faukah/nichts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

added stuff

Browse source
This commit is contained in:
vali 2024-04-09 23:11:33 +02:00
commit 236b8c2a6b
907 changed files with 70990 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

296
alt/flake.lock generated Executable file
View file

@ -0,0 +1,296 @@
{
"nodes": {
"crane": {
"inputs": {
"nixpkgs": [
"schizofox",
"searx-randomizer",
"nixpkgs"
]
},
"locked": {
"lastModified": 1701386725,
"narHash": "sha256-w4aBlMYh9Y8co1V80m5LzEKMijUJ7CBTq209WbqVwUU=",
"owner": "ipetkov",
"repo": "crane",
"rev": "8b9bad9b30bd7a9ed08782e64846b7485f9d0a38",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"schizofox",
"nixpkgs"
]
},
"locked": {
"lastModified": 1706830856,
"narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1698882062,
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": [
"schizofox",
"nixpak",
"flake-parts"
],
"nixpkgs": [
"schizofox",
"nixpak",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704029560,
"narHash": "sha256-a4Iu7x1OP+uSYpqadOu8VCPY+MPF3+f6KIi+MAxlgyw=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"rev": "d5cbf433a6ae9cae05400189a8dbc6412a03ba16",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1712462372,
"narHash": "sha256-WA3bbBWhd3o1wAgyHZNypjb/LG4oq+IWxFq8ey8yNPU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a561ad6ab38578c812cc9af3b04f2cc60ebf48c9",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"schizofox",
"nixpkgs"
]
},
"locked": {
"lastModified": 1708591310,
"narHash": "sha256-8mQGVs8JccWTnORgoLOTh9zvf6Np+x2JzhIc+LDcJ9s=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "0e0e9669547e45ea6cca2de4044c1a384fd0fe55",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixpak": {
"inputs": {
"flake-parts": [
"schizofox",
"flake-parts"
],
"hercules-ci-effects": "hercules-ci-effects",
"nixpkgs": [
"schizofox",
"nixpkgs"
]
},
"locked": {
"lastModified": 1708597894,
"narHash": "sha256-KxpKOBDGPJ76k37vLukYHp/wd7U4DoUVIvy8atHfy/k=",
"owner": "nixpak",
"repo": "nixpak",
"rev": "535dd408c4b19f407bc22e42eb32ccb9256e5865",
"type": "github"
},
"original": {
"owner": "nixpak",
"repo": "nixpak",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1712439257,
"narHash": "sha256-aSpiNepFOMk9932HOax0XwNxbA38GOUVOiXfUVPOrck=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ff0dbd94265ac470dda06a657d5fe49de93b4599",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1698611440,
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1708475490,
"narHash": "sha256-g1v0TsWBQPX97ziznfJdWhgMyMGtoBFs102xSYO4syU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0e74ca98a74bc7270d28838369593635a5db3260",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1712435091,
"narHash": "sha256-Hyn/2goBwkDGxTF6IBcc1HpRscpLg8ErEy+vmQwEqoc=",
"owner": "nix-community",
"repo": "NUR",
"rev": "d47aa79f2aae0bea15c6a40b7fca5830fcfe1346",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nur": "nur",
"schizofox": "schizofox"
}
},
"schizofox": {
"inputs": {
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"home-manager": "home-manager_2",
"nixpak": "nixpak",
"nixpkgs": "nixpkgs_2",
"searx-randomizer": "searx-randomizer"
},
"locked": {
"lastModified": 1710502118,
"narHash": "sha256-kPzvCwGVuLlPDVRD35dMnudWPpEzRXfU/9DHsG12PaY=",
"owner": "schizofox",
"repo": "schizofox",
"rev": "8dde2033a6f448c48a48d4d0aeb22bf2da840b7d",
"type": "github"
},
"original": {
"owner": "schizofox",
"repo": "schizofox",
"type": "github"
}
},
"searx-randomizer": {
"inputs": {
"crane": "crane",
"flake-parts": "flake-parts_2",
"nixpkgs": [
"schizofox",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704412376,
"narHash": "sha256-Ap/AudJxCYBDWYy0lyqP0/FZYJCibL7jKkoj6hp1WS0=",
"owner": "schizofox",
"repo": "searx-randomizer",
"rev": "c36a473732ba6b4f6024ac1c181631cf4d542b17",
"type": "github"
},
"original": {
"owner": "schizofox",
"repo": "searx-randomizer",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

60
alt/flake.nix Executable file
View file

@ -0,0 +1,60 @@
{
description = "My NixOS configuration";
inputs = {
nixpkgs.url= "github:nixos/nixpkgs/nixos-unstable";
nur.url = "github:nix-community/NUR";
schizofox.url="github:schizofox/schizofox";
home-manager = {
url = "github:nix-community/home-manager/";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs @ { self, nixpkgs, nur, home-manager, ...}:
let
inherit (self) outputs;
mkSystem = {
hostname,
modules ? [],
user-configs ? [ { name = "vali"; config = ./home/vali/common.nix; }],
system ? "x86_64-linux"
#overlays ? import -/overlays/packages.nix
}:
let
profile-config = { inherit hostname system modules user-configs; };
in
nixpkgs.lib.nixosSystem {
inherit modules;
specialArgs = { inherit inputs outputs profile-config; };
};
mkHome = user: modules: pkgs: home-manager.lib.homeManagerConfiguration {
inherit modules pkgs user;
extraSpecialArgs = { inherit inputs outputs user; };
};
in {
nixpkgs.config.allowUnfree = true;
nixosConfigurations = {
laptop = mkSystem {
hostname = "nixos";
modules = [./hosts/laptop];
user-configs = [{
name = "vali";
config = ./home/vali/laptop.nix;
}];
};
xfce = mkSystem {
hostname = "nixos";
modules = [ ./hosts/xfce ];
user-configs = [{
name = "vali";
config = ./home/vali/xfce.nix;
}];
};
};
homeManagerConfiguration = {
"vali@laptop" = mkHome "vali" [ home/vali/laptop.nix ] nixpkgs.legacyPackages."x86_64-linux";
};
};
}

27
alt/home/vali/laptop.nix Executable file
View file

@ -0,0 +1,27 @@
{ inputs, outputs, pkgs, user, ... }:
{
imports = [
# Would look like this:
# ../../terminal/zsh/home.nix
inputs.schizofox.homeManagerModule
../../modules/web/schizofox.nix
#../../modules/terminal/zsh/home.nix
];
xdg.configHome = "/home/${user}/.config/";
programs.home-manager.enable = true;
home = {
stateVersion = "23.11";
username = "${user}";
homeDirectory = "/home/${user}";
};
# GNOME settings:
dconf.settings = {
"org/gnome/shell" = {
disable-user-extensions = false;
enabled-extensions = [ "appindicatorsupport@rgcjonas.gmail.com" ];
};
"org/gnome/desktop/interface".color-scheme = "prefer-dark";
};
}

18
alt/home/vali/xfce.nix Executable file
View file

@ -0,0 +1,18 @@
{ inputs, outputs, pkgs, user, ... }:
{
imports = [
# Would look like this:
# ../../terminal/zsh/home.nix
inputs.schizofox.homeManagerModule
../../modules/web/schizofox.nix
#../../modules/terminal/zsh/home.nix
];
xdg.configHome = "/home/${user}/.config/";
programs.home-manager.enable = true;
home = {
stateVersion = "23.11";
username = "${user}";
homeDirectory = "/home/${user}";
};
}

93
alt/hosts/common/default.nix Executable file
View file

@ -0,0 +1,93 @@
{ inputs, outputs, profile-config, pkgs, ... }:
{
nixpkgs.config.allowUnfree = true;
imports = [
#profile-config.overlays
inputs.home-manager.nixosModules.home-manager
./packages.nix
];
services.locate = {
enable = true;
interval = "daily";
package = pkgs.plocate;
localuser = null;
};
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users = builtins.listToAttrs (builtins.map(
u-conf: {
inherit inputs;
name = u-conf.name;
value = import u-conf.config { inherit pkgs inputs outputs; user = u-conf.name; };
}
)profile-config.user-configs);
users.users = builtins.listToAttrs (builtins.map(
u-conf: {
name = u-conf.name;
value = {
initialPassword = "${u-conf.name}";
isNormalUser = true;
extraGroups = [ "wheel" "audio" "video" "input"];
};
}
)profile-config.user-configs);
boot.loader = {
efi.canTouchEfiVariables = true;
grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
};
time.timeZone = "Europe/Zurich";
i18n.defaultLocale = "en_US.UTF-8";
console.keyMap = "de";
# Remove unnecessary packages
environment.gnome.excludePackages =
(with pkgs; [
gnome-photos
gnome-tour
gedit
]) ++
(with pkgs.gnome; [
epiphany
geary
totem
tali
iagno
hitori
atomix
]);
services.xserver.excludePackages = [ pkgs.xterm ];
documentation.nixos.enable = false;
# Set the keyboard layout to german
services.xserver.xkb.layout= "de";
# Eable CUPS
services.printing.enable = true;
# Sound settings
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
jack.enable = true;
pulse.enable = true;
wireplumber.enable = true;
alsa.support32Bit = true;
};
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
nix = {
package = pkgs.nixFlakes;
extraOptions = "experimental-features = nix-command flakes";
};
system.stateVersion = "23.11";
}

23
alt/hosts/common/packages.nix Executable file
View file

@ -0,0 +1,23 @@
{ inputs, outputs, profile-config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
vim
neovim
eza
zsh
git
zip
unzip
neofetch
fastfetch
wget
zoxide
python3
gcc
htop
networkmanager
gnomeExtensions.appindicator
uwufetch
];
}

13
alt/hosts/laptop/default.nix Executable file
View file

@ -0,0 +1,13 @@
{ inputs, outputs, pks, profile-config, ... }:
{
imports = [
./hardware-configuration.nix
../common
./packages.nix
];
services.xserver.enable = true;
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
security.polkit.enable = true;
}

39
alt/hosts/laptop/hardware-configuration.nix Executable file
View file

@ -0,0 +1,39 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/b29322ae-b475-4241-85d5-16b69d3cbdc0";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-d12a57e8-f071-485c-ab1c-e8f7a7897dfb".device = "/dev/disk/by-uuid/d12a57e8-f071-485c-ab1c-e8f7a7897dfb";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/33F4-58C3";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp59s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

28
alt/hosts/laptop/packages.nix Executable file
View file

@ -0,0 +1,28 @@
{ inputs, outputs, pkgs, profile-config, ... }:
{
environment.systemPackages = with pkgs; [
jetbrains.idea-community
ani-cli
okular
texliveFull
signal-desktop
nextcloud-client
vlc
strawberry
telegram-desktop
thunderbird
betterbird
vesktop
zsh
zoxide
eza
mpv
librewolf
keepassxc
feh
libreoffice
openjdk
gnome.gnome-tweaks
];
}

22
alt/hosts/xfce/default.nix Executable file
View file

@ -0,0 +1,22 @@
{ config, pkgs, callPackage, ... }:
{
imports = [
./hardware-configuration.nix
./packages.nix
../common
];
services.xserver = {
enable = true;
desktopManager = {
xterm.enable = false;
xfce = {
enable = true;
noDesktop = true;
enableXfwm = false;
};
};
displayManager.defaultSession = "xfce";
windowManager.i3.enable = true;
};
...
}

39
alt/hosts/xfce/hardware-configuration.nix Executable file
View file

@ -0,0 +1,39 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/b29322ae-b475-4241-85d5-16b69d3cbdc0";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-d12a57e8-f071-485c-ab1c-e8f7a7897dfb".device = "/dev/disk/by-uuid/d12a57e8-f071-485c-ab1c-e8f7a7897dfb";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/33F4-58C3";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp59s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

27
alt/hosts/xfce/packages.nix Executable file
View file

@ -0,0 +1,27 @@
{ inputs, outputs, pkgs, profile-config, ... }:
{
environment.systemPackages = with pkgs; [
jetbrains.idea-community
ani-cli
okular
texliveFull
signal-desktop
nextcloud-client
vlc
strawberry
telegram-desktop
betterbird
vesktop
zsh
zoxide
eza
mpv
librewolf
keepassxc
feh
libreoffice
openjdk
];
}

31
alt/modules/terminal/zsh/home.nix Executable file
View file

@ -0,0 +1,31 @@
{ pkgs, config, ... }
{
programs.zsh = {
enable = true;
enableCompletion = true;
enableAutoSuggestions = true;
shellAliases = {
c = "clear";
cc = "cd && clear";
la = "eza -lah";
ls = "eza"
update = "sudo nixos-rebuild switch --flake '/home/vali/.flake/'#laptop";
nv = "nvim";
sunv = "sudo nvim";
};
history.size = 10000;
history.path = "${config.xdg.dataHome}/zsh/history";
oh-my-zsh = {
enable = true;
plugins = [ "git" "thefuck" ];
};
home.packages = with pkgs; [ thefuck ];
programs.zoxide = {
enable = true;
enableZshIntegration = true;
}
}
}

72
alt/modules/web/schizofox.nix Executable file
View file

@ -0,0 +1,72 @@
{ pkgs, inputs, ... }: {
#imports = [ inputs.schizofox.homeManagerModule ];
programs.schizofox = {
enable = true;
theme = {
colors = {
background-darker = "181825";
background = "1e1e2e";
foreground = "cdd6f4";
};
font = "Lexend";
extraUserChrome = ''
body {
color: red !important;
}
.urlbarView {
display: none !important;
}
'';
};
search = {
defaultSearchEngine = "Brave";
removeEngines = ["Google" "Bing" "Amazon.com" "eBay" "Twitter" "Wikipedia"];
searxUrl = "https://searx.be";
searxQuery = "https://searx.be/search?q={searchTerms}&categories=general";
addEngines = [
{
Name = "Etherscan";
Description = "Checking balances";
Alias = "!eth";
Method = "GET";
URLTemplate = "https://etherscan.io/search?f=0&q={searchTerms}";
}
];
};
security = {
sanitizeOnShutdown = false;
sandbox = true;
userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0";
};
misc = {
drmFix = true;
disableWebgl = false;
#startPageURL = "file://${builtins.readFile ./startpage.html}";
};
extensions = {
simplefox.enable = true;
darkreader.enable = true;
extraExtensions = {
"webextension@metamask.io".install_url = "https://addons.mozilla.org/firefox/downloads/latest/ether-metamask/latest.xpi";
};
};
misc.bookmarks = [
#{
# Title = "Example";
# URL = "https://example.com";
# Favicon = "https://example.com/favicon.ico";
# Placement = "toolbar";
# Folder = "FolderName";
#}
];
};
}

43
flake.nix Normal file
View file

@ -0,0 +1,43 @@
{
description = "Our NixOS config lol";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
nur.url = "github:nix-community/NUR";
schizofox.url = "github:schizofox/schizofox";
flake-parts = {
url = "github:hercules-ci/flake-parts";
inputs.nixpkgs.lib.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager/";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs @ { self, nixpkgs, nur, home-manager, ... }: {
in {
nixpkgs.config.allowUnfree = true;
nixosConfigurations = {
laptop = mkSystem {
hostname = "nixos";
modules = [./hosts/laptop];
user-configs = [{
name = "vali";
config = ./home/vali/laptop.nix;
}];
};
xfce = mkSystem {
hostname = "nixos";
modules = [ ./hosts/xfce ];
user-configs = [{
name = "vali";
config = ./home/vali/xfce.nix;
}];
};
};
};
}

2
notes.md Normal file
View file

@ -0,0 +1,2 @@
## Used Stuff
I think it'd be nice to use flake-parts, they make our config more sane.

32
nyx/.editorconfig Normal file
View file

@ -0,0 +1,32 @@
root = true
[*]
charset = utf-8
end_of_line = lf
indent_style = tab
indent_size = 4
insert_final_newline = true
tab_width = 4
trim_trailing_whitespace = true
[*.md]
indent_style = space
indent_size = 2
trim_trailing_whitespace = false
[*.sh]
indent_style = space
indent_size = 2
[*.{nix,yml,yaml}]
indent_style = space
indent_size = 2
tab_width = 2
[*.{js,lock,diff,patch,age}]
indent_style = unset
indent_size = unset
insert_final_newline = unset
trim_trailing_whitespace = unset
end_of_line = unset

2
nyx/.envrc Normal file
View file

@ -0,0 +1,2 @@
watch_dir flake
use flake . --builders ""

15
nyx/.forgejo/workflows/check.yml Normal file
View file

@ -0,0 +1,15 @@
name: Flake Check
on: [push]
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: https://code.forgejo.org/actions/checkout@v4
- name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v5
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Check
run: nix flake check

15
nyx/.forgejo/workflows/fmt.yml Normal file
View file

@ -0,0 +1,15 @@
name: Flake Check
on: [push]
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: https://code.forgejo.org/actions/checkout@v4
- name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v5
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Check
run: nix fmt -- -c .

