNFY1F5MElweVhtQjdkQTAxYWo5Zkp5R1VoQ2s4dkhnUmRwV3R3eVkKQlZ4dTNS -QVlkR2FnR0pyQTlhSWRQNWtnT0dCbTE2YThiZWV5UGdUNFc0MAotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgT3luM1VmQm9tSG5majdWeEh6ODBLSm56ZFpSTUVmYzY4K1M3 -RSt3cGMwcwpLUWpGREU3dFc2NFFtNVZGSDIzem0xZGF0aXVhUHFhUEIzWGMzUDFT -L3I0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBwUml2WFlKSFdnWWw0YXczS3hvZ1dH -d1BLYWNpL1plYXhldDg4d1BHYjJRClZzNkx4S0ZYY1MzeU1aU3d0TlBhcHVvNlJn -NDN0Q0wvTCs5eS8zTnFaK0kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDAzRk83R0Zw -ckFzZjNuSHRpQjA2cEsvTnRKdDBRT3hTK1krWTA1Ykh0WDgKWjlEN0NlYjYwb2NH -RzU2N1lzWjI3eTlCSXgyZUIrY2UxUzdwRVY1a3FVOAotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgYmNEaW9ESGVaS21NQWlITmMrbWQrekxQZXI5SExYbE94ZFhNcWtxSzd4 -OApkMzVTSHBSR1BLS25vaFUyaXZQZHE1cDhrTmZENGZNTElINUxwUzNONzdnCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBqRXVCUEdEY21xblVXV25sTW5FTkxMTTJPL2pt -U0VDV3hZRC83TVVnelRNCmZXRnYzS2NqcDNIV1k1WHFOVy92aURVVStDQU50VmZl -T3lSZTNveWpNVEkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFc2c2lrVWZpbCtXS1Jr -TFI2RFRYM1BNWEJjeFUzclpXTUF2OGE3MmFNSHcKV0dHQngwRE14VlZRdDJqTHhQ -dTMyL0JMN3VRWlNRTVZka3VuelF3QW92cwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -d3JwUyszcTl6TU1XVHA0d2RNb3VPa2I1ZzFqdzJyR0ZTTTIzNi9VcnJqQQp5VHVh -TTBjWXgvb0daeWN0Ty9DTytRMkVES1hBR3M5YWdEanlYdDJSdU8wCi0+IF99LWdy -ZWFzZQpnZHBVTGZvYm1sWk85SzVOV3FOZkZtM3NKNlFLdUxDRkxBTQotLS0ga2JS -NGc3N3o1YjBOeEl0L3NVZVprNDA3VFpJdmt4eW0yYnJ4VWdkdXBoRQqosYCeWC24 -SETTy8dVYTN0kWZBhYxUQDb6mhHPZrLOmlNyDeambLNwpoGHGpxUy1vrYL5cOmBA -pZ4lLKvAvm+lj7FCqX7+uhQi5FohVTm9bz1IsJcId82yf6lLjc4p7M+ww6icM0vH -DHHsZ2ecQiJKOvf8BUGgAxBkkdy0MWVRAAtOAqadBRtaGB5902FOI0gWLyAyFqlk -+P/pHRfob8PlnWb7MTYsUVgIBtbV/hIcpSx7BIsPTsdr7yFirhfoC4giBMT//2Mz -e7NGN2bX93pAUPWK2P/k3geArT1zJoFeyOpkyIhnfeXaA8WKb5juA/Rly4aGUJO0 -oQKJkNGg3DPQMAEwwaijjuz19wd3o46o5la+2L/Yx2fCPDcwOyYzh8wVdc2eq6Ab -y3y1wlFfMLpsuBSENnCQTPCWimTOk2lPUKEjDtLXCtucwyd/fzjHCjF1iR5twVrw -id5+60bFV73v2QsQ6+qnNRj2Ea+LRHA48NtQH4Nedv8xlhgqkR0tD8mZc6Xo65MT -1Lj9suIPCf5L/j7GiX4MPDt/uptHJEckGMEo0rrwINBps7K7XrQLfw== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2h002.age b/common/secrets/secrets/nix2h002.age deleted file mode 100644 index c69d953..0000000 --- a/common/secrets/secrets/nix2h002.age +++ /dev/null @@ -1,48 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBLNmRV -NlNNT0Y0cTZVY083b2U3K0tORkdxR0IxNExrL2EzWmM4a2hoUkF3CmlDWmVaY2tV -OVVrYTBXeHpIM1lkOVBPeG9qOW0vL0hmSlM5OTVjcFVNUEkKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIEJJcGRpcnlSRGFtNzFlUWt2OGpxTUI1WG9zdzRZakpwUjkybW1J -MkdhaDQKNEMrT0VVSnZKYzZscWNBdkQzbXBsc0liYzI5bVBkZC84NnZKYzBtVEZ1 -TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR0tSZVk3M0hBd3djZklhVmdOQk5lcXpm -d2NoL2RrVk0xLzNxRWVIWU9YdwpXQk0yQStOY1JFNjF0ZWhkS1gyWGRhTXpkUGdI -RGlOZlBLMnFaMGVVSjMwCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBBZDluVnlKQ2FV -NFBpZDZJQmorYXVsV2lHMTdLRkVjSjZPNHhCUk5iSVV3CjdIU1RaaEpocDF5MHNj -blFVdGJjR2hwczNOZmpZdElXSURLd3hpQ0xvQncKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRICtWcXVMLzdGOE5xajlBaWdoMk5lL1J0U3JCL1dZQmxnOFpsK0Z2ZzFvbjQK -ekFWSVgxdjZjQlkxMTlCYnNPMWN4MW1YY0xSZFltSk83RXkyUmZBakZjNAotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgZDByMm1IanR4ZE5EUExyTnNNVVN1RTdTV1BJak9E -TmZYbEZOSHNZbFBDRQo5YTZjcVBrbTExazV1a3ppQ1Y1NUZhUUNqWWhLaTR3NkVx -YlpzR2xNVWQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNMEt4UFIwb21GOHk2c25j -a0hpMkRQVGhCM2NFWmNlWXA4SElZUlQ1TlY0Cm9CVVBDQ21PbU1Fd2ZCclduMjdq -aXNuZS9lN0dicElXckxhZmxpRjJDL3cKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHA3 -aTJ5VUJROE1PZXlGZjF6R2J1OVBDUWF0N09TNmRkZ0x0YStxK2ZTU1EKWDBkK3FF -c1FCSHZvZW5YMHBVSis5N1pRTW83bnpQZGY3dTlOOGNJT011ZwotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgNFhxRTdZNm9OUm1zOGpadi9jckxOMnRhbzUwL09SLy9JRncy -TTlzWUVuTQpVdUFtWTZhRStkN1F0cEh5bU84YW45YmxtYzlXR2NOdTY4bHRZZWs0 -RjlJCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBXdWo2c3pPY3hmRmp5Z1FFdERUUzcz -MXRRNjI0ZVlLUzArRFhodS9FNDFNClZyREpwb1IxdG14TFFSVHlkTFNVOVlzS3kx -M2FpSkhReXljSytVczR5MHcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGdIeFpXODY1 -QkM3QkNkMllnWXFyTlBpYjd2SkI5TlNoT1ZxSldCN2xGeUEKaU9XSkQ4Tm56Tk9B -Y1l3OGozSVk4M2ZFejdwR29Sb0NsQ0xrMmZzai9DawotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgUXVkZUJhbEJ1ZnFKSWRaVUIyK2JCcC9PbDZjQ2VlTURWMzBOM1loV2hV -dwo3OFVtR1JldEwwSjE5NGJKUEVyYlBzTmJIYzBYSCsyWWU2TnRwaEZLeWM0Ci0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSAwTkpuekFzUHZmWFdRSjRnY3YweTlWYlRjOW1U -a1hXRXFPakRNUzdxVWxJCnhIYU8rUGh4dy9HMGUrVi9aaU5uL3djU2JrYktaaTZI -QVlMc1VyaTUxTjQKLT4gc3NoLWVkMjU1MTkga0hrMmdBIERkVmp6eDBvZ2dXdURq -WlNwZjJMN3FLVXJEa2taYWJjbVlLVXBsbkl1MjgKdUhtQ1RFS2Z6U2t1M1MraWo3 -VWFCZERRZXJPTjBNS1FkdFZtdnQ5T0pBUQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -TUpKaThiUVJWUEF4aHZQMXpkdER3TzY3cWxWV1BEbEd2TVRkT2Y2MitqYwpsbDU4 -U05mN0xmY3pkNWtiRTBPSVgyUUhBTTA5cDc1aFJEUDBjU2owd0VvCi0+IHAtZ3Jl -YXNlIGxgcisvJiUgXWVsIHZrIE4KCi0tLSAvREZvRE9zUlRIOHZpYUVWZ0pyQmlh -K2ZubG02bjRjdmxBcVdLVENIejlVCtydnNICLzNyabsA6H8fhwkySlITewQ0vFBQ -GvfvDobgKzac8kmjDDwiIBwRI+EgVznSecv+Oqi2sJaodIxGaYgvEh+FURMfYOPX -K95ykf+R4bAowyG66i+mg9vthJU2O4v43R4qN4+0CVrArqhQp+ywNERsTV/2pU3f -bTFAYaLaLihEFDjCy9+p/D5l33Ns54FYAtBtQ/Ut4VY43i9inE/qohM6vy1W1SgY -THW3pLHvB6WlZvv4uD+IXK7GJXkedKxIuH0pGWLTF28aIlWTV8QYlCYpqpqaYs4X -87oze8zgPCNa2xODkQnYUI0GX4Fg3vP1K6R4G4DtCOytZdDYXncEIC4+opOoNmfg -xuhjELH+eZLXXRRd8PPrPTWXQ9CjPOK20vwc2To3Oljt940di6+886j2vFEBd44v -A1cjFG+K4mQ9GvdAk98EgRVXasmXyKnRdc7kFym9EY7guZtoA0Bav7YCn2vMwF7G -yLmxss4Wa7UA9v3GF270M/fb6D5u9qcDG7v41wYSldfaqSDs0Vw1ZfaGBYAXF5v7 -GgU0MSWaFyHej5xq5UVTlMtWh2YR ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2h003.age b/common/secrets/secrets/nix2h003.age deleted file mode 100644 index 01a858b..0000000 --- a/common/secrets/secrets/nix2h003.age +++ /dev/null @@ -1,50 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USA0dTdj -TDY2STIxTm8rbnNWS2J2VlZxcVRFYzdBRElDT2RUR1pRd2piaDFZCnl2d0xoUmg3 -OEs2bXNUY29RQWJ2WG9GMXIzZCsvcHRRUDFvRFl2elR0a28KLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIFJsbjBZbFhEanBaSW1BOXBwbVQ5eUtHSDRQRzJleTBGc3BlY0dv -VzljVk0KZEg2M09TNVlvYXAxaEFaUlpkLzljZXVQUE53aEVLQlZXbVBpdEM2b1Za -VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgLzQ0MVpLWXMvSXkwTnk2VWFrQWNtdVJj -bURKUzMrMmRqeW9TcTF4V3FtdwpVQmducWt2dkVPQklma3h0QVkwZk11cW9SMkxa -Ykp6amg4RWUrZEpFb3NBCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBDNjhjTlovT1J2 -QXFPOVZrQ1ZFWUV2cnF0eFdTR3g0M3VFd0dvU2hVNEFRCjdzR2hZR1pKUkpJL3Uv -VEdPNzE4TGtWRVpZeEROZGFNMXRtc2pFYTJoMEEKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIGlhUGZSUVhtSDBuaTF4a2pCbFNqUk8wN1NGT1cvbkVqUmk0cEVCTkhoa2MK -OGZGdlZBLzJCOG0rN09BQlFlTm41NVh1VEdZWFRjVTVMeFBRMXB5dktUZwotPiBz -c2gtZWQyNTUxOSBSNSt4Zncgc3EwWEY0dmZPT2ZnUlN4Sk83WkE1c0FldGhYclFK -T092dm9rQjY3TEh6UQpFQlFTdXBJWVY3aUx6Y3lKVDBGQ3ZHbVJqMm16R243Z3VU -T2lHWVdNMTk0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBuUTNLUGIwMzhKcVVyeUNG -NmJ1WkRtdS9FWHQvTGROL2ZiUmxmVlBIQWtZCjZJMUduWVNQMXVZRk1CbjhCTnFX -RkxoaTJuelV2bW01T0hiTHgvNTVZc0EKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEl1 -SnJKZ1Bwb0lsN1dTZ1I4YVN0c0NaUDVEd2c4SjNTRkw1d0ZpaTF0RHcKTzBabFNx -d0ZjTjNoemY1UzVBemd6QzNIQTl3b0N2WVdWUE9CV1VzcVVtcwotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgbGI0MjhMbDFZblFud0U0Qi9ibHhSMlJTa0cyRHFJNW1tcnZQ -ZUNma0VoTQpuNG5ra2hwRlpneWxkTEgzQWlhMkRJVUMxR1RVZWZXWGloUEtkcWdI -RlFFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyAwNHF6Zmt5YXViL3o2aVVKVTNSakVX -eFpuSHN5Ty90bGI5K0l5VFVtL1NvClBsa2tRMm1QSVlBNmJ6T2JlT0V5cFNmV1c4 -Tm5nL1NiOWtGWm95VE1Ya0UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFwdWhWNnBQ -N1lYeC82NzNHZ2d3TzBzUTcrcm0wWGNPdEc1cUtndTZRM1EKTmxadlp6WC9BQzhJ -S2NIbjM4OHNpUGJiZkhOSXJDSitiNndOYm5VWDlCcwotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgUTFOZUtZSFJRUkw0eE9wd1ZCcXd6Z2RvUFVsUnZBcWlSRXlHU0lWcVpH -TQo0ZUszNFF0NUdib1BpZ1FnM0hBUjFsMHdSTE1ma01OUHRIWXFUMmJRbWRRCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBocFJ1aGpicCtUTjR5dEw3RTNya1dINTN1emZl -OVF4Ykd2SmMyNUNqUlJNCkV2ekVCNk1uNEZiTlJYVDVsREQ2cCtRR3pVRVZZek12 -aTlLelNZOVVXZG8KLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9aT0pJSEZiMTA4c0Vi -dExPN0ZtT1BOY2ltNk95TzB2K0J6WEJaTUJ6bG8KdWo1OFpTWm1JWkRrWmhYUzRl -TUFJTHp5Mk9hVXZSNXFHM09IZHZOblpqQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -ZUpiN0RMRUhKM1ZvRWJQYVNCVzROckZ4SDY3NU4xb1djcUgyQW9xRnkzbwpOZ2Fu -dXNnTERuOHFoVVZGMUhpb2N3MDhRK29NVjhuRFhyZTdjL0orQXZvCi0+IDtXeHd7 -YFBpLWdyZWFzZSB7PCBcfkRZey4gI1d4Tn4gXwpIVDhGeFk2K3dOUkhBWkU3SnRP -THVSUXBWTVJBSlZVWERqL1F6NjFYQUJHZitiWXJhYjFHS3lmd1dDVW4rWDZRCmxC -bmt3NTUvZ0dScGFUaFJ0dwotLS0gTTRUejRxU2ZKZVN4MXkrSG52dHJzamxpdjBC -aWo0a0lmS0xWeStFN1UzTQrI0E7L65ZYdi9LJwZ3nSgT7WwwQJovYBqw7YO8jE+n -1iAUsxo+nj7V7ub7D6IxBaXupMwqqEGX/fUgLyHrckL8V6RmVfvoJROp1Vm7HncW -xqoFr1cj3n6p+O+xQPFy+1uVSktCTvLgHDNHavRPaoT6vP2FcvQkI7jczbGJel55 -YBA6bLrMLsn1+MmY5oT61huymRbKFyt3c7+u/vqYwD9/J4/KPW7nO0hCQ8LBJEm4 -KFwj/6d8zyLFGRB+wwH3pEPFWZ17/7tK4xRR3jUw3ertMKnLtpYpI7sCOhCStH5G -6CTMGgmWOyPmccVfWF3RSnuj5I53nnkYktWcc3o+ak8GCw8PBJvAfkAJyNjrSo6V -QTMX9qsrL8SydAXXFk2lNcv3maH6RgRB9ycPGak/ZsrFP0VkMFpOLIfqjJMnfChY -CUi2b1iTMlmw9VITSfgh82mue+bcevSaP6KboeksBq2ah8hSN80WPtb7VQNUNl/u -cQT5DoyvaIxOstiVpBy7DY4pvb6c5iWkUuuDiHrn0AA4XB2skTNhGU1oty0YrDFB -tnRtsOYgu5d/53Fcd8aUNg== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2joe.age b/common/secrets/secrets/nix2joe.age deleted file mode 100644 index befdff7..0000000 --- a/common/secrets/secrets/nix2joe.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrRFlo -VzhEcDJmTStuQUxxcms4am9idGpZYm5HVndISDlDMzVVVGl1ejJBCldYZllDcGEx -QVl6NU1vVjBPQXpLTndDdUZIRWJmMC8vRWhjOTRDUm5yTUUKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIHl3SGo5eEdyRWlYSmVZaWhJNEt0VWRiY29IN3AyeGdYQWtuKzRL -NzJrVUEKaGdSelBON1JrbUZGVnJUL2RwZzZVWWJxVUkxUmVrVHdTcno1aWYvbGwv -cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgQU5Ia294NGsweUI2NUs1S3VZaVVEWUtZ -d1l6WGdPcnBmck81UGQ1Kyt4QQpwUG5iaFVUNG43a3A3M1FvUjZGd3ZtZzMrTUFm -amUzcHI4Smp0OXdpdWJVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFRkd4U2hvcGRk -ZjhleWdheUtqVjBRMXdwZ01KY3cyck5tOCtBaXlBc1ZBCjNvUURFdEFpZ0VteCti -Z2t3SlhRbWMxakRHbFlPMU5HZDlOV2R5d3pWdHMKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIFVZRlYzSU9FZUpoMnp6dVJPR21Zam96R1NQOXJQSldXOHNGYkZnR3ZxaGMK -eEJvbzFKY1R3WTJVaTN1c1hnTWJ3ZU5OZjlZR1kxMXd5bmJYNDRBSWNqVQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgUHBaY3ZaVjcvZXMxLzRiUisxMnNwV2hlM3NxR05Q -aE4rQjJ5ZDl2eDcwVQpUM1NKNHg2UmtPeFhGbkxTUlFtTFJ5bjNSZVNEWmVKaHg0 -cWpmT1VZZFZnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBKZnF6enhLS3BzUis2azFK -VlFDVTZTRTQ0czdNclBGYzROUEJHYlpod1gwCkpMb2hSRHVFTzVTZ1dmM1Fid2tl -bkhrK1dMdmxZSWxhMFBFM0wvZ2tuTW8KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEov -MGpzVlFwSi9RUDlQSmNCRXRqaGNpSHFwa1o5emdOcmY5UFREejdtencKVHE3OGlT -NnQxL0xJdTdYTnJQRTl1bjJNZDJ2MVdnWHlzb0pZS3JvYW1GbwotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgVVVrQ2ZJdnY0WHRrdFBidDh6ZGxCQThjMk1DcG1UZ1hhMiti -WENKclB6dwpCZHRhU2NWZTFQYUFWYUxCUlBUenZPVDdQa3pXaVE3ZUdSNm91MWxB -SGZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB3QnVtWjlsOHJvVmltSkdVY0wwcmhk -S2prNGg5UE0ydWdSck4vMFY2cFdzCnAvOUR6VWtEOXd3OE16ZVROMEJraXVTZHV4 -OFdmQlRXcStLa1l1eE5yR1UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9NbklVa3V4 -aU5ubnk4WUJyRTdXRmIxT2YwODJQOWZ2eFdYUHphSGlwWFkKT2ZWWWF6eGc5YXJy -NWNqNE4yVXc3MFA3eVJQbDd2Zm1FUkF3M25LT0FGRQotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgNEZaNzVhZlVrS2FXTlRXZUZMcWhwNnVORGJKYmErQ2FIRDl2b2wvNDB4 -OAp3NWdNcjVXb2RLczJGdGpyaFo4bTVLMGk5QWNQbkJpMjh5U09kbENVS05VCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSAwbXFvZWVaTEp4eUkxVGkvcWpZbmRnWGdjeXdW -QzgvbzBnbU5KWE5Ba1cwCkxUNnkwTkFFdHpuRlovWjh0RVE3U3pIc0tVcXY3RTc0 -NjRaRnE0YXp4NDgKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGtraTV0YWxFVDVkb1pE -NHpVQ2h6VGh3LzVRTG02cVdGRHpmak4rT2h6QWMKS0N0SFpyY3lhYlZxc1NQbkZW -VkVvQlAwejF4aUpnZmY2RnlHNDhQVHhXcwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -dytPUnI3MW1TckplUDZWRUZrUVN0aXhtSG1OeWkrcEIvVitxOGR1UHdFNApxaVFP -cVNrV2YxNGZQalZ1aTZLbjFYM1hWRkpFM2xhRlZTN3VNNFlaR09JCi0+IFEtZ3Jl -YXNlIEVPUgo1b3AzSWtZdkdwWEM0bVM2cU8rdTkxMFpTV3BZUGgzQ1NwWlJ1UXMr -dVIyMktqZjBRSzlrQkh2V1dGM3NoUQotLS0gSW9aS2RLNzZMQXlVakF1WDNzNWl3 -VEpQSVVWVVZkQU1FZjBaNHFxdmFzSQoHZa1y31EyfxcF5zL9Tp0efLfm1Ak/v9N3 -IqCds1BYhPDeCECA1zHdGZojhrxFuOyr1H/uSKuksPktfi0K7F73NsQ8Prf3hiVg -C5Ckh540/7lv8Y+f6eOSlbUUHkO/UftqyPqPwl+L3cHApoSN5OZJz+nVgJROQMBY -63lxHjw170/E1BNsf2jqdHHJUwyFd7hia212PqCQOyh0wbc+6E0t/9gDQXphBxC2 -/EpwLgBf0b8+nzGVZ0RP3wkegZyl2LYwkh+PLhRTTJOulE664eaJBFRpW/wfw1el -QaoEHw52O92IE6KbM7lQ2ujmHYG2aKBf/u16DfkDBrHSplz9bolcueppa7ubLgfU -mEacucUtRN2k+kA8S0UVZDsbo2oQfQL+fgq6Hcx1shpIFpugyhDMMHDD90cvAs8w -Keg8jHbTEtVJAtBmLYraeyGXsla1vPCcoXfHr49ej3Q4B7pMmReMtMEP/BDKy6pK -csPW/lebooacQpu1fjVyYyW/AgJHa0U6oZTr5i65FNYd0nQa07D3bYO3o7JUFZoB -Ah7b2Pj3Wv5Uzxka0R13xtr0Ud7jqw== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2l002.age b/common/secrets/secrets/nix2l002.age deleted file mode 100644 index 0866e44..0000000 --- a/common/secrets/secrets/nix2l002.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBPODJ1 -Q2VxRFlMeUcrS0V0ZEhGdlRnRE92TDA4aXUwdDVKYUhBaG11R1NVClRUNnlJd1ow -MkliL08zZE12bHRyaFZuQkszMU1nL2pxT3hIWWlObW5IUE0KLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIDUzVXpLblJLZmY2UHJnQ1FIV25WRjJEWEYva2RjRUFNbkU2TkIw -Mk9hUTQKK2pMSytja2ppbE1Vb3hYVWhNMG1wUW1lNjRGMGpseVVpeUV4dkY1eTA4 -NAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWmV5NW1rVGk0Y0VBTFJ1bEpGbVFqdEp3 -ZVhyWkpaWm1uUHl0L2N4WStRYwo5WE5LYnUrTldDMGQrbDhtTEl3cmZGT21FNkZt -NmJ6eVBGeG5ZUjhCZE5BCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBVcWZqVVl5VDBP -azJjL0p4VEJnTzJrdkRZdXNSRGpIdXM3ZWttWkluMlc4ClJOV0xTOU9PeHhMeWpD -a0twcCtxYklUSjF1R2NseFF3NDk5eFI1Z2Z3Y1UKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIGhONk1uMk5xRVdFUGZhNkpHUWhMUTN5bkkxdzNTRExqOGlGZzdOZzk5U3cK -NzJVSFppeGpGSWdob3ArTDhpcEhNSmVNMm8xcXRUS1crN0FubTR0T1BnTQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgcmZ4MzRQQW03MWpwK2EzYUtaL3pPQmhhVzVBK1U4 -K3lOSDhNSzJreUwzWQpKN3BYSUg1ZmZQMEFyMUJRUU53bDJGZ0ovd0hoRWFOdEpK -WVJUOGErZkFzCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBSblVTemNRb3M1T25yYlhS -M3dLQ0oxZmhLQ1Nldkc5NVY4bDVMcWpPaEc0ClFDalVaZzMzUGxNN0x1eEJRUklQ -aWwybzJhNmJNNkJBSkp0WVd4WGxEZEUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHUv -ZWdmZ1RUZWZIckkzVENjblk4a0lVbVRzL3lDOFZhQk15SnU3REJwaDQKQVNncVdL -R01RM2FQekJXcHdYb084SzRRVGcrcVdMMmIrWXozM1BXcFdJRQotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgeGhtdkMyTUQza2t2Y2ZGbmRNbXhFSmt6MGNNTWVGV2xGKzhN -bzB6REhrWQpIUTNPanVNZXQzMHlWQUduZUMzdk51bnNqM3Raem9pRG9iR1FRRzBm -aTIwCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJaUM0QkV3M2R1czdwYy94VWlyb1Jr -eUUxRU5zWU9tUGN5R2lMdk4rUFMwCk1ZMkJ1NW1abXRicjRkcE9CUmRqVFRjRlFv -d2hHYmVKNTVYc090ditMYTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEpFYTNQSDk5 -Y2JXL29YaTExc1ZiWkFKZUdFcDBjd1p0NWh0bkVXSk41aTgKRmZuWHRuNnpqUFNp -OFVZeVhDeXJMbUxuWnBvQVE2R2NwOXFQYXNnOUFsSQotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgNmlsV251TVpneWttdGVKVldSbzg3RE9ablQ3ZDhSZE9Sc3Q0VDRUc0Vp -VQpXZ282cnFmczRvb1Q5cWtrd2NsdXBlejFMSUJwK2Z3Zmd6NEpNNUxJMDBJCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBLOTNlbFFPdVBMbElNcUtaVGVtVHFjTGJHQlFz -NUdDYnRsbGJEbWVsdURRClVnWnpuT2dhUDV6dVp0d0FoT0gxcXR3cVJDL2d3Mm5G -dzArWjhsczd2QVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFIvZGVGTmJ2TmJxR2Vm -b05RMy8za0liMGRLQU5XR25DNmladkgwd091Z00KTElBRTF4N29pbHVHYzAydVgv -TU5BRlVJeW93NVFtZEkyK1puUnBEVUJhVQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -ZU5EY2kyZWVVWDdEZDdZSUIxQ2lneWJrL1g4Ry9NcWwzOXo2ck9nam1WYwpRWlMw -SEhMR2VHMWNyS01TV0RQSGJiZzNjWXRRYTc2U2w0QnhpbFZzS0pFCi0+IFBBQC1n -cmVhc2UgXU0neTEgXkd1TDhHLHwgWEc+ICExVwpSanE3MWgrYWtEQ3JYbm9POE92 -cVVLK1pBaEdGTnVBMQotLS0gQk5Ud2dJZHRzN0RZTTlZLzdvTVp6c0pEejFBZU9l -bnA2Q3hGcmVOT3NnZwopOnc+QlhQ9rs4u1VZzBGuVT1C/M1+of1PrkVrG9FspsTv -k9M3NSrz1aCMHSgX+YdH59xr56PqsRjP6nok8+2XMMs04g/sfbQsBG6GIy0l2ke9 -+RgoIQ/7yBY6HhcSfBK8OGHsBTypj2iWsXmHji+JJHgXelLBQxPhiPh721Y+aR/g -6dhgaSkeiztKbzuXX8Y4idAx22vln+a9IhCeh9ObUucxXoQ7PsJXJqPFr4tqJfWe -R2wluD3RtZxzbkvKcmiVvgJt2pRRoMPC5tn6Se2Hl08fDoTR9Z24wK5igtu0+rBp -tALfNh62Nl2U1s4Ukd+5eH28vC1QEz9UqnTNvi7o+1usmLsMIjwagEgfUB+yzaT+ -8VJDj4Y4xfI5WdgbWe9A9JFk4ve8Xmqkkg8zlaveEg/wSMDbiZP5NV20xHDIr6kP -yrctn77Vohff0iYL4Fm38FgJfODFCLsHYOok3OgGGySLdTZcYZ69yJjlDm5m47ea -vz2zRL4m9MxS4vE9eR04T5G+isZnLZJP/T6SImvSKHKNpeXLSFbycRLYJkf0jNCS -g1ym3Ql3lTyozQVBCg== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2linode.age b/common/secrets/secrets/nix2linode.age deleted file mode 100644 index 21529d3..0000000 --- a/common/secrets/secrets/nix2linode.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1ak9y -UTJwcVZCbmd4d1RPaWw5MDd3TTc5WU96MVptcVYyQVIwMzJDMGhzCkUrV1JQMlc5 -SnNxUm9UY3V2Tm0rVDV5ZTFLeEdYcG9qZWc3M013RjVpVTQKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIDJBK09UZk9jOEFPL3NXRmFaOTJjM2FlalRaSEhESlFSZjBmN1hr -RUNoQmMKcXRlMGFnOXpCWjMvTGRLd0FmcDlQSmF1TUhXdXcrNXRIcUh5dEZqbDlz -OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgSnphbHkzZjU1V3VzTzF6K1ZkcVNvcmp1 -VkxhWDZPTHp5bmlxWGVTOHp5SQowZXc0OS8vOHYreEJXbVZudUtKVVQzR3cxT3RC -RlpJNVFKN09kcmFtaTVFCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA1RzdxQjVqZG5G -UWtlUXpnT1FsODhaQlcwclFvZGZmb1pJY3MyRWtuZG5jCjI2QXFGMEFRVzR5MlF5 -QmNXbHQrOG8zbWpCU2FWVEhKNkhuT2JtNko2REEKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIHB3bXM1TVNBUmt2VFJPSEhzZjBZQVdVcFVNM3k5Y1ZCTmVtTHpObXZablUK -RVllREl1eGNJUmIwZkhtUy9JeEo3VHpWRFFGNG5QbTZNdzN5bGpWeXlwSQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgVmVqYUdWVFdYbThTUFIrZThYOWI1cGNFWTJnT2NS -RHBzbnArbkM2YXVqbwpzSEowTi9oU3dnOTY2R29GODRpU2piRWFUSXFBcjlXanlR -SlNZaEFCaWFvCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFRGd1TWViVFRHQlhEd1NY -RC9DRXJxUE5VazhkUHkvQWRLT3lrY0xaOUFzCndNUk1USXJ4eUtLQ3hjOEtLaXBJ -emhmRjJFT2xreGRtWjlZaVo5ZjRLYTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIGZ5 -VUQwRlVnUTZFcXZ6ckFvQUhRZzJFMVB3dS9RT0ZOWm4wSEJGVExaWFUKYlFzSHNs -VUhZTWJjb3doQ1hQTU5tRWQrTWhjR2E2cVlLUWltZGhaWWM1RQotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgK0I3MS80aC9MV1ZYZUkwMGk4VjV4Tml5OG5Na3dyS1JWM1V0 -a2FUaWhVZwpKSGJJY0RwaW5lYzUxc0dWaTlxdFBwV2o0c2lQWnFlQng4Tlp1bWtn -OWhBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBRVXJYMmp1d0RXNFlPWno4d3pDVUVD -Vmt0YmhyQy9Zdk1QdmdweTlaVlFRCkEyVmttUjhZSDBaYk53ci9UbERiaDhyRGR3 -V2lpcFJBK3crTFZlVnBvNTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFiQ1E3bGlr -bDVXMTNyVzVwNHdwQ2hnVi9Ld20wSnczeXZ4WVJ6MlZnQkEKOGlTUVVBZkVCOWg0 -N0tFTlNxZXFqaUJEellpRVlZM0JyaUZNUWV5dTRCRQotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgSFhTUEx0N3FIVzAyYy9rRkZ2OUZBYWVQcmhnYWU3N1J0V2pEZktVQTIz -cwpoZzhPRThka2JoY254VEZFeVFaN2RDVDBKZ09MUXI3c2VSZmJyRUMwYUd3Ci0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSArazcwb0lLb1NxbTVpbFlKWmJWcXdnK2pXd2xi -ZmpxNkliZ3RCQ3VBaUc4CjNUOFRJaG9kZEZFKy84ZTJ4aU83U1NEcWJNd3hJZFFY -amdqV3hIZit2M2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFNmNHFrdDlpb05EQlE0 -ZVhqcGpqNFY4M1Y3aHVlTUNOdnJ4VktxbFZobHcKTWd0emd6RFMxY25kbDlNM2I3 -Sy91ZVlOVkl6V3JqTFBuekFLMUs4NjYycwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -aWFYT1A0MDBSMHpzb3YrNXNHNjc4dUtoNkZ1RHlSL0tWV3RscTlocUd3NApMT0FS -MFZIVytLeGF1WDRKN0ZydEltVkxmaWF3TVdWV1FraTcwd0xzODVvCi0+IGY7cUxl -Ni1ncmVhc2UgOUwtR28geWMkcTwibyB0LVU/Qyt5SiBZNzxsYEJEQAowTUVXa0Yx -ZStNYWIwdzI0bXo2R1NWTURCMVVRK1F3WW1QcwotLS0geFBtNS9vMlE1V2Npb2lh -KzgzWkcrNS9SRG1ZeC8zdUhQbkludVJwbVc3QQo1QQm19YZ6VMz/+vhRhATkrYwD -KP/ZH7wMl9n40mzx5U1g87ERd3zoDyirTsgMn1N05fpnW24a71FKddHpDUuFc7Fx -xLc0Xst+uuSD8lj8H309fBBLn6yfvq4vu+/XNqsUvTwkBVFRN6EkWTr0XoFTBrlr -AwkEzL2hvC8Gt5U2sjNkJR9GLSZhwOFwTrFMZRW6ZcR42o+6GRUtFmRX7iUMKJ6a -2LIn3i7Qlc8pkvtEWB8yHQ8iLxa0SbWPKWnMcTV8LK/JvhSebBHxx35AhbjZAwc1 -oLmichP61qIGUGb3r3Y5U1C7dWpAwMp12Z2efk1uOfO8QzM1GYqIRvsXSPzfB80w -OCdnZez4iEIvxslbcLSRNZn1R8mwj5deMK4ZfU+26khzqBAtrjAA+tlCtViGKqUE -e7eOBujnBz67YbUYFyepBd8UfDsqM9jtl3PW07Bgvi1MJY0S2dzopgTlzYnS3PNS -8xyLi7Z/McMmHg5RZs2jKHScQlcs/+Y5y000UiqtWy2UmoY6zYwGW08eqgZLZKDS -QYY/0MHWQGO469J3uNdCx6qkzPygWchlGEKpxA== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2lio.age b/common/secrets/secrets/nix2lio.age deleted file mode 100644 index 1ea57d4..0000000 --- a/common/secrets/secrets/nix2lio.age +++ /dev/null @@ -1,50 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB3dHp2 -QS9lSENJbC9VR1RpaWYyRG1KQWFXVGFsYTJyU3VqNCtub2RYMkRvCk5pMitVV2xZ -Y3hqTU9jSllaVXFReklodnVpUVVHeENpdGpBaTc2ZHN5Mm8KLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIHhIMGkwQmxYZjdBdFk3Wi9BQm12Qkh5NmExNklZbnVsZTdoZVI2 -bk9rSFkKMjZGc1o2SER1d24vVjcxVktjZmc2NXlJand1WE9zZDFZVG1WS1dNY1NG -cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgSEZhMldYaEFyUktESkttclBUV3JlSldl -UzQ0T3MrdzNmS2ZJWndVMTJTYwpoazNQMUt3d1A0ZHV0bC84b282R0NlRzhuQTE0 -V1M2QVp2NXdVWTVpelp3Ci0+IHNzaC1lZDI1NTE5IEJZS0crdyBKRUhKZTgwSnc1 -YkJlb3FLdkxRdFNRK3gvTDVzM2RnRDdqT1g4b21pNnlJCmFwK0pGNWR6M3BNRmF3 -aVRHRlVrZzZ5NlgydG5VTkRqTkVnOFZLVmlaelkKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIGRrS3AzeE9jR05udXZVczdvaElkT2NFWkhyMGRLM1VRVmE3d0Jpek1DbG8K -UHNJYlFrME5FWmtoT3JZa042N0pzRlFESGl4U0dJNGtmT1Fad0J3VGdkbwotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgaGd3SVN2MHZlQlhFaFFCRjR5eVV3Wk5LTE1PTHVO -S1pFK29GRXRhcC9SawpRTE5BcTRIMFE3Y3NTZEtwa1V1cUlodzBXb3dUODJ5ZEVV -eEdPdjRGcDNJCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNanV1Qkk3THV6SVZCOEUz -Q0NBSW16dTMzdWtpa29ncTRmd0o3eUVKb1dVCmFzd20wa29HVkRRRjhZMkFaSGtL -Z2M1SzRPNHdRMG10MFZQYTRtRGZDZ28KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHcz -UUlraHJNd3QwMC9Ta3cxekVCYWJrQit0QWhuSWkwenp6OUdBRG9oVXcKQk84OFpt -S0RqcGsvN1FMMy9SaWpnTVlwT0VsMGltMzdueVlISWZDblJiMAotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgMVA0RzFwQ21YNVVBdlRuNWhRVjhaVEk2MkxmU21IeXp0VFNM -U0RYN1pBawpiMWJCV0JUMFZNVWxROFByNXBBSzV5LzlxTmJxd211OHI2VGw4RTdJ -WEZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBkU3RiRThocHh5QjRKSzJ5cVVIZlRU -NlJ2VTByL0VQZU9DLzhPN1ZxVmtRCldWTkx6Ty8rbHFDT0RpNER2MVA1dVFiT2ND -bzBsbHZ5d3hzaWlRM0VyYW8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHFrNVRPQmta -L3YwZjZ0MTNrK3lWeWdCRmF4MmdFMmszeTRlT09uVDlkVE0KYjlINldYK0VuNjBa -NVY1bFg4VkdyQU9DRk4yNHpGREs5cWthMzBad2hwOAotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgU1ZRclhTL2FkU09HcEtiNkY3OUo3Mmw5bUMwdisyL3JoMG9tSG00SGZR -VQpMZ0NvYXh5N0gySHBMZnF3MC9oc1g5cC82Si9ybjh2ZW9XRlN1SkY5RXdFCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBUZTJXY1Z4a3RSNnRvaHFhbC9BTlNvWVRIazVE -QVU2RTVrcU9NRDNERXhrCkdmbHJYM2xSUFM5TEs1Q0xnQkgrRnNzQndDRWlXQ05o -MWdRRU9xQlhuNVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE5tZVV3aUhlWEZkeHFs -SUpTU013RmcwZzc2SlBlZlA0RERnTDg4SmVVVXMKbS9LZHlaNlRJV3dPRjFzMTha -bU80WXR0SkRINGRxc2NXQVo4N2xqZXhDMAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -SUtVNWZjY3o1UkJvbFZ5WStqWG9IMjMyUmRYL3FYbXRPOG94ckM0TUxVWQo1MFRE -VUU5Wm1NZGQ3MFpRa3BBcWx0Kzd2UlMvOEM4Z1NoOFFYSWNLOWFFCi0+IHAmdml2 -V3NCLWdyZWFzZSBKKCklSyNAaSBSCnowSWtOYndCZmNoZ2gyYjNMejJpbHpNekZ6 -OStGcGFTVGJYeURqK0xYaUpkbFdLR01WdkRlMmY5UlIwVEQxYnUKLzNGUGJaUWhR -T2hwc1RXS0pzUi9KUi9QRkdzVmRKYnJVMS9pN0pMdTZIck93d2JmSFhNCi0tLSB4 -K2RSaVBENkNwY3hWbFFJRzRMYVZSY0pXTFI3MENkMVVzRTJoYmdNN1JVCv7Oz2Fi -S5/m0Lpgzb8jvETd0PIqOImElU7dg60vsww+++Ci7oo1Qw9l/bNdqOhIi4FjsGJp -vQZz6OsqpvF7Ou+YauUvdx6STlnkwrh9J7BVSkG++oduf16bTsV1rqSE/e3hHe2I -6rPv29MFmOxd3Ym4g+RAni/Ib/Ti7MdJJ3GDxOozAlHJrymtZ5NNa21UipoQpeWr -QauxkectXbeVZ8dsss+1sPI/z0CYFHhsEyiKGzZv6LFkdERuTGRmLHfYEwpCeeuZ -nJg5ztWBmvbwmbnbv4hbRaDNf5lpZA/sJV7OuJ/1iX2yuhBywI3808ioFtq3vScr -uUusVwaktQTpoj7yr1OuUltgeuALegw/DwnzZE9mNpGtUjbIbMmq/vJYhH3rC1wv -f2NuCvUN9GvWDt4IQkWDw7m3W6DUaNhoHE5NwcZ8GdScQ2j6IlEEdDAZ/da2Cm4B -o/heA/LGRkgwldpABIVdp2rZAsoU07SgENteaWTk281yBBbiG/QxTHFzgxw0wNjo -ShrXQQMnXWC2Fdz8ogj0RLesMsfjRnEIRwexxNLf0ihBwvet+JxKD6hL ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2nix.age b/common/secrets/secrets/nix2nix.age deleted file mode 100644 index 4877bbb..0000000 --- a/common/secrets/secrets/nix2nix.age +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBiSHRC -QUVCMnBYdDJXUjgweVNiQ1loTlkxMWxjV3haODdWeFFOOXVrb0NrCkVZRzZYZVNR -RkRBTlRtOFhLZUkxRnM0UmR6S3hzdTcvUGwvV083RU5Hc1UKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIG1HWmhGSG9ZQmNoWEZvWDBta3V0L1I0cTE3c1orMlp3ZTI0OW5F -TDBaeUkKSWFjSlQrdGtnVlVzNWp3VHBhcm05QTNKZUZrK0g5RWRJY1ROWHYrUWpY -TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR09DZnpLcW04TkpDa1crTHg4RG1FdmJh -T2V2VGJhWC94cm9IbWY3bmtrWQpmSGMrRHdreDNXOUlZRXdUQ3IzU3dMOVU4c2hH -YlpTMHdBZkxKcWJrMjBRCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBaZ0RPdUhTV29y -QXN5N04vU2gwc0VEdzUyNDdBMU55VHZmK2Fjc0N1bTFvClRDY0hoRDRsd3ZSSlVr -RlJHR2VHbGxZYlRKK0hkV2lYWXFMUEM2UzZYUW8KLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIFBqUlZoWW9oMWtoM00yU2oybzNuTXFvYXJjS3I0MHpFN3owUWZtQWdrRWcK -S0RGOU9jUFJxY0ZmWFJmaU9GaFNjNjhSZk84MFRmcE12SjliSmpEMWpFcwotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgZ3A0NUtnS0JMN1dINStSOUlNSitxWWZRaEk1Qld0 -aXp1V3Z3dVM1TUcxcwo1cENLMTNiSlJkeHNNamQyMGFvQ3FWNHBJYVVNSzhVdE9P -MkZVWnJmeWI4Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBObzFBR1pKbTdpVlIvMWpa -bWlxd2Uwb01KYkZtMmhXRmZCRlgySW82bERNCk9kaDlRV0JxRDRvdTlxWU1xM1hF -YUtnL2lKQTQ5T0dFdEEvT2hTaXdmbVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIC8w -d1hwSEw0Rkg1RE10Nm9oUlk5a1hKS1dJdGNyTHV3anhtcU9Ob0EwWG8KNXNHeWxp -Q296SjRsR1lSQmpDU1JCbngrVWQ1M2NNOGhLdkQ5REQ5dkFiUQotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgM1FWOGVtdzVERTl1dXpzYndmbGd2c0w0a1phczlaZy9wSzZw -Z20wZFpXTQp2azFzbkVDeWR3eFFhZTloRFlhK3c1Z01vaXdGYkVBNit0QWErRVNL -MWdRCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBmMG0wRHJDVzJBU1ZoRFRzdlRvOWZi -TDM0VWpKcUY4V3EyTzlBbWZlOWlZCmI3VHlqYitMODE1LzUvWkhoODl1WVVCM3hl -YWg2WWFlUUhkQ0lvbXovVTQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJON3RGNDYy -Sk82TnNwUHhOYVE0WGoxTFdIUXAwSlROMkl6YWVEYk5tMkUKd3M3VzA4dWVoVVZH -VW9zcHd5cEtadUJMWTJacFhkcUkwNDcyT2xHNUxBOAotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgbGdIakg4b1JzMkgybmpScFE4bmFreTF6ck9aM0hXbm1nYXl1V09CUVBq -OApLaGJHdEpjUEdjNVJEQXZvOUVxcllEckxmWVdCVkJPeXFDVnQ1cFI3cEE0Ci0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSB0NXNaZEtyQk1SMm93b2t6OGp1OHRUWXZwdWpa -Z21sVlJ0QmM3bW55MUdnCnZCRlVCdWRqN0hIVHRIWVBIYUdvTGYzWUxpRHY4WVZ6 -MFlXcUk5anlrMGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIG5TTllCeWJtUkpTbVpQ -NzF4S1lIWk41aHR1Skw3ZDJxSnBhZ2NHNTdra1kKRW8yeit2SDA2S2xCU1pueHlY -NXo5WVIxaDBiS3dFMURkbnBQM3M5V09hQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -K1pUM1pkWDIrd3djSThuNVFrTlBQQ2pOa0ZIRHRLZERnV2xkRitWNXBHNAozZjZs -MXhvUWM0elJkdEw3MlcvU2xBUXU5VThMVFB5NUZmTnhsVDBncVBBCi0+IHFjeUMt -Z3JlYXNlIGU3KmRuajM7IDZWCjJ0TWVnSmZRYy9aK3RSNWludGI4emdrSU9KV1dw -OUtYK3NUZldNcFZid2ZZMzRPZlFKRCtZbitPZ3hMV3FZaDAKdjJjeEVWUjc4Q1pk -L2tuSUZ0cVFDQ1YzOWxHdWVoT1hZQ2IyNW5XMEJ1UmJDckdTTzY2TnZmNGIwRy9H -S3JWbQoKLS0tIHVNQTFWNkhLMlVMMCtPU1plSVVBQ0FtZGlKNktSbXJKMjlsaVJx -L2RkNmMKL4QzBzzSOYmRx+8QC3YrvNX3hbfvPPP5gp2kfFK0clqTId3/UZu4qkOt -jUlhRTRWqv+ggJAHjyBCIPQP3BgHb6EDH0B2+ZaE/fXepvIaPnvInIoc+W7Dr8wA -JqgeDOtBWwuKKonGvPcATT3URZ8i5oGGHbyYGyQmeDjw7XdOQU78n8/sgm9bvOPK -woEE1G5tBvOXPWZXxgIlb01J/1LxLhmk7mmB5hyGgzG1kXyDHxcNmSytWNLe/6ly -v9mZSXAT97PPLJJcdwzd57tDav7yXXiNq8Wg5jxZR+YtyhmDX5BHcw/0nJr6CU0R -8bAsraBf1+zUoGYG0XKnqSCCb0Ky8rZYtG+KlN/aFRJ4T2RgLVIzncRvzL3evOa1 -52POfhB26YyMdV2kQ82V5UJXEFHkjdjwixp7n5jxg3MKxZlCumyPCuUe11W9tRtV -UQPNxdhgOH8GZAm8m6JxECtJ3Xx3XpGG5nZSLPCDoIQnetqShb1vyc06AQKMdUnP -FBXj0edHQE1DRQoVtcSq1+1v7CmLb4iR7yFGgbiuuRzyn2I2YNX6jxsn+u8z/roD -jvGrIE8= ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2oracle.age b/common/secrets/secrets/nix2oracle.age deleted file mode 100644 index a25f102..0000000 --- a/common/secrets/secrets/nix2oracle.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrU045 -Mk9iL1AzbG5LK1dKZEtTK1BENmZqc2wzWTdhMU9lL0NscXpJQ1dZCm5VWTh4eCtK -QWhVRjU3c3NXOElYQVh5RUZUQy9jcVA1NG9EZEhpKzZLUEkKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIElhTGVrcnk5emJ0ME1hU2xXOTMyTEIxV1l0TVFrc3ppQjc1VTNU -TmJyaFUKVlJrSVhCcm4xbHhwWUx5TXhlbTBwNzBoN21hcU1hVVZHeTNibUVSZXB6 -VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgOFRvYXZFZjZJcXRsbUJUQ3U3Q3lLK3U4 -OEhiYWxqckMrZEszMXI1SStYOApzN3NCQ2U3TTkxVzB5dEUwWXA0dDMxblVEV3E3 -MXNXQVpKSURyV2ZmNDVZCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBJNUdKOGFDSHd5 -VDUrL3VSeEY3NWNoZlFWS3pvZnRBSjRIZEJnYzBSQ1h3CnpERHlkYXJsTCtUV2Y0 -RVN5NDB4UWF3Vm1pdzN0OHFuZ3ZRK0Fnd0V1cW8KLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIDU0aFQrN1pydWd0bkJLaE5KUTNyWU5Vak1tTlhKTDNHWHBJQ3ZSK0VNWFEK -UDkyTkFoSG5aL2tBTmxESWVpWXRpbWtTeEY1L0JZSmlEdVlRekN4ZmdxTQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgUXRLZjg3UStKMm9MNzFrcTVaVzhMR25DVk9oMGdP -UzErclNkQnhiRnNnawpRY01QWnhFQnFqT1AwcDIyeDZiaG4yeVBzaUptQ2RMeWxz -QkhyMDJnU3hrCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSArWjA3RVlZL2lyVjRFR2Zr -b1FIK2Y4dlhUejN5Nm42VWV3Nmp4cTB0T2dnCmNXZ0d0V2R0RnZHNGliZ0pwNkEv -a2Y4UHlmRnpOZ0dLZGIzTXJ0eWx0K00KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIERw -MkNqci80MXZibkF0Rk02YjBqalhhMmUxelJubWdQMG9mZE9lRzhXbVkKeURhVlhU -bVZDd0l2bFlKVjBKYmZkdHk0OFFNNTM2YlNYWG1SS3pXS1V3NAotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgdnQrOCtiYWJrU3lveStlRzJrYWE0SEVHUEsrcm4xa0ZZNTA0 -UTZ4dWFBZwo3M0QzZEpFV1BFdGh4RC9DZ1l2M1FRWEdzZUtjbnN4cFRveE9KWU5W -NVFNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBSU1ZSd3Q3c1NWVUQyNTczMHBqMDVp -SUowUkhwTEMraWZZS1l4Nlk1eFJVClBjcVYyUndxdjM4ekIxOS90KzNHMXVPQ25Z -UlB1SW9BQzhyVHJnSU5TUG8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDB0WkxkYjBF -cVBuVFpiUFhmcGxwNW9BWmRzTU10R0prMmZsVVk2TWR3V1EKTHdySU8xK21hMzJ0 -c2NOZ0NSdHUzSHpnVWE0WU1DZXFjSjBXbHhvd1JDZwotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgbGFyTzdIaWF2b0w4QlVVUVFyNnNSMklzVGNhM2Rka2FDNm16S0R0MTIx -SQo4bkQ1cWtEVURORTcyREtDdUVPM3p6aFQ4ZVBXNWpCcXhUS1lOcG5tTUFVCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBDenFma2swTUdNalVpalVRT3ZCU2NyMlBOb2o0 -V0tCQ1gycmRoek5oMFVnCmNCRUlxU0F0ZmZyOXFLY0I2QXpuSTVqRUEvSHBHaHBF -SENVeDIxcU94Qk0KLT4gc3NoLWVkMjU1MTkga0hrMmdBIGRjYldMZndtVGRuMHIv -Q2RZNjlwVFkxS0xRQUpselRtS0l1MnNDLzhlR2cKSnF6MEdZRFhFOWtzUzlVZWEz -SlpHZzYySEpEVW5TOCtiZTJIYWdLL3dYYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -bThlZVZ4Q2s1OEFWbGNqSHRIQUpxYUNEZzFzNE5qejVnTUs2djFOYjFHUQo1T2lP -aktEaGFOYkw4T3JsVmIvTGp2WVE1dkxSczgzcjNaZDllaHRyVU1jCi0+IGo8IWFS -RS1ncmVhc2UgNHtmWAp1dVJtdTRlMFROaHVzVGx4UkEwcGJycitqSTFvbVFFOWl2 -ZGZVWHFHMjUwTEljRnlDVUpMK0lBQ1Npc3VRMW1uCjRDVXRhdDRRRG93Ci0tLSBa -U2JtM1c4dDd4OHBwK21jNXNqTFdDQ08xTXdWS2xLbjc3dllsUDE4MUpnCheeS5Ao -jdiBXm9dtTEcTgilutkhBaP6NL2MI7TCkratQvinVxVFc3A2XXGD1Dp+/YGhHMx9 -x0l5flisRyCK3Xz8WJWbVi1VZ6DuGaossLHxfIeVWQhzGGlX/4Xu2Ly26BpTDLmi -OpZ4WLHy3kMmt7VOon1xQmlZv7NBj4R4/u7QdPnIt60BwoDF6dGUEVBk/AcRnF2P -23fA0ZlpmSCRCfyMwgdo7TXMq72w/VL4y50y0H1lgexGwsgtOwWsj0HeOxwleSCS -3vHozKZd61AF898IIJh8/YW/A2AQkD0V+BN5Yn9A5PpN7HEQ2cQtsU2KB2LY7Ws8 -/l2diGyNu8V7CmONQh5Rjg5ON0Vj4xMpmsSQO9VyGzwVzkwXPpYadLYF82xP20UR -IieybEz/3n6ihpDPJ3aJ6JN31lZJnCmFkQ2sgvizuxwQnIpuN5nVav8laq4Xjm04 -55r37ZJG4SQUzOMjYdnViq6B/LMslVf3B80vMKXlm/lc8cXXQ5ZErcKJs7WsKD10 -GsAE+kvrxpwBDykMNwluExFxYACp1a+1bZZuzdRITMEstbWQgBK36s/e ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2oren.age b/common/secrets/secrets/nix2oren.age deleted file mode 100644 index a4d820f..0000000 --- a/common/secrets/secrets/nix2oren.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBpSGZS -bkFWQXAyazF5empVcGtuQ3NIQkpBK0RWWnI3WG9vOTdQMW9SNlh3Ck94MlNBSjRS -NTA3ZjAzZXJtTk5WaTFUd0VYWFFseUVTOFF2aUFmaUtCbU0KLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIFZHS0Mvd2NUSHk0TnRFSWhmTk5VSm9LSnI4cE80OXpYMzJKbzV3 -UDdtZ2cKeTlsTGhmazNycElZLzN3R1FZcWdpK1Z4SGRPbGNKcjJzTnlXZFBJSTJl -UQotPiBzc2gtZWQyNTUxOSBTcENqQlEga09qRnptd0dqN1ByU2JZL1JuMTVJNlNY -eGYvRG96RXhtZFhxN2lpbWZXOApTYnNOYUkxWmMwZjlOMHJzZjdkajJHTHprbXlV -aUFZOWtOT2dMY3MzYWFVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2bnBFcnE5T2Jh -bmc2dmRQRUdDL0crYXl3ZTI1RkFDSkw5N3VxT2k0Z0dJCkpsdnFjN2xQeXBnQmVx -RlhTd3hudUNyMzQ4WlN1SGZvRldNNlBFV0ZlaTAKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIExzZGsvbmQ5NWRHdi9iSmVxVG0zbHg3T2V1NGFqREg1V0YyS2Y2bVNsaTAK -UUNicjhwajgvckxIblMzNk9HUDhLNTFBSmpMdzN4VkpoVjMybWVIc2hpZwotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgNnJiMnVQcUd6aUVzblZMN3cwM3VoZXZRd2xaRlgr -SmpqYm52OXozZnZodwpKMFdsMVl2Zm9qNkIzOU1MM2dmWGRJTFd3bzMwWTVBdDNP -L05HUEpxRktFCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBUbW5pRVFHaUFlQ2JKZEEw -RDJxUVhiRUxxMGNkczgzUGlBVmtiTDQ0RG1JCnhjZVdlcW1LYkZyOXBqSithVXI5 -YytEYmltaFdLYkl1Uy9IV0xTcVR2YlEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIE4r -ZC91UURXRHFUWEM2OTJMWjRuUTBDUzZyZjR0MTdlMGJ5NHBBV2lBbDgKcEN0dXln -Z292L25SejhhVjAwdEthdTkrSVo1NzloSWlpQm5IeEgyeVQrbwotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgTFpMWnlXY1czQWpIdFl6SXpHeHg1K3hEeTBYdUxnREFmL2RF -NUhFRENpWQo4ZUswdFVMZXdnMGE3ODZTRFdOc2hBdzVMQllvczMvZk04QnRoWDVI -ME1jCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBUejNUVWEvWm8zSVFSRkFpQ2tIM3Vs -UFdTVlBhR3dIL2x4aDZvNUJWd0JVCldXQjRVY0g4KzRhTVRYdzZoRWZPbGlPSDA3 -cUhNTVJVZmpLTmxwN1UwN1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJTb3dMQUpW -b1htTm1JQlV2TDBXcGk5RzR2ay9JZ2NwSXpWUFlNeW1PVWMKTjV0S2JSd0dhTm02 -VzFzOUZmbXk4d2RweDRtREppZ2NaUmdXZXFQT2xPZwotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgYTlGK3NsUUpJeW51SXFSaWRZMktZY1JVSWR1RHdxMkVCZ3JpOG5VeThI -VQpmL2pER3pkVVpRMG4yUkpoNmZCb2NzMjBqcm9mWUtpd2JYVE9PR1N4S29zCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBqcjhlR0ZQK1V0eFJINm1uUzRRTzBJZ2xnUk5S -b1BzTUVJdmoyWkVNNVVnCkZZM21DRkR3eDdWSHRtNTQ1WFF5K0hxMk1vMmd1MUJK -ejl2dW1keFhuWHcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpTM2NuU2RFVUJVcDB5 -REI4VE9LQzk5UEJVZEE3NTliNGRlVDhQSHZobWsKVlQwWU52cGErRHlMSUs5SllW -YWZtZWI5SXJoSFk4UGxHVFFqOHJqQjhaYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -MFAxUXVaZXM3ckZHbWxhY090T1UzaTZpQTRqZXMvaG5VYTl4U2ZYRThEdwpNa25V -cXp5Wk5WOEdjdGFWck5Qc1hjRitRMWdXd09CVGc3RDhxSVhlZkFZCi0+IDUxdmZm -LWdyZWFzZSAqcik9QzxMXSB+UTsgX0hDCmxiUXF0YnRnamt1RC9IaDRkYnFsSHYx -QkhRUU40TkI3MVFVSlN6WDJVY05KNDN3cGg3R0lVSDk4WGNQM2NFMEIKcncKLS0t -IE12R3FidXBvMFlMSkl3MkJleHgwOXB3Y1BhaGs4QlBPaTY3aTZBSUtwYW8KBn0h -p0tQ4FYu7/wPAIJc1Ful9XEfvky2NA1q4xI/gtfeaXvUY1tS5IeVkTQwfEsb6uCa -2m/MRGsWSmfBYHPzBtl/eHNODZ7EHECHjVpq/i0BLOH5a/GJ1lAImY8MDT/1dd6S -iqJPUTOWgH+mczo6BMsQBBmfg987oI/WRMeMAr0xZeFbunSw8yglLbopkFY1sv0V -OgBBUFj06tBhYBivB42fmaFSO/bTYkwD6FSzCfUGSG0p8PPaMIPPF1MU9xtgjW5A -PkN3OGeTDrDJ6AnVjTY64nzSEwILPRoSKXfErEX7Q3oEzSgIdzCVKUqt+Z9S8do1 -Huc3JOc7ZxxotGr9AHPPGYxT6hgkxxQOIrw6W03wnj6oS2XsFoU3X7uATZP5hc8o -p2W0knCKHPjqxb0cCZORSdae3FOQpF3RY3hFOIHTHqR3dfl//D/OdW+9+qZx47JW -hoXDNmdrBjUXW6t/i/rRhcoocomUxo/rLbxdE+/JP86Yg0pb0fPEP6zCMHJusuHo -EojSeWMeRHZ+cF61ee1+8cHGrvXcShJ7uicIXRTFdbdclfM10to7cijub+U= ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2t.age b/common/secrets/secrets/nix2t.age deleted file mode 100644 index 843600e..0000000 --- a/common/secrets/secrets/nix2t.age +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBVUy9q -SDc5SjNYT3djMmVnbmZrSkpDQlQ5VmJQZlFzaUhJS1hja3R0bEV3CnMvK2NKd05q -OUltdUUzWlFUZkhMa3c1UkdaVm1aQlk3MmtGalFsV1dRWkEKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIEh1VWxrNnZoN0tabE85NTJuUFVmTGw0c09IVWI1Q3Ird3BWb0p1 -ZSt4eVEKWWlFMzc2SzVwRE5CNVk1N3haRW9UTGpMdjk2d2cxa3BQOUFrSTk1MmtW -OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgVHRUTnhwckpoVEFpMUxWbk1yekRDTzA1 -WWZvSXpDZWxEaCtDVHNKVENpMApncXZIY3ZFbHJxY3VkTGVsclBTQ09jaWxRdDdO -VEsxdmFKYWNEdkUvT29FCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2ZUhRa3o1V20r -a2tQNmQrYk9wemFhNytRY3FuOTFmMmRad0FNNXExWEQwCmp1RjFDS0xwSGtHQUUy -RDlWVVdxWjhvRGVEeHo4TEdzT1JSRmIxcDgrZU0KLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIDZYYXVwaWdrTTBKYlZhQk9STGNPV3ZqeW5yZDVpcFUxSTVsNW9JcXF6eTAK -VEk2Skk3bFdtWEhoaDllYjloQkcyT2tUaTFtdHYvcFQyalpuaTFac29FWQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgS1I0NWdPY3ZSU2xENDFFeEVtNVU4dkdGRVVkUWYw -bjhYWlNXMm9jU0UwdwpPQU5KMTVuODVhUzFxWnIzclhCU05mMnU0R3FtanVxK0xn -VFFJSTFvWHA0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBhSStkek51ZWQ4a1dVaG9w -TFN3Vm5oMUwraUx3MFR4bXVnenpPNE0xVmdjCjhORitCVU9nRWpQNERDMElBZk94 -a09LMHFhM2V1dDZvamltUnY4TENqYnMKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHVP -SCtCUWc1N3E5Zzd3aHllS0owQ2d3anhSYnRFOWh4SlgyOG5ZWFlJbEkKNHVzMjZD -T3QvYXZPaTU1SDNCTnNFNlRtRFpSZy9wQ1F6WkNxNUg2bCtDVQotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgYVdKNk41MGxMMXl6SkNWVmdsREhTeFJ6RTJzdkxTcWhtY3NT -bXYzTnRnZwpnaXBHKzNYYzNDd0ErbDhBNEVOZ1FWcFJZT09TY3FBanZIRU9nTldu -L293Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBWSUFiQjBLVjVjdUdIdUR2b1Q3LzJJ -c01VMS8yZWJxQkN5bXVuNjhXUkFzClpuT2k5aFFWQjNsNjlNSHc0Q2xZWFdDeGxY -V2ZBNDNYN3lsZlFrTUkvNmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDBrYkk1akZE -NFc0UUsrV1RlbW02NU9ZTlcyRGRMUGVmOWtwOW9VaXY4U1UKeklYZUdtci8xYzg5 -Rnc0V1M4QktScUVwSG1JcnprT2pMdDJWYVJmVTdDcwotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgQzdTcmtaZER3Zk40OVFpRU9pTDhqTHBFWTA4SS9NY0g1RE10ejJtdjlU -RQptZ3FQMmNnYzBEc3BpUDdNYTg4U3U1SFhDb05KdnIzV0VzT3pXT1psOVE0Ci0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBzRko3NGlWUmpDb1U0WXpKN0lraDYzTWlIYTFj -OStWa2NzMEQvNzN0UlFRCk1LeUZSVFdPa3NpY2M1eUIxRHhqV1BFNlpjN2Ntb2Rq -dkFveVdxRFpod2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEEzOTVLTzg3d0ZYaTgz -TXdJYkZlcVVqQm5KaXVDaEZlbWw5OU1jNkw0eFEKVjZra3dac0NUQ2pBZnRFMGND -Qm8wbkdVQytxQnpGSzNjSjJtVTk2dEhSSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -UVpVWHV2OWdWYnhydTJZODRzVEdWQVhFODFQWFVVSWw5NWJocXduY2hDMApnUDNM -UXkxL2NTQWVVeUdkeHdHbnE4cFJXMExLK0IxWUxlQlBFVlllOWVZCi0+ICozLWdy -ZWFzZSBgS1gtOiBuK18KbThIa1FGM25sc0o1UU1yWlFoY20vNS9oRGdpQmQxWXBr -cnVwaHd1cDgwdGpGQkQrREs4dwotLS0gUHRYWjF4OUV4NVhESlo3LytqdzVOTHNU -Z1ROdmJ4SHkyZGhzQlJXeWw4MApz+OC1nGrL+AgkWWYC3bYmEZ4WE7wUiBGSQjuu -MFlv1EBOveOzJ9eKKdR+zOl0Zo+pL6TrUUju6iaIvPd16x8NBiiDGmiAkpM9qcQv -CG/KFcP5kq5Ddx9rGqvOTn8YTk7Se10BmBEduERWtSuv6yEngrAJzF1QaeBM2PXH -+TxPlblCbiE3g9Dk6c+0S74izVAz+1cD8Lwx7n/7DX6gHtIoSMIDi38mfy9baZdl -Zcaw8Nr/wgBT61U2ywXGc9h50Jec1zUXfBEdLZQCFNpnZjntxh+obvdM43HJzRkz -sF9UXXWrvQrP21xxxa1wYy2UNANAHqMegUVNIZZfncF0lnA38sJDX8nsYKaIsnce -CnacNDrf2gpZkk6Ml5Pjcc85B1dE3DOrogg/Dq84c+JtN9r5N3mrzBHeg4xc8dOX -GGq1+9a4w/w2CvvoRbFXxSxo7a/B73oeNggsHCcZ+o2CG/eR1mDNznU6XSW/1dMg -FnEBJB4vAG/fejLMHHWNb4bfa89Oba7wN2oHKm41cf+JWHJ0/Thn1k6DzcWRoHtc -kJS1Zr8mQw== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/oauth2_proxy_key_file.age b/common/secrets/secrets/oauth2_proxy_key_file.age deleted file mode 100644 index d5a36a9..0000000 --- a/common/secrets/secrets/oauth2_proxy_key_file.age +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1QW9y -bVYrZzh3ZDJRaUJOdEZRcGVhNUNvNG1JbENuVVJVcXFPbXVmNVNnCmZCenlWMVRY -YkgwRXpwYmQ4NmNrUkZQNitRM21FbzA3Z0x0TzBZVGxsa2sKLT4gc3NoLWVkMjU1 -MTkgcGVGQlFnIDBsYW5qa09pNnptSk9rTndaZ2ZFQWs2cTlUdkp0S2k1TkFiNHFh -bG1zVkUKYXlRdTBVMGpOcEQ2bDN4Z2ZLbVFPZ1RBT0lmMitqRk5wdjF2bjJPRXRF -VQotPiBzc2gtZWQyNTUxOSA5di8ySEEgaFlLSm5Qd2dML2d6UVlJWEN0NHdiS2lp -WDNHeithZmg5ZFJjQ3BrV0pXYwpYdEFwR0J2RVJjaHJISHBMb3VxSlpTREVxcjEy -ZExZTUdocGNWcVJTb01FCi0+IDF7LWdyZWFzZQpFaGhVdVpjdVo1a2xXUjYwWUww -Z1hmUkorV2l3Rkt5MGFmUUczVVEKLS0tIHR4SzJCYTZOdFFERFRlS0QyV0tJeks3 -ZDNYS05jR1QvU3RhN2ZUd0dCODgKvyfa6+kFUuN2DAi1vb8vszdAw3Jlb9gLsdsM -6d7ILyLkmolgmpfpFwyzP5KVrYn8vkjuZDB6iJvAJjDgBhX9p4Bt7uSggNGz7O8z -7p3NsCdzLGHLygYok+D2TyupWiUs/YIyUx3rdjleO/QOiJlO8n63xx9hvp2A/25q -n6BvBLA0CuecVFs9pLC8a91VpTyZrI/f71lmS6wvpW3HwrRldDDCqzPB3UG3ceTz -9O0iCjST/c5ETO7HadKKT63aMALdHQYc3QMATxeMfwHlMmwf42Z4ON4d9A6q1CWO -hQ0LmyFhrg== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/obsidian_sync_env.age b/common/secrets/secrets/obsidian_sync_env.age deleted file mode 100644 index b35ab57..0000000 --- a/common/secrets/secrets/obsidian_sync_env.age +++ /dev/null @@ -1,43 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBsTGRH -YXJwM1JGbFY1c1dtV28xSlBYTWdObkJRUmdRVTROcm1hNlh4ZWlzClVEemdrc3ov -NzVqVFk0RjV2eVBCaVF6WUcrVWh2MWxpSjhyUWZsT0Y2ZVUKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIGFYWUZqRnhMdjVZQ3BsTXcxcXNaeWQ4YUZMRytSbm0xYXJpeXd1 -MWlNMlUKb3ZCOVdJRGF6V2xaOGUvKzV6N1FvYkJkVlo4VlZPeE9BYk9xYk9qbEF0 -dwotPiBzc2gtZWQyNTUxOSBTcENqQlEgTGFZbytBdXJjYWdRdHlrVE5vbGs5UzJp -dUkxUzk5QmlZR2lvQi9UYVpYNAozK1JwREZQaWxtYzhzUit1eHFldGJXbHNGdktH -SFFJcGJ3U21MQWx4M3FnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAxaTdFQ00xei9L -TEdCd216MGRXbmRrTEdvTVJwdEVmUlFLVGsxOXlJOUQ4CkdobFNlSTdHaFVMUU12 -VUhUdzlDWVMrZ0VaeVlmZlliZkhmbWhCU1RlSTQKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIHFJU2JRWEJrL0ljZkVSamwreW1KOTgwWGFkZ3lGWnFXY2tMVmZKclF6R28K -ZXlOOEdIanFUWEdGdys1R3RWNjNvWDY0RytSeXVmdEkyOWJuK09JNERKVQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgYU1pWk51WmZZMjJnaUpQdjJxdjA4VCtVQzhtS0N1 -U1A1aUJRYkY2S1kzawo0c3Vzb2EzZWVLV3NOVWJZc0tOMXNrd3ZscnFkeXpCcWRj -ZEZIWFFFSFQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSByWG96bDI0Sys5bEZVYzNk -RDg2eSt2d2Z1R25zVWsxWGhDTHBaNkJWdVNRCmRhK3M5Q3VZeVR0RkpGbVZmZHhz -ZlVqbWNaVmVxbTRrejNQUFVwRDlYU1kKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHE5 -blF5dTNhd1RIUTZTdCtIdXViaXN5VFg5Zy9paVdDT2ZhZktNTlpQaHcKM2cvQWJE -aUh5OWRmRTh5dmgxc3dMMlZZRlBJcWlTVnpCTTZnSUIvSVhCTQotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgQWRJTVQ3ODN5NmllaXRzL0Y1NE1jZ1NZNmJXUFJSUU9qRGFn -aTBKVzlETQptUHlNeDJxcW5qcWVxYVBpb3docHdjM0pyaXErTzdRMTFuQnJVZjhJ -akc4Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBMY1NDelF0NUlERjdFTWhwMGxJdnR3 -NzBQWG1tbHhEYmdwQWtYeHgyNVZ3CkNzR3JySUxPUXJTMVJ1R2ZRZHpkNjZLcEZU -U2pWaTIyS0lyTloyeDdGKzQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9QeWRVUXZE -NDNFS1Fmck5mRWc2bVlDeHh1VW11K1BONU9KSit0dkZCbTgKMmo0VVcyR09oeVBC -RkpyeFpOcVZUaitCL0pvclhmL2JLZE9nSFJYanJVOAotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgY1gxbkNxTEtXV2F3WWQraXJFMGkwQWZBazNKVTdNZTI3VG10L0hkTzN4 -YwpJcDYvRUxwQnVzSEVEbWNtOGVicm1aVURoZDBxR214dTUyVjdudjBjamFJCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBKcUs5TTE2Mk45SmgrWTRpMXZVb2YycCtldTRD -UWt5T0J2Q1NGRU5BVTJJCk5RYlFVMk1Jai9KYzhOQUtobGFnZlhaWmhQSGxFcmpY -aG01aXFGQ09PdGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIENnbEo4UXZWRldwcDZq -ank4aFlZa01KWTFURUo5ZXJ5aGMxcXNwTDM1R0kKcFJpN2QzcVdNcHJIbXIrMHF0 -Q1RROFV3NCt4RW1BVjVmVTV4U01OSW8zOAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -SGtkdTUrTDd2ZU0zeTR3L3VLbWlqWElRUlQ5QmxCcmNMWm9qMk41aUEyMApKSHF5 -VlpjUXRTQWJ2bmRhOTZ3Wk5DbktiVmpwaS9EQ0hEckordTFwSUhRCi0+IDVwSS1n -cmVhc2UgRVo1IEguX2EKa3p5cCt2WjYwWDB1TXNMeU9FTG1LRFQ1NTd6VlA3eDVU -Vys4NFRJckdVcVdialVKV2hyUk5uK0J6SkJTYzZHdApaZlkKLS0tIDMxSmJtLzZD -T0NQaWlEcVY0eTBFVVVKVUkwRnlNbDdnNEl4Qk5jY2FWNnMKUzvOMuRTZl8GtwWB -GUg2RISUPDZ3kmzzN6gUe2NlJfzSE/dW3zYuSZQ8qFXPLp6JTsJlfNmPqV4KTwOu -y0a1GymZ3/q29nOSIuAW9Dgi/t8yBpHnQn7hp1ptOM9KZBCrEqwY4j5q+uSwPQwY -R+vqTRjL3UA/z0Q= ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/openwebui_env.age b/common/secrets/secrets/openwebui_env.age deleted file mode 100644 index 66eee18..0000000 --- a/common/secrets/secrets/openwebui_env.age +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBORVRn -WmpIQStaRnV3QU9wMStQWHJMTklhb21nM3YyRE1xdWNxcWZEelRnCnZvckQ1K0hE -UkNyZGIvTFhpU1JtcXgzTy9QK2hhV2JYcm9nczJSbXgyS1kKLT4gc3NoLWVkMjU1 -MTkgcGVGQlFnIFU4QndCcjhFbG05M1prbGkwcFlYWU1WT1NkU3ZCZ09SQm9sMERC -OGZnMGMKbnBqNzd2dnBQT3R2YXBraEZKVFBJeHJXU1RhOWwwNHdGbC95TzhDM1g4 -MAotPiBzc2gtZWQyNTUxOSA5di8ySEEgOGdMRXZ4cnd0VFdxNlBHYlI0S2pCTkZo -dGtnUm4vaGFQanpKMFRjVjdHSQo1aStST0hFdkR4T0syekFZZXM1b1JBbXV4bFB0 -RVIyRG0raEZDVmt3L3owCi0+IGxLPUBZOS1ncmVhc2UgOyAqIH06U1EgQCRXdn1K -CnpSdjUwaDI1eWE3ckNBCi0tLSB2ZTJVTHphZVhBQndhUU1GZTYvYlFMT3h6cVRE -SzBoK2sySStmWm9SSnU4CjTkglKu9/CMRrbdagHF1uNxTOBSthOhyAgfcHLXHwXe -dtZiEnev479tMoIo2OXi5ODZpz1LTCkBMO0yRY6JlmNVlwpByNJkyij5bwXbUiPy -Mk9airOI/s5fIEIStb6ei8TMgy68trToK8JUmBtK8JzL9fkJDET9YyQh8N3BTUMR -8M2cUXX1qFjP7dyRDOQiq3LQEKpywUIuGNASDw== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/secrets.nix b/common/secrets/secrets/secrets.nix deleted file mode 100644 index 80c241c..0000000 --- a/common/secrets/secrets/secrets.nix +++ /dev/null @@ -1,138 +0,0 @@ -## To onboard a new machine, you must use a machine that is already onboarded, or the backup authority key saved in a secure location -## Once the new machine is setup at least once, then we can generate/fetch ssh keys from it and add to this list. Then rekey the secrets and commit the changes and pull down from the nix repo - -# System key: `cat /etc/ssh/ssh_host_ed25519_key.pub` -# -# from authority -# `nix run github:yaxitech/ragenix -- -i ~/.ssh/ragenix_authority --rules ~/.config/nixos-config/common/secrets/secrets.nix` <-r(eykey)|-e(edit) > - -let - authorityKey = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdG4tG18VeuEr/g4GM7HWUzHuUVcR9k6oS3TPBs4JRF authority" - ]; - - gpdPocket3 = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzAQ2Dzl8EvQtYLjEZS5K0bQeNop8QRkwrfxMkBagW2 root@gpdPocket3" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIr/aS0qyn5hCLR6wH1P2GhH3hGOqniewMkIseGZ23HB josh@gpdPocket3" - ]; - - lio = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGp6oInUcGVnDl5axV1EHflMfZUiHxtqNa4eAuye/av root@lio" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxNhtJNx/y4W54kAGmm2pF80l437z1RLWl/GTVKy0Pd josh@lio" - ]; - - joe = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4PwrrOuZJWRjlc2dKBUKKE4ybqifJeVOn7x9J5IxIS josh@joe" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+GYfPPKxR/18RdD736G7IQhImX/CYU3A+Gifud3CHg root@joe" - ]; - - oren = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7bNX7R9ApoX/cHdXIhQdpA2sHrC9ii6VAulboAIJM2 root@oren" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICauUtSa71+oQAiLxp3GMMbmNXcbr9Mc7eK8b/lqZbbS josh@oren" - ]; - - h001 = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGTAz6n35c3r8kSuWJM1JzMVx6jK+0EBwpJA5eTIvy3N root@h001" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICRHer3NrJiklp4oDNRCzDxc9fXpXn5rPAXGFce8ugy2 luser@h001" - ]; - - h002 = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9GW9W3DT9AqTonG5rDta3ziZdYOEEdukh2ErJfHxoP root@h002" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC60tzOVF0mcyfnYK2V/omzikuyE8Ol0K+yAjGxBV7q4 luser@h002" - ]; - - h003 = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHsV5r9sWYgrr9t9p12Epzm6WtxN/XsKSCb46+ODQvVT root@h003" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILQLt2Hc+CN6+e7/sf3Fv0FQlp6+yrIbIJ/J9AdnJCjI luser@h003" - ]; - - trustedKeys = authorityKey ++ gpdPocket3 ++ lio ++ joe ++ oren ++ h001 ++ h002 ++ h003; - - o001 = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrwvahx1x4rue28QHCzyADQndOeTESIv80f7d00NXWT root@o001" - ]; -in -{ - ## To make a new secret: - # - FIRST add file below that you want to create - # - cd to the secrets directory here - # - `ragenix --editor=vi -v -e FILE.age` add file below and in the ragenix.nix file - # - # TODO come up with a rotate method/encrypt the device keys better. This isn't very secure feeling to me the way I am doing this now. If anyone gains access to any one of my devices, then my secrets are no longer secret. This is not a good model. - - # Git keys - "nix2github.age" = { - publicKeys = trustedKeys; - }; - "nix2bitbucket.age" = { - publicKeys = trustedKeys; - }; - "nix2gitforgejo.age" = { - publicKeys = trustedKeys; - }; - "nix2gitjosh.age" = { - publicKeys = trustedKeys; - }; - "nix2nix.age" = { - publicKeys = trustedKeys; - }; - # Server keys - "nix2h001.age" = { - publicKeys = trustedKeys; - }; - "nix2h002.age" = { - publicKeys = trustedKeys; - }; - "nix2h003.age" = { - publicKeys = trustedKeys; - }; - "nix2joe.age" = { - publicKeys = trustedKeys; - }; - "nix2gpdPocket3.age" = { - publicKeys = trustedKeys; - }; - "nix2t.age" = { - publicKeys = trustedKeys; - }; - "nix2l002.age" = { - publicKeys = trustedKeys; - }; - "nix2linode.age" = { - publicKeys = trustedKeys; - }; - "nix2oracle.age" = { - publicKeys = trustedKeys; - }; - "nix2lio.age" = { - publicKeys = trustedKeys; - }; - "nix2oren.age" = { - publicKeys = trustedKeys; - }; - # Others - "github_read_token.age" = { - publicKeys = trustedKeys; - }; - "headscale_auth.age" = { - publicKeys = trustedKeys; - }; - "us_chi_wg.age" = { - publicKeys = trustedKeys; - }; - "zitadel_master_key.age" = { - publicKeys = authorityKey ++ h001; - }; - "oauth2_proxy_key_file.age" = { - publicKeys = authorityKey ++ h001; - }; - "openwebui_env.age" = { - publicKeys = authorityKey ++ h001; - }; - "vaultwarden_env.age" = { - publicKeys = authorityKey ++ o001; - }; - "linode_rw_domains.age" = { - publicKeys = trustedKeys; - }; -} diff --git a/common/secrets/secrets/us_chi_wg.age b/common/secrets/secrets/us_chi_wg.age deleted file mode 100644 index 94a440b..0000000 --- a/common/secrets/secrets/us_chi_wg.age +++ /dev/null @@ -1,46 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBFazhx -VVN3VXgrWXdWZzNwOHdIVzZSSTlRa2lEYjhXRzlCWXZhMmQ2QXdzCms5MmpGZ0hW -c3JYM25mNWliNHlxNG14ZHppcWU3QmhxVHVwS0QwaWNaN0kKLT4gc3NoLWVkMjU1 -MTkgSmh2TCtRIE5Cd0M1S0ZCWTVXZ2lLR3NzV2lTb3dubHRyQmlsMDF2TFZLM1B2 -bnBMaGMKSE9ad3BrSEF1T0g2bkN5SjAxOEdjSytIWGxSN0t4ZDlQSkpVRzE5ellm -QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgYllQVWlYUnZ2cjJ5N0t2WFJWMG5ReG03 -V3pkSzFEK2syRzd5R0NyVFdEdwpNODJLenpIZVByL0hPSEFFbG1FVnBpeU1relhl -R1dpamwwV1JoWG9CNmprCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFTSt3Z2UrQStY -Vk5LeXFETkdmeXdGSVcwTlA4bzJKK2poZFNUL1Qvb1NFClpIUHVWV3Q0RTViRzBI -aG5QTTZCazUralExS0NRUWF0cVNZTlZIaC9mQ0kKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIDF4Z1RmZkJrblIrQ1NqU0hDNWpPYS9sUUJJTWFQOGNJejduTkdLbFBJQ2MK -b3hXd09EaGNPaUQ5ZnIyNHlpK2hSWm5WV0lERm5xcWQxa3hGaDVTRzFYVQotPiBz -c2gtZWQyNTUxOSBSNSt4ZncgY09RbXM3WmlDMVVRMTdKRjN6aktFY20zNjJmMFBY -ajQ1VjRwQXVqRkN6WQpiaDdRNmtBUy8xMksyQld5bTMzTXlMVnhQQzU2a1RQdE5z -dGhpWWxXRThNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBTQzhUY01rOFlCV1ZQbGhJ -dGFTK00wZnNyRGVYNjQ5T3dtZENDSHpycUdzCjNZNVd5dWkrWG9lMWdhZVJQUE4w -SHl4dmpwU25PSDZWVkZUTjZtWmNhSjgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEFH -WmNFL1ZYazFZNVB0R1JYTFpBNk50U0VWazBhOGh2SDhHdGlwRWdSeHMKemUwNXN0 -aEdMdGJVZmdpWFN2Zm1BT2wrQzFBR0hIUi85ZHFSSVd3NklXMAotPiBzc2gtZWQy -NTUxOSB3ZHJaSkEgejVkVURQd3hrQ2pyMU9MVG9VTG9VZmtKbmtDZHU0RjdHM2lz -c2VTTy9FYwpUZTBkaU1rQmsxaWRzTjhvdis2VUZJV09Vb3g2VTNNVHN0Z1llazRL -U0VBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBrRXNWcHk2akc1bVZBbitQcUlLYU5B -cmRnSWM2dkVKU1p3dk1ueUo0bUc0CmEzdjF0dUgrOXhETWRDaGlDQU4zTWxXNXBS -TUs4V3U5VWNNczNTVDNLb00KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIERULzFFSERl -b2ZNa2tzSDhZbDVJb0RndDFBRzlBc2dxcWJMcmcrMFJUaDQKY25kejI4VDVrYkUx -OWo2M0hLRFBLNi9HeXc1elVVTTY5Q094RFUxQUlTUQotPiBzc2gtZWQyNTUxOSBw -ZUZCUWcgTlpTeVFPOUFMc0hNNkZJZGxJSVltS0JEVnFoRWNBWGpLUVNwR1pPZXlT -YwpUTjJPak8xTWtlUEdFNDZhMVBxWE5xMGZlUFFmQlpkWkh5UDdqeW1SeHlRCi0+ -IHNzaC1lZDI1NTE5IDl2LzJIQSBZVWtxQWNwcDdxMUdtSVNzT3hkNjMvVXUzd1Vp -bXp2YTVOOGFyMDJPV0dzClhkZXNpbGVLUGV4SE5CSDIzYTNRRkg0ZXh0MEdDNnhz -aEtReUJES3ZsbWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE1iRkpLbzJnZFVObkNQ -SzI5K3krcjJvMDNhRXduWFhXd2RWUDBTdWpVaHMKMnFlRGFsSnlTMStZbnhYeG5U -Yng1TXZOTSswc1FXY00wSTErUzNDTzhvawotPiBzc2gtZWQyNTUxOSBJb3NBQlEg -QVFhZlJhRjNsdndHa0RPaVJoYUMrNTRoY29iUWNXdXJvS0hBb3VMU0oydwp0dmdo -amFxNGJnanRCREt3ZFhld0M4UFk1WmM2RmJmVTY4b0g0RkJXYnJVCi0+IGgnMTZv -d2dGLWdyZWFzZSBQMkEKbThTYkxNa3YwK2xXbUhxb2RqQnd6UUl6a0JVcnVPR050 -ZFZCNmpjCi0tLSA0QVdjZEIrOWhUaVpHNytqY0h3eExLVWc0djlDRWtQVEZuWHM5 -YlVydnljCo/0r5CGdm/VW7wxgZhkhisHJbstH3r3YrghiSORsBwxX+GaKIziS1ns -MyRg6TWoWjIUe4epfGzqton35ekvrXWxGlLCuIkQgY1frgPTE4kZdm/T1pqzZpQ0 -4vZkl7nVd4k9oayv2LfpN8loG8npcwLfSKeVFCEooTOs+M3eH+wCEUd4r+TjfG3D -ZT2eAX9HethENX4GQxN+RQagyWOlnZVpf6QYnwg/bzRGtRSDLVYqmLJd5BbOrON7 -XN65I5DX2kBGtB3Y3F15hHjGxHFyded4bO9w/SF+jOM+yGnTnTQ1G7FSw0T8dwWo -7laPDx5WSM1zop0jLJ5iyZjNWJJt/j8t9FBGdqxtPUxP4jPVTTEiYJbtTauZtRUN -rc3UbQvDJTArGbwAQsTlYuMd59oIy2+cgpYHyhW2cPixL/VHxRYupNWj8g== ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/vaultwarden_env.age b/common/secrets/secrets/vaultwarden_env.age deleted file mode 100644 index 083ba6c..0000000 --- a/common/secrets/secrets/vaultwarden_env.age +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBMZ0VT -QWNCOUNSZ3ZPcmFFcXMvZkFqMVkxV1dRSDNLOTFzUExoc0F3dENFCldFZHdNSDdm -ZUR2eC94Y0cyRWJnTTRnSTlTRUlUSHlLS09IS2ZwZmVhOU0KLT4gc3NoLWVkMjU1 -MTkgc2EwSmpnIGlNaHFLQ0tZeFFLR1ZPZnpCbHEzdlZXWUxjWFNmMUdMVjdQUHlJ -cTJUVkEKcERQMVNNcmxQekUra2tUNUhyVTAxVThSb3RPRFBOOWMwRlFqUnRQQm13 -RQotPiAiXzVSX3wtZ3JlYXNlICpQMQpHUk5aSHJPRnNjQVR4Y2Q2TkhzU01SWWhh -TjBpb1JXbVFwSUxlT1BObEg0N2syNUJjUlc2TVJueVlyTXJRckQwCnhNOUZIVlVh -UG96d0pibVJsdmdNekJFUHg0NXFpa1JSd2lBdzN2S2JxenVMNVpWQ2hxRXlWUjFy -TWcKLS0tIG1QMHV3VW5VM25QVW80aUZOeEpTNG1qYksvQnE5emhBdzBuM2VMZE5n -VTQK6avsHayBgGGdjkwRORdaAz8mwLcxvI3YCMYwXjXCvJmIvlQerUEkDOU9D8sL -I+aSD5YCoHoJ5FsIOox5WWYEVcPxR/y1G2m3pAhZh1ner0Ckw29gsjdmckNwtSSr -tTrSve34ZEij1O7gfO30hW+Kd4579QWH/diFTrP88DjopqsaTWyh+A5A3WP6NxhJ -U0uL5RIPPGCMs0peqZG1Y44KRlt79hKELop4CwyF/06a3Oxuze5vifGl7+mogq0A -Xp3NgWR5AM2Fu+NfEQDUHU1R/CpyY6+VcTZWi8iu0/XfEiIQ4n5JSYNtd3ZL0ldL -WRoNdpA04IiCWM7fnRdDRVRGw9bDJ840oeBiSvbRqIt+uykEndEzKCxXh/jWvP+X -tBj05Rt2Qj3xAsq7yzsvK7vzacjV8fU2kNpxDvhVLQO8TBI5z7Sofu4Cy2fFY1F7 -J7JABO+kciZ23gdEofrHusv3oZvu2eQ5PO1FXCSsZzalum2cWWou11QDi3Vt65kN -wjleyKCDx4a68n7IoS2GOCpDw/G0ACmHrTSnztaO ------END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/zitadel_master_key.age b/common/secrets/secrets/zitadel_master_key.age deleted file mode 100644 index 3b07b55..0000000 --- a/common/secrets/secrets/zitadel_master_key.age +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAyWGFw -bUJNQkwvcjRKUWU5WWozTWZHb21IdDNlT0VwK21LQ2FZNEJWWWxJCjBBUDV4MkRt -Y3F5TWVMN0xLMjBibkJMcmUwdEwxM2pONUlLSU1EOXV5dXMKLT4gc3NoLWVkMjU1 -MTkgcGVGQlFnIGJPcEx2TnFZZjVicDlYaVdwRmJHSnIvZlpRNkx5RG8zVmZTaTFq -bmkwM1kKK0o3ZVViNnBjS2NZbFV4TERBczJNQWxtWU1IYTNoL1EzQlNxWHhFNDZL -TQotPiBzc2gtZWQyNTUxOSA5di8ySEEgZm5nYXdJMElxVTE4TnVnY0xSVFVtMXFs -NTNobnI1MjdMNDhWRmpkL1BnSQpXRHcwSVVCajFhQlp4N2J5VGhKc3E2eHpYZmd6 -TlU2MXdtdmNrSUJpZjFFCi0+IG5wImA0LWdyZWFzZQpuSHRTckxXVTd4eTFETWE4 -MEQ0QXNaTzhSTmFOdjI5Vyt1bDVRU1k5dExiUVk3bEdCeGN2UFV4Y3RTR1MvalNn -CkhHWFF4TGtPcktieDZnQTRkdk9ndnllU05zSVlMOWh0R1ZncUlWNy9WZURiCi0t -LSAxdW84VUg5d21jT2hrNEJ0NlBES1NRRjU4b05JQW80dk9IL29LZGlST0FjCnt8 -t+yvFWU0LlFGAWmLc9i4XFUpexZf8rC2bfw3FkNPuCzAyvbowhBJnGkqK+2C+mtL -za43EsGaLvA5s8ObhLw= ------END AGE ENCRYPTED FILE----- diff --git a/common/users/default.nix b/common/users/default.nix deleted file mode 100644 index 8561d8d..0000000 --- a/common/users/default.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ - config, - lib, - ... -}: -let - ccfg = import ../config.nix; - cfg_path = [ - ccfg.custom_config_key - "users" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; - top_cfg = config.${ccfg.custom_config_key}; -in -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - admins = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - example = [ "josh" ]; - description = '' - List of users to be added to the system. - ''; - }; - primary = lib.mkOption { - type = lib.types.str; - default = lib.optionalString (cfg.admins != [ ] && cfg.admins != null) ( - builtins.elemAt cfg.admins 0 - ); - description = "The primary user of the system."; - }; - users = lib.mkOption { - type = lib.types.attrsOf lib.types.attrs; - default = { }; - description = "Normal users to configure (not for system users). Should match nix options of users.userser..*"; - }; - }; - config = { - users.users = lib.mapAttrs ( - name: userConfig: - userConfig - // { - inherit name; - isNormalUser = lib.mkIf (name != "root") true; - initialPassword = - if (lib.hasAttr "initialPassword" userConfig) then userConfig.initialPassword else "password1"; - extraGroups = - lib.optionals (builtins.elem name cfg.admins) [ "wheel" ] ++ (userConfig.extraGroups or [ ]); - } - ) cfg.users; - - programs.nh.flake = lib.mkIf (lib.hasAttr "primary" cfg) "/home/${cfg.primary}/.config/nixos-config/hosts/${top_cfg.systemName}"; - }; -} diff --git a/hosts/lio/configuration.nix b/hosts/lio/configuration.nix index 7f454ba..1fd52c5 100644 --- a/hosts/lio/configuration.nix +++ b/hosts/lio/configuration.nix @@ -4,6 +4,8 @@ ... }: { + system.stateVersion = "23.11"; + hardware.enableAllFirmware = true; # Connectivity diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index c8b9294..e1e0ca9 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -28,16 +28,19 @@ }@inputs: let configuration_name = "lio"; + system = "x86_64-linux"; + primaryUser = "josh"; lib = nixpkgs.lib; in { nixosConfigurations = { "${configuration_name}" = ( lib.nixosSystem { + inherit system; specialArgs = { inherit inputs; upkgs = import inputs.nixpkgs-unstable { - system = "x86_64-linux"; + inherit system; config.allowUnfree = true; }; }; @@ -114,14 +117,11 @@ }; # System configuration - system.stateVersion = "23.11"; networking.hostName = configuration_name; - programs.nh.flake = "/home/josh/.config/nixos-config/hosts/${config.networking.hostName}"; + programs.nh.flake = "/home/${primaryUser}/.config/nixos-config/hosts/${config.networking.hostName}"; nixpkgs.config.allowUnfree = true; - - # Users users.users = { - josh = { + "${primaryUser}" = { isNormalUser = true; initialPassword = "password1"; extraGroups = [ diff --git a/hosts/template.nix b/hosts/template.nix new file mode 100644 index 0000000..ab57606 --- /dev/null +++ b/hosts/template.nix @@ -0,0 +1,130 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + home-manager.url = "github:rycee/home-manager/release-25.05"; + + # Use relative to get current version for testing + # common.url = "path:../../flakes/common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; + # secrets.url = "path:../../flakes/secrets"; + secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; + # flatpaks.url = "path:../../flakes/flatpaks"; + flatpaks.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/flatpaks"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + nixpkgs, + home-manager, + common, + secrets, + flatpaks, + ros_neovim, + ... + }: + let + configuration_name = "SYSTEM_NAME"; + system = "x86_64-linux"; + stateVersion = "25.05"; + primaryUser = "josh"; + lib = nixpkgs.lib; + in + { + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + inherit system; + modules = [ + home-manager.nixosModules.default + + secrets.nixosModules.default + ros_neovim.nixosModules.default + flatpaks.nixosModules.default + + common.nixosModules.essentials + common.nixosModules.git + common.nixosModules.tmux + common.nixosModules.boot_systemd + common.nixosModules.hardening + common.nixosModules.jetbrains_font + common.nixosModules.nix_options + common.nixosModules.tailnet + common.nixosModules.timezone_auto + common.nixosModules.tty_caps_esc + common.nixosModules.zsh + ( + { + config, + pkgs, + upkgs, + lib, + ... + }: + rec { + # Home Manager + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + backupFileExtension = "bak"; + # add all normal users to home manager so it applies to them + users = lib.mapAttrs (name: user: { + home.stateVersion = stateVersion; + programs.home-manager.enable = true; + }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users); + + sharedModules = [ + common.homeManagerModules.de_sway + common.homeManagerModules.tmux + common.homeManagerModules.atuin + common.homeManagerModules.direnv + common.homeManagerModules.foot + common.homeManagerModules.git + common.homeManagerModules.postgres_cli_options + common.homeManagerModules.ssh + common.homeManagerModules.starship + common.homeManagerModules.zoxide + common.homeManagerModules.zsh + ]; + }; + + # System configuration + system.stateVersion = stateVersion; + networking.hostName = configuration_name; + programs.nh.flake = "/home/${primaryUser}/.config/nixos-config/hosts/${config.networking.hostName}"; + nixpkgs.config.allowUnfree = true; + users.users = { + "${primaryUser}" = { + isNormalUser = true; + initialPassword = "password1"; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "input" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" + ]; + }; + }; + + services.flatpak.packages = [ + "org.signal.Signal" + "dev.vencord.Vesktop" + "md.obsidian.Obsidian" + "com.spotify.Client" + "com.bitwarden.desktop" + "org.openscad.OpenSCAD" + "org.blender.Blender" + "com.rustdesk.RustDesk" + ]; + } + ) + ]; + } + ); + }; + }; +} diff --git a/readme.md b/readme.md index 19e2cdb..f248017 100644 --- a/readme.md +++ b/readme.md @@ -1,21 +1,25 @@ ## TODO working on changes to this now +#### Old config before granular module + flakes + + + ### Old Config prior to per system flake approach - + ### Old modules from multi branch flake approach -- [common](https://git.joshuabell.xyz/dotfiles/~files/a3df616bee120e8427728c6e6a642686d6efb96d) -- [de_gnome](https://git.joshuabell.xyz/dotfiles/~files/2434f4858db4b5ddb095d5a7d8bdb05890c48bb4) -- [de_cosmic](https://git.joshuabell.xyz/dotfiles/~files/f2ecd63921dd826b138dab2ba431085c31a151d1) -- [de_hyperland](https://git.joshuabell.xyz/dotfiles/~files/ecb652f6e331312b401488140c583cabdcb0deba) -- [secrets](https://git.joshuabell.xyz/dotfiles/~files/5f3633d5f7c729b8e8fc2805d2751e7c006a6f7a) -- [nebula](https://git.joshuabell.xyz/dotfiles/~files/70cea59e9f1f750fd0aee8cde8cd54aee8601336) -- [stormd](https://git.joshuabell.xyz/dotfiles/~files/765c7f4436db03936960373ff77dc2d41f0c4cd5) -- [home_manager](https://git.joshuabell.xyz/dotfiles/~files/df0c4e95ac6b056202c4ec6fabfcfa5bd205a0b4) -- [boot_grub](https://git.joshuabell.xyz/dotfiles/~files/f00b3d38ec2dd62741a84d706f88c0c3bdd60784) -- [boot_systemd](https://git.joshuabell.xyz/dotfiles/~files/3155d8a57286aefb835476617ba6d4df92b83013) +- [common](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/a3df616bee120e8427728c6e6a642686d6efb96d) +- [de_gnome](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/2434f4858db4b5ddb095d5a7d8bdb05890c48bb4) +- [de_cosmic](https://git.joshuabell.x/ringofstormsyz/dotfiles/~files/f2ecd63921dd826b138dab2ba431085c31a151d1) +- [de_hyperland](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/ecb652f6e331312b401488140c583cabdcb0deba) +- [secrets](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/5f3633d5f7c729b8e8fc2805d2751e7c006a6f7a) +- [nebula](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/70cea59e9f1f750fd0aee8cde8cd54aee8601336) +- [stormd](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/765c7f4436db03936960373ff77dc2d41f0c4cd5) +- [home_manager](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/df0c4e95ac6b056202c4ec6fabfcfa5bd205a0b4) +- [boot_grub](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/f00b3d38ec2dd62741a84d706f88c0c3bdd60784) +- [boot_systemd](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/3155d8a57286aefb835476617ba6d4df92b83013) # First