From c08012466e98b3121369079fca2836ae50f37e6f Mon Sep 17 00:00:00 2001 From: cnst Date: Fri, 2 Aug 2024 18:48:27 +0200 Subject: [PATCH] ?? --- .sops.yaml | 7 + flake.lock | 241 +++++------------- flake.nix | 41 ++- nixos/core/default.nix | 17 -- nixos/default.nix | 30 +-- nixos/hosts/cnix/imports.nix | 122 --------- nixos/hosts/cnix/system.nix | 63 ----- nixos/hosts/default.nix | 40 +-- nixos/{extra => opt}/android/default.nix | 0 nixos/{extra => opt}/bottles/default.nix | 0 nixos/{extra => opt}/corectrl/default.nix | 0 nixos/{extra => opt}/gamemode/default.nix | 0 nixos/{extra => opt}/gamescope/default.nix | 0 nixos/{extra => opt}/gaming.nix | 0 nixos/{extra => opt}/gnome/default.nix | 0 nixos/{extra => opt}/lutris/default.nix | 0 nixos/{extra => opt}/nix-ld/default.nix | 0 nixos/{extra => opt}/steam/default.nix | 0 nixos/{extra => opt}/workstation/default.nix | 0 nixos/{services => srv}/audio/default.nix | 0 nixos/{services => srv}/blueman/default.nix | 0 nixos/{services => srv}/dbus/default.nix | 0 nixos/{services => srv}/fwupd/default.nix | 0 .../gnome-keyring/default.nix | 0 nixos/{services => srv}/greetd/default.nix | 0 nixos/{services => srv}/gvfs/default.nix | 0 nixos/{services => srv}/locate/default.nix | 0 nixos/{services => srv}/mullvad/default.nix | 0 nixos/{services => srv}/openssh/default.nix | 0 nixos/{services => srv}/power/default.nix | 0 nixos/{services => srv}/samba/default.nix | 0 nixos/{services => srv}/udisks/default.nix | 0 nixos/{services => srv}/xserver/adampad.nix | 0 nixos/{services => srv}/xserver/cnix.nix | 0 nixos/{services => srv}/xserver/toothpc.nix | 0 nixos/{core => system/boot}/boot.nix | 0 nixos/{core => system/boot}/lanzaboote.nix | 0 nixos/system/default.nix | 11 + nixos/system/etc/dconf/default.nix | 3 + nixos/{core/system => system/etc}/default.nix | 11 +- .../etc/fonts/default.nix} | 0 .../etc/home-manager/default.nix} | 0 .../etc/hyprland/default.nix} | 0 .../etc/nixpkgs/default.nix} | 0 .../etc/security/default.nix} | 0 .../etc/substituters/default.nix} | 0 .../xdg.nix => system/etc/xdg/default.nix} | 0 nixos/{core/shells => system/shell}/dev.nix | 0 .../zsh.nix => system/shell/sh/default.nix} | 0 .../{core => system/var}/network/adampad.nix | 0 nixos/{core => system/var}/network/cnix.nix | 0 .../{core => system/var}/network/toothpc.nix | 0 .../var/nh/adampad.nix} | 0 .../cnix-nh.nix => system/var/nh/cnix.nix} | 0 .../var/nh/toothpc.nix} | 0 secrets/secrets.nix | 5 + 56 files changed, 150 insertions(+), 441 deletions(-) create mode 100644 .sops.yaml delete mode 100644 nixos/core/default.nix delete mode 100644 nixos/hosts/cnix/imports.nix delete mode 100644 nixos/hosts/cnix/system.nix rename nixos/{extra => opt}/android/default.nix (100%) rename nixos/{extra => opt}/bottles/default.nix (100%) rename nixos/{extra => opt}/corectrl/default.nix (100%) rename nixos/{extra => opt}/gamemode/default.nix (100%) rename nixos/{extra => opt}/gamescope/default.nix (100%) rename nixos/{extra => opt}/gaming.nix (100%) rename nixos/{extra => opt}/gnome/default.nix (100%) rename nixos/{extra => opt}/lutris/default.nix (100%) rename nixos/{extra => opt}/nix-ld/default.nix (100%) rename nixos/{extra => opt}/steam/default.nix (100%) rename nixos/{extra => opt}/workstation/default.nix (100%) rename nixos/{services => srv}/audio/default.nix (100%) rename nixos/{services => srv}/blueman/default.nix (100%) rename nixos/{services => srv}/dbus/default.nix (100%) rename nixos/{services => srv}/fwupd/default.nix (100%) rename nixos/{services => srv}/gnome-keyring/default.nix (100%) rename nixos/{services => srv}/greetd/default.nix (100%) rename nixos/{services => srv}/gvfs/default.nix (100%) rename nixos/{services => srv}/locate/default.nix (100%) rename nixos/{services => srv}/mullvad/default.nix (100%) rename nixos/{services => srv}/openssh/default.nix (100%) rename nixos/{services => srv}/power/default.nix (100%) rename nixos/{services => srv}/samba/default.nix (100%) rename nixos/{services => srv}/udisks/default.nix (100%) rename nixos/{services => srv}/xserver/adampad.nix (100%) rename nixos/{services => srv}/xserver/cnix.nix (100%) rename nixos/{services => srv}/xserver/toothpc.nix (100%) rename nixos/{core => system/boot}/boot.nix (100%) rename nixos/{core => system/boot}/lanzaboote.nix (100%) create mode 100644 nixos/system/default.nix create mode 100644 nixos/system/etc/dconf/default.nix rename nixos/{core/system => system/etc}/default.nix (87%) rename nixos/{core/fonts.nix => system/etc/fonts/default.nix} (100%) rename nixos/{core/home-manager.nix => system/etc/home-manager/default.nix} (100%) rename nixos/{core/hyprland.nix => system/etc/hyprland/default.nix} (100%) rename nixos/{core/system/nixpkgs.nix => system/etc/nixpkgs/default.nix} (100%) rename nixos/{core/system/security.nix => system/etc/security/default.nix} (100%) rename nixos/{core/system/substituters.nix => system/etc/substituters/default.nix} (100%) rename nixos/{core/xdg.nix => system/etc/xdg/default.nix} (100%) rename nixos/{core/shells => system/shell}/dev.nix (100%) rename nixos/{core/zsh.nix => system/shell/sh/default.nix} (100%) rename nixos/{core => system/var}/network/adampad.nix (100%) rename nixos/{core => system/var}/network/cnix.nix (100%) rename nixos/{core => system/var}/network/toothpc.nix (100%) rename nixos/{core/system/adampad-nh.nix => system/var/nh/adampad.nix} (100%) rename nixos/{core/system/cnix-nh.nix => system/var/nh/cnix.nix} (100%) rename nixos/{core/system/toothpc-nh.nix => system/var/nh/toothpc.nix} (100%) create mode 100644 secrets/secrets.nix diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 00000000..a35b72ed --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,7 @@ +keys: + - &cnix age1aj6tdyjcxjc3fqda3uvnzy6m49yj4ankvzdstnj3w9dr8hmsccts5vsgd8 +creation_rules: + - path_regex: secrets/secrets.yaml$ + key_groups: + - age: + - *cnix diff --git a/flake.lock b/flake.lock index 5deb5037..31b2b346 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,32 @@ { "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": [ + "hm" + ], + "nixpkgs": [ + "nixpkgs" + ], + "systems": [ + "systems" + ] + }, + "locked": { + "lastModified": 1722339003, + "narHash": "sha256-ZeS51uJI30ehNkcZ4uKqT4ZDARPyqrHADSKAwv5vVCU=", + "owner": "ryantm", + "repo": "agenix", + "rev": "3f1dae074a12feb7327b4bf43cbac0d124488bb7", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, "anyrun": { "inputs": { "flake-parts": "flake-parts", @@ -80,12 +107,12 @@ "yafas": "yafas" }, "locked": { - "lastModified": 1722542796, - "narHash": "sha256-l+XBDAxLXPdEqPASKjyDbgBQys9IijCtHjXcEXN6YeU=", - "rev": "a44b84390425928d2282676e63eed3a1ee528178", - "revCount": 1313, + "lastModified": 1722615689, + "narHash": "sha256-1nFssdBy2Wm5tihYjabxJqGoQOVsb0FZZ7gsH28cjDY=", + "rev": "a74f205ab8887f08985270723823e6555efb7d83", + "revCount": 1314, "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/chaotic-cx/nyx/0.1.1313%2Brev-a44b84390425928d2282676e63eed3a1ee528178/01910f91-404f-76fe-b3f8-8f4b86465e96/source.tar.gz" + "url": "https://api.flakehub.com/f/pinned/chaotic-cx/nyx/0.1.1314%2Brev-a74f205ab8887f08985270723823e6555efb7d83/019113e8-6de6-7d8b-a84a-9f8dc30916f1/source.tar.gz" }, "original": { "type": "tarball", @@ -127,6 +154,28 @@ "type": "github" } }, + "darwin": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, "devshell": { "inputs": { "nixpkgs": [ @@ -159,11 +208,11 @@ ] }, "locked": { - "lastModified": 1722564602, - "narHash": "sha256-5I9JS9he9v+uq57PwLmWoJBBsRIm+Ek4FZtACWQsmfM=", + "lastModified": 