24
nyx/.gitattributes vendored Normal file
View file

@ -0,0 +1,24 @@
# always use LF line endings so that if a repo is accessed
# in Unix via a file share from Windows, the scripts will work
**/*.sh text eol=lf
# try to get markdown files to be treated as markdown
# by linguist - ** prefix is for all subdirectories
**/*.md linguist-detectable
**/*.md linguist-language=Markdown
# make .age files basically unreadable1
secrets/*.age binary
# luacheckrc is lua, lets treat it as such
.luacheckrc linguist-detectable
.luacheckrc linguist-language=Lua
# Git Configuration files
*.gitattributes linguist-detectable=false
*.gitattributes linguist-documentation=false
*.gitignore linguist-detectable=false
*.gitignore linguist-documentation=false
*.editorconfig linguist-detectable=false
*.editorconfig linguist-documentation=false

9
nyx/.gitignore vendored Normal file
View file

@ -0,0 +1,9 @@
# Ignore nix stuff
result
.direnv/
# Ignore VM stuff
*.qcow2
# Ignore pre-commit config
.pre-commit-config.yaml

36
nyx/.luacheckrc Normal file
View file

@ -0,0 +1,36 @@
-- vim: ft=lua tw=80
max_comment_line_length = false
codes = true
-- Don't report unused self arguments of methods.
self = false
-- Rerun tests only if their modification time changed.
cache = true
ignore = {
"212", -- Unused argument
"631", -- Line is too long
"121", -- setting read-only global variable 'vim'
"122", -- setting read-only field of global variable 'vim'
"542", -- Empty if branch
"581", -- negation of a relational operator- operator can be flipped (not for tables)
}
globals = {
"vim.g",
"vim.b",
"vim.w",
"vim.o",
"vim.bo",
"vim.wo",
"vim.go",
"vim.env"
}
read_globals = {
"vim",
"a",
"assert",
}

20
nyx/.luarc.json Normal file
View file

@ -0,0 +1,20 @@
{
"$schema": "https://raw.githubusercontent.com/sumneko/vscode-lua/master/setting/schema.json",
"workspace": {
"library": ["runtime/lua"],
"checkThirdParty": "Disable"
},
"diagnostics": {
"groupFileStatus": {
"strict": "Opened",
"strong": "Opened"
},
"groupSeverity": {
"strong": "Warning",
"strict": "Warning"
},
"unusedLocalExclude": ["_*"],
"disable": ["luadoc-miss-see-name"]
}
}

674
nyx/LICENSE Normal file
View file

@ -0,0 +1,674 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.

239
nyx/README.md Normal file
View file

@ -0,0 +1,239 @@
<h1 id="header" align="center">
<img src="https://raw.githubusercontent.com/NixOS/nixos-artwork/master/logo/nix-snowflake.svg" width="96px" height="96px" />
<br>
Nýx
</h1>
<p align="center">
My overengineered NixOS flake: Desktops, laptops, servers and everything
else that can run an OS.<br/>
</p>
<div align="center">
<a href="#high-level-overview">Overview</a> | <a href="#host-specifications">Hosts</a> | <a href="#credits--special-thanks-to">Credits</a>
<br/><br/>
</div>
<p id="preview" align="center">
<img src=".github/assets/desktop_preview_wide.png" alt="Desktop Preview" />
</p>
<p align="center">
Screenshot last updated <b>2024-03-19</b>
</p>
## High Level Overview
A high level overview of this monorepo, containing configurations for **all** of my machines
that are running or have ran NixOS at some point in time. As I physically cannot stop
tinkering with my configuration, nothing in this repository (including the overview sections)
should be considered final. As such, it is **not recommended to be used as a template** but
you are welcome to browse the codebase to your liking, you may find bits that are interesting
or/and useful to you.
_Before you proceed, I would like to point you towards the [credits](#credits) section below
where I pay tribute to the individuals who have contributed to this project, whether through
code reference, suggestions, bug reports, or simply moral support._
### Notable Features
[module options]: ./modules/options/style
[profiles]: ./modules/profiles
[wallpkgs]: https://github.com/notashelf/wallpkgs
[flake-parts]: https://flake.parts
[impermanence]: https://github.com/nix-community/impermanence
- **All-in-one** - Servers, desktops, laptops, virtual machines and anything you
can think of. Managed in one place.
- **Sane Defaults** - The modules attempt to bring the most sane defaults, while
providing per-host toggles for conflicting choices.
- **Flexible Modules** - Both Home-manager and NixOS modules allow users to
retrieve NixOS or home-manager configurations from anywhere.
- **Extensive Configuration** - Most desktop programs are configured out of the
box and shared across hosts, with override options for per-host controls.
- **Custom extended library** - An extended library for functions that help
organize my system.
- **Shared Configurations** - Reduces re-used boilerplate code by sharing
modules and profiles across hosts.
- **Fully Modular** - Utilizes NixOS' module system to avoid hard-coding any of
the options.
- **Profiles & Roles** - Provide serialized configuration sets and pluggables
for easily changing large portions of configurations with less options and
minimal imports.
- **Detached Homes** - Home-manager configurations are able to be detached for
non-NixOS usage.
- **Modularized Flake Design** - With the help of [flake-parts], the flake is
fully modular: keeping my `flake.nix` cleaner than ever.
- **Declarative Themes** - Using my [module options], [profiles] and [wallpkgs].
Everything theming is handled inside the flake.
- **Tree-wide formatting** - Format files in any language with the help of devshells
and treefmt-nix modules for flake-parts.
- **Declarative nftables firewall** - Overengineered nftables chain builder for easy
firewall setups.
- **Personal Installation Media** - Personalized ISO images for system installation
and recovery.
- **Secrets Management** - Manage secrets through Agenix.
- **Opt-in Impermanence** - On-demand ephemeral root using BTRFS rollbacks
and [impermanence].
- **Encryption Ready** - Supports and actively utilizes full disk encryption.
- **Wayland First** - Leaves Xorg in the past where it belongs. Everything is
configured around Wayland, with Xorg only as a fallback.
### Repo Structure
[flake schemas]: https://determinate.systems/posts/flake-schemas
[Home-Manager]: https://github.com/nix-community/home-manager
- [flake.nix](./flake.nix) Ground zero of my system configuration. Declaring entrypoints
- [lib](./lib) Personal library of functions and utilities
- [docs](./docs)The documentation for my flake repository
- [notes](./docs/notes) Notes from tedious or/and under-documented processes I have gone through. More or less a blog
- [cheatsheet](./docs/cheatsheet.md) Useful tips that are hard to memorize, but easy to write down
- [flake/](./flake) Individual parts of my flake, powered by flake-parts
- [modules](./flake/modules) modules provided by my flake for both internal and public use
- [pkgs](./flake/pkgs) packages exported by my flake
- [schemes](./flake/schemes) home-baked flake schemas for upcoming [flake schemas]
- [templates](./flake/templates) templates for initializing flakes. Provides some language-specific flakes
- [args.nix](./flake/args.nix) initiate and configure nixpkgs locally
- [deployments.nix](./flake/deployments.nix) host setup for deploy-rs, currently a work in progress
- [treefmt.nix](./flake/treefmt.nix) various language-specific configurations for treefmt
- [homes](./homes) my personalized [Home-Manager] configuration module
- [hosts](./hosts) per-host configurations that contain machine specific instructions and setups
- [modules](./modules) modularized NixOS configurations
- [core](./modules/common) The core module that all systems depend on
- [common](./modules/common) Module configurations shared between all hosts (except installers)
- [profiles](./modules/profiles) Internal module system overrides based on host declarations
- [roles](./modules/roles) A profile-like system that work through imports and ship predefined configurations
- [extra](./modules/extra) Extra modules that are rarely imported
- [shared](./modules/extra/shared) Modules that are both shared for outside consumption, and imported by the flake itself
- [exported](./modules/extra/exported) Modules that are strictly for outside consumption and are not imported by the flake itself
- [options](./modules/options) Definitions of module options used by common modules
- [meta](./modules/options/meta) Internal, read-only module that defines host capabilities based on other options
- [device](./modules/options/device) Hardware capabilities of the host
- [documentation](./modules/options/docs) Local module system documentation
- [system](./modules/options/system) OS-wide configurations for generic software and firmware on system level
- [theme](./modules/options/theme) Active theme configurations ranging from QT theme to shell colors
- [usrEnv](./modules/options/usrEnv) userspace exclusive configurations. E.g. lockscreen or package sets
- [secrets](./secrets) Agenix secrets
## Host Specifications
| Name | Description | Type | Arch |
| :----------- | :------------------------------------------------------------------------------------------------ | :-----: | :-----------: |
| `gaea` | Custom live media, used as an installer | ISO | - |
| `erebus` | Air-gapped virtual machine/live-iso configuration for sensitive jobs | ISO | - |
| `enyo` | Day-to-day desktop workstation boasting a full AMD system. | Desktop | x86_64-linux |
| `helios` | Hetzner cloud VPS for non-critical infrastructure | Server | x86_64-linux |
| `prometheus` | HP Pavillion with a a GTX 1050 and i7-7700hq | Laptop | x86_64-linux |
| `epimetheus` | Twin of prometheus, features full disk encryption in addition to everything prometheus provides | Laptop | x86_64-linux |
| `hermes` | HP Pavillion with a Ryzen 7 7730U, and my main portable workstation. Used on-the-go | Laptop | x86_64-linux |
| `atlas` | Proof of concept server host that is used by my Raspberry Pi 400 | Server | aarch64-linux |
| `icarus` | My 2014 Lenovo Yoga Ideapad that acts as a portable server, used for testing hardware limitations | Laptop | x86_64-linux |
| `artemis` | VM host for testing basic NixOS concepts. Previously targeted aarch64-linux | VM | x86_64-linux |
| `apollon` | VM host for testing networked services, generally used on servers | VM | x86_64-linux |
| `leto` | VM host running medium-priority infrastructure inside a virtualized root server | VM | x86_64-linux |
## Credits & Special Thanks to
[atrocious abstractions]: ./lib/builders.nix
My special thanks go to [fufexan](https://github.com/fufexan) for
convincing me to use NixOS and sticking around to answer my most
stupid and deranged questions, as well as my [atrocious abstractions].
And to [sioodmy](https://github.com/sioodmy) which my configuration is initially based on. The
simplicity of his configuration flake allowed me to take a foothold in the Nix world.
### Awesome People
I ~~shamelessly stole from~~ got inspired by those folks
[sioodmy](https://github.com/sioodmy) -
[fufexan](https://github.com/fufexan) -
[rxyhn](https://github.com/rxyhn) -
[NobbZ](https://github.com/NobbZ) -
[ViperML](https://github.com/viperML) -
[spikespaz](https://github.com/spikespaz) -
[hlissner](https://github.com/hlissner) -
[fortuneteller2k](https://github.com/fortuneteller2k) -
[Max Headroom](https://github.com/max-privatevoid)
... and surely there are more, but I tend to forget.
### Anti-credits
Pretend I haven't credited those people (but I will, because they are equally awesome and I appreciate them)
[n3oney](https://github.com/n3oney) -
[gerg-l (bald frog)](https://github.com/gerg-l) -
[eclairevoyant](https://github.com/eclairevoyant/) -
[FrothyMarrow](https://github.com/frothymarrow)
### Other Cool Resources
Resource that helped shape and improve this configuration, or resources that I strongly recommend that you read
in no particular order.
#### Readings
- [A list of Nix library functions and builtins](https://teu5us.github.io/nix-lib.html)
- [Zero to Nix](https://zero-to-nix.com/)
- [Nix Pills](https://nixos.org/guides/nix-pills/)
- [Xe Iaso's blog](https://xeiaso.net/blog)
- [Vinícius Müller's Blog](https://viniciusmuller.github.io/blog)
- [Viper's Blog](https://ayats.org/)
- [Solène's Blog](https://dataswamp.org/~solene)
- [...my own "blog"?](https://notashelf.github.io/nyx/)
#### Software
Software that helped this configuration become what it is, or software I find interesting
**Linux**
- [Hyprland](https://github.com/hyprwm/Hyprland)
- [ags](https://github.com/aylur/ags)
**Nix/NixOS**
- [Agenix](https://github.com/ryantm/agenix)
- [nh](https://github.com/viperML/nh)
Projects I have made to use in this repository, or otherwise cool software that are
used in this repository that I would like to endorse.
- [nyxpkgs](https://github.com/notashelf/nyxpkgs) - my personal package collection
- [neovim-flake](https://github.com/notashelf/neovim-flake) - highly modular neovim module for NixOS & Home-manager
- [docr](https://github.com/notashelf/docr) - my barebones static site generator, used to generate my blog
- [schizofox](https://github.com/schizofox/schizofox) - hardened Firefox configuration for the delusional and the paranoid
Additionally, take a look at my [notes/blog](./docs/notes) for my notes on specific processes on NixOS.
## License
Unless explicitly stated otherwise, all code under this repository (except for [anything in docs directory](docs))
is licensed under the [GPLv3](./LICENSE), or should you prefer, under any later version of the GPL released
by the FSF.
The notes and documentation available in [docs directory](docs) is licensed under the [CC BY License](./docs/LICENSE).
All code here (excluding secrets) are available for your convenience and at my expense as I believe it is in NixOS
configurations' spirit to share knowledge with and learn from other NixOS users. As such if you are directly
copying a section of my configuration, please include a copyright notice at the top of the file you import the code.
It is not enforced, but your kindness and due diligence would be appreciated.
---
<h2 align="center">Preview</h2>
<p id="preview" align="center">
<img src=".github/assets/desktop_preview.png" width="640" alt="Desktop Preview" />
</p>
<p align="center">
Screenshot last updated <b>2023-12-09</b>
</p>
<div align="right">
<a href="#readme">Back to the Top</a>
</div>

1
nyx/docs/.envrc Normal file
View file

@ -0,0 +1 @@
use nix

6
nyx/docs/.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
# Ignore directories generated by our documentation scripts
out/
# Ignore compiled stylesheet
templates/style.css

