starred/nix-config-ryan4yin
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-04-25 09:28:27 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity

chore(All Markdown Files): auto wrap text, fix typos

Browse Source
This commit is contained in:
Ryan Yin
2024-03-16 19:45:36 +08:00
parent 1e38f7bb09
commit 0eb83b22f0
79 changed files with 2477 additions and 2896 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
home/README.md
View File

@@ -3,4 +3,3 @@
1. `base`: The base module that is suitable for both Linux and macOS.
2. `linux`: Linux-specific configuration.
3. `darwin`: macOS-specific configuration.

1
home/base/README.md
View File

@@ -3,4 +3,3 @@
1. `server`: Configuration which is suitable for both servers and desktops.
1. `desktop`: Configuration for desktop environments, such as Hyprland, I3, etc.
1. `core.nix`: Minimal home-manager's config

1
home/base/core/editors/README.md
View File

@@ -1,4 +1,3 @@
# Editors
See [desktop/editors/](../../desktop/editors/) for more details.

51
home/base/gui/terminal/README.md
View File

@@ -1,21 +1,25 @@
# Termianl Emulators
# Terminal Emulators
I used to spend a lot of time on terminal emulators, to make them match my taste,
but now I found that it's not worth it, **Zellij can provide a user-friendly and unified user experience for all terminal emulators! without any pain**!
I used to spend a lot of time on terminal emulators, to make them match my taste, but now I found
that it's not worth it, **Zellij can provide a user-friendly and unified user experience for all
terminal emulators! without any pain**!
Currently, I only use the most basic features of terminal emulators, such as true color, graphics protocol, etc.
Other features such as tabs, scrollback buffer, select/search/copy, etc, are all provided by zellij!
Currently, I only use the most basic features of terminal emulators, such as true color, graphics
protocol, etc. Other features such as tabs, scrollback buffer, select/search/copy, etc, are all
provided by zellij!
My current terminal emulators are:
1. kitty: My main terminal emulator.
1. to select/copy a large mount of text, We should do some tricks via kitty's `scrollback_pager` with neovim, it's really painful: <https://github.com/kovidgoyal/kitty/issues/719>
1. to select/copy a large mount of text, We should do some tricks via kitty's `scrollback_pager`
with neovim, it's really painful: <https://github.com/kovidgoyal/kitty/issues/719>
2. wezterm: My secondary terminal emulator.
1. its search ability is very basic, and it's not easy to use.
1. its scrollback buffer's copy mode is very like vim, which is nice, but zellij's even better, it can use neovim as its default scrollback buffer's editor without any pain!
1. its search ability is very basic, and it's not easy to use.
1. its scrollback buffer's copy mode is very like vim, which is nice, but zellij's even better,
it can use neovim as its default scrollback buffer's editor without any pain!
3. foot: a fast, lightweight and minimalistic Wayland terminal emulator.
1. foot only do the things a terminal emulator should do, no more, no less.
1. It's really suitable for tiling window manager or zellij users!
1. foot only do the things a terminal emulator should do, no more, no less.
1. It's really suitable for tiling window manager or zellij users!
## 'xterm-kitty': unknown terminal type when `ssh` into a remote host or `sudo xxx`
@@ -23,45 +27,55 @@ My current terminal emulators are:
> https://wezfurlong.org/wezterm/config/lua/config/term.html
kitty set `TERM` to `xterm-kitty` by default, and TUI apps like `viu`, `yazi`, `curses` will try to search in the host's [terminfo(terminal capability data base)](https://linux.die.net/man/5/terminfo) for value of `TERM` to determine the capabilities of the terminal.
kitty set `TERM` to `xterm-kitty` by default, and TUI apps like `viu`, `yazi`, `curses` will try to
search in the host's [terminfo(terminal capability data base)](https://linux.die.net/man/5/terminfo)
for value of `TERM` to determine the capabilities of the terminal.
But when you `ssh` into a remote host, the remote host is very likely to not have `xterm-kitty` in its terminfo, so you will get this error:
But when you `ssh` into a remote host, the remote host is very likely to not have `xterm-kitty` in
its terminfo, so you will get this error:
```
'xterm-kitty': unknown terminal type
```
Or when you `sudo xxx`, `sudo` won't preserve the `TERM` variable, it will be reset to root's default `TERM` value, which is `xterm` or `xterm-256color` in most linux distributions, so you will get this error:
Or when you `sudo xxx`, `sudo` won't preserve the `TERM` variable, it will be reset to root's
default `TERM` value, which is `xterm` or `xterm-256color` in most linux distributions, so you will
get this error:
```
'xterm-256color': unknown terminal type
```
or
or
```
Error opening terminal: xterm-kitty.
```
NixOS preserve the `TERMINFO` and `TERMINFO_DIRS` environment variables, for `root` and the `wheel` group: [nixpkgs/nixos/modules/config/terminfo.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/config/terminfo.nix#L18)
NixOS preserve the `TERMINFO` and `TERMINFO_DIRS` environment variables, for `root` and the `wheel`
group:
[nixpkgs/nixos/modules/config/terminfo.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/config/terminfo.nix#L18)
For nix-darwin, take a look at <https://github.com/LnL7/nix-darwin/wiki/Terminfo-issues>
### Solutions
Simplest solution, it will automatically copy over the terminfo files and also magically enable shell integration on the remote machine:
Simplest solution, it will automatically copy over the terminfo files and also magically enable
shell integration on the remote machine:
```
kitten ssh user@host
```
Or if you do not care about kitty's features(such as true color & graphics protocol), you can simply set `TERM` to `xterm-256color`, which is built-in in most linux distributions:
Or if you do not care about kitty's features(such as true color & graphics protocol), you can simply
set `TERM` to `xterm-256color`, which is built-in in most linux distributions:
```
export TERM=xterm-256color
```
If you need kitty's features, but do not like the magic of `kitten`, you can manually install kitty's terminfo on the remote host:
If you need kitty's features, but do not like the magic of `kitten`, you can manually install
kitty's terminfo on the remote host:
```bash
# install on ubuntu / debian
@@ -70,4 +84,3 @@ sudo apt-get install kitty-terminfo
# or copy from local machine
infocmp -a xterm-kitty | ssh myserver tic -x -o \~/.terminfo /dev/stdin
```

39
home/base/tui/editors/Glossary.md
View File

@@ -6,7 +6,9 @@
> https://langserver.org/
The Language Server Protocol (LSP) is an open, JSON-RPC-based protocol for use between source code editors or integrated development environments (IDEs) and servers that provide programming language-specific features like:
The Language Server Protocol (LSP) is an open, JSON-RPC-based protocol for use between source code
editors or integrated development environments (IDEs) and servers that provide programming
language-specific features like:
- motions such as go-to-definition, find-references, hover.
- **code completion**
@@ -15,10 +17,11 @@ The Language Server Protocol (LSP) is an open, JSON-RPC-based protocol for use b
- syntax highlighting (use Tree-sitter instead)
- code formatting (use a dedicated formatter instead)
The goal of the protocol is to allow programming language support to be implemented and distributed independently of any given editor or IDE.
The goal of the protocol is to allow programming language support to be implemented and distributed
independently of any given editor or IDE.
LSP was originally developed for Microsoft Visual Studio Code and is now an open standard.
In the early 2020s LSP quickly became a "norm" for language intelligence tools providers.
LSP was originally developed for Microsoft Visual Studio Code and is now an open standard. In the
early 2020s LSP quickly became a "norm" for language intelligence tools providers.
### Tree-sitter
@@ -26,7 +29,9 @@ In the early 2020s LSP quickly became a "norm" for language intelligence tools p
> https://www.reddit.com/r/neovim/comments/1109wgr/treesitter_vs_lsp_differences_ans_overlap/
Tree-sitter is a parser generator tool and an **incremental parsing** library. It can build a concrete syntax tree for a source file and efficiently update the syntax tree as the source file is edited.
Tree-sitter is a parser generator tool and an **incremental parsing** library. It can build a
concrete syntax tree for a source file and efficiently update the syntax tree as the source file is
edited.
It is used by many editors and IDEs to provide:
@@ -38,17 +43,22 @@ It is used by many editors and IDEs to provide:
- such as join/split lines, structural editing, cursor motion, etc.
**Treesitter process each file independently**, and it is not aware of the semantics of your code.
For example, it does not know does a function/variable really exist, or what is the type/return-type of a variable. This is where LSP comes in.
For example, it does not know does a function/variable really exist, or what is the type/return-type
of a variable. This is where LSP comes in.
The LSP server parses the code much more deeply and it **not only parses a single file but your whole project**.
So, the LSP server will know whether a function/variable does exist with the same type/return-type. If it does not, it will mark it as an error.
The LSP server parses the code much more deeply and it **not only parses a single file but your
whole project**. So, the LSP server will know whether a function/variable does exist with the same
type/return-type. If it does not, it will mark it as an error.
**LSP does understand the code semantically, while Treesitter only cares about correct syntax**.
#### LSP vs Tree-sitter
- Tree-sitter: lightweight, fast, but limited knowledge of your code. mainly used for **syntax highlighting, indentation, and folding/refactoring in a single file**.
- LSP: heavy and slow on large projects, but it has a deep understanding of your code. mainly used for **code completion, refactoring in the projects, errors/warnings, and other semantic-aware features**.
- Tree-sitter: lightweight, fast, but limited knowledge of your code. mainly used for **syntax
highlighting, indentation, and folding/refactoring in a single file**.
- LSP: heavy and slow on large projects, but it has a deep understanding of your code. mainly used
for **code completion, refactoring in the projects, errors/warnings, and other semantic-aware
features**.
### Formatter vs Linter
@@ -56,7 +66,10 @@ Linting is distinct from Formatting because:
1. **formatting** only restructures how code appears.
1. `prettier` is a popular formatter.
1. **linting** analyzes how the code runs and detects errors, it may also suggest improvements such as replace `var` with `let` or `const`.
1. **linting** analyzes how the code runs and detects errors, it may also suggest improvements such
as replace `var` with `let` or `const`.
Formatters and Linters process each file independently, they do not need to know about other files in the project.
* [ ]
Formatters and Linters process each file independently, they do not need to know about other files
in the project.
- [ ]

