diff --git a/.sops.yaml b/.sops.yaml deleted file mode 100644 index b9340d2..0000000 --- a/.sops.yaml +++ /dev/null @@ -1,13 +0,0 @@ -keys: - - &users: - - &irl age1uhp600xemepn27l0vxnt7hmuvk53wmw5peh9d3wy4ma2apsympmqxm8jxq - - &hosts: - - &homeserver age1y9v37jc3kxuygw042qrsvseac5krhh3skp88ewlqlja00uslpyss62e4nd -creation_rules: - - path_regex: secrets.yaml$ - key_groups: - - age: - - *irl - - *homeserver - - diff --git a/darwin/common.nix b/darwin/common.nix deleted file mode 100644 index 6e1a75a..0000000 --- a/darwin/common.nix +++ /dev/null @@ -1,126 +0,0 @@ -{ - pkgs, - lib, - nix-darwin, - ... -}: -{ - environment.systemPackages = with pkgs; [ - home-manager - jetbrains.clion - jetbrains.idea-ultimate - jetbrains.pycharm-professional - jetbrains.webstorm - ]; - - environment.darwinConfig = "/Users/irl/.config/nix-configs"; - - nix = { - package = pkgs.nix; - settings = { - "extra-experimental-features" = [ - "nix-command" - "flakes" - ]; - }; - }; - - nixpkgs.config.allowUnfreePredicate = - pkg: - builtins.elem (lib.getName pkg) [ - "clion" - "idea-ultimate" - "pycharm-professional" - "webstorm" - ]; - - homebrew = { - enable = true; - - onActivation = { - autoUpdate = true; - cleanup = "zap"; - }; - - brews = [ - "libfido2" - "mas" - "openssh" - "theseal/ssh-askpass/ssh-askpass" - ]; - - casks = [ - "affinity-designer" - "affinity-photo" - "affinity-publisher" - "audacity" - "discord" - "element" - "fantastical" - "firefox" - "ghostty" - "notion" - "obsidian" - "tor-browser" - "vlc" - ]; - - masApps = { - "Things" = 904280696; - }; - - taps = [ - "theseal/ssh-askpass" - ]; - }; - - programs = { - # TODO: rewrite in fish maybe - zsh.shellInit = '' - export SSH_ASKPASS=/opt/homebrew/bin/ssh-askpass - export SSH_ASKPASS_REQUIRE=force - - checkSSHAgent() { - if [ "$1" = "-k" ] ; then - pkill -9 ssh-agent - fi - - ssh_agent_conf="$HOME/.ssh/agent" - if [ -e "$ssh_agent_conf" ] ; then - . "$ssh_agent_conf" - fi - if ! ps aux | awk '{print $2}' | grep -q "$SSH_AGENT_PID" \ - || ! [ -e "$ssh_agent_conf" ] \ - || [ -z "$SSH_AGENT_PID" ] ; \ - then - ssh-agent -s | grep -v echo > "$ssh_agent_conf" - . "$ssh_agent_conf" - fi - } - - checkSSHAgent - ''; - }; - - system = { - defaults.NSGlobalDomain = { - "com.apple.swipescrolldirection" = false; - }; - primaryUser = "irl"; - stateVersion = 6; - }; - - users.users = { - irl = { - description = "irl"; - home = "/Users/irl"; - name = "irl"; - - # This is the macOS zsh, not from nix! - # My home-manager configuration contains some zshrc to automatically - # start fish for interactive shells where the parent process is not - # already fish. - shell = "/bin/zsh"; - }; - }; -} diff --git a/darwin/irl-mac-mini.nix b/darwin/irl-mac-mini.nix deleted file mode 100644 index 1601199..0000000 --- a/darwin/irl-mac-mini.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - lib, - ... -}: -{ - networking.hostName = "irl-mac-mini"; -} diff --git a/flake.lock b/flake.lock index 5f70800..8f53cb4 100644 --- a/flake.lock +++ b/flake.lock @@ -1,62 +1,5 @@ { "nodes": { - "apple-silicon": { - "inputs": { - "flake-compat": "flake-compat", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1748659443, - "narHash": "sha256-dav2hzyCmXZ3n6lEZrfZBG51+g6PUhkzRl3d6Ypd9x0=", - "owner": "tpwrules", - "repo": "nixos-apple-silicon", - "rev": "3ddc251d2acce5019b0fa770e224d068610a34e4", - "type": "github" - }, - "original": { - "owner": "tpwrules", - "repo": "nixos-apple-silicon", - "type": "github" - } - }, - "flake-compat": { - "locked": { - "lastModified": 