Compare commits
14 Commits
dd35e66698
...
5dafbc3a24
Author | SHA1 | Date |
---|---|---|
madmin | 5dafbc3a24 | |
madmin | 9330e70fec | |
madmin | 05debb70d5 | |
madmin | b92bb6c825 | |
madmin | 9415a96326 | |
madmin | 2a2f801c7a | |
madmin | 2bac451b2a | |
madmin | 044c8acb0a | |
madmin | f30698675c | |
madmin | 3c6700b030 | |
madmin | 17ef59c359 | |
madmin | f7754dece3 | |
madmin | 1388363d10 | |
madmin | b86fa030ec |
388
flake.lock
388
flake.lock
|
@ -1,5 +1,26 @@
|
|||
{
|
||||
"nodes": {
|
||||
"arkenfox": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"pre-commit": "pre-commit"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1721720317,
|
||||
"narHash": "sha256-KH0ILX8EGa/A4Bgc6DtsbviG8qaLrzDDV1m1bIXJ+pw=",
|
||||
"owner": "dwarfmaster",
|
||||
"repo": "arkenfox-nixos",
|
||||
"rev": "92c9a287b7b98198c3ba5cdfc90218402e49c4b3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "dwarfmaster",
|
||||
"repo": "arkenfox-nixos",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"base16": {
|
||||
"inputs": {
|
||||
"fromYaml": "fromYaml"
|
||||
|
@ -132,18 +153,17 @@
|
|||
},
|
||||
"devshell": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": [
|
||||
"nixvim",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717408969,
|
||||
"narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
|
||||
"lastModified": 1722113426,
|
||||
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
|
||||
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -159,11 +179,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718242063,
|
||||
"narHash": "sha256-n3AWItJ4a94GT0cray/eUV7tt3mulQ52L+lWJN9d1E8=",
|
||||
"lastModified": 1724639687,
|
||||
"narHash": "sha256-L2h46/z8WExNvtCEdZ8YuMu5TwfAGsKXXgM7pyIShvs=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "832a9f2c81ff3485404bd63952eadc17bf7ccef2",
|
||||
"rev": "b09eb605e376c9e95c87c0ef3fcb8008e11c8368",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -172,18 +192,43 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"firefox-addons": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"dir": "pkgs/firefox-addons",
|
||||
"lastModified": 1721458684,
|
||||
"narHash": "sha256-qATZkwG7oWObKqAJUJh1jj5KwTYcPUjLoONhXXXwgAY=",
|
||||
"owner": "~rycee",
|
||||
"repo": "nur-expressions",
|
||||
"rev": "9cb92b3f92598f77aa8b95b54e5d72ad23745d64",
|
||||
"type": "sourcehut"
|
||||
},
|
||||
"original": {
|
||||
"dir": "pkgs/firefox-addons",
|
||||
"owner": "~rycee",
|
||||
"repo": "nur-expressions",
|
||||
"type": "sourcehut"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"revCount": 57,
|
||||
"type": "tarball",
|
||||
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_2": {
|
||||
|
@ -203,6 +248,36 @@
|
|||
}
|
||||
},
|
||||
"flake-compat_3": {
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"revCount": 57,
|
||||
"type": "tarball",
|
||||
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
|
||||
}
|
||||
},
|
||||
"flake-compat_4": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_5": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1673956053,
|
||||
|
@ -226,11 +301,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717285511,
|
||||
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
|
||||
"lastModified": 1722555600,
|
||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
|
||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -244,11 +319,47 @@
|
|||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"locked": {
|
||||
"lastModified": 1629284811,
|
||||
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"inputs": {
|
||||
"systems": [
|
||||
"stylix",
|
||||
"systems"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -275,8 +386,8 @@
|
|||
},
|
||||
"git-hooks": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_2",
|
||||
"gitignore": "gitignore",
|
||||
"flake-compat": "flake-compat_4",
|
||||
"gitignore": "gitignore_2",
|
||||
"nixpkgs": [
|
||||
"nixvim",
|
||||
"nixpkgs"
|
||||
|
@ -287,11 +398,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717664902,
|
||||
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
