dave/nix-config
1
0
Fork 0
mirror of https://github.com/davegallant/nix-config synced 2026-01-10 08:44:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: dave:main
Branches Tags
dave:main
..
compare: dave:0d705f12d3519038c8eaa1e7bf3d76ebeff4ce80
Branches Tags
dave:main

1 Commits
main ... 0d705f12d3

Author SHA1 Message Date
Dave Gallant
0d705f12d3 Add commit.gpgsign = true to git config 2025-12-14 11:56:13 -05:00
7 changed files with 71 additions and 107 deletions
Expand all files Collapse all files

19
README.md
View File

@@ -64,22 +64,3 @@ To cleanup previous files, run nix garbage collection:
```sh
just clean
```
## Restoring from a live USB
If the bootloader for some reason breaks (i.e. motherboard firmware upgrade), restore it from a live USB by running the following commands:
```console
$ sudo cryptsetup luksOpen /dev/nvme0n1p2 crypted-nixos
Enter passphrase for /dev/nvme0n1p2: ********
$ sudo mount /dev/vg/root /mnt
$ sudo mount /dev/nvme0n1p1 /mnt/boot/efi
$ sudo nixos-enter --root /mnt
$ hostname <hostname>
```
Navigate to the nix-config directory and run:
```sh
just rebuild-boot
```

3
common-packages.nix
View File

@@ -25,8 +25,6 @@
github-cli
hadolint
lazygit
macchina
ncdu
progress
ripgrep
shellcheck
@@ -87,6 +85,7 @@
nvd
# python
poetry
virtualenv
# media

