diff --git a/.envrc b/.envrc new file mode 100644 index 00000000..cbf869b3 --- /dev/null +++ b/.envrc @@ -0,0 +1,7 @@ +#!/bin/bash + +dotenv_if_exists .env.local + +nix_direnv_manual_reload +use flake + diff --git a/.gitignore b/.gitignore index c3f3b97f..54d659e8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ # if in /etc/nixos don't grab defaults ./hardware-configuration.nix ./configuration.nix - +modules/ +**/result diff --git a/common/_containers/forgejo.nix b/common/_containers/forgejo.nix new file mode 100644 index 00000000..92793a98 --- /dev/null +++ b/common/_containers/forgejo.nix @@ -0,0 +1,196 @@ +{ + config, + lib, + ... +}: +let + name = "forgejo"; + + hostDataDir = "/var/lib/${name}"; + + hostAddress = "10.0.0.1"; + containerAddress = "10.0.0.2"; + hostAddress6 = "fc00::1"; + containerAddress6 = "fc00::2"; + + binds = [ + # Postgres data, must use postgres user in container and host + { + host = "${hostDataDir}/postgres"; + # Adjust based on container postgres data dir + container = "/var/lib/postgresql/17"; + user = "postgres"; + uid = config.ids.uids.postgres; + gid = config.ids.gids.postgres; + } + # Postgres backups + { + host = "${hostDataDir}/backups/postgres"; + container = "/var/backup/postgresql"; + user = "postgres"; + uid = config.ids.uids.postgres; + gid = config.ids.gids.postgres; + } + # App data, uses custom user uid + { + host = "${hostDataDir}/data"; + container = "/var/lib/forgejo"; + user = "forgejo"; + uid = 115; + gid = 115; + } + ]; + uniqueUsers = lib.foldl' ( + acc: bind: if lib.lists.any (item: item.user == bind.user) acc then acc else acc ++ [ bind ] + ) [ ] binds; + users = { + users = lib.listToAttrs ( + lib.map (u: { + name = u.user; + value = { + isSystemUser = true; + name = u.user; + uid = u.uid; + group = u.user; + }; + }) uniqueUsers + ); + + groups = lib.listToAttrs ( + lib.map (g: { + name = g.user; + value.gid = g.gid; + }) uniqueUsers + ); + }; +in +{ + # Ensure users exists on host machine with same IDs as container + inherit users; + + # Ensure directories exist on host machine + system.activationScripts.createMediaServerDirs = '' + ${lib.concatStringsSep "\n" ( + lib.map (bind: '' + mkdir -p ${bind.host} + chown -R ${toString bind.user}:${toString bind.gid} ${bind.host} + chmod -R 750 ${bind.host} + '') binds + )} + ''; + + containers.${name} = { + ephemeral = true; + autoStart = true; + privateNetwork = true; + hostAddress = hostAddress; + localAddress = containerAddress; + hostAddress6 = hostAddress6; + localAddress6 = containerAddress6; + bindMounts = lib.foldl ( + acc: bind: + { + "${bind.container}" = { + hostPath = bind.host; + isReadOnly = false; + }; + } + // acc + ) { } binds; + config = + { config, pkgs, ... }: + { + system.stateVersion = "24.11"; + + networking = { + firewall = { + enable = true; + allowedTCPPorts = [ + 3000 + 3032 + ]; + }; + # Use systemd-resolved inside the container + # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686 + useHostResolvConf = lib.mkForce false; + }; + services.resolved.enable = true; + + # Ensure users exist on container + inherit users; + + services.postgresql = { + enable = true; + package = pkgs.postgresql_17.withJIT; + enableJIT = true; + authentication = '' + local all all trust + host all all 127.0.0.1/8 trust + host all all ::1/128 trust + host all all fc00::1/128 trust + ''; + }; + + # Backup database + services.postgresqlBackup = { + enable = true; + }; + + services.forgejo = { + enable = true; + dump = { + enable = false; + type = "tar.gz"; + }; + database = { + type = "postgres"; + }; + settings = { + DEFAULT = { + APP_NAME = "Josh's Git"; + }; + server = { + PROTOCOL = "http"; + DOMAIN = "git.joshuabell.xyz"; + HTTP_ADDR = "0.0.0.0"; + HTTP_PORT = 3000; + + START_SSH_SERVER = true; + SSH_DOMAIN = "git.joshuabell.xyz"; + SSH_LISTEN_HOST = "0.0.0.0"; + SSH_LISTEN_PORT = 3032; # actual listen port + SSH_PORT = 3032; # used in UI + BUILTIN_SSH_SERVER_USER = "git"; + + LANDING_PAGE = "explore"; + }; + service = { + DISABLE_REGISTRATION = true; + ENABLE_BASIC_AUTHENTICATION = false; + DISABLE_USERS_PAGE = true; + DISABLE_ORGANIZATIONS_PAGE = true; + }; + repository = { + # ENABLE_PUSH_CREATE_USER = true; + # ENABLE_PUSH_CREATE_ORG = true; + DISABLE_STARS = true; + DEFAULT_PRIVATE = "private"; + }; + admin = { + DISABLE_REGULAR_ORG_CREATION = true; + USER_DISABLED_FEATURES = "deletion"; + }; + other = { + SHOW_FOOTER_POWERED_BY = false; + SHOW_FOOTER_VERSION = false; + SHOW_FOOTER_TEMPLATE_LOAD_TIME = false; + }; + migrations = { + ALLOWED_DOMAINS = "*.github.com,github.com"; + ALLOW_LOCALNETWORKS = true; + }; + }; + }; + }; + }; +} diff --git a/common/_containers/obsidian_sync.md b/common/_containers/obsidian_sync.md new file mode 100644 index 00000000..98f7e114 --- /dev/null +++ b/common/_containers/obsidian_sync.md @@ -0,0 +1,7 @@ +docker run \ + -e hostname=https://obsidiansync.joshuabell.xyz \ + -e database=obsidian_sync \ + -e username=obsidian_admin \ + -e password=$REPLACE \ + docker.io/oleduc/docker-obsidian-livesync-couchdb:master \ + deno -A /scripts/generate_setupuri.ts diff --git a/common/_containers/obsidian_sync.nix b/common/_containers/obsidian_sync.nix new file mode 100644 index 00000000..42f8b52b --- /dev/null +++ b/common/_containers/obsidian_sync.nix @@ -0,0 +1,61 @@ +{ + config, + pkgs, + ... +}: +let + cfg = config.services.obsidian_sync; +in +{ + options.services.obsidian_sync = + let + lib = pkgs.lib; + in + { + port = lib.mkOption { + type = lib.types.port; + default = 5984; + description = "Port number for Obsidian Sync CouchDB server"; + }; + dataDir = lib.mkOption { + type = lib.types.path; + default = "/var/lib/obsidian_sync"; + description = "Directory to store Obsidian Sync data"; + }; + serverUrl = lib.mkOption { + type = lib.types.str; + description = "URL of the Obsidian Sync server"; + }; + dockerEnvFiles = lib.mkOption { + type = lib.types.listOf lib.types.path; + default = [ ]; + description = "List of environment files to be used by the Obsidian Sync container. When provided you must supply chouchdb user/password env files they will not be supplied by default."; + }; + }; + + config = { + virtualisation.oci-containers.containers = { + ############# + # obsidian_sync # + ############# + obsidian_sync = { + user = "root"; + image = "docker.io/oleduc/docker-obsidian-livesync-couchdb:master"; + ports = [ + "${toString cfg.port}:${toString cfg.port}" + ]; + environment = { + SERVER_URL = cfg.serverUrl; + COUCHDB_DATABASE = "obsidian_sync"; + COUCHDB_USER = pkgs.lib.mkIf (cfg.dockerEnvFiles == [ ]) "adminu"; + COUCHDB_PASSWORD = pkgs.lib.mkIf (cfg.dockerEnvFiles == [ ]) "Password123"; + }; + environmentFiles = cfg.dockerEnvFiles; + volumes = [ + "${cfg.dataDir}/data:/opt/couchdb/data" + "${cfg.dataDir}/config:/opt/couchdb/etc/local.d" + ]; + }; + }; + }; +} diff --git a/common/_home_manager/default.nix b/common/_home_manager/default.nix new file mode 100644 index 00000000..de3d9b7a --- /dev/null +++ b/common/_home_manager/default.nix @@ -0,0 +1,52 @@ +{ + config, + lib, + hyprland, + hyprlandPkgs, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "homeManager" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + users = lib.mkOption { + type = lib.types.attrsOf lib.types.attrs; + default = { }; + description = "Home manager users to configure. Should match nix options of home-manager.users..*"; + }; + stateVersion = lib.mkOption { + type = lib.types.str; + default = "25.05"; + description = "Home manager state version"; + }; + }; + config = { + # Home manager options + security.polkit.enable = true; + home-manager.useUserPackages = true; + home-manager.useGlobalPkgs = true; + home-manager.backupFileExtension = "bak"; + + home-manager.extraSpecialArgs = { + inherit hyprland hyprlandPkgs; + }; + + home-manager.users = lib.mapAttrs' (name: userConfig: { + inherit name; + value = userConfig // { + home.stateVersion = cfg.stateVersion; + programs.home-manager.enable = true; + home.username = name; + home.homeDirectory = lib.mkForce (if name == "root" then "/root" else "/home/${name}"); + }; + }) cfg.users; + }; +} diff --git a/common/_home_manager/mods/alacritty.nix b/common/_home_manager/mods/alacritty.nix new file mode 100644 index 00000000..0794c153 --- /dev/null +++ b/common/_home_manager/mods/alacritty.nix @@ -0,0 +1,34 @@ +{ ... }: +{ + programs.alacritty = { + enable = true; + settings = { + window = { + decorations = "None"; + dynamic_title = false; + }; + colors = { + primary = { + foreground = "#e0e0e0"; + background = "#262626"; + }; + normal = { + # Catppuccin Coal + black = "#1f1f1f"; + red = "#f38ba8"; + green = "#a6e3a1"; + yellow = "#f9e2af"; + blue = "#89b4fa"; + magenta = "#cba6f7"; + cyan = "#89dceb"; + white = "#e0e0e0"; + }; + }; + font = { + normal = { family = "JetBrainsMonoNL Nerd Font"; style = "Regular"; }; + size = 12.0; + }; + }; + }; +} + diff --git a/users/josh/programs/atuin.nix b/common/_home_manager/mods/atuin.nix similarity index 73% rename from users/josh/programs/atuin.nix rename to common/_home_manager/mods/atuin.nix index fc17cbde..2eb52dfe 100644 --- a/users/josh/programs/atuin.nix +++ b/common/_home_manager/mods/atuin.nix @@ -8,6 +8,8 @@ workspaces = true; exit-mode = "return-query"; enter_accept = true; + sync_address = "https://atuin.joshuabell.xyz"; + sync = { records = true; }; }; }; } diff --git a/common/_home_manager/mods/direnv.nix b/common/_home_manager/mods/direnv.nix new file mode 100644 index 00000000..b36ce49c --- /dev/null +++ b/common/_home_manager/mods/direnv.nix @@ -0,0 +1,23 @@ +{ ... }: +{ + programs.direnv = { + enable = true; + enableZshIntegration = true; + nix-direnv.enable = true; + config = { + nix-direnv = true; + global = { + strict_env = true; + load_dotenv = true; + hide_env_diff = true; + }; + whitelist = { + prefix = [ + "~/projects" + "~/.config" + "~/.local/share/git_worktrees/" + ]; + }; + }; + }; +} diff --git a/common/_home_manager/mods/foot.nix b/common/_home_manager/mods/foot.nix new file mode 100644 index 00000000..cffbb53a --- /dev/null +++ b/common/_home_manager/mods/foot.nix @@ -0,0 +1,61 @@ +{ config, lib, ... }: +{ + options.components.foot = { + font_size = lib.mkOption { + type = lib.types.float; + default = 12.0; + description = "Font size for Foot terminal"; + }; + alpha = lib.mkOption { + type = lib.types.float; + default = 0.94; + description = "Background opacity for Foot terminal (1.0 = opaque)"; + }; + }; + config = { + programs.foot = { + enable = true; + + # This renders to ~/.config/foot/foot.ini + settings = { + main = { + # Use the same font and size as your Kitty config + font = "JetBrainsMonoNL Nerd Font:size=${toString config.components.kitty.font_size}"; + + # Initial window size in character cells (Kitty used 160c x 55c) + "initial-window-size-chars" = "160x55"; + }; + + colors = { + # Background opacity (1.0 = opaque) + alpha = toString config.components.foot.alpha; + + # Foreground/background + foreground = "e0e0e0"; + background = "262626"; + + # 16-color palette + # normal (0–7) + regular0 = "1f1f1f"; # black + regular1 = "f38ba8"; # red + regular2 = "a6e3a1"; # green + regular3 = "f9e2af"; # yellow + regular4 = "89b4fa"; # blue + regular5 = "cba6f7"; # magenta + regular6 = "89dceb"; # cyan + regular7 = "e0e0e0"; # white + + # bright (8–15) + bright0 = "565656"; # bright black + bright1 = "f38ba8"; # bright red + bright2 = "a6e3a1"; # bright green + bright3 = "f9e2af"; # bright yellow + bright4 = "89b4fa"; # bright blue + bright5 = "cba6f7"; # bright magenta + bright6 = "89dceb"; # bright cyan + bright7 = "ffffff"; # bright white + }; + }; + }; + }; +} diff --git a/users/_common/programs/git.nix b/common/_home_manager/mods/git.nix similarity index 74% rename from users/_common/programs/git.nix rename to common/_home_manager/mods/git.nix index 53736675..5e84a6c5 100644 --- a/users/_common/programs/git.nix +++ b/common/_home_manager/mods/git.nix @@ -1,15 +1,20 @@ -{ settings, ... }: +{ ... }: { programs.git = { enable = true; - userEmail = settings.user.git.email; - userName = settings.user.git.name; + # TODO make configurable + userEmail = "ringofstorms@gmail.com"; + userName = "RingOfStorms (Joshua Bell)"; extraConfig = { core.pager = "cat"; - core.editor = "nvim"; + core.editor = "nano"; pull.rebase = false; + + init.defaultBranch = "main"; + + rerere.enabled = true; }; difftastic = { @@ -17,9 +22,6 @@ background = "dark"; }; - # TODO move from common system? Need root user home managed too... - # aliases: {} - ignores = [ # -------------- # Intellij @@ -52,7 +54,14 @@ ".apdisk" # direnv things - "/.direnv" + ".direnv" + + # local only files + "*.local" + + # AI tooling + ".aider*" + "aider" ]; }; } diff --git a/common/_home_manager/mods/kitty.nix b/common/_home_manager/mods/kitty.nix new file mode 100644 index 00000000..1b58b467 --- /dev/null +++ b/common/_home_manager/mods/kitty.nix @@ -0,0 +1,65 @@ +{ config, lib, ... }: +{ + options.components.kitty = { + font_size = lib.mkOption { + type = lib.types.float; + default = 12.0; + description = "Font size for Kitty terminal"; + }; + }; + config = { + # Enable Kitty terminal + programs.kitty = { + enable = true; + + settings = { + # Window settings + background_opacity = 1.0; + os_window_class = "kitty"; + remember_window_size = false; + placement_strategy = "center"; + initial_window_width = "160c"; + initial_window_height = "55c"; + + # Remove window borders + hide_window_decorations = "titlebar-only"; + tab_title_template = "none"; + active_tab_title_template = "none"; + draw_minimal_borders = "yes"; + window_border_width = "0.1pt"; + + # Colors (Catppuccin Coal) + foreground = "#e0e0e0"; + background = "#262626"; + color0 = "#1f1f1f"; + color1 = "#f38ba8"; + color2 = "#a6e3a1"; + color3 = "#f9e2af"; + color4 = "#89b4fa"; + color5 = "#cba6f7"; + color6 = "#89dceb"; + color7 = "#e0e0e0"; + color8 = "#565656"; + color9 = "#f38ba8"; + color10 = "#a6e3a1"; + color11 = "#f9e2af"; + color12 = "#89b4fa"; + color13 = "#cba6f7"; + color14 = "#89dceb"; + color15 = "#ffffff"; + + # Font settings + font_family = "JetBrainsMonoNL Nerd Font"; + font_size = config.components.kitty.font_size; + bold_font = "auto"; + italic_font = "auto"; + italic_bold_font = "auto"; + }; + + # If you want to include extra configuration this way instead of through the main `settings` attribute + extraConfig = '' + # You can add additional config here if needed + ''; + }; + }; +} diff --git a/common/_home_manager/mods/launcher_rofi.nix b/common/_home_manager/mods/launcher_rofi.nix new file mode 100644 index 00000000..353b29e2 --- /dev/null +++ b/common/_home_manager/mods/launcher_rofi.nix @@ -0,0 +1,18 @@ +{ + pkgs, + ... +}: +{ + programs.rofi = { + enable = true; + plugins = with pkgs; [ rofi-calc ]; + extraConfig = { + modi = "drun,run,ssh,window,calc"; + terminal = "alacritty"; + }; + theme = "glue_pro_blue"; + }; + programs.wofi = { + enable = true; + }; +} diff --git a/common/_home_manager/mods/nix_deprecations.nix b/common/_home_manager/mods/nix_deprecations.nix new file mode 100644 index 00000000..d281d874 --- /dev/null +++ b/common/_home_manager/mods/nix_deprecations.nix @@ -0,0 +1,18 @@ +{ ... }: +{ + programs.zsh.shellAliases = { + # Nix deprecations + nix-hash = "echo 'The functionality of nix-hash may be covered by various subcommands or options in the new `nix` command.'"; + nix-build = "echo 'Use `nix build` instead.'"; + nix-info = "echo 'Use `nix flake info` or other `nix` subcommands to obtain system and Nix information.'"; + nix-channel = "echo 'Channels are being phased out in favor of flakes. Use `nix flake` subcommands.'"; + nix-instantiate = "echo 'Use `nix eval` or `nix-instantiate` with flakes.'"; + nix-collect-garbage = "echo 'Use `nix store gc` instead.'"; + nix-prefetch-url = "echo 'Use `nix-prefetch` or fetchers in Nix expressions.'"; + nix-copy-closure = "echo 'Use `nix copy` instead.'"; + nix-shell = "echo 'Use `nix shell` instead.'"; + # nix-daemon # No direct replacement: The Nix daemon is still in use and managed by the system service manager. + nix-store = "echo 'Use `nix store` subcommands for store operations.'"; + nix-env = "echo 'Use `nix profile` instead'"; + }; +} diff --git a/common/_home_manager/mods/obs.nix b/common/_home_manager/mods/obs.nix new file mode 100644 index 00000000..68d6d68e --- /dev/null +++ b/common/_home_manager/mods/obs.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + programs.obs-studio.enable = true; +} diff --git a/users/josh/programs/postgres.nix b/common/_home_manager/mods/postgres.nix similarity index 98% rename from users/josh/programs/postgres.nix rename to common/_home_manager/mods/postgres.nix index 13af678a..053099ba 100644 --- a/users/josh/programs/postgres.nix +++ b/common/_home_manager/mods/postgres.nix @@ -1,6 +1,5 @@ { ... }: { - home.file.".psqlrc".text = '' \pset pager off ''; diff --git a/common/_home_manager/mods/slicer.nix b/common/_home_manager/mods/slicer.nix new file mode 100644 index 00000000..4361d5a4 --- /dev/null +++ b/common/_home_manager/mods/slicer.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: +let + orca-slicer-fix = pkgs.stdenv.mkDerivation { + name = "orca-slicer"; + buildInputs = [ pkgs.makeWrapper ]; + unpackPhase = "true"; + buildPhase = '' + mkdir -p $out/bin + makeWrapper ${pkgs.orca-slicer}/bin/orca-slicer $out/bin/orca-slicer \ + --set WEBKIT_DISABLE_DMABUF_RENDERER 1 + ''; + + installPhase = '' + mkdir -p $out/share/applications + cat > $out/share/applications/orca-slicer.desktop < /tmp/dconf_dump_start && watch -n0.5 "dconf dump / > /tmp/dconf_dump_current && \diff --color /tmp/dconf_dump_start /tmp/dconf_dump_current -U12" + # To get nix specific diff: + # \diff -u /tmp/dconf_dump_start /tmp/dconf_dump_current | grep '^+[^+]' | sed 's/^+//' | dconf2nix + # OR (Must be logged into user directly, no SU to user will work): `dconf watch /` + # OR get the exact converted nixConfig from `dconf dump / | dconf2nix | less` and search with forward slash + dconf.settings = { + "org/gnome/shell" = { + favorite-apps = [ ]; + enabled-extensions = with pkgs.gnomeExtensions; [ + vertical-workspaces.extensionUuid + compact-top-bar.extensionUuid + tray-icons-reloaded.extensionUuid + vitals.extensionUuid + ] ++ lib.optionals cfg.enableRotate [ + screen-rotate.extensionUuid + ]; + }; + + # Plugin Settings + "org/gnome/shell/extensions/vertical-workspaces" = { + animation-speed-factor = 42; + center-dash-to-ws = false; + dash-bg-color = 0; + dash-position = 2; + dash-position-adjust = 0; + hot-corner-action = 0; + startup-state = 1; + ws-switcher-wraparound = true; + }; + "org/gnome/shell/extensions/compact-top-bar" = { + fade-text-on-fullscreen = true; + }; + "org/gnome/shell/extensions/vitals" = { + position-in-panel = 1; + }; + + # Built in settings + "org/gnome/desktop/session" = { + idle-delay = mkUint32 0; + }; + "org/gnome/desktop/wm/preferences" = { + resize-with-right-button = true; + button-layout = "maximize:appmenu,close"; + audible-bell = false; + wrap-around = true; + }; + "org/gnome/settings-daemon/plugins/media-keys" = { + # Disable the lock screen shortcut + screensaver = [ "" ]; + custom-keybindings = [ + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/" + ]; + }; + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { + binding = "Return"; + command = cfg.terminalCommand; + name = "Launch terminal"; + }; + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = { + binding = "Space"; + command = "wofi"; + name = "Launcher"; + }; + "org/gnome/desktop/wm/keybindings" = { + minimize = [ "" ]; + move-to-workspace-1 = [ "" ]; + move-to-workspace-2 = [ "" ]; + move-to-workspace-3 = [ "" ]; + move-to-workspace-4 = [ "" ]; + move-to-workspace-last = [ "" ]; + move-to-workspace-down = [ "j" ]; + move-to-workspace-up = [ "k" ]; + # move-to-workspace-left = [ "h" ]; + # move-to-workspace-right = [ "l" ]; + switch-input-source = [ ]; + switch-input-source-backward = [ ]; + switch-to-workspace-1 = [ "1" ]; + switch-to-workspace-2 = [ "2" ]; + switch-to-workspace-3 = [ "3" ]; + switch-to-workspace-4 = [ "4" ]; + switch-to-workspace-last = [ "" ]; + switch-to-workspace-down = [ "j" ]; + switch-to-workspace-up = [ "k" ]; + # switch-to-workspace-left = [ "k" ]; + # switch-to-workspace-right = [ "j" ]; + # move-to-monitor-down = [ "j" ]; + # move-to-monitor-up = [ "k" ]; + move-to-monitor-left = [ "h" ]; + move-to-monitor-right = [ "l" ]; + unmaximize = [ "j" ]; + maximize = [ "k" ]; + }; + "org/gnome/mutter" = { + dynamic-workspaces = true; + edge-tiling = true; + workspaces-only-on-primary = true; + center-new-windows = true; + }; + "org/gnome/mutter/keybindings" = { + toggle-tiled-right = [ "l" ]; + toggle-tiled-left = [ "h" ]; + }; + "org/gnome/settings-daemon/plugins/power" = { + power-button-action = "nothing"; + sleep-inactive-ac-type = "nothing"; + sleep-inactive-battery-type = "nothing"; + idle-brightness = 15; + power-saver-profile-on-low-battery = false; + }; + "org/gnome/desktop/background" = { + color-shading-type = "solid"; + picture-options = "zoom"; + picture-uri = "file://" + (./black.png); + picture-uri-dark = "file://" + (./black.png); + primary-color = "#000000000000"; + secondary-color = "#000000000000"; + }; + "org/gnome/desktop/screensaver" = { + lock-enabled = false; + idle-activation-enabled = false; + picture-options = "zoom"; + picture-uri = "file://" + (./black.png); + picture-uri-dark = "file://" + (./black.png); + }; + "org/gnome/desktop/applications/terminal" = { + exec = "alacritty"; + }; + "org/gnome/settings-daemon/plugins/color" = { + night-light-enabled = false; + night-light-schedule-automatic = false; + }; + "org/gnome/shell/keybindings" = { + shift-overview-down = [ "" ]; + shift-overview-up = [ "" ]; + switch-to-application-1 = [ "" ]; + switch-to-application-2 = [ "" ]; + switch-to-application-3 = [ "" ]; + switch-to-application-4 = [ "" ]; + switch-to-application-5 = [ "" ]; + switch-to-application-6 = [ "" ]; + switch-to-application-7 = [ "" ]; + switch-to-application-8 = [ "" ]; + switch-to-application-9 = [ "" ]; + toggle-quick-settings = [ "" ]; + toggle-application-view = [ "" ]; + }; + "org/gtk/gtk4/settings/file-chooser" = { + show-hidden = true; + }; + + "org/gnome/desktop/interface" = { + accent-color = "orange"; + show-battery-percentage = true; + clock-show-date = true; + clock-show-seconds = true; + clock-show-weekday = true; + color-scheme = "prefer-dark"; + cursor-size = 24; + enable-animations = true; + enable-hot-corners = false; + font-antialiasing = "grayscale"; + font-hinting = "slight"; + gtk-theme = "Adwaita-dark"; + # icon-theme = "Yaru-magenta-dark"; + }; + + "org/gnome/desktop/notifications" = { + application-children = [ "org-gnome-tweaks" ]; + }; + + "org/gnome/desktop/notifications/application/org-gnome-tweaks" = { + application-id = "org.gnome.tweaks.desktop"; + }; + + "org/gnome/desktop/peripherals/mouse" = { + natural-scroll = false; + }; + + "org/gnome/desktop/peripherals/touchpad" = { + disable-while-typing = true; + two-finger-scrolling-enabled = true; + natural-scroll = true; + }; + + "org/gnome/tweaks" = { + show-extensions-notice = false; + }; + }; + } + ) + ]; + }; +} diff --git a/common/desktop_environment/gnome/default.nix b/common/desktop_environment/gnome/default.nix new file mode 100644 index 00000000..9f36b570 --- /dev/null +++ b/common/desktop_environment/gnome/default.nix @@ -0,0 +1,86 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "gnome" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +with lib; +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "gnome desktop environment"; + terminalCommand = mkOption { + type = lib.types.str; + default = "kitty"; + description = "The terminal command to use."; + }; + enableRotate = lib.mkEnableOption "enable screen rotation"; + }; + + imports = [ + (import ./dconf.nix { inherit cfg; }) + (import ./wofi.nix { inherit cfg; }) + ]; + + config = lib.mkIf cfg.enable { + services.xserver = { + enable = true; + desktopManager.gnome.enable = true; + displayManager.gdm = { + enable = true; + autoSuspend = false; + wayland = true; + }; + }; + services.gnome.gnome-initial-setup.enable = false; + + environment.gnome.excludePackages = with pkgs; [ + gnome-backgrounds + gnome-video-effects + gnome-maps + gnome-music + gnome-tour + gnome-text-editor + gnome-user-docs + ]; + environment.systemPackages = with pkgs; [ + dconf-editor + dconf2nix + gnome-tweaks + wayland + wayland-utils + wl-clipboard + numix-cursor-theme + gnomeExtensions.vertical-workspaces + gnomeExtensions.compact-top-bar + gnomeExtensions.tray-icons-reloaded + gnomeExtensions.vitals + ] ++ lib.optionals cfg.enableRotate [ + gnomeExtensions.screen-rotate + ]; + environment.sessionVariables = { + NIXOS_OZONE_WL = "1"; + GTK_THEME = "Adwaita:dark"; + }; + + qt = { + enable = true; + platformTheme = "gnome"; + style = "adwaita-dark"; + }; + + hardware.graphics = { + enable = true; + }; + }; +} diff --git a/common/desktop_environment/gnome/wofi.css b/common/desktop_environment/gnome/wofi.css new file mode 100644 index 00000000..976c0ef8 --- /dev/null +++ b/common/desktop_environment/gnome/wofi.css @@ -0,0 +1,51 @@ +window { + margin: 0px; + border: 1px solid #171717; + background-color: #262626; +} + +#input { + margin: 5px; + border: none; + color: #e0e0e0; + background-color: #1f1f1f; +} + +#inner-box { + margin: 5px; + border: none; + background-color: #171717; +} + +#outer-box { + margin: 5px; + border: none; + background-color: #191919; +} + +#scroll { + margin: 0px; + border: none; +} + +#text { + margin: 5px; + border: none; + color: #e0e0e0; +} + +#entry.activatable #text { + color: #cccccc; +} + +#entry>* { + color: #e0e0e0; +} + +#entry:selected { + background-color: #4f4f4f; +} + +#entry:selected #text { + font-weight: bold; +} diff --git a/common/desktop_environment/gnome/wofi.nix b/common/desktop_environment/gnome/wofi.nix new file mode 100644 index 00000000..d3cd8e25 --- /dev/null +++ b/common/desktop_environment/gnome/wofi.nix @@ -0,0 +1,31 @@ +{ cfg }: +{ lib, ... }: +{ + config = lib.mkIf cfg.enable { + home-manager.sharedModules = [ + ( + { lib, ... }: + { + programs.wofi = { + enable = true; + settings = { + width = "28%"; + height = "38%"; + show = "drun"; + location = "center"; + gtk_dark = true; + valign = "center"; + key_backward = "Ctrl+k"; + key_forward = "Ctrl+j"; + insensitive = true; + prompt = "Run"; + allow_images = true; + }; + style = builtins.readFile ./wofi.css; + }; + } + ) + ]; + + }; +} diff --git a/common/desktop_environment/hyprland/default.nix b/common/desktop_environment/hyprland/default.nix new file mode 100644 index 00000000..40d332a8 --- /dev/null +++ b/common/desktop_environment/hyprland/default.nix @@ -0,0 +1,151 @@ +{ + config, + lib, + pkgs, + hyprland, + hyprlandPkgs, + ... +}: +let + ccfg = import ../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +with lib; +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "hyprland desktop environment"; + terminalCommand = mkOption { + type = lib.types.str; + default = "foot"; + description = "The terminal command to use."; + }; + extraOptions = mkOption { + type = lib.types.attrs; + default = { }; + description = "Extra options for Hyprland configuration."; + }; + swaync = { + enable = lib.mkEnableOption "Enable Swaync (notification center for Hyprland)"; + }; + waybar = { + enable = lib.mkEnableOption "Enable Waybar (status bar for Hyprland)"; + }; + }; + + config = lib.mkIf cfg.enable { + # Enable for all users + home-manager = { + sharedModules = [ + hyprland.homeManagerModules.default + ./home_manager + ]; + }; + + services.greetd = { + enable = true; + vt = 2; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${hyprlandPkgs.hyprland}/bin/Hyprland'"; + user = "greeter"; + }; + }; + }; + + # Caps Lock as Escape for console/tty + console.useXkbConfig = true; + services.xserver.xkb = { + layout = "us"; + options = "caps:escape"; + }; + + environment.systemPackages = with pkgs; [ + wl-clipboard + wl-clip-persist + wofi # application launcher + nemo # file manager (x11) + # nautilus # file manager + feh # image viewer (x11) + # imv # image viewer + networkmanager # network management + upower # power management + brightnessctl # screen/keyboard brightness control + wireplumber # media session manager + libgtop # system monitor library + bluez # Bluetooth support + power-profiles-daemon # power profiles + grim + slurp + hyprpicker + grimblast # screenshot tool + wf-recorder # screen recording tool + btop # system monitor + ]; + + services.blueman.enable = config.hardware.bluetooth.enable; + + programs.hyprland = { + enable = true; + # xwayland.enable = false; + withUWSM = true; + + # set the flake package + package = hyprlandPkgs.hyprland; + # make sure to also set the portal package, so that they are in sync + # This is set below now in xdf portal directly so we can also add things like gtk + # portalPackage = hyprlandPkgs.xdg-desktop-portal-hyprland; + }; + + xdg.portal = { + enable = true; + extraPortals = lib.mkForce [ + hyprlandPkgs.xdg-desktop-portal-hyprland + hyprlandPkgs.xdg-desktop-portal-gtk + ]; + config.common.default = [ + "hyprland" + "gtk" + ]; + }; + + hardware.graphics = { + enable = true; + package = hyprlandPkgs.mesa; + # if you also want 32-bit support (e.g for Steam) + # enable32Bit = true; + package32 = hyprlandPkgs.pkgsi686Linux.mesa; + }; + + # Environment variables + environment.sessionVariables = { + GTK_THEME = "Adwaita:dark"; + XDG_SESSION_TYPE = "wayland"; + XDG_CURRENT_DESKTOP = "Hyprland"; + XDG_SESSION_DESKTOP = "Hyprland"; + WLR_RENDERER = "auto"; + + # Tell apps to run native wayland + NIXOS_OZONE_WL = "1"; + ELECTRON_OZONE_PLATFORM_HINT = "wayland"; + GDK_BACKEND = "wayland,x11"; # GTK + QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 + MOZ_ENABLE_WAYLAND = "1"; # Firefox + SDL_VIDEODRIVER = "wayland"; # SDL apps/games + CLUTTER_BACKEND = "wayland"; # You already have this + }; + + # Qt theming + qt = { + enable = true; + platformTheme = "gtk2"; + style = "adwaita-dark"; + }; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/default.nix b/common/desktop_environment/hyprland/home_manager/default.nix new file mode 100644 index 00000000..9533253e --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/default.nix @@ -0,0 +1,14 @@ +{ ... }: +{ + imports = [ + ./theme.nix + ./hyprland.nix + # ./quickshell.nix + ./waybar.nix + ./hyprpolkitagent.nix + ./wofi.nix + ./swaync.nix + ./scripts.nix + ./swaylock.nix + ]; +} diff --git a/common/desktop_environment/hyprland/home_manager/hyprland.nix b/common/desktop_environment/hyprland/home_manager/hyprland.nix new file mode 100644 index 00000000..dc179346 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/hyprland.nix @@ -0,0 +1,175 @@ +{ + osConfig, + lib, + hyprlandPkgs, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + wayland.windowManager.hyprland = { + enable = true; + xwayland.enable = osConfig.programs.hyprland.xwayland.enable; + # plugins = with hyprlandPkgs.hyprlandPlugins; [ + # hyprspace + # ]; + + settings = lib.attrsets.recursiveUpdate { + # Debug logs enabled when this is uncommented + debug.disable_logs = false; + debug.disable_time = false; + + exec-once = [ "pgrep waybar>/dev/null || waybar" ]; + + # Default monitor configuration + monitor = "monitor = , preferred, auto, 1"; + + windowrulev2 = [ + # Bitwarden password manager popup for chrome, always float it + "float, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" + "center, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" + "size 720 600, class:^(?i)chrome-nngceckbapebfimnlniiiahkandclblb-Default$, initialtitle:^_crx_nngceckbapebfimnlniiiahkandclblb$" + ]; + + # Input configuration + input = { + kb_layout = "us"; + kb_options = "caps:escape"; + + follow_mouse = 2; + touchpad = { + natural_scroll = true; + disable_while_typing = true; + }; + }; + + # General settings + general = { + gaps_in = 2; + gaps_out = 4; + border_size = 1; + "col.active_border" = "rgba(797979aa)"; + "col.inactive_border" = "rgba(393939aa)"; + layout = "dwindle"; + }; + + # Decoration + decoration = { + rounding = 4; + blur.enabled = false; + }; + + # Animations + animations = { + enabled = false; + }; + + # Layout + dwindle = { + pseudotile = true; + preserve_split = true; + }; + + # Misc + misc = { + force_default_wallpaper = 0; + disable_hyprland_logo = true; + disable_splash_rendering = true; + }; + + # Key bindings + "$mainMod" = "SUPER"; + + bind = [ + # Applications + "$mainMod, Return, exec, ${cfg.terminalCommand}" + "$mainMod, Space, exec, pkill wofi || wofi --show drun" + "$mainMod, q, killactive" + "$mainMod SHIFT, escape, exit" + "$mainMod SHIFT, q, exec, swaylock" + "$mainMod, f, togglefloating" + "$mainMod, g, pseudo" + "$mainMod, t, togglesplit" + + # Move focus with mainMod + hjkl + "$mainMod, h, movefocus, l" + "$mainMod, l, movefocus, r" + "$mainMod, k, movefocus, u" + "$mainMod, j, movefocus, d" + + # Switch workspaces with mainMod + [0-9] + "$mainMod, 1, workspace, 1" + "$mainMod, n, workspace, 1" + "$mainMod, 2, workspace, 2" + "$mainMod, m, workspace, 2" + "$mainMod, 3, workspace, 3" + "$mainMod, comma, workspace, 3" + "$mainMod, 4, workspace, 4" + "$mainMod, period, workspace, 4" + "$mainMod, 5, workspace, 5" + "$mainMod, slash, workspace, 5" + "$mainMod, 6, workspace, 6" + "$mainMod, 7, workspace, 7" + "$mainMod, 8, workspace, 8" + "$mainMod, 9, workspace, 9" + "$mainMod, 0, workspace, 10" + + # Window management (similar to your GNOME setup) + "$mainMod SHIFT, h, movewindow, l" + "$mainMod SHIFT, l, movewindow, r" + "$mainMod SHIFT, k, movewindow, u" + "$mainMod SHIFT, j, movewindow, d" + "$mainMod SHIFT, 1, movetoworkspacesilent, 1" + "$mainMod SHIFT, n, movetoworkspacesilent, 1" + "$mainMod SHIFT, 2, movetoworkspacesilent, 2" + "$mainMod SHIFT, m, movetoworkspacesilent, 2" + "$mainMod SHIFT, 3, movetoworkspacesilent, 3" + "$mainMod SHIFT, comma, movetoworkspacesilent, 3" + "$mainMod SHIFT, 4, movetoworkspacesilent, 4" + "$mainMod SHIFT, period, movetoworkspacesilent, 4" + "$mainMod SHIFT, 5, movetoworkspacesilent, 5" + "$mainMod SHIFT, slash, movetoworkspacesilent, 5" + "$mainMod SHIFT, 6, movetoworkspacesilent, 6" + "$mainMod SHIFT, 7, movetoworkspacesilent, 7" + "$mainMod SHIFT, 8, movetoworkspacesilent, 8" + "$mainMod SHIFT, 9, movetoworkspacesilent, 9" + "$mainMod SHIFT, 0, movetoworkspacesilent, 10" + + # Screenshots + ", Print, exec, grimblast copy area" + ]; + + bindr = [ + # overview + # "$mainMod, SUPER_L, overview:toggle" $ hyprspace plugin + "$mainMod SHIFT, R, exec, systemctl --user restart hyprpanel.service" + ]; + + binde = [ + # Move between workspaces + # "$mainMod, n, workspace, r+1" + # "$mainMod, p, workspace, r-1" + + # Resize windows + "$mainMod CTRL, h, resizeactive, -40 0" + "$mainMod CTRL, l, resizeactive, 40 0" + "$mainMod CTRL, k, resizeactive, 0 -20" + "$mainMod CTRL, j, resizeactive, 0 20" + ]; + + # Mouse bindings + bindm = [ + "$mainMod, mouse:272, movewindow" + "$mainMod, mouse:273, resizewindow" + ]; + + } cfg.extraOptions; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/hyprpolkitagent.nix b/common/desktop_environment/hyprland/home_manager/hyprpolkitagent.nix new file mode 100644 index 00000000..dc689337 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/hyprpolkitagent.nix @@ -0,0 +1,8 @@ +{ + ... +}: +{ + services.hyprpolkitagent = { + enable = true; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/quickshell.nix b/common/desktop_environment/hyprland/home_manager/quickshell.nix new file mode 100644 index 00000000..2f5032c5 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/quickshell.nix @@ -0,0 +1,93 @@ +{ + osConfig, + lib, + pkgs, + upkgs, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + home.packages = with pkgs; [ + upkgs.quickshell + pulseaudio + brightnessctl + networkmanager + bluez + bluez-tools + power-profiles-daemon + upower + systemd + hyprlock + ]; + + # Ensure CLI quickshell can resolve modules when not using --config-path + home.sessionVariables = { + QML_IMPORT_PATH = "$HOME/.config/quickshell"; + QML2_IMPORT_PATH = "$HOME/.config/quickshell"; + }; + + # install config files + home.file = { + ".config/quickshell/shell.qml".source = ./quickshell/shell.qml; + ".config/quickshell/panels/TopBar.qml".source = ./quickshell/panels/TopBar.qml; + ".config/quickshell/notifications/NotificationServer.qml".source = + ./quickshell/notifications/NotificationServer.qml; + ".config/quickshell/notifications/NotificationPopup.qml".source = + ./quickshell/notifications/NotificationPopup.qml; + ".config/quickshell/notifications/NotificationCenter.qml".source = + ./quickshell/notifications/NotificationCenter.qml; + ".config/quickshell/widgets/status/Workspaces.qml".source = + ./quickshell/widgets/status/Workspaces.qml; + ".config/quickshell/widgets/status/Clock.qml".source = ./quickshell/widgets/status/Clock.qml; + ".config/quickshell/widgets/status/SystemTrayWidget.qml".source = + ./quickshell/widgets/status/SystemTrayWidget.qml; + ".config/quickshell/widgets/status/Battery.qml".source = ./quickshell/widgets/status/Battery.qml; + ".config/quickshell/widgets/controls/QuickSettings.qml".source = + ./quickshell/widgets/controls/QuickSettings.qml; + ".config/quickshell/widgets/controls/Audio.qml".source = ./quickshell/widgets/controls/Audio.qml; + ".config/quickshell/widgets/controls/Network.qml".source = + ./quickshell/widgets/controls/Network.qml; + ".config/quickshell/widgets/controls/Bluetooth.qml".source = + ./quickshell/widgets/controls/Bluetooth.qml; + ".config/quickshell/widgets/controls/Brightness.qml".source = + ./quickshell/widgets/controls/Brightness.qml; + ".config/quickshell/widgets/controls/PowerProfilesWidget.qml".source = + ./quickshell/widgets/controls/PowerProfilesWidget.qml; + ".config/quickshell/panels/qmldir".source = ./quickshell/panels/qmldir; + ".config/quickshell/notifications/qmldir".source = ./quickshell/notifications/qmldir; + ".config/quickshell/widgets/status/qmldir".source = ./quickshell/widgets/status/qmldir; + ".config/quickshell/widgets/controls/qmldir".source = ./quickshell/widgets/controls/qmldir; + # optional: .qmlls.ini should be gitignored; create empty to enable LSP + ".config/quickshell/.qmlls.ini".text = ""; + }; + + systemd.user.services.quickshell = { + Unit = { + Description = "Quickshell Desktop Shell"; + PartOf = [ "graphical-session.target" ]; + After = [ "graphical-session.target" ]; + }; + Service = { + ExecStart = "${upkgs.quickshell}/bin/quickshell --config-path %h/.config/quickshell"; + Restart = "on-failure"; + RestartSec = 2; + Environment = [ + "QML_IMPORT_PATH=%h/.config/quickshell" + "QT_QPA_PLATFORM=wayland" + # Ensure we find icons + "XDG_CURRENT_DESKTOP=quickshell" + ]; + }; + Install = { + WantedBy = [ "graphical-session.target" ]; + }; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/scripts.nix b/common/desktop_environment/hyprland/home_manager/scripts.nix new file mode 100644 index 00000000..6c3d1c56 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/scripts.nix @@ -0,0 +1,10 @@ +{ pkgs, ... }: +{ + home.packages = with pkgs; [ + (writeShellScriptBin "toggle-airplane-mode" (builtins.readFile ./scripts/toggle-airplane-mode.sh)) + (writeShellScriptBin "toggle-power-profile" (builtins.readFile ./scripts/toggle-power-profile.sh)) + (writeShellScriptBin "wofi-wifi-menu" (builtins.readFile ./scripts/wofi-wifi-menu.sh)) + (writeShellScriptBin "wofi-bluetooth-menu" (builtins.readFile ./scripts/wofi-bluetooth-menu.sh)) + (writeShellScriptBin "confirm-action" (builtins.readFile ./scripts/confirm-action.sh)) + ]; +} diff --git a/common/desktop_environment/hyprland/home_manager/scripts/confirm-action.sh b/common/desktop_environment/hyprland/home_manager/scripts/confirm-action.sh new file mode 100755 index 00000000..5c30d11d --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/scripts/confirm-action.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +COMMAND_TO_RUN="$1" +PROMPT_MESSAGE="$2" + +if [ -z "$PROMPT_MESSAGE" ]; then + PROMPT_MESSAGE="Are you sure?" +fi + +choice=$(echo -e "No\nYes" | wofi --dmenu --location center -p "$PROMPT_MESSAGE") + +if [ "$choice" == "Yes" ]; then + eval "$COMMAND_TO_RUN" +fi diff --git a/common/desktop_environment/hyprland/home_manager/scripts/toggle-airplane-mode.sh b/common/desktop_environment/hyprland/home_manager/scripts/toggle-airplane-mode.sh new file mode 100755 index 00000000..7a6636a0 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/scripts/toggle-airplane-mode.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +if [ "$(nmcli radio all)" = "enabled" ]; then + nmcli radio all off +else + nmcli radio all on +fi diff --git a/common/desktop_environment/hyprland/home_manager/scripts/toggle-power-profile.sh b/common/desktop_environment/hyprland/home_manager/scripts/toggle-power-profile.sh new file mode 100755 index 00000000..1d143951 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/scripts/toggle-power-profile.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +if [ "$(powerprofilesctl get)" = "performance" ]; then + powerprofilesctl set balanced +else + powerprofilesctl set performance +fi diff --git a/common/desktop_environment/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh b/common/desktop_environment/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh new file mode 100755 index 00000000..b7a05dc7 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/scripts/wofi-bluetooth-menu.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +devices=$(bluetoothctl devices | awk '{print $2, $3}') + +if [ -z "$devices" ]; then + options="󰂲 Power On\n󰂬 Scan for devices" +else + options="$devices\n󰂲 Power Off\n󰂬 Scan for devices" +fi + +chosen=$(echo -e "$options" | wofi --dmenu --location 3 --yoffset 40 --xoffset -20 -p "Bluetooth") + +case "$chosen" in + "󰂲 Power On") bluetoothctl power on;; + "󰂲 Power Off") bluetoothctl power off;; + "󰂬 Scan for devices") bluetoothctl scan on;; + *) + mac=$(echo "$chosen" | awk '{print $1}') + bluetoothctl connect "$mac" + ;; +esac diff --git a/common/desktop_environment/hyprland/home_manager/scripts/wofi-wifi-menu.sh b/common/desktop_environment/hyprland/home_manager/scripts/wofi-wifi-menu.sh new file mode 100755 index 00000000..6e4dbbe0 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/scripts/wofi-wifi-menu.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# Get a list of available Wi-Fi networks +nets=$(nmcli --terse --fields SSID,SECURITY,BARS device wifi list | sed '/^--/d' | sed 's/\\:/__/g') + +# Get the current connection status +connected_ssid=$(nmcli -t -f active,ssid dev wifi | egrep '^yes' | cut -d: -f2) + +if [[ ! -z "$connected_ssid" ]]; then + toggle="󰖪 Toggle Wi-Fi Off" +else + toggle="󰖩 Toggle Wi-Fi On" +fi + +# Present the menu to the user +chosen_network=$(echo -e "$toggle\n$nets" | wofi --dmenu --location 3 --yoffset 40 --xoffset -20 -p "Wi-Fi Networks") + +# Perform an action based on the user's choice +if [ "$chosen_network" = "$toggle" ]; then + nmcli radio wifi $([ "$connected_ssid" = "" ] && echo "on" || echo "off") +elif [ ! -z "$chosen_network" ]; then + ssid=$(echo "$chosen_network" | sed 's/__/\\:/g' | awk -F' ' '{print $1}') + nmcli device wifi connect "$ssid" +fi diff --git a/common/desktop_environment/hyprland/home_manager/swaylock.nix b/common/desktop_environment/hyprland/home_manager/swaylock.nix new file mode 100644 index 00000000..06ebf13f --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/swaylock.nix @@ -0,0 +1,17 @@ +{ + ... +}: +{ + programs.swaylock = { + enable = true; + settings = { + color = "#000000"; + indicator-caps-lock = true; + indicator-idle-visible = true; + indicator-radius = 100; + indicator-thickness = 10; + font = "JetBrainsMono Nerd Font Regular"; + font-size = 20; + }; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/swaync.nix b/common/desktop_environment/hyprland/home_manager/swaync.nix new file mode 100644 index 00000000..b26fa584 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/swaync.nix @@ -0,0 +1,251 @@ +{ + lib, + osConfig, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + "swaync" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = lib.mkIf cfg.enable { + services.swaync = { + enable = true; + settings = { + ignore = [ + "com.spotify.Client" + ]; + + positionX = "right"; + positionY = "top"; + layer = "overlay"; + control-center-layer = "top"; + layer-shell = true; + cssPriority = "application"; + + control-center-margin-top = 0; + control-center-margin-bottom = 0; + control-center-margin-right = 0; + control-center-margin-left = 0; + + notification-2fa-action = true; + notification-inline-replies = false; + notification-icon-size = 64; + notification-body-image-height = 100; + notification-body-image-width = 200; + + timeout = 10; + timeout-low = 5; + timeout-critical = 0; + + control-center-width = 500; + control-center-height = 600; + notification-window-width = 500; + + keyboard-shortcuts = true; + image-visibility = "when-available"; + transition-time = 200; + hide-on-clear = false; + hide-on-action = true; + script-fail-notify = true; + + widgets = [ + "inhibitors" + "title" + "dnd" + "volume" + "backlight" + "mpris" + "buttons-grid#quick" + "notifications" + ]; + + # Widget configurations + widget-config = { + inhibitors = { + text = "Inhibitors"; + button-text = "Clear All"; + clear-all-button = true; + }; + title = { + text = "Notifications"; + clear-all-button = true; + button-text = "Clear All"; + }; + dnd.text = "Do Not Disturb"; + mpris = { + image-size = 96; + image-radius = 12; + }; + volume = { + label = "󰕾"; + show-per-app = true; + }; + backlight = { + label = "󰃟"; + device = "intel_backlight"; + }; + "buttons-grid#quick" = { + columns = 4; # adjust: 3/4/5 + icon-size = 20; # tweak to taste + actions = [ + # Power + { + label = "󰐥"; + tooltip = "Shutdown"; + command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; + } + { + label = "󰜉"; + tooltip = "Reboot"; + command = "confirm-action 'systemctl reboot' 'Reboot?'"; + } + { + label = "󰍃"; + tooltip = "Logout"; + command = "confirm-action 'hyprctl dispatch exit' 'Logout?'"; + } + ]; + }; + }; + }; + + # Custom CSS for the control center + style = '' + .control-center { + background: #1a1b26; + border: 2px solid #7dcae4; + border-radius: 12px; + } + + .control-center-list { + background: transparent; + } + + .control-center .notification-row:focus, + .control-center .notification-row:hover { + opacity: 1; + background: #24283b; + } + + .notification { + border-radius: 8px; + margin: 6px 12px; + box-shadow: 0 0 0 1px rgba(125, 196, 228, 0.3), 0 1px 3px 1px rgba(0, 0, 0, 0.7), 0 2px 6px 2px rgba(0, 0, 0, 0.3); + padding: 0; + } + + /* Widget styling */ + .widget-title { + margin: 8px; + font-size: 1.5rem; + color: #c0caf5; + } + + .widget-dnd { + margin: 8px; + font-size: 1.1rem; + color: #c0caf5; + } + + .widget-dnd > switch { + font-size: initial; + border-radius: 8px; + background: #414868; + border: 1px solid #7dcae4; + } + + .widget-dnd > switch:checked { + background: #7dcae4; + } + + .widget-mpris { + color: #c0caf5; + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + } + + .widget-mpris-player { + padding: 8px; + margin: 8px; + } + + .widget-mpris-title { + font-weight: bold; + font-size: 1.25rem; + } + + .widget-mpris-subtitle { + font-size: 1.1rem; + color: #9ece6a; + } + + .widget-volume { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-backlight { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-menubar { + background: #24283b; + padding: 8px; + margin: 8px; + border-radius: 8px; + color: #c0caf5; + } + + .widget-menubar .menu-item button { + background: #1f2335; + color: #c0caf5; + border-radius: 8px; + padding: 6px 10px; + margin: 4px; + border: 1px solid #2e3440; + font-family: "JetBrainsMonoNL Nerd Font"; + } + + .widget-menubar .menu-item button:hover { + background: #414868; + border-color: #7dcae4; + } + + .topbar-buttons button { + border: none; + background: transparent; + color: #c0caf5; + font-size: 1.1rem; + border-radius: 8px; + margin: 0 4px; + padding: 8px; + } + + .topbar-buttons button:hover { + background: #414868; + } + + .topbar-buttons button:active { + background: #7dcae4; + color: #1a1b26; + } + ''; + }; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/template.nix b/common/desktop_environment/hyprland/home_manager/template.nix new file mode 100644 index 00000000..905d5e46 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/template.nix @@ -0,0 +1,18 @@ +{ + osConfig, + lib, + pkgs, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + +} diff --git a/common/desktop_environment/hyprland/home_manager/theme.nix b/common/desktop_environment/hyprland/home_manager/theme.nix new file mode 100644 index 00000000..c6045d0a --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/theme.nix @@ -0,0 +1,32 @@ +{ + pkgs, + ... +}: +{ + home.pointerCursor = { + gtk.enable = true; + # x11.enable = true; + package = pkgs.bibata-cursors; + name = "Bibata-Modern-Classic"; + size = 16; + }; + # GTK theming + gtk = { + enable = true; + + theme = { + package = pkgs.flat-remix-gtk; + name = "Flat-Remix-GTK-Grey-Darkest"; + }; + + iconTheme = { + package = pkgs.adwaita-icon-theme; + name = "Adwaita"; + }; + + font = { + name = "Sans"; + size = 11; + }; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/waybar.nix b/common/desktop_environment/hyprland/home_manager/waybar.nix new file mode 100644 index 00000000..25c59869 --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/waybar.nix @@ -0,0 +1,267 @@ +{ + lib, + osConfig, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "hyprland" + "waybar" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = lib.mkIf cfg.enable { + programs.waybar = { + enable = true; + systemd.enable = true; + settings = { + mainBar = { + layer = "top"; + position = "top"; + height = 30; + spacing = 6; + margin-top = 0; + margin-bottom = 0; + margin-left = 10; + margin-right = 10; + + modules-left = [ + "hyprland/workspaces" + ]; + + modules-center = [ + "clock" + "temperature" + "cpu" + "memory" + "disk" + ]; + + modules-right = [ + "pulseaudio" + "network" + "bluetooth" + "custom/notifications" + "hyprland/language" + ]; + + # Workspaces configuration + "hyprland/workspaces" = { + format = "{icon}"; + format-icons = { + "1" = "一"; + "2" = "二"; + "3" = "三"; + "4" = "四"; + "5" = "五"; + "6" = "六"; + "7" = "七"; + "8" = "八"; + "9" = "九"; + "10" = "十"; + "11" = "十一"; + "12" = "十二"; + "13" = "十三"; + "14" = "十四"; + "15" = "十五"; + "16" = "十六"; + "17" = "十七"; + "18" = "十八"; + "19" = "十九"; + "20" = "二十"; + }; + show-special = false; + }; + + pulseaudio = { + format = "{icon} {volume}%"; + format-bluetooth = "󰂰 {volume}%"; + format-bluetooth-muted = "󰂲 "; + format-muted = "󰖁 "; + format-source = "󰍬 {volume}%"; + format-source-muted = "󰍭 "; + format-icons = { + headphone = "󰋋"; + hands-free = "󰂑"; + headset = "󰂑"; + phone = "󰏲"; + portable = "󰦧"; + car = "󰄋"; + default = [ + "󰕿" + "󰖀" + "󰕾" + ]; + }; + scroll-step = 5; + on-click = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + on-click-right = "swaync-client -t -sw"; + }; + + "custom/notifications" = { + format = "{icon} {}"; + format-icons = { + notification = ""; + none = ""; + dnd-notification = "󰂛"; + dnd-none = "󰂛"; + inhibited-notification = ""; + inhibited-none = ""; + dnd-inhibited-notification = "󰂛"; + dnd-inhibited-none = "󰂛"; + }; + return-type = "json"; + exec-if = "which swaync-client"; + exec = "swaync-client -swb"; + on-click = "swaync-client -t -sw"; + on-click-right = "swaync-client -d -sw"; + escape = true; + tooltip = false; + }; + + # Clock + clock = { + format = "{:%b %d, %H:%M}"; + }; + + temperature = { + thermal-zone = 2; + hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + format-critical = "󰔏 {temperatureC}°C"; + format = "󰔏 {temperatureC}°C"; + }; + + cpu = { + format = "󰻠 {usage}%"; + tooltip = false; + on-click = "btop"; + }; + + memory = { + format = "󰍛 {}%"; + on-click = "btop"; + }; + + disk = { + interval = 30; + format = "󰋊 {percentage_used}%"; + path = "/"; + on-click = "btop"; + }; + + network = { + format-wifi = "󰤨 {essid} ({signalStrength}%)"; + format-ethernet = "󰈀 {ipaddr}/{cidr}"; + tooltip-format = "{ifname} via {gwaddr} "; + format-linked = "󰈀 {ifname} (No IP)"; + format-disconnected = "󰖪 Disconnected"; + on-click = "wofi-wifi-menu"; + on-click-right = "nmcli radio wifi toggle"; + }; + + bluetooth = { + format = "󰂯 {status}"; + format-connected = "󰂱 {device_alias}"; + format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + on-click = "wofi-bluetooth-menu"; + on-click-right = "bluetoothctl power toggle"; + }; + + # Keyboard input (language) + "hyprland/language" = { + format = "{}"; + format-en = "EN"; + format-ja = "JP"; + }; + }; + }; + + style = '' + * { + font-family: "JetBrainsMonoNL Nerd Font"; + font-size: 12px; + border: none; + border-radius: 0; + min-height: 0; + } + + window#waybar { + background: transparent; + border-radius: 10px; + margin: 0px; + } + + .modules-left, + .modules-center, + .modules-right { + background: rgba(26, 27, 38, 0.8); + border-radius: 10px; + margin: 4px; + padding: 0 10px; + } + + #workspaces { + padding: 0 5px; + } + + #workspaces button { + padding: 0 8px; + background: transparent; + color: #c0caf5; + border-radius: 5px; + margin: 2px; + } + + #workspaces button:hover { + background: rgba(125, 196, 228, 0.2); + color: #7dcae4; + } + + #workspaces button.active { + background: #7dcae4; + color: #1a1b26; + } + + #pulseaudio, + #custom-notifications, + #clock, + #temperature, + #cpu, + #memory, + #disk, + #network, + #bluetooth, + #language { + padding: 0 8px; + color: #c0caf5; + margin: 2px; + } + + #temperature.critical { + color: #f7768e; + } + + #network.disconnected { + color: #f7768e; + } + + #bluetooth.disabled { + color: #565f89; + } + + #pulseaudio.muted { + color: #565f89; + } + ''; + }; + }; +} diff --git a/common/desktop_environment/hyprland/home_manager/wofi.nix b/common/desktop_environment/hyprland/home_manager/wofi.nix new file mode 100644 index 00000000..f2df05ba --- /dev/null +++ b/common/desktop_environment/hyprland/home_manager/wofi.nix @@ -0,0 +1,26 @@ +{ + ... +}: +{ + programs.wofi = { + enable = true; + settings = { + width = 500; + height = 600; + location = "bottom"; + show = "drun"; + prompt = "..."; + filter_rate = 100; + allow_markup = true; + no_actions = true; + halign = "fill"; + orientation = "vertical"; + content_halign = "fill"; + insensitive = true; + allow_images = true; + image_size = 40; + gtk_dark = true; + }; + }; + +} diff --git a/common/desktop_environment/i3/default.nix b/common/desktop_environment/i3/default.nix new file mode 100644 index 00000000..0ff2e229 --- /dev/null +++ b/common/desktop_environment/i3/default.nix @@ -0,0 +1,97 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "i3" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +with lib; +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "i3 window manager"; + terminalCommand = mkOption { + type = lib.types.str; + default = "kitty"; + description = "The terminal command to use."; + }; + extraOptions = mkOption { + type = lib.types.attrs; + default = { }; + description = "Extra options for i3 home manager configuration."; + }; + }; + + config = lib.mkIf cfg.enable { + # Enable for all users + home-manager = { + sharedModules = [ + ./home_manager + ]; + }; + + services.greetd = { + enable = true; + vt = 2; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${pkgs.xorg.xinit}/bin/xinit ${pkgs.i3}/bin/i3'}"; + user = "greeter"; + }; + }; + }; + + # Caps Lock as Escape for console/tty + console.useXkbConfig = true; + services.xserver.xkb = { + layout = "us"; + options = "caps:escape"; + }; + + # flatpaks need this TODO remove flatpaks? + xdg.portal = { + enable = true; + extraPortals = lib.mkForce [ + pkgs.xdg-desktop-portal-gtk + ]; + config.common.default = [ + "gtk" + ]; + }; + + services.xserver = { + enable = true; + + # desktopManager = { + # xterm.enable = false; + # }; + + windowManager.i3 = { + enable = true; + extraPackages = with pkgs; [ + # dmenu # application launcher most people use + # i3status # gives you the default i3 status bar + # i3blocks # if you are planning on using i3blocks over i3status + ]; + }; + }; + services.displayManager.defaultSession = "none+i3"; + # programs.i3lock.enable = true; # default i3 screen locker + + environment.systemPackages = with pkgs; [ + xorg.xinit + xorg.setxkbmap + xorg.xset + ]; + + }; +} diff --git a/common/desktop_environment/i3/home_manager/default.nix b/common/desktop_environment/i3/home_manager/default.nix new file mode 100644 index 00000000..ff15d2d1 --- /dev/null +++ b/common/desktop_environment/i3/home_manager/default.