|
||||
"lastModified": 1724440431,
|
||||
"narHash": "sha256-9etXEOUtzeMgqg1u0wp+EdwG7RpmrAZ2yX516bMj2aE=",
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
|
||||
"rev": "c8a54057aae480c56e28ef3e14e4960628ac495b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -301,6 +412,28 @@
|
|||
}
|
||||
},
|
||||
"gitignore": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"arkenfox",
|
||||
"pre-commit",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709087332,
|
||||
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gitignore_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixvim",
|
||||
|
@ -341,11 +474,11 @@
|
|||
},
|
||||
"hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1718429294,
|
||||
"narHash": "sha256-uhKuPVN8IZJCWwFhNupTxES7LMo8ot2KC6+VmVWwzyU=",
|
||||
"lastModified": 1724575805,
|
||||
"narHash": "sha256-OB/kEL3GAhUZmUfkbPfsPhKs0pRqJKs0EEBiLfyKZw8=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "239c3864fef6292262d23cff58ce81674f309142",
|
||||
"rev": "9fc19be21f0807d6be092d70bf0b1de0c00ac895",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -361,11 +494,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717527182,
|
||||
"narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=",
|
||||
"lastModified": 1720042825,
|
||||
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "845a5c4c073f74105022533907703441e0464bc3",
|
||||
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -383,15 +516,16 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718243258,
|
||||
"narHash": "sha256-abBpj2VU8p6qlRzTU8o22q68MmOaZ4v8zZ4UlYl5YRU=",
|
||||
"lastModified": 1720042825,
|
||||
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "8d5e27b4807d25308dfe369d5a923d87e7dbfda3",
|
||||
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-24.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -404,11 +538,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715930644,
|
||||
"narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
|
||||
"lastModified": 1724435763,
|
||||
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
|
||||
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -444,11 +578,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718345812,
|
||||
"narHash": "sha256-FJhA+YFsOFrAYe6EaiTEfomNf7jeURaPiG5/+a3DRSc=",
|
||||
"lastModified": 1724469941,
|
||||
"narHash": "sha256-+U5152FwmDD9EUOiFi5CFxCK6/yFESyDei9jEIlmUtI=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "ff988d78f2f55641efacdf9a585d2937f7e32a9b",
|
||||
"rev": "ea319a737939094b48fda9063fa3201ef2479aac",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -457,20 +591,32 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1723141979,
|
||||
"narHash": "sha256-YMvn/xOQFXSl5qcU/cBaD7biIlv7nfVgFTApbgY0tqY=",
|
||||
"path": "/home/laozi/nix-secrets",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/home/laozi/nix-secrets",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1720386169,
|
||||
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
|
||||
"owner": "nixos",
|
||||
"lastModified": 1705957679,
|
||||
"narHash": "sha256-Q8LJaVZGJ9wo33wBafvZSzapYsjOaNjP/pOnSiKVGHY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
|
||||
"rev": "9a333eaa80901efe01df07eade2c16d183761fa3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-24.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
"id": "nixpkgs",
|
||||
"ref": "release-23.05",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib": {
|
||||
|
@ -488,13 +634,29 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1710695816,
|
||||
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "614b4613980a522ba49f0d194531beddbb7220d3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1718530797,
|
||||
"narHash": "sha256-pup6cYwtgvzDpvpSCFh1TEUjw2zkNpk8iolbKnyFmmU=",
|
||||
"lastModified": 1724479785,
|
||||
"narHash": "sha256-pP3Azj5d6M5nmG68Fu4JqZmdGt4S4vqI5f8te+E/FTw=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "b60ebf54c15553b393d144357375ea956f89e9a9",
|
||||
