commit f4e2368893d85eea21841ad494e179e2a8661aae Author: Harald Hoyer Date: Thu Mar 21 15:00:36 2024 +0100 A new start diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..b5040d3 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +systems/x86_64-linux/mx/mailserver.nix text filter=rot8000 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a09c56d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/.idea diff --git a/.secrets/hetzner/internetbs.yaml b/.secrets/hetzner/internetbs.yaml new file mode 100644 index 0000000..887fd92 --- /dev/null +++ b/.secrets/hetzner/internetbs.yaml @@ -0,0 +1,30 @@ +internetbs: ENC[AES256_GCM,data:usJ/08NTnlLNcnzVyycFVe7VN2LS7gNkqQRltpTEKBHu8POjaNK2E7t0tuq3a+EcxkhxBsd7O8lw7fjFDh6ZPo7nfUQjvVQzbaI1JjMUOw==,iv:kJFbg9mt3EMSzrUWEzC4xK6ilAiRp+fktYUX+W6uwSM=,tag:tsE6qpyjA5d4egFM2IJzRA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHT3U4dmhTTmRGRnFxMmhQ + Lzc0RWdQaThYZDhtcHFTSHNPNS9pd2RKS0N3CnVlUmx0V3BCUHhkQ1d0Nlk3NGEw + bHM1YWQySEZVV3VjZUcwcE1TSW9scDgKLS0tIFNYbnJxVzA4d2dsQTRVVXhDdFUv + OS9xVXVUSTFmbStObGdLRUl5RWlGTk0Ki6/1TMHB/BfL53qDYvQwmW6xHes27Ni4 + exk+T9OlgKsHQfdRpu3t3TrdnFIJYmAJeuU6NNdlp18juNPp9kbBEg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUY2VCS1ZtWjc3VFFLSUhl + R2EzbE5SMWlWOXZhWmVuckFzVGR1aFp2aVQ0CllkemVFaFhwYzgxNFNlL3Z1QWRP + d0Rqb2FtYXI5T2ZzUjJIMXluUWwwdnMKLS0tIEQ4Yk1vRzVpZVF4blFxVkdIRGFl + ZmMxald2NU9HSE1ZOUN5R2twMXdmVGcKAXcUXemrleTxGxkMP+4mWh8uYwN1FTDc + cHbaln4DsDOqHtqqpJheTqN0mMOmkDvTCq2jbiKIkr2sruh49acIoA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-10-24T13:45:16Z" + mac: ENC[AES256_GCM,data:MOEFuQSx+SlXM7ajjQR6twCULem19A/hYKHBQhnLMb2V9o8SuYOvhmn8dz/UE558dnJt6eIB0rRKTItEbxNfyjvr6r2q+GPi7OM85ytLd0UuNPwcKUrqmlx5JPCRWt189U+qetbIDH7PXCawfccbLJmJWHBhFn+ZwqPbLs2wUnI=,iv:YUcEofcFTT8KgVVoQg/+bsCgBTdyGmmYLX7m1cqonhA=,tag:9oKLUS0eebRvC7UwEgkhew==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/.secrets/hetzner/postgres.yaml b/.secrets/hetzner/postgres.yaml new file mode 100644 index 0000000..502eb90 --- /dev/null +++ b/.secrets/hetzner/postgres.yaml @@ -0,0 +1,31 @@ +postgres: + gitea_dbpass: ENC[AES256_GCM,data:YdouHox7M6iTygteftGMB1W/hEWUchlZ+35ofgbI0xoYGt7QzVZyPKpO8cvcVNPTgdWk6B1zWlFw6JRhXv+ovg==,iv:0EkZGv8iQkq2fcyViCJy/Rj7n3w1BSuU5NiPw5sJhr0=,tag:z3Ff2dNzJBuBqyGiqoxZcg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBOUVxRXduVWhjNHdnZCtH + U0VLWE01VkJaWmNDUzE1bmorRDN5RWNwTnhJClRkcDNzb1U2MzZ3TDhXSnI4Z252 + a1A0dzQ5eUlScDhhYjl6WEdnYnlxUm8KLS0tIDczaXlvcDVwUzdQY1h6a01QM2p6 + T3FBVWJqaHQwVnIrNFVsWVBub2djMG8KsbZb43UkVe1Up0O15UTC/PdsEkwwOnVW + 9P4AGO097HfTLkAjKJHx5QYF02dJ+4xb6rgzUYt9Nr8h8+GD0xRAfQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdlhZbDhqamNGU2QrZDN5 + MlY5RFgrV3NJUk1PYWJLSnpCZjhiTUF5b0RrCmRHV0JnYlBmL2p0WE9UTzJUcVhK + dkhiYlJtYWtDN0lseHRCNTUzb252TmsKLS0tIGZKbjA3dkVwcnZNK2djV1BvSkJo + a09FM1ZqSWdsdytjdVFCanVldHVoWUUKyy/LXNd/vZLdgXYXfloFkNviaddvrazw + 4Z0bJ/fqGvRPlLkTUzZlhWKVXfZFGgo5nQSEvyphkIb6UCyd9VamnA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-10-24T14:02:40Z" + mac: ENC[AES256_GCM,data:7yikTQ7wsy13Hfwo5VKpUow8KW2/UYfzrWuA6Rp+21FglG3f7s6PLlrpMLooDPiaHxiPfc1fHg3u6UDcotyUljMZMQCCfvmLC1saALB6lFHEj3KoTa/NtgimYB2FeK92RcrU+EymmwZItmI/t1CuH8/qvXydWnO9zMWplMtW89Y=,iv:PEmElInahA5pPQvR9aatpKt+JhsKEtBPCPm926/59Uo=,tag:mflo6uSOh8SDKoC5JLHDIw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/.secrets/sgx/backup-s3.yaml b/.secrets/sgx/backup-s3.yaml new file mode 100644 index 0000000..448895a --- /dev/null +++ b/.secrets/sgx/backup-s3.yaml @@ -0,0 +1,31 @@ +backup-s3: ENC[AES256_GCM,data:gT5yQDC/nW7INa6e+BZOiR+Ky6SvU8hsRMvCoBDw8bOJT4yWlLkeYjoZOUSAdNaWyrNuypy72TUnq4+Udhrqd9YeneR7vj+UOSsNpDdqzVaTb0kTiL0lBT3RvXZ3QYVmSqYFnjrR,iv:VVQkDUuQwxHYFgOWueYIYq9M3WSIEYycdH+j+ibeS8w=,tag:wKe5kz0HxpZOW7GCw9rctg==,type:str] +backup-pw: ENC[AES256_GCM,data:JRgZXuO1eABr4fNmWJO/WgFLirEbGssLy+Lc29FWNFfBomDlr+73AFUcj1Ln8w92msuxubOY81jgEtG15PFX/g==,iv:4i6UyGYMJE4a2L4485ywlhZAE900wjVRia/X92Xr3Yg=,tag:d2oU6tSUwj3cdLJNmDHEEQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPRjFydkVQTXlCWEJCSjNl + Unk1ejJ3K0M4dFVNeFFHK1c4ZjhwTG93b1cwCnJkN3BQZE1Na3VyZkc5SU1PNVkv + b3hVNzNIRStnemZ2RUlxSDJxRWtGTDAKLS0tIGVmK0d0Y2twMTE0U0hoRmRVR2R0 + cjhYNlJZdG1QVzYyRzhoUm1wLzdGY1kK0QNSItqjmwLTxQaMEC1bYrtlpE8EGlHb + hkWADj/Qw8m7Hbi1YCL6YWalHfoHM80VlfGGV6oAH4KH7l2mykqfzQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNcHc0NXY1YVhiREJ6ZFBz + cGVqM2ZvZVBYSnlZZ00vS2ZjeUZHeEVrelJ3CnhQRWhWcFRHeUJrcE9OaU9sQ21n + bDJBdnMrRTRKdEtMcWpDQTdqc0R4dDAKLS0tIGZPeTdGOFBSMjhTOEk5TEVnS2tm + QVZ6UEU3eFBEZ2RBRFdMd0sraVl4Z2cKOxGZrvhamIKuYubd6xvHS5VgFuXw7i+x + JvB7Wuu1+GTKk3VM7n66tjZrcZId4W8N9kYtl7w/mE4l5Wg9zIK6ig== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-12-06T12:32:28Z" + mac: ENC[AES256_GCM,data:wkR3Z6WuR2h2MuA9vPwcr1Lw0xJrNRIa5REUYT8j4Fhxd+zLghzemp7CoSBxzYaVeD5xIS4FYYvjAxkAV9FZMMWznjkFI+RkBMvlA6O7cUrUtTwh7YJ4ZTfh0iNcihuBXH9XWA7Ku0C9SwGUjGj+uaKPW4JCaVaNxDg0VzdyFeg=,iv:BdI68VoQlPF+eT7FglGyMgtgUT+3okSp9KIZQsIZSZo=,tag:hzQ9I/WXdtqwYjQyeD9XcA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/.secrets/sgx/pccs.yaml b/.secrets/sgx/pccs.yaml new file mode 100644 index 0000000..be1c54c --- /dev/null +++ b/.secrets/sgx/pccs.yaml @@ -0,0 +1,30 @@ +pccs: ENC[AES256_GCM,data:gsew4gI/i9vGt0X9pKeGed1ItbKEwL/OuYi7W4kti421V2Lor5QGXWsfw89408mPBP68d1qI6Q5BIUvCJdw7c3NJRH/W5UMF7c5ZlVtwrPK2q2v98LiwoeZ1KRDVrGSrchqVw00PClWIKkvh69s7iD10G3Wm8Ctr8ownLVaJnPPn2GQBtX1KJFXz8ikqKf5dUw3aQh7RGxkoLjzgrMx+7jW/t3R9MnPB1eMIUrsXrC40WXuxPaFDRdgvkCZG3KY0RGxR9ndvdDixunYheeKCt8norFrE4GG5Zj9/SHL40JVOTp53lu2IqkroxvDCiANCvVmKiwhLBcPwblgJ8gB9/6+ofNZqKunnBsJ6HNQczqHWFG1p7YNXAkCeZF4R6+TGHEfCmtrzoV0sPPv43peQX5Ibp84iHggCHAaDvOMtDz6zdKFmNC08jqPVC393IkP5KeHDK3hyoa8sVm6PhqCDG5QR8NmySGoXDDdOx1aj0b0xUPHviEQbegn6LlwmXA==,iv:7m5Y0h6apbtOHufVnV/uoK3sEzj5mPvk4eHd1/XCpKs=,tag:K4JmlbXlFzQHlJSYoFasww==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3VXloZWZoWFpPcm9KMnJp + c00vZDM3d01PWXpnVy9tb3NXZkZ0a0JlaVhVCmx6dXZwaUNWY3FzbTdBMlJNTEVB + MlNHa1Q3VmlrUnhNSlpFYmc4Qm5mNFkKLS0tIHlzY2VMVXBZYW9kaUdRakZUNlk3 + SXBoeEZxNktZSDc3aUh2b2g2OXpZQ3cKLNHjYAAHR5LwoSKfaFT8eLJxYNmk/f1S + xNaGpR+sS/6xNSHtkz2w++crcPa/mt9qlQja1kLSGB3PFURSqfUjRQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2anNCTitMRzh0dmt3M1pa + REs5SmhJdExtS2lubXd3ZzY0OGxrTEtnVnlJCmRQNTQ1Rnh6aVpVdTZyYzl4aGJY + OVFiMHNTR090UkRqWDAxS0wwMEhDREkKLS0tIHVDU1A3Y3dKZGh6YlVud3FWNDJj + NW1jNlNVd2cwYXZyY3ZZQTJPM3ZRUlEK8/MXSxDhEo/P2NlZT8IrgwuWRAM/75XA + vrnlknbGJI9bto7O5j77O4OKSuniGat1/ZA5xG/o8YhumSbDtk5ZTA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-12-06T11:31:45Z" + mac: ENC[AES256_GCM,data:5nHxMRjWM8OQ1eyU5KtaC7m74Ss/L4/FF5Bn/zKCfX/x0GS/Q01lwGmHk/4Loyj66pt8wJCtK8mzL67RKPARAiX/9BS9pENYgfRwRk4cEmo/OdjSTOKkr7BO8Q9vAd1beMbDkX1pY/MJpmqvsYdK1yd5yNioAh8IC/PvSh2wu7s=,iv:a7cM8dpm+LMUysaQRT6odCChuLPM1biPHQOFTilH1o8=,tag:f330s/P+rlFVgr0CMc5Jjg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/.secrets/t15/backup-s3.yaml b/.secrets/t15/backup-s3.yaml new file mode 100644 index 0000000..ccf1a76 --- /dev/null +++ b/.secrets/t15/backup-s3.yaml @@ -0,0 +1,31 @@ +backup-s3: ENC[AES256_GCM,data:VsEBUFu2QekSxaBTik4pfnmDKmW68x/R0H90sRVPLyup3MRs0PBk7Qk0hCJGbxzShjlLYcDQcHe0nHyhqmrbNz9U9/cu7hyOKa9QKZvvBcpGApfd8ngdgNnrNdQs4X8No/l66T3w,iv:ylNxJncjVQ6EamgMYbbsoDOcjSocZDV/C/lZTnoX4x0=,tag:SPMFr9cOKyuDhSZaXoUuTg==,type:str] +backup-pw: ENC[AES256_GCM,data:9hF0rxhktvZ/WSY3/AypZ4FBv0c8Ny2XGKXR647LkAbxWgGsP9iMBMOse/RT/ysgBoOvew2i8/8BPt8xtaMHhw==,iv:H/skkAgZOQCKQZ1a8MnuiFDjsNYlfZafbmYxH38EIv4=,tag:Zs231HOXzxCP2KsLgD7rew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBheng3clhCbklBZkM3RTdI + Sm5ld1Y4R3VEdjFLV0hMMVNWVXFKK21vRG5nClptb1ZXckQ1YmJQVSt2VVNFOFVq + RUo0ait0eWl6dXBwd3UzUjNBTWNDZzAKLS0tIGlwSnhpTTFIRUVNVUxnNWxnNTlh + VW5ka2c1dzFBSFFqaHJKWXBUL0RBbTgKwdvyBXOa8B2K1VezacEuO0sYX2ApzGt6 + JUHUiIOTEWL703FGnkv+hRAtItePYHXmmotpysc1bA25F8Pl4obrqA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5ODhLMzNqVm9DMTJ4Sm1p + bXNZMTZreUNPUVdCelJyWGhlUGVYai9hOFVnCkIzM1Vrcjd4YVJhM1hKQ200b3FT + cDJyK3FqTGNHSEtKc3U4bVltS252WEEKLS0tIHViSXB6a1dHZlQrbjB4N2FEcjhh + YktVSFdCempHOTVvL1kxbG44c1RpejAKSMeyP6ayLajIvDKGcG7s5JwIvVXiKaFU + VDDj3eTOEKNBZYCyOoq4IA82G8AvRWaacefAgqBk5dE25LbD2xYHLg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-12-18T13:32:35Z" + mac: ENC[AES256_GCM,data:c4Jum1uWOOsYORM5c3Woo/rjKII4femGBDfc4YPxl8BSKR9oo6Z9R+88lO5egrxT7CoKdJz+izuPgT2EjU7C4OvQ+7aDwpMV2X/lHgvB54V5Lq6I+lLKL5gXG8lt1Bm2YcDrFIWsa+RfInwO9S8yBjkCVbdTnOZZGwNlAYrI31o=,iv:dGK1WmLKryXpjEHvmFXkXYOESTLOIS6ovaunlreVhmI=,tag:W88dYlb2cJ61m7JWYJQIJA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..7449b04 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,21 @@ +keys: + - &server_hetzner age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy + - &server_sgx age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3 + - &server_t15 age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4 + - &harald age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l +creation_rules: + - path_regex: .secrets/hetzner/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *server_hetzner + - *harald + - path_regex: .secrets/sgx/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *server_sgx + - *harald + - path_regex: .secrets/t15/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *server_t15 + - *harald diff --git a/README.md b/README.md new file mode 100644 index 0000000..7543ad0 --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ +Install system via nixos-anywhere + +```bash +❯ nix run github:numtide/nixos-anywhere -- \ + --flake 'git+https://git.hoyer.xyz/harald/nixcfg'.#hostname \ + root@hostname --no-reboot --tty -i $HOME/.ssh/id_ed25519 +... enter disk password +❯ ssh -t root@hostname systemd-cryptenroll /dev/luksdev --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=1,15 +``` + +nixos-rebuild remote git flake + +```bash +❯ sudo nixos-rebuild boot --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg +``` + +home-manager remote git flake + +```bash +❯ nix --refresh run 'git+https://git.hoyer.xyz/harald/nixcfg' -- \ + switch -b backup --flake 'git+https://git.hoyer.xyz/harald/nixcfg' +``` + +`command-not-found` unable to open database + +```bash +❯ sudo nix-channel --update +``` diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..cb96378 --- /dev/null +++ b/flake.lock @@ -0,0 +1,2738 @@ +{ + "nodes": { + "alpha-nvim": { + "flake": false, + "locked": { + "lastModified": 1689470865, + "narHash": "sha256-wgjYus4XlJ0GoQWTo5gf7yyKYhseOXKOqUXEiwXpEJQ=", + "owner": "goolord", + "repo": "alpha-nvim", + "rev": "e4fc5e29b731bdf55d204c5c6a11dc3be70f3b65", + "type": "github" + }, + "original": { + "owner": "goolord", + "repo": "alpha-nvim", + "type": "github" + } + }, + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, + "bufdelete-nvim": { + "flake": false, + "locked": { + "lastModified": 1688027130, + "narHash": "sha256-UubYRfRAXZ89WOc3QFMvAMjNjLW6bV4nDgSa1CRZkIM=", + "owner": "famiu", + "repo": "bufdelete.nvim", + "rev": "07d1f8ba79dec59d42b975a4df1c732b2e4e37b4", + "type": "github" + }, + "original": { + "owner": "famiu", + "repo": "bufdelete.nvim", + "type": "github" + } + }, + "catppuccin": { + "flake": false, + "locked": { + "lastModified": 1700667946, + "narHash": "sha256-TBOaD7A8/c/sg78C1hUpPDuIrrQkSUQR1KgHiDb6jxs=", + "owner": "catppuccin", + "repo": "nvim", + "rev": "a2107df4379d66e72a36a89792603151cebec1bf", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nvim", + "type": "github" + } + }, + "ccc": { + "flake": false, + "locked": { + "lastModified": 1686587775, + "narHash": "sha256-T1ryyTdbU/335MpD184PSnBLgj4S2Kzf9hZnwc9to+I=", + "owner": "uga-rosa", + "repo": "ccc.nvim", + "rev": "4a0ddaf787cc82796e84ab8a7f70d086f250aeb6", + "type": "github" + }, + "original": { + "owner": "uga-rosa", + "repo": "ccc.nvim", + "type": "github" + } + }, + "cellular-automaton": { + "flake": false, + "locked": { + "lastModified": 1674679594, + "narHash": "sha256-h4KQCf8+GbxWSyZzDny07YFZm7j+aSSfm51lsaK0Ers=", + "owner": "Eandrju", + "repo": "cellular-automaton.nvim", + "rev": "679943b8e1e5ef79aaeeaf4b00782c52eb4e928f", + "type": "github" + }, + "original": { + "owner": "Eandrju", + "repo": "cellular-automaton.nvim", + "type": "github" + } + }, + "cheatsheet-nvim": { + "flake": false, + "locked": { + "lastModified": 1640255456, + "narHash": "sha256-TYkGB7cON2t4GwMaR9H1MDG2j3btBv2AR37ade8kqTY=", + "owner": "sudormrfbin", + "repo": "cheatsheet.nvim", + "rev": "9716f9aaa94dd1fd6ce59b5aae0e5f25e2a463ef", + "type": "github" + }, + "original": { + "owner": "sudormrfbin", + "repo": "cheatsheet.nvim", + "type": "github" + } + }, + "cinnamon-nvim": { + "flake": false, + "locked": { + "lastModified": 1670143364, + "narHash": "sha256-JglXQhoPgN9sQ3yuv0+VQxmKMvoQTu5lbGLSRaQkytI=", + "owner": "declancm", + "repo": "cinnamon.nvim", + "rev": "c406ffda3a0302f32c23b24ab756ea20467d6578", + "type": "github" + }, + "original": { + "owner": "declancm", + "repo": "cinnamon.nvim", + "type": "github" + } + }, + "cmp-buffer": { + "flake": false, + "locked": { + "lastModified": 1660101488, + "narHash": "sha256-dG4U7MtnXThoa/PD+qFtCt76MQ14V1wX8GMYcvxEnbM=", + "owner": "hrsh7th", + "repo": "cmp-buffer", + "rev": "3022dbc9166796b644a841a02de8dd1cc1d311fa", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-buffer", + "type": "github" + } + }, + "cmp-nvim-lsp": { + "flake": false, + "locked": { + "lastModified": 1687494203, + "narHash": "sha256-mU0soCz79erJXMMqD/FyrJZ0mu2n6fE0deymPzQlxts=", + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "rev": "44b16d11215dce86f253ce0c30949813c0a90765", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-nvim-lsp", + "type": "github" + } + }, + "cmp-path": { + "flake": false, + "locked": { + "lastModified": 1664784283, + "narHash": "sha256-thppiiV3wjIaZnAXmsh7j3DUc6ceSCvGzviwFUnoPaI=", + "owner": "hrsh7th", + "repo": "cmp-path", + "rev": "91ff86cd9c29299a64f968ebb45846c485725f23", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-path", + "type": "github" + } + }, + "cmp-treesitter": { + "flake": false, + "locked": { + "lastModified": 1680745848, + "narHash": "sha256-WOcg6w4M20gpMCZjZ3DpPIA55SGLjV75fhckefiVfU0=", + "owner": "ray-x", + "repo": "cmp-treesitter", + "rev": "389eadd48c27aa6dc0e6b992644704f026802a2e", + "type": "github" + }, + "original": { + "owner": "ray-x", + "repo": "cmp-treesitter", + "type": "github" + } + }, + "cmp-vsnip": { + "flake": false, + "locked": { + "lastModified": 1669100283, + "narHash": "sha256-2mkN03noOr5vBvRbSb35xZKorSH+8savQNZtgM9+QcM=", + "owner": "hrsh7th", + "repo": "cmp-vsnip", + "rev": "989a8a73c44e926199bfd05fa7a516d51f2d2752", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "cmp-vsnip", + "type": "github" + } + }, + "codewindow-nvim": { + "flake": false, + "locked": { + "lastModified": 1690128662, + "narHash": "sha256-7ntC06PhxfuKnGyXpiW4juP3fWR97DH3Gygwvscv3OY=", + "owner": "gorbit99", + "repo": "codewindow.nvim", + "rev": "11fb5520898d22a563fe6a124a61c0d2887f3d3f", + "type": "github" + }, + "original": { + "owner": "gorbit99", + "repo": "codewindow.nvim", + "type": "github" + } + }, + "comment-nvim": { + "flake": false, + "locked": { + "lastModified": 1686546603, + "narHash": "sha256-XM9yhp+SGxfAOdN/eDunzM0TMoCJhVth3wpFKNCGf3g=", + "owner": "numToStr", + "repo": "Comment.nvim", + "rev": "176e85eeb63f1a5970d6b88f1725039d85ca0055", + "type": "github" + }, + "original": { + "owner": "numToStr", + "repo": "Comment.nvim", + "type": "github" + } + }, + "copilot-cmp": { + "flake": false, + "locked": { + "lastModified": 1683831407, + "narHash": "sha256-+MzEGnhlrYRvAfskOwmw69OC1CsPXt7s3z+xPe9XPqs=", + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "rev": "c2cdb3c0f5078b0619055af192295830a7987790", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot-cmp", + "type": "github" + } + }, + "copilot-lua": { + "flake": false, + "locked": { + "lastModified": 1688190439, + "narHash": "sha256-lD9FdbKKZ6d/BjIfqp0Ust2hqSYNLpCFWxuaKUO9qLs=", + "owner": "zbirenbaum", + "repo": "copilot.lua", + "rev": "e48bd7020a98be217d85c006a298656294fd6210", + "type": "github" + }, + "original": { + "owner": "zbirenbaum", + "repo": "copilot.lua", + "type": "github" + } + }, + "crane": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "rust-overlay": [ + "lanzaboote", + "rust-overlay" + ] + }, + "locked": { + "lastModified": 1681177078, + "narHash": "sha256-ZNIjBDou2GOabcpctiQykEQVkI8BDwk7TyvlWlI4myE=", + "owner": "ipetkov", + "repo": "crane", + "rev": "0c9f468ff00576577d83f5019a66c557ede5acf6", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crates-nvim": { + "flake": false, + "locked": { + "lastModified": 1688295570, + "narHash": "sha256-ah+fTmzkZn+xuL3sG2RxlCtDiFsRv3SY1iJzYKMIaMg=", + "owner": "Saecki", + "repo": "crates.nvim", + "rev": "4ce7c51b881e58f1e2f8f437f30e4e583cbac319", + "type": "github" + }, + "original": { + "owner": "Saecki", + "repo": "crates.nvim", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1710717205, + "narHash": "sha256-Wf3gHh5uV6W1TV/A8X8QJf99a5ypDSugY4sNtdJDe0A=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "bcc8afd06e237df060c85bad6af7128e05fd61a3", + "type": "github" + }, + "original": { + "owner": "lnl7", + "repo": "nix-darwin", + "type": "github" + } + }, + "dashboard-nvim": { + "flake": false, + "locked": { + "lastModified": 1690351087, + "narHash": "sha256-aVMugjgA9lnORUVDBpa8G800Ev86htP4hDGrBq6Sw6s=", + "owner": "glepnir", + "repo": "dashboard-nvim", + "rev": "c17d3210b3dec8798b4fc82a11c542989251f85d", + "type": "github" + }, + "original": { + "owner": "glepnir", + "repo": "dashboard-nvim", + "type": "github" + } + }, + "diffview-nvim": { + "flake": false, + "locked": { + "lastModified": 1689788060, + "narHash": "sha256-0tsgwI/qZm8Gj3NyN9CA+YHf3qim7vGXI+vbEcFBKbQ=", + "owner": "sindrets", + "repo": "diffview.nvim", + "rev": "e91110d2a7f8e2f667666aba6ea089ff823f8748", + "type": "github" + }, + "original": { + "owner": "sindrets", + "repo": "diffview.nvim", + "type": "github" + } + }, + "dirt-samples-src": { + "flake": false, + "locked": { + "lastModified": 1588278411, + "narHash": "sha256-h8vQxRym6QzNLOTZU7A43VCHuG0H77l+BFwXnC0L1CE=", + "owner": "tidalcycles", + "repo": "dirt-samples", + "rev": "66d432418c9a7d82cf049d9246adfa62f46df2a6", + "type": "github" + }, + "original": { + "owner": "tidalcycles", + "ref": "master", + "repo": "dirt-samples", + "type": "github" + } + }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1710724748, + "narHash": "sha256-aXlifKr6Brg0SBUBgRNEBaZf3JLUeGhM9BX2gam+vvo=", + "owner": "nix-community", + "repo": "disko", + "rev": "c09c3a9639690f94ddff44c3dd25c85602e5aeb2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "dracula": { + "flake": false, + "locked": { + "lastModified": 1690594744, + "narHash": "sha256-gblqxRTphGBpEOx57/4oU/B50O0OguIm1bFtd4LXuQ4=", + "owner": "Mofiqul", + "repo": "dracula.nvim", + "rev": "9fe831e685a76e1a1898a694623b33247c4d036c", + "type": "github" + }, + "original": { + "owner": "Mofiqul", + "repo": "dracula.nvim", + "type": "github" + } + }, + "dressing-nvim": { + "flake": false, + "locked": { + "lastModified": 1690648598, + "narHash": "sha256-hndRErSXhX1BHM90nuhiZkgHwkclLEMv5vtF+GDzUP4=", + "owner": "stevearc", + "repo": "dressing.nvim", + "rev": "829bc80400651aea31b03d8fc9a99135512fe67a", + "type": "github" + }, + "original": { + "owner": "stevearc", + "repo": "dressing.nvim", + "type": "github" + } + }, + "elixir-ls": { + "flake": false, + "locked": { + "lastModified": 1690526097, + "narHash": "sha256-lR1xsOJhz0W/Z3E2EUWujpUvpgUkLLDr0E6Ao31zi8s=", + "owner": "elixir-lsp", + "repo": "elixir-ls", + "rev": "216ff0e2969c2bbe45d324c4d6a5f08e6b681f5e", + "type": "github" + }, + "original": { + "owner": "elixir-lsp", + "repo": "elixir-ls", + "type": "github" + } + }, + "elixir-tools": { + "flake": false, + "locked": { + "lastModified": 1690555653, + "narHash": "sha256-7wDEChXTUGp8ONT6jufIJp05vawzo4AXg35ELNLvysA=", + "owner": "elixir-tools", + "repo": "elixir-tools.nvim", + "rev": "883933b57c9150c71ad2b99a4080685d83e095b8", + "type": "github" + }, + "original": { + "owner": "elixir-tools", + "repo": "elixir-tools.nvim", + "type": "github" + } + }, + "fidget-nvim": { + "flake": false, + "locked": { + "lastModified": 1686378433, + "narHash": "sha256-N3O/AvsD6Ckd62kDEN4z/K5A3SZNR15DnQeZhH6/Rr0=", + "owner": "j-hui", + "repo": "fidget.nvim", + "rev": "90c22e47be057562ee9566bad313ad42d622c1d3", + "type": "github" + }, + "original": { + "owner": "j-hui", + "ref": "legacy", + "repo": "fidget.nvim", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1680392223, + "narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1688466019, + "narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils-plus": { + "inputs": { + "flake-utils": "flake-utils_4" + }, + "locked": { + "lastModified": 1696331477, + "narHash": "sha256-YkbRa/1wQWdWkVJ01JvV+75KIdM37UErqKgTf0L54Fk=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "bfc53579db89de750b25b0c5e7af299e0c06d7d3", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "type": "github" + } + }, + "flake-utils-plus_2": { + "inputs": { + "flake-utils": "flake-utils_5" + }, + "locked": { + "lastModified": 1696331477, + "narHash": "sha256-YkbRa/1wQWdWkVJ01JvV+75KIdM37UErqKgTf0L54Fk=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "bfc53579db89de750b25b0c5e7af299e0c06d7d3", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flutter-tools": { + "flake": false, + "locked": { + "lastModified": 1690188839, + "narHash": "sha256-h8s5g6KU7dMesDqiwzv2MmUGk6jlU5lBnuVA3LaoI1g=", + "owner": "akinsho", + "repo": "flutter-tools.nvim", + "rev": "561d85b16d8ca2938820a9c26b2fe74096d89c81", + "type": "github" + }, + "original": { + "owner": "akinsho", + "repo": "flutter-tools.nvim", + "type": "github" + } + }, + "gesture-nvim": { + "flake": false, + "locked": { + "lastModified": 1687655077, + "narHash": "sha256-ps/dAKIga2ZVunwj+KU/Iej4PGZbBvm5ZzcK30EiKMc=", + "owner": "notomo", + "repo": "gesture.nvim", + "rev": "aa273e7982943ac6ccf6b864f3fd40ad287a9fe2", + "type": "github" + }, + "original": { + "owner": "notomo", + "repo": "gesture.nvim", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitsigns-nvim": { + "flake": false, + "locked": { + "lastModified": 1690463120, + "narHash": "sha256-kraK0GP5aLGbh1eVZCm41D6BztjFxthSXGnE5CxhrZs=", + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "rev": "5d73da785a3c05fd63ac31769079db05169a6ec7", + "type": "github" + }, + "original": { + "owner": "lewis6991", + "repo": "gitsigns.nvim", + "type": "github" + } + }, + "glow-nvim": { + "flake": false, + "locked": { + "lastModified": 1690579937, + "narHash": "sha256-ZDlQfSJHq9CbOpTDgmIoMq4gDzHxoUslFfN5XKtrDtM=", + "owner": "ellisonleao", + "repo": "glow.nvim", + "rev": "8942dfb05794f436af4fbc90a34393f1fd36f361", + "type": "github" + }, + "original": { + "owner": "ellisonleao", + "repo": "glow.nvim", + "type": "github" + } + }, + "highlight-undo": { + "flake": false, + "locked": { + "lastModified": 1695227852, + "narHash": "sha256-I1AwVYqpJNA3K1AwGy/VgPnbrYvX19qfI9bQFZNu1SU=", + "owner": "tzachar", + "repo": "highlight-undo.nvim", + "rev": "50a6884a8476be04ecce8f1c4ed692c5000ef0a1", + "type": "github" + }, + "original": { + "owner": "tzachar", + "repo": "highlight-undo.nvim", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1710888565, + "narHash": "sha256-s9Hi4RHhc6yut4EcYD50sZWRDKsugBJHSbON8KFwoTw=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "f33900124c23c4eca5831b9b5eb32ea5894375ce", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-23.11", + "repo": "home-manager", + "type": "github" + } + }, + "hop-nvim": { + "flake": false, + "locked": { + "lastModified": 1684332066, + "narHash": "sha256-xdjFbdp0+S3pVdwcOFmad8PMUU033WeDzswOSdxSQjg=", + "owner": "phaazon", + "repo": "hop.nvim", + "rev": "03f0434869f1f38868618198b5f4f2ab6d39aef2", + "type": "github" + }, + "original": { + "owner": "phaazon", + "repo": "hop.nvim", + "type": "github" + } + }, + "icon-picker-nvim": { + "flake": false, + "locked": { + "lastModified": 1683205244, + "narHash": "sha256-/oi2Kj7GDXzN3ccPoxyxXtQTYSxtZndgELZa2XgZ3U8=", + "owner": "ziontee113", + "repo": "icon-picker.nvim", + "rev": "e6dca182518eeb7a51470c13605a5bce08a816e4", + "type": "github" + }, + "original": { + "owner": "ziontee113", + "repo": "icon-picker.nvim", + "type": "github" + } + }, + "indent-blankline": { + "flake": false, + "locked": { + "lastModified": 1697081010, + "narHash": "sha256-e8gn4pJYALaQ6sGA66SFf8p6VLJBPxT/BimQhOd5eBs=", + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "rev": "0fe34b4c1b926e106d105d3ae88ef6cbf6743572", + "type": "github" + }, + "original": { + "owner": "lukas-reineke", + "repo": "indent-blankline.nvim", + "type": "github" + } + }, + "kommentary": { + "flake": false, + "locked": { + "lastModified": 1672983049, + "narHash": "sha256-N4n5tjNB1yX/QxH+t5aG0VxNwZhUJejv0b5V62WEKDU=", + "owner": "b3nj5m1n", + "repo": "kommentary", + "rev": "3a80117148c6798972bb69414423311ab151d368", + "type": "github" + }, + "original": { + "owner": "b3nj5m1n", + "repo": "kommentary", + "type": "github" + } + }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1682802423, + "narHash": "sha256-Fb5TeRTdvUlo/5Yi2d+FC8a6KoRLk2h1VE0/peMhWPs=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "64b903ca87d18cef2752c19c098af275c6e51d63", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "v0.3.0", + "repo": "lanzaboote", + "type": "github" + } + }, + "leap-nvim": { + "flake": false, + "locked": { + "lastModified": 1690120911, + "narHash": "sha256-9GFZ5CuR92kFGwh/ouqSSp14eOLZLpzpoFTEuYL7biQ=", + "owner": "ggandor", + "repo": "leap.nvim", + "rev": "5efe985cf68fac3b6a6dfe7a75fbfaca8db2af9c", + "type": "github" + }, + "original": { + "owner": "ggandor", + "repo": "leap.nvim", + "type": "github" + } + }, + "lsp-lines": { + "flake": false, + "locked": { + "lastModified": 1684163755, + "narHash": "sha256-Zhf2xitLWtE+dWqhvWtLM1K1WdtBvkqqoRLSYIO42oY=", + "owner": "~whynothugo", + "repo": "lsp_lines.nvim", + "rev": "f53af96d4789eef39a082dbcce078d2bfc384ece", + "type": "sourcehut" + }, + "original": { + "owner": "~whynothugo", + "repo": "lsp_lines.nvim", + "type": "sourcehut" + } + }, + "lsp-signature": { + "flake": false, + "locked": { + "lastModified": 1690267930, + "narHash": "sha256-qvcs0KuO2/NdtiTZIxJ2vrwV0I5PjzjMvoAePPasaJM=", + "owner": "ray-x", + "repo": "lsp_signature.nvim", + "rev": "58d4e810801da74c29313da86075d6aea537501f", + "type": "github" + }, + "original": { + "owner": "ray-x", + "repo": "lsp_signature.nvim", + "type": "github" + } + }, + "lspkind": { + "flake": false, + "locked": { + "lastModified": 1683275543, + "narHash": "sha256-S+qZm51hw/cRujIfHV/1x1fYyCKI4XQ0utSL8uy4l6I=", + "owner": "onsails", + "repo": "lspkind-nvim", + "rev": "57610d5ab560c073c465d6faf0c19f200cb67e6e", + "type": "github" + }, + "original": { + "owner": "onsails", + "repo": "lspkind-nvim", + "type": "github" + } + }, + "lspsaga": { + "flake": false, + "locked": { + "lastModified": 1670360222, + "narHash": "sha256-7ENInq3LAPPTdm0Fb7klOc630j8m4LRj1kLZZFYLh68=", + "owner": "tami5", + "repo": "lspsaga.nvim", + "rev": "5faeec9f2508d2d49a66c0ac0d191096b4e3fa81", + "type": "github" + }, + "original": { + "owner": "tami5", + "repo": "lspsaga.nvim", + "type": "github" + } + }, + "lualine": { + "flake": false, + "locked": { + "lastModified": 1683213422, + "narHash": "sha256-ltHE8UIquGo07BSlFGM1l3wmTNN43i8kx6QY7Fj2CNo=", + "owner": "hoob3rt", + "repo": "lualine.nvim", + "rev": "05d78e9fd0cdfb4545974a5aa14b1be95a86e9c9", + "type": "github" + }, + "original": { + "owner": "hoob3rt", + "repo": "lualine.nvim", + "type": "github" + } + }, + "mind-nvim": { + "flake": false, + "locked": { + "lastModified": 1679526071, + "narHash": "sha256-JIhAhQYGLLRucwlhzfckQYU5qjqbHtNH52JlGS5a79w=", + "owner": "phaazon", + "repo": "mind.nvim", + "rev": "002137dd7cf97865ebd01b6a260209d2daf2da66", + "type": "github" + }, + "original": { + "owner": "phaazon", + "repo": "mind.nvim", + "type": "github" + } + }, + "minimap-vim": { + "flake": false, + "locked": { + "lastModified": 1690301768, + "narHash": "sha256-yRWZH9caSxrWjUXlM84fU90tZjNfX97m0m491ZsIHxA=", + "owner": "wfxr", + "repo": "minimap.vim", + "rev": "74573b63b9ef0583262b6bf6ef209eb7f3b06b94", + "type": "github" + }, + "original": { + "owner": "wfxr", + "repo": "minimap.vim", + "type": "github" + } + }, + "modes-nvim": { + "flake": false, + "locked": { + "lastModified": 1682778003, + "narHash": "sha256-qrGgraBdAvIc6AXqMMWESlOV29lM5zC1du1r5L2kpQQ=", + "owner": "mvllow", + "repo": "modes.nvim", + "rev": "4d97a51ebbdb649b85f6d79da0009fddd7081a6b", + "type": "github" + }, + "original": { + "owner": "mvllow", + "repo": "modes.nvim", + "type": "github" + } + }, + "naersk": { + "inputs": { + "nixpkgs": [ + "neovim-flake", + "rnix-lsp", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1655042882, + "narHash": "sha256-9BX8Fuez5YJlN7cdPO63InoyBy7dm3VlJkkmTt6fS1A=", + "owner": "nix-community", + "repo": "naersk", + "rev": "cddffb5aa211f50c4b8750adbec0bbbdfb26bb9f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "neodev-nvim": { + "flake": false, + "locked": { + "lastModified": 1695449121, + "narHash": "sha256-WisbNLKEz0IgO7gLDA2quNzK69hJaHzmvWkZSUPQb6k=", + "owner": "folke", + "repo": "neodev.nvim", + "rev": "c8e126393a34939fb448d48eeddb510971739e3a", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "neodev.nvim", + "type": "github" + } + }, + "neovim-flake": { + "inputs": { + "alpha-nvim": "alpha-nvim", + "bufdelete-nvim": "bufdelete-nvim", + "catppuccin": "catppuccin", + "ccc": "ccc", + "cellular-automaton": "cellular-automaton", + "cheatsheet-nvim": "cheatsheet-nvim", + "cinnamon-nvim": "cinnamon-nvim", + "cmp-buffer": "cmp-buffer", + "cmp-nvim-lsp": "cmp-nvim-lsp", + "cmp-path": "cmp-path", + "cmp-treesitter": "cmp-treesitter", + "cmp-vsnip": "cmp-vsnip", + "codewindow-nvim": "codewindow-nvim", + "comment-nvim": "comment-nvim", + "copilot-cmp": "copilot-cmp", + "copilot-lua": "copilot-lua", + "crates-nvim": "crates-nvim", + "dashboard-nvim": "dashboard-nvim", + "diffview-nvim": "diffview-nvim", + "dracula": "dracula", + "dressing-nvim": "dressing-nvim", + "elixir-ls": "elixir-ls", + "elixir-tools": "elixir-tools", + "fidget-nvim": "fidget-nvim", + "flake-parts": "flake-parts_2", + "flake-utils": "flake-utils_2", + "flutter-tools": "flutter-tools", + "gesture-nvim": "gesture-nvim", + "gitsigns-nvim": "gitsigns-nvim", + "glow-nvim": "glow-nvim", + "highlight-undo": "highlight-undo", + "hop-nvim": "hop-nvim", + "icon-picker-nvim": "icon-picker-nvim", + "indent-blankline": "indent-blankline", + "kommentary": "kommentary", + "leap-nvim": "leap-nvim", + "lsp-lines": "lsp-lines", + "lsp-signature": "lsp-signature", + "lspkind": "lspkind", + "lspsaga": "lspsaga", + "lualine": "lualine", + "mind-nvim": "mind-nvim", + "minimap-vim": "minimap-vim", + "modes-nvim": "modes-nvim", + "neodev-nvim": "neodev-nvim", + "nil": "nil", + "nixpkgs": [ + "nixpkgs" + ], + "nmd": "nmd", + "noice-nvim": "noice-nvim", + "none-ls": "none-ls", + "nui-nvim": "nui-nvim", + "nvim-autopairs": "nvim-autopairs", + "nvim-bufferline-lua": "nvim-bufferline-lua", + "nvim-cmp": "nvim-cmp", + "nvim-code-action-menu": "nvim-code-action-menu", + "nvim-colorizer-lua": "nvim-colorizer-lua", + "nvim-compe": "nvim-compe", + "nvim-cursorline": "nvim-cursorline", + "nvim-dap": "nvim-dap", + "nvim-dap-ui": "nvim-dap-ui", + "nvim-docs-view": "nvim-docs-view", + "nvim-lightbulb": "nvim-lightbulb", + "nvim-lspconfig": "nvim-lspconfig", + "nvim-navbuddy": "nvim-navbuddy", + "nvim-navic": "nvim-navic", + "nvim-neoclip": "nvim-neoclip", + "nvim-notify": "nvim-notify", + "nvim-session-manager": "nvim-session-manager", + "nvim-surround": "nvim-surround", + "nvim-tree-lua": "nvim-tree-lua", + "nvim-treesitter-context": "nvim-treesitter-context", + "nvim-ts-autotag": "nvim-ts-autotag", + "nvim-web-devicons": "nvim-web-devicons", + "obsidian-nvim": "obsidian-nvim", + "onedark": "onedark", + "orgmode-nvim": "orgmode-nvim", + "oxocarbon": "oxocarbon", + "plenary-nvim": "plenary-nvim", + "presence-nvim": "presence-nvim", + "project-nvim": "project-nvim", + "registers": "registers", + "rnix-lsp": "rnix-lsp", + "rust-tools": "rust-tools", + "scrollbar-nvim": "scrollbar-nvim", + "smartcolumn": "smartcolumn", + "sqls-nvim": "sqls-nvim", + "systems": "systems_3", + "tabular": "tabular", + "telescope": "telescope", + "tidalcycles": "tidalcycles", + "todo-comments": "todo-comments", + "toggleterm-nvim": "toggleterm-nvim", + "tokyonight": "tokyonight", + "trouble": "trouble", + "vim-dirtytalk": "vim-dirtytalk", + "vim-illuminate": "vim-illuminate", + "vim-markdown": "vim-markdown", + "vim-repeat": "vim-repeat", + "vim-startify": "vim-startify", + "vim-vsnip": "vim-vsnip", + "which-key": "which-key", + "zig": "zig" + }, + "locked": { + "lastModified": 