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + imports = [ + ./i3.nix + ]; +} diff --git a/common/desktop_environment/i3/home_manager/i3.nix b/common/desktop_environment/i3/home_manager/i3.nix new file mode 100644 index 00000000..b140a7f6 --- /dev/null +++ b/common/desktop_environment/i3/home_manager/i3.nix @@ -0,0 +1,47 @@ +{ + config, + osConfig, + lib, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "i3" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + xsession.windowManager.i3 = { + enable = true; + config = lib.attrsets.recursiveUpdate { + startup = [ + { command = "setxkbmap -layout us -option caps:escape"; } + ]; + modifier = "Mod4"; + terminal = cfg.terminalCommand; + keybindings = + let + mod = config.xsession.windowManager.i3.config.modifier; + in + { + # Focus + "${mod}+h" = "focus left"; + "${mod}+l" = "focus right"; + "${mod}+k" = "focus up"; + "${mod}+j" = "focus down"; + # Apps + "${mod}+Return" = "exec ${cfg.terminalCommand}"; + # "${mod}+space" = "exec ${cfg.menu}"; TODO + "${mod}+q" = "kill"; + "${mod}+Shift+Escape" = "exit"; + "${mod}+Shift+q" = "exec i3lock"; + "${mod}+f" = "floating toggle"; + + }; + # See home-manager documentation for everything you can add here. + } cfg.extraOptions; + }; +} diff --git a/common/desktop_environment/sway/default.nix b/common/desktop_environment/sway/default.nix new file mode 100644 index 00000000..44c664b6 --- /dev/null +++ b/common/desktop_environment/sway/default.nix @@ -0,0 +1,139 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "sway" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +with lib; +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "sway (Wayland i3) desktop environment"; + terminalCommand = mkOption { + type = lib.types.str; + default = "foot"; + description = "The terminal command to use."; + }; + extraOptions = mkOption { + type = lib.types.attrs; + default = { }; + description = "Extra options for Sway configuration."; + }; + swaync = { + enable = lib.mkEnableOption "Enable Sway Notification Center"; + }; + waybar = { + enable = lib.mkEnableOption "Enable Waybar (status bar for Sway)"; + }; + }; + + config = lib.mkIf cfg.enable { + # Enable for all users via Home Manager fragments in this module + home-manager = { + sharedModules = [ ./home_manager ]; + }; + + services.greetd = { + enable = true; + vt = 2; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --remember --remember-session --cmd '${pkgs.dbus}/bin/dbus-run-session ${pkgs.sway}/bin/sway'"; + user = "greeter"; + }; + }; + }; + + # Caps Lock as Escape for console/tty and Wayland + console.useXkbConfig = true; + services.xserver.xkb = { + layout = "us"; + options = "caps:escape"; + }; + + # Core packages and tools + environment.systemPackages = with pkgs; [ + wl-clipboard + wl-clip-persist + wofi # application launcher + nemo # file manager (x11) + feh # image viewer (x11) + networkmanager + upower + brightnessctl + wireplumber + libgtop + bluez + power-profiles-daemon + grim + slurp + wf-recorder + btop + pavucontrol + ]; + + services.blueman.enable = config.hardware.bluetooth.enable; + + programs.sway = { + enable = true; + wrapperFeatures.gtk = true; # include GTK integration env + extraPackages = with pkgs; [ + xwayland # allow legacy X11 apps + ]; + }; + + xdg.portal = { + enable = true; + extraPortals = lib.mkForce [ + pkgs.xdg-desktop-portal-wlr + pkgs.xdg-desktop-portal-gtk + ]; + config.common.default = [ + "wlr" + "gtk" + ]; + }; + + hardware.graphics = { + enable = true; + # Keep defaults; Sway runs fine with mesa in system + }; + + # Environment variables + environment.sessionVariables = lib.mkMerge [ + { + GTK_THEME = "Adwaita:dark"; + XDG_SESSION_TYPE = "wayland"; + XDG_CURRENT_DESKTOP = "sway"; + XDG_SESSION_DESKTOP = "sway"; + WLR_RENDERER = "auto"; + + # Tell apps to run native wayland + NIXOS_OZONE_WL = "1"; + ELECTRON_OZONE_PLATFORM_HINT = "wayland"; + GDK_BACKEND = "wayland,x11"; # GTK + QT_QPA_PLATFORM = "wayland;xcb"; # Qt 5/6 + MOZ_ENABLE_WAYLAND = "1"; # Firefox + SDL_VIDEODRIVER = "wayland"; # SDL apps/games + CLUTTER_BACKEND = "wayland"; + } + ]; + + # Qt theming + qt = { + enable = true; + platformTheme = "gtk2"; + style = "adwaita-dark"; + }; + }; +} diff --git a/common/desktop_environment/sway/home_manager/default.nix b/common/desktop_environment/sway/home_manager/default.nix new file mode 100644 index 00000000..09539e5b --- /dev/null +++ b/common/desktop_environment/sway/home_manager/default.nix @@ -0,0 +1,12 @@ +{ ... }: +{ + imports = [ + ./theme.nix + ./sway.nix + ./waybar.nix + ./wofi.nix + ./swaync.nix + ./swaylock.nix + ./polkit.nix + ]; +} diff --git a/common/desktop_environment/sway/home_manager/polkit.nix b/common/desktop_environment/sway/home_manager/polkit.nix new file mode 100644 index 00000000..785abb2f --- /dev/null +++ b/common/desktop_environment/sway/home_manager/polkit.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + services.polkit-gnome.enable = true; +} diff --git a/common/desktop_environment/sway/home_manager/sway.nix b/common/desktop_environment/sway/home_manager/sway.nix new file mode 100644 index 00000000..4ceea671 --- /dev/null +++ b/common/desktop_environment/sway/home_manager/sway.nix @@ -0,0 +1,185 @@ +{ + config, + osConfig, + lib, + ... +}: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "sway" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + wayland.windowManager.sway = { + enable = true; + xwayland = true; + + config = lib.mkMerge [ + rec { + modifier = "Mod4"; # SUPER + terminal = cfg.terminalCommand; + menu = "wofi --show drun"; + + # Per-output workspace mapping (user can extend via extraOptions) + # Example (left as defaults): users can add `output HDMI-A-1 workspace 1,3,5` in extraOptions + + input = { + "type:keyboard" = { + xkb_layout = "us"; + xkb_options = "caps:escape"; + }; + "type:touchpad" = { + natural_scroll = "enabled"; + tap = "enabled"; + dwt = "enabled"; + }; + # Disable focus follows mouse to avoid accidental focus changes + # In Sway this behavior is controlled by focus_follows_mouse + }; + + focus = { + followMouse = "no"; + # onWindowActivation = "urgent"; # don't steal focus; mark urgent instead + }; + + gaps = { + inner = 2; + outer = 5; + smartGaps = false; + smartBorders = "on"; + }; + + colors = { + focused = { + background = "#444444"; + border = "#555555"; + childBorder = "#444444"; + indicator = "#595959"; + text = "#f1f1f1"; + }; + unfocused = { + background = "#222222"; + border = "#333333"; + childBorder = "#222222"; + indicator = "#292d2e"; + text = "#888888"; + }; + }; + + window = { + border = 1; + titlebar = false; + commands = [ + # Bitwarden chrome popup as floating example from Hyprland rules + { + criteria = { + app_id = "chrome-nngceckbapebfimnlniiiahkandclblb-Default"; + }; + command = "floating enable"; + } + { + criteria = { + app_id = "pavucontrol"; + }; + command = "floating enable, move position center, resize set 620 1200"; + } + { + criteria = { + class = "Google-chrome"; + window_role = "pop-up"; + }; + command = "floating enable, move position center, resize set 720 480"; + } + { + criteria = { + window_role = "pop-up"; + }; + command = "floating enable, move position center, resize set 640 420"; + } + { + criteria = { + window_role = "About"; + }; + command = "floating enable, move position center, resize set 640 420"; + } + ]; + }; + + # Keybindings mirroring Hyprland + keybindings = { + # Apps + "${modifier}+return" = "exec ${cfg.terminalCommand}"; + "${modifier}+space" = "exec pkill wofi || wofi --show drun"; + "${modifier}+q" = "kill"; + "${modifier}+shift+Escape" = "exit"; + "${modifier}+shift+q" = "exec swaylock"; + "${modifier}+f" = "floating toggle"; + + # Focus + "${modifier}+h" = "focus left"; + "${modifier}+l" = "focus right"; + "${modifier}+k" = "focus up"; + "${modifier}+j" = "focus down"; + + # Workspaces (numbers and vim-like mirror) + "${modifier}+1" = "workspace number 1"; + "${modifier}+n" = "workspace number 1"; + "${modifier}+2" = "workspace number 2"; + "${modifier}+m" = "workspace number 2"; + "${modifier}+3" = "workspace number 3"; + "${modifier}+comma" = "workspace number 3"; + "${modifier}+4" = "workspace number 4"; + "${modifier}+period" = "workspace number 4"; + "${modifier}+5" = "workspace number 5"; + "${modifier}+slash" = "workspace number 5"; + "${modifier}+6" = "workspace number 6"; + "${modifier}+7" = "workspace number 7"; + "${modifier}+8" = "workspace number 8"; + "${modifier}+9" = "workspace number 9"; + "${modifier}+0" = "workspace number 10"; + + # Move windows + "${modifier}+shift+h" = "move left"; + "${modifier}+shift+l" = "move right"; + "${modifier}+shift+k" = "move up"; + "${modifier}+shift+j" = "move down"; + "${modifier}+shift+1" = "move container to workspace number 1"; + "${modifier}+shift+n" = "move container to workspace number 1"; + "${modifier}+shift+2" = "move container to workspace number 2"; + "${modifier}+shift+m" = "move container to workspace number 2"; + "${modifier}+shift+3" = "move container to workspace number 3"; + "${modifier}+shift+comma" = "move container to workspace number 3"; + "${modifier}+shift+4" = "move container to workspace number 4"; + "${modifier}+shift+period" = "move container to workspace number 4"; + "${modifier}+shift+5" = "move container to workspace number 5"; + "${modifier}+shift+slash" = "move container to workspace number 5"; + "${modifier}+shift+6" = "move container to workspace number 6"; + "${modifier}+shift+7" = "move container to workspace number 7"; + "${modifier}+shift+8" = "move container to workspace number 8"; + "${modifier}+shift+9" = "move container to workspace number 9"; + "${modifier}+shift+0" = "move container to workspace number 10"; + + # Mouse bindings (Mod + drag) + "${modifier}+button1" = "move"; + "${modifier}+button3" = "resize"; + + # Screenshot + "Print" = "exec grim -g \"$(slurp)\" - | wl-copy"; + }; + + bars = [ ]; # Use Waybar via Home Manager + startup = [ + { + command = "exec sh -c 'sleep 0.01; swaymsg workspace number 7 ; sleep 0.01; swaymsg workspace number 1'"; + } + { command = "pgrep waybar >/dev/null || waybar"; } + ]; + } + cfg.extraOptions + ]; + }; +} diff --git a/common/desktop_environment/sway/home_manager/swaylock.nix b/common/desktop_environment/sway/home_manager/swaylock.nix new file mode 100644 index 00000000..86243aad --- /dev/null +++ b/common/desktop_environment/sway/home_manager/swaylock.nix @@ -0,0 +1,15 @@ +{ ... }: +{ + programs.swaylock = { + enable = true; + settings = { + color = "#000000"; + indicator-caps-lock = true; + indicator-idle-visible = true; + indicator-radius = 100; + indicator-thickness = 10; + font = "JetBrainsMono Nerd Font Regular"; + font-size = 20; + }; + }; +} diff --git a/common/desktop_environment/sway/home_manager/swaync.nix b/common/desktop_environment/sway/home_manager/swaync.nix new file mode 100644 index 00000000..7fb0c8cb --- /dev/null +++ b/common/desktop_environment/sway/home_manager/swaync.nix @@ -0,0 +1,112 @@ +{ lib, osConfig, ... }: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "sway" + "swaync" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = lib.mkIf cfg.enable { + services.swaync = { + enable = true; + settings = { + ignore = [ "com.spotify.Client" ]; + positionX = "right"; + positionY = "top"; + layer = "overlay"; + control-center-layer = "top"; + layer-shell = true; + cssPriority = "application"; + control-center-margin-top = 0; + control-center-margin-bottom = 0; + control-center-margin-right = 0; + control-center-margin-left = 0; + notification-2fa-action = true; + notification-inline-replies = false; + notification-icon-size = 64; + notification-body-image-height = 100; + notification-body-image-width = 200; + timeout = 10; + timeout-low = 5; + timeout-critical = 0; + control-center-width = 500; + control-center-height = 600; + notification-window-width = 500; + keyboard-shortcuts = true; + image-visibility = "when-available"; + transition-time = 200; + hide-on-clear = false; + hide-on-action = true; + script-fail-notify = true; + widgets = [ + "inhibitors" + "title" + "dnd" + "volume" + "backlight" + "mpris" + "buttons-grid#quick" + "notifications" + ]; + widget-config = { + inhibitors = { + text = "Inhibitors"; + button-text = "Clear All"; + clear-all-button = true; + }; + title = { + text = "Notifications"; + clear-all-button = true; + button-text = "Clear All"; + }; + dnd.text = "Do Not Disturb"; + mpris = { + image-size = 96; + image-radius = 12; + }; + volume = { + label = "󰕾"; + show-per-app = true; + }; + backlight = { + label = "󰃟"; + device = "intel_backlight"; + }; + # "buttons-grid#quick" = { + # columns = 4; + # icon-size = 20; + # actions = [ + # { label = "󰐥"; tooltip = "Shutdown"; command = "confirm-action 'systemctl poweroff' 'Shutdown?'"; } + # { label = "󰜉"; tooltip = "Reboot"; command = "confirm-action 'systemctl reboot' 'Reboot?'"; } + # { label = "󰍃"; tooltip = "Logout"; command = "confirm-action 'swaymsg exit' 'Logout?'"; } + # ]; + # }; + }; + }; + style = '' + .control-center { background: #1a1b26; border: 2px solid #7dcae4; border-radius: 12px; } + .control-center-list { background: transparent; } + .control-center .notification-row:focus, .control-center .notification-row:hover { opacity: 1; background: #24283b; } + .notification { border-radius: 8px; margin: 6px 12px; box-shadow: 0 0 0 1px rgba(125,196,228,.3), 0 1px 3px 1px rgba(0,0,0,.7), 0 2px 6px 2px rgba(0,0,0,.3); padding: 0; } + .widget-title { margin: 8px; font-size: 1.5rem; color: #c0caf5; } + .widget-dnd { margin: 8px; font-size: 1.1rem; color: #c0caf5; } + .widget-dnd > switch { font-size: initial; border-radius: 8px; background: #414868; border: 1px solid #7dcae4; } + .widget-dnd > switch:checked { background: #7dcae4; } + .widget-mpris { color: #c0caf5; background: #24283b; padding: 8px; margin: 8px; border-radius: 8px; } + .widget-mpris-player { padding: 8px; margin: 8px; } + .widget-mpris-title { font-weight: bold; font-size: 1.25rem; } + .widget-mpris-subtitle { font-size: 1.1rem; color: #9ece6a; } + .widget-volume, .widget-backlight, .widget-menubar { background: #24283b; padding: 8px; margin: 8px; border-radius: 8px; color: #c0caf5; } + .widget-menubar .menu-item button { background: #1f2335; color: #c0caf5; border-radius: 8px; padding: 6px 10px; margin: 4px; border: 1px solid #2e3440; font-family: "JetBrainsMonoNL Nerd Font"; } + .widget-menubar .menu-item button:hover { background: #414868; border-color: #7dcae4; } + .topbar-buttons button { border: none; background: transparent; color: #c0caf5; font-size: 1.1rem; border-radius: 8px; margin: 0 4px; padding: 8px; } + .topbar-buttons button:hover { background: #414868; } + .topbar-buttons button:active { background: #7dcae4; color: #1a1b26; } + ''; + }; + }; +} diff --git a/common/desktop_environment/sway/home_manager/theme.nix b/common/desktop_environment/sway/home_manager/theme.nix new file mode 100644 index 00000000..5a3fbf73 --- /dev/null +++ b/common/desktop_environment/sway/home_manager/theme.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }: +{ + home.pointerCursor = { + gtk.enable = true; + package = pkgs.bibata-cursors; + name = "Bibata-Modern-Classic"; + size = 16; + }; + gtk = { + enable = true; + theme = { package = pkgs.flat-remix-gtk; name = "Flat-Remix-GTK-Grey-Darkest"; }; + iconTheme = { package = pkgs.adwaita-icon-theme; name = "Adwaita"; }; + font = { name = "Sans"; size = 11; }; + }; +} diff --git a/common/desktop_environment/sway/home_manager/waybar.nix b/common/desktop_environment/sway/home_manager/waybar.nix new file mode 100644 index 00000000..addb94c5 --- /dev/null +++ b/common/desktop_environment/sway/home_manager/waybar.nix @@ -0,0 +1,260 @@ +{ lib, osConfig, ... }: +let + ccfg = import ../../../config.nix; + cfg_path = [ + ccfg.custom_config_key + "desktopEnvironment" + "sway" + "waybar" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path osConfig; +in +{ + config = lib.mkIf cfg.enable { + + programs.waybar = { + enable = true; + systemd.enable = true; + settings = { + mainBar = { + layer = "top"; + position = "top"; + height = 28; + spacing = 6; + margin-top = 0; + margin-bottom = 0; + margin-left = 10; + margin-right = 10; + + modules-left = [ + "sway/workspaces" + ]; + modules-center = [ + "clock" + "temperature" + "cpu" + "memory" + "disk" + ]; + modules-right = [ + "battery" + "battery#bat2" + "pulseaudio" + "network" + "bluetooth" + "power-profiles-daemon" + "backlight" + "custom/notifications" + "sway/language" + "tray" + "custom/power" + ]; + + # LEFT + "sway/workspaces" = { + format = "{icon}"; + format-icons = { + "1" = "一"; + "2" = "二"; + "3" = "三"; + "4" = "四"; + "5" = "五"; + "6" = "六"; + "7" = "七"; + "8" = "八"; + "9" = "九"; + "10" = "十"; + "11" = "十一"; + "12" = "十二"; + "13" = "十三"; + "14" = "十四"; + "15" = "十五"; + "16" = "十六"; + "17" = "十七"; + "18" = "十八"; + "19" = "十九"; + "20" = "二十"; + }; + disable-scroll = false; + }; + + # CENTER + clock = { + format = "{:%b %d, %H:%M}"; + tooltip-format = "{:%Y %B}\n{calendar}"; + }; + + temperature = { + thermal-zone = 2; + hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + format-critical = "󰔏 {temperatureC}°C"; + format = "󰔏 {temperatureC}°C"; + }; + + cpu = { + format = "󰻠 {usage}%"; + tooltip = true; + on-click = "btop"; + }; + + memory = { + format = "󰍛 {}%"; + on-click = "btop"; + }; + + disk = { + interval = 30; + format = "󰋊 {percentage_used}%"; + path = "/"; + on-click = "btop"; + }; + + # RIGHT + "battery" = { + "states" = { + # "good"= 95; + "warning" = 30; + "critical" = 15; + }; + "format" = "{capacity}% {icon}"; + "format-full" = "{capacity}% {icon}"; + "format-charging" = "{capacity}% "; + "format-plugged" = "{capacity}% "; + "format-alt" = "{time} {icon}"; + # "format-good"= ""; // An empty format will hide the module + # "format-full"= ""; + "format-icons" = [ + "" + "" + "" + "" + "" + ]; + }; + "battery#bat2" = { + "bat" = "BAT2"; + }; + + pulseaudio = { + format = "{icon} {volume}%"; + format-bluetooth = "󰂰 {volume}%"; + format-bluetooth-muted = "󰂲 "; + format-muted = "󰖁 "; + format-source = "󰍬 {volume}%"; + format-source-muted = "󰍭 "; + format-icons = { + headphone = "󰋋"; + hands-free = "󰂑"; + headset = "󰂑"; + phone = "󰏲"; + portable = "󰦧"; + car = "󰄋"; + default = [ + "󰕿" + "󰖀" + "󰕾" + ]; + }; + scroll-step = 5; + on-click = "pavucontrol"; + on-click-right = "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + }; + + network = { + format-wifi = "󰤨 {essid} ({signalStrength}%)"; + format-ethernet = "󰈀 {ipaddr}/{cidr}"; + tooltip-format = "{ifname} via {gwaddr} "; + format-linked = "󰈀 {ifname} (No IP)"; + format-disconnected = "󰖪 Disconnected"; + # on-click = "wofi-wifi-menu"; + # on-click-right = "nmcli radio wifi toggle"; + }; + + bluetooth = { + format = "󰂯 {status}"; + format-connected = "󰂱 {device_alias}"; + format-connected-battery = "󰂱 {device_alias} {device_battery_percentage}%"; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + # on-click = "wofi-bluetooth-menu"; + # on-click-right = "bluetoothctl power toggle"; + }; + + "power-profiles-daemon" = { + format = "{icon}"; + "tooltip-format" = "Power profile: {profile}\nDriver: {driver}"; + tooltip = true; + "format-icons" = { + default = ""; + performance = ""; + balanced = ""; + "power-saver" = ""; + }; + }; + + backlight = { + format = "{percent}% {icon}"; + "format-icons" = [ + "" + "" + "" + "" + "" + "" + "" + "" + "" + ]; + }; + + "custom/notifications" = { + format = "{icon} {}"; + format-icons = { + notification = ""; + none = ""; + dnd-notification = "󰂛"; + dnd-none = "󰂛"; + inhibited-notification = ""; + inhibited-none = ""; + dnd-inhibited-notification = "󰂛"; + dnd-inhibited-none = "󰂛"; + }; + return-type = "json"; + exec-if = "which swaync-client"; + exec = "swaync-client -swb"; + on-click = "swaync-client -t -sw"; + on-click-right = "swaync-client -d -sw"; + escape = true; + tooltip = false; + }; + + "sway/language" = { + format = "{}"; + }; + + "tray" = { + "spacing" = 10; + }; + + "custom/power" = { + format = "⏻ "; + tooltip = false; + menu = "on-click"; + "menu-file" = ./waybar/power_menu.xml; + "menu-actions" = { + shutdown = "shutdown 0"; + reboot = "reboot"; + logout = "loginctl terminate-session $(loginctl list-sessions | grep seat0 | awk '{print $1}')"; + }; + }; + + }; + }; + + style = builtins.readFile ./waybar/waybar.css; + }; + }; +} diff --git a/common/desktop_environment/sway/home_manager/waybar/power_menu.xml b/common/desktop_environment/sway/home_manager/waybar/power_menu.xml new file mode 100644 index 00000000..a061b18d --- /dev/null +++ b/common/desktop_environment/sway/home_manager/waybar/power_menu.xml @@ -0,0 +1,26 @@ + + + + + + Logout + + + + + + + + Reboot + + + + + + + + Shutdown + + + + diff --git a/common/desktop_environment/sway/home_manager/waybar/waybar.css b/common/desktop_environment/sway/home_manager/waybar/waybar.css new file mode 100644 index 00000000..efeba061 --- /dev/null +++ b/common/desktop_environment/sway/home_manager/waybar/waybar.css @@ -0,0 +1,101 @@ +* { + /* `otf-font-awesome` is required to be installed for icons */ + font-family: "JetBrainsMonoNL Nerd Font", FontAwesome, Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + border: none; + border-radius: 0; + min-height: 0; + color: #f1f1f1; +} + +window#waybar { + background: transparent; +} + +#workspaces button.focused { + background-color: rgba(220, 220, 220, 0.2); +} + +#workspaces button.urgent { + background-color: rgba(214, 82, 82, 0.3); +} + +button, +#clock, +#battery, +#cpu, +#memory, +#disk, +#temperature, +#backlight, +#network, +#pulseaudio, +#wireplumber, +#custom-media, +#custom-notifications, +#custom-power, +#tray, +#mode, +#idle_inhibitor, +#scratchpad, +#power-profiles-daemon, +#bluetooth, +#language, +#mpd { + padding: 0 5px; + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.1); + border-radius: 6px; +} + + +button:hover, +#clock:hover, +#battery:hover, +#cpu:hover, +#memory:hover, +#disk:hover, +#temperature:hover, +#backlight:hover, +#network:hover, +#pulseaudio:hover, +#wireplumber:hover, +#custom-media:hover, +#custom-notifications:hover, +#tray:hover, +#mode:hover, +#idle_inhibitor:hover, +#scratchpad:hover, +#power-profiles-daemon:hover, +#bluetooth:hover, +#language:hover, +#mpd:hover { + color: #f1f1f1; + background-color: rgba(220, 220, 220, 0.2); + border-radius: 6px; +} + +#power-profiles-daemon { + padding-right: 15px; +} + +#power-profiles-daemon.performance { + color: #fff7d6; +} + +#power-profiles-daemon.balanced { + color: #d6efff; +} + +#power-profiles-daemon.power-saver { + color:#dcffd6; +} + +#tray>.passive { + -gtk-icon-effect: dim; +} + +#tray>.needs-attention { + -gtk-icon-effect: highlight; + background-color: #eb4d4b; +} diff --git a/common/desktop_environment/sway/home_manager/wofi.nix b/common/desktop_environment/sway/home_manager/wofi.nix new file mode 100644 index 00000000..8c0ba40d --- /dev/null +++ b/common/desktop_environment/sway/home_manager/wofi.nix @@ -0,0 +1,23 @@ +{ ... }: +{ + programs.wofi = { + enable = true; + settings = { + width = 500; + height = 600; + location = "bottom"; + show = "drun"; + prompt = "..."; + filter_rate = 100; + allow_markup = true; + no_actions = true; + halign = "fill"; + orientation = "vertical"; + content_halign = "fill"; + insensitive = true; + allow_images = true; + image_size = 40; + gtk_dark = true; + }; + }; +} diff --git a/common/flake.lock b/common/flake.lock new file mode 100644 index 00000000..78e7a15a --- /dev/null +++ b/common/flake.lock @@ -0,0 +1,255 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1758313341, + "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", + "owner": "rycee", + "repo": "home-manager", + "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "ragenix": "ragenix" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/common/flake.nix b/common/flake.nix new file mode 100644 index 00000000..3070bb64 --- /dev/null +++ b/common/flake.nix @@ -0,0 +1,89 @@ +{ + inputs = { + # NOTE if you add/change any inputs here also add them in the TOP level repo's flake.nix + home-manager.url = "github:rycee/home-manager/release-25.05"; + ragenix.url = "github:yaxitech/ragenix"; + nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; + + # disabled for now + # hyprland.url = "github:hyprwm/Hyprland"; + }; + + outputs = + { + home-manager, + ragenix, + nix-flatpak, + # hyprland, + ... + }: + { + nixosModules = { + default = + { + config, + lib, + pkgs, + ... + }: + { + imports = [ + home-manager.nixosModules.default + ragenix.nixosModules.age + nix-flatpak.nixosModules.nix-flatpak + # hyprland.nixosModules.default + ./_home_manager + ./options.nix + ./general + ./boot + ./desktop_environment + ./users + ./programs + ./secrets + ]; + config = { + nixpkgs.overlays = [ + # (final: prev: { + # wayland-protocols = + # nixpkgs-unstable.legacyPackages.${prev.stdenv.hostPlatform.system}.wayland-protocols; + # }) + ]; + _module.args = { + inherit ragenix; + # inherit hyprland; + # hyprlandPkgs = import hyprland.inputs.nixpkgs { + # system = pkgs.stdenv.hostPlatform.system; + # config = config.nixpkgs.config or { }; + # }; + }; + }; + }; + containers = { + forgejo = import ./_containers/forgejo.nix; + }; + }; + homeManagerModules = { + # hyprland = hyprland.homeManagerModules.default; + + zsh = import ./_home_manager/mods/zsh.nix; + tmux = import ./_home_manager/mods/tmux/tmux.nix; + atuin = import ./_home_manager/mods/atuin.nix; + zoxide = import ./_home_manager/mods/zoxide.nix; + starship = import ./_home_manager/mods/starship.nix; + direnv = import ./_home_manager/mods/direnv.nix; + ssh = import ./_home_manager/mods/ssh.nix; + git = import ./_home_manager/mods/git.nix; + nix_deprecations = import ./_home_manager/mods/nix_deprecations.nix; + + alacritty = import ./_home_manager/mods/alacritty.nix; + foot = import ./_home_manager/mods/foot.nix; + kitty = import ./_home_manager/mods/kitty.nix; + launcher_rofi = import ./_home_manager/mods/launcher_rofi.nix; + + obs = import ./_home_manager/mods/obs.nix; + postgres = import ./_home_manager/mods/postgres.nix; + slicer = import ./_home_manager/mods/slicer.nix; + + }; + }; +} diff --git a/common/general/default.nix b/common/general/default.nix new file mode 100644 index 00000000..49e89002 --- /dev/null +++ b/common/general/default.nix @@ -0,0 +1,211 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "general" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + top_cfg = config.${ccfg.custom_config_key}; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + flakeOptions = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable nix flake options"; + }; + unfree = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable unfree packages"; + }; + readWindowsDrives = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Read windows drives"; + }; + disableRemoteBuildsOnLio = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Disable remote builds on lio"; + }; + timezone = lib.mkOption { + type = lib.types.str; + default = "America/Chicago"; + description = "Timezone"; + }; + defaultLocal = lib.mkOption { + type = lib.types.str; + default = "en_US.UTF-8"; + description = "Default locale"; + }; + fastShutdown = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Fast shutdown"; + }; + enableSleep = lib.mkEnableOption (lib.mdDoc "Enable auto sleeping"); + hideBootLogs = lib.mkEnableOption (lib.mdDoc "Hide boot logs on startup"); + }; + imports = [ + ./shell/common.nix + ./fonts.nix + ./tty_caps_esc.nix + ./reporting.nix + ]; + config = { + # name this computer + networking = { + hostName = top_cfg.systemName; + nftables.enable = true; + nftables.flushRuleset = true; + firewall.enable = true; + }; + + # Enable flakes + nix.settings.experimental-features = lib.mkIf cfg.flakeOptions [ + "nix-command" + "flakes" + ]; + + # Allow unfree + nixpkgs.config.allowUnfree = cfg.unfree; + nixpkgs.config.allowUnfreePredicate = (pkg: cfg.unfree); + environment.variables = lib.mkIf cfg.unfree { + NIXPKGS_ALLOW_UNFREE = "1"; + }; + + # allow mounting ntfs filesystems + boot.supportedFilesystems = lib.mkIf cfg.readWindowsDrives [ "ntfs" ]; + + # make shutdown faster for waiting + systemd.extraConfig = lib.mkIf cfg.fastShutdown '' + DefaultTimeoutStopSec=8s + ''; + + nix.settings = { + max-jobs = "auto"; + # Fallback quickly if substituters are not available. + connect-timeout = 5; + download-attempts = 3; + download-buffer-size = 524288000; # default is 67108864, this increases to ~500MB + # The default at 10 is rarely enough. + log-lines = 50; + # Avoid disk full issues + max-free = (3000 * 1024 * 1024); + min-free = (1000 * 1024 * 1024); + # Avoid copying unnecessary stuff over SSH + builders-use-substitutes = true; + auto-optimise-store = true; + trusted-users = [ + "root" + "@wheel" + ]; + substituters = [ + "https://cache.nixos.org/" + "https://hyprland.cachix.org" + "https://cosmic.cachix.org/" + "https://nix-community.cachix.org" + ]; + trusted-substituters = config.nix.settings.substituters; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; + nix.extraOptions = '' + keep-outputs = true + keep-derivations = true + ${lib.optionalString ( + # TODO revisit this should it move? + config ? age && config.age ? secrets && config.age.secrets ? github_read_token + ) "!include ${config.age.secrets.github_read_token.path}"} + ''; + + # Enable zsh + programs.zsh.enable = true; + environment.pathsToLink = [ "/share/zsh" ]; + + # nix helper + programs.nh = { + enable = true; + # clean.enable = true; # TODO revist does this solve my re-building issues? + clean.extraArgs = "--keep 10"; + # `flake` path is set in users/default.nix for the primary user if set + }; + + # Remote build off home lio computer + programs.ssh.extraConfig = lib.mkIf (!cfg.disableRemoteBuildsOnLio) '' + Host lio_ + PubkeyAcceptedKeyTypes ssh-ed25519 + ServerAliveInterval 60 + IPQoS throughput + ${lib.optionalString ( + config ? age && config.age ? secrets && config.age.secrets ? nix2lio + ) "IdentityFile ${config.age.secrets.nix2lio.path}"} + ''; + nix = { + distributedBuilds = lib.mkIf (!cfg.disableRemoteBuildsOnLio) true; + buildMachines = lib.mkIf (!cfg.disableRemoteBuildsOnLio) [ + { + hostName = "lio"; + system = "x86_64-linux"; + protocol = "ssh-ng"; + maxJobs = 32; + speedFactor = 2; + supportedFeatures = [ + "nixos-test" + "benchmark" + "big-parallel" + "kvm" + "uid-range" # Often helpful + ]; + mandatoryFeatures = [ ]; + } + ]; + }; + + # TODO can I make this Roaming automatically somehow? + time.timeZone = cfg.timezone; + # Select internationalization properties. + i18n.defaultLocale = cfg.defaultLocal; + i18n.extraLocaleSettings = { + LC_ADDRESS = cfg.defaultLocal; + LC_IDENTIFICATION = cfg.defaultLocal; + LC_MEASUREMENT = cfg.defaultLocal; + LC_MONETARY = cfg.defaultLocal; + LC_NAME = cfg.defaultLocal; + LC_NUMERIC = cfg.defaultLocal; + LC_PAPER = cfg.defaultLocal; + LC_TELEPHONE = cfg.defaultLocal; + LC_TIME = cfg.defaultLocal; + }; + + # Turn off sleep + systemd.sleep.extraConfig = lib.mkIf (!cfg.enableSleep) '' + [Sleep] + AllowSuspend=no + AllowHibernation=no + AllowSuspendThenHibernate=no + AllowHybridSleep=no + ''; + + # Hide boot logs + boot.initrd.verbose = cfg.hideBootLogs; + boot.consoleLogLevel = lib.mkIf cfg.hideBootLogs 3; + boot.kernelParams = lib.mkIf cfg.hideBootLogs [ + "quiet" + "loglevel=3" + "systemd.show_status=false" + ]; + }; +} diff --git a/common/general/fonts.nix b/common/general/fonts.nix new file mode 100644 index 00000000..ebc1014d --- /dev/null +++ b/common/general/fonts.nix @@ -0,0 +1,59 @@ +{ + pkgs, + lib, + config, + ... +}: +let + hasNewJetbrainsMono = + if builtins.hasAttr "nerd-fonts" pkgs then + builtins.hasAttr "jetbrains-mono" pkgs."nerd-fonts" + else + false; + + jetbrainsMonoFont = + if hasNewJetbrainsMono then + pkgs.nerd-fonts.jetbrains-mono + else + (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); + + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "general" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + jetbrainsMonoFont = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable jetbrains mono font"; + }; + japaneseFonts = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable japanese fonts"; + }; + }; + + config = { + fonts.packages = + lib.optionals cfg.jetbrainsMonoFont [ + jetbrainsMonoFont + ] + ++ lib.optionals cfg.japaneseFonts ( + with pkgs; + [ + ipafont + kochi-substitute + noto-fonts-cjk-sans # Or another CJK font + ] + ); + + fonts.fontconfig.enable = true; + }; +} diff --git a/common/general/reporting.nix b/common/general/reporting.nix new file mode 100644 index 00000000..f7694027 --- /dev/null +++ b/common/general/reporting.nix @@ -0,0 +1,80 @@ +{ + lib, + config, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "general" + "reporting" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "Reporting node info and logs to grafana"; + lokiUrl = lib.mkOption { + type = lib.types.str; + default = "http://h001.net.joshuabell.xyz:3100/loki/api/v1/push"; + description = "URL of the Loki instance to send logs to"; + }; + }; + + config = lib.mkIf cfg.enable { + services.prometheus.exporters.node = { + enable = true; + port = 9100; + }; + + # Create necessary directories with appropriate permissions + systemd.tmpfiles.rules = [ + "d /tmp/positions 1777 - - -" # World-writable directory for positions file + "f /tmp/positions.yaml 0666 - - -" # World-writable positions file + ]; + users.groups.systemd-journal.members = [ "promtail" ]; + services.promtail = { + enable = true; + extraFlags = [ + "-config.expand-env=true" + ]; + configuration = { + server = { + http_listen_port = 9080; + grpc_listen_port = 0; + }; + positions = { + filename = "/tmp/positions.yaml"; # Changed from /var/lib/promtail/positions.yaml + }; + clients = [ + { + url = cfg.lokiUrl; + } + ]; + scrape_configs = [ + { + job_name = "journal"; + journal = { + json = false; + max_age = "12h"; + path = "/var/log/journal"; + labels = { + job = "systemd-journal"; + host = config.networking.hostName; + }; + }; + relabel_configs = [ + { + source_labels = [ "__journal__systemd_unit" ]; + target_label = "unit"; + } + ]; + } + ]; + }; + }; + }; +} diff --git a/common/general/shell/branch.func.sh b/common/general/shell/branch.func.sh new file mode 100644 index 00000000..03908fce --- /dev/null +++ b/common/general/shell/branch.func.sh @@ -0,0 +1,213 @@ +branch() { + local branch_name=${1:-} + + # helper: set tmux window name. If tmux is in auto mode, always rename. + # If tmux is manual but the current window name matches the previous branch, + # allow renaming from previous branch name to the new one. + _branch__maybe_set_tmux_name() { + if ! command -v tmux_window >/dev/null 2>&1; then + return 1 + fi + local new_name prev_branch tmux_status tmux_cur + new_name=${1:-} + prev_branch=${2:-} + tmux_status=$(tmux_window status 2>/dev/null || true) + if [ "$tmux_status" = "auto" ]; then + tmux_window rename "$new_name" 2>/dev/null || true + return 0 + fi + # tmux is manual. If the current tmux name matches the previous branch, + # we consider it safe to update it to the new branch name. + if [ -n "$prev_branch" ]; then + tmux_cur=$(tmux_window get 2>/dev/null || true) + if [ "$tmux_cur" = "$prev_branch" ]; then + tmux_window rename "$new_name" 2>/dev/null || true + fi + fi + } + + # helper: revert tmux to automatic rename only if current tmux name matches previous branch + _branch__revert_tmux_auto() { + if ! command -v tmux_window >/dev/null 2>&1; then + return 1 + fi + local prev_branch=${1:-} + if [ -z "$prev_branch" ]; then + tmux_window rename 2>/dev/null || true + return 0 + fi + local tmux_cur + tmux_cur=$(tmux_window get 2>/dev/null || true) + if [ "$tmux_cur" = "$prev_branch" ]; then + tmux_window rename 2>/dev/null || true + fi + } + + # Determine repo root early so we can run branches inside it + local common_dir + if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then + echo "Not inside a git repository." >&2 + return 1 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + local repo_dir="${common_dir%%/.git*}" + if [ -z "$repo_dir" ]; then + echo "Unable to determine repository root." >&2 + return 1 + fi + + # If no branch was provided, present an interactive selector combining local and remote branches + if [ -z "$branch_name" ]; then + if ! command -v fzf >/dev/null 2>&1; then + echo "Usage: branch " >&2 + return 2 + fi + + local branches_list_raw branches_list selection + # Gather local and remote branches with fallbacks to ensure locals appear + branches_list_raw="" + if declare -f local_branches >/dev/null 2>&1; then + branches_list_raw=$(cd "$repo_dir" && local_branches 2>/dev/null || true; cd "$repo_dir" && remote_branches 2>/dev/null || true) + fi + branches_list=$(printf "%s +" "$branches_list_raw" | awk '!seen[$0]++') + if [ -z "$branches_list" ]; then + echo "No branches found." >&2 + return 1 + fi + + fzf_out=$(printf "%s\n" "$branches_list" | fzf --height=40% --prompt="Select branch: " --print-query) + if [ -z "$fzf_out" ]; then + echo "No branch selected." >&2 + return 1 + fi + branch_query=$(printf "%s\n" "$fzf_out" | sed -n '1p') + branch_selection=$(printf "%s\n" "$fzf_out" | sed -n '2p') + if [ -n "$branch_selection" ]; then + branch_name="$branch_selection" + else + # user typed something in fzf but didn't select: use that as new branch name + branch_name=$(printf "%s" "$branch_query" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + fi + fi + + local repo_base repo_hash default_branch + repo_base=$(basename "$repo_dir") + repo_hash=$(printf "%s" "$repo_dir" | sha1sum | awk '{print $1}') + + default_branch=$(getdefault) + + # capture current branch name as seen by tmux so we can decide safe renames later + local prev_branch + prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + + # Special-case: jump to the main working tree on the default branch + if [ "$branch_name" = "default" ] || [ "$branch_name" = "master" ] || [ "$branch_name" = "$default_branch" ]; then + if [ "$repo_dir" = "$PWD" ]; then + echo "Already in the main working tree on branch '$default_branch'." + return 0 + fi + echo "Switching to main working tree on branch '$default_branch'." + # capture current branch name as seen by tmux so we only revert if it matches + prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + cd "$repo_dir" || return 1 + _branch__revert_tmux_auto "$prev_branch" || true + return 0 + fi + + # If a worktree for this branch is already registered elsewhere, open a shell there + local existing + existing=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="$branch_name" 'BEGIN{RS="";FS="\n"} $0 ~ "refs/heads/"b{for(i=1;i<=NF;i++) if ($i ~ /^worktree /){ sub(/^worktree /,"",$i); print $i }}') + if [ -n "$existing" ]; then + echo "Opening existing worktree for branch '$branch_name' at '$existing'." + cd "$existing" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + # Ensure we have up-to-date remote info + git -C "$repo_dir" fetch --all --prune || true + + local wt_root wt_path + if [ -z "$xdg" ]; then + xdg="${XDG_DATA_HOME:-$HOME/.local/share}" + fi + wt_root="$xdg/git_worktrees/${repo_base}_${repo_hash}" + wt_path="$wt_root/$branch_name" + + # ensure worktree root exists + if [ ! -d "$wt_root" ]; then + mkdir -p "$wt_root" || { echo "Failed to create worktree root: $wt_root" >&2; return 1; } + fi + + # If worktree already exists at our expected path, open a shell there + if [ -d "$wt_path" ]; then + echo "Opening existing worktree at '$wt_path'." + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + local branch_exists branch_from local_exists + branch_exists=$(git -C "$repo_dir" ls-remote --heads origin "$branch_name" | wc -l) + # check if a local branch exists + if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch_name"; then + local_exists=1 + else + local_exists=0 + fi + + branch_from="$default_branch" + if [ "$branch_exists" -eq 0 ]; then + if [ "$local_exists" -eq 1 ]; then + branch_from="$branch_name" + echo "Branch '$branch_name' exists locally; creating worktree from local branch." + else + echo "Branch '$branch_name' does not exist on remote; creating from '$branch_from'." + fi + else + branch_from="origin/$branch_name" + echo "Branch '$branch_name' exists on remote; creating worktree tracking it." + fi + + echo "Creating new worktree for branch '$branch_name' at '$wt_path'." + + # Try to add or update worktree from the resolved ref. Use a fallback path if needed. + if [ "$local_exists" -eq 1 ]; then + if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + else + if git -C "$repo_dir" worktree add -b "$branch_name" "$wt_path" "$branch_from" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + fi + + # Fallback: try to resolve a concrete SHA and create the branch ref locally, then add worktree + local start_sha + if start_sha=$(git -C "$repo_dir" rev-parse --verify "$branch_from" 2>/dev/null); then + if git -C "$repo_dir" branch "$branch_name" "$start_sha" 2>/dev/null; then + if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + else + git -C "$repo_dir" branch -D "$branch_name" 2>/dev/null || true + rmdir "$wt_path" 2>/dev/null || true + echo "Failed to add worktree after creating branch ref." >&2 + return 1 + fi + fi + fi + + echo "Failed to add worktree for branch '$branch_name'." >&2 + rmdir "$wt_path" 2>/dev/null || true + return 1 +} diff --git a/common/general/shell/branchd.func.sh b/common/general/shell/branchd.func.sh new file mode 100644 index 00000000..a7769d23 --- /dev/null +++ b/common/general/shell/branchd.func.sh @@ -0,0 +1,131 @@ +branchdel() { + # branchdel — remove a branch worktree (optional branch arg) + local branch_arg + branch_arg="$1" + local wt_path + wt_path=$(pwd) + local common_dir repo_dir + if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then + echo "Not inside a git repository." >&2 + return 1 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + repo_dir="${common_dir%%/.git*}" + if [ -z "$repo_dir" ]; then + echo "Unable to determine repository root." >&2 + return 1 + fi + + # determine current branch in this worktree + local current default_branch branch target_wt + current=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) || { echo "Not inside a git repository." >&2; return 1; } + + default_branch=$(getdefault) + + # choose branch: provided arg or current + if [ -z "$branch_arg" ]; then + branch="$current" + else + branch="$branch_arg" + fi + # normalize branch name if refs/heads/ was provided + branch="${branch#refs/heads/}" + + # don't remove default + if [ "$branch" = "$default_branch" ] || [ "$branch" = "default" ]; then + echo "Refusing to remove default branch worktree ($default_branch)." >&2 + return 1 + fi + + # find the worktree path for the requested branch + target_wt=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="refs/heads/$branch" ' + $1=="worktree" { w=$2 } + $1=="branch" && $2==b { print w; exit } + ') + + # if not found in worktree list, check main worktree branch + if [ -z "$target_wt" ]; then + local main_branch + main_branch=$(git -C "$repo_dir" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + if [ "$main_branch" = "$branch" ]; then + target_wt="$repo_dir" + fi + fi + + if [ -z "$target_wt" ]; then + echo "No worktree found for branch '$branch'." >&2 + return 1 + fi + + if [ "$target_wt" = "$repo_dir" ]; then + echo "Branch '$branch' is the main worktree at '$repo_dir'. Will not delete main worktree." >&2 + return 1 + fi + + # if we're currently in that branch/worktree, switch to default and cd to repo root first + if [ "$current" = "$branch" ]; then + echo "Currently on branch '$branch' in '$wt_path'. Switching to default branch '$default_branch' in main worktree..." + if declare -f branch >/dev/null 2>&1; then + branch default || { echo "Failed to switch to default branch" >&2; return 1; } + else + git -C "$repo_dir" checkout "$default_branch" || { echo "Failed to checkout default branch" >&2; return 1; } + fi + cd "$repo_dir" || { echo "Failed to change directory to repo root: $repo_dir" >&2; return 1; } + fi + + echo "Removing worktree at: $target_wt" + # helper: attempt a guarded, forceful removal of a directory + remove_dir_forcefully() { + local dir="$1" + if [ -z "$dir" ]; then + return 1 + fi + # resolve absolute paths + local abs_dir abs_repo + abs_dir=$(readlink -f -- "$dir" 2>/dev/null) || abs_dir="$dir" + abs_repo=$(readlink -f -- "$repo_dir" 2>/dev/null) || abs_repo="$repo_dir" + + # safety checks: do not remove repository root or / + if [ "$abs_dir" = "/" ] || [ "$abs_dir" = "$abs_repo" ]; then + echo "Refusing to remove unsafe path: $abs_dir" >&2 + return 1 + fi + + # try plain rm -rf + rm -rf -- "$abs_dir" 2>/dev/null && return 0 + + # fix permissions then try again + chmod -R u+rwx "$abs_dir" 2>/dev/null || true + rm -rf -- "$abs_dir" 2>/dev/null && return 0 + + # try removing contents first, then remove directory + if find "$abs_dir" -mindepth 1 -exec rm -rf -- {} + 2>/dev/null; then + rmdir "$abs_dir" 2>/dev/null || true + fi + + # final existence check + [ ! -e "$abs_dir" ] + } + + # try unregistering the worktree, prefer normal then fallback to --force + if git -C "$repo_dir" worktree remove "$target_wt" 2>/dev/null || git -C "$repo_dir" worktree remove --force "$target_wt" 2>/dev/null; then + if remove_dir_forcefully "$target_wt"; then + echo "Removed worktree: $target_wt" + else + echo "Worktree removed from git, but failed to fully delete directory: $target_wt" >&2 + echo "Attempted to force-delete; you may need to remove it manually with sudo." >&2 + fi + + # delete local branch if it exists + if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch"; then + git -C "$repo_dir" branch -D "$branch" 2>/dev/null || true + echo "Deleted local branch: $branch" + fi + return 0 + fi + + echo "Failed to remove worktree: $target_wt" >&2 + return 1 +} diff --git a/common/general/shell/common.nix b/common/general/shell/common.nix new file mode 100644 index 00000000..c7bd3df7 --- /dev/null +++ b/common/general/shell/common.nix @@ -0,0 +1,73 @@ +{ + lib, + pkgs, + ... +}: +with lib; +{ + config = { + environment.systemPackages = with pkgs; [ + # Basics + vim + nano + wget + curl + jq + fastfetch + bat + htop + unzip + git + fzf + ripgrep + lsof + killall + hdparm + speedtest-cli + lf + ]; + + environment.shellAliases = { + n = "nvim"; + nn = "nvim --headless '+SessionDelete' +qa > /dev/null 2>&1 && nvim"; + bat = "bat --theme Coldark-Dark"; + cat = "bat --pager=never -p"; + # TODO this may not be needed now that I am using `nh` clean mode (see /hosts/_common/configuration.nix#programs.nh) + nix-boot-clean = "find '/boot/loader/entries' -type f ! -name 'windows.conf' | head -n -4 | xargs -I {} rm {}; nix store gc; nixos-rebuild boot; echo; df"; + ndr = "nix-direnv-reload"; + + # general unix + date_compact = "date +'%Y%m%d'"; + date_short = "date +'%Y-%m-%d'"; + ls = "ls --color -Gah"; + ll = "ls --color -Galh"; + lss = "du --max-depth=0 -h {.,}* 2>/dev/null | sort -hr"; + psg = "ps aux | head -n 1 && ps aux | grep -v 'grep' | grep"; + cl = "clear"; + + # git + status = "git status"; + diff = "git diff"; + branches = "git branch -a"; + gcam = "git commit -a -m"; + gcm = "git commit -m"; + stashes = "git stash list"; + bd = "branch default"; + li = "link_ignored"; + bx = "branchdel"; + b = "branch"; + + # ripgrep + rg = "rg --no-ignore"; + rgf = "rg --files --glob '!/nix/store/**' 2>/dev/null | rg"; + }; + + environment.shellInit = lib.concatStringsSep "\n\n" [ + (builtins.readFile ./common.sh) + (builtins.readFile ./tmux_helpers.sh) + (builtins.readFile ./branch.func.sh) + (builtins.readFile ./branchd.func.sh) + (builtins.readFile ./link_ignored.func.sh) + ]; + }; +} diff --git a/common/general/shell/common.sh b/common/general/shell/common.sh new file mode 100644 index 00000000..3c23918e --- /dev/null +++ b/common/general/shell/common.sh @@ -0,0 +1,220 @@ +# Check if ~/.config/environment exists and source all files within it +if [ -d "$HOME/.config/environment" ]; then + for file in "$HOME/.config/environment/"*; do + if [ -r "$file" ]; then + if ! . "$file"; then + echo "Failed to source $file" + fi + fi + done +fi + +# Basics +htop_psg () { + htop -p $(psg $1 | awk '{r=r s $2;s=","} END{print r}') +} + +htop_pid () { + htop -p $(ps -ef | awk -v proc=$1 '$3 == proc { cnt++;if (cnt == 1) { printf "%s",$2 } else { printf ",%s",$2 } }') +} + +psg_kill() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "killing ${pid}" + kill -9 "${pid}" &> /dev/null + fi + done +} + +psg_terminate() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "Terminating ${pid}" + kill -15 "${pid}" &> /dev/null + fi + done +} + +psg_skill() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "Killing ${pid}" + sudo kill -9 "${pid}" &> /dev/null + fi + done +} + +mail_clear() { + : > /var/mail/$USER +} + +speedtest_fs () { + dir=$(pwd) + drive=$(df -h ${dir} | awk 'NR==2 {print $1}') + echo Testing read speeds on drive ${drive} + sudo hdparm -Tt ${drive} + test_file=$(date +%u%m%d) + test_file="${dir}/speedtest_fs_${test_file}" + echo + echo Testing write speeds into test file: ${test_file} + dd if=/dev/zero of=${test_file} bs=8k count=10k; rm -f ${test_file} +} + +speedtest_internet () { + speedtest-cli +} + +# git +getdefault () { + git remote show origin | grep "HEAD branch" | sed 's/.*: //' +} + +master () { + branch $(getdefault) + git checkout $(getdefault) + pull +} + +mp () { + master + prunel +} + +pullmaster () { + git pull origin $(getdefault) +} + +push () { + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git pull origin $B + git push origin $B --no-verify +} + +pull () { + git fetch + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git pull origin $B +} + +forcepush () { + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git push origin $B --force +} + +remote_branches () { + git for-each-ref --format='%(refname:short)' refs/remotes 2>/dev/null | sed 's#^[^/]*/##' | grep -v '^HEAD$' || true +} + +local_branches () { + git for-each-ref --format='%(refname:short)' refs/heads 2>/dev/null || true +} + +prunel () { + git fetch + git remote prune origin + + for local in $(local_branches); do + in=false + for remote in $(remote_branches); do + if [[ ${local} = ${remote} ]]; then + in=true + fi + done; + if [[ $in = 'false' ]]; then + git branch -D ${local} + else + echo 'Skipping branch '${local} + fi + done; +} + +from_master () { + git checkout $(getdefault) $@ +} + +stash() { + local branch + branch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) + local datetime + datetime=$(date +"%Y-%m-%d_%H-%M") + local default_label="${datetime}_${branch}" + if [ -n "$ZSH_VERSION" ]; then + read "label?Stash label [default: $default_label]: " + else + read -e -p "Stash label [default: $default_label]: " label + fi + label=${label:-$default_label} + git stash push -m "$label" +} + +pop() { + local selection + selection=$(git stash list | \ + fzf --prompt="Select stash to pop: " \ + --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") + [ -z "$selection" ] && echo "No stash selected." && return 1 + local stash_ref + stash_ref=$(echo "$selection" | awk -F: '{print $1}') + echo "Popping $stash_ref..." + git stash pop "$stash_ref" +} + +delstash() { + local selection + selection=$(git stash list | \ + fzf --prompt="Select stash to pop: " \ + --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") + [ -z "$selection" ] && echo "No stash selected." && return 1 + local stash_ref + stash_ref=$(echo "$selection" | awk -F: '{print $1}') + echo "About to delete $stash_ref." + git stash drop "$stash_ref" +} + +# nix +alias nixpkgs=nixpkg +nixpkg () { + if [ $# -eq 0 ]; then + echo "Error: No arguments provided. Please specify at least one package." + return 1 + fi + cmd="nix shell" + for pkg in "$@"; do + cmd="$cmd \"nixpkgs#$pkg\"" + done + eval $cmd +} + +# Marks some files as in "git" but they won't actually get pushed up to the git repo +# Usefull for `gintent .envrc flake.lock flake.nix` to add nix items required by flakes in a git repo that won't want flakes added +gintent() { + for file in "$@"; do + if [ -f "$file" ]; then + git add --intent-to-add "$file" + git update-index --assume-unchanged "$file" + echo "Intent added for $file" + else + echo "File not found: $file" + fi + done +} +alias gintentnix="gintent .envrc flake.lock flake.nix" + +gintent_undo() { + for file in "$@"; do + if [ -f "$file" ]; then + git update-index --no-assume-unchanged "$file" + echo "Intent removed for $file" + else + echo "File not found: $file" + fi + done +} +alias gintentnix_undo="gintent_undo .envrc flake.lock flake.nix" + + +# Aider +aider () { + http_proxy="" all_proxy="" https_proxy="" AZURE_API_BASE=http://100.64.0.8 AZURE_API_VERSION=2025-01-01-preview AZURE_API_KEY=1 nix run "nixpkgs#aider-chat-full" -- aider --dark-mode --no-gitignore --no-check-update --no-auto-commits --model azure/gpt-4.1-2025-04-14 $@ +} diff --git a/common/general/shell/link_ignored.func.sh b/common/general/shell/link_ignored.func.sh new file mode 100644 index 00000000..0043ed9e --- /dev/null +++ b/common/general/shell/link_ignored.func.sh @@ -0,0 +1,159 @@ +link_ignored() { + local DRY_RUN=0 + local USE_FZF=1 + local -a PATTERNS=() + + while [ $# -gt 0 ]; do + case "$1" in + --dry-run) DRY_RUN=1; shift ;; + --no-fzf) USE_FZF=0; shift ;; + -h|--help) link_ignored_usage; return 0 ;; + --) shift; break ;; + *) PATTERNS+=("$1"); shift ;; + esac + done + + link_ignored_usage() { + cat </dev/null); then + echo "Error: not in a git repository." >&2 + return 2 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + repo_root="${common_dir%%/.git*}" + if [ -z "$repo_root" ]; then + echo "Error: unable to determine repository root." >&2 + return 2 + fi + + local -a candidates=() + while IFS= read -r -d '' file; do + candidates+=("$file") + done < <(git -C "$repo_root" ls-files --others --ignored --exclude-standard -z || true) + + if [ ${#candidates[@]} -eq 0 ]; then + echo "No untracked/ignored files found in $repo_root" + return 0 + fi + + local -a tops=() + for c in "${candidates[@]}"; do + c="${c%/}" + local top="${c%%/*}" + [ -z "$top" ] && continue + local found=0 + for existing in "${tops[@]}"; do + [ "$existing" = "$top" ] && found=1 && break + done + [ "$found" -eq 0 ] && tops+=("$top") + done + + if [ ${#tops[@]} -eq 0 ]; then + echo "No top-level ignored/untracked entries found in $repo_root" + return 0 + fi + + local -a filtered + if [ ${#PATTERNS[@]} -gt 0 ]; then + for t in "${tops[@]}"; do + for p in "${PATTERNS[@]}"; do + if [[ "$t" == *"$p"* ]]; then + filtered+=("$t") + break + fi + done + done + else + filtered=("${tops[@]}") + fi + + if [ ${#filtered[@]} -eq 0 ]; then + echo "No candidates match the provided patterns." >&2 + return 0 + fi + + local -a chosen + if command -v fzf >/dev/null 2>&1 && [ "$USE_FZF" -eq 1 ]; then + local selected + selected=$(printf "%s\n" "${filtered[@]}" | fzf --multi --height=40% --border --prompt="Select files to link: " --preview "if [ -f '$repo_root'/{} ]; then bat --color always --paging=never --style=plain '$repo_root'/{}; else ls -la '$repo_root'/{}; fi") + if [ -z "$selected" ]; then + echo "No files selected." && return 0 + fi + chosen=() + while IFS= read -r line; do + chosen+=("$line") + done <&2 + errors+=("$rel (link failed)") + fi + fi + done + + echo + echo "Summary:" + echo " Linked: ${#created[@]}" + [ ${#created[@]} -gt 0 ] && printf ' %s\n' "${created[@]}" + echo " Skipped: ${#skipped[@]}" + [ ${#skipped[@]} -gt 0 ] && printf ' %s\n' "${skipped[@]}" + echo " Errors: ${#errors[@]}" + [ ${#errors[@]} -gt 0 ] && printf ' %s\n' "${errors[@]}" + + return 0 +} diff --git a/common/general/shell/tmux_helpers.sh b/common/general/shell/tmux_helpers.sh new file mode 100644 index 00000000..b644b4ba --- /dev/null +++ b/common/general/shell/tmux_helpers.sh @@ -0,0 +1,34 @@ +tmux_window () { + cmd=${1:-} + case "${cmd}" in + rename) + if [ -z "${2:-}" ]; then + tmux setw automatic-rename + else + tmux rename-window "$2" + fi + ;; + get) + printf '%s' "$(tmux display-message -p '#W')" + ;; + status) + out="$(tmux show-window-options automatic-rename 2>/dev/null || true)" + if printf '%s' "$out" | grep -q 'automatic-rename on'; then + printf 'auto' + elif printf '%s' "$out" | grep -q 'automatic-rename off'; then + printf 'manual' + else + # If tmux returns nothing (option not set), default to auto + if [ -z "$out" ]; then + printf 'auto' + else + return 1 + fi + fi + ;; + *) + printf 'Usage: tmux_window {rename [NAME]|get|status}\n' >&2 + return 2 + ;; + esac +} diff --git a/common/general/tty_caps_esc.nix b/common/general/tty_caps_esc.nix new file mode 100644 index 00000000..7223bfe2 --- /dev/null +++ b/common/general/tty_caps_esc.nix @@ -0,0 +1,33 @@ +{ + lib, + pkgs, + config, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "general" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + ttyCapsEscape = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable caps for escape key"; + }; + }; + config = lib.mkIf cfg.ttyCapsEscape { + services.xserver.xkb.options = "caps:escape"; + console = { + earlySetup = true; + packages = with pkgs; [ terminus_font ]; + useXkbConfig = true; # use xkb.options in tty. (caps -> escape) + }; + }; +} diff --git a/common/options.nix b/common/options.nix new file mode 100644 index 00000000..7bcb0380 --- /dev/null +++ b/common/options.nix @@ -0,0 +1,18 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ./config.nix; + cfg_path = "${ccfg.custom_config_key}"; + cfg = config.