rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: rrvsh:prime
Branches Tags
rrvsh:prime
rrvsh:feat/darwin-parity
rrvsh:rebase/flake-parts
rrvsh:0.2.0
rrvsh:0.1.1
rrvsh:0.1.0
..
compare: rrvsh:0.1.1
Branches Tags
rrvsh:prime
rrvsh:feat/darwin-parity
rrvsh:rebase/flake-parts
rrvsh:0.2.0
rrvsh:0.1.1
rrvsh:0.1.0

No commits in common. "prime" and "0.1.1" have entirely different histories.
prime ... 0.1.1

125 changed files with 1365 additions and 3438 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.gitignore vendored
View file

@ -1,2 +1,2 @@
# gitignore
.pre-commit-config.*
result
*.qcow2

6
.sops.yaml
View file

@ -1,7 +1,7 @@
keys:
- &rafiq age12l33pas8eptwjc7ewux3d8snyzfzwz0tn9qg5kw8le79fswmjgjqdjgyy6
- &admin age12l33pas8eptwjc7ewux3d8snyzfzwz0tn9qg5kw8le79fswmjgjqdjgyy6
creation_rules:
- path_regex: \.(yaml)$
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *rafiq
- *admin

24
README.md Normal file
View file

@ -0,0 +1,24 @@
# Modules
The nixosModules and homeModules exposed by this flake are slightly out of the norm.
Option declarations for user specific configuration are kept to:
- homeModules for CLI
- nixosModules for desktop
System configurations, to this end, should include the window manager, lockscreen, terminal etc. for that system.
These desktop programs will be **configured** in home-manager for each user, but those configurations consult the osConfig variable passed in by home-manager.
# System Setup
The following files are **required** for system activation:
- /persist/home/${mainUser}/.ssh/id_ed25519
This private key will be used by sops-nix to decrypt the secrets in [[secrets/secrets.yaml]]. The secrets inside the yaml file should also be set, or otherwise removed alongside their declarations (in [[modules/nixos/system/secrets.nix]]) and references.
# Impermanence
System and user state is stored under /persist. Anything not declared under `{environment,home}.persistence` is deleted on system boot.

29
docs/README.md
View file

@ -1,29 +0,0 @@
# Pantheon
This flake serves as a monorepo for my systems (using IaC), dotfiles, and scripts.
It's hosted at https://git.rrv.sh/rrvsh/pantheon, and mirrored to https://github.com/rrvsh/pantheon.
## Structure
The system configurations are defined in [`flake.manifest`](nix/manifest.nix).
`flake.manifest.owner` provides the attributes for the administrator user, including username and pubkey.
`flake.manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations.
`flake.modules.nixos.*` provide NixOS options and configurations.
The attribute `flake.modules.nixos.default` provides options that will be applied to every system of that class.
You can use it as seen [here](nix/modules/flake/home-manager.nix):
```nix
flake.modules.nixos.default.imports = [ inputs.home-manager.nixosModules.default ];
```
The other attributes under `flake.modules.nixos` should be opt-in, i.e. provide options that will be set in the profiles.
`flake.profiles.nixos` provides profiles which use the options defined in `flake.modules.nixos` to define different roles for each system, such as graphical, laptop, headless, etc.
Options should not be defined here.
`flake.contracts.nixos.*` will provide contracts, such as reverse proxies or databases, which will configure options on the provider and receiver host.
## Acknowledgements
Thanks to the following for inspiring this configuration. I highly recommend you look through their writings and configurations.
- [ornicar](https://github.com/ornicar/dotfiles) which is where I first heard of NixOS
- [No Boilerplate](https://www.youtube.com/watch?v=CwfKlX3rA6E&pp=0gcJCfwAo7VqN5tD) for making me finally try the OS
- [ryan4yin](https://nixos-and-flakes.thiscute.world/) for being an amazing introduction to NixOS, home-manager, and flakes
- [NotAShelf](https://github.com/NotAShelf/) for their blog and for the wonderful [NVF](https://github.com/notashelf/nvf)
- [mightyiam](https://github.com/mightyiam/infra) for their infrastructure repo using flake-parts
- [drupol](https://not-a-number.io/2025/refactoring-my-infrastructure-as-code-configurations/) for this blog post which convinced me to rebase my infra to use flake-parts

2
docs/cheatsheet.md
View file

@ -1,2 +0,0 @@
# cheatsheet
`__curPos.file` will give the full evaluated path of the nix file it is called in. See [this issue](https://github.com/NixOS/nix/issues/5897#issuecomment-1012165198) for more information.

