dave/nix-config
1
0
Fork 0
mirror of https://github.com/davegallant/nix-config synced 2026-03-04 17:36:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: dave:main
Branches Tags
dave:main
..
compare: dave:0d705f12d3519038c8eaa1e7bf3d76ebeff4ce80
Branches Tags
dave:main

1 Commits
main ... 0d705f12d3

Author SHA1 Message Date
Dave Gallant
0d705f12d3 Add commit.gpgsign = true to git config 2025-12-14 11:56:13 -05:00
13 changed files with 585 additions and 494 deletions
Expand all files Collapse all files

4
.github/workflows/cachix.yml vendored
View File

@@ -16,8 +16,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@v6
- uses: cachix/install-nix-action@v31 - uses: cachix/install-nix-action@v31
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v16 - uses: cachix/cachix-action@v16
with: with:
name: davegallant name: davegallant
authToken: '${{ secrets.CACHIX_API_KEY }}' authToken: '${{ secrets.CACHIX_API_KEY }}'
- run: nix build .#nixosConfigurations.hephaestus.config.system.build.toplevel --json | jq -r '.[].outputs | to_entries[].value' | cachix push davegallant - run: nix-build | cachix push davegallant

20
README.md
View File

@@ -28,6 +28,7 @@ The configuration is very specific to my own machines and setup, but it may be a
## Prerequisites ## Prerequisites
- [NixOS](nixos.org) (Linux) - [NixOS](nixos.org) (Linux)
- [Determinate Nix](https://determinate.systems/nix-installer) (macOS)
- [just](https://github.com/casey/just) - [just](https://github.com/casey/just)
## Build ## Build
@@ -63,22 +64,3 @@ To cleanup previous files, run nix garbage collection:
```sh ```sh
just clean just clean
``` ```
## Restoring from a live USB
If the bootloader for some reason breaks (i.e. motherboard firmware upgrade), restore it from a live USB by running the following commands:
```console
$ sudo cryptsetup luksOpen /dev/nvme0n1p2 crypted-nixos
Enter passphrase for /dev/nvme0n1p2: ********
$ sudo mount /dev/vg/root /mnt
$ sudo mount /dev/nvme0n1p1 /mnt/boot/efi
$ sudo nixos-enter --root /mnt
$ hostname <hostname>
```
Navigate to the nix-config directory and run:
```sh
just rebuild-boot
```

94
common-packages.nix Normal file
View File

@@ -0,0 +1,94 @@
{
pkgs,
unstable,
...
}:
{
environment.systemPackages = with pkgs; [
# essentials
curl
gnumake
gnupg
jq
unzip
xclip
xdg-utils
zip
# modern cli
atuin
bat
cd-fzf
doggo
eza
fd
github-cli
hadolint
lazygit
progress
ripgrep
shellcheck
shfmt
viddy
yq-go
# containers
unstable.argocd
unstable.k9s
unstable.krew
unstable.kubecolor
unstable.kubectl
unstable.kubectx
unstable.kubernetes-helm
unstable.stern
# cloud
awscli2
google-cloud-sdk
terraform
# lsp
nodePackages.bash-language-server
nodePackages.eslint
nodePackages.yaml-language-server
terraform-ls
# monitoring
btop
# golang
gofumpt
golangci-lint
gopls
# rust
rustup
# js
nodejs
nodePackages.prettier
nodePackages.yarn
# networking
arp-scan
dnsutils
iperf
nmap
openssl
openvpn
tcpdump
# nix
nix-tree
nixfmt-rfc-style
nixpkgs-review
nvd
# python
poetry
virtualenv
# media
yt-dlp
];
}