${cfg_path}; +in +{ + options.${cfg_path} = { + systemName = lib.mkOption { + type = lib.types.str; + description = "The name of the system."; + }; + }; +} diff --git a/common/programs/default.nix b/common/programs/default.nix new file mode 100644 index 00000000..c56a1ab3 --- /dev/null +++ b/common/programs/default.nix @@ -0,0 +1,43 @@ +{ config, lib, ... }: +let + ccfg = import ../config.nix; + cfg = config.${ccfg.custom_config_key}.programs; +in +{ + imports = [ + ./qFlipper.nix + ./rustDev.nix + ./uhkAgent.nix + ./tailnet.nix + ./ssh.nix + ./docker.nix + ./podman.nix + ./incus.nix + ./flatpaks.nix + ./virt-manager.nix + ]; + config = { + assertions = [ + ( + let + enabledVirtualizers = lib.filter (x: x.enabled) [ + { + name = "docker"; + enabled = cfg.docker.enable; + } + { + name = "podman"; + enabled = cfg.podman.enable; + } + ]; + in + { + assertion = lib.length enabledVirtualizers <= 1; + message = + "Only one virtualizer can be enabled at a time. Enabled: " + + lib.concatStringsSep ", " (map (x: x.name) enabledVirtualizers); + } + ) + ]; + }; +} diff --git a/common/programs/docker.nix b/common/programs/docker.nix new file mode 100644 index 00000000..c3aea93b --- /dev/null +++ b/common/programs/docker.nix @@ -0,0 +1,36 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "docker" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + users_cfg = config.${ccfg.custom_config_key}.users; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "docker"; + }; + + config = lib.mkIf cfg.enable { + virtualisation.docker = { + enable = true; + autoPrune.enable = true; + }; + # TODO add admins? + users.extraGroups.docker.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; + environment.shellAliases = { + dockerv = "docker volume"; + dockeri = "docker image"; + dockerc = "docker container"; + }; + }; +} diff --git a/common/programs/flatpaks.nix b/common/programs/flatpaks.nix new file mode 100644 index 00000000..307fff2c --- /dev/null +++ b/common/programs/flatpaks.nix @@ -0,0 +1,66 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "flatpaks" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "flatpaks"; + packages = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = "List of Flatpak package names to install."; + }; + }; + + config = lib.mkIf cfg.enable { + services.flatpak = { + enable = true; + packages = cfg.packages; + overrides = { + global = { + Context.sockets = [ + "wayland" + "x11" + ]; + Context.devices = [ "dri" ]; # allow GPU access if desired + Environment = { + XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons"; + GTK_THEME = "Adwaita:dark"; + # Force wayland as much as possible. + ELECTRON_OZONE_PLATFORM_HINT = "auto"; # or 'auto' + GTK_USE_PORTAL = "1"; + OZONE_PLATFORM = "wayland"; + QT_QPA_PLATFORM = "xcb"; # force XCB for Flatpaks (XWayland) + }; + }; + "org.signal.Signal" = { + Environment = { + SIGNAL_PASSWORD_STORE = "gnome-libsecret"; + }; + Context = { + sockets = [ + "xfg-settings" + ]; + }; + }; + "com.google.Chrome" = { + Environment = { + CHROME_EXTRA_ARGS = "--enable-features=WaylandWindowDecorations --ozone-platform-hint=auto"; + }; + }; + }; + }; + }; +} diff --git a/common/programs/incus.nix b/common/programs/incus.nix new file mode 100644 index 00000000..01f09806 --- /dev/null +++ b/common/programs/incus.nix @@ -0,0 +1,33 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "incus" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + users_cfg = config.${ccfg.custom_config_key}.users; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "incus"; + }; + + config = lib.mkIf cfg.enable { + virtualisation.incus = { + enable = true; + agent.enable = true; + ui.enable = true; + }; + + users.extraGroups.incus_admin.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; + users.extraGroups.incus.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; + }; +} diff --git a/common/programs/podman.nix b/common/programs/podman.nix new file mode 100644 index 00000000..8be88f92 --- /dev/null +++ b/common/programs/podman.nix @@ -0,0 +1,32 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "podman" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + users_cfg = config.${ccfg.custom_config_key}.users; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "podman"; + }; + + config = lib.mkIf cfg.enable { + virtualisation.podman = { + enable = true; + dockerSocket.enable = true; + autoPrune.enable = true; + }; + # TODO add admins? + users.extraGroups.podman.members = lib.mkIf (users_cfg.primary != null) [ users_cfg.primary ]; + }; +} diff --git a/common/programs/qFlipper.nix b/common/programs/qFlipper.nix new file mode 100644 index 00000000..823ef996 --- /dev/null +++ b/common/programs/qFlipper.nix @@ -0,0 +1,33 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "qFlipper" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "qFlipper"; + }; + + config = lib.mkIf cfg.enable { + hardware.flipperzero.enable = true; + environment.systemPackages = with pkgs; [ qFlipper ]; + services.udev.extraRules = '' + #Flipper Zero serial port + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="5740", ATTRS{manufacturer}=="Flipper Devices Inc.", GROUP="users", TAG+="uaccess" + #Flipper Zero DFU + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", ATTRS{manufacturer}=="STMicroelectronics", GROUP="users", TAG+="uaccess" + ''; + }; +} diff --git a/common/programs/rustDev.nix b/common/programs/rustDev.nix new file mode 100644 index 00000000..dd226fb8 --- /dev/null +++ b/common/programs/rustDev.nix @@ -0,0 +1,53 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "rustDev" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "rust development tools"; + repl = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable the evcxr repl for `rust` command."; + }; + # TODO? + # channel = lib.mkOption { + # type = lib.types.str; + # default = "stable"; + # description = "The Rust release channel to use (e.g., stable, beta, nightly)."; + # }; + # version = lib.mkOption { + # type = lib.types.str; + # default = "latest"; + # description = "The specific version of Rust to use. Use 'latest' for the latest stable release."; + # }; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = + with pkgs; + [ + rustup + gcc + ] + ++ (if cfg.repl then [ pkgs.evcxr ] else [ ]); + + environment.shellAliases = lib.mkIf cfg.repl { + rust = "evcxr"; + }; + }; + +} diff --git a/common/programs/ssh.nix b/common/programs/ssh.nix new file mode 100644 index 00000000..6b0cea75 --- /dev/null +++ b/common/programs/ssh.nix @@ -0,0 +1,97 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "ssh" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + users_cfg = config.${ccfg.custom_config_key}.users; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "ssh"; + sshPortOpen = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Open the ssh port."; + }; + fail2Ban = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable fail2ban."; + }; + allowPasswordLogin = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Allow root password login."; + }; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + openssh + autossh + ]; + + # Use fail2ban + services.fail2ban = lib.mkIf cfg.fail2Ban { + enable = true; + # Ignore my tailnet + ignoreIP = [ + "100.64.0.0/10" + ]; + }; + + # Open ports in the firewall if enabled. + networking.firewall.allowedTCPPorts = lib.mkIf cfg.sshPortOpen [ + 22 # sshd + ]; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + settings = { + LogLevel = "VERBOSE"; + PermitRootLogin = "yes"; + PasswordAuthentication = cfg.allowPasswordLogin; + }; + }; + + # Ensure SSH key pair generation for non-root users + systemd.services = lib.mapAttrs' (name: _: { + name = "generate_ssh_key_${name}"; + value = { + description = "Generate SSH key pair for ${name}"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = name; + Type = "oneshot"; + }; + script = '' + #!/run/current-system/sw/bin/bash + if [ ! -f /home/${name}/.ssh/id_ed25519 ]; then + if [ -v DRY_RUN ]; then + echo "DRY_RUN is set. Would generate SSH key for ${name}."; + else + echo "Generating SSH key for ${name}."; + mkdir -p /home/${name}/.ssh; + chmod 700 /home/${name}/.ssh; + /run/current-system/sw/bin/ssh-keygen -t ed25519 -f /home/${name}/.ssh/id_ed25519 -N ""; + fi + else + echo "SSH key already exists for ${name}."; + fi + ''; + }; + }) users_cfg.users; + }; +} diff --git a/common/programs/tailnet.nix b/common/programs/tailnet.nix new file mode 100644 index 00000000..bcbe53f4 --- /dev/null +++ b/common/programs/tailnet.nix @@ -0,0 +1,53 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "tailnet" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "enable tailnet"; + useHeadscale = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Whether to use headscale login server."; + }; + enableExitNode = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Whether to enable exit node."; + }; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = with pkgs; [ tailscale ]; + services.tailscale = { + enable = true; + openFirewall = true; + useRoutingFeatures = if cfg.enableExitNode then "both" else "client"; + authKeyFile = lib.mkIf ( + config ? age && config.age ? secrets && config.age.secrets ? headscale_auth + ) config.age.secrets.headscale_auth.path; + extraUpFlags = + (lib.optionals cfg.useHeadscale [ + "--login-server=https://headscale.joshuabell.xyz" + ]) + ++ (lib.optionals cfg.enableExitNode [ "--advertise-exit-node" ]); + + }; + networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; + networking.firewall.checkReversePath = "loose"; + }; + +} diff --git a/common/programs/uhkAgent.nix b/common/programs/uhkAgent.nix new file mode 100644 index 00000000..90a9c3a9 --- /dev/null +++ b/common/programs/uhkAgent.nix @@ -0,0 +1,31 @@ +{ + config, + lib, + pkgs, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "uhkAgent" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "uhk agent (ultimate hacking keyboard)"; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + uhk-agent + uhk-udev-rules + ]; + services.udev.packages = [ pkgs.uhk-udev-rules ]; + }; + +} diff --git a/common/programs/virt-manager.nix b/common/programs/virt-manager.nix new file mode 100644 index 00000000..fb837b1f --- /dev/null +++ b/common/programs/virt-manager.nix @@ -0,0 +1,42 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "programs" + "virt-manager" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + users_cfg = config.${ccfg.custom_config_key}.users; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "Enable virt manager/quemu"; + users = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = builtins.attrNames users_cfg; + description = "Users to configure for virt-manager."; + }; + }; + + config = lib.mkIf cfg.enable { + services.qemuGuest.enable = true; + services.spice-vdagentd.enable = true; + programs.virt-manager = { + enable = true; + }; + + virtualisation = { + libvirtd.enable = true; + spiceUSBRedirection.enable = true; + }; + + users.groups.libvirtd.members = cfg.users; + }; +} diff --git a/common/secrets/default.nix b/common/secrets/default.nix new file mode 100644 index 00000000..7944a479 --- /dev/null +++ b/common/secrets/default.nix @@ -0,0 +1,77 @@ +{ + config, + ragenix, + lib, + pkgs, + ... +}@args: + +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "secrets" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + users_cfg = config.${ccfg.custom_config_key}.users; + + secretsRaw = import ./secrets/secrets.nix; + systemName = lib.attrsets.getAttrFromPath [ + ccfg.custom_config_key + "systemName" + ] config; + authorityMarker = "authority"; + + # Key matches this host if its trailing comment contains "@" + matchesThisSystem = key: lib.strings.hasInfix "@${systemName}" key; + # Key is the authority key if its comment contains the marker string + matchesAuthority = key: lib.strings.hasInfix authorityMarker key; + + keepSecret = + attrs: + let + keys = attrs.publicKeys or [ ]; + in + lib.any (k: matchesThisSystem k) keys; + + # Any secrets that should be world-readable even after auto-import + worldReadable = [ + "zitadel_master_key" + "openwebui_env" + "vaultwarden_env" + ]; + + # Keep only secrets intended for this host (or that include the authority key) + filteredSecrets = lib.attrsets.filterAttrs (_name: attrs: keepSecret attrs) secretsRaw; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + enable = lib.mkEnableOption "secrets"; + }; + config = lib.mkIf cfg.enable { + environment.systemPackages = [ + ragenix.packages.${pkgs.system}.default + pkgs.rage + ]; + + age = { + secrets = lib.attrsets.mapAttrs' ( + name: _attrs: + let + base = lib.removeSuffix ".age" name; + in + lib.nameValuePair base ( + { + file = ./. + "/secrets/${name}"; + owner = users_cfg.primary; + } + // lib.optionalAttrs (lib.elem base worldReadable) { + mode = "444"; + } + ) + ) filteredSecrets; + }; + }; +} diff --git a/common/secrets/secrets/github_read_token.age b/common/secrets/secrets/github_read_token.age new file mode 100644 index 00000000..3ddcbd6d --- /dev/null +++ b/common/secrets/secrets/github_read_token.age @@ -0,0 +1,42 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBJRmpU +K2tCT1RTNzBhQlNzSHlIZDB4UFNCRDhiY1puVHQxN0QzSDNIbWhFCkdPVTFLYUcv +MW1FMnUyVG9xVE5KaVJQWlhFYmtaeGl2RGYyWWhtbEtTTFEKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDBNalFocUZXRkZxMU10L1pWN1I5eUlGWXlrMVNLazR5RExycnZJ +K3BsaDQKVlZCUjRNL1hvMXFjRkd1VGVZNUp3ZnZBdW1qMEFpY3ZhYWFacmlZZEFa +SQotPiBzc2gtZWQyNTUxOSBTcENqQlEgSWRpT3BZZ0pHOWZjWkszZVg3OEZaZld5 +d2hOdXpYZ2tXVThMb0FTK2ZEQQpKY2xXT1dDeEp1LzlDcnoreVNvSHdCL2dDVFVs +bUUwQlU4Y3pXV0F1S3RNCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBrMFJOd0xrcGp4 +TkpxTW1DZWUxc1BQVTc3S05scHEzQ2hVT1I3bWhQVnlZCkVZQ0dZMm82VG81Yzda +MUpmWjZRUUx3NVBwVTlUZmtaS2JJem5ETkR6eVUKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGhoSVhmVVNlc0toR1pBemk5WGp4R0NYdFF0dWFjVlpVcWRQT0hIUlNhazAK +czdFNlIydWFYSnBuTXNBQXE3eTZtUTBpUUJrdFFZMUZldFh4TXpVWEswSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgYXp5MElHS04vVlV2b1RoU3RRUTRCeFlHWjRLajFt +L01Pdi83YnRjNndWTQpFVDk2djEyVFVaUHQyTGliZDRFM0Y0Vi96STFJR0Nqa1hn +a2VYVFhzelNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBET2dPUk5rYm9wVHczaE0w +L2hpa0F3emZqNDBxR2c1OUVVNnBNeVc1SzBRCmhIWmFKTnl2TFFBRUpyejhEMFBj +cVR6RkZHS3lpZzd6MzgrQml5QXpWdjAKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFVk +cE1YSS9rdzBsTk0xNGtlRjJSV2llNVhYOUsvdVVFam1wUU82czNTUlkKQTdLcFdk +akErdWRrUXZET1hjL2J4UFJzdkNFVTlEUWJFWTFaczQ1VmxDNAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgQVNMandOOVFiN2xuQTd2MC9UUmt2MVg2YUlzcHBHaEJBWG1E +Y0srMU9UYwpGQnh6L09qY2JvL0tqcGNnWldkWUVzRHk1QVJvN1N0YlRVNCtlMlV6 +MUNVCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJR0RzZWpCNHNHcXBhQVErVUwxcG9t +K0M5RSt0M2R6SFpwYzB5MXZFQVM4Cll2NmJrQkMwNkFGbWM2bHJ2THhNbG9XS0dk +cmEzWUFCdXBLS1dyNWh0aU0KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIElaN2h2aHRO +bDRtNUlrMlNmOWVSYlpvR2VVeWRxL25vMnFjVUVmc215ejAKVlBmcTFtN3BUZXJx +eUg0eXY2S3V0ZklGNzFnK09yRUJacnZYUllkUzF0bwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgU1J3VG1lVDlCNmNVZ2hZbXI4ZDhZdE9jYnNkNHpQclpqQmdGcFhuYTBI +RQpkMnhjZlYrWjBPZVk0UGt5UEZmQzZoOUxSVG8zMVl6MlZCT1JneWJuWVdnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSA5RldGVWx4aU9ZVUNQdlJTRUVqbS9CajlnTEdR +NFlCZnEwSy9rRGNIM1RRCkxKN2FUQTBVbVA5SnVZSDlGcXFKL0M1NGhONFhLamF3 +Z0VNZ1VSSEFKSlkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIElkSFNJWnZ3WFA3V1J0 +aFNqN0RTQUEvNkRkeHI5QkR3K0RuQ2NnZTFQU1UKb0dKd3gyYWdPd0NyUEZDWUhB +eUdaZzIzWEtkNGdUZzZScWpOUzN6K2dCTQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +eGNINUY0UElXbUQvUklPY2c1S1A4OXh0UWRsTjFGUTg3dW9BM0dyTVgwNApyN3pV +eHhUSnAxZ1ZpdmUva0lScWJxNGFWZDRMdm8zd09kay9ORXdOVkljCi0+IDMtZ3Jl +YXNlCldFN1JnNGM4Vmh1dE5wZUNGOC9NdktlSEFnCi0tLSByVzE2ZHZSdXRxQTZN +SjRTNlRtUHlRL2JPS1Yxd1lnalFFUGlWR1lKTjZvCgfzY9S+Cm6zaEAcrAr3fsev +9enyx9OmVTIIZltr52uqCYbWcsuCkDjHtwR3NXiSQB2HWhNe38l4l2K1+HGcoS7i +2TMD7o9Jx6QoWLHgmrn/zXL/VKyOj5a7P530AMzdqcgJ4U8641VN0W7L9u1Cw5EB +Ujzb1rKthf+txuP04aWYit69ZBdH7r+VkOGghXngwvBapwFF8AGUug== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/headscale_auth.age b/common/secrets/secrets/headscale_auth.age new file mode 100644 index 00000000..867be94d --- /dev/null +++ b/common/secrets/secrets/headscale_auth.age @@ -0,0 +1,40 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBvbGZC +ZFZWZ2ZPWUlNdEZCSXBuYThubHpiNkFzb3Jldlh1QlF0UTZ0NHlZCjlHSTVrekQw +MDBsaU56Yk9IQVZaQWJDMVNoUWFlQmpJV2gyTXBXNEhNdDQKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDU0eDdqTStiUUlCUUcrYWhDWVRSQmxPNEIySk9NallHaVdNVFg5 +YXNPa1kKQ25PNGxjc1hid25Nd2R5RCttbHN1ci84T1pmQ0ZkNDM0R3FLbGdHRnRm +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgNjR5WkE4eUQrUGk1NHFMY3BjclZKWkd2 +TVd1QVNoVm96QkcwcHZmdG16dwpRQjY2V3dOOGo3VlJ5aTNLS0NqUVJ3VHNTWC8x +V05kbm5yQ3F0MWNFM2ZJCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFeDIrUWEyYjVw +QUdjSlBWQ0Y2N01uL3hxTWJiNkdCVkM3UTBZbDhBZWhNCnRraHhUb2NEMzJWbWl5 +SjJEenN0VjJCWlM3TXEyREN0ZysxSG9Rak9hMVUKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGxYRDJta0x6QnNkTXJnQmZwWFlRL0wrNS9EUS9TVDJMRFhZWDBUKzRWaWcK +VXlwL01IYTdTTTY4Zk1FOHBMc3E4ck1DZHp6aHhEaXFBWFN3SGErcjhmUQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgVUozU1kvVVJsZ0F2Nnk4bmZnUUNyTU8rM1FCRjFY +bWVBZWNNUFZIcFQyTQpzK0Z1SXVFQWhFSnp0UGs0RHJIQlZrUUtlY0ZFTjdwSTZS +MXhjSTNpOHNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBvQkd5UlNUakhGY0dkRFly +SU4vM3A1Sm5xNnhIZm5PUjR5WFNLZ1ZmL21NCk00M3k0RnNjL2dkRVd6MmdGSW1G +aGt1dmwxN0VTQm1zeklDN2MzRmFqSUUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFBQ +TGdvVjdEaEJDQ1FxbjhTOVdZTVdjLzJhc3lwdy83UHNyOWJPNk5ZRjQKMTdNemRQ +L1h6Tk1EVTdZcnFPRVdEZjhnU21hLzcrWk0zS05YSTV3ZGJQNAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTFcyc05mMnNVdWFDQWZUMGN6OWNZeGkrWlMyakV5RVhHaFJw +bmxiZ0lrYwozcit3dU84L0lVU0JXbVN3YnJoK0NPOUZKS3EvSkNPQ3FCWWhYZnhx +azhFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBNWWJtTlVQTUo1SFh4b1Q4Vk8vUHdG +V0xLWjRXdVZxVVl0L2JMeTBrdWxJCmJvNGJ5Q0JUR0g4Q0pISmxTVll0OHl2dTFJ +dlNtR1A2aGVTUEZRMU5Hc1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFkxendRYm0y +aEc5dTAwQy9pLzBrbUpVVlpFbnlDdlI4bGh0Zy9oMmtVWHcKNDZuaTBDV1o5MXFV +NlBLVzlqc0ZzOUdMT3c2SmRYV3hVd044bzZoenFqVQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgQ3VDSnNLMHc4N0dCQ0NOY0lscStpeHlKdXA2UGpqRVhjNDVzV0NCQUx3 +VQpkeU9FOE13bFlaQ0ErWlBFZ0VWWTVZZElQdEg5UFo1SVRSeEhqRnk2NEtFCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBaREtQS2ZsSmxSQml0bkZzd0prUXdvdkhBZzhY +VkNRZWZqdVNvODIxMDNNCkJVMWZUc0o5Q0g0Yi95czFaVkhwejh0QW5HcXZ1Tmdl +bWFKSUhITkxFYlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGlNcjZMWEdjdHNpNWNl +ZzlrNklvVklXM0tDMGVnRWhuL3BYV3dMa1U2ajQKd2owZXUxSGlIVUI3cFRxbjA3 +eWFhZXVudlBpQnRMTEVwZXhSSFgyOEsvSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +OXR4MFc0eDZQQ1IwclIxYm9kYk1DSkZBZ1RDMm4wYlEyb1VrRTBaNmpWNApwY1pu +RE9VTU9Mbm9Ea0twcnBNRUc5ZjdzYXRyRmw0MlVHZDZmTVVLZFBrCi0+IHwqflMt +Z3JlYXNlCgotLS0gNWpFR3lvdmVsN1V2WG01aHN2VjVUeDZORzRpRDZGK0RWTFRM +SytLcVZYZwrYTHZo/oozQZasJAFNVb3ZrSAjREvZzRRyz6Mj71Pj2H+dbFz9sZ+c ++B4DEN/4xfhm5FUsU2w8VCQ/E+186igURD2AyhUZxNFFVPUPJKUM9rY= +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2bitbucket.age b/common/secrets/secrets/nix2bitbucket.age new file mode 100644 index 00000000..0dd3a93f --- /dev/null +++ b/common/secrets/secrets/nix2bitbucket.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAxNHJi +QjBYYnZsZTl1OXRwUDRXSGx4MmJOdzhHZXY2NUlaQ0hocFdlV240Ckw4U0FNSGFt +SmF1aW5mM0lseFZDUDR1ZkgyRFdkbHYrUHdITWUxanBrWHcKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIC9vS1U5ajZ1MS9sdFZZbWs0cmlvc1VQRVNLZUxiQkRrS0xtWWx3 +LzMxQm8KdmU2V0pqZnNMajc4SVk5Skhnd0VQTmViMERIMWtqMEcrUGpHTXkzMGk0 +QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgS0FzbGFCY2xtQjdlQ3p4UjJjUVdNRGsv +ekwvcWhEK2o1OFkzYW1zMy94ZwpSQTlwRVlKb2x3SlR2QkEwSFlhRi81bGRObWhw +OU9pdVBJcWRyZm8xQWpnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA5ZGMrR0xRcXJz +STlKbGhEYkdOYlYzZHBmZkJHUTVYSndEZk1ab09Pb25vCmJWVDZCYmVTSW5nRTVX +YzFHTnRMeGt5WE1Ydk0vZ3l3K0NhckwzbU5kN2MKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHlJZG02U1JaZkVxVnhSc2VVZ21sdmJlMUh6eWhhK05lSkhES2J0L3JEUUUK +K3FacHVNbEIvWk5QQTV5RHpOU0tpYitJek96YjF1a2o3dTJmTnZya3lpSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUmcyWU94VEI0Vm1vUnpBWW9ieTYvQjFBM0hyY0ZU +QWZoaUFmSTRlTEFIZwpINEFkeFJnVVNINWlBaS9UK0V5aExoMnY0TDVjSFdITEJi +dzFpdm9wRGJBCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB0MVR0bE9tMEw2bzc0SHpY +N0JFWXFDbFJ3M3Rab2VtQUlLeUNUU2l1aTBNClNPTGpSTnFGeXpBcStjdnlmWllx +K20wdUVVVlZnb1FJbEdlQXVTWWpudDgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDF0 +ZFlkaTNOMVNsV29rREJpaUdXSnFuQTlyd3pyM2I2bUtPL0ErUm9wR3MKenNsdEhl +TDVjSmdQSXR4S1ZWR285RTF1T0hhNEg2TFZCUXAraFkzdXo3awotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgVVNrblluWm1Dck1yelpURWZoeVFjaUJFaXdkZldOcCtFVzJQ +ajZUTmVsUQoyUmI4Tmttc21HemZDTmdERFhxZXlpdG1RVStiems5cVNaQWNIM3dv +RlI0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyAvS3AwTW1kaUtlQnpjaXByQU1uRVM5 +RDgzMVhBSFRWSVdwczhxVXdUWDBFCnBDNjEzU3BUcCtRM2tDUVRBb0Jqd1pkK0Zo +WWJEb2gzaUlPTGRsZVlzZ0EKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHRnQndCVU9J +ZlQrdi81b2J2cmNzdXR6NHI0bW9LaHJqRlprTWZJM1RiRm8KSmpVQjF2U3BuVWVz +Y2orSlc2dUYrQWRYSHFPb0JRZloxZHo1KzduQkJycwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgVG9LQnRwemt5T2VSVFBVK21acngxMHRDNDNxQlFxZU92NzRuK2U2aUwy +OApXamtRUENLSVBBM2ZmSVNtWkh1TW41dEQrRkNYQndBcUlOQnU2Ky9BMzA4Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBveE5LTWhRZEhzeHBQVmo4amNBTzlHWlFVYURx +T3plT0lPaEpsb2F0RWhVCmh3aCtsU21zV0pYQzNmU3VqUXhhOHlYVEhsWDN1eHpD +UjRjVkEyTVhrVjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDNMWEtrbWh1SWRwVUc0 +Vm9uYlcvK01xcEdSWkZuZzl4eng3NjlwRXNPamcKYlArYXkxYlMybTE0UnhvempS +bmlncUJtWjVZMWdHY3VvTHNvdExib2lzYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZnJtVEdzL1RFK3M3TGFpVGo1Mi9aN1pLRS9TajQ1MlNqODVad1M4ZDh3cwpVSWpy +elZlT2dWTmhFaWJFUVFXWU5pT0dlam1jU0R2di9TUzVjUlY5b0RnCi0+IEJ6cnpI +NVktZ3JlYXNlID1YU3I8WkNjClRpZ2dHWkJIaVZVVkNwY1JwOFg2bTdzTnJBRjRs +SytLdFUyRldoTlpHSkRPY1ZQODRYY3RiVS9VNWtPeXBIc0MKeEdJY3UvTWdEZTVa +RXNvCi0tLSBLcUNEU1JhQnRCK0RMS1F3VEt1Ykl2MkhROG02NmY5bjVIem1JeWdQ +TXZnChn2UP3yo7fmH9JimBCsA8X6WLurks8pKMf5lb/yh92Uj+mbIz5R07Fpq0aC +nLa9VhNeQU4nYkotJUVPRGhBlh7xaVRoeaRfRy8n34TKNU+PQUFz6gv0OHkMDOKh +B3Z73OAJGaFAX1Q1SlM96ejHVMRdr8SNQao9QJvZq9EXyrejV1L8oS7cKHObfkEi +ylUPlNsH375zQ+rizYqO3jLBGNXpK3RTOX/3xadbAeccyBLrSaoE+eQi2nba2fSb +iLd6xNtltmDy4AzRwpmMPpD2EUlTV7iBCBlstK6v7k+VOAyH0PGIXTVUlHs8VORI +PHx8boVaGNn1b3XSD3CTflCRHxo7gSfXzcDEnfIbPsz97Z8GdQmV6fqIoWyWS3ZM +DFYdS7VBuKA7lUy9fu+UbP6OFjTu05rg35OcM6uzF6U4TVbKrGzaeyZzrokcXCbo +LNYJaI0FY+/bznL8/YqU/EJsAzgSZLApIzo3wLJhd6YK9Si17Lgf5N8sfUvHN8ax +naRZp7SlPmmzyhO82KwI8FXM7E+0mZ3CjfiEUmq9dz2plRGJaWCdMJ/SUv9EcTvG +Z/Uo +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2gitforgejo.age b/common/secrets/secrets/nix2gitforgejo.age new file mode 100644 index 00000000..9e9ac24c --- /dev/null +++ b/common/secrets/secrets/nix2gitforgejo.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBtRTlJ +RHRaRVFZZ2Y2Uzl5dEZXSnplMlpYdy9UVVdvb0dSVFNGd25rcHhNCmp3ZHFneUJU +eW1PaGlncUdmVHNWblQvbkVxUDJpQ2p2OFJFVGtNb0pZcXMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGdJOTRGVktSY21ob0JKam8zaDN0bkhIQjNieTVEcFl3aVBpSjhw +Nk9OSGsKVENrTkd4cmdaUnE2VWR4SU1ySWdvZGo3VnMxTFo2dklwSTFieUwycTdr +RQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0plOWVNNTNNTkxhSVN6ai92aTd6RFJ2 +WjFRMzdJUjAvbDN6MHVOMTNncwp3bVREblZMUE12WEVaOGpLVDBYZHdILzQ2UVBI +V3MwTTFwb2dwcDMxSFBnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2L0NONmxjcGFr +T0xaRnhHQ0FFVVlseUtKcWJZbi9ISlZIclVOdTRNRDJBCitWRDBvQXdackV6QTRu +S1FPeXdLZGpvbjhBYllVY0UvZ3JEWWQvMHNOS0UKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIG9XOEhybjJFclFKWEhQeDlrY0xVRHZOcHQrK2RWa0hsZTc0eU1qRWlNMTAK +cnpLdGRDejAraERuNnVlZDBVV202TmdlSVREMVlPWFhpckdPY3Q4OTY0UQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgQWk4Q25xSFZSbHo1NDJ5VnJWcVN5L2NIQi9SQVJ2 +aWtWSHR6azk3QmhEYwpXQUtjb1JZSHNuOFZHWFZYcy9HdktJVGpvQ2xuQXU1Sndi +YlRWYWhiVmd3Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBOZWtBQ2NDVmViYm9uZ2hu +akhMVzNlQ0hiNWEybVE0dTFwWGRpMlZGZlZJCkJncE1nTlZTaEl2dW90bERnQUhO +SWd5dzhYa2RMRVRFYS9rdkdEVTZIcVkKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHNi +OVZVblBBdVFuVE4xVGt1UzlMNDVtWGdBakVJaDVjanhmYWVPV3RXRjgKYTBOREpS +bVowSHlySFg1QWJFK0pPdnZJS0VQcjdXdERRbmdsOUFTeldMdwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgdWY5U1BNTndYYWwveCtjeUxHOERGTEhMMXlSSEpyV0gva2pw +ZHNzSTRsMApQSm5BUmdMODZ2YmVaaFNxQVFaYk5KWFVEOVoyQjBQQzBxM2kwZEl6 +eXJjCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBVbG9ONlVPbW1QNmxENGJERGs1VEJU +Q0FhMlowVlZVVG8veG5tUWt2T0VJClJPZUY1T00vZitSRmdhWklrY202ci9yRG9M +RDRiTGpKWis5ditDVjJIRmcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE1SY3pidWpw +TmVNbEV0ZXQwTDkzdEtkbVIwd1BrSG10UVhBRUY5VUt2eXcKSCs2VEc1VXhXWXBY +UHdRVFVtaGJUK2tBWWYvQTk5V1dEcDVReFJ6WkNJdwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgVE51VHdqeEF5ckRqTUVGWGw5SGtkRGJCd0xoZzdNbDRUajZPdThCQk8y +cwprTW9tU2Z5d1RVRWNkR2M0WWNCRTRwb2VWcDNQdHFCWDBHZDhINUduN0djCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBOZlB6aHRWRmthWkpuekNza2tBUzRiNGFkSTUv +WVRNRGFKZXZ1Sm0rUDJvCjV1dzlyTFZxYndvZ3BKNGU0K0hwK2VhSmNYcmFHZk41 +RTlscS9uODR0R0UKLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9sLzYvYnVpenRFUlZO +cTVmVnBpLzIwNlJrU0xYOEhKWStkOGRDU0dkVFUKbjlVQTlsRnBCci9ucUNMNkJC +WWpueFlqclA4YVc3RVpXeWZDQ25mWEE5YwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +bjJNa0RIcGZWdkxCUnBsU0p4L3lwUDdia3Q4L0Y3cllYVGJuQ3pZcjV3UQo5SGxu +SlQ0cFVOM3ZRZ3l0SkdVdk5vY0NLcVUrRXJ3SU5SekxaM1NWYy9NCi0+IEdTTEFp +OSF6LWdyZWFzZSAoJmR3Vi4gU3A/ICNuLSA7Ck9ZSjhhci9nVjl1L2dIR0twUm1i +NzRSOU1DM2Rwa3RsYnp4ZQotLS0gRGVpRXZiS2Vlc25HN1M2M0kxbUo0Uyt6OHgr +Q2loS1MwVzB3Uk9mcTd3MAr1KliXDwBENE5rxqhvy1XX1d59XdiWeqCepnPm78ET +YbVM6FN9H6UBwiwClc+os59UY1lxNyjvefVOfW4V0Jpo2f2aFWdsJxoJWSdomKzG +N2wQ4Yq8ESeuz4g7pwxWB3RsTr0w6Rnzuf7D4Syg9rpX1pqVinFhLOki1aK3ZIdk +tqhjkKFgWQbBM/6540W14uw1fPTIcdX8v5KHbTc9XyNA2MHamFc1GooYduqL6Ylr +ij3hM7/z+TdXxGu3+kqs3Yh5MFd+ePB+LFgAqiW3gv9nD5RmH3s/x8Oip+RLpoTw +7fwo8wgHByoDK6gz2SAOZ2Q/Px5YBqivleT0oVdrd/quLN5lU2aQt3OANTxzF+bP +DaAWwv/7pTaLB7lyqCTSw+C+UmgVXmnOi2MO7ex3tImNzwGVQfZG9mc5k13ltwsq +uxC3T9l8+fuo4iFUwCXfXlm3ZmcIcpjYE6rOlV4Y2EdmwwvwRhMljWf2OfNHlq4e +hLtKvsHf7+pMAX0ZsZMig6KH09V/RtGUr9KBWVG8CABPnPJBIzlGZPJdmO+G5eAx +cEUUkJzlcSCF6SDo1zG7QcT7vRSX4FjvOY579w== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2github.age b/common/secrets/secrets/nix2github.age new file mode 100644 index 00000000..f56d0f8f --- /dev/null +++ b/common/secrets/secrets/nix2github.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBYU2N0 +a1MzODQzb2JUbjJyQ0xTbUxlbjhJOExjNm1JOFd6bDNNZEp1TlJ3CktCUXFwWTJ0 +cUZVUldoRStJRHc2cjdwa0szQ0VPZTBsV0NiK2ZmQUQybW8KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEk0R0lSUitzVkRQb2hQamt3cGdQK1ptYXVkUkdXb2w2N3VsY3hY +emdNM0kKYXhod0FVMzJ4dFRCZXZBQTBJcFc0RWRsZUdqV1FkSldkVHFnbU50VlNx +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgaG5Fc0VOUHdJWlFsRGtOSEwxM2RHZHdh +anVJZWlOZ2dBRStmRkc5WU5nTQpiQzRwMnBIVHJoQldJeEdrOGVha1phbGRKZGZW +SGZiWUV3Rk5XdGxUZjFvCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAzN1A4amFYM3Jt +UDNidlBaRDdpSTNLb1dmTDY5VDArc24yUWcwVGwrenpnCmoxVnlEMTFlZFhEeE92 +ZHJaeFJCY25sWTM4NWFnQlhpbCtodWZyeTVoaVkKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIENONGFuM2ViOHRGa1gzQS93a1RTaXkwVFlYd0tadG1nOFhra0VHa0Jua0EK +OElXcXgxd0FuVys4eUZwSXA2eCthRFNRTWpmSDFLU0FqSVlCUDJSNVJCOAotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgOUtUeUFubGN2RUp3eGM4d1J3ejFaSXdaeWg4MnBu +VVNmUE9VRzdUNThtYwpVazRGNS9GMytrOGdBSVJhcWJ3TDNDUWVOMHFBd216a3dB +UkJmNmpSSkZNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFaUVFcE1aVnNrekwrZjdN +L2ZYZ0JreGRRM3FkYnFzdlViVk0zajE3ZFVRCjA0OUlLczBmaEJMMC9EU0k1K1Vq +Wmk4eC9wbXdvWG5UTlNMYlBiSTN2RVUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHdI +RHY3U0VuekdYOS9FUVhBQlVtUlNQTDg1dEt3TnFzVzMwOTgyQktEeWsKRC9TUnJJ +cytpaTRGMm5wcXFuSE5ReU9seGFUWlBSa2FxbHQ3eE9Idmc0YwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTmp6SnhHV09BbzczdmVoaCtnOFdYaHorNWpmSDQwVmtJVFFx +Z2FTTnZWVQpnK0lTem9uTE9BZ3FqdVJ5YThmZ3o5RjlZNlhTUW5Zc1NsM2FBa1gx +RGdFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB4ME5DK1BQUVFLcU1tYVZadG9hRVlM +WGFnd2lIVVNXSTNkZnhIaDNNSUY0CnpiUEZKeTVHTkFyYUdaeU4rWE54RmIxVjhC +NVkvQURrY1N6b0doN3MrYXcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFZraHhvbndT +c085d1BFeXE5bGNWcitZaTBKdVduOGtPeVFRam1aWVpyQ3MKbE92VWFqVXF4dkZo +dElDN0p5S0xXemplSzFWUlJaZ2M3Uzl4UlhmOHllUQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbndmTFpuR3o5QzZsZzVBMzBnUlU5UGFoNFIrc1dYUmdCdHhYa1N6d2JG +awo5amhkT0p3YytiRmFLc05GRU1hL3FMbEppd1Vpd0xCbXE2T0dLanpTQ1pnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBUQ3c1Rm52cjl6ZzhQNTQ5R2NEWTlWUlVNWVJ3 +VndHUmg4eWIzNERGZWxRCkNRZk43YWUvc05nYWtFYVlZNjBQbnNhK3RXTjZJMkU1 +OG1hcUtoUDQyUjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIHJGTk5SYXlKZkx5cEVJ +dUJQTVNkUWVkVCthU1c0eDMvbGJWN0dKU1dSeU0KYUVQMTFSNVNnZEFxV09UVHJm +VDhMcElMZ2NRQWVKSXJITU53NlZwK2dPWQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +YVgyMDhXL0RsaEFxSUhGTVh6c1BUeFgrd0lMUDg3blk0a2pocVJMbVZnRQpBb1hJ +c3pBOFRXMG9kTEt1Q1IvZW5GR0F6UTNLU3J6QmxGWGljT1pzb0NBCi0+IHN8OGhP +LTVaLWdyZWFzZSBKcTpVVyAvQlZYawp6bHZOYWpabVJhN3BNVEpQbDRWbUh1c3BP +UXlsSzJWdUdPMHpuWmF2QjNQd0ltUQotLS0gemVvbWt5LzErUlpmZXFxQmpMZFVq +czhiSVBFQVBVVFo2Q2hiaXNWQ1Zwcwrm4hQtiHjacGXqxDf8QBf6AdsiCFad+cAu +RA/fKJMnq8zc6NUDkvEAxrWxFLpLD9amqaxgh5889mWstPGaeCQEcWfjO7jl2jsM +duZsH2rtqfsaoWI1tsUiVKGtgprkI1TBwbtFYQ/aC+1AzOP4rnmuu4T/kIDbP+rn +SlILVnc458dAsDIUO0vYzNhy7z6oG0Nf6TnPehPocIakRXoLSN0d7fYmC5GDD+8m +v0ucVjpVlyXCyOHbl6COgLmz0HglXaQba+K1ZFWJJXwB3Ej/wYaS6r5rChe9RKJJ +tlCCDfOmUC1BgNH2PbPsaDwVmPe5itsAoJrzvq2mR5ho6kTX0dAPnu6A50G2TkTq +7OtmvcjVarHKO5mRLSaGKgBnxcdI9MPvKdLKb79mBgmp7lWbKqOfQL8W+mfdxWjI +F6DEPQ478W7QF5tIWYlHsDS4R7hKr7DPBxGLZEhKUYl6UJd8BietDQ+Pti19uoiC +1qwFIGoKGteEsW5HHfvxdp1hdboVoOh/MzwpksNqMOZIhS2aAr2EKQsUBB5TLL+v +JdEKGcLiRuxqa/6mVuEw2iqUfSBK+A== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2gitjosh.age b/common/secrets/secrets/nix2gitjosh.age new file mode 100644 index 00000000..3abe0119 --- /dev/null +++ b/common/secrets/secrets/nix2gitjosh.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXQXoz +bGYwc2NqNDBVYzVkeGxldnJxbjZ6elgxUmFoMFhuK0pvTTRLWkhBCmx4RUxONTYw +VXZGZUtQcnFaRXhuODNQQjhCRmFtOG1TQzQ5Qk5ua0RNQ1UKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHgyQjZBUjVNMTV6cG9LNE5NSFBMc0xid01PQUEyeVd1ZnBEaUVM +Rjh4bncKVHpqQ09XVk5od2F1MW1namloTUVMaEpuamlZcWIxRmsyRVIzV0RYZGxL +awotPiBzc2gtZWQyNTUxOSBTcENqQlEgN2s0Zmx1YjEvMlIzdElmeTcycEpNcHNJ +UUM4RzBaZWJEYTNUK29vOEdHMApkKy9SSk5PT3ZaQXQ1UGFCUFFvVE95V0tBZk5v +UlR1M2tEYWtMK1hSU09JCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2YzQzQ1J1L1JG +MXFjbzE5eUhnZDBjNTJGOEZwOGwzSmsyRUZhQzhtakFFCjVQYzM3VlpWR1I4THd3 +Ky8xOEd0UE1hVjRRS2RiVmUxbkpmdGxLR2RLcWcKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIG5ybjFTUEZ5OFhpUkpVdnZHNnZ1eWZGYnNQeFFvaVNoQ1pVaXJ0ZkNna0UK +cUx6OWtid1FRaTRLMy9EaGk0K2NKWE00UC9Ec0FsUDJCODJzNG0yYXJPTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgdG5DRTY0QzU4MjBXTnFWT0NiclJ5M0g3eG9HVm92 +M1RIdFdidm9hVlpsTQpFZEd6QVFjY3NLOWVXeDFTdXZPenc3L284bG12V3dIVzRB +QUZ3ZmU0VldRCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBHQm9ObTBXWUh3YkRSb2VW +ZGE0aGFYM3RkbURpYlRTL3NMek5kZEpwcXprCjFHL2JIMFRKVitiamRSM3dHNzlj +ZENNZHFIOVdLS2ZOb29RU2FKd1NCWTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIG1z +ZGpQQ1ZDSVdLVE1EVUFRVW9RZ0QwbVJPSUtIYTcveUdBaGIwb2oxbVUKZGRQcHNB +WmJuN3B2VGVlUEJLem9ja25wSjlreXpCOEZUUnZnY3F5YXR1VQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTmtoYlhWL2YxZFFheEVCbWMzOFpwendzaFZsOEIvN3VzNjlZ +cXNsUUduQQpacFI5ckx4TGZPRnp1RFM0SHJlS2hLMnU3NURJcWJKTEZscEpLVU5k +MXVNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyA4dFFyS1h2bWJFYXZFSkpaNGVkam55 +RXMzSW94NXZTVy8rRHBWOGl4NVFrCktPVWI3VUhWZGZtYlNaVm8xTHZiTk9FbWZ6 +OE5WYUhaTjAvQWFxWDdyQmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHZYT3dNK2cx +UFpSV2dabnhIcW5HMlYzK2UzNEorQ3BaRTg3NVJwYVM3MlUKeVJqaE93N1lLdkg4 +UU9VaWRpeCtWQ2V1bmkwMkJvbE56U0lXcEhMVE81WQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgMzJUS0hEQjlNTUEveGxXdHZGVlY5ZjNrZTF1QWc4eEhiUmVsUWRBc1FV +awpkYXgwL0E2cUNvQzRCQlVHQWM0djh5RVJ0SFl2R1p5ZzlEZ2lZV2trTit3Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSB5bDh3ZTBqWE5wNWdVczhsaXFJaXdEZXVBSzND +ajN3WlRVcmp4dW1FN1dzCkxMN0wzV3BIdHRqYXhmSzlLWE0veWJHVlNBOWFncFZ1 +M0x0MWY1dmM5TlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpINTFDeUVTbCswN3F3 +QXp4eWMzTUdPTWFGeENOWWhkTTl3WnRIdk5sRDQKWk80VFJGTW5xdkwzMDdaSGFW +ei9RTTg5SFFVRktFYUlPYjNOT1FQSklZRQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZVhldEpReS9jMDRzcXhrZVRhSGFCeWphQjBUU3JiUVVYZnc0d1FUNFUwYwpLenBY +YXMxREFRRjZZTHBIUUwxQVplL3J2WGszNUhXSzhZL2hDNXUvUnI0Ci0+IFUtaS1n +cmVhc2UgPnMjfCFtCjcwT2hGeVY3b0VBSTZIZkI2bEVSUzR0bzNQQUVjNkpYZTJl +a2l5b3FNbmpQQ1F3ZTNDTUE5ZmNBbmhzZE1uam8Ka3BqWEtQVEIzOUFFQlV0TUl0 +QWgzU3QwdlRTWkdUWUNRRlB1Ci0tLSBaeUtEanlxcDV5Q0Uxa25hVnFiVW9KMTlw +TElTNVdoWmxlWFNsMXFlY0VzCpnuSzzkIeZRg56GdBS2gOTaXV70O7kR/9F7deO5 +XJOWo7ES0V1Y3WqNHmCsWHiqHj/yKT3JYBPd5p8tPzW/uwO/4KKfqaG5xY3l01Uk ++zsFTkQh5xRP5vtQ5Q9ztTVV3hp4QLVsBLSwGHMiJyL2BGawLD5OsSehBQ26nU4x +gmE2ZP8WWm2dCTGJBf/JQ7rl7+G54GRK6akWRCT+ZzL9OMA5u3dgyvE3w5Q04K34 +sY8WJIDaUm/Gr6JB3gHTfHaSsqx5NE69EZ2we4qdUW/ATeIa42NLPOYvShGzJdNO +nWC1vemKsUUDR1KzfoZ6W5KM1Dl6f0IzC2e3gAztH0FtZO47is1Lx9jsbVN/FRh1 +aM2bk4LUfsH0CtVqRxEqVg1gXzB+ICe/K4xU8OB1g7uzTYS/rZc1KG2sHJ0fjXUV +m0EdIMiJi4uTltakDrVGBKiNhQAz4V6t/kKkONvFg6wFoVzgm3kOxfRcryWfF0sc +VDaa0kOnDFS/MuIsMENJ0XP5mTO/BQERY4m423nY7hH4Ud+kU9k8zQ3gdNIGwCEK +1j0P61nlu6Y4lSO6UaNgr7xl +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2gpdPocket3.age b/common/secrets/secrets/nix2gpdPocket3.age new file mode 100644 index 00000000..206918ca --- /dev/null +++ b/common/secrets/secrets/nix2gpdPocket3.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBGdVY4 +TnVkZlJ0elRhQkRSMnlXUjNNb3BQQmVBbmhYYVpqOUx5cE81TXpvCmNYUG5rTjlo +RmpNQmFtZlBwWXY1eDVzOFh0T0F3d210QWRvOEZnN3VyK0EKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHd4TmdIeWdiTXk4QWwvdURNQ3NtUlpNZWpnT2hubUk1RTUvMFRG +MUtEQnMKTEZBV1dPOXlQOTNSNVZVcXUweWZjc0RlQzFybE42Szl3WkJCOWszMHdN +WQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0V5bUpxNTVNQXh1UU8xYmJLWEROTkRr +UmtNOWQxbllTMW5BZzdNR1JpcwpCMExaYmpNbW5ma3N6SHBDR0lZdHljNDNlNHlM +TTJrTnpKanIvYldhcU4wCi0+IHNzaC1lZDI1NTE5IEJZS0crdyB6UHBMWXNCZ3ds +S1RQL25SdjVkRElKMjYzUXFKV3cyZFl5VlhvQ3ExeUQ0CkdGaGZrNGdZZ2ZsTUsy +amVPVjhjMEg2ZkM1NnF0cTZFNGhFSGpYQzRNRWsKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIEN2bWhSc3AyWjlXWk80NTVpbkkvTllWbnJScS9XWjQ2RUd1OTkzMHRzZ2MK +bzNETWVrVFdIQ0VvUEZSY0N4T2Nqd3c2WEZWS3JqZTAxaTZBaTlmOHpZQQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgQUsycFZocFZPdUxQM3MrU0o1OGE3Rjh3SFlNcXdo +MExnb2hBbHdoTk13QQppenB5THpDV3VXRHdZYjJJc3dPUW9qcFBydUs4ZXA3Z1JO +ckl1ZVJjNzdNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB1MzRNMUwxb1ZESWJrMVdv +RkMzOGJHYnhnOFdHQ2Y3cjAyemI2bDJoRUIwClpnTys1eEFlNkZ3cStndjFyVFZF +eExaQ0JDRlhGWDVyRFNPR3lBRUdITkUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEJB +RkJ2QVZsWjdqQW1TeVpCS0tpSTFiZDVYOG5ybG5rMjg0SWVTRnlwd28KZnJMVE5C +M1hkRHc2K3RCZFRjU1ZyeVR2YXhWT3ExNGVRNGRMU1NrYk50QQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgYmIwbXd5aXlFUUhJd1VORmxjb0hQWmRZb2lMZ2xBdXJaTmx5 +TEU2Y2wwbwpOZzNJQ2kwVUxBRVcrYjBOMWx2V0F0dWJCdnB3cXU5S2tnZmpQc25P +NnZBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBCU3QwNjdGYXE2RHZtNGtHTVdRbmsr +QzgweFB6V0xyV0c1NldBeGR1UEVjCjBKN2pJT2FJeFZUNDFKRnJMOFBWRGRDa1JK +UExOZkhwcW9WZWxqSGVwbkkKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEE5TFYrV0wv +MzlicXhsUHNoblUxa1FlSFlmMUhnYy90OXROUkIycWFFRTgKclNPSFdtVzF6Mml2 +KzJhK0hmWDIvUmFlSGVLQ3l5bElLY2N4aWxkNFU1MAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgOVkvd3dmV0hhUmwzQlFBOEs5a1hGUmMxRU5heFNaZWhGcDRYdTd4ZktW +NAo1dGsyMUFlV29hOEt4R1l3S3Y4NndrbHVUR29sSkMvZ0R2SXM3TG9MQXI0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBTclIxdXQycVZlckR6aTZvSzJxY1ZmSVJWNk9j +MWJBYkp0ZUtvNHR5Tnc0CitlQzZDUWw4M3JNSHVkQ2U3MTdtTFBGTmpLenR3SmRw +NWFaNzFJSHZhYzAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDcyU0ZjeWREdFJrTEdk +c2RGY3Q3cE0wdDh4SGRJUVAvSzR5WmFENWQvQzAKVTZraTduUVg2RHlEME9CcnVq +MFpCbHBKVFNTOG1aUnNIWWJHUXg5T0k0UQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +YSsrbmdVOHplU29GTzNMNVh2aE5OaENXWHE3SlIxa1NuVHI0WEV1SG5sQQpuQWJP +MnllQkFSMDd3S09DNXhxU0pEcEFGRzZabGkzTlM4ZXBNWlRkMU4wCi0+ICEtZ3Jl +YXNlIHlEWmUtSzZeCm56bkR2UUV0OVJGNENzRWt0M0NQSG5acHdQazJFb1JFdGdq +aG5Lb3BtTUF5QmtKaXV3YVJOTWpMdnRodUx3NkoKNmpkeGw1dlB1NmFpUk1RbFEw +dwotLS0gc3lycXhWZXBmd0srSjhPTW1vMmN2REs4TWI0VUhiaEt6ays0akJQSkhs +UQoyTVD7Gbo16BII9fA/kbWQA9cLwAIJC2eJldhHa1Z+/nCLTYoolHFvhDF1kNNU +Q1VUi7Hwh3WfIZ5U9S8Bb1gtesAXrjAVoa07IuuELmY8P1aVnhO1Dh1E9bXhvjs7 +T9Qz5iA0R/IcMGzP1khAwda9urAqjtqjgNJOO9tOnKGOfCuUDhsPVqCZAfag4MeB +A/UbjmKvQuoMLnx4r8AdZB6hEC6OvT0d26e1EzT7o4C4nXYk4+ocvNY2kp+9N8d6 +C5qxI5juVeZenESlAxQKqaih6wUI5Hb7vlbMM3LvQqmSdwspOCYvji34LTzE2Vl7 +fTb9us7PpueVWLfzF2ea19B2CNZR6VWJ8d2WNDSGhoq80H5k9fawhq/PzgB/CLzB +dArCKrT7pL/L4oQVXuRC+2dKSmOm+hlrWHS1rwWEbgA7iQV8MR7eaHjUKEpRYC/W +0oSyCsBNRTJrTQEZfknGgIK9dAKM2Mx1rw/1AbPrtcJe7aHI0R1wK+bSgXOrYgWX +78V0+RseYYzyPgb6LUwkrA1MAsMp3NqQFts50DZ/x5ZBrKGWyEWO96Sg6oMCz+Gh +2S5P02QBaoTSyuhHpg== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2h001.age b/common/secrets/secrets/nix2h001.age new file mode 100644 index 00000000..07148ef9 --- /dev/null +++ b/common/secrets/secrets/nix2h001.age @@ -0,0 +1,48 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBqZkZV +ZFlDOTkvSkM0NmFlOHlIak5KUkdEZnZJRnJOQ1hLc2pkc1pGODFvCm91Ulc3aEkv +NTUzblR2ejRzM0I4TnoyYVlkQTk4d2RNSTRUVDJ5bzQwVnMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDlwQlRHSS9Nd1VZV1BRRUVRRTdjWGdKQ1hiRitPMi9KcW1JMEts +eWpnVFEKZ0thUVhWbDZxSHY1eFQ3OHl1R2JzRDFRbkpnMkVQRGhUYi9oa2luaEtx +MAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWTA4bTNxL3E2Q0h5MWhnN0x1a1N2NWRI +K0JteUdIVTY4dlhtc1JYQ0pFTQp1Y05ob2hRcVNhbzJpSE5ReE1hN3BlTEsvdUtJ +STVRdlZCWW8vQWhOblhjCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBRYk42V20xZS84 +WGd5NWs0d3ZmcVdKNWU2NlBrVjM0OEdXRHlVaWRORlRzCjBZQ3JaOVFYazVDeHBa +RVhieEZJRkY2KzRSZy9LOU50VGFiRWtsV1FyUUEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIE5JNWQ3SHkzcXpGZEZVRVRZZC9GRVRvWDVvNHZkbGpEMTIzUjdNME9YMEEK +UytTTVlUUUhjaGpVZ1lYV0ZETk04elYwZ1FUdGVlMURGV3JwM01qK1M2bwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgRkNvUjEzdVRvbUxyMGQvQXlTU1NTM1NWd2tMdW01 +RE1zd1ppRGt6QndoTQpJckl2VitBR2poRHhmV3RWSXN6amg2aFkvcTd3aTRIRkxU +SFBMSkVERG9JCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFcStmN29VTG1jTEtiMTho +V0hJUWFxemRrNnJxL0I0T296bmlvQmt4eEdvCkR0MFFORzExZlhDVXpYT0VlQ2xY +SklsRkFMVDJzQkpPemQwa3NOYUg3VVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDdF +YXNFY1F5MElweVhtQjdkQTAxYWo5Zkp5R1VoQ2s4dkhnUmRwV3R3eVkKQlZ4dTNS +QVlkR2FnR0pyQTlhSWRQNWtnT0dCbTE2YThiZWV5UGdUNFc0MAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgT3luM1VmQm9tSG5majdWeEh6ODBLSm56ZFpSTUVmYzY4K1M3 +RSt3cGMwcwpLUWpGREU3dFc2NFFtNVZGSDIzem0xZGF0aXVhUHFhUEIzWGMzUDFT +L3I0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBwUml2WFlKSFdnWWw0YXczS3hvZ1dH +d1BLYWNpL1plYXhldDg4d1BHYjJRClZzNkx4S0ZYY1MzeU1aU3d0TlBhcHVvNlJn +NDN0Q0wvTCs5eS8zTnFaK0kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDAzRk83R0Zw +ckFzZjNuSHRpQjA2cEsvTnRKdDBRT3hTK1krWTA1Ykh0WDgKWjlEN0NlYjYwb2NH +RzU2N1lzWjI3eTlCSXgyZUIrY2UxUzdwRVY1a3FVOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgYmNEaW9ESGVaS21NQWlITmMrbWQrekxQZXI5SExYbE94ZFhNcWtxSzd4 +OApkMzVTSHBSR1BLS25vaFUyaXZQZHE1cDhrTmZENGZNTElINUxwUzNONzdnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBqRXVCUEdEY21xblVXV25sTW5FTkxMTTJPL2pt +U0VDV3hZRC83TVVnelRNCmZXRnYzS2NqcDNIV1k1WHFOVy92aURVVStDQU50VmZl +T3lSZTNveWpNVEkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFc2c2lrVWZpbCtXS1Jr +TFI2RFRYM1BNWEJjeFUzclpXTUF2OGE3MmFNSHcKV0dHQngwRE14VlZRdDJqTHhQ +dTMyL0JMN3VRWlNRTVZka3VuelF3QW92cwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +d3JwUyszcTl6TU1XVHA0d2RNb3VPa2I1ZzFqdzJyR0ZTTTIzNi9VcnJqQQp5VHVh +TTBjWXgvb0daeWN0Ty9DTytRMkVES1hBR3M5YWdEanlYdDJSdU8wCi0+IF99LWdy +ZWFzZQpnZHBVTGZvYm1sWk85SzVOV3FOZkZtM3NKNlFLdUxDRkxBTQotLS0ga2JS +NGc3N3o1YjBOeEl0L3NVZVprNDA3VFpJdmt4eW0yYnJ4VWdkdXBoRQqosYCeWC24 +SETTy8dVYTN0kWZBhYxUQDb6mhHPZrLOmlNyDeambLNwpoGHGpxUy1vrYL5cOmBA +pZ4lLKvAvm+lj7FCqX7+uhQi5FohVTm9bz1IsJcId82yf6lLjc4p7M+ww6icM0vH +DHHsZ2ecQiJKOvf8BUGgAxBkkdy0MWVRAAtOAqadBRtaGB5902FOI0gWLyAyFqlk ++P/pHRfob8PlnWb7MTYsUVgIBtbV/hIcpSx7BIsPTsdr7yFirhfoC4giBMT//2Mz +e7NGN2bX93pAUPWK2P/k3geArT1zJoFeyOpkyIhnfeXaA8WKb5juA/Rly4aGUJO0 +oQKJkNGg3DPQMAEwwaijjuz19wd3o46o5la+2L/Yx2fCPDcwOyYzh8wVdc2eq6Ab +y3y1wlFfMLpsuBSENnCQTPCWimTOk2lPUKEjDtLXCtucwyd/fzjHCjF1iR5twVrw +id5+60bFV73v2QsQ6+qnNRj2Ea+LRHA48NtQH4Nedv8xlhgqkR0tD8mZc6Xo65MT +1Lj9suIPCf5L/j7GiX4MPDt/uptHJEckGMEo0rrwINBps7K7XrQLfw== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2h002.age b/common/secrets/secrets/nix2h002.age new file mode 100644 index 00000000..c69d953f --- /dev/null +++ b/common/secrets/secrets/nix2h002.age @@ -0,0 +1,48 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBLNmRV +NlNNT0Y0cTZVY083b2U3K0tORkdxR0IxNExrL2EzWmM4a2hoUkF3CmlDWmVaY2tV +OVVrYTBXeHpIM1lkOVBPeG9qOW0vL0hmSlM5OTVjcFVNUEkKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEJJcGRpcnlSRGFtNzFlUWt2OGpxTUI1WG9zdzRZakpwUjkybW1J +MkdhaDQKNEMrT0VVSnZKYzZscWNBdkQzbXBsc0liYzI5bVBkZC84NnZKYzBtVEZ1 +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR0tSZVk3M0hBd3djZklhVmdOQk5lcXpm +d2NoL2RrVk0xLzNxRWVIWU9YdwpXQk0yQStOY1JFNjF0ZWhkS1gyWGRhTXpkUGdI +RGlOZlBLMnFaMGVVSjMwCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBBZDluVnlKQ2FV +NFBpZDZJQmorYXVsV2lHMTdLRkVjSjZPNHhCUk5iSVV3CjdIU1RaaEpocDF5MHNj +blFVdGJjR2hwczNOZmpZdElXSURLd3hpQ0xvQncKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRICtWcXVMLzdGOE5xajlBaWdoMk5lL1J0U3JCL1dZQmxnOFpsK0Z2ZzFvbjQK +ekFWSVgxdjZjQlkxMTlCYnNPMWN4MW1YY0xSZFltSk83RXkyUmZBakZjNAotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgZDByMm1IanR4ZE5EUExyTnNNVVN1RTdTV1BJak9E +TmZYbEZOSHNZbFBDRQo5YTZjcVBrbTExazV1a3ppQ1Y1NUZhUUNqWWhLaTR3NkVx +YlpzR2xNVWQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNMEt4UFIwb21GOHk2c25j +a0hpMkRQVGhCM2NFWmNlWXA4SElZUlQ1TlY0Cm9CVVBDQ21PbU1Fd2ZCclduMjdq +aXNuZS9lN0dicElXckxhZmxpRjJDL3cKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHA3 +aTJ5VUJROE1PZXlGZjF6R2J1OVBDUWF0N09TNmRkZ0x0YStxK2ZTU1EKWDBkK3FF +c1FCSHZvZW5YMHBVSis5N1pRTW83bnpQZGY3dTlOOGNJT011ZwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgNFhxRTdZNm9OUm1zOGpadi9jckxOMnRhbzUwL09SLy9JRncy +TTlzWUVuTQpVdUFtWTZhRStkN1F0cEh5bU84YW45YmxtYzlXR2NOdTY4bHRZZWs0 +RjlJCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBXdWo2c3pPY3hmRmp5Z1FFdERUUzcz +MXRRNjI0ZVlLUzArRFhodS9FNDFNClZyREpwb1IxdG14TFFSVHlkTFNVOVlzS3kx +M2FpSkhReXljSytVczR5MHcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGdIeFpXODY1 +QkM3QkNkMllnWXFyTlBpYjd2SkI5TlNoT1ZxSldCN2xGeUEKaU9XSkQ4Tm56Tk9B +Y1l3OGozSVk4M2ZFejdwR29Sb0NsQ0xrMmZzai9DawotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgUXVkZUJhbEJ1ZnFKSWRaVUIyK2JCcC9PbDZjQ2VlTURWMzBOM1loV2hV +dwo3OFVtR1JldEwwSjE5NGJKUEVyYlBzTmJIYzBYSCsyWWU2TnRwaEZLeWM0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSAwTkpuekFzUHZmWFdRSjRnY3YweTlWYlRjOW1U +a1hXRXFPakRNUzdxVWxJCnhIYU8rUGh4dy9HMGUrVi9aaU5uL3djU2JrYktaaTZI +QVlMc1VyaTUxTjQKLT4gc3NoLWVkMjU1MTkga0hrMmdBIERkVmp6eDBvZ2dXdURq +WlNwZjJMN3FLVXJEa2taYWJjbVlLVXBsbkl1MjgKdUhtQ1RFS2Z6U2t1M1MraWo3 +VWFCZERRZXJPTjBNS1FkdFZtdnQ5T0pBUQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +TUpKaThiUVJWUEF4aHZQMXpkdER3TzY3cWxWV1BEbEd2TVRkT2Y2MitqYwpsbDU4 +U05mN0xmY3pkNWtiRTBPSVgyUUhBTTA5cDc1aFJEUDBjU2owd0VvCi0+IHAtZ3Jl +YXNlIGxgcisvJiUgXWVsIHZrIE4KCi0tLSAvREZvRE9zUlRIOHZpYUVWZ0pyQmlh +K2ZubG02bjRjdmxBcVdLVENIejlVCtydnNICLzNyabsA6H8fhwkySlITewQ0vFBQ +GvfvDobgKzac8kmjDDwiIBwRI+EgVznSecv+Oqi2sJaodIxGaYgvEh+FURMfYOPX +K95ykf+R4bAowyG66i+mg9vthJU2O4v43R4qN4+0CVrArqhQp+ywNERsTV/2pU3f +bTFAYaLaLihEFDjCy9+p/D5l33Ns54FYAtBtQ/Ut4VY43i9inE/qohM6vy1W1SgY +THW3pLHvB6WlZvv4uD+IXK7GJXkedKxIuH0pGWLTF28aIlWTV8QYlCYpqpqaYs4X +87oze8zgPCNa2xODkQnYUI0GX4Fg3vP1K6R4G4DtCOytZdDYXncEIC4+opOoNmfg +xuhjELH+eZLXXRRd8PPrPTWXQ9CjPOK20vwc2To3Oljt940di6+886j2vFEBd44v +A1cjFG+K4mQ9GvdAk98EgRVXasmXyKnRdc7kFym9EY7guZtoA0Bav7YCn2vMwF7G +yLmxss4Wa7UA9v3GF270M/fb6D5u9qcDG7v41wYSldfaqSDs0Vw1ZfaGBYAXF5v7 +GgU0MSWaFyHej5xq5UVTlMtWh2YR +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2h003.age b/common/secrets/secrets/nix2h003.age new file mode 100644 index 00000000..01a858ba --- /dev/null +++ b/common/secrets/secrets/nix2h003.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USA0dTdj +TDY2STIxTm8rbnNWS2J2VlZxcVRFYzdBRElDT2RUR1pRd2piaDFZCnl2d0xoUmg3 +OEs2bXNUY29RQWJ2WG9GMXIzZCsvcHRRUDFvRFl2elR0a28KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIFJsbjBZbFhEanBaSW1BOXBwbVQ5eUtHSDRQRzJleTBGc3BlY0dv +VzljVk0KZEg2M09TNVlvYXAxaEFaUlpkLzljZXVQUE53aEVLQlZXbVBpdEM2b1Za +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgLzQ0MVpLWXMvSXkwTnk2VWFrQWNtdVJj +bURKUzMrMmRqeW9TcTF4V3FtdwpVQmducWt2dkVPQklma3h0QVkwZk11cW9SMkxa +Ykp6amg4RWUrZEpFb3NBCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBDNjhjTlovT1J2 +QXFPOVZrQ1ZFWUV2cnF0eFdTR3g0M3VFd0dvU2hVNEFRCjdzR2hZR1pKUkpJL3Uv +VEdPNzE4TGtWRVpZeEROZGFNMXRtc2pFYTJoMEEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGlhUGZSUVhtSDBuaTF4a2pCbFNqUk8wN1NGT1cvbkVqUmk0cEVCTkhoa2MK +OGZGdlZBLzJCOG0rN09BQlFlTm41NVh1VEdZWFRjVTVMeFBRMXB5dktUZwotPiBz +c2gtZWQyNTUxOSBSNSt4Zncgc3EwWEY0dmZPT2ZnUlN4Sk83WkE1c0FldGhYclFK +T092dm9rQjY3TEh6UQpFQlFTdXBJWVY3aUx6Y3lKVDBGQ3ZHbVJqMm16R243Z3VU +T2lHWVdNMTk0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBuUTNLUGIwMzhKcVVyeUNG +NmJ1WkRtdS9FWHQvTGROL2ZiUmxmVlBIQWtZCjZJMUduWVNQMXVZRk1CbjhCTnFX +RkxoaTJuelV2bW01T0hiTHgvNTVZc0EKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEl1 +SnJKZ1Bwb0lsN1dTZ1I4YVN0c0NaUDVEd2c4SjNTRkw1d0ZpaTF0RHcKTzBabFNx +d0ZjTjNoemY1UzVBemd6QzNIQTl3b0N2WVdWUE9CV1VzcVVtcwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgbGI0MjhMbDFZblFud0U0Qi9ibHhSMlJTa0cyRHFJNW1tcnZQ +ZUNma0VoTQpuNG5ra2hwRlpneWxkTEgzQWlhMkRJVUMxR1RVZWZXWGloUEtkcWdI +RlFFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyAwNHF6Zmt5YXViL3o2aVVKVTNSakVX +eFpuSHN5Ty90bGI5K0l5VFVtL1NvClBsa2tRMm1QSVlBNmJ6T2JlT0V5cFNmV1c4 +Tm5nL1NiOWtGWm95VE1Ya0UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFwdWhWNnBQ +N1lYeC82NzNHZ2d3TzBzUTcrcm0wWGNPdEc1cUtndTZRM1EKTmxadlp6WC9BQzhJ +S2NIbjM4OHNpUGJiZkhOSXJDSitiNndOYm5VWDlCcwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgUTFOZUtZSFJRUkw0eE9wd1ZCcXd6Z2RvUFVsUnZBcWlSRXlHU0lWcVpH +TQo0ZUszNFF0NUdib1BpZ1FnM0hBUjFsMHdSTE1ma01OUHRIWXFUMmJRbWRRCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBocFJ1aGpicCtUTjR5dEw3RTNya1dINTN1emZl +OVF4Ykd2SmMyNUNqUlJNCkV2ekVCNk1uNEZiTlJYVDVsREQ2cCtRR3pVRVZZek12 +aTlLelNZOVVXZG8KLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9aT0pJSEZiMTA4c0Vi +dExPN0ZtT1BOY2ltNk95TzB2K0J6WEJaTUJ6bG8KdWo1OFpTWm1JWkRrWmhYUzRl +TUFJTHp5Mk9hVXZSNXFHM09IZHZOblpqQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZUpiN0RMRUhKM1ZvRWJQYVNCVzROckZ4SDY3NU4xb1djcUgyQW9xRnkzbwpOZ2Fu +dXNnTERuOHFoVVZGMUhpb2N3MDhRK29NVjhuRFhyZTdjL0orQXZvCi0+IDtXeHd7 +YFBpLWdyZWFzZSB7PCBcfkRZey4gI1d4Tn4gXwpIVDhGeFk2K3dOUkhBWkU3SnRP +THVSUXBWTVJBSlZVWERqL1F6NjFYQUJHZitiWXJhYjFHS3lmd1dDVW4rWDZRCmxC +bmt3NTUvZ0dScGFUaFJ0dwotLS0gTTRUejRxU2ZKZVN4MXkrSG52dHJzamxpdjBC +aWo0a0lmS0xWeStFN1UzTQrI0E7L65ZYdi9LJwZ3nSgT7WwwQJovYBqw7YO8jE+n +1iAUsxo+nj7V7ub7D6IxBaXupMwqqEGX/fUgLyHrckL8V6RmVfvoJROp1Vm7HncW +xqoFr1cj3n6p+O+xQPFy+1uVSktCTvLgHDNHavRPaoT6vP2FcvQkI7jczbGJel55 +YBA6bLrMLsn1+MmY5oT61huymRbKFyt3c7+u/vqYwD9/J4/KPW7nO0hCQ8LBJEm4 +KFwj/6d8zyLFGRB+wwH3pEPFWZ17/7tK4xRR3jUw3ertMKnLtpYpI7sCOhCStH5G +6CTMGgmWOyPmccVfWF3RSnuj5I53nnkYktWcc3o+ak8GCw8PBJvAfkAJyNjrSo6V +QTMX9qsrL8SydAXXFk2lNcv3maH6RgRB9ycPGak/ZsrFP0VkMFpOLIfqjJMnfChY +CUi2b1iTMlmw9VITSfgh82mue+bcevSaP6KboeksBq2ah8hSN80WPtb7VQNUNl/u +cQT5DoyvaIxOstiVpBy7DY4pvb6c5iWkUuuDiHrn0AA4XB2skTNhGU1oty0YrDFB +tnRtsOYgu5d/53Fcd8aUNg== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2joe.age b/common/secrets/secrets/nix2joe.age new file mode 100644 index 00000000..befdff74 --- /dev/null +++ b/common/secrets/secrets/nix2joe.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrRFlo +VzhEcDJmTStuQUxxcms4am9idGpZYm5HVndISDlDMzVVVGl1ejJBCldYZllDcGEx +QVl6NU1vVjBPQXpLTndDdUZIRWJmMC8vRWhjOTRDUm5yTUUKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHl3SGo5eEdyRWlYSmVZaWhJNEt0VWRiY29IN3AyeGdYQWtuKzRL +NzJrVUEKaGdSelBON1JrbUZGVnJUL2RwZzZVWWJxVUkxUmVrVHdTcno1aWYvbGwv +cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgQU5Ia294NGsweUI2NUs1S3VZaVVEWUtZ +d1l6WGdPcnBmck81UGQ1Kyt4QQpwUG5iaFVUNG43a3A3M1FvUjZGd3ZtZzMrTUFm +amUzcHI4Smp0OXdpdWJVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFRkd4U2hvcGRk +ZjhleWdheUtqVjBRMXdwZ01KY3cyck5tOCtBaXlBc1ZBCjNvUURFdEFpZ0VteCti +Z2t3SlhRbWMxakRHbFlPMU5HZDlOV2R5d3pWdHMKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIFVZRlYzSU9FZUpoMnp6dVJPR21Zam96R1NQOXJQSldXOHNGYkZnR3ZxaGMK +eEJvbzFKY1R3WTJVaTN1c1hnTWJ3ZU5OZjlZR1kxMXd5bmJYNDRBSWNqVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUHBaY3ZaVjcvZXMxLzRiUisxMnNwV2hlM3NxR05Q +aE4rQjJ5ZDl2eDcwVQpUM1NKNHg2UmtPeFhGbkxTUlFtTFJ5bjNSZVNEWmVKaHg0 +cWpmT1VZZFZnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBKZnF6enhLS3BzUis2azFK +VlFDVTZTRTQ0czdNclBGYzROUEJHYlpod1gwCkpMb2hSRHVFTzVTZ1dmM1Fid2tl +bkhrK1dMdmxZSWxhMFBFM0wvZ2tuTW8KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEov +MGpzVlFwSi9RUDlQSmNCRXRqaGNpSHFwa1o5emdOcmY5UFREejdtencKVHE3OGlT +NnQxL0xJdTdYTnJQRTl1bjJNZDJ2MVdnWHlzb0pZS3JvYW1GbwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgVVVrQ2ZJdnY0WHRrdFBidDh6ZGxCQThjMk1DcG1UZ1hhMiti +WENKclB6dwpCZHRhU2NWZTFQYUFWYUxCUlBUenZPVDdQa3pXaVE3ZUdSNm91MWxB +SGZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB3QnVtWjlsOHJvVmltSkdVY0wwcmhk +S2prNGg5UE0ydWdSck4vMFY2cFdzCnAvOUR6VWtEOXd3OE16ZVROMEJraXVTZHV4 +OFdmQlRXcStLa1l1eE5yR1UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9NbklVa3V4 +aU5ubnk4WUJyRTdXRmIxT2YwODJQOWZ2eFdYUHphSGlwWFkKT2ZWWWF6eGc5YXJy +NWNqNE4yVXc3MFA3eVJQbDd2Zm1FUkF3M25LT0FGRQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgNEZaNzVhZlVrS2FXTlRXZUZMcWhwNnVORGJKYmErQ2FIRDl2b2wvNDB4 +OAp3NWdNcjVXb2RLczJGdGpyaFo4bTVLMGk5QWNQbkJpMjh5U09kbENVS05VCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSAwbXFvZWVaTEp4eUkxVGkvcWpZbmRnWGdjeXdW +QzgvbzBnbU5KWE5Ba1cwCkxUNnkwTkFFdHpuRlovWjh0RVE3U3pIc0tVcXY3RTc0 +NjRaRnE0YXp4NDgKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGtraTV0YWxFVDVkb1pE +NHpVQ2h6VGh3LzVRTG02cVdGRHpmak4rT2h6QWMKS0N0SFpyY3lhYlZxc1NQbkZW +VkVvQlAwejF4aUpnZmY2RnlHNDhQVHhXcwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +dytPUnI3MW1TckplUDZWRUZrUVN0aXhtSG1OeWkrcEIvVitxOGR1UHdFNApxaVFP +cVNrV2YxNGZQalZ1aTZLbjFYM1hWRkpFM2xhRlZTN3VNNFlaR09JCi0+IFEtZ3Jl +YXNlIEVPUgo1b3AzSWtZdkdwWEM0bVM2cU8rdTkxMFpTV3BZUGgzQ1NwWlJ1UXMr +dVIyMktqZjBRSzlrQkh2V1dGM3NoUQotLS0gSW9aS2RLNzZMQXlVakF1WDNzNWl3 +VEpQSVVWVVZkQU1FZjBaNHFxdmFzSQoHZa1y31EyfxcF5zL9Tp0efLfm1Ak/v9N3 +IqCds1BYhPDeCECA1zHdGZojhrxFuOyr1H/uSKuksPktfi0K7F73NsQ8Prf3hiVg +C5Ckh540/7lv8Y+f6eOSlbUUHkO/UftqyPqPwl+L3cHApoSN5OZJz+nVgJROQMBY +63lxHjw170/E1BNsf2jqdHHJUwyFd7hia212PqCQOyh0wbc+6E0t/9gDQXphBxC2 +/EpwLgBf0b8+nzGVZ0RP3wkegZyl2LYwkh+PLhRTTJOulE664eaJBFRpW/wfw1el +QaoEHw52O92IE6KbM7lQ2ujmHYG2aKBf/u16DfkDBrHSplz9bolcueppa7ubLgfU +mEacucUtRN2k+kA8S0UVZDsbo2oQfQL+fgq6Hcx1shpIFpugyhDMMHDD90cvAs8w +Keg8jHbTEtVJAtBmLYraeyGXsla1vPCcoXfHr49ej3Q4B7pMmReMtMEP/BDKy6pK +csPW/lebooacQpu1fjVyYyW/AgJHa0U6oZTr5i65FNYd0nQa07D3bYO3o7JUFZoB +Ah7b2Pj3Wv5Uzxka0R13xtr0Ud7jqw== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2l002.age b/common/secrets/secrets/nix2l002.age new file mode 100644 index 00000000..0866e440 --- /dev/null +++ b/common/secrets/secrets/nix2l002.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBPODJ1 +Q2VxRFlMeUcrS0V0ZEhGdlRnRE92TDA4aXUwdDVKYUhBaG11R1NVClRUNnlJd1ow +MkliL08zZE12bHRyaFZuQkszMU1nL2pxT3hIWWlObW5IUE0KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDUzVXpLblJLZmY2UHJnQ1FIV25WRjJEWEYva2RjRUFNbkU2TkIw +Mk9hUTQKK2pMSytja2ppbE1Vb3hYVWhNMG1wUW1lNjRGMGpseVVpeUV4dkY1eTA4 +NAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWmV5NW1rVGk0Y0VBTFJ1bEpGbVFqdEp3 +ZVhyWkpaWm1uUHl0L2N4WStRYwo5WE5LYnUrTldDMGQrbDhtTEl3cmZGT21FNkZt +NmJ6eVBGeG5ZUjhCZE5BCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBVcWZqVVl5VDBP +azJjL0p4VEJnTzJrdkRZdXNSRGpIdXM3ZWttWkluMlc4ClJOV0xTOU9PeHhMeWpD +a0twcCtxYklUSjF1R2NseFF3NDk5eFI1Z2Z3Y1UKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGhONk1uMk5xRVdFUGZhNkpHUWhMUTN5bkkxdzNTRExqOGlGZzdOZzk5U3cK +NzJVSFppeGpGSWdob3ArTDhpcEhNSmVNMm8xcXRUS1crN0FubTR0T1BnTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgcmZ4MzRQQW03MWpwK2EzYUtaL3pPQmhhVzVBK1U4 +K3lOSDhNSzJreUwzWQpKN3BYSUg1ZmZQMEFyMUJRUU53bDJGZ0ovd0hoRWFOdEpK +WVJUOGErZkFzCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBSblVTemNRb3M1T25yYlhS +M3dLQ0oxZmhLQ1Nldkc5NVY4bDVMcWpPaEc0ClFDalVaZzMzUGxNN0x1eEJRUklQ +aWwybzJhNmJNNkJBSkp0WVd4WGxEZEUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHUv +ZWdmZ1RUZWZIckkzVENjblk4a0lVbVRzL3lDOFZhQk15SnU3REJwaDQKQVNncVdL +R01RM2FQekJXcHdYb084SzRRVGcrcVdMMmIrWXozM1BXcFdJRQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgeGhtdkMyTUQza2t2Y2ZGbmRNbXhFSmt6MGNNTWVGV2xGKzhN +bzB6REhrWQpIUTNPanVNZXQzMHlWQUduZUMzdk51bnNqM3Raem9pRG9iR1FRRzBm +aTIwCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJaUM0QkV3M2R1czdwYy94VWlyb1Jr +eUUxRU5zWU9tUGN5R2lMdk4rUFMwCk1ZMkJ1NW1abXRicjRkcE9CUmRqVFRjRlFv +d2hHYmVKNTVYc090ditMYTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEpFYTNQSDk5 +Y2JXL29YaTExc1ZiWkFKZUdFcDBjd1p0NWh0bkVXSk41aTgKRmZuWHRuNnpqUFNp +OFVZeVhDeXJMbUxuWnBvQVE2R2NwOXFQYXNnOUFsSQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgNmlsV251TVpneWttdGVKVldSbzg3RE9ablQ3ZDhSZE9Sc3Q0VDRUc0Vp +VQpXZ282cnFmczRvb1Q5cWtrd2NsdXBlejFMSUJwK2Z3Zmd6NEpNNUxJMDBJCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBLOTNlbFFPdVBMbElNcUtaVGVtVHFjTGJHQlFz +NUdDYnRsbGJEbWVsdURRClVnWnpuT2dhUDV6dVp0d0FoT0gxcXR3cVJDL2d3Mm5G +dzArWjhsczd2QVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFIvZGVGTmJ2TmJxR2Vm +b05RMy8za0liMGRLQU5XR25DNmladkgwd091Z00KTElBRTF4N29pbHVHYzAydVgv +TU5BRlVJeW93NVFtZEkyK1puUnBEVUJhVQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZU5EY2kyZWVVWDdEZDdZSUIxQ2lneWJrL1g4Ry9NcWwzOXo2ck9nam1WYwpRWlMw +SEhMR2VHMWNyS01TV0RQSGJiZzNjWXRRYTc2U2w0QnhpbFZzS0pFCi0+IFBBQC1n +cmVhc2UgXU0neTEgXkd1TDhHLHwgWEc+ICExVwpSanE3MWgrYWtEQ3JYbm9POE92 +cVVLK1pBaEdGTnVBMQotLS0gQk5Ud2dJZHRzN0RZTTlZLzdvTVp6c0pEejFBZU9l +bnA2Q3hGcmVOT3NnZwopOnc+QlhQ9rs4u1VZzBGuVT1C/M1+of1PrkVrG9FspsTv +k9M3NSrz1aCMHSgX+YdH59xr56PqsRjP6nok8+2XMMs04g/sfbQsBG6GIy0l2ke9 ++RgoIQ/7yBY6HhcSfBK8OGHsBTypj2iWsXmHji+JJHgXelLBQxPhiPh721Y+aR/g +6dhgaSkeiztKbzuXX8Y4idAx22vln+a9IhCeh9ObUucxXoQ7PsJXJqPFr4tqJfWe +R2wluD3RtZxzbkvKcmiVvgJt2pRRoMPC5tn6Se2Hl08fDoTR9Z24wK5igtu0+rBp +tALfNh62Nl2U1s4Ukd+5eH28vC1QEz9UqnTNvi7o+1usmLsMIjwagEgfUB+yzaT+ +8VJDj4Y4xfI5WdgbWe9A9JFk4ve8Xmqkkg8zlaveEg/wSMDbiZP5NV20xHDIr6kP +yrctn77Vohff0iYL4Fm38FgJfODFCLsHYOok3OgGGySLdTZcYZ69yJjlDm5m47ea +vz2zRL4m9MxS4vE9eR04T5G+isZnLZJP/T6SImvSKHKNpeXLSFbycRLYJkf0jNCS +g1ym3Ql3lTyozQVBCg== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2linode.age b/common/secrets/secrets/nix2linode.age new file mode 100644 index 00000000..21529d39 --- /dev/null +++ b/common/secrets/secrets/nix2linode.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1ak9y +UTJwcVZCbmd4d1RPaWw5MDd3TTc5WU96MVptcVYyQVIwMzJDMGhzCkUrV1JQMlc5 +SnNxUm9UY3V2Tm0rVDV5ZTFLeEdYcG9qZWc3M013RjVpVTQKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDJBK09UZk9jOEFPL3NXRmFaOTJjM2FlalRaSEhESlFSZjBmN1hr +RUNoQmMKcXRlMGFnOXpCWjMvTGRLd0FmcDlQSmF1TUhXdXcrNXRIcUh5dEZqbDlz +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgSnphbHkzZjU1V3VzTzF6K1ZkcVNvcmp1 +VkxhWDZPTHp5bmlxWGVTOHp5SQowZXc0OS8vOHYreEJXbVZudUtKVVQzR3cxT3RC +RlpJNVFKN09kcmFtaTVFCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA1RzdxQjVqZG5G +UWtlUXpnT1FsODhaQlcwclFvZGZmb1pJY3MyRWtuZG5jCjI2QXFGMEFRVzR5MlF5 +QmNXbHQrOG8zbWpCU2FWVEhKNkhuT2JtNko2REEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHB3bXM1TVNBUmt2VFJPSEhzZjBZQVdVcFVNM3k5Y1ZCTmVtTHpObXZablUK +RVllREl1eGNJUmIwZkhtUy9JeEo3VHpWRFFGNG5QbTZNdzN5bGpWeXlwSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgVmVqYUdWVFdYbThTUFIrZThYOWI1cGNFWTJnT2NS +RHBzbnArbkM2YXVqbwpzSEowTi9oU3dnOTY2R29GODRpU2piRWFUSXFBcjlXanlR +SlNZaEFCaWFvCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFRGd1TWViVFRHQlhEd1NY +RC9DRXJxUE5VazhkUHkvQWRLT3lrY0xaOUFzCndNUk1USXJ4eUtLQ3hjOEtLaXBJ +emhmRjJFT2xreGRtWjlZaVo5ZjRLYTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIGZ5 +VUQwRlVnUTZFcXZ6ckFvQUhRZzJFMVB3dS9RT0ZOWm4wSEJGVExaWFUKYlFzSHNs +VUhZTWJjb3doQ1hQTU5tRWQrTWhjR2E2cVlLUWltZGhaWWM1RQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgK0I3MS80aC9MV1ZYZUkwMGk4VjV4Tml5OG5Na3dyS1JWM1V0 +a2FUaWhVZwpKSGJJY0RwaW5lYzUxc0dWaTlxdFBwV2o0c2lQWnFlQng4Tlp1bWtn +OWhBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBRVXJYMmp1d0RXNFlPWno4d3pDVUVD +Vmt0YmhyQy9Zdk1QdmdweTlaVlFRCkEyVmttUjhZSDBaYk53ci9UbERiaDhyRGR3 +V2lpcFJBK3crTFZlVnBvNTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFiQ1E3bGlr +bDVXMTNyVzVwNHdwQ2hnVi9Ld20wSnczeXZ4WVJ6MlZnQkEKOGlTUVVBZkVCOWg0 +N0tFTlNxZXFqaUJEellpRVlZM0JyaUZNUWV5dTRCRQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgSFhTUEx0N3FIVzAyYy9rRkZ2OUZBYWVQcmhnYWU3N1J0V2pEZktVQTIz +cwpoZzhPRThka2JoY254VEZFeVFaN2RDVDBKZ09MUXI3c2VSZmJyRUMwYUd3Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSArazcwb0lLb1NxbTVpbFlKWmJWcXdnK2pXd2xi +ZmpxNkliZ3RCQ3VBaUc4CjNUOFRJaG9kZEZFKy84ZTJ4aU83U1NEcWJNd3hJZFFY +amdqV3hIZit2M2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFNmNHFrdDlpb05EQlE0 +ZVhqcGpqNFY4M1Y3aHVlTUNOdnJ4VktxbFZobHcKTWd0emd6RFMxY25kbDlNM2I3 +Sy91ZVlOVkl6V3JqTFBuekFLMUs4NjYycwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +aWFYT1A0MDBSMHpzb3YrNXNHNjc4dUtoNkZ1RHlSL0tWV3RscTlocUd3NApMT0FS +MFZIVytLeGF1WDRKN0ZydEltVkxmaWF3TVdWV1FraTcwd0xzODVvCi0+IGY7cUxl +Ni1ncmVhc2UgOUwtR28geWMkcTwibyB0LVU/Qyt5SiBZNzxsYEJEQAowTUVXa0Yx +ZStNYWIwdzI0bXo2R1NWTURCMVVRK1F3WW1QcwotLS0geFBtNS9vMlE1V2Npb2lh +KzgzWkcrNS9SRG1ZeC8zdUhQbkludVJwbVc3QQo1QQm19YZ6VMz/+vhRhATkrYwD +KP/ZH7wMl9n40mzx5U1g87ERd3zoDyirTsgMn1N05fpnW24a71FKddHpDUuFc7Fx +xLc0Xst+uuSD8lj8H309fBBLn6yfvq4vu+/XNqsUvTwkBVFRN6EkWTr0XoFTBrlr +AwkEzL2hvC8Gt5U2sjNkJR9GLSZhwOFwTrFMZRW6ZcR42o+6GRUtFmRX7iUMKJ6a +2LIn3i7Qlc8pkvtEWB8yHQ8iLxa0SbWPKWnMcTV8LK/JvhSebBHxx35AhbjZAwc1 +oLmichP61qIGUGb3r3Y5U1C7dWpAwMp12Z2efk1uOfO8QzM1GYqIRvsXSPzfB80w +OCdnZez4iEIvxslbcLSRNZn1R8mwj5deMK4ZfU+26khzqBAtrjAA+tlCtViGKqUE +e7eOBujnBz67YbUYFyepBd8UfDsqM9jtl3PW07Bgvi1MJY0S2dzopgTlzYnS3PNS +8xyLi7Z/McMmHg5RZs2jKHScQlcs/+Y5y000UiqtWy2UmoY6zYwGW08eqgZLZKDS +QYY/0MHWQGO469J3uNdCx6qkzPygWchlGEKpxA== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2lio.age b/common/secrets/secrets/nix2lio.age new file mode 100644 index 00000000..1ea57d4e --- /dev/null +++ b/common/secrets/secrets/nix2lio.