102
flake.lock generated
View File

@@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1767634391,
"narHash": "sha256-owcSz2ICqTSvhBbhPP+1eWzi88e54rRZtfCNE5E/wwg=",
"lastModified": 1765066094,
"narHash": "sha256-0YSU35gfRFJzx/lTGgOt6ubP8K6LeW0vaywzNNqxkl4=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "08585aacc3d6d6c280a02da195fdbd4b9cf083c2",
"rev": "688427b1aab9afb478ca07989dc754fa543e03d5",
"type": "github"
},
"original": {
@@ -30,12 +30,12 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1766549083,
"narHash": "sha256-G1Hljg7vIBt8n9cxO382YAZWtZU/mYfQcg3icdNG8RQ=",
"rev": "ba8999fac986e70f52b4cba15047be7bbb7b6346",
"revCount": 318,
"lastModified": 1765254444,
"narHash": "sha256-kAO/ZeBnjaF+uqOP6qweXlRk2ylocLuv/9Dn8FsuPlU=",
"rev": "3ccc0297525e51ac3d7905509e0616c9c8350108",
"revCount": 316,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.15.1/019b4e8a-dc22-75db-aef5-a447efbb1a13/source.tar.gz"
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.14.0/019b0160-c5de-7941-9c26-cb47bc17eec3/source.tar.gz"
},
"original": {
"type": "tarball",
@@ -45,37 +45,37 @@
"determinate-nixd-aarch64-darwin": {
"flake": false,
"locked": {
"narHash": "sha256-uWDS94cAYprGj+AwuT42nuuDDicRLj1S0JwalZGeBRU=",
"narHash": "sha256-6PWoqx52nvlWzlElTjcn7KAPKitfcKZYEFSsC3PoEoE=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/macOS"
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/macOS"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/macOS"
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/macOS"
}
},
"determinate-nixd-aarch64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-uHBcZCh2/Bj5/88TDihupA336tSQDk7s5lVP66IDAX0=",
"narHash": "sha256-b1e25BUPL7Qf0QVbYlfZ/+QiClrP/SHIjMPtA47aOLc=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/aarch64-linux"
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/aarch64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/aarch64-linux"
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/aarch64-linux"
}
},
"determinate-nixd-x86_64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-y+l05H6GNv/1WcrMztDYem8VBWqjc9gNg4WjeQ1PQxo=",
"narHash": "sha256-8EI2f8IftPcRFlR6K4+cpIEAVf5UIeMCjHysEtVqDw0=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/x86_64-linux"
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/x86_64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/x86_64-linux"
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.14.0/x86_64-linux"
}
},
"flake-compat": {
@@ -123,11 +123,11 @@
]
},
"locked": {
"lastModified": 1765835352,
"narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
"lastModified": 1765495779,
"narHash": "sha256-MhA7wmo/7uogLxiewwRRmIax70g6q1U/YemqTGoFHlM=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "a34fae9c08a15ad73f295041fec82323541400a9",
"rev": "5635c32d666a59ec9a55cab87e898889869f7b71",
"type": "github"
},
"original": {
@@ -203,11 +203,11 @@
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1767850628,
"narHash": "sha256-D3QzdIT11J66I4mzwmIpAGLzPAcbCS2VaKN8fmOe6+E=",
"lastModified": 1765605144,
"narHash": "sha256-RM2xs+1HdHxesjOelxoA3eSvXShC8pmBvtyTke4Ango=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8c8a16d41353a174767c38b962359b51a56ca02e",
"rev": "90b62096f099b73043a747348c11dbfcfbdea949",
"type": "github"
},
"original": {
@@ -254,12 +254,12 @@
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1766546676,
"narHash": "sha256-GsC52VFF9Gi2pgP/haQyPdQoF5Qe2myk1tsPcuJZI28=",
"rev": "51dacdd248e8071cd0243a8245c8c42ac1f33307",
"revCount": 24299,
"lastModified": 1765252170,
"narHash": "sha256-p98D44tYJMgB5Qet5S8cTQFdffk/GmoaGkpQtZ3hqJU=",
"rev": "1ddd28880651054346c34009d7bb9de36f1db2c1",
"revCount": 23362,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.15.1/019b4e84-d036-75db-b6c6-6bc2e2035c53/source.tar.gz"
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.14.0/019b0159-8907-7fab-a120-9d287c7e6d2e/source.tar.gz"
},
"original": {
"type": "tarball",
@@ -298,11 +298,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1767873505,
"narHash": "sha256-UP55tLruQPznPL6IMxTzRtx/jhvVhxMuF+CUpH78New=",
"lastModified": 1765719588,
"narHash": "sha256-0VT36Ig9Z5rgXtQ4dgVgrDPS1UrASffWC/r4O9zFUaE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f244e841501d61e8fda288c2a9f56ca46e4429de",
"rev": "f9a7fdd6101319fb1220d0905909aea54e5d8999",
"type": "github"
},
"original": {
@@ -330,11 +330,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1767767207,
"narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=",
"lastModified": 1765472234,
"narHash": "sha256-9VvC20PJPsleGMewwcWYKGzDIyjckEz8uWmT0vCDYK0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5912c1772a44e31bf1c63c0390b90501e5026886",
"rev": "2fbfb1d73d239d2402a8fe03963e37aab15abe8b",
"type": "github"
},
"original": {
@@ -346,12 +346,12 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1766314097,
"narHash": "sha256-laJftWbghBehazn/zxVJ8NdENVgjccsWAdAqKXhErrM=",
"rev": "306ea70f9eb0fb4e040f8540e2deab32ed7e2055",
"revCount": 914780,
"lastModified": 1764611609,
"narHash": "sha256-yU9BNcP0oadUKupw0UKmO9BKDOVIg9NStdJosEbXf8U=",
"rev": "8c29968b3a942f2903f90797f9623737c215737c",
"revCount": 905078,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.914780%2Brev-306ea70f9eb0fb4e040f8540e2deab32ed7e2055/019b49b8-ed0f-724e-bdaf-5fd90cc1c590/source.tar.gz"
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.905078%2Brev-8c29968b3a942f2903f90797f9623737c215737c/019add91-3add-7a0d-8a25-9569cbe01efe/source.tar.gz"
},
"original": {
"type": "tarball",
@@ -360,11 +360,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1767799921,
"narHash": "sha256-r4GVX+FToWVE2My8VVZH4V0pTIpnu2ZE8/Z4uxGEMBE=",
"lastModified": 1764983851,
"narHash": "sha256-y7RPKl/jJ/KAP/VKLMghMgXTlvNIJMHKskl8/Uuar7o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d351d0653aeb7877273920cd3e823994e7579b0b",
"rev": "d9bc5c7dceb30d8d6fafa10aeb6aa8a48c218454",
"type": "github"
},
"original": {
@@ -376,11 +376,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1767799921,
"narHash": "sha256-r4GVX+FToWVE2My8VVZH4V0pTIpnu2ZE8/Z4uxGEMBE=",
"lastModified": 1765608474,
"narHash": "sha256-9Wx53UK0z8Di5iesJID0tS1dRKwGxI4i7tsSanOHhF0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d351d0653aeb7877273920cd3e823994e7579b0b",
"rev": "28bb483c11a1214a73f9fd2d9928a6e2ea86ec71",
"type": "github"
},
"original": {
@@ -416,11 +416,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1767448089,
"narHash": "sha256-U1fHsZBnFrUil731NHD9Sg5HoiG+eSHau8OFuClhwW0=",
"lastModified": 1765647805,
"narHash": "sha256-CdaiOfpBiS4kw/DR0Ut+02fpFnjM8hNZMZ53a1pavak=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "983751b66f255bbea1adc185364e9e7b73f82358",
"rev": "f0b0cc7cae2cf5d76608c9164ab8824a2387e146",
"type": "github"
},
"original": {
@@ -516,11 +516,11 @@
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1766183672,
"narHash": "sha256-24+gJj4UsxwQmdxSS3Aqo2fl0Ep13sYrTDvcHY24mwA=",
"lastModified": 1764077616,
"narHash": "sha256-5bhF1Pdrz5yq9mSMWzoPRKDx6fedRr55A8+v556MD/I=",
"owner": "davegallant",
"repo": "vpngate",
"rev": "a668484da6b969d29dd2f74d5a4f2323fb48beef",
"rev": "eda46dcce93b9246784e684e9cb7e8b96d53ee1d",
"type": "github"
},
"original": {

