starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-05-28 18:39:31 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity

Compare commits

base: starred/nix-config:v0.1.1
Branches Tags
starred/nix-config:main starred/nix-config:dma-shell starred/nix-config:i3-kickstarter
starred/nix-config:v0.15.0 starred/nix-config:v0.14.0 starred/nix-config:v0.13.0 starred/nix-config:v0.12.0 starred/nix-config:v0.11.0 starred/nix-config:v0.10.0 starred/nix-config:v0.9.0 starred/nix-config:v0.8.0 starred/nix-config:v0.7.0 starred/nix-config:v0.6.0 starred/nix-config:v0.5.5 starred/nix-config:v0.5.4 starred/nix-config:v0.5.3 starred/nix-config:v0.5.2 starred/nix-config:v0.5.1 starred/nix-config:v0.5.0 starred/nix-config:v0.4.5 starred/nix-config:v0.4.4 starred/nix-config:v0.4.3 starred/nix-config:v0.4.2 starred/nix-config:v0.4.1 starred/nix-config:v0.4.0 starred/nix-config:v0.3.0 starred/nix-config:v0.2.2 starred/nix-config:v0.2.1 starred/nix-config:v0.2.0 starred/nix-config:v0.1.1 starred/nix-config:v0.1.0 starred/nix-config:v0.0.5 starred/nix-config:v0.0.4 starred/nix-config:v0.0.3 starred/nix-config:v0.0.2 starred/nix-config:v0.0.1
...
compare: starred/nix-config:v0.2.0
Branches Tags
starred/nix-config:main starred/nix-config:dma-shell starred/nix-config:i3-kickstarter
starred/nix-config:v0.15.0 starred/nix-config:v0.14.0 starred/nix-config:v0.13.0 starred/nix-config:v0.12.0 starred/nix-config:v0.11.0 starred/nix-config:v0.10.0 starred/nix-config:v0.9.0 starred/nix-config:v0.8.0 starred/nix-config:v0.7.0 starred/nix-config:v0.6.0 starred/nix-config:v0.5.5 starred/nix-config:v0.5.4 starred/nix-config:v0.5.3 starred/nix-config:v0.5.2 starred/nix-config:v0.5.1 starred/nix-config:v0.5.0 starred/nix-config:v0.4.5 starred/nix-config:v0.4.4 starred/nix-config:v0.4.3 starred/nix-config:v0.4.2 starred/nix-config:v0.4.1 starred/nix-config:v0.4.0 starred/nix-config:v0.3.0 starred/nix-config:v0.2.2 starred/nix-config:v0.2.1 starred/nix-config:v0.2.0 starred/nix-config:v0.1.1 starred/nix-config:v0.1.0 starred/nix-config:v0.0.5 starred/nix-config:v0.0.4 starred/nix-config:v0.0.3 starred/nix-config:v0.0.2 starred/nix-config:v0.0.1

153 Commits
v0.1.1 ... v0.2.0

Author SHA1 Message Date
Ryan Yin ef60e7bf91 fix: warning for i3wm - xdg-portal 2023-12-03 01:10:36 +08:00
Ryan Yin 05bfd2df13 fix: persistent files 2023-12-03 00:40:13 +08:00
Ryan Yin 9d00eb39f9 fix: pipewire-pulse.service failed to start 2023-12-02 23:56:45 +08:00
Ryan Yin 30a9619f2c feat: add groups for udev rules 2023-12-02 23:50:56 +08:00
Ryan Yin da2ab6f86b fix: docker storage driver - btrfs 2023-12-02 22:57:35 +08:00
Ryan Yin 7c61a58808 feat: secureboot 2023-12-02 22:46:52 +08:00
ryan4yin 67c62534e8 feat: impermanence 2023-12-02 20:56:50 +08:00
Ryan Yin 26dc7bb149 fix: wezterm's chinese font on macOS 2023-12-01 16:42:21 +08:00
Ryan Yin a1120fd930 Merge pull request #22 from zhpjy/main 
修正简体中文显示为异体(日文)字形问题
 2023-12-01 16:41:14 +08:00
zhpjy 13c72a8256 修正简体中文显示为异体(日文)字形问题 
参考:https://wiki.archlinuxcn.org/wiki/%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E6%9C%AC%E5%9C%B0%E5%8C%96#%E4%B9%B1%E7%A0%81%E9%97%AE%E9%A2%98:~:text=%E5%AD%97%E4%BD%93%E8%B0%83%E6%A0%A1%E6%8C%87%E5%8D%97-,%E4%BF%AE%E6%AD%A3%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E6%98%BE%E7%A4%BA%E4%B8%BA%E5%BC%82%E4%BD%93%EF%BC%88%E6%97%A5%E6%96%87%EF%BC%89%E5%AD%97%E5%BD%A2,-%5B%E7%BC%96%E8%BE%91%20%7C
 2023-12-01 00:54:52 +08:00
Ryan Yin 0322de2622 feat: add istioctl 2023-11-30 17:39:35 +08:00
Ryan Yin d9be6f9213 fix: wezterm on darwin 2023-11-30 11:01:53 +08:00
Ryan Yin b977203d15 feat: mount swap subvolume in read-only mode 2023-11-28 22:10:39 +08:00
Ryan Yin db4e3b5fdd feat: enable btrfs's zstd compression 2023-11-28 00:26:40 +08:00
Ryan Yin a1f4764526 fix: nix-darwin with nixos-23.11 2023-11-27 16:16:24 +08:00
Ryan Yin 0996ec71e9 docs: update comments 2023-11-27 01:14:17 +08:00
ryan4yin 2e8d068070 feat: encrypted boot partition, fix nix.gc args 2023-11-27 00:38:13 +08:00
Ryan Yin ee606e5518 fix: replace gparted with parted 2023-11-26 22:54:01 +08:00
Ryan Yin 440eb287ed feat: add gparted & ventoy 2023-11-26 22:50:53 +08:00
Ryan Yin ee9828151c docs: README 2023-11-26 22:40:32 +08:00
Ryan Yin 0b6bafb39c feat: minor updates for neovim & bat 2023-11-26 19:52:07 +08:00
Ryan Yin df570294b4 Merge pull request #20 from ryan4yin/nixos-23.11 
feat: upgrade nixpkgs to 23.11
 2023-11-26 19:27:20 +08:00
Ryan Yin 5e0c7e90ff feat: encrypted root partition with btrfs(except /boot partition) 2023-11-26 19:17:09 +08:00
Ryan Yin ada780afc8 feat: upgrade nixpkgs to 23.11 2023-11-15 01:24:42 +08:00
Ryan Yin d624ab4323 feat: update flake.lock 2023-10-29 14:59:35 +08:00
Ryan Yin f2dfb10c1b fix: sync to gitee 2023-10-04 12:35:09 +08:00
Ryan Yin f10666ff7c feat: sync to gitee 2023-10-04 12:30:36 +08:00
Ryan Yin a378fa3d60 feat: rime-data - update user dict 2023-10-02 16:56:20 +08:00
Ryan Yin dfefa53e6b feat: terraformer 2023-09-26 12:21:59 +08:00
Ryan Yin 09a6af9d36 docs: secrets 2023-09-19 11:44:31 +08:00
Ryan Yin 1172968a93 feat: add guile 2023-09-15 17:05:51 +08:00
Ryan Yin 6d2ba3f0c1 fix: typo 2023-09-11 01:06:34 +08:00
Ryan Yin 262988949c feat: gowin eda - fpga 2023-09-08 22:27:03 +08:00
Ryan Yin f5a745f37e feat: aliyun-cli 2023-09-08 18:42:21 +08:00
Ryan Yin 02b6079198 feat: add btop for macOS, remove verible from macOS 2023-09-07 16:35:59 +08:00
Ryan Yin c645d31dd3 feat: neovim - support verilog / systemverilog 2023-09-06 22:23:57 +08:00
Ryan Yin 32a6789f44 feat: adjust font's dpi 2023-09-06 21:53:38 +08:00
Ryan Yin f173808e10 fix: sonic-pi 2023-08-28 20:38:23 +08:00
Ryan Yin 7ba80d4458 feat: add sonic-pi - music programming 2023-08-28 13:36:26 +08:00
Ryan Yin e63a1a92e8 Merge pull request #16 from DataEraserC/main-2 
Remove extra curly brace
 2023-08-21 21:38:09 +08:00
雑魚~雑魚~ 90cb0f987b Remove extra curly brace 2023-08-21 05:08:07 -06:00
Ryan Yin bfd05251f2 feat: bump flake.lock 2023-08-19 02:41:04 +08:00
Ryan Yin 13b70df944 feat: use wireless interface for nozomi & yukina 2023-08-19 02:40:48 +08:00
Ryan Yin a0c6965438 feat: add nur-ryan4yin, install yazi 2023-08-17 22:57:08 +08:00
Ryan Yin e36daaa48c fix: macOS - commands like are required by some tools 2023-08-17 14:44:26 +08:00
Ryan Yin ca239579d5 feat: add pictures for 12kingdoms 2023-08-17 02:22:25 +08:00
Ryan Yin d34d2adb42 feat: update Makefile for aarch SBCs 2023-08-17 02:17:03 +08:00
Ryan Yin cc80f0e885 docs: add comments 2023-08-17 02:15:12 +08:00
Ryan Yin 737603403a feat: aarch64 host - suzu 2023-08-17 02:14:00 +08:00
Ryan Yin 05a94aae60 chore: fcitx5 - remove useless config 2023-08-16 23:45:36 +08:00
Ryan Yin b02b7c0af8 feat: more ssh keys 2023-08-16 20:40:54 +08:00
Ryan Yin 24cd473387 feat: README for /lib 2023-08-16 18:38:44 +08:00
Ryan Yin f6630bc6e0 feat: README for /lib 2023-08-16 18:35:11 +08:00
Ryan Yin 417e6658dc Merge pull request #15 from DataEraserC/main-1 
Fix typo
 2023-08-16 18:27:08 +08:00
雑魚~雑魚~ f626371732 Fix typo 2023-08-16 04:25:29 -06:00
Ryan Yin d318e35a93 feat: README - add pictures 2023-08-16 03:28:58 +08:00
Ryan Yin 7ddac56e17 feat: README - add pictures 2023-08-16 03:28:44 +08:00
Ryan Yin b060b69114 feat: README - add pictures 2023-08-16 03:26:15 +08:00
Ryan Yin 12f3032d8d feat: deploy via colmena 2023-08-16 03:12:31 +08:00
Ryan Yin bbd300422b fix: licheepi4a - mount boot partition 2023-08-16 02:44:34 +08:00
Ryan Yin b2d19ee218 Merge pull request #14 from ryan4yin/riscv64 
feat: add riscv64 cluster - rolling girls
 2023-08-16 02:07:38 +08:00
Ryan Yin f5c1148c94 feat: add riscv64 cluster - rolling girls 2023-08-16 02:06:48 +08:00
Ryan Yin f682523804 feat: deploy remotely via colmena(instead of nixos-rebuild) 2023-08-16 00:14:13 +08:00
Ryan Yin b635efba09 feat: add color picker 2023-08-16 00:14:13 +08:00
Ryan Yin bd474f798e Merge pull request #13 from Balssh/main-1 
Fix typo
 2023-08-15 08:36:38 +08:00
George Bals 1575e50fea Fix typo 
I love this repo, is very helpful in learning nixos
 2023-08-15 00:02:01 +03:00
Ryan Yin ae851875a9 fix: wezterm - font 2023-08-14 14:43:09 +08:00
Ryan Yin 24630c5e5d feat: add docs for terminal 2023-08-14 13:37:56 +08:00
Ryan Yin ae35522d11 feat: kitty - toggle maximized 2023-08-14 13:29:50 +08:00
Ryan Yin 6634eb7cb0 feat: wezterm - toggle window size 2023-08-14 13:21:16 +08:00
Ryan Yin d0568b9f19 feat: wezterm - toggle opacity 2023-08-14 13:16:01 +08:00
Ryan Yin 803992635f feat: enable wezterm 2023-08-14 12:25:14 +08:00
Ryan Yin 9dbf2293ce fix: neovim & wezterm 2023-08-14 11:51:16 +08:00
Ryan Yin bc9b29f62b feat: neovim - using configs from astrocommunity 2023-08-14 02:20:16 +08:00
Ryan Yin 7347bcb842 feat: neovim - markdown-preview 2023-08-14 01:41:34 +08:00
Ryan Yin cc9dfa7940 Update FUNDING.yml 2023-08-13 17:34:37 +08:00
Ryan Yin 0db7703857 docs: neovim - flash.nvim 2023-08-13 00:47:20 +08:00
Ryan Yin c8e84fbc36 feat: neovim - add flash.nvim 2023-08-13 00:38:33 +08:00
Ryan Yin d3553ae104 feat: neovim - add flash.nvim 2023-08-13 00:26:06 +08:00
Ryan Yin 9c5a1b12ef feat: neovim - fix performance issue of telescope preview 2023-08-12 22:42:35 +08:00
Ryan Yin d282a3b0b6 feat: neovim - more plugins 2023-08-12 22:03:02 +08:00
Ryan Yin 62487cc5ca docs: neovim 2023-08-12 21:36:21 +08:00
Ryan Yin f81c62dc0a feat: neovim - noice.nvim 2023-08-12 21:30:20 +08:00
Ryan Yin f02f673012 feat: update flake inputs 2023-08-12 21:15:49 +08:00
Ryan Yin 0be942efe2 feat: neovim - more plugins 2023-08-12 21:00:48 +08:00
Ryan Yin 9f91849707 docs: neovim 2023-08-12 20:28:10 +08:00
Ryan Yin 1cdf80adff docs: neovim 2023-08-12 20:26:01 +08:00
Ryan Yin 8be00a52c8 docs: neovim 2023-08-12 20:22:22 +08:00
Ryan Yin eb5c35d670 docs: neovim 2023-08-12 20:21:11 +08:00
Ryan Yin d00d8cd43b docs: neovim 2023-08-12 20:17:33 +08:00
Ryan Yin b4ea5aa354 docs: neovim 2023-08-12 20:16:05 +08:00
Ryan Yin 8a9af081fc docs: neovim 2023-08-12 20:10:09 +08:00
Ryan Yin ef86bc96f6 docs: neovim 2023-08-12 20:09:17 +08:00
Ryan Yin 289888aa50 feat: neovim - more plugins 2023-08-12 18:43:27 +08:00
Ryan Yin 5b1b79a760 fix: hyprland - cursor disapper with Nvidia GPU 2023-08-12 15:02:05 +08:00
Ryan Yin c60388668c feat: remove vscode 2023-08-12 14:57:59 +08:00
Ryan Yin 9c3e4bea8d feat: neovim - find and search globally, refactoring 2023-08-12 14:52:48 +08:00
Ryan Yin 2f6d1aa482 feat: add comments 2023-08-12 14:09:50 +08:00
Ryan Yin c5267e7932 feat: add tools for CLI search and replace, with diff preview 2023-08-12 13:57:30 +08:00
Ryan Yin 08baea2e22 feat: disable remote building 2023-08-12 11:54:18 +08:00
Ryan Yin 356ed4bfdc feat: add git-trim 2023-08-09 14:35:17 +08:00
Ryan Yin 3799aa0c90 fix: git delmerged 2023-08-09 13:13:39 +08:00
Ryan Yin 28779f60ea feat: git config 2023-08-09 12:40:31 +08:00
Ryan Yin d0a9bdd002 feat: git config 2023-08-09 12:00:51 +08:00
Ryan Yin 0ee541c9e4 feat: git config 2023-08-09 12:00:32 +08:00
Ryan Yin e1baf45441 feat: proxychains's conf for macOS 2023-08-09 11:25:18 +08:00
Ryan Yin e6c1b945f3 feat: proxychains-ng on macOS 2023-08-09 11:17:59 +08:00
Ryan Yin 0efb7dfba1 Update FUNDING.yml 2023-08-09 00:19:29 +08:00
Ryan Yin 4760e508be Create FUNDING.yml 2023-08-09 00:18:48 +08:00
Ryan Yin 682346a66a feat: update flake.lock 2023-08-07 15:25:33 +08:00
Ryan Yin 0fac56f612 fix: typo(tab instead of space) 2023-08-07 15:19:31 +08:00
Ryan Yin 270d43251f feat: update packages to the latest version, disable wezterm 2023-08-07 15:05:04 +08:00
Ryan Yin c3cf8138f8 feat: rime-data - add chinese character - 矽 2023-08-07 15:04:22 +08:00
Ryan Yin 7ccccfc84c feat: remove duplicate configs 2023-08-07 01:16:11 +08:00
Ryan Yin e39b79c508 feat: use the same nixpkgs as much as possible - macOS 2023-08-04 22:40:15 +08:00
Ryan Yin 664506b6cb feat: use the same nixpkgs as much as possible 2023-08-04 22:37:18 +08:00
Ryan Yin a946ff7cce feat: disable neovim's experimental plugin - noice.nvim 2023-08-04 00:40:17 +08:00
Ryan Yin 99819c1df5 docs: minor updates 2023-08-04 00:32:40 +08:00
Ryan Yin c515ea9807 feat: start dockerd on boot 2023-08-03 23:53:04 +08:00
Ryan Yin 7ce3e9a391 feat: add tcpdump, update comments 2023-08-03 23:36:15 +08:00
Ryan Yin f61271a323 feat: comments 2023-08-03 23:22:20 +08:00
Ryan Yin 4a988dbce7 refactor: development environment 2023-08-03 23:16:12 +08:00
Ryan Yin 79a866a287 feat: bump astronvim's version to v3.34.5 2023-08-03 17:31:15 +08:00
Ryan Yin bd53ef65ec feat: add sshconfig for k8s masters 2023-08-03 01:10:26 +08:00
Ryan Yin 804bf99e74 fix: remote building - virtual machines 2023-08-03 00:02:37 +08:00
Ryan Yin 6e7fa3e223 docs: how to search in kitty/alacritty 2023-08-01 17:49:33 +08:00
Ryan Yin 508a45d801 feat: kitty - tab bar on top 2023-08-01 13:16:43 +08:00
Ryan Yin 7c9cb5156f feat: update macOS's system config 2023-08-01 13:16:43 +08:00
Ryan Yin 08d8c4cbc5 fix: firefox gets wrong timezone on NixOS 2023-07-31 21:24:25 +08:00
Ryan Yin 7dc0adee72 feat: add bpftrace 2023-07-31 14:44:28 +08:00
Ryan Yin d61b27bcb5 feat: add bfg-repo-cleaner 2023-07-31 10:56:12 +08:00
Ryan Yin 0030a41a8f feat: install jdk17(Adoptium prebuilt jdk on macOS) 2023-07-31 10:52:43 +08:00
Ryan Yin 66fa46afb6 feat: adjust alacritty & kitty for macOS 2023-07-31 10:33:56 +08:00
Ryan Yin 26da19ba38 fix: grim(wayland): Failed to create image. https://github.com/ryan4yin/nix-config/issues/11 2023-07-30 17:45:17 +08:00
Ryan Yin 81a4104973 docs: README 2023-07-30 17:08:44 +08:00
Ryan Yin 6b55dfca46 docs: README 2023-07-30 17:00:56 +08:00
Ryan Yin b3676ccbe6 fix: correct waybar's config format 2023-07-30 16:44:41 +08:00
Ryan Yin 71af10ff3b feat: update readme, adjust nix settings 2023-07-30 16:32:05 +08:00
Ryan Yin a99adf065d feat: update for hyprland(wayland) 
refactor: core-desktop.nix & core-server.nix
 2023-07-30 16:18:44 +08:00
Ryan Yin 2485f24fcc docs: remove useless comments 2023-07-30 15:23:33 +08:00
Ryan Yin 777d915cd2 fix: https://github.com/ryan4yin/nix-config/issues/10 2023-07-30 15:16:48 +08:00
Ryan Yin 5df740ca6e docs: README 2023-07-30 05:06:20 +08:00
Ryan Yin dd27f9eaeb fix: add psmisc(killall) 2023-07-30 05:04:52 +08:00
Ryan Yin d370d96f47 feat: update for gtk/x11/xwayland 2023-07-30 04:48:46 +08:00
Ryan Yin 1e98f591f5 feat: replace wofi by anyrun - wayland 2023-07-30 04:19:03 +08:00
Ryan Yin 5e2bec4ac5 docs: README - WARNGING 2023-07-30 01:52:14 +08:00
Ryan Yin 0c30883e22 docs: README - secrets 2023-07-30 01:45:49 +08:00
Ryan Yin c9a42f1a13 feat: update Makefile 2023-07-30 01:37:02 +08:00
Ryan Yin a9c123d9d4 feat: update specific input 2023-07-30 01:35:55 +08:00
Ryan Yin e4c9e863cf feat: update comments 2023-07-30 01:25:28 +08:00
Ryan Yin 2970073d5e feat: add README for lib 2023-07-30 01:20:47 +08:00
Ryan Yin 8bef422482 fix: README 2023-07-30 00:58:52 +08:00
Ryan Yin 6247cecf0b fix: README 2023-07-30 00:56:02 +08:00
86 changed files with 3369 additions and 1040 deletions
Expand all files Collapse all files
.github/FUNDING.yml
+2
View File
@@ -0,0 +1,2 @@
patreon: ryan4yin
custom: ['https://buymeacoffee.com/ryan4yin', 'https://afdian.net/a/ryan4yin']
.github/workflows/mirror_to_gitee.yml
+29
View File
@@ -0,0 +1,29 @@
name: Mirror this repo to Gitee
on:
workflow_dispatch: {}
push: {}
jobs:
mirror:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Mirror repo to Gitee
id: mirror-to-gitee
shell: bash
env:
INPUT_SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY_GITEE_MIRROR }}
INPUT_TARGET_REPO_URL: git@gitee.com:ryan_yin/nix-config.git
run: |
set -eu
mkdir -p ~/.ssh
echo "$INPUT_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
export GIT_SSH_COMMAND="ssh -v -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no"
git remote add mirror "$INPUT_TARGET_REPO_URL"
git push --tags --force --prune mirror "refs/remotes/origin/*:refs/heads/*"
Makefile
+52 -27
View File
@@ -22,9 +22,14 @@ i3-debug:
hypr-debug:
nixos-rebuild switch --flake .#ai_hyprland --use-remote-sudo --show-trace --verbose
update:
up:
nix flake update
# Update specific input
# usage: make upp i=wallpapers
upp:
nix flake lock --update-input $(i)
history:
nix profile history --profile /nix/var/nix/profiles/system
@@ -35,11 +40,6 @@ gc:
# garbage collect all unused nix store entries
sudo nix store gc --debug
# adjust brightness(x11)
# usage: make bright b=0.9
bright:
xrandr --output DP-2 --brightness $(b)
############################################################################
#
# Darwin related commands, harmonica is my macbook pro's hostname
@@ -64,45 +64,70 @@ ha-debug: darwin-set-proxy
#
############################################################################
add-idols-ssh-key:
ssh-add ~/.ssh/ai-idols
aqua: add-idols-ssh-key
nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo
idols: add-idols-ssh-key
colmena apply --on '@dist-build'
aqua-debug: add-idols-ssh-key
nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo --show-trace --verbose
aqua:
colmena apply --on '@aqua'
ruby: add-idols-ssh-key
nixos-rebuild --flake .#ruby --target-host ruby --build-host ruby switch --use-remote-sudo
ruby:
colmena apply --on '@ruby'
ruby-debug: add-idols-ssh-key
nixos-rebuild --flake .#ruby --target-host ruby --build-host ruby switch --use-remote-sudo --show-trace --verbose
kana:
colmena apply --on '@kana'
kana: add-idols-ssh-key
nixos-rebuild --flake .#kana --target-host kana --build-host kana switch --use-remote-sudo
kana-debug: add-idols-ssh-key
nixos-rebuild --flake .#kana --target-host kana --build-host kana switch --use-remote-sudo --show-trace --verbose
idols: aqua ruby kana
idols-debug: aqua-debug ruby-debug kana-debug
idols-debug: add-idols-ssh-key
colmena apply --on '@dist-build' --verbose --show-trace
# only used once to setup the virtual machines
idols-image:
