starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-05-28 18:39:31 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity

Compare commits

base: starred/nix-config:v0.1.1
Branches Tags
starred/nix-config:main starred/nix-config:dma-shell starred/nix-config:i3-kickstarter
starred/nix-config:v0.15.0 starred/nix-config:v0.14.0 starred/nix-config:v0.13.0 starred/nix-config:v0.12.0 starred/nix-config:v0.11.0 starred/nix-config:v0.10.0 starred/nix-config:v0.9.0 starred/nix-config:v0.8.0 starred/nix-config:v0.7.0 starred/nix-config:v0.6.0 starred/nix-config:v0.5.5 starred/nix-config:v0.5.4 starred/nix-config:v0.5.3 starred/nix-config:v0.5.2 starred/nix-config:v0.5.1 starred/nix-config:v0.5.0 starred/nix-config:v0.4.5 starred/nix-config:v0.4.4 starred/nix-config:v0.4.3 starred/nix-config:v0.4.2 starred/nix-config:v0.4.1 starred/nix-config:v0.4.0 starred/nix-config:v0.3.0 starred/nix-config:v0.2.2 starred/nix-config:v0.2.1 starred/nix-config:v0.2.0 starred/nix-config:v0.1.1 starred/nix-config:v0.1.0 starred/nix-config:v0.0.5 starred/nix-config:v0.0.4 starred/nix-config:v0.0.3 starred/nix-config:v0.0.2 starred/nix-config:v0.0.1
..
compare: starred/nix-config:v0.2.1
Branches Tags
starred/nix-config:main starred/nix-config:dma-shell starred/nix-config:i3-kickstarter
starred/nix-config:v0.15.0 starred/nix-config:v0.14.0 starred/nix-config:v0.13.0 starred/nix-config:v0.12.0 starred/nix-config:v0.11.0 starred/nix-config:v0.10.0 starred/nix-config:v0.9.0 starred/nix-config:v0.8.0 starred/nix-config:v0.7.0 starred/nix-config:v0.6.0 starred/nix-config:v0.5.5 starred/nix-config:v0.5.4 starred/nix-config:v0.5.3 starred/nix-config:v0.5.2 starred/nix-config:v0.5.1 starred/nix-config:v0.5.0 starred/nix-config:v0.4.5 starred/nix-config:v0.4.4 starred/nix-config:v0.4.3 starred/nix-config:v0.4.2 starred/nix-config:v0.4.1 starred/nix-config:v0.4.0 starred/nix-config:v0.3.0 starred/nix-config:v0.2.2 starred/nix-config:v0.2.1 starred/nix-config:v0.2.0 starred/nix-config:v0.1.1 starred/nix-config:v0.1.0 starred/nix-config:v0.0.5 starred/nix-config:v0.0.4 starred/nix-config:v0.0.3 starred/nix-config:v0.0.2 starred/nix-config:v0.0.1

174 Commits
v0.1.1 .. v0.2.1

Author SHA1 Message Date
Ryan Yin e3a17925f2 fix: nix optimise storage 2023-12-09 16:37:54 +08:00
Ryan Yin c170e251ac fix: nixConfig.extra-sbustituers https://github.com/ryan4yin/nixos-and-flakes-book/discussions/62#discussioncomment-7805510 2023-12-09 14:18:19 +08:00
Ryan Yin ec1747707b fix: terminfo 2023-12-08 17:50:32 +08:00
Ryan Yin 56f2abc737 fix: terminfo error on macOS 2023-12-08 14:24:44 +08:00
Ryan Yin cb6f46aea8 fix: syntax error, optimise tmux 2023-12-07 22:38:04 +08:00
Ryan Yin dfab5ddacc fix: TERM and TERMINFO 2023-12-07 22:02:01 +08:00
Ryan Yin 0e2faec44f docs: wezterm crash with the latest hyprland 2023-12-07 21:12:17 +08:00
Ryan Yin 88671c40e7 Merge pull request #27 from ryan4yin/fix-nushell-neovim 
fix: environment variables missed in nushell
 2023-12-07 20:10:01 +08:00
Ryan Yin 9f59301a0e fix: environment variables missed in nushell 
fix: https://github.com/ryan4yin/nix-config/issues/26
 2023-12-07 13:10:15 +08:00
Ryan Yin d13a353921 revert: shell wrapper for neovim's terminal still useless on macOS 2023-12-07 10:47:08 +08:00
Ryan Yin 989989ecc6 docs: update comments 2023-12-07 10:39:03 +08:00
Ryan Yin 0a66a3b0a3 docs: comment for nvim-shell 2023-12-07 00:27:30 +08:00
Ryan Yin be036118ca feat: optimise autosave.nvim 2023-12-06 23:50:07 +08:00
Ryan Yin 601fcafd31 fix: autosave.nvim & yazi 2023-12-06 23:07:01 +08:00
Ryan Yin 087d38487c feat: access extraPackages in neovim's terminal - add a shell wrapper 2023-12-06 22:39:10 +08:00
Ryan Yin b0e481a1f1 fix: package collisions 2023-12-06 11:45:26 +08:00
Ryan Yin 1ca7607814 feat: update yazi, add tools for java development 2023-12-05 21:05:37 +08:00
Ryan Yin 59ea29a7ab feat: auto chmod agenix's secrets on darwin 2023-12-05 12:12:32 +08:00
Ryan Yin 486a3b343c feat: disable flatpak 2023-12-05 12:01:07 +08:00
Ryan Yin 3b7772712e docs: update README 2023-12-05 11:44:19 +08:00
Ryan Yin 37b34beca4 feat: enable waydroid & lxd 2023-12-05 11:18:15 +08:00
Ryan Yin ef60e7bf91 fix: warning for i3wm - xdg-portal 2023-12-03 01:10:36 +08:00
Ryan Yin 05bfd2df13 fix: persistent files 2023-12-03 00:40:13 +08:00
Ryan Yin 9d00eb39f9 fix: pipewire-pulse.service failed to start 2023-12-02 23:56:45 +08:00
Ryan Yin 30a9619f2c feat: add groups for udev rules 2023-12-02 23:50:56 +08:00
Ryan Yin da2ab6f86b fix: docker storage driver - btrfs 2023-12-02 22:57:35 +08:00
Ryan Yin 7c61a58808 feat: secureboot 2023-12-02 22:46:52 +08:00
ryan4yin 67c62534e8 feat: impermanence 2023-12-02 20:56:50 +08:00
Ryan Yin 26dc7bb149 fix: wezterm's chinese font on macOS 2023-12-01 16:42:21 +08:00
Ryan Yin a1120fd930 Merge pull request #22 from zhpjy/main 
修正简体中文显示为异体(日文)字形问题
 2023-12-01 16:41:14 +08:00
zhpjy 13c72a8256 修正简体中文显示为异体(日文)字形问题 
参考:https://wiki.archlinuxcn.org/wiki/%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E6%9C%AC%E5%9C%B0%E5%8C%96#%E4%B9%B1%E7%A0%81%E9%97%AE%E9%A2%98:~:text=%E5%AD%97%E4%BD%93%E8%B0%83%E6%A0%A1%E6%8C%87%E5%8D%97-,%E4%BF%AE%E6%AD%A3%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E6%98%BE%E7%A4%BA%E4%B8%BA%E5%BC%82%E4%BD%93%EF%BC%88%E6%97%A5%E6%96%87%EF%BC%89%E5%AD%97%E5%BD%A2,-%5B%E7%BC%96%E8%BE%91%20%7C
 2023-12-01 00:54:52 +08:00
Ryan Yin 0322de2622 feat: add istioctl 2023-11-30 17:39:35 +08:00
Ryan Yin d9be6f9213 fix: wezterm on darwin 2023-11-30 11:01:53 +08:00
Ryan Yin b977203d15 feat: mount swap subvolume in read-only mode 2023-11-28 22:10:39 +08:00
Ryan Yin db4e3b5fdd feat: enable btrfs's zstd compression 2023-11-28 00:26:40 +08:00
Ryan Yin a1f4764526 fix: nix-darwin with nixos-23.11 2023-11-27 16:16:24 +08:00
Ryan Yin 0996ec71e9 docs: update comments 2023-11-27 01:14:17 +08:00
ryan4yin 2e8d068070 feat: encrypted boot partition, fix nix.gc args 2023-11-27 00:38:13 +08:00
Ryan Yin ee606e5518 fix: replace gparted with parted 2023-11-26 22:54:01 +08:00
Ryan Yin 440eb287ed feat: add gparted & ventoy 2023-11-26 22:50:53 +08:00
Ryan Yin ee9828151c docs: README 2023-11-26 22:40:32 +08:00
Ryan Yin 0b6bafb39c feat: minor updates for neovim & bat 2023-11-26 19:52:07 +08:00
Ryan Yin df570294b4 Merge pull request #20 from ryan4yin/nixos-23.11 
feat: upgrade nixpkgs to 23.11
 2023-11-26 19:27:20 +08:00
Ryan Yin 5e0c7e90ff feat: encrypted root partition with btrfs(except /boot partition) 2023-11-26 19:17:09 +08:00
Ryan Yin ada780afc8 feat: upgrade nixpkgs to 23.11 2023-11-15 01:24:42 +08:00
Ryan Yin d624ab4323 feat: update flake.lock 2023-10-29 14:59:35 +08:00
Ryan Yin f2dfb10c1b fix: sync to gitee 2023-10-04 12:35:09 +08:00
Ryan Yin f10666ff7c feat: sync to gitee 2023-10-04 12:30:36 +08:00
Ryan Yin a378fa3d60 feat: rime-data - update user dict 2023-10-02 16:56:20 +08:00
Ryan Yin dfefa53e6b feat: terraformer 2023-09-26 12:21:59 +08:00
Ryan Yin 09a6af9d36 docs: secrets 2023-09-19 11:44:31 +08:00
Ryan Yin 1172968a93 feat: add guile 2023-09-15 17:05:51 +08:00
Ryan Yin 6d2ba3f0c1 fix: typo 2023-09-11 01:06:34 +08:00
Ryan Yin 262988949c feat: gowin eda - fpga 2023-09-08 22:27:03 +08:00
Ryan Yin f5a745f37e feat: aliyun-cli 2023-09-08 18:42:21 +08:00
Ryan Yin 02b6079198 feat: add btop for macOS, remove verible from macOS 2023-09-07 16:35:59 +08:00
Ryan Yin c645d31dd3 feat: neovim - support verilog / systemverilog 2023-09-06 22:23:57 +08:00
Ryan Yin 32a6789f44 feat: adjust font's dpi 2023-09-06 21:53:38 +08:00
Ryan Yin f173808e10 fix: sonic-pi 2023-08-28 20:38:23 +08:00
Ryan Yin 7ba80d4458 feat: add sonic-pi - music programming 2023-08-28 13:36:26 +08:00
Ryan Yin e63a1a92e8 Merge pull request #16 from DataEraserC/main-2 
Remove extra curly brace
 2023-08-21 21:38:09 +08:00
雑魚~雑魚~ 90cb0f987b Remove extra curly brace 2023-08-21 05:08:07 -06:00
Ryan Yin bfd05251f2 feat: bump flake.lock 2023-08-19 02:41:04 +08:00
Ryan Yin 13b70df944 feat: use wireless interface for nozomi & yukina 2023-08-19 02:40:48 +08:00
Ryan Yin a0c6965438 feat: add nur-ryan4yin, install yazi 2023-08-17 22:57:08 +08:00
Ryan Yin e36daaa48c fix: macOS - commands like are required by some tools 2023-08-17 14:44:26 +08:00
Ryan Yin ca239579d5 feat: add pictures for 12kingdoms 2023-08-17 02:22:25 +08:00
Ryan Yin d34d2adb42 feat: update Makefile for aarch SBCs 2023-08-17 02:17:03 +08:00
Ryan Yin cc80f0e885 docs: add comments 2023-08-17 02:15:12 +08:00
Ryan Yin 737603403a feat: aarch64 host - suzu 2023-08-17 02:14:00 +08:00
Ryan Yin 05a94aae60 chore: fcitx5 - remove useless config 2023-08-16 23:45:36 +08:00
Ryan Yin b02b7c0af8 feat: more ssh keys 2023-08-16 20:40:54 +08:00
Ryan Yin 24cd473387 feat: README for /lib 2023-08-16 18:38:44 +08:00
Ryan Yin f6630bc6e0 feat: README for /lib 2023-08-16 18:35:11 +08:00
Ryan Yin 417e6658dc Merge pull request #15 from DataEraserC/main-1 
Fix typo
 2023-08-16 18:27:08 +08:00
雑魚~雑魚~ f626371732 Fix typo 2023-08-16 04:25:29 -06:00
Ryan Yin d318e35a93 feat: README - add pictures 2023-08-16 03:28:58 +08:00
Ryan Yin 7ddac56e17 feat: README - add pictures 2023-08-16 03:28:44 +08:00
Ryan Yin b060b69114 feat: README - add pictures 2023-08-16 03:26:15 +08:00
Ryan Yin 12f3032d8d feat: deploy via colmena 2023-08-16 03:12:31 +08:00
Ryan Yin bbd300422b fix: licheepi4a - mount boot partition 2023-08-16 02:44:34 +08:00
Ryan Yin b2d19ee218 Merge pull request #14 from ryan4yin/riscv64 
feat: add riscv64 cluster - rolling girls
 2023-08-16 02:07:38 +08:00
Ryan Yin f5c1148c94 feat: add riscv64 cluster - rolling girls 2023-08-16 02:06:48 +08:00
Ryan Yin f682523804 feat: deploy remotely via colmena(instead of nixos-rebuild) 2023-08-16 00:14:13 +08:00
Ryan Yin b635efba09 feat: add color picker 2023-08-16 00:14:13 +08:00
Ryan Yin bd474f798e Merge pull request #13 from Balssh/main-1 
Fix typo
 2023-08-15 08:36:38 +08:00
George Bals 1575e50fea Fix typo 
I love this repo, is very helpful in learning nixos
 2023-08-15 00:02:01 +03:00
Ryan Yin ae851875a9 fix: wezterm - font 2023-08-14 14:43:09 +08:00
Ryan Yin 24630c5e5d feat: add docs for terminal 2023-08-14 13:37:56 +08:00
Ryan Yin ae35522d11 feat: kitty - toggle maximized 2023-08-14 13:29:50 +08:00
Ryan Yin 6634eb7cb0 feat: wezterm - toggle window size 2023-08-14 13:21:16 +08:00
Ryan Yin d0568b9f19 feat: wezterm - toggle opacity 2023-08-14 13:16:01 +08:00
Ryan Yin 803992635f feat: enable wezterm 2023-08-14 12:25:14 +08:00
Ryan Yin 9dbf2293ce fix: neovim & wezterm 2023-08-14 11:51:16 +08:00
Ryan Yin bc9b29f62b feat: neovim - using configs from astrocommunity 2023-08-14 02:20:16 +08:00
Ryan Yin 7347bcb842 feat: neovim - markdown-preview 2023-08-14 01:41:34 +08:00
Ryan Yin cc9dfa7940 Update FUNDING.yml 2023-08-13 17:34:37 +08:00
Ryan Yin 0db7703857 docs: neovim - flash.nvim 2023-08-13 00:47:20 +08:00
Ryan Yin c8e84fbc36 feat: neovim - add flash.nvim 2023-08-13 00:38:33 +08:00
Ryan Yin d3553ae104 feat: neovim - add flash.nvim 2023-08-13 00:26:06 +08:00
Ryan Yin 9c5a1b12ef feat: neovim - fix performance issue of telescope preview 2023-08-12 22:42:35 +08:00
Ryan Yin d282a3b0b6 feat: neovim - more plugins 2023-08-12 22:03:02 +08:00
Ryan Yin 62487cc5ca docs: neovim 2023-08-12 21:36:21 +08:00
Ryan Yin f81c62dc0a feat: neovim - noice.nvim 2023-08-12 21:30:20 +08:00
Ryan Yin f02f673012 feat: update flake inputs 2023-08-12 21:15:49 +08:00
Ryan Yin 0be942efe2 feat: neovim - more plugins 2023-08-12 21:00:48 +08:00
Ryan Yin 9f91849707 docs: neovim 2023-08-12 20:28:10 +08:00
Ryan Yin 1cdf80adff docs: neovim 2023-08-12 20:26:01 +08:00
Ryan Yin 8be00a52c8 docs: neovim 2023-08-12 20:22:22 +08:00
Ryan Yin eb5c35d670 docs: neovim 2023-08-12 20:21:11 +08:00
Ryan Yin d00d8cd43b docs: neovim 2023-08-12 20:17:33 +08:00
Ryan Yin b4ea5aa354 docs: neovim 2023-08-12 20:16:05 +08:00
Ryan Yin 8a9af081fc docs: neovim 2023-08-12 20:10:09 +08:00
Ryan Yin ef86bc96f6 docs: neovim 2023-08-12 20:09:17 +08:00
Ryan Yin 289888aa50 feat: neovim - more plugins 2023-08-12 18:43:27 +08:00
Ryan Yin 5b1b79a760 fix: hyprland - cursor disapper with Nvidia GPU 2023-08-12 15:02:05 +08:00
Ryan Yin c60388668c feat: remove vscode 2023-08-12 14:57:59 +08:00
Ryan Yin 9c3e4bea8d feat: neovim - find and search globally, refactoring 2023-08-12 14:52:48 +08:00
Ryan Yin 2f6d1aa482 feat: add comments 2023-08-12 14:09:50 +08:00
Ryan Yin c5267e7932 feat: add tools for CLI search and replace, with diff preview 2023-08-12 13:57:30 +08:00
Ryan Yin 08baea2e22 feat: disable remote building 2023-08-12 11:54:18 +08:00
Ryan Yin 356ed4bfdc feat: add git-trim 2023-08-09 14:35:17 +08:00
Ryan Yin 3799aa0c90 fix: git delmerged 2023-08-09 13:13:39 +08:00
Ryan Yin 28779f60ea feat: git config 2023-08-09 12:40:31 +08:00
Ryan Yin d0a9bdd002 feat: git config 2023-08-09 12:00:51 +08:00
Ryan Yin 0ee541c9e4 feat: git config 2023-08-09 12:00:32 +08:00
Ryan Yin e1baf45441 feat: proxychains's conf for macOS 2023-08-09 11:25:18 +08:00
Ryan Yin e6c1b945f3 feat: proxychains-ng on macOS 2023-08-09 11:17:59 +08:00
Ryan Yin 0efb7dfba1 Update FUNDING.yml 2023-08-09 00:19:29 +08:00
Ryan Yin 4760e508be Create FUNDING.yml 2023-08-09 00:18:48 +08:00
Ryan Yin 682346a66a feat: update flake.lock 2023-08-07 15:25:33 +08:00
Ryan Yin 0fac56f612 fix: typo(tab instead of space) 2023-08-07 15:19:31 +08:00
Ryan Yin 270d43251f feat: update packages to the latest version, disable wezterm 2023-08-07 15:05:04 +08:00
Ryan Yin c3cf8138f8 feat: rime-data - add chinese character - 矽 2023-08-07 15:04:22 +08:00
Ryan Yin 7ccccfc84c feat: remove duplicate configs 2023-08-07 01:16:11 +08:00
Ryan Yin e39b79c508 feat: use the same nixpkgs as much as possible - macOS 2023-08-04 22:40:15 +08:00
Ryan Yin 664506b6cb feat: use the same nixpkgs as much as possible 2023-08-04 22:37:18 +08:00
Ryan Yin a946ff7cce feat: disable neovim's experimental plugin - noice.nvim 2023-08-04 00:40:17 +08:00
Ryan Yin 99819c1df5 docs: minor updates 2023-08-04 00:32:40 +08:00
Ryan Yin c515ea9807 feat: start dockerd on boot 2023-08-03 23:53:04 +08:00
Ryan Yin 7ce3e9a391 feat: add tcpdump, update comments 2023-08-03 23:36:15 +08:00
Ryan Yin f61271a323 feat: comments 2023-08-03 23:22:20 +08:00
Ryan Yin 4a988dbce7 refactor: development environment 2023-08-03 23:16:12 +08:00
Ryan Yin 79a866a287 feat: bump astronvim's version to v3.34.5 2023-08-03 17:31:15 +08:00
Ryan Yin bd53ef65ec feat: add sshconfig for k8s masters 2023-08-03 01:10:26 +08:00
Ryan Yin 804bf99e74 fix: remote building - virtual machines 2023-08-03 00:02:37 +08:00
Ryan Yin 6e7fa3e223 docs: how to search in kitty/alacritty 2023-08-01 17:49:33 +08:00
Ryan Yin 508a45d801 feat: kitty - tab bar on top 2023-08-01 13:16:43 +08:00
Ryan Yin 7c9cb5156f feat: update macOS's system config 2023-08-01 13:16:43 +08:00
Ryan Yin 08d8c4cbc5 fix: firefox gets wrong timezone on NixOS 2023-07-31 21:24:25 +08:00
Ryan Yin 7dc0adee72 feat: add bpftrace 2023-07-31 14:44:28 +08:00
Ryan Yin d61b27bcb5 feat: add bfg-repo-cleaner 2023-07-31 10:56:12 +08:00
Ryan Yin 0030a41a8f feat: install jdk17(Adoptium prebuilt jdk on macOS) 2023-07-31 10:52:43 +08:00
Ryan Yin 66fa46afb6 feat: adjust alacritty & kitty for macOS 2023-07-31 10:33:56 +08:00
Ryan Yin 26da19ba38 fix: grim(wayland): Failed to create image. https://github.com/ryan4yin/nix-config/issues/11 2023-07-30 17:45:17 +08:00
Ryan Yin 81a4104973 docs: README 2023-07-30 17:08:44 +08:00
Ryan Yin 6b55dfca46 docs: README 2023-07-30 17:00:56 +08:00
Ryan Yin b3676ccbe6 fix: correct waybar's config format 2023-07-30 16:44:41 +08:00
Ryan Yin 71af10ff3b feat: update readme, adjust nix settings 2023-07-30 16:32:05 +08:00
Ryan Yin a99adf065d feat: update for hyprland(wayland) 
refactor: core-desktop.nix & core-server.nix
 2023-07-30 16:18:44 +08:00
Ryan Yin 2485f24fcc docs: remove useless comments 2023-07-30 15:23:33 +08:00
Ryan Yin 777d915cd2 fix: https://github.com/ryan4yin/nix-config/issues/10 2023-07-30 15:16:48 +08:00
Ryan Yin 5df740ca6e docs: README 2023-07-30 05:06:20 +08:00
Ryan Yin dd27f9eaeb fix: add psmisc(killall) 2023-07-30 05:04:52 +08:00
Ryan Yin d370d96f47 feat: update for gtk/x11/xwayland 2023-07-30 04:48:46 +08:00
Ryan Yin 1e98f591f5 feat: replace wofi by anyrun - wayland 2023-07-30 04:19:03 +08:00
Ryan Yin 5e2bec4ac5 docs: README - WARNGING 2023-07-30 01:52:14 +08:00
Ryan Yin 0c30883e22 docs: README - secrets 2023-07-30 01:45:49 +08:00
Ryan Yin c9a42f1a13 feat: update Makefile 2023-07-30 01:37:02 +08:00
Ryan Yin a9c123d9d4 feat: update specific input 2023-07-30 01:35:55 +08:00
Ryan Yin e4c9e863cf feat: update comments 2023-07-30 01:25:28 +08:00
Ryan Yin 2970073d5e feat: add README for lib 2023-07-30 01:20:47 +08:00
Ryan Yin 8bef422482 fix: README 2023-07-30 00:58:52 +08:00
Ryan Yin 6247cecf0b fix: README 2023-07-30 00:56:02 +08:00
92 changed files with 3709 additions and 1293 deletions
Expand all files Collapse all files
.github/FUNDING.yml
+2
View File
@@ -0,0 +1,2 @@
patreon: ryan4yin
custom: ['https://buymeacoffee.com/ryan4yin', 'https://afdian.net/a/ryan4yin']
.github/workflows/mirror_to_gitee.yml
+29
View File
@@ -0,0 +1,29 @@
name: Mirror this repo to Gitee
on:
workflow_dispatch: {}
push: {}
jobs:
mirror:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Mirror repo to Gitee
id: mirror-to-gitee
shell: bash
env:
INPUT_SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY_GITEE_MIRROR }}
INPUT_TARGET_REPO_URL: git@gitee.com:ryan_yin/nix-config.git
run: |
set -eu
mkdir -p ~/.ssh
echo "$INPUT_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
export GIT_SSH_COMMAND="ssh -v -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no"
git remote add mirror "$INPUT_TARGET_REPO_URL"
git push --tags --force --prune mirror "refs/remotes/origin/*:refs/heads/*"
Makefile
+58 -29
View File
@@ -22,9 +22,14 @@ i3-debug:
hypr-debug:
nixos-rebuild switch --flake .#ai_hyprland --use-remote-sudo --show-trace --verbose
update:
up:
nix flake update
# Update specific input
# usage: make upp i=wallpapers
upp:
nix flake lock --update-input $(i)
history:
nix profile history --profile /nix/var/nix/profiles/system
@@ -35,11 +40,6 @@ gc:
# garbage collect all unused nix store entries
sudo nix store gc --debug
# adjust brightness(x11)
# usage: make bright b=0.9
bright:
xrandr --output DP-2 --brightness $(b)
############################################################################
#
# Darwin related commands, harmonica is my macbook pro's hostname
@@ -47,16 +47,20 @@ bright:
############################################################################
darwin-set-proxy:
sudo python3 scripts/darwin_set_proxy.py
echo "skip setting proxy, use global proxy instead"
# sudo python3 scripts/darwin_set_proxy.py
ha: darwin-set-proxy
nix build .#darwinConfigurations.harmonica.system
./result/sw/bin/darwin-rebuild switch --flake .
