foglar/nixos-config
foglar/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: foglar:a75ef902af5fd7807918423a79f349034d7e03aa
Branches Tags
foglar:master
...
compare: foglar:c3f13735c92bb889c81fab5ed5862e3bcfc35022
Branches Tags
foglar:master

3 Commits
a75ef902af ... c3f13735c9

Author SHA1 Message Date
foglar
c3f13735c9 sops update 2025-01-11 23:02:22 +01:00
foglar
4dd93707f0 System update 2025-01-11 21:28:49 +01:00
foglar
8111065f13 nvf and cleanup 2025-01-11 21:28:39 +01:00
9 changed files with 2346 additions and 17 deletions
Show Stats Expand all files Collapse all files

1
TODO.md
View File

@ -37,6 +37,7 @@
- [ ] add notification management for bluetooth etc... - [ ] add notification management for bluetooth etc...
- [ ] add syncthing configuration - [ ] add syncthing configuration
- [ ] qutebrowser configuration - [ ] qutebrowser configuration
- [ ] script dir set environment variable
- [ ] update my home page and create new web - [ ] update my home page and create new web
- [ ] fix kde theme in stylix - [ ] fix kde theme in stylix

2278
flake.lock
View File

File diff suppressed because it is too large Load Diff

12
flake.nix
View File

@ -1,5 +1,5 @@
{ {
description = "My highly sofisticated and complicated flake"; description = "My highly sophisticated and complicated flake";
inputs = { inputs = {
install-script = { install-script = {
@ -60,6 +60,8 @@
url = "github:ghostty-org/ghostty"; url = "github:ghostty-org/ghostty";
}; };
nvf.url = "github:notashelf/nvf";
# Nix on Droid Configuration # Nix on Droid Configuration
nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-24.05";
@ -162,5 +164,13 @@
}; };
}; };
}; };
packages."x86_64-linux".default =
(inputs.nvf.lib.neovimConfiguration {
pkgs = nixpkgs.legacyPackages."x86_64-linux";
modules = [
./nixos/system/packages/nvf.nix
];
})
.neovim;
}; };
} }

2
nixos/home/apps/cli_tools.nix
View File

@ -30,7 +30,7 @@
++ ( ++ (
if pkgs.system == "x86_64-linux" if pkgs.system == "x86_64-linux"
then [ then [
nvtopPackages.full #nvtopPackages.full
toybox toybox
] ]
else [] else []

2
nixos/system/packages.nix
View File

@ -8,6 +8,7 @@
./packages/yubikey.nix ./packages/yubikey.nix
./packages/sops/sops.nix ./packages/sops/sops.nix
./packages/ssh-client.nix ./packages/ssh-client.nix
./packages/syncthing.nix
]; ];
program = { program = {
@ -24,6 +25,7 @@
notify = lib.mkDefault false; notify = lib.mkDefault false;
}; };
ssh.client.enable = lib.mkDefault true; ssh.client.enable = lib.mkDefault true;
syncthing.enable = lib.mkDefault true;
}; };
sys.desktop.steamdeck.enable = lib.mkDefault false; sys.desktop.steamdeck.enable = lib.mkDefault false;
sys.security.sops.enable = lib.mkDefault true; sys.security.sops.enable = lib.mkDefault true;

31
nixos/system/packages/nvf.nix Normal file
View File

@ -0,0 +1,31 @@
{...}: {
vim = {
viAlias = true;
vimAlias = true;
theme = {
enable = true;
name = "catppuccin"; # catppuccin, tokyo-night, one-dark
style = "mocha";
};
languages = {
enableLSP = true;
enableTreesitter = true;
nix.enable = true;
rust.enable = true;
python.enable = true;
lua.enable = true;
csharp.enable = true;
go.enable = true;
markdown.enable = true;
clang.enable = true;
html.enable = true;
};
statusline.lualine.enable = true;
telescope.enable = true;
autocomplete.nvim-cmp.enable = true;
};
}

