Run formatter over project. Tidy up laptop packages.

This commit is contained in:
Fern Garden 2025-07-10 18:14:36 +08:00
parent 5b08fb0d7f
commit 091c1562f2
14 changed files with 205 additions and 210 deletions

View file

@ -6,12 +6,13 @@
lanzaboote.url = "github:nix-community/lanzaboote"; # Secure boot. lanzaboote.url = "github:nix-community/lanzaboote"; # Secure boot.
nixos-hardware.url = "github:NixOS/nixos-hardware"; # Hardware specific config. nixos-hardware.url = "github:NixOS/nixos-hardware"; # Hardware specific config.
sops-nix.url = "github:Mic92/sops-nix"; # Secrets management. sops-nix.url = "github:Mic92/sops-nix"; # Secrets management.
nixvim.url = "github:nix-community/nixvim"; # Neovim.
# Secrets repo. # Secrets repo.
secrets = { secrets = {
url = "git+ssh://git@docker.local:222/fern/secrets?ref=main"; url = "git+ssh://git@docker.local:222/fern/secrets?ref=main";
flake = false; flake = false;
}; };
nixvim.url = "github:nix-community/nixvim"; # Neovim.
# Packages. # Packages.
fluffychat-2_0_0.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0 fluffychat-2_0_0.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0
@ -19,12 +20,11 @@
}; };
outputs = inputs @ { outputs = inputs @ {
self,
nixpkgs, nixpkgs,
lanzaboote, lanzaboote,
nixos-hardware, nixos-hardware,
sops-nix,
nixvim, nixvim,
sops-nix,
fluffychat-2_0_0, fluffychat-2_0_0,
feishin-0_17_0, feishin-0_17_0,
... ...
@ -53,7 +53,7 @@
specialArgs = { specialArgs = {
inherit inherit
self nixpkgs
hostname hostname
suite suite
platform platform

View file

@ -6,15 +6,14 @@
"sd_mod" "sd_mod"
]; ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/63d79656-aa5b-466a-b369-be5eac3f51ab"; device = "/dev/disk/by-uuid/63d79656-aa5b-466a-b369-be5eac3f51ab";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."luks-93fa00bc-777f-4359-bad5-880c29faca0d".device = boot.initrd.luks.devices."luks-93fa00bc-777f-4359-bad5-880c29faca0d".device = "/dev/disk/by-uuid/93fa00bc-777f-4359-bad5-880c29faca0d";
"/dev/disk/by-uuid/93fa00bc-777f-4359-bad5-880c29faca0d";
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/EBD7-3E1C"; device = "/dev/disk/by-uuid/EBD7-3E1C";

View file

@ -1,8 +1,12 @@
{ config, pkgs, secrets, ... }:
{ {
config,
pkgs,
secrets,
...
}: {
# Secrets. # Secrets.
sops = { sops = {
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
defaultSopsFile = "${secrets}/sops.yaml"; defaultSopsFile = "${secrets}/sops.yaml";
secrets."firefox_syncserver/sync_master_secret" = {}; secrets."firefox_syncserver/sync_master_secret" = {};
}; };
@ -23,5 +27,5 @@
}; };
# Open Firefox sync service port. # Open Firefox sync service port.
networking.firewall.allowedTCPPorts = [ 5000 ]; networking.firewall.allowedTCPPorts = [5000];
} }

View file

@ -1,5 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
boot = { boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4; kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = [ initrd.availableKernelModules = [
@ -17,7 +16,7 @@
"/" = { "/" = {
device = "/dev/disk/by-label/NIXOS_SD"; device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4"; fsType = "ext4";
options = [ "noatime" ]; options = ["noatime"];
}; };
}; };

View file

@ -10,6 +10,6 @@
}; };
swapDevices = [ swapDevices = [
{ device = "/dev/disk/by-uuid/025beadb-a89b-4abe-8d0c-b55401316319"; } {device = "/dev/disk/by-uuid/025beadb-a89b-4abe-8d0c-b55401316319";}
]; ];
} }

View file

@ -10,6 +10,6 @@
}; };
swapDevices = [ swapDevices = [
{ device = "/dev/disk/by-uuid/3123f58e-63a9-44fa-ac29-3e79dc520b8f"; } {device = "/dev/disk/by-uuid/3123f58e-63a9-44fa-ac29-3e79dc520b8f";}
]; ];
} }