Install on new Machine @@ -57,6 +61,7 @@ - `mount -o umask=077 /dev/disk/by-label/NIXBOOT /mnt/boot` - Add SWAP device (optional) - in hardware config + ```nix swapDevices = [ { @@ -65,11 +70,13 @@ swapDevices = [ } ]; ``` + - Copy keyfile for auto-unlock (optional) - `cp /tmp/keyfile_DEVICE_1 /mnt/boot/keyfile_DEVICE_1` - `chmod 400 /mnt/boot/keyfile_DEVICE_1` - If Encrypted keyfile exists - Add to hardware config + ```nix boot.initrd.secrets = { "/keyfile_DEVICE_1" = "/boot/keyfile_DEVICE_1"; From ef1eb99b468a7e6e78314100e9070b7f12074e4d Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 22 Oct 2025 00:12:27 -0500 Subject: [PATCH 069/109] attempt oren update to latest style --- flakes/hyprland/default.nix | 170 ------- flakes/hyprland/flake.nix | 3 +- flakes/hyprland/home_manager/hyprland.nix | 15 +- flakes/hyprland/home_manager/hyprpaper.nix | 18 +- flakes/hyprland/home_manager/quickshell.nix | 11 - flakes/hyprland/home_manager/swaync.nix | 454 +++++++++--------- flakes/hyprland/home_manager/template.nix | 18 - flakes/hyprland/home_manager/waybar.nix | 485 ++++++++++---------- flakes/hyprland/hyprland.nix | 132 ++++++ hosts/lio/configuration.nix | 6 - hosts/oren/configuration.nix | 1 - hosts/oren/flake.nix | 207 +++++---- hosts/oren/hyprland_customizations.nix | 33 +- hosts/template.nix | 11 +- 14 files changed, 730 insertions(+), 834 deletions(-) delete mode 100644 flakes/hyprland/default.nix delete mode 100644 flakes/hyprland/home_manager/template.nix create mode 100644 flakes/hyprland/hyprland.nix diff --git a/flakes/hyprland/default.nix b/flakes/hyprland/default.nix deleted file mode 100644 index 8b96a31..0000000 --- a/flakes/hyprland/default.nix +++ /dev/null @@ -1,170 +0,0 @@ -{ - config, - lib, - pkgs, - hyprland, - hyprlandPkgs, - ... -}: -let - ccfg = import ../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path config; -in -with lib; -{ - options = - { } - // lib.attrsets.setAttrByPath cfg_path { - enable = lib.mkEnableOption "hyprland desktop environment"; - terminalCommand = mkOption { - type = lib.types.str; - default = "foot"; - description = "The terminal command to use."; - }; - extraOptions = mkOption { - type = lib.types.attrs; - default = { }; - description = "Extra options for Hyprland configuration."; - }; - hyprpaperSettings = lib.mkOption { - type = lib.types.attrs; - default = { }; - description = "Extra options for hyprpaper configuration."; - }; - swaync = { - enable = lib.mkEnableOption "Enable Swaync (notification center for Hyprland)"; - }; - waybar = { - enable = lib.mkEnableOption "Enable Waybar (status bar for Hyprland)"; - }; - }; - - config = lib.mkIf cfg.enable { - # Enable for all users - home-manager = { - sharedModules = [ - hyprland.homeManagerModules.default - ./home_manager - ]; - }; - - services.greetd = { - enable = true; - vt = 2; - settings = { - default_session = { - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${hyprlandPkgs.hyprland}/bin/Hyprland'"; - user = "greeter"; - }; - }; - }; - - # Caps Lock as Escape for console/tty - console.useXkbConfig = true; - services.xserver.xkb = { - layout = "us"; - options = "caps:escape"; - }; - - environment.systemPackages = with pkgs; [ - wl-clipboard - wl-clip-persist - wofi # application launcher - nemo # file manager (x11) - # nautilus # file manager - feh # image viewer (x11) - # imv # image viewer - networkmanager # network management - upower # power management - brightnessctl # screen/keyboard brightness control - wireplumber # media session manager - libgtop # system monitor library - bluez # Bluetooth support - power-profiles-daemon # power profiles - grim - slurp - hyprpicker - grimblast # screenshot tool - wf-recorder # screen recording tool - btop # system monitor - ]; - - services.blueman.enable = config.hardware.bluetooth.enable; - - programs.hyprland = { - enable = true; - # xwayland.enable = false; - # withUWSM = true; - - # set the flake package - package = hyprlandPkgs.hyprland; - # make sure to also set the portal package, so that they are in sync - # This is set below now in xdf portal directly so we can also add things like gtk - # portalPackage = hyprlandPkgs.xdg-desktop-portal-hyprland; - }; - - xdg.portal = { - enable = true; - extraPortals = lib.mkForce [ - hyprlandPkgs.xdg-desktop-portal-hyprland - # hyprlandPkgs.xdg-desktop-portal-wlr - hyprlandPkgs.xdg-desktop-portal-gtk - ]; - config.common.default = [ - "hyprland" - # "wlr" - "gtk" - ]; - }; - - # Enable PipeWire + WirePlumber so xdg-desktop-portal can do screencast - services.pipewire = { - enable = true; - # Enable WirePlumber session manager via the pipewire module option - wireplumber = { - enable = true; - }; - }; - - hardware.graphics = { - enable = true; - package = hyprlandPkgs.mesa; - # if you also want 32-bit support (e.g for Steam) - # enable32Bit = true; - package32 = hyprlandPkgs.pkgsi686Linux.mesa; - }; - - # Environment variables - environment.sessionVariables = { - GTK_THEME = "Adwaita:dark"; - XDG_SESSION_TYPE = "wayland"; - # XDG_CURRENT_DESKTOP = "sway"; - # XDG_SESSION_DESKTOP = "sway"; - # prefer EGL renderer (can be changed back to "auto" if needed) - WLR_RENDERER = "egl"; - - # Tell apps to run native wayland - NIXOS_OZONE_WL = "1"; - ELECTRON_OZONE_PLATFORM_HINT = "wayland"; - ELECTRON_ENABLE_WAYLAND = "1"; - ELECTRON_DISABLE_SANDBOX = "0"; - GDK_BACKEND = "wayland,x11"; # GTK - QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 - MOZ_ENABLE_WAYLAND = "1"; # Firefox - SDL_VIDEODRIVER = "wayland"; # SDL apps/games - CLUTTER_BACKEND = "wayland"; - }; - - # Qt theming - qt = { - enable = true; - platformTheme = "gtk2"; - style = "adwaita-dark"; - }; - }; -} diff --git a/flakes/hyprland/flake.nix b/flakes/hyprland/flake.nix index 82733cc..9fc6a6f 100644 --- a/flakes/hyprland/flake.nix +++ b/flakes/hyprland/flake.nix @@ -1,6 +1,6 @@ { inputs = { - ragenix.url = "github:yaxitech/ragenix"; + hyprland.url = "github:hyprwm/Hyprland"; }; outputs = @@ -20,6 +20,7 @@ { imports = [ hyprland.nixosModules.default + ./hyprland.nix ]; config = { _module.args = { diff --git a/flakes/hyprland/home_manager/hyprland.nix b/flakes/hyprland/home_manager/hyprland.nix index 3d8b6b7..afd313e 100644 --- a/flakes/hyprland/home_manager/hyprland.nix +++ b/flakes/hyprland/home_manager/hyprland.nix @@ -4,15 +4,6 @@ hyprlandPkgs, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in { wayland.windowManager.hyprland = { enable = true; @@ -21,7 +12,7 @@ in # hyprspace # ]; - settings = lib.attrsets.recursiveUpdate { + settings = { # Debug logs enabled when this is uncommented debug.disable_logs = false; debug.disable_time = false; @@ -89,7 +80,7 @@ in bind = [ # Applications - "$mainMod, Return, exec, ${cfg.terminalCommand}" + "$mainMod, Return, exec, foot" "$mainMod, Space, exec, pkill wofi || wofi --show drun" "$mainMod, q, killactive" "$mainMod SHIFT, escape, exit" @@ -171,6 +162,6 @@ in "$mainMod, mouse:273, resizewindow" ]; - } cfg.extraOptions; + }; }; } diff --git a/flakes/hyprland/home_manager/hyprpaper.nix b/flakes/hyprland/home_manager/hyprpaper.nix index 06d6820..d129096 100644 --- a/flakes/hyprland/home_manager/hyprpaper.nix +++ b/flakes/hyprland/home_manager/hyprpaper.nix @@ -1,22 +1,8 @@ { - osConfig, - lib, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in { - config = { - services.hyprpaper = { - enable = true; - settings = cfg.hyprpaperSettings; - }; + services.hyprpaper = { + enable = true; }; } diff --git a/flakes/hyprland/home_manager/quickshell.nix b/flakes/hyprland/home_manager/quickshell.nix index 2f5032c..ac12426 100644 --- a/flakes/hyprland/home_manager/quickshell.nix +++ b/flakes/hyprland/home_manager/quickshell.nix @@ -1,19 +1,8 @@ { - osConfig, - lib, pkgs, upkgs, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in { home.packages = with pkgs; [ upkgs.quickshell diff --git a/flakes/hyprland/home_manager/swaync.nix b/flakes/hyprland/home_manager/swaync.nix index b26fa58..6891a76 100644 --- a/flakes/hyprland/home_manager/swaync.nix +++ b/flakes/hyprland/home_manager/swaync.nix @@ -1,251 +1,237 @@ { - lib, - osConfig, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - "swaync" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in { - config = lib.mkIf cfg.enable { - services.swaync = { - enable = true; - settings = { - ignore = [ - "com.spotify.Client" - ]; + services.swaync = { + enable = true; + settings = { + ignore = [ + "com.spotify.Client" + ]; - positionX = "right"; - positionY = "top"; - layer = "overlay"; - control-center-layer = "top"; - layer-shell = true; - cssPriority = "application"; + positionX = "right"; + positionY = "top"; + layer = "overlay"; + control-center-layer = "top"; + layer-shell = true; + cssPriority = "application"; - control-center-margin-top = 0; - control-center-margin-bottom = 0; - control-center-margin-right = 0; - control-center-margin-left = 0; + control-center-margin-top = 0; + control-center-margin-bottom = 0; + control-center-margin-right = 0; + control-center-margin-left = 0; - notification-2fa-action = true; - notification-inline-replies = false; - notification-icon-size = 64; - notification-body-image-height = 100; - notification-body-image-width = 200; + notification-2fa-action = true; + notification-inline-replies = false; + notification-icon-size = 64; + notification-body-image-height = 100; + notification-body-image-width = 200; - timeout = 10; - timeout-low = 5; - timeout-critical = 0; + timeout = 10; + timeout-low = 5; + timeout-critical = 0; - control-center-width = 500; - control-center-height = 600; - notification-window-width = 500; + control-center-width = 500; + control-center-height = 600; + notification-window-width = 500; - keyboard-shortcuts = true; - image-visibility = "when-available"; - transition-time = 200; - hide-on-clear = false; - hide-on-action = true; - script-fail-notify = true; + keyboard-shortcuts = true; + image-visibility = "when-available"; + transition-time = 200; + hide-on-clear = false; + hide-on-action = true; + script-fail-notify = true; - widgets = [ - "inhibitors" - "title" - "dnd" - "volume" - "backlight" - "mpris" - "buttons-grid#quick" - "notifications" - ]; + widgets = [ + "inhibitors" + "title" + "dnd" + "volume" + "backlight" + "mpris" + "buttons-grid#quick" + "notifications" + ]; - # Widget configurations - widget-config = { - inhibitors = { - text = "Inhibitors"; - button-text = "Clear All"; - clear-all-button = true; - }; - title = { - text = "Notifications"; - clear-all-button = true; - button-text = "Clear All"; - }; - dnd.text = "Do Not Disturb"; - mpris = { - image-size = 96; - image-radius = 12; - }; - volume = { - label = "󰕾"; - show-per-app = true; - }; - backlight = { - label = "󰃟"; - device = "intel_backlight"; - }; - "buttons-grid#quick" = { - columns = 4; # adjust: 3/4/5 - icon-size = 20; # tweak to taste - actions = [ - # Power - { - label = "󰐥"; - tooltip = "Shutdown"; - command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; - } - { - label = "󰜉"; - tooltip = "Reboot"; - command = "confirm-action 'systemctl reboot' 'Reboot?'"; - } - { - label = "󰍃"; - tooltip = "Logout"; - command = "confirm-action 'hyprctl dispatch exit' 'Logout?'"; - } - ]; - }; + # Widget configurations + widget-config = { + inhibitors = { + text = "Inhibitors"; + button-text = "Clear All"; + clear-all-button = true; + }; + title = { + text = "Notifications"; + clear-all-button = true; + button-text = "Clear All"; + }; + dnd.text = "Do Not Disturb"; + mpris = { + image-size = 96; + image-radius = 12; + }; + volume = { + label = "󰕾"; + show-per-app = true; + }; + backlight = { + label = "󰃟"; + device = "intel_backlight"; + }; + "buttons-grid#quick" = { + columns = 4; # adjust: 3/4/5 + icon-size = 20; # tweak to taste + actions = [ + # Power + { + label = "󰐥"; + tooltip = "Shutdown"; + command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; + } + { + label = "󰜉"; + tooltip = "Reboot"; + command = "confirm-action 'systemctl reboot' 'Reboot?'"; + } + { + label = "󰍃"; + tooltip = "Logout"; + command = "confirm-action 'hyprctl dispatch exit' 'Logout?'"; + } + ]; }; }; - - # Custom CSS for the control center - style = '' - .control-center { - background: #1a1b26; - border: 2px solid #7dcae4; - border-radius: 12px; - } - - .control-center-list { - background: transparent; - } - - .control-center .notification-row:focus, - .control-center .notification-row:hover { - opacity: 1; - background: #24283b; - } - - .notification { - border-radius: 8px; - margin: 6px 12px; - box-shadow: 0 0 0 1px rgba(125, 196, 228, 0.3), 0 1px 3px 1px rgba(0, 0, 0, 0.7), 0 2px 6px 2px rgba(0, 0, 0, 0.3); - padding: 0; - } - - /* Widget styling */ - .widget-title { - margin: 8px; - font-size: 1.5rem; - color: #c0caf5; - } - - .widget-dnd { - margin: 8px; - font-size: 1.1rem; - color: #c0caf5; - } - - .widget-dnd > switch { - font-size: initial; - border-radius: 8px; - background: #414868; - border: 1px solid #7dcae4; - } - - .widget-dnd > switch:checked { - background: #7dcae4; - } - - .widget-mpris { - color: #c0caf5; - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - } - - .widget-mpris-player { - padding: 8px; - margin: 8px; - } - - .widget-mpris-title { - font-weight: bold; - font-size: 1.25rem; - } - - .widget-mpris-subtitle { - font-size: 1.1rem; - color: #9ece6a; - } - - .widget-volume { - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - color: #c0caf5; - } - - .widget-backlight { - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - color: #c0caf5; - } - - .widget-menubar { - background: #24283b; - padding: 8px; - margin: 8px; - border-radius: 8px; - color: #c0caf5; - } - - .widget-menubar .menu-item button { - background: #1f2335; - color: #c0caf5; - border-radius: 8px; - padding: 6px 10px; - margin: 4px; - border: 1px solid #2e3440; - font-family: "JetBrainsMonoNL Nerd Font"; - } - - .widget-menubar .menu-item button:hover { - background: #414868; - border-color: #7dcae4; - } - - .topbar-buttons button { - border: none; - background: transparent; - color: #c0caf5; - font-size: 1.1rem; - border-radius: 8px; - margin: 0 4px; - padding: 8px; - } - - .topbar-buttons button:hover { - background: #414868; - } - - .topbar-buttons button:active { - background: #7dcae4; - color: #1a1b26; - } - ''; }; + + # Custom CSS for the control center + style = '' + .control-center { + background: #1a1b26; + border: 2px solid #7dcae4; + border-radius: 12px; + } + + .control-center-list { + background: transparent; + } + + .control-center .notification-row:focus, + .control-center .notification-row:hover { + opacity: 1; + background: #24283b; + } + + .notification { + border-radius: 8px; + margin: 6px 12px; + box-shadow: 0 0 0 1px rgba(125, 196, 228, 0.3), 0 1px 3px 1px rgba(0, 0, 0, 0.7), 0 2px 6px 2px rgba(0, 0, 0, 0.3); + padding: 0; + } + + /* Widget styling */ + .widget-title { + margin: 8px; + font-size: 1.5rem; + color: #c0caf5; + } + + .widget-dnd { + margin: 8px; + font-size: 1.1rem; + color: #c0caf5; + } + + .widget-dnd > switch { + font-size: initial; + border-radius: 8px; + background: #414868; + border: 1px solid #7dcae4; + } + + .widget-dnd > switch:checked { + background: #7dcae4; + } + + .widget-mpris { + color: #c0caf5; + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + } + + .widget-mpris-player { + padding: 8px; + margin: 8px; + } + + .widget-mpris-title { + font-weight: bold; + font-size: 1.25rem; + } + + .widget-mpris-subtitle { + font-size: 1.1rem; + color: #9ece6a; + } + + .widget-volume { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-backlight { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-menubar { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-menubar .menu-item button { + background: #1f2335; + color: #c0caf5; + border-radius: 8px; + padding: 6px 10px; + margin: 4px; + border: 1px solid #2e3440; + font-family: "JetBrainsMonoNL Nerd Font"; + } + + .widget-menubar .menu-item button:hover { + background: #414868; + border-color: #7dcae4; + } + + .topbar-buttons button { + border: none; + background: transparent; + color: #c0caf5; + font-size: 1.1rem; + border-radius: 8px; + margin: 0 4px; + padding: 8px; + } + + .topbar-buttons button:hover { + background: #414868; + } + + .topbar-buttons button:active { + background: #7dcae4; + color: #1a1b26; + } + ''; }; } diff --git a/flakes/hyprland/home_manager/template.nix b/flakes/hyprland/home_manager/template.nix deleted file mode 100644 index 905d5e4..0000000 --- a/flakes/hyprland/home_manager/template.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - osConfig, - lib, - pkgs, - ... -}: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in -{ - -} diff --git a/flakes/hyprland/home_manager/waybar.nix b/flakes/hyprland/home_manager/waybar.nix index 66f3349..8ceef8c 100644 --- a/flakes/hyprland/home_manager/waybar.nix +++ b/flakes/hyprland/home_manager/waybar.nix @@ -1,258 +1,245 @@ -{ lib, osConfig, ... }: -let - ccfg = import ../../../config.nix; - cfg_path = [ - ccfg.custom_config_key - "desktopEnvironment" - "hyprland" - "waybar" - ]; - cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; -in +{ lib, ... }: { - config = lib.mkIf cfg.enable { + programs.waybar = { + enable = true; + systemd.enable = true; + settings = { + mainBar = { + layer = "top"; + position = "top"; + height = 28; + spacing = 6; + margin-top = 0; + margin-bottom = 0; + margin-left = 10; + margin-right = 10; - programs.waybar = { - enable = true; - systemd.enable = true; - settings = { - mainBar = { - layer = "top"; - position = "top"; - height = 28; - spacing = 6; - margin-top = 0; - margin-bottom = 0; - margin-left = 10; - margin-right = 10; + modules-left = [ + "hyprland/workspaces" + ]; + modules-center = [ + "clock" + "temperature" + "cpu" + "memory" + "disk" + ]; + modules-right = [ + "battery" + "battery#bat2" + "pulseaudio" + "network" + "bluetooth" + "power-profiles-daemon" + "backlight" + "custom/notifications" + "tray" + "custom/power" + ]; - modules-left = [ - "hyprland/workspaces" - ]; - modules-center = [ - "clock" - "temperature" - "cpu" - "memory" - "disk" - ]; - modules-right = [ - "battery" - "battery#bat2" - "pulseaudio" - "network" - "bluetooth" - "power-profiles-daemon" - "backlight" - "custom/notifications" - "tray" - "custom/power" - ]; - - "hyprland/workspaces" = { - format = "{icon}"; - format-icons = { - "1" = "一"; - "2" = "二"; - "3" = "三"; - "4" = "四"; - "5" = "五"; - "6" = "六"; - "7" = "七"; - "8" = "八"; - "9" = "九"; - "10" = "十"; - "11" = "十一"; - "12" = "十二"; - "13" = "十三"; - "14" = "十四"; - "15" = "十五"; - "16" = "十六"; - "17" = "十七"; - "18" = "十八"; - "19" = "十九"; - "20" = "二十"; - }; - disable-scroll = false; + "hyprland/workspaces" = { + format = "{icon}"; + format-icons = { + "1" = "一"; + "2" = "二"; + "3" = "三"; + "4" = "四"; + "5" = "五"; + "6" = "六"; + "7" = "七"; + "8" = "八"; + "9" = "九"; + "10" = "十"; + "11" = "十一"; + "12" = "十二"; + "13" = "十三"; + "14" = "十四"; + "15" = "十五"; + "16" = "十六"; + "17" = "十七"; + "18" = "十八"; + "19" = "十九"; + "20" = "二十"; }; - - # CENTER - clock = { - format = "{:%b %d, %H:%M}"; - tooltip-format = "{:%Y %B}\n{calendar}"; - }; - - temperature = { - thermal-zone = 2; - hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; - critical-threshold = 80; - format-critical = "󰔏 {temperatureC}°C"; - format = "󰔏 {temperatureC}°C"; - }; - - cpu = { - format = "󰻠 {usage}%"; - tooltip = true; - on-click = "btop"; - }; - - memory = { - format = "󰍛 {}%"; - on-click = "btop"; - }; - - disk = { - interval = 30; - format = "󰋊 {percentage_used}%"; - path = "/"; - on-click = "btop"; - }; - - # RIGHT - "battery" = { - "states" = { - # "good"= 95; - "warning" = 30; - "critical" = 15; - }; - "format" = "{capacity}% {icon}"; - "format-full" = "{capacity}% {icon}"; - "format-charging" = "{capacity}% "; - "format-plugged" = "{capacity}% "; - "format-alt" = "{time} {icon}"; - # "format-good"= ""; // An empty format will hide the module - # "format-full"= ""; - "format-icons" = [ - "" - "" - "" - "" - "" - ]; - }; - "battery#bat2" = { - "bat" = "BAT2"; - }; - - pulseaudio = { - format = "{icon} {volume}%"; - format-bluetooth = "󰂰 {volume}%"; - format-bluetooth-muted = "󰂲 "; - format-muted = "󰖁 "; - format-source = "󰍬 {volume}%"; - format-source-muted = "󰍭 "; - format-icons = { - headphone = "󰋋"; - hands-free = "󰂑"; - headset = "󰂑"; - phone = "󰏲"; - portable = "󰦧"; - car = "󰄋"; - default = [ - "󰕿" - "󰖀" - "󰕾" - ]; - }; - scroll-step = 5; - on-click = "pavucontrol"; - on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; - }; - - network = { - format-wifi = "󰤨 {essid} ({signalStrength}%)"; - format-ethernet = "󰈀 {ipaddr}/{cidr}"; - tooltip-format = "{ifname} via {gwaddr} "; - format-linked = "󰈀 {ifname} (No IP)"; - format-disconnected = "󰖪 Disconnected"; - # on-click = "wofi-wifi-menu"; - # on-click-right = "nmcli radio wifi toggle"; - }; - - bluetooth = { - format = "󰂯 {status}"; - format-connected = "󰂱 {device_alias}"; - format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; - tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; - tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; - tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; - tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; - # on-click = "wofi-bluetooth-menu"; - # on-click-right = "bluetoothctl power toggle"; - }; - - "power-profiles-daemon" = { - format = "{icon}"; - "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; - tooltip = true; - "format-icons" = { - default = ""; - performance = ""; - balanced = ""; - "power-saver" = ""; - }; - }; - - backlight = { - format = "{percent}% {icon}"; - "format-icons" = [ - "" - "" - "" - "" - "" - "" - "" - "" - "" - ]; - }; - - "custom/notifications" = { - format = "{icon} {}"; - format-icons = { - notification = ""; - none = ""; - dnd-notification = "󰂛"; - dnd-none = "󰂛"; - inhibited-notification = ""; - inhibited-none = ""; - dnd-inhibited-notification = "󰂛"; - dnd-inhibited-none = "󰂛"; - }; - return-type = "json"; - exec-if = "which swaync-client"; - exec = "swaync-client -swb"; - on-click = "swaync-client -t -sw"; - on-click-right = "swaync-client -d -sw"; - escape = true; - tooltip = false; - }; - - "sway/language" = { - format = "{}"; - }; - - "tray" = { - "spacing" = 10; - }; - - "custom/power" = { - format = "⏻ "; - tooltip = false; - menu = "on-click"; - "menu-file" = ./waybar/power_menu.xml; - "menu-actions" = { - shutdown = "shutdown 0"; - reboot = "reboot"; - logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; - }; - }; - + disable-scroll = false; }; - }; - style = builtins.readFile ./waybar/waybar.css; + # CENTER + clock = { + format = "{:%b %d, %H:%M}"; + tooltip-format = "{:%Y %B}\n{calendar}"; + }; + + temperature = { + thermal-zone = 2; + hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + format-critical = "󰔏 {temperatureC}°C"; + format = "󰔏 {temperatureC}°C"; + }; + + cpu = { + format = "󰻠 {usage}%"; + tooltip = true; + on-click = "btop"; + }; + + memory = { + format = "󰍛 {}%"; + on-click = "btop"; + }; + + disk = { + interval = 30; + format = "󰋊 {percentage_used}%"; + path = "/"; + on-click = "btop"; + }; + + # RIGHT + "battery" = { + "states" = { + # "good"= 95; + "warning" = 30; + "critical" = 15; + }; + "format" = "{capacity}% {icon}"; + "format-full" = "{capacity}% {icon}"; + "format-charging" = "{capacity}% "; + "format-plugged" = "{capacity}% "; + "format-alt" = "{time} {icon}"; + # "format-good"= ""; // An empty format will hide the module + # "format-full"= ""; + "format-icons" = [ + "" + "" + "" + "" + "" + ]; + }; + "battery#bat2" = { + "bat" = "BAT2"; + }; + + pulseaudio = { + format = "{icon} {volume}%"; + format-bluetooth = "󰂰 {volume}%"; + format-bluetooth-muted = "󰂲 "; + format-muted = "󰖁 "; + format-source = "󰍬 {volume}%"; + format-source-muted = "󰍭 "; + format-icons = { + headphone = "󰋋"; + hands-free = "󰂑"; + headset = "󰂑"; + phone = "󰏲"; + portable = "󰦧"; + car = "󰄋"; + default = [ + "󰕿" + "󰖀" + "󰕾" + ]; + }; + scroll-step = 5; + on-click = "pavucontrol"; + on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + }; + + network = { + format-wifi = "󰤨 {essid} ({signalStrength}%)"; + format-ethernet = "󰈀 {ipaddr}/{cidr}"; + tooltip-format = "{ifname} via {gwaddr} "; + format-linked = "󰈀 {ifname} (No IP)"; + format-disconnected = "󰖪 Disconnected"; + # on-click = "wofi-wifi-menu"; + # on-click-right = "nmcli radio wifi toggle"; + }; + + bluetooth = { + format = "󰂯 {status}"; + format-connected = "󰂱 {device_alias}"; + format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + # on-click = "wofi-bluetooth-menu"; + # on-click-right = "bluetoothctl power toggle"; + }; + + "power-profiles-daemon" = { + format = "{icon}"; + "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; + tooltip = true; + "format-icons" = { + default = ""; + performance = ""; + balanced = ""; + "power-saver" = ""; + }; + }; + + backlight = { + format = "{percent}% {icon}"; + "format-icons" = [ + "" + "" + "" + "" + "" + "" + "" + "" + "" + ]; + }; + + "custom/notifications" = { + format = "{icon} {}"; + format-icons = { + notification = ""; + none = ""; + dnd-notification = "󰂛"; + dnd-none = "󰂛"; + inhibited-notification = ""; + inhibited-none = ""; + dnd-inhibited-notification = "󰂛"; + dnd-inhibited-none = "󰂛"; + }; + return-type = "json"; + exec-if = "which swaync-client"; + exec = "swaync-client -swb"; + on-click = "swaync-client -t -sw"; + on-click-right = "swaync-client -d -sw"; + escape = true; + tooltip = false; + }; + + "sway/language" = { + format = "{}"; + }; + + "tray" = { + "spacing" = 10; + }; + + "custom/power" = { + format = "⏻ "; + tooltip = false; + menu = "on-click"; + "menu-file" = ./waybar/power_menu.xml; + "menu-actions" = { + shutdown = "shutdown 0"; + reboot = "reboot"; + logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; + }; + }; + + }; }; + + style = builtins.readFile ./waybar/waybar.css; }; } diff --git a/flakes/hyprland/hyprland.nix b/flakes/hyprland/hyprland.nix new file mode 100644 index 0000000..88e9a42 --- /dev/null +++ b/flakes/hyprland/hyprland.nix @@ -0,0 +1,132 @@ +{ + config, + lib, + pkgs, + hyprland, + hyprlandPkgs, + ... +}: +with lib; +{ + # Enable for all users + home-manager = { + sharedModules = [ + hyprland.homeManagerModules.default + ./home_manager + ]; + }; + + services.greetd = { + enable = true; + vt = 2; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${hyprlandPkgs.hyprland}/bin/Hyprland'"; + user = "greeter"; + }; + }; + }; + + # Caps Lock as Escape for console/tty + console.useXkbConfig = true; + services.xserver.xkb = { + layout = "us"; + options = "caps:escape"; + }; + + environment.systemPackages = with pkgs; [ + wl-clipboard + wl-clip-persist + wofi # application launcher + nemo # file manager (x11) + # nautilus # file manager + feh # image viewer (x11) + # imv # image viewer + networkmanager # network management + upower # power management + brightnessctl # screen/keyboard brightness control + wireplumber # media session manager + libgtop # system monitor library + bluez # Bluetooth support + power-profiles-daemon # power profiles + grim + slurp + hyprpicker + grimblast # screenshot tool + wf-recorder # screen recording tool + btop # system monitor + ]; + + services.blueman.enable = config.hardware.bluetooth.enable; + + programs.hyprland = { + enable = true; + # xwayland.enable = false; + # withUWSM = true; + + # set the flake package + package = hyprlandPkgs.hyprland; + # make sure to also set the portal package, so that they are in sync + # This is set below now in xdf portal directly so we can also add things like gtk + # portalPackage = hyprlandPkgs.xdg-desktop-portal-hyprland; + }; + + xdg.portal = { + enable = true; + extraPortals = lib.mkForce [ + hyprlandPkgs.xdg-desktop-portal-hyprland + # hyprlandPkgs.xdg-desktop-portal-wlr + hyprlandPkgs.xdg-desktop-portal-gtk + ]; + config.common.default = [ + "hyprland" + # "wlr" + "gtk" + ]; + }; + + # Enable PipeWire + WirePlumber so xdg-desktop-portal can do screencast + services.pipewire = { + enable = true; + # Enable WirePlumber session manager via the pipewire module option + wireplumber = { + enable = true; + }; + }; + + hardware.graphics = { + enable = true; + package = hyprlandPkgs.mesa; + # if you also want 32-bit support (e.g for Steam) + # enable32Bit = true; + package32 = hyprlandPkgs.pkgsi686Linux.mesa; + }; + + # Environment variables + environment.sessionVariables = { + GTK_THEME = "Adwaita:dark"; + XDG_SESSION_TYPE = "wayland"; + # XDG_CURRENT_DESKTOP = "sway"; + # XDG_SESSION_DESKTOP = "sway"; + # prefer EGL renderer (can be changed back to "auto" if needed) + WLR_RENDERER = "egl"; + + # Tell apps to run native wayland + NIXOS_OZONE_WL = "1"; + ELECTRON_OZONE_PLATFORM_HINT = "wayland"; + ELECTRON_ENABLE_WAYLAND = "1"; + ELECTRON_DISABLE_SANDBOX = "0"; + GDK_BACKEND = "wayland,x11"; # GTK + QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 + MOZ_ENABLE_WAYLAND = "1"; # Firefox + SDL_VIDEODRIVER = "wayland"; # SDL apps/games + CLUTTER_BACKEND = "wayland"; + }; + + # Qt theming + qt = { + enable = true; + platformTheme = "gtk2"; + style = "adwaita-dark"; + }; +} diff --git a/hosts/lio/configuration.nix b/hosts/lio/configuration.nix index 1fd52c5..cb8f9d5 100644 --- a/hosts/lio/configuration.nix +++ b/hosts/lio/configuration.nix @@ -1,5 +1,4 @@ { - upkgs, pkgs, ... }: @@ -46,11 +45,6 @@ nodejs_24 foot vlc - upkgs.ladybird google-chrome - trilium-desktop - dig - traceroute - # opensnitch-ui ]; } diff --git a/hosts/oren/configuration.nix b/hosts/oren/configuration.nix index 268baf6..9bcccd8 100644 --- a/hosts/oren/configuration.nix +++ b/hosts/oren/configuration.nix @@ -5,7 +5,6 @@ ... }: { - system.stateVersion = "24.11"; # Did you read the comment? environment.systemPackages = with pkgs; [ # [Laptop] Battery status acpi diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 488711e..22385c5 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -1,11 +1,17 @@ { inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; - nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + home-manager.url = "github:rycee/home-manager/release-25.05"; - # Use relative to get current version for testing - # common.url = "path:../../common"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + # Use relative to get current version for testin + # common.url = "path:../../flakes/common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; + # secrets.url = "path:../../flakes/secrets"; + secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; + # flatpaks.url = "path:../../flakes/flatpaks"; + flatpaks.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/flatpaks"; + hyprland.url = "path:../../flakes/hyprland"; + # hyprland.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/hyprland"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; @@ -13,30 +19,123 @@ outputs = { nixpkgs, - nixpkgs-unstable, - + home-manager, common, + secrets, + flatpaks, + hyprland, ros_neovim, ... }: let configuration_name = "oren"; + system = "x86_64-linux"; + stateVersion = "25.05"; + primaryUser = "josh"; lib = nixpkgs.lib; in { nixosConfigurations = { "${configuration_name}" = ( lib.nixosSystem { + inherit system; modules = [ - common.nixosModules.default + home-manager.nixosModules.default + + secrets.nixosModules.default ros_neovim.nixosModules.default + flatpaks.nixosModules.default + hyprland.nixosModules.default + + common.nixosModules.essentials + common.nixosModules.git + common.nixosModules.tmux + common.nixosModules.boot_systemd + common.nixosModules.hardening + common.nixosModules.jetbrains_font + common.nixosModules.nix_options + common.nixosModules.podman + common.nixosModules.tailnet + common.nixosModules.timezone_auto + common.nixosModules.tty_caps_esc + common.nixosModules.zsh + ./configuration.nix ./hardware-configuration.nix # ./sway_customizations.nix ./hyprland_customizations.nix ( { config, pkgs, ... }: - { + rec { + # Home Manager + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + backupFileExtension = "bak"; + # add all normal users to home manager so it applies to them + users = lib.mapAttrs (name: user: { + home.stateVersion = stateVersion; + programs.home-manager.enable = true; + }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users); + + sharedModules = [ + common.homeManagerModules.tmux + common.homeManagerModules.atuin + common.homeManagerModules.direnv + common.homeManagerModules.foot + common.homeManagerModules.git + common.homeManagerModules.postgres_cli_options + common.homeManagerModules.ssh + common.homeManagerModules.starship + common.homeManagerModules.zoxide + common.homeManagerModules.zsh + ]; + }; + + # System configuration + system.stateVersion = stateVersion; + networking.hostName = configuration_name; + programs.nh.flake = "/home/${primaryUser}/.config/nixos-config/hosts/${config.networking.hostName}"; + nixpkgs.config.allowUnfree = true; + users.users = { + "${primaryUser}" = { + isNormalUser = true; + initialPassword = "password1"; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "input" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMzgAe4od9K4EsvH2g7xjNU7hGoJiFJlYcvB0BoDCvn nix2oren" + ]; + }; + }; + + environment.systemPackages = with pkgs; [ + lua + qdirstat + ffmpeg-full + vlc + google-chrome + + nodejs_24 + ttyd + appimage-run + ]; + + services.flatpak.packages = [ + "org.signal.Signal" + "dev.vencord.Vesktop" + "md.obsidian.Obsidian" + "com.spotify.Client" + "com.bitwarden.desktop" + "org.openscad.OpenSCAD" + "im.riot.Riot" + "com.rustdesk.RustDesk" + ]; + services.devmon.enable = true; services.gvfs.enable = true; services.udisks2.enable = true; @@ -68,98 +167,6 @@ "ollamal" = "ollama list | tail -n +2 | awk '{print $1}' | fzf --ansi --preview 'ollama show {}'"; }; - - environment.systemPackages = with pkgs; [ - lua - qdirstat - ffmpeg-full - appimage-run - nodejs_24 - foot - ttyd - ]; - - services.ollama = { - enable = true; - package = nixpkgs-unstable.legacyPackages.x86_64-linux.ollama; - acceleration = "rocm"; # cuda for NVIDA; rocm for amd; false/default for neither - }; - - ringofstorms_common = { - systemName = configuration_name; - boot.systemd.enable = true; - general = { - enableSleep = true; - reporting.enable = true; - }; - secrets.enable = true; - desktopEnvironment.hyprland = { - enable = true; - waybar.enable = true; - swaync.enable = true; - }; - programs = { - qFlipper.enable = true; - rustDev.enable = true; - uhkAgent.enable = true; - tailnet.enable = true; - ssh.enable = true; - podman.enable = true; - virt-manager.enable = true; - flatpaks = { - enable = true; - packages = [ - "org.signal.Signal" - "dev.vencord.Vesktop" - "md.obsidian.Obsidian" - "com.spotify.Client" - "org.videolan.VLC" - "com.bitwarden.desktop" - "im.riot.Riot" - "com.rustdesk.RustDesk" - "com.google.Chrome" - ]; - }; - }; - users = { - # Users are all normal users and default password is password1 - admins = [ "josh" ]; # First admin is also the primary user owning nix config - users = { - josh = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMzgAe4od9K4EsvH2g7xjNU7hGoJiFJlYcvB0BoDCvn nix2oren" - ]; - extraGroups = [ - "networkmanager" - "video" - "input" - ]; - shell = pkgs.zsh; - }; - }; - }; - homeManager = { - users = { - josh = { - imports = with common.homeManagerModules; [ - zsh - ssh - starship - zoxide - tmux - atuin - kitty - foot - direnv - git - nix_deprecations - obs - postgres - ]; - }; - }; - }; - }; } ) ]; diff --git a/hosts/oren/hyprland_customizations.nix b/hosts/oren/hyprland_customizations.nix index 9c5d114..a360176 100644 --- a/hosts/oren/hyprland_customizations.nix +++ b/hosts/oren/hyprland_customizations.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, ... }: +{ ... }: let hyprlandExtraOptions = { exec-once = [ @@ -11,20 +11,23 @@ let }; in { - options = { }; + home-manager.sharedModules = [ + ( + { ... }: + { + wayland.windowManager.hyprland.settings = hyprlandExtraOptions; + services.hyprpaper.settings = { + mode = "fill"; # Wallpaper display mode: fill, fit, stretch, center, tile - config = { - ringofstorms_common.desktopEnvironment.hyprland.extraOptions = hyprlandExtraOptions; - ringofstorms_common.desktopEnvironment.hyprland.hyprpaperSettings = { - mode = "fill"; # Wallpaper display mode: fill, fit, stretch, center, tile + preload = [ + "${../_shared_assets/wallpapers/pixel_neon.png}" + ]; - preload = [ - "${../_shared_assets/wallpapers/pixel_neon.png}" - ]; - - wallpaper = [ - "eDP-1,${../_shared_assets/wallpapers/pixel_neon.png}" - ]; - }; - }; + wallpaper = [ + "eDP-1,${../_shared_assets/wallpapers/pixel_neon.png}" + ]; + }; + } + ) + ]; } diff --git a/hosts/template.nix b/hosts/template.nix index ab57606..fba7b68 100644 --- a/hosts/template.nix +++ b/hosts/template.nix @@ -47,6 +47,7 @@ common.nixosModules.git common.nixosModules.tmux common.nixosModules.boot_systemd + common.nixosModules.de_sway common.nixosModules.hardening common.nixosModules.jetbrains_font common.nixosModules.nix_options @@ -105,11 +106,19 @@ "input" ]; openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" + "REPLACE" ]; }; }; + environment.systemPackages = with pkgs; [ + lua + qdirstat + ffmpeg-full + vlc + google-chrome + ]; + services.flatpak.packages = [ "org.signal.Signal" "dev.vencord.Vesktop" From 1734c15addcc78662fea6c3e14db2a2489521b91 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 22 Oct 2025 00:15:37 -0500 Subject: [PATCH 070/109] add cache --- flakes/common/readme.md | 51 +-------------------------------------- flakes/hyprland/flake.nix | 11 +++++++++ 2 files changed, 12 insertions(+), 50 deletions(-) diff --git a/flakes/common/readme.md b/flakes/common/readme.md index 38def10..0c0c2d8 100644 --- a/flakes/common/readme.md +++ b/flakes/common/readme.md @@ -1,42 +1,3 @@ -required settings? - -- nixpkgs and home manager flake inputs - -```nix -# Required system information -system.stateVersion = "ORIGINAL VALUE" -networking.hostName = "system_name"; - -# Where this config lives for this machine -programs.nh.flake = "/home/josh/.config/nixos-config/hosts/${config.networking.hostName}"; - -# Optionally allow unfree software -nixpkgs.config.allowUnfree = true; - -users.users = { - josh = { - isNormalUser = true; - initialPassword = "password1"; - extraGroups = [ "wheel" "networkmanager" "video" "input" ]; - openssh.authorizedKeys.keys = [ "replace" ]; - }; -}; - -# Home manager only below this line (optional) -security.polkit.enable = true; -home-manager = { - useUserPackages = true; - useGlobalPkgs = true; - backupFileExtension = "bak"; - sharedModules = [ - ({}: { - home.stateVersion = "MATCH_HM_VERSION_AS_INPUT"; - programs.home-manager.enable = true; - }) - ]; -}; -``` - # TODO add somewhere ```nix @@ -51,17 +12,7 @@ home-manager = { DefaultTimeoutStopSec=8s ''; - nix.settings = { - substituters = [ - "https://hyprland.cachix.org" - "https://cosmic.cachix.org/" - ]; - trusted-substituters = config.nix.settings.substituters; - trusted-public-keys = [ - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" - "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" - ]; - }; + services.tailscale.extraUpFlags = ++ (lib.optionals cfg.enableExitNode [ "--advertise-exit-node" ]); diff --git a/flakes/hyprland/flake.nix b/flakes/hyprland/flake.nix index 9fc6a6f..1706957 100644 --- a/flakes/hyprland/flake.nix +++ b/flakes/hyprland/flake.nix @@ -23,6 +23,17 @@ ./hyprland.nix ]; config = { + nix.settings = { + substituters = [ + "https://hyprland.cachix.org" + ]; + trusted-substituters = [ + "https://hyprland.cachix.org" + ]; + trusted-public-keys = [ + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + ]; + }; _module.args = { inherit hyprland; hyprlandPkgs = import hyprland.inputs.nixpkgs { From bbf84d25908fae4c3ab9ff1120cde1095c9424ec Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 22 Oct 2025 00:19:20 -0500 Subject: [PATCH 071/109] oren on new version success --- hosts/oren/flake.lock | 356 +++++++++++++------------ hosts/oren/hyprland_customizations.nix | 23 +- 2 files changed, 198 insertions(+), 181 deletions(-) diff --git a/hosts/oren/flake.lock b/hosts/oren/flake.lock index 9a578a9..f8aeb91 100644 --- a/hosts/oren/flake.lock +++ b/hosts/oren/flake.lock @@ -5,7 +5,7 @@ "darwin": "darwin", "home-manager": "home-manager_2", "nixpkgs": [ - "common", + "secrets", "ragenix", "nixpkgs" ], @@ -28,32 +28,32 @@ "aquamarine": { "inputs": { "hyprutils": [ - "common", + "hyprland", "hyprland", "hyprutils" ], "hyprwayland-scanner": [ - "common", + "hyprland", "hyprland", "hyprwayland-scanner" ], "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] }, "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "lastModified": 1760101617, + "narHash": "sha256-8jf/3ZCi+B7zYpIyV04+3wm72BD7Z801IlOzsOACR7I=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "rev": "1826a9923881320306231b1c2090379ebf9fa4f8", "type": "github" }, "original": { @@ -63,23 +63,18 @@ } }, "common": { - "inputs": { - "home-manager": "home-manager", - "hyprland": "hyprland", - "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_3", - "ragenix": "ragenix" - }, "locked": { - "lastModified": 1759523753, - "narHash": "sha256-5AsVQRTlf7Gv6LeRWCUbbwbmbXxyNC4am8CoA6Is71c=", + "dir": "flakes/common", + "lastModified": 