First public commit

(594 squashed commits)
mrtnvgr · Mar 18, 2024 · fc8fced · fc8fced
commit fc8fced
Show file tree

Hide file tree

Showing 147 changed files with 6,851 additions and 0 deletions.
diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes
@@ -0,0 +1,4 @@
+# Do not edit this file.  To specify the files to encrypt, create your own
+# .gitattributes file in the directory where your files are.
+* !filter !diff
+*.gpg binary
diff --git a/.git-crypt/keys/default/0/6FADDB43D5A5FE52683509435B3379E981EF48B1.gpg b/.git-crypt/keys/default/0/6FADDB43D5A5FE52683509435B3379E981EF48B1.gpg
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,2 @@
+**/secrets/** filter=git-crypt diff=git-crypt
+**/secrets.nix filter=git-crypt diff=git-crypt
diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml
@@ -0,0 +1,39 @@
+name: "Build ISO"
+
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Free Disk Space
+      uses: insightsengineering/disk-space-reclaimer@v1
+
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Install nix
+      uses: cachix/install-nix-action@v25
+      with:
+        nix_path: "nixpkgs=channel:nixos-unstable"
+        extra_nix_config: |
+          experimental-features = nix-command flakes
+          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+
+    - name: Show nixpkgs version
+      run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
+
+    - name: Build the ISO
+      env:
+        NIXPKGS_ALLOW_UNFREE: 1
+      run: |
+        nix run nixpkgs#nixos-generators -- --flake .#minix --format-path genfmts/isoplus.nix -o minix.iso
+
+    - name: Archive ISO
+      uses: actions/upload-artifact@v4
+      with:
+        name: minix.iso
+        path: minix.iso
diff --git a/LICENSE b/LICENSE
diff --git a/README.md b/README.md
@@ -0,0 +1,53 @@
+<h1 align="center">❄️</h1>
+
+[![Automatic ISO builds](https://github.com/mrtnvgr/nixfiles/actions/workflows/build_iso.yml/badge.svg)](https://github.com/mrtnvgr/nixfiles/actions/workflows/build_iso.yml)
+
+This repository contains my [NixOS](https://nixos.org/) configurations
+
+> [!WARN]
+> Work in progress, expect bugs and regressions
+
+## Hosts
+
+### Desktops
+
+- **nixie** - daily driver laptop
+- _**thlix** - personal ISO with secrets (basically personal `nixie`)_
+- _**minix** - base for all desktops (mainly used for ISO builds)_
+
+### Servers
+
+- **cloud** - main server
+
+## Usage
+
+### Real-hardware installation
+
+- Follow the official NixOS installation [guide](https://nixos.wiki/wiki/NixOS_Installation_Guide) **until `NixOS Installation` section**
+- Clone this repo: `git clone https://github.com/mrtnvgr/nixfiles`
+- Create your host (look in `flake.nix` and `hosts` for examples)
+  - Copy `/mnt/etc/nixos/hardware-configuration.nix` to `hardware.nix`
+- Install: `nixos-install --root /mnt --flake .#<YOUR-HOST-NAME>`
+- Move this repo to installed system: `mv nixfiles /mnt/home/<your-username>/`
+- Reboot: `reboot`
+
+### Portable environment
+
+#### Pick a format
+
+- **isoplus** - LiveISO, heavily compressed, loaded into the RAM for performance
+  - For **persistence** support, specify `--special-arg persistence 1` while creating the image
+- **rawplus** - full mutability, image of a *regular* installation
+  - Expect a *horrible* experience on USB sticks
+  - Consider **only** for external SSD/HDD drives
+  - Specify `--disk-size <MEGABYTES>` while creating the image
+
+#### Steps
+
+- Bring `nixos-generators` into the scope: `nix shell github:nix-community/nixos-generators`
+- Use the `minix` host or create your own
+- Generate an image: `nixos-generate --flake .#<YOUR-HOST-NAME> --format-path genfmts/<FORMAT>.nix`
+- Flash: `cat <path-to-image> > /dev/sdX`
+- **Only for isoplus with persistence**:
+  - Create a new volume: `fdisk /dev/sdX <<<$'n\np\n\n\n\nw'`
+  - Format the volume: `mkfs.ext4 -L <YOUR-HOST-NAME>persistence /dev/sdX3`
diff --git a/colorschemes/catppuccin.nix b/colorschemes/catppuccin.nix
@@ -0,0 +1,41 @@
+{
+  name = "Catppuccin";
+  slug = "catppuccin";
+  author = "https://github.com/catppuccin";
+
+  palette = rec {
+    background = "#24273a"; # base
+    darkness = "#1e2030"; # mantle
+    void = "#181926"; # crust
+
+    # Grayscale (dark -> light)
+    gray = "#363a4f"; # surface0
+    gray2 = "#494d64"; # surface1
+    gray3 = "#5b6078"; # surface2
+    gray4 = "#6e738d"; # overlay0
+    gray5 = "#8087a2"; # overlay1
+    gray6 = "#939ab7"; # overlay2
+    gray7 = "#a5adcb"; # subtext0
+    gray8 = "#b8c0e0"; # subtext1
+
+    text = "#cad3f5"; # text
+
+    red = "#ed8796"; # red
+    green = "#a6da95"; # green
+    yellow = "#eed49f"; # yellow
+    blue = "#8aadf4"; # blue
+    orange = "#f5a97f"; # peach
+
+    violet = "#c6a0f6"; # mauve
+    lavender = "#b7bdf8"; # lavender
+
+    pink = "#f5bde6"; # pink
+    lipstick = "#ee99a0"; # maroon
+    skin = "#f0c6c6"; # flamingo
+    fawn = "#f4dbd6"; # rosewater
+
+    sapphire = "#7dc4e4"; # sapphire
+    sky = "#91d7e3"; # sky
+    teal = "#8bd5ca"; # teal
+  };
+}
diff --git a/colorschemes/default.nix b/colorschemes/default.nix
@@ -0,0 +1,31 @@
+let
+  mkColorscheme = p:
+    let
+      file = import p;
+
+      named = file.palette;
+      basePalette = with palette; {
+        base00 = background;
+        base01 = darkness;
+        base02 = gray;
+        base03 = gray2;
+        base04 = gray3;
+        base05 = text;
+        base06 = fawn;
+        base07 = lavender;
+        base08 = red;
+        base09 = orange;
+        base0A = yellow;
+        base0B = green;
+        base0C = teal;
+        base0D = blue;
+        base0E = violet;
+        base0F = skin;
+      };
+
+      palette = named // basePalette;
+    in
+      file // { palette = palette; };
+in {
+  catppuccin = mkColorscheme ./catppuccin.nix;
+}
diff --git a/core/archiving.nix b/core/archiving.nix
@@ -0,0 +1,13 @@
+{ pkgs, user, ... }: {
+  home-manager.users.${user}.programs.bash.initExtra = ''
+    ZSTD_CLEVEL=19
+    ZSTD_NBTHREADS=`nproc --all`
+  '';
+
+  environment.systemPackages = with pkgs; [
+    zip
+    p7zip
+    unrar
+    unzip
+  ];
+}
diff --git a/core/bcache.nix b/core/bcache.nix
@@ -0,0 +1,17 @@
+{ ... }: {
+  nix.settings = {
+    substituters = [
+      "https://mrtnvgr.cachix.org"
+      "https://nix-community.cachix.org"
+      "https://hyprland.cachix.org"
+      "https://aseipp-nix-cache.global.ssl.fastly.net"
+      # "https://cache.nixos.org"
+    ];
+
+    trusted-public-keys = [
+      "mrtnvgr.cachix.org-1:zV5Vv57wyo/NNdiLZg0IMjQSLLL0pkEbfeltQ0F4kL8="
+      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+    ];
+  };
+}
diff --git a/core/bootloader.nix b/core/bootloader.nix
@@ -0,0 +1,7 @@
+{ lib, ... }: {
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.systemd-boot.configurationLimit = 3;
+
+  boot.loader.efi.canTouchEfiVariables = lib.mkDefault true;
+  boot.loader.timeout = lib.mkDefault 1;
+}
diff --git a/core/default.nix b/core/default.nix
@@ -0,0 +1,28 @@
+{ hostname, ... }: {
+  imports = [
+    ./bootloader.nix
+    ./nix.nix
+    ./packages.nix
+    ./fat.nix
+    ./overlays.nix
+    ./bcache.nix
+    ./home-manager.nix
+    ./time-zone.nix
+    ./physlock.nix
+    ./nice-build.nix
+    ./users.nix
+    ./network.nix
+    ./registry.nix
+    ./git.nix
+    ./ssh.nix
+    ./neovim
+    ./shell.nix
+    ./archiving.nix
+    ./gpg.nix
+    ./firmware.nix
+    ./not-found.nix
+    ./kernel.nix
+  ];
+
+  networking.hostName = hostname;
+}
diff --git a/core/fat.nix b/core/fat.nix
