macronova/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Reformat with alejandra

Browse source
This commit is contained in:
Invariantspace 2024-08-14 11:14:20 -07:00
parent 7b2b5b3b80
commit 52a81ddb21
No known key found for this signature in database
GPG key ID: EBC4A20067373921
53 changed files with 764 additions and 746 deletions
Download patch file Download diff file Expand all files Collapse all files

12
common/constants.nix
View file

@ -1,5 +1,8 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib; {
options.constants = {
domain = mkOption {
@ -50,7 +53,10 @@ with lib; {
};
privateKeyFiles = mkOption {
type = types.listOf types.str;
default = if config.services.openssh.enable then builtins.map (key: key.path) config.services.openssh.hostKeys else [ "/root/.ssh/${config.networking.hostName}" ];
default =
if config.services.openssh.enable
then builtins.map (key: key.path) config.services.openssh.hostKeys
else ["/root/.ssh/${config.networking.hostName}"];
description = ''
The private key files for sops.
'';

6
common/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
home-manager.nixosModules.default
sops-nix.nixosModules.default
@ -9,5 +7,5 @@
./users.nix
];
home-manager.sharedModules = [ inputs.plasma-manager.homeManagerModules.plasma-manager ];
home-manager.sharedModules = [inputs.plasma-manager.homeManagerModules.plasma-manager];
}

4
common/secrets.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
sops = with config.constants; {
age.sshKeyPaths = privateKeyFiles;
defaultSopsFile = sopsFile;