33
home/base/tui/editors/README.md
View File

@@ -10,15 +10,18 @@ And `Zellij` for a smooth and stable terminal experience.
## Tips
1. Many useful keys are already provided by vim, check vim/neovim's docs before you install a new plugin / reinvent the wheel.
1. After using Emacs/Neovim more skillfully, I strongly recommend that you read the official documentation of Neovim/vim:
1. Many useful keys are already provided by vim, check vim/neovim's docs before you install a new
plugin / reinvent the wheel.
1. After using Emacs/Neovim more skillfully, I strongly recommend that you read the official
documentation of Neovim/vim:
1. <https://vimhelp.org/>: The official vim documentation.
1. <https://neovim.io/doc/user/>: Neovim's official user documentation.
1. Use Zellij for terminal related operations, and use Neovim/Helix for editing.
1. As for Emacs, Use its GUI version & terminal emulator `vterm` for terminal related operations.
1. Two powerful file search & jump tools:
1. Tree-view plugins are beginner-friendly and intuitive, but they're not very efficient.
1. **Search by the file path**: Useful when you're familiar with the project structure, especially on a large project.
1. **Search by the file path**: Useful when you're familiar with the project structure, especially
on a large project.
1. **Search by the content**: Useful when you're familiar with the code.
## Tutorial
@@ -27,13 +30,16 @@ Type `:tutor`(`:Tutor` in Neovim) to learn the basics usage of vim/neovim.
## VIM's Cheetsheet
> Here only record my commonly used keys, to see **a more comprehensive cheetsheet**: <https://vimhelp.org/quickref.txt.html>
> Here only record my commonly used keys, to see **a more comprehensive cheetsheet**:
> <https://vimhelp.org/quickref.txt.html>
Both Emacs-Evil & Neovim are compatible with vim, sothe key-bindings described here are common in both Emacs-Evil, Neovim & vim.
Both Emacs-Evil & Neovim are compatible with vim, sothe key-bindings described here are common in
both Emacs-Evil, Neovim & vim.
### Terminal Related
I mainly use Zellij for terminal related operations, here is its terminal shortcuts I use frequently now:
I mainly use Zellij for terminal related operations, here is its terminal shortcuts I use frequently
now:
| Action | Zellij's Shortcut |
| ------------------------- | ----------------- |
@@ -76,10 +82,12 @@ I mainly use Zellij for terminal related operations, here is its terminal shortc
Text Objects:
- **sentence**: text ending at a '.', '!' or '?' followed by either the end of a line, or by a space or tab.
- **sentence**: text ending at a '.', '!' or '?' followed by either the end of a line, or by a space
or tab.
- **paragraph**: text ending at a blank line.
- **section**: text starting with a section header and ending at the start of the next section header (or at the end of the file). - The "`]]`" and "`[[`" commands stop at the '`{`' in the first column. This is
useful to find the start of a function in a C/Go/Java/... program.
- **section**: text starting with a section header and ending at the start of the next section
header (or at the end of the file). - The "`]]`" and "`[[`" commands stop at the '`{`' in the
first column. This is useful to find the start of a function in a C/Go/Java/... program.
### Text Manipulation
@@ -99,7 +107,7 @@ Basics:
| Toggle text's case | `~` |
| Convert to uppercase | `U` (visual mode) |
| Convert to lowercase | `u` (visual mode) |
| Align the selected conent | `:center`/`:left`/`:right` |
| Align the selected content | `:center`/`:left`/`:right` |
Misc:
@@ -116,7 +124,7 @@ Misc:
| Action | |
| ------------------------------------------------------------------------- | -------------- |
| Sort tye selected lines | `:sort` |
| Sort the selected lines | `:sort` |
| Join Selection of Lines With Space | `:join` or `J` |
| Join without spaces | `:join!` |
| Enter Insert mode at the start/end of the line | `I` / `A` |
@@ -161,7 +169,8 @@ Advance Techs:
| Replace all the lines | `:% s/old/new/g` |
| Replace all the lines with regex | `:% s@\vhttp://(\w+)@https://\1@gc` |
1. `\v` means means that in the regex pattern after it can be used without backslash escaping(similar to python's raw string).
1. `\v` means means that in the regex pattern after it can be used without backslash
escaping(similar to python's raw string).
2. `\1` means the first matched group in the pattern.
### Replace in the specific lines

17
home/base/tui/editors/Structured-Editing.md
View File

@@ -2,23 +2,24 @@
## S-expression data(Lisp)
- paredit/[lispy](https://github.com/doomemacs/doomemacs/tree/master/modules/editor/lispy): too complex.
- paredit/[lispy](https://github.com/doomemacs/doomemacs/tree/master/modules/editor/lispy): too
complex.
- [evil-cleverparens](https://github.com/emacs-evil/evil-cleverparens): simple and useful.
- [parinfer(par-in-fer)](https://shaunlebron.github.io/parinfer/): morden, simple, elegant and useful, but works not well with some other completion plugins...
- to make parinfer works, you should disable sexp & smartparens in any lisp mode.
- [parinfer(par-in-fer)](https://shaunlebron.github.io/parinfer/): morden, simple, elegant and
useful, but works not well with some other completion plugins...
- to make parinfer works, you should disable sexp & smartparens in any lisp mode.
Some plugins:
- Emacs
- [parinfer-rusT-mode](https://github.com/justinbarclay/parinfer-rust-mode)
- [parinfer-rusT-mode](https://github.com/justinbarclay/parinfer-rust-mode)
- Neovim
- [parinfer-rust](https://github.com/eraserhd/parinfer-rust)
- <https://github.com/Olical/conjure>
- [parinfer-rust](https://github.com/eraserhd/parinfer-rust)
- <https://github.com/Olical/conjure>
- Helix
- [parinfer #4090 - Helix](https://github.com/helix-editor/helix/discussions/4090)
- [parinfer #4090 - Helix](https://github.com/helix-editor/helix/discussions/4090)
## Other Languages
1. treesitter
1. ...