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB3dHp2 +QS9lSENJbC9VR1RpaWYyRG1KQWFXVGFsYTJyU3VqNCtub2RYMkRvCk5pMitVV2xZ +Y3hqTU9jSllaVXFReklodnVpUVVHeENpdGpBaTc2ZHN5Mm8KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHhIMGkwQmxYZjdBdFk3Wi9BQm12Qkh5NmExNklZbnVsZTdoZVI2 +bk9rSFkKMjZGc1o2SER1d24vVjcxVktjZmc2NXlJand1WE9zZDFZVG1WS1dNY1NG +cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgSEZhMldYaEFyUktESkttclBUV3JlSldl +UzQ0T3MrdzNmS2ZJWndVMTJTYwpoazNQMUt3d1A0ZHV0bC84b282R0NlRzhuQTE0 +V1M2QVp2NXdVWTVpelp3Ci0+IHNzaC1lZDI1NTE5IEJZS0crdyBKRUhKZTgwSnc1 +YkJlb3FLdkxRdFNRK3gvTDVzM2RnRDdqT1g4b21pNnlJCmFwK0pGNWR6M3BNRmF3 +aVRHRlVrZzZ5NlgydG5VTkRqTkVnOFZLVmlaelkKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGRrS3AzeE9jR05udXZVczdvaElkT2NFWkhyMGRLM1VRVmE3d0Jpek1DbG8K +UHNJYlFrME5FWmtoT3JZa042N0pzRlFESGl4U0dJNGtmT1Fad0J3VGdkbwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgaGd3SVN2MHZlQlhFaFFCRjR5eVV3Wk5LTE1PTHVO +S1pFK29GRXRhcC9SawpRTE5BcTRIMFE3Y3NTZEtwa1V1cUlodzBXb3dUODJ5ZEVV +eEdPdjRGcDNJCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNanV1Qkk3THV6SVZCOEUz +Q0NBSW16dTMzdWtpa29ncTRmd0o3eUVKb1dVCmFzd20wa29HVkRRRjhZMkFaSGtL +Z2M1SzRPNHdRMG10MFZQYTRtRGZDZ28KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHcz +UUlraHJNd3QwMC9Ta3cxekVCYWJrQit0QWhuSWkwenp6OUdBRG9oVXcKQk84OFpt +S0RqcGsvN1FMMy9SaWpnTVlwT0VsMGltMzdueVlISWZDblJiMAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgMVA0RzFwQ21YNVVBdlRuNWhRVjhaVEk2MkxmU21IeXp0VFNM +U0RYN1pBawpiMWJCV0JUMFZNVWxROFByNXBBSzV5LzlxTmJxd211OHI2VGw4RTdJ +WEZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBkU3RiRThocHh5QjRKSzJ5cVVIZlRU +NlJ2VTByL0VQZU9DLzhPN1ZxVmtRCldWTkx6Ty8rbHFDT0RpNER2MVA1dVFiT2ND +bzBsbHZ5d3hzaWlRM0VyYW8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHFrNVRPQmta +L3YwZjZ0MTNrK3lWeWdCRmF4MmdFMmszeTRlT09uVDlkVE0KYjlINldYK0VuNjBa +NVY1bFg4VkdyQU9DRk4yNHpGREs5cWthMzBad2hwOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgU1ZRclhTL2FkU09HcEtiNkY3OUo3Mmw5bUMwdisyL3JoMG9tSG00SGZR +VQpMZ0NvYXh5N0gySHBMZnF3MC9oc1g5cC82Si9ybjh2ZW9XRlN1SkY5RXdFCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBUZTJXY1Z4a3RSNnRvaHFhbC9BTlNvWVRIazVE +QVU2RTVrcU9NRDNERXhrCkdmbHJYM2xSUFM5TEs1Q0xnQkgrRnNzQndDRWlXQ05o +MWdRRU9xQlhuNVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE5tZVV3aUhlWEZkeHFs +SUpTU013RmcwZzc2SlBlZlA0RERnTDg4SmVVVXMKbS9LZHlaNlRJV3dPRjFzMTha +bU80WXR0SkRINGRxc2NXQVo4N2xqZXhDMAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +SUtVNWZjY3o1UkJvbFZ5WStqWG9IMjMyUmRYL3FYbXRPOG94ckM0TUxVWQo1MFRE +VUU5Wm1NZGQ3MFpRa3BBcWx0Kzd2UlMvOEM4Z1NoOFFYSWNLOWFFCi0+IHAmdml2 +V3NCLWdyZWFzZSBKKCklSyNAaSBSCnowSWtOYndCZmNoZ2gyYjNMejJpbHpNekZ6 +OStGcGFTVGJYeURqK0xYaUpkbFdLR01WdkRlMmY5UlIwVEQxYnUKLzNGUGJaUWhR +T2hwc1RXS0pzUi9KUi9QRkdzVmRKYnJVMS9pN0pMdTZIck93d2JmSFhNCi0tLSB4 +K2RSaVBENkNwY3hWbFFJRzRMYVZSY0pXTFI3MENkMVVzRTJoYmdNN1JVCv7Oz2Fi +S5/m0Lpgzb8jvETd0PIqOImElU7dg60vsww+++Ci7oo1Qw9l/bNdqOhIi4FjsGJp +vQZz6OsqpvF7Ou+YauUvdx6STlnkwrh9J7BVSkG++oduf16bTsV1rqSE/e3hHe2I +6rPv29MFmOxd3Ym4g+RAni/Ib/Ti7MdJJ3GDxOozAlHJrymtZ5NNa21UipoQpeWr +QauxkectXbeVZ8dsss+1sPI/z0CYFHhsEyiKGzZv6LFkdERuTGRmLHfYEwpCeeuZ +nJg5ztWBmvbwmbnbv4hbRaDNf5lpZA/sJV7OuJ/1iX2yuhBywI3808ioFtq3vScr +uUusVwaktQTpoj7yr1OuUltgeuALegw/DwnzZE9mNpGtUjbIbMmq/vJYhH3rC1wv +f2NuCvUN9GvWDt4IQkWDw7m3W6DUaNhoHE5NwcZ8GdScQ2j6IlEEdDAZ/da2Cm4B +o/heA/LGRkgwldpABIVdp2rZAsoU07SgENteaWTk281yBBbiG/QxTHFzgxw0wNjo +ShrXQQMnXWC2Fdz8ogj0RLesMsfjRnEIRwexxNLf0ihBwvet+JxKD6hL +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2nix.age b/common/secrets/secrets/nix2nix.age new file mode 100644 index 00000000..4877bbb8 --- /dev/null +++ b/common/secrets/secrets/nix2nix.age @@ -0,0 +1,51 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBiSHRC +QUVCMnBYdDJXUjgweVNiQ1loTlkxMWxjV3haODdWeFFOOXVrb0NrCkVZRzZYZVNR +RkRBTlRtOFhLZUkxRnM0UmR6S3hzdTcvUGwvV083RU5Hc1UKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIG1HWmhGSG9ZQmNoWEZvWDBta3V0L1I0cTE3c1orMlp3ZTI0OW5F +TDBaeUkKSWFjSlQrdGtnVlVzNWp3VHBhcm05QTNKZUZrK0g5RWRJY1ROWHYrUWpY +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR09DZnpLcW04TkpDa1crTHg4RG1FdmJh +T2V2VGJhWC94cm9IbWY3bmtrWQpmSGMrRHdreDNXOUlZRXdUQ3IzU3dMOVU4c2hH +YlpTMHdBZkxKcWJrMjBRCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBaZ0RPdUhTV29y +QXN5N04vU2gwc0VEdzUyNDdBMU55VHZmK2Fjc0N1bTFvClRDY0hoRDRsd3ZSSlVr +RlJHR2VHbGxZYlRKK0hkV2lYWXFMUEM2UzZYUW8KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIFBqUlZoWW9oMWtoM00yU2oybzNuTXFvYXJjS3I0MHpFN3owUWZtQWdrRWcK +S0RGOU9jUFJxY0ZmWFJmaU9GaFNjNjhSZk84MFRmcE12SjliSmpEMWpFcwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgZ3A0NUtnS0JMN1dINStSOUlNSitxWWZRaEk1Qld0 +aXp1V3Z3dVM1TUcxcwo1cENLMTNiSlJkeHNNamQyMGFvQ3FWNHBJYVVNSzhVdE9P +MkZVWnJmeWI4Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBObzFBR1pKbTdpVlIvMWpa +bWlxd2Uwb01KYkZtMmhXRmZCRlgySW82bERNCk9kaDlRV0JxRDRvdTlxWU1xM1hF +YUtnL2lKQTQ5T0dFdEEvT2hTaXdmbVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIC8w +d1hwSEw0Rkg1RE10Nm9oUlk5a1hKS1dJdGNyTHV3anhtcU9Ob0EwWG8KNXNHeWxp +Q296SjRsR1lSQmpDU1JCbngrVWQ1M2NNOGhLdkQ5REQ5dkFiUQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgM1FWOGVtdzVERTl1dXpzYndmbGd2c0w0a1phczlaZy9wSzZw +Z20wZFpXTQp2azFzbkVDeWR3eFFhZTloRFlhK3c1Z01vaXdGYkVBNit0QWErRVNL +MWdRCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBmMG0wRHJDVzJBU1ZoRFRzdlRvOWZi +TDM0VWpKcUY4V3EyTzlBbWZlOWlZCmI3VHlqYitMODE1LzUvWkhoODl1WVVCM3hl +YWg2WWFlUUhkQ0lvbXovVTQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJON3RGNDYy +Sk82TnNwUHhOYVE0WGoxTFdIUXAwSlROMkl6YWVEYk5tMkUKd3M3VzA4dWVoVVZH +VW9zcHd5cEtadUJMWTJacFhkcUkwNDcyT2xHNUxBOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbGdIakg4b1JzMkgybmpScFE4bmFreTF6ck9aM0hXbm1nYXl1V09CUVBq +OApLaGJHdEpjUEdjNVJEQXZvOUVxcllEckxmWVdCVkJPeXFDVnQ1cFI3cEE0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSB0NXNaZEtyQk1SMm93b2t6OGp1OHRUWXZwdWpa +Z21sVlJ0QmM3bW55MUdnCnZCRlVCdWRqN0hIVHRIWVBIYUdvTGYzWUxpRHY4WVZ6 +MFlXcUk5anlrMGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIG5TTllCeWJtUkpTbVpQ +NzF4S1lIWk41aHR1Skw3ZDJxSnBhZ2NHNTdra1kKRW8yeit2SDA2S2xCU1pueHlY +NXo5WVIxaDBiS3dFMURkbnBQM3M5V09hQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +K1pUM1pkWDIrd3djSThuNVFrTlBQQ2pOa0ZIRHRLZERnV2xkRitWNXBHNAozZjZs +MXhvUWM0elJkdEw3MlcvU2xBUXU5VThMVFB5NUZmTnhsVDBncVBBCi0+IHFjeUMt +Z3JlYXNlIGU3KmRuajM7IDZWCjJ0TWVnSmZRYy9aK3RSNWludGI4emdrSU9KV1dw +OUtYK3NUZldNcFZid2ZZMzRPZlFKRCtZbitPZ3hMV3FZaDAKdjJjeEVWUjc4Q1pk +L2tuSUZ0cVFDQ1YzOWxHdWVoT1hZQ2IyNW5XMEJ1UmJDckdTTzY2TnZmNGIwRy9H +S3JWbQoKLS0tIHVNQTFWNkhLMlVMMCtPU1plSVVBQ0FtZGlKNktSbXJKMjlsaVJx +L2RkNmMKL4QzBzzSOYmRx+8QC3YrvNX3hbfvPPP5gp2kfFK0clqTId3/UZu4qkOt +jUlhRTRWqv+ggJAHjyBCIPQP3BgHb6EDH0B2+ZaE/fXepvIaPnvInIoc+W7Dr8wA +JqgeDOtBWwuKKonGvPcATT3URZ8i5oGGHbyYGyQmeDjw7XdOQU78n8/sgm9bvOPK +woEE1G5tBvOXPWZXxgIlb01J/1LxLhmk7mmB5hyGgzG1kXyDHxcNmSytWNLe/6ly +v9mZSXAT97PPLJJcdwzd57tDav7yXXiNq8Wg5jxZR+YtyhmDX5BHcw/0nJr6CU0R +8bAsraBf1+zUoGYG0XKnqSCCb0Ky8rZYtG+KlN/aFRJ4T2RgLVIzncRvzL3evOa1 +52POfhB26YyMdV2kQ82V5UJXEFHkjdjwixp7n5jxg3MKxZlCumyPCuUe11W9tRtV +UQPNxdhgOH8GZAm8m6JxECtJ3Xx3XpGG5nZSLPCDoIQnetqShb1vyc06AQKMdUnP +FBXj0edHQE1DRQoVtcSq1+1v7CmLb4iR7yFGgbiuuRzyn2I2YNX6jxsn+u8z/roD +jvGrIE8= +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2oracle.age b/common/secrets/secrets/nix2oracle.age new file mode 100644 index 00000000..a25f102a --- /dev/null +++ b/common/secrets/secrets/nix2oracle.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrU045 +Mk9iL1AzbG5LK1dKZEtTK1BENmZqc2wzWTdhMU9lL0NscXpJQ1dZCm5VWTh4eCtK +QWhVRjU3c3NXOElYQVh5RUZUQy9jcVA1NG9EZEhpKzZLUEkKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIElhTGVrcnk5emJ0ME1hU2xXOTMyTEIxV1l0TVFrc3ppQjc1VTNU +TmJyaFUKVlJrSVhCcm4xbHhwWUx5TXhlbTBwNzBoN21hcU1hVVZHeTNibUVSZXB6 +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgOFRvYXZFZjZJcXRsbUJUQ3U3Q3lLK3U4 +OEhiYWxqckMrZEszMXI1SStYOApzN3NCQ2U3TTkxVzB5dEUwWXA0dDMxblVEV3E3 +MXNXQVpKSURyV2ZmNDVZCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBJNUdKOGFDSHd5 +VDUrL3VSeEY3NWNoZlFWS3pvZnRBSjRIZEJnYzBSQ1h3CnpERHlkYXJsTCtUV2Y0 +RVN5NDB4UWF3Vm1pdzN0OHFuZ3ZRK0Fnd0V1cW8KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDU0aFQrN1pydWd0bkJLaE5KUTNyWU5Vak1tTlhKTDNHWHBJQ3ZSK0VNWFEK +UDkyTkFoSG5aL2tBTmxESWVpWXRpbWtTeEY1L0JZSmlEdVlRekN4ZmdxTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUXRLZjg3UStKMm9MNzFrcTVaVzhMR25DVk9oMGdP +UzErclNkQnhiRnNnawpRY01QWnhFQnFqT1AwcDIyeDZiaG4yeVBzaUptQ2RMeWxz +QkhyMDJnU3hrCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSArWjA3RVlZL2lyVjRFR2Zr +b1FIK2Y4dlhUejN5Nm42VWV3Nmp4cTB0T2dnCmNXZ0d0V2R0RnZHNGliZ0pwNkEv +a2Y4UHlmRnpOZ0dLZGIzTXJ0eWx0K00KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIERw +MkNqci80MXZibkF0Rk02YjBqalhhMmUxelJubWdQMG9mZE9lRzhXbVkKeURhVlhU +bVZDd0l2bFlKVjBKYmZkdHk0OFFNNTM2YlNYWG1SS3pXS1V3NAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgdnQrOCtiYWJrU3lveStlRzJrYWE0SEVHUEsrcm4xa0ZZNTA0 +UTZ4dWFBZwo3M0QzZEpFV1BFdGh4RC9DZ1l2M1FRWEdzZUtjbnN4cFRveE9KWU5W +NVFNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBSU1ZSd3Q3c1NWVUQyNTczMHBqMDVp +SUowUkhwTEMraWZZS1l4Nlk1eFJVClBjcVYyUndxdjM4ekIxOS90KzNHMXVPQ25Z +UlB1SW9BQzhyVHJnSU5TUG8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDB0WkxkYjBF +cVBuVFpiUFhmcGxwNW9BWmRzTU10R0prMmZsVVk2TWR3V1EKTHdySU8xK21hMzJ0 +c2NOZ0NSdHUzSHpnVWE0WU1DZXFjSjBXbHhvd1JDZwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbGFyTzdIaWF2b0w4QlVVUVFyNnNSMklzVGNhM2Rka2FDNm16S0R0MTIx +SQo4bkQ1cWtEVURORTcyREtDdUVPM3p6aFQ4ZVBXNWpCcXhUS1lOcG5tTUFVCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBDenFma2swTUdNalVpalVRT3ZCU2NyMlBOb2o0 +V0tCQ1gycmRoek5oMFVnCmNCRUlxU0F0ZmZyOXFLY0I2QXpuSTVqRUEvSHBHaHBF +SENVeDIxcU94Qk0KLT4gc3NoLWVkMjU1MTkga0hrMmdBIGRjYldMZndtVGRuMHIv +Q2RZNjlwVFkxS0xRQUpselRtS0l1MnNDLzhlR2cKSnF6MEdZRFhFOWtzUzlVZWEz +SlpHZzYySEpEVW5TOCtiZTJIYWdLL3dYYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +bThlZVZ4Q2s1OEFWbGNqSHRIQUpxYUNEZzFzNE5qejVnTUs2djFOYjFHUQo1T2lP +aktEaGFOYkw4T3JsVmIvTGp2WVE1dkxSczgzcjNaZDllaHRyVU1jCi0+IGo8IWFS +RS1ncmVhc2UgNHtmWAp1dVJtdTRlMFROaHVzVGx4UkEwcGJycitqSTFvbVFFOWl2 +ZGZVWHFHMjUwTEljRnlDVUpMK0lBQ1Npc3VRMW1uCjRDVXRhdDRRRG93Ci0tLSBa +U2JtM1c4dDd4OHBwK21jNXNqTFdDQ08xTXdWS2xLbjc3dllsUDE4MUpnCheeS5Ao +jdiBXm9dtTEcTgilutkhBaP6NL2MI7TCkratQvinVxVFc3A2XXGD1Dp+/YGhHMx9 +x0l5flisRyCK3Xz8WJWbVi1VZ6DuGaossLHxfIeVWQhzGGlX/4Xu2Ly26BpTDLmi +OpZ4WLHy3kMmt7VOon1xQmlZv7NBj4R4/u7QdPnIt60BwoDF6dGUEVBk/AcRnF2P +23fA0ZlpmSCRCfyMwgdo7TXMq72w/VL4y50y0H1lgexGwsgtOwWsj0HeOxwleSCS +3vHozKZd61AF898IIJh8/YW/A2AQkD0V+BN5Yn9A5PpN7HEQ2cQtsU2KB2LY7Ws8 +/l2diGyNu8V7CmONQh5Rjg5ON0Vj4xMpmsSQO9VyGzwVzkwXPpYadLYF82xP20UR +IieybEz/3n6ihpDPJ3aJ6JN31lZJnCmFkQ2sgvizuxwQnIpuN5nVav8laq4Xjm04 +55r37ZJG4SQUzOMjYdnViq6B/LMslVf3B80vMKXlm/lc8cXXQ5ZErcKJs7WsKD10 +GsAE+kvrxpwBDykMNwluExFxYACp1a+1bZZuzdRITMEstbWQgBK36s/e +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2oren.age b/common/secrets/secrets/nix2oren.age new file mode 100644 index 00000000..a4d820fe --- /dev/null +++ b/common/secrets/secrets/nix2oren.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBpSGZS +bkFWQXAyazF5empVcGtuQ3NIQkpBK0RWWnI3WG9vOTdQMW9SNlh3Ck94MlNBSjRS +NTA3ZjAzZXJtTk5WaTFUd0VYWFFseUVTOFF2aUFmaUtCbU0KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIFZHS0Mvd2NUSHk0TnRFSWhmTk5VSm9LSnI4cE80OXpYMzJKbzV3 +UDdtZ2cKeTlsTGhmazNycElZLzN3R1FZcWdpK1Z4SGRPbGNKcjJzTnlXZFBJSTJl +UQotPiBzc2gtZWQyNTUxOSBTcENqQlEga09qRnptd0dqN1ByU2JZL1JuMTVJNlNY +eGYvRG96RXhtZFhxN2lpbWZXOApTYnNOYUkxWmMwZjlOMHJzZjdkajJHTHprbXlV +aUFZOWtOT2dMY3MzYWFVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2bnBFcnE5T2Jh +bmc2dmRQRUdDL0crYXl3ZTI1RkFDSkw5N3VxT2k0Z0dJCkpsdnFjN2xQeXBnQmVx +RlhTd3hudUNyMzQ4WlN1SGZvRldNNlBFV0ZlaTAKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIExzZGsvbmQ5NWRHdi9iSmVxVG0zbHg3T2V1NGFqREg1V0YyS2Y2bVNsaTAK +UUNicjhwajgvckxIblMzNk9HUDhLNTFBSmpMdzN4VkpoVjMybWVIc2hpZwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgNnJiMnVQcUd6aUVzblZMN3cwM3VoZXZRd2xaRlgr +SmpqYm52OXozZnZodwpKMFdsMVl2Zm9qNkIzOU1MM2dmWGRJTFd3bzMwWTVBdDNP +L05HUEpxRktFCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBUbW5pRVFHaUFlQ2JKZEEw +RDJxUVhiRUxxMGNkczgzUGlBVmtiTDQ0RG1JCnhjZVdlcW1LYkZyOXBqSithVXI5 +YytEYmltaFdLYkl1Uy9IV0xTcVR2YlEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIE4r +ZC91UURXRHFUWEM2OTJMWjRuUTBDUzZyZjR0MTdlMGJ5NHBBV2lBbDgKcEN0dXln +Z292L25SejhhVjAwdEthdTkrSVo1NzloSWlpQm5IeEgyeVQrbwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTFpMWnlXY1czQWpIdFl6SXpHeHg1K3hEeTBYdUxnREFmL2RF +NUhFRENpWQo4ZUswdFVMZXdnMGE3ODZTRFdOc2hBdzVMQllvczMvZk04QnRoWDVI +ME1jCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBUejNUVWEvWm8zSVFSRkFpQ2tIM3Vs +UFdTVlBhR3dIL2x4aDZvNUJWd0JVCldXQjRVY0g4KzRhTVRYdzZoRWZPbGlPSDA3 +cUhNTVJVZmpLTmxwN1UwN1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJTb3dMQUpW +b1htTm1JQlV2TDBXcGk5RzR2ay9JZ2NwSXpWUFlNeW1PVWMKTjV0S2JSd0dhTm02 +VzFzOUZmbXk4d2RweDRtREppZ2NaUmdXZXFQT2xPZwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgYTlGK3NsUUpJeW51SXFSaWRZMktZY1JVSWR1RHdxMkVCZ3JpOG5VeThI +VQpmL2pER3pkVVpRMG4yUkpoNmZCb2NzMjBqcm9mWUtpd2JYVE9PR1N4S29zCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBqcjhlR0ZQK1V0eFJINm1uUzRRTzBJZ2xnUk5S +b1BzTUVJdmoyWkVNNVVnCkZZM21DRkR3eDdWSHRtNTQ1WFF5K0hxMk1vMmd1MUJK +ejl2dW1keFhuWHcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpTM2NuU2RFVUJVcDB5 +REI4VE9LQzk5UEJVZEE3NTliNGRlVDhQSHZobWsKVlQwWU52cGErRHlMSUs5SllW +YWZtZWI5SXJoSFk4UGxHVFFqOHJqQjhaYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +MFAxUXVaZXM3ckZHbWxhY090T1UzaTZpQTRqZXMvaG5VYTl4U2ZYRThEdwpNa25V +cXp5Wk5WOEdjdGFWck5Qc1hjRitRMWdXd09CVGc3RDhxSVhlZkFZCi0+IDUxdmZm +LWdyZWFzZSAqcik9QzxMXSB+UTsgX0hDCmxiUXF0YnRnamt1RC9IaDRkYnFsSHYx +QkhRUU40TkI3MVFVSlN6WDJVY05KNDN3cGg3R0lVSDk4WGNQM2NFMEIKcncKLS0t +IE12R3FidXBvMFlMSkl3MkJleHgwOXB3Y1BhaGs4QlBPaTY3aTZBSUtwYW8KBn0h +p0tQ4FYu7/wPAIJc1Ful9XEfvky2NA1q4xI/gtfeaXvUY1tS5IeVkTQwfEsb6uCa +2m/MRGsWSmfBYHPzBtl/eHNODZ7EHECHjVpq/i0BLOH5a/GJ1lAImY8MDT/1dd6S +iqJPUTOWgH+mczo6BMsQBBmfg987oI/WRMeMAr0xZeFbunSw8yglLbopkFY1sv0V +OgBBUFj06tBhYBivB42fmaFSO/bTYkwD6FSzCfUGSG0p8PPaMIPPF1MU9xtgjW5A +PkN3OGeTDrDJ6AnVjTY64nzSEwILPRoSKXfErEX7Q3oEzSgIdzCVKUqt+Z9S8do1 +Huc3JOc7ZxxotGr9AHPPGYxT6hgkxxQOIrw6W03wnj6oS2XsFoU3X7uATZP5hc8o +p2W0knCKHPjqxb0cCZORSdae3FOQpF3RY3hFOIHTHqR3dfl//D/OdW+9+qZx47JW +hoXDNmdrBjUXW6t/i/rRhcoocomUxo/rLbxdE+/JP86Yg0pb0fPEP6zCMHJusuHo +EojSeWMeRHZ+cF61ee1+8cHGrvXcShJ7uicIXRTFdbdclfM10to7cijub+U= +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/nix2t.age b/common/secrets/secrets/nix2t.age new file mode 100644 index 00000000..843600e3 --- /dev/null +++ b/common/secrets/secrets/nix2t.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBVUy9q +SDc5SjNYT3djMmVnbmZrSkpDQlQ5VmJQZlFzaUhJS1hja3R0bEV3CnMvK2NKd05q +OUltdUUzWlFUZkhMa3c1UkdaVm1aQlk3MmtGalFsV1dRWkEKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEh1VWxrNnZoN0tabE85NTJuUFVmTGw0c09IVWI1Q3Ird3BWb0p1 +ZSt4eVEKWWlFMzc2SzVwRE5CNVk1N3haRW9UTGpMdjk2d2cxa3BQOUFrSTk1MmtW +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgVHRUTnhwckpoVEFpMUxWbk1yekRDTzA1 +WWZvSXpDZWxEaCtDVHNKVENpMApncXZIY3ZFbHJxY3VkTGVsclBTQ09jaWxRdDdO +VEsxdmFKYWNEdkUvT29FCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2ZUhRa3o1V20r +a2tQNmQrYk9wemFhNytRY3FuOTFmMmRad0FNNXExWEQwCmp1RjFDS0xwSGtHQUUy +RDlWVVdxWjhvRGVEeHo4TEdzT1JSRmIxcDgrZU0KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDZYYXVwaWdrTTBKYlZhQk9STGNPV3ZqeW5yZDVpcFUxSTVsNW9JcXF6eTAK +VEk2Skk3bFdtWEhoaDllYjloQkcyT2tUaTFtdHYvcFQyalpuaTFac29FWQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgS1I0NWdPY3ZSU2xENDFFeEVtNVU4dkdGRVVkUWYw +bjhYWlNXMm9jU0UwdwpPQU5KMTVuODVhUzFxWnIzclhCU05mMnU0R3FtanVxK0xn +VFFJSTFvWHA0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBhSStkek51ZWQ4a1dVaG9w +TFN3Vm5oMUwraUx3MFR4bXVnenpPNE0xVmdjCjhORitCVU9nRWpQNERDMElBZk94 +a09LMHFhM2V1dDZvamltUnY4TENqYnMKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHVP +SCtCUWc1N3E5Zzd3aHllS0owQ2d3anhSYnRFOWh4SlgyOG5ZWFlJbEkKNHVzMjZD +T3QvYXZPaTU1SDNCTnNFNlRtRFpSZy9wQ1F6WkNxNUg2bCtDVQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgYVdKNk41MGxMMXl6SkNWVmdsREhTeFJ6RTJzdkxTcWhtY3NT +bXYzTnRnZwpnaXBHKzNYYzNDd0ErbDhBNEVOZ1FWcFJZT09TY3FBanZIRU9nTldu +L293Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBWSUFiQjBLVjVjdUdIdUR2b1Q3LzJJ +c01VMS8yZWJxQkN5bXVuNjhXUkFzClpuT2k5aFFWQjNsNjlNSHc0Q2xZWFdDeGxY +V2ZBNDNYN3lsZlFrTUkvNmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDBrYkk1akZE +NFc0UUsrV1RlbW02NU9ZTlcyRGRMUGVmOWtwOW9VaXY4U1UKeklYZUdtci8xYzg5 +Rnc0V1M4QktScUVwSG1JcnprT2pMdDJWYVJmVTdDcwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgQzdTcmtaZER3Zk40OVFpRU9pTDhqTHBFWTA4SS9NY0g1RE10ejJtdjlU +RQptZ3FQMmNnYzBEc3BpUDdNYTg4U3U1SFhDb05KdnIzV0VzT3pXT1psOVE0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBzRko3NGlWUmpDb1U0WXpKN0lraDYzTWlIYTFj +OStWa2NzMEQvNzN0UlFRCk1LeUZSVFdPa3NpY2M1eUIxRHhqV1BFNlpjN2Ntb2Rq +dkFveVdxRFpod2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEEzOTVLTzg3d0ZYaTgz +TXdJYkZlcVVqQm5KaXVDaEZlbWw5OU1jNkw0eFEKVjZra3dac0NUQ2pBZnRFMGND +Qm8wbkdVQytxQnpGSzNjSjJtVTk2dEhSSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +UVpVWHV2OWdWYnhydTJZODRzVEdWQVhFODFQWFVVSWw5NWJocXduY2hDMApnUDNM +UXkxL2NTQWVVeUdkeHdHbnE4cFJXMExLK0IxWUxlQlBFVlllOWVZCi0+ICozLWdy +ZWFzZSBgS1gtOiBuK18KbThIa1FGM25sc0o1UU1yWlFoY20vNS9oRGdpQmQxWXBr +cnVwaHd1cDgwdGpGQkQrREs4dwotLS0gUHRYWjF4OUV4NVhESlo3LytqdzVOTHNU +Z1ROdmJ4SHkyZGhzQlJXeWw4MApz+OC1nGrL+AgkWWYC3bYmEZ4WE7wUiBGSQjuu +MFlv1EBOveOzJ9eKKdR+zOl0Zo+pL6TrUUju6iaIvPd16x8NBiiDGmiAkpM9qcQv +CG/KFcP5kq5Ddx9rGqvOTn8YTk7Se10BmBEduERWtSuv6yEngrAJzF1QaeBM2PXH ++TxPlblCbiE3g9Dk6c+0S74izVAz+1cD8Lwx7n/7DX6gHtIoSMIDi38mfy9baZdl +Zcaw8Nr/wgBT61U2ywXGc9h50Jec1zUXfBEdLZQCFNpnZjntxh+obvdM43HJzRkz +sF9UXXWrvQrP21xxxa1wYy2UNANAHqMegUVNIZZfncF0lnA38sJDX8nsYKaIsnce +CnacNDrf2gpZkk6Ml5Pjcc85B1dE3DOrogg/Dq84c+JtN9r5N3mrzBHeg4xc8dOX +GGq1+9a4w/w2CvvoRbFXxSxo7a/B73oeNggsHCcZ+o2CG/eR1mDNznU6XSW/1dMg +FnEBJB4vAG/fejLMHHWNb4bfa89Oba7wN2oHKm41cf+JWHJ0/Thn1k6DzcWRoHtc +kJS1Zr8mQw== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/obsidian_sync_env.age b/common/secrets/secrets/obsidian_sync_env.age new file mode 100644 index 00000000..b35ab57e --- /dev/null +++ b/common/secrets/secrets/obsidian_sync_env.age @@ -0,0 +1,43 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBsTGRH +YXJwM1JGbFY1c1dtV28xSlBYTWdObkJRUmdRVTROcm1hNlh4ZWlzClVEemdrc3ov +NzVqVFk0RjV2eVBCaVF6WUcrVWh2MWxpSjhyUWZsT0Y2ZVUKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGFYWUZqRnhMdjVZQ3BsTXcxcXNaeWQ4YUZMRytSbm0xYXJpeXd1 +MWlNMlUKb3ZCOVdJRGF6V2xaOGUvKzV6N1FvYkJkVlo4VlZPeE9BYk9xYk9qbEF0 +dwotPiBzc2gtZWQyNTUxOSBTcENqQlEgTGFZbytBdXJjYWdRdHlrVE5vbGs5UzJp +dUkxUzk5QmlZR2lvQi9UYVpYNAozK1JwREZQaWxtYzhzUit1eHFldGJXbHNGdktH +SFFJcGJ3U21MQWx4M3FnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAxaTdFQ00xei9L +TEdCd216MGRXbmRrTEdvTVJwdEVmUlFLVGsxOXlJOUQ4CkdobFNlSTdHaFVMUU12 +VUhUdzlDWVMrZ0VaeVlmZlliZkhmbWhCU1RlSTQKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHFJU2JRWEJrL0ljZkVSamwreW1KOTgwWGFkZ3lGWnFXY2tMVmZKclF6R28K +ZXlOOEdIanFUWEdGdys1R3RWNjNvWDY0RytSeXVmdEkyOWJuK09JNERKVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgYU1pWk51WmZZMjJnaUpQdjJxdjA4VCtVQzhtS0N1 +U1A1aUJRYkY2S1kzawo0c3Vzb2EzZWVLV3NOVWJZc0tOMXNrd3ZscnFkeXpCcWRj +ZEZIWFFFSFQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSByWG96bDI0Sys5bEZVYzNk +RDg2eSt2d2Z1R25zVWsxWGhDTHBaNkJWdVNRCmRhK3M5Q3VZeVR0RkpGbVZmZHhz +ZlVqbWNaVmVxbTRrejNQUFVwRDlYU1kKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHE5 +blF5dTNhd1RIUTZTdCtIdXViaXN5VFg5Zy9paVdDT2ZhZktNTlpQaHcKM2cvQWJE +aUh5OWRmRTh5dmgxc3dMMlZZRlBJcWlTVnpCTTZnSUIvSVhCTQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgQWRJTVQ3ODN5NmllaXRzL0Y1NE1jZ1NZNmJXUFJSUU9qRGFn +aTBKVzlETQptUHlNeDJxcW5qcWVxYVBpb3docHdjM0pyaXErTzdRMTFuQnJVZjhJ +akc4Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBMY1NDelF0NUlERjdFTWhwMGxJdnR3 +NzBQWG1tbHhEYmdwQWtYeHgyNVZ3CkNzR3JySUxPUXJTMVJ1R2ZRZHpkNjZLcEZU +U2pWaTIyS0lyTloyeDdGKzQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9QeWRVUXZE +NDNFS1Fmck5mRWc2bVlDeHh1VW11K1BONU9KSit0dkZCbTgKMmo0VVcyR09oeVBC +RkpyeFpOcVZUaitCL0pvclhmL2JLZE9nSFJYanJVOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgY1gxbkNxTEtXV2F3WWQraXJFMGkwQWZBazNKVTdNZTI3VG10L0hkTzN4 +YwpJcDYvRUxwQnVzSEVEbWNtOGVicm1aVURoZDBxR214dTUyVjdudjBjamFJCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBKcUs5TTE2Mk45SmgrWTRpMXZVb2YycCtldTRD +UWt5T0J2Q1NGRU5BVTJJCk5RYlFVMk1Jai9KYzhOQUtobGFnZlhaWmhQSGxFcmpY +aG01aXFGQ09PdGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIENnbEo4UXZWRldwcDZq +ank4aFlZa01KWTFURUo5ZXJ5aGMxcXNwTDM1R0kKcFJpN2QzcVdNcHJIbXIrMHF0 +Q1RROFV3NCt4RW1BVjVmVTV4U01OSW8zOAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +SGtkdTUrTDd2ZU0zeTR3L3VLbWlqWElRUlQ5QmxCcmNMWm9qMk41aUEyMApKSHF5 +VlpjUXRTQWJ2bmRhOTZ3Wk5DbktiVmpwaS9EQ0hEckordTFwSUhRCi0+IDVwSS1n +cmVhc2UgRVo1IEguX2EKa3p5cCt2WjYwWDB1TXNMeU9FTG1LRFQ1NTd6VlA3eDVU +Vys4NFRJckdVcVdialVKV2hyUk5uK0J6SkJTYzZHdApaZlkKLS0tIDMxSmJtLzZD +T0NQaWlEcVY0eTBFVVVKVUkwRnlNbDdnNEl4Qk5jY2FWNnMKUzvOMuRTZl8GtwWB +GUg2RISUPDZ3kmzzN6gUe2NlJfzSE/dW3zYuSZQ8qFXPLp6JTsJlfNmPqV4KTwOu +y0a1GymZ3/q29nOSIuAW9Dgi/t8yBpHnQn7hp1ptOM9KZBCrEqwY4j5q+uSwPQwY +R+vqTRjL3UA/z0Q= +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/openwebui_env.age b/common/secrets/secrets/openwebui_env.age new file mode 100644 index 00000000..66eee181 --- /dev/null +++ b/common/secrets/secrets/openwebui_env.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBORVRn +WmpIQStaRnV3QU9wMStQWHJMTklhb21nM3YyRE1xdWNxcWZEelRnCnZvckQ1K0hE +UkNyZGIvTFhpU1JtcXgzTy9QK2hhV2JYcm9nczJSbXgyS1kKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIFU4QndCcjhFbG05M1prbGkwcFlYWU1WT1NkU3ZCZ09SQm9sMERC +OGZnMGMKbnBqNzd2dnBQT3R2YXBraEZKVFBJeHJXU1RhOWwwNHdGbC95TzhDM1g4 +MAotPiBzc2gtZWQyNTUxOSA5di8ySEEgOGdMRXZ4cnd0VFdxNlBHYlI0S2pCTkZo +dGtnUm4vaGFQanpKMFRjVjdHSQo1aStST0hFdkR4T0syekFZZXM1b1JBbXV4bFB0 +RVIyRG0raEZDVmt3L3owCi0+IGxLPUBZOS1ncmVhc2UgOyAqIH06U1EgQCRXdn1K +CnpSdjUwaDI1eWE3ckNBCi0tLSB2ZTJVTHphZVhBQndhUU1GZTYvYlFMT3h6cVRE +SzBoK2sySStmWm9SSnU4CjTkglKu9/CMRrbdagHF1uNxTOBSthOhyAgfcHLXHwXe +dtZiEnev479tMoIo2OXi5ODZpz1LTCkBMO0yRY6JlmNVlwpByNJkyij5bwXbUiPy +Mk9airOI/s5fIEIStb6ei8TMgy68trToK8JUmBtK8JzL9fkJDET9YyQh8N3BTUMR +8M2cUXX1qFjP7dyRDOQiq3LQEKpywUIuGNASDw== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/secrets.nix b/common/secrets/secrets/secrets.nix new file mode 100644 index 00000000..b402367c --- /dev/null +++ b/common/secrets/secrets/secrets.nix @@ -0,0 +1,135 @@ +## To onboard a new machine, you must use a machine that is already onboarded, or the backup authority key saved in a secure location +## Once the new machine is setup at least once, then we can generate/fetch ssh keys from it and add to this list. Then rekey the secrets and commit the changes and pull down from the nix repo + +# System key: `cat /etc/ssh/ssh_host_ed25519_key.pub` +# +# from authority +# `nix run github:yaxitech/ragenix -- -i ~/.ssh/ragenix_authority --rules ~/.config/nixos-config/common/secrets/secrets.nix` <-r(eykey)|-e(edit) > + +let + authorityKey = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdG4tG18VeuEr/g4GM7HWUzHuUVcR9k6oS3TPBs4JRF authority" + ]; + + gpdPocket3 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzAQ2Dzl8EvQtYLjEZS5K0bQeNop8QRkwrfxMkBagW2 root@gpdPocket3" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIr/aS0qyn5hCLR6wH1P2GhH3hGOqniewMkIseGZ23HB josh@gpdPocket3" + ]; + + lio = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGp6oInUcGVnDl5axV1EHflMfZUiHxtqNa4eAuye/av root@lio" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxNhtJNx/y4W54kAGmm2pF80l437z1RLWl/GTVKy0Pd josh@lio" + ]; + + joe = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4PwrrOuZJWRjlc2dKBUKKE4ybqifJeVOn7x9J5IxIS josh@joe" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+GYfPPKxR/18RdD736G7IQhImX/CYU3A+Gifud3CHg root@joe" + ]; + + oren = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7bNX7R9ApoX/cHdXIhQdpA2sHrC9ii6VAulboAIJM2 root@oren" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICauUtSa71+oQAiLxp3GMMbmNXcbr9Mc7eK8b/lqZbbS josh@oren" + ]; + + h001 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGTAz6n35c3r8kSuWJM1JzMVx6jK+0EBwpJA5eTIvy3N root@h001" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICRHer3NrJiklp4oDNRCzDxc9fXpXn5rPAXGFce8ugy2 luser@h001" + ]; + + h002 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9GW9W3DT9AqTonG5rDta3ziZdYOEEdukh2ErJfHxoP root@h002" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC60tzOVF0mcyfnYK2V/omzikuyE8Ol0K+yAjGxBV7q4 luser@h002" + ]; + + h003 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHsV5r9sWYgrr9t9p12Epzm6WtxN/XsKSCb46+ODQvVT root@h003" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILQLt2Hc+CN6+e7/sf3Fv0FQlp6+yrIbIJ/J9AdnJCjI luser@h003" + ]; + + trustedKeys = authorityKey ++ gpdPocket3 ++ lio ++ joe ++ oren ++ h001 ++ h002 ++ h003; + + o001 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrwvahx1x4rue28QHCzyADQndOeTESIv80f7d00NXWT root@o001" + ]; +in +{ + ## To make a new secret: + # - FIRST add file below that you want to create + # - cd to the secrets directory here + # - `ragenix --editor=vi -v -e FILE.age` add file below and in the ragenix.nix file + # + # TODO come up with a rotate method/encrypt the device keys better. This isn't very secure feeling to me the way I am doing this now. If anyone gains access to any one of my devices, then my secrets are no longer secret. This is not a good model. + + # Git keys + "nix2github.age" = { + publicKeys = trustedKeys; + }; + "nix2bitbucket.age" = { + publicKeys = trustedKeys; + }; + "nix2gitforgejo.age" = { + publicKeys = trustedKeys; + }; + "nix2gitjosh.age" = { + publicKeys = trustedKeys; + }; + "nix2nix.age" = { + publicKeys = trustedKeys; + }; + # Server keys + "nix2h001.age" = { + publicKeys = trustedKeys; + }; + "nix2h002.age" = { + publicKeys = trustedKeys; + }; + "nix2h003.age" = { + publicKeys = trustedKeys; + }; + "nix2joe.age" = { + publicKeys = trustedKeys; + }; + "nix2gpdPocket3.age" = { + publicKeys = trustedKeys; + }; + "nix2t.age" = { + publicKeys = trustedKeys; + }; + "nix2l002.age" = { + publicKeys = trustedKeys; + }; + "nix2linode.age" = { + publicKeys = trustedKeys; + }; + "nix2oracle.age" = { + publicKeys = trustedKeys; + }; + "nix2lio.age" = { + publicKeys = trustedKeys; + }; + "nix2oren.age" = { + publicKeys = trustedKeys; + }; + # Others + "github_read_token.age" = { + publicKeys = trustedKeys; + }; + "headscale_auth.age" = { + publicKeys = trustedKeys; + }; + # "obsidian_sync_env.age" = { + # publicKeys = trustedKeys; + # }; + "us_chi_wg.age" = { + publicKeys = trustedKeys; + }; + "zitadel_master_key.age" = { + publicKeys = authorityKey ++ h001; + }; + "openwebui_env.age" = { + publicKeys = authorityKey ++ h001; + }; + "vaultwarden_env.age" = { + publicKeys = authorityKey ++ o001; + }; +} diff --git a/common/secrets/secrets/us_chi_wg.age b/common/secrets/secrets/us_chi_wg.age new file mode 100644 index 00000000..94a440bd --- /dev/null +++ b/common/secrets/secrets/us_chi_wg.age @@ -0,0 +1,46 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBFazhx +VVN3VXgrWXdWZzNwOHdIVzZSSTlRa2lEYjhXRzlCWXZhMmQ2QXdzCms5MmpGZ0hW +c3JYM25mNWliNHlxNG14ZHppcWU3QmhxVHVwS0QwaWNaN0kKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIE5Cd0M1S0ZCWTVXZ2lLR3NzV2lTb3dubHRyQmlsMDF2TFZLM1B2 +bnBMaGMKSE9ad3BrSEF1T0g2bkN5SjAxOEdjSytIWGxSN0t4ZDlQSkpVRzE5ellm +QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgYllQVWlYUnZ2cjJ5N0t2WFJWMG5ReG03 +V3pkSzFEK2syRzd5R0NyVFdEdwpNODJLenpIZVByL0hPSEFFbG1FVnBpeU1relhl +R1dpamwwV1JoWG9CNmprCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFTSt3Z2UrQStY +Vk5LeXFETkdmeXdGSVcwTlA4bzJKK2poZFNUL1Qvb1NFClpIUHVWV3Q0RTViRzBI +aG5QTTZCazUralExS0NRUWF0cVNZTlZIaC9mQ0kKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDF4Z1RmZkJrblIrQ1NqU0hDNWpPYS9sUUJJTWFQOGNJejduTkdLbFBJQ2MK +b3hXd09EaGNPaUQ5ZnIyNHlpK2hSWm5WV0lERm5xcWQxa3hGaDVTRzFYVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgY09RbXM3WmlDMVVRMTdKRjN6aktFY20zNjJmMFBY +ajQ1VjRwQXVqRkN6WQpiaDdRNmtBUy8xMksyQld5bTMzTXlMVnhQQzU2a1RQdE5z +dGhpWWxXRThNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBTQzhUY01rOFlCV1ZQbGhJ +dGFTK00wZnNyRGVYNjQ5T3dtZENDSHpycUdzCjNZNVd5dWkrWG9lMWdhZVJQUE4w +SHl4dmpwU25PSDZWVkZUTjZtWmNhSjgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEFH +WmNFL1ZYazFZNVB0R1JYTFpBNk50U0VWazBhOGh2SDhHdGlwRWdSeHMKemUwNXN0 +aEdMdGJVZmdpWFN2Zm1BT2wrQzFBR0hIUi85ZHFSSVd3NklXMAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgejVkVURQd3hrQ2pyMU9MVG9VTG9VZmtKbmtDZHU0RjdHM2lz +c2VTTy9FYwpUZTBkaU1rQmsxaWRzTjhvdis2VUZJV09Vb3g2VTNNVHN0Z1llazRL +U0VBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBrRXNWcHk2akc1bVZBbitQcUlLYU5B +cmRnSWM2dkVKU1p3dk1ueUo0bUc0CmEzdjF0dUgrOXhETWRDaGlDQU4zTWxXNXBS +TUs4V3U5VWNNczNTVDNLb00KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIERULzFFSERl +b2ZNa2tzSDhZbDVJb0RndDFBRzlBc2dxcWJMcmcrMFJUaDQKY25kejI4VDVrYkUx +OWo2M0hLRFBLNi9HeXc1elVVTTY5Q094RFUxQUlTUQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgTlpTeVFPOUFMc0hNNkZJZGxJSVltS0JEVnFoRWNBWGpLUVNwR1pPZXlT +YwpUTjJPak8xTWtlUEdFNDZhMVBxWE5xMGZlUFFmQlpkWkh5UDdqeW1SeHlRCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBZVWtxQWNwcDdxMUdtSVNzT3hkNjMvVXUzd1Vp +bXp2YTVOOGFyMDJPV0dzClhkZXNpbGVLUGV4SE5CSDIzYTNRRkg0ZXh0MEdDNnhz +aEtReUJES3ZsbWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE1iRkpLbzJnZFVObkNQ +SzI5K3krcjJvMDNhRXduWFhXd2RWUDBTdWpVaHMKMnFlRGFsSnlTMStZbnhYeG5U +Yng1TXZOTSswc1FXY00wSTErUzNDTzhvawotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +QVFhZlJhRjNsdndHa0RPaVJoYUMrNTRoY29iUWNXdXJvS0hBb3VMU0oydwp0dmdo +amFxNGJnanRCREt3ZFhld0M4UFk1WmM2RmJmVTY4b0g0RkJXYnJVCi0+IGgnMTZv +d2dGLWdyZWFzZSBQMkEKbThTYkxNa3YwK2xXbUhxb2RqQnd6UUl6a0JVcnVPR050 +ZFZCNmpjCi0tLSA0QVdjZEIrOWhUaVpHNytqY0h3eExLVWc0djlDRWtQVEZuWHM5 +YlVydnljCo/0r5CGdm/VW7wxgZhkhisHJbstH3r3YrghiSORsBwxX+GaKIziS1ns +MyRg6TWoWjIUe4epfGzqton35ekvrXWxGlLCuIkQgY1frgPTE4kZdm/T1pqzZpQ0 +4vZkl7nVd4k9oayv2LfpN8loG8npcwLfSKeVFCEooTOs+M3eH+wCEUd4r+TjfG3D +ZT2eAX9HethENX4GQxN+RQagyWOlnZVpf6QYnwg/bzRGtRSDLVYqmLJd5BbOrON7 +XN65I5DX2kBGtB3Y3F15hHjGxHFyded4bO9w/SF+jOM+yGnTnTQ1G7FSw0T8dwWo +7laPDx5WSM1zop0jLJ5iyZjNWJJt/j8t9FBGdqxtPUxP4jPVTTEiYJbtTauZtRUN +rc3UbQvDJTArGbwAQsTlYuMd59oIy2+cgpYHyhW2cPixL/VHxRYupNWj8g== +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/vaultwarden_env.age b/common/secrets/secrets/vaultwarden_env.age new file mode 100644 index 00000000..083ba6ce --- /dev/null +++ b/common/secrets/secrets/vaultwarden_env.age @@ -0,0 +1,20 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBMZ0VT +QWNCOUNSZ3ZPcmFFcXMvZkFqMVkxV1dRSDNLOTFzUExoc0F3dENFCldFZHdNSDdm +ZUR2eC94Y0cyRWJnTTRnSTlTRUlUSHlLS09IS2ZwZmVhOU0KLT4gc3NoLWVkMjU1 +MTkgc2EwSmpnIGlNaHFLQ0tZeFFLR1ZPZnpCbHEzdlZXWUxjWFNmMUdMVjdQUHlJ +cTJUVkEKcERQMVNNcmxQekUra2tUNUhyVTAxVThSb3RPRFBOOWMwRlFqUnRQQm13 +RQotPiAiXzVSX3wtZ3JlYXNlICpQMQpHUk5aSHJPRnNjQVR4Y2Q2TkhzU01SWWhh +TjBpb1JXbVFwSUxlT1BObEg0N2syNUJjUlc2TVJueVlyTXJRckQwCnhNOUZIVlVh +UG96d0pibVJsdmdNekJFUHg0NXFpa1JSd2lBdzN2S2JxenVMNVpWQ2hxRXlWUjFy +TWcKLS0tIG1QMHV3VW5VM25QVW80aUZOeEpTNG1qYksvQnE5emhBdzBuM2VMZE5n +VTQK6avsHayBgGGdjkwRORdaAz8mwLcxvI3YCMYwXjXCvJmIvlQerUEkDOU9D8sL +I+aSD5YCoHoJ5FsIOox5WWYEVcPxR/y1G2m3pAhZh1ner0Ckw29gsjdmckNwtSSr +tTrSve34ZEij1O7gfO30hW+Kd4579QWH/diFTrP88DjopqsaTWyh+A5A3WP6NxhJ +U0uL5RIPPGCMs0peqZG1Y44KRlt79hKELop4CwyF/06a3Oxuze5vifGl7+mogq0A +Xp3NgWR5AM2Fu+NfEQDUHU1R/CpyY6+VcTZWi8iu0/XfEiIQ4n5JSYNtd3ZL0ldL +WRoNdpA04IiCWM7fnRdDRVRGw9bDJ840oeBiSvbRqIt+uykEndEzKCxXh/jWvP+X +tBj05Rt2Qj3xAsq7yzsvK7vzacjV8fU2kNpxDvhVLQO8TBI5z7Sofu4Cy2fFY1F7 +J7JABO+kciZ23gdEofrHusv3oZvu2eQ5PO1FXCSsZzalum2cWWou11QDi3Vt65kN +wjleyKCDx4a68n7IoS2GOCpDw/G0ACmHrTSnztaO +-----END AGE ENCRYPTED FILE----- diff --git a/common/secrets/secrets/zitadel_master_key.age b/common/secrets/secrets/zitadel_master_key.age new file mode 100644 index 00000000..3b07b559 --- /dev/null +++ b/common/secrets/secrets/zitadel_master_key.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAyWGFw +bUJNQkwvcjRKUWU5WWozTWZHb21IdDNlT0VwK21LQ2FZNEJWWWxJCjBBUDV4MkRt +Y3F5TWVMN0xLMjBibkJMcmUwdEwxM2pONUlLSU1EOXV5dXMKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIGJPcEx2TnFZZjVicDlYaVdwRmJHSnIvZlpRNkx5RG8zVmZTaTFq +bmkwM1kKK0o3ZVViNnBjS2NZbFV4TERBczJNQWxtWU1IYTNoL1EzQlNxWHhFNDZL +TQotPiBzc2gtZWQyNTUxOSA5di8ySEEgZm5nYXdJMElxVTE4TnVnY0xSVFVtMXFs +NTNobnI1MjdMNDhWRmpkL1BnSQpXRHcwSVVCajFhQlp4N2J5VGhKc3E2eHpYZmd6 +TlU2MXdtdmNrSUJpZjFFCi0+IG5wImA0LWdyZWFzZQpuSHRTckxXVTd4eTFETWE4 +MEQ0QXNaTzhSTmFOdjI5Vyt1bDVRU1k5dExiUVk3bEdCeGN2UFV4Y3RTR1MvalNn +CkhHWFF4TGtPcktieDZnQTRkdk9ndnllU05zSVlMOWh0R1ZncUlWNy9WZURiCi0t +LSAxdW84VUg5d21jT2hrNEJ0NlBES1NRRjU4b05JQW80dk9IL29LZGlST0FjCnt8 +t+yvFWU0LlFGAWmLc9i4XFUpexZf8rC2bfw3FkNPuCzAyvbowhBJnGkqK+2C+mtL +za43EsGaLvA5s8ObhLw= +-----END AGE ENCRYPTED FILE----- diff --git a/common/users/default.nix b/common/users/default.nix new file mode 100644 index 00000000..8561d8db --- /dev/null +++ b/common/users/default.nix @@ -0,0 +1,56 @@ +{ + config, + lib, + ... +}: +let + ccfg = import ../config.nix; + cfg_path = [ + ccfg.custom_config_key + "users" + ]; + cfg = lib.attrsets.getAttrFromPath cfg_path config; + top_cfg = config.${ccfg.custom_config_key}; +in +{ + options = + { } + // lib.attrsets.setAttrByPath cfg_path { + admins = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + example = [ "josh" ]; + description = '' + List of users to be added to the system. + ''; + }; + primary = lib.mkOption { + type = lib.types.str; + default = lib.optionalString (cfg.admins != [ ] && cfg.admins != null) ( + builtins.elemAt cfg.admins 0 + ); + description = "The primary user of the system."; + }; + users = lib.mkOption { + type = lib.types.attrsOf lib.types.attrs; + default = { }; + description = "Normal users to configure (not for system users). Should match nix options of users.userser..*"; + }; + }; + config = { + users.users = lib.mapAttrs ( + name: userConfig: + userConfig + // { + inherit name; + isNormalUser = lib.mkIf (name != "root") true; + initialPassword = + if (lib.hasAttr "initialPassword" userConfig) then userConfig.initialPassword else "password1"; + extraGroups = + lib.optionals (builtins.elem name cfg.admins) [ "wheel" ] ++ (userConfig.extraGroups or [ ]); + } + ) cfg.users; + + programs.nh.flake = lib.mkIf (lib.hasAttr "primary" cfg) "/home/${cfg.primary}/.config/nixos-config/hosts/${top_cfg.systemName}"; + }; +} diff --git a/flake.lock b/flake.lock index 2ddab254..d32edcbb 100644 --- a/flake.lock +++ b/flake.lock @@ -3,7 +3,7 @@ "agenix": { "inputs": { "darwin": "darwin", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "nixpkgs": [ "ragenix", "nixpkgs" @@ -11,11 +11,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1707830867, - "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", "owner": "ryantm", "repo": "agenix", - "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", "type": "github" }, "original": { @@ -25,18 +25,12 @@ } }, "crane": { - "inputs": { - "nixpkgs": [ - "ragenix", - "nixpkgs" - ] - }, "locked": { - "lastModified": 1708794349, - "narHash": "sha256-jX+B1VGHT0ruHHL5RwS8L21R6miBn4B6s9iVyUJsJJY=", + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", "owner": "ipetkov", "repo": "crane", - "rev": "2c94ff9a6fbeb9f3ea0107f28688edbe9c81deaa", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", "type": "github" }, "original": { @@ -73,11 +67,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -87,6 +81,25 @@ } }, "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1758313341, + "narHash": "sha256-SsI6INUzWwPcRKRaxvi50RttnD9rcC4EjV+67TOEfrQ=", + "owner": "rycee", + "repo": "home-manager", + "rev": "6f656618ebc71ca82d93d306a8aecb2c5f6f2ab2", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "ragenix", @@ -108,39 +121,67 @@ "type": "github" } }, - "nixpkgs": { + "nix-flatpak": { "locked": { - "lastModified": 1711668574, - "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659", + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-23.11", + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, - "nypkgs": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, + "nixpkgs_2": { "locked": { - "lastModified": 1711646165, - "narHash": "sha256-Df/834E2M5Qc+jKb/LqraoPjjz1k1oCoL5PQB/1aT44=", - "owner": "yunfachi", - "repo": "nypkgs", - "rev": "a99e5f398dc27ee06a3a57c88b65a6869f426795", + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", "type": "github" }, "original": { - "owner": "yunfachi", - "repo": "nypkgs", + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", "type": "github" } }, @@ -149,17 +190,15 @@ "agenix": "agenix", "crane": "crane", "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1709831932, - "narHash": "sha256-WsP8rOFa/SqYNbVtYJ/l2mWWOgyDTJFbITMV8tv0biI=", + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", "owner": "yaxitech", "repo": "ragenix", - "rev": "06de099ef02840ec463419f12de73729d458e1eb", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", "type": "github" }, "original": { @@ -170,28 +209,25 @@ }, "root": { "inputs": { - "nixpkgs": "nixpkgs", - "nypkgs": "nypkgs", + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_2", "ragenix": "ragenix" } }, "rust-overlay": { "inputs": { - "flake-utils": [ - "ragenix", - "flake-utils" - ], "nixpkgs": [ "ragenix", "nixpkgs" ] }, "locked": { - "lastModified": 1708740535, - "narHash": "sha256-NCTw235XwSDbeTAtAwg/hOeNOgwYhVq7JjDdbkOgBeA=", + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "9b24383d77f598716fa0cbb8b48c97249f5ee1af", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b7b00065..8dab2ba6 100644 --- a/flake.nix +++ b/flake.nix @@ -1,119 +1,73 @@ { - description = "My systems flake"; - inputs = { - # Nix utility methods - nypkgs = { - url = "github:yunfachi/nypkgs"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - # Secrets management for nix - ragenix = { - url = "github:yaxitech/ragenix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - # Pinned nix version - nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-23.11"; - - # TODO - # home-manager = { }; + # Manually synced with common/flake.nix inputs + # ===== + home-manager.url = "github:rycee/home-manager/release-25.05"; + ragenix.url = "github:yaxitech/ragenix"; + nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; + # ====== }; - outputs = { self, nypkgs, nixpkgs, ... } @ inputs: + outputs = + { + nixpkgs, + home-manager, + ragenix, + nix-flatpak, + ... + }@inputs: let - nixConfigs = [ - { - name = "gpdPocket3"; - opts = { - system = "x86_64-linux"; - }; - settings = { - user = { - username = "josh"; - git = { - email = "ringofstorms@gmail.com"; - name = "RingOfStorms (Joshua Bell)"; - }; - }; - }; - } - { - name = "joe"; - opts = { - system = "x86_64-linux"; - }; - settings = { - user = { - username = "josh"; - git = { - email = "ringofstorms@gmail.com"; - name = "RingOfStorms (Joshua Bell)"; - }; - }; - }; - } - ]; + # Utilities + inherit (nixpkgs) lib; + # Define the systems to support: https://github.com/NixOS/nixpkgs/blob/master/lib/systems/flake-systems.nix + forAllSystems = lib.genAttrs lib.systems.flakeExposed; + # Create a mapping from system to corresponding nixpkgs : https://nixos.wiki/wiki/Overlays#In_a_Nix_flake + nixpkgsFor = forAllSystems (system: nixpkgs.legacyPackages.${system}); - directories = { - flakeDir = ./.; - publicsDir = ./publics; - secretsDir = ./secrets; - systemsDir = ./systems; - usersDir = ./users; - }; + commonFlake = (import ./common/flake.nix).outputs inputs; in { - nixosConfigurations = builtins.foldl' - (acc: nixConfig: - acc // { - "${nixConfig.name}" = nixpkgs.lib.nixosSystem - { - modules = [ ./systems/_common/configuration.nix ./systems/${nixConfig.name}/configuration.nix ]; - specialArgs = inputs // { - ylib = nypkgs.legacyPackages.${nixConfig.opts.system}.lib; - settings = directories // nixConfig.settings // { - system = nixConfig.opts // { - hostname = nixConfig.name; - }; - }; - }; - } // nixConfig.opts; - }) - { } - nixConfigs; - - # nixosConfigurations = { - # gpdPocket3 = nixosSystem { - # system = "x86_64-linux"; - # modules = [ ./systems/_common/configuration.nix ./systems/gpdPocket3/configuration.nix ]; - # specialArgs = inputs // { - # inherit ylib; - # settings = directories // { - # system = { - # # TODO remove these probably not needed anymore with per machine specified here - # hostname = "gpdPocket3"; - # architecture = "x86_64-linux"; - # }; - # }; - # }; - # }; - # joe = nixosSystem { - # system = "x86_64-linux"; - # modules = [ ./systems/_common/configuration.nix ./systems/joe/configuration.nix ]; - # specialArgs = inputs // { - # inherit ylib; - # settings = directories // { - # system = { - # # TODO remove these probably not needed anymore with per machine specified here - # hostname = "joe"; - # architecture = "x86_64-linux"; - # }; - # }; - # }; - # }; - # }; - # homeConfigurations = { }; - }; + devShells = forAllSystems ( + system: + let + pkgs = nixpkgsFor.${system}; + deploy_linode = pkgs.writeShellScriptBin "deploy_linode" '' + cwd=$(pwd) + root=$(git rev-parse --show-toplevel) + if [ ! -d "$root/hosts/linode/$1" ]; then + echo "Host $1 does not exist" + exit 1 + fi + cd "$root/hosts/linode/$1" + echo "Deploying linode $(basename "$(pwd)")..." + deploy + cd "$cwd" + ''; + deploy_oracle = pkgs.writeShellScriptBin "deploy_oracle" '' + cwd=$(pwd) + root=$(git rev-parse --show-toplevel) + if [ ! -d "$root/hosts/oracle/$1" ]; then + echo "Host $1 does not exist" + exit 1 + fi + cd "$root/hosts/oracle/$1" + echo "Deploying oracle $(basename "$(pwd)")..." + deploy + cd "$cwd" + ''; + in + { + default = pkgs.mkShell { + nativeBuildInputs = with pkgs; [ + deploy_oracle + deploy_linode + deploy-rs + ]; + }; + } + ); + } + // commonFlake; } diff --git a/hosts/gpdPocket3/configuration.nix b/hosts/gpdPocket3/configuration.nix new file mode 100644 index 00000000..972eb8e4 --- /dev/null +++ b/hosts/gpdPocket3/configuration.nix @@ -0,0 +1,84 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + # machine specific configuration + # ============================== + hardware.enableAllFirmware = true; + # Connectivity + networking.networkmanager.enable = true; + hardware.bluetooth.enable = true; + environment.shellAliases = { + wifi = "nmtui"; + }; + + environment.systemPackages = with pkgs; [ + # [Laptop] Battery status + acpi + # for kvm video playback + ffmpeg + ]; + environment.shellAliases = { + battery = "acpi"; + }; + # [Laptop] screens with brightness settings + programs.light.enable = true; + + console = { + # We want to be able to read the screen so use a 32 sized font on this tiny panel + font = "${pkgs.terminus_font}/share/consolefonts/ter-132n.psf.gz"; + }; + + # ======== + + # FINGERPRINTS for the sensor on GPD P3 do not work on linux yet: todo find the source of this again online for tracking... + # Attempting to get fingerprint scanner to work... having issues though, no device detected with all methods + # services.fprintd = { + # enable = true; + # tod = { + # enable = true; + # driver = pkgs.libfprint-2-tod1-elan; + # }; + # }; + + # accelerometer + hardware.sensor.iio.enable = true; + + # TODO evaluate if any of this kernal/hardware stuff is actually needed for our pocket. This is a hodge podge of shit from online + # The GPD Pocket3 uses a tablet OLED display, that is mounted rotated 90° counter-clockwise. + # This requires cusotm kernal params. + boot.kernelParams = [ + "video=DSI-1:panel_orientation=right_side_up" + "fbcon=rotate:1" + "mem_sleep_default=s2idel" + ]; + boot.kernelModules = [ "btusb" ]; + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "usbhid" + ]; + services.xserver.videoDrivers = [ "modesetting" ]; + hardware.graphics.enable = true; + hardware.graphics.extraPackages = with pkgs; [ + intel-media-driver + intel-vaapi-driver + ]; + # Stuff from https://github.com/NixOS/nixos-hardware/blob/9a763a7acc4cfbb8603bb0231fec3eda864f81c0/gpd/pocket-3/default.nix + services.fstrim.enable = true; + services.libinput.enable = true; + services.tlp.enable = lib.mkDefault ( + (lib.versionOlder (lib.versions.majorMinor lib.version) "21.05") + || !config.services.power-profiles-daemon.enable + ); + + # KVM module video + environment.shellAliases = { + kvm = "ffplay -i /dev/video2"; + }; + + system.stateVersion = "23.11"; +} diff --git a/hosts/gpdPocket3/flake.lock b/hosts/gpdPocket3/flake.lock new file mode 100644 index 00000000..a143d329 --- /dev/null +++ b/hosts/gpdPocket3/flake.lock @@ -0,0 +1,1333 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "nixpkgs-unstable": "nixpkgs-unstable", + "opencode": "opencode", + "ragenix": "ragenix" + }, + "locked": { + "path": "../../common", + "type": "path" + }, + "original": { + "path": "../../common", + "type": "path" + }, + "parent": [] + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "owner": "rycee", + "repo": "home-manager", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1753694789, + "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1751582995, + "narHash": "sha256-u7ubvtxdTnFPpV27AHpgoKn7qHuE7sgWgza/1oj5nzA=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "7a732ed41ca0dd64b4b71b563ab9805a80a7d693", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1750188666, + "narHash": "sha256-yAfLvtbCzSigTfbsJeOrvljS7VYLAwi2RZ6F+qd+A5E=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "aa36c6c05d04f90cf890f87845be9380cf7b83c2", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1750069301, + "narHash": "sha256-lIAsudDunKOY69r00czO+rmMbM+woIdIGroT4dUZAFc=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "5df0b668d23c05c173f6bc79bb19642215b8b66a", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1749564222, + "narHash": "sha256-StttV19d5gWbFPxerCOX3dXIaRwg1oeUANIbNztALps=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "fb525166ccc30296fb3457441eb979113de46b00", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1749846779, + "narHash": "sha256-j1aslQ3SPD9ZuhQDEt9e5GD+VZ6N6Re7IjVFXycaxWI=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "76f7ce56ccb913632745714f160faa53164c5574", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1748637634, + "narHash": "sha256-sDjG6fjnQsyYtdf7xpmOW193e7USh6ghrFzo6NoLyP8=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "5d8b1bef686db0fabe5f1bb593744b617e8f1405", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1750179699, + "narHash": "sha256-EGt75z/NbjzDXxsyXT9Qj2wWOf06ijUr1If5ljmfLqo=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "45fd6c22f30487586c771072dc8c5230931e4c7b", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1749271780, + "narHash": "sha256-wt/Ybjgr4N80B+QsyANs1QezM7PpFceUWSweRFgkhl0=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "fa42eb5e26819ef58884257d5ae95dd0552b9a66", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1750108178, + "narHash": "sha256-3I7Xup+v9Yq9/nJQ1F5CDW99oFQcxbinv7VQcKeA16Y=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "d9ffd8f70ed6d466cecd3e7e2dd1425b0010932f", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1743496195, + "narHash": "sha256-iaihXNCF5bB5MdeoosD/kc3QtpA/QaIDZVLiLIurBSM=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "a8912b88ce488f411177fc8aed358b04dc246d7b", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1743497173, + "narHash": "sha256-thppiiV3wjIaZnAXmsh7j3DUc6ceSCvGzviwFUnoPaI=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c6635aae33a50d6010bf1aa756ac2398a2d54c32", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1738817426, + "narHash": "sha256-AFUx/ZQVWV7s5Wlppjk6N9QXoJKNKqxtf990FFlTEhw=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "d9ba6b7bfe29b3119a610892af67602641da778e", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1750058704, + "narHash": "sha256-V9aXXR9ZP2G/XInHt07RylC4rS+AyMXAAfODvC6pVxw=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "88205953bd748322b49b26e1dfb0389932520dc9", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1750160168, + "narHash": "sha256-hzFX5mZRxTDDIp/iBVl4lqEaQryLQOe7jFJmXDwq4J8=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "b9a989191b3a97c9316a0efea02341c4cdab845a", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1741878850, + "narHash": "sha256-HGf4Toe+12YZtIalvANDXAtksCsnxQkZbcevOAnl5G4=", + "owner": "mbbill", + "repo": "undotree", + "rev": "b951b87b46c34356d44aa71886aecf9dd7f5788a", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1749731021, + "narHash": "sha256-V4JJ1VQXoIsUBTxe6ykbkyo6LxEAr+QEIqIV3mA9phs=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "2b0039b8be9583704591a13129c600891ac2c596", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1750024924, + "narHash": "sha256-gmOqCnSLGDNerXyuuNhkyL/pSJitnyqBdWC3LejZoS4=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "2fdf224107e5bc29fb5c3a175f5f2c9161b34741", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1750169575, + "narHash": "sha256-lJWMFgQLQhKUuv50WrYXlJ3TFqT04nVbmcBGVDaSz0k=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "99d3a0f26bfe402f45257c1398287aef252cbe2d", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1748880705, + "narHash": "sha256-eTnVFOR7FHlkU9kwrk3q3pNo/U8OR2gJrnrMUQKGi2A=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "6e893c32ff7c5b8d0d501b748c525fa53963fb35", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1739311008, + "narHash": "sha256-8FV5RjF7QbDmQOQynpK7uRKONKbPRYbOPugf9ZxNvUs=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "857c5ac632080dba10aae49dba902ce3abf91b35", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1749383457, + "narHash": "sha256-2aPgA7riA/FubQpTkqsxLKl7OZ8L6FkucNHc2QEx2HQ=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "a94fc68960665e54408fe37dcf573193c4ce82c9", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1750040034, + "narHash": "sha256-NHcU3c+1pLeypHr9xXKmqvdwB1QM/vj5axzjpFEQCLQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "7bf55ed0ff5be182ad3301cff266581fc1c56cce", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1750143568, + "narHash": "sha256-E2YdGlvvpnT/PiayfQldwpbCnjsyNDcoTzxgMf2ajV8=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "d54a1875a91e1a705795ea26074795210b92ce7f", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1747360641, + "narHash": "sha256-+RHeFaeCF/iwAf8qAOjbEIl3YcnrBMVfkQnnzDNhyTA=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "1fb58cca9aebbc4fd32b086cb413548ce132c127", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1749893617, + "narHash": "sha256-QJAfpVdTHTxjUgggQekRLvNYuvG12gjtfTGybfcFdyo=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "1a1a7c5d6d75cb49bf64049dafab15ebe294a79f", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1744548826, + "narHash": "sha256-m4dQ8KuMhbEpRh6zLTlIUDN9ojFj69LZnXXLepmdFI8=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "b5825cf9ee881dd8e43309c93374ed5b87b7a896", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1749967462, + "narHash": "sha256-1pIGu/GJ4FiMH/yHhoo6Gu0HLC3rFQiesJBuv8uE7Vw=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "fffb13dcbe8731b8650e5bf1caa749a485d20556", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1749498876, + "narHash": "sha256-n1IPUNwD14WlDU4zbgfJuhXQcVMt8oc4wCuUJBPJ+y4=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "8132ec733eed3bf415b97b76797ca41b59f51d7d", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-supermaven-inc/supermaven-nvim": { + "flake": false, + "locked": { + "lastModified": 1728314930, + "narHash": "sha256-1z3WKIiikQqoweReUyK5O8MWSRN5y95qcxM6qzlKMME=", + "owner": "supermaven-inc", + "repo": "supermaven-nvim", + "rev": "07d20fce48a5629686aefb0a7cd4b25e33947d50", + "type": "github" + }, + "original": { + "owner": "supermaven-inc", + "repo": "supermaven-nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1739910276, + "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1749137204, + "narHash": "sha256-qxHpIsFFLDG/jtk6e1hkOZgDSRA5Q0+DMxxAxckNhIc=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "c1bb86abbed1a52a11ab3944ef00c8410520543d", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "opencode": { + "flake": false, + "locked": { + "lastModified": 1754526276, + "narHash": "sha256-OkkjbytvvUBOcSCjf3zd8NWLaM+I1tUR9IxcRZrdVeM=", + "owner": "sst", + "repo": "opencode", + "rev": "1a561bb5120b1b87a4c477f7cb6c3a0a4ce79114", + "type": "github" + }, + "original": { + "owner": "sst", + "ref": "v0.3.133", + "repo": "opencode", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "nixpkgs": "nixpkgs_3", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_4", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-supermaven-inc/supermaven-nvim": "nvim_plugin-supermaven-inc/supermaven-nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1751604642, + "narHash": "sha256-i+fTQx8jYMa+nAMmyLB1TXgqRQCEjvxEPPlksptxpkY=", + "ref": "refs/heads/master", + "rev": "86a29f880ecadb99c51d98ee0f454ae0230ff19e", + "revCount": 292, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750127910, + "narHash": "sha256-FIgEIS0RAlOyXGqoj/OufTfcKItYq668yPYL4SXdU0M=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "45418795a73b77b7726c62ce265d68cf541ffb49", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/gpdPocket3/flake.nix b/hosts/gpdPocket3/flake.nix new file mode 100644 index 00000000..0f053b23 --- /dev/null +++ b/hosts/gpdPocket3/flake.nix @@ -0,0 +1,117 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + + # for local testing. + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + nixpkgs, + common, + ros_neovim, + ... + }: + let + configuration_name = "gpdPocket3"; + lib = nixpkgs.lib; + in + { + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ( + { config, pkgs, ... }: + { + environment.systemPackages = with pkgs; [ + lua + qdirstat + ]; + + ringofstorms_common = { + systemName = configuration_name; + boot.systemd.enable = true; + desktopEnvironment.gnome = { + enable = true; + enableRotate = true; + }; + secrets.enable = true; + general.enableSleep = true; + programs = { + qFlipper.enable = true; + rustDev.enable = true; + tailnet.enable = true; + ssh.enable = true; + docker.enable = true; + opencode.enable = true; + flatpaks = { + enable = true; + packages = [ + "org.signal.Signal" + "com.discordapp.Discord" + "md.obsidian.Obsidian" + "com.spotify.Client" + "org.videolan.VLC" + "com.bitwarden.desktop" + "org.openscad.OpenSCAD" + "org.blender.Blender" + "im.riot.Riot" + "com.rustdesk.RustDesk" + "com.google.Chrome" + ]; + }; + }; + users = { + # Users are all normal users and default password is password1 + admins = [ "josh" ]; # First admin is also the primary user owning nix config + users = { + josh = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDa0MUnXwRzHPTDakjzLTmye2GTFbRno+KVs0DSeIPb7 nix2gpdpocket3" + ]; + extraGroups = [ + "networkmanager" + "video" + "input" + ]; + shell = pkgs.zsh; + }; + }; + }; + homeManager = { + users = { + josh = { + imports = with common.homeManagerModules; [ + tmux + atuin + kitty + direnv + git + nix_deprecations + postgres + ssh + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + } + ); + }; + }; +} diff --git a/systems/joe/hardware-configuration.nix b/hosts/gpdPocket3/hardware-configuration.nix similarity index 59% rename from systems/joe/hardware-configuration.nix rename to hosts/gpdPocket3/hardware-configuration.nix index 9fd83c48..ab176249 100644 --- a/systems/joe/hardware-configuration.nix +++ b/hosts/gpdPocket3/hardware-configuration.nix @@ -1,37 +1,53 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-label/NIXROOT"; - fsType = "ext4"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-label/NIXBOOT"; - fsType = "vfat"; - }; + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; - swapDevices = [ ]; + swapDevices = [ + { + device = "/.swapfile"; + size = 16 * 1024; # 16GB + } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + # networking.interfaces.enp175s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/hosts/h001/configuration.nix b/hosts/h001/configuration.nix new file mode 100644 index 00000000..96ce2aea --- /dev/null +++ b/hosts/h001/configuration.