/nix/store/dlwqlnbaj5vfm9aw20r1yxk8y56lmgif-repo/header.tmpl

Compare commits

base: faukah:274c91a8f731732f13c44cd6e52511389bad67b9
Branches Tags
faukah:main
faukah:website
..
compare: faukah:fcb417144ff18c66c6d673e3352feab8e2269594
Branches Tags
faukah:main
faukah:website

No commits in common. "274c91a8f731732f13c44cd6e52511389bad67b9" and "fcb417144ff18c66c6d673e3352feab8e2269594" have entirely different histories.
274c91a8f7 ... fcb417144f

7 changed files with 82 additions and 130 deletions
Download patch file Download diff file Expand all files Collapse all files

16
modules/home/programs/ghostty.hjem.nix
View file

@ -5,15 +5,12 @@
...
}:
let
inherit (lib.lists) elem singleton;
inherit (lib.lists) elem;
inherit (lib.meta) getExe;
inherit (lib.attrsets) mapAttrsToList;
inherit (lib.strings) concatStringsSep;
inherit (lib.modules) mkIf;
inherit (lib) getFlakePkg;
inherit (osConfig.meta.system) isGraphical;
inherit (osConfig.meta.mainUser.defaultShell) name package;
ghostty = (getFlakePkg inputs.ghostty).override {
@ -70,10 +67,11 @@ let
};
in
{
config = mkIf isGraphical {
packages = singleton ghostty;
files.".config/ghostty/config".text =
concatStringsSep "\n"
<| mapAttrsToList (name: value: "${name} = ${toString value}") ghostty-settings;
packages = builtins.attrValues {
inherit ghostty;
};
files.".config/ghostty/config".text =
concatStringsSep "\n"
<| mapAttrsToList (name: value: "${name} = ${toString value}") ghostty-settings;
}

39
modules/programs/cli/jj.mod.nix
View file

@ -6,14 +6,14 @@
}:
let
inherit (lib.meta) getExe;
inherit (lib.lists) singleton;
inherit (lib.strings) optionalString;
inherit (builtins) attrValues readFile;
inherit (config.meta.mainUser) username;
inherit (config.meta.system) isWorkstation;
organizationScope = config.sops.secrets.organization_scope.path;
uniScope = config.sops.secrets.uni_scope.path;
realName = readFile config.sops.secrets.real_name.path;
universityEmail = readFile config.sops.secrets.university_email.path;
organizationEmail = readFile config.sops.secrets.organization_email.path;
organizationShortName = readFile config.sops.secrets.organization_short_name.path;
toml = pkgs.formats.toml { };
jj-config = toml.generate "config.toml" {
@ -21,6 +21,24 @@ let
email = "fau@faukah.com";
name = "faukah";
};
"--scope" = [
{
"--when".repositories = [ "~/repos/projects/uni" ];
user = {
email = universityEmail;
name = realName;
};
}
{
"--when".repositories = [ "~/repos/projects/${organizationShortName}" ];
user = {
email = organizationEmail;
name = realName;
};
}
];
aliases = {
c = [ "commit" ];
ci = [
@ -105,17 +123,8 @@ let
};
};
jj-wrapped = pkgs.symlinkJoin {
name = "jj-wrapped";
paths = [ pkgs.jujutsu ];
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = optionalString isWorkstation ''
wrapProgram $out/bin/jj --add-flags " --config-file ${uniScope} --config-file ${organizationScope}"
'';
};
in
{
hjem.users.${username}.xdg.config.files."jj/config.toml".source = jj-config;
environment.systemPackages = singleton jj-wrapped;
environment.systemPackages = attrValues { inherit (pkgs) jujutsu; };
}

61
modules/system/hardware/power.mod.nix
View file

@ -6,17 +6,29 @@
...
}:
let
inherit (lib.modules) mkIf;
inherit (lib.lists) singleton;
inherit (builtins) attrValues;
inherit (config.meta.system) isLaptop;
inherit (lib.modules) mkDefault mkForce;
in
{
imports = [
inputs.watt.nixosModules.default
];
config = mkIf isLaptop {
config = {
environment.systemPackages = builtins.attrValues {
inherit (pkgs)
acpi
powertop
;
};
boot = {
kernelModules = [ "acpi_call" ];
extraModulePackages = with config.boot.kernelPackages; [
acpi_call
cpupower
];
};
hardware.acpilight.enable = false;
services = {
watt.enable = true;
thermald.enable = true;
@ -25,19 +37,32 @@ in
percentageLow = 15;
percentageCritical = 5;
};
};
services.acpid = {
enable = true;
logEvents = true;
};
environment.systemPackages = attrValues {
inherit (pkgs) acpi;
};
boot = {
kernelModules = singleton "acpi_call";
extraModulePackages = attrValues {
inherit (config.boot.kernelPackages) acpi_call cpupower;
acpid = {
enable = true;
logEvents = true;
};
power-profiles-daemon.enable = mkForce false;
auto-cpufreq = {
enable = false;
settings = {
charger = {
governor = "performance";
energy_performance_preference = "performance";
scaling_min_freq = mkDefault 1800000;
scaling_max_freq = mkDefault 3800000;
turbo = "auto";
};
battery = {
governor = "powersave";
energy_performance_preference = "power";
scaling_min_freq = mkDefault 1200000;
scaling_max_freq = mkDefault 1800000;
turbo = "never";
};
};
};
};
};
}

