talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: talexander:main
Branches Tags
talexander:main
talexander:nix
talexander:upstream_amd_debug_tools
talexander:install_files_mixin
talexander:starship
talexander:pixelbook
..
compare: talexander:starship
Branches Tags
talexander:nix
talexander:upstream_amd_debug_tools
talexander:main
talexander:install_files_mixin
talexander:starship
talexander:pixelbook

212 Commits
main ... starship

Author SHA1 Message Date
Tom Alexander
9513882870
Still not working. 2025-01-27 20:38:45 -05:00
Tom Alexander
71a6843b37
Same issue with package based on 2ship2harkinian. 2025-01-27 19:26:38 -05:00
Tom Alexander
7d9d1ca80e
Add a package for starship (Star Fox 64). 2025-01-27 19:26:38 -05:00
Tom Alexander
2f2d33296b
Persist ares data. 2025-01-26 19:04:17 -05:00
Tom Alexander
2c1cf54de0
Update packages. 2025-01-26 18:55:53 -05:00
Tom Alexander
65be133ffe
Update lanzaboote. 2025-01-26 16:57:18 -05:00
Tom Alexander
ee47c3cfa3
Enable debugging on ath12k. 2025-01-26 10:11:53 -05:00
Tom Alexander
ff8bb0653b
Enable bluetooth on odo. 2025-01-25 21:28:14 -05:00
Tom Alexander
ff98873b32
Persist save data for ship of harkinian and 2ship2harkinian. 2025-01-25 21:22:55 -05:00
Tom Alexander
67ad4e2dff
Persist sm64ex save data. 2025-01-25 20:47:48 -05:00
Tom Alexander
60452b0aeb
Persist the nix-index index. 2025-01-25 20:22:41 -05:00
Tom Alexander
e043320e5c
Clean up experiments in the gpg role. 2025-01-25 19:35:05 -05:00
Tom Alexander
2f8c4fbfe8
Disable verbose logging for gpg. 2025-01-25 19:10:48 -05:00
Tom Alexander
233bf4e967
Put the sleep back into wireguard. 2025-01-25 17:58:56 -05:00
Tom Alexander
f7adfaf54d
Update lockfile. 2025-01-25 16:28:53 -05:00
Tom Alexander
78c9dec4c4
Disable rom name override. 
The latest nixpkgs does not support overriding the name so I am removing it now for compatibility.
 2025-01-25 16:22:04 -05:00
Tom Alexander
53c12a5b1e
Add sshjail as an ansible plugin. 2025-01-25 15:30:30 -05:00
Tom Alexander
7d94210d8f
Add cmake support to emacs. 2025-01-25 10:20:22 -05:00
Tom Alexander
1ebf31dc11
Remove sleep from wireguard service. 2025-01-25 10:20:22 -05:00
Tom Alexander
82c30bdb77
Add a role for 2ship2harkinian (Majora's Mask). 2025-01-24 21:25:41 -05:00
Tom Alexander
d5e7fdd097
Add bsdtar. 2025-01-24 20:58:03 -05:00
Tom Alexander
40fd7931d0
Add a persist folder for the talexander user. 2025-01-24 20:36:37 -05:00
Tom Alexander
835fd340a2
Add role for Ocarina of Time (shipwright). 2025-01-24 20:23:49 -05:00
Tom Alexander
94ef9ff3c8
Add role to build sm64ex. 2025-01-24 20:08:10 -05:00
Tom Alexander
62d3c010f5
Install nix-tree. 2025-01-24 19:01:51 -05:00
Tom Alexander
e9e792961c
Add a not-working snippet to show where system packages are imported. 2025-01-24 18:53:57 -05:00
Tom Alexander
281dffc9c0
Do not install foot. 2025-01-24 18:42:57 -05:00
Tom Alexander
5bd67bb02a
Move defaultPackages into the reset role. 2025-01-24 18:36:14 -05:00
Tom Alexander
4a76097a5e
Refactor the wireguard role to use lib.mkMerge. 2025-01-24 17:59:07 -05:00
Tom Alexander
facfd01661
Make zsh install conditional. 2025-01-23 21:55:22 -05:00
Tom Alexander
2ce4520cd6
Make zrepl a conditional install. 2025-01-23 21:52:50 -05:00
Tom Alexander
814769b3e9
Do not install waybar on neelix. 2025-01-23 21:43:08 -05:00
Tom Alexander
6424129da3
Do not install wasm role on neelix. 2025-01-23 21:41:08 -05:00
Tom Alexander
415edbad91
Do not install vscode on neelix. 2025-01-23 21:39:57 -05:00
Tom Alexander
a773f94593
Do not install vnc client on neelix. 2025-01-23 21:37:16 -05:00
Tom Alexander
226610c926
Do not install steam or terraform on neelix. 2025-01-23 21:37:15 -05:00
Tom Alexander
7c6afef2bb
Do not install pavucontrol on non-graphical installs. 2025-01-23 21:25:19 -05:00
Tom Alexander
55654fafb1
Do not install rust on neelix. 2025-01-23 21:21:37 -05:00
Tom Alexander
8946868fd6
Do not install qemu on neelix. 2025-01-23 21:18:57 -05:00
Tom Alexander
cd8e9002d0
Do not install python on neelix. 2025-01-23 21:15:48 -05:00
Tom Alexander
e1a274c88e
Do not install media role on neelix. 2025-01-23 21:06:11 -05:00
Tom Alexander
cdc4bdffb6
Git buildEnv is failing. 2025-01-23 20:59:39 -05:00
Tom Alexander
9b9a103e49
Do not install gnome-firmware on non-graphical installs. 2025-01-23 20:46:03 -05:00
Tom Alexander
ea7bf809fc
Do not install the launch keyboard configurator on neelix or non-graphical installs. 2025-01-23 20:42:22 -05:00
Tom Alexander
88a6d046b8
Do not install LaTeX on neelix. 2025-01-23 20:38:54 -05:00
Tom Alexander
d8e16f0b05
Do not install kubernetes clients on neelix. 2025-01-23 20:35:28 -05:00
Tom Alexander
e3fee206a1
Don't install kanshi on non-graphical installs. 2025-01-23 20:20:08 -05:00
Tom Alexander
3be710b4ad
Install meld to git's path when doing a graphical install. 2025-01-23 20:07:23 -05:00
Tom Alexander
b37f8a8e1a
Do not install my git config on neelix. 2025-01-23 19:55:13 -05:00
Tom Alexander
509cceb220
Only install fonts in graphical installs. 2025-01-23 19:48:25 -05:00
Tom Alexander
47408cfce0
Do not install firefox on neelix. 2025-01-23 19:14:25 -05:00
Tom Alexander
812dc40257
Do not install docker on neelix. 2025-01-23 19:09:59 -05:00
Tom Alexander
0e370c0d62
Do not install chromium or catt on neelix. 2025-01-23 19:04:19 -05:00
Tom Alexander
0598c796b7
Do not install ares on neelix. 2025-01-23 18:53:36 -05:00
Tom Alexander
df2efb728d
Don't install alacritty on neelix or non-graphical installs. 2025-01-23 18:47:03 -05:00
Tom Alexander
62fc955b68
Merge branch 'plainmacs' into nix 2025-01-23 18:44:30 -05:00
Tom Alexander
e0644a069d
Add support for non-graphical emacs. 2025-01-23 01:52:56 -05:00
Tom Alexander
054e056d00
Switch to buildEnv instead of symlinkJoin for better control over the joining process. 2025-01-23 01:52:56 -05:00
Tom Alexander
d3ea8b3667
Introduce a plainmacs emacs install flavor. 2025-01-22 21:01:34 -05:00
Tom Alexander
3f945f8ae3
Merge branch 'neelix' into nix 2025-01-22 20:29:12 -05:00
Tom Alexander
93c4aa4c76
Clean up the host-specific configs. 2025-01-22 20:28:58 -05:00
Tom Alexander
4664804d90
Comment out the kodi configs so they remain mutable until I've made a config I like. 2025-01-22 20:12:50 -05:00
Tom Alexander
edc48d00a2
Add some config files. 2025-01-21 23:07:05 -05:00
Tom Alexander
37aa0e6732
Add a bluetooth role. 2025-01-21 22:19:28 -05:00
Tom Alexander
a739728d41
Add neelix public key to sftp server. 2025-01-21 21:23:21 -05:00
Tom Alexander
48c5aebd82
Install jmespath for ansible. 2025-01-21 20:56:48 -05:00
Tom Alexander
c33a1b6c50
Set up memtest86 on neelix. 2025-01-20 22:50:44 -05:00
Tom Alexander
368c455b7f
Persist ssh keys for kodi user. 2025-01-20 22:38:54 -05:00
Tom Alexander
5a5d34911c
Add /etc/hosts entry for neelix. 2025-01-20 21:00:35 -05:00
Tom Alexander
d0c1bb1b65
Do not install sway on neelix. 2025-01-20 20:14:59 -05:00
Tom Alexander
9d49eb9d6a
Add an empty kodi role. 2025-01-20 19:40:54 -05:00
Tom Alexander
ccbc999744
Add a global options role. 2025-01-20 19:27:49 -05:00
Tom Alexander
d537aa599b
Stop the sway-session.target when exiting sway. 2025-01-20 18:43:54 -05:00
Tom Alexander
95d06dfe0e
Enable memtest86 when building the ISO. 2025-01-20 18:43:54 -05:00
Tom Alexander
f2adb9328b
Build zfs into the ISO image. 2025-01-20 18:43:54 -05:00
Tom Alexander
7bc6e0c470
Add a config for neelix. 2025-01-20 18:43:54 -05:00
Tom Alexander
99edb2d161
Use full emacs for e alias. 2025-01-19 23:15:33 -05:00
Tom Alexander
938f8676ff
Add chromecast support. 2025-01-19 13:44:01 -05:00
Tom Alexander
d365b6aea9
Add ncdu to inspect disk usage. 2025-01-19 11:05:00 -05:00
Tom Alexander
8d911ff893
Wrap tofi without forcing a rebuild. 2025-01-19 10:53:54 -05:00
Tom Alexander
2aca77ea1a
Merge branch 'emacs_refactor' into nix 2025-01-19 10:16:27 -05:00
Tom Alexander
1b342d3402
Switch from buildEnv to symlinkJoin to keep dependencies out of the system path. 2025-01-19 10:09:49 -05:00
Tom Alexander
9976e232e6
Move packages out of systemPackages and into the emacs_full package. 2025-01-18 23:11:35 -05:00
Tom Alexander
3baf18f435
Install aspell into the emacs_full environment. 2025-01-18 22:53:09 -05:00
Tom Alexander
e00331bf94
Wrap emacs settings in a mkMerge. 2025-01-18 21:26:17 -05:00
Tom Alexander
8e22d8febb
Switch to a 300hz tickless kernel and enable BBR. 
Aside from BBR, these settings are copied from arch linux.
 2025-01-18 20:15:20 -05:00
Tom Alexander
ed0d1e41d6
Add a notification daemon. 2025-01-18 18:44:00 -05:00
Tom Alexander
2c27d580f4
Add a mode to force focus a window. 2025-01-18 18:40:08 -05:00
Tom Alexander
75ac4b91f3
Add screenshot / screen recording. 2025-01-18 18:33:46 -05:00
Tom Alexander
9abe43096b
Add swaylock. 2025-01-18 18:13:30 -05:00
Tom Alexander
1535800e2f
Replace wofi with tofi. 2025-01-18 17:39:51 -05:00
Tom Alexander
dcffced35a
Add rofimoji. 2025-01-18 14:32:44 -05:00
Tom Alexander
1da36ab7c5
Remove unused portion of zshrc. 
I will probably move to a similar import system to what I am doing with sway.
 2025-01-18 13:18:06 -05:00
Tom Alexander
c694c6ae4c
Make zsh-histdb use sqlite3 directly instead of depending on systemPackages. 2025-01-18 13:12:24 -05:00
Tom Alexander
f524aa168a
Stick with imv instead of swayimg. 2025-01-18 12:16:11 -05:00
Tom Alexander
308206d1cc
Launch a terminal at boot in the live ISO. 2025-01-18 11:55:12 -05:00
Tom Alexander
8ac235cb8c
Move disabling wifi power saving to a host-specific file. 2025-01-18 11:48:53 -05:00
Tom Alexander
5170678a25
Don't garbage collect in a built ISO. 
The ISO is immutable so garbage collection does not make sense.
 2025-01-18 11:33:39 -05:00
Tom Alexander
19cf31b094
Move a zfs setting into the zfs role. 2025-01-18 11:14:19 -05:00
Tom Alexander
4f0024c4f9
Move some graphics bits into the graphics role. 2025-01-18 11:00:30 -05:00
Tom Alexander
41138ab34a
Update to the new secureboot location. 2025-01-18 10:54:34 -05:00
Tom Alexander
f9b18809f9
An update fixed firefox's launch time. 2025-01-17 22:42:57 -05:00
Tom Alexander
fefe46b512
Remove kvm-amd from boot.kernelModules. 2025-01-17 21:36:34 -05:00
Tom Alexander
b4947bcff6
Add vnc client. 2025-01-17 20:30:16 -05:00
Tom Alexander
14baaddcff
Persist factorio data. 2025-01-17 19:07:54 -05:00
Tom Alexander
1c8f2f1c74
Switch back to regular linux. 2025-01-17 18:55:59 -05:00
Tom Alexander
1bfe24f457
Remove duplicate entry for xdg-desktop-portal-wlr. 2025-01-16 20:51:17 -05:00
Tom Alexander
08feb8bad6
Add more tracing commands. 2025-01-15 21:12:28 -05:00
Tom Alexander
cb3b01a74c
Blacklist hardward watchdog for AMD 700 chipset series for power savings. 2025-01-15 21:01:30 -05:00
Tom Alexander
0e95edd8e7
Switch to unstable. 2025-01-15 21:00:57 -05:00
Tom Alexander
d172b1dea2
Add some wasm utilities. 2025-01-14 23:57:24 -05:00
Tom Alexander
2a97a1ee92
Add vscode role. 2025-01-14 23:57:24 -05:00
Tom Alexander
ba4085df1a
Add terraform. 2025-01-14 23:17:26 -05:00
Tom Alexander
7c542364a2
Add firmware updating through fwupd via the Linux Vendor firmware Service (LVFS). 2025-01-14 22:42:52 -05:00
Tom Alexander
0299ebcb43
Add nvme role. 2025-01-14 21:51:53 -05:00
Tom Alexander
c23245b97c
Add TODO. 2025-01-14 21:40:38 -05:00
Tom Alexander
491412c33c
Add seatd. 2025-01-14 21:10:03 -05:00
Tom Alexander
5a5839482d
Add support for the system76 launch keyboard configurator. 2025-01-14 20:16:06 -05:00
Tom Alexander
63408f5664
Set up latex. 2025-01-14 18:04:04 -05:00
Tom Alexander
d338b77d23
Install sshfs. 2025-01-14 17:56:29 -05:00
Tom Alexander
ce9140aa73
Add role for zrepl. 2025-01-13 17:59:03 -05:00
Tom Alexander
dbf3f2e983
Disable the fallback DNS servers. 2025-01-13 17:43:38 -05:00
Tom Alexander
0ca26e73fb
Add more firefox extensions. 2025-01-12 22:43:23 -05:00
Tom Alexander
0fb53a4294
Add preparations for the new location for secureboot keys. 2025-01-12 21:17:47 -05:00
Tom Alexander
4019e6d132
Fix buildkit access to SSH agent. 2025-01-12 21:17:47 -05:00
Tom Alexander
8b1e76d9d7
Add a script to resume a zfs send/recv. 2025-01-12 19:55:15 -05:00
Tom Alexander
477637ae62
Add a script to test fetching PGP keys from a Web Key Directory (WKD). 2025-01-12 18:29:48 -05:00
Tom Alexander
5146a114eb
Introduce a variable for sway includes and disable relatime on the zfs legacy mounts. 2025-01-12 15:39:46 -05:00
Tom Alexander
a817464b38
Preserve steam directories. 2025-01-11 22:36:09 -05:00
Tom Alexander
1acf889c68
Instll steam and the zfs_clone_send / zfs_clone_recv scripts. 2025-01-11 13:48:46 -05:00
Tom Alexander
af07d43c18
Add asian fonts. 2025-01-11 12:50:13 -05:00
Tom Alexander
33f13d898d
Switch to ares instead of bsnes. 2025-01-11 12:09:02 -05:00
Tom Alexander
47d9e203f3
Add media role. 2025-01-10 22:54:32 -05:00
Tom Alexander
1a2ff987fe
Add fw-ectool to framework laptop. 2025-01-09 23:31:27 -05:00
Tom Alexander
16480b3749
Switch to ladspa. 2025-01-09 21:32:37 -05:00
Tom Alexander
0d3901788d
Installing ccid and libusb-compat does not fix it. 2025-01-09 19:04:44 -05:00
Tom Alexander
a3cb2c8632
Add kanshi. 2025-01-09 18:14:45 -05:00
Tom Alexander
6b9660bc44
Switch to mono noise suppression for voice and disable vulkan for chromium. 2025-01-09 17:56:46 -05:00
Tom Alexander
5c41b7efa2
Update software. 2025-01-08 21:43:39 -05:00
Tom Alexander
ead5db241e
Install packages needed to run amd_s2idle. 2025-01-07 23:02:22 -05:00
Tom Alexander
8b074617e8
Use Adwaita cursor theme. 2025-01-06 19:34:28 -05:00
Tom Alexander
13970b53ad
Only decrypt the nix zfs dataset. 2025-01-06 19:21:20 -05:00
Tom Alexander
13d7319a0f
Add nix-index. 2025-01-06 14:32:07 -05:00
Tom Alexander
bd9a85efd3
Add klog alias. 2025-01-05 15:43:23 -05:00
Tom Alexander
4a4c54def4
Disable DNS settings for hotel. 2025-01-02 22:50:55 -05:00
Tom Alexander
18d372c8ee
Revert "Switching to a home-manager config did not fix it." 
This reverts commit 4599b38ebf5e36495c50ed73ee4149ddc3378841.
 2025-01-02 10:27:25 -05:00
Tom Alexander
4599b38ebf
Switching to a home-manager config did not fix it. 2025-01-02 10:27:21 -05:00
Tom Alexander
04a95a2543
More failed attempts to get gpg working. 2025-01-02 09:43:00 -05:00
Tom Alexander
7c5f14ee61
Persist kubernetes client config. 2025-01-02 09:03:19 -05:00
Tom Alexander
d49f12f58f
Enable panel replay. 2025-01-01 19:59:02 -05:00
Tom Alexander
936d3bc34d
Add rust. 2025-01-01 19:16:08 -05:00
Tom Alexander
1b34841921
Comment out specific version of gpg. 2025-01-01 18:43:29 -05:00
Tom Alexander
611904761e
Add kubernetes client. 2025-01-01 18:43:29 -05:00
Tom Alexander
f843b7924f
Add docker. 2025-01-01 18:29:27 -05:00
Tom Alexander
7bb7b89b82
Try a specific version of gpg. 2025-01-01 13:35:29 -05:00
Tom Alexander
c1103775b6
Keep 30 days of /nix. 2025-01-01 13:31:45 -05:00
Tom Alexander
24d89ed704
Default to power-saving mode. 2024-12-31 12:51:23 -05:00
Tom Alexander
e8dff5ece1
Set up wireguard networks using functions. 2024-12-31 11:04:24 -05:00
Tom Alexander
e22b5c1c6c
Add power management kernel parameters. 2024-12-31 10:27:15 -05:00
Tom Alexander
d9bc4f15d8
Add powertop. 2024-12-31 07:44:02 -05:00
Tom Alexander
77ae96ca7a
Set up python. 2024-12-31 07:37:48 -05:00
Tom Alexander
d2f908005c
Persist the .ssh known_hosts. 2024-12-31 07:00:41 -05:00
Tom Alexander
5e74a874ba
Persist sound settings (for example, muted status) and do not enable wireguard in built ISO. 2024-12-29 15:45:52 -05:00
Tom Alexander
fe820e5843
Move remaining nix configs into folders. 2024-12-29 15:27:03 -05:00
Tom Alexander
81315e4c7b
Add a snes emulator. 2024-12-29 15:12:31 -05:00
Tom Alexander
ce8718b042
Add wgh wireguard network. 2024-12-28 21:05:45 -05:00
Tom Alexander
720164497d
More attempts to fix gpg decrypt with yubikey. 2024-12-27 20:53:43 -05:00
Tom Alexander
0b31b91c69
Set up wireguard. 2024-12-27 15:44:00 -05:00
Tom Alexander
2ef181cfab
Attempt to fix gpg decrypt with yubikey. Did not succeed. 2024-12-27 13:09:13 -05:00
Tom Alexander
5a3450fdf8
Add gvfs and git-crypt. 2024-12-26 21:28:31 -05:00
Tom Alexander
aae534308a
Add noise supression to microphone. 2024-12-25 09:17:30 -05:00
Tom Alexander
cbd8f70ce4
Merge branch 'zsh' into nix 2024-12-25 09:17:23 -05:00
Tom Alexander
64d495afa5
Use zsh-histdb package. 2024-12-23 17:28:31 -05:00
Tom Alexander
5e424b35e4
Make a zsh-histdb package. 2024-12-23 15:41:45 -05:00
Tom Alexander
7decd40844
Switch to zsh. 2024-12-23 11:14:18 -05:00
Tom Alexander
9c0f3ce601
Use dark themes. 2024-12-23 10:56:57 -05:00
Tom Alexander
e09eea2049
Switch to zen kernel optimized for znver4. 2024-12-23 10:00:01 -05:00
Tom Alexander
5d23126205
Enable secure boot. 2024-12-22 22:03:03 -05:00
Tom Alexander
748e6dee68
Set firefox as default browser. 2024-12-22 16:14:12 -05:00
Tom Alexander
27aa2f077b
Set up chromium with support for wayland and widevine. 2024-12-22 00:48:57 -05:00
Tom Alexander
69098488f6
Switch to a raw file for fontconfig. 2024-12-21 17:15:54 -05:00
Tom Alexander
14e6e78aee
Add the waybar scripts. 2024-12-21 16:25:40 -05:00
Tom Alexander
a0f9f4baa4
Set up waybar and building ISOs. 2024-12-21 15:46:05 -05:00
Tom Alexander
a7f3754d25
Add more sway config files. 2024-12-20 23:03:51 -05:00
Tom Alexander
54c8459fa1
Switch to vulkan renderer for sway. 2024-12-20 22:45:09 -05:00
Tom Alexander
e26118af4f
Reformat all nix files. 2024-12-20 22:37:44 -05:00
Tom Alexander
764a8c58ce
Add alias for emacs. 2024-12-20 22:36:32 -05:00
Tom Alexander
8f89f1c6c1
Add alacritty config. 2024-12-20 21:59:20 -05:00
Tom Alexander
862829c57c
Preserve firefox cache. 2024-12-20 21:38:19 -05:00
Tom Alexander
aba96213c3
Enable the nixd language server in emacs. 2024-12-20 21:19:22 -05:00
Tom Alexander
e7ab762ee4
Fix firefox launch time. 2024-12-20 21:06:04 -05:00
Tom Alexander
b314982196
Set up firefox. 2024-12-20 18:30:35 -05:00
Tom Alexander
27060fed8d
Preserve gpg directory. 2024-12-20 16:50:27 -05:00
Tom Alexander
20c1c46d12
Set up fonts. 2024-12-20 16:07:12 -05:00
Tom Alexander
3b133ed86c
Do not launch alacritty at the start. 2024-12-20 15:34:02 -05:00
Tom Alexander
0aad0c39f4
Enable wayland support for emacs. 
This unfortunately means pinning to a specific version (or using 3rd party emacs-overlay).
 2024-12-20 15:30:51 -05:00
Tom Alexander
fe1033fa4b
Switch to uid/gid 11235. 2024-12-20 15:22:46 -05:00
Tom Alexander
2ce635d028
Fix emacs config. 2024-12-20 15:03:33 -05:00
Tom Alexander
ba3a6e74eb
Add git config and initial emacs config. 2024-12-20 13:17:13 -05:00
Tom Alexander
7e768022e7 Add hotkeys and window management to sway. 2024-12-19 23:08:19 -05:00
Tom Alexander
a76bd4ebd3 Fix wifi config 2024-12-19 22:20:55 -05:00
Tom Alexander
df89d1b973
Enable redistributable firmware. 2024-12-19 19:52:27 -05:00
Tom Alexander
50811aad77
Set up building an ISO from the config. 2024-12-19 19:36:10 -05:00
Tom Alexander
df3528d62a
Enable graphics acceleration. 2024-12-19 18:59:38 -05:00
Tom Alexander
e97c570bb2
Trust wheel. 2024-12-19 18:09:48 -05:00
Tom Alexander
fbcb0826d2
Extremely minimal sway setup. 2024-12-19 17:33:21 -05:00
Tom Alexander
74499fb6a0
Switch to a different way of building the VM. 2024-12-19 16:28:40 -05:00
Tom Alexander
fbbff409a0
Add a build for a qemu virtual machine. 2024-12-19 16:14:47 -05:00
Tom Alexander
05da118d8f
Start module for sway. 2024-12-19 15:13:56 -05:00
Tom Alexander
033d695fd9
Only set bootloader when in VM. 2024-12-19 15:06:57 -05:00
Tom Alexander
6953cdb81f
Set up a minimal initial config. 2024-12-17 16:46:44 -05:00
Tom Alexander
48f700b803
Add script for managing nix testing vm. 2024-12-17 16:46:43 -05:00
175 changed files with 9479 additions and 711 deletions
Show Stats Expand all files Collapse all files