1722601690, + "narHash": "sha256-0T5UIj683XckcgZYAKauDQjDqQvcZf2b+hQrBxtvIKo=", "owner": "nix-community", "repo": "flake-firefox-nightly", - "rev": "e98396265bfb6d81034ca0546d7ada8afbd3d291", + "rev": "5783e7f3c40c73bfa2e2501da8d39670cbbd0f98", "type": "github" }, "original": { @@ -385,41 +434,6 @@ "type": "github" } }, - "flake-utils_4": { - "inputs": { - "systems": "systems_7" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "freetype2": { - "flake": false, - "locked": { - "lastModified": 1687587065, - "narHash": "sha256-+Fh+/k+NWL5Ow9sDLtp8Cv/8rLNA1oByQQCIQS/bysY=", - "owner": "wez", - "repo": "freetype2", - "rev": "e4586d960f339cf75e2e0b34aee30a0ed8353c0d", - "type": "github" - }, - "original": { - "owner": "wez", - "repo": "freetype2", - "rev": "e4586d960f339cf75e2e0b34aee30a0ed8353c0d", - "type": "github" - } - }, "git-hooks": { "inputs": { "flake-compat": [ @@ -509,23 +523,6 @@ "type": "github" } }, - "harfbuzz": { - "flake": false, - "locked": { - "lastModified": 1711722720, - "narHash": "sha256-GdxcAPx5QyniSHPAN1ih28AD9JLUPR0ItqW9JEsl3pU=", - "owner": "harfbuzz", - "repo": "harfbuzz", - "rev": "63973005bc07aba599b47fdd4cf788647b601ccd", - "type": "github" - }, - "original": { - "owner": "harfbuzz", - "ref": "8.4.0", - "repo": "harfbuzz", - "type": "github" - } - }, "hm": { "inputs": { "nixpkgs": [ @@ -629,11 +626,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1722551504, - "narHash": "sha256-/N8voFoU8ALTK8C1esM6MM+lj9zZGCG4lbvH0mNBQUE=", + "lastModified": 1722616930, + "narHash": "sha256-KwBxmf15rUQDXP5ON7OgmKFtDd3gO2jsWJiBVJquqqI=", "ref": "refs/heads/main", - "rev": "09bb5658b7fa6c0dc4e2744797e51ad4dd25af42", - "revCount": 5041, + "rev": "1fa4b7d79baaad47fde8e72221cd77f569fbfe35", + "revCount": 5043, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -835,23 +832,6 @@ "type": "github" } }, - "libpng": { - "flake": false, - "locked": { - "lastModified": 1549245649, - "narHash": "sha256-1+cRp0Ungme/OGfc9kGJbklYIWAFxk8Il1M+NV4KSgw=", - "owner": "glennrp", - "repo": "libpng", - "rev": "8439534daa1d3a5705ba92e653eda9251246dd61", - "type": "github" - }, - "original": { - "owner": "glennrp", - "repo": "libpng", - "rev": "8439534daa1d3a5705ba92e653eda9251246dd61", - "type": "github" - } - }, "mozilla": { "flake": false, "locked": { @@ -1047,22 +1027,6 @@ "type": "github" } }, - "nixpkgs_6": { - "locked": { - "lastModified": 1721466660, - "narHash": "sha256-pFSxgSZqZ3h+5Du0KvEL1ccDZBwu4zvOil1zzrPNb3c=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "6e14bbce7bea6c4efd7adfa88a40dac750d80100", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixvim": { "inputs": { "devshell": "devshell", @@ -1142,6 +1106,7 @@ }, "root": { "inputs": { + "agenix": "agenix", "anyrun": "anyrun", "chaotic": "chaotic", "firefox-nightly": "firefox-nightly", @@ -1156,8 +1121,7 @@ "nix-gaming": "nix-gaming", "nixpkgs": "nixpkgs_5", "nixvim": "nixvim", - "systems": "systems_6", - "wezterm": "wezterm" + "systems": "systems_6" } }, "rust-overlay": { @@ -1181,27 +1145,6 @@ "type": "github" } }, - "rust-overlay_2": { - "inputs": { - "nixpkgs": [ - "wezterm", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1721441897, - "narHash": "sha256-gYGX9/22tPNeF7dR6bWN5rsrpU4d06GnQNNgZ6ZiXz0=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "b7996075da11a2d441cfbf4e77c2939ce51506fd", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, "systems": { "locked": { "lastModified": 1689347949, @@ -1292,21 +1235,6 @@ "type": "github" } }, - "systems_7": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "treefmt-nix": { "inputs": { "nixpkgs": [ @@ -1353,32 +1281,6 @@ "url": "https://github.com/Open-Wine-Components/umu-launcher/?dir=packaging/nix" } }, - "wezterm": { - "inputs": { - "flake-utils": "flake-utils_4", - "freetype2": "freetype2", - "harfbuzz": "harfbuzz", - "libpng": "libpng", - "nixpkgs": "nixpkgs_6", - "rust-overlay": "rust-overlay_2", - "zlib": "zlib" - }, - "locked": { - "dir": "nix", - "lastModified": 1722353247, - "narHash": "sha256-pPH+IJ8pljR+PmeOdckoHvbQVfSBdStKbgXcaqdkTRk=", - "owner": "wez", - "repo": "wezterm", - "rev": "56a27e93a9ee50aab50ff4d78308f9b3154b5122", - "type": "github" - }, - "original": { - "dir": "nix", - "owner": "wez", - "repo": "wezterm", - "type": "github" - } - }, "xdph": { "inputs": { "hyprland-protocols": "hyprland-protocols", @@ -1433,23 +1335,6 @@ "repo": "yafas", "type": "github" } - }, - "zlib": { - "flake": false, - "locked": { - "lastModified": 1484501380, - "narHash": "sha256-j5b6aki1ztrzfCqu8y729sPar8GpyQWIrajdzpJC+ww=", - "owner": "madler", - "repo": "zlib", - "rev": "cacf7f1d4e3d44d871b605da3b647f07d718623f", - "type": "github" - }, - "original": { - "owner": "madler", - "ref": "v1.2.11", - "repo": "zlib", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 2832b284..6730fb2b 100644 --- a/flake.nix +++ b/flake.nix @@ -9,34 +9,26 @@ ./home ./nixos/hosts ./nixos/pkgs - # ./pre-commit-hooks.nix ]; - perSystem = { - config, - pkgs, - ... - }: { + perSystem = {pkgs, ...}: { devShells.default = pkgs.mkShell { packages = [ pkgs.alejandra pkgs.git pkgs.nodePackages.prettier + pkgs.ssh-to-age + pkgs.sops + pkgs.age ]; - name = "dots"; - DIRENV_LOG_FORMAT = ""; - # shellHook = '' - # ${config.pre-commit.installationScript} - # ''; }; - formatter = pkgs.alejandra; }; }; + inputs = { # Nix environs nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - # nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05"; systems.url = "github:nix-systems/default-linux"; hardware.url = "github:nixos/nixos-hardware"; lanzaboote.url = "github:nix-community/lanzaboote"; @@ -66,21 +58,24 @@ }; nix-gaming = { url = "github:fufexan/nix-gaming"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.flake-parts.follows = "flake-parts"; + inputs = { + nixpkgs.follows = "nixpkgs"; + flake-parts.follows = "flake-parts"; + }; }; firefox-nightly = { url = "github:nix-community/flake-firefox-nightly"; inputs.nixpkgs.follows = "nixpkgs"; }; - wezterm = { - url = "github:wez/wezterm?dir=nix"; - }; anyrun.url = "github:anyrun-org/anyrun"; - # pre-commit-hooks = { - # url = "github:cachix/pre-commit-hooks.nix"; - # inputs.nixpkgs.follows = "nixpkgs"; - # inputs.flake-compat.follows = "flake-compat"; - # }; + agenix = { + url = "github:ryantm/agenix"; + inputs = { + nixpkgs.follows = "nixpkgs"; + home-manager.follows = "hm"; + systems.follows = "systems"; + # darwin.follows = ""; + }; + }; }; } diff --git a/nixos/core/default.nix b/nixos/core/default.nix deleted file mode 100644 index 9152e1b9..00000000 --- a/nixos/core/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{pkgs, ...}: { - imports = [ - ./system - ./xdg.nix - ./zsh.nix - ./fonts.nix - ./home-manager.nix - ./hyprland.nix - ]; - - programs.dconf.enable = true; - - console.useXkbConfig = true; - environment.systemPackages = with pkgs; [ - anyrun - ]; -} diff --git a/nixos/default.nix b/nixos/default.nix index 97c4f880..68e2e300 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,36 +1,36 @@ let shared = [ - ./core + ./system ./locale - ./services/audio - ./services/greetd - ./services/gnome-keyring - ./services/gvfs - ./services/locate - ./services/mullvad - ./services/openssh - ./services/power - ./services/samba - ./services/udisks - ./services/fwupd + ./srv/audio + ./srv/greetd + ./srv/gnome-keyring + ./srv/gvfs + ./srv/locate + ./srv/mullvad + ./srv/openssh + ./srv/power + ./srv/samba + ./srv/udisks + ./srv/fwupd ]; adampad = shared ++ [ - ./core/system/adampad-nh.nix + ./system/var/nh/adampad.nix ]; cnix = shared ++ [ - ./core/system/cnix-nh.nix + ./system/var/nh/cnix.nix ]; toothpc = shared ++ [ - ./core/system/toothpc-nh.nix + ./system/var/nh/toothpc-nh.nix ]; in { inherit shared adampad cnix toothpc; diff --git a/nixos/hosts/cnix/imports.nix b/nixos/hosts/cnix/imports.nix deleted file mode 100644 index 664ed6f8..00000000 --- a/nixos/hosts/cnix/imports.nix +++ /dev/null @@ -1,122 +0,0 @@ -{pkgs, ...