feat: add distributed-builds & many hosts

feat: remove nur & devenv
feat: adjust the structure to make it suitable for servers
feat: add iso/proxmox generators and add docs about it
feat: update ryan's openssh keys & add hashedPassword
feat: add proxmox's nodes into ssh_config, with alias

home/base/server/bash.nix

@@ -0,0 +1,17 @@
+{ ... }: {
+  programs.bash = {
+    enable = true;
+    enableCompletion = true;
+    bashrcExtra = ''
+      export PATH="$PATH:$HOME/bin:$HOME/.local/bin:$HOME/go/bin"
+    '';
+
+    shellAliases = {
+      k = "kubectl";
+
+      urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'";
+      urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
+      httpproxy = "export https_proxy=http://127.0.0.1:7890; export http_proxy=http://127.0.0.1:7890;";
+    };
+  };
+}

home/base/server/core.nix

@@ -0,0 +1,77 @@
+{ pkgs, ... }:
+
+{
+  home.packages = with pkgs; [
+    neofetch
+    nnn # terminal file manager
+
+    # archives
+    zip
+    xz
+    unzip
+    p7zip
+
+    # utils
+    ripgrep # recursively searches directories for a regex pattern
+    jq # A lightweight and flexible command-line JSON processor
+    yq-go # yaml processer https://github.com/mikefarah/yq
+    exa # A modern replacement for ‘ls’
+    fzf # A command-line fuzzy finder
+
+    # networking tools
+    mtr # A network diagnostic tool
+    iperf3
+    dnsutils  # `dig` + `nslookup`
+    ldns # replacement of `dig`, it provide the command `drill`
+    aria2 # A lightweight multi-protocol & multi-source command-line download utility
+    socat # replacement of openbsd-netcat
+    nmap # A utility for network discovery and security auditing
+    ipcalc  # it is a calculator for the IPv4/v6 addresses
+
+    # misc
+    cowsay
+    file
+    which
+    tree
+    gnused
+    gnutar
+    gawk
+    zstd
+    caddy
+    gnupg
+
+    # nix related
+    # 
+    # it provides the command `nom` works just like `nix
+    # with more details log output
+    nix-output-monitor
+
+    # productivity
+    hugo # static site generator
+    glow # markdown previewer in terminal
+  ];
+
+  programs = {
+    # a cat(1) clone with syntax highlighting and Git integration.
+    bat = {
+      enable = true;
+      config = {
+        pager = "less -FR";
+        theme = "Catppuccin-mocha";
+      };
+      themes = {
+        Catppuccin-mocha = builtins.readFile (pkgs.fetchurl {
+          url = "https://raw.githubusercontent.com/catppuccin/bat/main/Catppuccin-mocha.tmTheme";
+          hash = "sha256-qMQNJGZImmjrqzy7IiEkY5IhvPAMZpq0W6skLLsng/w=";
+        });
+      };
+    };
+
+    # skim provides a single executable: sk.
+    # Basically anywhere you would want to use grep, try sk instead.
+    skim = {
+      enable = true;
+      enableBashIntegration = true;
+    };
+  };
+}

home/base/server/default.nix

@@ -0,0 +1,13 @@
+{ ... }:
+{
+  imports = [
+    ./nushell
+    ./tmux
+
+    ./bash.nix
+    ./core.nix
+    ./git.nix
+    ./starship.nix
+  ];
+
+}