2
ansible/environments/colo/host_vars/mrmanager
View File

@ -14,8 +14,6 @@ pf_config: "mrmanager_pf.conf"
pflog_conf:
- name: 0
dev: pflog0
- name: 1
dev: pflog1
cputype: "amd"
hwpstate: true
etc_hosts: {}

2
ansible/playbook.yaml
View File

@ -53,7 +53,7 @@
- javascript
- launch_keyboard
- lvfs
# - restaurant_health_rating
- restaurant_health_rating
- wasm
- noise_suppression

27
ansible/roles/base/files/gitconfig_home
View File

@ -3,52 +3,33 @@
name = Tom Alexander
signingkey = D3A179C9A53C0EDE
[push]
default = simple # (default since 2.0)
default = simple
[alias]
lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit
bh = log --oneline --branches=* --remotes=* --graph --decorate
amend = commit --amend --no-edit
authorcount = shortlog --summary --numbered --all --no-merges
[core]
excludesfile = ~/.gitignore_global
[commit]
gpgsign = true
verbose = true
[pull]
rebase = true
[log]
date = local
[init]
defaultBranch = main
# Use meld for `git difftool` and `git mergetool`
[diff]
tool = meld # Use meld for `git difftool` and `git mergetool`
algorithm = histogram
colorMoved = plain
mnemonicPrefix = true
renames = true
tool = meld
[difftool]
prompt = false
[difftool "meld"]
cmd = meld "$LOCAL" "$REMOTE"
[merge]
tool = meld
conflictStyle = zdiff3
[mergetool "meld"]
# Make the middle pane start with partially-merged contents:
cmd = meld "$LOCAL" "$MERGED" "$REMOTE" --output "$MERGED"
# Make the middle pane start without any merge progress:
# cmd = meld "$LOCAL" "$BASE" "$REMOTE" --output "$MERGED"
[column]
ui = auto
[branch]
sort = -committerdate
[tag]
sort = version:refname
[fetch]
prune = true
pruneTags = true
all = true
[rebase]
autoSquash = true
autoStash = true
updateRefs = false

29
ansible/roles/base/files/gitconfig_work
View File

@ -3,36 +3,31 @@
name = Tom Alexander
signingkey = D3A179C9A53C0EDE
[push]
default = simple # (default since 2.0)
default = simple
[alias]
lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit
bh = log --oneline --branches=* --remotes=* --graph --decorate
amend = commit --amend --no-edit
authorcount = shortlog --summary --numbered --all --no-merges
[core]
excludesfile = ~/.gitignore_global
[commit]
gpgsign = true
verbose = true
[pull]
rebase = true
[log]
date = local
[init]
defaultBranch = main
# Use meld for `git difftool` and `git mergetool`
[diff]
tool = meld # Use meld for `git difftool` and `git mergetool`
algorithm = histogram
colorMoved = plain
mnemonicPrefix = true
renames = true
tool = meld
[difftool]
prompt = false
[difftool "meld"]
cmd = meld "$LOCAL" "$REMOTE"
[merge]
tool = meld
conflictStyle = zdiff3
[mergetool "meld"]
# Make the middle pane start with partially-merged contents:
cmd = meld "$LOCAL" "$MERGED" "$REMOTE" --output "$MERGED"
@ -40,19 +35,3 @@
# cmd = meld "$LOCAL" "$BASE" "$REMOTE" --output "$MERGED"
[includeIf "gitdir:/bridge/"]
path = /bridge/git/machine_setup/ansible/roles/base/files/gitconfig_home
[includeIf "gitdir:/persist/"]
path = /bridge/git/machine_setup/ansible/roles/base/files/gitconfig_home
[column]
ui = auto
[branch]
sort = -committerdate
[tag]
sort = version:refname
[fetch]
prune = true
pruneTags = true
all = true
[rebase]
autoSquash = true
autoStash = true
updateRefs = false

3
ansible/roles/bhyve/files/bhyve_netgraph_bridge.bash
View File

@ -153,7 +153,6 @@ function start_vm {
-D \
-c $CPU_CORES \
-m $MEMORY \
-S \
-H \
-P \
-o 'rtc.use_localtime=false' \
@ -217,7 +216,7 @@ EOF
mkpeer ${host_interface_name}: bridge ether link0
name ${host_interface_name}:ether $bridge_name
EOF
ifconfig "$(ngctl msg "${host_interface_name}:" getifname | grep Args | cut -d '"' -f 2)" name "${host_interface_name}" "$ip_range" up
ifconfig $(ngctl msg "${host_interface_name}:" getifname | grep Args | cut -d '"' -f 2) name "${host_interface_name}" "$ip_range" up
fi
}

459
ansible/roles/bhyve/files/bhyverc.bash
View File

@ -1,459 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
# Share a host directory to the guest via 9pfs.
#
# Inside the VM run:
# mount -t virtfs -o trans=virtio sharename /some/vm/path
# mount -t 9p -o cache=mmap -o msize=512000 sharename /mnt/9p
# mount -t 9p -o trans=virtio,cache=mmap,msize=512000 bind9p /path/to/mountpoint
# bhyve_options="-s 28,virtio-9p,sharename=/"
# Enable Sound
# bhyve_options="-s 16,hda,play=/dev/dsp,rec=/dev/dsp"
# Example usage:
#
# doas bhyverc create-disk zdata/vm/poudriere /vm/poudriere 10
# doas bhyverc start poudriere zdata/vm/poudriere /vm/poudriere /vm/iso/FreeBSD-13.2-RELEASE-amd64-bootonly.iso
# doas bhyverc start poudriere zdata/vm/poudriere /vm/poudriere
: ${VERBOSE:="NO"} # or YES
if [ "$VERBOSE" = "YES" ]; then
set -x
fi
: ${CPU_CORES:="1"}
: ${MEMORY:="1G"}
: ${NETWORK:="NAT"} # or RAW or BOTH
: ${IP_RANGE:="10.215.1.1/24"} # Ignored for RAW networks
: ${INTERFACE_NAME:="jail_nat"} # or the external interface like lagg0 for RAW networks
: ${BRIDGE_NAME:="bridge_$INTERFACE_NAME"} # or bridge_raw for RAW networks
: ${VNC_ENABLE:="NO"}
: ${VNC_LISTEN:="127.0.0.1:5900"}
: ${VNC_WIDTH:="1920"}
: ${VNC_HEIGHT:="1080"}
: ${BIND9P:=""}
: "${CD:=}"
: ${SHUTDOWN_TIMEOUT:="600"} # 10 minutes
############## Setup #########################
function die {
local status_code="$1"
shift
(>&2 echo "${@}")
exit "$status_code"
}
function log {
(>&2 echo "${@}")
}
############## Program #########################
function main {
local cmd
cmd=$1
shift
if [ "$cmd" = "start" ]; then
init
start "${@}"
elif [ "$cmd" = "stop" ]; then
init
stop "${@}"
elif [ "$cmd" = "status" ]; then
init
status "${@}"
elif [ "$cmd" = "console" ]; then
init
console "${@}"
elif [ "$cmd" = "_start_body" ]; then
init
start_body "${@}"
elif [ "$cmd" = "create-disk" ]; then
create_disk "${@}"
else
(>&2 echo "Unknown command: $cmd")
exit 1
fi
}
function start {
local num_vms="$#"
if [ "$num_vms" -eq 0 ]; then
log "No VMs specified."
return 0
fi
while [ "$#" -gt 0 ]; do
local name="$1"
shift 1
log "Starting VM $name."
start_one "$name"
[ "$#" -eq 0 ] || sleep 5
done
}
function start_one {
local name="$1"
local tmux_name="$name"
/usr/local/bin/tmux new-session -d -s "$tmux_name" "$0" "_start_body" "$name"
# /usr/local/bin/tmux new-session -d -s "$tmux_name" "/usr/bin/env VNC_ENABLE=NO VNC_LISTEN=0.0.0.0:5900 /usr/local/bin/bash /home/talexander/launch_opnsense.bash"
}
function launch_pidfile {
local pidfile="$1"
shift 1
mkdir -p "$(dirname "$pidfile")"
cat > "${pidfile}" <<< "$$"
set -x
exec "${@}"
}
export -f launch_pidfile
function stop {
local num_vms="$#"
if [ "$num_vms" -eq 0 ]; then
log "No VMs specified."
return 0
fi
while [ "$#" -gt 0 ]; do
local name="$1"
shift 1
log "Stopping VM $name."
stop_one "$name"
[ "$#" -eq 0 ] || sleep 5
done
}
function stop_one {
local name="$1"
local pidfile="/run/bhyverc/${name}/pid"
if [ ! -e "$pidfile" ]; then
log "Pid file $pidfile does not exist."
return 0
fi
local bhyve_pid
bhyve_pid=$(cat "$pidfile")
if ps -p "$bhyve_pid" >/dev/null; then
# Send ACPI shutdown command
log "Sending ACPI shutdown to ${name}:${bhyve_pid}."
kill -SIGTERM "$bhyve_pid"
fi
local timeout_start timeout_end
timeout_start=$(date +%s)
while ps -p "$bhyve_pid" >/dev/null; do
timeout_end=$(date +%s)
if [ $((timeout_end-timeout_start)) -ge "$SHUTDOWN_TIMEOUT" ]; then
log "${name}:${bhyve_pid} took more than $SHUTDOWN_TIMEOUT seconds to shut down. Hard powering down."
break
fi
log "Waiting for ${name}:${bhyve_pid} to exit."
sleep 2
done
bhyvectl "--vm=$name" --destroy || true
local timeout_start timeout_end
timeout_start=$(date +%s)
while ps -p "$bhyve_pid" >/dev/null; do
timeout_end=$(date +%s)
if [ $((timeout_end-timeout_start)) -ge "$SHUTDOWN_TIMEOUT" ]; then
log "${name}:${bhyve_pid} took more than $SHUTDOWN_TIMEOUT seconds to hard power down. Giving up."
break
fi
log "Waiting for ${name}:${bhyve_pid} to hard power down."
sleep 2
done
rm -f "$pidfile"
log "Finished stopping $name."
}
function status {
local num_vms="$#"
if [ "$num_vms" -gt 0 ]; then
for name in "$@"; do
status_one "$name"
done
else
log "No VMs specified."
fi
}
function status_one {
local name="$1"
local pidfile="/run/bhyverc/${name}/pid"
if [ ! -e "$pidfile" ]; then
log "$name is not running."
return 0
fi
local bhyve_pid
bhyve_pid=$(cat "$pidfile")
if ! ps -p "$bhyve_pid" >/dev/null; then
log "$name is not running."
return 0
fi
log "$name is running as pid $bhyve_pid."
}
function console {
local num_vms="$#"
if [ "$num_vms" -gt 0 ]; then
for name in "$@"; do
log "Attaching to console of VM $name."
console_one "$name"
done
else
log "No VMs specified."
fi
}
function console_one {
local name="$1"
local tmux_name="$name"
exec tmux a -t "$tmux_name"
}
function init {
mkdir -p /run/bhyverc
}
############## Bhyve ###########################
function create_disk {
local zfs_path="$1"
local mount_path="$2"
local gigabytes="$3"
zfs create -o "mountpoint=$mount_path" "$zfs_path"
cp /usr/local/share/edk2-bhyve/BHYVE_UEFI_VARS.fd "${mount_path}/"
tee "${mount_path}/settings" <<EOF
CPU_CORES="$CPU_CORES"
MEMORY="$MEMORY"
NETWORK="$NETWORK"
IP_RANGE="$IP_RANGE"
BRIDGE_NAME="$BRIDGE_NAME"
INTERFACE_NAME="$INTERFACE_NAME"
EOF
zfs create -s "-V${gigabytes}G" -o volmode=dev -o primarycache=metadata -o secondarycache=none "$zfs_path/disk0"
}
function start_body {
local name="$1"
local zfs_path="zdata/vm/$name"
local mount_path="/vm/$name"
local mount_cd="$CD"
if [ -e "${mount_path}/settings" ]; then
source "${mount_path}/settings"
fi
local host_interface_name="$INTERFACE_NAME" # for raw, external interface
local bridge_name="$BRIDGE_NAME"
local ip_range="$IP_RANGE" # for raw this value does not matter
local mac_address
mac_address=$(calculate_mac_address "$name")
local additional_args=()
if [ "$NETWORK" = "NAT" ]; then
assert_bridge "$host_interface_name" "$bridge_name" "$ip_range"
local bridge_link_name=$(detect_available_link "${bridge_name}")
additional_args+=("-s" "2:0,virtio-net,netgraph,path=${bridge_name}:,peerhook=${bridge_link_name},mac=${mac_address}")
elif [ "$NETWORK" = "RAW" ]; then
assert_raw "$host_interface_name" "$bridge_name"
local bridge_link_name=$(detect_available_link "${bridge_name}")
additional_args+=("-s" "2:0,virtio-net,netgraph,path=${bridge_name}:,peerhook=${bridge_link_name},mac=${mac_address}")
elif [ "$NETWORK" = "BOTH" ]; then
assert_bridge "jail_nat" "$bridge_name" "$ip_range"
assert_raw "$host_interface_name" "bridge_raw"
local bridge_link_name=$(detect_available_link "${bridge_name}")
local raw_bridge_link_name=$(detect_available_link "bridge_raw")
local raw_mac_address=$(calculate_mac_address "${name}_raw")
additional_args+=("-s" "2:0,virtio-net,netgraph,path=${bridge_name}:,peerhook=${bridge_link_name},mac=${mac_address}")
additional_args+=("-s" "3:0,virtio-net,netgraph,path=bridge_raw:,peerhook=${raw_bridge_link_name},mac=${raw_mac_address}")
else
die 1 "Unrecognized NETWORK type $NETWORK"
fi
if [ -n "$BIND9P" ]; then
additional_args+=("-s" "28,virtio-9p,bind9p=${BIND9P}")
fi
# -H release the CPU when guest issues HLT instruction. Otherwise 100% of core will be consumed.
# -s 3,ahci-cd,/vm/.iso/archlinux-2023.04.01-x86_64.iso \
# -s 29,fbuf,tcp=0.0.0.0:5900,w=1920,h=1080,wait \
# -s 29,fbuf,tcp=0.0.0.0:5900,w=1920,h=1080 \
# TODO: Look into using nmdm instead of stdio for serial console
if [ -n "$mount_cd" ]; then
additional_args+=("-s" "5,ahci-cd,$mount_cd")
fi
if [ "$VNC_ENABLE" = "YES" ]; then
additional_args+=("-s" "29,fbuf,tcp=$VNC_LISTEN,w=$VNC_WIDTH,h=$VNC_HEIGHT")
fi
vms+=("$name")
while true; do
local pidfile="/run/bhyverc/${name}/pid"
trap "set +e; stop_one '${name}'" EXIT
local launch_cmd=()
launch_cmd+=(
launch_pidfile "$pidfile"
bhyve
-D
-c "$CPU_CORES"
-m "$MEMORY"
-S
-H
-o 'rtc.use_localtime=false'
-s "0,hostbridge"
-s "4,nvme,/dev/zvol/${zfs_path}/disk0"
-s "30,xhci,tablet"
-s "31,lpc" -l "com1,stdio"
-l "bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd,${mount_path}/BHYVE_UEFI_VARS.fd"
"${additional_args[@]}"
"$name"
)
set +e
rm -f "$pidfile"
(
IFS=$' \n\t'
set -ex
bash -c "${launch_cmd[*]}"
)
local exit_code=$?
log "Exit code ${exit_code}"
set -e
if [ $exit_code -eq 0 ]; then
echo "Rebooting."
sleep 5
elif [ $exit_code -eq 1 ]; then
echo "Powered off."
break
elif [ $exit_code -eq 2 ]; then
echo "Halted."
break
elif [ $exit_code -eq 3 ]; then
echo "Triple fault."
break
elif [ $exit_code -eq 4 ]; then
echo "Exited due to an error."
break
fi
done
}
function detect_available_link {
local bridge_name="$1"
local linknum=1
while true; do
local link_name="link${linknum}"
if ! ng_exists "${bridge_name}:${link_name}"; then
echo "$link_name"
return
fi
linknum=$((linknum + 1))
if [ "$linknum" -gt 90 ]; then
(>&2 echo "No available links on bridge $bridge_name")
exit 1
fi
done
}
function assert_bridge {
local host_interface_name="$1"
local bridge_name="$2"
local ip_range="$3"
if ! ng_exists "${bridge_name}:"; then
ngctl -d -f - <<EOF
mkpeer . eiface hook ether
name .:hook $host_interface_name
EOF
ngctl -d -f - <<EOF
mkpeer ${host_interface_name}: bridge ether link0
name ${host_interface_name}:ether $bridge_name
EOF
ifconfig "$(ngctl msg "${host_interface_name}:" getifname | grep Args | cut -d '"' -f 2)" name "${host_interface_name}" "$ip_range" up
fi
}
function assert_raw {
local extif="$1"
local bridge_name="$2"
kldload -n ng_bridge ng_eiface ng_ether
if ! ng_exists "${bridge_name}:"; then
ngctlcat <<EOF
# Create a bridge.
mkpeer $extif: bridge lower link0
# Assign a name to the bridge.
name $extif:lower ${bridge_name}
# Since the host is also using $extif, we need to connect the upper hook also. Otherwise we will lose connectivity.
connect $extif: ${bridge_name}: upper link1
# Enable promiscuous mode so the host ethernet adapter accepts packets for all addresses
msg $extif: setpromisc 1
# Do not overwrite source address on packets
msg $extif: setautosrc 0
EOF
fi
}
function ng_exists {
ngctl status "${1}" >/dev/null 2>&1
}
function calculate_mac_address {
local name="$1"
local source
source=$(md5 -r -s "$name" | awk '{print $1}')
echo "06:${source:0:2}:${source:2:2}:${source:4:2}:${source:6:2}:${source:8:2}"
}
function find_available_port {
local start_port="$1"
local port="$start_port"
while true; do
sockstat -P tcp -p 443
port=$((port + 1))
done
}
function ngctlcat {
if [ "$VERBOSE" = "YES" ]; then
tee /dev/tty | ngctl -d -f -
else
ngctl -d -f -
fi
}
main "${@}"