720
flake.lock generated
View file

@ -1,93 +1,63 @@
{
"nodes": {
"base16": {
"disko": {
"inputs": {
"fromYaml": "fromYaml"
},
"locked": {
"lastModified": 1746562888,
"narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=",
"owner": "SenchoPens",
"repo": "base16.nix",
"rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89",
"type": "github"
},
"original": {
"owner": "SenchoPens",
"repo": "base16.nix",
"type": "github"
}
},
"base16-fish": {
"flake": false,
"locked": {
"lastModified": 1622559957,
"narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
"owner": "tomyun",
"repo": "base16-fish",
"rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
"type": "github"
},
"original": {
"owner": "tomyun",
"repo": "base16-fish",
"type": "github"
}
},
"base16-helix": {
"flake": false,
"locked": {
"lastModified": 1748408240,
"narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=",
"owner": "tinted-theming",
"repo": "base16-helix",
"rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-helix",
"type": "github"
}
},
"base16-vim": {
"flake": false,
"locked": {
"lastModified": 1732806396,
"narHash": "sha256-e0bpPySdJf0F68Ndanwm+KWHgQiZ0s7liLhvJSWDNsA=",
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
"type": "github"
}
},
"dedupe_flake-compat": {
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"dedupe_flake-utils": {
"inputs": {
"systems": [
"systems"
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1747724474,
"narHash": "sha256-HG6DeCae97L0mYepwFedsLDueetX/KdihY3HvJqhwLk=",
"owner": "nix-community",
"repo": "disko",
"rev": "58e72c6ec29a9df611ed5cdef37db1081797a6e0",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1743550720,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
@ -102,168 +72,58 @@
"type": "github"
}
},
"dedupe_gitignore": {
"flake-utils-plus": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
"flake-utils": "flake-utils_2"
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"lastModified": 1715533576,
"narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
}
},
"dedupe_mnw": {
"locked": {
"lastModified": 1748710831,
"narHash": "sha256-eZu2yH3Y2eA9DD3naKWy/sTxYS5rPK2hO7vj8tvUCSU=",
"owner": "gerg-l",
"repo": "mnw",
"rev": "cff958a4e050f8d917a6ff3a5624bc4681c6187d",
"type": "github"
},
"original": {
"owner": "gerg-l",
"repo": "mnw",
"type": "github"
}
},
"disko": {
"flake-utils_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
"systems": "systems_3"
},
"locked": {
"lastModified": 1751854533,
"narHash": "sha256-U/OQFplExOR1jazZY4KkaQkJqOl59xlh21HP9mI79Vc=",
"owner": "nix-community",
"repo": "disko",
"rev": "16b74a1e304197248a1bc663280f2548dbfcae3c",
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"files": {
"locked": {
"lastModified": 1750263550,
"narHash": "sha256-EW/QJ8i/13GgiynBb6zOMxhLU1uEkRqmzbIDEP23yVA=",
"owner": "mightyiam",
"repo": "files",
"rev": "5f4ef1fd1f9012354a9748be093e277675d10f07",
"type": "github"
},
"original": {
"owner": "mightyiam",
"repo": "files",
"type": "github"
}
},
"firefox-gnome-theme": {
"flake": false,
"locked": {
"lastModified": 1748383148,
"narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=",
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf",
"type": "github"
},
"original": {
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"type": "github"
}
},
"flake-parts": {
"flake-utils_3": {
"inputs": {
"nixpkgs-lib": [
"nixpkgs"
]
"systems": "systems_4"
},
"locked": {
"lastModified": 1751413152,
"narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"fromYaml": {
"flake": false,
"locked": {
"lastModified": 1731966426,
"narHash": "sha256-lq95WydhbUTWig/JpqiB7oViTcHFP8Lv41IGtayokA8=",
"owner": "SenchoPens",
"repo": "fromYaml",
"rev": "106af9e2f715e2d828df706c386a685698f3223b",
"type": "github"
},
"original": {
"owner": "SenchoPens",
"repo": "fromYaml",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": [
"dedupe_flake-compat"
],
"gitignore": [
"dedupe_gitignore"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1750779888,
"narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gnome-shell": {
"flake": false,
"locked": {
"lastModified": 1748186689,
"narHash": "sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0=",
"owner": "GNOME",
"repo": "gnome-shell",
"rev": "8c88f917db0f1f0d80fa55206c863d3746fa18d0",
"type": "github"
},
"original": {
"owner": "GNOME",
"ref": "48.2",
"repo": "gnome-shell",
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
@ -274,11 +134,11 @@
]
},
"locked": {
"lastModified": 1751990210,
"narHash": "sha256-krWErNDl9ggMLSfK00Q2BcoSk3+IRTSON/DiDgUzzMw=",
"lastModified": 1747688838,
"narHash": "sha256-FZq4/3OtGV/cti9Vccsy2tGSUrxTO4hkDF9oeGRTen4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "218da00bfa73f2a61682417efe74549416c16ba6",
"rev": "45c2985644b60ab64de2a2d93a4d132ecb87cf66",
"type": "github"
},
"original": {
@ -302,74 +162,44 @@
"type": "github"
}
},
"import-tree": {
"mnw": {
"locked": {
"lastModified": 1751399845,
"narHash": "sha256-iun7//YHeEFgEOcG4KKKoy3d2GWOYqokLFVU/zIs79Y=",
"owner": "vic",
"repo": "import-tree",
"rev": "e24a50ff9b5871d4bdd8900679784812eeb120ea",
"lastModified": 1747499976,
"narHash": "sha256-YTiSI4WLbk0CleXeBheYmKZV6iqKyBpyoh1e+vcQzu4=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "72433a144c4ac16931e9148f78db4a0e4c147441",
"type": "github"
},
"original": {
"owner": "vic",
"repo": "import-tree",
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"make-shell": {
"inputs": {
"flake-compat": [
"dedupe_flake-compat"
]
},
"locked": {
"lastModified": 1733933815,
"narHash": "sha256-9JjM7eT66W4NJAXpGUsdyAFXhBxFWR2Z9LZwUa7Hli0=",
"owner": "nicknovitski",
"repo": "make-shell",
"rev": "ffeceae9956df03571ea8e96ef77c2924f13a63c",
"type": "github"
},
"original": {
"owner": "nicknovitski",
"repo": "make-shell",
"type": "github"
}
},
"manifest": {
"locked": {
"lastModified": 1752588656,
"narHash": "sha256-clKPzQ43eDpukeiGHzXmd1hGb2s4N+MWXAzQ5u5+pHQ=",
"owner": "rrvsh",
"repo": "manifest",
"rev": "365902fba994f30469298dee0c98a5fc0f41ec38",
"type": "github"
},
"original": {
"owner": "rrvsh",
"repo": "manifest",
"type": "github"
}
},
"nix-darwin": {
"nil": {
"inputs": {
"flake-utils": [
"nvf",
"flake-utils"
],
"nixpkgs": [
"nvf",
"nixpkgs"
]
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1751313918,
"narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf",
"lastModified": 1741118843,
"narHash": "sha256-ggXU3RHv6NgWw+vc+HO4/9n0GPufhTIUjVuLci8Za8c=",
"owner": "oxalica",
"repo": "nil",
"rev": "577d160da311cc7f5042038456a0713e9863d09e",
"type": "github"
},
"original": {
"owner": "nix-darwin",
"ref": "master",
"repo": "nix-darwin",
"owner": "oxalica",
"repo": "nil",
"type": "github"
}
},
@ -380,11 +210,11 @@
]
},
"locked": {
"lastModified": 1751774635,
"narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=",
"lastModified": 1747540584,
"narHash": "sha256-cxCQ413JTUuRv9Ygd8DABJ1D6kuB/nTfQqC0Lu9C0ls=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "85686025ba6d18df31cc651a91d5adef63378978",
"rev": "ec179dd13fb7b4c6844f55be91436f7857226dce",
"type": "github"
},
"original": {
@ -395,11 +225,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1751792365,
"narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
"lastModified": 1747542820,
"narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
"rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043",
"type": "github"
},
"original": {
@ -409,53 +239,72 @@
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
]
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1752005241,
"narHash": "sha256-+7DH6wh2BYnLRJzYXEbVlA1ZuAR4MxZI/paknbAuzk4=",
"lastModified": 1743296961,
"narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
"owner": "nix-community",
"repo": "NUR",
"rev": "a2570fb4d0699fd34ebbbd52e2a763722601f6c6",
"repo": "nixpkgs.lib",
"rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1747542820,
"narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixspect": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1747725629,
"narHash": "sha256-jEdIW5+SMfX6jVvx/MkMbpXLX9S2b+zsayIC1YJNAaY=",
"owner": "rrvsh",
"repo": "nixspect",
"rev": "28deacc6adeaef69f45af5c8139961a774e1600b",
"type": "github"
},
"original": {
"owner": "rrvsh",
"repo": "nixspect",
"type": "github"
}
},
"nvf": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"flake-utils": [
"dedupe_flake-utils"
],
"mnw": [
"dedupe_mnw"
],
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"mnw": "mnw",
"nil": "nil",
"nixpkgs": [
"nixpkgs"
],
"systems": [
"systems"
]
"systems": "systems_2"
},
"locked": {
"lastModified": 1752001027,
"narHash": "sha256-JgP8lW4QBr9v/U4ETaIOMvGCd/DAA1AjZ1lqjIwfWno=",
"lastModified": 1747525582,
"narHash": "sha256-oEZ6DV4bPcNZIuwW5Kcd+/zT3PMkXse2kX/3jHoomGk=",
"owner": "notashelf",
"repo": "nvf",
"rev": "c4d80273aaefeadaad96db97d077c647942b0e96",
"rev": "d3a0e7029ac57eef1120225973247851c5b967b5",
"type": "github"
},
"original": {
@ -476,11 +325,11 @@
]
},
"locked": {
"lastModified": 1751898758,
"narHash": "sha256-8EmTPdfOymvvHhmHYWiyO3cwZ4gtLo5uBFm3CU5vySo=",
"lastModified": 1734836319,
"narHash": "sha256-h/Jiq852WJyyAL037sIxjPDScjeH8sUoZVZBWlciXaw=",
"owner": "Janrupf",
"repo": "python-flexseal",
"rev": "af318e1fd047abbefcc68d0292a4d902179c95fe",
"rev": "fdd313f7b9a5c9545c015acaf0729b01f708118a",
"type": "github"
},
"original": {
@ -491,66 +340,59 @@
},
"root": {
"inputs": {
"dedupe_flake-compat": "dedupe_flake-compat",
"dedupe_flake-utils": "dedupe_flake-utils",
"dedupe_gitignore": "dedupe_gitignore",
"dedupe_mnw": "dedupe_mnw",
"disko": "disko",
"files": "files",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"home-manager": "home-manager",
"impermanence": "impermanence",
"import-tree": "import-tree",
"make-shell": "make-shell",
"manifest": "manifest",
"nix-darwin": "nix-darwin",
"nix-index-database": "nix-index-database",
"nixpkgs": "nixpkgs",
"nur": "nur",
"nixspect": "nixspect",
"nvf": "nvf",
"rrv-sh": "rrv-sh",
"rrvsh-nixpkgs": "rrvsh-nixpkgs",
"snowfall-lib": "snowfall-lib",
"sops-nix": "sops-nix",
"stable-diffusion-webui-nix": "stable-diffusion-webui-nix",
"stylix": "stylix",
"systems": "systems",
"text": "text"
"stable-diffusion-webui-nix": "stable-diffusion-webui-nix"
}
},
"rrv-sh": {
"rust-overlay": {
"inputs": {
"nixpkgs": [
"nvf",
"nil",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741055476,
"narHash": "sha256-52vwEV0oS2lCnx3c/alOFGglujZTLmObit7K8VblnS8=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "aefb7017d710f150970299685e8d8b549d653649",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"snowfall-lib": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils-plus": "flake-utils-plus",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1751721838,
"narHash": "sha256-702c0fbgpUuEuQsduGJ9I5bSrCLYEG88SPuZXcSQqTs=",
"owner": "rrvsh",
"repo": "rrv.sh",
"rev": "e00c1c2607b55f43ef74b5f555f62838f4fe5963",
"lastModified": 1736130495,
"narHash": "sha256-4i9nAJEZFv7vZMmrE0YG55I3Ggrtfo5/T07JEpEZ/RM=",
"owner": "snowfallorg",
"repo": "lib",
"rev": "02d941739f98a09e81f3d2d9b3ab08918958beac",
"type": "github"
},
"original": {
"owner": "rrvsh",
"repo": "rrv.sh",
"type": "github"
}
},
"rrvsh-nixpkgs": {
"locked": {
"lastModified": 1750146550,
"narHash": "sha256-vFNbONVWIdYBqlKZoJScDRjnQ/euDmVqgCL2ebnsu7U=",
"owner": "rrvsh",
"repo": "nixpkgs",
"rev": "d7fa95990fd890bbd17ca8361f5d4e4935512c75",
"type": "github"
},
"original": {
"owner": "rrvsh",
"ref": "librechat-module",
"repo": "nixpkgs",
"owner": "snowfallorg",
"repo": "lib",
"type": "github"
}
},
@ -561,11 +403,11 @@
]
},
"locked": {
"lastModified": 1751606940,
"narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=",
"lastModified": 1747603214,
"narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d",
"rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
"type": "github"
},
"original": {
@ -576,68 +418,27 @@
},
"stable-diffusion-webui-nix": {
"inputs": {
"flake-utils": [
"dedupe_flake-utils"
],
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
],
"python-flexseal": "python-flexseal"
},
"locked": {
"lastModified": 1751899247,
"narHash": "sha256-bh6xwc24Rv0YE4grKXvj+kmXmydns+OrlWn4WLnJSY4=",
"owner": "janrupf",
"lastModified": 1746840548,
"narHash": "sha256-NjKmOjkSMVx+z35L4lTEhYg/eJaNrRqaKwAEdnRJusY=",
"owner": "Janrupf",
"repo": "stable-diffusion-webui-nix",
"rev": "d5ba5dccd190b0ded17f9c4a23dc7665c6dc2eae",
"rev": "74a71ad10cc6525bc0dbb90ae47a19715a316344",
"type": "github"
},
"original": {
"owner": "janrupf",
"owner": "Janrupf",
"ref": "main",
"repo": "stable-diffusion-webui-nix",
"type": "github"
}
},
"stylix": {
"inputs": {
"base16": "base16",
"base16-fish": "base16-fish",
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": [
"flake-parts"
],
"gnome-shell": "gnome-shell",
"nixpkgs": [
"nixpkgs"
],
"nur": [
"nur"
],
"systems": [
"systems"
],
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
"tinted-tmux": "tinted-tmux",
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1751995939,
"narHash": "sha256-C5CSTv+b8XSbqJwqTP8SGkZEK3YCCJnmvRbg209ql5w=",
"owner": "nix-community",
"repo": "stylix",
"rev": "8f3259dbc57c8ee871492fde80f77468826bbd63",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "stylix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@ -653,99 +454,48 @@
"type": "github"
}
},
"text": {
"systems_2": {
"locked": {
"lastModified": 1751819711,
"narHash": "sha256-Emci++Hknzr2FEZRUbRDD7prI5JwwGsACO/GaU9Pmxg=",
"owner": "rrvsh",
"repo": "text.nix",
"rev": "00ba1e616ef3b761a52d5f7ac32892715cc4bcd1",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "rrvsh",
"repo": "text.nix",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": {
"flake": false,
"systems_3": {
"locked": {
"lastModified": 1726913040,
"narHash": "sha256-+eDZPkw7efMNUf3/Pv0EmsidqdwNJ1TaOum6k7lngDQ=",
"owner": "tinted-theming",
"repo": "tinted-foot",
"rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-foot",
"rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-kitty": {
"flake": false,
"systems_4": {
"locked": {
"lastModified": 1735730497,
"narHash": "sha256-4KtB+FiUzIeK/4aHCKce3V9HwRvYaxX+F1edUrfgzb8=",
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "de6f888497f2c6b2279361bfc790f164bfd0f3fa",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-kitty",
"type": "github"
}
},
"tinted-schemes": {
"flake": false,
"locked": {
"lastModified": 1748180480,
"narHash": "sha256-7n0XiZiEHl2zRhDwZd/g+p38xwEoWtT0/aESwTMXWG4=",
"owner": "tinted-theming",
"repo": "schemes",
"rev": "87d652edd26f5c0c99deda5ae13dfb8ece2ffe31",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "schemes",
"type": "github"
}
},
"tinted-tmux": {
"flake": false,
"locked": {
"lastModified": 1748740859,
"narHash": "sha256-OEM12bg7F4N5WjZOcV7FHJbqRI6jtCqL6u8FtPrlZz4=",
"owner": "tinted-theming",
"repo": "tinted-tmux",
"rev": "57d5f9683ff9a3b590643beeaf0364da819aedda",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-tmux",
"type": "github"
}
},
"tinted-zed": {
"flake": false,
"locked": {
"lastModified": 1725758778,
"narHash": "sha256-8P1b6mJWyYcu36WRlSVbuj575QWIFZALZMTg5ID/sM4=",
"owner": "tinted-theming",
"repo": "base16-zed",
"rev": "122c9e5c0e6f27211361a04fae92df97940eccf9",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-zed",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}