1688025799, - "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", - "owner": "nix-community", - "repo": "flake-compat", - "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, "flake-utils": { "inputs": { "systems": "systems" @@ -82,11 +25,11 @@ ] }, "locked": { - "lastModified": 1751569544, - "narHash": "sha256-iWjzNHaSU+pm4TS/vzkzgBdbTwkyHy8Jc6PlcrgdgyU=", + "lastModified": 1749131129, + "narHash": "sha256-tJ+93i7N4QttM75bE8T09LlSU3Mv6Dfi9WaVBvlWilo=", "owner": "nix-community", "repo": "home-manager", - "rev": "28639e6470ef597fe9f5efc4c6594306859d62ed", + "rev": "13a45ede6c17b5e923dfc18a40a3f646436f4809", "type": "github" }, "original": { @@ -95,34 +38,13 @@ "type": "github" } }, - "nix-darwin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1751313918, - "narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=", - "owner": "nix-darwin", - "repo": "nix-darwin", - "rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf", - "type": "github" - }, - "original": { - "owner": "nix-darwin", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1751571573, - "narHash": "sha256-vyhLXk2EsyTSxZ8cETmAAUF/fp8hQ3lZ6fUC0p6+LsY=", + "lastModified": 1749145035, + "narHash": "sha256-7hU9TqHpz3BhcgoP3J/udnvZ3QCurGEBD+ERhvKbJEE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e50e2a177e0aaa0fd02c10fa365252f91b50cbf4", + "rev": "a537c74d1071ca48aa835f731998094a4058a6f3", "type": "github" }, "original": { @@ -131,71 +53,11 @@ "type": "github" } }, - "nixpkgs_2": { - "locked": { - "lastModified": 1744868846, - "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nur": { - "inputs": { - "flake-parts": "flake-parts", - "nixpkgs": [ - "nixpkgs" - ], - "treefmt-nix": "treefmt-nix" - }, - "locked": { - "lastModified": 1751571902, - "narHash": "sha256-5EimK/KBs+UHVC3d9L1oagFWIzOlU2lOq0eI5kOTTWI=", - "owner": "nix-community", - "repo": "NUR", - "rev": "b19bd45d58ab88e1700cc3032139676fae7f3ea1", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "NUR", - "type": "github" - } - }, "root": { "inputs": { - "apple-silicon": "apple-silicon", "flake-utils": "flake-utils", "home-manager": "home-manager", - "nix-darwin": "nix-darwin", - "nixpkgs": "nixpkgs", - "nur": "nur", - "sops-nix": "sops-nix" - } - }, - "sops-nix": { - "inputs": { - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1750119275, - "narHash": "sha256-Rr7Pooz9zQbhdVxux16h7URa6mA80Pb/G07T4lHvh0M=", - "owner": "mic92", - "repo": "sops-nix", - "rev": "77c423a03b9b2b79709ea2cb63336312e78b72e2", - "type": "github" - }, - "original": { - "owner": "mic92", - "repo": "sops-nix", - "type": "github" + "nixpkgs": "nixpkgs" } }, "systems": { @@ -212,27 +74,6 @@ "repo": "default", "type": "github" } - }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733222881, - "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "49717b5af6f80172275d47a418c9719a31a78b53", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 1000b92..821936f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,51 +1,32 @@ { description = "I have no idea what I'm doing"; + inputs = { nixpkgs.url = "github:nixos/nixpkgs"; - apple-silicon = { - url = "github:tpwrules/nixos-apple-silicon"; - inputs.nixpkgs.follows = "nixpkgs"; - }; flake-utils.url = "github:numtide/flake-utils"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; - nix-darwin = { - url = "github:nix-darwin/nix-darwin/master"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - nur = { - url = "github:nix-community/NUR"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - sops-nix = { - url = "github:mic92/sops-nix"; - inputs.nix.follows = "nixpkgs"; - }; + # nur = { + # url = "github:nix-community/NUR"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; }; outputs = { - apple-silicon, + nixpkgs, flake-utils, home-manager, - nix-darwin, - nixpkgs, - nur, - self, - sops-nix, - }@inputs: + ... + }: let - outputs = inputs.self; - overlays = [ - apple-silicon.overlays.apple-silicon-overlay - nur.overlays.default - ]; supportedSystems = [ "x86_64-linux" "aarch64-darwin" "aarch64-linux" ]; + forAllSystems = nixpkgs.lib.genAttrs supportedSystems; in { nixosConfigurations = { @@ -57,58 +38,28 @@ ./nixos/hosts/laptop/hardware-configuration.nix ]; }; - homeserver = nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = [ - ./nixos/common.nix - ./nixos/hosts/homeserver/default.nix - ./nixos/hosts/homeserver/hardware-configuration.nix - apple-silicon.nixosModules.apple-silicon-support - ]; - specialArgs = inputs; - }; }; - homeManagerModules = import ./modules/home-manager; - homeConfigurations = - { - role = [ - "desktop" - "minimal" - "server" - ]; - system = supportedSystems; + homeConfigurations = nixpkgs.lib.foldl' ( + acc: system: + acc + // { + "irl-${system}" = home-manager.lib.homeManagerConfiguration { + pkgs = import nixpkgs { inherit system; }; + modules = [ ./home/irl.nix ]; + }; + "irl-gui-${system}" = home-manager.lib.homeManagerConfiguration { + pkgs = import nixpkgs { inherit system; }; + modules = [ + ./home/irl.nix + { + irl.gui-packages = true; + } + ]; + }; } - |> nixpkgs.lib.cartesianProduct - |> nixpkgs.lib.foldl' ( - c: e: - c - // { - "irl-${e.role}-${e.system}" = home-manager.lib.homeManagerConfiguration { - pkgs = import nixpkgs { - inherit overlays; - system = e.system; - }; - extraSpecialArgs = { - inherit outputs; - }; - modules = [ - ./home-manager/irl.nix - { role = "${e.role}"; } - ]; - }; - } - ) { }; + ) { } supportedSystems; } // flake-utils.lib.eachSystem supportedSystems (system: { - formatter = nixpkgs.legacyPackages.${system}.nixfmt-tree; - }) - // { - darwinConfigurations."irl-mac-mini" = nix-darwin.lib.darwinSystem { - system = "aarch64-darwin"; - modules = [ - ./darwin/common.nix - ./darwin/irl-mac-mini.nix - ]; - }; - }; + formatter = nixpkgs.legacyPackages.${system}.nixfmt-rfc-style; + }); } diff --git a/home-manager/irl.nix b/home-manager/irl.nix deleted file mode 100644 index 5447f03..0000000 --- a/home-manager/irl.nix +++ /dev/null @@ -1,62 +0,0 @@ -{ - config, - lib, - outputs, - pkgs, - ... -}: -{ - imports = builtins.attrValues outputs.homeManagerModules; - - options.role = lib.mkOption { - description = "Home role to set up"; - default = "minimal"; - type = - with lib.types; - enum [ - "desktop" - "minimal" - "server" - ]; - }; - - config = { - feature.cli.enable = builtins.elem config.role [ - "desktop" - "minimal" - "server" - ]; - feature.firefox.enable = config.role == "desktop"; - feature.git.enable = builtins.elem config.role [ - "desktop" - "server" - ]; - feature.ops.enable = config.role == "desktop"; - feature.tmux.enable = builtins.elem config.role [ - "desktop" - "server" - ]; - feature.vim.enable = builtins.elem config.role [ - "desktop" - "minimal" - "server" - ]; - - home.username = "irl"; - home.homeDirectory = - if lib.strings.hasSuffix "darwin" pkgs.system then "/Users/irl" else "/home/irl"; - home.file.".config/nix/nix.conf".text = '' - experimental-features = nix-command flakes pipe-operators - ''; - home.packages = with pkgs; [ - neofetch - ]; - home.shellAliases = { - hms = "home-manager switch --flake ~/.config/nix-configs#irl-${config.role}-${pkgs.system}"; - drs = "sudo darwin-rebuild switch --flake ~/.config/nix-configs"; - }; - home.stateVersion = "25.05"; - - programs.home-manager.enable = true; - }; -} diff --git a/home/irl.nix b/home/irl.nix new file mode 100644 index 0000000..a0470d3 --- /dev/null +++ b/home/irl.nix @@ -0,0 +1,100 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.irl; +in +{ + options.irl.gui-packages = lib.mkEnableOption "GUI packages managed by home-manager"; + + config = { + home.username = "irl"; + home.homeDirectory = "/home/irl"; + home.stateVersion = "25.05"; + home.packages = with pkgs; [ + fish + neofetch + starship + tree + ]; + home.shellAliases = { + hms = + "home-manager switch --flake ~/.config/nix-configs#irl" + (if cfg.gui-packages then "-gui" else ""); + }; + programs.bash = { + enable = true; + initExtra = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; + programs.firefox = lib.mkIf cfg.gui-packages { + enable = true; + profiles.irl = { + extensions = { + # packages = with pkgs.nur.repos.rycee.firefox-addons; [ + # bitwarden + # kagi-search + # privacy-badger + # ]; + }; + }; + }; + programs.fish.enable = true; + programs.fzf = { + enable = true; + enableFishIntegration = true; + }; + programs.git = { + delta.enable = true; + enable = true; + extraConfig = { + diff = { + algorithm = "histogram"; + }; + init = { + defaultBranch = "main"; + }; + rebase = { + autosquash = true; + autostash = true; + }; + url = { + "git@github.com:".pushInsteadOf = "https://github.com/"; + "git@gitlab.com:".pushInsteadOf = "https://gitlab.com/"; + "git@guardianproject.dev:".pushInsteadOf = "https://guardianproject.dev/"; + }; + user = { + name = "irl"; + email = "iain@learmonth.me"; + }; + }; + }; + programs.home-manager.enable = true; + programs.neovim = { + defaultEditor = true; + enable = true; + viAlias = true; + vimAlias = true; + vimdiffAlias = true; + plugins = with pkgs.vimPlugins; [ + bufferline-nvim + nvim-treesitter.withAllGrammars + ]; + }; + programs.starship = { + enable = true; + enableFishIntegration = true; + enableInteractive = true; + enableTransience = true; + }; + programs.zellij.enable = true; + }; +} diff --git a/modules/home-manager/cli/cli.nix b/modules/home-manager/cli/cli.nix deleted file mode 100644 index d472f21..0000000 --- a/modules/home-manager/cli/cli.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.feature.cli; -in -{ - options.feature.cli = { - enable = lib.mkEnableOption "Set up the CLI"; - }; - - config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - starship - tree - ]; - - programs.fish = { - enable = true; - functions.fish_greeting = ""; - shellInitLast = lib.mkIf (lib.strings.hasSuffix "darwin" pkgs.system) '' - eval $(/opt/homebrew/bin/brew shellenv) - ''; - }; - - programs.fzf = { - enable = true; - enableFishIntegration = true; - }; - - programs.zsh = lib.mkIf (lib.strings.hasSuffix "darwin" pkgs.system) { - enable = true; - - # zsh is a POSIX compliant shell and a safe default, but if it's an interactive - # shell and fish is not in the parent processes (i.e. I'm not deliberately starting - # zsh to use interactively from fish) then just launch fish. - initContent = '' - [[ $- == *i* ]] || return - - is_parent_fish() { - local ppid=$$ - while [[ $ppid -ne 1 ]]; do - local ppname=$(ps -p $ppid -o comm=) - if [[ "$ppname" == *fish* ]]; then - return 1 - fi - ppid=$(ps -o ppid= -p $ppid) - done - return 0 - } - - if is_parent_fish - then - exec fish -l - fi - ''; - }; - - programs.starship = { - enable = true; - enableFishIntegration = true; - enableInteractive = true; - enableTransience = true; - settings = builtins.fromTOML (builtins.readFile ./starship.toml); - }; - }; -} diff --git a/modules/home-manager/cli/starship.toml b/modules/home-manager/cli/starship.toml deleted file mode 100644 index ddef1df..0000000 --- a/modules/home-manager/cli/starship.toml +++ /dev/null @@ -1,13 +0,0 @@ -"$schema" = 'https://starship.rs/config-schema.json' - -command_timeout = 800 - -[shell] -disabled = false -format = '[$indicator]($style)' -fish_indicator = '' -zsh_indicator = 'z' - -[sudo] -disabled = false - diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix deleted file mode 100644 index dca2898..0000000 --- a/modules/home-manager/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ - cli = import ./cli/cli.nix; - firefox = import ./firefox/firefox.nix; - git = import ./git/git.nix; - ops = import ./ops/ops.nix; - tmux = import ./tmux/tmux.nix; - vim = import ./vim/vim.nix; -} diff --git a/modules/home-manager/firefox/firefox.nix b/modules/home-manager/firefox/firefox.nix deleted file mode 100644 index 550bce1..0000000 --- a/modules/home-manager/firefox/firefox.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.feature.firefox; -in -{ - options.feature.firefox = { - enable = lib.mkEnableOption "Set up firefox"; - }; - - config = lib.mkIf cfg.enable { - programs.firefox = { - enable = true; - - # Firefox is expected to be installed as a system package - package = null; - - profiles.irl = { - extensions = { - force = true; - packages = with pkgs.nur.repos.rycee.firefox-addons; [ - bitwarden - granted - kagi-search - multi-account-containers - privacy-badger - recap - rsf-censorship-detector - ]; - }; - settings = { - "browser.newtabpage.activity-stream.discoverystream.sendToPocket.enabled" = false; - "browser.newtabpage.activity-stream.feeds.section.topstories" = false; - "browser.newtabpage.activity-stream.showSponsored" = false; - "browser.newtabpage.activity-stream.showSponsoredCheckboxes" = false; - "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; - "browser.search.suggest.enabled.private" = false; - "datareporting.policy.firstRunURL" = "https://irl.xyz/"; - "extensions.autoDisableScope" = 0; - "extensions.pocket.enabled" = false; - "identity.fxaccounts.enabled" = false; - }; - userContent = '' - /* It's a dot not an interpunct */ - .govuk-logo-dot { - fill: #fff !important; - transform: translate(0, 14.5px); - } - ''; - }; - }; - }; -} diff --git a/modules/home-manager/git/git.nix b/modules/home-manager/git/git.nix deleted file mode 100644 index dca5e91..0000000 --- a/modules/home-manager/git/git.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -let - cfg = config.feature.git; -in -{ - options.feature.git.enable = lib.mkEnableOption "Set up git"; - - config = { - programs.git = { - delta.enable = true; - enable = true; - extraConfig = { - diff = { - algorithm = "histogram"; - }; - init = { - defaultBranch = "main"; - }; - rebase = { - autosquash = true; - autostash = true; - }; - url = { - "git@github.com:".pushInsteadOf = "https://github.com/"; - "git@gitlab.com:".pushInsteadOf = "https://gitlab.com/"; - "git@guardianproject.dev:".pushInsteadOf = "https://guardianproject.dev/"; - }; - user = { - name = "irl"; - email = "iain@learmonth.me"; - }; - }; - }; - }; -} diff --git a/modules/home-manager/ops/ops.nix b/modules/home-manager/ops/ops.nix deleted file mode 100644 index b6eb711..0000000 --- a/modules/home-manager/ops/ops.