19
modules/system/secrets/organization_scope.toml
View file

@ -1,19 +0,0 @@
{
"data": "ENC[AES256_GCM,data:vwfjHpLbHG8g79CpMpsDzYAk0vlfwKuWUTSZnKzGwCZW5rrFFBLamQoZLt5HpvvsGqBrqRditj+GSsHsZAzxz25Vfv7dcyvz1AdaFI56zmU1NzSK+RAyucPZfnjV98vJUqFgVmOFQBkv0o1ThrzXmE8jd1Osz7qKIoy/+rHCzqsBw8wFD3tMe4UjGtkI9DYFSJUh1Ym9PjBE,iv:JeLgCfQXvjWNk8BypNbqJw1+OHawEDQSCdamq0C+lis=,tag:XZUy4g3W4O9L/c1PXlooKA==,type:str]",
"sops": {
"age": [
{
"recipient": "age1a4jv2avdlj5zzq9p7ss9958t4wt3an95c3j86eclge7q2qc6n3wq4ucymc",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQRE5xR1RISy9rM3FkOGpu\ncGRCL2ZYOU5PeXNhaUtXSWxRWXN5bWNkSmlnCjB1Q0VlNDhmNmVCME5IMTU5SzVV\nSUt3RVFGRFJMc21TTXFGTzJSYkpjRTgKLS0tIHVZZnh4cG1FendxSENNRmhVY1gv\ndG55UVdhN2Nka2hJS0NwbTBud1V0L28KxHGZdIQUQ3/fG5q4rFiBrXpISdqgXsIc\n05vEYEkO0PSOeFSAkOZiSgPPVmcCQMMHj4RyeHc/BdzUDZbGA/rGtw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age12neldqxts6h3zstmk5hvmn2pq8s9qfhkt7cjcdd9wygekqrmparq6djsff",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWeVFxRGhvSm1lTW5VeDlX\nbXlIS0JOZGpjTmd0U3NWMFY3aFdra3ZiazFRCjdpT0k2d0dyUXQwUjhEaWsvd2lp\nU1FvNFc3cVNKdXdGWFdjUGd4a2hrQzQKLS0tIFhtMkhCUFdoVzVIOFFEelNJMG1Q\nMk0wNXg0ekxNU0RzREJicHFvUzFkajgKe+2lC/eUPYfzdNNDEuOheXO7EioBg6HM\nJ25diaPvFSUypux76SdFHAXqd75gMcWbhpeFcOlhXMMQ01UPeXNlYA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-09-03T16:39:42Z",
"mac": "ENC[AES256_GCM,data:DkWLyVJQIhQDOqUD2W61E+dxQVgxwqqJAVuKh6LPMOihj1MbjFDgU1YEf+CJG3sN5iQt9LtshqFZMOpy8NYMBT+8korofuaa3DeAulg3UAb29lkiXNAkrysMFUmtWUEjvKzWNuo7fGzJj0IUzIGi+HRdZXrK8y25XnVv+6bxcmE=,iv:fJjHxGmBvSPMTqwRuP2JJUEdzVPfEvnNbSZgYHTy47E=,tag:HxA6t69e/l7xYBbEiDJ0Xw==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

28
modules/system/secrets/sops.mod.nix
View file

@ -41,7 +41,6 @@ let
postBuild = ''
wrapProgram $out/bin/sops --add-flags " --config ${sopsConfig}"
'';
# --age ${keys}
};
mkRecipients = list: [ { age = list; } ];
@ -74,20 +73,6 @@ let
tower_host_key
];
}
{
path_regex = "uni_scope.toml";
key_groups = mkRecipients [
master_key
hermit_host_key
];
}
{
path_regex = "organization_scope.toml";
key_groups = mkRecipients [
master_key
hermit_host_key
];
}
];
};
@ -119,18 +104,7 @@ in
defaultSopsFile = ./secrets.json;
defaultSopsFormat = "json";
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = (listToAttrs <| filter (x: x != [ ]) <| flatten <| map generateSecrets secretFiles) // {
uni_scope = {
sopsFile = ./uni_scope.toml;
format = "binary";
mode = "0444";
};
organization_scope = {
sopsFile = ./organization_scope.toml;
format = "binary";
mode = "0444";
};
};
secrets = listToAttrs <| filter (x: x != [ ]) <| flatten <| map generateSecrets secretFiles;
};
environment.systemPackages = attrValues {
inherit sops;

