From 860fce52306d80df51eebe8e4573022966bd2602 Mon Sep 17 00:00:00 2001 From: L-Nafaryus Date: Wed, 7 Jun 2023 01:28:05 +0500 Subject: [PATCH] a lot of small fixes --- default.nix | 2 +- flake.lock | 374 +++++++++++++++++++++++++++ flake.nix | 1 - hosts/common.nix | 7 +- hosts/elnafo/default.nix | 3 - modules/desktop/default.nix | 2 +- modules/desktop/graphics/default.nix | 9 +- modules/desktop/media/recording.nix | 2 +- modules/dev/python.nix | 2 +- modules/editors/emacs.nix | 2 +- modules/hardware/audio.nix | 1 + modules/hardware/sensors.nix | 2 +- modules/options.nix | 8 +- modules/security.nix | 7 +- modules/services/ssh.nix | 12 +- modules/shell/tmux.nix | 2 +- 16 files changed, 400 insertions(+), 36 deletions(-) create mode 100644 flake.lock diff --git a/default.nix b/default.nix index 67d6635..dd4a5e2 100644 --- a/default.nix +++ b/default.nix @@ -44,7 +44,7 @@ with lib.custom; }; system.configurationRevision = with inputs; mkIf (self ? rev) self.rev; - system.stateVersion = "21.05"; + system.stateVersion = "22.11"; ## Some reasonable, global defaults # This is here to appease 'nix flake check' for generic hosts with no diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..e364558 --- /dev/null +++ b/flake.lock @@ -0,0 +1,374 @@ +{ + "nodes": { + "devenv": { + "inputs": { + "flake-compat": "flake-compat", + "nix": "nix", + "nixpkgs": "nixpkgs", + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1678113758, + "narHash": "sha256-mD3SkN43b1s5CJ8Rx3l2oK3Dqgs+6Ze0FfWrdMcrrYk=", + "owner": "cachix", + "repo": "devenv", + "rev": "6455f319fc90e0be2071327093c5458f9afc61bf", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "v0.6.2", + "repo": "devenv", + "type": "github" + } + }, + "emacs-overlay": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2", + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1686075314, + "narHash": "sha256-5Gl3AfspuIfWW00jsV9woCYH+znNHOru6W0zpX/P5L0=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "30c400a67df95ad5012119bff4c8a9386d21e5c4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "devenv", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1685999310, + "narHash": "sha256-gaRMZhc7z4KeU/xS3IWv3kC+WhVcAXOLXXGKLe5zn1Y=", + "owner": "rycee", + "repo": "home-manager", + "rev": "28614ed7a1e3ace824c122237bdc0e5e0b62c5c3", + "type": "github" + }, + "original": { + "owner": "rycee", + "ref": "master", + "repo": "home-manager", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "nix": { + "inputs": { + "lowdown-src": "lowdown-src", + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1676545802, + "narHash": "sha256-EK4rZ+Hd5hsvXnzSzk2ikhStJnD63odF7SzsQ8CuSPU=", + "owner": "domenkozar", + "repo": "nix", + "rev": "7c91803598ffbcfe4a55c44ac6d49b2cf07a527f", + "type": "github" + }, + "original": { + "owner": "domenkozar", + "ref": "relaxed-flakes", + "repo": "nix", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1684899633, + "narHash": "sha256-NtwerXX8UFsoNy6k+DukJMriWtEjQtMU/Urbff2O2Dg=", + "owner": "nixos", + "repo": "nixos-hardware", + "rev": "4cc688ee711159b9bcb5a367be44007934e1a49d", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1677534593, + "narHash": "sha256-PuZSAHeq4/9pP/uYH1FcagQ3nLm/DrDrvKi/xC9glvw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3ad64d9e2d5bf80c877286102355b1625891ae9a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1673800717, + "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1685865905, + "narHash": "sha256-XJZ/o17eOd2sEsGif+/MQBnfa2DKmndWgJyc7CWajFc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e7603eba51f2c7820c0a182c6bbb351181caa8e7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1685938391, + "narHash": "sha256-96Jw6TbWDLSopt5jqCW8w1Fc1cjQyZlhfBnJ3OZGpME=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "31cd1b4afbaf0b1e81272ee9c31d1ab606503aed", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixpkgs-unstable", + "type": "indirect" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1685931219, + "narHash": "sha256-8EWeOZ6LKQfgAjB/USffUSELPRjw88A+xTcXnOUvO5M=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7409480d5c8584a1a83c422530419efe4afb0d19", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1685931219, + "narHash": "sha256-8EWeOZ6LKQfgAjB/USffUSELPRjw88A+xTcXnOUvO5M=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7409480d5c8584a1a83c422530419efe4afb0d19", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "nur": { + "locked": { + "lastModified": 