350
flake.lock generated
View File

@@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1772129556, "lastModified": 1765066094,
"narHash": "sha256-Utk0zd8STPsUJPyjabhzPc5BpPodLTXrwkpXBHYnpeg=", "narHash": "sha256-0YSU35gfRFJzx/lTGgOt6ubP8K6LeW0vaywzNNqxkl4=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "ebec37af18215214173c98cf6356d0aca24a2585", "rev": "688427b1aab9afb478ca07989dc754fa543e03d5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -21,7 +21,101 @@
"type": "github" "type": "github"
} }
}, },
"determinate": {
"inputs": {
"determinate-nixd-aarch64-darwin": "determinate-nixd-aarch64-darwin",
"determinate-nixd-aarch64-linux": "determinate-nixd-aarch64-linux",
"determinate-nixd-x86_64-linux": "determinate-nixd-x86_64-linux",
"nix": "nix",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1765254444,
"narHash": "sha256-kAO/ZeBnjaF+uqOP6qweXlRk2ylocLuv/9Dn8FsuPlU=",
"rev": "3ccc0297525e51ac3d7905509e0616c9c8350108",
"revCount": 316,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.14.0/019b0160-c5de-7941-9c26-cb47bc17eec3/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/determinate/%2A"
}
},
"determinate-nixd-aarch64-darwin": {
"flake": false,
"locked": {
"narHash": "sha256-6PWoqx52nvlWzlElTjcn7KAPKitfcKZYEFSsC3PoEoE=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/macOS"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/macOS"
}
},
"determinate-nixd-aarch64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-b1e25BUPL7Qf0QVbYlfZ/+QiClrP/SHIjMPtA47aOLc=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/aarch64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/aarch64-linux"
}
},
"determinate-nixd-x86_64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-8EI2f8IftPcRFlR6K4+cpIEAVf5UIeMCjHysEtVqDw0=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/x86_64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/x86_64-linux"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": [
"determinate",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1748821116,
"narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=",
"rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1",
"revCount": 377,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/hercules-ci/flake-parts/0.1.377%2Brev-49f0870db23e8c1ca0b5259734a02cd9e1e371a1/01972f28-554a-73f8-91f4-d488cc502f08/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1"
}
},
"flake-parts_2": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixvim", "nixvim",
@@ -29,29 +123,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1768135262, "lastModified": 1765495779,
"narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", "narHash": "sha256-MhA7wmo/7uogLxiewwRRmIax70g6q1U/YemqTGoFHlM=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", "rev": "5635c32d666a59ec9a55cab87e898889869f7b71",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1769996383,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -96,16 +172,42 @@
"type": "github" "type": "github"
} }
}, },
"home-manager": { "git-hooks-nix": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "flake-compat": "flake-compat",
"gitignore": [
"determinate",
"nix"
],
"nixpkgs": [
"determinate",
"nix",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1772302941, "lastModified": 1747372754,
"narHash": "sha256-TL3+ckbOTILXrR0qSK3dJj2BJ0S5yz/YSsUF1oEgd9g=", "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
"rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
"revCount": 1026,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/cachix/git-hooks.nix/0.1.1026%2Brev-80479b6ec16fefd9c1db3ea13aeb038c60530f46/0196d79a-1b35-7b8e-a021-c894fb62163d/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941"
}
},
"home-manager": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1765605144,
"narHash": "sha256-RM2xs+1HdHxesjOelxoA3eSvXShC8pmBvtyTke4Ango=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "9b9142b5fe214c2adabe86257c33e022372b7c96", "rev": "90b62096f099b73043a747348c11dbfcfbdea949",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -143,44 +245,96 @@
"type": "github" "type": "github"
} }
}, },
"nix": {
"inputs": {
"flake-parts": "flake-parts",
"git-hooks-nix": "git-hooks-nix",
"nixpkgs": "nixpkgs",
"nixpkgs-23-11": "nixpkgs-23-11",
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1765252170,
"narHash": "sha256-p98D44tYJMgB5Qet5S8cTQFdffk/GmoaGkpQtZ3hqJU=",
"rev": "1ddd28880651054346c34009d7bb9de36f1db2c1",
"revCount": 23362,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.14.0/019b0159-8907-7fab-a120-9d287c7e6d2e/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/nix-src/%2A"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1771903837, "lastModified": 1761597516,
"narHash": "sha256-sdaqdnsQCv3iifzxwB22tUwN/fSHoN7j2myFW5EIkGk=", "narHash": "sha256-wxX7u6D2rpkJLWkZ2E932SIvDJW8+ON/0Yy8+a5vsDU=",
"rev": "daf6dc47aa4b44791372d6139ab7b25269184d55",
"revCount": 811874,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.2505.811874%2Brev-daf6dc47aa4b44791372d6139ab7b25269184d55/019a3494-3498-707e-9086-1fb81badc7fe/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/NixOS/nixpkgs/0.2505"
}
},
"nixpkgs-23-11": {
"locked": {
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e764fc9a405871f1f6ca3d1394fb422e0a0c3951", "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-25.11", "repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1765719588,
