diff --git a/.envrc b/.envrc deleted file mode 100644 index 1d953f4..0000000 --- a/.envrc +++ /dev/null @@ -1 +0,0 @@ -use nix diff --git a/default.nix b/default.nix index 1950006..1792790 100644 --- a/default.nix +++ b/default.nix @@ -15,7 +15,6 @@ let mkSystem = hostname: nixosSystem { - system = null; specialArgs = { inherit sources; self = ./.; diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..c33cc06 --- /dev/null +++ b/flake.lock @@ -0,0 +1,603 @@ +{ + "nodes": { + "__flake-compat": { + "flake": false, + "locked": { + "lastModified": 1751685974, + "narHash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=", + "ref": "refs/heads/main", + "rev": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1", + "revCount": 92, + "type": "git", + "url": "https://git.lix.systems/lix-project/flake-compat.git" + }, + "original": { + "type": "git", + "url": "https://git.lix.systems/lix-project/flake-compat.git" + } + }, + "crane": { + "locked": { + "lastModified": 1754269165, + "narHash": "sha256-0tcS8FHd4QjbCVoxN9jI+PjHgA4vc/IjkUSp+N3zy0U=", + "owner": "ipetkov", + "repo": "crane", + "rev": "444e81206df3f7d92780680e45858e31d2f07a08", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1754091436, + "narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "67df8c627c2c39c41dbec76a1f201929929ab0bd", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "ghostty": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ], + "zig": "zig", + "zon2nix": "zon2nix" + }, + "locked": { + "lastModified": 1756698714, + "narHash": "sha256-oK95HUGRpKcP49ROtXbvjn0I+m0ep9v7uuiozHqVMdI=", + "owner": "ghostty-org", + "repo": "ghostty", + "rev": "5ef6412823f789d530dcba54705a533b2e6ce0a7", + "type": "github" + }, + "original": { + "owner": "ghostty-org", + "repo": "ghostty", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "hjem": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "smfh": "smfh" + }, + "locked": { + "lastModified": 1756255328, + "narHash": "sha256-WJ70Dv+tJjIl7mMOqUgcdcz+RrujDRoeKptiU6oh1lI=", + "owner": "feel-co", + "repo": "hjem", + "rev": "2426d6ad20e767895e936ed0c9563cc4e2b6c96f", + "type": "github" + }, + "original": { + "owner": "feel-co", + "repo": "hjem", + "type": "github" + } + }, + "impermanence": { + "locked": { + "lastModified": 1737831083, + "narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "impermanence", + "type": "github" + } + }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay_2" + }, + "locked": { + "lastModified": 1754297745, + "narHash": "sha256-aD6/scLN3L4ZszmNbhhd3JQ9Pzv1ScYFphz14wHinfs=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "892cbdca865d6b42f9c0d222fe309f7720259855", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lanzaboote", + "type": "github" + } + }, + "nh": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756647477, + "narHash": "sha256-1pxbBTSCew43iYpKGYBixZuhZaI38brfQj3HGEEiEwc=", + "owner": "nix-community", + "repo": "nh", + "rev": "99b47b919d58cd1c8985329097e493ad69c6d10b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nh", + "type": "github" + } + }, + "nil": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1754679101, + "narHash": "sha256-nFK2XhrDS5igmkDQWmyTcgiJsEr3KOcR31DaSy+Fy9s=", + "owner": "oxalica", + "repo": "nil", + "rev": "f80fe365cb441624d1608235e6e793e5dce47fb0", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "nil", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1755972213, + "narHash": "sha256-VYK7aDAv8H1enXn1ECRHmGbeY6RqLnNwUJkOwloIsko=", + "rev": "73e96df7cff5783f45e21342a75a1540c4eddce4", + "type": "tarball", + "url": "https://releases.nixos.org/nixos/unstable-small/nixos-25.11pre850642.73e96df7cff5/nixexprs.tar.xz" + }, + "original": { + "type": "tarball", + "url": "https://channels.nixos.org/nixos-unstable-small/nixexprs.tar.xz" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 315532800, + "narHash": "sha256-JaSDu+RYnaHrkMCcW95rc8pG9QjD7nzX+/VHleiPVxA=", + "rev": "37ff64b7108517f8b6ba5705ee5085eac636a249", + "type": "tarball", + "url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre854301.37ff64b71085/nixexprs.tar.xz?rev=37ff64b7108517f8b6ba5705ee5085eac636a249" + }, + "original": { + "type": "tarball", + "url": "https://channels.nixos.org/nixpkgs-unstable/nixexprs.tar.xz" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1754214453, + "narHash": "sha256-Q/I2xJn/j1wpkGhWkQnm20nShYnG7TI99foDBpXm1SY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5b09dc45f24cf32316283e62aec81ffee3c3e376", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750779888, + "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "quickshell": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756352679, + "narHash": "sha256-UkKaPXTPzT7HAcBOV4NlWx2GAEJaTf0eb5OX6Q6jPqg=", + "ref": "refs/heads/master", + "rev": "f7597cdae2d537c5b12843599955856090dc49d5", + "revCount": 668, + "type": "git", + "url": "https://git.outfoxxed.me/outfoxxed/quickshell" + }, + "original": { + "type": "git", + "url": "https://git.outfoxxed.me/outfoxxed/quickshell" + } + }, + "root": { + "inputs": { + "__flake-compat": "__flake-compat", + "ghostty": "ghostty", + "hjem": "hjem", + "impermanence": "impermanence", + "lanzaboote": "lanzaboote", + "nh": "nh", + "nil": "nil", + "nixpkgs": "nixpkgs_2", + "quickshell": "quickshell", + "sops-nix": "sops-nix", + "watt": "watt", + "zedless": "zedless", + "zen-browser-flake": "zen-browser-flake" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "hjem", + "smfh", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1747622321, + "narHash": "sha256-W0dYIWgsUu6rvOJRtKLhKskkv0VhQhJYGNIq+gGUc8g=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "bd030fd9983f7fddf87be1c64aa3064c8afa24c4", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1754189623, + "narHash": "sha256-fstu5eb30UYwsxow0aQqkzxNxGn80UZjyehQVNVHuBk=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "c582ff7f0d8a7ea689ae836dfb1773f1814f472a", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "smfh": { + "inputs": { + "nixpkgs": [ + "hjem", + "nixpkgs" + ], + "rust-overlay": "rust-overlay", + "systems": "systems_2" + }, + "locked": { + "lastModified": 1749906619, + "narHash": "sha256-/9Ww10kYopxfCNNnNDwENTubs7Wzqlw+O6PJAHNOYQw=", + "owner": "feel-co", + "repo": "smfh", + "rev": "39f5c06153f63100376bc607b1465850b6df77fd", + "type": "github" + }, + "original": { + "owner": "feel-co", + "repo": "smfh", + "type": "github" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1754988908, + "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=", + "owner": "mic92", + "repo": "sops-nix", + "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48", + "type": "github" + }, + "original": { + "owner": "mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "watt": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1754314403, + "narHash": "sha256-pETi/Fs+8FF2ZuE+JyK9+NcFaDPMHx71UdWgmzjxvkQ=", + "owner": "notashelf", + "repo": "watt", + "rev": "f68a9795616699870d213dc9e641dab655aa434a", + "type": "github" + }, + "original": { + "owner": "notashelf", + "repo": "watt", + "type": "github" + } + }, + "zedless": { + "inputs": { + "flake-compat": "flake-compat_3", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1754831523, + "narHash": "sha256-tkdq7WR0AvIy/eof2L2ELXKh6b73P7dcWcgJC7ww3aM=", + "owner": "zedless-editor", + "repo": "zed", + "rev": "adb21022b5063757c035d851a0e458f8e4ae954b", + "type": "github" + }, + "original": { + "owner": "zedless-editor", + "repo": "zed", + "type": "github" + } + }, + "zen-browser-flake": { + "inputs": { + "home-manager": [], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756614150, + "narHash": "sha256-ZT+IHU78RzOiO7RhZ64VQyG8HgYz3/sUmUGll/8j8XA=", + "owner": "0xc000022070", + "repo": "zen-browser-flake", + "rev": "8c898b127c9989453ebda9c0d1e77c968ef4f0ec", + "type": "github" + }, + "original": { + "owner": "0xc000022070", + "repo": "zen-browser-flake", + "type": "github" + } + }, + "zig": { + "inputs": { + "flake-compat": [ + "ghostty", + "flake-compat" + ], + "flake-utils": [ + "ghostty", + "flake-utils" + ], + "nixpkgs": [ + "ghostty", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1748261582, + "narHash": "sha256-3i0IL3s18hdDlbsf0/E+5kyPRkZwGPbSFngq5eToiAA=", + "owner": "mitchellh", + "repo": "zig-overlay", + "rev": "aafb1b093fb838f7a02613b719e85ec912914221", + "type": "github" + }, + "original": { + "owner": "mitchellh", + "repo": "zig-overlay", + "type": "github" + } + }, + "zon2nix": { + "inputs": { + "flake-utils": [ + "ghostty", + "flake-utils" + ], + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1756000480, + "narHash": "sha256-fR5pdcjO0II5MNdCzqvyokyuFkmff7/FyBAjUS6sMfA=", + "owner": "jcollie", + "repo": "zon2nix", + "rev": "d9dc9ef1ab9ae45b5c9d80c6a747cc9968ee0c60", + "type": "github" + }, + "original": { + "owner": "jcollie", + "repo": "zon2nix", + "rev": "d9dc9ef1ab9ae45b5c9d80c6a747cc9968ee0c60", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..476db41 --- /dev/null +++ b/flake.nix @@ -0,0 +1,66 @@ +{ + inputs = { + # Unstable nixpkgs, using the new Lockable HTTP Tarball protocol + # https://github.com/NixOS/infra/pull/562. + nixpkgs.url = "https://channels.nixos.org/nixpkgs-unstable/nixexprs.tar.xz"; + + impermanence.url = "github:nix-community/impermanence"; + + watt = { + url = "github:notashelf/watt"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + quickshell = { + url = "git+https://git.outfoxxed.me/outfoxxed/quickshell"; + # THIS IS IMPORTANT + # Mismatched system dependencies will lead to crashes and other issues. + inputs.nixpkgs.follows = "nixpkgs"; + }; + # secure booting + lanzaboote = { + url = "github:nix-community/lanzaboote"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + zen-browser-flake = { + url = "github:0xc000022070/zen-browser-flake"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.home-manager.follows = ""; + }; + + hjem = { + url = "github:feel-co/hjem"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + zedless.url = "github:zedless-editor/zed"; + + nh = { + url = "github:nix-community/nh"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + nil = { + url = "github:oxalica/nil"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + ghostty = { + url = "github:ghostty-org/ghostty"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + sops-nix = { + url = "github:mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + __flake-compat = { + url = "git+https://git.lix.systems/lix-project/flake-compat.git"; + flake = false; + }; + }; + + outputs = _: { }; +} diff --git a/modules/home/dev/helix.hjem.nix b/modules/home/dev/helix.hjem.nix index 9ebe3a7..a4947b0 100644 --- a/modules/home/dev/helix.hjem.nix +++ b/modules/home/dev/helix.hjem.nix @@ -1,12 +1,12 @@ { + inputs, lib, pkgs, - sources, ... }: let inherit (lib.attrsets) mapAttrs' nameValuePair; - inherit (lib.meta) getExe; + inherit (lib) getFlakePkg; helix = pkgs.helix.overrideAttrs ( finalAttrs: _: { @@ -32,21 +32,7 @@ let let inherit (lib.meta) getExe getExe'; - nixfmt = pkgs.callPackage "${sources.nixfmt}/default.nix" { }; - - nil = pkgs.rustPlatform.buildRustPackage { - pname = "nil"; - version = "unstable"; - src = sources.nil; - cargoLock = { - lockFile = "${sources.nil}/Cargo.lock"; - allowBuiltinFetchGit = false; - }; - nativeBuildInputs = [ pkgs.nixVersions.latest ]; - - doInstallCheck = false; - meta.mainProgram = "nil"; - }; + nil = getFlakePkg inputs.nil; new-deadnix = pkgs.deadnix.overrideAttrs ( _: _: { @@ -120,10 +106,10 @@ let { name = "javascript"; auto-format = true; - language-servers = [ - "dprint" - "typescript-language-server" - ]; + # language-servers = [ + # "dprint" + # "typescript-language-server" + # ]; } { name = "json"; @@ -157,10 +143,10 @@ let { name = "typescript"; auto-format = true; - language-servers = [ - "dprint" - "typescript-language-server" - ]; + # language-servers = [ + # "dprint" + # "typescript-language-server" + # ]; } { name = "rust"; @@ -251,15 +237,15 @@ let }; }; }; - dprint = { - command = getExe pkgs.dprint; - args = [ "lsp" ]; - }; + # dprint = { + # command = getExe pkgs.dprint; + # args = [ "lsp" ]; + # }; nil = { command = getExe nil; config.nil = { - formatting.command = [ "${getExe nixfmt}" ]; + formatting.command = [ "${getExe pkgs.nixfmt}" ]; diagnostics = { bindingEndHintMinLines = 10; }; @@ -357,7 +343,7 @@ let snippets = true; }; file-picker = { - hidden = false; + hidden = true; }; line-number = "relative"; completion-timeout = 5; @@ -416,6 +402,7 @@ let ":redraw" ]; i = ":toggle lsp.display-inlay-hints"; + u = ":toggle file-picker.hidden"; }; esc = [ "collapse_selection" @@ -462,6 +449,7 @@ in taplo kdlfmt gopls + asm-lsp ; }; @@ -477,4 +465,6 @@ in } ) themes; + # osConfig.environment.variables.EDITOR = "hx"; + } diff --git a/modules/home/hjem.mod.nix b/modules/home/hjem.mod.nix index 1593737..9b525dd 100644 --- a/modules/home/hjem.mod.nix +++ b/modules/home/hjem.mod.nix @@ -1,8 +1,8 @@ { config, + inputs, lib, pkgs, - sources, ... }: let @@ -16,11 +16,7 @@ in { imports = [ - (import sources.flake-compat { - src = sources.hjem; - copySourceTreeToStore = false; - useBuiltinsFetchTree = true; - }).outputs.nixosModules.default + inputs.hjem.nixosModules.default ]; config = { @@ -35,7 +31,7 @@ in }; extraModules = (listFilesRecursive ./.) |> filter (hasSuffix ".hjem.nix"); specialArgs = { - inherit sources; + inherit inputs; }; }; }; diff --git a/modules/home/programs/ghostty.hjem.nix b/modules/home/programs/ghostty.hjem.nix index c76b7c5..9367c20 100644 --- a/modules/home/programs/ghostty.hjem.nix +++ b/modules/home/programs/ghostty.hjem.nix @@ -1,7 +1,7 @@ { + inputs, lib, osConfig, - pkgs, ... }: let @@ -9,9 +9,16 @@ let inherit (lib.meta) getExe; inherit (lib.attrsets) mapAttrsToList; inherit (lib.strings) concatStringsSep; + inherit (lib) getFlakePkg; inherit (osConfig.meta.mainUser.defaultShell) name package; + ghostty = (getFlakePkg inputs.ghostty).override { + optimize = "ReleaseFast"; + enableX11 = false; + enableWayland = true; + }; + # Shell integration for ghostty only supports # bash, fish and zsh for now. shell-integration = @@ -28,11 +35,12 @@ let ghostty-settings = { font-size = 14; - font-family = "JetBrainsMonoNerdFont"; + # font-family = "JetBrainsMonoNerdFont"; + font-family = "Berkeley Mono"; app-notifications = "no-clipboard-copy"; background-opacity = 1.0; - bold-is-bright = "true"; + bold-is-bright = true; confirm-close-surface = "false"; cursor-style-blink = "false"; gtk-single-instance = "true"; @@ -60,7 +68,7 @@ let in { packages = builtins.attrValues { - inherit (pkgs) ghostty; + inherit ghostty; }; files.".config/ghostty/config".text = diff --git a/modules/other/users.mod.nix b/modules/other/users.mod.nix index 091e76c..167c99d 100644 --- a/modules/other/users.mod.nix +++ b/modules/other/users.mod.nix @@ -2,7 +2,6 @@ config, lib, pkgs, - sources, ... }: let @@ -12,7 +11,6 @@ let inherit (config.meta.mainUser) username; in { - imports = [ (sources.hjem + "/modules/nixos") ]; options.meta = { users = mkOption { type = listOf str; @@ -57,8 +55,8 @@ in }; }; config = { - # environment.shells = [ pkgs.nushell ]; - programs.zsh.enable = true; + environment.shells = [ pkgs.nushell ]; + programs.zsh.enable = false; users = { mutableUsers = true; users = { @@ -73,7 +71,7 @@ in "nix" "docker" ]; - shell = pkgs.zsh; + shell = pkgs.nushell; }; }; }; diff --git a/modules/packages/packages.mod.nix b/modules/packages/packages.mod.nix index 57494bd..dbb6ca5 100644 --- a/modules/packages/packages.mod.nix +++ b/modules/packages/packages.mod.nix @@ -1,109 +1,117 @@ { + inputs, lib, pkgs, - sources, ... }: let - nixfmt = pkgs.callPackage "${sources.nixfmt}/default.nix" { }; - comma = pkgs.callPackage ( - _: - pkgs.rustPlatform.buildRustPackage { - pname = "comma"; - version = "unstable"; - src = sources.comma; - cargoLock = { - allowBuiltinFetchGit = true; - lockFile = "${sources.comma}/Cargo.lock"; - }; - nativeBuildInputs = [ pkgs.makeBinaryWrapper ]; - doInstallCheck = false; + nil = pkgs.rustPlatform.buildRustPackage { + pname = "nil"; + version = "unstable"; + src = inputs.nil.outPath; + cargoLock = { + lockFile = "${inputs.nil.outPath}/Cargo.lock"; + allowBuiltinFetchGit = false; + }; + nativeBuildInputs = [ pkgs.nixVersions.latest ]; - postInstall = '' - wrapProgram $out/bin/comma \ - --prefix PATH : ${ - lib.makeBinPath [ - pkgs.fzy - pkgs.nix-index-unwrapped - ] - } - ln -s $out/bin/comma $out/bin/, - ''; - } - ) { }; + doInstallCheck = false; + meta.mainProgram = "nil"; + }; in { - environment.systemPackages = - with pkgs; - [ - universal-android-debloater - emacs-pgtk - # better cd - zoxide - ouch - # pipe viewer - pv - # hex editor - bvi - #better ls - eza - atuin - # better cat - bat - # clipboard - # yazi - serpl - diff-so-fancy - tig - direnv - sesh - mprocs - curlie - entr - procs - sd - # mult - glow - # dua-cli - dust - iamb - kondo - # better grep - ripgrep - # IP stuff - dig - # simply the best fetch tool out there - microfetch - fzf - element - difftastic - hexyl - yazi - gnumake - asciinema - inetutils - tokei - starship - wget - cpufetch - watchman - # yt-dlp # borked check phase - tealdeer - hyperfine - imagemagick - ffmpeg-full - # catimg - timg - nmap - fd - jq - rsync - figlet - unzip - zip - ] - ++ [ - nixfmt - comma - ]; + environment = { + defaultPackages = [ ]; + systemPackages = + with pkgs; + [ + asciinema + atuin + bat + bvi + cachix + calc + cpufetch + curlie + delta + diff-so-fancy + difftastic + difftastic + dig + direnv + dust + element + entr + eza + eza + fd + ffmpeg-full + figlet + fzf + gcc + git + glow + gnumake + hexyl + httpie + hyperfine + iamb + imagemagick + inetutils + inetutils + jq + jujutsu + just + kondo + lazygit + linuxHeaders + microfetch + microfetch + mprocs + mprocs + neofetch + nmap + nmap + ouch + procs + pv + ripgrep + ripgrep + rsync + sd + serpl + sesh + smartmontools + starship + tealdeer + television + tig + timg + tokei + trash-cli + universal-android-debloater + unzip + util-linux + w3m + watchman + wget + wireguard-tools + yazi + zed-editor + zip + zip + zoxide + (lib.hiPrio pkgs.uutils-coreutils-noprefix) + zoxide + nixfmt + radare2 + uv + ty + python3 + comma + ] + ++ [ + nil + ]; + }; } diff --git a/modules/programs/cli/nh.mod.nix b/modules/programs/cli/nh.mod.nix index a671006..d0dc217 100644 --- a/modules/programs/cli/nh.mod.nix +++ b/modules/programs/cli/nh.mod.nix @@ -1,8 +1,7 @@ { config, + inputs, lib, - pkgs, - sources, ... }: let @@ -10,9 +9,8 @@ let inherit (config.modules.other.system) username; inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; - nh = (pkgs.callPackage "${sources.nh}/package.nix" { }).overrideAttrs (_: { - doInstallCheck = false; - }); + inherit (lib) getFlakePkg; + nh = getFlakePkg inputs.nh; in { options.modules.programs.nh.enable = mkEnableOption "nh"; diff --git a/modules/programs/gui/bitwarden.mod.nix b/modules/programs/gui/bitwarden.mod.nix index 79726ad..34f1891 100644 --- a/modules/programs/gui/bitwarden.mod.nix +++ b/modules/programs/gui/bitwarden.mod.nix @@ -7,6 +7,33 @@ let inherit (config.modules.system) isGraphical; inherit (lib.modules) mkIf; + inherit (lib.meta) getExe; + inherit (builtins) readFile; + inherit (config.meta.mainUser) username; + realEmail = readFile config.sops.secrets.real_email.path; + bitwardenUrl = readFile config.sops.secrets.bitwarden_url.path; + + fix_ssh_keys = pkgs.writeText "patch" '' + diff --git a/src/api.rs b/src/api.rs + index 8cad5b6..ea352fa 100644 + --- a/src/api.rs + +++ b/src/api.rs + @@ -1115,13 +1115,14 @@ impl Client { + .get(self.api_url("/sync")) + .header("Authorization", format!("Bearer {access_token}")) + // This is necessary for vaultwarden to include the ssh keys in the response + - .header("Bitwarden-Client-Version", "2024.12.0") + + .header("Bitwarden-Client-Version", "2025.08.0") + .send() + .await + .map_err(|source| Error::Reqwest { source })?; + match res.status() { + reqwest::StatusCode::OK => { + let sync_res: SyncRes = res.json_with_path().await?; + + eprintln!("sync res: {sync_res:?}"); + let folders = sync_res.folders.clone(); + let ciphers = sync_res + .ciphers ''; bitwarden-desktop-wrapped = pkgs.symlinkJoin { name = "bitwarden-desktop-wrapped"; @@ -17,19 +44,45 @@ let BITWARDEN_SSH_AUTH_SOCK /run/user/1000/ssh-agent.sock ''; }; + + rbw = pkgs.rbw.overrideAttrs (finalAttrs: { + version = "1.14.1"; + + src = pkgs.fetchzip { + url = "https://git.tozt.net/rbw/snapshot/rbw-${finalAttrs.version}.tar.gz"; + hash = "sha256-4wNDDMaz9zjNYahOZXARDbNdGKl0kS0pF3qQuM7fK4s="; + }; + + cargoDeps = pkgs.rustPlatform.fetchCargoVendor { + inherit (rbw) src; + hash = "sha256-H1DSP3Kyklv8ncn7zDP0njDlwB8Qh+h7mqWRAJcpWrE="; + }; + + patches = [ + fix_ssh_keys + ]; + }); in { config = mkIf isGraphical { + hjem.users.${username}.xdg.config.files."rbw/config.json".text = + builtins.toJSON + <| { + email = realEmail; + pinentry = getExe pkgs.pinentry-qt; + base_url = bitwardenUrl; + }; environment = { systemPackages = lib.attrValues { inherit (pkgs) bitwarden-cli + pinentry-qt ; - inherit bitwarden-desktop-wrapped; + inherit bitwarden-desktop-wrapped rbw; }; # Set the ssh socket globally. This alows all applications and shells to use # the ssh-agent. - variables."SSH_AUTH_SOCK" = "/run/user/1000/ssh-agent.sock"; + sessionVariables."SSH_AUTH_SOCK" = "/run/user/1000/ssh-agent.sock"; }; }; } diff --git a/modules/programs/gui/zen.mod.nix b/modules/programs/gui/zen.mod.nix new file mode 100644 index 0000000..53040a4 --- /dev/null +++ b/modules/programs/gui/zen.mod.nix @@ -0,0 +1,138 @@ +{ + lib, + inputs, + ... +}: +let + inherit (lib) getFlakePkg'; + zen-browser = getFlakePkg' inputs.zen-browser-flake "beta"; + inherit (lib.modules) mkForce; +in +{ + programs.firefox = { + enable = true; + package = zen-browser; + languagePacks = [ + "de" + "en-US" + "ru" + ]; + policies = { + # Updates & Background Services + AppAutoUpdate = false; + BackgroundAppUpdate = false; + + # Feature Disabling + DisableBuiltinPDFViewer = false; + DisableFirefoxStudies = true; + DisableFirefoxAccounts = true; + DisableFirefoxScreenshots = true; + DisableForgetButton = true; + DisableMasterPasswordCreation = true; + DisableProfileImport = true; + DisableProfileRefresh = true; + DisableSetDesktopBackground = true; + DisablePocket = true; + DisableTelemetry = true; + DisableFormHistory = true; + DisablePasswordReveal = true; + + # Access Restrictions + BlockAboutConfig = false; + BlockAboutProfiles = true; + BlockAboutSupport = true; + + # UI and Behavior + DisplayMenuBar = "never"; + DontCheckDefaultBrowser = true; + HardwareAcceleration = true; + OfferToSaveLogins = false; + + # Extensions + ExtensionSettings = + let + moz = short: "https://addons.mozilla.org/firefox/downloads/latest/${short}/latest.xpi"; + in + { + # Block all extensions by default. + "*".installation_mode = "blocked"; + + "uBlock0@raymondhill.net" = { + install_url = moz "ublock-origin"; + installation_mode = "force_installed"; + updates_disabled = true; + }; + + "{73a6fe31-595d-460b-a920-fcc0f8843232}" = { + install_url = moz "noscript"; + installation_mode = "force_installed"; + updates_disabled = true; + }; + + "3rdparty".Extensions = { + "uBlock0@raymondhill.net".adminSettings = { + userSettings = rec { + uiTheme = "dark"; + uiAccentCustom = true; + uiAccentCustom0 = "#8300ff"; + cloudStorageEnabled = mkForce false; + + importedLists = [ + "https:#filters.adtidy.org/extension/ublock/filters/3.txt" + "https:#github.com/DandelionSprout/adfilt/raw/master/LegitimateURLShortener.txt" + + "https://raw.githubusercontent.com/yokoffing/filterlists/refs/heads/main/privacy_essentials.txt" + "https://raw.githubusercontent.com/hagezi/dns-blocklists/refs/heads/main/adblock/pro.plus.mini.txt" + "https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/LegitimateURLShortener.txt" + "https://raw.githubusercontent.com/yokoffing/filterlists/refs/heads/main/annoyance_list.txt" + "https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/BrowseWebsitesWithoutLoggingIn.txt" + ]; + + externalLists = lib.concatStringsSep "\n" importedLists; + }; + + selectedFilterLists = [ + "CZE-0" + "adguard-generic" + "adguard-annoyance" + "adguard-social" + "adguard-spyware-url" + "easylist" + "easyprivacy" + "https:#github.com/DandelionSprout/adfilt/raw/master/LegitimateURLShortener.txt" + "plowe-0" + "ublock-abuse" + "ublock-badware" + "ublock-filters" + "ublock-privacy" + "ublock-quick-fixes" + "ublock-unbreak" + "urlhaus-1" + + "https://raw.githubusercontent.com/yokoffing/filterlists/refs/heads/main/privacy_essentials.txt" + "https://raw.githubusercontent.com/hagezi/dns-blocklists/refs/heads/main/adblock/pro.plus.mini.txt" + "https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/LegitimateURLShortener.txt" + "https://raw.githubusercontent.com/yokoffing/filterlists/refs/heads/main/annoyance_list.txt" + "https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/BrowseWebsitesWithoutLoggingIn.txt" + ]; + }; + }; + }; + + SearchEngines = { + Add = [ + { + "Name" = "Kagi"; + "URLTemplate" = "https://kagi.com/search?q={searchTerms}"; + "Method" = "'GET' | 'POST'"; + "IconURL" = "https://www.example.org/favicon.ico"; + "Alias" = "Kagi"; + "Description" = "Kagi search engine"; + "PostData" = "name=value&q={searchTerms}"; + "SuggestURLTemplate" = "https://kagi.com/api/autosuggest?q={searchTerms}"; + } + ]; + }; + }; + }; +} diff --git a/modules/style/quickshell/quickshell.mod.nix b/modules/style/quickshell/quickshell.mod.nix index 5ab2e37..71d1557 100644 --- a/modules/style/quickshell/quickshell.mod.nix +++ b/modules/style/quickshell/quickshell.mod.nix @@ -1,32 +1,40 @@ { config, + inputs, lib, pkgs, - sources, ... }: let inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; + inherit (lib) getFlakePkg; cfg = config.modules.theming.quickshell; + quickshell = getFlakePkg inputs.quickshell; in { options.modules.theming.quickshell.enable = mkEnableOption "quickshell"; config = mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - (pkgs.callPackage (sources.quickshell + "/default.nix") { }) - qt6.qtimageformats - qt6.qt5compat - qt6.qtmultimedia - qt6.qtdeclarative - qt6.qtsvg - qt6.qtwayland - qt6.qtbase - kdePackages.breeze - kdePackages.breeze-icons - ]; + environment.systemPackages = builtins.attrValues { + inherit + quickshell + ; + inherit (pkgs.qt6) + qtimageformats + qt5compat + qtmultimedia + qtdeclarative + qtsvg + qtwayland + qtbase + ; + inherit (pkgs.kdePackages) + breeze + breeze-icons + ; + }; # taken from outfoxxed. qt.enable = true; diff --git a/modules/system/boot/lanzaboote.mod.nix b/modules/system/boot/lanzaboote.mod.nix index 77fbf5f..b305f02 100644 --- a/modules/system/boot/lanzaboote.mod.nix +++ b/modules/system/boot/lanzaboote.mod.nix @@ -1,22 +1,20 @@ { config, + inputs, lib, pkgs, - sources, ... -}: let +}: +let inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; cfg = config.modules.system.boot.lanzaboote; -in { +in +{ options.modules.system.boot.lanzaboote.enable = mkEnableOption "Lanzaboote"; imports = [ - (import sources.flake-compat { - src = sources.lanzaboote; - copySourceTreeToStore = false; - useBuiltinsFetchTree = true; - }).outputs.nixosModules.lanzaboote + inputs.lanzaboote.nixosModules.lanzaboote ]; config = mkIf cfg.enable { @@ -33,6 +31,6 @@ in { loader.systemd-boot.enable = lib.mkForce false; }; - environment.systemPackages = [pkgs.sbctl]; + environment.systemPackages = [ pkgs.sbctl ]; }; } diff --git a/modules/system/hardware/power.mod.nix b/modules/system/hardware/power.mod.nix index 9d9c53d..8834476 100644 --- a/modules/system/hardware/power.mod.nix +++ b/modules/system/hardware/power.mod.nix @@ -1,16 +1,16 @@ { config, - sources, + inputs, lib, pkgs, ... }: let - inherit (lib.modules) mkDefault; + inherit (lib.modules) mkDefault mkForce; in { imports = [ - # (sources.watt + "/nix/module.nix") + inputs.watt.nixosModules.default ]; config = { environment.systemPackages = builtins.attrValues { @@ -29,195 +29,19 @@ in }; hardware.acpilight.enable = false; - - # services.watt = { - # enable = true; - # # sample config from https://github.com/NotAShelf/watt#sample-configuration - # settings = { - # rule = [ - # { - # cpu = { - # energy-performance-preference = "power"; - # frequency-mhz-maximum = 2000; - # governor = "powersave"; - # turbo = false; - # }; - # "if" = { - # is-more-than = 85; - # value = "$cpu-temperature"; - # }; - # priority = 100; - # } - # { - # cpu = { - # energy-performance-preference = "power"; - # frequency-mhz-maximum = 800; - # governor = "powersave"; - # turbo = false; - # }; - # "if" = { - # all = [ - # "?discharging" - # { - # is-less-than = 0.3; - # value = "%power-supply-charge"; - # } - # ]; - # }; - # power = {platform-profile = "low-power";}; - # priority = 90; - # } - # { - # cpu = { - # energy-performance-preference = "performance"; - # governor = "performance"; - # turbo = true; - # }; - # "if" = { - # all = [ - # { - # is-more-than = 0.8; - # value = "%cpu-usage"; - # } - # { - # is-less-than = 30; - # value = "$cpu-idle-seconds"; - # } - # { - # is-less-than = 75; - # value = "$cpu-temperature"; - # } - # ]; - # }; - # priority = 80; - # } - # { - # cpu = { - # energy-performance-bias = "balance_performance"; - # energy-performance-preference = "performance"; - # governor = "performance"; - # turbo = true; - # }; - # "if" = { - # all = [ - # {not = "?discharging";} - # { - # is-more-than = 0.1; - # value = "%cpu-usage"; - # } - # { - # is-less-than = 80; - # value = "$cpu-temperature"; - # } - # ]; - # }; - # priority = 70; - # } - # { - # cpu = { - # energy-performance-preference = "balance_performance"; - # governor = "schedutil"; - # }; - # "if" = { - # all = [ - # { - # is-more-than = 