4
home.nix
View File

@@ -138,13 +138,11 @@ in
set -x PATH $PATH $GOBIN
source $HOME/work.fish
# '';
shellInit = ''
atuin init fish | source
helm completion fish | source
kubectl completion fish | source
'';
# '';
shellAliases = {
".." = "cd ..";

33
hosts/hephaestus.nix
View File

@@ -1,5 +1,4 @@
{
config,
lib,
inputs,
@@ -55,7 +54,7 @@
];
luks.devices."root" = {
allowDiscards = true;
device = "/dev/disk/by-uuid/89a14ac5-7723-4a0a-bb95-fb2fb2e92160";
device = "/dev/disk/by-uuid/21cd166c-1528-49a4-b31b-0d408d48aa80";
preLVM = true;
keyFile = "./keyfile0.bin";
};
@@ -70,7 +69,7 @@
[
bleachbit
calibre
clamtk
chromium
cryptsetup
dbeaver-bin
discord
@@ -79,10 +78,8 @@
google-chrome
hardinfo2
httpie-desktop
heroic
iputils
kdePackages.bluedevil
kdePackages.kcalc
kdePackages.kcharselect
kdePackages.kclock
kdePackages.kcolorchooser
@@ -99,13 +96,12 @@
pika-backup
pinentry-curses
pinta
protonup-qt
qbittorrent
protonvpn-gui
qalculate-qt
qemu
traceroute
unrar
unstable.beszel
unstable.ktailctl
unstable.mcpelauncher-ui-qt
unstable.obsidian
unstable.podman
@@ -128,11 +124,15 @@
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/7f4f0948-041c-47e9-ab28-53132026f158";
device = "/dev/disk/by-uuid/a6723178-6f18-428e-b541-9ac901861125";
fsType = "ext4";
};
"/home" = {
device = "/dev/disk/by-uuid/e3ab2e1a-bddf-4ae0-b00a-bf954c6c182b";
fsType = "ext4";
};
"/boot/efi" = {
device = "/dev/disk/by-uuid/F1BD-5227";
device = "/dev/disk/by-uuid/3CFD-D749";
fsType = "vfat";
};
"/mnt/synology-2b/media" = {
@@ -149,6 +149,7 @@
dejavu_fonts
fira-mono
font-awesome
google-fonts
liberation_ttf
nerd-fonts.droid-sans-mono
nerd-fonts.fira-code
@@ -223,13 +224,6 @@
};
};
services = {
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
};
system = {
autoUpgrade.enable = true;
stateVersion = "25.11";
@@ -248,7 +242,6 @@
nix = {
extraOptions = "experimental-features = nix-command flakes";
settings.trusted-users = [ "root" "@wheel" ];
};
users.users.dave = {
@@ -256,6 +249,7 @@
extraGroups = [
"wheel"
"libvirtd"
"corectrl"
];
shell = pkgs.fish;
};
@@ -325,9 +319,6 @@
package = unstable.tailscale;
};
services.clamav.daemon.enable = true;
services.clamav.updater.enable = true;
services.opensnitch = {
enable = true;
rules = {

4
hosts/zelus.nix
View File

@@ -112,9 +112,8 @@
"stats"
"steam"
"taskexplorer"
"tailscale-app"
"tailscale"
"vlc"
"whisky"
"zed"
];
@@ -125,6 +124,5 @@
"homebrew/cask-versions"
"homebrew/services"
];
};
}

7
justfile
View File

@@ -5,13 +5,10 @@ alias r := rebuild
arch := `uname -s`
cmd := if arch == "Linux" { "nixos-rebuild --sudo" } else { "sudo darwin-rebuild" }
cmd := if arch == "Linux" { "nixos-rebuild --sudo" } else { "darwin-rebuild" }
rebuild:
$cmd switch --flake .
rebuild-boot:
$cmd boot --flake . --install-bootloader
sudo $cmd switch --flake . -I nixos-config="hosts/$(hostname).nix" --show-trace
rollback:
sudo $cmd switch --rollback --flake .