}: { - imports = [ - # core - ../../core/fonts.nix - ../../core/hyprland.nix - ../../core/network/cnix.nix - ../../core/zsh.nix - - # hardware - ../../hardware/cnix.nix - - # locale - ../../locale - - # services - ../../services/blueman - ../../services/dbus - ../../services/gnome-keyring - ../../services/greetd - ../../services/gvfs - ../../services/locate - ../../services/mullvad - ../../services/openssh - ../../services/audio - ../../services/power - ../../services/samba - ../../services/udisks - ../../services/xserver/cnix.nix - - # extra - ../../extra/gaming.nix - ../../extra/android - ../../extra/workstation - # ../../extra/nix-ld - ]; - - environment = { - systemPackages = with pkgs; [ - # Core - scx - fd - git - niv - nix-output-monitor - nvd - sbctl - rocmPackages.rocm-smi - - # Util - anyrun - # curl - # fzf - # gnome-disk-utility - # lazygit - # ntfs3g - # p7zip - # ripgrep - stow - # tmux - # tmuxifier - # tree-sitter - # udiskie - # unrar - # unzip - # wget - # xdg-user-dirs - # xdg-utils - # zed-editor - - # Dev - # binutils - # clang - # clang-tools - # cargo-edit - # cargo-insta - # cargo-nextest - # gcc - # gnumake - # cmake - # python3 - # python312Packages.httplib2 - # python312Packages.oauth2 - # gtk3 - # gtk4 - - # misc.language_servers - # typescript-language-server - # typescript - # nixd - # nil - # statix - # hyprlang - # alejandra - # nixpkgs-fmt - # pyright - # isort - # rustfmt - # rust-analyzer - # clippy - # lua-language-server - # stylua - # nodePackages_latest.nodejs - # nodePackages.prettier - # prettierd - # black - # vimPlugins.nvim-treesitter-parsers.typescript - - # ags_dependencies - # bash - # coreutils - # dart-sass - # gawk - # imagemagick - # procps - # util-linux - # gnome.gnome-control-center - # mission-center - # overskride - # wlogout - ]; - }; -} diff --git a/nixos/hosts/cnix/system.nix b/nixos/hosts/cnix/system.nix deleted file mode 100644 index 6887dbfe..00000000 --- a/nixos/hosts/cnix/system.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ - inputs, - outputs, - lib, - config, - pkgs, - ... -}: let - homeDir = builtins.getEnv "HOME"; -in { - environment.variables.FLAKE = "${homeDir}/.nix-config"; - programs = { - nh = { - enable = true; - clean.enable = true; - clean.extraArgs = "--keep-since 4d --keep 3"; - flake = "${homeDir}/.nix-config"; - }; - }; - - nix = { - # pin the registry to avoid downloading and evaling a new nixpkgs version every time - registry = lib.mapAttrs (_: v: {flake = v;}) inputs; - - # set the path for channels compat - nixPath = lib.mapAttrsToList (key: _: "${key}=flake:${key}") config.nix.registry; - - settings = { - auto-optimise-store = true; - builders-use-substitutes = true; - warn-dirty = false; - experimental-features = ["nix-command" "flakes"]; - flake-registry = "/etc/nix/registry.json"; - - # for direnv GC roots - keep-derivations = true; - keep-outputs = true; - - trusted-users = ["root" "@wheel"]; - }; - }; - - security = { - rtkit.enable = true; - pam.services.hyprlock = {}; - }; - - environment.localBinInPath = true; - - console.useXkbConfig = true; - - nixpkgs = { - overlays = [ - (_: prev: { - python312 = prev.python312.override {packageOverrides = _: pysuper: {nose = pysuper.pynose;};}; - }) - ]; - config = { - allowUnfree = true; - input-fonts.acceptLicense = true; - }; - }; -} diff --git a/nixos/hosts/default.nix