37
ansible/roles/bhyve/files/bhyverc.sh
View File

@ -1,37 +0,0 @@
#!/bin/sh
#
# REQUIRE: LOGIN FILESYSTEMS
# PROVIDE: bhyverc
# KEYWORD: shutdown
. /etc/rc.subr
name=bhyverc
rcvar=${name}_enable
start_cmd="${name}_start"
stop_cmd="${name}_stop"
status_cmd="${name}_status"
console_cmd="${name}_console"
extra_commands="console"
load_rc_config $name
bhyverc_start() {
export PATH="$PATH:/usr/local/bin"
exec /usr/local/bin/bhyverc start "${@}"
}
bhyverc_status() {
export PATH="$PATH:/usr/local/bin"
exec /usr/local/bin/bhyverc status "${@}"
}
bhyverc_stop() {
export PATH="$PATH:/usr/local/bin"
exec /usr/local/bin/bhyverc stop "${@}"
}
bhyverc_console() {
export PATH="$PATH:/usr/local/bin"
exec /usr/local/bin/bhyverc console "${@}"
}
run_rc_command "$@"

19
ansible/roles/bhyve/tasks/freebsd.yaml
View File

@ -22,25 +22,6 @@
loop:
- src: bhyve_netgraph_bridge.bash
dest: /usr/local/bin/bhyve_netgraph_bridge
- src: bhyverc.bash
dest: /usr/local/bin/bhyverc
- name: Install rc script
copy:
src: "files/{{ item.src }}"
dest: "/usr/local/etc/rc.d/{{ item.dest|default(item.src) }}"
owner: root
group: wheel
mode: 0755
loop:
- src: bhyverc.sh
dest: bhyverc
- name: Enable bhyverc
community.general.sysrc:
name: bhyverc_enable
value: "YES"
path: /etc/rc.conf.d/bhyverc
- name: Create zfs dataset
zfs:

2
ansible/roles/chromium/files/chromium-flags.conf
View File

@ -1,2 +1,2 @@
--ozone-platform-hint=auto
--enable-features=VaapiVideoDecoder,VaapiIgnoreDriverChecks,Vulkan,DefaultANGLEVulkan,VulkanFromANGLE,AcceleratedVideoEncoder
--enable-features=VaapiVideoDecoder,VaapiIgnoreDriverChecks,Vulkan,DefaultANGLEVulkan,VulkanFromANGLE

14
ansible/roles/emacs/files/elisp/base-extensions.el
View File

@ -51,27 +51,17 @@
;; Persist history over Emacs restarts. Vertico sorts by history position.
(use-package savehist
;; This is an emacs built-in but we're pulling the latest version
:pin gnu
:config
(savehist-mode))
(use-package which-key
:pin gnu
:diminish
:config
(which-key-mode))
(use-package windmove
;; This is an emacs built-in but we're pulling the latest version
:pin gnu
:bind
(
("S-<up>" . windmove-up)
("S-<right>" . windmove-right)
("S-<down>" . windmove-down)
("S-<left>" . windmove-left)
)
)
:config
(windmove-default-keybindings))
(setq tramp-default-method "ssh")

3
ansible/roles/emacs/files/elisp/base.el
View File

@ -63,9 +63,6 @@
show-trailing-whitespace t
;; Remove the line when killing it with ctrl-k
kill-whole-line t
;; Show the current project in the mode line
project-mode-line t
)
;; (setq-default fringes-outside-margins t)

16
ansible/roles/emacs/files/elisp/lang-nix.el
View File

@ -7,15 +7,15 @@
:commands nix-mode
:hook (
(nix-mode . (lambda ()
(eglot-ensure)
(defclass my/eglot-nix (eglot-lsp-server) ()
:documentation
"Own eglot server class.")
;; (eglot-ensure)
;; (defclass my/eglot-nix (eglot-lsp-server) ()
;; :documentation
;; "Own eglot server class.")
(add-to-list 'eglot-server-programs
'(nix-mode . (my/eglot-nix "nixd")))
(add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
))
;; (add-to-list 'eglot-server-programs
;; '(nix-mode . (my/eglot-nix "nixd")))
;; (add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
))
)
)

17
ansible/roles/emacs/files/elisp/lang-org.el
View File

@ -1,23 +1,16 @@
(use-package org
:ensure nil
:commands org-mode
:bind (:map org-mode-map
:bind (
("C-c l" . org-store-link)
("C-c a" . org-agenda)
("S-<up>" . org-shiftup)
("S-<right>" . org-shiftright)
("S-<down>" . org-shiftdown)
("S-<left>" . org-shiftleft)
("C--" . org-timestamp-down)
("C-=" . org-timestamp-up)
)
:hook (
(org-mode . (lambda ()
(org-indent-mode +1)
))
;; Make windmove work in Org mode:
(org-shiftup-final . windmove-up)
(org-shiftleft-final . windmove-left)
(org-shiftdown-final . windmove-down)
(org-shiftright-final . windmove-right)
))
)
:config
(require 'org-tempo)
@ -45,8 +38,6 @@
;; TODO: There is an option to set the compiler, could be better than manually doing this here https://orgmode.org/manual/LaTeX_002fPDF-export-commands.html
;; (setq org-latex-compiler "lualatex")
;; TODO: nixos latex page recommends this line, figure out what it does / why its needed:
;; (setq org-preview-latex-default-process 'dvisvgm)
(setq org-latex-pdf-process
'("lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"
"lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"

2
ansible/roles/emacs/files/elisp/util-tree-sitter.el
View File

@ -4,8 +4,6 @@
:commands (treesit-install-language-grammar treesit-ready-p)
:init
(setq treesit-language-source-alist '())
:custom
(treesit-max-buffer-size 209715200) ;; 200MiB
:config
;; Default to the max level of detail in treesitter highlighting. This
;; can be overridden in each language's use-package call with:

2
ansible/roles/emacs/files/init.el
View File

@ -38,6 +38,4 @@
(require 'lang-nix)
(require 'lang-cmake)
(load-directory autoload-directory)

2
ansible/roles/firefox/defaults/main.yaml
View File

@ -40,6 +40,6 @@ firefox_config:
privacy.fingerprintingProtection: true
# Allow sending dark mode preference to websites.
# Allow sending timezone to websites.
privacy.fingerprintingProtection.overrides: "+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC,-CanvasExtractionBeforeUserInputIsBlocked,-CanvasImageExtractionPrompt,-CanvasExtractionFromThirdPartiesIsBlocked"
privacy.fingerprintingProtection.overrides: "+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC,-CanvasExtractionBeforeUserInputIsBlocked"
# Disable weather on new tab page
browser.newtabpage.activity-stream.showWeather: false

1
ansible/roles/firefox/tasks/linux.yaml
View File

@ -3,5 +3,4 @@
name:
- libfido2
- firefox-developer-edition
- speech-dispatcher # For TTS
state: present

15
ansible/roles/firewall/files/mrmanager_pf.conf
View File

@ -2,8 +2,7 @@ ext_if = "lagg0"
not_ext_if = "{ !lagg0 }"
jail_nat_v4 = "{ 10.215.1.0/24 }"
not_jail_nat_v4 = "{ any, !10.215.1.0/24 }"
# pub_k8s = "{ 74.80.180.136/29, !74.80.180.138 }"
pub_k8s = "{ 74.80.180.137, 74.80.180.139, 74.80.180.140, 74.80.180.141, 74.80.180.142 }"
pub_k8s = "{ 74.80.180.136/29, !74.80.180.138 }"
dhcp = "{ bootpc, bootps }"
allow = "{ colo }"
@ -36,22 +35,18 @@ scrub in on $ext_if all fragment reassemble
nat on $ext_if inet from ! ($ext_if) to ! ($ext_if) -> ($ext_if)
rdr pass on jail_nat proto {tcp, udp} from any to 10.215.1.1 port 53 tag REDIREXTERNAL -> 1.1.1.1 port 53
rdr pass on $ext_if proto {tcp, udp} to ($ext_if) port 6443 tag REDIRINTERNAL -> 10.215.1.204 port 6443
rdr pass on $ext_if proto {tcp, udp} to ($ext_if) port 6443 -> 10.215.1.204 port 6443
rdr pass on jail_nat proto {tcp, udp} to ($ext_if) port 6443 tag REDIRINTERNAL -> 10.215.1.204 port 6443
rdr pass on $ext_if proto {tcp, udp} to ($ext_if) port 19993 tag REDIRINTERNAL -> 10.215.1.204 port 19993
rdr pass on $ext_if proto {tcp, udp} to ($ext_if) port 19993 -> 10.215.1.204 port 19993
rdr pass on jail_nat proto {tcp, udp} to ($ext_if) port 19993 tag REDIRINTERNAL -> 10.215.1.204 port 19993
rdr pass proto {tcp, udp} from $not_jail_nat_v4 to ($ext_if) port 65099 tag REDIRINTERNAL -> 10.215.1.210 port 22
rdr pass proto {tcp, udp} from $not_jail_nat_v4 to ($ext_if) port 65099 -> 10.215.1.210 port 22
rdr pass proto {tcp, udp} from $jail_nat_v4 to ($ext_if) port 65099 tag REDIRINTERNAL -> 10.215.1.210 port 22
# log (to pflog1)
rdr pass proto {tcp, udp} from $not_jail_nat_v4 to ($ext_if) port 53 tag REDIRINTERNAL -> 10.215.1.211 port 53
rdr pass proto {tcp, udp} from $not_jail_nat_v4 to ($ext_if) port 53 -> 10.215.1.211 port 53
rdr pass proto {tcp, udp} from $jail_nat_v4 to ($ext_if) port 53 tag REDIRINTERNAL -> 10.215.1.211 port 53
rdr pass proto {tcp, udp} from $not_jail_nat_v4 to ($ext_if) port 65122 tag REDIRINTERNAL -> 10.215.1.219 port 22
rdr pass proto {tcp, udp} from $jail_nat_v4 to ($ext_if) port 65122 tag REDIRINTERNAL -> 10.215.1.219 port 22
nat pass tagged REDIRINTERNAL -> (jail_nat)
nat pass tagged REDIREXTERNAL -> ($ext_if)

2
ansible/roles/framework_laptop/files/screen_brightness_tmpfiles.conf
View File

@ -1,2 +1,2 @@
# Set screen brightness. Ever since enabling adaptive brightness management, my brightness ends up sinking lower on re-boots (I suspect it is saving the actual brightness rather than the set brightness). This forces the brightness back to the level I prefer.
w- /sys/class/backlight/amdgpu_bl0/brightness - - - - 21845
w- /sys/class/backlight/amdgpu_bl0/brightness - - - - 85

2
ansible/roles/framework_laptop/tasks/linux.yaml
View File

@ -34,7 +34,7 @@
- name: Configure kernel command line
zfs:
name: "zroot/linux/archwork/be"
name: "zroot/linux"
state: present
extra_zfs_properties:
# amdgpu.abmlevel=3 :: Automatically reduce screen brightness but tweak colors to compensate for power reduction.

2
ansible/roles/jail/templates/new_jail.bash.j2
View File

@ -26,7 +26,7 @@ function by_src {
}
function by_bin {
DESTRELEASE=14.1-RELEASE
DESTRELEASE=13.2-RELEASE
DESTARCH=`uname -m`
SOURCEURL=http://ftp.freebsd.org/pub/FreeBSD/releases/$DESTARCH/$DESTRELEASE/
for component in base ports; do fetch $SOURCEURL/$component.txz -o - | tar -xf - -C "$DESTDIR" ; done

11
ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf
View File

@ -94,18 +94,7 @@
// momlaptop - hard-coded in rc.conf, reproduced here to reserve ip
"hw-address": "06:85:69:c5:6a:d6",
"ip-address": "10.215.1.218"
},
{
// hydra
"hw-address": "06:84:36:68:03:77",
"ip-address": "10.215.1.219"
},
{
// certificate - hard-coded in rc.conf, reproduced here to reserve ip
"hw-address": "06:7b:e0:08:16:5d",
"ip-address": "10.215.1.220"
}
]
}
],

8
ansible/roles/kanshi/files/config_kanshi
View File

@ -1,11 +1,3 @@
profile office {
output eDP-1 disable
output "Dell Inc. DELL C2722DE 6PH6T83" enable
}
profile office2 {
output eDP-1 disable
output "BOE 0x0BCA Unknown" enable
}
profile docked {
output eDP-1 disable
output "Dell Inc. DELL U3014 P1V6N35M329L" enable

3
ansible/roles/mrmanager/files/nfsd_rc.conf
View File

@ -1,4 +1 @@
nfs_server_enable="YES"
# nfsv4_server_enable="YES"
# nfsv4_server_only="YES"
nfs_server_flags="-u -t --minthreads 1 --maxthreads 32"

58
ansible/roles/mrmanager/tasks/freebsd.yaml
View File

@ -8,37 +8,37 @@
- name: net.link.ether.inet.proxyall
value: "1"
# - name: Install service configuration
# copy:
# src: "files/{{ item }}_rc.conf"
# dest: "/etc/rc.conf.d/{{ item }}"
# mode: 0644
# owner: root
# group: wheel
# loop:
# - nfsd
# - mountd
# - lockd
# - statd
# - rpcbind
- name: Install service configuration
copy:
src: "files/{{ item }}_rc.conf"
dest: "/etc/rc.conf.d/{{ item }}"
mode: 0644
owner: root
group: wheel
loop:
- nfsd
- mountd
- lockd
- statd
- rpcbind
# - name: Create zfs datasets
# zfs:
# name: zdata/k8spersistent
# state: present
# extra_zfs_properties:
# sharenfs: "-network 10.215.1.0/24,-alldirs,-maproot=root:root"
# mountpoint: /k8spersistent
- name: Create zfs datasets
zfs:
name: zdata/k8spersistent
state: present
extra_zfs_properties:
sharenfs: "-network 10.215.1.0/24,-alldirs,-maproot=root:root"
mountpoint: /k8spersistent
# - name: Update ownership
# file:
# name: "{{ item }}"
# state: directory
# mode: 0777
# owner: root
# group: wheel
# loop:
# - /k8spersistent
- name: Update ownership
file:
name: "{{ item }}"
state: directory
mode: 0777
owner: root
group: wheel
loop:
- /k8spersistent
- name: Install scripts
copy:

6
ansible/roles/package_manager/files/pacman.conf
View File

@ -81,6 +81,12 @@ Include = /etc/pacman.d/mirrorlist
[extra]
Include = /etc/pacman.d/mirrorlist
#[community-testing]
#Include = /etc/pacman.d/mirrorlist
[community]
Include = /etc/pacman.d/mirrorlist
# If you want to run 32 bit applications on your x86_64 system,
# enable the multilib repositories as required here.

