harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

add mpro

Browse source 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
This commit is contained in:
Harald Hoyer 2024-03-12 00:24:28 +01:00
parent dd3dd53e11
commit 5e2d3a6ce4
Signed by: harald
GPG key ID: F519A1143B3FBE32
25 changed files with 665 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
flake.lock
View file

@ -305,6 +305,26 @@
"type": "github" "type": "github"
} }
}, },
"darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1709771483,
"narHash": "sha256-Hjzu9nCknHLQvhdaRFfCEprH0o15KcaNu1QDr3J88DI=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "550340062c16d7ef8c2cc20a3d2b97bcd3c6b6f6",
"type": "github"
},
"original": {
"owner": "lnl7",
"repo": "nix-darwin",
"type": "github"
}
},
"dashboard-nvim": { "dashboard-nvim": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -767,6 +787,22 @@
"type": "github" "type": "github"
} }
}, },
"gpg-base-conf": {
"flake": false,
"locked": {
"lastModified": 1710110429,
"narHash": "sha256-sW7crQEhoGslXyO9djBuPYf1DFqTo5uYUEFkaSCw1xc=",
"owner": "drduh",
"repo": "config",
"rev": "702281406b1f491b805d8e380dc03d73ace517f3",
"type": "github"
},
"original": {
"owner": "drduh",
"repo": "config",
"type": "github"
}
},
"highlight-undo": { "highlight-undo": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -1972,7 +2008,9 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"darwin": "darwin",
"disko": "disko", "disko": "disko",
"gpg-base-conf": "gpg-base-conf",
"home-manager": "home-manager", "home-manager": "home-manager",
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"neovim-flake": "neovim-flake", "neovim-flake": "neovim-flake",
@ -1980,7 +2018,8 @@
"nixsgx-flake": "nixsgx-flake", "nixsgx-flake": "nixsgx-flake",
"snowfall-lib": "snowfall-lib_2", "snowfall-lib": "snowfall-lib_2",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"unstable": "unstable" "unstable": "unstable",
"yubikey-guide": "yubikey-guide"
} }
}, },
"rust-overlay": { "rust-overlay": {
@ -2587,6 +2626,22 @@
"type": "github" "type": "github"
} }
}, },
"yubikey-guide": {
"flake": false,
"locked": {
"lastModified": 1710173432,
"narHash": "sha256-bzoO+sxhaC8P513XpxmYXhb/rRt3Qc6q65m8sn++5/s=",
"owner": "drduh",
"repo": "YubiKey-Guide",
"rev": "12b232d28fbb6ea61ccff2075751105c77ca84ee",
"type": "github"
},
"original": {
"owner": "drduh",
"repo": "YubiKey-Guide",
"type": "github"
}
},
"zig": { "zig": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",

21
flake.nix
View file

@ -17,18 +17,35 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
neovim-flake.url = "github:notashelf/neovim-flake/v0.5"; # macOS Support (master)
neovim-flake.inputs.nixpkgs.follows = "nixpkgs"; darwin.url = "github:lnl7/nix-darwin";
darwin.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-23.11"; home-manager.url = "github:nix-community/home-manager/release-23.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
neovim-flake.url = "github:notashelf/neovim-flake/v0.5";
neovim-flake.inputs.nixpkgs.follows = "nixpkgs";
disko.url = "github:nix-community/disko"; disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs"; disko.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs"; sops-nix.inputs.nixpkgs.follows = "nixpkgs";
# GPG default configuration
gpg-base-conf = {
url = "github:drduh/config";
flake = false;
};
# Yubikey Guide
yubikey-guide = {
url = "github:drduh/YubiKey-Guide";
flake = false;
};
nixsgx-flake = { nixsgx-flake = {
url = "github:matter-labs/nixsgx"; url = "github:matter-labs/nixsgx";
# inputs.nixpkgs.follows = "nixpkgs"; # inputs.nixpkgs.follows = "nixpkgs";

7
homes/x86_64-darwin/harald@mpro.fritz.box/default.nix → homes/x86_64-darwin/harald@mpro/default.nix
View file

@ -1,9 +1,6 @@
{ lib { lib
, pkgs , pkgs
, config , config
, nixpkgs
, osConfig ? { }
, format ? "unknown"
, ... , ...
}: }:
{ {
@ -25,14 +22,10 @@
home-manager.enable = true; home-manager.enable = true;
}; };
tools = { tools = {
git.enable = true;
direnv.enable = true; direnv.enable = true;
alacritty.enable = true; alacritty.enable = true;
ssh.enable = true; ssh.enable = true;
# jetbrains.enable = true;
}; };
}; };
fonts.fontconfig.enable = true;
} }