27
home/base/tui/editors/emacs/README.md
View File

@@ -6,17 +6,19 @@
2. Org Mode
3. Lisp Coding
4. A top-level tutorial for Emacs(Chinese): <https://nyk.ma/tags/emacs/>
5. A Beginner's Guide to Emacs(Chinese): <https://github.com/emacs-tw/emacs-101-beginner-survival-guide>
5. A Beginner's Guide to Emacs(Chinese):
<https://github.com/emacs-tw/emacs-101-beginner-survival-guide>
## Screenshot
![](/_img/emacs-2024-01-07.webp)
## Usefull Links
## Useful Links
- Framework: <https://github.com/doomemacs/doomemacs>
- key bindings:
- source code: <https://github.com/doomemacs/doomemacs/blob/master/modules/config/default/%2Bevil-bindings.el>
- source code:
<https://github.com/doomemacs/doomemacs/blob/master/modules/config/default/%2Bevil-bindings.el>
- docs: <https://github.com/doomemacs/doomemacs/blob/master/modules/editor/evil/README.org>
- module index: <https://github.com/doomemacs/doomemacs/blob/master/docs/modules.org>
- LSP Client: <https://github.com/manateelazycat/lsp-bridge>
@@ -44,7 +46,7 @@ when in doubt, run `doom sync`!
```bash
# testing
just emacs-test
jsut emacs-purge
just emacs-purge
just emacs-reload
# clear test data
@@ -59,14 +61,16 @@ just emacs-clean
- So vim/neovim is still the best choice for servers.
- Emacs's markdown-mode works not well with tables, see:
- https://github.com/jrblevin/markdown-mode/issues/380
- I use git command frequently, but doomemacs only autoupdates status of git diff / treemacs when using magit.
- I use git command frequently, but doomemacs only autoupdates status of git diff / treemacs when
using magit.
- I have to learn magit to avoid this issue...
- GitHub's orgmode support is not well, Markdown is better for GitHub.
- Use markdown for repo's README.md, and use orgmode for my personal notes and docs only.
## Cheetsheet
Here is the cheetsheet related to my DoomEmacs configs. Please read vim's common cheetsheet at [../README.md](../README.md) before reading the following.
Here is the cheetsheet related to my DoomEmacs configs. Please read vim's common cheetsheet at
[../README.md](../README.md) before reading the following.
### Basics
@@ -98,7 +102,8 @@ Here is the cheetsheet related to my DoomEmacs configs. Please read vim's common
### File Tree
- treemacs: <https://github.com/Alexander-Miller/treemacs/blob/master/src/elisp/treemacs-mode.el>
- treemacs-evil: <https://github.com/Alexander-Miller/treemacs/blob/master/src/extra/treemacs-evil.el>
- treemacs-evil:
<https://github.com/Alexander-Miller/treemacs/blob/master/src/extra/treemacs-evil.el>
| Action | Shortcut |
| ------------------------------------- | --------- |
@@ -199,8 +204,9 @@ Magit is a powerful tool that make git operations easy and intuitive.
Shortcuts in magit's pane:
> When run `git commit` / `git add` / `git push` /... via magit, multiple Arguments can be set.
> Set arguments won't trigger a git command immediately. Magit will try to run a git command only after an Action key is pressed.
> When run `git commit` / `git add` / `git push` /... via magit, multiple Arguments can be set. Set
> arguments won't trigger a git command immediately. Magit will try to run a git command only after
> an Action key is pressed.
| Action | Shortcut |
| -------------------------------------------------- | --------------------------------------------- |
@@ -220,4 +226,5 @@ Shortcuts in magit's pane:
| Fold/Unfold | `TAB` |
| Show details of the current unit(commit/stage/...) | `<ENTER>` |
KeyBinding full list: <https://github.com/emacs-evil/evil-collection/tree/master/modes/magit#key-bindings>
KeyBinding full list:
<https://github.com/emacs-evil/evil-collection/tree/master/modes/magit#key-bindings>

79
home/base/tui/editors/helix/README.md
View File

@@ -1,11 +1,14 @@
# Helix Editor
Neovim is really powerful, and have a very active community. I use it as my main editor, and I'm very happy with it. I use it for everything, from writing code to writing this document.
Neovim is really powerful, and have a very active community. I use it as my main editor, and I'm
very happy with it. I use it for everything, from writing code to writing this document.
But its configuration is a bit complex, and finding the right plugins, writing configurations, and keeping everything up to date is not easy.
But its configuration is a bit complex, and finding the right plugins, writing configurations, and
keeping everything up to date is not easy.
That's why I'm interested in Helix, Helix is similar to Neovim, but it's more opinionated, and it's batteries included.
Whether I'll switch my main editor to Helix or not, it gives me a lot of ideas on how to improve my Neovim workflow.
That's why I'm interested in Helix, Helix is similar to Neovim, but it's more opinionated, and it's
batteries included. Whether I'll switch my main editor to Helix or not, it gives me a lot of ideas
on how to improve my Neovim workflow.
## Tutorial
@@ -14,30 +17,48 @@ Use `:tutor` in helix to start the tutorial.
## Differences between Neovim and Helixer
1. Selecting first, then action.
1. Helix: delete 2 word: `2w` then `x`. You can always see what you're selecting before you apply the action.
2. Neovim: delete 2 word: `d`. then `2w`. No visual feedback before you apply the action.
1. Helix - Morden builtin features: LSP, tree-sitter, fuzzy finder, multi cursors, surround and more.
1. They're all available in Neovim too, but you need to find and use the right plugins manually, which takes time and effort.
1. Helix is built in Rust from scratch. The result is a much smaller codebase and a modern set of defaults. No VimScript. No Lua.
1. Neovim contains a lot of VimScript, and lua is too dynamic, it's hard to debug.
1. Personally I'm glad to take a look at a Rust codebase, but not a VimScript/Lua codebase.
1. Neovim have a very activate plugin ecosystem, and it's easy to find plugins for almost everything.
1. Helix is still new, and it even do have a stable plugin system yet. A PR to add a plugin system is still envolving: <https://github.com/helix-editor/helix/pull/8675>
2. Neovim has intergrated terminal, and it's very powerful. It's quite similar to VSCode's intergrated terminal. I use it a lot.
1. Helix doesn't have a intergrated terminal yet, as it's complicated to implement. Users are recommended to use tmux/Zellij or Wezterm/Kitty to implement this feature instead.
1. <https://github.com/helix-editor/helix/issues/1976#issuecomment-1091074719>
1. <https://github.com/helix-editor/helix/pull/4649>
1. **My Neovim often gets stuck when I switch to [toggleterm.nvim](https://github.com/akinsho/toggleterm.nvim), this Helix issue made me consider to switch from this Neovim plugin to Zellij**.
1. Helix do not have a tree-view panel, it's recommended to use Yazi/ranger/Broot instead, and open Helix in them.
1. a tree-view plugin may be added after the plugin system is stable, but no one knows when it will be.
2. and some Helix users stated that they don't need a tree-view plugin, Helix's file picker is useful and good enough.
1. It seems Helix lacks a global substitution command, you should run it in another window(via wm or Zellij).
1. <https://github.com/helix-editor/helix/issues/196>
1. Neovim's substitution command allow you to preview the changes before you apply it, and it's very useful. if I switch to Helix, I'll need to find some other tools with similar feature(such as https://github.com/ms-jpq/sad).
1. Complexity and Maintenance Costs vs Batteries Included: <https://github.com/helix-editor/helix/discussions/6356>
1. Helix: delete 2 word: `2w` then `x`. You can always see what you're selecting before you apply
the action.
2. Neovim: delete 2 word: `d`. then `2w`. No visual feedback before you apply the action.
1. Helix - Morden builtin features: LSP, tree-sitter, fuzzy finder, multi cursors, surround and
more.
1. They're all available in Neovim too, but you need to find and use the right plugins manually,
which takes time and effort.
1. Helix is built in Rust from scratch. The result is a much smaller codebase and a modern set of
defaults. No VimScript. No Lua.
1. Neovim contains a lot of VimScript, and lua is too dynamic, it's hard to debug.
1. Personally I'm glad to take a look at a Rust codebase, but not a VimScript/Lua codebase.
1. Neovim have a very activate plugin ecosystem, and it's easy to find plugins for almost
everything.
1. Helix is still new, and it even do have a stable plugin system yet. A PR to add a plugin
system is still envolving: <https://github.com/helix-editor/helix/pull/8675>
1. Neovim has integrated terminal, and it's very powerful. It's quite similar to VSCode's integrated
terminal. I use it a lot.
1. Helix doesn't have a integrated terminal yet, as it's complicated to implement. Users are
recommended to use tmux/Zellij or Wezterm/Kitty to implement this feature instead.
1. <https://github.com/helix-editor/helix/issues/1976#issuecomment-1091074719>
1. <https://github.com/helix-editor/helix/pull/4649>
1. **My Neovim often gets stuck when I switch to
[toggleterm.nvim](https://github.com/akinsho/toggleterm.nvim), this Helix issue made me
consider to switch from this Neovim plugin to Zellij**.
1. Helix do not have a tree-view panel, it's recommended to use Yazi/ranger/Broot instead, and open
Helix in them.
1. a tree-view plugin may be added after the plugin system is stable, but no one knows when it
will be.
2. and some Helix users stated that they don't need a tree-view plugin, Helix's file picker is
useful and good enough.
1. It seems Helix lacks a global substitution command, you should run it in another window(via wm or
Zellij).
1. <https://github.com/helix-editor/helix/issues/196>
1. Neovim's substitution command allow you to preview the changes before you apply it, and it's
very useful. if I switch to Helix, I'll need to find some other tools with similar
feature(such as https://github.com/ms-jpq/sad).
1. Complexity and Maintenance Costs vs Batteries Included:
<https://github.com/helix-editor/helix/discussions/6356>
I think Use Helix/Neovim within a terminal file manager(Yazi/ranger/Broot) and Zellij is a good
idea. It's quite different from the workflow I migrated from VSCode/JetBrains before, I'm very
interested in it.
I think Use Helix/Neovim within a terminal file manager(Yazi/ranger/Broot) and Zellij is a good idea.
It's quite different from the workflow I migrated from VSCode/JetBrains before, I'm very interested in it.
In Neovim I can make the workflow similar to VSCode/JetBrains by using some plugins, but Helix forces me to get out of my comfort zone, and try something new.
In Neovim I can make the workflow similar to VSCode/JetBrains by using some plugins, but Helix
forces me to get out of my comfort zone, and try something new.

43
home/base/tui/editors/neovim/README.md
View File

@@ -1,14 +1,14 @@
# Neovim Editor
My Neovim config based on [AstroNvim](https://github.com/AstroNvim/AstroNvim).
For more details, visit the [AstroNvim website](https://astronvim.com/).
My Neovim config based on [AstroNvim](https://github.com/AstroNvim/AstroNvim). For more details,
visit the [AstroNvim website](https://astronvim.com/).
This document outlines neovim's configuration structure and various shortcuts/commands for efficient usage.
This document outlines neovim's configuration structure and various shortcuts/commands for efficient
usage.
## Screenshots
![](/_img/astronvim_2023-07-13_00-39.webp)
![](/_img/hyprland_2023-07-29_2.webp)
![](/_img/astronvim_2023-07-13_00-39.webp) ![](/_img/hyprland_2023-07-29_2.webp)
## Configuration Structure
@@ -47,7 +47,8 @@ just nvim-clear
## Cheetsheet
Here is the cheetsheet related to my Neovim configs. Please read vim's common cheetsheet at [../README.md](../README.md) before reading the following.
Here is the cheetsheet related to my Neovim configs. Please read vim's common cheetsheet at
[../README.md](../README.md) before reading the following.
### Incremental Selection
@@ -62,15 +63,16 @@ Provided by nvim-treesitter.
### Search and Jump
Provided by [flash.nvim](https://github.com/folke/flash.nvim), it's a intelligent search and jump plugin.
Provided by [flash.nvim](https://github.com/folke/flash.nvim), it's a intelligent search and jump
plugin.
1. It enhaces the default search and jump behavior of neovim.(search with prefix `/`)
1. It enhances the default search and jump behavior of neovim.(search with prefix `/`)
| Action | Shortcut |
| ----------------- | ------------------------------------------------------------------------------------------------------------- |
| Search | `/`(normal search), `s`(disable all code highlight, only highlight matches) |
| Treesitter Search | `yR`,`dR`, `cR`, `vR`, `ctrl+v+R`(arround your matches, all the surrounding Treesitter nodes will be labeled) |
| Remote Flash | `yr`, `dr`, `cr`, (arround your matches, all the surrounding Treesitter nodes will be labeled) |
| Action | Shortcut |
| ----------------- | ------------------------------------------------------------------------------------------------------------ |
| Search | `/`(normal search), `s`(disable all code highlight, only highlight matches) |
| Treesitter Search | `yR`,`dR`, `cR`, `vR`, `ctrl+v+R`(around your matches, all the surrounding Treesitter nodes will be labeled) |
| Remote Flash | `yr`, `dr`, `cr`, (around your matches, all the surrounding Treesitter nodes will be labeled) |
### Commands & Shortcuts
@@ -92,12 +94,8 @@ Provided by [flash.nvim](https://github.com/folke/flash.nvim), it's a intelligen
### Splitting and Buffers
|
| Action | Shortcut |
| --------------------- | ------------- |
| Horizontal Split | `\` |
| Vertical Split | `\|` |
| Close Buffer | `<Space> + c` |
| | Action | Shortcut | | --------------------- | ------------- | | Horizontal Split | `\` | |
Vertical Split | `\|` | | Close Buffer | `<Space> + c` |
### Editing and Formatting
@@ -129,9 +127,9 @@ Press `<Space> + D` to view available bindings and options.
### Search and Replace Globally
| Description | Shortcut |
| ------------------------------------------------------------ | ---------------------------------------------------------------- |
| Open spectre.nvim search and replace panel | `<Space> + ss` |
| Description | Shortcut |
| ------------------------------------------ | -------------- |
| Open spectre.nvim search and replace panel | `<Space> + ss` |
Search and replace via cli(fd + sad + delta):
@@ -139,7 +137,6 @@ Search and replace via cli(fd + sad + delta):
fd "\\.nix$" . | sad '<pattern>' '<replacement>' | delta
```
### Surrounding Characters
Provided by mini.surround plugin.