395
nyx/docs/LICENSE Normal file
View file

@ -0,0 +1,395 @@
Attribution 4.0 International
=======================================================================
Creative Commons Corporation ("Creative Commons") is not a law firm and
does not provide legal services or legal advice. Distribution of
Creative Commons public licenses does not create a lawyer-client or
other relationship. Creative Commons makes its licenses and related
information available on an "as-is" basis. Creative Commons gives no
warranties regarding its licenses, any material licensed under their
terms and conditions, or any related information. Creative Commons
disclaims all liability for damages resulting from their use to the
fullest extent possible.
Using Creative Commons Public Licenses
Creative Commons public licenses provide a standard set of terms and
conditions that creators and other rights holders may use to share
original works of authorship and other material subject to copyright
and certain other rights specified in the public license below. The
following considerations are for informational purposes only, are not
exhaustive, and do not form part of our licenses.
Considerations for licensors: Our public licenses are
intended for use by those authorized to give the public
permission to use material in ways otherwise restricted by
copyright and certain other rights. Our licenses are
irrevocable. Licensors should read and understand the terms
and conditions of the license they choose before applying it.
Licensors should also secure all rights necessary before
applying our licenses so that the public can reuse the
material as expected. Licensors should clearly mark any
material not subject to the license. This includes other CC-
licensed material, or material used under an exception or
limitation to copyright. More considerations for licensors:
wiki.creativecommons.org/Considerations_for_licensors
Considerations for the public: By using one of our public
licenses, a licensor grants the public permission to use the
licensed material under specified terms and conditions. If
the licensor's permission is not necessary for any reason--for
example, because of any applicable exception or limitation to
copyright--then that use is not regulated by the license. Our
licenses grant only permissions under copyright and certain
other rights that a licensor has authority to grant. Use of
the licensed material may still be restricted for other
reasons, including because others have copyright or other
rights in the material. A licensor may make special requests,
such as asking that all changes be marked or described.
Although not required by our licenses, you are encouraged to
respect those requests where reasonable. More considerations
for the public:
wiki.creativecommons.org/Considerations_for_licensees
=======================================================================
Creative Commons Attribution 4.0 International Public License
By exercising the Licensed Rights (defined below), You accept and agree
to be bound by the terms and conditions of this Creative Commons
Attribution 4.0 International Public License ("Public License"). To the
extent this Public License may be interpreted as a contract, You are
granted the Licensed Rights in consideration of Your acceptance of
these terms and conditions, and the Licensor grants You such rights in
consideration of benefits the Licensor receives from making the
Licensed Material available under these terms and conditions.
Section 1 -- Definitions.
a. Adapted Material means material subject to Copyright and Similar
Rights that is derived from or based upon the Licensed Material
and in which the Licensed Material is translated, altered,
arranged, transformed, or otherwise modified in a manner requiring
permission under the Copyright and Similar Rights held by the
Licensor. For purposes of this Public License, where the Licensed
Material is a musical work, performance, or sound recording,
Adapted Material is always produced where the Licensed Material is
synched in timed relation with a moving image.
b. Adapter's License means the license You apply to Your Copyright
and Similar Rights in Your contributions to Adapted Material in
accordance with the terms and conditions of this Public License.
c. Copyright and Similar Rights means copyright and/or similar rights
closely related to copyright including, without limitation,
performance, broadcast, sound recording, and Sui Generis Database
Rights, without regard to how the rights are labeled or
categorized. For purposes of this Public License, the rights
specified in Section 2(b)(1)-(2) are not Copyright and Similar
Rights.
d. Effective Technological Measures means those measures that, in the
absence of proper authority, may not be circumvented under laws
fulfilling obligations under Article 11 of the WIPO Copyright
Treaty adopted on December 20, 1996, and/or similar international
agreements.
e. Exceptions and Limitations means fair use, fair dealing, and/or
any other exception or limitation to Copyright and Similar Rights
that applies to Your use of the Licensed Material.
f. Licensed Material means the artistic or literary work, database,
or other material to which the Licensor applied this Public
License.
g. Licensed Rights means the rights granted to You subject to the
terms and conditions of this Public License, which are limited to
all Copyright and Similar Rights that apply to Your use of the
Licensed Material and that the Licensor has authority to license.
h. Licensor means the individual(s) or entity(ies) granting rights
under this Public License.
i. Share means to provide material to the public by any means or
process that requires permission under the Licensed Rights, such
as reproduction, public display, public performance, distribution,
dissemination, communication, or importation, and to make material
available to the public including in ways that members of the
public may access the material from a place and at a time
individually chosen by them.
j. Sui Generis Database Rights means rights other than copyright
resulting from Directive 96/9/EC of the European Parliament and of
the Council of 11 March 1996 on the legal protection of databases,
as amended and/or succeeded, as well as other essentially
equivalent rights anywhere in the world.
k. You means the individual or entity exercising the Licensed Rights
under this Public License. Your has a corresponding meaning.
Section 2 -- Scope.
a. License grant.
1. Subject to the terms and conditions of this Public License,
the Licensor hereby grants You a worldwide, royalty-free,
non-sublicensable, non-exclusive, irrevocable license to
exercise the Licensed Rights in the Licensed Material to:
a. reproduce and Share the Licensed Material, in whole or
in part; and
b. produce, reproduce, and Share Adapted Material.
2. Exceptions and Limitations. For the avoidance of doubt, where
Exceptions and Limitations apply to Your use, this Public
License does not apply, and You do not need to comply with
its terms and conditions.
3. Term. The term of this Public License is specified in Section
6(a).
4. Media and formats; technical modifications allowed. The
Licensor authorizes You to exercise the Licensed Rights in
all media and formats whether now known or hereafter created,
and to make technical modifications necessary to do so. The
Licensor waives and/or agrees not to assert any right or
authority to forbid You from making technical modifications
necessary to exercise the Licensed Rights, including
technical modifications necessary to circumvent Effective
Technological Measures. For purposes of this Public License,
simply making modifications authorized by this Section 2(a)
(4) never produces Adapted Material.
5. Downstream recipients.
a. Offer from the Licensor -- Licensed Material. Every
recipient of the Licensed Material automatically
receives an offer from the Licensor to exercise the
Licensed Rights under the terms and conditions of this
Public License.
b. No downstream restrictions. You may not offer or impose
any additional or different terms or conditions on, or
apply any Effective Technological Measures to, the
Licensed Material if doing so restricts exercise of the
Licensed Rights by any recipient of the Licensed
Material.
6. No endorsement. Nothing in this Public License constitutes or
may be construed as permission to assert or imply that You
are, or that Your use of the Licensed Material is, connected
with, or sponsored, endorsed, or granted official status by,
the Licensor or others designated to receive attribution as
provided in Section 3(a)(1)(A)(i).
b. Other rights.
1. Moral rights, such as the right of integrity, are not
licensed under this Public License, nor are publicity,
privacy, and/or other similar personality rights; however, to
the extent possible, the Licensor waives and/or agrees not to
assert any such rights held by the Licensor to the limited
extent necessary to allow You to exercise the Licensed
Rights, but not otherwise.
2. Patent and trademark rights are not licensed under this
Public License.
3. To the extent possible, the Licensor waives any right to
collect royalties from You for the exercise of the Licensed
Rights, whether directly or through a collecting society
under any voluntary or waivable statutory or compulsory
licensing scheme. In all other cases the Licensor expressly
reserves any right to collect such royalties.
Section 3 -- License Conditions.
Your exercise of the Licensed Rights is expressly made subject to the
following conditions.
a. Attribution.
1. If You Share the Licensed Material (including in modified
form), You must:
a. retain the following if it is supplied by the Licensor
with the Licensed Material:
i. identification of the creator(s) of the Licensed
Material and any others designated to receive
attribution, in any reasonable manner requested by
the Licensor (including by pseudonym if
designated);
ii. a copyright notice;
iii. a notice that refers to this Public License;
iv. a notice that refers to the disclaimer of
warranties;
v. a URI or hyperlink to the Licensed Material to the
extent reasonably practicable;
b. indicate if You modified the Licensed Material and
retain an indication of any previous modifications; and
c. indicate the Licensed Material is licensed under this
Public License, and include the text of, or the URI or
hyperlink to, this Public License.
2. You may satisfy the conditions in Section 3(a)(1) in any
reasonable manner based on the medium, means, and context in
which You Share the Licensed Material. For example, it may be
reasonable to satisfy the conditions by providing a URI or
hyperlink to a resource that includes the required
information.
3. If requested by the Licensor, You must remove any of the
information required by Section 3(a)(1)(A) to the extent
reasonably practicable.
4. If You Share Adapted Material You produce, the Adapter's
License You apply must not prevent recipients of the Adapted
Material from complying with this Public License.
Section 4 -- Sui Generis Database Rights.
Where the Licensed Rights include Sui Generis Database Rights that
apply to Your use of the Licensed Material:
a. for the avoidance of doubt, Section 2(a)(1) grants You the right
to extract, reuse, reproduce, and Share all or a substantial
portion of the contents of the database;
b. if You include all or a substantial portion of the database
contents in a database in which You have Sui Generis Database
Rights, then the database in which You have Sui Generis Database
Rights (but not its individual contents) is Adapted Material; and
c. You must comply with the conditions in Section 3(a) if You Share
all or a substantial portion of the contents of the database.
For the avoidance of doubt, this Section 4 supplements and does not
replace Your obligations under this Public License where the Licensed
Rights include other Copyright and Similar Rights.
Section 5 -- Disclaimer of Warranties and Limitation of Liability.
a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE
EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS
AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF
ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS,
IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.
b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE
TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION,
NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES,
COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR
USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR
DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR
IN PART, THIS LIMITATION MAY NOT APPLY TO YOU.
c. The disclaimer of warranties and limitation of liability provided
above shall be interpreted in a manner that, to the extent
possible, most closely approximates an absolute disclaimer and
waiver of all liability.
Section 6 -- Term and Termination.
a. This Public License applies for the term of the Copyright and
Similar Rights licensed here. However, if You fail to comply with
this Public License, then Your rights under this Public License
terminate automatically.
b. Where Your right to use the Licensed Material has terminated under
Section 6(a), it reinstates:
1. automatically as of the date the violation is cured, provided
it is cured within 30 days of Your discovery of the
violation; or
2. upon express reinstatement by the Licensor.
For the avoidance of doubt, this Section 6(b) does not affect any
right the Licensor may have to seek remedies for Your violations
of this Public License.
c. For the avoidance of doubt, the Licensor may also offer the
Licensed Material under separate terms or conditions or stop
distributing the Licensed Material at any time; however, doing so
will not terminate this Public License.
d. Sections 1, 5, 6, 7, and 8 survive termination of this Public
License.
Section 7 -- Other Terms and Conditions.
a. The Licensor shall not be bound by any additional or different
terms or conditions communicated by You unless expressly agreed.
b. Any arrangements, understandings, or agreements regarding the
Licensed Material not stated herein are separate from and
independent of the terms and conditions of this Public License.
Section 8 -- Interpretation.
a. For the avoidance of doubt, this Public License does not, and
shall not be interpreted to, reduce, limit, restrict, or impose
conditions on any use of the Licensed Material that could lawfully
be made without permission under this Public License.
b. To the extent possible, if any provision of this Public License is
deemed unenforceable, it shall be automatically reformed to the
minimum extent necessary to make it enforceable. If the provision
cannot be reformed, it shall be severed from this Public License
without affecting the enforceability of the remaining terms and
conditions.
c. No term or condition of this Public License will be waived and no
failure to comply consented to unless expressly agreed to by the
Licensor.
d. Nothing in this Public License constitutes or may be interpreted
as a limitation upon, or waiver of, any privileges and immunities
that apply to the Licensor or You, including from the legal
processes of any jurisdiction or authority.
=======================================================================
Creative Commons is not a party to its public licenses.
Notwithstanding, Creative Commons may elect to apply one of its public
licenses to material it publishes and in those instances will be
considered the “Licensor.” The text of the Creative Commons public
licenses is dedicated to the public domain under the CC0 Public Domain
Dedication. Except for the limited purpose of indicating that material
is shared under a Creative Commons public license or as otherwise
permitted by the Creative Commons policies published at
creativecommons.org/policies, Creative Commons does not authorize the
use of the trademark "Creative Commons" or any other trademark or logo
of Creative Commons without its prior written consent including,
without limitation, in connection with any unauthorized modifications
to any of its public licenses or any other arrangements,
understandings, or agreements concerning use of licensed material. For
the avoidance of doubt, this paragraph does not form part of the public
licenses.
Creative Commons may be contacted at creativecommons.org.

249
nyx/docs/gen.sh Executable file
View file

@ -0,0 +1,249 @@
#!/usr/bin/env bash
set -e
set -u
set -o pipefail
# Site Meta
title="NotAShelf/nyx"
site_url="https://nyx.notashelf.dev"
site_description="NotAShelf's notes on various topics"
# Directories
tmpdir="$(mktemp -d)"
workingdir="$(pwd)"
outdir="$workingdir"/out
posts_dir="$outdir/posts"
pages_dir="$outdir/pages"
# A list of posts
json_file="$posts_dir/posts.json"
create_directory() {
if [ ! -d "$1" ]; then
echo "Creating directory: $1"
mkdir -p "$1"
fi
}
compile_stylesheet() {
echo "Compiling stylesheet..."
sassc --style=compressed "$1"/"$2" "$1"/out/style.css
}
generate_posts_json() {
echo "Generating JSON..."
json='{"posts":['
first=true
for file in "$1"/notes/*.md; do
filename=$(basename "$file")
if [[ $filename != "README.md" ]]; then
if [[ $filename =~ ^[0-9]{4}-[0-9]{2}-[0-9]{2} ]]; then
# Extract date from filename
date=$(echo "$filename" | grep -oE '[0-9]{4}-[0-9]{2}-[0-9]{2}')
# Sanitize title
sanitized_title=$(echo "$filename" | sed -E 's/^[0-9]{4}-[0-9]{2}-[0-9]{2}-//; s/\.md$//; s/-/ /g; s/\b\w/\u&/g')
if [ "$first" = true ]; then
first=false
else
json="$json,"
fi
# JSON object with data we may want to use like a json feed file
# this doesn't, however, actually follow jsonfeed spec
# that is done so by the generate_jsonfeed_spec function
json_object=$(jq -n \
--arg name "$filename" \
--arg url "$site_url/posts/$(basename "$file" .md).html" \
--arg date "$date" \
--arg title "$sanitized_title" \
--arg path "/posts/$(basename "$file" .md).html" \
'{name: $name, url: $url, date: $date, title: $title, path: $path}')
# Append JSON object to the array
json="$json$json_object"
fi
fi
done
json="$json]}"
# Format JSON with jq
formatted_json=$(echo "$json" | jq .)
echo "$formatted_json" >"$2"
}
generate_jsonfeed_spec() {
echo "Generating JSON Feed..."
json=$(jq -n \
--arg version "https://jsonfeed.org/version/1.1" \
--arg title "$title" \
--arg home_page_url "$site_url" \
--arg feed_url "$site_url/feed.json" \
'{version: $version, title: $title, home_page_url: $home_page_url, feed_url: $feed_url, items: []}')
# Initialize the ID counter to 0
id_counter=0
for file in "$1"/notes/*.md; do
filename=$(basename "$file")
if [[ $filename != "README.md" ]]; then
if [[ $filename =~ ^[0-9]{4}-[0-9]{2}-[0-9]{2} ]]; then
# Extract date from filename
date=$(echo "$filename" | grep -oE '[0-9]{4}-[0-9]{2}-[0-9]{2}')
# Sanitize title
sanitized_title=$(echo "$filename" | sed -E 's/^[0-9]{4}-[0-9]{2}-[0-9]{2}-//; s/\.md$//; s/-/ /g; s/\b\w/\u&/g')
# Generate the URL for the post
url="$site_url/posts/$(basename "$file" .md).html"
content_raw="$(cat notes/"$(basename "$file" .md)".html)"
# Generate the JSON object for the item
json_object=$(jq -n \
--arg id "$id_counter" \
--arg url "$url" \
--arg title "$sanitized_title" \
--arg date "$date" \
--arg content_html "$content_raw" \
'{id: $id, url: $url, title: $title, date_published: $date, content_html: $content_raw}')
# Append the JSON object to the items array
json=$(echo "$json" | jq --argjson item "$json_object" '.items += [$item]')
# Increment the ID counter
id_counter=$((id_counter + 1))
fi
fi
done
# Format JSON with jq
formatted_json=$(echo "$json" | jq .)
echo "$formatted_json" >"$2"
}
# Index page refers to the "main" page generated
# from the README.md, which I would like to see on the front
generate_index_page() {
local templates="$1"/templates
echo "Generating index page..."
pandoc --from gfm --to html \
--standalone \
--template "$templates"/html/page.html \
--css /style.css \
--variable="index:true" \
--metadata title="$title" \
--metadata description="$site_description" \
"$1/notes/README.md" -o "$2/index.html"
}
generate_other_pages() {
local templates="$2"/templates
echo "Generating other pages..."
for file in "$1"/notes/*.md; do
filename=$(basename "$file")
if [[ $filename != "README.md" ]]; then
if [[ $filename =~ ^[0-9]{4}-[0-9]{2}-[0-9]{2} ]]; then
# Date in filename imples a blogpost
# convert it to markdown and place it in the posts directory
# since this is a post, it can contain a table of contents
echo "Converting $filename..."
pandoc --from gfm --to html \
--standalone \
--template "$templates"/html/page.html \
--css /style.css \
--metadata title="$filename" \
--metadata description="$site_description" \
--table-of-contents \
--highlight-style="$templates"/pandoc/custom.theme \
"$file" -o "$3/posts/$(basename "$file" .md).html"
else
if [[ $filename != "*-md" ]]; then
echo "Converting $filename..."
# No date in filename, means this is a standalone page
# convert it to html and place it in the pages directory
pandoc --from gfm --to html \
--standalone \
--template "$templates"/html/page.html \
--css /style.css \
--metadata title="$filename" \
--metadata description="$site_description" \
"$file" -o "$3/pages/$(basename "$file" .md).html"
fi
fi
fi
done
for file in "$4"/*.md; do
filename=$(basename "$file")
pandoc --from gfm --to html \
--standalone \
--template "$templates"/html/page.html \
--css /style.css \
--metadata title="$filename" \
--metadata description="$site_description" \
--highlight-style="$templates"/pandoc/custom.theme \
"$file" -o "$3/pages/$(basename "$file" .md).html"
done
}
write_privacy_policy() {
# write privacy.md as notes/privacy.md
cat >"$1/privacy.md" <<EOF
# Privacy Policy
This site is hosted on Github Pages, their privacy policies apply at any given time.
The author of this site:
- does not set or use cookies.
- does not store data in the browser to be shared, sent, or sold to third-parties.
- does not collect, sell, send or otherwise share your private information with any third parties.
Effective as of April 5th, 2024.
EOF
}
write_about_page() {
# write about.md as notes/about.md
cat >"$1/about.md" <<-EOF
# About
I work with Nix quite often, and share some of the stuff I learn while I do so. This website contains various notes
on things that interested me, or things I thought was worth sharing. If you would like to contribute, or have any feedback
you think would be useful, please feel free to reach out to me via email, available at my GitHub profile or
[on my website](https://notashelf.dev)
EOF
}
cleanup() {
echo "Cleaning up..."
rm -rf "$tmpdir"
}
trap cleanup EXIT
# Create directories
create_directory "$outdir"
create_directory "$posts_dir"
create_directory "$pages_dir"
# Compile stylesheet
compile_stylesheet "$workingdir" "templates/scss/main.scss"
# Index page
generate_index_page "$workingdir" "$outdir"
# Other Pages
write_about_page "$tmpdir"
write_privacy_policy "$tmpdir"
generate_other_pages "$workingdir" "$workingdir" "$outdir" "$tmpdir"
# Post list and feed file
generate_posts_json "$workingdir" "$json_file"
generate_jsonfeed_spec "$workingdir" "$outdir"/feed.json
# Cleanup
cleanup
echo "All tasks completed successfully."

18
nyx/docs/notes/2023-01-22-system-backlight.md Normal file
View file

@ -0,0 +1,18 @@
# Notes for 22th of January, 2023
Following a system upgrade two days ago, my HP Pavillion laptop has stopped
registering the `intel_backlight` interface in `/sys/class/backlight`, which
is most often used to control backlight by tools such as `brightnessctl.`
Inspecting `dmesg` has given me nothing but aninsanely vague error message.
Only mentioning it is not being loaded (_very helpful, thanks!_)
After some research, on Google as every other confused Linux user, I have
come across [this article](https://www.linuxquestions.org/questions/slackware-14/brightness-keys-not-working-after-updating-to-kernel-version-6-a-4175720728/)
which mentions backlight behaviour has changed sometime after kernel 6.1.4.
Fortunately for me, the article also refers to the the ever so informative
ArchWiki, which instructs passing one of the [three kernel command-line options](https://wiki.archlinux.org/title/backlight#Kernel_command-line_options).
depending on our needs.
As I have upgraded from 6.1.3 to 6.1.6 with a flake update, the `acpi_backlight=none`
parameter has made it so that it would skip loading intel backlight entirely. Simply switching
this parameter to `acpi_backlight=native` as per the article above has fixed the issue.