19
modules/system/secrets/uni_scope.toml
View file

@ -1,19 +0,0 @@
{
"data": "ENC[AES256_GCM,data:l4IvlpDrDVnlArtnixJqwI0Ai3xG5jF5clhLGWOrqywd0lnKFjNDuEMcHlKN6cGmeFwX6i/6qkXcKT//pKNQDUvALzDY8PNp9AKV9/NmnQ7ZWzpyScXNqMnNwgs9+TA5SpKAZseVpEk3Nle29Jbene9BTYL614tlkL/uXO5KLLQAPZ4GGQ==,iv:qmrKAfdaDh3dVY95oKo666Knw7F29hi3O7zDIZFyYbc=,tag:Db54A+7rW7Amctx9lL9yBA==,type:str]",
"sops": {
"age": [
{
"recipient": "age1a4jv2avdlj5zzq9p7ss9958t4wt3an95c3j86eclge7q2qc6n3wq4ucymc",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzYTJaa1RETEFOdENzQXl6\nakg0bk1icTllRHdkb0Q1WGFxMWE5RXdGTVhzCmhsRkVVUC80Um5CcUtrY2NQVmJv\nYzZCVUllSi9hamdKemduME9BdGJjM0UKLS0tIC8zS3RaUUpBSm4xK1ozeXFHQzdz\nYmd2Z3V3ODkvQjcvdnliVVNPdmY2azAKA/2YkNAjwbTWdoQLV8qM012EzAx8yM8l\nH1cSLyfXfulUA3DGTeSck8MJmd/c5kTSkH6TqGs2XxnGSI8W92c/Uw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age12neldqxts6h3zstmk5hvmn2pq8s9qfhkt7cjcdd9wygekqrmparq6djsff",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiQk9ZU3JXYXFNZm5pdCtz\nQis4TFlqanRlY3lHdVA3S1FyQTFsTmI2MzBnCk80K041NDZmMnBUUURrZFcyMzR2\nSitjY2xLeE40V1pTckdpNHZQNjBPOEUKLS0tIGpQVnB3MUd5b0FZOUlqNzlvWFZt\nb2RMZGJVbk1ZOHpqV0dOZ0ZudXNQNWcKg5v6dzKUPR5W1B8FM5hnsLA+HjcAObES\nc+Ff371ERAFfA8S9z4kxUmjRpdp+5AORakyf4PrtlUeEx7Ah9uARug==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-09-03T16:39:27Z",
"mac": "ENC[AES256_GCM,data:awRHWYorrKxyF1qUIXO6JZ6mVI3iCOSK9eVbltvaO2xCqdlyDEzRR5gvj2IZuK+I9rubPmlgB3/VfIeK/Kn1VbHGuKfRoHId9mwL27VgnOeD6UPQFMkqs0n/vYBydZUcy/U6QUnQnrqTt6V28yzgaqRaj2pR/ipPm7NMDjj1JkI=,iv:6+dmOJOMfkQu44b4T7oYQxh/NnpBTEtgXGnBh+3CpxI=,tag:jdzLQ+74sH6s/Lc2iT5V9g==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

30
modules/system/system.mod.nix
View file

@ -1,29 +1,13 @@
{ config, lib, ... }:
{ config, ... }:
let
inherit (lib.options) mkEnableOption;
machine-id = builtins.substring 0 32 (builtins.hashString "sha256" config.networking.hostName);
cfg = config.meta.system;
in
{
options.meta.system = {
isWorkstation = mkEnableOption "Workstation system" // {
default = cfg.isLaptop;
};
isBatteryPowered = mkEnableOption "Battery-powered system" // {
default = cfg.isLaptop;
};
isGraphical = mkEnableOption "System with graphical output" // {
default = cfg.isLaptop;
};
isLaptop = mkEnableOption "System is a laptop";
};
config = {
system = {
# My state version.
stateVersion = "23.11";
disableInstallerTools = true;
tools.nixos-option.enable = false;
};
environment.etc."machine-id".text = "${machine-id}\n";
system = {
# My state version.
stateVersion = "23.11";
disableInstallerTools = true;
tools.nixos-option.enable = false;
};
environment.etc."machine-id".text = "${machine-id}\n";
}