1
homes/x86_64-linux/harald@sgx-azure/default.nix
View file

@ -1,7 +1,6 @@
{ lib { lib
, pkgs , pkgs
, config , config
, nixpkgs
, ... , ...
}: }:
{ {

5
homes/x86_64-linux/harald@sgx-nixos/default.nix
View file

@ -1,4 +1,7 @@
{ config, ... }: { lib
, config
, ...
}:
{ {
home.sessionPath = [ "$HOME/bin" ]; home.sessionPath = [ "$HOME/bin" ];

5
homes/x86_64-linux/harald@sgx/default.nix
View file

@ -1,4 +1,7 @@
{ config, ... }: { lib
, config
, ...
}:
{ {
home.sessionPath = [ "$HOME/bin" ]; home.sessionPath = [ "$HOME/bin" ];

3
homes/x86_64-linux/harald@x1/default.nix
View file

@ -1,4 +1,5 @@
{ config { lib
, config
, ... , ...
}: }:
{ {

40
modules/darwin/home/default.nix Normal file
View file

@ -0,0 +1,40 @@
{ options, config, pkgs, lib, inputs, ... }:
with lib;
with lib.plusultra;
let
cfg = config.plusultra.home;
in
{
# imports = with inputs; [
# home-manager.darwinModules.home-manager
# ];
options.plusultra.home = with types; {
file = mkOpt attrs { }
"A set of files to be managed by home-manager's <option>home.file</option>.";
configFile = mkOpt attrs { }
"A set of files to be managed by home-manager's <option>xdg.configFile</option>.";
extraOptions = mkOpt attrs { } "Options to pass directly to home-manager.";
homeConfig = mkOpt attrs { } "Final config for home-manager.";
};
config = {
plusultra.home.extraOptions = {
home.stateVersion = mkDefault "23.11";
home.file = mkAliasDefinitions options.plusultra.home.file;
xdg.enable = true;
xdg.configFile = mkAliasDefinitions options.plusultra.home.configFile;
};
snowfallorg.users.${config.plusultra.user.name}.home.config = mkAliasDefinitions options.plusultra.home.extraOptions;
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
# users.${config.plusultra.user.name} = args:
# mkAliasDefinitions options.plusultra.home.extraOptions;
};
};
}

74
modules/darwin/nix/default.nix Normal file
View file

@ -0,0 +1,74 @@
{ options
, config
, pkgs
, lib
, ...
}:
with lib;
with lib.plusultra; let
cfg = config.plusultra.nix;
in
{
options.plusultra.nix = with types; {
enable = mkBoolOpt true "Whether or not to manage nix configuration.";
package = mkOpt package pkgs.nixUnstable "Which nix package to use.";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
deploy-rs
nixfmt
nix-index
nix-prefetch-git
];
nix =
let
users = [ "root" config.plusultra.user.name ];
in
{
package = cfg.package;
settings = {
experimental-features = "nix-command flakes";
http-connections = 50;
warn-dirty = false;
log-lines = 50;
# Large builds apparently fail due to an issue with darwin:
# https://github.com/NixOS/nix/issues/4119
sandbox = false;
# This appears to break on darwin
# https://github.com/NixOS/nix/issues/7273
auto-optimise-store = false;
allow-import-from-derivation = true;
trusted-users = users;
allowed-users = users;
# NOTE: This configuration is generated by nix-installer so I'm adding it here in
# case it becomes important.
extra-nix-path = "nixpkgs=flake:nixpkgs";
build-users-group = "nixbld";
};
#// (lib.optionalAttrs config.plusultra.tools.direnv.enable {
# keep-outputs = true;
# keep-derivations = true;
#});
gc = {
automatic = true;
interval = { Day = 7; };
options = "--delete-older-than 30d";
user = config.plusultra.user.name;
};
# flake-utils-plus
generateRegistryFromInputs = true;
generateNixPathFromInputs = true;
linkInputs = true;
};
};
}