3
ansible/roles/public_dns/files/master.db
View File

@ -23,9 +23,6 @@ $ORIGIN fizz.buzz.
; Allows receivers to know you send your mail via Fastmail, and other servers
IN TXT v=spf1 include:spf.messagingengine.com ?all
; Tell receivers what to do with fake email
_dmarc IN TXT "v=DMARC1; p=none; rua=mailto:postmaster@fizz.buzz;"
ns1 IN A 74.80.180.138
ns2 IN A 74.80.180.138

17
ansible/roles/sftp/tasks/common.yaml
View File

@ -64,6 +64,23 @@
# force: true
# diff: false
- name: Create directories
file:
name: "{{ item }}"
state: directory
mode: 0700
owner: nochainstounlock
group: nochainstounlock
loop:
- /home/nochainstounlock/.ssh
- name: Set authorized keys
authorized_key:
user: nochainstounlock
key: |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMrjXsXjtxEm47XnRZfo67kJULoc0NBLrB0lPYFiS2Ar kodi@neelix
exclusive: true
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'

1
ansible/roles/sway/files/config
View File

@ -23,7 +23,6 @@ set $menu wofi --show drun --gtk-dark
# Do not show a title bar on windows
default_border pixel 2
hide_edge_borders smart_no_gaps
bindsym $mod+grave exec $term

2
ansible/roles/sway/files/start_screen_share.bash
View File

@ -5,6 +5,6 @@ set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
makoctl mode -s do-not-disturb
makoctl set-mode do-not-disturb
swaymsg output "'Dell Inc. DELL U3014 P1V6N35M329L'" scale 2

2
ansible/roles/sway/files/stop_screen_share.bash
View File

@ -5,6 +5,6 @@ set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
makoctl mode -s default
makoctl set-mode default
swaymsg output "'Dell Inc. DELL U3014 P1V6N35M329L'" scale 1

6
ansible/roles/vscode/files/keybindings.json
View File

@ -20,12 +20,6 @@
"command": "-workbench.action.navigateBack",
"when": "canNavigateBack"
},
{
// This isn't quite right. In emacs it would go back to the last location you performed an action which could include navigation. This goes back to the place where you last changed the text. Either way, close enough.
"key": "ctrl+x ctrl+x",
"command": "workbench.action.navigateToLastEditLocation",
"when": "canNavigateToLastEditLocation"
},
{
"key": "shift+alt+/",
"command": "editor.action.goToReferences",

17
ansible/roles/vscode/files/settings.json
View File

@ -18,7 +18,6 @@
"workbench.editor.showTabs": "none",
"workbench.activityBar.location": "hidden",
"window.menuBarVisibility": "toggle",
"window.commandCenter": false,
"explorer.autoReveal": false,
"[python]": {
"editor.defaultFormatter": "ms-python.black-formatter",
@ -32,25 +31,11 @@
"editor.defaultFormatter": "hashicorp.terraform",
"editor.formatOnSave": true
},
"[typescript]": {
"editor.defaultFormatter": "esbenp.prettier-vscode",
"editor.formatOnSave": true
},
"[typescriptreact]": {
"editor.defaultFormatter": "esbenp.prettier-vscode",
"editor.formatOnSave": true
},
"javascript.autoClosingTags": false,
"typescript.autoClosingTags": false,
"black-formatter.importStrategy": "fromEnvironment",
"workbench.statusBar.visible": false,
"git.openRepositoryInParentFolders": "never",
"files.autoSave": "afterDelay",
"editor.rulers": [
100
],
"workbench.secondarySideBar.defaultVisibility": "hidden",
"editor.autoClosingBrackets": "never",
"editor.autoSurround": "never",
"workbench.editor.navigationScope": "editorGroup"
]
}

6
ansible/roles/zfs/tasks/linux.yaml
View File

@ -27,8 +27,7 @@
args:
creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
loop:
# - zfs-dkms-git
- zfs-dkms
- zfs-dkms-git
- zfs-utils
- name: Update cache
@ -41,8 +40,7 @@
- name: Install packages
package:
name:
# - zfs-dkms-git
- zfs-dkms
- zfs-dkms-git
- zfs-utils
state: present

254
nix/configuration/configuration.nix Normal file
View File

@ -0,0 +1,254 @@
{
config,
lib,
pkgs,
home-manager,
...
}:
{
imports = [
./roles/reset
./roles/global_options
./util/unfree_polyfill
./roles/iso
"${
builtins.fetchTarball {
url = "https://github.com/nix-community/disko/archive/refs/tags/v1.9.0.tar.gz";
sha256 = "0j76ar4qz320fakdii4659w5lww8wiz6yb7g47npywqvf2lbp388";
}
}/module.nix"
./roles/boot
./roles/zfs
./roles/network
./roles/firewall
./roles/zsh
./roles/zrepl
./roles/graphics
./roles/sound
./roles/sway
./roles/kanshi
./roles/alacritty
./roles/firefox
./roles/chromium
./roles/emacs
./roles/git
./roles/fonts
./roles/gpg
./roles/waybar
./roles/qemu
./roles/wireguard
./roles/ares
./roles/ssh
./roles/python
./roles/docker
./roles/kubernetes
./roles/rust
./roles/media
./roles/steam
./roles/latex
./roles/launch_keyboard
./roles/lvfs
./roles/nvme
./roles/terraform
./roles/vscode
./roles/wasm
./roles/vnc_client
./roles/chromecast
./roles/memtest86
./roles/kodi
./roles/ansible
./roles/bluetooth
./roles/sm64ex
./roles/shipwright
./roles/2ship2harkinian
./roles/nix_index
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings.trusted-users = [ "@wheel" ];
# boot.kernelPackages = pkgs.linuxPackages_6_11;
hardware.enableRedistributableFirmware = true;
services.getty = {
autologinUser = "talexander"; # I use full disk encryption so the user password is irrelevant.
autologinOnce = true;
};
users.mutableUsers = false;
users.users.talexander = {
isNormalUser = true;
createHome = true; # https://github.com/NixOS/nixpkgs/issues/6481
group = "talexander";
extraGroups = [ "wheel" ];
uid = 11235;
packages = with pkgs; [
tree
];
# Generate with `mkpasswd -m scrypt`
hashedPassword = "$7$CU..../....VXvNQ8za3wSGpdzGXNT50/$HcFtn/yvwPMCw4888BelpiAPLAxe/zU87fD.d/N6U48";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGu+k5lrirokdW5zVdRVBOqEOAvAPlIkG/MdJNc9g5ky"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIEI6mu6I5Jp+Ib0vJxapGHbEShZjyvzV8jz5DnzDrI39AAAABHNzaDo="
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAFNcSXwvy+brYTOGo56G93Ptuq2MmZsjvRWAfMqbmMLAAAABHNzaDo="
];
};
users.groups.talexander.gid = 11235;
home-manager.users.talexander =
{ pkgs, ... }:
{
home.packages = [
pkgs.atool
pkgs.httpie
];
programs.bash.enable = true;
# The state version is required and should stay at the version you
# originally installed.
home.stateVersion = "24.11";
};
# Automatic garbage collection
nix.gc = lib.mkIf (!config.me.buildingIso) {
# Runs nix-collect-garbage --delete-older-than 5d
automatic = true;
randomizedDelaySec = "14m";
options = "--delete-older-than 30d";
};
nix.settings.auto-optimise-store = !config.me.buildingIso;
# Use doas instead of sudo
security.doas.enable = true;
security.doas.wheelNeedsPassword = false;
security.sudo.enable = false;
security.doas.extraRules = [
{
# Retain environment (for example NIX_PATH)
keepEnv = true;
persist = true; # Only ask for a password the first time.
}
];
environment.systemPackages = with pkgs; [
wget
mg
rsync
libinput
htop
tmux
file
usbutils # for lsusb
pciutils # for lspci
ripgrep
strace
ltrace
trace-cmd # ftrace
tcpdump
git-crypt
gnumake
ncdu
nix-tree
libarchive # bsdtar
];
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
hostKeys = [
{
path = "/persist/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/persist/ssh/ssh_host_rsa_key";
type = "rsa";
bits = 4096;
}
];
};
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
directories = [
"/var/lib/iwd" # Wifi settings
"/var/lib/nixos" # Contains user information (uids/gids)
"/var/lib/systemd" # Systemd state directory for random seed, persistent timers, core dumps, persist hardware state like backlight and rfkill
"/var/log/journal" # Logs, alternatively set `services.journald.storage = "volatile";` to write to /run/log/journal
];
files = [
"/etc/machine-id" # Systemd unique machine id "otherwise, the system journal may fail to list earlier boots, etc"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
];
users.talexander = {
directories = [
{
directory = "persist";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};
# Write a list of the currently installed packages to /etc/current-system-packages
environment.etc."current-system-packages".text =
let
packages = builtins.map (p: "${p.name}") config.environment.systemPackages;
sortedUnique = builtins.sort builtins.lessThan (lib.unique packages);
formatted = builtins.concatStringsSep "\n" sortedUnique;
in
formatted;
# environment.etc."system-packages-with-source".text = builtins.concatStringsSep "\n\n" (
# builtins.map (
# x: x.file + "\n" + builtins.concatStringsSep "\n" (builtins.map (s: " " + s) x.value)
# ) config.environment.systemPackages.definitionsWithLocations
# );
# nixpkgs.overlays = [
# (final: prev: {
# nix = pkgs-unstable.nix;
# })
# ];
# nixpkgs.overlays = [
# (final: prev: {
# foot = throw "foo";
# })
# ];
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment?
}

350
nix/configuration/flake.lock generated Normal file
View File

@ -0,0 +1,350 @@
{
"nodes": {
"ansible-sshjail": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1,
"narHash": "sha256-c4Ds4E/10Zj5AQLuJ3JvJTuDK8o2WjVXLcIL7eyhTfw=",
"path": "flakes/ansible-sshjail",
"type": "path"
},
"original": {
"path": "flakes/ansible-sshjail",
"type": "path"
}
},
"crane": {
"locked": {
"lastModified": 1731098351,
"narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=",
"owner": "ipetkov",
"repo": "crane",
"rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1737762889,
"narHash": "sha256-5HGG09bh/Yx0JA8wtBMAzt0HMCL1bYZ93x4IqzVExio=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "daf04c5950b676f47a794300657f1d3d14c1a120",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1737831083,
"narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1737639419,
"narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "a65905a09e2c43ff63be8c0e86a93712361f871e",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "v0.4.2",
"repo": "lanzaboote",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1737885589,
"narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-b93b4e9b5": {
"locked": {
"lastModified": 1713721570,
"narHash": "sha256-R0s+O5UjTePQRb72XPgtkTmEiOOW8n+1q9Gxt/OJnKU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b93b4e9b527904aadf52dba6ca35efde2067cbd4",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b93b4e9b527904aadf52dba6ca35efde2067cbd4",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1730741070,
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1731363552,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"ansible-sshjail": "ansible-sshjail",
"home-manager": "home-manager",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote",
"nixpkgs": "nixpkgs",
"nixpkgs-b93b4e9b5": "nixpkgs-b93b4e9b5",
"zsh-histdb": "zsh-histdb"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1731897198,
"narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "0be641045af6d8666c11c2c40e45ffc9667839b5",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"zsh-histdb": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1,
"narHash": "sha256-5DWw7GnwVZ98HUp/UUJcyUmmy9Bh/mcQB8MQQ0t3ZRo=",
"path": "flakes/zsh-histdb",
"type": "path"
},
"original": {
"path": "flakes/zsh-histdb",
"type": "path"
}
}
},
"root": "root",
"version": 7
}

153
nix/configuration/flake.nix Normal file
View File

@ -0,0 +1,153 @@
# Build ISO image
# nix build --extra-experimental-features nix-command --extra-experimental-features flakes .#iso.odo
# output: result/iso/nixos.iso
# Run the ISO image
# "$(nix-build '<nixpkgs>' --no-out-link -A 'qemu')/bin/qemu-system-x86_64" \
# -accel kvm \
# -cpu host \
# -smp cores=8 \
# -m 32768 \
# -drive "file=$(nix-build '<nixpkgs>' --no-out-link -A 'OVMF.fd')/FV/OVMF.fd,if=pflash,format=raw,readonly=on" \
# -drive if=pflash,format=raw,file="/tmp/OVMF_VARS.fd" \
# -nic user,hostfwd=tcp::60022-:22 \
# -boot order=d \
# -cdrom "$(readlink -f ./result/iso/nixos.iso)" \
# -display vnc=127.0.0.1:0
#
# doas cp "$(nix-build '<nixpkgs>' --no-out-link -A 'OVMF.fd')/FV/OVMF_VARS.fd" /tmp/OVMF_VARS.fd
# doas "$(nix-build '<nixpkgs>' --no-out-link -A 'qemu')/bin/qemu-system-x86_64" -accel kvm -cpu host -smp cores=8 -m 32768 -drive "file=$(nix-build '<nixpkgs>' --no-out-link -A 'OVMF.fd')/FV/OVMF.fd,if=pflash,format=raw,readonly=on" -drive if=pflash,format=raw,file="/tmp/OVMF_VARS.fd" -nic user,hostfwd=tcp::60022-:22 -boot order=d -cdrom /persist/machine_setup/nix/configuration/result/iso/nixos*.iso -display vnc=127.0.0.1:0
# Get a repl for this flake
# nix repl --expr "builtins.getFlake \"$PWD\""
# TODO maybe use `nix eval --raw .#iso.odo.outPath`
# iso.odo.isoName == "nixos.iso"
# full path = <outPath> / iso / <isoName>
{
description = "My system configuration";
inputs = {
impermanence.url = "github:nix-community/impermanence";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-b93b4e9b5.url = "github:NixOS/nixpkgs/b93b4e9b527904aadf52dba6ca35efde2067cbd4";
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
# Optional but recommended to limit the size of your system closure.
inputs.nixpkgs.follows = "nixpkgs";
};
zsh-histdb = {
url = "path:flakes/zsh-histdb";
# Optional but recommended to limit the size of your system closure.
inputs.nixpkgs.follows = "nixpkgs";
};
ansible-sshjail = {
url = "path:flakes/ansible-sshjail";
# Optional but recommended to limit the size of your system closure.
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
{
self,
nixpkgs,
nixpkgs-b93b4e9b5,
impermanence,
home-manager,
lanzaboote,
zsh-histdb,
ansible-sshjail,
...
}@inputs:
let
base_x86_64_linux = rec {
system = "x86_64-linux";
specialArgs = {
pkgs-b93b4e9b5 = import nixpkgs-b93b4e9b5 {
inherit system;
};
};
modules = [
impermanence.nixosModules.impermanence
home-manager.nixosModules.home-manager
lanzaboote.nixosModules.lanzaboote
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
{
nixpkgs.overlays = [
zsh-histdb.overlays.default
ansible-sshjail.overlays.default
];
}
./configuration.nix
];
};
systems = {
odo = {
main = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/odo
];
}
);
iso = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/odo
(nixpkgs + "/nixos/modules/installer/cd-dvd/iso-image.nix")
# TODO: Figure out how to do image based appliances
# (nixpkgs + "/nixos/modules/profiles/image-based-appliance.nix")
{
isoImage.makeEfiBootable = true;
isoImage.makeUsbBootable = true;
me.buildingIso = true;
}
];
}
);
};
neelix = {
main = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/neelix
];
}
);
iso = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/neelix
(nixpkgs + "/nixos/modules/installer/cd-dvd/iso-image.nix")
{
isoImage.makeEfiBootable = true;
isoImage.makeUsbBootable = true;
me.buildingIso = true;
}
];
}
);
};
};
in
{
nixosConfigurations.odo = systems.odo.main;
iso.odo = systems.odo.iso.config.system.build.isoImage;
nixosConfigurations.neelix = systems.neelix.main;
iso.neelix = systems.neelix.iso.config.system.build.isoImage;
};
}

61
nix/configuration/flakes/ansible-sshjail/flake.lock generated Normal file
View File

@ -0,0 +1,61 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1735141468,
"narHash": "sha256-VIAjBr1qGcEbmhLwQJD6TABppPMggzOvqFsqkDoMsAY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4005c3ff7505313cbc21081776ad0ce5dfd7a3ce",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

34
nix/configuration/flakes/ansible-sshjail/flake.nix Normal file
View File

@ -0,0 +1,34 @@
{
description = "A slightly better history for zsh";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
inputs.flake-utils.url = "github:numtide/flake-utils";
outputs =
{
self,
nixpkgs,
flake-utils,
...
}:
let
out =
system:
let
pkgs = nixpkgs.legacyPackages.${system};
# Maybe pkgs = import nixpkgs { inherit system; }; ?
appliedOverlay = self.overlays.default pkgs pkgs;
in
{
packages = rec {
default = ansible-sshjail;
ansible-sshjail = appliedOverlay.ansible-sshjail;
};
};
in
flake-utils.lib.eachDefaultSystem out
// {
overlays.default = final: prev: {
ansible-sshjail = final.callPackage ./package.nix { };
};
};
}

33
nix/configuration/flakes/ansible-sshjail/package.nix Normal file
View File

@ -0,0 +1,33 @@
# unpackPhase
# patchPhase
# configurePhase
# buildPhase
# checkPhase
# installPhase
# fixupPhase
# installCheckPhase
# distPhase
{
stdenv,
fetchgit,
...
}:
stdenv.mkDerivation {
name = "ansible-sshjail";
src = fetchgit {
url = "https://github.com/austinhyde/ansible-sshjail.git";
rev = "a7b0076fdb680b915d35efafd1382919100532b6";
sha256 = "sha256-4QX/017fDRzb363NexgvHZ/VFKXOjRgGPDKKygyUylM=";
};
phases = [
"installPhase"
];
installPhase = ''
runHook preInstall
mkdir -p $out/share/ansible/plugins/connection_plugins
cp $src/sshjail.py $out/share/ansible/plugins/connection_plugins/
runHook postInstall
'';
}

61
nix/configuration/flakes/starship-game/flake.lock generated Normal file
View File

@ -0,0 +1,61 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1735141468,
"narHash": "sha256-VIAjBr1qGcEbmhLwQJD6TABppPMggzOvqFsqkDoMsAY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4005c3ff7505313cbc21081776ad0ce5dfd7a3ce",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

34
nix/configuration/flakes/starship-game/flake.nix Normal file
View File

@ -0,0 +1,34 @@
{
description = "A slightly better history for zsh";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
inputs.flake-utils.url = "github:numtide/flake-utils";
outputs =
{
self,
nixpkgs,
flake-utils,
...
}:
let
out =
system:
let
pkgs = nixpkgs.legacyPackages.${system};
# Maybe pkgs = import nixpkgs { inherit system; }; ?
appliedOverlay = self.overlays.default pkgs pkgs;
in
{
packages = rec {
default = starship-game;
starship-game = appliedOverlay.starship-game;
};
};
in
flake-utils.lib.eachDefaultSystem out
// {
overlays.default = final: prev: {
starship-game = final.callPackage ./package.nix { };
};
};
}

