Compare commits
14 Commits
dd35e66698
...
5dafbc3a24
Author | SHA1 | Date |
---|---|---|
madmin | 5dafbc3a24 | |
madmin | 9330e70fec | |
madmin | 05debb70d5 | |
madmin | b92bb6c825 | |
madmin | 9415a96326 | |
madmin | 2a2f801c7a | |
madmin | 2bac451b2a | |
madmin | 044c8acb0a | |
madmin | f30698675c | |
madmin | 3c6700b030 | |
madmin | 17ef59c359 | |
madmin | f7754dece3 | |
madmin | 1388363d10 | |
madmin | b86fa030ec |
388
flake.lock
388
flake.lock
|
@ -1,5 +1,26 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"arkenfox": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat",
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
|
"nixpkgs": "nixpkgs",
|
||||||
|
"pre-commit": "pre-commit"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1721720317,
|
||||||
|
"narHash": "sha256-KH0ILX8EGa/A4Bgc6DtsbviG8qaLrzDDV1m1bIXJ+pw=",
|
||||||
|
"owner": "dwarfmaster",
|
||||||
|
"repo": "arkenfox-nixos",
|
||||||
|
"rev": "92c9a287b7b98198c3ba5cdfc90218402e49c4b3",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "dwarfmaster",
|
||||||
|
"repo": "arkenfox-nixos",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"base16": {
|
"base16": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"fromYaml": "fromYaml"
|
"fromYaml": "fromYaml"
|
||||||
|
@ -132,18 +153,17 @@
|
||||||
},
|
},
|
||||||
"devshell": {
|
"devshell": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils",
|
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixvim",
|
"nixvim",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717408969,
|
"lastModified": 1722113426,
|
||||||
"narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
|
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "devshell",
|
"repo": "devshell",
|
||||||
"rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
|
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -159,11 +179,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718242063,
|
"lastModified": 1724639687,
|
||||||
"narHash": "sha256-n3AWItJ4a94GT0cray/eUV7tt3mulQ52L+lWJN9d1E8=",
|
"narHash": "sha256-L2h46/z8WExNvtCEdZ8YuMu5TwfAGsKXXgM7pyIShvs=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "832a9f2c81ff3485404bd63952eadc17bf7ccef2",
|
"rev": "b09eb605e376c9e95c87c0ef3fcb8008e11c8368",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -172,18 +192,43 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"firefox-addons": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": "flake-utils_2",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"dir": "pkgs/firefox-addons",
|
||||||
|
"lastModified": 1721458684,
|
||||||
|
"narHash": "sha256-qATZkwG7oWObKqAJUJh1jj5KwTYcPUjLoONhXXXwgAY=",
|
||||||
|
"owner": "~rycee",
|
||||||
|
"repo": "nur-expressions",
|
||||||
|
"rev": "9cb92b3f92598f77aa8b95b54e5d72ad23745d64",
|
||||||
|
"type": "sourcehut"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"dir": "pkgs/firefox-addons",
|
||||||
|
"owner": "~rycee",
|
||||||
|
"repo": "nur-expressions",
|
||||||
|
"type": "sourcehut"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696426674,
|
"lastModified": 1696426674,
|
||||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||||
"revCount": 57,
|
"type": "github"
|
||||||
"type": "tarball",
|
|
||||||
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
|
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"owner": "edolstra",
|
||||||
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_2": {
|
"flake-compat_2": {
|
||||||
|
@ -203,6 +248,36 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_3": {
|
"flake-compat_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696426674,
|
||||||
|
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||||
|
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||||
|
"revCount": 57,
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat_4": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696426674,
|
||||||
|
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat_5": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1673956053,
|
"lastModified": 1673956053,
|
||||||
|
@ -226,11 +301,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717285511,
|
"lastModified": 1722555600,
|
||||||
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
|
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
|
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -244,11 +319,47 @@
|
||||||
"systems": "systems"
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701680307,
|
"lastModified": 1710146030,
|
||||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1629284811,
|
||||||
|
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils_3": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": [
|
||||||
|
"stylix",
|
||||||
|
"systems"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1710146030,
|
||||||
|
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -275,8 +386,8 @@
|
||||||
},
|
},
|
||||||
"git-hooks": {
|
"git-hooks": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_2",
|
"flake-compat": "flake-compat_4",
|
||||||
"gitignore": "gitignore",
