From fce64637c203d42aeb0945e3a1e5159091906053 Mon Sep 17 00:00:00 2001 From: Charlie Root Date: Fri, 20 Sep 2024 15:45:44 +0200 Subject: [PATCH] huge progress dump, impermanence --- flake.lock | 76 +++++++++--------- hosts/temperance/configuration.nix | 3 +- hosts/temperance/default.nix | 1 + hosts/temperance/filesystem/default.nix | 35 +++++++++ hosts/temperance/programs.nix | 3 +- modules/programs/editors/emacs/module.nix | 2 +- modules/programs/editors/helix/module.nix | 4 +- modules/services/module.nix | 1 - modules/services/vpn.nix | 12 --- modules/system/hardware/bluetooth.nix | 1 + modules/system/nix/module.nix | 3 +- modules/system/os/impermanence/module.nix | 90 +++++++++++++++++----- parts/pkgs/extraPackages/nushell/config.nu | 11 +++ 13 files changed, 161 insertions(+), 81 deletions(-) create mode 100644 hosts/temperance/filesystem/default.nix delete mode 100644 modules/services/vpn.nix diff --git a/flake.lock b/flake.lock index 2cee0e7..9bb4c2a 100644 --- a/flake.lock +++ b/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1725753098, - "narHash": "sha256-/NO/h/qD/eJXAQr/fHA4mdDgYsNT9thHQ+oT6KPi2ac=", + "lastModified": 1726665257, + "narHash": "sha256-rEzEZtd3iyVo5RJ1OGujOlnywNf3gsrOnjAn1NLciD4=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "e4a13203112a036fc7f437d391c7810f3dd5ab52", + "rev": "752d0fbd141fabb5a1e7f865199b80e6e76f8d8e", "type": "github" }, "original": { @@ -83,11 +83,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1726420326, - "narHash": "sha256-LzYMStC49yhT4rKyG3oA+/rqip0JsEPCPD0AZlWZqcA=", + "lastModified": 1726765163, + "narHash": "sha256-5aX2+iWFzH9b4yVSGMk2w/tDI0c/cn8f1xW6/kurtPo=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "8da0dcb09e0f890d2a9fbc8c6bb947c6867a5b5f", + "rev": "a1ca2766ae9535f16bcac91f7001d24a6837178b", "type": "github" }, "original": { @@ -208,11 +208,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -313,11 +313,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1726394915, - "narHash": "sha256-guDSphIBbkUGI9LQDAls4PUDDJFl9URC0EAUKb+sjks=", + "lastModified": 1726708551, + "narHash": "sha256-2mFUjYNMPftdhR8DNCCsrV6edCOx/bTzlEE3w9gmK8Q=", "owner": "helix-editor", "repo": "helix", - "rev": "5ce77de0dc7106c6f1460d80a3c5a51eaea3108c", + "rev": "9f93de5a4b2b52a1a153f4ea5eacfc1a63600496", "type": "github" }, "original": { @@ -360,11 +360,11 @@ ] }, "locked": { - "lastModified": 1726357542, - "narHash": "sha256-p4OrJL2weh0TRtaeu1fmNYP6+TOp/W2qdaIJxxQay4c=", + "lastModified": 1726764199, + "narHash": "sha256-aiw08ZK7PBVwnOglT0rk+VI3ZqPgbFlOWP7SCFb8sHA=", "owner": "nix-community", "repo": "home-manager", - "rev": "e524c57b1fa55d6ca9d8354c6ce1e538d2a1f47f", + "rev": "1f7b8188a9c9c5ba32f9a8351c55f42ecc22b77c", "type": "github" }, "original": { @@ -435,11 +435,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1726421106, - "narHash": "sha256-pVqU8PBLVwJntSRd7BbhddSeeT/UWpARDO50zJSLnP4=", + "lastModified": 1726761214, + "narHash": "sha256-xaecVNHaxiAXDCUFZzDLMP3jbxpBjQTqT4Bku2z5vGA=", "ref": "refs/heads/main", - "rev": "e87758529e9d2dc70f318346c66a9d895d4503ce", - "revCount": 5223, + "rev": "9856378384539e35cd943604e6a4d696a9d25447", + "revCount": 5240, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -788,11 +788,11 @@ "zig": "zig" }, "locked": { - "lastModified": 