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.feature.ops; -in -{ - options.feature.ops = { - enable = lib.mkEnableOption "Setup DevOps tools"; - }; - - config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - age - awscli2 - opentofu - ]; - }; -} diff --git a/modules/home-manager/tmux/tmux.conf b/modules/home-manager/tmux/tmux.conf deleted file mode 100644 index abb7510..0000000 --- a/modules/home-manager/tmux/tmux.conf +++ /dev/null @@ -1,11 +0,0 @@ -set -g default-terminal "tmux-256color" - -# Configure the catppuccin plugin -set -g @catppuccin_flavor "mocha" -set -g @catppuccin_window_status_style "rounded" - -# Make the status line pretty and add some modules -set -g status-right-length 100 -set -g status-left-length 100 -set -g status-left "" -set -g status-right "#{E:@catppuccin_status_application}" diff --git a/modules/home-manager/tmux/tmux.nix b/modules/home-manager/tmux/tmux.nix deleted file mode 100644 index 8f5bdfe..0000000 --- a/modules/home-manager/tmux/tmux.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.feature.tmux; -in -{ - options.feature.tmux = { - enable = lib.mkEnableOption "Set up tmux"; - }; - - config = lib.mkIf cfg.enable { - programs.tmux = { - enable = true; - baseIndex = 1; - plugins = with pkgs.tmuxPlugins; [ - catppuccin - ]; - extraConfig = builtins.readFile ./tmux.conf; - }; - }; -} diff --git a/modules/home-manager/vim/init.lua b/modules/home-manager/vim/init.lua deleted file mode 100644 index c7f480c..0000000 --- a/modules/home-manager/vim/init.lua +++ /dev/null @@ -1,97 +0,0 @@ --- Global settings -vim.g.loaded_netrw = 1 -vim.g.loaded_netrwPlugin = 1 -vim.g.mapleader = " " - -vim.opt.termguicolors = true - -vim.opt.tabstop = 2 -vim.opt.softtabstop = 2 -vim.opt.shiftwidth = 2 -vim.opt.expandtab = true - -vim.opt.number = true -vim.opt.relativenumber = true -vim.opt.scrolloff = 8 - -vim.opt.colorcolumn = "+1,+2" -vim.opt.cursorline = true -vim.opt.signcolumn = 'yes' - -vim.cmd.colorscheme "catppuccin-mocha" - --- Custom bindings for buffer navigation -vim.keymap.set("n", "n", "bn") -vim.keymap.set("n", "p", "bp") - -vim.keymap.set("n", "", "nohlsearch") - --- Bufferline (tabs) -require("bufferline").setup {} - --- Lualine (status line) -require("lualine").setup { - options = { - section_separators = { left = '', right = '' } - } -} - --- Telescope (anything search) -vim.keymap.set("n", "b", "Telescope buffers") -vim.keymap.set("n", "f", "Telescope find_files") -vim.keymap.set("n", "g", "Telescope git_files") - --- Tree (file manager) -require("nvim-tree").setup() -vim.keymap.set("n", "t", "NvimTreeToggle", { noremap = true, silent = true }) - --- lspconfig (LSPs) -vim.lsp.enable("lua_ls") -vim.lsp.enable("nil_ls") -vim.lsp.enable("pyright") -vim.lsp.enable("rust_analyzer") - -vim.keymap.set("n", "o", vim.lsp.buf.format) - -vim.api.nvim_create_autocmd('LspAttach', { - desc = 'LSP actions', - callback = function() - local bufmap = function(mode, lhs, rhs) - local opts = { buffer = true } - vim.keymap.set(mode, lhs, rhs, opts) - end - - -- Displays hover information about the symbol under the cursor - bufmap('n', 'K', vim.lsp.buf.hover) - - -- Jump to the definition - bufmap('n', 'gd', vim.lsp.buf.definition) - - -- Jump to declaration - bufmap('n', 'gD', vim.lsp.buf.declaration) - - -- Lists all the implementations for the symbol under the cursor - bufmap('n', 'gi', vim.lsp.buf.implementation) - - -- Jumps to the definition of the type symbol - bufmap('n', 'go', vim.lsp.buf.type_definition) - - -- Lists all the references - bufmap('n', 'gr', vim.lsp.buf.references) - - -- Displays a function's signature information - bufmap('n', '', vim.lsp.buf.signature_help) - - -- Renames all references to the symbol under the cursor - bufmap('n', 'R', vim.lsp.buf.rename) - - -- Show diagnostics in a floating window - bufmap('n', 'gl', vim.diagnostic.open_float) - - -- Move to the previous diagnostic - bufmap('n', '[d', vim.diagnostic.goto_prev) - - -- Move to the next diagnostic - bufmap('n', ']d', vim.diagnostic.goto_next) - end -}) diff --git a/modules/home-manager/vim/vim.nix b/modules/home-manager/vim/vim.nix deleted file mode 100644 index d758db3..0000000 --- a/modules/home-manager/vim/vim.