From 50d9301e134910f7b6c58378540b9ad0740ee6b6 Mon Sep 17 00:00:00 2001 From: Ryan Yin Date: Wed, 20 Dec 2023 12:03:37 +0800 Subject: [PATCH] feat: migrate capptuccin themes into my nur-packages, add nix's access-tokens into secrets --- flake.lock | 309 ++++++++------------- flake.nix | 49 +--- home/base/desktop/container/kubernetes.nix | 5 +- home/base/desktop/helix.nix | 4 +- home/base/desktop/terminal/alacritty.nix | 4 +- home/base/server/bat.nix | 8 +- home/base/server/btop.nix | 8 +- home/base/server/starship.nix | 8 +- home/linux/desktop/media.nix | 4 +- home/linux/hyprland/default.nix | 4 +- modules/base.nix | 13 +- secrets/README.md | 3 +- secrets/darwin.nix | 6 + 13 files changed, 171 insertions(+), 254 deletions(-) diff --git a/flake.lock b/flake.lock index 81984936..47985915 100644 --- a/flake.lock +++ b/flake.lock @@ -9,17 +9,17 @@ ] }, "locked": { - "lastModified": 1689334118, - "narHash": "sha256-djk5AZv1yU84xlKFaVHqFWvH73U7kIRstXwUAnDJPsk=", + "lastModified": 1694733633, + "narHash": "sha256-/o/OubAsPMbxqru59tLlWzUI7LBNDaoW4rFwQ2Smxcg=", "owner": "ryantm", "repo": "agenix", - "rev": "0d8c5325fc81daf00532e3e26c6752f7bcde1143", + "rev": "54693c91d923fecb4cf04c4535e3d84f8dec7919", "type": "github" }, "original": { "owner": "ryantm", "repo": "agenix", - "rev": "0d8c5325fc81daf00532e3e26c6752f7bcde1143", + "rev": "54693c91d923fecb4cf04c4535e3d84f8dec7919", "type": "github" } }, @@ -61,150 +61,6 @@ "type": "github" } }, - "catppuccin-alacritty": { - "flake": false, - "locked": { - "lastModified": 1664239314, - "narHash": "sha256-w9XVtEe7TqzxxGUCDUR9BFkzLZjG8XrplXJ3lX6f+x0=", - "owner": "catppuccin", - "repo": "alacritty", - "rev": "3c808cbb4f9c87be43ba5241bc57373c793d2f17", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "alacritty", - "type": "github" - } - }, - "catppuccin-bat": { - "flake": false, - "locked": { - "lastModified": 1668065083, - "narHash": "sha256-6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=", - "owner": "catppuccin", - "repo": "bat", - "rev": "ba4d16880d63e656acced2b7d4e034e4a93f74b1", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "bat", - "type": "github" - } - }, - "catppuccin-btop": { - "flake": false, - "locked": { - "lastModified": 1696688295, - "narHash": "sha256-jodJl4f2T9ViNqsY9fk8IV62CrpC5hy7WK3aRpu70Cs=", - "owner": "catppuccin", - "repo": "btop", - "rev": "c6469190f2ecf25f017d6120bf4e050e6b1d17af", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "btop", - "type": "github" - } - }, - "catppuccin-cava": { - "flake": false, - "locked": { - "lastModified": 1665489380, - "narHash": "sha256-hYC6ExtroRy2UoxGNHAzKm9MlTdJSegUWToat4VoN20=", - "owner": "catppuccin", - "repo": "cava", - "rev": "ad3301b50786e22e31cbf4316985827d6f05845e", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "cava", - "type": "github" - } - }, - "catppuccin-fcitx5": { - "flake": false, - "locked": { - "lastModified": 1664946380, - "narHash": "sha256-uFaCbyrEjv4oiKUzLVFzw+UY54/h7wh2cntqeyYwGps=", - "owner": "catppuccin", - "repo": "fcitx5", - "rev": "ce244cfdf43a648d984719fdfd1d60aab09f5c97", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "fcitx5", - "type": "github" - } - }, - "catppuccin-helix": { - "flake": false, - "locked": { - "lastModified": 1697816303, - "narHash": "sha256-qEXhj/Mpm+aqThqEq5DlPJD8nsbPov9CNMgG9s4E02g=", - "owner": "catppuccin", - "repo": "helix", - "rev": "8313c7250fcbbb22c6680db332669073ec6b28c2", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "helix", - "type": "github" - } - }, - "catppuccin-hyprland": { - "flake": false, - "locked": { - "lastModified": 1702668781, - "narHash": "sha256-9BhZq9J1LmHfAPBqOr64chiAEzS+YV6zqe9ma95V3no=", - "owner": "catppuccin", - "repo": "hyprland", - "rev": "fc228737d3d0c12e34a7fa155a0fc3192e5e4017", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "hyprland", - "type": "github" - } - }, - "catppuccin-starship": { - "flake": false, - "locked": { - "lastModified": 