1761109947, + "narHash": "sha256-aXyAGMsRgKHYmDhMSa2vHfVbGHyz2SypWkz78Y0ESfs=", "ref": "refs/heads/master", - "rev": "82178521d17a743dbf46350406da64b691446c71", - "revCount": 681, + "rev": "ef1eb99b468a7e6e78314100e9070b7f12074e4d", + "revCount": 734, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { + "dir": "flakes/common", "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" } @@ -102,7 +97,7 @@ "darwin": { "inputs": { "nixpkgs": [ - "common", + "secrets", "ragenix", "agenix", "nixpkgs" @@ -157,10 +152,30 @@ "type": "github" } }, + "flatpaks": { + "inputs": { + "nix-flatpak": "nix-flatpak" + }, + "locked": { + "dir": "flakes/flatpaks", + "lastModified": 1761109947, + "narHash": "sha256-aXyAGMsRgKHYmDhMSa2vHfVbGHyz2SypWkz78Y0ESfs=", + "ref": "refs/heads/master", + "rev": "ef1eb99b468a7e6e78314100e9070b7f12074e4d", + "revCount": 734, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + }, + "original": { + "dir": "flakes/flatpaks", + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } + }, "gitignore": { "inputs": { "nixpkgs": [ - "common", + "hyprland", "hyprland", "pre-commit-hooks", "nixpkgs" @@ -202,7 +217,7 @@ "home-manager_2": { "inputs": { "nixpkgs": [ - "common", + "secrets", "ragenix", "agenix", "nixpkgs" @@ -225,17 +240,17 @@ "hyprcursor": { "inputs": { "hyprlang": [ - "common", + "hyprland", "hyprland", "hyprlang" ], "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] @@ -257,27 +272,27 @@ "hyprgraphics": { "inputs": { "hyprutils": [ - "common", + "hyprland", "hyprland", "hyprutils" ], "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] }, "locked": { - "lastModified": 1758192433, - "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "lastModified": 1760445448, + "narHash": "sha256-fXGjL6dw31FPFRrmIemzGiNSlfvEJTJNsmadZi+qNhI=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "rev": "50fb9f069219f338a11cf0bcccb9e58357d67757", "type": "github" }, "original": { @@ -288,52 +303,37 @@ }, "hyprland": { "inputs": { - "aquamarine": "aquamarine", - "hyprcursor": "hyprcursor", - "hyprgraphics": "hyprgraphics", - "hyprland-protocols": "hyprland-protocols", - "hyprland-qtutils": "hyprland-qtutils", - "hyprlang": "hyprlang", - "hyprutils": "hyprutils", - "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs_2", - "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems", - "xdph": "xdph" + "hyprland": "hyprland_2" }, "locked": { - "lastModified": 1759094452, - "narHash": "sha256-j7IOTFnQRDjX4PzYb2p6CPviAc8cDrcorzGpM8J89uM=", - "owner": "hyprwm", - "repo": "Hyprland", - "rev": "f854b5bffbdd13cfe7edad0ee157d6947ff99619", - "type": "github" + "path": "../../flakes/hyprland", + "type": "path" }, "original": { - "owner": "hyprwm", - "repo": "Hyprland", - "type": "github" - } + "path": "../../flakes/hyprland", + "type": "path" + }, + "parent": [] }, "hyprland-protocols": { "inputs": { "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] }, "locked": { - "lastModified": 1749046714, - "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "lastModified": 1759610243, + "narHash": "sha256-+KEVnKBe8wz+a6dTLq8YDcF3UrhQElwsYJaVaHXJtoI=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "rev": "bd153e76f751f150a09328dbdeb5e4fab9d23622", "type": "github" }, "original": { @@ -345,19 +345,19 @@ "hyprland-qt-support": { "inputs": { "hyprlang": [ - "common", + "hyprland", "hyprland", "hyprland-qtutils", "hyprlang" ], "nixpkgs": [ - "common", + "hyprland", "hyprland", "hyprland-qtutils", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "hyprland-qtutils", "systems" @@ -381,34 +381,34 @@ "inputs": { "hyprland-qt-support": "hyprland-qt-support", "hyprlang": [ - "common", + "hyprland", "hyprland", "hyprlang" ], "hyprutils": [ - "common", + "hyprland", "hyprland", "hyprland-qtutils", "hyprlang", "hyprutils" ], "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] }, "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "type": "github" }, "original": { @@ -417,30 +417,59 @@ "type": "github" } }, + "hyprland_2": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1761083270, + "narHash": "sha256-9GfP5vh9C0mzdOYX0fgXk4v6lCw99V6q41RNTsDU0mc=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "892f642f58e6fcab7c69ecba79afb2d6ab461c89", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, "hyprlang": { "inputs": { "hyprutils": [ - "common", + "hyprland", "hyprland", "hyprutils" ], "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "type": "github" }, "original": { @@ -452,22 +481,22 @@ "hyprutils": { "inputs": { "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1759619523, + "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", "type": "github" }, "original": { @@ -479,12 +508,12 @@ "hyprwayland-scanner": { "inputs": { "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] @@ -535,29 +564,13 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1759381078, - "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { - "lastModified": 1758198701, - "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "lastModified": 1760878510, + "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67", "type": "github" }, "original": { @@ -568,38 +581,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1758690382, - "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "e643668fd71b949c53f8626614b21ff71a07379d", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1741379970, - "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { "locked": { "lastModified": 1759281824, "narHash": "sha256-FIBE1qXv9TKvSNwst6FumyHwCRH3BlWDpfsnqRDCll0=", @@ -615,7 +596,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_4": { "locked": { "lastModified": 1757952092, "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", @@ -630,6 +611,22 @@ "type": "github" } }, + "nixpkgs_5": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nvim_plugin-Almo7aya/openingh.nvim": { "flake": false, "locked": { @@ -1515,17 +1512,17 @@ "flake-compat": "flake-compat", "gitignore": "gitignore", "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ] }, "locked": { - "lastModified": 1758108966, - "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "lastModified": 1760663237, + "narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37", "type": "github" }, "original": { @@ -1539,8 +1536,8 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_4", - "rust-overlay": "rust-overlay" + "nixpkgs": "nixpkgs_5", + "rust-overlay": "rust-overlay_2" }, "locked": { "lastModified": 1744897914, @@ -1559,14 +1556,17 @@ "root": { "inputs": { "common": "common", - "nixpkgs": "nixpkgs_5", - "nixpkgs-unstable": "nixpkgs-unstable", - "ros_neovim": "ros_neovim" + "flatpaks": "flatpaks", + "home-manager": "home-manager", + "hyprland": "hyprland", + "nixpkgs": "nixpkgs_3", + "ros_neovim": "ros_neovim", + "secrets": "secrets" } }, "ros_neovim": { "inputs": { - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_4", "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", @@ -1622,7 +1622,7 @@ "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", - "rust-overlay": "rust-overlay_2" + "rust-overlay": "rust-overlay" }, "locked": { "lastModified": 1758041510, @@ -1641,7 +1641,28 @@ "rust-overlay": { "inputs": { "nixpkgs": [ - "common", + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1757930296, + "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "secrets", "ragenix", "nixpkgs" ] @@ -1660,25 +1681,24 @@ "type": "github" } }, - "rust-overlay_2": { + "secrets": { "inputs": { - "nixpkgs": [ - "ros_neovim", - "nixpkgs" - ] + "ragenix": "ragenix" }, "locked": { - "lastModified": 1757930296, - "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", - "type": "github" + "dir": "flakes/secrets", + "lastModified": 1761109947, + "narHash": "sha256-aXyAGMsRgKHYmDhMSa2vHfVbGHyz2SypWkz78Y0ESfs=", + "ref": "refs/heads/master", + "rev": "ef1eb99b468a7e6e78314100e9070b7f12074e4d", + "revCount": 734, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" + "dir": "flakes/secrets", + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" } }, "systems": { @@ -1729,42 +1749,42 @@ "xdph": { "inputs": { "hyprland-protocols": [ - "common", + "hyprland", "hyprland", "hyprland-protocols" ], "hyprlang": [ - "common", + "hyprland", "hyprland", "hyprlang" ], "hyprutils": [ - "common", + "hyprland", "hyprland", "hyprutils" ], "hyprwayland-scanner": [ - "common", + "hyprland", "hyprland", "hyprwayland-scanner" ], "nixpkgs": [ - "common", + "hyprland", "hyprland", "nixpkgs" ], "systems": [ - "common", + "hyprland", "hyprland", "systems" ] }, "locked": { - "lastModified": 1755354946, - "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "lastModified": 1760713634, + "narHash": "sha256-5HXelmz2x/uO26lvW7MudnadbAfoBnve4tRBiDVLtOM=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "rev": "753bbbdf6a052994da94062e5b753288cef28dfb", "type": "github" }, "original": { diff --git a/hosts/oren/hyprland_customizations.nix b/hosts/oren/hyprland_customizations.nix index a360176..80cb07f 100644 --- a/hosts/oren/hyprland_customizations.nix +++ b/hosts/oren/hyprland_customizations.nix @@ -1,21 +1,18 @@ -{ ... }: -let - hyprlandExtraOptions = { - exec-once = [ - # Wait a moment for monitors/workspaces to settle, then "prime" 6 and return to 1 - "sh -lc 'sleep 0.2; hyprctl dispatch workspace 1'" - ]; - monitor = [ - "eDP-1,2560x1600@165.000Hz,0x0,1.666667,transform,0" - ]; - }; -in +{ lib, ... }: { home-manager.sharedModules = [ ( { ... }: { - wayland.windowManager.hyprland.settings = hyprlandExtraOptions; + wayland.windowManager.hyprland.settings = { + exec-once = [ + # Wait a moment for monitors/workspaces to settle, then "prime" 6 and return to 1 + "sh -lc 'sleep 0.2; hyprctl dispatch workspace 1'" + ]; + monitor = lib.mkForce [ + "eDP-1,2560x1600@165.000Hz,0x0,1.666667,transform,0" + ]; + }; services.hyprpaper.settings = { mode = "fill"; # Wallpaper display mode: fill, fit, stretch, center, tile From 8f2f522535e5e62cfe22cfff2afa209591bec0a0 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 22 Oct 2025 00:50:18 -0500 Subject: [PATCH 072/109] pin oren to remote and remove old top level flake weirdness --- flake.lock | 673 +----------------------------------------- flake.nix | 18 +- hosts/oren/flake.lock | 188 ++++++------ hosts/oren/flake.nix | 4 +- 4 files changed, 102 insertions(+), 781 deletions(-) diff --git a/flake.lock b/flake.lock index ba2bf35..c0c2de1 100644 --- a/flake.lock +++ b/flake.lock @@ -1,505 +1,6 @@ { "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager_2", - "nixpkgs": [ - "ragenix", - "nixpkgs" - ], - "systems": "systems_2" - }, - "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", - "owner": "ryantm", - "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, - "aquamarine": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759499898, - "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", - "owner": "hyprwm", - "repo": "aquamarine", - "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "aquamarine", - "type": "github" - } - }, - "crane": { - "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", - "owner": "ipetkov", - "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "ragenix", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1700795494, - "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-utils": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "hyprland", - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1758463745, - "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", - "owner": "rycee", - "repo": "home-manager", - "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", - "type": "github" - }, - "original": { - "owner": "rycee", - "ref": "release-25.05", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "ragenix", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1703113217, - "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "hyprcursor": { - "inputs": { - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1753964049, - "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", - "owner": "hyprwm", - "repo": "hyprcursor", - "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprcursor", - "type": "github" - } - }, - "hyprgraphics": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759490292, - "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", - "owner": "hyprwm", - "repo": "hyprgraphics", - "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprgraphics", - "type": "github" - } - }, - "hyprland": { - "inputs": { - "aquamarine": "aquamarine", - "hyprcursor": "hyprcursor", - "hyprgraphics": "hyprgraphics", - "hyprland-protocols": "hyprland-protocols", - "hyprland-qtutils": "hyprland-qtutils", - "hyprlang": "hyprlang", - "hyprutils": "hyprutils", - "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs_2", - "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems", - "xdph": "xdph" - }, - "locked": { - "lastModified": 1760813095, - "narHash": "sha256-D0AU+KKB9aGqiwDaS7er2pITjn9AS+XStzigPSoLeOQ=", - "owner": "hyprwm", - "repo": "Hyprland", - "rev": "39d62e1487052da2751ec1e36d243e3e92e24f6a", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "Hyprland", - "type": "github" - } - }, - "hyprland-protocols": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1749046714, - "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", - "owner": "hyprwm", - "repo": "hyprland-protocols", - "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-protocols", - "type": "github" - } - }, - "hyprland-qt-support": { - "inputs": { - "hyprlang": [ - "hyprland", - "hyprland-qtutils", - "hyprlang" - ], - "nixpkgs": [ - "hyprland", - "hyprland-qtutils", - "nixpkgs" - ], - "systems": [ - "hyprland", - "hyprland-qtutils", - "systems" - ] - }, - "locked": { - "lastModified": 1749154592, - "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "type": "github" - } - }, - "hyprland-qtutils": { - "inputs": { - "hyprland-qt-support": "hyprland-qt-support", - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprland-qtutils", - "hyprlang", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759080228, - "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "type": "github" - } - }, - "hyprlang": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1758927902, - "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", - "owner": "hyprwm", - "repo": "hyprlang", - "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprlang", - "type": "github" - } - }, - "hyprutils": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1759619523, - "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", - "owner": "hyprwm", - "repo": "hyprutils", - "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprutils", - "type": "github" - } - }, - "hyprwayland-scanner": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755184602, - "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "type": "github" - } - }, - "nix-flatpak": { - "locked": { - "lastModified": 1739444422, - "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", - "owner": "gmodena", - "repo": "nix-flatpak", - "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", - "type": "github" - }, - "original": { - "owner": "gmodena", - "ref": "latest", - "repo": "nix-flatpak", - "type": "github" - } - }, "nixpkgs": { - "locked": { - "lastModified": 1753345091, - "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1759381078, - "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1760524057, "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", @@ -515,181 +16,9 @@ "type": "github" } }, - "nixpkgs_4": { - "locked": { - "lastModified": 1741379970, - "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": "flake-compat", - "gitignore": "gitignore", - "nixpkgs": [ - "hyprland", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1758108966, - "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "ragenix": { - "inputs": { - "agenix": "agenix", - "crane": "crane", - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_4", - "rust-overlay": "rust-overlay" - }, - "locked": { - "lastModified": 1744897914, - "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", - "owner": "yaxitech", - "repo": "ragenix", - "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", - "type": "github" - }, - "original": { - "owner": "yaxitech", - "repo": "ragenix", - "type": "github" - } - }, "root": { "inputs": { - "home-manager": "home-manager", - "hyprland": "hyprland", - "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_3", - "ragenix": "ragenix" - } - }, - "rust-overlay": { - "inputs": { - "nixpkgs": [ - "ragenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1741400194, - "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "systems": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "xdph": { - "inputs": { - "hyprland-protocols": [ - "hyprland", - "hyprland-protocols" - ], - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1755354946, - "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "type": "github" + "nixpkgs": "nixpkgs" } } }, diff --git a/flake.nix b/flake.nix index e5eadfd..1444a5b 100644 --- a/flake.nix +++ b/flake.nix @@ -1,24 +1,13 @@ { inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - - # Manually synced with common/flake.nix inputs - # ===== - home-manager.url = "github:rycee/home-manager/release-25.05"; - ragenix.url = "github:yaxitech/ragenix"; - nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; - hyprland.url = "github:hyprwm/Hyprland"; - # ====== }; outputs = { nixpkgs, - home-manager, - ragenix, - nix-flatpak, ... - }@inputs: + }: let # Utilities inherit (nixpkgs) lib; @@ -26,8 +15,6 @@ forAllSystems = lib.genAttrs lib.systems.flakeExposed; # Create a mapping from system to corresponding nixpkgs : https://nixos.wiki/wiki/Overlays#In_a_Nix_flake nixpkgsFor = forAllSystems (system: nixpkgs.legacyPackages.