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -let - cfg = config.feature.vim; -in -{ - options.feature.vim = { - enable = lib.mkEnableOption "Set up neovim"; - }; - - config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - fzf - lua-language-server - nil - pyright - ripgrep - rust-analyzer - ]; - - programs.neovim = { - defaultEditor = true; - enable = true; - viAlias = true; - vimAlias = true; - vimdiffAlias = true; - plugins = with pkgs.vimPlugins; [ - bufferline-nvim - catppuccin-nvim - lualine-nvim - nvim-tree-lua - nvim-lspconfig - telescope-nvim - nvim-web-devicons - ]; - extraLuaConfig = builtins.readFile ./init.lua; - }; - }; -} diff --git a/nixos/common.nix b/nixos/common.nix index f670c0e..fac3781 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -1,30 +1,8 @@ -{ - pkgs, - config, - sops-nix, - ... -}: +{ ... }: { - imports = [ - sops-nix.nixosModules.sops - ]; - nix.settings.experimental-features = "nix-command flakes"; - sops = { - defaultSopsFile = ../secrets.yaml; - validateSopsFiles = false; - - age = { - sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - keyFile = "/var/lib/sops-nix/key.txt"; - generateKey = true; - }; - - secrets.irl-password.neededForUsers = true; - }; - time.timeZone = "Europe/London"; i18n.defaultLocale = "en_GB.UTF-8"; @@ -40,28 +18,4 @@ LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; - - users.mutableUsers = false; - - users.users.irl = { - isNormalUser = true; - description = "irl"; - hashedPasswordFile = config.sops.secrets.irl-password.path; - extraGroups = [ - "networkmanager" - "wheel" - ]; - openssh.authorizedKeys.keys = [ - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJpoCJEax0XTNK6qfYfZV60euSwoc0RQ0bwFDQGMWYQnAAAABHNzaDo=" - ]; - }; - - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs; [ - curl - home-manager - neovim - wget - ]; } diff --git a/nixos/hosts/homeserver/default.nix b/nixos/hosts/homeserver/default.nix deleted file mode 100644 index fd75c8d..0000000 --- a/nixos/hosts/homeserver/default.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ - config, - lib, - pkgs, - apple-silicon, - ... -}: - -{ - nixpkgs.overlays = [ apple-silicon.overlays.apple-silicon-overlay ]; - - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = false; - - hardware.asahi.useExperimentalGPUDriver = true; - hardware.asahi.extractPeripheralFirmware = true; - - networking.hostName = "homeserver"; - networking.networkmanager.enable = true; - - fileSystems."/mnt/data" = { - device = "172.16.0.1:/volume1/data"; - fsType = "nfs"; - options = [ - "noauto" - "x-systemd.automount" - "x-systemd.idle-timeout=600" - ]; - }; - - users.groups.media = { }; - users.users.media = { - group = "media"; - isNormalUser = true; - }; - - services.xserver.xkb.layout = "us"; - - services.audiobookshelf = { - enable = true; - group = "media"; - host = "0.0.0.0"; - openFirewall = true; - port = 8000; - user = "media"; - }; - - services.avahi = { - enable = true; - publish = { - enable = true; - addresses = true; - workstation = true; - }; - allowInterfaces = [ - "end0" - "enp2s0u2" - ]; - }; - - services.calibre-server = { - enable = true; - extraFlags = [ "--enable-local-write" ]; - group = "media"; - libraries = [ "/srv/books" ]; - openFirewall = true; - port = 8585; - user = "media"; - }; - - services.openssh = { - enable = true; - settings.PasswordAuthentication = false; - settings.KbdInteractiveAuthentication = false; - settings.PermitRootLogin = "no"; - }; - - services.tailscale = { - enable = true; - useRoutingFeatures = "server"; - }; - - networking.firewall.allowedTCPPorts = [ 22 ]; - networking.firewall.allowedUDPPorts = [ ]; - - system.stateVersion = "25.11"; -} diff --git a/nixos/hosts/homeserver/hardware-configuration.nix b/nixos/hosts/homeserver/hardware-configuration.nix deleted file mode 100644 index 8693644..0000000 --- a/nixos/hosts/homeserver/hardware-configuration.nix +++ /dev/null @@ -1,53 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ - "xhci_pci" - "usb_storage" - "usbhid" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/d82c7bbb-e496-414c-a96b-4b4ca457bdfd"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/3B58-1BF7"; - fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; - }; - - swapDevices = [ ]; - - networking.interfaces = { - end0.useDHCP = lib.mkDefault true; - enp2s0u2.ipv4.addresses = [ - { - address = "172.16.0.2"; - prefixLength = 24; - } - ]; - }; - - nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; -} diff --git a/nixos/hosts/laptop/default.nix b/nixos/hosts/laptop/default.nix index 6c87681..f81eb56 100644 --- a/nixos/hosts/laptop/default.nix +++ b/nixos/hosts/laptop/default.nix @@ -32,10 +32,28 @@ pulse.enable = true; }; + users.users.irl = { + isNormalUser = true; + description = "irl"; + extraGroups = [ + "networkmanager" + "wheel" + ]; + }; + + nixpkgs.config.allowUnfree = true; + + environment.systemPackages = with pkgs; [ + curl + home-manager + neovim + wget + ]; + hardware.gpgSmartcards.enable = true; programs.gnupg.agent = { enable = true; - # enableSSHSupport = true; + enableSSHSupport = true; }; system.stateVersion = "25.05"; diff --git a/secrets.yaml b/secrets.yaml deleted file mode 100644 index 57d61a2..0000000 --- a/secrets.yaml +++ /dev/null @@ -1,25 +0,0 @@ -irl-password: ENC[AES256_GCM,data:8DcPiZ9Ui40MaOaPJ5XmZI3M7XDqLtBqJKLEUnolMYuNoa6dDBF/IicokQO6zvNVw0G2DPVQwbKzgEaWtvnj+5rXm+QbyEVIKw==,iv:+qsf6VzsMzAj6A5B6TCQ/ZaYDt0EiZYwQ7gZg0sw2TM=,tag:3Xi5bSJ7rYEUUVIDuynHag==,type:str] -sops: - age: - - recipient: age1uhp600xemepn27l0vxnt7hmuvk53wmw5peh9d3wy4ma2apsympmqxm8jxq - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRZmJkMlpoN2RRUEVVUCtS - cVl4T0grTit5TGtGUEM2MTlBRnQ2OWlWaEVrClErVm5uRzQySzNDM3J6dDFQY2U0 - cjlVS1NpTzdBQzgvSHJndmlxMWRmbUkKLS0tIHBtTkhSU1BTZHhMaXdZT0xiWWZD - ZXlLNjAzSVkxZWtDRjlUMHV5bnJXK3MKNGKAW7iq/Qfo1dAt3Zxjzu+PsjdtaYPG - a5Zvnazkm2dmuajldII/+xk4r/JewBZmeWdd37n2lUpbSisgcw0X5A== - -----END AGE ENCRYPTED FILE----- - - recipient: age1y9v37jc3kxuygw042qrsvseac5krhh3skp88ewlqlja00uslpyss62e4nd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiQTcxWkphbngrK3RMaEZF - UHU4ZURiVmNZdDhoR1l5YWVDZ1YvdlZWbndJCnRZd0tmR2lXcnA0V0dRaDZzZkg5 - YitPd01mbFc1VHVyTDl3Sk9UTGptclEKLS0tIEtWb0VNZWFLUmNZRDh3S0N4WmN0 - SlVKUDZWVEp2YmR4V3ArRW1GR1lXeTAKRJoawuTKrgrz6qeOSTmYLXO6n66QNPLA - C5UI4yB0WLeRxdqxU84a3rS2ZjgTh22RR0WwRe6siOaKOdS1G96DXw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-06-13T17:56:08Z" - mac: ENC[AES256_GCM,data:YjTPJ69gNE3MOxUq8X1H4ucqiJxIwRFBBLz0pu6nJgx64XDKe96qeiy7NLAnyJuzOgXpZxb6bm+ecf4E288Bq5NyqpWyrICXC37mSMMXTIoi+HZMHk/GYOAezfCHCBzJBKlJjTZhmslF1zu/4jGtUf/VTOCm+WTPDTUjVkzvwJ8=,iv:vsiDWLir7b/DmOgJFs9iuNxJxJAipdriP/XSPbm4MKU=,tag:aBXeQdetTepLNj/kl45McQ==,type:str] - unencrypted_suffix: _unencrypted - version: 3.10.2