View file

@ -4,15 +4,13 @@
userPackages, userPackages,
... ...
}: }:
with lib; with lib; let
let
cfg = config.services.webone; cfg = config.services.webone;
in in {
{
options.services.webone.enable = mkEnableOption "Enable WebOne HTTP proxy."; options.services.webone.enable = mkEnableOption "Enable WebOne HTTP proxy.";
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.groups.webone = { }; users.groups.webone = {};
users.users.webone = { users.users.webone = {
createHome = true; createHome = true;
@ -42,10 +40,10 @@ in
systemd.services.webone = { systemd.services.webone = {
description = "WebOne HTTP Proxy Server"; description = "WebOne HTTP Proxy Server";
documentation = [ "https://github.com/atauenis/webone/wiki/" ]; documentation = ["https://github.com/atauenis/webone/wiki/"];
requires = [ "network-online.target" ]; requires = ["network-online.target"];
after = [ "network-online.target" ]; after = ["network-online.target"];
wantedBy = [ "default.target" ]; wantedBy = ["default.target"];
startLimitIntervalSec = 5; startLimitIntervalSec = 5;
startLimitBurst = 3; startLimitBurst = 3;
environment = { environment = {

View file

@ -4,7 +4,6 @@
dotnetCorePackages, dotnetCorePackages,
... ...
}: }:
buildDotnetModule rec { buildDotnetModule rec {
pname = "webone"; pname = "webone";
version = "0.17.5"; version = "0.17.5";

View file

@ -1,9 +1,7 @@
# This file was automatically generated by passthru.fetch-deps. # This file was automatically generated by passthru.fetch-deps.
# Please dont edit it manually, your changes might get overwritten! # Please dont edit it manually, your changes might get overwritten!
# TODO: This format file is obsolete, consider migrating to JSON. # TODO: This format file is obsolete, consider migrating to JSON.
{fetchNuGet}: [
{ fetchNuGet }:
[
(fetchNuGet { (fetchNuGet {
pname = "Microsoft.NETCore.Platforms"; pname = "Microsoft.NETCore.Platforms";
version = "3.1.0"; version = "3.1.0";

View file

@ -1,5 +1,5 @@
{ {
self, nixpkgs,
pkgs, pkgs,
lib, lib,
hostname, hostname,
@ -10,15 +10,15 @@ with lib; {
# NixOS version. # NixOS version.
system.stateVersion = "25.05"; system.stateVersion = "25.05";
# Set $NIX_PATH to flake input.
nix.nixPath = ["nixpkgs=${self.inputs.nixpkgs}"];
# Enable flakes. # Enable flakes.
nix.settings.experimental-features = [ nix.settings.experimental-features = [
"nix-command" "nix-command"
"flakes" "flakes"
]; ];
# Set $NIX_PATH to flake input.
nix.nixPath = ["nixpkgs=${nixpkgs}"];
# Enable redistributable firmware. # Enable redistributable firmware.
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
@ -66,25 +66,14 @@ with lib; {
programs.fish = { programs.fish = {
enable = true; enable = true;
interactiveShellInit = '' interactiveShellInit = ''
# nnn cd on quit. # yazi cd on quit.
function n --wraps nnn --description 'support nnn quit and change directory' function y
if test -n "$NNNLVL" -a "$NNNLVL" -ge 1 set tmp (mktemp -t "yazi-cwd.XXXXXX")
echo "nnn is already running" ${pkgs.yazi}/bin/yazi $argv --cwd-file="$tmp"
return if read -z cwd < "$tmp"; and [ -n "$cwd" ]; and [ "$cwd" != "$PWD" ]
end builtin cd -- "$cwd"
if test -n "$XDG_CONFIG_HOME"
set -x NNN_TMPFILE "$XDG_CONFIG_HOME/nnn/.lastd"
else
set -x NNN_TMPFILE "$HOME/.config/nnn/.lastd"
end
command ${pkgs.nnn}/bin/nnn $argv
if test -e $NNN_TMPFILE
source $NNN_TMPFILE
rm -- $NNN_TMPFILE
end end
rm -f -- "$tmp"
end end
# kanagawa theme. # kanagawa theme.
@ -123,6 +112,7 @@ with lib; {
''; '';
}; };
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
programs.bash = { programs.bash = {
interactiveShellInit = '' interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
@ -131,13 +121,14 @@ with lib; {
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi fi
''; '';
}; # https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell };
# Install some packages. # Install some packages.
programs.git.enable = true; programs = {
programs.lazygit.enable = true; git.enable = true;
lazygit.enable = true;
programs.nixvim = { nixvim = {
enable = true; enable = true;
globals.mapleader = " "; globals.mapleader = " ";
@ -154,24 +145,38 @@ with lib; {
} }
{ {
key = "<Leader>e"; key = "<Leader>g";
action = "<cmd> Neotree toggle <CR>"; action = "<cmd> LazyGit <CR>";
mode = "n";
options.desc = "Open LazyGit.";
}
{
key = "<Leader>y";
action = "<cmd> Yazi toggle <CR>";
mode = "n"; mode = "n";
options.desc = "Show/hide file browser."; options.desc = "Show/hide file browser.";
} }
{ {
key = "<Leader>f"; key = "<Leader>ff";
action = "<cmd> Telescope fd <CR>"; action = "<cmd> Telescope fd <CR>";
mode = "n"; mode = "n";
options.desc = "Find files."; options.desc = "Find files.";
} }
{ {
key = "<Leader>g"; key = "<Leader>fb";
action = "<cmd> LazyGit <CR>"; action = "<cmd> Telescope buffers <CR>";
mode = "n"; mode = "n";
options.desc = "Open LazyGit."; options.desc = "Switch between buffers with telescope.";
}
{
key = "<Leader>fg";
action = "<cmd> Telescope live_grep <CR>";
mode = "n";
options.desc = "Grep files.";
} }
]; ];
@ -233,6 +238,7 @@ with lib; {
trouble.enable = true; trouble.enable = true;
web-devicons.enable = true; web-devicons.enable = true;
which-key.enable = true; which-key.enable = true;
yazi.enable = true;
blink-cmp = { blink-cmp = {
enable = true; enable = true;
@ -265,16 +271,17 @@ with lib; {
}; };
}; };
}; };
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
aria2 aria2
btop btop
lynx lynx
ncdu ncdu
nnn
rsync rsync
tmux tmux
trash-cli trash-cli
yazi
]; ];
# Enable avahi hostname resolution. # Enable avahi hostname resolution.

