diff --git a/flake.lock b/flake.lock index c8658bc..5a9d972 100644 --- a/flake.lock +++ b/flake.lock @@ -84,11 +84,11 @@ ] }, "locked": { - "lastModified": 1701728041, - "narHash": "sha256-x0pyrI1vC8evVDxCxyO6olOyr4wlFg9+VS3C3p4xFYQ=", + "lastModified": 1703657526, + "narHash": "sha256-C3fQG/tasnhtfJb0cvXthMDUJ/OLgCKNLqfMuR/M+0k=", "owner": "nix-community", "repo": "home-manager", - "rev": "ac7216918cd65f3824ba7817dea8f22e61221eaf", + "rev": "d1d950841d230490f308f5fcf8c0d4f2bd3f24a7", "type": "github" }, "original": { @@ -104,11 +104,11 @@ ] }, "locked": { - "lastModified": 1702177733, - "narHash": "sha256-lr3hkmmuqDFPj3i41cHpaALF3Txo3kxsJ3L6jZLujJ8=", + "lastModified": 1703387252, + "narHash": "sha256-XKJqGj0BaEn/zyctEnkgVIh6Ba1rgTRc+UBi9EU8Y54=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "58ecd98e27e27fcbb27a51a588555c828b1ec56e", + "rev": "f4340c1a42c38d79293ba69bfd839fbd6268a538", "type": "github" }, "original": { @@ -128,11 +128,11 @@ ] }, "locked": { - "lastModified": 1701825722, - "narHash": "sha256-vpT4hY8DDu39b9AMKCJIEVgQSfm+QKDGUjpVPFxNhTs=", + "lastModified": 1703639874, + "narHash": "sha256-54bkJbvGRb9Wq4re5tbtbHaFSPg7wnQfgAjCvggEDZ4=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "8f5a362c9ea3824d70458485abf9d162b8765034", + "rev": "52061beda00305b26445dc84ca7ab8a6036685c4", "type": "github" }, "original": { @@ -166,11 +166,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1701656485, - "narHash": "sha256-xDFormrGCKKGqngHa2Bz1GTeKlFMMjLnHhTDRdMJ1hs=", + "lastModified": 1703545041, + "narHash": "sha256-nvQA+k1rSszrf4kA4eK2i/SGbzoXyoKHzzyzq/Jca1w=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "fa194fc484fd7270ab324bb985593f71102e84d1", + "rev": "a15b6e525f5737a47b4ce28445c836996fb2ea8c", "type": "github" }, "original": { @@ -182,11 +182,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1701718080, - "narHash": "sha256-6ovz0pG76dE0P170pmmZex1wWcQoeiomUZGggfH9XPs=", + "lastModified": 1703438236, + "narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2c7f3c0fb7c08a0814627611d9d7d45ab6d75335", + "rev": "5f64a12a728902226210bf01d25ec6cbb9d9265b", "type": "github" }, "original": { @@ -198,11 +198,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1701615100, - "narHash": "sha256-7VI84NGBvlCTduw2aHLVB62NvCiZUlALLqBe5v684Aw=", + "lastModified": 1703351344, + "narHash": "sha256-9FEelzftkE9UaJ5nqxidaJJPEhe9TPhbypLHmc2Mysc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e9f06adb793d1cca5384907b3b8a4071d5d7cb19", + "rev": "7790e078f8979a9fcd543f9a47427eeaba38f268", "type": "github" }, "original": { @@ -214,11 +214,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1701568804, - "narHash": "sha256-iwr1fjOCvlirVL/xNvOTwY9kg3L/F3TC/7yh/QszaPI=", + "lastModified": 1703351344, + "narHash": "sha256-9FEelzftkE9UaJ5nqxidaJJPEhe9TPhbypLHmc2Mysc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dc01248a9c946953ad4d438b0a626f5c987a93e4", + "rev": "7790e078f8979a9fcd543f9a47427eeaba38f268", "type": "github" }, "original": { @@ -230,11 +230,11 @@ }, "nur": { "locked": { - "lastModified": 1701906331, - "narHash": "sha256-4dzaExoiung1HWn0nTp9xBHtB5rQMTsfOC2FtJuUoH4=", + "lastModified": 1703663873, + "narHash": "sha256-WHt475cqqOZp8+2FSZf3L6xVTQlIN8eAAVJzCeo8ydU=", "owner": "nix-community", "repo": "NUR", - "rev": "b8ad2b1feccf3b75e2d7fabad6d97769318febf4", + "rev": "e65636be64a336e7110fc82cf7aab577f1ed8233", "type": "github" }, "original": { @@ -266,11 +266,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1701728052, - "narHash": "sha256-7lOMc3PtW5a55vFReBJLLLOnopsoi1W7MkjJ93jPV4E=", + "lastModified": 