388
common/users.nix
View file

@ -1,18 +1,19 @@
{ config, pkgs, ... }:
let
{
config,
pkgs,
...
}: let
home = config.constants.homeDir;
usr = config.constants.userName;
usrPwdFile = "users/${usr}/password";
in
{
in {
console.enable = false;
fonts = {
fontDir.enable = true;
fontconfig.defaultFonts = {
sansSerif = [ "Inter" "Noto Sans CJK SC" ];
monospace = [ "Iosevka" "Noto Sans Mono CJK SC" ];
sansSerif = ["Inter" "Noto Sans CJK SC"];
monospace = ["Iosevka" "Noto Sans Mono CJK SC"];
};
packages = with pkgs; [
inter
@ -24,182 +25,209 @@ in
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.${usr} = { config, osConfig, pkgs, ... }:
{
home = {
file.kvantum = {
enable = config.programs.plasma.enable;
target = ".config/Kvantum/kvantum.kvconfig";
text = ''
[General]
theme=Sweet-Ambar-Blue
'';
};
packages = with pkgs; [
users.${usr} = {
config,
osConfig,
pkgs,
...
}: {
home = {
file.kvantum = {
enable = config.programs.plasma.enable;
target = ".config/Kvantum/kvantum.kvconfig";
text = ''
[General]
theme=Sweet-Ambar-Blue
'';
};
packages = with pkgs;
[
alejandra
dua
fd
nil
nixpkgs-fmt
rclone
sops
] ++ (if config.programs.plasma.enable then [
sweet-ambar-blue
wallpaper-engine-plasma6-plugin
yorha-sound-theme
] ++ (with kdePackages; [
qtmultimedia
qtstyleplugin-kvantum
qtwebchannel
qtwebengine
qtwebsockets
]) else [ ]);
stateVersion = osConfig.system.stateVersion;
};
programs = {
bat.enable = true;
bottom.enable = true;
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza.enable = true;
fish.enable = true;
fzf.enable = true;
git = {
enable = true;
extraConfig = {
core.autocrlf = "input";
init.defaultBranch = "development";
pull.rebase = false;
push.autoSetupRemote = true;
};
ignores = [
".direnv"
".envrc"
];
userEmail = osConfig.constants.postMaster;
userName = osConfig.constants.userName;
};
helix = {
enable = true;
defaultEditor = true;
settings = {
editor = {
lsp.display-inlay-hints = true;
soft-wrap.enable = true;
};
theme = "base16_transparent";
};
};
plasma = {
input.touchpads = [
{
enable = false;
name = "ASUE120A:00 04F3:319B Touchpad";
productId = "319B";
vendorId = "04F3";
}
];
kscreenlocker = {
autoLock = true;
lockOnResume = true;
passwordRequired = true;
appearance.wallpaperPictureOfTheDay.provider = "bing";
};
kwin = {
effects = {
blur.enable = true;
desktopSwitching.animation = "slide";
dimAdminMode.enable = true;
windowOpenClose.animation = "glide";
};
scripts.polonium = {
enable = true;
settings.layout.engine = "binaryTree";
};
virtualDesktops = {
number = 4;
rows = 1;
};
};
overrideConfig = true;
panels = [
{
floating = false;
height = 36;
widgets = [
{
kickoff = {
icon = "nix-snowflake-white";
sortAlphabetically = true;
};
}
"org.kde.plasma.pager"
{
iconTasks.launchers = [];
}
"org.kde.plasma.marginsseparator"
{
systemTray.items = {
shown = [
"org.kde.kdeconnect"
];
hidden = [
"org.kde.plasma.battery"
"org.kde.plasma.bluetooth"
"org.kde.plasma.brightness"
"org.kde.plasma.devicenotifier"
"org.kde.plasma.manage-inputmethod"
"Fcitx"
];
};
}
"org.kde.plasma.digitalclock"
];
}
];
powerdevil.AC = {
autoSuspend.action = "nothing";
dimDisplay.enable = true;
powerButtonAction = "showLogoutScreen";
whenLaptopLidClosed = "turnOffScreen";
whenSleepingEnter = "standby";
};
spectacle.shortcuts.captureRectangularRegion = "Meta+Shift+S";
workspace = {
colorScheme = "SweetAmbarBlue";
desktop.icons = {
alignment = "left";
arrangement = "leftToRight";
lockInPlace = true;
sorting = {
foldersFirst = true;
mode = "type";
};
};
iconTheme = "Sweet-Rainbow";
lookAndFeel = "Sweet-Ambar-Blue";
soundTheme = "yorha";
};
};
ripgrep.enable = true;
starship = {
enable = true;
enableTransience = true;
};
tealdeer.enable = true;
zoxide = {
enable = true;
options = [ "--cmd cd" ];
};
};
xdg.enable = true;
]
++ (
if config.programs.plasma.enable
then
[
sweet-ambar-blue
wallpaper-engine-plasma6-plugin
yorha-sound-theme
]
++ (with kdePackages; [
qtmultimedia
qtstyleplugin-kvantum
qtwebchannel
qtwebengine
qtwebsockets
])
else []
);
stateVersion = osConfig.system.stateVersion;
};
programs = {
bat.enable = true;
bottom.enable = true;
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza.enable = true;
firefox.enable = config.programs.plasma.enable;
fish.enable = true;
fzf.enable = true;
git = {
enable = true;
extraConfig = {
core.autocrlf = "input";
init.defaultBranch = "development";
pull.rebase = false;
push.autoSetupRemote = true;
};
ignores = [
".direnv"
".envrc"
];
userEmail = osConfig.constants.postMaster;
userName = osConfig.constants.userName;
};
helix = {
enable = true;
defaultEditor = true;
settings = {
editor = {
lsp.display-inlay-hints = true;
soft-wrap.enable = true;
};
theme = "base16_transparent";
};
};
kitty = {
enable = config.programs.plasma.enable;
settings = {
background_opacity = "0.96";
remember_window_size = "no";
};
theme = "Tokyo Night Moon";
};
plasma = {
configFile = {
kded5rc.Module-browserintegrationreminder.autoload = false;
kdeglobals.General = {
TerminalApplication = "kitty";
TerminalService = "kitty.desktop";
};
};
input.touchpads = [
{
enable = false;
name = "ASUE120A:00 04F3:319B Touchpad";
productId = "319B";
vendorId = "04F3";
}
];
kscreenlocker = {
autoLock = true;
lockOnResume = true;
passwordRequired = true;
appearance.wallpaperPictureOfTheDay.provider = "bing";
};
kwin = {
effects = {
blur.enable = true;
desktopSwitching.animation = "slide";
dimAdminMode.enable = true;
windowOpenClose.animation = "glide";
};
scripts.polonium = {
enable = true;
settings.layout.engine = "binaryTree";
};
virtualDesktops = {
number = 4;
rows = 1;
};
};
overrideConfig = true;
panels = [
{
floating = false;
height = 36;
widgets = [
{
kickoff = {
icon = "nix-snowflake-white";
sortAlphabetically = true;
};
}
"org.kde.plasma.pager"
{
iconTasks.launchers = [];
}
"org.kde.plasma.marginsseparator"
{
systemTray.items = {
shown = [
"org.kde.kdeconnect"
];
hidden = [
"org.kde.plasma.battery"
"org.kde.plasma.bluetooth"
"org.kde.plasma.brightness"
"org.kde.plasma.devicenotifier"
"org.kde.plasma.manage-inputmethod"
"Fcitx"
];
};
}
"org.kde.plasma.digitalclock"
];
}
];
powerdevil.AC = {
autoSuspend.action = "nothing";
dimDisplay.enable = true;
powerButtonAction = "showLogoutScreen";
whenLaptopLidClosed = "turnOffScreen";
whenSleepingEnter = "standby";
};
spectacle.shortcuts.captureRectangularRegion = "Meta+Shift+S";
workspace = {
colorScheme = "SweetAmbarBlue";
desktop.icons = {
alignment = "left";
arrangement = "leftToRight";
lockInPlace = true;
sorting = {
foldersFirst = true;
mode = "type";
};
};
iconTheme = "Sweet-Rainbow";
lookAndFeel = "Sweet-Ambar-Blue";
soundTheme = "yorha";
};
};
ripgrep.enable = true;
starship = {
enable = true;
enableTransience = true;
};
tealdeer.enable = true;
zoxide = {
enable = true;
options = ["--cmd cd"];
};
};
};
};
i18n = {
defaultLocale = "zh_CN.UTF-8";
supportedLocales = [ "all" ];
supportedLocales = ["all"];
};
programs = {
@ -209,12 +237,14 @@ in
services = {
openssh = {
hostKeys = [{
comment = "host@${config.networking.hostName}";
path = "/etc/ssh/host";
rounds = 100;
type = "ed25519";
}];
hostKeys = [
{
comment = "host@${config.networking.hostName}";
path = "/etc/ssh/host";
rounds = 100;
type = "ed25519";
}
];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;