|
"gitignore": "gitignore_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixvim",
|
"nixvim",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
|
@ -287,11 +398,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717664902,
|
"lastModified": 1724440431,
|
||||||
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
|
"narHash": "sha256-9etXEOUtzeMgqg1u0wp+EdwG7RpmrAZ2yX516bMj2aE=",
|
||||||
"owner": "cachix",
|
"owner": "cachix",
|
||||||
"repo": "git-hooks.nix",
|
"repo": "git-hooks.nix",
|
||||||
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
|
"rev": "c8a54057aae480c56e28ef3e14e4960628ac495b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -301,6 +412,28 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"gitignore": {
|
"gitignore": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"arkenfox",
|
||||||
|
"pre-commit",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1709087332,
|
||||||
|
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"gitignore_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixvim",
|
"nixvim",
|
||||||
|
@ -341,11 +474,11 @@
|
||||||
},
|
},
|
||||||
"hardware": {
|
"hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718429294,
|
"lastModified": 1724575805,
|
||||||
"narHash": "sha256-uhKuPVN8IZJCWwFhNupTxES7LMo8ot2KC6+VmVWwzyU=",
|
"narHash": "sha256-OB/kEL3GAhUZmUfkbPfsPhKs0pRqJKs0EEBiLfyKZw8=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "239c3864fef6292262d23cff58ce81674f309142",
|
"rev": "9fc19be21f0807d6be092d70bf0b1de0c00ac895",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -361,11 +494,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717527182,
|
"lastModified": 1720042825,
|
||||||
"narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=",
|
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "845a5c4c073f74105022533907703441e0464bc3",
|
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -383,15 +516,16 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718243258,
|
"lastModified": 1720042825,
|
||||||
"narHash": "sha256-abBpj2VU8p6qlRzTU8o22q68MmOaZ4v8zZ4UlYl5YRU=",
|
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "8d5e27b4807d25308dfe369d5a923d87e7dbfda3",
|
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
|
"ref": "release-24.05",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -404,11 +538,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715930644,
|
"lastModified": 1724435763,
|
||||||
"narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
|
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
|
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -444,11 +578,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718345812,
|
"lastModified": 1724469941,
|
||||||
"narHash": "sha256-FJhA+YFsOFrAYe6EaiTEfomNf7jeURaPiG5/+a3DRSc=",
|
"narHash": "sha256-+U5152FwmDD9EUOiFi5CFxCK6/yFESyDei9jEIlmUtI=",
|
||||||
"owner": "lnl7",
|
"owner": "lnl7",
|
||||||
"repo": "nix-darwin",
|
"repo": "nix-darwin",
|
||||||
"rev": "ff988d78f2f55641efacdf9a585d2937f7e32a9b",
|
"rev": "ea319a737939094b48fda9063fa3201ef2479aac",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -457,20 +591,32 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nix-secrets": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1723141979,
|
||||||
|
"narHash": "sha256-YMvn/xOQFXSl5qcU/cBaD7biIlv7nfVgFTApbgY0tqY=",
|
||||||
|
"path": "/home/laozi/nix-secrets",
|
||||||
|
"type": "path"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"path": "/home/laozi/nix-secrets",
|
||||||
|
"type": "path"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720386169,
|
"lastModified": 1705957679,
|
||||||
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
|
"narHash": "sha256-Q8LJaVZGJ9wo33wBafvZSzapYsjOaNjP/pOnSiKVGHY=",
|
||||||
"owner": "nixos",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
|
"rev": "9a333eaa80901efe01df07eade2c16d183761fa3",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"id": "nixpkgs",
|
||||||
"ref": "nixos-24.05",
|
"ref": "release-23.05",
|
||||||
"repo": "nixpkgs",
|
"type": "indirect"
|
||||||
"type": "github"
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
|
@ -488,13 +634,29 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs-stable": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1710695816,
|
||||||
|
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "614b4613980a522ba49f0d194531beddbb7220d3",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-23.11",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718530797,
|
"lastModified": 1724479785,
|
||||||
"narHash": "sha256-pup6cYwtgvzDpvpSCFh1TEUjw2zkNpk8iolbKnyFmmU=",
|
"narHash": "sha256-pP3Azj5d6M5nmG68Fu4JqZmdGt4S4vqI5f8te+E/FTw=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "b60ebf54c15553b393d144357375ea956f89e9a9",
|
"rev": "d0e1602ddde669d5beb01aec49d71a51937ed7be",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -506,11 +668,43 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1714912032,
|
"lastModified": 1710765496,
|
||||||