0.4; - # value = "%cpu-usage"; - # } - # { - # is-less-than = 0.8; - # value = "%cpu-usage"; - # } - # ]; - # }; - # priority = 60; - # } - # { - # cpu = { - # energy-performance-preference = "power"; - # governor = "powersave"; - # turbo = false; - # }; - # "if" = { - # all = [ - # { - # is-less-than = 0.2; - # value = "%cpu-usage"; - # } - # { - # is-more-than = 60; - # value = "$cpu-idle-seconds"; - # } - # ]; - # }; - # priority = 50; - # } - # { - # cpu = { - # energy-performance-preference = "power"; - # frequency-mhz-maximum = 1600; - # governor = "powersave"; - # turbo = false; - # }; - # "if" = { - # is-more-than = 300; - # value = "$cpu-idle-seconds"; - # }; - # priority = 40; - # } - # { - # cpu = { - # energy-performance-preference = "power"; - # frequency-mhz-maximum = 2000; - # governor = "powersave"; - # turbo = false; - # }; - # "if" = { - # all = [ - # "?discharging" - # { - # is-less-than = 0.5; - # value = "%power-supply-charge"; - # } - # ]; - # }; - # power = {platform-profile = "low-power";}; - # priority = 30; - # } - # { - # cpu = { - # energy-performance-bias = "balance_power"; - # energy-performance-preference = "power"; - # frequency-mhz-maximum = 1800; - # frequency-mhz-minimum = 200; - # governor = "powersave"; - # turbo = false; - # }; - # "if" = "?discharging"; - # priority = 20; - # } - # { - # cpu = { - # energy-performance-preference = "balance_performance"; - # governor = "schedutil"; - # }; - # priority = 0; - # } - # ]; - # }; - # }; services = { + watt.enable = true; + thermald.enable = true; upower = { enable = true; percentageLow = 15; percentageCritical = 5; }; - acpid = { enable = true; logEvents = true; }; - + power-profiles-daemon.enable = mkForce false; auto-cpufreq = { enable = false; settings = { @@ -238,6 +62,7 @@ in }; }; }; + }; }; } diff --git a/modules/system/nix/nix.mod.nix b/modules/system/nix/nix.mod.nix index 5eb3fe2..dec36b6 100644 --- a/modules/system/nix/nix.mod.nix +++ b/modules/system/nix/nix.mod.nix @@ -1,20 +1,16 @@ -# credits to raf { - sources, + inputs, lib, pkgs, ... }: let inherit (lib.modules) mkForce; - - lix = pkgs.callPackage "${sources.lix}/package.nix" { - stdenv = pkgs.clangStdenv; - }; + inherit (builtins) removeAttrs; in { nix = { - package = lix; + package = pkgs.lixPackageSets.stable.lix; # Check that Nix can parse the generated nix.conf. checkConfig = true; @@ -25,18 +21,14 @@ in channel.enable = mkForce false; # this is taken from sioodmy. - # pin the registry to avoid downloading and evaling a new nixpkgs version every time - # registry = - # lib.mapAttrs (_: v: {flake = v.outPath;}) sources - # // {system.flake = sources.nichts;}; - registry.nixpkgs.to = { - type = "path"; - source = sources.nixpkgs; + # Pin the registry to avoid downloading and evaling a new nixpkgs version every time. + registry = lib.mapAttrs (_: v: { flake = v; }) (removeAttrs inputs [ "__flake-compat" ]) // { + system.flake = inputs.self; }; # Add inputs to the system's legacy channels # to make legacy nix commands consistent as well - nixPath = [ "nixpkgs=/etc/nixos/nixpkgs" ]; + nixPath = [ "nixpkgs=${inputs.nixpkgs.outPath}" ]; # Run the Nix daemon on lowest possible priority daemonCPUSchedPolicy = "idle"; @@ -67,7 +59,10 @@ in # manually, as Nix won't do it for us. use-xdg-base-directories = true; - # Automatically optimise symlinks + # If set to true, Nix automatically detects files in the store that have + # identical contents, and replaces them with hard links to a single copy. + # This saves disk space. If set to false (the default), you can still run + # nix-store --optimise to get rid of duplicate files. auto-optimise-store = true; # Users that are allowed to connect to the Nix daemon. @@ -124,6 +119,7 @@ in "nix-command" # experimental nix commands "cgroups" # allow nix to execute builds inside cgroups "pipe-operator" + "no-url-literals" ]; # Ensures that the result of Nix expressions is fully determined by @@ -157,6 +153,8 @@ in keep-derivations = true; keep-outputs = true; + bash-prompt-suffix = "\[\033[m\]|\[\033[1;35m\]\t\[\033[m\]|\[\e[1m\]\u\[\e[1;36m\]\[\033[m\]@\[\e[1;36m\]\h\[\033[m\]:\[\e[0m\]\[\e[1;32m\][\W]> \[\e[0m\]"; + # Use binary cache builders-use-substitutes = true; @@ -168,15 +166,11 @@ in trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ]; - # Determinate nix config - # =========================================== - # lazy-trees = true; - # =========================================== }; }; environment.etc = { - "nixos/nixpkgs".source = builtins.storePath sources.nixpkgs; + "nixos/nixpkgs".source = builtins.storePath inputs.nixpkgs.outPath; }; systemd.services = { # WE DONT WANT TO BUILD STUFF ON TMPFS diff --git a/modules/system/nix/nixpkgs.mod.nix b/modules/system/nix/nixpkgs.mod.nix index 2955c48..ffec8fb 100644 --- a/modules/system/nix/nixpkgs.mod.nix +++ b/modules/system/nix/nixpkgs.mod.nix @@ -1,6 +1,6 @@ { + inputs, lib, - sources, pkgs, ... }: @@ -11,7 +11,7 @@ in { imports = [ # Going full schizo - "${sources.nixpkgs}/nixos/modules/misc/nixpkgs/read-only.nix" + # "${sources.nixpkgs}/nixos/modules/misc/nixpkgs/read-only.nix" ]; options.nixpkgs.system = mkOption { @@ -19,42 +19,44 @@ in default = pkgs.system; readOnly = true; }; + config.nixpkgs = { + # flake.source = inputs.nixpkgs; + pkgs = import inputs.nixpkgs { + inherit (pkgs.stdenv) hostPlatform; + overlays = [ ]; + config = { + # Configuration reference: + # + # Disallow broken packages to be built. + allowBroken = false; - config.nixpkgs.pkgs = import sources.nixpkgs { - inherit (pkgs.stdenv) hostPlatform; - overlays = [ ]; - config = { - # Configuration reference: - # - # Disallow broken packages to be built. - allowBroken = false; + allowUnsupportedSystem = true; - allowUnsupportedSystem = true; + # Warn when config contains an unrecognized attribute. + # This might be useful for getting a better configuration. + warnUndeclaredOptions = true; - # Warn when config contains an unrecognized attribute. - # This might be useful for getting a better configuration. - warnUndeclaredOptions = true; + # Allow unfree packages + allowUnfree = true; - # Allow unfree packages - allowUnfree = true; + # Permitted insecure packages in a system. + # Default to none, add more as necessary. + # Matrix also likes using deprecated libraries, which tend to go into this list. + # permittedInsecurePackages = []; - # Permitted insecure packages in a system. - # Default to none, add more as necessary. - # Matrix also likes using deprecated libraries, which tend to go into this list. - # permittedInsecurePackages = []; + # Whether to set enableParallelBuilding to true by default while + # building nixpkgs packages. Changing the default causes a mass rebuild. + enableParallelBuildingByDefault = false; - # Whether to set enableParallelBuilding to true by default while - # building nixpkgs packages. Changing the default causes a mass rebuild. - enableParallelBuildingByDefault = false; + # Whether to expose old attribute names for compatibility. + # This improves backwards compatibility, + # which I could not care less about in my configuration. + allowAliases = false; - # Whether to expose old attribute names for compatibility. - # This improves backwards compatibility, - # which I could not care less about in my configuration. - allowAliases = false; - - # List of derivation warnings to display while rebuilding. - # See: - showDerivationWarnings = [ ]; + # List of derivation warnings to display while rebuilding. + # See: + showDerivationWarnings = [ ]; + }; }; }; } diff --git a/modules/system/os/impermanence.mod.nix b/modules/system/os/impermanence.mod.nix index 4125d44..f380833 100644 --- a/modules/system/os/impermanence.mod.nix +++ b/modules/system/os/impermanence.mod.nix @@ -2,7 +2,6 @@ inputs, config, lib, - sources, ... }: let @@ -13,7 +12,7 @@ let in { imports = [ - (sources.impermanence + "/nixos.nix") + inputs.impermanence.nixosModules.default ]; config = mkIf cfg.enable { users = { diff --git a/modules/system/secrets/personal_info.json b/modules/system/secrets/personal_info.json new file mode 100644 index 0000000..5bbebd7 --- /dev/null +++ b/modules/system/secrets/personal_info.json @@ -0,0 +1,24 @@ +{ + "real_name": "ENC[AES256_GCM,data:R7Kac0dwMbxmCw4hpw==,iv:CijNtk8WiPlEwIg0OLu4ILLE2wh0W9HXm9OK9/Da+ng=,tag:NK2N6faooEknURwLuVP7OQ==,type:str]", + "real_email": "ENC[AES256_GCM,data:wwXcdxZQDxt2gnWP1qf9cw==,iv:fkx0m72FF7pB15fHRxObsTaLdnkOsexCgzOyfpoGFmE=,tag:mj2/4cofrJSIOqdAWiWstg==,type:str]", + "university_email": "ENC[AES256_GCM,data:WPy2AckQPWn+1OHJuTM=,iv:o2AT+RMUfCFVWaoD5D/GV5aq9kOgD/rCaHzwqYFIjig=,tag:KprTGSH2NvsrOCvhxLL/9w==,type:str]", + "organization_short_name": "ENC[AES256_GCM,data:dTVFz51V,iv:5sUc4qUIu+QNzmWihAXgyfRwZAdjEq9/prJCxpB2jbg=,tag:r91kaPi6p4heizRy5duFrw==,type:str]", + "organization_email": "ENC[AES256_GCM,data:GNBt9fXxBkh3z8L+DeD/mhBz14mJjkeX1wk9rHkUTg==,iv:7/VLeL3s9/CL2VtDiWFJNx+VJuGsGamWbcIG/MxNlC8=,tag:/KOXA6gII3Wrmgd9wjhD+g==,type:str]", + "bitwarden_url": "ENC[AES256_GCM,data:vhEVMZwDyQhQtXYR1diLQIDf6urqu03VC+M=,iv:icG6ieX9WjAj5Y4DpmSJaBvcqjksll3tWtWE5psaK08=,tag:+tIURDxZxv6qXR8B/eVyfg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1a4jv2avdlj5zzq9p7ss9958t4wt3an95c3j86eclge7q2qc6n3wq4ucymc", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYZzJqMmdzdklJVXBWaXFr\nTlJuVVIvTEhndkhyWWEvb1JzbnJuQ2NrTDI4ClVxYUNTSms2Y29xV3RkbTlFR0Fl\nS3p2dlFVTnp0bmhsRVk5eGJNR0s0SzAKLS0tIHpkTTJ4djg3K2FSNFM2RDFXbWd5\neFpsMUdRczZpSnY0eE41WGtyQmI2amMKx+TPSzzdaXWc24ibbbI44O0Tg23MlQk7\nypgcVAaG+Q1HyBH2hZ+6HNAXIvko4CvAQu2kjipN8kN1vVFVO7pM8A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age12neldqxts6h3zstmk5hvmn2pq8s9qfhkt7cjcdd9wygekqrmparq6djsff", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBL1ExSlArditYSytuUzNC\nMEpVSUVGbGhkNklmT1ZnK1VJWGxGZWlreUFNClU1NjdPdHNPRVlWa0tCdjRvRDNY\nMFpSajY0d21ZTnFVbDZkSG4yS3ZkZmMKLS0tIGdLK1B2TUZyWXVHNkhRWkVIRVFJ\nWEtpS2NEanIzR3YzVHhDOVc0WTgzdHcKXrFMFf5niLKK+oN2RbpH5wy/2SjDuP8O\nyxUdKX9R0Hu2ZPk4cJXwn/PZDNP1M3wFlPnF+kJ4bSBRzV+M51W2jw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-01T21:25:00Z", + "mac": "ENC[AES256_GCM,data:CUMEpOwIw+/RIOyr6aE2YVZiJLGY8FhMv0IOUIFV1kHveOEtAkNWbRzOV1o1cq9pA9ot0dKn4KZRLuUZ+uJzCrxwBHILBZMFksS0czSPgLfg0uz9mJ2u1pPjvoUcQRuIOUN1Id32zQ/W36nPEpR3J/Jomx5nCVNiFmZSteZCx+E=,iv:wGzjsGMJ72ejDCiHN6Xo1ZP5ho1F++WZrwE2YwCN8ns=,tag:Ev1xjuwta6KL8lnPbhliyw==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/modules/system/secrets/secrets.json b/modules/system/secrets/secrets.json new file mode 100644 index 0000000..b56d024 --- /dev/null +++ b/modules/system/secrets/secrets.json @@ -0,0 +1,18 @@ +{ + "sops": { + "age": [ + { + "recipient": "age1a4jv2avdlj5zzq9p7ss9958t4wt3an95c3j86eclge7q2qc6n3wq4ucymc", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRT1VLNEVwZ09TODBYd0ZR\nQ2FUOXYzZGxQWkNmSUt5N0JhYlk5Wm9kWnc0Cm5XbUQyU1lBWUFBNVdLSk50aHI0\naTk0by9KOWw4VkJ2a0tHdjUyRzB1bU0KLS0tIDVEekdTNnNBamV5WWhmcmJMV3Vh\nKzZaVHBVT1F6U2FoQUZrenNyQnZJZUkKwQc4NaU0xk1TWqSHGYnbnKZGtC22j2MD\nUmlg9qmuGOy371Djx6dgdnXQy1367PTpoT+MWFWsMEPNbTbimHmJxA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age12neldqxts6h3zstmk5hvmn2pq8s9qfhkt7cjcdd9wygekqrmparq6djsff", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2QkJqblYxNjBPNitUeW5j\nZloxL2VwV0dTOTErSTd1ajNqTlRqTWdOMmhzCnlsT1ZiYVdCVVVQOXlCY0hKeVJz\nbDgyeXhUaWFGY0lNM0JyNHAvR2dSRE0KLS0tIGVBdlB6ZU1PNStkbloyeHhPdG1L\nUnhzYm9qQldOVVhjV2o3R3cvNFRoYzgK+D7d7VuBTm3SZJ5ErURJmBzC4mh6hH/0\nP81s+n3No8QEIzt9FVj/WuKo0T9wm9X7l4ItzD27Y3xOCmAtpM7Fwg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-01T22:22:52Z", + "mac": "ENC[AES256_GCM,data:FJo1PM2DqR3ImZoo7zl3IZRVKHdkTD1f5UIf/qSIVNA5UiSZuGX22XCZQRaGFc0XhI6oFLlnqXHGFUjcm5W487oVa9L/DiLE8iqCnMFcg2TmDb2n0BBzTkFusRaG1xBk4DvXGwXyRqY6kkn3vL1MoOmKJK13UkpTcgKa0bVWwBM=,iv:Qc0S5CBkgBAyKpEeBaqhZZsnDXkr5pHvTFVR99uGcNw=,tag:KBGcvx2j/BEPcd9bpLuY7A==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/modules/system/secrets/sops.mod.nix b/modules/system/secrets/sops.mod.nix new file mode 100644 index 0000000..0f607a7 --- /dev/null +++ b/modules/system/secrets/sops.mod.nix @@ -0,0 +1,100 @@ +{ + config, + inputs, + lib, + pkgs, + ... +}: +let + inherit (lib.attrsets) attrValues attrNames; + inherit (lib.strings) concatStringsSep hasSuffix; + inherit (lib.lists) flatten remove; + inherit (builtins) + fromJSON + listToAttrs + map + readFile + filter + readDir + ; + + fromYAML = (pkgs.formats.yaml { }).generate; + + # sops_master_key + master_key = "age1a4jv2avdlj5zzq9p7ss9958t4wt3an95c3j86eclge7q2qc6n3wq4ucymc"; + # hermit /etc/ssh/ssh_host_ed25519_key + hermit_host_key = "age12neldqxts6h3zstmk5hvmn2pq8s9qfhkt7cjcdd9wygekqrmparq6djsff"; + keys = concatStringsSep "," [ + master_key + hermit_host_key + ]; + + sops = pkgs.symlinkJoin { + name = "sops-wrapped"; + paths = [ pkgs.sops ]; + nativeBuildInputs = [ pkgs.makeWrapper ]; + postBuild = '' + wrapProgram $out/bin/sops --add-flags "--age ${keys} --config ${sopsConfig}" + ''; + }; + + mkRecipients = list: [ { age = list; } ]; + + sopsConfig = fromYAML ".sops.yaml" { + keys = [ + master_key + hermit_host_key + ]; + creation_rules = [ + { + path_regex = "secrets.json"; + key_groups = mkRecipients [ + master_key + hermit_host_key + ]; + } + { + path_regex = "personal_info.json"; + key_groups = mkRecipients [ + master_key + hermit_host_key + ]; + } + ]; + }; + + secretFiles = filter (file: hasSuffix "json" file) <| attrNames <| readDir ./.; + + secretNames = file: remove "sops" <| attrNames <| fromJSON <| readFile <| ./. + "/${file}"; + + fileModes."personal_info.json" = "0444"; + + generateSecrets = + file: + map (n: { + name = n; + value = { + sopsFile = ./. + "/${file}"; + mode = fileModes.${file} or "0400"; + }; + }) + <| secretNames file; + +in +{ + imports = [ + inputs.sops-nix.nixosModules.sops + ]; + + config = { + sops = { + defaultSopsFile = ./secrets.json; + defaultSopsFormat = "json"; + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + secrets = listToAttrs <| filter (x: x != [ ]) <| flatten <| map generateSecrets secretFiles; + }; + environment.systemPackages = attrValues { + inherit sops; + }; + }; +} diff --git a/modules/system/system.mod.nix b/modules/system/system.mod.nix index 1f4b7cf..7f56135 100644 --- a/modules/system/system.mod.nix +++ b/modules/system/system.mod.nix @@ -6,6 +6,8 @@ in system = { # My state version. stateVersion = "23.11"; + disableInstallerTools = true; + tools.nixos-option.enable = false; }; environment.etc."machine-id".text = "${machine-id}\n"; } diff --git a/modules/wms/niri/niri.mod.nix b/modules/wms/niri/niri.mod.nix index d110264..2662967 100644 --- a/modules/wms/niri/niri.mod.nix +++ b/modules/wms/niri/niri.mod.nix @@ -2,7 +2,6 @@ config, lib, pkgs, - sources, ... }: let @@ -13,96 +12,6 @@ let cfg = config.modules.desktops.niri; - niri = pkgs.callPackage ( - _: - pkgs.rustPlatform.buildRustPackage { - pname = "niri"; - version = "unstable"; - - src = sources.niri; - postPatch = '' - patchShebangs resources/niri-session - substituteInPlace resources/niri.service \ - --replace-fail '/usr/bin' "$out/bin" - ''; - - cargoLock = { - allowBuiltinFetchGit = true; - lockFile = "${sources.niri}/Cargo.lock"; - }; - doCheck = false; - - nativeBuildInputs = with pkgs; [ - rustPlatform.bindgenHook - pkg-config - installShellFiles - ]; - - buildInputs = with pkgs; [ - cairo - dbus - libGL - libdisplay-info - libinput - seatd - libxkbcommon - libgbm - pango - wayland - dbus - pipewire - # Also includes libudev - systemd - ]; - - buildFeatures = [ - "dbus" - "dinit" - "xdp-gnome-screencast" - "systemd" - ]; - buildNoDefaultFeatures = true; - - postInstall = '' - installShellCompletion --cmd niri \ - --bash <($out/bin/niri completions bash) \ - --fish <($out/bin/niri completions fish) \ - --zsh <($out/bin/niri completions zsh) - - install -Dm644 resources/niri.desktop -t $out/share/wayland-sessions - install -Dm644 resources/niri-portals.conf -t $out/share/xdg-desktop-portal - install -Dm755 resources/niri-session $out/bin/niri-session - install -Dm644 resources/niri{.service,-shutdown.target} -t $out/share/systemd/user - ''; - - env = { - # Force linking with libEGL and libwayland-client - # so they can be discovered by `dlopen()` - RUSTFLAGS = toString ( - map (arg: "-C link-arg=" + arg) [ - "-Wl,--push-state,--no-as-needed" - "-lEGL" - "-lwayland-client" - "-Wl,--pop-state" - ] - ++ [ - "-Ctarget-cpu=native" - "-Cpanic=abort" - "-Clto=thin" - "-Cembed-bitcode=yes" - ] - ); - }; - - passthru = { - providedSessions = [ "niri" ]; - }; - - meta.mainProgram = "niri"; - - } - ) { }; - kdl = pkgs.callPackage ./kdl.nix { }; node = name: args: children: { @@ -151,7 +60,7 @@ in config = mkIf (cfg.enable || isGraphical) { programs.niri = { enable = true; - package = niri; + package = pkgs.niri; }; # The niri module auto enables the gnome keyring, # which is something I direly want to avoid. diff --git a/npins/default.nix b/npins/default.nix deleted file mode 100644 index 46c315b..0000000 --- a/npins/default.nix +++ /dev/null @@ -1,210 +0,0 @@ -/* - This file is provided under the MIT licence: - - Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - - The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -*/ -# Generated by npins. Do not modify; will be overwritten regularly -let - # Backwards-compatibly make something that previously didn't take any arguments take some - # The function must return an attrset, and will unfortunately be eagerly evaluated - # Same thing, but it catches eval errors on the default argument so that one may still call it with other arguments - mkFunctor = - fn: - let - e = (builtins.tryEval (fn { })); - in - (if e.success then e.value else { error = fn { }; }) // { __functor = _self: fn; }; - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 - range = - first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 - stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 - stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); - concatMapStrings = f: list: concatStrings (map f list); - concatStrings = builtins.concatStringsSep ""; - - # If the environment variable NPINS_OVERRIDE_${name} is set, then use - # the path directly as opposed to the fetched source. - # (Taken from Niv for compatibility) - mayOverride = - name: path: - let - envVarName = "NPINS_OVERRIDE_${saneName}"; - saneName = stringAsChars (c: if (builtins.match "[a-zA-Z0-9]" c) == null then "_" else c) name; - ersatz = builtins.getEnv envVarName; - in - if ersatz == "" then - path - else - # this turns the string into an actual Nix path (for both absolute and - # relative paths) - builtins.trace "Overriding path of \"${name}\" with \"${ersatz}\" due to set \"${envVarName}\"" ( - if builtins.substring 0 1 ersatz == "/" then - /. + ersatz - else - /. + builtins.getEnv "PWD" + "/${ersatz}" - ); - - mkSource = - name: spec: - { - pkgs ? null, - }: - assert spec ? type; - let - # Unify across builtin and pkgs fetchers. - # `fetchGit` requires a wrapper because of slight API differences. - fetchers = - if pkgs == null then - { - inherit (builtins) fetchTarball fetchurl; - # For some fucking reason, fetchGit has a different signature than the other builtin fetchers … - fetchGit = args: (builtins.fetchGit args).outPath; - } - else - { - fetchTarball = pkgs.fetchzip; - inherit (pkgs) fetchurl; - fetchGit = - { - url, - submodules, - rev, - name, - narHash, - }: - pkgs.fetchgit { - inherit url rev name; - fetchSubmodules = submodules; - hash = narHash; - }; - }; - - # Dispatch to the correct code path based on the type - path = - if spec.type == "Git" then - mkGitSource fetchers spec - else if spec.type == "GitRelease" then - mkGitSource fetchers spec - else if spec.type == "PyPi" then - mkPyPiSource fetchers spec - else if spec.type == "Channel" then - mkChannelSource fetchers spec - else if spec.type == "Tarball" then - mkTarballSource fetchers spec - else - builtins.throw "Unknown source type ${spec.type}"; - in - spec // { outPath = mayOverride name path; }; - - mkGitSource = - { fetchTarball, fetchGit, ... }: - { - repository, - revision, - url ? null, - submodules, - hash, - branch ? null, - ... - }: - assert repository ? type; - # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository - # In the latter case, there we will always be an url to the tarball - if url != null && !submodules then - fetchTarball { - inherit url; - sha256 = hash; - } - else - let - url = - if repository.type == "Git" then - repository.url - else if repository.type == "GitHub" then - "https://github.com/${repository.owner}/${repository.repo}.git" - else if repository.type == "GitLab" then - "${repository.server}/${repository.repo_path}.git" - else - throw "Unrecognized repository type ${repository.type}"; - urlToName = - url: rev: - let - matched = builtins.match "^.*/([^/]*)(\\.git)?$" url; - - short = builtins.substring 0 7 rev; - - appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else ""; - in - "${if matched == null then "source" else builtins.head matched}${appendShort}"; - name = urlToName url revision; - in - fetchGit { - rev = revision; - narHash = hash; - - inherit name submodules url; - }; - - mkPyPiSource = - { fetchurl, ... }: - { url, hash, ... }: - fetchurl { - inherit url; - sha256 = hash; - }; - - mkChannelSource = - { fetchTarball, ... }: - { url, hash, ... }: - fetchTarball { - inherit url; - sha256 = hash; - }; - - mkTarballSource = - { fetchTarball, ... }: - { - url, - locked_url ? url, - hash, - ... - }: - fetchTarball { - url = locked_url; - sha256 = hash; - }; -in -mkFunctor ( - { - input ? ./sources.json, - }: - let - data = - if builtins.isPath input then - # while `readFile` will throw an error anyways if the path doesn't exist, - # we still need to check beforehand because *our* error can be caught but not the one from the builtin - # *piegames sighs* - if builtins.pathExists input then - builtins.fromJSON (builtins.readFile input) - else - throw "Input path ${toString input} does not exist" - else if builtins.isAttrs input then - input - else - throw "Unsupported input type ${builtins.typeOf input}, must be a path or an attrset"; - version = data.version; - in - if version == 6 then - builtins.mapAttrs (name: spec: mkFunctor (mkSource name spec)) data.pins - else - throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`" -) diff --git a/npins/sources.json b/npins/sources.json deleted file mode 100644 index 8fd0d9e..0000000 --- a/npins/sources.json +++ /dev/null @@ -1,240 +0,0 @@ -{ - "pins": { - "comma": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "comma" - }, - "branch": "master", - "submodules": false, - "revision": "531e5219b25c1584461cc4b7fb11729a9b928b2b", - "url": "https://github.com/nix-community/comma/archive/531e5219b25c1584461cc4b7fb11729a9b928b2b.tar.gz", - "hash": "sha256-QmHTqpPugYmv7as7DqbVQLiXKdm73f0EpMg7nZvHQQQ=" - }, - "flake-compat": { - "type": "Git", - "repository": { - "type": "Forgejo", - "server": "https://git.lix.systems/", - "owner": "lix-project", - "repo": "flake-compat" - }, - "branch": "main", - "submodules": false, - "revision": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1", - "url": "https://git.lix.systems/lix-project/flake-compat/archive/549f2762aebeff29a2e5ece7a7dc0f955281a1d1.tar.gz", - "hash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=" - }, - "ghostty": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "ghostty-org", - "repo": "ghostty" - }, - "branch": "main", - "submodules": false, - "revision": "d3cadf24952a6088affee9f752f75c3db8287801", - "url": "https://github.com/ghostty-org/ghostty/archive/d3cadf24952a6088affee9f752f75c3db8287801.tar.gz", - "hash": "sha256-OKeY9b+enmrLNKV9J2OCWYWNDC6MZuBbObknFCK8Qfs=" - }, - "hjem": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "feel-co", - "repo": "hjem" - }, - "branch": "main", - "submodules": false, - "revision": "2426d6ad20e767895e936ed0c9563cc4e2b6c96f", - "url": "https://github.com/feel-co/hjem/archive/2426d6ad20e767895e936ed0c9563cc4e2b6c96f.tar.gz", - "hash": "sha256-WJ70Dv+tJjIl7mMOqUgcdcz+RrujDRoeKptiU6oh1lI=" - }, - "impermanence": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "impermanence" - }, - "branch": "master", - "submodules": false, - "revision": "4b3e914cdf97a5b536a889e939fb2fd2b043a170", - "url": "https://github.com/nix-community/impermanence/archive/4b3e914cdf97a5b536a889e939fb2fd2b043a170.tar.gz", - "hash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=" - }, - "lanzaboote": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "lanzaboote" - }, - "branch": "master", - "submodules": false, - "revision": "892cbdca865d6b42f9c0d222fe309f7720259855", - "url": "https://github.com/nix-community/lanzaboote/archive/892cbdca865d6b42f9c0d222fe309f7720259855.tar.gz", - "hash": "sha256-aD6/scLN3L4ZszmNbhhd3JQ9Pzv1ScYFphz14wHinfs=" - }, - "lix": { - "type": "Git", - "repository": { - "type": "Forgejo", - "server": "https://git.lix.systems/", - "owner": "lix-project", - "repo": "lix" - }, - "branch": "main", - "submodules": false, - "revision": "fe6395cd4d7aa1ffd415cb2267ff431b5c66152f", - "url": "https://git.lix.systems/lix-project/lix/archive/fe6395cd4d7aa1ffd415cb2267ff431b5c66152f.tar.gz", - "hash": "sha256-AGzXkcbafClvd31K/C/Nb9MByIws+WV0lYKQ1JzvVQA=" - }, - "lix-module": { - "type": "Git", - "repository": { - "type": "Forgejo", - "server": "https://git.lix.systems/", - "owner": "lix-project", - "repo": "nixos-module" - }, - "branch": "main", - "submodules": false, - "revision": "1c906dd92e032bcb5a27f98cf53833cae889537f", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/1c906dd92e032bcb5a27f98cf53833cae889537f.tar.gz", - "hash": "sha256-IgD1JR7scSEwlK/YAbmrcTWpAYT30LPldCUHdzXkaMs=" - }, - "nh": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "nh" - }, - "branch": "master", - "submodules": false, - "revision": "6cd62b00023932effbf57f21879f4d2deae4b256", - "url": "https://github.com/nix-community/nh/archive/6cd62b00023932effbf57f21879f4d2deae4b256.tar.gz", - "hash": "sha256-28NHVSsYAp4vdSApAmbbdkG4bjhBODPDiyx/E4uMGpc=" - }, - "nil": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "oxalica", - "repo": "nil" - }, - "branch": "main", - "submodules": false, - "revision": "f80fe365cb441624d1608235e6e793e5dce47fb0", - "url": "https://github.com/oxalica/nil/archive/f80fe365cb441624d1608235e6e793e5dce47fb0.tar.gz", - "hash": "sha256-nFK2XhrDS5igmkDQWmyTcgiJsEr3KOcR31DaSy+Fy9s=" - }, - "niri": { - "type": "GitRelease", - "repository": { - "type": "GitHub", - "owner": "yalter", - "repo": "niri" - }, - "pre_releases": false, - "version_upper_bound": null, - "release_prefix": null, - "submodules": false, - "version": "v25.05.1", - "revision": "61e306c1c6b13ae99bf7f51532a6aa86cd50d690", - "url": "https://api.github.com/repos/yalter/niri/tarball/refs/tags/v25.05.1", - "hash": "sha256-z4viQZLgC2bIJ3VrzQnR+q2F3gAOEQpU1H5xHtX/2fs=" - }, - "nixfmt": { - "type": "GitRelease", - "repository": { - "type": "GitHub", - "owner": "nixos", - "repo": "nixfmt" - }, - "pre_releases": false, - "version_upper_bound": null, - "release_prefix": null, - "submodules": false, - "version": "v1.0.0", - "revision": "1f2589cb7198529c6c1eec9699eccd4d507d3600", - "url": "https://api.github.com/repos/nixos/nixfmt/tarball/refs/tags/v1.0.0", - "hash": "sha256-d8SYpFoCpi1GrqlKwxxq9qhyjDANeLgr8WWJNRK6wkc=" - }, - "nixpkgs": { - "type": "Channel", - "name": "nixpkgs-unstable", - "url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre852965.c3e5d9f86b3f/nixexprs.tar.xz", - "hash": "sha256-izg2LuZgjCZx+B6J+lYhk1Jo4L0yAHsZTRD8vHRhD9A=" - }, - "npins": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "andir", - "repo": "npins" - }, - "branch": "master", - "submodules": false, - "revision": "e4683671e145c652c371b6b8ad9b0d757c88853c", - "url": "https://github.com/andir/npins/archive/e4683671e145c652c371b6b8ad9b0d757c88853c.tar.gz", - "hash": "sha256-Nu86s1xok+1EFM0J9e55hrYPgfoutEZUDBpeXReCOaY=" - }, - "quickshell": { - "type": "Git", - "repository": { - "type": "Git", - "url": "https://git.outfoxxed.me/outfoxxed/quickshell" - }, - "branch": "master", - "submodules": false, - "revision": "f7597cdae2d537c5b12843599955856090dc49d5", - "url": null, - "hash": "sha256-UkKaPXTPzT7HAcBOV4NlWx2GAEJaTf0eb5OX6Q6jPqg=" - }, - "spicetify-nix": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "Gerg-L", - "repo": "spicetify-nix" - }, - "branch": "master", - "submodules": false, - "revision": "2bedaf52261ef2adbe71af70820aeb41dfe9a5ef", - "url": "https://github.com/Gerg-L/spicetify-nix/archive/2bedaf52261ef2adbe71af70820aeb41dfe9a5ef.tar.gz", - "hash": "sha256-lD4Zn37DWEx0X1DqM3npH68b7oh81H8BaaO3c6Ol/DQ=" - }, - "systems": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-systems", - "repo": "default-linux" - }, - "branch": "main", - "submodules": false, - "revision": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "url": "https://github.com/nix-systems/default-linux/archive/31732fcf5e8fea42e59c2488ad31a0e651500f68.tar.gz", - "hash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=" - }, - "watt": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "notashelf", - "repo": "watt" - }, - "branch": "main", - "submodules": false, - "revision": "f68a9795616699870d213dc9e641dab655aa434a", - "url": "https://github.com/notashelf/watt/archive/f68a9795616699870d213dc9e641dab655aa434a.tar.gz", - "hash": "sha256-pETi/Fs+8FF2ZuE+JyK9+NcFaDPMHx71UdWgmzjxvkQ=" - } - }, - "version": 6 -} diff --git a/shell.nix b/shell.nix deleted file mode 100644 index 505408b..0000000 --- a/shell.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - pkgs ? import { }, - sources ? import ./npins, -}: -pkgs.mkShellNoCC { - - packages = [ - (pkgs.callPackage (sources.npins + "/npins.nix") { }) - pkgs.nil - pkgs.nixfmt - ]; -}