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + system.stateVersion = "24.11"; # Did you read the comment? +} diff --git a/hosts/h001/containers/default.nix b/hosts/h001/containers/default.nix new file mode 100644 index 00000000..59cb9cdf --- /dev/null +++ b/hosts/h001/containers/default.nix @@ -0,0 +1,104 @@ +{ inputs }: +let + common = inputs.common; +in +{ + ... +}: +{ + imports = [ + common.nixosModules.containers.forgejo + ./opengist.nix + ./homarr.nix + ./zitadel.nix + ]; + + config = { + ## Give internet access + networking = { + nat = { + enable = true; + internalInterfaces = [ "ve-*" ]; + externalInterface = "enp0s31f6"; + enableIPv6 = true; + }; + firewall.trustedInterfaces = [ "ve-*" ]; + }; + + containers.wasabi = { + ephemeral = true; + autoStart = true; + privateNetwork = true; + hostAddress = "10.0.0.1"; + localAddress = "10.0.0.111"; + config = + { config, pkgs, ... }: + { + system.stateVersion = "24.11"; + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 ]; + }; + }; + }; + + virtualisation.oci-containers.containers = { + ntest = { + image = "nginx:alpine"; + ports = [ + "127.0.0.1:8085:80" + ]; + }; + }; + + virtualisation.oci-containers.backend = "podman"; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "admin@joshuabell.xyz"; + services.nginx = { + enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts = { + "localhost" = { + locations."/" = { + proxyPass = "http://10.0.0.111"; + }; + }; + + # forgejo http traffic + "git.joshuabell.xyz" = { + locations."/" = { + proxyPass = "http://10.0.0.2:3000"; + }; + }; + + "_" = { + default = true; + locations."/" = { + return = "404"; # or 444 for drop + }; + }; + }; + + # STREAMS + # Forgejo ssh + streamConfig = '' + server { + listen 3032; + proxy_pass 10.0.0.2:3032; + } + ''; + + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + }; +} diff --git a/hosts/h001/containers/forgejo.nix b/hosts/h001/containers/forgejo.nix new file mode 100644 index 00000000..92793a98 --- /dev/null +++ b/hosts/h001/containers/forgejo.nix @@ -0,0 +1,196 @@ +{ + config, + lib, + ... +}: +let + name = "forgejo"; + + hostDataDir = "/var/lib/${name}"; + + hostAddress = "10.0.0.1"; + containerAddress = "10.0.0.2"; + hostAddress6 = "fc00::1"; + containerAddress6 = "fc00::2"; + + binds = [ + # Postgres data, must use postgres user in container and host + { + host = "${hostDataDir}/postgres"; + # Adjust based on container postgres data dir + container = "/var/lib/postgresql/17"; + user = "postgres"; + uid = config.ids.uids.postgres; + gid = config.ids.gids.postgres; + } + # Postgres backups + { + host = "${hostDataDir}/backups/postgres"; + container = "/var/backup/postgresql"; + user = "postgres"; + uid = config.ids.uids.postgres; + gid = config.ids.gids.postgres; + } + # App data, uses custom user uid + { + host = "${hostDataDir}/data"; + container = "/var/lib/forgejo"; + user = "forgejo"; + uid = 115; + gid = 115; + } + ]; + uniqueUsers = lib.foldl' ( + acc: bind: if lib.lists.any (item: item.user == bind.user) acc then acc else acc ++ [ bind ] + ) [ ] binds; + users = { + users = lib.listToAttrs ( + lib.map (u: { + name = u.user; + value = { + isSystemUser = true; + name = u.user; + uid = u.uid; + group = u.user; + }; + }) uniqueUsers + ); + + groups = lib.listToAttrs ( + lib.map (g: { + name = g.user; + value.gid = g.gid; + }) uniqueUsers + ); + }; +in +{ + # Ensure users exists on host machine with same IDs as container + inherit users; + + # Ensure directories exist on host machine + system.activationScripts.createMediaServerDirs = '' + ${lib.concatStringsSep "\n" ( + lib.map (bind: '' + mkdir -p ${bind.host} + chown -R ${toString bind.user}:${toString bind.gid} ${bind.host} + chmod -R 750 ${bind.host} + '') binds + )} + ''; + + containers.${name} = { + ephemeral = true; + autoStart = true; + privateNetwork = true; + hostAddress = hostAddress; + localAddress = containerAddress; + hostAddress6 = hostAddress6; + localAddress6 = containerAddress6; + bindMounts = lib.foldl ( + acc: bind: + { + "${bind.container}" = { + hostPath = bind.host; + isReadOnly = false; + }; + } + // acc + ) { } binds; + config = + { config, pkgs, ... }: + { + system.stateVersion = "24.11"; + + networking = { + firewall = { + enable = true; + allowedTCPPorts = [ + 3000 + 3032 + ]; + }; + # Use systemd-resolved inside the container + # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686 + useHostResolvConf = lib.mkForce false; + }; + services.resolved.enable = true; + + # Ensure users exist on container + inherit users; + + services.postgresql = { + enable = true; + package = pkgs.postgresql_17.withJIT; + enableJIT = true; + authentication = '' + local all all trust + host all all 127.0.0.1/8 trust + host all all ::1/128 trust + host all all fc00::1/128 trust + ''; + }; + + # Backup database + services.postgresqlBackup = { + enable = true; + }; + + services.forgejo = { + enable = true; + dump = { + enable = false; + type = "tar.gz"; + }; + database = { + type = "postgres"; + }; + settings = { + DEFAULT = { + APP_NAME = "Josh's Git"; + }; + server = { + PROTOCOL = "http"; + DOMAIN = "git.joshuabell.xyz"; + HTTP_ADDR = "0.0.0.0"; + HTTP_PORT = 3000; + + START_SSH_SERVER = true; + SSH_DOMAIN = "git.joshuabell.xyz"; + SSH_LISTEN_HOST = "0.0.0.0"; + SSH_LISTEN_PORT = 3032; # actual listen port + SSH_PORT = 3032; # used in UI + BUILTIN_SSH_SERVER_USER = "git"; + + LANDING_PAGE = "explore"; + }; + service = { + DISABLE_REGISTRATION = true; + ENABLE_BASIC_AUTHENTICATION = false; + DISABLE_USERS_PAGE = true; + DISABLE_ORGANIZATIONS_PAGE = true; + }; + repository = { + # ENABLE_PUSH_CREATE_USER = true; + # ENABLE_PUSH_CREATE_ORG = true; + DISABLE_STARS = true; + DEFAULT_PRIVATE = "private"; + }; + admin = { + DISABLE_REGULAR_ORG_CREATION = true; + USER_DISABLED_FEATURES = "deletion"; + }; + other = { + SHOW_FOOTER_POWERED_BY = false; + SHOW_FOOTER_VERSION = false; + SHOW_FOOTER_TEMPLATE_LOAD_TIME = false; + }; + migrations = { + ALLOWED_DOMAINS = "*.github.com,github.com"; + ALLOW_LOCALNETWORKS = true; + }; + }; + }; + }; + }; +} diff --git a/hosts/h001/containers/homarr.nix b/hosts/h001/containers/homarr.nix new file mode 100644 index 00000000..0cd11def --- /dev/null +++ b/hosts/h001/containers/homarr.nix @@ -0,0 +1,35 @@ +{ + ... +}: +let + name = "homarr"; + hostDataDir = "/var/lib/${name}"; + + v_port = 7575; +in +{ + virtualisation.oci-containers.containers = { + "${name}" = { + image = "ghcr.io/homarr-labs/homarr:latest"; + ports = [ + "127.0.0.1:${toString v_port}:${toString v_port}" + ]; + volumes = [ + "${hostDataDir}:/appdata" + "/var/run/docker.sock:/var/run/docker.sock" + ]; + environment = { + SECRET_ENCRYPTION_KEY = "0b7e80116a742d16a8f07452a2d9b206b1997d32a6dd2c29cfe4df676e281295"; + }; + extraOptions = [ + "--add-host=h003:100.64.0.14" + ]; + }; + }; + + system.activationScripts."${name}_directories" = '' + mkdir -p ${hostDataDir} + chown -R root:root ${hostDataDir} + chmod -R 777 ${hostDataDir} + ''; +} diff --git a/hosts/h001/containers/opengist.nix b/hosts/h001/containers/opengist.nix new file mode 100644 index 00000000..e529b942 --- /dev/null +++ b/hosts/h001/containers/opengist.nix @@ -0,0 +1,39 @@ +{ + ... +}: +let + name = "opengist"; + hostDataDir = "/var/lib/${name}"; + + v_port = 6157; +in +{ + virtualisation.oci-containers.containers = { + "${name}" = { + image = "ghcr.io/thomiceli/opengist:1"; + ports = [ + "127.0.0.1:${toString v_port}:${toString v_port}" + ]; + volumes = [ + "${hostDataDir}:/opengist" + ]; + environment = { + OG_LOG_LEVEL = "info"; + }; + }; + }; + system.activationScripts."${name}_directories" = '' + mkdir -p ${hostDataDir} + chown -R root:root ${hostDataDir} + chmod -R 777 ${hostDataDir} + ''; + + services.nginx.virtualHosts."gist.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + proxyPass = "http://127.0.0.1:${builtins.toString v_port}"; + }; + }; + }; +} diff --git a/hosts/h001/containers/zitadel.nix b/hosts/h001/containers/zitadel.nix new file mode 100644 index 00000000..5c244271 --- /dev/null +++ b/hosts/h001/containers/zitadel.nix @@ -0,0 +1,211 @@ +{ + config, + lib, + ... +}: +let + name = "zitadel"; + + hostDataDir = "/var/lib/${name}"; + + hostAddress = "10.0.0.1"; + containerAddress = "10.0.0.3"; + hostAddress6 = "fc00::1"; + containerAddress6 = "fc00::3"; + + binds = [ + # Postgres data, must use postgres user in container and host + { + host = "${hostDataDir}/postgres"; + # Adjust based on container postgres data dir + container = "/var/lib/postgresql/17"; + user = "postgres"; + uid = config.ids.uids.postgres; + gid = config.ids.gids.postgres; + } + # Postgres backups + { + host = "${hostDataDir}/backups/postgres"; + container = "/var/backup/postgresql"; + user = "postgres"; + uid = config.ids.uids.postgres; + gid = config.ids.gids.postgres; + } + # secret + { + host = config.age.secrets.zitadel_master_key.path; + container = "/var/secrets/zitadel_master_key.age"; + readOnly = true; + } + ]; + bindsWithUsers = lib.filter (b: b ? user) binds; + uniqueUsers = lib.foldl' ( + acc: bind: if lib.lists.any (item: item.user == bind.user) acc then acc else acc ++ [ bind ] + ) [ ] bindsWithUsers; + users = { + users = lib.listToAttrs ( + lib.map (u: { + name = u.user; + value = { + isSystemUser = true; + name = u.user; + uid = u.uid; + group = u.user; + }; + }) uniqueUsers + ); + + groups = lib.listToAttrs ( + lib.map (g: { + name = g.user; + value.gid = g.gid; + }) uniqueUsers + ); + }; + +in +{ + options = { }; + config = { + services.nginx.virtualHosts."sso.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://${containerAddress}:8080"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; + }; + }; + }; + + # Ensure users exist on host machine + inherit users; + + # Ensure directories exist on host machine + system.activationScripts."createDirsFor${name}" = '' + ${lib.concatStringsSep "\n" ( + lib.map (bind: '' + mkdir -p ${bind.host} + chown -R ${toString bind.user}:${toString bind.gid} ${bind.host} + chmod -R 750 ${bind.host} + '') bindsWithUsers + )} + ''; + + containers.${name} = { + ephemeral = true; + autoStart = true; + privateNetwork = true; + hostAddress = hostAddress; + localAddress = containerAddress; + hostAddress6 = hostAddress6; + localAddress6 = containerAddress6; + bindMounts = lib.foldl ( + acc: bind: + { + "${bind.container}" = { + hostPath = bind.host; + isReadOnly = bind.readOnly or false; + }; + } + // acc + ) { } binds; + config = + { config, pkgs, ... }: + { + system.stateVersion = "25.05"; + + networking = { + firewall = { + enable = true; + allowedTCPPorts = [ + 8080 + ]; + }; + # Use systemd-resolved inside the container + # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686 + useHostResolvConf = lib.mkForce false; + }; + services.resolved.enable = true; + + # Ensure users exist on container + inherit users; + + services.postgresql = { + enable = true; + package = pkgs.postgresql_17.withJIT; + enableJIT = true; + authentication = '' + local all all trust + host all all 127.0.0.1/8 trust + host all all ::1/128 trust + host all all fc00::1/128 trust + ''; + ensureDatabases = [ "zitadel" ]; + ensureUsers = [ + { + name = "zitadel"; + ensureDBOwnership = true; + ensureClauses.login = true; + ensureClauses.superuser = true; + } + ]; + }; + + # Backup database + services.postgresqlBackup = { + enable = true; + }; + + services.zitadel = { + enable = true; + masterKeyFile = "/var/secrets/zitadel_master_key.age"; + settings = { + Port = 8080; + Database.postgres = { + Host = "/var/run/postgresql/"; + Port = 5432; + Database = "zitadel"; + User = { + Username = "zitadel"; + SSL.Mode = "disable"; + }; + Admin = { + Username = "zitadel"; + SSL.Mode = "disable"; + ExistingDatabase = "zitadel"; + }; + }; + ExternalDomain = "sso.joshuabell.xyz"; + ExternalPort = 443; + ExternalSecure = true; + }; + steps.FirstInstance = { + InstanceName = "sso"; + Org = { + Name = "SSO"; + Human = { + UserName = "admin@joshuabell.xyz"; + FirstName = "admin"; + LastName = "admin"; + Email.Address = "admin@joshuabell.xuz"; + Email.Verified = true; + Password = "Password1!"; + PasswordChangeRequired = true; + }; + }; + LoginPolicy.AllowRegister = false; + }; + openFirewall = true; + }; + + systemd.services.zitadel = { + requires = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; + }; + }; + }; + }; +} diff --git a/hosts/h001/flake.lock b/hosts/h001/flake.lock new file mode 100644 index 00000000..fa962516 --- /dev/null +++ b/hosts/h001/flake.lock @@ -0,0 +1,1392 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_2", + "ragenix": "ragenix" + }, + "locked": { + "lastModified": 1755841247, + "narHash": "sha256-oAMTVNjPhTfN4nyTZcW7J0HvdWirid+OYd45ORX3TyA=", + "ref": "refs/heads/master", + "rev": "a53d0510d1accc5799baecf7da85e6621d4152f5", + "revCount": 615, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "owner": "rycee", + "repo": "home-manager", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixarr": { + "inputs": { + "nixpkgs": "nixpkgs_4", + "vpnconfinement": "vpnconfinement", + "website-builder": "website-builder" + }, + "locked": { + "lastModified": 1755601892, + "narHash": "sha256-4FECnCcaUVQHnocuuu/KRldPW2yj7hFpd1F7bfWxTxY=", + "owner": "rasmus-kirk", + "repo": "nixarr", + "rev": "c6cd890fa028ec2a8d735a121cb0a161d265101c", + "type": "github" + }, + "original": { + "owner": "rasmus-kirk", + "repo": "nixarr", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1756902501, + "narHash": "sha256-a89pyAbY2qVZaiFxYdt9+fvXI8pLKgu/g7CqkCUUf94=", + "owner": "wrvsrx", + "repo": "nixpkgs", + "rev": "898a1df732414f7d293a207459c8e47679b33364", + "type": "github" + }, + "original": { + "owner": "wrvsrx", + "ref": "fix-open-webui", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1753694789, + "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1748662220, + "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "59138c7667b7970d205d6a05a8bfa2d78caa3643", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1755704039, + "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1755648324, + "narHash": "sha256-+2TxwJEXWXGC7JBsRGUHtmQ66lRGPcDI2kFKTTU5e2s=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "226bb7c9df5f953fd7533e199b8d9e5475458a8a", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1755636100, + "narHash": "sha256-EeU6AfMISnXUmKdNHXN35srj+fuQiHoWx5uYRKCjsTE=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "f7bb32dbbe2ff5e26f5033e2142b5920cf427236", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1754037237, + "narHash": "sha256-JhTqTGQfIryJ7MElcOGOfb48uaNDnd9RM9Fl1Fs4QV0=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "de10d8414235b0a8cabfeba60d07c24304e71f5c", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1755631821, + "narHash": "sha256-+/GVSb3uQ5HktPv6HFwdywX85hScsAI1IHqXmwDH9PU=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "0087ee1d505d4fc4886d8d3121ae7848b7c0e49b", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1754466592, + "narHash": "sha256-b40E121rJrEmlor3fHmh4Y1TXKdfiqsBGBcpbY//eTw=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "a49df0f70171adc77704eac70dd2c0d179065933", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1755594039, + "narHash": "sha256-XU+PtvXlgoHFouyyceUIZ4L5AvZThUR2AegmCQAYt1A=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "e906ac3ed0bd273781759e7635b5b824393c925c", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1755621274, + "narHash": "sha256-o8VLMPriOh4+Ay5Ff0cWQYXjmihdr3x9131bKHHTsQE=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "30fa4d122d9b22ad8b2e0ab1b533c8c26c4dde86", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1755590055, + "narHash": "sha256-989Zf6SCy+vakFac4KmElUn8+ErJMtYJ8zlOi999UJI=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "ef9fc0267da4204432ab7bf3ab9df359874cfeb6", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1755085771, + "narHash": "sha256-X1rppwf2xBPrmB93ptXukOnEBDZmfjJd4F5ObNa1DHs=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "bd5a7d6db125d4654b50eeae9f5217f24bb22fd3", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1753844861, + "narHash": "sha256-e4Rd2y1Wekp7aobpTGaUeoSBnlfIASDaBR8js5dh2Vw=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c642487086dbd9a93160e1679a1327be111cbc25", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1755048367, + "narHash": "sha256-Hcnbk6go2vYCYqSfXLWQ+KimpU+NPbIkjBTKGMFoNQM=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "2cb5edb2dd6700a958a446b20bb2be04d318da9d", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1755014582, + "narHash": "sha256-zBUrqL+00Y8j4eVNAgI0nYn2i35zhQo2BVl4mL1cgfs=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "6e3c66548035e50db7bd8e360a29aec6620c3641", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1753760289, + "narHash": "sha256-BgJ0gKy/zxU82L7WocXLkXwD97pnCvpGyJVzSHeUtG0=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "6d7664d5bdfaea44c5f50b29f5239fab7b00c273", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1752437854, + "narHash": "sha256-5WofUOTYE+Nmx3A5OoZBneJBHZ8bdGEYDZ6vTMx1OE0=", + "owner": "mbbill", + "repo": "undotree", + "rev": "28f2f54a34baff90ea6f4a735ef1813ad875c743", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1753951521, + "narHash": "sha256-GmXScmbXJx74RMgPhkdKtdODZqkOarFHE1XOiSnt5Bo=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "7ef127aaede2a4d5ad8df8321e2eb4e567f29594", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1755599388, + "narHash": "sha256-4o20Hf+rFD2zejPZr5oe3ZkaynW3xAw/wtbF3sMjNnQ=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "eb9beab7d80eb052f78165b28d18f55844b26aef", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1755617152, + "narHash": "sha256-PSu5zQi/rzBAnALX8WrYckhqM5lI6hGAhsWWgS7ln7A=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "5f1c9a90c8db9c647da40ce6cf5be9e49ccbf0c7", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1755623332, + "narHash": "sha256-hnTDzd3eRsDUYYf9WPknYZ126d0XKXO1hjlY7WH4bDI=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "8ab43934caea0eacc986d112e5680c316b8a7944", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1753570668, + "narHash": "sha256-9Un7ekhBxcnmFE1xjCCFTZ7eqIbmXvQexpnhduAg4M0=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "b9fd5226c2f76c951fc8ed5923d85e4de065e509", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1754970649, + "narHash": "sha256-lWt2kpW+hsTMWt8tar/+AISTDrIt4Jn27NmI9j+Xt4s=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "b8c23159c0161f4b89196f74ee3a6d02cdc3a955", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1754424906, + "narHash": "sha256-FlJ7w5Ywwq03E0oYdnFJFb+MMUMQMa+5QhDMy2O9tGQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "3610dc7dc91f06aa98b11dca5cc30dfa98626b7e", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1755174669, + "narHash": "sha256-Cdd7m2ondica5yDgm8THEm8LttJwDWQTNPnKO4vKr2c=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "f0e9951778802526b14c934f7bf746e1e0ae5ed0", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1754884337, + "narHash": "sha256-Zftd4xFYdCtof6IusN+E079yY2oMTNhJ/yznvLiiur0=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "c2599a81ecabaae07c49ff9b45dcd032a8d90f1a", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1754488703, + "narHash": "sha256-f4a9Abwb265Rm+hpUXz+rKWXvaFVrmXf1h7d7eh9jJc=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "dca8726fea2c14e1ce6adbaa76a04816fbfaff61", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1753086914, + "narHash": "sha256-uQBB3fajHowivArxbtmEJvVU3+QO0VApYpVNMA58UkI=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "397c7c1184745fca649e5104de659e6392ef5a4d", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1755285297, + "narHash": "sha256-x8oPN7JqcY0scFO0vGREerT3dRiQA+k/qeWsug1sGiU=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "d27a29f5754e3a8b8d89a4069814e53ac583e951", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1755640282, + "narHash": "sha256-WYGvppnMsBaVYnMmv9WJRuKuyk4F/rzJ3DRBh+72tRY=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "04bfa5f35706410376bf7618a01fcf44e3f35b59", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1739910276, + "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1755448417, + "narHash": "sha256-KV+Wno4aB5uTSBxIZzQKC/0KfjQLM7x8wCDkVSnaPeA=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "3fd7b50810ae4cccf8b38e4c509b1608f141a9e9", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_3", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "nixarr": "nixarr", + "nixpkgs": "nixpkgs_5", + "nixpkgs-unstable": "nixpkgs-unstable", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_6", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1755648539, + "narHash": "sha256-zElmY3ieHOxJtn5Q3KKXZw3i6/e63jRtHowzOM4jERw=", + "ref": "refs/heads/master", + "rev": "1f8444ad78e85c902818ab48479f3f3a1e909031", + "revCount": 300, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1755571033, + "narHash": "sha256-V8gmZBfMiFGCyGJQx/yO81LFJ4d/I5Jxs2id96rLxrM=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "95487740bb7ac11553445e9249041a6fa4b5eccf", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "vpnconfinement": { + "locked": { + "lastModified": 1743810720, + "narHash": "sha256-kbv/W4gizUSa6qH2rUQdgPj9AJaeN9k2XSWUYqj7IMU=", + "owner": "Maroka-chan", + "repo": "VPN-Confinement", + "rev": "74ae51e6d18b972ecc918ab43e8bde60c21a65d8", + "type": "github" + }, + "original": { + "owner": "Maroka-chan", + "repo": "VPN-Confinement", + "type": "github" + } + }, + "website-builder": { + "inputs": { + "nixpkgs": [ + "nixarr", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750317638, + "narHash": "sha256-B4RWcXXOLO6gMeYyV+K4olu+kGGsYamKH+JAm0cIXqI=", + "owner": "rasmus-kirk", + "repo": "website-builder", + "rev": "b54192000a00e865947f45bacf3184d56363ee38", + "type": "github" + }, + "original": { + "owner": "rasmus-kirk", + "repo": "website-builder", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix new file mode 100644 index 00000000..a3b5646c --- /dev/null +++ b/hosts/h001/flake.nix @@ -0,0 +1,117 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:wrvsrx/nixpkgs/fix-open-webui"; + # nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + # Use relative to get current version for testing + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + + nixarr.url = "github:rasmus-kirk/nixarr"; + }; + + outputs = + { + nixpkgs, + common, + ros_neovim, + nixarr, + ... + }@inputs: + let + configuration_name = "h001"; + lib = nixpkgs.lib; + in + { + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + specialArgs = { + inherit inputs; + upkgs = import inputs.nixpkgs-unstable { + system = "x86_64-linux"; + config.allowUnfree = true; + }; + }; + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + nixarr.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ./mods + ./nginx.nix + (import ./containers { inherit inputs; }) + ( + { config, pkgs, ... }: + { + environment.systemPackages = with pkgs; [ + lua + sqlite + ]; + + ringofstorms_common = { + systemName = configuration_name; + boot.systemd.enable = true; + secrets.enable = true; + general = { + reporting.enable = true; + }; + programs = { + tailnet.enable = true; + ssh.enable = true; + podman.enable = true; + }; + users = { + admins = [ "luser" ]; # First admin is also the primary user owning nix config + users = { + root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZigrRMF/HHMhjBIwiOnS2pqbOz8Az19tch680BGvmu nix2h001" + ]; + shell = pkgs.zsh; + }; + luser = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZigrRMF/HHMhjBIwiOnS2pqbOz8Az19tch680BGvmu nix2h001" + ]; + extraGroups = [ + "networkmanager" + "video" + "input" + ]; + shell = pkgs.zsh; + }; + }; + }; + homeManager = { + users = { + luser = { + imports = with common.homeManagerModules; [ + kitty + tmux + atuin + direnv + git + nix_deprecations + postgres + ssh + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + } + ); + }; + }; +} diff --git a/hosts/h001/hardware-configuration.nix b/hosts/h001/hardware-configuration.nix new file mode 100644 index 00000000..a3b417ab --- /dev/null +++ b/hosts/h001/hardware-configuration.nix @@ -0,0 +1,54 @@ +{ + config, + lib, + modulesPath, + ... +}: +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usb_storage" + "usbhid" + "sd_mod" + "sr_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + fileSystems."/drives/wd10" = { + device = "/dev/sda"; + fsType = "ext4"; + }; + + swapDevices = [ + { + device = "/.swapfile"; + size = 4 * 1024; # 4GB + } + ]; + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix new file mode 100644 index 00000000..54084306 --- /dev/null +++ b/hosts/h001/mods/default.nix @@ -0,0 +1,11 @@ +{ + ... +}: +{ + imports = [ + ./nixarr.nix + ./monitoring.nix + ./pinchflat.nix + ./openwebui.nix + ]; +} diff --git a/hosts/h001/mods/monitoring.nix b/hosts/h001/mods/monitoring.nix new file mode 100644 index 00000000..544ffecd --- /dev/null +++ b/hosts/h001/mods/monitoring.nix @@ -0,0 +1,156 @@ +{ + config, + ... +}: +{ + config = { + services.prometheus = { + enable = true; + scrapeConfigs = [ + { + job_name = "node"; + static_configs = [ + { + targets = [ "localhost:9100" ]; + labels.instance = config.networking.hostName; # h001 + } + { + targets = [ "lio.net.joshuabell.xyz:9100" ]; + labels.instance = "lio"; + } + { + targets = [ "oren.net.joshuabell.xyz:9100" ]; + labels.instance = "oren"; + } + { + targets = [ "gp3.net.joshuabell.xyz:9100" ]; + labels.instance = "gp3"; + } + { + targets = [ "h002.net.joshuabell.xyz:9100" ]; + labels.instance = "h002"; + } + { + targets = [ "o001.net.joshuabell.xyz:9100" ]; + labels.instance = "o001"; + } + ]; + } + ]; + }; + + services.grafana = { + enable = true; + dataDir = "/var/lib/grafana"; + settings = { + server = { + http_port = 3001; + http_addr = "127.0.0.1"; + serve_from_sub_path = true; + domain = "h001.net.joshuabell.xyz"; + root_url = "http://h001.net.joshuabell.xyz/grafana/"; + enforce_domain = true; + enable_gzip = true; + }; + }; + provision = { + datasources.settings.datasources = [ + { + name = "Prometheus"; + type = "prometheus"; + url = "http://localhost:9090"; + access = "proxy"; + isDefault = true; # Set as default, if you want + } + { + name = "Loki"; + type = "loki"; + url = "http://localhost:3100"; + access = "proxy"; + isDefault = false; + } + ]; + }; + }; + + # Loki for log aggregation + systemd.tmpfiles.rules = [ + "d /var/lib/loki 0755 loki loki -" + "d /var/lib/loki/chunks 0755 loki loki -" + "d /var/lib/loki/rules 0755 loki loki -" + "d /var/lib/loki/compactor 0755 loki loki -" + ]; + services.loki = { + enable = true; + configuration = { + auth_enabled = false; + + server = { + http_listen_port = 3100; + }; + + common = { + path_prefix = "/var/lib/loki"; + storage = { + filesystem = { + chunks_directory = "/var/lib/loki/chunks"; + rules_directory = "/var/lib/loki/rules"; + }; + }; + replication_factor = 1; + ring = { + kvstore = { + store = "inmemory"; + }; + }; + }; + + schema_config = { + configs = [ + { + from = "2023-01-01"; + store = "boltdb-shipper"; + object_store = "filesystem"; + schema = "v12"; # Updated schema version + index = { + prefix = "index_"; + period = "24h"; # Set to 24h period as recommended + }; + } + ]; + }; + + limits_config = { + allow_structured_metadata = false; # Disable structured metadata until we upgrade to v13 + }; + + ruler = { + storage = { + type = "local"; + local = { + directory = "/var/lib/loki/rules"; + }; + }; + rule_path = "/var/lib/loki/rules"; + ring = { + kvstore = { + store = "inmemory"; + }; + }; + }; + + compactor = { + working_directory = "/var/lib/loki/compactor"; # Set working directory + retention_enabled = true; + compaction_interval = "5m"; + delete_request_store = "filesystem"; # Add this line for retention configuration + delete_request_cancel_period = "24h"; + }; + + analytics = { + reporting_enabled = false; + }; + }; + }; + }; +} diff --git a/hosts/h001/mods/nixarr.nix b/hosts/h001/mods/nixarr.nix new file mode 100644 index 00000000..2c862733 --- /dev/null +++ b/hosts/h001/mods/nixarr.nix @@ -0,0 +1,82 @@ +{ + config, + ... +}: +{ + config = { + nixarr = { + enable = true; + mediaDir = "/drives/wd10/nixarr/media"; + stateDir = "/var/lib/nixarr/state"; + + vpn = { + enable = true; + wgConf = config.age.secrets.us_chi_wg.path; + }; + + jellyfin.enable = true; # jellyfinnnnnn! + jellyfin.vpn.enable = true; + jellyseerr.enable = true; # request manager for media + jellyseerr.vpn.enable = true; + sabnzbd.enable = true; # Usenet downloader + transmission = { + enable = true; # Torrent downloader + vpn.enable = true; + peerPort = 51820; + extraAllowedIps = [ + "100.64.0.0/10" + ]; + extraSettings = { + rpc-bind-address = "0.0.0.0"; + rpc-authentication-required = false; + rpc-username = "transmission"; + rpc-password = "transmission"; + rpc-host-whitelist-enabled = false; + rpc-whitelist-enabled = false; + rpc-whitelist = "127.0.0.1,::1,192.168.1.71,100.64.0.0/10"; + }; + }; + prowlarr.enable = true; # Index manager + sonarr.enable = true; # TV + radarr.enable = true; # Movies + bazarr.enable = true; # subtitles for sonarr and radarr + lidarr.enable = false; # music + # recyclarr.enable = true; # not sure how to use this yet + }; + + services.nginx = { + virtualHosts = { + "jellyfin.joshuabell.xyz" = { + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://localhost:8096"; + }; + }; + "media.joshuabell.xyz" = { + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://localhost:5055"; + }; + }; + "10.12.14.10" = { + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://localhost:8096"; + }; + }; + "jellyfin.h001.local.joshuabell.xyz" = { + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://localhost:8096"; + }; + }; + "media.h001.local.joshuabell.xyz" = { + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://localhost:5055"; + }; + }; + }; + }; + }; +} diff --git a/hosts/h001/mods/openwebui.nix b/hosts/h001/mods/openwebui.nix new file mode 100644 index 00000000..68a03a42 --- /dev/null +++ b/hosts/h001/mods/openwebui.nix @@ -0,0 +1,151 @@ +{ + upkgs, + inputs, + config, + ... +}: +{ + # Use unstable services + disabledModules = [ + "services/misc/open-webui.nix" + "services/misc/litellm.nix" + ]; + imports = [ + "${inputs.nixpkgs-unstable}/nixos/modules/services/misc/open-webui.nix" + "${inputs.nixpkgs-unstable}/nixos/modules/services/misc/litellm.nix" + ]; + + options = { }; + config = { + + services.nginx.virtualHosts."chat.joshuabell.xyz" = { + locations = { + "/" = { + proxyWebsockets = true; + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:8084"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; + }; + }; + }; + + services.open-webui = { + enable = true; + port = 8084; + host = "127.0.0.1"; + openFirewall = false; + package = upkgs.open-webui; + environmentFile = config.age.secrets.openwebui_env.path; + environment = { + # Declarative config, we don't use admin panel for anything + # ENABLE_PERSISTENT_CONFIG = "False"; + # ENABLE_OAUTH_PERSISTENT_CONFIG = "False"; + + WEBUI_URL = "https://chat.joshuabell.xyz"; + CUSTOM_NAME = "Josh AI"; + ENV = "prod"; + + ENABLE_SIGNUP = "False"; + ENABLE_LOGIN_FORM = "False"; + ENABLE_OAUTH_SIGNUP = "True"; + WEBUI_SESSION_COOKIE_SAME_SITE = "lax"; + # OAUTH_SUB_CLAIM = ""; + # WEBUI_AUTH_TRUSTED_EMAIL_HEADER + + # https://self-hosted.tools/p/openwebui-with-zitadel-oidc/ + # OAUTH_CLIENT_ID = ""; provided in the secret file + # OAUTH_CLIENT_SECRET = ""; + OPENID_PROVIDER_URL = "https://sso.joshuabell.xyz/.well-known/openid-configuration"; + OAUTH_PROVIDER_NAME = "SSO"; + OPENID_REDIRECT_URI = "https://chat.joshuabell.xyz/oauth/oidc/callback"; + OAUTH_SCOPES = "openid email profiles"; + ENABLE_OAUTH_ROLE_MANAGEMENT = "true"; + OAUTH_ROLES_CLAIM = "flatRolesClaim"; + OAUTH_ALLOWED_ROLES = "openwebui_user"; + OAUTH_ADMIN_ROLES = "admin"; + # OAUTH_PICTURE_CLAIM = "picture"; + # OAUTH_UPDATE_PICTURE_ON_LOGIN = "True"; + }; + }; + + services.litellm = { + enable = true; + port = 8094; + openFirewall = false; + package = upkgs.litellm; + environment = { + SCARF_NO_ANALYTICS = "True"; + DO_NOT_TRACK = "True"; + ANONYMIZED_TELEMETRY = "False"; + GITHUB_COPILOT_TOKEN_DIR = "/var/lib/litellm/github_copilot"; + XDG_CONFIG_HOME = "/var/lib/litellm/.config"; + }; + settings = { + model_list = [ + # existing + { + model_name = "GPT-5"; + litellm_params = { + model = "azure/gpt-5-2025-08-07"; + api_base = "http://100.64.0.8:9001"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-5-mini"; + litellm_params = { + model = "azure/gpt-5-mini-2025-08-07"; + api_base = "http://100.64.0.8:9001"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-4.1"; + litellm_params = { + model = "azure/gpt-4.1-2025-04-14"; + api_base = "http://100.64.0.8:9001"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-4.1-mini"; + litellm_params = { + model = "azure/gpt-4.1-mini-2025-04-14"; + api_base = "http://100.64.0.8:9001"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + { + model_name = "GPT-4o"; + litellm_params = { + model = "azure/gpt-4o-2024-05-13"; + api_base = "http://100.64.0.8:9001"; + api_version = "2025-04-01-preview"; + api_key = "na"; + }; + } + + # Copilot + { + model_name = "copilot-claude-sonnet-4"; + litellm_params = { + model = "github_copilot/claude-sonnet-4"; + extra_headers = { + "editor-version" = "vscode/1.85.1"; + "Copilot-Integration-Id" = "vscode-chat"; + "user-agent" = "GithubCopilot/1.155.0"; + "editor-plugin-version" = "copilot/1.155.0"; + }; + }; + } + ]; + }; + }; + }; +} diff --git a/hosts/h001/mods/pinchflat.nix b/hosts/h001/mods/pinchflat.nix new file mode 100644 index 00000000..8690b69b --- /dev/null +++ b/hosts/h001/mods/pinchflat.nix @@ -0,0 +1,60 @@ +{ + lib, + ... +}: +{ + config = { + services.pinchflat = { + enable = true; + port = 8945; + selfhosted = true; + mediaDir = "/drives/wd10/pinchflat/media"; + extraConfig = { + YT_DLP_WORKER_CONCURRENCY = 1; + }; + }; + + users.users.pinchflat.isSystemUser = true; + users.users.pinchflat.group = "pinchflat"; + users.groups.pinchflat = { }; + systemd.services.pinchflat.serviceConfig = { + DynamicUser = lib.mkForce false; + User = "pinchflat"; + Group = "pinchflat"; + }; + + # Use Nixarr vpn + systemd.services.pinchflat.vpnconfinement = { + enable = true; + vpnnamespace = "wg"; + }; + vpnNamespaces.wg.portMappings = [ + { + from = 8945; + to = 8945; + } + ]; + + systemd.tmpfiles.rules = [ + "d '/drives/wd10/pinchflat/media' 0775 pinchflat pinchflat - -" + ]; + + services.nginx = { + virtualHosts = { + "pinchflat" = { + serverName = "h001.net.joshuabell.xyz"; + listen = [ + { + port = 8945; + addr = "0.0.0.0"; + } + ]; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://192.168.15.1:8945"; + }; + }; + }; + }; + }; +} diff --git a/hosts/h001/nginx.nix b/hosts/h001/nginx.nix new file mode 100644 index 00000000..10951709 --- /dev/null +++ b/hosts/h001/nginx.nix @@ -0,0 +1,40 @@ +{ + ... +}: +let + homarr = { + proxyWebsockets = true; + proxyPass = "http://localhost:7575"; + }; +in +{ + services.nginx.virtualHosts = { + "10.12.14.10" = { + locations = { + "/" = { + return = "301 http://h001.local.joshuabell.xyz"; + }; + }; + }; + "h001.local.joshuabell.xyz" = { + locations = { + "/" = homarr; + }; + }; + "100.64.0.13" = { + locations."/" = { + return = "301 http://h001.net.joshuabell.xyz"; + }; + }; + "h001.net.joshuabell.xyz" = { + locations = { + "/grafana/" = { + proxyPass = "http://localhost:3001"; + proxyWebsockets = true; + recommendedProxySettings = true; + }; + "/" = homarr; + }; + }; + }; +} diff --git a/hosts/h001/readme.md b/hosts/h001/readme.md new file mode 100644 index 00000000..0758f91a --- /dev/null +++ b/hosts/h001/readme.md @@ -0,0 +1 @@ +Main media server and run things server, has a bunch of stuff on it I am self hosting diff --git a/hosts/h002/configuration.nix b/hosts/h002/configuration.nix new file mode 100644 index 00000000..473b5226 --- /dev/null +++ b/hosts/h002/configuration.nix @@ -0,0 +1,39 @@ +{ + pkgs, + config, + ... +}: +{ + # machine specific configuration + # ============================== + hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; + # Connectivity + networking.networkmanager.enable = true; + hardware.bluetooth.enable = true; + # networking.networkmanager.unmanaged = [ "interface-name:wlp*" ]; # Mark wireless as unmanaged + environment.shellAliases = { + wifi = "nmtui"; + }; + + # Realtek wireless module support + # Ensure the rtl8192 module is loaded (RTL8190 typically uses rtl8192 driver) + + # boot.extraModulePackages = [ config.boot.kernelPackages.rtl8192eu ]; + boot.kernelModules = [ + "rtl8192ce" + "rtl8192c_common" + "rtlwifi" + "mac80211" + ]; + # Install network management tools + environment.systemPackages = with pkgs; [ + pciutils + wirelesstools + iw + networkmanager + nvtopPackages.full + ]; + + system.stateVersion = "23.11"; +} diff --git a/hosts/h002/flake.lock b/hosts/h002/flake.lock new file mode 100644 index 00000000..ff6978b6 --- /dev/null +++ b/hosts/h002/flake.lock @@ -0,0 +1,1319 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_2", + "ragenix": "ragenix" + }, + "locked": { + "lastModified": 1750783038, + "narHash": "sha256-MlIwSAm+j/HDb5WannHL+i/GK5kfOQdiI7b8ztZYb7w=", + "ref": "refs/heads/master", + "rev": "3d19acf448ecb78a4302bef2e9a617276de54b6b", + "revCount": 504, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1749154018, + "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", + "owner": "rycee", + "repo": "home-manager", + "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1749024892, + "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1749794982, + "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1750622754, + "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c7ab75210cb8cb16ddd8f290755d9558edde7ee1", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1750188666, + "narHash": "sha256-yAfLvtbCzSigTfbsJeOrvljS7VYLAwi2RZ6F+qd+A5E=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "aa36c6c05d04f90cf890f87845be9380cf7b83c2", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1750069301, + "narHash": "sha256-lIAsudDunKOY69r00czO+rmMbM+woIdIGroT4dUZAFc=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "5df0b668d23c05c173f6bc79bb19642215b8b66a", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1749564222, + "narHash": "sha256-StttV19d5gWbFPxerCOX3dXIaRwg1oeUANIbNztALps=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "fb525166ccc30296fb3457441eb979113de46b00", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1749846779, + "narHash": "sha256-j1aslQ3SPD9ZuhQDEt9e5GD+VZ6N6Re7IjVFXycaxWI=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "76f7ce56ccb913632745714f160faa53164c5574", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1748637634, + "narHash": "sha256-sDjG6fjnQsyYtdf7xpmOW193e7USh6ghrFzo6NoLyP8=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "5d8b1bef686db0fabe5f1bb593744b617e8f1405", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1750179699, + "narHash": "sha256-EGt75z/NbjzDXxsyXT9Qj2wWOf06ijUr1If5ljmfLqo=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "45fd6c22f30487586c771072dc8c5230931e4c7b", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1749271780, + "narHash": "sha256-wt/Ybjgr4N80B+QsyANs1QezM7PpFceUWSweRFgkhl0=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "fa42eb5e26819ef58884257d5ae95dd0552b9a66", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1750108178, + "narHash": "sha256-3I7Xup+v9Yq9/nJQ1F5CDW99oFQcxbinv7VQcKeA16Y=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "d9ffd8f70ed6d466cecd3e7e2dd1425b0010932f", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1743496195, + "narHash": "sha256-iaihXNCF5bB5MdeoosD/kc3QtpA/QaIDZVLiLIurBSM=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "a8912b88ce488f411177fc8aed358b04dc246d7b", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1743497173, + "narHash": "sha256-thppiiV3wjIaZnAXmsh7j3DUc6ceSCvGzviwFUnoPaI=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c6635aae33a50d6010bf1aa756ac2398a2d54c32", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1738817426, + "narHash": "sha256-AFUx/ZQVWV7s5Wlppjk6N9QXoJKNKqxtf990FFlTEhw=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "d9ba6b7bfe29b3119a610892af67602641da778e", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1750058704, + "narHash": "sha256-V9aXXR9ZP2G/XInHt07RylC4rS+AyMXAAfODvC6pVxw=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "88205953bd748322b49b26e1dfb0389932520dc9", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1750160168, + "narHash": "sha256-hzFX5mZRxTDDIp/iBVl4lqEaQryLQOe7jFJmXDwq4J8=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "b9a989191b3a97c9316a0efea02341c4cdab845a", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1741878850, + "narHash": "sha256-HGf4Toe+12YZtIalvANDXAtksCsnxQkZbcevOAnl5G4=", + "owner": "mbbill", + "repo": "undotree", + "rev": "b951b87b46c34356d44aa71886aecf9dd7f5788a", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1749731021, + "narHash": "sha256-V4JJ1VQXoIsUBTxe6ykbkyo6LxEAr+QEIqIV3mA9phs=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "2b0039b8be9583704591a13129c600891ac2c596", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1750024924, + "narHash": "sha256-gmOqCnSLGDNerXyuuNhkyL/pSJitnyqBdWC3LejZoS4=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "2fdf224107e5bc29fb5c3a175f5f2c9161b34741", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1750169575, + "narHash": "sha256-lJWMFgQLQhKUuv50WrYXlJ3TFqT04nVbmcBGVDaSz0k=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "99d3a0f26bfe402f45257c1398287aef252cbe2d", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1748880705, + "narHash": "sha256-eTnVFOR7FHlkU9kwrk3q3pNo/U8OR2gJrnrMUQKGi2A=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "6e893c32ff7c5b8d0d501b748c525fa53963fb35", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1739311008, + "narHash": "sha256-8FV5RjF7QbDmQOQynpK7uRKONKbPRYbOPugf9ZxNvUs=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "857c5ac632080dba10aae49dba902ce3abf91b35", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1749383457, + "narHash": "sha256-2aPgA7riA/FubQpTkqsxLKl7OZ8L6FkucNHc2QEx2HQ=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "a94fc68960665e54408fe37dcf573193c4ce82c9", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1750040034, + "narHash": "sha256-NHcU3c+1pLeypHr9xXKmqvdwB1QM/vj5axzjpFEQCLQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "7bf55ed0ff5be182ad3301cff266581fc1c56cce", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1750143568, + "narHash": "sha256-E2YdGlvvpnT/PiayfQldwpbCnjsyNDcoTzxgMf2ajV8=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "d54a1875a91e1a705795ea26074795210b92ce7f", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1747360641, + "narHash": "sha256-+RHeFaeCF/iwAf8qAOjbEIl3YcnrBMVfkQnnzDNhyTA=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "1fb58cca9aebbc4fd32b086cb413548ce132c127", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1749893617, + "narHash": "sha256-QJAfpVdTHTxjUgggQekRLvNYuvG12gjtfTGybfcFdyo=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "1a1a7c5d6d75cb49bf64049dafab15ebe294a79f", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1744548826, + "narHash": "sha256-m4dQ8KuMhbEpRh6zLTlIUDN9ojFj69LZnXXLepmdFI8=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "b5825cf9ee881dd8e43309c93374ed5b87b7a896", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1749967462, + "narHash": "sha256-1pIGu/GJ4FiMH/yHhoo6Gu0HLC3rFQiesJBuv8uE7Vw=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "fffb13dcbe8731b8650e5bf1caa749a485d20556", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1749498876, + "narHash": "sha256-n1IPUNwD14WlDU4zbgfJuhXQcVMt8oc4wCuUJBPJ+y4=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "8132ec733eed3bf415b97b76797ca41b59f51d7d", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-supermaven-inc/supermaven-nvim": { + "flake": false, + "locked": { + "lastModified": 1728314930, + "narHash": "sha256-1z3WKIiikQqoweReUyK5O8MWSRN5y95qcxM6qzlKMME=", + "owner": "supermaven-inc", + "repo": "supermaven-nvim", + "rev": "07d20fce48a5629686aefb0a7cd4b25e33947d50", + "type": "github" + }, + "original": { + "owner": "supermaven-inc", + "repo": "supermaven-nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1739910276, + "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1749137204, + "narHash": "sha256-qxHpIsFFLDG/jtk6e1hkOZgDSRA5Q0+DMxxAxckNhIc=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "c1bb86abbed1a52a11ab3944ef00c8410520543d", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_3", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "nixpkgs": "nixpkgs_4", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_5", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-supermaven-inc/supermaven-nvim": "nvim_plugin-supermaven-inc/supermaven-nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1750190298, + "narHash": "sha256-ero30lVvCzmdKkY0lZR/RO+oTNTY1WXQh6vhfbcbTIk=", + "ref": "refs/heads/master", + "rev": "1ed03dac446683ef42035b53a410d857855d82d9", + "revCount": 291, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750127910, + "narHash": "sha256-FIgEIS0RAlOyXGqoj/OufTfcKItYq668yPYL4SXdU0M=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "45418795a73b77b7726c62ce265d68cf541ffb49", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/h002/flake.nix b/hosts/h002/flake.nix new file mode 100644 index 00000000..4a24350d --- /dev/null +++ b/hosts/h002/flake.nix @@ -0,0 +1,113 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + # nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + + # Use relative to get current version for testing + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + nixpkgs, + common, + ros_neovim, + ... + }: + let + configuration_name = "h002"; + lib = nixpkgs.lib; + in + { + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ( + { config, pkgs, ... }: + { + environment.systemPackages = with pkgs; [ + lua + qdirstat + ]; + + ringofstorms_common = { + systemName = configuration_name; + boot.grub.enable = true; + secrets.enable = true; + desktopEnvironment.gnome.enable = true; + general = { + reporting.enable = true; + }; + programs = { + qFlipper.enable = true; + rustDev.enable = true; + tailnet.enable = true; + ssh.enable = true; + docker.enable = true; + uhkAgent.enable = true; + }; + users = { + admins = [ "luser" ]; # First admin is also the primary user owning nix config + users = { + root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJie9OPheWn/EZWfXJSZ3S0DnISqI3ToCmOqhX/Tkwby nix2h002" + ]; + }; + luser = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJie9OPheWn/EZWfXJSZ3S0DnISqI3ToCmOqhX/Tkwby nix2h002" + ]; + extraGroups = [ + "networkmanager" + "video" + "input" + ]; + shell = pkgs.zsh; + packages = with pkgs; [ + bitwarden + vaultwarden + google-chrome + firefox-esr + openscad + vlc + ]; + }; + }; + }; + homeManager = { + users = { + luser = { + imports = with common.homeManagerModules; [ + kitty + tmux + atuin + direnv + git + nix_deprecations + postgres + ssh + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + } + ); + }; + }; +} diff --git a/systems/gpdPocket3/hardware-configuration.nix b/hosts/h002/hardware-configuration.nix similarity index 51% rename from systems/gpdPocket3/hardware-configuration.nix rename to hosts/h002/hardware-configuration.nix index d37ed08e..ceaa644e 100644 --- a/systems/gpdPocket3/hardware-configuration.nix +++ b/hosts/h002/hardware-configuration.nix @@ -1,40 +1,55 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "ehci_pci" + "ahci" + "xhci_pci" + "firewire_ohci" + "usb_storage" + "usbhid" + "sd_mod" + "sr_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/3A6C-BF60"; - fsType = "vfat"; - # umask=0077 ensures that only the owner (root) can read, write, or execute files on the EFI partition, while all other users are denied all permissions - options = [ "umask=0077" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/e740e27d-13bf-468c-a5c6-fa06fe4ac3cd"; - fsType = "ext4"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/91682eed-a01c-482d-8000-bd1222d4952a"; } - ]; + swapDevices = [ + { + device = "/.swapfile"; + size = 18 * 1024; # 18GB + } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp175s0.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/hosts/h002/readme.md b/hosts/h002/readme.md new file mode 100644 index 00000000..2cb53208 --- /dev/null +++ b/hosts/h002/readme.md @@ -0,0 +1 @@ +NAS for my home network diff --git a/hosts/h003/configuration.nix b/hosts/h003/configuration.nix new file mode 100644 index 00000000..eb65bdfc --- /dev/null +++ b/hosts/h003/configuration.nix @@ -0,0 +1,6 @@ +{ + ... +}: +{ + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hosts/h003/flake.lock b/hosts/h003/flake.lock new file mode 100644 index 00000000..ddd5a37c --- /dev/null +++ b/hosts/h003/flake.lock @@ -0,0 +1,1302 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "nixpkgs": "nixpkgs_2", + "ragenix": "ragenix" + }, + "locked": { + "lastModified": 1755746476, + "narHash": "sha256-dLpj8mNfGAjjbcVPzYW5wSIvNUBDReCVlSmm61ypZWs=", + "ref": "refs/heads/master", + "rev": "8b49688deb12ee65ed17e9432c66975d70c91d49", + "revCount": 607, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" + } + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "owner": "rycee", + "repo": "home-manager", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1753694789, + "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1755704039, + "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1755648324, + "narHash": "sha256-+2TxwJEXWXGC7JBsRGUHtmQ66lRGPcDI2kFKTTU5e2s=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "226bb7c9df5f953fd7533e199b8d9e5475458a8a", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1755636100, + "narHash": "sha256-EeU6AfMISnXUmKdNHXN35srj+fuQiHoWx5uYRKCjsTE=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "f7bb32dbbe2ff5e26f5033e2142b5920cf427236", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1754037237, + "narHash": "sha256-JhTqTGQfIryJ7MElcOGOfb48uaNDnd9RM9Fl1Fs4QV0=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "de10d8414235b0a8cabfeba60d07c24304e71f5c", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1755631821, + "narHash": "sha256-+/GVSb3uQ5HktPv6HFwdywX85hScsAI1IHqXmwDH9PU=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "0087ee1d505d4fc4886d8d3121ae7848b7c0e49b", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1754466592, + "narHash": "sha256-b40E121rJrEmlor3fHmh4Y1TXKdfiqsBGBcpbY//eTw=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "a49df0f70171adc77704eac70dd2c0d179065933", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1755594039, + "narHash": "sha256-XU+PtvXlgoHFouyyceUIZ4L5AvZThUR2AegmCQAYt1A=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "e906ac3ed0bd273781759e7635b5b824393c925c", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1755621274, + "narHash": "sha256-o8VLMPriOh4+Ay5Ff0cWQYXjmihdr3x9131bKHHTsQE=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "30fa4d122d9b22ad8b2e0ab1b533c8c26c4dde86", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1755590055, + "narHash": "sha256-989Zf6SCy+vakFac4KmElUn8+ErJMtYJ8zlOi999UJI=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "ef9fc0267da4204432ab7bf3ab9df359874cfeb6", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1755085771, + "narHash": "sha256-X1rppwf2xBPrmB93ptXukOnEBDZmfjJd4F5ObNa1DHs=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "bd5a7d6db125d4654b50eeae9f5217f24bb22fd3", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1753844861, + "narHash": "sha256-e4Rd2y1Wekp7aobpTGaUeoSBnlfIASDaBR8js5dh2Vw=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c642487086dbd9a93160e1679a1327be111cbc25", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1755048367, + "narHash": "sha256-Hcnbk6go2vYCYqSfXLWQ+KimpU+NPbIkjBTKGMFoNQM=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "2cb5edb2dd6700a958a446b20bb2be04d318da9d", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1755014582, + "narHash": "sha256-zBUrqL+00Y8j4eVNAgI0nYn2i35zhQo2BVl4mL1cgfs=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "6e3c66548035e50db7bd8e360a29aec6620c3641", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1753760289, + "narHash": "sha256-BgJ0gKy/zxU82L7WocXLkXwD97pnCvpGyJVzSHeUtG0=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "6d7664d5bdfaea44c5f50b29f5239fab7b00c273", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1752437854, + "narHash": "sha256-5WofUOTYE+Nmx3A5OoZBneJBHZ8bdGEYDZ6vTMx1OE0=", + "owner": "mbbill", + "repo": "undotree", + "rev": "28f2f54a34baff90ea6f4a735ef1813ad875c743", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1753951521, + "narHash": "sha256-GmXScmbXJx74RMgPhkdKtdODZqkOarFHE1XOiSnt5Bo=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "7ef127aaede2a4d5ad8df8321e2eb4e567f29594", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1755599388, + "narHash": "sha256-4o20Hf+rFD2zejPZr5oe3ZkaynW3xAw/wtbF3sMjNnQ=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "eb9beab7d80eb052f78165b28d18f55844b26aef", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1755617152, + "narHash": "sha256-PSu5zQi/rzBAnALX8WrYckhqM5lI6hGAhsWWgS7ln7A=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "5f1c9a90c8db9c647da40ce6cf5be9e49ccbf0c7", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1755623332, + "narHash": "sha256-hnTDzd3eRsDUYYf9WPknYZ126d0XKXO1hjlY7WH4bDI=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "8ab43934caea0eacc986d112e5680c316b8a7944", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1753570668, + "narHash": "sha256-9Un7ekhBxcnmFE1xjCCFTZ7eqIbmXvQexpnhduAg4M0=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "b9fd5226c2f76c951fc8ed5923d85e4de065e509", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1754970649, + "narHash": "sha256-lWt2kpW+hsTMWt8tar/+AISTDrIt4Jn27NmI9j+Xt4s=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "b8c23159c0161f4b89196f74ee3a6d02cdc3a955", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1754424906, + "narHash": "sha256-FlJ7w5Ywwq03E0oYdnFJFb+MMUMQMa+5QhDMy2O9tGQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "3610dc7dc91f06aa98b11dca5cc30dfa98626b7e", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1755174669, + "narHash": "sha256-Cdd7m2ondica5yDgm8THEm8LttJwDWQTNPnKO4vKr2c=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "f0e9951778802526b14c934f7bf746e1e0ae5ed0", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1754884337, + "narHash": "sha256-Zftd4xFYdCtof6IusN+E079yY2oMTNhJ/yznvLiiur0=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "c2599a81ecabaae07c49ff9b45dcd032a8d90f1a", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1754488703, + "narHash": "sha256-f4a9Abwb265Rm+hpUXz+rKWXvaFVrmXf1h7d7eh9jJc=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "dca8726fea2c14e1ce6adbaa76a04816fbfaff61", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1753086914, + "narHash": "sha256-uQBB3fajHowivArxbtmEJvVU3+QO0VApYpVNMA58UkI=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "397c7c1184745fca649e5104de659e6392ef5a4d", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1755285297, + "narHash": "sha256-x8oPN7JqcY0scFO0vGREerT3dRiQA+k/qeWsug1sGiU=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "d27a29f5754e3a8b8d89a4069814e53ac583e951", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1755640282, + "narHash": "sha256-WYGvppnMsBaVYnMmv9WJRuKuyk4F/rzJ3DRBh+72tRY=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "04bfa5f35706410376bf7618a01fcf44e3f35b59", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1739910276, + "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1755448417, + "narHash": "sha256-KV+Wno4aB5uTSBxIZzQKC/0KfjQLM7x8wCDkVSnaPeA=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "3fd7b50810ae4cccf8b38e4c509b1608f141a9e9", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_3", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "nixpkgs": "nixpkgs_4", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_5", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1755648539, + "narHash": "sha256-zElmY3ieHOxJtn5Q3KKXZw3i6/e63jRtHowzOM4jERw=", + "ref": "refs/heads/master", + "rev": "1f8444ad78e85c902818ab48479f3f3a1e909031", + "revCount": 300, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1755571033, + "narHash": "sha256-V8gmZBfMiFGCyGJQx/yO81LFJ4d/I5Jxs2id96rLxrM=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "95487740bb7ac11553445e9249041a6fa4b5eccf", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/h003/flake.nix b/hosts/h003/flake.nix new file mode 100644 index 00000000..1d933364 --- /dev/null +++ b/hosts/h003/flake.nix @@ -0,0 +1,105 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + + # Use relative to get current version for testing + # common.url = "path:../../common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + nixpkgs, + common, + ros_neovim, + ... + }: + let + configuration_name = "h003"; + lib = nixpkgs.lib; + in + { + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ./mods + ( + { config, pkgs, ... }: + { + environment.systemPackages = with pkgs; [ + lua + sqlite + # networking tools + tcpdump + dig + ]; + + ringofstorms_common = { + systemName = configuration_name; + boot.systemd.enable = true; + secrets.enable = true; + general = { + reporting.enable = true; + }; + programs = { + tailnet.enable = true; + ssh.enable = true; + podman.enable = true; + }; + users = { + admins = [ "luser" ]; # First admin is also the primary user owning nix config + users = { + root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3riAQ8RP5JXj2eO87JpjbM/9SrfFHcN5pEJwQpRcOl nix2h003" + ]; + shell = pkgs.zsh; + }; + luser = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3riAQ8RP5JXj2eO87JpjbM/9SrfFHcN5pEJwQpRcOl nix2h003" + ]; + extraGroups = [ + "networkmanager" + "video" + "input" + ]; + shell = pkgs.zsh; + }; + }; + }; + homeManager = { + users = { + luser = { + imports = with common.homeManagerModules; [ + kitty + tmux + atuin + direnv + git + nix_deprecations + postgres + ssh + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + } + ); + }; + }; +} diff --git a/hosts/h003/hardware-configuration.nix b/hosts/h003/hardware-configuration.nix new file mode 100644 index 00000000..5d4ee1cc --- /dev/null +++ b/hosts/h003/hardware-configuration.nix @@ -0,0 +1,95 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + boot.initrd.secrets = { + "/keyfile_nvme0n1p1" = "/boot/keyfile_nvme0n1p1"; + }; + + boot.initrd.luks.devices."cryptroot" = { + device = "/dev/disk/by-partlabel/NIXROOT"; + keyFile = "/keyfile_nvme0n1p1"; + allowDiscards = true; # Allows SSD TRIM to manage wear on SSD + }; + + fileSystems."