84
flake.nix
View file

@ -13,47 +13,51 @@
sops-nix.url = "github:Mic92/sops-nix";
};
outputs = inputs@{ self, nixpkgs, nix-custom, ... }:
let
linuxCfgDir = ./linux;
templateDir = ./template;
in
{
nixosConfigurations = builtins.mapAttrs
(instance: _:
nixpkgs.lib.nixosSystem ({
modules = [
# Import config from folder
(linuxCfgDir + "/${instance}")
# Setup Nix
({ pkgs, ... }: {
networking.hostName = instance;
nix = {
gc = {
automatic = true;
options = "--delete-older-than 30d";
};
settings = {
auto-optimise-store = true;
experimental-features = [ "nix-command" "flakes" ];
trusted-substituters = [ "https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store" ];
};
outputs = inputs @ {
self,
nixpkgs,
nix-custom,
...
}: let
linuxCfgDir = ./linux;
templateDir = ./template;
in {
nixosConfigurations =
builtins.mapAttrs
(instance: _:
nixpkgs.lib.nixosSystem {
modules = [
# Import config from folder
(linuxCfgDir + "/${instance}")
# Setup Nix
({pkgs, ...}: {
networking.hostName = instance;
nix = {
gc = {
automatic = true;
options = "--delete-older-than 30d";
};
nixpkgs = {
config.allowUnfree = true;
overlays = [ nix-custom.overlays.default ];
settings = {
auto-optimise-store = true;
experimental-features = ["nix-command" "flakes"];
trusted-substituters = ["https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store"];
};
})
];
specialArgs = { inherit inputs; };
}))
(builtins.readDir linuxCfgDir);
templates = builtins.mapAttrs
(template: _: {
path = templateDir + "/${template}";
description = "Template flake setup: ${template}";
};
nixpkgs = {
config.allowUnfree = true;
overlays = [nix-custom.overlays.default];
};
})
];
specialArgs = {inherit inputs;};
})
(builtins.readDir templateDir);
};
(builtins.readDir linuxCfgDir);
templates =
builtins.mapAttrs
(template: _: {
path = templateDir + "/${template}";
description = "Template flake setup: ${template}";
})
(builtins.readDir templateDir);
};
}

12
linux/blitzar/configuration.nix
View file

@ -1,16 +1,15 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs, ... }:
{
{pkgs, ...}: {
# Configure boot
boot = {
initrd.systemd.enable = true;
loader = {
efi.canTouchEfiVariables = true;
grub = let yorha = pkgs.yorha-grub-theme; in {
grub = let
yorha = pkgs.yorha-grub-theme;
in {
enable = true;
device = "nodev";
efiSupport = true;
@ -22,7 +21,7 @@
enable = true;
extraConfig = "DeviceScale=1";
theme = "target_2";
themePackages = [ pkgs.adi1090x-plymouth-themes ];
themePackages = [pkgs.adi1090x-plymouth-themes];
};
};
@ -46,4 +45,3 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
}

4
linux/blitzar/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
disko.nixosModules.default
hardware.nixosModules.asus-zephyrus-ga402

23
linux/blitzar/device.nix
View file

@ -1,15 +1,16 @@
{ config, pkgs, ... }:
let
usr = config.constants.userName;
in
{
config,
pkgs,
...
}: let
usr = config.constants.userName;
in {
hardware = {
bluetooth.enable = true;
graphics.enable = true;
openrazer = {
enable = true;
users = [ usr ];
users = [usr];
};
};
@ -32,7 +33,7 @@ in
kanata = {
enable = true;
keyboards.core = {
devices = [ "/dev/input/by-id/usb-ASUSTeK_Computer_Inc._N-KEY_Device-if02-event-kbd" ];
devices = ["/dev/input/by-id/usb-ASUSTeK_Computer_Inc._N-KEY_Device-if02-event-kbd"];
config = ''
(defsrc
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 del
@ -46,7 +47,7 @@ in
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ @li _ _ _
)
@ -54,7 +55,7 @@ in
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX @lb XX @lm XX XX XX XX XX
XX XX XX XX XX XX XX XX XX
)
@ -62,7 +63,7 @@ in
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX prev next XX XX XX
XX XX XX pp XX @li XX XX XX
)
@ -86,7 +87,7 @@ in
printing.enable = true;
};
users.users.${usr}.extraGroups = [ "adbusers" "cdrom" ];
users.users.${usr}.extraGroups = ["adbusers" "cdrom"];
virtualisation = {
containers.enable = true;

4
linux/blitzar/disko.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
disko.devices = {
# Partition the physical disk
disk.storage = {