1703387502, + "narHash": "sha256-JnWuQmyanPtF8c5yAEFXVWzaIlMxA3EAZCh8XNvnVqE=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e91ece6d2cf5a0ae729796b8f0dedceab5107c3d", + "rev": "e523e89763ff45f0a6cf15bcb1092636b1da9ed3", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index d4d7633..c0c0867 100644 --- a/flake.nix +++ b/flake.nix @@ -81,7 +81,7 @@ modules = [ self.homeManagerModules ] ++ sharedModules; - specialArgs = { + extraSpecialArgs = { inherit inputs; }; }; @@ -100,7 +100,7 @@ nixosModules.default = import ./modules/nixos; homeManagerModules = import ./modules/home-manager; - homeConfigurations = listToAttrs [ (mkHomeConfiguration "xin" "calcite") ]; + homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ]; colmenaHive = colmena.lib.makeHive { meta = { @@ -192,7 +192,7 @@ { devShells = { default = pkgs.mkShell { - packages = with pkgs; [ git colmena ]; + packages = with pkgs; [ git colmena nix-output-monitor ]; }; }; } diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index 7017de9..b039b1d 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -28,6 +28,11 @@ networking.hostName = "calcite"; + programs.steam = { + enable = true; + gamescopeSession = { enable = true; }; + }; + programs.vim.defaultEditor = true; # Keep this even if enabled in home manager @@ -99,7 +104,7 @@ enable = true; wireplumber.enable = true; alsa.enable = true; - #alsa.support32Bit = true; + alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this jack.enable = true; @@ -112,6 +117,17 @@ extraGroups = [ "networkmanager" "wheel" "wireshark" "tss" ]; }; + services.kanidm = { + enableClient = true; + enablePam = true; + clientSettings = { + uri = "https://auth.xinyang.life"; + }; + unixSettings = { + pam_allowed_login_groups = [ "linux_users" "xin@auth.xinyang.life" "test" ]; + }; + }; + # Enable automatic login for the user. services.xserver.displayManager.autoLogin.enable = true; services.xserver.displayManager.autoLogin.user = "xin"; @@ -129,6 +145,7 @@ "openssl-1.1.1w" # For wechat-uos "electron-19.1.9" + "electron-25.9.0" ]; # List packages installed in system profile. To search, run: # $ nix search wget @@ -141,23 +158,10 @@ wineWowPackages.waylandFull faudio - # ==== CLI tools ==== # - rust-analyzer - # tesseract5 # ocr ocrmypdf # pdfocr - grc - - sops - git-crypt - # ==== Development ==== # - - # Language server - clang-tools - rnix-lsp - # Python # reference: https://nixos.wiki/wiki/Python ( @@ -173,37 +177,28 @@ python-with-my-packages ) - # Tex - texlive.combined.scheme-full - # ==== GUI Softwares ==== # - # IDE - jetbrains.jdk # patch jetbrain runtime java - jetbrains.clion - jetbrains.pycharm-professional - jetbrains.idea-ultimate - android-studio - # Gnome tweaks gnomeExtensions.paperwm gnomeExtensions.search-light gnomeExtensions.tray-icons-reloaded gnome.gnome-tweaks gthumb + oculante # Multimedia vlc obs-studio spotify + rawtherapee digikam # IM element-desktop tdesktop qq - config.nur.repos.xddxdd.wechat-uos # Password manager bitwarden @@ -212,19 +207,16 @@ firefox chromium brave - microsoft-edge # Writting obsidian zotero - wpsoffice onlyoffice-bin + wpsoffice config.nur.repos.linyinfeng.wemeet virt-manager - - ghidra ]; system.stateVersion = "22.05"; @@ -291,9 +283,10 @@ defaultFonts = { serif = [ "Noto Serif CJK SC" "Ubuntu" ]; sansSerif = [ "Noto Sans CJK SC" "Ubuntu" ]; - monospace = [ "FiraCode NerdFont Mono" "Ubuntu" ]; + monospace = [ "FiraCode NerdFont Mono" "Noto Sans Mono CJK SC" "Ubuntu" ]; }; }; + enableDefaultPackages = true; }; # Virtualization virtualisation = { diff --git a/machines/calcite/hardware-configuration.nix b/machines/calcite/hardware-configuration.nix index c59286d..c84f41b 100644 --- a/machines/calcite/hardware-configuration.nix +++ b/machines/calcite/hardware-configuration.nix @@ -23,6 +23,12 @@ fsType = "vfat"; }; + fileSystems."