View file

@ -4,8 +4,7 @@
lib, lib,
... ...
}: }:
with lib; with lib; {
{
# Configure the bootloader. # Configure the bootloader.
boot = { boot = {
# Enable secure boot. # Enable secure boot.
@ -58,7 +57,7 @@ with lib;
desktopManager.gnome = { desktopManager.gnome = {
enable = true; enable = true;
# Enable fractional scaling. # Enable fractional scaling.
extraGSettingsOverridePackages = [ pkgs.mutter ]; extraGSettingsOverridePackages = [pkgs.mutter];
extraGSettingsOverrides = '' extraGSettingsOverrides = ''
[org.gnome.mutter] [org.gnome.mutter]
experimental-features=['scale-monitor-framebuffer'] experimental-features=['scale-monitor-framebuffer']
@ -74,34 +73,29 @@ with lib;
# Exclude some default gnome applications. # Exclude some default gnome applications.
environment.gnome.excludePackages = ( environment.gnome.excludePackages = (
with pkgs; with pkgs; [
[ epiphany # Browser (replaced by Firefox).
epiphany gnome-connections # Remote desktop viewer.
gnome-connections gnome-console # Terminal (replaced by ghostTTY).
gnome-console gnome-maps # Maps viewer.
gnome-maps gnome-music # Music player.
gnome-music gnome-tour # First-boot tour.
gnome-tour totem # Movie player (replaced by Celluloid).
totem yelp # Help viewer.
yelp
] ]
); );
# Remove NixOS HTML manual # Remove NixOS HTML manual
documentation.doc.enable = false; documentation.doc.enable = false;
# Use ghostty for the "open in terminal" option in file manager.
programs.nautilus-open-any-terminal = {
enable = true;
terminal = "ghostty";
};
# Run electron apps under wayland. # Run electron apps under wayland.
environment.sessionVariables.NIXOS_OZONE_WL = "1"; environment.sessionVariables.NIXOS_OZONE_WL = "1";
# Install some packages. # Install some packages.
programs.steam.enable = true; programs = {
programs.firefox.enable = true; steam.enable = true;
firefox.enable = true;
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
adwsteamgtk adwsteamgtk
@ -109,7 +103,6 @@ with lib;
caligula caligula
celluloid celluloid
discord discord
userPackages.feishin
ghostty ghostty
gimp3 gimp3
glabels-qt glabels-qt
@ -121,14 +114,12 @@ with lib;
libreoffice libreoffice
merriweather merriweather
merriweather-sans merriweather-sans
nixd # nix language server
alejandra # nix language formatter
nerd-fonts.fira-code nerd-fonts.fira-code
obsidian obsidian
protonmail-desktop protonmail-desktop
signal-desktop signal-desktop
smile smile
vscodium userPackages.feishin
yubioath-flutter yubioath-flutter
# PrismLauncher with temurin jre. # PrismLauncher with temurin jre.
@ -142,18 +133,20 @@ with lib;
(userPackages.fluffychat.overrideAttrs ( (userPackages.fluffychat.overrideAttrs (
finalAttrs: previousAttrs: { finalAttrs: previousAttrs: {
desktopItems = [ desktopItems = [
((builtins.elemAt previousAttrs.desktopItems 0).override { startupWMClass = "fluffychat"; }) ((builtins.elemAt previousAttrs.desktopItems 0).override {startupWMClass = "fluffychat";})
]; ];
} }
)) ))
]; ];
# Enable gamemode service # Enable gamemode service.
programs.gamemode.enable = true; programs.gamemode.enable = true;
# Enable CUPS to print documents. # Enable CUPS to print documents.
services.printing.enable = true; services.printing = {
services.printing.drivers = [ pkgs.brlaser ]; enable = true;
drivers = [pkgs.brlaser];
};
# If you don't set this Wireguard won't work. # If you don't set this Wireguard won't work.
networking.firewall.checkReversePath = false; networking.firewall.checkReversePath = false;
@ -170,6 +163,6 @@ with lib;
# Enable CPU frequency scaling management. # Enable CPU frequency scaling management.
services.power-profiles-daemon.enable = mkForce false; # enabled by gnome services.power-profiles-daemon.enable = mkForce false; # enabled by gnome
services.tlp.enable = lib.mkForce false; # enabled by nixos-hardware services.tlp.enable = mkForce false; # enabled by nixos-hardware
services.auto-cpufreq.enable = true; services.auto-cpufreq.enable = true;
} }

View file

@ -1,8 +1,4 @@
{ {modulesPath, ...}: {
modulesPath,
...
}:
{
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./server.nix ./server.nix

View file

@ -1,13 +1,16 @@
{ user, lib, ... }:
with lib;
{ {
# Passwordless sudo user,
lib,
...
}:
with lib; {
# Passwordless sudo.
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
# Enable all terminfo (for ghostty) # Enable all terminfo (for ghostty).
environment.enableAllTerminfo = true; environment.enableAllTerminfo = true;
# Enable SSH server # Enable SSH server.
services.openssh.enable = true; services.openssh.enable = true;
users.users.${user} = { users.users.${user} = {
@ -17,7 +20,7 @@ with lib;
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEJYq1fMxVOzCMfE/td6DtWS8nUk76U9seYD3Z9RYAz u0_a399@fairywren" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEJYq1fMxVOzCMfE/td6DtWS8nUk76U9seYD3Z9RYAz u0_a399@fairywren"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMoJvPcUJDVVzO4dHROCFNlgJdDZSP5xyPx2s40zcx5QAAAABHNzaDo= YubiKey5NFC" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMoJvPcUJDVVzO4dHROCFNlgJdDZSP5xyPx2s40zcx5QAAAABHNzaDo= YubiKey5NFC"
]; ];
extraGroups = mkIf (user == "docker") [ "docker" ]; extraGroups = mkIf (user == "docker") ["docker"];
}; };
# Enable docker. # Enable docker.

View file

@ -3,8 +3,7 @@
lib, lib,
... ...
}: }:
with lib; with lib; {
{
imports = [ imports = [
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
./server.nix ./server.nix
@ -19,7 +18,7 @@ with lib;
"sd_mod" "sd_mod"
]; ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
# Enable DHCP. # Enable DHCP.
networking.useDHCP = mkDefault true; networking.useDHCP = mkDefault true;