261
nix/configuration/flakes/starship-game/package.nix Normal file
View File

@ -0,0 +1,261 @@
{
lib,
stdenv,
SDL2,
cmake,
copyDesktopItems,
fetchFromGitHub,
fetchpatch,
fetchurl,
imagemagick,
imgui,
libpng,
libpulseaudio,
libzip,
lsb-release,
makeDesktopItem,
makeWrapper,
ninja,
nlohmann_json,
pkg-config,
python3,
spdlog,
stormlib,
tinyxml-2,
writeTextFile,
zenity,
}:
let
# This would get fetched at build time otherwise, see:
# https://github.com/HarbourMasters/2ship2harkinian/blob/1.0.2/mm/CMakeLists.txt#L708
gamecontrollerdb = fetchurl {
name = "gamecontrollerdb.txt";
url = "https://raw.githubusercontent.com/gabomdq/SDL_GameControllerDB/b1759cf84028aab89caa1c395e198c340b8dfd89/gamecontrollerdb.txt";
hash = "sha256-7C5EkqBIhLGNJuhi3832y0ffW5Ep7iuTYXb1bL5h2Js=";
};
# 2ship needs a specific imgui version
imgui' = imgui.overrideAttrs rec {
version = "1.90.6";
src = fetchFromGitHub {
owner = "ocornut";
repo = "imgui";
rev = "v${version}-docking";
hash = "sha256-Y8lZb1cLJF48sbuxQ3vXq6GLru/WThR78pq7LlORIzc=";
};
};
libgfxd = fetchFromGitHub {
owner = "glankk";
repo = "libgfxd";
rev = "96fd3b849f38b3a7c7b7f3ff03c5921d328e6cdf";
hash = "sha256-dedZuV0BxU6goT+rPvrofYqTz9pTA/f6eQcsvpDWdvQ=";
};
yaml_cpp = fetchFromGitHub {
owner = "jbeder";
repo = "yaml-cpp";
rev = "f7320141120f720aecc4c32be25586e7da9eb978";
hash = "sha256-J87oS6Az1/vNdyXu3L7KmUGWzU0IAkGrGMUUha+xDXI=";
};
# spdlog = fetchFromGitHub {
# owner = "gabime";
# repo = "spdlog";
# rev = "7e635fca68d014934b4af8a1cf874f63989352b7";
# hash = "sha256-cxTaOuLXHRU8xMz9gluYz0a93O0ez2xOxbloyc1m1ns=";
# };
# stb_impl = writeTextFile {
# name = "stb_impl.c";
# text = ''
# #define STB_IMAGE_IMPLEMENTATION
# #include "stb_image.h"
# '';
# };
# stb' = fetchurl {
# name = "stb_image.h";
# url = "https://raw.githubusercontent.com/nothings/stb/0bc88af4de5fb022db643c2d8e549a0927749354/stb_image.h";
# hash = "sha256-xUsVponmofMsdeLsI6+kQuPg436JS3PBl00IZ5sg3Vw=";
# };
# Apply 2ship's patch for stormlib
stormlib' = stormlib.overrideAttrs (prev: rec {
version = "9.25";
src = fetchFromGitHub {
owner = "ladislav-zezula";
repo = "StormLib";
rev = "v${version}";
hash = "sha256-HTi2FKzKCbRaP13XERUmHkJgw8IfKaRJvsK3+YxFFdc=";
};
nativeBuildInputs = prev.nativeBuildInputs ++ [ pkg-config ];
patches = (prev.patches or [ ]) ++ [
(fetchpatch {
name = "stormlib-optimizations.patch";
url = "https://github.com/briaguya-ai/StormLib/commit/ff338b230544f8b2bb68d2fbe075175ed2fd758c.patch";
hash = "sha256-Jbnsu5E6PkBifcx/yULMVC//ab7tszYgktS09Azs5+4=";
})
];
});
thread_pool = fetchFromGitHub {
owner = "bshoshany";
repo = "thread-pool";
rev = "v4.1.0";
hash = "sha256-zhRFEmPYNFLqQCfvdAaG5VBNle9Qm8FepIIIrT9sh88=";
};
in
stdenv.mkDerivation (finalAttrs: {
pname = "starship-game";
version = "v1.0.0";
src = fetchFromGitHub {
owner = "HarbourMasters";
repo = "starship";
# rev = "5e5e49da93e066f51c3010ba38f09331d866f2db";
tag = finalAttrs.version;
hash = "sha256-kaLLlLuonqE2DJcRlWR4tCEBNjwIYFlzeDLcYsvMO7I=";
fetchSubmodules = true;
};
# patches = [
# # remove fetching stb as we will patch our own
# ./0001-deps.patch
# ];
nativeBuildInputs = [
cmake
copyDesktopItems
imagemagick
lsb-release
makeWrapper
ninja
pkg-config
python3
];
buildInputs = [
SDL2
imgui'
libpng
libpulseaudio
libzip
nlohmann_json
spdlog
stormlib'
tinyxml-2
zenity
];
cmakeFlags = [
(lib.cmakeBool "NON_PORTABLE" true)
(lib.cmakeFeature "CMAKE_INSTALL_PREFIX" "${placeholder "out"}/starship-game")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_IMGUI" "${imgui'.src}")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_LIBGFXD" "${libgfxd}")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_STORMLIB" "${stormlib'}")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_THREADPOOL" "${thread_pool}")
];
dontAddPrefix = true;
# Linking fails without this
hardeningDisable = [ "format" ];
# Pie needs to be enabled or else it segfaults
hardeningEnable = [ "pie" ];
# preConfigure = ''
# # mirror 2ship's stb
# mkdir stb
# cp ${stb'} ./stb/${stb'.name}
# cp ${stb_impl} ./stb/${stb_impl.name}
# substituteInPlace libultraship/cmake/dependencies/common.cmake \
# --replace-fail "\''${STB_DIR}" "/build/source/stb"
# '';
# (cd tools/Torch && cmake -H. -Bbuild-cmake -GNinja \
# -DFETCHCONTENT_SOURCE_DIR_LIBGFXD=${libgfxd} \
# -DFETCHCONTENT_SOURCE_DIR_YAML-CPP=${finalAttrs.yaml_cpp_src} \
# -DFETCHCONTENT_SOURCE_DIR_SPDLOG=${finalAttrs.spdlog_src}
# )
configurePhase = ''
cmake -H. -Bbuild-cmake -GNinja \
-DFETCHCONTENT_SOURCE_DIR_IMGUI=${imgui'.src} \
-DFETCHCONTENT_SOURCE_DIR_STORMLIB=${stormlib'} \
-DFETCHCONTENT_SOURCE_DIR_THREADPOOL=${thread_pool}
(cd tools/Torch && cmake -H. -Bbuild-cmake -GNinja \
-DFETCHCONTENT_SOURCE_DIR_LIBGFXD=${libgfxd} \
-DFETCHCONTENT_SOURCE_DIR_YAML-CPP=${yaml_cpp} \
-DFETCHCONTENT_SOURCE_DIR_SPDLOG=${spdlog}
)
(cd libultraship && cmake -H. -Bbuild-cmake -GNinja \
-DFETCHCONTENT_SOURCE_DIR_LIBGFXD=${libgfxd} \
-DFETCHCONTENT_SOURCE_DIR_IMGUI=${imgui'.src} \
-DFETCHCONTENT_SOURCE_DIR_STORMLIB=${stormlib'} \
-DFETCHCONTENT_SOURCE_DIR_THREADPOOL=${thread_pool}
)
'';
buildPhase = ''
cmake --build build-cmake
'';
postBuild = ''
cp ${gamecontrollerdb} ${gamecontrollerdb.name}
pushd ../OTRExporter
python3 ./extract_assets.py -z ../build/ZAPD/ZAPD.out --norom --xml-root ../mm/assets/xml --custom-assets-path ../mm/assets/custom --custom-otr-file 2ship.o2r --port-ver ${finalAttrs.version}
popd
'';
preInstall = ''
# Cmake likes it here for its install paths
cp ../OTRExporter/2ship.o2r mm/
'';
postInstall = ''
mkdir -p $out/bin
ln -s $out/2s2h/2s2h.elf $out/bin/2s2h
install -Dm644 ../mm/linux/2s2hIcon.png $out/share/pixmaps/2s2h.png
'';
postFixup = ''
wrapProgram $out/2s2h/2s2h.elf --prefix PATH ":" ${lib.makeBinPath [ zenity ]}
'';
desktopItems = [
(makeDesktopItem {
name = "starship";
icon = "starship";
exec = "starship";
comment = finalAttrs.meta.description;
genericName = "Starship";
desktopName = "starship";
categories = [ "Game" ];
})
];
meta = {
homepage = "https://github.com/HarbourMasters/2ship2harkinian";
description = "A PC port of Majora's Mask with modern controls, widescreen, high-resolution, and more";
mainProgram = "starship";
platforms = [ "x86_64-linux" ];
maintainers = with lib.maintainers; [ ];
license = with lib.licenses; [
# # OTRExporter, OTRGui, ZAPDTR, libultraship
# mit
# # 2 Ship 2 Harkinian
# cc0
# # Reverse engineering
# unfree
];
};
})

61
nix/configuration/flakes/zsh-histdb/flake.lock generated Normal file
View File

@ -0,0 +1,61 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1735141468,
"narHash": "sha256-VIAjBr1qGcEbmhLwQJD6TABppPMggzOvqFsqkDoMsAY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4005c3ff7505313cbc21081776ad0ce5dfd7a3ce",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

34
nix/configuration/flakes/zsh-histdb/flake.nix Normal file
View File

@ -0,0 +1,34 @@
{
description = "A slightly better history for zsh";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
inputs.flake-utils.url = "github:numtide/flake-utils";
outputs =
{
self,
nixpkgs,
flake-utils,
...
}:
let
out =
system:
let
pkgs = nixpkgs.legacyPackages.${system};
# Maybe pkgs = import nixpkgs { inherit system; }; ?
appliedOverlay = self.overlays.default pkgs pkgs;
in
{
packages = rec {
default = zsh-histdb;
zsh-histdb = appliedOverlay.zsh-histdb;
};
};
in
flake-utils.lib.eachDefaultSystem out
// {
overlays.default = final: prev: {
zsh-histdb = final.callPackage ./package.nix { };
};
};
}

36
nix/configuration/flakes/zsh-histdb/package.nix Normal file
View File

@ -0,0 +1,36 @@
# unpackPhase
# patchPhase
# configurePhase
# buildPhase
# checkPhase
# installPhase
# fixupPhase
# installCheckPhase
# distPhase
{
stdenv,
pkgs,
sqlite,
...
}:
stdenv.mkDerivation {
name = "zsh-histdb";
src = pkgs.fetchgit {
url = "https://github.com/larkery/zsh-histdb.git";
rev = "90a6c104d0fcc0410d665e148fa7da28c49684eb";
sha256 = "sha256-vtG1poaRVbfb/wKPChk1WpPgDq+7udLqLfYfLqap4Vg=";
};
buildInputs = [ sqlite ];
phases = [
"installPhase"
];
installPhase = ''
runHook preInstall
mkdir -p $out/share/zsh/plugins/zsh-histdb
cp -r $src/histdb-* $src/*.zsh $src/db_migrations $out/share/zsh/plugins/zsh-histdb/
runHook postInstall
'';
postInstall = ''
substituteInPlace $out/share/zsh/plugins/zsh-histdb/sqlite-history.zsh $out/share/zsh/plugins/zsh-histdb/histdb-merge $out/share/zsh/plugins/zsh-histdb/histdb-migrate --replace-fail "sqlite3" "${sqlite}/bin/sqlite3"
'';
}

38
nix/configuration/hosts/neelix/default.nix Normal file
View File

@ -0,0 +1,38 @@
{ config, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
./disk-config.nix
./optimized_build.nix
./power_management.nix
];
# Generate with `head -c4 /dev/urandom | od -A none -t x4`
networking.hostId = "fbd233d8";
networking.hostName = "neelix"; # Define your hostname.
time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8";
me.secureBoot.enable = false;
# Early KMS
boot.initrd.kernelModules = [ "i915" ];
# Mount tmpfs at /tmp
boot.tmp.useTmpfs = true;
me.bluetooth.enable = true;
me.emacs_flavor = "plainmacs";
me.graphical = true;
me.graphics_card_type = "intel";
me.kodi.enable = true;
me.lvfs.enable = true;
me.sound.enable = true;
me.wireguard.activated = [ "wgh" ];
me.wireguard.deactivated = [ "wgf" ];
me.zrepl.enable = true;
me.zsh.enable = true;
}

140
nix/configuration/hosts/neelix/disk-config.nix Normal file
View File

@ -0,0 +1,140 @@
# Manual Step:
# Check if drive supports 4kn: nvme id-ns -H /dev/nvme0n1
# Format the drive to 4kn: nvme format --lbaf=1 /dev/nvme0n1
{
config,
lib,
pkgs,
...
}:
lib.mkIf (!config.me.buildingIso) {
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
"noatime"
"discard"
];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
# mode = "mirror";
# Workaround: cannot import 'zroot': I/O error in disko tests
options.cachefile = "none";
options = {
ashift = "12";
compatibility = "openzfs-2.2-freebsd";
autotrim = "on";
};
rootFsOptions = {
acltype = "posixacl";
atime = "off";
relatime = "off";
xattr = "sa";
mountpoint = "none";
compression = "lz4";
canmount = "off";
utf8only = "on";
dnodesize = "auto";
normalization = "formD";
};
datasets = {
"linux/nix" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"linux/nix/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/root@blank$' || zfs snapshot zroot/linux/nix/root@blank";
};
"linux/nix/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/nix@blank$' || zfs snapshot zroot/linux/nix/nix@blank";
options = {
recordsize = "1MiB";
compression = "lz4";
};
};
"linux/nix/home" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/home";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/home@blank$' || zfs snapshot zroot/linux/nix/home@blank";
};
"linux/nix/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/persist@blank$' || zfs snapshot zroot/linux/nix/persist@blank";
};
"linux/nix/state" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/state";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/state@blank$' || zfs snapshot zroot/linux/nix/state@blank";
};
};
};
};
};
# Make sure all persistent volumes are marked as neededForBoot
#
# Also mounts /home so it is mounted before the user home directories are created.
fileSystems."/persist".neededForBoot = true;
fileSystems."/state".neededForBoot = true;
fileSystems."/home".neededForBoot = true;
fileSystems."/".options = [
"noatime"
"norelatime"
];
fileSystems."/nix".options = [
"noatime"
"norelatime"
];
fileSystems."/persist".options = [
"noatime"
"norelatime"
];
fileSystems."/state".options = [
"noatime"
"norelatime"
];
fileSystems."/home".options = [
"noatime"
"norelatime"
];
}

32
nix/configuration/hosts/neelix/hardware-configuration.nix Normal file
View File

@ -0,0 +1,32 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp58s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

78
nix/configuration/hosts/neelix/optimized_build.nix Normal file
View File

@ -0,0 +1,78 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{ }
(lib.mkIf (!config.me.buildingIso) {
nix.settings.system-features = lib.mkForce [
"gccarch-alderlake"
"gccarch-x86-64-v3"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
# nixpkgs.hostPlatform = {
# gcc.arch = "alderlake";
# gcc.tune = "alderlake";
# system = "x86_64-linux";
# };
nixpkgs.overlays = [
(
self: super:
let
optimizeWithFlags =
pkg: flags:
pkg.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ flags;
});
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = pkg.structuredExtraConfig // additionalConfig;
});
in
{
linux_alderlake =
addConfig
{
# Full preemption
PREEMPT = lib.mkOverride 60 lib.kernel.yes;
PREEMPT_VOLUNTARY = lib.mkOverride 60 lib.kernel.no;
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = lib.kernel.yes;
DEFAULT_BBR = lib.kernel.yes;
# Preemptive Full Tickless Kernel at 300Hz
HZ = lib.kernel.freeform "300";
HZ_300 = lib.kernel.yes;
HZ_1000 = lib.kernel.no;
}
(
optimizeWithFlags super.linux_6_12 [
"-march=alderlake"
"-mtune=alderlake"
]
);
}
)
];
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_alderlake;
})
(lib.mkIf (config.me.buildingIso) {
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_6_12;
boot.supportedFilesystems = [ "zfs" ];
})
];
}

35
nix/configuration/hosts/neelix/power_management.nix Normal file
View File

@ -0,0 +1,35 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
environment.systemPackages = with pkgs; [
powertop
];
# pcie_aspm=force pcie_aspm.policy=powersupersave :: Enable PCIe active state power management for power reduction.
# nowatchdog :: Disable watchdog for power savings (related to disable_sp5100_watchdog above).
boot.kernelParams = [
"pcie_aspm=force"
# "pcie_aspm.policy=powersupersave"
"nowatchdog"
];
# default performance balance_performance balance_power power
# defaults to balance_performance
# systemd.tmpfiles.rules = [
# "w- /sys/devices/system/cpu/cpufreq/policy0/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy1/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy2/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy3/energy_performance_preference - - - - power"
# ];
boot.extraModprobeConfig = ''
options snd_hda_intel power_save=1
'';
}

75
nix/configuration/hosts/odo/default.nix Normal file
View File

@ -0,0 +1,75 @@
{ config, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
./disk-config.nix
./optimized_build.nix
./power_management.nix
./screen_brightness.nix
./wifi.nix
];
# Generate with `head -c4 /dev/urandom | od -A none -t x4`
networking.hostId = "908cbf04";
networking.hostName = "odo"; # Define your hostname.
time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8";
me.secureBoot.enable = true;
# Early KMS
boot.initrd.kernelModules = [ "amdgpu" ];
# Mount tmpfs at /tmp
boot.tmp.useTmpfs = true;
environment.systemPackages = with pkgs; [
fw-ectool
];
me.alacritty.enable = true;
me.ansible.enable = true;
me.ares.enable = true;
me.bluetooth.enable = true;
me.chromecast.enable = true;
me.chromium.enable = true;
me.docker.enable = true;
me.emacs_flavor = "full";
me.firefox.enable = true;
me.git.config = ../../roles/git/files/gitconfig_home;
me.gpg.enable = true;
me.graphical = true;
me.graphics_card_type = "amd";
me.kanshi.enable = true;
me.kubernetes.enable = true;
me.latex.enable = true;
me.launch_keyboard.enable = true;
me.lvfs.enable = true;
me.media.enable = true;
me.nix_index.enable = true;
me.python.enable = true;
me.qemu.enable = true;
me.rust.enable = true;
me.sound.enable = true;
me.steam.enable = true;
me.sway.enable = true;
me.terraform.enable = true;
me.vnc_client.enable = true;
me.vscode.enable = true;
me.wasm.enable = true;
me.waybar.enable = true;
me.wireguard.activated = [
"drmario"
"wgh"
"colo"
];
me.wireguard.deactivated = [ "wgf" ];
me.zrepl.enable = true;
me.zsh.enable = true;
me.sm64ex.enable = true;
me.shipwright.enable = true;
me.ship2harkinian.enable = true;
}

148
nix/configuration/hosts/odo/disk-config.nix Normal file
View File

@ -0,0 +1,148 @@
# Manual Step:
# Check if drive supports 4kn: nvme id-ns -H /dev/nvme0n1
# Format the drive to 4kn: nvme format --lbaf=1 /dev/nvme0n1
{
config,
lib,
pkgs,
...
}:
lib.mkIf (!config.me.buildingIso) {
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
"noatime"
"discard"
];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
# mode = "mirror";
# Workaround: cannot import 'zroot': I/O error in disko tests
options.cachefile = "none";
options = {
ashift = "12";
compatibility = "openzfs-2.2-freebsd";
autotrim = "on";
};
rootFsOptions = {
acltype = "posixacl";
atime = "off";
relatime = "off";
xattr = "sa";
mountpoint = "none";
compression = "lz4";
canmount = "off";
utf8only = "on";
dnodesize = "auto";
normalization = "formD";
};
datasets = {
"linux/nix" = {
type = "zfs_fs";
options.mountpoint = "none";
options = {
encryption = "aes-256-gcm";
keyformat = "passphrase";
# keylocation = "file:///tmp/secret.key";
};
};
"linux/nix/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/root@blank$' || zfs snapshot zroot/linux/nix/root@blank";
};
"linux/nix/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/nix@blank$' || zfs snapshot zroot/linux/nix/nix@blank";
options = {
recordsize = "16MiB";
compression = "zstd-19";
};
};
"linux/nix/home" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/home";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/home@blank$' || zfs snapshot zroot/linux/nix/home@blank";
};
"linux/nix/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/persist@blank$' || zfs snapshot zroot/linux/nix/persist@blank";
};
"linux/nix/state" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/state";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/state@blank$' || zfs snapshot zroot/linux/nix/state@blank";
};
};
};
};
};
# Make sure all persistent volumes are marked as neededForBoot
#
# Also mounts /home so it is mounted before the user home directories are created.
fileSystems."/persist".neededForBoot = true;
fileSystems."/state".neededForBoot = true;
fileSystems."/home".neededForBoot = true;
fileSystems."/".options = [
"noatime"
"norelatime"
];
fileSystems."/nix".options = [
"noatime"
"norelatime"
];
fileSystems."/persist".options = [
"noatime"
"norelatime"
];
fileSystems."/state".options = [
"noatime"
"norelatime"
];
fileSystems."/home".options = [
"noatime"
"norelatime"
];
# Only attempt to decrypt the main pool. Otherwise it attempts to decrypt pools that aren't even used.
boot.zfs.requestEncryptionCredentials = [ "zroot/linux/nix" ];
}

36
nix/configuration/hosts/odo/hardware-configuration.nix Normal file
View File

@ -0,0 +1,36 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"thunderbolt"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp58s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

81
nix/configuration/hosts/odo/optimized_build.nix Normal file
View File

@ -0,0 +1,81 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{ }
(lib.mkIf (!config.me.buildingIso) {
nix.settings.system-features = lib.mkForce [
"gccarch-znver4"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
# nixpkgs.hostPlatform = {
# gcc.arch = "znver4";
# gcc.tune = "znver4";
# system = "x86_64-linux";
# };
nixpkgs.overlays = [
(
self: super:
let
optimizeWithFlags =
pkg: flags:
pkg.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ flags;
});
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = pkg.structuredExtraConfig // additionalConfig;
});
in
{
linux_znver4 =
addConfig
{
# Full preemption
PREEMPT = lib.mkOverride 60 lib.kernel.yes;
PREEMPT_VOLUNTARY = lib.mkOverride 60 lib.kernel.no;
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = lib.kernel.yes;
DEFAULT_BBR = lib.kernel.yes;
# Preemptive Full Tickless Kernel at 300Hz
HZ = lib.kernel.freeform "300";
HZ_300 = lib.kernel.yes;
HZ_1000 = lib.kernel.no;
}
(
optimizeWithFlags super.linux_6_12 [
"-march=znver4"
"-mtune=znver4"
]
);
}
)
];
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_znver4;
})
(lib.mkIf (config.me.buildingIso) {
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_6_12;
boot.supportedFilesystems.zfs = true;
})
];
}

59
nix/configuration/hosts/odo/power_management.nix Normal file
View File

@ -0,0 +1,59 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
environment.systemPackages = with pkgs; [
powertop
];
# amdgpu.abmlevel=3 :: Automatically reduce screen brightness but tweak colors to compensate for power reduction.
# pcie_aspm=force pcie_aspm.policy=powersupersave :: Enable PCIe active state power management for power reduction.
# nowatchdog :: Disable watchdog for power savings (related to disable_sp5100_watchdog above).
# amd_pstate=passive :: Fully automated hardware pstate control.
# amd_pstate=active :: Same as passive except we can set the energy performance preference (EPP) to suggest how much we prefer performance or energy efficiency.
# amd_pstate=guided :: Same as passive except we can set upper and lower frequency bounds.
# amdgpu.dcdebugmask=0x10 :: Allegedly disables Panel Replay from https://community.frame.work/t/tracking-freezing-arch-linux-amd/39495/32
boot.kernelParams = [
"amdgpu.abmlevel=3"
"pcie_aspm=force"
# "pcie_aspm.policy=powersupersave"
"nowatchdog"
# I don't see a measurable benefit from these two:
# "cpufreq.default_governor=powersave"
# "initcall_blacklist=cpufreq_gov_userspace_init"
];
systemd.tmpfiles.rules = [
"w- /sys/firmware/acpi/platform_profile - - - - low-power"
"w- /sys/devices/system/cpu/cpufreq/policy0/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy1/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy2/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy3/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy4/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy5/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy6/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy7/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy8/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy9/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy10/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy11/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy12/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy13/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy14/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy15/energy_performance_preference - - - - power"
];
boot.extraModprobeConfig = ''
# Disable the hardware watchdog inside AMD 700 chipset series for power savings.
blacklist sp5100_tco
# Sound power-saving was causing chat notifications to be inaudible.
# options snd_hda_intel power_save=1
'';
}