27
home/base/tui/encryption/README.md
View File

@@ -1,30 +1,31 @@
# Encryption
We have GnuPG & password-store installed by default, mainly for password management, authentication & communication encryption.
We have GnuPG & password-store installed by default, mainly for password management, authentication
& communication encryption.
We also have LUKS2 for disk encryption on Linux, and [rclone](https://rclone.org/crypt/) for cross-platform data encryption & syncing.
We also have LUKS2 for disk encryption on Linux, and [rclone](https://rclone.org/crypt/) for
cross-platform data encryption & syncing.
[age](https://github.com/FiloSottile/age) may be more general for file encryption.
[Sops](https://github.com/getsops/sops/tree/main) can be used for file encryption too, if you prefer
[Sops](https://github.com/getsops/sops/tree/main) can be used for file encryption too, if you prefer
using a Cloud provider for key management.
## Asymmetric Encryption
Both age, Sops & GnuPG provide asymmetric encryption, which is useful for encrypting files for a specific user.
Both age, Sops & GnuPG provide asymmetric encryption, which is useful for encrypting files for a
specific user.
For morden use, age is recommended, as it use [AEAD encryption function - ChaCha20-Poly1305][age Format v1],
If you do not want to manage the keys by yourself, Sops is recommended, as it use KMS for key management.
For morden use, age is recommended, as it use [AEAD encryption function -
ChaCha20-Poly1305][age Format v1], If you do not want to manage the keys by yourself, Sops is
recommended, as it use KMS for key management.
## Symmetric Encryption
Both age & GnuPG provide symmetric encryption, which is useful for encrypting files for a specific user.
As described in [age Format v1][age Format v1], age use scrypt to encrypt and decrypt the file key with a provided passphrase,
which is more secure than GnuPG's symmetric encryption.
Both age & GnuPG provide symmetric encryption, which is useful for encrypting files for a specific
user.
As described in [age Format v1][age Format v1], age use scrypt to encrypt and decrypt the file key
with a provided passphrase, which is more secure than GnuPG's symmetric encryption.
[age Format v1]: https://age-encryption.org/v1