sleep 3
sudo chmod 644 /etc/agenix/alias-for-work.*
ha-debug: darwin-set-proxy
nix build .#darwinConfigurations.harmonica.system --show-trace --verbose
./result/sw/bin/darwin-rebuild switch --flake .#harmonica --show-trace --verbose
sleep 3
sudo chmod 644 /etc/agenix/alias-for-work.*
############################################################################
#
@@ -64,45 +68,70 @@ ha-debug: darwin-set-proxy
#
############################################################################
add-idols-ssh-key:
ssh-add ~/.ssh/ai-idols
aqua: add-idols-ssh-key
nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo
idols: add-idols-ssh-key
colmena apply --on '@dist-build'
aqua-debug: add-idols-ssh-key
nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo --show-trace --verbose
aqua:
colmena apply --on '@aqua'
ruby: add-idols-ssh-key
nixos-rebuild --flake .#ruby --target-host ruby --build-host ruby switch --use-remote-sudo
ruby:
colmena apply --on '@ruby'
ruby-debug: add-idols-ssh-key
nixos-rebuild --flake .#ruby --target-host ruby --build-host ruby switch --use-remote-sudo --show-trace --verbose
kana:
colmena apply --on '@kana'
kana: add-idols-ssh-key
nixos-rebuild --flake .#kana --target-host kana --build-host kana switch --use-remote-sudo
kana-debug: add-idols-ssh-key
nixos-rebuild --flake .#kana --target-host kana --build-host kana switch --use-remote-sudo --show-trace --verbose
idols: aqua ruby kana
idols-debug: aqua-debug ruby-debug kana-debug
idols-debug: add-idols-ssh-key
colmena apply --on '@dist-build' --verbose --show-trace
# only used once to setup the virtual machines
idols-image:
# take image for idols, and upload the image to proxmox nodes.
nom build .#aquamarine
scp result/vzdump-qemu-*.vma.zst root@gtr5:/var/lib/vz/dump
scp result root@gtr5:/var/lib/vz/dump/vzdump-qemu-aquamarine.vma.zst
nom build .#ruby
scp result/vzdump-qemu-*.vma.zst root@s500plus:/var/lib/vz/dump
scp result root@s500plus:/var/lib/vz/dump/vzdump-qemu-ruby.vma.zst
nom build .#kana
scp result/vzdump-qemu-*.vma.zst root@um560:/var/lib/vz/dump
scp result root@um560:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst
############################################################################
#
# RISC-V related commands
#
############################################################################
roll: add-idols-ssh-key
colmena apply --on '@riscv'
roll-debug: add-idols-ssh-key
colmena apply --on '@dist-build' --verbose --show-trace
nozomi:
colmena apply --on '@nozomi'
yukina:
colmena apply --on '@yukina'
############################################################################
#
# Aarch64 related commands
#
############################################################################
aarch:
colmena apply --on '@aarch'
suzu:
colmena apply --on '@suzu'
suzu-debug:
colmena apply --on '@suzu' --verbose --show-trace
############################################################################
#
# Misc, other useful commands
README.md
+59 -65
View File
@@ -26,27 +26,29 @@ Nix allows for easy-to-manage, collaborative, reproducible deployments. This mea
## Components
| | NixOS(Wayland) | NixOS(Xorg) |
| --------------------------- | :--------------------------------------------------------------------------------------------- | :------------------------------------------------------ |
| **Window Manager** | [Hyprland][Hyprland] | [i3][i3] |
| **Terminal Emulator** | [Kitty][Kitty] | [Kitty][Kitty] |
| **Bar** | [Waybar][Waybar] | [i3block][i3block] |
| **Application Launcher** | [wofi][wofi] | [rofi][rofi] |
| **Notification Daemon** | [Mako][Mako] | [Dunst][Dunst] |
| **Display Manager** | [GDM][GDM] | [GDM][GDM] |
| \***\*Color Scheme\*\*** | [Catppuccin][Catppuccin] | [Catppuccin][Catppuccin] |
| **network management tool** | [NetworkManager][NetworkManager] | [NetworkManager][NetworkManager] |
| **Input method framework** | [Fcitx5][Fcitx5] | [Fcitx5][Fcitx5] |
| **System resource monitor** | [Btop][Btop] | [Btop][Btop] |
| **File Manager** | [ranger][ranger] + [thunar][thunar] | [ranger][ranger] + [thunar][thunar] |
| **Shell** | [Nushell][Nushell] + [Starship][Starship] | [Nushell][Nushell] + [Starship][Starship] |
| **Music Player** | [mpd][mpd], [ncmpcpp][ncmpcpp], [mpc][mpc], [Netease-cloud-music-gtk][netease-cloud-music-gtk] | [Netease-cloud-music-gtk][netease-cloud-music-gtk] |
| **Media Player** | [mpv][mpv] | [mpv][mpv] |
| **Text Editor** | [Neovim][Neovim] | [Neovim][Neovim] |
| **Fonts** | [Nerd fonts][Nerd fonts] | [Nerd fonts][Nerd fonts] |
| **Image Viewer** | [imv][imv] | [feh][feh] |
| **Screenshot Software** | [grim][grim] | [flameshot](https://github.com/flameshot-org/flameshot) |
| **Screen Recording** | [OBS][OBS] | [OBS][OBS] |
| | NixOS(Wayland) | NixOS(Xorg) |
| --------------------------- | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- |
| **Window Manager** | [Hyprland][Hyprland] | [i3][i3] |
| **Terminal Emulator** | [Kitty][Kitty] | [Kitty][Kitty] |
| **Bar** | [Waybar][Waybar] | [i3block][i3block] |
| **Application Launcher** | [anyrun][anyrun] | [rofi][rofi] |
| **Notification Daemon** | [Mako][Mako] | [Dunst][Dunst] |
| **Display Manager** | [GDM][GDM] | [GDM][GDM] |
| **Color Scheme** | [Catppuccin][Catppuccin] | [Catppuccin][Catppuccin] |
| **network management tool** | [NetworkManager][NetworkManager] | [NetworkManager][NetworkManager] |
| **Input method framework** | [Fcitx5][Fcitx5] | [Fcitx5][Fcitx5] |
| **System resource monitor** | [Btop][Btop] | [Btop][Btop] |
| **File Manager** | [ranger][ranger] + [thunar][thunar] | [ranger][ranger] + [thunar][thunar] |
| **Shell** | [Nushell][Nushell] + [Starship][Starship] | [Nushell][Nushell] + [Starship][Starship] |
| **Music Player** | [mpd][mpd], [ncmpcpp][ncmpcpp], [mpc][mpc], [Netease-cloud-music-gtk][netease-cloud-music-gtk] | [Netease-cloud-music-gtk][netease-cloud-music-gtk] |
| **Media Player** | [mpv][mpv] | [mpv][mpv] |
| **Text Editor** | [Neovim][Neovim] | [Neovim][Neovim] |
| **Fonts** | [Nerd fonts][Nerd fonts] | [Nerd fonts][Nerd fonts] |
| **Image Viewer** | [imv][imv] | [imv][imv] |
| **Screenshot Software** | [grim][grim] | [flameshot](https://github.com/flameshot-org/flameshot) |
| **Screen Recording** | [OBS][OBS] | [OBS][OBS] |
| **Filesystem & Encryption** | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] crypted partition for persistent, unlock via passphrase | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] crypted partition for persistent, unlock via passphrase |
| **Secure Boot** | [lanzaboote][lanzaboote] | [lanzaboote][lanzaboote] |
Wallpapers: https://github.com/ryan4yin/wallpapers
@@ -61,17 +63,35 @@ Wallpapers: https://github.com/ryan4yin/wallpapers
![](./_img/i3_2023-07-29_1.webp)
![](./_img/i3_2023-07-29_2.webp)
## Neovim
See [./home/base/desktop/neovim](./home/base/desktop/neovim) for details.
## Hosts
See [./hosts](./hosts) for details.
## Secrets Management
See [./secrets](./secrets) for details.
## How to Deploy this Flake?
> :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine:exclamation: It will not succeed.** this flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols/ai/hardware-configuration.nix)) which is not suitable for your hardware, and my private secrets repository [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) that only I have access to. You may use this repo as a reference to build your own configuration.
> :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine:exclamation: It will not succeed.** this flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols/ai/hardware-configuration.nix), [cifs-mount.nix](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols/ai/cifs-mount.nix), [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols/ai/default.nix#L77-L91), etc.) which is not suitable for your hardware, and my private secrets repository [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) that only I have access to. You may use this repo as a reference to build your own configuration.
After installing NixOS with `nix-command` & `flake` enabled, follow the steps below to deploy this flake.
For MacOS:
For NixOS, use the following commands:
```bash
# deploy the darwin configuration(harmonicia)
make ha
# deploy with details
make ha-debug
```
For NixOS:
> Need to restart the machine when switching between `wayland` and `xorg`.
```bash
# deploy one of the configuration based on the hostname
@@ -87,34 +107,7 @@ make i3-debug
# make hypr-debug
```
For MacOS, use the following commands:
```bash
# deploy the darwin configuration(harmonicia)
make ha
# deploy with details
make ha-debug
```
## Install Apps from Flatpak
We can install apps from flathub, which has a lot of apps that are not supported well in nixpkgs.
```bash
# Add the Flathub repository
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
# install apps from flathub
flatpak install netease-cloud-music-gtk
# install 3d printer slicer - cura
flatpak install flathub com.ultimaker.cura
# or you can search apps from flathub
flatpak search <keyword>
# search on website is also supported: https://flathub.org/
```
To deploy this flake from NixOS's official ISO image(purest installation method), please refer to [ryan4yin/nix-config/nixos-install](https://github.com/ryan4yin/nix-config/tree/nixos-install)
## How to create & managage VM from this flake?
@@ -137,15 +130,12 @@ Once the virtual machine `aquamarine` is created, we can deploy updates to it wi
# 1. add the ssh key to ssh-agent
ssh-add ~/.ssh/ai-idols
# 2. deploy the configuration to the remote host, using the ssh key we added in step 1
# and the username defaults to `$USER`, it's `ryan` in my case.
nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo --verbose
# or we can replace the command above with the following command, which is defined in Makefile
make aqua
# 2. deploy the configuration to all the remote host with tag `@dist-build`
# using the ssh key we added in step 1
colmena apply --on '@dist-build' --show-trace
```
The commands above will build & deploy the configuration to `aquamarine`, the build process will be executed on `aquamarine` too, and the `--use-remote-sudo` option indicates that we will use `sudo` on the remote host.
If you're not familiar with remote deployment, please read this tutorial first: [Remote Deployment - NixOS & Flakes Book](https://nixos-and-flakes.thiscute.world/best-practices/remote-deployment)
## References
@@ -157,14 +147,16 @@ Other dotfiles that inspired me:
- [xddxdd/nixos-config](https://github.com/xddxdd/nixos-config)
- [bobbbay/dotfiles](https://github.com/bobbbay/dotfiles)
- [gytis-ivaskevicius/nixfiles](https://github.com/gytis-ivaskevicius/nixfiles)
- [fufexan/dotfiles](https://github.com/fufexan/dotfiles)
- [davidtwco/veritas](https://github.com/davidtwco/veritas)
- [gvolpe/nix-config](https://github.com/gvolpe/nix-config)
- [Ruixi-rebirth/flakes](https://github.com/Ruixi-rebirth/flakes)
- Hyprland
- [HeinzDev/Hyprland-dotfiles](https://github.com/HeinzDev/Hyprland-dotfiles)
- [notwidow/hyprland](https://github.com/notwidow/hyprland)
- [fufexan/dotfiles](https://github.com/fufexan/dotfiles): gtk theme, xdg, git, media, anyrun, etc.
- Hyprland(wayland)
- [notwidow/hyprland](https://github.com/notwidow/hyprland): This is where I start my hyprland journey.
- [HeinzDev/Hyprland-dotfiles](https://github.com/HeinzDev/Hyprland-dotfiles): Refer to the waybar configuration here.
- [linuxmobile/kaku](https://github.com/linuxmobile/kaku)
- I3 Window Manager
- [endeavouros-i3wm-setup](https://github.com/endeavouros-team/endeavouros-i3wm-setup): I started using i3 here, and my i3 configuration is also based on it, but made a lot of changes.
- [denisse-dev/dotfiles](https://github.com/denisse-dev/dotfiles)
- Neovim/AstroNvim
- [maxbrunet/dotfiles](https://github.com/maxbrunet/dotfiles): astronvim with nix flakes.
@@ -179,7 +171,7 @@ Other dotfiles that inspired me:
[Waybar]: https://github.com/Alexays/Waybar
[i3block]: https://github.com/vivien/i3blocks
[rofi]: https://github.com/davatorium/rofi
[wofi]: https://hg.sr.ht/~scoopta/wofi
[anyrun]: https://github.com/Kirottu/anyrun
[Dunst]: https://github.com/dunst-project/dunst
[Fcitx5]: https://github.com/fcitx/fcitx5
[Btop]: https://github.com/aristocratos/btop
@@ -188,7 +180,6 @@ Other dotfiles that inspired me:
[AstroNvim]: https://github.com/AstroNvim/AstroNvim
[flameshot]: https://github.com/flameshot-org/flameshot
[grim]: https://github.com/emersion/grim
[feh]: https://github.com/derf/feh
[imv]: https://sr.ht/~exec64/imv/
[OBS]: https://obsproject.com
[Mako]: https://github.com/emersion/mako
@@ -204,3 +195,6 @@ Other dotfiles that inspired me:
[thunar]: https://gitlab.xfce.org/xfce/thunar
[ranger]: https://github.com/ranger/ranger
[Catppuccin]: https://github.com/catppuccin/catppuccin
[Btrfs]: https://btrfs.readthedocs.io
[LUKS]: https://wiki.archlinux.org/title/Dm-crypt/Encrypting_an_entire_system
[lanzaboote]: https://github.com/nix-community/lanzaboote
_img/12kingdoms-1.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 47 KiB

_img/12kingdoms-Youko-Rakushun.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

_img/nixos-riscv-cluster.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 362 KiB

_img/rolling_girls.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 350 KiB

flake.lock
Generated
+585 -94
View File
File diff suppressed because it is too large Load Diff
flake.nix
+233 -86
View File
@@ -20,6 +20,8 @@
nix-darwin,
home-manager,
nixos-generators,
nixos-licheepi4a,
nixos-rk3588,
...
}: let
username = "ryan";
@@ -28,78 +30,187 @@
x64_system = "x86_64-linux";
x64_darwin = "x86_64-darwin";
allSystems = [x64_system x64_darwin];
riscv64_system = "riscv64-linux";
aarch64_system = "aarch64-linux";
allSystems = [x64_system x64_darwin riscv64_system aarch64_system];
nixosSystem = import ./lib/nixosSystem.nix;
macosSystem = import ./lib/macosSystem.nix;
colmenaSystem = import ./lib/colmenaSystem.nix;
# 星野 アイ, Hoshino Ai
idol_ai_modules_i3 = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/i3.nix
];
home-module = import ./home/linux/desktop-i3.nix;
};
idol_ai_modules_hyprland = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/hyprland.nix
];
home-module = import ./home/linux/desktop-hyprland.nix;
};
# 星野 愛久愛海, Hoshino Akuamarin
idol_aquamarine_modules = {
nixos-modules = [
./hosts/idols/aquamarine
];
home-module = import ./home/linux/server.nix;
};
idol_aquamarine_tags = ["dist-build" "aqua"];
# 星野 瑠美衣, Hoshino Rubii
idol_ruby_modules = {
nixos-modules = [
./hosts/idols/ruby
];
home-module = import ./home/linux/server.nix;
};
idol_ruby_tags = ["dist-build" "ruby"];
# 有馬 かな, Arima Kana
idol_kana_modules = {
nixos-modules = [
./hosts/idols/kana
];
home-module = import ./home/linux/server.nix;
};
idol_kana_tags = ["dist-build" "kana"];
# 森友 望未, Moritomo Nozomi
rolling_nozomi_modules = {
nixos-modules = [
./hosts/rolling_girls/nozomi
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_nozomi_tags = ["riscv" "nozomi"];
# 小坂 結季奈, Kosaka Yukina
rolling_yukina_modules = {
nixos-modules = [
./hosts/rolling_girls/yukina
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_yukina_tags = ["riscv" "yukina"];
# 大木 鈴, Ōki Suzu
_12kingdoms_suzu_modules = {
nixos-modules = [
./hosts/12kingdoms/suzu
];
# home-module = import ./home/linux/server.nix;
};
_12kingdoms_suzu_tags = ["aarch" "suzu"];
x64_specialArgs =
{
inherit username userfullname useremail;
# use unstable branch for some packages to get the latest updates
pkgs-unstable = import nixpkgs-unstable {
system = x64_system; # refer the `system` parameter form outer scope recursively
# To use chrome, we need to allow the installation of non-free software
config.allowUnfree = true;
};
}
// inputs;
in {
nixosConfigurations = let
# 星野 アイ, Hoshino Ai
idol_ai_modules_i3 = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/i3.nix
];
home-module = import ./home/linux/desktop-i3.nix;
};
idol_ai_modules_hyprland = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/hyprland.nix
];
home-module = import ./home/linux/desktop-hyprland.nix;
};
# 星野 愛久愛海, Hoshino Akuamarin
idol_aquamarine_modules = {
nixos-modules = [
./hosts/idols/aquamarine
];
home-module = import ./home/linux/server.nix;
};
# 星野 瑠美衣, Hoshino Rubii
idol_ruby_modules = {
nixos-modules = [
./hosts/idols/ruby
];
home-module = import ./home/linux/server.nix;
};
# 有馬 かな, Arima Kana
idol_kana_modules = {
nixos-modules = [
./hosts/idols/kana
];
home-module = import ./home/linux/server.nix;
};
system = x64_system;
specialArgs =
{
inherit username userfullname useremail;
# use unstable branch for some packages to get the latest updates
pkgs-unstable = import nixpkgs-unstable {
system = x64_system; # refer the `system` parameter form outer scope recursively
# To use chrome, we need to allow the installation of non-free software
config.allowUnfree = true;
};
}
// inputs;
base_args = {
inherit home-manager nixos-generators system specialArgs;
inherit home-manager nixos-generators;
nixpkgs = nixpkgs; # or nixpkgs-unstable
system = x64_system;
specialArgs = x64_specialArgs;
};
stable_args = base_args // {inherit nixpkgs;};
unstable_args = base_args // {nixpkgs = nixpkgs-unstable;};
in {
# ai with i3 window manager
ai_i3 = nixosSystem (idol_ai_modules_i3 // stable_args);
ai_i3 = nixosSystem (idol_ai_modules_i3 // base_args);
# ai with hyprland compositor
ai_hyprland = nixosSystem (idol_ai_modules_hyprland // stable_args);
ai_hyprland = nixosSystem (idol_ai_modules_hyprland // base_args);
aquamarine = nixosSystem (idol_aquamarine_modules // stable_args);
ruby = nixosSystem (idol_ruby_modules // stable_args);
kana = nixosSystem (idol_kana_modules // stable_args);
# three virtual machines without desktop environment.
aquamarine = nixosSystem (idol_aquamarine_modules // base_args);
ruby = nixosSystem (idol_ruby_modules // base_args);
kana = nixosSystem (idol_kana_modules // base_args);
};
# colmena - remote deployment via SSH
colmena = let
# x86_64 related
x64_base_args = {
inherit home-manager;
nixpkgs = nixpkgs; # or nixpkgs-unstable
specialArgs = x64_specialArgs;
};
# riscv64 related
# using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache.
lpi4a_pkgs = import nixos-licheepi4a.inputs.nixpkgs {system = x64_system;};
lpi4a_specialArgs =
{
inherit username userfullname useremail;
pkgsKernel = nixos-licheepi4a.packages.${x64_system}.pkgsKernelCross;
}
// inputs;
lpi4a_base_args = {
inherit home-manager;
nixpkgs = nixos-licheepi4a.inputs.nixpkgs; # or nixpkgs-unstable
specialArgs = lpi4a_specialArgs;
targetUser = "root";
};
# aarch64 related
# using the same nixpkgs as nixos-rk3588 to utilize the cross-compilation cache.
rk3588_pkgs = import nixos-rk3588.inputs.nixpkgs {system = x64_system;};
rk3588_specialArgs =
{
inherit username userfullname useremail;
}
// nixos-rk3588.inputs;
rk3588_base_args = {
inherit home-manager;
nixpkgs = nixos-rk3588.inputs.nixpkgs; # or nixpkgs-unstable
specialArgs = rk3588_specialArgs;
targetUser = "root";
};
in {
meta = {
nixpkgs = import nixpkgs {system = x64_system;};
specialArgs = x64_specialArgs;
nodeSpecialArgs = {
# riscv64 SBCs
nozomi = lpi4a_specialArgs;
yukina = lpi4a_specialArgs;
# aarch64 SBCs
suzu = rk3588_specialArgs;
};
nodeNixpkgs = {
nozomi = lpi4a_pkgs;
yukina = lpi4a_pkgs;
# aarch64 SBCs
suzu = rk3588_pkgs;
};
};
# proxmox virtual machines(x86_64)
aquamarine = colmenaSystem (idol_aquamarine_modules // x64_base_args // {host_tags = idol_aquamarine_tags;});
ruby = colmenaSystem (idol_ruby_modules // x64_base_args // {host_tags = idol_ruby_tags;});
kana = colmenaSystem (idol_kana_modules // x64_base_args // {host_tags = idol_kana_tags;});
# riscv64 SBCs
nozomi = colmenaSystem (rolling_nozomi_modules // lpi4a_base_args // {host_tags = rolling_nozomi_tags;});
yukina = colmenaSystem (rolling_yukina_modules // lpi4a_base_args // {host_tags = rolling_yukina_tags;});
# aarch64 SBCs
suzu = colmenaSystem (_12kingdoms_suzu_modules // rk3588_base_args // {host_tags = _12kingdoms_suzu_tags;});
};
# take system images for idols
@@ -110,6 +221,7 @@
"ai_i3"
"ai_hyprland"
] (
# generate iso image for hosts with desktop environment
host:
self.nixosConfigurations.${host}.config.formats.iso
)
@@ -118,6 +230,7 @@
"ruby"
"kana"
] (
# generate proxmox image for virtual machines without desktop environment
host:
self.nixosConfigurations.${host}.config.formats.proxmox
);
@@ -137,15 +250,16 @@
}
// inputs;
base_args = {
inherit nix-darwin home-manager system specialArgs;
inherit nix-darwin home-manager system specialArgs nixpkgs;
};
in {
harmonica = macosSystem (base_args // {
darwin-modules = [
./hosts/harmonica
];
home-module = import ./home/darwin;
});
harmonica = macosSystem (base_args
// {
darwin-modules = [
./hosts/harmonica
];
home-module = import ./home/darwin;
});
};
# format the nix code in this flake
@@ -156,7 +270,6 @@
);
};