"narHash": "sha256-0VT36Ig9Z5rgXtQ4dgVgrDPS1UrASffWC/r4O9zFUaE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f9a7fdd6101319fb1220d0905909aea54e5d8999",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": { "nixpkgs-regression": {
"locked": { "locked": {
"lastModified": 1769909678, "lastModified": 1643052045,
"narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "nix-community", "owner": "NixOS",
"repo": "nixpkgs.lib", "repo": "nixpkgs",
"rev": "72716169fe93074c333e8d0173151350670b824c", "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "NixOS",
"repo": "nixpkgs.lib", "repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1772198003, "lastModified": 1765472234,
"narHash": "sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE=", "narHash": "sha256-9VvC20PJPsleGMewwcWYKGzDIyjckEz8uWmT0vCDYK0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "dd9b079222d43e1943b6ebd802f04fd959dc8e61", "rev": "2fbfb1d73d239d2402a8fe03963e37aab15abe8b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -192,11 +346,25 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1772047000, "lastModified": 1764611609,
"narHash": "sha256-7DaQVv4R97cii/Qdfy4tmDZMB2xxtyIvNGSwXBBhSmo=", "narHash": "sha256-yU9BNcP0oadUKupw0UKmO9BKDOVIg9NStdJosEbXf8U=",
"rev": "8c29968b3a942f2903f90797f9623737c215737c",
"revCount": 905078,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.905078%2Brev-8c29968b3a942f2903f90797f9623737c215737c/019add91-3add-7a0d-8a25-9569cbe01efe/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/0.1"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1764983851,
"narHash": "sha256-y7RPKl/jJ/KAP/VKLMghMgXTlvNIJMHKskl8/Uuar7o=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1267bb4920d0fc06ea916734c11b0bf004bbe17e", "rev": "d9bc5c7dceb30d8d6fafa10aeb6aa8a48c218454",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -206,13 +374,29 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1770843696, "lastModified": 1765608474,
"narHash": "sha256-LovWTGDwXhkfCOmbgLVA10bvsi/P8eDDpRudgk68HA8=", "narHash": "sha256-9Wx53UK0z8Di5iesJID0tS1dRKwGxI4i7tsSanOHhF0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2343bbb58f99267223bc2aac4fc9ea301a155a16", "rev": "28bb483c11a1214a73f9fd2d9928a6e2ea86ec71",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1763934636,
"narHash": "sha256-9glbI7f1uU+yzQCq5LwLgdZqx6svOhZWkd4JRY265fc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ee09932cedcef15aaf476f9343d1dea2cb77e261",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -222,25 +406,9 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": {
"locked": {
"lastModified": 1771008912,
"narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a82ccc39b39b621151d6732718e3e250109076fa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": { "nixvim": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts_2",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@@ -248,11 +416,11 @@
"systems": "systems_2" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1769049374, "lastModified": 1765647805,
"narHash": "sha256-h0Os2qqNyycDY1FyZgtbn28VF1ySP74/n0f+LDd8j+w=", "narHash": "sha256-CdaiOfpBiS4kw/DR0Ut+02fpFnjM8hNZMZ53a1pavak=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "b8f76bf5751835647538ef8784e4e6ee8deb8f95", "rev": "f0b0cc7cae2cf5d76608c9164ab8824a2387e146",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -272,11 +440,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1768249818, "lastModified": 1761730856,
"narHash": "sha256-ANfn5OqIxq3HONPIXZ6zuI5sLzX1sS+2qcf/Pa0kQEc=", "narHash": "sha256-t1i5p/vSWwueZSC0Z2BImxx3BjoUDNKyC2mk24krcMY=",
"owner": "NuschtOS", "owner": "NuschtOS",
"repo": "search", "repo": "search",
"rev": "b6f77b88e9009bfde28e2130e218e5123dc66796", "rev": "e29de6db0cb3182e9aee75a3b1fd1919d995d85b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -288,12 +456,13 @@
"root": { "root": {
"inputs": { "inputs": {
"darwin": "darwin", "darwin": "darwin",
"determinate": "determinate",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_4",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim", "nixvim": "nixvim",
"vpngate": "vpngate", "vpngate": "vpngate"
"weathr": "weathr"
} }
}, },
"systems": { "systems": {
@@ -344,14 +513,14 @@
"vpngate": { "vpngate": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_5"
}, },
"locked": { "locked": {
"lastModified": 1772279709, "lastModified": 1764077616,
"narHash": "sha256-BWyEll/XLzC8HATyf2EJzWIKT8aJcjtAb2dokfIPInM=", "narHash": "sha256-5bhF1Pdrz5yq9mSMWzoPRKDx6fedRr55A8+v556MD/I=",
"owner": "davegallant", "owner": "davegallant",
"repo": "vpngate", "repo": "vpngate",
"rev": "184ea2acf2ade5dff27bad958233c6d88c761f5c", "rev": "eda46dcce93b9246784e684e9cb7e8b96d53ee1d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -359,25 +528,6 @@
"repo": "vpngate", "repo": "vpngate",
"type": "github" "type": "github"
} }
},
"weathr": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1772212496,
"narHash": "sha256-n/fjjbfBtzmd7QV7jInnb+k5tC3g8sXzoI2rka8scwI=",
"owner": "Veirt",
"repo": "weathr",
"rev": "56aa86fe83cb42f96f497087bd19c8e073f7ee1e",
"type": "github"
},
"original": {
"owner": "Veirt",
"repo": "weathr",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