85
modules/darwin/security/gpg/default.nix Normal file
View file

@ -0,0 +1,85 @@
{ lib, config, pkgs, inputs, ... }:
let
inherit (lib) types mkEnableOption mkIf;
inherit (lib.plusultra) mkOpt;
cfg = config.plusultra.security.gpg;
gpg = config.plusultra.security.gpg;
user = config.plusultra.user;
gpgConf = "${inputs.gpg-base-conf}/gpg.conf";
gpgAgentConf = ''
enable-ssh-support
default-cache-ttl 60
max-cache-ttl 120
'';
guide = "${inputs.yubikey-guide}/README.md";
theme = pkgs.fetchFromGitHub {
owner = "jez";
repo = "pandoc-markdown-css-theme";
rev = "019a4829242937761949274916022e9861ed0627";
sha256 = "1h48yqffpaz437f3c9hfryf23r95rr319lrb3y79kxpxbc9hihxb";
};
guideHTML = pkgs.runCommand "yubikey-guide" { } ''
${pkgs.pandoc}/bin/pandoc \
--standalone \
--metadata title="Yubikey Guide" \
--from markdown \
--to html5+smart \
--toc \
--template ${theme}/template.html5 \
--css ${theme}/docs/css/theme.css \
--css ${theme}/docs/css/skylighting-solarized-theme.css \
-o $out \
${guide}
'';
reload-yubikey = pkgs.writeShellScriptBin "reload-yubikey" ''
${pkgs.gnupg}/bin/gpg-connect-agent "scd serialno" "learn --force" /bye
'';
in
{
options.plusultra.security.gpg = {
enable = mkEnableOption "GPG";
agentTimeout = mkOpt types.int 5 "The amount of time to wait before continuing with shell init.";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
gnupg
];
environment.shellInit = ''
export GPG_TTY="$(tty)"
export SSH_AUTH_SOCK=$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)
${pkgs.coreutils}/bin/timeout ${builtins.toString cfg.agentTimeout} ${pkgs.gnupg}/bin/gpgconf --launch gpg-agent
gpg_agent_timeout_status=$?
if [ "$gpg_agent_timeout_status" = 124 ]; then
# Command timed out...
echo "GPG Agent timed out..."
echo 'Run "gpgconf --launch gpg-agent" to try and launch it again.'
fi
'';
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
plusultra.home.file = {
".gnupg/.keep".text = "";
".gnupg/yubikey-guide.md".source = guide;
".gnupg/yubikey-guide.html".source = guideHTML;
".gnupg/gpg.conf".source = gpgConf;
".gnupg/gpg-agent.conf".text = gpgAgentConf;
};
};
}

17
modules/darwin/services/nix-daemon/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ lib, config, ... }:
let
inherit (lib) types mkIf;
inherit (lib.plusultra) mkOpt enabled;
cfg = config.plusultra.services.nix-daemon;
in
{
options.plusultra.services.nix-daemon = {
enable = mkOpt types.bool true "Whether to enable the Nix daemon.";
};
config = mkIf cfg.enable {
services.nix-daemon = enabled;
};
}

39
modules/darwin/suites/common/default.nix Normal file
View file

@ -0,0 +1,39 @@
{ options, config, lib, pkgs, ... }:
with lib;
with lib.plusultra;
let
cfg = config.plusultra.suites.common;
in
{
options.plusultra.suites.common = with types; {
enable = mkBoolOpt false "Whether or not to enable common configuration.";
};
config = mkIf cfg.enable {
programs.fish = enabled;
plusultra = {
nix = enabled;
#cli-apps = {
# neovim = enabled;
#};
tools = {
git = enabled;
#flake = enabled;
};
system = {
fonts = enabled;
#input = enabled;
interface = enabled;
};
security = {
gpg = enabled;
};
};
};
}

35
modules/darwin/suites/development/default.nix Normal file
View file

@ -0,0 +1,35 @@
{ options, config, lib, pkgs, ... }:
with lib;
with lib.plusultra;
let
cfg = config.plusultra.suites.development;
in
{
options.plusultra.suites.development = with types; {
enable = mkBoolOpt false
"Whether or not to enable common development configuration.";
};
config = mkIf cfg.enable {
plusultra = {
#apps = {
# vscode = enabled;
#};
tools = {
# at = enabled;
# direnv = enabled;
# go = enabled;
# http = enabled;
# k8s = enabled;
# node = enabled;
# titan = enabled;
# python = enabled;
# java = enabled;
};
# virtualisation = { podman = enabled; };
};
};
}

