From d81aa406a4ee1eddf51c5e06a15a39531edaaf99 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Wed, 3 Sep 2025 19:46:44 +0200 Subject: [PATCH] nod --- configuration.nix | 3 +- flake.lock | 212 +++++++++++++++++++++++++++++++ flake.nix | 45 +++++-- home-modules/bash.nix | 15 ++- home-modules/fish.nix | 4 +- home-modules/gpg.nix | 9 +- home-modules/pkgs-list/shell.nix | 1 + home-modules/sops.nix | 4 +- home-modules/ssh.nix | 8 +- home-modules/xdg.nix | 8 +- home-modules/yazi.nix | 51 ++++---- nix-on-droid.nix | 29 +++-- shell-only.nix | 6 +- system-modules/base-packages.nix | 35 +++-- 14 files changed, 340 insertions(+), 90 deletions(-) diff --git a/configuration.nix b/configuration.nix index 427350e..45330d1 100644 --- a/configuration.nix +++ b/configuration.nix @@ -32,7 +32,6 @@ ./system-modules/sops.nix ./system-modules/sound.nix ./system-modules/sshd.nix - ./system-modules/base-packages.nix ./system-modules/input.nix ./system-modules/syncthing.nix ./system-modules/tuda.nix @@ -61,6 +60,8 @@ ./system-modules/calendar/dicos.nix ] else [ ]); + environment.systemPackages = import ./system-modules/base-packages.nix pkgs; + systemd.extraConfig = "DefaultLimitNOFILE=2048"; system.stateVersion = hyper.pkgs-version; nix.settings.experimental-features = [ "nix-command" "flakes" ]; diff --git a/flake.lock b/flake.lock index 2ad837b..d02a02c 100644 --- a/flake.lock +++ b/flake.lock @@ -234,6 +234,48 @@ "type": "github" } }, + "home-manager-nod": { + "inputs": { + "nixpkgs": [ + "nixpkgs24" + ] + }, + "locked": { + "lastModified": 1726989464, + "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nix-on-droid", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709445365, + "narHash": "sha256-DVv6nd9FQBbMWbOmhq0KVqmlc3y3FMSYl49UXmMcO+0=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "4de84265d7ec7634a69ba75028696d74de9a44a7", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, "hyprcursor": { "inputs": { "hyprlang": [ @@ -570,6 +612,55 @@ "type": "github" } }, + "nix-formatter-pack": { + "inputs": { + "nixpkgs": [ + "nix-on-droid", + "nixpkgs" + ], + "nmd": "nmd", + "nmt": "nmt" + }, + "locked": { + "lastModified": 1705252799, + "narHash": "sha256-HgSTREh7VoXjGgNDwKQUYcYo13rPkltW7IitHrTPA5c=", + "owner": "Gerschtli", + "repo": "nix-formatter-pack", + "rev": "2de39dedd79aab14c01b9e2934842051a160ffa5", + "type": "github" + }, + "original": { + "owner": "Gerschtli", + "repo": "nix-formatter-pack", + "type": "github" + } + }, + "nix-on-droid": { + "inputs": { + "home-manager": "home-manager_2", + "nix-formatter-pack": "nix-formatter-pack", + "nixpkgs": [ + "nixpkgs24" + ], + "nixpkgs-docs": "nixpkgs-docs", + "nixpkgs-for-bootstrap": "nixpkgs-for-bootstrap", + "nmd": "nmd_2" + }, + "locked": { + "lastModified": 1720396533, + "narHash": "sha256-UFzk/hZWO1VkciIO5UPaSpJN8s765wsngUSvtJM6d5Q=", + "owner": "nix-community", + "repo": "nix-on-droid", + "rev": "f3d3b8294039f2f9a8fb7ea82c320f29c6b0fe25", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "nix-on-droid", + "type": "github" + } + }, "nixos-wsl": { "inputs": { "flake-compat": "flake-compat_3", @@ -605,6 +696,38 @@ "type": "indirect" } }, + "nixpkgs-docs": { + "locked": { + "lastModified": 1705957679, + "narHash": "sha256-Q8LJaVZGJ9wo33wBafvZSzapYsjOaNjP/pOnSiKVGHY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9a333eaa80901efe01df07eade2c16d183761fa3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-for-bootstrap": { + "locked": { + "lastModified": 1720244366, + "narHash": "sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN+MXpA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "49ee0e94463abada1de470c9c07bfc12b36dcf40", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "49ee0e94463abada1de470c9c07bfc12b36dcf40", + "type": "github" + } + }, "nixpkgs-latest": { "locked": { "lastModified": 