355
nyx/docs/notes/2023-03-14-impermanence.md Normal file
View file

@ -0,0 +1,355 @@
# Notes for 14th of March, 2023
Today was the day I finally got to setting up both "erase your darlings"
and proper disk encryption. This general setup concept utilizes NixOS'
ability to boot off of a disk that contains only `/nix` and `/boot`, linking
appropriate devices and blocks during the boot process and deleting all state
that programs may have left over my system.
The end result, for me, was a fully encrypted that uses btrfs
snapshots to restore `/` to its original state on each boot.
## Resources
- [This discourse post](https://discourse.nixos.org/t/impermanence-vs-systemd-initrd-w-tpm-unlocking/25167)
- [This blog post](https://elis.nu/blog/2020/06/nixos-tmpfs-as-home)
- [This other blog post](https://guekka.github.io/nixos-server-1/)
- [And this post that the previous post is based on](https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html)
- [Impermanence](https://github.com/nix-community/impermanence)
## The actual set-up (and reproduction steps)
I've had to go through a few guides before I could figure out a set up that I
really like. The final decision was that I would have an encrypted disk that
restores itself to its former state during boot. Is it fast? Absolutely not.
But it sure as hell is cool. And stateless!
To return the root (and only the root) we use a systemd service that fires
shortly after the disk is encrypted but before the root is actually mounted.
That way, we can unlock the disk, restore the disk to its pristine state
using the snapshot we have taken during installation and mount the root to
go on with our day.
### Reproduction steps
#### Partitioning
First you want to format your disk. If you are really comfortable with
bringing parted to your pre-formatted disks, by all means feel free to skip
this section. I, however, choose to format a fresh disk.
Start by partitioning the sections of our disk (sda1, sda2 and sda3)
_Device names might change if you're using a nvme disk, i.e nvme0p1._
```bash
# Set the disk name to make it easier
DISK=/dev/sda # replace this with the name of the device you are using
# set up the boot partition
parted "$DISK" -- mklabel gpt
parted "$DISK" -- mkpart ESP fat32 1MiB 1GiB
parted "$DISK" -- set 1 boot on
mkfs.vfat -n BOOT "$DISK"1
```
```bash
# set up the swap partition
parted "$DISK" -- mkpart Swap linux-swap 1GiB 9GiB
mkswap -L SWAP "$DISK"2
swapon "$DISK"2
```
_I do in fact use swap in the civilized year of 2023[^1]. If I were a little
more advanced, and if I did not disable hibernation due to overly-hardened
kernel parameters, I would also be encrypting the swap to secure the hibernates...
but that is *currently* out of my scope. You may find this desirable, however, I
will not be providing instructions on that._
Encrypt your partition, and open it to make it available under `/dev/mapper/enc`.
```bash
cryptsetup --verify-passphrase -v luksFormat "$DISK"3 # /dev/sda3
cryptsetup open "$DISK"3 enc
```
Now partition the encrypted device block.
```bash
parted "$DISK" -- mkpart primary 9GiB 100%
mkfs.btrfs -L NIXOS /dev/mapper/enc
```
```bash
mount -t btrfs /dev/mapper/enc /mnt
# First we create the subvolumes, those may differ as per your preferences
btrfs subvolume create /mnt/root
btrfs subvolume create /mnt/home
btrfs subvolume create /mnt/nix
btrfs subvolume create /mnt/persist # some people may choose to put /persist in /mnt/nix, I am not one of those people.
btrfs subvolume create /mnt/log
```
Now that we have created the btrfs subvolumes, it is time for the _readonly_
snapshot of the root subvolume.
```bash
btrfs subvolume snapshot -r /mnt/root /mnt/root-blank
# Make sure to unmount, or nixos-rebuild will try to remove /mnt and fail
umount /mnt
```
#### Mounting
After the subvolumes are created, we mount them with the options that we want.
Ideally, on NixOS, you want the `noatime` option [^2] and zstd
compression, especially on your `/nix` partition.
The following is my partition layout. If you have created any other subvolumes
in the step above, you will also want to mount them here. Below setup assumes
that you have been following the steps as is.
```bash
# /
mount -o subvol=root,compress=zstd,noatime /dev/mapper/enc /mnt
# /home
mkdir /mnt/home
mount -o subvol=home,compress=zstd,noatime /dev/mapper/enc /mnt/home
# /nix
mkdir /mnt/nix
mount -o subvol=nix,compress=zstd,noatime /dev/mapper/enc /mnt/nix
# /persist
mkdir /mnt/persist
mount -o subvol=persist,compress=zstd,noatime /dev/mapper/enc /mnt/persist
# /var/log
mkdir -p /mnt/var/log
mount -o subvol=log,compress=zstd,noatime /dev/mapper/enc /mnt/var/log
# do not forget to mount the boot partition
mkdir /mnt/boot
mount "$DISK"1 /mnt/boot
```
And finally let NixOS generate the hardware configuration.
```bash
nixos-generate-config --root /mnt
```
The genereated configuration will be available at `/mnt/etc/nixos`.
Before we move on, we need to add the `neededForBoot = true;` to some mounted
subvolumes in `hardware-configuration.nix`. It will look something like this:
```nix
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/b79d3c8b-d511-4d66-a5e0-641a75440ada";
fsType = "btrfs";
options = ["subvol=root"];
};
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/82144284-cf1d-4d65-9999-2e7cdc3c75d4";
fileSystems."/home" = {
device = "/dev/disk/by-uuid/b79d3c8b-d511-4d66-a5e0-641a75440ada";
fsType = "btrfs";
options = ["subvol=home"];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/b79d3c8b-d511-4d66-a5e0-641a75440ada";
fsType = "btrfs";
options = ["subvol=nix"];
};
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/b79d3c8b-d511-4d66-a5e0-641a75440ada";
fsType = "btrfs";
options = ["subvol=persist"];
neededForBoot = true; # <- add this
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/b79d3c8b-d511-4d66-a5e0-641a75440ada";
fsType = "btrfs";
options = ["subvol=log"];
neededForBoot = true; # <- add this
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/FDED-3BCF";
fsType = "vfat";
};
swapDevices = [
{device = "/dev/disk/by-uuid/0d1fc824-623b-4bb8-bf7b-63a3e657889d";}
# if you encrypt your swap, it'll also need to be configured here
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
```
Do keep in mind that the NixOS hardware scanner **cannot** pick up your mount
options. Which means that you should specifiy the options (i.e `noatime`) for
each btrfs volume that you have created in `hardware-configuration.nix`. You
can simply add them in the `options = [ ]` list in quotation marks. I
recommend adding at least zstd compression, and optionally `noatime`.
### Closing Notes
And that should be all. By this point you are pretty much ready to install
with your existing config. I generally use my configuration flake to boot, so
there is no need to make any revisions. If you are starting from scratch, you
may consider tweaking your configuration.nix before you install the system.
An editor, such as Neovim, or your preferred DE/wm make good additions to your
configuration.
Once it's all done, take a deep breath and `nixos-install`. Once the
installation is done, you'll be prompted for the root password and after that
you can reboot. Now you are running NixOS on an encrypted disk. Nice!
Next up, if you are feeling _really_ fancy today, is to configure disk
erasure and impermanence.
#### Impermanence
For BTRFS snapshots, I use a systemd service that goes
```nix
boot.initrd.systemd = {
enable = true; # this enabled systemd support in stage1 - required for the below setup
services.rollback = {
description = "Rollback BTRFS root subvolume to a pristine state";
wantedBy = [
"initrd.target"
];
after = [
# LUKS/TPM process
"systemd-cryptsetup@enc.service"
];
before = [
"sysroot.mount"
];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir -p /mnt
# We first mount the btrfs root to /mnt
# so we can manipulate btrfs subvolumes.
mount -o subvol=/ /dev/mapper/enc /mnt
# While we're tempted to just delete /root and create
# a new snapshot from /root-blank, /root is already
# populated at this point with a number of subvolumes,
# which makes `btrfs subvolume delete` fail.
# So, we remove them first.
#
# /root contains subvolumes:
# - /root/var/lib/portables
# - /root/var/lib/machines
btrfs subvolume list -o /mnt/root |
cut -f9 -d' ' |
while read subvolume; do
echo "deleting /$subvolume subvolume..."
btrfs subvolume delete "/mnt/$subvolume"
done &&
echo "deleting /root subvolume..." &&
btrfs subvolume delete /mnt/root
echo "restoring blank /root subvolume..."
btrfs subvolume snapshot /mnt/root-blank /mnt/root
# Once we're done rolling back to a blank snapshot,
# we can unmount /mnt and continue on the boot process.
umount /mnt
'';
};
};
```
> You may opt in for `boot.initrd.postDeviceCommands = lib.mkBefore ''`
> as [this blog post](https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html)
> suggests. I am not exactly sure how exactly those options actually
> compare, however, a systemd service means it will be accessible through the
> the systemd service interface, which is why I opt-in for a service.
##### Implications
What this implies is that certain files such as saved networks for
network-manager will be deleted on each reboot. While a little clunky,
[Impermanence](https://github.com/nix-community/impermanence) is a great
solution to our problem.
Impermanence exposes to our system an `environment.persistence."<dirName>"` option that we can use to make certain directories or files permanent.
My module goes like this:
```nix
imports = [inputs.impermanence.nixosModules.impermanence]; # the import will be different if flakes are not enabled on your system
environment.persistence."/persist" = {
directories = [
"/etc/nixos"
"/etc/NetworkManager/system-connections"
"/etc/secureboot"
"/var/db/sudo"
];
files = [
"/etc/machine-id"
# ssh stuff
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
# if you use docker or LXD, also persist their directories
];
};
```
And that is pretty much it. If everything went well, you should now be telling
your friends about your new system boasting full disk encryption _and_ root
rollbacks.
## Why?
Honestly, why not?
[^1]:
I could be using `tmpfs` for `/` at this point in time. Unfortunately, since I share this setup on some of my low-end laptops, I've got no RAM
to spare - which is exactly why I have opted out with BTRFS. It is a reliable filesystem that I am used to, and it allows for us to use a script
that we'll see later on.
[^2]: https://opensource.com/article/20/6/linux-noatime

145
nyx/docs/notes/2023-05-21-packaging-nextjs-webapps.md Normal file
View file

@ -0,0 +1,145 @@
# Notes for 21st of June, 2023
Recenty I have had to go through the misfortune of hosting some websites
written with _NextJS_ on my VPS running NixOS, this note entry shall document
my experience and the "easy" path I have chosen.
## Packaging
The websites I hosted were of two variety: those statically exported, and
those that cannot be statically exported.
### Statically Exported Webapps
Statically exported ones are easy to package, because it is a matter of
running `npm build` (or whatever your build script is) with the following
NextJS settings
```js
// next.config.js
module.exports = {
distDir: "dist", // an artitrary path for your export
output: "export",
};
```
This will export a static website with a bunch of html files that you can
then serve with nodePackages.serve or a webserver like nginx or apache.
And that is the end of your worries for a statically exported website! No
headache, just write a simple derivation, such as the one below
```nix
# default.nix
{
buildNpmPackage,
pkg-config,
python3,
...
}:
buildNpmPackage {
pname = "your-website";
version = "0.1";
src = ./.;
# needs to be updated everytime you update npm dependencies
npmDepsHash = "sha256-some-hash";
# some npm packages may need to be built from source, because nodejs is a *terrible* ecosystem
nativeBuildInputs = [pkg-config python3];
# move exported website to $out
postInstall = ''
cp -rf dist/* $out
'';
}
```
and serve its path with a simple tool after building the derivation, I find
nginx to be awfully convenient for doing so, but you may choose caddy if you
prefer.
### Webapps that cannot be statically exported
If your website depends on API routes for some reasons, then Next will not
allow you to do static export. Which means you need to run `next start` in
some shape or form. While a systemd service is certainly a way of doing it
(one that I do not recommend), a oci container works as well if not better.
You can write a "simple" docker image for your oci container to use, such as
the one below
```nix
# dockerImage.nix
{
pkgs,
inputs,
...
}: {
dockerImage = pkgs.dockerTools.buildImage {
config = {
WorkingDir = "/your-website";
Cmd = ["npm" "run" "serve"];
};
name = "your-website";
tag = "latest";
fromImage = pkgs.dockerTools.buildImage {
name = "node";
tag = "18-alpine";
};
copyToRoot = pkgs.buildEnv {
name = "image-root";
paths = with pkgs; [
# this package is called from a flake.nix alongside the derivation for the website
inputs.self.packages.${pkgs.system}.your-website
nodejs
bash
];
pathsToLink = [
"/bin"
"/your-website"
];
};
};
}
```
Then, configure oci-containers module option to pick up the Docker image that
you have built. This is a simplified version of my VPS' container setup.
An example can be found in my [server module](https://github.com/NotAShelf/nyx/blob/a9e129663ac91302f2fd935351a71cbbd2832f64/modules/core/roles/server/system/services/mkm.nix)
```nix
virtualisation.oci-containers = {
backend = "podman";
containers = {
"website-container" = {
autoStart = true;
ports = [
"3000:3000" # bind container's port 3000 to the outside port 3000 for NextJS
];
extraOptions = ["--network=host"];
image = "your-website";
imageFile = inputs.website-flake.packages.${pkgs.system}.dockerImage;
};
};
};
```
After a rebuild, your system will provision the container and start it on
port **3000**. You can access it with `your-server-ip:3000` in your
browser, and even configure nginx to set up a reverse proxy to assign
your domain.
```conf
"example.com" = {
locations."/".proxyPass = "http://127.0.0.1:3000";
};
```
This will assign your domain to your webserver, and allow outside
visitors to view your "awesome" NextJS webapp.

103
nyx/docs/notes/2023-06-07-extended-nixpkgs.md Normal file
View file

@ -0,0 +1,103 @@
# Notes for 7th of June, 2023
Those are my notes on extending nixpkgs with your own functions and
abstractions. There may be other ways of doing it, but this is the one I find
to be most ergonomic.
## What is `nixpkgs.lib`
In the context of the Nix package manager and NixOS, `nixpkgs.lib` refers to
a module within the Nixpkgs repository. The `nixpkgs.lib` module provides a
set of utility functions and definitions that are commonly used across the
Nixpkgs repository. It contains various helper functions and abstractions that
make it easier to write Nix expressions and define packages. We often use those
functions to simplify our configurations and the nix package build processes.
## Why would you need to extend `nixpkgs.lib`
While the library functions provided by nixpkgs is quite extensive and usually
suits my needs, I sometimes feel the need to define my own function or wrap an
existing function to complete a task. Normally we can handle the process of a
function inside a simple `let in` and be well off, but there may be times you
need to re-use the existing function across your configuration file.
In such times, you might want to either write your own lib and inherit it at
the source of your `flake.nix` to then inherit them across your configuration.
Today's notes document the process of doing exactly that.
## Extending `nixpkgs.lib`
I find the easiest way of extending nixpkgs.lib to be using an overlay.
```nix
# lib/default.nix
{
nixpkgs,
lib,
inputs,
...
}: nixpkgs.lib.extend (
final: prev: {
# your functions go here
}
)
```
The above structure takes the existing `lib` from `nixpkgs`, and appends your
own configurations to it. You may then import this library in your `flake.nix`
to pass it to other imports and definitions.
```nix
# flake.nix
flake = let
# extended nixpkgs lib, contains my custom functions
lib = import ./lib {inherit nixpkgs lib inputs;};
in {
# entry-point for nixos configurations
nixosConfigurations = import ./hosts {inherit nixpkgs self lib;};
};
```
In this example (see my `flake.nix` for the actual implementation) I import my
extended lib from `lib/default.nix`, where I defined the overlay. I then pass
the extended lib to my `nixosConfiguratiıns`, which is an entry-point for all
of my NixOS configurations. As such, I am able to re-use my own utility
functions across my system as I see fit.
The problem with this approach is that it may be confusing for other people
reviewing your configuration. With this approach, `lib.customFunction` looks
identical to any lib function, which may lead to people thinking the function
exists in nixpkgs itself while it is only provided by your configuration. The
solution for that is simple though, instead of extending `nixpkgs.lib`, you may
define your own lib that does not inherit from `nixpkgs.lib` and only contains
your functions. The process would be similar, and you would not need to define
an overlay.
```nix
# flake.nix
flake = let
# extended nixpkgs lib, contains my custom functions
lib' = import ./lib {inherit nixpkgs lib inputs;};
in {
# entry-point for nixos configurations
nixosConfigurations = import ./hosts {inherit nixpkgs self lib';};
};
```
where your `lib/default.nix` looks like
```nix
# lib/default.nix
{
nixpkgs,
lib,
inputs,
...
}: {
# your functions here
}
```
You can find a real life example of the alternative approach in
my [neovim-flake's lib](https://github.com/NotAShelf/neovim-flake/blob/main/lib/stdlib-extended.nix).

82
nyx/docs/notes/2023-07-14-openssh-custom-port.md Normal file
View file

@ -0,0 +1,82 @@
# Notes for 14th of July, 2023
My VPS, which hosts some of my infrastructure, has been running NixOS
for a while now. Although weak, I use it for distributed builds alongside the
rest of my NixOS machines on a Tailscale network.
This server, due to it hosting my infrastructure that communicates with the
rest of the internet (i.e my mailserver), is somewhat responsive to queries
from the public - which includes _very_ agressive portscans (thanks, skiddies!)
To mitigate that, I have decided to change the ssh port from the default **22**
to something different. While this is not exactly a pancea, it helps alleviate
the insane log spam I get from failed ssh requests.
## The OpenSSH Configuration
First thing we've done is to configure openssh to listen on the new port on
your server configuration
```nix
services.openssh = {
ports = [2222];
}
```
With this set, openssh on the server will now be listening on the port **2222**
instead of the default **22**. For the changes to take effect after a
rebuild, you might need to run `systemctl restart sshd.socket`.
Then we want to configure our client to use the correct port for our server
instead of the default **22**.
```nix
programs.ssh.extraConfig = ''
Host nix-builder
HostName nix-builder-hostname # if you are using Tailscale, this can just be the hostname of a device on your Tailscale network
Port 2222
'';
```
And done, that is all for the ssh side of things. Next up, we need to configure
out builder to use the correct host.
## Nix Builder Configuration
Assuming you already have a remote builder configured, you will only need to
patch the `hostName` with the one on your `openssh.extraConfig`.
```nix
nix.buildMachines = [{
hostName = "nix-builder-hostname";
sshUser = "nix-builder";
sshKey = "/path/to/key";
systems = ["x86_64-linux"];
maxJobs = 2;
speedFactor = 2;
supportedFeatures = ["kvm"];
}];
```
If you have added the correct `hostName` and `sshUser`, the builder will be
picked up automatically on the next rebuild.
### Home-Manager
If you are using Home-Manager, you might also want to configure your
declarative ~/.config/ssh/config to use the new port. That can be achieved
through `programs.ssh.matchBlocks` option under Home-Manager
```nix
programs.ssh.matchBlocks = {
"builder" = {
hostname = "nix-builder-hostname";
user = "nix-builder";
identityFile = "~/.ssh/builder-key";
port = 2222;
};
}
```
And that will be all. You are ready to use your new non-default port, mostly
safe from port scanners.