b/nixos/hosts/default.nix index 1d6defe1..64959c56 100644 --- a/nixos/hosts/default.nix +++ b/nixos/hosts/default.nix @@ -21,25 +21,25 @@ cnix ++ [ ./cnix - "${mod}/core/lanzaboote.nix" - "${mod}/core/network/cnix.nix" + "${mod}/system/boot/lanzaboote.nix" + "${mod}/system/var/network/cnix.nix" "${mod}/hardware/cnix.nix" - "${mod}/services/blueman" - "${mod}/services/xserver/cnix.nix" + "${mod}/srv/blueman" + "${mod}/srv/xserver/cnix.nix" - "${mod}/extra/gaming.nix" - "${mod}/extra/android" - "${mod}/extra/workstation" + "${mod}/opt/gaming.nix" + "${mod}/opt/android" + "${mod}/opt/workstation" { home-manager = { users.cnst.imports = homeImports."cnst@cnix"; - extraSpecialArgs = specialArgs; + optSpecialArgs = specialArgs; }; } - # inputs.agenix.nixosModules.default + inputs.agenix.nixosModules.default inputs.chaotic.nixosModules.default ]; }; @@ -49,18 +49,18 @@ toothpc ++ [ ./toothpc - "${mod}/core/lanzaboote.nix" - "${mod}/core/network/toothpc.nix" + "${mod}/system/boot/lanzaboote.nix" + "${mod}/system/var/network/toothpc.nix" "${mod}/hardware/toothpc.nix" - "${mod}/services/xserver/toothpc.nix" + "${mod}/srv/xserver/toothpc.nix" - "${mod}/extra/gaming.nix" + "${mod}/opt/gaming.nix" { home-manager = { users.toothpick.imports = homeImports."toothpick@toothpc"; - extraSpecialArgs = specialArgs; + optSpecialArgs = specialArgs; }; } @@ -74,19 +74,19 @@ adampad ++ [ ./adampad - "${mod}/core/boot.nix" - "${mod}/core/network/adampad.nix" + "${mod}/system/boot/boot.nix" + "${mod}/system/var/network/adampad.nix" "${mod}/hardware/adampad.nix" - "${mod}/services/xserver/adampad.nix" - "${mod}/services/blueman" + "${mod}/srv/xserver/adampad.nix" + "${mod}/srv/blueman" - "${mod}/extra/android" + "${mod}/opt/android" { home-manager = { users.adam.imports = homeImports."adam@adampad"; - extraSpecialArgs = specialArgs; + optSpecialArgs = specialArgs; }; } diff --git a/nixos/extra/android/default.nix b/nixos/opt/android/default.nix similarity index 100% rename from nixos/extra/android/default.nix rename to nixos/opt/android/default.nix diff --git a/nixos/extra/bottles/default.nix b/nixos/opt/bottles/default.nix similarity index 100% rename from nixos/extra/bottles/default.nix rename to nixos/opt/bottles/default.nix diff --git a/nixos/extra/corectrl/default.nix b/nixos/opt/corectrl/default.nix similarity index 100% rename from nixos/extra/corectrl/default.nix rename to nixos/opt/corectrl/default.nix diff --git a/nixos/extra/gamemode/default.nix b/nixos/opt/gamemode/default.nix similarity index 100% rename from nixos/extra/gamemode/default.nix rename to nixos/opt/gamemode/default.nix diff --git a/nixos/extra/gamescope/default.nix b/nixos/opt/gamescope/default.nix similarity index 100% rename from nixos/extra/gamescope/default.nix rename to nixos/opt/gamescope/default.nix diff --git a/nixos/extra/gaming.nix b/nixos/opt/gaming.nix similarity index 100% rename from nixos/extra/gaming.nix rename to nixos/opt/gaming.nix diff --git a/nixos/extra/gnome/default.nix b/nixos/opt/gnome/default.nix similarity index 100% rename from nixos/extra/gnome/default.nix rename to nixos/opt/gnome/default.nix diff --git a/nixos/extra/lutris/default.nix b/nixos/opt/lutris/default.nix similarity index 100% rename from nixos/extra/lutris/default.nix rename to nixos/opt/lutris/default.nix diff --git a/nixos/extra/nix-ld/default.nix b/nixos/opt/nix-ld/default.nix similarity index 100% rename from nixos/extra/nix-ld/default.nix rename to nixos/opt/nix-ld/default.nix diff --git a/nixos/extra/steam/default.nix b/nixos/opt/steam/default.nix similarity index 100% rename from nixos/extra/steam/default.nix rename to nixos/opt/steam/default.nix diff --git a/nixos/extra/workstation/default.nix b/nixos/opt/workstation/default.nix similarity index 