"narHash": "sha256-clkcOIkg8G4xuJh+1onLG4HPMpbtzdLv4rHxFzgsH9c=",
|
"narHash": "sha256-p7ryWEeQfMwTB6E0wIUd5V2cFTgq+DRRBz2hYGnJZyA=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ee4a6e0f566fe5ec79968c57a9c2c3c25f2cf41d",
|
"rev": "e367f7a1fb93137af22a3908f00b9a35e2d286a7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixpkgs-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1724316499,
|
||||||
|
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "nixos-24.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_4": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1723415338,
|
||||||
|
"narHash": "sha256-K/BVeDLkpswRSBh3APxc2gBNVFEMXGpnkuQz666FiTM=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "6e8760f7f7121128e2037db44915a4a5450b6e67",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -523,7 +717,7 @@
|
||||||
"nixvim": {
|
"nixvim": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"devshell": "devshell",
|
"devshell": "devshell",
|
||||||
"flake-compat": "flake-compat",
|
"flake-compat": "flake-compat_3",
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
"git-hooks": "git-hooks",
|
"git-hooks": "git-hooks",
|
||||||
"home-manager": "home-manager_2",
|
"home-manager": "home-manager_2",
|
||||||
|
@ -534,11 +728,11 @@
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718395224,
|
"lastModified": 1724502615,
|
||||||
"narHash": "sha256-CHb6PztVli8qtAnXTR+VcB+6CANs+TkIz1Ivu8yXsvM=",
|
"narHash": "sha256-g206hhNghyxMO9Sdv9fD22MRgWQppws10x+oDHKDVdU=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixvim",
|
"repo": "nixvim",
|
||||||
"rev": "a4dec356e736f795f8eec2d6f1580b4769f2fe21",
|
"rev": "764b89aa14543da7266719757cfcf0cce8c1679f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -548,16 +742,41 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"pre-commit": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat_2",
|
||||||
|
"gitignore": "gitignore",
|
||||||
|
"nixpkgs": "nixpkgs_2",
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1717664902,
|
||||||
|
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "pre-commit-hooks.nix",
|
||||||
|
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "pre-commit-hooks.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"arkenfox": "arkenfox",
|
||||||
"disko": "disko",
|
"disko": "disko",
|
||||||
|
"firefox-addons": "firefox-addons",
|
||||||
"hardware": "hardware",
|
"hardware": "hardware",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"nix-colors": "nix-colors",
|
"nix-colors": "nix-colors",
|
||||||
"nixpkgs": "nixpkgs",
|
"nix-secrets": "nix-secrets",
|
||||||
|
"nixpkgs": "nixpkgs_3",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||||
"nixvim": "nixvim",
|
"nixvim": "nixvim",
|
||||||
"stylix": "stylix"
|
"stylix": "stylix",
|
||||||
|
"wg-namespace-flake": "wg-namespace-flake"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"stylix": {
|
"stylix": {
|
||||||
|
@ -569,17 +788,19 @@
|
||||||
"base16-kitty": "base16-kitty",
|
"base16-kitty": "base16-kitty",
|
||||||
"base16-tmux": "base16-tmux",
|
"base16-tmux": "base16-tmux",
|
||||||
"base16-vim": "base16-vim",
|
"base16-vim": "base16-vim",
|
||||||
"flake-compat": "flake-compat_3",
|
"flake-compat": "flake-compat_5",
|
||||||
|
"flake-utils": "flake-utils_3",
|
||||||
"gnome-shell": "gnome-shell",
|
"gnome-shell": "gnome-shell",
|
||||||
"home-manager": "home-manager_3",
|
"home-manager": "home-manager_3",
|
||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": "nixpkgs_4",
|
||||||
|
"systems": "systems_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720818679,
|
"lastModified": 1724702977,
|
||||||
"narHash": "sha256-u9PqY7O6TN42SLeb0e6mnYAgQOoQmclaVSHfLKMpmu0=",
|
"narHash": "sha256-bP1/BHbEigLjTTmqyy1t8w5EVWHuLuABtOd/BBXVLtA=",
|
||||||
"owner": "danth",
|
"owner": "danth",
|
||||||
"repo": "stylix",
|
"repo": "stylix",
|
||||||
"rev": "29148118cc33f08b71058e1cda7ca017f5300b51",
|
"rev": "6c895c6b42ca205017abe72a7263baf36a197972",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -603,6 +824,21 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"systems_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"treefmt-nix": {
|
"treefmt-nix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -611,11 +847,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718271476,
|
"lastModified": 1724338379,
|
||||||
"narHash": "sha256-35hUMmFesmchb+u7heKHLG5B6c8fBOcSYo0jj0CHLes=",
|
"narHash": "sha256-kKJtaiU5Ou+e/0Qs7SICXF22DLx4V/WhG1P6+k4yeOE=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "e75ba0a6bb562d2ce275db28f6a36a2e4fd81391",
|
"rev": "070f834771efa715f3e74cd8ab93ecc96fabc951",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -623,6 +859,26 @@
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"wg-namespace-flake": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1668060489,
|
||||||
|
"narHash": "sha256-8GLPHJV0iMS8d4lEUP+v4p2IqRKGWDJwsP96+mm0fHw=",
|
||||||
|
"owner": "VTimofeenko",
|
||||||
|
"repo": "wg-namespace-flake",
|
||||||
|