88
nyx/docs/notes/2023-11-11-using-headscale.md Normal file
View file

@ -0,0 +1,88 @@
# Notes for 11th of November, 2023
Today's main attraction is the Headscale setup on my VPS running NixOS, which
I've finally came around to self-host.
There has been much talk about this new product called Tailscale recently
around the web, especially in the last few years. Tailscale is a VPN
service that makes the devices and applications we own accessible anywhere
using the open source WireGuard protocol to establish encrypted point-to-point
connections. I have been using Tailscale for a while now, but in an effort
to move all of my services to self-owned hardware some of my services have
been moved over to my NixOS server over time.
Many of Tailscales components are open-source, especially its clients, but
the server remains closed-source. Tailscale is a SaaS product and monetization
naturally is a big concern, however, we care more about controlling our own data
than their attempts of monetization.
This is where the (very appropriately named) Headscale comes in; Headscale is
an open-source, self-hosted implementation of the Tailscale control server. The
configuration is extremely straightforward, as Headscale will handle everything
for us.
## Running Headscale
Below is a simple configuration for the Headscale module of NixOS.
```nix
services = let
domain = "example.com";
in {
headscale = {
enable = true;
address = "0.0.0.0";
port = 8085;
settings = {
server_url = "https://tailscale.${domain}";
dns_config = {
override_local_dns = true;
base_domain = "${domain}";
magic_dns = true;
domains = ["tailscale.${domain}"];
nameservers = [
"9.9.9.9" # no cloudflare, nice
];
};
ip_prefixes = [
"100.64.0.0/10"
"fd7a:115c:a1e0::/48"
];
};
};
};
```
## Using Headscale
We must first create a user, which we can do with
```console
headscale users create myUser
```
Then on the machine that will be our client, we need to login.
```console
tailscale up --login-server tailscale.example.com # replace this URL with your own as configured abovea
```
Followed by registering the machine.
```console
# machine key will be obtained visiting the URL that is returned from the above command
headscale --user myUser nodes register --key <MACHINE_KEY>
```
And finally logging into your Tailnet using the URL and your machine key.
```console
tailscale up --login-server https://tailscale.example.com --authkey <YOUR_AUTH_KEY>
```
And all done! Now try connecting to one of your machines using the hostname now
to test if the connection is actually working. If anything goes wrong, make
sure to check your DNS settings: remember, it's always the DNS.

29
nyx/docs/notes/README.md Normal file
View file

@ -0,0 +1,29 @@
# Notes
Howdy! Welcome to my collection of notes.
This is where I store my notes on topics and processes that I find particularly
difficult, obscure or otherwise interesting. Mostly on Linux and NixOS,
perhaps on programming in the future.
If those notes helped you in any way, that is great! That means my time writing
those notes were well spent. If you were already a Nix/NixOS expert who somehow
found their way in here, and got really bored reading my notes then I only ask
that you point out my mistakes where you spot them. Your time will be very much
appreciated.
If you are a reader looking for some pro tips, I would like to remind you that I
am not an expert in Nix or NixOS. My notes are limited by my own knowledge.
However, I would be happy to try and answer your questions nevertheless; and we
can try figuring out the answer together, should we both happen to be stuck.
If you spot a mistake, please let me know and I would be happy to learn from you.
Thanks!
| Date | Category | Description |
| ---------- | ---------- | -------------------------------------------------------------------------------------------------- |
| 22-01-2023 | Linux | My notes on a kernel parameter change affecting my backlight state |
| 14-03-2023 | Nix | Reproduction steps NixOS setup with ephemeral root using BTRFS subvolumes and full disk encryption |
| 07-06-2023 | Nix | Notes on extending or writing your own nixpkgs library to use in your configurations |
| 21-06-2023 | Nix/NextJS | A guide on serving statically exported and non-statically exported NextJS Webapps on NixOS |
| 14-07-2023 | Nix/NixOS | Notes on a potentially working distributed builds setup on NixOS with a non-default ssh port |

48
nyx/docs/notes/cheatsheet.md Normal file
View file

@ -0,0 +1,48 @@
# Cheat sheet
## Show GC roots
```sh
nix-store --gc --print-roots | grep -v "<hostName>" | column -t | sort -k3 -k1
```
## List all packages
```sh
nix-store -q --requisites /run/current-system | cut -d- -f2- | sort | uniq
```
You can add a `wc -l` at the end of the above command, but that will not be an accurate representation of
your package count, as the same package can be repeated with different versions.
## Find biggest packages
```sh
nix path-info -hsr /run/current-system/ | sort -hrk2 | head -n10
```
## Find biggest closures (packages including dependencies)
```sh
nix path-info -hSr /run/current-system/ | sort -hrk2 | head -n10
```
## Show package dependencies as tree
> Assuming `hello` is in PATH
```sh
nix-store -q --tree $(realpath $(which hello))
```
## Show package dependencies including size
```sh
nix path-info -hSr nixpkgs#hello
```
## Show the things that will change on reboot
```sh
diff <(nix-store -qR /run/current-system) <(nix-store -qR /run/booted-system)
```

8
nyx/docs/notes/yubikey-todo.md Normal file
View file

@ -0,0 +1,8 @@
# TODO
<!--- Yubikey gpg setup & disk encryption on Nixos -->
## Resources
- https://superuser.com/questions/1628782/gpg-signing-failed-no-pinentry
- https://superuser.com/questions/397149/can-you-gpg-sign-old-commits

8
nyx/docs/shell.nix Normal file
View file

@ -0,0 +1,8 @@
{pkgs ? import <nixpkgs> {}}:
pkgs.mkShell {
packages = with pkgs; [
pandoc
jq
sassc
];
}

127
nyx/docs/templates/html/page.html vendored Normal file
View file

@ -0,0 +1,127 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="generator" content="pandoc" />
<meta
name="viewport"
content="width=device-width, initial-scale=1.0, user-scalable=yes"
/>
$for(author-meta)$
<meta name="author" content="$author-meta$" />
$endfor$ $if(date-meta)$
<meta name="dcterms.date" content="$date-meta$" />
$endif$ $if(keywords)$
<meta
name="keywords"
content="$for(keywords)$$keywords$$sep$, $endfor$"
/>
$endif$ $if(description-meta)$
<meta name="description" content="$description-meta$" />
$endif$
<title>$title$</title>
<style>
$styles.html()$
</style>
$for(css)$
<link rel="stylesheet" href="$css$" />
$endfor$
<!-- Begin Google Fonts import -->
<link rel="preconnect" href="https://fonts.googleapis.com" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
<link
href="https://fonts.googleapis.com/css2?family=Courier+Prime:ital,wght@0,400;0,700;1,400;1,700&family=Roboto+Slab:wght@100..900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap"
rel="stylesheet"
/>
<!-- End Google Fonts import -->
<!-- Begin Lineicons import -->
<!--
<link
rel="stylesheet"
href="https://cdn.lineicons.com/4.0/lineicons.css"
/>
<!-- End Lineicons import-->
<link rel="stylesheet" href="/style.css" />
</head>
<body>
<header>
<nav class="primary-buttons">
<ul>
<li><a class="nav-button" href="/">Index</a></li>
</ul>
</nav>
<nav class="secondary-buttons">
<ul>
<li>
<div class="dropdown">
<button class="nav-button">Posts</button>
<div
class="dropdown-content"
id="dropdown-content"
></div>
</div>
<a class="nav-button" href="/pages/about.html">
About
</a>
<a class="nav-button" href="/pages/privacy.html">
Privacy
</a>
</li>
</ul>
</nav>
</header>
<main>
$if(toc)$
<nav id="$idprefix$TOC" role="doc-toc">
$if(toc-title)$
<h2 id="$idprefix$toc-title">$toc-title$</h2>
$endif$ $table-of-contents$
</nav>
$endif$ $body$ $for(include-after)$ $include-after$ $endfor$
</main>
<footer>
<div class="footer-divider"></div>
<p>&copy; 2024 NotAShelf</p>
<div class="footer-icons">
<a href="https://twitter.com/notashelf">
<i class="lni lni-twitter-original" title="Twitter"></i>
</a>
<a href="https://github.com/notashelf">
<i class="lni lni-github-original" title="GitHub"></i>
</a>
<a href="/feed.json">
<i class="lni lni-rss-feed" title="RSS Feed"></i>
</a>
</div>
</footer>
<script>
// Dropdown post listing
function fetchPosts() {
fetch("/posts/posts.json")
.then((response) => response.json())
.then((data) => {
const dropdownContent =
document.getElementById("dropdown-content");
data.posts.forEach((post) => {
const postLink = document.createElement("a");
postLink.textContent = post.title;
// we could use posts.url here, instead of posts.path
// but it messes with local serving, which prefers `/`
// to the actual URL, as it would point to the live site
// by path
postLink.href = post.path;
dropdownContent.appendChild(postLink);
});
})
.catch((error) =>
console.error("Error fetching posts:", error),
);
}
document.addEventListener("DOMContentLoaded", () => {
fetchPosts();
});
</script>
</body>
</html>

212
nyx/docs/templates/pandoc/custom.theme vendored Normal file
View file

@ -0,0 +1,212 @@
{
"text-color": "#C3CBE9",
"background-color": null,
"line-number-color": null,
"line-number-background-color": null,
"text-styles": {
"Alert": {
"text-color": "#ffcfaf",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Annotation": {
"text-color": "#7f9f7f",
"background-color": null,
"bold": true,
"italic": false,
"underline": false
},
"Attribute": {
"text-color": null,
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"BaseN": {
"text-color": "#dca3a3",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"BuiltIn": {
"text-color": null,
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Char": {
"text-color": "#dca3a3",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Comment": {
"text-color": "#7f9f7f",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"CommentVar": {
"text-color": "#7f9f7f",
"background-color": null,
"bold": true,
"italic": false,
"underline": false
},
"Constant": {
"text-color": "#dca3a3",
"background-color": null,
"bold": true,
"italic": false,
"underline": false
},
"ControlFlow": {
"text-color": "#f0dfaf",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"DataType": {
"text-color": "#dfdfbf",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"DecVal": {
"text-color": "#dcdccc",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Documentation": {
"text-color": "#7f9f7f",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Error": {
"text-color": "#c3bf9f",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Extension": {
"text-color": null,
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Float": {
"text-color": "#c0bed1",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Function": {
"text-color": "#efef8f",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Import": {
"text-color": null,
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Information": {
"text-color": "#7f9f7f",
"background-color": null,
"bold": true,
"italic": false,
"underline": false
},
"Keyword": {
"text-color": "#f0dfaf",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Operator": {
"text-color": "#f0efd0",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Other": {
"text-color": "#efef8f",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Preprocessor": {
"text-color": "#ffcfaf",
"background-color": null,
"bold": true,
"italic": false,
"underline": false
},
"SpecialChar": {
"text-color": "#dca3a3",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"SpecialString": {
"text-color": "#cc9393",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"String": {
"text-color": "#cc9393",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Variable": {
"text-color": null,
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"VerbatimString": {
"text-color": "#cc9393",
"background-color": null,
"bold": false,
"italic": false,
"underline": false
},
"Warning": {
"text-color": "#7f9f7f",
"background-color": null,
"bold": true,
"italic": false,
"underline": false
}
}
}

178
nyx/docs/templates/scss/base.scss vendored Normal file
View file

@ -0,0 +1,178 @@
*,
::before,
::after {
box-sizing: border-box;
}
// Base styles
h1 {
font-family: $font-family-secondary;
line-height: 1.15;
}
body {
font-size: 20px;
line-height: 1.5;
font-family: $font-family-primary;
margin: 0;
padding: 0;
background-color: $primary;
display: flex;
flex-direction: column;
min-height: 100vh;
@media (max-width: $screen-tablet) {
font-size: 18px;
}
}
header {
background-color: $primary;
color: $secondary;
padding: 10px 25px;
display: flex;
justify-content: space-between;
align-items: center;
max-width: 80ch;
width: 100%;
margin: 0 auto;
@media (max-width: $screen-tablet) {
font-size: 14px;
padding: 8px 4px;
}
}
nav {
ul {
list-style-type: none;
margin: 0;
padding: 0;
display: flex;
li {
a {
color: $secondary;
text-decoration: none;
}
}
}
}
main {
text-align: left;
color: $secondary;
padding: 10px 30px;
flex: 1;
margin: 0 auto;
max-width: Min(80ch, 100%);
a {
&:hover,
&:link,
&:visited,
&:active {
color: $hover-color;
text-decoration: none;
}
}
@media (max-width: $screen-tablet) {
padding: 12px;
}
}
// Buttons
/*
.primary-buttons,
.secondary-buttons,
*/
.dropbtn,
.nav-button {
font-weight: 800;
background-color: $primary;
color: $secondary;
cursor: pointer;
font-weight: 800;
background-color: $primary;
color: $secondary;
cursor: pointer;
font-weight: 800;
font-family: "Roboto Slab", Roboto, Arial, sans-serif;
font-size: 20px;
line-height: 1.5;
border: none;
align-items: center;
margin: 0px 5px;
&:hover {
color: lighten($secondary, 5%);
}
}
// Dropdown Button
.dropbtn:hover {
color: lighten($secondary, 5%);
}
.dropdown {
position: relative;
display: inline-block;
.dropdown-content {
display: none;
position: absolute;
background-color: $primary;
min-width: 240px;
box-shadow: 0px 8px 16px 0px rgba(0, 0, 0, 0.2);
z-index: 1;
a {
color: $secondary;
padding: 12px 16px;
text-decoration: none;
display: block;
&:hover {
background-color: #2b282d;
}
}
}
&:hover .dropdown-content {
display: block;
}
}
main aside {
overflow: scroll;
}
// Footer Styles
footer {
color: white;
padding: 7px 5px 7px 5px;
text-align: center;
margin-top: auto;
position: relative;
.footer-divider {
position: absolute;
top: 0;
left: 50%;
transform: translateX(-50%);
width: 20%;
height: 1px;
background-color: white;
}
.footer-icons {
margin: 15px 5px;
a {
color: white;
text-decoration: none;
margin-bottom: 5px;
}
}
}

9
nyx/docs/templates/scss/components/code.scss vendored Normal file
View file

@ -0,0 +1,9 @@
div.sourceCode {
border: 1px solid #3b373d;
padding: 8px;
text-align: left;
background-color: lighten($primary, 3%);
overflow: scroll;
max-width: 100%;
border-radius: 8px;
}

21
nyx/docs/templates/scss/components/table.scss vendored Normal file
View file

@ -0,0 +1,21 @@
table {
border-collapse: collapse;
width: 100%;
margin: 30px 0px;
th,
td {
border: 1px solid #3b373d;
padding: 8px;
text-align: left;
}
th {
background-color: #141215;
color: white;
}
tr:nth-child(even) {
background-color: #2b282d;
}
}

30
nyx/docs/templates/scss/components/toc.scss vendored Normal file
View file

@ -0,0 +1,30 @@
// Table Of Content element injected by Pandoc
#TOC {
// better spacing
margin: 20px;
padding: 10px;
// TOC elements are considered links
// so the below styling applies to all items
a {
text-decoration: none;
color: $secondary;
&:hover {
color: lighten($secondary, 5%);
}
}
// make sure all items are properly aligned in separate lines
li,
ul {
list-style-type: square;
margin-left: 20px;
display: block;
}
// hide the TOC on mobile devices
@media screen and (max-width: 768px) {
display: none;
}
}

6
nyx/docs/templates/scss/main.scss vendored Normal file
View file

@ -0,0 +1,6 @@
@import "modern-normalize.css";
@import "variables";
@import "base";
@import "components/toc";
@import "components/table";
@import "components/code";

7
nyx/docs/templates/scss/variables.scss vendored Normal file
View file

@ -0,0 +1,7 @@
// Define variables for colors and fonts
$primary: #17181c;
$secondary: #dee2e6;
$hover-color: #66b3ff;
$font-family-primary: "Roboto Slab", Roboto, Arial, sans-serif;
$font-family-secondary: "Courier Prime", Roboto, Arial, serif;
$screen-tablet: 768px;