146
flake.nix
View File

@@ -2,7 +2,9 @@
description = "nixos and macos configurations"; description = "nixos and macos configurations";
inputs = { inputs = {
determinate.url = "https://flakehub.com/f/DeterminateSystems/determinate/*";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-master.url = "github:NixOS/nixpkgs/master";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
darwin = { darwin = {
url = "github:lnl7/nix-darwin/nix-darwin-25.11"; url = "github:lnl7/nix-darwin/nix-darwin-25.11";
@@ -14,91 +16,66 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
vpngate.url = "github:davegallant/vpngate"; vpngate.url = "github:davegallant/vpngate";
weathr.url = "github:Veirt/weathr";
}; };
outputs = outputs =
{ {
self,
darwin, darwin,
determinate,
home-manager, home-manager,
nixpkgs, nixpkgs,
nixpkgs-unstable, nixpkgs-unstable,
nixpkgs-master,
vpngate, vpngate,
weathr,
... ...
}@inputs: }@inputs:
let let
mkUnstable = supportedSystems = [
system: "x86_64-linux"
import nixpkgs-unstable { "aarch64-linux"
inherit system; "x86_64-darwin"
config.allowUnfree = true; "aarch64-darwin"
};
mkSharedModules =
{
username,
system,
hmModule,
extraModules ? [ ],
}:
let
unstable = mkUnstable system;
in
[
./packages.nix
hmModule
(
{ ... }:
{
config = {
nixpkgs.config.allowUnfree = true;
nixpkgs.overlays = [ (import ./overlays) ];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.${username}.imports = [
./home.nix
inputs.nixvim.homeModules.nixvim
weathr.homeModules.weathr
]; ];
extraSpecialArgs = { inherit unstable; };
}; forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
};
}
)
]
++ extraModules;
in in
{ {
nixosConfigurations = nixosConfigurations =
let let
unstable = import nixpkgs-unstable {
system = "x86_64-linux"; system = "x86_64-linux";
unstable = mkUnstable system; config.allowUnfree = true;
};
master = import nixpkgs-master {
system = "x86_64-linux";
config.allowUnfree = true;
};
in in
{ {
hephaestus = nixpkgs.lib.nixosSystem { hephaestus = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
inherit inherit unstable;
unstable inherit master;
vpngate inherit vpngate;
inputs inherit inputs;
;
}; };
modules = mkSharedModules { modules = [
username = "dave";
inherit system;
hmModule = home-manager.nixosModules.home-manager;
extraModules = [
./hosts/hephaestus.nix ./hosts/hephaestus.nix
./common-packages.nix
home-manager.nixosModules.home-manager
( (
{ ... }: { ... }:
{ {
config.nix = { config = {
nix = {
settings = { settings = {
auto-optimise-store = true; auto-optimise-store = true;
sandbox = false;
substituters = [ "https://davegallant.cachix.org" ]; substituters = [ "https://davegallant.cachix.org" ];
trusted-users = [ "root" ]; trusted-users = [
"root"
];
trusted-public-keys = [ trusted-public-keys = [
"davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08=" "davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08="
]; ];
@@ -112,32 +89,73 @@
options = "--delete-older-than 14d"; options = "--delete-older-than 14d";
}; };
}; };
nixpkgs.overlays = [ (import ./overlays) ];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.dave.imports = [
./home.nix
inputs.nixvim.homeModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
inherit master;
};
};
};
} }
) )
]; ];
}; };
}; };
};
darwinConfigurations = darwinConfigurations =
let let
system = "aarch64-darwin"; system = "aarch64-darwin";
unstable = mkUnstable system; unstable = import nixpkgs-unstable {
config.allowUnfree = true;
inherit system;
};
master = import nixpkgs-master {
config.allowUnfree = true;
inherit system;
};
in in
{ {
zelus = darwin.lib.darwinSystem { zelus = darwin.lib.darwinSystem {
inherit system; inherit system;
specialArgs = { specialArgs = {
inherit unstable inputs; inherit unstable;
inherit master;
}; };
modules = mkSharedModules {
username = "dave.gallant"; modules = [
inherit system; home-manager.darwinModules.home-manager
hmModule = home-manager.darwinModules.home-manager;
extraModules = [
./hosts/zelus.nix ./hosts/zelus.nix
./common-packages.nix
(
{ ... }:
{
config = {
nixpkgs.overlays = [ (import ./overlays) ];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."dave.gallant".imports = [
./home.nix
inputs.nixvim.homeModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
inherit master;
};
};
};
}
)
]; ];
};
}; };
}; };
}; };