1726250048, - "narHash": "sha256-2Lef4s1k5xBlmJ3ZFy2qS3S00j6oDl8ZXzSaSuAX22k=", + "lastModified": 1726482513, + "narHash": "sha256-vc8YmzpybRaffbYMBCdCZTJrneyF3ko7D5MPNpAxz2A=", "owner": "notashelf", "repo": "nvf", - "rev": "eb037b7bff62171004e9276d4efb9be7e7ce9d8e", + "rev": "cb7ff874e2199ba8a4f87cbaa39bdff0d4d28484", "type": "github" }, "original": { @@ -870,11 +870,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1726243404, - "narHash": "sha256-sjiGsMh+1cWXb53Tecsm4skyFNag33GPbVgCdfj3n9I=", + "lastModified": 1726463316, + "narHash": "sha256-gI9kkaH0ZjakJOKrdjaI/VbaMEo9qBbSUl93DnU7f4c=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "345c263f2f53a3710abe117f28a5cb86d0ba4059", + "rev": "99dc8785f6a0adac95f5e2ab05cc2e1bf666d172", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1726320982, - "narHash": "sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw=", + "lastModified": 1726447378, + "narHash": "sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f7492cce28977fbf8bd12c72af08b1f6c7c3e49", + "rev": "086b448a5d54fd117f4dc2dee55c9f0ff461bdc1", "type": "github" }, "original": { @@ -1008,11 +1008,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1726243404, - "narHash": "sha256-sjiGsMh+1cWXb53Tecsm4skyFNag33GPbVgCdfj3n9I=", + "lastModified": 1726463316, + "narHash": "sha256-gI9kkaH0ZjakJOKrdjaI/VbaMEo9qBbSUl93DnU7f4c=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "345c263f2f53a3710abe117f28a5cb86d0ba4059", + "rev": "99dc8785f6a0adac95f5e2ab05cc2e1bf666d172", "type": "github" }, "original": { @@ -1024,16 +1024,16 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1725103162, - "narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=", + "lastModified": 1726481836, + "narHash": "sha256-MWTBH4dd5zIz2iatDb8IkqSjIeFum9jAqkFxgHLdzO4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b", + "rev": "20f9370d5f588fb8c72e844c54511cab054b5f40", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -2941,11 +2941,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1725271838, - "narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=", + "lastModified": 1726734507, + "narHash": "sha256-VUH5O5AcOSxb0uL/m34dDkxFKP6WLQ6y4I1B4+N3L2w=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd", + "rev": "ee41a466c2255a3abe6bc50fc6be927cdee57a9f", "type": "github" }, "original": { diff --git a/hosts/temperance/configuration.nix b/hosts/temperance/configuration.nix index b32535b..4abefeb 100644 --- a/hosts/temperance/configuration.nix +++ b/hosts/temperance/configuration.nix @@ -73,8 +73,7 @@ other = { system = { hostname = "temperance"; - username = "vali"; - gitPath = "/home/vali/projects/nichts"; + username = "cr"; }; home-manager = { diff --git a/hosts/temperance/default.nix b/hosts/temperance/default.nix index 0312dc8..72cb011 100644 --- a/hosts/temperance/default.nix +++ b/hosts/temperance/default.nix @@ -4,5 +4,6 @@ _: { ./programs.nix ./hardware-configuration.nix ./hardware + ./filesystem ]; } diff --git a/hosts/temperance/filesystem/default.nix b/hosts/temperance/filesystem/default.nix new file mode 100644 index 0000000..cab5dfb --- /dev/null +++ b/hosts/temperance/filesystem/default.nix @@ -0,0 +1,35 @@ +{ + config = { + fileSystems = { + "/boot" = { + device = ""; + fsType = "vfat"; + }; + # root on tmpfs + "/" = { + device = "none"; + fsType = "tmpfs"; + options = ["defaults" "size=25%" "mode=755"]; + }; + "/nix" = { + device = ""; + fsType = "btrfs"; + options = ["subvol=nix" "compress=zstd" "noatime"]; + }; + "/persist" = { + device = ""; + neededForBoot = true; + fsType = "btrfs"; + options = ["subvol=persist" "compress=zstd" "noatime"]; + }; + "/home" = { + device = ""; + fsType = "btrfs"; + options = ["subvol=home" "compress=zstd" "noatime"]; + }; + }; + swapDevices = [ + {device = "";} + ]; + }; +} diff --git a/hosts/temperance/programs.nix b/hosts/temperance/programs.nix index e0d56bc..734f690 100644 --- a/hosts/temperance/programs.nix +++ b/hosts/temperance/programs.nix @@ -3,8 +3,6 @@ alsa-utils asciinema blueman - bluetuith - bluez cachix calc calibre @@ -55,6 +53,7 @@ polkit prismlauncher pulsemixer + pavucontrol python3 qbittorrent r2modman diff --git a/modules/programs/editors/emacs/module.nix b/modules/programs/editors/emacs/module.nix index d847a26..b076f47 100644 --- a/modules/programs/editors/emacs/module.nix +++ b/modules/programs/editors/emacs/module.nix @@ -32,7 +32,7 @@ in { ]; services.emacs = { - enable = false; + enable = true; package = custom-emacs; }; }; diff --git a/modules/programs/editors/helix/module.nix b/modules/programs/editors/helix/module.nix index 63d9071..9ec3ae9 100644 --- a/modules/programs/editors/helix/module.nix +++ b/modules/programs/editors/helix/module.nix @@ -7,7 +7,7 @@ }: let cfg = config.modules.system.programs.editors.helix; inherit (config.modules.other.system) username; - inherit (lib) mkIf; + inherit (lib) mkIf getExe; in { imports = [./languages.nix]; config = mkIf cfg.enable { @@ -39,7 +39,7 @@ in { }; }; keys.normal = { - C-g = [":new" ":insert-output ${pkgs.gitui}" ":buffer-close!" ":redraw"]; + C-g = [":new" ":insert-output ${getExe pkgs.lazygit}" ":buffer-close!" ":redraw"]; esc = ["collapse_selection" "keep_primary_selection"]; A-H = "goto_previous_buffer"; A-L = "goto_next_buffer"; diff --git a/modules/services/module.nix b/modules/services/module.nix index 2be32dc..3539de5 100644 --- a/modules/services/module.nix +++ b/modules/services/module.nix @@ -7,6 +7,5 @@ _: { ./dunst.nix ./mpd.nix ./firewall.nix - ./vpn.nix ]; } diff --git a/modules/services/vpn.nix b/modules/services/vpn.nix deleted file mode 100644 index 91353b7..0000000 --- a/modules/services/vpn.nix +++ /dev/null @@ -1,12 +0,0 @@ -{pkgs, ...}: { - services.openvpn.servers = { - # air = { - # config = '' - # config /home/vali/Documents/AirVPN_Netherlands_UDP-443-Entry3.ovpn - # script-security 2 - # up ${pkgs.update-systemd-resolved}/libexec/openvpn/update-systemd-resolved - # down ${pkgs.update-systemd-resolved}/libexec/openvpn/update-systemd-resolved - # ''; - # }; - }; -} diff --git a/modules/system/hardware/bluetooth.nix b/modules/system/hardware/bluetooth.nix index 3fb0a6c..1596a67 100644 --- a/modules/system/hardware/bluetooth.nix +++ b/modules/system/hardware/bluetooth.nix @@ -16,6 +16,7 @@ in { home-manager.users.