${system}); - - commonFlake = (import ./common/flake.nix).outputs inputs; in { devShells = forAllSystems ( @@ -69,6 +56,5 @@ }; } ); - } - // commonFlake; + }; } diff --git a/hosts/oren/flake.lock b/hosts/oren/flake.lock index f8aeb91..90230c5 100644 --- a/hosts/oren/flake.lock +++ b/hosts/oren/flake.lock @@ -65,11 +65,11 @@ "common": { "locked": { "dir": "flakes/common", - "lastModified": 1761109947, - "narHash": "sha256-aXyAGMsRgKHYmDhMSa2vHfVbGHyz2SypWkz78Y0ESfs=", + "lastModified": 1761110137, + "narHash": "sha256-lQZc5iSfm7qbKnsbVB1DJB2ADRS0YI5eSFddFrEWe0A=", "ref": "refs/heads/master", - "rev": "ef1eb99b468a7e6e78314100e9070b7f12074e4d", - "revCount": 734, + "rev": "1734c15addcc78662fea6c3e14db2a2489521b91", + "revCount": 735, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, @@ -158,11 +158,11 @@ }, "locked": { "dir": "flakes/flatpaks", - "lastModified": 1761109947, - "narHash": "sha256-aXyAGMsRgKHYmDhMSa2vHfVbGHyz2SypWkz78Y0ESfs=", + "lastModified": 1761110137, + "narHash": "sha256-lQZc5iSfm7qbKnsbVB1DJB2ADRS0YI5eSFddFrEWe0A=", "ref": "refs/heads/master", - "rev": "ef1eb99b468a7e6e78314100e9070b7f12074e4d", - "revCount": 734, + "rev": "1734c15addcc78662fea6c3e14db2a2489521b91", + "revCount": 735, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, @@ -306,14 +306,20 @@ "hyprland": "hyprland_2" }, "locked": { - "path": "../../flakes/hyprland", - "type": "path" + "dir": "flakes/hyprland", + "lastModified": 1761110137, + "narHash": "sha256-lQZc5iSfm7qbKnsbVB1DJB2ADRS0YI5eSFddFrEWe0A=", + "ref": "refs/heads/master", + "rev": "1734c15addcc78662fea6c3e14db2a2489521b91", + "revCount": 735, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "path": "../../flakes/hyprland", - "type": "path" - }, - "parent": [] + "dir": "flakes/hyprland", + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } }, "hyprland-protocols": { "inputs": { @@ -582,11 +588,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1759281824, - "narHash": "sha256-FIBE1qXv9TKvSNwst6FumyHwCRH3BlWDpfsnqRDCll0=", + "lastModified": 1760862643, + "narHash": "sha256-PXwG0TM7Ek87DNx4LbGWuD93PbFeKAJs4FfALtp7Wo0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5b5be50345d4113d04ba58c444348849f5585b4a", + "rev": "33c6dca0c0cb31d6addcd34e90a63ad61826b28c", "type": "github" }, "original": { @@ -598,11 +604,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1757952092, - "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", + "lastModified": 1759772810, + "narHash": "sha256-8/sO67+Q6yNfFD39W5SXQHDbf/tQUHWFhCdxgRRGVCQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fd76dc9e7c68ac7c3941ba2af2bedcd79c5cf4ed", + "rev": "2b78ecc45e163d655c08c9a4cffb4a91c66d0493", "type": "github" }, "original": { @@ -646,11 +652,11 @@ "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { "flake": false, "locked": { - "lastModified": 1757950300, - "narHash": "sha256-IQTP3jOmFNc2nphV9jdFbJXkmAN5Wj+/PIGmaZ8gP24=", + "lastModified": 1759715887, + "narHash": "sha256-9wXyswKnUenlZyO/aIy0gr1hF0IhuEJ0UOwvqjDSGjA=", "owner": "CopilotC-Nvim", "repo": "CopilotChat.nvim", - "rev": "87615648ff4dc852d1cf7ec099f0a7c37b1b2c87", + "rev": "92f269971c33a6e2f405da8b14f01cd109b9a3a3", "type": "github" }, "original": { @@ -678,11 +684,11 @@ "nvim_plugin-L3MON4D3/LuaSnip": { "flake": false, "locked": { - "lastModified": 1756990415, - "narHash": "sha256-5FsUVPy8pAiwBh3c+bPDMtypFEHj6qIwGQIo3hjqV4M=", + "lastModified": 1759157591, + "narHash": "sha256-sicE0/Vgc03X+Qxqlu5CM7NGd+6FE9RGx6OjZUa6Umw=", "owner": "L3MON4D3", "repo": "LuaSnip", - "rev": "21f74f7ba8c49f95f9d7c8293b147c2901dd2d3a", + "rev": "73813308abc2eaeff2bc0d3f2f79270c491be9d7", "type": "github" }, "original": { @@ -694,11 +700,11 @@ "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { "flake": false, "locked": { - "lastModified": 1757910669, - "narHash": "sha256-PWbFcGRbTMRhDJrj+kx73HLduMLOSrAhZTLL2YgrAjQ=", + "lastModified": 1759424904, + "narHash": "sha256-Smt9v6/XyHUdUiIPyCPQSRvWCeMMhYITSZWd9M7Jlvs=", "owner": "MeanderingProgrammer", "repo": "render-markdown.nvim", - "rev": "2c6cf127c577712bd29d38f6391b3045c5f0180a", + "rev": "7e6af36c846017122e07e68803bbf95f3c729ca3", "type": "github" }, "original": { @@ -758,11 +764,11 @@ "nvim_plugin-aznhe21/actions-preview.nvim": { "flake": false, "locked": { - "lastModified": 1745779150, - "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "lastModified": 1759462626, + "narHash": "sha256-YUeWBXxxeurfWBi0PjUi6izqYAvUw9DHmvsuPXm7ohw=", "owner": "aznhe21", "repo": "actions-preview.nvim", - "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "rev": "cb938c25edaac38d362555f19244a9cb85d561e8", "type": "github" }, "original": { @@ -774,11 +780,11 @@ "nvim_plugin-b0o/schemastore.nvim": { "flake": false, "locked": { - "lastModified": 1757653237, - "narHash": "sha256-94NKAVWPV2sLkGWWL9G07QxA90Ise6tNWaYyKBcS/vI=", + "lastModified": 1759454886, + "narHash": "sha256-T6mWvScsU0IsB3wFre5+TrNIbpQCA0flf7BNrGQIb+M=", "owner": "b0o", "repo": "schemastore.nvim", - "rev": "3146720ee3a0c6e2446eedd492fb519d16f2e467", + "rev": "8e17e50b519ba360bcfd5dfb5843ccac9be500ba", "type": "github" }, "original": { @@ -790,11 +796,11 @@ "nvim_plugin-catppuccin/nvim": { "flake": false, "locked": { - "lastModified": 1755621274, - "narHash": "sha256-o8VLMPriOh4+Ay5Ff0cWQYXjmihdr3x9131bKHHTsQE=", + "lastModified": 1759668198, + "narHash": "sha256-WmWGygttH78KajAaIvlwRW47G7UGJuPV0YIfEZkse6I=", "owner": "catppuccin", "repo": "nvim", - "rev": "30fa4d122d9b22ad8b2e0ab1b533c8c26c4dde86", + "rev": "e79d09fa347b367e0e7f693bfe87dba932a8cbd1", "type": "github" }, "original": { @@ -838,11 +844,11 @@ "nvim_plugin-folke/lazy.nvim": { "flake": false, "locked": { - "lastModified": 1740511197, - "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "lastModified": 1759439283, + "narHash": "sha256-FjQ2rj3BvC8fh60IT0ExrBOmdDLdXFexffef6iKcPFQ=", "owner": "folke", "repo": "lazy.nvim", - "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "rev": "59334064f8604ca073791c25dcc5c9698865406e", "type": "github" }, "original": { @@ -870,11 +876,11 @@ "nvim_plugin-folke/which-key.nvim": { "flake": false, "locked": { - "lastModified": 1740233407, - "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "lastModified": 1758639622, + "narHash": "sha256-JNkjlv6QpnuaYCAFcBPjV7IavVLzj8QEX/Zi3sbdyrU=", "owner": "folke", "repo": "which-key.nvim", - "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "rev": "904308e6885bbb7b60714c80ab3daf0c071c1492", "type": "github" }, "original": { @@ -950,11 +956,11 @@ "nvim_plugin-j-hui/fidget.nvim": { "flake": false, "locked": { - "lastModified": 1755700851, - "narHash": "sha256-KRlUqUdcliKpLnEJqyA2OAWto73F6iGTbMrsiAdc24M=", + "lastModified": 1758578970, + "narHash": "sha256-ieY3zaQAydzadpPiW1/IYakVHhp+wyEOpCQntgDOObs=", "owner": "j-hui", "repo": "fidget.nvim", - "rev": "4d5858bd4c471c895060e1b9f3575f1551184dc5", + "rev": "3f5475949679953af6d78654db29b944fa826e6a", "type": "github" }, "original": { @@ -982,11 +988,11 @@ "nvim_plugin-lewis6991/gitsigns.nvim": { "flake": false, "locked": { - "lastModified": 1757668552, - "narHash": "sha256-L5WbNiFUn014hThvGfb5r858O6iLOBhOQHfVUdIlFI4=", + "lastModified": 1759324477, + "narHash": "sha256-GDK9I3SNRyZe59+GsnDC0L2KjGr150dWo4S3DUwhT7U=", "owner": "lewis6991", "repo": "gitsigns.nvim", - "rev": "f780609807eca1f783a36a8a31c30a48fbe150c5", + "rev": "1ee5c1fd068c81f9dd06483e639c2aa4587dc197", "type": "github" }, "original": { @@ -1046,11 +1052,11 @@ "nvim_plugin-mbbill/undotree": { "flake": false, "locked": { - "lastModified": 1756538456, - "narHash": "sha256-tudR+46nd63jY1VTCNEfZ2CofxCODXaHos0+NdFI6wU=", + "lastModified": 1759186837, + "narHash": "sha256-EWOH08KAWyoT9m45/B1d5aKQQJtd3k4orJbagVsxe08=", "owner": "mbbill", "repo": "undotree", - "rev": "fe9a9d0645f0f5532360b5e5f5c550d7bb4f1869", + "rev": "0f1c9816975b5d7f87d5003a19c53c6fd2ff6f7f", "type": "github" }, "original": { @@ -1062,11 +1068,11 @@ "nvim_plugin-mfussenegger/nvim-lint": { "flake": false, "locked": { - "lastModified": 1757878177, - "narHash": "sha256-8X9z0pRWx9xg9nQhhQtuOu3TunObg2CIgnlPXZtx86A=", + "lastModified": 1758714671, + "narHash": "sha256-POnQfsZAv93+0uCbKFcNgyQxn3u8nNqgnx0uTqCkCq8=", "owner": "mfussenegger", "repo": "nvim-lint", - "rev": "0864f81c681e15d9bdc1156fe3a17bd07db5a3ed", + "rev": "335a6044be16d7701001059cba9baa36fbeef422", "type": "github" }, "original": { @@ -1078,11 +1084,11 @@ "nvim_plugin-mrcjkb/rustaceanvim": { "flake": false, "locked": { - "lastModified": 1757809469, - "narHash": "sha256-bijgDZozBNmHW3cASmOrQlaSE80d8V3XRxi1BNmfzRI=", + "lastModified": 1759623626, + "narHash": "sha256-Cz4LDzz7v3kBS1mbxZjprogqHFghYr5xMfSN3us2Ltk=", "owner": "mrcjkb", "repo": "rustaceanvim", - "rev": "370b85298e5afdfd8b5d3da0c60c04e3873499a4", + "rev": "96a4f5efc7705f613ddd47fb5d1445c172acb213", "type": "github" }, "original": { @@ -1094,11 +1100,11 @@ "nvim_plugin-neovim/nvim-lspconfig": { "flake": false, "locked": { - "lastModified": 1757886255, - "narHash": "sha256-lIlFgHkesAK7fRcoEEQO84/0BpE29dBgNzBnCv/0Tf0=", + "lastModified": 1759548517, + "narHash": "sha256-K56vjTUkQ/NdA6vq5942zUknPiCUbMByiEW540dR8R0=", "owner": "neovim", "repo": "nvim-lspconfig", - "rev": "d9879110d0422a566fa01d732556f4d5515e1738", + "rev": "e688b486fe9291f151eae7e5c0b5a5c4ef980847", "type": "github" }, "original": { @@ -1110,11 +1116,11 @@ "nvim_plugin-nosduco/remote-sshfs.nvim": { "flake": false, "locked": { - "lastModified": 1755703322, - "narHash": "sha256-xy+50CsRd0LfRyDtNNMI8KhzvjH2nt8ogwiXf7H3fYY=", + "lastModified": 1759193354, + "narHash": "sha256-FfUxpRfqrf0r56/gi76N2ZooWnXWO0aRtaQBS7m+SvY=", "owner": "nosduco", "repo": "remote-sshfs.nvim", - "rev": "8b0974c0e23ef086f5598ebbb1980257171dc370", + "rev": "45502b3892774811153aeab5f7f9b0033c82005c", "type": "github" }, "original": { @@ -1238,11 +1244,11 @@ "nvim_plugin-nvim-tree/nvim-tree.lua": { "flake": false, "locked": { - "lastModified": 1757312802, - "narHash": "sha256-Km+PWXJJLl8zsBjwIGL//qT/eUEZna4yYRPsWXMXG1E=", + "lastModified": 1759222332, + "narHash": "sha256-TmQd8Xx9xw3G9PfPH+DZeSECfiUoO7XKCUSyQ4O0hMk=", "owner": "nvim-tree", "repo": "nvim-tree.lua", - "rev": "e179ad2f83b5955ab0af653069a493a1828c2697", + "rev": "87d096a39cb2d5d43e6771563575ff042a79f48b", "type": "github" }, "original": { @@ -1254,11 +1260,11 @@ "nvim_plugin-nvim-tree/nvim-web-devicons": { "flake": false, "locked": { - "lastModified": 1756936794, - "narHash": "sha256-2Q6ZZQj5HFXTw1YwX3ibdGOTwfbfPUBbcPOsuBUpSjc=", + "lastModified": 1759188261, + "narHash": "sha256-lVrakFrpIP9lp7sMfMb33KeMPIkcn1qBFVytJzKCfuE=", "owner": "nvim-tree", "repo": "nvim-web-devicons", - "rev": "6e51ca170563330e063720449c21f43e27ca0bc1", + "rev": "b8221e42cf7287c4dcde81f232f58d7b947c210d", "type": "github" }, "original": { @@ -1318,11 +1324,11 @@ "nvim_plugin-rmagatti/auto-session": { "flake": false, "locked": { - "lastModified": 1757864222, - "narHash": "sha256-FbN36vVLX3DUXwefTbi6511R6KTHqLiNHeAR0kXiarg=", + "lastModified": 1759618137, + "narHash": "sha256-+RYQi685tyV73WNXpgr/Q5p3o21dSUkQmSoif+EPBVM=", "owner": "rmagatti", "repo": "auto-session", - "rev": "5a269bb5bec50b8b60564aa00f6454d9e82fbe8d", + "rev": "0385a9ad378d70608c2e6e4c14b3b126ce30fc51", "type": "github" }, "original": { @@ -1382,11 +1388,11 @@ "nvim_plugin-stevearc/conform.nvim": { "flake": false, "locked": { - "lastModified": 1756334700, - "narHash": "sha256-j9TOSx2L19AHABdg9pLtmEUtPOCIUSo0qe2YUPBlZ5g=", + "lastModified": 1759554032, + "narHash": "sha256-JX+vFs+8n4PS7Xwq68MW2mjlDaLlUx6CxMqhf9ArfXQ=", "owner": "stevearc", "repo": "conform.nvim", - "rev": "b4aab989db276993ea5dcb78872be494ce546521", + "rev": "9d859cbfbde7a1bd1770e7c97aef30ec5a237a71", "type": "github" }, "original": { @@ -1494,11 +1500,11 @@ "nvim_plugin-zbirenbaum/copilot.lua": { "flake": false, "locked": { - "lastModified": 1757884406, - "narHash": "sha256-sXobILIsV4nnk9//PbFT4L1BsHP1xSJiuibVbGwYXJ8=", + "lastModified": 1759697885, + "narHash": "sha256-PwqJ7/FCfK4AqFgguZ2Tac5RWhehSEfI1N6ySSuTbZc=", "owner": "zbirenbaum", "repo": "copilot.lua", - "rev": "8aebaa3a102125fedf08c98773a0a8def92fff37", + "rev": "30b98a4c25d6152c14084020f703b6d56e1f1122", "type": "github" }, "original": { @@ -1625,11 +1631,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1758041510, - "narHash": "sha256-vcK6ZwAWNfjdDFYKLVrWk+azva58AiDpm8nMfIniFWA=", + "lastModified": 1760630879, + "narHash": "sha256-H1ZHzlSpu2dxnM69OYCB6qJVZfVIbR3hBu3LcVW2eKw=", "ref": "refs/heads/master", - "rev": "b3dbdf3f7360747987bf38bcdd9baf01b4906929", - "revCount": 304, + "rev": "d1172c40fd221200a1c7f924d0e43b395f3338ad", + "revCount": 310, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/nvim" }, @@ -1646,11 +1652,11 @@ ] }, "locked": { - "lastModified": 1757930296, - "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", + "lastModified": 1759718104, + "narHash": "sha256-TbkLsgdnXHUXR4gOQBmhxkEE9ne+eHmX1chZHWRogy0=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", + "rev": "edea9f33f9a03f615ad3609a40fbcefe0ec835ca", "type": "github" }, "original": { @@ -1687,11 +1693,11 @@ }, "locked": { "dir": "flakes/secrets", - "lastModified": 1761109947, - "narHash": "sha256-aXyAGMsRgKHYmDhMSa2vHfVbGHyz2SypWkz78Y0ESfs=", + "lastModified": 1761110137, + "narHash": "sha256-lQZc5iSfm7qbKnsbVB1DJB2ADRS0YI5eSFddFrEWe0A=", "ref": "refs/heads/master", - "rev": "ef1eb99b468a7e6e78314100e9070b7f12074e4d", - "revCount": 734, + "rev": "1734c15addcc78662fea6c3e14db2a2489521b91", + "revCount": 735, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 22385c5..6f20c7c 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -10,8 +10,8 @@ secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; # flatpaks.url = "path:../../flakes/flatpaks"; flatpaks.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/flatpaks"; - hyprland.url = "path:../../flakes/hyprland"; - # hyprland.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/hyprland"; + # hyprland.url = "path:../../flakes/hyprland"; + hyprland.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/hyprland"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; From cf8d874bab347be0d30e7504f6f6ffef5e2f907c Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 22 Oct 2025 20:53:12 -0500 Subject: [PATCH 073/109] make a copy version of link ignored --- .../nix_modules/git/copy_ignored.func.sh | 153 ++++++++++++++++++ flakes/common/nix_modules/git/default.nix | 2 + 2 files changed, 155 insertions(+) create mode 100644 flakes/common/nix_modules/git/copy_ignored.func.sh diff --git a/flakes/common/nix_modules/git/copy_ignored.func.sh b/flakes/common/nix_modules/git/copy_ignored.func.sh new file mode 100644 index 0000000..338c4d2 --- /dev/null +++ b/flakes/common/nix_modules/git/copy_ignored.func.sh @@ -0,0 +1,153 @@ +copy_ignored() { + local DRY_RUN=0 + local USE_FZF=1 + local -a PATTERNS=() + while [ $# -gt 0 ]; do + case "$1" in + --dry-run) DRY_RUN=1; shift ;; + --no-fzf) USE_FZF=0; shift ;; + -h|--help) copy_ignored_usage; return 0 ;; + --) shift; break ;; + *) PATTERNS+=("$1"); shift ;; + esac + done + copy_ignored_usage() { + cat </dev/null); then + echo "Error: not in a git repository." >&2 + return 2 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + repo_root="${common_dir%%/.git*}" + if [ -z "$repo_root" ]; then + echo "Error: unable to determine repository root." >&2 + return 2 + fi + local -a candidates=() + while IFS= read -r -d '' file; do + candidates+=("$file") + done < <(git -C "$repo_root" ls-files --others --ignored --exclude-standard -z || true) + if [ ${#candidates[@]} -eq 0 ]; then + echo "No untracked/ignored files found in $repo_root" + return 0 + fi + local -a tops=() + for c in "${candidates[@]}"; do + c="${c%/}" + local top="${c%%/*}" + [ -z "$top" ] && continue + local found=0 + for existing in "${tops[@]}"; do + [ "$existing" = "$top" ] && found=1 && break + done + [ "$found" -eq 0 ] && tops+=("$top") + done + if [ ${#tops[@]} -eq 0 ]; then + echo "No top-level ignored/untracked entries found in $repo_root" + return 0 + fi + local -a filtered + if [ ${#PATTERNS[@]} -gt 0 ]; then + for t in "${tops[@]}"; do + for p in "${PATTERNS[@]}"; do + if [[ "$t" == *"$p"* ]]; then + filtered+=("$t") + break + fi + done + done + else + filtered=("${tops[@]}") + fi + if [ ${#filtered[@]} -eq 0 ]; then + echo "No candidates match the provided patterns." >&2 + return 0 + fi + local -a chosen + if command -v fzf >/dev/null 2>&1 && [ "$USE_FZF" -eq 1 ]; then + local selected + selected=$(printf "%s\n" "${filtered[@]}" | fzf --multi --height=40% --border --prompt="Select files to copy: " --preview "if [ -f '$repo_root'/{} ]; then bat --color always --paging=never --style=plain '$repo_root'/{}; else ls -la '$repo_root'/{}; fi") + if [ -z "$selected" ]; then + echo "No files selected." && return 0 + fi + chosen=() + while IFS= read -r line; do + chosen+=("$line") + done <&2 + errors+=("$rel (copy failed)") + fi + fi + done + echo + echo "Summary:" + echo " Copied: ${#created[@]}" + [ ${#created[@]} -gt 0 ] && printf ' %s\n' "${created[@]}" + echo " Skipped: ${#skipped[@]}" + [ ${#skipped[@]} -gt 0 ] && printf ' %s\n' "${skipped[@]}" + echo " Errors: ${#errors[@]}" + [ ${#errors[@]} -gt 0 ] && printf ' %s\n' "${errors[@]}" + return 0 +} diff --git a/flakes/common/nix_modules/git/default.nix b/flakes/common/nix_modules/git/default.nix index d3157a8..0c0c2f1 100644 --- a/flakes/common/nix_modules/git/default.nix +++ b/flakes/common/nix_modules/git/default.nix @@ -19,6 +19,7 @@ with lib; stashes = "git stash list"; bd = "branch default"; li = "link_ignored"; + ci = "copy_ignored"; bx = "branchdel"; b = "branch"; }; @@ -28,5 +29,6 @@ with lib; (builtins.readFile ./branch.func.sh) (builtins.readFile ./branchd.func.sh) (builtins.readFile ./link_ignored.func.sh) + (builtins.readFile ./copy_ignored.func.sh) ]; } From 62b189b5126593e89c0c262a0653ca9f66827838 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Wed, 22 Oct 2025 20:53:46 -0500 Subject: [PATCH 074/109] update to new copy ignoredc common --- hosts/lio/flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 34e025f..a0b60b5 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -28,11 +28,11 @@ "common": { "locked": { "dir": "flakes/common", - "lastModified": 1761107519, - "narHash": "sha256-HV+W8peuB0elo/32CgwfITp/ox4dFDXaM22z/HlmZ2c=", + "lastModified": 1761184392, + "narHash": "sha256-gaw7VmF9rOFtYqtDR7Wny8KXRAlBoz2fvuolZp9aCSQ=", "ref": "refs/heads/master", - "rev": "9de4c7892bdf28735875d43849d67d9b16b6d700", - "revCount": 731, + "rev": "cf8d874bab347be0d30e7504f6f6ffef5e2f907c", + "revCount": 738, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, From 6472f64f360095b948954bcc2543d095f46e9a21 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 23 Oct 2025 11:56:39 -0500 Subject: [PATCH 075/109] add time_short/compact alias functions --- flakes/common/nix_modules/essentials/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/flakes/common/nix_modules/essentials/default.nix b/flakes/common/nix_modules/essentials/default.nix index e6f2ce0..70d4de5 100644 --- a/flakes/common/nix_modules/essentials/default.nix +++ b/flakes/common/nix_modules/essentials/default.nix @@ -38,6 +38,8 @@ with lib; # general unix date_compact = "date +'%Y%m%d'"; date_short = "date +'%Y-%m-%d'"; + time_compact = "date +'%Y%m%d%H%M%'"; + time_short = "date +'%Y-%m-%dT%H:%M:%S'"; ls = "ls --color -Gah"; ll = "ls --color -Galhtr"; lss = "du --max-depth=0 -h {.,}* 2>/dev/null | sort -hr"; From 4c9e388d30656041561b66c1a6ce87d83340fe32 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Thu, 23 Oct 2025 11:57:12 -0500 Subject: [PATCH 076/109] update lio to use latest common flake --- hosts/lio/flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index a0b60b5..d369cf5 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -28,11 +28,11 @@ "common": { "locked": { "dir": "flakes/common", - "lastModified": 1761184392, - "narHash": "sha256-gaw7VmF9rOFtYqtDR7Wny8KXRAlBoz2fvuolZp9aCSQ=", + "lastModified": 1761238599, + "narHash": "sha256-BXSFjTnqgPzNk9ldiVPreAIPNOeEpKy7kXnIgYTkoPU=", "ref": "refs/heads/master", - "rev": "cf8d874bab347be0d30e7504f6f6ffef5e2f907c", - "revCount": 738, + "rev": "6472f64f360095b948954bcc2543d095f46e9a21", + "revCount": 740, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, From d81ea35db9ffac1a02dbe5a1b200591d84fa259e Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sat, 25 Oct 2025 22:42:47 -0500 Subject: [PATCH 077/109] try and failed at i3 again --- flakes/common/hm_modules/de_i3/default.nix | 4 + flakes/common/hm_modules/de_i3/i3.nix | 94 ++++++++++++++++++++++ flakes/common/nix_modules/de_i3.nix | 50 ++++++++++++ flakes/common/nix_modules/hardening.nix | 2 +- hosts/lio/flake.lock | 18 ++--- hosts/lio/flake.nix | 7 +- hosts/lio/i3_customizations.nix | 44 ++++++++++ 7 files changed, 204 insertions(+), 15 deletions(-) create mode 100644 flakes/common/hm_modules/de_i3/default.nix create mode 100644 flakes/common/hm_modules/de_i3/i3.nix create mode 100644 flakes/common/nix_modules/de_i3.nix create mode 100644 hosts/lio/i3_customizations.nix diff --git a/flakes/common/hm_modules/de_i3/default.nix b/flakes/common/hm_modules/de_i3/default.nix new file mode 100644 index 0000000..7924e53 --- /dev/null +++ b/flakes/common/hm_modules/de_i3/default.