6
nixos/system/packages/sops/secrets/secrets.yaml
View File

@ -1,6 +1,6 @@
kogami: kogami:
password-hash: ENC[AES256_GCM,data:HXuzumA7zAzBUcOBszeslYVDLA7r3W7gINn2FvMCTEHkc+y3zWftK4CVnk+TuRcgP9/htUphs2BmusogFAdmRQ3HmQU8WGQN0A==,iv:n2063dWbEmFKEvXbY2uk+C6lwF7WzA8jalKOFHPVICc=,tag:wb5bq4Dk3a9UnzYFBInHEA==,type:str] password-hash: ENC[AES256_GCM,data:HXuzumA7zAzBUcOBszeslYVDLA7r3W7gINn2FvMCTEHkc+y3zWftK4CVnk+TuRcgP9/htUphs2BmusogFAdmRQ3HmQU8WGQN0A==,iv:n2063dWbEmFKEvXbY2uk+C6lwF7WzA8jalKOFHPVICc=,tag:wb5bq4Dk3a9UnzYFBInHEA==,type:str]
syncthing: ENC[AES256_GCM,data:699bwajY9/0=,iv:YXmw613vRfWlbjiex6LfACZD+otES3E6Mm0e+66dfA8=,tag:H3QCsg0VvZpxkhWKyGH8Gg==,type:str] syncthing: ENC[AES256_GCM,data:ero9yQ==,iv:lPpT2WMB9BVb1o8VL0X9hDtzCZv76fLIZh7+5Tkv+Ik=,tag:SVLwrE9MK+nSpJVvEEaByw==,type:str]
ginoza: ginoza:
password-hash: ENC[AES256_GCM,data:xqE0y3Z7+kasYFQLn4Wuo+/c9L8BEakf2HKgN5BsttC2iDuzYSvXrP8K6pe5Skdi5Aq0MVz9LixJFM3PBgLORL1C6k0iDSardw==,iv:bKL40h0rGNmnnkA7EieKAD5KyENXOiTNsTVH1V0B7HU=,tag:c1MsRuiOK/j2b0iKOyO8FQ==,type:str] password-hash: ENC[AES256_GCM,data:xqE0y3Z7+kasYFQLn4Wuo+/c9L8BEakf2HKgN5BsttC2iDuzYSvXrP8K6pe5Skdi5Aq0MVz9LixJFM3PBgLORL1C6k0iDSardw==,iv:bKL40h0rGNmnnkA7EieKAD5KyENXOiTNsTVH1V0B7HU=,tag:c1MsRuiOK/j2b0iKOyO8FQ==,type:str]
yubikey_id: ENC[AES256_GCM,data:ZyamX5gxoW4=,iv:4tW7muk6AaJf9VmXmFd6Ut63U27fFD8QgYSBx3RgOfw=,tag:IFlSiOffMyc33Rw1gxwCPA==,type:int] yubikey_id: ENC[AES256_GCM,data:ZyamX5gxoW4=,iv:4tW7muk6AaJf9VmXmFd6Ut63U27fFD8QgYSBx3RgOfw=,tag:IFlSiOffMyc33Rw1gxwCPA==,type:int]
@ -22,8 +22,8 @@ sops:
T0cxV21SN0hJaFg3R3hpTjIxa3lJNVEKdIrR5XDHxpCojk2A1pxc4dYtSJRrObbY T0cxV21SN0hJaFg3R3hpTjIxa3lJNVEKdIrR5XDHxpCojk2A1pxc4dYtSJRrObbY
JS/nDgu74LugEchiOhuIJ7nh3MS5XBOmmt2GTHrqxZEZFoIykjIGug== JS/nDgu74LugEchiOhuIJ7nh3MS5XBOmmt2GTHrqxZEZFoIykjIGug==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-07T17:20:45Z" lastmodified: "2025-01-07T17:58:06Z"
mac: ENC[AES256_GCM,data:oENblUlcgDrZaNV2/XggaPoGavqHBXv4i3DpcfFFKiymifmITHj5m6HflVePDqtkBceTnMyCNCzQ6Ijmrt8Xkr4wbEQpoLhjyfWW/4QOlKjT3GAxfWEth7uzCHxuqd24aHs1jRyphua7bgbVLLuI0khHiL5s8b+9wkkTmV9Y3WE=,iv:eDglG+RMUagzE0qVi73dGXMerup8ipg/rFxV+qJfNXM=,tag:wZyMqxZLUh4B6JuQL4GXFA==,type:str] mac: ENC[AES256_GCM,data:SnuO2BSpo3Zs0FatGLC3pT9X92/CUB/D7UE0X7FkK/CLXFMZFT1FRS7Ru+FgHXzCnQIUDtVNdJDOkatt0CdgjMKPxNXSOZRSv4A1NCGhzVDGX9/BjLYmdTWlJ2KEbirvPTi8SffIJt2YkaAqhBvRo9EByAZV/AnokA/Oi9xdO0I=,iv:qEXAbN6388LWUnEx/L6Rgzrnxis3KT2gB0AI9raGWJA=,tag:9oLpm5TgGIxPev12PTTb+g==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.2 version: 3.9.2