1756326156, @@ -652,6 +775,22 @@ "type": "indirect" } }, + "nixpkgs24": { + "locked": { + "lastModified": 1735563628, + "narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1756266583, @@ -731,6 +870,60 @@ "type": "github" } }, + "nmd": { + "flake": false, + "locked": { + "lastModified": 1666190571, + "narHash": "sha256-Z1hc7M9X6L+H83o9vOprijpzhTfOBjd0KmUTnpHAVjA=", + "owner": "rycee", + "repo": "nmd", + "rev": "b75d312b4f33bd3294cd8ae5c2ca8c6da2afc169", + "type": "gitlab" + }, + "original": { + "owner": "rycee", + "repo": "nmd", + "type": "gitlab" + } + }, + "nmd_2": { + "inputs": { + "nixpkgs": [ + "nix-on-droid", + "nixpkgs-docs" + ], + "scss-reset": "scss-reset" + }, + "locked": { + "lastModified": 1705050560, + "narHash": "sha256-x3zzcdvhJpodsmdjqB4t5mkVW22V3wqHLOun0KRBzUI=", + "owner": "~rycee", + "repo": "nmd", + "rev": "66d9334933119c36f91a78d565c152a4fdc8d3d3", + "type": "sourcehut" + }, + "original": { + "owner": "~rycee", + "repo": "nmd", + "type": "sourcehut" + } + }, + "nmt": { + "flake": false, + "locked": { + "lastModified": 1648075362, + "narHash": "sha256-u36WgzoA84dMVsGXzml4wZ5ckGgfnvS0ryzo/3zn/Pc=", + "owner": "rycee", + "repo": "nmt", + "rev": "d83601002c99b78c89ea80e5e6ba21addcfe12ae", + "type": "gitlab" + }, + "original": { + "owner": "rycee", + "repo": "nmt", + "type": "gitlab" + } + }, "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat", @@ -785,14 +978,17 @@ "inputs": { "copyparty": "copyparty", "home-manager": "home-manager", + "home-manager-nod": "home-manager-nod", "hyprland": "hyprland", "hyprland-plugins": "hyprland-plugins", "hyprspace": "hyprspace", "lanzaboote": "lanzaboote", + "nix-on-droid": "nix-on-droid", "nixos-wsl": "nixos-wsl", "nixpkgs": "nixpkgs_5", "nixpkgs-latest": "nixpkgs-latest", "nixpkgs-unstable": "nixpkgs-unstable", + "nixpkgs24": "nixpkgs24", "sops-nix": "sops-nix", "yazi": "yazi" } @@ -839,6 +1035,22 @@ "type": "github" } }, + "scss-reset": { + "flake": false, + "locked": { + "lastModified": 1631450058, + "narHash": "sha256-muDlZJPtXDIGevSEWkicPP0HQ6VtucbkMNygpGlBEUM=", + "owner": "andreymatin", + "repo": "scss-reset", + "rev": "0cf50e27a4e95e9bb5b1715eedf9c54dee1a5a91", + "type": "github" + }, + "original": { + "owner": "andreymatin", + "repo": "scss-reset", + "type": "github" + } + }, "sops-nix": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index e539f4d..e7cb16a 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,11 @@ home-manager = { url = "github:nix-community/home-manager/release-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; - nixos-wsl = { url = "github:nix-community/NixOS-WSL/main"; }; + nix-on-droid = { url = "github:nix-community/nix-on-droid/release-24.05"; inputs.nixpkgs.follows = "nixpkgs24"; }; + nixpkgs24 = { url = "github:NixOS/nixpkgs/nixos-24.05"; }; + home-manager-nod = { url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs24"; }; + + nixos-wsl = { url = "github:nix-community/NixOS-WSL/main"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.2"; }; @@ -28,20 +32,19 @@ config = { allowUnfreePredicate = pkg: builtins.elem (simple-pkgs.lib.getName pkg) (import ./flake-modules/allowed.nix).unfree; }; hyper-base = rec { - inherit system; + system = "x86_64-linux"; user = "nx2"; domain = "nx2.site"; - home = "/home/${user}/"; + home = "/home/${user}"; webroot = "/var/lib/hugo/nx2site/public"; - pkgs-version = "25.05"; }; - my-pkgs = host: import nixpkgs { + get-pkgs = { host, system?system, nixpkgs?inputs.nixpkgs, version?"25.05" }: import nixpkgs { inherit system config; overlays = [(final: prev: { unstable = import nixpkgs-unstable { inherit system config; }; latest = import nixpkgs-latest { inherit system config; }; - version = "25.05"; + inherit version; })] ++ (if host == "NxACE" then [ copyparty.overlays.default ] else []); @@ -53,17 +56,18 @@ in { nixosConfigurations = let make-nixos-system = host: nvidia-settings: nixpkgs.lib.nixosSystem { - pkgs = my-pkgs host; + pkgs = get-pkgs { inherit host; }; modules = [ ./configuration.nix ]; specialArgs = let hyper = hyper-base // { inherit host; nvidia = (nvidia-base // nvidia-settings); }; in { inherit inputs hyper rice secrets; }; }; make-nixos-wsl-system = host: nixpkgs.lib.nixosSystem { - pkgs = my-pkgs host; + pkgs = get-pkgs { inherit host; }; modules = [ ./nixos-wsl.nix ]; specialArgs = let hyper = hyper-base // { inherit host; }; + rice = import ./flake-modules/rice.nix pkgs; in { inherit inputs hyper rice; }; }; in { @@ -73,16 +77,35 @@ NxWSL = make-nixos-wsl-system "NxWSL"; }; + nixOnDroidConfigurations = let + makeNODConfiguration = host: nix-on-droid.lib.nixOnDroidConfiguration rec { + pkgs = get-pkgs { host = "NxS23U"; system = "aarch64-linux"; version = "25.05"; } // ( + get-pkgs { host = "NxS23U"; system = "aarch64-linux"; nixpkgs = nixpkgs24; version = "24.05"; } + ); + modules = [ ./nix-on-droid.nix ]; + home-manager-path = home-manager-nod.outPath; + extraSpecialArgs = let + hyper = hyper-base // { + inherit host; + system = "aarch64-linux"; + user = "nix-on-droid"; + home = "/data/data/com.termux.nix/files/home"; + }; + rice = import ./flake-modules/rice.nix pkgs; + in { inherit inputs hyper rice; }; + }; + in { NxS23U = makeNODConfiguration "NxS23U"; }; + homeConfigurations = let make-home-configuration = host: user: nvidia-settings: home-manager.lib.homeManagerConfiguration { - pkgs = my-pkgs host; + pkgs = get-pkgs { inherit host; }; modules = [ ./home.nix ]; extraSpecialArgs = let hyper = hyper-base // { inherit host; nvidia = nvidia-base // nvidia-settings; }; in { inherit inputs hyper rice secrets; }; }; make-shell-configuration = host: user: home-manager.lib.homeManagerConfiguration { - pkgs = my-pkgs host; + pkgs = get-pkgs { inherit host; }; modules = [ ./shell-only.nix ]; extraSpecialArgs = let hyper = hyper-base // { inherit host; }; @@ -93,7 +116,7 @@ "${hyper-base.user}@NxNORTH" = make-home-configuration "NxNORTH" hyper-base.user { enable = true; prime = false; }; "${hyper-base.user}@NxACE" = make-home-configuration "NxACE" hyper-base.user { enable = false; }; - "${hyper-base.user}@NxWSL" = make-shell-configuration "NxWSL" hyper-base.user; + "${hyper-base.user}@NxWSL" = make-shell-configuration { user = hyper.user; host = "NxWSL"; inherit pkgs; }; }; }; } diff --git a/home-modules/bash.nix b/home-modules/bash.nix index 2b1f025..3b29227 100644 --- a/home-modules/bash.nix +++ b/home-modules/bash.nix @@ -1,6 +1,10 @@ -{ ... }: +{ pkgs, ... }: { - programs.bash = { + programs.bash = let + init = /* bash */ '' + source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh + ''; + in { enable = true; shellAliases = { ll = "ls -l"; @@ -15,5 +19,10 @@ "checkjobs" ]; enableCompletion = false; - }; + + } // pkgs.lib.mkIf (pkgs.version != "24.05") { + shellInit = init; + } // pkgs.lib.mkIf (pkgs.version != "25.05") { + profileExtra = init; + }; } diff --git a/home-modules/fish.nix b/home-modules/fish.nix index e6a721e..6e0b154 100644 --- a/home-modules/fish.nix +++ b/home-modules/fish.nix @@ -1,7 +1,6 @@ { pkgs, ... }@all: with all; { home.packages = with pkgs; [ - fish any-nix-shell (writeShellScriptBin "nxfetch" '' @@ -38,6 +37,7 @@ programs.fish = { enable = true; + package = pkgs.fish; shellAliases = let base-eza = "eza --icons --git --smart-group --group-directories-first"; in { @@ -112,7 +112,7 @@ ''; nx_backup = let destination = if hyper.host == "NxNORTH" then "${hyper.home}/shared/" else "${hyper.home}/backups/"; - in pkgs.lib.mkIf (hyper.host != "NxACE") '' + in pkgs.lib.mkIf (hyper.host == "NxXPS" || hyper.host == "NxNORTH") '' set RPATH (curl -s https://${hyper.domain}/latest-backup) rsync -avz --info=progress2 -e "ssh -p ${builtins.toString secrets.ssh.port}" ${hyper.user}@ssh.${hyper.domain}:"$RPATH" ${destination} ''; diff --git a/home-modules/gpg.nix b/home-modules/gpg.nix index a47f72d..ddd18b0 100644 --- a/home-modules/gpg.nix +++ b/home-modules/gpg.nix @@ -19,14 +19,15 @@ enableFishIntegration = true; defaultCacheTtlSsh = min2sec 60; defaultCacheTtl = min2sec 30; + extraConfig = '' + allow-loopback-pinentry + ''; + } // (if (pkgs.version != "24.05") then { pinentry = { package = pkgs.pinentry; program = "pinentry"; }; - extraConfig = '' - allow-loopback-pinentry - ''; - }; + } else {}); home.file.".gnupg/gpg.conf".text = '' personal-cipher-preferences AES256 AES192 AES diff --git a/home-modules/pkgs-list/shell.nix b/home-modules/pkgs-list/shell.nix index 9c35172..ef7e2e9 100644 --- a/home-modules/pkgs-list/shell.nix +++ b/home-modules/pkgs-list/shell.nix @@ -33,6 +33,7 @@ systemctl-tui tldr w3m + which yt-dlp ]; } diff --git a/home-modules/sops.nix b/home-modules/sops.nix index 0f730dd..1def120 100644 --- a/home-modules/sops.nix +++ b/home-modules/sops.nix @@ -5,8 +5,8 @@ ]; sops = { - age.keyFile = lib.mkIf (hyper.host == "NxACE") "${hyper.home}.age_nx2_key_13.txt"; - gnupg.home = lib.mkIf (hyper.host != "NxACE") "${hyper.home}.gnupg"; + age.keyFile = lib.mkIf (hyper.host == "NxACE") "${hyper.home}/.age_nx2_key_13.txt"; + gnupg.home = lib.mkIf (hyper.host != "NxACE") "${hyper.home}/.gnupg"; defaultSopsFile = ../sops-secrets.yaml; # %r is $XDG_RUNTIME_DIR diff --git a/home-modules/ssh.nix b/home-modules/ssh.nix index cf71ccd..cc9bb78 100644 --- a/home-modules/ssh.nix +++ b/home-modules/ssh.nix @@ -1,21 +1,21 @@ { pkgs, ... }@all: with all; { home = { - packages = with pkgs; [ sshfs ]; + packages = with pkgs; [ openssh sshfs ]; file.".ssh/config".text = '' HOST nxace HostName ssh.${hyper.domain} - User ${hyper.user} + User nx2 Port 50022 HOST nxacel HostName 10.0.1.1 - User ${hyper.user} + User nx2 Port 50022 HOST nxrpil HostName 10.0.1.31 - User ${hyper.user} + User nx2 Port 22 HOST nxgit diff --git a/home-modules/xdg.nix b/home-modules/xdg.nix index 4542153..7286973 100644 --- a/home-modules/xdg.nix +++ b/home-modules/xdg.nix @@ -1,10 +1,10 @@ { pkgs, ... }@all: with all; { xdg = { enable = true; - configHome = "${hyper.home}.config"; - cacheHome = "${hyper.home}.cache"; - dataHome = "${hyper.home}.local/share"; - stateHome = "${hyper.home}.local/state"; + configHome = "${hyper.home}/.config"; + cacheHome = "${hyper.home}/.cache"; + dataHome = "${hyper.home}/.local/share"; + stateHome = "${hyper.home}/.local/state"; mimeApps = { enable = true; defaultApplications = let diff --git a/home-modules/yazi.nix b/home-modules/yazi.nix index 752325d..4618df6 100644 --- a/home-modules/yazi.nix +++ b/home-modules/yazi.nix @@ -1,5 +1,6 @@ { pkgs, ... }@all: with all; let tfc = pkgs.latest.xdg-desktop-portal-termfilechooser; + x = (pkgs.version != "24.05"); in { home.packages = [ pkgs.unar @@ -11,29 +12,7 @@ in { # package = pkgs.yazi; package = inputs.yazi.packages.