├── .envrc
├── .github
├── CHANGELOG.md
├── README.md
├── dependabot.yml
└── workflows
│ └── update-flake-lock.yaml
├── .gitignore
├── LICENSE
├── apps
├── act.nix
├── agenix.nix
├── default.nix
├── distributed-builds.nix
├── hydra.nix
├── tofu.nix
└── tooling.nix
├── common
├── base-users.nix
├── colour-schemes
│ └── default.nix
├── config.nix
├── default.nix
├── generations.nix
├── home-manager-sets
│ ├── ai.nix
│ ├── base.nix
│ ├── cli.nix
│ ├── darwin-desktop.nix
│ ├── default.nix
│ ├── desktop-minimal.nix
│ ├── desktop.nix
│ ├── games.nix
│ ├── gnome-desktop.nix
│ ├── hyprland-desktop-minimal.nix
│ ├── hyprland-desktop.nix
│ ├── hyprland-ironbar-desktop.nix
│ ├── hyprland-waybar-desktop.nix
│ └── impermanence.nix
├── home-manager.nix
├── i18n.nix
├── images
│ ├── aarch64.nix
│ ├── amazon.nix
│ ├── default.nix
│ ├── linode.nix
│ ├── oracle.nix
│ ├── rpi4.nix
│ └── rpi5.nix
├── keys.nix
├── metadata.nix
├── minimal-modules.nix
├── modules.nix
├── options.nix
├── overlays.nix
├── package-sets.nix
├── standardise-nix.nix
├── stylix.nix
├── system.nix
├── tofu-stacks.nix
├── tofu
│ ├── aws.nix
│ ├── default.nix
│ ├── github.nix
│ └── oci.nix
├── topology.nix
├── user-attr-names.nix
└── users.nix
├── darwin
└── default.nix
├── flake.lock
├── flake.nix
├── home-manager-modules
├── aerospace
│ └── default.nix
├── agenix
│ └── default.nix
├── alacritty
│ └── default.nix
├── atuin
│ └── default.nix
├── bat
│ └── default.nix
├── broot
│ └── default.nix
├── dconf
│ └── default.nix
├── desktop-packages-extra
│ └── default.nix
├── desktop-packages
│ └── default.nix
├── dircolours
│ └── default.nix
├── direnv
│ └── default.nix
├── discord
│ └── default.nix
├── dwarf-fortress
│ └── default.nix
├── emacs
│ └── default.nix
├── eww
│ └── default.nix
├── firefox
│ └── default.nix
├── fuzzel
│ └── default.nix
├── fzf
│ └── default.nix
├── gammastep
│ └── default.nix
├── ghostty
│ └── default.nix
├── git
│ └── default.nix
├── helix
│ └── default.nix
├── home-manager
│ └── default.nix
├── hstr
│ └── default.nix
├── htop
│ └── default.nix
├── hypridle
│ └── default.nix
├── hyprland
│ ├── default.nix
│ └── settings.nix
├── hyprlock
│ └── default.nix
├── hyprpaper
│ └── default.nix
├── i3
│ └── default.nix
├── impermanence
│ └── default.nix
├── ironbar
│ └── default.nix
├── jq
│ └── default.nix
├── keepassxc
│ └── default.nix
├── kitty
│ └── default.nix
├── lsd
│ └── default.nix
├── lutris
│ └── default.nix
├── mako
│ └── default.nix
├── man
│ └── default.nix
├── mopidy
│ └── default.nix
├── neovim
│ └── default.nix
├── nextcloud-client
│ └── default.nix
├── nix-index
│ └── default.nix
├── nur
│ └── default.nix
├── ollama
│ └── default.nix
├── r2modman
│ └── default.nix
├── ranger
│ └── default.nix
├── rofi
│ └── default.nix
├── slack
│ └── default.nix
├── ssh
│ └── default.nix
├── starship
│ └── default.nix
├── swaync
│ └── default.nix
├── thunderbird
│ └── default.nix
├── utm
│ └── default.nix
├── vim
│ └── default.nix
├── vscodium
│ └── default.nix
├── waybar
│ ├── default.nix
│ └── settings.nix
├── wlogout
│ └── default.nix
├── wlsunset
│ └── default.nix
├── wofi
│ └── default.nix
├── xdg
│ └── default.nix
├── zed
│ └── default.nix
└── zsh
│ └── default.nix
├── hosts
├── README.md
├── alakazam
│ ├── default.nix
│ └── disk-config.nix
├── bellsprout
│ └── default.nix
├── butterfree
│ └── default.nix
├── diglett
│ └── default.nix
├── ditto
│ ├── README.md
│ └── default.nix
├── dragonite
│ ├── backups.nix
│ ├── default.nix
│ ├── disk-config.nix
│ └── microvms.nix
├── gastly
│ └── default.nix
├── igglybuff
│ └── default.nix
├── ivysaur
│ ├── default.nix
│ └── disk-config.nix
├── jigglypuff
│ ├── default.nix
│ └── disk-config.nix
├── lavender-tower
│ ├── README.md
│ ├── cloyster-linux
│ │ └── default.nix
│ ├── cloyster-macos
│ │ ├── default.nix
│ │ ├── modules.nix
│ │ ├── secrets.nix
│ │ └── system-packages.nix
│ └── ninetales
│ │ ├── default.nix
│ │ ├── hardware-configuration.nix
│ │ ├── modules.nix
│ │ ├── system-packages.nix
│ │ ├── user-modules.nix
│ │ └── users.nix
├── machop
│ └── default.nix
├── magikarp
│ └── default.nix
├── mankey
│ └── default.nix
├── meowth
│ └── default.nix
├── mew
│ └── default.nix
├── mr-mime
│ └── default.nix
├── nidoking
│ └── default.nix
├── nidorina
│ ├── default.nix
│ └── nginx.nix
├── nidorino
│ ├── authelia.nix
│ └── default.nix
├── ninetales
│ └── default.nix
├── oddish
│ └── default.nix
├── poliwag
│ └── default.nix
├── porygon
│ └── default.nix
├── slowpoke
│ └── default.nix
├── tentacruel
│ └── default.nix
├── victreebel
│ └── default.nix
├── wartortle
│ ├── default.nix
│ └── disk-config.nix
├── wigglytuff
│ ├── default.nix
│ └── disk-config.nix
└── zubat
│ └── default.nix
├── hydra
├── default.nix
├── jobsets.nix
└── spec.json
├── lib
├── authelia.nix
├── certificates.nix
├── default.nix
├── distributed-builds.nix
├── docker.nix
├── etc.nix
├── generators.nix
├── github.nix
├── home-manager.nix
├── host.nix
├── hostnames.nix
├── hydra.nix
├── hyprland.nix
├── intersect-multiple-lists.nix
├── merge.nix
├── microvm.nix
├── nginx.nix
├── options.nix
├── ssh.nix
├── tailscale.nix
├── terraform.nix
└── users.nix
├── linux
└── default.nix
├── modules
├── acme
│ └── default.nix
├── agenix
│ └── default.nix
├── alloy
│ └── default.nix
├── amazon-image
│ └── default.nix
├── authelia
│ └── default.nix
├── auto-upgrade
│ └── default.nix
├── bazarr
│ └── default.nix
├── bedrock-connect
│ └── default.nix
├── blocky
│ └── default.nix
├── bluetooth
│ └── default.nix
├── clamav
│ └── default.nix
├── darwin-settings
│ ├── custom-system-preferences.nix
│ ├── default.nix
│ ├── dock.nix
│ ├── finder.nix
│ ├── firewall.nix
│ ├── homebrew.nix
│ ├── keyboard.nix
│ ├── linux-builder.nix
│ ├── login-window.nix
│ ├── networking.nix
│ └── ns-global-domain.nix
├── ddclient
│ └── default.nix
├── deluge
│ └── default.nix
├── disable-assertions
│ └── default.nix
├── dnsmasq
│ ├── cache.nix
│ ├── default.nix
│ └── local.nix
├── docker-darwin
│ └── default.nix
├── docker
│ └── default.nix
├── dockutil
│ └── default.nix
├── documentation
│ └── default.nix
├── falcon
│ └── default.nix
├── firefox-syncserver
│ └── default.nix
├── flaresolverr
│ └── default.nix
├── flatpak
│ └── default.nix
├── fonts
│ └── default.nix
├── fractal-art
│ └── default.nix
├── gdm
│ └── default.nix
├── generations
│ └── default.nix
├── geyser-minecraft-server
│ ├── default.nix
│ ├── floodgate-config.nix
│ └── geyser-config.nix
├── gnome-keyring
│ └── default.nix
├── gnome
│ └── default.nix
├── gnupg
│ └── default.nix
├── grafana
│ ├── dashboards
│ │ ├── blocky.json
│ │ ├── clamav.json
│ │ ├── dns.json
│ │ ├── nextcloud.json
│ │ ├── node-exporter.json
│ │ ├── smartd.json
│ │ └── zfs.json
│ └── default.nix
├── greetd
│ └── default.nix
├── grub
│ └── default.nix
├── hardware
│ ├── m1
│ │ ├── boot-m1n1
│ │ │ └── default.nix
│ │ ├── default.nix
│ │ ├── firmware
│ │ │ ├── .gitignore
│ │ │ ├── default.nix
│ │ │ └── readme.md
│ │ ├── kernel
│ │ │ ├── config
│ │ │ ├── default-pagesize-16k.patch
│ │ │ ├── default.nix
│ │ │ ├── package.nix
│ │ │ └── sven-iommu-4k.patch
│ │ ├── m1n1
│ │ │ └── default.nix
│ │ └── u-boot
│ │ │ └── default.nix
│ ├── raspberry-pi-3b-plus
│ │ └── default.nix
│ └── raspberry-pi-4
│ │ └── default.nix
├── harmonia
│ └── default.nix
├── headscale
│ ├── README.md
│ └── default.nix
├── home-assistant
│ └── default.nix
├── home-manager
│ └── default.nix
├── hydra-auto-upgrade
│ └── default.nix
├── hydra
│ └── default.nix
├── hyprland
│ └── default.nix
├── i18n
│ └── default.nix
├── i3
│ └── default.nix
├── impermanence
│ └── default.nix
├── jellyfin
│ └── default.nix
├── jellyseerr
│ └── default.nix
├── journald
│ └── default.nix
├── keybase
│ └── default.nix
├── ledger
│ └── default.nix
├── libvirtd
│ ├── default.nix
│ └── opnsense.nix
├── lidarr
│ └── default.nix
├── lightdm
│ └── default.nix
├── linode-image
│ └── default.nix
├── lix
│ └── default.nix
├── logging
│ └── default.nix
├── loki
│ └── default.nix
├── lorri
│ └── default.nix
├── lxqt
│ └── default.nix
├── microvm-guest
│ └── default.nix
├── microvm-host
│ └── default.nix
├── minimal-boot-filesystems
│ └── default.nix
├── networking
│ └── default.nix
├── nextcloud
│ └── default.nix
├── nginx
│ └── default.nix
├── nix-monitored
│ └── default.nix
├── nix-serve
│ └── default.nix
├── nix-topology
│ └── default.nix
├── nix
│ └── default.nix
├── nur
│ └── default.nix
├── nvidia
│ └── default.nix
├── ollama
│ └── default.nix
├── openntpd
│ └── default.nix
├── openssh
│ └── default.nix
├── openvpn-server
│ └── default.nix
├── openvscode-server
│ └── default.nix
├── oracle-image
│ └── default.nix
├── palworld
│ └── default.nix
├── pidgin
│ └── default.nix
├── pipewire
│ └── default.nix
├── portainer
│ └── default.nix
├── prometheus
│ └── default.nix
├── prowlarr
│ └── default.nix
├── radarr
│ └── default.nix
├── raspberry-pi-4
│ └── default.nix
├── raspberry-pi-5
│ └── default.nix
├── redshift
│ └── default.nix
├── remote-builds
│ ├── default.nix
│ └── machines.json
├── sddm
│ └── default.nix
├── skhd
│ └── default.nix
├── smartd
│ └── default.nix
├── sonarr
│ └── default.nix
├── ssh
│ └── default.nix
├── ssm
│ └── default.nix
├── steam
│ └── default.nix
├── stubby
│ └── default.nix
├── stylix
│ └── default.nix
├── sudo
│ └── default.nix
├── systemd-boot
│ └── default.nix
├── systemd-networkd
│ └── default.nix
├── tailscale
│ └── default.nix
├── tdarr
│ └── default.nix
├── telegraf
│ └── default.nix
├── time
│ └── default.nix
├── timesyncd
│ └── default.nix
├── tmp-tmpfs
│ └── default.nix
├── tmux
│ └── default.nix
├── udev
│ └── default.nix
├── unifi
│ └── default.nix
├── upower
│ └── default.nix
├── ups
│ └── default.nix
├── uptime-kuma
│ └── default.nix
├── valheim
│ └── default.nix
├── velociraptor-client
│ └── default.nix
├── velociraptor-server
│ └── default.nix
├── vulnix
│ └── default.nix
├── xfce
│ └── default.nix
├── yabai
│ └── default.nix
├── zfs
│ └── default.nix
├── zramSwap
│ └── default.nix
└── zsh
│ └── default.nix
├── options
├── home-manager-modules
│ └── ollama
│ │ └── default.nix
├── modules
│ ├── bedrock-connect
│ │ └── default.nix
│ ├── blocky-darwin
│ │ └── default.nix
│ ├── docker-darwin
│ │ └── default.nix
│ ├── dockutil
│ │ └── default.nix
│ ├── hardware
│ │ └── default.nix
│ ├── headscale
│ │ └── default.nix
│ ├── hydra-auto-upgrade
│ │ └── default.nix
│ ├── jellyfin
│ │ ├── default.nix
│ │ ├── encoding-settings.nix
│ │ ├── logging-settings.nix
│ │ ├── network-settings.nix
│ │ ├── notification-settings.nix
│ │ └── system-settings.nix
│ ├── linux-builder
│ │ └── default.nix
│ ├── microvm-guest
│ │ └── default.nix
│ ├── microvm-host
│ │ └── default.nix
│ ├── networking-darwin
│ │ └── default.nix
│ ├── networking
│ │ └── default.nix
│ ├── nginx
│ │ └── default.nix
│ ├── nix
│ │ └── default.nix
│ ├── openvscode-server
│ │ └── default.nix
│ ├── palworld
│ │ └── default.nix
│ ├── remote-builds
│ │ └── default.nix
│ ├── sonarr
│ │ ├── config-settings.nix
│ │ └── default.nix
│ ├── ssh
│ │ └── default.nix
│ ├── steam
│ │ └── default.nix
│ ├── systemd-darwin
│ │ └── default.nix
│ ├── systemd
│ │ └── default.nix
│ └── velociraptor
│ │ ├── default.nix
│ │ └── defaults
│ │ ├── client-config.nix
│ │ └── server-config.nix
└── terranix
│ └── default.nix
├── overlays
├── default.nix
└── patches
│ ├── hydra.patch
│ └── mpvpaper.patch
├── packages
├── default.nix
├── dotnet
│ ├── battlenet-lancache-prefill
│ │ ├── default.nix
│ │ ├── deps.nix
│ │ └── no-appcontext.patch
│ ├── epic-lancache-prefill
│ │ ├── default.nix
│ │ ├── deps.nix
│ │ └── no-appcontext.patch
│ └── steam-lancache-prefill
│ │ ├── default.nix
│ │ ├── deps.nix
│ │ └── no-appcontext.patch
├── go
│ ├── cloudquery
│ │ └── default.nix
│ ├── cvemap
│ │ └── default.nix
│ ├── mdtable
│ │ └── default.nix
│ ├── pdscan
│ │ └── default.nix
│ ├── trdsql
│ │ └── default.nix
│ └── velociraptor
│ │ └── default.nix
├── node
│ └── tablemark
│ │ ├── add-lockfile.patch
│ │ └── default.nix
├── other
│ ├── bedrock-connect
│ │ └── default.nix
│ ├── better-english
│ │ └── default.nix
│ └── self-signed-certificate
│ │ └── default.nix
├── python
│ ├── acstore
│ │ └── default.nix
│ ├── artifacts
│ │ └── default.nix
│ ├── dfdatetime
│ │ └── default.nix
│ ├── dfvfs
│ │ ├── default.nix
│ │ └── no-xattr-dependency.patch
│ ├── dfwinreg
│ │ └── default.nix
│ ├── docxcompose
│ │ └── default.nix
│ ├── docxtpl
│ │ └── default.nix
│ ├── dtfabric
│ │ └── default.nix
│ ├── flor
│ │ └── default.nix
│ ├── libbde-python
│ │ └── default.nix
│ ├── libcaes-python
│ │ └── default.nix
│ ├── libcreg-python
│ │ └── default.nix
│ ├── libesedb-python
│ │ └── default.nix
│ ├── libevt-python
│ │ └── default.nix
│ ├── libevtx-python
│ │ └── default.nix
│ ├── libewf-python
│ │ └── default.nix
│ ├── libfcrypto-python
│ │ └── default.nix
│ ├── libfsapfs-python
│ │ └── default.nix
│ ├── libfsext-python
│ │ └── default.nix
│ ├── libfsfat-python
│ │ └── default.nix
│ ├── libfshfs-python
│ │ └── default.nix
│ ├── libfsntfs-python
│ │ └── default.nix
│ ├── libfsxfs-python
│ │ └── default.nix
│ ├── libfvde-python
│ │ └── default.nix
│ ├── libfwnt-python
│ │ └── default.nix
│ ├── libfwsi-python
│ │ └── default.nix
│ ├── liblnk-python
│ │ └── default.nix
│ ├── libluksde-python
│ │ └── default.nix
│ ├── libmodi-python
│ │ └── default.nix
│ ├── libmsiecf-python
│ │ └── default.nix
│ ├── libolecf-python
│ │ └── default.nix
│ ├── libphdi-python
│ │ └── default.nix
│ ├── libqcow-python
│ │ └── default.nix
│ ├── libregf-python
│ │ └── default.nix
│ ├── libscca-python
│ │ └── default.nix
│ ├── libsigscan-python
│ │ └── default.nix
│ ├── libsmdev-python
│ │ └── default.nix
│ ├── libsmraw-python
│ │ └── default.nix
│ ├── libvhdi-python
│ │ └── default.nix
│ ├── libvmdk-python
│ │ └── default.nix
│ ├── libvsapm-python
│ │ └── default.nix
│ ├── libvsgpt-python
│ │ └── default.nix
│ ├── libvshadow-python
│ │ └── default.nix
│ ├── libvslvm-python
│ │ └── default.nix
│ ├── opnreport
│ │ ├── bump-pyyaml-dependency.patch
│ │ └── default.nix
│ ├── pffocus
│ │ └── default.nix
│ ├── phonenumberslite
│ │ └── default.nix
│ ├── plaso
│ │ ├── default.nix
│ │ └── no-xattr-dependency.patch
│ └── pytsk3
│ │ └── default.nix
├── resources
│ ├── mario-homelab-pixelart-wallpaper
│ │ └── default.nix
│ ├── pfsense-logo
│ │ └── default.nix
│ └── ubiquiti-logo
│ │ └── default.nix
├── rust
│ └── .gitkeep
├── shell
│ ├── ditto-transform
│ │ └── default.nix
│ ├── eww-battery
│ │ └── default.nix
│ ├── eww-launch-bar
│ │ └── default.nix
│ ├── eww-mem-ad
│ │ └── default.nix
│ ├── eww-memory
│ │ └── default.nix
│ ├── eww-music-info
│ │ └── default.nix
│ ├── eww-pop
│ │ └── default.nix
│ ├── eww-sleek-bar
│ │ └── default.nix
│ ├── eww-wifi
│ │ └── default.nix
│ ├── eww-workspace
│ │ └── default.nix
│ ├── vulnix-pre-commit
│ │ └── default.nix
│ ├── waybar-colour-picker
│ │ └── default.nix
│ ├── waybar-screenshot
│ │ └── default.nix
│ └── wofi-power
│ │ └── default.nix
├── terranix
│ ├── aws-state
│ │ ├── README.md
│ │ └── default.nix
│ ├── aws-valheim
│ │ ├── README.md
│ │ └── default.nix
│ ├── github
│ │ ├── README.md
│ │ └── default.nix
│ ├── linode-ami
│ │ ├── README.md
│ │ └── default.nix
│ ├── linode-csgo
│ │ ├── README.md
│ │ └── default.nix
│ ├── linode-openvpn
│ │ ├── README.md
│ │ └── default.nix
│ └── oracle
│ │ ├── README.md
│ │ └── default.nix
└── text
│ ├── authelia-authrequest-conf
│ └── default.nix
│ ├── authelia-location-conf
│ └── default.nix
│ ├── authelia-proxy-conf
│ └── default.nix
│ ├── conform-config
│ └── default.nix
│ ├── git-cliff-config
│ └── default.nix
│ ├── prettierignore
│ └── default.nix
│ └── wireplumber-disable-pci-0
│ └── default.nix
├── resources
├── deployment.svg
└── recommend.jpg
├── secrets
├── README.md
├── acme
│ ├── default.nix
│ ├── environment-file.age
│ └── secrets.nix
├── authelia
│ ├── default.nix
│ ├── jwt-secret-key.age
│ ├── notifier-config.age
│ ├── secrets.nix
│ ├── session-secret-key.age
│ ├── storage-encryption-key.age
│ └── users.age
├── cloudflare
│ ├── default.nix
│ ├── dynamic-dns-api-key.age
│ └── secrets.nix
├── default.nix
├── deluge
│ ├── auth-file.age
│ ├── default.nix
│ └── secrets.nix
├── firefox-syncserver
│ ├── default.nix
│ ├── secrets.age
│ └── secrets.nix
├── git
│ ├── default.nix
│ ├── git-signing-key-pub.age
│ ├── git-signing-key.age
│ └── secrets.nix
├── grafana
│ ├── admin-password.age
│ ├── default.nix
│ └── secrets.nix
├── headscale
│ ├── default.nix
│ ├── secrets.nix
│ └── wg-private-key.age
├── hydra
│ ├── default.nix
│ ├── hydra-github-token.age
│ └── secrets.nix
├── nextcloud
│ ├── admin-pass.age
│ ├── default.nix
│ ├── exporter-token.age
│ ├── secret-file.age
│ └── secrets.nix
├── nix-serve
│ ├── cache-priv-key.pem.age
│ ├── default.nix
│ └── secrets.nix
├── openvpn
│ ├── ca-cert.age
│ ├── default.nix
│ ├── dh2048-pem.age
│ ├── secrets.nix
│ ├── server-cert.age
│ ├── server-key.age
│ └── ta-key.age
├── openvscode-server
│ ├── connection-token-file.age
│ ├── default.nix
│ └── secrets.nix
├── restic
│ ├── default.nix
│ ├── logs-password.age
│ ├── nextcloud-password.age
│ ├── secrets.nix
│ └── wasabi-backup-env.age
├── sonarr
│ ├── api-key.age
│ ├── default.nix
│ └── secrets.nix
├── ssh
│ ├── builder-id-ed25519.age
│ ├── default.nix
│ ├── secrets.nix
│ ├── type-a-1.age
│ ├── type-a-2.age
│ ├── type-c-1.age
│ └── type-c-2.age
├── tailscale
│ ├── default.nix
│ ├── preauth-admin.age
│ ├── preauth-auth.age
│ ├── preauth-dns.age
│ ├── preauth-download.age
│ ├── preauth-game.age
│ ├── preauth-general.age
│ ├── preauth-log.age
│ ├── preauth-nextcloud.age
│ ├── preauth-reverse-proxy.age
│ ├── preauth-work.age
│ └── secrets.nix
├── terraform
│ ├── default.nix
│ ├── secrets.nix
│ └── terraform-api-key.age
├── wireless
│ ├── default.nix
│ ├── secrets.nix
│ ├── wireless-home.env.age
│ ├── wireless-iot.env.age
│ ├── wireless-mbd.env.age
│ ├── wireless-pixel-hotspot.env.age
│ └── wireless-samsung-hotspot.env.age
└── zfs
│ ├── default.nix
│ ├── dragonite-fde-key.age
│ └── secrets.nix
└── users
├── builder.nix
├── groups
├── dns.nix
└── portainer.nix
├── j.rovacsek.nix
├── jay.nix
├── jrovacsek.nix
├── root.nix
├── sarah.nix
├── service-accounts
├── dns.nix
├── dnsmasq.nix
├── pihole.nix
├── portainer.nix
└── stubby.nix
└── test.nix
/.envrc:
--------------------------------------------------------------------------------
1 | use flake
--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
1 | version: 2
2 | updates:
3 | - package-ecosystem: "github-actions"
4 | directory: "/"
5 | schedule:
6 | interval: "weekly"
7 | target-branch: "staging"
8 | open-pull-requests-limit: 1
9 | reviewers:
10 | - "JayRovacsek"
11 |
--------------------------------------------------------------------------------
/.github/workflows/update-flake-lock.yaml:
--------------------------------------------------------------------------------
1 | name: update-flake-lock
2 |
3 | on:
4 | workflow_dispatch:
5 | schedule:
6 | - cron: "0 0 * * 0"
7 |
8 | jobs:
9 | lockfile:
10 | runs-on: ubuntu-latest
11 | steps:
12 | - name: Checkout repository
13 | uses: actions/checkout@v4
14 | - name: Install Determinate Nix
15 | uses: DeterminateSystems/nix-installer-action@main
16 | with:
17 | determinate: true
18 | - name: Update flake.lock
19 | uses: DeterminateSystems/update-flake-lock@main
20 | with:
21 | pr-title: "chore: update flake.lock"
22 | pr-labels: |
23 | dependencies
24 | automated
25 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Nix
2 | result
3 | result-man
4 |
5 | # Terraform
6 | .terraform.lock.hcl
7 | .terraform/
8 | terraform.tfstate
9 | terraform.tfstate.backup
10 | terraform.tfvars
11 |
12 | # Tooling
13 | _typos.toml
14 | .conform.yaml
15 | .direnv
16 | .pre-commit-config.yaml
17 | cliff.toml
18 |
--------------------------------------------------------------------------------
/apps/act.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | let
3 | inherit (pkgs) act;
4 |
5 | args = [
6 | "-P ubuntu-latest=nixpkgs/nix-flakes"
7 | "-j validate-nix"
8 | ];
9 |
10 | program = builtins.toString (
11 | pkgs.writers.writeBash "run-act" ''
12 | ${act}/bin/act ${builtins.concatStringsSep " " args}
13 | ''
14 | );
15 |
16 | type = "app";
17 |
18 | in
19 | {
20 | act-local = {
21 | inherit program type;
22 | };
23 | }
24 |
--------------------------------------------------------------------------------
/apps/agenix.nix:
--------------------------------------------------------------------------------
1 | { self, pkgs, ... }:
2 | let
3 | inherit (pkgs) lib openssh;
4 |
5 | inherit (lib) concatMapStringsSep;
6 |
7 | hosts =
8 | (builtins.attrNames self.nixosConfigurations)
9 | ++ (builtins.attrNames self.darwinConfigurations);
10 |
11 | program = builtins.toString (
12 | pkgs.writers.writeBash "generate-host-agenix-keys" (
13 | concatMapStringsSep "\n" (x: ''
14 | ${openssh}/bin/ssh-keygen -t ed25519 -C "" -f id-ed25519-${x}-primary -P ""
15 | ${openssh}/bin/ssh-keygen -t ed25519 -C "" -f id-ed25519-${x}-secondary -P ""
16 | '') hosts
17 | )
18 | );
19 |
20 | type = "app";
21 |
22 | in
23 | {
24 | generate-host-agenix-keys = {
25 | inherit program type;
26 | };
27 | }
28 |
--------------------------------------------------------------------------------
/apps/default.nix:
--------------------------------------------------------------------------------
1 | { self, pkgs }:
2 | let
3 | inherit (self.lib) merge;
4 | agenix = import ./agenix.nix { inherit self pkgs; };
5 |
6 | # Previously I had configured this to evaluate at system evaluation time.
