diff --git a/flake.lock b/flake.lock index ea84f4a..56f22ad 100755 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,26 @@ { "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "systems": "systems" + }, + "locked": { + "lastModified": 1770165109, + "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=", + "owner": "ryantm", + "repo": "agenix", + "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, "aquamarine": { "inputs": { "hyprutils": [ @@ -104,7 +125,7 @@ "copyparty": { "inputs": { "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1773005383, @@ -120,9 +141,31 @@ "type": "github" } }, + "darwin": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744478979, + "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "43975d782b418ebf4969e9ccba82466728c2851b", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, "disko": { "inputs": { - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1773025010, @@ -229,7 +272,7 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1731533236, @@ -303,6 +346,27 @@ } }, "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1745494811, + "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -324,7 +388,7 @@ }, "hypr-contrib": { "inputs": { - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1771502235, @@ -409,9 +473,9 @@ "hyprutils": "hyprutils", "hyprwayland-scanner": "hyprwayland-scanner", "hyprwire": "hyprwire", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems", + "systems": "systems_2", "xdph": "xdph" }, "locked": { @@ -534,8 +598,8 @@ "inputs": { "hyprutils": "hyprutils_2", "hyprwayland-scanner": "hyprwayland-scanner_2", - "nixpkgs": "nixpkgs_5", - "systems": "systems_2" + "nixpkgs": "nixpkgs_6", + "systems": "systems_3" }, "locked": { "lastModified": 1772469529, @@ -734,132 +798,21 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748162331, - "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", + "lastModified": 1754028485, + "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", + "rev": "59e69648d345d6e8fef86158c555730fa12af9de", "type": "github" }, "original": { - "id": "nixpkgs", + "owner": "NixOS", "ref": "nixos-25.05", - "type": "indirect" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1772771118, - "narHash": "sha256-xWzaTvmmACR/SRWtABgI/Z97lcqwJAeoSd5QW1KdK1s=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e38213b91d3786389a446dfce4ff5a8aaf6012f2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_3": { - "locked": { - "lastModified": 1712163089, - "narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "fd281bd6b7d3e32ddfa399853946f782553163b5", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1772198003, - "narHash": "sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "dd9b079222d43e1943b6ebd802f04fd959dc8e61", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1772433332, - "narHash": "sha256-izhTDFKsg6KeVBxJS9EblGeQ8y+O8eCa6RcW874vxEc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "cf59864ef8aa2e178cccedbe2c178185b0365705", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_6": { - "locked": { - "lastModified": 1772956932, - "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "608d0cadfed240589a7eea422407a547ad626a14", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_7": { - "locked": { - "lastModified": 1770380644, - "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_8": { - "locked": { - "lastModified": 1771848320, - "narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "2fc6539b481e1d2569f25f8799236694180c0993", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_9": { + "nixpkgs_10": { "locked": { "lastModified": 1767767207, "narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=", @@ -875,11 +828,138 