1700843779, + "narHash": "sha256-hEc9YWsUYAAHUz8tLHwIBvFfJbSD49rpvMBMC9HS7g4=", + "owner": "notashelf", + "repo": "neovim-flake", + "rev": "712b8a8e934ddbb41678b82b19c67ff9155619ff", + "type": "github" + }, + "original": { + "owner": "notashelf", + "ref": "v0.5", + "repo": "neovim-flake", + "type": "github" + } + }, + "nil": { + "inputs": { + "flake-utils": [ + "neovim-flake", + "flake-utils" + ], + "nixpkgs": [ + "neovim-flake", + "nixpkgs" + ], + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1699423608, + "narHash": "sha256-WEVUgivm5DCziwZqiXRPeoD3FQTXW38ExKrZjvMveqE=", + "owner": "oxalica", + "repo": "nil", + "rev": "5607d429016d6f9a72843b07127fad23ea9d661f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "nil", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1656753965, + "narHash": "sha256-BCrB3l0qpJokOnIVc3g2lHiGhnjUi0MoXiw6t1o8H1E=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "0ea7a8f1b939d74e5df8af9a8f7342097cdf69eb", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-23_05": { + "locked": { + "lastModified": 1704290814, + "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, + "nixpkgs-23_11": { + "locked": { + "lastModified": 1706098335, + "narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a77ab169a83a4175169d78684ddd2e54486ac651", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.11", + "type": "indirect" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1688049487, + "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1710628718, + "narHash": "sha256-y+l3eH53UlENaYa1lmnCBHusZb1kxBEFd2/c7lDsGpw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "6dc11d9859d6a18ab0c5e5829a5b8e4810658de3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1655400192, + "narHash": "sha256-49OBVVRgb9H/PSmNT9W61+NRdDbuSJVuDDflwXlaUKU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3d7435c638baffaa826b85459df0fff47f12317d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1689088367, + "narHash": "sha256-Y2tl2TlKCWEHrOeM9ivjCLlRAKH3qoPUE/emhZECU14=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5c9ddb86679c400d6b7360797b8a22167c2053f8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1710951922, + "narHash": "sha256-FOOBJ3DQenLpTNdxMHR2CpGZmYuctb92gF0lpiirZ30=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "f091af045dff8347d66d186a62d42aceff159456", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1707091808, + "narHash": "sha256-LahKBAfGbY836gtpVNnWwBTIzN7yf/uYM/S0g393r0Y=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9f2ee8c91ac42da3ae6c6a1d21555f283458247e", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixsgx-flake": { + "inputs": { + "nixpkgs": "nixpkgs_5", + "snowfall-lib": "snowfall-lib" + }, + "locked": { + "lastModified": 1710409997, + "narHash": "sha256-wJNbtX4pbPdkoS9oKRLqiZRCAwqT0JG6esCJtJEjSBw=", + "owner": "matter-labs", + "repo": "nixsgx", + "rev": "6aef709945875bae7cd4e62a1ef0b62766a507b7", + "type": "github" + }, + "original": { + "owner": "matter-labs", + "repo": "nixsgx", + "type": "github" + } + }, + "nmd": { + "flake": false, + "locked": { + "lastModified": 1696846470, + "narHash": "sha256-S/6s3nRcg+xZfsO7aLe01W+EMAKFVyieHa4eFvOKOLk=", + "owner": "horriblename", + "repo": "nmd", + "rev": "bcf805ce85b9e938f7e027b3311137ffbd995794", + "type": "github" + }, + "original": { + "owner": "horriblename", + "repo": "nmd", + "type": "github" + } + }, + "noice-nvim": { + "flake": false, + "locked": { + "lastModified": 1690306450, + "narHash": "sha256-Zca6meJkfF4fl17Y+6s77GYrqnhkkzIYW73vAhKg7e4=", + "owner": "folke", + "repo": "noice.nvim", + "rev": "894db25ec726d32047799d4d0a982b701bec453b", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "noice.nvim", + "type": "github" + } + }, + "none-ls": { + "flake": false, + "locked": { + "lastModified": 1697600654, + "narHash": "sha256-dDMZEgT5uG31bEsLiX9r6MJlOJUdQyeTPJAeRcY2z7s=", + "owner": "nvimtools", + "repo": "none-ls.nvim", + "rev": "dc9b7e28f5573a1a2225ffb33893d23d3e052ed6", + "type": "github" + }, + "original": { + "owner": "nvimtools", + "repo": "none-ls.nvim", + "type": "github" + } + }, + "nui-nvim": { + "flake": false, + "locked": { + "lastModified": 1689828309, + "narHash": "sha256-nSUs9zAX7hQ3PuFrH4zQblMfTY6ALDNggmqaQnkbR5E=", + "owner": "MunifTanjim", + "repo": "nui.nvim", + "rev": "9e3916e784660f55f47daa6f26053ad044db5d6a", + "type": "github" + }, + "original": { + "owner": "MunifTanjim", + "repo": "nui.nvim", + "type": "github" + } + }, + "nvim-autopairs": { + "flake": false, + "locked": { + "lastModified": 1689332359, + "narHash": "sha256-bu+WpW5Wfk3pS74mzVvehl7dVMHgrttmV4ZSlfwbai4=", + "owner": "windwp", + "repo": "nvim-autopairs", + "rev": "ae5b41ce880a6d850055e262d6dfebd362bb276e", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-autopairs", + "type": "github" + } + }, + "nvim-bufferline-lua": { + "flake": false, + "locked": { + "lastModified": 1690184232, + "narHash": "sha256-MiQsYeLgADCaUf1x88q/7gO17F992HMlt1pu9dYEmp0=", + "owner": "akinsho", + "repo": "nvim-bufferline.lua", + "rev": "99f0932365b34e22549ff58e1bea388465d15e99", + "type": "github" + }, + "original": { + "owner": "akinsho", + "repo": "nvim-bufferline.lua", + "type": "github" + } + }, + "nvim-cmp": { + "flake": false, + "locked": { + "lastModified": 1688965049, + "narHash": "sha256-Hq6YUfMQo1rHoay3/NieGCne7U/f06GwUPhN2HO0PdQ=", + "owner": "hrsh7th", + "repo": "nvim-cmp", + "rev": "c4e491a87eeacf0408902c32f031d802c7eafce8", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-cmp", + "type": "github" + } + }, + "nvim-code-action-menu": { + "flake": false, + "locked": { + "lastModified": 1671523188, + "narHash": "sha256-7szx+Me6WhrANbmfQ6C6gfSVB2owd02b3iZYhz7K6wY=", + "owner": "weilbith", + "repo": "nvim-code-action-menu", + "rev": "e4399dbaf6eabff998d3d5f1cbcd8d9933710027", + "type": "github" + }, + "original": { + "owner": "weilbith", + "repo": "nvim-code-action-menu", + "type": "github" + } + }, + "nvim-colorizer-lua": { + "flake": false, + "locked": { + "lastModified": 1591879145, + "narHash": "sha256-6YrnItxExL2C8pNIdLd+hXCjsB2MbZANwWkah6dreD8=", + "owner": "norcalli", + "repo": "nvim-colorizer.lua", + "rev": "36c610a9717cc9ec426a07c8e6bf3b3abcb139d6", + "type": "github" + }, + "original": { + "owner": "norcalli", + "repo": "nvim-colorizer.lua", + "type": "github" + } + }, + "nvim-compe": { + "flake": false, + "locked": { + "lastModified": 1633188506, + "narHash": "sha256-Y2oqvsuAKM3qjmmtJVD9z34682eCRF25kPL+rxhhg7I=", + "owner": "hrsh7th", + "repo": "nvim-compe", + "rev": "d186d739c54823e0b010feb205c6f97792322c08", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "nvim-compe", + "type": "github" + } + }, + "nvim-cursorline": { + "flake": false, + "locked": { + "lastModified": 1650034925, + "narHash": "sha256-Uhw65p1KBjs8KsVOmTzuiu3XKclxBob8AVdWEt30C/8=", + "owner": "yamatsum", + "repo": "nvim-cursorline", + "rev": "804f0023692653b2b2368462d67d2a87056947f9", + "type": "github" + }, + "original": { + "owner": "yamatsum", + "repo": "nvim-cursorline", + "type": "github" + } + }, + "nvim-dap": { + "flake": false, + "locked": { + "lastModified": 1690444190, + "narHash": "sha256-OSJA+K8eGj87RWo2tE0kT6bAItGkMMtuR0HB8WEXZ4k=", + "owner": "mfussenegger", + "repo": "nvim-dap", + "rev": "2f28ea843bcdb378b171a66ddcd568516e431d55", + "type": "github" + }, + "original": { + "owner": "mfussenegger", + "repo": "nvim-dap", + "type": "github" + } + }, + "nvim-dap-ui": { + "flake": false, + "locked": { + "lastModified": 1689371609, + "narHash": "sha256-z6TFe7+r/g2tfgdXr6PCPri5lSboi66zZmsdyWTI1BM=", + "owner": "rcarriga", + "repo": "nvim-dap-ui", + "rev": "85b16ac2309d85c88577cd8ee1733ce52be8227e", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-dap-ui", + "type": "github" + } + }, + "nvim-docs-view": { + "flake": false, + "locked": { + "lastModified": 1697737319, + "narHash": "sha256-EmQbnleqxE+VHO5bMI9U/gMpwbJbPdNhrEWE7357MCE=", + "owner": "amrbashir", + "repo": "nvim-docs-view", + "rev": "74a5e989e3fdcfd9418bb9dfec0ace308e00a5a0", + "type": "github" + }, + "original": { + "owner": "amrbashir", + "repo": "nvim-docs-view", + "type": "github" + } + }, + "nvim-lightbulb": { + "flake": false, + "locked": { + "lastModified": 1689887436, + "narHash": "sha256-Meoop66jINllnxN6aohuPmU7DEjn64FMq/b8zuy9FEQ=", + "owner": "kosayoda", + "repo": "nvim-lightbulb", + "rev": "8f00b89dd1b1dbde16872bee5fbcee2e58c9b8e9", + "type": "github" + }, + "original": { + "owner": "kosayoda", + "repo": "nvim-lightbulb", + "type": "github" + } + }, + "nvim-lspconfig": { + "flake": false, + "locked": { + "lastModified": 1690356683, + "narHash": "sha256-Ama9nLC/T1wJWal6bKvgY0ywUUiJ5VLuIxoY1xbJKtY=", + "owner": "neovim", + "repo": "nvim-lspconfig", + "rev": "b6091272422bb0fbd729f7f5d17a56d37499c54f", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "nvim-lspconfig", + "type": "github" + } + }, + "nvim-navbuddy": { + "flake": false, + "locked": { + "lastModified": 1688569844, + "narHash": "sha256-011RT/wnQdBR1vMrXFwxbicBAgdcd4eQYPbok/o3CIE=", + "owner": "SmiteshP", + "repo": "nvim-navbuddy", + "rev": "244a4cded6f2b568403684131d148048efe4e8af", + "type": "github" + }, + "original": { + "owner": "SmiteshP", + "repo": "nvim-navbuddy", + "type": "github" + } + }, + "nvim-navic": { + "flake": false, + "locked": { + "lastModified": 1689944100, + "narHash": "sha256-M7BT1C9xHyLgr22JI3b+wyD+bYs6FgKc6PIqMrXnNr4=", + "owner": "SmiteshP", + "repo": "nvim-navic", + "rev": "9c89730da6a05acfeb6a197e212dfadf5aa60ca0", + "type": "github" + }, + "original": { + "owner": "SmiteshP", + "repo": "nvim-navic", + "type": "github" + } + }, + "nvim-neoclip": { + "flake": false, + "locked": { + "lastModified": 1684196333, + "narHash": "sha256-96AwMgyC7PTDEPS5tXwDT3WfK8jJJuIYGE+q+j6U5Uc=", + "owner": "AckslD", + "repo": "nvim-neoclip.lua", + "rev": "4e406ae0f759262518731538f2585abb9d269bac", + "type": "github" + }, + "original": { + "owner": "AckslD", + "repo": "nvim-neoclip.lua", + "type": "github" + } + }, + "nvim-notify": { + "flake": false, + "locked": { + "lastModified": 1685978736, + "narHash": "sha256-Rr2tzuEr06M9ZbvQbC07qcxkyjFJFYdABwRpYelKBFI=", + "owner": "rcarriga", + "repo": "nvim-notify", + "rev": "ea9c8ce7a37f2238f934e087c255758659948e0f", + "type": "github" + }, + "original": { + "owner": "rcarriga", + "repo": "nvim-notify", + "type": "github" + } + }, + "nvim-session-manager": { + "flake": false, + "locked": { + "lastModified": 1689976511, + "narHash": "sha256-04GL+0JdtD2hEOSrRJUh3Wdpoy2igjHt95Nf3WioFU4=", + "owner": "Shatur", + "repo": "neovim-session-manager", + "rev": "4883372b1ef2bdcf4cbdac44c98d68c216914462", + "type": "github" + }, + "original": { + "owner": "Shatur", + "repo": "neovim-session-manager", + "type": "github" + } + }, + "nvim-surround": { + "flake": false, + "locked": { + "lastModified": 1685464327, + "narHash": "sha256-r3D5WTqEnIL1T3p7cmkRmBY8qgwFFJptM7BKNNsCT8k=", + "owner": "kylechui", + "repo": "nvim-surround", + "rev": "10b20ca7d9da1ac8df8339e140ffef94f9ab3b18", + "type": "github" + }, + "original": { + "owner": "kylechui", + "repo": "nvim-surround", + "type": "github" + } + }, + "nvim-tree-lua": { + "flake": false, + "locked": { + "lastModified": 1690616703, + "narHash": "sha256-kTbYvT21wLfiwEpQAgGZtep2GP4F9e7e6XGVpr4D1hY=", + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "rev": "4bd30f0137e44dcf3e74cc1164efb568f78f2b02", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-tree.lua", + "type": "github" + } + }, + "nvim-treesitter-context": { + "flake": false, + "locked": { + "lastModified": 1689239188, + "narHash": "sha256-AJamiDezFK7l0bqb/VFm+pzBKugQNCmQ6JAWKmjH76g=", + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "rev": "6f8f788738b968f24a108ee599c5be0031f94f06", + "type": "github" + }, + "original": { + "owner": "nvim-treesitter", + "repo": "nvim-treesitter-context", + "type": "github" + } + }, + "nvim-ts-autotag": { + "flake": false, + "locked": { + "lastModified": 1686883732, + "narHash": "sha256-4qTtXYA5HyG1sADV0wsiccO/G89qEoYPmlg8tTx7h8g=", + "owner": "windwp", + "repo": "nvim-ts-autotag", + "rev": "6be1192965df35f94b8ea6d323354f7dc7a557e4", + "type": "github" + }, + "original": { + "owner": "windwp", + "repo": "nvim-ts-autotag", + "type": "github" + } + }, + "nvim-web-devicons": { + "flake": false, + "locked": { + "lastModified": 1689474464, + "narHash": "sha256-FtEJBhqvs+c/Rvy4qXf3iyoMTTKrDBvQw5g63n4KEYo=", + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "rev": "efbfed0567ef4bfac3ce630524a0f6c8451c5534", + "type": "github" + }, + "original": { + "owner": "nvim-tree", + "repo": "nvim-web-devicons", + "type": "github" + } + }, + "obsidian-nvim": { + "flake": false, + "locked": { + "lastModified": 1690662423, + "narHash": "sha256-qemlp11QSp4BnWadN3+3ndv47e+1yS+w91GumbzQric=", + "owner": "epwalsh", + "repo": "obsidian.nvim", + "rev": "f81ddfa56b87fda158d3a56625a8040a7cf23fef", + "type": "github" + }, + "original": { + "owner": "epwalsh", + "repo": "obsidian.nvim", + "type": "github" + } + }, + "onedark": { + "flake": false, + "locked": { + "lastModified": 1689269544, + "narHash": "sha256-HfyYEppo9NFswYlPKnHNOZO5eiTQSORQhWAkzCmM2m4=", + "owner": "navarasu", + "repo": "onedark.nvim", + "rev": "cae5fdf035ee92c407a29ee2ccfcff503d2be7f1", + "type": "github" + }, + "original": { + "owner": "navarasu", + "repo": "onedark.nvim", + "type": "github" + } + }, + "orgmode-nvim": { + "flake": false, + "locked": { + "lastModified": 1690291768, + "narHash": "sha256-jc89zEAtHBh8785gNW/UZ9jkgTee/XYMm4+jyW7G2Oo=", + "owner": "nvim-orgmode", + "repo": "orgmode", + "rev": "6b6eb8eabbed4d95568fd1f5374a3dff7ed51a3b", + "type": "github" + }, + "original": { + "owner": "nvim-orgmode", + "repo": "orgmode", + "type": "github" + } + }, + "oxocarbon": { + "flake": false, + "locked": { + "lastModified": 1687168305, + "narHash": "sha256-2o++5aRDULfI35d+7psa6bk0eSXH2HwfuGjGtYGjR4w=", + "owner": "glyh", + "repo": "oxocarbon.nvim", + "rev": "7591d2e18df05374d612acba2b2573c7ff44dce4", + "type": "github" + }, + "original": { + "owner": "glyh", + "ref": "lualine-support", + "repo": "oxocarbon.nvim", + "type": "github" + } + }, + "plenary-nvim": { + "flake": false, + "locked": { + "lastModified": 1689589150, + "narHash": "sha256-oRtNcURQzrIRS3D88tWAl3HuFHxVJr8m/zzL7xoa/II=", + "owner": "nvim-lua", + "repo": "plenary.nvim", + "rev": "267282a9ce242bbb0c5dc31445b6d353bed978bb", + "type": "github" + }, + "original": { + "owner": "nvim-lua", + "repo": "plenary.nvim", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1681413034, + "narHash": "sha256-/t7OjNQcNkeWeSq/CFLYVBfm+IEnkjoSm9iKvArnUUI=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "d3de8f69ca88fb6f8b09e5b598be5ac98d28ede5", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "presence-nvim": { + "flake": false, + "locked": { + "lastModified": 1674984077, + "narHash": "sha256-ZpsunLsn//zYgUtmAm5FqKVueVd/Pa1r55ZDqxCimBk=", + "owner": "andweeb", + "repo": "presence.nvim", + "rev": "87c857a56b7703f976d3a5ef15967d80508df6e6", + "type": "github" + }, + "original": { + "owner": "andweeb", + "repo": "presence.nvim", + "type": "github" + } + }, + "project-nvim": { + "flake": false, + "locked": { + "lastModified": 1680567592, + "narHash": "sha256-avV3wMiDbraxW4mqlEsKy0oeewaRj9Q33K8NzWoaptU=", + "owner": "ahmedkhalf", + "repo": "project.nvim", + "rev": "8c6bad7d22eef1b71144b401c9f74ed01526a4fb", + "type": "github" + }, + "original": { + "owner": "ahmedkhalf", + "repo": "project.nvim", + "type": "github" + } + }, + "registers": { + "flake": false, + "locked": { + "lastModified": 