1689246850, - "narHash": "sha256-nsRuxQFKbQkyEI4TXgvAjcroVdG+heKX5Pauq/4Ota0=", - "owner": "catppuccin", - "repo": "starship", - "rev": "5629d2356f62a9f2f8efad3ff37476c19969bd4f", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "starship", - "type": "github" - } - }, - "cattppuccin-k9s": { - "flake": false, - "locked": { - "lastModified": 1690140445, - "narHash": "sha256-PtBJRBNbLkj7D2ko7ebpEjbfK9Ywjs7zbE+Y8FQVEfA=", - "owner": "catppuccin", - "repo": "k9s", - "rev": "516f44dd1a6680357cb30d96f7e656b653aa5059", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "k9s", - "type": "github" - } - }, "crane": { "inputs": { "flake-compat": [ @@ -356,6 +212,24 @@ "inputs": { "systems": "systems_3" }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_4" + }, "locked": { "lastModified": 1685518550, "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", @@ -393,6 +267,28 @@ } }, "gitignore_2": { + "inputs": { + "nixpkgs": [ + "nixos-rk3588", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_3": { "inputs": { "nixpkgs": [ "pre-commit-hooks", @@ -441,11 +337,11 @@ ] }, "locked": { - "lastModified": 1702676849, - "narHash": "sha256-XqcREaTS38/QOsN8fk8PP325/UXHyF9enbP5ZPw5aiA=", + "lastModified": 1702814678, + "narHash": "sha256-zDtO0jV2QLoddUJinLlTQrQqCUW3dPiIWOSYgg98T7E=", "owner": "nix-community", "repo": "home-manager", - "rev": "aa99c2f4e9847cbb7e46fac0844ea1eb164b3b3a", + "rev": "1488651d02c1a7a15e284210f0d380a62d8d8cef", "type": "github" }, "original": { @@ -507,11 +403,11 @@ }, "impermanence": { "locked": { - "lastModified": 1697303681, - "narHash": "sha256-caJ0rXeagaih+xTgRduYtYKL1rZ9ylh06CIrt1w5B4g=", + "lastModified": 1702984171, + "narHash": "sha256-reIUBrUXibohXmvXRsgpvtlCE0QQSvWSA+qQCKohgR0=", "owner": "nix-community", "repo": "impermanence", - "rev": "0f317c2e9e56550ce12323eb39302d251618f5b5", + "rev": "123e94200f63952639492796b8878e588a4a2851", "type": "github" }, "original": { @@ -567,10 +463,10 @@ "mysecrets": { "flake": false, "locked": { - "lastModified": 1692380165, - "narHash": "sha256-+vas7ICp7rl9mN2wPIRFkMsTyoDcMM62CV/+BT1rVY0=", + "lastModified": 1703047359, + "narHash": "sha256-Wx4rpa+oTPMRgUcUkhUq4oKBvvPZR+4U1YMnRB6rAQU=", "ref": "refs/heads/main", - "rev": "3ef4106d1b2432a68704e90449a04615c5e7ebaa", + "rev": "4126e1894fbc8a2ce260def885dcc6ad558a52ca", "shallow": true, "type": "git", "url": "ssh://git@github.com/ryan4yin/nix-secrets.git" @@ -658,15 +554,17 @@ }, "nixos-rk3588": { "inputs": { + "flake-utils": "flake-utils_2", "mesa-panfork": "mesa-panfork", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1694350741, - "narHash": "sha256-vXGHGjmNC7FHjIHdWGQLRg6tixdS7X8AIjq8K5c75aA=", + "lastModified": 1703010942, + "narHash": "sha256-YYNCF1cnVyQk6OPVnwyvpeg3brwS/ICRGAvFwe2RCZc=", "owner": "ryan4yin", "repo": "nixos-rk3588", - "rev": "50eda9b82b25cb457625b3a5b06a8f8c08644c5f", + "rev": "fce637ae61bc0fce3c68c39c117d08bcc8e2bedf", "type": "github" }, "original": { @@ -693,11 +591,11 @@ }, "nixpkgs-darwin": { "locked": { - "lastModified": 1702424505, - "narHash": "sha256-Mj4Unppuzd05/JFrTQ+i/8+td0MRnaHpp+hInzkAo2A=", + "lastModified": 1702982572, + "narHash": "sha256-IlpMK/1fNRgGzcMr5KUfyBDqoviyIAqTPA2dsWL/jT4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a46b965ea7d1b9587a46f91adfdbac29e56c9b87", + "rev": "ca145534ebd23811ba134772592fedc2f9a17a95", "type": "github" }, "original": { @@ -741,11 +639,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1702312524, - "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", + "lastModified": 1702830618, + "narHash": "sha256-lvhwIvRwhOLgzbRuYkqHy4M5cQHYs4ktL6/hyuBS6II=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a9bf124c46ef298113270b1f84a164865987a91c", + "rev": "91a00709aebb3602f172a0bf47ba1ef013e34835", "type": "github" }, "original": { @@ -773,11 +671,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1702346276, - "narHash": "sha256-eAQgwIWApFQ40ipeOjVSoK4TEHVd6nbSd9fApiHIw5A=", + "lastModified": 1702921762, + "narHash": "sha256-O/rP7gulApQAB47u6szEd8Pn8Biw0d84j5iuP2tcxzY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7", + "rev": "d02ffbbe834b5599fc5f134e644e49397eb07188", "type": "github" }, "original": { @@ -808,11 +706,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1701952536, - "narHash": "sha256-pKYooDFbWkN/DMhtiHNcsVcRMCZKsmETyarXWnz68kc=", + "lastModified": 1703048844, + "narHash": "sha256-uDF4s2Oz0eO53C7o6TcHtkm5w3QnnA7ImmaFpe9xYes=", "owner": "ryan4yin", "repo": "nur-packages", - "rev": "a6b5606740e24b70b37a1de3af5867af64e3cb75", + "rev": "5f13060c3ad4439d7700aa21b498d9192d6ef1b4", "type": "github" }, "original": { @@ -840,13 +738,22 @@ }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils_2", + "flake-compat": [ + "nixos-rk3588" + ], + "flake-utils": [ + "nixos-rk3588", + "flake-utils" + ], "gitignore": "gitignore_2", "nixpkgs": [ + "nixos-rk3588", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable_2" + "nixpkgs-stable": [ + "nixos-rk3588", + "nixpkgs" + ] }, "locked": { "lastModified": 1702456155, @@ -893,20 +800,35 @@ "type": "github" } }, + "pre-commit-hooks_2": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_3", + "gitignore": "gitignore_3", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1702456155, + "narHash": "sha256-I2XhXGAecdGlqi6hPWYT83AQtMgL+aa3ulA85RAEgOk=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "007a45d064c1c32d04e1b8a0de5ef00984c419bc", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", "anyrun": "anyrun", "astronvim": "astronvim", - "catppuccin-alacritty": "catppuccin-alacritty", - "catppuccin-bat": "catppuccin-bat", - "catppuccin-btop": "catppuccin-btop", - "catppuccin-cava": "catppuccin-cava", - "catppuccin-fcitx5": "catppuccin-fcitx5", - "catppuccin-helix": "catppuccin-helix", - "catppuccin-hyprland": "catppuccin-hyprland", - "catppuccin-starship": "catppuccin-starship", - "cattppuccin-k9s": "cattppuccin-k9s", "home-manager": "home-manager_2", "hyprland": "hyprland", "impermanence": "impermanence", @@ -921,7 +843,7 @@ "nixpkgs-unstable": "nixpkgs-unstable", "nur-ryan4yin": "nur-ryan4yin", "nushell-scripts": "nushell-scripts", - "pre-commit-hooks": "pre-commit-hooks", + "pre-commit-hooks": "pre-commit-hooks_2", "wallpapers": "wallpapers" } }, @@ -995,6 +917,21 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "thead-kernel": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index c1f7eb8c..12f82602 100644 --- a/flake.nix +++ b/flake.nix @@ -69,16 +69,11 @@ nixConfig = { # substituers will be appended to the default substituters when fetching packages extra-substituters = [ - "https://nix-community.cachix.org" - # my own cache server - "https://ryan4yin.cachix.org" "https://anyrun.cachix.org" "https://hyprland.cachix.org" # "https://nixpkgs-wayland.cachix.org" ]; extra-trusted-public-keys = [ - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "ryan4yin.cachix.org-1:Gbk27ZU5AYpGS9i3ssoLlwdvMIh0NxG0w8it/cv9kbU=" "anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" # "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" @@ -146,9 +141,9 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - # secrets management, lock with git commit at 2023/7/15 + # secrets management, lock with git commit at 0.14.0 agenix = { - url = "github:ryantm/agenix/0d8c5325fc81daf00532e3e26c6752f7bcde1143"; + url = "github:ryantm/agenix/54693c91d923fecb4cf04c4535e3d84f8dec7919"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -192,45 +187,5 @@ # aarch64 SBCs nixos-rk3588.url = "github:ryan4yin/nixos-rk3588"; - - ######################## Color Schemes ######################################### - - # color scheme - catppuccin - catppuccin-btop = { - url = "github:catppuccin/btop"; - flake = false; - }; - catppuccin-fcitx5 = { - url = "github:catppuccin/fcitx5"; - flake = false; - }; - catppuccin-bat = { - url = "github:catppuccin/bat"; - flake = false; - }; - catppuccin-alacritty = { - url = "github:catppuccin/alacritty"; - flake = false; - }; - catppuccin-helix = { - url = "github:catppuccin/helix"; - flake = false; - }; - catppuccin-starship = { - url = "github:catppuccin/starship"; - flake = false; - }; - catppuccin-hyprland = { - url = "github:catppuccin/hyprland"; - flake = false; - }; - catppuccin-cava = { - url = "github:catppuccin/cava"; - flake = false; - }; - cattppuccin-k9s = { - url = "github:catppuccin/k9s"; - flake = false; - }; }; } diff --git a/home/base/desktop/container/kubernetes.nix b/home/base/desktop/container/kubernetes.nix index 0a3b3ae2..c41a48b3 100644 --- a/home/base/desktop/container/kubernetes.nix +++ b/home/base/desktop/container/kubernetes.nix @@ -1,7 +1,6 @@ { pkgs, - pkgs-unstable, - cattppuccin-k9s, + nur-ryan4yin, ... }: { home.packages = with pkgs; [ @@ -13,7 +12,7 @@ k9s = { enable = true; skin = let - skin_file = "${cattppuccin-k9s}/dist/mocha.yml"; # theme - cattppuccin mocha + skin_file = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-k9s}/dist/mocha.yml"; # theme - catppuccin mocha skin_attr = builtins.fromJSON ( builtins.readFile # replace 'base: &base "#1e1e2e"' with 'base: &base "default"' diff --git a/home/base/desktop/helix.nix b/home/base/desktop/helix.nix index efac6a80..37bbdece 100644 --- a/home/base/desktop/helix.nix +++ b/home/base/desktop/helix.nix @@ -1,10 +1,10 @@ { pkgs, - catppuccin-helix, + nur-ryan4yin, ... }: { # https://github.com/catppuccin/helix - xdg.configFile."helix/themes".source = "${catppuccin-helix}/themes/default"; + xdg.configFile."helix/themes".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-helix}/themes/default"; programs.helix = { enable = true; diff --git a/home/base/desktop/terminal/alacritty.nix b/home/base/desktop/terminal/alacritty.nix index 6b1d79b0..ee865d5f 100644 --- a/home/base/desktop/terminal/alacritty.nix +++ b/home/base/desktop/terminal/alacritty.nix @@ -1,6 +1,6 @@ { pkgs, - catppuccin-alacritty, + nur-ryan4yin, ... }: ########################################################### @@ -24,7 +24,7 @@ # ########################################################### { - xdg.configFile."alacritty/theme_catppuccin.yml".source = "${catppuccin-alacritty}/catppuccin-mocha.yml"; + xdg.configFile."alacritty/theme_catppuccin.yml".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-alacritty}/catppuccin-mocha.yml"; programs.alacritty = { enable = true; }; diff --git a/home/base/server/bat.nix b/home/base/server/bat.nix index afcd127c..617085fd 100644 --- a/home/base/server/bat.nix +++ b/home/base/server/bat.nix @@ -1,4 +1,8 @@ -{catppuccin-bat, ...}: { +{ + pkgs, + nur-ryan4yin, + ... +}: { # a cat(1) clone with syntax highlighting and Git integration. programs.bat = { enable = true; @@ -9,7 +13,7 @@ themes = { # https://raw.githubusercontent.com/catppuccin/bat/main/Catppuccin-mocha.tmTheme catppuccin-mocha = { - src = catppuccin-bat; + src = nur-ryan4yin.packages.${pkgs.system}.catppuccin-bat; file = "Catppuccin-mocha.tmTheme"; }; }; diff --git a/home/base/server/btop.nix b/home/base/server/btop.nix index 6687f3c2..df8fde6d 100644 --- a/home/base/server/btop.nix +++ b/home/base/server/btop.nix @@ -1,6 +1,10 @@ -{catppuccin-btop, ...}: { +{ + pkgs, + nur-ryan4yin, + ... +}: { # https://github.com/catppuccin/btop/blob/main/themes/catppuccin_mocha.theme - home.file.".config/btop/themes".source = "${catppuccin-btop}/themes"; + home.file.".config/btop/themes".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-btop}/themes"; # replacement of htop/nmon programs.btop = { diff --git a/home/base/server/starship.nix b/home/base/server/starship.nix index 42040d5f..553ae2cd 100644 --- a/home/base/server/starship.nix +++ b/home/base/server/starship.nix @@ -1,4 +1,8 @@ -{catppuccin-starship, ...}: { +{ + pkgs, + nur-ryan4yin, + ... +}: { programs.starship = { enable = true; @@ -24,6 +28,6 @@ palette = "catppuccin_mocha"; } - // builtins.fromTOML (builtins.readFile "${catppuccin-starship}/palettes/mocha.toml"); + // builtins.fromTOML (builtins.readFile "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-starship}/palettes/mocha.toml"); }; } diff --git a/home/linux/desktop/media.nix b/home/linux/desktop/media.nix index 615f3bf8..87bdffc1 100644 --- a/home/linux/desktop/media.nix +++ b/home/linux/desktop/media.nix @@ -1,7 +1,7 @@ { pkgs, - catppuccin-cava, pkgs-unstable, + nur-ryan4yin, ... }: # media - control and enjoy audio/video @@ -28,7 +28,7 @@ '' # custom cava config '' - + builtins.readFile "${catppuccin-cava}/mocha.cava"; + + builtins.readFile "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-cava}/mocha.cava"; programs = { mpv = { diff --git a/home/linux/hyprland/default.nix b/home/linux/hyprland/default.nix index 6869e1cd..07fd2e46 100644 --- a/home/linux/hyprland/default.nix +++ b/home/linux/hyprland/default.nix @@ -2,7 +2,7 @@ lib, pkgs, hyprland, - catppuccin-hyprland, + nur-ryan4yin, ... }: { imports = [ @@ -40,7 +40,7 @@ recursive = true; }; xdg.configFile."hypr/themes" = { - source = "${catppuccin-hyprland}/themes"; + source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-hyprland}/themes"; recursive = true; }; diff --git a/modules/base.nix b/modules/base.nix index 713298df..31777060 100644 --- a/modules/base.nix +++ b/modules/base.nix @@ -1,9 +1,12 @@ { - pkgs, + config, lib, username, ... }: { + nix.extraOptions = '' + !include ${config.age.secrets.nix-access-tokens.path} + ''; nix.settings = { # enable flakes globally experimental-features = ["nix-command" "flakes"]; @@ -13,6 +16,7 @@ # 2. command line args `--options substituers http://xxx` trusted-users = [username]; + # substituers that will be considered before the official ones(https://cache.nixos.org) substituters = [ # cache mirror located in China # status: https://mirror.sjtu.edu.cn/ @@ -20,11 +24,14 @@ # status: https://mirrors.ustc.edu.cn/status/ # "https://mirrors.ustc.edu.cn/nix-channels/store" - "https://cache.nixos.org" + "https://nix-community.cachix.org" + # my own cache server + "https://ryan4yin.cachix.org" ]; trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "ryan4yin.cachix.org-1:Gbk27ZU5AYpGS9i3ssoLlwdvMIh0NxG0w8it/cv9kbU=" ]; builders-use-substitutes = true; }; diff --git a/secrets/README.md b/secrets/README.md index b79e90d1..5933e58d 100644 --- a/secrets/README.md +++ b/secrets/README.md @@ -143,5 +143,6 @@ If you're deploying to the same machine from which you encrypted the secrets, it ## Other Replacements - [ragenix](https://github.com/yaxitech/ragenix): A Rust reimplementation of agenix. - + - agenix is mainly written in bash, and it's error message is quite obscure, a little typo may cause some errors no one can understand. + - with a type-safe language like Rust, we can get a better error message and a better user experience, and less bugs. diff --git a/secrets/darwin.nix b/secrets/darwin.nix index d3ed6473..7a92cf2f 100644 --- a/secrets/darwin.nix +++ b/secrets/darwin.nix @@ -36,6 +36,12 @@ mode = "0600"; owner = username; }; + + "nix-access-tokens" = { + file = "${mysecrets}/nix-access-tokens.age"; + mode = "0600"; + owner = username; + }; }; # place secrets in /etc/