206
linux/blitzar/gui.nix
View file

@ -1,9 +1,19 @@
{ config, pkgs, ... }:
let usr = config.constants.userName; in {
home-manager.users.${usr} = { config, pkgs, ... }:
let xdgCfg = config.xdg; in {
home.packages = with pkgs; [
{
config,
pkgs,
...
}: let
usr = config.constants.userName;
in {
home-manager.users.${usr} = {
config,
pkgs,
...
}: let
xdgCfg = config.xdg;
in {
home.packages = with pkgs;
[
feishin
hunspell
hunspellDicts.en-us-large
@ -20,114 +30,106 @@ let usr = config.constants.userName; in {
thunderbird
winetricks
wineWowPackages.stagingFull
] ++ (with kdePackages; [
]
++ (with kdePackages; [
k3b
kdepim-addons
merkuro
]);
programs = {
firefox.enable = true;
git.signing = {
key = "0x6A815D4CB1637AAC";
signByDefault = true;
};
gpg = {
enable = true;
homedir = "${xdgCfg.dataHome}/gnupg";
};
kitty = {
enable = true;
settings = {
background_opacity = "0.96";
remember_window_size = "no";
};
theme = "Tokyo Night Moon";
};
mpv = {
enable = true;
config = {
osd-bar = "no";
border = "no";
};
scripts = with pkgs.mpvScripts; [
mpris
thumbfast
uosc
vr-reversal
];
};
obs-studio.enable = true;
plasma.enable = true;
zathura = {
enable = true;
options = {
completion-bg = "#504945";
completion-fg = "#ebdbb2";
completion-group-bg = "#3c3836";
completion-group-fg = "#928374";
completion-highlight-bg = "#83a598";
completion-highlight-fg = "#504945";
default-bg = "#1d2021";
default-fg = "#ebdbb2";
highlight-active-color = "#fe8019";
highlight-color = "#fabd2f";
index-active-bg = "#83a598";
index-active-fg = "#504945";
index-bg = "#504945";
index-fg = "#ebdbb2";
inputbar-bg = "#1d2021";
inputbar-fg = "#ebdbb2";
notification-bg = "#1d2021";
notification-error-bg = "#1d2021";
notification-error-fg = "#fb4934";
notification-fg = "#b8bb26";
notification-warning-bg = "#1d2021";
notification-warning-fg = "#fabd2f";
recolor = "true";
recolor-darkcolor = "#ebdbb2";
recolor-keephue = "true";
recolor-lightcolor = "#1d2021";
render-loading = "true";
render-loading-bg = "#1d2021";
render-loading-fg = "#ebdbb2";
selection-clipboard = "clipboard";
statusbar-bg = "#504945";
statusbar-fg = "#ebdbb2";
};
};
programs = {
git.signing = {
key = "0x6A815D4CB1637AAC";
signByDefault = true;
};
services = {
easyeffects.enable = true;
gpg-agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
gpg = {
enable = true;
homedir = "${xdgCfg.dataHome}/gnupg";
};
mpv = {
enable = true;
config = {
osd-bar = "no";
border = "no";
};
xsettingsd = {
enable = true;
settings = {
"Gdk/UnscaledDPI" = 98304;
"Gdk/WindowScalingFactor" = 2;
"Gtk/EnableAnimations" = 1;
"Gtk/DecorationLayout" = "icon:minimize,maximize,close";
"Net/ThemeName" = "Sweet-Ambar-Blue";
"Gtk/PrimaryButtonWarpsSlider" = 1;
"Gtk/ToolbarStyle" = 3;
"Gtk/MenuImages" = 1;
"Gtk/ButtonImages" = 1;
"Gtk/CursorThemeSize" = 96;
"Gtk/CursorThemeName" = "Sweet-cursors";
"Net/SoundThemeName" = "yorha";
"Net/IconThemeName" = "Sweet-Rainbow";
"Gtk/FontName" = "Noto Sans, 10";
};
scripts = with pkgs.mpvScripts; [
mpris
thumbfast
uosc
vr-reversal
];
};
obs-studio.enable = true;
plasma.enable = true;
zathura = {
enable = true;
options = {
completion-bg = "#504945";
completion-fg = "#ebdbb2";
completion-group-bg = "#3c3836";
completion-group-fg = "#928374";
completion-highlight-bg = "#83a598";
completion-highlight-fg = "#504945";
default-bg = "#1d2021";
default-fg = "#ebdbb2";
highlight-active-color = "#fe8019";
highlight-color = "#fabd2f";
index-active-bg = "#83a598";
index-active-fg = "#504945";
index-bg = "#504945";
index-fg = "#ebdbb2";
inputbar-bg = "#1d2021";
inputbar-fg = "#ebdbb2";
notification-bg = "#1d2021";
notification-error-bg = "#1d2021";
notification-error-fg = "#fb4934";
notification-fg = "#b8bb26";
notification-warning-bg = "#1d2021";
notification-warning-fg = "#fabd2f";
recolor = "true";
recolor-darkcolor = "#ebdbb2";
recolor-keephue = "true";
recolor-lightcolor = "#1d2021";
render-loading = "true";
render-loading-bg = "#1d2021";
render-loading-fg = "#ebdbb2";
selection-clipboard = "clipboard";
statusbar-bg = "#504945";
statusbar-fg = "#ebdbb2";
};
};
};
services = {
easyeffects.enable = true;
gpg-agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
};
xsettingsd = {
enable = true;
settings = {
"Gdk/UnscaledDPI" = 98304;
"Gdk/WindowScalingFactor" = 2;
"Gtk/EnableAnimations" = 1;
"Gtk/DecorationLayout" = "icon:minimize,maximize,close";
"Net/ThemeName" = "Sweet-Ambar-Blue";
"Gtk/PrimaryButtonWarpsSlider" = 1;
"Gtk/ToolbarStyle" = 3;
"Gtk/MenuImages" = 1;
"Gtk/ButtonImages" = 1;
"Gtk/CursorThemeSize" = 96;
"Gtk/CursorThemeName" = "Sweet-cursors";
"Net/SoundThemeName" = "yorha";
"Net/IconThemeName" = "Sweet-Rainbow";
"Gtk/FontName" = "Noto Sans, 10";
};
};
};
};
i18n.inputMethod = {
enable = true;
type = "fcitx5";
fcitx5.addons = with pkgs; [ fcitx5-nord fcitx5-rime ];
fcitx5.addons = with pkgs; [fcitx5-nord fcitx5-rime];
};
programs = {
@ -148,7 +150,7 @@ let usr = config.constants.userName; in {
};
xserver = {
enable = true;
videoDrivers = [ "amdgpu" ];
videoDrivers = ["amdgpu"];
};
};
}

23
linux/blitzar/hardware-configuration.nix
View file

@ -1,18 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

4
linux/blitzar/network.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
networking = {
hostId = "30f8f777";
networkmanager = {