26
nixos/system/packages/sops/sops.nix
View File

@ -14,6 +14,7 @@
defaultSopsFormat = "yaml"; defaultSopsFormat = "yaml";
age.keyFile = "/home/${userSettings.username}/.config/sops/age/keys.txt"; age.keyFile = "/home/${userSettings.username}/.config/sops/age/keys.txt";
age.generateKey = true;
# SSH private keys # SSH private keys
secrets = { secrets = {
@ -32,24 +33,31 @@
group = "users"; group = "users";
}; };
templates = { "yubikey_id" = {
"${userSettings.hostname}/syncthing".content = ''${config.sops.placeholder."${userSettings.hostname}/syncthing"}''; owner = userSettings.username;
group = "users";
}; };
}; };
templates = {
"syncthing-password".content = ''${config.sops.placeholder."${userSettings.hostname}/syncthing"}'';
"yubikey-id".content = ''${config.sops.placeholder.yubikey_id}'';
};
}; };
# Password hash # Password hash
users.users.${userSettings.username}.hashedPasswordFile = "${config.sops.secrets."${userSettings.hostname}/password-hash".path}"; users.users.${userSettings.username}.hashedPasswordFile = "${config.sops.secrets."${userSettings.hostname}/password-hash".path}";
# YubiKey IDs # YubiKey IDs
security.pam.yubico.id = [17032113]; security.pam.yubico.id =
#++ ( []
# if config.program.yubikey.enable ++ (
# then ["${config.sops.secrets.yubikey_id}".value] if config.program.yubikey.enable
# else [] then [config.sops.templates."yubikey-id".content]
#); else []
);
# Syncthing password # Syncthing password
#services.syncthing.settings.gui.password = config.sops.templates."${userSettings.hostname}/syncthing".content; services.syncthing.settings.gui.password = config.sops.templates."syncthing-password".content;
}; };
} }

5
nixos/system/settings/default-applications.nix
View File

@ -41,11 +41,14 @@
"x-scheme-handler/https" = "${config.xdg.da.browser}.desktop"; "x-scheme-handler/https" = "${config.xdg.da.browser}.desktop";
"x-scheme-handler/about" = "${config.xdg.da.browser}.desktop"; "x-scheme-handler/about" = "${config.xdg.da.browser}.desktop";
"x-scheme-handler/unknown" = "${config.xdg.da.browser}.desktop"; "x-scheme-handler/unknown" = "${config.xdg.da.browser}.desktop";
"text/plain" = "${userSettings.editor}.desktop"; "text/plain" = "${userSettings.editor}.desktop";
"application/pdf" = "org.gnome.Evince.desktop"; "application/pdf" = "org.gnome.Evince.desktop";
"image/svg+xml" = "org.gnome.Loupe.desktop"; "image/svg+xml" = "inkscape.desktop";
"image/jpeg" = "org.gnome.Loupe.desktop"; "image/jpeg" = "org.gnome.Loupe.desktop";
"image/png" = "org.gnome.Loupe.desktop"; "image/png" = "org.gnome.Loupe.desktop";
"inode/directory" = "org.gnome.Nautilus.desktop";
"video/mp4" = "mpv.desktop";
}; };
programs.zsh.enable = programs.zsh.enable =