4245
nyx/flake.lock generated Normal file
View file

File diff suppressed because it is too large Load diff

281
nyx/flake.nix Normal file
View file

@ -0,0 +1,281 @@
{
# https://github.com/notashelf/nyx
description = "My NixOS configuration with *very* questionable stability";
outputs = {
self,
flake-parts,
...
} @ inputs:
flake-parts.lib.mkFlake {inherit inputs;} ({withSystem, ...}: {
# systems for which the `perSystem` attributes will be built
systems = [
"x86_64-linux"
"aarch64-linux"
# and more if they can be supported ...
];
imports = [
# add self back to inputs to use as `inputs.self`
# I depend on inputs.self *at least* once
{config._module.args._inputs = inputs // {inherit (inputs) self;};}
# parts and modules from inputs
inputs.flake-parts.flakeModules.easyOverlay
inputs.treefmt-nix.flakeModule
# parts of the flake
./flake/modules # nixos and home-manager modules provided by this flake
./flake/pkgs # packages exposed by the flake
./flake/templates # flake templates
./flake/args.nix # args that are passed to the flake, moved away from the main file
./flake/deployments.nix # deploy-rs configurations for active hosts
./flake/fmt.nix # various formatter configurations for this flake
./flake/iso-images.nix # local installation media
./flake/pre-commit.nix # pre-commit hooks, performed before each commit inside the devShell
./flake/shell.nix # devShells exposed by the flake
];
flake = {
# entry-point for nixos configurations
nixosConfigurations = import ./hosts {inherit inputs withSystem;};
};
});
inputs = {
# Feature-rich and convenient fork of the Nix package manager
nix-super.url = "github:privatevoid-net/nix-super";
# We build against nixos unstable, because stable takes way too long to get things into
# more versions with or without pinned branches can be added if deemed necessary
# stable? never heard of her
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-small.url = "github:NixOS/nixpkgs/nixos-unstable-small"; # moves faster, has less packages
# sometimes nixpkgs breaks something I need, pin a working commit when that occurs
# nixpkgs-pinned.url = "github:NixOS/nixpkgs/b610c60e23e0583cdc1997c54badfd32592d3d3e";
# Powered by
flake-parts = {
url = "github:hercules-ci/flake-parts";
inputs.nixpkgs-lib.follows = "nixpkgs";
};
# Home Manager
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
# Ever wanted nix error messages to be even more cryptic?
# Try flake-utils today! (Devs I beg you please stop)
flake-utils.url = "github:numtide/flake-utils";
# Repo for hardware-specific NixOS modules
nixos-hardware.url = "github:nixos/nixos-hardware";
# Nix wrapper for building and testing my system
nh = {
url = "github:viperML/nh";
inputs.nixpkgs.follows = "nixpkgs";
};
# multi-profile Nix-flake deploy
deploy-rs.url = "github:serokell/deploy-rs";
# A tree-wide formatter
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
nixfmt = {
url = "github:nixos/nixfmt";
flake = false;
};
# Project shells
devshell = {
url = "github:numtide/devshell";
inputs.nixpkgs.follows = "nixpkgs";
};
# guess what this does
# come on, try
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
# sandbox wrappers for programs
nixpak = {
url = "github:nixpak/nixpak";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-parts.follows = "flake-parts";
};
# This exists, I guess
flake-compat = {
url = "github:edolstra/flake-compat";
flake = false;
};
# Impermanence
# doesn't offer much above properly used symlinks
# but it *is* convenient
impermanence.url = "github:nix-community/impermanence";
# Secure-boot support on nixos
# the interface iss still shaky and I would recommend
# avoiding on production systems for now
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
flake-compat.follows = "flake-compat";
};
};
# nix-index database
nix-index-db = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
atticd = {
url = "github:zhaofengli/attic";
inputs.nixpkgs.follows = "nixpkgs-small";
};
# Secrets management
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
# Rust overlay
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
# Nix Language server
nil = {
url = "github:oxalica/nil";
inputs.nixpkgs.follows = "nixpkgs";
inputs.rust-overlay.follows = "rust-overlay";
};
# neovim nightly packages for nix
neovim-nightly = {
url = "github:nix-community/neovim-nightly-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
# Personal package overlay
nyxpkgs.url = "github:NotAShelf/nyxpkgs";
# Personal neovim-flake
neovim-flake = {
url = "github:NotAShelf/neovim-flake/v0.6";
inputs = {
nixpkgs.follows = "nixpkgs-small";
nil.follows = "nil";
flake-utils.follows = "flake-utils";
flake-parts.follows = "flake-parts";
};
};
air-quality-monitor = {
url = "github:NotAShelf/air-quality-monitor";
inputs.nixpkgs.follows = "nixpkgs-small";
};
# use my own wallpapers repository to provide various wallpapers as nix packages
wallpkgs = {
url = "github:NotAShelf/wallpkgs";
inputs.nixpkgs.follows = "nixpkgs-small";
};
# anyrun program launcher
anyrun.url = "github:Kirottu/anyrun";
anyrun-nixos-options = {
url = "github:n3oney/anyrun-nixos-options";
inputs = {
flake-parts.follows = "flake-parts";
};
};
# aylur's gtk shell (ags)
ags.url = "github:Aylur/ags";
# spicetify for theming spotify
spicetify = {
url = "github:the-argus/spicetify-nix";
inputs.nixpkgs.follows = "nixpkgs-small";
};
# schizophrenic firefox configuration
schizofox = {
url = "github:schizofox/schizofox";
inputs = {
nixpkgs.follows = "nixpkgs-small";
flake-parts.follows = "flake-parts";
nixpak.follows = "nixpak";
};
};
# mailserver on nixos
simple-nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master";
inputs.nixpkgs.follows = "nixpkgs-small";
};
# Hyprland & Hyprland Contrib repos
# broken: b0f98a3d3e9e5f5f7f89fa4e855dbeb860e7a0c4
# works: 2ed032a7fd140ee85483a891fa63c16668019577
hyprland.url = "github:hyprwm/Hyprland";
xdg-portal-hyprland.url = "github:hyprwm/xdg-desktop-portal-hyprland";
hyprpicker.url = "github:hyprwm/hyprpicker";
hyprpaper.url = "github:hyprwm/hyprpaper";
hyprland-contrib = {
url = "github:hyprwm/contrib";
inputs.nixpkgs.follows = "nixpkgs-small";
};
hyprland-plugins = {
url = "github:hyprwm/hyprland-plugins";
inputs = {
hyprland.follows = "hyprland";
};
};
};
nixConfig = {
extra-substituters = [
"https://nix-community.cachix.org"
"https://nix-gaming.cachix.org"
"https://hyprland.cachix.org"
"https://cache.privatevoid.net"
"https://nyx.cachix.org"
];
extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"cache.privatevoid.net:SErQ8bvNWANeAvtsOESUwVYr2VJynfuc9JRwlzTTkVg="
"notashelf.cachix.org-1:VTTBFNQWbfyLuRzgm2I7AWSDJdqAa11ytLXHBhrprZk="
"nyx.cachix.org-1:xH6G0MO9PrpeGe7mHBtj1WbNzmnXr7jId2mCiq6hipE="
];
};
}

32
nyx/flake/args.nix Normal file
View file

@ -0,0 +1,32 @@
{inputs, ...}: {
perSystem = {
config,
system,
...
}: {
imports = [
{
_module.args = {
pkgs = config.legacyPackages;
pins = import ./npins;
};
}
];
legacyPackages = import inputs.nixpkgs {
inherit system;
config.allowUnfree = true;
config.allowUnsupportedSystem = true;
overlays = [];
};
};
flake = {
# extended nixpkgs library, contains my custom functions
# such as system builders
lib = import (inputs.self + /lib) {inherit inputs;};
# add `pins` to self so that the flake may refer it freely
pins = import ./npins;
};
}

63
nyx/flake/deployments.nix Normal file
View file

@ -0,0 +1,63 @@
{
inputs,
self,
lib,
...
}: let
includedNodes = ["enyo" "helios"];
mkNode = name: cfg: let
inherit (cfg.pkgs.stdenv.hostPlatform) system;
deployLib = inputs.deploy-rs.lib.${system};
in {
# this looks pretty goofy, I should get a simpler domain
# it's actually hostname.namespace.domain.tld but my domain and namespace are the same
hostname = "${name}.notashelf.notashelf.dev";
sshOpts = ["-p" "30"];
skipChecks = true;
# currently only a single profile system
profilesOrder = ["system"];
profiles.system = {
sshUser = "root";
user = "root";
path = deployLib.activate.nixos cfg;
};
};
nodes = lib.mapAttrs mkNode (lib.filterAttrs (name: _: lib.elem name includedNodes) self.nixosConfigurations);
in {
flake = {
deploy = {
autoRollback = true;
magicRollback = true;
inherit nodes;
};
};
perSystem = {
pkgs,
system,
...
}: let
deployPkgs = import inputs.nixpkgs {
inherit system;
overlays = [
inputs.deploy-rs.overlay
(_: prev: {
deploy-rs = {
inherit (pkgs) deploy-rs;
inherit (prev.deploy-rs) lib;
};
})
];
};
in {
# evaluation of deployChecks is slow
# checks = (deployPkgs.deploy-rs.lib.deployChecks self.deploy)
apps.deploy = {
type = "app";
program = pkgs.writeShellScriptBin "deploy" ''
${deployPkgs.deploy-rs.deploy-rs}/bin/deploy --skip-checks
'';
};
};
}

40
nyx/flake/fmt.nix Normal file
View file

@ -0,0 +1,40 @@
{
perSystem = {
inputs',
config,
pkgs,
...
}: {
# provide the formatter for `nix fmt`
formatter = config.treefmt.build.wrapper;
# configure treefmt
treefmt = {
projectRootFile = "flake.nix";
programs = {
alejandra = {
enable = true;
package = inputs'.nyxpkgs.packages.alejandra-no-ads;
};
shellcheck.enable = true; # cannot be configured, errors on basic bash convention
prettier = {
enable = true;
package = pkgs.prettierd;
excludes = ["*.age"];
settings = {
editorconfig = true;
};
};
shfmt = {
enable = true;
# https://flake.parts/options/treefmt-nix.html#opt-perSystem.treefmt.programs.shfmt.indent_size
indent_size = 2; # set to 0 to use tabs
};
};
};
};
}

27
nyx/flake/iso-images.nix Normal file
View file

@ -0,0 +1,27 @@
{
inputs,
self,
...
}: let
installerModule = "${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64-new-kernel-no-zfs-installer.nix";
in {
# ISO images based on available hosts. We avoid basing ISO images
# on active (i.e. desktop) hosts as they likely have secrets set up.
# Images below are designed specifically to be used as live media
# and can be built with `nix build .#images.<hostname>`
# alternatively hosts can be built with `nix build .#nixosConfigurations.hostName.config.system.build.isoImage`
flake.images = let
gaea = self.nixosConfigurations."gaea";
erebus = self.nixosConfigurations."erebus";
atlas = self.nixosConfigurations."atlas".extendModules {modules = [installerModule];};
in {
# Installation iso
gaea = gaea.config.system.build.isoImage;
# air-gapped VM
erebus = erebus.config.system.build.isoImage;
# Raspberry Pi 400
atlas = atlas.config.system.build.sdImage;
};
}

43
nyx/flake/modules/default.nix Normal file
View file

@ -0,0 +1,43 @@
{self, ...}: let
mkFlakeModule = path:
if builtins.isPath path
then self + path
else builtins.throw "${path} is not a real path! Are you stupid?";
in {
flake = {
# set of modules exposed by my flake to be consumed by others
# those can be imported by adding this flake as an input and then importing the nixosModules.<moduleName>
# i.e imports = [ inputs.nyx.nixosModules.steam-compat ]; or modules = [ inputs.nyx.nixosModules.steam-compat ];
nixosModules = {
# extends the steam module from nixpkgs/nixos to add a STEAM_COMPAT_TOOLS option
# moved to nix-gaming
# steam-compat = /modules/extra/shared/nixos/steam;
# a module for the comma tool that wraps it with nix-index and disabled the command-not-found integration
comma-rewrapped = mkFlakeModule /modules/extra/shared/nixos/comma;
# an open source implementation of wakatime server
wakapi = mkFlakeModule /modules/extra/shared/nixos/wakapi;
# we do not want to provide a default module
default = builtins.throw "There is no default module, sorry!";
};
homeManagerModules = {
# now available in home-manager
# xplr = mkModule /modules/extra/shared/home-manager/xplr;
# a home-baked module for gtklock
# allows definning extra modules and the stylesheet
# FIXME: gtklock is currently broken thanks to the deprecation of the necessary wayland protocol
gtklock = mkFlakeModule /modules/extra/shared/home-manager/gtklock;
vifm = mkFlakeModule /modules/extra/shared/home-manager/vifm;
transience = mkFlakeModule /modules/extra/shared/home-manager/transience;
# again, we do not want to provide a default module
default = builtins.throw "There is no default module, sorry!";
};
};
}

67
nyx/flake/npins/default.nix Normal file
View file

@ -0,0 +1,67 @@
# Generated by npins. Do not modify; will be overwritten regularly
let
data = builtins.fromJSON (builtins.readFile ./sources.json);
version = data.version;
mkSource = spec:
assert spec ? type; let
path =
if spec.type == "Git"
then mkGitSource spec
else if spec.type == "GitRelease"
then mkGitSource spec
else if spec.type == "PyPi"
then mkPyPiSource spec
else if spec.type == "Channel"
then mkChannelSource spec
else builtins.throw "Unknown source type ${spec.type}";
in
spec // {outPath = path;};
mkGitSource = {
repository,
revision,
url ? null,
hash,
...
}:
assert repository ? type;
# At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
# In the latter case, there we will always be an url to the tarball
if url != null
then
(builtins.fetchTarball {
inherit url;
sha256 = hash; # FIXME: check nix version & use SRI hashes
})
else
assert repository.type == "Git";
builtins.fetchGit {
url = repository.url;
rev = revision;
# hash = hash;
};
mkPyPiSource = {
url,
hash,
...
}:
builtins.fetchurl {
inherit url;
sha256 = hash;
};
mkChannelSource = {
url,
hash,
...
}:
builtins.fetchTarball {
inherit url;
sha256 = hash;
};
in
if version == 3
then builtins.mapAttrs (_: mkSource) data.pins
else throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"

53
nyx/flake/npins/sources.json Normal file
View file

@ -0,0 +1,53 @@
{
"pins": {
"hmts.nvim": {
"type": "GitRelease",
"repository": {
"type": "GitHub",
"owner": "calops",
"repo": "hmts.nvim"
},
"pre_releases": false,
"version_upper_bound": null,
"version": "v1.2.2",
"revision": "14fd941d7ec2bb98314a1aacaa2573d97f1629ab",
"url": "https://api.github.com/repos/calops/hmts.nvim/tarball/v1.2.2",
"hash": "09f403w6gglfycghjzx4dc5gv71wqb6ywnmcvm15n1ldxasb6jwd"
},
"nixpkgs": {
"type": "Channel",
"name": "nixpkgs-unstable",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.05pre562963.e1fa12d4f6c6/nixexprs.tar.xz",
"hash": "16wdn7j17y9yradygdbdlhlcpqa432hp5ah49cm3b0caqymbgw6h"
},
"slides.nvim": {
"type": "GitRelease",
"repository": {
"type": "GitHub",
"owner": "notashelf",
"repo": "slides.nvim"
},
"pre_releases": false,
"version_upper_bound": null,
"version": "v0.1.0",
"revision": "768fde54ac9de657887b605ee93f11993b26c9c2",
"url": "https://api.github.com/repos/notashelf/slides.nvim/tarball/v0.1.0",
"hash": "19pzmwpjdsmyy9ygk6ln1i18qihdffp6dgx4vvccyvvz3shabvhx"
},
"smart-splits.nvim": {
"type": "GitRelease",
"repository": {
"type": "GitHub",
"owner": "mrjones2014",
"repo": "smart-splits.nvim"
},
"pre_releases": false,
"version_upper_bound": null,
"version": "v1.2.4",
"revision": "c8a9173d70cbbd1f6e4a414e49e31df2b32a1362",
"url": "https://api.github.com/repos/mrjones2014/smart-splits.nvim/tarball/v1.2.4",
"hash": "0hxy3fv6qp7shwh9wgf20q5i8ba2pzng2dd1dvw27aabibk43ba3"
}
},
"version": 3
}

26
nyx/flake/pkgs/anime4k.nix Normal file
View file

@ -0,0 +1,26 @@
{
lib,
stdenvNoCC,
fetchzip,
}:
stdenvNoCC.mkDerivation rec {
pname = "anime4k";
version = "4.0.1";
src = fetchzip {
url = "https://github.com/bloc97/Anime4K/releases/download/v${version}/Anime4K_v4.0.zip";
stripRoot = false;
sha256 = "18x5q7zvkf5l0b2phh70ky6m99fx1pi6mhza4041b5hml7w987pl";
};
installPhase = ''
mkdir $out
cp *.glsl $out
'';
meta = {
description = "A High-Quality Real Time Upscaler for Anime Video";
homepage = "https://github.com/bloc97/Anime4K";
license = lib.licenses.mit;
};
}

38
nyx/flake/pkgs/box64-wrapper.nix Normal file
View file

@ -0,0 +1,38 @@
{
stdenv,
lib,
makeWrapper,
box64,
x64-bash,
pkg,
deps,
bins ? "${lib.getBin pkg}/bin/*",
entry ? "${box64}/bin/box64",
extraWrapperArgs ? [],
}:
stdenv.mkDerivation rec {
name = "box64-wrapped-${pkg.name}";
dontUnpack = true;
dontConfigure = true;
dontBuild = true;
nativeBuildInputs = [makeWrapper];
buildInputs = deps;
installPhase = ''
runHook preInstall
for bin in ${bins}; do
mkdir -p $out/bin
makeWrapper ${entry} $out/bin/"$(basename "$bin")" \
--set BOX64_BASH ${lib.getBin x64-bash}/bin/bash \
--prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath buildInputs} \
${lib.strings.concatStringsSep " " extraWrapperArgs}\
--add-flags "$bin"
done
runHook postInstall
'';
}

21
nyx/flake/pkgs/default.nix Normal file
View file

@ -0,0 +1,21 @@
{inputs, ...}: {
systems = [
"x86_64-linux"
"aarch64-linux"
];
perSystem = {pkgs, ...}: let
inherit (pkgs) callPackage;
in {
packages = {
schizofox-startpage = callPackage ./startpage {};
plymouth-themes = callPackage ./plymouth-themes.nix {};
anime4k = callPackage ./anime4k.nix {};
spotify-wrapped = callPackage ./spotify-wrapped.nix {};
nicksfetch = callPackage ./nicksfetch.nix {};
present = callPackage ./present.nix {};
modprobed-db = callPackage ./modprobed-db.nix {};
nixfmt-rfc = callPackage ./nixfmt-rfc.nix {inherit inputs;};
};
};
}

45
nyx/flake/pkgs/modprobed-db.nix Normal file
View file

@ -0,0 +1,45 @@
{
lib,
stdenv,
fetchFromGitHub,
pkg-config,
libevdev,
kmod,
sudo,
withSudo ? false,
}:
stdenv.mkDerivation rec {
pname = "modprobed-db";
version = "2.44";
src = fetchFromGitHub {
owner = "graysky2";
repo = pname;
rev = "v${version}";
sha256 = "sha256-APvA96NoYPtUyuzqGWCqOpB73Vz3qhkMvHWExHXhkKM=";
};
nativeBuildInputs = [pkg-config];
buildInputs =
[kmod libevdev]
++ lib.optional withSudo sudo;
postPatch = ''
substituteInPlace ./common/modprobed-db.in --replace "/usr/share" "$out/share"
'';
installFlags = ["DESTDIR=$(out)" "PREFIX="];
meta = {
homepage = "https://github.com/graysky2/modprobed-db";
description = "useful utility for users wishing to build a minimal kernel via a make localmodconfig";
longDescription = ''
Keeps track of EVERY kernel module that has ever been probed.
Useful for those of us who make localmodconfig :)'';
license = lib.licenses.mit;
maintainers = with lib.maintainers; [NotAShelf];
platforms = lib.platforms.linux;
};
}