1680595111, + "narHash": "sha256-MeBlcF5LLk6bhIofYuG+0Z2xwc0BVqP85yNCvjH66fw=", + "owner": "tversteeg", + "repo": "registers.nvim", + "rev": "2ab8372bb837f05fae6b43091f10a0b725d113ca", + "type": "github" + }, + "original": { + "owner": "tversteeg", + "repo": "registers.nvim", + "type": "github" + } + }, + "rnix-lsp": { + "inputs": { + "naersk": "naersk", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1669555118, + "narHash": "sha256-F0s0m62S5bHNVWNHLZD6SeHiLrsDx98VQbRjDyIu+qQ=", + "owner": "nix-community", + "repo": "rnix-lsp", + "rev": "95d40673fe43642e2e1144341e86d0036abd95d9", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "rnix-lsp", + "type": "github" + } + }, + "root": { + "inputs": { + "darwin": "darwin", + "disko": "disko", + "home-manager": "home-manager", + "lanzaboote": "lanzaboote", + "neovim-flake": "neovim-flake", + "nixpkgs": "nixpkgs_4", + "nixsgx-flake": "nixsgx-flake", + "simple-nixos-mailserver": "simple-nixos-mailserver", + "snowfall-lib": "snowfall-lib_2", + "sops-nix": "sops-nix", + "unstable": "unstable" + } + }, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1682129965, + "narHash": "sha256-1KRPIorEL6pLpJR04FwAqqnt4Tzcm4MqD84yhlD+XSk=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "2c417c0460b788328220120c698630947547ee83", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "flake-utils": [ + "neovim-flake", + "nil", + "flake-utils" + ], + "nixpkgs": [ + "neovim-flake", + "nil", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1696817516, + "narHash": "sha256-Xt9OY4Wnk9/vuUfA0OHFtmSlaen5GyiS9msgwOz3okI=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "c0df7f2a856b5ff27a3ce314f6d7aacf5fda546f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-tools": { + "flake": false, + "locked": { + "lastModified": 1689033186, + "narHash": "sha256-jtfyDxifchznUupLSao6nmpVqaX1yO0xN+NhqS9fgxg=", + "owner": "simrat39", + "repo": "rust-tools.nvim", + "rev": "0cc8adab23117783a0292a0c8a2fbed1005dc645", + "type": "github" + }, + "original": { + "owner": "simrat39", + "repo": "rust-tools.nvim", + "type": "github" + } + }, + "scrollbar-nvim": { + "flake": false, + "locked": { + "lastModified": 1684886154, + "narHash": "sha256-zLBexSxQCn9HPY04a9w/UCJP1F5ShI2X12I9xE9H0cM=", + "owner": "petertriho", + "repo": "nvim-scrollbar", + "rev": "35f99d559041c7c0eff3a41f9093581ceea534e8", + "type": "github" + }, + "original": { + "owner": "petertriho", + "repo": "nvim-scrollbar", + "type": "github" + } + }, + "simple-nixos-mailserver": { + "inputs": { + "blobs": "blobs", + "flake-compat": "flake-compat_4", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-23_05": "nixpkgs-23_05", + "nixpkgs-23_11": "nixpkgs-23_11", + "utils": "utils_3" + }, + "locked": { + "lastModified": 1706219574, + "narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "ref": "nixos-23.11", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, + "smartcolumn": { + "flake": false, + "locked": { + "lastModified": 1679417638, + "narHash": "sha256-DjPWBOLbzdfOQAx+6xgV1CD5NKuP1N6An2lmHNHd39Q=", + "owner": "m4xshen", + "repo": "smartcolumn.nvim", + "rev": "0c572e3eae48874f25b74394a486f38cadb5c958", + "type": "github" + }, + "original": { + "owner": "m4xshen", + "repo": "smartcolumn.nvim", + "type": "github" + } + }, + "snowfall-lib": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils-plus": "flake-utils-plus", + "nixpkgs": [ + "nixsgx-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1696432959, + "narHash": "sha256-oJQZv2MYyJaVyVJY5IeevzqpGvMGKu5pZcCCJvb+xjc=", + "owner": "snowfallorg", + "repo": "lib", + "rev": "92803a029b5314d4436a8d9311d8707b71d9f0b6", + "type": "github" + }, + "original": { + "owner": "snowfallorg", + "repo": "lib", + "type": "github" + } + }, + "snowfall-lib_2": { + "inputs": { + "flake-compat": "flake-compat_5", + "flake-utils-plus": "flake-utils-plus_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709576611, + "narHash": "sha256-vkcNo9pDhKObEU1xKDHcUUWKQbuYIi5051/5s/l6Iig=", + "owner": "snowfallorg", + "repo": "lib", + "rev": "5082cdac87c5fd99ef2ee5989d9f73888bc5ed14", + "type": "github" + }, + "original": { + "owner": "snowfallorg", + "repo": "lib", + "rev": "5082cdac87c5fd99ef2ee5989d9f73888bc5ed14", + "type": "github" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1710644594, + "narHash": "sha256-RquCuzxfy4Nr8DPbdp3D/AsbYep21JgQzG8aMH9jJ4A=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "83b68a0e8c94b72cdd0a6e547a14ca7eb1c03616", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "sqls-nvim": { + "flake": false, + "locked": { + "lastModified": 1684697500, + "narHash": "sha256-jKFut6NZAf/eIeIkY7/2EsjsIhvZQKCKAJzeQ6XSr0s=", + "owner": "nanotee", + "repo": "sqls.nvim", + "rev": "4b1274b5b44c48ce784aac23747192f5d9d26207", + "type": "github" + }, + "original": { + "owner": "nanotee", + "repo": "sqls.nvim", + "type": "github" + } + }, + "superdirt-src": { + "flake": false, + "locked": { + "lastModified": 1611740180, + "narHash": "sha256-GtnqZeMFqFkVhgx2Exu0wY687cHa7mNnVCgjQd6fiIA=", + "owner": "musikinformatik", + "repo": "superdirt", + "rev": "7abb62e89649daa1232b9cbd6427241868abd30e", + "type": "github" + }, + "original": { + "owner": "musikinformatik", + "ref": "master", + "repo": "superdirt", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "tabular": { + "flake": false, + "locked": { + "lastModified": 1550598128, + "narHash": "sha256-irolBA/m3YIaezl+90h5G+xUOpad+3u44uJqDs4JCUs=", + "owner": "godlygeek", + "repo": "tabular", + "rev": "339091ac4dd1f17e225fe7d57b48aff55f99b23a", + "type": "github" + }, + "original": { + "owner": "godlygeek", + "repo": "tabular", + "type": "github" + } + }, + "telescope": { + "flake": false, + "locked": { + "lastModified": 1690663693, + "narHash": "sha256-okyOr5t0e+oV3mY7Yq1ad/7f6qEEDS/ZQrqJcjktYRI=", + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "rev": "b6fccfb0f7589a87587875206786daccba62acc3", + "type": "github" + }, + "original": { + "owner": "nvim-telescope", + "repo": "telescope.nvim", + "type": "github" + } + }, + "tidal-src": { + "flake": false, + "locked": { + "lastModified": 1654350756, + "narHash": "sha256-tONM5SYYBca0orTLH1EUOilSC1FCluWrFt8AetUx+YQ=", + "owner": "tidalcycles", + "repo": "tidal", + "rev": "fda9c1ecb3722698935245e5409ef8ccdfca16c8", + "type": "github" + }, + "original": { + "owner": "tidalcycles", + "ref": "main", + "repo": "tidal", + "type": "github" + } + }, + "tidalcycles": { + "inputs": { + "dirt-samples-src": "dirt-samples-src", + "nixpkgs": "nixpkgs_2", + "superdirt-src": "superdirt-src", + "tidal-src": "tidal-src", + "utils": "utils_2", + "vim-tidal-src": "vim-tidal-src", + "vowel-src": "vowel-src" + }, + "locked": { + "lastModified": 1664760044, + "narHash": "sha256-e5LGk/tDnphory1mYhADgPnVtShofY2w/3xY09jEE2A=", + "owner": "mitchmindtree", + "repo": "tidalcycles.nix", + "rev": "3f3a820cd43709077d15a24fa6062de7d623a6bf", + "type": "github" + }, + "original": { + "owner": "mitchmindtree", + "repo": "tidalcycles.nix", + "type": "github" + } + }, + "todo-comments": { + "flake": false, + "locked": { + "lastModified": 1690569591, + "narHash": "sha256-Qm8AJ8omU5eCfjLt91DVxLS0R3QHbfW55ZTegB1JvWI=", + "owner": "folke", + "repo": "todo-comments.nvim", + "rev": "3094ead8edfa9040de2421deddec55d3762f64d1", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "todo-comments.nvim", + "type": "github" + } + }, + "toggleterm-nvim": { + "flake": false, + "locked": { + "lastModified": 1689602083, + "narHash": "sha256-/sUulN93nRHa3Je+tXr8/i1cgCrd/wtrvMPkjG5Ofzs=", + "owner": "akinsho", + "repo": "toggleterm.nvim", + "rev": "00c13dccc78c09fa5da4c5edda990a363e75035e", + "type": "github" + }, + "original": { + "owner": "akinsho", + "repo": "toggleterm.nvim", + "type": "github" + } + }, + "tokyonight": { + "flake": false, + "locked": { + "lastModified": 1689285710, + "narHash": "sha256-x26qLaZzg7sJIc1d/5Q/DJ/YvRSc3s87PwPHTPTl+Xk=", + "owner": "folke", + "repo": "tokyonight.nvim", + "rev": "1ee11019f8a81dac989ae1db1a013e3d582e2033", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "tokyonight.nvim", + "type": "github" + } + }, + "trouble": { + "flake": false, + "locked": { + "lastModified": 1690614197, + "narHash": "sha256-Ee0AM8S/A8DU0hyOnZoKC1hkW0fvk0A+c3WGvPqmKcU=", + "owner": "folke", + "repo": "trouble.nvim", + "rev": "40aad004f53ae1d1ba91bcc5c29d59f07c5f01d3", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "trouble.nvim", + "type": "github" + } + }, + "unstable": { + "locked": { + "lastModified": 1710806803, + "narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "utils": { + "locked": { + "lastModified": 1656928814, + "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1653893745, + "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_3": { + "locked": { + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "vim-dirtytalk": { + "flake": false, + "locked": { + "lastModified": 1690722430, + "narHash": "sha256-kjyLwkAk6mqK7u4+zAr+Yh+zbSiukNKtXwb7t39LUco=", + "owner": "psliwka", + "repo": "vim-dirtytalk", + "rev": "a49251dce1852875951d95f7013979ece5caebf0", + "type": "github" + }, + "original": { + "owner": "psliwka", + "repo": "vim-dirtytalk", + "type": "github" + } + }, + "vim-illuminate": { + "flake": false, + "locked": { + "lastModified": 1679187974, + "narHash": "sha256-8dL3cBjQ2iY4D4gTxKVVmOGhxcSSRuDBvmEwwFIbWsQ=", + "owner": "RRethy", + "repo": "vim-illuminate", + "rev": "a2907275a6899c570d16e95b9db5fd921c167502", + "type": "github" + }, + "original": { + "owner": "RRethy", + "repo": "vim-illuminate", + "type": "github" + } + }, + "vim-markdown": { + "flake": false, + "locked": { + "lastModified": 1680951012, + "narHash": "sha256-B00rad/Bbp+kJBN/fYliOaGiUe0AfBng6gs/fVBve9A=", + "owner": "preservim", + "repo": "vim-markdown", + "rev": "cc82d88e2a791f54d2b6e2b26e41f743351ac947", + "type": "github" + }, + "original": { + "owner": "preservim", + "repo": "vim-markdown", + "type": "github" + } + }, + "vim-repeat": { + "flake": false, + "locked": { + "lastModified": 1611544268, + "narHash": "sha256-8rfZa3uKXB3TRCqaDHZ6DfzNbm7WaYnLvmTNzYtnKHg=", + "owner": "tpope", + "repo": "vim-repeat", + "rev": "24afe922e6a05891756ecf331f39a1f6743d3d5a", + "type": "github" + }, + "original": { + "owner": "tpope", + "repo": "vim-repeat", + "type": "github" + } + }, + "vim-startify": { + "flake": false, + "locked": { + "lastModified": 1620487920, + "narHash": "sha256-//3bzFTe1WKqvQ3uYrDbk5Zu5BKq2hXQGeBhmhKIHvk=", + "owner": "mhinz", + "repo": "vim-startify", + "rev": "81e36c352a8deea54df5ec1e2f4348685569bed2", + "type": "github" + }, + "original": { + "owner": "mhinz", + "repo": "vim-startify", + "type": "github" + } + }, + "vim-tidal-src": { + "flake": false, + "locked": { + "lastModified": 1685703852, + "narHash": "sha256-8gyk17YLeKpLpz3LRtxiwbpsIbZka9bb63nK5/9IUoA=", + "owner": "tidalcycles", + "repo": "vim-tidal", + "rev": "e440fe5bdfe07f805e21e6872099685d38e8b761", + "type": "github" + }, + "original": { + "owner": "tidalcycles", + "ref": "master", + "repo": "vim-tidal", + "type": "github" + } + }, + "vim-vsnip": { + "flake": false, + "locked": { + "lastModified": 1678609126, + "narHash": "sha256-ehPnvGle7YrECn76YlSY/2V7Zeq56JGlmZPlwgz2FdE=", + "owner": "hrsh7th", + "repo": "vim-vsnip", + "rev": "7753ba9c10429c29d25abfd11b4c60b76718c438", + "type": "github" + }, + "original": { + "owner": "hrsh7th", + "repo": "vim-vsnip", + "type": "github" + } + }, + "vowel-src": { + "flake": false, + "locked": { + "lastModified": 1641306144, + "narHash": "sha256-zfF6cvAGDNYWYsE8dOIo38b+dIymd17Pexg0HiPFbxM=", + "owner": "supercollider-quarks", + "repo": "vowel", + "rev": "ab59caa870201ecf2604b3efdd2196e21a8b5446", + "type": "github" + }, + "original": { + "owner": "supercollider-quarks", + "ref": "master", + "repo": "vowel", + "type": "github" + } + }, + "which-key": { + "flake": false, + "locked": { + "lastModified": 1690570286, + "narHash": "sha256-B1+EHd2eH/EbD5Kip9PfhdPyyGfIkD6rsx0Z3rXvb5w=", + "owner": "folke", + "repo": "which-key.nvim", + "rev": "7ccf476ebe0445a741b64e36c78a682c1c6118b7", + "type": "github" + }, + "original": { + "owner": "folke", + "repo": "which-key.nvim", + "type": "github" + } + }, + "zig": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1690718829, + "narHash": "sha256-GN19SrCqWxIJN+rnbv+pIkF/yynh6FG2y7jY6PZRiYw=", + "owner": "mitchellh", + "repo": "zig-overlay", + "rev": "92e485cc7887f57be4d2921ed077f467912b7d33", + "type": "github" + }, + "original": { + "owner": "mitchellh", + "repo": "zig-overlay", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..d398cd0 --- /dev/null +++ b/flake.nix @@ -0,0 +1,88 @@ +{ + description = "Harald Hoyer's Nix Configurations"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; + + # NixPkgs Unstable (nixos-unstable) + unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + lanzaboote = { + url = "github:nix-community/lanzaboote/v0.3.0"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + snowfall-lib = { + url = "github:snowfallorg/lib?rev=5082cdac87c5fd99ef2ee5989d9f73888bc5ed14"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + # macOS Support (master) + darwin.url = "github:lnl7/nix-darwin"; + darwin.inputs.nixpkgs.follows = "nixpkgs"; + + home-manager.url = "github:nix-community/home-manager/release-23.11"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + + neovim-flake.url = "github:notashelf/neovim-flake/v0.5"; + neovim-flake.inputs.nixpkgs.follows = "nixpkgs"; + + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; + + sops-nix.url = "github:Mic92/sops-nix"; + sops-nix.inputs.nixpkgs.follows = "nixpkgs"; + + nixsgx-flake = { + url = "github:matter-labs/nixsgx"; + # inputs.nixpkgs.follows = "nixpkgs"; + }; + + simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11"; + simple-nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = inputs: + let + lib = inputs.snowfall-lib.mkLib { + inherit inputs; + src = ./.; + + snowfall.namespace = "metacfg"; + + snowfall = { + meta = { + name = "metacfg"; + title = "Metacfg"; + }; + }; + }; + in + lib.mkFlake { + channels-config = { + allowUnfree = true; + }; + + homes.modules = with inputs; [ + neovim-flake.homeManagerModules.default + ]; + + systems.modules.nixos = with inputs; [ + lanzaboote.nixosModules.lanzaboote + home-manager.nixosModules.home-manager + sops-nix.nixosModules.sops + disko.nixosModules.disko + simple-nixos-mailserver.nixosModule + ]; + + overlays = with inputs; [ + nixsgx-flake.overlays.default + ]; + + outputs-builder = channels: { + formatter = channels.nixpkgs.nixpkgs-fmt; + defaultApp = lib.flake-utils-plus.mkApp { drv = channels.nixpkgs.home-manager; }; + }; + + }; +} diff --git a/homes/x86_64-darwin/harald@mpro/default.nix b/homes/x86_64-darwin/harald@mpro/default.nix new file mode 100644 index 0000000..f7f8d31 --- /dev/null +++ b/homes/x86_64-darwin/harald@mpro/default.nix @@ -0,0 +1,32 @@ +{ lib +, pkgs +, config +, ... +}: +{ + home = { + username = "harald"; + homeDirectory = "/Users/${config.home.username}"; + stateVersion = "23.11"; # Please read the comment before changing. + sessionPath = [ "$HOME/bin" ]; + }; + + metacfg = { + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + tmux.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + direnv.enable = true; + alacritty.enable = true; + ssh.enable = true; + git.enable = true; + }; + }; +} + diff --git a/homes/x86_64-linux/harald@mx/default.nix b/homes/x86_64-linux/harald@mx/default.nix new file mode 100644 index 0000000..0ec0cb6 --- /dev/null +++ b/homes/x86_64-linux/harald@mx/default.nix @@ -0,0 +1,35 @@ +{ lib +, pkgs +, config +, ... +}: +{ + home.sessionPath = [ "$HOME/bin" ]; + + programs.bash.profileExtra = '' + ${lib.getExe pkgs.rust-motd} + ''; + + metacfg = { + user = { + enable = true; + name = config.snowfallorg.user.name; + }; + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + git.enable = true; + direnv.enable = true; + }; + }; + + xdg.enable = true; + xdg.mime.enable = true; +} + diff --git a/homes/x86_64-linux/harald@sgx-azure/default.nix b/homes/x86_64-linux/harald@sgx-azure/default.nix new file mode 100644 index 0000000..228958e --- /dev/null +++ b/homes/x86_64-linux/harald@sgx-azure/default.nix @@ -0,0 +1,39 @@ +{ lib +, pkgs +, config +, ... +}: +{ + home = { + username = "harald"; + homeDirectory = "/home/${config.home.username}"; + stateVersion = "23.11"; # Please read the comment before changing. + sessionPath = [ "$HOME/bin" ]; + }; + + nix.settings = { + substituters = [ "https://cache.nixos.org" "https://nixsgx.cachix.org" ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=" + ]; + }; + + metacfg = { + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + tmux.