161
flake.nix
View file

@ -1,134 +1,45 @@
{
outputs =
{ self, ... }@inputs:
inputs.flake-parts.lib.mkFlake { inherit inputs; } (
(inputs.import-tree ./nix)
// {
systems = import inputs.systems;
flake = {
inherit self;
paths.root = ./.;
};
}
);
inputs = {
### SYSTEM ###
# systems provides a list of supported nix systems.
systems.url = "github:nix-systems/default";
# nixos-unstable provides a binary cache for all packages.
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
# My fork for random shit
rrvsh-nixpkgs.url = "github:rrvsh/nixpkgs/librechat-module";
# home-manager manages our user packages and dotfiles
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
# nix darwin provides declarative mac configuration
nix-darwin = {
url = "github:nix-darwin/nix-darwin/master";
inputs.nixpkgs.follows = "nixpkgs";
};
# the nix user repository for mainly firefox extensions
nur = {
url = "github:nix-community/NUR";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-parts.follows = "flake-parts";
};
# impermanence provides a nice abstraction over linking files from /persist
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
snowfall-lib.url = "github:snowfallorg/lib";
snowfall-lib.inputs.nixpkgs.follows = "nixpkgs";
impermanence.url = "github:nix-community/impermanence";
# flake-parts lets us define flake modules.
flake-parts = {
url = "github:hercules-ci/flake-parts";
inputs.nixpkgs-lib.follows = "nixpkgs";
};
# disko provides declarative drive partitioning
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
# sops-nix lets us version control secrets like passwords and api keys
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
stylix = {
url = "github:nix-community/stylix";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
systems.follows = "systems";
nur.follows = "nur";
};
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nix-index-database.url = "github:nix-community/nix-index-database";
nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
nvf.url = "github:notashelf/nvf";
nvf.inputs.nixpkgs.follows = "nixpkgs";
nixspect.url = "github:rrvsh/nixspect";
stable-diffusion-webui-nix.url = "github:Janrupf/stable-diffusion-webui-nix/main";
stable-diffusion-webui-nix.inputs.nixpkgs.follows = "nixpkgs";
};
### FLAKE PARTS MODULES ###
# import-tree imports all nix files in a given directory.
import-tree.url = "github:vic/import-tree";
# files lets us write text files and automatically add checks for them
files.url = "github:mightyiam/files";
# text.nix lets us easily define markdown text to pass to files
text.url = "github:rrvsh/text.nix";
# manifest lets us define all hosts in one file
manifest.url = "github:rrvsh/manifest";
# make-shells.<name> creates devShells and checks
make-shell = {
url = "github:nicknovitski/make-shell";
inputs.flake-compat.follows = "dedupe_flake-compat";
};
# git-hooks ensures nix flake check is ran before commits
git-hooks = {
url = "github:cachix/git-hooks.nix";
inputs = {
flake-compat.follows = "dedupe_flake-compat";
nixpkgs.follows = "nixpkgs";
gitignore.follows = "dedupe_gitignore";
};
};
### FLAKES ###
# nix-index-database indexes the nixpkgs binaries for use with comma
nix-index-database = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
# nvf provides modules to wrap neovim
nvf = {
url = "github:notashelf/nvf";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
systems.follows = "systems";
flake-utils.follows = "dedupe_flake-utils";
mnw.follows = "dedupe_mnw";
};
};
# provides comfy ui and sdwebui services
stable-diffusion-webui-nix = {
url = "github:janrupf/stable-diffusion-webui-nix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "dedupe_flake-utils";
};
# my website :)
rrv-sh = {
url = "github:rrvsh/rrv.sh";
inputs.nixpkgs.follows = "nixpkgs";
};
### DEDUPE ###
dedupe_flake-compat.url = "github:edolstra/flake-compat";
dedupe_flake-utils = {
url = "github:numtide/flake-utils";
inputs.systems.follows = "systems";
};
dedupe_mnw.url = "github:gerg-l/mnw";
dedupe_gitignore = {
url = "github:hercules-ci/gitignore.nix";
inputs.nixpkgs.follows = "nixpkgs";
outputs =
inputs:
inputs.snowfall-lib.mkFlake {
inherit inputs;
src = ./.;
snowfall.namespace = "pantheon";
overlays = with inputs; [
stable-diffusion-webui-nix.overlays.default
];
systems.modules.nixos = with inputs; [
disko.nixosModules.disko
impermanence.nixosModules.impermanence
sops-nix.nixosModules.sops
];
homes.modules = with inputs; [
impermanence.homeManagerModules.impermanence
nix-index-database.hmModules.nix-index
nvf.homeManagerModules.default
];
outputs-builder = channels: {
formatter = channels.nixpkgs.nixfmt-rfc-style;
};
};
}