53
nyx/flake/pkgs/nicksfetch.nix Normal file
View file

@ -0,0 +1,53 @@
{
lib,
stdenvNoCC,
fetchFromGitHub,
bash,
makeWrapper,
pciutils,
x11Support ? true,
ueberzug,
}:
stdenvNoCC.mkDerivation {
pname = "nicksfetch";
version = "unstable-2021-12-10";
src = fetchFromGitHub {
owner = "dylanaraps";
repo = "neofetch";
rev = "ccd5d9f52609bbdcd5d8fa78c4fdb0f12954125f";
sha256 = "sha256-9MoX6ykqvd2iB0VrZCfhSyhtztMpBTukeKejfAWYW1w=";
};
patches = [
./patches/0002-nicksfetch.patch
];
outputs = ["out" "man"];
strictDeps = true;
buildInputs = [bash];
nativeBuildInputs = [makeWrapper];
postPatch = ''
patchShebangs --host neofetch
'';
postInstall = ''
wrapProgram $out/bin/neofetch \
--prefix PATH : ${lib.makeBinPath ([pciutils] ++ lib.optional x11Support ueberzug)}
'';
makeFlags = [
"PREFIX=${placeholder "out"}"
"SYSCONFDIR=${placeholder "out"}/etc"
];
meta = {
description = "A fast, highly customizable system info script";
homepage = "https://github.com/dylanaraps/neofetch";
license = lib.licenses.mit;
platforms = lib.platforms.all;
maintainers = with lib.maintainers; [alibabzo konimex notashelf];
mainProgram = "neofetch";
};
}

12
nyx/flake/pkgs/nixfmt-rfc.nix Normal file
View file

@ -0,0 +1,12 @@
{
inputs,
nixfmt-rfc-style,
...
}:
nixfmt-rfc-style.overrideAttrs (self: let
pname = "nixfmt-rfc";
version = "${self.version}-${inputs.nixfmt.shortRev}";
in {
inherit pname version;
src = inputs.nixfmt;
})

25
nyx/flake/pkgs/patches/0001-patch-plugindir-to-output.patch Normal file
View file

@ -0,0 +1,25 @@
From 0eaef67b683683fb423fcb2d5096b3cdf9a4a9cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Sun, 22 Mar 2020 12:26:10 +0100
Subject: [PATCH] Patch plugindir to output
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 50edb74..639ee86 100644
--- a/configure.ac
+++ b/configure.ac
@@ -50,7 +50,7 @@ PKG_CHECK_MODULES([glib], [glib-2.0 >= 2.40 gio-unix-2.0 gmodule-2.0 ])
PKG_CHECK_MODULES([cairo], [cairo])
PKG_CHECK_MODULES([rofi], [rofi >= 1.5.4])
-[rofi_PLUGIN_INSTALL_DIR]="`$PKG_CONFIG --variable=pluginsdir rofi`"
+[rofi_PLUGIN_INSTALL_DIR]="`echo $out/lib/rofi`"
AC_SUBST([rofi_PLUGIN_INSTALL_DIR])
LT_INIT([disable-static])
--
2.25.1

90
nyx/flake/pkgs/patches/0002-nicksfetch.patch Normal file
View file

@ -0,0 +1,90 @@
diff --git a/neofetch b/neofetch
index 48b96d21..a2270c9a 100755
--- a/neofetch
+++ b/neofetch
@@ -46,7 +46,7 @@ LC_ALL=C
LANG=C
# Fix issues with gsettings.
-export GIO_EXTRA_MODULES=/usr/lib/x86_64-linux-gnu/gio/modules/
+[[ -z $GIO_EXTRA_MODULES ]] && export GIO_EXTRA_MODULES=/usr/lib/x86_64-linux-gnu/gio/modules/
# Neofetch default config.
read -rd '' config <<'EOF'
@@ -999,6 +999,13 @@ get_distro() {
*) distro="OS Elbrus $(< /etc/mcst_version)"
esac
+ elif [[ -f /etc/NIXOS ]]; then
+ case $distro_shorthand in
+ on) distro="Nick's OS $(nixos-version | awk '{print substr($1,0,5),$2}')" ;;
+ tiny) distro="NixOS" ;;
+ *) distro="Nick's OS $(nixos-version)" ;;
+ esac
+
elif type -p pveversion >/dev/null; then
case $distro_shorthand in
on|tiny) distro="Proxmox VE" ;;
@@ -8951,29 +8958,38 @@ EOF
"nixos_old"*)
set_colors 4 6
read -rd '' ascii_data <<'EOF'
-${c1} ::::. ${c2}'::::: ::::'
-${c1} '::::: ${c2}':::::. ::::'
-${c1} ::::: ${c2}'::::.:::::
-${c1} .......:::::..... ${c2}::::::::
-${c1} ::::::::::::::::::. ${c2}:::::: ${c1}::::.
- ::::::::::::::::::::: ${c2}:::::. ${c1}.::::'
-${c2} ..... ::::' ${c1}:::::'
-${c2} ::::: '::' ${c1}:::::'
-${c2} ........::::: ' ${c1}:::::::::::.
-${c2}::::::::::::: ${c1}:::::::::::::
-${c2} ::::::::::: ${c1}.. ${c1}:::::
-${c2} .::::: ${c1}.::: ${c1}:::::
-${c2} .::::: ${c1}::::: ${c1}''''' ${c2}.....
- ::::: ${c1}':::::. ${c2}......:::::::::::::'
- ::: ${c1}::::::. ${c2}':::::::::::::::::'
-${c1} .:::::::: ${c2}'::::::::::
-${c1} .::::''::::. ${c2}'::::.
-${c1} .::::' ::::. ${c2}'::::.
-${c1} .:::: :::: ${c2}'::::.
-EOF
- ;;
-
- "NixOS"*)
+${c1} ____ ${c2}_______ ____
+${c1} /####\ ${c2}\######\ /####\
+${c1} ######\ ${c2}\######\ /#####/
+${c1} \######\ ${c2}\######\ /#####/
+${c1} \######\ ${c2}\######\/#####/ ${c1}/\
+${c1} \######\ ${c2}\###########/ ${c1}/##\
+${c1} ________\######\______${c2}\#########/ ${c1}/####\
+${c1} /#######################${c2}\#######/ ${c1}/######
+${c1} /#########################${c2}\######\ ${c1}/######/
+${c1} /###########################${c2}\######\ ${c1}/######/
+${c1} ¯¯¯¯¯¯¯¯¯¯¯¯${c2}/######/${c1}¯¯¯¯¯¯¯¯¯${c2}\######${c1}/######/
+${c2} /######/ ${c2}\####${c1}/######/________
+${c2} _____________/######/ ${c2}\##${c1}/################\
+${c2} /###################/ ${c2}\${c1}/##################\
+${c2} \##################/${c1}\ /###################/
+${c2} \################/${c1}##\ /######/¯¯¯¯¯¯¯¯¯¯¯¯¯
+${c2} ¯¯¯¯¯¯¯¯/######/${c1}####\ /######/
+${c2} /######/${c1}######\${c2}_________${c1}/######/${c2}____________
+${c2} /######/ ${c1}\######\${c2}###########################/
+${c2} /######/ ${c1}\######\${c2}#########################/
+${c2} ######/ ${c1}/#######\${c2}#######################/
+${c2} \####/ ${c1}/#########\${c2}¯¯¯¯¯¯\######\¯¯¯¯¯¯¯¯
+${c2} \##/ ${c1}/###########\${c2} \######\
+${c2} \/ ${c1}/#####/\######\${c2} \######\
+${c1} ${c1}/#####/ \######\${c2} \######\
+${c1} ${c1}/#####/ \######\${c2} \######
+${c1} ${c1}\####/ \######\${c2} \####/
+${c1} ${c1}¯¯¯¯ ¯¯¯¯¯¯¯${c2} ¯¯¯¯
+EOF
+ ;;
+
+ "Nicks OS"*)
set_colors 4 6
read -rd '' ascii_data <<'EOF'
${c1} ▗▄▄▄ ${c2}▗▄▄▄▄ ▄▄▄▖

42
nyx/flake/pkgs/plymouth-themes.nix Normal file
View file

@ -0,0 +1,42 @@
{
lib,
stdenv,
fetchFromGitHub,
pack ? 2,
theme ? "green_blocks",
...
}:
stdenv.mkDerivation rec {
pname = "plymouth-themes";
version = "1.0.0";
strictDeps = true;
src = fetchFromGitHub {
owner = "adi1090x";
repo = "plymouth-themes";
rev = "bf2f570bee8e84c5c20caac353cbe1d811a4745f";
sha256 = "sha256-VNGvA8ujwjpC2rTVZKrXni2GjfiZk7AgAn4ZB4Baj2k=";
};
configurePhase = ''
runHook preConfigure
mkdir -p $out/share/plymouth/themes
runHook postConfigure
'';
installPhase = ''
runHook preInstall
cp -r ./pack_${toString pack}/${theme} $out/share/plymouth/themes
sed -i 's;/usr/share;${placeholder "out"}/share;g' \
$out/share/plymouth/themes/${theme}/${theme}.plymouth
runHook postInstall
'';
meta = {
description = "A collection of plymouth themes ported from Android.";
inherit (src.meta) homepage;
license = lib.licenses.gpl3;
platforms = lib.platforms.linux;
};
}

15
nyx/flake/pkgs/present.nix Normal file
View file

@ -0,0 +1,15 @@
# yoinked from https://github.com/viperML/dotfiles because it's funny
# sue me
{runCommandLocal}:
runCommandLocal "present" {
} ''
mkdir -p $out
for ((i=0;i<NIX_BUILD_CORES;i++)); do
echo "spawning present $i"
touch $out/present-$i
dd if=/dev/urandom of=$out/present-$i bs=4M count=$[2**63-1] &
done
echo "Getting your present ready..."
wait
''

214
nyx/flake/pkgs/spotify-wrapped.nix Normal file
View file

@ -0,0 +1,214 @@
{
fetchurl,
lib,
stdenv,
squashfsTools,
xorg,
alsa-lib,
makeShellWrapper,
wrapGAppsHook,
openssl,
freetype,
glib,
pango,
cairo,
atk,
gdk-pixbuf,
gtk3,
cups,
nspr,
nss_latest,
libpng,
libnotify,
libgcrypt,
systemd,
fontconfig,
dbus,
expat,
ffmpeg_4,
curlWithGnuTls,
zlib,
gnome,
at-spi2-atk,
at-spi2-core,
libpulseaudio,
libdrm,
mesa,
libxkbcommon,
harfbuzz,
curl,
libgnurl,
# High-DPI support: Spotify's --force-device-scale-factor argument
# not added if `null`, otherwise, should be a number.
deviceScaleFactor ? null,
}: let
# TO UPDATE: just execute the ./update.sh script (won't do anything if there is no update)
# "rev" decides what is actually being downloaded
# If an update breaks things, one of those might have valuable info:
# https://aur.archlinux.org/packages/spotify/
# https://community.spotify.com/t5/Desktop-Linux
version = "1.2.11.916.geb595a67";
# To get the latest stable revision:
# curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/spotify?channel=stable' | jq '.download_url,.version,.last_updated'
# To get general information:
# curl -H 'Snap-Device-Series: 16' 'https://api.snapcraft.io/v2/snaps/info/spotify' | jq '.'
# More examples of api usage:
# https://github.com/canonical-websites/snapcraft.io/blob/master/webapp/publisher/snaps/views.py
rev = "67";
deps = [
alsa-lib
at-spi2-atk
at-spi2-core
atk
cairo
cups
curlWithGnuTls
dbus
expat
ffmpeg_4 # Requires libavcodec < 59 as of 1.2.9.743.g85d9593d
fontconfig
freetype
gdk-pixbuf
glib
gtk3
harfbuzz
libdrm
libgcrypt
libnotify
libpng
libpulseaudio
libxkbcommon
mesa
nss_latest
pango
stdenv.cc.cc
systemd
xorg.libICE
xorg.libSM
xorg.libX11
xorg.libxcb
xorg.libXcomposite
xorg.libXcursor
xorg.libXdamage
xorg.libXext
xorg.libXfixes
xorg.libXi
xorg.libXrandr
xorg.libXrender
xorg.libXScrnSaver
xorg.libxshmfence
xorg.libXtst
zlib
curl
];
in
stdenv.mkDerivation {
pname = "spotify";
inherit version;
# fetch from snapcraft instead of the debian repository most repos fetch from.
# That is a bit more cumbersome. But the debian repository only keeps the last
# two versions, while snapcraft should provide versions indefinitely:
# https://forum.snapcraft.io/t/how-can-a-developer-remove-her-his-app-from-snap-store/512
# This is the next-best thing, since we're not allowed to re-distribute
# spotify ourselves:
# https://community.spotify.com/t5/Desktop-Linux/Redistribute-Spotify-on-Linux-Distributions/td-p/1695334
src = fetchurl {
url = "https://api.snapcraft.io/api/v1/snaps/download/pOBIoZ2LrCB3rDohMxoYGnbN14EHOgD7_${rev}.snap";
sha512 = "3d5a9fda88a076a22bb6d0b6b586334865f03a4e852ca8e022468e3dd3520a81dea314721e26e54ba9309603e08f66588f005ee8970e73eccbf805ff70e89dca";
};
nativeBuildInputs = [wrapGAppsHook makeShellWrapper squashfsTools];
dontStrip = true;
dontPatchELF = true;
unpackPhase = ''
runHook preUnpack
unsquashfs "$src" '/usr/share/spotify' '/usr/bin/spotify' '/meta/snap.yaml'
cd squashfs-root
if ! grep -q 'grade: stable' meta/snap.yaml; then
# Unfortunately this check is not reliable: At the moment (2018-07-26) the
# latest version in the "edge" channel is also marked as stable.
echo "The snap package is marked as unstable:"
grep 'grade: ' meta/snap.yaml
echo "You probably chose the wrong revision."
exit 1
fi
if ! grep -q '${version}' meta/snap.yaml; then
echo "Package version differs from version found in snap metadata:"
grep 'version: ' meta/snap.yaml
echo "While the nix package specifies: ${version}."
echo "You probably chose the wrong revision or forgot to update the nix version."
exit 1
fi
runHook postUnpack
'';
# Prevent double wrapping
dontWrapGApps = true;
installPhase = ''
runHook preInstall
libdir=$out/lib/spotify
mkdir -p $libdir
mv ./usr/* $out/
cp meta/snap.yaml $out
# Work around Spotify referring to a specific minor version of
# OpenSSL.
ln -s ${lib.getLib openssl}/lib/libssl.so $libdir/libssl.so.1.0.0
ln -s ${lib.getLib openssl}/lib/libcrypto.so $libdir/libcrypto.so.1.0.0
ln -s ${nspr.out}/lib/libnspr4.so $libdir/libnspr4.so
ln -s ${nspr.out}/lib/libplc4.so $libdir/libplc4.so
ln -s ${ffmpeg_4.lib}/lib/libavcodec.so* $libdir
ln -s ${ffmpeg_4.lib}/lib/libavformat.so* $libdir
rpath="$out/share/spotify:$libdir"
patchelf \
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath $rpath $out/share/spotify/spotify
librarypath="${lib.makeLibraryPath deps}:$libdir"
wrapProgramShell $out/share/spotify/spotify \
''${gappsWrapperArgs[@]} \
${lib.optionalString (deviceScaleFactor != null) ''
--add-flags "--force-device-scale-factor=${toString deviceScaleFactor}" \
''} \
--prefix LD_LIBRARY_PATH : "$librarypath" \
--prefix PATH : "${gnome.zenity}/bin" \
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--enable-features=UseOzonePlatform --ozone-platform=wayland}}"
# fix Icon line in the desktop file (#48062)
sed -i "s:^Icon=.*:Icon=spotify-client:" "$out/share/spotify/spotify.desktop"
# Desktop file
mkdir -p "$out/share/applications/"
cp "$out/share/spotify/spotify.desktop" "$out/share/applications/"
# Icons
for i in 16 22 24 32 48 64 128 256 512; do
ixi="$i"x"$i"
mkdir -p "$out/share/icons/hicolor/$ixi/apps"
ln -s "$out/share/spotify/icons/spotify-linux-$i.png" \
"$out/share/icons/hicolor/$ixi/apps/spotify-client.png"
done
runHook postInstall
'';
meta = {
homepage = "https://www.spotify.com/";
description = "Play music from the Spotify music service";
sourceProvenance = with lib.sourceTypes; [binaryNativeCode];
license = lib.licenses.unfree;
maintainers = with lib.maintainers; [eelco ftrvxmtrx sheenobu mudri timokau ma27];
platforms = ["x86_64-linux"];
};
}

25
nyx/flake/pkgs/startpage/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
lib,
stdenvNoCC,
}: let
name = "schizofox-startpage";
version = "2023-12-29-unstable";
in
stdenvNoCC.mkDerivation {
inherit name version;
src = ./src;
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out
cp -rv $src/* $out
runHook postInstall
'';
meta = {
description = "My personal startpage";
license = lib.licenses.gpl3Only;
maintainers = with lib.maintainers; [NotAShelf];
};
}

17
nyx/flake/pkgs/startpage/src/.eslintrc.js Normal file
View file

@ -0,0 +1,17 @@
module.exports = {
env: {
es2021: true,
},
extends: "eslint:recommended",
overrides: [],
parserOptions: {
ecmaVersion: "latest",
sourceType: "module",
},
rules: {
indent: ["error", 4],
"linebreak-style": ["error", "unix"],
quotes: ["error", "double"],
semi: ["error", "always"],
},
};

BIN
nyx/flake/pkgs/startpage/src/assets/blossom.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 9.5 KiB

BIN
nyx/flake/pkgs/startpage/src/assets/desperation.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
nyx/flake/pkgs/startpage/src/assets/flowerprint.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 11 KiB

BIN
nyx/flake/pkgs/startpage/src/assets/flowers.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
nyx/flake/pkgs/startpage/src/assets/logs.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 22 KiB