${username}.home.packages = with pkgs; [ bluetuith + bluez ]; }; } diff --git a/modules/system/nix/module.nix b/modules/system/nix/module.nix index 44904f4..27cf814 100644 --- a/modules/system/nix/module.nix +++ b/modules/system/nix/module.nix @@ -125,8 +125,7 @@ "https://cache.nixos.org" # funny binary cache "https://nix-community.cachix.org" # nix-community cache "https://hyprland.cachix.org" # hyprland - "https://nixpkgs-unfree.cachix.org" # unfree-package cache - "https://neovim-flake.cachix.org" # a cache for nvf + # "https://nixpkgs-unfree.cachix.org" # unfree-package cache "https://helix.cachix.org" # a chache for helix ]; diff --git a/modules/system/os/impermanence/module.nix b/modules/system/os/impermanence/module.nix index 2044b42..edfbef6 100644 --- a/modules/system/os/impermanence/module.nix +++ b/modules/system/os/impermanence/module.nix @@ -4,29 +4,77 @@ lib, ... }: let - inherit (lib) optionalString mkIf mkForce; + inherit (lib) mkForce; + inherit (builtins) map; cfg = config.modules.system.impermanence; in { - # config = mkIf false { - # imports = [ - # inputs.impermanence.nixosModules.impermanence - # ]; - # environment.persistence."/persist" = { - # directories = [ - # "/etc/nixos" - # "/etc/nix" - # "/etc/NetworkManager/system-connections" - # "/var/db/sudo" - # "/var/lib/bluetooth" - # "/var/lib/nixos" - # "/var/lib/pipewire" - # "/var/lib/systemd/coredump" - # ]; + imports = [ + inputs.impermanence.nixosModules.impermanence + ]; + users = { + mutableUsers = true; + # users = { + # cr = { + # initialHashedPassword = ""; + # hashedPasswordFile = "/persist/passwords/cr"; + # }; + # root.hashedPasswordFile = "/persist/passwords/root"; + # }; + }; - # files = [ - # "/etc/machine-id" - # ]; - # }; - # }; + environment.persistence."/persist" = { + directories = [ + "/etc/nixos" + "/etc/nix" + "/etc/NetworkManager/system-connections" + "/var/db/sudo" + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/pipewire" + "/var/lib/systemd/coredump" + ]; + + files = [ + "/etc/machine-id" + ]; + users.cr = { + directories = + [ + "cloud" + "repos" + ".config/nicotine" + ] + ++ map ( + dir: ".config/${dir}" + ) ["nicotine" "Signal"] + ++ map ( + dir: ".cache/${dir}" + ) ["tealdeer" "keepassxc" "nix" "starship" "nix-index" "mozilla" "zsh" "nvim"] + ++ map ( + dir: ".local/share/${dir}" + ) ["direnv" "TelegramDesktop" "PrismLauncher" "nicotine" "zoxide"]; + }; + }; + + # for some reason *this* is what makes networkmanager not get screwed completely instead of the impermanence module + systemd.tmpfiles.rules = [ + "L /var/lib/NetworkManager/secret_key - - - - /persist/var/lib/NetworkManager/secret_key" + "L /var/lib/NetworkManager/seen-bssids - - - - /persist/var/lib/NetworkManager/seen-bssids" + "L /var/lib/NetworkManager/timestamps - - - - /persist/var/lib/NetworkManager/timestamps" + ]; + + # services.openssh.hostKeys = mkForce [ + # { + # bits = 4096; + # path = "/persist/etc/ssh/ssh_host_rsa_key"; + # type = "rsa"; + # } + # { + # bits = 4096; + # path = "/persist/etc/ssh/ssh_host_ed25519_key"; + # type = "ed25519"; + # } + # ]; } diff --git a/parts/pkgs/extraPackages/nushell/config.nu b/parts/pkgs/extraPackages/nushell/config.nu index f6f624d..ed3def4 100644 --- a/parts/pkgs/extraPackages/nushell/config.nu +++ b/parts/pkgs/extraPackages/nushell/config.nu @@ -1,6 +1,17 @@ let starship_installed = not (which starship | is-empty) +let direnv_installed = not (which direnv | is-empty) + $env.config = { show_banner: false + + + hooks: { + pre_prompt: [{ || + if $direnv_installed { + direnv export json | from json | default {} | load-env + } else { return } + }] + } }