172
home/base/tui/gpg/README.md
View File

@@ -1,10 +1,14 @@
# GNU Privacy Guard(GnuPG)
> Offical Website: https://www.gnupg.org/
> Official Website: https://www.gnupg.org/
The GNU Privacy Guard is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as **PGP**). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kind of public key directories.
The GNU Privacy Guard is a complete and free implementation of the OpenPGP standard as defined by
RFC4880 (also known as **PGP**). GnuPG allows to encrypt and sign your data and communication,
features a versatile key management system as well as access modules for all kind of public key
directories.
> In the following content, we will use GPG to refer to GnuPG tool, and PGP to refer to various concepts defined in the OepnPGP standard(e.g. PGP key, PGP key server).
> In the following content, we will use GPG to refer to GnuPG tool, and PGP to refer to various
> concepts defined in the OepnPGP standard(e.g. PGP key, PGP key server).
Key functions of GnuPG:
@@ -20,18 +24,21 @@ Main usage scenarios of GnuPG:
3. Manage your ssh key
4. Encrypt your data and store it somewhere.
GnuPG/OpenPGP is complex, so while using it, I have been looking forward to finding an encryption tool that is simple enough, functional enough, and widely adopted.
GnuPG/OpenPGP is complex, so while using it, I have been looking forward to finding an encryption
tool that is simple enough, functional enough, and widely adopted.
Currently I use both age & GnuPG:
1. Age for secrets encryption(ssh key & other secret files), it's simple and easy to use.
2. GnuPG for password-store and email encryption.
> At present, the safe and efficient use of GPG is probably combined with hardware keys such as yubikey. but I don't have one, so I won't talk about it here.
> At present, the safe and efficient use of GPG is probably combined with hardware keys such as
> yubikey. but I don't have one, so I won't talk about it here.
## Practical Cryptography for Developers
To use GnuGP without seamlessly, Some Practical Cryptography knowledge is required, here is dome tutorials:
To use GnuGP without seamlessly, Some Practical Cryptography knowledge is required, here is dome
tutorials:
- English version: <https://github.com/nakov/Practical-Cryptography-for-Developers-Book>
- Chinese version: <https://thiscute.world/tags/cryptography/>
@@ -50,12 +57,14 @@ Related Docs:
- [Predictable, Passphrase-Derived PGP Keys][Predictable, Passphrase-Derived PGP Keys]
- [OpenPGP - The almost perfect key pair][OpenPGP - The almost perfect key pair]
GnuPG generate every secret key separately, and encrypt them with a symmetric key derived from your
passphrase. OpenPGP standard defines
[String-to-Key (S2K)](https://datatracker.ietf.org/doc/html/rfc4880#section-3.7) algorithm to derive
a symmetric key from your passphrase.
GnuPG generate every secret key separately, and encrypt them with a symmetric key derived from your passphrase.
OpenPGP standard defines [String-to-Key (S2K)](https://datatracker.ietf.org/doc/html/rfc4880#section-3.7)
algorithm to derive a symmetric key from your passphrase.
GnuPG's [OpenPGP protocol specific options](https://gnupg.org/documentation/manuals/gnupg/OpenPGP-Options.html#OpenPGP-Options) shows that:
GnuPG's
[OpenPGP protocol specific options](https://gnupg.org/documentation/manuals/gnupg/OpenPGP-Options.html#OpenPGP-Options)
shows that:
```
--s2k-cipher-algo name
@@ -81,24 +90,31 @@ gpg --s2k-mode 3 --s2k-count 65011712 --s2k-digest-algo SHA512 --s2k-cipher-algo
To use the strongest options globally, you can specify these options in your `~/.gnupg/gpg.conf`.
I've added them to my Home Manager's `programs.gpg.settings` option.
### 1. PGP Key(Primary Key) generation
Key management is the core of OpenPGP standard / GnuPG.
GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system, each user has a pair of keys consisting of a private key and a public key. **A user's private key is kept secret; it need **never be revealed. The public key may be given to anyone with whom the user wants to communicate**. GnuPG uses a somewhat more sophisticated scheme in which a user has a primary keypair and then zero or more additional subordinate keypairs. The primary and subordinate keypairs are bundled to facilitate key management and the bundle can often be considered simply as one keypair, or a keyring/keychain(which contains multiple sub key-pairs).
GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system,
each user has a pair of keys consisting of a private key and a public key. **A user's private key is
kept secret; it need **never be revealed. The public key may be given to anyone with whom the user
wants to communicate\*\*. GnuPG uses a somewhat more sophisticated scheme in which a user has a
primary keypair and then zero or more additional subordinate keypairs. The primary and subordinate
keypairs are bundled to facilitate key management and the bundle can often be considered simply as
one keypair, or a keyring/keychain(which contains multiple sub key-pairs).
Let's generate a keypair interactively:
> Now in 2024, GnuPG 2.4.1 defaults to ECC algorithm (9) and Curve 25519 for ECC, which is morden and safe, I would recommend to use these defaults directly.
> Now in 2024, GnuPG 2.4.1 defaults to ECC algorithm (9) and Curve 25519 for ECC, which is morden
> and safe, I would recommend to use these defaults directly.
```bash
gpg --full-gen-key
```
This command will ask you for some algorithm related settings(ECC & Curve 25519), your personal info, and a strong passphrase to protect your PGP key. e.g.
This command will ask you for some algorithm related settings(ECC & Curve 25519), your personal
info, and a strong passphrase to protect your PGP key. e.g.
``` bash
```bash
gpg --full-gen-key
gpg (GnuPG) 2.4.1; Copyright (C) 2023 g10 Code GmbH
This is free software: you are free to change and redistribute it.
@@ -131,9 +147,9 @@ Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name:
Email address:
Comment:
Real name:
Email address:
Comment:
You selected this USER-ID:
"Ryan Yin (For pass For Work ssh only) <ryan4yin@linux.com>"
@@ -163,7 +179,7 @@ sub cv25519 2024-01-09 [E] [expires: 2034-01-04]
The generated keys are stored in `~/.gnupg` by default, the functions of each file are as follows:
``` bash
```bash
tree ~/.gnupg/
/Users/ryan/.gnupg/
|-- S.gpg-agent # socket file
@@ -185,28 +201,41 @@ The generated keys are stored in `~/.gnupg` by default, the functions of each fi
4 directories, 12 files
```
The functions of most files are quite clear at a glance, but the `trustdb.gpg` in them is a bit difficult to understand. Here are the details: <https://www.gnupg.org/gph/en/manual/x334.html>
The functions of most files are quite clear at a glance, but the `trustdb.gpg` in them is a bit
difficult to understand. Here are the details: <https://www.gnupg.org/gph/en/manual/x334.html>
Home Manager will manage all the things in `~/.gnupg/` EXCEPT `~/.gnupg/openpgp-revocs.d/` and `~/.gnupg/private-keys-v1.d/`, which is expected.
Home Manager will manage all the things in `~/.gnupg/` EXCEPT `~/.gnupg/openpgp-revocs.d/` and
`~/.gnupg/private-keys-v1.d/`, which is expected.
### 3. Sub Key Generation & Best Practice
In PGP, every keys has a **usage flag** to indicate its usage:
- `C` means this key can be used to **Certify** other keys, which means this key can be used to **create/delete/revoke/modify** other keys.
- `C` means this key can be used to **Certify** other keys, which means this key can be used to
**create/delete/revoke/modify** other keys.
- `S` means this key can be used to **Sign** data.
- `E` means this key can be used to **Encrypt** data.
- `A` means this key can be used to **Authenticate** data with various non-GnuPG programs. The key can be used as e.g. an **SSH key**.
- `E` means this key can be used to **Encrypt** data.
- `A` means this key can be used to **Authenticate** data with various non-GnuPG programs. The key
can be used as e.g. an **SSH key**.
The **best practice** is:
1. Generate a primary key with strong cryptography arguments(such as ECC + Curve 25519).
2. Then generate 3 sub keys with `E`, `S` and `A` usage flag respectively.
3. **The Primary Key is extremely important**, Backup the primary key to somewhere absolutely safe(such as two encryptd USB drivers, keep them in different places), and then **delete it from your computer immediately**.
4. The sub key is also important, but you can generate a new one and replace it easily. You can backup it to somewhere else, and import it to another machine to use your keypair.
5. Backup your Primary key's revocation certificate to somewhere safe, it's the last way to rescure your safety if your primary key is compromised!
1. It's a big problem if your revocation certificate is compromised, but not the bigest one. because it's only used to revoke your keypair, your data is still safe. But you should generate a new keypair and revoke the old one immediately.
1. It will be a big problem if your primary key is compromised, and you don't have a revocation certificate to revoke it. But since OpenPGP do not have a good way to distribute revocation certificate, even you have a revocation certificate, it's still hard to distribute it to others...
3. **The Primary Key is extremely important**, Backup the primary key to somewhere absolutely
safe(such as two encryptd USB drivers, keep them in different places), and then **delete it from
your computer immediately**.
4. The sub key is also important, but you can generate a new one and replace it easily. You can
backup it to somewhere else, and import it to another machine to use your keypair.
5. Backup your Primary key's revocation certificate to somewhere safe, it's the last way to rescure