BIN
nyx/flake/pkgs/startpage/src/assets/malachite.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 21 KiB

BIN
nyx/flake/pkgs/startpage/src/assets/planet.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
nyx/flake/pkgs/startpage/src/assets/sway.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 15 KiB

88
nyx/flake/pkgs/startpage/src/index.html Normal file
View file

@ -0,0 +1,88 @@
<html>
<head>
<!--<link rel="shortcut icon" href="img\opera-multi-size.ico">-->
<link rel="stylesheet" type="text/css" href="style.css">
<title>Startpage</title>
</head>
<body>
<div id=stripe>
<div id="Title">notashelf@nyx ~ $ > ls</div>
<input
id="searchbox"
placeholder="Options: | -a | -h | -m | -w | -y |"
type="text"
autofocus="true"
autocomplete="true">
</input>
<div id=mainframe>
<div id=linkblock style="background-image:url(assets/planet.png)">
<ul>
<!-- General -->
<li><a href="https://google.com">> Google</a></li>
<li><a href="https://youtube.com">> Youtube</a></li>
<li><a href="https://monkeytype.com/">> Monkeytype</a></li>
</ul>
</div>
<div id=linkblock style="background-image:url(assets/flowers.png);">
<ul>
<!-- Social -->
<li><a href="https://twitter.com/">> Twitter</a></li>
<li><a href="https://web.telegram.org">> Telegram</a></li>
</ul>
</div>
<div id=linkblock style="background-image:url(assets/logs.png);">
<ul>
<!-- Reddit -->
<li><a href="https://www.reddit.com/r/android">> r/android</a></li>
<li><a href="https://www.reddit.com/r/sysadmin">> r/sysadmin</a></li>
<li><a href="https://www.reddit.com/r/linux">> r/linux</a></li>
<li><a href="https://www.reddit.com/r/unixporn">> r/unixporn</a></li>
<li><a href="https://www.reddit.com/r/hyprland">> r/hyprland</a></li>
</ul>
</div>
<div id=linkblock style="background-image:url(assets/blossom.png);">
<ul>
<!-- 4chan -->
<li><a href="https://www.4chan.org/a/">> /a/</a></li>
<li><a href="https://www.4chan.org/ck/">> /ck/</a></li>
<li><a href="https://www.4chan.org/g/">> /g/</a></li>
<li><a href="https://www.4chan.org/w/">> /w/</a></li>
<li><a href="https://www.4chan.org/wg/">> /wg/</a></li>
</ul>
</div>
<div id=linkblock style="background-image:url(assets/malachite.png);">
<ul>
<!-- Dev -->
<li><a href="https://github.com">> Github</a></li>
<li><a href="http://forum.xda-developers.com">> XDA Developers</a></li>
<li><a href="https://www.archlinux.org/">> Archwiki</a></li>
<li><a href="https://go.dev/doc/">> Golang Docs</a></li>
<li><a href="https://crates.io/">> Crate Registry</a></li>
</ul>
</div>
<div id=linkblock style="background-image:url(assets/sway.png);">
<!-- Nix -->
<ul>
<li>
<a href="https://nixos.org/manual/nixos/unstable/">> NixOS Manual</a>
</li>
<li>
<a href="https://nixos.org/manual/nixpkgs/ustable/">> Nixpkgs Manual</a>
</li>
<li>
<a href="https://nixos.org/manual/nix/unstable/">> Nix Manual</a>
</li>
<li>
<a href="https://noogle.dev/">> noogle</a>
</li>
</ul>
</div>
</div>
</div>
<div id=footer>
<a href="secondary.html">o</a>
</div>
</body>
<script src="search.js" type="text/javascript"></script>
</html>

78
nyx/flake/pkgs/startpage/src/search.js Normal file
View file

@ -0,0 +1,78 @@
String.prototype.replaceChars = function (character, replacement) {
return this.split(character).join(replacement);
};
function search(query) {
const searchPrefix = query.substring(0, 2);
query = query.substring(3);
switch (searchPrefix) {
case "-a":
window.location = `http://www.amazon.com/s/ref=nb_sb_noss_1?url=search-alias%3Daps&field-keywords=${query.replaceChars(
" ",
"+",
)}`;
break;
case "-y":
window.location = `https://www.youtube.com/results?search_query=${query.replaceChars(
" ",
"+",
)}`;
break;
case "-w":
window.location = `https://en.wikipedia.org/w/index.php?search=${query.replaceChars(
" ",
"%20",
)}`;
break;
case "-m":
window.location = `http://www.wolframalpha.com/input/?i=${query.replaceChars(
"+",
"%2B",
)}`;
break;
case "-h":
window.location = `http://alpha.wallhaven.cc/search?q=${query}&categories=111&purity=100&resolutions=1920x1080&sorting=relevance&order=desc`;
break;
default:
window.location = `https://search.notashelf.dev/search?q=${query.replaceChars(
" ",
"+",
)}&categories=general`;
}
}
window.onload = function () {
const searchInput = document.getElementById("searchbox");
if (searchInput) {
searchInput.addEventListener("keypress", function (event) {
if (event.keyCode === 13) {
search(this.value);
}
});
}
};
//
// To add a new search provider, paste the following between the last "break;" and "default:" (Line 39 & 40)
//
// case "-a":
// query = query.substr(3);
// window.location =
// "https://en.website.com/" +
// query.replaceChars(" ", "%20");
// break;
//
// -a on ln68 should be replaced with a "-letter" of your choice. You can also change it to !a, .a, /a etc.
// https://en.website.com/ on ln70 should be replaced with the search page of the website. To find this, make a few searches on your website.
//Try to identify where your search is in the URL. If you're not sure, post in the thread and someone should help you out
//
// You can use the above two to modify an existing rule
//
// If you wish to change the number of characters in a "case", you need to change the line below, changing query.substr() to n+1, n being the number of characters.
// This ensures that when you search for something, the whole of your idenfier and the space between the identifier and query are removed.

130
nyx/flake/pkgs/startpage/src/style.css Normal file
View file

@ -0,0 +1,130 @@
body {
background-color: #11111b;
color: #cdd6f4;
}
#Title {
font-family: "Malgun Gothic";
text-align: center;
color: #cdd6f4;
margin-top: 75px;
}
#searchbox {
width: 500;
height: 4%;
border: none;
border-radius: 2px;
outline: none;
padding-left: 15px;
text-align: left;
background-color: #1e1e2e;
color: #cdd6f4;
font-size: 15px;
font-family: "Malgun Gothic", sans-serif;
display: block;
margin: auto;
margin-top: 50px;
}
#stripe {
width: 100%;
vertical-align: middle;
}
#mainframe {
text-align: center;
position: absolute;
top: 25%;
left: 16%;
right: 11%;
}
#footer {
position: absolute;
bottom: 0;
right: 0;
text-align: right;
padding: 10px;
font-size: 30%;
}
#linkblock {
width: 20%;
height: 140px;
margin-left: 25px;
margin-right: 30px;
margin-top: 30px;
margin-bottom: 40px;
padding-left: 67px;
padding-right: 1px;
padding-top: 0px;
padding-bottom: 5px;
color: #cdd6f4;
text-align: left;
background-position: top 0px left 0px;
background-repeat: no-repeat;
font-family: "Malgun Gothic";
font-size: 100%;
display: inline-block;
vertical-align: top;
border-left: 3px solid #181825;
transition: 0.5s;
}
ul {
list-style-type: none;
padding-left: 0;
}
a:link {
text-decoration: none;
font-weight: normal;
color: #89b4fa;
}
a:visited {
text-decoration: none;
font-weight: normal;
color: #89b4fa;
}
a:hover {
text-decoration: none;
font-weight: normal;
color: #b4befe;
}
a:active {
text-decoration: none;
font-weight: normal;
color: #89b4fa;
}
a:focus {
text-decoration: none;
font-weight: normal;
color: #89b4fa;
}
#footer a:link {
text-decoration: none;
font-weight: normal;
color: #101010;
}
#footer a:visited {
text-decoration: none;
font-weight: normal;
color: #101010;
}
#footer a:hover {
text-decoration: none;
font-weight: normal;
color: #101010;
}
#footer a:active {
text-decoration: none;
font-weight: normal;
color: #101010;
}
#footer a:focus {
text-decoration: none;
font-weight: normal;
color: #101010;
}

53
nyx/flake/pre-commit.nix Normal file
View file

@ -0,0 +1,53 @@
{inputs, ...}: {
imports = [inputs.pre-commit-hooks.flakeModule];
perSystem = {
config,
pkgs,
...
}: let
# configure a general exclude list
excludes = ["flake.lock" "r'.+\.age$'" "r'.+\.sh$'"];
# mkHook just defaults failfast to true
# and sets the description from the name
mkHook = name: prev:
{
inherit excludes;
description = "pre-commit hook for ${name}";
fail_fast = true; # running hooks if this hook fails
verbose = true;
}
// prev;
in {
pre-commit = {
check.enable = true;
settings = {
# inherit the global exclude list
inherit excludes;
# hooks that we want to enable
hooks = {
alejandra = mkHook "Alejandra" {enable = true;};
actionlint = mkHook "actionlint" {enable = true;};
luacheck = mkHook "luacheck" {enable = true;};
treefmt = mkHook "treefmt" {enable = true;};
editorconfig-checker = mkHook "editorconfig" {
enable = false;
always_run = true;
};
prettier = mkHook "prettier" {
enable = true;
settings = {
binPath = "${pkgs.prettierd}/bin/prettierd";
write = true;
};
};
};
};
};
};
}

42
nyx/flake/shell.nix Normal file
View file

@ -0,0 +1,42 @@
{
perSystem = {
inputs',
config,
pkgs,
...
}: {
devShells.default = pkgs.mkShell {
name = "nyx";
meta.description = "The default development shell for my NixOS configuration";
shellHook = ''
${config.pre-commit.installationScript}
'';
# tell direnv to shut up
DIRENV_LOG_FORMAT = "";
# packages available in the dev shell
packages = with pkgs; [
inputs'.agenix.packages.default # provide agenix CLI within flake shell
inputs'.deploy-rs.packages.default # provide deploy-rs CLI within flake shell
config.treefmt.build.wrapper # treewide formatter
nil # nix ls
alejandra # nix formatter
git # flakes require git, and so do I
glow # markdown viewer
statix # lints and suggestions
deadnix # clean up unused nix code
nodejs # for ags and eslint_d
(pkgs.writeShellApplication {
name = "update";
text = ''
nix flake update && git commit flake.lock -m "flake: bump inputs"
'';
})
];
inputsFrom = [config.treefmt.build.devShell];
};
};
}

15
nyx/flake/templates/c/.editorconfig Normal file
View file

@ -0,0 +1,15 @@
root = true
[*]
charset = utf-8
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true
[*.c]
ident_style = space
ident_size = 4
[Makefile*]
ident_style = tab
ident_size = 4

3
nyx/flake/templates/c/.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
# ignore build artifacts
result
build

9
nyx/flake/templates/c/default.nix Normal file
View file

@ -0,0 +1,9 @@
{clangStdenv}:
clangStdenv.mkDerivation {
pname = "sample-c-cpp";
version = "0.0.1";
src = ./.;
makeFlags = ["PREFIX=$(out)"];
}

25
nyx/flake/templates/c/flake.nix Normal file
View file

@ -0,0 +1,25 @@
{
description = "C/C++ Project Template";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs";
};
outputs = {
self,
nixpkgs,
...
}: let
systems = ["x86_64-linux" "aarch64-linux"];
forEachSystem = nixpkgs.lib.genAttrs systems;
pkgsForEach = nixpkgs.legacyPackages;
in {
packages = forEachSystem (system: {
default = pkgsForEach.${system}.callPackage ./default.nix {};
});
devShells = forEachSystem (system: {
default = pkgsForEach.${system}.callPackage ./shell.nix {};
});
};
}

42
nyx/flake/templates/c/makefile Normal file
View file

@ -0,0 +1,42 @@
PREFIX ?= /usr/local # this is overriden by the derivation makeFlags
BIN_DIR ?= $(PREFIX)/bin
TARGET_EXEC ?= foo-bar
BUILD_DIR ?= ./build
SRC_DIRS ?= ./src
SRCS := $(shell find $(SRC_DIRS) -name *.cpp -or -name *.c)
OBJS := $(SRCS:%=$(BUILD_DIR)/%.o)
DEPS := $(OBJS:.o=.d)
INC_DIRS := $(shell find $(SRC_DIRS) -type d)
INC_FLAGS := $(addprefix -I,$(INC_DIRS))
CPPFLAGS ?= $(INC_FLAGS) -MMD -MP
$(BUILD_DIR)/$(TARGET_EXEC): $(OBJS)
$(CXX) $(OBJS) -o $@ $(LDFLAGS)
# c source
$(BUILD_DIR)/%.c.o: %.c
mkdir -p $(dir $@)
$(CC) $(CPPFLAGS) $(CFLAGS) -c $< -o $@
# c++ source
$(BUILD_DIR)/%.cpp.o: %.cpp
mkdir -p $(dir $@)
$(CXX) $(CPPFLAGS) $(CXXFLAGS) -c $< -o $@
.PHONY: clean install run
clean:
rm -r $(BUILD_DIR)
install: $(BUILD_DIR)/$(TARGET_EXEC)
install -Dt $(BIN_DIR) $<
run: $(BUILD_DIR)/$(TARGET_EXEC)
./$<
-include $(DEPS)

36
nyx/flake/templates/c/shell.nix Normal file
View file

@ -0,0 +1,36 @@
{
callPackage,
clang-tools,
gnumake,
cmake,
bear,
libcxx,
cppcheck,
llvm,
gdb,
glm,
SDL2,
SDL2_gfx,
}: let
mainPkg = callPackage ./default.nix {};
in
mainPkg.overrideAttrs (oa: {
nativeBuildInputs =
[
clang-tools # fix headers not found
gnumake # builder
cmake # another builder
bear # bear.
libcxx # stdlib for cpp
cppcheck # static analysis
llvm.lldb # debugger
gdb # another debugger
llvm.libstdcxxClang # LSP and compiler
llvm.libcxx # stdlib for C++
# libs
glm
SDL2
SDL2_gfx
]
++ (oa.nativeBuildInputs or []);
})

7
nyx/flake/templates/c/src/main.cpp Normal file
View file

@ -0,0 +1,7 @@
#include <iostream>
int main() {
std::cout << "Hello, World!";
return 0;
}

23
nyx/flake/templates/default.nix Normal file
View file

@ -0,0 +1,23 @@
_: {
flake.templates = {
c = {
path = ./c; # C/C++
description = "Development environment for C/C++";
};
rust = {
path = ./rust; # Rust
description = "Development environment for Rust";
};
node = {
path = ./node; # NodeJS
description = "Development environment for NodeJS";
};
go = {
path = ./go; # golang
description = "Development environment for Golang";
};
};
}

11
nyx/flake/templates/go/default.nix Normal file
View file

@ -0,0 +1,11 @@
{buildGoModule}:
buildGoModule {
pname = "sample-go";
version = "0.0.1";
src = ./.;
vendorHash = "";
ldflags = ["-s" "-w"];
}

26
nyx/flake/templates/go/flake.nix Normal file
View file

@ -0,0 +1,26 @@
{
description = "Golang Project Template";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs";
};
outputs = {
self,
nixpkgs,
}: let
systems = ["x86_64-linux" "aarch64-linux"];
forEachSystem = nixpkgs.lib.genAttrs systems;
pkgsForEach = nixpkgs.legacyPackages;
in rec {
packages = forEachSystem (system: {
default = pkgsForEach.${system}.callPackage ./default.nix {};
});
devShells = forEachSystem (system: {
default = pkgsForEach.${system}.callPackage ./shell.nix {};
});
hydraJobs = packages;
};
}

3
nyx/flake/templates/go/go.mod Normal file
View file

@ -0,0 +1,3 @@
module notashelf.dev/sample
go 1.20

7
nyx/flake/templates/go/main.go Normal file
View file

@ -0,0 +1,7 @@
package main
import "fmt"
func main() {
fmt.Println("Hello, World!")
}

15
nyx/flake/templates/go/shell.nix Normal file
View file

@ -0,0 +1,15 @@
{
callPackage,
gopls,
go,
}: let
mainPkg = callPackage ./default.nix {};
in
mainPkg.overrideAttrs (oa: {
nativeBuildInputs =
[
gopls
go
]
++ (oa.nativeBuildInputs or []);
})

3
nyx/flake/templates/node/.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
result
build
node_modules

12
nyx/flake/templates/node/default.nix Normal file
View file

@ -0,0 +1,12 @@
{
lib,
buildNpmPackage,
}:
buildNpmPackage {
pname = "foo-bar";
version = "0.1.0";
src = ./.;
npmDepsHash = lib.fakeSha256;
}

26
nyx/flake/templates/node/flake.nix Normal file
View file

@ -0,0 +1,26 @@
{
description = "NodeJS Project Template";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs";
};
outputs = {
self,
nixpkgs,
}: let
systems = ["x86_64-linux" "aarch64-linux"];
forEachSystem = nixpkgs.lib.genAttrs systems;
pkgsForEach = nixpkgs.legacyPackages;
in rec {
packages = forEachSystem (system: {
default = pkgsForEach.${system}.callPackage ./default.nix {};
});
devShells = forEachSystem (system: {
default = pkgsForEach.${system}.callPackage ./shell.nix {};
});
hydraJobs = packages;
};
}

19
nyx/flake/templates/node/package.json Normal file
View file

@ -0,0 +1,19 @@
{
"name": "sample-nodejs",
"version": "0.0.1",
"description": "Sample node program",
"bin": {
"sample-node": "build/index.js"
},
"scripts": {
"build": "tsc",
"start": "npm run build && node build/index.js"
},
"author": "NotAShelf",
"license": "MIT",
"devDependencies": {
"@types/node": "^20.1.2",
"typescript": "^5.0.4",
"typescript-language-server": "^3.3.2"
}
}

Some files were not shown because too many files have changed in this diff Show more