/" = { + device = "/dev/mapper/cryptroot"; + fsType = "btrfs"; + options = [ + "subvol=root" + "compress=zstd" + "noatime" + ]; + }; + + fileSystems."/nix" = { + device = "/dev/mapper/cryptroot"; + fsType = "btrfs"; + options = [ + "subvol=nix" + "compress=zstd" + "noatime" + ]; + }; + + fileSystems."/.snapshots" = { + device = "/dev/mapper/cryptroot"; + fsType = "btrfs"; + options = [ + "subvol=snapshots" + "compress=zstd" + "noatime" + ]; + }; + + swapDevices = [ + { + device = "/.swapfile"; + size = 32 * 1024; # 32 GiB + } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + # networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/h003/mods/adguardhome.nix b/hosts/h003/mods/adguardhome.nix new file mode 100644 index 00000000..c74e32d0 --- /dev/null +++ b/hosts/h003/mods/adguardhome.nix @@ -0,0 +1,50 @@ +{ + ... +}: +{ + config = { + services.adguardhome = { + enable = true; + allowDHCP = true; + openFirewall = false; + }; + + networking.firewall.interfaces.vlan20.allowedTCPPorts = [ + 53 # DNS + 68 # DHCP + 5543 # DNSCrypt + 3000 # Initial installation + 80 # admin panel + 443 # admin panel + 853 # DNS over tls + # 6060 # Debugging profile + ]; + networking.firewall.interfaces.vlan20.allowedUDPPorts = [ + 53 # DNS + # 67 # DHCP + # 68 # DHCP + 443 # Admin panel/https dns over https + 853 # DNS over quic + 5443 # DNSCrypt + ]; + + networking.firewall.interfaces.vlan30.allowedTCPPorts = [ + 53 # DNS + 68 # DHCP + 5543 # DNSCrypt + 3000 # Initial installation + 80 # admin panel + 443 # admin panel + 853 # DNS over tls + # 6060 # Debugging profile + ]; + networking.firewall.interfaces.vlan30.allowedUDPPorts = [ + 53 # DNS + # 67 # DHCP + # 68 # DHCP + 443 # Admin panel/https dns over https + 853 # DNS over quic + 5443 # DNSCrypt + ]; + }; +} diff --git a/hosts/h003/mods/default.nix b/hosts/h003/mods/default.nix new file mode 100644 index 00000000..25f72a0e --- /dev/null +++ b/hosts/h003/mods/default.nix @@ -0,0 +1,9 @@ +{ + ... +}: +{ + imports = [ + ./networking.nix + ./adguardhome.nix + ]; +} diff --git a/hosts/h003/mods/networking.nix b/hosts/h003/mods/networking.nix new file mode 100644 index 00000000..e07611ec --- /dev/null +++ b/hosts/h003/mods/networking.nix @@ -0,0 +1,248 @@ +{ + config, + lib, + ... +}: +{ + networking = { + # My Switch seems to not let me change management vlan so this is assume native default here for proper routing + # Configure bonding (LAG) + bonds = { + bond0 = { + interfaces = [ + "enp1s0" + "enp2s0" + ]; + driverOptions = { + # My shitty switch doesn't support this + # mode = "802.3ad"; # LACP + # lacp_rate = "fast"; + mode = "balance-xor"; + miimon = "100"; + }; + }; + }; + + # Configure VLANs on the bonded interface + vlans = { + vlan10 = { + id = 10; + interface = "bond0"; + }; + vlan20 = { + id = 20; + interface = "bond0"; + }; + vlan30 = { + id = 30; + interface = "bond0"; + }; + }; + + # enable ipv6 or not + enableIPv6 = true; + + # Interface configuration + interfaces = { + # WAN interface (VLAN 10 - to modem) + vlan10 = { + useDHCP = true; # Get IP from modem/ISP + tempAddress = lib.mkIf config.networking.enableIPv6 "disabled"; # For IPv6 privacy + }; + # LAN interface (VLAN 20 - main network) + vlan20 = { + ipv4.addresses = [ + { + address = "10.12.14.1"; + prefixLength = 24; + } + ]; + ipv6.addresses = lib.mkIf config.networking.enableIPv6 [ + { + address = "fd12:14:0::1"; # ULA prefix only + prefixLength = 64; + } + ]; + }; + # Management VLAN 1 + vlan30 = { + ipv4.addresses = [ + { + address = "10.12.16.1"; # Management network + prefixLength = 24; + } + ]; + ipv6.addresses = lib.mkIf config.networking.enableIPv6 [ + { + address = "fd12:14:1::1"; + prefixLength = 64; + } + ]; + }; + }; + + # NAT configuration + nat = { + enable = true; + externalInterface = "vlan10"; # WAN + internalInterfaces = [ + "vlan20" + "vlan30" + ]; # LAN/Management + enableIPv6 = lib.mkIf config.networking.enableIPv6 true; # Enable IPv6 NAT + }; + + # Enable IP forwarding for routing + firewall = { + enable = true; + allowPing = true; # For ddiagnostics + + # Block vlan to vlan communication + filterForward = true; + extraForwardRules = '' + # Allow established connections (allows return traffic) + ip protocol tcp ct state {established, related} accept + ip protocol udp ct state {established, related} accept + ip6 nexthdr tcp ct state {established, related} accept + ip6 nexthdr udp ct state {established, related} accept + + # --- Inter-VLAN Security --- + # Block any NEW connection attempts between LAN and Management + iifname "vlan20" oifname "vlan30" drop + iifname "vlan30" oifname "vlan20" drop + + # Explicitly allow LAN and Management to go to the WAN + oifname "vlan10" accept + + # Drop any other forwarding attempts between internal networks + drop + ''; + + interfaces = { + # WAN interface - allow nothing inbound by default + vlan10 = { + # Block all WAN + allowedTCPPorts = [ ]; + allowedUDPPorts = [ ]; + }; + + # LAN interface (VLAN 20) - FULL SERVICE + vlan20 = { + allowedTCPPorts = [ + 22 # SSH (if you want to SSH to your router from LAN devices) + 53 # DNS queries + 80 + 443 # HTTP (for local web services) + ]; + allowedUDPPorts = [ + 53 # DNS queries + 67 # DHCP server (dnsmasq) + 68 # DHCP client responses + ]; + }; + + # Management interface (VLAN 1) - LIMITED SERVICE + vlan30 = { + allowedTCPPorts = [ + 22 # SSH (for remote admin access) + 53 # DNS + 80 + 443 # HTTP + ]; + allowedUDPPorts = [ + 53 # DNS + 67 # DHCP server + 68 + ]; + }; + }; + }; + + # example of port forwarding + # nat.forwardPorts = [ + # { + # destination = "10.12.14.50:8080"; + # proto = "tcp"; + # sourcePort = 8080; + # } + # ]; + }; + + # dnsmasq for DHCP + DNS + services.dnsmasq = { + enable = true; + alwaysKeepRunning = true; + settings = { + # Listen only on LAN interface + interface = [ + "vlan20" + "vlan30" + ]; + bind-interfaces = true; + + # Shift DNS to localhost only on a separate non standard port + # We are using ./adguardhome.nix for DNS and we still run this one for reverse name lookups + # Note in Ad GuardHome in DNS Settings add localhost:9053 to Private reverse DNS servers and enable them + listen-address = "127.0.0.1"; + port = 9053; + + # DHCP range and settings + dhcp-range = [ + "set:mng,10.12.16.100,10.12.16.200,1h" # Management devices + "set:lan,10.12.14.100,10.12.14.200,1h" + ] + ++ lib.optionals config.networking.enableIPv6 [ + "set:mng,fd12:14:1::100,fd12:14:1::200,64,6h" # For Management + "set:lan,fd12:14::100,fd12:14::200,64,6h" + ]; + dhcp-option = [ + "tag:mng,option:router,10.12.16.1" + "tag:lan,option:router,10.12.14.1" + "tag:mng,option:dns-server,10.12.16.1" + "tag:lan,option:dns-server,10.12.14.1" + ]; + + # Static DHCP reservations + dhcp-host = [ + "00:be:43:b9:f4:e0,H001,10.12.14.10" + # TODO add H002 for .11 + "c8:c9:a3:2b:7b:19,PRUSA-MK4,10.12.14.21" + "24:e8:53:73:a3:c6,LGWEBOSTV,10.12.14.30" + "2c:cf:67:6a:45:47,HOMEASSISTANT,10.12.14.22" + "2a:d0:ec:fa:b9:7e,PIXEL-6,10.12.14.31" + "a8:29:48:94:23:dd,TL-SG1428PE,10.12.16.2" + "00:23:a4:0b:3b:be,TMREM00004335,10.12.14.181" + ]; + + enable-ra = lib.mkIf config.networking.enableIPv6 true; + # interface, min interval, max interval + ra-param = lib.mkIf config.networking.enableIPv6 [ + "vlan20,60,120" + "vlan30,60,120" + ]; + + # DNS settings (not needed since we use adguard for dns) + # server = [ + # "1.1.1.1" + # "8.8.8.8" + # "2606:4700:4700::1111" # Cloudflare IPv6 + # "2001:4860:4860::8888" # Google IPv6 + # ]; + }; + }; + + boot.kernel.sysctl = { + # Enable IPv4 forwarding + "net.ipv4.conf.all.forwarding" = true; + # Enable IPv6 forwarding + "net.ipv6.conf.all.forwarding" = true; + + # Security hardening + "net.ipv4.conf.all.send_redirects" = 0; + "net.ipv4.conf.default.send_redirects" = 0; + "net.ipv4.conf.all.accept_redirects" = 0; + "net.ipv4.conf.default.accept_redirects" = 0; + "net.ipv6.conf.all.accept_redirects" = 0; + "net.ipv6.conf.default.accept_redirects" = 0; + }; +} diff --git a/hosts/h003/readme.md b/hosts/h003/readme.md new file mode 100644 index 00000000..038c6f66 --- /dev/null +++ b/hosts/h003/readme.md @@ -0,0 +1 @@ +WAN Local networking computer diff --git a/hosts/linode/l001/configuration.nix b/hosts/linode/l001/configuration.nix new file mode 100644 index 00000000..016d4ad7 --- /dev/null +++ b/hosts/linode/l001/configuration.nix @@ -0,0 +1,7 @@ +{ + ... +}: +{ + boot.loader.grub.enable = true; + system.stateVersion = "24.11"; +} diff --git a/hosts/linode/l001/flake.lock b/hosts/linode/l001/flake.lock new file mode 100644 index 00000000..ea531e7f --- /dev/null +++ b/hosts/linode/l001/flake.lock @@ -0,0 +1,1405 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs_2", + "ragenix": "ragenix" + }, + "locked": { + "lastModified": 1742406125, + "narHash": "sha256-+NQNj2IMJuEiymB+YrcZkxeZt7QlC+Bwe5rWgRRHKrU=", + "ref": "refs/heads/master", + "rev": "138565efadeed6baf2a632c5dcc95a2031c77f86", + "revCount": 371, + "type": "git", + "url": "https://git.joshuabell.xyz/dotfiles" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/dotfiles" + } + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs_4", + "utils": "utils" + }, + "locked": { + "lastModified": 1727447169, + "narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1742234739, + "narHash": "sha256-zFL6zsf/5OztR1NSNQF33dvS1fL/BzVUjabZq4qrtY4=", + "owner": "rycee", + "repo": "home-manager", + "rev": "f6af7280a3390e65c2ad8fd059cdc303426cbd59", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1731755305, + "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1742069588, + "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1702272962, + "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1742268799, + "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "da044451c6a70518db5b730fe277b70f494188f1", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1742225912, + "narHash": "sha256-HCD3GrAAJb1jYTEc221DPlBk2VDkBt43hww7DXC1tyc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9df17ad16500057b7b081137ff7af1a8a6a32f6e", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1733158448, + "narHash": "sha256-JP3+goMgs3SiMHS9IVE7NAV/iKxyXi0fZgJb8hojtNQ=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "9131016c1167e23522a8e874b62217829fd327b8", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1742210958, + "narHash": "sha256-+1dSGYeUpW/EUbP0scgGz48UB5RAPZYIWCglTFyntaU=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "62b1249aa4a4fc7afe11c7e647cba0cef743826f", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1736009707, + "narHash": "sha256-3ecm5SDTcSOh256xSQPHhddQfMpepiEIpv58fHXrVg0=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "c9b9a22904c97d0eb69ccb9bab76037838326817", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1742156824, + "narHash": "sha256-n+pT7FiQONHhiZQH4BGjERrikGNSFTNciMx92oQGA1c=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "9721ffe230ec90e49c49ee33b5ca44c3fc689214", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1741233810, + "narHash": "sha256-BYTY2ezYuxsneAl/yQbwL1aQvVWKSsN3IVqzTlrBSEU=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "8d3bce9764e627b62b07424e0df77f680d47ffdb", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1740540215, + "narHash": "sha256-jSny+5RHgxcsoxWwIaFUZ022dk3mDRKZ7dibvE6I2fE=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "19cb21f513fc2b02f0c66be70107741e837516a1", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1741644182, + "narHash": "sha256-hmUqhAVLBiCUl16+S/hvRxqA/pTXcWejpLtwvqxBPaY=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "403a0abef0e2aec12749a534dc468d6fd50c6741", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1740589350, + "narHash": "sha256-MP1hohDL2JFembwW+cb2S+v2Y7j0iZw1jPPKTZiNCWI=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "4ab7842eb6a5b6d2b004f8234dcf33382a0fdde2", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1741996938, + "narHash": "sha256-eAqM/n0DDwl3WUO987c2mk3z7uJ4gAE0hkPg4Twyr4w=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "56d8ed0fa1516242085ba5e95d7f49fad50d5754", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1740764472, + "narHash": "sha256-4h/fzFY8JR9r+QnoiWEqgQKPMuu8i9HTC4v0Jp7iuUo=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "5b5e3aef9ad7af84f463d17b5479f06b87d5c429", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1735588187, + "narHash": "sha256-ZjXG+POJFRsc79i1BuAJB9K6UBUfHT05oYvZaUr+RqA=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "9ae6fcc933fc865ddf2728460194b67985e06e27", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1660101488, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "3022dbc9166796b644a841a02de8dd1cc1d311fa", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1733823748, + "narHash": "sha256-iaihXNCF5bB5MdeoosD/kc3QtpA/QaIDZVLiLIurBSM=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "99290b3ec1322070bcfb9e846450a46f6efa50f0", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1664784283, + "narHash": "sha256-thppiiV3wjIaZnAXmsh7j3DUc6ceSCvGzviwFUnoPaI=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "91ff86cd9c29299a64f968ebb45846c485725f23", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1741936119, + "narHash": "sha256-zl/rgbZF3+nsLI7Sd6xzQFlcpa5n/8pyganS+u0jD/s=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "1e1900b0769324a9675ef85b38f99cca29e203b3", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1738817426, + "narHash": "sha256-AFUx/ZQVWV7s5Wlppjk6N9QXoJKNKqxtf990FFlTEhw=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "d9ba6b7bfe29b3119a610892af67602641da778e", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1742140868, + "narHash": "sha256-qWusbKY+3d1dkW5oLYDyfSLdt1qFlJdDeXgFWqQ4hUI=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "7010000889bfb6c26065e0b0f7f1e6aa9163edd9", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-lvimuser/lsp-inlayhints.nvim": { + "flake": false, + "locked": { + "lastModified": 1686236485, + "narHash": "sha256-06CiJ+xeMO4+OJkckcslqwloJyt2gwg514JuxV6KOfQ=", + "owner": "lvimuser", + "repo": "lsp-inlayhints.nvim", + "rev": "d981f65c9ae0b6062176f0accb9c151daeda6f16", + "type": "github" + }, + "original": { + "owner": "lvimuser", + "repo": "lsp-inlayhints.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1741414159, + "narHash": "sha256-tigKgK1yGc5JEHd4RLXCd6Hq7ia3en3Xtk8X6L5+ef4=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "f87c86d1aa1e05dcf3c6ecd97fbfd237e2de0bf5", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1741878850, + "narHash": "sha256-HGf4Toe+12YZtIalvANDXAtksCsnxQkZbcevOAnl5G4=", + "owner": "mbbill", + "repo": "undotree", + "rev": "b951b87b46c34356d44aa71886aecf9dd7f5788a", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1738838825, + "narHash": "sha256-E/KcQr4RM4gz+ItENI9e7hMicyBKyzoIaDO5D1VDYSw=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "6e9dd545a1af204c4022a8fcd99727ea41ffdcc8", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1742147378, + "narHash": "sha256-I2H/0VNKWKK49EReXT81SVTHHHW9hT1+6n7h1cbLD0A=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "448c76451ecf3c0edabcde427b7f1c8c219be2dd", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1742142850, + "narHash": "sha256-CppHawmKEopPbK6HO4RFd7Kc1iMoCVwpIyN2Z6wiMfo=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "2574ad38c6ee4f0bef3a1ca305cd5df627a52bb3", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1724901856, + "narHash": "sha256-vFEIISxhTIGSl9LzDYHuEIkjLGkU0y5XhfWI/i5DgN4=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "03f6c40c4032eeb1ab91368e06db9c3f3a97a75d", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1739311008, + "narHash": "sha256-8FV5RjF7QbDmQOQynpK7uRKONKbPRYbOPugf9ZxNvUs=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "857c5ac632080dba10aae49dba902ce3abf91b35", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1742039150, + "narHash": "sha256-qYKykdCcXd+OHmK3WvsUCbn0zDKTQDj49VYsQ8iVvgs=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "b8b60c7f1d0d95ad74ee215b2291280b30482476", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1729728595, + "narHash": "sha256-VJbRi91TTOwUkQYyTM6Njl7MtX8/mOjINiqWYWEtyxg=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "626998e5c1b71c130d8bc6cf7abb6709b98287bb", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1742171408, + "narHash": "sha256-mHucOyrgQc3wVdK7lUQANW8Jka+m5gQ2z8JWtwo99bU=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "a17d611a0e111836a1db5295f04945df407c5135", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1740787655, + "narHash": "sha256-KSrY1K64yC6dPDd3DF15bVWs2N7B0BPS9enfmJgTzC4=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "c09ff35de503a41fa62465c6b4ae72d96e7a7ce4", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1742215722, + "narHash": "sha256-JKOvXJr1s2lpP5aeRE7OC3IeOrF5uJxg/Tal3eScd6g=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "4c3a5848ee0b09ecdea73adcd2a689190aeb728c", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1742201688, + "narHash": "sha256-rpmHIOXiD/mh0PHBdo1k1Wdb213KtBevmyCFrP89tME=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "83ded3bbff8bc13abc9704bf1c5e426f3ba343c4", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1733106470, + "narHash": "sha256-I8SRZxnoNC6SOWW+scoA77Jwyxcb4eUczppLdyOiZe0=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "efff286dd74c22f731cdec26a70b46e5b203c619", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1737405174, + "narHash": "sha256-6vNfc7E9DMXF0IBXJCLA8Rp+uOgbDch/Q7beW0ys3Vo=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "22f29093eae7785773ee9d543f8750348b1a195c", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1742136796, + "narHash": "sha256-Tc4EfcucGAR+5qURjoYqG5gW24PCYJLVd47OrFhyfRo=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "317412742990371f8e4709074da5c378456a27ff", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1741136809, + "narHash": "sha256-8uC+6rQdLqpfF/lf25mppqK/xgM1+6RGIyZaheaPd48=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "db8a4a9edb217067b1d7a2e0362c74bfe9cc944d", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1735970087, + "narHash": "sha256-53WsxOfWULlO4VbSXA4DW6wjkbCzpQjkzv4O8pReuEc=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "b57cbaf8db3ac43c56c9e2c7f3812944638260ed", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1739910276, + "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-yetone/avante.nvim": { + "flake": false, + "locked": { + "lastModified": 1742209600, + "narHash": "sha256-XmyRo20+VhyjP5CLgSy0Tr/7R031EJSmMEN/wK9JNk8=", + "owner": "yetone", + "repo": "avante.nvim", + "rev": "540cc53f0c30214e3e4b5688f030bb2d8277b8ce", + "type": "github" + }, + "original": { + "owner": "yetone", + "repo": "avante.nvim", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1739230958, + "narHash": "sha256-632UIbG1jwam+tug5+jODkT509+uBfJgUN21C3ppnEo=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "30321e33b03cb924fdcd6a806a0dc6fa0b0eafb9", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_3", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1741508717, + "narHash": "sha256-iQf1WdNxaApOFHIx4RLMRZ4f8g+8Xp0Z1/E/Mz2rLxY=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "2a2bea99d74927e54adf53cbf113219def67d5c9", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "deploy-rs": "deploy-rs", + "nixpkgs": "nixpkgs_5", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_6", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-lvimuser/lsp-inlayhints.nvim": "nvim_plugin-lvimuser/lsp-inlayhints.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-yetone/avante.nvim": "nvim_plugin-yetone/avante.nvim", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1742226527, + "narHash": "sha256-CT9227XXn1t8H1ivNBBkBcf+npB7tWk5yzEQoJvbGVU=", + "ref": "refs/heads/master", + "rev": "e8bafafc36fb2227dab8f0ddb67a2439d9077091", + "revCount": 268, + "type": "git", + "url": "https://git.joshuabell.xyz/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742178793, + "narHash": "sha256-S2onMdoDS4tIYd3/Jc5oFEZBr2dJOgPrh9KzSO/bfDw=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "954582a766a50ebef5695a9616c93b5386418c08", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/linode/l001/flake.nix b/hosts/linode/l001/flake.nix new file mode 100644 index 00000000..8c929dcd --- /dev/null +++ b/hosts/linode/l001/flake.nix @@ -0,0 +1,101 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + deploy-rs.url = "github:serokell/deploy-rs"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + self, + nixpkgs, + common, + ros_neovim, + deploy-rs, + ... + }: + let + configuration_name = "l001"; + lib = nixpkgs.lib; + in + { + deploy = { + sshUser = "root"; + sshOpts = [ + "-i" + "/run/agenix/nix2linode" + ]; + nodes.${configuration_name} = { + hostname = "172.236.111.33"; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.${configuration_name}; + }; + }; + }; + + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ./linode.nix + ./nginx.nix + ./headscale.nix + ( + { config, pkgs, ... }: + { + environment.systemPackages = with pkgs; [ + bitwarden + vaultwarden + ]; + + ringofstorms_common = { + systemName = configuration_name; + general = { + disableRemoteBuildsOnLio = true; + readWindowsDrives = false; + jetbrainsMonoFont = false; + ttyCapsEscape = false; + }; + programs = { + ssh.enable = true; + }; + users = { + users = { + root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuo6L6V52AzdQIK6fWW9s0aX1yKUUTXbPd8v8IU9p2o nix2linode" + ]; + shell = pkgs.zsh; + }; + }; + }; + homeManager = { + users = { + root = { + imports = with common.homeManagerModules; [ + tmux + atuin + git + postgres + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + } + ); + }; + }; +} diff --git a/hosts/linode/l001/hardware-configuration.nix b/hosts/linode/l001/hardware-configuration.nix new file mode 100644 index 00000000..7f8671ef --- /dev/null +++ b/hosts/linode/l001/hardware-configuration.nix @@ -0,0 +1,33 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/42a30f9c-b113-4b14-87b3-a9cfe44adf62"; + fsType = "ext4"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/f1408ea6-59a0-11ed-bc9d-525400000001"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s5.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/linode/l001/headscale.nix b/hosts/linode/l001/headscale.nix new file mode 100644 index 00000000..a2bc52c3 --- /dev/null +++ b/hosts/linode/l001/headscale.nix @@ -0,0 +1,24 @@ +{ pkgs, ... }: +{ + + config = { + # TODO backup /var/lib/headscale data + # TODO https://github.com/gurucomputing/headscale-ui ? + environment.systemPackages = with pkgs; [ headscale ]; + services.headscale = { + enable = true; + settings = { + server_url = "https://nexus.joshuabell.xyz"; + database.type = "sqlite3"; + derp = { + auto_update_enable = true; + update_frequency = "5m"; + }; + dns = { + magic_dns = true; + base_domain = "net.joshuabell.xyz"; + }; + }; + }; + }; +} diff --git a/hosts/linode/l001/linode.nix b/hosts/linode/l001/linode.nix new file mode 100644 index 00000000..b0f88940 --- /dev/null +++ b/hosts/linode/l001/linode.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: +{ + # https://www.linode.com/docs/guides/install-nixos-on-linode/#configure-nixos + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + boot.loader.grub.enable = true; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + + boot.loader.grub.forceInstall = true; + boot.loader.grub.device = "nodev"; + boot.loader.timeout = 10; + + services.openssh = { + enable = true; + settings.PermitRootLogin = "yes"; + settings.PasswordAuthentication = false; + }; + + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; # Disable DHCP globally as we will not need it. + # required for ssh? + networking.interfaces.eth0.useDHCP = true; + + environment.systemPackages = with pkgs; [ + inetutils + mtr + sysstat + ]; +} diff --git a/hosts/linode/l001/nginx.nix b/hosts/linode/l001/nginx.nix new file mode 100644 index 00000000..00c8fc53 --- /dev/null +++ b/hosts/linode/l001/nginx.nix @@ -0,0 +1,52 @@ +{ + ... +}: +{ + security.acme.acceptTerms = true; + security.acme.email = "admin@joshuabell.xyz"; + services.nginx = { + enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts = { + # default that is put first for fallbacks + # Note that order here doesn't matter it orders alphabetically so `0` puts it first + # I had an issue tha the first SSL port 443 site would catch any https traffic instead + # of hitting my default fallback and this fixes that issue and ensure this is hit instead + "001.linodes.joshuabell.xyz" = { + default = true; + enableACME = true; + forceSSL = true; + locations."/" = { + return = "444"; # 404 for not found or 444 for drop + }; + }; + "172.236.111.33" = { + locations."/" = { + return = "444"; + }; + }; + "2600:3c06::f03c:95ff:fe1c:84d3" = { + locations."/" = { + return = "444"; + }; + }; + + "headscale.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://localhost:8080"; # headscale + }; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 80 # web http + 443 # web https + ]; +} diff --git a/hosts/linode/linode.nix b/hosts/linode/linode.nix new file mode 100644 index 00000000..9b43d9a4 --- /dev/null +++ b/hosts/linode/linode.nix @@ -0,0 +1,40 @@ +{ pkgs, ... }: +{ + # https://www.linode.com/docs/guides/install-nixos-on-linode/#configure-nixos + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + boot.loader.grub.enable = true; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + + boot.loader.grub.forceInstall = true; + boot.loader.grub.device = "nodev"; + boot.loader.timeout = 10; + + # TODO disable after first startup with ssh keys + services.openssh = { + enable = true; + settings.PermitRootLogin = "yes"; + settings.PasswordAuthentication = false; + }; + + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; # Disable DHCP globally as we will not need it. + # required for ssh? + networking.interfaces.eth0.useDHCP = true; + + environment.systemPackages = with pkgs; [ + inetutils + mtr + sysstat + gitMinimal + vim + nano + ]; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuo6L6V52AzdQIK6fWW9s0aX1yKUUTXbPd8v8IU9p2o nix2linode" + ]; +} diff --git a/hosts/linode/readme.md b/hosts/linode/readme.md new file mode 100644 index 00000000..d8772e0e --- /dev/null +++ b/hosts/linode/readme.md @@ -0,0 +1,60 @@ +# Linode setup + + + + +- shutdown linode +- delete existing disks and configuration profiles +- Create Disks + - `installer`: `ext4` `1280 MB` + - `swap`: `swap` `512 MB` + - `nixos`: `ext4` all remaining space +- Create two configuration profiles, one for the installer and one to boot NixOS. For each profile, disable all of the options under Filesystem/Boot Helpers and set the Configuration Profile to match the following: + - installer profile + - Label: installer + - Kernel: Direct Disk + - /dev/sda: nixos + - /dev/sdb: swap + - /dev/sdc: installer + - root / boot device: Standard: `/dev/sdc` + - nixos profile + - Label: nixos + - Kernel: GRUB 2 + - /dev/sda: nixos + - /dev/sdb: swap + - root / boot device: Standard: `/dev/sda` +- Setup installer. + - rescue mode with installer as /dev/sda + - Open LISH + +```bash +# Update SSL certificates to allow HTTPS connections: +update-ca-certificates +# set the iso url to a variable +iso=https://channels.nixos.org/nixos-24.11/latest-nixos-minimal-x86_64-linux.iso +# verify sda disk is installer (~1GB) +lsblk +curl -L https://channels.nixos.org/nixos-24.11/latest-nixos-minimal-x86_64-linux.iso.sha256 +# Download the ISO, write it to the installer disk, and verify the checksum: +curl -L $iso | tee >(dd of=/dev/sda) | sha256sum +# verify the shas are the same then shutdown system +shutdown 0 +``` + +- Boot the installer configuration profile and install nixos +(open GLISH and `sudo -i && passwd #simple pass` ssh into machine for easier copy paste, rerun `passwd` with a more secure password here if desired) + - mount /dev/sda /mnt + - swapon /dev/sdb + - nixos-generate-config --root /mnt + - cd /mnt/etc/nixos + +- # TODO rewrite device modifiers like they say in the tutorial? I had issues with linode's device labeling so I am leaving it to uuids, this could bite me in the future idk + + - copy `linode.nix` into remote server and import it into `configuration.nix` + - update ssh key for root user if needed + - `nixos-install` +- shutdown in linode, delete installer disk +- delete the installer configuration profile in linode, boot into nixos configuration profile + + +tada, should be able to ssh with root and ssh key defined in earlier in linode.nix diff --git a/hosts/lio/configuration.nix b/hosts/lio/configuration.nix new file mode 100644 index 00000000..07eba39f --- /dev/null +++ b/hosts/lio/configuration.nix @@ -0,0 +1,31 @@ +{ + ... +}: +{ + hardware.enableAllFirmware = true; + + # Connectivity + networking.networkmanager.enable = true; + hardware.bluetooth.enable = true; + + # System76 + hardware.system76.enableAll = true; + + system.stateVersion = "23.11"; + + services = { + # https://discourse.nixos.org/t/very-high-fan-noises-on-nixos-using-a-system76-thelio/23875/10 + # Fixes insane jet speed fan noise + power-profiles-daemon.enable = false; + tlp = { + enable = true; + # settings = { + # CPU_BOOST_ON_AC = 1; + # CPU_BOOST_ON_BAT = 0; + # CPU_SCALING_GOVERNOR_ON_AC = "performance"; + # CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + # STOP_CHARGE_THRESH_BAT0 = 95; + # }; + }; + }; +} diff --git a/hosts/lio/containers.nix b/hosts/lio/containers.nix new file mode 100644 index 00000000..d2e7d23a --- /dev/null +++ b/hosts/lio/containers.nix @@ -0,0 +1,88 @@ +{ inputs }: +let + common = inputs.common; +in +{ + config, + ... +}: +{ + # NOTE some useful links + # nixos containers: https://blog.beardhatcode.be/2020/12/Declarative-Nixos-Containers.html + # https://nixos.wiki/wiki/NixOS_Containers + options = { }; + + imports = [ + # common.nixosModules.containers.obsidian_sync + ]; + + config = { + # Obsidian Sync settings + # services.obsidian_sync = { + # serverUrl = "https://obsidiansync.joshuabell.xyz"; + # dockerEnvFiles = [ config.age.secrets.obsidian_sync_env.path ]; + # }; + + ## Give internet access + networking = { + nat = { + enable = true; + internalInterfaces = [ "ve-*" ]; + externalInterface = "eno1"; + enableIPv6 = true; + }; + firewall.trustedInterfaces = [ "ve-*" ]; + }; + + # containers.wasabi = { + # ephemeral = true; + # autoStart = true; + # privateNetwork = true; + # hostAddress = "10.0.0.1"; + # localAddress = "10.0.0.111"; + # config = + # { config, pkgs, ... }: + # { + # system.stateVersion = "24.11"; + # services.httpd.enable = true; + # services.httpd.adminAddr = "foo@example.org"; + # networking.firewall = { + # enable = true; + # allowedTCPPorts = [ 80 ]; + # }; + # }; + # }; + + # virtualisation.oci-containers.containers = { + # ntest = { + # image = "nginx:alpine"; + # ports = [ + # "127.0.0.1:8085:80" + # ]; + # }; + # }; + + # virtualisation.oci-containers.backend = "docker"; + + services.nginx = { + enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts = { + "_" = { + default = true; + locations."/" = { + return = "404"; # or 444 for drop + }; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + }; +} diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock new file mode 100644 index 00000000..547d122e --- /dev/null +++ b/hosts/lio/flake.lock @@ -0,0 +1,1298 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "ragenix": "ragenix" + }, + "locked": { + "path": "../../common", + "type": "path" + }, + "original": { + "path": "../../common", + "type": "path" + }, + "parent": [] + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1756245065, + "narHash": "sha256-aAZNbGcWrVRZgWgkQbkabSGcDVRDMgON4BipMy69gvI=", + "owner": "rycee", + "repo": "home-manager", + "rev": "54b2879ce622d44415e727905925e21b8f833a98", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1755186698, + "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1755471983, + "narHash": "sha256-axUoWcm4cNQ36jOlnkD9D40LTfSQgk8ExfHSRm3rTtg=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "48f4c982de68d966421d2b6f1ddbeb6227cc5ceb", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1757952092, + "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "fd76dc9e7c68ac7c3941ba2af2bedcd79c5cf4ed", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1757950300, + "narHash": "sha256-IQTP3jOmFNc2nphV9jdFbJXkmAN5Wj+/PIGmaZ8gP24=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "87615648ff4dc852d1cf7ec099f0a7c37b1b2c87", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1756990415, + "narHash": "sha256-5FsUVPy8pAiwBh3c+bPDMtypFEHj6qIwGQIo3hjqV4M=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "21f74f7ba8c49f95f9d7c8293b147c2901dd2d3a", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1757910669, + "narHash": "sha256-PWbFcGRbTMRhDJrj+kx73HLduMLOSrAhZTLL2YgrAjQ=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "2c6cf127c577712bd29d38f6391b3045c5f0180a", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1755956579, + "narHash": "sha256-jfmST/S9ymwgQ99PTCOlJkk5zaxE5HiDV16TmTISDII=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "ac9fa498a9edb96dc3056724ff69d5f40b898453", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1757653237, + "narHash": "sha256-94NKAVWPV2sLkGWWL9G07QxA90Ise6tNWaYyKBcS/vI=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "3146720ee3a0c6e2446eedd492fb519d16f2e467", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1755621274, + "narHash": "sha256-o8VLMPriOh4+Ay5Ff0cWQYXjmihdr3x9131bKHHTsQE=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "30fa4d122d9b22ad8b2e0ab1b533c8c26c4dde86", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1757363000, + "narHash": "sha256-hfoJDD4ZKIx1IZjmZba117wRe3ELyGqG8ZqxDnRVmIk=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "14aba23ce4168e6d6acbf78ab1d33739c3894f68", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1755085771, + "narHash": "sha256-X1rppwf2xBPrmB93ptXukOnEBDZmfjJd4F5ObNa1DHs=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "bd5a7d6db125d4654b50eeae9f5217f24bb22fd3", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1753844861, + "narHash": "sha256-e4Rd2y1Wekp7aobpTGaUeoSBnlfIASDaBR8js5dh2Vw=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c642487086dbd9a93160e1679a1327be111cbc25", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1755700851, + "narHash": "sha256-KRlUqUdcliKpLnEJqyA2OAWto73F6iGTbMrsiAdc24M=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "4d5858bd4c471c895060e1b9f3575f1551184dc5", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1757668552, + "narHash": "sha256-L5WbNiFUn014hThvGfb5r858O6iLOBhOQHfVUdIlFI4=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "f780609807eca1f783a36a8a31c30a48fbe150c5", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1757738091, + "narHash": "sha256-Jy9ARUHU1ySpSxxoS3hLRjxp5Lqt7juWN5Jnbdo0rg0=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "b4e431934af1fe224a3a801f632c008278cb7628", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1756538456, + "narHash": "sha256-tudR+46nd63jY1VTCNEfZ2CofxCODXaHos0+NdFI6wU=", + "owner": "mbbill", + "repo": "undotree", + "rev": "fe9a9d0645f0f5532360b5e5f5c550d7bb4f1869", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1757878177, + "narHash": "sha256-8X9z0pRWx9xg9nQhhQtuOu3TunObg2CIgnlPXZtx86A=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "0864f81c681e15d9bdc1156fe3a17bd07db5a3ed", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1757809469, + "narHash": "sha256-bijgDZozBNmHW3cASmOrQlaSE80d8V3XRxi1BNmfzRI=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "370b85298e5afdfd8b5d3da0c60c04e3873499a4", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1757886255, + "narHash": "sha256-lIlFgHkesAK7fRcoEEQO84/0BpE29dBgNzBnCv/0Tf0=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "d9879110d0422a566fa01d732556f4d5515e1738", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1755703322, + "narHash": "sha256-xy+50CsRd0LfRyDtNNMI8KhzvjH2nt8ogwiXf7H3fYY=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "8b0974c0e23ef086f5598ebbb1980257171dc370", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1753570668, + "narHash": "sha256-9Un7ekhBxcnmFE1xjCCFTZ7eqIbmXvQexpnhduAg4M0=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "b9fd5226c2f76c951fc8ed5923d85e4de065e509", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1754970649, + "narHash": "sha256-lWt2kpW+hsTMWt8tar/+AISTDrIt4Jn27NmI9j+Xt4s=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "b8c23159c0161f4b89196f74ee3a6d02cdc3a955", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1754424906, + "narHash": "sha256-FlJ7w5Ywwq03E0oYdnFJFb+MMUMQMa+5QhDMy2O9tGQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "3610dc7dc91f06aa98b11dca5cc30dfa98626b7e", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1757312802, + "narHash": "sha256-Km+PWXJJLl8zsBjwIGL//qT/eUEZna4yYRPsWXMXG1E=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "e179ad2f83b5955ab0af653069a493a1828c2697", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1756936794, + "narHash": "sha256-2Q6ZZQj5HFXTw1YwX3ibdGOTwfbfPUBbcPOsuBUpSjc=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "6e51ca170563330e063720449c21f43e27ca0bc1", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1757521884, + "narHash": "sha256-+yj8bstmffVByX3Z/1vkUYdXvpmWGbPt+RDfkBnV11w=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "41847d3dafb5004464708a3db06b14f12bde548a", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1757190131, + "narHash": "sha256-h7STMjY+CBTqBkIDJXgtJz4WhNeQ02ES2Jesi3jZXeM=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "8701bece920b38ea289b457f902e2ad184131a5d", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1757864222, + "narHash": "sha256-FbN36vVLX3DUXwefTbi6511R6KTHqLiNHeAR0kXiarg=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "5a269bb5bec50b8b60564aa00f6454d9e82fbe8d", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1756334700, + "narHash": "sha256-j9TOSx2L19AHABdg9pLtmEUtPOCIUSo0qe2YUPBlZ5g=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "b4aab989db276993ea5dcb78872be494ce546521", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1757545454, + "narHash": "sha256-nT2W5gKFEfzP7MztLjm7yqwam3ADk0svcMdLg2nmI/4=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "c4ca798ab95b316a768d51eaaaee48f64a4a46bc", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1757884406, + "narHash": "sha256-sXobILIsV4nnk9//PbFT4L1BsHP1xSJiuibVbGwYXJ8=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "8aebaa3a102125fedf08c98773a0a8def92fff37", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "nixpkgs": "nixpkgs_3", + "nixpkgs-unstable": "nixpkgs-unstable", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_4", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1758041510, + "narHash": "sha256-vcK6ZwAWNfjdDFYKLVrWk+azva58AiDpm8nMfIniFWA=", + "ref": "refs/heads/master", + "rev": "b3dbdf3f7360747987bf38bcdd9baf01b4906929", + "revCount": 304, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1757930296, + "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix new file mode 100644 index 00000000..e3bbf5e3 --- /dev/null +++ b/hosts/lio/flake.nix @@ -0,0 +1,181 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + # Use relative to get current version for testing + common.url = "path:../../common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + nixpkgs, + common, + ros_neovim, + ... + }@inputs: + let + configuration_name = "lio"; + lib = nixpkgs.lib; + in + { + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + specialArgs = { + inherit inputs; + upkgs = import inputs.nixpkgs-unstable { + system = "x86_64-linux"; + config.allowUnfree = true; + }; + }; + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + (import ./containers.nix { inherit inputs; }) + # ./jails_text.nix + # ./hyprland_customizations.nix + # ./sway_customizations.nix + # ./i3_customizations.nix + ( + { + config, + pkgs, + upkgs, + lib, + ... + }: + { + programs = { + nix-ld = { + enable = true; + libraries = with pkgs; [ + icu + gmp + glibc + openssl + stdenv.cc.cc + ]; + }; + }; + environment.shellAliases = { + "oc" = + "all_proxy='' http_proxy='' https_proxy='' /home/josh/other/opencode/node_modules/opencode-linux-x64/bin/opencode"; + "occ" = "oc -c"; + }; + + environment.systemPackages = with pkgs; [ + lua + qdirstat + ffmpeg-full + appimage-run + nodejs_24 + foot + vlc + upkgs.ladybird + google-chrome + ]; + # Also allow this key to work for root user, this will let us use this as a remote builder easier + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" + ]; + # Allow emulation of aarch64-linux binaries for cross compiling + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + home-manager.extraSpecialArgs = { + inherit inputs; + inherit upkgs; + }; + + ringofstorms_common = { + systemName = configuration_name; + boot.systemd.enable = true; + secrets.enable = true; + general = { + reporting.enable = true; + disableRemoteBuildsOnLio = true; + }; + desktopEnvironment.i3 = { + enable = true; + # waybar.enable = true; + # swaync.enable = true; + }; + programs = { + rustDev.enable = true; + uhkAgent.enable = true; + tailnet.enable = true; + tailnet.enableExitNode = true; + ssh.enable = true; + podman.enable = true; + virt-manager.enable = true; + flatpaks = { + enable = true; + packages = [ + "org.signal.Signal" + "dev.vencord.Vesktop" + "md.obsidian.Obsidian" + "com.spotify.Client" + "com.bitwarden.desktop" + "org.openscad.OpenSCAD" + "org.blender.Blender" + "com.rustdesk.RustDesk" + ]; + }; + }; + users = { + # Users are all normal users and default password is password1 + admins = [ "josh" ]; # First admin is also the primary user owning nix config + users = { + josh = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio" + ]; + extraGroups = [ + "networkmanager" + "video" + "input" + ]; + shell = pkgs.zsh; + packages = with pkgs; [ + sabnzbd + ]; + }; + }; + }; + homeManager = { + users = { + josh = { + imports = with common.homeManagerModules; [ + tmux + atuin + kitty + foot + direnv + git + nix_deprecations + obs + postgres + slicer + ssh + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + + } + ); + }; + }; +} diff --git a/hosts/lio/hardware-configuration.nix b/hosts/lio/hardware-configuration.nix new file mode 100644 index 00000000..c0cde07c --- /dev/null +++ b/hosts/lio/hardware-configuration.nix @@ -0,0 +1,71 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ "amdgpu" ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + systemd.tmpfiles.rules = [ + "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" + ]; + hardware.graphics.extraPackages = with pkgs; [ + rocmPackages.clr.icd + ]; + + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + fileSystems."/mnt/nvme1tb" = { + device = "/dev/disk/by-uuid/7ddb48bd-160c-4049-a4fa-a5ac2b6a5402"; + fsType = "ext4"; + }; + + swapDevices = [ + { + device = "/.swapfile"; + size = 64 * 1024; # 64GB + } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp11s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/lio/hyprland_customizations.nix b/hosts/lio/hyprland_customizations.nix new file mode 100644 index 00000000..201b04af --- /dev/null +++ b/hosts/lio/hyprland_customizations.nix @@ -0,0 +1,144 @@ +{ lib, pkgs, ... }: +let + # Exact descriptions as reported by: hyprctl -j monitors | jq '.[].description' + mainDesc = "ASUSTek COMPUTER INC ASUS PG43U 0x01010101"; + secondaryDesc = "Samsung Electric Company C34J79x HTRM900776"; + + mainMonitor = "desc:${mainDesc}"; + secondaryMonitor = "desc:${secondaryDesc}"; + + hyprlandExtraOptions = { + exec-once = [ + # Wait a moment for monitors/workspaces to settle, then "prime" 6 and return to 1 + "sh -lc 'sleep 0.2; hyprctl dispatch workspace 7; sleep 0.02; hyprctl dispatch workspace 1'" + + ]; + monitor = [ + "${mainMonitor},3840x2160@97.98,0x0,1,transform,0" + "${secondaryMonitor},3440x1440@99.98,-1440x-640,1,transform,1" + ]; + workspace = + let + inherit (builtins) map toString; + inherit (lib) range; + mkWs = monitor: i: "${toString i},monitor:${monitor},persistent:true"; + in + (map (mkWs mainMonitor) (range 1 6)) ++ (map (mkWs secondaryMonitor) (range 7 10)); + }; + + moveScript = pkgs.writeShellScriptBin "hyprland-move-workspaces" '' + #!/usr/bin/env bash + set -euo pipefail + + HYPRCTL='${pkgs.hyprland}/bin/hyprctl' + JQ='${pkgs.jq}/bin/jq' + SOCAT='${pkgs.socat}/bin/socat' + + MAIN_DESC='${mainDesc}' + SEC_DESC='${secondaryDesc}' + + get_socket() { + # socket2 carries the event stream + echo "${"$"}{XDG_RUNTIME_DIR}/hypr/${"$"}{HYPRLAND_INSTANCE_SIGNATURE}/.socket2.sock" + } + + wait_for_hypr() { + # Wait until hyprctl works (Hyprland is up) + until ''${HYPRCTL} -j monitors >/dev/null 2>&1; do + sleep 0.5 + done + } + + mon_name_by_desc() { + # Resolve Hyprland "name" (e.g., DP-2) from human-friendly description + local desc="${"$"}1" + ''${HYPRCTL} -j monitors \ + | ''${JQ} -r --arg d "${"$"}desc" '.[] | select(.description == $d) | .name' \ + | head -n1 + } + + place_workspaces() { + local mainName secName + mainName="$(mon_name_by_desc "${"$"}MAIN_DESC")" + secName="$(mon_name_by_desc "${"$"}SEC_DESC" || true)" + + # Always keep 1–6 on the main monitor + for ws in 1 2 3 4 5 6; do + ''${HYPRCTL} dispatch moveworkspacetomonitor "${"$"}ws" "${"$"}mainName" || true + done + + if [ -n "${"$"}{secName:-}" ]; then + # Secondary is present ➜ put 7–10 on secondary + for ws in 7 8 9 10; do + ''${HYPRCTL} dispatch moveworkspacetomonitor "${"$"}ws" "${"$"}secName" || true + done + else + # No secondary ➜ keep 7–10 on main + for ws in 7 8 9 10; do + ''${HYPRCTL} dispatch moveworkspacetomonitor "${"$"}ws" "${"$"}mainName" || true + done + fi + } + + watch_events() { + local sock + sock="$(get_socket)" + + # If socket2 is missing for some reason, fall back to polling + if [ ! -S "${"$"}sock" ]; then + while :; do + place_workspaces + sleep 5 + done + return + fi + + # Subscribe to Hyprland events and react to monitor changes + ''${SOCAT} - "UNIX-CONNECT:${"$"}sock" | while IFS= read -r line; do + case "${"$"}line" in + monitoradded*|monitorremoved*|activemonitor*|layoutchange*|createworkspace*) + place_workspaces + ;; + esac + done + } + + if [ "${"$"}{1:-}" = "--oneshot" ]; then + wait_for_hypr + place_workspaces + else + wait_for_hypr + place_workspaces + watch_events + fi + ''; +in +{ + options = { }; + + config = { + environment.systemPackages = [ moveScript ]; + + ringofstorms_common.desktopEnvironment.hyprland.extraOptions = hyprlandExtraOptions; + + # User-level systemd service that follows your Hyprland session and watches for monitor changes + # systemd.user.services.hyprland-move-workspaces = { + # description = "Keep workspaces 1–6 on main and 7–10 on secondary; react to monitor changes"; + # + # # Start/stop with Hyprland specifically + # wantedBy = [ "hyprland-session.target" ]; + # after = [ "hyprland-session.target" ]; + # partOf = [ "hyprland-session.target" ]; + # bindsTo = [ "hyprland-session.target" ]; + # # Only start once Hyprland's event socket exists + # unitConfig.ConditionPathExistsGlob = "%t/hypr/*/.socket2.sock"; + # + # serviceConfig = { + # Type = "simple"; + # ExecStart = "${moveScript}/bin/hyprland-move-workspaces"; + # Restart = "always"; + # RestartSec = "2s"; + # }; + # }; + }; +} diff --git a/hosts/lio/i3_customizations.nix b/hosts/lio/i3_customizations.nix new file mode 100644 index 00000000..d53186d1 --- /dev/null +++ b/hosts/lio/i3_customizations.nix @@ -0,0 +1,71 @@ +{ ... }: +{ + ringofstorms_common.desktopEnvironment.i3.extraOptions = { + startup = [ + { + command = "exec sh -c 'sleep 0.01; i3-msg workspace 7; sleep 0.02; i3-msg workspace 1'"; + } + ]; + + # Example: map workspaces 1–6 to DP-1 and 7–10 to DP-2 + workspaceOutputAssign = [ + { + workspace = "1"; + output = "DP-1"; + } + { + workspace = "2"; + output = "DP-1"; + } + { + workspace = "3"; + output = "DP-1"; + } + { + workspace = "4"; + output = "DP-1"; + } + { + workspace = "5"; + output = "DP-1"; + } + { + workspace = "6"; + output = "DP-1"; + } + { + workspace = "7"; + output = "DP-2"; + } + { + workspace = "8"; + output = "DP-2"; + } + { + workspace = "9"; + output = "DP-2"; + } + { + workspace = "10"; + output = "DP-2"; + } + ]; + + # Optional output settings + output = { + "DP-1" = { + scale = "1"; + pos = "0 0"; + mode = "3840x2160@97.983Hz"; + bg = "${./wallpapers/pixel_neon.png} fill"; + }; + "DP-2" = { + scale = "1"; + transform = "270"; + pos = "-1440 -640"; + mode = "3440x1440@99.982Hz"; + bg = "${./wallpapers/pixel_neon_v.png} fill"; + }; + }; + }; +} diff --git a/hosts/lio/jails_text.nix b/hosts/lio/jails_text.nix new file mode 100644 index 00000000..b3ffab9e --- /dev/null +++ b/hosts/lio/jails_text.nix @@ -0,0 +1,70 @@ +{ + config, + pkgs, + lib, + ... +}: +{ + options = { }; + + imports = [ + ]; + + config = { + environment.systemPackages = with pkgs; [ + firejail + ]; + + boot.kernelModules = [ "dummy" ]; + networking.interfaces.sandbox0 = { + ipv4.addresses = [ + { + address = "10.10.10.2"; + prefixLength = 24; + } + ]; + }; + networking.nftables.ruleset = '' + table inet filter { + chain input { + type filter hook input priority 0; + iifname "lo" accept + iifname "sandbox0" ip saddr 93.184.216.34 accept + drop + } + chain output { + type filter hook output priority 0; + oifname "lo" accept + oifname "sandbox0" ip daddr 93.184.216.34 accept + drop + } + } + ''; + + programs.firejail = { + enable = true; + wrappedBinaries = { + jcurl = { + executable = lib.getExe pkgs.curl; + extraArgs = [ + "--quiet" + "--noprofile" + "--private" + "--net=none" + "--seccomp" + ]; + }; + jbat = { + executable = lib.getExe pkgs.bat; + extraArgs = [ + "--quiet" + "--noprofile" + "--private" + "--net=none" + "--seccomp" + ]; + }; + }; + }; + }; +} diff --git a/hosts/lio/sway_customizations.nix b/hosts/lio/sway_customizations.nix new file mode 100644 index 00000000..f37b83f5 --- /dev/null +++ b/hosts/lio/sway_customizations.nix @@ -0,0 +1,81 @@ +{ ... }: +let + swayExtraOptions = { + startup = [ + { + command = "exec sh -c 'sleep 0.01; swaymsg workspace number 7; sleep 0.02; swaymsg workspace number 1'"; + } + ]; + + # Example: map workspaces 1–6 to DP-1 and 7–10 to HDMI-A-1 + workspaceOutputAssign = [ + { + workspace = "1"; + output = "DP-1"; + } + { + workspace = "2"; + output = "DP-1"; + } + { + workspace = "3"; + output = "DP-1"; + } + { + workspace = "4"; + output = "DP-1"; + } + { + workspace = "5"; + output = "DP-1"; + } + { + workspace = "6"; + output = "DP-1"; + } + { + workspace = "7"; + output = "DP-2"; + } + { + workspace = "8"; + output = "DP-2"; + } + { + workspace = "9"; + output = "DP-2"; + } + { + workspace = "10"; + output = "DP-2"; + } + ]; + + # Optional output settings + output = { + "DP-1" = { + scale = "1"; + pos = "0 0"; + mode = "3840x2160@97.983Hz"; + bg = "${./wallpapers/pixel_neon.png} fill"; + }; + "DP-2" = { + scale = "1"; + transform = "270"; + pos = "-1440 -640"; + mode = "3440x1440@99.982Hz"; + bg = "${./wallpapers/pixel_neon_v.png} fill"; + }; + }; + }; + +in +{ + options = { }; + + config = { + environment.systemPackages = [ ]; + + ringofstorms_common.desktopEnvironment.sway.extraOptions = swayExtraOptions; + }; +} diff --git a/hosts/lio/wallpapers/pixel_neon.png b/hosts/lio/wallpapers/pixel_neon.png new file mode 100644 index 00000000..18fba639 Binary files /dev/null and b/hosts/lio/wallpapers/pixel_neon.png differ diff --git a/hosts/lio/wallpapers/pixel_neon_v.png b/hosts/lio/wallpapers/pixel_neon_v.png new file mode 100644 index 00000000..b746a18d Binary files /dev/null and b/hosts/lio/wallpapers/pixel_neon_v.png differ diff --git a/hosts/oracle/o001/configuration.nix b/hosts/oracle/o001/configuration.nix new file mode 100644 index 00000000..50a0d5ea --- /dev/null +++ b/hosts/oracle/o001/configuration.nix @@ -0,0 +1,9 @@ +{ ... }: +{ + boot.tmp.cleanOnBoot = true; + zramSwap.enable = false; + networking.hostName = "o001"; + networking.domain = "subnet01171946.vcn01171946.oraclevcn.com"; + services.openssh.enable = true; + system.stateVersion = "23.11"; +} diff --git a/hosts/oracle/o001/containers/vaultwarden.nix b/hosts/oracle/o001/containers/vaultwarden.nix new file mode 100644 index 00000000..d2094026 --- /dev/null +++ b/hosts/oracle/o001/containers/vaultwarden.nix @@ -0,0 +1,85 @@ +{ + config, + ... +}: +let + name = "vaultwarden"; + user = name; + uid = 114; + hostDataDir = "/var/lib/${name}"; + + v_port = 8222; +in +{ + users = { + users.${user} = { + isSystemUser = true; + group = user; + inherit uid; + }; + groups.${user}.gid = uid; + }; + system.activationScripts.createMediaServerDirs = '' + mkdir -p ${hostDataDir}/data + mkdir -p ${hostDataDir}/backups + chown -R ${toString uid}:${toString uid} ${hostDataDir} + chmod -R 750 ${hostDataDir} + ''; + + containers.${name} = { + ephemeral = true; + autoStart = true; + privateNetwork = false; + bindMounts = { + "/var/lib/vaultwarden" = { + hostPath = "${hostDataDir}/data"; + isReadOnly = false; + }; + "/var/lib/backups/vaultwarden" = { + hostPath = "${hostDataDir}/backups"; + isReadOnly = false; + }; + "/var/secrets/vaultwarden.env" = { + hostPath = config.age.secrets.vaultwarden_env.path; + isReadOnly = true; + }; + }; + config = + { ... }: + { + system.stateVersion = "24.11"; + users = { + users.${user} = { + isSystemUser = true; + group = user; + inherit uid; + }; + groups.${user}.gid = uid; + }; + + services.vaultwarden = { + enable = true; + dbBackend = "sqlite"; + backupDir = "/var/lib/backups/vaultwarden"; + environmentFile = "/var/secrets/vaultwarden.env"; + config = { + DOMAIN = "https://vault.joshuabell.xyz"; + SIGNUPS_ALLOWED = false; + ROCKET_PORT = builtins.toString v_port; + ROCKET_ADDRESS = "127.0.0.1"; + }; + }; + }; + }; + + services.nginx.virtualHosts."vault.