62
home.nix
View File

@@ -21,6 +21,8 @@ in
}; };
}; };
services.lorri.enable = stdenv.isLinux;
fonts.fontconfig.enable = true; fonts.fontconfig.enable = true;
programs = { programs = {
@@ -51,8 +53,8 @@ in
ca = "commit --amend"; ca = "commit --amend";
cane = "commit --amend --no-edit"; cane = "commit --amend --no-edit";
cb = "checkout -b"; cb = "checkout -b";
cmp = "! git checkout main && git pl";
co = "checkout"; co = "checkout";
cmp = "! git checkout main && git pl";
d = "diff"; d = "diff";
dc = "diff --cached"; dc = "diff --cached";
dcn = "diff --cached --name-only"; dcn = "diff --cached --name-only";
@@ -61,7 +63,6 @@ in
p = "push origin"; p = "push origin";
pf = "push -f"; pf = "push -f";
pl = "! git pull origin $(git rev-parse --abbrev-ref HEAD)"; pl = "! git pull origin $(git rev-parse --abbrev-ref HEAD)";
pom = "pull origin main";
st = "status"; st = "status";
wip = "for-each-ref --sort='authordate:iso8601' --format=' %(color:green)%(authordate:relative)%09%(color:white)%(refname:short)' refs/heads"; wip = "for-each-ref --sort='authordate:iso8601' --format=' %(color:green)%(authordate:relative)%09%(color:white)%(refname:short)' refs/heads";
}; };
@@ -116,14 +117,11 @@ in
interactiveShellInit = '' interactiveShellInit = ''
set fish_greeting set fish_greeting
bind \cw backward-kill-word
set -x DOCKER_CLI_HINTS false set -x DOCKER_CLI_HINTS false
set -x DOCKER_DEFAULT_PLATFORM linux/amd64 set -x DOCKER_DEFAULT_PLATFORM linux/amd64
set -x EDITOR vim set -x EDITOR vim
set -x NNN_FIFO "$XDG_RUNTIME_DIR/nnn.fifo" set -x NNN_FIFO "$XDG_RUNTIME_DIR/nnn.fifo"
set -x PAGER less set -x PAGER less
${lib.optionalString pkgs.stdenv.isLinux "set -x SSH_AUTH_SOCK /home/dave/.bitwarden-ssh-agent.sock"}
set -x TERM xterm-256color set -x TERM xterm-256color
set -x PATH $PATH \ set -x PATH $PATH \
@@ -140,13 +138,11 @@ in
set -x PATH $PATH $GOBIN set -x PATH $PATH $GOBIN
source $HOME/work.fish source $HOME/work.fish
'';
shellInit = ''
atuin init fish | source atuin init fish | source
helm completion fish | source helm completion fish | source
kubectl completion fish | source kubectl completion fish | source
''; # '';
shellAliases = { shellAliases = {
".." = "cd .."; ".." = "cd ..";
@@ -165,19 +161,15 @@ in
l = "eza -la --git --group-directories-first"; l = "eza -la --git --group-directories-first";
m = "make"; m = "make";
nix-install = "nix-env -iA"; nix-install = "nix-env -iA";
t = "cd $(cd-fzf)"; t = "cd-fzf";
tf = "terraform"; tf = "terraform";
tree = "eza --tree"; tree = "eza --tree";
v = "nvim"; v = "nvim";
}
// lib.optionalAttrs stdenv.isLinux {
zed = "env WAYLAND_DISPLAY='' zeditor"; # BUG: zed captures shift+v and g space on wayland
}; };
}; };
go = { go = {
enable = true; enable = true;
package = unstable.go;
}; };
fzf = { fzf = {
@@ -265,19 +257,6 @@ in
cmp-path.enable = true; cmp-path.enable = true;
cmp-treesitter.enable = true; cmp-treesitter.enable = true;
commentary.enable = true; commentary.enable = true;
codecompanion = {
enable = true;
settings = {
interactions = {
chat = {
adapter = "copilot";
};
inline = {
adapter = "copilot";
};
};
};
};
diffview.enable = true; diffview.enable = true;
gitblame.enable = true; gitblame.enable = true;
gitsigns.enable = true; gitsigns.enable = true;
@@ -401,27 +380,12 @@ in
''; '';
}; };
mangohud = {
enable = stdenv.isLinux;
settings = {
font_size = 16;
position = "top-right";
toggle_hud = "Shift_R+F1";
};
};
weathr = {
enable = true;
settings = {
hide_hud = true;
};
};
zed-editor = { zed-editor = {
enable = stdenv.isLinux; enable = stdenv.isLinux;
package = unstable.zed-editor; package = unstable.zed-editor;
extensions = [ extensions = [
"ansible" "ansible"
"color-highlight"
"dockerfile" "dockerfile"
"html" "html"
"make" "make"
@@ -432,14 +396,17 @@ in
]; ];
userSettings = { userSettings = {
icon_theme = "Material Icon Theme"; icon_theme = "Material Icon Theme";
features = {
edit_prediction_provider = "copilot";
};
vim_mode = true; vim_mode = true;
vim = { vim = {
use_system_clipboard = "on_yank"; use_system_clipboard = "on_yank";
}; };
autosave = "on_focus_change"; autosave = "on_focus_change";
format_on_save = "off"; format_on_save = "off";
ui_font_size = 18; ui_font_size = lib.mkForce 18;
buffer_font_size = 16; buffer_font_size = lib.mkForce 16;
}; };
userKeymaps = [ userKeymaps = [
{ {
@@ -451,13 +418,6 @@ in
"ctrl-z" = "editor::Undo"; "ctrl-z" = "editor::Undo";
}; };
} }
{
context = "vim_mode == normal";
bindings = {
"g space" = "editor::OpenExcerpts";
"shift-v" = "vim::ToggleVisualLine";
};
}
]; ];
}; };