"rev": "956d80aae5f7871bdcfa3946c175985c211d8498",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "VTimofeenko",
|
||||||
|
"repo": "wg-namespace-flake",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"root": "root",
|
"root": "root",
|
||||||
|
|
33
flake.nix
33
flake.nix
|
@ -37,6 +37,14 @@
|
||||||
# inputs.nixpkgs.follows = "nixpkgs";
|
# inputs.nixpkgs.follows = "nixpkgs";
|
||||||
#};
|
#};
|
||||||
|
|
||||||
|
# ------------ Wireguard namespaces for VPN ------------ #
|
||||||
|
|
||||||
|
wg-namespace-flake = {
|
||||||
|
url = "github:VTimofeenko/wg-namespace-flake";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
# ------------------------------ VIM ------------------------------ #
|
# ------------------------------ VIM ------------------------------ #
|
||||||
nixvim = {
|
nixvim = {
|
||||||
url = "github:nix-community/nixvim/nixos-24.05";
|
url = "github:nix-community/nixvim/nixos-24.05";
|
||||||
|
@ -77,10 +85,25 @@
|
||||||
|
|
||||||
# Private secrets repo. See ./docs/secretsmgmt.md
|
# Private secrets repo. See ./docs/secretsmgmt.md
|
||||||
# Authenticate via ssh and use shallow clone
|
# Authenticate via ssh and use shallow clone
|
||||||
#nix-secrets = {
|
nix-secrets = {
|
||||||
# url = "git+ssh://git@gitlab.com/emergentmind/nix-secrets.git?ref=main&shallow=1";
|
#url = "git+ssh://git@git.mattmor.in/Nix/nix-secrets.git?ref=main&shallow=1";
|
||||||
# flake = false;
|
#TODO: Switch to remote git repo up from local
|
||||||
#};
|
url = "path:/home/laozi/nix-secrets";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
|
# A better way to manage arkenfox user.js on nixos
|
||||||
|
arkenfox = {
|
||||||
|
url = "github:dwarfmaster/arkenfox-nixos";
|
||||||
|
inputs.arkenfox.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
# declarative addons
|
||||||
|
firefox-addons = {
|
||||||
|
url = "sourcehut:~rycee/nur-expressions?dir=pkgs/firefox-addons";
|
||||||
|
inputs = {
|
||||||
|
nixpkgs.follows = "nixpkgs";
|
||||||
|
#FIX? flake-utils.follows = "nixos-wsl/flake-utils";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# ===================================================================== #
|
# ===================================================================== #
|
||||||
|
@ -96,7 +119,7 @@
|
||||||
inherit (nixpkgs) lib;
|
inherit (nixpkgs) lib;
|
||||||
configVars = import ./vars { inherit inputs lib; };
|
configVars = import ./vars { inherit inputs lib; };
|
||||||
configLib = import ./lib { inherit lib; };
|
configLib = import ./lib { inherit lib; };
|
||||||
specialArgs = { inherit inputs outputs configVars configLib nixpkgs; };
|
specialArgs = { inherit inputs outputs configVars configLib nixpkgs; };#TODO: consider adding self
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
# ============================ CUSTOM ============================= #
|
# ============================ CUSTOM ============================= #
|
||||||
|
|
|
@ -35,15 +35,15 @@
|
||||||
ncdu# TUI disk usage
|
ncdu# TUI disk usage
|
||||||
btop# resource monitor
|
btop# resource monitor
|
||||||
pfetch# system info
|
pfetch# system info
|
||||||
nerdfetch# fetch using nerdfonts
|
|
||||||
pciutils# pci bus info + conns. to them
|
pciutils# pci bus info + conns. to them
|
||||||
coreutils# basic gnu utils
|
coreutils# basic gnu utils
|
||||||
du-dust# see how disk space is being used
|
|
||||||
usbutils
|
usbutils
|
||||||
ntfs3g # NTFS fs
|
ntfs3g # NTFS fs
|
||||||
pm-utils # power management https://pm-utils.freedesktop.org/wiki/
|
pmutils # power management https://pm-utils.freedesktop.org/wiki/
|
||||||
|
|
||||||
wireshark
|
wireshark
|
||||||
|
nmap
|
||||||
|
|
||||||
mosh# mobile shell
|
mosh# mobile shell
|
||||||
# curl
|
# curl
|
||||||
|
|
|
@ -0,0 +1,34 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
programs.firejail = {
|
||||||
|
enable = true;
|
||||||
|
wrappedBinaries = {
|
||||||
|
librewolf = {
|
||||||
|
executable = "${pkgs.librewolf}/bin/librewolf";
|
||||||
|
profile = "${pkgs.firejail}/etc/firejail/librewolf.profile";
|
||||||
|
extraArgs = [
|
||||||
|
# Required for U2F USB stick
|
||||||
|
"--ignore=private-dev"
|
||||||
|
# Enforce dark mode
|
||||||
|
"--env=GTK_THEME=Adwaita:dark"
|
||||||
|
# Enable system notifications
|
||||||
|
"--dbus-user.talk=org.freedesktop.Notifications"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
signal-desktop = {
|
||||||
|
# Enable tray icon otherwise Signal window might be hidden
|
||||||
|
executable = "${pkgs.signal-desktop}/bin/signal-desktop --use-tray-icon";
|
||||||
|
profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile";
|
||||||
|
extraArgs = [
|
||||||
|
# Enforce dark mode
|
||||||
|
"--env=GTK_THEME=Adwaita:dark"
|
||||||
|
#TODO: Enable Wayland mode
|
||||||
|
#"--env=NIXOS_OZONE_WL=1"
|
||||||
|
# Allow tray icon (should be upstreamed into signal-desktop.profile)
|
||||||
|
"--dbus-user.talk=org.kde.StatusNotifierWatcher"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
{ config, lib, pkgs, outputs, configLib, ... }:
|
||||||
|
{
|
||||||
|
imports = (configLib.scanPaths ./.)