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + git.enable = true; + direnv.enable = true; + ssh.enable = true; + }; + }; +} + diff --git a/homes/x86_64-linux/harald@sgx-nixos/default.nix b/homes/x86_64-linux/harald@sgx-nixos/default.nix new file mode 100644 index 0000000..59320c9 --- /dev/null +++ b/homes/x86_64-linux/harald@sgx-nixos/default.nix @@ -0,0 +1,30 @@ +{ lib +, config +, ... +}: +{ + home.sessionPath = [ "$HOME/bin" ]; + + metacfg = { + user = { + enable = true; + name = config.snowfallorg.user.name; + }; + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + git.enable = true; + direnv.enable = true; + }; + }; + + xdg.enable = true; + xdg.mime.enable = true; +} + diff --git a/homes/x86_64-linux/harald@sgx/default.nix b/homes/x86_64-linux/harald@sgx/default.nix new file mode 100644 index 0000000..59320c9 --- /dev/null +++ b/homes/x86_64-linux/harald@sgx/default.nix @@ -0,0 +1,30 @@ +{ lib +, config +, ... +}: +{ + home.sessionPath = [ "$HOME/bin" ]; + + metacfg = { + user = { + enable = true; + name = config.snowfallorg.user.name; + }; + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + git.enable = true; + direnv.enable = true; + }; + }; + + xdg.enable = true; + xdg.mime.enable = true; +} + diff --git a/homes/x86_64-linux/harald@t15/default.nix b/homes/x86_64-linux/harald@t15/default.nix new file mode 100644 index 0000000..de75cc8 --- /dev/null +++ b/homes/x86_64-linux/harald@t15/default.nix @@ -0,0 +1,65 @@ +{ lib +, config +, ... +}: +{ + home.sessionPath = [ "$HOME/bin" ]; + + metacfg = { + user = { + enable = true; + name = config.snowfallorg.user.name; + }; + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + git.enable = true; + direnv.enable = true; + }; + }; + + fonts.fontconfig.enable = true; + + dconf.settings = { + # ... + "org/gnome/shell" = { + disable-user-extensions = false; + + # `gnome-extensions list` for a list + enabled-extensions = [ + "Vitals@CoreCoding.com" + "appindicatorsupport@rgcjonas.gmail.com" + "dash-to-panel@jderose9.github.com" + "hibernate-status@dromi" + ]; + + favorite-apps = [ + "org.gnome.Console.desktop" + "jetbrains-toolbox.desktop" + "org.mozilla.firefox.desktop" + "firefox.desktop" + "thunderbird.desktop" + "org.mozilla.Thunderbird.desktop" + "slack.desktop" + "keybase.desktop" + "spotify.desktop" + "org.gnome.Nautilus.desktop" + "virt-manager.desktop" + ]; + }; + "org/virt-manager/virt-manager/connections" = { + autoconnect = [ "qemu:///system" ]; + uris = [ "qemu:///system" ]; + }; + }; + + xdg.enable = true; + xdg.mime.enable = true; +} + diff --git a/homes/x86_64-linux/harald@x1/default.nix b/homes/x86_64-linux/harald@x1/default.nix new file mode 100644 index 0000000..de75cc8 --- /dev/null +++ b/homes/x86_64-linux/harald@x1/default.nix @@ -0,0 +1,65 @@ +{ lib +, config +, ... +}: +{ + home.sessionPath = [ "$HOME/bin" ]; + + metacfg = { + user = { + enable = true; + name = config.snowfallorg.user.name; + }; + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + git.enable = true; + direnv.enable = true; + }; + }; + + fonts.fontconfig.enable = true; + + dconf.settings = { + # ... + "org/gnome/shell" = { + disable-user-extensions = false; + + # `gnome-extensions list` for a list + enabled-extensions = [ + "Vitals@CoreCoding.com" + "appindicatorsupport@rgcjonas.gmail.com" + "dash-to-panel@jderose9.github.com" + "hibernate-status@dromi" + ]; + + favorite-apps = [ + "org.gnome.Console.desktop" + "jetbrains-toolbox.desktop" + "org.mozilla.firefox.desktop" + "firefox.desktop" + "thunderbird.desktop" + "org.mozilla.Thunderbird.desktop" + "slack.desktop" + "keybase.desktop" + "spotify.desktop" + "org.gnome.Nautilus.desktop" + "virt-manager.desktop" + ]; + }; + "org/virt-manager/virt-manager/connections" = { + autoconnect = [ "qemu:///system" ]; + uris = [ "qemu:///system" ]; + }; + }; + + xdg.enable = true; + xdg.mime.enable = true; +} + diff --git a/lib/audio/default.nix b/lib/audio/default.nix new file mode 100644 index 0000000..ebe8154 --- /dev/null +++ b/lib/audio/default.nix @@ -0,0 +1,65 @@ +{ lib }: + +rec { + ## Renames an alsa device from a given `name` using the new `description`. + ## + #@ { name: String, description: String } -> { matches: List, apply_properties: Attrs } + mkAlsaRename = { name, description }: { + matches = [ + [ + [ "device.name" "matches" name ] + ] + ]; + # actions = { "update-props" = { "node.description" = description; }; }; + apply_properties = { + "device.description" = description; + }; + }; + + ## Create a pipewire audio node. + ## + #@ { name: String, factory: String ? "adapter", ... } -> { factory: String, args: Attrs } + mkAudioNode = args@{ name, factory ? "adapter", ... }: { + inherit factory; + args = (builtins.removeAttrs args [ "name" "description" ]) // { + "node.name" = name; + "node.description" = args.description or args."node.description"; + "factory.name" = args."factory.name" or "support.null-audio-sink"; + }; + }; + + ## Create a virtual pipewire audio node. + ## + #@ { name: String, ... } -> { factory: "adapter", args: Attrs } + mkVirtualAudioNode = args@{ name, ... }: + mkAudioNode (args // { + name = "virtual-${lib.toLower name}-audio"; + description = "${name} (Virtual)"; + "media.class" = args.class or args."media.class" or "Audio/Duplex"; + "object.linger" = args."object.linger" or true; + "audio.position" = args."audio.position" or [ "FL" "FR" ]; + "monitor.channel-volumes" = args."monitor.channel-volumes" or true; + }); + + ## Connect two pipewire audio nodes + ## + #@ { name: String?, from: String, to: String, ... } -> { name: "libpipewire-module-loopback", args: Attrs } + mkBridgeAudioModule = args@{ from, to, ... }: { + name = "libpipewire-module-loopback"; + args = (builtins.removeAttrs args [ "from" "to" "name" ]) // { + "node.name" = + if args ? name then + "${args.name}-bridge" + else + "${lib.toLower from}-to-${lib.toLower to}-bridge"; + "audio.position" = args."audio.position" or [ "FL" "FR" ]; + "capture.props" = { + "node.target" = from; + } // (args."capture.props" or { }); + "playback.props" = { + "node.target" = to; + "monitor.channel-volumes" = true; + } // (args."playback.props" or { }); + }; + }; +} diff --git a/lib/default.nix b/lib/default.nix new file mode 100644 index 0000000..61216de --- /dev/null +++ b/lib/default.nix @@ -0,0 +1,20 @@ +{ lib, inputs, snowfall-inputs }: + +rec { + ## Override a package's metadata + ## + ## ```nix + ## let + ## new-meta = { + ## description = "My new description"; + ## }; + ## in + ## lib.override-meta new-meta pkgs.hello + ## ``` + ## + #@ Attrs -> Package -> Package + override-meta = meta: package: + package.overrideAttrs (attrs: { + meta = (attrs.meta or { }) // meta; + }); +} diff --git a/lib/deploy/default.nix b/lib/deploy/default.nix new file mode 100644 index 0000000..ea2b05f --- /dev/null +++ b/lib/deploy/default.nix @@ -0,0 +1,51 @@ +{ lib, inputs }: + +let + inherit (inputs) deploy-rs; +in +rec { + ## Create deployment configuration for use with deploy-rs. + ## + ## ```nix + ## mkDeploy { + ## inherit self; + ## overrides = { + ## my-host.system.sudo = "doas -u"; + ## }; + ## } + ## ``` + ## + #@ { self: Flake, overrides: Attrs ? {} } -> Attrs + mkDeploy = { self, overrides ? { } }: + let + hosts = self.nixosConfigurations or { }; + names = builtins.attrNames hosts; + nodes = lib.foldl + (result: name: + let + host = hosts.${name}; + user = host.config.metacfg.user.name or null; + inherit (host.pkgs) system; + in + result // { + ${name} = (overrides.${name} or { }) // { + hostname = overrides.${name}.hostname or "${name}"; + profiles = (overrides.${name}.profiles or { }) // { + system = (overrides.${name}.profiles.system or { }) // { + path = deploy-rs.lib.${system}.activate.nixos host; + } // lib.optionalAttrs (user != null) { + user = "root"; + sshUser = user; + } // lib.optionalAttrs + (host.config.metacfg.security.doas.enable or false) + { + sudo = "doas -u"; + }; + }; + }; + }) + { } + names; + in + { inherit nodes; }; +} diff --git a/lib/file/default.nix b/lib/file/default.nix new file mode 100644 index 0000000..97a3078 --- /dev/null +++ b/lib/file/default.nix @@ -0,0 +1,25 @@ +{ lib, ... }: + +rec { + ## Append text to the contents of a file + ## + ## ```nix + ## fileWithText ./some.txt "appended text" + ## ``` + ## + #@ Path -> String -> String + fileWithText = file: text: '' + ${builtins.readFile file} + ${text}''; + + ## Prepend text to the contents of a file + ## + ## ```nix + ## fileWithText' ./some.txt "prepended text" + ## ``` + ## + #@ Path -> String -> String + fileWithText' = file: text: '' + ${text} + ${builtins.readFile file}''; +} diff --git a/lib/module/default.nix b/lib/module/default.nix new file mode 100644 index 0000000..48e53c6 --- /dev/null +++ b/lib/module/default.nix @@ -0,0 +1,62 @@ +{ lib, ... }: + +with lib; rec { + ## Create a NixOS module option. + ## + ## ```nix + ## lib.mkOpt nixpkgs.lib.types.str "My default" "Description of my option." + ## ``` + ## + #@ Type -> Any -> String + mkOpt = type: default: description: + mkOption { inherit type default description; }; + + ## Create a NixOS module option without a description. + ## + ## ```nix + ## lib.mkOpt' nixpkgs.lib.types.str "My default" + ## ``` + ## + #@ Type -> Any -> String + mkOpt' = type: default: mkOpt type default null; + + ## Create a boolean NixOS module option. + ## + ## ```nix + ## lib.mkBoolOpt true "Description of my option." + ## ``` + ## + #@ Type -> Any -> String + mkBoolOpt = mkOpt types.bool; + + ## Create a boolean NixOS module option without a description. + ## + ## ```nix + ## lib.mkBoolOpt true + ## ``` + ## + #@ Type -> Any -> String + mkBoolOpt' = mkOpt' types.bool; + + enabled = { + ## Quickly enable an option. + ## + ## ```nix + ## services.nginx = enabled; + ## ``` + ## + #@ true + enable = true; + }; + + disabled = { + ## Quickly disable an option. + ## + ## ```nix + ## services.nginx = enabled; + ## ``` + ## + #@ false + enable = false; + }; +} diff --git a/lib/network/default.nix b/lib/network/default.nix new file mode 100644 index 0000000..5b1033a --- /dev/null +++ b/lib/network/default.nix @@ -0,0 +1,54 @@ +{ lib, inputs, snowfall-inputs }: + +let + inherit (inputs.nixpkgs.lib) assertMsg last; +in +{ + network = { + # Split an address to get its host name or ip and its port. + # Type: String -> Attrs + # Usage: get-address-parts "bismuth:3000" + # result: { host = "bismuth"; port = "3000"; } + get-address-parts = address: + let + address-parts = builtins.split ":" address; + ip = builtins.head address-parts; + host = if ip == "" then "127.0.0.1" else ip; + port = if builtins.length address-parts != 3 then "" else last address-parts; + in + { inherit host port; }; + + ## Create proxy configuration for NGINX virtual hosts. + ## + ## ```nix + ## services.nginx.virtualHosts."example.com" = lib.network.create-proxy { + ## port = 3000; + ## host = "0.0.0.0"; + ## proxy-web-sockets = true; + ## extra-config = { + ## forceSSL = true; + ## }; + ## } + ## `` + ## + #@ { port: Int ? null, host: String ? "127.0.0.1", proxy-web-sockets: Bool ? false, extra-config: Attrs ? { } } -> Attrs + create-proxy = + { port ? null + , host ? "127.0.0.1" + , proxy-web-sockets ? false + , extra-config ? { } + }: + assert assertMsg (port != "" && port != null) "port cannot be empty"; + assert assertMsg (host != "") "host cannot be empty"; + extra-config // { + locations = (extra-config.locations or { }) // { + "/" = (extra-config.locations."/" or { }) // { + proxyPass = + "http://${host}${if port != null then ":${builtins.toString port}" else ""}"; + + proxyWebsockets = proxy-web-sockets; + }; + }; + }; + }; +} diff --git a/modules/darwin/home/default.nix b/modules/darwin/home/default.nix new file mode 100644 index 0000000..d75b42c --- /dev/null +++ b/modules/darwin/home/default.nix @@ -0,0 +1,40 @@ +{ options, config, pkgs, lib, inputs, ... }: + +with lib; +with lib.metacfg; +let + cfg = config.metacfg.home; +in +{ + # imports = with inputs; [ + # home-manager.darwinModules.home-manager + # ]; + + options.metacfg.home = with types; { + file = mkOpt attrs { } + "A set of files to be managed by home-manager's ."; + configFile = mkOpt attrs { } + "A set of files to be managed by home-manager's ."; + extraOptions = mkOpt attrs { } "Options to pass directly to home-manager."; + homeConfig = mkOpt attrs { } "Final config for home-manager."; + }; + + config = { + metacfg.home.extraOptions = { + home.stateVersion = mkDefault "23.11"; + home.file = mkAliasDefinitions options.metacfg.home.file; + xdg.enable = true; + xdg.configFile = mkAliasDefinitions options.metacfg.home.configFile; + }; + + snowfallorg.users.${config.metacfg.user.name}.home.config = mkAliasDefinitions options.metacfg.home.extraOptions; + + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + + # users.${config.metacfg.user.name} = args: + # mkAliasDefinitions options.metacfg.home.extraOptions; + }; + }; +} diff --git a/modules/darwin/nix/default.nix b/modules/darwin/nix/default.nix new file mode 100644 index 0000000..ea488df --- /dev/null +++ b/modules/darwin/nix/default.nix @@ -0,0 +1,74 @@ +{ options +, config +, pkgs +, lib +, ... +}: +with lib; +with lib.metacfg; let + cfg = config.metacfg.nix; +in +{ + options.metacfg.nix = with types; { + enable = mkBoolOpt true "Whether or not to manage nix configuration."; + package = mkOpt package pkgs.nixUnstable "Which nix package to use."; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + deploy-rs + nixfmt + nix-index + nix-prefetch-git + ]; + + nix = + let + users = [ "root" config.metacfg.user.name ]; + in + { + package = cfg.package; + + settings = { + experimental-features = "nix-command flakes"; + http-connections = 50; + warn-dirty = false; + log-lines = 50; + + # Large builds apparently fail due to an issue with darwin: + # https://github.com/NixOS/nix/issues/4119 + sandbox = false; + + # This appears to break on darwin + # https://github.com/NixOS/nix/issues/7273 + auto-optimise-store = false; + + allow-import-from-derivation = true; + + trusted-users = users; + allowed-users = users; + + # NOTE: This configuration is generated by nix-installer so I'm adding it here in + # case it becomes important. + extra-nix-path = "nixpkgs=flake:nixpkgs"; + build-users-group = "nixbld"; + }; + #// (lib.optionalAttrs config.metacfg.tools.direnv.enable { + # keep-outputs = true; + # keep-derivations = true; + #}); + + gc = { + automatic = true; + interval = { Day = 7; }; + options = "--delete-older-than 30d"; + user = config.metacfg.user.name; + }; + + # flake-utils-plus + generateRegistryFromInputs = true; + generateNixPathFromInputs = true; + linkInputs = true; + }; + }; +} diff --git a/modules/darwin/security/gpg/default.nix b/modules/darwin/security/gpg/default.nix new file mode 100644 index 0000000..97984ba --- /dev/null +++ b/modules/darwin/security/gpg/default.nix @@ -0,0 +1,122 @@ +{ lib, config, pkgs, inputs, ... }: + +let + inherit (lib) types mkEnableOption mkIf; + inherit (lib.metacfg) mkOpt; + + cfg = config.metacfg.security.gpg; + gpgConf = "${inputs.gpg-base-conf}/gpg.conf"; + + gpgAgentConf = '' + enable-ssh-support + default-cache-ttl 60 + max-cache-ttl 120 + ''; + +in +{ + options.metacfg.security.gpg = { + enable = mkEnableOption "GPG"; + agentTimeout = mkOpt types.int 5 "The amount of time to wait before continuing with shell init."; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + gnupg + ]; + + environment.shellInit = '' + export GPG_TTY="$(tty)" + export