# This is the standard format for flake.nix. `inputs` are the dependencies of the flake,
# Each item in `inputs` will be passed as a parameter to the `outputs` function after being pulled and built.
inputs = {
@@ -164,11 +277,12 @@
# which represents the GitHub repository URL + branch/commit-id/tag.
# Official NixOS package source, using nixos's stable branch by default
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
# nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# for macos
nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-23.05-darwin";
nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-23.11-darwin";
nix-darwin = {
url = "github:lnl7/nix-darwin";
inputs.nixpkgs.follows = "nixpkgs-darwin";
@@ -176,17 +290,31 @@
# home-manager, used for managing user configuration
home-manager = {
url = "github:nix-community/home-manager/release-23.05";
url = "github:nix-community/home-manager/release-23.11";
# url = "github:nix-community/home-manager/master";
# The `follows` keyword in inputs is used for inheritance.
# Here, `inputs.nixpkgs` of home-manager is kept consistent with the `inputs.nixpkgs` of the current flake,
# to avoid problems caused by different versions of nixpkgs dependencies.
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.3.0";
inputs.nixpkgs.follows = "nixpkgs";
};
impermanence.url = "github:nix-community/impermanence";
# modern window compositor
hyprland.url = "github:hyprwm/Hyprland/v0.27.2";
hyprland.url = "github:hyprwm/Hyprland/v0.32.3";
# community wayland nixpkgs
nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
# anyrun - a wayland launcher
anyrun = {
url = "github:Kirottu/anyrun";
inputs.nixpkgs.follows = "nixpkgs";
};
# generate iso/qcow2/docker/... image from nixos configuration
nixos-generators = {
@@ -197,18 +325,22 @@
# secrets management, lock with git commit at 2023/7/15
agenix.url = "github:ryantm/agenix/0d8c5325fc81daf00532e3e26c6752f7bcde1143";
######################## Some non-flake repositories #########################################
# AstroNvim is an aesthetic and feature-rich neovim config.
astronvim = {
url = "github:AstroNvim/AstroNvim/v3.34.0";
url = "github:AstroNvim/AstroNvim/v3.39.0";
flake = false;
};
# useful nushell scripts, such as auto_completion
nushell-scripts = {
url = "github:nushell/nu_scripts";
url = "github:nushell/nu_scripts/main";
flake = false;
};
######################## My own repositories #########################################
# my private secrets, it's a private repository, you need to replace it with your own.
# use ssh protocol to authenticate via ssh-agent/ssh-key, and shallow clone to save time
mysecrets = {
@@ -222,6 +354,20 @@
flake = false;
};
nur-ryan4yin = {
url = "github:ryan4yin/nur-packages";
# inputs.nixpkgs.follows = "nixpkgs";
};
# riscv64 SBCs
nixos-licheepi4a.url = "github:ryan4yin/nixos-licheepi4a";
# nixos-jh7110.url = "github:ryan4yin/nixos-jh7110";
# aarch64 SBCs
nixos-rk3588.url = "github:ryan4yin/nixos-rk3588";
######################## Color Schemes #########################################
# color scheme - catppuccin
catppuccin-btop = {
url = "github:catppuccin/btop";
@@ -255,28 +401,29 @@
url = "github:catppuccin/cava";
flake = false;
};
cattppuccin-k9s = {
url = "github:catppuccin/k9s";
flake = false;
};
};
# the nixConfig here only affects the flake itself, not the system configuration!
nixConfig = {
experimental-features = ["nix-command" "flakes"];
substituters = [
# replace official cache with a mirror located in China
"https://mirrors.ustc.edu.cn/nix-channels/store"
"https://cache.nixos.org"
];
# nix community's cache server
# substituers will be appended to the default substituters when fetching packages
extra-substituters = [
# my own cache server
"https://ryan4yin.cachix.org"
"https://anyrun.cachix.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nixpkgs-wayland.cachix.org"
];
extra-trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"ryan4yin.cachix.org-1:Gbk27ZU5AYpGS9i3ssoLlwdvMIh0NxG0w8it/cv9kbU="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
};
}
home/base/desktop/cloud/default.nix
+24
View File
@@ -0,0 +1,24 @@
{
pkgs,
...
}: {
home.packages = with pkgs; [
# general tools
pulumi
pulumictl
# istioctl
# aws
awscli2
aws-iam-authenticator
eksctl
istioctl
# aliyun
aliyun-cli
] ++ (if pkgs.stdenv.isLinux then [
# cloud tools that nix do not have cache for.
terraform
terraformer # generate terraform configs from existing cloud resources
] else []);
}
home/base/desktop/container/container.nix
+14
View File
@@ -0,0 +1,14 @@
{
pkgs,
pkgs-unstable,
...
}: {
home.packages = with pkgs; [
skopeo
docker-compose
dive # explore docker layers
];
programs = {
};
}
home/base/desktop/container/default.nix
+6
View File
@@ -0,0 +1,6 @@
{ ... }: {
imports = [
./container.nix
./kubernetes.nix
];
}
home/base/desktop/container/kubernetes.nix
+31
View File
@@ -0,0 +1,31 @@
{
pkgs,
pkgs-unstable,
cattppuccin-k9s,
...
}: {
home.packages = with pkgs; [
kubectl
kubernetes-helm
];
programs = {
k9s = {
enable = true;
skin =
let
skin_file = "${cattppuccin-k9s}/dist/mocha.yml"; # theme - cattppuccin mocha
skin_attr = builtins.fromJSON (builtins.readFile
# replace 'base: &base "#1e1e2e"' with 'base: &base "default"'
# to make fg/bg color transparent. "default" means transparent in k9s skin.
(pkgs.runCommandNoCC "get-skin-json" {} ''
cat ${skin_file} \
| sed -E 's@(base: &base ).+@\1 "default"@g' \
| ${pkgs.yj}/bin/yj > $out
'')
);
in
skin_attr;
};
};
}
home/base/desktop/default.nix
+3 -2
View File
@@ -2,12 +2,13 @@
imports = [
../server
./cloud
./container
./neovim
./terminal
./alacritty.nix
./development.nix
./helix.nix
./kitty.nix
./media.nix
./shell.nix
];
home/base/desktop/development.nix
+38 -36
View File
@@ -8,44 +8,28 @@
# Basic settings for development environment
#
# Please avoid to install language specific packages here(globally),
# instead, install them independently using dev-templates:
# https://github.com/the-nix-way/dev-templates
# instead, install them:
# 1. per IDE, such as `programs.neovim.extraPackages`
# 2. per-project, using https://github.com/the-nix-way/dev-templates
#
#############################################################
home.packages = with pkgs; [
pkgs-unstable.devbox
(python3.withPackages (
ps:
with ps; [
ipython
pandas
requests
pyquery
pyyaml
]
))
# cloud native
skopeo
docker-compose
dive # explore docker layers
kubectl
kubernetes-helm
terraform
# terraformer # generate terraform configs from existing cloud resources
pulumi
pulumictl
k9s
# istioctl
# cloud provider
awscli2
aws-iam-authenticator
eksctl
# DO NOT install build tools for C/C++, set it per project by devShell instead
gnumake # used by this repo, to simplify the deployment
# python
(python311.withPackages (ps:
with ps; [
ipython
pandas
requests
pyquery
pyyaml
]))
cargo # rust package manager
go
jdk17
guile # scheme language
# db related
dbeaver
@@ -57,11 +41,29 @@
# embedded development
minicom
# other tools
# misc
pkgs-unstable.devbox
glow # markdown previewer
fzf
gdu # disk usage analyzer, required by AstroNvim
ripgrep # fast search tool, required by AstroNvim's '<leader>fw'(<leader> is space key)
bfg-repo-cleaner # remove large files from git history
k6 # load testing tool
mitmproxy # http/https proxy tool
protobuf # protocol buffer compiler
];
] ++ (if pkgs.stdenv.isLinux then [
# Automatically trims your branches whose tracking remote refs are merged or gone
# It's really useful when you work on a project for a long time.
git-trim
# need to run `conda-install` before using it
# need to run `conda-shell` before using command `conda`
# conda is not available for MacOS
conda
mitmproxy # http/https proxy tool
insomnia # REST client
wireshark # network analyzer
] else []);
programs = {
direnv = {
home/base/desktop/neovim/README.md
+222 -1
View File
@@ -1,7 +1,228 @@
# AstroNvim
# AstroNvim Configuration and Shortcuts
My Neovim config based on [AstroNvim](https://github.com/AstroNvim/AstroNvim).
For more details, visit the [AstroNvim website](https://astronvim.com/).
This document outlines neovim's configuration structure and various shortcuts/commands for efficient usage.
## Configuration Structure
| Description | Standard Location | My Location |
| ------------------------------------------------- | ------------------------------------------- | ------------------------------------------------------------------------- |
| Neovim's config | `~/.config/nvim` | AstroNvim's github repository, referenced as a flake input in this flake. |
| AstroNvim's user configuration | `$XDG_CONFIG_HOME/astronvim/lua/user` | [./astronvim_user/](./astronvim_user/) |
| Plugins installation directory (lazy.nvim) | `~/.local/share/nvim/` | The same as standard location, generated and managed by lazy.nvim. |
| LSP servers, DAP servers, linters, and formatters | `~/.local/share/nvim/mason/`(by mason.nvim) | [./default.nix](./default.nix), installed by nix. |
## Update/Clean Plugins
Note that lazy.nvim will not automatically update plugins, so you need to update them manually.
```bash
:Lazy update
```
Remove all unused plugins:
```bash
:Lazy clean
```
## Screenshots
![](/_img/astronvim_2023-07-13_00-39.webp)
![](/_img/hyprland_2023-07-29_2.webp)
## Visual Modes
| Action | Shortcut |
| ------------------------ | ---------------------------------------- |
| Toggle visual mode | `v` |
| Toggle visual block mode | `<Ctrl> + v` (select a block vertically) |
## Incremental Selection
Provided by nvim-treesitter.
| Action | Shortcut |
| ----------------- | -------------- |
| init selection | `<Ctrl-space>` |
| node incremental | `<Ctrl-space>` |
| scope incremental | `<Alt-Space>` |
| node decremental | `Backspace` |
## Search and Jump
Provided by [flash.nvim](https://github.com/folke/flash.nvim), it's a intelligent search and jump plugin.
1. It enhaces the default search and jump behavior of neovim.(search with prefix `/`)
| Action | Shortcut |
| ----------------- | ------------------------------------------------------------------------------------------------------------- |
| Search | `/`(normal search), `s`(disable all code highlight, only highlight matches) |
| Treesitter Search | `yR`,`dR`, `cR`, `vR`, `ctrl+v+R`(arround your matches, all the surrounding Treesitter nodes will be labeled) |
| Remote Flash | `yr`, `dr`, `cr`, (arround your matches, all the surrounding Treesitter nodes will be labeled) |
## Text Manipulation
- Add at the end of multiple lines: `:normal A<text>`
- Execublock: `:A<text>`
- visual block mode(ctrl + v)
- Append text at the end of each line in the selected block
- If position exceeds line end, neovim adds spaces automatically
- Delete the last char of multivle lines: `:normal $x`
- Execute `$x` on each line
- visual mode(v)
- `$` moves cursor to the end of line
- `x` deletes the character under the cursor
- Delete the last word of multiple lines: `:normal $bD`
- Execute `$bD` on each line
- visual mode(v)
- `$` moves cursor to the end of line
- `b` moves cursor to the beginning of the last word
- `D` deletes from cursor to the end of line
## Commands & Shortcuts
| Action | Shortcut |
| ----------------------------- | -------------- |
| Learn Neovim's Basics | `:Tutor` |
| Open file explorer | `<Space> + e` |
| Focus Neotree to current file | `<Space> + o` |
| Floating Terminal | `<Space> + tf` |
| Horizontal Split Terminal | `<Space> + th` |
| Vertical Split Terminal | `<Space> + tv` |
| Open IPython REPL | `<Space> + tp` |
| Toggle line wrap | `<Space> + uw` |
| Show line diagnostics | `gl` |
| Show function/variable info | `K` |
| Go to definition | `gd` |
| References of a symbol | `gr` |
## Window Navigation
- Switch between windows: `<Ctrl> + h/j/k/l`
- Resize windows: `<Ctrl> + Up/Down/Left/Right`
- Note: On macOS, conflicts with system shortcuts
- Disable in System Preferences -> Keyboard -> Shortcuts -> Mission Control
## Splitting and Buffers
| Action | Shortcut |
| --------------------- | ------------- |
| Horizontal Split | `\` |
| Vertical Split | `\|` |
| Next Buffer (Tab) | `]b` |
| Previous Buffer (Tab) | `[b` |
| Close Buffer | `<Space> + c` |
## Editing and Formatting
| Action | Shortcut |
| ----------------------------------------------------- | -------------- |
| Toggle buffer auto formatting | `<Space> + uf` |
| Format Document | `<Space> + lf` |
| Code Actions | `<Space> + la` |
| Rename | `<Space> + lr` |
| Opening LSP symbols | `<Space> + lS` |
| Comment Line(support multiple lines) | `<Space> + /` |
| Open filepath/URL at cursor(neovim's builtin command) | `gx` |
| Find files by name (fzf) | `<Space> + ff` |
| Grep string in files (ripgrep) | `<Space> + fw` |
## Sessions
| Action | Shortcut |
| ------------------------------ | -------------- |
| Save Session | `<Space> + Ss` |
| Last Session | `<Space> + Sl` |
| Delete Session | `<Space> + Sd` |
| Search Session | `<Space> + Sf` |
| Load Current Directory Session | `<Space> + S.` |
## Debugging
Press `<Space> + D` to view available bindings and options.
## Find and Replace
| Action | Command |
| ------------------------ | ----------------------------------- |
| Replace in selected area | `:s/old/new/g` |
| Replace in current line | Same as above |
| Replace in whole file | `:% s/old/new/g` |
| Replace with regex | `:% s@\vhttp://(\w+)@https://\1@gc` |
1. `\v` means means that in the regex pattern after it can be used without backslash escaping(similar to python's raw string).
2. `\1` means the first matched group in the pattern.
## Replace in the specific lines
| Action | Command |
| ----------------------------------------- | -------------------------------------- |
| From the 10th line to the end of the file | `:10,$ s/old/new/g` or `:10,$ s@^@#@g` |
| From the 10th line to the 20th line | `:10,20 s/old/new/g` |
The postfix(flags) in the above commands:
1. `g` means replace all the matched strings in the current line/file.
2. `c` means ask for confirmation before replacing.
3. `i` means ignore case.
## Search and Replace Globally
| Description | Shortcut |
| ------------------------------------------------------------ | ---------------------------------------------------------------- |
| Open spectre.nvim search and replace panel | `<Space> + ss` |
| Search and replace in command line(need install `sad` first) | `find -name "*.nix" \| sad '<pattern>' '<replacement>' \| delta` |
## Surrounding Characters
Provided by mini.surround plugin.
- Prefix `gz`
| Action | Shortcut | Description |
| ------------------------------ | -------- | ----------------------------------------------- |
| Add surrounding characters | `gzaiw'` | Add `'` around the word under cursor |
| Delete surrounding characters | `gzd'` | Delete `'` around the word under cursor |
| Replace surrounding characters | `gzr'"` | Replace `'` by `"` around the word under cursor |
| Highlight surrounding | `gzh'` | Highlight `'` around the word under cursor |
## Text Manipulation
| Action | |
| -------------------------------------- | ------------- |
| Join Selection of Lines With Space | `:join` |
| Join without spaces | `:join!` |
| Join with LSP intelligence(treesj) | `<Space> + j` |
| Split Line into Multiple Lines(treesj) | `<Space> + s` |
## Convert Text Case
| Action | |
| -------------------- | --- |
| Toggle text's case | `~` |
| Convert to uppercase | `U` |
| Convert to lowercase | `u` |
## Miscellaneous
| Action | |
| ---------------------------- | -------------------------------------------- |
| Save selected text to a file | `:w filename` (Will show `:'<,'>w filename`) |
| Show all Yank History | `:<Space> + yh` |
| Show undo history | `:<Space> + uh` |
## Additional Resources
For more detailed information and advanced usage, refer to:
1. [AstroNvim walkthrough](https://astronvim.com/Basic%20Usage/walkthrough)
2. [./astronvim_user/mapping.lua](./astronvim_user/mappings.lua)
3. All the plugins' documentations
home/base/desktop/neovim/astronvim_user/init.lua
+257 -86
View File
@@ -5,9 +5,9 @@ return {
opt = {
relativenumber = true, -- Show relative numberline
signcolumn = "auto", -- Show sign column when used only
spell = false, -- Spell checking
swapfile = false, -- Swapfile
smartindent = false; -- fix https://github.com/ryan4yin/nix-config/issues/4
spell = false, -- Spell checking
swapfile = false, -- Swapfile
smartindent = false, -- fix https://github.com/ryan4yin/nix-config/issues/4
},
},
@@ -24,7 +24,6 @@ return {
{ import = "astrocommunity.motion.leap-nvim" },
{ import = "astrocommunity.motion.flit-nvim" },
{ import = "astrocommunity.scrolling.nvim-scrollbar" },
{ import = "astrocommunity.editing-support.auto-save-nvim" },
{ import = "astrocommunity.editing-support.todo-comments-nvim" },
-- Language Support
---- Frontend & NodeJS
@@ -35,7 +34,6 @@ return {
{ import = "astrocommunity.pack.vue" },
---- Configuration Language
{ import = "astrocommunity.pack.markdown" },
{ import = "astrocommunity.markdown-and-latex.glow-nvim" },
{ import = "astrocommunity.pack.json" },
{ import = "astrocommunity.pack.yaml" },
{ import = "astrocommunity.pack.toml" },
@@ -53,6 +51,14 @@ return {
{ import = "astrocommunity.pack.cmake" },
{ import = "astrocommunity.pack.cpp" },
{ import = "astrocommunity.pack.docker" },
-- Motion
{ import = "astrocommunity.motion.mini-surround" },
-- https://github.com/echasnovski/mini.ai
{ import = "astrocommunity.motion.mini-ai" },
{ import = "astrocommunity.motion.flash-nvim" },
{ "folke/flash.nvim", vscode = false },
-- Lua implementation of CamelCaseMotion, with extra consideration of punctuation.
{ import = "astrocommunity.motion.nvim-spider" },
-- AI Assistant
{ import = "astrocommunity.completion.copilot-lua-cmp" },
-- Custom copilot-lua to enable filtypes: markdown
@@ -60,30 +66,120 @@ return {
"zbirenbaum/copilot.lua",
opts = function(_, opts)
opts.filetypes = {
yaml = true;
yaml = true,
markdown = true,
}
end,
},
---- Nushell
{
"LhKipp/nvim-nu",
"0x00-ketsu/autosave.nvim",
-- lazy-loading on events
event = { "InsertLeave", "TextChanged" },
opts = function(_, opts)
opts.prompt_style = "notify" -- or stdout
end,
},
-- markdown preview
{
"0x00-ketsu/markdown-preview.nvim",
ft = { "md", "markdown", "mkd", "mkdn", "mdwn", "mdown", "mdtxt", "mdtext", "rmd", "wiki" },
config = function()
require'nu'.setup({
use_lsp_features = true, -- requires https://github.com/jose-elias-alvarez/null-ls.nvim
-- lsp_feature: all_cmd_names is the source for the cmd name completion.