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + imports = [ ./i3.nix ]; +} diff --git a/flakes/common/hm_modules/de_i3/i3.nix b/flakes/common/hm_modules/de_i3/i3.nix new file mode 100644 index 0000000..23d8d9f --- /dev/null +++ b/flakes/common/hm_modules/de_i3/i3.nix @@ -0,0 +1,94 @@ +{ pkgs, ... }: +{ + xsession.enable = true; + xsession.windowManager.i3 = { + enable = true; + package = pkgs.i3; + extraConfig = '' + focus_follows_mouse no + default_border pixel 1 + default_floating_border pixel 1 + floating_modifier Mod4 + ''; + config = rec { + modifier = "Mod4"; + terminal = "kitty"; + menu = "rofi -show drun"; + + + focus.followMouse = false; + + gaps = { + inner = 2; + outer = 5; + smartBorders = "on"; + }; + + keybindings = { + "${modifier}+return" = "exec ${terminal}"; + "${modifier}+space" = "exec pkill rofi || rofi -show drun"; + "${modifier}+q" = "kill"; + "${modifier}+shift+Escape" = "exit"; + "${modifier}+shift+q" = "exec i3lock"; + "${modifier}+f" = "floating toggle"; + + "${modifier}+h" = "focus left"; + "${modifier}+l" = "focus right"; + "${modifier}+k" = "focus up"; + "${modifier}+j" = "focus down"; + + "${modifier}+1" = "workspace number 1"; + "${modifier}+n" = "workspace number 1"; + "${modifier}+2" = "workspace number 2"; + "${modifier}+m" = "workspace number 2"; + "${modifier}+3" = "workspace number 3"; + "${modifier}+comma" = "workspace number 3"; + "${modifier}+4" = "workspace number 4"; + "${modifier}+period" = "workspace number 4"; + "${modifier}+5" = "workspace number 5"; + "${modifier}+slash" = "workspace number 5"; + "${modifier}+6" = "workspace number 6"; + "${modifier}+7" = "workspace number 7"; + "${modifier}+8" = "workspace number 8"; + "${modifier}+9" = "workspace number 9"; + "${modifier}+0" = "workspace number 10"; + + "${modifier}+shift+h" = "move left"; + "${modifier}+shift+l" = "move right"; + "${modifier}+shift+k" = "move up"; + "${modifier}+shift+j" = "move down"; + "${modifier}+shift+1" = "move container to workspace number 1"; + "${modifier}+shift+n" = "move container to workspace number 1"; + "${modifier}+shift+2" = "move container to workspace number 2"; + "${modifier}+shift+m" = "move container to workspace number 2"; + "${modifier}+shift+3" = "move container to workspace number 3"; + "${modifier}+shift+comma" = "move container to workspace number 3"; + "${modifier}+shift+4" = "move container to workspace number 4"; + "${modifier}+shift+period" = "move container to workspace number 4"; + "${modifier}+shift+5" = "move container to workspace number 5"; + "${modifier}+shift+slash" = "move container to workspace number 5"; + "${modifier}+shift+6" = "move container to workspace number 6"; + "${modifier}+shift+7" = "move container to workspace number 7"; + "${modifier}+shift+8" = "move container to workspace number 8"; + "${modifier}+shift+9" = "move container to workspace number 9"; + "${modifier}+shift+0" = "move container to workspace number 10"; + + "${modifier}+left" = "resize shrink width 10 px or 10 ppt"; + "${modifier}+down" = "resize shrink height 10 px or 10 ppt"; + "${modifier}+up" = "resize grow height 10 px or 10 ppt"; + "${modifier}+right" = "resize grow width 10 px or 10 ppt"; + + "Print" = "exec sh -c 'maim -s | xclip -selection clipboard -t image/png'"; + }; + + bars = [ + { + position = "top"; + statusCommand = "${pkgs.i3status}/bin/i3status"; + } + ]; + + startup = [ ]; + }; + }; +} diff --git a/flakes/common/nix_modules/de_i3.nix b/flakes/common/nix_modules/de_i3.nix new file mode 100644 index 0000000..6c91690 --- /dev/null +++ b/flakes/common/nix_modules/de_i3.nix @@ -0,0 +1,50 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + services.xserver = { + enable = true; + # displayManager.startx.enable = true; + windowManager.i3 = { + enable = true; + # package = pkgs.i3; + extraPackages = with pkgs; [ + dmenu + i3status + i3lock + ]; + }; + desktopManager = { + xterm.enable = true; + xfce = { + enable = true; + noDesktop = true; + enableXfwm = false; + }; + }; + displayManager = { + # lightdm.enable = true; + defaultSession = "xfce+i3"; + }; + }; + + services.greetd = { + enable = true; + vt = 2; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${pkgs.xorg.xinit}/bin/startx ${pkgs.xfce.xfce4-session}/bin/startxfce4 -- ${pkgs.xorg.xorgserver}/bin/X -keeptty -quiet vt${toString config.services.greetd.vt}'"; + user = "greeter"; + }; + }; + }; + + xdg.portal = { + enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + config.common.default = [ "gtk" ]; + }; +} diff --git a/flakes/common/nix_modules/hardening.nix b/flakes/common/nix_modules/hardening.nix index be2e326..e691f69 100644 --- a/flakes/common/nix_modules/hardening.nix +++ b/flakes/common/nix_modules/hardening.nix @@ -84,5 +84,5 @@ fi ''; }; - }) config.users.users; + }) (lib.filterAttrs (n: u: u.isNormalUser or false) config.users.users); } diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index d369cf5..7a0474c 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -27,20 +27,14 @@ }, "common": { "locked": { - "dir": "flakes/common", - "lastModified": 1761238599, - "narHash": "sha256-BXSFjTnqgPzNk9ldiVPreAIPNOeEpKy7kXnIgYTkoPU=", - "ref": "refs/heads/master", - "rev": "6472f64f360095b948954bcc2543d095f46e9a21", - "revCount": 740, - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + "path": "../../flakes/common", + "type": "path" }, "original": { - "dir": "flakes/common", - "type": "git", - "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" - } + "path": "../../flakes/common", + "type": "path" + }, + "parent": [] }, "crane": { "locked": { diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index e1e0ca9..84f871c 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -6,8 +6,8 @@ nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Use relative to get current version for testing - # common.url = "path:../../flakes/common"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; + common.url = "path:../../flakes/common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; # secrets.url = "path:../../flakes/secrets"; secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; # flatpaks.url = "path:../../flakes/flatpaks"; @@ -56,6 +56,7 @@ common.nixosModules.tmux common.nixosModules.boot_systemd common.nixosModules.de_sway + # common.nixosModules.de_i3 common.nixosModules.hardening common.nixosModules.jetbrains_font common.nixosModules.nix_options @@ -73,6 +74,7 @@ # ./jails_text.nix # ./hyprland_customizations.nix ./sway_customizations.nix + # ./i3_customizations.nix ./opencode-shim.nix ( { @@ -96,6 +98,7 @@ sharedModules = [ common.homeManagerModules.de_sway + # common.homeManagerModules.de_i3 common.homeManagerModules.tmux common.homeManagerModules.atuin common.homeManagerModules.direnv diff --git a/hosts/lio/i3_customizations.nix b/hosts/lio/i3_customizations.nix new file mode 100644 index 0000000..259f46c --- /dev/null +++ b/hosts/lio/i3_customizations.nix @@ -0,0 +1,44 @@ +{ pkgs, ... }: +let + assignLines = '' + workspace 1 output DP-1 + workspace 2 output DP-1 + workspace 3 output DP-1 + workspace 4 output DP-1 + workspace 5 output DP-1 + workspace 6 output DP-1 + workspace 7 output DP-2 + workspace 8 output DP-2 + workspace 9 output DP-2 + workspace 10 output DP-2 + ''; + bg1 = ../_shared_assets/wallpapers/pixel_neon.png; + bg2 = ../_shared_assets/wallpapers/pixel_neon_v.png; + xrSetup = '' + xrandr --output DP-1 --mode 3840x2160 --rate 97.983 --pos 0x0 --primary + xrandr --output DP-2 --mode 3440x1440 --rate 99.982 --rotate left --left-of DP-1 + ''; + fehCmd = "feh --bg-fill ${bg1} ${bg2}"; + startupCmd = "sh -c 'sleep 0.05; i3-msg workspace number 7; sleep 0.05; i3-msg workspace number 1'"; + i3ExtraOptions = { + startup = [ + { command = "exec --no-startup-id ${fehCmd}"; } + { command = "exec --no-startup-id ${xrSetup}"; } + { command = "exec --no-startup-id ${startupCmd}"; } + ]; + }; +in +{ + options = { }; + config = { + home-manager.sharedModules = [ + ( + { ... }: + { + # xsession.windowManager.i3.config = i3ExtraOptions; + # xsession.windowManager.i3.extraConfig = assignLines; + } + ) + ]; + }; +} From 940c53192bfa1ca1fa080f6cc09cee325bb48830 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 26 Oct 2025 00:22:21 -0500 Subject: [PATCH 078/109] i3 worked! --- flakes/common/hm_modules/alacritty.nix | 1 + flakes/common/hm_modules/de_i3/i3.nix | 10 +++--- flakes/common/hm_modules/kitty.nix | 2 +- flakes/common/nix_modules/de_i3.nix | 49 +++++++++++++------------- flakes/common/nix_modules/de_sway.nix | 38 ++++++++++---------- hosts/lio/flake.nix | 13 +++---- hosts/lio/i3_customizations.nix | 29 +++++++-------- 7 files changed, 73 insertions(+), 69 deletions(-) diff --git a/flakes/common/hm_modules/alacritty.nix b/flakes/common/hm_modules/alacritty.nix index 0794c15..02cb9d6 100644 --- a/flakes/common/hm_modules/alacritty.nix +++ b/flakes/common/hm_modules/alacritty.nix @@ -6,6 +6,7 @@ window = { decorations = "None"; dynamic_title = false; + opacity = 0.94; }; colors = { primary = { diff --git a/flakes/common/hm_modules/de_i3/i3.nix b/flakes/common/hm_modules/de_i3/i3.nix index 23d8d9f..3d186cb 100644 --- a/flakes/common/hm_modules/de_i3/i3.nix +++ b/flakes/common/hm_modules/de_i3/i3.nix @@ -25,7 +25,7 @@ }; keybindings = { - "${modifier}+return" = "exec ${terminal}"; + "${modifier}+Return" = "exec ${terminal}"; "${modifier}+space" = "exec pkill rofi || rofi -show drun"; "${modifier}+q" = "kill"; "${modifier}+shift+Escape" = "exit"; @@ -73,10 +73,10 @@ "${modifier}+shift+9" = "move container to workspace number 9"; "${modifier}+shift+0" = "move container to workspace number 10"; - "${modifier}+left" = "resize shrink width 10 px or 10 ppt"; - "${modifier}+down" = "resize shrink height 10 px or 10 ppt"; - "${modifier}+up" = "resize grow height 10 px or 10 ppt"; - "${modifier}+right" = "resize grow width 10 px or 10 ppt"; + "${modifier}+Left" = "resize shrink width 10 px or 10 ppt"; + "${modifier}+Down" = "resize shrink height 10 px or 10 ppt"; + "${modifier}+Up" = "resize grow height 10 px or 10 ppt"; + "${modifier}+Right" = "resize grow width 10 px or 10 ppt"; "Print" = "exec sh -c 'maim -s | xclip -selection clipboard -t image/png'"; }; diff --git a/flakes/common/hm_modules/kitty.nix b/flakes/common/hm_modules/kitty.nix index 236c6ef..b40f6bc 100644 --- a/flakes/common/hm_modules/kitty.nix +++ b/flakes/common/hm_modules/kitty.nix @@ -6,7 +6,7 @@ settings = { # Window settings - background_opacity = 1.0; + background_opacity = 0.9; os_window_class = "kitty"; remember_window_size = false; placement_strategy = "center"; diff --git a/flakes/common/nix_modules/de_i3.nix b/flakes/common/nix_modules/de_i3.nix index 6c91690..39b4090 100644 --- a/flakes/common/nix_modules/de_i3.nix +++ b/flakes/common/nix_modules/de_i3.nix @@ -5,6 +5,19 @@ ... }: { + # Caps Lock as Escape for console/tty and Wayland + console.useXkbConfig = true; + services.xserver.xkb = { + layout = "us"; + options = "caps:escape"; + }; + + xdg.portal = { + enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + config.common.default = [ "gtk" ]; + }; + services.xserver = { enable = true; # displayManager.startx.enable = true; @@ -15,36 +28,24 @@ dmenu i3status i3lock + maim + xclip ]; }; desktopManager = { - xterm.enable = true; - xfce = { - enable = true; - noDesktop = true; - enableXfwm = false; - }; + # xterm.enable = false; + # xfce = { + # enable = true; + # noDesktop = true; + # enableXfwm = false; + # }; }; displayManager = { - # lightdm.enable = true; - defaultSession = "xfce+i3"; + lightdm.enable = true; + defaultSession = "none+i3"; + # defaultSession = "xfce+i3"; }; }; - services.greetd = { - enable = true; - vt = 2; - settings = { - default_session = { - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${pkgs.xorg.xinit}/bin/startx ${pkgs.xfce.xfce4-session}/bin/startxfce4 -- ${pkgs.xorg.xorgserver}/bin/X -keeptty -quiet vt${toString config.services.greetd.vt}'"; - user = "greeter"; - }; - }; - }; - - xdg.portal = { - enable = true; - extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; - config.common.default = [ "gtk" ]; - }; + hardware.graphics.enable = true; } diff --git a/flakes/common/nix_modules/de_sway.nix b/flakes/common/nix_modules/de_sway.nix index 02eea3f..a9e9fe9 100644 --- a/flakes/common/nix_modules/de_sway.nix +++ b/flakes/common/nix_modules/de_sway.nix @@ -6,6 +6,25 @@ }: { + # Caps Lock as Escape for console/tty and Wayland + console.useXkbConfig = true; + services.xserver.xkb = { + layout = "us"; + options = "caps:escape"; + }; + + xdg.portal = { + enable = true; + extraPortals = lib.mkForce [ + pkgs.xdg-desktop-portal-wlr + pkgs.xdg-desktop-portal-gtk + ]; + config.common.default = [ + "wlr" + "gtk" + ]; + }; + services.greetd = { enable = true; vt = 2; @@ -17,13 +36,6 @@ }; }; - # Caps Lock as Escape for console/tty and Wayland - console.useXkbConfig = true; - services.xserver.xkb = { - layout = "us"; - options = "caps:escape"; - }; - # Core packages and tools environment.systemPackages = with pkgs; [ wl-clipboard @@ -55,18 +67,6 @@ ]; }; - xdg.portal = { - enable = true; - extraPortals = lib.mkForce [ - pkgs.xdg-desktop-portal-wlr - pkgs.xdg-desktop-portal-gtk - ]; - config.common.default = [ - "wlr" - "gtk" - ]; - }; - # Enable PipeWire + WirePlumber so xdg-desktop-portal can do screencast services.pipewire = { enable = true; diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 84f871c..69d8c92 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -55,8 +55,8 @@ common.nixosModules.git common.nixosModules.tmux common.nixosModules.boot_systemd - common.nixosModules.de_sway - # common.nixosModules.de_i3 + # common.nixosModules.de_sway + common.nixosModules.de_i3 common.nixosModules.hardening common.nixosModules.jetbrains_font common.nixosModules.nix_options @@ -73,8 +73,8 @@ (import ./containers.nix { inherit inputs; }) # ./jails_text.nix # ./hyprland_customizations.nix - ./sway_customizations.nix - # ./i3_customizations.nix + # ./sway_customizations.nix + ./i3_customizations.nix ./opencode-shim.nix ( { @@ -97,14 +97,15 @@ }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users); sharedModules = [ - common.homeManagerModules.de_sway - # common.homeManagerModules.de_i3 + # common.homeManagerModules.de_sway + common.homeManagerModules.de_i3 common.homeManagerModules.tmux common.homeManagerModules.atuin common.homeManagerModules.direnv common.homeManagerModules.foot common.homeManagerModules.git common.homeManagerModules.kitty + common.homeManagerModules.launcher_rofi common.homeManagerModules.postgres_cli_options common.homeManagerModules.slicer common.homeManagerModules.ssh diff --git a/hosts/lio/i3_customizations.nix b/hosts/lio/i3_customizations.nix index 259f46c..b1845b6 100644 --- a/hosts/lio/i3_customizations.nix +++ b/hosts/lio/i3_customizations.nix @@ -14,17 +14,14 @@ let ''; bg1 = ../_shared_assets/wallpapers/pixel_neon.png; bg2 = ../_shared_assets/wallpapers/pixel_neon_v.png; - xrSetup = '' - xrandr --output DP-1 --mode 3840x2160 --rate 97.983 --pos 0x0 --primary - xrandr --output DP-2 --mode 3440x1440 --rate 99.982 --rotate left --left-of DP-1 - ''; - fehCmd = "feh --bg-fill ${bg1} ${bg2}"; - startupCmd = "sh -c 'sleep 0.05; i3-msg workspace number 7; sleep 0.05; i3-msg workspace number 1'"; + xrSetup = "xrandr --output DP-1 --mode 3840x2160 --rate 97.983 --pos 0x0 --primary; xrandr --output DP-2 --mode 3440x1440 --rate 99.982 --rotate left --left-of DP-1"; + xwallpaperCmd = "xwallpaper --output DP-1 --zoom ${bg1} --output DP-2 --zoom ${bg2}"; + startupCmd = "sh -c 'sleep 0.2; i3-msg workspace number 7; sleep 0.2; i3-msg workspace number 1'"; i3ExtraOptions = { startup = [ - { command = "exec --no-startup-id ${fehCmd}"; } - { command = "exec --no-startup-id ${xrSetup}"; } - { command = "exec --no-startup-id ${startupCmd}"; } + { command = "${xrSetup}"; } + { command = "sh -c 'sleep 0.5; ${xwallpaperCmd}'"; } + { command = "${startupCmd}"; } ]; }; in @@ -33,11 +30,15 @@ in config = { home-manager.sharedModules = [ ( - { ... }: - { - # xsession.windowManager.i3.config = i3ExtraOptions; - # xsession.windowManager.i3.extraConfig = assignLines; - } + { lib, pkgs, ... }: + let + inherit (lib) mkAfter; + in + { + xsession.windowManager.i3.config.startup = mkAfter i3ExtraOptions.startup; + xsession.windowManager.i3.extraConfig = mkAfter assignLines; + home.packages = [ pkgs.xwallpaper pkgs.xorg.xrandr ]; + } ) ]; }; From 647423692c2ca0786f5a1abaafbd3755a64367d7 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Sun, 26 Oct 2025 11:10:41 -0500 Subject: [PATCH 079/109] wip i3 --- flakes/common/hm_modules/de_i3/i3.nix | 8 ++++---- flakes/common/nix_modules/de_i3.nix | 19 +++++++++++++++++++ hosts/lio/i3_customizations.nix | 15 +++++++++++---- 3 files changed, 34 insertions(+), 8 deletions(-) diff --git a/flakes/common/hm_modules/de_i3/i3.nix b/flakes/common/hm_modules/de_i3/i3.nix index 3d186cb..9355719 100644 --- a/flakes/common/hm_modules/de_i3/i3.nix +++ b/flakes/common/hm_modules/de_i3/i3.nix @@ -82,10 +82,10 @@ }; bars = [ - { - position = "top"; - statusCommand = "${pkgs.i3status}/bin/i3status"; - } + # { + # position = "top"; + # statusCommand = "${pkgs.i3status}/bin/i3status"; + # } ]; startup = [ ]; diff --git a/flakes/common/nix_modules/de_i3.nix b/flakes/common/nix_modules/de_i3.nix index 39b4090..f93f778 100644 --- a/flakes/common/nix_modules/de_i3.nix +++ b/flakes/common/nix_modules/de_i3.nix @@ -48,4 +48,23 @@ }; hardware.graphics.enable = true; + + environment.systemPackages = with pkgs; [ + # xfce.xfce4-panel + # xfce.xfce4-session + # xfce.xfce4-settings + # xfce.xfce4-power-manager + # xfce.xfce4-pulseaudio-plugin + # xfce.xfce4-screenshooter + # xfce.xfce4-clipman-plugin + # xfce.xfce4-sensors-plugin + # xfce.xfce4-notifyd + pavucontrol + ]; + + # Applets/services for tray widgets + programs.nm-applet.enable = true; + services.blueman.enable = true; + services.upower.enable = true; + # xfce4-notifyd is provided as a package; XFCE runs it automatically } diff --git a/hosts/lio/i3_customizations.nix b/hosts/lio/i3_customizations.nix index b1845b6..b65a528 100644 --- a/hosts/lio/i3_customizations.nix +++ b/hosts/lio/i3_customizations.nix @@ -34,11 +34,18 @@ in let inherit (lib) mkAfter; in - { - xsession.windowManager.i3.config.startup = mkAfter i3ExtraOptions.startup; - xsession.windowManager.i3.extraConfig = mkAfter assignLines; + { + xsession.windowManager.i3.config.bars = lib.mkForce []; + xsession.windowManager.i3.config.startup = mkAfter (i3ExtraOptions.startup ++ [ + { command = "nm-applet"; } + { command = "blueman-applet"; } + { command = "xfce4-power-manager"; } + { command = "sh -c 'pgrep -x xfsettingsd >/dev/null || xfsettingsd'"; } + { command = "sh -c 'pgrep -x xfce4-panel >/dev/null || (sleep 0.5; xfce4-panel --disable-wm-check)'"; } + ]); + xsession.windowManager.i3.extraConfig = mkAfter assignLines; home.packages = [ pkgs.xwallpaper pkgs.xorg.xrandr ]; - } + } ) ]; }; From b2f0476412160443362f34226a151ca1ebca41cc Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Mon, 27 Oct 2025 22:57:22 -0500 Subject: [PATCH 080/109] fix poly bar, use minified nvim to test out --- flakes/common/hm_modules/de_i3/default.nix | 2 +- flakes/common/hm_modules/de_i3/i3.nix | 8 +- flakes/common/hm_modules/de_i3/polybar.nix | 306 +++++++++++++++++++++ flakes/common/nix_modules/de_i3.nix | 32 +-- hosts/lio/flake.lock | 167 +++++------ hosts/lio/i3_customizations.nix | 10 +- 6 files changed, 389 insertions(+), 136 deletions(-) create mode 100644 flakes/common/hm_modules/de_i3/polybar.nix diff --git a/flakes/common/hm_modules/de_i3/default.nix b/flakes/common/hm_modules/de_i3/default.nix index 7924e53..7af8291 100644 --- a/flakes/common/hm_modules/de_i3/default.nix +++ b/flakes/common/hm_modules/de_i3/default.nix @@ -1,4 +1,4 @@ { ... }: { - imports = [ ./i3.nix ]; + imports = [ ./i3.nix ./polybar.nix ]; } diff --git a/flakes/common/hm_modules/de_i3/i3.nix b/flakes/common/hm_modules/de_i3/i3.nix index 9355719..14b5404 100644 --- a/flakes/common/hm_modules/de_i3/i3.nix +++ b/flakes/common/hm_modules/de_i3/i3.nix @@ -81,13 +81,7 @@ "Print" = "exec sh -c 'maim -s | xclip -selection clipboard -t image/png'"; }; - bars = [ - # { - # position = "top"; - # statusCommand = "${pkgs.i3status}/bin/i3status"; - # } - ]; - + bars = [ ]; startup = [ ]; }; }; diff --git a/flakes/common/hm_modules/de_i3/polybar.nix b/flakes/common/hm_modules/de_i3/polybar.nix new file mode 100644 index 0000000..e19f86b --- /dev/null +++ b/flakes/common/hm_modules/de_i3/polybar.nix @@ -0,0 +1,306 @@ +{ lib, pkgs, ... }: +let + mf = "#3b3b3bcc"; + bg = "#00000000"; + fg = "#FFFFFF"; + + polybarRun = pkgs.writeShellScriptBin "pbr" '' + polybar -m | while IFS=: read -r mon rest; do + if echo "$rest" | ${pkgs.gnugrep}/bin/grep -q "(primary)"; then + MONITOR="$mon" polybar -r primary & + else + MONITOR="$mon" polybar -r others & + fi + done + wait + ''; +in +{ + services.polybar = { + enable = true; + package = pkgs.polybar.override { + i3Support = true; + iwSupport = true; + pulseSupport = true; + }; + script = "${polybarRun}/bin/pbr"; + settings = { + "global/wm" = { + margin-bottom = 0; + margin-top = 5; + }; + + "bar/main" = { + monitor = "\${env:MONITOR}"; + width = "100%"; + height = 20; + radius = 0; + background = bg; + foreground = fg; + font-0 = "JetBrainsMono Nerd Font:size=11;2"; + font-1 = "Noto Sans CJK JP:size=11;2"; + + cursor-click = "pointer"; + enable-ipc = true; + }; + + "bar/primary" = { + "inherit" = "bar/main"; + modules-left = "i3"; + modules-center = "clock temperature cpu memory filesystem"; + modules-right = "volume tray powermenu"; + # modules-right = "volume network bluetooth backlight tray powermenu"; + }; + + "bar/others" = { + "inherit" = "bar/main"; + modules-left = "i3"; + modules-center = "clock temperature cpu memory filesystem"; + modules-right = ""; + }; + + "settings" = { + screenchange-reload = true; + + compositing-background = "source"; + compositing-foreground = "over"; + compositing-overline = "over"; + comppositing-underline = "over"; + compositing-border = "over"; + + pseudo-transparency = true; + }; + + "module/i3" = { + type = "internal/i3"; + index-sort = true; + pin-workspaces = true; + strip-wsnumbers = true; + wrapping-scroll = false; + format = ""; + + ws-icon-0 = "1;一"; + ws-icon-1 = "2;二"; + ws-icon-2 = "3;三"; + ws-icon-3 = "4;四"; + ws-icon-4 = "5;五"; + ws-icon-5 = "6;六"; + ws-icon-6 = "7;七"; + ws-icon-7 = "8;八"; + ws-icon-8 = "9;九"; + ws-icon-9 = "10;十"; + + label-unfocused = "%icon%"; + label-focused = "%icon%"; + label-focused-background = mf; + label-visible = "%icon%"; + label-urgent = "%icon%"; + label-occupied = "%icon%"; + + label-unfocused-padding = 1; + label-focused-padding = 1; + label-visible-padding = 1; + label-urgent-padding = 1; + label-occupied-padding = 1; + }; + + "module/clock" = { + type = "internal/date"; + interval = 10; + date = "%b %d, %H:%M"; + format = "