50
homes/x86_64-linux/rafiq/default.nix Normal file
View file

@ -0,0 +1,50 @@
{
pkgs,
inputs,
...
}:
{
cli.shell = "zsh";
cli.screensaver.enable = true;
cli.screensaver.timeout = "100";
cli.screensaver.command = "cbonsai -S";
cli.editor = "nvf";
cli.file-browser = "yazi";
cli.multiplexer = "zellij";
cli.fetch = "hyfetch";
cli.git.name = "Mohammad Rafiq";
cli.git.email = "rafiq@rrv.sh";
cli.git.defaultBranch = "prime";
home.shellAliases = {
v = "nvim";
};
home.packages = with pkgs; [
cbonsai
ripgrep
devenv
pantheon.rebuild
pantheon.edit
inputs.nixspect.packages."x86_64-linux".nixspect
];
home.persistence."/persist/home/rafiq".directories = [ "repos" ];
programs.direnv = {
enable = true;
nix-direnv.enable = true;
};
programs = {
thefuck.enable = true;
tealdeer.enable = true;
tealdeer.settings.updates.auto_update = true;
fzf = {
enable = true;
enableZshIntegration = true;
};
nh.enable = true;
};
}

7
lib/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ lib, ... }:
{
mkStrOption = lib.mkOption {
type = lib.types.str;
default = "";
};
}

60
modules/home/cli/default.nix Normal file
View file

@ -0,0 +1,60 @@
{
config,
lib,
pkgs,
...
}:
{
options.cli = {
shell = lib.pantheon.mkStrOption;
screensaver.enable = lib.mkEnableOption "";
screensaver.timeout = lib.pantheon.mkStrOption;
screensaver.command = lib.pantheon.mkStrOption;
editor = lib.pantheon.mkStrOption;
nvf.snippets = lib.mkOption {
type = lib.types.listOf lib.types.attrs;
default = { };
};
file-browser = lib.pantheon.mkStrOption;
multiplexer = lib.pantheon.mkStrOption;
fetch = lib.pantheon.mkStrOption;
git = {
name = lib.pantheon.mkStrOption;
email = lib.pantheon.mkStrOption;
defaultBranch = lib.pantheon.mkStrOption;
};
};
config = lib.mkMerge [
{
home.shell.enableShellIntegration = true;
programs.ssh = {
enable = true;
extraConfig = ''
Host *
SetEnv TERM=xterm-256color
'';
};
programs.zoxide.enable = true;
home.shellAliases.cd = "z";
home.persistence."/persist/home/${config.snowfallorg.user.name}".directories = [
".local/share/zoxide"
];
}
{
programs.nix-index.enable = true;
programs.nix-index-database.comma.enable = true;
}
{
home.shellAliases.ai = "aichat -r %shell% -e";
home.packages = with pkgs; [ aichat ];
xdg.configFile."aichat/config.yaml".text = ''
model: gemini:gemini-2.0-flash
clients:
- type: gemini
'';
}
];
}

23
nix/homes/rafiq/_nvf/autocomplete.nix → modules/home/cli/editor/nvf/autocomplete.nix
View file

@ -3,23 +3,34 @@
blink-cmp = {
enable = true;
friendly-snippets.enable = true;
sourcePlugins.ripgrep.enable = true;
mappings = {
next = "<Down>"; # FIXME: results in the menu appearing when navigating
previous = "<Up>";
};
sourcePlugins = {
emoji.enable = true;
ripgrep.enable = true;
spell.enable = true;
};
setupOpts = {
# Disable completion in markdown files
# TODO: Disable completion when in comments
completion.documentation.auto_show_delay_ms = 0;
signature.enabled = true;
enabled =
lib.generators.mkLuaInline
# lua
''
--- Disable completion for markdown
function()
return not vim.tbl_contains({"markdown"}, vim.bo.filetype)
and vim.bo.buftype ~= "prompt"
and vim.b.completion ~= false
end
'';
completion.documentation.auto_show_delay_ms = 0;
# Show e.g. function parameters
signature.enabled = true;
cmdline = {
enabled = true;
sources = null;
completion.menu.auto_show = false;
};
};
};
}

26
modules/home/cli/editor/nvf/binds.nix Normal file
View file

@ -0,0 +1,26 @@
{
hardtime-nvim = {
enable = true;
setupOpts = {
disabled_keys = {
"<Up>" = [
"n"
"x"
];
"<Down>" = [
"n"
"x"
];
"<Left>" = [
"n"
"x"
];
"<Right>" = [
"n"
"x"
];
};
};
};
whichKey.enable = true;
}

6
modules/home/cli/editor/nvf/clipboard.nix Normal file
View file

@ -0,0 +1,6 @@
{
enable = true;
#FIXME: List doenst work for some reason
registers = "unnamedplus";
providers.wl-copy.enable = true;
}

38
modules/home/cli/editor/nvf/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ config, lib, ... }:
{
config = lib.mkIf (config.cli.editor == "nvf") {
home.sessionVariables.EDITOR = "nvim";
home.persistence."/persist/home/${config.snowfallorg.user.name}".directories = [
".local/share/nvf"
];
programs.nvf = {
enable = true;
settings.vim = {
hideSearchHighlight = true;
syntaxHighlighting = true;
telescope.enable = true;
searchCase = "ignore";
undoFile.enable = true;
fzf-lua.enable = true;
git.enable = true;
autocomplete = import ./autocomplete.nix { inherit lib; };
autopairs.nvim-autopairs.enable = true;
binds = import ./binds.nix;
clipboard = import ./clipboard.nix;
diagnostics = import ./diagnostics.nix;
keymaps = import ./keymaps.nix;
languages = import ./languages.nix;
lsp = import ./lsp.nix;
navigation = import ./navigation.nix;
notes = import ./notes.nix;
options = import ./options.nix;
notify = import ./notify.nix;
snippets = import ./snippets.nix;
treesitter = import ./treesitter.nix;
ui = import ./ui.nix;
utility = import ./utility.nix;
visuals = import ./visuals.nix;
};
};
};
}

6
modules/home/cli/editor/nvf/diagnostics.nix Normal file
View file

@ -0,0 +1,6 @@
{
nvim-lint = {
enable = true;
lint_after_save = true;
};
}

16
modules/home/cli/editor/nvf/keymaps.nix Normal file
View file

@ -0,0 +1,16 @@
[
{
desc = "";
key = "f";
mode = "n";
action = ":FzfLua files<CR>";
silent = true;
}
{
desc = "Open the file path under the cursor, making the file if it doesn't exist.";
key = "gf";
mode = "n";
action = ":cd %:p:h<CR>:e <cfile><CR>";
silent = true;
}
]

18
nix/homes/rafiq/_nvf/languages.nix → modules/home/cli/editor/nvf/languages.nix
View file

@ -4,30 +4,22 @@
enableTreesitter = true;
bash.enable = true;
clang.enable = true;
# broken on macos
# csharp.enable = true;
csharp.enable = true;
css.enable = true;
go.enable = true;
html.enable = true;
lua.enable = true;
markdown = {
enable = true;
extensions.markview-nvim.enable = true;
format.type = "prettierd";
};
markdown.enable = true;
markdown.extensions.markview-nvim.enable = true;
nix = {
enable = true;
format.type = "nixfmt";
lsp.server = "nil";
};
python = {
enable = true;
format.type = "ruff";
lsp.server = "pyright";
};
python.enable = true;
python.lsp.server = "python-lsp-server";
rust.enable = true;
rust.crates.enable = true;
tailwind.enable = true;
ts.enable = true;
ts.extensions.ts-error-translator.enable = true;
typst.enable = true;

9
modules/home/cli/editor/nvf/lsp.nix Normal file
View file

@ -0,0 +1,9 @@
{
enable = true;
formatOnSave = true;
inlayHints.enable = true;
lightbulb.enable = true;
lspkind.enable = true;
null-ls.enable = true;
otter-nvim.enable = true;
}

5
modules/home/cli/editor/nvf/navigation.nix Normal file
View file

@ -0,0 +1,5 @@
{
harpoon = {
enable = true;
};
}

3
modules/home/cli/editor/nvf/notes.nix Normal file
View file

@ -0,0 +1,3 @@
{
todo-comments.enable = true;
}

2
modules/home/cli/editor/nvf/notify.nix Normal file
View file

@ -0,0 +1,2 @@
{
}

9
modules/home/cli/editor/nvf/options.nix Normal file
View file

@ -0,0 +1,9 @@
{
autoindent = true;
smartindent = true;
expandtab = true;
tabstop = 2;
shiftwidth = 2;
updatetime = 0;
backspace = "indent,eol,start";
}

6
modules/home/cli/editor/nvf/snippets.nix Normal file
View file

@ -0,0 +1,6 @@
{
luasnip = {
enable = true;
setupOpts.enable_autosnippets = true;
};
}

7
modules/home/cli/editor/nvf/treesitter.nix Normal file
View file

@ -0,0 +1,7 @@
{
autotagHtml = true;
fold = true;
context.enable = true;
indent.disable = [ "markdown" ];
textobjects.enable = true;
}