${hyper.system}.default; enableFishIntegration = true; - shellWrapperName = "ya"; - initLua = /* lua */ '' - require("zoxide"):setup { - update_db = true, - } - Status:children_add(function() - local h = cx.active.current.hovered - if not h or ya.target_family() ~= "unix" then - return "" - end - - return ui.Line { - ui.Span(ya.user_name(h.cha.uid) or tostring(h.cha.uid)):fg("magenta"), - ":", - ui.Span(ya.group_name(h.cha.gid) or tostring(h.cha.gid)):fg("magenta"), - " ", - } - end, 500, Status.RIGHT) - ''; - plugins = with pkgs; { - inherit glow git; - }; - # initLua = /* lua */ '' ''; + # initLua = /* lua */ '' ''; # down keymap = { mgr.keymap = [ { on = ""; run = "escape"; desc = "Exit visual mode, clear selected, or cancel search"; } @@ -403,7 +382,31 @@ in { ]; }; }; - }; + } // (if x then { + shellWrapperName = "ya"; + initLua = /* lua */ '' + require("zoxide"):setup { + update_db = true, + } + Status:children_add(function() + local h = cx.active.current.hovered + if not h or ya.target_family() ~= "unix" then + return "" + end + + return ui.Line { + ui.Span(ya.user_name(h.cha.uid) or tostring(h.cha.uid)):fg("magenta"), + ":", + ui.Span(ya.group_name(h.cha.gid) or tostring(h.cha.gid)):fg("magenta"), + " ", + } + end, 500, Status.RIGHT) + ''; + plugins = with pkgs; { + inherit glow git; + }; + } else {}); + xdg = { configFile."xdg-desktop-portal-termfilechooser/config" = { force = true; diff --git a/nix-on-droid.nix b/nix-on-droid.nix index fe30dc8..c3b8e10 100644 --- a/nix-on-droid.nix +++ b/nix-on-droid.nix @@ -1,24 +1,25 @@ -{ pkgs, ... }@all: with all; +{ pkgs, ... }@all: { - # Simply install just the packages - environment.packages = with pkgs; [ - helix - git - lazygit - yazi - ]; - # Backup etc files instead of failing to activate generation if a file already exists in /etc - environment.etcBackupExtension = ".bak"; - - # Read the changelog before changing this value + environment = { + packages = import ./system-modules/base-packages.nix pkgs; + etcBackupExtension = ".bak"; + }; + android-integration = { + termux-setup-storage.enable = true; + }; system.stateVersion = pkgs.version; - - # Set up nix for flakes nix.extraOptions = '' experimental-features = nix-command flakes ''; # Set your time zone time.timeZone = "Europe/Berlin"; + + home-manager = { + config = ./shell-only.nix; + useGlobalPkgs = true; + backupFileExtension = "backup"; + extraSpecialArgs = { inherit (all) inputs hyper rice; }; + }; } diff --git a/shell-only.nix b/shell-only.nix index bf972ea..0d085c9 100644 --- a/shell-only.nix +++ b/shell-only.nix @@ -13,7 +13,7 @@ ./home-modules/nixd.nix ./home-modules/nxgs.nix ./home-modules/pandoc.nix - ./home-modules/programming/c.nix + # ./home-modules/programming/c.nix ./home-modules/programming/gleam.nix ./home-modules/programming/go.nix ./home-modules/programming/java.nix @@ -29,8 +29,8 @@ ./home-modules/pkgs-list/shell.nix ]; home.username = hyper.user; - # home.homeDirectory = hyper.home; # for some reason you cant use hyper.home here - home.homeDirectory = "/home/${hyper.user}"; + home.homeDirectory = hyper.home; + # home.homeDirectory = "/home/${hyper.user}"; home.stateVersion = pkgs.version; xdg = { enable = true; diff --git a/system-modules/base-packages.nix b/system-modules/base-packages.nix index 0ccdd77..6634ce6 100644 --- a/system-modules/base-packages.nix +++ b/system-modules/base-packages.nix @@ -1,19 +1,18 @@ -{ pkgs, ... }: { - environment.systemPackages = with pkgs; ([ - git - git-crypt - lazygit # home-manager module is bugged - wget - curlHTTP3 - zip - unzip - p7zip - unar - vim - htop - openssl - dmidecode - file - ]); +pkgs: with pkgs; [ + busybox + # coreutils-full + gitFull + git-crypt -} + wget + curlHTTP3 + zip + unzip + p7zip + unar + vim + htop + openssl + dmidecode + file +]