|
||||||
|
++ (builtins.attrValues outputs.homeManagerModules);
|
||||||
|
home.packages = builtins.attrValues {
|
||||||
|
inherit (pkgs)
|
||||||
|
# Here go packages without my configs
|
||||||
|
#!Remember to comment without space after package
|
||||||
|
};
|
||||||
|
}
|
|
@ -6,5 +6,7 @@
|
||||||
inherit (pkgs)
|
inherit (pkgs)
|
||||||
# Here go packages without my configs
|
# Here go packages without my configs
|
||||||
#!Remember to comment without space after package
|
#!Remember to comment without space after package
|
||||||
|
nerdfetch# fetch using nerdfonts
|
||||||
|
du-dust; # see how disk space is being used
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ inputs, configVars, ... }:
|
{ inputs, configVars, configLib, ... }:
|
||||||
|
#map with prefix to refactor
|
||||||
|
let
|
||||||
|
optionals = (configLib.mapPathsToPrefix { prefix = common/optional; list = [ /system /internet /comms /utilities /dev/foot.nix /office ];});
|
||||||
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
# ======================= Hardware Configs ========================= #
|
# ======================= Hardware Configs ========================= #
|
||||||
|
@ -6,14 +10,9 @@
|
||||||
# ======================= Required Configs ========================= #
|
# ======================= Required Configs ========================= #
|
||||||
common/core
|
common/core
|
||||||
|
|
||||||
# ================ Host-specific Optional Configs ================== #
|
|
||||||
common/optional/utilities
|
|
||||||
common/optional/dev/foot.nix
|
|
||||||
common/optional/office
|
|
||||||
|
|
||||||
# ============================= Themeing =========================== #
|
# ============================= Themeing =========================== #
|
||||||
inputs.nix-colors.homeManagerModules.default
|
inputs.nix-colors.homeManagerModules.default
|
||||||
];
|
] ++ optionals;# Host specific optionals
|
||||||
|
|
||||||
colorScheme = inputs.nix-colors.colorSchemes.atelier-dune;
|
colorScheme = inputs.nix-colors.colorSchemes.atelier-dune;
|
||||||
home = {
|
home = {
|
||||||
|
|
|
@ -19,6 +19,12 @@
|
||||||
&& (lib.strings.hasSuffix ".nix" path) # include .nix files
|
&& (lib.strings.hasSuffix ".nix" path) # include .nix files
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
(builtins.readDir path)));
|
(builtins.readDir path)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
mapPathsToPrefix = { prefix, list }:
|
||||||
|
# Filter... sth like builtins.filter (path: builtins.pathExists path)
|
||||||
|
builtins.map (path: prefix + path) list;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -5,4 +5,5 @@
|
||||||
#################### Packages with external source ####################
|
#################### Packages with external source ####################
|
||||||
|
|
||||||
# name = pkgs.callPackage ./name { };
|
# name = pkgs.callPackage ./name { };
|
||||||
|
geteduroam = pkgs.callPackage ./geteduroam {};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,51 @@
|
||||||
|
# https://github.com/geteduroam/linux-app/releases/download/nightly/geteduroam-cli-linux-amd64
|
||||||
|
{
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
pname = "geteduroam";
|
||||||
|
in
|
||||||
|
pkgs.buildGoModule rec {
|
||||||
|
inherit pname;
|
||||||
|
version = "0.3";
|
||||||
|
|
||||||
|
src = pkgs.fetchFromGitHub {
|
||||||
|
owner = "geteduroam";
|
||||||
|
repo = "linux-app";
|
||||||
|
rev = "${version}";
|
||||||
|
hash = "sha256-Cq0c/zwUym753ccMR1XwuzLkl+BIvng6AoA7eofULPk=";
|
||||||
|
};
|
||||||
|
|
||||||
|
#overrideModAttrs = old: {
|
||||||
|
# preConfigure = ''
|
||||||
|
# cd cmd/geteduroam-gui
|
||||||
|
# '';
|
||||||
|
#};
|
||||||
|
subPackages = ["cmd/geteduroam-cli" "cmd/geteduroam-gui"];
|
||||||
|
|
||||||
|
vendorHash = "sha256-ZwCJ/yayF31P3fuhk/qu3Wov861HDVGGNlkLwHTQo7Y=";#lib.fakeHash;
|
||||||
|
|
||||||
|
#doDist = false;
|
||||||
|
|
||||||
|
#ldflags = [
|
||||||
|
#"-s -w -X github.com/geteduroam/linux-app/cmd.version=${version}"
|
||||||
|
#"-extldflags '-static -L${pkgs.musl}/lib'"
|
||||||
|
#];
|
||||||
|
nativeBuildInputs = with pkgs; [musl libcap go gcc];
|
||||||
|
|
||||||
|
CGO_ENABLED = 0;
|
||||||
|
|
||||||
|
#installPhase = ''
|
||||||
|
# make build-gui
|
||||||
|
#'';
|
||||||
|
meta = with lib; {
|
||||||
|
homepage = "https://git.mattmor.in/nix-config";
|
||||||
|
license = licenses.mit;
|
||||||
|
description = "GetEduroam";
|
||||||
|
maintainers = with maintainers; [
|
||||||
|
madmin
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,7 +1,25 @@
|
||||||
{
|
{ inputs, outputs, configLib, ... }: {
|
||||||
imports = [
|
imports = (configLib.scanPaths ./.)