-- It can be
-- * a string, which is interpreted as a shell command and the returned list is the source for completions (requires plenary.nvim)
-- * a list, which is the direct source for completions (e.G. all_cmd_names = {"echo", "to csv", ...})
-- * a function, returning a list of strings and the return value is used as the source for completions
all_cmd_names = [[nu -c 'help commands | get name | str join "\n"']]
require("markdown-preview").setup({
-- your configuration comes here
-- or leave it empty to use the default settings
-- refer to the setup section below
})
end,
},
-- clipboard manager
{
"gbprod/yanky.nvim",
opts = function()
local mapping = require("yanky.telescope.mapping")
local mappings = mapping.get_defaults()
mappings.i["<c-p>"] = nil
return {
highlight = { timer = 200 },
picker = {
telescope = {
use_default_mappings = false,
mappings = mappings,
},
},
}
end,
keys = {
{
"y",
"<Plug>(YankyYank)",
mode = { "n", "x" },
desc = "Yank text",
},
{
"p",
"<Plug>(YankyPutAfter)",
mode = { "n", "x" },
desc = "Put yanked text after cursor",
},
{
"P",
"<Plug>(YankyPutBefore)",
mode = { "n", "x" },
desc = "Put yanked text before cursor",
},
{
"gp",
"<Plug>(YankyGPutAfter)",
mode = { "n", "x" },
desc = "Put yanked text after selection",
},
{
"gP",
"<Plug>(YankyGPutBefore)",
mode = { "n", "x" },
desc = "Put yanked text before selection",
},
{ "[y", "<Plug>(YankyCycleForward)", desc = "Cycle forward through yank history" },
{ "]y", "<Plug>(YankyCycleBackward)", desc = "Cycle backward through yank history" },
{ "]p", "<Plug>(YankyPutIndentAfterLinewise)", desc = "Put indented after cursor (linewise)" },
{ "[p", "<Plug>(YankyPutIndentBeforeLinewise)", desc = "Put indented before cursor (linewise)" },
{ "]P", "<Plug>(YankyPutIndentAfterLinewise)", desc = "Put indented after cursor (linewise)" },
{ "[P", "<Plug>(YankyPutIndentBeforeLinewise)", desc = "Put indented before cursor (linewise)" },
{ ">p", "<Plug>(YankyPutIndentAfterShiftRight)", desc = "Put and indent right" },
{ "<p", "<Plug>(YankyPutIndentAfterShiftLeft)", desc = "Put and indent left" },
{ ">P", "<Plug>(YankyPutIndentBeforeShiftRight)", desc = "Put before and indent right" },
{ "<P", "<Plug>(YankyPutIndentBeforeShiftLeft)", desc = "Put before and indent left" },
{ "=p", "<Plug>(YankyPutAfterFilter)", desc = "Put after applying a filter" },
{ "=P", "<Plug>(YankyPutBeforeFilter)", desc = "Put before applying a filter" },
},
},
-- Enhanced matchparen.vim plugin for Neovim to highlight the outer pair.
{
"utilyre/sentiment.nvim",
version = "*",
event = "VeryLazy", -- keep for lazy loading
opts = {
-- config
},
init = function()
-- `matchparen.vim` needs to be disabled manually in case of lazy loading
vim.g.loaded_matchparen = 1
end,
},
-- joining blocks of code into oneline, or splitting one line into multiple lines.
{
"Wansmer/treesj",
keys = { "<space>m", "<space>j", "<space>s" },
dependencies = { "nvim-treesitter/nvim-treesitter" },
config = function()
require("treesj").setup({ --[[ your config ]]
})
end,
dependencies = {
{"nvim-treesitter/nvim-treesitter"},
{ "jose-elias-alvarez/null-ls.nvim"},
}
},
-- File explorer(Custom configs)
@@ -92,36 +188,48 @@ return {
opts = {
filesystem = {
filtered_items = {
visible = true, -- visible by default
visible = true, -- visible by default
hide_dotfiles = false,
hide_gitignored = false,
},
},
}
},
},
-- The plugin offers the `:Refactor` command to refactor code.
-- TODO not work yet
-- The plugin offers the alibity to refactor code.
{
"ThePrimeagen/refactoring.nvim",
dependencies = {
{"nvim-lua/plenary.nvim"},
{"nvim-treesitter/nvim-treesitter"}
}
{ "nvim-lua/plenary.nvim" },
{ "nvim-treesitter/nvim-treesitter" },
},
},
-- The plugin offers the `:Spectre` command to search and replace.
-- TODO not work yet
-- The plugin offers the abilibty to search and replace.
{
"nvim-pack/nvim-spectre",
dependencies = {
{"nvim-lua/plenary.nvim"},
}
{ "nvim-lua/plenary.nvim" },
},
},
-- full signature help, docs and completion for the nvim lua API.
{ "folke/neodev.nvim", opts = {} },
{ "RRethy/vim-illuminate", config = function() end },
-- Language Parser for syntax highlighting / indentation / folding / Incremental selection
{
"nvim-treesitter/nvim-treesitter",
opts = function(_, opts)
local utils = require "astronvim.utils";
opts.indent.enable = false;
local utils = require("astronvim.utils")
opts.incremental_selection = {
enable = true,
keymaps = {
init_selection = "<C-space>", -- Ctrl + Space
node_incremental = "<C-space>",
scope_incremental = "<A-space>", -- Alt + Space
node_decremental = "<bs>", -- Backspace
},
}
opts.ensure_installed = utils.list_insert_unique(opts.ensure_installed, {
-- neovim
"vim",
@@ -137,6 +245,17 @@ return {
end,
},
-- implementation/definition preview
{
"rmagatti/goto-preview",
config = function()
require("goto-preview").setup({})
end,
},
-- Undo tree
{ "debugloop/telescope-undo.nvim" },
-- Install lsp, formmatter and others via home manager instead of Mason.nvim
-- LSP installations
{
@@ -160,7 +279,7 @@ return {
{
"jose-elias-alvarez/null-ls.nvim",
opts = function(_, opts)
local null_ls = require "null-ls"
local null_ls = require("null-ls")
local code_actions = null_ls.builtins.code_actions
local diagnostics = null_ls.builtins.diagnostics
local formatting = null_ls.builtins.formatting
@@ -173,42 +292,40 @@ return {
code_actions.gitsigns,
-- common refactoring actions based off the Refactoring book by Martin Fowler
code_actions.refactoring,
code_actions.gomodifytags, -- Go - modify struct field tags
code_actions.impl, -- Go - generate interface method stubs
code_actions.gomodifytags, -- Go - modify struct field tags
code_actions.impl, -- Go - generate interface method stubs
code_actions.shellcheck,
code_actions.proselint, -- English prose linter
code_actions.statix, -- Lints and suggestions for Nix.
-- Completion
completion.luasnip,
code_actions.proselint, -- English prose linter
code_actions.statix, -- Lints and suggestions for Nix.
-- Diagnostic
diagnostics.actionlint, -- GitHub Actions workflow syntax checking
diagnostics.buf, -- check text in current buffer
diagnostics.checkmake, -- check Makefiles
diagnostics.deadnix, -- Scan Nix files for dead code.
diagnostics.actionlint, -- GitHub Actions workflow syntax checking
diagnostics.buf, -- check text in current buffer
diagnostics.checkmake, -- check Makefiles
diagnostics.deadnix, -- Scan Nix files for dead code.
-- Formatting
formatting.prettier, -- js/ts/vue/css/html/json/... formatter
diagnostics.hadolint, -- Dockerfile linter
formatting.black, -- Python formatter
formatting.ruff, -- extremely fast Python linter
formatting.goimports, -- Go formatter
formatting.shfmt, -- Shell formatter
formatting.rustfmt, -- Rust formatter
formatting.taplo, -- TOML formatteautoindentr
formatting.terraform_fmt, -- Terraform formatter
formatting.stylua, -- Lua formatter
formatting.alejandra, -- Nix formatter
formatting.sqlfluff.with({ -- SQL formatter
extra_args = { "--dialect", "postgres" }, -- change to your dialect
formatting.prettier, -- js/ts/vue/css/html/json/... formatter
diagnostics.hadolint, -- Dockerfile linter
formatting.black, -- Python formatter
formatting.ruff, -- extremely fast Python linter
formatting.goimports, -- Go formatter
formatting.shfmt, -- Shell formatter
formatting.rustfmt, -- Rust formatter
formatting.taplo, -- TOML formatteautoindentr
formatting.terraform_fmt, -- Terraform formatter
formatting.stylua, -- Lua formatter
formatting.alejandra, -- Nix formatter
formatting.sqlfluff.with({ -- SQL formatter
extra_args = { "--dialect", "postgres" }, -- change to your dialect
}),
formatting.nginx_beautifier, -- Nginx formatter
formatting.nginx_beautifier, -- Nginx formatter
null_ls.builtins.formatting.verible_verilog_format, -- Verilog formatter
})
end
end,
},
-- Debugger installation
-- Debugger installation
{
"jay-babu/mason-nvim-dap.nvim",
-- overrides `require("mason-nvim-dap").setup(...)`
@@ -217,6 +334,57 @@ return {
opts.automatic_installation = false
end,
},
{
"nvim-telescope/telescope.nvim",
branch = "0.1.x",
dependencies = { "nvim-lua/plenary.nvim" },
init = function()
-- 1. Disable highlighting for certain filetypes
-- 2. Ignore files larger than a certain filesize
local previewers = require("telescope.previewers")
local _bad = { ".*%.csv", ".*%.min.js" } -- Put all filetypes that slow you down in this array
local filesize_threshold = 300 * 1024 -- 300KB
local bad_files = function(filepath)
for _, v in ipairs(_bad) do
if filepath:match(v) then
return false
end
end
return true
end
local new_maker = function(filepath, bufnr, opts)
opts = opts or {}
if opts.use_ft_detect == nil then
opts.use_ft_detect = true
end
-- 1. Check if the file is in the bad_files array, and if so, don't highlight it
opts.use_ft_detect = opts.use_ft_detect == false and false or bad_files(filepath)
-- 2. Check the file size, and ignore it if it's too big(preview nothing).
filepath = vim.fn.expand(filepath)
vim.loop.fs_stat(filepath, function(_, stat)
if not stat then
return
end
if stat.size > filesize_threshold then
return
else
previewers.buffer_previewer_maker(filepath, bufnr, opts)
end
end)
end
require("telescope").setup({
defaults = {
buffer_previewer_maker = new_maker,
},
})
end,
},
},
-- Configure require("lazy").setup() options
@@ -225,11 +393,12 @@ return {
performance = {
rtp = {
-- customize default disabled vim plugins
disabled_plugins = { };
disabled_plugins = {},
},
},
},
-- https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
lsp = {
config = {
-- the offset_enconding of clangd will confilicts whit null-ls
@@ -243,34 +412,36 @@ return {
-- enable servers that installed by home-manager instead of mason
servers = {
---- Frontend & NodeJS
"tsserver", -- typescript/javascript language server
"tailwindcss", -- tailwindcss language server
"html", -- html language server
"cssls", -- css language server
"prismals", -- prisma language server
"volar", -- vue language server
"tsserver", -- typescript/javascript language server
"tailwindcss", -- tailwindcss language server
"html", -- html language server
"cssls", -- css language server
"prismals", -- prisma language server
"volar", -- vue language server
---- Configuration Language
"marksman", -- markdown ls
"jsonls", -- json language server
"yamlls", -- yaml language server
"taplo", -- toml language server
"marksman", -- markdown ls
"jsonls", -- json language server
"yamlls", -- yaml language server
"taplo", -- toml language server
---- Backend
"lua_ls", -- lua
"gopls", -- go
"rust_analyzer", -- rust
"pyright", -- python
"ruff_lsp", -- extremely fast Python linter and code transformation
"jdtls", -- java
"nil_ls", -- nix language server
"bufls", -- protocol buffer language server
"zls", -- zig language server
"lua_ls", -- lua
"gopls", -- go
"rust_analyzer", -- rust
"pyright", -- python
"ruff_lsp", -- extremely fast Python linter and code transformation
"jdtls", -- java
"nil_ls", -- nix language server
"bufls", -- protocol buffer language server
"zls", -- zig language server
---- HDL
"verible", -- verilog language server
---- Operation & Cloud Nativautoindente
"bashls", -- bash
"cmake", -- cmake language server
"clangd", -- c/c++
"dockerls", -- dockerfile
"jsonnet_ls", -- jsonnet language server
"terraformls", -- terraform hcl
"bashls", -- bash
"cmake", -- cmake language server
"clangd", -- c/c++
"dockerls", -- dockerfile
"jsonnet_ls", -- jsonnet language server
"terraformls", -- terraform hcl
},
formatting = {
disabled = {},
home/base/desktop/neovim/astronvim_user/mappings.lua
+52 -5
View File
@@ -4,18 +4,65 @@
-- lower level configuration and more robust one. (which-key will
-- automatically pick-up stored data by this setting.)
local utils = require "astronvim.utils"
require("telescope").load_extension("refactoring")
require("telescope").load_extension("yank_history")
require("telescope").load_extension("undo")
return {
-- first key is the mode
-- normal mode
n = {
-- second key is the lefthand side of the map
-- mappings seen under group name "Buffer"
["<leader>bn"] = { "<cmd>tabnew<cr>", desc = "New tab" },
-- quick save
["<C-s>"] = { ":w!<cr>", desc = "Save File" }, -- change description but the same command
["<leader>tp"] = { function() utils.toggle_term_cmd("ipython") end, desc = "ToggleTerm python" },
-- Terminal
-- NOTE: https://neovim.io/doc/user/builtin.html#jobstart()
-- 1. If {cmd} is a List it runs directly (no 'shell')
-- 2. If {cmd} is a String it runs in the 'shell'
["<leader>tp"] = { function() utils.toggle_term_cmd({ cmd = "ipython" }) end, desc = "ToggleTerm python" },
-- search and replace globally
['<leader>ss'] = {'<cmd>lua require("spectre").toggle()<CR>', desc = "Toggle Spectre" },
['<leader>sw'] = {'<cmd>lua require("spectre").open_visual({select_word=true})<CR>', desc = "Search current word" },
['<leader>sp'] ={'<cmd>lua require("spectre").open_file_search({select_word=true})<CR>', desc = "Search on current file" },
-- refactoring
["<leader>ri"] = { function() require('refactoring').refactor('Inline Variable') end, desc = "Inverse of extract variable" },
["<leader>rb"] = { function() require('refactoring').refactor('Extract Block') end, desc = "Extract Block" },
["<leader>rbf"] = { function() require('refactoring').refactor('Extract Block To File') end, desc = "Extract Block To File" },
["<leader>rr"] = { function() require('telescope').extensions.refactoring.refactors() end, desc = "Prompt for a refactor to apply" },
["<leader>rp"] = { function() require('refactoring').debug.printf({below = false}) end, desc = "Insert print statement to mark the calling of a function" },
["<leader>rv"] = { function() require('refactoring').debug.print_var() end, desc = "Insert print statement to print a variable" },
["<leader>rc"] = { function() require('refactoring').debug.cleanup({}) end, desc = "Cleanup of all generated print statements" },
-- yank_history
["<leader>yh"] = { function() require("telescope").extensions.yank_history.yank_history() end, desc = "Preview Yank History" },
-- undo history
["<leader>uh"] = {"<cmd>Telescope undo<cr>", desc="Telescope undo" },
-- implementation/definition preview
["gpd"] = { "<cmd>lua require('goto-preview').goto_preview_definition()<CR>", desc="goto_preview_definition" },
["gpt"] = { "<cmd>lua require('goto-preview').goto_preview_type_definition()<CR>", desc="goto_preview_type_definition" },
["gpi"] = { "<cmd>lua require('goto-preview').goto_preview_implementation()<CR>", desc="goto_preview_implementation" },
["gP" ] = { "<cmd>lua require('goto-preview').close_all_win()<CR>", desc="close_all_win" },
["gpr"] = { "<cmd>lua require('goto-preview').goto_preview_references()<CR>", desc="goto_preview_references" },
},
t = {
-- setting a mapping to false will disable it
-- ["<esc>"] = false,
-- Visual mode
v = {
-- search and replace globally
['<leader>sw'] = {'<esc><cmd>lua require("spectre").open_visual()<CR>', desc = "Search current word" },
},
-- visual mode(what's the difference between v and x???)
x = {
-- refactoring
["<leader>ri"] = { function() require('refactoring').refactor('Inline Variable') end, desc = "Inverse of extract variable" },
["<leader>re"] = { function() require('refactoring').refactor('Extract Function') end, desc = "Extracts the selected code to a separate function" },
["<leader>rf"] = { function() require('refactoring').refactor('Extract Function To File') end, desc = "Extract Function To File" },
["<leader>rv"] = { function() require('refactoring').refactor('Extract Variable') end, desc = "Extracts occurrences of a selected expression to its own variable" },
["<leader>rr"] = { function() require('telescope').extensions.refactoring.refactors() end, desc = "Prompt for a refactor to apply" },
},
}
home/base/desktop/neovim/default.nix
+126 -204
View File
@@ -5,120 +5,17 @@
}:
###############################################################################
#
# AstroNvim's configuration and all its dependencies
#
# Related folders:
# nvim's config: `~/.config/nvim`
# astronvim's user configuration: `$XDG_CONFIG_HOME/astronvim/lua/user`
# all plugins will be installed into(by lazy.nvim): `~/.local/share/nvim/`
#
# For details: https://astronvim.com/
#
# Toggle visual mode: `v`
# Toggle visual block mode: `<Ctrl> + v` (select a block(vertically) of text)
#
# Add at the end of Multiple line: `:normal A<text>`
# Note that `:normal` execute `A<text>` on each line.
# `A` means append text at the end of the line.
# You need to select the lines via visual mode first.
#
# Add at the end of the visual block: `:A<text>`
# You need to select the block via visual block mode first.
# And then this command will append text at the end of the block on each line.
# If the position exceeds the end of the line, neovim will automatically add spaces
#
# Commands & shortcuts in AstroNvim
# Learn Neovim's Basics: `:Tutor`
# Opening file explorer: `<Space> + e`
# Focus Neotree to current file: `<Space> + o`
# Floating Terminal: `<Space> + tf`
# Horizontal Split Terminal: `<Space> + th`
# Vertical Split Terminal: `<Space> + tv`
# Open IPython REPL: `<Space> + tp`
# Opening LSP symbols: `<Space> + lS`
# Toggle line wrap: `<Space> + uw`
# Show line diagnostics: `gl`
# Go to definition: `gd`
#
# Switching between windows: `<Ctrl> + h/j/k/l`
# Resizing windows: `<Ctrl> + Up/Down/Left/Right`
# Note that on macOS, this is conflict with system's default shortcuts.
# You need disable them in System Preferences -> Keyboard -> Shortcuts -> Mission Control.
# Horizontal Split: `\`
# Vertical Split: `|`
# Next Buffer(Tab): `]b`
# Previous Buffer(Tab): `[b`
# Close Buffer: `<Space> + c`
#
# Toggle buffer auto formatting: `<Space> + uf`
# Format Document: `<Space> + lf`
# Comment Line: `<Space> + /`
# Can be used in visual mode
# Code Actions: `<Space> + la`
# Rename: `<Space> + lr`
# Open filepath/URL at cursor: `gx`
# This is a neovim builtin command
# Find files by name(fzf): `<Space> + ff`
# Grep string in files(repgrep): `<Space> + fw`
#
# Save Session: `<Space> + Ss`
# Last Session: `<Space> + Sl`
# Delete Session: `<Space> + Sd`
# Search Session: `<Space> + Sf`
# Load Current Directory Session:`<Space> + S.`
#
# Debugging: press `<Space> + D` to see the available bindings and options.
#
# Replace in the selected area: `:s/old/new/g` (will show `:'<,'>s/old/new/g`)
# Replace in the current line: The same as above
# Replace in the whole file: `:% s/old/new/g`
# Replace with regex: `:% s@\vhttp://(\w+)@https://\1@gc`
# 1. `\v` means means that in the regex pattern after it can be used without backslash escaping(similar to python's raw string).
# 2. `\1` means the first matched group in the pattern.
# Replace in the specific lines:
# 1. From the 10th line to the end of the file: `:10,$ s/old/new/g`
# or `:10,$ s@^@#@g`
# 2. From the 10th line to the 20th line: `:10,20 s/old/new/g`
#
# The postfix(flgas) in the above commands:
# 1. `g` means replace all the matched strings in the current line/file.
# 2. `c` means ask for confirmation before replacing.
# 3. `i` means ignore case.
#
# Joining a Selection of Lines With Space: `:join`
# Joining without spaces: `:join!`
#
# Toggle text's case: `~`
# Convert to uppercase: `U`
# Convert to lowercase: `u`
#
# Save the selected text to a file: `:w filename` (will show `:'<,'>w filename`)
#
# Search key pattern and Replace in Multiple Files:
# sed -ri "s/pattern_str/replace_str/g" $(grep "key_pattern" 'path_pattern' -rl)
#
# Search file name pattern and Replace in Multiple Files:
# sed -ri "s/pattern_str/replace_str/g" $(find . -name "pattern")
#
# ......
# See https://astronvim.com/Basic%20Usage/walkthrough
# AstroNvim's configuration and all its dependencies(lsp, formatter, etc.)
#
#e#############################################################################
{
xdg.configFile = {
# base config
"nvim" = {
# update AstroNvim
onChange = "${pkgs.neovim}/bin/nvim --headless +quitall";
source = astronvim;
};
# my cusotom astronvim config, astronvim will load it after base config
# astronvim's config
"nvim".source = astronvim;
# my custom astronvim config, astronvim will load it after base config
# https://github.com/AstroNvim/AstroNvim/blob/v3.32.0/lua/astronvim/bootstrap.lua#L15-L16
"astronvim/lua/user" = {
# update AstroNvim
onChange = "${pkgs.neovim}/bin/nvim --headless +quitall";
source = ./astronvim_user;
};
"astronvim/lua/user".source = ./astronvim_user;
};
nixpkgs.config = {
@@ -130,105 +27,130 @@
programs = {
neovim = {
enable = true;
defaultEditor = true;
viAlias = false;
defaultEditor = true;
viAlias = true;
vimAlias = true;
withPython3 = true;
withNodeJs = true;
extraPackages = [];
# currently we use lazy.nvim as neovim's package manager, so comment this one.
plugins = with pkgs.vimPlugins; [
# search all the plugins using https://search.nixos.org/packages
luasnip
];
# plugins = with pkgs.vimPlugins; [
# # search all the plugins using https://search.nixos.org/packages
# ];
# Extra packages only available to nvim(won't pollute the global home environment)
extraPackages = with pkgs;
[
#-- c/c++
cmake
cmake-language-server
gnumake
checkmake
gcc # c/c++ compiler, required by nvim-treesitter!
llvmPackages.clang-unwrapped # c/c++ tools with clang-tools such as clangd
gdb
lldb
#-- python
nodePackages.pyright # python language server
python3Packages.black # python formatter
python3Packages.ruff-lsp
(python3.withPackages (
ps:
with ps; [
pynvim # Python client and plugin host for Nvim
ipython
pandas
requests
pyquery
pyyaml
]
))
#-- rust
rust-analyzer
cargo # rust package manager
rustfmt
#-- zig
zls
#-- nix
nil
rnix-lsp
# nixd
statix # Lints and suggestions for the nix programming language
deadnix # Find and remove unused code in .nix source files
alejandra # Nix Code Formatter
#-- golang
go
gomodifytags
iferr # generate error handling code for go
impl # generate function implementation for go
gotools # contains tools like: godoc, goimports, etc.