116
hosts/hephaestus.nix
View File

@@ -1,9 +1,12 @@
{ {
config, config,
lib, lib,
inputs,
master,
modulesPath, modulesPath,
pkgs, pkgs,
unstable, unstable,
vpngate,
... ...
}: }:
{ {
@@ -51,7 +54,7 @@
]; ];
luks.devices."root" = { luks.devices."root" = {
allowDiscards = true; allowDiscards = true;
device = "/dev/disk/by-uuid/89a14ac5-7723-4a0a-bb95-fb2fb2e92160"; device = "/dev/disk/by-uuid/21cd166c-1528-49a4-b31b-0d408d48aa80";
preLVM = true; preLVM = true;
keyFile = "./keyfile0.bin"; keyFile = "./keyfile0.bin";
}; };
@@ -61,13 +64,75 @@
}; };
}; };
environment.systemPackages =
with pkgs;
[
bleachbit
calibre
chromium
cryptsetup
dbeaver-bin
discord
freefilesync
gimp-with-plugins
google-chrome
hardinfo2
httpie-desktop
iputils
kdePackages.bluedevil
kdePackages.kcharselect
kdePackages.kclock
kdePackages.kcolorchooser
kdePackages.ksystemlog
kdePackages.partitionmanager
kdePackages.sddm-kcm
libation
lutris
mupen64plus
nfs-utils
onlyoffice-desktopeditors
opensnitch-ui
pciutils
pika-backup
pinentry-curses
pinta
protonvpn-gui
qalculate-qt
qemu
traceroute
unrar
unstable.beszel
unstable.mcpelauncher-ui-qt
unstable.obsidian
unstable.podman
unstable.podman-compose
unstable.podman-desktop
unstable.ryubing
unstable.signal-desktop-bin
unstable.tailscale
unstable.zoom-us
usbutils
virt-manager
vlc
vpngate.packages.x86_64-linux.default
wayland-utils
whois
wine
wl-clipboard
];
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-uuid/7f4f0948-041c-47e9-ab28-53132026f158"; device = "/dev/disk/by-uuid/a6723178-6f18-428e-b541-9ac901861125";
fsType = "ext4";
};
"/home" = {
device = "/dev/disk/by-uuid/e3ab2e1a-bddf-4ae0-b00a-bf954c6c182b";
fsType = "ext4"; fsType = "ext4";
}; };
"/boot/efi" = { "/boot/efi" = {
device = "/dev/disk/by-uuid/F1BD-5227"; device = "/dev/disk/by-uuid/3CFD-D749";
fsType = "vfat"; fsType = "vfat";
}; };
"/mnt/synology-2b/media" = { "/mnt/synology-2b/media" = {
@@ -84,6 +149,7 @@
dejavu_fonts dejavu_fonts
fira-mono fira-mono
font-awesome font-awesome
google-fonts
liberation_ttf liberation_ttf
nerd-fonts.droid-sans-mono nerd-fonts.droid-sans-mono
nerd-fonts.fira-code nerd-fonts.fira-code
@@ -93,6 +159,7 @@
noto-fonts noto-fonts
noto-fonts-cjk-sans noto-fonts-cjk-sans
noto-fonts-color-emoji noto-fonts-color-emoji
noto-fonts
]; ];
fonts.fontconfig.defaultFonts = { fonts.fontconfig.defaultFonts = {
@@ -102,7 +169,12 @@
emoji = [ "Noto Color Emoji" ]; emoji = [ "Noto Color Emoji" ];
}; };
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs = {
hostPlatform = "x86_64-linux";
config = {
allowUnfree = true;
};
};
networking = { networking = {
iproute2.enable = true; iproute2.enable = true;
@@ -152,24 +224,6 @@
}; };
}; };
services.mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
services.ollama = {
package = pkgs.ollama;
enable = true;
acceleration = "rocm";
host = "0.0.0.0";
environmentVariables = {
HSA_OVERRIDE_GFX_VERSION = "11.0.2";
};
loadModels = [
"qwen2.5-coder:7b"
];
};
system = { system = {
autoUpgrade.enable = true; autoUpgrade.enable = true;