|
||||||
./time_locale.nix
|
++ [ inputs.home-manager.nixosModules.home-manager ]
|
||||||
./xorg_plasma.nix
|
++ (builtins.attrValues outputs.nixosModules);
|
||||||
./console.nix
|
|
||||||
];
|
#TODO:yubikey-> services.yubikey-agent.enable = true;
|
||||||
|
|
||||||
|
security.sudo.extraConfig = ''
|
||||||
|
Defaults timestamp_timeout=120 # only ask for password every 2h
|
||||||
|
# Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic.
|
||||||
|
# Defaults env_keep + =SSH_AUTH_SOCK
|
||||||
|
'';
|
||||||
|
|
||||||
|
home-manager.extraSpecialArgs = { inherit inputs outputs; };
|
||||||
|
|
||||||
|
nixpkgs = {
|
||||||
|
# you can add global overlays here
|
||||||
|
overlays = builtins.attrValues outputs.overlays;
|
||||||
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
hardware.enableRedistributableFirmware = true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
{
|
|
||||||
time.timeZone = "Europe/Paris";
|
|
||||||
i18n.defaultLocale = "en_GB.UTF-8";
|
|
||||||
|
|
||||||
i18n.extraLocaleSettings = {
|
|
||||||
LC_MESSAGES = "de_DE.UTF-8";
|
|
||||||
LC_ADDRESS = "de_DE.UTF-8";
|
|
||||||
LC_IDENTIFICATION = "de_DE.UTF-8";
|
|
||||||
LC_MEASUREMENT = "de_DE.UTF-8";
|
|
||||||
LC_MONETARY = "de_DE.UTF-8";
|
|
||||||
LC_NAME = "de_DE.UTF-8";
|
|
||||||
LC_NUMERIC = "de_DE.UTF-8";
|
|
||||||
LC_PAPER = "de_DE.UTF-8";
|
|
||||||
LC_TELEPHONE = "de_DE.UTF-8";
|
|
||||||
LC_TIME = "de_DE.UTF-8";
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
{ configLib, ... }:
|
||||||
|
{
|
||||||
|
import = (configLib.scanPaths ./.);
|
||||||
|
}
|
|
@ -0,0 +1,64 @@
|
||||||
|
# http://web.archive.org/web/20240621185719/https://dataswamp.org/~solene/2022-10-02-nixos-fail2ban.html
|
||||||
|
{
|
||||||
|
services.fail2ban = {
|
||||||
|
enable = true;
|
||||||
|
ignoreIP = [
|
||||||
|
"192.168.1.0/24"
|
||||||
|
];
|
||||||
|
# needed to ban on IPv4 and IPv6 for all ports
|
||||||
|
extraPackages = [pkgs.ipset];
|
||||||
|
banaction = "iptables-ipset-proto6-allports";
|
||||||
|
|
||||||
|
|
||||||
|
jails = {
|
||||||
|
|
||||||
|
# max 6 failures in 600 seconds
|
||||||
|
"nginx-spam" = ''
|
||||||
|
enabled = true
|
||||||
|
filter = nginx-bruteforce
|
||||||
|
logpath = /var/log/nginx/access.log
|
||||||
|
backend = auto
|
||||||
|
maxretry = 6
|
||||||
|
findtime = 600
|
||||||
|
'';
|
||||||
|
|
||||||
|
# max 3 failures in 600 seconds
|
||||||
|
"postfix-bruteforce" = ''
|
||||||
|
enabled = true
|
||||||
|
filter = postfix-bruteforce
|
||||||
|
findtime = 600
|
||||||
|
maxretry = 3
|
||||||
|
'';
|
||||||
|
|
||||||
|
# max 10 failures in 600 seconds
|
||||||
|
"molly" = ''
|
||||||
|
enabled = true
|
||||||
|
filter = molly
|
||||||
|
findtime = 600
|
||||||
|
maxretry = 10
|
||||||
|
logpath = /var/log/molly-brown/access.log
|
||||||
|
backend = auto
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
environment.etc = {
|
||||||
|
"fail2ban/filter.d/molly.conf".text = ''
|
||||||
|
[Definition]
|
||||||
|
failregex = <HOST>\s+(31|40|51|53).*$
|
||||||
|
'';
|
||||||
|
|
||||||
|
"fail2ban/filter.d/nginx-bruteforce.conf".text = ''
|
||||||
|
[Definition]
|
||||||
|
failregex = ^<HOST>.*GET.*(matrix/server|\.php|admin|wp\-).* HTTP/\d.\d\" 404.*$
|
||||||
|
'';
|
||||||
|
|
||||||
|
"fail2ban/filter.d/postfix-bruteforce.conf".text = ''
|
||||||
|
[Definition]
|
||||||
|
failregex = warning: [\w\.\-]+\[<HOST>\]: SASL LOGIN authentication failed.*$
|
||||||
|
journalmatch = _SYSTEMD_UNIT=postfix.service
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,2 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{ }