gopls # go language server
delve # go debugger
# -- java
jdk17
gradle
maven
spring-boot-cli
#-- lua
stylua
lua-language-server
#-- bash
nodePackages.bash-language-server
shellcheck
shfmt
#-- javascript/typescript --#
nodePackages.nodejs
nodePackages.typescript
nodePackages.typescript-language-server
# HTML/CSS/JSON/ESLint language servers extracted from vscode
nodePackages.vscode-langservers-extracted
nodePackages."@tailwindcss/language-server"
#-- CloudNative
nodePackages.dockerfile-language-server-nodejs
# terraform # install via brew on macOS
terraform-ls
jsonnet
jsonnet-language-server
hadolint # Dockerfile linter
#-- Others
taplo # TOML language server / formatter / validator
nodePackages.yaml-language-server
sqlfluff # SQL linter
actionlint # GitHub Actions linter
buf # protoc plugin for linting and formatting
proselint # English prose linter
guile # scheme language
#-- Misc
tree-sitter # common language parser/highlighter
nodePackages.prettier # common code formatter
marksman # language server for markdown
glow # markdown previewer
fzf
#-- Optional Requirements:
gdu # disk usage analyzer, required by AstroNvim
ripgrep # fast search tool, required by AstroNvim's '<leader>fw'(<leader> is space key)
]
++ (
if pkgs.stdenv.isDarwin
then []
else [
#-- verilog / systemverilog
verible
]
);
};
};
home = {
packages = with pkgs; [
#-- c/c++
cmake
cmake-language-server
gnumake
checkmake
gcc # c/c++ compiler, required by nvim-treesitter!
llvmPackages.clang-unwrapped # c/c++ tools with clang-tools such as clangd
gdb
lldb
#-- python
nodePackages.pyright # python language server
python311Packages.black # python formatter
python311Packages.ruff-lsp
#-- rust
rust-analyzer
cargo # rust package manager
rustfmt
#-- zig
zls
#-- nix
nil
rnix-lsp
# nixd
statix # Lints and suggestions for the nix programming language
deadnix # Find and remove unused code in .nix source files
alejandra # Nix Code Formatter
#-- golang
go
gomodifytags
iferr # generate error handling code for go
impl # generate function implementation for go
gotools # contains tools like: godoc, goimports, etc.
gopls # go language server
delve # go debugger
#-- lua
stylua
lua-language-server
#-- bash
nodePackages.bash-language-server
shellcheck
shfmt
#-- javascript/typescript --#
nodePackages.typescript
nodePackages.typescript-language-server
# HTML/CSS/JSON/ESLint language servers extracted from vscode
nodePackages.vscode-langservers-extracted
nodePackages."@tailwindcss/language-server"
#-- CloudNative
nodePackages.dockerfile-language-server-nodejs
terraform
terraform-ls
jsonnet
jsonnet-language-server
hadolint # Dockerfile linter
#-- Others
taplo # TOML language server / formatter / validator
nodePackages.yaml-language-server
sqlfluff # SQL linter
actionlint # GitHub Actions linter
buf # protoc plugin for linting and formatting
proselint # English prose linter
#-- Misc
tree-sitter # common language parser/highlighter
nodePackages.prettier # common code formatter
marksman # language server for markdown
glow # markdown previewer
#-- Optional Requirements:
gdu # disk usage analyzer, required by AstroNvim
ripgrep # fast search tool, required by AstroNvim's '<leader>fw'(<leader> is space key)
];
};
}
home/base/desktop/terminal/README.md
+61
View File
@@ -0,0 +1,61 @@
# Termianl Emulators
1. kitty: My main terminal emulator.
2. wezterm: My secondary terminal emulator.
3. alacritty: Standby terminal.
## 'xterm-kitty': unknown terminal type when `ssh` into a remote host or `sudo xxx`
> https://sw.kovidgoyal.net/kitty/faq/#i-get-errors-about-the-terminal-being-unknown-or-opening-the-terminal-failing-or-functional-keys-like-arrow-keys-don-t-work
> https://wezfurlong.org/wezterm/config/lua/config/term.html
kitty set `TERM` to `xterm-kitty` by default, and TUI apps like `viu`, `yazi`, `curses` will try to search in the host's [terminfo(terminal capability data base)](https://linux.die.net/man/5/terminfo) for value of `TERM` to determine the capabilities of the terminal.
But when you `ssh` into a remote host, the remote host is very likely to not have `xterm-kitty` in its terminfo, so you will get this error:
```
'xterm-kitty': unknown terminal type
```
Or when you `sudo xxx`, `sudo` won't preserve the `TERM` variable, it will be reset to root's default `TERM` value, which is `xterm` or `xterm-256color` in most linux distributions, so you will get this error:
```
'xterm-256color': unknown terminal type
```
or
```
Error opening terminal: xterm-kitty.
```
NixOS preserve the `TERMINFO` and `TERMINFO_DIRS` environment variables, for `root` and the `wheel` group: [nixpkgs/nixos/modules/config/terminfo.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/config/terminfo.nix#L18)
For nix-darwin, take a look at <https://github.com/LnL7/nix-darwin/wiki/Terminfo-issues>
### Solutions
Simplest solution, it will automatically copy over the terminfo files and also magically enable shell integration on the remote machine:
```
kitten ssh user@host
```
Or if you do not care about kitty's features(such as true color & graphics protocol), you can simply set `TERM` to `xterm-256color`, which is built-in in most linux distributions:
```
export TERM=xterm-256color
```
If you need kitty's features, but do not like the magic of `kitten`, you can manually install kitty's terminfo on the remote host:
```bash
# install on ubuntu / debian
sudo apt-get install kitty-terminfo
# or copy from local machine
infocmp -a xterm-kitty | ssh myserver tic -x -o \~/.terminfo /dev/stdin
```
home/base/desktop/alacritty.nix → home/base/desktop/terminal/alacritty.nix
+16 -6
View File
@@ -7,12 +7,14 @@
# 1. Multi-Window: `command + N`
# 2. Increase Font Size: `command + =` | `command + +`
# 3. Decrease Font Size: `command + -` | `command + _`
# 4. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
# 4. Search Text: `command + F`
# 5. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
#
# Useful Hot Keys for Linux:
# 1. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
# 2. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
# 3. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
# 3. Search Text: `ctrl + shift + N`
# 4. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
#
# Note: Alacritty do not have support for Tabs, and any graphic protocol.
#
@@ -35,7 +37,7 @@
#
# Window opacity as a floating point number from `0.0` to `1.0`.
# The value `0.0` is completely transparent and `1.0` is opaque.
opacity: 0.95
opacity: 0.93
# Startup Mode (changes require restart)
#
@@ -46,7 +48,7 @@
#
# Values for `startup_mode` (macOS only):
# - SimpleFullscreen
startup_mode: Windowed
startup_mode: Maximized
# Allow terminal applications to change Alacritty's window title.
dynamic_title: true
@@ -81,14 +83,22 @@
# If the bold italic family is not specified, it will fall back to the
# value specified for the normal font.
family: JetBrainsMono Nerd Font
shell:
# To resolve issues:
# 1. https://github.com/ryan4yin/nix-config/issues/26
# 2. https://github.com/ryan4yin/nix-config/issues/8
# Spawn a nushell in login mode via `bash`
program: ${pkgs.bash}/bin/bash
args:
- --login
- -c
- 'nu --login --interactive'
''
+ (
if pkgs.stdenv.isDarwin
then ''
# Point size
size: 14
shell: # force nushell as default shell on macOS
program: /run/current-system/sw/bin/nu
''
else ''
# holder identation
home/base/desktop/terminal/default.nix
+7
View File
@@ -0,0 +1,7 @@
{...}: {
imports = [
./alacritty.nix
./kitty.nix
./wezterm.nix
];
}
home/base/desktop/kitty.nix → home/base/desktop/terminal/kitty.nix
+24 -17
View File
@@ -14,6 +14,9 @@
# 4. Increase Font Size: `command + =` | `command + +`
# 5. Decrease Font Size: `command + -` | `command + _`
# 6. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
# 7. Search in the current window(show_scrollback): `ctrl + shift + h`
# This will open a pager, it's defined by `scrollback_pager`, default is `less`
#
#
# Useful Hot Keys for Linux:
# 1. New Tab: `ctrl + shift + t`
@@ -27,7 +30,10 @@
{
programs.kitty = {
enable = true;
theme = "Catppuccin-Mocha"; # kitty has catppuccin theme built-in
# kitty has catppuccin theme built-in,
# all the built-in themes are packaged into an extra package named `kitty-themes`
# and it's installed by home-manager if `theme` is specified.
theme = "Catppuccin-Mocha";
font = {
name = "JetBrainsMono Nerd Font";
# use different font size on macOS
@@ -37,23 +43,24 @@
else 13;
};
settings =
{
background_opacity = "0.95";
macos_option_as_alt = true; # Option key acts as Alt on macOS
scrollback_lines = 10000;
enable_audio_bell = false;
}
// (
if pkgs.stdenv.isDarwin
then {
# macOS specific settings, force kitty to use nushell as default shell
shell = "/run/current-system/sw/bin/nu";
}
else {}
);
keybindings = {
"ctrl+shift+m" = "toggle_maximized";
};
settings = {
background_opacity = "0.93";
macos_option_as_alt = true; # Option key acts as Alt on macOS
scrollback_lines = 10000;
enable_audio_bell = false;
tab_bar_edge = "top"; # tab bar on top
# To resolve issues:
# 1. https://github.com/ryan4yin/nix-config/issues/26
# 2. https://github.com/ryan4yin/nix-config/issues/8
# Spawn a nushell in login mode via `bash`
shell = "${pkgs.bash}/bin/bash --login -c 'nu --login --interactive'";
};
# macOS specific settings
darwinLaunchOptions = ["--start-as=fullscreen"];
darwinLaunchOptions = ["--start-as=maximized"];
};
}
home/base/desktop/terminal/wezterm.nix
+105
View File
@@ -0,0 +1,105 @@
{pkgs, ...}:
###########################################################
#
# Wezterm Configuration
#
# Default Keybindings: https://wezfurlong.org/wezterm/config/default-keys.html
#
###########################################################
{
# wezterm has catppuccin theme built-in,
# it's not necessary to install it separately.
# we can add wezterm as a flake input once this PR is merged:
# https://github.com/wez/wezterm/pull/3547
programs.wezterm =
{
enable = true;
# TODO: Fix: https://github.com/wez/wezterm/issues/4483
# package = pkgs.wezterm.override { };
extraConfig = let
fontsize =
if pkgs.stdenv.isDarwin
then "14.0"
else "13.0";
in
''
-- Pull in the wezterm API
local wezterm = require 'wezterm'
-- This table will hold the configuration.
local config = {}
-- In newer versions of wezterm, use the config_builder which will
-- help provide clearer error messages
if wezterm.config_builder then
config = wezterm.config_builder()
end
wezterm.on('toggle-opacity', function(window, pane)
local overrides = window:get_config_overrides() or {}
if not overrides.window_background_opacity then
overrides.window_background_opacity = 0.93
else
overrides.window_background_opacity = nil
end
window:set_config_overrides(overrides)
end)
wezterm.on('toggle-maximize', function(window, pane)
window:maximize()
end)
-- This is where you actually apply your config choices
config.color_scheme = "Catppuccin Mocha"
config.font = wezterm.font_with_fallback {
"JetBrainsMono Nerd Font",
"FiraCode Nerd Font",
-- To avoid 'Chinese characters displayed as variant (Japanese) glyphs'
"Source Han Sans SC",
"Source Han Sans TC"
}
config.hide_tab_bar_if_only_one_tab = true
config.scrollback_lines = 10000
config.enable_scroll_bar = true
config.keys = {
-- toggle opacity(CTRL + SHIFT + B)
{
key = 'B',
mods = 'CTRL',
action = wezterm.action.EmitEvent 'toggle-opacity',
},
{
key = 'M',
mods = 'CTRL',
action = wezterm.action.EmitEvent 'toggle-maximize',
},
}
config.font_size = ${fontsize}
-- To resolve issues:
-- 1. https://github.com/ryan4yin/nix-config/issues/26
-- 2. https://github.com/ryan4yin/nix-config/issues/8
-- Spawn a nushell in login mode via `bash`
config.default_prog = { '${pkgs.bash}/bin/bash', '--login', '-c', 'nu --login --interactive' }
return config
'';
}
// (
if pkgs.stdenv.isDarwin
then {
# install wezterm via homebrew on macOS to avoid compilation, dummy package here.
package = pkgs.hello;
enableBashIntegration = false;
enableZshIntegration = false;
}
else {}
);
}
home/base/server/bat.nix
+5 -2
View File
@@ -4,11 +4,14 @@
enable = true;
config = {
pager = "less -FR";
theme = "Catppuccin-mocha";
theme = "catppuccin-mocha";
};
themes = {
# https://raw.githubusercontent.com/catppuccin/bat/main/Catppuccin-mocha.tmTheme
Catppuccin-mocha = builtins.readFile "${catppuccin-bat}/Catppuccin-mocha.tmTheme";
catppuccin-mocha = {
src = catppuccin-bat;
file = "Catppuccin-mocha.tmTheme";
};
};
};
}
home/linux/base/btop.nix → home/base/server/btop.nix
View File
home/base/server/core.nix
+17 -8
View File
@@ -9,11 +9,6 @@
unzip
p7zip
# utils
ripgrep # recursively searches directories for a regex pattern
jq # A lightweight and flexible command-line JSON processor
yq-go # yaml processer https://github.com/mikefarah/yq
# networking tools
mtr # A network diagnostic tool
iperf3
@@ -24,14 +19,28 @@
nmap # A utility for network discovery and security auditing
ipcalc # it is a calculator for the IPv4/v6 addresses
# Text Processing
# Docs: https://github.com/learnbyexample/Command-line-text-processing
gnugrep # GNU grep, provides `grep`/`egrep`/`fgrep`
gnused # GNU sed, very powerful(mainly for replacing text in files)
gawk # GNU awk, a pattern scanning and processing language
ripgrep # recursively searches directories for a regex pattern
sad # CLI search and replace, with diff preview, really useful!!!
delta # A viewer for git and diff output
# A fast and polyglot tool for code searching, linting, rewriting at large scale
# supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
ast-grep
jq # A lightweight and flexible command-line JSON processor
yq-go # yaml processer https://github.com/mikefarah/yq
# misc
tldr
cowsay
file
which
tree
gnused
gnutar
gawk
zstd
caddy
gnupg
@@ -58,7 +67,7 @@
# A modern replacement for ls
# useful in bash/zsh prompt, not in nushell.
exa = {
eza = {
enable = true;
enableAliases = true;
git = true;
home/base/server/default.nix
+1
View File
@@ -6,6 +6,7 @@
./bash.nix
./bat.nix
./btop.nix
./core.nix
./git.nix
./starship.nix
home/base/server/git.nix
+31 -12
View File
@@ -15,6 +15,9 @@
rm -f ~/.gitconfig
'';
home.packages = with pkgs; [
];
programs.git = {
enable = true;
lfs.enable = true;
@@ -37,15 +40,15 @@
# replace https with ssh
url = {
"ssh://git@github.com/" = {
insteadOf = "https://github.com/";
};
"ssh://git@gitlab.com/" = {
insteadOf = "https://gitlab.com/";
};
"ssh://git@bitbucket.com/" = {
insteadOf = "https://bitbucket.com/";
"ssh://git@github.com/ryan4yin" = {
insteadOf = "https://github.com/ryan4yin";
};
# "ssh://git@gitlab.com/" = {
# insteadOf = "https://gitlab.com/";
# };
# "ssh://git@bitbucket.com/" = {
# insteadOf = "https://bitbucket.com/";
# };
};
};
@@ -54,10 +57,15 @@
# signByDefault = true;
# };
# A syntax-highlighting pager in Rust(2019 ~ Now)
delta = {
enable = true;
options = {
features = "side-by-side";
diff-so-fancy = true;
line-numbers = true;
true-color = "always";
# features => named groups of settings, used to keep related settings organized
# features = "";
};
};
@@ -68,10 +76,21 @@
st = "status";
ls = "log --pretty=format:\"%C(yellow)%h%Cred%d\\\\ %Creset%s%Cblue\\\\ [%cn]\" --decorate";
ll = "log --pretty=format:\"%C(yellow)%h%Cred%d\\\\ %Creset%s%Cblue\\\\ [%cn]\" --decorate --numstat";
cm = "commit -m";
ca = "commit -am";
cm = "commit -m"; # commit via `git cm <message>`
ca = "commit -am"; # commit all changes via `git ca <message>`
dc = "diff --cached";
amend = "commit --amend -m";
amend = "commit --amend -m"; # amend commit message via `git amend <message>`
unstage = "reset HEAD --"; # unstage file via `git unstage <file>`
merged = "branch --merged"; # list merged(into HEAD) branches via `git merged`
unmerged = "branch --no-merged"; # list unmerged(into HEAD) branches via `git unmerged`
nonexist = "remote prune origin --dry-run"; # list non-exist(remote) branches via `git nonexist`
# delete merged branches except master & dev & staging
# `!` indicates it's a shell script, not a git subcommand
delmerged = ''! git branch --merged | egrep -v "(^\*|main|master|dev|staging)" | xargs git branch -d'';
# delete non-exist(remote) branches
delnonexist = "remote prune origin";
# aliases for submodule
update = "submodule update --init --recursive";
home/base/server/nushell/config.nu
+1 -1
View File
@@ -71,7 +71,7 @@ let catppuccin_theme = {
}
# The default config record. This is where much of your global configuration is setup.
let-env config = {
$env.config = {
color_config: $catppuccin_theme # <-- this is the theme
use_ansi_coloring: true
home/base/server/nushell/default.nix
-10
View File
@@ -3,16 +3,6 @@
enable = true;
configFile.source = ./config.nu;
extraConfig = ''
let-env PATH = ([
"${config.home.homeDirectory}/bin"
"${config.home.homeDirectory}/.local/bin"
"${config.home.homeDirectory}/go/bin"
($env.PATH | split row (char esep))
] | flatten)
'';
# home-manager will merge the cotent in `environmentVariables` with the `envFile.source`
# but basically, I set all environment variables via the shell-independent way, so I don't need to use those two options
#
home/base/server/tmux/custom-plugins.nix
-13
View File
@@ -1,13 +0,0 @@
{pkgs, ...}: let
buildTmuxPlugin = pkgs.tmuxPlugins.mkTmuxPlugin;
in {
draculaTheme = buildTmuxPlugin {
pluginName = "dracula";
version = "v2.2.0";
src = builtins.fetchTarball {
name = "dracula-tmux-v2.2.0";
url = "https://github.com/dracula/tmux/archive/refs/tags/v2.2.0.tar.gz";
sha256 = "sha256:0v2k994yy4xx2iw8qxg7qphw46gq2qmg496i3a3h9b6jgwxqm7zn";
};
};
}
home/base/server/tmux/default.nix
+20 -23
View File
@@ -1,10 +1,4 @@
{
config,
pkgs,
...
}: let
plugins = pkgs.tmuxPlugins // pkgs.callPackage ./custom-plugins.nix {};
in {
{pkgs, ...}: {
programs.tmux = {
enable = true;
shell = "${pkgs.nushell}/bin/nu";
@@ -17,26 +11,33 @@ in {
# tmux-sensible overwrites default tmux shortcuts, makes them more sane.
sensibleOnTop = true;
# extraConfig = builtins.readFile ./tmux.conf;
# https://github.com/sxyazi/yazi/wiki/Image-preview-within-tmux
extraConfig = ''
set -g allow-passthrough on
set -ga update-environment TERM
set -ga update-environment TERM_PROGRAM
'';
# keyMode = "vi"; # default is emacs
baseIndex = 1; # start index from 1
escapeTime = 0; # do not wait for escape key
terminal = "xterm-256color";
plugins = with plugins; [
draculaTheme # theme
plugins = with pkgs.tmuxPlugins; [
{
# https://github.com/tmux-plugins/tmux-continuum
# Continuous saving of tmux environment. Automatic restore when tmux is started.
plugin = continuum;
# theme
# https://github.com/catppuccin/tmux
plugin = catppuccin;
extraConfig = ''
set -g @continuum-save-interval '15'
# Option to display current status of tmux continuum in tmux status line.
set -g status-right 'Continuum status: #{continuum_status}'
set -g @catppuccin_flavour 'mocha' # or frappe, macchiato, mocha
set -g @catppuccin_window_status_enable "yes"
'';
}
# https://github.com/tmux-plugins/tmux-yank
# Enables copying to system clipboard.
yank
{
# https://github.com/tmux-plugins/tmux-resurrect
# Manually persists tmux environment across system restarts.
@@ -47,11 +48,7 @@ in {
# Restore Neovim sessions
extraConfig = "set -g @resurrect-strategy-nvim 'session'";
}
{
# https://github.com/tmux-plugins/tmux-yank
# Enables copying to system clipboard.
plugin = yank;
}
# set -g @plugin 'tmux-plugins/tmux-cpu'
{
plugin = cpu;
home/darwin/core.nix
-5
View File
@@ -40,10 +40,5 @@
# required to prevent sending default identity files first.
IdentitiesOnly yes
'';
# use ssh-agent so we only need to input passphrase once
# run `ssh-add /path/to/key` for every identity file
# check imported keys by `ssh-add -l`
# TODO `ssh-add` can only add keys temporary, use gnome-keyring to unlock all keys after login.
};
}
home/darwin/default.nix
+2 -1
View File
@@ -1,9 +1,10 @@
{ username, ... }: {
imports = [
../base/desktop
./proxychains
./core.nix
./nushell.nix
./rime-squirrel.nix
];
home/darwin/nushell.nix
-18
View File
@@ -1,18 +0,0 @@
{config, ...}: {
# nix-darwin do not set PATH for nushell! so we need to do it manually
# this is a workaround to add nix's PATH to nushell
programs.nushell.extraConfig = ''
let-env PATH = ([
"${config.home.homeDirectory}/bin"
"${config.home.homeDirectory}/.local/bin"
"${config.home.homeDirectory}/go/bin"
"/usr/local/bin"
"${config.home.homeDirectory}/.nix-profile/bin"
"/etc/profiles/per-user/${config.home.username}/bin"
"/run/current-system/sw/bin"
"/nix/var/nix/profiles/default/bin"
($env.PATH | split row (char esep))
] | flatten)
'';
}
home/darwin/proxychains/default.nix
+3
View File
@@ -0,0 +1,3 @@
{
home.file.".proxychains/proxychains.conf".source = ./proxychains.conf;
}
home/darwin/proxychains/proxychains.conf
+161
View File
@@ -0,0 +1,161 @@
# proxychains.conf VER 4.x
#
# HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#round_robin_chain
#
# Round Robin - Each connection will be done via chained proxies
# of chain_len length
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped).