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations = { + "/" = { + proxyWebsockets = true; + proxyPass = "http://127.0.0.1:${builtins.toString v_port}"; + }; + }; + }; +} diff --git a/hosts/oracle/o001/flake.lock b/hosts/oracle/o001/flake.lock new file mode 100644 index 00000000..a4afc77a --- /dev/null +++ b/hosts/oracle/o001/flake.lock @@ -0,0 +1,1384 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "ragenix": "ragenix" + }, + "locked": { + "path": "../../../common", + "type": "path" + }, + "original": { + "path": "../../../common", + "type": "path" + }, + "parent": [] + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs_3", + "utils": "utils" + }, + "locked": { + "lastModified": 1749105467, + "narHash": "sha256-hXh76y/wDl15almBcqvjryB50B0BaiXJKk20f314RoE=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "6bc76b872374845ba9d645a2f012b764fecd765f", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "owner": "rycee", + "repo": "home-manager", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1743014863, + "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1750622754, + "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c7ab75210cb8cb16ddd8f290755d9558edde7ee1", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1750188666, + "narHash": "sha256-yAfLvtbCzSigTfbsJeOrvljS7VYLAwi2RZ6F+qd+A5E=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "aa36c6c05d04f90cf890f87845be9380cf7b83c2", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1750069301, + "narHash": "sha256-lIAsudDunKOY69r00czO+rmMbM+woIdIGroT4dUZAFc=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "5df0b668d23c05c173f6bc79bb19642215b8b66a", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1749564222, + "narHash": "sha256-StttV19d5gWbFPxerCOX3dXIaRwg1oeUANIbNztALps=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "fb525166ccc30296fb3457441eb979113de46b00", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1749846779, + "narHash": "sha256-j1aslQ3SPD9ZuhQDEt9e5GD+VZ6N6Re7IjVFXycaxWI=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "76f7ce56ccb913632745714f160faa53164c5574", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1748637634, + "narHash": "sha256-sDjG6fjnQsyYtdf7xpmOW193e7USh6ghrFzo6NoLyP8=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "5d8b1bef686db0fabe5f1bb593744b617e8f1405", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1750179699, + "narHash": "sha256-EGt75z/NbjzDXxsyXT9Qj2wWOf06ijUr1If5ljmfLqo=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "45fd6c22f30487586c771072dc8c5230931e4c7b", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1749271780, + "narHash": "sha256-wt/Ybjgr4N80B+QsyANs1QezM7PpFceUWSweRFgkhl0=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "fa42eb5e26819ef58884257d5ae95dd0552b9a66", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1750108178, + "narHash": "sha256-3I7Xup+v9Yq9/nJQ1F5CDW99oFQcxbinv7VQcKeA16Y=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "d9ffd8f70ed6d466cecd3e7e2dd1425b0010932f", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1743496195, + "narHash": "sha256-iaihXNCF5bB5MdeoosD/kc3QtpA/QaIDZVLiLIurBSM=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "a8912b88ce488f411177fc8aed358b04dc246d7b", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1743497173, + "narHash": "sha256-thppiiV3wjIaZnAXmsh7j3DUc6ceSCvGzviwFUnoPaI=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c6635aae33a50d6010bf1aa756ac2398a2d54c32", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1738817426, + "narHash": "sha256-AFUx/ZQVWV7s5Wlppjk6N9QXoJKNKqxtf990FFlTEhw=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "d9ba6b7bfe29b3119a610892af67602641da778e", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1750058704, + "narHash": "sha256-V9aXXR9ZP2G/XInHt07RylC4rS+AyMXAAfODvC6pVxw=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "88205953bd748322b49b26e1dfb0389932520dc9", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1750160168, + "narHash": "sha256-hzFX5mZRxTDDIp/iBVl4lqEaQryLQOe7jFJmXDwq4J8=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "b9a989191b3a97c9316a0efea02341c4cdab845a", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1741878850, + "narHash": "sha256-HGf4Toe+12YZtIalvANDXAtksCsnxQkZbcevOAnl5G4=", + "owner": "mbbill", + "repo": "undotree", + "rev": "b951b87b46c34356d44aa71886aecf9dd7f5788a", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1749731021, + "narHash": "sha256-V4JJ1VQXoIsUBTxe6ykbkyo6LxEAr+QEIqIV3mA9phs=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "2b0039b8be9583704591a13129c600891ac2c596", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1750024924, + "narHash": "sha256-gmOqCnSLGDNerXyuuNhkyL/pSJitnyqBdWC3LejZoS4=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "2fdf224107e5bc29fb5c3a175f5f2c9161b34741", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1750169575, + "narHash": "sha256-lJWMFgQLQhKUuv50WrYXlJ3TFqT04nVbmcBGVDaSz0k=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "99d3a0f26bfe402f45257c1398287aef252cbe2d", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1748880705, + "narHash": "sha256-eTnVFOR7FHlkU9kwrk3q3pNo/U8OR2gJrnrMUQKGi2A=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "6e893c32ff7c5b8d0d501b748c525fa53963fb35", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1739311008, + "narHash": "sha256-8FV5RjF7QbDmQOQynpK7uRKONKbPRYbOPugf9ZxNvUs=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "857c5ac632080dba10aae49dba902ce3abf91b35", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1749383457, + "narHash": "sha256-2aPgA7riA/FubQpTkqsxLKl7OZ8L6FkucNHc2QEx2HQ=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "a94fc68960665e54408fe37dcf573193c4ce82c9", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1750040034, + "narHash": "sha256-NHcU3c+1pLeypHr9xXKmqvdwB1QM/vj5axzjpFEQCLQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "7bf55ed0ff5be182ad3301cff266581fc1c56cce", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1750143568, + "narHash": "sha256-E2YdGlvvpnT/PiayfQldwpbCnjsyNDcoTzxgMf2ajV8=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "d54a1875a91e1a705795ea26074795210b92ce7f", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1747360641, + "narHash": "sha256-+RHeFaeCF/iwAf8qAOjbEIl3YcnrBMVfkQnnzDNhyTA=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "1fb58cca9aebbc4fd32b086cb413548ce132c127", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1749893617, + "narHash": "sha256-QJAfpVdTHTxjUgggQekRLvNYuvG12gjtfTGybfcFdyo=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "1a1a7c5d6d75cb49bf64049dafab15ebe294a79f", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1744548826, + "narHash": "sha256-m4dQ8KuMhbEpRh6zLTlIUDN9ojFj69LZnXXLepmdFI8=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "b5825cf9ee881dd8e43309c93374ed5b87b7a896", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1749967462, + "narHash": "sha256-1pIGu/GJ4FiMH/yHhoo6Gu0HLC3rFQiesJBuv8uE7Vw=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "fffb13dcbe8731b8650e5bf1caa749a485d20556", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1749498876, + "narHash": "sha256-n1IPUNwD14WlDU4zbgfJuhXQcVMt8oc4wCuUJBPJ+y4=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "8132ec733eed3bf415b97b76797ca41b59f51d7d", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-supermaven-inc/supermaven-nvim": { + "flake": false, + "locked": { + "lastModified": 1728314930, + "narHash": "sha256-1z3WKIiikQqoweReUyK5O8MWSRN5y95qcxM6qzlKMME=", + "owner": "supermaven-inc", + "repo": "supermaven-nvim", + "rev": "07d20fce48a5629686aefb0a7cd4b25e33947d50", + "type": "github" + }, + "original": { + "owner": "supermaven-inc", + "repo": "supermaven-nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1739910276, + "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1749137204, + "narHash": "sha256-qxHpIsFFLDG/jtk6e1hkOZgDSRA5Q0+DMxxAxckNhIc=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "c1bb86abbed1a52a11ab3944ef00c8410520543d", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "deploy-rs": "deploy-rs", + "nixpkgs": "nixpkgs_4", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_5", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-supermaven-inc/supermaven-nvim": "nvim_plugin-supermaven-inc/supermaven-nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1750190298, + "narHash": "sha256-ero30lVvCzmdKkY0lZR/RO+oTNTY1WXQh6vhfbcbTIk=", + "ref": "refs/heads/master", + "rev": "1ed03dac446683ef42035b53a410d857855d82d9", + "revCount": 291, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750127910, + "narHash": "sha256-FIgEIS0RAlOyXGqoj/OufTfcKItYq668yPYL4SXdU0M=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "45418795a73b77b7726c62ce265d68cf541ffb49", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/oracle/o001/flake.nix b/hosts/oracle/o001/flake.nix new file mode 100644 index 00000000..80c48ff9 --- /dev/null +++ b/hosts/oracle/o001/flake.nix @@ -0,0 +1,111 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + deploy-rs.url = "github:serokell/deploy-rs"; + + common.url = "path:../../../common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + self, + nixpkgs, + common, + ros_neovim, + deploy-rs, + ... + }: + let + configuration_name = "o001"; + lib = nixpkgs.lib; + in + { + deploy = { + sshUser = "root"; + sshOpts = [ + "-i" + "/run/agenix/nix2oracle" + ]; + nodes.${configuration_name} = { + hostname = "64.181.210.7"; + targetPlatform = "aarch64-linux"; + profiles.system = { + user = "root"; + path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.${configuration_name}; + }; + }; + }; + + nixosConfigurations = { + nixos = self.nixosConfigurations.${configuration_name}; + "${configuration_name}" = lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ./nginx.nix + ./containers/vaultwarden.nix + ./mods/postgresql.nix + ./mods/atuin.nix + ./mods/rustdesk-server.nix + ( + { pkgs, ... }: + { + environment.systemPackages = with pkgs; [ + bitwarden + vaultwarden + ]; + + ringofstorms_common = { + systemName = configuration_name; + secrets.enable = true; + general = { + disableRemoteBuildsOnLio = true; + readWindowsDrives = false; + jetbrainsMonoFont = false; + ttyCapsEscape = false; + reporting.enable = true; + }; + programs = { + tailnet.enable = true; + ssh.enable = true; + docker.enable = true; + }; + users = { + users = { + root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG90Gg6dV3yhZ5+X40vICbeBwV9rfD39/8l9QSqluTw8 nix2oracle" + ]; + shell = pkgs.zsh; + }; + }; + }; + homeManager = { + users = { + root = { + programs.atuin.settings.sync_address = "http://localhost:8888"; + imports = with common.homeManagerModules; [ + tmux + atuin + git + postgres + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + }; + }; + }; +} diff --git a/hosts/oracle/o001/hardware-configuration.nix b/hosts/oracle/o001/hardware-configuration.nix new file mode 100644 index 00000000..ec56e90f --- /dev/null +++ b/hosts/oracle/o001/hardware-configuration.nix @@ -0,0 +1,15 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot.loader.grub = { + enable = true; + efiSupport = true; + efiInstallAsRemovable = true; + device = "nodev"; + }; + fileSystems."/boot" = { device = "/dev/disk/by-uuid/92B6-AAE1"; fsType = "vfat"; }; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ]; + boot.initrd.kernelModules = [ "nvme" ]; + fileSystems."/" = { device = "/dev/sda3"; fsType = "xfs"; }; + swapDevices = [ { device = "/dev/sda2"; } ]; +} diff --git a/hosts/oracle/o001/mods/atuin.nix b/hosts/oracle/o001/mods/atuin.nix new file mode 100644 index 00000000..18b44395 --- /dev/null +++ b/hosts/oracle/o001/mods/atuin.nix @@ -0,0 +1,24 @@ +{ + config, + ... +}: +{ + services.atuin = { + enable = true; + openRegistration = false; + openFirewall = false; + host = "127.0.0.1"; + port = 8888; + }; + + services.nginx.virtualHosts."atuin.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations = { + "/" = { + proxyWebsockets = true; + proxyPass = "http://127.0.0.1:${builtins.toString config.services.atuin.port}"; + }; + }; + }; +} diff --git a/hosts/oracle/o001/mods/postgresql.nix b/hosts/oracle/o001/mods/postgresql.nix new file mode 100644 index 00000000..c63a38d1 --- /dev/null +++ b/hosts/oracle/o001/mods/postgresql.nix @@ -0,0 +1,28 @@ +{ + pkgs, + ... +}: +{ + services.postgresql = { + enable = true; + package = pkgs.postgresql_17.withJIT; + enableJIT = true; + extensions = with pkgs.postgresql17Packages; [ + # NOTE add extensions here + pgvector + postgis + pgsodium + pg_squeeze + ]; + authentication = '' + local all all trust + host all all 127.0.0.1/8 trust + host all all ::1/128 trust + host all all 192.168.100.0/24 trust + ''; + }; + + services.postgresqlBackup = { + enable = true; + }; +} diff --git a/hosts/oracle/o001/mods/rustdesk-server.nix b/hosts/oracle/o001/mods/rustdesk-server.nix new file mode 100644 index 00000000..6ab4fe2c --- /dev/null +++ b/hosts/oracle/o001/mods/rustdesk-server.nix @@ -0,0 +1,31 @@ +{ + ... +}: +let + TailscaleInterface = "tailscale0"; + TCPPorts = [ + 21115 + 21116 + 21117 + 21118 + 21119 + ]; + UDPPorts = [ 21116 ]; +in +{ + services = { + rustdesk-server = { + enable = true; + relay.enable = true; + signal.enable = true; + # Instead we only allow this on the tailnet IP range + openFirewall = false; + signal.relayHosts = [ "localhost" ]; + }; + }; + + networking.firewall.interfaces."${TailscaleInterface}" = { + allowedTCPPorts = TCPPorts; + allowedUDPPorts = UDPPorts; + }; +} diff --git a/hosts/oracle/o001/nginx.nix b/hosts/oracle/o001/nginx.nix new file mode 100644 index 00000000..3866fb52 --- /dev/null +++ b/hosts/oracle/o001/nginx.nix @@ -0,0 +1,228 @@ +{ + ... +}: +{ + # JUST A TEST TODO remove + containers.wasabi = { + ephemeral = true; + autoStart = true; + privateNetwork = true; + hostAddress = "192.168.100.2"; + localAddress = "192.168.100.11"; + config = + { config, pkgs, ... }: + { + system.stateVersion = "24.11"; + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 ]; + }; + }; + }; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "admin@joshuabell.xyz"; + services.nginx = { + enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts = + let + tailnetConfig = { + locations = { + "/" = { + extraConfig = '' + default_type text/html; + return 200 ' + + jRmvVcy0mlTrVJGiPMHsiCF6pQ2JCDNe2LiYJwcwgm8= + + '; + ''; + }; + }; + }; + in + { + # Redirect self IP to domain + "64.181.210.7" = { + locations."/" = { + return = "301 https://joshuabell.xyz"; + }; + }; + + "100.64.0.11" = tailnetConfig; + "o001.net.joshuabell.xyz" = tailnetConfig; + + "www.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + return = "301 https://joshuabell.xyz"; + }; + }; + "joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations = { + "~ ^/ttyd-t(.*)$" = { + proxyPass = "http://100.64.0.8:9999"; + extraConfig = '' + rewrite ^/ttyd-tempus(.*) /$1 break; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_read_timeout 1d; # dont kill connection after 60s of inactivity + ''; + }; + # "~ ^/tunnel_tempus/(?[0-9]+)(.*)$" = { + # extraConfig = '' + # set $target_port $port; + # rewrite ^/tunnel_tempus/(?[0-9]+)(.*)$ /$2 break; + # proxy_pass http://100.64.0.8:$target_port; + # proxy_http_version 1.1; + # proxy_set_header Upgrade $http_upgrade; + # proxy_set_header Connection "upgrade"; + # proxy_set_header Host $host; + # proxy_set_header X-Forwarded-Proto $scheme; + # proxy_set_header X-Forwarded-Port $server_port; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # proxy_read_timeout 1d; # dont kill connection after 60s of inactivity + # ''; + # }; + "/wasabi" = { + proxyPass = "http://192.168.100.11/"; + extraConfig = '' + rewrite ^/wasabi/(.*) /$1 break; + ''; + }; + "/" = { + # return = "200 'Hello World'"; + extraConfig = '' + default_type text/html; + return 200 ' + + +
+ In the void you roam,
+ A page that cannot be found-
+ Turn back, seek anew. +
+ + + '; + ''; + }; + }; + }; + + "www.ellalala.com" = { + enableACME = true; + forceSSL = true; + locations."/" = { + return = "301 https://ellalala.com"; + }; + }; + "ellalala.com" = { + enableACME = true; + forceSSL = true; + locations."/" = { + return = "444"; + }; + }; + + # PROXY HOSTS + "chat.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://100.64.0.13"; + }; + }; + "gist.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://100.64.0.13"; + }; + }; + "git.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://100.64.0.13"; + }; + }; + "sso.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://100.64.0.13"; + extraConfig = '' + proxy_set_header X-Forwarded-Proto https; + ''; + }; + }; + # "obsidiansync.joshuabell.xyz" = { + # enableACME = true; + # forceSSL = true; + # locations."/" = { + # proxyPass = "http://100.64.0.1:5984"; + # }; + # extraConfig = '' + # client_max_body_size 100M; + # proxy_redirect off; + # proxy_buffering off; + # proxy_set_header Host $host; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # ''; + # }; + "jellyfin.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://100.64.0.13"; + }; + }; + "media.joshuabell.xyz" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://100.64.0.13"; + }; + }; + + "_" = { + default = true; + locations."/" = { + return = "444"; # 404 for not found or 444 for drop + }; + }; + }; + + # STREAMS + streamConfig = '' + server { + listen 3032; + proxy_pass 100.64.0.13:3032; + } + ''; + }; + + # NOTE Oracle also has security rules that must expose these ports so this alone will not work! See readme + networking.firewall.allowedTCPPorts = [ + 80 # web http + 443 # web https + + 3032 # ssh for git server + ]; +} diff --git a/hosts/oracle/readme.md b/hosts/oracle/readme.md new file mode 100644 index 00000000..8e4740a1 --- /dev/null +++ b/hosts/oracle/readme.md @@ -0,0 +1,18 @@ +# Steps + +Mostly followed: + +- kexectools -> kexec-tools +- create mnt/boot after mounting mnt +- copy over oracle.nix and import for first nixos-install + +# TODO + +- check out + +- Nixos infect worked well, ran it. It maintains the ssh pub key for root user +- Allow connections in oracle security + - > Networking > Virtual Cloud Networks > __ network __ > __ subnet __ > __ security list __ + - Add TCP all for ports 80/443 just like 22 has +- copy config/hardware config and deploy +- diff --git a/hosts/oren/configuration.nix b/hosts/oren/configuration.nix new file mode 100644 index 00000000..268baf65 --- /dev/null +++ b/hosts/oren/configuration.nix @@ -0,0 +1,29 @@ +{ + pkgs, + lib, + config, + ... +}: +{ + system.stateVersion = "24.11"; # Did you read the comment? + environment.systemPackages = with pkgs; [ + # [Laptop] Battery status + acpi + bluez # bluetoothctl command + ]; + hardware.enableAllFirmware = true; + hardware.bluetooth.enable = true; + networking.networkmanager.enable = true; + environment.shellAliases = { + wifi = "nmtui"; + battery = "acpi"; + }; + boot.kernelModules = [ + "rtl8192ce" + "rtl8192c_common" + "rtlwifi" + "mac80211" + ]; + + services.tlp.enable = true; +} diff --git a/hosts/oren/flake.lock b/hosts/oren/flake.lock new file mode 100644 index 00000000..6bd08e8e --- /dev/null +++ b/hosts/oren/flake.lock @@ -0,0 +1,1298 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "ragenix": "ragenix" + }, + "locked": { + "path": "../../common", + "type": "path" + }, + "original": { + "path": "../../common", + "type": "path" + }, + "parent": [] + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1756245065, + "narHash": "sha256-aAZNbGcWrVRZgWgkQbkabSGcDVRDMgON4BipMy69gvI=", + "owner": "rycee", + "repo": "home-manager", + "rev": "54b2879ce622d44415e727905925e21b8f833a98", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1758198701, + "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1758216857, + "narHash": "sha256-h1BW2y7CY4LI9w61R02wPaOYfmYo82FyRqHIwukQ6SY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d2ed99647a4b195f0bcc440f76edfa10aeb3b743", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1757952092, + "narHash": "sha256-BcfTLFCU7elUJ2dwyt0iTjxsz/XLh+8ZygDcFwy6xPE=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "fd76dc9e7c68ac7c3941ba2af2bedcd79c5cf4ed", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1757950300, + "narHash": "sha256-IQTP3jOmFNc2nphV9jdFbJXkmAN5Wj+/PIGmaZ8gP24=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "87615648ff4dc852d1cf7ec099f0a7c37b1b2c87", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1756990415, + "narHash": "sha256-5FsUVPy8pAiwBh3c+bPDMtypFEHj6qIwGQIo3hjqV4M=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "21f74f7ba8c49f95f9d7c8293b147c2901dd2d3a", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1757910669, + "narHash": "sha256-PWbFcGRbTMRhDJrj+kx73HLduMLOSrAhZTLL2YgrAjQ=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "2c6cf127c577712bd29d38f6391b3045c5f0180a", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1755956579, + "narHash": "sha256-jfmST/S9ymwgQ99PTCOlJkk5zaxE5HiDV16TmTISDII=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "ac9fa498a9edb96dc3056724ff69d5f40b898453", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1757653237, + "narHash": "sha256-94NKAVWPV2sLkGWWL9G07QxA90Ise6tNWaYyKBcS/vI=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "3146720ee3a0c6e2446eedd492fb519d16f2e467", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1755621274, + "narHash": "sha256-o8VLMPriOh4+Ay5Ff0cWQYXjmihdr3x9131bKHHTsQE=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "30fa4d122d9b22ad8b2e0ab1b533c8c26c4dde86", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1757363000, + "narHash": "sha256-hfoJDD4ZKIx1IZjmZba117wRe3ELyGqG8ZqxDnRVmIk=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "14aba23ce4168e6d6acbf78ab1d33739c3894f68", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1755085771, + "narHash": "sha256-X1rppwf2xBPrmB93ptXukOnEBDZmfjJd4F5ObNa1DHs=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "bd5a7d6db125d4654b50eeae9f5217f24bb22fd3", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1753844861, + "narHash": "sha256-e4Rd2y1Wekp7aobpTGaUeoSBnlfIASDaBR8js5dh2Vw=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c642487086dbd9a93160e1679a1327be111cbc25", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1755700851, + "narHash": "sha256-KRlUqUdcliKpLnEJqyA2OAWto73F6iGTbMrsiAdc24M=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "4d5858bd4c471c895060e1b9f3575f1551184dc5", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1757668552, + "narHash": "sha256-L5WbNiFUn014hThvGfb5r858O6iLOBhOQHfVUdIlFI4=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "f780609807eca1f783a36a8a31c30a48fbe150c5", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1757738091, + "narHash": "sha256-Jy9ARUHU1ySpSxxoS3hLRjxp5Lqt7juWN5Jnbdo0rg0=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "b4e431934af1fe224a3a801f632c008278cb7628", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1756538456, + "narHash": "sha256-tudR+46nd63jY1VTCNEfZ2CofxCODXaHos0+NdFI6wU=", + "owner": "mbbill", + "repo": "undotree", + "rev": "fe9a9d0645f0f5532360b5e5f5c550d7bb4f1869", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1757878177, + "narHash": "sha256-8X9z0pRWx9xg9nQhhQtuOu3TunObg2CIgnlPXZtx86A=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "0864f81c681e15d9bdc1156fe3a17bd07db5a3ed", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1757809469, + "narHash": "sha256-bijgDZozBNmHW3cASmOrQlaSE80d8V3XRxi1BNmfzRI=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "370b85298e5afdfd8b5d3da0c60c04e3873499a4", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1757886255, + "narHash": "sha256-lIlFgHkesAK7fRcoEEQO84/0BpE29dBgNzBnCv/0Tf0=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "d9879110d0422a566fa01d732556f4d5515e1738", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1755703322, + "narHash": "sha256-xy+50CsRd0LfRyDtNNMI8KhzvjH2nt8ogwiXf7H3fYY=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "8b0974c0e23ef086f5598ebbb1980257171dc370", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1753570668, + "narHash": "sha256-9Un7ekhBxcnmFE1xjCCFTZ7eqIbmXvQexpnhduAg4M0=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "b9fd5226c2f76c951fc8ed5923d85e4de065e509", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1754970649, + "narHash": "sha256-lWt2kpW+hsTMWt8tar/+AISTDrIt4Jn27NmI9j+Xt4s=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "b8c23159c0161f4b89196f74ee3a6d02cdc3a955", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1754424906, + "narHash": "sha256-FlJ7w5Ywwq03E0oYdnFJFb+MMUMQMa+5QhDMy2O9tGQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "3610dc7dc91f06aa98b11dca5cc30dfa98626b7e", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1757312802, + "narHash": "sha256-Km+PWXJJLl8zsBjwIGL//qT/eUEZna4yYRPsWXMXG1E=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "e179ad2f83b5955ab0af653069a493a1828c2697", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1756936794, + "narHash": "sha256-2Q6ZZQj5HFXTw1YwX3ibdGOTwfbfPUBbcPOsuBUpSjc=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "6e51ca170563330e063720449c21f43e27ca0bc1", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1757521884, + "narHash": "sha256-+yj8bstmffVByX3Z/1vkUYdXvpmWGbPt+RDfkBnV11w=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "41847d3dafb5004464708a3db06b14f12bde548a", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1757190131, + "narHash": "sha256-h7STMjY+CBTqBkIDJXgtJz4WhNeQ02ES2Jesi3jZXeM=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "8701bece920b38ea289b457f902e2ad184131a5d", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1757864222, + "narHash": "sha256-FbN36vVLX3DUXwefTbi6511R6KTHqLiNHeAR0kXiarg=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "5a269bb5bec50b8b60564aa00f6454d9e82fbe8d", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1756334700, + "narHash": "sha256-j9TOSx2L19AHABdg9pLtmEUtPOCIUSo0qe2YUPBlZ5g=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "b4aab989db276993ea5dcb78872be494ce546521", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1757545454, + "narHash": "sha256-nT2W5gKFEfzP7MztLjm7yqwam3ADk0svcMdLg2nmI/4=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "c4ca798ab95b316a768d51eaaaee48f64a4a46bc", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1757884406, + "narHash": "sha256-sXobILIsV4nnk9//PbFT4L1BsHP1xSJiuibVbGwYXJ8=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "8aebaa3a102125fedf08c98773a0a8def92fff37", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "nixpkgs": "nixpkgs_3", + "nixpkgs-unstable": "nixpkgs-unstable", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_4", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1758041510, + "narHash": "sha256-vcK6ZwAWNfjdDFYKLVrWk+azva58AiDpm8nMfIniFWA=", + "ref": "refs/heads/master", + "rev": "b3dbdf3f7360747987bf38bcdd9baf01b4906929", + "revCount": 304, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1757930296, + "narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "09442765a05c2ca617c20ed68d9613da92a2d96b", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix new file mode 100644 index 00000000..477d9a58 --- /dev/null +++ b/hosts/oren/flake.nix @@ -0,0 +1,151 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + # Use relative to get current version for testing + common.url = "path:../../common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + nixpkgs, + nixpkgs-unstable, + common, + ros_neovim, + ... + }: + let + configuration_name = "oren"; + lib = nixpkgs.lib; + in + { + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + modules = [ + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ( + { config, pkgs, ... }: + { + programs = { + nix-ld = { + enable = true; + libraries = with pkgs; [ + icu + gmp + glibc + openssl + stdenv.cc.cc + ]; + }; + }; + environment.shellAliases = { + "oc" = + "all_proxy='' http_proxy='' https_proxy='' /home/josh/other/opencode/node_modules/opencode-linux-x64/bin/opencode"; + "occ" = "oc -c"; + + "ollamal" = "ollama list | tail -n +2 | awk '{print $1}' | fzf --ansi --preview 'ollama show {}'"; + }; + + environment.systemPackages = with pkgs; [ + lua + qdirstat + ffmpeg-full + appimage-run + nodejs_24 + foot + ]; + + services.ollama = { + enable = true; + package = nixpkgs-unstable.legacyPackages.x86_64-linux.ollama; + acceleration = "rocm"; # cuda for NVIDA; rocm for amd; false/default for neither + }; + + ringofstorms_common = { + systemName = configuration_name; + boot.systemd.enable = true; + general = { + enableSleep = true; + reporting.enable = true; + }; + secrets.enable = true; + desktopEnvironment.i3.enable = true; + programs = { + qFlipper.enable = true; + rustDev.enable = true; + uhkAgent.enable = true; + tailnet.enable = true; + ssh.enable = true; + podman.enable = true; + virt-manager.enable = true; + flatpaks = { + enable = true; + packages = [ + "org.signal.Signal" + "dev.vencord.Vesktop" + "md.obsidian.Obsidian" + "com.spotify.Client" + "org.videolan.VLC" + "com.bitwarden.desktop" + "im.riot.Riot" + "com.rustdesk.RustDesk" + "com.google.Chrome" + ]; + }; + }; + users = { + # Users are all normal users and default password is password1 + admins = [ "josh" ]; # First admin is also the primary user owning nix config + users = { + josh = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMzgAe4od9K4EsvH2g7xjNU7hGoJiFJlYcvB0BoDCvn nix2oren" + ]; + extraGroups = [ + "networkmanager" + "video" + "input" + ]; + shell = pkgs.zsh; + }; + }; + }; + homeManager = { + users = { + josh = { + components.kitty.font_size = 20.0; + imports = with common.homeManagerModules; [ + zsh + ssh + starship + zoxide + tmux + atuin + kitty + foot + direnv + git + nix_deprecations + obs + postgres + ]; + }; + }; + }; + }; + } + ) + ]; + } + ); + }; + }; +} diff --git a/hosts/oren/hardware-configuration.nix b/hosts/oren/hardware-configuration.nix new file mode 100644 index 00000000..29fc7777 --- /dev/null +++ b/hosts/oren/hardware-configuration.nix @@ -0,0 +1,59 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "thunderbolt" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { + device = "/.swapfile"; + size = 64 * 1024; # 64GB + } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp196s0f3u2u1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/testbed/configuration.nix b/hosts/testbed/configuration.nix new file mode 100644 index 00000000..eb65bdfc --- /dev/null +++ b/hosts/testbed/configuration.nix @@ -0,0 +1,6 @@ +{ + ... +}: +{ + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hosts/testbed/disko-config.nix b/hosts/testbed/disko-config.nix new file mode 100644 index 00000000..7c66d37d --- /dev/null +++ b/hosts/testbed/disko-config.nix @@ -0,0 +1,95 @@ +{ lib, config, ... }: +let + cfg = config.custom_disko; +in +{ + options.custom_disko = { + withSwap = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Whether to create a swap file."; + }; + }; + config = { + disko.devices = { + disk = { + main = { + device = "/dev/vda"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + priority = 1; + name = "ESP"; + start = "1M"; + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + extraArgs = [ + "-n" + "NIXBOOT" + ]; + mountOptions = [ "umask=0077" ]; + }; + }; + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ + "-f" + "--label NIXROOT" + ]; + subvolumes = + let + mountOptions = [ + "compress=zstd" + "noatime" + ]; + in + { + "@root" = { + inherit mountOptions; + mountpoint = "/"; + }; + "@nix" = { + inherit mountOptions; + mountpoint = "/nix"; + }; + "@persist" = { + inherit mountOptions; + mountpoint = "/persist"; + }; + "@snapshots" = { + inherit mountOptions; + mountpoint = "/.snapshots"; + }; + "@swap" = lib.mkIf cfg.withSwap { + inherit mountOptions; + mountpoint = "/.swapfile"; + swap.swapfile.size = "8G"; + }; + }; + }; + }; + }; + postCreateHook = '' + MNTPOINT=$(mktemp -d) + mount -t btrfs "${config.disko.devices.disk.main.content.partitions.root.device}" "$MNTPOINT" + trap 'umount $MNTPOINT; rmdir $MNTPOINT' EXIT + # Ensure the snapshots directory exists + mkdir -p $MNTPOINT/@snapshots + # Place readonly empty root snapshot inside snapshots subvol + btrfs subvolume snapshot -r $MNTPOINT/@root $MNTPOINT/@snapshots/_root-empty + ''; + }; + }; + }; + }; + fileSystems."/persist".neededForBoot = true; + }; +} diff --git a/hosts/testbed/flake.lock b/hosts/testbed/flake.lock new file mode 100644 index 00000000..53234ffb --- /dev/null +++ b/hosts/testbed/flake.lock @@ -0,0 +1,1338 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager_2", + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "common": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "nixpkgs-unstable": "nixpkgs-unstable", + "opencode": "opencode", + "ragenix": "ragenix" + }, + "locked": { + "path": "../../common", + "type": "path" + }, + "original": { + "path": "../../common", + "type": "path" + }, + "parent": [] + }, + "crane": { + "locked": { + "lastModified": 1741481578, + "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1746728054, + "narHash": "sha256-eDoSOhxGEm2PykZFa/x9QG5eTH0MJdiJ9aR00VAofXE=", + "owner": "nix-community", + "repo": "disko", + "rev": "ff442f5d1425feb86344c028298548024f21256d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "latest", + "repo": "disko", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "owner": "rycee", + "repo": "home-manager", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1739444422, + "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "latest", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1753694789, + "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1754767907, + "narHash": "sha256-8OnUzRQZkqtUol9vuUuQC30hzpMreKptNyET2T9lB6g=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c5f08b62ed75415439d48152c2a784e36909b1bc", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1753848940, + "narHash": "sha256-jH7fqN4HzsIlj2c/SAuVWmgUIjBwDdEKVnL97xlECHY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "25b37a9225cece2da4b68aca8bd0998439074362", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nvim_plugin-Almo7aya/openingh.nvim": { + "flake": false, + "locked": { + "lastModified": 1746139196, + "narHash": "sha256-/FlNLWOSIrOYiWzAcgOdu9//QTorCDV1KWb+h6eqLwk=", + "owner": "Almo7aya", + "repo": "openingh.nvim", + "rev": "7cc8c897cb6b34d8ed28e99d95baccef609ed251", + "type": "github" + }, + "original": { + "owner": "Almo7aya", + "repo": "openingh.nvim", + "type": "github" + } + }, + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": { + "flake": false, + "locked": { + "lastModified": 1753815885, + "narHash": "sha256-A9qlpDXdIfoZ/5yZ5w39pgfoxVwhklhcESYWsqQgiDY=", + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "rev": "450fcecf2f71d0469e9c98f5967252092714ed03", + "type": "github" + }, + "original": { + "owner": "CopilotC-Nvim", + "repo": "CopilotChat.nvim", + "type": "github" + } + }, + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": { + "flake": false, + "locked": { + "lastModified": 1733574156, + "narHash": "sha256-AjDM3+n4+lNBQi8P2Yrh0Ab06uYCndBQT9TX36rDbOM=", + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "rev": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f", + "type": "github" + }, + "original": { + "owner": "JoosepAlviste", + "repo": "nvim-ts-context-commentstring", + "type": "github" + } + }, + "nvim_plugin-L3MON4D3/LuaSnip": { + "flake": false, + "locked": { + "lastModified": 1753286973, + "narHash": "sha256-w70rSwYdjMRGCLYcwIoA4cvl6JcGQYHngCBJvRq+SXg=", + "owner": "L3MON4D3", + "repo": "LuaSnip", + "rev": "3d5bced1b9ae69fa3f9b1942e28af5dbc537f946", + "type": "github" + }, + "original": { + "owner": "L3MON4D3", + "repo": "LuaSnip", + "type": "github" + } + }, + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": { + "flake": false, + "locked": { + "lastModified": 1753730059, + "narHash": "sha256-OjvoAFWaJT4+gyO/jtA2uvFdeOz7lhdkkhKQUl/kIT4=", + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "rev": "9e51b7711c6159511e966dc42fafd58a9db9ad1d", + "type": "github" + }, + "original": { + "owner": "MeanderingProgrammer", + "repo": "render-markdown.nvim", + "type": "github" + } + }, + "nvim_plugin-MunifTanjim/nui.nvim": { + "flake": false, + "locked": { + "lastModified": 1749392788, + "narHash": "sha256-41slmnvt1z7sCxvpiVuFmQ9g7eCaxQi1dDCL3AxSL1A=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "de740991c12411b663994b2860f1a4fd0937c130", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim_plugin-RRethy/vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1748105647, + "narHash": "sha256-KqAJRCtDBG5xsvNsqkxoBdDckg02u4NBBreYQw7BphA=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "0d1e93684da00ab7c057410fecfc24f434698898", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "nvim_plugin-Saecki/crates.nvim": { + "flake": false, + "locked": { + "lastModified": 1753218471, + "narHash": "sha256-5Vu3VG6Ab1Rpqzeqoa0S9sfzco7wykrSt2eSXOajm14=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "c915ab5334a46178f64ce17ab606a79454bcd14f", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "nvim_plugin-aznhe21/actions-preview.nvim": { + "flake": false, + "locked": { + "lastModified": 1745779150, + "narHash": "sha256-rQjwlu5gQcOvxF72lr9ugPRl0W78wCWGWPhpN1oOMbs=", + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "rev": "36513ad213855d497b7dd3391a24d1d75d58e36f", + "type": "github" + }, + "original": { + "owner": "aznhe21", + "repo": "actions-preview.nvim", + "type": "github" + } + }, + "nvim_plugin-b0o/schemastore.nvim": { + "flake": false, + "locked": { + "lastModified": 1753826458, + "narHash": "sha256-7VZmb4JPlLF4tmEuuM69etdyCIxdH1PNZlT1mijzo7o=", + "owner": "b0o", + "repo": "schemastore.nvim", + "rev": "3cd1c7267282b4d89618674de36a6d866981347e", + "type": "github" + }, + "original": { + "owner": "b0o", + "repo": "schemastore.nvim", + "type": "github" + } + }, + "nvim_plugin-catppuccin/nvim": { + "flake": false, + "locked": { + "lastModified": 1753779499, + "narHash": "sha256-lnIlYUhUQXuoVWv000n5Ev4YNSZY+U70b3npZbMUDg4=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "94f6e8a06b6bb7b8e5529cf9f93adb4654534241", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "nvim_plugin-chrisgrieser/nvim-early-retirement": { + "flake": false, + "locked": { + "lastModified": 1750108178, + "narHash": "sha256-3I7Xup+v9Yq9/nJQ1F5CDW99oFQcxbinv7VQcKeA16Y=", + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "rev": "d9ffd8f70ed6d466cecd3e7e2dd1425b0010932f", + "type": "github" + }, + "original": { + "owner": "chrisgrieser", + "repo": "nvim-early-retirement", + "type": "github" + } + }, + "nvim_plugin-declancm/cinnamon.nvim": { + "flake": false, + "locked": { + "lastModified": 1722992123, + "narHash": "sha256-kccQ4iFMSQ8kvE7hYz90hBrsDLo7VohFj/6lEZZiAO8=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "450cb3247765fed7871b41ef4ce5fa492d834215", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/lazy.nvim": { + "flake": false, + "locked": { + "lastModified": 1740511197, + "narHash": "sha256-nQ8PR9DTdzg6Z2rViuVD6Pswc2VvDQwS3uMNgyDh5ls=", + "owner": "folke", + "repo": "lazy.nvim", + "rev": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "lazy.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/neodev.nvim": { + "flake": false, + "locked": { + "lastModified": 1720260306, + "narHash": "sha256-hOjzlo/IqmV8tYjGwfmcCPEmHYsWnEIwtHZdhpwA1kM=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "46aa467dca16cf3dfe27098042402066d2ae242d", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "nvim_plugin-folke/which-key.nvim": { + "flake": false, + "locked": { + "lastModified": 1740233407, + "narHash": "sha256-uvMcSduMr7Kd2oUmIOYzvWF4FIl6bZxIYm9FSw/3pCo=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "370ec46f710e058c9c1646273e6b225acf47cbed", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1743497185, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "b74fab3656eea9de20a9b8116afa3cfc4ec09657", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1743496195, + "narHash": "sha256-iaihXNCF5bB5MdeoosD/kc3QtpA/QaIDZVLiLIurBSM=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "a8912b88ce488f411177fc8aed358b04dc246d7b", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/cmp-path": { + "flake": false, + "locked": { + "lastModified": 1753844861, + "narHash": "sha256-e4Rd2y1Wekp7aobpTGaUeoSBnlfIASDaBR8js5dh2Vw=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "c642487086dbd9a93160e1679a1327be111cbc25", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "nvim_plugin-hrsh7th/nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1744514599, + "narHash": "sha256-l5z+PT4S9b09d2M+J/tHVd9W9Ss3eQQk5Ykpz2Qjxxw=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "b5311ab3ed9c846b585c0c15b7559be131ec4be9", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim_plugin-j-hui/fidget.nvim": { + "flake": false, + "locked": { + "lastModified": 1753813056, + "narHash": "sha256-rQIEO9C9YokdwaPfKsu7Rb6pi51Tm0Qqo/igBKeCW/8=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "c1725fbadd99c810273b202d67dbfedf66e61eaf", + "type": "github" + }, + "original": { + "owner": "j-hui", + "repo": "fidget.nvim", + "type": "github" + } + }, + "nvim_plugin-johmsalas/text-case.nvim": { + "flake": false, + "locked": { + "lastModified": 1722628320, + "narHash": "sha256-2IMufSMy9JW50VzZ3SgOtp8kYs81ANwV0eP0ZH3rTFo=", + "owner": "johmsalas", + "repo": "text-case.nvim", + "rev": "e898cfd46fa6cde0e83abb624a16e67d2ffc6457", + "type": "github" + }, + "original": { + "owner": "johmsalas", + "repo": "text-case.nvim", + "type": "github" + } + }, + "nvim_plugin-lewis6991/gitsigns.nvim": { + "flake": false, + "locked": { + "lastModified": 1753442199, + "narHash": "sha256-7BKwxHoFWGepqm8/J+RB6zu+7IpGUUmgLP4a2O2lIuA=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "b01433169be710d6c69f7b4ee264d9670698b831", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "nvim_plugin-lnc3l0t/glow.nvim": { + "flake": false, + "locked": { + "lastModified": 1693233815, + "narHash": "sha256-vdlwkIK2EkFviJmSiOqPWvc15xqJ9F2gHCC4ObJ5Qjk=", + "owner": "lnc3l0t", + "repo": "glow.nvim", + "rev": "5b38fb7b6e806cac62707a4aba8c10c5f14d5bb5", + "type": "github" + }, + "original": { + "owner": "lnc3l0t", + "repo": "glow.nvim", + "type": "github" + } + }, + "nvim_plugin-lukas-reineke/indent-blankline.nvim": { + "flake": false, + "locked": { + "lastModified": 1742224677, + "narHash": "sha256-0q/V+b4UrDRnaC/eRWOi9HU9a61vQSAM9/C8ZQyKt+Y=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "005b56001b2cb30bfa61b7986bc50657816ba4ba", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "nvim_plugin-m4xshen/hardtime.nvim": { + "flake": false, + "locked": { + "lastModified": 1753760289, + "narHash": "sha256-BgJ0gKy/zxU82L7WocXLkXwD97pnCvpGyJVzSHeUtG0=", + "owner": "m4xshen", + "repo": "hardtime.nvim", + "rev": "6d7664d5bdfaea44c5f50b29f5239fab7b00c273", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "hardtime.nvim", + "type": "github" + } + }, + "nvim_plugin-mbbill/undotree": { + "flake": false, + "locked": { + "lastModified": 1752437854, + "narHash": "sha256-5WofUOTYE+Nmx3A5OoZBneJBHZ8bdGEYDZ6vTMx1OE0=", + "owner": "mbbill", + "repo": "undotree", + "rev": "28f2f54a34baff90ea6f4a735ef1813ad875c743", + "type": "github" + }, + "original": { + "owner": "mbbill", + "repo": "undotree", + "type": "github" + } + }, + "nvim_plugin-mfussenegger/nvim-lint": { + "flake": false, + "locked": { + "lastModified": 1753039571, + "narHash": "sha256-ly5S0KAZN8Jeag22SCX+5XKqn3d+zCRN/8Jf5HlEn9I=", + "owner": "mfussenegger", + "repo": "nvim-lint", + "rev": "9c6207559297b24f0b7c32829f8e45f7d65b991f", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-lint", + "type": "github" + } + }, + "nvim_plugin-mrcjkb/rustaceanvim": { + "flake": false, + "locked": { + "lastModified": 1753575790, + "narHash": "sha256-Iw3W0Inn0CpZTXyxk54WRtsXP5DYm+7bKH/HSO/diBo=", + "owner": "mrcjkb", + "repo": "rustaceanvim", + "rev": "f845bb055397019c4bc70f9c76376ca490f4c783", + "type": "github" + }, + "original": { + "owner": "mrcjkb", + "repo": "rustaceanvim", + "type": "github" + } + }, + "nvim_plugin-neovim/nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1753837371, + "narHash": "sha256-IsdjkpE+T5irvmH5fam5EmsCpzwxSEiXV3r2iXsOVT0=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "3db16ceeea947517f0dc1404c24dcb5ab0c91d26", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim_plugin-nosduco/remote-sshfs.nvim": { + "flake": false, + "locked": { + "lastModified": 1748880705, + "narHash": "sha256-eTnVFOR7FHlkU9kwrk3q3pNo/U8OR2gJrnrMUQKGi2A=", + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "rev": "6e893c32ff7c5b8d0d501b748c525fa53963fb35", + "type": "github" + }, + "original": { + "owner": "nosduco", + "repo": "remote-sshfs.nvim", + "type": "github" + } + }, + "nvim_plugin-numToStr/Comment.nvim": { + "flake": false, + "locked": { + "lastModified": 1717957420, + "narHash": "sha256-h0kPue5Eqd5aeu4VoLH45pF0DmWWo1d8SnLICSQ63zc=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "e30b7f2008e52442154b66f7c519bfd2f1e32acb", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lua/plenary.nvim": { + "flake": false, + "locked": { + "lastModified": 1753570668, + "narHash": "sha256-9Un7ekhBxcnmFE1xjCCFTZ7eqIbmXvQexpnhduAg4M0=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "b9fd5226c2f76c951fc8ed5923d85e4de065e509", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-lualine/lualine.nvim": { + "flake": false, + "locked": { + "lastModified": 1749383457, + "narHash": "sha256-2aPgA7riA/FubQpTkqsxLKl7OZ8L6FkucNHc2QEx2HQ=", + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "rev": "a94fc68960665e54408fe37dcf573193c4ce82c9", + "type": "github" + }, + "original": { + "owner": "nvim-lualine", + "repo": "lualine.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": { + "flake": false, + "locked": { + "lastModified": 1750040034, + "narHash": "sha256-NHcU3c+1pLeypHr9xXKmqvdwB1QM/vj5axzjpFEQCLQ=", + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "rev": "7bf55ed0ff5be182ad3301cff266581fc1c56cce", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-file-browser.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": { + "flake": false, + "locked": { + "lastModified": 1741765009, + "narHash": "sha256-Zyv8ikxdwoUiDD0zsqLzfhBVOm/nKyJdZpndxXEB6ow=", + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "rev": "1f08ed60cafc8f6168b72b80be2b2ea149813e55", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-fzf-native.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": { + "flake": false, + "locked": { + "lastModified": 1701723223, + "narHash": "sha256-YRhNmmG4gx9Ht8JwjQfbTjJyTHEuZmtP6lqnhOsk8bE=", + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "rev": "6e51d7da30bd139a6950adf2a47fda6df9fa06d2", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope-ui-select.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-telescope/telescope.nvim": { + "flake": false, + "locked": { + "lastModified": 1747012888, + "narHash": "sha256-JpW0ehsX81yVbKNzrYOe1hdgVMs6oaaxMLH6lECnOJg=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b4da76be54691e854d3e0e02c36b0245f945c2c7", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-tree.lua": { + "flake": false, + "locked": { + "lastModified": 1753762764, + "narHash": "sha256-uoiPwURO0ATaYeLozG8X44cC4eWf1wANspljkjh/qeY=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "65bae449224b8a3bc149471b96587b23b13a9946", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim_plugin-nvim-tree/nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1753653538, + "narHash": "sha256-1IwOcdIUJuh7YC2YTw0VnGI2UIg7F/ipxLLfQdPzjFQ=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "4a8369f4c78ef6f6f895f0cec349e48f74330574", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1753794238, + "narHash": "sha256-9KKJJhKCjlKakVFyF3EUj2sobrKaJBMIGqkwbVjD9Mk=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "02fd97c803962108d129cf42e05adc5eff7f89c1", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim_plugin-rafamadriz/friendly-snippets": { + "flake": false, + "locked": { + "lastModified": 1745949052, + "narHash": "sha256-FzApcTbWfFkBD9WsYMhaCyn6ky8UmpUC2io/co/eByM=", + "owner": "rafamadriz", + "repo": "friendly-snippets", + "rev": "572f5660cf05f8cd8834e096d7b4c921ba18e175", + "type": "github" + }, + "original": { + "owner": "rafamadriz", + "repo": "friendly-snippets", + "type": "github" + } + }, + "nvim_plugin-rcarriga/nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1753086914, + "narHash": "sha256-uQBB3fajHowivArxbtmEJvVU3+QO0VApYpVNMA58UkI=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "397c7c1184745fca649e5104de659e6392ef5a4d", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim_plugin-rmagatti/auto-session": { + "flake": false, + "locked": { + "lastModified": 1753745747, + "narHash": "sha256-Uowy7CMw6+4y1ME5vNTUSxDCOBfjnfJRpteAKfUo6A8=", + "owner": "rmagatti", + "repo": "auto-session", + "rev": "c93a9bfd8a5cbf931a6ead5c824998da874b9f79", + "type": "github" + }, + "original": { + "owner": "rmagatti", + "repo": "auto-session", + "type": "github" + } + }, + "nvim_plugin-ron/ron.vim": { + "flake": false, + "locked": { + "lastModified": 1660904719, + "narHash": "sha256-8/xJmymtVGVz2avzlamgK1cNflZ3NRL+B3c7xxbI964=", + "owner": "ron-rs", + "repo": "ron.vim", + "rev": "f749e543975a82e8dd9a6e7df9600a1c098ae800", + "type": "github" + }, + "original": { + "owner": "ron-rs", + "repo": "ron.vim", + "type": "github" + } + }, + "nvim_plugin-saadparwaiz1/cmp_luasnip": { + "flake": false, + "locked": { + "lastModified": 1730707109, + "narHash": "sha256-86lKQPPyqFz8jzuLajjHMKHrYnwW6+QOcPyQEx6B+gw=", + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "rev": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90", + "type": "github" + }, + "original": { + "owner": "saadparwaiz1", + "repo": "cmp_luasnip", + "type": "github" + } + }, + "nvim_plugin-sindrets/diffview.nvim": { + "flake": false, + "locked": { + "lastModified": 1718279802, + "narHash": "sha256-SX+ybIzL/w6uyCy4iZKnWnzTFwqB1oXSgyYVAdpdKi8=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "4516612fe98ff56ae0415a259ff6361a89419b0a", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/conform.nvim": { + "flake": false, + "locked": { + "lastModified": 1751472067, + "narHash": "sha256-bm6266h0rKYcOeMPVqjh3DEKe5M0EIPuo4rvmRtkpvs=", + "owner": "stevearc", + "repo": "conform.nvim", + "rev": "973f3cb73887d510321653044791d7937c7ec0fa", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "conform.nvim", + "type": "github" + } + }, + "nvim_plugin-stevearc/dressing.nvim": { + "flake": false, + "locked": { + "lastModified": 1739381641, + "narHash": "sha256-dBz+/gZA6O6fJy/GSgM6ZHGAR3MTGt/W1olzzTYRlgM=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "2d7c2db2507fa3c4956142ee607431ddb2828639", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-sleuth": { + "flake": false, + "locked": { + "lastModified": 1726718493, + "narHash": "sha256-2Cr3h3uJvUL3CSoJs3aBFrkBeOBURSQItgQ4ep9sHXM=", + "owner": "tpope", + "repo": "vim-sleuth", + "rev": "be69bff86754b1aa5adcbb527d7fcd1635a84080", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-sleuth", + "type": "github" + } + }, + "nvim_plugin-tpope/vim-surround": { + "flake": false, + "locked": { + "lastModified": 1666730476, + "narHash": "sha256-DZE5tkmnT+lAvx/RQHaDEgEJXRKsy56KJY919xiH1lE=", + "owner": "tpope", + "repo": "vim-surround", + "rev": "3d188ed2113431cf8dac77be61b842acb64433d9", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-surround", + "type": "github" + } + }, + "nvim_plugin-uga-rosa/ccc.nvim": { + "flake": false, + "locked": { + "lastModified": 1746537659, + "narHash": "sha256-3TZ8VmvdgQ9n63m78C3r4OIUkVQHTHBvC24ixBdhTig=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "9d1a256e006decc574789dfc7d628ca11644d4c2", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "nvim_plugin-windwp/nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1739910276, + "narHash": "sha256-a3Bcql68mp3y5bH9XMiDTQB0e75T+qFB593objIGg/I=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "a1d526af391f6aebb25a8795cbc05351ed3620b5", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1733947099, + "narHash": "sha256-erRL8bY/zuwuCZfttw+avTrFV7pjv2H6v73NzY2bymM=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "15fc12af3d0109fa76b60b5cffa1373697e261d1", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "nvim_plugin-zbirenbaum/copilot.lua": { + "flake": false, + "locked": { + "lastModified": 1753817982, + "narHash": "sha256-AHDh24MQ3OMNKUCuKaA9KrR4l0I+dT7tF+Bpl6PBSx8=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "55e43020dcd59c6da41cc773971380a003100844", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "opencode": { + "flake": false, + "locked": { + "lastModified": 1754526276, + "narHash": "sha256-OkkjbytvvUBOcSCjf3zd8NWLaM+I1tUR9IxcRZrdVeM=", + "owner": "sst", + "repo": "opencode", + "rev": "1a561bb5120b1b87a4c477f7cb6c3a0a4ce79114", + "type": "github" + }, + "original": { + "owner": "sst", + "ref": "v0.3.133", + "repo": "opencode", + "type": "github" + } + }, + "ragenix": { + "inputs": { + "agenix": "agenix", + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1744897914, + "narHash": "sha256-GIVU92o2TZBnKQXTb76zpQbWR4zjU2rFqWKNIIpXnqA=", + "owner": "yaxitech", + "repo": "ragenix", + "rev": "40f2e17ecaeab4d78ec323e96a04548c0aaa5223", + "type": "github" + }, + "original": { + "owner": "yaxitech", + "repo": "ragenix", + "type": "github" + } + }, + "root": { + "inputs": { + "common": "common", + "disko": "disko", + "nixpkgs": "nixpkgs_3", + "ros_neovim": "ros_neovim" + } + }, + "ros_neovim": { + "inputs": { + "nixpkgs": "nixpkgs_4", + "nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim", + "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim", + "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring", + "nvim_plugin-L3MON4D3/LuaSnip": "nvim_plugin-L3MON4D3/LuaSnip", + "nvim_plugin-MeanderingProgrammer/render-markdown.nvim": "nvim_plugin-MeanderingProgrammer/render-markdown.nvim", + "nvim_plugin-MunifTanjim/nui.nvim": "nvim_plugin-MunifTanjim/nui.nvim", + "nvim_plugin-RRethy/vim-illuminate": "nvim_plugin-RRethy/vim-illuminate", + "nvim_plugin-Saecki/crates.nvim": "nvim_plugin-Saecki/crates.nvim", + "nvim_plugin-aznhe21/actions-preview.nvim": "nvim_plugin-aznhe21/actions-preview.nvim", + "nvim_plugin-b0o/schemastore.nvim": "nvim_plugin-b0o/schemastore.nvim", + "nvim_plugin-catppuccin/nvim": "nvim_plugin-catppuccin/nvim", + "nvim_plugin-chrisgrieser/nvim-early-retirement": "nvim_plugin-chrisgrieser/nvim-early-retirement", + "nvim_plugin-declancm/cinnamon.nvim": "nvim_plugin-declancm/cinnamon.nvim", + "nvim_plugin-folke/lazy.nvim": "nvim_plugin-folke/lazy.nvim", + "nvim_plugin-folke/neodev.nvim": "nvim_plugin-folke/neodev.nvim", + "nvim_plugin-folke/which-key.nvim": "nvim_plugin-folke/which-key.nvim", + "nvim_plugin-hrsh7th/cmp-buffer": "nvim_plugin-hrsh7th/cmp-buffer", + "nvim_plugin-hrsh7th/cmp-nvim-lsp": "nvim_plugin-hrsh7th/cmp-nvim-lsp", + "nvim_plugin-hrsh7th/cmp-path": "nvim_plugin-hrsh7th/cmp-path", + "nvim_plugin-hrsh7th/nvim-cmp": "nvim_plugin-hrsh7th/nvim-cmp", + "nvim_plugin-j-hui/fidget.nvim": "nvim_plugin-j-hui/fidget.nvim", + "nvim_plugin-johmsalas/text-case.nvim": "nvim_plugin-johmsalas/text-case.nvim", + "nvim_plugin-lewis6991/gitsigns.nvim": "nvim_plugin-lewis6991/gitsigns.nvim", + "nvim_plugin-lnc3l0t/glow.nvim": "nvim_plugin-lnc3l0t/glow.nvim", + "nvim_plugin-lukas-reineke/indent-blankline.nvim": "nvim_plugin-lukas-reineke/indent-blankline.nvim", + "nvim_plugin-m4xshen/hardtime.nvim": "nvim_plugin-m4xshen/hardtime.nvim", + "nvim_plugin-mbbill/undotree": "nvim_plugin-mbbill/undotree", + "nvim_plugin-mfussenegger/nvim-lint": "nvim_plugin-mfussenegger/nvim-lint", + "nvim_plugin-mrcjkb/rustaceanvim": "nvim_plugin-mrcjkb/rustaceanvim", + "nvim_plugin-neovim/nvim-lspconfig": "nvim_plugin-neovim/nvim-lspconfig", + "nvim_plugin-nosduco/remote-sshfs.nvim": "nvim_plugin-nosduco/remote-sshfs.nvim", + "nvim_plugin-numToStr/Comment.nvim": "nvim_plugin-numToStr/Comment.nvim", + "nvim_plugin-nvim-lua/plenary.nvim": "nvim_plugin-nvim-lua/plenary.nvim", + "nvim_plugin-nvim-lualine/lualine.nvim": "nvim_plugin-nvim-lualine/lualine.nvim", + "nvim_plugin-nvim-telescope/telescope-file-browser.nvim": "nvim_plugin-nvim-telescope/telescope-file-browser.nvim", + "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim": "nvim_plugin-nvim-telescope/telescope-fzf-native.nvim", + "nvim_plugin-nvim-telescope/telescope-ui-select.nvim": "nvim_plugin-nvim-telescope/telescope-ui-select.nvim", + "nvim_plugin-nvim-telescope/telescope.nvim": "nvim_plugin-nvim-telescope/telescope.nvim", + "nvim_plugin-nvim-tree/nvim-tree.lua": "nvim_plugin-nvim-tree/nvim-tree.lua", + "nvim_plugin-nvim-tree/nvim-web-devicons": "nvim_plugin-nvim-tree/nvim-web-devicons", + "nvim_plugin-nvim-treesitter/nvim-treesitter-context": "nvim_plugin-nvim-treesitter/nvim-treesitter-context", + "nvim_plugin-rafamadriz/friendly-snippets": "nvim_plugin-rafamadriz/friendly-snippets", + "nvim_plugin-rcarriga/nvim-notify": "nvim_plugin-rcarriga/nvim-notify", + "nvim_plugin-rmagatti/auto-session": "nvim_plugin-rmagatti/auto-session", + "nvim_plugin-ron/ron.vim": "nvim_plugin-ron/ron.vim", + "nvim_plugin-saadparwaiz1/cmp_luasnip": "nvim_plugin-saadparwaiz1/cmp_luasnip", + "nvim_plugin-sindrets/diffview.nvim": "nvim_plugin-sindrets/diffview.nvim", + "nvim_plugin-stevearc/conform.nvim": "nvim_plugin-stevearc/conform.nvim", + "nvim_plugin-stevearc/dressing.nvim": "nvim_plugin-stevearc/dressing.nvim", + "nvim_plugin-tpope/vim-sleuth": "nvim_plugin-tpope/vim-sleuth", + "nvim_plugin-tpope/vim-surround": "nvim_plugin-tpope/vim-surround", + "nvim_plugin-uga-rosa/ccc.nvim": "nvim_plugin-uga-rosa/ccc.nvim", + "nvim_plugin-windwp/nvim-ts-autotag": "nvim_plugin-windwp/nvim-ts-autotag", + "nvim_plugin-zbirenbaum/copilot-cmp": "nvim_plugin-zbirenbaum/copilot-cmp", + "nvim_plugin-zbirenbaum/copilot.lua": "nvim_plugin-zbirenbaum/copilot.lua", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1753849449, + "narHash": "sha256-zBShks1kHnfIq+tkBNkA41NCrhwJNbkhW3a/jLUIr50=", + "ref": "refs/heads/master", + "rev": "86093285e53caae7d2bf9a8d0046be3d4245a35b", + "revCount": 299, + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + }, + "original": { + "type": "git", + "url": "https://git.joshuabell.xyz/ringofstorms/nvim" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "common", + "ragenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "ros_neovim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753843724, + "narHash": "sha256-a0Aab7Zst68GqvNAMh9Ejwnp8gawGnruOMtEWZ0HHjM=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "01ac47d86311fb030023f1dfc5f6bc368b9c6cee", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/testbed/flake.nix b/hosts/testbed/flake.nix new file mode 100644 index 00000000..3f4a1483 --- /dev/null +++ b/hosts/testbed/flake.nix @@ -0,0 +1,110 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + # nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + + # Use relative to get current version for testing + common.url = "path:../../common"; + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles"; + + disko.url = "github:nix-community/disko/latest"; + disko.inputs.nixpkgs.follows = "nixpkgs"; + # impermanence.url = "github:nix-community/impermanence"; + + ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; + }; + + outputs = + { + self, + nixpkgs, + common, + ros_neovim, + disko, + # impermanence, + ... + }: + let + configuration_name = "testbed"; + lib = nixpkgs.lib; + in + { + packages = { + x86_64-linux.vm = self.nixosConfigurations.${configuration_name}.config.system.build.vmWithDisko; + }; + nixosConfigurations = { + "${configuration_name}" = ( + lib.nixosSystem { + modules = [ + disko.nixosModules.disko + # impermanence.nixosModules.impermanence + common.nixosModules.default + ros_neovim.nixosModules.default + ./configuration.nix + ./hardware-configuration.nix + ./disko-config.nix + ( + { config, pkgs, ... }: + { + environment.systemPackages = with pkgs; [ + cowsay + lolcat + ]; + + ringofstorms_common = { + systemName = configuration_name; + boot.systemd.enable = true; + programs = { + ssh.enable = true; + podman.enable = true; + }; + users = { + admins = [ "luser" ]; # First admin is also the primary user owning nix config + users = { + root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH2KFSRkViT+asBTjCgA7LNP3SHnfNCW+jHbV08VUuIi nix2nix" + ]; + shell = pkgs.zsh; + }; + luser = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH2KFSRkViT+asBTjCgA7LNP3SHnfNCW+jHbV08VUuIi nix2nix" + ]; + extraGroups = [ + "networkmanager" + "video" + "input" + ]; + shell = pkgs.zsh; + }; + }; + }; + homeManager = { + users = { + luser = { + imports = with common.homeManagerModules; [ + kitty + tmux + atuin + direnv + git + nix_deprecations + postgres + ssh + starship + zoxide + zsh + ]; + }; + }; + }; + }; + } + ) + ]; + } + ); + }; + }; +} diff --git a/hosts/testbed/hardware-configuration.nix b/hosts/testbed/hardware-configuration.nix new file mode 100644 index 00000000..197b7d3c --- /dev/null +++ b/hosts/testbed/hardware-configuration.nix @@ -0,0 +1,19 @@ +{ + lib, + ... +}: +{ + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + boot.initrd.postMountCommands = lib.mkAfter '' + # Mount Btrfs volume (the device containing your root subvolumes) + mkdir -p /btrfs_tmp + mount -o subvol=/ /dev/disk/by-label/NIXROOT /btrfs_tmp + + # Delete current @root, then restore from snapshot + btrfs subvolume delete /btrfs_tmp/@root || true + btrfs subvolume snapshot /btrfs_tmp/@snapshots/root-empty /btrfs_tmp/@root + + umount /btrfs_tmp + ''; +} diff --git a/icon.png b/icon.png new file mode 100644 index 00000000..7f25ec36 Binary files /dev/null and b/icon.png differ diff --git a/onboard.nix b/onboard.nix new file mode 100644 index 00000000..739c0e1b --- /dev/null +++ b/onboard.nix @@ -0,0 +1,48 @@ +{ pkgs, ... }: +{ + networking.hostName = "%%HOSTNAME%%"; + networking.networkmanager.enable = true; + + services.openssh.enable = true; + networking.firewall.allowedTCPPorts = [ 22 ]; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + environment.systemPackages = with pkgs; [ + vim + curl + git + sudo + ]; + + users.users.%%USERNAME%% = { + initialPassword = "password1"; + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" "video" "input" ]; + }; + + # Ensure SSH key pair generation for non-root users + systemd.services.generate_ssh_key = { + description = "Generate SSH key pair for %%USERNAME%%"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "%%USERNAME%%"; + Type = "oneshot"; + }; + script = '' + #!/run/current-system/sw/bin/bash + if [ ! -f /home/%%USERNAME%%/.ssh/id_ed25519 ]; then + if [ -v DRY_RUN ]; then + echo "DRY_RUN is set. Would generate SSH key for %%USERNAME%%." + else + echo "Generating SSH key for %%USERNAME%%." + mkdir -p /home/%%USERNAME%%/.ssh + chmod 700 /home/%%USERNAME%%/.ssh + /run/current-system/sw/bin/ssh-keygen -t ed25519 -f /home/%%USERNAME%%/.ssh/id_ed25519 -N "" + fi + else + echo "SSH key already exists for %%USERNAME%%." + fi + ''; + }; +} diff --git a/onboard.sh b/onboard.sh new file mode 100644 index 00000000..fbfe769a --- /dev/null +++ b/onboard.sh @@ -0,0 +1,44 @@ +#!/bin/sh +# curl -O --proto '=https' --tlsv1.2 -sSf https://git.joshuabell.xyz/ringofstorms/dotfiles/raw/branch/master/onboard.sh + +# Go to nix configuration +cd /mnt/etc/nixos + +# Ask for required variables +VAR_HOST=$HOSTNAME +VAR_USER=$USERNAME +echo "Hostname will be: $VAR_HOST" +echo "Username will be: $VAR_USER" +while true; do + read -p "Do you wish to continue? (y/n)" yn + case $yn in + [Yy]* ) break;; + [Nn]* ) exit;; + * ) echo "Please answer y/n.";; + esac +done + +# Switch to use labels in hardware-configuration +# ex +'/fileSystems."\/"' +"/by-uuid" +'s#by-uuid/.*"#by-label/NIXROOT"' \ +# +'/fileSystems."\/boot"' +"/by-uuid" +'s#by-uuid/.*"#by-label/NIXBOOT"' \ +# +"wq" hardware-configuration.nix +# echo "Switched hardware configuration to use labels" +# grep "by-uuid" hardware-configuration.nix # Should show nothing, this will help prompt for changes +# grep "by-label" hardware-configuration.nix +# echo + +# echo "TODO add swap section here that asks for sizes..." +# echo + +# Download settings needed for initial boot +curl -O https://git.joshuabell.xyz/ringofstorms/dotfiles/raw/branch/master/onboard.nix +# update username and hostname in onboard file +ex +"%s/%%HOSTNAME%%/$VAR_HOST/g" +"%s/%%USERNAME%%/$VAR_USER/g" +"wq" onboard.nix +# Import onboard file in configuration.nix +ex +"%s#hardware-configuration.nix#hardware-configuration.nix ./onboard.nix#g" +"wq" configuration.nix +echo "Setup onboard.nix in configuration.nix" +echo + +echo "Run \`nixos-install\` to finish then reboot" +echo "It's recommended to verify contents of hardware config first." +echo diff --git a/publics/nix2git.pub b/publics/nix2git.pub deleted file mode 100644 index e665e98c..00000000 --- a/publics/nix2git.pub +++ /dev/null @@ -1,2 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAKFIuMe7qoUDI/LxhrrYmIDbH0xUwj1wm5vVulApLPV nix2github - diff --git a/readme.md b/readme.md index 38cabc78..19e2cdb3 100644 --- a/readme.md +++ b/readme.md @@ -1,74 +1,171 @@ +## TODO working on changes to this now + +### Old Config prior to per system flake approach + + + +### Old modules from multi branch flake approach + +- [common](https://git.joshuabell.xyz/dotfiles/~files/a3df616bee120e8427728c6e6a642686d6efb96d) +- [de_gnome](https://git.joshuabell.xyz/dotfiles/~files/2434f4858db4b5ddb095d5a7d8bdb05890c48bb4) +- [de_cosmic](https://git.joshuabell.xyz/dotfiles/~files/f2ecd63921dd826b138dab2ba431085c31a151d1) +- [de_hyperland](https://git.joshuabell.xyz/dotfiles/~files/ecb652f6e331312b401488140c583cabdcb0deba) +- [secrets](https://git.joshuabell.xyz/dotfiles/~files/5f3633d5f7c729b8e8fc2805d2751e7c006a6f7a) +- [nebula](https://git.joshuabell.xyz/dotfiles/~files/70cea59e9f1f750fd0aee8cde8cd54aee8601336) +- [stormd](https://git.joshuabell.xyz/dotfiles/~files/765c7f4436db03936960373ff77dc2d41f0c4cd5) +- [home_manager](https://git.joshuabell.xyz/dotfiles/~files/df0c4e95ac6b056202c4ec6fabfcfa5bd205a0b4) +- [boot_grub](https://git.joshuabell.xyz/dotfiles/~files/f00b3d38ec2dd62741a84d706f88c0c3bdd60784) +- [boot_systemd](https://git.joshuabell.xyz/dotfiles/~files/3155d8a57286aefb835476617ba6d4df92b83013) + # First Install on new Machine -- First follow nixos installation guide: https://nixos.wiki/wiki/NixOS_Installation_Guide - - Follow up to generate config command -- in hardware-configuration.nix - - change to use by-labels made in nixos installation guide (optional but nice for updating device in the future) -- in configuration.nix - - set networking.hostname to HOSTNAME - - enable networkmanager - - add in `users.users.root.initialPassword = 'password1';` [[ TODO this may not be necessary at all, it seems to prompt for this regardless at end of install ]] - - uncomment systemPackages and add: git curl - - add `nix.settings.experimental-features = [ "nix-command" "flakes" ];` -- Install nixos: `cd /mnt` `sudo nixos-install` -- `passwd` to change root password (if not already prompted to do so) -- `reboot` +## NixOS install --- TODO come up with a way to pregen keys so onboarding is less stupid with secrets? +1. Install nix minimal: (new with btrfs backing) -- `cp -r /etc/nixos ~/nixos_bak` Backup configuration -- Checkout this repo into /etc/nixos: `rm -rf /etc/nixos` `git clone https://github.com/ringofstorms/dotfiles /etc/nixos` -- Copy hardware-configuration into the new /etc/nixos/systems/HOSTNAME/hardware-configuration.nix `mkdir /etc/nixos/systems/HOSTNAM && cp ~/hardware-configuration.nix /etx/nixos/systems/HOSTNAME` -- copy the existing configuration/other configuration nix of an existing system and edit it to desires state. [[ TODO make this step cleaner/easier... ]] -- switch into flake mode `nixos-rebuild switch --flake /etc/nixos[#HOSTNAME]` and switch to new system -- copy system ssh public key and create a key for user and copy those into the nixos secrets.nix file - - `cat /etc/ssh/ssh_host_ed25519_key.pub` - - `cat ~/.ssh/id_ed25519.pub` -- Push changes to remote using temp user password -- rekey secrets with any other onboarded system - - TODO -- copy over this systems ssh public key ( /etc/shh/*ed25519* ) into the ./secrets/secrets.nix file - push those up, using another computer re-key all the secrets, push up again - - pull new secrets down with new added keys and rebuild +- Partitions + - `parted /dev/DEVICE -- mklabel gpt` - make GPT partition table + - `parted /dev/DEVICE -- mkpart NIXROOT 2GB 100%` - make root partition (2GB offset for boot) + - `parted /dev/DEVICE -- mkpart ESP fat32 1MB 2GB` - make boot partition (2GB) + - `parted /dev/DEVICE -- set 2 esp on` - make boot bootable +- LUKS Encryption + - `cryptsetup luksFormat /dev/DEVICE_1` + - Create passphrase and save to bitwarden + - `cryptsetup luksOpen /dev/DEVUCE_1 cryptroot` + - Create keyfile for auto-unlock (optional) + - `dd if=/dev/random of=/tmp/keyfile_DEVICE_1 bs=1024 count=4` + - `chmod 400 /tmp/keyfile` + - `cryptsetup luksAddKey /dev/DEVICE_1 /tmp/keyfile_DEVICE_1` +- Formatting + - `mkfs.btrfs -L NIXROOT /dev/mapper/cryptroot` + - `mkfs.fat -F 32 -n NIXBOOT /dev/DEVICE_2` +- Create btrfs subvolumes (optional: for better snapshot perf) + - `mount /dev/mapper/cryptroot /mnt` + - `btrfs subvolume create /mnt/root` + - `btrfs subvolume create /mnt/nix` + - `btrfs subvolume create /mnt/snapshots` + - `umount /mnt` +- Mount (with sub vols above) + - `mount -o subvol=root,compress=zstd,noatime /dev/mapper/cryptroot /mnt` + - `mkdir -p /mnt/{nix,boot,.snapshots}` + - `mount -o subvol=nix,compress=zstd,noatime /dev/mapper/cryptroot /mnt/nix` + - `mount -o subvol=snapshots,compress=zstd,noatime /dev/mapper/cryptroot /mnt/.snapshots` + - `mount -o umask=077 /dev/disk/by-label/NIXBOOT /mnt/boot` +- Mount (with no sub vols) + - `mount -o compress=zstd,noatime /dev/mapper/cryptroot /mnt` + - `mkdir -p /mnt/boot` + - `mount -o umask=077 /dev/disk/by-label/NIXBOOT /mnt/boot` +- Add SWAP device (optional) + - in hardware config +```nix +swapDevices = [ + { + device = "/.swapfile"; + size = 32 * 1024; # 32GB + } +]; +``` +- Copy keyfile for auto-unlock (optional) + - `cp /tmp/keyfile_DEVICE_1 /mnt/boot/keyfile_DEVICE_1` + - `chmod 400 /mnt/boot/keyfile_DEVICE_1` +- If Encrypted keyfile exists + - Add to hardware config +```nix +boot.initrd.secrets = { + "/keyfile_DEVICE_1" = "/boot/keyfile_DEVICE_1"; +}; -- clone neovim setup... +boot.initrd.luks.devices +``` -# Later updates +2. Install and setup nixos -- `nix flake update /etc/nixos` -- `nixos-rebuild switch --flake /etc/nixos` +- nixos config and hardware config + - `export HOSTNAME=desired_hostname_for_this_machine` + - `export USERNAME=desired_username_for_admin_on_this_machine` (josh) + - `nixos-generate-config --root /mnt` + - `cd /mnt/etc/nixos` + - `curl -O --proto '=https' --tlsv1.2 -sSf https://git.joshuabell.xyz/ringofstorms/dotfiles/raw/branch/master/onboard.sh` + - `chmod +x onboard.sh && ./onboard.sh` + - verify hardware config, run `nixos-install` + - `reboot` +- log into USERNAME with `password1`, use `passwd` to change the password -# Cleanup boot +> Easiest to ssh into the machine for these steps so you can copy paste... -I used the existing windows 100MB boot partition and it fills up constantly. Have to purge old stuff a lot this is how: +- `cat /etc/ssh/ssh_host_ed25519_key.pub ~/.ssh/id_ed25519.pub` + - On an already onboarded computer copy these and add them to secrets/secrets.nix file + - `nix run github:yaxitech/ragenix -- --rules ~/.config/nixos-config/common/secrets/secrets/secrets.nix -r` + - Maybe copy hardware/configs over and setup, otherwise do it on the client machine +- git clone nixos-config `git clone https://git.joshuabell.xyz/ringofstorms/dotfiles ~/.config/nixos-config` +- Setup config as needed + - add hosts dir and files needed +- `sudo nixos-rebuild switch --flake ~/.config/nixos-config/hosts/$HOSTNAME` +- Update remote, ssh should work now: `cd ~/.config/nixos-config && git remote remove origin && git remote add origin "ssh://git.joshuabell.xyz:3032/ringofstorms/dotfiles" && git pull origin master` -- `find '/boot/loader/entries' -type f ! -name 'windows.conf' | head -n -4 | xargs -I {} rm {}; nix-collect-garbage -d; nixos-rebuild boot; echo; df` +## Local tooling -# Settings references: +- bitwarden setup/sign into self hosted vault -- Flake docs: https://nixos.wiki/wiki/Flakes -- nixos: https://search.nixos.org/options -- home manager: https://nix-community.github.io/home-manager/options.xhtml +- atuin setup + - if atuin is on enable that mod in configuration.nix, make sure to `atuin login` get key from existing device + - TODO move key into secrets and mount it to atuin local share +- ssh key access, ssh iden in config in nix config + +### Notes + +Dual booting windows? + +- If there is a new boot partition being used than the old windows one, copy over the /boot/EFI/Microsoft folder into the new boot partition, same place +- If the above auto probing for windows does not work, you can also manually add in a windows.conf in the loader entries: /boot/loader/entries/windows.conf: + +``` +title Windows 11 +efi /EFI/Microsoft/Boot/bootmgfw.efi +``` + +# Settings references + +- Flake docs: +- nixos: +- home manager: TODO make an offline version of this, does someone else have this already? # TODO -- Secret management? - - ssh keys for github/etc -- Use top level split out home manager configurations instead of the one built into the system config... -- Make a flake for neovim and move out some system packages required for that into that flake, re-use for root and user rather than cloning each place? -- EDITOR env var set to neovim -- gif command from video +# Nix Infrastructure & Automation Improvements -```sh -gif () { - if [[ -z $1 ]]; then - echo "No gif specified" - return 1 - fi - ffmpeg -i $1 -filter_complex "fps=7,scale=iw:-1:flags=lanczos,split[s0][s1];[s0]palettegen=max_colors=32[p];[s1][p]paletteuse=dither=bayer" $1".gif" -} -``` +- [ ] **Replace deployment scripts with [`deploy-rs`](https://github.com/serokell/deploy-rs)** for declarative, hands-off host updates. + Remove manual `deploy_linode`/`deploy_oracle` scripts. Use `deploy-rs` to apply updates across one or all hosts, including remote builds. +- [ ] **Add `isoImage` outputs for every host for instant USB/boot media creation.** + Use: + ``` + packages.x86_64-linux.install-iso = nixosConfigurations..config.system.build.isoImage; + ``` + + Then: + + ``` + nix build .#packages.x86_64-linux.install-iso + ``` + +- [ ] **Document or automate new host bootstrap:** + - Script or steps: boot custom ISO, git clone config, secrets onboarding (agenix), nixos-install with flake config. + - Provide an example shell script or README note for a single-command initial setup. +- [ ] **(Optional) Add an ephemeral “vm-experiment” target for NixOS VM/dev testing.** + - Use new host config with minimal stateful services, then + `nixos-rebuild build-vm --flake .#vm-experiment` +- [ ] **Remote build reliability:** + - Parametrize/automate remote builder enable/disable. + - Add quickstart SSH builder key setup instructions per-host in README. + - (Optional) Use deploy-rs's agent forwarding and improve errors if builder can't be reached at deploy time. +- [ ] **Add [disko](https://github.com/nix-community/disko) to declaratively manage disk/partition creation for new installs and reinstalls.** + +- work on secrets pre ragenix, stormd pre install for all the above bootstrapping steps would be ideal +- reduce home manager, make per user modules support instead - Ensure my neovim undohistory/auto saves don't save `.age` files as they can be sensitive. -- make sure all my aliases are accounted for, still missing things like rust etc: https://github.com/RingOfStorms/setup -- add in copy paste support with xclip or nix equivalent + +# Server hosts + +simply run `deploy` in the host root and it will push changes to the server (or `deploy_[oracle|linode] ` from root) diff --git a/secrets/nix2bitbucket.age b/secrets/nix2bitbucket.age deleted file mode 100644 index 19aa91f2..00000000 --- a/secrets/nix2bitbucket.age +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBvdm8z -MGkweENnTjlxK3lubmtXUlRHUDJLOTM0MGRJQmtOUXZpSG1IUlJZClY1amJtdkZw -T3dWRnBqdFVlRGpxQWFydUJUcm9hRTI0WHYrVjh3ZVE5bUEKLT4gc3NoLWVkMjU1 -MTkgSjkxOXNRIGZQWG85d0lzZWVtWG4weXRBY0ZoQVN6WmdEemtxa2FpYm1FRHND -SXZSd2cKbWRLbUdrTm1oMFZtNnR6eDU4ckJOK2RyTENnV1NaWjlSVTZ5eEhOQ0N0 -dwotPiBzc2gtZWQyNTUxOSBlNmUwbFEgNzJ1TG5rbllNaThwTDNtZmdVSHZuK2hp -MWw5TFJZbEtOdHdmY2g5VittWQpHRjdMelI3TURuYUYwVXFRSWVHeU1UUzRUaDFh -SDVWR3pmV1gvMkV2c1NBCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBXUWFJc2ljM0Nr -cUJxVWJrSjVvWkE5MnV6SmpWYit4dnZraWxJQTYwelYwClNzSGhOWGFXcXVyc3pq -bVBzeW1UNE1RdUU4SWZEd1FwUmhkb1lmKzRKalkKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIFk2SkxTRjBUNUhLdDZIbituV3BGckVoaEZsSnkrQVpRQ1I1QkZmaURWR1UK -aUpmbm1TUDlFYTBXZ2EvSWxPWmh5S0prTE5CcTFPanlZSDFpOFhtbEVEZwotPiAi -MXYrOyVZby1ncmVhc2Ugdk1fOlIoIG9WIHFmOiBeImc1Cis0bnA0a3UvU2tlZUJl -REFJa2owa056UEhGbTh6ZWdtM1VpY1pJZDdpL3Q3L0gvRTJMRnQzcjNsUFY5VHZh -dVUKREE1MzF4eEtIQmh0MU1uK2NMSWtFVk0zTGxxd0sxcDhtUmhpencKLS0tIElt -c2taOFBaWndsV0FhdXhtdy9JeFJTbFNJQ21iclI4UXVnZmZzZnlXWG8KU47pTls2 -3ZARHmIb7/3fPTn3a5wwOmV8x4jqz+IfKcmSapkLn2y0PIptecAHSIm+a6CgkH8i -ZA/qvrB/m5AYfAIUVcbhpb6zT1jj4K1ZqY1yUP8BeCOa+wrZeiOkcGkAxtzvKIF7 -4GCz92dpEayxsdFLgQKJpG+37hyWP1dlASTnk114/Nv99wGR8HG+Bg85eY2PWluz -hLI8dVKPURDmwQcXRionE8IjnEmSHI6XdggMAQwB0mh6AZRZFzK76Flb1Fr7C/fQ -8ecNbhvxPUDxPNYVLpN7EGyaPiMbpxOVd8HYWfCcJWQoqGBFNUXaQI3pSy68zVQh -cw+DJX6dCO7e4K+BDugS6CY2skvf58TVX0dq3SZ6dMJhtz/hCNdsnb0qVnjnSdUF -PK06nlRRxwNwJt8m1ar+3a85gkt3/U1t2hIT5dUVtRxD4OEr5fZbtZQfVvaYclVk -YbGgCWIoq4DYhNc10lwvMfq22uj1LaewEpgJKMGNQezfXf4LkDK5knnlCoaxFCpL -E4DWpCI9HfZAaqElLApqdfoslkK/14Cs3BLGC0PM9/3pNP9bAyaMwMA= ------END AGE ENCRYPTED FILE----- diff --git a/secrets/nix2github.age b/secrets/nix2github.age deleted file mode 100644 index ee0bcad2..00000000 --- a/secrets/nix2github.age +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBDVnVp -ck9SRFpLSkY1MFo0cXNERWlPRi9zcHhNbHdlYVJzcWE1YmZScjFrCjEyTmtLOUkr -VW5HZzdrOHFvWWs1bGFjS0FBd1kwTzA4ZEZSUVVMWWtWaDgKLT4gc3NoLWVkMjU1 -MTkgSjkxOXNRIDY1T00vYVN0Nm5sbEMrcEw4VzIzV241Um1QZHpnS1dSaWJYN3FF -S2pNRjQKQmxzaE9pTlI5L2E0NTZvNlp4QWJ0MXJHdmlwNS9HU3MzQ0NrRnJ5cjJC -awotPiBzc2gtZWQyNTUxOSBlNmUwbFEgcmQyVld2b0JKbUcrWDBxZHdJNDVESU9y -Qk13Y3hicGNFV0tjMHhYQjF6dwpLSDc4VW14NVVEV21oQldHWEVxWXcwRFViTGFv -LzhhcjRPdlZKTWZQS3U0Ci0+IHNzaC1lZDI1NTE5IEJZS0crdyBsL3lwTURwT1Z0 -Vmt0czdNMk9scDZPdzJtbUNyalNhR242c0k3WTJEcmlZCmxnRDBSREFQdFB0dHFI -aU13NjlYeDIrUlB5WmUvZ21takkybHE3M1VlSXcKLT4gc3NoLWVkMjU1MTkgWHpm -bWFRIFhhaVA1aTUzNnFQeDZIaWV4VFZpa2pyVFIzTDJCSGhxMHpUaDNzRnlOVG8K -ZkNPbTd5ZEUweld3bUdRNFdkZkVuK3Jtamx5Y3lSbkxFMWs5VjhKenVkawotPiBK -W1ZLNC1ncmVhc2UgZF9aNUhAdgowTHowdTVwbnM1YmJzL1VoSUlvOXpxT2lDQ21o -bmlzWkJrc21WOTlIM0xhcG50YWs0U2lqSXNtN1pWdwotLS0gQ0lTQ2tMbkgxVW9D -ZHlRdjRkTmd0STBRR25UQTgrSXNrTnAzTjRrZUdFRQqsIz6SbS8zaf/NjwqqxgKg -W++hUEr40EzqYp5ubyIhSpUCuf52kBWRiDtS1aABEZbMDWNKcqYxxK7L7Bz/sDQN -SjR/H6HZmcxTuJWVL32c16d9rPAGcKzxfPWF7nrB5vx6KMVp/iZvuQOqtRgQuF8s -1fUHnUrLkSwQNwpqNzuHuU0kXEbrb7unPVv8ES/iKec+QR353KIM1xe62AYMRSfM -baHlLNx1NHs2e3KiHNH8rXH58nRm+26xXpNyIksUyYGhAMNV4/0+dx/saUlmUtDg -nm3iph8EUqCpjVuwhgRdylABgZglruSuAKYyVQceQkyd2XOePXsfn05hF9V1IyrX -6I2OT49WFizz67Y4tPaOe/oYOVIqLDOz7V/StJEn99LwHIZnQ4khm7+nmhQUtICH -KrOIAZmikWmou4KY2dnqGv0gWR1Gg4GYNDOXEUt9twbdUAUwU8qDzgX5MtIc+DMK -JnfKQ1zNM1KJ6arg3v1ECttmfpc5nJzr1voF4oEkK2wTsKpKBlG1h8tVKkF1byIP -PPkCLKTJKJgmF80/HOLB6a9vKEMpssGRsAPY1Vq08g== ------END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix deleted file mode 100644 index f1d81ab6..00000000 --- a/secrets/secrets.nix +++ /dev/null @@ -1,23 +0,0 @@ -## To onboard a new machine, you must use a machine that is already onboarded, or the backup authority key saved in a secure location -## Once the new machine is setup at least once, then we can generate/fetch ssh keys from it and add to this list. Then rekey the secrets and commit the changes and pull down from the nix repo - -# System key: `cat /etc/ssh/ssh_host_ed25519_key.pub` -# -# from authority -# `nix run github:yaxitech/ragenix/ -- -i ~/.ssh/ragenix_authority --rules /etc/nixos/secrets/secrets.nix` <-r(eykey)|-e(edit) > - -let - publicKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdG4tG18VeuEr/g4GM7HWUzHuUVcR9k6oS3TPBs4JRF ragenix authority key" - # gpdPocket3 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMhgYzACsd0GPuF8bl9SFB5y9KDwv+pU9UihoInzhRok josh@gpdPocket3" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnV4aVyKStFH1KySfnuqBq+DLvyvJhRfKtMs7PCKlIq root@nixos" - # joe - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4PwrrOuZJWRjlc2dKBUKKE4ybqifJeVOn7x9J5IxIS josh@joe" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+GYfPPKxR/18RdD736G7IQhImX/CYU3A+Gifud3CHg root@joe" - ]; -in -{ - "nix2github.age" = { inherit publicKeys; }; - "nix2bitbucket.age" = { inherit publicKeys; }; -} diff --git a/systems/_common/components/caps_to_escape_in_tty.nix b/systems/_common/components/caps_to_escape_in_tty.nix deleted file mode 100644 index 300a708c..00000000 --- a/systems/_common/components/caps_to_escape_in_tty.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ pkgs, ... }: -{ - # I want this globally even for root so doing it outside of home manager - services.xserver.xkbOptions = "caps:escape"; - console = { - earlySetup = true; - packages = with pkgs; [ terminus_font ]; - useXkbConfig = true; # use xkb.options in tty. (caps -> escape) - }; -} diff --git a/systems/_common/components/font_jetbrainsmono.nix b/systems/_common/components/font_jetbrainsmono.nix deleted file mode 100644 index ee605d8b..00000000 --- a/systems/_common/components/font_jetbrainsmono.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ pkgs, ... }: -{ - fonts.packages = with pkgs; [ - (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) - ]; -} - diff --git a/systems/_common/components/gnome_wayland.nix b/systems/_common/components/gnome_wayland.nix deleted file mode 100644 index 1845bdea..00000000 --- a/systems/_common/components/gnome_wayland.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, ... }: -{ - services.xserver.enable = true; - services.xserver.displayManager.gdm = { - enable = true; - autoSuspend = false; - wayland = true; - }; - services.xserver.desktopManager.gnome.enable = true; - services.gnome.core-utilities.enable = false; - environment.systemPackages = with pkgs; [ - gnome.dconf-editor - gnomeExtensions.workspace-switch-wraparound - # wayland clipboard in terminal - wl-clipboard - ]; -} - diff --git a/systems/_common/components/home_manager.nix b/systems/_common/components/home_manager.nix deleted file mode 100644 index 4a60adde..00000000 --- a/systems/_common/components/home_manager.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, settings, ylib, ... } @ inputs: -let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz"; - # to get hash run `nix-prefetch-url --unpack "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz"` - sha256 = "0g51f2hz13dk953i501fmc6935difhz60741nypaqwz127hy5ldk"; - }; -in -{ - imports = - [ - # home manager import - (import "${home-manager}/nixos") - ]; - # Home manager options - security.polkit.enable = true; - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = { inherit settings; inherit ylib; inherit (inputs) ragenix; inherit (config) age; }; -} - - diff --git a/systems/_common/components/ssh.nix b/systems/_common/components/ssh.nix deleted file mode 100644 index 33ec80ba..00000000 --- a/systems/_common/components/ssh.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: -{ - # Enable the OpenSSH daemon. - services.openssh.enable = true; - services.openssh.settings.PermitRootLogin = "yes"; - # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ - 22 # sshd - ]; -} diff --git a/systems/_common/components/systemd_boot.nix b/systems/_common/components/systemd_boot.nix deleted file mode 100644 index ca92bcf5..00000000 --- a/systems/_common/components/systemd_boot.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ ... }: -{ - # Use the systemd-boot EFI boot loader. - boot.loader = { - systemd-boot = { - enable = true; - consoleMode = "keep"; - }; - timeout = 5; - efi = { - canTouchEfiVariables = true; - }; - }; -} - diff --git a/systems/_common/components/todo_neovim.nix b/systems/_common/components/todo_neovim.nix deleted file mode 100644 index faf7d230..00000000 --- a/systems/_common/components/todo_neovim.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - # extras, more for my neovim setup TODO move these into a more isolated place for nvim setup? Should be its own flake probably - cargo - rustc - nodejs_21 - python313 - nodePackages.cspell - # ripgrep (now in common but will be needed in neovim flake) - ]; -} - diff --git a/systems/_common/configuration.nix b/systems/_common/configuration.nix deleted file mode 100644 index 648d3f1c..00000000 --- a/systems/_common/configuration.nix +++ /dev/null @@ -1,96 +0,0 @@ -{ config, lib, pkgs, settings, ylib, ... } @ inputs: -let - defaultLocal = "en_US.UTF-8"; -in -{ - imports = - [ - # Secrets management - ./ragenix.nix - # Include the results of the hardware scan. - (/${settings.systemsDir}/${settings.system.hostname}/hardware-configuration.nix) - # Include the specific machine's config. - (/${settings.systemsDir}/${settings.system.hostname}/configuration.nix) - ]; - - # Enable flakes - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - - # ========== - # Common - # ========== - networking.hostName = settings.system.hostname; - # TODO do I want this dynamic at all? Roaming? - time.timeZone = "America/Chicago"; - - # Select internationalization properties. - i18n.defaultLocale = defaultLocal; - i18n.extraLocaleSettings = { - LC_ADDRESS = defaultLocal; - LC_IDENTIFICATION = defaultLocal; - LC_MEASUREMENT = defaultLocal; - LC_MONETARY = defaultLocal; - LC_NAME = defaultLocal; - LC_NUMERIC = defaultLocal; - LC_PAPER = defaultLocal; - LC_TELEPHONE = defaultLocal; - LC_TIME = defaultLocal; - }; - - # Some basics - nixpkgs.config.allowUnfree = true; - environment.systemPackages = with pkgs; [ - # wayland clipboard in terminal - wl-clipboard - # Basics - neovim - vim - wget - curl - neofetch - bat - htop - nvtop - unzip - git - fzf - ripgrep - - # TODO keep in common or move to specifics? - ffmpeg_5-full - ]; - - environment.shellAliases = { - n = "nvim"; - nn = "nvim --headless '+SessionDelete' +qa > /dev/null 2>&1 && nvim"; - bat = "bat --theme Coldark-Dark"; - cat = "bat --pager=never -p"; - nix-boot-clean = "find '/boot/loader/entries' -type f ! -name 'windows.conf' | head -n -4 | xargs -I {} rm {}; nix-collect-garbage -d; nixos-rebuild boot; echo; df"; - - # general unix - date_compact = "date +'%Y%m%d'"; - date_short = "date +'%Y-%m-%d'"; - ls = "ls --color -Ga"; - ll = "ls --color -Gal"; - lss = "du --max-depth=0 -h * 2>/dev/null"; - psg = "ps aux | head -n 1 && ps aux | grep -v 'grep' | grep"; - cl = "clear"; - - # git - stash = "git stash"; - pop = "git stash pop"; - branch = "git checkout -b"; - status = "git status"; - diff = "git diff"; - branches = "git branch -a"; - gcam = "git commit -a -m"; - stashes = "git stash list"; - - # ripgrep - rg = "rg --no-ignore"; - rgf = "rg --files 2>/dev/null | rg"; - }; - environment.shellInit = builtins.readFile ./shellInit.sh; - - system.stateVersion = "23.11"; -} diff --git a/systems/_common/ragenix.nix b/systems/_common/ragenix.nix deleted file mode 100644 index 9da2932f..00000000 --- a/systems/_common/ragenix.nix +++ /dev/null @@ -1,29 +0,0 @@ -# TODO check out the by host way this person does: https://github.com/hlissner/dotfiles/blob/089f1a9da9018df9e5fc200c2d7bef70f4546026/modules/agenix.nix -{ settings, lib, ragenix, ... }: -let - # secretsFile = (settings.secretsDir + /secrets.nix); -in -{ - imports = [ ragenix.nixosModules.age ]; - environment.systemPackages = [ ragenix.packages.${settings.system.system}.default ]; - - age = { - secrets = - # builtins.mapAttrs - # (name: _value: lib.nameValuePair (lib.removeSuffix ".age" name) { - # file = (settings.secretsDir + "/${name}"); - # owner = lib.mkDefault settings.user.username; - # }) - # (import secretsFile); - { - nix2github = { - file = /${settings.secretsDir}/nix2github.age; - owner = settings.user.username; - }; - nix2bitbucket = { - file = /${settings.secretsDir}/nix2bitbucket.age; - owner = settings.user.username; - }; - }; - }; -} diff --git a/systems/_common/shellInit.sh b/systems/_common/shellInit.sh deleted file mode 100644 index 48684642..00000000 --- a/systems/_common/shellInit.sh +++ /dev/null @@ -1,110 +0,0 @@ -# basics -htop_psg () { - htop -p $(psg $1 | awk '{r=r s $2;s=","} END{print r}') -} - -htop_pid () { - htop -p $(ps -ef | awk -v proc=$1 '$3 == proc { cnt++;if (cnt == 1) { printf "%s",$2 } else { printf ",%s",$2 } }') -} - -kill_psg() { - PIDS=$(ps aux | grep -v "grep" | grep ${1} | awk '{print $2}') - echo Killing ${PIDS} - for pid in ${PIDS}; do - kill -9 ${pid} &> /dev/null - done -} - -term_psg() { - PIDS=$(ps aux | grep -v "grep" | grep ${1} | awk '{print $2}') - echo Terminating ${PIDS} - for pid in ${PIDS}; do - kill -15 ${pid} &> /dev/null - done -} - -skill_psg() { - PIDS=$(ps aux | grep -v "grep" | grep ${1} | awk '{print $2}') - echo Quitting ${PIDS} - for pid in ${PIDS}; do - sudo kill -9 ${pid} &> /dev/null - done; -} - -mail_clear() { - : > /var/mail/$USER -} - -# git -getdefault () { - git remote show origin | grep "HEAD branch" | sed 's/.*: //' -} - -master () { - git stash - git checkout $(getdefault) - pull -} - -mp () { - master - prunel -} - -pullmaster () { - git pull origin $(getdefault) -} - -push () { - B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') - git pull origin $B - git push origin $B --no-verify -} - -pull () { - git fetch - B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') - git pull origin $B -} - -forcepush () { - B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') - git push origin $B --force -} - -remote_branches () { - git branch -a | grep 'remotes' | grep -v -E '.*(HEAD|${DEFAULT})' | cut -d'/' -f 3- -} - -local_branches () { - git branch -a | grep -v 'remotes' | grep -v -E '.*(HEAD|${DEFAULT})' | grep -v '^*' | cut -d' ' -f 3- -} - -prunel () { - git fetch - git remote prune origin - - for local in $(local_branches); do - in=false - for remote in $(remote_branches); do - if [[ ${local} = ${remote} ]]; then - in=true - fi - done; - if [[ $in = 'false' ]]; then - git branch -D ${local} - else - echo 'Skipping branch '${local} - fi - done; -} - -checkout () { - git fetch - git checkout $1 - pull -} - -from_master () { - git checkout $(getdefault) $@ -} diff --git a/systems/gpdPocket3/configuration.nix b/systems/gpdPocket3/configuration.nix deleted file mode 100644 index 450e8ac5..00000000 --- a/systems/gpdPocket3/configuration.nix +++ /dev/null @@ -1,122 +0,0 @@ -{ config, lib, pkgs, settings, ... } @ args: -{ - imports = - [ - # Our custom stuff - ./stupid-keyboard.nix - (settings.usersDir + "/root/configuration.nix") - (settings.usersDir + "/josh/configuration.nix") - ]; - - # Use the systemd-boot EFI boot loader. - boot.loader = { - systemd-boot = { - enable = true; - consoleMode = "keep"; - }; - timeout = 5; - efi = { - canTouchEfiVariables = true; - }; - }; - - # We want connectivity - networking.networkmanager.enable = true; - hardware.bluetooth.enable = true; - - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = true; - hardware.pulseaudio.package = pkgs.pulseaudioFull; - - # TODO evaluate if any of this kernal/hardware sutff is actually needed for our pocket. This is a hodge podge of shit from online - # The GPD Pocket3 uses a tablet OLED display, that is mounted rotated 90° counter-clockwise. - # This requires cusotm kernal params. - boot.kernelParams = [ - "video=DSI-1:panel_orientation=right_side_up" - "fbcon=rotate:1" - "mem_sleep_default=s2idel" - ]; - boot.kernelModules = [ "btusb" ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "thunderbolt" ]; - services.xserver.videoDrivers = [ "intel" ]; - hardware.opengl = { - enable = true; - driSupport = true; - }; - hardware.opengl.extraPackages = with pkgs; [ - intel-media-driver - intel-vaapi-driver - ]; - hardware.enableAllFirmware = true; - # Stuff from https://github.com/NixOS/nixos-hardware/blob/9a763a7acc4cfbb8603bb0231fec3eda864f81c0/gpd/pocket-3/default.nix - services.fstrim.enable = true; - services.xserver.libinput.enable = true; - services.tlp.enable = lib.mkDefault ((lib.versionOlder (lib.versions.majorMinor lib.version) "21.05") - || !config.services.power-profiles-daemon.enable); - - # [Laptop] screens with brightness settings - programs.light.enable = true; - - # I want this globally even for root so doing it outside of home manager - services.xserver.xkbOptions = "caps:escape"; - console = { - earlySetup = true; - packages = with pkgs; [ terminus_font ]; - # We want to be able to read the screen so use a 32 sized font... - font = "${pkgs.terminus_font}/share/consolefonts/ter-132n.psf.gz"; - useXkbConfig = true; # use xkb.options in tty. (caps -> escape) - }; - - # Attempting to get fingerprint scanner to work... having issues though, no device detected with all methods - # services.fprintd = { - # enable = true; - # tod = { - # enable = true; - # driver = pkgs.libfprint-2-tod1-elan; - # }; - # }; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - services.openssh.settings.PermitRootLogin = "yes"; - - # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ - 22 # sshd - ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - - fonts.packages = with pkgs; [ - (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) - ]; - - services.xserver.enable = true; - services.xserver.displayManager.gdm = { - enable = true; - autoSuspend = false; - }; - services.xserver.desktopManager.gnome.enable = true; - services.gnome.core-utilities.enable = false; - - # List packages installed in system profile. To search, run: - # $ nix search wget - nixpkgs.config.allowUnfree = true; - environment.systemPackages = with pkgs; [ - # [Laptop] Battery status - acpi - # extras, more for my neovim setup TODO move these into a more isolated place for nvim setup? Should be its own flake probably - cargo - rustc - nodejs_21 - python313 - # ripgrep # now in common - nodePackages.cspell - ]; - - # does for all shells. Can use `programs.zsh.shellAliases` for specific ones - environment.shellAliases = { - battery = "acpi"; - wifi = "nmtui"; - }; -} diff --git a/systems/gpdPocket3/stupid-keyboard.nix b/systems/gpdPocket3/stupid-keyboard.nix deleted file mode 100644 index 2b441ae1..00000000 --- a/systems/gpdPocket3/stupid-keyboard.nix +++ /dev/null @@ -1,35 +0,0 @@ -# This nix file is just a fix for a really stupid lay-outed keyboard I bought that I -# only use with the gpd pocket 3. Probably not relevant to anyone else -# -# Keyboard in question: https://www.walmart.com/ip/R-Go-Split-Ergonomic-Keyboard-QWERTY-US-Black-Wired-USB-Keyboard-Spilt-Wired-Windows-Linux/452297950 -# R-Go Split Break Keyboard (maybe the walmart one is a fake since their real site does not have the same layout) -# https://www.r-go-tools.com/ergonomic-keyboard/r-go-split-break/ -{ config, lib, pkgs, ... }: - -let - rgo_keyboard_vid = "0911"; - rgo_keyboard_pid = "2188"; - rgo_hub_vid = "05e3"; - rgo_hub_pid = "0608"; -in -{ - services.keyd = { - enable = true; - # `keyd monitor` to get new keys to remap - keyboards = { - rgo_sino_keyboard = { - ids = [ "0911:2188" "05e3:0608" ]; - settings = { - main = { - # Backslash is in place of the enter key's normal position, so setting it to enter - "\\" = "enter"; - # This keyboard has a strange extra key that outputs < and > characters. It has the - # backslash key printed on it though, conveniently, so we will just map this to backslash - # since it does not affect how I use left shift (which it takes half the space of) - "102nd" = "\\"; - }; - }; - }; - }; - }; -} diff --git a/systems/joe/configuration.nix b/systems/joe/configuration.nix deleted file mode 100644 index 00c97a02..00000000 --- a/systems/joe/configuration.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ config, lib, pkgs, settings, ... } @ args: -{ - imports = - [ - # TODO revisit - (settings.systemsDir + "/_common/components/todo_neovim.nix") - # Common components this machine uses - (settings.systemsDir + "/_common/components/systemd_boot.nix") - (settings.systemsDir + "/_common/components/ssh.nix") - (settings.systemsDir + "/_common/components/caps_to_escape_in_tty.nix") - (settings.systemsDir + "/_common/components/font_jetbrainsmono.nix") - (settings.systemsDir + "/_common/components/home_manager.nix") - (settings.systemsDir + "/_common/components/gnome_wayland.nix") - # Users this machine has - (settings.usersDir + "/root/configuration.nix") - (settings.usersDir + "/josh/configuration.nix") - ]; - - # Machine specific configuration - hardware.enableAllFirmware = true; - # Connectivity - networking.networkmanager.enable = true; - hardware.bluetooth.enable = true; - environment.shellAliases = { - wifi = "nmtui"; - }; - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = true; - hardware.pulseaudio.package = pkgs.pulseaudioFull; - - # environment.systemPackages = with pkgs; [ ]; - - # nvidia gfx https://nixos.wiki/wiki/Nvidia - # ========= - # Enable OpenGL - hardware.opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - }; - - # Load nvidia driver for Xorg and Wayland - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.nvidia = { - # Modesetting is required. - modesetting.enable = true; - - # Nvidia power management. Experimental, and can cause sleep/suspend to fail. - # Enable this if you have graphical corruption issues or application crashes after waking - # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead - # of just the bare essentials. - powerManagement.enable = false; - - # Fine-grained power management. Turns off GPU when not in use. - # Experimental and only works on modern Nvidia GPUs (Turing or newer). - powerManagement.finegrained = false; - - # Use the NVidia open source kernel module (not to be confused with the - # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus - # Only available from driver 515.43.04+ - # Currently alpha-quality/buggy, so false is currently the recommended setting. - open = false; - - # Enable the Nvidia settings menu, - # accessible via `nvidia-settings`. - nvidiaSettings = true; - - # Optionally, you may need to select the appropriate driver version for your specific GPU. - package = config.boot.kernelPackages.nvidiaPackages.stable; - }; -} diff --git a/users/_common/home.nix b/users/_common/home.nix deleted file mode 100644 index b7cd79ae..00000000 --- a/users/_common/home.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ settings, pkgs, lib, ylib, ... } @ args: { - home.stateVersion = "23.11"; - programs.home-manager.enable = true; - - home.username = settings.user.username; - home.homeDirectory = "/home/${settings.user.username}"; - - imports = ylib.umport { - paths = [ ./programs ]; - recursive = true; - }; -} diff --git a/users/_common/programs/direnv.nix b/users/_common/programs/direnv.nix deleted file mode 100644 index bc37e8cc..00000000 --- a/users/_common/programs/direnv.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ settings, ... }: -{ - ##### I want to hide the output but couldn't get either of these to work - # home.sessionVariables = { - # DIRENV_LOG_FORMAT = ""; - # }; - # programs.zsh.initExtra = '' - # copy_function() { - # test -n "$(declare -f "$1")" || return - # eval "''${_/$1/$2}" - # } - # copy_function _direnv_hook _direnv_hook__old - # _direnv_hook() { - # # old line - # #_direnv_hook__old "$@" 2> >(grep -E -v '^direnv: (export)') - - # # my new line - # _direnv_hook__old "$@" 2> >(awk '{if (length >= 200) { sub("^direnv: export.*","direnv: export "NF" environment variables")}}1') - - # # as suggested by user "radekh" above - # wait - - # # as suggested by user "Ic-guy" below if you're using bash > v4.4 - # # throws error for me on zsh - # # wait $! - # } - # ''; - programs.direnv = { - enable = true; - enableZshIntegration = true; - config = { - nix-direnv = true; - global = { - strict_env = true; - load_dotenv = true; - hide_env_diff = true; - }; - whitelist = { - prefix = [ "~/projects" ]; - }; - }; - }; -} - diff --git a/users/_common/programs/ssh.nix b/users/_common/programs/ssh.nix deleted file mode 100644 index 495de480..00000000 --- a/users/_common/programs/ssh.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib, settings, age, pkgs, ... } @ args: -{ - # We always want a standard ssh key-pair used for secret management, create it if not there. - home.activation.generateSshKey = lib.hm.dag.entryAfter [ "writeBoundary" ] '' - if [ ! -f $HOME/.ssh/id_ed25519 ]; then - if [ -v DRY_RUN ]; then - echo "DRY_RUN is set. Would generate SSH key for ${settings.user.username}." - else - echo "Generating SSH key for ${settings.user.username}." - mkdir -p $HOME/.ssh - chmod 700 $HOME/.ssh - ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $HOME/.ssh/id_ed25519 -N "" - fi - else - echo "SSH key already exists for ${settings.user.username}." - fi - ''; - - programs.ssh = { - enable = true; - matchBlocks = { - "github.com" = { - identityFile = age.secrets.nix2github.path; - }; - "bitbucket.org" = { - identityFile = age.secrets.nix2bitbucket.path; - }; - }; - }; -} - diff --git a/users/josh/configuration.nix b/users/josh/configuration.nix deleted file mode 100644 index c3630b66..00000000 --- a/users/josh/configuration.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, lib, ylib, pkgs, settings, ... } @ args: -{ - users.users.${settings.user.username} = { - initialPassword = "password1"; - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "video" "input" ]; - shell = pkgs.zsh; - }; - - # TODO how to do this from home manager file instead - environment.pathsToLink = [ "/share/zsh" ]; - programs.zsh = { - enable = true; - }; - - home-manager.users.${settings.user.username} = { - imports = - # Common settings all users share - [ (settings.usersDir + "/_common/home.nix") ] - # User programs - ++ ylib.umport { - paths = [ ./programs ]; - recursive = true; - } - # User theme - ++ ylib.umport { - paths = [ ./theme ]; - recursive = true; - }; - }; -} - diff --git a/users/josh/programs/alacritty.nix b/users/josh/programs/alacritty.nix deleted file mode 100644 index f1c44d4b..00000000 --- a/users/josh/programs/alacritty.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ ... }: -{ - # More of an experiment to try out since wezterm is being weird on wayland... - # - # - programs.alacritty = { - enable = true; - settings = { - window = { - decorations = "None"; - dynamic_title = false; - }; - colors = { - primary = { - foreground = "#e0e0e0"; - background = "#262626"; - cursor = "#171717"; - vi_mode_cursor = "#636363"; - }; - normal = { - # Catppuccin Coal - black = "#1f1f1f"; - red = "#f38ba8"; - green = "#a6e3a1"; - yellow = "#f9e2af"; - blue = "#89b4fa"; - magenta = "#cba6f7"; - cyan = "#89dceb"; - white = "#e0e0e0"; - }; - }; - font = { - normal = { family = "JetBrainsMonoNL Nerd Font"; style = "Regular"; }; - size = 12.0; - ## TODO use 16 on macos ... - }; - # TODO revisit... none of this is working. - keyboard.bindings = [ - # { key = "m"; mods = "Command"; chars = "test"; } - # { key = "t"; mods = "Control"; action = { SendString = "\\x01t"; }; } - # { key = "w"; mods = "Control"; action = { SendString = "\\x01w"; }; } - # { key = "o"; mods = "Control"; action = { SendString = "testing123"; }; } - # { key = "w"; mods = "Control"; chars = "\\\\x01w"; } - # { key = "o"; mods = "Control"; chars = "\\\\x01o"; } - # { key = "1"; mods = "Control"; chars = "\\\\x011"; } - # { key = "2"; mods = "Control"; chars = "\\\\x012"; } - ]; - }; - }; -} - diff --git a/users/josh/programs/chrome.nix b/users/josh/programs/chrome.nix deleted file mode 100644 index c72717f3..00000000 --- a/users/josh/programs/chrome.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = [ pkgs.google-chrome ]; -} - diff --git a/users/josh/programs/comma.nix b/users/josh/programs/comma.nix deleted file mode 100644 index 6bfcf158..00000000 --- a/users/josh/programs/comma.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = [ pkgs.comma ]; -} - diff --git a/users/josh/programs/discord.nix b/users/josh/programs/discord.nix deleted file mode 100644 index 9917cbb4..00000000 --- a/users/josh/programs/discord.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = [ pkgs.discordo pkgs.discord ]; -} - diff --git a/users/josh/programs/firefox.nix b/users/josh/programs/firefox.nix deleted file mode 100644 index 7df00267..00000000 --- a/users/josh/programs/firefox.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = [ pkgs.firefox-esr ]; -} - diff --git a/users/josh/programs/nautilus.nix b/users/josh/programs/nautilus.nix deleted file mode 100644 index 337711ab..00000000 --- a/users/josh/programs/nautilus.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ settings, pkgs, ... }: -{ - home.packages = [ pkgs.gnome.nautilus ]; -} - diff --git a/users/josh/programs/ollama.nix b/users/josh/programs/ollama.nix deleted file mode 100644 index 084f0413..00000000 --- a/users/josh/programs/ollama.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ settings, pkgs, ... }: -{ - home.packages = [ pkgs.ollama ]; -} - diff --git a/users/josh/programs/vivaldi.nix b/users/josh/programs/vivaldi.nix deleted file mode 100644 index 347b1f5f..00000000 --- a/users/josh/programs/vivaldi.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = [ pkgs.vivaldi ]; -} - diff --git a/users/josh/programs/wezterm/wezterm.lua b/users/josh/programs/wezterm/wezterm.lua deleted file mode 100644 index 7ade97c3..00000000 --- a/users/josh/programs/wezterm/wezterm.lua +++ /dev/null @@ -1,170 +0,0 @@ -local info = os.getenv("WEZTERM_EXECUTABLE") -local nix_test = os.getenv("NIX_PROFILES") -local isMac = info:find("MacOS") ~= nil -local isNix = not (nix_test == nil or nix_text == "") - - --- gets basename of path. From https://stackoverflow.com/a/39872872 --- local function basename(str) --- return str:sub(str:find("/[^/|\\]*$") + 1) --- end - -local wezterm = require("wezterm") -local config = {} - -if wezterm.config_builder then - config = wezterm.config_builder() -end - -config.disable_default_key_bindings = true -config.keys = { - -- Manually add Ctrl+Shift+V for Paste - { - key = "v", - mods = "CTRL|SHIFT", - action = wezterm.action.PasteFrom("Clipboard"), - }, - -- Manually add Ctrl+Shift+C for Copy - { - key = "c", - mods = "CTRL|SHIFT", - action = wezterm.action.CopyTo("Clipboard"), - }, - -- Create new TMUX window - { - key = "t", - mods = "CTRL", - action = wezterm.action.SendString("\x01" .. "t"), - }, - -- Close TMUX window - { - key = "w", - mods = "CTRL", - action = wezterm.action.SendString("\x01" .. "w"), - }, - -- Close TMUX window - { - key = "o", - mods = "CTRL", - action = wezterm.action.SendString("\x01" .. "o"), - }, -} - -for i = 1, 9 do - table.insert(config.keys, { - key = tostring(i), - mods = "CTRL", - action = wezterm.action.SendString("\x01" .. tostring(i)), - }) -end - --- My modifications: https://gist.github.com/RingOfStorms/b2ff0c4e37f5be9f985c72c3ec9a3e62 -local scheme = wezterm.get_builtin_color_schemes()["Catppuccin Mocha"] -local c = { - text = "#e0e0e0", - subtext1 = "#cccccc", - subtext0 = "#b8b8b8", - overlay2 = "#a3a3a3", - overlay1 = "#8c8c8c", - overlay0 = "#787878", - surface2 = "#636363", - surface1 = "#4f4f4f", - surface0 = "#3b3b3b", - base = "#262626", - mantle = "#1f1f1f", - crust = "#171717", -} -scheme.foreground = c.text -scheme.background = c.base -scheme.cursor_fg = c.crust -scheme.selection_fg = c.text -scheme.selection_bg = c.surface2 -scheme.scrollbar_thumb = c.surface2 -scheme.split = c.overlay0 -scheme.ansi[1] = c.surface1 -scheme.ansi[8] = c.subtext1 -scheme.brights[1] = c.surface2 -scheme.brights[8] = c.subtext0 -scheme.visual_bell = c.surface0 --- I don't use tab bar so not really needed -scheme.tab_bar.background = c.crust -scheme.tab_bar.active_tab.fg_color = c.crust -scheme.tab_bar.inactive_tab.bg_color = c.mantle -scheme.tab_bar.inactive_tab.fg_color = c.text -scheme.tab_bar.inactive_tab_hover.bg_color = c.base -scheme.tab_bar.inactive_tab_hover.fg_color = c.text -scheme.tab_bar.new_tab.bg_color = c.surface0 -scheme.tab_bar.new_tab.fg_color = c.text -scheme.tab_bar.new_tab_hover.bg_color = c.surface1 -scheme.tab_bar.new_tab_hover.fg_color = c.text -scheme.tab_bar.inactive_tab_edge = c.surface0 - -config.color_schemes = { ["Catppuccin Coal"] = scheme } -config.color_scheme = "Catppuccin Coal" - -if isMac then - config.font_size = 16 - config.window_decorations = "RESIZE" -elseif isNix then - config.enable_wayland = true - - config.window_decorations = "NONE" - - -- Fix for cursor disappearing in gnome - -- https://github.com/wez/wezterm/issues/1742#issuecomment-1075333507 - local xcursor_size = nil - local xcursor_theme = nil - - local success, stdout, stderr = wezterm.run_child_process({"gsettings", "get", "org.gnome.desktop.interface", "cursor-theme"}) - if success then - xcursor_theme = stdout:gsub("'(.+)'\n", "%1") - end - - local success, stdout, stderr = wezterm.run_child_process({"gsettings", "get", "org.gnome.desktop.interface", "cursor-size"}) - if success then - xcursor_size = tonumber(stdout) - end - - config.xcursor_theme = xcursor_theme - config.xcursor_size = xcursor_size -end - -config.window_frame = { - font = wezterm.font({ family = "JetBrains Mono", weight = "Bold" }), -} - -config.enable_tab_bar = false --- config.colors = { --- tab_bar = { --- active_tab = { --- bg_color = "#1c1c1c", --- fg_color = "#ababab", --- }, --- }, --- } - -config.font = wezterm.font_with_fallback({ - { - family = "JetBrainsMono Nerd Font Mono", - weight = "Regular", - }, - { family = "Terminus" }, -}) - --- wezterm.on("format-tab-title", function(tab) --- local p = tab.active_pane --- local idx = tab.is_active and "" or tab.tab_index + 1 --- local dir = basename(p.current_working_dir) - --- local title = idx .. " " .. dir - --- local proc = basename(p.foreground_process_name) --- if proc ~= "zsh" then --- title = title .. " " .. proc --- end - --- return title --- end) - -return config - diff --git a/users/josh/programs/wezterm/wezterm.nix b/users/josh/programs/wezterm/wezterm.nix deleted file mode 100644 index 3133918c..00000000 --- a/users/josh/programs/wezterm/wezterm.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = [ pkgs.wezterm ]; - home.file.".wezterm.lua".source = ./wezterm.lua; -} - diff --git a/users/josh/theme/gnome.nix b/users/josh/theme/gnome.nix deleted file mode 100644 index d50a4423..00000000 --- a/users/josh/theme/gnome.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = with pkgs; [ - # use `dconf dump /` before and after and diff the files for easy editing of dconf below - # > `dconf dump / > /tmp/dconf_dump_start && watch -n0.5 'dconf dump / > /tmp/dconf_dump_current && diff --color /tmp/dconf_dump_start /tmp/dconf_dump_current -U12'` - # OR (Must be logged into user directly, no SU to user will work): `dconf watch /` - # gnome.dconf-editor - # gnomeExtensions.workspace-switch-wraparound - #gnomeExtensions.forge # probably don't need on this on tiny laptop but may explore this instead of sway for my desktop - ]; - - dconf = { - enable = true; - settings = { - "org/gnome/shell" = { - favorite-apps = [ - # "vivaldi-stable.desktop" - "Alacritty.desktop" - # Wezterm is not playing nice with me on gnome wayland :( - # "org.wezfurlong.wezterm.desktop" - "firefox.desktop" - "org.gnome.Nautilus.desktop" - ]; - enabled-extensions = with pkgs.gnomeExtensions; [ - workspace-switch-wraparound.extensionUuid - ]; - }; - "org/gnome/desktop/interface" = { - color-scheme = "prefer-dark"; - enable-hot-corners = false; - show-battery-percentage = true; - }; - "org/gnome/desktop/wm/preferences" = { - resize-with-right-button = true; - button-layout = "maximize:appmenu,close"; - audible-bell = false; - wrap-around = true; - }; - "org/gnome/settings-daemon/plugins/media-keys" = { - # Disable the lock screen shortcut - screensaver = [ "" ]; - custom-keybindings = [ "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" ]; - }; - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { - binding = "Return"; - command = "alacritty"; - name = "Launch terminal"; - }; - "org/gnome/desktop/wm/keybindings" = { - minimize = [ "" ]; - - move-to-workspace-1 = [ "" ]; - move-to-workspace-2 = [ "" ]; - move-to-workspace-3 = [ "" ]; - move-to-workspace-4 = [ "" ]; - move-to-workspace-last = [ "" ]; - move-to-workspace-down = [ "Down" ]; - move-to-workspace-up = [ "Up" ]; - move-to-workspace-left = [ "Left" ]; - move-to-workspace-right = [ "Right" ]; - - switch-to-workspace-1 = [ "1" ]; - switch-to-workspace0 = [ "2" ]; - switch-to-workspace-3 = [ "3" ]; - switch-to-workspace-4 = [ "4" ]; - switch-to-workspace-down = [ "" ]; - switch-to-workspace-last = [ "" ]; - switch-to-workspace-left = [ "h" ]; - switch-to-workspace-right = [ "l" ]; - }; - "org/gnome/mutter" = { - edge-tiling = true; - workspaces-only-on-primary = true; - }; - "org/gnome/settings-daemon/plugins/power" = { - power-button-action = "nothing"; - sleep-inactive-ac-type = "nothing"; - sleep-inactive-battery-type = "nothing"; - idle-brightness = 15; - power-saver-profile-on-low-battery = false; - }; - "org/gnome/desktop/screensaver" = { - lock-enabled = false; - idle-activation-enabled = false; - }; - "org/gnome/desktop/applications/terminal" = { - exec = "alacritty"; - }; - "org/gnome/settings-daemon/plugins/color" = { - night-light-enabled = false; - night-light-schedule-automatic = false; - }; - "org/gnome/shell/keybindings" = { - shift-overview-down = [ "j" ]; - shift-overview-up = [ "k" ]; - switch-to-application-1 = [ "" ]; - switch-to-application-2 = [ "" ]; - switch-to-application-3 = [ "" ]; - switch-to-application-4 = [ "" ]; - switch-to-application-5 = [ "" ]; - switch-to-application-6 = [ "" ]; - switch-to-application-7 = [ "" ]; - switch-to-application-8 = [ "" ]; - switch-to-application-9 = [ "" ]; - toggle-quick-settings = [ "" ]; - toggle-application-view = [ "space" ]; - }; - }; - }; -} - diff --git a/users/josh/theme/gtk.nix b/users/josh/theme/gtk.nix deleted file mode 100644 index f6727adc..00000000 --- a/users/josh/theme/gtk.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ pkgs, ... }: -{ - gtk = { - enable = true; - - cursorTheme = { - name = "Numix-Cursor"; - package = pkgs.numix-cursor-theme; - }; - - gtk3.extraConfig = { - Settings = '' - gtk-application-prefer-dark-theme=1 - ''; - }; - - gtk4.extraConfig = { - Settings = '' - gtk-application-prefer-dark-theme=1 - ''; - }; - }; - - home.sessionVariables.GTK_THEME = "palenight"; -} diff --git a/users/root/configuration.nix b/users/root/configuration.nix deleted file mode 100644 index 59935d2d..00000000 --- a/users/root/configuration.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, pkgs, settings, ... } @ args: -{ - users.users.root = { - initialPassword = "password1"; - }; - - system.activationScripts.sshConfig = { - text = '' - mkdir -p /root/.ssh - ln -snf ${config.age.secrets.nix2github.path} /root/.ssh/nix2github - ln -snf /home/${settings.user.username}/.ssh/config /root/.ssh/config - ''; - }; -} -