100% rename from nixos/extra/workstation/default.nix rename to nixos/opt/workstation/default.nix diff --git a/nixos/services/audio/default.nix b/nixos/srv/audio/default.nix similarity index 100% rename from nixos/services/audio/default.nix rename to nixos/srv/audio/default.nix diff --git a/nixos/services/blueman/default.nix b/nixos/srv/blueman/default.nix similarity index 100% rename from nixos/services/blueman/default.nix rename to nixos/srv/blueman/default.nix diff --git a/nixos/services/dbus/default.nix b/nixos/srv/dbus/default.nix similarity index 100% rename from nixos/services/dbus/default.nix rename to nixos/srv/dbus/default.nix diff --git a/nixos/services/fwupd/default.nix b/nixos/srv/fwupd/default.nix similarity index 100% rename from nixos/services/fwupd/default.nix rename to nixos/srv/fwupd/default.nix diff --git a/nixos/services/gnome-keyring/default.nix b/nixos/srv/gnome-keyring/default.nix similarity index 100% rename from nixos/services/gnome-keyring/default.nix rename to nixos/srv/gnome-keyring/default.nix diff --git a/nixos/services/greetd/default.nix b/nixos/srv/greetd/default.nix similarity index 100% rename from nixos/services/greetd/default.nix rename to nixos/srv/greetd/default.nix diff --git a/nixos/services/gvfs/default.nix b/nixos/srv/gvfs/default.nix similarity index 100% rename from nixos/services/gvfs/default.nix rename to nixos/srv/gvfs/default.nix diff --git a/nixos/services/locate/default.nix b/nixos/srv/locate/default.nix similarity index 100% rename from nixos/services/locate/default.nix rename to nixos/srv/locate/default.nix diff --git a/nixos/services/mullvad/default.nix b/nixos/srv/mullvad/default.nix similarity index 100% rename from nixos/services/mullvad/default.nix rename to nixos/srv/mullvad/default.nix diff --git a/nixos/services/openssh/default.nix b/nixos/srv/openssh/default.nix similarity index 100% rename from nixos/services/openssh/default.nix rename to nixos/srv/openssh/default.nix diff --git a/nixos/services/power/default.nix b/nixos/srv/power/default.nix similarity index 100% rename from nixos/services/power/default.nix rename to nixos/srv/power/default.nix diff --git a/nixos/services/samba/default.nix b/nixos/srv/samba/default.nix similarity index 100% rename from nixos/services/samba/default.nix rename to nixos/srv/samba/default.nix diff --git a/nixos/services/udisks/default.nix b/nixos/srv/udisks/default.nix similarity index 100% rename from nixos/services/udisks/default.nix rename to nixos/srv/udisks/default.nix diff --git a/nixos/services/xserver/adampad.nix b/nixos/srv/xserver/adampad.nix similarity index 100% rename from nixos/services/xserver/adampad.nix rename to nixos/srv/xserver/adampad.nix diff --git a/nixos/services/xserver/cnix.nix b/nixos/srv/xserver/cnix.nix similarity index 100% rename from nixos/services/xserver/cnix.nix rename to nixos/srv/xserver/cnix.nix diff --git a/nixos/services/xserver/toothpc.nix b/nixos/srv/xserver/toothpc.nix similarity index 100% rename from nixos/services/xserver/toothpc.nix rename to nixos/srv/xserver/toothpc.nix diff --git a/nixos/core/boot.nix b/nixos/system/boot/boot.nix similarity index 100% rename from nixos/core/boot.nix rename to nixos/system/boot/boot.nix diff --git a/nixos/core/lanzaboote.nix b/nixos/system/boot/lanzaboote.nix similarity index 100% rename from nixos/core/lanzaboote.nix rename to nixos/system/boot/lanzaboote.nix diff --git a/nixos/system/default.nix b/nixos/system/default.nix new file mode 100644 index 00000000..4a3847ec --- /dev/null +++ b/nixos/system/default.nix @@ -0,0 +1,11 @@ +{pkgs, ...