# the start of the current proxy chain is the proxy after the last
# proxy in the previously invoked proxy chain.
# if the end of the proxy chain is reached while looking for proxies
# start at the beginning again.
# otherwise EINTR is returned to the app
# These semantics are not guaranteed in a multithreaded environment.
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
# Make sense only if random_chain or round_robin_chain
#chain_len = 2
# Quiet mode (no output from library)
#quiet_mode
## Proxy DNS requests - no leak for DNS data
# (disable all of the 3 items below to not proxy your DNS requests)
# method 1. this uses the proxychains4 style method to do remote dns:
# a thread is spawned that serves DNS requests and hands down an ip
# assigned from an internal list (via remote_dns_subnet).
# this is the easiest (setup-wise) and fastest method, however on
# systems with buggy libcs and very complex software like webbrowsers
# this might not work and/or cause crashes.
proxy_dns
# method 2. use the old proxyresolv script to proxy DNS requests
# in proxychains 3.1 style. requires `proxyresolv` in $PATH
# plus a dynamically linked `dig` binary.
# this is a lot slower than `proxy_dns`, doesn't support .onion URLs,
# but might be more compatible with complex software like webbrowsers.
#proxy_dns_old
# method 3. use proxychains4-daemon process to serve remote DNS requests.
# this is similar to the threaded `proxy_dns` method, however it requires
# that proxychains4-daemon is already running on the specified address.
# on the plus side it doesn't do malloc/threads so it should be quite
# compatible with complex, async-unsafe software.
# note that if you don't start proxychains4-daemon before using this,
# the process will simply hang.
#proxy_dns_daemon 127.0.0.1:1053
# set the class A subnet number to use for the internal remote DNS mapping
# we use the reserved 224.x.x.x range by default,
# if the proxified app does a DNS request, we will return an IP from that range.
# on further accesses to this ip we will send the saved DNS name to the proxy.
# in case some control-freak app checks the returned ip, and denies to
# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
# of course you should make sure that the proxified app does not need
# *real* access to this subnet.
# i.e. dont use the same subnet then in the localnet section
#remote_dns_subnet 127
#remote_dns_subnet 10
remote_dns_subnet 224
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
### Examples for localnet exclusion
## localnet ranges will *not* use a proxy to connect.
## note that localnet works only when plain IP addresses are passed to the app,
## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used.
## Exclude connections to 192.168.1.0/24 with port 80
# localnet 192.168.1.0:80/255.255.255.0
## Exclude connections to 192.168.100.0/24
# localnet 192.168.100.0/255.255.255.0
## Exclude connections to ANYwhere with port 80
# localnet 0.0.0.0:80/0.0.0.0
# localnet [::]:80/0
## RFC6890 Loopback address range
## if you enable this, you have to make sure remote_dns_subnet is not 127
## you'll need to enable it if you want to use an application that
## connects to localhost.
# localnet 127.0.0.0/255.0.0.0
# localnet ::1/128
## RFC1918 Private Address Ranges
# localnet 10.0.0.0/255.0.0.0
# localnet 172.16.0.0/255.240.0.0
# localnet 192.168.0.0/255.255.0.0
### Examples for dnat
## Trying to proxy connections to destinations which are dnatted,
## will result in proxying connections to the new given destinations.
## Whenever I connect to 1.1.1.1 on port 1234 actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1:1234 1.1.1.2:443
## Whenever I connect to 1.1.1.1 on port 443 actually connect to 1.1.1.2 on port 443
## (no need to write :443 again)
# dnat 1.1.1.2:443 1.1.1.2
## No matter what port I connect to on 1.1.1.1 port actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1 1.1.1.2:443
## Always, instead of connecting to 1.1.1.1, connect to 1.1.1.2
# dnat 1.1.1.1 1.1.1.2
# ProxyList format
# type ip port [user pass]
# (values separated by 'tab' or 'blank')
#
# only numeric ipv4 addresses are valid
#
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5, raw
# * raw: The traffic is simply forwarded to the proxy without modification.
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# set to clash's http/socks5 port
socks5 127.0.0.1 7890
home/linux/base/default.nix
-1
View File
@@ -1,6 +1,5 @@
{
imports = [
./btop.nix
./shell.nix
./system-tools.nix
];
home/linux/base/shell.nix
-1
View File
@@ -17,7 +17,6 @@ in rec {
# set default applications
BROWSER = "firefox";
TERM = "xterm-256color";
# enable scrolling in git diff
DELTA_PAGER = "less -R";
home/linux/base/system-tools.nix
+2 -5
View File
@@ -9,14 +9,11 @@
libnotify
wireguard-tools # manage wireguard vpn manually, via wg-quick
# need to run `conda-install` before using it
# need to run `conda-shell` before using command `conda`
# conda is not available for MacOS
conda
# system call monitoring
strace # system call monitoring
ltrace # library call monitoring
bpftrace # powerful tracing tool
tcpdump # network sniffer
lsof # list open files
# system tools
home/linux/desktop/creative.nix
+16 -3
View File
@@ -1,15 +1,28 @@
{pkgs, ...}: {
{
pkgs,
pkgs-unstable,
nur-ryan4yin,
...
}: {
home.packages = with pkgs; [
# creative
# blender # 3d modeling
blender # 3d modeling
# gimp # image editing, I prefer using figma in browser instead of this one
inkscape # vector graphics
krita # digital painting
musescore # music notation
reaper # audio production
# reaper # audio production
pkgs-unstable.sonic-pi # music programming
# this app consumes a lot of storage, so do not install it currently
# kicad # 3d printing, eletrical engineering
# fpga
pkgs-unstable.python311Packages.apycula # gowin fpga
pkgs-unstable.yosys # fpga synthesis
pkgs-unstable.nextpnr # fpga place and route
pkgs-unstable.openfpgaloader # fpga programming
nur-ryan4yin.packages.${pkgs.system}.gowin-eda-edu-ide # app: `gowin-env` => `gw_ide` / `gw_pack` / ...
];
programs = {
home/linux/desktop/default.nix
+2 -3
View File
@@ -1,6 +1,7 @@
{pkgs, ...}: {
imports = [
./creative.nix
./gtk.nix
./immutable-file.nix
./media.nix
./ssh.nix
@@ -10,9 +11,6 @@
home.packages = with pkgs; [
# GUI apps
insomnia # REST client
wireshark # network analyzer
# e-book viewer(.epub/.mobi/...)
# do not support .pdf
foliate
@@ -28,6 +26,7 @@
# misc
flameshot
ventoy # multi-boot usb creator
];
# GitHub CLI tool
home/linux/desktop/gtk.nix
+52
View File
@@ -0,0 +1,52 @@
{
pkgs,
config,
...
}: {
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic";
size = 24;
gtk.enable = true;
x11.enable = true;
};
# set dpi for 4k monitor
xresources.properties = {
# dpi for Xorg's font
"Xft.dpi" = 150;
# or set a generic dpi
"*.dpi" = 150;
};
# gtk's theme settings, generate files:
# 1. ~/.gtkrc-2.0
# 2. ~/.config/gtk-3.0/settings.ini
# 3. ~/.config/gtk-4.0/settings.ini
gtk = {
enable = true;
font = {
name = "Roboto";
package = pkgs.roboto;
};
gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
iconTheme = {
name = "Papirus-Dark";
package = pkgs.papirus-icon-theme;
};
theme = {
# https://github.com/catppuccin/gtk
name = "Catppuccin-Macchiato-Compact-Pink-dark";
package = pkgs.catppuccin-gtk.override {
# https://github.com/NixOS/nixpkgs/blob/nixos-23.05/pkgs/data/themes/catppuccin-gtk/default.nix
accents = [ "pink" ];
size = "compact";
variant = "mocha";
};
};
};
}
home/linux/desktop/media.nix
+10
View File
@@ -1,6 +1,7 @@
{
pkgs,
catppuccin-cava,
pkgs-unstable,
...
}:
# media - control and enjoy audio/video
@@ -33,6 +34,15 @@
defaultProfiles = ["gpu-hq"];
scripts = [pkgs.mpvScripts.mpris];
};
# terminal file manager
yazi = {
enable = true;
package = pkgs-unstable.yazi;
enableBashIntegration = true;
# TODO: nushellIntegration is broken on release-23.11, wait for master's fix to be released
enableNushellIntegration = false;
};
};
services = {
home/linux/desktop/ssh.nix
+18 -5
View File
@@ -41,11 +41,24 @@
Host s500plus
HostName 192.168.5.174
Port 22
'';
# use ssh-agent so we only need to input passphrase once
# run `ssh-add /path/to/key` for every identity file
# check imported keys by `ssh-add -l`
# TODO `ssh-add` can only add keys temporary, use gnome-keyring to unlock all keys after login.
Host k8s-main
HostName 192.168.5.181
ForwardAgent yes
IdentityFile ~/.ssh/romantic
IdentitiesOnly yes
Host k8s-data1
HostName 192.168.5.182
ForwardAgent yes
IdentityFile ~/.ssh/romantic
IdentitiesOnly yes
Host k8s-data2
HostName 192.168.5.183
ForwardAgent yes
IdentityFile ~/.ssh/romantic
IdentitiesOnly yes
'';
};
}
home/linux/fcitx5/default.nix
-10
View File
@@ -30,14 +30,4 @@
fcitx5-gtk # gtk im module
];
};
systemd.user.sessionVariables = {
# copy from https://github.com/nix-community/home-manager/blob/master/modules/i18n/input-method/fcitx5.nix
GLFW_IM_MODULE = "fcitx";
GTK_IM_MODULE = "fcitx";
QT_IM_MODULE = "fcitx";
XMODIFIERS = "@im=fcitx";
INPUT_METHOD = "fcitx";
IMSETTINGS_MODULE = "fcitx";
};
}
home/linux/hyprland/anyrun.nix
+87
View File
@@ -0,0 +1,87 @@
{ pkgs, anyrun, ... }:
{
imports = [
anyrun.homeManagerModules.default
];
programs.anyrun = {
enable = true;
config = {
plugins = with anyrun.packages.${pkgs.system}; [
applications
randr
rink
shell
symbols
translate
];
width.fraction = 0.3;
y.absolute = 15;
hidePluginInfo = true;
closeOnClick = true;
};
# custom css for anyrun, based on catppuccin-mocha
extraCss = ''
@define-color bg-col rgba(30, 30, 46, 0.7);
@define-color bg-col-light rgba(150, 220, 235, 0.7);
@define-color border-col rgba(30, 30, 46, 0.7);
@define-color selected-col rgba(150, 205, 251, 0.7);
@define-color fg-col #D9E0EE;
@define-color fg-col2 #F28FAD;
* {
transition: 200ms ease;
font-family: "JetBrainsMono Nerd Font";
font-size: 1.3rem;
}
#window {
background: transparent;
}
#plugin,
#main {
border: 3px solid @border-col;
color: @fg-col;
background-color: @bg-col;
}
/* anyrun's input window - Text */
#entry {
color: @fg-col;
background-color: @bg-col;
}
/* anyrun's ouput matches entries - Base */
#match {
color: @fg-col;
background: @bg-col;
}
/* anyrun's selected entry - Red */
#match:selected {
color: @fg-col2;
background: @selected-col;
}
#match {
padding: 3px;
border-radius: 16px;
}
#entry, #plugin:hover {
border-radius: 16px;
}
box#main {
background: rgba(30, 30, 46, 0.7);
border: 1px solid @border-col;
border-radius: 15px;
padding: 5px;
}
'';
};
}
home/linux/hyprland/default.nix
+5 -35
View File
@@ -1,12 +1,12 @@
{pkgs, catppuccin-hyprland, ...}: {
{pkgs, hyprland, catppuccin-hyprland, ...}: {
imports = [
# hyprland.homeManagerModules.default
./anyrun.nix
./wayland-apps.nix
];
# Only available on home-manager's master branch(2023/7/25)
# wayland.windowManager.hyprland = {
# enable = true;
# };
# wayland.windowManager.hyprland.enable = true;
# hyprland configs, based on https://github.com/notwidow/hyprland
home.file.".config/hypr" = {
@@ -16,24 +16,6 @@
};
home.file.".config/hypr/themes".source = "${catppuccin-hyprland}/themes";
# gtk's theme settings, generate files:
# 1. ~/.gtkrc-2.0
# 2. ~/.config/gtk-3.0/settings.ini
# 3. ~/.config/gtk-4.0/settings.ini
gtk = {
enable = true;
theme = {
# https://github.com/catppuccin/gtk
name = "Catppuccin-Macchiato-Compact-Pink-dark";
package = pkgs.catppuccin-gtk.override {
accents = [ "pink" ];
size = "compact";
tweaks = [ "rimless" "black" ];
variant = "macchiato";
};
};
};
# music player - mpd
home.file.".config/mpd" = {
source = ./mpd;
@@ -57,16 +39,4 @@
"WLR_EGL_NO_MODIFIRES" = "1";
};
# this is for xwayland
# set dpi for 4k monitor
xresources.properties = {
"Xft.dpi" = 162;
};
# set Xcursor.theme & Xcursor.size in ~/.Xresources automatically
home.pointerCursor = {
name = "Qogir-dark";
package = pkgs.qogir-theme;
size = 64;
};
}
home/linux/hyprland/hypr-conf/hyprland.conf
+17 -7
View File
@@ -3,6 +3,11 @@
# color-scheme: cappuccin-mocha
source=~/.config/hypr/themes/mocha.conf
env = _JAVA_AWT_WM_NONREPARENTING,1
env = QT_WAYLAND_DISABLE_WINDOWDECORATION,1
# fix https://github.com/hyprwm/Hyprland/issues/1520
env = WLR_NO_HARDWARE_CURSORS,1
#-- Output ----------------------------------------------------
# Configure your Display resolution, offset, scale and Monitors here, use `hyprctl monitors` to get the info.
@@ -45,16 +50,17 @@ general {
# Decoration settings like Rounded Corners, Opacity, Blur, etc.
decoration {
rounding=8 # Original: rounding=-1
multisample_edges=0
active_opacity=1.0
inactive_opacity=0.9
fullscreen_opacity=1.0
blur=0
blur_size=3 # minimum 1
blur_passes=1 # minimum 1, more passes = more resource intensive.
blur_ignore_opacity=0
blur {
enabled=true
size=3 # minimum 1
passes=1 # minimum 1, more passes = more resource intensive.
ignore_opacity=false
}
# Your blur "amount" is blur_size * blur_passes, but high blur_size (over around 5-ish) will produce artifacts.
# if you want heavy blur, you need to up the blur_passes.
@@ -103,13 +109,12 @@ $lockscreen = ~/.config/hypr/scripts/lockscreen
$wlogout = ~/.config/hypr/scripts/wlogout
$colorpicker = ~/.config/hypr/scripts/colorpicker
$files = thunar
$editor = code # vscode
$browser = firefox
# -- Terminal --
bind=SUPER,Return,exec,$term
# -- Wofi --
# -- App Launcher --
bind=SUPER,D,exec,$app_launcher
# -- Hyprland --
@@ -201,6 +206,10 @@ exec-once=cp ~/.config/fcitx5/profile-bak ~/.config/fcitx5/profile # restore
exec-once=fcitx5 -d --replace # start fcitx5 daemon
bind=ALT,E,exec,pkill fcitx5 -9;sleep 1;fcitx5 -d --replace; sleep 1;fcitx5-remote -r
# fix xwayland apps
windowrulev2 = rounding 0, xwayland:1, floating:1
windowrulev2 = center, class:^(.*jetbrains.*)$, title:^(Confirm Exit|Open Project|win424|win201|splash)$
windowrulev2 = size 640 400, class:^(.*jetbrains.*)$, title:^(splash)$
# -- Fix input method in vscode
exec-once = hyprctl setcursor "Bibata-Modern-Ice" 24
@@ -208,6 +217,7 @@ exec-once = hyprctl setcursor "Bibata-Modern-Ice" 24
# xwayland 窗口先渲染到 200% 再降到 hyprland config 里 monitor 设置的值,看上去和原生没啥区别
# 相比较一开始的方案输入法字体大小也正确了.唯一有点问题的可能是 xwayland 窗口下的鼠标指针大小不对
exec-once = xprop -root -f _XWAYLAND_GLOBAL_OUTPUT_SCALE 32c -set _XWAYLAND_GLOBAL_OUTPUT_SCALE 2
exec-once = xrdb -merge ~/.Xresources
# env = GDK_SCALE,2
env = XCURSOR_SIZE,48
home/linux/hyprland/hypr-conf/scripts/menu
+3 -9
View File
@@ -1,13 +1,7 @@
#!/usr/bin/env bash
## launch wofi with alt config
CONFIG="$HOME/.config/hypr/wofi/config"
STYLE="$HOME/.config/hypr/wofi/style.css"
COLORS="$HOME/.config/hypr/wofi/colors"
if [[ ! $(pidof wofi) ]]; then
wofi --show drun --prompt 'Search...' --conf ${CONFIG} --style ${STYLE} --color ${COLORS}
if [[ ! $(pidof anyrun) ]]; then
anyrun
else
pkill wofi
pkill anyrun
fi
home/linux/hyprland/hypr-conf/scripts/statusbar
+1 -1
View File
@@ -2,7 +2,7 @@
## launch waybar with alt config
CONFIG="$HOME/.config/hypr/waybar/config.json"
CONFIG="$HOME/.config/hypr/waybar/config.jsonc"
STYLE="$HOME/.config/hypr/waybar/style.css"
if [[ ! $(pidof waybar) ]]; then
home/linux/hyprland/hypr-conf/waybar/config.json → home/linux/hyprland/hypr-conf/waybar/config.jsonc
View File
home/linux/hyprland/hypr-conf/wofi/colors
-6
View File
@@ -1,6 +0,0 @@
#1e1e2e
#262636
#d9e0ee
#89b4fa
#f38ba8
#cba6f7
home/linux/hyprland/hypr-conf/wofi/config
-39
View File
@@ -1,39 +0,0 @@
## Wofi Config
## General
show=drun
prompt=Apps
normal_window=true
layer=top
term=alacritty
## Geometry
width=500px
height=305px
location=0
orientation=vertical
halign=fill
line_wrap=off
dynamic_lines=false
## Images
allow_markup=true
allow_images=true
image_size=24
## Search
exec_search=false
hide_search=false
parse_search=false
insensitive=false
## Other
hide_scroll=true
no_actions=true
sort_order=default
gtk_dark=true
filter_rate=100
## Keys
key_expand=Tab
key_exit=Escape
home/linux/hyprland/hypr-conf/wofi/style.css
-60
View File
@@ -1,60 +0,0 @@
/** ********** Fonts ********** **/
* {
font-family: "JetBrains Mono", "Iosevka Nerd Font", sans-serif;
font-size: 12px;
}
#window {
background-color: --wofi-color0;
color: --wofi-color2;
border: 2px solid --wofi-color1;
border-radius: 0px;
}
#outer-box {
padding: 20px;
}
#input {
background-color: --wofi-color1;
border: 0px solid --wofi-color3;
padding: 8px 12px;
}
#scroll {
margin-top: 20px;
}
#inner-box {
}
#img {
padding-right: 8px;
}
#text {
color: --wofi-color2;
}
#text:selected {
color: --wofi-color0;
}
#entry {
padding: 6px;
}
#entry:selected {
background-color: --wofi-color3;
color: --wofi-color0;
}
#unselected {
}
#selected {
}
#input, #entry:selected {
border-radius: 4px;
}
home/linux/hyprland/wayland-apps.nix
-14
View File
@@ -22,19 +22,5 @@
enableGnomeExtensions = false;
package = pkgs.firefox-wayland; # firefox with wayland support
};
vscode = {
enable = true;
# use the stable version
# package = pkgs.vscode.override {
# commandLineArgs = [
# # make it use text-input-v1, which works for kwin 5.27 and weston
# # "--enable-wayland-ime"
# ];
# };
# let vscode sync and update its configuration & extensions across devices, using github account.
# userSettings = {};
};
};
}
home/linux/i3/default.nix
-14
View File
@@ -44,18 +44,4 @@
"__GLX_VENDOR_LIBRARY_NAME" = "nvidia";
};
# set dpi for 4k monitor
xresources.properties = {
# dpi for Xorg's font
"Xft.dpi" = 162;
# or set a generic dpi
"*.dpi" = 162;
};
# set Xcursor.theme & Xcursor.size in ~/.Xresources automatically
home.pointerCursor = {
name = "Qogir-dark";
package = pkgs.qogir-theme;
size = 64;
};
}
home/linux/i3/x11-apps.nix
-12
View File
@@ -17,17 +17,5 @@
# commandLineArgs = [
# ];
};
vscode = {
enable = true;
# use the stable version
# package = pkgs.vscode.override {
# commandLineArgs = [
# ];
# };
# let vscode sync and update its configuration & extensions across devices, using github account.
# userSettings = {};
};
};
}
home/linux/server-riscv64.nix
+24
View File
@@ -0,0 +1,24 @@
{ username, ... }: {
imports = [
];
# Home Manager needs a bit of information about you and the
# paths it should manage.
home = {
username = username;
homeDirectory = "/home/${username}";
# This value determines the Home Manager release that your
# configuration is compatible with. This helps avoid breakage
# when a new Home Manager release introduces backwards
# incompatible changes.
#
# You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version
# changes in each release.
stateVersion = "23.05";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}
hosts/12kingdoms/suzu/default.nix
+62
View File
@@ -0,0 +1,62 @@
{
config,
username,
nixos-rk3588,
...
} @ args:
#############################################################
#
# Aquamarine - A NixOS VM running on Proxmox
#
#############################################################
{
imports = [
{
nixpkgs.crossSystem = {
config = "aarch64-unknown-linux-gnu";
};
}
# import the rk3588 module, which contains the configuration for bootloader/kernel/firmware
(nixos-rk3588 + "/modules/boards/orangepi5.nix")
# core-riscv64 only the core packages, it's suitable for aarch64 too.
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
networking = {
hostName = "suzu"; # Define your hostname.
wireless.enable = false; # Enables wireless support via wpa_supplicant.
networkmanager.enable = false;
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
interfaces.end1 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.107";
prefixLength = 24;
}
];
};
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
hosts/README.md
+22 -1
View File
@@ -6,6 +6,13 @@
2. `aquamarine`: My NixOS virtual machine with R9-5900HX(8C16T), for distributed building & testing.
3. `kana`: Yet another NixOS vm on another physical machine with R5-5625U(6C12T).
4. `ruby`: Another NixOS vm on another physical machine with R7-5825U(8C16T).
3. `rolling_girls`: My RISCV64 hosts.
1. `nozomi`: Lichee Pi 4A, TH1520(4xC910@2.0G), 8GB RAM + 32G eMMC + 64G SD Card.
2. `yukina`: Lichee Pi 4A(Internal Test Version), TH1520(4xC910@2.0G), 8GB RAM + 8G eMMC + 128G SD Card.
3. `chiaya`: Milk-V Mars, JH7110(4xU74@1.5 GHz), 4G RAM + No eMMC + 64G SD Card.