11
linux/blitzar/syncthing.nix
View file

@ -1,24 +1,21 @@
{ ... }:
{
{...}: {
services.syncthing = {
enable = true;
settings.folders = {
game-data = {
devices = [ "protostar" ];
devices = ["protostar"];
path = "~/Game/data";
type = "sendonly";
};
game-save = {
devices = [ "protostar" ];
devices = ["protostar"];
path = "~/Game/save";
};
music = {
devices = [ "nebula" ];
devices = ["nebula"];
path = "~/Music";
type = "sendonly";
};
};
};
}

4
linux/blitzar/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 22276;

60
linux/blitzar/zfs.nix
View file

@ -1,6 +1,8 @@
{ config, lib, ... }:
{
config,
lib,
...
}: {
boot = {
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
loader.grub.zfsSupport = true;
@ -15,60 +17,71 @@
enable = true;
settings = {
global = {
logging = [{
type = "syslog";
level = "info";
format = "human";
}];
logging = [
{
type = "syslog";
level = "info";
format = "human";
}
];
};
jobs = [
{
name = "snapshot";
type = "snap";
filesystems = { "zroot/main/home" = true; };
filesystems = {"zroot/main/home" = true;};
snapshotting = {
type = "periodic";
prefix = "zrepl-";
interval = "1h";
};
pruning = {
keep = [{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " [ "1x1h(keep=all)" "24x1h" "7x1d" "4x1w" ];
}];
keep = [
{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " ["1x1h(keep=all)" "24x1h" "7x1d" "4x1w"];
}
];
};
}
{
name = "push-to-local-drive";
type = "push";
send = { encrypted = true; };
send = {encrypted = true;};
connect = {
type = "local";
listener_name = "sink-to-local-drive";
client_identity = config.networking.hostName;
};
filesystems = { "zroot/main/home" = true; };
filesystems = {"zroot/main/home" = true;};
replication = {
protection = {
initial = "guarantee_resumability";
incremental = "guarantee_incremental";
};
};
snapshotting = { type = "manual"; };
snapshotting = {type = "manual";};
pruning = {
keep_sender = [{ type = "regex"; regex = ".*"; }];
keep_receiver = [{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " [ "1x1h(keep=all)" "365x1d" "52x1w" ];
}];
keep_sender = [
{
type = "regex";
regex = ".*";
}
];
keep_receiver = [
{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " ["1x1h(keep=all)" "365x1d" "52x1w"];
}
];
};
}
{
name = "sink-to-local-drive";
type = "sink";
recv = { placeholder = { encryption = "off"; }; };
recv = {placeholder = {encryption = "off";};};
root_fs = "zbackup";
serve = {
type = "local";
@ -79,4 +92,3 @@
};
};
}

5
linux/comet/configuration.nix
View file

@ -1,10 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ ... }:
{
{...}: {
# Configure boot loader
boot.loader = {
efi.canTouchEfiVariables = true;

4
linux/comet/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
hardware.nixosModules.common-cpu-intel
../../common

43
linux/comet/hardware-configuration.nix
View file

@ -1,32 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "uas" "sd_mod" "sdhci_acpi" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usbhid" "uas" "sd_mod" "sdhci_acpi"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/9f65c4b3-1c87-42a0-8c1d-f3c1ff2e71b1";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/9f65c4b3-1c87-42a0-8c1d-f3c1ff2e71b1";
fsType = "ext4";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/1C5A-E5B5";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/1C5A-E5B5";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

4
linux/comet/network.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
networking = {
hostId = "3ddd2ad2";
nftables.enable = true;

4
linux/comet/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 12765;

4
linux/nebula/conduit.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.matrix-conduit = {
enable = true;
settings.global = with config.constants; {

6
linux/nebula/configuration.nix
View file

@ -1,10 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ ... }:
{
{...}: {
# Configure boot loader
boot.loader = {
efi.canTouchEfiVariables = true;
@ -22,4 +19,3 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
}

4
linux/nebula/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
disko.nixosModules.default
hardware.nixosModules.common-cpu-amd

5
linux/nebula/disko.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
disko.devices = {
# Partition the physical disk
disk.storage = {
@ -77,5 +75,4 @@
};
};
};
}

4
linux/nebula/forgejo.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.forgejo = {
enable = true;
settings = {

23
linux/nebula/hardware-configuration.nix
View file

@ -1,18 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "uas" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "uas" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

15
linux/nebula/jellyfin.nix
View file

@ -1,11 +1,12 @@
{ config, pkgs, ... }:
let
{
config,
pkgs,
...
}: let
const = config.constants;
ports = const.port;
usr = const.userName;
in
{
in {
hardware.graphics.enable = true;
services = {
@ -38,7 +39,7 @@ in
};
};
sops.secrets.aria2 = { };
sops.secrets.aria2 = {};
users.users.${usr}.extraGroups = [ config.systemd.services.aria2.serviceConfig.Group ];
users.users.${usr}.extraGroups = [config.systemd.services.aria2.serviceConfig.Group];
}

6
linux/nebula/network.nix
View file

@ -1,8 +1,6 @@
{ config, ... }:
{
{config, ...}: {
networking = {
firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
firewall.trustedInterfaces = [config.services.tailscale.interfaceName];
hostId = "e6449321";
networkmanager = {
enable = true;

6
linux/nebula/syncthing.nix
View file

@ -1,10 +1,8 @@
{ ... }:
{
{...}: {
services.syncthing = {
enable = true;
settings.folders.music = {
devices = [ "blitzar" ];
devices = ["blitzar"];
path = "~/Music";
type = "receiveonly";
};

4
linux/nebula/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 25555;

4
linux/nebula/writefreely.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.writefreely = with config.constants; {
enable = true;
host = "writefreely.${domain}";