14
nix/configuration/hosts/odo/screen_brightness.nix Normal file
View File

@ -0,0 +1,14 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
systemd.tmpfiles.rules = [
"w- /sys/class/backlight/amdgpu_bl1/brightness - - - - 85"
];
}

21
nix/configuration/hosts/odo/wifi.nix Normal file
View File

@ -0,0 +1,21 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = {
environment.loginShellInit = lib.mkIf (!config.me.buildingIso) ''
doas iw dev wlan0 set power_save off
'';
# Enable debug logging for ath12k wifi card.
boot.kernelParams = [
"ath12k.debug_mask=0xffffffff"
];
};
}

48
nix/configuration/roles/2ship2harkinian/default.nix Normal file
View File

@ -0,0 +1,48 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
ship2harkinian.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install 2ship2harkinian.";
};
};
config = lib.mkIf config.me.ship2harkinian.enable (
lib.mkMerge [
{
allowedUnfree = [ "2ship2harkinian" ];
}
(lib.mkIf config.me.graphical {
environment.systemPackages = with pkgs; [
_2ship2harkinian
];
# TODO perhaps install ~/.local/share/2ship/2ship2harkinian.json
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
directory = ".local/share/2ship";
user = "talexander";
group = "talexander";
mode = "0755";
}
];
};
};
})
]
);
}

38
nix/configuration/roles/alacritty/default.nix Normal file
View File

@ -0,0 +1,38 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
alacritty.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install alacritty.";
};
};
config = lib.mkIf config.me.alacritty.enable (
lib.mkMerge [
(lib.mkIf config.me.graphical {
environment.systemPackages = with pkgs; [
alacritty
xdg-utils # for xdg-open
];
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".config/alacritty/alacritty.toml" = {
source = ./files/alacritty.toml;
};
};
})
]
);
}

44
nix/configuration/roles/alacritty/files/alacritty.toml Normal file
View File

@ -0,0 +1,44 @@
[colors]
draw_bold_text_with_bright_colors = true
indexed_colors = []
[colors.bright]
black = "0x666666"
blue = "0x7aa6da"
cyan = "0x54ced6"
green = "0x9ec400"
magenta = "0xb77ee0"
red = "0xff3334"
white = "0xffffff"
yellow = "0xe7c547"
[colors.normal]
black = "0x000000"
blue = "0x7aa6da"
cyan = "0x70c0ba"
green = "0xb9ca4a"
magenta = "0xc397d8"
red = "0xd54e53"
white = "0xeaeaea"
yellow = "0xe6c547"
[colors.primary]
background = "0x000000"
foreground = "0xeaeaea"
[font]
size = 11.0
[[hints.enabled]]
command = "xdg-open"
post_processing = true
regex = "(ipfs:|ipns:|magnet:|mailto:|gemini:|gopher:|https:|http:|news:|file:|git:|ssh:|ftp:)[^\u0000-\u001F\u007F-<>\"\\s{-}\\^⟨⟩`]+"
[hints.enabled.mouse]
enabled = false
mods = "None"
[scrolling]
history = 10000
# Lines moved per scroll.
multiplier = 3

86
nix/configuration/roles/ansible/default.nix Normal file
View File

@ -0,0 +1,86 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
ansible.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install ansible.";
};
};
config = lib.mkIf config.me.ansible.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
ansible
];
nixpkgs.overlays = [
(final: prev: {
ansible = pkgs.symlinkJoin {
name = "ansible";
paths = [
(prev.ansible.overridePythonAttrs {
propagatedBuildInputs = prev.ansible.propagatedBuildInputs ++ [ prev.python3Packages.jmespath ];
})
pkgs.ansible-sshjail
];
buildInputs = [ pkgs.makeWrapper ];
postBuild = ''
${lib.concatMapStringsSep "\n"
(
prog:
(
"wrapProgram $out/bin/${prog} ${
lib.concatMapStringsSep " "
(
plugin_type:
"--set ANSIBLE_${lib.toUpper plugin_type}_PLUGINS $out/share/ansible/plugins/${lib.toLower plugin_type}_plugins"
)
[
"action"
"cache"
"callback"
"connection"
"filter"
"inventory"
"lookup"
"shell"
"strategy"
"test"
"vars"
]
} --prefix PATH : ${lib.makeBinPath [ ]}"
)
)
[
"ansible"
"ansible-config"
"ansible-console"
"ansible-doc"
"ansible-galaxy"
"ansible-inventory"
"ansible-playbook"
"ansible-pull"
"ansible-test"
"ansible-vault"
]
}
'';
};
})
];
}
]
);
}

44
nix/configuration/roles/ares/default.nix Normal file
View File

@ -0,0 +1,44 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
ares.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install ares.";
};
};
config = lib.mkIf config.me.ares.enable (
lib.mkMerge [
{ }
(lib.mkIf config.me.graphical {
environment.systemPackages = with pkgs; [
ares
];
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
directory = ".local/share/ares";
user = "talexander";
group = "talexander";
mode = "0755";
}
];
};
};
})
]
);
}

30
nix/configuration/roles/blank/default.nix Normal file
View File

@ -0,0 +1,30 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
blank.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install blank.";
};
};
config = lib.mkIf config.me.blank.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
];
}
(lib.mkIf config.me.graphical {
})
]
);
}

46
nix/configuration/roles/bluetooth/default.nix Normal file
View File

@ -0,0 +1,46 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
bluetooth.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install bluetooth.";
};
};
config = lib.mkIf config.me.bluetooth.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
];
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
# Enable support for showing battery charge level.
Experimental = true;
};
};
};
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
directories = [
"/var/lib/bluetooth" # Bluetooth pairing information.
];
};
}
]
);
}

105
nix/configuration/roles/boot/default.nix Normal file
View File

@ -0,0 +1,105 @@
# ISO does not work with systemd initrd yet https://github.com/NixOS/nixpkgs/pull/291750
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options = {
me.secureBoot = {
enable = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
Enable to use secure boot.
'';
};
};
};
config = lib.mkMerge [
{
environment.systemPackages = with pkgs; [
tpm2-tools # For tpm2_eventlog to check for OptionRoms
# cp /sys/kernel/security/tpm0/binary_bios_measurements eventlog
# tpm2_eventlog eventlog | grep "BOOT_SERVICES_DRIVER"
sbctl # For debugging and troubleshooting Secure Boot.
];
}
(lib.mkIf (!config.me.buildingIso) {
boot.loader.grub.enable = false;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
# TODO: make not write bootx64.efi
boot.loader.efi.canTouchEfiVariables = false;
# Automatically delete old generations
boot.loader.systemd-boot.configurationLimit = 3;
boot.loader.systemd-boot.memtest86.enable = true;
# Check what will be lost with `zfs diff zroot/linux/root@blank`
boot.initrd.systemd.enable = lib.mkDefault true;
boot.initrd.systemd.services.zfs-rollback = {
description = "Rollback ZFS root dataset to blank snapshot";
wantedBy = [
"initrd.target"
];
after = [
"zfs-import-zroot.service"
];
before = [
"sysroot.mount"
];
path = with pkgs; [
zfs
];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
zfs rollback -r zroot/linux/nix/root@blank
zfs rollback -r zroot/linux/nix/home@blank
echo "rollback complete"
'';
};
# boot.loader.systemd-boot.extraEntries = {
# "windows.conf" = ''
# title Windows
# efi /EFI/Microsoft/Boot/bootmgfw.efi
# options root=PARTUUID=17e325bf-a378-4d1d-be6a-f6df5476f0fa
# '';
# };
})
(lib.mkIf (config.me.secureBoot.enable) {
environment.systemPackages = with pkgs; [
sbctl
];
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
directories = [
"/var/lib/sbctl" # Secure Boot Keys
];
};
})
];
}
# efibootmgr -c -d /dev/sda -p 1 -L NixOS-boot -l '\EFI\NixOS-boot\grubx64.efi'
# Text-only:
# sudo cp "$(nix-build '<nixpkgs>' --no-out-link -A 'refind')/share/refind/refind_x64.efi" /boot/EFI/boot/bootx64.efi
# Full graphics:
# $ sudo nix-shell -p refind efibootmgr
# $ refind-install

31
nix/configuration/roles/chromecast/default.nix Normal file
View File

@ -0,0 +1,31 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
chromecast.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install chromecast.";
};
};
config = lib.mkIf config.me.chromecast.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
catt
];
}
(lib.mkIf config.me.graphical {
})
]
);
}

65
nix/configuration/roles/chromium/default.nix Normal file
View File

@ -0,0 +1,65 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
chromium.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install chromium.";
};
};
config = lib.mkIf config.me.chromium.enable (
lib.mkMerge [
{ }
(lib.mkIf config.me.graphical {
environment.systemPackages = with pkgs; [
(chromium.override { enableWideVine = true; })
];
allowedUnfree = [
"chromium"
"chromium-unwrapped"
"widevine-cdm"
];
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
directory = ".config/chromium";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};
environment.persistence."/state" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
directory = ".cache/chromium";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};
# Enabling vulkan causes video to render as white
# nixpkgs.config.chromium.commandLineArgs = "--enable-features=Vulkan";
})
]
);
}

64
nix/configuration/roles/docker/default.nix Normal file
View File

@ -0,0 +1,64 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
docker.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install docker.";
};
};
config = lib.mkIf config.me.docker.enable (
lib.mkMerge [
{
virtualisation.docker.enable = true;
# Use docker activation
virtualisation.docker.enableOnBoot = false;
# Rootless docker breaks access to ssh for buildkit.
# virtualisation.docker.rootless = {
# enable = true;
# setSocketVariable = true;
# };
# Give docker access to ssh for fetching repos with buildkit.
virtualisation.docker.extraPackages = [ pkgs.openssh ];
environment.systemPackages = with pkgs; [
docker-buildx
];
environment.persistence."/state" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
directories = [
{
directory = "/var/lib/docker";
user = "root";
group = "root";
mode = "0740";
}
];
# users.talexander = {
# directories = [
# {
# directory = ".local/share/docker";
# user = "talexander";
# group = "talexander";
# mode = "0740";
# }
# ];
# };
};
# Needed for non-rootless docker
users.users.talexander.extraGroups = [ "docker" ];
}
]
);
}

167
nix/configuration/roles/emacs/default.nix Normal file
View File

@ -0,0 +1,167 @@
{
config,
lib,
pkgs,
...
}:
let
plainmacs =
emacs_package:
pkgs.writeShellScriptBin "plainmacs" ''
INIT_SCRIPT=$(cat <<EOF
(progn
(setq make-backup-files nil auto-save-default nil create-lockfiles nil)
(load-theme 'tango-dark t)
(set-face-attribute 'default nil :background "black")
;; Bright yellow highlighting for selected region
(set-face-attribute 'region nil :background "#ffff50" :foreground "black")
;; Bright green cursor to distinguish from yellow region
(set-cursor-color "#ccff66")
;; Hightlight the current line
(set-face-attribute 'line-number-current-line nil :foreground "white")
;; Set default font
(set-face-attribute 'default nil :height 100 :width 'regular :weight 'regular :family "Cascadia Mono")
;; Set fallback font for unicode glyphs
(when (display-graphic-p)
(set-fontset-font "fontset-default" nil (font-spec :name "Noto Color Emoji")))
(menu-bar-mode -1)
(when (fboundp 'tool-bar-mode)
(tool-bar-mode -1))
(when ( fboundp 'scroll-bar-mode)
(scroll-bar-mode -1))
(pixel-scroll-precision-mode)
(setq frame-resize-pixelwise t)
)
EOF
)
exec ${emacs_package}/bin/emacs -q --eval "$INIT_SCRIPT" "''${@}"
'';
e_shorthand =
emacs_package:
pkgs.writeShellScriptBin "e" ''
exec ${emacs_package}/bin/emacs "''${@}"
'';
in
{
imports = [ ];
options.me.emacs_flavor = lib.mkOption {
type = lib.types.nullOr (
lib.types.enum [
"full"
"plainmacs"
]
);
default = null;
example = "full";
description = "What flavor of emacs to set up.";
};
config = lib.mkIf (config.me.emacs_flavor != null) (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
my_emacs
(plainmacs my_emacs)
(e_shorthand my_emacs)
];
environment.persistence."/state" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
".config/emacs/eln-cache" # Installed packages
".config/emacs/elpa" # Installed packages
".config/emacs/private" # For recentf
".config/emacs/tree-sitter" # Compiled tree-sitter grammars
];
files = [
".config/emacs/history" # For savehist
".config/emacs/.last-package-update-day" # For use-package
];
};
};
environment.variables.EDITOR = "plainmacs";
}
(lib.mkIf (config.me.graphical) {
nixpkgs.overlays = [
(final: prev: {
my_emacs = final.emacs29-pgtk;
})
];
})
(lib.mkIf (!config.me.graphical) {
nixpkgs.overlays = [
(final: prev: {
my_emacs = final.emacs-nox;
})
];
})
(lib.mkIf (config.me.emacs_flavor == "full") {
nixpkgs.overlays = [
(final: prev: {
my_emacs = pkgs.buildEnv {
name = prev.my_emacs.name;
paths = with prev; [
my_emacs
];
extraOutputsToInstall = [
"man"
"doc"
"info"
];
buildInputs = [ final.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/emacs --prefix PATH : ${
lib.makeBinPath [
(final.aspellWithDicts (
dicts: with dicts; [
en
en-computers
]
))
final.nixd # nix language server
final.nixfmt-rfc-style # auto-formatting nix files through nixd
final.clang # To compile tree-sitter grammars
final.shellcheck
final.cmake-language-server
final.cmake # Used by cmake-language-server
]
}
'';
};
})
];
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".config/emacs" = {
source = ./files/emacs;
recursive = true;
};
};
})
(lib.mkIf (config.me.emacs_flavor == "plainmacs") {
nixpkgs.overlays = [
(final: prev: {
my_emacs = pkgs.buildEnv {
name = prev.my_emacs.name;
paths = with prev; [
my_emacs
];
extraOutputsToInstall = [
"man"
"doc"
"info"
];
};
})
];
})
]
);
}

25
nix/configuration/roles/emacs/files/emacs/early-init.el Normal file
View File

@ -0,0 +1,25 @@
(setq gc-cons-threshold (* 128 1024 1024)) ;; 128MiB Increase garbage collection threshold for performance (default 800000)
;; Increase amount of data read from processes, default 4k
(when (version<= "27.0" emacs-version)
(setq read-process-output-max (* 10 1024 1024)) ;; 10MiB
)
;; Suppress warnings
(setq byte-compile-warnings '(not obsolete))
(setq warning-suppress-log-types '((comp) (bytecomp)))
(setq native-comp-async-report-warnings-errors 'silent)
;; Set up default visual settings
(setq frame-resize-pixelwise t)
;; Disable toolbar & menubar
(menu-bar-mode -1)
(when (fboundp 'tool-bar-mode)
(tool-bar-mode -1))
(when (display-graphic-p)
(context-menu-mode +1))
(setq default-frame-alist '((fullscreen . maximized)
(vertical-scroll-bars . nil)
(horizontal-scroll-bars . nil)
;; Set dark colors in early-init to prevent flashes of white.
(background-color . "#000000")))

86
nix/configuration/roles/emacs/files/emacs/elisp/base-extensions.el Normal file
View File

@ -0,0 +1,86 @@
(use-package diminish)
;; Eglot recommends pulling the latest of the standard libraries it
;; uses from ELPA if you're not tracking the current.config/emacsevelopment
;; branch.
(use-package xref
:pin gnu
)
(use-package eldoc
:pin gnu
:diminish
)
;; Other packages
(use-package emacs
:config
(setq enable-recursive-minibuffers t)
;; Filter the M-x list base on the current mode
(setq read-extended-command-predicate #'command-completion-default-include-p)
;; Enable triggering completion with the tab key.
(setq tab-always-indent 'complete)
)
(use-package dashboard
:config
(dashboard-setup-startup-hook))
(when (version<= "26.0.50" emacs-version )
(add-hook 'prog-mode-hook 'display-line-numbers-mode)
(add-hook 'prog-mode-hook 'column-number-mode)
)
;; Display a horizontal line instead of ^L for page break characters
(use-package page-break-lines
:diminish
:config
(global-page-break-lines-mode +1)
)
(use-package recentf
;; This is an emacs built-in but we're pulling the latest version
:config
(setq recentf-max-saved-items 100)
(setq recentf-save-file (recentf-expand-file-name "~/.config/emacs/private/cache/recentf"))
(recentf-mode 1))
;; Persist history over Emacs restarts. Vertico sorts by history position.
(use-package savehist
;; This is an emacs built-in but we're pulling the latest version
:config
(savehist-mode))
(use-package which-key
:diminish
:config
(which-key-mode))
(use-package windmove
:config
(windmove-default-keybindings))
(setq tramp-default-method "ssh")
(use-package nginx-mode
:mode (
("headers\\.include\\'" . nginx-mode)
)
:config
(setq nginx-indent-level 4))
(use-package systemd
:mode
(("\\.service\\'" . systemd-mode)
("\\.timer\\'" . systemd-mode))
)
(use-package pkgbuild-mode
:mode
(("PKGBUILD\\'" . pkgbuild-mode))
)
(provide 'base-extensions)

127
nix/configuration/roles/emacs/files/emacs/elisp/base-functions.el Normal file
View File

@ -0,0 +1,127 @@
;; ========== Function to reload current file =================
(defun reload-file ()
"Revert buffer without confirmation."
(interactive)
(revert-buffer :ignore-auto :noconfirm))
;; ===========================================================
;; ============= Run commands ================================
(defun run-command-on-buffer (cmd &rest args)
"Run a command using the current buffer as stdin and replacing its contents if the command succeeds with the stdout from the command. This is useful for code formatters."
(let (
(stdout-buffer (generate-new-buffer "tmp-stdout" t))
(full-cmd (append '(call-process-region nil nil cmd nil stdout-buffer nil) args))
)
(unwind-protect
(let ((exit-status (eval full-cmd)))
(if (eq exit-status 0)
(save-excursion
(replace-buffer-contents stdout-buffer)
)
(message "FAILED running command on buffer %s" (append (list cmd) args))
)
)
(kill-buffer stdout-buffer)
)
)
)
(defun run-command-in-directory (dir cmd &rest args)
"Run a command in the specified directory. If the directory is nil, the directory of the file is used. The stdout result is trimmed of whitespace and returned."
(let (
(default-directory (or dir default-directory))
(stdout-buffer (generate-new-buffer "tmp-stdout" t))
(full-cmd (append '(call-process cmd nil (list stdout-buffer nil) nil) args))
)
(unwind-protect
(let ((exit-status (condition-case nil (eval full-cmd) (file-missing nil))))
(if (eq exit-status 0)
(progn
(with-current-buffer stdout-buffer
(string-trim (buffer-string))
)
)
)
)
(kill-buffer stdout-buffer)
)
)
)
(defun load-directory (dir)
(let ((load-it (lambda (f)
(load-file (concat (file-name-as-directory dir) f)))
))
(mapc load-it (directory-files dir nil "\\.el$"))))
(defun generate-vc-link ()
(interactive)
(or
(generate-github-link)
(generate-source-hut-link)
)
)
(defun generate-github-link ()
"Generate a permalink to the current line."
(interactive)
(let (
(current-rev (vc-working-revision buffer-file-name))
(line-number (line-number-at-pos))
(repository-url (vc-git-repository-url buffer-file-name))
(relative-path (file-relative-name buffer-file-name (vc-root-dir)))
)
(save-match-data
(and (string-match "\\(git@github\.com:\\|https://github\.com/\\)\\([^/]+\\)/\\([^.]+\\).git" repository-url)
(let* (
(gh-org (match-string 2 repository-url))
(gh-repo (match-string 3 repository-url))
(full-url (format "https://github.com/%s/%s/blob/%s/%s?plain=1#L%s" gh-org gh-repo current-rev relative-path line-number))
)
(message "%s" full-url)
(kill-new full-url)
t
)
)
)
)
)
(defun generate-source-hut-link ()
"Generate a permalink to the current line."
(interactive)
(let (
(current-rev (vc-working-revision buffer-file-name))
(line-number (line-number-at-pos))
(repository-url (vc-git-repository-url buffer-file-name))
(relative-path (file-relative-name buffer-file-name (vc-root-dir)))
)
(message "Using repo url %s" repository-url)
(save-match-data
(and (string-match "https://git.sr.ht/\\([^/]+\\)/\\([^/]+\\)" repository-url)
(let* (
(sh-org (match-string 1 repository-url))
(sh-repo (match-string 2 repository-url))
(full-url (format "https://git.sr.ht/%s/%s/tree/%s/%s#L%s" sh-org sh-repo current-rev relative-path line-number))
)
(message "%s" full-url)
(kill-new full-url)
t
)
)
)
)
)
(defmacro when-linux (&rest body)
"Execute only when on Linux."
(declare (indent defun))
`(when (eq system-type 'gnu/linux) ,@body))
(defmacro when-freebsd (&rest body)
"Execute only when on FreeBSD."
(declare (indent defun))
`(when (eq system-type 'berkeley-unix) ,@body))
(provide 'base-functions)