1686073525, + "narHash": "sha256-CasBCbPGC/qieXIYMOsb27qTJa5f2dqxl1up2LEenso=", + "owner": "nix-community", + "repo": "NUR", + "rev": "f7b89777c77c063e0b366073d83693a66a81270f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": [ + "devenv", + "flake-compat" + ], + "flake-utils": "flake-utils", + "gitignore": "gitignore", + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1677160285, + "narHash": "sha256-tBzpCjMP+P3Y3nKLYvdBkXBg3KvTMo3gvi8tLQaqXVY=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "2bd861ab81469428d9c823ef72c4bb08372dd2c4", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "devenv": "devenv", + "emacs-overlay": "emacs-overlay", + "home-manager": "home-manager", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_3", + "nixpkgs-unstable": "nixpkgs-unstable", + "nur": "nur" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 5745ac8..9c8c34c 100644 --- a/flake.nix +++ b/flake.nix @@ -11,7 +11,6 @@ }; nur = { url = "github:nix-community/NUR"; - inputs.nixpkgs.follows = "nixpkgs"; }; # Extras diff --git a/hosts/common.nix b/hosts/common.nix index b5518e5..556ed90 100644 --- a/hosts/common.nix +++ b/hosts/common.nix @@ -1,17 +1,12 @@ { config, lib, ... }: with builtins; with lib; -let - blocklist = fetchurl https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts; -in { +{ networking.extraHosts = '' 192.168.156.1 router.home # Hosts 192.168.1156.28 elnafo.home - - # Block garbage - ${optionalString config.services.xserver.enable (readFile blocklist)} ''; ## Location config -- since Toronto is my 127.0.0.1 diff --git a/hosts/elnafo/default.nix b/hosts/elnafo/default.nix index c4310aa..2cd59dd 100644 --- a/hosts/elnafo/default.nix +++ b/hosts/elnafo/default.nix @@ -72,7 +72,4 @@ }; services.openssh.startWhenNeeded = true; - - - system.stateVersion = "22.11"; } diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index ecb1af0..1a671ff 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -44,7 +44,7 @@ in { GTK_DATA_PREFIX = [ "${config.system.path}" ]; QT_QPA_PLATFORMTHEME = "gnome"; QT_STYLE_OVERRIDE = "kvantum"; - } + }; services.xserver.displayManager.sessionCommands = '' # GTK2_RC_FILES must be available to the display manager. diff --git a/modules/desktop/graphics/default.nix b/modules/desktop/graphics/default.nix index 2f41452..aef7d8d 100644 --- a/modules/desktop/graphics/default.nix +++ b/modules/desktop/graphics/default.nix @@ -2,10 +2,10 @@ with lib; with lib.custom; let - cfg = config.modules.desktop.media.graphics; + cfg = config.modules.desktop.graphics; configDir = config.dotfiles.configDir; in { - options.modules.desktop.media.graphics = { + options.modules.desktop.graphics = { enable = mkBoolOpt false; tools.enable = mkBoolOpt true; raster.enable = mkBoolOpt true; @@ -30,7 +30,6 @@ in { (if cfg.raster.enable then [ krita gimp - gimpPlugins.resynthesizer # content-aware scaling in gimp ] else []) ++ # Sprite sheets & animation @@ -42,9 +41,5 @@ in { (if cfg.models.enable then [ unstable.blender-hip ] else []); - - home.configFile = mkIf cfg.raster.enable { - "GIMP/2.10" = { source = "${configDir}/gimp"; recursive = true; }; - }; }; } diff --git a/modules/desktop/media/recording.nix b/modules/desktop/media/recording.nix index bbe6bae..c8a0790 100644 --- a/modules/desktop/media/recording.nix +++ b/modules/desktop/media/recording.nix @@ -15,7 +15,7 @@ in { user.packages = with pkgs; (if cfg.audio.enable then [ - unstable.audacity-gtk3 + unstable.audacity ] else []) ++ (if cfg.video.enable then [ diff --git a/modules/dev/python.nix b/modules/dev/python.nix index 94b4f92..b9638d3 100644 --- a/modules/dev/python.nix +++ b/modules/dev/python.nix @@ -19,7 +19,7 @@ in { python310Packages.black python310Packages.setuptools python310Packages.pylint - python310Packages.poetry + python310Packages.poetry-core ]; environment.shellAliases = { diff --git a/modules/editors/emacs.nix b/modules/editors/emacs.nix index ec99994..1d5627f 100644 --- a/modules/editors/emacs.nix +++ b/modules/editors/emacs.nix @@ -22,7 +22,7 @@ in { ## Emacs itself binutils # native-comp needs 'as', provided by this # 28.2 + native-comp - ((emacsPackagesFor emacsNativeComp).emacsWithPackages (epkgs: [ epkgs.vterm ])) + ((emacsPackagesFor emacs-unstable).emacsWithPackages (epkgs: [ epkgs.vterm ])) ## Doom dependencies git diff --git a/modules/hardware/audio.nix b/modules/hardware/audio.nix index 921100c..fc974bb 100644 --- a/modules/hardware/audio.nix +++ b/modules/hardware/audio.nix @@ -22,6 +22,7 @@ in { easyeffects ]; + hardware.pulseaudio.enable = false; # HACK Prevents ~/.esd_auth files by disabling the esound protocol module # for pulseaudio, which I likely don't need. Is there a better way? hardware.pulseaudio.configFile = diff --git a/modules/hardware/sensors.nix b/modules/hardware/sensors.nix index 818f1e0..2a8696e 100644 --- a/modules/hardware/sensors.nix +++ b/modules/hardware/sensors.nix @@ -1,6 +1,6 @@ { options, config, lib, pkgs, ... }: with lib; -with lib.custon; +with lib.custom; let cfg = config.modules.hardware.sensors; in { diff --git a/modules/options.nix b/modules/options.nix index ac976d3..c6eb270 100644 --- a/modules/options.nix +++ b/modules/options.nix @@ -32,8 +32,12 @@ with lib.custom; }; config = { - user = { - name = let name = builtins.getEnv "USER"; in if elem user [ "" "root" ] then "nafaryus" else user; + user = + let + user = builtins.getEnv "USER"; + name = if elem user [ "" "root" ] then "nafaryus" else user; + in { + inherit name; description = "L-Nafaryus"; extraGroups = [ "wheel" ]; isNormalUser = true; diff --git a/modules/security.nix b/modules/security.nix index 43077e0..1604f81 100644 --- a/modules/security.nix +++ b/modules/security.nix @@ -7,16 +7,13 @@ # Prevent replacing the running kernel w/o reboot security.protectKernelImage = true; - # - boot.tmp.useTmpfs = true; - # tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy # on ssd systems, and volatile! Because it's wiped on reboot. - boot.tmpOnTmpfs = lib.mkDefault true; + boot.tmp.useTmpfs = lib.mkDefault true; # If not using tmpfs, which is naturally purged on reboot, we must clean it # /tmp ourselves. /tmp should be volatile storage! - boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs); + boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs); # Fix a security hole in place for backwards compatibility. See desc in # nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix diff --git a/modules/services/ssh.nix b/modules/services/ssh.nix index 7b023a7..6e01233 100644 --- a/modules/services/ssh.nix +++ b/modules/services/ssh.nix @@ -11,13 +11,15 @@ in { config = mkIf cfg.enable { services.openssh = { enable = true; - kbdInteractiveAuthentication = false; - passwordAuthentication = false; + settings = { + KbdInteractiveAuthentication = false; + PasswordAuthentication = false; + }; }; user.openssh.authorizedKeys.keys = - if config.user.name == "nafaryus" - then [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9pBG3Ak8hO4eQFA8roajDeZkKSPv2NsgZADQoV8bNEvsqNssqvpnoBKZCCKFv+Hqvf0tcTcdkRedUJh+9f/CI8dEuYiNzRyCFjYnfyFyUlEjNh/MaTonJEFEO4QsbapxQx+Buc+/jPCdwhUEbf1jvJV0oQy7TptXOn87cYQSuqqeubv+YwBqXUfMIFbsxH+ePZ9rX+N9sLdYpW2k9W1i8g2oNPrEpa3ICW2qhf/bshUhmDLB9te+vt1qMu0jmzpllnbaJJ57rDuL6XLaWqU/PD6uC0j1axf8AMxf00YvrLvMJ+T9hWlLe0mwNsgkhRzBE2/T+PYkUfvWvzqGLtIBZ nafaryus" ] - else []; + if config.user.name == "nafaryus" + then [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9pBG3Ak8hO4eQFA8roajDeZkKSPv2NsgZADQoV8bNEvsqNssqvpnoBKZCCKFv+Hqvf0tcTcdkRedUJh+9f/CI8dEuYiNzRyCFjYnfyFyUlEjNh/MaTonJEFEO4QsbapxQx+Buc+/jPCdwhUEbf1jvJV0oQy7TptXOn87cYQSuqqeubv+YwBqXUfMIFbsxH+ePZ9rX+N9sLdYpW2k9W1i8g2oNPrEpa3ICW2qhf/bshUhmDLB9te+vt1qMu0jmzpllnbaJJ57rDuL6XLaWqU/PD6uC0j1axf8AMxf00YvrLvMJ+T9hWlLe0mwNsgkhRzBE2/T+PYkUfvWvzqGLtIBZ nafaryus" ] + else []; }; } diff --git a/modules/shell/tmux.nix b/modules/shell/tmux.nix index ca9f7dc..dcff012 100644 --- a/modules/shell/tmux.nix +++ b/modules/shell/tmux.nix @@ -13,7 +13,7 @@ in { config = mkIf cfg.enable { user.packages = with pkgs; [ tmux ]; - modules.theme.onReload.tmux = "${pkgs.tmux}/bin/tmux source-file $TMUX_HOME/extraInit"; + #modules.theme.onReload.tmux = "${pkgs.tmux}/bin/tmux source-file $TMUX_HOME/extraInit"; modules.shell.zsh = { rcInit = "_cache tmuxifier init -";