"rev": "d0e1602ddde669d5beb01aec49d71a51937ed7be",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -506,11 +668,43 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1714912032,
|
||||
"narHash": "sha256-clkcOIkg8G4xuJh+1onLG4HPMpbtzdLv4rHxFzgsH9c=",
|
||||
"lastModified": 1710765496,
|
||||
"narHash": "sha256-p7ryWEeQfMwTB6E0wIUd5V2cFTgq+DRRBz2hYGnJZyA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ee4a6e0f566fe5ec79968c57a9c2c3c25f2cf41d",
|
||||
"rev": "e367f7a1fb93137af22a3908f00b9a35e2d286a7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1724316499,
|
||||
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-24.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1723415338,
|
||||
"narHash": "sha256-K/BVeDLkpswRSBh3APxc2gBNVFEMXGpnkuQz666FiTM=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "6e8760f7f7121128e2037db44915a4a5450b6e67",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -523,7 +717,7 @@
|
|||
"nixvim": {
|
||||
"inputs": {
|
||||
"devshell": "devshell",
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-parts": "flake-parts",
|
||||
"git-hooks": "git-hooks",
|
||||
"home-manager": "home-manager_2",
|
||||
|
@ -534,11 +728,11 @@
|
|||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718395224,
|
||||
"narHash": "sha256-CHb6PztVli8qtAnXTR+VcB+6CANs+TkIz1Ivu8yXsvM=",
|
||||
"lastModified": 1724502615,
|
||||
"narHash": "sha256-g206hhNghyxMO9Sdv9fD22MRgWQppws10x+oDHKDVdU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixvim",
|
||||
"rev": "a4dec356e736f795f8eec2d6f1580b4769f2fe21",
|
||||
"rev": "764b89aa14543da7266719757cfcf0cce8c1679f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -548,16 +742,41 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"pre-commit": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_2",
|
||||
"gitignore": "gitignore",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717664902,
|
||||
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"arkenfox": "arkenfox",
|
||||
"disko": "disko",
|
||||
"firefox-addons": "firefox-addons",
|
||||
"hardware": "hardware",
|
||||
"home-manager": "home-manager",
|
||||
"nix-colors": "nix-colors",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nix-secrets": "nix-secrets",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||
"nixvim": "nixvim",
|
||||
"stylix": "stylix"
|
||||
"stylix": "stylix",
|
||||
"wg-namespace-flake": "wg-namespace-flake"
|
||||
}
|
||||
},
|
||||
"stylix": {
|
||||
|
@ -569,17 +788,19 @@
|
|||
"base16-kitty": "base16-kitty",
|
||||
"base16-tmux": "base16-tmux",
|
||||
"base16-vim": "base16-vim",
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-compat": "flake-compat_5",
|
||||
"flake-utils": "flake-utils_3",
|
||||
"gnome-shell": "gnome-shell",
|
||||
"home-manager": "home-manager_3",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
"nixpkgs": "nixpkgs_4",
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1720818679,
|
||||
"narHash": "sha256-u9PqY7O6TN42SLeb0e6mnYAgQOoQmclaVSHfLKMpmu0=",
|
||||
"lastModified": 1724702977,
|
||||
"narHash": "sha256-bP1/BHbEigLjTTmqyy1t8w5EVWHuLuABtOd/BBXVLtA=",
|
||||
"owner": "danth",
|
||||
"repo": "stylix",
|
||||
"rev": "29148118cc33f08b71058e1cda7ca017f5300b51",
|
||||
"rev": "6c895c6b42ca205017abe72a7263baf36a197972",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -603,6 +824,21 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"treefmt-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -611,11 +847,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718271476,
|
||||
"narHash": "sha256-35hUMmFesmchb+u7heKHLG5B6c8fBOcSYo0jj0CHLes=",
|
||||
"lastModified": 1724338379,
|
||||
"narHash": "sha256-kKJtaiU5Ou+e/0Qs7SICXF22DLx4V/WhG1P6+k4yeOE=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "e75ba0a6bb562d2ce275db28f6a36a2e4fd81391",
|
||||
"rev": "070f834771efa715f3e74cd8ab93ecc96fabc951",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -623,6 +859,26 @@
|
|||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"wg-namespace-flake": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1668060489,
|
||||
"narHash": "sha256-8GLPHJV0iMS8d4lEUP+v4p2IqRKGWDJwsP96+mm0fHw=",