7
linux/nebula/zfs.nix
View file

@ -1,7 +1,4 @@
{ config, ... }:
{
{config, ...}: {
boot = {
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
loader.grub.zfsSupport = true;
@ -11,6 +8,4 @@
autoScrub.enable = true;
trim.enable = true;
};
}

7
linux/protostar/configuration.nix
View file

@ -1,10 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ ... }:
{
{...}: {
# Configuration boot
boot.loader = {
efi.canTouchEfiVariables = true;
@ -27,6 +24,4 @@
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
}

4
linux/protostar/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
disko.nixosModules.default
jovian.nixosModules.default

5
linux/protostar/disko.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
disko.devices = {
# Partition the physical disk
disk.storage = {
@ -69,5 +67,4 @@
};
};
};
}

17
linux/protostar/gui.nix
View file

@ -1,10 +1,12 @@
{ config, inputs, pkgs, ... }:
let
{
config,
inputs,
pkgs,
...
}: let
usr = config.constants.userName;
jovianPkgs = pkgs.extend inputs.jovian.overlays.default;
in
{
in {
home-manager.users.${usr} = {
home.packages = with jovianPkgs; [
feishin
@ -20,10 +22,7 @@ in
winetricks
wineWowPackages.stagingFull
];
programs = {
firefox.enable = true;
plasma.enable = true;
};
programs.plasma.enable = true;
};
jovian = {
devices.steamdeck = {

23
linux/protostar/hardware-configuration.nix
View file

@ -1,18 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

6
linux/protostar/network.nix
View file

@ -1,8 +1,6 @@
{ config, ... }:
{
{config, ...}: {
networking = {
firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
firewall.trustedInterfaces = [config.services.tailscale.interfaceName];
hostId = "74247225";
networkmanager.enable = true;
nftables.enable = true;

8
linux/protostar/syncthing.nix
View file

@ -1,16 +1,14 @@
{ ... }:
{
{...}: {
services.syncthing = {
enable = true;
settings.folders = {
game-data = {
devices = [ "blitzar" ];
devices = ["blitzar"];
path = "~/Game/data";
type = "receiveonly";
};
game-save = {
devices = [ "blitzar" ];
devices = ["blitzar"];
path = "~/Game/save";
};
};

4
linux/protostar/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 25172;

5
linux/protostar/zfs.nix
View file

@ -1,9 +1,6 @@
{ ... }:
{
{...}: {
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
};
}

123
linux/singularity/caddy.nix
View file

@ -1,70 +1,72 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
services.caddy = {
enable = true;
email = config.constants.postMaster;
virtualHosts =
let
dn = config.constants.domain;
homeSrv = s: "nebula:${portStr.${s}}";
localSrv = s: "${config.constants.localhost}:${portStr.${s}}";
msfqdn = config.mailserver.fqdn;
mtfqdn = "matrix.${dn}";
portStr = builtins.mapAttrs (n: v: toString v) config.constants.port;
wn = s: "/.well-known/${s}";
in
{
"${dn}".extraConfig = let wnm = wn "matrix"; in ''
header ${wnm}/* Content-Type application/json
header ${wnm}/* Access-Control-Allow-Origin *
respond ${wnm}/server `{ "m.server": "${mtfqdn}:${portStr.https}" }`
respond ${wnm}/client `{
"m.homeserver": { "base_url": "https://${mtfqdn}" },
"m.identity_server": { "base_url": "https://${mtfqdn}" }
}`
'';
"aria2.${dn}".extraConfig = ''
reverse_proxy /jsonrpc ${homeSrv "aria2"}
file_server {
root ${pkgs.ariang}/share/ariang
virtualHosts = let
dn = config.constants.domain;
homeSrv = s: "nebula:${portStr.${s}}";
localSrv = s: "${config.constants.localhost}:${portStr.${s}}";
msfqdn = config.mailserver.fqdn;
mtfqdn = "matrix.${dn}";
portStr = builtins.mapAttrs (n: v: toString v) config.constants.port;
wn = s: "/.well-known/${s}";
in {
"${dn}".extraConfig = let
wnm = wn "matrix";
in ''
header ${wnm}/* Content-Type application/json
header ${wnm}/* Access-Control-Allow-Origin *
respond ${wnm}/server `{ "m.server": "${mtfqdn}:${portStr.https}" }`
respond ${wnm}/client `{
"m.homeserver": { "base_url": "https://${mtfqdn}" },
"m.identity_server": { "base_url": "https://${mtfqdn}" }
}`
'';
"aria2.${dn}".extraConfig = ''
reverse_proxy /jsonrpc ${homeSrv "aria2"}
file_server {
root ${pkgs.ariang}/share/ariang
}
'';
"forgejo.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "forgejo"}
'';
"headscale.${dn}".extraConfig = ''
reverse_proxy ${localSrv "headscale"}
'';
"jellyfin.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyfin"}
'';
"jellyseerr.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyseerr"}
'';
${msfqdn} = {
extraConfig = ''
file_server ${wn "acme-challenge"}/* {
root ${config.security.acme.defaults.webroot}/
}
'';
"forgejo.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "forgejo"}
'';
"headscale.${dn}".extraConfig = ''
reverse_proxy ${localSrv "headscale"}
'';
"jellyfin.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyfin"}
'';
"jellyseerr.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyseerr"}
'';
${msfqdn} = {
extraConfig = ''
file_server ${wn "acme-challenge"}/* {
root ${config.security.acme.defaults.webroot}/
}
'';
useACMEHost = msfqdn;
};
"matrix.${dn}".extraConfig = ''
reverse_proxy /_matrix/* ${homeSrv "conduit"}
file_server {
root ${pkgs.cinny}
}
'';
"vault.${dn}".extraConfig = ''
reverse_proxy ${localSrv "vault"} {
header_up X-Real-IP {remote_host}
}
'';
"writefreely.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "writefreely"}
'';
useACMEHost = msfqdn;
};
"matrix.${dn}".extraConfig = ''
reverse_proxy /_matrix/* ${homeSrv "conduit"}
file_server {
root ${pkgs.cinny}
}
'';
"vault.${dn}".extraConfig = ''
reverse_proxy ${localSrv "vault"} {
header_up X-Real-IP {remote_host}
}
'';
"writefreely.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "writefreely"}
'';
};
};
security.acme = {
@ -74,5 +76,4 @@
webroot = "/var/lib/acme/acme-challenge";
};
};
}