stateVersion = "25.11"; stateVersion = "25.11";
@@ -188,18 +242,14 @@
nix = { nix = {
extraOptions = "experimental-features = nix-command flakes"; extraOptions = "experimental-features = nix-command flakes";
settings.trusted-users = [
"root"
"@wheel"
];
}; };
users.users.dave = { users.users.dave = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ extraGroups = [
"docker"
"libvirtd"
"wheel" "wheel"
"libvirtd"
"corectrl"
]; ];
shell = pkgs.fish; shell = pkgs.fish;
}; };
@@ -239,8 +289,6 @@
}; };
}; };
services.flatpak.enable = true;
services.avahi = { services.avahi = {
enable = true; enable = true;
nssmdns4 = true; nssmdns4 = true;
@@ -254,9 +302,6 @@
}; };
}; };
security.rtkit.enable = true;
services.pipewire.enable = true;
services = { services = {
desktopManager.plasma6.enable = true; desktopManager.plasma6.enable = true;
displayManager.sddm.enable = true; displayManager.sddm.enable = true;
@@ -274,9 +319,6 @@
package = unstable.tailscale; package = unstable.tailscale;
}; };
services.clamav.daemon.enable = true;
services.clamav.updater.enable = true;
services.opensnitch = { services.opensnitch = {
enable = true; enable = true;
rules = { rules = {
@@ -422,7 +464,7 @@
}; };
virtualisation = { virtualisation = {
docker.enable = true; podman.enable = true;
libvirtd = { libvirtd = {
enable = true; enable = true;
qemu.swtpm.enable = true; qemu.swtpm.enable = true;

19
hosts/zelus.nix
View File

@@ -1,5 +1,11 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
nixpkgs = {
config = {
allowUnfree = true;
};
};
networking = { networking = {
hostName = "zelus"; hostName = "zelus";
}; };
@@ -80,17 +86,17 @@
"k6" "k6"
"node" "node"
"oras" "oras"
"peon-ping"
"vault" "vault"
]; ];
casks = [ casks = [
"claude-code"
"discord" "discord"
"dbeaver-community" "dbeaver-community"
"font-fira-code-nerd-font" "font-fira-code-nerd-font"
"font-hack-nerd-font" "font-hack-nerd-font"
"fork" "fork"
"headlamp" "freelens"
"iterm2" "iterm2"
"karabiner-elements" "karabiner-elements"
"knockknock" "knockknock"
@@ -106,16 +112,17 @@
"stats" "stats"
"steam" "steam"
"taskexplorer" "taskexplorer"
"tailscale-app" "tailscale"
"vlc" "vlc"
"whisky"
"zed" "zed"
]; ];
taps = [ taps = [
"hashicorp/tap" "hashicorp/tap"
"PeonPing/tap" "homebrew/bundle"
"homebrew/cask-fonts"
"homebrew/cask-versions"
"homebrew/services"
]; ];
};
} }

9
justfile
View File

@@ -5,13 +5,10 @@ alias r := rebuild
arch := `uname -s` arch := `uname -s`
cmd := if arch == "Linux" { "nixos-rebuild --sudo" } else { "sudo darwin-rebuild" } cmd := if arch == "Linux" { "nixos-rebuild --sudo" } else { "darwin-rebuild" }
rebuild: rebuild:
$cmd switch --flake . sudo $cmd switch --flake . -I nixos-config="hosts/$(hostname).nix" --show-trace
rebuild-boot:
$cmd boot --flake . --install-bootloader
rollback: rollback:
sudo $cmd switch --rollback --flake . sudo $cmd switch --rollback --flake .
@@ -24,7 +21,7 @@ update:
@./update-flake.sh @./update-flake.sh
fmt: fmt:
fd -e nix -x nixfmt nixfmt *.nix
clean: clean:
echo 'Cleaning user...' echo 'Cleaning user...'

