fireproof/nixos
1
0
Fork 0
mirror of https://github.com/nickolaj-jepsen/nixos.git synced 2026-01-22 16:16:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

ready

Browse source
This commit is contained in:
Nickolaj Jepsen 2025-02-19 23:42:24 +01:00
parent 73d096b328
commit 3b0ed14d85
36 changed files with 663 additions and 1032 deletions
Download patch file Download diff file Expand all files Collapse all files

1276
parts/hosts/desktop/facter.json
View file

File diff suppressed because it is too large Load diff

1
parts/hosts/desktop/monitors.nix
View file

@ -1,5 +1,4 @@
_: {
# monitor=DP-1,1920x1080@60,2880x0,auto
monitors = [
{
name = "DP-2";

5
parts/hosts/laptop/configuration.nix
View file

@ -1,7 +1,4 @@
{
pkgs,
...
}: {
{pkgs, ...}: {
# Enable OpenGL
hardware.graphics = {
enable = true;

50
parts/modules/apps/firefox.nix
View file

@ -1,3 +1,49 @@
_: {
programs.firefox.enable = true;
{
pkgsUnstable,
inputs,
pkgs,
...
}: let
nur = inputs.nur.legacyPackages.${pkgs.system};
extensions = nur.repos.rycee.firefox-addons;
in {
programs.firefox = {
enable = true;
package = pkgsUnstable.firefox;
};
fireproof.home-manager = {
programs.firefox = {
enable = true;
package = pkgsUnstable.firefox;
profiles.default = {
extensions = with extensions; [
# Privacy
ublock-origin
clearurls
libredirect
# Security
bitwarden
# Media
dearrow
sponsorblock
# Search
kagi-search
# Productivity
new-tab-override
# Social
reddit-enhancement-suite
];
settings = {
"browser.startup.homepage" = "https://flame.nickolaj.com";
};
};
};
};
}

24
parts/modules/apps/vscode.nix
View file

@ -14,8 +14,8 @@
mkFormatter = formatter: languages: {
"[${lib.concatStringsSep "][" languages}]" = {
editor.defaultFormatter = formatter;
editor.formatOnSave = true;
"editor.defaultFormatter" = formatter;
"editor.formatOnSave" = true;
};
};
in {
@ -28,20 +28,28 @@ in {
userSettings = lib.mkMerge [
{
# General
extensions.ignoreRecommendations = true;
"extensions.ignoreRecommendations" = true;
# Remote
remote.SSH.useLocalServer = false;
"remote.SSH.useLocalServer" = false;
# AI
github.copilot.editor.enableAutoCompletions = true;
github.copilot.enable."*" = true;
"github.copilot.editor.enableAutoCompletions" = true;
"github.copilot.enable" = {"*" = true;};
# Theme
workbench.colorTheme = "Darcula Theme from IntelliJ";
"workbench.colorTheme" = "Darcula Theme from IntelliJ";
# Keybindings
workbench.commandPalette.experimental.suggestCommands = true; # Emulates IntelliJ's "Search Everywhere"
"workbench.commandPalette.experimental.suggestCommands" = true; # Emulates IntelliJ's "Search Everywhere"
# nix-ide
"nix.enableLanguageServer" = true;
"nix.serverPath" = lib.getExe pkgs.nil;
"nix.serverSettings" = {
nil.formatting.command = ["nix" "fmt" "--" "--"];
};
}
(mkFormatter "esbenp.prettier-vscode" ["json" "jsonc" "markdown" "css" "scss" "typescript" "typescriptreact" "html" "yaml"])
(mkFormatter "charliermarsh.ruff" ["python"])

3
parts/modules/base/ld.nix Normal file
View file

@ -0,0 +1,3 @@
_: {
programs.nix-ld.enable = true;
}

3
parts/modules/base/ssh.nix
View file

@ -32,7 +32,8 @@ in {
user = "nij";
identityFile = "${config.age.secrets.ssh-key-ao.path}";
};
"dev.ao,scw.ao".proxyJump = "bastion.ao";
"dev.ao".proxyJump = "bastion.ao";
"scw.ao".proxyJump = "bastion.ao";
"clickhouse.ao".user = "ubuntu";
"flex.ao" = {
hostname = "192.168.2.5";