# take image for idols, and upload the image to proxmox nodes.
nom build .#aquamarine
scp result/vzdump-qemu-*.vma.zst root@gtr5:/var/lib/vz/dump
scp result root@gtr5:/var/lib/vz/dump/vzdump-qemu-aquamarine.vma.zst
nom build .#ruby
scp result/vzdump-qemu-*.vma.zst root@s500plus:/var/lib/vz/dump
scp result root@s500plus:/var/lib/vz/dump/vzdump-qemu-ruby.vma.zst
nom build .#kana
scp result/vzdump-qemu-*.vma.zst root@um560:/var/lib/vz/dump
scp result root@um560:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst
############################################################################
#
# RISC-V related commands
#
############################################################################
roll: add-idols-ssh-key
colmena apply --on '@riscv'
roll-debug: add-idols-ssh-key
colmena apply --on '@dist-build' --verbose --show-trace
nozomi:
colmena apply --on '@nozomi'
yukina:
colmena apply --on '@yukina'
############################################################################
#
# Aarch64 related commands
#
############################################################################
aarch:
colmena apply --on '@aarch'
suzu:
colmena apply --on '@suzu'
suzu-debug:
colmena apply --on '@suzu' --verbose --show-trace
############################################################################
#
# Misc, other useful commands
README.md
+37 -28
View File
@@ -31,10 +31,10 @@ Nix allows for easy-to-manage, collaborative, reproducible deployments. This mea
| **Window Manager** | [Hyprland][Hyprland] | [i3][i3] |
| **Terminal Emulator** | [Kitty][Kitty] | [Kitty][Kitty] |
| **Bar** | [Waybar][Waybar] | [i3block][i3block] |
| **Application Launcher** | [wofi][wofi] | [rofi][rofi] |
| **Application Launcher** | [anyrun][anyrun] | [rofi][rofi] |
| **Notification Daemon** | [Mako][Mako] | [Dunst][Dunst] |
| **Display Manager** | [GDM][GDM] | [GDM][GDM] |
| \***\*Color Scheme\*\*** | [Catppuccin][Catppuccin] | [Catppuccin][Catppuccin] |
| **Color Scheme** | [Catppuccin][Catppuccin] | [Catppuccin][Catppuccin] |
| **network management tool** | [NetworkManager][NetworkManager] | [NetworkManager][NetworkManager] |
| **Input method framework** | [Fcitx5][Fcitx5] | [Fcitx5][Fcitx5] |
| **System resource monitor** | [Btop][Btop] | [Btop][Btop] |
@@ -44,7 +44,7 @@ Nix allows for easy-to-manage, collaborative, reproducible deployments. This mea
| **Media Player** | [mpv][mpv] | [mpv][mpv] |
| **Text Editor** | [Neovim][Neovim] | [Neovim][Neovim] |
| **Fonts** | [Nerd fonts][Nerd fonts] | [Nerd fonts][Nerd fonts] |
| **Image Viewer** | [imv][imv] | [feh][feh] |
| **Image Viewer** | [imv][imv] | [imv][imv] |
| **Screenshot Software** | [grim][grim] | [flameshot](https://github.com/flameshot-org/flameshot) |
| **Screen Recording** | [OBS][OBS] | [OBS][OBS] |
@@ -61,17 +61,36 @@ Wallpapers: https://github.com/ryan4yin/wallpapers
![](./_img/i3_2023-07-29_1.webp)
![](./_img/i3_2023-07-29_2.webp)
## Neovim
See [./home/base/desktop/neovim](./home/base/desktop/neovim) for details.
## Hosts
See [./hosts](./hosts) for details.
## Secrets Management
See [./secrets](./secrets) for details.
## How to Deploy this Flake?
> :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine:exclamation: It will not succeed.** this flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols/ai/hardware-configuration.nix)) which is not suitable for your hardware, and my private secrets repository [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) that only I have access to. You may use this repo as a reference to build your own configuration.
> :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine:exclamation: It will not succeed.** this flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols/ai/hardware-configuration.nix), [cifs-mount.nix](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols/ai/cifs-mount.nix), [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols/ai/default.nix#L77-L91), etc.) which is not suitable for your hardware, and my private secrets repository [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) that only I have access to. You may use this repo as a reference to build your own configuration.
After installing NixOS with `nix-command` & `flake` enabled, follow the steps below to deploy this flake.
For MacOS:
For NixOS, use the following commands:
```bash
# deploy the darwin configuration(harmonicia)
make ha
# deploy with details
make ha-debug
```
For NixOS:
> Need to restart the machine when switching between `wayland` and `xorg`.
```bash
# deploy one of the configuration based on the hostname
@@ -87,15 +106,7 @@ make i3-debug
# make hypr-debug
```
For MacOS, use the following commands:
```bash
# deploy the darwin configuration(harmonicia)
make ha
# deploy with details
make ha-debug
```
To deploy this flake from NixOS's official ISO image(purest installation method), please refer to [ryan4yin/nix-config/nixos-install](https://github.com/ryan4yin/nix-config/tree/nixos-install)
## Install Apps from Flatpak
@@ -137,15 +148,12 @@ Once the virtual machine `aquamarine` is created, we can deploy updates to it wi
# 1. add the ssh key to ssh-agent
ssh-add ~/.ssh/ai-idols
# 2. deploy the configuration to the remote host, using the ssh key we added in step 1
# and the username defaults to `$USER`, it's `ryan` in my case.
nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo --verbose
# or we can replace the command above with the following command, which is defined in Makefile
make aqua
# 2. deploy the configuration to all the remote host with tag `@dist-build`
# using the ssh key we added in step 1
colmena apply --on '@dist-build' --show-trace
```
The commands above will build & deploy the configuration to `aquamarine`, the build process will be executed on `aquamarine` too, and the `--use-remote-sudo` option indicates that we will use `sudo` on the remote host.
If you're not familiar with remote deployment, please read this tutorial first: [Remote Deployment - NixOS & Flakes Book](https://nixos-and-flakes.thiscute.world/best-practices/remote-deployment)
## References
@@ -157,14 +165,16 @@ Other dotfiles that inspired me:
- [xddxdd/nixos-config](https://github.com/xddxdd/nixos-config)
- [bobbbay/dotfiles](https://github.com/bobbbay/dotfiles)
- [gytis-ivaskevicius/nixfiles](https://github.com/gytis-ivaskevicius/nixfiles)
- [fufexan/dotfiles](https://github.com/fufexan/dotfiles)
- [davidtwco/veritas](https://github.com/davidtwco/veritas)
- [gvolpe/nix-config](https://github.com/gvolpe/nix-config)
- [Ruixi-rebirth/flakes](https://github.com/Ruixi-rebirth/flakes)
- Hyprland
- [HeinzDev/Hyprland-dotfiles](https://github.com/HeinzDev/Hyprland-dotfiles)
- [notwidow/hyprland](https://github.com/notwidow/hyprland)
- [fufexan/dotfiles](https://github.com/fufexan/dotfiles): gtk theme, xdg, git, media, anyrun, etc.
- Hyprland(wayland)
- [notwidow/hyprland](https://github.com/notwidow/hyprland): This is where I start my hyprland journey.
- [HeinzDev/Hyprland-dotfiles](https://github.com/HeinzDev/Hyprland-dotfiles): Refer to the waybar configuration here.
- [linuxmobile/kaku](https://github.com/linuxmobile/kaku)
- I3 Window Manager
- [endeavouros-i3wm-setup](https://github.com/endeavouros-team/endeavouros-i3wm-setup): I started using i3 here, and my i3 configuration is also based on it, but made a lot of changes.
- [denisse-dev/dotfiles](https://github.com/denisse-dev/dotfiles)
- Neovim/AstroNvim
- [maxbrunet/dotfiles](https://github.com/maxbrunet/dotfiles): astronvim with nix flakes.
@@ -179,7 +189,7 @@ Other dotfiles that inspired me:
[Waybar]: https://github.com/Alexays/Waybar
[i3block]: https://github.com/vivien/i3blocks
[rofi]: https://github.com/davatorium/rofi
[wofi]: https://hg.sr.ht/~scoopta/wofi
[anyrun]: https://github.com/Kirottu/anyrun
[Dunst]: https://github.com/dunst-project/dunst
[Fcitx5]: https://github.com/fcitx/fcitx5
[Btop]: https://github.com/aristocratos/btop
@@ -188,7 +198,6 @@ Other dotfiles that inspired me:
[AstroNvim]: https://github.com/AstroNvim/AstroNvim
[flameshot]: https://github.com/flameshot-org/flameshot
[grim]: https://github.com/emersion/grim
[feh]: https://github.com/derf/feh
[imv]: https://sr.ht/~exec64/imv/
[OBS]: https://obsproject.com
[Mako]: https://github.com/emersion/mako
_img/12kingdoms-1.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 47 KiB

_img/12kingdoms-Youko-Rakushun.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

_img/nixos-riscv-cluster.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 362 KiB

_img/rolling_girls.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 350 KiB

flake.lock
Generated
+585 -94
View File
File diff suppressed because it is too large Load Diff
flake.nix
+239 -80
View File
@@ -20,6 +20,8 @@
nix-darwin,
home-manager,
nixos-generators,
nixos-licheepi4a,
nixos-rk3588,
...
}: let
username = "ryan";
@@ -28,78 +30,187 @@
x64_system = "x86_64-linux";
x64_darwin = "x86_64-darwin";
allSystems = [x64_system x64_darwin];
riscv64_system = "riscv64-linux";
aarch64_system = "aarch64-linux";
allSystems = [x64_system x64_darwin riscv64_system aarch64_system];
nixosSystem = import ./lib/nixosSystem.nix;
macosSystem = import ./lib/macosSystem.nix;
colmenaSystem = import ./lib/colmenaSystem.nix;
# 星野 アイ, Hoshino Ai
idol_ai_modules_i3 = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/i3.nix
];
home-module = import ./home/linux/desktop-i3.nix;
};
idol_ai_modules_hyprland = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/hyprland.nix
];
home-module = import ./home/linux/desktop-hyprland.nix;
};
# 星野 愛久愛海, Hoshino Akuamarin
idol_aquamarine_modules = {
nixos-modules = [
./hosts/idols/aquamarine
];
home-module = import ./home/linux/server.nix;
};
idol_aquamarine_tags = ["dist-build" "aqua"];
# 星野 瑠美衣, Hoshino Rubii
idol_ruby_modules = {
nixos-modules = [
./hosts/idols/ruby
];
home-module = import ./home/linux/server.nix;
};
idol_ruby_tags = ["dist-build" "ruby"];
# 有馬 かな, Arima Kana
idol_kana_modules = {
nixos-modules = [
./hosts/idols/kana
];
home-module = import ./home/linux/server.nix;
};
idol_kana_tags = ["dist-build" "kana"];
# 森友 望未, Moritomo Nozomi
rolling_nozomi_modules = {
nixos-modules = [
./hosts/rolling_girls/nozomi
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_nozomi_tags = ["riscv" "nozomi"];
# 小坂 結季奈, Kosaka Yukina
rolling_yukina_modules = {
nixos-modules = [
./hosts/rolling_girls/yukina
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_yukina_tags = ["riscv" "yukina"];
# 大木 鈴, Ōki Suzu
_12kingdoms_suzu_modules = {
nixos-modules = [
./hosts/12kingdoms/suzu
];
# home-module = import ./home/linux/server.nix;
};
_12kingdoms_suzu_tags = ["aarch" "suzu"];
x64_specialArgs =
{
inherit username userfullname useremail;
# use unstable branch for some packages to get the latest updates
pkgs-unstable = import nixpkgs-unstable {
system = x64_system; # refer the `system` parameter form outer scope recursively
# To use chrome, we need to allow the installation of non-free software
config.allowUnfree = true;
};
}
// inputs;
in {
nixosConfigurations = let
# 星野 アイ, Hoshino Ai
idol_ai_modules_i3 = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/i3.nix
];
home-module = import ./home/linux/desktop-i3.nix;
};
idol_ai_modules_hyprland = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/hyprland.nix
];
home-module = import ./home/linux/desktop-hyprland.nix;
};
# 星野 愛久愛海, Hoshino Akuamarin
idol_aquamarine_modules = {
nixos-modules = [
./hosts/idols/aquamarine
];
home-module = import ./home/linux/server.nix;
};
# 星野 瑠美衣, Hoshino Rubii
idol_ruby_modules = {
nixos-modules = [
./hosts/idols/ruby
];
home-module = import ./home/linux/server.nix;
};
# 有馬 かな, Arima Kana
idol_kana_modules = {
nixos-modules = [
./hosts/idols/kana
];
home-module = import ./home/linux/server.nix;
};
system = x64_system;
specialArgs =
{
inherit username userfullname useremail;
# use unstable branch for some packages to get the latest updates
pkgs-unstable = import nixpkgs-unstable {
system = x64_system; # refer the `system` parameter form outer scope recursively
# To use chrome, we need to allow the installation of non-free software
config.allowUnfree = true;
};
}
// inputs;
base_args = {
inherit home-manager nixos-generators system specialArgs;
inherit home-manager nixos-generators;
nixpkgs = nixpkgs; # or nixpkgs-unstable
system = x64_system;
specialArgs = x64_specialArgs;
};
stable_args = base_args // {inherit nixpkgs;};
unstable_args = base_args // {nixpkgs = nixpkgs-unstable;};
in {
# ai with i3 window manager
ai_i3 = nixosSystem (idol_ai_modules_i3 // stable_args);
ai_i3 = nixosSystem (idol_ai_modules_i3 // base_args);
# ai with hyprland compositor
ai_hyprland = nixosSystem (idol_ai_modules_hyprland // stable_args);
ai_hyprland = nixosSystem (idol_ai_modules_hyprland // base_args);
aquamarine = nixosSystem (idol_aquamarine_modules // stable_args);
ruby = nixosSystem (idol_ruby_modules // stable_args);
kana = nixosSystem (idol_kana_modules // stable_args);
# three virtual machines without desktop environment.
aquamarine = nixosSystem (idol_aquamarine_modules // base_args);
ruby = nixosSystem (idol_ruby_modules // base_args);
kana = nixosSystem (idol_kana_modules // base_args);
};
# colmena - remote deployment via SSH
colmena = let
# x86_64 related
x64_base_args = {
inherit home-manager;
nixpkgs = nixpkgs; # or nixpkgs-unstable
specialArgs = x64_specialArgs;
};
# riscv64 related
# using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache.
lpi4a_pkgs = import nixos-licheepi4a.inputs.nixpkgs {system = x64_system;};
lpi4a_specialArgs =
{
inherit username userfullname useremail;
pkgsKernel = nixos-licheepi4a.packages.${x64_system}.pkgsKernelCross;
}
// inputs;
lpi4a_base_args = {
inherit home-manager;
nixpkgs = nixos-licheepi4a.inputs.nixpkgs; # or nixpkgs-unstable
specialArgs = lpi4a_specialArgs;
targetUser = "root";
};
# aarch64 related
# using the same nixpkgs as nixos-rk3588 to utilize the cross-compilation cache.
rk3588_pkgs = import nixos-rk3588.inputs.nixpkgs {system = x64_system;};
rk3588_specialArgs =
{
inherit username userfullname useremail;
}
// nixos-rk3588.inputs;
rk3588_base_args = {
inherit home-manager;
nixpkgs = nixos-rk3588.inputs.nixpkgs; # or nixpkgs-unstable
specialArgs = rk3588_specialArgs;
targetUser = "root";
};
in {
meta = {
nixpkgs = import nixpkgs {system = x64_system;};
specialArgs = x64_specialArgs;
nodeSpecialArgs = {
# riscv64 SBCs
nozomi = lpi4a_specialArgs;
yukina = lpi4a_specialArgs;
# aarch64 SBCs
suzu = rk3588_specialArgs;
};
nodeNixpkgs = {
nozomi = lpi4a_pkgs;
yukina = lpi4a_pkgs;
# aarch64 SBCs
suzu = rk3588_pkgs;
};
};
# proxmox virtual machines(x86_64)
aquamarine = colmenaSystem (idol_aquamarine_modules // x64_base_args // {host_tags = idol_aquamarine_tags;});
ruby = colmenaSystem (idol_ruby_modules // x64_base_args // {host_tags = idol_ruby_tags;});
kana = colmenaSystem (idol_kana_modules // x64_base_args // {host_tags = idol_kana_tags;});
# riscv64 SBCs
nozomi = colmenaSystem (rolling_nozomi_modules // lpi4a_base_args // {host_tags = rolling_nozomi_tags;});
yukina = colmenaSystem (rolling_yukina_modules // lpi4a_base_args // {host_tags = rolling_yukina_tags;});
# aarch64 SBCs
suzu = colmenaSystem (_12kingdoms_suzu_modules // rk3588_base_args // {host_tags = _12kingdoms_suzu_tags;});
};
# take system images for idols
@@ -110,6 +221,7 @@
"ai_i3"
"ai_hyprland"
] (
# generate iso image for hosts with desktop environment
host:
self.nixosConfigurations.${host}.config.formats.iso
)
@@ -118,6 +230,7 @@
"ruby"
"kana"
] (
# generate proxmox image for virtual machines without desktop environment
host:
self.nixosConfigurations.${host}.config.formats.proxmox
);
@@ -137,15 +250,16 @@
}
// inputs;
base_args = {
inherit nix-darwin home-manager system specialArgs;
inherit nix-darwin home-manager system specialArgs nixpkgs;
};
in {
harmonica = macosSystem (base_args // {
darwin-modules = [
./hosts/harmonica
];
home-module = import ./home/darwin;
});
harmonica = macosSystem (base_args
// {
darwin-modules = [
./hosts/harmonica
];
home-module = import ./home/darwin;
});
};
# format the nix code in this flake
@@ -156,7 +270,6 @@
);
};
# This is the standard format for flake.nix. `inputs` are the dependencies of the flake,
# Each item in `inputs` will be passed as a parameter to the `outputs` function after being pulled and built.
inputs = {
@@ -164,11 +277,12 @@
# which represents the GitHub repository URL + branch/commit-id/tag.
# Official NixOS package source, using nixos's stable branch by default
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
# nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# for macos
nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-23.05-darwin";
nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-23.11-darwin";
nix-darwin = {
url = "github:lnl7/nix-darwin";
inputs.nixpkgs.follows = "nixpkgs-darwin";
@@ -176,17 +290,31 @@
# home-manager, used for managing user configuration
home-manager = {
url = "github:nix-community/home-manager/release-23.05";
url = "github:nix-community/home-manager/release-23.11";
# url = "github:nix-community/home-manager/master";
# The `follows` keyword in inputs is used for inheritance.
# Here, `inputs.nixpkgs` of home-manager is kept consistent with the `inputs.nixpkgs` of the current flake,
# to avoid problems caused by different versions of nixpkgs dependencies.
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.3.0";
inputs.nixpkgs.follows = "nixpkgs";
};
impermanence.url = "github:nix-community/impermanence";
# modern window compositor
hyprland.url = "github:hyprwm/Hyprland/v0.27.2";
hyprland.url = "github:hyprwm/Hyprland/v0.32.3";
# community wayland nixpkgs
nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
# anyrun - a wayland launcher
anyrun = {
url = "github:Kirottu/anyrun";
inputs.nixpkgs.follows = "nixpkgs";
};
# generate iso/qcow2/docker/... image from nixos configuration
nixos-generators = {
@@ -197,18 +325,22 @@
# secrets management, lock with git commit at 2023/7/15
agenix.url = "github:ryantm/agenix/0d8c5325fc81daf00532e3e26c6752f7bcde1143";
######################## Some non-flake repositories #########################################
# AstroNvim is an aesthetic and feature-rich neovim config.
astronvim = {
url = "github:AstroNvim/AstroNvim/v3.34.0";
url = "github:AstroNvim/AstroNvim/v3.37.12";
flake = false;
};
# useful nushell scripts, such as auto_completion
nushell-scripts = {
url = "github:nushell/nu_scripts";
url = "github:nushell/nu_scripts/main";
flake = false;
};
######################## My own repositories #########################################
# my private secrets, it's a private repository, you need to replace it with your own.
# use ssh protocol to authenticate via ssh-agent/ssh-key, and shallow clone to save time
mysecrets = {
@@ -222,6 +354,20 @@
flake = false;
};
nur-ryan4yin = {
url = "github:ryan4yin/nur-packages";
# inputs.nixpkgs.follows = "nixpkgs";
};
# riscv64 SBCs
nixos-licheepi4a.url = "github:ryan4yin/nixos-licheepi4a";
# nixos-jh7110.url = "github:ryan4yin/nixos-jh7110";
# aarch64 SBCs
nixos-rk3588.url = "github:ryan4yin/nixos-rk3588";
######################## Color Schemes #########################################
# color scheme - catppuccin
catppuccin-btop = {
url = "github:catppuccin/btop";
@@ -255,16 +401,26 @@
url = "github:catppuccin/cava";
flake = false;
};
cattppuccin-k9s = {
url = "github:catppuccin/k9s";
flake = false;
};
};
# the nixConfig here only affects the flake itself, not the system configuration!
nixConfig = {
experimental-features = ["nix-command" "flakes"];
substituters = [
# replace official cache with a mirror located in China
"https://mirrors.ustc.edu.cn/nix-channels/store"
# cache mirror located in China
# status: https://mirror.sjtu.edu.cn/
"https://mirror.sjtu.edu.cn/nix-channels/store"
# status: https://mirrors.ustc.edu.cn/status/
# "https://mirrors.ustc.edu.cn/nix-channels/store"
# my own cache server
"https://ryan4yin.cachix.org"
"https://anyrun.cachix.org"
"https://hyprland.cachix.org"
"https://cache.nixos.org"
];
@@ -274,9 +430,12 @@
"https://nixpkgs-wayland.cachix.org"
];
extra-trusted-public-keys = [
"ryan4yin.cachix.org-1:Gbk27ZU5AYpGS9i3ssoLlwdvMIh0NxG0w8it/cv9kbU="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
};
}
home/base/desktop/cloud/default.nix
+23
View File
@@ -0,0 +1,23 @@
{
pkgs,
...
}: {
home.packages = with pkgs; [
# general tools
pulumi
pulumictl
# istioctl
# aws
awscli2
aws-iam-authenticator
eksctl
istioctl
# aliyun
aliyun-cli
];
programs = {
};
}
home/base/desktop/container/container.nix
+14
View File
@@ -0,0 +1,14 @@
{
pkgs,
pkgs-unstable,
...
}: {
home.packages = with pkgs; [
skopeo
docker-compose
dive # explore docker layers
];
programs = {
};
}
home/base/desktop/container/default.nix
+6
View File
@@ -0,0 +1,6 @@
{ ... }: {
imports = [
./container.nix
./kubernetes.nix
];
}
home/base/desktop/container/kubernetes.nix
+31
View File
@@ -0,0 +1,31 @@
{
pkgs,
pkgs-unstable,
cattppuccin-k9s,
...
}: {
home.packages = with pkgs; [
kubectl
kubernetes-helm
];
programs = {
k9s = {
enable = true;
skin =
let
skin_file = "${cattppuccin-k9s}/dist/mocha.yml"; # theme - cattppuccin mocha
skin_attr = builtins.fromJSON (builtins.readFile
# replace 'base: &base "#1e1e2e"' with 'base: &base "default"'
# to make fg/bg color transparent. "default" means transparent in k9s skin.
(pkgs.runCommandNoCC "get-skin-json" {} ''
cat ${skin_file} \
| sed -E 's@(base: &base ).+@\1 "default"@g' \
| ${pkgs.yj}/bin/yj > $out
'')
);
in
skin_attr;
};
};
}
home/base/desktop/default.nix
+3 -2
View File
@@ -2,12 +2,13 @@
imports = [
../server
./cloud
./container
./neovim
./terminal
./alacritty.nix
./development.nix
./helix.nix
./kitty.nix
./media.nix
./shell.nix
];
home/base/desktop/development.nix
+6 -20
View File
@@ -16,26 +16,12 @@
home.packages = with pkgs; [
pkgs-unstable.devbox
# cloud native
skopeo
docker-compose
dive # explore docker layers
kubectl
kubernetes-helm
terraform
# terraformer # generate terraform configs from existing cloud resources
pulumi
pulumictl
k9s
# istioctl
# cloud provider
awscli2
aws-iam-authenticator
eksctl
# DO NOT install build tools for C/C++, set it per project by devShell instead
# DO NOT install build tools for C/C++ and others, set it per project by devShell instead
gnumake # used by this repo, to simplify the deployment
jdk17 # used to run some java based tools(.jar)
# scheme related
guile
# python
(python311.withPackages (ps:
@@ -58,8 +44,8 @@
minicom
# other tools
bfg-repo-cleaner # remove large files from git history
k6 # load testing tool
mitmproxy # http/https proxy tool
protobuf # protocol buffer compiler
];
home/base/desktop/neovim/README.md
+222 -1
View File
@@ -1,7 +1,228 @@
# AstroNvim
# AstroNvim Configuration and Shortcuts
My Neovim config based on [AstroNvim](https://github.com/AstroNvim/AstroNvim).
For more details, visit the [AstroNvim website](https://astronvim.com/).
This document outlines neovim's configuration structure and various shortcuts/commands for efficient usage.
## Configuration Structure
| Description | Standard Location | My Location |
| ------------------------------------------------- | ------------------------------------------- | ------------------------------------------------------------------------- |
| Neovim's config | `~/.config/nvim` | AstroNvim's github repository, referenced as a flake input in this flake. |
| AstroNvim's user configuration | `$XDG_CONFIG_HOME/astronvim/lua/user` | [./astronvim_user/](./astronvim_user/) |
| Plugins installation directory (lazy.nvim) | `~/.local/share/nvim/` | The same as standard location, generated and managed by lazy.nvim. |
| LSP servers, DAP servers, linters, and formatters | `~/.local/share/nvim/mason/`(by mason.nvim) | [./default.nix](./default.nix), installed by nix. |
## Update/Clean Plugins
Note that lazy.nvim will not automatically update plugins, so you need to update them manually.
```bash
:Lazy update
```
Remove all unused plugins:
```bash
:Lazy clean
```
## Screenshots
![](/_img/astronvim_2023-07-13_00-39.webp)
![](/_img/hyprland_2023-07-29_2.webp)
## Visual Modes
| Action | Shortcut |
| ------------------------ | ---------------------------------------- |
| Toggle visual mode | `v` |
| Toggle visual block mode | `<Ctrl> + v` (select a block vertically) |
## Incremental Selection
Provided by nvim-treesitter.
| Action | Shortcut |
| ----------------- | -------------- |
| init selection | `<Ctrl-space>` |
| node incremental | `<Ctrl-space>` |
| scope incremental | `<Alt-Space>` |
| node decremental | `Backspace` |
## Search and Jump
Provided by [flash.nvim](https://github.com/folke/flash.nvim), it's a intelligent search and jump plugin.
1. It enhaces the default search and jump behavior of neovim.(search with prefix `/`)
| Action | Shortcut |
| ----------------- | ------------------------------------------------------------------------------------------------------------- |
| Search | `/`(normal search), `s`(disable all code highlight, only highlight matches) |
| Treesitter Search | `yR`,`dR`, `cR`, `vR`, `ctrl+v+R`(arround your matches, all the surrounding Treesitter nodes will be labeled) |
| Remote Flash | `yr`, `dr`, `cr`, (arround your matches, all the surrounding Treesitter nodes will be labeled) |
## Text Manipulation
- Add at the end of multiple lines: `:normal A<text>`
- Execublock: `:A<text>`
- visual block mode(ctrl + v)
- Append text at the end of each line in the selected block
- If position exceeds line end, neovim adds spaces automatically
- Delete the last char of multivle lines: `:normal $x`
- Execute `$x` on each line
- visual mode(v)
- `$` moves cursor to the end of line
- `x` deletes the character under the cursor
- Delete the last word of multiple lines: `:normal $bD`
- Execute `$bD` on each line
- visual mode(v)
- `$` moves cursor to the end of line
- `b` moves cursor to the beginning of the last word
- `D` deletes from cursor to the end of line
## Commands & Shortcuts
| Action | Shortcut |
| ----------------------------- | -------------- |
| Learn Neovim's Basics | `:Tutor` |
| Open file explorer | `<Space> + e` |
| Focus Neotree to current file | `<Space> + o` |
| Floating Terminal | `<Space> + tf` |
| Horizontal Split Terminal | `<Space> + th` |
| Vertical Split Terminal | `<Space> + tv` |
| Open IPython REPL | `<Space> + tp` |
| Toggle line wrap | `<Space> + uw` |
| Show line diagnostics | `gl` |
| Show function/variable info | `K` |
| Go to definition | `gd` |
| References of a symbol | `gr` |
## Window Navigation
- Switch between windows: `<Ctrl> + h/j/k/l`
- Resize windows: `<Ctrl> + Up/Down/Left/Right`
- Note: On macOS, conflicts with system shortcuts
- Disable in System Preferences -> Keyboard -> Shortcuts -> Mission Control
## Splitting and Buffers
| Action | Shortcut |
| --------------------- | ------------- |
| Horizontal Split | `\` |
| Vertical Split | `\|` |
| Next Buffer (Tab) | `]b` |
| Previous Buffer (Tab) | `[b` |
| Close Buffer | `<Space> + c` |
## Editing and Formatting
| Action | Shortcut |
| ----------------------------------------------------- | -------------- |
| Toggle buffer auto formatting | `<Space> + uf` |
| Format Document | `<Space> + lf` |
| Code Actions | `<Space> + la` |
| Rename | `<Space> + lr` |
| Opening LSP symbols | `<Space> + lS` |
| Comment Line(support multiple lines) | `<Space> + /` |
| Open filepath/URL at cursor(neovim's builtin command) | `gx` |
| Find files by name (fzf) | `<Space> + ff` |
| Grep string in files (ripgrep) | `<Space> + fw` |
## Sessions
| Action | Shortcut |
| ------------------------------ | -------------- |
| Save Session | `<Space> + Ss` |
| Last Session | `<Space> + Sl` |
| Delete Session | `<Space> + Sd` |
| Search Session | `<Space> + Sf` |
| Load Current Directory Session | `<Space> + S.` |
## Debugging
Press `<Space> + D` to view available bindings and options.
## Find and Replace
| Action | Command |
| ------------------------ | ----------------------------------- |
| Replace in selected area | `:s/old/new/g` |
| Replace in current line | Same as above |
| Replace in whole file | `:% s/old/new/g` |
| Replace with regex | `:% s@\vhttp://(\w+)@https://\1@gc` |
1. `\v` means means that in the regex pattern after it can be used without backslash escaping(similar to python's raw string).
2. `\1` means the first matched group in the pattern.
## Replace in the specific lines
| Action | Command |
| ----------------------------------------- | -------------------------------------- |
| From the 10th line to the end of the file | `:10,$ s/old/new/g` or `:10,$ s@^@#@g` |
| From the 10th line to the 20th line | `:10,20 s/old/new/g` |
The postfix(flags) in the above commands:
1. `g` means replace all the matched strings in the current line/file.
2. `c` means ask for confirmation before replacing.
3. `i` means ignore case.
## Search and Replace Globally
| Description | Shortcut |
| ------------------------------------------------------------ | ---------------------------------------------------------------- |
| Open spectre.nvim search and replace panel | `<Space> + ss` |
| Search and replace in command line(need install `sad` first) | `find -name "*.nix" \| sad '<pattern>' '<replacement>' \| delta` |
## Surrounding Characters
Provided by mini.surround plugin.
- Prefix `gz`
| Action | Shortcut | Description |
| ------------------------------ | -------- | ----------------------------------------------- |
| Add surrounding characters | `gzaiw'` | Add `'` around the word under cursor |
| Delete surrounding characters | `gzd'` | Delete `'` around the word under cursor |
| Replace surrounding characters | `gzr'"` | Replace `'` by `"` around the word under cursor |
| Highlight surrounding | `gzh'` | Highlight `'` around the word under cursor |
## Text Manipulation
| Action | |
| -------------------------------------- | ------------- |
| Join Selection of Lines With Space | `:join` |
| Join without spaces | `:join!` |
| Join with LSP intelligence(treesj) | `<Space> + j` |
| Split Line into Multiple Lines(treesj) | `<Space> + s` |
## Convert Text Case
| Action | |
| -------------------- | --- |
| Toggle text's case | `~` |
| Convert to uppercase | `U` |
| Convert to lowercase | `u` |
## Miscellaneous
| Action | |
| ---------------------------- | -------------------------------------------- |
| Save selected text to a file | `:w filename` (Will show `:'<,'>w filename`) |
| Show all Yank History | `:<Space> + yh` |
| Show undo history | `:<Space> + uh` |
## Additional Resources
For more detailed information and advanced usage, refer to:
1. [AstroNvim walkthrough](https://astronvim.com/Basic%20Usage/walkthrough)
2. [./astronvim_user/mapping.lua](./astronvim_user/mappings.lua)
3. All the plugins' documentations
home/base/desktop/neovim/astronvim_user/init.lua
+156 -24
View File
@@ -35,7 +35,6 @@ return {
{ import = "astrocommunity.pack.vue" },
---- Configuration Language
{ import = "astrocommunity.pack.markdown" },
{ import = "astrocommunity.markdown-and-latex.glow-nvim" },
{ import = "astrocommunity.pack.json" },
{ import = "astrocommunity.pack.yaml" },
{ import = "astrocommunity.pack.toml" },
@@ -53,6 +52,14 @@ return {
{ import = "astrocommunity.pack.cmake" },
{ import = "astrocommunity.pack.cpp" },
{ import = "astrocommunity.pack.docker" },
-- Motion
{ import = "astrocommunity.motion.mini-surround" },
-- https://github.com/echasnovski/mini.ai
{ import = "astrocommunity.motion.mini-ai" },
{ import = "astrocommunity.motion.flash-nvim" },
{ "folke/flash.nvim", vscode = false },
-- Lua implementation of CamelCaseMotion, with extra consideration of punctuation.
{ import = "astrocommunity.motion.nvim-spider" },
-- AI Assistant
{ import = "astrocommunity.completion.copilot-lua-cmp" },
-- Custom copilot-lua to enable filtypes: markdown
@@ -66,24 +73,79 @@ return {
end,
},
---- Nushell
-- markdown preview
{
"LhKipp/nvim-nu",
'0x00-ketsu/markdown-preview.nvim',
ft = {'md', 'markdown', 'mkd', 'mkdn', 'mdwn', 'mdown', 'mdtxt', 'mdtext', 'rmd', 'wiki'},
config = function()
require'nu'.setup({
use_lsp_features = true, -- requires https://github.com/jose-elias-alvarez/null-ls.nvim
-- lsp_feature: all_cmd_names is the source for the cmd name completion.
-- It can be
-- * a string, which is interpreted as a shell command and the returned list is the source for completions (requires plenary.nvim)
-- * a list, which is the direct source for completions (e.G. all_cmd_names = {"echo", "to csv", ...})
-- * a function, returning a list of strings and the return value is used as the source for completions
all_cmd_names = [[nu -c 'help commands | get name | str join "\n"']]
})
require('markdown-preview').setup {
-- your configuration comes here
-- or leave it empty to use the default settings
-- refer to the setup section below
}
end,
},
-- clipboard manager
{
"gbprod/yanky.nvim",
opts = function()
local mapping = require "yanky.telescope.mapping"
local mappings = mapping.get_defaults()
mappings.i["<c-p>"] = nil
return {
highlight = { timer = 200 },
picker = {
telescope = {
use_default_mappings = false,
mappings = mappings,
},
},
}
end,
keys = {
{ "y", "<Plug>(YankyYank)", mode = { "n", "x" }, desc = "Yank text" },
{ "p", "<Plug>(YankyPutAfter)", mode = { "n", "x" }, desc = "Put yanked text after cursor" },
{ "P", "<Plug>(YankyPutBefore)", mode = { "n", "x" }, desc = "Put yanked text before cursor" },
{ "gp", "<Plug>(YankyGPutAfter)", mode = { "n", "x" }, desc = "Put yanked text after selection" },
{ "gP", "<Plug>(YankyGPutBefore)", mode = { "n", "x" }, desc = "Put yanked text before selection" },
{ "[y", "<Plug>(YankyCycleForward)", desc = "Cycle forward through yank history" },
{ "]y", "<Plug>(YankyCycleBackward)", desc = "Cycle backward through yank history" },
{ "]p", "<Plug>(YankyPutIndentAfterLinewise)", desc = "Put indented after cursor (linewise)" },
{ "[p", "<Plug>(YankyPutIndentBeforeLinewise)", desc = "Put indented before cursor (linewise)" },
{ "]P", "<Plug>(YankyPutIndentAfterLinewise)", desc = "Put indented after cursor (linewise)" },
{ "[P", "<Plug>(YankyPutIndentBeforeLinewise)", desc = "Put indented before cursor (linewise)" },
{ ">p", "<Plug>(YankyPutIndentAfterShiftRight)", desc = "Put and indent right" },
{ "<p", "<Plug>(YankyPutIndentAfterShiftLeft)", desc = "Put and indent left" },
{ ">P", "<Plug>(YankyPutIndentBeforeShiftRight)", desc = "Put before and indent right" },
{ "<P", "<Plug>(YankyPutIndentBeforeShiftLeft)", desc = "Put before and indent left" },
{ "=p", "<Plug>(YankyPutAfterFilter)", desc = "Put after applying a filter" },
{ "=P", "<Plug>(YankyPutBeforeFilter)", desc = "Put before applying a filter" },
},
},
-- Enhanced matchparen.vim plugin for Neovim to highlight the outer pair.
{
"utilyre/sentiment.nvim",
version = "*",
event = "VeryLazy", -- keep for lazy loading
opts = {
-- config
},
init = function()
-- `matchparen.vim` needs to be disabled manually in case of lazy loading
vim.g.loaded_matchparen = 1
end,
},
-- joining blocks of code into oneline, or splitting one line into multiple lines.
{
'Wansmer/treesj',
keys = { '<space>m', '<space>j', '<space>s' },
dependencies = { 'nvim-treesitter/nvim-treesitter' },
config = function()
require('treesj').setup({--[[ your config ]]})
end,
dependencies = {
{"nvim-treesitter/nvim-treesitter"},
{ "jose-elias-alvarez/null-ls.nvim"},
}
},
-- File explorer(Custom configs)
@@ -99,8 +161,7 @@ return {
},
}
},
-- The plugin offers the `:Refactor` command to refactor code.
-- TODO not work yet
-- The plugin offers the alibity to refactor code.
{
"ThePrimeagen/refactoring.nvim",
dependencies = {
@@ -108,20 +169,33 @@ return {
{"nvim-treesitter/nvim-treesitter"}
}
},
-- The plugin offers the `:Spectre` command to search and replace.
-- TODO not work yet
-- The plugin offers the abilibty to search and replace.
{
"nvim-pack/nvim-spectre",
dependencies = {
{"nvim-lua/plenary.nvim"},
}
},
-- full signature help, docs and completion for the nvim lua API.
{ "folke/neodev.nvim", opts = {} },
{ "RRethy/vim-illuminate", config = function() end },
-- Language Parser for syntax highlighting / indentation / folding / Incremental selection
{
"nvim-treesitter/nvim-treesitter",
opts = function(_, opts)
local utils = require "astronvim.utils";
opts.indent.enable = false;
opts.incremental_selection = {
enable = true,
keymaps = {
init_selection = "<C-space>", -- Ctrl + Space
node_incremental = "<C-space>",
scope_incremental = "<A-space>", -- Alt + Space
node_decremental = "<bs>", -- Backspace
},
}
opts.ensure_installed = utils.list_insert_unique(opts.ensure_installed, {
-- neovim
"vim",
@@ -137,6 +211,17 @@ return {
end,
},
-- implementation/definition preview
{
'rmagatti/goto-preview',
config = function()
require('goto-preview').setup {}
end
},
-- Undo tree
{ "debugloop/telescope-undo.nvim", },
-- Install lsp, formmatter and others via home manager instead of Mason.nvim
-- LSP installations
{
@@ -179,9 +264,6 @@ return {
code_actions.proselint, -- English prose linter
code_actions.statix, -- Lints and suggestions for Nix.
-- Completion
completion.luasnip,
-- Diagnostic
diagnostics.actionlint, -- GitHub Actions workflow syntax checking
diagnostics.buf, -- check text in current buffer
@@ -204,6 +286,7 @@ return {
extra_args = { "--dialect", "postgres" }, -- change to your dialect
}),
formatting.nginx_beautifier, -- Nginx formatter
null_ls.builtins.formatting.verible_verilog_format, -- Verilog formatter
})
end
end,
@@ -217,6 +300,52 @@ return {
opts.automatic_installation = false
end,
},
{
'nvim-telescope/telescope.nvim', branch = '0.1.x',
dependencies = { 'nvim-lua/plenary.nvim' },
init = function()
-- 1. Disable highlighting for certain filetypes
-- 2. Ignore files larger than a certain filesize
local previewers = require("telescope.previewers")
local _bad = { ".*%.csv", ".*%.min.js" } -- Put all filetypes that slow you down in this array
local filesize_threshold = 300 * 1024 -- 300KB
local bad_files = function(filepath)
for _, v in ipairs(_bad) do
if filepath:match(v) then
return false
end
end
return true
end
local new_maker = function(filepath, bufnr, opts)
opts = opts or {}
if opts.use_ft_detect == nil then opts.use_ft_detect = true end
-- 1. Check if the file is in the bad_files array, and if so, don't highlight it
opts.use_ft_detect = opts.use_ft_detect == false and false or bad_files(filepath)
-- 2. Check the file size, and ignore it if it's too big(preview nothing).
filepath = vim.fn.expand(filepath)
vim.loop.fs_stat(filepath, function(_, stat)
if not stat then return end
if stat.size > filesize_threshold then
return
else
previewers.buffer_previewer_maker(filepath, bufnr, opts)
end
end)
end
require("telescope").setup {
defaults = {
buffer_previewer_maker = new_maker,
}
}
end,
}
},
-- Configure require("lazy").setup() options
@@ -230,6 +359,7 @@ return {
},
},
-- https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
lsp = {
config = {
-- the offset_enconding of clangd will confilicts whit null-ls
@@ -264,6 +394,8 @@ return {
"nil_ls", -- nix language server
"bufls", -- protocol buffer language server
"zls", -- zig language server
---- HDL
"verible", -- verilog language server
---- Operation & Cloud Nativautoindente
"bashls", -- bash
"cmake", -- cmake language server
home/base/desktop/neovim/astronvim_user/mappings.lua
+46 -4
View File
@@ -4,8 +4,13 @@
-- lower level configuration and more robust one. (which-key will
-- automatically pick-up stored data by this setting.)
local utils = require "astronvim.utils"
require("telescope").load_extension("refactoring")
require("telescope").load_extension("yank_history")
require("telescope").load_extension("undo")
return {
-- first key is the mode
-- normal mode
n = {
-- second key is the lefthand side of the map
-- mappings seen under group name "Buffer"
@@ -13,9 +18,46 @@ return {
-- quick save
["<C-s>"] = { ":w!<cr>", desc = "Save File" }, -- change description but the same command
["<leader>tp"] = { function() utils.toggle_term_cmd("ipython") end, desc = "ToggleTerm python" },
-- search and replace globally
['<leader>ss'] = {'<cmd>lua require("spectre").toggle()<CR>', desc = "Toggle Spectre" },
['<leader>sw'] = {'<cmd>lua require("spectre").open_visual({select_word=true})<CR>', desc = "Search current word" },
['<leader>sp'] ={'<cmd>lua require("spectre").open_file_search({select_word=true})<CR>', desc = "Search on current file" },
-- refactoring
["<leader>ri"] = { function() require('refactoring').refactor('Inline Variable') end, desc = "Inverse of extract variable" },
["<leader>rb"] = { function() require('refactoring').refactor('Extract Block') end, desc = "Extract Block" },
["<leader>rbf"] = { function() require('refactoring').refactor('Extract Block To File') end, desc = "Extract Block To File" },
["<leader>rr"] = { function() require('telescope').extensions.refactoring.refactors() end, desc = "Prompt for a refactor to apply" },
["<leader>rp"] = { function() require('refactoring').debug.printf({below = false}) end, desc = "Insert print statement to mark the calling of a function" },
["<leader>rv"] = { function() require('refactoring').debug.print_var() end, desc = "Insert print statement to print a variable" },
["<leader>rc"] = { function() require('refactoring').debug.cleanup({}) end, desc = "Cleanup of all generated print statements" },
-- yank_history
["<leader>yh"] = { function() require("telescope").extensions.yank_history.yank_history() end, desc = "Preview Yank History" },
-- undo history
["<leader>uh"] = {"<cmd>Telescope undo<cr>", desc="Telescope undo" },
-- implementation/definition preview
["gpd"] = { "<cmd>lua require('goto-preview').goto_preview_definition()<CR>", desc="goto_preview_definition" },
["gpt"] = { "<cmd>lua require('goto-preview').goto_preview_type_definition()<CR>", desc="goto_preview_type_definition" },
["gpi"] = { "<cmd>lua require('goto-preview').goto_preview_implementation()<CR>", desc="goto_preview_implementation" },
["gP" ] = { "<cmd>lua require('goto-preview').close_all_win()<CR>", desc="close_all_win" },
["gpr"] = { "<cmd>lua require('goto-preview').goto_preview_references()<CR>", desc="goto_preview_references" },
},
t = {
-- setting a mapping to false will disable it
-- ["<esc>"] = false,
-- Visual mode
v = {
-- search and replace globally
['<leader>sw'] = {'<esc><cmd>lua require("spectre").open_visual()<CR>', desc = "Search current word" },
},
-- visual mode(what's the difference between v and x???)
x = {
-- refactoring
["<leader>ri"] = { function() require('refactoring').refactor('Inline Variable') end, desc = "Inverse of extract variable" },
["<leader>re"] = { function() require('refactoring').refactor('Extract Function') end, desc = "Extracts the selected code to a separate function" },
["<leader>rf"] = { function() require('refactoring').refactor('Extract Function To File') end, desc = "Extract Function To File" },
["<leader>rv"] = { function() require('refactoring').refactor('Extract Variable') end, desc = "Extracts occurrences of a selected expression to its own variable" },
["<leader>rr"] = { function() require('telescope').extensions.refactoring.refactors() end, desc = "Prompt for a refactor to apply" },
},
}
home/base/desktop/neovim/default.nix
+91 -185
View File
@@ -5,120 +5,17 @@
}:
###############################################################################
#
# AstroNvim's configuration and all its dependencies
#
# Related folders:
# nvim's config: `~/.config/nvim`
# astronvim's user configuration: `$XDG_CONFIG_HOME/astronvim/lua/user`
# all plugins will be installed into(by lazy.nvim): `~/.local/share/nvim/`
#
# For details: https://astronvim.com/
#
# Toggle visual mode: `v`
# Toggle visual block mode: `<Ctrl> + v` (select a block(vertically) of text)
#
# Add at the end of Multiple line: `:normal A<text>`
# Note that `:normal` execute `A<text>` on each line.
# `A` means append text at the end of the line.
# You need to select the lines via visual mode first.
#
# Add at the end of the visual block: `:A<text>`
# You need to select the block via visual block mode first.
# And then this command will append text at the end of the block on each line.
# If the position exceeds the end of the line, neovim will automatically add spaces
#
# Commands & shortcuts in AstroNvim
# Learn Neovim's Basics: `:Tutor`
# Opening file explorer: `<Space> + e`
# Focus Neotree to current file: `<Space> + o`
# Floating Terminal: `<Space> + tf`
# Horizontal Split Terminal: `<Space> + th`
# Vertical Split Terminal: `<Space> + tv`
# Open IPython REPL: `<Space> + tp`
# Opening LSP symbols: `<Space> + lS`
# Toggle line wrap: `<Space> + uw`
# Show line diagnostics: `gl`
# Go to definition: `gd`
#
# Switching between windows: `<Ctrl> + h/j/k/l`
# Resizing windows: `<Ctrl> + Up/Down/Left/Right`
# Note that on macOS, this is conflict with system's default shortcuts.
# You need disable them in System Preferences -> Keyboard -> Shortcuts -> Mission Control.
# Horizontal Split: `\`
# Vertical Split: `|`
# Next Buffer(Tab): `]b`
# Previous Buffer(Tab): `[b`
# Close Buffer: `<Space> + c`
#
# Toggle buffer auto formatting: `<Space> + uf`
# Format Document: `<Space> + lf`
# Comment Line: `<Space> + /`
# Can be used in visual mode
# Code Actions: `<Space> + la`
# Rename: `<Space> + lr`
# Open filepath/URL at cursor: `gx`
# This is a neovim builtin command
# Find files by name(fzf): `<Space> + ff`
# Grep string in files(repgrep): `<Space> + fw`
#
# Save Session: `<Space> + Ss`
# Last Session: `<Space> + Sl`
# Delete Session: `<Space> + Sd`
# Search Session: `<Space> + Sf`
# Load Current Directory Session:`<Space> + S.`
#
# Debugging: press `<Space> + D` to see the available bindings and options.
#
# Replace in the selected area: `:s/old/new/g` (will show `:'<,'>s/old/new/g`)
# Replace in the current line: The same as above
# Replace in the whole file: `:% s/old/new/g`
# Replace with regex: `:% s@\vhttp://(\w+)@https://\1@gc`
# 1. `\v` means means that in the regex pattern after it can be used without backslash escaping(similar to python's raw string).
# 2. `\1` means the first matched group in the pattern.
# Replace in the specific lines:
# 1. From the 10th line to the end of the file: `:10,$ s/old/new/g`
# or `:10,$ s@^@#@g`
# 2. From the 10th line to the 20th line: `:10,20 s/old/new/g`
#
# The postfix(flgas) in the above commands:
# 1. `g` means replace all the matched strings in the current line/file.
# 2. `c` means ask for confirmation before replacing.
# 3. `i` means ignore case.
#
# Joining a Selection of Lines With Space: `:join`
# Joining without spaces: `:join!`
#
# Toggle text's case: `~`
# Convert to uppercase: `U`
# Convert to lowercase: `u`
#
# Save the selected text to a file: `:w filename` (will show `:'<,'>w filename`)
#
# Search key pattern and Replace in Multiple Files:
# sed -ri "s/pattern_str/replace_str/g" $(grep "key_pattern" 'path_pattern' -rl)
#
# Search file name pattern and Replace in Multiple Files:
# sed -ri "s/pattern_str/replace_str/g" $(find . -name "pattern")
#
# ......
# See https://astronvim.com/Basic%20Usage/walkthrough
# AstroNvim's configuration and all its dependencies(lsp, formatter, etc.)
#
#e#############################################################################
{
xdg.configFile = {
# base config
"nvim" = {
# update AstroNvim
onChange = "${pkgs.neovim}/bin/nvim --headless +quitall";
source = astronvim;
};
# my cusotom astronvim config, astronvim will load it after base config
# astronvim's config
"nvim".source = astronvim;
# my custom astronvim config, astronvim will load it after base config
# https://github.com/AstroNvim/AstroNvim/blob/v3.32.0/lua/astronvim/bootstrap.lua#L15-L16
"astronvim/lua/user" = {
# update AstroNvim
onChange = "${pkgs.neovim}/bin/nvim --headless +quitall";
source = ./astronvim_user;
};
"astronvim/lua/user".source = ./astronvim_user;
};
nixpkgs.config = {
@@ -137,98 +34,107 @@
withPython3 = true;
withNodeJs = true;
extraPackages = [];
extraPackages = with pkgs; [];
# currently we use lazy.nvim as neovim's package manager, so comment this one.
plugins = with pkgs.vimPlugins; [
# search all the plugins using https://search.nixos.org/packages
luasnip
];
# plugins = with pkgs.vimPlugins; [
# # search all the plugins using https://search.nixos.org/packages
# ];
};
};
home = {
packages = with pkgs; [
#-- c/c++
cmake
cmake-language-server
gnumake
checkmake
gcc # c/c++ compiler, required by nvim-treesitter!
llvmPackages.clang-unwrapped # c/c++ tools with clang-tools such as clangd
gdb
lldb
packages = with pkgs;
[
#-- c/c++
cmake
cmake-language-server
gnumake
checkmake
gcc # c/c++ compiler, required by nvim-treesitter!
llvmPackages.clang-unwrapped # c/c++ tools with clang-tools such as clangd
gdb
# lldb # TODO - fix python3.11's package conflict - six.py
#-- python
nodePackages.pyright # python language server
python311Packages.black # python formatter
python311Packages.ruff-lsp
#-- python
nodePackages.pyright # python language server
python311Packages.black # python formatter
python311Packages.ruff-lsp
#-- rust
rust-analyzer
cargo # rust package manager
rustfmt
#-- rust
rust-analyzer
cargo # rust package manager
rustfmt
#-- zig
zls
#-- zig
zls
#-- nix
nil
rnix-lsp
# nixd
statix # Lints and suggestions for the nix programming language
deadnix # Find and remove unused code in .nix source files
alejandra # Nix Code Formatter
#-- nix
nil
rnix-lsp
# nixd
statix # Lints and suggestions for the nix programming language
deadnix # Find and remove unused code in .nix source files
alejandra # Nix Code Formatter
#-- golang
go
gomodifytags
iferr # generate error handling code for go
impl # generate function implementation for go
gotools # contains tools like: godoc, goimports, etc.
gopls # go language server
delve # go debugger
#-- golang
go
gomodifytags
iferr # generate error handling code for go
impl # generate function implementation for go
gotools # contains tools like: godoc, goimports, etc.
gopls # go language server
delve # go debugger
#-- lua
stylua
lua-language-server
#-- lua
stylua
lua-language-server
#-- bash
nodePackages.bash-language-server
shellcheck
shfmt
#-- bash
nodePackages.bash-language-server
shellcheck
shfmt
#-- javascript/typescript --#
nodePackages.typescript
nodePackages.typescript-language-server
# HTML/CSS/JSON/ESLint language servers extracted from vscode
nodePackages.vscode-langservers-extracted
nodePackages."@tailwindcss/language-server"
#-- javascript/typescript --#
nodePackages.typescript
nodePackages.typescript-language-server
# HTML/CSS/JSON/ESLint language servers extracted from vscode
nodePackages.vscode-langservers-extracted
nodePackages."@tailwindcss/language-server"
#-- CloudNative
nodePackages.dockerfile-language-server-nodejs
terraform
terraform-ls
jsonnet
jsonnet-language-server
hadolint # Dockerfile linter
#-- CloudNative
nodePackages.dockerfile-language-server-nodejs
# terraform # install via brew on macOS
terraform-ls
jsonnet
jsonnet-language-server
hadolint # Dockerfile linter
#-- Others
taplo # TOML language server / formatter / validator
nodePackages.yaml-language-server
sqlfluff # SQL linter
actionlint # GitHub Actions linter
buf # protoc plugin for linting and formatting
proselint # English prose linter
#-- Others
taplo # TOML language server / formatter / validator
nodePackages.yaml-language-server
sqlfluff # SQL linter
actionlint # GitHub Actions linter
buf # protoc plugin for linting and formatting
proselint # English prose linter
#-- Misc
tree-sitter # common language parser/highlighter
nodePackages.prettier # common code formatter
marksman # language server for markdown
glow # markdown previewer
#-- Misc
tree-sitter # common language parser/highlighter
nodePackages.prettier # common code formatter
marksman # language server for markdown
glow # markdown previewer
fzf
#-- Optional Requirements:
gdu # disk usage analyzer, required by AstroNvim
ripgrep # fast search tool, required by AstroNvim's '<leader>fw'(<leader> is space key)
];
#-- Optional Requirements:
gdu # disk usage analyzer, required by AstroNvim
ripgrep # fast search tool, required by AstroNvim's '<leader>fw'(<leader> is space key)
]
++ (
if pkgs.stdenv.isDarwin
then []
else [
#-- verilog / systemverilog
verible
]
);
};
}
home/base/desktop/terminal/README.md
+7
View File
@@ -0,0 +1,7 @@
# Termianl Emulators
1. kitty: My main terminal emulator.
2. wezterm: My secondary terminal emulator.
3. alacritty: Standby terminal.
home/base/desktop/alacritty.nix → home/base/desktop/terminal/alacritty.nix
+6 -4
View File
@@ -7,12 +7,14 @@
# 1. Multi-Window: `command + N`
# 2. Increase Font Size: `command + =` | `command + +`
# 3. Decrease Font Size: `command + -` | `command + _`
# 4. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
# 4. Search Text: `command + F`
# 5. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
#
# Useful Hot Keys for Linux:
# 1. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
# 2. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
# 3. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
# 3. Search Text: `ctrl + shift + N`
# 4. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
#
# Note: Alacritty do not have support for Tabs, and any graphic protocol.
#
@@ -35,7 +37,7 @@
#
# Window opacity as a floating point number from `0.0` to `1.0`.
# The value `0.0` is completely transparent and `1.0` is opaque.
opacity: 0.95
opacity: 0.93
# Startup Mode (changes require restart)
#
@@ -46,7 +48,7 @@
#
# Values for `startup_mode` (macOS only):
# - SimpleFullscreen
startup_mode: Windowed
startup_mode: Maximized
# Allow terminal applications to change Alacritty's window title.
dynamic_title: true
home/base/desktop/terminal/default.nix
+7
View File
@@ -0,0 +1,7 @@
{...}: {
imports = [
./alacritty.nix
./kitty.nix
./wezterm.nix
];
}
home/base/desktop/kitty.nix → home/base/desktop/terminal/kitty.nix
+14 -3
View File
@@ -14,6 +14,9 @@
# 4. Increase Font Size: `command + =` | `command + +`
# 5. Decrease Font Size: `command + -` | `command + _`
# 6. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
# 7. Search in the current window(show_scrollback): `ctrl + shift + h`
# This will open a pager, it's defined by `scrollback_pager`, default is `less`
#
#
# Useful Hot Keys for Linux:
# 1. New Tab: `ctrl + shift + t`
@@ -27,7 +30,10 @@
{
programs.kitty = {
enable = true;
theme = "Catppuccin-Mocha"; # kitty has catppuccin theme built-in
# kitty has catppuccin theme built-in,
# all the built-in themes are packaged into an extra package named `kitty-themes`
# and it's installed by home-manager if `theme` is specified.
theme = "Catppuccin-Mocha";
font = {
name = "JetBrainsMono Nerd Font";
# use different font size on macOS
@@ -37,12 +43,17 @@
else 13;
};
keybindings = {
"ctrl+shift+m" = "toggle_maximized";
};
settings =
{
background_opacity = "0.95";
background_opacity = "0.93";
macos_option_as_alt = true; # Option key acts as Alt on macOS
scrollback_lines = 10000;
enable_audio_bell = false;
tab_bar_edge = "top"; # tab bar on top
}
// (
if pkgs.stdenv.isDarwin
@@ -54,6 +65,6 @@
);
# macOS specific settings
darwinLaunchOptions = ["--start-as=fullscreen"];
darwinLaunchOptions = ["--start-as=maximized"];
};
}
home/base/desktop/terminal/wezterm.nix
+103
View File
@@ -0,0 +1,103 @@
{pkgs, ...}:
###########################################################
#
# Wezterm Configuration
#
# Default Keybindings: https://wezfurlong.org/wezterm/config/default-keys.html
#
###########################################################
{
# wezterm has catppuccin theme built-in,
# it's not necessary to install it separately.
programs.wezterm =
{
enable = true;
extraConfig = let
fontsize =
if pkgs.stdenv.isDarwin
then "14.0"
else "13.0";
in
''
-- Pull in the wezterm API
local wezterm = require 'wezterm'
-- This table will hold the configuration.
local config = {}
-- In newer versions of wezterm, use the config_builder which will
-- help provide clearer error messages
if wezterm.config_builder then
config = wezterm.config_builder()
end
wezterm.on('toggle-opacity', function(window, pane)
local overrides = window:get_config_overrides() or {}
if not overrides.window_background_opacity then
overrides.window_background_opacity = 0.93
else
overrides.window_background_opacity = nil
end
window:set_config_overrides(overrides)
end)
wezterm.on('toggle-maximize', function(window, pane)
window:maximize()
end)
-- This is where you actually apply your config choices
config.color_scheme = "Catppuccin Mocha"
config.font = wezterm.font_with_fallback {
"JetBrainsMono Nerd Font",
"FiraCode Nerd Font",
-- To avoid 'Chinese characters displayed as variant (Japanese) glyphs'
"Source Han Sans SC",
"Source Han Sans TC"
}
config.hide_tab_bar_if_only_one_tab = true
config.scrollback_lines = 10000
config.enable_scroll_bar = true
config.keys = {
-- toggle opacity(CTRL + SHIFT + B)
{
key = 'B',
mods = 'CTRL',
action = wezterm.action.EmitEvent 'toggle-opacity',
},
{
key = 'M',
mods = 'CTRL',
action = wezterm.action.EmitEvent 'toggle-maximize',
},
}
config.font_size = ${fontsize}
''
+ (
if pkgs.stdenv.isDarwin
then ''
-- Spawn a fish shell in login mod
config.default_prog = { '/run/current-system/sw/bin/nu', '-l' }
''
else ""
)
+ ''
return config
'';
}
// (
if pkgs.stdenv.isDarwin
then {
# install wezterm via homebrew on macOS to avoid compilation, dummy package here.
package = pkgs.hello;
enableBashIntegration = false;
enableZshIntegration = false;
}
else {}
);
}
home/base/server/bat.nix
+5 -2
View File
@@ -4,11 +4,14 @@
enable = true;
config = {
pager = "less -FR";
theme = "Catppuccin-mocha";
theme = "catppuccin-mocha";
};
themes = {
# https://raw.githubusercontent.com/catppuccin/bat/main/Catppuccin-mocha.tmTheme
Catppuccin-mocha = builtins.readFile "${catppuccin-bat}/Catppuccin-mocha.tmTheme";
catppuccin-mocha = {
src = catppuccin-bat;
file = "Catppuccin-mocha.tmTheme";
};
};
};
}
home/linux/base/btop.nix → home/base/server/btop.nix
View File
home/base/server/core.nix
+17 -8
View File
@@ -9,11 +9,6 @@
unzip
p7zip
# utils
ripgrep # recursively searches directories for a regex pattern
jq # A lightweight and flexible command-line JSON processor
yq-go # yaml processer https://github.com/mikefarah/yq
# networking tools
mtr # A network diagnostic tool
iperf3
@@ -24,14 +19,28 @@
nmap # A utility for network discovery and security auditing
ipcalc # it is a calculator for the IPv4/v6 addresses
# Text Processing
# Docs: https://github.com/learnbyexample/Command-line-text-processing
gnugrep # GNU grep, provides `grep`/`egrep`/`fgrep`
gnused # GNU sed, very powerful(mainly for replacing text in files)
gawk # GNU awk, a pattern scanning and processing language
ripgrep # recursively searches directories for a regex pattern
sad # CLI search and replace, with diff preview, really useful!!!
delta # A viewer for git and diff output
# A fast and polyglot tool for code searching, linting, rewriting at large scale
# supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
ast-grep
jq # A lightweight and flexible command-line JSON processor
yq-go # yaml processer https://github.com/mikefarah/yq
# misc
tldr
cowsay
file
which
tree
gnused
gnutar
gawk
zstd
caddy
gnupg
@@ -58,7 +67,7 @@
# A modern replacement for ls
# useful in bash/zsh prompt, not in nushell.
exa = {
eza = {
enable = true;
enableAliases = true;
git = true;
home/base/server/default.nix
+1
View File
@@ -6,6 +6,7 @@
./bash.nix
./bat.nix
./btop.nix
./core.nix
./git.nix
./starship.nix
home/base/server/git.nix
+31 -12
View File
@@ -15,6 +15,9 @@
rm -f ~/.gitconfig
'';
home.packages = with pkgs; [
];
programs.git = {
enable = true;
lfs.enable = true;
@@ -37,15 +40,15 @@
# replace https with ssh
url = {
"ssh://git@github.com/" = {
insteadOf = "https://github.com/";
};
"ssh://git@gitlab.com/" = {
insteadOf = "https://gitlab.com/";
};
"ssh://git@bitbucket.com/" = {
insteadOf = "https://bitbucket.com/";
"ssh://git@github.com/ryan4yin" = {
insteadOf = "https://github.com/ryan4yin";
};
# "ssh://git@gitlab.com/" = {
# insteadOf = "https://gitlab.com/";
# };
# "ssh://git@bitbucket.com/" = {
# insteadOf = "https://bitbucket.com/";
# };
};
};
@@ -54,10 +57,15 @@
# signByDefault = true;
# };
# A syntax-highlighting pager in Rust(2019 ~ Now)
delta = {
enable = true;
options = {
features = "side-by-side";
diff-so-fancy = true;
line-numbers = true;
true-color = "always";
# features => named groups of settings, used to keep related settings organized
# features = "";
};
};
@@ -68,10 +76,21 @@
st = "status";
ls = "log --pretty=format:\"%C(yellow)%h%Cred%d\\\\ %Creset%s%Cblue\\\\ [%cn]\" --decorate";
ll = "log --pretty=format:\"%C(yellow)%h%Cred%d\\\\ %Creset%s%Cblue\\\\ [%cn]\" --decorate --numstat";
cm = "commit -m";
ca = "commit -am";
cm = "commit -m"; # commit via `git cm <message>`
ca = "commit -am"; # commit all changes via `git ca <message>`
dc = "diff --cached";
amend = "commit --amend -m";
amend = "commit --amend -m"; # amend commit message via `git amend <message>`
unstage = "reset HEAD --"; # unstage file via `git unstage <file>`
merged = "branch --merged"; # list merged(into HEAD) branches via `git merged`
unmerged = "branch --no-merged"; # list unmerged(into HEAD) branches via `git unmerged`
nonexist = "remote prune origin --dry-run"; # list non-exist(remote) branches via `git nonexist`
# delete merged branches except master & dev & staging
# `!` indicates it's a shell script, not a git subcommand
delmerged = ''! git branch --merged | egrep -v "(^\*|main|master|dev|staging)" | xargs git branch -d'';
# delete non-exist(remote) branches
delnonexist = "remote prune origin";
# aliases for submodule
update = "submodule update --init --recursive";
home/base/server/nushell/config.nu
+1 -1
View File
@@ -71,7 +71,7 @@ let catppuccin_theme = {
}
# The default config record. This is where much of your global configuration is setup.
let-env config = {
$env.config = {
color_config: $catppuccin_theme # <-- this is the theme
use_ansi_coloring: true
home/base/server/nushell/default.nix
+1 -1
View File
@@ -4,7 +4,7 @@
configFile.source = ./config.nu;
extraConfig = ''
let-env PATH = ([
$env.PATH = ([
"${config.home.homeDirectory}/bin"
"${config.home.homeDirectory}/.local/bin"
"${config.home.homeDirectory}/go/bin"
home/darwin/core.nix
-5
View File
@@ -40,10 +40,5 @@
# required to prevent sending default identity files first.
IdentitiesOnly yes
'';
# use ssh-agent so we only need to input passphrase once
# run `ssh-add /path/to/key` for every identity file
# check imported keys by `ssh-add -l`
# TODO `ssh-add` can only add keys temporary, use gnome-keyring to unlock all keys after login.
};
}
home/darwin/default.nix
+2
View File
@@ -1,6 +1,8 @@
{ username, ... }: {
imports = [
../base/desktop
./proxychains
./core.nix
./nushell.nix
home/darwin/nushell.nix
+1 -1
View File
@@ -2,7 +2,7 @@
# nix-darwin do not set PATH for nushell! so we need to do it manually
# this is a workaround to add nix's PATH to nushell
programs.nushell.extraConfig = ''
let-env PATH = ([
$env.PATH = ([
"${config.home.homeDirectory}/bin"
"${config.home.homeDirectory}/.local/bin"
"${config.home.homeDirectory}/go/bin"
home/darwin/proxychains/default.nix
+3
View File
@@ -0,0 +1,3 @@
{
home.file.".proxychains/proxychains.conf".source = ./proxychains.conf;
}
home/darwin/proxychains/proxychains.conf
+161
View File
@@ -0,0 +1,161 @@
# proxychains.conf VER 4.x
#
# HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#round_robin_chain
#
# Round Robin - Each connection will be done via chained proxies
# of chain_len length
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped).
# the start of the current proxy chain is the proxy after the last
# proxy in the previously invoked proxy chain.
# if the end of the proxy chain is reached while looking for proxies
# start at the beginning again.
# otherwise EINTR is returned to the app
# These semantics are not guaranteed in a multithreaded environment.
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
# Make sense only if random_chain or round_robin_chain
#chain_len = 2
# Quiet mode (no output from library)
#quiet_mode
## Proxy DNS requests - no leak for DNS data
# (disable all of the 3 items below to not proxy your DNS requests)
# method 1. this uses the proxychains4 style method to do remote dns:
# a thread is spawned that serves DNS requests and hands down an ip
# assigned from an internal list (via remote_dns_subnet).
# this is the easiest (setup-wise) and fastest method, however on
# systems with buggy libcs and very complex software like webbrowsers
# this might not work and/or cause crashes.
proxy_dns
# method 2. use the old proxyresolv script to proxy DNS requests
# in proxychains 3.1 style. requires `proxyresolv` in $PATH
# plus a dynamically linked `dig` binary.
# this is a lot slower than `proxy_dns`, doesn't support .onion URLs,
# but might be more compatible with complex software like webbrowsers.
#proxy_dns_old
# method 3. use proxychains4-daemon process to serve remote DNS requests.
# this is similar to the threaded `proxy_dns` method, however it requires
# that proxychains4-daemon is already running on the specified address.
# on the plus side it doesn't do malloc/threads so it should be quite
# compatible with complex, async-unsafe software.
# note that if you don't start proxychains4-daemon before using this,
# the process will simply hang.
#proxy_dns_daemon 127.0.0.1:1053
# set the class A subnet number to use for the internal remote DNS mapping
# we use the reserved 224.x.x.x range by default,
# if the proxified app does a DNS request, we will return an IP from that range.
# on further accesses to this ip we will send the saved DNS name to the proxy.
# in case some control-freak app checks the returned ip, and denies to
# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
# of course you should make sure that the proxified app does not need
# *real* access to this subnet.
# i.e. dont use the same subnet then in the localnet section
#remote_dns_subnet 127
#remote_dns_subnet 10
remote_dns_subnet 224
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
### Examples for localnet exclusion
## localnet ranges will *not* use a proxy to connect.
## note that localnet works only when plain IP addresses are passed to the app,
## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used.
## Exclude connections to 192.168.1.0/24 with port 80
# localnet 192.168.1.0:80/255.255.255.0
## Exclude connections to 192.168.100.0/24
# localnet 192.168.100.0/255.255.255.0
## Exclude connections to ANYwhere with port 80
# localnet 0.0.0.0:80/0.0.0.0
# localnet [::]:80/0
## RFC6890 Loopback address range
## if you enable this, you have to make sure remote_dns_subnet is not 127
## you'll need to enable it if you want to use an application that
## connects to localhost.
# localnet 127.0.0.0/255.0.0.0
# localnet ::1/128
## RFC1918 Private Address Ranges
# localnet 10.0.0.0/255.0.0.0
# localnet 172.16.0.0/255.240.0.0
# localnet 192.168.0.0/255.255.0.0
### Examples for dnat
## Trying to proxy connections to destinations which are dnatted,
## will result in proxying connections to the new given destinations.
## Whenever I connect to 1.1.1.1 on port 1234 actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1:1234 1.1.1.2:443
## Whenever I connect to 1.1.1.1 on port 443 actually connect to 1.1.1.2 on port 443
## (no need to write :443 again)
# dnat 1.1.1.2:443 1.1.1.2
## No matter what port I connect to on 1.1.1.1 port actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1 1.1.1.2:443
## Always, instead of connecting to 1.1.1.1, connect to 1.1.1.2
# dnat 1.1.1.1 1.1.1.2
# ProxyList format
# type ip port [user pass]
# (values separated by 'tab' or 'blank')
#
# only numeric ipv4 addresses are valid
#
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5, raw
# * raw: The traffic is simply forwarded to the proxy without modification.
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# set to clash's http/socks5 port
socks5 127.0.0.1 7890
home/linux/base/default.nix
-1
View File
@@ -1,6 +1,5 @@
{
imports = [
./btop.nix
./shell.nix
./system-tools.nix
];
home/linux/base/system-tools.nix
+10
View File
@@ -1,6 +1,14 @@
{pkgs, ...}: {
# Linux Only Packages, not available on Darwin
home.packages = with pkgs; [
# Automatically trims your branches whose tracking remote refs are merged or gone
# It's really useful when you work on a project for a long time.
git-trim
# cloud tools that nix do not have cache for.
terraform
terraformer # generate terraform configs from existing cloud resources
nmon
iotop
iftop
@@ -17,6 +25,8 @@
# system call monitoring
strace # system call monitoring
ltrace # library call monitoring
bpftrace # powerful tracing tool
tcpdump # network sniffer
lsof # list open files
# system tools
home/linux/desktop/creative.nix
+15 -2
View File
@@ -1,4 +1,9 @@
{pkgs, ...}: {
{
pkgs,
pkgs-unstable,
nur-ryan4yin,
...
}: {
home.packages = with pkgs; [
# creative
# blender # 3d modeling
@@ -6,10 +11,18 @@
inkscape # vector graphics
krita # digital painting
musescore # music notation
reaper # audio production
# reaper # audio production
pkgs-unstable.sonic-pi # music programming
# this app consumes a lot of storage, so do not install it currently
# kicad # 3d printing, eletrical engineering
# fpga
pkgs-unstable.python311Packages.apycula # gowin fpga
pkgs-unstable.yosys # fpga synthesis
pkgs-unstable.nextpnr # fpga place and route
pkgs-unstable.openfpgaloader # fpga programming
nur-ryan4yin.packages.${pkgs.system}.gowin-eda-edu-ide # app: `gowin-env` => `gw_ide` / `gw_pack` / ...
];
programs = {
home/linux/desktop/default.nix
+2
View File
@@ -1,6 +1,7 @@
{pkgs, ...}: {
imports = [
./creative.nix
./gtk.nix
./immutable-file.nix
./media.nix
./ssh.nix
@@ -28,6 +29,7 @@
# misc
flameshot
mitmproxy # http/https proxy tool
];
# GitHub CLI tool
home/linux/desktop/gtk.nix
+52
View File
@@ -0,0 +1,52 @@
{
pkgs,
config,
...
}: {
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic";
size = 24;
gtk.enable = true;
x11.enable = true;
};
# set dpi for 4k monitor
xresources.properties = {
# dpi for Xorg's font
"Xft.dpi" = 150;
# or set a generic dpi
"*.dpi" = 150;
};
# gtk's theme settings, generate files:
# 1. ~/.gtkrc-2.0
# 2. ~/.config/gtk-3.0/settings.ini
# 3. ~/.config/gtk-4.0/settings.ini
gtk = {
enable = true;
font = {
name = "Roboto";
package = pkgs.roboto;
};
gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
iconTheme = {
name = "Papirus-Dark";
package = pkgs.papirus-icon-theme;
};
theme = {
# https://github.com/catppuccin/gtk
name = "Catppuccin-Macchiato-Compact-Pink-dark";
package = pkgs.catppuccin-gtk.override {
# https://github.com/NixOS/nixpkgs/blob/nixos-23.05/pkgs/data/themes/catppuccin-gtk/default.nix
accents = [ "pink" ];
size = "compact";
variant = "mocha";
};
};
};
}
home/linux/desktop/media.nix
+3
View File
@@ -1,6 +1,7 @@
{
pkgs,
catppuccin-cava,
nur-ryan4yin,
...
}:
# media - control and enjoy audio/video
@@ -20,6 +21,8 @@
vdpauinfo
vulkan-tools
glxinfo
nur-ryan4yin.packages.${pkgs.system}.yazi # terminal file manager
];
# https://github.com/catppuccin/cava
home/linux/desktop/ssh.nix
+18 -5
View File
@@ -41,11 +41,24 @@
Host s500plus
HostName 192.168.5.174
Port 22
'';
# use ssh-agent so we only need to input passphrase once
# run `ssh-add /path/to/key` for every identity file
# check imported keys by `ssh-add -l`
# TODO `ssh-add` can only add keys temporary, use gnome-keyring to unlock all keys after login.
Host k8s-main
HostName 192.168.5.181
ForwardAgent yes
IdentityFile ~/.ssh/romantic
IdentitiesOnly yes
Host k8s-data1
HostName 192.168.5.182
ForwardAgent yes
IdentityFile ~/.ssh/romantic
IdentitiesOnly yes
Host k8s-data2
HostName 192.168.5.183
ForwardAgent yes
IdentityFile ~/.ssh/romantic
IdentitiesOnly yes
'';
};
}
home/linux/fcitx5/default.nix
-10
View File
@@ -30,14 +30,4 @@
fcitx5-gtk # gtk im module
];
};
systemd.user.sessionVariables = {
# copy from https://github.com/nix-community/home-manager/blob/master/modules/i18n/input-method/fcitx5.nix
GLFW_IM_MODULE = "fcitx";
GTK_IM_MODULE = "fcitx";
QT_IM_MODULE = "fcitx";
XMODIFIERS = "@im=fcitx";
INPUT_METHOD = "fcitx";
IMSETTINGS_MODULE = "fcitx";
};
}
home/linux/hyprland/anyrun.nix
+87
View File
@@ -0,0 +1,87 @@
{ pkgs, anyrun, ... }:
{
imports = [
anyrun.homeManagerModules.default
];
programs.anyrun = {
enable = true;
config = {
plugins = with anyrun.packages.${pkgs.system}; [
applications
randr
rink
shell
symbols
translate
];
width.fraction = 0.3;
y.absolute = 15;
hidePluginInfo = true;
closeOnClick = true;
};
# custom css for anyrun, based on catppuccin-mocha
extraCss = ''
@define-color bg-col rgba(30, 30, 46, 0.7);
@define-color bg-col-light rgba(150, 220, 235, 0.7);
@define-color border-col rgba(30, 30, 46, 0.7);
@define-color selected-col rgba(150, 205, 251, 0.7);
@define-color fg-col #D9E0EE;
@define-color fg-col2 #F28FAD;
* {
transition: 200ms ease;
font-family: "JetBrainsMono Nerd Font";
font-size: 1.3rem;
}
#window {
background: transparent;
}
#plugin,
#main {
border: 3px solid @border-col;
color: @fg-col;
background-color: @bg-col;
}
/* anyrun's input window - Text */
#entry {
color: @fg-col;
background-color: @bg-col;
}
/* anyrun's ouput matches entries - Base */
#match {
color: @fg-col;
background: @bg-col;
}
/* anyrun's selected entry - Red */
#match:selected {
color: @fg-col2;
background: @selected-col;
}
#match {
padding: 3px;
border-radius: 16px;
}
#entry, #plugin:hover {
border-radius: 16px;
}
box#main {
background: rgba(30, 30, 46, 0.7);
border: 1px solid @border-col;
border-radius: 15px;
padding: 5px;
}
'';
};
}
home/linux/hyprland/default.nix
+5 -35
View File
@@ -1,12 +1,12 @@
{pkgs, catppuccin-hyprland, ...}: {
{pkgs, hyprland, catppuccin-hyprland, ...}: {
imports = [
# hyprland.homeManagerModules.default
./anyrun.nix
./wayland-apps.nix
];
# Only available on home-manager's master branch(2023/7/25)
# wayland.windowManager.hyprland = {
# enable = true;
# };
# wayland.windowManager.hyprland.enable = true;
# hyprland configs, based on https://github.com/notwidow/hyprland
home.file.".config/hypr" = {
@@ -16,24 +16,6 @@
};
home.file.".config/hypr/themes".source = "${catppuccin-hyprland}/themes";
# gtk's theme settings, generate files:
# 1. ~/.gtkrc-2.0
# 2. ~/.config/gtk-3.0/settings.ini
# 3. ~/.config/gtk-4.0/settings.ini
gtk = {
enable = true;
theme = {
# https://github.com/catppuccin/gtk
name = "Catppuccin-Macchiato-Compact-Pink-dark";
package = pkgs.catppuccin-gtk.override {
accents = [ "pink" ];
size = "compact";
tweaks = [ "rimless" "black" ];
variant = "macchiato";
};
};
};
# music player - mpd
home.file.".config/mpd" = {
source = ./mpd;
@@ -57,16 +39,4 @@
"WLR_EGL_NO_MODIFIRES" = "1";
};
# this is for xwayland
# set dpi for 4k monitor
xresources.properties = {
"Xft.dpi" = 162;
};
# set Xcursor.theme & Xcursor.size in ~/.Xresources automatically
home.pointerCursor = {
name = "Qogir-dark";
package = pkgs.qogir-theme;
size = 64;
};
}
home/linux/hyprland/hypr-conf/hyprland.conf
+17 -7
View File
@@ -3,6 +3,11 @@
# color-scheme: cappuccin-mocha
source=~/.config/hypr/themes/mocha.conf
env = _JAVA_AWT_WM_NONREPARENTING,1
env = QT_WAYLAND_DISABLE_WINDOWDECORATION,1
# fix https://github.com/hyprwm/Hyprland/issues/1520
env = WLR_NO_HARDWARE_CURSORS,1
#-- Output ----------------------------------------------------
# Configure your Display resolution, offset, scale and Monitors here, use `hyprctl monitors` to get the info.
@@ -45,16 +50,17 @@ general {
# Decoration settings like Rounded Corners, Opacity, Blur, etc.
decoration {
rounding=8 # Original: rounding=-1
multisample_edges=0
active_opacity=1.0
inactive_opacity=0.9
fullscreen_opacity=1.0
blur=0
blur_size=3 # minimum 1
blur_passes=1 # minimum 1, more passes = more resource intensive.
blur_ignore_opacity=0
blur {
enabled=true
size=3 # minimum 1
passes=1 # minimum 1, more passes = more resource intensive.
ignore_opacity=false
}
# Your blur "amount" is blur_size * blur_passes, but high blur_size (over around 5-ish) will produce artifacts.
# if you want heavy blur, you need to up the blur_passes.
@@ -103,13 +109,12 @@ $lockscreen = ~/.config/hypr/scripts/lockscreen
$wlogout = ~/.config/hypr/scripts/wlogout
$colorpicker = ~/.config/hypr/scripts/colorpicker
$files = thunar
$editor = code # vscode
$browser = firefox
# -- Terminal --
bind=SUPER,Return,exec,$term
# -- Wofi --
# -- App Launcher --
bind=SUPER,D,exec,$app_launcher
# -- Hyprland --
@@ -201,6 +206,10 @@ exec-once=cp ~/.config/fcitx5/profile-bak ~/.config/fcitx5/profile # restore
exec-once=fcitx5 -d --replace # start fcitx5 daemon
bind=ALT,E,exec,pkill fcitx5 -9;sleep 1;fcitx5 -d --replace; sleep 1;fcitx5-remote -r
# fix xwayland apps
windowrulev2 = rounding 0, xwayland:1, floating:1
windowrulev2 = center, class:^(.*jetbrains.*)$, title:^(Confirm Exit|Open Project|win424|win201|splash)$
windowrulev2 = size 640 400, class:^(.*jetbrains.*)$, title:^(splash)$
# -- Fix input method in vscode
exec-once = hyprctl setcursor "Bibata-Modern-Ice" 24
@@ -208,6 +217,7 @@ exec-once = hyprctl setcursor "Bibata-Modern-Ice" 24
# xwayland 窗口先渲染到 200% 再降到 hyprland config 里 monitor 设置的值,看上去和原生没啥区别
# 相比较一开始的方案输入法字体大小也正确了.唯一有点问题的可能是 xwayland 窗口下的鼠标指针大小不对
exec-once = xprop -root -f _XWAYLAND_GLOBAL_OUTPUT_SCALE 32c -set _XWAYLAND_GLOBAL_OUTPUT_SCALE 2
exec-once = xrdb -merge ~/.Xresources
# env = GDK_SCALE,2
env = XCURSOR_SIZE,48
home/linux/hyprland/hypr-conf/scripts/menu
+3 -9
View File
@@ -1,13 +1,7 @@
#!/usr/bin/env bash
## launch wofi with alt config
CONFIG="$HOME/.config/hypr/wofi/config"
STYLE="$HOME/.config/hypr/wofi/style.css"
COLORS="$HOME/.config/hypr/wofi/colors"
if [[ ! $(pidof wofi) ]]; then
wofi --show drun --prompt 'Search...' --conf ${CONFIG} --style ${STYLE} --color ${COLORS}
if [[ ! $(pidof anyrun) ]]; then
anyrun
else
pkill wofi
pkill anyrun
fi
home/linux/hyprland/hypr-conf/scripts/statusbar
+1 -1
View File
@@ -2,7 +2,7 @@
## launch waybar with alt config
CONFIG="$HOME/.config/hypr/waybar/config.json"
CONFIG="$HOME/.config/hypr/waybar/config.jsonc"
STYLE="$HOME/.config/hypr/waybar/style.css"
if [[ ! $(pidof waybar) ]]; then
home/linux/hyprland/hypr-conf/waybar/config.json → home/linux/hyprland/hypr-conf/waybar/config.jsonc
View File
home/linux/hyprland/hypr-conf/wofi/colors
-6
View File
@@ -1,6 +0,0 @@
#1e1e2e
#262636
#d9e0ee
#89b4fa
#f38ba8
#cba6f7
home/linux/hyprland/hypr-conf/wofi/config
-39
View File
@@ -1,39 +0,0 @@
## Wofi Config
## General
show=drun
prompt=Apps
normal_window=true
layer=top
term=alacritty
## Geometry
width=500px
height=305px
location=0
orientation=vertical
halign=fill
line_wrap=off
dynamic_lines=false
## Images
allow_markup=true
allow_images=true
image_size=24
## Search
exec_search=false
hide_search=false
parse_search=false
insensitive=false
## Other
hide_scroll=true
no_actions=true
sort_order=default
gtk_dark=true
filter_rate=100
## Keys
key_expand=Tab
key_exit=Escape
home/linux/hyprland/hypr-conf/wofi/style.css
-60
View File
@@ -1,60 +0,0 @@
/** ********** Fonts ********** **/
* {
font-family: "JetBrains Mono", "Iosevka Nerd Font", sans-serif;
font-size: 12px;
}
#window {
background-color: --wofi-color0;
color: --wofi-color2;
border: 2px solid --wofi-color1;
border-radius: 0px;
}
#outer-box {
padding: 20px;
}
#input {
background-color: --wofi-color1;
border: 0px solid --wofi-color3;
padding: 8px 12px;
}
#scroll {
margin-top: 20px;
}
#inner-box {
}
#img {
padding-right: 8px;
}
#text {
color: --wofi-color2;
}
#text:selected {
color: --wofi-color0;
}
#entry {
padding: 6px;
}
#entry:selected {
background-color: --wofi-color3;
color: --wofi-color0;
}
#unselected {
}
#selected {
}
#input, #entry:selected {
border-radius: 4px;
}
home/linux/hyprland/wayland-apps.nix
-14
View File
@@ -22,19 +22,5 @@
enableGnomeExtensions = false;
package = pkgs.firefox-wayland; # firefox with wayland support
};
vscode = {
enable = true;
# use the stable version
# package = pkgs.vscode.override {
# commandLineArgs = [
# # make it use text-input-v1, which works for kwin 5.27 and weston
# # "--enable-wayland-ime"
# ];
# };
# let vscode sync and update its configuration & extensions across devices, using github account.
# userSettings = {};
};
};
}
home/linux/i3/default.nix
-14
View File
@@ -44,18 +44,4 @@
"__GLX_VENDOR_LIBRARY_NAME" = "nvidia";
};
# set dpi for 4k monitor
xresources.properties = {
# dpi for Xorg's font
"Xft.dpi" = 162;
# or set a generic dpi
"*.dpi" = 162;
};
# set Xcursor.theme & Xcursor.size in ~/.Xresources automatically
home.pointerCursor = {
name = "Qogir-dark";
package = pkgs.qogir-theme;
size = 64;
};
}
home/linux/i3/x11-apps.nix
-12
View File
@@ -17,17 +17,5 @@
# commandLineArgs = [
# ];
};
vscode = {
enable = true;
# use the stable version
# package = pkgs.vscode.override {
# commandLineArgs = [
# ];
# };
# let vscode sync and update its configuration & extensions across devices, using github account.
# userSettings = {};
};
};
}
home/linux/server-riscv64.nix
+24
View File
@@ -0,0 +1,24 @@
{ username, ... }: {
imports = [
];
# Home Manager needs a bit of information about you and the
# paths it should manage.
home = {
username = username;
homeDirectory = "/home/${username}";
# This value determines the Home Manager release that your
# configuration is compatible with. This helps avoid breakage
# when a new Home Manager release introduces backwards
# incompatible changes.
#
# You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version
# changes in each release.
stateVersion = "23.05";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}
hosts/12kingdoms/suzu/default.nix
+62
View File
@@ -0,0 +1,62 @@
{
config,
username,
nixos-rk3588,
...
} @ args:
#############################################################
#
# Aquamarine - A NixOS VM running on Proxmox
#
#############################################################
{
imports = [
{
nixpkgs.crossSystem = {
config = "aarch64-unknown-linux-gnu";
};
}
# import the rk3588 module, which contains the configuration for bootloader/kernel/firmware
(nixos-rk3588 + "/modules/boards/orangepi5.nix")
# core-riscv64 only the core packages, it's suitable for aarch64 too.
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
networking = {
hostName = "suzu"; # Define your hostname.
wireless.enable = false; # Enables wireless support via wpa_supplicant.
networkmanager.enable = false;
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
interfaces.end1 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.107";
prefixLength = 24;
}
];
};
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
hosts/README.md
+22 -1
View File
@@ -6,6 +6,13 @@
2. `aquamarine`: My NixOS virtual machine with R9-5900HX(8C16T), for distributed building & testing.
3. `kana`: Yet another NixOS vm on another physical machine with R5-5625U(6C12T).
4. `ruby`: Another NixOS vm on another physical machine with R7-5825U(8C16T).
3. `rolling_girls`: My RISCV64 hosts.
1. `nozomi`: Lichee Pi 4A, TH1520(4xC910@2.0G), 8GB RAM + 32G eMMC + 64G SD Card.
2. `yukina`: Lichee Pi 4A(Internal Test Version), TH1520(4xC910@2.0G), 8GB RAM + 8G eMMC + 128G SD Card.
3. `chiaya`: Milk-V Mars, JH7110(4xU74@1.5 GHz), 4G RAM + No eMMC + 64G SD Card.
4. `12kingdoms`: Currently only one aarch64 host
1. `suzu`: Orange Pi 5, RK3588s(4xA76 + 4xA55), GPU(4Cores, Mail-G610), NPU(6Tops@int8), 8G RAM + 256G SSD.
# idols - Oshi no Ko
@@ -18,10 +25,24 @@ When building some packages for riscv64 or aarch64, I often have no cache availa
![](/_img/nix-distributed-building-log.webp)
## rolling girls
My All RISCV64 hosts.
![](/_img/nixos-riscv-cluster.webp)
## References
[Oshi no Ko 【推しの子】 - Wikipedia](https://en.wikipedia.org/wiki/Oshi_no_Ko):
![](/_img/idols-famaily.webp)
![](/_img/idols-ai.webp)
See [Oshi no Ko 【推しの子】 - Wikipedia](https://en.wikipedia.org/wiki/Oshi_no_Ko) for more information.
[The Rolling Girls【ローリング☆ガールズ】 - Wikipedia](https://en.wikipedia.org/wiki/The_Rolling_Girls):
![](/_img/rolling_girls.webp)
[List of Twelve Kingdoms characters](https://en.wikipedia.org/wiki/List_of_Twelve_Kingdoms_characters)
![](/_img/12kingdoms-1.webp)
![](/_img/12kingdoms-Youko-Rakushun.webp)
hosts/idols/ai/default.nix
+8 -29
View File
@@ -1,4 +1,4 @@
{config, ...} @ args:
{lanzaboote, ...} @ args:
#############################################################
#
# Ai - my main computer, with NixOS + I5-13600KF + RTX 4090 GPU, for gaming & daily use.
@@ -10,10 +10,13 @@
# Include the results of the hardware scan.
./hardware-configuration.nix
../../../modules/nixos/fhs-fonts.nix
./impermanence.nix
./secureboot.nix
# ../../../modules/nixos/fhs-fonts.nix
../../../modules/nixos/libvirt.nix
../../../modules/nixos/core-desktop.nix
# ../../../modules/nixos/remote-building.nix
../../../modules/nixos/remote-building.nix
../../../modules/nixos/user-group.nix
../../../secrets/nixos.nix
@@ -21,30 +24,6 @@
nixpkgs.overlays = import ../../../overlays args;
# Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
# supported fil systems, so we can mount any removable disks with these filesystems
boot.supportedFilesystems = [
"ext4"
"btrfs"
"xfs"
#"zfs"
"ntfs"
"fat"
"vfat"
"exfat"
"cifs" # mount windows share
];
# Bootloader.
boot.loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi"; # ← use the same mount point here.
};
systemd-boot.enable = true;
};
networking = {
hostName = "ai";
wireless.enable = false; # Enables wireless support via wpa_supplicant.
@@ -78,7 +57,7 @@
services.xserver.videoDrivers = ["nvidia"]; # will install nvidia-vaapi-driver by default
hardware.nvidia = {
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.stable;
# package = config.boot.kernelPackages.nvidiaPackages.stable;
# Modesetting is needed for most Wayland compositors
modesetting.enable = true;
@@ -104,5 +83,5 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
system.stateVersion = "23.11"; # Did you read the comment?
}
hosts/idols/ai/hardware-configuration.nix
+82 -7
View File
@@ -12,23 +12,98 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
# Use the EFI boot loader.
boot.loader.efi.canTouchEfiVariables = true;
# depending on how you configured your disk mounts, change this to /boot or /boot/efi.
boot.loader.efi.efiSysMountPoint = "/boot";
boot.loader.systemd-boot.enable = true;
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.kernelParams = [ "nvidia.NVreg_PreserveVideoMemoryAllocations=1" ];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/231466f6-cdf3-40e1-b9d2-6b4e8d10a4d3";
fsType = "btrfs";
options = ["subvol=@"];
# Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
# supported fil systems, so we can mount any removable disks with these filesystems
boot.supportedFilesystems = [
"ext4"
"btrfs"
"xfs"
"ntfs"
"fat"
"vfat"
"cifs" # mount windows share
];
boot.initrd = {
# unlocked luks devices via a keyfile or prompt a passphrase.
luks.devices."crypted-nixos" = {
device = "/dev/nvme0n1p2";
# the keyfile(or device partition) that should be used as the decryption key for the encrypted device.
# if not specified, you will be prompted for a passphrase instead.
#keyFile = "/root-part.key";
# whether to allow TRIM requests to the underlying device.
# it's less secure, but faster.
allowDiscards = true;
};
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/87ED-8B2E";
# equal to `mount -t tmpfs tmpfs /`
fileSystems."/" = {
device = "tmpfs";
fsType = "tmpfs";
# set mode to 755, otherwise systemd will set it to 777, which cause problems.
options = ["relatime" "mode=755"];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@nix" "noatime" "compress-force=zstd:1"];
};
fileSystems."/persistent" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@persistent" "compress-force=zstd:1"];
neededForBoot = true;
};
fileSystems."/snapshots" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@snapshots" "compress-force=zstd:1"];
};
# mount swap subvolume in readonly mode.
fileSystems."/swap" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@swap" "ro"];
};
# remount swapfile in read-write mode
fileSystems."/swap/swapfile" = {
# the swapfile is located in /swap subvolume, so we need to mount /swap first.
depends = ["/swap"];
device = "/swap/swapfile";
fsType = "none";
options = ["bind" "rw"];
};
fileSystems."/boot" = {
device = "/dev/nvme0n1p1";
fsType = "vfat";
};
swapDevices = [{device = "/dev/disk/by-uuid/17391ca0-8cdb-4598-a40b-fd9548fd9b37";}];
swapDevices = [
{device = "/swap/swapfile";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
hosts/idols/ai/impermanence.nix
+112
View File
@@ -0,0 +1,112 @@
{
impermanence,
pkgs,
...
}: {
imports = [
impermanence.nixosModules.impermanence
];
environment.systemPackages = [
# `sudo ncdu -x /`
pkgs.ncdu
];
# There are two ways to clear the root filesystem on every boot:
## 1. use tmpfs for /
## 2. (btrfs/zfs only)take a blank snapshot of the root filesystem and revert to it on every boot via:
## 3. boot.initrd.postDeviceCommands = ''
## mkdir -p /run/mymount
## mount -o subvol=/ /dev/disk/by-uuid/UUID /run/mymount
## btrfs subvolume delete /run/mymount
## btrfs subvolume snapshot / /run/mymount
## '';
#
# See also https://grahamc.com/blog/erase-your-darlings/
environment.persistence."/persistent" = {
# sets the mount option x-gvfs-hide on all the bind mounts
# to hide them from the file manager
hideMounts = true;
directories = [
"/etc/NetworkManager/system-connections"
"/etc/ssh"
"/etc/nix/inputs"
"/etc/secureboot" # lanzaboote - secure boot
# my secrets
"/etc/agenix/"
"/var/log"
"/var/lib"
# created by modules/nixos/fhs-fonts.nix
# for flatpak apps
# "/usr/share/fonts"
# "/usr/share/icons"
];
files = [
"/etc/machine-id"
];
users.ryan = {
directories = [
"codes"
"nix-config"
"tmp"
"Downloads"
"Music"
"Pictures"
"Documents"
"Videos"
{
directory = ".gnupg";
mode = "0700";
}
{
directory = ".ssh";
mode = "0700";
}
{
directory = ".aws";
mode = "0700";
}
{
directory = ".docker";
mode = "0700";
}
{
directory = ".kube";
mode = "0700";
}
# misc
".config/pulse"
".pki"
# remote desktop
".config/remmina"
".config/freerdp"
# browsers
".mozilla"
".config/google-chrome"
# neovim / remmina / flatpak / ...
".local/share"
".local/state"
# language package managers
".npm"
"go"
# neovim plugins(wakatime & copilot)
".wakatime"
".config/github-copilot"
];
files = [
".wakatime.cfg"
".config/nushell/history.txt"
];
};
};
}
hosts/idols/ai/secureboot.nix
+34
View File
@@ -0,0 +1,34 @@
{
pkgs,
lib,
lanzaboote,
...
}: {
# How to enter setup mode - msi motherboard
## 1. enter BIOS via [Del] Key
## 2. <Advance mode> => <Settings> => <Security> => <Secure Boot>
## 3. enable <Secure Boot>
## 4. set <Secure Boot Mode> to <Custom>
## 5. enter <Key Management>
## 6. select <Delete All Secure Boot Variables>, and then select <No> for <Reboot Without Saving>
## 7. Press F10 to saving and reboot.
imports = [
lanzaboote.nixosModules.lanzaboote
];
environment.systemPackages = [
# For debugging and troubleshooting Secure Boot.
pkgs.sbctl
];
# Lanzaboote currently replaces the systemd-boot module.
# This setting is usually set to true in configuration.nix
# generated at installation time. So we force it to false
# for now.
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
}
hosts/rolling_girls/chiaya/default.nix
+69
View File
@@ -0,0 +1,69 @@
{
config,
username,
# nixos-jh7110,
...
} @ args:
#############################################################
#
# Chiaya - NixOS Configuration for Milk-V Mars
#
# WIP, not working yet.
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# TODO
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "chiaya"; # Define your hostname.
wireless.enable = false;
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# milkv-mars RJ45 port
interfaces.end0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.106";
prefixLength = 24;
}
];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
hosts/rolling_girls/nozomi/default.nix
+102
View File
@@ -0,0 +1,102 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
#############################################################
#
# Nozomi - NixOS configuration for Lichee Pi 4A
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "nozomi"; # Define your hostname.
wireless = {
# https://wiki.archlinux.org/title/wpa_supplicant
enable = true;
# The path to the file containing the WPA passphrase.
# secrets are not supported well on riscv64, I nned to create this file manually.
# Format: "PSK_WEMEET_PRIVATE_WIFI=your_password"
environmentFile = "/etc/wpa_supplicant.env";
# The network definitions to automatically connect to when wpa_supplicant is running.
networks = {
# read WPAPSK from environmentFile
"shadow_light_ryan".psk = "@PSK_WEMEET_PRIVATE_WIFI@";
};
};
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# LPI4A's wireless interface
interfaces.wlan0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.104";
prefixLength = 24;
}
];
};
# LPI4A's first ethernet interface
# interfaces.end0 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.5.104";
# prefixLength = 24;
# }
# ];
# };
# LPI4A's second ethernet interface
# interfaces.end1 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.xx.xx";
# prefixLength = 24;
# }
# ];
# };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
hosts/rolling_girls/yukina/default.nix
+102
View File
@@ -0,0 +1,102 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
#############################################################
#
# Yukina - NixOS configuration for Lichee Pi 4A
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "yukina"; # Define your hostname.
wireless = {
# https://wiki.archlinux.org/title/wpa_supplicant
enable = true;
# The path to the file containing the WPA passphrase.
# secrets are not supported well on riscv64, I nned to create this file manually.
# Format: "PSK_WEMEET_PRIVATE_WIFI=your_password"
environmentFile = "/etc/wpa_supplicant.env";
# The network definitions to automatically connect to when wpa_supplicant is running.
networks = {
# read WPAPSK from environmentFile
"shadow_light_ryan".psk = "@PSK_WEMEET_PRIVATE_WIFI@";
};
};
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# LPI4A's wireless interface
interfaces.wlan0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.105";
prefixLength = 24;
}
];
};
# LPI4A's first ethernet interface
# interfaces.end0 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.5.105";
# prefixLength = 24;
# }
# ];
# };
# LPI4A's second ethernet interface
# interfaces.end1 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.xx.xx";
# prefixLength = 24;
# }
# ];
# };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
lib/README.md
+8
View File
@@ -0,0 +1,8 @@
# Library
Some helper functions, used by `flake.nix` to reduce code duplication and make it easier to add new machines:
1. `macosSystem.nix`: A function to generate config(attribute set) for macOS([nix-darwin](https://github.com/LnL7/nix-darwin)).
2. `nixosSystem.nix`: A function to generate config(attribute set) for NixOS.
3. `colmenaSystem.nix`: A function that generate config(another function) for remote deployment using [colmena](https://github.com/zhaofengli/colmena).
lib/colmenaSystem.nix
+40
View File
@@ -0,0 +1,40 @@
# colmena - Remote Deployment via SSH
{
nixpkgs,
home-manager,
specialArgs,
nixos-modules,
home-module ? null,
host_tags,
targetUser ? specialArgs.username,
}: let
username = specialArgs.username;
in
{ name, nodes, ... }: {
deployment = {
targetHost = name; # hostName or IP address
targetUser = targetUser;
tags = host_tags;
};
imports =
nixos-modules
++ [
{
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
# make `nix repl '<nixpkgs>'` use the same nixpkgs as the one used by this flake.
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"];
}
] ++ (if (home-module != null) then [
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = specialArgs;
home-manager.users."${username}" = home-module;
}
] else []);
}
lib/macosSystem.nix
+11 -1
View File
@@ -1,4 +1,5 @@
{
nixpkgs,
nix-darwin,
home-manager,
system,
@@ -13,11 +14,20 @@ in
modules =
darwin-modules
++ [
{
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
# make `nix repl '<nixpkgs>'` use the same nixpkgs as the one used by this flake.
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"];
}
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = specialArgs;
home-manager.users."${username}" = home-module;
}
lib/nixosSystem.nix
+9
View File
@@ -14,6 +14,15 @@ in
modules =
nixos-modules
++ [
{
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
# make `nix repl '<nixpkgs>'` use the same nixpkgs as the one used by this flake.
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"];
}
nixos-generators.nixosModules.all-formats
{
# formatConfigs.iso = {config, ...}: {};
modules/darwin/apps.nix
+17 -2
View File
@@ -20,6 +20,8 @@
neovim
git
nushell # my custom shell
gnugrep # replacee macos's grep
gnutar # replacee macos's tar
];
environment.variables.EDITOR = "nvim";
@@ -42,8 +44,6 @@
# homebrew need to be installed manually, see https://brew.sh
homebrew = {
# TODO Homebrew install takes a long time,
# So only enable this when you make changes.
enable = true;
onActivation = {
@@ -83,6 +83,7 @@
"aria2" # download tool
"httpie" # http client
"wireguard-tools" # wireguard
"mitmproxy"
# Usage:
# https://github.com/tailscale/tailscale/wiki/Tailscaled-on-macOS#run-the-tailscaled-daemon
@@ -92,10 +93,22 @@
# https://github.com/rgcr/m-cli
"m-cli" #  Swiss Army Knife for macOS
"proxychains-ng"
# commands like `gsed` `gtar` are required by some tools
"gnu-sed"
"gnu-tar"
# misc that nix do not have cache for.
"git-trim"
"terraform"
"terraformer"
];
# `brew install --cask`
casks = [
"wezterm"
"squirrel" # input method for Chinese, rime-squirrel
"firefox"
@@ -118,10 +131,12 @@
"iglance" # beautiful system monitor
"eudic" # 欧路词典
# "reaper" # audio editor
"sonic-pi" # music programming
# Development
"insomnia" # REST client
"wireshark" # network analyzer
"temurin17" # JDK 17
"jdk-mission-control" # Java Mission Control
"google-cloud-sdk" # Google Cloud SDK
];
modules/darwin/nix-core.nix
+7 -4
View File
@@ -32,10 +32,13 @@
# do garbage collection weekly to keep disk usage low
nix.gc = {
automatic = lib.mkDefault true;
options = lib.mkDefault "--delete-older-than 1w";
options = lib.mkDefault "--delete-older-than 7d";
};
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
nix.settings.auto-optimise-store = true;
# Disable auto-optimise-store because of this issue:
# https://github.com/NixOS/nix/issues/7273
# "error: cannot link '/nix/store/.tmp-link-xxxxx-xxxxx' to '/nix/store/.links/xxxx': File exists"
nix.settings = {
auto-optimise-store = false;
};
}
modules/darwin/system.nix
+20 -3
View File
@@ -24,8 +24,10 @@
# customize dock
dock = {
autohide = true;
show-recents = false; # disable recent apps
autohide = true; # automatically hide and show the dock
show-recents = false; # do not show recent apps in dock
# do not automatically rearrange spaces based on most recent use.
mru-spaces = false;
# customize Hot Corners(触发角, 鼠标移动到屏幕角落时触发的动作)
wvous-tl-corner = 2; # top-left - Mission Control
@@ -78,7 +80,12 @@
};
# customize settings that not supported by nix-darwin directly
# see the source code of https://github.com/rgcr/m-cli to get all the available options
CustomUserPreferences = {
".GlobalPreferences" = {
# automatically switch to a new space when switching to the application
AppleSpacesSwitchOnActivate = true;
};
NSGlobalDomain = {
# Add a context menu item for showing the Web Inspector in web views
WebKitDeveloperExtras = true;
@@ -144,14 +151,24 @@
# Fonts
fonts = {
# use fonts specified by user rather than default ones
# will be removed after this PR is merged:
# https://github.com/LnL7/nix-darwin/pull/754
fontDir.enable = true;
# will change to `fonts.packages` after this PR is merged:
# https://github.com/LnL7/nix-darwin/pull/754
fonts = with pkgs; [
# packages = with pkgs; [
# icon fonts
material-design-icons
font-awesome
# 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的
source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro,以及带字重的变体,加上 Source Sans 3 VF
source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro,以及带字重的变体
source-han-sans # 思源黑体
source-han-serif # 思源宋体
# nerdfonts
(nerdfonts.override {
fonts = [
modules/nixos/core-desktop.nix
+159 -147
View File
@@ -1,6 +1,8 @@
{
config,
lib,
pkgs,
pkgs-unstable,
...
}: {
###################################################################################
@@ -16,16 +18,164 @@
# to install chrome, you need to enable unfree packages
nixpkgs.config.allowUnfree = lib.mkForce true;
# Enable CUPS to print documents.
services.printing.enable = true;
# add user's shell into /etc/shells
environment.shells = with pkgs; [
bash
nushell
];
# set user's default shell system-wide
users.defaultUserShell = pkgs.nushell;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
parted
ventoy
# python, some times I may need to use python with root permission.
(python310.withPackages (ps:
with ps; [
ipython
pandas
requests
pyquery
pyyaml
]
))
psmisc # killall/pstree/prtstat/fuser/...
colmena # nixos's remote deployment tool
pulseaudio # provides `pactl`, which is required by some apps(e.g. sonic-pi)
];
programs = {
# android development tools, this will install adb/fastboot and other android tools and udev rules
# see https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/programs/adb.nix
adb.enable = true;
# The OpenSSH agent remembers private keys for you
# so that you dont have to type in passphrases every time you make an SSH connection.
# Use `ssh-add` to add a key to the agent.
ssh.startAgent = true;
# dconf is a low-level configuration system.
dconf.enable = true;
};
# A key remapping daemon for linux.
# https://github.com/rvaiya/keyd
services.keyd = {
enable = true;
keyboards = {
default = {
settings = {
main = {
# overloads the capslock key to function as both escape (when tapped) and control (when held)
capslock = "overload(control, esc)";
};
};
};
};
};
# PipeWire is a new low-level multimedia framework.
# It aims to offer capture and playback for both audio and video with minimal latency.
# It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications.
# PipeWire has a great bluetooth support, it can be a good alternative to PulseAudio.
# https://nixos.wiki/wiki/PipeWire
services.pipewire = {
enable = true;
# package = pkgs-unstable.pipewire;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
jack.enable = true;
wireplumber.enable = true;
};
# rtkit is optional but recommended
security.rtkit.enable = true;
# Remove sound.enable or turn it off if you had it set previously, it seems to cause conflicts with pipewire
sound.enable = false;
# Disable pulseaudio, it conflicts with pipewire too.
hardware.pulseaudio.enable = false;
# enable bluetooth & gui paring tools - blueman
# or you can use cli:
# $ bluetoothctl
# [bluetooth] # power on
# [bluetooth] # agent on
# [bluetooth] # default-agent
# [bluetooth] # scan on
# ...put device in pairing mode and wait [hex-address] to appear here...
# [bluetooth] # pair [hex-address]
# [bluetooth] # connect [hex-address]
# Bluetooth devices automatically connect with bluetoothctl as well:
# [bluetooth] # trust [hex-address]
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# security with polkit
services.power-profiles-daemon = {
enable = true;
};
security.polkit.enable = true;
# security with gnome-kering
services.gnome.gnome-keyring.enable = true;
security.pam.services.greetd.enableGnomeKeyring = true;
services = {
# Enable CUPS to print documents.
printing.enable = true;
# https://flatpak.org/setup/NixOS
flatpak.enable = true;
dbus.packages = [pkgs.gcr];
geoclue2.enable = true;
udev.packages = with pkgs; [
gnome.gnome-settings-daemon
platformio # udev rules for platformio
openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895
android-udev-rules
openfpgaloader
];
};
xdg.portal = {
enable = true;
config = {
common = {
# Use xdg-desktop-portal-gtk for every portal interface...
default = [
"gtk"
];
# except for the secret portal, which is handled by gnome-keyring
"org.freedesktop.impl.portal.Secret" = [
"gnome-keyring"
];
};
};
# Sets environment variable NIXOS_XDG_OPEN_USE_PORTAL to 1
# This will make xdg-open use the portal to open programs,
# which resolves bugs involving programs opening inside FHS envs or with unexpected env vars set from wrappers.
# xdg-open is used by almost all programs to open a unknown file/uri
# alacritty as an example, it use xdg-open as default, but you can also custom this behavior
# and vscode has open like `External Uri Openers`
xdgOpenUsePortal = false;
extraPortals = with pkgs; [
xdg-desktop-portal-gtk # for gtk
# xdg-desktop-portal-kde # for kde
];
};
# all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts
fonts = {
# use fonts specified by user rather than default ones
enableDefaultFonts = false;
enableDefaultPackages = false;
fontDir.enable = true;
fonts = with pkgs; [
packages = with pkgs; [
# icon fonts
material-design-icons
font-awesome
@@ -60,153 +210,15 @@
# the reason there's Noto Color Emoji everywhere is to override DejaVu's
# B&W emojis that would sometimes show instead of some Color emojis
fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Color Emoji"];
sansSerif = ["Noto Sans" "Noto Color Emoji"];
serif = ["Noto Serif CJK SC" "Noto Serif CJK TC" "Noto Serif CJK JP" "Noto Color Emoji"];
sansSerif = ["Noto Sans CJK SC" "Noto Sans CJK TC" "Noto Sans CJK JP" "Noto Color Emoji"];
monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"];
emoji = ["Noto Color Emoji"];
};
};
# dconf is a low-level configuration system.
programs.dconf.enable = true;
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "no"; # disable root login
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
environment.variables = {
# fix https://github.com/NixOS/nixpkgs/issues/238025
TZ = "${config.time.timeZone}";
};
# The OpenSSH agent remembers private keys for you
# so that you dont have to type in passphrases every time you make an SSH connection.
# Use `ssh-add` to add a key to the agent.
programs.ssh.startAgent = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
# python, some times I may need to use python with root permission.
(python310.withPackages (ps:
with ps; [
ipython
pandas
requests
pyquery
pyyaml
]))
];