5
linux/singularity/configuration.nix
View file

@ -1,7 +1,4 @@
{ ... }:
{
{...}: {
boot = {
tmp.cleanOnBoot = true;
loader.grub.device = "/dev/sda";

4
linux/singularity/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
mailserver.nixosModules.default
../../common

26
linux/singularity/hardware-configuration.nix
View file

@ -1,28 +1,34 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
# boot.initrd.availableKernelModules =
# [ "ata_piix" "virtio_pci" "virtio_scsi" "sd_mod" ];
# boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
# fileSystems."/" = {
# device = "/dev/disk/by-uuid/6d3bf8cd-1996-45fb-";
# fsType = "ext4";
# };
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
boot.initrd.kernelModules = ["nvme"];
fileSystems."/" = {
device = "/dev/sda3";
fsType = "ext4";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

4
linux/singularity/headscale.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services = {
headscale = with config.constants; {
enable = true;

13
linux/singularity/mailserver.nix
View file

@ -1,24 +1,21 @@
{ config, ... }:
let
{config, ...}: let
dn = config.constants.domain;
usr = config.constants.userName;
mailSecret = "mail/${usr}/password";
in
{
in {
mailserver = {
enable = true;
fqdn = "mail.${dn}";
domains = [ dn ];
domains = [dn];
loginAccounts = {
"${usr}@${dn}" = {
aliases = [ config.constants.postMaster ];
aliases = [config.constants.postMaster];
hashedPasswordFile = config.sops.secrets.${mailSecret}.path;
};
};
certificateScheme = "acme";
};
sops.secrets.${mailSecret} = { };
sops.secrets.${mailSecret} = {};
}

10
linux/singularity/network.nix
View file

@ -1,8 +1,8 @@
{ config, ... }:
let hn = config.networking.hostName; in {
{config, ...}: let
hn = config.networking.hostName;
in {
networking = {
firewall.allowedTCPPorts = with config.constants.port; [ http https ];
firewall.allowedTCPPorts = with config.constants.port; [http https];
hostId = "2cadb253";
nftables.enable = true;
};
@ -16,5 +16,5 @@ let hn = config.networking.hostName; in {
openssh.enable = true;
};
sops.secrets."cloudflare/${hn}" = { };
sops.secrets."cloudflare/${hn}" = {};
}

8
linux/singularity/vaultwarden.nix
View file

@ -1,9 +1,9 @@
{ config, ... }:
{
{config, ...}: {
services.vaultwarden = {
enable = true;
config = let const = config.constants; in {
config = let
const = config.constants;
in {
# Disable signup
SIGNUPS_ALLOWED = false;
# Specify service port

26
template/context/flake.nix
View file

@ -4,15 +4,19 @@
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, flake-utils, nixpkgs }:
flake-utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system};
in {
devShells.default = pkgs.mkShell {
packages = with pkgs; [ texlive.combined.scheme-full ];
TEXMFHOME = "$XDG_DATA_HOME/texmf";
TEXMFVAR = "$XDG_CACHE_HOME/texlive/texmf-var";
EXMFCONFIG = "$XDG_CONFIG_HOME/texlive/texmf-config";
};
});
outputs = {
self,
flake-utils,
nixpkgs,
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
in {
devShells.default = pkgs.mkShell {
packages = with pkgs; [texlive.combined.scheme-full];
TEXMFHOME = "$XDG_DATA_HOME/texmf";
TEXMFVAR = "$XDG_CACHE_HOME/texlive/texmf-var";
EXMFCONFIG = "$XDG_CONFIG_HOME/texlive/texmf-config";
};
});
}

28
template/r/flake.nix
View file

@ -4,16 +4,20 @@
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, flake-utils, nixpkgs }:
flake-utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system};
in {
devShells.default = pkgs.mkShell {
packages = with pkgs; [
(rWrapper.override {
packages = with rPackages; [ tidyverse ];
})
];
};
});
outputs = {
self,
flake-utils,
nixpkgs,
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
in {
devShells.default = pkgs.mkShell {
packages = with pkgs; [
(rWrapper.override {
packages = with rPackages; [tidyverse];
})
];
};
});
}