|
|
@ -3,15 +3,15 @@
|
||||||
i18n.defaultLocale = "en_GB.UTF-8";
|
i18n.defaultLocale = "en_GB.UTF-8";
|
||||||
|
|
||||||
i18n.extraLocaleSettings = {
|
i18n.extraLocaleSettings = {
|
||||||
LC_MESSAGES = "fr_FR.UTF-8";
|
LC_MESSAGES = "de_DE.UTF-8";
|
||||||
LC_ADDRESS = "de_DE.UTF-8";
|
LC_ADDRESS = "de_DE.UTF-8";
|
||||||
LC_IDENTIFICATION = "fr_FR.UTF-8";
|
LC_IDENTIFICATION = "de_DE.UTF-8";
|
||||||
LC_MEASUREMENT = "de_DE.UTF-8";
|
LC_MEASUREMENT = "de_DE.UTF-8";
|
||||||
LC_MONETARY = "de_DE.UTF-8";
|
LC_MONETARY = "de_DE.UTF-8";
|
||||||
LC_NAME = "fr_FR.UTF-8";
|
LC_NAME = "de_DE.UTF-8";
|
||||||
LC_NUMERIC = "fr_FR.UTF-8";
|
LC_NUMERIC = "de_DE.UTF-8";
|
||||||
LC_PAPER = "de_DE.UTF-8";
|
LC_PAPER = "de_DE.UTF-8";
|
||||||
LC_TELEPHONE = "fr_FR.UTF-8";
|
LC_TELEPHONE = "de_DE.UTF-8";
|
||||||
LC_TIME = "fr_FR.UTF-8";
|
LC_TIME = "de_DE.UTF-8";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,62 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
boot.extraModulePackages = [config.boot.kernelPackages.wireguard];
|
||||||
|
systemd.network = {
|
||||||
|
enable = true;
|
||||||
|
netdevs = {
|
||||||
|
"10-wg0" = {
|
||||||
|
netdevConfig = {
|
||||||
|
Kind = "wireguard";
|
||||||
|
Name = "wg0";
|
||||||
|
MTUBytes = "1300";
|
||||||
|
};
|
||||||
|
# See also man systemd.netdev (also contains info on the permissions of the key files)
|
||||||
|
wireguardConfig = {
|
||||||
|
# Don't use a file from the Nix store as these are world readable. Must be readable by the systemd.network user
|
||||||
|
PrivateKeyFile = "/run/keys/wireguard-privkey";
|
||||||
|
ListenPort = 9918;
|
||||||
|
};
|
||||||
|
wireguardPeers = [
|
||||||
|
# configuration since nixos-unstable/nixos-24.11
|
||||||
|
{
|
||||||
|
PublicKey = "Vhv/4oTMt5YYHFm3PpNC/3po1/kmjo2p8Jnk2O5zAFk=";
|
||||||
|
AllowedIPs = ["fc00::1/64" "10.100.0.1"];
|
||||||
|
Endpoint = "138.199.7.251:51820"; # SET TO SERVER IP, port 51820 usually iwth wg
|
||||||
|
}
|
||||||
|
# configuration for nixos 24.05
|
||||||
|
#{
|
||||||
|
# wireguardPeerConfig = {
|
||||||
|
# PublicKey = "OhApdFoOYnKesRVpnYRqwk3pdM247j8PPVH5K7aIKX0=";
|
||||||
|
# AllowedIPs = ["fc00::1/64" "10.100.0.1"];
|
||||||
|
# Endpoint = "{set this to the server ip}:51820";
|
||||||
|
# };
|
||||||
|
#}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networks.wg0 = {
|
||||||
|
# See also man systemd.network
|
||||||
|
matchConfig.Name = "wg0";
|
||||||
|
# IP addresses the client interface will have
|
||||||
|
address = [
|
||||||
|
"fe80::3/64"
|
||||||
|
"fc00::3/120"
|
||||||
|
"10.100.0.2/24"
|
||||||
|
];
|
||||||
|
DHCP = "no";
|
||||||
|
dns = ["fc00::53"];
|
||||||
|
ntp = ["fc00::123"];
|
||||||
|
gateway = [
|
||||||
|
"fc00::1"
|
||||||
|
"10.100.0.1"
|
||||||
|
];
|
||||||
|
networkConfig = {
|
||||||
|
IPv6AcceptRA = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,42 @@
|
||||||
|
{ lib, config, configVars, ... }:
|
||||||
|
let
|
||||||
|
sshPort = configVars.networking.sshPort;
|
||||||
|
|
||||||
|
# Sops needs access to the keys before the persist dirs are even mounted; so
|
||||||
|
# just persisting the keys won't work, we must point at /persist
|
||||||
|
hasOptinPersistence = false;
|
||||||
|
in
|
||||||
|
|
||||||
|
{
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
ports = [ sshPort ];
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
# Harden
|
||||||
|
PasswordAuthentication = false;
|
||||||
|
PermitRootLogin = "no";
|
||||||
|
# Automatically remove stale sockets
|
||||||
|
StreamLocalBindUnlink = "yes";
|
||||||
|
# Allow forwarding ports to everywhere
|