SSH_AUTH_SOCK=$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket) + + ${pkgs.coreutils}/bin/timeout ${builtins.toString cfg.agentTimeout} ${pkgs.gnupg}/bin/gpgconf --launch gpg-agent + gpg_agent_timeout_status=$? + + if [ "$gpg_agent_timeout_status" = 124 ]; then + # Command timed out... + echo "GPG Agent timed out..." + echo 'Run "gpgconf --launch gpg-agent" to try and launch it again.' + fi + ''; + + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + metacfg.home.file = { + ".gnupg/.keep".text = ""; + + ".gnupg/gpg.conf".text = '' + # https://github.com/drduh/config/blob/master/gpg.conf + # https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html + # https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html + # 'gpg --version' to get capabilities + # Use AES256, 192, or 128 as cipher + personal-cipher-preferences AES256 AES192 AES + # Use SHA512, 384, or 256 as digest + personal-digest-preferences SHA512 SHA384 SHA256 + # Use ZLIB, BZIP2, ZIP, or no compression + personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed + # Default preferences for new keys + default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed + # SHA512 as digest to sign keys + cert-digest-algo SHA512 + # SHA512 as digest for symmetric ops + s2k-digest-algo SHA512 + # AES256 as cipher for symmetric ops + s2k-cipher-algo AES256 + # UTF-8 support for compatibility + charset utf-8 + # No comments in messages + no-comments + # No version in output + no-emit-version + # Disable banner + no-greeting + # Long key id format + keyid-format 0xlong + # Display UID validity + list-options show-uid-validity + verify-options show-uid-validity + # Display all keys and their fingerprints + with-fingerprint + # Display key origins and updates + #with-key-origin + # Cross-certify subkeys are present and valid + require-cross-certification + # Disable caching of passphrase for symmetrical ops + no-symkey-cache + # Enable smartcard + use-agent + # Disable recipient key ID in messages (breaks Mailvelope) + throw-keyids + # Default key ID to use (helpful with throw-keyids) + #default-key 0xFF3E7D88647EBCDB + #trusted-key 0xFF3E7D88647EBCDB + # Group recipient keys (preferred ID last) + #group keygroup = 0xFF00000000000001 0xFF00000000000002 0xFF3E7D88647EBCDB + # Keyserver URL + #keyserver hkps://keys.openpgp.org + #keyserver hkps://keys.mailvelope.com + #keyserver hkps://keyserver.ubuntu.com:443 + #keyserver hkps://pgpkeys.eu + #keyserver hkps://pgp.circl.lu + #keyserver hkp://zkaan2xfbuxia2wpf7ofnkbz6r5zdbbvxbunvp5g2iebopbfc4iqmbad.onion + # Keyserver proxy + #keyserver-options http-proxy=http://127.0.0.1:8118 + #keyserver-options http-proxy=socks5-hostname://127.0.0.1:9050 + # Enable key retrieval using WKD and DANE + #auto-key-locate wkd,dane,local + #auto-key-retrieve + # Trust delegation mechanism + #trust-model tofu+pgp + # Show expired subkeys + #list-options show-unusable-subkeys + # Verbose output + #verbose + ''; + ".gnupg/gpg-agent.conf".text = gpgAgentConf; + }; + }; +} diff --git a/modules/darwin/services/nix-daemon/default.nix b/modules/darwin/services/nix-daemon/default.nix new file mode 100644 index 0000000..0efa94d --- /dev/null +++ b/modules/darwin/services/nix-daemon/default.nix @@ -0,0 +1,17 @@ +{ lib, config, ... }: + +let + inherit (lib) types mkIf; + inherit (lib.metacfg) mkOpt enabled; + + cfg = config.metacfg.services.nix-daemon; +in +{ + options.metacfg.services.nix-daemon = { + enable = mkOpt types.bool true "Whether to enable the Nix daemon."; + }; + + config = mkIf cfg.enable { + services.nix-daemon = enabled; + }; +} diff --git a/modules/darwin/suites/common/default.nix b/modules/darwin/suites/common/default.nix new file mode 100644 index 0000000..64686a2 --- /dev/null +++ b/modules/darwin/suites/common/default.nix @@ -0,0 +1,30 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let + cfg = config.metacfg.suites.common; +in +{ + options.metacfg.suites.common = with types; { + enable = mkBoolOpt false "Whether or not to enable common configuration."; + }; + + config = mkIf cfg.enable { + programs.fish = enabled; + + metacfg = { + nix = enabled; + + system = { + fonts = enabled; + #input = enabled; + interface = enabled; + }; + + security = { + gpg = enabled; + }; + }; + }; +} diff --git a/modules/darwin/system/fonts/default.nix b/modules/darwin/system/fonts/default.nix new file mode 100644 index 0000000..0c90510 --- /dev/null +++ b/modules/darwin/system/fonts/default.nix @@ -0,0 +1,32 @@ +{ options, config, pkgs, lib, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.system.fonts; +in +{ + options.metacfg.system.fonts = with types; { + enable = mkBoolOpt false "Whether or not to manage fonts."; + fonts = mkOpt (listOf package) [ ] "Custom font packages to install."; + }; + + config = mkIf cfg.enable { + environment.variables = { + # Enable icons in tooling since we have nerdfonts. + LOG_ICONS = "true"; + }; + + fonts = { + fontDir = enabled; + + fonts = with pkgs; + [ + noto-fonts + noto-fonts-cjk-sans + noto-fonts-cjk-serif + noto-fonts-emoji + (nerdfonts.override { fonts = [ "Hack" ]; }) + ] ++ cfg.fonts; + }; + }; +} diff --git a/modules/darwin/system/interface/default.nix b/modules/darwin/system/interface/default.nix new file mode 100644 index 0000000..2f14504 --- /dev/null +++ b/modules/darwin/system/interface/default.nix @@ -0,0 +1,29 @@ +{ options, config, pkgs, lib, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.system.interface; +in +{ + options.metacfg.system.interface = with types; { + enable = mkEnableOption "macOS interface"; + }; + + config = mkIf cfg.enable { + system.defaults = { + dock.autohide = true; + + finder = { + AppleShowAllExtensions = true; + FXEnableExtensionChangeWarning = false; + }; + + NSGlobalDomain = { + _HIHideMenuBar = true; + AppleShowScrollBars = "Always"; + }; + }; + + metacfg.home.file.".hushlogin".text = ""; + }; +} diff --git a/modules/darwin/user/default.nix b/modules/darwin/user/default.nix new file mode 100644 index 0000000..78a3813 --- /dev/null +++ b/modules/darwin/user/default.nix @@ -0,0 +1,45 @@ +{ lib +, config +, pkgs +, ... +}: +let + inherit (lib) types mkIf mkDefault; + inherit (lib.metacfg) mkOpt; + + cfg = config.metacfg.user; + + is-linux = pkgs.stdenv.isLinux; + is-darwin = pkgs.stdenv.isDarwin; +in +{ + options.metacfg.user = { + name = mkOpt types.str "harald" "The user account."; + + fullName = mkOpt types.str "Harald Hoyer" "The full name of the user."; + email = mkOpt types.str "harald@hoyer.xyz" "The email of the user."; + + uid = mkOpt (types.nullOr types.int) 501 "The uid for the user account."; + }; + + config = { + users.users.${cfg.name} = { + # NOTE: Setting the uid here is required for another + # module to evaluate successfully since it reads + # `users.users.${metacfg.user.name}.uid`. + uid = mkIf (cfg.uid != null) cfg.uid; + }; + + snowfallorg.users.${config.metacfg.user.name}.home.config = { + home = { + file = { + ".profile".text = '' + # The default file limit is far too low and throws an error when rebuilding the system. + # See the original with: ulimit -Sa + ulimit -n 4096 + ''; + }; + }; + }; + }; +} diff --git a/modules/home/cli-apps/bash/default.nix b/modules/home/cli-apps/bash/default.nix new file mode 100644 index 0000000..eb850b8 --- /dev/null +++ b/modules/home/cli-apps/bash/default.nix @@ -0,0 +1,28 @@ +{ lib +, config +, pkgs +, ... +}: +let + inherit (lib) mkEnableOption mkIf; + + cfg = config.metacfg.cli-apps.bash; +in +{ + options.metacfg.cli-apps.bash = { + enable = mkEnableOption "BASH shell"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + bashInteractive + ]; + programs.bash = { + enable = true; + initExtra = '' + function msh() { mosh "$@" -- bash -c 'if type -f tmux; then tmux new-session -A -s 0; else screen -R; fi;' ; }; + function tsh() { ssh -t "$@" -- bash -c 'if type -f tmux; then tmux new-session -A -s 0; else screen -R; fi;' ; }; + ''; + }; + }; +} diff --git a/modules/home/cli-apps/bat/default.nix b/modules/home/cli-apps/bat/default.nix new file mode 100644 index 0000000..5b99051 --- /dev/null +++ b/modules/home/cli-apps/bat/default.nix @@ -0,0 +1,22 @@ +{ lib +, config +, pkgs +, ... +}: +with lib; +with lib.metacfg; let + cfg = config.metacfg.cli-apps.bat; +in +{ + options.metacfg.cli-apps.bat = { + enable = mkEnableOption "bat"; + }; + + config = mkIf cfg.enable { + programs.bat = { + enable = true; + config.theme = "ansi"; + extraPackages = with pkgs.bat-extras; [ batdiff batman batgrep batwatch ]; + }; + }; +} diff --git a/modules/home/cli-apps/fish/default.nix b/modules/home/cli-apps/fish/default.nix new file mode 100644 index 0000000..3a62572 --- /dev/null +++ b/modules/home/cli-apps/fish/default.nix @@ -0,0 +1,60 @@ +{ lib +, config +, pkgs +, ... +}: +let + inherit (lib) mkEnableOption mkIf; + + cfg = config.metacfg.cli-apps.fish; +in +{ + options.metacfg.cli-apps.fish = { + enable = mkEnableOption "FISH shell"; + }; + + config = mkIf cfg.enable { + programs.fish = { + enable = true; + interactiveShellInit = '' + function msh --wraps mosh --description 'mosh with tmux' + if not set -q argv[1] + echo 'Usage: msh [user@]host [command]' + else + ${pkgs.mosh}/bin/mosh $argv -- tmux new-session -A -s 0 + end + end + function tsh --wraps ssh --description 'ssh with tmux' + if not set -q argv[1] + echo 'Usage: tsh [user@]host [command]' + else + ${pkgs.openssh}/bin/ssh -t $argv -- tmux new-session -A -s 0 + end + end + ''; + + plugins = [{ + name = "foreign-env"; + src = pkgs.fetchFromGitHub { + owner = "oh-my-fish"; + repo = "plugin-foreign-env"; + rev = "dddd9213272a0ab848d474d0cbde12ad034e65bc"; + sha256 = "00xqlyl3lffc5l0viin1nyp819wf81fncqyz87jx8ljjdhilmgbs"; + }; + }]; + + # shellInit = + # '' + # # nix + # if test -e /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh + # fenv source /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh + # end + # + # # home-manager + # if test -e $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh + # fenv source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh + # end + # ''; + }; + }; +} diff --git a/modules/home/cli-apps/home-manager/default.nix b/modules/home/cli-apps/home-manager/default.nix new file mode 100644 index 0000000..de21236 --- /dev/null +++ b/modules/home/cli-apps/home-manager/default.nix @@ -0,0 +1,31 @@ +{ lib, config, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf; + inherit (lib.metacfg) enabled; + + cfg = config.metacfg.cli-apps.home-manager; +in +{ + options.metacfg.cli-apps.home-manager = { + enable = mkEnableOption "home-manager"; + }; + + config = mkIf cfg.enable { + programs.home-manager = enabled; + home.sessionVariables = { + EDITOR = "${pkgs.vim}/bin/vim"; + BATDIFF_USE_DELTA = "true"; + }; + + home.shellAliases = { + cat = "${pkgs.bat}/bin/bat --decorations never"; + less = ''${pkgs.bat}/bin/bat --decorations never --paging=always --pager "${pkgs.less}/bin/less -RF"''; + man = "${pkgs.bat-extras.batman}/bin/batman"; + }; + + home.packages = with pkgs; [ + vim + ]; + }; +} diff --git a/modules/home/cli-apps/neovim/default.nix b/modules/home/cli-apps/neovim/default.nix new file mode 100644 index 0000000..9f82fda --- /dev/null +++ b/modules/home/cli-apps/neovim/default.nix @@ -0,0 +1,230 @@ +{ lib, config, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf; + + cfg = config.metacfg.cli-apps.neovim; +in +{ + options.metacfg.cli-apps.neovim = { + enable = mkEnableOption "Neovim"; + }; + + config = mkIf cfg.enable { + programs.neovim-flake = { + enable = true; + # your settings need to go into the settings attrset + settings = { + vim = { + viAlias = false; + vimAlias = false; + debugMode = { + enable = false; + level = 20; + logFile = "/tmp/nvim.log"; + }; + }; + + vim.lsp = { + formatOnSave = true; + lspkind.enable = false; + lightbulb.enable = true; + lspsaga.enable = false; + nvimCodeActionMenu.enable = true; + trouble.enable = true; + lspSignature.enable = true; + lsplines.enable = true; + }; + + vim.debugger = { + nvim-dap = { + enable = true; + ui.enable = true; + }; + }; + + vim.languages = { + enableLSP = true; + enableFormat = true; + enableTreesitter = true; + enableExtraDiagnostics = true; + + nix = { + enable = true; + format.type = "nixpkgs-fmt"; + }; + html.enable = true; + clang = { + enable = true; + lsp.server = "clangd"; + }; + sql.enable = false; + rust = { + enable = true; + crates.enable = true; + }; + java.enable = true; + ts.enable = true; + svelte.enable = true; + go.enable = true; + zig.enable = true; + python.enable = true; + dart.enable = true; + elixir.enable = false; + }; + + vim.visuals = { + enable = true; + nvimWebDevicons.enable = true; + scrollBar.enable = true; + smoothScroll.enable = true; + cellularAutomaton.enable = true; + fidget-nvim.enable = true; + indentBlankline = { + enable = true; + fillChar = null; + eolChar = null; + showCurrContext = true; + }; + cursorline = { + enable = true; + lineTimeout = 0; + }; + }; + + vim.statusline = { + lualine = { + enable = true; + theme = "catppuccin"; + }; + }; + + vim.theme = { + enable = true; + name = "catppuccin"; + style = "mocha"; + transparent = false; + }; + + vim.autopairs.enable = true; + + vim.autocomplete = { + enable = true; + type = "nvim-cmp"; + }; + + vim.filetree = { + nvimTree = { + enable = true; + }; + }; + + vim.tabline = { + nvimBufferline.enable = true; + }; + + vim.treesitter.context.enable = true; + + vim.binds = { + whichKey.enable = true; + cheatsheet.enable = true; + }; + + vim.telescope.enable = true; + + vim.git = { + enable = true; + gitsigns.enable = true; + gitsigns.codeActions = false; # throws an annoying debug message + }; + + vim.minimap = { + minimap-vim.enable = false; + codewindow.enable = true; # lighter, faster, and uses lua for configuration + }; + + vim.dashboard = { + dashboard-nvim.enable = false; + alpha.enable = true; + }; + + vim.notify = { + nvim-notify.enable = true; + }; + + vim.projects = { + project-nvim.enable = true; + }; + + vim.utility = { + ccc.enable = true; + vim-wakatime.enable = false; + icon-picker.enable = true; + surround.enable = true; + diffview-nvim.enable = true; + motion = { + hop.enable = true; + leap.enable = true; + }; + }; + + vim.notes = { + obsidian.enable = false; # FIXME neovim fails to build if obsidian is enabled + orgmode.enable = false; + mind-nvim.enable = true; + todo-comments.enable = true; + }; + + vim.terminal = { + toggleterm = { + enable = true; + lazygit.enable = true; + }; + }; + + vim.ui = { + borders.enable = true; + noice.enable = true; + colorizer.enable = true; + modes-nvim.enable = false; # the theme looks terrible with catppuccin + illuminate.enable = true; + breadcrumbs = { + enable = true; + navbuddy.enable = true; + }; + smartcolumn = { + enable = true; + columnAt.languages = { + # this is a freeform module, it's `buftype = int;` for configuring column position + nix = 110; + ruby = 120; + java = 130; + go = [ 90 130 ]; + }; + }; + }; + + vim.assistant = { + copilot = { + enable = true; + cmp.enable = true; + }; + }; + + vim.session = { + nvim-session-manager.enable = false; + }; + + vim.gestures = { + gesture-nvim.enable = false; + }; + + vim.comments = { + comment-nvim.enable = true; + }; + + vim.spellChecking.languages = [ "en" "de" ]; + }; + }; + }; +} diff --git a/modules/home/cli-apps/starship/default.nix b/modules/home/cli-apps/starship/default.nix new file mode 100644 index 0000000..4f0d6d3 --- /dev/null +++ b/modules/home/cli-apps/starship/default.nix @@ -0,0 +1,32 @@ +{ lib +, config +, pkgs +, ... +}: +let + inherit (lib) mkEnableOption mkIf; + + cfg = config.metacfg.cli-apps.starship; +in +{ + options.metacfg.cli-apps.starship = { + enable = mkEnableOption "starship"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + (pkgs.nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; }) + ]; + programs.starship = { + enable = true; + settings = { + container.format = "[\\[$name\\]]($style) "; + git_status = { + ahead = "⇡$\{count}"; + diverged = "⇕⇡$\{ahead_count}⇣$\{behind_count}"; + behind = "⇣$\{count}"; + }; + }; + }; + }; +} diff --git a/modules/home/cli-apps/tmux/default.nix b/modules/home/cli-apps/tmux/default.nix new file mode 100644 index 0000000..336e82f --- /dev/null +++ b/modules/home/cli-apps/tmux/default.nix @@ -0,0 +1,20 @@ +{ lib +, config +, pkgs +, ... +}: +with lib; +with lib.metacfg; let + cfg = config.metacfg.cli-apps.tmux; +in +{ + options.metacfg.cli-apps.tmux = { + enable = mkEnableOption "Tmux"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + tmux + ]; + }; +} diff --git a/modules/home/host/default.nix b/modules/home/host/default.nix new file mode 100644 index 0000000..4aaba8a --- /dev/null +++ b/modules/home/host/default.nix @@ -0,0 +1,11 @@ +{ lib, config, pkgs, host ? null, format ? "unknown", ... }: + +let + inherit (lib) types; + inherit (lib.metacfg) mkOpt; +in +{ + options.metacfg.host = { + name = mkOpt (types.nullOr types.str) host "The host name."; + }; +} diff --git a/modules/home/tools/alacritty/default.nix b/modules/home/tools/alacritty/default.nix new file mode 100644 index 0000000..aad2262 --- /dev/null +++ b/modules/home/tools/alacritty/default.nix @@ -0,0 +1,22 @@ +{ lib +, config +, pkgs +, ... +}: +let + inherit (lib) mkEnableOption mkIf; + + cfg = config.metacfg.tools.alacritty; +in +{ + options.metacfg.tools.alacritty = { + enable = mkEnableOption "alacritty"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + alacritty + (pkgs.nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; }) + ]; + }; +} diff --git a/modules/home/tools/direnv/default.nix b/modules/home/tools/direnv/default.nix new file mode 100644 index 0000000..a1c83bf --- /dev/null +++ b/modules/home/tools/direnv/default.nix @@ -0,0 +1,18 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.tools.direnv; +in +{ + options.metacfg.tools.direnv = with types; { + enable = mkBoolOpt false "Whether or not to enable direnv."; + }; + + config = mkIf cfg.enable { + programs.direnv = { + enable = true; + nix-direnv = enabled; + }; + }; +} diff --git a/modules/home/tools/git/default.nix b/modules/home/tools/git/default.nix new file mode 100644 index 0000000..b48c5a5 --- /dev/null +++ b/modules/home/tools/git/default.nix @@ -0,0 +1,66 @@ +{ lib, config, pkgs, ... }: + +let + inherit (lib) types mkEnableOption mkIf; + inherit (lib.metacfg) mkOpt enabled; + + cfg = config.metacfg.tools.git; + user = config.metacfg.user; +in +{ + options.metacfg.tools.git = { + enable = mkEnableOption "Git"; + userName = mkOpt types.str user.fullName "The name to configure git with."; + userEmail = mkOpt types.str user.email "The email to configure git with."; + signingKey = + mkOpt types.str "7F3D64824AC0B6B8009E50504BC0896FB5693595" "The key ID to sign commits with."; + signByDefault = mkOpt types.bool false "Whether to sign commits by default."; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + git-delete-merged-branches + delta + ]; + programs.git = { + enable = true; + inherit (cfg) userName userEmail; + lfs = enabled; + signing = { + key = cfg.signingKey; + inherit (cfg) signByDefault; + }; + extraConfig = { + init = { defaultBranch = "main"; }; + pull = { rebase = true; }; + push = { autoSetupRemote = true; }; + core = { whitespace = "trailing-space,space-before-tab"; }; + safe = { + directory = "${user.home}/git"; + }; + "credential \"https://github.com\"" = { + helper = "!gh auth git-credential"; + }; + alias = { + co = "checkout"; + ci = "commit --signoff"; + }; + pull.ff = "only"; + core.pager = "${pkgs.delta}/bin/delta"; + delta = { + features = "decorations"; + syntax-theme = "DarkNeon"; + light = "false"; + navigate = "true"; + }; + interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only"; + merge.conflictStyle = "diff3"; + diff.colorMoved = "default"; + filter.rot8000 = { + clean = "${pkgs.metacfg.rot8000}/bin/rot8000"; + smudge = "${pkgs.metacfg.rot8000}/bin/rot8000"; + }; + }; + }; + }; +} diff --git a/modules/home/tools/jetbrains/default.nix b/modules/home/tools/jetbrains/default.nix new file mode 100644 index 0000000..e2f934b --- /dev/null +++ b/modules/home/tools/jetbrains/default.nix @@ -0,0 +1,21 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.tools.jetbrains; +in +{ + options.metacfg.tools.jetbrains = with types; { + enable = mkBoolOpt false "Whether or not to enable jetbrains."; + }; + + config = mkIf cfg.enable { + home.sessionPath = [ + "$HOME/.local/share/JetBrains/Toolbox/scripts" + ]; + home.packages = with pkgs; [ + jetbrains-toolbox + (pkgs.nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; }) + ]; + }; +} diff --git a/modules/home/tools/ssh/default.nix b/modules/home/tools/ssh/default.nix new file mode 100644 index 0000000..9278a73 --- /dev/null +++ b/modules/home/tools/ssh/default.nix @@ -0,0 +1,24 @@ +{ lib, config, pkgs, ... }: + +let + inherit (lib) types mkEnableOption mkIf; + cfg = config.metacfg.tools.ssh; +in +{ + options.metacfg.tools.ssh = { + enable = mkEnableOption "SSH"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + mosh + ]; + programs.ssh = { + enable = true; + extraConfig = '' + Host * + HostKeyAlgorithms +ssh-rsa + ''; + }; + }; +} diff --git a/modules/home/user/default.nix b/modules/home/user/default.nix new file mode 100644 index 0000000..49dcd68 --- /dev/null +++ b/modules/home/user/default.nix @@ -0,0 +1,50 @@ +{ lib, config, pkgs, osConfig ? { }, ... }: + +let + inherit (lib) types mkIf mkDefault mkMerge; + inherit (lib.metacfg) mkOpt; + + cfg = config.metacfg.user; + + is-linux = pkgs.stdenv.isLinux; + is-darwin = pkgs.stdenv.isDarwin; + + home-directory = + if cfg.name == null then + null + else if is-darwin then + "/Users/${cfg.name}" + else + "/home/${cfg.name}"; +in +{ + options.metacfg.user = { + enable = mkOpt types.bool false "Whether to configure the user account."; + name = mkOpt (types.nullOr types.str) config.snowfallorg.user.name "The user account."; + + fullName = mkOpt types.str "Harald Hoyer" "The full name of the user."; + email = mkOpt types.str "harald@hoyer.xyz" "The email of the user."; + + home = mkOpt (types.nullOr types.str) home-directory "The user's home directory."; + }; + + config = mkIf cfg.enable (mkMerge [ + { + assertions = [ + { + assertion = cfg.name != null; + message = "metacfg.user.name must be set"; + } + { + assertion = cfg.home != null; + message = "metacfg.user.home must be set"; + } + ]; + + home = { + username = mkDefault cfg.name; + homeDirectory = mkDefault cfg.home; + }; + } + ]); +} diff --git a/modules/nixos/home/default.nix b/modules/nixos/home/default.nix new file mode 100644 index 0000000..c7e9591 --- /dev/null +++ b/modules/nixos/home/default.nix @@ -0,0 +1,32 @@ +{ options, config, pkgs, lib, inputs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.home; +in +{ + options.metacfg.home = with types; { + file = mkOpt attrs { } + (mdDoc "A set of files to be managed by home-manager's `home.file`."); + configFile = mkOpt attrs { } + (mdDoc "A set of files to be managed by home-manager's `xdg.configFile`."); + extraOptions = mkOpt attrs { } "Options to pass directly to home-manager."; + }; + + config = { + metacfg.home.extraOptions = { + home.stateVersion = config.system.stateVersion; + home.file = mkAliasDefinitions options.metacfg.home.file; + xdg.enable = true; + xdg.configFile = mkAliasDefinitions options.metacfg.home.configFile; + }; + + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + + users.${config.metacfg.user.name} = + mkAliasDefinitions options.metacfg.home.extraOptions; + }; + }; +} diff --git a/modules/nixos/nix-ld/default.nix b/modules/nixos/nix-ld/default.nix new file mode 100644 index 0000000..3878c83 --- /dev/null +++ b/modules/nixos/nix-ld/default.nix @@ -0,0 +1,135 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.nix-ld; +in +{ + options.metacfg.nix-ld = with types; { + enable = mkBoolOpt false "Whether or not to enable nix-ld."; + }; + + config = mkIf cfg.enable { + + programs.nix-ld.enable = true; + + # Sets up all the libraries to load + programs.nix-ld.libraries = with pkgs; [ + SDL + SDL2 + SDL2_image + SDL2_mixer + SDL2_ttf + SDL_image + SDL_mixer + SDL_ttf + alsa-lib + at-spi2-atk + at-spi2-core + atk + bzip2 + cairo + cups + curlWithGnuTls + dbus + dbus-glib + desktop-file-utils + e2fsprogs + expat + flac + fontconfig + freeglut + freetype + fribidi + fuse + fuse3 + gdk-pixbuf + glew110 + glib + gmp + gst_all_1.gst-plugins-base + gst_all_1.gst-plugins-ugly + gst_all_1.gstreamer + gtk2 + harfbuzz + icu + keyutils.lib + libGL + libGLU + libappindicator-gtk2 + libcaca + libcanberra + libcap + libclang.lib + libdbusmenu + libdrm + libgcrypt + libgpg-error + libidn + libjack2 + libjpeg + libmikmod + libogg + libpng12 + libpulseaudio + librsvg + libsamplerate + libsecret + libthai + libtheora + libtiff + libudev0-shim + libusb1 + libuuid + libvdpau + libvorbis + libvpx + libxcrypt-legacy + libxkbcommon + libxml2 + mesa + nspr + nss + openssl + p11-kit + pango + pixman + python3 + speex + stdenv.cc.cc + tbb + udev + vulkan-loader + wayland + xorg.libICE + xorg.libSM + xorg.libX11 + xorg.libXScrnSaver + xorg.libXcomposite + xorg.libXcursor + xorg.libXdamage + xorg.libXext + xorg.libXfixes + xorg.libXft + xorg.libXi + xorg.libXinerama + xorg.libXmu + xorg.libXrandr + xorg.libXrender + xorg.libXt + xorg.libXtst + xorg.libXxf86vm + xorg.libpciaccess + xorg.libxcb + xorg.xcbutil + xorg.xcbutilimage + xorg.xcbutilkeysyms + xorg.xcbutilrenderutil + xorg.xcbutilwm + xorg.xkeyboardconfig + xz + zlib + ]; + + }; +} diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix new file mode 100644 index 0000000..fff517b --- /dev/null +++ b/modules/nixos/nix/default.nix @@ -0,0 +1,94 @@ +{ options, config, pkgs, lib, inputs, ... }: + +with lib; +with lib.metacfg; +let + cfg = config.metacfg.nix; + + substituters-submodule = types.submodule ({ name, ... }: { + options = with types; { + key = mkOpt (nullOr str) null "The trusted public key for this substituter."; + }; + }); +in +{ + options.metacfg.nix = with types; { + enable = mkBoolOpt false "Whether or not to manage nix configuration."; + package = mkOpt package pkgs.nix "Which nix package to use."; + + default-substituter = { + url = mkOpt str "https://cache.nixos.org" "The url for the substituter."; + key = mkOpt str "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" "The trusted public key for the substituter."; + }; + + extra-substituters = mkOpt (attrsOf substituters-submodule) { } "Extra substituters to configure."; + }; + + config = mkIf cfg.enable { + assertions = mapAttrsToList + (name: value: { + assertion = value.key != null; + message = "metacfg.nix.extra-substituters.${name}.key must be set"; + }) + cfg.extra-substituters; + + environment.systemPackages = with pkgs; [ + metacfg.nixos-revision + (metacfg.nixos-hosts.override { + hosts = inputs.self.nixosConfigurations; + }) + deploy-rs + nixfmt + nix-index + nix-prefetch-git + nix-output-monitor + ]; + + nix = + let + users = [ "root" config.metacfg.user.name ] ++ + optional config.services.hydra.enable "hydra"; + extra-substituters = cfg.extra-substituters // { + "https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; + }; + in + { + package = cfg.package; + + settings = { + experimental-features = "nix-command flakes"; + http-connections = 50; + warn-dirty = false; + log-lines = 50; + sandbox = "relaxed"; + auto-optimise-store = true; + trusted-users = users; + allowed-users = users; + + substituters = + [ cfg.default-substituter.url ] + ++ + (mapAttrsToList (name: value: name) extra-substituters); + trusted-public-keys = + [ cfg.default-substituter.key ] + ++ + (mapAttrsToList (name: value: value.key) extra-substituters); + + } // (lib.optionalAttrs config.metacfg.tools.direnv.enable { + keep-outputs = true; + keep-derivations = true; + }); + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # flake-utils-plus + generateRegistryFromInputs = true; + generateNixPathFromInputs = true; + linkInputs = true; + }; + }; +} diff --git a/modules/nixos/services/base/default.nix b/modules/nixos/services/base/default.nix new file mode 100644 index 0000000..18493d3 --- /dev/null +++ b/modules/nixos/services/base/default.nix @@ -0,0 +1,159 @@ +{ options +, config +, lib +, pkgs +, ... +}: +with lib; +with lib.metacfg; +let + cfg = config.metacfg.base; + gitconfig = pkgs.writeText "gitconfig" '' + [filter "rot8000"] + smudge = ${pkgs.metacfg.rot8000}/bin/rot8000 + clean = ${pkgs.metacfg.rot8000}/bin/rot8000 + ''; +in +{ + options.metacfg.base = with types; { + enable = mkBoolOpt false "Whether or not to enable the base config."; + + }; + + config = mkIf cfg.enable { + # Configure console keymap + console.keyMap = lib.mkDefault "us"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MESSAGES = "en_US.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + + environment = { + sessionVariables = { PATH = "$HOME/bin:$HOME/.cargo/bin"; }; + systemPackages = with pkgs; [ + age + bash + cifs-utils + clevis + delta + efibootmgr + git + git-crypt + git-delete-merged-branches + home-manager + htop + mosh + nixpkgs-fmt + openssl + restic + rrsync + sbctl + sops + strace + tmux + tpm2-pkcs11 + tpm2-pkcs11.out + tpm2-tools + vim + virt-manager + wget + ]; + shells = [ pkgs.fish pkgs.bash ]; + }; + + hardware = { + cpu = { + amd.updateMicrocode = lib.mkDefault true; + intel.updateMicrocode = lib.mkDefault true; + }; + enableRedistributableFirmware = lib.mkDefault true; + enableAllFirmware = true; + opengl.extraPackages = with pkgs; [ intel-compute-runtime ]; + }; + + programs = { + dconf.enable = true; + bash = { + ## shellInit = '' + interactiveShellInit = '' + bind '"\e[A": history-search-backward' + bind '"\e[B": history-search-forward' + ''; + }; + starship.enable = true; + mosh.enable = true; + vim.defaultEditor = true; + fish.enable = true; + }; + + # powerManagement.cpuFreqGovernor = "ondemand"; + + services = { + dbus.implementation = "broker"; + dbus.packages = [ pkgs.gcr ]; + fwupd.enable = true; + openssh = { + enable = true; + settings.PermitRootLogin = "prohibit-password"; + settings.X11Forwarding = true; + }; + }; + + security = { + tpm2.enable = lib.mkDefault true; + tpm2.abrmd.enable = lib.mkDefault true; + sudo = { + enable = true; + wheelNeedsPassword = false; + }; + }; + + time.timeZone = "Europe/Berlin"; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNsmP15vH8BVKo7bdvIiiEjiQboPGcRPqJK0+bH4jKD harald@lenovo.fritz.box" + "sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBACLgT81iB1iWWVuXq6PdQ5GAAGhaZhSKnveQCvcNnAOZ5WKH80bZShKHyAYzrzbp8IGwLWJcZQ7TqRK+qZdfagAAAAEc3NoOg== harald@hoyer.xyz" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDsb/Tr69YN5MQLweWPuJaRGm+h2kOyxfD6sqKEDTIwoAAAABHNzaDo= harald@fedora.fritz.box" + ]; + + boot = { + tmp.cleanOnBoot = true; + loader = { + systemd-boot.enable = lib.mkDefault true; + efi.canTouchEfiVariables = true; + timeout = 2; + }; + initrd.systemd.enable = true; + kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest; + }; + + system.autoUpgrade = { + flags = [ + "--update-input" + "nixpkgs" + "--update-input" + "unstable" + "--no-write-lock-file" + "-L" + ]; + flake = "git+https://git.hoyer.xyz/harald/nixcfg"; + }; + systemd.services.nixos-upgrade = { + path = [ pkgs.metacfg.rot8000 ]; + environment.GIT_CONFIG_GLOBAL = toString gitconfig; + }; + + virtualisation.libvirtd.enable = true; + + }; +} diff --git a/modules/nixos/services/gui/default.nix b/modules/nixos/services/gui/default.nix new file mode 100644 index 0000000..322dc25 --- /dev/null +++ b/modules/nixos/services/gui/default.nix @@ -0,0 +1,138 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.gui; +in +{ + options.metacfg.gui = with types; { + enable = mkBoolOpt false "Whether or not to enable a GUI."; + }; + + config = mkIf cfg.enable { + services = { + gnome.tracker-miners.enable = lib.mkForce false; + + flatpak.enable = true; + + pcscd.enable = lib.mkDefault false; + + # Enable CUPS to print documents. + printing.enable = true; + + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + udev.packages = [ + pkgs.libu2f-host + pkgs.yubikey-personalization + ]; + + xserver = { + layout = lib.mkDefault "de+us"; + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; + }; + #security.pam.p11.control = "sufficient"; + #security.pam.p11.control = "required"; + #security.pam.p11.enable = true; + # services.fprintd.enable = true; + #security.pam.yubico.enable = true; + #security.pam.yubico.control = "sufficient"; + #security.pam.yubico.mode = "challenge-response"; + + #security.tpm2.pkcs11.enable = true; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + + security.rtkit.enable = true; + + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + enableBrowserSocket = true; + }; + + environment.systemPackages = with pkgs; [ + bat + cardpeek + ccache + clang + dive + file + firefox + gh + git + gimp + gnome.gnome-software + gnomeExtensions.appindicator + gnomeExtensions.dash-to-panel + gnomeExtensions.hibernate-status-button + gnomeExtensions.vitals + gnupg + go + jetbrains-toolbox + jq + kbfs + libu2f-host + mosh + mosh + nixpkgs-fmt + opensc + pasystray + #pcsctools + pinentry-gnome + pkg-config + ripgrep + slack + spotify + statix + thunderbird + tmux + vim + wl-clipboard + yubikey-personalization + yubikey-manager-qt + zellij + rustup + ]; + + #----=[ Fonts ]=----# + fonts = { + enableDefaultPackages = false; + packages = with pkgs; [ + noto-fonts-emoji + liberation_ttf + freefont_ttf + (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; }) + ]; + + fontconfig = { + enable = true; + defaultFonts = { + serif = [ "Liberation" ]; + sansSerif = [ "Liberation" ]; + monospace = [ "JetBrainsMono" ]; + emoji = [ "Noto Color Emoji" ]; + }; + }; + }; + + # remote desktop + networking.firewall.allowedTCPPorts = [ 3389 ]; + }; +} diff --git a/modules/nixos/services/podman/default.nix b/modules/nixos/services/podman/default.nix new file mode 100644 index 0000000..51e0d63 --- /dev/null +++ b/modules/nixos/services/podman/default.nix @@ -0,0 +1,25 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.podman; +in +{ + options.metacfg.podman = with types; { + enable = mkBoolOpt false "Whether or not to enable podman."; + }; + + config = mkIf cfg.enable { + virtualisation = { + podman = { + enable = true; + + # Create a `docker` alias for podman, to use it as a drop-in replacement + dockerCompat = lib.mkDefault true; + + # For Nixos version > 22.11 + defaultNetwork.settings = { dns_enabled = true; }; + }; + }; + }; +} diff --git a/modules/nixos/services/secureboot/default.nix b/modules/nixos/services/secureboot/default.nix new file mode 100644 index 0000000..e0e51d4 --- /dev/null +++ b/modules/nixos/services/secureboot/default.nix @@ -0,0 +1,21 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.secureboot; +in +{ + options.metacfg.secureboot = with types; { + enable = mkBoolOpt false "Whether or not to enable secureboot."; + }; + + config = mkIf cfg.enable { + boot = { + lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + loader.systemd-boot.enable = lib.mkForce false; + }; + }; +} diff --git a/modules/nixos/sgx/aesmd_dcap/default.nix b/modules/nixos/sgx/aesmd_dcap/default.nix new file mode 100644 index 0000000..a68e50e --- /dev/null +++ b/modules/nixos/sgx/aesmd_dcap/default.nix @@ -0,0 +1,30 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let + cfg = config.metacfg.aesmd_dcap; +in +{ + options.metacfg.aesmd_dcap = with types; { + enable = mkBoolOpt false "Whether or not to enable aesmd in dcap mode."; + }; + + config = mkIf cfg.enable { + metacfg = { + nix.extra-substituters = { + "https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; + }; + }; + services.aesmd = { + enable = true; + quoteProviderLibrary = pkgs.nixsgx.sgx-dcap.default_qpl; + }; + systemd.services.aesmd = { + environment.LD_LIBRARY_PATH = lib.mkForce (lib.makeLibraryPath [ pkgs.nixsgx.sgx-dcap.default_qpl pkgs.curl.out ]); + serviceConfig.BindReadOnlyPaths = [ + "/etc/sgx_default_qcnl.conf" + ]; + }; + }; +} diff --git a/modules/nixos/sgx/pccs/default.nix b/modules/nixos/sgx/pccs/default.nix new file mode 100644 index 0000000..86c715a --- /dev/null +++ b/modules/nixos/sgx/pccs/default.nix @@ -0,0 +1,69 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let + cfg = config.metacfg.pccs; + cfg_podman = config.metacfg.podman; +in +{ + options.metacfg.pccs = with types; { + enable = mkBoolOpt false "Whether or not to enable a SGX-DCAP."; + secret = mkOption { + type = with types; nullOr path; + default = null; + example = literalExpression "config.sops.secrets.pccs.path"; + description = lib.mdDoc "path to the pccs secret file"; + }; + }; + + config = mkIf cfg.enable { + assertions = [ + { + assertion = cfg.secret != null; + message = "path to the pccs secret file is required when pccs is enabled"; + } + { + assertion = cfg_podman.enable; + message = "podman must be enabled when pccs is enabled"; + } + ]; + + metacfg = { + nix.extra-substituters = { + "https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; + }; + }; + + virtualisation.oci-containers.backend = "podman"; + virtualisation.oci-containers.containers = { + # podman run --pull=always --name pccs -it --rm -v /dev/log:/dev/log --secret PCCS_CONFIG,type=mount -p 8081:8081 registry.gitlab.com/haraldh/pccs:pccs_1_19 + pccs = { + image = "docker.io/backslashhh/pccs:dcap_1_19"; + autoStart = true; + ports = [ "8081:8081" ]; + extraOptions = [ + "--volume=/dev/log:/dev/log" + "--secret=PCCS_CONFIG,type=mount" + ]; + }; + }; + + systemd.services.pccs-secret = + { + description = "Inject pccs secret"; + wantedBy = [ "multi-user.target" ]; + before = [ "podman-pccs.service" ]; + + serviceConfig = { + EnvironmentFile = cfg.secret; + ExecStart = '' + -${pkgs.podman}/bin/podman secret create --env PCCS_CONFIG PCCS_CONFIG + ''; + RemainAfterExit = true; + }; + }; + + + }; +} diff --git a/modules/nixos/tools/direnv/default.nix b/modules/nixos/tools/direnv/default.nix new file mode 100644 index 0000000..c6c6066 --- /dev/null +++ b/modules/nixos/tools/direnv/default.nix @@ -0,0 +1,20 @@ +{ options, config, lib, pkgs, ... }: + +with lib; +with lib.metacfg; +let cfg = config.metacfg.tools.direnv; +in +{ + options.metacfg.tools.direnv = with types; { + enable = mkBoolOpt false "Whether or not to enable direnv."; + }; + + config = mkIf cfg.enable { + metacfg.home.extraOptions = { + programs.direnv = { + enable = true; + nix-direnv = enabled; + }; + }; + }; +} diff --git a/modules/nixos/tools/git/default.nix b/modules/nixos/tools/git/default.nix new file mode 100644 index 0000000..7bdafa4 --- /dev/null +++ b/modules/nixos/tools/git/default.nix @@ -0,0 +1,61 @@ +{ options, config, pkgs, lib, ... }: + +with lib; +with lib.metacfg; +let + cfg = config.metacfg.tools.git; + gpg = config.metacfg.security.gpg; + user = config.metacfg.user; +in +{ + options.metacfg.tools.git = with types; { + enable = mkBoolOpt false "Whether or not to install and configure git."; + userName = mkOpt types.str user.fullName "The name to configure git with."; + userEmail = mkOpt types.str user.email "The email to configure git with."; + signingKey = + mkOpt types.str "9762169A1B35EA68" "The key ID to sign commits with."; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ git ]; + + metacfg.home.extraOptions = { + programs.git = { + enable = true; + inherit (cfg) userName userEmail; + lfs = enabled; + signing = { + key = cfg.signingKey; + signByDefault = mkIf gpg.enable true; + }; + extraConfig = { + init = { defaultBranch = "main"; }; + pull = { rebase = true; }; + push = { autoSetupRemote = true; }; + core = { whitespace = "trailing-space,space-before-tab"; }; + safe = { + directory = "${user.home}/git"; + }; + "credential \"https://github.com\"" = { + helper = "!gh auth git-credential"; + }; + alias = { + co = "checkout"; + ci = "commit --signoff"; + }; + pull.ff = "only"; + core.pager = "${pkgs.delta}/bin/delta"; + delta = { + features = "decorations"; + syntax-theme = "DarkNeon"; + light = "false"; + navigate = "true"; + }; + interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only"; + merge.conflictStyle = "diff3"; + diff.colorMoved = "default"; + }; + }; + }; + }; +} diff --git a/modules/nixos/user/default.nix b/modules/nixos/user/default.nix new file mode 100644 index 0000000..ddcc640 --- /dev/null +++ b/modules/nixos/user/default.nix @@ -0,0 +1,104 @@ +{ options +, config +, pkgs +, lib +, ... +}: +with lib; +with lib.metacfg; let + cfg = config.metacfg.user; + defaultIconFileName = "profile.jpg"; + defaultIcon = pkgs.stdenvNoCC.mkDerivation { + name = "default-icon"; + src = ./. + "/${defaultIconFileName}"; + + dontUnpack = true; + + installPhase = '' + cp $src $out + ''; + + passthru = { fileName = defaultIconFileName; }; + }; + propagatedIcon = + pkgs.runCommandNoCC "propagated-icon" + { passthru = { fileName = cfg.icon.fileName; }; } + '' + local target="$out/share/metacfg-icons/user/${cfg.name}" + mkdir -p "$target" + + cp ${cfg.icon} "$target/${cfg.icon.fileName}" + ''; +in +{ + options.metacfg.user = with types; { + name = mkOpt str "harald" "The name to use for the user account."; + fullName = mkOpt str "Harald Hoyer" "The full name of the user."; + email = mkOpt str "harald@hoyer.xyz" "The email of the user."; + initialPassword = + mkOpt str "password" + "The initial password to use when the user is first created."; + icon = + mkOpt (nullOr package) defaultIcon + "The profile picture to use for the user."; + prompt-init = mkBoolOpt true "Whether or not to show an initial message when opening a new shell."; + extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned."; + sshKeys = mkOpt (listOf str) [ + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDsb/Tr69YN5MQLweWPuJaRGm+h2kOyxfD6sqKEDTIwoAAAABHNzaDo= harald@fedora.fritz.box" + "sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBACLgT81iB1iWWVuXq6PdQ5GAAGhaZhSKnveQCvcNnAOZ5WKH80bZShKHyAYzrzbp8IGwLWJcZQ7TqRK+qZdfagAAAAEc3NoOg== harald@hoyer.xyz" + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAYbUTKpy4QR3s944/hjJ1UK05asFEs/SmWeUbtS0cdA660sT4xHnRfals73FicOoz+uIucJCwn/SCM804j+wtM=" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNsmP15vH8BVKo7bdvIiiEjiQboPGcRPqJK0+bH4jKD harald@lenovo.fritz.box" + ] "ssh keys"; + extraOptions = + mkOpt attrs { } + (mdDoc "Extra options passed to `users.users.`."); + }; + + config = { + environment.systemPackages = with pkgs; [ + ]; + + metacfg.home = { + file = { + "Desktop/.keep".text = ""; + "Documents/.keep".text = ""; + "Downloads/.keep".text = ""; + "Music/.keep".text = ""; + "Pictures/.keep".text = ""; + "Videos/.keep".text = ""; + "work/.keep".text = ""; + ".face".source = cfg.icon; + "Pictures/${ + cfg.icon.fileName or (builtins.baseNameOf cfg.icon) + }".source = + cfg.icon; + }; + extraOptions.programs.bash.initExtra = '' + [[ $WANT_BASH ]] || ${pkgs.fish}/bin/fish -l + ''; + }; + + users.users.${cfg.name} = + { + isNormalUser = true; + + # inherit (cfg) name initialPassword; + + openssh.authorizedKeys.keys = cfg.sshKeys; + home = "/home/${cfg.name}"; + group = "users"; + + shell = pkgs.bash; + + # Arbitrary user ID to use for the user. Since I only + # have a single user on my machines this won't ever collide. + # However, if you add multiple users you'll need to change this + # so each user has their own unique uid (or leave it out for the + # system to select). + uid = 1000; + + extraGroups = [ ] ++ cfg.extraGroups; + } + // cfg.extraOptions; + }; +} diff --git a/modules/nixos/user/profile.jpg b/modules/nixos/user/profile.jpg new file mode 100644 index 0000000..1188670 Binary files /dev/null and b/modules/nixos/user/profile.jpg differ diff --git a/overlays/jetbrains-toolbox/default.nix b/overlays/jetbrains-toolbox/default.nix new file mode 100644 index 0000000..94485f7 --- /dev/null +++ b/overlays/jetbrains-toolbox/default.nix @@ -0,0 +1,5 @@ +{ channels, ... }: +final: prev: +{ + inherit (channels.unstable) jetbrains-toolbox; +} diff --git a/overlays/nixsgx/default.nix b/overlays/nixsgx/default.nix new file mode 100644 index 0000000..66b492e --- /dev/null +++ b/overlays/nixsgx/default.nix @@ -0,0 +1,5 @@ +{ channels, ... }: +final: prev: +{ + inherit (channels.nixpkgs.nixsgx) sgx-psw; +} diff --git a/packages/nixos-hosts/default.nix b/packages/nixos-hosts/default.nix new file mode 100644 index 0000000..432ba36 --- /dev/null +++ b/packages/nixos-hosts/default.nix @@ -0,0 +1,49 @@ +{ lib +, writeText +, writeShellApplication +, substituteAll +, gum +, inputs +, hosts ? { } +, ... +}: + +let + inherit (lib) mapAttrsToList concatStringsSep; + inherit (lib.metacfg) override-meta; + + substitute = args: builtins.readFile (substituteAll args); + + formatted-hosts = mapAttrsToList + (name: host: "${name},${host.pkgs.system}") + hosts; + + hosts-csv = writeText "hosts.csv" '' + Name,System + ${concatStringsSep "\n" formatted-hosts} + ''; + + nixos-hosts = writeShellApplication { + name = "nixos-hosts"; + + text = substitute { + src = ./nixos-hosts.sh; + + help = ./help; + hosts = if hosts == { } then "" else hosts-csv; + }; + + checkPhase = ""; + + runtimeInputs = [ + gum + ]; + }; + + new-meta = with lib; { + description = "A helper to list all of the NixOS hosts available from your flake."; + license = licenses.asl20; + maintainers = with maintainers; [ jakehamilton ]; + }; +in +override-meta new-meta nixos-hosts diff --git a/packages/nixos-hosts/help/nixos-hosts.sh b/packages/nixos-hosts/help/nixos-hosts.sh new file mode 100644 index 0000000..eef512d --- /dev/null +++ b/packages/nixos-hosts/help/nixos-hosts.sh @@ -0,0 +1,16 @@ +echo -e " +${text_bold}${text_fg_blue}nixos-hosts${text_reset} + +${text_bold}DESCRIPTION${text_reset} + + Show NixOS hosts from your flake. + +${text_bold}USAGE${text_reset} + + ${text_dim}\$${text_reset} ${text_bold}nixos-hosts${text_reset} [options] + +${text_bold}OPTIONS${text_reset} + + --help, -h Show this help message + --debug Show debug messages +" diff --git a/packages/nixos-hosts/nixos-hosts.sh b/packages/nixos-hosts/nixos-hosts.sh new file mode 100644 index 0000000..6532660 --- /dev/null +++ b/packages/nixos-hosts/nixos-hosts.sh @@ -0,0 +1,324 @@ +#!/usr/bin/env bash + +#==============================# +# Global # +#==============================# + +DEBUG=${DEBUG:-"false"} + +#==============================# +# Injected # +#==============================# + +hosts="@hosts@" +help_root="@help@" + +#==============================# +# Logging # +#==============================# + +text_reset="\e[m" +text_bold="\e[1m" +text_dim="\e[2m" +text_italic="\e[3m" +text_underline="\e[4m" +text_blink="\e[5m" +text_highlight="\e[7m" +text_hidden="\e[8m" +text_strike="\e[9m" + +text_fg_red="\e[38;5;1m" +text_fg_green="\e[38;5;2m" +text_fg_yellow="\e[38;5;3m" +text_fg_blue="\e[38;5;4m" +text_fg_magenta="\e[38;5;5m" +text_fg_cyan="\e[38;5;6m" +text_fg_white="\e[38;5;7m" +text_fg_dim="\e[38;5;8m" + +text_bg_red="\e[48;5;1m" +text_bg_green="\e[48;5;2m" +text_bg_yellow="\e[48;5;3m" +text_bg_blue="\e[48;5;4m" +text_bg_magenta="\e[48;5;5m" +text_bg_cyan="\e[48;5;6m" +text_bg_white="\e[48;5;7m" +text_bg_dim="\e[48;5;8m" + +# Usage: log_info +log_info() { + echo -e "${text_fg_blue}info${text_reset} $1" +} + +# Usage: log_todo +log_todo() { + echo -e "${text_bg_magenta}${text_fg_white}todo${text_reset} $1" +} + +# Usage: log_debug +log_debug() { + if [[ $DEBUG == true ]]; then + echo -e "${text_fg_dim}debug${text_reset} $1" + fi +} + +# Usage: log_warn +log_warn() { + echo -e "${text_fg_yellow}warn${text_reset} $1" +} + +# Usage: log_error +log_error() { + echo -e "${text_fg_red}error${text_reset} $1" +} + +# Usage: log_fatal [exit-code] +log_fatal() { + echo -e "${text_fg_white}${text_bg_red}fatal${text_reset} $1" + + if [ -z ${2:-} ]; then + exit 1 + else + exit $2 + fi +} + +# Usage: clear_previous_line [number] +clear_line() { + echo -e "\e[${1:-"1"}A\e[2K" +} + +# Usage: +# rewrite_line +# rewrite_line +rewrite_line() { + if [[ $# == 1 ]]; then + echo -e "\e[1A\e[2K${1}" + else + echo -e "\e[${1}A\e[2K${2}" + fi +} + +#==============================# +# Options # +#==============================# +positional_args=() + +opt_help=false +opt_pick=false +opt_list=false + +# Usage: missing_value