15
modules/home/cli/editor/nvf/ui.nix Normal file
View file

@ -0,0 +1,15 @@
{
borders = {
enable = true;
globalStyle = "double";
};
breadcrumbs = {
enable = true;
navbuddy.enable = true;
};
colorizer.enable = true;
illuminate.enable = true;
noice.enable = true;
nvim-ufo.enable = true;
smartcolumn.enable = true;
}

17
modules/home/cli/editor/nvf/utility.nix Normal file
View file

@ -0,0 +1,17 @@
{
direnv.enable = true;
leetcode-nvim.enable = true;
mkdir.enable = true;
motion.leap.enable = true;
motion.leap.mappings.leapForwardTo = "s";
motion.leap.mappings.leapBackwardTo = "S";
vim-wakatime.enable = true;
yazi-nvim = {
enable = true;
mappings = {
openYazi = "t";
openYaziDir = "T";
};
setupOpts.open_for_directories = true;
};
}

3
nix/homes/rafiq/_nvf/visuals.nix → modules/home/cli/editor/nvf/visuals.nix
View file

@ -1,7 +1,8 @@
{
indent-blankline.enable = true;
fidget-nvim.enable = true;
fidget-nvim.setupOpts.notification.override_vim_notify = true;
# fidget-nvim.setupOpts.notification.override_vim_notify = true;
nvim-cursorline.enable = true;
nvim-web-devicons.enable = true;
rainbow-delimiters.enable = true;
}

31
modules/home/cli/fetch/default.nix Normal file
View file

@ -0,0 +1,31 @@
{
config,
lib,
pkgs,
...
}:
{
config = lib.mkMerge [
(lib.mkIf (config.cli.fetch == "hyfetch") {
home.packages = [ pkgs.fastfetch ];
home.sessionVariables.FETCH = "hyfetch";
home.shellAliases.fetch = "hyfetch";
programs.hyfetch = {
enable = true;
settings = {
preset = "bisexual";
mode = "rgb";
light_dark = "dark";
lightness = 0.5;
color_align = {
mode = "horizontal";
custom_colors = [ ];
fore_back = null;
};
backend = "fastfetch";
};
};
})
];
}

10
modules/home/cli/file-browser/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, lib, ... }:
{
config = lib.mkIf (config.cli.file-browser == "yazi") {
home.sessionVariables.FILE_BROWSER = "yazi";
programs.yazi = {
enable = true;
shellWrapperName = "t";
};
};
}

18
modules/home/cli/multiplexer/default.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, lib, ... }:
{
config = lib.mkIf (config.cli.multiplexer == "zellij") {
home.sessionVariables.MULTIPLEXER = "zellij";
programs.zellij = {
enable = true;
enableZshIntegration = true;
attachExistingSession = true;
exitShellOnExit = true;
settings = {
default_layout = "compact";
pane_frames = false;
show_startup_tips = false;
show_release_notes = false;
};
};
};
}

38
modules/home/cli/shell/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ config, lib, ... }:
{
config = lib.mkIf (config.cli.shell == "zsh") {
home.sessionVariables.SHELL = "zsh";
programs.zsh = {
enable = true;
enableVteIntegration = true;
syntaxHighlighting.enable = true;
historySubstringSearch.enable = true;
history = {
append = true;
extended = true;
ignoreDups = true;
ignoreSpace = true;
save = 10000;
share = true;
size = 10000;
};
};
programs.zsh.initContent = lib.mkIf config.cli.screensaver.enable (
lib.mkOrder 1200
# zsh
''
precmd() {
TMOUT=${config.cli.screensaver.timeout}
}
TRAPALRM() {
TMOUT=1
${config.cli.screensaver.command}
# If we exit, assume the previous command was exited out of
TMOUT=${config.cli.screensaver.timeout}
zle reset-prompt
}
''
);
};
}

3
modules/home/cli/utilities/default.nix Normal file
View file

@ -0,0 +1,3 @@
{
imports = [ ./git.nix ];
}

10
nix/homes/rafiq/git.nix → modules/home/cli/utilities/git.nix
View file

@ -1,18 +1,22 @@
{ config, ... }:
{
flake.modules.homeManager.rafiq = {
config = {
home.sessionVariables.GIT_CONFIG_GLOBAL = "$HOME/.config/git/config";
home.shellAliases = {
gs = "git status";
gc = "git commit";
gcam = "git commit -am";
gu = "git push";
gy = "git pull";
gdh = "git diff HEAD";
};
programs.git = {
enable = true;
userName = config.cli.git.name;
userEmail = config.cli.git.email;
signing.key = "~/.ssh/id_ed25519.pub";
signing.signByDefault = true;
extraConfig = {
init.defaultBranch = "prime";
init.defaultBranch = config.cli.git.defaultBranch;
push.autoSetupRemote = true;
pull.rebase = false;
core.editor = "$EDITOR";

12
modules/home/desktop/browser/firefox/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ osConfig, lib, ... }:
{
config = lib.mkIf (osConfig.desktop.browser == "firefox") {
home.persistence."/persist/home/rafiq".directories = [ ".mozilla/firefox" ];
home.sessionVariables.BROWSER = "firefox";
programs.firefox = {
enable = true;
profiles.rafiq.id = 0;
profiles.test.id = 1;
};
};
}

17
modules/home/desktop/default.nix Normal file
View file

@ -0,0 +1,17 @@
{
config,
lib,
osConfig,
pkgs,
...
}:
{
config = lib.mkMerge [
(lib.mkIf (osConfig.hardware.gpu == "nvidia") {
home.packages = [ pkgs.stable-diffusion-webui.forge.cuda ];
home.persistence."/persist/home/${config.snowfallorg.user.name}".directories = [
".local/share/stable-diffusion-webui"
];
})
];
}

47
modules/home/desktop/lockscreen/default.nix Normal file
View file

@ -0,0 +1,47 @@
{
osConfig,
lib,
...
}:
{
config = lib.mkMerge [
(lib.mkIf (osConfig.desktop.lockscreen == "hyprlock") {
home.sessionVariables.LOCKSCREEN = "hyprlock";
programs.hyprlock = {
enable = true;
settings = {
general.hide_cursor = true;
general.ignore_empty_input = true;
background = {
blur_passes = 5;
blur_size = 5;
};
label = {
text = ''hi, $USER.'';
font_size = 32;
halign = "center";
valign = "center";
position = "0, 0";
zindex = 1;
shadow_passes = 5;
shadow_size = 5;
};
input-field = {
fade_on_empty = true;
size = "200, 45";
halign = "center";
valign = "center";
position = "0, -5%";
placeholder_text = "";
zindex = 1;
shadow_passes = 5;
shadow_size = 5;
};
};
};
})
];
}

12
modules/home/desktop/notification-daemon/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ osConfig, lib, ... }:
{
config = lib.mkMerge [
(lib.mkIf (osConfig.desktop.notification-daemon == "mako") {
home.sessionVariables.NOTIFICATION_DAEMON = "mako";
services.mako = {
enable = true;
settings = { };
};
})
];
}

23
modules/home/desktop/terminal/default.nix Normal file
View file

@ -0,0 +1,23 @@
{
osConfig,
lib,
pkgs,
...
}:
{
config = lib.mkMerge [
(lib.mkIf (osConfig.desktop.terminal == "kitty") {
home.packages = with pkgs; [ kitty ];
home.sessionVariables.TERMINAL = "kitty";
})
(lib.mkIf (osConfig.desktop.terminal == "ghostty") {
home.sessionVariables.TERMINAL = "ghostty -e";
programs.ghostty = {
enable = true;
settings = {
confirm-close-surface = false;
};
};
})
];
}

3
modules/home/desktop/windowManager/hyprland/decoration.nix Normal file
View file

@ -0,0 +1,3 @@
{
animation = [ "workspaces, 0" ];
}

38
modules/home/desktop/windowManager/hyprland/default.nix Normal file
View file

@ -0,0 +1,38 @@
{
pkgs,
lib,
osConfig,
...
}:
let
mainMonitor = osConfig.desktop.mainMonitor;
in
{
config = lib.mkIf (osConfig.desktop.windowManager == "hyprland") {
wayland.windowManager.hyprland = {
enable = true;
systemd.enable = false;
settings = lib.mkMerge [
{
ecosystem.no_update_news = true;
monitor = [
"${mainMonitor.id}, ${mainMonitor.resolution}@${mainMonitor.refresh-rate}, auto, ${mainMonitor.scale}"
", preferred, auto, 1"
];
exec-once = [
"uwsm app -- $LOCKSCREEN"
"uwsm app -- $NOTIFICATION_DAEMON"
];
}
(import ./decoration.nix)
(import ./keybinds.nix { inherit pkgs; })
];
};
xdg.configFile."uwsm/env".text = # sh
''
'';
};
}

30
nix/homes/rafiq/desktop/_hyprland/keybinds.nix → modules/home/desktop/windowManager/hyprland/keybinds.nix
View file