# PipeWire is a new low-level multimedia framework.
# It aims to offer capture and playback for both audio and video with minimal latency.
# It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications.
# PipeWire has a great bluetooth support, it can be a good alternative to PulseAudio.
# https://nixos.wiki/wiki/PipeWire
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
# jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
# rtkit is optional but recommended
security.rtkit.enable = true;
# Remove sound.enable or turn it off if you had it set previously, it seems to cause conflicts with pipewire
sound.enable = false;
# Disable pulseaudio, it conflicts with pipewire too.
hardware.pulseaudio.enable = false;
# enable bluetooth & gui paring tools - blueman
# or you can use cli:
# $ bluetoothctl
# [bluetooth] # power on
# [bluetooth] # agent on
# [bluetooth] # default-agent
# [bluetooth] # scan on
# ...put device in pairing mode and wait [hex-address] to appear here...
# [bluetooth] # pair [hex-address]
# [bluetooth] # connect [hex-address]
# Bluetooth devices automatically connect with bluetoothctl as well:
# [bluetooth] # trust [hex-address]
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# https://flatpak.org/setup/NixOS
services.flatpak.enable = true;
# security with polkit
services.power-profiles-daemon = {
enable = true;
};
security.polkit.enable = true;
# security with gnome-kering
services.gnome.gnome-keyring.enable = true;
security.pam.services.greetd.enableGnomeKeyring = true;
# A key remapping daemon for linux.
# https://github.com/rvaiya/keyd
services.keyd = {
enable = true;
settings = {
main = {
# overloads the capslock key to function as both escape (when tapped) and control (when held)
capslock = "overload(control, esc)";
};
};
};
services = {
dbus.packages = [pkgs.gcr];
geoclue2.enable = true;
udev.packages = with pkgs; [
gnome.gnome-settings-daemon
platformio # udev rules for platformio
openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895
android-udev-rules
];
};
# android development tools, this will install adb/fastboot and other android tools and udev rules
# see https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/programs/adb.nix
programs.adb.enable = true;
xdg.portal = {
enable = true;
wlr.enable = true;
# Sets environment variable NIXOS_XDG_OPEN_USE_PORTAL to 1
# This will make xdg-open use the portal to open programs,
# which resolves bugs involving programs opening inside FHS envs or with unexpected env vars set from wrappers.
# xdg-open is used by almost all programs to open a unknown file/uri
# alacritty as an example, it use xdg-open as default, but you can also custom this behavior
# and vscode has open like `External Uri Openers`
xdgOpenUsePortal = false;
extraPortals = with pkgs; [
xdg-desktop-portal-wlr # for wlroots based compositors(hyprland/sway)
xdg-desktop-portal-gtk # for gtk
# xdg-desktop-portal-kde # for kde
];
};
# add user's shell into /etc/shells
environment.shells = with pkgs; [
bash
nushell
];
# set user's default shell system-wide
users.defaultUserShell = pkgs.nushell;
}
modules/nixos/core-riscv64.nix
+74
View File
@@ -0,0 +1,74 @@
{config, pkgs, nixpkgs, ...}: {
# =========================================================================
# Base NixOS Configuration
# =========================================================================
# Set your time zone.
time.timeZone = "Asia/Shanghai";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
nix.settings = {
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
auto-optimise-store = true;
builders-use-substitutes = true;
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
#
# TODO feel free to add or remove packages here.
environment.systemPackages = with pkgs; [
neovim
# networking
mtr # A network diagnostic tool
iperf3 # A tool for measuring TCP and UDP bandwidth performance
nmap # A utility for network discovery and security auditing
ldns # replacement of dig, it provide the command `drill`
socat # replacement of openbsd-netcat
tcpdump # A powerful command-line packet analyzer
# archives
zip
xz
unzip
p7zip
zstd
gnutar
# misc
file
which
tree
gnused
gawk
tmux
docker-compose
];
# replace default editor with neovim
environment.variables.EDITOR = "nvim";
virtualisation.docker = {
enable = true;
# start dockerd on boot.
# This is required for containers which are created with the `--restart=always` flag to work.
enableOnBoot = true;
};
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "prohibit-password"; # disable root login with password
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
};
}
modules/nixos/core-server.nix
+19 -13
View File
@@ -16,15 +16,17 @@
nix.gc = {
automatic = lib.mkDefault true;
dates = lib.mkDefault "weekly";
options = lib.mkDefault "--delete-older-than 1w";
options = lib.mkDefault "--delete-older-than 7d";
};
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
nix.settings.auto-optimise-store = true;
# enable flakes globally
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings = {
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
auto-optimise-store = true;
builders-use-substitutes = true;
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
};
# Allow unfree packages
nixpkgs.config.allowUnfree = lib.mkDefault false;
@@ -62,6 +64,13 @@
};
openFirewall = true;
};
# for power management
services = {
power-profiles-daemon = {
enable = true;
};
upower.enable = true;
};
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -94,11 +103,8 @@
virtualisation.docker = {
enable = true;
# start dockerd on boot.
# This is required for containers which are created with the `--restart=always` flag to work.
enableOnBoot = true;
};
# for power management
services.power-profiles-daemon = {
enable = true;
};
services.upower.enable = true;
}
modules/nixos/fhs-fonts.nix
+1 -1
View File
@@ -22,7 +22,7 @@
};
aggregatedFonts = pkgs.buildEnv {
name = "system-fonts";
paths = config.fonts.fonts;
paths = config.fonts.packages;
pathsToLink = ["/share/fonts"];
};
in {
modules/nixos/hyprland.nix
+48 -28
View File
@@ -1,4 +1,4 @@
{pkgs, ...}: {
{pkgs, hyprland, ...}: {
##########################################################################################################
#
# NixOS's Configuration for Hyprland Window Manager
@@ -9,43 +9,60 @@
#
##########################################################################################################
environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw
services.xserver = {
imports = [
# hyprland.nixosModules.default
];
xdg.portal = {
enable = true;
wlr.enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-wlr
];
};
desktopManager = {
xterm.enable = false;
};
environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw
services = {
gvfs.enable = true; # Mount, trash, and other functionalities
tumbler.enable = true; # Thumbnail support for images
xserver = {
enable = true;
displayManager = {
defaultSession = "hyprland";
lightdm.enable = false;
gdm = {
enable = true;
wayland = true;
desktopManager = {
xterm.enable = false;
};
displayManager = {
defaultSession = "hyprland";
lightdm.enable = false;
gdm = {
enable = true;
wayland = true;
};
};
};
};
programs.hyprland = {
enable = true;
xwayland = {
programs = {
hyprland = {
enable = true;
hidpi = true;
xwayland = {
enable = true;
};
enableNvidiaPatches = true;
};
nvidiaPatches = true;
};
programs.light.enable = true; # monitor backlight control
# monitor backlight control
light.enable = true;
# thunar file manager(part of xfce) related options
programs.thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
services.gvfs.enable = true; # Mount, trash, and other functionalities
services.tumbler.enable = true; # Thumbnail support for images
# thunar file manager(part of xfce) related options
thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -56,13 +73,13 @@
swaylock # locking the screen
wlogout # logout menu
wl-clipboard # copying and pasting
hyprpicker # color picker
wf-recorder # creen recording
grim # taking screenshots
slurp # selecting a region to screenshot
# TODO replace by `flameshot gui --raw | wl-copy`
wofi # A rofi inspired launcher for wlroots compositors such as sway/hyprland
mako # the notification daemon, the same as dunst
yad # a fork of zenity, for creating dialogs
@@ -76,4 +93,7 @@
xfce.thunar # xfce4's file manager
];
# fix https://github.com/ryan4yin/nix-config/issues/10
security.pam.services.swaylock = {};
}
modules/nixos/i3.nix
+45 -41
View File
@@ -7,48 +7,54 @@
# i3 related options
environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw
services.xserver = {
enable = true;
desktopManager = {
xterm.enable = false;
};
displayManager = {
defaultSession = "none+i3";
lightdm.enable = false;
gdm.enable = true;
};
windowManager.i3 = {
services = {
gvfs.enable = true; # Mount, trash, and other functionalities
tumbler.enable = true; # Thumbnail support for images
xserver = {
enable = true;
extraPackages = with pkgs; [
rofi # application launcher, the same as dmenu
dunst # notification daemon
i3blocks # status bar
i3lock # default i3 screen locker
xautolock # lock screen after some time
i3status # provide information to i3bar
i3-gaps # i3 with gaps
picom # transparency and shadows
feh # set wallpaper
acpi # battery information
arandr # screen layout manager
dex # autostart applications
xbindkeys # bind keys to commands
xorg.xbacklight # control screen brightness, the same as light
xorg.xdpyinfo # get screen information
scrot # minimal screen capture tool, used by i3 blur lock to take a screenshot
sysstat # get system information
alsa-utils # provides amixer/alsamixer/...
xfce.thunar # xfce4's file manager
];
desktopManager = {
xterm.enable = false;
};
displayManager = {
defaultSession = "none+i3";
lightdm.enable = false;
gdm.enable = true;
};
windowManager.i3 = {
enable = true;
extraPackages = with pkgs; [
rofi # application launcher, the same as dmenu
dunst # notification daemon
i3blocks # status bar
i3lock # default i3 screen locker
xautolock # lock screen after some time
i3status # provide information to i3bar
i3-gaps # i3 with gaps
picom # transparency and shadows
feh # set wallpaper
xcolor # color picker
acpi # battery information
arandr # screen layout manager
dex # autostart applications
xbindkeys # bind keys to commands
xorg.xbacklight # control screen brightness, the same as light
xorg.xdpyinfo # get screen information
scrot # minimal screen capture tool, used by i3 blur lock to take a screenshot
sysstat # get system information
alsa-utils # provides amixer/alsamixer/...
xfce.thunar # xfce4's file manager
];
};
# Configure keymap in X11
layout = "us";
xkbVariant = "";
};
# Configure keymap in X11
layout = "us";
xkbVariant = "";
};
# thunar file manager(part of xfce) related options
@@ -56,6 +62,4 @@
thunar-archive-plugin
thunar-volman
];
services.gvfs.enable = true; # Mount, trash, and other functionalities
services.tumbler.enable = true; # Thumbnail support for images
}
modules/nixos/libvirt.nix
+1 -7
View File
@@ -19,7 +19,7 @@
};
programs.dconf.enable = true;
environment.systemPackages = with pkgs; [
# Need to add [File (in the menu bar) -> Add connection] after start the first time
# Need to add [File (in the menu bar) -> Add connection] when start for the first time
virt-manager
# QEMU/KVM, provides:
@@ -42,10 +42,4 @@
# Enable nested virsualization, required by security containers and nested vm.
boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu
# boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu
# NixOS VM should enable this:
# services.qemuGuest = {
# enable = true;
# package = pkgs.qemu_kvm.ga;
# };
}
modules/nixos/remote-building.nix
+49 -31
View File
@@ -36,34 +36,34 @@
in [
# Nix seems always try to build on the machine remotely
# to make use of the local machine's high-performance CPU, do not set remote builder's maxJobs too high.
{
# some of my remote builders are running NixOS
# and has the same sshUser, sshKey, systems, etc.
inherit sshUser sshKey systems supportedFeatures;
# the hostName should be:
# 1. a hostname that can be resolved by DNS
# 2. the ip address of the remote builder
# 3. a host alias defined globally in /etc/ssh/ssh_config
hostName = "aquamarine";
# remote builder's max-job
maxJobs = 3;
# speedFactor's a signed integer
# but it seems that it's not used by Nix, takes no effect
speedFactor = 1;
}
{
inherit sshUser sshKey systems supportedFeatures;
hostName = "ruby";
maxJobs = 2;
speedFactor = 1;
}
{
inherit sshUser sshKey systems supportedFeatures;
hostName = "kana";
maxJobs = 2;
speedFactor = 1;
}
# {
# # some of my remote builders are running NixOS
# # and has the same sshUser, sshKey, systems, etc.
# inherit sshUser sshKey systems supportedFeatures;
#
# # the hostName should be:
# # 1. a hostname that can be resolved by DNS
# # 2. the ip address of the remote builder
# # 3. a host alias defined globally in /etc/ssh/ssh_config
# hostName = "aquamarine";
# # remote builder's max-job
# maxJobs = 3;
# # speedFactor's a signed integer
# # but it seems that it's not used by Nix, takes no effect
# speedFactor = 1;
# }
# {
# inherit sshUser sshKey systems supportedFeatures;
# hostName = "ruby";
# maxJobs = 2;
# speedFactor = 1;
# }
# {
# inherit sshUser sshKey systems supportedFeatures;
# hostName = "kana";
# maxJobs = 2;
# speedFactor = 1;
# }
];
# optional, useful when the builder has a faster internet connection than yours
nix.extraOptions = ''
@@ -73,6 +73,7 @@
# define the host alias for remote builders
# this config will be written to /etc/ssh/ssh_config
programs.ssh.extraConfig = ''
# idols
Host ai
HostName 192.168.5.100
Port 22
@@ -88,6 +89,23 @@
Host kana
HostName 192.168.5.103
Port 22
# rolling girls
Host nozomi
HostName 192.168.5.104
Port 22
Host yukina
HostName 192.168.5.105
Port 22
Host chiaya
HostName 192.168.5.106
Port 22
Host suzu
HostName 192.168.5.107
Port 22
'';
# define the host key for remote builders so that nix can verify all the remote builders
@@ -96,19 +114,19 @@
# 星野 愛久愛海, Hoshino Aquamarine
aquamarine = {
hostNames = ["aquamarine" "192.168.5.101"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDnCQXlllHoLX5EvU+t6yP/npsmuxKt0skHVeJashizE";
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO0EzzjnuHBE9xEOZupLmaAj9xbYxkUDeLbMqFZ7YPjU";
};
# 星野 瑠美衣, Hoshino Rubii
ruby = {
hostNames = ["ruby" "192.168.5.102"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7n11XxB8B3HjdyAsL3PuLVDZxWCzEOUTJAY8+goQmW";
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrDXNQXELnbevZ1rImfXwmQHkRcd3TDNLsQo33c2tUf";
};
# 有馬 かな, Arima Kana
kana = {
hostNames = ["kana" "192.168.5.103"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ3dDLOZERP1nZfRz3zIeVDm1q2Trer+fWFVvVXrgXM1";
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJMVX05DQD1XJ0AqFZzsRsqgeUOlZ4opAI+8tkVXyjq+";
};
};
}
modules/nixos/user-group.nix
+17 -3
View File
@@ -3,15 +3,27 @@
{
nix.settings.trusted-users = [username];
# Don't allow mutation of users outside the config.
users.mutableUsers = false;
users.groups = {
"${username}" = {};
docker = {};
wireshark = {};
# for android platform tools's udev rules
adbusers ={};
dialout = {};
# for openocd (embedded system development)
plugdev = {};
# misc
uinput = {};
};
# Define a user account. Don't forget to set a password with passwd.
users.users."${username}" = {
# the hashed password with salt is generated by run `mkpasswd`.
hashedPassword = "$y$j9T$YQu5vhlnogjDFDWp9QkPh0$Eu85OiwllqvLg5fzRVMLVHNO7InA3ro8grTJJIepyH1";
# generated by `mkpasswd -m scrypt`
# we have to use initialHashedPassword here, if your'are using tmpfs for /
initialHashedPassword = "$7$CU..../....Sdl/JRH..9eIvZ6mE/52r.$xeR6lyvTcVVKt28Owcoc/vPOOECcYSiq1xjw/QCz2t0";
home = "/home/${username}";
isNormalUser = true;
description = username;
@@ -27,8 +39,10 @@
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDiipi59EnVbi6bK1bGrcbfEM263wgdNfbrt6VBC1rHx ryan@ai-idols"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII7PTkP3ixXTZlrJNSHnXgkmHNT+QslFi9wNYXOpVwGB ryan@harmonica"
];
};
users.users.root.initialHashedPassword = "$7$CU..../....X6uvZYnFD.i1CqqFFNl4./$4vgqzIPyw5XBr0aCDFbY/UIRRJr7h5SMGoQ/ZvX3FP2";
# DO NOT promote the specified user to input password for `nix-store` and `nix-copy-closure`
security.sudo.extraRules = [
overlays/fcitx5/README.md
-2
View File
@@ -2,8 +2,6 @@
Useful for Linux(fcitx5-rime) & macOS(squirrel).
## Hisotry Problems
## Linux(fcitx5-rime)
1. pay attention to the `rm -rf .local/share/fcitx5/rime/`, which may contains some auto generated rime config files, which may cause flypy not the default scheme for rime
overlays/fcitx5/rime-data-flypy/share/rime-data/flypy_user.txt
+106 -1
View File
@@ -15,8 +15,113 @@
# 简词补全放本文件内,不需要可删除
# 用户词库,下行开始添加,编码格式见上,部署后生效
# 符号
# [自定义]我的个人信息
xiaoyin_c@qq.com mail
ryan4yin@linux.com mail
https://thiscute.world blog
# [自定义]常用符号
## 小鹤内置常用符号快捷键: https://xgr313l2jy.k.topthink.com/@xhrm/fh.html
α alpa
β beta
γ gama
δ delt
Δ delt
ε epsn
ζ zeta
η eta
θ thet
ι iota
κ kapp
λ lamb
Ω omeg
ω omeg
Σ sigm
· dott
μ muuu
Π piii
Φ phii
Ψ psii
# [自定义]补充缺失单字
靐 bkyt
伕 furf
颪 gxxi
嘦 jnkn
咭 jikk
槑 mwkm
妳 ninx
兲 tmwb
卍 wjvl
囍 xiuk
矽 xiux
怣 yzux
臝 lowf
勅 iiul
吋 cykc
呎 iiki
毬 qqmq
氽 tyru
搨 tafx
垝 gvtv
毚 ijdd
鹥 yikn
穀 guuy
寔 uibr
惸 qsxz
櫜 gcam
蓫 vucu
巘 yjeq
霑 vjyk
霂 muym
炁 qiah
谘 ziyk
棔 hymo
盻 pjov
搕 kefm
搇 qbfy
砅 liuu
阺 died
垅 lstl
雝 ysvf
蹓 lqzt
豗 hvwu
# [自定义]补充四码词组
电感 dmgj
二极管 ejgr
二叉树 eiuu
方差 fhia
红黑 hshw
差分 iaff
充要 isyc
重载 iszd
卷积 jrji
链表 lmbn
滤波 lvbo
内插 nwia
逆序 nixu
耦合 ouhe
攀爬 pjpa
频域 pbyu
频谱 pbpu
曲率 qulv
弱光 rogl
三极管 sjgr
微分 wwff
涡流 wolq
增益 zgyi
字符串 zfir
矩形 juxk
接口 jpkz
契约 qiyt
术语 uuyu
## [custom]补充二三码词组
输入 ur
古诗 guu
共轭 gse
树状 uuv
# 全码词
杯子 bwzi
secrets/README.md
+6 -2
View File
@@ -101,7 +101,6 @@ First, add your own private `nix-secrets` repository and `agenix` as a flake inp
};
};
}
}
```
Then, create `./secrets/default.nix` with the following content:
@@ -121,7 +120,7 @@ Then, create `./secrets/default.nix` with the following content:
];
age.secrets."xxx" = {
# wether secrets are symlinked to age.secrets.<name>.path
# whether secrets are symlinked to age.secrets.<name>.path
symlink = true;
# target path for decrypted file
path = "/etc/xxx/";
@@ -141,3 +140,8 @@ NOTE: By default, `age.identityPaths` is set to `~/.ssh/id_ed25519` and `~/.ssh/
so make sure to place your decryption keys there.
If you're deploying to the same machine from which you encrypted the secrets, it should work out of the box.
## Other Replacements
- [ragenix](https://github.com/yaxitech/ragenix): A Rust reimplementation of agenix.