@@ -0,0 +1,4 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [ fatsort ];
+  boot.supportedFilesystems = [ "ntfs" "exfat" "vfat" ];
+}
diff --git a/core/firmware.nix b/core/firmware.nix
@@ -0,0 +1,3 @@
+{ ... }: {
+  hardware.enableRedistributableFirmware = true;
+}
diff --git a/core/git.nix b/core/git.nix
@@ -0,0 +1,24 @@
+{ pkgs, user, ... }: {
+  home-manager.users.${user} = {
+    home.packages = with pkgs; [ github-cli git-lfs git-crypt ];
+    programs.git = {
+      enable = true;
+      userName = "mrtnvgr";
+      userEmail = "[email protected]";
+
+      aliases = {
+        ammit = "commit -a --amend --no-edit";
+        undo = "reset HEAD~1";
+      };
+
+      signing = {
+        signByDefault = true;
+        key = "6FADDB43D5A5FE52683509435B3379E981EF48B1";
+      };
+
+      extraConfig = {
+        pull.rebase = true;
+      };
+    };
+  };
+}
diff --git a/core/gpg.nix b/core/gpg.nix
@@ -0,0 +1,6 @@
+{ ... }: {
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+}
diff --git a/core/home-manager.nix b/core/home-manager.nix
@@ -0,0 +1,18 @@
+{ inputs, user, config, ... }: {
+  imports = [ inputs.home-manager.nixosModules.home-manager ];
+
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    users.${user} = {
+      # Nicely reload system units when changing configs
+      systemd.user.startServices = "sd-switch";
+
+      # Allow home-manager to control itself
+      programs.home-manager.enable = true;
+
+      # Sync home-manager's stateVersion with global stateVersion
+      home.stateVersion = config.system.stateVersion;
+    };
+  };
+}
diff --git a/core/kernel.nix b/core/kernel.nix
@@ -0,0 +1,3 @@
+{ pkgs, ... }: {
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+}
diff --git a/core/neovim/autocmds.nix b/core/neovim/autocmds.nix
@@ -0,0 +1,55 @@
+{ user, ... }: {
+  home-manager.users.${user}.programs.nixvim = {
+    autoGroups = {
+      USER.clear = true;
+    };
+
+    autoCmd = [
+      {
+        # Auto format on save
+        group = "USER";
+        event = [ "BufWritePre" ];
+        command = "lua vim.lsp.buf.format()";
+      }
+
+      {
+        # Disable auto-commenting
+        group = "USER";
+        event = [ "BufWinEnter" "FileType" ];
+        pattern = "*";
+        command = "setlocal formatoptions-=c formatoptions-=r formatoptions-=o";
+      }
+
+      {
+        # Text editing mode
+        group = "USER";
+        event = [ "BufWinEnter" ];
+        pattern = [ "*.md" "*.txt" ];
+        command = "setlocal wrap";
+      }
+
+      {
+        # Extra markdown aliases
+        group = "USER";
+        event = [ "BufEnter" ];
+        pattern = [ "TODO" "todo" ];
+        command = "setfiletype markdown";
+      }
+
+      # Remove trailing space
+      {
+        group = "USER";
+        event = [ "BufWritePre" ];
+        callback = {
+          __raw = ''
+            function(ev)
+              save_cursor = vim.fn.getpos(".")
+              vim.cmd([[%s/\s\+$//e]])
+              vim.fn.setpos(".", save_cursor)
+            end
+          '';
+        };
+      }
+    ];
+  };
+}
diff --git a/core/neovim/default.nix b/core/neovim/default.nix
@@ -0,0 +1,24 @@
+{ inputs, pkgs, config, user, ... }: {
+  home-manager.users.${user} = {
+    imports = [ inputs.nixvim.homeManagerModules.nixvim ];
+
+    programs.nixvim = {
+      enable = true;
+      package = pkgs.neovim-nightly;
+
+      viAlias = true;
+      vimAlias = true;
+      defaultEditor = true;
+
+      luaLoader.enable = true;
+    };
+  };
+
+  imports = [
+    ./options.nix
+    ./autocmds.nix
+    ./keymaps.nix
+    ./theme.nix
+    ./plugins.nix
+  ];
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		/secrets/ filter=git-crypt diff=git-crypt
		**/secrets.nix filter=git-crypt diff=git-crypt