4. `12kingdoms`: Currently only one aarch64 host
1. `suzu`: Orange Pi 5, RK3588s(4xA76 + 4xA55), GPU(4Cores, Mail-G610), NPU(6Tops@int8), 8G RAM + 256G SSD.
# idols - Oshi no Ko
@@ -18,10 +25,24 @@ When building some packages for riscv64 or aarch64, I often have no cache availa
![](/_img/nix-distributed-building-log.webp)
## rolling girls
My All RISCV64 hosts.
![](/_img/nixos-riscv-cluster.webp)
## References
[Oshi no Ko 【推しの子】 - Wikipedia](https://en.wikipedia.org/wiki/Oshi_no_Ko):
![](/_img/idols-famaily.webp)
![](/_img/idols-ai.webp)
See [Oshi no Ko 【推しの子】 - Wikipedia](https://en.wikipedia.org/wiki/Oshi_no_Ko) for more information.
[The Rolling Girls【ローリング☆ガールズ】 - Wikipedia](https://en.wikipedia.org/wiki/The_Rolling_Girls):
![](/_img/rolling_girls.webp)
[List of Twelve Kingdoms characters](https://en.wikipedia.org/wiki/List_of_Twelve_Kingdoms_characters)
![](/_img/12kingdoms-1.webp)
![](/_img/12kingdoms-Youko-Rakushun.webp)
hosts/harmonica/default.nix
-2
View File
@@ -29,6 +29,4 @@ in {
# DO NOT change the system's default shell to nushell! it will break some apps!
# It's better to change only starship/alacritty/vscode's shell to nushell!
};
nix.settings.trusted-users = [username];
}
hosts/idols/ai/default.nix
+8 -29
View File
@@ -1,4 +1,4 @@
{config, ...} @ args:
{lanzaboote, ...} @ args:
#############################################################
#
# Ai - my main computer, with NixOS + I5-13600KF + RTX 4090 GPU, for gaming & daily use.
@@ -10,10 +10,13 @@
# Include the results of the hardware scan.
./hardware-configuration.nix
../../../modules/nixos/fhs-fonts.nix
./impermanence.nix
./secureboot.nix
# ../../../modules/nixos/fhs-fonts.nix
../../../modules/nixos/libvirt.nix
../../../modules/nixos/core-desktop.nix
# ../../../modules/nixos/remote-building.nix
../../../modules/nixos/remote-building.nix
../../../modules/nixos/user-group.nix
../../../secrets/nixos.nix
@@ -21,30 +24,6 @@
nixpkgs.overlays = import ../../../overlays args;
# Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
# supported fil systems, so we can mount any removable disks with these filesystems
boot.supportedFilesystems = [
"ext4"
"btrfs"
"xfs"
#"zfs"
"ntfs"
"fat"
"vfat"
"exfat"
"cifs" # mount windows share
];
# Bootloader.
boot.loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi"; # ← use the same mount point here.
};
systemd-boot.enable = true;
};
networking = {
hostName = "ai";
wireless.enable = false; # Enables wireless support via wpa_supplicant.
@@ -78,7 +57,7 @@
services.xserver.videoDrivers = ["nvidia"]; # will install nvidia-vaapi-driver by default
hardware.nvidia = {
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.stable;
# package = config.boot.kernelPackages.nvidiaPackages.stable;
# Modesetting is needed for most Wayland compositors
modesetting.enable = true;
@@ -104,5 +83,5 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
system.stateVersion = "23.11"; # Did you read the comment?
}
hosts/idols/ai/hardware-configuration.nix
+82 -7
View File
@@ -12,23 +12,98 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
# Use the EFI boot loader.
boot.loader.efi.canTouchEfiVariables = true;
# depending on how you configured your disk mounts, change this to /boot or /boot/efi.
boot.loader.efi.efiSysMountPoint = "/boot";
boot.loader.systemd-boot.enable = true;
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.kernelParams = [ "nvidia.NVreg_PreserveVideoMemoryAllocations=1" ];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/231466f6-cdf3-40e1-b9d2-6b4e8d10a4d3";
fsType = "btrfs";
options = ["subvol=@"];
# Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
# supported fil systems, so we can mount any removable disks with these filesystems
boot.supportedFilesystems = [
"ext4"
"btrfs"
"xfs"
"ntfs"
"fat"
"vfat"
"cifs" # mount windows share
];
boot.initrd = {
# unlocked luks devices via a keyfile or prompt a passphrase.
luks.devices."crypted-nixos" = {
device = "/dev/nvme0n1p2";
# the keyfile(or device partition) that should be used as the decryption key for the encrypted device.
# if not specified, you will be prompted for a passphrase instead.
#keyFile = "/root-part.key";
# whether to allow TRIM requests to the underlying device.
# it's less secure, but faster.
allowDiscards = true;
};
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/87ED-8B2E";
# equal to `mount -t tmpfs tmpfs /`
fileSystems."/" = {
device = "tmpfs";
fsType = "tmpfs";
# set mode to 755, otherwise systemd will set it to 777, which cause problems.
options = ["relatime" "mode=755"];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@nix" "noatime" "compress-force=zstd:1"];
};
fileSystems."/persistent" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@persistent" "compress-force=zstd:1"];
neededForBoot = true;
};
fileSystems."/snapshots" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@snapshots" "compress-force=zstd:1"];
};
# mount swap subvolume in readonly mode.
fileSystems."/swap" = {
device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
fsType = "btrfs";
options = ["subvol=@swap" "ro"];
};
# remount swapfile in read-write mode
fileSystems."/swap/swapfile" = {
# the swapfile is located in /swap subvolume, so we need to mount /swap first.
depends = ["/swap"];
device = "/swap/swapfile";
fsType = "none";
options = ["bind" "rw"];
};
fileSystems."/boot" = {
device = "/dev/nvme0n1p1";
fsType = "vfat";
};
swapDevices = [{device = "/dev/disk/by-uuid/17391ca0-8cdb-4598-a40b-fd9548fd9b37";}];
swapDevices = [
{device = "/swap/swapfile";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
hosts/idols/ai/impermanence.nix
+119
View File
@@ -0,0 +1,119 @@
{
impermanence,
pkgs,
...
}: {
imports = [
impermanence.nixosModules.impermanence
];
environment.systemPackages = [
# `sudo ncdu -x /`
pkgs.ncdu
];
# There are two ways to clear the root filesystem on every boot:
## 1. use tmpfs for /
## 2. (btrfs/zfs only)take a blank snapshot of the root filesystem and revert to it on every boot via:
## boot.initrd.postDeviceCommands = ''
## mkdir -p /run/mymount
## mount -o subvol=/ /dev/disk/by-uuid/UUID /run/mymount
## btrfs subvolume delete /run/mymount
## btrfs subvolume snapshot / /run/mymount
## '';
#
# See also https://grahamc.com/blog/erase-your-darlings/
# NOTE: impermanence only mounts the directory/file list below to /persistent
# If the directory/file already exists in the root filesystem, you should
# move those files/directories to /persistent first!
environment.persistence."/persistent" = {
# sets the mount option x-gvfs-hide on all the bind mounts
# to hide them from the file manager
hideMounts = true;
directories = [
"/etc/NetworkManager/system-connections"
"/etc/ssh"
"/etc/nix/inputs"
"/etc/secureboot" # lanzaboote - secure boot
# my secrets
"/etc/agenix/"
"/var/log"
"/var/lib"
# created by modules/nixos/fhs-fonts.nix
# for flatpak apps
# "/usr/share/fonts"
# "/usr/share/icons"
];
files = [
"/etc/machine-id"
];
# the following directories will be passed to /persistent/home/$USER
users.ryan = {
directories = [
"codes"
"nix-config"
"tmp"
"Downloads"
"Music"
"Pictures"
"Documents"
"Videos"
{
directory = ".gnupg";
mode = "0700";
}
{
directory = ".ssh";
mode = "0700";
}
{
directory = ".aws";
mode = "0700";
}
{
directory = ".docker";
mode = "0700";
}
{
directory = ".kube";
mode = "0700";
}
# misc
".config/pulse"
".pki"
# remote desktop
".config/remmina"
".config/freerdp"
# browsers
".mozilla"
".config/google-chrome"
# neovim / remmina / flatpak / ...
".local/share"
".local/state"
# language package managers
".npm"
"go"
# neovim plugins(wakatime & copilot)
".wakatime"
".config/github-copilot"
];
files = [
".wakatime.cfg"
".config/nushell/history.txt"
];
};
};
}
hosts/idols/ai/secureboot.nix
+34
View File
@@ -0,0 +1,34 @@
{
pkgs,
lib,
lanzaboote,
...
}: {
# How to enter setup mode - msi motherboard
## 1. enter BIOS via [Del] Key
## 2. <Advance mode> => <Settings> => <Security> => <Secure Boot>
## 3. enable <Secure Boot>
## 4. set <Secure Boot Mode> to <Custom>
## 5. enter <Key Management>
## 6. select <Delete All Secure Boot Variables>, and then select <No> for <Reboot Without Saving>
## 7. Press F10 to saving and reboot.
imports = [
lanzaboote.nixosModules.lanzaboote
];
environment.systemPackages = [
# For debugging and troubleshooting Secure Boot.
pkgs.sbctl
];
# Lanzaboote currently replaces the systemd-boot module.
# This setting is usually set to true in configuration.nix
# generated at installation time. So we force it to false
# for now.
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
}
hosts/rolling_girls/chiaya/default.nix
+69
View File
@@ -0,0 +1,69 @@
{
config,
username,
# nixos-jh7110,
...
} @ args:
#############################################################
#
# Chiaya - NixOS Configuration for Milk-V Mars
#
# WIP, not working yet.
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# TODO
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "chiaya"; # Define your hostname.
wireless.enable = false;
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# milkv-mars RJ45 port
interfaces.end0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.106";
prefixLength = 24;
}
];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
hosts/rolling_girls/nozomi/default.nix
+102
View File
@@ -0,0 +1,102 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
#############################################################
#
# Nozomi - NixOS configuration for Lichee Pi 4A
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "nozomi"; # Define your hostname.
wireless = {
# https://wiki.archlinux.org/title/wpa_supplicant
enable = true;
# The path to the file containing the WPA passphrase.
# secrets are not supported well on riscv64, I nned to create this file manually.
# Format: "PSK_WEMEET_PRIVATE_WIFI=your_password"
environmentFile = "/etc/wpa_supplicant.env";
# The network definitions to automatically connect to when wpa_supplicant is running.
networks = {
# read WPAPSK from environmentFile
"shadow_light_ryan".psk = "@PSK_WEMEET_PRIVATE_WIFI@";
};
};
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# LPI4A's wireless interface
interfaces.wlan0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.104";
prefixLength = 24;
}
];
};
# LPI4A's first ethernet interface
# interfaces.end0 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.5.104";
# prefixLength = 24;
# }
# ];
# };
# LPI4A's second ethernet interface
# interfaces.end1 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.xx.xx";
# prefixLength = 24;
# }
# ];
# };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
hosts/rolling_girls/yukina/default.nix
+102
View File
@@ -0,0 +1,102 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
#############################################################
#
# Yukina - NixOS configuration for Lichee Pi 4A
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "yukina"; # Define your hostname.
wireless = {
# https://wiki.archlinux.org/title/wpa_supplicant
enable = true;
# The path to the file containing the WPA passphrase.
# secrets are not supported well on riscv64, I nned to create this file manually.
# Format: "PSK_WEMEET_PRIVATE_WIFI=your_password"
environmentFile = "/etc/wpa_supplicant.env";
# The network definitions to automatically connect to when wpa_supplicant is running.
networks = {
# read WPAPSK from environmentFile
"shadow_light_ryan".psk = "@PSK_WEMEET_PRIVATE_WIFI@";
};
};
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# LPI4A's wireless interface
interfaces.wlan0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.105";
prefixLength = 24;
}
];
};
# LPI4A's first ethernet interface
# interfaces.end0 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.5.105";
# prefixLength = 24;
# }
# ];
# };
# LPI4A's second ethernet interface
# interfaces.end1 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.xx.xx";
# prefixLength = 24;
# }
# ];
# };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
lib/README.md
+8
View File
@@ -0,0 +1,8 @@
# Library
Some helper functions, used by `flake.nix` to reduce code duplication and make it easier to add new machines:
1. `macosSystem.nix`: A function to generate config(attribute set) for macOS([nix-darwin](https://github.com/LnL7/nix-darwin)).
2. `nixosSystem.nix`: A function to generate config(attribute set) for NixOS.
3. `colmenaSystem.nix`: A function that generate config(another function) for remote deployment using [colmena](https://github.com/zhaofengli/colmena).
lib/colmenaSystem.nix
+40
View File
@@ -0,0 +1,40 @@
# colmena - Remote Deployment via SSH
{
nixpkgs,
home-manager,
specialArgs,
nixos-modules,
home-module ? null,
host_tags,
targetUser ? specialArgs.username,
}: let
username = specialArgs.username;
in
{ name, nodes, ... }: {
deployment = {
targetHost = name; # hostName or IP address
targetUser = targetUser;
tags = host_tags;
};
imports =
nixos-modules
++ [
{
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
# make `nix repl '<nixpkgs>'` use the same nixpkgs as the one used by this flake.
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"];
}
] ++ (if (home-module != null) then [
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = specialArgs;
home-manager.users."${username}" = home-module;
}
] else []);
}
lib/macosSystem.nix
+11 -1
View File
@@ -1,4 +1,5 @@
{
nixpkgs,
nix-darwin,
home-manager,
system,
@@ -13,11 +14,20 @@ in
modules =
darwin-modules
++ [
{
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
# make `nix repl '<nixpkgs>'` use the same nixpkgs as the one used by this flake.
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"];
}
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = specialArgs;
home-manager.users."${username}" = home-module;
}
lib/nixosSystem.nix
+9
View File
@@ -14,6 +14,15 @@ in
modules =
nixos-modules
++ [
{
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
# make `nix repl '<nixpkgs>'` use the same nixpkgs as the one used by this flake.
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"];
}
nixos-generators.nixosModules.all-formats
{
# formatConfigs.iso = {config, ...}: {};
modules/common.nix
+40
View File
@@ -0,0 +1,40 @@
{
lib,
username,
...
}: {
nix.settings = {
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
# given the users in this list the right to specify additional substituters via:
# 1. `nixConfig.substituers` in `flake.nix`
# 2. command line args `--options substituers http://xxx`
trusted-users = [username];
substituters = [
# cache mirror located in China
# status: https://mirror.sjtu.edu.cn/
"https://mirror.sjtu.edu.cn/nix-channels/store"
# status: https://mirrors.ustc.edu.cn/status/
# "https://mirrors.ustc.edu.cn/nix-channels/store"
"https://cache.nixos.org"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
];
builders-use-substitutes = true;
};
# do garbage collection weekly to keep disk usage low
nix.gc = {
automatic = lib.mkDefault true;
dates = lib.mkDefault "weekly";
options = lib.mkDefault "--delete-older-than 7d";
};
# Allow unfree packages
nixpkgs.config.allowUnfree = lib.mkDefault false;
}
modules/darwin/apps.nix
+25 -5
View File
@@ -1,4 +1,4 @@
{pkgs, ...}: {
{pkgs, config, ...}: {
##########################################################################
#
# Install all apps and packages here.
@@ -20,8 +20,15 @@
neovim
git
nushell # my custom shell
gnugrep # replacee macos's grep
gnutar # replacee macos's tar
];
environment.variables.EDITOR = "nvim";
environment.variables = {
# Fix https://github.com/LnL7/nix-darwin/wiki/Terminfo-issues
TERMINFO_DIRS = map (path: path + "/share/terminfo") config.environment.profiles ++ [ "/usr/share/terminfo" ];
EDITOR = "nvim";
};
# Create /etc/zshrc that loads the nix-darwin environment.
# this is required if you want to use darwin's default shell - zsh
@@ -32,6 +39,7 @@
];
# Homebrew Mirror
# NOTE: is only useful when you run `brew install` manually! (not via nix-darwin)
environment.variables = {
HOMEBREW_API_DOMAIN = "https://mirrors.tuna.tsinghua.edu.cn/homebrew-bottles/api";
HOMEBREW_BOTTLE_DOMAIN = "https://mirrors.tuna.tsinghua.edu.cn/homebrew-bottles";
@@ -42,9 +50,7 @@
# homebrew need to be installed manually, see https://brew.sh
homebrew = {
# TODO Homebrew install takes a long time,
# So only enable this when you make changes.
enable = true;
enable = false;
onActivation = {
autoUpdate = false;
@@ -83,6 +89,7 @@
"aria2" # download tool
"httpie" # http client
"wireguard-tools" # wireguard
"mitmproxy"
# Usage:
# https://github.com/tailscale/tailscale/wiki/Tailscaled-on-macOS#run-the-tailscaled-daemon
@@ -92,10 +99,22 @@
# https://github.com/rgcr/m-cli
"m-cli" #  Swiss Army Knife for macOS
"proxychains-ng"
# commands like `gsed` `gtar` are required by some tools
"gnu-sed"
"gnu-tar"
# misc that nix do not have cache for.
"git-trim"
"terraform"
"terraformer"
];
# `brew install --cask`
casks = [
"wezterm"
"squirrel" # input method for Chinese, rime-squirrel
"firefox"
@@ -118,6 +137,7 @@
"iglance" # beautiful system monitor
"eudic" # 欧路词典
# "reaper" # audio editor
"sonic-pi" # music programming
# Development
"insomnia" # REST client
modules/darwin/default.nix
+3 -1
View File
@@ -1,7 +1,9 @@
{
imports = [
./apps.nix
../common.nix
./nix-core.nix
./apps.nix
./system.nix
];
}
modules/darwin/nix-core.nix
+5 -12
View File
@@ -12,9 +12,6 @@
#
###################################################################################
# enable flakes globally
nix.settings.experimental-features = ["nix-command" "flakes"];
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
@@ -28,14 +25,10 @@
programs.nix-index.enable = true;
# boot.loader.grub.configurationLimit = 10;
# do garbage collection weekly to keep disk usage low
nix.gc = {
automatic = lib.mkDefault true;
options = lib.mkDefault "--delete-older-than 1w";
# Disable auto-optimise-store because of this issue:
# https://github.com/NixOS/nix/issues/7273
# "error: cannot link '/nix/store/.tmp-link-xxxxx-xxxxx' to '/nix/store/.links/xxxx': File exists"
nix.settings = {
auto-optimise-store = false;
};
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
nix.settings.auto-optimise-store = true;
}
modules/darwin/system.nix
+20 -3
View File
@@ -24,8 +24,10 @@
# customize dock
dock = {
autohide = true;
show-recents = false; # disable recent apps
autohide = true; # automatically hide and show the dock
show-recents = false; # do not show recent apps in dock
# do not automatically rearrange spaces based on most recent use.
mru-spaces = false;
# customize Hot Corners(触发角, 鼠标移动到屏幕角落时触发的动作)
wvous-tl-corner = 2; # top-left - Mission Control
@@ -78,7 +80,12 @@
};
# customize settings that not supported by nix-darwin directly
# see the source code of https://github.com/rgcr/m-cli to get all the available options
CustomUserPreferences = {
".GlobalPreferences" = {
# automatically switch to a new space when switching to the application
AppleSpacesSwitchOnActivate = true;
};
NSGlobalDomain = {
# Add a context menu item for showing the Web Inspector in web views
WebKitDeveloperExtras = true;
@@ -144,14 +151,24 @@
# Fonts
fonts = {
# use fonts specified by user rather than default ones
# will be removed after this PR is merged:
# https://github.com/LnL7/nix-darwin/pull/754
fontDir.enable = true;
# will change to `fonts.packages` after this PR is merged:
# https://github.com/LnL7/nix-darwin/pull/754
fonts = with pkgs; [
# packages = with pkgs; [
# icon fonts
material-design-icons
font-awesome
# 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的
source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro,以及带字重的变体,加上 Source Sans 3 VF
source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro,以及带字重的变体
source-han-sans # 思源黑体
source-han-serif # 思源宋体
# nerdfonts
(nerdfonts.override {
fonts = [
modules/nixos/core-desktop.nix
+151 -147
View File
@@ -1,6 +1,8 @@
{
config,
lib,
pkgs,
pkgs-unstable,
...