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1748162331, + "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-25.05", + "type": "indirect" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1772771118, + "narHash": "sha256-xWzaTvmmACR/SRWtABgI/Z97lcqwJAeoSd5QW1KdK1s=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e38213b91d3786389a446dfce4ff5a8aaf6012f2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1712163089, + "narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "fd281bd6b7d3e32ddfa399853946f782553163b5", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1772198003, + "narHash": "sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "dd9b079222d43e1943b6ebd802f04fd959dc8e61", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1772433332, + "narHash": "sha256-izhTDFKsg6KeVBxJS9EblGeQ8y+O8eCa6RcW874vxEc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "cf59864ef8aa2e178cccedbe2c178185b0365705", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1772956932, + "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "608d0cadfed240589a7eea422407a547ad626a14", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_8": { + "locked": { + "lastModified": 1770380644, + "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1771848320, + "narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "2fc6539b481e1d2569f25f8799236694180c0993", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_7", - "systems": "systems_3" + "nixpkgs": "nixpkgs_8", + "systems": "systems_4" }, "locked": { "lastModified": 1772402258, @@ -945,13 +1025,14 @@ }, "root": { "inputs": { + "agenix": "agenix", "copyparty": "copyparty", "disko": "disko", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "hypr-contrib": "hypr-contrib", "hyprland": "hyprland", "hyprpicker": "hyprpicker", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_7", "nixvim": "nixvim", "shed": "shed", "spicetify-nix": "spicetify-nix", @@ -961,7 +1042,7 @@ "shed": { "inputs": { "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_8" + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1773107703, @@ -982,7 +1063,7 @@ "nixpkgs": [ "nixpkgs" ], - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1773007504, @@ -1007,9 +1088,9 @@ "firefox-gnome-theme": "firefox-gnome-theme", "flake-parts": "flake-parts_2", "gnome-shell": "gnome-shell", - "nixpkgs": "nixpkgs_9", + "nixpkgs": "nixpkgs_10", "nur": "nur", - "systems": "systems_6", + "systems": "systems_7", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", @@ -1032,16 +1113,16 @@ }, "systems": { "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default-linux", + "repo": "default", "type": "github" } }, @@ -1062,16 +1143,16 @@ }, "systems_3": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1120,6 +1201,21 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "tinted-foot": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index 455d0c4..d316ec7 100755 --- a/flake.nix +++ b/flake.nix @@ -10,6 +10,7 @@ stylix.url = "github:danth/stylix"; disko.url = "github:nix-community/disko"; shed.url = "github:km-clay/shed"; + agenix.url = "github:ryantm/agenix"; nixvim.url = "github:nix-community/nixvim"; @@ -49,14 +50,6 @@ hostDir = "laptop"; kind = "both"; } - { - host = "xenon"; - hostDir = "server"; - kind = "both"; - extraNixosModules = [ - ./modules/server - ]; - } { host = "phosphorous"; hostDir = "work"; @@ -64,6 +57,7 @@ extraNixosModules = [ inputs.shed.nixosModules.shed inputs.copyparty.nixosModules.default + inputs.agenix.nixosModules.default ]; extraHomeModules = [ inputs.shed.homeModules.shed diff --git a/hosts/server/config.nix b/hosts/server/config.nix deleted file mode 100755 index 7b0fa01..0000000 --- a/hosts/server/config.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ pkgs, username, ... }: -{ - imports = [ ./hardware.nix ]; - movOpts = { - sysEnv = { - issue.enable = true; - sddmConfig.enable = true; - stylixConfig.enable = true; - nixSettings.enable = true; - }; - hardwareCfg = { - networkModule.enable = true; - bootLoader.enable = true; - powerProfiles.enable = true; - }; - softwareCfg = { - sysPkgs.enable = true; - sysProgs.enable = true; - sysServices.enable = true; - }; - serverCfg = { - jellyfinConfig.enable = true; - caddyConfig.enable = true; - }; - }; - networking.firewall = { - allowedTCPPorts = [ - 443 - 8920 - ]; - }; - environment = { - etc."tmpfiles.d/home-permissions.conf".text = '' - d /home/pagedmov 0750 pagedmov users - - ''; - variables = { - PATH = "${pkgs.clang-tools}/bin:$PATH"; - TERM = "kitty"; - }; - shells = with pkgs; [ - zsh - bash - ]; - }; - - users = { - groups.persist = { }; - users = { - root.initialPassword = "1234"; - ${username} = { - isNormalUser = true; - initialPassword = "1234"; - shell = pkgs.zsh; - extraGroups = [ - "wheel" - "persist" - "libvirtd" - ]; - }; - }; - }; - security.sudo.extraConfig = '' - ${username} ALL=(ALL) NOPASSWD: /etc/profiles/per-user/${username}/bin/rebuild - ''; - nix.settings.allowed-users = [ "${username}" ]; - - time.timeZone = "America/New_York"; -} diff --git a/hosts/server/hardware.nix b/hosts/server/hardware.nix deleted file mode 100755 index d77ee67..0000000 --- a/hosts/server/hardware.nix +++ /dev/null @@ -1,63 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "ahci" - "usbhid" - "usb_storage" - "sd_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/c40b3b09-688d-4fe3-96f9-8e3d75b0a7b7"; - fsType = "ext4"; - }; - - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/1048d206-0a27-4e4e-b9a4-4f068bab5439"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/357E-BCCD"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/b53ab583-f32e-4144-a2ee-f341e54f8233"; - fsType = "ext4"; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp10s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp11s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/server/home.nix b/hosts/server/home.nix deleted file mode 100755 index e23c26f..0000000 --- a/hosts/server/home.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - host, - pkgs, - self, - inputs, - lib, - username, - config, - ... -}: -{ - - home.username = "${username}"; - home.homeDirectory = "/home/${username}"; - home.stateVersion = "24.05"; - - programs.home-manager.enable = true; - - movOpts = { - homeFiles.enable = true; - - # modules/home/environment - envConfig = { - starshipConfig.enable = true; - stylixHomeConfig.enable = true; - userPkgs.enable = true; - zshConfig = { - shellAliases.enable = true; - envVariables.enable = true; - shellOptions.enable = true; - extraConfig.enable = true; - }; - }; - - # modules/home/programs - programConfigs = { - autojumpConfig.enable = true; - kittyConfig.enable = true; - btopConfig.enable = true; - ezaConfig.enable = true; - fzfConfig.enable = true; - gitConfig.enable = true; - yaziConfig.enable = true; - batConfig.enable = true; - }; - }; -} diff --git a/modules/home/environment/hyprland.nix b/modules/home/environment/hyprland.nix index 2cfe5d5..1a03365 100755 --- a/modules/home/environment/hyprland.nix +++ b/modules/home/environment/hyprland.nix @@ -294,10 +294,6 @@ in "super, l, movefocus, r" "super, k, movefocus, u" "super, j, movefocus, d" - "super, y, exec, /home/pagedmov/splitman-ipc.sh start" - "super, u, exec, /home/pagedmov/splitman-ipc.sh split" - "super, i, exec, /home/pagedmov/splitman-ipc.sh stop" - "super, o, exec, /home/pagedmov/splitman-ipc.sh pause" "super shift, h, movewindow, l" "super shift, l, movewindow, r" "super shift, k, movewindow, u" diff --git a/modules/home/environment/paperd/theme_builder.nix b/modules/home/environment/paperd/theme_builder.nix index 567fd42..2bfa19d 100644 --- a/modules/home/environment/paperd/theme_builder.nix +++ b/modules/home/environment/paperd/theme_builder.nix @@ -403,7 +403,7 @@ pkgs.writeText "theme-builder.py" '' print("Sent reload signal to Kitty.") nvim_colors = STATE_DIR / "nvim-colors.lua" - for sock in Path("/run/user/1000").glob("nvim.*.0"): + for sock in Path(os.environ.get("XDG_RUNTIME_DIR", "/run/user/1000")).glob("nvim.*.0"): try: nvim = attach('socket', path=str(sock)) nvim.command(f"luafile {nvim_colors}") diff --git a/modules/home/environment/swaync.nix b/modules/home/environment/swaync.nix index 9954499..86f194c 100755 --- a/modules/home/environment/swaync.nix +++ b/modules/home/environment/swaync.nix @@ -614,7 +614,7 @@ all: unset; } - @import url("file:///home/pagedmov/.local/state/sysflake/swaync-colors.css"); + @import url("file://${config.home.homeDirectory}/.local/state/sysflake/swaync-colors.css"); ''; xdg.configFile."swaync/config.json".text = '' { diff --git a/modules/home/environment/userservices.nix b/modules/home/environment/userservices.nix index 1540b02..2c55032 100644 --- a/modules/home/environment/userservices.nix +++ b/modules/home/environment/userservices.nix @@ -5,20 +5,6 @@ let in { systemd.user = { - timers = { - maintenanceCheck = { - Unit = { - Description = "Timer for package maintenance check"; - }; - Timer = { - OnCalendar = "hourly"; - Persistent = true; - }; - Install = { - WantedBy = [ "timers.target" ]; - }; - }; - }; services = { swww-daemon = { Unit.Description = "Daemon for swww (sway wayland wallpaper manager)"; diff --git a/modules/home/environment/waybar.nix b/modules/home/environment/waybar.nix index 169a3b1..114225f 100755 --- a/modules/home/environment/waybar.nix +++ b/modules/home/environment/waybar.nix @@ -143,7 +143,7 @@ in }; "image#nixicon" = { - path = "/home/pagedmov/.sysflake/assets/images/nix-snowflake-colours.svg"; + path = "${self}/assets/images/nix-snowflake-colours.svg"; size = 28; }; @@ -271,7 +271,7 @@ in margin: 6px 10px 6px 4px; } - @import url("file:///home/pagedmov/.local/state/sysflake/waybar-colors.css"); + @import url("file://${config.home.homeDirectory}/.local/state/sysflake/waybar-colors.css"); ''; }; }; diff --git a/modules/home/programs/git.nix b/modules/home/programs/git.nix index c144fd4..7843c33 100755 --- a/modules/home/programs/git.nix +++ b/modules/home/programs/git.nix @@ -22,7 +22,7 @@ }; safe = { directory = [ - "/home/pagedmov/mnt/net" + "${config.home.homeDirectory}/mnt/net" ]; }; core.pager = "delta"; diff --git a/modules/server/cdn/default.nix b/modules/server/cdn/default.nix deleted file mode 100755 index ed3b033..0000000 --- a/modules/server/cdn/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: - -{ - imports = [ ./jellyfin.nix ]; -} diff --git a/modules/server/cdn/jellyfin.nix b/modules/server/cdn/jellyfin.nix deleted file mode 100755 index daf4204..0000000 --- a/modules/server/cdn/jellyfin.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: - -{ - options = { - movOpts.serverCfg.jellyfinConfig.enable = lib.mkEnableOption "Enables the server's jellyfin config"; - }; - config = lib.mkIf config.movOpts.serverCfg.jellyfinConfig.enable { - services.jellyfin = { - enable = true; - openFirewall = true; - }; - }; -} diff --git a/modules/server/default.nix b/modules/server/default.nix deleted file mode 100755 index 4ac689a..0000000 --- a/modules/server/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ pkgs, lib, ... }: - -{ - imports = [ - ./cdn - ./glasshaus - ]; -} diff --git a/modules/server/glasshaus/caddy.nix b/modules/server/glasshaus/caddy.nix deleted file mode 100755 index 529afc9..0000000 --- a/modules/server/glasshaus/caddy.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: - -{ - options = { - movOpts.serverCfg.caddyConfig.enable = lib.mkEnableOption "Enable my caddy config for the glasshaus.info domain name"; - }; - config = lib.mkIf config.movOpts.serverCfg.caddyConfig.enable { - services.caddy = { - enable = true; - configFile = pkgs.writeText "Caddyfile" '' - glasshaus.info { - reverse_proxy localhost:8096 - } - ''; - }; - }; -} diff --git a/modules/server/glasshaus/default.nix b/modules/server/glasshaus/default.nix deleted file mode 100755 index ea81763..0000000 --- a/modules/server/glasshaus/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: - -{ - imports = [ ./caddy.nix ]; -} diff --git a/modules/sys/software/packages.nix b/modules/sys/software/packages.nix index 88812e2..0bc1627 100755 --- a/modules/sys/software/packages.nix +++ b/modules/sys/software/packages.nix @@ -51,6 +51,8 @@ pavucontrol playerctl usbutils + age + agenix-cli vim uhk-agent jq diff --git a/modules/sys/software/programs.nix b/modules/sys/software/programs.nix index 53b7950..d861884 100755 --- a/modules/sys/software/programs.nix +++ b/modules/sys/software/programs.nix @@ -9,21 +9,6 @@ movOpts.softwareCfg.sysProgs.enable = lib.mkEnableOption "enables default system programs"; }; config = lib.mkIf config.movOpts.softwareCfg.sysProgs.enable { - environment.etc."shells" = { - enable = true; - text = '' - /run/current-system/sw/bin/zsh - /run/current-system/sw/bin/bash - /run/current-system/sw/bin/zsh - /nix/store/m7l6yzmflrf9hjs8707lk9nkhi6f73n1-zsh-5.9/bin/zsh - /run/current-system/sw/bin/bash - /run/current-system/sw/bin/sh - /nix/store/f33kh08pa7pmy4kvsmsibda46sh46s66-bash-interactive-5.2p37/bin/bash - /nix/store/f33kh08pa7pmy4kvsmsibda46sh46s66-bash-interactive-5.2p37/bin/sh - /bin/sh - /home/pagedmov/Coding/projects/rust/rsh/target/debug/rsh - ''; - }; programs = { hyprland.enable = lib.mkDefault true; zsh.enable = lib.mkDefault true; diff --git a/modules/sys/software/services.nix b/modules/sys/software/services.nix index fbb6fe1..6b0c319 100755 --- a/modules/sys/software/services.nix +++ b/modules/sys/software/services.nix @@ -2,6 +2,7 @@ lib, pkgs, config, + self, ... }: { @@ -9,6 +10,21 @@ movOpts.softwareCfg.sysServices.enable = lib.mkEnableOption "enables default system services"; }; config = lib.mkIf config.movOpts.softwareCfg.sysServices.enable { + age.identityPaths = [ "/home/pagedmov/.ssh/id_ed25519" ]; + age.secrets = { + copyparty-admin = { + file = "${self}/secrets/copyparty-admin.age"; + owner = "copyparty"; + }; + copyparty-pagedmov = { + file = "${self}/secrets/copyparty-pagedmov.age"; + owner = "copyparty"; + }; + copyparty-testuser = { + file = "${self}/secrets/copyparty-testuser.age"; + owner = "copyparty"; + }; + }; users.users.pagedmov = { openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBX/xEA6/zfAkjwaDcl+NnCJLMd7OzRru7IKbn+52fi5 root@nixos" @@ -35,13 +51,13 @@ }; accounts = { admin = { - passwordFile = "${pkgs.writeText "/run/keys/admin" "admin123"}"; + passwordFile = config.age.secrets.copyparty-admin.path; }; pagedmov = { - passwordFile = "${pkgs.writeText "/run/keys/pagedmov" "200231980qwertyuiop"}"; + passwordFile = config.age.secrets.copyparty-pagedmov.path; }; testuser = { - passwordFile = "${pkgs.writeText "/run/keys/testuser" "testpassword"}"; + passwordFile = config.age.secrets.copyparty-testuser.path; }; }; volumes = { diff --git a/overlay/scripts/nix/check_updates.nix b/overlay/scripts/nix/check_updates.nix deleted file mode 100644 index 188cb44..0000000 --- a/overlay/scripts/nix/check_updates.nix +++ /dev/null @@ -1,94 +0,0 @@ -{ pkgs }: - -pkgs.stdenv.mkDerivation { - pname = "pkg_maintenance_check"; - version = "1.0"; - src = ./.; - buildPhase = '' - mkdir -p $out/bin - cat > $out/bin/checkupdates.py <<- EOF - import json - import subprocess - import requests - def get_packages_by_maintainer(target_maintainer): - try: - nix_env_command = [ - "nix-env", "--meta", "--json", "-qaP" - ] - jq_query = ( - 'to_entries[] | select(.value.meta.maintainers? // [] | ' - f'any(.github == "{target_maintainer}")) | .value' - ) - result = subprocess.run( - nix_env_command, - capture_output=True, - text=True, - check=True - ) - filtered_packages = subprocess.run( - ["jq", "-r", "-c", jq_query], - input=result.stdout, - capture_output=True, - text=True, - check=True - ) - return [json.loads(pkg) for pkg in filtered_packages.stdout.strip().split('\n') if pkg] - except subprocess.CalledProcessError as e: - print(f"Error running nix-env or jq: {e}") - return [] - - def check_github_releases(maintained_packages): - github_api_template = "https://api.github.com/repos/{owner}/{repo}/releases/latest" - updates = [] - - for package in maintained_packages: - pname = package.get("pname", "unknown") - repo_url = package.get("meta", {}).get("homepage", "") - current_version = package.get("version", "unknown") - - if "github.com" in repo_url: - owner_repo = repo_url.split("github.com/")[1].rstrip('/') - owner, repo = owner_repo.split('/') - api_url = github_api_template.format(owner=owner, repo=repo) - - response = requests.get(api_url) - if response.status_code == 200: - latest_release = response.json() - latest_version = latest_release.get("tag_name", "").lstrip('v') - if latest_version and latest_version != current_version: - updates.append({"pkg": pname, "version": latest_version}) - else: - print(f"{pname} is up to date.\n") - else: - print(f"Failed to check version for {pname} (HTTP {response.status_code}).\n") - else: - print(f"Skipping non-GitHub repository for {pname}.\n") - return updates - - def notify_updates(updates): - if updates: - update_string = '\n'.join([f" {update['pkg']} -> {update['version']}" for update in updates]) - subprocess.run([ - "notify-send", - "--icon=/home/pagedmov/.sysflake/assets/images/nixos-icon-generic.png", - "Maintenance Update", - f"Package updates found:\n{update_string}" - ]) - subprocess.run(["aplay", "-q", "-N", "/home/pagedmov/.sysflake/assets/sound/login.wav"]) - - target_maintainer = "pagedMov" - maintained_packages = get_packages_by_maintainer(target_maintainer) - - if maintained_packages: - updates = check_github_releases(maintained_packages) - notify_updates(updates) - else: - print(f"No packages maintained by {target_maintainer} were found.") - EOF - ''; - buildInputs = with pkgs; [ - python3Packages.requests - jq - ]; - installPhase = ":"; -} diff --git a/overlay/scripts/nix/default.nix b/overlay/scripts/nix/default.nix index d03b274..7558c09 100644 --- a/overlay/scripts/nix/default.nix +++ b/overlay/scripts/nix/default.nix @@ -8,7 +8,6 @@ fetchfromgh = super.callPackage ./templates/fetchfromgh.nix { }; mkshell = super.callPackage ./templates/mkshell.nix { }; garbage-collect = super.callPackage ./garbage-collect.nix { }; - check_updates = super.callPackage ./check_updates.nix { }; rebuild = super.callPackage ./rebuild.nix { inherit host; self = root; diff --git a/secrets/copyparty-admin.age b/secrets/copyparty-admin.age new file mode 100644 index 0000000..837a401 --- /dev/null +++ b/secrets/copyparty-admin.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> ssh-ed25519 UdB2QQ 0wPXeQ7y+1CTZ9ROAlEmyOvUVeoLPe2qpVqu+9yOARM +DsBm/L7XpwmZ3fCV2u3omkhhJQjXCPApN6qv0zb/0e4 +--- PtsnfRS5NGQ+dOkShmJuz4GCLvPP7cud5YUwAov3j/Y +./҂@>TmC_53; ͤC^ \ No newline at end of file diff --git a/secrets/copyparty-pagedmov.age b/secrets/copyparty-pagedmov.age new file mode 100644 index 0000000..a789f86 --- /dev/null +++ b/secrets/copyparty-pagedmov.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> ssh-ed25519 UdB2QQ N5xflk7WYS55ypDAMewPRMoIEWQu/gPdbY6FlUJ6ERA +lwaUmt3ZSicZy1wtMxAY6XsXp9wJRbkF2zOD5fPFGq0 +--- 59Ea58Hu6Aa00ttHfytrXZ+uh0Na9IVQpsog6cZiuCs +phO%w\((k8&qJjADsކxxJ \ No newline at end of file diff --git a/secrets/copyparty-testuser.age b/secrets/copyparty-testuser.age new file mode 100644 index 0000000..7726831 --- /dev/null +++ b/secrets/copyparty-testuser.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> ssh-ed25519 UdB2QQ 60YOnpbCVEZDinRksQDnoJZNQzrrsM259Il+A9TJjBc +pNLOy0r3jfEfFQRSwuv0gHFfh00rmPHWRSzz5g5lnVE +--- LslDG7BgBKxPtzqQXepkhnU5O0MmWDlpn9svZ2VMdN8 +T[_vXEKK>