@ -6,12 +6,10 @@
"$hypr, Q, exec, uwsm stop"
"SUPER, W, killactive"
"SUPER, return, exec, uwsm app -- $TERMINAL"
"SUPER, return, exec, uwsm app -- $TERMINAL $MULTIPLEXER"
"SUPER, O, exec, uwsm app -- $BROWSER"
"SUPER, Escape, exec, uwsm app -- $LOCKSCREEN"
#TODO:add file browser
#TODO: make it directional
"SUPER, H, cyclenext, visible"
"SUPER, L, cyclenext, visible prev"
"SUPER_ALT, H, movewindow, l"
@ -26,31 +24,15 @@
"SUPER_CTRL, L, workspace, r+1"
"$hypr, H, movetoworkspace, r-1"
"$hypr, L, movetoworkspace, r+1"
"$hypr, V, togglefloating"
];
bindr = [
# Activates on SUPER without any other modifier
"SUPER, Super_L, exec, uwsm app -- $($LAUNCHER --launch-prefix=\"uwsm app -- \")"
];
bindle = [
"SUPER, 6, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%-"
"SUPER, 6, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%-"
"SUPER, 7, exec, ${pkgs.playerctl}/bin/playerctl previous"
"SUPER, 8, exec, ${pkgs.playerctl}/bin/playerctl -a play-pause"
"SUPER, 8, exec, ${pkgs.playerctl}/bin/playerctl play-pause"
"SUPER, 9, exec, ${pkgs.playerctl}/bin/playerctl next"
"SUPER, 0, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%+"
"ALT, mouse_up, resizeactive, 10% 10%"
"ALT, mouse_down, resizeactive, -10% -10%"
];
bindm = [
"ALT, mouse:272, movewindow"
"ALT, mouse:273, resizeactive"
];
bindc = [
"ALT, mouse:272, togglefloating"
"SUPER, 0, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%+"
"$meh, mouse_up, resizeactive, 10% 10%"
"$meh, mouse_down, resizeactive, -10% -10%"
];
}

12
modules/home/system/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ config, ... }:
{
home.persistence."/persist/home/${config.snowfallorg.user.name}" = {
directories = [
".ssh"
".config/sops/age"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

19
modules/nixos/cli/default.nix Normal file
View file

@ -0,0 +1,19 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.cli = { };
config = lib.mkMerge [
{
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
environment.pathsToLink = [ "/share/zsh" ]; # enables completion
}
];
}

20
modules/nixos/desktop/default.nix Normal file
View file

@ -0,0 +1,20 @@
{ lib, ... }:
{
imports = [
./windowManager.nix
];
options.desktop = {
mainMonitor = {
id = lib.pantheon.mkStrOption;
scale = lib.pantheon.mkStrOption;
resolution = lib.pantheon.mkStrOption;
refresh-rate = lib.pantheon.mkStrOption;
};
windowManager = lib.pantheon.mkStrOption;
lockscreen = lib.pantheon.mkStrOption;
browser = lib.pantheon.mkStrOption;
terminal = lib.pantheon.mkStrOption;
notification-daemon = lib.pantheon.mkStrOption;
};
}

8
modules/nixos/desktop/lockscreen/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, lib, ... }:
{
config = lib.mkMerge [
(lib.mkIf (config.desktop.lockscreen == "hyprlock") {
security.pam.services.hyprlock = { };
})
];
}

23
modules/nixos/desktop/windowManager.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, lib, ... }:
{
config = lib.mkMerge [
(lib.mkIf (config.desktop.windowManager == "hyprland") {
environment.loginShellInit = # sh
''
if [[ -z "$SSH_CLIENT" && -z "$SSH_CONNECTION" ]]; then
if uwsm check may-start; then
exec uwsm start hyprland-uwsm.desktop
fi
fi
'';
environment.variables = {
ELECTRON_OZONE_PLATFORM_HINT = "auto";
NIXOS_OZONE_WL = "1";
};
programs.hyprland = {
enable = true;
withUWSM = true;
};
})
];
}

9
modules/nixos/hardware/audio.nix Normal file
View file

@ -0,0 +1,9 @@
{ config, ... }:
{
config = {
services.pipewire = {
enable = true;
pulse.enable = true;
};
};
}

104
modules/nixos/hardware/btrfs.nix Normal file
View file

@ -0,0 +1,104 @@
{ lib, config, ... }:
let
cfg = config.hardware.drives.btrfs;
in
{
config = lib.mkIf (cfg.enable) (
lib.mkMerge [
{
boot.initrd.kernelModules = [ "dm-snapshot" ];
disko.devices.disk.main = {
device = cfg.drive;
type = "disk";
content.type = "gpt";
content.partitions = {
boot.name = "boot";
boot.size = "1M";
boot.type = "EF02";
esp.name = "ESP";
esp.size = "500M";
esp.type = "EF00";
esp.content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
swap.size = "4G";
swap.content = {
type = "swap";
resumeDevice = true;
};
root.name = "root";
root.size = "100%";
root.content = {
type = "lvm_pv";
vg = "root_vg";
};
};
};
disko.devices.lvm_vg.root_vg = {
type = "lvm_vg";
lvs.root.size = "100%FREE";
lvs.root.content.type = "btrfs";
lvs.root.content.extraArgs = [ "-f" ];
lvs.root.content.subvolumes = {
"/root".mountpoint = "/";
"/persist".mountpoint = "/persist";
"/persist".mountOptions = [
"subvol=persist"
"noatime"
];
"/nix".mountpoint = "/nix";
"/nix".mountOptions = [
"subvol=nix"
"noatime"
];
};
};
}
(lib.mkIf (cfg.ephemeralRoot) {
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/root_vg/root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/lib/systemd"
"/var/lib/nixos"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
"/etc/machine-id"
];
};
})
]
);
}

9
modules/nixos/hardware/cpu.nix Normal file
View file

@ -0,0 +1,9 @@
{ config, lib, ... }:
{
config = lib.mkMerge [
(lib.mkIf (config.hardware.platform == "amd") {
hardware.cpu.amd.updateMicrocode = true;
boot.kernelModules = [ "kvm-amd" ];
})
];
}

28
modules/nixos/hardware/default.nix Normal file
View file

@ -0,0 +1,28 @@
{ lib, ... }:
{
imports = [
./btrfs.nix
./nvidia.nix
./audio.nix
./cpu.nix
./networking.nix
];
options.hardware = {
drives.btrfs = {
enable = lib.mkEnableOption "";
drive = lib.pantheon.mkStrOption;
ephemeralRoot = lib.mkEnableOption "";
};
gpu = lib.pantheon.mkStrOption;
platform = lib.pantheon.mkStrOption;
};
config = {
services.fwupd.enable = true;
hardware.bluetooth = {
enable = true;
settings.General.Experimental = true;
};
};
}

23
modules/nixos/hardware/networking.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, lib, ... }:
{
config = lib.mkMerge [
{
networking.useDHCP = lib.mkDefault true;
networking.hostName = config.system.hostname;
networking.networkmanager.enable = true;
services.openssh = {
enable = true;
settings = {
PrintMotd = true;
};
};
services.tailscale = {
enable = true;
authKeyFile = config.sops.secrets."keys/tailscale".path;
};
environment.persistence."/persist".files = [ "/var/lib/tailscale/tailscaled.state" ];
}
];
}

28
modules/nixos/hardware/nvidia.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
config,
pkgs,
...
}:
{
config = lib.mkIf (config.hardware.gpu == "nvidia") {
hardware.graphics.enable = true;
hardware.graphics.extraPackages = with pkgs; [
nvidia-vaapi-driver
];
services.xserver.videoDrivers = [ "nvidia" ];
hardware.nvidia.open = true;
hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.latest;
nixpkgs.config.allowUnfree = true;
environment.variables = {
LIBVA_DRIVER_NAME = "nvidia";
__GLX_VENDOR_LIBRARY_NAME = "nvidia";
NVD_BACKEND = "direct";
};
nix.settings.substituters = [ "cuda-maintainers.cachix.org" ];
nix.settings.trusted-public-keys = [
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
];
};
}

19
modules/nixos/system/boot.nix Normal file
View file

@ -0,0 +1,19 @@
{ config, lib, ... }:
{
config = lib.mkMerge [
{
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.loader.efi.canTouchEfiVariables = true;
}
(lib.mkIf (config.system.bootloader == "systemd-boot") {
boot.loader.systemd-boot.enable = true;
})
];
}

21
modules/nixos/system/default.nix Normal file
View file

@ -0,0 +1,21 @@
{ config, lib, ... }:
{
imports = [
./boot.nix
./users.nix
./localisation.nix
./nix-config.nix
./secrets.nix
];
options.system = {
hostname = lib.pantheon.mkStrOption;
mainUser.name = lib.pantheon.mkStrOption;
mainUser.publicKey = lib.pantheon.mkStrOption;
bootloader = lib.pantheon.mkStrOption;
};
config = {
system.stateVersion = "25.05"; # Did you read the comment?
};
}

9
modules/nixos/system/localisation.nix Normal file
View file

@ -0,0 +1,9 @@
{ config, lib, ... }:
{
config = lib.mkMerge [
{
time.timeZone = "Asia/Singapore";
i18n.defaultLocale = "en_US.UTF-8";
}
];
}