7 | # this is costly as heck when more machines, so this should give an escape
8 | # hatch to generate a suitable JSON blob that can be stored and regenerated
9 | # easily to enable much faster evaluation of the configuration at build times.
10 | distributed-builds = import ./distributed-builds.nix { inherit self pkgs; };
11 |
12 | hydra = import ./hydra.nix { inherit self pkgs; };
13 |
14 | tofu = import ./tofu.nix { inherit self pkgs; };
15 |
16 | tooling = import ./tooling.nix { inherit self pkgs; };
17 |
18 | in
19 | merge [
20 | agenix
21 | distributed-builds
22 | hydra
23 | tofu
24 | tooling
25 | ]
26 |
--------------------------------------------------------------------------------
/apps/distributed-builds.nix:
--------------------------------------------------------------------------------
1 | { self, pkgs }:
2 | let
3 | inherit (pkgs) coreutils;
4 | inherit (self.lib.distributed-builds) base-configs;
5 |
6 | configs = builtins.toFile "build-machines.json" (builtins.toJSON base-configs);
7 |
8 | program = builtins.toString (
9 | pkgs.writers.writeBash "copy-configs" ''
10 | ${coreutils}/bin/mkdir -p ./modules/remote-builds/
11 | ${coreutils}/bin/cat ${configs} > ./modules/remote-builds/machines.json
12 | ${pkgs.nodePackages.prettier}/bin/prettier -w ./modules/remote-builds/machines.json
13 | ''
14 | );
15 |
16 | type = "app";
17 |
18 | in
19 | {
20 | generate-distributed-build-configs = {
21 | inherit program type;
22 | };
23 | }
24 |
--------------------------------------------------------------------------------
/apps/hydra.nix:
--------------------------------------------------------------------------------
1 | { self, pkgs }:
2 | let
3 | inherit (pkgs) coreutils git;
4 | inherit (self.lib.hydra) generate-spec;
5 |
6 | # Hard-coding dragonite here kinda sucks - TODO: figure how to
7 | # dynamically approach this in the future to make this painless
8 | # across any hosts required
9 | spec = builtins.toFile "spec.json" (
10 | builtins.toJSON (generate-spec self.nixosConfigurations.dragonite)
11 | );
12 |
13 | program = builtins.toString (
14 | pkgs.writers.writeBash "generate-spec" ''
15 | ${coreutils}/bin/mkdir -p ./static/
16 | ${coreutils}/bin/cp ${spec} ./hydra/spec.json
17 | ${git}/bin/git add ./hydra/spec.json
18 | ''
19 | );
20 |
21 | type = "app";
22 |
23 | in
24 | {
25 | generate-hydra-specification = {
26 | inherit program type;
27 | };
28 | }
29 |
--------------------------------------------------------------------------------
/common/colour-schemes/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | tomorrow-night-blue-base16 = {
3 | # Dark Blue
4 | base00 = "002451";
5 | # Extremely Dark Blue
6 | base01 = "001733";
7 | # Blue
8 | base02 = "003f8e";
9 | # Light Blue
10 | base03 = "7285b7";
11 | # Grey
12 | base04 = "949494";
13 | # White
14 | base05 = "ffffff";
15 | # Light Grey
16 | base06 = "e0e0e0";
17 | # White
18 | base07 = "ffffff";
19 | # Maroon Red
20 | base08 = "a92049";
21 | # Salmon
22 | base09 = "ff9da4";
23 | # Pastel Yellow
24 | base0A = "ffeead";
25 | # Light Lime
26 | base0B = "d1f1a9";
27 | # White
28 | base0C = "ffffff";
29 | # Peach
30 | base0D = "ffc58f";
31 | # Violet
32 | base0E = "d778ff";
33 | # Baby Poo Brown
34 | base0F = "cd9731";
35 | scheme = "Tomorrow Night Blue";
36 | slug = "tomorrow-night-blue";
37 | author = "tomorrow-night-blue";
38 | };
39 | }
40 |
--------------------------------------------------------------------------------
/common/generations.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common) package-sets;
4 | in
5 | builtins.mapAttrs (
6 | package-set: _:
7 | let
8 | pkgs = self.common.package-sets.${package-set};
9 | inherit (pkgs) lib;
10 | inherit (pkgs.stdenv) isLinux;
11 | in
12 | {
13 | imports = lib.optionals isLinux [ ../modules/generations ];
14 | }
15 | ) package-sets
16 |
--------------------------------------------------------------------------------
/common/home-manager-sets/ai.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | with self.homeManagerModules;
3 | [
4 | ollama
5 | ]
6 |
--------------------------------------------------------------------------------
/common/home-manager-sets/base.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | with self.homeManagerModules;
3 | [
4 | home-manager
5 | nur
6 | xdg
7 | ]
8 |
--------------------------------------------------------------------------------
/common/home-manager-sets/cli.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.inputs) nixvim;
4 | inherit (self.common.home-manager-module-sets) base;
5 | in
6 | base
7 | ++ (with self.homeManagerModules; [
8 | agenix
9 | atuin
10 | bat
11 | direnv
12 | fzf
13 | git
14 | jq
15 | lsd
16 | man
17 | neovim
18 | starship
19 | zsh
20 | ])
21 | ++ [ nixvim.homeManagerModules.nixvim ]
22 |
--------------------------------------------------------------------------------
/common/home-manager-sets/darwin-desktop.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) desktop;
4 | in
5 | desktop
6 | ++ (with self.homeManagerModules; [
7 | alacritty
8 | utm
9 | ])
10 | ++ [
11 | {
12 | manual.manpages.enable = false;
13 | }
14 | ]
15 |
--------------------------------------------------------------------------------
/common/home-manager-sets/desktop-minimal.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) cli;
4 | in
5 | cli ++ (with self.homeManagerModules; [ desktop-packages ])
6 |
--------------------------------------------------------------------------------
/common/home-manager-sets/desktop.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) desktop-minimal;
4 | in
5 | desktop-minimal
6 | ++ (with self.homeManagerModules; [
7 | alacritty
8 | discord
9 | firefox
10 | keepassxc
11 | nextcloud-client
12 | slack
13 | thunderbird
14 | vscodium
15 | ])
16 |
--------------------------------------------------------------------------------
/common/home-manager-sets/games.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | with self.homeManagerModules;
3 | [
4 | lutris
5 | ]
6 |
--------------------------------------------------------------------------------
/common/home-manager-sets/gnome-desktop.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) desktop;
4 | in
5 | desktop
6 | ++ (with self.homeManagerModules; [
7 | dconf
8 | desktop-packages-extra
9 | rofi
10 | ])
11 |
--------------------------------------------------------------------------------
/common/home-manager-sets/hyprland-desktop-minimal.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) desktop;
4 | in
5 | desktop
6 | ++ (with self.homeManagerModules; [
7 | hyprland
8 | fuzzel
9 | ])
10 |
--------------------------------------------------------------------------------
/common/home-manager-sets/hyprland-desktop.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) hyprland-desktop-minimal;
4 | in
5 | hyprland-desktop-minimal
6 | ++ (with self.homeManagerModules; [
7 | desktop-packages-extra
8 | hyprpaper
9 | swaync
10 | ])
11 |
--------------------------------------------------------------------------------
/common/home-manager-sets/hyprland-ironbar-desktop.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) hyprland-desktop;
4 | in
5 | hyprland-desktop ++ (with self.homeManagerModules; [ ironbar ])
6 |
--------------------------------------------------------------------------------
/common/home-manager-sets/hyprland-waybar-desktop.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.home-manager-module-sets) hyprland-desktop;
4 | in
5 | hyprland-desktop
6 | ++ (with self.homeManagerModules; [
7 | mako
8 | waybar
9 | ])
10 |
--------------------------------------------------------------------------------
/common/home-manager-sets/impermanence.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | with self.homeManagerModules;
3 | [
4 | home-manager
5 | impermanence
6 | ]
7 |
--------------------------------------------------------------------------------
/common/home-manager.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.lib) home-manager;
4 | inherit (self.common) package-sets;
5 | in
6 | builtins.mapAttrs (_: pkgs: home-manager { inherit pkgs; }) package-sets
7 |
--------------------------------------------------------------------------------
/common/i18n.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common) package-sets;
4 | in
5 | builtins.mapAttrs (
6 | package-set: _:
7 | let
8 | pkgs = self.common.package-sets.${package-set};
9 | inherit (pkgs) lib;
10 | inherit (pkgs.stdenv) isLinux;
11 | in
12 | {
13 | imports = lib.optional isLinux ../modules/i18n;
14 | }
15 | ) package-sets
16 |
--------------------------------------------------------------------------------
/common/images/aarch64.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.inputs) nixpkgs;
4 | inherit (self.common.system) unstable-system;
5 | in
6 | unstable-system rec {
7 | system = "aarch64-linux";
8 | pkgs = import nixpkgs { inherit system; };
9 | modules = [
10 | "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
11 | {
12 | networking.hostName = "aarch64";
13 | system.stateVersion = "23.11";
14 | }
15 | ];
16 | }
17 |
--------------------------------------------------------------------------------
/common/images/amazon.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.system) unstable-system;
4 | inherit (self.common.package-sets) x86_64-linux-unstable;
5 | inherit (self.nixosModules) amazon-image zsh;
6 |
7 | inherit (x86_64-linux-unstable) system identifier pkgs;
8 | base = self.common.modules.${identifier};
9 | modules = base ++ [
10 | ../../hosts/ditto
11 | amazon-image
12 | zsh
13 | ];
14 | specialArgs = {
15 | inherit self;
16 | };
17 |
18 | in
19 | unstable-system {
20 | inherit
21 | system
22 | pkgs
23 | modules
24 | specialArgs
25 | ;
26 | }
27 |
--------------------------------------------------------------------------------
/common/images/linode.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.system) unstable-system;
4 | inherit (self.common.package-sets) x86_64-linux-unstable;
5 |
6 | inherit (x86_64-linux-unstable) system identifier pkgs;
7 | modules = self.common.modules.${identifier} ++ [
8 | ../../hosts/ditto
9 | self.nixosModules.linode-image
10 | ];
11 | specialArgs = {
12 | inherit self;
13 | };
14 |
15 | in
16 | unstable-system {
17 | inherit
18 | system
19 | pkgs
20 | modules
21 | specialArgs
22 | ;
23 | }
24 |
--------------------------------------------------------------------------------
/common/images/oracle.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.package-sets) x86_64-linux-unstable;
4 | inherit (self.common.system) unstable-system;
5 | inherit (self.nixosModules) disable-assertions oracle-image zsh;
6 |
7 | inherit (x86_64-linux-unstable) system identifier pkgs;
8 | base = self.common.modules.${identifier};
9 | modules = base ++ [
10 | ../../hosts/ditto
11 | disable-assertions
12 | oracle-image
13 | zsh
14 | ];
15 | specialArgs = {
16 | inherit self;
17 | };
18 |
19 | in
20 | unstable-system {
21 | inherit
22 | system
23 | pkgs
24 | modules
25 | specialArgs
26 | ;
27 | }
28 |
--------------------------------------------------------------------------------
/common/images/rpi4.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.system) unstable-system;
4 |
5 | inherit (self.common.package-sets) aarch64-linux-unstable;
6 | inherit (aarch64-linux-unstable) system identifier pkgs;
7 |
8 | modules = self.common.modules.${identifier} ++ [
9 | self.nixosModules.raspberry-pi-4
10 | {
11 | # This is just a stub to enable hydra evaluation
12 | fileSystems."/".device = "none";
13 |
14 | networking.hostName = "rpi4";
15 |
16 | services.openssh = {
17 | enable = true;
18 | settings = {
19 | PermitRootLogin = "yes";
20 | PasswordAuthentication = false;
21 | };
22 | };
23 |
24 | system.stateVersion = "24.11";
25 |
26 | users.users.root.openssh.authorizedKeys.keys =
27 | self.common.config.services.openssh.public-keys;
28 | }
29 | ];
30 |
31 | specialArgs = {
32 | inherit self;
33 | };
34 | in
35 | unstable-system {
36 | inherit
37 | modules
38 | pkgs
39 | specialArgs
40 | system
41 | ;
42 | }
43 |
--------------------------------------------------------------------------------
/common/images/rpi5.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.system) unstable-system;
4 |
5 | inherit (self.common.package-sets) aarch64-linux-unstable;
6 | inherit (aarch64-linux-unstable) system identifier pkgs;
7 |
8 | modules = self.common.modules.${identifier} ++ [
9 | self.nixosModules.raspberry-pi-5
10 | {
11 | networking.hostName = "rpi5";
12 |
13 | services.openssh = {
14 | enable = true;
15 | settings = {
16 | PermitRootLogin = "yes";
17 | PasswordAuthentication = false;
18 | };
19 | };
20 |
21 | system.stateVersion = "24.11";
22 |
23 | users.users.root.openssh.authorizedKeys.keys =
24 | self.common.config.services.openssh.public-keys;
25 | }
26 | ];
27 |
28 | specialArgs = {
29 | inherit self;
30 | };
31 | in
32 | unstable-system {
33 | inherit
34 | modules
35 | pkgs
36 | specialArgs
37 | system
38 | ;
39 | }
40 |
--------------------------------------------------------------------------------
/common/metadata.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.inputs.nixpkgs) lib;
4 | inherit (self.lib) distributed-builds;
5 | inherit (self) darwinConfigurations nixosConfigurations;
6 |
7 | darwin-host-identifiers = lib.attrNames darwinConfigurations;
8 | host-identifiers = darwin-host-identifiers ++ linux-host-identifiers;
9 | linux-host-identifiers = lib.attrNames nixosConfigurations;
10 |
11 | extended = {
12 | distributed-builds = distributed-builds.base-configs;
13 | };
14 |
15 | in
16 | {
17 | inherit
18 | darwin-host-identifiers
19 | extended
20 | host-identifiers
21 | linux-host-identifiers
22 | ;
23 | }
24 |
--------------------------------------------------------------------------------
/common/minimal-modules.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common) options package-sets standardise-nix;
4 | in
5 | builtins.mapAttrs (package-set: _: [
6 | options.${package-set}.minimal
7 | standardise-nix.${package-set}
8 | ]) package-sets
9 |
--------------------------------------------------------------------------------
/common/modules.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common)
4 | home-manager
5 | options
6 | package-sets
7 | stylix
8 | standardise-nix
9 | ;
10 | in
11 | builtins.mapAttrs (
12 | package-set: _:
13 | home-manager.${package-set}
14 | ++ [
15 | options.${package-set}.minimal
16 | standardise-nix.${package-set}
17 | stylix.${package-set}
18 | ]
19 | ) package-sets
20 |
--------------------------------------------------------------------------------
/common/overlays.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common.overlays) darwin linux system-agnostic;
4 | inherit (self.inputs)
5 | agenix
6 | firefox-darwin
7 | nur
8 | ;
9 | in
10 | {
11 | all = system-agnostic ++ darwin ++ linux;
12 |
13 | darwin = [
14 | firefox-darwin.overlay
15 | self.overlays.dockutil-bin
16 | self.overlays.keepassxc
17 | ];
18 |
19 | linux = [
20 | self.overlays.element-desktop
21 | self.overlays.makeModulesClosure
22 | self.overlays.moonlight-wayland
23 | self.overlays.mpvpaper
24 | self.overlays.ranger
25 | self.overlays.waybar
26 | ];
27 |
28 | system-agnostic = [
29 | agenix.overlays.default
30 | nur.overlays.default
31 | self.overlays.lib
32 | ];
33 | }
34 |
--------------------------------------------------------------------------------
/common/stylix.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.common) package-sets;
4 | in
5 | builtins.mapAttrs (
6 | package-set: _:
7 | let
8 | pkgs = self.common.package-sets.${package-set};
9 | inherit (pkgs) lib;
10 | inherit (pkgs.stdenv) isLinux isDarwin;
11 | inherit (self.inputs) stylix;
12 |
13 | darwin-modules = lib.optional isDarwin stylix.darwinModules.stylix;
14 | linux-modules = lib.optional isLinux stylix.nixosModules.stylix;
15 | system-module = import ../modules/stylix;
16 | in
17 | {
18 | imports = darwin-modules ++ linux-modules ++ [ system-module ];
19 | }
20 | ) package-sets
21 |
--------------------------------------------------------------------------------
/common/system.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.inputs)
4 | bleeding-edge
5 | nixpkgs
6 | nix-darwin
7 | stable
8 | ;
9 | in
10 | {
11 | # Note that this does not mean a system that utilises unstable-system
12 | # is purely unstable, it can utilise stable package-sets for home-manager
13 | # and/or remaining system config, this only governs the generation of
14 | # system configs via either the current unstable or stable.
15 | stable-system = stable.lib.nixosSystem;
16 | unstable-system = nixpkgs.lib.nixosSystem;
17 | bleeding-edge-system = bleeding-edge.lib.nixosSystem;
18 |
19 | darwin-system = nix-darwin.lib.darwinSystem;
20 | }
21 |
--------------------------------------------------------------------------------
/common/tofu-stacks.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | stacks = builtins.attrNames (builtins.readDir ../packages/terranix);
4 | cfg = builtins.foldl' (
5 | accumulator: stack:
6 | {
7 | ${stack} = import ../packages/terranix/${stack} { inherit self; };
8 | }
9 | // accumulator
10 | ) { } stacks;
11 | in
12 | cfg
13 |
--------------------------------------------------------------------------------
/common/tofu/default.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | {
3 | globals = {
4 | aws = import ./aws.nix { inherit self; };
5 | github = import ./github.nix { inherit self; };
6 | oci = import ./oci.nix { inherit self; };
7 | };
8 | }
9 |
--------------------------------------------------------------------------------
/common/tofu/oci.nix:
--------------------------------------------------------------------------------
1 | _: { region = "ap-sydney-1"; }
2 |
--------------------------------------------------------------------------------
/common/user-attr-names.nix:
--------------------------------------------------------------------------------
1 | _:
2 | let
3 | # This is a simple hack around an inability to reflect
4 | # on expected or required attributes for user definitions
5 | # based on our host configuration.
6 | #
7 | # TODO: revisit this some time in the future to validate there
8 | # isn't an obvious way.
9 | attr-names = [
10 | "extraGroups"
11 | "hashedPassword"
12 | "initialHashedPassword"
13 | "isNormalUser"
14 | "isSystemUser"
15 | "name"
16 | "openssh"
17 | ];
18 | in
19 | attr-names
20 |
--------------------------------------------------------------------------------
/common/users.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | with builtins;
3 | let
4 | inherit (self.lib.users) generate-config;
5 | inherit (self.common) base-users;
6 | # The below will create a flake accessible lambda per user
7 | # that requires input of the packageset so that
8 | # system shell is correctly set, otherwise we could avoid this
9 | # lambda structure and just define users in a static way.
10 | #
11 | # Consuming this should be as easy as per supported system package-set
12 | # just passing the set:
13 | #
14 | # nix-repl> :lf .
15 | # nix-repl> pkgs = nixosConfigurations.alakazam.pkgs
16 | # nix-repl> jay = common.users.jay { inherit pkgs; }
17 |
18 | fn = mapAttrs (
19 | _: user-settings:
20 | {
21 | config,
22 | pkgs,
23 | modules ? [ ],
24 | overrides ? { },
25 | }:
26 | generate-config {
27 | inherit
28 | pkgs
29 | modules
30 | user-settings
31 | config
32 | overrides
33 | self
34 | ;
35 | }
36 | ) base-users;
37 | in
38 | fn
39 |
--------------------------------------------------------------------------------
/darwin/default.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | # Required build functions
4 | inherit (self.common.system) darwin-system;
5 |
6 | # Required package-sets
7 | inherit (self.common.package-sets) aarch64-darwin-unstable;
8 |
9 | inherit (self.lib.host) make-host;
10 | in
11 | {
12 | # Hosts
13 | ninetales = make-host aarch64-darwin-unstable "ninetales" darwin-system;
14 | victreebel = make-host aarch64-darwin-unstable "victreebel" darwin-system;
15 | }
16 |
--------------------------------------------------------------------------------
/home-manager-modules/agenix/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | imports = [ self.inputs.agenix.homeManagerModules.default ];
4 | }
5 |
--------------------------------------------------------------------------------
/home-manager-modules/atuin/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | let
3 | enableBashIntegration = config.programs.bash.enable;
4 | enableFishIntegration = config.programs.fish.enable;
5 | enableZshIntegration = config.programs.zsh.enable;
6 | in
7 | {
8 | programs.atuin = {
9 | enable = true;
10 |
11 | inherit
12 | enableBashIntegration
13 | enableFishIntegration
14 | enableZshIntegration
15 | ;
16 |
17 | settings = {
18 | dialect = "uk";
19 | update_check = false;
20 | sync_frequency = "5m";
21 | keymap_mode = "vim-normal";
22 | };
23 | };
24 | }
25 |
--------------------------------------------------------------------------------
/home-manager-modules/bat/default.nix:
--------------------------------------------------------------------------------
1 | _: { programs.bat.enable = true; }
2 |
--------------------------------------------------------------------------------
/home-manager-modules/broot/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | let
3 | enable = true;
4 |
5 | enableBashIntegration = config.programs.bash.enable;
6 | enableFishIntegration = config.programs.fish.enable;
7 | enableZshIntegration = config.programs.zsh.enable;
8 |
9 | settings.modal = true;
10 |
11 | in
12 | {
13 | programs.broot = {
14 | inherit
15 | enable
16 | enableBashIntegration
17 | enableFishIntegration
18 | enableZshIntegration
19 | settings
20 | ;
21 | };
22 | }
23 |
--------------------------------------------------------------------------------
/home-manager-modules/desktop-packages-extra/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | pkgs,
3 | lib,
4 | # osConfig,
5 | self,
6 | ...
7 | }:
8 | {
9 | nixpkgs.overlays = [
10 | self.overlays.jellyfin-wayland
11 | ];
12 |
13 | home.packages =
14 | (lib.optionals pkgs.stdenv.isLinux (
15 | with pkgs;
16 | [
17 | brave
18 |
19 | # Productivity
20 | gimp
21 | jellyfin-media-player-wayland
22 |
23 | # Communication
24 | signal-desktop
25 | ]
26 | ))
27 | ++ (lib.optionals pkgs.stdenv.isDarwin [
28 |
29 | ]);
30 | }
31 |
--------------------------------------------------------------------------------
/home-manager-modules/dircolours/default.nix:
--------------------------------------------------------------------------------
1 | _: { programs.dircolors.enable = true; }
2 |
--------------------------------------------------------------------------------
/home-manager-modules/direnv/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | let
3 | enable = true;
4 | enableBashIntegration = config.programs.bash.enable;
5 | enableFishIntegration = config.programs.fish.enable;
6 | enableZshIntegration = config.programs.zsh.enable;
7 |
8 | nix-direnv.enable = true;
9 |
10 | in
11 | {
12 | programs.direnv = {
13 | inherit
14 | enable
15 | enableBashIntegration
16 | enableFishIntegration
17 | enableZshIntegration
18 | nix-direnv
19 | ;
20 | config = {
21 | global.load_dotenv = true;
22 | whitelist.prefix = [ "${config.home.homeDirectory}/dev" ];
23 | };
24 | };
25 | }
26 |
--------------------------------------------------------------------------------
/home-manager-modules/dwarf-fortress/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | pkgs,
3 | lib,
4 | osConfig,
5 | ...
6 | }:
7 | with pkgs;
8 | let
9 | # Hack to make home manager module that is linux
10 | # specific not cause explosions if accidentally loaded onto
11 | # a non-linux system.
12 | inherit (lib.strings) hasInfix;
13 | # TODO: rewrite this garbage
14 | enable =
15 | !(hasInfix "aarch" osConfig.nixpkgs.system)
16 | && !(hasInfix "darwin" osConfig.nixpkgs.system);
17 | base = [ dwarf-fortress ];
18 | mods = with dwarf-fortress-packages; [ dwarf-therapist ];
19 | themes = with dwarf-fortress-packages; [ ];
20 | dfPackages = base ++ mods ++ themes;
21 | cfg = {
22 | home.packages = if enable then dfPackages else [ ];
23 | };
24 | in
25 | cfg
26 |
--------------------------------------------------------------------------------
/home-manager-modules/emacs/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | programs.emacs = {
3 | enable = true;
4 | };
5 | }
6 |
--------------------------------------------------------------------------------
/home-manager-modules/eww/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, self, ... }:
2 | let
3 | inherit (pkgs) system;
4 | inherit (self.packages.${system}) eww-sleek-bar;
5 |
6 | hack-font = pkgs.nerd-fonts.hack;
7 | in
8 | {
9 | home.packages = [
10 | hack-font
11 | pkgs.dejavu_fonts
12 | ];
13 |
14 | programs.eww = {
15 | enable = true;
16 | package = pkgs.eww;
17 | configDir = "${eww-sleek-bar}/share";
18 | };
19 | }
20 |
--------------------------------------------------------------------------------
/home-manager-modules/fuzzel/default.nix:
--------------------------------------------------------------------------------
1 | { lib, osConfig, ... }:
2 | let
3 | inherit (lib) hasInfix;
4 | isLinux = hasInfix "linux" osConfig.nixpkgs.system;
5 |
6 | cfg = lib.optionalAttrs isLinux {
7 | programs.fuzzel = {
8 | enable = true;
9 | settings.main = {
10 | vertical-pad = 50;
11 | horizontal-pad = 100;
12 | show-actions = "yes";
13 | lines = 20;
14 | width = 80;
15 | };
16 | };
17 | };
18 | in
19 | cfg
20 |
--------------------------------------------------------------------------------
/home-manager-modules/fzf/default.nix:
--------------------------------------------------------------------------------
1 | _: { programs.fzf.enable = true; }
2 |
--------------------------------------------------------------------------------
/home-manager-modules/gammastep/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | services.gammastep = {
4 | enable = true;
5 | enableVerboseLogging = false;
6 | package = pkgs.gammastep;
7 | latitude = -32.917;
8 | longitude = 151.8;
9 | temperature = {
10 | day = 6000;
11 | night = 3700;
12 | };
13 | settings = {
14 | general = {
15 | brightness-day = "1";
16 | brightness-night = "0.6";
17 | adjustment-method = "wayland";
18 | };
19 | };
20 | tray = false;
21 | };
22 | }
23 |
--------------------------------------------------------------------------------
/home-manager-modules/helix/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | programs.helix = {
3 | enable = true;
4 | languages = [ ];
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/home-manager-modules/home-manager/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | home.stateVersion = "23.11";
3 | programs.home-manager.enable = true;
4 | }
5 |
--------------------------------------------------------------------------------
/home-manager-modules/hstr/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | let
3 | enable = true;
4 |
5 | enableBashIntegration = config.programs.bash.enable;
6 | enableZshIntegration = config.programs.zsh.enable;
7 |
8 | in
9 | {
10 | programs.hstr = {
11 | inherit enable enableBashIntegration enableZshIntegration;
12 | };
13 | }
14 |
--------------------------------------------------------------------------------
/home-manager-modules/htop/default.nix:
--------------------------------------------------------------------------------
1 | _: { programs.htop.enable = true; }
2 |
--------------------------------------------------------------------------------
/home-manager-modules/hypridle/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, config, ... }:
2 | let
3 | lockCmd = "${config.programs.hyprlock.package}/bin/hyprlock";
4 | hyprctl = "${config.wayland.windowManager.hyprland.package}/bin/hyprctl";
5 | in
6 | {
7 | services.hypridle = {
8 | enable = true;
9 |
10 | settings = {
11 | beforeSleepCmd = "${pkgs.systemd}/bin/loginctl lock-session";
12 |
13 | listener = [
14 | {
15 | timeout = 300;
16 | onTimeout = lockCmd;
17 | }
18 | {
19 | timeout = 600;
20 | onTimeout = "${hyprctl} dispatch dpms off";
21 | onResume = "${hyprctl} dispatch dpms on";
22 | }
23 | ];
24 |
25 | inherit lockCmd;
26 | };
27 | };
28 | }
29 |
--------------------------------------------------------------------------------
/home-manager-modules/hyprpaper/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, self, ... }:
2 | let
3 | inherit (self.packages.${pkgs.system}) mario-homelab-pixelart-wallpaper;
4 | in
5 | {
6 | services.hyprpaper = {
7 | enable = true;
8 | settings = {
9 | ipc = "on";
10 | splash = false;
11 |
12 | preload = [ "${mario-homelab-pixelart-wallpaper}/share/wallpaper.jpg" ];
13 |
14 | wallpaper = [ ",${mario-homelab-pixelart-wallpaper}/share/wallpaper.jpg" ];
15 | };
16 | };
17 | }
18 |
--------------------------------------------------------------------------------
/home-manager-modules/i3/default.nix:
--------------------------------------------------------------------------------
1 | { lib, pkgs, ... }:
2 |
3 | let
4 | modifier = "modifier4";
5 | keybindings = lib.mkOptionDefault {
6 | "${modifier}+p" = "exec ${pkgs.dmenu}/bin/dmenu_run";
7 | "${modifier}+x" = "exec sh -c '${pkgs.maim}/bin/maim -s | xclip -selection clipboard -t image/png'";
8 | "${modifier}+Shift+x" = "exec sh -c '${pkgs.i3lock}/bin/i3lock -c 222222 & sleep 5 && xset dpms force of'";
9 |
10 | # Move
11 | "${modifier}+Shift+Control+left" = "move left";
12 | "${modifier}+Shift+Control+down" = "move down";
13 | "${modifier}+Shift+Control+up" = "move up";
14 | "${modifier}+Shift+Control+right" = "move right";
15 | };
16 | in
17 | {
18 | xsession.windowManager.i3 = {
19 | enable = true;
20 | config = {
21 | inherit keybindings modifier;
22 |
23 | bars = [
24 | {
25 | position = "bottom";
26 | statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ${./i3status-rust.toml}";
27 | }
28 | ];
29 | };
30 | };
31 | }
32 |
--------------------------------------------------------------------------------
/home-manager-modules/jq/default.nix:
--------------------------------------------------------------------------------
1 | _: { programs.jq.enable = true; }
2 |
--------------------------------------------------------------------------------
/home-manager-modules/kitty/default.nix:
--------------------------------------------------------------------------------
1 | _: { programs.kitty.enable = true; }
2 |
--------------------------------------------------------------------------------
/home-manager-modules/lutris/default.nix:
--------------------------------------------------------------------------------
1 | { osConfig, pkgs, ... }:
2 | let
3 | inherit (pkgs) system;
4 |
5 | wayland-present = builtins.any (x: x) [
6 | osConfig.services.xserver.displayManager.gdm.wayland
7 | osConfig.programs.hyprland.enable
8 | osConfig.programs.xwayland.enable
9 | ];
10 |
11 | wine-wayland-compatible = builtins.elem system pkgs.wine-wayland.meta.platforms;
12 |
13 | use-wayland = wayland-present && wine-wayland-compatible;
14 |
15 | in
16 | {
17 | home.packages =
18 | with pkgs;
19 | [ lutris ]
20 | ++ (lib.optional use-wayland wine-wayland)
21 | ++ (lib.optional (!use-wayland) wine);
22 | }
23 |
--------------------------------------------------------------------------------
/home-manager-modules/mako/default.nix:
--------------------------------------------------------------------------------
1 | _: { services.mako.enable = true; }
2 |
--------------------------------------------------------------------------------
/home-manager-modules/man/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | programs.man = {
3 | enable = false;
4 | generateCaches = false;
5 | };
6 |
7 | manual.manpages.enable = false;
8 | }
9 |
--------------------------------------------------------------------------------
/home-manager-modules/mopidy/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | services.mopidy = {
4 | enable = true;
5 | extensionPackages = with pkgs; [
6 | mopidy-iris
7 | mopidy-jellyfin
8 | mopidy-mpris
9 | ];
10 | settings = {
11 | audio = {
12 | mixer = "software";
13 | mixer_volume = "";
14 | output = "autoaudiosink";
15 | buffer_time = "";
16 | };
17 |
18 | core = {
19 | max_tracklist_length = 10000;
20 | restore_state = false;
21 | };
22 |
23 | http = {
24 | enabled = true;
25 | hostname = "0.0.0.0";
26 | port = 6680;
27 | csrf_protection = true;
28 | };
29 |
30 | jellyfin = {
31 | hostname = "jellyfin.rovacsek.com";
32 | # TODO: get these into age
33 | username = "";
34 | password = "";
35 | libraries = "Music";
36 | album_format = "{ProductionYear} - {Name}";
37 | };
38 | };
39 | };
40 | }
41 |
--------------------------------------------------------------------------------
/home-manager-modules/nextcloud-client/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, lib, ... }:
2 | {
3 | services.nextcloud-client = lib.mkIf pkgs.stdenv.isLinux {
4 | enable = true;
5 | startInBackground = true;
6 | };
7 | }
8 |
--------------------------------------------------------------------------------
/home-manager-modules/nix-index/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | let
3 | enable = true;
4 |
5 | enableBashIntegration = config.programs.bash.enable;
6 | enableFishIntegration = config.programs.fish.enable;
7 | enableZshIntegration = config.programs.zsh.enable;
8 |
9 | in
10 | {
11 | programs.nix-index = {
12 | inherit
13 | enable
14 | enableBashIntegration
15 | enableFishIntegration
16 | enableZshIntegration
17 | ;
18 | };
19 | }
20 |
--------------------------------------------------------------------------------
/home-manager-modules/nur/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | imports = [
4 | self.inputs.nur.modules.homeManager.default
5 | ];
6 | }
7 |
--------------------------------------------------------------------------------
/home-manager-modules/r2modman/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | home.packages = with pkgs; [ r2modman ];
4 | }
5 |
--------------------------------------------------------------------------------
/home-manager-modules/rofi/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | pkgs,
3 | lib,
4 | osConfig,
5 | ...
6 | }:
7 | let
8 | # Hack to make home manager module that is linux
9 | # specific not cause explosions if accidentally loaded onto
10 | # a non-linux system.
11 | inherit (lib.strings) hasInfix;
12 | enable = hasInfix "linux" osConfig.nixpkgs.system;
13 | in
14 | {
15 | programs.rofi = {
16 | inherit enable;
17 | terminal = "${pkgs.alacritty}/bin/alacritty";
18 | extraConfig.modi = "drun";
19 | };
20 | }
21 |
--------------------------------------------------------------------------------
/home-manager-modules/slack/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, lib, ... }:
2 | let
3 | enable = with pkgs.stdenv; !(isLinux && isAarch64);
4 |
5 | packages = lib.optionals enable (with pkgs; [ slack ]);
6 | in
7 | {
8 | home = {
9 | inherit packages;
10 | };
11 |
12 | nixpkgs.config.allowUnfree = true;
13 | }
14 |
--------------------------------------------------------------------------------
/home-manager-modules/thunderbird/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | programs.thunderbird = {
3 | enable = true;
4 | profiles."gx3vop3t" = {
5 | isDefault = true;
6 | settings = {
7 | "calendar.alarms.playsound" = false;
8 | "calendar.alarms.show" = false;
9 | "calendar.alarms.showmissed" = false;
10 | };
11 | };
12 | settings = {
13 | "general.useragent.override" = "";
14 | "privacy.donottrackheader.enabled" = true;
15 | };
16 | };
17 | }
18 |
--------------------------------------------------------------------------------
/home-manager-modules/utm/default.nix:
--------------------------------------------------------------------------------
1 | { lib, pkgs, ... }:
2 | {
3 | home.packages = lib.optionals pkgs.stdenv.isDarwin (with pkgs; [ utm ]);
4 | }
5 |
--------------------------------------------------------------------------------
/home-manager-modules/vim/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | programs.vim = {
3 | enable = true;
4 | defaultEditor = true;
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/home-manager-modules/waybar/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | pkgs,
3 | lib,
4 | self,
5 | ...
6 | }:
7 | let
8 | settings = import ./settings.nix { inherit pkgs self; };
9 | enable = true;
10 | systemd = {
11 | enable = true;
12 | target = "display-manager.service";
13 | };
14 | in
15 | {
16 | programs.waybar = {
17 | inherit enable systemd settings;
18 | };
19 | systemd.user.services.waybar.Service.Restart = lib.mkForce "always";
20 | }
21 |
--------------------------------------------------------------------------------
/home-manager-modules/wlsunset/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | services.wlsunset = {
4 | enable = true;
5 | package = pkgs.wlsunset;
6 | gamma = "1";
7 | latitude = "-32.917";
8 | longitude = "151.8";
9 | systemdTarget = "graphical-session.target";
10 | temperature = {
11 | day = 6500;
12 | night = 3500;
13 | };
14 | };
15 | }
16 |
--------------------------------------------------------------------------------
/home-manager-modules/wofi/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | home.packages = with pkgs; [ wofi ];
4 | }
5 |
--------------------------------------------------------------------------------
/home-manager-modules/xdg/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | lib,
4 | pkgs,
5 | ...
6 | }:
7 | {
8 | xdg = lib.mkIf pkgs.stdenv.isLinux {
9 | enable = true;
10 | userDirs = {
11 | enable = true;
12 | createDirectories = true;
13 | extraConfig = {
14 | XDG_DEVELOPMENT_DIR = "${config.home.homeDirectory}/dev";
15 | };
16 | };
17 | };
18 | }
19 |
--------------------------------------------------------------------------------
/hosts/butterfree/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | pkgs,
4 | self,
5 | ...
6 | }:
7 | let
8 | inherit (pkgs) system;
9 | inherit (self) common;
10 | inherit (self.common.home-manager-module-sets) cli;
11 | inherit (self.lib) merge;
12 |
13 | inherit (self.packages.${system}) ditto-transform;
14 |
15 | jay = common.users.jay {
16 | inherit config pkgs;
17 | modules = cli;
18 | };
19 |
20 | user-configs = merge [ jay ];
21 | in
22 | {
23 | inherit (user-configs) users home-manager;
24 |
25 | # Once a ditto, always a ditto.
26 | environment.systemPackages = [ ditto-transform ] ++ (with pkgs; [ git ]);
27 |
28 | imports = with self.nixosModules; [
29 | agenix
30 | amazon-image
31 | clamav
32 | disable-assertions
33 | nix-topology
34 | gnupg
35 | lorri
36 | nix
37 | openssh
38 | ssm
39 | time
40 | timesyncd
41 | zsh
42 | ];
43 |
44 | networking.hostName = "butterfree";
45 | system.stateVersion = "23.05";
46 | }
47 |
--------------------------------------------------------------------------------
/hosts/dragonite/microvms.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | let
3 | party = [
4 | "bellsprout"
5 | "igglybuff"
6 | "machop"
7 | "magikarp"
8 | "mankey"
9 | "meowth"
10 | "mr-mime"
11 | "nidoking"
12 | "nidorina"
13 | "nidorino"
14 | "oddish"
15 | "poliwag"
16 | "slowpoke"
17 | "tentacruel"
18 | ];
19 | in
20 | {
21 | microvm = {
22 | macvlans = builtins.map (
23 | vlan: vlan // { parent = "10-wired"; }
24 | ) self.common.config.networks;
25 |
26 | vms = builtins.foldl' (
27 | acc: host:
28 | acc
29 | // {
30 | ${host} = {
31 | config =
32 | { ... }:
33 | {
34 | imports = [ (./. + "/../${host}") ];
35 | };
36 |
37 | specialArgs = {
38 | inherit self;
39 | microvm = true;
40 | };
41 | };
42 | }
43 | ) { } party;
44 | };
45 | }
46 |
--------------------------------------------------------------------------------
/hosts/ivysaur/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | lib,
4 | pkgs,
5 | self,
6 | ...
7 | }:
8 |
9 | let
10 | inherit (self.lib) merge;
11 |
12 | jay = self.common.users.jay {
13 | inherit config pkgs;
14 | modules = with self.common.home-manager-module-sets; cli ++ impermanence;
15 | };
16 |
17 | user-configs = merge [
18 | jay
19 | ];
20 | in
21 | {
22 | inherit (user-configs) users home-manager;
23 |
24 | imports = with self.nixosModules; [
25 | ./disk-config.nix
26 | agenix
27 | alloy
28 | blocky
29 | generations
30 | home-manager
31 | impermanence
32 | logging
33 | nix
34 | nix-topology
35 | openssh
36 | ssh
37 | ssh
38 | sudo
39 | time
40 | timesyncd
41 | tmp-tmpfs
42 | zramSwap
43 | zsh
44 | ];
45 |
46 | networking.hostName = lib.mkForce "ivysaur";
47 |
48 | services.openssh.settings.PermitRootLogin = lib.mkForce "no";
49 | }
50 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/README.md:
--------------------------------------------------------------------------------
1 | # Lavender Tower
2 |
3 | Sometimes Pokemon pass on, while we're source controlled, these hosts are not removed but deprecated and maybe one-day we'll buy a revive for them.
4 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/cloyster-macos/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | pkgs,
4 | lib,
5 | self,
6 | ...
7 | }:
8 | let
9 | inherit (self) common;
10 | inherit (self.common.home-manager-module-sets) darwin-desktop;
11 | inherit (self.lib) merge;
12 |
13 | jay = common.users."jrovacsek" {
14 | inherit config pkgs;
15 | modules = darwin-desktop;
16 | };
17 | user-configs = merge [ jay ];
18 | in
19 | {
20 | inherit (user-configs) users home-manager;
21 |
22 | imports = [
23 | ./modules.nix
24 | ./system-packages.nix
25 | ./secrets.nix
26 | ];
27 |
28 | services.nix-daemon.enable = true;
29 |
30 | networking = {
31 | computerName = "cloyster";
32 | hostName = "cloyster";
33 | localHostName = "cloyster";
34 | };
35 |
36 | system.stateVersion = 4;
37 | }
38 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/cloyster-macos/modules.nix:
--------------------------------------------------------------------------------
1 | {
2 | imports = [
3 | ../../modules/docker-darwin
4 | ../../modules/darwin-settings
5 | ../../modules/dockutil
6 | ../../modules/documentation
7 | ../../modules/fonts
8 | ../../modules/gnupg
9 | ../../modules/lorri
10 | ../../modules/networking
11 | ../../modules/nix
12 | ../../modules/time
13 | ../../modules/yabai
14 | ../../modules/zsh
15 | ];
16 | }
17 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/cloyster-macos/secrets.nix:
--------------------------------------------------------------------------------
1 | {
2 | # G'day future self - move this file to default location:
3 | # /etc/ssh/ssh_host_ed25519_key
4 | # identityPaths = [ /Users/jrovacsek/.ssh/ssh_host_ed25519_key ];
5 | age.secrets = {
6 | jrovacsek-id-ed25519-sk-type-a-1 = {
7 | file = ../../secrets/ssh/type-a-1.age;
8 | owner = "jrovacsek";
9 | };
10 |
11 | jrovacsek-id-ed25519-sk-type-a-2 = {
12 | file = ../../secrets/ssh/type-a-2.age;
13 | owner = "jrovacsek";
14 | };
15 |
16 | jrovacsek-id-ed25519-sk-type-c-1 = {
17 | file = ../../secrets/ssh/type-c-1.age;
18 | owner = "jrovacsek";
19 | };
20 |
21 | jrovacsek-id-ed25519-sk-type-c-2 = {
22 | file = ../../secrets/ssh/type-c-2.age;
23 | owner = "jrovacsek";
24 | };
25 | };
26 | }
27 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/cloyster-macos/system-packages.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | environment.systemPackages = with pkgs; [ agenix ];
4 | }
5 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/ninetales/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | imports = [
3 | ./hardware-configuration.nix
4 | ./modules.nix
5 | ./system-packages.nix
6 | ];
7 |
8 | networking = {
9 | hostId = "4148aee3";
10 | hostName = "ninetales";
11 | };
12 |
13 | boot = {
14 | kernelBuildIsCross = true;
15 | loader = {
16 | systemd-boot.enable = true;
17 | efi.canTouchEfiVariables = false;
18 | };
19 | };
20 |
21 | nixpkgs.config.allowUnsupportedSystem = true;
22 | }
23 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/ninetales/hardware-configuration.nix:
--------------------------------------------------------------------------------
1 | # Do not modify this file! It was generated by ‘nixos-generate-config’
2 | # and may be overwritten by future invocations. Please make changes
3 | # to /etc/nixos/configuration.nix instead.
4 | { lib, modulesPath, ... }:
5 |
6 | {
7 | imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
8 |
9 | boot = {
10 | extraModulePackages = [ ];
11 | kernelModules = [ ];
12 | initrd = {
13 | availableKernelModules = [ "usb_storage" ];
14 | initrd.kernelModules = [ ];
15 | };
16 | };
17 |
18 | fileSystems = {
19 | "/" = {
20 | device = "/dev/disk/by-uuid/ed6692c5-d0ff-44df-8611-b51ee53c05d7";
21 | fsType = "ext4";
22 | };
23 |
24 | "/boot" = {
25 | device = "/dev/disk/by-uuid/AD9C-14E6";
26 | fsType = "vfat";
27 | };
28 | };
29 |
30 | swapDevices = [ ];
31 |
32 | networking.useDHCP = false;
33 |
34 | powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
35 | # high-resolution display
36 | hardware.video.hidpi.enable = lib.mkDefault true;
37 | }
38 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/ninetales/modules.nix:
--------------------------------------------------------------------------------
1 | {
2 | imports = [
3 | ../../modules/gnupg
4 | ../../modules/hardware/m1
5 | ../../modules/gnome
6 | ../../modules/networking
7 | ../../modules/nix
8 | ../../modules/openssh
9 | ../../modules/time
10 | ../../modules/timesyncd
11 | ../../modules/udev
12 | ../../modules/zsh
13 | ];
14 | }
15 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/ninetales/system-packages.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | environment.systemPackages = with pkgs; [
4 | htop
5 | git
6 | ];
7 | }
8 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/ninetales/user-modules.nix:
--------------------------------------------------------------------------------
1 | {
2 | imports = [
3 | ../../modules/alacritty
4 | ../../modules/firefox
5 | ../../modules/lsd
6 | ../../modules/starship
7 | ../../modules/vscodium
8 | ];
9 | }
10 |
--------------------------------------------------------------------------------
/hosts/lavender-tower/ninetales/users.nix:
--------------------------------------------------------------------------------
1 | let
2 | jay = import ../../users/standard/jay.nix;
3 | in
4 | [ jay ]
5 |
--------------------------------------------------------------------------------
/hosts/magikarp/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | imports = with self.nixosModules; [
4 | agenix
5 | alloy
6 | headscale
7 | microvm-guest
8 | nix-topology
9 | time
10 | timesyncd
11 | ];
12 |
13 | age.identityPaths = [ "/agenix/id-ed25519-magikarp-primary" ];
14 |
15 | networking.hostName = "magikarp";
16 |
17 | microvm = {
18 | interfaces = [
19 | {
20 | type = "macvtap";
21 | id = config.networking.hostName;
22 | mac = "02:42:c0:a8:19:02";
23 | macvtap = {
24 | link = "headscale";
25 | mode = "bridge";
26 | };
27 | }
28 | ];
29 | };
30 |
31 | system.stateVersion = "24.05";
32 | }
33 |
--------------------------------------------------------------------------------
/hosts/meowth/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | imports = with self.nixosModules; [
4 | agenix
5 | alloy
6 | microvm-guest
7 | nix-topology
8 | prowlarr
9 | time
10 | timesyncd
11 | ];
12 |
13 | networking.hostName = "meowth";
14 |
15 | microvm = {
16 | interfaces = [
17 | {
18 | type = "macvtap";
19 | id = config.networking.hostName;
20 | mac = "02:42:c0:a8:04:89";
21 | macvtap = {
22 | link = "download";
23 | mode = "bridge";
24 | };
25 | }
26 | ];
27 |
28 | mem = 1024;
29 | };
30 |
31 | system.stateVersion = "24.05";
32 | }
33 |
--------------------------------------------------------------------------------
/hosts/mew/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | pkgs,
4 | lib,
5 | self,
6 | ...
7 | }:
8 |
9 | let
10 | inherit (self) common;
11 | inherit (self.lib) merge;
12 | inherit (self.common.home-manager-module-sets) hyprland-desktop;
13 |
14 | test = common.users.test {
15 | inherit config pkgs;
16 | modules = hyprland-desktop;
17 | };
18 |
19 | user-configs = merge [ test ];
20 |
21 | in
22 | {
23 | inherit (user-configs) users home-manager;
24 |
25 | environment.systemPackages = with pkgs; [
26 | curl
27 | wget
28 | ];
29 |
30 | imports = with self.nixosModules; [
31 | agenix
32 | disable-assertions
33 | hyprland
34 | lorri
35 | nix-topology
36 | nix
37 | time
38 | timesyncd
39 | zsh
40 | ];
41 |
42 | networking = {
43 | hostName = "mew";
44 | useDHCP = true;
45 | };
46 |
47 | system.stateVersion = "22.11";
48 | }
49 |
--------------------------------------------------------------------------------
/hosts/nidorina/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | imports =
4 | (with self.nixosModules; [
5 | acme
6 | agenix
7 | alloy
8 | ddclient
9 | microvm-guest
10 | nginx
11 | nix-topology
12 | time
13 | timesyncd
14 | tmp-tmpfs
15 | ])
16 | ++ [ ./nginx.nix ];
17 |
18 | microvm = {
19 | interfaces = [
20 | {
21 | type = "macvtap";
22 | id = config.networking.hostName;
23 | mac = "02:42:c0:a8:05:03";
24 | macvtap = {
25 | link = "reverse-proxy";
26 | mode = "bridge";
27 | };
28 | }
29 | ];
30 |
31 | mem = 4096;
32 | };
33 |
34 | networking.hostName = "nidorina";
35 |
36 | system.stateVersion = "24.05";
37 | }
38 |
--------------------------------------------------------------------------------
/hosts/nidorino/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | imports = with self.nixosModules; [
4 | ./authelia.nix
5 | agenix
6 | alloy
7 | authelia
8 | microvm-guest
9 | nginx
10 | nix-topology
11 | time
12 | timesyncd
13 | ];
14 |
15 | microvm = {
16 | interfaces = [
17 | {
18 | type = "macvtap";
19 | id = config.networking.hostName;
20 | mac = "02:42:c0:a8:09:02";
21 | macvtap = {
22 | link = "auth";
23 | mode = "bridge";
24 | };
25 | }
26 | ];
27 |
28 | mem = 1024;
29 | vcpu = 2;
30 | };
31 |
32 | networking.hostName = "nidorino";
33 |
34 | services.nginx.statusPage = true;
35 |
36 | system.stateVersion = "24.05";
37 | }
38 |
--------------------------------------------------------------------------------
/hosts/porygon/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | imports = with self.nixosModules; [
4 | agenix
5 | alloy
6 | microvm-guest
7 | nix-topology
8 | palworld
9 | time
10 | timesyncd
11 | ];
12 |
13 | microvm = {
14 | interfaces = [
15 | {
16 | type = "macvtap";
17 | id = config.networking.hostName;
18 | mac = "02:42:c0:a8:11:02";
19 | macvtap = {
20 | link = "game";
21 | mode = "bridge";
22 | };
23 | }
24 | ];
25 |
26 | mem = 8096;
27 |
28 | shares = [
29 | {
30 | # On the host
31 | source = "/srv/games/servers";
32 | # In the MicroVM
33 | mountPoint = "/srv/games/servers";
34 | tag = "game-server-files";
35 | proto = "virtiofs";
36 | }
37 | ];
38 | vcpu = 4;
39 | };
40 |
41 | networking.hostName = "porygon";
42 |
43 | system.stateVersion = "24.05";
44 |
45 | }
46 |
--------------------------------------------------------------------------------
/hosts/slowpoke/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | imports = with self.nixosModules; [
4 | agenix
5 | alloy
6 | flaresolverr
7 | microvm-guest
8 | nix-topology
9 | time
10 | timesyncd
11 | ];
12 |
13 | networking.hostName = "slowpoke";
14 |
15 | microvm = {
16 | interfaces = [
17 | {
18 | type = "macvtap";
19 | id = config.networking.hostName;
20 | mac = "02:42:c0:a8:04:8a";
21 | macvtap = {
22 | link = "download";
23 | mode = "bridge";
24 | };
25 | }
26 | ];
27 |
28 | mem = 1024;
29 | };
30 |
31 | system.stateVersion = "24.05";
32 | }
33 |
--------------------------------------------------------------------------------
/hosts/tentacruel/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | imports = with self.nixosModules; [
4 | agenix
5 | alloy
6 | home-assistant
7 | microvm-guest
8 | nix-topology
9 | time
10 | timesyncd
11 | ];
12 |
13 | microvm = {
14 | interfaces = [
15 | {
16 | type = "macvtap";
17 | id = config.networking.hostName;
18 | mac = "02:42:c0:a8:0c:02";
19 | macvtap = {
20 | link = "home-assistant";
21 | mode = "bridge";
22 | };
23 | }
24 | ];
25 |
26 | mem = 4096;
27 |
28 | shares = [
29 | {
30 | # On the host
31 | source = "/srv/home_assistant";
32 | # In the MicroVM
33 | mountPoint = "/srv/home_assistant";
34 | tag = "home_assistant";
35 | proto = "virtiofs";
36 | }
37 | ];
38 | vcpu = 2;
39 | };
40 |
41 | networking.hostName = "tentacruel";
42 |
43 | system.stateVersion = "24.11";
44 | }
45 |
--------------------------------------------------------------------------------
/hosts/zubat/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | pkgs,
4 | self,
5 | ...
6 | }:
7 | let
8 | inherit (self) common;
9 | inherit (self.common.home-manager-module-sets) cli;
10 | inherit (self.lib) merge;
11 |
12 | jay = common.users.jay {
13 | inherit config pkgs;
14 | modules = cli;
15 | };
16 |
17 | user-configs = merge [ jay ];
18 | in
19 | {
20 | inherit (user-configs) users home-manager;
21 |
22 | age.identityPaths = [ "/agenix/id-ed25519-ssh-primary" ];
23 |
24 | environment.systemPackages = with pkgs; [
25 | # CLI
26 | curl
27 | wget
28 | ];
29 |
30 | imports = with self.nixosModules; [
31 | agenix
32 | generations
33 | lorri
34 | nix
35 | nix-topology
36 | time
37 | timesyncd
38 | self.inputs.nixos-wsl.nixosModules.wsl
39 | zsh
40 | ];
41 |
42 | networking.hostName = "zubat";
43 |
44 | system.stateVersion = "22.05";
45 |
46 | wsl = {
47 | defaultUser = "jay";
48 | enable = true;
49 | startMenuLaunchers = true;
50 | wslConf.automount.root = "/mnt";
51 | };
52 | }
53 |
--------------------------------------------------------------------------------
/hydra/spec.json:
--------------------------------------------------------------------------------
1 | {
2 | "checkinterval": 60,
3 | "description": "nix-config auto-generated",
4 | "emailoverride": "",
5 | "enabled": 1,
6 | "enableemail": false,
7 | "hidden": false,
8 | "inputs": {
9 | "nixexpr": {
10 | "emailresponsible": false,
11 | "type": "git",
12 | "value": "https://github.com/JayRovacsek/nix-config main"
13 | },
14 | "nixpkgs": {
15 | "emailresponsible": false,
16 | "type": "path",
17 | "value": "/nix/store/19kjl5p3hx3l51yfnii653a3qzm4l6hf-source"
18 | },
19 | "pulls": {
20 | "emailresponsible": false,
21 | "type": "githubpulls",
22 | "value": "JayRovacsek nix-config"
23 | }
24 | },
25 | "keepnr": 3,
26 | "nixexprinput": "nixexpr",
27 | "nixexprpath": "hydra/jobsets.nix",
28 | "schedulingshares": 100,
29 | "type": 0
30 | }
31 |
--------------------------------------------------------------------------------
/lib/certificates.nix:
--------------------------------------------------------------------------------
1 | _:
2 | let
3 | fn =
4 | { pkgs, ... }:
5 | let
6 | inherit (pkgs) callPackage;
7 | in
8 | {
9 | generate-self-signed =
10 | domain:
11 | callPackage ../packages/other/self-signed-certificate { inherit domain; };
12 | };
13 | in
14 | fn
15 |
--------------------------------------------------------------------------------
/lib/docker.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | generate-config = cfg: {
3 | "${cfg.serviceName}" = {
4 | inherit (cfg)
5 | autoStart
6 | image
7 | ports
8 | volumes
9 | environment
10 | extraOptions
11 | user
12 | ;
13 | };
14 | };
15 | }
16 |
--------------------------------------------------------------------------------
/lib/etc.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | generate-file =
3 | { config, ... }:
4 | {
5 | "${config.name}" = {
6 | inherit (config)
7 | text
8 | uid
9 | gid
10 | mode
11 | ;
12 | };
13 | };
14 | }
15 |
--------------------------------------------------------------------------------
/lib/home-manager.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | # The signature of this function should match that of mainline HM:
4 | # https://github.com/nix-community/home-manager/blob/440faf5ae472657ef2d8cc7756d77b6ab0ace68d/flake.nix#L42
5 | # Ofc - don't use hyperlink above as it's static in reference :)
6 | fn =
7 | { pkgs, ... }:
8 | let
9 | inherit (self.inputs) home-manager;
10 | inherit (pkgs.stdenv) isLinux;
11 |
12 | base = {
13 | home-manager.useUserPackages = true;
14 | };
15 |
16 | in
17 | if isLinux then
18 | [
19 | base
20 | home-manager.nixosModules.default
21 | ]
22 | else
23 | [
24 | base
25 | home-manager.darwinModules.default
26 | ];
27 | in
28 | fn
29 |
--------------------------------------------------------------------------------
/lib/hyprland.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.inputs.nixpkgs) lib;
4 | inherit (lib.strings) optionalString;
5 | in
6 | {
7 | generate-monitors = builtins.map (
8 | m:
9 | "${m.name},${m.resolution},${m.position},${m.scale}${
10 | optionalString (m.extra != "") ",${m.extra}"
11 | }"
12 | );
13 | }
14 |
--------------------------------------------------------------------------------
/lib/intersect-multiple-lists.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.inputs.nixpkgs) lib;
4 | inherit (lib.lists) intersectLists drop take;
5 | in
6 | lists:
7 | # CURRENTLY BROKEN
8 | # TODO: resolve
9 | if ((builtins.length lists) > 2) then
10 | self.lib.intersect-multiple-lists (intersectLists (take 2 lists)) (drop 2 lists)
11 | else
12 | intersectLists lists
13 |
--------------------------------------------------------------------------------
/lib/merge.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | let
3 | inherit (self.inputs.nixpkgs.lib) recursiveUpdate;
4 | in
5 | builtins.foldl' recursiveUpdate { }
6 |
--------------------------------------------------------------------------------
/lib/ssh.nix:
--------------------------------------------------------------------------------
1 | _:
2 | let
3 |
4 | # So this is a fair hack to avoid evaluation time per host in this
5 | # flake. But we will likely be able to address failing points with this in
6 | # the future by creating a new app to accompany distributed builds
7 | # that would generate ahead of time better FQDN names when tailscale is
8 | # also in the mix
9 | #
10 | # TODO: be less hacky
11 | system-configs = builtins.fromJSON (
12 | builtins.readFile ../static/build-machines.json
13 | );
14 |
15 | generate-ssh-config =
16 | user: identity-files:
17 | builtins.map (cfg: ''
18 | Host ${cfg.hostName}
19 | AddKeysToAgent yes
20 | ConnectTimeout 3
21 | ForwardAgent yes
22 | HostName ${cfg.hostName}
23 | IdentitiesOnly yes
24 | User ${user}
25 | ${identity-files}
26 | '') system-configs;
27 |
28 | in
29 | {
30 | inherit generate-ssh-config;
31 | }
32 |
--------------------------------------------------------------------------------
/lib/tailscale.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | lookup-tailnet = hostname: self.common.tailscale.tailnet.${hostname};
4 | }
5 |
--------------------------------------------------------------------------------
/lib/terraform.nix:
--------------------------------------------------------------------------------
1 | _: { tfvar = string: "\${var.${string}}"; }
2 |
--------------------------------------------------------------------------------
/modules/agenix/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | imports = [ self.inputs.agenix.nixosModules.default ];
4 | }
5 |
--------------------------------------------------------------------------------
/modules/amazon-image/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, lib, ... }:
2 | {
3 | boot = {
4 | kernelPackages = pkgs.linuxPackages_6_1_hardened;
5 |
6 | loader = {
7 | grub = {
8 | device = "/dev/xvda";
9 | forceInstall = true;
10 | splashImage = lib.mkForce null;
11 | };
12 | };
13 | };
14 |
15 | networking = {
16 | interfaces.eth0.useDHCP = true;
17 | usePredictableInterfaceNames = false;
18 | };
19 | }
20 |
--------------------------------------------------------------------------------
/modules/auto-upgrade/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | {
3 | system.autoUpgrade = {
4 | enable = true;
5 | allowReboot = false;
6 | dates = "daily";
7 | flake = "github:JayRovacsek/nix-config/main#${config.networking.hostName}";
8 | };
9 | }
10 |
--------------------------------------------------------------------------------
/modules/bazarr/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.bazarr = {
3 | enable = true;
4 | openFirewall = true;
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/modules/bedrock-connect/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | let
3 | inherit (self.common.config.services) bedrock-connect minecraft;
4 | in
5 | {
6 | imports = [
7 | ../../options/modules/bedrock-connect
8 | ];
9 |
10 | services.blocky.settings.customDNS.mapping = {
11 | "geo.hivebedrock.network" = minecraft.ipv4;
12 | "hivebedrock.network" = minecraft.ipv4;
13 | "play.inpvp.net" = minecraft.ipv4;
14 | "mco.lbsg.net" = minecraft.ipv4;
15 | "play.galaxite.net" = minecraft.ipv4;
16 | "play.enchanted.gg" = minecraft.ipv4;
17 | };
18 |
19 | networking.firewall.allowedUDPPorts = [ bedrock-connect.port ];
20 |
21 | services.bedrock-connect = {
22 | enable = true;
23 | servers = [
24 | {
25 | name = "Home Server";
26 | iconUrl = "https://i.imgur.com/nhumQVP.png";
27 | address = minecraft.ipv4;
28 | port = minecraft.bedrock-port;
29 | }
30 | ];
31 | };
32 | }
33 |
--------------------------------------------------------------------------------
/modules/bluetooth/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | {
3 | hardware.bluetooth = {
4 | enable = true;
5 | hsphfpd.enable = !config.services.pipewire.wireplumber.enable;
6 | };
7 |
8 | services.blueman.enable = true;
9 | }
10 |
--------------------------------------------------------------------------------
/modules/darwin-settings/custom-system-preferences.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | system.defaults.CustomSystemPreferences = {
4 | # "com.apple.finder" = {
5 | # ShowExternalHardDrivesOnDesktop = true;
6 | # ShowHardDrivesOnDesktop = true;
7 | # ShowMountedServersOnDesktop = true;
8 | # ShowRemovableMediaOnDesktop = true;
9 | # _FXSortFoldersFirst = true;
10 | # # When performing a search, search the current folder by default
11 | # FXDefaultSearchScope = "SCcf";
12 | # };
13 | # "com.apple.desktopservices" = {
14 | # # Avoid creating .DS_Store files on network or USB volumes
15 | # DSDontWriteNetworkStores = true;
16 | # DSDontWriteUSBStores = true;
17 | # };
18 | "com.apple.desktop" = {
19 | override-picture-path = "${pkgs.fetchurl {
20 | url = "https://openclipart.org/image/2000px/311101";
21 | sha256 = "sha256-mIMXYOENVSgH0PjhO02MM7beg9AT44uVDj/tXxilDx0=";
22 | }}";
23 | };
24 |
25 | # "com.apple.SoftwareUpdate" = {
26 |
27 | # };
28 | };
29 | }
30 |
--------------------------------------------------------------------------------
/modules/darwin-settings/default.nix:
--------------------------------------------------------------------------------
1 | { ... }:
2 | {
3 | imports = [
4 | # ./custom-system-preferences.nix
5 | ./dock.nix
6 | ./finder.nix
7 | ./homebrew.nix
8 | ./keyboard.nix
9 | ./linux-builder.nix
10 | ./login-window.nix
11 | ./networking.nix
12 | ./ns-global-domain.nix
13 | ];
14 | }
15 |
--------------------------------------------------------------------------------
/modules/darwin-settings/dock.nix:
--------------------------------------------------------------------------------
1 | {
2 | system.defaults.dock = {
3 | enable-spring-load-actions-on-all-items = false;
4 | appswitcher-all-displays = true;
5 | autohide = true;
6 | dashboard-in-overlay = false;
7 | expose-group-apps = true;
8 | launchanim = false;
9 | minimize-to-application = false;
10 | mru-spaces = false;
11 | orientation = "left";
12 | show-process-indicators = true;
13 | show-recents = false;
14 | showhidden = false;
15 | static-only = false;
16 | tilesize = 64;
17 | wvous-tl-corner = 2;
18 | };
19 | }
20 |
--------------------------------------------------------------------------------
/modules/darwin-settings/finder.nix:
--------------------------------------------------------------------------------
1 | {
2 | system.defaults.finder = {
3 | AppleShowAllExtensions = true;
4 | AppleShowAllFiles = true;
5 | CreateDesktop = false;
6 | FXEnableExtensionChangeWarning = false;
7 | FXPreferredViewStyle = "Nlsv";
8 | QuitMenuItem = true;
9 | ShowPathbar = true;
10 | ShowStatusBar = true;
11 | _FXShowPosixPathInTitle = true;
12 | };
13 | }
14 |
--------------------------------------------------------------------------------
/modules/darwin-settings/firewall.nix:
--------------------------------------------------------------------------------
1 | {
2 | system.defaults.alf = {
3 | allowdownloadsignedenabled = 0;
4 | allowsignedenabled = 1;
5 | globalstate = 1;
6 | loggingenabled = 1;
7 | stealthenabled = 1;
8 | };
9 | }
10 |
--------------------------------------------------------------------------------
/modules/darwin-settings/keyboard.nix:
--------------------------------------------------------------------------------
1 | {
2 | system.keyboard = {
3 | enableKeyMapping = true;
4 | userKeyMapping = [
5 | {
6 | HIDKeyboardModifierMappingSrc = 30064771299; # Left command
7 | HIDKeyboardModifierMappingDst = 30064771296; # Left control
8 | }
9 | {
10 | HIDKeyboardModifierMappingSrc = 30064771296; # Left control
11 | HIDKeyboardModifierMappingDst = 30064771299; # Left command
12 | }
13 | # Going to remove both being rebound to avoid me not realising this
14 | # some time in the future
15 | # {
16 | # HIDKeyboardModifierMappingSrc = 30064771300; # Right control
17 | # HIDKeyboardModifierMappingDst = 30064771303; # Right command
18 | # }
19 | # {
20 | # HIDKeyboardModifierMappingSrc = 30064771303; # Right command
21 | # HIDKeyboardModifierMappingDst = 30064771300; # Right control
22 | # }
23 | ];
24 | };
25 | }
26 |
--------------------------------------------------------------------------------
/modules/darwin-settings/login-window.nix:
--------------------------------------------------------------------------------
1 | {
2 | system.defaults.loginwindow = {
3 | DisableConsoleAccess = true;
4 | GuestEnabled = false;
5 | PowerOffDisabledWhileLoggedIn = false;
6 | RestartDisabled = false;
7 | RestartDisabledWhileLoggedIn = false;
8 | SHOWFULLNAME = false;
9 | ShutDownDisabled = false;
10 | ShutDownDisabledWhileLoggedIn = false;
11 | SleepDisabled = false;
12 | autoLoginUser = "Off";
13 | };
14 | }
15 |
--------------------------------------------------------------------------------
/modules/darwin-settings/networking.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | imports = [ ../blocky ];
3 |
4 | networking.dns = [ "127.0.0.1" ];
5 | }
6 |
--------------------------------------------------------------------------------
/modules/darwin-settings/ns-global-domain.nix:
--------------------------------------------------------------------------------
1 | {
2 | system.defaults.NSGlobalDomain = {
3 | AppleEnableMouseSwipeNavigateWithScrolls = false;
4 | AppleEnableSwipeNavigateWithScrolls = false;
5 | AppleFontSmoothing = 2;
6 | AppleInterfaceStyle = "Dark";
7 | AppleInterfaceStyleSwitchesAutomatically = false;
8 | AppleShowAllExtensions = true;
9 | AppleShowAllFiles = true;
10 | AppleShowScrollBars = "WhenScrolling";
11 | NSDocumentSaveNewDocumentsToCloud = false;
12 | NSNavPanelExpandedStateForSaveMode = true;
13 | NSNavPanelExpandedStateForSaveMode2 = true;
14 | NSScrollAnimationEnabled = true;
15 | "com.apple.swipescrolldirection" = false;
16 | };
17 | }
18 |
--------------------------------------------------------------------------------
/modules/disable-assertions/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | {
3 | assertions = lib.mkForce [ ];
4 | }
5 |
--------------------------------------------------------------------------------
/modules/docker-darwin/default.nix:
--------------------------------------------------------------------------------
1 | _: { virtualisation.docker.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/docker/default.nix:
--------------------------------------------------------------------------------
1 | { config, lib, ... }:
2 | let
3 | zfsBootSupported =
4 | (lib.filterAttrs (n: v: n == "zfs" && v) config.boot.supportedFilesystems)
5 | != { };
6 |
7 | zfsServiceSupported =
8 | config.services.zfs.autoScrub.enable || config.services.zfs.autoSnapshot.enable;
9 |
10 | enableNvidia = builtins.any (
11 | x: x == "nvidia"
12 | ) config.services.xserver.videoDrivers;
13 |
14 | in
15 | {
16 | virtualisation = {
17 | oci-containers.backend = "docker";
18 | docker = {
19 | inherit enableNvidia;
20 | enable = true;
21 | rootless.enable = true;
22 | autoPrune.enable = true;
23 | };
24 | };
25 |
26 | systemd.services.docker.after = lib.optionals (
27 | zfsBootSupported || zfsServiceSupported
28 | ) [ "zfs-mount.service" ];
29 | systemd.services.docker.unitConfig.RequiresMountsFor = "/var/lib/docker";
30 | }
31 |
--------------------------------------------------------------------------------
/modules/documentation/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | documentation = {
3 | doc.enable = false;
4 | enable = true;
5 | info.enable = false;
6 | man.enable = true;
7 | };
8 | }
9 |
--------------------------------------------------------------------------------
/modules/falcon/default.nix:
--------------------------------------------------------------------------------
1 | _: { services.falcon.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/flaresolverr/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, self, ... }:
2 | {
3 | services.flaresolverr = {
4 | enable = true;
5 | openFirewall = true;
6 | package = pkgs.nur.repos.xddxdd.flaresolverr-21hsmw;
7 | inherit (self.common.config.services.flaresolverr) port;
8 | };
9 | }
10 |
--------------------------------------------------------------------------------
/modules/flatpak/default.nix:
--------------------------------------------------------------------------------
1 | _: { services.flatpak.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/fonts/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | let
3 | hack-font = pkgs.nerd-fonts.hack;
4 | in
5 | {
6 | fonts.packages =
7 | (with pkgs; [
8 | dejavu_fonts
9 | noto-fonts-emoji
10 | ])
11 | ++ [ hack-font ];
12 | }
13 |
--------------------------------------------------------------------------------
/modules/fractal-art/default.nix:
--------------------------------------------------------------------------------
1 | _: { services.fractalart.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/gdm/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | let
3 | wayland = config.programs.hyprland.enable;
4 | enable = true;
5 | in
6 | {
7 | services.xserver = {
8 | inherit enable;
9 | displayManager.gdm = {
10 | inherit enable wayland;
11 | autoSuspend = true;
12 | };
13 | };
14 | }
15 |
--------------------------------------------------------------------------------
/modules/generations/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | boot.loader = {
3 | systemd-boot.configurationLimit = 10;
4 | grub.configurationLimit = 25;
5 | generic-extlinux-compatible.configurationLimit = 20;
6 | };
7 | }
8 |
--------------------------------------------------------------------------------
/modules/geyser-minecraft-server/floodgate-config.nix:
--------------------------------------------------------------------------------
1 | {
2 | config-version = 3;
3 | disconnect = {
4 | invalid-arguments-length = "Expected {} arguments, got {}. Is Geyser up-to-date?";
5 | invalid-key = "Please connect through the official Geyser";
6 | };
7 | key-file-name = "key.pem";
8 | metrics.enabled = false;
9 | player-link = {
10 | allowed = true;
11 | enable-global-linking = true;
12 | enable-own-linking = false;
13 | enabled = true;
14 | link-code-timeout = 300;
15 | require-link = false;
16 | type = "sqlite";
17 | };
18 | replace-spaces = true;
19 | username-prefix = ".";
20 | }
21 |
--------------------------------------------------------------------------------
/modules/gnome-keyring/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | security.pam.services.greetd.enableGnomeKeyring = true;
3 | services.gnome.gnome-keyring.enable = true;
4 | }
5 |
--------------------------------------------------------------------------------
/modules/gnupg/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | programs.gnupg.agent = {
3 | enable = true;
4 | enableSSHSupport = true;
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/modules/grub/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | # This is only suitable for encrypted device configurations.
3 | # to use it outside of those settings we intentionally want
4 | # to introduce pain in the process
5 | boot.loader.grub = {
6 | enable = true;
7 | # Needs to be changed if not utilising encrypted disks
8 | device = "nodev";
9 | efiSupport = true;
10 | # Needs to be changed if not utilising encrypted disks
11 | enableCryptodisk = true;
12 | };
13 | }
14 |
--------------------------------------------------------------------------------
/modules/hardware/m1/default.nix:
--------------------------------------------------------------------------------
1 | { ... }:
2 | {
3 | imports = [
4 | ./kernel
5 | ./firmware
6 | ./boot-m1n1
7 | ];
8 | }
9 |
--------------------------------------------------------------------------------
/modules/hardware/m1/firmware/.gitignore:
--------------------------------------------------------------------------------
1 | *.tar
2 |
--------------------------------------------------------------------------------
/modules/hardware/m1/firmware/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | hardware.firmware = [
4 | (pkgs.stdenvNoCC.mkDerivation {
5 | name = "firmware";
6 | buildCommand = ''
7 | mkdir -p $out/lib/firmware
8 | FIRMWARE=`echo ${./.}/*firmware*.tar`
9 | if [ -e "$FIRMWARE" ]; then
10 | tar xf "$FIRMWARE" -C $out/lib/firmware
11 | fi
12 | '';
13 | })
14 | ];
15 | }
16 |
--------------------------------------------------------------------------------
/modules/hardware/m1/firmware/readme.md:
--------------------------------------------------------------------------------
1 | # Missing Firmware tar blob
2 |
3 | This folder is intentionally lacking a tar file that includes firmware for wireless and more on m1.
4 |
5 | Instructions on generating this tar file are contained in the original work by [tpwrules](https://github.com/tpwrules/nixos-m1/blob/main/docs/uefi-standalone.md) or alternatively forked and [kept stale here](https://github.com/JayRovacsek/nixos-m1)
6 |
--------------------------------------------------------------------------------
/modules/hardware/m1/kernel/default-pagesize-16k.patch:
--------------------------------------------------------------------------------
1 | diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
2 | index a1eb6572ecd2..b94fbd9b3d70 100644
3 | --- a/arch/arm64/Kconfig
4 | +++ b/arch/arm64/Kconfig
5 | @@ -1036,7 +1036,7 @@ endmenu
6 |
7 | choice
8 | prompt "Page size"
9 | - default ARM64_4K_PAGES
10 | + default ARM64_16K_PAGES
11 | help
12 | Page size (translation granule) configuration.
13 |
14 |
--------------------------------------------------------------------------------
/modules/hardware/raspberry-pi-3b-plus/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | boot = {
4 | kernelPackages = pkgs.linuxPackages_rpi3;
5 | kernelParams = [ "cma=128M" ];
6 |
7 | initrd.availableKernelModules = [
8 | "mmc_block"
9 | "usbhid"
10 | "usb_storage"
11 | "vc4"
12 | ];
13 |
14 | loader = {
15 | grub.enable = false;
16 | generic-extlinux-compatible.enable = true;
17 | };
18 | };
19 |
20 | hardware.enableRedistributableFirmware = true;
21 | }
22 |
--------------------------------------------------------------------------------
/modules/harmonia/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | lib,
4 | self,
5 | ...
6 | }:
7 | let
8 | inherit (self.common.config.services) harmonia;
9 | in
10 | {
11 | age = {
12 | identityPaths = [ "/agenix/id-ed25519-nix-serve-primary" ];
13 |
14 | secrets."harmonia-priv-key.pem" = lib.mkForce {
15 | file = ../../secrets/nix-serve/cache-priv-key.pem.age;
16 | owner = "harmonia";
17 | mode = "0400";
18 | };
19 | };
20 |
21 | networking.firewall.allowedTCPPorts = [ harmonia.port ];
22 |
23 | nix.gc.automatic = lib.mkForce false;
24 |
25 | services.harmonia = {
26 | enable = true;
27 | # Refer to: https://github.com/nix-community/harmonia/?tab=readme-ov-file#harmonia
28 | settings = {
29 | bind = "[::]:${builtins.toString harmonia.port}";
30 | priority = 30;
31 | max_connection_rate = 256;
32 | workers = 8;
33 | };
34 |
35 | signKeyPaths = [ config.age.secrets."harmonia-priv-key.pem".path ];
36 | };
37 | }
38 |
--------------------------------------------------------------------------------
/modules/home-assistant/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | {
3 | services.home-assistant = {
4 | config = {
5 | homeassistant = {
6 | name = "Home";
7 | temperature_unit = "C";
8 | time_zone = config.time.timeZone;
9 | unit_system = "metric";
10 | };
11 | http = {
12 | server_host = [ "127.0.0.1" ];
13 | server_port = self.common.config.services.home-assistant.port;
14 | trusted_proxies = [
15 | self.common.config.services.nginx.ipv4
16 | ];
17 | use_x_forwarded_for = true;
18 | };
19 | };
20 | configDir = "/var/lib/hass";
21 | configWritable = false;
22 | customComponents = [ ];
23 | customLovelaceModules = [ ];
24 | enable = true;
25 | extraArgs = [ ];
26 | extraComponents = [
27 | "cloud"
28 | "generic"
29 | "google_translate"
30 | "isal"
31 | "met"
32 | "radio_browser"
33 | ];
34 |
35 | lovelaceConfig = {
36 |
37 | };
38 | lovelaceConfigWritable = false;
39 | openFirewall = true;
40 | };
41 | }
42 |
--------------------------------------------------------------------------------
/modules/home-manager/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | imports = with self.inputs; [ home-manager.nixosModules.default ];
4 | home-manager.extraSpecialArgs = {
5 | inherit self;
6 | };
7 |
8 | }
9 |
--------------------------------------------------------------------------------
/modules/hydra-auto-upgrade/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | imports = [ ../../options/modules/hydra-auto-upgrade ];
3 |
4 | system.hydraAutoUpgrade = {
5 | enable = true;
6 | instance = "https://hydra.rovacsek.com";
7 | project = "nix-config";
8 | };
9 | }
10 |
--------------------------------------------------------------------------------
/modules/i18n/default.nix:
--------------------------------------------------------------------------------
1 | _: { i18n.defaultLocale = "en_AU.utf8"; }
2 |
--------------------------------------------------------------------------------
/modules/i3/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | services.xserver = {
4 | enable = true;
5 |
6 | desktopManager.xterm.enable = false;
7 |
8 | windowManager.i3 = {
9 | enable = true;
10 | package = with pkgs; [ i3-gaps ];
11 |
12 | extraPackages = with pkgs; [
13 | dmenu # application launcher most people use
14 | i3status # gives you the default i3 status bar
15 | i3lock # default i3 screen locker
16 | ];
17 | };
18 | };
19 | }
20 |
--------------------------------------------------------------------------------
/modules/jellyseerr/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | services = {
4 | jellyseerr = {
5 | enable = true;
6 | openFirewall = true;
7 |
8 | inherit (self.common.config.services.jellyseerr) port;
9 | };
10 | };
11 | }
12 |
--------------------------------------------------------------------------------
/modules/journald/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.journald = {
3 | extraConfig = ''
4 | MaxRetentionSec=6hour
5 | SystemMaxUse=256M
6 | '';
7 | storage = "volatile";
8 | };
9 | }
10 |
--------------------------------------------------------------------------------
/modules/keybase/default.nix:
--------------------------------------------------------------------------------
1 | _: { services.keybase.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/ledger/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | environment.systemPackages = [ pkgs.ledger-live-desktop ];
4 |
5 | hardware.ledger.enable = true;
6 | }
7 |
--------------------------------------------------------------------------------
/modules/libvirtd/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | virtualisation.libvirtd = {
4 | onBoot = "start";
5 | onShutdown = "shutdown";
6 | enable = true;
7 | qemu = {
8 | runAsRoot = false;
9 | };
10 | };
11 | security.polkit.enable = true;
12 | environment.systemPackages = with pkgs; [ virt-manager ];
13 | }
14 |
--------------------------------------------------------------------------------
/modules/libvirtd/opnsense.nix:
--------------------------------------------------------------------------------
1 | _: { }
2 |
--------------------------------------------------------------------------------
/modules/lidarr/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | # TODO: map lidarr settings to custom options
3 | services.lidarr = {
4 | enable = true;
5 | openFirewall = true;
6 | };
7 | }
8 |
--------------------------------------------------------------------------------
/modules/lightdm/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.xserver = {
3 | enable = true;
4 | displayManager.lightdm = {
5 | enable = true;
6 | greeters = {
7 | gtk.enable = false;
8 | enso.enable = true;
9 | };
10 | };
11 | };
12 | }
13 |
--------------------------------------------------------------------------------
/modules/linode-image/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | {
3 | boot = {
4 | kernelParams = [ "console=ttyS0,19200n8" ];
5 | loader = {
6 | timeout = 10;
7 | grub = {
8 | device = "nodev";
9 | extraConfig = ''
10 | serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
11 | terminal_input serial;
12 | terminal_output serial
13 | '';
14 | forceInstall = true;
15 | splashImage = lib.mkForce null;
16 | };
17 | };
18 | };
19 |
20 | fileSystems."/" = {
21 | device = "/dev/sda";
22 | fsType = "ext4";
23 | };
24 |
25 | networking = {
26 | usePredictableInterfaceNames = false;
27 | interfaces.eth0.useDHCP = true;
28 | };
29 |
30 | swapDevices = [ { device = "/dev/sdb"; } ];
31 | }
32 |
--------------------------------------------------------------------------------
/modules/lix/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, self, ... }:
2 | {
3 | imports = [ self.inputs.lix-module.nixosModules.default ];
4 |
5 | nix.package = pkgs.lix;
6 | }
7 |
--------------------------------------------------------------------------------
/modules/logging/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | services.prometheus.exporters.node = {
4 | enable = true;
5 | enabledCollectors = [
6 | "systemd"
7 | "processes"
8 | ];
9 | inherit (self.common.config.services.exporters-node) port;
10 | };
11 | }
12 |
--------------------------------------------------------------------------------
/modules/lorri/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | services.lorri.enable = true;
4 | environment.systemPackages = with pkgs; [ direnv ];
5 | }
6 |
--------------------------------------------------------------------------------
/modules/lxqt/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.xserver = {
3 | enable = true;
4 | displayManager.defaultSession = "lxqt";
5 | desktopManager.lxqt.enable = true;
6 | };
7 | }
8 |
--------------------------------------------------------------------------------
/modules/minimal-boot-filesystems/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | ...
4 | }:
5 | {
6 | boot = {
7 | supportedFilesystems = {
8 | btrfs = lib.mkForce false;
9 | cifs = lib.mkForce false;
10 | ext4 = true;
11 | f2fs = lib.mkForce false;
12 | ntfs = lib.mkForce false;
13 | vfat = true;
14 | xfs = lib.mkForce false;
15 | zfs = lib.mkForce false;
16 | };
17 | };
18 | }
19 |
--------------------------------------------------------------------------------
/modules/networking/default.nix:
--------------------------------------------------------------------------------
1 | { lib, pkgs, ... }:
2 | let
3 | inherit (pkgs.stdenv) isLinux isDarwin;
4 |
5 | linux-settings = lib.optionalAttrs isLinux {
6 | useDHCP = false;
7 | networkmanager.enable = true;
8 | };
9 |
10 | darwin-settings = lib.optionalAttrs isDarwin {
11 | knownNetworkServices = [
12 | "Wi-Fi"
13 | "USB 10/100/1000 LAN"
14 | ];
15 | };
16 |
17 | cfg.networking = linux-settings // darwin-settings;
18 |
19 | in
20 | cfg
21 |
--------------------------------------------------------------------------------
/modules/nginx/default.nix:
--------------------------------------------------------------------------------
1 | { ... }:
2 | {
3 | # Extended options for nginx
4 | imports = [ ../../options/modules/nginx ];
5 |
6 | networking.firewall.allowedTCPPorts = [
7 | 80
8 | 443
9 | ];
10 |
11 | services = {
12 | nginx = {
13 | enable = true;
14 | enableReload = true;
15 | recommendedTlsSettings = true;
16 | recommendedZstdSettings = true;
17 | recommendedOptimisation = true;
18 | recommendedGzipSettings = true;
19 | recommendedProxySettings = true;
20 | recommendedBrotliSettings = true;
21 | };
22 |
23 | prometheus.exporters.nginx.enable = true;
24 | };
25 | }
26 |
--------------------------------------------------------------------------------
/modules/nix-monitored/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | pkgs,
4 | self,
5 | ...
6 | }:
7 | {
8 | imports = [ self.inputs.nix-monitored.nixosModules.default ];
9 |
10 | nix = {
11 | monitored.enable = true;
12 | package = lib.mkForce pkgs.nix-monitored;
13 | };
14 | }
15 |
--------------------------------------------------------------------------------
/modules/nix-serve/default.nix:
--------------------------------------------------------------------------------
1 | # This module assumes the existence of a suitably generated keypair
2 | # To generate this, either follow the instructions here: https://nixos.wiki/wiki/Binary_Cache
3 | {
4 | config,
5 | lib,
6 | self,
7 | ...
8 | }:
9 | {
10 | age = {
11 | identityPaths = [ "/agenix/id-ed25519-nix-serve-primary" ];
12 |
13 | secrets."cache-priv-key.pem" = lib.mkForce {
14 | file = ../../secrets/nix-serve/cache-priv-key.pem.age;
15 | owner = "nix-serve";
16 | mode = "0400";
17 | };
18 | };
19 |
20 | nix.gc.automatic = lib.mkForce false;
21 |
22 | services.nix-serve = {
23 | enable = true;
24 | openFirewall = true;
25 | secretKeyFile = config.age.secrets."cache-priv-key.pem".path;
26 |
27 | inherit (self.common.config.services.binarycache) port;
28 | };
29 | }
30 |
--------------------------------------------------------------------------------
/modules/nix-topology/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | imports = [ self.inputs.nix-topology.nixosModules.default ];
4 | }
5 |
--------------------------------------------------------------------------------
/modules/nix/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | pkgs,
4 | ...
5 | }:
6 | {
7 | nix = {
8 | distributedBuilds = (builtins.length config.nix.buildMachines) != 0;
9 |
10 | gc = {
11 | automatic = true;
12 | options = "--delete-older-than 7d";
13 | };
14 |
15 | settings = {
16 | auto-optimise-store = pkgs.stdenv.isLinux;
17 | builders-use-substitutes = true;
18 | experimental-features = "nix-command flakes";
19 | http-connections = 0;
20 | sandbox = true;
21 | substituters = [
22 | "https://binarycache.rovacsek.com/"
23 | "https://nix-community.cachix.org"
24 | ];
25 | trusted-public-keys = [
26 | "binarycache.rovacsek.com:xhZ1vkz2OQdHK/ex2ByA2GeziZoehrNHJCeMo7Afvr8="
27 | "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
28 | ];
29 | trusted-users = [
30 | "@wheel"
31 | "builder"
32 | ];
33 | };
34 | };
35 | }
36 |
--------------------------------------------------------------------------------
/modules/nur/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | {
3 | imports = [ self.inputs.nur.modules.nixos.default ];
4 | }
5 |
--------------------------------------------------------------------------------
/modules/nvidia/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | {
3 | hardware = {
4 | graphics = {
5 | enable = true;
6 | enable32Bit = true;
7 | };
8 | nvidia = {
9 | open = true;
10 | modesetting.enable = true;
11 | package = config.boot.kernelPackages.nvidiaPackages.production;
12 | };
13 | };
14 |
15 | services.xserver.videoDrivers = [ "nvidia" ];
16 | }
17 |
--------------------------------------------------------------------------------
/modules/ollama/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | services.ollama = {
4 | enable = true;
5 | acceleration = "cuda";
6 | loadModels = [ ];
7 | # TODO: add logic to check for presence of nivida
8 | package = pkgs.ollama-cuda;
9 | };
10 | }
11 |
--------------------------------------------------------------------------------
/modules/openntpd/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | networking.firewall.allowedUDPPorts = [ 123 ];
3 |
4 | services.openntpd = {
5 | enable = true;
6 | extraConfig = ''
7 | listen on *
8 | '';
9 | servers = [
10 | "0.au.pool.ntp.org"
11 | "1.au.pool.ntp.org"
12 | "2.au.pool.ntp.org"
13 | "3.au.pool.ntp.org"
14 | ];
15 | };
16 | }
17 |
--------------------------------------------------------------------------------
/modules/openssh/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.openssh = {
3 | enable = true;
4 | settings.PasswordAuthentication = false;
5 | };
6 |
7 | networking.firewall.allowedTCPPorts = [ 22 ];
8 | }
9 |
--------------------------------------------------------------------------------
/modules/oracle-image/default.nix:
--------------------------------------------------------------------------------
1 | { modulesPath, ... }:
2 | {
3 | imports = [ "${modulesPath}/profiles/qemu-guest.nix" ];
4 |
5 | boot.loader.grub = {
6 | enable = true;
7 | efiSupport = false;
8 | efiInstallAsRemovable = false;
9 | };
10 |
11 | networking.usePredictableInterfaceNames = false;
12 | networking.interfaces.eth0.useDHCP = true;
13 | }
14 |
--------------------------------------------------------------------------------
/modules/palworld/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | imports = [
3 | ../../options/modules/palworld
4 | ../../options/modules/steam
5 | ];
6 |
7 | services.palworld = {
8 | enable = true;
9 | dataDir = "/srv/games/servers/palworld/feb-2025";
10 | };
11 | }
12 |
--------------------------------------------------------------------------------
/modules/pidgin/default.nix:
--------------------------------------------------------------------------------
1 | _: { programs.pidgin.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/pipewire/default.nix:
--------------------------------------------------------------------------------
1 | { self, pkgs, ... }:
2 | {
3 | services.pipewire = {
4 | enable = true;
5 | alsa.enable = true;
6 | alsa.support32Bit = true;
7 | pulse.enable = true;
8 |
9 | wireplumber.configPackages = with self.packages.${pkgs.system}; [
10 | wireplumber-disable-pci-0
11 | ];
12 | };
13 |
14 | security.rtkit.enable = true;
15 |
16 | services.pulseaudio.enable = false;
17 | }
18 |
--------------------------------------------------------------------------------
/modules/prometheus/default.nix:
--------------------------------------------------------------------------------
1 | { config, self, ... }:
2 | let
3 | inherit (self.common.config.services) exporters-node prometheus;
4 | in
5 | {
6 | networking.firewall.allowedTCPPorts = [ config.services.prometheus.port ];
7 |
8 | services.prometheus = {
9 | enable = true;
10 |
11 | exporters.node = {
12 | inherit (exporters-node) port;
13 | enable = true;
14 | enabledCollectors = [
15 | "systemd"
16 | "processes"
17 | ];
18 | openFirewall = true;
19 | };
20 |
21 | extraFlags = [ "--web.enable-remote-write-receiver" ];
22 |
23 | inherit (prometheus) port;
24 |
25 | retentionTime = "30d";
26 | };
27 | }
28 |
--------------------------------------------------------------------------------
/modules/prowlarr/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | # TODO: map prowlarr settings to custom options
3 | services = {
4 | prowlarr = {
5 | enable = true;
6 | openFirewall = true;
7 | };
8 | };
9 | }
10 |
--------------------------------------------------------------------------------
/modules/radarr/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | # TODO: map radarr settings to custom options
3 | services.radarr = {
4 | enable = true;
5 | openFirewall = true;
6 | };
7 | }
8 |
--------------------------------------------------------------------------------
/modules/raspberry-pi-4/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | self,
3 | ...
4 | }:
5 | {
6 | imports = with self.inputs; [
7 | raspberry-pi-nix.nixosModules.raspberry-pi
8 | self.nixosModules.minimal-boot-filesystems
9 | ];
10 |
11 | raspberry-pi-nix.board = "bcm2711";
12 | }
13 |
--------------------------------------------------------------------------------
/modules/raspberry-pi-5/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | self,
3 | ...
4 | }:
5 | {
6 | imports = with self.inputs; [
7 | nixos-hardware.nixosModules.raspberry-pi-5
8 | raspberry-pi-nix.nixosModules.raspberry-pi
9 | self.nixosModules.minimal-boot-filesystems
10 | ];
11 |
12 | raspberry-pi-nix.board = "bcm2712";
13 | }
14 |
--------------------------------------------------------------------------------
/modules/redshift/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | location.latitude = -32.917;
3 | location.longitude = 151.8;
4 |
5 | services.redshift = {
6 | enable = true;
7 | brightness = {
8 | day = "1";
9 | night = "1";
10 | };
11 |
12 | temperature = {
13 | day = 5500;
14 | night = 3700;
15 | };
16 | };
17 | }
18 |
--------------------------------------------------------------------------------
/modules/remote-builds/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | {
3 | imports = [ ../../options/modules/remote-builds ];
4 |
5 | age = {
6 | identityPaths = [
7 | "/agenix/id-ed25519-ssh-primary"
8 | ];
9 | secrets.builder-id-ed25519 = {
10 | file = ../../secrets/ssh/builder-id-ed25519.age;
11 | mode = "0400";
12 | };
13 | };
14 |
15 | remoteBuilds = {
16 | enable = true;
17 | sshKey = config.age.secrets.builder-id-ed25519.path;
18 | machineConfigs = ./machines.json;
19 | };
20 | }
21 |
--------------------------------------------------------------------------------
/modules/sddm/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | environment.systemPackages = with pkgs; [ sddm-chili-theme ];
4 | services.xserver = {
5 | enable = true;
6 | displayManager.sddm = {
7 | enable = true;
8 | theme = "chili";
9 | };
10 | };
11 | }
12 |
--------------------------------------------------------------------------------
/modules/skhd/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | let
3 | inherit (pkgs) bash yabai;
4 | in
5 | {
6 | launchd.user.agents.skhd.environment.SHELL = "${bash}/bin/bash";
7 |
8 | services.skhd = {
9 | enable = true;
10 | skhdConfig = ''
11 | ################################################################################
12 | #
13 | # window manipulation
14 | #
15 |
16 | lcmd + shift + lctrl - left : ${yabai}/bin/yabai -m window --warp west || ${yabai}/bin/yabai -m display --focus west
17 | lcmd + shift + lctrl - right : ${yabai}/bin/yabai -m window --warp east || ${yabai}/bin/yabai -m display --focus east
18 | lcmd + shift + lctrl - up : ${yabai}/bin/yabai -m window --warp north || ${yabai}/bin/yabai -m display --focus north
19 | lcmd + shift + lctrl - down : ${yabai}/bin/yabai -m window --warp south || ${yabai}/bin/yabai -m display --focus south
20 | '';
21 | };
22 | }
23 |
--------------------------------------------------------------------------------
/modules/smartd/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.smartd = {
3 | autodetect = true;
4 | enable = true;
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/modules/sonarr/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | lib,
4 | self,
5 | ...
6 | }:
7 | let
8 | inherit (self.common.config.services.sonarr) port;
9 | in
10 | {
11 | # Extended options for sonarr
12 | imports = [ ../../options/modules/sonarr ];
13 |
14 | age = {
15 | identityPaths = [ "/agenix/id-ed25519-sonarr-primary" ];
16 |
17 | secrets."sonarr-api-key" = lib.mkForce {
18 | file = ../../secrets/sonarr/api-key.age;
19 | owner = config.services.sonarr.user;
20 | mode = "0400";
21 | };
22 | };
23 |
24 | services.sonarr = {
25 | enable = true;
26 | api-key-file = config.age.secrets.sonarr-api-key.path;
27 | openPort = true;
28 | ports.http = port;
29 | use-declarative-settings = true;
30 | };
31 | }
32 |
--------------------------------------------------------------------------------
/modules/ssh/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | age = {
3 | identityPaths = [ "/agenix/id-ed25519-ssh-primary" ];
4 |
5 | secrets = {
6 | type-a-1 = {
7 | file = ../../secrets/ssh/type-a-1.age;
8 | owner = "jay";
9 | };
10 | type-c-1 = {
11 | file = ../../secrets/ssh/type-c-1.age;
12 | owner = "jay";
13 | };
14 | type-a-2 = {
15 | file = ../../secrets/ssh/type-a-2.age;
16 | owner = "jay";
17 | };
18 | type-c-2 = {
19 | file = ../../secrets/ssh/type-c-2.age;
20 | owner = "jay";
21 | };
22 | };
23 | };
24 | }
25 |
--------------------------------------------------------------------------------
/modules/ssm/default.nix:
--------------------------------------------------------------------------------
1 | _: { services.amazon-ssm-agent.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/steam/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | programs.steam = {
4 | enable = true;
5 | gamescopeSession = {
6 | enable = true;
7 | args = [
8 | "--rt"
9 | "--expose-wayland"
10 | ];
11 | };
12 |
13 | extraCompatPackages = [
14 | pkgs.proton-ge-bin
15 | ];
16 |
17 | remotePlay.openFirewall = true;
18 | };
19 | }
20 |
--------------------------------------------------------------------------------
/modules/sudo/default.nix:
--------------------------------------------------------------------------------
1 | _: { security.sudo.wheelNeedsPassword = false; }
2 |
--------------------------------------------------------------------------------
/modules/systemd-boot/default.nix:
--------------------------------------------------------------------------------
1 | _: { boot.loader.systemd-boot.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/tailscale/default.nix:
--------------------------------------------------------------------------------
1 | { config, lib, ... }:
2 | let
3 | headscale-present = config.services.headscale.enable;
4 |
5 | preauth-key-defined = builtins.hasAttr "tailnet-preauth" config.age.secrets;
6 | in
7 | {
8 | age.secrets.tailnet-preauth = {
9 | mode = lib.mkIf preauth-key-defined (
10 | if headscale-present then lib.mkForce "0440" else "0400"
11 | );
12 | group = lib.mkIf preauth-key-defined (
13 | if headscale-present then config.services.headscale.group else "0"
14 | );
15 | };
16 |
17 | networking.nameservers = [ "100.100.100.100" ];
18 |
19 | services.tailscale = {
20 | enable = true;
21 | authKeyFile = config.age.secrets.tailnet-preauth.path;
22 | };
23 | }
24 |
--------------------------------------------------------------------------------
/modules/telegraf/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, self, ... }:
2 | let
3 | inherit (self.common.config.services.telegraf.output.prometheus) port;
4 | in
5 | {
6 | networking.firewall.allowedTCPPorts = [ port ];
7 | services = {
8 | telegraf = {
9 | enable = true;
10 | extraConfig = {
11 | inputs = {
12 | execd = {
13 | command = [
14 | "${pkgs.zfs}/libexec/zfs/zpool_influxdb"
15 | "--execd"
16 | ];
17 | data_format = "influx";
18 | restart_delay = "10s";
19 | signal = "STDIN";
20 | };
21 | zfs = { };
22 | };
23 | outputs.prometheus_client.listen = ":${builtins.toString port}";
24 | };
25 | };
26 | };
27 | }
28 |
--------------------------------------------------------------------------------
/modules/time/default.nix:
--------------------------------------------------------------------------------
1 | _: { time.timeZone = "Australia/Sydney"; }
2 |
--------------------------------------------------------------------------------
/modules/timesyncd/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.timesyncd = {
3 | servers = [
4 | "0.au.pool.ntp.org"
5 | "1.au.pool.ntp.org"
6 | "2.au.pool.ntp.org"
7 | "3.au.pool.ntp.org"
8 | ];
9 | };
10 | }
11 |
--------------------------------------------------------------------------------
/modules/tmp-tmpfs/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | boot.tmp = {
3 | cleanOnBoot = true;
4 | useTmpfs = true;
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/modules/tmux/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | programs.tmux = {
4 | clock24 = true;
5 | enable = true;
6 | historyLimit = 10000;
7 | keyMode = "vi";
8 | newSession = true;
9 | plugins = with pkgs; [ ];
10 | };
11 | }
12 |
--------------------------------------------------------------------------------
/modules/udev/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | services.udev.packages = [ pkgs.yubikey-personalization ];
4 | environment.systemPackages = with pkgs; [ libfido2 ];
5 | }
6 |
--------------------------------------------------------------------------------
/modules/unifi/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, self, ... }:
2 | {
3 | networking.firewall.allowedTCPPorts = [
4 | self.common.config.services.unifi.port
5 | ];
6 |
7 | services.unifi = {
8 | enable = true;
9 | extraJvmOptions = [ "-Djava.net.preferIPv4Stack=true" ];
10 | openFirewall = true;
11 | unifiPackage = pkgs.unifi8;
12 | mongodbPackage = pkgs.mongodb-ce;
13 | };
14 | }
15 |
--------------------------------------------------------------------------------
/modules/upower/default.nix:
--------------------------------------------------------------------------------
1 | _: { services.upower.enable = true; }
2 |
--------------------------------------------------------------------------------
/modules/ups/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | power.ups = {
3 | enable = true;
4 | mode = "standalone";
5 | ups.primary = {
6 | description = "PowerShield Defender 1200VA";
7 | driver = "blazer_usb";
8 | port = "auto";
9 | };
10 | };
11 | }
12 |
--------------------------------------------------------------------------------
/modules/uptime-kuma/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.uptime-kuma = {
3 | enable = true;
4 | settings = { };
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/modules/velociraptor-client/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | imports = [ ../../options/modules/velociraptor ];
3 |
4 | services.velociraptor.client.enable = true;
5 | }
6 |
--------------------------------------------------------------------------------
/modules/velociraptor-server/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | imports = [ ../../options/modules/velociraptor ];
3 |
4 | services.velociraptor.server.enable = true;
5 | }
6 |
--------------------------------------------------------------------------------
/modules/vulnix/default.nix:
--------------------------------------------------------------------------------
1 | { pkgs, ... }:
2 | {
3 | environment.systemPackages = with pkgs; [ vulnix ];
4 | }
5 |
--------------------------------------------------------------------------------
/modules/xfce/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.xserver.desktopManager.xfce = {
3 | enable = true;
4 | enableScreensaver = false;
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/modules/zfs/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | services.zfs = {
3 | autoSnapshot.enable = true;
4 | autoScrub.enable = true;
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/modules/zramSwap/default.nix:
--------------------------------------------------------------------------------
1 | { config, ... }:
2 | let
3 | /*
4 | A foorgun below; don't set a swap device priority as 32767.
5 | It's the limit of the i16 value used here.
6 | */
7 | max-swap-priority = builtins.foldl' (
8 | acc: x: if acc >= (x.priority or 0) then acc else (x.priority or 0)
9 | ) 0 config.swapDevices;
10 | in
11 | {
12 | zramSwap = {
13 | algorithm = "zstd";
14 | enable = true;
15 | priority = max-swap-priority + 1;
16 | };
17 | }
18 |
--------------------------------------------------------------------------------
/modules/zsh/default.nix:
--------------------------------------------------------------------------------
1 | _: {
2 | programs.zsh.enable = true;
3 | }
4 |
--------------------------------------------------------------------------------
/options/modules/hardware/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | with lib;
3 | {
4 | options.hardware.cpu.profile = {
5 | cores = mkOption {
6 | type = types.int;
7 | default = 1;
8 | description = "The number of CPU cores available on the system";
9 | };
10 | speed = mkOption {
11 | type = types.int;
12 | default = 1;
13 | description = "The relative speed of CPU cores compared to other systems within configuration";
14 | };
15 | };
16 | }
17 |
--------------------------------------------------------------------------------
/options/modules/linux-builder/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | config,
3 | lib,
4 | pkgs,
5 | ...
6 | }:
7 | let
8 | inherit (pkgs) stdenv;
9 |
10 | cfg = config.nix.linux-builder;
11 | builder-config = builtins.head (builtins.head cfg.config.imports).imports;
12 |
13 | in
14 | with lib;
15 | {
16 | config = mkIf (stdenv.isDarwin && cfg.enable) {
17 | nix.buildMachines = [
18 | {
19 | hostName = "linux-builder";
20 | sshUser = "builder";
21 | sshKey = "/etc/nix/builder_ed25519";
22 | system = "${stdenv.hostPlatform.uname.processor}-linux";
23 | publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUpCV2N4Yi9CbGFxdDFhdU90RStGOFFVV3JVb3RpQzVxQkorVXVFV2RWQ2Igcm9vdEBuaXhvcwo=";
24 | inherit (cfg) maxJobs supportedFeatures;
25 |
26 | systems = lib.unique (
27 | [ "${stdenv.hostPlatform.uname.processor}-linux" ]
28 | ++ builder-config.boot.binfmt.emulatedSystems
29 | );
30 | }
31 | ];
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/options/modules/microvm-guest/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | let
3 | inherit (lib) mkOption types;
4 | in
5 | {
6 | mac = mkOption {
7 | # type = types.net.mac;
8 | type = types.str;
9 | description = "The base mac address from which the guest's mac will be derived. Only the second and third byte are used, so for 02:XX:YY:ZZ:ZZ:ZZ, this specifies XX and YY, while Zs are generated automatically. Not used if the mac is set directly.";
10 | default = "02:01:27:00:00:00";
11 | };
12 |
13 | macvtap = mkOption {
14 | type = types.str;
15 | description = "The host interface to which the microvm should be attached via macvtap";
16 | };
17 | }
18 |
--------------------------------------------------------------------------------
/options/modules/networking-darwin/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | with lib;
3 | {
4 | options.networking = {
5 | firewall = mkOption {
6 | type = with types; anything;
7 | default = null;
8 | description = ''
9 | A darwin stub to primarily ignore the inclusion of
10 | networking firewalls values.
11 | '';
12 | };
13 |
14 | nameservers = mkOption {
15 | type = with types; listOf str;
16 | default = [ ];
17 | description = ''
18 | A darwin stub to primarily ignore the inclusion of
19 | networking firewalls values.
20 | '';
21 | };
22 | };
23 | }
24 |
--------------------------------------------------------------------------------
/options/modules/ssh/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | {
3 | options.programs.ssh.publicHostKeyBase64 = lib.mkOption {
4 | type = with lib.types; nullOr str;
5 | default = null;
6 | description = ''
7 | A basic way to describe public keys that a host would present
8 | via ssh for consumption by services that need to know the value
9 | ahead of a connection to avoid diminishing key validation
10 | security of a host.
11 |
12 | Note this is in base64 intentionally, as is required by nix
13 | remote builders; see more:
14 | https://github.com/NixOS/nixpkgs/blob/1355a0cbfeac61d785b7183c0caaec1f97361b43/nixos/modules/config/nix-remote-build.nix#L165
15 | '';
16 | };
17 | }
18 |
--------------------------------------------------------------------------------
/options/modules/systemd-darwin/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | {
3 | options.systemd = lib.mkOption {
4 | type = lib.types.anything;
5 | default = { };
6 | description = ''
7 | A systemd option stub to avoid issues with code shared between linux and darwin as a simple hack until
8 | better launchd and systemd mappings are done.'';
9 | };
10 | }
11 |
--------------------------------------------------------------------------------
/options/modules/systemd/default.nix:
--------------------------------------------------------------------------------
1 | { lib, ... }:
2 | with lib;
3 | {
4 | options.systemd.machineId = mkOption {
5 | type = types.str;
6 | # This normally would be generated by systemd, however we really
7 | # want to set this when using microvms as we want stable machine IDs
8 | # for journald mounts.
9 | default = ''
10 | uninitialized
11 | '';
12 | description = ''The machine ID - this needs to be either "uninitialized\n" or a string adhering to: systemd machine-id'';
13 | };
14 | }
15 |
--------------------------------------------------------------------------------
/options/terranix/default.nix:
--------------------------------------------------------------------------------
1 | { self }:
2 | {
3 | aws =
4 | {
5 | lib,
6 | pkgs,
7 | ...
8 | }:
9 | import ./aws.nix { inherit lib pkgs self; };
10 | }
11 |
--------------------------------------------------------------------------------
/packages/dotnet/epic-lancache-prefill/no-appcontext.patch:
--------------------------------------------------------------------------------
1 | From 567e4b2a22ca320431e363f2c9bd32094a0bd5c7 Mon Sep 17 00:00:00 2001
2 | From: Jay Rovacsek
3 | Date: Mon, 10 Jul 2023 08:22:35 +1000
4 | Subject: [PATCH] no-appcontext
5 |
6 | ---
7 | EpicPrefill/Settings/AppConfig.cs | 2 +-
8 | 1 file changed, 1 insertion(+), 1 deletion(-)
9 |
10 | diff --git a/EpicPrefill/Settings/AppConfig.cs b/EpicPrefill/Settings/AppConfig.cs
11 | index a58ef39..26a52a6 100644
12 | --- a/EpicPrefill/Settings/AppConfig.cs
13 | +++ b/EpicPrefill/Settings/AppConfig.cs
14 | @@ -24,7 +24,7 @@ namespace EpicPrefill.Settings
15 | ///
16 | /// Contains user configuration. Should not be deleted, doing so will reset the app back to defaults.
17 | ///
18 | - public static readonly string ConfigDir = Path.Combine(AppContext.BaseDirectory, "Config");
19 | + public static readonly string ConfigDir = Path.Combine(CacheDir, "Config");
20 |
21 | //TODO comment
22 | public static int MaxConcurrentRequests => 30;
23 | --
24 | 2.41.0
25 |
26 |
--------------------------------------------------------------------------------
/packages/dotnet/steam-lancache-prefill/no-appcontext.patch:
--------------------------------------------------------------------------------
1 | From 06863a1e421967ea7c518ff61d22f7ec22bbd273 Mon Sep 17 00:00:00 2001
2 | From: jayrovacsek
3 | Date: Tue, 10 Dec 2024 15:11:40 +1100
4 | Subject: [PATCH] no-appcontext
5 |
6 | ---
7 | SteamPrefill/Settings/AppConfig.cs | 2 +-
8 | 1 file changed, 1 insertion(+), 1 deletion(-)
9 |
10 | diff --git a/SteamPrefill/Settings/AppConfig.cs b/SteamPrefill/Settings/AppConfig.cs
11 | index 6ff9182..2190c30 100644
12 | --- a/SteamPrefill/Settings/AppConfig.cs
13 | +++ b/SteamPrefill/Settings/AppConfig.cs
14 | @@ -36,7 +36,7 @@ namespace SteamPrefill.Settings
15 | ///
16 | /// Contains user configuration. Should not be deleted, doing so will reset the app back to defaults.
17 | ///
18 | - private static readonly string ConfigDir = Path.Combine(AppContext.BaseDirectory, "Config");
19 | + private static readonly string ConfigDir = Path.Combine(TempDir, "Config");
20 |
21 | #region Serialization file paths
22 |
23 | --
24 | 2.47.0
25 |
26 |
--------------------------------------------------------------------------------
/packages/go/mdtable/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchFromGitHub,
4 | buildGoModule,
5 | }:
6 | let
7 | pname = "mdtable";
8 | version = "1.0.0";
9 |
10 | meta = with lib; {
11 | homepage = "https://github.com/moul/mdtable";
12 | description = "csv/json to markdown tables with customizable format";
13 | license = licenses.mit;
14 | };
15 |
16 | src = fetchFromGitHub {
17 | owner = "moul";
18 | repo = "mdtable";
19 | rev = "v${version}";
20 | hash = "sha256-VMd3XcjX1rNZe8saL3bDoBKNB3fSy9hIe51YpYqI+8s=";
21 | };
22 |
23 | vendorHash = "sha256-i/cHxRAIVjlpCIfVouESsqPALdUxbtgHTJt6n853fnw=";
24 | in
25 | buildGoModule {
26 | inherit
27 | pname
28 | version
29 | src
30 | meta
31 | vendorHash
32 | ;
33 | }
34 |
--------------------------------------------------------------------------------
/packages/go/pdscan/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchFromGitHub,
4 | buildGoModule,
5 | }:
6 | let
7 | pname = "pdscan";
8 | version = "0.1.8";
9 |
10 | meta = with lib; {
11 | homepage = "https://github.com/ankane/pdscan";
12 | description = "Scan your data stores for unencrypted personal data (PII)";
13 | license = licenses.mit;
14 | };
15 |
16 | src = fetchFromGitHub {
17 | owner = "ankane";
18 | repo = "pdscan";
19 | rev = "v${version}";
20 | hash = "sha256-F4owE2IFj9r/HcmFQ/63HlE15xrhdGe/aU6anSnPmWM=";
21 | };
22 |
23 | vendorHash = "sha256-Dx4zjVMgKye5vYoinX6CnQdSCQ+8Ryd2i3ToHlnBjcI=";
24 |
25 | doCheck = false;
26 |
27 | in
28 | buildGoModule {
29 | inherit
30 | pname
31 | version
32 | src
33 | meta
34 | vendorHash
35 | doCheck
36 | ;
37 | }
38 |
--------------------------------------------------------------------------------
/packages/go/trdsql/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchFromGitHub,
4 | buildGoModule,
5 | }:
6 | let
7 | pname = "trdsql";
8 | version = "1.1.0";
9 |
10 | meta = with lib; {
11 | homepage = "https://github.com/noborus/trdsql";
12 | description = "CLI tool that can execute SQL queries on CSV, LTSV, JSON and TBLN.";
13 | license = licenses.mit;
14 | };
15 |
16 | src = fetchFromGitHub {
17 | owner = "noborus";
18 | repo = "trdsql";
19 | rev = "v${version}";
20 | hash = "sha256-MkjQAOIXnydEmOFnnYrvE2TF2I0GqSrSRUAjd+/hHwc=";
21 | };
22 |
23 | vendorHash = "sha256-PoIa58vdDPYGL9mjEeudRYqPfvvr3W+fX5c+NgRIoLg=";
24 |
25 | doCheck = false;
26 |
27 | in
28 | buildGoModule {
29 | inherit
30 | pname
31 | version
32 | src
33 | meta
34 | vendorHash
35 | doCheck
36 | ;
37 | }
38 |
--------------------------------------------------------------------------------
/packages/node/tablemark/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | buildNpmPackage,
3 | fetchFromGitHub,
4 | lib,
5 | nodejs,
6 | }:
7 | let
8 | pname = "haltcase";
9 | version = "3.1.0";
10 |
11 | meta = with lib; {
12 | homepage = "https://github.com/haltcase/tablemark";
13 | description = "Generate markdown tables from JSON data";
14 | license = licenses.mit;
15 | };
16 |
17 | src = fetchFromGitHub {
18 | owner = "haltcase";
19 | repo = "tablemark";
20 | hash = "sha256-wcWWtGbUPvwdiKt6ukr725x+dDr8lp+rc8EKs68t13w=";
21 | rev = "v${version}";
22 | };
23 |
24 | npmDepsHash = "sha256-OMw3bwprY1qDU1/6cCi4FlcSEKnqrVDYlh62pWx3a9k=";
25 |
26 | patches = [ ./add-lockfile.patch ];
27 |
28 | dontNpmPrune = true;
29 |
30 | in
31 | buildNpmPackage {
32 | inherit
33 | pname
34 | version
35 | patches
36 | dontNpmPrune
37 | src
38 | meta
39 | nodejs
40 | npmDepsHash
41 | ;
42 | }
43 |
--------------------------------------------------------------------------------
/packages/python/acstore/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages)
9 | buildPythonPackage
10 | pyyaml
11 | pythonOlder
12 | setuptools
13 | ;
14 | in
15 | buildPythonPackage rec {
16 | pname = "acstore";
17 | version = "20240407";
18 | pyproject = true;
19 |
20 | src = fetchPypi {
21 | inherit pname version;
22 | hash = "sha256-yubHDEZ5nwltQW8sLEAhgyaXI0svHCS3a7Mewi6cvpg=";
23 | };
24 |
25 | build-system = [ setuptools ];
26 |
27 | dependencies = [ pyyaml ];
28 |
29 | disabled = pythonOlder "3.8";
30 |
31 | pythonImportsCheck = [ pname ];
32 |
33 | meta = with lib; rec {
34 | changelog = "${homepage}/releases/tag/${version}";
35 | description = "ACStore, or Attribute Container Storage, provides a stand-alone implementation to read and write attribute container storage files.";
36 | downloadPage = "https://github.com/log2timeline/acstore/releases";
37 | homepage = "https://github.com/log2timeline/acstore";
38 | license = licenses.asl20;
39 | };
40 | }
41 |
--------------------------------------------------------------------------------
/packages/python/dfdatetime/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "dfdatetime";
12 | version = "20240504";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-WE/6UBEpkUSv2kyrtVrOxP4Gk2RaymKGQWEPQT9ra20=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.8";
23 |
24 | pythonImportsCheck = [ pname ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "dfDateTime, or Digital Forensics date and time, provides date and time objects to preserve accuracy and precision.";
29 | homepage = "https://github.com/log2timeline/dfdatetime";
30 | downloadPage = "https://github.com/log2timeline/dfdatetime/releases";
31 | license = licenses.asl20;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/dfvfs/no-xattr-dependency.patch:
--------------------------------------------------------------------------------
1 | From 3c296e00498e56382fcfa8963df2b8fb9fc97f81 Mon Sep 17 00:00:00 2001
2 | From: jayrovacsek
3 | Date: Sat, 6 Apr 2024 07:35:59 +1100
4 | Subject: [PATCH] no xattr dependency
5 |
6 | ---
7 | requirements.txt | 1 -
8 | 1 file changed, 1 deletion(-)
9 |
10 | diff --git a/requirements.txt b/requirements.txt
11 | index af72d9a..0d32e6e 100644
12 | --- a/requirements.txt
13 | +++ b/requirements.txt
14 | @@ -28,4 +28,3 @@ libvsgpt-python >= 20211115
15 | libvshadow-python >= 20160109
16 | libvslvm-python >= 20160109
17 | pytsk3 >= 20210419
18 | -xattr >= 0.7.2 ; platform_system != "Windows"
19 | --
20 | 2.43.2
21 |
22 |
--------------------------------------------------------------------------------
/packages/python/docxcompose/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "docxcompose";
12 | version = "1.4.0";
13 |
14 | src = fetchPypi {
15 | inherit pname version;
16 | hash = "sha256-vPJ5mgtjwp63ej15mi8oRDrg9p+Gkf89dT9wa+UVw+k=";
17 | };
18 |
19 | build-system = [ setuptools ];
20 |
21 | dependencies = with python3Packages; [
22 | lxml
23 | python-docx
24 | setuptools
25 | six
26 | babel
27 | ];
28 |
29 | pythonImportsCheck = [ pname ];
30 |
31 | meta = with lib; rec {
32 | changelog = "${homepage}/releases/tag/${version}";
33 | description = "*docxcompose* is a Python library for concatenating/appending Microsoft Word (.docx) files";
34 | downloadPage = "https://github.com/4teamwork/docxcompose/tags";
35 | homepage = "https://github.com/4teamwork/docxcompose";
36 | license = licenses.mit;
37 | };
38 | }
39 |
--------------------------------------------------------------------------------
/packages/python/docxtpl/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | pkgs,
3 | lib,
4 | fetchPypi,
5 | python3Packages,
6 | self,
7 | ...
8 | }:
9 | let
10 | inherit (pkgs) system;
11 | inherit (python3Packages)
12 | buildPythonPackage
13 | six
14 | python-docx
15 | jinja2
16 | lxml
17 | ;
18 | inherit (self.packages.${system}) docxcompose;
19 | in
20 | buildPythonPackage rec {
21 | pname = "docxtpl";
22 | version = "0.19.1";
23 |
24 | src = fetchPypi {
25 | inherit pname version;
26 | hash = "sha256-WDaqtVg6guLoGwhvrhMM6U3AgPa3/g5D+D9OPj5drs8=";
27 | };
28 |
29 | dependencies = [
30 | six
31 | python-docx
32 | jinja2
33 | lxml
34 | docxcompose
35 | ];
36 |
37 | pythonImportsCheck = [ pname ];
38 |
39 | meta = with lib; rec {
40 | changelog = "${homepage}/releases/tag/${version}";
41 | description = "Use a docx as a jinja2 template";
42 | downloadPage = "https://github.com/elapouya/python-docx-template/tags";
43 | homepage = "https://github.com/elapouya/python-docx-template";
44 | license = licenses.lgpl21;
45 | };
46 | }
47 |
--------------------------------------------------------------------------------
/packages/python/flor/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "Flor";
12 | version = "1.1.3";
13 |
14 | src = fetchPypi {
15 | inherit pname version;
16 | hash = "sha256-H6wQHhYURtuy7lN51blQuwFf5tkFaDhaVJtTjKEv6UI=";
17 | };
18 |
19 | build-system = [ setuptools ];
20 |
21 | pythonImportsCheck = [ "flor" ];
22 |
23 | meta = rec {
24 | changelog = "${homepage}/releases/tag/${version}";
25 | description = "Flor - An efficient Bloom filter implementation in Python";
26 | downloadPage = "https://github.com/DCSO/flor/releases";
27 | homepage = "https://github.com/DCSO/flor";
28 | license = lib.licenses.bsd3;
29 | };
30 | }
31 |
--------------------------------------------------------------------------------
/packages/python/libbde-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libbde-python";
12 | version = "20240502";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-CzCmnmpIrfBCCpcrPK16D9uO1LWv53PjYE5YMKbgRjI=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pybde" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "ACStore, or Attribute Container Storage, provides a stand-alone implementation to read and write attribute container storage files.";
29 | downloadPage = "https://github.com/libyal/libbde/releases";
30 | homepage = "https://github.com/libyal/libbde";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libcaes-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libcaes-python";
12 | version = "20240413";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-L39X0Y65cRAkATLVxS+v32A7VNeVL6uJVOBHENNlDqo=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pycaes" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libcaes";
29 | downloadPage = "https://github.com/libyal/libcaes/releases";
30 | homepage = "https://github.com/libyal/libcaes";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libcreg-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libcreg-python";
12 | version = "20240419";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-yXis81GljgJSP6N/Vl7xWkNq049w/lqVjYBEZWL4/04=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pycreg" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libcreg";
29 | homepage = "https://github.com/libyal/libcreg";
30 | downloadPage = "https://github.com/libyal/libcreg/releases";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libesedb-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libesedb-python";
12 | version = "20240420";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-RyfQpuPRUfShQQfouOP4zO0QuUZmV8xqhWycf4bX0IE=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyesedb" ];
25 |
26 | meta = rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libesedb";
29 | homepage = "https://github.com/libyal/libesedb";
30 | downloadPage = "https://github.com/libyal/libesedb/releases";
31 | license = lib.licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libevt-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libevt-python";
12 |
13 | version = "20240421";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-z2kZ+rl7IEZpANJ4Vc9JiSMz5PLuQ5ySDoX6JgtZ1xU=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | disabled = pythonOlder "3.7";
24 |
25 | pythonImportsCheck = [ "pyevt" ];
26 |
27 | meta = rec {
28 | changelog = "${homepage}/releases/tag/${version}";
29 | description = "Python bindings module for libevt";
30 | homepage = "https://github.com/libyal/libevt";
31 | downloadPage = "https://github.com/libyal/libevt/releases";
32 | license = lib.licenses.lgpl3Plus;
33 | };
34 | }
35 |
--------------------------------------------------------------------------------
/packages/python/libevtx-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libevtx-python";
12 | version = "20240504";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-YkrFbZnVe1rMWNvLIaz1lsKuQFk433knSta4ENIIrdY=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyevtx" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libevtx";
29 | homepage = "https://github.com/libyal/libevtx";
30 | downloadPage = "https://github.com/libyal/libevtx/releases";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libewf-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | zlib,
4 | fetchPypi,
5 | python3Packages,
6 | ...
7 | }:
8 | let
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 | in
11 | buildPythonPackage rec {
12 | pname = "libewf-python";
13 | version = "20240506";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-QSgdeDQTblS12naUkiZtR24cVQWyRadVzglZapgphUI=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | buildInputs = [ zlib ];
24 |
25 | disabled = pythonOlder "3.7";
26 |
27 | pythonImportsCheck = [ "pyewf" ];
28 |
29 | meta = rec {
30 | changelog = "${homepage}/releases/tag/${version}";
31 | description = "Python bindings module for libewf";
32 | downloadPage = "https://github.com/libyal/libewf/releases";
33 | homepage = "https://github.com/libyal/libewf";
34 | license = lib.licenses.lgpl3Plus;
35 | };
36 | }
37 |
--------------------------------------------------------------------------------
/packages/python/libfcrypto-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libfcrypto-python";
12 | version = "20240414";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-I7UKtc4+ELoijGzGpFHxrBml1MesRxRQ2/BC35bZ4AQ=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyfcrypto" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libfcrypto";
29 | downloadPage = "https://github.com/libyal/libfcrypto/releases";
30 | homepage = "https://github.com/libyal/libfcrypto";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libfsapfs-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | zlib,
4 | fetchPypi,
5 | python3Packages,
6 | ...
7 | }:
8 | let
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 | in
11 | buildPythonPackage rec {
12 | pname = "libfsapfs-python";
13 | version = "20240429";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-ibxeT0WjT2GlcfMhEz1NAWTUGnIatuqyKur+XbWcKe0=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | buildInputs = [ zlib ];
24 |
25 | disabled = pythonOlder "3.7";
26 |
27 | pythonImportsCheck = [ "pyfsapfs" ];
28 |
29 | meta = rec {
30 | changelog = "${homepage}/releases/tag/${version}";
31 | description = "Python bindings module for libfsapfs";
32 | downloadPage = "https://github.com/libyal/libfsapfs/releases";
33 | homepage = "https://github.com/libyal/libfsapfs";
34 | license = lib.licenses.lgpl3Plus;
35 | };
36 | }
37 |
--------------------------------------------------------------------------------
/packages/python/libfsext-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libfsext-python";
12 | version = "20240501";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-sOqYWJBhjdHp5f3UEqHAHRQwXBmGaaMsQtvfB+wXUyY=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyfsext" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libfsext";
29 | homepage = "https://github.com/libyal/libfsext";
30 | downloadPage = "https://github.com/libyal/libfsext/releases";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libfsfat-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libfsfat-python";
12 | version = "20240501";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-75eftmduyuG8nJ/gOjm5inBhe+WVi+j5cFTtoBb3ngM=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyfsfat" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libfsfat";
29 | downloadPage = "https://github.com/libyal/libfsfat/releases";
30 | homepage = "https://github.com/libyal/libfsfat";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libfshfs-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | zlib,
4 | fetchPypi,
5 | python3Packages,
6 | ...
7 | }:
8 | let
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 | in
11 | buildPythonPackage rec {
12 | pname = "libfshfs-python";
13 | version = "20240501";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-Jme2+FiWW7hGGmpuvm2HsdRiLUCX+rizxsh5FSk/kDY=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | buildInputs = [ zlib ];
24 |
25 | disabled = pythonOlder "3.7";
26 |
27 | pythonImportsCheck = [ "pyfshfs" ];
28 |
29 | meta = with lib; {
30 | description = "Python bindings module for libfshfs";
31 |
32 | homepage = "https://github.com/libyal/libfshfs";
33 | downloadPage = "https://github.com/libyal/libfshfs/releases";
34 | license = licenses.lgpl3Plus;
35 | };
36 | }
37 |
--------------------------------------------------------------------------------
/packages/python/libfsntfs-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libfsntfs-python";
12 | version = "20240501";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-ga0MahssX2o+s1QzojxJCG1AwtnrMzw9TtzyuMbIKBk=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyfsntfs" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libfsntfs";
29 | homepage = "https://github.com/libyal/libfsntfs";
30 | downloadPage = "https://github.com/libyal/libfsntfs/releases";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libfsxfs-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libfsxfs-python";
12 | version = "20240501";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-taoqcksMtacBcwdCIGGCH/1wtzQukrZfqCdWO3TMhT4=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyfsxfs" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libfsxfs";
29 | downloadPage = "https://github.com/libyal/libfsxfs/releases";
30 | homepage = "https://github.com/libyal/libfsxfs";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libfvde-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | zlib,
4 | fetchPypi,
5 | python3Packages,
6 | ...
7 | }:
8 | let
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 | in
11 | buildPythonPackage rec {
12 | pname = "libfvde-python";
13 | version = "20240502";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-QEJ4VEXkLryDMPzqsuTkRSJfcG1/kKuhJ/WHy4Lq/nQ=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | buildInputs = [ zlib ];
24 |
25 | disabled = pythonOlder "3.7";
26 |
27 | pythonImportsCheck = [ "pyfvde" ];
28 |
29 | meta = with lib; rec {
30 | changelog = "${homepage}/releases/tag/${version}";
31 | description = "Python bindings module for libfvde";
32 | downloadPage = "https://github.com/libyal/libfvde/releases";
33 | homepage = "https://github.com/libyal/libfvde";
34 | license = licenses.lgpl3Plus;
35 | };
36 | }
37 |
--------------------------------------------------------------------------------
/packages/python/libfwnt-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | pname = "libfwnt-python";
9 |
10 | version = "20240415";
11 |
12 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
13 |
14 | in
15 | buildPythonPackage {
16 | pname = "libfwnt-python";
17 | version = "20240415";
18 | pyproject = true;
19 |
20 | src = fetchPypi {
21 | inherit pname version;
22 | hash = "sha256-tDdndZKwW2ymR8Gh2AMUki+mXrb4JaxTByY/+Q0+JJM=";
23 | };
24 |
25 | build-system = [ setuptools ];
26 |
27 | disabled = pythonOlder "3.7";
28 |
29 | pythonImportsCheck = [ "pyfwnt" ];
30 |
31 | meta = with lib; rec {
32 | changelog = "${homepage}/releases/tag/${version}";
33 | description = "Python bindings module for libfwnt";
34 | downloadPage = "https://github.com/libyal/libfwnt/releases";
35 | homepage = "https://github.com/libyal/libfwnt";
36 | license = licenses.lgpl3Plus;
37 | };
38 | }
39 |
--------------------------------------------------------------------------------
/packages/python/libfwsi-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 |
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 |
11 | in
12 | buildPythonPackage rec {
13 | pname = "libfwsi-python";
14 | version = "20240423";
15 | pyproject = true;
16 |
17 | src = fetchPypi {
18 | inherit pname version;
19 | hash = "sha256-2lgCmNhsSr8uD4Ed5scw+BWSxhxCt+d/jyrwZSVaKEM=";
20 | };
21 |
22 | build-system = [ setuptools ];
23 |
24 | disabled = pythonOlder "3.7";
25 |
26 | pythonImportsCheck = [ "pyfwsi" ];
27 |
28 | meta = with lib; rec {
29 | changelog = "${homepage}/releases/tag/${version}";
30 | description = "Python bindings module for libfwsi";
31 | downloadPage = "https://github.com/libyal/libfwsi/releases";
32 | homepage = "https://github.com/libyal/libfwsi";
33 | license = licenses.lgpl3Plus;
34 | };
35 | }
36 |
--------------------------------------------------------------------------------
/packages/python/liblnk-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "liblnk-python";
12 | version = "20240423";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-oCRa/Z9Pbj5dnGbWR8c8PiChrfBPMpL4mGuMqw6Gfx8=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pylnk" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for liblnk";
29 | downloadPage = "https://github.com/libyal/liblnk/releases";
30 | homepage = "https://github.com/libyal/liblnk";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libluksde-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libluksde-python";
12 | version = "20240503";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-vBNIQQ3Q0aJoaKoKytH5cxi7GluZYaJLzBPy7hXUUqw=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyluksde" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libluksde";
29 | downloadPage = "https://github.com/libyal/libluksde/releases";
30 | homepage = "https://github.com/libyal/libluksde";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libmodi-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | zlib,
4 | fetchPypi,
5 | python3Packages,
6 | ...
7 | }:
8 | let
9 | inherit (python3Packages) buildPythonPackage setuptools;
10 | in
11 | buildPythonPackage rec {
12 | pname = "libmodi-python";
13 | version = "20240507";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-9YOXSTaJwl3cVdCacze0idNfoad88UCtojXJ3PZ6pC0=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | buildInputs = [ zlib ];
24 |
25 | pythonImportsCheck = [ "pymodi" ];
26 |
27 | meta = with lib; rec {
28 | changelog = "${homepage}/releases/tag/${version}";
29 | description = "Python bindings module for libmodi";
30 | downloadPage = "https://github.com/libyal/libmodi/releases";
31 | homepage = "https://github.com/libyal/libmodi";
32 | license = licenses.lgpl3Plus;
33 | };
34 | }
35 |
--------------------------------------------------------------------------------
/packages/python/libmsiecf-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libmsiecf-python";
12 | version = "20240425";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-mdylekKq2hfUO8xQkbvr9F0X5hMp2zE3qkFvfyw9rhY=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pymsiecf" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libmsiecf";
29 | downloadPage = "https://github.com/libyal/libmsiecf/releases";
30 | homepage = "https://github.com/libyal/libmsiecf";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libolecf-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libolecf-python";
12 | version = "20240427";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-Awz/Gbc7MPDwEPPR5C06/kzAE69uYLswQMdo8AQW+/0=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyolecf" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libolecf";
29 | downloadPage = "https://github.com/libyal/libolecf/releases";
30 | homepage = "https://github.com/libyal/libolecf";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libphdi-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libphdi-python";
12 | version = "20240508";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-dXVH9X2lZpYqK5ki7yXC2YSCdCsiWy7rwFy8EXetohU=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyphdi" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libphdi";
29 | downloadPage = "https://github.com/libyal/libphdi/releases";
30 | homepage = "https://github.com/libyal/libphdi";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libqcow-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | zlib,
4 | fetchPypi,
5 | python3Packages,
6 | ...
7 | }:
8 | let
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 | in
11 | buildPythonPackage rec {
12 | pname = "libqcow-python";
13 | version = "20240308";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-6bPjrY0uiJu4nVWklso9lzyoAEMBASeGvLr2H5h5YWU=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | buildInputs = [ zlib ];
24 |
25 | disabled = pythonOlder "3.7";
26 |
27 | pythonImportsCheck = [ "pyqcow" ];
28 |
29 | meta = with lib; rec {
30 | changelog = "${homepage}/releases/tag/${version}";
31 | description = "Python bindings module for libqcow";
32 | downloadPage = "https://github.com/libyal/libqcow/releases";
33 | homepage = "https://github.com/libyal/libqcow";
34 | license = licenses.lgpl3Plus;
35 | };
36 | }
37 |
--------------------------------------------------------------------------------
/packages/python/libregf-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libregf-python";
12 | version = "20240421";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-oYbCR1zX59Cj4yQbM1fk5SC/YFB14BmiL0F4mix0Gvw=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyregf" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libregf";
29 | downloadPage = "https://github.com/libyal/libregf/releases";
30 | homepage = "https://github.com/libyal/libregf";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libscca-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libscca-python";
12 | version = "20240427";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-4Z3atLkaB4XFf0zPcrCC2wVNrogSzBktqNv4kWJuN5U=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyscca" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libscca";
29 | downloadPage = "https://github.com/libyal/libscca/releases";
30 | homepage = "https://github.com/libyal/libscca";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libsigscan-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libsigscan-python";
12 | version = "20240505";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-pCyXpLFSq738mA8/wMsgcsMPECfjIqxeKn83FpWOqN8=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pysigscan" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libsigscan";
29 | downloadPage = "https://github.com/libyal/libsigscan/releases";
30 | homepage = "https://github.com/libyal/libsigscan";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libsmdev-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 |
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 |
11 | in
12 | buildPythonPackage rec {
13 | pname = "libsmdev-python";
14 | version = "20240505";
15 | pyproject = true;
16 |
17 | src = fetchPypi {
18 | inherit pname version;
19 | hash = "sha256-IPzeHCxrFgqyeIYOVdJK3VVGGMmnrBCStO8CAZwYG+0=";
20 | };
21 |
22 | build-system = [ setuptools ];
23 |
24 | disabled = pythonOlder "3.7";
25 |
26 | pythonImportsCheck = [ "pysmdev" ];
27 |
28 | meta = with lib; rec {
29 | changelog = "${homepage}/releases/tag/${version}";
30 | description = "Python bindings module for libsmdev";
31 | downloadPage = "https://github.com/libyal/libsmdev/releases";
32 | homepage = "https://github.com/libyal/libsmdev";
33 | license = licenses.lgpl3Plus;
34 | };
35 | }
36 |
--------------------------------------------------------------------------------
/packages/python/libsmraw-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libsmraw-python";
12 | version = "20240506";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-bGjrv8hji0URqRWLeyvY/yg09MyUlZ5S9/Fo4yoB+k0=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pysmraw" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libsmraw";
29 | downloadPage = "https://github.com/libyal/libsmraw/releases";
30 | homepage = "https://github.com/libyal/libsmraw";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libvhdi-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libvhdi-python";
12 | version = "20240509";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-5hyA2suR9DQh9IvKVWSvD7ujw5RWjL0B3Y+aCXblLvQ=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyvhdi" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libvhdi";
29 | downloadPage = "https://github.com/libyal/libvhdi/releases";
30 | homepage = "https://github.com/libyal/libvhdi";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libvmdk-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | zlib,
4 | fetchPypi,
5 | python3Packages,
6 | ...
7 | }:
8 | let
9 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
10 | in
11 | buildPythonPackage rec {
12 | pname = "libvmdk-python";
13 | version = "20240510";
14 | pyproject = true;
15 |
16 | src = fetchPypi {
17 | inherit pname version;
18 | hash = "sha256-bFd1sq2/Z1lGf9tWvkaSbKcJleO9WmNf5MFbdGavpz8=";
19 | };
20 |
21 | build-system = [ setuptools ];
22 |
23 | buildInputs = [ zlib ];
24 |
25 | disabled = pythonOlder "3.7";
26 |
27 | pythonImportsCheck = [ "pyvmdk" ];
28 |
29 | meta = with lib; rec {
30 | changelog = "${homepage}/releases/tag/${version}";
31 | description = "Python bindings module for libvmdk";
32 | downloadPage = "https://github.com/libyal/libvmdk/releases";
33 | homepage = "https://github.com/libyal/libvmdk";
34 | license = licenses.lgpl3Plus;
35 | };
36 | }
37 |
--------------------------------------------------------------------------------
/packages/python/libvsapm-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libvsapm-python";
12 | version = "20240503";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-QLsfTZhdCysfdQNIyE62wDRfBEuqdiio0u9B5qOlSIM=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyvsapm" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libvsapm";
29 | downloadPage = "https://github.com/libyal/libvsapm/releases";
30 | homepage = "https://github.com/libyal/libvsapm";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libvsgpt-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libvsgpt-python";
12 | version = "20240504";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-fEVlO1+wVReOn4ryMP80gT1N5cHE/VuqGs4fgtG1XcI=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyvsgpt" ];
25 |
26 | meta = with lib; rec {
27 | description = "Python bindings module for libvsgpt";
28 |
29 | homepage = "https://github.com/libyal/libvsgpt";
30 | downloadPage = "https://github.com/libyal/libvsgpt/releases";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libvshadow-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libvshadow-python";
12 | version = "20240504";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-RBB+M2SzyrWJOXKVFohuIB7EWpCrLAtdvz8GkLzGxJQ=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyvshadow" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libvshadow";
29 | downloadPage = "https://github.com/libyal/libvshadow/releases";
30 | homepage = "https://github.com/libyal/libvshadow";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/libvslvm-python/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "libvslvm-python";
12 | version = "20240504";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-VggKWu72cfFKXrDFiof2naWmQA6Jc2OWVSI0XVl9F3c=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.7";
23 |
24 | pythonImportsCheck = [ "pyvslvm" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings module for libvslvm";
29 | downloadPage = "https://github.com/libyal/libvslvm/releases";
30 | homepage = "https://github.com/libyal/libvslvm";
31 | license = licenses.lgpl3Plus;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/python/opnreport/bump-pyyaml-dependency.patch:
--------------------------------------------------------------------------------
1 | From 7aa3a3ca758d55e1cec186ee3c4a50e66a33a407 Mon Sep 17 00:00:00 2001
2 | From: Jay Rovacsek
3 | Date: Sun, 30 Jul 2023 09:42:05 +1000
4 | Subject: [PATCH] Bump dependencies
5 |
6 | ---
7 | requirements.txt | 4 ++--
8 | 1 file changed, 2 insertions(+), 2 deletions(-)
9 |
10 | diff --git a/requirements.txt b/requirements.txt
11 | index 3c9cd21..df87feb 100644
12 | --- a/requirements.txt
13 | +++ b/requirements.txt
14 | @@ -1,2 +1,2 @@
15 | -defusedxml==0.5.0
16 | -pyyaml==5.4
17 | +defusedxml~=0.7.1
18 | +pyyaml~=6.0
19 | --
20 | 2.41.0
21 |
22 |
--------------------------------------------------------------------------------
/packages/python/opnreport/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchFromGitHub,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | pname = "OPNReport";
9 |
10 | version = "0.1.0";
11 |
12 | meta = with lib; {
13 | description = "Generate meaningful output from your opnSense configuration backup, like Markdown documentation.";
14 | homepage = "https://github.com/AndyX90/OPNReport";
15 | license = licenses.lgpl3Plus;
16 | };
17 |
18 | inherit (python3Packages) buildPythonPackage defusedxml pyyaml;
19 |
20 | in
21 | buildPythonPackage {
22 | inherit pname version meta;
23 |
24 | dependencies = [
25 | defusedxml
26 | pyyaml
27 | ];
28 |
29 | patches = [ ./bump-pyyaml-dependency.patch ];
30 |
31 | doCheck = false;
32 |
33 | src = fetchFromGitHub {
34 | owner = "AndyX90";
35 | repo = pname;
36 | rev = "34d5902af0b5b720c50b8de54b233e2bce2ac59f";
37 | hash = "sha256-MlekeO9/XHIB9ePNW8jMBJKU8N2+27G1/G0oPW0eM5A=";
38 | };
39 | }
40 |
--------------------------------------------------------------------------------
/packages/python/pffocus/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchFromGitHub,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | pname = "pfFocus";
9 |
10 | version = "0.1";
11 |
12 | meta = with lib; {
13 | description = "Generate meaningful output from your pfSense configuration backup, like Markdown documentation.";
14 | homepage = "https://github.com/TKCERT/pfFocus";
15 | license = licenses.lgpl3Plus;
16 | };
17 |
18 | inherit (python3Packages)
19 | buildPythonPackage
20 | defusedxml
21 | pip
22 | pyyaml
23 | ;
24 |
25 | in
26 | buildPythonPackage {
27 | inherit pname version meta;
28 |
29 | build-system = [ pip ];
30 |
31 | dependencies = [
32 | defusedxml
33 | pyyaml
34 | ];
35 |
36 | doCheck = false;
37 |
38 | src = fetchFromGitHub {
39 | owner = "TKCERT";
40 | repo = pname;
41 | rev = "7112221236ccac4a7ce3cd7f1c8e1c9d4cf54fd4";
42 | hash = "sha256-W1g8cWoICjKxr+wUbfO/XLBq9LGXgtRBj1X1aDBT0YA=";
43 | };
44 | }
45 |
--------------------------------------------------------------------------------
/packages/python/phonenumberslite/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | pname = "phonenumberslite";
9 | version = "9.0.0";
10 |
11 | meta = with lib; {
12 | description = "phonenumbers Python Library";
13 | homepage = "https://github.com/daviddrysdale/python-phonenumbers";
14 | downloadPage = "https://github.com/daviddrysdale/python-phonenumbers/tags";
15 | license = licenses.asl20;
16 | };
17 |
18 | inherit (python3Packages) buildPythonPackage;
19 |
20 | in
21 | buildPythonPackage {
22 | inherit pname version meta;
23 |
24 | doCheck = false;
25 |
26 | src = fetchPypi {
27 | inherit pname version;
28 | hash = "sha256-k8PhZ57V87GqEESISi3XWKDv/rEnLj9S+7foDCM8yYo=";
29 | };
30 | }
31 |
--------------------------------------------------------------------------------
/packages/python/plaso/no-xattr-dependency.patch:
--------------------------------------------------------------------------------
1 | From ffb105bd4838e2480fa24beb65d81a75d49393a8 Mon Sep 17 00:00:00 2001
2 | From: jayrovacsek
3 | Date: Sat, 6 Apr 2024 07:40:54 +1100
4 | Subject: [PATCH] no xattr dependency
5 |
6 | ---
7 | requirements.txt | 1 -
8 | 1 file changed, 1 deletion(-)
9 |
10 | diff --git a/requirements.txt b/requirements.txt
11 | index 7b55e74..534843d 100644
12 | --- a/requirements.txt
13 | +++ b/requirements.txt
14 | @@ -59,6 +59,5 @@ pyzmq >= 2.1.11
15 | redis >= 3.4
16 | requests >= 2.18.0
17 | six >= 1.1.0
18 | -xattr >= 0.7.2 ; platform_system != "Windows"
19 | yara-python >= 3.4.0
20 | zstd >= 1.3.0.2
21 | --
22 | 2.43.2
23 |
24 |
--------------------------------------------------------------------------------
/packages/python/pytsk3/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | lib,
3 | fetchPypi,
4 | python3Packages,
5 | ...
6 | }:
7 | let
8 | inherit (python3Packages) buildPythonPackage pythonOlder setuptools;
9 | in
10 | buildPythonPackage rec {
11 | pname = "pytsk3";
12 | version = "20231007";
13 | pyproject = true;
14 |
15 | src = fetchPypi {
16 | inherit pname version;
17 | hash = "sha256-uPE5ytLj+sv/fp1AYjwIdrHLRQU/EVnDZQEGwcK6T/g=";
18 | };
19 |
20 | build-system = [ setuptools ];
21 |
22 | disabled = pythonOlder "3.8";
23 |
24 | pythonImportsCheck = [ "pytsk3" ];
25 |
26 | meta = with lib; rec {
27 | changelog = "${homepage}/releases/tag/${version}";
28 | description = "Python bindings for the sleuthkit (http://www.sleuthkit.org/)";
29 | downloadPage = "https://github.com/py4n6/pytsk/releases";
30 | homepage = "https://github.com/py4n6/pytsk";
31 | license = licenses.asl20;
32 | };
33 | }
34 |
--------------------------------------------------------------------------------
/packages/resources/mario-homelab-pixelart-wallpaper/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | stdenvNoCC,
3 | lib,
4 | fetchurl,
5 | }:
6 | with lib;
7 | stdenvNoCC.mkDerivation {
8 | pname = "mario-homelab-pixelart-wallpaper";
9 | version = "0.0.1";
10 |
11 | src = fetchurl {
12 | url = "https://r4.wallpaperflare.com/wallpaper/714/648/856/super-mario-pixel-art-super-mario-kart-computer-mushroom-hd-wallpaper-68367d38b0f07cb820dc81dea8c2d40a.jpg";
13 | hash = "sha256-OCX1xlCX1wqiKqFhzLiXA/ty01RdNUOP9d8ffqcSy9U=";
14 | };
15 |
16 | phases = [ "installPhase" ];
17 |
18 | installPhase = ''
19 | mkdir -p $out/share
20 | cp $src $out/share/wallpaper.jpg
21 | '';
22 |
23 | meta.description = "Mario sitting in his home-lab Wallpaper";
24 | }
25 |
--------------------------------------------------------------------------------
/packages/resources/pfsense-logo/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | stdenvNoCC,
3 | lib,
4 | fetchurl,
5 | }:
6 | with lib;
7 | let
8 | pname = "pfsense-logo";
9 | version = "0.0.1";
10 |
11 | src = fetchurl {
12 | url = "https://www.itandgeneral.com/wp-content/uploads/2023/11/pfsense-logo-square.png";
13 | hash = "sha256-gQBbcctIPVf1IqTT+9wvclF6H8sj/cZE25hrgT2B95s=";
14 | };
15 |
16 | phases = [ "installPhase" ];
17 |
18 | in
19 | stdenvNoCC.mkDerivation {
20 | inherit
21 | pname
22 | version
23 | meta
24 | phases
25 | src
26 | ;
27 |
28 | installPhase = ''
29 | mkdir -p $out/share
30 |
31 | cp $src $out/share/logo.png
32 | '';
33 | }
34 |
--------------------------------------------------------------------------------
/packages/resources/ubiquiti-logo/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | stdenvNoCC,
3 | lib,
4 | fetchurl,
5 | }:
6 | with lib;
7 | let
8 | pname = "ubiquiti-logo";
9 | version = "0.0.1";
10 |
11 | src = fetchurl {
12 | url = "https://theme.zdassets.com/theme_assets/77613/c91f7f2114c450fecd5c4f39f8f960d6c5c77622.png";
13 | hash = "sha256-1Tt2AkkQRpHi35YCbcieLbMD55ioX7tmCxGp09E/hO0=";
14 | };
15 |
16 | phases = [ "installPhase" ];
17 |
18 | in
19 | stdenvNoCC.mkDerivation {
20 | inherit
21 | pname
22 | version
23 | meta
24 | phases
25 | src
26 | ;
27 |
28 | installPhase = ''
29 | mkdir -p $out/share
30 |
31 | cp $src $out/share/logo.png
32 | '';
33 | }
34 |
--------------------------------------------------------------------------------
/packages/rust/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/packages/rust/.gitkeep
--------------------------------------------------------------------------------
/packages/shell/eww-battery/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | stdenvNoCC,
3 | lib,
4 | fetchFromGitHub,
5 | coreutils,
6 | gnugrep,
7 | ...
8 | }:
9 | with lib;
10 | let
11 | pname = "eww-battery";
12 | version = "0.0.1";
13 | meta = {
14 | description = "Eww battery widget";
15 | };
16 |
17 | src = fetchFromGitHub {
18 | owner = "saimoomedits";
19 | repo = "eww-widgets";
20 | rev = "cfb2523a4e37ed2979e964998d9a4c37232b2975";
21 | hash = "sha256-yPSUdLgkwJyAX0rMjBGOuUIDvUKGPcVA5CSaCNcq0e8=";
22 | };
23 |
24 | phases = [
25 | "installPhase"
26 | "fixupPhase"
27 | ];
28 |
29 | in
30 | stdenvNoCC.mkDerivation {
31 | inherit
32 | pname
33 | version
34 | meta
35 | phases
36 | src
37 | ;
38 |
39 | installPhase = ''
40 | ${coreutils}/bin/mkdir -p $out/bin
41 | ${coreutils}/bin/cp $src/eww/bar/scripts/battery $out/bin
42 |
43 | substituteInPlace $out/bin/battery \
44 | --replace 'cat' '${coreutils}/bin/cat' \
45 | --replace 'grep' '${gnugrep}/bin/grep'
46 | '';
47 | }
48 |
--------------------------------------------------------------------------------
/packages/shell/eww-music-info/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | stdenvNoCC,
3 | lib,
4 | fetchFromGitHub,
5 | coreutils,
6 | mpc-cli,
7 | ffmpeg-headless,
8 | ...
9 | }:
10 | with lib;
11 | let
12 | name = "eww-music-info";
13 | version = "0.0.1";
14 | meta = {
15 | description = "Eww music info widget";
16 | };
17 |
18 | src = fetchFromGitHub {
19 | owner = "saimoomedits";
20 | repo = "eww-widgets";
21 | rev = "cfb2523a4e37ed2979e964998d9a4c37232b2975";
22 | hash = "sha256-yPSUdLgkwJyAX0rMjBGOuUIDvUKGPcVA5CSaCNcq0e8=";
23 | };
24 |
25 | phases = [
26 | "installPhase"
27 | "fixupPhase"
28 | ];
29 |
30 | in
31 | stdenvNoCC.mkDerivation {
32 | inherit
33 | name
34 | version
35 | meta
36 | phases
37 | src
38 | ;
39 |
40 | installPhase = ''
41 | ${coreutils}/bin/mkdir -p $out/bin
42 | ${coreutils}/bin/cp $src/eww/bar/scripts/music_info $out/bin
43 |
44 | substituteInPlace $out/bin/music_info \
45 | --replace 'mpc' '${mpc-cli}/bin/mpc' \
46 | --replace 'ffmpeg' '${ffmpeg-headless}/bin/ffmpeg'
47 | '';
48 | }
49 |
--------------------------------------------------------------------------------
/packages/shell/eww-workspace/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | stdenvNoCC,
3 | lib,
4 | fetchFromGitHub,
5 | coreutils,
6 | gnugrep,
7 | bspwm,
8 | ...
9 | }:
10 | with lib;
11 | let
12 | pname = "eww-workspace";
13 | version = "0.0.1";
14 | meta = {
15 | description = "Eww workspace script";
16 | };
17 |
18 | src = fetchFromGitHub {
19 | owner = "saimoomedits";
20 | repo = "eww-widgets";
21 | rev = "cfb2523a4e37ed2979e964998d9a4c37232b2975";
22 | hash = "sha256-yPSUdLgkwJyAX0rMjBGOuUIDvUKGPcVA5CSaCNcq0e8=";
23 | };
24 |
25 | phases = [
26 | "installPhase"
27 | "fixupPhase"
28 | ];
29 |
30 | in
31 | stdenvNoCC.mkDerivation {
32 | inherit
33 | pname
34 | version
35 | meta
36 | phases
37 | src
38 | ;
39 |
40 | installPhase = ''
41 | ${coreutils}/bin/mkdir -p $out/bin
42 | ${coreutils}/bin/cp $src/eww/bar/scripts/workspace $out/bin
43 |
44 | substituteInPlace $out/bin/workspace \
45 | --replace 'bspc' '${bspwm}/bin/bspc' \
46 | --replace 'grep' '${gnugrep}/bin/grep'
47 | '';
48 | }
49 |
--------------------------------------------------------------------------------
/packages/shell/waybar-colour-picker/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | stdenv,
3 | pkgs,
4 | lib,
5 | hyprpicker,
6 | wl-clipboard,
7 | ...
8 | }:
9 | with lib;
10 | let
11 | pname = "waybar-colour-picker";
12 | version = "0.0.1";
13 |
14 | meta = {
15 | description = "A simple shell wrapper hyprpicker";
16 | inherit (hyprpicker.meta) platforms;
17 | };
18 |
19 | waybar-colour-picker-wrapped = pkgs.writeShellScriptBin "waybar-colour-picker" ''
20 | ${hyprpicker}/bin/hyprpicker | ${wl-clipboard}/bin/wl-copy
21 | '';
22 |
23 | phases = [
24 | "installPhase"
25 | "fixupPhase"
26 | ];
27 |
28 | in
29 | stdenv.mkDerivation {
30 | inherit
31 | pname
32 | version
33 | meta
34 | phases
35 | ;
36 |
37 | buildInputs = [ waybar-colour-picker-wrapped ];
38 |
39 | installPhase = ''
40 | mkdir -p $out/bin
41 | ln -s ${waybar-colour-picker-wrapped}/bin/waybar-colour-picker $out/bin
42 | '';
43 | }
44 |
--------------------------------------------------------------------------------
/packages/terranix/oracle/README.md:
--------------------------------------------------------------------------------
1 |
2 |
3 | ## Requirements
4 |
5 | | Name | Version |
6 | | ------------------------------------------------------ | ------- |
7 | | [oci](#requirement_oci) | 6.6.0 |
8 |
9 | ## Providers
10 |
11 | No providers.
12 |
13 | ## Modules
14 |
15 | No modules.
16 |
17 | ## Resources
18 |
19 | No resources.
20 |
21 | ## Inputs
22 |
23 | No inputs.
24 |
25 | ## Outputs
26 |
27 | No outputs.
28 |
29 |
30 |
31 | ## Deployed Resources
32 |
--------------------------------------------------------------------------------
/packages/text/prettierignore/default.nix:
--------------------------------------------------------------------------------
1 | { writeTextFile, ... }:
2 | # Note the below should be injected into location blocks of vhosts
3 | # if authelia is running
4 | writeTextFile {
5 | name = ".prettierignore";
6 | text = ''
7 | .pre-commit-config.yaml
8 | .prettierignore
9 | *.nix
10 | CHANGELOG.md
11 | result
12 | '';
13 | }
14 |
--------------------------------------------------------------------------------
/packages/text/wireplumber-disable-pci-0/default.nix:
--------------------------------------------------------------------------------
1 | {
2 | coreutils,
3 | stdenvNoCC,
4 | writeTextFile,
5 | ...
6 | }:
7 | let
8 | name = "51-alsa-disable.lua";
9 | # Note the below should be injected into location blocks of vhosts
10 | # if authelia is running
11 | file = writeTextFile {
12 | inherit name;
13 | text = ''
14 | rule = {
15 | matches = {
16 | {
17 | { "device.name", "equals", "alsa_card.pci-0000_01_00.1" },
18 | },
19 | },
20 | apply_properties = {
21 | ["device.disabled"] = true,
22 | },
23 | }
24 |
25 | table.insert(alsa_monitor.rules,rule)
26 | '';
27 | };
28 | in
29 | stdenvNoCC.mkDerivation {
30 | inherit name;
31 |
32 | phases = [ "installPhase" ];
33 |
34 | installPhase = ''
35 | ${coreutils}/bin/mkdir -p $out/share/wireplumber/main.lua.d
36 | ${coreutils}/bin/ln -s ${file} $out/share/wireplumber/main.lua.d/${name}
37 | '';
38 | }
39 |
--------------------------------------------------------------------------------
/resources/recommend.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/resources/recommend.jpg
--------------------------------------------------------------------------------
/secrets/acme/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBC9G7Hn8ahBlhZr42QUxDRXQCD/TZ8orl7goPba9ONW";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBY2bcMWuDHB22hNgNnIg2WtvPgKpSWR60CqDo3a32z9";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "environment-file.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/acme/environment-file.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/acme/environment-file.age
--------------------------------------------------------------------------------
/secrets/acme/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/authelia/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbU9DS6d3QwSVT+MTd58zB8pB4wTuw/5xckvqLbj13r";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH8yET3TtblG5YYGIkw4YxCUfsE0zHXnILbxamV5zz8R";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "jwt-secret-key.age".publicKeys = keys;
11 | "notifier-config.age".publicKeys = keys;
12 | "session-secret-key.age".publicKeys = keys;
13 | "storage-encryption-key.age".publicKeys = keys;
14 | "users.age".publicKeys = keys;
15 | }
16 |
--------------------------------------------------------------------------------
/secrets/authelia/jwt-secret-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/authelia/jwt-secret-key.age
--------------------------------------------------------------------------------
/secrets/authelia/notifier-config.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/authelia/notifier-config.age
--------------------------------------------------------------------------------
/secrets/authelia/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/authelia/session-secret-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/authelia/session-secret-key.age
--------------------------------------------------------------------------------
/secrets/authelia/storage-encryption-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/authelia/storage-encryption-key.age
--------------------------------------------------------------------------------
/secrets/authelia/users.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/authelia/users.age
--------------------------------------------------------------------------------
/secrets/cloudflare/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primaryCloudflareKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAo9loEe3GoXXl/lCN8f9zUtrHYaGIalBmPC8viw/JsU";
3 | secondaryCloudflareKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMehTWF7MiwtmRAyYc/VJlP3KoLTxb6+slGgVssUdzcP";
4 | keys = [
5 | primaryCloudflareKey
6 | secondaryCloudflareKey
7 | ];
8 | in
9 | {
10 | "dynamic-dns-api-key.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/cloudflare/dynamic-dns-api-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/cloudflare/dynamic-dns-api-key.age
--------------------------------------------------------------------------------
/secrets/cloudflare/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/default.nix:
--------------------------------------------------------------------------------
1 | { self, ... }:
2 | let
3 | inherit (self.inputs.nixpkgs) lib;
4 | secrets-folders = builtins.attrNames (
5 | lib.filterAttrs (_: v: v == "directory") (builtins.readDir ./.)
6 | );
7 | in
8 |
9 | builtins.foldl' (
10 | accumulator: folder:
11 | {
12 | ${folder} = import ./${folder};
13 | }
14 | // accumulator
15 | ) { } secrets-folders
16 |
--------------------------------------------------------------------------------
/secrets/deluge/auth-file.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/deluge/auth-file.age
--------------------------------------------------------------------------------
/secrets/deluge/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWO7dR1Y6vitlmJpLe/j3ibVK82HMU6jKdJsow09jCu";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1KCfn7rFuMGybOnJ6AwgiW/mRzSf7Ar7cbpErVcRyO";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "auth-file.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/deluge/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/firefox-syncserver/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJCQ4S6f6IhpR3M2gFENmKcwVeRh4kmIcw5krtzhmRZv";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5EfLtxn30EYwJhUu7c4C5i3bhbYmqZM4UZJL7JnZHI";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "secrets.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/firefox-syncserver/secrets.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/firefox-syncserver/secrets.age
--------------------------------------------------------------------------------
/secrets/firefox-syncserver/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/git/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | keys = import ../../common/keys.nix { };
3 |
4 | git-host-keys = with keys; [
5 | jay-primary-key
6 | jay-secondary-key
7 | ];
8 | in
9 | {
10 | # SSH Signing Key
11 | "git-signing-key.age".publicKeys = git-host-keys;
12 | "git-signing-key-pub.age".publicKeys = git-host-keys;
13 | }
14 |
--------------------------------------------------------------------------------
/secrets/git/git-signing-key-pub.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/git/git-signing-key-pub.age
--------------------------------------------------------------------------------
/secrets/git/git-signing-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/git/git-signing-key.age
--------------------------------------------------------------------------------
/secrets/git/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/grafana/admin-password.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/grafana/admin-password.age
--------------------------------------------------------------------------------
/secrets/grafana/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | keys = import ../../common/keys.nix { };
3 |
4 | mr-mime-keys = with keys; [
5 | mr-mime-primary-key
6 | mr-mime-secondary-key
7 | ];
8 | in
9 | {
10 | "admin-password.age".publicKeys = mr-mime-keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/grafana/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/headscale/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | # TODO: rekey with new headscale keys
3 | primaryHeadscaleKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN6tfWXvehhGzY0Z8r5Jx9V41UGDQQ2wOA1U163VQmlb";
4 | secondaryHeadscaleKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFIUpkvOZt0Tc7tsFyOYLXJGVQORaheEPJe37RzR+FBi";
5 | headscaleKeys = [
6 | primaryHeadscaleKey
7 | secondaryHeadscaleKey
8 | ];
9 | in
10 | {
11 | ## Headscale config keys
12 | "wg-private-key.age".publicKeys = headscaleKeys;
13 | "tls-crt.age".publicKeys = headscaleKeys;
14 | "tls-key.age".publicKeys = headscaleKeys;
15 | }
16 |
--------------------------------------------------------------------------------
/secrets/headscale/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/headscale/wg-private-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/headscale/wg-private-key.age
--------------------------------------------------------------------------------
/secrets/hydra/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9mQgnIqz3H+eTHQE4zsbAn8IFVUjVGULzX3cjS+Nob";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE28sKj6QXIgWvR5QILAQ8nRpA6GeFk2PF/Y8OCrSn+6";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "hydra-github-token.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/hydra/hydra-github-token.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/hydra/hydra-github-token.age
--------------------------------------------------------------------------------
/secrets/hydra/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/nextcloud/admin-pass.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/nextcloud/admin-pass.age
--------------------------------------------------------------------------------
/secrets/nextcloud/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOpa1TCf0BfVrW6hEcSQXRehR4LMu/UgWRu4gUGnINxs";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICXujd1vnKwxIJu2Pwp9FFcy3+pIpGwR424m4nLees5";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "admin-pass.age".publicKeys = keys;
11 | "secret-file.age".publicKeys = keys;
12 | "exporter-token.age".publicKeys = keys;
13 | }
14 |
--------------------------------------------------------------------------------
/secrets/nextcloud/exporter-token.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/nextcloud/exporter-token.age
--------------------------------------------------------------------------------
/secrets/nextcloud/secret-file.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/nextcloud/secret-file.age
--------------------------------------------------------------------------------
/secrets/nextcloud/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/nix-serve/cache-priv-key.pem.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/nix-serve/cache-priv-key.pem.age
--------------------------------------------------------------------------------
/secrets/nix-serve/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOvNXUrfjQHhIiJBsE90t9Lqh93ppeqiPccu+43uunXL";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHoZFPweXfKRafs74qVmEhdCnTt3Wb7GlLBotyX7DbMY";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "cache-priv-key.pem.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/nix-serve/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/openvpn/ca-cert.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/openvpn/ca-cert.age
--------------------------------------------------------------------------------
/secrets/openvpn/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | keys = import ../../common/keys.nix { };
3 |
4 | diglett-keys = with keys; [
5 | diglett-primary-key
6 | diglett-secondary-key
7 | ];
8 |
9 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILt1yGWTl0BJqyXYpKyAiGsVMngfaaPD51VjzQge0/Se";
10 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIiUT2q43oi0HUHe9hPf+drjsOP6cxbukjfT7OnTmTO5";
11 |
12 | openvpn-server-keys = [
13 | primary-key
14 | secondary-key
15 | ] ++ diglett-keys;
16 |
17 | in
18 | {
19 | "ca-cert.age".publicKeys = openvpn-server-keys;
20 | "dh2048-pem.age".publicKeys = openvpn-server-keys;
21 | "server-cert.age".publicKeys = openvpn-server-keys;
22 | "server-key.age".publicKeys = openvpn-server-keys;
23 | "ta-key.age".publicKeys = openvpn-server-keys;
24 | }
25 |
--------------------------------------------------------------------------------
/secrets/openvpn/dh2048-pem.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/openvpn/dh2048-pem.age
--------------------------------------------------------------------------------
/secrets/openvpn/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/openvpn/server-cert.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/openvpn/server-cert.age
--------------------------------------------------------------------------------
/secrets/openvpn/server-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/openvpn/server-key.age
--------------------------------------------------------------------------------
/secrets/openvpn/ta-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/openvpn/ta-key.age
--------------------------------------------------------------------------------
/secrets/openvscode-server/connection-token-file.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/openvscode-server/connection-token-file.age
--------------------------------------------------------------------------------
/secrets/openvscode-server/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | # TODO: rekey with new headscale keys
3 | primaryOpenVscodeKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFF/xU6gTNVAv/ev+Eod5wzscjSqNLOdh70f1/u95l72";
4 | secondaryOpenVscodeKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICphdq1I7huM6f9hAckz6MBqJ8XMcKFD5F4Tvb8QKR3d";
5 | openVscodeKeys = [
6 | primaryOpenVscodeKey
7 | secondaryOpenVscodeKey
8 | ];
9 | in
10 | {
11 | "connection-token-file.age".publicKeys = openVscodeKeys;
12 | }
13 |
--------------------------------------------------------------------------------
/secrets/openvscode-server/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/restic/logs-password.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/restic/logs-password.age
--------------------------------------------------------------------------------
/secrets/restic/nextcloud-password.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/restic/nextcloud-password.age
--------------------------------------------------------------------------------
/secrets/restic/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/restic/wasabi-backup-env.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/restic/wasabi-backup-env.age
--------------------------------------------------------------------------------
/secrets/sonarr/api-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/sonarr/api-key.age
--------------------------------------------------------------------------------
/secrets/sonarr/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxQ1OuDRZb/VtVe6PWhAAPWb5wlwCo0daguzHMy0IjT";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIUJYlwJ1//8bzSCptyqc810HpJVjO0btPVwL/pVhHix";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "api-key.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/sonarr/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/ssh/builder-id-ed25519.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/ssh/builder-id-ed25519.age
--------------------------------------------------------------------------------
/secrets/ssh/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primarySshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOigle2qwhrp1vOybRZlu4k3azwHA1/s61bjaDa54J9f";
3 | secondarySshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBlEvnIWwozY75HIpf/0ZPIjkkDk47uCL1nhqdDHUpED";
4 | sshKeys = [
5 | primarySshKey
6 | secondarySshKey
7 | ];
8 | in
9 | {
10 | # Secrets SSH keys - in this instance all hard-tokens so
11 | # threat modelling would require physical access to fully
12 | # compromise anyway.
13 | # Here we use a prefix of $USERNAME- so we can dynamically
14 | # generate suitable configs re; identity files and whatnot
15 | "type-a-1.age".publicKeys = sshKeys;
16 | "type-c-1.age".publicKeys = sshKeys;
17 | "type-a-2.age".publicKeys = sshKeys;
18 | "type-c-2.age".publicKeys = sshKeys;
19 |
20 | # SSH key used for remote builds
21 | "builder-id-ed25519.age".publicKeys = sshKeys;
22 | }
23 |
--------------------------------------------------------------------------------
/secrets/ssh/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/ssh/type-a-1.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/ssh/type-a-1.age
--------------------------------------------------------------------------------
/secrets/ssh/type-a-2.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/ssh/type-a-2.age
--------------------------------------------------------------------------------
/secrets/ssh/type-c-1.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/ssh/type-c-1.age
--------------------------------------------------------------------------------
/secrets/ssh/type-c-2.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/ssh/type-c-2.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-admin.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-admin.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-auth.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-auth.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-dns.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-dns.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-download.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-download.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-game.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-game.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-general.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-general.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-log.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-log.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-nextcloud.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-nextcloud.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-reverse-proxy.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-reverse-proxy.age
--------------------------------------------------------------------------------
/secrets/tailscale/preauth-work.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/tailscale/preauth-work.age
--------------------------------------------------------------------------------
/secrets/tailscale/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/terraform/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primaryTerraformKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII2ZE7cAT/BQaKxGXjS/GivkT1Le35hOv+s12AeXSp4d";
3 | secondaryTerraformKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFE/0UINSHALBMSe23UyYum0DOz5yddFdekW8IJW9qqT";
4 | terraformKeys = [
5 | primaryTerraformKey
6 | secondaryTerraformKey
7 | ];
8 | in
9 | {
10 | "terraform-api-key.age".publicKeys = terraformKeys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/terraform/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/terraform/terraform-api-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/terraform/terraform-api-key.age
--------------------------------------------------------------------------------
/secrets/wireless/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | keys = import ../../common/keys.nix { };
3 |
4 | primaryWirelessKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBfry8LxgYjnHJjefyvfi/N17Zkem9Zgzh0WvopLYEM2";
5 | secondaryWirelessKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBLQQwX0Q7f6E8ZkIOmTwuE/8dGZinWjBiCFVUwP3V9S";
6 | wirelessKeys = [
7 | primaryWirelessKey
8 | secondaryWirelessKey
9 | ];
10 |
11 | gastly-keys = with keys; [
12 | gastly-primary-key
13 | gastly-secondary-key
14 | ];
15 |
16 | wigglytuff-keys = with keys; [
17 | wigglytuff-primary-key
18 | wigglytuff-secondary-key
19 | ];
20 | in
21 | {
22 | # Wireless Secret keys
23 | "wireless-iot.env.age".publicKeys = wirelessKeys ++ wigglytuff-keys;
24 | "wireless-home.env.age".publicKeys = wirelessKeys ++ gastly-keys;
25 | "wireless-pixel-hotspot.env.age".publicKeys = wirelessKeys ++ gastly-keys;
26 | "wireless-samsung-hotspot.env.age".publicKeys = wirelessKeys ++ gastly-keys;
27 | "wireless-mbd.env.age".publicKeys = wirelessKeys;
28 | }
29 |
--------------------------------------------------------------------------------
/secrets/wireless/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/secrets/wireless/wireless-home.env.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/wireless/wireless-home.env.age
--------------------------------------------------------------------------------
/secrets/wireless/wireless-iot.env.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/wireless/wireless-iot.env.age
--------------------------------------------------------------------------------
/secrets/wireless/wireless-mbd.env.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/wireless/wireless-mbd.env.age
--------------------------------------------------------------------------------
/secrets/wireless/wireless-pixel-hotspot.env.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/wireless/wireless-pixel-hotspot.env.age
--------------------------------------------------------------------------------
/secrets/wireless/wireless-samsung-hotspot.env.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/wireless/wireless-samsung-hotspot.env.age
--------------------------------------------------------------------------------
/secrets/zfs/default.nix:
--------------------------------------------------------------------------------
1 | let
2 | primary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMrW8bV9R39pkLbdXv4Q2McLyCnIhRBHkBtv1TFD8++";
3 | secondary-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQtWe4cz/6WlcK0rn0xEIRxBF4lUyCNt28ZpHl5ANev";
4 | keys = [
5 | primary-key
6 | secondary-key
7 | ];
8 | in
9 | {
10 | "dragonite-fde-key.age".publicKeys = keys;
11 | }
12 |
--------------------------------------------------------------------------------
/secrets/zfs/dragonite-fde-key.age:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JayRovacsek/nix-config/54aa375e35f542f8bbad3811e6322f1f412ada78/secrets/zfs/dragonite-fde-key.age
--------------------------------------------------------------------------------
/secrets/zfs/secrets.nix:
--------------------------------------------------------------------------------
1 | let
2 | secrets = import ./default.nix;
3 | in
4 | secrets
5 |
--------------------------------------------------------------------------------
/users/builder.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "builder";
3 | isNormalUser = true;
4 | initialHashedPassword = "$6$LRvlOuUlmWfOtbKW$JuSDUvL0ykqAhFi80rMdWrc89wDz/uJ1Mt6WuHpsa/7kxSTWloz5O0f7xRvFvJ6nxEePUkxx/52FuHHl3rEhj61";
5 | openssh.authorizedKeys.keys = [
6 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINqBcu2ksJ3Rlm9VLo2H5cg88My1SuKncPuel6ncQi7c"
7 | ];
8 | extraGroups = [ "docker" ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/groups/dns.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "dns";
3 | gid = 10001;
4 | members = [
5 | "pihole"
6 | "stubby"
7 | "dns"
8 | ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/groups/portainer.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "portainer";
3 | gid = 10000;
4 | members = [ "portainer" ];
5 | }
6 |
--------------------------------------------------------------------------------
/users/j.rovacsek.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "j.rovacsek";
3 | home = {
4 | file.".config/git/allowed_signers".text = "* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaL4kr1XUQWWuj+iFjXeIiE6zhRDQFbOs+6toGSW9+5";
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/users/jrovacsek.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "jrovacsek";
3 | home = {
4 | file.".ssh/allowed_signers".text = "* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaL4kr1XUQWWuj+iFjXeIiE6zhRDQFbOs+6toGSW9+5";
5 | };
6 | }
7 |
--------------------------------------------------------------------------------
/users/root.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "root";
3 | openssh.authorizedKeys.keys = [
4 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMO6FTToBOIByP9uVP2Ke2jGD/ESxPcXEMhvR7unukNGAAAABHNzaDo= jay@rovacsek.com"
5 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINNGQz3ekO1q/DrxuhP7Ck3TnP9V4ooF5vo8ibFWKKqFAAAABHNzaDo= jay@rovacsek.com"
6 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDuG5e8MReihLwtKk3/rbXcZKNfiapcqAhWu//fC0aMKAAAABHNzaDo= jay@rovacsek.com"
7 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAILDjbVDfVzpcxnx9fl4pBr6eKAJdSyX4JLyBK02N9YeFAAAABHNzaDo= jay@rovacsek.com"
8 | ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/sarah.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "sarah";
3 | isNormalUser = true;
4 | initialHashedPassword = "$6$LRvlOuUlmWfOtbKW$JuSDUvL0ykqAhFi80rMdWrc89wDz/uJ1Mt6WuHpsa/7kxSTWlz5O0f7xRvFvJ6nxEePUkxx/52FuHHl3rEhj61";
5 | extraGroups = [ ];
6 | openssh.authorizedKeys.keys = [ ];
7 | }
8 |
--------------------------------------------------------------------------------
/users/service-accounts/dns.nix:
--------------------------------------------------------------------------------
1 | let
2 | group = import ../groups/dns.nix;
3 | in
4 | {
5 | name = "dns";
6 | uid = 2005;
7 | inherit group;
8 | extraGroups = [ ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/service-accounts/dnsmasq.nix:
--------------------------------------------------------------------------------
1 | let
2 | group = import ../groups/dns.nix;
3 | in
4 | {
5 | name = "dnsmasq";
6 | uid = 2004;
7 | inherit group;
8 | extraGroups = [ ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/service-accounts/pihole.nix:
--------------------------------------------------------------------------------
1 | let
2 | group = import ../groups/dns.nix;
3 | in
4 | {
5 | name = "pihole";
6 | uid = 2000;
7 | inherit group;
8 | extraGroups = [ ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/service-accounts/portainer.nix:
--------------------------------------------------------------------------------
1 | let
2 | group = import ../groups/portainer.nix;
3 | in
4 | {
5 | name = "portainer";
6 | uid = 2002;
7 | inherit group;
8 | extraGroups = [ "docker" ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/service-accounts/stubby.nix:
--------------------------------------------------------------------------------
1 | let
2 | group = import ../groups/dns.nix;
3 | in
4 | {
5 | name = "stubby";
6 | uid = 2001;
7 | inherit group;
8 | extraGroups = [ ];
9 | }
10 |
--------------------------------------------------------------------------------
/users/test.nix:
--------------------------------------------------------------------------------
1 | {
2 | name = "test";
3 | isNormalUser = true;
4 | initialHashedPassword = "$y$j9T$G1l.C1NwpyqsKzpIMMXBE.$iNAltsYo01n1059NwgQ/Xgq8fISO.26BJQiDaq4GAq7";
5 | extraGroups = [
6 | "audio"
7 | "docker"
8 | "input"
9 | "libvirtd"
10 | "networkmanager"
11 | "video"
12 | "wheel"
13 | ];
14 | }
15 |
--------------------------------------------------------------------------------