}: { + imports = [ + ./etc + ./shell/sh + ]; + + console.useXkbConfig = true; + environment.systemPackages = with pkgs; [ + anyrun + ]; +} diff --git a/nixos/system/etc/dconf/default.nix b/nixos/system/etc/dconf/default.nix new file mode 100644 index 00000000..5424db3d --- /dev/null +++ b/nixos/system/etc/dconf/default.nix @@ -0,0 +1,3 @@ +{ + programs.dconf.enable = true; +} diff --git a/nixos/core/system/default.nix b/nixos/system/etc/default.nix similarity index 87% rename from nixos/core/system/default.nix rename to nixos/system/etc/default.nix index 59d83ded..caa1a98e 100644 --- a/nixos/core/system/default.nix +++ b/nixos/system/etc/default.nix @@ -6,9 +6,14 @@ ... }: { imports = [ - ./substituters.nix - ./nixpkgs.nix - ./security.nix + ./dconf + ./fonts + ./hyprland + ./nixpkgs + ./security + ./home-manager + ./substituters + ./xdg ]; environment = { diff --git a/nixos/core/fonts.nix b/nixos/system/etc/fonts/default.nix similarity index 100% rename from nixos/core/fonts.nix rename to nixos/system/etc/fonts/default.nix diff --git a/nixos/core/home-manager.nix b/nixos/system/etc/home-manager/default.nix similarity index 100% rename from nixos/core/home-manager.nix rename to nixos/system/etc/home-manager/default.nix diff --git a/nixos/core/hyprland.nix b/nixos/system/etc/hyprland/default.nix similarity index 100% rename from nixos/core/hyprland.nix rename to nixos/system/etc/hyprland/default.nix diff --git a/nixos/core/system/nixpkgs.nix b/nixos/system/etc/nixpkgs/default.nix similarity index 100% rename from nixos/core/system/nixpkgs.nix rename to nixos/system/etc/nixpkgs/default.nix diff --git a/nixos/core/system/security.nix b/nixos/system/etc/security/default.nix similarity index 100% rename from nixos/core/system/security.nix rename to nixos/system/etc/security/default.nix diff --git a/nixos/core/system/substituters.nix b/nixos/system/etc/substituters/default.nix similarity index 100% rename from nixos/core/system/substituters.nix rename to nixos/system/etc/substituters/default.nix diff --git a/nixos/core/xdg.nix b/nixos/system/etc/xdg/default.nix similarity index 100% rename from nixos/core/xdg.nix rename to nixos/system/etc/xdg/default.nix diff --git a/nixos/core/shells/dev.nix b/nixos/system/shell/dev.nix similarity index 100% rename from nixos/core/shells/dev.nix rename to nixos/system/shell/dev.nix diff --git a/nixos/core/zsh.nix b/nixos/system/shell/sh/default.nix similarity index 100% rename from nixos/core/zsh.nix rename to nixos/system/shell/sh/default.nix diff --git a/nixos/core/network/adampad.nix b/nixos/system/var/network/adampad.nix similarity index 100% rename from nixos/core/network/adampad.nix rename to nixos/system/var/network/adampad.nix diff --git a/nixos/core/network/cnix.nix b/nixos/system/var/network/cnix.nix similarity index 100% rename from nixos/core/network/cnix.nix rename to nixos/system/var/network/cnix.nix diff --git a/nixos/core/network/toothpc.nix b/nixos/system/var/network/toothpc.nix similarity index 100% rename from nixos/core/network/toothpc.nix rename to nixos/system/var/network/toothpc.nix diff --git a/nixos/core/system/adampad-nh.nix b/nixos/system/var/nh/adampad.nix similarity index 100% rename from nixos/core/system/adampad-nh.nix rename to nixos/system/var/nh/adampad.nix diff --git a/nixos/core/system/cnix-nh.nix b/nixos/system/var/nh/cnix.nix similarity index 100% rename from nixos/core/system/cnix-nh.nix rename to nixos/system/var/nh/cnix.nix diff --git a/nixos/core/system/toothpc-nh.nix b/nixos/system/var/nh/toothpc.nix similarity index 100% rename from nixos/core/system/toothpc-nh.nix rename to nixos/system/var/nh/toothpc.nix diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 00000000..552e4fce --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1,5 @@ +let + cnst = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJMWwiz9YWBMUKFtAmF3xTEdBW27zkBH8UYaqWWcs70d cnst@cnix"; +in { + "secret1.age".publicKeys = [cnst]; +}