your safety if your primary key is compromised!
6. It's a big problem if your revocation certificate is compromised, but not the bigest one. because
it's only used to revoke your keypair, your data is still safe. But you should generate a new
keypair and revoke the old one immediately.
7. It will be a big problem if your primary key is compromised, and you don't have a revocation
certificate to revoke it. But since OpenPGP do not have a good way to distribute revocation
certificate, even you have a revocation certificate, it's still hard to distribute it to
others...
To keep your keypair safe, you should backup your keypair according to the following steps.
@@ -216,7 +245,7 @@ Now let's add the sub keys to the keypair we generated above:
> GnuPG will ask you to input your passphrase to unlock your primary key.
``` bash
```bash
gpg --expert --edit-key ryan4yin@linux.com
gpg (GnuPG) 2.4.1; Copyright (C) 2023 g10 Code GmbH
This is free software: you are free to change and redistribute it.
@@ -380,7 +409,7 @@ ssb ed25519 2024-01-09 [A] [expires: 2034-01-04]
gpg --list-public-keys
...
```
### 4. Backup & Restore
Export Public Keys(Both Primary Key & Sub Keys):
@@ -393,10 +422,12 @@ nix run nixpkgs#pgpdump ryan4yin-gpg-keys.pub
Export Primary Key(The exported key is still encrypted by your passphrase):
> the `!` at the end of the key ID is to force GnuPG to export only the specified key, not the subkeys.
> the `!` at the end of the key ID is to force GnuPG to export only the specified key, not the
> subkeys.
> GnuPG will ask you to input your passphrase to unlock your keypair,
> because GnuPG need to convert the secret key's format from its internal protection format to the one specified by the OpenPGP protocol.
> GnuPG will ask you to input your passphrase to unlock your keypair, because GnuPG need to convert
> the secret key's format from its internal protection format to the one specified by the OpenPGP
> protocol.
```bash
# replace the key ID with your own sec key's ID
@@ -416,16 +447,20 @@ Old: Secret Key Packet(tag 5)(134 bytes)
Hash alg - SHA1(hash 2)
Salt - 8c 78 58 c0 87 83 8c 2c
Count - 65011712(coded count 255)
IV - xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx
IV - xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx
Encrypted EdDSA x
Encrypted SHA1 hash
...
```
As [Predictable, Passphrase-Derived PGP Keys][Predictable, Passphrase-Derived PGP Keys] says, we'll find that gpg ignored the `--s2k-count` option we specified when generating the keypair, and the `--s2k` related options we specified in `~/.gnupg/gpg.conf`,
the exported primary key is protectd by `SHA1` and `AES128`, which is not secure enough!
As [Predictable, Passphrase-Derived PGP Keys][Predictable, Passphrase-Derived PGP Keys] says, we'll
find that gpg ignored the `--s2k-count` option we specified when generating the keypair, and the
`--s2k` related options we specified in `~/.gnupg/gpg.conf`, the exported primary key is protectd by
`SHA1` and `AES128`, which is not secure enough!
So to increase the security of the exported primary key, we need to encrypt it again with a stronger algorithm, I choose `age` here(which use `scrypt` to encrypt the file key with a provided passphrase):
So to increase the security of the exported primary key, we need to encrypt it again with a stronger
algorithm, I choose `age` here(which use `scrypt` to encrypt the file key with a provided
passphrase):
```bash
# for simplicity, use the same passphrase as your gpg keypair here
@@ -446,11 +481,14 @@ age --passphrase -o ryan4yin-gpg-subkeys.priv.age ryan4yin-gpg-subkeys.priv
rm ryan4yin-gpg-subkeys.priv
```
Your can import the exported Private Key via `gpg --import <keyfile>` to restore it, but you need to decrypt it via age first.
Your can import the exported Private Key via `gpg --import <keyfile>` to restore it, but you need to
decrypt it via age first.
As for Public Keys, please import your publicKeys via Home Manager's `programs.gpg.publicKeys` option, DO NOT import it manually(via `gpg --import <keyfile>`).
As for Public Keys, please import your publicKeys via Home Manager's `programs.gpg.publicKeys`
option, DO NOT import it manually(via `gpg --import <keyfile>`).
To ensure security, delete the master key and revoke the certificate immediately after the backup is completed:
To ensure security, delete the master key and revoke the certificate immediately after the backup is
completed:
```bash
# delete the primary key and all its sub keys
@@ -522,7 +560,8 @@ gpg --decrypt <file>
gpg -d <file>
```
If you just want to encrypt/decrypt a file quickly, you can use `age` with a passphrase, `gpg` can also do this, but it's not recommended(as age(scrypt)'s more secure):
If you just want to encrypt/decrypt a file quickly, you can use `age` with a passphrase, `gpg` can
also do this, but it's not recommended(as age(scrypt)'s more secure):
```bash
# Encrypt a file via symmetric encryption(AES256), and output cleartext.
@@ -538,27 +577,41 @@ gpg -d <file>
### 7. Public Key Exchange & Revocation
In the case of many users, it is very difficult to exchange public keys securely and reliably with each other.
In the Web world, There is a **Chain of Trust**** to resolve this problem:
In the case of many users, it is very difficult to exchange public keys securely and reliably with
each other. In the Web world, There is a **Chain of Trust\*\*** to resolve this problem:
- A Certificate Authority(CA) is responsible to verify & sign all the certificate signing request.
- Web Server can safely transmit its Web Certificate to the client via TLS protocol.
- Client can verify the recevied Web Certificate via the CA's root certificate(which is built in Browser/OS).
- Client can verify the received Web Certificate via the CA's root certificate(which is built in
Browser/OS).
But in OpenPGP:
- There is key servers to distribute(exchange) public keys, but it **do not verify the identity of the key owner**, and any uploaded data is **not allowed to be deleted**. Which make it **insecure and dangerous**.
- There is key servers to distribute(exchange) public keys, but it **do not verify the identity of
the key owner**, and any uploaded data is **not allowed to be deleted**. Which make it **insecure
and dangerous**.
- Why key server is dangerous?
- Many PGP novices follow various tutorials to upload various key with personal privacy (such as real names) to the public key server, and then find that they can't delete them, which is very embarrassing.
- Anyone can upload a key to the key server, and claim that it is the key of a certain person(such as Linus), which is very insecure.
- Many PGP novices follow various tutorials to upload various key with personal privacy (such as
real names) to the public key server, and then find that they can't delete them, which is very
embarrassing.
- Anyone can upload a key to the key server, and claim that it is the key of a certain
person(such as Linus), which is very insecure.
- **key server** is not recommend to use.
- GnuPG will generate revocation certificate when generating keypair(`~/.gnupg/private-keys-v1.d/<Key-ID.rev>`), anyone can import this certificate to revoke the keypair. But OpenPGP standard **DO NOT provide a way to distribute this certificate to others**.
- GnuPG will generate revocation certificate when generating
keypair(`~/.gnupg/private-keys-v1.d/<Key-ID.rev>`), anyone can import this certificate to revoke
the keypair. But OpenPGP standard **DO NOT provide a way to distribute this certificate to
others**.
- Not to mention some key status query protocol like OCSP in Web PKI.
- Users has to pulish their revocation certificate to their blog, github profile or somewhere else, and others has to check it and run `gpg --import <revocation-certificate>` to revoke the keypair manually.
- Users has to pulish their revocation certificate to their blog, github profile or somewhere
else, and others has to check it and run `gpg --import <revocation-certificate>` to revoke the
keypair manually.
In summary, **there is no good way to distribute public keys and revoke them in OpenPGP**, which is a big problem.
In summary, **there is no good way to distribute public keys and revoke them in OpenPGP**, which is
a big problem.
Currently, You have to distribute your public key or revocation certificate via your blog, github profile, or somewhere else, and others has to check it and run `gpg --import` to import your public key or revocation certificate manually.
Currently, You have to distribute your public key or revocation certificate via your blog, github
profile, or somewhere else, and others has to check it and run `gpg --import` to import your public
key or revocation certificate manually.
Anyway, let's try to revoke a keypair:
@@ -615,7 +668,8 @@ STuJCp+gru6OtbTCu8Y2LugQeDh7UicM7Ak=
-----END PGP PUBLIC KEY BLOCK-----
```
As the revocation certificate says, we need to remove the first colon(`:`) before the 5 dashes(`-----BEGIN PGP PUBLIC KEY BLOCK-----`), then import it:
As the revocation certificate says, we need to remove the first colon(`:`) before the 5
dashes(`-----BEGIN PGP PUBLIC KEY BLOCK-----`), then import it:
```bash
gpg --import gpg-test-revoke.rev
@@ -646,7 +700,8 @@ gpg: 9E78E897B6490D6B: skipped: Unusable public key
gpg: README.md: encryption failed: Unusable public key
```
But if you delete the `trustdb.gpg` and `pubring.kbx`, then import the revoked public key again, it will be valid and usable again... which is very dangerous.
But if you delete the `trustdb.gpg` and `pubring.kbx`, then import the revoked public key again, it
will be valid and usable again... which is very dangerous.
## References
@@ -654,7 +709,8 @@ But if you delete the `trustdb.gpg` and `pubring.kbx`, then import the revoked p