171
template/rust/flake.nix
View file

@ -10,114 +10,129 @@
};
};
outputs = { self, crane, fenix, flake-utils, nixpkgs, advisory-db }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
fenixPkgs = fenix.packages.${system};
craneLib = crane.mkLib pkgs;
src = craneLib.path ./.;
outputs = {
self,
crane,
fenix,
flake-utils,
nixpkgs,
advisory-db,
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
fenixPkgs = fenix.packages.${system};
craneLib = crane.mkLib pkgs;
src = craneLib.path ./.;
# Common arguments can be set here to avoid repeating them later
commonArgs = with pkgs; {
inherit src;
strictDeps = true;
buildInputs = [
# Common arguments can be set here to avoid repeating them later
commonArgs = with pkgs; {
inherit src;
strictDeps = true;
buildInputs =
[
# Add additional build inputs here
] ++ lib.optionals stdenv.isDarwin [
]
++ lib.optionals stdenv.isDarwin [
# Additional darwin specific inputs can be set here
libiconv
];
# Additional environment variables can be set directly
# MY_CUSTOM_VAR = "some value";
};
# Additional environment variables can be set directly
# MY_CUSTOM_VAR = "some value";
};
craneLibLLvmTools = craneLib.overrideToolchain
(fenixPkgs.complete.withComponents [
"cargo"
"llvm-tools"
"rustc"
]);
craneLibLLvmTools =
craneLib.overrideToolchain
(fenixPkgs.complete.withComponents [
"cargo"
"llvm-tools"
"rustc"
]);
# Build *just* the cargo dependencies, so we can reuse
# all of that work (e.g. via cachix) when running in CI
cargoArtifacts = craneLib.buildDepsOnly commonArgs;
# Build *just* the cargo dependencies, so we can reuse
# all of that work (e.g. via cachix) when running in CI
cargoArtifacts = craneLib.buildDepsOnly commonArgs;
# Build the actual crate itself, reusing the dependency
# artifacts from above.
crate = craneLib.buildPackage (commonArgs // {
# Build the actual crate itself, reusing the dependency
# artifacts from above.
crate = craneLib.buildPackage (commonArgs
// {
inherit cargoArtifacts;
});
in
{
checks = {
# Build the crate as part of `nix flake check` for convenience
inherit crate;
in {
checks = {
# Build the crate as part of `nix flake check` for convenience
inherit crate;
# Run clippy (and deny all warnings) on the crate source,
# again, resuing the dependency artifacts from above.
#
# Note that this is done as a separate derivation so that
# we can block the CI if there are issues here, but not
# prevent downstream consumers from building our crate by itself.
clippy = craneLib.cargoClippy (commonArgs // {
# Run clippy (and deny all warnings) on the crate source,
# again, resuing the dependency artifacts from above.
#
# Note that this is done as a separate derivation so that
# we can block the CI if there are issues here, but not
# prevent downstream consumers from building our crate by itself.
clippy = craneLib.cargoClippy (commonArgs
// {
inherit cargoArtifacts;
cargoClippyExtraArgs = "--all-targets -- --deny warnings";
});
doc = craneLib.cargoDoc (commonArgs // {
doc = craneLib.cargoDoc (commonArgs
// {
inherit cargoArtifacts;
});
# Check formatting
fmt = craneLib.cargoFmt {
inherit src;
};
# Check formatting
fmt = craneLib.cargoFmt {
inherit src;
};
# Audit dependencies
audit = craneLib.cargoAudit {
inherit src advisory-db;
};
# Audit dependencies
audit = craneLib.cargoAudit {
inherit src advisory-db;
};
# Audit licenses
deny = craneLib.cargoDeny {
inherit src;
};
# Audit licenses
deny = craneLib.cargoDeny {
inherit src;
};
# Run tests with cargo-nextest
# Consider setting `doCheck = false` on `my-crate` if you do not want
# the tests to run twice
nextest = craneLib.cargoNextest (commonArgs // {
# Run tests with cargo-nextest
# Consider setting `doCheck = false` on `my-crate` if you do not want
# the tests to run twice
nextest = craneLib.cargoNextest (commonArgs
// {
inherit cargoArtifacts;
partitions = 1;
partitionType = "count";
});
};
};
packages = {
packages =
{
default = crate;
} // pkgs.lib.optionalAttrs (!pkgs.stdenv.isDarwin) {
my-crate-llvm-coverage = craneLibLLvmTools.cargoLlvmCov (commonArgs // {
inherit cargoArtifacts;
});
}
// pkgs.lib.optionalAttrs (!pkgs.stdenv.isDarwin) {
my-crate-llvm-coverage = craneLibLLvmTools.cargoLlvmCov (commonArgs
// {
inherit cargoArtifacts;
});
};
apps.default = flake-utils.lib.mkApp {
drv = crate;
};
apps.default = flake-utils.lib.mkApp {
drv = crate;
};
devShells.default = craneLib.devShell {
# Inherit inputs from checks.
# Enable after Cargo.toml and Cargo.lock are present
# Consider customizing deny.toml
# checks = self.checks.${system};
devShells.default = craneLib.devShell {
# Inherit inputs from checks.
# Enable after Cargo.toml and Cargo.lock are present
# Consider customizing deny.toml
# checks = self.checks.${system};
# Extra inputs can be added here; cargo and rustc are provided by default
packages = [
fenixPkgs.rust-analyzer
];
RUST_SRC_PATH = "${fenixPkgs.complete.rust-src}/lib/rustlib/src/rust/library";
};
});
# Extra inputs can be added here; cargo and rustc are provided by default
packages = [
fenixPkgs.rust-analyzer
];
RUST_SRC_PATH = "${fenixPkgs.complete.rust-src}/lib/rustlib/src/rust/library";
};
});
}

20
template/typst/flake.nix
View file

@ -4,12 +4,16 @@
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, flake-utils, nixpkgs }:
flake-utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system};
in {
devShells.default = pkgs.mkShell {
packages = with pkgs; [ typst ];
};
});
outputs = {
self,
flake-utils,
nixpkgs,
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
in {
devShells.default = pkgs.mkShell {
packages = with pkgs; [typst];
};
});
}