├── .envrc ├── .gitignore ├── .sops.yaml ├── LICENSE.md ├── README.md ├── facter.json ├── flake.lock ├── flake.nix ├── homes └── x86_64-linux │ ├── deck@steamdeck │ └── default.nix │ ├── haseeb@framework │ └── default.nix │ ├── haseeb@vm │ └── default.nix │ ├── haseeb@workstation │ └── default.nix │ └── haseebmajid@FRANDECPA63294006A │ └── default.nix ├── images ├── homelab │ ├── main.svg │ ├── network.svg │ └── syncthing-encryption.png ├── logo.png ├── monkeytype.png ├── nvim │ ├── cmp.png │ ├── editor.png │ ├── go-code.png │ └── telescope.png ├── swaync.png ├── terminal.png └── wallpaper.png ├── lib ├── deploy │ └── default.nix └── module │ └── default.nix ├── mkdocs.yaml ├── modules ├── home │ ├── browsers │ │ └── firefox │ │ │ └── default.nix │ ├── cli │ │ ├── editors │ │ │ └── neovim │ │ │ │ ├── default.nix │ │ │ │ ├── init.lua │ │ │ │ └── lua │ │ │ │ ├── myLuaConf │ │ │ │ ├── LSPs │ │ │ │ │ ├── init.lua │ │ │ │ │ └── on_attach.lua │ │ │ │ ├── debug │ │ │ │ │ └── init.lua │ │ │ │ ├── format │ │ │ │ │ └── init.lua │ │ │ │ ├── init.lua │ │ │ │ ├── lint │ │ │ │ │ └── init.lua │ │ │ │ ├── non_nix_download.lua │ │ │ │ ├── opts_and_keys.lua │ │ │ │ ├── plugins │ │ │ │ │ ├── ai.lua │ │ │ │ │ ├── colorscheme.lua │ │ │ │ │ ├── completion.lua │ │ │ │ │ ├── diagnostics.lua │ │ │ │ │ ├── editor.lua │ │ │ │ │ ├── file_explorer.lua │ │ │ │ │ ├── git.lua │ │ │ │ │ ├── init.lua │ │ │ │ │ ├── snippets │ │ │ │ │ │ └── go.lua │ │ │ │ │ ├── telescope.lua │ │ │ │ │ ├── treesitter.lua │ │ │ │ │ └── ui.lua │ │ │ │ ├── syntax │ │ │ │ │ ├── go.scm │ │ │ │ │ └── html.scm │ │ │ │ └── test │ │ │ │ │ └── init.lua │ │ │ │ └── nixCatsUtils │ │ │ │ ├── catPacker.lua │ │ │ │ ├── init.lua │ │ │ │ └── lzUtils.lua │ │ ├── multiplexers │ │ │ ├── tmux │ │ │ │ └── default.nix │ │ │ └── zellij │ │ │ │ ├── config.kdl │ │ │ │ └── default.nix │ │ ├── programs │ │ │ ├── attic │ │ │ │ └── default.nix │ │ │ ├── atuin │ │ │ │ └── default.nix │ │ │ ├── bat │ │ │ │ └── default.nix │ │ │ ├── bottom │ │ │ │ └── default.nix │ │ │ ├── database │ │ │ │ └── default.nix │ │ │ ├── direnv │ │ │ │ └── default.nix │ │ │ ├── eza │ │ │ │ └── default.nix │ │ │ ├── fzf │ │ │ │ └── default.nix │ │ │ ├── git │ │ │ │ └── default.nix │ │ │ ├── gpg │ │ │ │ ├── default.nix │ │ │ │ └── gnupgdir.py │ │ │ ├── htop │ │ │ │ └── default.nix │ │ │ ├── k8s │ │ │ │ └── default.nix │ │ │ ├── modern-unix │ │ │ │ └── default.nix │ │ │ ├── network-tools │ │ │ │ └── default.nix │ │ │ ├── nix-index │ │ │ │ └── default.nix │ │ │ ├── podman │ │ │ │ └── default.nix │ │ │ ├── ssh │ │ │ │ └── default.nix │ │ │ ├── starship │ │ │ │ └── default.nix │ │ │ ├── yazi │ │ │ │ └── default.nix │ │ │ └── zoxide │ │ │ │ └── default.nix │ │ ├── shells │ │ │ ├── fish │ │ │ │ └── default.nix │ │ │ └── zsh │ │ │ │ └── default.nix │ │ └── terminals │ │ │ ├── alacritty │ │ │ └── default.nix │ │ │ ├── foot │ │ │ └── default.nix │ │ │ ├── ghostty │ │ │ └── default.nix │ │ │ ├── kitty │ │ │ └── default.nix │ │ │ └── wezterm │ │ │ ├── config.lua │ │ │ └── default.nix │ ├── desktops │ │ ├── addons │ │ │ ├── gammastep │ │ │ │ └── default.nix │ │ │ ├── gnome │ │ │ │ └── default.nix │ │ │ ├── gtk │ │ │ │ ├── default.nix │ │ │ │ └── gtk.css │ │ │ ├── hypridle │ │ │ │ └── default.nix │ │ │ ├── hyprlock │ │ │ │ └── default.nix │ │ │ ├── hyprpaper │ │ │ │ └── default.nix │ │ │ ├── kanshi │ │ │ │ └── default.nix │ │ │ ├── pyprland │ │ │ │ ├── default.nix │ │ │ │ └── pyprland.toml │ │ │ ├── qt │ │ │ │ └── default.nix │ │ │ ├── rofi │ │ │ │ └── default.nix │ │ │ ├── swaylock │ │ │ │ └── default.nix │ │ │ ├── swaync │ │ │ │ ├── default.nix │ │ │ │ └── swaync.css │ │ │ ├── waybar │ │ │ │ ├── default.nix │ │ │ │ └── styles.css │ │ │ ├── wlogout │ │ │ │ ├── default.nix │ │ │ │ ├── icons │ │ │ │ │ ├── hibernate.png │ │ │ │ │ ├── lock.png │ │ │ │ │ ├── logout.png │ │ │ │ │ ├── reboot.png │ │ │ │ │ ├── shutdown.png │ │ │ │ │ └── suspend.png │ │ │ │ └── style.css │ │ │ ├── wlsunset │ │ │ │ └── default.nix │ │ │ └── xdg │ │ │ │ └── default.nix │ │ ├── gnome │ │ │ └── default.nix │ │ └── hyprland │ │ │ ├── config.nix │ │ │ ├── default.nix │ │ │ ├── keybindings.nix │ │ │ └── windowrules.nix │ ├── programs │ │ ├── discord │ │ │ ├── custom.css │ │ │ └── default.nix │ │ ├── guis │ │ │ └── default.nix │ │ └── shotwell │ │ │ └── default.nix │ ├── roles │ │ ├── common │ │ │ └── default.nix │ │ ├── desktop │ │ │ └── default.nix │ │ ├── development │ │ │ └── default.nix │ │ ├── gamedev │ │ │ └── default.nix │ │ ├── gaming │ │ │ └── default.nix │ │ ├── social │ │ │ └── default.nix │ │ └── video │ │ │ └── default.nix │ ├── secrets.yaml │ ├── security │ │ └── sops │ │ │ └── default.nix │ ├── services │ │ ├── kdeconnect │ │ │ └── default.nix │ │ ├── spotify │ │ │ └── default.nix │ │ └── syncthing │ │ │ └── default.nix │ ├── styles │ │ └── stylix │ │ │ └── default.nix │ ├── systems │ │ └── nix │ │ │ └── default.nix │ └── user │ │ └── default.nix └── nixos │ ├── cli │ └── programs │ │ ├── nh │ │ └── default.nix │ │ └── nix-ld │ │ └── default.nix │ ├── hardware │ ├── audio │ │ └── default.nix │ ├── bluetooth │ │ └── default.nix │ ├── logitech │ │ └── default.nix │ ├── networking │ │ └── default.nix │ ├── raspberry-pi-5 │ │ └── default.nix │ └── zsa │ │ └── default.nix │ ├── roles │ ├── common │ │ └── default.nix │ ├── desktop │ │ ├── addons │ │ │ ├── gnome │ │ │ │ └── default.nix │ │ │ ├── greetd │ │ │ │ └── default.nix │ │ │ ├── hyprland │ │ │ │ └── default.nix │ │ │ ├── nautilus │ │ │ │ └── default.nix │ │ │ └── xdg-portal │ │ │ │ └── default.nix │ │ └── default.nix │ ├── gaming │ │ └── default.nix │ ├── kubernetes │ │ ├── default.nix │ │ └── secrets.yaml │ └── server │ │ └── default.nix │ ├── secrets.yaml │ ├── security │ ├── doas │ │ └── default.nix │ ├── sops │ │ └── default.nix │ └── yubikey │ │ └── default.nix │ ├── services │ ├── adguard │ │ └── default.nix │ ├── arr │ │ └── default.nix │ ├── audiobookshelf │ │ └── default.nix │ ├── authentik │ │ └── default.nix │ ├── avahi │ │ └── default.nix │ ├── backup │ │ └── default.nix │ ├── couchdb │ │ └── default.nix │ ├── deluge │ │ └── default.nix │ ├── gitea │ │ └── default.nix │ ├── gitlab-runner │ │ └── default.nix │ ├── gotify │ │ └── default.nix │ ├── home-assistant │ │ └── default.nix │ ├── homepage │ │ └── default.nix │ ├── immich │ │ └── default.nix │ ├── jellyfin │ │ └── default.nix │ ├── k3s │ │ └── default.nix │ ├── logging │ │ └── default.nix │ ├── minio │ │ └── default.nix │ ├── monitoring │ │ └── default.nix │ ├── n8n │ │ └── default.nix │ ├── navidrome │ │ └── default.nix │ ├── netdata │ │ └── default.nix │ ├── nfs │ │ └── default.nix │ ├── ollama │ │ └── default.nix │ ├── openssh │ │ └── default.nix │ ├── paperless │ │ └── default.nix │ ├── photoprism │ │ └── default.nix │ ├── plausible │ │ └── default.nix │ ├── postgres │ │ └── default.nix │ ├── printing │ │ └── default.nix │ ├── redis │ │ └── default.nix │ ├── secrets.yaml │ ├── smb │ │ └── default.nix │ ├── stirling-pdf │ │ └── default.nix │ ├── syncthing │ │ └── default.nix │ ├── tailscale │ │ └── default.nix │ ├── tandoor │ │ └── default.nix │ ├── traefik │ │ └── default.nix │ ├── uptime-kuma │ │ └── default.nix │ ├── virtualisation │ │ ├── kvm │ │ │ └── default.nix │ │ ├── podman │ │ │ └── default.nix │ │ └── vfio │ │ │ └── default.nix │ └── vpn │ │ └── default.nix │ ├── styles │ └── stylix │ │ └── default.nix │ ├── system │ ├── boot │ │ └── default.nix │ ├── impermanence │ │ └── default.nix │ ├── locale │ │ └── default.nix │ └── nix │ │ └── default.nix │ └── user │ └── default.nix ├── overlays └── zjstatus │ └── default.nix ├── packages ├── install │ └── default.nix ├── monolisa │ ├── MonoLisa │ │ ├── MonoLisa-Black.ttf │ │ ├── MonoLisa-BlackItalic.ttf │ │ ├── MonoLisa-Bold.ttf │ │ ├── MonoLisa-BoldItalic.ttf │ │ ├── MonoLisa-ExtraBold.ttf │ │ ├── MonoLisa-ExtraBoldItalic.ttf │ │ ├── MonoLisa-ExtraLight.ttf │ │ ├── MonoLisa-ExtraLightItalic.ttf │ │ ├── MonoLisa-Light.ttf │ │ ├── MonoLisa-LightItalic.ttf │ │ ├── MonoLisa-Medium.ttf │ │ ├── MonoLisa-MediumItalic.ttf │ │ ├── MonoLisa-Regular.ttf │ │ ├── MonoLisa-RegularItalic.ttf │ │ ├── MonoLisa-SemiBold.ttf │ │ ├── MonoLisa-SemiBoldItalic.ttf │ │ ├── MonoLisa-Thin.ttf │ │ └── MonoLisa-ThinItalic.ttf │ └── default.nix ├── octopus-energy │ └── default.nix └── wallpapers │ ├── default.nix │ └── wallpapers │ ├── 3kitty2.jpg │ ├── KurzegartDNA.png │ ├── Kurzgesagt-Baby_Star.png │ ├── Kurzgesagt-Cloudy_Quasar_1.png │ ├── Kurzgesagt-Galaxies.png │ ├── Kurzgesagt-Galaxy_2.png │ ├── Kurzgesagt-Galaxy_3.png │ ├── Kurzgesagt-Stellar_Phenomenon.png │ ├── Palette.png │ ├── cat-sound.png │ ├── catMachup.jpg │ ├── catpuccino-caramel-dark-4k.png │ ├── earth.png │ ├── galaxy.png │ ├── nixppuccin.png │ ├── pizza.png │ ├── rainbow-nix.jpg │ ├── spill.jpg │ └── windows-error.jpg ├── shells └── default │ └── default.nix ├── systems ├── aarch64-sd-aarch64 │ └── server-pi-5 │ │ └── default.nix ├── x86_64-install-iso │ ├── graphical │ │ └── default.nix │ └── minimal │ │ └── default.nix └── x86_64-linux │ ├── framework │ ├── default.nix │ ├── disks.nix │ └── hardware-configuration.nix │ ├── ms01 │ ├── default.nix │ ├── disks.nix │ └── hardware-configuration.nix │ ├── nas │ ├── default.nix │ ├── disks.nix │ └── hardware-configuration.nix │ ├── s100 │ ├── default.nix │ ├── disks.nix │ └── hardware-configuration.nix │ ├── um790 │ ├── default.nix │ ├── disks.nix │ └── hardware-configuration.nix │ ├── vm │ ├── default.nix │ ├── disks.nix │ └── hardware-configuration.nix │ ├── vps │ ├── default.nix │ ├── disks.nix │ └── hardware-configuration.nix │ └── workstation │ ├── default.nix │ ├── disks.nix │ ├── facter.json │ └── hardware-configuration.nix └── topology └── default.nix /.envrc: -------------------------------------------------------------------------------- 1 | use flake 2 | 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # direnv 2 | .direnv 3 | .env 4 | 5 | # pre-commit 6 | .pre-commit-config.yaml 7 | 8 | result 9 | -------------------------------------------------------------------------------- /.sops.yaml: -------------------------------------------------------------------------------- 1 | # Make a user key 2 | # mkdir -p ~/.config/sops/age 3 | # age-keygen -o ~/.config/sops/age/keys.txt 4 | # chmod 600 ~/.config/sops/age/keys.txt 5 | 6 | # Display the user public key: 7 | # age-keygen -y ~/.config/sops/age/keys.txt 8 | 9 | # Make a host public key: 10 | # nix-shell -p ssh-to-age 11 | # ssh-to-age -i /etc/ssh/ssh_host_ed25519_key.pub 12 | 13 | # Add secrets 14 | # sops secrets/secrets.yaml 15 | 16 | # Rekey secrets.yaml after editing recipients in .sops.yaml: 17 | # sops updatekeys secrets/secrets.yaml 18 | keys: 19 | - &users: 20 | - &haseeb_workstation age1vmnnywhflwymjcgllmp5sgf05dn3qvamd2ylhxquwcuvlrm8ma3sc882mp 21 | - &haseebmajid_curve age1rc26esy506fa0kv2y97sjzfk4g2pr0ctv2rzkacewx5d8urns3zqhr7r7n 22 | - &hosts: 23 | - &framework age1kzxen8ynw28h935jnjc9t8cx4p8mv6angk5suvkp6ntu4am9pe4smfw22z 24 | - &workstation age1vsjjdkgrv72tr3uftryj2szt3n0xk8h3ce54kzyfsmxtymxu6s4qgu5yuk 25 | - &mainboard age1rpqz5vl9tkgje46h43sjgthmqjcltwgm8fm9xdm9yk2ugemuqqrs6jpr43 26 | - &um790 age1wtkcl8gwwumvzf78ttqy4gh2pwzz724glugs5wah2fcudgfh5pxq3urkpg 27 | - &ms01 age1uswlqzs3pf99r6e8qq5d3eh44sufe5tdczmfqygeam7vfr96fugqa0pps7 28 | - &s100 age19pl6jt7ekljfjww4g9anzafdxj0e52mnfnsyd26u5xdemfksqpwsnfwrs5 29 | - &vps age1968z5kxjrf5nnzmvp7fp70pytkpnaaa0xel7cqr8nt4vtezygfnstuh4dx 30 | 31 | creation_rules: 32 | - path_regex: modules/nixos/roles/kubernetes/secrets.ya?ml$ 33 | key_groups: 34 | - age: 35 | - *workstation 36 | - *haseeb_workstation 37 | - *haseebmajid_curve 38 | - *framework 39 | - *mainboard 40 | - *um790 41 | - *ms01 42 | - *s100 43 | 44 | - path_regex: modules/nixos/secrets.ya?ml$ 45 | key_groups: 46 | - age: 47 | - *workstation 48 | - *framework 49 | - *haseeb_workstation 50 | - *haseebmajid_curve 51 | - *um790 52 | - *ms01 53 | - *s100 54 | - *vps 55 | 56 | - path_regex: modules/nixos/services/secrets.ya?ml$ 57 | key_groups: 58 | - age: 59 | - *workstation 60 | - *framework 61 | - *haseeb_workstation 62 | - *haseebmajid_curve 63 | - *um790 64 | - *ms01 65 | - *s100 66 | - *vps 67 | 68 | - path_regex: modules/home/secrets.ya?ml$ 69 | key_groups: 70 | - age: 71 | - *framework 72 | - *haseeb_workstation 73 | - *haseebmajid_curve 74 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | This is free and unencumbered software released into the public domain. 2 | 3 | Anyone is free to copy, modify, publish, use, compile, sell, or distribute this 4 | software, either in source code form or as a compiled binary, for any purpose, 5 | commercial or non-commercial, and by any means. 6 | 7 | In jurisdictions that recognize copyright laws, the author or authors of this 8 | software dedicate any and all copyright interest in the software to the public 9 | domain. We make this dedication for the benefit of the public at large and to 10 | the detriment of our heirs and successors. We intend this dedication to be an 11 | overt act of relinquishment in perpetuity of all present and future rights to 12 | this software under copyright law. 13 | 14 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 15 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 16 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 17 | AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 18 | ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 19 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 20 | -------------------------------------------------------------------------------- /homes/x86_64-linux/deck@steamdeck/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | roles = { 3 | social.enable = true; 4 | }; 5 | 6 | nixicle.user = { 7 | enable = true; 8 | name = "deck"; 9 | }; 10 | 11 | home.stateVersion = "23.11"; 12 | } 13 | -------------------------------------------------------------------------------- /homes/x86_64-linux/haseeb@framework/default.nix: -------------------------------------------------------------------------------- 1 | {pkgs, ...}: { 2 | desktops = { 3 | hyprland = { 4 | enable = true; 5 | execOnceExtras = [ 6 | "${pkgs.trayscale}/bin/trayscale" 7 | "${pkgs.networkmanagerapplet}/bin/nm-applet" 8 | "${pkgs.blueman}/bin/blueman-applet" 9 | ]; 10 | }; 11 | }; 12 | 13 | home.packages = with pkgs; [ 14 | nwg-displays 15 | ]; 16 | 17 | roles = { 18 | desktop.enable = true; 19 | social.enable = true; 20 | video.enable = true; 21 | }; 22 | 23 | nixicle.user = { 24 | enable = true; 25 | name = "haseeb"; 26 | }; 27 | 28 | home.stateVersion = "23.11"; 29 | } 30 | -------------------------------------------------------------------------------- /homes/x86_64-linux/haseeb@vm/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | roles = { 3 | desktop.enable = true; 4 | gaming.enable = true; 5 | }; 6 | 7 | nixicle.user = { 8 | enable = true; 9 | name = "haseeb"; 10 | }; 11 | 12 | home.stateVersion = "23.11"; 13 | } 14 | -------------------------------------------------------------------------------- /homes/x86_64-linux/haseeb@workstation/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: { 2 | cli.programs.git.allowedSigners = 3 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINP5gqbEEj+pykK58djSI1vtMtFiaYcygqhHd3mzPbSt hello@haseebmajid.dev"; 4 | 5 | desktops = { 6 | hyprland = { 7 | enable = true; 8 | execOnceExtras = [ "${pkgs.trayscale}/bin/trayscale" ]; 9 | }; 10 | gnome = { enable = true; }; 11 | }; 12 | 13 | home.packages = with pkgs; [ hyprpanel ]; 14 | 15 | roles = { 16 | desktop.enable = true; 17 | social.enable = true; 18 | gaming.enable = true; 19 | video.enable = true; 20 | }; 21 | 22 | nixicle.user = { 23 | enable = true; 24 | name = "haseeb"; 25 | }; 26 | 27 | home.stateVersion = "23.11"; 28 | } 29 | -------------------------------------------------------------------------------- /homes/x86_64-linux/haseebmajid@FRANDECPA63294006A/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | pkgs, 4 | inputs, 5 | lib, 6 | ... 7 | }: let 8 | screensharing = pkgs.writeScriptBin "screensharing" '' 9 | #!/usr/bin/env bash 10 | sleep 1 11 | killall -e xdg-desktop-portal-hyprland 12 | killall -e xdg-desktop-portal-wlr 13 | killall xdg-desktop-portal 14 | /usr/libexec/xdg-desktop-portal-hyprland & 15 | sleep 2 16 | /usr/libexec/xdg-desktop-portal & 17 | ''; 18 | in { 19 | nixGL = { 20 | inherit (inputs.nixgl) packages; 21 | defaultWrapper = "mesa"; 22 | }; 23 | 24 | programs = { 25 | firefox.package = config.lib.nixGL.wrap pkgs.firefox; 26 | ghostty.package = config.lib.nixGL.wrap pkgs.ghostty; 27 | }; 28 | 29 | roles = { 30 | desktop.enable = true; 31 | }; 32 | 33 | home = { 34 | sessionVariables = { 35 | DOCKER_HOST = "unix://$XDG_RUNTIME_DIR/podman/podman.sock"; 36 | }; 37 | 38 | packages = with pkgs; [ 39 | screensharing 40 | nwg-displays 41 | (lib.hiPrio (config.lib.nixGL.wrap totem)) 42 | ]; 43 | }; 44 | 45 | desktops = { 46 | hyprland = { 47 | enable = true; 48 | execOnceExtras = [ 49 | "warp-taskbar" 50 | "blueman-applet" 51 | "${screensharing}/bin/screensharing" 52 | "nm-applet" 53 | ]; 54 | }; 55 | 56 | gnome.enable = true; 57 | }; 58 | 59 | xdg.configFile."environment.d/envvars.conf".text = '' 60 | PATH="$PATH:/home/haseebmajid/.nix-profile/bin" 61 | ''; 62 | 63 | programs.keychain.keys = lib.mkForce [ 64 | "id_ed25519" 65 | "id_ed25519_personal" 66 | ]; 67 | 68 | cli.programs = { 69 | git = { 70 | allowedSigners = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGOEtfQ0znAH8QyB4Z5FzRPa9iKkBhuriEpqyfoEkiv+ haseeb.majid@imaginecurve.com"; 71 | email = "haseeb.majid@imaginecurve.com"; 72 | urlRewrites = { 73 | "git@gitlab.com:imaginecurve/" = "https://gitlab.com/imaginecurve/"; 74 | "git@gitlab.com:" = "https://gitlab.com"; 75 | }; 76 | }; 77 | ssh = { 78 | extraHosts = { 79 | "gitlab-personal" = { 80 | hostname = "gitlab.com"; 81 | identityFile = "~/.ssh/id_ed25519_personal"; 82 | }; 83 | "gitlab.com" = { 84 | hostname = "gitlab.com"; 85 | identityFile = "~/.ssh/id_ed25519"; 86 | }; 87 | }; 88 | }; 89 | }; 90 | 91 | nixicle.user = { 92 | enable = true; 93 | name = "haseebmajid"; 94 | }; 95 | 96 | home.stateVersion = "23.11"; 97 | } 98 | -------------------------------------------------------------------------------- /images/homelab/syncthing-encryption.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/homelab/syncthing-encryption.png -------------------------------------------------------------------------------- /images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/logo.png -------------------------------------------------------------------------------- /images/monkeytype.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/monkeytype.png -------------------------------------------------------------------------------- /images/nvim/cmp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/nvim/cmp.png -------------------------------------------------------------------------------- /images/nvim/editor.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/nvim/editor.png -------------------------------------------------------------------------------- /images/nvim/go-code.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/nvim/go-code.png -------------------------------------------------------------------------------- /images/nvim/telescope.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/nvim/telescope.png -------------------------------------------------------------------------------- /images/swaync.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/swaync.png -------------------------------------------------------------------------------- /images/terminal.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/terminal.png -------------------------------------------------------------------------------- /images/wallpaper.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/images/wallpaper.png -------------------------------------------------------------------------------- /lib/deploy/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | inputs, 4 | }: let 5 | inherit (inputs) deploy-rs; 6 | in rec { 7 | ## Create deployment configuration for use with deploy-rs. 8 | ## 9 | ## ```nix 10 | ## mkDeploy { 11 | ## inherit self; 12 | ## overrides = { 13 | ## my-host.system.sudo = "doas -u"; 14 | ## }; 15 | ## } 16 | ## ``` 17 | ## 18 | #@ { self: Flake, overrides: Attrs ? {} } -> Attrs 19 | mkDeploy = { 20 | self, 21 | overrides ? {}, 22 | }: let 23 | hosts = self.nixosConfigurations or {}; 24 | names = builtins.attrNames hosts; 25 | nodes = 26 | lib.foldl 27 | (result: name: let 28 | host = hosts.${name}; 29 | user = host.config.user.name or null; 30 | inherit (host.pkgs) system; 31 | in 32 | result 33 | // { 34 | ${name} = 35 | (overrides.${name} or {}) 36 | // { 37 | hostname = overrides.${name}.hostname or "${name}"; 38 | profiles = 39 | (overrides.${name}.profiles or {}) 40 | // { 41 | system = 42 | (overrides.${name}.profiles.system or {}) 43 | // { 44 | path = deploy-rs.lib.${system}.activate.nixos host; 45 | } 46 | // lib.optionalAttrs (user != null) { 47 | user = "root"; 48 | sshUser = user; 49 | } 50 | // lib.optionalAttrs 51 | (host.config.security.nixicle.doas.enable or false) 52 | { 53 | sudo = "doas -u"; 54 | }; 55 | }; 56 | }; 57 | }) 58 | {} 59 | names; 60 | in {inherit nodes;}; 61 | } 62 | -------------------------------------------------------------------------------- /lib/module/default.nix: -------------------------------------------------------------------------------- 1 | {lib, ...}: 2 | with lib; rec { 3 | ## Create a NixOS module option. 4 | ## 5 | ## ```nix 6 | ## lib.mkOpt nixpkgs.lib.types.str "My default" "Description of my option." 7 | ## ``` 8 | ## 9 | #@ Type -> Any -> String 10 | mkOpt = type: default: description: 11 | mkOption {inherit type default description;}; 12 | 13 | ## Create a NixOS module option without a description. 14 | ## 15 | ## ```nix 16 | ## lib.mkOpt' nixpkgs.lib.types.str "My default" 17 | ## ``` 18 | ## 19 | #@ Type -> Any -> String 20 | mkOpt' = type: default: mkOpt type default null; 21 | 22 | ## Create a boolean NixOS module option. 23 | ## 24 | ## ```nix 25 | ## lib.mkBoolOpt true "Description of my option." 26 | ## ``` 27 | ## 28 | #@ Type -> Any -> String 29 | mkBoolOpt = mkOpt types.bool; 30 | 31 | ## Create a boolean NixOS module option without a description. 32 | ## 33 | ## ```nix 34 | ## lib.mkBoolOpt true 35 | ## ``` 36 | ## 37 | #@ Type -> Any -> String 38 | mkBoolOpt' = mkOpt' types.bool; 39 | 40 | ## Create a package NixOS module option. 41 | ## 42 | ## ```nix 43 | ## lib.mkPackageOpt pkgs.rofi-wayland "Description of my option." 44 | ## ``` 45 | ## 46 | #@ Type -> Any -> String 47 | mkPackageOpt = mkOpt types.package; 48 | 49 | ## Create a package NixOS module option without a description. 50 | ## 51 | ## ```nix 52 | ## lib.mkPackageOpt' pkgs.rofi-wayland 53 | ## ``` 54 | ## 55 | #@ Type -> Any -> String 56 | mkPackageOpt' = mkOpt types.package; 57 | 58 | enabled = { 59 | ## Quickly enable an option. 60 | ## 61 | ## ```nix 62 | ## services.nginx = enabled; 63 | ## ``` 64 | ## 65 | #@ true 66 | enable = true; 67 | }; 68 | 69 | disabled = { 70 | ## Quickly disable an option. 71 | ## 72 | ## ```nix 73 | ## services.nginx = enabled; 74 | ## ``` 75 | ## 76 | #@ false 77 | enable = false; 78 | }; 79 | } 80 | -------------------------------------------------------------------------------- /mkdocs.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | site_name: Haseeb Majid | Home Cluster 3 | site_description: My home lab configuration 4 | site_author: Haseeb Majid 5 | site_url: https://second-brain.haseebmajid.dev 6 | 7 | repo_name: hmajid2301/second-brain 8 | repo_url: https://github.com/hmajid2301/second-brain 9 | edit_uri: "edit/main/" 10 | 11 | theme: 12 | name: material 13 | icon: 14 | repo: fontawesome/brands/github-alt 15 | language: en 16 | features: 17 | - navigation.sections 18 | - navigation.tracking 19 | - search.highlight 20 | - search.share 21 | - search.suggest 22 | palette: 23 | - scheme: default 24 | primary: blue 25 | accent: indigo 26 | toggle: 27 | icon: material/weather-night 28 | name: Switch to dark mode 29 | - scheme: slate 30 | primary: blue 31 | accent: indigo 32 | toggle: 33 | icon: material/weather-sunny 34 | name: Switch to light mode 35 | 36 | docs_dir: ./docs 37 | 38 | plugins: 39 | - search: 40 | lang: en 41 | - minify: 42 | minify_html: true 43 | # - macros: 44 | # include_dir: docs/_snippets 45 | 46 | # Extensions 47 | markdown_extensions: 48 | - admonition 49 | - attr_list 50 | - toc: 51 | permalink: true 52 | - pymdownx.emoji: 53 | emoji_index: !!python/name:materialx.emoji.twemoji 54 | emoji_generator: !!python/name:materialx.emoji.to_svg 55 | 56 | nav: 57 | - Introduction: index.md 58 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/LSPs/on_attach.lua: -------------------------------------------------------------------------------- 1 | return function(_, bufnr) 2 | -- we create a function that lets us more easily define mappings specific 3 | -- for LSP related items. It sets the mode, buffer and description for us each time. 4 | 5 | local nmap = function(keys, func, desc) 6 | if desc then 7 | desc = "LSP: " .. desc 8 | end 9 | 10 | vim.keymap.set("n", keys, func, { buffer = bufnr, desc = desc }) 11 | end 12 | 13 | nmap("cr", vim.lsp.buf.rename, "[R]e[n]ame") 14 | nmap("gd", vim.lsp.buf.definition, "[G]oto [D]efinition") 15 | -- vim.keymap.set({ "n", "v" }, "ca", vim.lsp.buf.code_action, { desc = "Code Actions" }) 16 | nmap("lR", "LspRestart", "Restart LSP") 17 | 18 | -- NOTE: why are these functions that call the telescope builtin? 19 | -- because otherwise they would load telescope eagerly when this is defined. 20 | -- due to us using the on_require handler to make sure it is available. 21 | if nixCats("general.telescope") then 22 | nmap("gr", function() 23 | require("telescope.builtin").lsp_references() 24 | end, "[G]oto [R]eferences") 25 | nmap("gi", function() 26 | require("telescope.builtin").lsp_implementations() 27 | end, "[G]oto [I]mplementation") 28 | nmap("ds", function() 29 | require("telescope.builtin").lsp_document_symbols() 30 | end, "[D]ocument [S]ymbols") 31 | nmap("ws", function() 32 | require("telescope.builtin").lsp_dynamic_workspace_symbols() 33 | end, "[W]orkspace [S]ymbols") 34 | end -- TODO: someone who knows the builtin versions of these to do instead help me out please. 35 | 36 | nmap("D", vim.lsp.buf.type_definition, "Type [D]efinition") 37 | 38 | -- See `:help K` for why this keymap 39 | nmap("K", function() 40 | vim.lsp.buf.hover({ border = "rounded" }) 41 | end, "Hover Documentation") 42 | 43 | vim.keymap.set("i", "", function() 44 | vim.lsp.buf.signature_help({ border = "rounded" }) 45 | end, { desc = "Signature Documentation" }) 46 | 47 | -- Lesser used LSP functionality 48 | nmap("gD", vim.lsp.buf.declaration, "[G]oto [D]eclaration") 49 | 50 | -- Create a command `:Format` local to the LSP buffer 51 | vim.api.nvim_buf_create_user_command(bufnr, "Format", function(_) 52 | vim.lsp.buf.format() 53 | end, { desc = "Format current buffer with LSP" }) 54 | end 55 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/format/init.lua: -------------------------------------------------------------------------------- 1 | require("lze").load({ 2 | { 3 | "conform.nvim", 4 | for_cat = "format", 5 | after = function(plugin) 6 | local conform = require("conform") 7 | 8 | conform.setup({ 9 | ["_"] = { "trim_whitespace" }, 10 | format_on_save = { 11 | lsp_format = "fallback", 12 | timeout_ms = 500, 13 | }, 14 | formatters = { 15 | goimports = { 16 | command = "goimports", 17 | args = { "-local", "gitlab.com/hmajid2301,git.curve.tools,go.curve.tools" }, 18 | }, 19 | yamlfmt = { 20 | args = { "-formatter", "retain_line_breaks_single=true" }, 21 | }, 22 | }, 23 | formatters_by_ft = { 24 | css = { "prettierd" }, 25 | go = { "gofmt", "goimports" }, 26 | lua = { "stylua" }, 27 | templ = { "rustywind", "templ" }, 28 | html = { "htmlbeautifier", "rustywind" }, 29 | nix = { "nixfmt" }, 30 | python = { "isort", "black" }, 31 | javascript = { "prettierd" }, 32 | typescript = { "prettierd" }, 33 | sql = { "sqlfluff" }, 34 | yaml = { "yamlfmt" }, 35 | }, 36 | }) 37 | end, 38 | }, 39 | }) 40 | 41 | vim.api.nvim_create_user_command("FormatDisable", function(args) 42 | if args.bang then 43 | -- FormatDisable! will disable formatting just for this buffer 44 | vim.b.disable_autoformat = true 45 | else 46 | vim.g.disable_autoformat = true 47 | end 48 | end, { 49 | desc = "Disable autoformat-on-save", 50 | bang = true, 51 | }) 52 | vim.api.nvim_create_user_command("FormatEnable", function() 53 | vim.b.disable_autoformat = false 54 | vim.g.disable_autoformat = false 55 | end, { 56 | desc = "Re-enable autoformat-on-save", 57 | }) 58 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/init.lua: -------------------------------------------------------------------------------- 1 | -- NOTE: various, non-plugin config 2 | require("myLuaConf.opts_and_keys") 3 | 4 | -- NOTE: register an extra lze handler with the spec_field 'for_cat' 5 | -- that makes enabling an lze spec for a category slightly nicer 6 | require("lze").register_handlers(require("nixCatsUtils.lzUtils").for_cat) 7 | 8 | -- NOTE: Register another one from lzextras. This one makes it so that 9 | -- you can set up lsps within lze specs, 10 | -- and trigger lspconfig setup hooks only on the correct filetypes 11 | require("lze").register_handlers(require("lzextras").lsp) 12 | 13 | -- NOTE: general plugins 14 | require("myLuaConf.plugins") 15 | require("myLuaConf.plugins.colorscheme") 16 | 17 | -- NOTE: obviously, more plugins, but more organized by what they do below 18 | 19 | -- I dont need to explain why this is called lsp right? 20 | require("myLuaConf.LSPs") 21 | 22 | -- NOTE: we even ask nixCats if we included our debug stuff in this setup! (we didnt) 23 | -- But we have a good base setup here as an example anyway! 24 | if nixCats("debug") then 25 | require("myLuaConf.debug") 26 | end 27 | if nixCats("test") then 28 | require("myLuaConf.test") 29 | end 30 | -- NOTE: we included these though! Or, at least, the category is enabled. 31 | -- these contain nvim-lint and conform setups. 32 | if nixCats("lint") then 33 | require("myLuaConf.lint") 34 | end 35 | if nixCats("format") then 36 | require("myLuaConf.format") 37 | end 38 | -- NOTE: I didnt actually include any linters or formatters in this configuration, 39 | -- but it is enough to serve as an example. 40 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/lint/init.lua: -------------------------------------------------------------------------------- 1 | require("lze").load({ 2 | { 3 | "nvim-lint", 4 | for_cat = "lint", 5 | event = "FileType", 6 | after = function(plugin) 7 | require("lint").linters_by_ft = { 8 | docker = { "hadolint" }, 9 | go = { "golangcilint" }, 10 | html = { "htmlhint" }, 11 | lua = { "luacheck" }, 12 | nix = { "statix" }, 13 | javascript = { "eslint" }, 14 | typescript = { "eslint" }, 15 | sql = { "sqlfluff" }, 16 | } 17 | 18 | vim.api.nvim_create_autocmd({ "BufWritePost" }, { 19 | callback = function() 20 | require("lint").try_lint() 21 | end, 22 | }) 23 | end, 24 | }, 25 | }) 26 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/plugins/ai.lua: -------------------------------------------------------------------------------- 1 | return { 2 | { 3 | "CopilotChat.nvim", 4 | for_cat = "general.ai", 5 | keys = { 6 | { "ac", mode = { "n" }, desc = "Toggle Copilot Chat" }, 7 | }, 8 | cmd = { "CopilotChat", "Copilot" }, 9 | load = function(name) 10 | vim.cmd.packadd(name) 11 | vim.cmd.packadd("copilot.lua") 12 | end, 13 | after = function(plugin) 14 | require("copilot").setup({}) 15 | require("CopilotChat").setup({ 16 | model = "gpt-4o", 17 | }) 18 | vim.keymap.set("n", "ac", "CopilotChat", { desc = "Toggle Copilot Chat" }) 19 | end, 20 | }, 21 | { 22 | "avante.nvim", 23 | for_cat = "general.ai", 24 | cmd = { "AvanteChat", "AvanteAsk" }, 25 | keys = { 26 | { "aa", mode = { "n" }, desc = "Toggle Avanate" }, 27 | }, 28 | after = function(plugin) 29 | require("avante").setup({ 30 | provider = "copilot", 31 | hints = { enabled = false }, 32 | custom_tools = { 33 | { 34 | name = "run_go_tests", -- Unique name for the tool 35 | description = "Run Go unit tests and return results", -- Description shown to AI 36 | command = "go test -v ./...", -- Shell command to execute 37 | param = { -- Input parameters (optional) 38 | type = "table", 39 | fields = { 40 | { 41 | name = "target", 42 | description = "Package or directory to test (e.g. './pkg/...' or './internal/pkg')", 43 | type = "string", 44 | optional = true, 45 | }, 46 | }, 47 | }, 48 | returns = { -- Expected return values 49 | { 50 | name = "result", 51 | description = "Result of the fetch", 52 | type = "string", 53 | }, 54 | { 55 | name = "error", 56 | description = "Error message if the fetch was not successful", 57 | type = "string", 58 | optional = true, 59 | }, 60 | }, 61 | func = function(params, on_log, on_complete) -- Custom function to execute 62 | local target = params.target or "./..." 63 | return vim.fn.system(string.format("go test -v %s", target)) 64 | end, 65 | }, 66 | }, 67 | }) 68 | end, 69 | }, 70 | } 71 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/plugins/diagnostics.lua: -------------------------------------------------------------------------------- 1 | return { 2 | { 3 | "folke/trouble.nvim", 4 | for_cat = "general.diagnostics", 5 | event = "DeferredUIEnter", 6 | load = function(name) 7 | vim.cmd.packadd(name) 8 | vim.cmd.packadd("trouble.nvim") 9 | end, 10 | after = function(plugin) 11 | require("trouble").setup() 12 | local trouble = require("trouble") 13 | 14 | vim.keymap.set("n", "]q", function() 15 | if trouble.is_open() then 16 | trouble.next({ skip_groups = true, jump = true }) 17 | else 18 | local ok, err = pcall(vim.cmd.cnext) 19 | if not ok then 20 | vim.notify(err, vim.log.levels.ERROR) 21 | end 22 | end 23 | end, { desc = "Next quickfix item" }) 24 | 25 | vim.keymap.set("n", "[q", function() 26 | if trouble.is_open() then 27 | trouble.previous({ skip_groups = true, jump = true }) 28 | else 29 | local ok, err = pcall(vim.cmd.cprev) 30 | if not ok then 31 | vim.notify(err, vim.log.levels.ERROR) 32 | end 33 | end 34 | end, { desc = "Previous quickfix item" }) 35 | 36 | vim.keymap.set( 37 | "n", 38 | "xx", 39 | "Trouble diagnostics toggle filter.buf=0", 40 | { desc = "Document diagnostics" } 41 | ) 42 | vim.keymap.set("n", "xX", "Trouble diagnostics toggle", { desc = "Workplace diagnostics" }) 43 | vim.keymap.set("n", "xL", "Trouble loclist toggle", { desc = "Location list" }) 44 | vim.keymap.set("n", "xQ", "Trouble qflist toggle", { desc = "Quickfix list" }) 45 | vim.keymap.set("n", "xt", "TodoTrouble", { desc = "Todo (trouble)" }) 46 | vim.keymap.set("n", "ft", "TodoTelescope", { desc = "Find Todos" }) 47 | end, 48 | }, 49 | } 50 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/plugins/file_explorer.lua: -------------------------------------------------------------------------------- 1 | return { 2 | { 3 | "oil.nvim", 4 | for_cat = "general.extra", 5 | keys = { 6 | { "-", mode = { "n" }, desc = "Open parent directory" }, 7 | { "r-", mode = { "n" }, desc = "Open nvim root directory" }, 8 | }, 9 | load = function(name) 10 | vim.cmd.packadd(name) 11 | end, 12 | after = function(plugin) 13 | vim.g.loaded_netrwPlugin = 1 14 | require("oil").setup({ 15 | default_file_explorer = true, 16 | delete_to_trash = true, 17 | watch_for_changes = true, 18 | columns = { 19 | "icon", 20 | -- "permissions", 21 | -- "size", 22 | -- "mtime", 23 | }, 24 | keymaps = { 25 | [""] = "actions.refresh", 26 | }, 27 | view_options = { 28 | show_hidden = true, 29 | }, 30 | }) 31 | vim.keymap.set("n", "-", "Oil", { noremap = true, desc = "Open Parent Directory" }) 32 | vim.keymap.set("n", "r-", "Oil .", { noremap = true, desc = "Open nvim root directory" }) 33 | end, 34 | }, 35 | } 36 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/plugins/init.lua: -------------------------------------------------------------------------------- 1 | -- TODO: lazyload this 2 | vim.o.sessionoptions = "blank,buffers,curdir,folds,help,tabpages,winsize,winpos,terminal,localoptions" 3 | 4 | require("auto-session").setup({ 5 | pre_save_cmds = { 6 | function() 7 | vim.cmd([[ 8 | noautocmd windo set winbar= 9 | noautocmd windo setlocal winbar= 10 | ]]) 11 | end, 12 | }, 13 | }) 14 | 15 | require("lze").load({ 16 | { import = "myLuaConf.plugins.telescope" }, 17 | { import = "myLuaConf.plugins.treesitter" }, 18 | { import = "myLuaConf.plugins.completion" }, 19 | { import = "myLuaConf.plugins.diagnostics" }, 20 | { import = "myLuaConf.plugins.editor" }, 21 | { import = "myLuaConf.plugins.file_explorer" }, 22 | { import = "myLuaConf.plugins.git" }, 23 | { import = "myLuaConf.plugins.ai" }, 24 | { import = "myLuaConf.plugins.ui" }, 25 | }) 26 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/plugins/snippets/go.lua: -------------------------------------------------------------------------------- 1 | local luasnip = require("luasnip") 2 | local fmt = require("luasnip.extras.fmt").fmt 3 | local s = luasnip.s 4 | local i = luasnip.insert_node 5 | local t = luasnip.text_node 6 | local sn = luasnip.snippet_node 7 | 8 | local function create_go_snippets() 9 | luasnip.add_snippets("go", { 10 | -- Table-driven test snippet 11 | s( 12 | "ttest", 13 | fmt( 14 | [[ 15 | func Test{}(t *testing.T) {{ 16 | tests := []struct {{ 17 | {} 18 | }}{{ 19 | {} 20 | }} 21 | for _, tt := range tests {{ 22 | t.Run(tt.name, func(t *testing.T) {{ 23 | {} 24 | }}) 25 | }} 26 | }} 27 | ]], 28 | { 29 | i(1, "FunctionName"), 30 | -- Struct fields 31 | sn(2, { 32 | t({ " name string", " " }), 33 | i(1, "input int"), 34 | t({ "", " " }), 35 | i(2, "want int"), 36 | }), 37 | -- Test cases 38 | sn(3, { 39 | t({ " {name: " }), 40 | i(1, '"test case"'), 41 | t({ ", input: " }), 42 | i(2, "0"), 43 | t({ ", want: " }), 44 | i(3, "0"), 45 | t({ "}," }), 46 | }), 47 | -- Test implementation with require.NoError 48 | sn(4, { 49 | t({ " got, err := " }), 50 | i(5, "FunctionUnderTest"), 51 | t({ 52 | "(tt.input)", 53 | " require.NoError(t, err)", 54 | " if got != tt.want {", 55 | ' t.Errorf("got %v, want %v", got, tt.want)', 56 | " }", 57 | }), 58 | }), 59 | } 60 | ) 61 | ), 62 | 63 | -- Single t.Run test snippet 64 | s( 65 | "trun", 66 | fmt( 67 | [[ 68 | func Test{}(t *testing.T) {{ 69 | t.Run("{}", func(t *testing.T) {{ 70 | {} 71 | }}) 72 | }} 73 | ]], 74 | { 75 | i(1, "FunctionName"), 76 | i(2, "test scenario"), 77 | sn(3, { 78 | t({ " // Test implementation", " got, err := " }), 79 | i(4, "FunctionUnderTest"), 80 | t({ "()", " require.NoError(t, err)" }), 81 | t({ " if got != expected {" }), 82 | t({ ' t.Errorf("got %v, want %v", got, expected)' }), 83 | t({ " }" }), 84 | }), 85 | } 86 | ) 87 | ), 88 | }) 89 | end 90 | 91 | return { 92 | create_go_snippets = create_go_snippets, 93 | } 94 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/syntax/html.scm: -------------------------------------------------------------------------------- 1 | ;; extends 2 | 3 | ; AlpineJS attributes 4 | (attribute 5 | (attribute_name) @_attr 6 | (#lua-match? @_attr "^x%-%l") 7 | (quoted_attribute_value 8 | (attribute_value) @injection.content) 9 | (#set! injection.language "javascript")) 10 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/myLuaConf/test/init.lua: -------------------------------------------------------------------------------- 1 | require("lze").load({ 2 | { 3 | "neotest", 4 | for_cat = "test", 5 | keys = { 6 | { "tt", mode = { "n" }, desc = "Test: Run all in current file" }, 7 | { "tT", mode = { "n" }, desc = "Test: Run all in all files" }, 8 | { "tS", mode = { "n" }, desc = "Test: Stop" }, 9 | { "ts", mode = { "n" }, desc = "Test: Toggle Summary" }, 10 | { "tr", mode = { "n" }, desc = "Test: Run Nearest" }, 11 | { "to", mode = { "n" }, desc = "Test: Show Output" }, 12 | { "td", mode = { "n" }, desc = "Test: Debug nearest" }, 13 | { "tO", mode = { "n" }, desc = "Test: Toggle output" }, 14 | }, 15 | -- colorscheme = "", 16 | load = function(name) 17 | vim.cmd.packadd(name) 18 | vim.cmd.packadd("neotest-golang") 19 | end, 20 | after = function(plugin) 21 | require("neotest").setup({ 22 | adapters = { 23 | require("neotest-golang")({ 24 | go_test_args = { "-v", "-x", "-count=1", "-tags=integration" }, 25 | go_list_args = { "-tags=integration" }, 26 | dap_go_opts = { 27 | delve = { 28 | build_flags = { "-tags=integration" }, 29 | }, 30 | }, 31 | }), 32 | }, 33 | output = { open_on_run = true }, 34 | }) 35 | 36 | local neotest = require("neotest") 37 | 38 | vim.keymap.set("n", "tt", function() 39 | neotest.run.run(vim.fn.expand("%")) 40 | end, { desc = "Test: Run all in current file" }) 41 | vim.keymap.set("n", "tT", function() 42 | neotest.run.run(vim.loop.cwd()) 43 | end, { desc = "Test: Run all in all files" }) 44 | vim.keymap.set("n", "tS", neotest.run.stop, { desc = "Test: Stop" }) 45 | vim.keymap.set("n", "ts", neotest.summary.toggle, { desc = "Test: Toggle Summary" }) 46 | vim.keymap.set("n", "tr", neotest.run.run, { desc = "Test: Run Nearest" }) 47 | vim.keymap.set("n", "to", function() 48 | neotest.output.open({ enter = true, auto_close = true }) 49 | end, { desc = "Test: Show Output" }) 50 | vim.keymap.set("n", "td", function() 51 | neotest.run.run({ suite = false, strategy = "dap" }) 52 | end, { desc = "Test: Debug nearest" }) 53 | vim.keymap.set("n", "tO", function() 54 | neotest.output_panel.toggle() 55 | end, { desc = "Test: Toggle output" }) 56 | end, 57 | }, 58 | { 59 | "nvim-coverage", 60 | for_cat = "test", 61 | event = "DeferredUIEnter", 62 | load = function(name) 63 | vim.cmd.packadd(name) 64 | end, 65 | after = function(plugin) 66 | require("coverage").setup({ 67 | auto_reload = true, 68 | }) 69 | end, 70 | }, 71 | }) 72 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/nixCatsUtils/catPacker.lua: -------------------------------------------------------------------------------- 1 | --[[ 2 | This directory is the luaUtils template. 3 | You can choose what things from it that you would like to use. 4 | And then delete the rest. 5 | Everything in this directory is optional. 6 | --]] 7 | 8 | local M = {} 9 | -- NOTE: This function is for defining a paq.nvim fallback method of downloading plugins 10 | -- when nixCats was not used to install your config. 11 | -- If you only ever load your config using nixCats, you don't need this file. 12 | 13 | -- it literally just only runs it when not on nixCats 14 | -- all neovim package managers that use the regular plugin loading scheme 15 | -- can be used this way, just do whatever the plugin manager needs to put it in the 16 | -- opt directory for lazy loading, and add the build steps so that when theres no nix the steps are ran 17 | function M.setup(v) 18 | if not vim.g[ [[nixCats-special-rtp-entry-nixCats]] ] then 19 | local function clone_paq() 20 | local path = vim.fn.stdpath("data") .. "/site/pack/paqs/start/paq-nvim" 21 | local is_installed = vim.fn.empty(vim.fn.glob(path)) == 0 22 | if not is_installed then 23 | vim.fn.system({ "git", "clone", "--depth=1", "https://github.com/savq/paq-nvim.git", path }) 24 | return true 25 | end 26 | end 27 | local function bootstrap_paq(packages) 28 | local first_install = clone_paq() 29 | vim.cmd.packadd("paq-nvim") 30 | local paq = require("paq") 31 | if first_install then 32 | vim.notify("Installing plugins... If prompted, hit Enter to continue.") 33 | end 34 | paq(packages) 35 | paq.install() 36 | end 37 | bootstrap_paq(vim.list_extend({ "savq/paq-nvim" }, v)) 38 | end 39 | end 40 | return M 41 | -------------------------------------------------------------------------------- /modules/home/cli/editors/neovim/lua/nixCatsUtils/lzUtils.lua: -------------------------------------------------------------------------------- 1 | --[[ 2 | This directory is the luaUtils template. 3 | You can choose what things from it that you would like to use. 4 | And then delete the rest. 5 | Everything in this directory is optional. 6 | --]] 7 | 8 | local M = {} 9 | -- A nixCats specific lze handler that you can use to conditionally enable by category easier. 10 | -- at the start of your config, register with 11 | -- require('lze').register_handlers(require('nixCatsUtils.lzUtils').for_cat) 12 | -- before any calls to require('lze').load using the handler have been made. 13 | -- accepts: 14 | -- for_cat = { "your" "cat" }; 15 | -- for_cat = { cat = { "your" "cat" }, default = bool } 16 | -- for_cat = "your.cat"; 17 | -- for_cat = { cat = "your.cat", default = bool } 18 | -- where default is an alternate value for when nixCats was NOT used to install the config 19 | M.for_cat = { 20 | spec_field = "for_cat", 21 | set_lazy = false, 22 | modify = function(plugin) 23 | if type(plugin.for_cat) == "table" then 24 | if plugin.for_cat.cat ~= nil then 25 | if vim.g[ [[nixCats-special-rtp-entry-nixCats]] ] ~= nil then 26 | plugin.enabled = (nixCats(plugin.for_cat.cat) and true) or false 27 | else 28 | plugin.enabled = nixCats(plugin.for_cat.default) 29 | end 30 | else 31 | plugin.enabled = (nixCats(plugin.for_cat) and true) or false 32 | end 33 | elseif type(plugin.for_cat) == "string" then 34 | plugin.enabled = (nixCats(plugin.for_cat) and true) or false 35 | end 36 | return plugin 37 | end, 38 | } 39 | 40 | return M 41 | -------------------------------------------------------------------------------- /modules/home/cli/programs/attic/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.attic; 10 | in { 11 | options.cli.programs.attic = with types; { 12 | enable = mkBoolOpt false "Whether or not to enable attic"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | sops.secrets.netrc = { 17 | sopsFile = ../../../secrets.yaml; 18 | }; 19 | 20 | home.packages = with pkgs; [ 21 | attic-client 22 | ]; 23 | 24 | nix.settings = { 25 | trusted-substituters = [ 26 | "https://staging.attic.rs/attic-ci" 27 | "https://majiy00-nix-binary-cache.fly.dev/system?priority=43" 28 | ]; 29 | trusted-public-keys = [ 30 | "attic-ci:U5Sey4mUxwBXM3iFapmP0/ogODXywKLRNgRPQpEXxbo=" 31 | "system:DdaMnHcRKtgaov3GCR8mlrFuX90ShC2LkHv6kC7nluo=" 32 | ]; 33 | netrc-file = config.sops.secrets."netrc".path; 34 | }; 35 | }; 36 | } 37 | -------------------------------------------------------------------------------- /modules/home/cli/programs/atuin/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | config, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.atuin; 10 | 11 | atuin-export-fish = pkgs.buildGoModule rec { 12 | pname = "atuin-export-fish-history"; 13 | version = "0.1.0"; 14 | 15 | src = pkgs.fetchFromGitLab { 16 | owner = "hmajid2301"; 17 | repo = pname; 18 | rev = "v${version}"; 19 | sha256 = "sha256-2egZYLnaekcYm2IzPdWAluAZogdi4Nf/oXWLw8+AnMk="; 20 | }; 21 | 22 | vendorHash = "sha256-hLEmRq7Iw0hHEAla0Ehwk1EfmpBv6ddBuYtq12XdhVc="; 23 | 24 | ldflags = ["-s" "-w"]; 25 | }; 26 | in { 27 | options.cli.programs.atuin = with types; { 28 | enable = mkBoolOpt false "Whether or not to enable atuin"; 29 | }; 30 | 31 | config = mkIf cfg.enable { 32 | home.packages = [atuin-export-fish]; 33 | 34 | programs.atuin = { 35 | enable = true; 36 | flags = [ 37 | "--disable-up-arrow" 38 | "--disable-ctrl-r" 39 | ]; 40 | settings = { 41 | sync_address = "https://majiy00-shell.fly.dev"; 42 | sync_frequency = "15m"; 43 | dialect = "uk"; 44 | enter_accept = false; 45 | records = true; 46 | search_mode = "skim"; 47 | # key_path = config.sops.secrets.atuin_key.path; 48 | }; 49 | }; 50 | 51 | sops.secrets.atuin_key = { 52 | sopsFile = ../../../secrets.yaml; 53 | }; 54 | }; 55 | } 56 | -------------------------------------------------------------------------------- /modules/home/cli/programs/bat/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.programs.bat; 9 | in { 10 | options.cli.programs.bat = with types; { 11 | enable = mkBoolOpt false "Whether or not to enable bat"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.bat = { 16 | enable = true; 17 | }; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/home/cli/programs/bottom/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.programs.bottom; 9 | in { 10 | options.cli.programs.bottom = with types; { 11 | enable = mkBoolOpt false "Whether or not to enable bottom"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.bottom = { 16 | enable = true; 17 | }; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/home/cli/programs/database/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.db; 10 | in { 11 | options.cli.programs.db = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage db"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | home.packages = with pkgs; [ 17 | dbeaver-bin 18 | termdbms 19 | ]; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /modules/home/cli/programs/direnv/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.direnv; 10 | in { 11 | options.cli.programs.direnv = with types; { 12 | enable = mkBoolOpt false "Whether or not to enable direnv"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs.direnv = { 17 | enable = true; 18 | nix-direnv.enable = true; 19 | }; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /modules/home/cli/programs/eza/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.eza; 10 | in { 11 | options.cli.programs.eza = with types; { 12 | enable = mkBoolOpt false "Whether or not to enable eza"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs.eza = { 17 | enable = true; 18 | }; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /modules/home/cli/programs/fzf/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.programs.fzf; 9 | in { 10 | options.cli.programs.fzf = with types; { 11 | enable = mkBoolOpt false "Whether or not to enable fzf"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.fzf = { 16 | enable = true; 17 | enableFishIntegration = false; 18 | colors = with config.lib.stylix.colors.withHashtag; 19 | mkForce { 20 | "bg" = base00; 21 | "bg+" = base02; 22 | "fg" = base05; 23 | "fg+" = base05; 24 | "header" = base0E; 25 | "hl" = base08; 26 | "hl+" = base08; 27 | "info" = base0A; 28 | "marker" = base06; 29 | "pointer" = base06; 30 | "prompt" = base0E; 31 | "spinner" = base06; 32 | }; 33 | }; 34 | }; 35 | } 36 | -------------------------------------------------------------------------------- /modules/home/cli/programs/git/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.programs.git; 9 | 10 | rewriteURL = 11 | lib.mapAttrs' (key: value: { 12 | name = "url.${key}"; 13 | value = {insteadOf = value;}; 14 | }) 15 | cfg.urlRewrites; 16 | in { 17 | options.cli.programs.git = with types; { 18 | enable = mkBoolOpt false "Whether or not to enable git."; 19 | email = mkOpt (nullOr str) "hello@haseebmajid.dev" "The email to use with git."; 20 | urlRewrites = mkOpt (attrsOf str) {} "url we need to rewrite i.e. ssh to http"; 21 | allowedSigners = mkOpt str "" "The public key used for signing commits"; 22 | }; 23 | 24 | config = mkIf cfg.enable { 25 | home.file.".ssh/allowed_signers".text = "* ${cfg.allowedSigners}"; 26 | 27 | programs.git = { 28 | enable = true; 29 | userName = "Haseeb Majid"; 30 | userEmail = cfg.email; 31 | 32 | extraConfig = 33 | { 34 | gpg.format = "ssh"; 35 | gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers"; 36 | commit.gpgsign = true; 37 | user.signingkey = "~/.ssh/id_ed25519.pub"; 38 | 39 | core = { 40 | editor = "nvim"; 41 | pager = "delta"; 42 | }; 43 | 44 | color = { 45 | ui = true; 46 | }; 47 | 48 | interactive = { 49 | diffFitler = "delta --color-only"; 50 | }; 51 | 52 | delta = { 53 | enable = true; 54 | navigate = true; 55 | light = false; 56 | side-by-side = false; 57 | options.syntax-theme = "catppuccin"; 58 | }; 59 | 60 | pull = { 61 | ff = "only"; 62 | }; 63 | 64 | push = { 65 | default = "current"; 66 | autoSetupRemote = true; 67 | }; 68 | 69 | init = { 70 | defaultBranch = "init"; 71 | }; 72 | } 73 | // rewriteURL; 74 | }; 75 | }; 76 | } 77 | -------------------------------------------------------------------------------- /modules/home/cli/programs/gpg/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, config, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.cli.programs.gpg; 5 | in { 6 | options.cli.programs.gpg = with types; { 7 | enable = mkBoolOpt false "Whether or not to enable gpg"; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | home.packages = [ pkgs.seahorse ]; 12 | 13 | services.gnome-keyring.enable = true; 14 | 15 | services.gpg-agent = { 16 | enable = true; 17 | enableSshSupport = true; 18 | enableExtraSocket = true; 19 | sshKeys = [ "D528D50F4E9F031AACB1F7A9833E49C848D6C90" ]; 20 | pinentry.package = pkgs.pinentry-gnome3; 21 | }; 22 | 23 | programs = { 24 | gpg = { 25 | enable = true; 26 | #homedir = "${config.xdg.dataHome}/gnupg"; 27 | }; 28 | }; 29 | 30 | # systemd.user.sockets.gpg-agent = { 31 | # listenStreams = let 32 | # user = "haseeb"; 33 | # socketDir = 34 | # pkgs.runCommand "gnupg-socketdir" { 35 | # nativeBuildInputs = [pkgs.python3]; 36 | # } '' 37 | # python3 ${./gnupgdir.py} '/home/${user}/.local/share/gnupg' > $out 38 | # ''; 39 | # in [ 40 | # "" # unset 41 | # "%t/gnupg/${builtins.readFile socketDir}/S.gpg-agent" 42 | # ]; 43 | # }; 44 | }; 45 | } 46 | -------------------------------------------------------------------------------- /modules/home/cli/programs/gpg/gnupgdir.py: -------------------------------------------------------------------------------- 1 | # get gnupg socket dir based on homedir 2 | # https://github.com/gpg/gnupg/blob/c6702d77d936b3e9d91b34d8fdee9599ab94ee1b/common/homedir.c#L672-L681 3 | import hashlib 4 | import base64 5 | import sys 6 | 7 | def base32_to_zbase32(s): 8 | # Translation table https://en.wikipedia.org/wiki/Base32#z-base-32 9 | return s.lower().translate({ord(p): r for p, r in zip('abcdefghijklmnopqrstuvwxyz234567', 'ybndrfg8ejkmcpqxot1uwisza345h769')}) 10 | 11 | if len(sys.argv) < 2: 12 | sys.exit('usage: gnupgdir.py ') 13 | 14 | m = hashlib.sha1() 15 | homedir = sys.argv[1] 16 | m.update(homedir.encode('utf-8')) 17 | print('d.' + base32_to_zbase32(base64.b32encode(m.digest()[0:15]).decode('utf-8')), end='') 18 | 19 | -------------------------------------------------------------------------------- /modules/home/cli/programs/htop/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | config, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.programs.htop; 9 | in { 10 | options.cli.programs.htop = with types; { 11 | enable = mkBoolOpt false "Whether or not to enable htop"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.htop = { 16 | enable = true; 17 | settings = { 18 | hide_userland_threads = 1; 19 | highlight_base_name = 1; 20 | show_cpu_temperature = 1; 21 | show_program_path = 0; 22 | }; 23 | }; 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /modules/home/cli/programs/k8s/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.k8s; 10 | in { 11 | options.cli.programs.k8s = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage kubernetes"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs = { 17 | k9s = { 18 | enable = true; 19 | }; 20 | }; 21 | 22 | home.packages = with pkgs; [ 23 | kubectl 24 | kubectx 25 | kubelogin 26 | kubelogin-oidc 27 | stern 28 | kubernetes-helm 29 | kustomize 30 | fluxcd 31 | kubefwd 32 | ]; 33 | }; 34 | } 35 | -------------------------------------------------------------------------------- /modules/home/cli/programs/modern-unix/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, config, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.cli.programs.modern-unix; 5 | in { 6 | options.cli.programs.modern-unix = with types; { 7 | enable = mkBoolOpt false "Whether or not to enable modern unix tools"; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | home.packages = with pkgs; [ 12 | broot 13 | choose 14 | curlie 15 | chafa 16 | dogdns 17 | doggo 18 | duf 19 | delta 20 | du-dust 21 | dysk 22 | entr 23 | erdtree 24 | fd 25 | gdu 26 | gping 27 | grex 28 | hyperfine 29 | hexyl 30 | jqp 31 | jnv 32 | ouch 33 | silver-searcher 34 | procs 35 | tokei 36 | gomi 37 | # tailspin 38 | ripgrep 39 | sd 40 | xcp 41 | yq-go 42 | viddy 43 | 44 | kaf 45 | 46 | # go 47 | go 48 | goose 49 | golangci-lint 50 | air 51 | templ 52 | sqlc 53 | golines 54 | gotools 55 | go-task 56 | go-mockery 57 | gotestsum 58 | 59 | nodejs_23 60 | sshx 61 | ]; 62 | }; 63 | } 64 | -------------------------------------------------------------------------------- /modules/home/cli/programs/network-tools/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.network-tools; 10 | in { 11 | options.cli.programs.network-tools = with types; { 12 | enable = mkBoolOpt false "Whether or not to enable network tools"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | home.packages = with pkgs; [ 17 | tshark 18 | termshark 19 | kubeshark 20 | ]; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /modules/home/cli/programs/nix-index/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | config, 4 | inputs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.nix-index; 10 | in { 11 | options.cli.programs.nix-index = with types; { 12 | enable = mkBoolOpt false "Whether or not to nix index"; 13 | }; 14 | 15 | imports = with inputs; [ 16 | nix-index-database.hmModules.nix-index 17 | ]; 18 | 19 | config = mkIf cfg.enable { 20 | programs.nix-index = { 21 | enable = true; 22 | enableBashIntegration = true; 23 | }; 24 | programs.nix-index-database.comma.enable = true; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /modules/home/cli/programs/podman/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | config, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.podman; 10 | in { 11 | options.cli.programs.podman = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage podman"; 13 | }; 14 | config = mkIf cfg.enable { 15 | home.packages = with pkgs; [ 16 | arion 17 | podman 18 | podman-compose 19 | podman-tui 20 | amazon-ecr-credential-helper 21 | ]; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /modules/home/cli/programs/ssh/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.programs.ssh; 9 | in { 10 | options.cli.programs.ssh = with types; { 11 | enable = mkBoolOpt false "Whether or not to enable ssh"; 12 | 13 | extraHosts = lib.mkOption { 14 | type = lib.types.attrsOf (lib.types.submodule { 15 | options = { 16 | hostname = lib.mkOption { 17 | type = lib.types.str; 18 | description = "The hostname or IP address of the SSH host."; 19 | }; 20 | identityFile = lib.mkOption { 21 | type = lib.types.str; 22 | description = "The path to the identity file for the SSH host."; 23 | }; 24 | }; 25 | }); 26 | default = {}; 27 | description = "A set of extra SSH hosts."; 28 | example = literalExample '' 29 | { 30 | "gitlab-personal" = { 31 | hostname = "gitlab.com"; 32 | identityFile = "~/.ssh/id_ed25519_personal"; 33 | }; 34 | } 35 | ''; 36 | }; 37 | }; 38 | 39 | config = mkIf cfg.enable { 40 | programs.keychain = { 41 | enable = true; 42 | keys = ["id_ed25519"]; 43 | agents = ["gpg" "ssh"]; 44 | }; 45 | 46 | programs.ssh = { 47 | enable = true; 48 | addKeysToAgent = "yes"; 49 | matchBlocks = cfg.extraHosts; 50 | }; 51 | }; 52 | } 53 | -------------------------------------------------------------------------------- /modules/home/cli/programs/starship/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.cli.programs.starship; 5 | in { 6 | options.cli.programs.starship = with types; { 7 | enable = mkBoolOpt false "Whether or not to enable starship"; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | programs.starship = { 12 | enable = true; 13 | enableFishIntegration = true; 14 | settings = { }; 15 | }; 16 | }; 17 | } 18 | -------------------------------------------------------------------------------- /modules/home/cli/programs/yazi/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.yazi; 10 | in { 11 | options.cli.programs.yazi = with types; { 12 | enable = mkBoolOpt false "Whether or not to enable yazi"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs.yazi = { 17 | enable = true; 18 | enableFishIntegration = true; 19 | }; 20 | 21 | home.packages = with pkgs; [ 22 | imagemagick 23 | ffmpegthumbnailer 24 | fontpreview 25 | unar 26 | poppler 27 | unar 28 | ]; 29 | }; 30 | } 31 | -------------------------------------------------------------------------------- /modules/home/cli/programs/zoxide/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.zoxide; 10 | in { 11 | options.cli.programs.zoxide = with types; { 12 | enable = mkBoolOpt false "Whether or not to enable zoxide"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs.zoxide = { 17 | enable = true; 18 | enableFishIntegration = true; 19 | }; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /modules/home/cli/shells/zsh/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | config, 5 | host, 6 | ... 7 | }: 8 | with lib; 9 | with lib.nixicle; let 10 | cfg = config.cli.shells.zsh; 11 | in { 12 | options.cli.shells.zsh = with types; { 13 | enable = mkBoolOpt false "enable zsh shell"; 14 | }; 15 | 16 | config = mkIf cfg.enable { 17 | programs.zsh = { 18 | enable = true; 19 | autosuggestion.enable = true; 20 | }; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /modules/home/cli/terminals/alacritty/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.terminals.alacritty; 9 | in { 10 | options.cli.terminals.alacritty = with types; { 11 | enable = mkBoolOpt false "enable alacritty terminal emulator"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.alacritty = { 16 | enable = true; 17 | 18 | settings = { 19 | shell = { 20 | program = "fish"; 21 | }; 22 | 23 | window = { 24 | padding = { 25 | x = 30; 26 | y = 30; 27 | }; 28 | decorations = "none"; 29 | }; 30 | 31 | selection = { 32 | save_to_clipboard = true; 33 | }; 34 | 35 | mouse_bindings = [ 36 | { 37 | mouse = "Right"; 38 | action = "Paste"; 39 | } 40 | ]; 41 | 42 | env = { 43 | TERM = "xterm-256color"; 44 | }; 45 | }; 46 | }; 47 | }; 48 | } 49 | -------------------------------------------------------------------------------- /modules/home/cli/terminals/foot/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.terminals.foot; 9 | in { 10 | options.cli.terminals.foot = with types; { 11 | enable = mkBoolOpt false "enable foot terminal emulator"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.foot = { 16 | enable = true; 17 | 18 | settings = { 19 | main = { 20 | shell = "fish"; 21 | pad = "15x15"; 22 | selection-target = "clipboard"; 23 | }; 24 | 25 | scrollback = { 26 | lines = 10000; 27 | }; 28 | }; 29 | }; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /modules/home/cli/terminals/ghostty/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.cli.terminals.ghostty; 8 | in { 9 | options.cli.terminals.ghostty = { 10 | enable = mkEnableOption "enable ghostty terminal emulator"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | programs.ghostty = { 15 | enable = true; 16 | enableFishIntegration = true; 17 | 18 | settings = { 19 | theme = "catppuccin-mocha"; 20 | font-family = "${config.stylix.fonts.monospace.name}"; 21 | command = "fish"; 22 | gtk-titlebar = false; 23 | gtk-tabs-location = "hidden"; 24 | gtk-single-instance = true; 25 | font-size = 14; 26 | window-padding-x = 6; 27 | window-padding-y = 6; 28 | copy-on-select = "clipboard"; 29 | cursor-style = "block"; 30 | confirm-close-surface = false; 31 | keybind = [ 32 | "ctrl+shift+plus=increase_font_size:1" 33 | ]; 34 | }; 35 | }; 36 | }; 37 | } 38 | -------------------------------------------------------------------------------- /modules/home/cli/terminals/kitty/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.terminals.kitty; 9 | in { 10 | options.cli.terminals.kitty = with types; { 11 | enable = mkBoolOpt false "enable kitty terminal emulator"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.kitty = { 16 | enable = true; 17 | 18 | extraConfig = '' 19 | symbol_map U+23FB-U+23FE,U+2665,U+26A1,U+2B58,U+E000-U+E00A,U+E0A0-U+E0A3,U+E0B0-U+E0D4,U+E200-U+E2A9,U+E300-U+E3E3,U+E5FA-U+E6AA,U+E700-U+E7C5,U+EA60-U+EBEB,U+F000-U+F2E0,U+F300-U+F32F,U+F400-U+F4A9,U+F500-U+F8FF,U+F0001-U+F1AF0 Symbols Nerd Font Mono 20 | ''; 21 | 22 | settings = { 23 | shell = "fish"; 24 | window_padding_width = 10; 25 | scrollback_lines = 10000; 26 | show_hyperlink_targets = "no"; 27 | enable_audio_bell = false; 28 | url_style = "none"; 29 | underline_hyperlinks = "never"; 30 | copy_on_select = "clipboard"; 31 | # symbol_map = let 32 | # mappings = [ 33 | # "U+E000-U+E00A" 34 | # "U+F300-U+F313" 35 | # "U+E5FA-U+E62B" 36 | # "U+E000-U+E00A" 37 | # "U+EA60-U+EBEB" 38 | # "U+E0A0-U+E0C8" 39 | # "U+E0CA" 40 | # "U+E0CC-U+E0D4" 41 | # "U+E200-U+E2A9" 42 | # "U+E300-U+E3E3" 43 | # "U+E5FA-U+E6B1" 44 | # "U+E700-U+E7C5" 45 | # "U+F000-U+F2E0" 46 | # "U+F300-U+F372" 47 | # "U+F400-U+F532" 48 | # "U+F0001-U+F1AF0" 49 | # ]; 50 | # emoji = [ 51 | # "U+2600-U+26FF" 52 | # ]; 53 | # in [ 54 | # ((builtins.concatStringsSep "," emoji) + " JoyPixels") 55 | # ((builtins.concatStringsSep "," mappings) + " Symbols Nerd Font Mono") 56 | # ]; 57 | }; 58 | }; 59 | }; 60 | } 61 | -------------------------------------------------------------------------------- /modules/home/cli/terminals/wezterm/config.lua: -------------------------------------------------------------------------------- 1 | local wezterm = require("wezterm") 2 | 3 | wezterm.on("user-var-changed", function(window, pane, name, value) 4 | local overrides = window:get_config_overrides() or {} 5 | if name == "ZEN_MODE" then 6 | local incremental = value:find("+") 7 | local number_value = tonumber(value) 8 | if incremental ~= nil then 9 | while number_value > 0 do 10 | window:perform_action(wezterm.action.IncreaseFontSize, pane) 11 | number_value = number_value - 1 12 | end 13 | overrides.enable_tab_bar = false 14 | elseif number_value < 0 then 15 | window:perform_action(wezterm.action.ResetFontSize, pane) 16 | overrides.font_size = nil 17 | overrides.enable_tab_bar = false 18 | else 19 | overrides.font_size = number_value 20 | overrides.enable_tab_bar = false 21 | end 22 | end 23 | window:set_config_overrides(overrides) 24 | end) 25 | 26 | return { 27 | color_scheme = "Catppuccin Mocha", 28 | default_prog = { "fish" }, 29 | window_decorations = "NONE", 30 | font = wezterm.font_with_fallback({ 31 | "MonoLisa Nerd Font", 32 | "Fira Code", 33 | "Noto Color Emoji", 34 | }), 35 | font_size = 14.0, 36 | enable_tab_bar = false, 37 | -- term = "wezterm", 38 | -- set_environment_variables = { 39 | -- TERMINFO_DIRS = "/home/haseebmajid/.nix-profile/share/terminfo", 40 | -- }, 41 | hyperlink_rules = wezterm.default_hyperlink_rules(), 42 | window_padding = { 43 | left = 20, 44 | right = 20, 45 | top = 20, 46 | bottom = 20, 47 | }, 48 | keys = { 49 | { 50 | key = "t", 51 | mods = "SUPER", 52 | action = wezterm.action.DisableDefaultAssignment, 53 | }, 54 | }, 55 | } 56 | -------------------------------------------------------------------------------- /modules/home/cli/terminals/wezterm/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.cli.terminals.wezterm; 8 | in { 9 | options.cli.terminals.wezterm = { 10 | enable = mkEnableOption "enable wezterm terminal emulator"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | programs.wezterm = { 15 | enable = true; 16 | extraConfig = builtins.readFile ./config.lua; 17 | }; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/gammastep/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.desktops.addons.gammastep; 8 | in { 9 | options.desktops.addons.gammastep = { 10 | enable = mkEnableOption "Enable gammastep night light"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.gammastep = { 15 | enable = true; 16 | provider = "geoclue2"; 17 | temperature = { 18 | day = 6000; 19 | night = 4600; 20 | }; 21 | settings = { 22 | general.adjustment-method = "wayland"; 23 | }; 24 | }; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/gnome/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.desktops.addons.gnome; 8 | in { 9 | options.desktops.addons.gnome = { 10 | enable = mkEnableOption "enable gnome extras to work with home-manager"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | xdg = { 15 | mime.enable = true; 16 | systemDirs.data = [ 17 | "${config.home.homeDirectory}/.nix-profile/share/applications" 18 | "${config.home.homeDirectory}/state/nix/profile/share/applications" 19 | ]; 20 | }; 21 | targets.genericLinux.enable = true; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/gtk/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.desktops.addons.gtk; 9 | in { 10 | options.desktops.addons.gtk = { 11 | enable = mkEnableOption "enable gtk theme management"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | gtk = lib.mkForce { 16 | enable = true; 17 | theme = { 18 | name = "adw-gtk3-dark"; 19 | package = pkgs.adw-gtk3; 20 | }; 21 | 22 | iconTheme = { 23 | enable = true; 24 | package = pkgs.catppuccin-papirus-folders.override { 25 | flavor = "mocha"; 26 | accent = "lavender"; 27 | }; 28 | name = "Papirus-Dark"; 29 | }; 30 | 31 | cursorTheme = { 32 | name = "Bibata-Modern-Classic"; 33 | package = pkgs.bibata-cursors; 34 | size = 24; 35 | }; 36 | 37 | gtk3.extraCss = config.gtk.gtk4.extraCss; 38 | 39 | gtk3.extraConfig = { 40 | gtk-toolbar-style = "GTK_TOOLBAR_BOTH"; 41 | gtk-toolbar-icon-size = "GTK_ICON_SIZE_LARGE_TOOLBAR"; 42 | gtk-decoration-layout = "appmenu:none"; 43 | gtk-button-images = 1; 44 | gtk-menu-images = 1; 45 | gtk-enable-event-sounds = 0; 46 | gtk-enable-input-feedback-sounds = 0; 47 | gtk-xft-antialias = 1; 48 | gtk-xft-hinting = 1; 49 | gtk-xft-hintstyle = "hintfull"; 50 | gtk-error-bell = 0; 51 | gtk-application-prefer-dark-theme = true; 52 | gtk-recent-files-max-age = 0; 53 | gtk-recent-files-limit = 0; 54 | }; 55 | 56 | gtk4.extraConfig = { 57 | gtk-decoration-layout = "appmenu:none"; 58 | gtk-enable-event-sounds = 0; 59 | gtk-enable-input-feedback-sounds = 0; 60 | gtk-xft-antialias = 1; 61 | gtk-xft-hinting = 1; 62 | gtk-xft-hintstyle = "hintfull"; 63 | gtk-error-bell = 0; 64 | gtk-application-prefer-dark-theme = true; 65 | gtk-recent-files-max-age = 0; 66 | }; 67 | 68 | gtk4.extraCss = builtins.readFile ./gtk.css; 69 | }; 70 | 71 | home.sessionVariables.GTK_THEME = "Adwaita:dark"; 72 | home.pointerCursor = lib.mkForce { 73 | name = "Bibata-Modern-Classic"; 74 | package = pkgs.bibata-cursors; 75 | size = 24; 76 | gtk.enable = true; 77 | }; 78 | }; 79 | } 80 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/hypridle/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.desktops.addons.hypridle; 9 | in { 10 | options.desktops.addons.hypridle = with types; { 11 | enable = mkBoolOpt false "Whether to enable the hypridle"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services.hypridle = { 16 | enable = true; 17 | settings = { 18 | general = { 19 | before_sleep_cmd = "loginctl lock-session"; 20 | after_sleep_cmd = "hyprctl dispatch dpms on"; 21 | lock_cmd = "pidof hyprlock || hyprlock "; 22 | }; 23 | 24 | listener = [ 25 | { 26 | timeout = 300; 27 | on-timeout = "loginctl lock-session "; 28 | } 29 | { 30 | timeout = 330; 31 | on-timeout = "hyprctl dispatch dpms off"; 32 | on-resume = "hyprctl dispatch dpms on"; 33 | } 34 | { 35 | timeout = 1800; 36 | on-timeout = "systemctl suspend"; 37 | } 38 | ]; 39 | }; 40 | }; 41 | }; 42 | } 43 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/hyprlock/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.desktops.addons.hyprlock; 10 | in { 11 | options.desktops.addons.hyprlock = with types; { 12 | enable = mkBoolOpt false "Whether to enable the hyprlock"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs.hyprlock = { 17 | enable = true; 18 | settings = { 19 | # general = { 20 | # disable_loading_bar = true; 21 | # hide_cursor = true; 22 | # }; 23 | # 24 | # label = [ 25 | # { 26 | # text = ''cmd[update:43200000] echo "$(date +"%A, %d %B %Y")"''; 27 | # font_size = 25; 28 | # position = { 29 | # x = -30; 30 | # y = -150; 31 | # }; 32 | # halign = "right"; 33 | # valign = "top"; 34 | # } 35 | # { 36 | # text = ''cmd[update:30000] echo "$(date +"%R")"''; 37 | # font_size = 90; 38 | # position = { 39 | # x = -30; 40 | # y = 0; 41 | # }; 42 | # halign = "right"; 43 | # valign = "top"; 44 | # } 45 | # ]; 46 | }; 47 | }; 48 | }; 49 | } 50 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/hyprpaper/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.desktops.addons.hyprpaper; 9 | in { 10 | options.desktops.addons.hyprpaper = with types; { 11 | enable = mkBoolOpt false "Whether to enable the hyprpaper config"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services.hyprpaper = { 16 | enable = true; 17 | }; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/kanshi/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.desktops.addons.kanshi; 9 | in { 10 | options.desktops.addons.kanshi = { 11 | enable = mkEnableOption "Enable kanshi display addon"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | home.packages = with pkgs; [ 16 | kanshi 17 | ]; 18 | 19 | services.kanshi = { 20 | enable = true; 21 | package = pkgs.kanshi; 22 | systemdTarget = ""; 23 | settings = [ 24 | { 25 | profile.name = "undocked"; 26 | profile.outputs = [ 27 | { 28 | criteria = "eDP-1"; 29 | } 30 | ]; 31 | } 32 | { 33 | profile.name = "home_office_laptop_docked"; 34 | profile.outputs = [ 35 | { 36 | criteria = "GIGA-BYTE TECHNOLOGY CO. LTD. Gigabyte M32U (DP-5 via HDMI)"; 37 | position = "3840,0"; 38 | mode = "3840x2160@144Hz"; 39 | } 40 | { 41 | criteria = "Dell Inc. DELL G3223Q 82X70P3 (DP-4)"; 42 | position = "0,0"; 43 | mode = "3840x2160@60Hz"; 44 | } 45 | { 46 | criteria = "eDP-1"; 47 | status = "disable"; 48 | } 49 | ]; 50 | } 51 | { 52 | profile.name = "home_office"; 53 | profile.outputs = [ 54 | { 55 | criteria = "GIGA-BYTE TECHNOLOGY CO. LTD. Gigabyte M32U (DP-5 via HDMI)"; 56 | position = "3840,0"; 57 | mode = "3840x2160@144Hz"; 58 | } 59 | { 60 | criteria = "Dell Inc. DELL G3223Q 82X70P3 (DP-4)"; 61 | position = "0,0"; 62 | mode = "3840x2160@60Hz"; 63 | } 64 | ]; 65 | } 66 | { 67 | profile.name = "desktop"; 68 | profile.outputs = [ 69 | { 70 | criteria = "GIGA-BYTE TECHNOLOGY CO., LTD. Gigabyte M32U 21351B000087"; 71 | position = "3840,0"; 72 | mode = "3840x2160@144Hz"; 73 | } 74 | { 75 | criteria = "Dell Inc. DELL G3223Q 82X70P3"; 76 | position = "0,0"; 77 | mode = "3840x2160@60Hz"; 78 | } 79 | ]; 80 | } 81 | ]; 82 | }; 83 | }; 84 | } 85 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/pyprland/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.desktops.addons.pyprland; 9 | in { 10 | options.desktops.addons.pyprland = { 11 | enable = mkEnableOption "Enable pyprland plugins for hyprland"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | xdg.configFile."hypr/pyprland.toml".source = ./pyprland.toml; 16 | 17 | home = { 18 | packages = with pkgs; [pyprland]; 19 | }; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/pyprland/pyprland.toml: -------------------------------------------------------------------------------- 1 | [pyprland] 2 | plugins = ["scratchpads"] 3 | 4 | [scratchpads.pwvucontrol] 5 | animation = "fromTop" 6 | command = "pwvucontrol" 7 | class = "pwvucontrol" 8 | size = "50% 80%" 9 | 10 | [scratchpads.term] 11 | animation = "fromTop" 12 | command = "ghostty --class kitty-dropterm -e yazi" 13 | class = "kitty-dropterm" 14 | size = "75% 60%" 15 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/qt/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.desktops.addons.qt; 9 | in { 10 | options.desktops.addons.qt = { 11 | enable = mkEnableOption "enable qt theme management"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | qt = { 16 | enable = true; 17 | platformTheme.name = "gtk"; 18 | style = { 19 | name = "adwaita-dark"; 20 | package = pkgs.adwaita-qt; 21 | }; 22 | }; 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/swaylock/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.desktops.addons.swaylock; 10 | in { 11 | options.desktops.addons.swaylock = { 12 | enable = mkEnableOption "Enable swaylock lock management"; 13 | blur = mkOpt (types.nullOr types.str) "7x5" "radius x times blur the image."; 14 | vignette = mkOpt (types.nullOr types.str) "0.5x0.5" "base:factor apply vignette effect."; 15 | binary = mkOpt (types.nullOr types.str) "${pkgs.swaylock-effects}/bin/swaylock" "Location of the binary to use for swaylock."; 16 | }; 17 | 18 | config = mkIf cfg.enable { 19 | programs.swaylock = { 20 | enable = true; 21 | package = pkgs.swaylock-effects; 22 | settings = { 23 | show-failed-attempts = true; 24 | screenshots = true; 25 | clock = true; 26 | 27 | indicator = true; 28 | indicator-radius = 350; 29 | indicator-thickness = 5; 30 | 31 | effect-blur = cfg.blur; 32 | effect-vignette = cfg.vignette; 33 | fade-in = 0.2; 34 | 35 | font = "MonoLisa Nerd Font"; 36 | }; 37 | }; 38 | 39 | services.swayidle = { 40 | enable = true; 41 | systemdTarget = "hyprland-session.target"; 42 | events = [ 43 | { 44 | event = "before-sleep"; 45 | command = "${cfg.binary} -fF"; 46 | } 47 | { 48 | event = "lock"; 49 | command = "${cfg.binary} -fF"; 50 | } 51 | ]; 52 | timeouts = [ 53 | { 54 | timeout = 600; 55 | command = "${config.wayland.windowManager.hyprland.package}/bin/hyprctl dispatch dpms off"; 56 | resumeCommand = "${config.wayland.windowManager.hyprland.package}/bin/hyprctl dispatch dpms on"; 57 | } 58 | { 59 | timeout = 610; 60 | command = "${pkgs.systemd}/bin/loginctl lock-session"; 61 | } 62 | ]; 63 | }; 64 | }; 65 | } 66 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/swaync/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.desktops.addons.swaync; 8 | in { 9 | options.desktops.addons.swaync = { 10 | enable = mkEnableOption "Enable sway notification center"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.swaync = { 15 | enable = true; 16 | settings = {}; 17 | style = builtins.readFile ./swaync.css; 18 | }; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.desktops.addons.wlogout; 9 | in { 10 | options.desktops.addons.wlogout = { 11 | enable = mkEnableOption "Enable wlogout screen for managing sessions."; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.wlogout = { 16 | enable = true; 17 | layout = [ 18 | { 19 | label = "lock"; 20 | action = "hyprlock"; 21 | text = "Lock"; 22 | keybind = "l"; 23 | } 24 | { 25 | label = "hibernate"; 26 | action = "systemctl hibernate"; 27 | text = "Hibernate"; 28 | keybind = "h"; 29 | } 30 | { 31 | label = "logout"; 32 | action = "loginctl terminate-user $USER"; 33 | text = "Logout"; 34 | keybind = "L"; 35 | } 36 | { 37 | label = "shutdown"; 38 | action = "systemctl poweroff"; 39 | text = "Shutdown"; 40 | keybind = "S"; 41 | } 42 | { 43 | label = "suspend"; 44 | action = "systemctl suspend"; 45 | text = "Suspend"; 46 | keybind = "s"; 47 | } 48 | { 49 | label = "reboot"; 50 | action = "systemctl reboot"; 51 | text = "Reboot"; 52 | keybind = "r"; 53 | } 54 | ]; 55 | style = builtins.readFile ./style.css; 56 | }; 57 | 58 | xdg.configFile."wlogout/icons" = { 59 | recursive = true; 60 | source = ./icons; 61 | }; 62 | }; 63 | } 64 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/icons/hibernate.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/modules/home/desktops/addons/wlogout/icons/hibernate.png -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/icons/lock.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/modules/home/desktops/addons/wlogout/icons/lock.png -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/icons/logout.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/modules/home/desktops/addons/wlogout/icons/logout.png -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/icons/reboot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/modules/home/desktops/addons/wlogout/icons/reboot.png -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/icons/shutdown.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/modules/home/desktops/addons/wlogout/icons/shutdown.png -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/icons/suspend.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/modules/home/desktops/addons/wlogout/icons/suspend.png -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlogout/style.css: -------------------------------------------------------------------------------- 1 | @define-color background #1E1E2E; 2 | @define-color background-alt1 #28283d; 3 | @define-color background-alt2 #32324d; 4 | @define-color foreground #CDD6F4; 5 | @define-color selected #89B4FA; 6 | @define-color black #45475A; 7 | @define-color red #F38BA8; 8 | @define-color green #A6E3A1; 9 | @define-color yellow #F9E2AF; 10 | @define-color blue #89B4FA; 11 | @define-color magenta #F5C2E7; 12 | @define-color cyan #94E2D5; 13 | @define-color white #BAC2DE; 14 | @define-color lavender #b4befe; 15 | * { 16 | font-size: 15px; 17 | font-family: "Symbols Nerd Font", "MonoLisa"; 18 | font-weight: bold; 19 | } 20 | 21 | window { 22 | background-color: @background; 23 | } 24 | 25 | button { 26 | background-color: @background-alt1; 27 | color: @foreground; 28 | border: 1px solid @background-alt2; 29 | border-radius: 50px; 30 | background-repeat: no-repeat; 31 | background-position: center; 32 | background-size: 30%; 33 | } 34 | 35 | button:focus, 36 | button:hover { 37 | background-color: @lavender; 38 | color: @background; 39 | outline-style: none; 40 | } 41 | 42 | #lock { 43 | background-image: image(url("icons/lock.png")); 44 | } 45 | 46 | #logout { 47 | background-image: image(url("icons/logout.png")); 48 | } 49 | 50 | #suspend { 51 | background-image: image(url("icons/suspend.png")); 52 | } 53 | 54 | #hibernate { 55 | background-image: image(url("icons/hibernate.png")); 56 | } 57 | 58 | #shutdown { 59 | background-image: image(url("icons/shutdown.png")); 60 | } 61 | 62 | #reboot { 63 | background-image: image(url("icons/reboot.png")); 64 | } 65 | -------------------------------------------------------------------------------- /modules/home/desktops/addons/wlsunset/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.desktops.addons.wlsunset; 8 | in { 9 | options.desktops.addons.wlsunset = { 10 | enable = mkEnableOption "Enable wlsunset night light"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.wlsunset = { 15 | enable = true; 16 | latitude = "51.5072"; 17 | longitude = "-0.1275"; 18 | }; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /modules/home/desktops/hyprland/config.nix: -------------------------------------------------------------------------------- 1 | { pkgs, config, lib, ... }: 2 | with lib; 3 | let cfg = config.desktops.hyprland; 4 | in { 5 | config = mkIf cfg.enable { 6 | wayland.windowManager.hyprland = { 7 | enable = true; 8 | 9 | systemd.enable = true; 10 | systemd.enableXdgAutostart = true; 11 | xwayland.enable = true; 12 | 13 | settings = { 14 | input = { 15 | kb_layout = "gb"; 16 | touchpad = { disable_while_typing = false; }; 17 | }; 18 | 19 | general = { 20 | gaps_in = 3; 21 | gaps_out = 5; 22 | border_size = 3; 23 | }; 24 | 25 | decoration = { rounding = 5; }; 26 | 27 | misc = let FULLSCREEN_ONLY = 2; 28 | in { 29 | vrr = FULLSCREEN_ONLY; 30 | disable_hyprland_logo = true; 31 | disable_splash_rendering = true; 32 | force_default_wallpaper = 0; 33 | }; 34 | 35 | source = [ "${config.home.homeDirectory}/.config/hypr/monitors.conf" ]; 36 | 37 | exec-once = [ 38 | "${pkgs.kanshi}/bin/kanshi" 39 | "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1" 40 | "${pkgs.pyprland}/bin/pypr" 41 | "${pkgs.clipse}/bin/clipse -listen" 42 | "${pkgs.solaar}/bin/solaar -w hide" 43 | "${pkgs.kdePackages.kdeconnect-kde}/bin/kdeconnect-indicator" 44 | ] ++ cfg.execOnceExtras; 45 | }; 46 | }; 47 | }; 48 | } 49 | 50 | -------------------------------------------------------------------------------- /modules/home/desktops/hyprland/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | with types; 5 | let cfg = config.desktops.hyprland; 6 | in { 7 | imports = lib.snowfall.fs.get-non-default-nix-files ./.; 8 | 9 | options.desktops.hyprland = { 10 | enable = mkEnableOption "Enable hyprland window manager"; 11 | execOnceExtras = mkOpt (listOf str) [ ] "Extra programs to exec once"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | nix.settings = { 16 | trusted-substituters = [ "https://hyprland.cachix.org" ]; 17 | trusted-public-keys = [ 18 | "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" 19 | ]; 20 | }; 21 | 22 | desktops.addons = { 23 | kanshi.enable = true; 24 | rofi.enable = true; 25 | swaync.enable = true; 26 | waybar.enable = true; 27 | wlogout.enable = true; 28 | wlsunset.enable = true; 29 | 30 | # pyprland.enable = true; 31 | hyprpaper.enable = true; 32 | hyprlock.enable = true; 33 | hypridle.enable = true; 34 | }; 35 | }; 36 | } 37 | -------------------------------------------------------------------------------- /modules/home/desktops/hyprland/windowrules.nix: -------------------------------------------------------------------------------- 1 | { pkgs, config, lib, ... }: 2 | with lib; 3 | let cfg = config.desktops.hyprland; 4 | in { 5 | config = mkIf cfg.enable { 6 | wayland.windowManager.hyprland.settings = { 7 | windowrule = [ 8 | # "float, bitwarden" 9 | ]; 10 | 11 | windowrulev2 = [ "idleinhibit fullscreen, class:^(firefox)$" ]; 12 | }; 13 | }; 14 | } 15 | -------------------------------------------------------------------------------- /modules/home/programs/discord/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.programs.discord; 10 | in { 11 | options.programs.discord = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage discord"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | xdg.configFile."BetterDiscord/data/stable/custom.css" = {source = ./custom.css;}; 17 | home.packages = with pkgs; [goofcord]; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/home/programs/guis/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | pkgs, 4 | lib, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.programs.guis; 9 | in { 10 | options.programs.guis = { 11 | enable = mkEnableOption "Enable gnome adwaita GUI applications"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | home.packages = with pkgs; [ 16 | trayscale 17 | 18 | foliate 19 | pavucontrol 20 | pwvucontrol 21 | 22 | sushi 23 | gnome-disk-utility 24 | totem 25 | gvfs 26 | loupe 27 | 28 | nautilus 29 | ffmpegthumbnailer # thumbnails 30 | nautilus-python # enable plugins 31 | gst_all_1.gst-libav # thumbnails 32 | ]; 33 | 34 | xdg.configFile."com.github.johnfactotum.Foliate/themes/mocha.json".text = '' 35 | { 36 | "label": "Mocha", 37 | "light": { 38 | "fg": "#999999", 39 | "bg": "#cccccc", 40 | "link": "#666666" 41 | }, 42 | "dark": { 43 | "fg": "#cdd6f4", 44 | "bg": "#1e1e2e", 45 | "link": "#E0DCF5" 46 | } 47 | } 48 | ''; 49 | }; 50 | } 51 | -------------------------------------------------------------------------------- /modules/home/programs/shotwell/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.programs.shotwell; 9 | in { 10 | options.programs.shotwell = { 11 | enable = mkEnableOption "Enable shotwell program"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | home.packages = with pkgs; [ 16 | shotwell 17 | ]; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/home/roles/common/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | pkgs, 4 | config, 5 | ... 6 | }: let 7 | cfg = config.roles.common; 8 | in { 9 | options.roles.common = { 10 | enable = lib.mkEnableOption "Enable common configuration"; 11 | }; 12 | 13 | config = lib.mkIf cfg.enable { 14 | browsers.firefox.enable = true; 15 | 16 | system = { 17 | nix.enable = true; 18 | }; 19 | 20 | cli = { 21 | terminals.foot.enable = true; 22 | terminals.ghostty.enable = true; 23 | shells.fish.enable = true; 24 | }; 25 | programs = { 26 | guis.enable = true; 27 | }; 28 | 29 | security = { 30 | sops.enable = true; 31 | }; 32 | styles.stylix.enable = true; 33 | 34 | # TODO: move this to a separate module 35 | home.packages = with pkgs; [ 36 | keymapp 37 | 38 | src-cli 39 | flyctl 40 | # optinix 41 | 42 | (hiPrio parallel) 43 | moreutils 44 | nvtopPackages.amd 45 | unzip 46 | gnupg 47 | 48 | showmethekey 49 | ]; 50 | }; 51 | } 52 | -------------------------------------------------------------------------------- /modules/home/roles/development/default.nix: -------------------------------------------------------------------------------- 1 | { lib, config, pkgs, ... }: 2 | with lib; 3 | let cfg = config.roles.development; 4 | in { 5 | options.roles.development = { 6 | enable = mkEnableOption "Enable development configuration"; 7 | }; 8 | 9 | config = mkIf cfg.enable { 10 | 11 | xdg.desktopEntries = lib.optionalAttrs pkgs.stdenv.isLinux { 12 | neovim = { 13 | name = "Neovim"; 14 | genericName = "editor"; 15 | exec = "nvim -f %F"; 16 | mimeType = [ 17 | "text/html" 18 | "text/xml" 19 | "text/plain" 20 | "text/english" 21 | "text/x-makefile" 22 | "text/x-c++hdr" 23 | "text/x-tex" 24 | "application/x-shellscript" 25 | ]; 26 | terminal = false; 27 | type = "Application"; 28 | }; 29 | }; 30 | 31 | cli = { 32 | multiplexers.zellij.enable = true; 33 | 34 | programs = { 35 | # attic.enable = true; 36 | atuin.enable = true; 37 | bat.enable = true; 38 | bottom.enable = true; 39 | db.enable = true; 40 | direnv.enable = true; 41 | eza.enable = true; 42 | fzf.enable = true; 43 | git.enable = true; 44 | gpg.enable = true; 45 | htop.enable = true; 46 | k8s.enable = true; 47 | modern-unix.enable = true; 48 | network-tools.enable = true; 49 | nix-index.enable = true; 50 | podman.enable = true; 51 | ssh.enable = true; 52 | starship.enable = true; 53 | yazi.enable = true; 54 | zoxide.enable = true; 55 | }; 56 | }; 57 | }; 58 | } 59 | -------------------------------------------------------------------------------- /modules/home/roles/gamedev/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | pkgs, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.roles.gamedev; 10 | in { 11 | options.roles.gamedev = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage game dev configuration"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | home.packages = with pkgs; [ 17 | godot_4 18 | aseprite 19 | ]; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /modules/home/roles/gaming/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | pkgs, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.roles.gaming; 10 | in { 11 | options.roles.gaming = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage gaming configuration"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs.mangohud = { 17 | enable = true; 18 | enableSessionWide = true; 19 | settings = { 20 | cpu_load_change = true; 21 | }; 22 | }; 23 | 24 | home.packages = with pkgs; [ 25 | lutris 26 | bottles 27 | ]; 28 | }; 29 | } 30 | -------------------------------------------------------------------------------- /modules/home/roles/social/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.roles.social; 9 | in { 10 | options.roles.social = { 11 | enable = mkEnableOption "Enable social suite"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs = { 16 | discord.enable = true; 17 | shotwell.enable = true; 18 | }; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /modules/home/roles/video/default.nix: -------------------------------------------------------------------------------- 1 | { inputs, config, pkgs, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.roles.video; 5 | in { 6 | options.roles.video = with types; { 7 | enable = 8 | mkBoolOpt false "Whether or not to manage video editting and recording"; 9 | }; 10 | 11 | config = mkIf cfg.enable { 12 | xdg.configFile."obs-studio/themes".source = 13 | "${inputs.catppuccin-obs}/themes"; 14 | 15 | programs.obs-studio = { enable = true; }; 16 | 17 | home.packages = with pkgs; [ 18 | audacity 19 | kdePackages.kdenlive 20 | davinci-resolve-studio 21 | ]; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /modules/home/security/sops/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | inputs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.security.sops; 10 | in { 11 | options.security.sops = with types; { 12 | enable = mkBoolOpt false "Whether to enable sop for secrets management."; 13 | }; 14 | 15 | imports = with inputs; [ 16 | sops-nix.homeManagerModules.sops 17 | ]; 18 | 19 | config = mkIf cfg.enable { 20 | sops = { 21 | age = { 22 | generateKey = true; 23 | keyFile = "/home/${config.nixicle.user.name}/.config/sops/age/keys.txt"; 24 | sshKeyPaths = ["/home/${config.nixicle.user.name}/.ssh/id_ed25519"]; 25 | }; 26 | 27 | defaultSymlinkPath = "/run/user/1000/secrets"; 28 | defaultSecretsMountPoint = "/run/user/1000/secrets.d"; 29 | }; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /modules/home/services/kdeconnect/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | pkgs, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.services.nixicle.kdeconnect; 10 | in { 11 | options.services.nixicle.kdeconnect = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage kdeconnect"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | # Hide all .desktop, except for org.kde.kdeconnect.settings 17 | xdg.desktopEntries = { 18 | "org.kde.kdeconnect.sms" = { 19 | exec = ""; 20 | name = "KDE Connect SMS"; 21 | settings.NoDisplay = "true"; 22 | }; 23 | "org.kde.kdeconnect.nonplasma" = { 24 | exec = ""; 25 | name = "KDE Connect Indicator"; 26 | settings.NoDisplay = "true"; 27 | }; 28 | "org.kde.kdeconnect.app" = { 29 | exec = ""; 30 | name = "KDE Connect"; 31 | settings.NoDisplay = "true"; 32 | }; 33 | }; 34 | 35 | services.kdeconnect = { 36 | enable = true; 37 | indicator = true; 38 | }; 39 | }; 40 | } 41 | -------------------------------------------------------------------------------- /modules/home/services/spotify/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.spotify; 8 | in { 9 | options.services.spotify = { 10 | enable = mkEnableOption "Enable spotify service"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | home.packages = with pkgs; [ 15 | # spotify-tui 16 | ]; 17 | 18 | # services.spotifyd = { 19 | # enable = true; 20 | # }; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /modules/home/services/syncthing/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.syncthing; 8 | in { 9 | options.services.nixicle.syncthing = { 10 | enable = mkEnableOption "Enable syncthing service"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.syncthing = { 15 | enable = true; 16 | tray.enable = true; 17 | extraOptions = ["--gui-address=127.0.0.1:8384"]; 18 | }; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /modules/home/styles/stylix/default.nix: -------------------------------------------------------------------------------- 1 | { lib, pkgs, config, inputs, ... }: 2 | let cfg = config.styles.stylix; 3 | in { 4 | imports = with inputs; [ 5 | stylix.homeManagerModules.stylix 6 | catppuccin.homeModules.catppuccin 7 | ]; 8 | 9 | options.styles.stylix = { enable = lib.mkEnableOption "Enable stylix"; }; 10 | 11 | config = lib.mkIf cfg.enable { 12 | fonts.fontconfig.enable = true; 13 | home.packages = with pkgs; [ nerd-fonts.symbols-only open-sans ]; 14 | 15 | # TODO: Possible to use stylix instead? 16 | catppuccin.flavor = "mocha"; 17 | catppuccin.fish.enable = true; 18 | 19 | stylix = { 20 | enable = true; 21 | autoEnable = true; 22 | base16Scheme = 23 | "${pkgs.base16-schemes}/share/themes/catppuccin-mocha.yaml"; 24 | 25 | iconTheme = { 26 | enable = true; 27 | package = pkgs.catppuccin-papirus-folders.override { 28 | flavor = "mocha"; 29 | accent = "lavender"; 30 | }; 31 | dark = "Papirus-Dark"; 32 | }; 33 | 34 | targets = { 35 | firefox = { 36 | firefoxGnomeTheme.enable = true; 37 | profileNames = [ "Default" ]; 38 | }; 39 | }; 40 | 41 | image = pkgs.nixicle.wallpapers.nixppuccin; 42 | 43 | cursor = { 44 | name = "Bibata-Modern-Classic"; 45 | package = pkgs.bibata-cursors; 46 | size = 24; 47 | }; 48 | 49 | fonts = { 50 | sizes = { 51 | terminal = 14; 52 | applications = 12; 53 | popups = 12; 54 | }; 55 | 56 | serif = { 57 | name = "Source Serif"; 58 | package = pkgs.source-serif; 59 | }; 60 | 61 | sansSerif = { 62 | name = "Noto Sans"; 63 | package = pkgs.noto-fonts; 64 | }; 65 | 66 | monospace = { 67 | package = pkgs.nixicle.monolisa; 68 | name = "MonoLisa"; 69 | }; 70 | 71 | emoji = { 72 | package = pkgs.noto-fonts-emoji; 73 | name = "Noto Color Emoji"; 74 | }; 75 | }; 76 | }; 77 | }; 78 | } 79 | -------------------------------------------------------------------------------- /modules/home/systems/nix/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.system.nix; 5 | in { 6 | options.system.nix = with types; { 7 | enable = mkBoolOpt false "Whether or not to manage nix configuration"; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | home.packages = with pkgs; [ nixgl.nixGLIntel nix-output-monitor nvd ]; 12 | 13 | systemd.user.startServices = "sd-switch"; 14 | 15 | programs = { home-manager.enable = true; }; 16 | 17 | home.sessionVariables = { 18 | NH_FLAKE = "/home/${config.nixicle.user.name}/nixicle"; 19 | }; 20 | 21 | nix = { 22 | settings = { 23 | trusted-substituters = [ 24 | "https://cache.nixos.org" 25 | "https://nix-community.cachix.org" 26 | "https://numtide.cachix.org?priority=42" 27 | ]; 28 | 29 | trusted-public-keys = [ 30 | "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" 31 | "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" 32 | "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" 33 | ]; 34 | 35 | experimental-features = [ "nix-command" "flakes" ]; 36 | warn-dirty = false; 37 | use-xdg-base-directories = true; 38 | }; 39 | }; 40 | 41 | news = { 42 | display = "silent"; 43 | json = lib.mkForce { }; 44 | entries = lib.mkForce [ ]; 45 | }; 46 | }; 47 | } 48 | -------------------------------------------------------------------------------- /modules/home/user/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.nixicle.user; 9 | in { 10 | options.nixicle.user = { 11 | enable = mkOpt types.bool false "Whether to configure the user account."; 12 | home = mkOpt (types.nullOr types.str) "/home/${cfg.name}" "The user's home directory."; 13 | name = mkOpt (types.nullOr types.str) config.snowfallorg.user.name "The user account."; 14 | }; 15 | 16 | config = mkIf cfg.enable (mkMerge [ 17 | { 18 | assertions = [ 19 | { 20 | assertion = cfg.name != null; 21 | message = "nixicle.user.name must be set"; 22 | } 23 | ]; 24 | 25 | home = { 26 | homeDirectory = mkDefault cfg.home; 27 | username = mkDefault cfg.name; 28 | }; 29 | } 30 | ]); 31 | } 32 | -------------------------------------------------------------------------------- /modules/nixos/cli/programs/nh/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.cli.programs.nh; 9 | in { 10 | options.cli.programs.nh = with types; { 11 | enable = mkBoolOpt false "Whether or not to enable nh."; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | programs.nh = { 16 | enable = true; 17 | clean.enable = true; 18 | clean.extraArgs = "--keep-since 4d --keep 3"; 19 | flake = "/home/${config.user.name}/nixicle"; 20 | }; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /modules/nixos/cli/programs/nix-ld/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.cli.programs.nix-ld; 10 | in { 11 | options.cli.programs.nix-ld = with types; { 12 | enable = mkBoolOpt false "Whether or not to enable nix-ld."; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | programs.nix-ld.enable = true; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /modules/nixos/hardware/audio/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | pkgs, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.hardware.audio; 10 | in { 11 | options.hardware.audio = with types; { 12 | enable = mkBoolOpt false "Enable or disable hardware audio support"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | services.pulseaudio.enable = false; 17 | security.rtkit.enable = true; 18 | services.pipewire = { 19 | enable = true; 20 | alsa.enable = true; 21 | alsa.support32Bit = true; 22 | pulse.enable = true; 23 | wireplumber.enable = true; 24 | jack.enable = true; 25 | }; 26 | programs.noisetorch.enable = true; 27 | 28 | services.udev.packages = with pkgs; [ 29 | headsetcontrol 30 | ]; 31 | 32 | environment.systemPackages = with pkgs; [ 33 | headsetcontrol 34 | headset-charge-indicator 35 | pulsemixer 36 | ]; 37 | }; 38 | } 39 | -------------------------------------------------------------------------------- /modules/nixos/hardware/bluetooth/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.hardware.bluetoothctl; 8 | in { 9 | options.hardware.bluetoothctl = { 10 | enable = mkEnableOption "Enable bluetooth service and packages"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.blueman.enable = true; 15 | hardware = { 16 | bluetooth = { 17 | enable = true; 18 | powerOnBoot = false; 19 | settings = { 20 | General = { 21 | Experimental = true; 22 | }; 23 | }; 24 | }; 25 | }; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /modules/nixos/hardware/logitech/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | options, 5 | config, 6 | ... 7 | }: 8 | with lib; 9 | with lib.nixicle; let 10 | cfg = config.hardware.logitechMouse; 11 | in { 12 | options.hardware.logitechMouse = with types; { 13 | enable = mkBoolOpt false "Enable logitech mouse hardware for their mice"; 14 | }; 15 | 16 | config = mkIf cfg.enable { 17 | hardware = { 18 | logitech.wireless.enable = true; 19 | logitech.wireless.enableGraphical = true; # Solaar. 20 | }; 21 | 22 | environment.systemPackages = with pkgs; [ 23 | solaar 24 | ]; 25 | 26 | services.udev.packages = with pkgs; [ 27 | logitech-udev-rules 28 | solaar 29 | ]; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /modules/nixos/hardware/networking/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.hardware.networking; 9 | in { 10 | options.hardware.networking = with types; { 11 | enable = mkBoolOpt false "Enable networkmanager"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | networking.firewall = { 16 | enable = true; 17 | }; 18 | networking.networkmanager.enable = true; 19 | # environment.persistence."/persist".directories = [ 20 | # "/etc/NetworkManager" 21 | # ]; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /modules/nixos/hardware/raspberry-pi-5/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.hardware.raspberry-pi-5; 10 | in { 11 | options.hardware.raspberry-pi-5 = { 12 | enable = mkEnableOption "Enable The raspberry-pi-5 config"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | boot = { 17 | kernelPackages = (import {}).linuxPackages_rpi5; 18 | kernelParams = [ 19 | "cgroup_memory=1" 20 | "cgroup_enable=cpuset" 21 | "cgroup_enable=memory" 22 | ]; 23 | supportedFilesystems = ["btrfs"]; 24 | 25 | initrd.kernelModules = ["zstd" "btrfs"]; 26 | initrd.availableKernelModules = [ 27 | # Allows early (earlier) modesetting for the Raspberry Pi 28 | "vc4" 29 | "bcm2835_dma" 30 | "i2c_bcm2835" 31 | "uas" 32 | "pcie-brcmstb" 33 | "reset-raspberrypi" 34 | 35 | # Maybe needed for SSD boot? 36 | "usb_storage" 37 | "xhci_pci" 38 | "usbhid" 39 | "uas" 40 | ]; 41 | }; 42 | 43 | hardware.enableRedistributableFirmware = true; 44 | }; 45 | } 46 | -------------------------------------------------------------------------------- /modules/nixos/hardware/zsa/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | options, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.hardware.zsa; 10 | in { 11 | options.hardware.zsa = with types; { 12 | enable = mkBoolOpt false "Enable ZSA Keyboard"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | hardware.keyboard.zsa.enable = true; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /modules/nixos/roles/common/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | config, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.roles.common; 8 | in { 9 | options.roles.common = { 10 | enable = mkEnableOption "Enable common configuration"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | hardware = { 15 | networking.enable = true; 16 | }; 17 | 18 | services = { 19 | ssh.enable = true; 20 | }; 21 | 22 | security = { 23 | sops.enable = true; 24 | yubikey.enable = true; 25 | }; 26 | 27 | system = { 28 | nix.enable = true; 29 | boot.enable = true; 30 | locale.enable = true; 31 | }; 32 | styles.stylix.enable = true; 33 | }; 34 | } 35 | -------------------------------------------------------------------------------- /modules/nixos/roles/desktop/addons/gnome/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.roles.desktop.addons.gnome; 5 | in { 6 | options.roles.desktop.addons.gnome = with types; { 7 | enable = mkBoolOpt false "Enable or disable the gnome DE."; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | roles.desktop.addons.nautilus.enable = true; 12 | 13 | services = { 14 | xserver = { 15 | enable = true; 16 | displayManager.gdm.enable = true; 17 | desktopManager.gnome = { 18 | enable = true; 19 | extraGSettingsOverridePackages = [ pkgs.nautilus-open-any-terminal ]; 20 | }; 21 | }; 22 | }; 23 | 24 | services.udev.packages = with pkgs; [ gnome-settings-daemon ]; 25 | programs.dconf.enable = true; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /modules/nixos/roles/desktop/addons/greetd/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.roles.desktop.addons.greetd; 8 | in { 9 | options.roles.desktop.addons.greetd = { 10 | enable = mkEnableOption "Enable login greeter"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.greetd = { 15 | enable = true; 16 | settings = rec { 17 | default_session = { 18 | command = "Hyprland &> /dev/null"; 19 | user = config.user.name; 20 | }; 21 | initial_session = default_session; 22 | }; 23 | }; 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /modules/nixos/roles/desktop/addons/hyprland/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.roles.desktop.addons.hyprland; 5 | in { 6 | options.roles.desktop.addons.hyprland = with types; { 7 | enable = mkBoolOpt false "Enable or disable the hyprland window manager."; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | environment.sessionVariables.NIXOS_OZONE_WL = "1"; 12 | programs.hyprland = { 13 | enable = true; 14 | xwayland.enable = true; 15 | withUWSM = false; 16 | }; 17 | 18 | roles.desktop.addons.greetd.enable = true; 19 | roles.desktop.addons.xdg-portal.enable = true; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /modules/nixos/roles/desktop/addons/nautilus/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.roles.desktop.addons.nautilus; 5 | in { 6 | options.roles.desktop.addons.nautilus = with types; { 7 | enable = mkBoolOpt false "Whether to enable the gnome file manager."; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | services.gvfs.enable = true; 12 | services.udisks2.enable = true; 13 | 14 | environment = { 15 | sessionVariables = { 16 | NAUTILUS_EXTENSION_DIR = 17 | "${config.system.path}/lib/nautilus/extensions-4"; 18 | NAUTILUS_4_EXTENSION_DIR = 19 | "${config.system.path}/lib/nautilus/extensions-4"; 20 | GST_PLUGIN_SYSTEM_PATH_1_0 = 21 | lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" 22 | (with pkgs.gst_all_1; [ 23 | gst-plugins-good 24 | gst-plugins-bad 25 | gst-plugins-ugly 26 | gst-libav 27 | ]); 28 | }; 29 | 30 | pathsToLink = [ "/share/nautilus-python/extensions" ]; 31 | 32 | systemPackages = with pkgs; [ 33 | ffmpegthumbnailer # thumbnails 34 | gst_all_1.gst-libav # thumbnails 35 | nautilus-open-any-terminal 36 | nautilus-python 37 | ]; 38 | }; 39 | 40 | snowfallorg.users.${config.user.name}.home.config = { 41 | dconf.settings = { 42 | "org/gnome/desktop/privacy" = { remember-recent-files = false; }; 43 | "com/github/stunkymonkey/nautilus-open-any-terminal" = { 44 | terminal = "ghostty"; 45 | }; 46 | }; 47 | }; 48 | }; 49 | } 50 | -------------------------------------------------------------------------------- /modules/nixos/roles/desktop/addons/xdg-portal/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.roles.desktop.addons.xdg-portal; 5 | in { 6 | options.roles.desktop.addons.xdg-portal = with types; { 7 | enable = mkBoolOpt false "Whether or not to add support for xdg portal."; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | xdg.portal = { 12 | enable = true; 13 | extraPortals = with pkgs; [ 14 | xdg-desktop-portal-gtk 15 | xdg-desktop-portal-hyprland 16 | ]; 17 | }; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/nixos/roles/desktop/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | config, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.roles.desktop; 9 | in { 10 | options.roles.desktop = { 11 | enable = mkEnableOption "Enable desktop configuration"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | boot.binfmt.emulatedSystems = ["aarch64-linux"]; 16 | 17 | roles = { 18 | common.enable = true; 19 | 20 | desktop.addons = { 21 | nautilus.enable = true; 22 | }; 23 | }; 24 | 25 | hardware = { 26 | audio.enable = true; 27 | bluetooth.enable = true; 28 | logitechMouse.enable = true; 29 | zsa.enable = true; 30 | }; 31 | 32 | services = { 33 | nixicle.avahi.enable = true; 34 | backup.enable = true; 35 | vpn.enable = true; 36 | virtualisation.podman.enable = true; 37 | }; 38 | 39 | system = { 40 | boot.plymouth = true; 41 | }; 42 | 43 | cli.programs = { 44 | nh.enable = true; 45 | nix-ld.enable = true; 46 | }; 47 | 48 | user = { 49 | name = "haseeb"; 50 | initialPassword = "1"; 51 | }; 52 | }; 53 | } 54 | -------------------------------------------------------------------------------- /modules/nixos/roles/gaming/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.roles.gaming; 10 | in { 11 | options.roles.gaming = with types; { 12 | enable = mkBoolOpt false "Enable the gaming suite"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | hardware = { 17 | # xpadneo.enable = true; 18 | xone.enable = true; 19 | 20 | graphics = { 21 | enable = true; 22 | extraPackages = with pkgs; [ 23 | mesa 24 | ]; 25 | }; 26 | }; 27 | 28 | services.ratbagd.enable = true; 29 | 30 | programs = { 31 | gamemode.enable = true; 32 | gamescope.enable = true; 33 | steam = { 34 | enable = true; 35 | package = pkgs.steam.override { 36 | extraPkgs = p: 37 | with p; [ 38 | mangohud 39 | gamemode 40 | ]; 41 | }; 42 | dedicatedServer.openFirewall = true; 43 | remotePlay.openFirewall = true; 44 | gamescopeSession.enable = true; 45 | extraCompatPackages = with pkgs; [ 46 | proton-ge-bin 47 | ]; 48 | }; 49 | }; 50 | 51 | environment.systemPackages = with pkgs; [ 52 | winetricks 53 | wineWowPackages.waylandFull 54 | adwsteamgtk 55 | ]; 56 | }; 57 | } 58 | -------------------------------------------------------------------------------- /modules/nixos/roles/kubernetes/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | config, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.roles.kubernetes; 9 | in { 10 | options.roles.kubernetes = { 11 | enable = mkEnableOption "Enable kubernetes configuration"; 12 | role = mkOpt (types.nullOr types.str) "server" "Whether this node is a server or agent"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | roles = { 17 | server.enable = true; 18 | }; 19 | 20 | services = { 21 | nixicle.k3s = { 22 | enable = true; 23 | inherit (cfg) role; 24 | }; 25 | }; 26 | 27 | networking.firewall = { 28 | allowedUDPPorts = [ 29 | 53 30 | 8472 31 | ]; 32 | 33 | allowedTCPPorts = [ 34 | 22 35 | 53 36 | 6443 37 | 6444 38 | 9000 39 | 445 40 | 139 41 | ]; 42 | }; 43 | }; 44 | } 45 | -------------------------------------------------------------------------------- /modules/nixos/security/doas/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.security.nixicle.doas; 9 | in { 10 | options.security.nixicle.doas = { 11 | enable = mkBoolOpt false "Whether or not to replace sudo with doas."; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | # Disable sudo 16 | security.sudo.enable = false; 17 | 18 | # Enable and configure `doas`. 19 | security.doas = { 20 | enable = true; 21 | extraRules = [ 22 | { 23 | users = [config.user.name]; 24 | noPass = true; 25 | keepEnv = true; 26 | } 27 | ]; 28 | }; 29 | 30 | # Add an alias to the shell for backward-compat and convenience. 31 | environment.shellAliases = {sudo = "doas";}; 32 | }; 33 | } 34 | -------------------------------------------------------------------------------- /modules/nixos/security/sops/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.security.sops; 9 | in { 10 | options.security.sops = with types; { 11 | enable = mkBoolOpt false "Whether to enable sop for secrets management."; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | sops = { 16 | age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; 17 | }; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /modules/nixos/security/yubikey/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | pkgs, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.security.yubikey; 10 | in { 11 | options.security.yubikey = with types; { 12 | enable = mkBoolOpt false "Whether to enable yubikey for auth."; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | services = { 17 | pcscd.enable = true; 18 | udev.packages = with pkgs; [yubikey-personalization]; 19 | dbus.packages = [pkgs.gcr]; 20 | 21 | # INFO: lock PC on yubikey removal 22 | udev.extraRules = '' 23 | ACTION=="remove",\ 24 | ENV{ID_BUS}=="usb",\ 25 | ENV{ID_MODEL_ID}=="0407",\ 26 | ENV{ID_VENDOR_ID}=="1050",\ 27 | ENV{ID_VENDOR}=="Yubico",\ 28 | RUN+="${pkgs.systemd}/bin/loginctl lock-sessions" 29 | ''; 30 | }; 31 | 32 | security.pam.services = { 33 | swaylock = { 34 | u2fAuth = true; 35 | }; 36 | 37 | hyprlock = { 38 | u2fAuth = true; 39 | }; 40 | 41 | login = { 42 | u2fAuth = true; 43 | }; 44 | 45 | sudo = { 46 | u2fAuth = true; 47 | }; 48 | }; 49 | }; 50 | } 51 | -------------------------------------------------------------------------------- /modules/nixos/services/adguard/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.adguard; 8 | in { 9 | options.services.nixicle.adguard = { 10 | enable = mkEnableOption "Enable AdGuard Home"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | networking.firewall = lib.mkForce { 15 | enable = true; 16 | allowedUDPPorts = [ 17 | 53 18 | ]; 19 | 20 | allowedTCPPorts = [ 21 | 53 22 | ]; 23 | }; 24 | 25 | services.adguardhome = { 26 | enable = true; 27 | openFirewall = true; 28 | allowDHCP = true; 29 | }; 30 | 31 | services.traefik = { 32 | dynamicConfigOptions = { 33 | http = { 34 | services = { 35 | adguardhome.loadBalancer.servers = [ 36 | { 37 | url = "http://localhost:3000"; 38 | } 39 | ]; 40 | }; 41 | 42 | routers = { 43 | adguardhome = { 44 | entryPoints = ["websecure"]; 45 | rule = "Host(`adguard.homelab.haseebmajid.dev`)"; 46 | service = "adguardhome"; 47 | tls.certResolver = "letsencrypt"; 48 | }; 49 | }; 50 | }; 51 | }; 52 | }; 53 | }; 54 | } 55 | -------------------------------------------------------------------------------- /modules/nixos/services/audiobookshelf/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.audiobookshelf; 8 | in { 9 | options.services.nixicle.audiobookshelf = { 10 | enable = mkEnableOption "Enable the audiobookshelf service"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services = { 15 | audiobookshelf = { 16 | enable = true; 17 | port = 8555; 18 | group = "media"; 19 | }; 20 | 21 | cloudflared = { 22 | enable = true; 23 | tunnels = { 24 | "ec0b6af0-a823-4616-a08b-b871fd2c7f58" = { 25 | ingress = { 26 | "audiobookshelf.haseebmajid.dev" = "http://localhost:8555"; 27 | }; 28 | }; 29 | }; 30 | }; 31 | }; 32 | }; 33 | } 34 | -------------------------------------------------------------------------------- /modules/nixos/services/avahi/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | config, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.avahi; 8 | in { 9 | options.services.nixicle.avahi = { 10 | enable = mkEnableOption "Enable The avahi service"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.avahi = { 15 | enable = true; 16 | nssmdns4 = true; 17 | publish = { 18 | enable = true; 19 | addresses = true; 20 | domain = true; 21 | hinfo = true; 22 | userServices = true; 23 | workstation = true; 24 | }; 25 | }; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /modules/nixos/services/backup/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.backup; 8 | in { 9 | options.services.backup = { 10 | enable = mkEnableOption "Enable cloud backups"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.restic.backups.backblaze = { 15 | initialize = true; 16 | passwordFile = config.sops.secrets.restic_password.path; 17 | environmentFile = config.sops.secrets.restic_env.path; 18 | 19 | # TODO: use username here 20 | paths = ["/home/haseeb"]; 21 | repository = "b2:Majiy00Backup"; 22 | timerConfig = { 23 | OnUnitActiveSec = "1d"; 24 | }; 25 | exclude = [ 26 | "~/.config/gtk" 27 | ]; 28 | 29 | pruneOpts = [ 30 | "--keep-weekly 5" 31 | "--keep-yearly 10" 32 | ]; 33 | }; 34 | 35 | sops.secrets.restic_password = { 36 | sopsFile = ../../secrets.yaml; 37 | }; 38 | sops.secrets.restic_env = { 39 | sopsFile = ../../secrets.yaml; 40 | }; 41 | }; 42 | } 43 | -------------------------------------------------------------------------------- /modules/nixos/services/couchdb/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.services.nixicle.couchdb; 9 | in { 10 | options.services.nixicle.couchdb = { 11 | enable = mkEnableOption "Enable CouchDB"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services = { 16 | couchdb = { 17 | enable = true; 18 | adminUser = "admin"; 19 | adminPass = "admin"; 20 | }; 21 | 22 | traefik = { 23 | dynamicConfigOptions = { 24 | http = { 25 | services = { 26 | couchdb.loadBalancer.servers = [ 27 | { 28 | url = "http://localhost:5984"; 29 | } 30 | ]; 31 | }; 32 | 33 | routers = { 34 | couchdb = { 35 | entryPoints = ["websecure"]; 36 | rule = "Host(`couchdb.homelab.haseebmajid.dev`)"; 37 | service = "couchdb"; 38 | tls.certResolver = "letsencrypt"; 39 | }; 40 | }; 41 | }; 42 | }; 43 | }; 44 | }; 45 | }; 46 | } 47 | -------------------------------------------------------------------------------- /modules/nixos/services/deluge/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.deluge; 8 | in { 9 | options.services.nixicle.deluge = { 10 | enable = mkEnableOption "Enable the deluge downloader"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services = { 15 | deluge = { 16 | enable = true; 17 | web.enable = true; 18 | group = "media"; 19 | }; 20 | 21 | traefik = { 22 | dynamicConfigOptions = { 23 | http = { 24 | services = { 25 | deluge.loadBalancer.servers = [ 26 | { 27 | url = "http://localhost:8112"; 28 | } 29 | ]; 30 | }; 31 | 32 | routers = { 33 | deluge = { 34 | entryPoints = ["websecure"]; 35 | rule = "Host(`deluge.homelab.haseebmajid.dev`)"; 36 | service = "deluge"; 37 | tls.certResolver = "letsencrypt"; 38 | }; 39 | }; 40 | }; 41 | }; 42 | }; 43 | }; 44 | }; 45 | } 46 | -------------------------------------------------------------------------------- /modules/nixos/services/gitlab-runner/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.services.nixicle.gitlab-runner; 9 | in { 10 | options.services.nixicle.gitlab-runner = { 11 | enable = mkEnableOption "Enable gitlab runner"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | sops.secrets.gitlab_runner_env = { 16 | sopsFile = ../secrets.yaml; 17 | }; 18 | 19 | boot.kernel.sysctl."net.ipv4.ip_forward" = true; 20 | virtualisation.docker.enable = true; 21 | services.gitlab-runner = { 22 | enable = true; 23 | settings = { 24 | concurrent = 10; 25 | }; 26 | services = { 27 | default = { 28 | authenticationTokenConfigFile = config.sops.secrets.gitlab_runner_env.path; 29 | limit = 10; 30 | dockerImage = "debian:stable"; 31 | dockerPrivileged = true; 32 | dockerVolumes = [ 33 | "/cache" 34 | ]; 35 | }; 36 | }; 37 | }; 38 | }; 39 | } 40 | -------------------------------------------------------------------------------- /modules/nixos/services/gotify/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.nixicle.gotify; 9 | in { 10 | options.services.nixicle.gotify = { 11 | enable = mkEnableOption "Enable the notify service"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services = { 16 | gotify = { 17 | enable = true; 18 | environment = { 19 | GOTIFY_SERVER_PORT = "8051"; 20 | }; 21 | }; 22 | 23 | cloudflared = { 24 | tunnels = { 25 | "0e845de6-544a-47f2-a1d5-c76be02ce153" = { 26 | ingress = { 27 | "notify.haseebmajid.dev" = "http://localhost:8051"; 28 | }; 29 | }; 30 | }; 31 | }; 32 | 33 | traefik = { 34 | dynamicConfigOptions = { 35 | http = { 36 | services = { 37 | notify.loadBalancer.servers = [ 38 | { 39 | url = "http://localhost:8051"; 40 | } 41 | ]; 42 | }; 43 | 44 | routers = { 45 | notify = { 46 | entryPoints = ["websecure"]; 47 | rule = "Host(`notify.homelab.haseebmajid.dev`)"; 48 | service = "notify"; 49 | tls.certResolver = "letsencrypt"; 50 | }; 51 | }; 52 | }; 53 | }; 54 | }; 55 | }; 56 | }; 57 | } 58 | -------------------------------------------------------------------------------- /modules/nixos/services/immich/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.services.nixicle.immich; 5 | in { 6 | options.services.nixicle.immich = { 7 | enable = mkEnableOption "Enable the immich photo service"; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | systemd.tmpfiles.rules = [ "d /mnt/n2/immich 0775 immich media -" ]; 12 | 13 | services = { 14 | immich = { 15 | enable = true; 16 | host = "0.0.0.0"; 17 | mediaLocation = "/mnt/n2/immich"; 18 | }; 19 | 20 | traefik = { 21 | dynamicConfigOptions = { 22 | http = { 23 | services = { 24 | immich.loadBalancer.servers = 25 | [{ url = "http://localhost:2283"; }]; 26 | }; 27 | 28 | routers = { 29 | immich = { 30 | entryPoints = [ "websecure" ]; 31 | rule = "Host(`immich.homelab.haseebmajid.dev`)"; 32 | service = "immich"; 33 | tls.certResolver = "letsencrypt"; 34 | }; 35 | }; 36 | }; 37 | }; 38 | }; 39 | }; 40 | }; 41 | } 42 | -------------------------------------------------------------------------------- /modules/nixos/services/jellyfin/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | with lib; 3 | let cfg = config.services.nixicle.jellyfin; 4 | in { 5 | options.services.nixicle.jellyfin = { 6 | enable = mkEnableOption "Enable jellyfin service"; 7 | }; 8 | 9 | config = mkIf cfg.enable { 10 | nixpkgs.config.packageOverrides = pkgs: { 11 | vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; 12 | }; 13 | 14 | hardware.graphics = { 15 | enable = true; 16 | extraPackages = with pkgs; [ 17 | intel-media-driver 18 | intel-vaapi-driver # previously vaapiIntel 19 | vaapiVdpau 20 | intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) 21 | vpl-gpu-rt # QSV on 11th gen or newer 22 | intel-media-sdk # QSV up to 11th gen 23 | ]; 24 | }; 25 | 26 | services = { 27 | jellyfin.enable = true; 28 | jellyfin.openFirewall = true; 29 | 30 | traefik = { 31 | dynamicConfigOptions = { 32 | http = { 33 | services = { 34 | jellyfin.loadBalancer.servers = 35 | [{ url = "http://localhost:8096"; }]; 36 | }; 37 | 38 | routers = { 39 | jellyfin = { 40 | entryPoints = [ "websecure" ]; 41 | rule = "Host(`jellyfin.homelab.haseebmajid.dev`)"; 42 | service = "jellyfin"; 43 | tls.certResolver = "letsencrypt"; 44 | }; 45 | }; 46 | }; 47 | }; 48 | }; 49 | }; 50 | }; 51 | } 52 | -------------------------------------------------------------------------------- /modules/nixos/services/k3s/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.nixicle.k3s; 9 | in { 10 | options.services.nixicle.k3s = { 11 | enable = mkEnableOption "Enable The k3s service"; 12 | role = mkOpt (types.nullOr types.str) "server" "Whether this node is a server or agent"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | sops.secrets.k3s_token = { 17 | sopsFile = ../../roles/kubernetes/secrets.yaml; 18 | }; 19 | 20 | services = { 21 | k3s = { 22 | enable = true; 23 | tokenFile = config.sops.secrets.k3s_token.path; 24 | extraFlags = ''--kubelet-arg "node-ip=0.0.0.0"''; 25 | role = mkIf (cfg.role == "agent") "agent"; 26 | # TODO: how can we set this programmatically 27 | serverAddr = mkIf (cfg.role == "agent") "https://ms01:6443"; 28 | }; 29 | }; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /modules/nixos/services/minio/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.nixicle.minio; 9 | in { 10 | options.services.nixicle.minio = { 11 | enable = mkEnableOption "Enable the minio"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | users.users.minio.extraGroups = ["media"]; 16 | 17 | services = { 18 | minio = { 19 | enable = true; 20 | listenAddress = ":9055"; 21 | consoleAddress = ":9056"; 22 | # TODO: Move to NAS 23 | # dataDir = ["/mnt/nfs/homelab/minio"]; 24 | }; 25 | 26 | traefik = { 27 | dynamicConfigOptions = { 28 | http = { 29 | services = { 30 | console-minio.loadBalancer.servers = [ 31 | { 32 | url = "http://localhost:9056"; 33 | } 34 | ]; 35 | minio.loadBalancer.servers = [ 36 | { 37 | url = "http://localhost:9055"; 38 | } 39 | ]; 40 | }; 41 | 42 | routers = { 43 | minio = { 44 | entryPoints = ["websecure"]; 45 | rule = "Host(`minio.homelab.haseebmajid.dev`)"; 46 | service = "minio"; 47 | tls.certResolver = "letsencrypt"; 48 | }; 49 | console-minio = { 50 | entryPoints = ["websecure"]; 51 | rule = "Host(`console.minio.homelab.haseebmajid.dev`)"; 52 | service = "console-minio"; 53 | tls.certResolver = "letsencrypt"; 54 | }; 55 | }; 56 | }; 57 | }; 58 | }; 59 | }; 60 | }; 61 | } 62 | -------------------------------------------------------------------------------- /modules/nixos/services/n8n/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.n8n; 8 | in { 9 | options.services.nixicle.n8n = { 10 | enable = mkEnableOption "Enable n8n"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services = { 15 | n8n = { 16 | enable = true; 17 | openFirewall = true; 18 | }; 19 | 20 | traefik = { 21 | dynamicConfigOptions = { 22 | http = { 23 | services.n8n.loadBalancer.servers = [ 24 | { 25 | url = "http://localhost:5678"; 26 | } 27 | ]; 28 | 29 | routers = { 30 | n8n = { 31 | entryPoints = ["websecure"]; 32 | rule = "Host(`n8n.homelab.haseebmajid.dev`)"; 33 | service = "n8n"; 34 | tls.certResolver = "letsencrypt"; 35 | # middlewares = ["authentik"]; 36 | }; 37 | }; 38 | }; 39 | }; 40 | }; 41 | }; 42 | }; 43 | } 44 | -------------------------------------------------------------------------------- /modules/nixos/services/navidrome/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, ... }: 2 | with lib; 3 | let cfg = config.services.nixicle.navidrome; 4 | in { 5 | options.services.nixicle.navidrome = { 6 | enable = mkEnableOption "Enable the navidrome service"; 7 | }; 8 | 9 | config = mkIf cfg.enable { 10 | services = { 11 | navidrome = { 12 | enable = true; 13 | group = "media"; 14 | settings = { 15 | MusicFolder = "/mnt/n1/media/Music"; 16 | ND_REVERSEPROXYUSERHEADER = "X-authentik-username"; 17 | ND_REVERSEPROXYWHITELIST = "0.0.0.0/0"; 18 | }; 19 | }; 20 | 21 | cloudflared = { 22 | enable = true; 23 | tunnels = { 24 | "ec0b6af0-a823-4616-a08b-b871fd2c7f58" = { 25 | ingress = { 26 | "navidrome.haseebmajid.dev" = { 27 | service = "https://localhost"; 28 | originRequest = { 29 | originServerName = "navidrome.haseebmajid.dev"; 30 | }; 31 | }; 32 | }; 33 | }; 34 | }; 35 | }; 36 | 37 | traefik = { 38 | dynamicConfigOptions = { 39 | http = { 40 | services = { 41 | navidrome.loadBalancer.servers = 42 | [{ url = "http://localhost:4533"; }]; 43 | }; 44 | 45 | routers = { 46 | navidrome = { 47 | entryPoints = [ "websecure" ]; 48 | rule = "Host(`navidrome.haseebmajid.dev`)"; 49 | service = "navidrome"; 50 | tls.certResolver = "letsencrypt"; 51 | middlewares = [ "authentik" ]; 52 | }; 53 | }; 54 | }; 55 | }; 56 | }; 57 | }; 58 | }; 59 | } 60 | -------------------------------------------------------------------------------- /modules/nixos/services/netdata/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.nixicle.netdata; 9 | in { 10 | options.services.nixicle.netdata = { 11 | enable = mkEnableOption "Enable the netdata service"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services = { 16 | netdata = { 17 | enable = true; 18 | }; 19 | 20 | traefik = { 21 | dynamicConfigOptions = { 22 | http = { 23 | services = { 24 | netdata.loadBalancer.servers = [ 25 | { 26 | url = "http://localhost:19999"; 27 | } 28 | ]; 29 | }; 30 | 31 | routers = { 32 | netdata = { 33 | entryPoints = ["websecure"]; 34 | rule = "Host(`netdata.homelab.haseebmajid.dev`)"; 35 | service = "netdata"; 36 | tls.certResolver = "letsencrypt"; 37 | middlewares = ["authentik"]; 38 | }; 39 | }; 40 | }; 41 | }; 42 | }; 43 | }; 44 | }; 45 | } 46 | -------------------------------------------------------------------------------- /modules/nixos/services/nfs/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.services.nixicle.nfs; 10 | in { 11 | options.services.nixicle.nfs = { 12 | enable = mkEnableOption "Enable the (mount) nfs drive"; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | sops.secrets.nfs_smb_secrets = { 17 | sopsFile = ../secrets.yaml; 18 | }; 19 | 20 | environment.systemPackages = with pkgs; [ 21 | cifs-utils 22 | nfs-utils 23 | ]; 24 | 25 | fileSystems."/mnt/nfs" = { 26 | device = "192.168.1.74:/volume1/Data"; 27 | fsType = "nfs"; 28 | # options = ["x-systemd.automount" "noauto"]; 29 | }; 30 | 31 | fileSystems."/mnt/share" = { 32 | device = "//192.168.1.74/Data/homelab"; 33 | fsType = "cifs"; 34 | options = let 35 | # this line prevents hanging on network split 36 | automount_opts = "x-systemd.automount,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; 37 | in [ 38 | "${automount_opts},credentials=${config.sops.secrets.nfs_smb_secrets.path}" 39 | "uid=root" 40 | "gid=media" 41 | "file_mode=0664" 42 | "dir_mode=0775" 43 | ]; 44 | }; 45 | }; 46 | } 47 | -------------------------------------------------------------------------------- /modules/nixos/services/ollama/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.ollama; 8 | in { 9 | options.services.nixicle.ollama = { 10 | enable = mkEnableOption "Enable ollama and web ui"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.ollama = { 15 | enable = true; 16 | # acceleration = "rocm"; 17 | # rocmOverrideGfx = "11.0.0"; 18 | }; 19 | 20 | services.open-webui = { 21 | enable = true; 22 | port = 8185; 23 | environment = { 24 | WEBUI_AUTH = "False"; 25 | ANONYMIZED_TELEMETRY = "False"; 26 | DO_NOT_TRACK = "True"; 27 | SCARF_NO_ANALYTICS = "True"; 28 | }; 29 | }; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /modules/nixos/services/openssh/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.ssh; 9 | in { 10 | options.services.ssh = with types; { 11 | enable = mkBoolOpt false "Enable ssh"; 12 | authorizedKeys = mkOpt (listOf str) [] "The public keys to apply."; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | services.openssh = { 17 | enable = true; 18 | ports = [22]; 19 | 20 | settings = { 21 | PasswordAuthentication = false; 22 | StreamLocalBindUnlink = "yes"; 23 | GatewayPorts = "clientspecified"; 24 | }; 25 | }; 26 | users.users = { 27 | ${config.user.name}.openssh.authorizedKeys.keys = [ 28 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKuM4bCeJq0XQ1vd/iNK650Bu3wPVKQTSB0k2gsMKhdE hello@haseebmajid.dev" 29 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINP5gqbEEj+pykK58djSI1vtMtFiaYcygqhHd3mzPbSt hello@haseebmajid.dev" 30 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGOEtfQ0znAH8QyB4Z5FzRPa9iKkBhuriEpqyfoEkiv+ haseeb.majid@imaginecurve.com" 31 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+EemSmTtzuzWNmdTWrcxE7LUXaUJVoJfl0Za5vE4N0 nixos@vps" 32 | ]; 33 | }; 34 | }; 35 | } 36 | -------------------------------------------------------------------------------- /modules/nixos/services/paperless/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.services.nixicle.paperless; 5 | in { 6 | options.services.nixicle.paperless = { 7 | enable = mkEnableOption "Enable the paperless service"; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | users.users.${config.services.paperless.user}.extraGroups = [ "media" ]; 12 | 13 | sops.secrets.paperless_pass = { sopsFile = ../secrets.yaml; }; 14 | 15 | sops.secrets.paperless = { sopsFile = ../secrets.yaml; }; 16 | 17 | systemd.tmpfiles.rules = [ 18 | "d /mnt/n2/paperless 0775 paperless media -" 19 | "d /mnt/n2/paperless/media 0775 paperless media -" 20 | ]; 21 | 22 | systemd.services.paperless-web = { 23 | serviceConfig = { 24 | EnvironmentFile = [ config.sops.secrets.paperless.path ]; 25 | }; 26 | after = [ "postgresql.service" ]; 27 | }; 28 | 29 | services = { 30 | paperless = { 31 | enable = true; 32 | mediaDir = "/mnt/n2/paperless/media"; 33 | passwordFile = config.sops.secrets.paperless_pass.path; 34 | 35 | settings = { PAPERLESS_DBHOST = "/run/postgresql"; }; 36 | }; 37 | 38 | cloudflared = { 39 | enable = true; 40 | tunnels = { 41 | "ec0b6af0-a823-4616-a08b-b871fd2c7f58" = { 42 | ingress = { 43 | "paperless.haseebmajid.dev" = "http://localhost:28981"; 44 | }; 45 | }; 46 | }; 47 | }; 48 | 49 | postgresql = { 50 | ensureDatabases = [ "paperless" ]; 51 | ensureUsers = [{ 52 | name = "paperless"; 53 | ensureDBOwnership = true; 54 | }]; 55 | }; 56 | }; 57 | }; 58 | } 59 | -------------------------------------------------------------------------------- /modules/nixos/services/photoprism/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.photoprism; 8 | in { 9 | options.services.nixicle.photoprism = { 10 | enable = mkEnableOption "Enable photo prism"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | networking.firewall = { 15 | allowedTCPPorts = [ 16 | 2342 17 | ]; 18 | }; 19 | 20 | sops.secrets.photoprism_admin_password = { 21 | sopsFile = ../secrets.yaml; 22 | }; 23 | 24 | services = { 25 | photoprism = { 26 | enable = true; 27 | originalsPath = "/mnt/share/photoprism"; 28 | passwordFile = config.sops.secrets.photoprism_admin_password.path; 29 | settings = { 30 | PHOTOPRISM_GID = "989"; 31 | }; 32 | }; 33 | 34 | traefik = { 35 | dynamicConfigOptions = { 36 | http = { 37 | services.photos.loadBalancer.servers = [ 38 | { 39 | url = "http://localhost:2342"; 40 | } 41 | ]; 42 | 43 | routers = { 44 | photos = { 45 | entryPoints = ["websecure"]; 46 | rule = "Host(`photos.homelab.haseebmajid.dev`)"; 47 | service = "photos"; 48 | tls.certResolver = "letsencrypt"; 49 | }; 50 | }; 51 | }; 52 | }; 53 | }; 54 | }; 55 | }; 56 | } 57 | -------------------------------------------------------------------------------- /modules/nixos/services/plausible/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.nixicle.plausible; 9 | in { 10 | options.services.nixicle.plausible = { 11 | enable = mkEnableOption "Enable the plausible service"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | sops.secrets.plausible_admin_password = { 16 | sopsFile = ../secrets.yaml; 17 | }; 18 | 19 | sops.secrets.plausible_secret_keybase_file = { 20 | sopsFile = ../secrets.yaml; 21 | }; 22 | 23 | services = { 24 | clickhouse.enable = true; 25 | plausible = { 26 | enable = true; 27 | server = { 28 | baseUrl = "https://plausible.haseebmajid.dev"; 29 | port = 8455; 30 | secretKeybaseFile = config.sops.secrets.plausible_secret_keybase_file.path; 31 | }; 32 | }; 33 | 34 | cloudflared = { 35 | enable = true; 36 | tunnels = { 37 | "0e845de6-544a-47f2-a1d5-c76be02ce153" = { 38 | ingress = { 39 | "plausible.haseebmajid.dev" = "http://localhost:8455"; 40 | }; 41 | }; 42 | }; 43 | }; 44 | }; 45 | }; 46 | } 47 | -------------------------------------------------------------------------------- /modules/nixos/services/postgres/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.services.nixicle.postgresql; 9 | in { 10 | options.services.nixicle.postgresql = { 11 | enable = mkEnableOption "Enable postgresql"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services = { 16 | postgresql = { 17 | enable = true; 18 | package = pkgs.postgresql_16_jit; 19 | extensions = ps: with ps; [pgvecto-rs]; 20 | authentication = pkgs.lib.mkOverride 10 '' 21 | #... 22 | #type database DBuser origin-address auth-method 23 | local all all trust 24 | # ipv4 25 | host all all 127.0.0.1/32 trust 26 | # ipv6 27 | host all all ::1/128 trust 28 | ''; 29 | settings = { 30 | shared_preload_libraries = ["vectors.so"]; 31 | search_path = "\"$user\", public, vectors"; 32 | }; 33 | }; 34 | 35 | postgresqlBackup = { 36 | enable = true; 37 | # location = "/mnt/share/postgresql"; 38 | backupAll = true; 39 | startAt = "*-*-* 10:00:00"; 40 | }; 41 | 42 | traefik = { 43 | dynamicConfigOptions = { 44 | tcp = { 45 | services = { 46 | postgres = { 47 | loadBalancer = { 48 | servers = [ 49 | { 50 | address = "127.0.0.1:5432"; 51 | } 52 | ]; 53 | }; 54 | }; 55 | }; 56 | 57 | routers = { 58 | postgres = { 59 | entryPoints = ["postgres"]; 60 | rule = "HostSNI(`*`)"; 61 | service = "postgres"; 62 | }; 63 | }; 64 | }; 65 | }; 66 | }; 67 | }; 68 | }; 69 | } 70 | -------------------------------------------------------------------------------- /modules/nixos/services/printing/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | options, 3 | config, 4 | pkgs, 5 | lib, 6 | ... 7 | }: 8 | with lib; 9 | with lib.nixicle; let 10 | cfg = config.services.nixicle.printing; 11 | in { 12 | options.services.nixicle.printing = with types; { 13 | enable = mkBoolOpt false "Whether or not to configure printing support."; 14 | }; 15 | 16 | config = mkIf cfg.enable {services.printing.enable = true;}; 17 | } 18 | -------------------------------------------------------------------------------- /modules/nixos/services/redis/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.services.nixicle.redis; 9 | in { 10 | options.services.nixicle.redis = { 11 | enable = mkEnableOption "Enable redis"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services = { 16 | redis.servers = { 17 | main = { 18 | enable = true; 19 | openFirewall = true; 20 | port = 6380; 21 | bind = "0.0.0.0"; 22 | logLevel = "debug"; 23 | }; 24 | }; 25 | 26 | traefik = { 27 | dynamicConfigOptions = { 28 | tcp = { 29 | services = { 30 | redis = { 31 | loadBalancer = { 32 | servers = [ 33 | { 34 | address = "127.0.0.1:6380"; 35 | } 36 | ]; 37 | }; 38 | }; 39 | }; 40 | 41 | routers = { 42 | redis = { 43 | entryPoints = ["redis"]; 44 | rule = "HostSNI(`*`)"; 45 | service = "redis"; 46 | }; 47 | }; 48 | }; 49 | }; 50 | }; 51 | }; 52 | }; 53 | } 54 | -------------------------------------------------------------------------------- /modules/nixos/services/smb/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | with lib; 3 | with lib.nixicle; 4 | let cfg = config.services.nixicle.smb; 5 | in { 6 | options.services.nixicle.smb = { 7 | enable = mkEnableOption "Enable the smb server"; 8 | }; 9 | 10 | config = mkIf cfg.enable { 11 | services = { 12 | samba-wsdd = { 13 | enable = true; 14 | openFirewall = true; 15 | }; 16 | 17 | samba = { 18 | enable = true; 19 | openFirewall = true; 20 | securityType = "user"; 21 | nmbd.enable = true; 22 | winbindd.enable = true; 23 | settings = { 24 | global = { 25 | "hosts allow" = "192.168.1. 100.64.0.0/10 127.0.0.1 localhost"; 26 | "bind interfaces only" = "yes"; 27 | interfaces = "lo enp91s0 tailscale0"; 28 | security = "user"; 29 | "min protocol" = "SMB2"; 30 | "browseable" = "yes"; 31 | "guest account" = "nobody"; 32 | "map to guest" = "bad user"; 33 | }; 34 | public = { 35 | "path" = "/mnt/n1"; 36 | "browseable" = "yes"; 37 | "read only" = "no"; 38 | "guest ok" = "yes"; 39 | "create mask" = "0644"; 40 | "directory mask" = "0755"; 41 | "force user" = "nixos"; 42 | "force group" = "users"; 43 | }; 44 | }; 45 | }; 46 | }; 47 | }; 48 | } 49 | -------------------------------------------------------------------------------- /modules/nixos/services/stirling-pdf/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.services.nixicle.stirling-pdf; 9 | in { 10 | options.services.nixicle.stirling-pdf = { 11 | enable = mkEnableOption "Enable stirling pdf service"; 12 | }; 13 | 14 | # TODO: need a way to configure the settings file 15 | config = mkIf cfg.enable { 16 | services = { 17 | stirling-pdf = { 18 | enable = true; 19 | environment = { 20 | SERVER_PORT = 8783; 21 | SECURITY_ENABLE_LOGIN = "true"; 22 | }; 23 | }; 24 | 25 | traefik = { 26 | dynamicConfigOptions = { 27 | http = { 28 | services.pdf.loadBalancer.servers = [ 29 | { 30 | url = "http://localhost:8783"; 31 | } 32 | ]; 33 | 34 | routers = { 35 | pdf = { 36 | entryPoints = ["websecure"]; 37 | rule = "Host(`pdf.homelab.haseebmajid.dev`)"; 38 | service = "pdf"; 39 | tls.certResolver = "letsencrypt"; 40 | }; 41 | }; 42 | }; 43 | }; 44 | }; 45 | }; 46 | }; 47 | } 48 | -------------------------------------------------------------------------------- /modules/nixos/services/syncthing/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.nixicle.syncthing; 9 | in { 10 | options.services.nixicle.syncthing = { 11 | enable = mkEnableOption "Enable the syncthing service"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | services = { 16 | syncthing = { 17 | enable = true; 18 | guiAddress = "0.0.0.0:8384"; 19 | # dataDir = "/mnt/share/syncthing"; 20 | # group = "media"; 21 | openDefaultPorts = true; 22 | relay = { 23 | enable = true; 24 | }; 25 | }; 26 | 27 | traefik = { 28 | dynamicConfigOptions = { 29 | http = { 30 | services = { 31 | syncthing.loadBalancer.servers = [ 32 | { 33 | url = "http://localhost:8384"; 34 | } 35 | ]; 36 | }; 37 | 38 | routers = { 39 | syncthing = { 40 | entryPoints = ["websecure"]; 41 | rule = "Host(`syncthing.homelab.haseebmajid.dev`)"; 42 | service = "syncthing"; 43 | tls.certResolver = "letsencrypt"; 44 | middlewares = ["authentik"]; 45 | }; 46 | }; 47 | }; 48 | }; 49 | }; 50 | }; 51 | }; 52 | } 53 | -------------------------------------------------------------------------------- /modules/nixos/services/tailscale/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.tailscale; 8 | in { 9 | options.services.nixicle.tailscale = { 10 | enable = mkEnableOption "Enable tailscale"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services.tailscale.enable = true; 15 | }; 16 | } 17 | -------------------------------------------------------------------------------- /modules/nixos/services/tandoor/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.services.tandoor; 9 | in { 10 | options.services.tandoor = { 11 | enable = mkEnableOption "Enable the tandoor recipe service"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | sops.secrets.tandoor = { 16 | sopsFile = ../secrets.yaml; 17 | }; 18 | 19 | systemd.services.tandoor-recipes = { 20 | serviceConfig = { 21 | EnvironmentFile = [config.sops.secrets.tandoor.path]; 22 | }; 23 | after = ["postgresql.service"]; 24 | }; 25 | 26 | users.users.nginx.extraGroups = ["tandoor_recipes"]; 27 | 28 | services = { 29 | tandoor-recipes = { 30 | enable = true; 31 | port = 8099; 32 | # user = "tandoor_recipes"; 33 | # group = "tandoor_recipes"; 34 | extraConfig = { 35 | DB_ENGINE = "django.db.backends.postgresql"; 36 | POSTGRES_HOST = "/run/postgresql"; 37 | POSTGRES_USER = "tandoor_recipes"; 38 | POSTGRES_DB = "tandoor_recipes"; 39 | SOCIAL_DEFAULT_GROUP = "user"; 40 | SOCIAL_PROVIDERS = "allauth.socialaccount.providers.openid_connect"; 41 | }; 42 | }; 43 | 44 | cloudflared = { 45 | tunnels = { 46 | "ec0b6af0-a823-4616-a08b-b871fd2c7f58" = { 47 | ingress = { 48 | "tandoor-recipes.haseebmajid.dev/media/" = "http://localhost:8100"; 49 | "tandoor-recipes.haseebmajid.dev" = "http://localhost:8099"; 50 | }; 51 | }; 52 | }; 53 | }; 54 | 55 | postgresql = { 56 | ensureDatabases = ["tandoor_recipes"]; 57 | ensureUsers = [ 58 | { 59 | name = "tandoor_recipes"; 60 | ensureDBOwnership = true; 61 | } 62 | ]; 63 | }; 64 | 65 | nginx = { 66 | enable = true; 67 | virtualHosts = { 68 | "recipes-media" = { 69 | listen = [ 70 | { 71 | addr = "localhost"; 72 | port = 8100; 73 | } 74 | ]; 75 | locations = { 76 | "/media/" = { 77 | alias = "/var/lib/tandoor-recipes/"; 78 | }; 79 | }; 80 | }; 81 | }; 82 | }; 83 | }; 84 | }; 85 | } 86 | -------------------------------------------------------------------------------- /modules/nixos/services/uptime-kuma/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.nixicle.uptime-kuma; 8 | in { 9 | options.services.nixicle.uptime-kuma = { 10 | enable = mkEnableOption "Enable uptime kuma"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | services = { 15 | uptime-kuma = { 16 | enable = true; 17 | settings = { 18 | HOST = "0.0.0.0"; 19 | PORT = "4000"; 20 | }; 21 | }; 22 | 23 | cloudflared = { 24 | tunnels = { 25 | "0e845de6-544a-47f2-a1d5-c76be02ce153" = { 26 | ingress = { 27 | "uptime.haseebmajid.dev" = "http://localhost:4000"; 28 | }; 29 | }; 30 | }; 31 | }; 32 | 33 | traefik = { 34 | dynamicConfigOptions = { 35 | http = { 36 | services = { 37 | uptime-kuma.loadBalancer.servers = [ 38 | { 39 | url = "http://localhost:4000"; 40 | } 41 | ]; 42 | }; 43 | 44 | routers = { 45 | uptime-kuma = { 46 | entryPoints = ["websecure"]; 47 | rule = "Host(`uptime.homelab.haseebmajid.dev`)"; 48 | service = "uptime-kuma"; 49 | tls.certResolver = "letsencrypt"; 50 | }; 51 | }; 52 | }; 53 | }; 54 | }; 55 | }; 56 | }; 57 | } 58 | -------------------------------------------------------------------------------- /modules/nixos/services/virtualisation/kvm/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | pkgs, 4 | config, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.services.virtualisation.kvm; 10 | in { 11 | options.services.virtualisation.kvm = { 12 | enable = lib.mkEnableOption "enable kvm virtualisation"; 13 | }; 14 | 15 | config = lib.mkIf cfg.enable { 16 | environment.systemPackages = with pkgs; [ 17 | libguestfs 18 | win-virtio 19 | win-spice 20 | virt-manager 21 | virt-viewer 22 | ]; 23 | 24 | virtualisation = { 25 | kvmgt.enable = true; 26 | spiceUSBRedirection.enable = true; 27 | 28 | libvirtd = { 29 | enable = true; 30 | allowedBridges = [ 31 | "nm-bridge" 32 | "virbr0" 33 | ]; 34 | onBoot = "ignore"; 35 | onShutdown = "shutdown"; 36 | qemu = { 37 | swtpm.enable = true; 38 | ovmf = { 39 | enable = true; 40 | packages = [pkgs.OVMFFull.fd]; 41 | }; 42 | }; 43 | }; 44 | }; 45 | }; 46 | } 47 | -------------------------------------------------------------------------------- /modules/nixos/services/virtualisation/podman/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; let 7 | cfg = config.services.virtualisation.podman; 8 | in { 9 | options.services.virtualisation.podman = { 10 | enable = mkEnableOption "Enable podman"; 11 | }; 12 | 13 | config = mkIf cfg.enable { 14 | virtualisation = { 15 | podman = { 16 | enable = true; 17 | dockerSocket.enable = true; 18 | dockerCompat = true; 19 | defaultNetwork.settings = { 20 | dns_enabled = true; 21 | }; 22 | }; 23 | }; 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /modules/nixos/services/vpn/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; let 8 | cfg = config.services.vpn; 9 | in { 10 | options.services.vpn = { 11 | enable = mkEnableOption "Enable vpn"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | networking.wireguard.enable = true; 16 | services.mullvad-vpn = { 17 | enable = true; 18 | package = pkgs.mullvad-vpn; 19 | }; 20 | services.tailscale.enable = true; 21 | 22 | sops.secrets.mullvad_account_id = { 23 | sopsFile = ../../secrets.yaml; 24 | }; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /modules/nixos/styles/stylix/default.nix: -------------------------------------------------------------------------------- 1 | { lib, pkgs, config, ... }: 2 | let cfg = config.styles.stylix; 3 | in { 4 | options.styles.stylix = { enable = lib.mkEnableOption "Enable stylix"; }; 5 | 6 | config = lib.mkIf cfg.enable { 7 | fonts = { 8 | enableDefaultPackages = true; 9 | fontDir.enable = true; 10 | fontconfig = { 11 | enable = true; 12 | useEmbeddedBitmaps = true; 13 | 14 | localConf = '' 15 | 16 | 17 | 18 | 19 | 20 | 21 | Symbols Nerd Font 22 | 23 | 24 | Symbols Nerd Font 25 | 26 | 27 | 28 | ''; 29 | }; 30 | }; 31 | 32 | stylix = { 33 | enable = true; 34 | autoEnable = true; 35 | base16Scheme = 36 | "${pkgs.base16-schemes}/share/themes/catppuccin-mocha.yaml"; 37 | homeManagerIntegration.autoImport = false; 38 | homeManagerIntegration.followSystem = false; 39 | 40 | image = pkgs.nixicle.wallpapers.windows-error; 41 | 42 | cursor = { 43 | name = "Bibata-Modern-Classic"; 44 | package = pkgs.bibata-cursors; 45 | size = 24; 46 | }; 47 | 48 | fonts = { 49 | sizes = { 50 | terminal = 14; 51 | applications = 12; 52 | popups = 12; 53 | }; 54 | 55 | serif = { 56 | name = "Source Serif"; 57 | package = pkgs.source-serif; 58 | }; 59 | 60 | sansSerif = { 61 | name = "Noto Sans"; 62 | package = pkgs.noto-fonts; 63 | }; 64 | 65 | monospace = { 66 | package = pkgs.nixicle.monolisa; 67 | name = "MonoLisa"; 68 | }; 69 | 70 | emoji = { 71 | package = pkgs.noto-fonts-emoji; 72 | name = "Noto Color Emoji"; 73 | }; 74 | }; 75 | }; 76 | }; 77 | } 78 | -------------------------------------------------------------------------------- /modules/nixos/system/boot/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | pkgs, 5 | ... 6 | }: let 7 | inherit (lib) mkIf; 8 | inherit (lib.nixicle) mkBoolOpt; 9 | 10 | cfg = config.system.boot; 11 | in { 12 | options.system.boot = { 13 | enable = mkBoolOpt false "Whether or not to enable booting."; 14 | plymouth = mkBoolOpt false "Whether or not to enable plymouth boot splash."; 15 | secureBoot = mkBoolOpt false "Whether or not to enable secure boot."; 16 | }; 17 | 18 | config = mkIf cfg.enable { 19 | environment.systemPackages = with pkgs; 20 | [ 21 | efibootmgr 22 | efitools 23 | efivar 24 | fwupd 25 | ] 26 | ++ lib.optionals cfg.secureBoot [sbctl]; 27 | 28 | boot = { 29 | # TODO: if plymouth on 30 | kernelParams = lib.optionals cfg.plymouth ["quiet" "splash" "loglevel=3" "udev.log_level=0"]; 31 | # initrd.verbose = lib.optionals cfg.plymouth false; 32 | # consoleLogLevel = lib.optionals cfg.plymouth 0; 33 | initrd.systemd.enable = true; 34 | 35 | lanzaboote = mkIf cfg.secureBoot { 36 | enable = true; 37 | pkiBundle = "/etc/secureboot"; 38 | }; 39 | 40 | loader = { 41 | efi = { 42 | canTouchEfiVariables = true; 43 | }; 44 | 45 | systemd-boot = { 46 | enable = !cfg.secureBoot; 47 | configurationLimit = 20; 48 | editor = false; 49 | }; 50 | }; 51 | 52 | plymouth = { 53 | enable = cfg.plymouth; 54 | }; 55 | }; 56 | 57 | # services.fwupd.enable = true; 58 | }; 59 | } 60 | -------------------------------------------------------------------------------- /modules/nixos/system/locale/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | options, 3 | config, 4 | lib, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; let 9 | cfg = config.system.locale; 10 | in { 11 | options.system.locale = with types; { 12 | enable = mkBoolOpt false "Whether or not to manage locale settings."; 13 | }; 14 | 15 | config = mkIf cfg.enable { 16 | i18n = { 17 | defaultLocale = lib.mkDefault "en_GB.UTF-8"; 18 | extraLocaleSettings = { 19 | LC_ADDRESS = "en_GB.UTF-8"; 20 | LC_IDENTIFICATION = "en_GB.UTF-8"; 21 | LC_MEASUREMENT = "en_GB.UTF-8"; 22 | LC_MONETARY = "en_GB.UTF-8"; 23 | LC_NAME = "en_GB.UTF-8"; 24 | LC_NUMERIC = "en_GB.UTF-8"; 25 | LC_PAPER = "en_GB.UTF-8"; 26 | LC_TELEPHONE = "en_GB.UTF-8"; 27 | LC_TIME = "en_GB.UTF-8"; 28 | }; 29 | }; 30 | time.timeZone = "Europe/London"; 31 | 32 | # Configure keymap in X11 33 | services.xserver = { 34 | xkb.layout = "gb"; 35 | xkb.variant = ""; 36 | }; 37 | # Configure console keymap 38 | console.keyMap = "uk"; 39 | }; 40 | } 41 | -------------------------------------------------------------------------------- /modules/nixos/system/nix/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.system.nix; 9 | in { 10 | options.system.nix = with types; { 11 | enable = mkBoolOpt false "Whether or not to manage nix configuration"; 12 | }; 13 | 14 | config = mkIf cfg.enable { 15 | nix = { 16 | settings = { 17 | trusted-users = ["@wheel" "root"]; 18 | auto-optimise-store = lib.mkDefault true; 19 | use-xdg-base-directories = true; 20 | experimental-features = ["nix-command" "flakes"]; 21 | warn-dirty = false; 22 | system-features = ["kvm" "big-parallel" "nixos-test"]; 23 | }; 24 | 25 | # flake-utils-plus 26 | generateRegistryFromInputs = true; 27 | generateNixPathFromInputs = true; 28 | linkInputs = true; 29 | }; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /modules/nixos/user/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | config, 3 | lib, 4 | ... 5 | }: 6 | with lib; 7 | with lib.nixicle; let 8 | cfg = config.user; 9 | in { 10 | options.user = with types; { 11 | name = mkOpt str "haseeb" "The name of the user's account"; 12 | initialPassword = 13 | mkOpt str "1" 14 | "The initial password to use"; 15 | extraGroups = mkOpt (listOf str) [] "Groups for the user to be assigned."; 16 | extraOptions = 17 | mkOpt attrs {} 18 | "Extra options passed to users.users."; 19 | }; 20 | 21 | config = { 22 | users.mutableUsers = false; 23 | users.users.${cfg.name} = 24 | { 25 | isNormalUser = true; 26 | inherit (cfg) name initialPassword; 27 | home = "/home/${cfg.name}"; 28 | group = "users"; 29 | 30 | # TODO: set in modules 31 | extraGroups = 32 | [ 33 | "wheel" 34 | "audio" 35 | "sound" 36 | "video" 37 | "networkmanager" 38 | "input" 39 | "tty" 40 | "podman" 41 | "kvm" 42 | "libvirtd" 43 | ] 44 | ++ cfg.extraGroups; 45 | } 46 | // cfg.extraOptions; 47 | 48 | home-manager = { 49 | useGlobalPkgs = true; 50 | useUserPackages = true; 51 | }; 52 | }; 53 | } 54 | -------------------------------------------------------------------------------- /overlays/zjstatus/default.nix: -------------------------------------------------------------------------------- 1 | {inputs, ...}: final: prev: { 2 | zjstatus = inputs.zjstatus.packages.${prev.system}.default; 3 | } 4 | -------------------------------------------------------------------------------- /packages/install/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | writeShellScriptBin, 3 | gum, 4 | ... 5 | }: 6 | # Taken from: https://github.com/IogaMaster/dotfiles/blob/main/packages/install/default.nix 7 | writeShellScriptBin "install" '' 8 | ${gum}/bin/gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "✨ Haseeb's dotfiles installer ✨" 9 | echo "This script will wipe the remote system!" 10 | ${gum}/bin/gum confirm "Cancel..." && exit 11 | 12 | echo 13 | echo "🔥 kexec into the NixOS Installer..." 14 | ssh root@$2 'curl -L https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/nixos-kexec-installer-noninteractive-x86_64-linux.tar.gz | tar -xzf- -C /root' 15 | ssh root@$2 '/root/kexec/run' 16 | 17 | echo 18 | echo "⏰ Waiting for host nixos to come online..." 19 | while true; do ping -c1 nixos > /dev/null && break; done 20 | 21 | echo 22 | echo "📥 Grabbing hardware config..." 23 | ssh root@nixos 'nixos-generate-config --show-hardware-config --root /mnt' > systems/x86_64-linux/$1/hardware-configuration.nix 24 | 25 | echo 26 | echo "✅ Installing..." 27 | nix run github:nix-community/nixos-anywhere -- --flake .#$1 root@nixos 28 | 29 | echo 30 | echo "✨ Done!!!" 31 | '' 32 | -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-Black.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-Black.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-BlackItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-BlackItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-Bold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-Bold.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-BoldItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-BoldItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-ExtraBold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-ExtraBold.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-ExtraBoldItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-ExtraBoldItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-ExtraLight.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-ExtraLight.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-ExtraLightItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-ExtraLightItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-Light.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-Light.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-LightItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-LightItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-Medium.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-Medium.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-MediumItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-MediumItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-Regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-Regular.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-RegularItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-RegularItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-SemiBold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-SemiBold.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-SemiBoldItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-SemiBoldItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-Thin.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-Thin.ttf -------------------------------------------------------------------------------- /packages/monolisa/MonoLisa/MonoLisa-ThinItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/monolisa/MonoLisa/MonoLisa-ThinItalic.ttf -------------------------------------------------------------------------------- /packages/monolisa/default.nix: -------------------------------------------------------------------------------- 1 | {stdenv, ...}: 2 | stdenv.mkDerivation { 3 | pname = "monolisa"; 4 | version = "0.1.0"; 5 | 6 | src = ./MonoLisa; 7 | 8 | installPhase = '' 9 | mkdir -p $out/share/fonts 10 | cp -R $src $out/share/fonts/truetype/ 11 | ''; 12 | } 13 | -------------------------------------------------------------------------------- /packages/octopus-energy/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | pkgs, 4 | fetchFromGitHub, 5 | buildHomeAssistantComponent, 6 | }: 7 | buildHomeAssistantComponent rec { 8 | owner = "BottlecapDave"; 9 | domain = "octopus_energy"; 10 | version = "14.0.0-beta.1"; 11 | format = "other"; 12 | 13 | src = fetchFromGitHub { 14 | owner = "BottlecapDave"; 15 | repo = "HomeAssistant-OctopusEnergy"; 16 | rev = "v${version}"; 17 | sha256 = "sha256-5UX74mgg9eV6kdupB42RrxTnNeLyeOScVg41mMhfARo="; 18 | }; 19 | 20 | checkInputs = with pkgs.python312Packages; 21 | with pkgs; [ 22 | home-assistant 23 | mock 24 | psutil-home-assistant 25 | pytest 26 | pytest-socket 27 | pytest-asyncio 28 | sqlalchemy 29 | pydantic 30 | ]; 31 | 32 | # checkPhase = '' 33 | # python -m pytest tests/unit 34 | # ''; 35 | 36 | meta = with lib; { 37 | homepage = "https://github.com/BottlecapDave/HomeAssistant-OctopusEnergy"; 38 | license = licenses.mit; 39 | description = "Custom component to bring your Octopus Energy details into Home Assistant"; 40 | }; 41 | } 42 | -------------------------------------------------------------------------------- /packages/wallpapers/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | ... 5 | }: let 6 | images = builtins.attrNames (builtins.readDir ./wallpapers); 7 | mkWallpaper = name: src: let 8 | fileName = builtins.baseNameOf src; 9 | pkg = pkgs.stdenvNoCC.mkDerivation { 10 | inherit name src; 11 | 12 | dontUnpack = true; 13 | 14 | installPhase = '' 15 | cp $src $out 16 | ''; 17 | 18 | passthru = {inherit fileName;}; 19 | }; 20 | in 21 | pkg; 22 | names = builtins.map (lib.snowfall.path.get-file-name-without-extension) images; 23 | wallpapers = 24 | lib.foldl 25 | (acc: image: let 26 | # fileName = builtins.baseNameOf image; 27 | # lib.getFileName is a helper to get the basename of 28 | # the file and then take the name before the file extension. 29 | # eg. mywallpaper.png -> mywallpaper 30 | name = lib.snowfall.path.get-file-name-without-extension image; 31 | in 32 | acc // {"${name}" = mkWallpaper name (./wallpapers + "/${image}");}) 33 | {} 34 | images; 35 | installTarget = "$out/share/wallpapers"; 36 | installWallpapers = 37 | builtins.mapAttrs 38 | (name: wallpaper: '' 39 | cp ${wallpaper} ${installTarget}/${wallpaper.fileName} 40 | '') 41 | wallpapers; 42 | in 43 | pkgs.stdenvNoCC.mkDerivation { 44 | name = "wallpapers"; 45 | src = ./wallpapers; 46 | 47 | installPhase = '' 48 | mkdir -p ${installTarget} 49 | 50 | find * -type f -mindepth 0 -maxdepth 0 -exec cp ./{} ${installTarget}/{} ';' 51 | ''; 52 | 53 | passthru = {inherit names;} // wallpapers; 54 | } 55 | -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/3kitty2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/3kitty2.jpg -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/KurzegartDNA.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/KurzegartDNA.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/Kurzgesagt-Baby_Star.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/Kurzgesagt-Baby_Star.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/Kurzgesagt-Cloudy_Quasar_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/Kurzgesagt-Cloudy_Quasar_1.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/Kurzgesagt-Galaxies.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/Kurzgesagt-Galaxies.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/Kurzgesagt-Galaxy_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/Kurzgesagt-Galaxy_2.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/Kurzgesagt-Galaxy_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/Kurzgesagt-Galaxy_3.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/Kurzgesagt-Stellar_Phenomenon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/Kurzgesagt-Stellar_Phenomenon.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/Palette.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/Palette.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/cat-sound.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/cat-sound.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/catMachup.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/catMachup.jpg -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/catpuccino-caramel-dark-4k.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/catpuccino-caramel-dark-4k.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/earth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/earth.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/galaxy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/galaxy.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/nixppuccin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/nixppuccin.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/pizza.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/pizza.png -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/rainbow-nix.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/rainbow-nix.jpg -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/spill.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/spill.jpg -------------------------------------------------------------------------------- /packages/wallpapers/wallpapers/windows-error.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hmajid2301/nixicle/e821078b50dea1b8c9ce46a3919ee90e320e24e9/packages/wallpapers/wallpapers/windows-error.jpg -------------------------------------------------------------------------------- /shells/default/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | inputs, 4 | ... 5 | }: 6 | pkgs.mkShell { 7 | NIX_CONFIG = "extra-experimental-features = nix-command flakes"; 8 | 9 | packages = with pkgs; [ 10 | nh 11 | inputs.nixos-anywhere.packages.${pkgs.system}.nixos-anywhere 12 | python312Packages.mkdocs-material 13 | deploy-rs 14 | 15 | statix 16 | deadnix 17 | alejandra 18 | home-manager 19 | git 20 | sops 21 | ssh-to-age 22 | gnupg 23 | age 24 | ]; 25 | } 26 | -------------------------------------------------------------------------------- /systems/aarch64-sd-aarch64/server-pi-5/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | lib, 3 | modulesPath, 4 | inputs, 5 | ... 6 | }: 7 | with lib; 8 | with lib.nixicle; { 9 | nixpkgs.overlays = [ 10 | (final: super: { 11 | makeModulesClosure = x: 12 | super.makeModulesClosure (x // {allowMissing = true;}); 13 | }) 14 | ]; 15 | 16 | imports = with inputs.nixos-hardware.nixosModules; [ 17 | (modulesPath + "/installer/scan/not-detected.nix") 18 | raspberry-pi-5 19 | ]; 20 | 21 | roles = { 22 | server.enable = true; 23 | }; 24 | 25 | sdImage.compressImage = false; 26 | system.boot.enable = lib.mkForce false; 27 | hardware.raspberry-pi-5.enable = true; 28 | 29 | system.stateVersion = "23.11"; 30 | } 31 | -------------------------------------------------------------------------------- /systems/x86_64-install-iso/graphical/default.nix: -------------------------------------------------------------------------------- 1 | {lib, ...}: { 2 | boot.loader.systemd-boot.enable = true; 3 | boot.loader.efi.canTouchEfiVariables = true; 4 | 5 | networking.wireless.enable = lib.mkForce false; 6 | hardware.networking.enable = true; 7 | 8 | roles = { 9 | desktop.addons.gnome.enable = true; 10 | }; 11 | 12 | nix.enable = true; 13 | services = { 14 | openssh.enable = true; 15 | }; 16 | 17 | system = { 18 | locale.enable = true; 19 | }; 20 | 21 | services.displayManager.autoLogin = { 22 | enable = true; 23 | user = "nixos"; 24 | }; 25 | 26 | users.users = { 27 | nixos.extraGroups = ["networkmanager"]; 28 | 29 | # TODO: reuse existing openss config 30 | nixos.openssh.authorizedKeys.keys = [ 31 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKuM4bCeJq0XQ1vd/iNK650Bu3wPVKQTSB0k2gsMKhdE hello@haseebmajid.dev" 32 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINP5gqbEEj+pykK58djSI1vtMtFiaYcygqhHd3mzPbSt hello@haseebmajid.dev" 33 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGOEtfQ0znAH8QyB4Z5FzRPa9iKkBhuriEpqyfoEkiv+ haseeb.majid@imaginecurve.com" 34 | ]; 35 | }; 36 | 37 | system.stateVersion = "23.11"; 38 | } 39 | -------------------------------------------------------------------------------- /systems/x86_64-install-iso/minimal/default.nix: -------------------------------------------------------------------------------- 1 | {lib, ...}: { 2 | boot.loader.systemd-boot.enable = true; 3 | boot.loader.efi.canTouchEfiVariables = true; 4 | 5 | networking.wireless.enable = lib.mkForce false; 6 | networking.networkmanager.enable = true; 7 | 8 | nix.enable = true; 9 | services = { 10 | openssh.enable = true; 11 | }; 12 | 13 | system = { 14 | locale.enable = true; 15 | }; 16 | 17 | user = { 18 | name = "nixos"; 19 | initialPassword = "1"; 20 | }; 21 | 22 | system.stateVersion = "23.11"; 23 | } 24 | -------------------------------------------------------------------------------- /systems/x86_64-linux/framework/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | ... 5 | }: { 6 | imports = [ 7 | ./hardware-configuration.nix 8 | ./disks.nix 9 | ]; 10 | 11 | services = { 12 | virtualisation.kvm.enable = true; 13 | virtualisation.podman.enable = true; 14 | }; 15 | 16 | roles = { 17 | gaming.enable = true; 18 | desktop = { 19 | enable = true; 20 | addons = { 21 | hyprland.enable = true; 22 | }; 23 | }; 24 | }; 25 | 26 | networking.hostName = "framework"; 27 | 28 | boot = { 29 | kernelParams = [ 30 | "resume_offset=533760" 31 | ]; 32 | supportedFilesystems = lib.mkForce ["btrfs"]; 33 | kernelPackages = pkgs.linuxPackages_latest; 34 | resumeDevice = "/dev/disk/by-label/nixos"; 35 | }; 36 | 37 | system.stateVersion = "23.11"; 38 | } 39 | -------------------------------------------------------------------------------- /systems/x86_64-linux/framework/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | pkgs, 8 | modulesPath, 9 | ... 10 | }: { 11 | imports = [ 12 | (modulesPath + "/installer/scan/not-detected.nix") 13 | ]; 14 | 15 | boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt"]; 16 | boot.initrd.kernelModules = []; 17 | boot.kernelModules = ["kvm-amd"]; 18 | boot.extraModulePackages = []; 19 | 20 | # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 21 | # (the default) this is the recommended approach. When using systemd-networkd it's 22 | # still possible to use this option, but it's recommended to use it in conjunction 23 | # with explicit per-interface declarations with `networking.interfaces..useDHCP`. 24 | networking.useDHCP = lib.mkDefault true; 25 | # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; 26 | # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; 27 | 28 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 29 | hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 30 | } 31 | -------------------------------------------------------------------------------- /systems/x86_64-linux/ms01/disks.nix: -------------------------------------------------------------------------------- 1 | { 2 | disko.devices = { 3 | disk = { 4 | nvme0n1 = { 5 | type = "disk"; 6 | device = "/dev/nvme0n1"; 7 | content = { 8 | type = "gpt"; 9 | partitions = { 10 | ESP = { 11 | label = "boot"; 12 | name = "ESP"; 13 | size = "512M"; 14 | type = "EF00"; 15 | content = { 16 | type = "filesystem"; 17 | format = "vfat"; 18 | mountpoint = "/boot"; 19 | mountOptions = [ 20 | "defaults" 21 | ]; 22 | }; 23 | }; 24 | root = { 25 | size = "100%"; 26 | content = { 27 | type = "btrfs"; 28 | extraArgs = ["-L" "nixos" "-f"]; 29 | subvolumes = { 30 | "/root" = { 31 | mountpoint = "/"; 32 | mountOptions = ["subvol=root" "compress=zstd" "noatime"]; 33 | }; 34 | "/home" = { 35 | mountpoint = "/home"; 36 | mountOptions = ["subvol=home" "compress=zstd" "noatime"]; 37 | }; 38 | "/nix" = { 39 | mountpoint = "/nix"; 40 | mountOptions = ["subvol=nix" "compress=zstd" "noatime"]; 41 | }; 42 | "/persist" = { 43 | mountpoint = "/persist"; 44 | mountOptions = ["subvol=persist" "compress=zstd" "noatime"]; 45 | }; 46 | "/log" = { 47 | mountpoint = "/var/log"; 48 | mountOptions = ["subvol=log" "compress=zstd" "noatime"]; 49 | }; 50 | "/swap" = { 51 | mountpoint = "/swap"; 52 | swap.swapfile.size = "32G"; 53 | }; 54 | }; 55 | }; 56 | }; 57 | }; 58 | }; 59 | }; 60 | }; 61 | }; 62 | 63 | fileSystems."/persist".neededForBoot = true; 64 | fileSystems."/var/log".neededForBoot = true; 65 | } 66 | -------------------------------------------------------------------------------- /systems/x86_64-linux/ms01/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | pkgs, 8 | modulesPath, 9 | ... 10 | }: { 11 | imports = [ 12 | (modulesPath + "/installer/scan/not-detected.nix") 13 | ]; 14 | 15 | boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"]; 16 | boot.initrd.kernelModules = []; 17 | boot.kernelModules = ["kvm-intel"]; 18 | boot.extraModulePackages = []; 19 | 20 | # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 21 | # (the default) this is the recommended approach. When using systemd-networkd it's 22 | # still possible to use this option, but it's recommended to use it in conjunction 23 | # with explicit per-interface declarations with `networking.interfaces..useDHCP`. 24 | networking.useDHCP = lib.mkDefault true; 25 | # networking.interfaces.enp0s13f0u3u4u5.useDHCP = lib.mkDefault true; 26 | # networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault true; 27 | # networking.interfaces.enp2s0f1.useDHCP = lib.mkDefault true; 28 | # networking.interfaces.enp87s0.useDHCP = lib.mkDefault true; 29 | # networking.interfaces.enp89s0.useDHCP = lib.mkDefault true; 30 | # networking.interfaces.wlp90s0.useDHCP = lib.mkDefault true; 31 | 32 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 33 | hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 34 | } 35 | -------------------------------------------------------------------------------- /systems/x86_64-linux/nas/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | ... 5 | }: { 6 | imports = [ 7 | ./hardware-configuration.nix 8 | ./disks.nix 9 | ]; 10 | 11 | services = { 12 | virtualisation.podman.enable = true; 13 | }; 14 | 15 | roles = { 16 | kubernetes = { 17 | enable = true; 18 | role = "server"; 19 | }; 20 | }; 21 | 22 | topology.self = { 23 | hardware.info = "NAS"; 24 | }; 25 | 26 | boot = { 27 | supportedFilesystems = lib.mkForce ["btrfs"]; 28 | kernelPackages = pkgs.linuxPackages_latest; 29 | resumeDevice = "/dev/disk/by-label/nixos"; 30 | 31 | initrd = { 32 | supportedFilesystems = ["nfs"]; 33 | kernelModules = ["nfs"]; 34 | }; 35 | }; 36 | 37 | system.stateVersion = "23.11"; 38 | } 39 | -------------------------------------------------------------------------------- /systems/x86_64-linux/nas/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | pkgs, 8 | modulesPath, 9 | ... 10 | }: { 11 | imports = [ 12 | (modulesPath + "/installer/scan/not-detected.nix") 13 | ]; 14 | 15 | boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod"]; 16 | boot.initrd.kernelModules = []; 17 | boot.kernelModules = ["kvm-amd"]; 18 | boot.extraModulePackages = []; 19 | 20 | swapDevices = []; 21 | 22 | # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 23 | # (the default) this is the recommended approach. When using systemd-networkd it's 24 | # still possible to use this option, but it's recommended to use it in conjunction 25 | # with explicit per-interface declarations with `networking.interfaces..useDHCP`. 26 | networking.useDHCP = lib.mkDefault true; 27 | # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true; 28 | # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; 29 | 30 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 31 | hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 32 | } 33 | -------------------------------------------------------------------------------- /systems/x86_64-linux/s100/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | ... 5 | }: { 6 | imports = [ 7 | ./hardware-configuration.nix 8 | ./disks.nix 9 | ]; 10 | 11 | roles = { 12 | server.enable = true; 13 | }; 14 | 15 | services.nixicle = { 16 | traefik.enable = true; 17 | postgresql.enable = true; 18 | home-assistant.enable = true; 19 | adguard.enable = true; 20 | n8n.enable = true; 21 | logging.enable = true; 22 | }; 23 | 24 | topology.self = { 25 | hardware.info = "S100"; 26 | }; 27 | 28 | boot = { 29 | supportedFilesystems = lib.mkForce ["btrfs"]; 30 | kernelPackages = pkgs.linuxPackages_latest; 31 | resumeDevice = "/dev/disk/by-label/nixos"; 32 | }; 33 | 34 | system.stateVersion = "23.11"; 35 | } 36 | -------------------------------------------------------------------------------- /systems/x86_64-linux/s100/disks.nix: -------------------------------------------------------------------------------- 1 | { 2 | disko.devices = { 3 | disk = { 4 | sdb = { 5 | type = "disk"; 6 | device = "/dev/sdb"; 7 | content = { 8 | type = "gpt"; 9 | partitions = { 10 | ESP = { 11 | label = "boot"; 12 | name = "ESP"; 13 | size = "512M"; 14 | type = "EF00"; 15 | content = { 16 | type = "filesystem"; 17 | format = "vfat"; 18 | mountpoint = "/boot"; 19 | mountOptions = [ 20 | "defaults" 21 | ]; 22 | }; 23 | }; 24 | root = { 25 | size = "100%"; 26 | content = { 27 | type = "btrfs"; 28 | extraArgs = ["-L" "nixos" "-f"]; 29 | subvolumes = { 30 | "/root" = { 31 | mountpoint = "/"; 32 | mountOptions = ["subvol=root" "compress=zstd" "noatime"]; 33 | }; 34 | "/home" = { 35 | mountpoint = "/home"; 36 | mountOptions = ["subvol=home" "compress=zstd" "noatime"]; 37 | }; 38 | "/nix" = { 39 | mountpoint = "/nix"; 40 | mountOptions = ["subvol=nix" "compress=zstd" "noatime"]; 41 | }; 42 | "/persist" = { 43 | mountpoint = "/persist"; 44 | mountOptions = ["subvol=persist" "compress=zstd" "noatime"]; 45 | }; 46 | "/log" = { 47 | mountpoint = "/var/log"; 48 | mountOptions = ["subvol=log" "compress=zstd" "noatime"]; 49 | }; 50 | "/swap" = { 51 | mountpoint = "/swap"; 52 | swap.swapfile.size = "8G"; 53 | }; 54 | }; 55 | }; 56 | }; 57 | }; 58 | }; 59 | }; 60 | }; 61 | }; 62 | 63 | fileSystems."/persist".neededForBoot = true; 64 | fileSystems."/var/log".neededForBoot = true; 65 | } 66 | -------------------------------------------------------------------------------- /systems/x86_64-linux/s100/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | pkgs, 8 | modulesPath, 9 | ... 10 | }: { 11 | imports = [ 12 | (modulesPath + "/installer/scan/not-detected.nix") 13 | ]; 14 | 15 | boot.initrd.availableKernelModules = ["ufshcd_pci" "xhci_pci" "dwc3_pci" "usb_storage" "sd_mod"]; 16 | boot.initrd.kernelModules = []; 17 | boot.kernelModules = ["kvm-intel"]; 18 | boot.extraModulePackages = []; 19 | 20 | # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 21 | # (the default) this is the recommended approach. When using systemd-networkd it's 22 | # still possible to use this option, but it's recommended to use it in conjunction 23 | # with explicit per-interface declarations with `networking.interfaces..useDHCP`. 24 | networking.useDHCP = lib.mkDefault true; 25 | # networking.interfaces.enp0s20f0u3u4u5.useDHCP = lib.mkDefault true; 26 | # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; 27 | # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; 28 | 29 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 30 | hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 31 | } 32 | -------------------------------------------------------------------------------- /systems/x86_64-linux/um790/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | ... 5 | }: { 6 | imports = [ 7 | ./hardware-configuration.nix 8 | ./disks.nix 9 | ]; 10 | 11 | services = { 12 | virtualisation.podman.enable = true; 13 | }; 14 | 15 | roles = { 16 | kubernetes = { 17 | enable = true; 18 | role = "server"; 19 | }; 20 | }; 21 | 22 | networking.interfaces.enp1s0.wakeOnLan.enable = true; 23 | 24 | topology.self = { 25 | hardware.info = "UM790"; 26 | }; 27 | 28 | boot = { 29 | supportedFilesystems = lib.mkForce ["btrfs"]; 30 | kernelPackages = pkgs.linuxPackages_latest; 31 | resumeDevice = "/dev/disk/by-label/nixos"; 32 | }; 33 | 34 | system.stateVersion = "23.11"; 35 | } 36 | -------------------------------------------------------------------------------- /systems/x86_64-linux/um790/disks.nix: -------------------------------------------------------------------------------- 1 | { 2 | disko.devices = { 3 | disk = { 4 | nvme0n1 = { 5 | type = "disk"; 6 | device = "/dev/nvme0n1"; 7 | content = { 8 | type = "gpt"; 9 | partitions = { 10 | ESP = { 11 | label = "boot"; 12 | name = "ESP"; 13 | size = "512M"; 14 | type = "EF00"; 15 | content = { 16 | type = "filesystem"; 17 | format = "vfat"; 18 | mountpoint = "/boot"; 19 | mountOptions = [ 20 | "defaults" 21 | ]; 22 | }; 23 | }; 24 | root = { 25 | size = "100%"; 26 | content = { 27 | type = "btrfs"; 28 | extraArgs = ["-L" "nixos" "-f"]; 29 | subvolumes = { 30 | "/root" = { 31 | mountpoint = "/"; 32 | mountOptions = ["subvol=root" "compress=zstd" "noatime"]; 33 | }; 34 | "/home" = { 35 | mountpoint = "/home"; 36 | mountOptions = ["subvol=home" "compress=zstd" "noatime"]; 37 | }; 38 | "/nix" = { 39 | mountpoint = "/nix"; 40 | mountOptions = ["subvol=nix" "compress=zstd" "noatime"]; 41 | }; 42 | "/persist" = { 43 | mountpoint = "/persist"; 44 | mountOptions = ["subvol=persist" "compress=zstd" "noatime"]; 45 | }; 46 | "/log" = { 47 | mountpoint = "/var/log"; 48 | mountOptions = ["subvol=log" "compress=zstd" "noatime"]; 49 | }; 50 | "/swap" = { 51 | mountpoint = "/swap"; 52 | swap.swapfile.size = "32G"; 53 | }; 54 | }; 55 | }; 56 | }; 57 | }; 58 | }; 59 | }; 60 | }; 61 | }; 62 | 63 | fileSystems."/persist".neededForBoot = true; 64 | fileSystems."/var/log".neededForBoot = true; 65 | } 66 | -------------------------------------------------------------------------------- /systems/x86_64-linux/um790/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | pkgs, 8 | modulesPath, 9 | ... 10 | }: { 11 | imports = [ 12 | (modulesPath + "/installer/scan/not-detected.nix") 13 | ]; 14 | 15 | boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme"]; 16 | boot.initrd.kernelModules = []; 17 | boot.kernelModules = ["kvm-amd"]; 18 | boot.extraModulePackages = []; 19 | 20 | # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 21 | # (the default) this is the recommended approach. When using systemd-networkd it's 22 | # still possible to use this option, but it's recommended to use it in conjunction 23 | # with explicit per-interface declarations with `networking.interfaces..useDHCP`. 24 | networking.useDHCP = lib.mkDefault true; 25 | # networking.interfaces.enp0s13f0u3.useDHCP = lib.mkDefault true; 26 | # networking.interfaces.enp0s13f0u4u4u5.useDHCP = lib.mkDefault true; 27 | # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; 28 | # networking.interfaces.wlp166s0.useDHCP = lib.mkDefault true; 29 | 30 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 31 | hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 32 | } 33 | -------------------------------------------------------------------------------- /systems/x86_64-linux/vm/default.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | ... 5 | }: { 6 | imports = [ 7 | ./hardware-configuration.nix 8 | ./disks.nix 9 | ]; 10 | 11 | networking.hostName = "vm"; 12 | system.boot.plymouth = lib.mkForce false; 13 | 14 | system.impermanence.enable = true; 15 | roles = { 16 | desktop.enable = true; 17 | desktop.addons.gnome.enable = true; 18 | }; 19 | 20 | boot = { 21 | supportedFilesystems = lib.mkForce ["btrfs"]; 22 | kernelPackages = pkgs.linuxPackages_latest; 23 | resumeDevice = "/dev/disk/by-label/nixos"; 24 | }; 25 | 26 | system.stateVersion = "23.11"; 27 | } 28 | -------------------------------------------------------------------------------- /systems/x86_64-linux/vm/disks.nix: -------------------------------------------------------------------------------- 1 | { 2 | disko.devices = { 3 | disk = { 4 | vda = { 5 | type = "disk"; 6 | device = "/dev/vda"; 7 | content = { 8 | type = "gpt"; 9 | partitions = { 10 | ESP = { 11 | label = "boot"; 12 | name = "ESP"; 13 | size = "512M"; 14 | type = "EF00"; 15 | content = { 16 | type = "filesystem"; 17 | format = "vfat"; 18 | mountpoint = "/boot"; 19 | mountOptions = [ 20 | "defaults" 21 | ]; 22 | }; 23 | }; 24 | 25 | luks = { 26 | size = "100%"; 27 | label = "luks"; 28 | content = { 29 | type = "luks"; 30 | name = "enc"; 31 | extraOpenArgs = [ 32 | "--allow-discards" 33 | "--perf-no_read_workqueue" 34 | "--perf-no_write_workqueue" 35 | ]; 36 | content = { 37 | type = "btrfs"; 38 | extraArgs = ["-L" "nixos" "-f"]; 39 | postCreateHook = '' 40 | mount -t btrfs /dev/disk/by-label/nixos /mnt 41 | btrfs subvolume snapshot -r /mnt /mnt/root-blank 42 | umount /mnt 43 | ''; 44 | subvolumes = { 45 | "/root" = { 46 | mountpoint = "/"; 47 | mountOptions = ["subvol=root" "compress=zstd" "noatime"]; 48 | }; 49 | "/home" = { 50 | mountpoint = "/home"; 51 | mountOptions = ["subvol=home" "compress=zstd" "noatime"]; 52 | }; 53 | "/nix" = { 54 | mountpoint = "/nix"; 55 | mountOptions = ["subvol=nix" "compress=zstd" "noatime"]; 56 | }; 57 | "/persist" = { 58 | mountpoint = "/persist"; 59 | mountOptions = ["subvol=persist" "compress=zstd" "noatime"]; 60 | }; 61 | "/log" = { 62 | mountpoint = "/var/log"; 63 | mountOptions = ["subvol=log" "compress=zstd" "noatime"]; 64 | }; 65 | }; 66 | }; 67 | }; 68 | }; 69 | }; 70 | }; 71 | }; 72 | }; 73 | }; 74 | 75 | fileSystems."/persist".neededForBoot = true; 76 | fileSystems."/var/log".neededForBoot = true; 77 | } 78 | -------------------------------------------------------------------------------- /systems/x86_64-linux/vm/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | pkgs, 8 | modulesPath, 9 | ... 10 | }: { 11 | imports = [ 12 | (modulesPath + "/profiles/qemu-guest.nix") 13 | ]; 14 | 15 | boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"]; 16 | boot.initrd.kernelModules = []; 17 | boot.kernelModules = ["kvm-amd"]; 18 | boot.extraModulePackages = []; 19 | 20 | # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 21 | # (the default) this is the recommended approach. When using systemd-networkd it's 22 | # still possible to use this option, but it's recommended to use it in conjunction 23 | # with explicit per-interface declarations with `networking.interfaces..useDHCP`. 24 | networking.useDHCP = lib.mkDefault true; 25 | # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; 26 | 27 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 28 | } 29 | -------------------------------------------------------------------------------- /systems/x86_64-linux/vps/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: { 2 | imports = [ ./hardware-configuration.nix ./disks.nix ]; 3 | 4 | boot.loader.grub.enable = true; 5 | 6 | roles.server.enable = true; 7 | system.boot.enable = lib.mkForce false; 8 | 9 | sops.secrets.cloudflared_vps = { 10 | sopsFile = ../../../modules/nixos/services/secrets.yaml; 11 | }; 12 | 13 | services = { 14 | cloudflared = { 15 | enable = true; 16 | tunnels = { 17 | "0e845de6-544a-47f2-a1d5-c76be02ce153" = { 18 | credentialsFile = config.sops.secrets.cloudflared_vps.path; 19 | default = "http_status:404"; 20 | }; 21 | }; 22 | }; 23 | }; 24 | 25 | services = { 26 | avahi.enable = lib.mkForce false; 27 | 28 | nixicle = { 29 | traefik.enable = true; 30 | logging.enable = true; 31 | postgresql.enable = true; 32 | plausible.enable = true; 33 | # n8n.enable = true; 34 | gotify.enable = true; 35 | uptime-kuma.enable = true; 36 | }; 37 | 38 | traefik = { 39 | dynamicConfigOptions = { 40 | http = { 41 | services = { 42 | jellyfin.loadBalancer.servers = [{ url = "http://ms01:8096"; }]; 43 | 44 | immich.loadBalancer.servers = [{ url = "http://ms01:2283"; }]; 45 | }; 46 | 47 | routers = { 48 | jellyfin = { 49 | entryPoints = [ "websecure" ]; 50 | rule = "Host(`jellyfin.haseebmajid.dev`)"; 51 | service = "jellyfin"; 52 | tls.certResolver = "letsencrypt"; 53 | }; 54 | immich = { 55 | entryPoints = [ "websecure" ]; 56 | rule = "Host(`immich.haseebmajid.dev`)"; 57 | service = "immich"; 58 | tls.certResolver = "letsencrypt"; 59 | }; 60 | }; 61 | }; 62 | }; 63 | }; 64 | }; 65 | 66 | system.stateVersion = "24.05"; 67 | } 68 | -------------------------------------------------------------------------------- /systems/x86_64-linux/vps/disks.nix: -------------------------------------------------------------------------------- 1 | { 2 | disko.devices = { 3 | disk = { 4 | main = { 5 | type = "disk"; 6 | device = "/dev/sda"; 7 | content = { 8 | type = "gpt"; 9 | partitions = { 10 | boot = { 11 | size = "1M"; 12 | type = "EF02"; 13 | priority = 1; 14 | }; 15 | ESP = { 16 | size = "512M"; 17 | type = "EF00"; 18 | content = { 19 | type = "filesystem"; 20 | format = "vfat"; 21 | mountpoint = "/boot"; 22 | }; 23 | }; 24 | root = { 25 | size = "100%"; 26 | content = { 27 | type = "filesystem"; 28 | format = "ext4"; 29 | mountpoint = "/"; 30 | }; 31 | }; 32 | }; 33 | }; 34 | }; 35 | }; 36 | }; 37 | } 38 | -------------------------------------------------------------------------------- /systems/x86_64-linux/vps/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | pkgs, 8 | modulesPath, 9 | ... 10 | }: { 11 | imports = [ 12 | (modulesPath + "/profiles/qemu-guest.nix") 13 | ]; 14 | 15 | boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; 16 | boot.initrd.kernelModules = []; 17 | boot.kernelModules = []; 18 | boot.extraModulePackages = []; 19 | swapDevices = []; 20 | networking.useDHCP = lib.mkDefault true; 21 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 22 | } 23 | -------------------------------------------------------------------------------- /systems/x86_64-linux/workstation/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, lib, inputs, ... }: { 2 | imports = [ 3 | ./hardware-configuration.nix 4 | ./disks.nix 5 | inputs.nixos-facter-modules.nixosModules.facter 6 | { config.facter.reportPath = ./facter.json; } 7 | ]; 8 | 9 | environment.pathsToLink = [ "/share/fish" ]; 10 | 11 | programs.neovim = { 12 | enable = true; 13 | defaultEditor = true; 14 | }; 15 | 16 | system.boot.plymouth = lib.mkForce false; 17 | 18 | # TODO: when merged in 19 | systemd.package = pkgs.systemd.overrideAttrs (old: { 20 | patches = old.patches ++ [ 21 | (pkgs.fetchurl { 22 | url = 23 | "https://github.com/wrvsrx/systemd/compare/tag_fix-hibernate-resume%5E...tag_fix-hibernate-resume.patch"; 24 | hash = "sha256-Z784xysVUOYXCoTYJDRb3ppGiR8CgwY5CNV8jJSLOXU="; 25 | }) 26 | ]; 27 | }); 28 | 29 | services = { 30 | virtualisation.kvm.enable = true; 31 | hardware.openrgb.enable = true; 32 | nixicle.nfs.enable = true; 33 | # nixicle.ollama.enable = true; 34 | }; 35 | 36 | roles = { 37 | gaming.enable = true; 38 | desktop = { 39 | enable = true; 40 | addons = { 41 | hyprland.enable = true; 42 | gnome.enable = true; 43 | }; 44 | }; 45 | }; 46 | 47 | programs.wireshark.enable = true; 48 | systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false; 49 | 50 | boot = { 51 | kernelParams = [ "resume_offset=533760" ]; 52 | blacklistedKernelModules = [ "ath12k_pci" "ath12k" ]; 53 | 54 | supportedFilesystems = lib.mkForce [ "btrfs" ]; 55 | kernelPackages = pkgs.linuxPackages_latest; 56 | resumeDevice = "/dev/disk/by-label/nixos"; 57 | 58 | initrd = { 59 | supportedFilesystems = [ "nfs" ]; 60 | kernelModules = [ "nfs" ]; 61 | }; 62 | }; 63 | 64 | system.stateVersion = "23.11"; 65 | } 66 | 67 | -------------------------------------------------------------------------------- /systems/x86_64-linux/workstation/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 | # and may be overwritten by future invocations. Please make changes 3 | # to /etc/nixos/configuration.nix instead. 4 | { 5 | config, 6 | lib, 7 | modulesPath, 8 | ... 9 | }: { 10 | imports = [ 11 | (modulesPath + "/installer/scan/not-detected.nix") 12 | ]; 13 | 14 | fileSystems."/run/media/haseeb/Games" = { 15 | device = "/dev/disk/by-uuid/a85dfa14-38bf-4cb8-af7e-d1a977a3df0c"; 16 | fsType = "ext4"; 17 | }; 18 | 19 | boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid"]; 20 | boot.initrd.kernelModules = []; 21 | boot.kernelModules = ["kvm-amd"]; 22 | boot.extraModulePackages = []; 23 | 24 | # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 25 | # (the default) this is the recommended approach. When using systemd-networkd it's 26 | # still possible to use this option, but it's recommended to use it in conjunction 27 | # with explicit per-interface declarations with `networking.interfaces..useDHCP`. 28 | networking.useDHCP = lib.mkDefault true; 29 | # networking.interfaces.enp7s0.useDHCP = lib.mkDefault true; 30 | # networking.interfaces.enp8s0.useDHCP = lib.mkDefault true; 31 | # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; 32 | # networking.interfaces.wlp6s0.useDHCP = lib.mkDefault true; 33 | 34 | nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 35 | hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 36 | } 37 | -------------------------------------------------------------------------------- /topology/default.nix: -------------------------------------------------------------------------------- 1 | {config, ...}: let 2 | inherit 3 | (config.lib.topology) 4 | mkInternet 5 | mkDevice 6 | mkSwitch 7 | mkRouter 8 | mkConnection 9 | ; 10 | in { 11 | networks.home = { 12 | name = "Home"; 13 | cidrv4 = "192.168.1.1/24"; 14 | }; 15 | 16 | nodes = { 17 | ms01.interfaces.tailscale0.network = "home"; 18 | um790.interfaces.tailscale0.network = "home"; 19 | s100.interfaces.tailscale0.network = "home"; 20 | 21 | # internet = mkInternet { 22 | # connections = mkConnection "router" "wan1"; 23 | # }; 24 | # 25 | # router = mkRouter "linksys" { 26 | # info = "Linksys0218"; 27 | # interfaceGroups = [ 28 | # ["eth1" "eth2"] 29 | # ["wan1"] 30 | # ]; 31 | # connections.eth1 = mkConnection "aurora" "enp0s31f6"; 32 | # connections.eth2 = mkConnection "equinox" "eno1"; 33 | # 34 | # interfaces.eth1.network = "home"; 35 | # interfaces.eth2.network = "home"; 36 | # }; 37 | }; 38 | } 39 | --------------------------------------------------------------------------------