|
||||
"owner": "VTimofeenko",
|
||||
"repo": "wg-namespace-flake",
|
||||
"rev": "956d80aae5f7871bdcfa3946c175985c211d8498",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "VTimofeenko",
|
||||
"repo": "wg-namespace-flake",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
33
flake.nix
33
flake.nix
|
@ -37,6 +37,14 @@
|
|||
# inputs.nixpkgs.follows = "nixpkgs";
|
||||
#};
|
||||
|
||||
# ------------ Wireguard namespaces for VPN ------------ #
|
||||
|
||||
wg-namespace-flake = {
|
||||
url = "github:VTimofeenko/wg-namespace-flake";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
|
||||
# ------------------------------ VIM ------------------------------ #
|
||||
nixvim = {
|
||||
url = "github:nix-community/nixvim/nixos-24.05";
|
||||
|
@ -77,10 +85,25 @@
|
|||
|
||||
# Private secrets repo. See ./docs/secretsmgmt.md
|
||||
# Authenticate via ssh and use shallow clone
|
||||
#nix-secrets = {
|
||||
# url = "git+ssh://git@gitlab.com/emergentmind/nix-secrets.git?ref=main&shallow=1";
|
||||
# flake = false;
|
||||
#};
|
||||
nix-secrets = {
|
||||
#url = "git+ssh://git@git.mattmor.in/Nix/nix-secrets.git?ref=main&shallow=1";
|
||||
#TODO: Switch to remote git repo up from local
|
||||
url = "path:/home/laozi/nix-secrets";
|
||||
flake = false;
|
||||
};
|
||||
# A better way to manage arkenfox user.js on nixos
|
||||
arkenfox = {
|
||||
url = "github:dwarfmaster/arkenfox-nixos";
|
||||
inputs.arkenfox.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
# declarative addons
|
||||
firefox-addons = {
|
||||
url = "sourcehut:~rycee/nur-expressions?dir=pkgs/firefox-addons";
|
||||
inputs = {
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
#FIX? flake-utils.follows = "nixos-wsl/flake-utils";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# ===================================================================== #
|
||||
|
@ -96,7 +119,7 @@
|
|||
inherit (nixpkgs) lib;
|
||||
configVars = import ./vars { inherit inputs lib; };
|
||||
configLib = import ./lib { inherit lib; };
|
||||
specialArgs = { inherit inputs outputs configVars configLib nixpkgs; };
|
||||
specialArgs = { inherit inputs outputs configVars configLib nixpkgs; };#TODO: consider adding self
|
||||
in
|
||||
{
|
||||
# ============================ CUSTOM ============================= #
|
||||
|
|
|
@ -35,15 +35,15 @@
|
|||
ncdu# TUI disk usage
|
||||
btop# resource monitor
|
||||
pfetch# system info
|
||||
nerdfetch# fetch using nerdfonts
|
||||
|
||||
pciutils# pci bus info + conns. to them
|
||||
coreutils# basic gnu utils
|
||||
du-dust# see how disk space is being used
|
||||
usbutils
|
||||
ntfs3g # NTFS fs
|
||||
pm-utils # power management https://pm-utils.freedesktop.org/wiki/
|
||||
pmutils # power management https://pm-utils.freedesktop.org/wiki/
|
||||
|
||||
wireshark
|
||||
nmap
|
||||
|
||||
mosh# mobile shell
|
||||
# curl
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
programs.firejail = {
|
||||
enable = true;
|
||||
wrappedBinaries = {
|
||||
librewolf = {
|
||||
executable = "${pkgs.librewolf}/bin/librewolf";
|
||||
profile = "${pkgs.firejail}/etc/firejail/librewolf.profile";
|
||||
extraArgs = [
|
||||
# Required for U2F USB stick
|
||||
"--ignore=private-dev"
|
||||
# Enforce dark mode
|
||||
"--env=GTK_THEME=Adwaita:dark"
|
||||
# Enable system notifications
|
||||
"--dbus-user.talk=org.freedesktop.Notifications"
|
||||
];
|
||||
};
|
||||
signal-desktop = {
|
||||
# Enable tray icon otherwise Signal window might be hidden
|
||||
executable = "${pkgs.signal-desktop}/bin/signal-desktop --use-tray-icon";
|
||||
profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile";
|
||||
extraArgs = [
|
||||
# Enforce dark mode
|
||||
"--env=GTK_THEME=Adwaita:dark"
|
||||
#TODO: Enable Wayland mode
|
||||
#"--env=NIXOS_OZONE_WL=1"
|
||||
# Allow tray icon (should be upstreamed into signal-desktop.profile)
|
||||
"--dbus-user.talk=org.kde.StatusNotifierWatcher"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
{ config, lib, pkgs, outputs, configLib, ... }:
|
||||
{
|
||||
imports = (configLib.scanPaths ./.)