/media/data" = + { device = "/dev/nvme0n1p7"; + fsType = "ntfs-3g"; + options = [ "rw" "uid=1000" "nofail" "x-systemd.device-timeout=2" ]; + }; + swapDevices = [ { device = "/dev/disk/by-label/NIXSWAP"; } ]; @@ -41,6 +47,6 @@ hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.opengl = { enable = true; - driSupport32Bit = false; + driSupport32Bit = true; }; } diff --git a/machines/secrets.yaml b/machines/secrets.yaml index 46b1575..0de58ab 100644 --- a/machines/secrets.yaml +++ b/machines/secrets.yaml @@ -7,6 +7,7 @@ singbox_jp_server: ENC[AES256_GCM,data:xKTcxkcu1WIsT/wlMpEoqGJK,iv:nXetY339YuOi2 singbox_password: ENC[AES256_GCM,data:0tBIzwtNSQqbGlD+CDnQfJigbFVBChEL,iv:W2HaHeSkvmS6jHSnfOJ6tD2QXuUq1A+mfZf7sEXB++E=,tag:5BtYAv1NO70IL4m/uG8QKA==,type:str] singbox_uuid: ENC[AES256_GCM,data:ufN+vDl/rDASoQL23tHwlr3ybMyrlC/Kd7bT0c5+SP+bc6Zj,iv:+uwt/N9LpFaJK6MjoczyrZ039MDZn4kRmtEoq4OvdFU=,tag:6Yma9+yrISwQoSRDgUbuwA==,type:str] grafana_cloud_api: ENC[AES256_GCM,data:Pz+tE09dcJa+ZEWS3vtpOtitGCA9Cg/+gOd/0FsF8ooxzPyN9/UMuTcP02aIPW5v7yZCkGJOAXufIyechNf0crgAV/KmwGGwixH7I+1f3sDtGiFZEMnQgrysyfJo0KIrIZ8XP0SyXDs3vKjDU8cUI4+IyucHacWQ1kWdEtINjcPNHRPS2yaMUIvsRn0z8Cs2byMD3ghUHHHOz40CuO6r4A==,iv:cHvbeCmLFmJPNKsl1BBYx9WJP7ZJWi+8c9yHZWc6FTs=,tag:yWXtPokYE4frCmzzzyEqEg==,type:str] +private_dns_address: ENC[AES256_GCM,data:m/u3oc+6ef8dLa7Dpu+5T9TTSdXqJjS9ecA+sPj0r8qX06+QgiQnpmEW4w==,iv:8+qG5rQXAKfrykEjt9qrbtyNaBuKvi7EaIWouRqEipY=,tag:XlMccTKL239/NnAprtqYrg==,type:str] sops: kms: [] gcp_kms: [] @@ -67,8 +68,8 @@ sops: c1E1Sld1ejZhTStKTU5teEJKT2JwVXcKuEQnA6b1WJ+RNqmrZ8t3joiEZ57Oq9M1 P4tMGerB12A1myTJlt5Ss2OCTBUV7ooVRNsyPjyvJy/YTyjqZ5xmxg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-20T01:34:00Z" - mac: ENC[AES256_GCM,data:6MLBRPA5g2r3yy/i7DSxjWaYhHH/4GiAqL/pRIvYyIrKQWYvfviWlTX9dqHVzzCXjueEXUM5dXFb2B+Sds68EGgBuBlZvBchtstHUOtMLE3pttC+xCzerQFyrPDrXbnpfdDYPHWxvhhhFpWu8G5RSfzSgkgp7+cx9iZHq/g1k/Q=,iv:8yFIOgHtBiCtbamufrXXHrjIq5DV3MIJbTJPtXlgpPg=,tag:CVOIojTN2KkXJsDVyiZjMQ==,type:str] + lastmodified: "2024-01-07T13:13:50Z" + mac: ENC[AES256_GCM,data:cAc3Wp5KjuaKWv0e2ciPVzvsK2L6BgupYS2+5Vlr+Wn0RBsuLA0OEW2pQbm5hpUJaWO65qQk5IeMvK/h8otYLgGHGzz23NiZTNeAknw6z2mL5y+GgP22mBOMzPU2PtaJKXkt624T1sZzW4QTMo8TqBlzy7D10odyjkVn6Wd+OGE=,iv:zucnHwHjY4DX3jIKuuIGpa2no9svOEordGN0LsPKDuc=,tag:JQZMyBO3yZIW+ZTIKDUPCQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/machines/sops.nix b/machines/sops.nix index 64cc721..de0cf5b 100644 --- a/machines/sops.nix +++ b/machines/sops.nix @@ -1,31 +1,33 @@ -{ inputs, ... }: +{ inputs, config, lib, ... }: { imports = [ inputs.sops-nix.nixosModules.sops ]; - sops = { - defaultSopsFile = ./secrets.yaml; - # TODO: How to generate this key when bootstrap? - age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - secrets = { - github_public_token = { - owner = "root"; + config = { + sops = { + defaultSopsFile = ./secrets.yaml; + # TODO: How to generate this key when bootstrap? + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + secrets = { + github_public_token = { + owner = "root"; + }; + singbox_sg_server = { + owner = "root"; + }; + singbox_jp_server = { + owner = "root"; + }; + singbox_password = { + owner = "root"; + }; + singbox_uuid = { + owner = "root"; + }; + private_dns_address = { + owner = "root"; + }; }; - clash_subscription_link = { - owner = "root"; - }; - singbox_sg_server = { - owner = "root"; - }; - singbox_jp_server = { - owner = "root"; - }; - singbox_password = { - owner = "root"; - }; - singbox_uuid = { - owner = "root"; - }; - grafana_cloud_api = { - owner = "prometheus"; + secrets.grafana_cloud_api = lib.mkIf config.services.prometheus.enable { + owner = "prometheus"; }; }; }; diff --git a/modules/home-manager/alacritty.nix b/modules/home-manager/alacritty.nix index 7e217d8..9f10b00 100644 --- a/modules/home-manager/alacritty.nix +++ b/modules/home-manager/alacritty.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, pkgs, lib, ... }: with lib; let @@ -25,7 +25,14 @@ in resize_increments = true; dynamic_padding = true; }; + import = [ + "${config.xdg.configHome}/alacritty/catppuccin-macchiato.yml" + ]; }; }; + xdg.configFile."alacritty/catppuccin-macchiato.yml".source = builtins.fetchurl { + url = "https://raw.githubusercontent.com/catppuccin/alacritty/main/catppuccin-macchiato.yml"; + sha256 = "sha256-+m8FyPStdh1A1xMVBOkHpfcaFPcyVL99tIxHuDZ2zXI="; + }; }; } diff --git a/modules/home-manager/fish.nix b/modules/home-manager/fish.nix index 0b002e0..927b69f 100644 --- a/modules/home-manager/fish.nix +++ b/modules/home-manager/fish.nix @@ -10,7 +10,7 @@ in enable = mkEnableOption "fish"; plugins = mkOption { type = types.listOf types.str; - default = [ "pisces" "done" "hydro" ]; + default = [ "pisces" "done" "hydro" "grc" ]; }; functions = { enable = mkOption { @@ -26,26 +26,27 @@ in }; }; - config = { - programs.fish = mkIf cfg.enable { + config = mkIf cfg.enable { + home.packages = [ pkgs.grc ]; + programs.fish = { enable = true; - plugins = with pkgs; filter ( + plugins = with pkgs; (filter ( e: hasAttr e.name (builtins.listToAttrs # { "xxx" = true; } (map (p: { name = p; value = true; }) cfg.plugins) # { name = "xxx"; value = true; } )) [ - { - name = "pisces"; + { name = "pisces"; src = fishPlugins.pisces.src; } - { - name = "done"; + { name = "done"; src = fishPlugins.done.src; } - { - name = "hydro"; + { name = "hydro"; src = fishPlugins.hydro.src; } - ]; + { name = "grc"; + src = fishPlugins.grc.src; + } + ]); interactiveShellInit = let extraInit = if cfg.functions.enable then '' ${pkgs.nix-your-shell}/bin/nix-your-shell fish | source @@ -61,7 +62,6 @@ in end '' else ""; in '' - fish_config theme choose 'ayu Dark' fish_config prompt choose arrow '' + extraInit; functions = mkIf cfg.functions.enable { diff --git a/modules/home-manager/vscode.nix b/modules/home-manager/vscode.nix index 301b794..d3b604c 100644 --- a/modules/home-manager/vscode.nix +++ b/modules/home-manager/vscode.nix @@ -25,7 +25,6 @@ in ms-vscode-remote.remote-ssh vscodevim.vim github.vscode-pull-request-github - eamodio.gitlens gruntfuggly.todo-tree # todo highlight # Language support @@ -35,6 +34,7 @@ in davidanson.vscode-markdownlint # C/C++ ms-vscode.cmake-tools + twxs.cmake llvm-vs-code-extensions.vscode-clangd # Nix jnoortheen.nix-ide @@ -43,6 +43,7 @@ in # Vue vue.volar # Scale / chisel + scala-lang.scala scalameta.metals sterben.fpga-support @@ -50,6 +51,7 @@ in ms-vscode-remote.remote-ssh-edit mushan.vscode-paste-image ]) ++ (with pkgs.vscode-extensions; [ + waderyan.gitblame catppuccin.catppuccin-vsc # Rust rust-lang.rust-analyzer @@ -140,6 +142,7 @@ in "editor.wordWrapColumn" = 80; "editor.unicodeHighlight.ambiguousCharacters" = false; }; + "cmake.configureOnEdit" = false; }; }; };