- [Predictable, Passphrase-Derived PGP Keys][Predictable, Passphrase-Derived PGP Keys]
- [OpenPGP - The almost perfect key pair][OpenPGP - The almost perfect key pair]
[2021年用更现代的方法使用PGP]: https://ulyc.github.io/2021/01/13/2021%E5%B9%B4-%E7%94%A8%E6%9B%B4%E7%8E%B0%E4%BB%A3%E7%9A%84%E6%96%B9%E6%B3%95%E4%BD%BF%E7%94%A8PGP-%E4%B8%8A/
[2021年用更现代的方法使用PGP]:
https://ulyc.github.io/2021/01/13/2021%E5%B9%B4-%E7%94%A8%E6%9B%B4%E7%8E%B0%E4%BB%A3%E7%9A%84%E6%96%B9%E6%B3%95%E4%BD%BF%E7%94%A8PGP-%E4%B8%8A/
[Predictable, Passphrase-Derived PGP Keys]: https://nullprogram.com/blog/2019/07/10/
[OpenPGP - The almost perfect key pair]: https://blog.eleven-labs.com/en/openpgp-almost-perfect-key-pair-part-1/
[OpenPGP - The almost perfect key pair]:
https://blog.eleven-labs.com/en/openpgp-almost-perfect-key-pair-part-1/

55
home/base/tui/password-store/README.md
View File

@@ -16,32 +16,31 @@ To ensure security, we should change the GPG key every two or three years. Here
3. Update `./default.nix` to use the new GPG sub keys.
4. Check which Key `pass` currently uses:
```bash
cd ~/.local/share/password-store/
# check which key is used by pass
cat .gpg-id
# check which key is really used to encrypt the password
gpg --list-packets path/to/any/password.gpg
```
4. Change the key used by `pass`:
```bash
# change the key used by pass, see `man pass` for more details
# you will be asked to enter the password of both the new and old keys
# then pass will re-encrypt all the passwords with the new key
pass init <new-key-id>
```
5. Check if the key is changed:
```bash
# check which key is used by pass
cat .gpg-id
# check which key is really used to encrypt the password
gpg --list-packets path/to/any/password.gpg
```
6. Delete the old GPG key pair:
```bash
# delete the old key pair
gpg --delete-secret-keys <old-key-id>
gpg --delete-keys <old-key-id>
```
```bash
cd ~/.local/share/password-store/
# check which key is used by pass
cat .gpg-id
# check which key is really used to encrypt the password
gpg --list-packets path/to/any/password.gpg
```
5. Change the key used by `pass`:
```bash
# change the key used by pass, see `man pass` for more details
# you will be asked to enter the password of both the new and old keys
# then pass will re-encrypt all the passwords with the new key
pass init <new-key-id>
```
6. Check if the key is changed:
```bash
# check which key is used by pass
cat .gpg-id
# check which key is really used to encrypt the password
gpg --list-packets path/to/any/password.gpg
```
7. Delete the old GPG key pair:
```bash
# delete the old key pair
gpg --delete-secret-keys <old-key-id>
gpg --delete-keys <old-key-id>
```

48
home/base/tui/zellij/README.md
View File

@@ -1,32 +1,39 @@
# Zellij - A workspace lives in your terminal
Zellij is a terminal workspace with batteries included.
At its core, it is a terminal multiplexer (similar to tmux and screen), but this is merely its infrastructure layer.
Zellij is a terminal workspace with batteries included. At its core, it is a terminal multiplexer
(similar to tmux and screen), but this is merely its infrastructure layer.
Zellij is very user-friendly and easy to use, with a step-by-step hint system that will help you get to know the keybindings, which is very like the Neovim or helix.
Zellij is very user-friendly and easy to use, with a step-by-step hint system that will help you get
to know the keybindings, which is very like the Neovim or helix.
> By contrast, tmux's key design is counterintuitive, there is no prompt system, and the plug-in performance is rubbish. It's really a pain to use.
> tmux's inital release was in 2007, it's too old, I would recommend any users that do not have a experience with multiplexer to use zellij instead of tmux.
> By contrast, tmux's key design is counterintuitive, there is no prompt system, and the plug-in
> performance is rubbish. It's really a pain to use. tmux's initial release was in 2007, it's too
> old, I would recommend any users that do not have a experience with multiplexer to use zellij
> instead of tmux.
## Why use zellij as the detault terminal environment?
## Why use zellij as the default terminal environment?
By auto start zellij on shell login, and exit the shell session on zellij exit, we can use zellij as the default terminal environment.
By auto start zellij on shell login, and exit the shell session on zellij exit, we can use zellij as
the default terminal environment.
By this way, We will only use the most basic features of the terminal emulator(kitty/alacritty/wezterm/...),
while most of the functions of terminal are provided by zellij.
Thus we can easily switch to any terminal emulator without losing any key functions,
and do not need to take care of the differences between different terminal emulators.
By this way, We will only use the most basic features of the terminal
emulator(kitty/alacritty/wezterm/...), while most of the functions of terminal are provided by
zellij. Thus we can easily switch to any terminal emulator without losing any key functions, and do
not need to take care of the differences between different terminal emulators.
And Zellij can be used not only locally, but also on any remote server, which is very convenient. Learn once and use everywhere!
And Zellij can be used not only locally, but also on any remote server, which is very convenient.
Learn once and use everywhere!
> Yeah, you didn't misread it, zellij is very suitable for not only remotely, but also locally!
Some features such as search/copy/scrollback in different terminal emulators are implemented in different ways, and has different user experience.
For example, Wezterm's default search function is very basic, and it's not easy to use. Kitty's scrollback search/copy is really tricky to use.
As for some Editor such as Neovim, its intergrated terminal is really useful, but zellij is more powerful and useful than it, and more stable!
Zellij overcomes these problems, and provides a unified user experience for all terminal emulators!
Some features such as search/copy/scrollback in different terminal emulators are implemented in
different ways, and has different user experience. For example, Wezterm's default search function is
very basic, and it's not easy to use. Kitty's scrollback search/copy is really tricky to use. As for
some Editor such as Neovim, its integrated terminal is really useful, but zellij is more powerful
and useful than it, and more stable! Zellij overcomes these problems, and provides a unified user
experience for all terminal emulators!
Teminal emulators should only be responsible for displaying characters.
Terminal emulators should only be responsible for displaying characters.
## Passthrough mode(Lock Mode)
@@ -34,6 +41,7 @@ Teminal emulators should only be responsible for displaying characters.
It's extremely useful when you want to:
1. Use zellij locally for daily work, and use a remote zellij via ssh to do some work on the remote server.
1. To avoid the key conflicts between zellij and the program running in the terminal, such as vim, tmux, etc.
1. Use zellij locally for daily work, and use a remote zellij via ssh to do some work on the remote
server.
1. To avoid the key conflicts between zellij and the program running in the terminal, such as vim,
tmux, etc.

1
home/darwin/README.md
View File

@@ -4,4 +4,3 @@
2. `shell.nix`: shell related.
3. `rime-squirrel.nix`: [rime-squirrel](https://github.com/rime/squirrel)'s configuration.
4. `default.nix`: the entrypoint of darwin's configuration, it import all the submodules above.

10
home/linux/README.md
View File

@@ -2,7 +2,9 @@
1. `base`: The base module that is suitable for any NixOS environment.
2. `desktop`: Configuration for desktop environments, such as Hyprland, I3, etc.
6. `server.nix`: Configuration which is suitable for both servers and desktops. It import only `base` as its submodule.
1. used by all my nixos servers.
7. `desktop.nix`: the entrypoint of desktop's configuration, it import both `base` and `desktop` as its submodules.
1. used by all my nixos desktops.
3. `server.nix`: Configuration which is suitable for both servers and desktops. It import only
`base` as its submodule.
1. used by all my nixos servers.
4. `desktop.nix`: the entrypoint of desktop's configuration, it import both `base` and `desktop` as
its submodules.
1. used by all my nixos desktops.

16
home/linux/desktop/README.md
View File

@@ -1,16 +1,18 @@
# Desktop Related
3. `base`: all common configurations for all desktops.
4. `hyprland`: Hyprland's configuration.
5. `i3`: i3's configuration.
## Why install I3/Hyprland in Home Manager instead of a NixOS Module?
1. I3 & Hyprland's configuration file is located in `~/.config`, which can be easily managed by Home Manager.
2. I have many user-specific systemd servcies, such gammastep, wallpaper-switcher, etc. Which can be easily managed by Home Manager, but if we add i3/hyprland in a NixOS Module, those user-level services may failed to start automatically. With i3/hyprland in a Home Manager Module, we can control their systemd service's dependent order more easily, so we can avoid issues like this.
1. I3 & Hyprland's configuration file is located in `~/.config`, which can be easily managed by Home
Manager.
2. I have many user-specific systemd services, such gammastep, wallpaper-switcher, etc. Which can be
easily managed by Home Manager, but if we add i3/hyprland in a NixOS Module, those user-level
services may failed to start automatically. With i3/hyprland in a Home Manager Module, we can
control their systemd service's dependent order more easily, so we can avoid issues like this.
3. By install packages as less as possible in NixOS Module, we can:
1. Make the NixOS system more secure and stable.