|
||||
++ (builtins.attrValues outputs.homeManagerModules);
|
||||
home.packages = builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
# Here go packages without my configs
|
||||
#!Remember to comment without space after package
|
||||
};
|
||||
}
|
|
@ -6,5 +6,7 @@
|
|||
inherit (pkgs)
|
||||
# Here go packages without my configs
|
||||
#!Remember to comment without space after package
|
||||
nerdfetch# fetch using nerdfonts
|
||||
du-dust; # see how disk space is being used
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{ inputs, configVars, ... }:
|
||||
{ inputs, configVars, configLib, ... }:
|
||||
#map with prefix to refactor
|
||||
let
|
||||
optionals = (configLib.mapPathsToPrefix { prefix = common/optional; list = [ /system /internet /comms /utilities /dev/foot.nix /office ];});
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
# ======================= Hardware Configs ========================= #
|
||||
|
@ -6,14 +10,9 @@
|
|||
# ======================= Required Configs ========================= #
|
||||
common/core
|
||||
|
||||
# ================ Host-specific Optional Configs ================== #
|
||||
common/optional/utilities
|
||||
common/optional/dev/foot.nix
|
||||
common/optional/office
|
||||
|
||||
# ============================= Themeing =========================== #
|
||||
inputs.nix-colors.homeManagerModules.default
|
||||
];
|
||||
] ++ optionals;# Host specific optionals
|
||||
|
||||
colorScheme = inputs.nix-colors.colorSchemes.atelier-dune;
|
||||
home = {
|
||||
|
|
|
@ -19,6 +19,12 @@
|
|||
&& (lib.strings.hasSuffix ".nix" path) # include .nix files
|
||||
)
|
||||
)
|
||||
(builtins.readDir path)));
|
||||
(builtins.readDir path)
|
||||
)
|
||||
);
|
||||
|
||||
mapPathsToPrefix = { prefix, list }:
|
||||
# Filter... sth like builtins.filter (path: builtins.pathExists path)
|
||||
builtins.map (path: prefix + path) list;
|
||||
}
|
||||
|
||||
|
|
|
@ -5,4 +5,5 @@
|
|||
#################### Packages with external source ####################
|
||||
|
||||
# name = pkgs.callPackage ./name { };
|
||||
geteduroam = pkgs.callPackage ./geteduroam {};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,51 @@
|
|||
# https://github.com/geteduroam/linux-app/releases/download/nightly/geteduroam-cli-linux-amd64
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
pname = "geteduroam";
|
||||
in
|
||||
pkgs.buildGoModule rec {
|
||||
inherit pname;
|
||||
version = "0.3";
|
||||
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "geteduroam";
|
||||
repo = "linux-app";
|
||||
rev = "${version}";
|
||||
hash = "sha256-Cq0c/zwUym753ccMR1XwuzLkl+BIvng6AoA7eofULPk=";
|
||||
};
|
||||
|
||||
#overrideModAttrs = old: {
|
||||
# preConfigure = ''
|
||||
# cd cmd/geteduroam-gui
|
||||
# '';
|
||||
#};
|
||||
subPackages = ["cmd/geteduroam-cli" "cmd/geteduroam-gui"];
|
||||
|
||||
vendorHash = "sha256-ZwCJ/yayF31P3fuhk/qu3Wov861HDVGGNlkLwHTQo7Y=";#lib.fakeHash;
|
||||
|
||||
#doDist = false;
|
||||
|
||||
#ldflags = [
|
||||
#"-s -w -X github.com/geteduroam/linux-app/cmd.version=${version}"
|
||||
#"-extldflags '-static -L${pkgs.musl}/lib'"
|
||||
#];
|
||||
nativeBuildInputs = with pkgs; [musl libcap go gcc];
|
||||
|
||||
CGO_ENABLED = 0;
|
||||
|
||||
#installPhase = ''
|
||||
# make build-gui
|
||||
#'';
|
||||
meta = with lib; {
|
||||
homepage = "https://git.mattmor.in/nix-config";
|
||||
license = licenses.mit;
|
||||
description = "GetEduroam";
|
||||
maintainers = with maintainers; [
|
||||
madmin
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,7 +1,25 @@
|
|||
{
|
||||
imports = [
|
||||
./time_locale.nix
|
||||
./xorg_plasma.nix
|
||||
./console.nix
|
||||
];
|
||||
{ inputs, outputs, configLib, ... }: {
|
||||
imports = (configLib.scanPaths ./.)