17
modules/nixos/system/nix-config.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, inputs, ... }:
{
config = {
nixpkgs.config.allowUnfree = true;
nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
nix.settings = {
experimental-features = [
"nix-command"
"flakes"
"pipe-operators"
];
trusted-users = [ "@wheel" ];
};
};
}

20
modules/nixos/system/secrets.nix Normal file
View file

@ -0,0 +1,20 @@
{ lib, config, ... }:
{
sops = {
defaultSopsFile = lib.snowfall.fs.get-file "secrets/secrets.yaml";
age.sshKeyPaths = [ "/persist/home/rafiq/.ssh/id_ed25519" ];
secrets = {
"keys/tailscale" = { };
"keys/gemini" = { };
"keys/cvt-jira" = { };
"misc/cvt-jira-link" = { };
"rafiq/hashedPassword".neededForUsers = true;
};
};
environment.shellInit = # sh
''
export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
export CVT_JIRA_KEY=$(sudo cat ${config.sops.secrets."keys/cvt-jira".path})
export CVT_JIRA_LINK=$(sudo cat ${config.sops.secrets."misc/cvt-jira-link".path})
'';
}

26
modules/nixos/system/users.nix Normal file
View file

@ -0,0 +1,26 @@
{
config,
lib,
...
}:
{
config = lib.mkMerge [
{
users.mutableUsers = false;
users.groups.users = {
gid = 100;
members = [ "${config.system.mainUser.name}" ];
};
users.users."${config.system.mainUser.name}" = {
linger = true;
uid = 1000;
isNormalUser = true;
hashedPasswordFile = config.sops.secrets."${config.system.mainUser.name}/hashedPassword".path;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [ config.system.mainUser.publicKey ];
};
services.getty.autologinUser = config.system.mainUser.name;
security.sudo.wheelNeedsPassword = false;
}
];
}

62
nix/configurations.nix
View file

@ -1,62 +0,0 @@
{
config,
lib,
inputs,
...
}:
let
inherit (lib) nixosSystem;
inherit (inputs.nix-darwin.lib) darwinSystem;
inherit (lib.lists) optional;
inherit (lib.attrsets) mapAttrs;
inherit (cfg.lib.modules) forAllUsers';
inherit (config.manifest) hosts;
cfg = config.flake;
globalCfg = hostName: hostConfig: {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit hostName hostConfig; };
sharedModules = [ cfg.modules.homeManager.default ];
users = forAllUsers' (name: _: cfg.modules.homeManager.${name});
};
mkConfigurations =
class: hosts:
mapAttrs (
name: value:
if class == "nixos" then
nixosSystem {
specialArgs = {
inherit (config.flake) self;
hostName = name;
hostConfig = value;
};
modules = [
cfg.modules.nixos.default
inputs.home-manager.nixosModules.home-manager
{ home-manager = globalCfg name value; }
(value.extraCfg or { })
] ++ optional value.graphical cfg.modules.nixos.graphical;
}
else if class == "darwin" then
darwinSystem {
specialArgs = {
inherit (config.flake) self;
hostName = name;
hostConfig = value;
};
modules = [
cfg.modules.darwin.default
inputs.home-manager.darwinModules.home-manager
{ home-manager = globalCfg name value; }
(value.extraCfg or { })
] ++ optional value.graphical cfg.modules.darwin.graphical;
}
else
{ }
) hosts;
in
{
imports = [ inputs.home-manager.flakeModules.home-manager ];
flake.nixosConfigurations = mkConfigurations "nixos" hosts.nixos;
flake.darwinConfigurations = mkConfigurations "darwin" hosts.darwin;
}

18
nix/files/cheatsheet.nix
View file

@ -1,18 +0,0 @@
{ lib, config, ... }:
let
inherit (builtins) concatStringsSep;
inherit (lib.lists) singleton;
in
{
text.cheatsheet = concatStringsSep "\n" [
"`__curPos.file` will give the full evaluated path of the nix file it is called in. See [this issue](https://github.com/NixOS/nix/issues/5897#issuecomment-1012165198) for more information."
];
perSystem =
{ pkgs, ... }:
{
files.files = singleton {
path_ = "docs/cheatsheet.md";
drv = pkgs.writeText "cheatsheet.md" config.text.cheatsheet;
};
};
}

13
nix/files/gitignore.nix
View file

@ -1,13 +0,0 @@
{ config, ... }:
{
perSystem =
{ pkgs, ... }:
{
files.files = [
{
path_ = ".gitignore";
drv = pkgs.writeText ".gitignore" config.text.gitignore;
}
];
};
}

54
nix/files/readme.nix
View file

@ -1,54 +0,0 @@
{ config, ... }:
{
text.readme = {
heading = "Pantheon";
description = # markdown
''
This flake serves as a monorepo for my systems (using IaC), dotfiles, and scripts.
It's hosted at https://git.rrv.sh/rrvsh/pantheon, and mirrored to https://github.com/rrvsh/pantheon.
'';
order = [
"Structure"
"Acknowledgements"
];
parts."Acknowledgements" = # markdown
''
Thanks to the following for inspiring this configuration. I highly recommend you look through their writings and configurations.
- [ornicar](https://github.com/ornicar/dotfiles) which is where I first heard of NixOS
- [No Boilerplate](https://www.youtube.com/watch?v=CwfKlX3rA6E&pp=0gcJCfwAo7VqN5tD) for making me finally try the OS
- [ryan4yin](https://nixos-and-flakes.thiscute.world/) for being an amazing introduction to NixOS, home-manager, and flakes
- [NotAShelf](https://github.com/NotAShelf/) for their blog and for the wonderful [NVF](https://github.com/notashelf/nvf)
- [mightyiam](https://github.com/mightyiam/infra) for their infrastructure repo using flake-parts
- [drupol](https://not-a-number.io/2025/refactoring-my-infrastructure-as-code-configurations/) for this blog post which convinced me to rebase my infra to use flake-parts
'';
parts."Structure" = # markdown
''
The system configurations are defined in [`flake.manifest`](nix/manifest.nix).
`manifest.owner` provides the attributes for the administrator user, including username and pubkey.
`manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations.
`flake.modules.nixos.*` provide NixOS options and configurations.
The attribute `flake.modules.nixos.default` provides options that will be applied to every system of that class.
You can use it as seen [here](nix/modules/flake/home-manager.nix):
```nix
flake.modules.nixos.default.imports = [ inputs.home-manager.nixosModules.default ];
```
The other attributes under `flake.modules.nixos` should be opt-in, i.e. provide options that will be set in the profiles.
`flake.profiles.nixos` provides profiles which use the options defined in `flake.modules.nixos` to define different roles for each system, such as graphical, laptop, headless, etc.
Options should not be defined here.
`flake.contracts.nixos.*` will provide contracts, such as reverse proxies or databases, which will configure options on the provider and receiver host.
'';
};
perSystem =
{ pkgs, ... }:
{
files.files = [
{
path_ = "docs/README.md";
drv = pkgs.writeText "README.md" config.text.readme;
}
];
};
}

28
nix/flake-parts/files.nix
View file

@ -1,28 +0,0 @@
{
inputs,
withSystem,
lib,
config,
...
}:
let
inherit (builtins) map head;
inherit (lib.lists) concatStringsSep;
mkListEntry = x: "- [" + x.path_ + "](" + x.path_ + ")";
listOfGeneratedFiles = withSystem (head config.systems) (psArgs: psArgs.config.files.files);
in
{
imports = [ inputs.files.flakeModules.default ];
perSystem = psArgs: {
make-shells.default.packages = [ psArgs.config.files.writer.drv ];
};
text.readme.parts."Generated Files" = concatStringsSep "\n" (
[
"This flake uses the [files flake-parts module](https://flake.parts/options/files.html) to generate documentation."
"The list of generated files are:"
]
++ (map mkListEntry listOfGeneratedFiles)
);
}

10
nix/flake-parts/flake-parts.nix
View file

@ -1,10 +0,0 @@
{ inputs, ... }:
{
debug = true;
imports = [
inputs.make-shell.flakeModules.default
inputs.manifest.flakeModules.default
inputs.flake-parts.flakeModules.modules
inputs.text.flakeModules.default
];
}

24
nix/flake-parts/git-hooks.nix
View file

@ -1,24 +0,0 @@
{ inputs, ... }:
{
imports = [ inputs.git-hooks.flakeModule ];
text.gitignore = ".pre-commit-config.*";
perSystem = psArgs: {
pre-commit.settings.hooks = {
# Nix Linters
deadnix.enable = true;
statix.enable = true;
nil.enable = true;
nixfmt-rfc-style.enable = true;
# Flake Health Checks
flake-checker.enable = true;
# Misc
mixed-line-endings.enable = true;
trim-trailing-whitespace.enable = true;
#TODO: figure out vale
#TODO: make nix develop work
#TODO: add nix flake check
#TODO: add write-files
};
make-shells.default.shellHook = psArgs.config.pre-commit.installationScript;
};
}