home/base/server/git.nix

@@ -0,0 +1,77 @@
+{ config
+, lib
+, pkgs
+, ...
+}: {
+  # `programs.git` will generate the config file: ~/.config/git/config
+  # to make git use this config file, `~/.gitconfig` should not exist!
+  #
+  #    https://git-scm.com/docs/git-config#Documentation/git-config.txt---global
+  home.activation.removeExistingGitconfig = lib.hm.dag.entryBefore [ "checkLinkTargets" ] ''
+    rm -f ~/.gitconfig
+  '';
+
+  programs.git = {
+    enable = true;
+    lfs.enable = true;
+
+    userName = "Ryan Yin";
+    userEmail = "xiaoyin_c@qq.com";
+
+    includes = [
+      {
+        # use diffrent email & name for work
+        path = "~/work/.gitconfig";
+        condition = "gitdir:~/work/";
+      }
+    ];
+
+    extraConfig = {
+      init.defaultBranch = "main";
+      push.autoSetupRemote = true;
+      pull.rebase = true;
+
+      # replace https with ssh
+      url = {
+        "ssh://git@github.com/" = {
+          insteadOf = "https://github.com/";
+        };
+        "ssh://git@gitlab.com/" = {
+          insteadOf = "https://gitlab.com/";
+        };
+        "ssh://git@bitbucket.com/" = {
+          insteadOf = "https://bitbucket.com/";
+        };
+      };
+    };
+
+    # signing = {
+    #   key = "xxx";
+    #   signByDefault = true;
+    # };
+
+    delta = {
+      enable = true;
+      options = {
+        features = "side-by-side";
+      };
+    };
+
+    aliases = {
+      # common aliases
+      br = "branch";
+      co = "checkout";
+      st = "status";
+      ls = "log --pretty=format:\"%C(yellow)%h%Cred%d\\\\ %Creset%s%Cblue\\\\ [%cn]\" --decorate";
+      ll = "log --pretty=format:\"%C(yellow)%h%Cred%d\\\\ %Creset%s%Cblue\\\\ [%cn]\" --decorate --numstat";
+      cm = "commit -m";
+      ca = "commit -am";
+      dc = "diff --cached";
+      amend = "commit --amend -m";
+
+      # aliases for submodule
+      update = "submodule update --init --recursive";
+      foreach = "submodule foreach";
+    };
+  };
+}

home/base/server/nushell/config.nu

@@ -0,0 +1,50 @@
+# Nushell Config File
+#
+# version = 0.81.1
+
+# The default config record. This is where much of your global configuration is setup.
+let-env config = {
+  # true or false to enable or disable the welcome banner at startup
+  show_banner: false
+  
+  table: {
+    mode: rounded # basic, compact, compact_double, light, thin, with_love, rounded, reinforced, heavy, none, other
+    index_mode: always # "always" show indexes, "never" show indexes, "auto" = show indexes when a table has "index" column
+    show_empty: true # show 'empty list' and 'empty record' placeholders for command output
+    trim: {
+      methodology: wrapping # wrapping or truncating
+      wrapping_try_keep_words: true # A strategy used by the 'wrapping' methodology
+      truncating_suffix: "..." # A suffix used by the 'truncating' methodology
+    }
+  }
+
+  completions: {
+    case_sensitive: false # set to true to enable case-sensitive completions
+    quick: true  # set this to false to prevent auto-selecting completions when only one remains
+    partial: true  # set this to false to prevent partial filling of the prompt
+    algorithm: "prefix"  # prefix or fuzzy
+    external: {
+      enable: true # set to false to prevent nushell looking into $env.PATH to find more suggestions, `false` recommended for WSL users as this look up may be very slow
+      max_results: 100 # setting it lower can improve completion performance at the cost of omitting some options
+      completer: null # check 'carapace_completer' above as an example
+    }
+  }
+  filesize: {
+    metric: true # true => KB, MB, GB (ISO standard), false => KiB, MiB, GiB (Windows standard)
+    format: "auto" # b, kb, kib, mb, mib, gb, gib, tb, tib, pb, pib, eb, eib, zb, zib, auto
+  }
+  cursor_shape: {
+    emacs: line # block, underscore, line, blink_block, blink_underscore, blink_line (line is the default)
+    vi_insert: block # block, underscore, line , blink_block, blink_underscore, blink_line (block is the default)
+    vi_normal: underscore # block, underscore, line, blink_block, blink_underscore, blink_line (underscore is the default)
+  }
+  use_grid_icons: true
+  footer_mode: "25" # always, never, number_of_rows, auto
+  float_precision: 2 # the precision for displaying floats in tables
+  # buffer_editor: "emacs" # command that will be used to edit the current line buffer with ctrl+o, if unset fallback to $env.EDITOR and $env.VISUAL
+  use_ansi_coloring: true
+  bracketed_paste: true # enable bracketed paste, currently useless on windows
+  edit_mode: emacs # emacs, vi
+  shell_integration: true # enables terminal markers and a workaround to arrow keys stop working issue
+  render_right_prompt_on_last_line: false # true or false to enable or disable right prompt to be rendered on last line of the prompt.
+}

home/base/server/nushell/default.nix

@@ -0,0 +1,20 @@
+{ ... }: {
+  programs.nushell = {
+    enable = true;
+    configFile.source = ./config.nu;
+
+    # home-manager will merge the cotent in `environmentVariables` with the `envFile.source`
+    # but basically, I set all environment variables via the shell-independent way, so I don't need to use those two options
+    # 
+    # envFile.source = ./env.nu;
+    # environmentVariables = { FOO="bar"; };
+
+    shellAliases = {
+      k = "kubectl";
+
+      urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'";
+      urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
+      httpproxy = "let-env https_proxy = http://127.0.0.1:7890; let-env http_proxy = http://127.0.0.1:7890;";
+    };
+  };
+}

home/base/server/starship.nix

@@ -0,0 +1,24 @@
+{ config, ... }: {
+  programs.starship = {
+    enable = true;
+
+    enableBashIntegration = true;
+    enableNushellIntegration = true;
+
+    settings = {
+      character = {
+        success_symbol = "[›](bold green)";
+        error_symbol = "[›](bold red)";
+      };
+      aws = {
+        symbol = "🅰 ";
+      };
+      gcloud = {
+        # do not show the account/project's info
+        # to avoid the leak of sensitive information when sharing the terminal
+        format = "on [$symbol$active(\($region\))]($style) ";
+        symbol = "🅶 ️";
+      };
+    };
+  };
+}

home/base/server/tmux/custom-plugins.nix

@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+
+let
+  buildTmuxPlugin = pkgs.tmuxPlugins.mkTmuxPlugin;
+in
+{
+  draculaTheme = buildTmuxPlugin {
+    pluginName = "dracula";
+    version = "v2.2.0";
+    src = builtins.fetchTarball {
+      name   = "dracula-tmux-v2.2.0";
+      url    = "https://github.com/dracula/tmux/archive/refs/tags/v2.2.0.tar.gz";
+      sha256 = "sha256:0v2k994yy4xx2iw8qxg7qphw46gq2qmg496i3a3h9b6jgwxqm7zn";
+    };
+  };
+}

home/base/server/tmux/default.nix

@@ -0,0 +1,64 @@
+{ config, pkgs, ... }:
+
+let
+  plugins  = pkgs.tmuxPlugins // pkgs.callPackage ./custom-plugins.nix {};
+in
+{
+  programs.tmux = {
+    enable = true;
+
+    # Resize the window to the size of the smallest session for which it is the current window.
+    # 
+    aggressiveResize = true;
+
+    # https://github.com/tmux-plugins/tmux-sensible
+    # tmux-sensible overwrites default tmux shortcuts, makes them more sane.
+    sensibleOnTop = true;
+    
+    # extraConfig =  builtins.readFile ./tmux.conf;
+    # keyMode = "vi";  # default is emacs
+    
+    baseIndex = 1; # start index from 1
+    escapeTime = 0; # do not wait for escape key
+    terminal = "xterm-256color";
+
+    plugins = with plugins; [
+      draculaTheme # theme
+      {
+        # https://github.com/tmux-plugins/tmux-continuum
+        # Continuous saving of tmux environment. Automatic restore when tmux is started.
+        # Automatic tmux start when computer is turned on. 
+        plugin = continuum;
+        extraConfig = ''
+          set -g @continuum-boot 'on'
+          set -g @continuum-save-interval '15'
+          
+          # Option to display current status of tmux continuum in tmux status line. 
+          set -g status-right 'Continuum status: #{continuum_status}'
+        '';
+      }
+      {
+        # https://github.com/tmux-plugins/tmux-resurrect
+        # Manually persists tmux environment across system restarts.
+        #   prefix + Ctrl-s - save
+        #   prefix + Ctrl-r - restore
+        # 
+        plugin = resurrect;
+        # Restore Neovim sessions
+        extraConfig = "set -g @resurrect-strategy-nvim 'session'";
+      }
+      {
+        # https://github.com/tmux-plugins/tmux-yank
+        # Enables copying to system clipboard.
+        plugin = yank;
+      }
+      # set -g @plugin 'tmux-plugins/tmux-cpu'
+      {
+        plugin = cpu;
+        extraConfig = ''
+          set -g status-right '#{cpu_bg_color} CPU: #{cpu_icon} #{cpu_percentage} | %a %h-%d %H:%M '
+        '';
+      }
+    ];
+  };
+}