|
||||
++ [ inputs.home-manager.nixosModules.home-manager ]
|
||||
++ (builtins.attrValues outputs.nixosModules);
|
||||
|
||||
#TODO:yubikey-> services.yubikey-agent.enable = true;
|
||||
|
||||
security.sudo.extraConfig = ''
|
||||
Defaults timestamp_timeout=120 # only ask for password every 2h
|
||||
# Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic.
|
||||
# Defaults env_keep + =SSH_AUTH_SOCK
|
||||
'';
|
||||
|
||||
home-manager.extraSpecialArgs = { inherit inputs outputs; };
|
||||
|
||||
nixpkgs = {
|
||||
# you can add global overlays here
|
||||
overlays = builtins.attrValues outputs.overlays;
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
};
|
||||
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
}
|
||||
|
|
|
@ -1,17 +0,0 @@
|
|||
{
|
||||
time.timeZone = "Europe/Paris";
|
||||
i18n.defaultLocale = "en_GB.UTF-8";
|
||||
|
||||
i18n.extraLocaleSettings = {
|
||||
LC_MESSAGES = "de_DE.UTF-8";
|
||||
LC_ADDRESS = "de_DE.UTF-8";
|
||||
LC_IDENTIFICATION = "de_DE.UTF-8";
|
||||
LC_MEASUREMENT = "de_DE.UTF-8";
|
||||
LC_MONETARY = "de_DE.UTF-8";
|
||||
LC_NAME = "de_DE.UTF-8";
|
||||
LC_NUMERIC = "de_DE.UTF-8";
|
||||
LC_PAPER = "de_DE.UTF-8";
|
||||
LC_TELEPHONE = "de_DE.UTF-8";
|
||||
LC_TIME = "de_DE.UTF-8";
|
||||
};
|
||||
}
|
|
@ -0,0 +1,4 @@
|
|||
{ configLib, ... }:
|
||||
{
|
||||
import = (configLib.scanPaths ./.);
|
||||
}
|
|
@ -0,0 +1,64 @@
|
|||
# http://web.archive.org/web/20240621185719/https://dataswamp.org/~solene/2022-10-02-nixos-fail2ban.html
|
||||
{
|
||||
services.fail2ban = {
|
||||
enable = true;
|
||||
ignoreIP = [
|
||||
"192.168.1.0/24"
|
||||
];
|
||||
# needed to ban on IPv4 and IPv6 for all ports
|
||||
extraPackages = [pkgs.ipset];
|
||||
banaction = "iptables-ipset-proto6-allports";
|
||||
|
||||
|
||||
jails = {
|
||||
|
||||
# max 6 failures in 600 seconds
|
||||
"nginx-spam" = ''
|
||||
enabled = true
|
||||
filter = nginx-bruteforce
|
||||
logpath = /var/log/nginx/access.log
|
||||
backend = auto
|
||||
maxretry = 6
|
||||
findtime = 600
|
||||
'';
|
||||
|
||||
# max 3 failures in 600 seconds
|
||||
"postfix-bruteforce" = ''
|
||||
enabled = true
|
||||
filter = postfix-bruteforce
|
||||
findtime = 600
|
||||
maxretry = 3
|
||||
'';
|
||||
|
||||
# max 10 failures in 600 seconds
|
||||
"molly" = ''
|
||||
enabled = true
|
||||
filter = molly
|
||||
findtime = 600
|
||||
maxretry = 10
|
||||
logpath = /var/log/molly-brown/access.log
|
||||
backend = auto
|
||||
'';
|
||||
};
|
||||
environment.etc = {
|
||||
"fail2ban/filter.d/molly.conf".text = ''
|
||||
[Definition]
|
||||
failregex = <HOST>\s+(31|40|51|53).*$
|
||||
'';
|
||||
|
||||
"fail2ban/filter.d/nginx-bruteforce.conf".text = ''
|
||||
[Definition]
|
||||
failregex = ^<HOST>.*GET.*(matrix/server|\.php|admin|wp\-).* HTTP/\d.\d\" 404.*$
|
||||
'';
|
||||
|
||||
"fail2ban/filter.d/postfix-bruteforce.conf".text = ''
|
||||
[Definition]
|
||||
failregex = warning: [\w\.\-]+\[<HOST>\]: SASL LOGIN authentication failed.*$
|
||||
journalmatch = _SYSTEMD_UNIT=postfix.service
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,2 @@
|
|||
{ pkgs, ... }:
|
||||
{ }
|
|
@ -3,15 +3,15 @@
|
|||
i18n.defaultLocale = "en_GB.UTF-8";
|
||||
|
||||
i18n.extraLocaleSettings = {
|
||||
LC_MESSAGES = "fr_FR.UTF-8";
|
||||
LC_MESSAGES = "de_DE.UTF-8";
|
||||
LC_ADDRESS = "de_DE.UTF-8";
|
||||
LC_IDENTIFICATION = "fr_FR.UTF-8";
|
||||
LC_IDENTIFICATION = "de_DE.UTF-8";
|
||||
LC_MEASUREMENT = "de_DE.UTF-8";
|
||||
LC_MONETARY = "de_DE.UTF-8";
|
||||
LC_NAME = "fr_FR.UTF-8";
|
||||
LC_NUMERIC = "fr_FR.UTF-8";
|
||||
LC_NAME = "de_DE.UTF-8";
|
||||
LC_NUMERIC = "de_DE.UTF-8";
|
||||
LC_PAPER = "de_DE.UTF-8";
|
||||
LC_TELEPHONE = "fr_FR.UTF-8";
|
||||
LC_TIME = "fr_FR.UTF-8";
|
||||
LC_TELEPHONE = "de_DE.UTF-8";
|
||||
LC_TIME = "de_DE.UTF-8";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,62 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
boot.extraModulePackages = [config.boot.kernelPackages.wireguard];
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
netdevs = {
|
||||
"10-wg0" = {
|
||||
netdevConfig = {
|
||||
Kind = "wireguard";
|
||||
Name = "wg0";
|
||||
MTUBytes = "1300";
|
||||
};
|
||||
# See also man systemd.netdev (also contains info on the permissions of the key files)
|
||||
wireguardConfig = {
|
||||
# Don't use a file from the Nix store as these are world readable. Must be readable by the systemd.network user
|
||||
PrivateKeyFile = "/run/keys/wireguard-privkey";
|
||||
ListenPort = 9918;
|
||||
};
|
||||
wireguardPeers = [
|
||||
# configuration since nixos-unstable/nixos-24.11
|
||||
{
|
||||
PublicKey = "Vhv/4oTMt5YYHFm3PpNC/3po1/kmjo2p8Jnk2O5zAFk=";
|
||||
AllowedIPs = ["fc00::1/64" "10.100.0.1"];
|
||||
Endpoint = "138.199.7.251:51820"; # SET TO SERVER IP, port 51820 usually iwth wg
|
||||
}
|
||||
# configuration for nixos 24.05
|
||||
#{
|
||||
# wireguardPeerConfig = {
|
||||
# PublicKey = "OhApdFoOYnKesRVpnYRqwk3pdM247j8PPVH5K7aIKX0=";
|
||||
# AllowedIPs = ["fc00::1/64" "10.100.0.1"];
|
||||
# Endpoint = "{set this to the server ip}:51820";
|
||||
# };
|
||||
#}
|
||||
];
|
||||
};
|
||||
};
|
||||
networks.wg0 = {
|
||||
# See also man systemd.network
|
||||
matchConfig.Name = "wg0";
|
||||
# IP addresses the client interface will have
|
||||
address = [
|
||||
"fe80::3/64"
|
||||
"fc00::3/120"
|
||||
"10.100.0.2/24"
|
||||
];
|
||||
DHCP = "no";
|
||||
dns = ["fc00::53"];
|
||||
ntp = ["fc00::123"];
|
||||
gateway = [
|
||||
"fc00::1"
|
||||
"10.100.0.1"
|
||||
];
|
||||
networkConfig = {
|
||||
IPv6AcceptRA = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
{ lib, config, configVars, ... }:
|
||||
let
|
||||
sshPort = configVars.networking.sshPort;
|
||||
|
||||
# Sops needs access to the keys before the persist dirs are even mounted; so
|
