From 204cb0392280ea9c1030d9db4bc6b5d178da398b Mon Sep 17 00:00:00 2001 From: Ryan Yin Date: Wed, 26 Jul 2023 20:07:42 +0800 Subject: [PATCH] feat: simplify flake.nix --- .gitignore | 3 +- Makefile | 10 +- README.md | 6 +- flake.lock | 135 ++++--- flake.nix | 345 +++++++----------- fonts/icomoon-feather-icon-font.nix | 13 +- home/base/desktop/alacritty/default.nix | 145 ++++---- home/base/desktop/default.nix | 6 +- home/base/desktop/development.nix | 23 +- home/base/desktop/kitty.nix | 40 +- home/base/desktop/media.nix | 9 +- home/base/desktop/neovim/default.nix | 67 ++-- home/base/desktop/shell.nix | 4 +- home/base/server/bash.nix | 2 +- home/base/server/bat/default.nix | 7 +- home/base/server/core.nix | 10 +- home/base/server/default.nix | 4 +- home/base/server/git.nix | 11 +- home/base/server/nushell/default.nix | 4 +- home/base/server/starship.nix | 2 +- home/base/server/tmux/custom-plugins.nix | 13 +- home/base/server/tmux/default.nix | 23 +- home/base/server/zellij/default.nix | 4 +- home/darwin/core.nix | 6 +- home/darwin/default.nix | 10 +- home/darwin/nushell.nix | 4 +- home/darwin/rime-squirrel.nix | 8 +- home/linux/base/shell.nix | 7 +- home/linux/base/system-tools.nix | 10 +- home/linux/desktop-hyprland.nix | 13 +- home/linux/desktop-i3.nix | 15 +- home/linux/desktop/creative.nix | 3 +- home/linux/desktop/default.nix | 5 +- home/linux/desktop/immutable-file.nix | 47 +-- home/linux/desktop/media.nix | 11 +- home/linux/desktop/ssh.nix | 6 +- home/linux/desktop/xdg.nix | 109 +++--- home/linux/fcitx5/default.nix | 12 +- home/linux/hyprland/default.nix | 5 +- home/linux/hyprland/wayland-apps.nix | 9 +- home/linux/i3/default.nix | 3 +- home/linux/i3/x11-apps.nix | 8 +- home/linux/server.nix | 13 +- hosts/harmonica/default.nix | 31 +- hosts/idols/ai/cifs-mount.nix | 12 +- hosts/idols/ai/default.nix | 23 +- hosts/idols/ai/hardware-configuration.nix | 46 +-- hosts/idols/aquamarine/default.nix | 18 +- hosts/idols/kana/default.nix | 18 +- hosts/idols/ruby/default.nix | 20 +- lib/macosSystem.nix | 25 ++ lib/nixosSystem.nix | 35 ++ modules/darwin/apps.nix | 209 +++-------- modules/darwin/core.nix | 102 ------ modules/darwin/default.nix | 7 + modules/darwin/nix-core.nix | 41 +++ modules/darwin/system.nix | 165 +++++++++ modules/nixos/core-desktop.nix | 58 ++- modules/nixos/core-server.nix | 28 +- modules/nixos/fhs-fonts.nix | 42 +-- modules/nixos/hyprland.nix | 16 +- modules/nixos/i3.nix | 8 +- modules/nixos/libvirt.nix | 14 +- .../nixos/proxmox-hardware-configuration.nix | 27 +- modules/nixos/remote-building.nix | 121 +++--- modules/nixos/user-group.nix | 39 +- overlays/default.nix | 10 +- overlays/fcitx5/default.nix | 6 +- secrets/darwin.nix | 20 +- secrets/nixos.nix | 17 +- 70 files changed, 1183 insertions(+), 1165 deletions(-) create mode 100644 lib/macosSystem.nix create mode 100644 lib/nixosSystem.nix delete mode 100644 modules/darwin/core.nix create mode 100644 modules/darwin/default.nix create mode 100644 modules/darwin/nix-core.nix create mode 100644 modules/darwin/system.nix diff --git a/.gitignore b/.gitignore index 82992825..29f4f2fa 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ result -result/ \ No newline at end of file +result/ +.DS_Store diff --git a/Makefile b/Makefile index 31b1b4ef..fba02a90 100644 --- a/Makefile +++ b/Makefile @@ -13,13 +13,13 @@ i3: nixos-rebuild switch --flake .#ai_i3 --use-remote-sudo -hyprland: +hypr: nixos-rebuild switch --flake .#ai_hyprland --use-remote-sudo -debug_i3: +i3-debug: nixos-rebuild switch --flake .#ai_i3 --use-remote-sudo --show-trace --verbose -debug_hyprland: +hypr-debug: nixos-rebuild switch --flake .#ai_hyprland --use-remote-sudo --show-trace --verbose update: @@ -49,11 +49,11 @@ bright: darwin-set-proxy: sudo python3 scripts/darwin_set_proxy.py -darwin: darwin-set-proxy +ha: darwin-set-proxy nix build .#darwinConfigurations.harmonica.system ./result/sw/bin/darwin-rebuild switch --flake . -darwin-debug: darwin-set-proxy +ha-debug: darwin-set-proxy nix build .#darwinConfigurations.harmonica.system --show-trace --verbose ./result/sw/bin/darwin-rebuild switch --flake .#harmonica --show-trace --verbose diff --git a/README.md b/README.md index 1bc03bfd..797e5abe 100644 --- a/README.md +++ b/README.md @@ -58,17 +58,17 @@ sudo nixos-rebuild switch --flake . make i3 # or we can deploy with details -make debug_i3 +make i3-debug ``` For MacOS, use the following commands: ```bash # deploy the darwin configuration(harmonicia) -make darwin +make ha # deploy with details -make darwin-debug +make ha-debug ``` ## Install Apps from Flatpak diff --git a/flake.lock b/flake.lock index 5c01e8cc..e787e9e4 100644 --- a/flake.lock +++ b/flake.lock @@ -60,26 +60,6 @@ "type": "github" } }, - "darwin_2": { - "inputs": { - "nixpkgs": [ - "nixpkgs-darwin" - ] - }, - "locked": { - "lastModified": 1689516967, - "narHash": "sha256-sFAa33wkQHanmij/uhfGduIDK8z4dJAita/rK6u9pvE=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "61662a63bfe1726588c1da6b412df86d8ca94d63", - "type": "github" - }, - "original": { - "owner": "lnl7", - "repo": "nix-darwin", - "type": "github" - } - }, "flake-compat": { "locked": { "lastModified": 1688025799, @@ -185,16 +165,16 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1689160271, - "narHash": "sha256-mEKF6Wcx+wSF/eos/91A7LxhFLDYhSnQnLpwZF13ntg=", + "lastModified": 1689766295, + "narHash": "sha256-2OuPIcw2WOUc/zjrH7JZHWe1byuMjqP6Zz7D4qsi10s=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5e577acf516b80173f695a458c2cc188a4d64560", + "rev": "b08b72358ad549fd066e5be0fc3aa4c9df367607", "type": "github" }, "original": { "owner": "hyprwm", - "ref": "v0.27.0", + "ref": "v0.27.2", "repo": "Hyprland", "type": "github" } @@ -226,11 +206,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1689509371, - "narHash": "sha256-ESRIO7E8PfKF5cL2ymdrQrvj8LORET24Wbpl0XMzhog=", + "lastModified": 1690114105, + "narHash": "sha256-QOY9FXZ4pWjlDPdZKkLNNMHS+ct1+4wu8lrcua7+chw=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "d75813d1b691b829a5b459bc676e2b1d71d2c15e", + "rev": "d923660039d7e793712ba93f633778046f5e6087", "type": "github" }, "original": { @@ -256,17 +236,38 @@ "url": "ssh://git@github.com/ryan4yin/nix-secrets.git" } }, + "nix-darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs-darwin" + ] + }, + "locked": { + "lastModified": 1690368313, + "narHash": "sha256-1MG/pU2riawknpYaTfaynKJPaIKFnQiYTTCFJAjXM5Q=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "94212ebe32948471a1aa11baa5c576ce60d54589", + "type": "github" + }, + "original": { + "owner": "lnl7", + "repo": "nix-darwin", + "type": "github" + } + }, "nix-eval-jobs": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_4", + "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1689318580, - "narHash": "sha256-ccMZzE0Du6I7RtAuDZbERsBZRGnFcwXTAnSQqGd7mOY=", + "lastModified": 1689903701, + "narHash": "sha256-kW1Rke5wLqw8XHVyiWw7qIKZR911GCsbOg5SkgKH1Uc=", "owner": "nix-community", "repo": "nix-eval-jobs", - "rev": "f88571cfc9132e8f2768aa41d57f5f471941d4b6", + "rev": "fcaf7773e3a6713b78dacfd442339a96cfab405f", "type": "github" }, "original": { @@ -298,11 +299,11 @@ ] }, "locked": { - "lastModified": 1689558522, - "narHash": "sha256-diNpqSRebzvT3P4fLX+40VWZbf2H2hraJDDdg5NJSj0=", + "lastModified": 1690133435, + "narHash": "sha256-YNZiefETggroaTLsLJG2M+wpF0pJPwiauKG4q48ddNU=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "11c98929963a95ad3830960a9216d00e2f792502", + "rev": "b1171de4d362c022130c92d7c8adc4bf2b83d586", "type": "github" }, "original": { @@ -329,11 +330,11 @@ }, "nixpkgs-darwin": { "locked": { - "lastModified": 1689503327, - "narHash": "sha256-qVwzYLA8oT2oWNDXO0A3bZHOhoPOihIB9T677+Hor1E=", + "lastModified": 1690298576, + "narHash": "sha256-RLgIGS04t4Rd0viqsx2e9dGViKB6nVsGmO11EagCWmM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f64b9738da8e86195766147e9752c67fccee006c", + "rev": "88f63d511092e95d28e9a7c98534595c53de1048", "type": "github" }, "original": { @@ -345,11 +346,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1689469483, - "narHash": "sha256-2SBhY7rZQ/iNCxe04Eqxlz9YK9KgbaTMBssq3/BgdWY=", + "lastModified": 1690073998, + "narHash": "sha256-qmK+VMvflwUzQSQl4XVP5kbodYLAKThNzq6mZrOM2Mo=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "02fea408f27186f139153e1ae88f8ab2abd9c22c", + "rev": "d0545f65611a9625f161d0ff02627bc364e024f6", "type": "github" }, "original": { @@ -360,11 +361,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1689534811, - "narHash": "sha256-jnSUdzD/414d94plCyNlvTJJtiTogTep6t7ZgIKIHiE=", + "lastModified": 1690179384, + "narHash": "sha256-+arbgqFTAtoeKtepW9wCnA0njCOyoiDFyl0Q0SBSOtE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6cee3b5893090b0f5f0a06b4cf42ca4e60e5d222", + "rev": "b12803b6d90e2e583429bb79b859ca53c348b39a", "type": "github" }, "original": { @@ -382,11 +383,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1689585449, - "narHash": "sha256-D6TL+9EbDcGLNmpneuGXnonjNWlS563TOoghU/W/k88=", + "lastModified": 1690384532, + "narHash": "sha256-Nc9d6GPajVdSj02aBDkAAq93fdLUtRXP9EIfwKn3Uq4=", "owner": "nix-community", "repo": "nixpkgs-wayland", - "rev": "97941d1936213031ae7ca948ba27aa1bd141a630", + "rev": "729cabdcc73e84963751dd65163048e9ff1a1a75", "type": "github" }, "original": { @@ -413,11 +414,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1689503327, - "narHash": "sha256-qVwzYLA8oT2oWNDXO0A3bZHOhoPOihIB9T677+Hor1E=", + "lastModified": 1690271650, + "narHash": "sha256-qwdsW8DBY1qH+9luliIH7VzgwvL+ZGI3LZWC0LTiDMI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f64b9738da8e86195766147e9752c67fccee006c", + "rev": "6dc93f0daec55ee2f441da385aaf143863e3d671", "type": "github" }, "original": { @@ -445,11 +446,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1689534811, - "narHash": "sha256-jnSUdzD/414d94plCyNlvTJJtiTogTep6t7ZgIKIHiE=", + "lastModified": 1690179384, + "narHash": "sha256-+arbgqFTAtoeKtepW9wCnA0njCOyoiDFyl0Q0SBSOtE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6cee3b5893090b0f5f0a06b4cf42ca4e60e5d222", + "rev": "b12803b6d90e2e583429bb79b859ca53c348b39a", "type": "github" }, "original": { @@ -463,10 +464,10 @@ "inputs": { "agenix": "agenix", "astronvim": "astronvim", - "darwin": "darwin_2", "home-manager": "home-manager_2", "hyprland": "hyprland", "mysecrets": "mysecrets", + "nix-darwin": "nix-darwin", "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs_3", "nixpkgs-darwin": "nixpkgs-darwin", @@ -489,15 +490,37 @@ "type": "github" } }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs-wayland", + "nix-eval-jobs", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1689620039, + "narHash": "sha256-BtNwghr05z7k5YMdq+6nbue+nEalvDepuA7qdQMAKoQ=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "719c2977f958c41fa60a928e2fbc50af14844114", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "wlroots": { "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1686753331, - "narHash": "sha256-KovjVFwcuoUO0eu/UiWrnD3+m/K+SHSAVIz4xF9K1XA=", + "lastModified": 1689611045, + "narHash": "sha256-3RTOlQabkNetQ4O4UzSf57JPco9VGVHhSU1ls5uKBeE=", "owner": "wlroots", "repo": "wlroots", - "rev": "7e7633abf09b362d0bad9e3fc650fd692369291d", + "rev": "7791ffe0584c4ac13c170e1661ce33bdbd4a9b9e", "type": "gitlab" }, "original": { diff --git a/flake.nix b/flake.nix index 9b4490cf..cbb4e466 100644 --- a/flake.nix +++ b/flake.nix @@ -2,15 +2,15 @@ description = "NixOS & macOS configuration of Ryan Yin"; ################################################################################################################## - # + # # Want to know Nix in details? Looking for a beginner-friendly tutorial? # Check out https://github.com/ryan4yin/nixos-and-flakes-book ! - # + # ################################################################################################################## # the nixConfig here only affects the flake itself, not the system configuration! nixConfig = { - experimental-features = [ "nix-command" "flakes" ]; + experimental-features = ["nix-command" "flakes"]; substituters = [ # replace official cache with a mirror located in China @@ -30,7 +30,6 @@ ]; }; - # This is the standard format for flake.nix. `inputs` are the dependencies of the flake, # Each item in `inputs` will be passed as a parameter to the `outputs` function after being pulled and built. inputs = { @@ -43,7 +42,7 @@ # for macos nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-23.05-darwin"; - darwin = { + nix-darwin = { url = "github:lnl7/nix-darwin"; inputs.nixpkgs.follows = "nixpkgs-darwin"; }; @@ -58,7 +57,7 @@ }; # modern window compositor - hyprland.url = "github:hyprwm/Hyprland/v0.27.0"; + hyprland.url = "github:hyprwm/Hyprland/v0.27.2"; # community wayland nixpkgs nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland"; @@ -72,216 +71,156 @@ agenix.url = "github:ryantm/agenix/0d8c5325fc81daf00532e3e26c6752f7bcde1143"; # AstroNvim is an aesthetic and feature-rich neovim config. - astronvim = { url = "github:AstroNvim/AstroNvim/v3.33.3"; flake = false; }; + astronvim = { + url = "github:AstroNvim/AstroNvim/v3.33.3"; + flake = false; + }; # my private secrets, it's a private repository, you need to replace it with your own. # use ssh protocol to authenticate via ssh-agent/ssh-key, and shallow clone to save time - mysecrets = { url = "git+ssh://git@github.com/ryan4yin/nix-secrets.git?shallow=1"; flake = false; }; + mysecrets = { + url = "git+ssh://git@github.com/ryan4yin/nix-secrets.git?shallow=1"; + flake = false; + }; }; - # The `outputs` function will return all the build results of the flake. + # The `outputs` function will return all the build results of the flake. # A flake can have many use cases and different types of outputs, - # parameters in `outputs` are defined in `inputs` and can be referenced by their names. + # parameters in `outputs` are defined in `inputs` and can be referenced by their names. # However, `self` is an exception, this special parameter points to the `outputs` itself (self-reference) # The `@` syntax here is used to alias the attribute set of the inputs's parameter, making it convenient to use inside the function. - outputs = - inputs@{ self - , nixpkgs - , darwin - , home-manager - , nixos-generators - , ... - }: - - let - x64_system = "x86_64-linux"; - x64_specialArgs = { - # use unstable branch for some packages to get the latest updates - pkgs-unstable = import inputs.nixpkgs-unstable { - system = x64_system; # refer the `system` parameter form outer scope recursively - # To use chrome, we need to allow the installation of non-free software - config.allowUnfree = true; - }; - } // inputs; - # 星野 アイ, Hoshino Ai - idol_ai_modules_i3 = [ + outputs = inputs @ { + self, + nixpkgs, + nixpkgs-unstable, + nix-darwin, + home-manager, + nixos-generators, + ... + }: let + username = "ryan"; + x64_system = "x86_64-linux"; + x64_darwin = "x86_64-darwin"; + allSystems = [x64_system x64_darwin]; + + nixosSystem = import ./lib/nixosSystem.nix; + macosSystem = import ./lib/macosSystem.nix; + + # 星野 アイ, Hoshino Ai + idol_ai_modules_i3 = { + nixos-modules = [ ./hosts/idols/ai ./modules/nixos/i3.nix - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - - home-manager.extraSpecialArgs = x64_specialArgs; - home-manager.users.ryan = import ./home/linux/desktop-i3.nix; - } ]; - idol_ai_modules_hyprland = [ + home-module = import ./home/linux/desktop-i3.nix; + }; + idol_ai_modules_hyprland = { + nixos-modules = [ ./hosts/idols/ai ./modules/nixos/hyprland.nix - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - - home-manager.extraSpecialArgs = x64_specialArgs; - home-manager.users.ryan = import ./home/linux/desktop-hyprland.nix; - } ]; - # 星野 愛久愛海, Hoshino Akuamarin - idol_aquamarine_modules = [ - ./hosts/idols/aquamarine - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - - home-manager.extraSpecialArgs = x64_specialArgs; - home-manager.users.ryan = import ./home/linux/server.nix; - } - ]; - # 星野 瑠美衣, Hoshino Rubii - idol_ruby_modules = [ - ./hosts/idols/ruby - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - - home-manager.extraSpecialArgs = x64_specialArgs; - home-manager.users.ryan = import ./home/linux/server.nix; - } - ]; - # 有馬 かな, Arima Kana - idol_kana_modules = [ - ./hosts/idols/kana - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - - home-manager.extraSpecialArgs = x64_specialArgs; - home-manager.users.ryan = import ./home/linux/server.nix; - } - ]; - in { - nixosConfigurations = let system = x64_system; specialArgs = x64_specialArgs; in { - ai_i3 = nixpkgs.lib.nixosSystem { # ai with i3 window manager - inherit system specialArgs; - modules = idol_ai_modules_i3; - }; - ai_hyprland = nixpkgs.lib.nixosSystem { # ai with hyprland compositor - inherit system specialArgs; - modules = idol_ai_modules_hyprland; - }; - - aquamarine = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = idol_aquamarine_modules; - }; - - ruby = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = idol_ruby_modules; - }; - - kana = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = idol_kana_modules; - }; - }; - - # macOS's configuration, for work. - darwinConfigurations."harmonica" = let - system = "x86_64-darwin"; - specialArgs = { - # use unstable branch for some packages to get the latest updates - pkgs-unstable = import inputs.nixpkgs-unstable { - inherit system; # refer the `system` parameter form outer scope recursively - # To use chrome, we need to allow the installation of non-free software - config.allowUnfree = true; - }; - } // inputs; - in - darwin.lib.darwinSystem { - inherit system specialArgs; - modules = [ - ./hosts/harmonica - - home-manager.darwinModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - - home-manager.extraSpecialArgs = specialArgs; - home-manager.users.ryan = import ./home/darwin; - } - ]; - }; - - formatter = { - # format the nix code in this flake - # alejandra is a nix formatter with a beautiful output - x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; - x86_64-darwin = nixpkgs.legacyPackages.x86_64-darwin.alejandra; - }; - - packages.x86_64-linux = - # take images for idols - # https://github.com/nix-community/nixos-generators - let system = x64_system; specialArgs = x64_specialArgs; in { - # Hoshino Ai is a physical machine, so we need to generate an iso image for it. - ai_i3 = nixos-generators.nixosGenerate { # ai with i3 window manager - inherit system specialArgs; - modules = idol_ai_modules_i3; - format = "iso"; - }; - ai_hyprland = nixos-generators.nixosGenerate { # ai with hyprland compositor - inherit system specialArgs; - modules = idol_ai_modules_hyprland; - format = "iso"; - }; - # Hoshino Aquamarine is a virtual machine running on Proxmox VE. - aquamarine = nixos-generators.nixosGenerate { - inherit system specialArgs; - modules = idol_aquamarine_modules ++ [ - ({config, ...}: { - proxmox.qemuConf.name = "aquamarine-nixos-${config.system.nixos.label}"; - }) - ]; - - # proxmox's configuration: - # https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/virtualisation/proxmox-image.nix - # - # after resize the disk, it will grow partition automatically. - # and it alse had qemu-guest-agent installed by default. - format = "proxmox"; - }; - # Hoshino Rubii is a vm too. - ruby = nixos-generators.nixosGenerate { - inherit system specialArgs; - modules = idol_ruby_modules ++ [ - ({config, ...}: { - proxmox.qemuConf.name = "ruby-nixos-${config.system.nixos.label}"; - }) - ]; - format = "proxmox"; - }; - # Kana is a vm too. - kana = nixos-generators.nixosGenerate { - inherit system specialArgs; - modules = idol_kana_modules ++ [ - ({config, ...}: { - proxmox.qemuConf.name = "kana-nixos-${config.system.nixos.label}"; - }) - ]; - format = "proxmox"; - }; - }; + home-module = import ./home/linux/desktop-hyprland.nix; }; + + # 星野 愛久愛海, Hoshino Akuamarin + idol_aquamarine_modules = { + nixos-modules = [ + ./hosts/idols/aquamarine + ]; + home-module = import ./home/linux/server.nix; + }; + + # 星野 瑠美衣, Hoshino Rubii + idol_ruby_modules = { + nixos-modules = [ + ./hosts/idols/ruby + ]; + home-module = import ./home/linux/server.nix; + }; + + # 有馬 かな, Arima Kana + idol_kana_modules = { + nixos-modules = [ + ./hosts/idols/kana + ]; + home-module = import ./home/linux/server.nix; + }; + in { + nixosConfigurations = let + system = x64_system; + specialArgs = + { + inherit username; + # use unstable branch for some packages to get the latest updates + pkgs-unstable = import nixpkgs-unstable { + system = x64_system; # refer the `system` parameter form outer scope recursively + # To use chrome, we need to allow the installation of non-free software + config.allowUnfree = true; + }; + } + // inputs; + base_args = { + inherit home-manager nixos-generators system specialArgs; + }; + stable_args = base_args // {inherit nixpkgs;}; + unstable_args = base_args // {nixpkgs = nixpkgs-unstable;}; + in { + # ai with i3 window manager + ai_i3 = nixosSystem (idol_ai_modules_i3 // stable_args); + # ai with hyprland compositor + ai_hyprland = nixosSystem (idol_ai_modules_hyprland // stable_args); + + aquamarine = nixosSystem (idol_aquamarine_modules // unstable_args); + ruby = nixosSystem (idol_ruby_modules // unstable_args); + kana = nixosSystem (idol_kana_modules // unstable_args); + }; + + # take images for idols + # https://github.com/nix-community/nixos-generators + packages."${x64_system}" = + nixpkgs.lib.genAttrs [ + "ai_i3" + "ai_hyprland" + ] ( + host: + self.nixosConfigurations.${host}.config.formats.iso + ) + // nixpkgs.lib.genAttrs [ + "aquamarine" + "ruby" + "kana" + ] ( + host: + self.nixosConfigurations.${host}.config.formats.proxmox + ); + + # macOS's configuration, for work. + darwinConfigurations."harmonica" = let + system = x64_darwin; + specialArgs = + { + # use unstable branch for some packages to get the latest updates + pkgs-unstable = import nixpkgs-unstable { + inherit system; # refer the `system` parameter form outer scope recursively + # To use chrome, we need to allow the installation of non-free software + config.allowUnfree = true; + }; + } + // inputs; + in + macosSystem { + inherit nix-darwin home-manager system specialArgs; + darwin-modules = [ + ./hosts/harmonica + ]; + home-module = import ./home/darwin; + }; + + # format the nix code in this flake + # alejandra is a nix formatter with a beautiful output + formatter = nixpkgs.lib.genAttrs allSystems ( + system: + nixpkgs.legacyPackages.${system}.alejandra + ); + }; } diff --git a/fonts/icomoon-feather-icon-font.nix b/fonts/icomoon-feather-icon-font.nix index 218c88d6..9ea202ac 100644 --- a/fonts/icomoon-feather-icon-font.nix +++ b/fonts/icomoon-feather-icon-font.nix @@ -1,5 +1,8 @@ -{ lib, stdenvNoCC, fetchgit }: - +{ + lib, + stdenvNoCC, + fetchgit, +}: stdenvNoCC.mkDerivation rec { pname = "icomoon-feather-font"; version = "2023-05-06"; @@ -8,7 +11,7 @@ stdenvNoCC.mkDerivation rec { src = fetchgit { url = "https://github.com/adi1090x/polybar-themes.git"; rev = "47b66337a92a1afd2240ed7094ffcb039cc686cf"; # git commit id - sparseCheckout = [ "fonts/feather.ttf" ]; # only fetch the feather.ttf file + sparseCheckout = ["fonts/feather.ttf"]; # only fetch the feather.ttf file # the sha256 is used to verify the integrity of the downloaded source, and alse cache the build result. # so if you copy other package src's sha256, you will get a cached build result of that package, and all configs in this file will be ignored. @@ -29,11 +32,11 @@ stdenvNoCC.mkDerivation rec { description = "Icomoon feather font"; version = version; longDescription = '' - Feather is a collection of simply beautiful open source icons. + Feather is a collection of simply beautiful open source icons. Each icon is designed on a 24x24 grid with an emphasis on simplicity, consistency, and flexibility. ''; license = licenses.mit; - maintainers = [ maintainers.ryan4yin ]; + maintainers = [maintainers.ryan4yin]; platforms = platforms.all; }; } diff --git a/home/base/desktop/alacritty/default.nix b/home/base/desktop/alacritty/default.nix index a0f1566b..182d702f 100644 --- a/home/base/desktop/alacritty/default.nix +++ b/home/base/desktop/alacritty/default.nix @@ -1,9 +1,8 @@ -{ pkgs, ... }: - +{pkgs, ...}: ########################################################### # # Alacritty Configuration -# +# # Useful Hot Keys for macOS: # 1. Multi-Window: `command + N` # 2. Increase Font Size: `command + =` | `command + +` @@ -18,80 +17,84 @@ # Note: Alacritty do not have support for Tabs, and any graphic protocol. # ########################################################### - { programs.alacritty = { enable = true; }; - xdg.configFile."alacritty/alacritty.yml".text = '' - import: - # all alacritty themes can be found at - # https://github.com/alacritty/alacritty-theme - - ~/.config/alacritty/theme_catppuccino.yml - - window: - # Background opacity - # - # Window opacity as a floating point number from `0.0` to `1.0`. - # The value `0.0` is completely transparent and `1.0` is opaque. - opacity: 0.95 - - # Startup Mode (changes require restart) - # - # Values for `startup_mode`: - # - Windowed - # - Maximized - # - Fullscreen - # - # Values for `startup_mode` (macOS only): - # - SimpleFullscreen - startup_mode: Windowed - - # Allow terminal applications to change Alacritty's window title. - dynamic_title: true - - # Make `Option` key behave as `Alt` (macOS only): - # - OnlyLeft - # - OnlyRight - # - Both - # - None (default) - option_as_alt: Both - - scrolling: - # Maximum number of lines in the scrollback buffer. - # Specifying '0' will disable scrolling. - history: 10000 - - # Scrolling distance multiplier. - #multiplier: 3 - - # Font configuration - font: - # Normal (roman) font face - bold: - family: JetBrainsMono Nerd Font - italic: - family: JetBrainsMono Nerd Font - normal: - family: JetBrainsMono Nerd Font - bold_italic: - # Font family - # - # If the bold italic family is not specified, it will fall back to the - # value specified for the normal font. - family: JetBrainsMono Nerd Font - '' + (if pkgs.stdenv.isDarwin then '' - # Point size - size: 14 - shell: # force nushell as default shell on macOS - program: /run/current-system/sw/bin/nu - '' else '' - # holder identation - # Point size - size: 13 - ''); + xdg.configFile."alacritty/alacritty.yml".text = + '' + import: + # all alacritty themes can be found at + # https://github.com/alacritty/alacritty-theme + - ~/.config/alacritty/theme_catppuccino.yml + window: + # Background opacity + # + # Window opacity as a floating point number from `0.0` to `1.0`. + # The value `0.0` is completely transparent and `1.0` is opaque. + opacity: 0.95 + + # Startup Mode (changes require restart) + # + # Values for `startup_mode`: + # - Windowed + # - Maximized + # - Fullscreen + # + # Values for `startup_mode` (macOS only): + # - SimpleFullscreen + startup_mode: Windowed + + # Allow terminal applications to change Alacritty's window title. + dynamic_title: true + + # Make `Option` key behave as `Alt` (macOS only): + # - OnlyLeft + # - OnlyRight + # - Both + # - None (default) + option_as_alt: Both + + scrolling: + # Maximum number of lines in the scrollback buffer. + # Specifying '0' will disable scrolling. + history: 10000 + + # Scrolling distance multiplier. + #multiplier: 3 + + # Font configuration + font: + # Normal (roman) font face + bold: + family: JetBrainsMono Nerd Font + italic: + family: JetBrainsMono Nerd Font + normal: + family: JetBrainsMono Nerd Font + bold_italic: + # Font family + # + # If the bold italic family is not specified, it will fall back to the + # value specified for the normal font. + family: JetBrainsMono Nerd Font + '' + + ( + if pkgs.stdenv.isDarwin + then '' + # Point size + size: 14 + shell: # force nushell as default shell on macOS + program: /run/current-system/sw/bin/nu + '' + else '' + # holder identation + # Point size + size: 13 + '' + ); xdg.configFile."alacritty/theme_catppuccino.yml".source = ./theme_catppuccino.yml; } diff --git a/home/base/desktop/default.nix b/home/base/desktop/default.nix index 66fe5059..b8a59d9b 100644 --- a/home/base/desktop/default.nix +++ b/home/base/desktop/default.nix @@ -1,14 +1,12 @@ -{ ... }: -{ +{...}: { imports = [ ./alacritty ../server ./neovim - + ./development.nix ./kitty.nix ./media.nix ./shell.nix ]; - } diff --git a/home/base/desktop/development.nix b/home/base/desktop/development.nix index b2aaac19..5471478d 100644 --- a/home/base/desktop/development.nix +++ b/home/base/desktop/development.nix @@ -1,10 +1,12 @@ -{ pkgs, pkgs-unstable, ... }: - { + pkgs, + pkgs-unstable, + ... +}: { ############################################################# # # Basic settings for development environment - # + # # Please avoid to install language specific packages here(globally), # instead, install them independently using dev-templates: # https://github.com/the-nix-way/dev-templates @@ -36,13 +38,14 @@ gnumake # used by this repo, to simplify the deployment # python - (python311.withPackages (ps: with ps; [ - ipython - pandas - requests - pyquery - pyyaml - ])) + (python311.withPackages (ps: + with ps; [ + ipython + pandas + requests + pyquery + pyyaml + ])) # db related dbeaver diff --git a/home/base/desktop/kitty.nix b/home/base/desktop/kitty.nix index 48e50f59..07a23966 100644 --- a/home/base/desktop/kitty.nix +++ b/home/base/desktop/kitty.nix @@ -1,9 +1,12 @@ -{ lib, pkgs, ... }: - +{ + lib, + pkgs, + ... +}: ########################################################### # # Kitty Configuration -# +# # Useful Hot Keys for macOS: # 1. New Tab: `command + t` # 2. Close Tab: `command + w` @@ -28,20 +31,29 @@ font = { name = "JetBrainsMono Nerd Font"; # use different font size on macOS - size = if pkgs.stdenv.isDarwin then 14 else 13; + size = + if pkgs.stdenv.isDarwin + then 14 + else 13; }; - settings = { - background_opacity = "0.95"; - macos_option_as_alt = true; # Option key acts as Alt on macOS - scrollback_lines = 10000; - enable_audio_bell = false; - } // (if pkgs.stdenv.isDarwin then { - # macOS specific settings, force kitty to use nushell as default shell - shell = "/run/current-system/sw/bin/nu"; - } else {}); + settings = + { + background_opacity = "0.95"; + macos_option_as_alt = true; # Option key acts as Alt on macOS + scrollback_lines = 10000; + enable_audio_bell = false; + } + // ( + if pkgs.stdenv.isDarwin + then { + # macOS specific settings, force kitty to use nushell as default shell + shell = "/run/current-system/sw/bin/nu"; + } + else {} + ); # macOS specific settings - darwinLaunchOptions = [ "--start-as=fullscreen" ]; + darwinLaunchOptions = ["--start-as=fullscreen"]; }; } diff --git a/home/base/desktop/media.nix b/home/base/desktop/media.nix index da86a6d9..aa8b2353 100644 --- a/home/base/desktop/media.nix +++ b/home/base/desktop/media.nix @@ -1,6 +1,7 @@ -{ pkgs -, config -, ... +{ + pkgs, + config, + ... }: # processing audio/video { @@ -8,7 +9,7 @@ ffmpeg-full # images - viu # Terminal image viewer with native support for iTerm and Kitty + viu # Terminal image viewer with native support for iTerm and Kitty imagemagick graphviz ]; diff --git a/home/base/desktop/neovim/default.nix b/home/base/desktop/neovim/default.nix index e6428fde..8b8d886a 100644 --- a/home/base/desktop/neovim/default.nix +++ b/home/base/desktop/neovim/default.nix @@ -1,5 +1,8 @@ -{ pkgs, astronvim, ... }: - +{ + pkgs, + astronvim, + ... +}: ############################################################################### # # AstroNvim's configuration and all its dependencies @@ -70,7 +73,7 @@ # # Joining a Selection of Lines With Space: `:join` # Joining without spaces: `:join!` -# +# # Toggle text's case: `~` # Convert to uppercase: `U` # Convert to lowercase: `u` @@ -93,7 +96,7 @@ "nvim" = { # update AstroNvim onChange = "${pkgs.neovim}/bin/nvim --headless +quitall"; - source = astronvim; + source = astronvim; }; # my cusotom astronvim config, astronvim will load it after base config # https://github.com/AstroNvim/AstroNvim/blob/v3.32.0/lua/astronvim/bootstrap.lua#L15-L16 @@ -117,16 +120,15 @@ viAlias = false; vimAlias = true; - + withPython3 = true; withNodeJs = true; extraPackages = []; # currently we use lazy.nvim as neovim's package manager, so comment this one. - plugins = with pkgs.vimPlugins;[ + plugins = with pkgs.vimPlugins; [ # search all the plugins using https://search.nixos.org/packages luasnip - ]; }; }; @@ -144,14 +146,14 @@ #-- python nodePackages.pyright # python language server - python311Packages.black # python formatter + python311Packages.black # python formatter python311Packages.ruff-lsp - + #-- rust rust-analyzer - cargo # rust package manager + cargo # rust package manager rustfmt - + #-- zig zls @@ -159,18 +161,18 @@ nil rnix-lsp # nixd - statix # Lints and suggestions for the nix programming language - deadnix # Find and remove unused code in .nix source files - alejandra # Nix Code Formatter + statix # Lints and suggestions for the nix programming language + deadnix # Find and remove unused code in .nix source files + alejandra # Nix Code Formatter #-- golang go gomodifytags - iferr # generate error handling code for go - impl # generate function implementation for go - gotools # contains tools like: godoc, goimports, etc. - gopls # go language server - delve # go debugger + iferr # generate error handling code for go + impl # generate function implementation for go + gotools # contains tools like: godoc, goimports, etc. + gopls # go language server + delve # go debugger #-- lua stylua @@ -180,7 +182,7 @@ nodePackages.bash-language-server shellcheck shfmt - + #-- javascript/typescript --# nodePackages.typescript nodePackages.typescript-language-server @@ -194,26 +196,25 @@ terraform-ls jsonnet jsonnet-language-server - hadolint # Dockerfile linter + hadolint # Dockerfile linter #-- Others - taplo # TOML language server / formatter / validator + taplo # TOML language server / formatter / validator nodePackages.yaml-language-server - sqlfluff # SQL linter - actionlint # GitHub Actions linter - buf # protoc plugin for linting and formatting - proselint # English prose linter + sqlfluff # SQL linter + actionlint # GitHub Actions linter + buf # protoc plugin for linting and formatting + proselint # English prose linter #-- Misc - tree-sitter # common language parser/highlighter - nodePackages.prettier # common code formatter - marksman # language server for markdown - glow # markdown previewer + tree-sitter # common language parser/highlighter + nodePackages.prettier # common code formatter + marksman # language server for markdown + glow # markdown previewer #-- Optional Requirements: - gdu # disk usage analyzer, required by AstroNvim - ripgrep # fast search tool, required by AstroNvim's 'fw'( is space key) + gdu # disk usage analyzer, required by AstroNvim + ripgrep # fast search tool, required by AstroNvim's 'fw'( is space key) ]; }; - } diff --git a/home/base/desktop/shell.nix b/home/base/desktop/shell.nix index 5778268d..3f0eb9a7 100644 --- a/home/base/desktop/shell.nix +++ b/home/base/desktop/shell.nix @@ -1,5 +1,4 @@ - -{ ... }: { +{...}: { programs.bash = { # load the alias file for work bashrcExtra = '' @@ -22,5 +21,4 @@ source /etc/agenix/alias-for-work.nushell ''; }; - } diff --git a/home/base/server/bash.nix b/home/base/server/bash.nix index 80faca62..f41d62bc 100644 --- a/home/base/server/bash.nix +++ b/home/base/server/bash.nix @@ -1,4 +1,4 @@ -{ ... }: { +{...}: { programs.bash = { enable = true; enableCompletion = true; diff --git a/home/base/server/bat/default.nix b/home/base/server/bat/default.nix index ff6ec240..3e4e4a5c 100644 --- a/home/base/server/bat/default.nix +++ b/home/base/server/bat/default.nix @@ -1,6 +1,5 @@ -{ ... }: -{ - # a cat(1) clone with syntax highlighting and Git integration. +{...}: { + # a cat(1) clone with syntax highlighting and Git integration. programs.bat = { enable = true; config = { @@ -12,6 +11,4 @@ Catppuccin-mocha = builtins.readFile ./Catppuccin-mocha.tmTheme; }; }; - } - diff --git a/home/base/server/core.nix b/home/base/server/core.nix index 1cbbfa7d..abdfb09d 100644 --- a/home/base/server/core.nix +++ b/home/base/server/core.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.packages = with pkgs; [ neofetch nnn # terminal file manager @@ -20,12 +18,12 @@ # networking tools mtr # A network diagnostic tool iperf3 - dnsutils # `dig` + `nslookup` + dnsutils # `dig` + `nslookup` ldns # replacement of `dig`, it provide the command `drill` aria2 # A lightweight multi-protocol & multi-source command-line download utility socat # replacement of openbsd-netcat nmap # A utility for network discovery and security auditing - ipcalc # it is a calculator for the IPv4/v6 addresses + ipcalc # it is a calculator for the IPv4/v6 addresses # misc cowsay @@ -40,7 +38,7 @@ gnupg # nix related - # + # # it provides the command `nom` works just like `nix # with more details log output nix-output-monitor diff --git a/home/base/server/default.nix b/home/base/server/default.nix index 02af524f..383728cb 100644 --- a/home/base/server/default.nix +++ b/home/base/server/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./bat ./nushell @@ -11,5 +10,4 @@ ./git.nix ./starship.nix ]; - } diff --git a/home/base/server/git.nix b/home/base/server/git.nix index fc38c49a..e901357f 100644 --- a/home/base/server/git.nix +++ b/home/base/server/git.nix @@ -1,13 +1,14 @@ -{ config -, lib -, pkgs -, ... +{ + config, + lib, + pkgs, + ... }: { # `programs.git` will generate the config file: ~/.config/git/config # to make git use this config file, `~/.gitconfig` should not exist! # # https://git-scm.com/docs/git-config#Documentation/git-config.txt---global - home.activation.removeExistingGitconfig = lib.hm.dag.entryBefore [ "checkLinkTargets" ] '' + home.activation.removeExistingGitconfig = lib.hm.dag.entryBefore ["checkLinkTargets"] '' rm -f ~/.gitconfig ''; diff --git a/home/base/server/nushell/default.nix b/home/base/server/nushell/default.nix index 41fa49ec..07feae45 100644 --- a/home/base/server/nushell/default.nix +++ b/home/base/server/nushell/default.nix @@ -1,11 +1,11 @@ -{ ... }: { +{...}: { programs.nushell = { enable = true; configFile.source = ./config.nu; # home-manager will merge the cotent in `environmentVariables` with the `envFile.source` # but basically, I set all environment variables via the shell-independent way, so I don't need to use those two options - # + # # envFile.source = ./env.nu; # environmentVariables = { FOO="bar"; }; diff --git a/home/base/server/starship.nix b/home/base/server/starship.nix index 0f486b86..4dd3e4c8 100644 --- a/home/base/server/starship.nix +++ b/home/base/server/starship.nix @@ -1,4 +1,4 @@ -{ ... }: { +{...}: { programs.starship = { enable = true; diff --git a/home/base/server/tmux/custom-plugins.nix b/home/base/server/tmux/custom-plugins.nix index e8c58dec..5447a040 100644 --- a/home/base/server/tmux/custom-plugins.nix +++ b/home/base/server/tmux/custom-plugins.nix @@ -1,16 +1,13 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let buildTmuxPlugin = pkgs.tmuxPlugins.mkTmuxPlugin; -in -{ +in { draculaTheme = buildTmuxPlugin { pluginName = "dracula"; version = "v2.2.0"; src = builtins.fetchTarball { - name = "dracula-tmux-v2.2.0"; - url = "https://github.com/dracula/tmux/archive/refs/tags/v2.2.0.tar.gz"; + name = "dracula-tmux-v2.2.0"; + url = "https://github.com/dracula/tmux/archive/refs/tags/v2.2.0.tar.gz"; sha256 = "sha256:0v2k994yy4xx2iw8qxg7qphw46gq2qmg496i3a3h9b6jgwxqm7zn"; }; }; -} \ No newline at end of file +} diff --git a/home/base/server/tmux/default.nix b/home/base/server/tmux/default.nix index 473c0e28..dfae81ef 100644 --- a/home/base/server/tmux/default.nix +++ b/home/base/server/tmux/default.nix @@ -1,24 +1,25 @@ -{ config, pkgs, ... }: - -let - plugins = pkgs.tmuxPlugins // pkgs.callPackage ./custom-plugins.nix {}; -in { + config, + pkgs, + ... +}: let + plugins = pkgs.tmuxPlugins // pkgs.callPackage ./custom-plugins.nix {}; +in { programs.tmux = { enable = true; shell = "${pkgs.nushell}/bin/nu"; # Resize the window to the size of the smallest session for which it is the current window. - # + # aggressiveResize = true; # https://github.com/tmux-plugins/tmux-sensible # tmux-sensible overwrites default tmux shortcuts, makes them more sane. sensibleOnTop = true; - + # extraConfig = builtins.readFile ./tmux.conf; # keyMode = "vi"; # default is emacs - + baseIndex = 1; # start index from 1 escapeTime = 0; # do not wait for escape key terminal = "xterm-256color"; @@ -31,8 +32,8 @@ in plugin = continuum; extraConfig = '' set -g @continuum-save-interval '15' - - # Option to display current status of tmux continuum in tmux status line. + + # Option to display current status of tmux continuum in tmux status line. set -g status-right 'Continuum status: #{continuum_status}' ''; } @@ -41,7 +42,7 @@ in # Manually persists tmux environment across system restarts. # prefix + Ctrl-s - save # prefix + Ctrl-r - restore - # + # plugin = resurrect; # Restore Neovim sessions extraConfig = "set -g @resurrect-strategy-nvim 'session'"; diff --git a/home/base/server/zellij/default.nix b/home/base/server/zellij/default.nix index 0e1af81b..fd7e3018 100644 --- a/home/base/server/zellij/default.nix +++ b/home/base/server/zellij/default.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { programs.zellij = { enable = true; }; diff --git a/home/darwin/core.nix b/home/darwin/core.nix index e9a47908..b9035510 100644 --- a/home/darwin/core.nix +++ b/home/darwin/core.nix @@ -1,8 +1,6 @@ -{ pkgs, ... }: -{ - +{pkgs, ...}: { ########################################################################## - # + # # MacOS specific home configuration # ########################################################################## diff --git a/home/darwin/default.nix b/home/darwin/default.nix index 7214f57e..ffd996c1 100644 --- a/home/darwin/default.nix +++ b/home/darwin/default.nix @@ -1,9 +1,7 @@ -{ ... }: - -{ +{ username, ... }: { imports = [ ../base/desktop - + ./core.nix ./nushell.nix ./rime-squirrel.nix @@ -12,9 +10,9 @@ # Home Manager needs a bit of information about you and the # paths it should manage. home = { - username = "ryan"; + username = username; # set homeDirectory make build fail - homeDirectory = "/Users/ryan"; + homeDirectory = "/Users/${username}"; # This value determines the Home Manager release that your # configuration is compatible with. This helps avoid breakage diff --git a/home/darwin/nushell.nix b/home/darwin/nushell.nix index b0051dc7..0be12533 100644 --- a/home/darwin/nushell.nix +++ b/home/darwin/nushell.nix @@ -1,4 +1,4 @@ -{ config, ... }: { +{config, ...}: { # nix-darwin do not set PATH for nushell! so we need to do it manually # this is a workaround to add nix's PATH to nushell programs.nushell.extraConfig = '' @@ -15,4 +15,4 @@ ($env.PATH | split row (char esep)) ] | flatten) ''; -} \ No newline at end of file +} diff --git a/home/darwin/rime-squirrel.nix b/home/darwin/rime-squirrel.nix index 15f9e34e..24f442c3 100644 --- a/home/darwin/rime-squirrel.nix +++ b/home/darwin/rime-squirrel.nix @@ -1,8 +1,10 @@ -{ lib, pkgs, ... }: - { + lib, + pkgs, + ... +}: { # remove existing rime data (squirrel) - home.activation.removeExistingRimeData = lib.hm.dag.entryBefore [ "checkLinkTargets" ] '' + home.activation.removeExistingRimeData = lib.hm.dag.entryBefore ["checkLinkTargets"] '' rm -rf "~/Library/Rime/build/flypy.prism.bin" ''; diff --git a/home/linux/base/shell.nix b/home/linux/base/shell.nix index d49657b1..29181ffe 100644 --- a/home/linux/base/shell.nix +++ b/home/linux/base/shell.nix @@ -1,11 +1,8 @@ -{ config, ... }: - -let +{config, ...}: let d = config.xdg.dataHome; c = config.xdg.configHome; cache = config.xdg.cacheHome; -in -rec { +in rec { # add environment variables systemd.user.sessionVariables = { # clean up ~ diff --git a/home/linux/base/system-tools.nix b/home/linux/base/system-tools.nix index bb4265b9..d9847abb 100644 --- a/home/linux/base/system-tools.nix +++ b/home/linux/base/system-tools.nix @@ -1,7 +1,4 @@ -{ pkgs, ... }: - - -{ +{pkgs, ...}: { # Linux Only Packages, not available on Darwin home.packages = with pkgs; [ btop # replacement of htop/nmon @@ -13,7 +10,7 @@ # misc libnotify wireguard-tools # manage wireguard vpn manually, via wg-quick - + # need to run `conda-install` before using it # need to run `conda-shell` before using command `conda` # conda is not available for MacOS @@ -30,7 +27,7 @@ ethtool pciutils # lspci usbutils # lsusb - hdparm # for disk performance, command + hdparm # for disk performance, command dmidecode # a tool that reads information about your system's hardware from the BIOS according to the SMBIOS/DMI standard ]; @@ -42,5 +39,4 @@ services = { # syncthing.enable = true; }; - } diff --git a/home/linux/desktop-hyprland.nix b/home/linux/desktop-hyprland.nix index 0dec546a..68054d3a 100644 --- a/home/linux/desktop-hyprland.nix +++ b/home/linux/desktop-hyprland.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{ username, ... }: { imports = [ ../base/desktop @@ -13,12 +11,9 @@ # Home Manager needs a bit of information about you and the # paths it should manage. - home = let - name = "ryan"; - in - { - username = name; - homeDirectory = "/home/${name}"; + home = { + username = username; + homeDirectory = "/home/${username}"; # This value determines the Home Manager release that your # configuration is compatible with. This helps avoid breakage diff --git a/home/linux/desktop-i3.nix b/home/linux/desktop-i3.nix index e8b4f831..477296be 100644 --- a/home/linux/desktop-i3.nix +++ b/home/linux/desktop-i3.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{ username, ... }: { imports = [ ../base/desktop @@ -9,16 +7,13 @@ ./desktop ./i3 -]; + ]; # Home Manager needs a bit of information about you and the # paths it should manage. - home = let - name = "ryan"; - in - { - username = name; - homeDirectory = "/home/${name}"; + home = { + username = username; + homeDirectory = "/home/${username}"; # This value determines the Home Manager release that your # configuration is compatible with. This helps avoid breakage diff --git a/home/linux/desktop/creative.nix b/home/linux/desktop/creative.nix index 93746522..57425345 100644 --- a/home/linux/desktop/creative.nix +++ b/home/linux/desktop/creative.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { home.packages = with pkgs; [ # creative # blender # 3d modeling diff --git a/home/linux/desktop/default.nix b/home/linux/desktop/default.nix index e5f18cab..fc243dea 100644 --- a/home/linux/desktop/default.nix +++ b/home/linux/desktop/default.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { imports = [ ./creative.nix ./immutable-file.nix @@ -10,7 +9,7 @@ home.packages = with pkgs; [ # GUI apps - insomnia # REST client + insomnia # REST client wireshark # network analyzer # e-book viewer(.epub/.mobi/...) diff --git a/home/linux/desktop/immutable-file.nix b/home/linux/desktop/immutable-file.nix index c54bcc76..cb534956 100644 --- a/home/linux/desktop/immutable-file.nix +++ b/home/linux/desktop/immutable-file.nix @@ -1,26 +1,24 @@ -{ config -, lib -, pkgs -, ... +{ + config, + lib, + pkgs, + ... }: - ############################################################################################## # # Provide a option `home.immutable-file`, it works like `home.file` but make the generated file immutable. # # Copy from https://github.com/iosmanthus/nixos-config/blob/349917b/modules/immutable-file.nix # -# this module use the `chattr +i` to make the file immutable, `i` indicates `immutable`, +# this module use the `chattr +i` to make the file immutable, `i` indicates `immutable`, # it's a i-node flags only works on Linux. -# +# # TODO not used yet, need to test it. -# +# ############################################################################################## - -with lib; -let +with lib; let cfg = config.home.immutable-file; - immutableFileOpts = { ... }: { + immutableFileOpts = {...}: { options = { src = mkOption { type = types.path; @@ -44,21 +42,24 @@ let sudo cp $2 $1 sudo chattr +i $1 ''; -in -{ +in { options.home.immutable-file = mkOption { type = with types; attrsOf (submodule immutableFileOpts); - default = { }; + default = {}; }; - config = mkIf (cfg != { }) { - home.activation = mapAttrs' - (name: { src, dst }: + config = mkIf (cfg != {}) { + home.activation = + mapAttrs' + (name: { + src, + dst, + }: nameValuePair - "make-immutable-${name}" - (lib.hm.dag.entryAfter [ "writeBoundary" ] '' - ${mkImmutableFile} ${dst} ${src} - '')) + "make-immutable-${name}" + (lib.hm.dag.entryAfter ["writeBoundary"] '' + ${mkImmutableFile} ${dst} ${src} + '')) cfg; }; -} \ No newline at end of file +} diff --git a/home/linux/desktop/media.nix b/home/linux/desktop/media.nix index 803a1412..cfd3e4f7 100644 --- a/home/linux/desktop/media.nix +++ b/home/linux/desktop/media.nix @@ -1,6 +1,7 @@ -{ pkgs -, config -, ... +{ + pkgs, + config, + ... }: # media - control and enjoy audio/video { @@ -23,8 +24,8 @@ programs = { mpv = { enable = true; - defaultProfiles = [ "gpu-hq" ]; - scripts = [ pkgs.mpvScripts.mpris ]; + defaultProfiles = ["gpu-hq"]; + scripts = [pkgs.mpvScripts.mpris]; }; }; diff --git a/home/linux/desktop/ssh.nix b/home/linux/desktop/ssh.nix index cfea94c2..00050d92 100644 --- a/home/linux/desktop/ssh.nix +++ b/home/linux/desktop/ssh.nix @@ -1,6 +1,4 @@ -{ pkgs -, ... -}: { +{pkgs, ...}: { programs.ssh = { enable = true; @@ -35,7 +33,7 @@ Host gtr5 HostName 192.168.5.172 Port 22 - + Host um560 HostName 192.168.5.173 Port 22 diff --git a/home/linux/desktop/xdg.nix b/home/linux/desktop/xdg.nix index dd05d55d..3babdac6 100644 --- a/home/linux/desktop/xdg.nix +++ b/home/linux/desktop/xdg.nix @@ -1,9 +1,12 @@ -# XDG stands for "Cross-Desktop Group", with X used to mean "cross". -# It's a bunch of specifications from freedesktop.org intended to standardize desktops and -# other GUI applications on various systems (primarily Unix-like) to be interoperable: +# XDG stands for "Cross-Desktop Group", with X used to mean "cross". +# It's a bunch of specifications from freedesktop.org intended to standardize desktops and +# other GUI applications on various systems (primarily Unix-like) to be interoperable: # https://www.freedesktop.org/wiki/Specifications/ -{ config, pkgs, ... }: { + config, + pkgs, + ... +}: { home.packages = with pkgs; [ xdg-utils # provides cli tools such as `xdg-mime` `xdg-open` xdg-user-dirs @@ -15,68 +18,64 @@ # manage $XDG_CONFIG_HOME/mimeapps.list # xdg search all desktop entries from $XDG_DATA_DIRS, check it by command: - # echo $XDG_DATA_DIRS + # echo $XDG_DATA_DIRS # the system-level desktop entries can be list by command: # ls -l /run/current-system/sw/share/applications/ # the user-level desktop entries can be list by command(user ryan): # ls /etc/profiles/per-user/ryan/share/applications/ mimeApps = { enable = true; - defaultApplications = - let - browser = [ "firefox.desktop" ]; - in - { - "application/json" = browser; - "application/pdf" = browser; # TODO: pdf viewer + defaultApplications = let + browser = ["firefox.desktop"]; + in { + "application/json" = browser; + "application/pdf" = browser; # TODO: pdf viewer - "text/html" = browser; - "text/xml" = browser; - "application/xml" = browser; - "application/xhtml+xml" = browser; - "application/xhtml_xml" = browser; - "application/rdf+xml" = browser; - "application/rss+xml" = browser; - "application/x-extension-htm" = browser; - "application/x-extension-html" = browser; - "application/x-extension-shtml" = browser; - "application/x-extension-xht" = browser; - "application/x-extension-xhtml" = browser; + "text/html" = browser; + "text/xml" = browser; + "application/xml" = browser; + "application/xhtml+xml" = browser; + "application/xhtml_xml" = browser; + "application/rdf+xml" = browser; + "application/rss+xml" = browser; + "application/x-extension-htm" = browser; + "application/x-extension-html" = browser; + "application/x-extension-shtml" = browser; + "application/x-extension-xht" = browser; + "application/x-extension-xhtml" = browser; - "x-scheme-handler/about" = browser; - "x-scheme-handler/ftp" = browser; - "x-scheme-handler/http" = browser; - "x-scheme-handler/https" = browser; - "x-scheme-handler/unknown" = browser; + "x-scheme-handler/about" = browser; + "x-scheme-handler/ftp" = browser; + "x-scheme-handler/http" = browser; + "x-scheme-handler/https" = browser; + "x-scheme-handler/unknown" = browser; - "x-scheme-handler/discord" = [ "discord.desktop" ]; - "x-scheme-handler/tg" = [ "telegramdesktop.desktop" ]; + "x-scheme-handler/discord" = ["discord.desktop"]; + "x-scheme-handler/tg" = ["telegramdesktop.desktop"]; - "audio/*" = [ "mpv.desktop" ]; - "video/*" = [ "mpv.dekstop" ]; - "image/*" = [ "imv.desktop" ]; - }; + "audio/*" = ["mpv.desktop"]; + "video/*" = ["mpv.dekstop"]; + "image/*" = ["imv.desktop"]; + }; - associations.removed = - let - browser = [ "google-chrome.desktop" ]; - in - { - "text/html" = browser; - "text/xml" = browser; - "application/xml" = browser; - "application/xhtml+xml" = browser; - "application/xhtml_xml" = browser; - "application/rdf+xml" = browser; - "application/rss+xml" = browser; - "image/gif" = browser; - "image/jpeg" = browser; - "image/png" = browser; - "image/webp" = browser; - "x-scheme-handler/http" = browser; - "x-scheme-handler/https" = browser; - "application/pdf" = browser; - }; + associations.removed = let + browser = ["google-chrome.desktop"]; + in { + "text/html" = browser; + "text/xml" = browser; + "application/xml" = browser; + "application/xhtml+xml" = browser; + "application/xhtml_xml" = browser; + "application/rdf+xml" = browser; + "application/rss+xml" = browser; + "image/gif" = browser; + "image/jpeg" = browser; + "image/png" = browser; + "image/webp" = browser; + "x-scheme-handler/http" = browser; + "x-scheme-handler/https" = browser; + "application/pdf" = browser; + }; }; userDirs = { diff --git a/home/linux/fcitx5/default.nix b/home/linux/fcitx5/default.nix index 1dfe6b1f..227eb014 100644 --- a/home/linux/fcitx5/default.nix +++ b/home/linux/fcitx5/default.nix @@ -1,12 +1,16 @@ -{ pkgs, config, lib, ... }: { - +{ + pkgs, + config, + lib, + ... +}: { home.file.".config/fcitx5/profile".source = ./profile; home.file.".config/fcitx5/profile-bak".source = ./profile; # used for backup - # every time fcitx5 switch input method, it will modify ~/.config/fcitx5/profile file, + # every time fcitx5 switch input method, it will modify ~/.config/fcitx5/profile file, # which will override my config managed by home-manager # so we need to remove it before everytime we rebuild the config - home.activation.removeExistingFcitx5Profile = lib.hm.dag.entryBefore [ "checkLinkTargets" ] '' + home.activation.removeExistingFcitx5Profile = lib.hm.dag.entryBefore ["checkLinkTargets"] '' rm -f "${config.xdg.configHome}/fcitx5/profile" ''; diff --git a/home/linux/hyprland/default.nix b/home/linux/hyprland/default.nix index 4a97da0b..ce5c0f7b 100644 --- a/home/linux/hyprland/default.nix +++ b/home/linux/hyprland/default.nix @@ -1,5 +1,4 @@ -{ pkgs, ...}: -{ +{pkgs, ...}: { imports = [ ./wayland-apps.nix ]; @@ -22,7 +21,6 @@ home.file.".gtkrc-2.0".source = ./gtkrc-2.0; home.file.".config/hypr/wallpapers/wallpaper.png".source = ../wallpapers/wallpaper.png; - # music player - mpd home.file.".config/mpd" = { source = ./mpd; @@ -58,5 +56,4 @@ package = pkgs.qogir-theme; size = 64; }; - } diff --git a/home/linux/hyprland/wayland-apps.nix b/home/linux/hyprland/wayland-apps.nix index e6612ccb..c085c33b 100644 --- a/home/linux/hyprland/wayland-apps.nix +++ b/home/linux/hyprland/wayland-apps.nix @@ -1,18 +1,13 @@ -{ pkgs -, ... -}: - -{ +{pkgs, ...}: { # TODO vscode & chrome both have wayland support, but they don't work with fcitx5, need to fix it. programs = { - # source code: https://github.com/nix-community/home-manager/blob/master/modules/programs/chromium.nix google-chrome = { enable = true; commandLineArgs = [ # make it use GTK_IM_MODULE if it runs with Gtk4, so fcitx5 can work with it. - # (only supported by chromium/chrome at this time, not electron) + # (only supported by chromium/chrome at this time, not electron) "--gtk-version=4" # make it use text-input-v1, which works for kwin 5.27 and weston # "--enable-wayland-ime" diff --git a/home/linux/i3/default.nix b/home/linux/i3/default.nix index 6efcb0eb..d8ea76d0 100644 --- a/home/linux/i3/default.nix +++ b/home/linux/i3/default.nix @@ -1,5 +1,4 @@ -{ pkgs, ...}: -{ +{pkgs, ...}: { # i3 window manager's config, based on https://github.com/endeavouros-team/endeavouros-i3wm-setup imports = [ diff --git a/home/linux/i3/x11-apps.nix b/home/linux/i3/x11-apps.nix index 4a487a8e..da7cb7c3 100644 --- a/home/linux/i3/x11-apps.nix +++ b/home/linux/i3/x11-apps.nix @@ -1,15 +1,11 @@ -{ pkgs -, ... -}: { +{pkgs, ...}: { home.packages = with pkgs; [ firefox - xsel # for clipboard support in x11, required by tmux's clipboard support + xsel # for clipboard support in x11, required by tmux's clipboard support ]; - # TODO vscode & chrome both have wayland support, but they don't work with fcitx5, need to fix it. programs = { - # source code: https://github.com/nix-community/home-manager/blob/master/modules/programs/chromium.nix google-chrome = { enable = true; diff --git a/home/linux/server.nix b/home/linux/server.nix index 2e4ed5b1..0c641c60 100644 --- a/home/linux/server.nix +++ b/home/linux/server.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{ username, ... }: { imports = [ ../base/server @@ -9,12 +7,9 @@ # Home Manager needs a bit of information about you and the # paths it should manage. - home = let - name = "ryan"; - in - { - username = name; - homeDirectory = "/home/${name}"; + home = { + username = username; + homeDirectory = "/home/${username}"; # This value determines the Home Manager release that your # configuration is compatible with. This helps avoid breakage diff --git a/hosts/harmonica/default.nix b/hosts/harmonica/default.nix index 8755749b..23556f34 100644 --- a/hosts/harmonica/default.nix +++ b/hosts/harmonica/default.nix @@ -1,25 +1,34 @@ -{ ... } @ args: - +{ username, ... } @ args: ############################################################# # # Harmonica - my MacBook Pro 2020 13-inch, mainly for business. # ############################################################# - let - name = "harmonica"; -in -{ + hostname = "harmonica"; +in { imports = [ - ../../modules/darwin/core.nix - ../../modules/darwin/apps.nix + ../../modules/darwin ../../secrets/darwin.nix ]; nixpkgs.overlays = import ../../overlays args; - networking.hostName = name; - networking.computerName = name; - system.defaults.smb.NetBIOSName = name; + networking.hostName = hostname; + networking.computerName = hostname; + system.defaults.smb.NetBIOSName = hostname; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users."${username}" = { + home = "/Users/${username}"; + description = username; + + # set user's default shell back to zsh + # `chsh -s /bin/zsh` + # DO NOT change the system's default shell to nushell! it will break some apps! + # It's better to change only starship/alacritty/vscode's shell to nushell! + }; + + nix.settings.trusted-users = [username]; } diff --git a/hosts/idols/ai/cifs-mount.nix b/hosts/idols/ai/cifs-mount.nix index 4a910786..d40a0313 100644 --- a/hosts/idols/ai/cifs-mount.nix +++ b/hosts/idols/ai/cifs-mount.nix @@ -1,8 +1,12 @@ -{ config, pkgs, ... }: - { + config, + pkgs, + + username, + ... +}: { # mount a smb/cifs share - fileSystems."/home/ryan/SMB-Downloads" = { + fileSystems."/home/${username}/SMB-Downloads" = { device = "//192.168.5.194/Downloads"; fsType = "cifs"; options = [ @@ -10,5 +14,3 @@ ]; }; } - - diff --git a/hosts/idols/ai/default.nix b/hosts/idols/ai/default.nix index 376e38e7..0fac08d8 100644 --- a/hosts/idols/ai/default.nix +++ b/hosts/idols/ai/default.nix @@ -1,11 +1,9 @@ -{ config, ... } @ args: - +{config, ...} @ args: ############################################################# # # Ai - my main computer, with NixOS + I5-13600KF + RTX 4090 GPU, for gaming & daily use. # ############################################################# - { imports = [ ./cifs-mount.nix @@ -24,7 +22,7 @@ nixpkgs.overlays = import ../../../overlays args; # Enable binfmt emulation of aarch64-linux, this is required for cross compilation. - boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ]; + boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"]; # supported fil systems, so we can mount any removable disks with these filesystems boot.supportedFilesystems = [ "ext4" @@ -60,10 +58,12 @@ enableIPv6 = false; # disable ipv6 interfaces.enp5s0 = { useDHCP = false; - ipv4.addresses = [{ - address = "192.168.5.100"; - prefixLength = 24; - }]; + ipv4.addresses = [ + { + address = "192.168.5.100"; + prefixLength = 24; + } + ]; }; defaultGateway = "192.168.5.201"; nameservers = [ @@ -75,17 +75,17 @@ virtualisation.docker.storageDriver = "btrfs"; # for Nvidia GPU - services.xserver.videoDrivers = [ "nvidia" ]; # will install nvidia-vaapi-driver by default + services.xserver.videoDrivers = ["nvidia"]; # will install nvidia-vaapi-driver by default hardware.nvidia = { package = config.boot.kernelPackages.nvidiaPackages.stable; modesetting.enable = true; powerManagement.enable = true; }; - virtualisation.docker.enableNvidia = true; # for nvidia-docker + virtualisation.docker.enableNvidia = true; # for nvidia-docker hardware.opengl = { enable = true; - # if hardware.opengl.driSupport is enabled, mesa is installed and provides Vulkan for supported hardware. + # if hardware.opengl.driSupport is enabled, mesa is installed and provides Vulkan for supported hardware. driSupport = true; # needed by nvidia-docker driSupport32Bit = true; @@ -98,5 +98,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - } diff --git a/hosts/idols/ai/hardware-configuration.nix b/hosts/idols/ai/hardware-configuration.nix index fe07de6b..70c9f555 100644 --- a/hosts/idols/ai/hardware-configuration.nix +++ b/hosts/idols/ai/hardware-configuration.nix @@ -1,34 +1,34 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/231466f6-cdf3-40e1-b9d2-6b4e8d10a4d3"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/231466f6-cdf3-40e1-b9d2-6b4e8d10a4d3"; + fsType = "btrfs"; + options = ["subvol=@"]; + }; - fileSystems."/boot/efi" = - { - device = "/dev/disk/by-uuid/87ED-8B2E"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/87ED-8B2E"; + fsType = "vfat"; + }; - swapDevices = - [{ device = "/dev/disk/by-uuid/17391ca0-8cdb-4598-a40b-fd9548fd9b37"; }]; + swapDevices = [{device = "/dev/disk/by-uuid/17391ca0-8cdb-4598-a40b-fd9548fd9b37";}]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/idols/aquamarine/default.nix b/hosts/idols/aquamarine/default.nix index d264dc04..319aa065 100644 --- a/hosts/idols/aquamarine/default.nix +++ b/hosts/idols/aquamarine/default.nix @@ -1,11 +1,9 @@ -{ ... } @args: - +{...} @ args: ############################################################# # # Aquamarine - A NixOS VM running on Proxmox # ############################################################# - { imports = [ { @@ -21,9 +19,8 @@ nixpkgs.overlays = import ../../../overlays args; - # Enable binfmt emulation of aarch64-linux, this is required for cross compilation. - boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ]; + boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"]; # supported fil systems, so we can mount any removable disks with these filesystems boot.supportedFilesystems = [ "ext4" @@ -48,10 +45,12 @@ networkmanager.enable = true; interfaces.ens18 = { useDHCP = false; - ipv4.addresses = [{ - address = "192.168.5.101"; - prefixLength = 24; - }]; + ipv4.addresses = [ + { + address = "192.168.5.101"; + prefixLength = 24; + } + ]; }; defaultGateway = "192.168.5.201"; nameservers = [ @@ -67,5 +66,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - } diff --git a/hosts/idols/kana/default.nix b/hosts/idols/kana/default.nix index b8aa65c7..e65b6f35 100644 --- a/hosts/idols/kana/default.nix +++ b/hosts/idols/kana/default.nix @@ -1,11 +1,9 @@ -{ ... } @args: - +{...} @ args: ############################################################# # # Kana - a NixOS VM running on Proxmox # ############################################################# - { imports = [ { @@ -21,9 +19,8 @@ nixpkgs.overlays = import ../../../overlays args; - # Enable binfmt emulation of aarch64-linux, this is required for cross compilation. - boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ]; + boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"]; # supported fil systems, so we can mount any removable disks with these filesystems boot.supportedFilesystems = [ "ext4" @@ -48,10 +45,12 @@ networkmanager.enable = true; interfaces.ens18 = { useDHCP = false; - ipv4.addresses = [{ - address = "192.168.5.103"; - prefixLength = 24; - }]; + ipv4.addresses = [ + { + address = "192.168.5.103"; + prefixLength = 24; + } + ]; }; defaultGateway = "192.168.5.201"; nameservers = [ @@ -67,5 +66,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - } diff --git a/hosts/idols/ruby/default.nix b/hosts/idols/ruby/default.nix index f28f4c1d..f3101db9 100644 --- a/hosts/idols/ruby/default.nix +++ b/hosts/idols/ruby/default.nix @@ -1,13 +1,9 @@ -{ ... } @args: - - +{...} @ args: ############################################################# # # Ruby - a NixOS VM running on Proxmox # ############################################################# - - { imports = [ { @@ -23,9 +19,8 @@ nixpkgs.overlays = import ../../../overlays args; - # Enable binfmt emulation of aarch64-linux, this is required for cross compilation. - boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ]; + boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"]; # supported fil systems, so we can mount any removable disks with these filesystems boot.supportedFilesystems = [ "ext4" @@ -50,10 +45,12 @@ networkmanager.enable = true; interfaces.ens18 = { useDHCP = false; - ipv4.addresses = [{ - address = "192.168.5.102"; - prefixLength = 24; - }]; + ipv4.addresses = [ + { + address = "192.168.5.102"; + prefixLength = 24; + } + ]; }; defaultGateway = "192.168.5.201"; nameservers = [ @@ -69,5 +66,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - } diff --git a/lib/macosSystem.nix b/lib/macosSystem.nix new file mode 100644 index 00000000..4161b0e7 --- /dev/null +++ b/lib/macosSystem.nix @@ -0,0 +1,25 @@ +{ + nix-darwin, + home-manager, + system, + specialArgs, + darwin-modules, + home-module, +}: let + username = specialArgs.username; +in + nix-darwin.lib.darwinSystem { + inherit system specialArgs; + modules = + darwin-modules + ++ [ + home-manager.darwinModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + + home-manager.extraSpecialArgs = specialArgs; + home-manager.users."${username}" = home-module; + } + ]; + } diff --git a/lib/nixosSystem.nix b/lib/nixosSystem.nix new file mode 100644 index 00000000..1d4ba987 --- /dev/null +++ b/lib/nixosSystem.nix @@ -0,0 +1,35 @@ +{ + nixpkgs, + home-manager, + nixos-generators, + system, + specialArgs, + nixos-modules, + home-module, +}: let + username = specialArgs.username; +in + nixpkgs.lib.nixosSystem { + inherit system specialArgs; + modules = + nixos-modules + ++ [ + nixos-generators.nixosModules.all-formats + { + # formatConfigs.iso = {config, ...}: {}; + formatConfigs.proxmox = {config, ...}: { + # custom proxmox's image name + proxmox.qemuConf.name = "${config.networking.hostName}-nixos-${config.system.nixos.label}"; + }; + } + + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + + home-manager.extraSpecialArgs = specialArgs; + home-manager.users."${username}" = home-module; + } + ]; + } diff --git a/modules/darwin/apps.nix b/modules/darwin/apps.nix index 333ddd27..8669983f 100644 --- a/modules/darwin/apps.nix +++ b/modules/darwin/apps.nix @@ -1,140 +1,35 @@ -{ pkgs, ...}: { - +{pkgs, ...}: { ########################################################################## - # - # MacOS specific nix-darwin configuration # - # Nix is not well supported on macOS, I met some strange bug recently. - # So install apps using [homebrew](https://daiderd.com/nix-darwin/manual/index.html#opt-homebrew.enable) here. - # + # Install all apps and packages here. + # + # NOTE: Your can find all available options in: + # https://daiderd.com/nix-darwin/manual/index.html + # + # TODO Fell free to modify this file to fit your needs. + # ########################################################################## - system = { + # Install packages from nix's official package repository. + # + # The packages installed here are available to all users, and are reproducible across machines, and are rollbackable. + # But on macOS, it's less stable than homebrew. + # + # Related Discussion: https://discourse.nixos.org/t/darwin-again/29331 + environment.systemPackages = with pkgs; [ + neovim + git + nushell # my custom shell + ]; + environment.variables.EDITOR = "nvim"; - # activationScripts are executed every time you boot the system or run `nixos-rebuild` / `darwin-rebuild`. - activationScripts.postUserActivation.text = '' - # activateSettings -u will reload the settings from the database and apply them to the current session, - # so we do not need to logout and login again to make the changes take effect. - /System/Library/PrivateFrameworks/SystemAdministration.framework/Resources/activateSettings -u - ''; - - defaults = { - menuExtraClock.Show24Hour = true; # show 24 hour clock - - # customize dock - dock = { - autohide = true; - show-recents = false; # disable recent apps - - # customize Hot Corners(触发角, 鼠标移动到屏幕角落时触发的动作) - wvous-tl-corner = 2; # top-left - Mission Control - wvous-tr-corner = 13; # top-right - Lock Screen - wvous-bl-corner = 3; # bottom-left - Application Windows - wvous-br-corner = 4; # bottom-right - Desktop - }; - - # customize finder - finder = { - _FXShowPosixPathInTitle = true; # show full path in finder title - AppleShowAllExtensions = true; # show all file extensions - FXEnableExtensionChangeWarning = false; # disable warning when changing file extension - QuitMenuItem = true; # enable quit menu item - ShowPathbar = true; # show path bar - ShowStatusBar = true; # show status bar - }; - - # customize trackpad - trackpad = { - # tap - 轻触触摸板, click - 点击触摸板 - Clicking = true; # enable tap to click(轻触触摸板相当于点击) - TrackpadRightClick = true; # enable two finger right click - TrackpadThreeFingerDrag = true; # enable three finger drag - }; - - # customize macOS - NSGlobalDomain = { - # `defaults read NSGlobalDomain "xxx"` - "com.apple.swipescrolldirection" = true; # enable natural scrolling(default to true) - "com.apple.sound.beep.feedback" = 0; # disable beep sound when pressing volume up/down key - AppleInterfaceStyle = "Dark"; # dark mode - AppleKeyboardUIMode = 3; # Mode 3 enables full keyboard control. - ApplePressAndHoldEnabled = true; # enable press and hold - - # If you press and hold certain keyboard keys when in a text area, the key’s character begins to repeat. - # This is very useful for vim users, they use `hjkl` to move cursor. - # sets how long it takes before it starts repeating. - InitialKeyRepeat = 15; # normal minimum is 15 (225 ms), maximum is 120 (1800 ms) - # sets how fast it repeats once it starts. - KeyRepeat = 3; # normal minimum is 2 (30 ms), maximum is 120 (1800 ms) - - NSAutomaticCapitalizationEnabled = false; # disable auto capitalization(自动大写) - NSAutomaticDashSubstitutionEnabled = false; # disable auto dash substitution(智能破折号替换) - NSAutomaticPeriodSubstitutionEnabled = false; # disable auto period substitution(智能句号替换) - NSAutomaticQuoteSubstitutionEnabled = false; # disable auto quote substitution(智能引号替换) - NSAutomaticSpellingCorrectionEnabled = false; # disable auto spelling correction(自动拼写检查) - NSNavPanelExpandedStateForSaveMode = true; # expand save panel by default(保存文件时的路径选择/文件名输入页) - NSNavPanelExpandedStateForSaveMode2 = true; - }; - - # customize settings that not supported by nix-darwin directly - CustomUserPreferences = { - NSGlobalDomain = { - # Add a context menu item for showing the Web Inspector in web views - WebKitDeveloperExtras = true; - }; - "com.apple.finder" = { - ShowExternalHardDrivesOnDesktop = true; - ShowHardDrivesOnDesktop = true; - ShowMountedServersOnDesktop = true; - ShowRemovableMediaOnDesktop = true; - _FXSortFoldersFirst = true; - # When performing a search, search the current folder by default - FXDefaultSearchScope = "SCcf"; - }; - "com.apple.desktopservices" = { - # Avoid creating .DS_Store files on network or USB volumes - DSDontWriteNetworkStores = true; - DSDontWriteUSBStores = true; - }; - "com.apple.screensaver" = { - # Require password immediately after sleep or screen saver begins - askForPassword = 1; - askForPasswordDelay = 0; - }; - "com.apple.screencapture" = { - location = "~/Desktop"; - type = "png"; - }; - "com.apple.AdLib" = { - allowApplePersonalizedAdvertising = false; - }; - # Prevent Photos from opening automatically when devices are plugged in - "com.apple.ImageCapture".disableHotPlug = true; - }; - - loginwindow = { - GuestEnabled = false; # disable guest user - SHOWFULLNAME = true; # show full name in login window - }; - }; - - # keyboard settings is not very useful on macOS - # the most important thing is to remap option key to alt key globally, - # but it's not supported by macOS yet. - keyboard = { - enableKeyMapping = true; # enable key mapping so that we can use `option` as `control` - - # NOTE: do NOT support remap capslock to both control and escape at the same time - remapCapsLockToControl = false; # remap caps lock to control, useful for emac users - remapCapsLockToEscape = true; # remap caps lock to escape, useful for vim users - - # swap left command and left alt - # so it matches common keyboard layout: `ctrl | command | alt` - # - # disabled, caused only problems! - swapLeftCommandAndLeftAlt = false; - }; - }; + # Create /etc/zshrc that loads the nix-darwin environment. + # this is required if you want to use darwin's default shell - zsh + programs.zsh.enable = true; + environment.shells = [ + pkgs.zsh + pkgs.nushell # my custom shell + ]; # Homebrew Mirror environment.variables = { @@ -145,12 +40,11 @@ HOMEBREW_PIP_INDEX_URL = "https://pypi.tuna.tsinghua.edu.cn/simple"; }; - # homebrew need to be installed manually, see https://brew.sh homebrew = { - # TODO Homebrew install takes a long time, - # So only enable this when you make changes. - enable = false; + # TODO Homebrew install takes a long time, + # So only enable this when you make changes. + enable = true; onActivation = { autoUpdate = false; @@ -161,12 +55,12 @@ # Applications to install from Mac App Store using mas. # You need to install all these Apps manually first so that your apple account have records for them. # otherwise Apple Store will refuse to install them. - # For details, see https://github.com/mas-cli/mas + # For details, see https://github.com/mas-cli/mas masApps = { # Xcode = 497799835; Wechat = 836500024; QQ = 451108668; - WeCom = 1189898970; # Wechat for Work + WeCom = 1189898970; # Wechat for Work TecentMetting = 1484048379; NeteaseCloudMusic = 944848654; QQMusic = 595615424; @@ -184,22 +78,25 @@ brews = [ # `brew install` - "wget" # download tool - "curl" # no not install curl via nixpkgs, it's not working well on macOS! - "aria2" # download tool - "httpie" # http client - "wireguard-tools" # wireguard + "wget" # download tool + "curl" # no not install curl via nixpkgs, it's not working well on macOS! + "aria2" # download tool + "httpie" # http client + "wireguard-tools" # wireguard # Usage: # https://github.com/tailscale/tailscale/wiki/Tailscaled-on-macOS#run-the-tailscaled-daemon # 1. `sudo tailscaled install-system-daemon` # 2. `tailscale up --accept-routes` - "tailscale" # tailscale + "tailscale" # tailscale + + # https://github.com/rgcr/m-cli + "m-cli" #  Swiss Army Knife for macOS ]; # `brew install --cask` casks = [ - "squirrel" # input method for Chinese, rime-squirrel + "squirrel" # input method for Chinese, rime-squirrel "firefox" "google-chrome" @@ -213,20 +110,20 @@ "microsoft-remote-desktop" # "anki" - "clashx" # proxy tool - "iina" # video player - "openinterminal-lite" # open current folder in terminal - "syncthing" # file sync - "raycast" # (HotKey: alt/option + space)search, caculate and run scripts(with many plugins) - "iglance" # beautiful system monitor - "eudic" # 欧路词典 + "clashx" # proxy tool + "iina" # video player + "openinterminal-lite" # open current folder in terminal + "syncthing" # file sync + "raycast" # (HotKey: alt/option + space)search, caculate and run scripts(with many plugins) + "iglance" # beautiful system monitor + "eudic" # 欧路词典 # "reaper" # audio editor # Development - "insomnia" # REST client - "wireshark" # network analyzer - "jdk-mission-control" # Java Mission Control - "google-cloud-sdk" # Google Cloud SDK + "insomnia" # REST client + "wireshark" # network analyzer + "jdk-mission-control" # Java Mission Control + "google-cloud-sdk" # Google Cloud SDK ]; }; } diff --git a/modules/darwin/core.nix b/modules/darwin/core.nix deleted file mode 100644 index 1c8fed95..00000000 --- a/modules/darwin/core.nix +++ /dev/null @@ -1,102 +0,0 @@ - -{ pkgs, lib, ... }: -{ - ################################################################################### - # - # Core configuration for nix-darwin - # - # All the configuration options are documented here: - # https://daiderd.com/nix-darwin/manual/index.html#sec-options - # - ################################################################################### - - - # enable flakes globally - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - - nix.settings.trusted-users = ["ryan"]; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # Auto upgrade nix package and the daemon service. - services.nix-daemon.enable = true; - # Use this instead of services.nix-daemon.enable if you - # don't wan't the daemon service to be managed for you. - # nix.useDaemon = true; - - nix.package = pkgs.nix; - - programs.nix-index.enable = true; - - # boot.loader.grub.configurationLimit = 10; - # do garbage collection weekly to keep disk usage low - nix.gc = { - automatic = lib.mkDefault true; - options = lib.mkDefault "--delete-older-than 1w"; - }; - - # Manual optimise storage: nix-store --optimise - # https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store - nix.settings.auto-optimise-store = true; - - # Add ability to used TouchID for sudo authentication - security.pam.enableSudoTouchIdAuth = true; - - # Set your time zone. - # comment this due to the issue: - # https://github.com/LnL7/nix-darwin/issues/359 - # time.timeZone = "Asia/shanghai"; - - # Apps - # `home-manager` currently has issues adding them to `~/Applications` - # Issue: https://github.com/nix-community/home-manager/issues/1341 - environment.systemPackages = with pkgs; [ - neovim - git - nushell # my custom shell - ]; - - environment.variables.EDITOR = "nvim"; - - # Fonts - fonts = { - # use fonts specified by user rather than default ones - fontDir.enable = true; - - fonts = with pkgs; [ - # icon fonts - material-design-icons - font-awesome - - # nerdfonts - (nerdfonts.override { - fonts = [ - "FiraCode" - "JetBrainsMono" - "Iosevka" - ]; - }) - - ]; - }; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.ryan = { - home = "/Users/ryan"; - description = "ryan"; - - # set user's default shell back to zsh - # `chsh -s /bin/zsh` - # DO NOT change the system's default shell to nushell! it will break some apps! - # It's better to change only starship/alacritty/vscode's shell to nushell! - }; - - # Create /etc/zshrc that loads the nix-darwin environment. - # this is required if you want to use darwin's default shell - zsh - programs.zsh.enable = true; - environment.shells = [ - pkgs.zsh - pkgs.nushell # my custom shell - ]; -} diff --git a/modules/darwin/default.nix b/modules/darwin/default.nix new file mode 100644 index 00000000..360be3ee --- /dev/null +++ b/modules/darwin/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./apps.nix + ./nix-core.nix + ./system.nix + ]; +} diff --git a/modules/darwin/nix-core.nix b/modules/darwin/nix-core.nix new file mode 100644 index 00000000..031277bf --- /dev/null +++ b/modules/darwin/nix-core.nix @@ -0,0 +1,41 @@ +{ + pkgs, + lib, + ... +}: { + ################################################################################### + # + # Core configuration for nix-darwin + # + # All the configuration options are documented here: + # https://daiderd.com/nix-darwin/manual/index.html#sec-options + # + ################################################################################### + + # enable flakes globally + nix.settings.experimental-features = ["nix-command" "flakes"]; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # Auto upgrade nix package and the daemon service. + services.nix-daemon.enable = true; + # Use this instead of services.nix-daemon.enable if you + # don't wan't the daemon service to be managed for you. + # nix.useDaemon = true; + + nix.package = pkgs.nix; + + programs.nix-index.enable = true; + + # boot.loader.grub.configurationLimit = 10; + # do garbage collection weekly to keep disk usage low + nix.gc = { + automatic = lib.mkDefault true; + options = lib.mkDefault "--delete-older-than 1w"; + }; + + # Manual optimise storage: nix-store --optimise + # https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store + nix.settings.auto-optimise-store = true; +} diff --git a/modules/darwin/system.nix b/modules/darwin/system.nix new file mode 100644 index 00000000..5687c2f1 --- /dev/null +++ b/modules/darwin/system.nix @@ -0,0 +1,165 @@ +{pkgs, ...}: +################################################################################### +# +# macOS's System configuration +# +# All the configuration options are documented here: +# https://daiderd.com/nix-darwin/manual/index.html#sec-options +# +################################################################################### +{ + # Add ability to used TouchID for sudo authentication + security.pam.enableSudoTouchIdAuth = true; + + system = { + # activationScripts are executed every time you boot the system or run `nixos-rebuild` / `darwin-rebuild`. + activationScripts.postUserActivation.text = '' + # activateSettings -u will reload the settings from the database and apply them to the current session, + # so we do not need to logout and login again to make the changes take effect. + /System/Library/PrivateFrameworks/SystemAdministration.framework/Resources/activateSettings -u + ''; + + defaults = { + menuExtraClock.Show24Hour = true; # show 24 hour clock + + # customize dock + dock = { + autohide = true; + show-recents = false; # disable recent apps + + # customize Hot Corners(触发角, 鼠标移动到屏幕角落时触发的动作) + wvous-tl-corner = 2; # top-left - Mission Control + wvous-tr-corner = 13; # top-right - Lock Screen + wvous-bl-corner = 3; # bottom-left - Application Windows + wvous-br-corner = 4; # bottom-right - Desktop + }; + + # customize finder + finder = { + _FXShowPosixPathInTitle = true; # show full path in finder title + AppleShowAllExtensions = true; # show all file extensions + FXEnableExtensionChangeWarning = false; # disable warning when changing file extension + QuitMenuItem = true; # enable quit menu item + ShowPathbar = true; # show path bar + ShowStatusBar = true; # show status bar + }; + + # customize trackpad + trackpad = { + # tap - 轻触触摸板, click - 点击触摸板 + Clicking = true; # enable tap to click(轻触触摸板相当于点击) + TrackpadRightClick = true; # enable two finger right click + TrackpadThreeFingerDrag = true; # enable three finger drag + }; + + # customize macOS + NSGlobalDomain = { + # `defaults read NSGlobalDomain "xxx"` + "com.apple.swipescrolldirection" = true; # enable natural scrolling(default to true) + "com.apple.sound.beep.feedback" = 0; # disable beep sound when pressing volume up/down key + AppleInterfaceStyle = "Dark"; # dark mode + AppleKeyboardUIMode = 3; # Mode 3 enables full keyboard control. + ApplePressAndHoldEnabled = true; # enable press and hold + + # If you press and hold certain keyboard keys when in a text area, the key’s character begins to repeat. + # This is very useful for vim users, they use `hjkl` to move cursor. + # sets how long it takes before it starts repeating. + InitialKeyRepeat = 15; # normal minimum is 15 (225 ms), maximum is 120 (1800 ms) + # sets how fast it repeats once it starts. + KeyRepeat = 3; # normal minimum is 2 (30 ms), maximum is 120 (1800 ms) + + NSAutomaticCapitalizationEnabled = false; # disable auto capitalization(自动大写) + NSAutomaticDashSubstitutionEnabled = false; # disable auto dash substitution(智能破折号替换) + NSAutomaticPeriodSubstitutionEnabled = false; # disable auto period substitution(智能句号替换) + NSAutomaticQuoteSubstitutionEnabled = false; # disable auto quote substitution(智能引号替换) + NSAutomaticSpellingCorrectionEnabled = false; # disable auto spelling correction(自动拼写检查) + NSNavPanelExpandedStateForSaveMode = true; # expand save panel by default(保存文件时的路径选择/文件名输入页) + NSNavPanelExpandedStateForSaveMode2 = true; + }; + + # customize settings that not supported by nix-darwin directly + CustomUserPreferences = { + NSGlobalDomain = { + # Add a context menu item for showing the Web Inspector in web views + WebKitDeveloperExtras = true; + }; + "com.apple.finder" = { + ShowExternalHardDrivesOnDesktop = true; + ShowHardDrivesOnDesktop = true; + ShowMountedServersOnDesktop = true; + ShowRemovableMediaOnDesktop = true; + _FXSortFoldersFirst = true; + # When performing a search, search the current folder by default + FXDefaultSearchScope = "SCcf"; + }; + "com.apple.desktopservices" = { + # Avoid creating .DS_Store files on network or USB volumes + DSDontWriteNetworkStores = true; + DSDontWriteUSBStores = true; + }; + "com.apple.screensaver" = { + # Require password immediately after sleep or screen saver begins + askForPassword = 1; + askForPasswordDelay = 0; + }; + "com.apple.screencapture" = { + location = "~/Desktop"; + type = "png"; + }; + "com.apple.AdLib" = { + allowApplePersonalizedAdvertising = false; + }; + # Prevent Photos from opening automatically when devices are plugged in + "com.apple.ImageCapture".disableHotPlug = true; + }; + + loginwindow = { + GuestEnabled = false; # disable guest user + SHOWFULLNAME = true; # show full name in login window + }; + }; + + # keyboard settings is not very useful on macOS + # the most important thing is to remap option key to alt key globally, + # but it's not supported by macOS yet. + keyboard = { + enableKeyMapping = true; # enable key mapping so that we can use `option` as `control` + + # NOTE: do NOT support remap capslock to both control and escape at the same time + remapCapsLockToControl = false; # remap caps lock to control, useful for emac users + remapCapsLockToEscape = true; # remap caps lock to escape, useful for vim users + + # swap left command and left alt + # so it matches common keyboard layout: `ctrl | command | alt` + # + # disabled, caused only problems! + swapLeftCommandAndLeftAlt = false; + }; + }; + + # Set your time zone. + # comment this due to the issue: + # https://github.com/LnL7/nix-darwin/issues/359 + # time.timeZone = "Asia/shanghai"; + + # Fonts + fonts = { + # use fonts specified by user rather than default ones + fontDir.enable = true; + + fonts = with pkgs; [ + # icon fonts + material-design-icons + font-awesome + + # nerdfonts + (nerdfonts.override { + fonts = [ + "FiraCode" + "JetBrainsMono" + "Iosevka" + ]; + }) + ]; + }; +} diff --git a/modules/nixos/core-desktop.nix b/modules/nixos/core-desktop.nix index 2d0554f1..e5ff7eb9 100644 --- a/modules/nixos/core-desktop.nix +++ b/modules/nixos/core-desktop.nix @@ -1,6 +1,8 @@ -{ lib, pkgs, ... }: - { + lib, + pkgs, + ... +}: { ################################################################################### # # NixOS's core configuration suitable for my desktop computer @@ -17,20 +19,6 @@ # Enable CUPS to print documents. services.printing.enable = true; - # DO NOT promote ryan to input password for `nix-store` and `nix-copy-closure` - security.sudo.extraRules = [ - { users = [ "ryan" ]; - commands = [ - { command = "/run/current-system/sw/bin/nix-store" ; - options = [ "NOPASSWD" ]; - } - { command = "/run/current-system/sw/bin/nix-copy-closure" ; - options = [ "NOPASSWD" ]; - } - ]; - } - ]; - # all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts fonts = { # use fonts specified by user rather than default ones @@ -65,17 +53,17 @@ ]; }) - (pkgs.callPackage ../../fonts/icomoon-feather-icon-font.nix { }) + (pkgs.callPackage ../../fonts/icomoon-feather-icon-font.nix {}) ]; # user defined fonts # the reason there's Noto Color Emoji everywhere is to override DejaVu's # B&W emojis that would sometimes show instead of some Color emojis fontconfig.defaultFonts = { - serif = [ "Noto Serif" "Noto Color Emoji" ]; - sansSerif = [ "Noto Sans" "Noto Color Emoji" ]; - monospace = [ "JetBrainsMono Nerd Font" "Noto Color Emoji" ]; - emoji = [ "Noto Color Emoji" ]; + serif = ["Noto Serif" "Noto Color Emoji"]; + sansSerif = ["Noto Sans" "Noto Color Emoji"]; + monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"]; + emoji = ["Noto Color Emoji"]; }; }; @@ -99,7 +87,7 @@ }; # The OpenSSH agent remembers private keys for you - # so that you don’t have to type in passphrases every time you make an SSH connection. + # so that you don’t have to type in passphrases every time you make an SSH connection. # Use `ssh-add` to add a key to the agent. programs.ssh.startAgent = true; @@ -107,18 +95,19 @@ # $ nix search wget environment.systemPackages = with pkgs; [ # python, some times I may need to use python with root permission. - (python310.withPackages (ps: with ps; [ - ipython - pandas - requests - pyquery - pyyaml - ])) + (python310.withPackages (ps: + with ps; [ + ipython + pandas + requests + pyquery + pyyaml + ])) ]; # PipeWire is a new low-level multimedia framework. # It aims to offer capture and playback for both audio and video with minimal latency. - # It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications. + # It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications. # PipeWire has a great bluetooth support, it can be a good alternative to PulseAudio. # https://nixos.wiki/wiki/PipeWire services.pipewire = { @@ -167,28 +156,27 @@ services.gnome.gnome-keyring.enable = true; security.pam.services.greetd.enableGnomeKeyring = true; - - # A key remapping daemon for linux. + # A key remapping daemon for linux. # https://github.com/rvaiya/keyd services.keyd = { enable = true; settings = { main = { - # overloads the capslock key to function as both escape (when tapped) and control (when held) + # overloads the capslock key to function as both escape (when tapped) and control (when held) capslock = "overload(control, esc)"; }; }; }; services = { - dbus.packages = [ pkgs.gcr ]; + dbus.packages = [pkgs.gcr]; geoclue2.enable = true; udev.packages = with pkgs; [ gnome.gnome-settings-daemon platformio # udev rules for platformio - openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895 + openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895 android-udev-rules ]; }; diff --git a/modules/nixos/core-server.nix b/modules/nixos/core-server.nix index fe82ddaf..3368152b 100644 --- a/modules/nixos/core-server.nix +++ b/modules/nixos/core-server.nix @@ -1,6 +1,8 @@ -{ lib, pkgs, ... }: - { + lib, + pkgs, + ... +}: { ################################################################################### # # NixOS's core configuration suitable for all my machines @@ -22,8 +24,7 @@ nix.settings.auto-optimise-store = true; # enable flakes globally - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - + nix.settings.experimental-features = ["nix-command" "flakes"]; # Allow unfree packages nixpkgs.config.allowUnfree = lib.mkDefault false; @@ -74,14 +75,17 @@ # create a fhs environment by command `fhs`, so we can run non-nixos packages in nixos! ( - let base = pkgs.appimageTools.defaultFhsEnvArgs; in - pkgs.buildFHSUserEnv (base // { - name = "fhs"; - targetPkgs = pkgs: (base.targetPkgs pkgs) ++ [ pkgs.pkg-config ]; - profile = "export FHS=1"; - runScript = "bash"; - extraOutputsToInstall = [ "dev" ]; - }) + let + base = pkgs.appimageTools.defaultFhsEnvArgs; + in + pkgs.buildFHSUserEnv (base + // { + name = "fhs"; + targetPkgs = pkgs: (base.targetPkgs pkgs) ++ [pkgs.pkg-config]; + profile = "export FHS=1"; + runScript = "bash"; + extraOutputsToInstall = ["dev"]; + }) ) ]; diff --git a/modules/nixos/fhs-fonts.nix b/modules/nixos/fhs-fonts.nix index 409da5bd..9fc2a471 100644 --- a/modules/nixos/fhs-fonts.nix +++ b/modules/nixos/fhs-fonts.nix @@ -1,33 +1,33 @@ -{ config, pkgs, ... }: - { + config, + pkgs, + ... +}: { ################################################################################### # # Copy from https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1326957279 # Mainly for flatpak - # 1. bindfs resolves all symlink, + # 1. bindfs resolves all symlink, # 2. allowing all fonts to be accessed at `/usr/share/fonts` # 3. without letting /nix into the sandbox. # ################################################################################### - system.fsPackages = [ pkgs.bindfs ]; - fileSystems = - let - mkRoSymBind = path: { - device = path; - fsType = "fuse.bindfs"; - options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ]; - }; - aggregatedFonts = pkgs.buildEnv { - name = "system-fonts"; - paths = config.fonts.fonts; - pathsToLink = [ "/share/fonts" ]; - }; - in - { - # Create an FHS mount to support flatpak host icons/fonts - "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons"); - "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts"); + system.fsPackages = [pkgs.bindfs]; + fileSystems = let + mkRoSymBind = path: { + device = path; + fsType = "fuse.bindfs"; + options = ["ro" "resolve-symlinks" "x-gvfs-hide"]; }; + aggregatedFonts = pkgs.buildEnv { + name = "system-fonts"; + paths = config.fonts.fonts; + pathsToLink = ["/share/fonts"]; + }; + in { + # Create an FHS mount to support flatpak host icons/fonts + "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons"); + "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts"); + }; } diff --git a/modules/nixos/hyprland.nix b/modules/nixos/hyprland.nix index afec8760..e1597567 100644 --- a/modules/nixos/hyprland.nix +++ b/modules/nixos/hyprland.nix @@ -1,8 +1,4 @@ -{ pkgs, ... }: - - -{ - +{pkgs, ...}: { ########################################################################################################## # # NixOS's Configuration for Hyprland Window Manager @@ -13,8 +9,7 @@ # ########################################################################################################## - - environment.pathsToLink = [ "/libexec" ]; # links /libexec from derivations to /run/current-system/sw + environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw services.xserver = { enable = true; @@ -44,7 +39,6 @@ }; programs.light.enable = true; # monitor backlight control - # thunar file manager(part of xfce) related options programs.thunar.plugins = with pkgs.xfce; [ thunar-archive-plugin @@ -74,12 +68,12 @@ yad # a fork of zenity, for creating dialogs # audio - alsa-utils # provides amixer/alsamixer/... - cava # for visualizing audio + alsa-utils # provides amixer/alsamixer/... + cava # for visualizing audio mpd # for playing system sounds mpc-cli # command-line mpd client ncmpcpp # a mpd client with a UI - networkmanagerapplet # provide GUI app: nm-connection-editor + networkmanagerapplet # provide GUI app: nm-connection-editor xfce.thunar # xfce4's file manager ]; diff --git a/modules/nixos/i3.nix b/modules/nixos/i3.nix index f9dec12e..577c2e51 100644 --- a/modules/nixos/i3.nix +++ b/modules/nixos/i3.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { #################################################################### # # NixOS's Configuration for I3 Window Manager @@ -8,7 +6,7 @@ #################################################################### # i3 related options - environment.pathsToLink = [ "/libexec" ]; # links /libexec from derivations to /run/current-system/sw + environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw services.xserver = { enable = true; @@ -42,7 +40,7 @@ xorg.xdpyinfo # get screen information scrot # minimal screen capture tool, used by i3 blur lock to take a screenshot sysstat # get system information - alsa-utils # provides amixer/alsamixer/... + alsa-utils # provides amixer/alsamixer/... xfce.thunar # xfce4's file manager ]; diff --git a/modules/nixos/libvirt.nix b/modules/nixos/libvirt.nix index 00d4cff4..d6c1a45b 100644 --- a/modules/nixos/libvirt.nix +++ b/modules/nixos/libvirt.nix @@ -1,7 +1,8 @@ - -{ lib, pkgs, ... }: - { + lib, + pkgs, + ... +}: { ################################################################################### # # Enable Libvirt(QEMU/KVM), install qemu-system-riscv64/qemu-system-loongarch64/...) @@ -11,7 +12,7 @@ virtualisation = { libvirtd = { enable = true; - # hanging this option to false may cause file permission issues for existing guests. + # hanging this option to false may cause file permission issues for existing guests. # To fix these, manually change ownership of affected files in /var/lib/libvirt/qemu to qemu-libvirtd. qemu.runAsRoot = true; }; @@ -37,12 +38,11 @@ qemu_full ]; - boot.kernelModules = [ "kvm-amd" "kvm-intel" ]; + boot.kernelModules = ["kvm-amd" "kvm-intel"]; # Enable nested virsualization, required by security containers and nested vm. - boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu + boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu # boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu - # NixOS VM should enable this: # services.qemuGuest = { # enable = true; diff --git a/modules/nixos/proxmox-hardware-configuration.nix b/modules/nixos/proxmox-hardware-configuration.nix index 0b4ae909..060ecf26 100644 --- a/modules/nixos/proxmox-hardware-configuration.nix +++ b/modules/nixos/proxmox-hardware-configuration.nix @@ -1,24 +1,28 @@ -{ config, lib, ... }: - +{ + config, + lib, + username, + ... +}: ############################################################################## # # Template for Proxmox's VM, mainly based on: # https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/virtualisation/proxmox-image.nix # # the url above is used by `nixos-generator` to generate the Proxmox's VMA image file. -# +# ############################################################################## - { - # DO NOT promote ryan to input password for sudo. # this is a workaround for the issue of remote deploy: # https://github.com/NixOS/nixpkgs/issues/118655 security.sudo.extraRules = [ - { users = [ "ryan" ]; + { + users = [ username ]; commands = [ - { command = "ALL" ; - options = [ "NOPASSWD" ]; + { + command = "ALL"; + options = ["NOPASSWD"]; } ]; } @@ -27,7 +31,7 @@ boot = { # after resize the disk, it will grow partition automatically. growPartition = true; - kernelParams = [ "console=ttyS0" ]; + kernelParams = ["console=ttyS0"]; loader.grub = { device = "/dev/vda"; @@ -36,8 +40,8 @@ efiInstallAsRemovable = false; }; - loader.timeout = 3; # wait for 3 seconds to select the boot entry - initrd.availableKernelModules = [ "uas" "virtio_blk" "virtio_pci" ]; + loader.timeout = lib.mkForce 3; # wait for 3 seconds to select the boot entry + initrd.availableKernelModules = ["uas" "virtio_blk" "virtio_pci"]; }; fileSystems."/" = { @@ -47,7 +51,6 @@ }; # we do not have a /boot partition, so do not mount it. - # it alse had qemu-guest-agent installed by default. services.qemuGuest.enable = lib.mkDefault true; } diff --git a/modules/nixos/remote-building.nix b/modules/nixos/remote-building.nix index 693d5e98..a5ebdb7f 100644 --- a/modules/nixos/remote-building.nix +++ b/modules/nixos/remote-building.nix @@ -1,5 +1,5 @@ -{ ... }: { - +{ username, ... }: +{ #################################################################### # # NixOS's Configuration for Remote Building / Distributed Building @@ -8,68 +8,67 @@ # 1. https://github.com/NixOS/nix/issues/7380 # 2. https://nixos.wiki/wiki/Distributed_build # 3. https://github.com/NixOS/nix/issues/2589 + # #################################################################### # set local's max-job to 0 to force remote building(disable local building) # nix.settings.max-jobs = 0; nix.distributedBuilds = true; - nix.buildMachines = - let - sshUser = "ryan"; - # ssh key's path on local machine - sshKey = "/home/ryan/.ssh/ai-idols"; - systems = [ - # native arch - "x86_64-linux" + nix.buildMachines = let + sshUser = username; + # ssh key's path on local machine + sshKey = "/home/${username}/.ssh/ai-idols"; + systems = [ + # native arch + "x86_64-linux" - # emulated arch using binfmt_misc and qemu-user - "aarch64-linux" - "riscv64-linux" - ]; - # all available system features are poorly documentd here: - # https://github.com/NixOS/nix/blob/e503ead/src/libstore/globals.hh#L673-L687 - supportedFeatures = [ - "benchmark" - "big-parallel" - "kvm" - ]; - in - [ - # Nix seems always try to build on the machine remotely - # to make use of the local machine's high-performance CPU, do not set remote builder's maxJobs too high. - { - # some of my remote builders are running NixOS - # and has the same sshUser, sshKey, systems, etc. - inherit sshUser sshKey systems supportedFeatures; + # emulated arch using binfmt_misc and qemu-user + "aarch64-linux" + "riscv64-linux" + ]; + # all available system features are poorly documentd here: + # https://github.com/NixOS/nix/blob/e503ead/src/libstore/globals.hh#L673-L687 + supportedFeatures = [ + "benchmark" + "big-parallel" + "kvm" + ]; + in [ + # Nix seems always try to build on the machine remotely + # to make use of the local machine's high-performance CPU, do not set remote builder's maxJobs too high. + { + # some of my remote builders are running NixOS + # and has the same sshUser, sshKey, systems, etc. + inherit sshUser sshKey systems supportedFeatures; - # the hostName should be: - # 1. a hostname that can be resolved by DNS - # 2. the ip address of the remote builder - # 3. a host alias defined globally in /etc/ssh/ssh_config - hostName = "aquamarine"; - # remote builder's max-job - maxJobs = 3; - # speedFactor's a signed integer - # but it seems that it's not used by Nix, takes no effect - speedFactor = 1; - } - { - inherit sshUser sshKey systems supportedFeatures; - hostName = "ruby"; - maxJobs = 2; - speedFactor = 1; - } - { - inherit sshUser sshKey systems supportedFeatures; - hostName = "kana"; - maxJobs = 2; - speedFactor = 1; - } - ]; + # the hostName should be: + # 1. a hostname that can be resolved by DNS + # 2. the ip address of the remote builder + # 3. a host alias defined globally in /etc/ssh/ssh_config + hostName = "aquamarine"; + # remote builder's max-job + maxJobs = 3; + # speedFactor's a signed integer + # but it seems that it's not used by Nix, takes no effect + speedFactor = 1; + } + { + inherit sshUser sshKey systems supportedFeatures; + hostName = "ruby"; + maxJobs = 2; + speedFactor = 1; + } + { + inherit sshUser sshKey systems supportedFeatures; + hostName = "kana"; + maxJobs = 2; + speedFactor = 1; + } + ]; # optional, useful when the builder has a faster internet connection than yours - nix.extraOptions = '' - builders-use-substitutes = true - ''; + nix.extraOptions = '' + builders-use-substitutes = true + ''; # define the host alias for remote builders # this config will be written to /etc/ssh/ssh_config @@ -77,11 +76,11 @@ Host ai HostName 192.168.5.100 Port 22 - + Host aquamarine HostName 192.168.5.101 Port 22 - + Host ruby HostName 192.168.5.102 Port 22 @@ -96,19 +95,19 @@ programs.ssh.knownHosts = { # 星野 愛久愛海, Hoshino Aquamarine aquamarine = { - hostNames = [ "aquamarine" "192.168.5.101" ]; + hostNames = ["aquamarine" "192.168.5.101"]; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDnCQXlllHoLX5EvU+t6yP/npsmuxKt0skHVeJashizE"; }; # 星野 瑠美衣, Hoshino Rubii ruby = { - hostNames = [ "ruby" "192.168.5.102" ]; + hostNames = ["ruby" "192.168.5.102"]; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7n11XxB8B3HjdyAsL3PuLVDZxWCzEOUTJAY8+goQmW"; }; # 有馬 かな, Arima Kana kana = { - hostNames = [ "kana" "192.168.5.103" ]; + hostNames = ["kana" "192.168.5.103"]; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ3dDLOZERP1nZfRz3zIeVDm1q2Trer+fWFVvVXrgXM1"; }; }; diff --git a/modules/nixos/user-group.nix b/modules/nixos/user-group.nix index e76ff844..fce7521c 100644 --- a/modules/nixos/user-group.nix +++ b/modules/nixos/user-group.nix @@ -1,24 +1,24 @@ -{ ... }: +{ username, ... }: { - nix.settings.trusted-users = ["ryan"]; + nix.settings.trusted-users = [username]; users.groups = { - ryan = { }; - docker = { }; - wireshark = { }; + "${username}" = {}; + docker = {}; + wireshark = {}; }; # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.ryan = { + users.users."${username}" = { # the hashed password with salt is generated by run `mkpasswd`. hashedPassword = "$y$j9T$YQu5vhlnogjDFDWp9QkPh0$Eu85OiwllqvLg5fzRVMLVHNO7InA3ro8grTJJIepyH1"; - home = "/home/ryan"; + home = "/home/${username}"; isNormalUser = true; - description = "ryan"; - extraGroups = [ - "ryan" + description = username; + extraGroups = [ + username "users" - "networkmanager" + "networkmanager" "wheel" "docker" "wireshark" @@ -29,4 +29,21 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDiipi59EnVbi6bK1bGrcbfEM263wgdNfbrt6VBC1rHx ryan@ai-idols" ]; }; + + # DO NOT promote the specified user to input password for `nix-store` and `nix-copy-closure` + security.sudo.extraRules = [ + { + users = [username]; + commands = [ + { + command = "/run/current-system/sw/bin/nix-store"; + options = ["NOPASSWD"]; + } + { + command = "/run/current-system/sw/bin/nix-copy-closure"; + options = ["NOPASSWD"]; + } + ]; + } + ]; } diff --git a/overlays/default.nix b/overlays/default.nix index a2f58c93..b45fab1f 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,7 +1,9 @@ args: # execute and import all overlay files in the current directory with the given args builtins.map - (f: (import (./. + "/${f}") args)) # execute and import the overlay file - (builtins.filter # find all overlay files in the current directory - (f: f != "default.nix") - (builtins.attrNames (builtins.readDir ./.))) +(f: (import (./. + "/${f}") args)) # execute and import the overlay file + +(builtins.filter # find all overlay files in the current directory + + (f: f != "default.nix") + (builtins.attrNames (builtins.readDir ./.))) diff --git a/overlays/fcitx5/default.nix b/overlays/fcitx5/default.nix index 304dc0cd..11cdb30c 100644 --- a/overlays/fcitx5/default.nix +++ b/overlays/fcitx5/default.nix @@ -1,12 +1,10 @@ # 为了不使用默认的 rime-data,改用我自定义的小鹤音形数据,这里需要 override # 参考 https://github.com/NixOS/nixpkgs/blob/e4246ae1e7f78b7087dce9c9da10d28d3725025f/pkgs/tools/inputmethods/fcitx5/fcitx5-rime.nix -{ ... }: - -(self: super: { +{...}: (self: super: { # 小鹤音形配置,配置来自 flypy.com 官方网盘的鼠须管配置压缩包「小鹤音形“鼠须管”for macOS.zip」 # 我仅修改了 default.yaml 文件,将其中的半角括号改为了直角括号「 与 」。 rime-data = ./rime-data-flypy; - fcitx5-rime = super.fcitx5-rime.override { rimeDataPkgs = [ ./rime-data-flypy ]; }; + fcitx5-rime = super.fcitx5-rime.override {rimeDataPkgs = [./rime-data-flypy];}; # used by macOS Squirrel flypy-squirrel = ./rime-data-flypy; diff --git a/secrets/darwin.nix b/secrets/darwin.nix index 1576db4b..4983bec3 100644 --- a/secrets/darwin.nix +++ b/secrets/darwin.nix @@ -1,7 +1,12 @@ - -{ config, pkgs, agenix, mysecrets, ... }: - { + config, + pkgs, + agenix, + mysecrets, + + username, + ... +}: { imports = [ agenix.darwinModules.default ]; @@ -11,8 +16,8 @@ ]; # if you changed this key, you need to regenerate all encrypt files from the decrypt contents! - age.identityPaths = [ - "/Users/ryan/.ssh/juliet-age" # macOS + age.identityPaths = [ + "/Users/${username}/.ssh/juliet-age" # macOS ]; age.secrets = { @@ -31,7 +36,7 @@ # place secrets in /etc/ environment.etc = { - # wireguard config used with `wg-quick up wg-business` + # wireguard config used with `wg-quick up wg-business` # Fix DNS for WireGuard on macOS: https://github.com/ryan4yin/nix-config/issues/5 "wireguard/wg-business.conf" = { source = config.age.secrets."wg-business.conf".path; @@ -39,7 +44,7 @@ # The following secrets are used by home-manager modules # But nix-darwin doesn't support environment.etc..mode - # So we need to change its mode manually + # So we need to change its mode manually "agenix/alias-for-work.nushell" = { source = config.age.secrets."alias-for-work.nushell".path; }; @@ -56,5 +61,4 @@ system.activationScripts.postUserActivation.text = '' sudo chmod 644 /etc/agenix/* ''; - } diff --git a/secrets/nixos.nix b/secrets/nixos.nix index 5c85a72c..23d92a11 100644 --- a/secrets/nixos.nix +++ b/secrets/nixos.nix @@ -1,7 +1,12 @@ - -{ config, pkgs, agenix, mysecrets, ... }: - { + config, + pkgs, + agenix, + mysecrets, + + username, + ... +}: { imports = [ agenix.nixosModules.default ]; @@ -11,8 +16,8 @@ ]; # if you changed this key, you need to regenerate all encrypt files from the decrypt contents! - age.identityPaths = [ - "/home/ryan/.ssh/juliet-age" # Linux + age.identityPaths = [ + "/home/${username}/.ssh/juliet-age" # Linux ]; # Used only by NixOS Modules @@ -37,7 +42,7 @@ # place secrets in /etc/ environment.etc = { - # wireguard config used with `wg-quick up wg-business` + # wireguard config used with `wg-quick up wg-business` "wireguard/wg-business.conf" = { source = config.age.secrets."wg-business.conf".path; };