||||||
|
GatewayPorts = "clientspecified";
|
||||||
|
};
|
||||||
|
|
||||||
|
hostKeys = [{
|
||||||
|
path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
|
||||||
|
type = "ed25519";
|
||||||
|
}];
|
||||||
|
# Fix LPE vulnerability with sudo use SSH_AUTH_SOCK: https://github.com/NixOS/nixpkgs/issues/31611
|
||||||
|
authorizedKeysFiles = lib.mkForce [ "/etc/ssh/authorized_keys.d/%u" ];
|
||||||
|
};
|
||||||
|
# yubikey login / sudo
|
||||||
|
# this potentially causes a security issue that we mitigated above
|
||||||
|
security.pam = {
|
||||||
|
sshAgentAuth.enable = true;
|
||||||
|
services = {
|
||||||
|
sudo.u2fAuth = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ sshPort ];
|
||||||
|
}
|
|
@ -53,9 +53,9 @@ in
|
||||||
# No matter what environment we are in we want these tools for root, and the user(s)
|
# No matter what environment we are in we want these tools for root, and the user(s)
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
programs.git.enable = true;
|
programs.git.enable = true;
|
||||||
environment.systemPackages = [
|
environment.systemPackages = with pkgs; [
|
||||||
pkgs.just
|
just
|
||||||
pkgs.rsync
|
rsync
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -41,6 +41,8 @@
|
||||||
"systems/common/optional/pipewire.nix" # audio
|
"systems/common/optional/pipewire.nix" # audio
|
||||||
"systems/common/optional/boot/loud_boot.nix" # for testing, otherwise quiet_boot.nix
|
"systems/common/optional/boot/loud_boot.nix" # for testing, otherwise quiet_boot.nix
|
||||||
#"systems/common/optional/boot/quiet_boot.nix" # with plymouth pretty custom load sequence
|
#"systems/common/optional/boot/quiet_boot.nix" # with plymouth pretty custom load sequence
|
||||||
|
"systems/common/optional/btrfs_scrub.nix" # spec
|
||||||
|
"systems/common/optional/networking/iphone.nix"
|
||||||
|
|
||||||
# ------------------------ Desktop --------------------------- #
|
# ------------------------ Desktop --------------------------- #
|
||||||
#"systems/common/optional/services/greetd.nix" # display manager
|
#"systems/common/optional/services/greetd.nix" # display manager
|
||||||
|
@ -70,6 +72,12 @@
|
||||||
enableIPv6 = false;
|
enableIPv6 = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# I devices
|
||||||
|
iphone = {
|
||||||
|
enable = true;
|
||||||
|
user = "Shenzhen";
|
||||||
|
};
|
||||||
|
|
||||||
# ================ HYPRLAND =================== #
|
# ================ HYPRLAND =================== #
|
||||||
environment.sessionVariables = {
|
environment.sessionVariables = {
|
||||||
# hack to get the cursor to become visible
|
# hack to get the cursor to become visible
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
{ inputs, lib }:
|
{ inputs, lib }:
|
||||||
{
|
{
|
||||||
|
networking = import ./networking.nix { inherit lib; };
|
||||||
|
|
||||||
username = "laozi";
|
username = "laozi";
|
||||||
#domain = inputs.nix-secrets.domain;
|
#domain = inputs.nix-secrets.domain;
|
||||||
#userFullName = inputs.nix-secrets.full-name;
|
#userFullName = inputs.nix-secrets.full-name;
|
||||||
#handle = "madmin";
|
handle = "madmin";
|
||||||
#userEmail = inputs.nix-secrets.user-email;
|
#userEmail = inputs.nix-secrets.user-email;
|
||||||
#gitEmail = "madmin@noreply.codeberg.org";
|
#gitEmail = "madmin@noreply.codeberg.org";
|
||||||
#workEmail = inputs.nix-secrets.work-email;
|
#workEmail = inputs.nix-secrets.work-email;
|
||||||
|
|
|
@ -1,2 +1,4 @@
|
||||||
{ ... }:
|
{ ... }:
|
||||||
{}
|
{
|
||||||
|
sshPort = 22;
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue