commit 824366c5dd111dd4a6f1d6e68c97c4a7e585620b Author: Andrei Jiroh Halili Date: Sun Dec 29 19:39:14 2024 +0800 chore(global): initial commit for nixpkgs branch Need to commit and push for community help at @hackclub slack later. Signed-off-by: Andrei Jiroh Halili diff --git a/.config/nixos/flake.lock b/.config/nixos/flake.lock new file mode 100644 index 0000000..fe16474 --- /dev/null +++ b/.config/nixos/flake.lock @@ -0,0 +1,421 @@ +{ + "nodes": { + "determinate": { + "inputs": { + "determinate-nixd-aarch64-darwin": "determinate-nixd-aarch64-darwin", + "determinate-nixd-aarch64-linux": "determinate-nixd-aarch64-linux", + "determinate-nixd-x86_64-darwin": [ + "determinate", + "determinate-nixd-aarch64-darwin" + ], + "determinate-nixd-x86_64-linux": "determinate-nixd-x86_64-linux", + "nix": "nix", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1733950326, + "narHash": "sha256-nUTutqzg/Z0eEXrC1ACTa4a9Ik5Iyxgqo8uL9DYib7I=", + "rev": "657395244a854da1bc71e38454958ecd57c0e241", + "revCount": 165, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/0.1.165%2Brev-657395244a854da1bc71e38454958ecd57c0e241/0193b781-6c27-7703-bca6-fc9648fca81d/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/DeterminateSystems/determinate/0.1" + } + }, + "determinate-nixd-aarch64-darwin": { + "flake": false, + "locked": { + "narHash": "sha256-I03XaJRNQHh/N3ea2qpMU78DahTm7tSfF+urRABhKiQ=", + "type": "file", + "url": "https://install.determinate.systems/determinate-nixd/tag/v0.2.6/macOS" + }, + "original": { + "type": "file", + "url": "https://install.determinate.systems/determinate-nixd/tag/v0.2.6/macOS" + } + }, + "determinate-nixd-aarch64-linux": { + "flake": false, + "locked": { + "narHash": "sha256-yxF7hyInOc+S1BEaxjLBLHUFjSAjC0bRKh0glUt4ilo=", + "type": "file", + "url": "https://install.determinate.systems/determinate-nixd/tag/v0.2.6/aarch64-linux" + }, + "original": { + "type": "file", + "url": "https://install.determinate.systems/determinate-nixd/tag/v0.2.6/aarch64-linux" + } + }, + "determinate-nixd-x86_64-linux": { + "flake": false, + "locked": { + "narHash": "sha256-/LPSCwR/ueorahCcyUSVym3y3lnRXkc6pqWwW2T/yT8=", + "type": "file", + "url": "https://install.determinate.systems/determinate-nixd/tag/v0.2.6/x86_64-linux" + }, + "original": { + "type": "file", + "url": "https://install.determinate.systems/determinate-nixd/tag/v0.2.6/x86_64-linux" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "determinate", + "nix", + "nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719994518, + "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "git-hooks-nix": { + "inputs": { + "flake-compat": [ + "determinate", + "nix", + "nix" + ], + "gitignore": [ + "determinate", + "nix", + "nix" + ], + "nixpkgs": [ + "determinate", + "nix", + "nix", + "nixpkgs" + ], + "nixpkgs-stable": [ + "determinate", + "nix", + "nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1721042469, + "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1735381016, + "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "home-manager", + "type": "github" + } + }, + "libgit2": { + "flake": false, + "locked": { + "lastModified": 1715853528, + "narHash": "sha256-J2rCxTecyLbbDdsyBWn9w7r3pbKRMkI9E7RvRgAqBdY=", + "owner": "libgit2", + "repo": "libgit2", + "rev": "36f7e21ad757a3dacc58cf7944329da6bc1d6e96", + "type": "github" + }, + "original": { + "owner": "libgit2", + "ref": "v1.8.1", + "repo": "libgit2", + "type": "github" + } + }, + "nix": { + "inputs": { + "nix": "nix_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1733248733, + "narHash": "sha256-rOFE8TSwWoup+LPNbmtTs6oLy7lYZ12L9GN+aZuQQaA=", + "rev": "98bbabc68ac8c897c2ad873c3557125691c45120", + "revCount": 108, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix/2.25.3/01939864-5191-788c-b898-163d916a3333/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/DeterminateSystems/nix/2.0" + } + }, + "nix_2": { + "inputs": { + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "git-hooks-nix": "git-hooks-nix", + "libgit2": "libgit2", + "nixpkgs": "nixpkgs", + "nixpkgs-23-11": "nixpkgs-23-11", + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1732881227, + "narHash": "sha256-T+wFMm3cj8pGJSwXmPuxG5pz+1gRDJoToF9OBxtzocA=", + "rev": "218cd6c16c0981cc32a45e3a15be1d3c1a68eb85", + "revCount": 18724, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/NixOS/nix/2.25.3/01938786-bc70-79e3-b7ee-bb61f8e7f238/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/NixOS/nix/%3D2.25.3" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1735388221, + "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1723688146, + "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-23-11": { + "locked": { + "lastModified": 1717159533, + "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1733120037, + "narHash": "sha256-En+gSoVJ3iQKPDU1FHrR6zIxSLXKjzKY+pnh9tt+Yts=", + "rev": "f9f0d5c5380be0a599b1fb54641fa99af8281539", + "revCount": 710194, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.2411.710194%2Brev-f9f0d5c5380be0a599b1fb54641fa99af8281539/01938be8-64ce-75c6-94d4-dbc2e4d547fe/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/NixOS/nixpkgs/%2A" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1733686850, + "narHash": "sha256-NQEO/nZWWGTGlkBWtCs/1iF1yl2lmQ1oY/8YZrumn3I=", + "rev": "dd51f52372a20a93c219e8216fe528a648ffcbf4", + "revCount": 719099, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.719099%2Brev-dd51f52372a20a93c219e8216fe528a648ffcbf4/0193af12-b91a-77b9-9c72-3172a023752d/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/0.1.tar.gz" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1734649271, + "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1735291276, + "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1682134069, + "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "fd901ef4bf93499374c5af385b2943f5801c0833", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "root": { + "inputs": { + "determinate": "determinate", + "home-manager": "home-manager", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_5", + "vscode-server": "vscode-server" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "vscode-server": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1729422940, + "narHash": "sha256-DlvJv33ml5UTKgu4b0HauOfFIoDx6QXtbqUF3vWeRCY=", + "owner": "nix-community", + "repo": "nixos-vscode-server", + "rev": "8b6db451de46ecf9b4ab3d01ef76e59957ff549f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-vscode-server", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/.config/nixos/flake.nix b/.config/nixos/flake.nix new file mode 100644 index 0000000..ae994ad --- /dev/null +++ b/.config/nixos/flake.nix @@ -0,0 +1,49 @@ +{ + description = "Andrei Jiroh's NixOS configurations"; + + # try to be in-sync with the nix-channels + inputs = { + nixpkgs = { + url = "github:NixOS/nixpkgs/nixos-unstable"; + }; + home-manager = { + url = "github:nix-community/home-manager/master"; + }; + nixos-hardware = { + url = "github:NixOS/nixos-hardware/master"; + }; + determinate = { + url = "https://flakehub.com/f/DeterminateSystems/determinate/0.1"; + }; + vscode-server = { + url = "github:nix-community/nixos-vscode-server"; + }; + }; + + outputs = { + self, + nixpkgs, + home-manager, + nixos-hardware, + determinate, + vscode-server + }: { + nixosConfigurations = { + stellapent-cier = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + determinate.nixosModules.default + vscode-server.nixosModules.default + home-manager.nixosModules.home-manager + ./shared/networking.nix + ./shared/locale.nix + ./shared/firewall.nix + ./shared/kde-plasma.nix + ./shared/ssh.nix + ./shared/tailscale.nix + ./hosts/stellapent-cier/configuration.nix + ]; + }; + }; + }; +} \ No newline at end of file diff --git a/.config/nixos/hosts/stellapent-cier/configuration.nix b/.config/nixos/hosts/stellapent-cier/configuration.nix new file mode 100644 index 0000000..c44d7be --- /dev/null +++ b/.config/nixos/hosts/stellapent-cier/configuration.nix @@ -0,0 +1,123 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ pkgs, ... }: + +{ + imports = + [ + ./hardware-configuration.nix + + # We're also importing them below just in case + ../../shared/networking.nix + ../../shared/locale.nix + ../../shared/firewall.nix + ../../shared/kde-plasma.nix + ../../shared/ssh.nix + ../../shared/vscode-extensions.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "stellapent-cier"; # Define your hostname. + #networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking via networkmanager + networking.networkmanager.enable = true; + + # Enable the X11 windowing system. + # You can disable this if you're only using the Wayland session. + services.xserver.enable = true; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "us"; + variant = ""; + }; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # firmware configurations + #hardware.firmware = with pkgs; [ + # (pkgs.fetchurl { + # url = "https://raw.githubusercontent.com/winterheart/broadcom-bt-firmware/refs/heads/master/brcm/BCM43142A0-0a5c-216d.hcd"; + # sha256 = "9ac1e0fac850eec21cda47977858039ffc774d0cfffc6688093a722efc5a3ec0"; + # }) + #]; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # Might be obvious to some since I'm technically roleplaying as + users.users.gildedguy = { + isNormalUser = true; + description = "Gildedguy (Michael Moy)"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; [ + kdePackages.kate + thunderbird + ]; + }; + + # home-manager specifics + home-manager.useUserPackages = true; + home-manager.useGlobalPkgs = true; + home-manager.users.gildedguy = (import ./users/gildedguy.nix); + + # Install firefox. + programs.firefox.enable = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + wget + dig + broadcom-bt-firmware + btop + htop + google-chrome + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.11"; # Did you read the comment? + +} diff --git a/.config/nixos/hosts/stellapent-cier/hardware-configuration.nix b/.config/nixos/hosts/stellapent-cier/hardware-configuration.nix new file mode 100644 index 0000000..988e692 --- /dev/null +++ b/.config/nixos/hosts/stellapent-cier/hardware-configuration.nix @@ -0,0 +1,54 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e3397457-41d2-4bed-9689-27a9ff3ccb51"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/EC7C-6A58"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/22a6f5ea-79d1-4919-b165-50063fd782f5"; + fsType = "ext4"; + }; + + fileSystems."/var/lib/docker" = + { device = "/dev/disk/by-uuid/299133b8-2585-42a4-b7d1-c995d4fc9e19"; + fsType = "ext4"; + }; + + fileSystems."/workspaces" = + { device = "/dev/disk/by-uuid/a8d0810e-4bbf-479d-baea-28b1441ad68f"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20u3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/.config/nixos/hosts/stellapent-cier/users/gildedguy.nix b/.config/nixos/hosts/stellapent-cier/users/gildedguy.nix new file mode 100644 index 0000000..808aa80 --- /dev/null +++ b/.config/nixos/hosts/stellapent-cier/users/gildedguy.nix @@ -0,0 +1,211 @@ +{ pkgs, lib, ... }: + +let + vscExts = (import ../../../shared/vscode-extensions.nix) { + pkgs = pkgs; + lib = lib; + }; + #extList = lib.attrsets.mapAttrsToList (name: value: value) vscExts; +in +with pkgs; +{ + # https://fnordig.de/til/nix/home-manager-allow-unfree.html + nixpkgs = { + config = { + allowUnfree = true; + # https://github.com/nix-community/home-manager/issues/2942 + allowUnfreePredicate = (_: true); + }; + }; + + # Home Manager needs a bit of information about you and the paths it should + # manage. Also don't ask how we got here on the roleplaying part. + home.username = "gildedguy"; + home.homeDirectory = "/home/gildedguy"; + + # This value determines the Home Manager release that your configuration is + # compatible with. This helps avoid breakage when a new Home Manager release + # introduces backwards incompatible changes. + # + # You should not change this value, even if you update Home Manager. If you do + # want to update the value, then make sure to first check the Home Manager + # release notes. + home.stateVersion = "24.11"; # Please read the comment before changing. + + # The home.packages option allows you to install Nix packages into your + # environment. + home.packages = with pkgs; [ + # # Adds the 'hello' command to your environment. It prints a friendly + # # "Hello, world!" when run. + # pkgs.hello + + # # It is sometimes useful to fine-tune packages, for example, by applying + # # overrides. You can do that directly here, just don't forget the + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of + # # fonts? + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) + + # # You can also create simple shell scripts directly inside your + # # configuration. For example, this adds a command 'my-hello' to your + # # environment: + # (pkgs.writeShellScriptBin "my-hello" '' + # echo "Hello, ${config.home.username}!" + # '') + + ## devtools ## + # https://httpie.io + httpie + # https://devenv.sh + devenv + # https://cli.github.com + gh + # bet we'll going to have a field day since Copilot is now available for free + # (this is seperate from the gh copilot extension for those asking) + # context: https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/ + github-copilot-cli + # markdownlint + markdownlint-cli + # https://doppler.com + doppler + + ## programming languages + deno + nodejs_22 + python313 + pipx + pipenv + + ## language servers ## + # nix language server - https://github.com/oxalica/nil + nil + # https://github.com/alesbrelih/gitlab-ci-ls + gitlab-ci-ls + ]; + + home.sessionPath = [ + "$HOME/bin" + ]; + + # Home Manager is pretty good at managing dotfiles. The primary way to manage + # plain files is through 'home.file'. + home.file = { + # # Building this configuration will create a copy of 'dotfiles/screenrc' in + # # the Nix store. Activating the configuration will then make '~/.screenrc' a + # # symlink to the Nix store copy. + # ".screenrc".source = dotfiles/screenrc; + + # # You can also set the file content immediately. + # ".gradle/gradle.properties".text = '' + # org.gradle.console=verbose + # org.gradle.daemon.idletimeout=3600000 + # ''; + }; + + # Home Manager can also manage your environment variables through + # 'home.sessionVariables'. These will be explicitly sourced when using a + # shell provided by Home Manager. If you don't want to manage your shell + # through Home Manager then you have to manually source 'hm-session-vars.sh' + # located at either + # + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # /etc/profiles/per-user/gildedguy/etc/profile.d/hm-session-vars.sh + # + home.sessionVariables = { + EDITOR = "nano"; + NIXOS_ALLOW_UNFREE = "1"; # for impure builds + GIT_EDITOR = "code --wait"; + VISUAL = "code --wait"; + DOCKER_BUILDKIT = "1"; + }; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; + + # let me cook with the configs, starting with git + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + lfs = { + enable = true; + }; + userName = "Andrei Jiroh Halili"; + userEmail = "ajhalili2006@andreijiroh.dev"; + aliases = { + signoff = "commit --signoff"; + amend = "commit -a --amend"; + remotes = "remote -v"; + root = "rev-parse --show-toplevel"; + unstage = "restore --staged"; + stats = "status"; + }; + extraConfig = { + format = { + signOff = true; + }; + init = { + defaultBranch = "main"; + }; + + # https://groups.google.com/g/binary-transparency/c/f-BI4o8HZW0 + transfer = { + fsckobjects = true; + }; + fetch = { + fsckobjects = true; + }; + receive = { + fsckobjects = true; + }; + push = { + autoSetupRemote = true; + }; + + + }; + }; + + programs.vscode = { + enable = true; + package = pkgs.vscode; + enableExtensionUpdateCheck = true; + mutableExtensionsDir = true; + # userSettings = { + # "nix.enableLanguageServer" = true; + # "nix.serverPath" = "nil"; + # "window.customTitleBarVisibility" = "auto"; + # "window.titleBarStyle" = "custom"; + # "window.menuBarVisibility" = "classic"; + # "redhat.telemetry.enabled" = true; + # "github.copilot.editor.enableAutoCompletions" = false; + # "github.copilot.chat.followUps" = "always"; + # "github.copilot.chat.terminalChatLocation" = "terminal"; + # "git.confirmSync" = false; + # "microsoft-authentication.implementation" = "msal"; + # "workbench.colorTheme" = "GitHub Dark Colorblind (Beta)"; + # "workbench.iconTheme" = "material-icon-theme"; + # "workbench.productIconTheme" = "material-product-icons"; + # }; + # Note that not all extensions are available over gh:NixOS/nixpkgs repo, but + # we'll work on that soon. + extensions = with vscExts; [ + pkief.material-icon-theme + pkief.material-product-icons + github.github-vscode-theme + wakatime.vscode-wakatime + doppler.doppler-vscode + eamodio.gitlens + vivaxy.vscode-conventional-commits + denoland.vscode-deno + jnoortheen.nix-ide + #redhat.vscode-yaml + unifiedjs.vscode-mdx + ]; + }; +} diff --git a/.config/nixos/shared/firewall.nix b/.config/nixos/shared/firewall.nix new file mode 100644 index 0000000..2e9404d --- /dev/null +++ b/.config/nixos/shared/firewall.nix @@ -0,0 +1,27 @@ +{ ... }: + +{ + # Open ports in the firewall. + networking.firewall.allowedTCPPortRanges = [ + { from = 1714; to = 1764; } + ]; + networking.firewall.allowedUDPPortRanges = [ + { from = 1714; to = 1764; } + ]; + networking.firewall.allowTCPPorts = [ + 22 + 80 + 443 + 3000 + 8000 + ]; + networking.firewall.allowUDPPorts = [ + 22 + 80 + 443 + 3000 + 8000 + ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; +} \ No newline at end of file diff --git a/.config/nixos/shared/kde-plasma.nix b/.config/nixos/shared/kde-plasma.nix new file mode 100644 index 0000000..f7e5610 --- /dev/null +++ b/.config/nixos/shared/kde-plasma.nix @@ -0,0 +1,10 @@ +{ ... }: + +{ + # Enable the KDE Plasma Desktop Environment. + services.displayManager.sddm.enable = true; + services.desktopManager.plasma6.enable = true; + + # Also enable KDE Connect + programs.kdeconnect.enable = true; +} \ No newline at end of file diff --git a/.config/nixos/shared/locale.nix b/.config/nixos/shared/locale.nix new file mode 100644 index 0000000..ff4fd88 --- /dev/null +++ b/.config/nixos/shared/locale.nix @@ -0,0 +1,20 @@ +{ ... }: + +{ + # Set your time zone. + time.timeZone = "Asia/Manila"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_PH.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_PH.UTF-8"; + LC_IDENTIFICATION = "en_PH.UTF-8"; + LC_MEASUREMENT = "en_PH.UTF-8"; + LC_MONETARY = "en_PH.UTF-8"; + LC_NAME = "en_PH.UTF-8"; + LC_NUMERIC = "en_PH.UTF-8"; + LC_PAPER = "en_PH.UTF-8"; + LC_TELEPHONE = "en_PH.UTF-8"; + LC_TIME = "en_PH.UTF-8"; + }; +} \ No newline at end of file diff --git a/.config/nixos/shared/meta-configs.nix b/.config/nixos/shared/meta-configs.nix new file mode 100644 index 0000000..03f1d6e --- /dev/null +++ b/.config/nixos/shared/meta-configs.nix @@ -0,0 +1,18 @@ +# This is the meta config file for nixpkgs and nix cli + +{ ... }: + +{ + # Adopted from https://fnordig.de/til/nix/home-manager-allow-unfree.html, + # but we'll also enable it system-wide too. + nixpkgs = { + config = { + allowUnfree = true; + # https://github.com/nix-community/home-manager/issues/2942 + allowUnfreePredicate = (_: true); + }; + }; + + # Enable the Flakes feature and the accompanying new nix command-line tool + nix.settings.experimental-features = [ "nix-command" "flakes" ]; +} \ No newline at end of file diff --git a/.config/nixos/shared/networking.nix b/.config/nixos/shared/networking.nix new file mode 100644 index 0000000..da63c69 --- /dev/null +++ b/.config/nixos/shared/networking.nix @@ -0,0 +1,18 @@ +{ ... }: + +{ + # Do a lot of systemd-resolved related chores + networking.nameservers = [ + "45.90.28.0#c393f6.dns.nextdns.io" + "45.90.30.0#c393f6.dns.nextdns.io" + ]; + + services.resolved = { + enable = true; + dnssec = "false"; # https://superuser.com/a/1493674 + domains = [ "~." "fawn-cod.ts.net" ]; + # Use Cloudflare DNS resolver as fallback if things go wrong. + fallbackDns = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ]; + dnsovertls = "true"; + }; +} \ No newline at end of file diff --git a/.config/nixos/shared/ssh.nix b/.config/nixos/shared/ssh.nix new file mode 100644 index 0000000..954929a --- /dev/null +++ b/.config/nixos/shared/ssh.nix @@ -0,0 +1,15 @@ +# To use this shared NixOS configuration for OpenSSH, just import this file +# on your NixOS configuration. + +{...}: + +{ + programs.openssh = { + enable = true; + settings = { + PermitRootLogin = "prohibit-password"; + }; + }; + + programs.mosh.enable = true; +} \ No newline at end of file diff --git a/.config/nixos/shared/tailscale.nix b/.config/nixos/shared/tailscale.nix new file mode 100644 index 0000000..3bf8431 --- /dev/null +++ b/.config/nixos/shared/tailscale.nix @@ -0,0 +1,17 @@ +# This Nix file contains the Tailscale configuration here +# in NixOS, mostly on the side of the daemon and its related +# configurations. + +{ ... }: + +{ + services.tailscale = { + enable = true; + useRoutingFeatures = true; + openFirewall = true; + disableTaildrop = false; + extraDaemonFlags = [ + "--verbose 3" + ]; + }; +} \ No newline at end of file diff --git a/.config/nixos/shared/vscode-extensions.nix b/.config/nixos/shared/vscode-extensions.nix new file mode 100644 index 0000000..c453110 --- /dev/null +++ b/.config/nixos/shared/vscode-extensions.nix @@ -0,0 +1,77 @@ +{ pkgs, lib }: + +let + inherit (pkgs.stdenv) isDarwin isLinux isi686 isx86_64 isAarch32 isAarch64; + vscode-utils = pkgs.vscode-utils; + merge = lib.attrsets.recursiveUpdate; +in +merge + (merge + (merge + (merge + { + "eamodio"."gitlens" = vscode-utils.extensionFromVscodeMarketplace { + name = "gitlens"; + publisher = "eamodio"; + version = "2024.12.2404"; + sha256 = "0wc0hqaxf5sh9wjsx29mnl6i8bf2jhsi4a1hshwiwm08p6lhg4fv"; + }; + "pkief"."material-icon-theme" = vscode-utils.extensionFromVscodeMarketplace { + name = "material-icon-theme"; + publisher = "pkief"; + version = "5.16.0"; + sha256 = "0ggwj2y84dyqhzl9kisddx64559bkhnfv94zxz6zcqyfq0vpycng"; + }; + "wakatime"."vscode-wakatime" = vscode-utils.extensionFromVscodeMarketplace { + name = "vscode-wakatime"; + publisher = "wakatime"; + version = "25.0.0"; + sha256 = "1c5ilsj8zvcrhvh3gb9wbgz8llfkjgxnv39r12a3iyy3fvdg5zlz"; + }; + "github"."github-vscode-theme" = vscode-utils.extensionFromVscodeMarketplace { + name = "github-vscode-theme"; + publisher = "github"; + version = "6.3.5"; + sha256 = "0jj7bp5iadrm2h75pdn96z0wzygv0sfa93karvlqlwagh2hrvrkl"; + }; + "denoland"."vscode-deno" = vscode-utils.extensionFromVscodeMarketplace { + name = "vscode-deno"; + publisher = "denoland"; + version = "3.43.1"; + sha256 = "0lna1znrbsdggzp6mx079461p21ngwgqz6mb7i3d0bnpxb844x3a"; + }; + "unifiedjs"."vscode-mdx" = vscode-utils.extensionFromVscodeMarketplace { + name = "vscode-mdx"; + publisher = "unifiedjs"; + version = "1.8.12"; + sha256 = "0afzx5i6bw7hmm4f8vdvx6a6mx053gmvc0gn78fz94b6fyaijsl7"; + }; + "pkief"."material-product-icons" = vscode-utils.extensionFromVscodeMarketplace { + name = "material-product-icons"; + publisher = "pkief"; + version = "1.7.1"; + sha256 = "1g75m55fc6nnfazpgmjxc48kw8abv85sglmmmjglwwgwi0di2xlj"; + }; + "vivaxy"."vscode-conventional-commits" = vscode-utils.extensionFromVscodeMarketplace { + name = "vscode-conventional-commits"; + publisher = "vivaxy"; + version = "1.26.0"; + sha256 = "1n414wwd6my4xjmh55b6l0s8bqadnq35ya1isxvdi6yabapbwg9f"; + }; + "jnoortheen"."nix-ide" = vscode-utils.extensionFromVscodeMarketplace { + name = "nix-ide"; + publisher = "jnoortheen"; + version = "0.3.5"; + sha256 = "12sg67mn3c8mjayh9d6y8qaky00vrlnwwx58v1f1m4qrbdjqab46"; + }; + "doppler"."doppler-vscode" = vscode-utils.extensionFromVscodeMarketplace { + name = "doppler-vscode"; + publisher = "doppler"; + version = "0.0.10"; + sha256 = "1cqaxnf45in44i4za36diirgh1q5rkmk27is9h6zgnmgl2i9awa7"; + }; + } + (lib.attrsets.optionalAttrs (isLinux && (isi686 || isx86_64)) { })) + (lib.attrsets.optionalAttrs (isLinux && (isAarch32 || isAarch64)) { })) + (lib.attrsets.optionalAttrs (isDarwin && (isi686 || isx86_64)) { })) + (lib.attrsets.optionalAttrs (isDarwin && (isAarch32 || isAarch64)) { }) diff --git a/.nix-channels b/.nix-channels new file mode 100644 index 0000000..4417f45 --- /dev/null +++ b/.nix-channels @@ -0,0 +1,2 @@ +https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager +https://channels.nixos.org/nixos-unstable nixos