12
nix/configuration/roles/emacs/files/emacs/elisp/base-global-keys.el Normal file
View File

@ -0,0 +1,12 @@
;; Add your keys here, as such
;; Disable the suspend frame hotkeys
(global-unset-key (kbd "C-z"))
(global-unset-key (kbd "C-x C-z"))
;; dabbrev-expand. Seems to be some sort of dumb-expand. Accidentally hitting it when trying to use M-?
(global-unset-key (kbd "M-/"))
(global-set-key (kbd "C-x g l") 'generate-vc-link)
(provide 'base-global-keys)

15
nix/configuration/roles/emacs/files/emacs/elisp/base-theme.el Normal file
View File

@ -0,0 +1,15 @@
;; Set theme
(load-theme 'tango-dark t)
(set-face-attribute 'default nil :background "black")
;; Bright yellow highlighting for selected region
(set-face-attribute 'region nil :background "#ffff50" :foreground "black")
;; Bright green cursor to distinguish from yellow region
(set-face-attribute 'cursor nil :background "#ccff66")
;; Hightlight the current line
(set-face-attribute 'line-number-current-line nil :foreground "white")
;; Set default font
(set-face-attribute 'default nil :height 100 :width 'regular :weight 'regular :family "Cascadia Mono")
;; Set fallback font for unicode glyphs
(set-fontset-font t 'emoji (font-spec :name "Noto Color Emoji") nil 'prepend)
(provide 'base-theme)

94
nix/configuration/roles/emacs/files/emacs/elisp/base.el Normal file
View File

@ -0,0 +1,94 @@
(package-initialize)
(use-package use-package)
(add-to-list 'package-archives
'("melpa" . "https://melpa.org/packages/")
)
(use-package auto-package-update
:ensure t
:config
(setq auto-package-update-delete-old-versions t
auto-package-update-interval 14)
(auto-package-update-maybe))
(defun assert-directory (p)
(unless (file-exists-p p) (make-directory p t))
p
)
(defconst private-dir (expand-file-name "private" user-emacs-directory))
(defconst temp-dir (format "%s/cache" private-dir)
"Hostname-based elisp temp directories")
(assert-directory (concat temp-dir "/auto-save-list/"))
(setq autoload-directory (concat user-emacs-directory (file-name-as-directory "elisp") (file-name-as-directory "autoload")))
(add-to-list 'load-path (assert-directory autoload-directory))
(setq-default
;; Disable backup files and lockfiles
make-backup-files nil
auto-save-default nil
create-lockfiles nil
;; Unless otherwise specified, always install packages if they are absent.
use-package-always-ensure t
;; Point custom-file at /dev/null so emacs does not write any settings to my dotfiles.
custom-file "/dev/null"
;; Don't pop up a small window at the bottom of emacs at launch.
inhibit-startup-screen t
inhibit-startup-message t
;; Don't show the list of buffers when opening many files.
inhibit-startup-buffer-menu t
;; Give the scratch buffer a clean slate.
initial-major-mode 'fundamental-mode
initial-scratch-message nil
;; Send prompts to mini-buffer not the GUI
use-dialog-box nil
;; End files with line break
require-final-newline t
;; Use spaces, not tabs
indent-tabs-mode nil
;; Use a better frame title
frame-title-format '("" invocation-name ": "(:eval (if (buffer-file-name)
(abbreviate-file-name (buffer-file-name))
"%b")))
;; Use 'y' or 'n' instead of 'yes' or 'no'
use-short-answers t
;; Natively compile packages
package-native-compile t
;; Confirm when opening a file that does not exist
confirm-nonexistent-file-or-buffer t
;; Do not require double space to end a sentence.
sentence-end-double-space nil
;; Show trailing whitespace
show-trailing-whitespace t
;; Remove the line when killing it with ctrl-k
kill-whole-line t
)
;; (setq-default fringes-outside-margins t)
;; Per-pixel scrolling instead of per-line
(pixel-scroll-precision-mode)
;; Typed text replaces selection
(delete-selection-mode)
;; Delete trailing whitespace before save
(add-hook 'before-save-hook 'delete-trailing-whitespace)
;; If the underlying file changes, reload it automatically. This is useful for moving around in git without confusing language servers.
(setopt auto-revert-avoid-polling t)
(setopt auto-revert-interval 5)
(setopt auto-revert-check-vc-info t)
(global-auto-revert-mode)
;;;;; Performance
;; Run garbage collect when emacs is idle
(run-with-idle-timer 5 t (lambda () (garbage-collect)))
(add-function :after after-focus-change-function
(lambda ()
(unless (frame-focus-state)
(garbage-collect))))
(provide 'base)

47
nix/configuration/roles/emacs/files/emacs/elisp/common-lsp.el Normal file
View File

@ -0,0 +1,47 @@
(use-package eglot
:pin gnu
:commands (eglot eglot-ensure)
:bind (:map eglot-mode-map
;; M-.
;; ([remap xref-find-definitions] . lsp-ui-peek-find-definitions)
;; M-?
;; ([remap xref-find-references] . lsp-ui-peek-find-references)
("C-c C-a" . eglot-code-actions)
;; C-M-.
([remap xref-find-apropos] . #'consult-eglot-symbols)
)
;; :hook (
;; (eglot-managed-mode . (lambda ()
;; (when (eglot-managed-p)
;; (corfu-mode +1)
;; )
;; ))
;; )
:config
(fset #'jsonrpc--log-event #'ignore) ;; Disable logging LSP traffic for performance boost
(set-face-attribute 'eglot-highlight-symbol-face nil :background "#0291a1" :foreground "black")
(set-face-attribute 'eglot-mode-line nil :inherit 'mode-line :bold nil)
:custom
(eglot-autoshutdown t "Shut down server when last buffer is killed.")
(eglot-sync-connect 0 "Don't block on language server starting.")
(eglot-send-changes-idle-time 0.1)
)
(use-package consult-eglot
:commands (consult-eglot-symbols)
)
(use-package company
:after eglot
:hook (eglot-managed-mode . company-mode)
:config
(setq company-backends '((company-capf)))
(setq company-idle-delay 0) ;; Default 0.2
)
;; (use-package company-box
;; :hook (company-mode . company-box-mode))
(provide 'common-lsp)

16
nix/configuration/roles/emacs/files/emacs/elisp/lang-bash.el Normal file
View File

@ -0,0 +1,16 @@
(require 'util-tree-sitter)
(use-package bash-ts-mode
:ensure nil
:commands (bash-ts-mode)
:hook (
(bash-ts-mode . (lambda ()
(flymake-mode +1)
)))
:init
(add-to-list 'major-mode-remap-alist '(sh-mode . bash-ts-mode))
(add-to-list 'treesit-language-source-alist '(bash "https://github.com/tree-sitter/tree-sitter-bash"))
(unless (treesit-ready-p 'bash) (treesit-install-language-grammar 'bash))
)
(provide 'lang-bash)

49
nix/configuration/roles/emacs/files/emacs/elisp/lang-c.el Normal file
View File

@ -0,0 +1,49 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(defun locate-compile-commands-file ()
"See if compile_commands.json exists."
;; This can be generated by prefixing the make command with `intercept-build15 --append`
(let ((compile-commands-file (locate-dominating-file (buffer-file-name) "compile_commands.json")))
compile-commands-file
)
)
(defun activate-c-eglot ()
"Activate eglot for the c family of languages."
(when (locate-compile-commands-file)
(eglot-ensure)
(defclass my/eglot-c (eglot-lsp-server) ()
:documentation
"Own eglot server class.")
(add-to-list 'eglot-server-programs
'(c-ts-mode . (my/eglot-c "/usr/local/bin/clangd15")))
(add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
)
)
(use-package c-mode
:mode (
("\\.c\\'" . c-ts-mode)
("\\.h\\'" . c-or-c++-ts-mode)
)
:commands (c-mode c-ts-mode)
:pin manual
:ensure nil
:hook (
(c-ts-mode . (lambda ()
(activate-c-eglot)
))
)
:init
(add-to-list 'major-mode-remap-alist '(c-mode . c-ts-mode))
(add-to-list 'major-mode-remap-alist '(c++-mode . c++-ts-mode))
(add-to-list 'major-mode-remap-alist '(c-or-c++-mode . c-or-c++-ts-mode))
(add-to-list 'treesit-language-source-alist '(c "https://github.com/tree-sitter/tree-sitter-c"))
(add-to-list 'treesit-language-source-alist '(cpp "https://github.com/tree-sitter/tree-sitter-cpp"))
(unless (treesit-ready-p 'c) (treesit-install-language-grammar 'c))
(unless (treesit-ready-p 'cpp) (treesit-install-language-grammar 'cpp))
)
(provide 'lang-c)

0
ansible/roles/emacs/files/elisp/lang-cmake.el → nix/configuration/roles/emacs/files/emacs/elisp/lang-cmake.el
View File

13
nix/configuration/roles/emacs/files/emacs/elisp/lang-dockerfile.el Normal file
View File

@ -0,0 +1,13 @@
(use-package dockerfile-ts-mode
:pin manual
:mode (
("Dockerfile\\'" . dockerfile-ts-mode)
)
:commands (dockerfile-mode dockerfile-ts-mode)
:init
(add-to-list 'major-mode-remap-alist '(dockerfile-mode . dockerfile-ts-mode))
(add-to-list 'treesit-language-source-alist '(dockerfile "https://github.com/camdencheek/tree-sitter-dockerfile"))
(unless (treesit-ready-p 'dockerfile) (treesit-install-language-grammar 'dockerfile))
)
(provide 'lang-dockerfile)

33
nix/configuration/roles/emacs/files/emacs/elisp/lang-go.el Normal file
View File

@ -0,0 +1,33 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(use-package go-ts-mode
:pin manual
:mode (
("\\.go\\'" . go-ts-mode)
("/go\\.mod\\'" . go-mod-ts-mode)
)
:commands (go-ts-mode go-mod-ts-mode)
:hook (
(go-ts-mode . (lambda ()
(when-linux
(eglot-ensure)
)
))
(go-mod-ts-mode . (lambda ()
(when-linux
(eglot-ensure)
)
))
;; (before-save . lsp-format-buffer)
)
:init
(add-to-list 'treesit-language-source-alist '(go "https://github.com/tree-sitter/tree-sitter-go"))
(add-to-list 'treesit-language-source-alist '(gomod "https://github.com/camdencheek/tree-sitter-go-mod"))
(unless (treesit-ready-p 'go) (treesit-install-language-grammar 'go))
(unless (treesit-ready-p 'gomod) (treesit-install-language-grammar 'gomod))
)
(provide 'lang-go)

177
nix/configuration/roles/emacs/files/emacs/elisp/lang-javascript.el Normal file
View File

@ -0,0 +1,177 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(use-package json-ts-mode
:ensure nil
:pin manual
:mode (
("\\.json\\'" . json-ts-mode)
)
:commands (json-ts-mode)
:hook (
(json-ts-mode . (lambda ()
(add-hook 'before-save-hook 'json-fmt-jq nil 'local)
))
)
:init
(add-to-list 'treesit-language-source-alist '(json "https://github.com/tree-sitter/tree-sitter-json"))
(unless (treesit-ready-p 'json) (treesit-install-language-grammar 'json))
)
(defun json-fmt-jq ()
"Run jq."
(run-command-on-buffer "jq" "--monochrome-output" ".")
)
(defun configure-typescript-language-server ()
"Configures the typescript language server."
(when-linux
;; Either initializationOptions or workspace/didChangeConfiguration works.
(setq eglot-workspace-configuration
(list (cons ':typescript '(:inlayHints (:includeInlayParameterNameHints
"all"
:includeInlayParameterNameHintsWhenArgumentMatchesName
t
:includeInlayFunctionParameterTypeHints
t
:includeInlayVariableTypeHints
t
:includeInlayVariableTypeHintsWhenTypeMatchesName
t
:includeInlayPRopertyDeclarationTypeHints
t
:includeInlayFunctionLikeReturnTypeHints
t
:includeInlayEnumMemberValueHints
t)))))
(eglot-ensure)
;; (defclass my/eglot-typescript (eglot-lsp-server) ()
;; :documentation
;; "Own eglot server class.")
;; (add-to-list 'eglot-server-programs
;; '((js-mode js-ts-mode tsx-ts-mode typescript-ts-mode typescript-mode) . (my/eglot-typescript "typescript-language-server" "--stdio" :initializationOptions (:preferences (:includeInlayParameterNameHints
;; "all"
;; :includeInlayParameterNameHintsWhenArgumentMatchesName
;; t
;; :includeInlayFunctionParameterTypeHints
;; t
;; :includeInlayVariableTypeHints
;; t
;; :includeInlayVariableTypeHintsWhenTypeMatchesName
;; t
;; :includeInlayPRopertyDeclarationTypeHints
;; t
;; :includeInlayFunctionLikeReturnTypeHints
;; t
;; :includeInlayEnumMemberValueHints
;; t)))))
)
)
(use-package tsx-ts-mode
:ensure nil
:pin manual
:mode (
("\\.tsx\\'" . tsx-ts-mode)
)
:commands (tsx-ts-mode)
:hook (
(tsx-ts-mode . (lambda ()
(when-linux
(configure-typescript-language-server)
)
))
)
:init
(add-to-list 'treesit-language-source-alist '(tsx . ("https://github.com/tree-sitter/tree-sitter-typescript" "master" "tsx/src")))
(unless (treesit-ready-p 'tsx) (treesit-install-language-grammar 'tsx))
)
(use-package typescript-ts-mode
:ensure nil
:pin manual
:mode (
("\\.ts\\'" . typescript-ts-mode)
)
:commands (typescript-ts-mode)
:hook (
(typescript-ts-mode . (lambda ()
(configure-typescript-language-server)
))
)
:init
(add-to-list 'treesit-language-source-alist '(typescript . ("https://github.com/tree-sitter/tree-sitter-typescript" "master" "typescript/src")))
(unless (treesit-ready-p 'typescript) (treesit-install-language-grammar 'typescript))
)
(use-package js-ts-mode
:ensure nil
:pin manual
:mode (
("\\.js\\'" . js-ts-mode)
)
:commands (js-ts-mode)
:hook (
(js-ts-mode . (lambda ()
(when-linux
(eglot-ensure)
)
))
)
:init
(add-to-list 'treesit-language-source-alist '(javascript . ("https://github.com/tree-sitter/tree-sitter-javascript" "master" "src")))
(unless (treesit-ready-p 'javascript) (treesit-install-language-grammar 'javascript))
)
(defun prettier-fmt ()
"Run prettier."
(run-command-on-buffer "prettier" "--stdin-filepath" buffer-file-name)
)
(use-package css-ts-mode
:ensure nil
:pin manual
:mode (
("\\.css\\'" . css-ts-mode)
)
:commands (css-ts-mode)
:custom (css-indent-offset 2)
:init
(add-to-list 'treesit-language-source-alist '(css "https://github.com/tree-sitter/tree-sitter-css"))
(unless (treesit-ready-p 'css) (treesit-install-language-grammar 'css))
:hook (
(css-ts-mode . (lambda ()
(eglot-ensure)
(defclass my/eglot-css (eglot-lsp-server) ()
:documentation
"Own eglot server class.")
(add-to-list 'eglot-server-programs
'(css-ts-mode . (my/eglot-css "vscode-css-language-server" "--stdio")))
;; (add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
(add-hook 'before-save-hook 'prettier-fmt nil 'local)
))
)
)
(use-package web-mode
:mode (("\\.dust\\'" . dust-mode)
)
:config
(setq web-mode-markup-indent-offset 2)
(setq web-mode-enable-current-element-highlight t)
)
;; Define a custom mode for dust so that org-mode handle #+BEGIN_SRC dust blocks
(define-derived-mode dust-mode web-mode "WebDust"
"Major mode for editing dust templates in web-mode."
(web-mode)
(web-mode-set-engine "dust")
;; (setq web-mode-content-type "html")
)
(provide 'lang-javascript)

21
nix/configuration/roles/emacs/files/emacs/elisp/lang-lua.el Normal file
View File

@ -0,0 +1,21 @@
(defun lua-format-buffer ()
"Run stylua."
(interactive)
(run-command-on-buffer "stylua" "--search-parent-directories" "--stdin-filepath" buffer-file-name "-")
)
(use-package lua-mode
:mode
(("\\.lua\\'" . lua-mode)
("\\.rockspec\\'" . lua-mode))
:commands lua-mode
:hook (
(lua-mode . (lambda ()
(add-hook 'before-save-hook 'lua-format-buffer nil 'local)
))
)
:custom
(lua-indent-level 4)
)
(provide 'lang-lua)

14
nix/configuration/roles/emacs/files/emacs/elisp/lang-markdown.el Normal file
View File

@ -0,0 +1,14 @@
(use-package markdown-mode
:ensure t
:commands (markdown-mode gfm-mode)
:mode (("README\\.md\\'" . gfm-mode)
("\\.md\\'" . markdown-mode)
("\\.markdown\\'" . markdown-mode))
:init (setq markdown-command "multimarkdown"))
;; For code block editing
(use-package edit-indirect
:commands (edit-indirect-region edit-indirect-save edit-indirect-abort edit-indirect-commit edit-indirect-display-active-buffer)
)
(provide 'lang-markdown)

22
nix/configuration/roles/emacs/files/emacs/elisp/lang-nix.el Normal file
View File

@ -0,0 +1,22 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(use-package nix-mode
:mode (("\\.nix\\'" . nix-mode)
)
:commands nix-mode
:hook (
(nix-mode . (lambda ()
(eglot-ensure)
(defclass my/eglot-nix (eglot-lsp-server) ()
:documentation
"Own eglot server class.")
(add-to-list 'eglot-server-programs
'(nix-mode . (my/eglot-nix "nixd")))
(add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
))
)
)
(provide 'lang-nix)

83
nix/configuration/roles/emacs/files/emacs/elisp/lang-org.el Normal file
View File

@ -0,0 +1,83 @@
(use-package org
:ensure nil
:commands org-mode
:bind (
("C-c l" . org-store-link)
("C-c a" . org-agenda)
("C--" . org-timestamp-down)
("C-=" . org-timestamp-up)
)
:hook (
(org-mode . (lambda ()
(org-indent-mode +1)
))
)
:config
(require 'org-tempo)
(setq org-export-latex-listings t)
(setq org-startup-truncated nil)
(setq org-startup-folded nil)
(setq org-src-fontify-natively t
org-src-tab-acts-natively t
org-confirm-babel-evaluate nil
)
;; Show the full source of org-mode links instead of condensing them. I.E. render "[[foo]]" instead of "foo"
(setq org-descriptive-links nil)
;; Only interpret _ and ^ and sub and superscripts if they're of the form _{subscript} and ^{superscript}
(setq org-export-with-sub-superscripts '{})
;; Don't include a "validate" link at the bottom of html export
(setq org-html-validation-link nil)
(setq org-latex-listings 'minted)
(setq org-latex-minted-options '(("breaklines" "true")
("breakanywhere" "true")
("bgcolor" "mintedbg") ("frame" "single") ("framesep" "6pt") ("fontsize" "\\footnotesize")))
;; TODO: There is an option to set the compiler, could be better than manually doing this here https://orgmode.org/manual/LaTeX_002fPDF-export-commands.html
;; (setq org-latex-compiler "lualatex")
;; TODO: nixos latex page recommends this line, figure out what it does / why its needed:
;; (setq org-preview-latex-default-process 'dvisvgm)
(setq org-latex-pdf-process
'("lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"
"lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"
"lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"))
(add-to-list 'org-latex-packages-alist '("cache=false" "minted"))
(add-to-list 'org-latex-packages-alist '("" "svg"))
(add-to-list 'org-latex-packages-alist '("margin=2cm" "geometry" nil))
(add-to-list 'org-src-lang-modes '("dot" . "graphviz-dot"))
(org-babel-do-load-languages 'org-babel-load-languages
'((shell . t)
(js . t)
(emacs-lisp . t)
(python . t)
(dot . t)
(css . t)
(gnuplot . t)
(sqlite . t)
))
(require 'color)
(let ((bg (face-attribute 'default :background)))
(custom-set-faces
`(org-block ((t (:inherit default :background ,(color-lighten-name bg 15) :extend ,t))))
`(org-block-begin-line ((t (:inherit default :background ,"#472300" :extend ,t))))
`(org-block-end-line ((t (:inherit default :background ,"#472300" :extend ,t))))
))
)
(use-package org-bullets
:commands org-bullets-mode
:hook (org-mode . org-bullets-mode)
)
(use-package gnuplot-mode)
(use-package gnuplot)
(use-package graphviz-dot-mode)
(provide 'lang-org)