32
modules/darwin/system/fonts/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ options, config, pkgs, lib, ... }:
with lib;
with lib.plusultra;
let cfg = config.plusultra.system.fonts;
in
{
options.plusultra.system.fonts = with types; {
enable = mkBoolOpt false "Whether or not to manage fonts.";
fonts = mkOpt (listOf package) [ ] "Custom font packages to install.";
};
config = mkIf cfg.enable {
environment.variables = {
# Enable icons in tooling since we have nerdfonts.
LOG_ICONS = "true";
};
fonts = {
fontDir = enabled;
fonts = with pkgs;
[
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
(nerdfonts.override { fonts = [ "Hack" ]; })
] ++ cfg.fonts;
};
};
}

29
modules/darwin/system/interface/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ options, config, pkgs, lib, ... }:
with lib;
with lib.plusultra;
let cfg = config.plusultra.system.interface;
in
{
options.plusultra.system.interface = with types; {
enable = mkEnableOption "macOS interface";
};
config = mkIf cfg.enable {
system.defaults = {
dock.autohide = true;
finder = {
AppleShowAllExtensions = true;
FXEnableExtensionChangeWarning = false;
};
NSGlobalDomain = {
_HIHideMenuBar = true;
AppleShowScrollBars = "Always";
};
};
plusultra.home.file.".hushlogin".text = "";
};
}

18
modules/darwin/tools/flake/default.nix Normal file
View file

@ -0,0 +1,18 @@
{ lib, config, pkgs, ... }:
with lib;
with lib.plusultra;
let
cfg = config.plusultra.tools.flake;
in
{
options.plusultra.tools.flake = {
enable = mkEnableOption "Flake";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
snowfallorg.flake
];
};
}

62
modules/darwin/tools/git/default.nix Normal file
View file

@ -0,0 +1,62 @@
{ options, config, pkgs, lib, ... }:
with lib;
with lib.plusultra;
let
cfg = config.plusultra.tools.git;
gpg = config.plusultra.security.gpg;
user = config.plusultra.user;
in
{
options.plusultra.tools.git = with types; {
enable = mkEnableOption "Git";
userName = mkOpt types.str user.fullName "The name to configure git with.";
userEmail = mkOpt types.str user.email "The email to configure git with.";
signingKey =
mkOpt types.str "7F3D64824AC0B6B8009E50504BC0896FB5693595" "The key ID to sign commits with.";
signByDefault = mkOpt types.bool false "Whether to sign commits by default.";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [ git ];
plusultra.home.extraOptions = {
programs.git = {
enable = true;
inherit (cfg) userName userEmail;
lfs = enabled;
signing = {
key = cfg.signingKey;
signByDefault = mkIf gpg.enable true;
};
extraConfig = {
init = { defaultBranch = "main"; };
pull = { rebase = true; };
push = { autoSetupRemote = true; };
core = { whitespace = "trailing-space,space-before-tab"; };
safe = {
directory = "${config.users.users.${user.name}.home}/git";
};
"credential \"https://github.com\"" = {
helper = "!gh auth git-credential";
};
alias = {
co = "checkout";
ci = "commit --signoff";
};
pull.ff = "only";
core.pager = "${pkgs.delta}/bin/delta";
delta = {
features = "decorations";
syntax-theme = "Dracula";
light = "false";
navigate = "true";
};
interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
merge.conflictStyle = "diff3";
diff.colorMoved = "default";
};
};
};
};
}

17
modules/darwin/tools/java/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ options, config, lib, pkgs, ... }:
with lib;
with lib.plusultra;
let cfg = config.plusultra.tools.java;
in
{
options.plusultra.tools.java = with types; {
enable = mkBoolOpt false "Whether or not to enable Java.";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
jdk
];
};
}

42
modules/darwin/tools/node/default.nix Normal file
View file

@ -0,0 +1,42 @@
{ options
, config
, pkgs
, lib
, ...
}:
with lib;
with lib.plusultra; let
cfg = config.plusultra.tools.node;
in
{
options.plusultra.tools.node = with types; {
enable = mkBoolOpt false "Whether or not to install and configure git";
pkg = mkOpt package pkgs.nodejs "The NodeJS package to use";
prettier = {
enable = mkBoolOpt true "Whether or not to install Prettier";
pkg =
mkOpt package pkgs.nodePackages.prettier "The NodeJS package to use";
};
yarn = {
enable = mkBoolOpt true "Whether or not to install Yarn";
pkg = mkOpt package pkgs.nodePackages.yarn "The NodeJS package to use";
};
pnpm = {
enable = mkBoolOpt true "Whether or not to install Pnpm";
pkg = mkOpt package pkgs.nodePackages.pnpm "The NodeJS package to use";
};
flyctl = {
enable = mkBoolOpt true "Whether or not to install flyctl";
pkg = mkOpt package pkgs.flyctl "The flyctl package to use";
};
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs;
[ cfg.pkg ]
++ (lib.optional cfg.prettier.enable cfg.prettier.pkg)
++ (lib.optional cfg.yarn.enable cfg.yarn.pkg)
++ (lib.optional cfg.pnpm.enable cfg.pnpm.pkg)
++ (lib.optional cfg.flyctl.enable cfg.flyctl.pkg);
};
}