||||
# just persisting the keys won't work, we must point at /persist
|
||||
hasOptinPersistence = false;
|
||||
in
|
||||
|
||||
{
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
ports = [ sshPort ];
|
||||
|
||||
settings = {
|
||||
# Harden
|
||||
PasswordAuthentication = false;
|
||||
PermitRootLogin = "no";
|
||||
# Automatically remove stale sockets
|
||||
StreamLocalBindUnlink = "yes";
|
||||
# Allow forwarding ports to everywhere
|
||||
GatewayPorts = "clientspecified";
|
||||
};
|
||||
|
||||
hostKeys = [{
|
||||
path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}];
|
||||
# Fix LPE vulnerability with sudo use SSH_AUTH_SOCK: https://github.com/NixOS/nixpkgs/issues/31611
|
||||
authorizedKeysFiles = lib.mkForce [ "/etc/ssh/authorized_keys.d/%u" ];
|
||||
};
|
||||
# yubikey login / sudo
|
||||
# this potentially causes a security issue that we mitigated above
|
||||
security.pam = {
|
||||
sshAgentAuth.enable = true;
|
||||
services = {
|
||||
sudo.u2fAuth = true;
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ sshPort ];
|
||||
}
|
|
@ -53,9 +53,9 @@ in
|
|||
# No matter what environment we are in we want these tools for root, and the user(s)
|
||||
programs.zsh.enable = true;
|
||||
programs.git.enable = true;
|
||||
environment.systemPackages = [
|
||||
pkgs.just
|
||||
pkgs.rsync
|
||||
environment.systemPackages = with pkgs; [
|
||||
just
|
||||
rsync
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -41,6 +41,8 @@
|
|||
"systems/common/optional/pipewire.nix" # audio
|
||||
"systems/common/optional/boot/loud_boot.nix" # for testing, otherwise quiet_boot.nix
|
||||
#"systems/common/optional/boot/quiet_boot.nix" # with plymouth pretty custom load sequence
|
||||
"systems/common/optional/btrfs_scrub.nix" # spec
|
||||
"systems/common/optional/networking/iphone.nix"
|
||||
|
||||
# ------------------------ Desktop --------------------------- #
|
||||
#"systems/common/optional/services/greetd.nix" # display manager
|
||||
|
@ -70,6 +72,12 @@
|
|||
enableIPv6 = false;
|
||||
};
|
||||
|
||||
# I devices
|
||||
iphone = {
|
||||
enable = true;
|
||||
user = "Shenzhen";
|
||||
};
|
||||
|
||||
# ================ HYPRLAND =================== #
|
||||
environment.sessionVariables = {
|
||||
# hack to get the cursor to become visible
|
||||
|
|
|
@ -1,9 +1,11 @@
|
|||
{ inputs, lib }:
|
||||
{
|
||||
networking = import ./networking.nix { inherit lib; };
|
||||
|
||||
username = "laozi";
|
||||
#domain = inputs.nix-secrets.domain;
|
||||
#userFullName = inputs.nix-secrets.full-name;
|
||||
#handle = "madmin";
|
||||
handle = "madmin";
|
||||
#userEmail = inputs.nix-secrets.user-email;
|
||||
#gitEmail = "madmin@noreply.codeberg.org";
|
||||
#workEmail = inputs.nix-secrets.work-email;
|
||||
|
|
|
@ -1,2 +1,4 @@
|
|||
{ ... }:
|
||||
{}
|
||||
{
|
||||
sshPort = 22;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue