shahab/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: shahab:3a66870244270f313ba245a390c91f1ce95ad124
Branches Tags
shahab:main
..
compare: shahab:7ed5bdf15fc92c3a51c7e4c8fedf20f97033bcf9
Branches Tags
shahab:main

10 Commits
3a66870244 ... 7ed5bdf15f

Author SHA1 Message Date
Shahab Dogar
7ed5bdf15f chore: formatter 2025-11-02 08:29:18 +05:00
Shahab Dogar
03b72ee856 feat: enable docker multiplatform builds 2025-11-02 08:29:11 +05:00
Shahab Dogar
5524baa28d feat: add yq and jq to misc home packages 2025-10-15 12:40:12 +05:00
Shahab Dogar
8f8b370e47 fix: update hyprland config, remove amdvlk 2025-10-04 10:23:03 +05:00
Shahab Dogar
77050a34c6 chore: monthly flake update 2025-10-04 10:09:58 +05:00
Shahab Dogar
307b866cc6 chore: run formatter 2025-09-27 22:27:55 +05:00
Shahab Dogar
23ddc84bfc feat: make all hyprland config files symlinks 2025-09-27 22:27:50 +05:00
Shahab Dogar
63a06ca3ec feat: only keep the previous 5 generations bootable 2025-09-27 12:39:07 +05:00
Shahab Dogar
ca47e15309 chore: switch to kitty for terminal 2025-09-13 12:53:56 +05:00
Shahab Dogar
c923c80cbf sec: harden ssh config 2025-09-04 20:21:18 +05:00
63 changed files with 899 additions and 341 deletions
Expand all files Collapse all files

7
dotfiles/hypr/hyprland.conf
View File

@@ -25,7 +25,7 @@ monitor=,preferred,auto,auto
# See https://wiki.hyprland.org/Configuring/Keywords/
# Set programs that you use
$terminal = ghostty
$terminal = kitty
$fileManager = dolphin
$menu = wofi --show drun
@@ -186,11 +186,6 @@ input {
}
}
# https://wiki.hyprland.org/Configuring/Variables/#gestures
gestures {
workspace_swipe = false
}
# Example per-device config
# See https://wiki.hyprland.org/Configuring/Keywords/#per-device-input-configs for more
device {

51
dotfiles/nvim/flake.nix
View File

@@ -10,30 +10,33 @@
};
};
outputs = { self, nixpkgs, flake-utils, fenix }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
fenixLib = fenix.packages.${system};
rustToolchain = fenixLib.stable.toolchain;
in
{
devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
lua-language-server
stylua
ripgrep
fd
outputs = {
self,
nixpkgs,
flake-utils,
fenix,
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
fenixLib = fenix.packages.${system};
rustToolchain = fenixLib.stable.toolchain;
in {
devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
lua-language-server
stylua
ripgrep
fd
nodejs_24
python313
rustToolchain
];
nodejs_24
python313
rustToolchain
];
shellHook = ''
echo "Neovim development environment"
echo "nvim is configured with your local config"
'';
};
});
shellHook = ''
echo "Neovim development environment"
echo "nvim is configured with your local config"
'';
};
});
}

90
flake.lock generated
View File

@@ -20,11 +20,11 @@
]
},
"locked": {
"lastModified": 1755946532,
"narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=",
"lastModified": 1760101617,
"narHash": "sha256-8jf/3ZCi+B7zYpIyV04+3wm72BD7Z801IlOzsOACR7I=",
"owner": "hyprwm",
"repo": "aquamarine",
"rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada",
"rev": "1826a9923881320306231b1c2090379ebf9fa4f8",
"type": "github"
},
"original": {
@@ -55,11 +55,11 @@
]
},
"locked": {
"lastModified": 1756733629,
"narHash": "sha256-dwWGlDhcO5SMIvMSTB4mjQ5Pvo2vtxvpIknhVnSz2I8=",
"lastModified": 1761899396,
"narHash": "sha256-XOpKBp6HLzzMCbzW50TEuXN35zN5WGQREC7n34DcNMM=",
"owner": "nix-community",
"repo": "disko",
"rev": "a5c4f2ab72e3d1ab43e3e65aa421c6f2bd2e12a1",
"rev": "6f4cf5abbe318e4cd1e879506f6eeafd83f7b998",
"type": "github"
},
"original": {
@@ -172,11 +172,11 @@
]
},
"locked": {
"lastModified": 1756903364,
"narHash": "sha256-vZh/YH2D7oDFek10r0TbGn3qJrqGv69sSP+oF8PFDqQ=",
"lastModified": 1761878381,
"narHash": "sha256-lCRaipHgszaFZ1Cs8fdGJguVycCisBAf2HEFgip5+xU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "6159629d05a0e92bb7fb7211e74106ae1d552401",
"rev": "4ac96eb21c101a3e5b77ba105febc5641a8959aa",
"type": "github"
},
"original": {
@@ -230,11 +230,11 @@
]
},
"locked": {
"lastModified": 1755678602,
"narHash": "sha256-uEC5O/NIUNs1zmc1aH1+G3GRACbODjk2iS0ET5hXtuk=",
"lastModified": 1760445448,
"narHash": "sha256-fXGjL6dw31FPFRrmIemzGiNSlfvEJTJNsmadZi+qNhI=",
"owner": "hyprwm",
"repo": "hyprgraphics",
"rev": "157cc52065a104fc3b8fa542ae648b992421d1c7",
"rev": "50fb9f069219f338a11cf0bcccb9e58357d67757",
"type": "github"
},
"original": {
@@ -259,11 +259,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1756811803,
"narHash": "sha256-03zmDvAU+VLPWHv5uxfGVR6bs/SnCYeZ8hbedK/Eb/M=",
"lastModified": 1761869718,
"narHash": "sha256-jLfwwlPGpnGRAtVDyoGj9FgH2D9hWwyEu0yHkflG2EI=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "127aab815908ecbd3db4d23f127d2e96b79855f9",
"rev": "8e9add2afda58d233a75e4c5ce8503b24fa59ceb",
"type": "github"
},
"original": {
@@ -284,11 +284,11 @@
]
},
"locked": {
"lastModified": 1749046714,
"narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=",
"lastModified": 1759610243,
"narHash": "sha256-+KEVnKBe8wz+a6dTLq8YDcF3UrhQElwsYJaVaHXJtoI=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330",
"rev": "bd153e76f751f150a09328dbdeb5e4fab9d23622",
"type": "github"
},
"original": {
@@ -352,11 +352,11 @@
]
},
"locked": {
"lastModified": 1753819801,
"narHash": "sha256-tHe6XeNeVeKapkNM3tcjW4RuD+tB2iwwoogWJOtsqTI=",
"lastModified": 1759080228,
"narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=",
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"rev": "b308a818b9dcaa7ab8ccab891c1b84ebde2152bc",
"rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7",
"type": "github"
},
"original": {
@@ -381,11 +381,11 @@
]
},
"locked": {
"lastModified": 1753622892,
"narHash": "sha256-0K+A+gmOI8IklSg5It1nyRNv0kCNL51duwnhUO/B8JA=",
"lastModified": 1758927902,
"narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "23f0debd2003f17bd65f851cd3f930cff8a8c809",
"rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da",
"type": "github"
},
"original": {
@@ -406,11 +406,11 @@
]
},
"locked": {
"lastModified": 1756117388,
"narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=",
"lastModified": 1759619523,
"narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=",
"owner": "hyprwm",
"repo": "hyprutils",
"rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0",
"rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef",
"type": "github"
},
"original": {
@@ -490,11 +490,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1756750488,
"narHash": "sha256-e4ZAu2sjOtGpvbdS5zo+Va5FUUkAnizl4wb0/JlIL2I=",
"lastModified": 1761933221,
"narHash": "sha256-rNHeoG3ZrA94jczyLSjxCtu67YYPYIlXXr0uhG3wNxM=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "47eb4856cfd01eaeaa7bb5944a0f27db8fb9b94a",
"rev": "7467f155fcba189eb088a7601f44fbef7688669b",
"type": "github"
},
"original": {
@@ -505,11 +505,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1756266583,
"narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=",
"lastModified": 1761114652,
"narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2",
"rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c",
"type": "github"
},
"original": {
@@ -537,11 +537,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1756787288,
"narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=",
"lastModified": 1761672384,
"narHash": "sha256-o9KF3DJL7g7iYMZq9SWgfS1BFlNbsm6xplRjVlOCkXI=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1",
"rev": "08dacfca559e1d7da38f3cf05f1f45ee9bfd213c",
"type": "github"
},
"original": {
@@ -561,11 +561,11 @@
]
},
"locked": {
"lastModified": 1755960406,
"narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=",
"lastModified": 1760663237,
"narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2",
"rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37",
"type": "github"
},
"original": {
@@ -641,11 +641,11 @@
]
},
"locked": {
"lastModified": 1754988908,
"narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"lastModified": 1760998189,
"narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3",
"type": "github"
},
"original": {
@@ -697,11 +697,11 @@
]
},
"locked": {
"lastModified": 1755354946,
"narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=",
"lastModified": 1760713634,
"narHash": "sha256-5HXelmz2x/uO26lvW7MudnadbAfoBnve4tRBiDVLtOM=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0",
"rev": "753bbbdf6a052994da94062e5b753288cef28dfb",
"type": "github"
},
"original": {

50
flake.nix
View File

@@ -40,34 +40,34 @@
};
};
outputs = { nixpkgs, ... }@inputs:
let
inherit (nixpkgs) lib;
mkHost = host: {
${host} = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs;
outputs = {nixpkgs, ...} @ inputs: let
inherit (nixpkgs) lib;
mkHost = host: {
${host} = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs;
# Extend lib with lib.custom
lib = nixpkgs.lib.extend (self: super: {
custom = import ./lib { inherit (nixpkgs) lib; };
});
};
modules = [ ./hosts/nixos/${host} ];
# Extend lib with lib.custom
lib = nixpkgs.lib.extend (self: super: {
custom = import ./lib {inherit (nixpkgs) lib;};
});
};
};
mkHostConfigs = hosts:
lib.foldl (acc: set: acc // set) { }
(lib.map (host: mkHost host) hosts);
readHosts = folder: lib.attrNames (builtins.readDir ./hosts/${folder});
in {
nixosConfigurations = mkHostConfigs (readHosts "nixos");
devShell.x86_64-linux = let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
in pkgs.mkShell {
buildInputs = with pkgs; [ nil lua-language-server ];
modules = [./hosts/nixos/${host}];
};
};
mkHostConfigs = hosts:
lib.foldl (acc: set: acc // set) {}
(lib.map (host: mkHost host) hosts);
readHosts = folder: lib.attrNames (builtins.readDir ./hosts/${folder});
in {
nixosConfigurations = mkHostConfigs (readHosts "nixos");
devShells.x86_64-linux.default = let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
in
pkgs.mkShell {
buildInputs = with pkgs; [nil lua-language-server kubernetes-helm kubectl];
};
};
}

27
home/shahab/aamil-1.nix Normal file
View File

@@ -0,0 +1,27 @@
{lib, ...}: {
imports = lib.flatten [
#
# ========== Required Configs ==========
#
./common/core
#
# ========== Host-specific Optional Configs ==========
#
(map (config: "${builtins.toString ./.}/common/optional/${config}.nix") [
"btop"
"nvim"
"starship"
"tmux"
"zsh"
])
];
home = {
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
stateVersion = "25.05";
sessionVariables = {
EDITOR = "nvim";
};
};
}

27
home/shahab/aamil-2.nix Normal file
View File

@@ -0,0 +1,27 @@
{lib, ...}: {
imports = lib.flatten [
#
# ========== Required Configs ==========
#
./common/core
#
# ========== Host-specific Optional Configs ==========
#
(map (config: "${builtins.toString ./.}/common/optional/${config}.nix") [
"btop"
"nvim"
"starship"
"tmux"
"zsh"
])
];
home = {
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
stateVersion = "25.05";
sessionVariables = {
EDITOR = "nvim";
};
};
}

27
home/shahab/aamil-3.nix Normal file
View File

@@ -0,0 +1,27 @@
{lib, ...}: {
imports = lib.flatten [
#
# ========== Required Configs ==========
#
./common/core
#
# ========== Host-specific Optional Configs ==========
#
(map (config: "${builtins.toString ./.}/common/optional/${config}.nix") [
"btop"
"nvim"
"starship"
"tmux"
"zsh"
])
];
home = {
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
stateVersion = "25.05";
sessionVariables = {
EDITOR = "nvim";
};
};
}

45
home/shahab/common/core/default.nix
View File

@@ -1,11 +1,12 @@
{ config, lib, pkgs, hostSpec, ... }: {
{
config,
lib,
pkgs,
hostSpec,
...
}: {
imports = lib.flatten [
(map lib.custom.relativeToRoot [ "modules/common" "modules/home-manager" ])
./ghostty.nix
./direnv.nix
./git.nix
./fonts.nix
(map lib.custom.relativeToRoot ["modules/common" "modules/home-manager"])
];
inherit hostSpec;
@@ -14,7 +15,7 @@
username = lib.mkDefault config.hostSpec.username;
homeDirectory = lib.mkDefault config.hostSpec.home;
stateVersion = lib.mkDefault "25.05";
sessionPath = [ "$HOME/.local/bin" ];
sessionPath = ["$HOME/.local/bin"];
sessionVariables = {
FLAKE = "$HOME/src/nix/nix-config";
SHELL = "zsh";
@@ -23,36 +24,10 @@
};
};
home.packages = with pkgs; [
nh
btop
eza
ripgrep
rm-improved
dust
zoxide
xcp
unzip
tmux
gcc
zig
gparted
gnupg
dig
bash
kdePackages.dolphin
font-awesome
tree
wl-clipboard-rs
brightnessctl
age
nerd-fonts.jetbrains-mono
];
nix = {
package = lib.mkDefault pkgs.nix;
settings = {
experimental-features = [ "nix-command" "flakes" ];
experimental-features = ["nix-command" "flakes"];
warn-dirty = false;
};
};

4
home/shahab/common/core/fonts.nix
View File

@@ -1,4 +0,0 @@
{ pkgs, ... }: {
fonts.fontconfig.enable = true;
home.packages = with pkgs; [ nerd-fonts.jetbrains-mono ];
}

21
home/shahab/common/core/git.nix
View File

@@ -1,21 +0,0 @@
{ lib, pkgs, config, ... }: {
programs.git = {
package = pkgs.gitAndTools.gitFull;
enable = true;
userName = config.hostSpec.userFullName;
userEmail = config.hostSpec.email.user;
lfs.enable = true;
extraConfig = {
gpg = { format = "ssh"; };
"gpg \"ssh\"" = {
program = "${lib.getExe' pkgs._1password-gui "op-ssh-sign"}";
};
commit = { gpgsign = true; };
user = { signingKey = "~/.ssh/id_rihla.pub"; };
pull = { rebase = true; };
init = { defaultBranch = "main"; };
lfs = { locksverify = true; };
};
};
}

6
home/shahab/common/optional/btop.nix
View File

@@ -1,5 +1,3 @@
{ ... }:
{
programs.btop = { enable = true; };
{...}: {
programs.btop = {enable = true;};
}

0
home/shahab/common/core/direnv.nix → home/shahab/common/optional/direnv.nix
View File

2
home/shahab/common/optional/firefox.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, ... }: {
{pkgs, ...}: {
programs.firefox = {
enable = true;
package = pkgs.firefox.override {

4
home/shahab/common/optional/fonts.nix Normal file
View File

@@ -0,0 +1,4 @@
{pkgs, ...}: {
fonts.fontconfig.enable = true;
home.packages = with pkgs; [nerd-fonts.jetbrains-mono];
}