22
modules/darwin/tools/python/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ options, config, lib, pkgs, ... }:
with lib;
with lib.plusultra;
let cfg = config.plusultra.tools.python;
in
{
options.plusultra.tools.python = with types; {
enable = mkBoolOpt false "Whether or not to enable Python.";
};
config =
mkIf cfg.enable {
environment.systemPackages = with pkgs; [
(python311.withPackages (ps:
with ps; [
numpy
])
)
];
};
}

45
modules/darwin/user/default.nix Normal file
View file

@ -0,0 +1,45 @@
{ lib
, config
, pkgs
, ...
}:
let
inherit (lib) types mkIf mkDefault;
inherit (lib.plusultra) mkOpt;
cfg = config.plusultra.user;
is-linux = pkgs.stdenv.isLinux;
is-darwin = pkgs.stdenv.isDarwin;
in
{
options.plusultra.user = {
name = mkOpt types.str "harald" "The user account.";
fullName = mkOpt types.str "Harald Hoyer" "The full name of the user.";
email = mkOpt types.str "harald@hoyer.xyz" "The email of the user.";
uid = mkOpt (types.nullOr types.int) 501 "The uid for the user account.";
};
config = {
users.users.${cfg.name} = {
# NOTE: Setting the uid here is required for another
# module to evaluate successfully since it reads
# `users.users.${plusultra.user.name}.uid`.
uid = mkIf (cfg.uid != null) cfg.uid;
};
snowfallorg.users.${config.plusultra.user.name}.home.config = {
home = {
file = {
".profile".text = ''
# The default file limit is far too low and throws an error when rebuilding the system.
# See the original with: ulimit -Sa
ulimit -n 4096
'';
};
};
};
};
}

3
modules/home/cli-apps/home-manager/default.nix
View file

@ -18,12 +18,13 @@ in
BATDIFF_USE_DELTA = "true"; BATDIFF_USE_DELTA = "true";
}; };
/*
home.shellAliases = { home.shellAliases = {
cat = "${pkgs.bat}/bin/bat --decorations never"; cat = "${pkgs.bat}/bin/bat --decorations never";
less = ''${pkgs.bat}/bin/bat --decorations never --paging=always --pager "${pkgs.less}/bin/less -RF"''; less = ''${pkgs.bat}/bin/bat --decorations never --paging=always --pager "${pkgs.less}/bin/less -RF"'';
man = "${pkgs.bat-extras.batman}/bin/batman"; man = "${pkgs.bat-extras.batman}/bin/batman";
}; };
*/
home.packages = with pkgs; [ home.packages = with pkgs; [
vim vim
]; ];

7
modules/nixos/tools/git/default.nix
View file

@ -41,15 +41,14 @@ in
}; };
alias = { alias = {
co = "checkout"; co = "checkout";
ci = "commit"; ci = "commit --signoff";
}; };
pull.ff = "only"; pull.ff = "only";
core.pager = "${pkgs.delta}/bin/delta"; core.pager = "${pkgs.delta}/bin/delta";
delta = { delta = {
features = "side-by-side line-numbers decorations"; features = "decorations";
syntax-theme = "DarkNeon"; syntax-theme = "Dracula";
light = "false"; light = "false";
line-numbers = "false";
navigate = "true"; navigate = "true";
}; };
interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only"; interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";

17
systems/x86_64-darwin/mpro/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ lib, pkgs, ... }:
with lib.plusultra;
{
plusultra = {
suites = {
common = enabled;
development = enabled;
};
};
environment.systemPath = [
"/usr/local/Homebrew/bin"
];
system.stateVersion = 4;
}

2
systems/x86_64-linux/sgx/default.nix
View file

@ -21,7 +21,7 @@ with lib.plusultra;
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
virtualisation.podman.dockerCompat = false; virtualisation.podman.dockerCompat = false;
system.autoUpgrade = { system.autoUpgrade = {
enable = true; enable = true;
operation = "boot"; operation = "boot";