92
nix/configuration/roles/emacs/files/emacs/elisp/lang-python.el Normal file
View File

@ -0,0 +1,92 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(defun python-backspace (arg)
"Special handling of python backspace."
(interactive "*p")
(if mark-active
(backward-delete-char-untabify arg)
(python-indent-dedent-line-backspace arg)
)
)
(defun locate-venv-poetry ()
"Find a poetry venv."
(run-command-in-directory nil "poetry" "env" "info" "-p")
)
(defun locate-pyproject-directory ()
"Adapt lsp-python-ms for poetry."
(let ((pypoetry-file (locate-dominating-file (buffer-file-name) "pyproject.toml")))
pypoetry-file
)
)
(defun python-fmt ()
"format python."
(python-fmt-black)
(python-fmt-isort)
)
(defun python-fmt-black ()
"Run black."
(run-command-on-buffer "black" "--quiet" "--fast" "-")
)
(defun python-fmt-isort ()
"Run isort."
(run-command-on-buffer "isort" "-")
)
(defun add-poetry-venv-to-path ()
"Add the bin folder in the poetry venv to exec-path."
(let (
(venv-path (locate-venv-poetry))
)
(when venv-path
(make-local-variable 'exec-path)
(add-to-list 'exec-path (concat venv-path "/bin"))
)
)
)
(use-package python
:mode ("\\.py\\'" . python-ts-mode)
:commands (python-mode python-ts-mode)
:pin manual
:hook (
(python-ts-mode . (lambda ()
(when-linux
(when (executable-find "poetry")
(add-poetry-venv-to-path)
(let ((venv (locate-venv-poetry))) (when venv
(setq eglot-workspace-configuration
(list (cons ':python (list ':venvPath venv ':pythonPath (concat venv "/bin/python")))))
))
)
(eglot-ensure)
)
;; (when-freebsd
;; (eglot-ensure)
;; (defclass my/eglot-pylyzer (eglot-lsp-server) ()
;; :documentation
;; "Own eglot server class.")
;; (add-to-list 'eglot-server-programs
;; '(python-ts-mode . (my/eglot-pylyzer "pylyzer" "--server")))
;; )
(add-hook 'before-save-hook 'python-fmt nil 'local)
))
)
:bind ((:map python-ts-mode-map ([backspace] . python-backspace))
)
:init
(add-to-list 'major-mode-remap-alist '(python-mode . python-ts-mode))
(add-to-list 'treesit-language-source-alist '(python "https://github.com/tree-sitter/tree-sitter-python"))
(unless (treesit-ready-p 'python) (treesit-install-language-grammar 'python))
)
(provide 'lang-python)

92
nix/configuration/roles/emacs/files/emacs/elisp/lang-rust.el Normal file
View File

@ -0,0 +1,92 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(defun locate-rust-analyzer ()
"Find rust-analyzer."
(let ((rust-analyzer-paths (list (locate-rust-analyzer-rustup) (locate-rust-analyzer-ansible-built) (locate-rust-analyzer-in-path))))
(let ((first-non-nil-path (seq-find (lambda (elt) elt) rust-analyzer-paths)))
first-non-nil-path
)
)
)
(defun locate-rust-analyzer-rustup ()
"Find rust-analyzer through rustup."
(run-command-in-directory nil "rustup" "which" "rust-analyzer")
)
(defun locate-rust-analyzer-ansible-built ()
"Find rust-analyzer where the ansible playbook built it."
(let ((rust-analyzer-path "/opt/rust-analyzer/target/release/rust-analyzer"))
(when (file-exists-p rust-analyzer-path)
rust-analyzer-path
)
)
)
(defun locate-rust-analyzer-in-path ()
"Find rust-analyzer in $PATH."
(executable-find "rust-analyzer")
)
(use-package rust-ts-mode
:pin manual
:mode (
("\\.rs\\'" . rust-ts-mode)
)
:commands (rust-ts-mode)
:hook (
(rust-ts-mode . (lambda ()
(eglot-ensure)
;; Disable on-type formatting which was incorrectly injecting parenthesis into my code.
(make-local-variable 'eglot-ignored-server-capabilities)
(add-to-list 'eglot-ignored-server-capabilities :documentOnTypeFormattingProvider)
;; Configure initialization options
(let ((rust-analyzer-command (locate-rust-analyzer)))
(when rust-analyzer-command
;; (add-to-list 'eglot-server-programs `(rust-ts-mode . (,rust-analyzer-command)))
(add-to-list 'eglot-server-programs `(rust-ts-mode . (,rust-analyzer-command :initializationOptions (:imports (:granularity (:enforce t :group "item")
:merge (:glob nil)
:prefix "self")
))))
)
)
(add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
))
)
:init
(add-to-list 'major-mode-remap-alist '(rust-mode . rust-ts-mode))
(add-to-list 'treesit-language-source-alist '(rust "https://github.com/tree-sitter/tree-sitter-rust"))
(unless (treesit-ready-p 'rust) (treesit-install-language-grammar 'rust))
:config
;; Add keybindings for interacting with Cargo
(use-package cargo
:hook (rust-ts-mode . cargo-minor-mode))
)
(use-package toml-ts-mode
:ensure nil
:pin manual
:mode (
("\\.toml\\'" . toml-ts-mode)
)
:commands (toml-ts-mode)
:init
(add-to-list 'treesit-language-source-alist '(toml "https://github.com/tree-sitter/tree-sitter-toml"))
(unless (treesit-ready-p 'toml) (treesit-install-language-grammar 'toml))
)
;; Set additional rust-analyzer settings:
;;
;; (add-to-list 'eglot-server-programs `(rust-ts-mode . (,rust-analyzer-command :initializationOptions (:cargo (:features "all")))))
;;
;; In addition to the above, directory-specific settings can be written to a .dir-locals.el with the contents:
;;
;; (
;; (rust-ts-mode . ((eglot-workspace-configuration
;; . (:rust-analyzer (:cargo (:noDefaultFeatures t :features ["compare" "tracing"]))))
;; ))
;; )
(provide 'lang-rust)

38
nix/configuration/roles/emacs/files/emacs/elisp/lang-terraform.el Normal file
View File

@ -0,0 +1,38 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(defun terraform-fmt ()
"Run terraform fmt."
(run-command-on-buffer "terraform" "fmt" "-")
)
(use-package hcl-mode
:mode (("\\.hcl\\'" . hcl-mode))
:commands hcl-mode
:custom (hcl-indent-level 2)
:hook (
(hcl-mode . (lambda () (unless (derived-mode-p 'terraform-mode) (add-hook 'before-save-hook 'terraform-fmt nil 'local))))
)
)
(use-package terraform-mode
:mode (("\\.tf\\'" . terraform-mode)
("\\.tfvars\\'" . terraform-mode))
:commands terraform-mode
:custom (terraform-indent-level 2)
:hook (
(terraform-mode . (lambda ()
(eglot-ensure)
(defclass my/eglot-terraform (eglot-lsp-server) ()
:documentation
"Own eglot server class.")
(add-to-list 'eglot-server-programs
'(terraform-mode . (my/eglot-terraform "terraform-ls" "serve")))
(add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
))
)
)
(provide 'lang-terraform)

17
nix/configuration/roles/emacs/files/emacs/elisp/lang-xml.el Normal file
View File

@ -0,0 +1,17 @@
(defun xml-fmt ()
"Run xmllint --format."
(run-command-on-buffer "xmllint" "--format" "-")
)
(use-package nxml-mode
:commands (nxml-mode)
:pin manual
:ensure nil
:hook (
(nxml-mode . (lambda ()
(add-hook 'before-save-hook 'xml-fmt nil 'local)
))
)
)
(provide 'lang-xml)

27
nix/configuration/roles/emacs/files/emacs/elisp/lang-yaml.el Normal file
View File

@ -0,0 +1,27 @@
(defun yaml-format-buffer ()
"Run prettier."
(interactive)
(run-command-on-buffer "prettier" "--stdin-filepath" buffer-file-name)
)
(use-package yaml-ts-mode
:mode
(
("\\.y[a]?ml\\'" . yaml-ts-mode)
("playbook\\.tmp\\'" . yaml-ts-mode)
("environments/[^/]*/group_vars/[^/]*\\'" . yaml-ts-mode)
("environments/[^/]*/host_vars/[^/]*\\'" . yaml-ts-mode)
)
:commands (yaml-ts-mode)
:hook (
(yaml-ts-mode . (lambda ()
(add-hook 'before-save-hook 'yaml-format-buffer nil 'local)
))
)
:init
(add-to-list 'major-mode-remap-alist '(yaml-mode . yaml-ts-mode))
(add-to-list 'treesit-language-source-alist '(yaml "https://github.com/ikatyang/tree-sitter-yaml"))
(unless (treesit-ready-p 'yaml) (treesit-install-language-grammar 'yaml))
)
(provide 'lang-yaml)

10
nix/configuration/roles/emacs/files/emacs/elisp/util-flymake.el Normal file
View File

@ -0,0 +1,10 @@
(use-package flymake
:pin manual
:ensure nil
:commands (flymake-mode)
:config
;; Set the text before the brackets for flymake's modeline output to an empty string to make it less verbose.
(setq flymake-mode-line-lighter "")
)
(provide 'util-flymake)

16
nix/configuration/roles/emacs/files/emacs/elisp/util-tree-sitter.el Normal file
View File

@ -0,0 +1,16 @@
(use-package treesit
:pin manual
:ensure nil
:commands (treesit-install-language-grammar treesit-ready-p)
:init
(setq treesit-language-source-alist '())
:config
;; Default to the max level of detail in treesitter highlighting. This
;; can be overridden in each language's use-package call with:
;;
;; :custom
;; (treesit-font-lock-level 3)
(setq treesit-font-lock-level 4)
)
(provide 'util-tree-sitter)

61
nix/configuration/roles/emacs/files/emacs/elisp/util-vertico.el Normal file
View File

@ -0,0 +1,61 @@
(defun my/minibuffer-delete (arg)
"When looking for files, go up an entire directory with the backspace button if theres no text after the directory."
(interactive "p")
(if minibuffer-completing-file-name
(if (string-match-p ".*/$" (minibuffer-contents))
(vertico-directory-delete-word arg)
(vertico-directory-delete-char arg))
(delete-backward-char arg)))
(use-package vertico
:config
(vertico-mode)
(vertico-mouse-mode)
;; Remove prefix when switching to tilde or root ("/")
(setq file-name-shadow-properties '(invisible t intangible t))
(file-name-shadow-mode +1)
(set-face-attribute 'vertico-current nil :inherit nil :background "#383b01")
:custom
(vertico-count 20)
)
;; Create an ido/ivy-like experience when selecting files.
(use-package vertico-directory
:after vertico
:ensure nil
:bind ( :map vertico-map
("RET" . vertico-directory-enter)
:map minibuffer-local-map
("DEL" . my/minibuffer-delete)
)
)
(use-package consult
:custom
(completion-in-region-function #'consult-completion-in-region)
(xref-show-xrefs-function #'consult-xref)
(xref-show-definitions-function #'consult-xref)
(consult-project-root-function #'deadgrep--project-root)
:bind (
("C-. s" . consult-ripgrep)
("C-s" . consult-line)
("M-g g" . consult-goto-line)
("C-. e" . consult-flymake)
)
)
;; (use-package corfu
;; :commands (corfu-mode global-corfu-mode)
;; :custom
;; (corfu-auto t)
;; )
(use-package marginalia
:config (marginalia-mode))
(use-package orderless
:custom (completion-styles '(orderless)))
(provide 'util-vertico)

43
nix/configuration/roles/emacs/files/emacs/init.el Normal file
View File

@ -0,0 +1,43 @@
(add-to-list 'load-path (concat user-emacs-directory "elisp"))
(require 'base)
(require 'base-theme)
(require 'base-extensions)
(require 'base-functions)
(require 'base-global-keys)
(require 'util-vertico)
(require 'util-flymake)
(require 'lang-python)
(require 'lang-javascript)
(require 'lang-rust)
(require 'lang-yaml)
(require 'lang-org)
(require 'lang-bash)
(require 'lang-markdown)
(require 'lang-lua)
(require 'lang-terraform)
(require 'lang-go)
(require 'lang-dockerfile)
(require 'lang-c)
(require 'lang-xml)
(require 'lang-nix)
(require 'lang-cmake)
(load-directory autoload-directory)

136
nix/configuration/roles/firefox/default.nix Normal file
View File

@ -0,0 +1,136 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
firefox.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install firefox.";
};
};
config = lib.mkIf config.me.firefox.enable (
lib.mkMerge [
(lib.mkIf config.me.graphical {
programs.firefox = {
enable = true;
package = (pkgs.wrapFirefox (pkgs.firefox-unwrapped.override { pipewireSupport = true; }) { });
languagePacks = [ "en-US" ];
preferences = {
# "identity.sync.tokenserver.uri": "https://ffsync.fizz.buzz/token/1.0/sync/1.5";
"media.hardware-video-decoding.force-enabled" = true;
"media.ffmpeg.vaapi.enabled" = true;
"doh-rollout.doorhanger-decision" = "UIDisabled";
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode_ever_enabled" = true;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
# Disable ads
"extensions.pocket.enabled" = false;
"browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.newtabpage.activity-stream.feeds.section.topstories" = false;
"browser.newtabpage.pinned" = "[]";
"browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
"browser.topsites.contile.enabled" = false;
# Disable cache when devtools are open.
"devtools.cache.disabled" = true;
# Do not track header.
"privacy.donottrackheader.enabled" = true;
# Tell websites not to share or sell my data.
"privacy.globalprivacycontrol.enabled" = true;
# Disable "studies" (slice testing)
"app.shield.optoutstudies.enabled" = false;
# Disable attribution which is used by advertisers to track you.
"dom.private-attribution.submission.enabled" = false;
# Disable battery status, used to track users.
"dom.battery.enabled" = false;
# Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
#
# This breaks copying from BigQuery https://github.com/microsoft/monaco-editor/issues/1540
# dom.event.clipboardevents.enabled: false
# Isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains.
"privacy.firstparty.isolate" = true;
# Do not preload URLs that auto-complete in the address bar.
"browser.urlbar.speculativeConnect.enabled" = false;
# Do not resist fingerprinting because that tells websites to use light mode.
# https://bugzilla.mozilla.org/show_bug.cgi?id=1732114
"privacy.resistFingerprinting" = false; # (default false)
# Instead, enable fingerprinting protection, which allows configuring an override.
"privacy.fingerprintingProtection" = true;
# Allow sending dark mode preference to websites.
# Allow sending timezone to websites.
"privacy.fingerprintingProtection.overrides" =
"+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC,-CanvasExtractionBeforeUserInputIsBlocked";
# Disable weather on new tab page
"browser.newtabpage.activity-stream.showWeather" = false;
};
# Check about:policies#documentation and https://mozilla.github.io/policy-templates/ for options.
policies = {
DisableTelemetry = true;
DisplayBookmarksToolbar = "newtab";
# Check about:support for extension/add-on ID strings.
# Valid strings for installation_mode are "allowed", "blocked",
# "force_installed" and "normal_installed".
ExtensionSettings = {
# "*".installation_mode = "blocked"; # blocks all addons except the ones specified below
"uBlock0@raymondhill.net" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
installation_mode = "force_installed";
};
"firefox@teleparty.com" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/netflix-party-is-now-teleparty/latest.xpi";
installation_mode = "normal_installed";
};
"@ublacklist" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublacklist/latest.xpi";
installation_mode = "normal_installed";
};
"@react-devtools" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/react-devtools/latest.xpi";
installation_mode = "normal_installed";
};
};
};
};
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
directory = ".mozilla";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};
environment.persistence."/state" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
directory = ".cache/mozilla";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};
})
]
);
}

20
nix/configuration/roles/firewall/default.nix Normal file
View File

@ -0,0 +1,20 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [
22 # ssh
];
networking.firewall.allowedUDPPorts = [
5353 # mDNS
];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
}

29
nix/configuration/roles/fonts/default.nix Normal file
View File

@ -0,0 +1,29 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkIf config.me.graphical {
fonts = {
enableDefaultPackages = false;
packages = with pkgs; [
cascadia-code
source-sans-pro
source-serif-pro
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-color-emoji
];
fontconfig = {
localConf = (builtins.readFile ./files/fonts.conf);
useEmbeddedBitmaps = true;
};
};
};
}

99
nix/configuration/roles/fonts/files/fonts.conf Normal file
View File

@ -0,0 +1,99 @@
<?xml version="1.0"?>
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
<fontconfig>
<!-- reject all bitmap fonts, with the exception of 'terminus' -->
<selectfont>
<!-- <acceptfont> -->
<!-- <pattern> -->
<!-- <patelt name="family"> <string>Terminus</string> </patelt> -->
<!-- </pattern> -->
<!-- </acceptfont> -->
<rejectfont>
<pattern>
<patelt name="scalable"> <bool>false</bool> </patelt>
</pattern>
</rejectfont>
<rejectfont>
<!-- You don't want ghostscript fonts in your web browsing because of annoying ligatures like ffi -->
<glob>/usr/share/fonts/gsfonts/*</glob>
</rejectfont>
</selectfont>
<!-- preferred aliases -->
<alias>
<family>serif</family>
<prefer>
<family>Source Serif Pro</family>
<family>Source Sans Pro</family>
</prefer>
</alias>
<!-- preferred aliases -->
<alias>
<family>sans-serif</family>
<prefer>
<family>Source Sans Pro</family>
<family>Source Serif Pro</family>
</prefer>
</alias>
<!-- preferred aliases -->
<alias>
<family>monospace</family>
<prefer>
<family>Cascadia Mono</family>
<family>Cascadia Code</family>
</prefer>
</alias>
<!-- Screw it. Force Liberation Mono to be source code pro. -->
<match target="pattern">
<test qual="any" name="family"><string>Liberation Mono</string></test>
<edit name="family" mode="assign" binding="same"><string>Cascadia Mono</string></edit>
</match>
<!-- Dejavu Sans Mono keeps coming back when I query "monospace". Doesn't happen when I'm using Souce Code Pro but does happen with cascadia... force it to cascadia -->
<match target="pattern">
<test qual="any" name="family"><string>monospace</string></test>
<edit name="family" mode="assign" binding="same"><string>Cascadia Mono</string></edit>
</match>
<!-- Disable ligatures in monospace fonts. -->
<match target="font">
<test name="family" compare="eq" ignore-blanks="true">
<string>Cascadia Code</string>
</test>
<edit name="fontfeatures" mode="append">
<string>liga off</string>
<string>dlig off</string>
</edit>
</match>
<!-- Font Display Settings -->
<match target="font" >
<edit mode="assign" name="rgba" >
<const>rgb</const>
</edit>
</match>
<match target="font" >
<edit mode="assign" name="hinting" >
<bool>true</bool>
</edit>
</match>
<match target="font" >
<edit mode="assign" name="hintstyle" >
<const>hintslight</const>
</edit>
</match>
<match target="font" >
<edit mode="assign" name="antialias" >
<bool>true</bool>
</edit>
</match>
<match target="font" >
<edit mode="assign" name="lcdfilter" >
<const>lcddefault</const>
</edit>
</match>
</fontconfig>

Some files were not shown because too many files have changed in this diff Show More