3
parts/modules/base/time.nix Normal file
View file

@ -0,0 +1,3 @@
_: {
time.timeZone = "Europe/Copenhagen";
}

57
parts/modules/desktop/astal/default.nix
View file

@ -5,6 +5,11 @@
config,
...
}: let
primaryMonitorName =
if builtins.length config.monitors > 0
then (builtins.elemAt config.monitors 0).name
else "";
packageName = "fireproof-shell";
cfg = config.modules.astral;
package = inputs.ags.lib.bundle {
@ -27,9 +32,9 @@
in {
options = {
modules.astral.primaryMonitor = lib.mkOption {
type = lib.types.string;
default = "";
example = "M27Q";
type = lib.types.str;
default = primaryMonitorName;
example = "DP-1";
};
modules.astral.notificationIgnores = lib.mkOption {
type = lib.types.listOf lib.types.str;
@ -44,32 +49,32 @@ in {
};
config = {
environment.systemPackages = [package inputs.ags.packages.${pkgs.system}.agsFull];
environment.systemPackages = [package inputs.ags.packages.${pkgs.system}.agsFull];
fireproof.home-manager = {
systemd.user.services.astal = {
Unit = {
Description = "Astal";
Documentation = "https://github.com/Aylur/astal";
After = ["graphical-session.target"];
};
fireproof.home-manager = {
systemd.user.services.astal = {
Unit = {
Description = "Astal";
Documentation = "https://github.com/Aylur/astal";
After = ["graphical-session.target"];
};
Service = {
ExecStart = "${package}/bin/${packageName}";
Restart = "on-failure";
KillMode = "mixed";
Slice = "app-graphical.slice";
DefaultEnvironment = ''
ASTRAL_PRIMARY_MONITOR=${cfg.primaryMonitor}
ASTRAL_NOTIFICATION_IGNORE=${lib.concatStringsSep "," cfg.notificationIgnores}
ASTRAL_TRAY_IGNORE=${lib.concatStringsSep "," cfg.trayIgnore}
'';
};
Service = {
ExecStart = "${package}/bin/${packageName}";
Restart = "on-failure";
KillMode = "mixed";
Slice = "app-graphical.slice";
Environment = [
"ASTRAL_PRIMARY_MONITOR=${cfg.primaryMonitor}"
"ASTRAL_NOTIFICATION_IGNORE=${lib.concatStringsSep "," cfg.notificationIgnores}"
"ASTRAL_TRAY_IGNORE=${lib.concatStringsSep "," cfg.trayIgnore}"
];
};
Install = {
WantedBy = ["graphical-session.target"];
Install = {
WantedBy = ["graphical-session.target"];
};
};
};
};
};
}
}

6
parts/modules/desktop/astal/src/config.ts
View file

@ -1,4 +1,4 @@
import GLib from "gi://GLib"
import GLib from "gi://GLib";
type ignoreFn = (test: string) => boolean;
@ -18,7 +18,7 @@ const envArray = (name: string): string[] => {
const value = GLib.getenv(name);
if (!value) return [];
return value.split(",");
}
};
const envIgnoreArray = (name: string): ignoreFn[] => {
return envArray(name).map((r: string) => {
@ -27,7 +27,7 @@ const envIgnoreArray = (name: string): ignoreFn[] => {
}
return (test: string) => test === r;
});
}
};
export default {
monitor: {

3
parts/modules/desktop/astal/src/utils/monitors.ts
View file

@ -12,12 +12,13 @@ export const getMonitors = (): {
} => {
const scanFn = [
// Monitor in config
(monitor: Gdk.Monitor) => config.monitor.main === monitor.get_model(),
(monitor: Gdk.Monitor) => config.monitor.main === monitor.get_connector(),
// First monitor
() => true,
];
const monitors = App.get_monitors();
console.log("config.monitor.main", config.monitor.main);
const main =
scanFn.map((fn) => monitors.find(fn)).find((m) => m) || monitors[0];
const secondary = monitors

28
parts/modules/desktop/gtk/default.nix Normal file
View file

@ -0,0 +1,28 @@
{
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
nautilus
];
fireproof.home-manager = {
home.pointerCursor = {
gtk.enable = true;
name = "Adwaita";
package = pkgs.adwaita-icon-theme;
size = 24;
};
gtk = {
enable = true;
theme = {
name = "adw-gtk3-dark";
package = pkgs.adw-gtk3;
};
gtk4.extraCss = builtins.readFile ./theme.css;
gtk3.extraCss = builtins.readFile ./theme.css;
};
};
}

0
parts/modules/desktop/gtk/theme.css Normal file
View file

39
parts/modules/desktop/hyprland/default.nix
View file

@ -1,15 +1,27 @@
{
lib,
config,
pkgs,
...
}:
with lib; let
cfg = config.fireproof;
primaryMonitorName =
if builtins.length config.monitors > 0
then (builtins.elemAt config.monitors 0).name
else "";
mkKeyboard = name: {
inherit name;
kb_layout = "eu";
};
in {
imports = [
./hyprpolkitagent.nix
];
config = {
programs.uwsm.enable = true;
programs.hyprland = {
@ -29,6 +41,9 @@ in {
};
environment.sessionVariables.NIXOS_OZONE_WL = "1";
environment.systemPackages = with pkgs; [
hyprcursor
];
fireproof.home-manager = {
wayland.windowManager.hyprland = {
@ -37,6 +52,10 @@ in {
systemd.enable = false; # Conficts with UWSM
settings = {
env = [
"HYPRCURSOR_THEME,Adwaita"
"HYPRCURSOR_SIZE,24"
];
monitor =
map (
m: let
@ -71,8 +90,28 @@ in {
touchpad = {
natural_scroll = false;
};
sensitivity = 0;
accel_profile = "flat";
};
workspace =
if primaryMonitorName != ""
then [
"1, monitor:${primaryMonitorName}, persistent:true, default:true"
"2, monitor:${primaryMonitorName}, persistent:true"
"3, monitor:${primaryMonitorName}, persistent:true"
"4, monitor:${primaryMonitorName}, persistent:true"
"5, monitor:${primaryMonitorName}, persistent:true"
]
else [
"1, persistent:true, default:true"
"2, persistent:true"
"3, persistent:true"
"4, persistent:true"
"5, persistent:true"
];
# Names can be found with:
# $ hyprctl devices -j | jq '.["keyboards"].[].name' -r | grep -vE "(system|consumer)-control"
device = map mkKeyboard [

10
parts/modules/dev/docker.nix Normal file
View file

@ -0,0 +1,10 @@
{username, pkgs, ...}: {
environment.systemPackages = [
pkgs.docker
pkgs.docker-compose
];
virtualisation.docker.enable = true;
virtualisation.docker.storageDriver = "btrfs";
users.extraGroups.docker.members = [username];
}

25
parts/modules/dev/k8s.nix Normal file
View file

@ -0,0 +1,25 @@
{pkgs, username, config, ...}: {
environment.systemPackages = [
pkgs.kubectl
];
age.secrets.k8s-ao-dev = {
rekeyFile = ../../../secrets/k8s/ao-dev.age;
path = "/home/${username}/.kube/config.ao-dev";
mode = "0600";
owner = username;
};
age.secrets.k8s-ao-prod = {
rekeyFile = ../../../secrets/k8s/ao-prod.age;
path = "/home/${username}/.kube/config.ao-prod";
mode = "0600";
owner = username;
};
fireproof.home-manager = {
home.sessionVariables = {
KUBECONFIG = "${config.age.secrets.k8s-ao-dev.path}:${config.age.secrets.k8s-ao-prod.path}:$HOME/.kube/config";
};
};
}

8
parts/modules/dev/python.nix
View file

@ -5,6 +5,14 @@
}: {
environment.systemPackages = [
pkgsUnstable.uv
pkgsUnstable.rye
pkgs.python3
];
# uv tool adds executable to $HOME/.local/bin, so add it to PATH
fireproof.home-manager = {
home.sessionPath = [
"$HOME/.local/bin"
];
};
}

5
parts/modules/dev/tilt.nix Normal file
View file

@ -0,0 +1,5 @@
{pkgsUnstable, ...}: {
environment.systemPackages = [
pkgsUnstable.tilt
];
}

3
parts/modules/devenv.nix
View file

@ -3,5 +3,8 @@
./apps/pycharm.nix
./apps/vscode.nix
./dev/python.nix
./dev/k8s.nix
./dev/docker.nix
./dev/tilt.nix
];
}

2
parts/modules/graphical.nix
View file

@ -5,9 +5,9 @@
./desktop/fonts.nix
./desktop/greetd.nix
./desktop/hyprland/default.nix
./desktop/hyprland/hyprpolkitagent.nix
./desktop/astal/default.nix
./desktop/walker/default.nix
./desktop/gtk/default.nix
./apps/firefox.nix
./apps/ghostty.nix
];

2
parts/modules/hardware/monitors.nix
View file

@ -37,6 +37,6 @@
};
};
});
default = [{}];
default = [];
};
}

2
parts/modules/hardware/yubikey.nix
View file

@ -1,3 +1,3 @@
_: {
services.pcscd.enable = true;
}
}

2
parts/modules/required.nix
View file

@ -5,6 +5,8 @@
./base/security.nix
./base/secrets.nix
./base/boot.nix
./base/ld.nix
./base/time.nix
./base/ssh.nix
./base/default-apps.nix
./dev/just.nix

1
parts/modules/shell/fish/default.nix
View file

@ -15,6 +15,7 @@
shellInit = ''
${builtins.readFile ./theme.fish}
${builtins.readFile ./k8s.fish}
'';
plugins = [

63
parts/modules/shell/fish/k8s.fish Normal file
View file

@ -0,0 +1,63 @@
set __kube_verbs get describe delete edit
set __kube_verbs_short g d rm e
set __kube_resource pods deployments services ingresses configmaps daemonsets statefulsets namespace namespace
set __kube_resource_short p d s i c ds ss n ns
function __echo_kubeexec;
set _flag_namespace (kubectl config view --minify --output 'jsonpath={..namespace}')
if test -z "$_flag_namespace"
set _flag_namespace default
end
set _flag_pod shop
set POD (kubectl get pods --namespace $_flag_namespace 2>/dev/null | grep "^$_flag_pod" | grep Running | head -n1 | awk '{ print $1 }')
if test -z "$POD"
echo "kubectl exec --namespace $_flag_namespace -it"
return
end
echo "kubectl exec --namespace $_flag_namespace -it $POD --"
end
function __echo_kubemanage;
set _flag_namespace (kubectl config view --minify --output 'jsonpath={..namespace}')
if test -z "$_flag_namespace"
set _flag_namespace default
end
set _flag_pod shop
set POD (kubectl get pods --namespace $_flag_namespace 2>/dev/null | grep "^$_flag_pod" | grep Running | head -n1 | awk '{ print $1 }')
if test -z "$POD"
echo "kubectl exec --namespace $_flag_namespace -it"
return
end
echo "kubectl exec --namespace $_flag_namespace -it $POD -- python3 /src/lib/manage.py"
end
if type -q kubectl
for verb_index in (seq (count $__kube_verbs))
abbr "k$__kube_verbs_short[$verb_index]" "kubectl $__kube_verbs[$verb_index]"
for res_index in (seq (count $__kube_resource))
abbr "k$__kube_verbs_short[$verb_index]$__kube_resource_short[$res_index]" "kubectl $__kube_verbs[$verb_index] $__kube_resource[$res_index]"
end
end
abbr k kubectl
abbr kl kubectl logs -f
abbr kgl kubectl logs -f
abbr kaf kubectl apply -f
abbr kr kubectl rollout
abbr krs kubectl rollout status
abbr krr kubectl rollout restart
abbr kt kubectl top
abbr ktp kubectl top pods
abbr ktn kubectl top nodes
abbr kpf kubectl port-forward
abbr kfp kubectl port-forward
alias kns "kubectl config view --minify --output 'jsonpath={..namespace}'"
abbr ksns "kubectl config set-context --current --namespace"
abbr ksc "kubectl config set-context"
abbr kexec --function __echo_kubeexec
abbr kmanage --function __echo_kubemanage
end

1
parts/modules/shell/git.nix
View file

@ -1,6 +1,7 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
git
pre-commit
];
fireproof.home-manager.programs.git = {

2
parts/vm.nix
View file

@ -29,7 +29,7 @@ in {
isNormalUser = true;
extraGroups = ["wheel" "networkmanager" "libvirt" "kvm"];
};
monitors = [{resolution="1920x1080";}];
monitors = [{resolution = "1920x1080";}];
services.qemuGuest.enable = true;
services.spice-vdagentd.enable = true;
}