7
home/shahab/common/core/ghostty.nix → home/shahab/common/optional/ghostty.nix
View File

@@ -1,9 +1,4 @@
{
config,
...
}:
{
{config, ...}: {
programs.ghostty = {
enable = true;

27
home/shahab/common/optional/git.nix Normal file
View File

@@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: {
programs.git = {
enable = true;
lfs.enable = true;
settings = {
user = {
name = config.hostSpec.userFullName;
email = config.hostSpec.email.user;
};
gpg = {format = "ssh";};
"gpg \"ssh\"" = {
program = "${lib.getExe' pkgs._1password-gui "op-ssh-sign"}";
};
commit = {gpgsign = true;};
user = {signingKey = "~/.ssh/id_rihla.pub";};
pull = {rebase = true;};
init = {defaultBranch = "main";};
lfs = {locksverify = true;};
};
};
}

21
home/shahab/common/optional/hyprland.nix
View File

@@ -1,16 +1,23 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
home = {
file = {
"${config.xdg.configHome}/hypr".source =
lib.custom.relativeToRoot "dotfiles/hypr";
"${config.xdg.configHome}/hypr/hyprland.conf".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/hypr/hyprland.conf"}";
"${config.xdg.configHome}/hypr/hypridle.conf".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/hypr/hypridle.conf"}";
"${config.xdg.configHome}/hypr/hyprlock.conf".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/hypr/hyprlock.conf"}";
"${config.xdg.configHome}/waybar".source =
lib.custom.relativeToRoot "dotfiles/waybar";
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/waybar"}";
"${config.xdg.configHome}/wofi".source =
lib.custom.relativeToRoot "dotfiles/wofi";
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/wofi"}";
"${config.xdg.configHome}/mako".source =
lib.custom.relativeToRoot "dotfiles/mako";
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/mako"}";
};
packages = with pkgs; [

14
home/shahab/common/optional/kitty.nix Normal file
View File

@@ -0,0 +1,14 @@
{config, ...}: {
programs.kitty = {
enable = true;
shellIntegration.enableZshIntegration = true;
settings = {
font = config.hostSpec.font;
shell = "tmux";
font-size = 16.0;
active_border_color = "#44ffff";
single_window_margin_width = 0;
};
};
}

24
home/shahab/common/optional/misc-packages.nix
View File

@@ -1,7 +1,23 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
uv
btop
zoxide
unzip
tmux
gcc
zig
gparted
gnupg
dig
bash
kdePackages.dolphin
font-awesome
tree
wl-clipboard-rs
brightnessctl
age
nerd-fonts.jetbrains-mono
lazygit
gh
dbeaver-bin
@@ -14,5 +30,7 @@
kitty
waybar
obsidian
yq
jq
];
}

7
home/shahab/common/optional/nvim.nix
View File

@@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
programs.neovim = {
enable = true;
defaultEditor = true;
@@ -9,6 +7,7 @@
};
# Create a symlink from ~/.config/nvim to the dotfiles directory
home.file.".config/nvim".source = config.lib.file.mkOutOfStoreSymlink
home.file.".config/nvim".source =
config.lib.file.mkOutOfStoreSymlink
"${config.home.homeDirectory}/git/nix-config/dotfiles/nvim";
}

4
home/shahab/common/optional/ssh.nix
View File

@@ -1,5 +1,5 @@
{ ... }:
let onePassPath = "~/.1password/agent.sock";
{...}: let
onePassPath = "~/.1password/agent.sock";
in {
programs.ssh = {
enable = true;

2
home/shahab/common/optional/starship.nix
View File

@@ -1 +1 @@
{ ... }: { programs.starship.enable = true; }
{...}: {programs.starship.enable = true;}

9
home/shahab/common/optional/tmux.nix
View File

@@ -1,12 +1,15 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
home = {
file = {
"${config.xdg.configHome}/tmux".source =
lib.custom.relativeToRoot "dotfiles/tmux";
};
packages = with pkgs; [ tmux ];
packages = with pkgs; [tmux];
};
}

16
home/shahab/common/optional/zsh.nix
View File

@@ -1,4 +1,18 @@
{ config, ... }: {
{
config,
pkgs,
...
}: {
home.packages = with pkgs; [
eza
ripgrep
rm-improved
dust
xcp
nh
zoxide
];
programs.zsh = {
enable = true;
enableCompletion = true;

7
home/shahab/rihla.nix
View File

@@ -1,4 +1,4 @@
{ lib, ... }: {
{lib, ...}: {
imports = lib.flatten [
#
# ========== Required Configs ==========
@@ -10,8 +10,13 @@
#
(map (config: "${builtins.toString ./.}/common/optional/${config}.nix") [
"btop"
"direnv"
"firefox"
"fonts"
"ghostty"
"git"
"hyprland"
"kitty"
"misc-packages"
"nvim"
"ssh"

4
home/shahab/specialisations/gaming.nix
View File

@@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
discord
protonmail-desktop

19
hosts/common/core/default.nix
View File

@@ -1,6 +1,10 @@
{ pkgs, inputs, config, lib, ... }:
{
pkgs,
inputs,
config,
lib,
...
}: {
imports = lib.flatten [
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
@@ -14,9 +18,8 @@
hostSpec = {
username = "shahab";
handle = "shahab96";
email = { user = "shahab@dogar.dev"; };
email = {user = "shahab@dogar.dev";};
userFullName = "Shahab Dogar";
domain = "rihla";
networking.ports.tcp.ssh = 22;
};
@@ -50,13 +53,13 @@
auto-optimise-store = true;
warn-dirty = false;
trusted-users = [ "@wheel" ];
trusted-users = ["@wheel"];
substituters = [ "https://hyprland.cachix.org" ];
substituters = ["https://hyprland.cachix.org" "https://nix.dogar.dev"];
trusted-public-keys = [
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
experimental-features = [ "nix-command" "flakes" ];
experimental-features = ["nix-command" "flakes"];
};
};
@@ -70,7 +73,7 @@
};
# ========= Sops =========
environment.systemPackages = with pkgs; [ sops ];
environment.systemPackages = with pkgs; [sops];
#
# ========== Localization ==========

44
hosts/common/disks/aamil.nix Normal file
View File

@@ -0,0 +1,44 @@
{
disko.devices = {
disk = {
vdb = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
start = "1M";
end = "128M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
luks = {
size = "100%";
content = {
name = "crypted";
type = "luks";
passwordFile = "/tmp/secret.key";
settings = {
allowDiscards = true;
crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];
};
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
};
}

22
hosts/common/disks/rihla.nix
View File

@@ -1,6 +1,12 @@
{ lib, config, device, withSwap, swapSize, label, ... }:
{
lib,
config,
device,
withSwap,
swapSize,
label,
...
}: {
disko = {
devices = {
disk = {
@@ -34,8 +40,7 @@
passwordFile = "/tmp/secret.key";
settings = {
allowDiscards = true;
crypttabExtraOpts =
[ "fido2-device=auto" "token-timeout=10" ];
crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];
};
content = {
type = "lvm_pv";
@@ -62,20 +67,19 @@
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-L" label "-f" ];
extraArgs = ["-L" label "-f"];
subvolumes = {
"@root" = {
mountpoint = "/";
mountOptions = [ "subvol=root" "compress=zstd" "noatime" ];
mountOptions = ["subvol=root" "compress=zstd" "noatime"];
};
"@persist" = {
mountpoint = config.hostSpec.persist;
mountOptions =
[ "subvol=persist" "compress=zstd" "noatime" ];
mountOptions = ["subvol=persist" "compress=zstd" "noatime"];
};
"@nix" = {
mountpoint = "/nix";
mountOptions = [ "subvol=nix" "compress=zstd" "noatime" ];
mountOptions = ["subvol=nix" "compress=zstd" "noatime"];
};
};
};

6
hosts/common/optional/1password.nix
View File

@@ -1,11 +1,9 @@
{ config, ... }:
{
{config, ...}: {
programs = {
_1password.enable = true;
_1password-gui = {
enable = true;
polkitPolicyOwners = [ config.hostSpec.username ];
polkitPolicyOwners = [config.hostSpec.username];
};
};
}

6
hosts/common/optional/claude-code.nix
View File

@@ -1,5 +1,3 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ claude-code ];
{pkgs, ...}: {
environment.systemPackages = with pkgs; [claude-code];
}

4
hosts/common/optional/dconf.nix
View File

@@ -1,5 +1,3 @@
{ ... }:
{
{...}: {
programs.dconf.enable = true;
}

25
hosts/common/optional/docker.nix
View File

@@ -1,27 +1,22 @@
{ pkgs, ... }: {
{pkgs, ...}: {
virtualisation = {
podman = {
docker = {
enable = true;
dockerSocket.enable = true;
dockerCompat = true;
autoPrune = {
enable = true;
dates = "weekly";
daemon = {
settings = {
features = {
containerd-snapshotter = true;
};
};
};
};
containers = { registries = { search = [ "docker.io" ]; }; };
containers = {registries = {search = ["docker.io"];};};
libvirtd = {
enable = true;
qemu = {
swtpm.enable = true;
ovmf = {
enable = true;
packages = with pkgs; [ OVMFFull.fd ];
};
};
};
@@ -34,7 +29,7 @@
spice
spice-gtk
spice-protocol
win-virtio
virtio-win
win-spice
];
}

6
hosts/common/optional/hoppscotch.nix
View File

@@ -1,5 +1,3 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ hoppscotch ];
{pkgs, ...}: {
environment.systemPackages = with pkgs; [hoppscotch];
}

6
hosts/common/optional/hyprland.nix
View File

@@ -1,6 +1,8 @@
{ inputs, pkgs, ... }:
{
inputs,
pkgs,
...
}: {
programs.hyprland = {
enable = true;
package =

4
hosts/common/optional/nix-ld.nix
View File

@@ -1,5 +1,3 @@
{ ... }:
{
{...}: {
programs.nix-ld.enable = true;
}

6
hosts/common/optional/secure-boot.nix
View File

@@ -1,5 +1,3 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ sbctl ];
{pkgs, ...}: {
environment.systemPackages = with pkgs; [sbctl];
}

6
hosts/common/optional/services/audio.nix
View File

@@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services = {
# Enable sound with pipewire.
pulseaudio.enable = false;
@@ -15,5 +13,5 @@
security.rtkit.enable = true;
environment.systemPackages =
builtins.attrValues { inherit (pkgs) pavucontrol; };
builtins.attrValues {inherit (pkgs) pavucontrol;};
}