3
overlays/cd-fzf/cd-fzf
View File

@@ -13,4 +13,5 @@ if [[ -z $selected ]]; then
exit 0 exit 0
fi fi
echo "$selected" cd "$selected"
$SHELL

22
overlays/cd-fzf/default.nix
View File

@@ -1,13 +1,19 @@
{ stdenv, lib }: {
stdenv.mkDerivation { stdenv,
lib,
fetchurl,
}:
stdenv.mkDerivation rec {
pname = "cd-fzf"; pname = "cd-fzf";
version = "0.0.1"; version = "0.0.1";
src = ./.; executable = ./cd-fzf;
installPhase = '' phases = [ "unpackPhase" ]; # Remove all other phases
install -Dm755 cd-fzf $out/bin/cd-fzf unpackPhase = ''
mkdir -p $out/bin
cp ${executable} $out/bin/cd-fzf
''; '';
meta = { meta = with lib; {
description = "Fuzzy find change directory"; description = "\n Fuzzy find change directory";
platforms = lib.platforms.unix; platforms = platforms.unix;
}; };
} }

168
packages.nix
View File

@@ -1,168 +0,0 @@
{
pkgs,
lib,
unstable,
vpngate,
...
}:
let
inherit (pkgs) stdenv;
in
{
environment.systemPackages =
with pkgs;
[
# essentials
curl
gnumake
gnupg
jq
unzip
zip
# modern cli
atuin
bat
cd-fzf
doggo
eza
fd
github-cli
hadolint
lazygit
macchina
ncdu
progress
ripgrep
shellcheck
shfmt
viddy
yq-go
# containers
unstable.k9s
unstable.krew
unstable.kubecolor
unstable.kubectl
unstable.kubectx
unstable.kubernetes-helm
unstable.stern
# cloud
awscli2
google-cloud-sdk
terraform
# lsp
nodePackages.bash-language-server
nodePackages.eslint
nodePackages.yaml-language-server
terraform-ls
# monitoring
btop
# golang
gofumpt
golangci-lint
gopls
# rust
rustup
# nix
nix-tree
nixfmt-rfc-style
nixpkgs-review
nvd
# python
virtualenv
# media
yt-dlp
]
++ lib.optionals stdenv.isLinux [
xclip
xdg-utils
# networking
arp-scan
dnsutils
iperf
nmap
openssl
openvpn
tcpdump
# desktop apps
bitwarden-desktop
dbeaver-bin
discord
feishin
freefilesync
gimp-with-plugins
google-chrome
httpie-desktop
onlyoffice-desktopeditors
pika-backup
pinta
qbittorrent
unstable.obsidian
unstable.podman-desktop
unstable.signal-desktop-bin
unstable.zoom-us
# gaming
heroic
ludusavi
mupen64plus
protonup-qt
unstable.ryubing
unstable.lutris
wine
# kde
kdePackages.bluedevil
kdePackages.kcalc
kdePackages.kcharselect
kdePackages.kclock
kdePackages.kcolorchooser
kdePackages.ksystemlog
kdePackages.partitionmanager
kdePackages.sddm-kcm
# media
calibre
libation
unstable.spotify
vlc
# networking
iputils
traceroute
unstable.ktailctl
unstable.tailscale
vpngate.packages.x86_64-linux.default
whois
# security
bleachbit
clamtk
cryptsetup
opensnitch-ui
pinentry-curses
# system utilities
hardinfo2
nfs-utils
pciutils
qemu
unrar
unstable.beszel
usbutils
virt-manager
wayland-utils
wl-clipboard
];
}

2
update-flake.sh
View File

@@ -3,7 +3,7 @@
set -euo pipefail set -euo pipefail
if ! git diff-index --quiet HEAD --; then if ! git diff-index --quiet HEAD --; then
git stash push -m "Auto-stash via update-flake.sh on $(date)" git stash push -m "Auto-stash via update-flash.sh on $(date)"
fi fi
git pull git pull