2. Make this flake more portable to other non-NixOS systems, as home-manager can be installed on any Linux system.
1. Make the NixOS system more secure and stable.
2. Make this flake more portable to other non-NixOS systems, as home-manager can be installed on
any Linux system.

189
home/linux/desktop/hyprland/conf/waybar/config.jsonc
View File

@@ -2,15 +2,8 @@
"position": "top",
"layer": "top",
"modules-left": [
"custom/launcher",
"temperature",
"backlight",
"hyprland/workspaces"
],
"modules-center": [
"custom/playerctl"
],
"modules-left": ["custom/launcher", "temperature", "backlight", "hyprland/workspaces"],
"modules-center": ["custom/playerctl"],
"modules-right": [
"mpd",
"pulseaudio",
@@ -21,7 +14,7 @@
"clock",
"idle_inhibitor",
"custom/powermenu",
"tray"
"tray",
],
"hyprland/workspaces": {
"format": "{icon}",
@@ -38,8 +31,8 @@
"9": "",
"10": "",
"focused": "",
"default": ""
}
"default": "",
},
},
"clock": {
@@ -48,137 +41,123 @@
"rotate": 0,
"tooltip-format": "<big>{:%B %Y}</big>\n<tt><small>{calendar}</small></tt>",
"format": " {:%H:%M}",
"format-alt": " {:%a %b %d, %G}"
"format-alt": " {:%a %b %d, %G}",
},
"cpu": {
"format": "\udb80\udf5b {usage}%",
"interval": 1,
"on-click-middle": "kitty btop",
"on-click-right": "kitty btop"
"on-click-right": "kitty btop",
},
"custom/launcher": {
"format": "\uf313 ",
"on-click": "$HOME/.config/hypr/scripts/menu",
"on-click-middle": "exec default_wall",
"on-click-right": "exec wallpaper_random",
"tooltip": false
"tooltip": false,
},
"custom/powermenu": {
"format": "\uf011",
"on-click": "$HOME/.config/hypr/scripts/wlogout",
"tooltip": false
"tooltip": false,
},
"idle_inhibitor": {
"format": "{icon}",
"format-icons": {
"activated": "\uf06e",
"deactivated": "\uf070"
"deactivated": "\uf070",
},
"tooltip": false
"tooltip": false,
},
"memory": {
"format": "\udb83\udee0 {percentage}%",
"interval": 1,
"states": {
"warning": 85
}
"warning": 85,
},
},
"mpd": {
"interval": 2,
"unknown-tag": "N/A",
"format": "{stateIcon} {artist} - {title}",
"format-disconnected": " Disconnected",
"format-paused": "{stateIcon} {artist} - {title}",
"format-stopped": "Stopped ",
"state-icons": {
"paused": "",
"playing": ""
},
"tooltip-format": "MPD (connected)",
"tooltip-format-disconnected": "MPD (disconnected)",
// Commands to execute on events
"on-click": "mpc toggle",
"on-click-middle": "mpc prev",
"on-click-right": "mpc next",
"on-update": "",
"on-scroll-up": "mpc seek +00:00:01",
"on-scroll-down": "mpc seek -00:00:01",
"smooth-scrolling-threshold": 1
"interval": 2,
"unknown-tag": "N/A",
"format": "{stateIcon} {artist} - {title}",
"format-disconnected": " Disconnected",
"format-paused": "{stateIcon} {artist} - {title}",
"format-stopped": "Stopped ",
"state-icons": {
"paused": "",
"playing": "",
},
"tooltip-format": "MPD (connected)",
"tooltip-format-disconnected": "MPD (disconnected)",
// Commands to execute on events
"on-click": "mpc toggle",
"on-click-middle": "mpc prev",
"on-click-right": "mpc next",
"on-update": "",
"on-scroll-up": "mpc seek +00:00:01",
"on-scroll-down": "mpc seek -00:00:01",
"smooth-scrolling-threshold": 1,
},
"custom/playerctl": {
"format": "{icon} <span>{}</span>",
"return-type": "json",
"max-length": 55,
"exec": "playerctl -a metadata --format '{\"text\": \" {{markup_escape(title)}}\", \"tooltip\": \"{{playerName}} : {{markup_escape(title)}}\", \"alt\": \"{{status}}\", \"class\": \"{{status}}\"}' -F",
"on-click-middle": "playerctl previous",
"on-click": "playerctl play-pause",
"on-click-right": "playerctl next",
"format-icons": {
"Paused": "<span foreground='#6dd9d9'></span>",
"Playing": "<span foreground='#82db97'></span>"
}
"format": "{icon} <span>{}</span>",
"return-type": "json",
"max-length": 55,
"exec": "playerctl -a metadata --format '{\"text\": \" {{markup_escape(title)}}\", \"tooltip\": \"{{playerName}} : {{markup_escape(title)}}\", \"alt\": \"{{status}}\", \"class\": \"{{status}}\"}' -F",
"on-click-middle": "playerctl previous",
"on-click": "playerctl play-pause",
"on-click-right": "playerctl next",
"format-icons": {
"Paused": "<span foreground='#6dd9d9'></span>",
"Playing": "<span foreground='#82db97'></span>",
},
},
"network": {
"interval": 5,
//"interface": "wlan*", // (Optional) To force the use of this interface, set it for netspeed to work
"format-wifi": " {essid}",
"format-ethernet": " {ipaddr}/{cidr}",
"format-linked": " {ifname} (No IP)",
"format-disconnected": "睊 Disconnected",
"format-disabled": "睊 Disabled",
"format-alt": " {bandwidthUpBytes} |  {bandwidthDownBytes}",
"tooltip-format": " {ifname} via {gwaddr}",
"on-click-middle": "nm-connection-editor",
"on-click-right": "kitty nmtui"
"interval": 5,
//"interface": "wlan*", // (Optional) To force the use of this interface, set it for netspeed to work
"format-wifi": " {essid}",
"format-ethernet": " {ipaddr}/{cidr}",
"format-linked": " {ifname} (No IP)",
"format-disconnected": "睊 Disconnected",
"format-disabled": "睊 Disabled",
"format-alt": " {bandwidthUpBytes} |  {bandwidthDownBytes}",
"tooltip-format": " {ifname} via {gwaddr}",
"on-click-middle": "nm-connection-editor",
"on-click-right": "kitty nmtui",
},
"pulseaudio": {
//"format": "{volume}% {icon} {format_source}",
"format": "{icon} {volume}%",
"format-muted": " Mute",
"format-bluetooth": " {volume}% {format_source}",
"format-bluetooth-muted": " Mute",
"format-source": " {volume}%",
"format-source-muted": "",
"format-icons": {
"headphone": "",
"hands-free": "",
"headset": "",
"phone": "",
"portable": "",
"car": "",
"default": [
"",
"",
""
]
},
"scroll-step": 5.0,
// Commands to execute on events
"on-click": "amixer set Master toggle",
"on-click-right": "pavucontrol",
"smooth-scrolling-threshold": 1,
//"format": "{volume}% {icon} {format_source}",
"format": "{icon} {volume}%",
"format-muted": " Mute",
"format-bluetooth": " {volume}% {format_source}",
"format-bluetooth-muted": " Mute",
"format-source": " {volume}%",
"format-source-muted": "",
"format-icons": {
"headphone": "",
"hands-free": "",
"headset": "",
"phone": "",
"portable": "",
"car": "",
"default": ["", "", ""],
},
"scroll-step": 5.0,
// Commands to execute on events
"on-click": "amixer set Master toggle",
"on-click-right": "pavucontrol",
"smooth-scrolling-threshold": 1,
},
"temperature": {
"format": "\uf2c9 {temperatureC}\u00b0C",
"tooltip": false
"tooltip": false,
},
"backlight": {
"format": "{icon} {percent}%",
"format-icons": [
"",
"",
"",
"",
"",
"",
"",
"",
""
]
"format-icons": ["", "", "", "", "", "", "", "", ""],
},
"tray": {
"icon-size": 15,
"spacing": 5
"spacing": 5,
},
"battery": {
"bat": "BAT0",
@@ -186,7 +165,7 @@
"interval": 60,
"states": {
"warning": 30,
"critical": 15
"critical": 15,
},
"max-length": 20,
"format": "{icon} {capacity}%",
@@ -196,12 +175,6 @@
"format-plugged": " {capacity}%",
"format-alt": "{icon} {time}",
"format-full": " {capacity}%",
"format-icons": [
" ",
" ",
" ",
" ",
" "
]
"format-icons": [" ", " ", " ", " ", " "],
},
}

2
home/linux/desktop/hyprland/conf/waybar/mocha.css
View File

@@ -36,5 +36,3 @@
@define-color pink #f5c2e7;
@define-color flamingo #f2cdcd;
@define-color rosewater #f5e0dc;

45
home/linux/desktop/hyprland/conf/wlogout/style.css
View File

@@ -1,52 +1,57 @@
/** ********** Fonts ********** **/
* {
font-family: "JetBrains Mono", "Iosevka Nerd Font", sans-serif;
font-size: 14px;
font-weight: bold;
font-family: "JetBrains Mono", "Iosevka Nerd Font", sans-serif;
font-size: 14px;
font-weight: bold;
}
/** ********** Main Window ********** **/
window {
background-color: #1E1E2E;
background-color: #1e1e2e;
}
/** ********** Buttons ********** **/
button {
background-color: #242434;
color: #FFFFFF;
border: 2px solid #282838;
border-radius: 20px;
background-repeat: no-repeat;
background-position: center;
background-size: 35%;
background-color: #242434;
color: #ffffff;
border: 2px solid #282838;
border-radius: 20px;
background-repeat: no-repeat;
background-position: center;
background-size: 35%;
}
button:focus, button:active, button:hover {
background-color: #89B4FA;
outline-style: none;
button:focus,
button:active,
button:hover {
background-color: #89b4fa;
outline-style: none;
}
/** ********** Icons ********** **/
#lock {
background-image: image(url("icons/lock.png"), url("/usr/share/wlogout/icons/lock.png"));
background-image: image(url("icons/lock.png"), url("/usr/share/wlogout/icons/lock.png"));
}
#logout {
background-image: image(url("icons/logout.png"), url("/usr/share/wlogout/icons/logout.png"));
background-image: image(url("icons/logout.png"), url("/usr/share/wlogout/icons/logout.png"));
}
#suspend {
background-image: image(url("icons/suspend.png"), url("/usr/share/wlogout/icons/suspend.png"));
background-image: image(url("icons/suspend.png"), url("/usr/share/wlogout/icons/suspend.png"));
}
#hibernate {
background-image: image(url("icons/hibernate.png"), url("/usr/share/wlogout/icons/hibernate.png"));
background-image: image(
url("icons/hibernate.png"),
url("/usr/share/wlogout/icons/hibernate.png")
);
}
#shutdown {
background-image: image(url("icons/shutdown.png"), url("/usr/share/wlogout/icons/shutdown.png"));
background-image: image(url("icons/shutdown.png"), url("/usr/share/wlogout/icons/shutdown.png"));
}
#reboot {
background-image: image(url("icons/reboot.png"), url("/usr/share/wlogout/icons/reboot.png"));
background-image: image(url("icons/reboot.png"), url("/usr/share/wlogout/icons/reboot.png"));
}

3
home/linux/desktop/i3/conf/scripts/README.md
View File

@@ -1,3 +1,4 @@
# Scripts for I3 Blocks
Mostly copy from [i3blocks-contrib](https://github.com/vivien/i3blocks-contrib), the Official repository for community contributed blocklets.
Mostly copy from [i3blocks-contrib](https://github.com/vivien/i3blocks-contrib), the Official
repository for community contributed blocklets.