4
hosts/common/optional/services/bluetooth.nix
View File

@@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.blueman.enable = true;
hardware = {
bluetooth.enable = true;

4
hosts/common/optional/services/firmware.nix
View File

@@ -1,5 +1,3 @@
{ ... }:
{
{...}: {
services.fwupd.enable = true;
}

7
hosts/common/optional/services/greetd.nix
View File

@@ -1,12 +1,9 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services.greetd = {
enable = true;
settings = {
default_session = {
command =
"${pkgs.tuigreet}/bin/tuigreet --greeting 'Welcome to NixOS!' --asterisks --remember --remember-user-session --time --cmd ${pkgs.hyprland}/bin/Hyprland";
command = "${pkgs.tuigreet}/bin/tuigreet --greeting 'Welcome to NixOS!' --asterisks --remember --remember-user-session --time --cmd ${pkgs.hyprland}/bin/Hyprland";
user = "greeter";
};
};

14
hosts/common/optional/services/k3s.nix Normal file
View File

@@ -0,0 +1,14 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
k3s
cifs-utils
nfs-utils
];
services.k3s = {
enable = true;
role = "agent";
token = "K10aad4485a9e2a872775c6560ab812ac1a05d2dc4c86f189fdf56e5fdc673dcc10::server:G7zhbpu7iSUYvM2e";
serverAddr = "https://rashid:6443";
};
}

8
hosts/common/optional/services/openiscsi.nix Normal file
View File

@@ -0,0 +1,8 @@
{config, ...}: let
hostName = config.hostSpec.hostName;
in {
services.openiscsi = {
enable = true;
name = "iqn.2016-04.com.open-iscsi:${hostName}";
};
}

16
hosts/common/optional/services/openssh.nix
View File

@@ -1,10 +1,18 @@
{ config, ... }:
let sshPort = config.hostSpec.networking.ports.tcp.ssh;
{config, ...}: let
sshPort = config.hostSpec.networking.ports.tcp.ssh;
in {
services.openssh = {
enable = true;
ports = [ sshPort ];
ports = [sshPort];
settings = {
PermitRootLogin = "no";
KbdInteractiveAuthentication = false;
PasswordAuthentication = false;
};
openFirewall = true;
};
networking.firewall.allowedTCPPorts = [ sshPort ];
networking.firewall.allowedTCPPorts = [sshPort];
}

4
hosts/common/optional/services/printing.nix
View File

@@ -1,6 +1,4 @@
# Reminder that CUPS cpanel defaults to localhost:631
{ ... }:
{
{...}: {
services.printing.enable = true;
}

4
hosts/common/optional/services/smart-card.nix
View File

@@ -1,5 +1,3 @@
{ ... }:
{
{...}: {
services.pcscd.enable = true;
}

6
hosts/common/optional/yubikey.nix
View File

@@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
# yubikey login / sudo
security.pam = {
u2f = {
@@ -13,5 +11,5 @@
};
};
environment.systemPackages = with pkgs; [ yubikey-manager ];
environment.systemPackages = with pkgs; [yubikey-manager];
}

16
hosts/common/specialisations/gaming.nix
View File

@@ -1,5 +1,9 @@
{ pkgs, config, lib, ... }:
let
{
pkgs,
config,
lib,
...
}: let
hostSpec = config.hostSpec;
in {
specialisation.gaming.configuration = {
@@ -15,15 +19,15 @@ in {
};
home-manager.users."${hostSpec.username}".imports = lib.flatten [
({ config, ... }:
({config, ...}:
import (lib.custom.relativeToRoot
"home/${hostSpec.username}/specialisations/gaming.nix") {
inherit pkgs;
})
inherit pkgs;
})
];
powerManagement.cpuFreqGovernor = "performance";
environment.systemPackages = with pkgs; [ mangohud protonup-qt ];
environment.systemPackages = with pkgs; [mangohud protonup-qt];
};
}

22
hosts/common/users/primary/default.nix
View File

@@ -1,5 +1,10 @@
{ pkgs, config, lib, inputs, ... }:
let
{
pkgs,
config,
lib,
inputs,
...
}: let
hostSpec = config.hostSpec;
pubKeys = lib.filesystem.listFilesRecursive ./keys;
in {
@@ -13,15 +18,14 @@ in {
shell = pkgs.zsh;
home = hostSpec.home;
isNormalUser = true;
hashedPassword =
"$y$j9T$pvjyL7hL5x2VBarGNTnMl1$mLA2UsWTbfp8Hgp/ug5l8224thi..Mo8.p7ME.tDZ.4";
extraGroups = [ "networkmanager" "wheel" "input" "libvirtd" ];
hashedPassword = "$y$j9T$pvjyL7hL5x2VBarGNTnMl1$mLA2UsWTbfp8Hgp/ug5l8224thi..Mo8.p7ME.tDZ.4";
extraGroups = ["networkmanager" "wheel" "input" "libvirtd" "docker"];
# Read all keys in ./keys and add them to authorizedKeys.
openssh.authorizedKeys.keys =
lib.lists.forEach pubKeys (key: builtins.readFile key);
packages = with pkgs; [ libnotify ];
packages = with pkgs; [libnotify];
};
};
@@ -31,11 +35,11 @@ in {
hostSpec = config.hostSpec;
};
users.${hostSpec.username}.imports = lib.flatten [
({ config, ... }:
({config, ...}:
import (lib.custom.relativeToRoot
"home/${hostSpec.username}/${hostSpec.hostName}.nix") {
inherit pkgs inputs config lib hostSpec;
})
inherit pkgs inputs config lib hostSpec;
})
];
};
}

92
hosts/nixos/aamil-1/default.nix Normal file
View File

@@ -0,0 +1,92 @@
{
inputs,
pkgs,
lib,
...
}: let
hostName = "aamil-1";
in {
imports = lib.flatten [
#
# ========= Hardware =========
#
./hardware-configuration.nix
#
# ========= Disk Layout =========
#
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/aamil.nix")
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Services =========
#
(map
(s: lib.custom.relativeToRoot "hosts/common/optional/services/${s}.nix") [
"k3s"
"openiscsi"
"openssh"
])
];
#
# ========= Host specification =========
#
hostSpec = {
hostName = hostName;
};
networking = {
hostName = hostName;
networkmanager.enable = true;
enableIPv6 = false;
firewall.enable = false;
};
nix = {
settings = {
require-sigs = false;
experimental-features = ["nix-command" "flakes"];
};
};
# Set your time zone.
time.timeZone = "Asia/Karachi";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Fixes for longhorn
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
virtualisation.docker.logDriver = "json-file";
security.sudo.extraRules = [
{
users = ["shahab"];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
environment.systemPackages = with pkgs; [
neovim
git
];
system.stateVersion = "25.05";
}

31
hosts/nixos/aamil-1/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
loader = {
# Use the systemd-boot EFI boot loader.
systemd-boot = {
enable = true;
configurationLimit = 1;
};
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = ["ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

92
hosts/nixos/aamil-2/default.nix Normal file
View File

@@ -0,0 +1,92 @@
{
inputs,
pkgs,
lib,
...
}: let
hostName = "aamil-2";
in {
imports = lib.flatten [
#
# ========= Hardware =========
#
./hardware-configuration.nix
#
# ========= Disk Layout =========
#
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/aamil.nix")
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Services =========
#
(map
(s: lib.custom.relativeToRoot "hosts/common/optional/services/${s}.nix") [
"k3s"
"openiscsi"
"openssh"
])
];
#
# ========= Host specification =========
#
hostSpec = {
hostName = hostName;
};
networking = {
hostName = hostName;
networkmanager.enable = true;
enableIPv6 = false;
firewall.enable = false;
};
nix = {
settings = {
require-sigs = false;
experimental-features = ["nix-command" "flakes"];
};
};
# Set your time zone.
time.timeZone = "Asia/Karachi";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Fixes for longhorn
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
virtualisation.docker.logDriver = "json-file";
security.sudo.extraRules = [
{
users = ["shahab"];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
environment.systemPackages = with pkgs; [
neovim
git
];
system.stateVersion = "25.05";
}

31
hosts/nixos/aamil-2/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
loader = {
# Use the systemd-boot EFI boot loader.
systemd-boot = {
enable = true;
configurationLimit = config.hostSpec.bootHistoryLimit;
};
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

92
hosts/nixos/aamil-3/default.nix Normal file
View File

@@ -0,0 +1,92 @@
{
inputs,
pkgs,
lib,
...
}: let
hostName = "aamil-3";
in {
imports = lib.flatten [
#
# ========= Hardware =========
#
./hardware-configuration.nix
#
# ========= Disk Layout =========
#
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/aamil.nix")
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Services =========
#
(map
(s: lib.custom.relativeToRoot "hosts/common/optional/services/${s}.nix") [
"k3s"
"openiscsi"
"openssh"
])
];
#
# ========= Host specification =========
#
hostSpec = {
hostName = hostName;
};
networking = {
hostName = hostName;
networkmanager.enable = true;
enableIPv6 = false;
firewall.enable = false;
};
nix = {
settings = {
require-sigs = false;
experimental-features = ["nix-command" "flakes"];
};
};
# Set your time zone.
time.timeZone = "Asia/Karachi";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Fixes for longhorn
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
virtualisation.docker.logDriver = "json-file";
security.sudo.extraRules = [
{
users = ["shahab"];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
environment.systemPackages = with pkgs; [
neovim
git
];
system.stateVersion = "25.05";
}

31
hosts/nixos/aamil-3/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
loader = {
# Use the systemd-boot EFI boot loader.
systemd-boot = {
enable = true;
configurationLimit = config.hostSpec.bootHistoryLimit;
};
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

20
hosts/nixos/rihla/default.nix
View File

@@ -1,6 +1,10 @@
{ inputs, pkgs, lib, config, ... }:
{
inputs,
pkgs,
lib,
config,
...
}: {
imports = lib.flatten [
#
# ========= Hardware =========
@@ -33,7 +37,7 @@
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot [ "hosts/common/core" ])
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Optional Configs =========
@@ -92,11 +96,15 @@
boot = {
loader = {
# Set this to true on first install. This must be false for secure boot.
systemd-boot.enable = lib.mkForce (!config.hostSpec.secureBoot);
systemd-boot = {
enable = lib.mkForce (!config.hostSpec.secureBoot);
configurationLimit = config.hostSpec.bootHistoryLimit;
};
efi.canTouchEfiVariables = true;
};
initrd.postResumeCommands = lib.mkIf config.hostSpec.impermanance
initrd.postResumeCommands =
lib.mkIf config.hostSpec.impermanance
(lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/crypt_vg/root /btrfs_tmp
@@ -130,7 +138,7 @@
security.rtkit.enable = true;
environment.systemPackages = with pkgs; [ pciutils bc ];
environment.systemPackages = with pkgs; [pciutils bc];
system.stateVersion = "25.05";
}

17
hosts/nixos/rihla/hardware-configuration.nix
View File

@@ -1,8 +1,13 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ pkgs, config, lib, modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
initrd = {
@@ -15,11 +20,12 @@
"usb_storage"
"sd_mod"
];
kernelModules = [ ];
kernelModules = [];
};
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
kernelModules = ["kvm-amd"];
extraModulePackages = [];
binfmt.emulatedSystems = ["aarch64-linux"]; # Add other target architectures as needed
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -36,7 +42,6 @@
lib.mkDefault config.hardware.enableRedistributableFirmware;
graphics = {
enable = true;
extraPackages = with pkgs; [ amdvlk ];
};
};
}

4
lib/default.nix
View File

@@ -1,5 +1,3 @@
{ lib, ... }:
{
{lib, ...}: {
relativeToRoot = lib.path.append ../.;
}

6
modules/common/default.nix
View File

@@ -1,5 +1,3 @@
{ ... }:
{
imports = [ ./host-spec.nix ];
{...}: {
imports = [./host-spec.nix];
}

16
modules/common/host-spec.nix
View File

@@ -1,5 +1,9 @@
# Specifications For Differentiating Hosts
{ config, lib, ... }: {
{
config,
lib,
...
}: {
options.hostSpec = {
username = lib.mkOption {
type = lib.types.str;
@@ -14,7 +18,7 @@
description = "The email of the user";
};
networking = lib.mkOption {
default = { };
default = {};
type = lib.types.attrsOf lib.types.anything;
description = "An attribute set of networking information";
};
@@ -40,6 +44,11 @@
description = "Whether or not secure boot has been enabled";
default = false;
};
bootHistoryLimit = lib.mkOption {
type = lib.types.int;
description = "How many generations to keep bootable in history";
default = 3;
};
impermanance = lib.mkOption {
type = lib.types.bool;
description = "Whether or not to enable impermenance";
@@ -63,8 +72,7 @@
scaling = lib.mkOption {
type = lib.types.str;
default = "1";
description =
"Used to indicate what scaling to use. Floating point number";
description = "Used to indicate what scaling to use. Floating point number";
};
font = lib.mkOption {
type = lib.types.str;

6
modules/home-manager/default.nix
View File

@@ -1,5 +1,3 @@
{ ... }:
{
imports = [ ./yubikey-touch-detector.nix ];
{...}: {
imports = [./yubikey-touch-detector.nix];
}

37
modules/home-manager/yubikey-touch-detector.nix
View File

@@ -1,11 +1,15 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.services.yubikey-touch-detector;
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.services.yubikey-touch-detector;
in {
options.services.yubikey-touch-detector = {
enable = mkEnableOption
enable =
mkEnableOption
"a tool to detect when your YubiKey is waiting for a touch";
package = mkOption {
@@ -22,7 +26,7 @@ in {
extraArgs = mkOption {
type = types.listOf types.str;
default = [ "--libnotify" ];
default = ["--libnotify"];
defaultText = literalExpression ''[ "--libnotify" ]'';
description = ''
Extra arguments to pass to the tool. The arguments are not escaped.
@@ -31,20 +35,19 @@ in {
};
config = mkIf cfg.enable {
home.packages = [ cfg.package ];
home.packages = [cfg.package];
# Service description licensed under ISC
# See https://github.com/maximbaz/yubikey-touch-detector/blob/c9fdff7163361d6323e2de0449026710cacbc08a/LICENSE
# Author: Maxim Baz
systemd.user.sockets.yubikey-touch-detector = mkIf cfg.socket.enable {
Unit.Description =
"Unix socket activation for YubiKey touch detector service";
Unit.Description = "Unix socket activation for YubiKey touch detector service";
Socket = {
ListenFIFO = "%t/yubikey-touch-detector.sock";
RemoveOnStop = true;
SocketMode = "0660";
};
Install.WantedBy = [ "sockets.target" ];
Install.WantedBy = ["sockets.target"];
};
# Same license thing for the description here
@@ -52,19 +55,19 @@ in {
Unit = {
Description = "Detects when your YubiKey is waiting for a touch";
Requires =
optionals cfg.socket.enable [ "yubikey-touch-detector.socket" ];
optionals cfg.socket.enable ["yubikey-touch-detector.socket"];
};
Service = {
ExecStart = "${cfg.package}/bin/yubikey-touch-detector ${
concatStringsSep " " cfg.extraArgs
}";
Environment = [ "PATH=${lib.makeBinPath [ pkgs.gnupg ]}" ];
concatStringsSep " " cfg.extraArgs
}";
Environment = ["PATH=${lib.makeBinPath [pkgs.gnupg]}"];
Restart = "on-failure";
RestartSec = "1sec";
};
Install.Also =
optionals cfg.socket.enable [ "yubikey-touch-detector.socket" ];
Install.WantedBy = [ "default.target" ];
optionals cfg.socket.enable ["yubikey-touch-detector.socket"];
Install.WantedBy = ["default.target"];
};
};
}

1
secret.key Normal file
View File

@@ -0,0 +1 @@
kernel-hacker!