starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-04-30 12:44:17 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
d34debd3d3eb7eca3c798c0214925970c6a61288
nix-config/modules/base/packages.nix
Ryan Yin 74a9106917 security(home): drop all neovim plugins to shrink supply-chain exposure (#259) 
* chore(home): drop AstroNvim bundle and centralize editors

Remove the bundled Neovim plugin tree to shrink supply-chain exposure; keep a
minimal programs.neovim backup. Daily editing stays Helix-first with Yazi and
Zellij.

- Add Helix/Neovim docs, glossary, and cheatsheets under core/editors/.
- Default EDITOR/VISUAL to hx; use SUDO_EDITOR nvim --clean for sudoedit and
  other sensitive edits; adjust Nushell buffer_editor accordingly.
- Apply Helix Home Manager settings (keys, editor UI) in core/editors/helix.
- Keep heavy language-server tooling only in home/base/tui/editors/packages.nix;
  wire it via an explicit default.nix import so core stays lightweight.
- Extend modules/base packages.nix where that profile sets global editor env.

* docs: link editors, VS Code, and agents from README

Document tui/editors versus core/editors; add root README pointers to GUI
vscode (Home Manager) and agents/. Cross-link heavy packages README from
core/editors.
2026-04-27 21:31:58 +08:00

91 lines
2.7 KiB
Nix
Raw Blame History

{ pkgs, ... }:
{
# Default editor: Helix (`hx`). Privileged edits (`sudoedit`, …) prefer `nvim --clean`
# via `SUDO_EDITOR`; invoke `nvim --clean` manually for other sensitive workflows.
environment.variables = {
EDITOR = "hx";
VISUAL = "hx";
SUDO_EDITOR = "nvim --clean";
};
environment.systemPackages = with pkgs; [
# core tools
nushell # nushell
fastfetch
helix # default $EDITOR (`hx`)
neovim # backup editor; `nvim --clean` for sensitive / privileged edits (`$SUDO_EDITOR`)
gnumake # Makefile
just # a command runner like gnumake, but simpler
git # used by nix flakes
git-lfs # used by huggingface models
# system monitoring
procs # a moreden ps
btop
# archives
zip
xz
zstd
unzipNLS
p7zip
# Text Processing
# Docs: https://github.com/learnbyexample/Command-line-text-processing
gnugrep # GNU grep, provides `grep`/`egrep`/`fgrep`
gawk # GNU awk, a pattern scanning and processing language
gnutar
gnused # GNU sed, very powerful(mainly for replacing text in files)
sad # CLI search and replace, just like sed, but with diff preview.
jq # A lightweight and flexible command-line JSON processor
yq-go # yaml processor https://github.com/mikefarah/yq
jc # converts the output of popular cli tools & file-types to JSON, YAML
# Interactively filter its input using fuzzy searching, not limit to filenames.
fzf
# search for files by name, faster than find
fd
findutils
# search for files by its content, replacement of grep
(ripgrep.override { withPCRE2 = true; })
duf # Disk Usage/Free Utility - a better 'df' alternative
dust # A more intuitive version of `du` in rust
gdu # disk usage analyzer(replacement of `du`)
ncdu # analyzer your disk usage Interactively, via TUI(replacement of `du`)
# networking tools
mtr # A network diagnostic tool(traceroute)
gping # ping, but with a graph(TUI)
dnsutils # `dig` + `nslookup`
ldns # replacement of `dig`, it provide the command `drill`
doggo # DNS client for humans
wget
curl
curlie # curl with httpie
httpie
aria2 # A lightweight multi-protocol & multi-source command-line download utility
socat # replacement of openbsd-netcat
nmap # A utility for network discovery and security auditing
ipcalc # it is a calculator for the IPv4/v6 addresses
iperf3 # network performance test
hyperfine # command-line benchmarking tool
tcpdump # network sniffer
# file transfer
rsync
croc # File transfer between computers securely and easily
# security
libargon2
openssl
# misc
file
which
tree
tealdeer # a very fast version of tldr
];
}
Reference in New Issue View Git Blame Copy Permalink