}: {
###################################################################################
@@ -16,16 +18,156 @@
# to install chrome, you need to enable unfree packages
nixpkgs.config.allowUnfree = lib.mkForce true;
# Enable CUPS to print documents.
services.printing.enable = true;
# add user's shell into /etc/shells
environment.shells = with pkgs; [
bash
nushell
];
# set user's default shell system-wide
users.defaultUserShell = pkgs.nushell;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
parted
ventoy
gnumake
psmisc # killall/pstree/prtstat/fuser/...
colmena # nixos's remote deployment tool
pulseaudio # provides `pactl`, which is required by some apps(e.g. sonic-pi)
];
programs = {
# android development tools, this will install adb/fastboot and other android tools and udev rules
# see https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/programs/adb.nix
adb.enable = true;
# The OpenSSH agent remembers private keys for you
# so that you dont have to type in passphrases every time you make an SSH connection.
# Use `ssh-add` to add a key to the agent.
ssh.startAgent = true;
# dconf is a low-level configuration system.
dconf.enable = true;
};
# A key remapping daemon for linux.
# https://github.com/rvaiya/keyd
services.keyd = {
enable = true;
keyboards = {
default = {
settings = {
main = {
# overloads the capslock key to function as both escape (when tapped) and control (when held)
capslock = "overload(control, esc)";
};
};
};
};
};
# PipeWire is a new low-level multimedia framework.
# It aims to offer capture and playback for both audio and video with minimal latency.
# It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications.
# PipeWire has a great bluetooth support, it can be a good alternative to PulseAudio.
# https://nixos.wiki/wiki/PipeWire
services.pipewire = {
enable = true;
# package = pkgs-unstable.pipewire;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
jack.enable = true;
wireplumber.enable = true;
};
# rtkit is optional but recommended
security.rtkit.enable = true;
# Remove sound.enable or turn it off if you had it set previously, it seems to cause conflicts with pipewire
sound.enable = false;
# Disable pulseaudio, it conflicts with pipewire too.
hardware.pulseaudio.enable = false;
# enable bluetooth & gui paring tools - blueman
# or you can use cli:
# $ bluetoothctl
# [bluetooth] # power on
# [bluetooth] # agent on
# [bluetooth] # default-agent
# [bluetooth] # scan on
# ...put device in pairing mode and wait [hex-address] to appear here...
# [bluetooth] # pair [hex-address]
# [bluetooth] # connect [hex-address]
# Bluetooth devices automatically connect with bluetoothctl as well:
# [bluetooth] # trust [hex-address]
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# security with polkit
services.power-profiles-daemon = {
enable = true;
};
security.polkit.enable = true;
# security with gnome-kering
services.gnome.gnome-keyring.enable = true;
security.pam.services.greetd.enableGnomeKeyring = true;
services = {
# Enable CUPS to print documents.
printing.enable = true;
# https://flatpak.org/setup/NixOS
flatpak.enable = false;
dbus.packages = [pkgs.gcr];
geoclue2.enable = true;
udev.packages = with pkgs; [
gnome.gnome-settings-daemon
platformio # udev rules for platformio
openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895
android-udev-rules
openfpgaloader
];
};
xdg.portal = {
enable = true;
config = {
common = {
# Use xdg-desktop-portal-gtk for every portal interface...
default = [
"gtk"
];
# except for the secret portal, which is handled by gnome-keyring
"org.freedesktop.impl.portal.Secret" = [
"gnome-keyring"
];
};
};
# Sets environment variable NIXOS_XDG_OPEN_USE_PORTAL to 1
# This will make xdg-open use the portal to open programs,
# which resolves bugs involving programs opening inside FHS envs or with unexpected env vars set from wrappers.
# xdg-open is used by almost all programs to open a unknown file/uri
# alacritty as an example, it use xdg-open as default, but you can also custom this behavior
# and vscode has open like `External Uri Openers`
xdgOpenUsePortal = false;
extraPortals = with pkgs; [
xdg-desktop-portal-gtk # for gtk
# xdg-desktop-portal-kde # for kde
];
};
# all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts
fonts = {
# use fonts specified by user rather than default ones
enableDefaultFonts = false;
enableDefaultPackages = false;
fontDir.enable = true;
fonts = with pkgs; [
packages = with pkgs; [
# icon fonts
material-design-icons
font-awesome
@@ -60,153 +202,15 @@
# the reason there's Noto Color Emoji everywhere is to override DejaVu's
# B&W emojis that would sometimes show instead of some Color emojis
fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Color Emoji"];
sansSerif = ["Noto Sans" "Noto Color Emoji"];
serif = ["Noto Serif CJK SC" "Noto Serif CJK TC" "Noto Serif CJK JP" "Noto Color Emoji"];
sansSerif = ["Noto Sans CJK SC" "Noto Sans CJK TC" "Noto Sans CJK JP" "Noto Color Emoji"];
monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"];
emoji = ["Noto Color Emoji"];
};
};
# dconf is a low-level configuration system.
programs.dconf.enable = true;
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "no"; # disable root login
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
environment.variables = {
# fix https://github.com/NixOS/nixpkgs/issues/238025
TZ = "${config.time.timeZone}";
};
# The OpenSSH agent remembers private keys for you
# so that you dont have to type in passphrases every time you make an SSH connection.
# Use `ssh-add` to add a key to the agent.
programs.ssh.startAgent = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
# python, some times I may need to use python with root permission.
(python310.withPackages (ps:
with ps; [
ipython
pandas
requests
pyquery
pyyaml
]))
];
# PipeWire is a new low-level multimedia framework.
# It aims to offer capture and playback for both audio and video with minimal latency.
# It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications.
# PipeWire has a great bluetooth support, it can be a good alternative to PulseAudio.
# https://nixos.wiki/wiki/PipeWire
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
# jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
# rtkit is optional but recommended
security.rtkit.enable = true;
# Remove sound.enable or turn it off if you had it set previously, it seems to cause conflicts with pipewire
sound.enable = false;
# Disable pulseaudio, it conflicts with pipewire too.
hardware.pulseaudio.enable = false;
# enable bluetooth & gui paring tools - blueman
# or you can use cli:
# $ bluetoothctl
# [bluetooth] # power on
# [bluetooth] # agent on
# [bluetooth] # default-agent
# [bluetooth] # scan on
# ...put device in pairing mode and wait [hex-address] to appear here...
# [bluetooth] # pair [hex-address]
# [bluetooth] # connect [hex-address]
# Bluetooth devices automatically connect with bluetoothctl as well:
# [bluetooth] # trust [hex-address]
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# https://flatpak.org/setup/NixOS
services.flatpak.enable = true;
# security with polkit
services.power-profiles-daemon = {
enable = true;
};
security.polkit.enable = true;
# security with gnome-kering
services.gnome.gnome-keyring.enable = true;
security.pam.services.greetd.enableGnomeKeyring = true;
# A key remapping daemon for linux.
# https://github.com/rvaiya/keyd
services.keyd = {
enable = true;
settings = {
main = {
# overloads the capslock key to function as both escape (when tapped) and control (when held)
capslock = "overload(control, esc)";
};
};
};
services = {
dbus.packages = [pkgs.gcr];
geoclue2.enable = true;
udev.packages = with pkgs; [
gnome.gnome-settings-daemon
platformio # udev rules for platformio
openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895
android-udev-rules
];
};
# android development tools, this will install adb/fastboot and other android tools and udev rules
# see https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/programs/adb.nix
programs.adb.enable = true;
xdg.portal = {
enable = true;
wlr.enable = true;
# Sets environment variable NIXOS_XDG_OPEN_USE_PORTAL to 1
# This will make xdg-open use the portal to open programs,
# which resolves bugs involving programs opening inside FHS envs or with unexpected env vars set from wrappers.
# xdg-open is used by almost all programs to open a unknown file/uri
# alacritty as an example, it use xdg-open as default, but you can also custom this behavior
# and vscode has open like `External Uri Openers`
xdgOpenUsePortal = false;
extraPortals = with pkgs; [
xdg-desktop-portal-wlr # for wlroots based compositors(hyprland/sway)
xdg-desktop-portal-gtk # for gtk
# xdg-desktop-portal-kde # for kde
];
};
# add user's shell into /etc/shells
environment.shells = with pkgs; [
bash
nushell
];
# set user's default shell system-wide
users.defaultUserShell = pkgs.nushell;
}
modules/nixos/core-riscv64.nix
+74
View File
@@ -0,0 +1,74 @@
{config, pkgs, nixpkgs, ...}: {
# =========================================================================
# Base NixOS Configuration
# =========================================================================
# Set your time zone.
time.timeZone = "Asia/Shanghai";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
nix.settings = {
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
auto-optimise-store = true;
builders-use-substitutes = true;
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
#
# TODO feel free to add or remove packages here.
environment.systemPackages = with pkgs; [
neovim
# networking
mtr # A network diagnostic tool
iperf3 # A tool for measuring TCP and UDP bandwidth performance
nmap # A utility for network discovery and security auditing
ldns # replacement of dig, it provide the command `drill`
socat # replacement of openbsd-netcat
tcpdump # A powerful command-line packet analyzer
# archives
zip
xz
unzip
p7zip
zstd
gnutar
# misc
file
which
tree
gnused
gawk
tmux
docker-compose
];
# replace default editor with neovim
environment.variables.EDITOR = "nvim";
virtualisation.docker = {
enable = true;
# start dockerd on boot.
# This is required for containers which are created with the `--restart=always` flag to work.
enableOnBoot = true;
};
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "prohibit-password"; # disable root login with password
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
};
}
modules/nixos/core-server.nix
+14 -19
View File
@@ -9,26 +9,17 @@
#
###################################################################################
imports = [
../common.nix
];
# for nix server, we do not need to keep too much generations
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
# boot.loader.grub.configurationLimit = 10;
# do garbage collection weekly to keep disk usage low
nix.gc = {
automatic = lib.mkDefault true;
dates = lib.mkDefault "weekly";
options = lib.mkDefault "--delete-older-than 1w";
};
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
nix.settings.auto-optimise-store = true;
# enable flakes globally
nix.settings.experimental-features = ["nix-command" "flakes"];
# Allow unfree packages
nixpkgs.config.allowUnfree = lib.mkDefault false;
# Set your time zone.
time.timeZone = "Asia/Shanghai";
@@ -62,6 +53,13 @@
};
openFirewall = true;
};
# for power management
services = {
power-profiles-daemon = {
enable = true;
};
upower.enable = true;
};
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -94,11 +92,8 @@
virtualisation.docker = {
enable = true;
# start dockerd on boot.
# This is required for containers which are created with the `--restart=always` flag to work.
enableOnBoot = true;
};
# for power management
services.power-profiles-daemon = {
enable = true;
};
services.upower.enable = true;
}
modules/nixos/fhs-fonts.nix
+1 -1
View File
@@ -22,7 +22,7 @@
};
aggregatedFonts = pkgs.buildEnv {
name = "system-fonts";
paths = config.fonts.fonts;
paths = config.fonts.packages;
pathsToLink = ["/share/fonts"];
};
in {
modules/nixos/hyprland.nix
+48 -28
View File
@@ -1,4 +1,4 @@
{pkgs, ...}: {
{pkgs, hyprland, ...}: {
##########################################################################################################
#
# NixOS's Configuration for Hyprland Window Manager
@@ -9,43 +9,60 @@
#
##########################################################################################################
environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw
services.xserver = {
imports = [
# hyprland.nixosModules.default
];
xdg.portal = {
enable = true;
wlr.enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-wlr
];
};
desktopManager = {
xterm.enable = false;
};
environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw
services = {
gvfs.enable = true; # Mount, trash, and other functionalities
tumbler.enable = true; # Thumbnail support for images
xserver = {
enable = true;
displayManager = {
defaultSession = "hyprland";
lightdm.enable = false;
gdm = {
enable = true;
wayland = true;
desktopManager = {
xterm.enable = false;
};
displayManager = {
defaultSession = "hyprland";
lightdm.enable = false;
gdm = {
enable = true;
wayland = true;
};
};
};
};
programs.hyprland = {
enable = true;
xwayland = {
programs = {
hyprland = {
enable = true;
hidpi = true;
xwayland = {
enable = true;
};
enableNvidiaPatches = true;
};
nvidiaPatches = true;
};
programs.light.enable = true; # monitor backlight control
# monitor backlight control
light.enable = true;
# thunar file manager(part of xfce) related options
programs.thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
services.gvfs.enable = true; # Mount, trash, and other functionalities
services.tumbler.enable = true; # Thumbnail support for images
# thunar file manager(part of xfce) related options
thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -56,13 +73,13 @@
swaylock # locking the screen
wlogout # logout menu
wl-clipboard # copying and pasting
hyprpicker # color picker
wf-recorder # creen recording
grim # taking screenshots
slurp # selecting a region to screenshot
# TODO replace by `flameshot gui --raw | wl-copy`
wofi # A rofi inspired launcher for wlroots compositors such as sway/hyprland
mako # the notification daemon, the same as dunst
yad # a fork of zenity, for creating dialogs
@@ -76,4 +93,7 @@
xfce.thunar # xfce4's file manager
];
# fix https://github.com/ryan4yin/nix-config/issues/10
security.pam.services.swaylock = {};
}
modules/nixos/i3.nix
+45 -41
View File
@@ -7,48 +7,54 @@
# i3 related options
environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw
services.xserver = {
enable = true;
desktopManager = {
xterm.enable = false;
};
displayManager = {
defaultSession = "none+i3";
lightdm.enable = false;
gdm.enable = true;
};
windowManager.i3 = {
services = {
gvfs.enable = true; # Mount, trash, and other functionalities
tumbler.enable = true; # Thumbnail support for images
xserver = {
enable = true;
extraPackages = with pkgs; [
rofi # application launcher, the same as dmenu
dunst # notification daemon
i3blocks # status bar
i3lock # default i3 screen locker
xautolock # lock screen after some time
i3status # provide information to i3bar
i3-gaps # i3 with gaps
picom # transparency and shadows
feh # set wallpaper
acpi # battery information
arandr # screen layout manager
dex # autostart applications
xbindkeys # bind keys to commands
xorg.xbacklight # control screen brightness, the same as light
xorg.xdpyinfo # get screen information
scrot # minimal screen capture tool, used by i3 blur lock to take a screenshot
sysstat # get system information
alsa-utils # provides amixer/alsamixer/...
xfce.thunar # xfce4's file manager
];
desktopManager = {
xterm.enable = false;
};
displayManager = {
defaultSession = "none+i3";
lightdm.enable = false;
gdm.enable = true;
};
windowManager.i3 = {
enable = true;
extraPackages = with pkgs; [
rofi # application launcher, the same as dmenu
dunst # notification daemon
i3blocks # status bar
i3lock # default i3 screen locker
xautolock # lock screen after some time
i3status # provide information to i3bar
i3-gaps # i3 with gaps
picom # transparency and shadows
feh # set wallpaper
xcolor # color picker
acpi # battery information
arandr # screen layout manager
dex # autostart applications
xbindkeys # bind keys to commands
xorg.xbacklight # control screen brightness, the same as light
xorg.xdpyinfo # get screen information
scrot # minimal screen capture tool, used by i3 blur lock to take a screenshot
sysstat # get system information
alsa-utils # provides amixer/alsamixer/...
xfce.thunar # xfce4's file manager
];
};
# Configure keymap in X11
layout = "us";
xkbVariant = "";
};
# Configure keymap in X11
layout = "us";
xkbVariant = "";
};
# thunar file manager(part of xfce) related options
@@ -56,6 +62,4 @@
thunar-archive-plugin
thunar-volman
];
services.gvfs.enable = true; # Mount, trash, and other functionalities
services.tumbler.enable = true; # Thumbnail support for images
}
modules/nixos/libvirt.nix
+6 -7
View File
@@ -19,7 +19,7 @@
};
programs.dconf.enable = true;
environment.systemPackages = with pkgs; [
# Need to add [File (in the menu bar) -> Add connection] after start the first time
# Need to add [File (in the menu bar) -> Add connection] when start for the first time
virt-manager
# QEMU/KVM, provides:
@@ -38,14 +38,13 @@
qemu_full
];
boot.kernelModules = ["kvm-amd" "kvm-intel"];
boot.kernelModules = ["kvm-amd" "kvm-intel" "vfio-pci"];
# Enable nested virsualization, required by security containers and nested vm.
boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu
# boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu
# NixOS VM should enable this:
# services.qemuGuest = {
# enable = true;
# package = pkgs.qemu_kvm.ga;
# };
virtualisation = {
waydroid.enable = true;
lxd.enable = true;
};
}
modules/nixos/remote-building.nix
+49 -31
View File
@@ -36,34 +36,34 @@
in [
# Nix seems always try to build on the machine remotely
# to make use of the local machine's high-performance CPU, do not set remote builder's maxJobs too high.
{
# some of my remote builders are running NixOS
# and has the same sshUser, sshKey, systems, etc.
inherit sshUser sshKey systems supportedFeatures;
# the hostName should be:
# 1. a hostname that can be resolved by DNS
# 2. the ip address of the remote builder
# 3. a host alias defined globally in /etc/ssh/ssh_config
hostName = "aquamarine";
# remote builder's max-job
maxJobs = 3;
# speedFactor's a signed integer
# but it seems that it's not used by Nix, takes no effect
speedFactor = 1;
}
{
inherit sshUser sshKey systems supportedFeatures;
hostName = "ruby";
maxJobs = 2;
speedFactor = 1;
}
{
inherit sshUser sshKey systems supportedFeatures;
hostName = "kana";
maxJobs = 2;
speedFactor = 1;
}
# {
# # some of my remote builders are running NixOS
# # and has the same sshUser, sshKey, systems, etc.
# inherit sshUser sshKey systems supportedFeatures;
#
# # the hostName should be:
# # 1. a hostname that can be resolved by DNS
# # 2. the ip address of the remote builder
# # 3. a host alias defined globally in /etc/ssh/ssh_config
# hostName = "aquamarine";
# # remote builder's max-job
# maxJobs = 3;
# # speedFactor's a signed integer
# # but it seems that it's not used by Nix, takes no effect
# speedFactor = 1;
# }
# {
# inherit sshUser sshKey systems supportedFeatures;
# hostName = "ruby";
# maxJobs = 2;
# speedFactor = 1;
# }
# {
# inherit sshUser sshKey systems supportedFeatures;
# hostName = "kana";
# maxJobs = 2;
# speedFactor = 1;
# }
];
# optional, useful when the builder has a faster internet connection than yours
nix.extraOptions = ''
@@ -73,6 +73,7 @@
# define the host alias for remote builders
# this config will be written to /etc/ssh/ssh_config
programs.ssh.extraConfig = ''
# idols
Host ai
HostName 192.168.5.100
Port 22
@@ -88,6 +89,23 @@
Host kana
HostName 192.168.5.103
Port 22
# rolling girls
Host nozomi
HostName 192.168.5.104
Port 22
Host yukina
HostName 192.168.5.105
Port 22
Host chiaya
HostName 192.168.5.106
Port 22
Host suzu
HostName 192.168.5.107
Port 22
'';
# define the host key for remote builders so that nix can verify all the remote builders
@@ -96,19 +114,19 @@
# 星野 愛久愛海, Hoshino Aquamarine
aquamarine = {
hostNames = ["aquamarine" "192.168.5.101"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDnCQXlllHoLX5EvU+t6yP/npsmuxKt0skHVeJashizE";
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO0EzzjnuHBE9xEOZupLmaAj9xbYxkUDeLbMqFZ7YPjU";
};
# 星野 瑠美衣, Hoshino Rubii
ruby = {
hostNames = ["ruby" "192.168.5.102"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7n11XxB8B3HjdyAsL3PuLVDZxWCzEOUTJAY8+goQmW";
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrDXNQXELnbevZ1rImfXwmQHkRcd3TDNLsQo33c2tUf";
};
# 有馬 かな, Arima Kana
kana = {
hostNames = ["kana" "192.168.5.103"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ3dDLOZERP1nZfRz3zIeVDm1q2Trer+fWFVvVXrgXM1";
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJMVX05DQD1XJ0AqFZzsRsqgeUOlZ4opAI+8tkVXyjq+";
};
};
}
modules/nixos/user-group.nix
+18 -4
View File
@@ -1,17 +1,26 @@
{ username, ... }:
{
nix.settings.trusted-users = [username];
# Don't allow mutation of users outside the config.
users.mutableUsers = false;
users.groups = {
"${username}" = {};
docker = {};
wireshark = {};
# for android platform tools's udev rules
adbusers ={};
dialout = {};
# for openocd (embedded system development)
plugdev = {};
# misc
uinput = {};
};
# Define a user account. Don't forget to set a password with passwd.
users.users."${username}" = {
# the hashed password with salt is generated by run `mkpasswd`.
hashedPassword = "$y$j9T$YQu5vhlnogjDFDWp9QkPh0$Eu85OiwllqvLg5fzRVMLVHNO7InA3ro8grTJJIepyH1";
# generated by `mkpasswd -m scrypt`
# we have to use initialHashedPassword here when using tmpfs for /
initialHashedPassword = "$7$CU..../....Sdl/JRH..9eIvZ6mE/52r.$xeR6lyvTcVVKt28Owcoc/vPOOECcYSiq1xjw/QCz2t0";
home = "/home/${username}";
isNormalUser = true;
description = username;
@@ -27,8 +36,13 @@
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDiipi59EnVbi6bK1bGrcbfEM263wgdNfbrt6VBC1rHx ryan@ai-idols"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII7PTkP3ixXTZlrJNSHnXgkmHNT+QslFi9wNYXOpVwGB ryan@harmonica"
];
};
users.users.root.initialHashedPassword = "$7$CU..../....X6uvZYnFD.i1CqqFFNl4./$4vgqzIPyw5XBr0aCDFbY/UIRRJr7h5SMGoQ/ZvX3FP2";
# fix for `sudo xxx` in kitty/wezterm and other modern terminal emulators
security.sudo.keepTerminfo = true;
# DO NOT promote the specified user to input password for `nix-store` and `nix-copy-closure`
security.sudo.extraRules = [
overlays/fcitx5/README.md
-2
View File
@@ -2,8 +2,6 @@
Useful for Linux(fcitx5-rime) & macOS(squirrel).
## Hisotry Problems
## Linux(fcitx5-rime)
1. pay attention to the `rm -rf .local/share/fcitx5/rime/`, which may contains some auto generated rime config files, which may cause flypy not the default scheme for rime
overlays/fcitx5/rime-data-flypy/share/rime-data/flypy_user.txt
+106 -1
View File
@@ -15,8 +15,113 @@
# 简词补全放本文件内,不需要可删除
# 用户词库,下行开始添加,编码格式见上,部署后生效
# 符号
# [自定义]我的个人信息
xiaoyin_c@qq.com mail
ryan4yin@linux.com mail
https://thiscute.world blog
# [自定义]常用符号
## 小鹤内置常用符号快捷键: https://xgr313l2jy.k.topthink.com/@xhrm/fh.html
α alpa
β beta
γ gama
δ delt
Δ delt
ε epsn
ζ zeta
η eta
θ thet
ι iota
κ kapp
λ lamb
Ω omeg
ω omeg
Σ sigm
· dott
μ muuu
Π piii
Φ phii
Ψ psii
# [自定义]补充缺失单字
靐 bkyt
伕 furf
颪 gxxi
嘦 jnkn
咭 jikk
槑 mwkm
妳 ninx
兲 tmwb
卍 wjvl
囍 xiuk
矽 xiux
怣 yzux
臝 lowf
勅 iiul
吋 cykc
呎 iiki
毬 qqmq
氽 tyru
搨 tafx
垝 gvtv
毚 ijdd
鹥 yikn
穀 guuy
寔 uibr
惸 qsxz
櫜 gcam
蓫 vucu
巘 yjeq
霑 vjyk
霂 muym
炁 qiah
谘 ziyk
棔 hymo
盻 pjov
搕 kefm
搇 qbfy
砅 liuu
阺 died
垅 lstl
雝 ysvf
蹓 lqzt
豗 hvwu
# [自定义]补充四码词组
电感 dmgj
二极管 ejgr
二叉树 eiuu
方差 fhia
红黑 hshw
差分 iaff
充要 isyc
重载 iszd
卷积 jrji
链表 lmbn
滤波 lvbo
内插 nwia
逆序 nixu
耦合 ouhe
攀爬 pjpa
频域 pbyu
频谱 pbpu
曲率 qulv
弱光 rogl
三极管 sjgr
微分 wwff
涡流 wolq
增益 zgyi
字符串 zfir
矩形 juxk
接口 jpkz
契约 qiyt
术语 uuyu
## [custom]补充二三码词组
输入 ur
古诗 guu
共轭 gse
树状 uuv
# 全码词
杯子 bwzi
secrets/README.md
+6 -2
View File
@@ -101,7 +101,6 @@ First, add your own private `nix-secrets` repository and `agenix` as a flake inp
};
};
}
}
```
Then, create `./secrets/default.nix` with the following content:
@@ -121,7 +120,7 @@ Then, create `./secrets/default.nix` with the following content:
];
age.secrets."xxx" = {
# wether secrets are symlinked to age.secrets.<name>.path
# whether secrets are symlinked to age.secrets.<name>.path
symlink = true;
# target path for decrypted file
path = "/etc/xxx/";
@@ -141,3 +140,8 @@ NOTE: By default, `age.identityPaths` is set to `~/.ssh/id_ed25519` and `~/.ssh/
so make sure to place your decryption keys there.
If you're deploying to the same machine from which you encrypted the secrets, it should work out of the box.
## Other Replacements
- [ragenix](https://github.com/yaxitech/ragenix): A Rust reimplementation of agenix.