3
nix/homes/rafiq/_nvf/binds.nix
View file

@ -1,3 +0,0 @@
{
whichKey.enable = true;
}

17
nix/homes/rafiq/_nvf/lsp.nix
View file

@ -1,17 +0,0 @@
{
enable = true;
# Show virtual text hints
inlayHints.enable = true;
lightbulb.enable = true;
# Show icons for lsp actions
lspkind.enable = true;
null-ls.enable = true;
otter-nvim = {
enable = true;
setupOpts = {
buffers.set_filetype = true;
buffers.write_to_disk = true;
handle_leading_whitespace = true;
};
};
}

9
nix/homes/rafiq/_nvf/navigation.nix
View file

@ -1,9 +0,0 @@
{
harpoon = {
enable = true;
mappings.listMarks = "<leader>ml";
mappings.markFile = "<leader>mm";
setupOpts.defaults.save_on_toggle = true;
setupOpts.defaults.sync_on_ui_close = true;
};
}

28
nix/homes/rafiq/_nvf/snippets.nix
View file

@ -1,28 +0,0 @@
{ pkgs }:
{
luasnip = {
enable = true;
setupOpts.enable_autosnippets = true;
providers = with pkgs.vimPlugins; [ vim-snippets ];
loaders = "require('luasnip.loaders.from_vscode').lazy_load()";
customSnippets.snipmate = {
nix = [
{
trigger = "mod";
description = "empty module";
body = # nix
''
{config, lib, ...}:
let
cfg = config.$1;
in
{
options.$1 = { $2 };
config = $3;
}
'';
}
];
};
};
}

10
nix/homes/rafiq/_nvf/statusline.nix
View file

@ -1,10 +0,0 @@
{
lualine = {
enable = true;
refresh = {
statusline = 10;
winbar = 10;
};
#TODO: rice lualine
};
}

16
nix/homes/rafiq/_nvf/ui.nix
View file

@ -1,16 +0,0 @@
{
borders = {
enable = true;
globalStyle = "rounded";
};
breadcrumbs.enable = true;
# Show color values e.g. #ffffff
colorizer.enable = true;
# Highlight matching symbols
illuminate.enable = true;
noice.enable = true;
noice.setupOpts.notify.enabled = false;
# Make folds look nicer
nvim-ufo.enable = true;
smartcolumn.enable = true;
}

11
nix/homes/rafiq/_nvf/utility.nix
View file

@ -1,11 +0,0 @@
{
motion.hop.enable = true;
yazi-nvim = {
enable = true;
mappings = {
openYazi = "<leader>tt";
openYaziDir = "<leader>TT";
};
setupOpts.open_for_directories = true;
};
}

71
nix/homes/rafiq/_scripts/commit.nix
View file

@ -1,71 +0,0 @@
{ pkgs, ... }:
pkgs.writeShellScriptBin "commit" # bash
''
if git diff-index --quiet HEAD --; then exit 0; fi
PROMPT="Please generate a commit message for this diff."
GUIDELINES="1. Use conventional commit syntax, following the context. 2. Cap the commit message at 80 characters, preferably less. You must not go beyond this limit. 3. Do not include backticks. Only generate the raw text. 4. Be as succint as possible. Each commit should be atomic. You may throw a warning if it is not."
NUM_ANCESTORS=0
PUSH=false
# Parse arguments
while [[ $# -gt 0 ]]; do
case "$1" in
--num-ancestors | -n)
NUM_ANCESTORS="$2"
shift 2
;;
--push | -u)
PUSH=true
shift
;;
*)
echo "Unrecognised argument: $1. Exiting..."
exit 1
;;
esac
done
# Get context and diff
CONTEXT=$(git --no-pager log -n 10)
DIFF=$(git --no-pager diff HEAD~$NUM_ANCESTORS)
# Generate initial response
RESPONSE=$(aichat "$PROMPT\nGuidelines: $GUIDELINES\nContext from git log:\n$CONTEXT\nDiff from git diff HEAD:\n$DIFF")
while true; do
echo "$RESPONSE"
echo
echo "Choose an action:"
read -p "Options: [y]es, [r]eroll, [e]dit, [q]uit? " -n 1 -r choice
echo
case "$choice" in
y | yes)
git commit -am "$RESPONSE"
echo "Committed successfully."
if $PUSH; then
git push
echo "Pushed successfully."
fi
exit 0
;;
r | reroll)
RESPONSE=$(aichat "$PROMPT\nGuidelines: $GUIDELINES\nContext from git log:\n$CONTEXT\nDiff from git diff HEAD:\n$DIFF")
;;
e | edit)
echo "$RESPONSE" > /tmp/commit_msg.txt
"$EDITOR" /tmp/commit_msg.txt
RESPONSE=$(cat /tmp/commit_msg.txt)
rm /tmp/commit_msg.txt
;;
q | quit | "")
echo "Aborted."
exit 1
;;
*)
echo "Invalid choice. Please choose again."
;;
esac
done
''

9
nix/homes/rafiq/_scripts/note.nix
View file

@ -1,9 +0,0 @@
{ pkgs, ... }:
pkgs.writeShellScriptBin "note" # bash
''
zk edit -i
pushd ~/notebook > /dev/null
git add .
commit -u
popd > /dev/null
''

148
nix/homes/rafiq/_scripts/rebuild.nix
View file

@ -1,148 +0,0 @@
{ pkgs }:
let
inherit (pkgs.lib) getExe;
in
pkgs.writeShellScriptBin "rebuild" # sh
''
QUICK=false
NO_GENERATION_CHECK=false
TEST_SHELL=false
REMOTE_HOSTS=()
REBUILDING_ALL=false
# ANSI color codes
GREEN='\033[0;32m'
ORANGE='\033[0;33m'
RED='\033[0;31m'
NC='\033[0m'
info() {
timestamp=$(date "+%Y-%m-%d %H:%M:%S")
echo -e "''${GREEN}''${timestamp} INFO: $1''${NC}"
}
warn() {
timestamp=$(date "+%Y-%m-%d %H:%M:%S")
echo -e "''${ORANGE}''${timestamp} WARN: $1''${NC}"
}
err() {
timestamp=$(date "+%Y-%m-%d %H:%M:%S")
echo -e "''${RED}''${timestamp} ERROR: $1''${NC}"
}
prompt() {
local PROMPT="$1"
shift
read -p "$PROMPT? (y/n) [n]: " -n 1 -r REPLY
echo
if [[ "$REPLY" =~ ^[Yy]$ ]]; then
"$*"
else
info "$PROMPT aborted."
fi
}
spawn_test_shell() {
info "Spawning test shell on $1..."
(export PS1="Test shell> "
exec ${pkgs.bash}/bin/bash ssh "$1") || {
${pkgs.cowsay}/bin/cowsay "You aborted."
exit 1
}
}
rebuild_remote() {
local args=(".#nixosConfigurations.$1" "--target-host" "$1")
local CURRENT_GENERATION=$(ssh "$1" readlink /nix/var/nix/profiles/system | cut -d- -f2)
if "$TEST_SHELL"; then
info "Testing $1..."
${getExe pkgs.nh} os test "''${args[@]}" || exit 1
git diff HEAD --color=always --stat --patch
spawn_test_shell "$1"
info "Rebuilding $1..."
${getExe pkgs.nh} os boot "''${args[@]}" || exit 1
else
info "Rebuilding $1 on $HOSTNAME..."
${getExe pkgs.nh} os switch "''${args[@]}" || exit 1
fi
if ! "$NO_GENERATION_CHECK"; then
local NEW_GENERATION=$(ssh "$1" readlink /nix/var/nix/profiles/system | cut -d- -f2)
info "$1 - New generation is $NEW_GENERATION. Current is $CURRENT_GENERATION."
if [ ! $NEW_GENERATION -gt $CURRENT_GENERATION ]; then
warn "New config was not added to bootloader."
fi
fi
}
info "Starting rebuild script."
if [ ! -f "flake.nix" ]; then
err "flake.nix not found in the current directory. Exiting."
exit 1 # Indicate an error
fi
while [[ $# -gt 0 ]]; do
case "$1" in
--quick | -q)
QUICK=true
shift
;;
--no-generation-check | -n)
NO_GENERATION_CHECK=true
shift
;;
--test-shell | -t)
TEST_SHELL=true
shift
;;
--all | -a)
reachable_hosts=()
hostnames=$(nix flake show --all-systems --json | , jq -r '.nixosConfigurations | keys | .[]')
for host in ''${hostnames[@]}; do
info "Checking if $host is reachable..."
if ping -c 1 -W 1 "$host" > /dev/null 2>&1 ; then
info "$host is reachable."
reachable_hosts+=("$host")
else
warn "$host is unreachable."
fi
done
REMOTE_HOSTS=(''${reachable_hosts[@]})
REBUILDING_ALL=true
shift
;;
*)
if [ !REBUILDING_ALL ]; then
if ping -c 1 -W 1 "$1" > /dev/null 2>&1 ; then
REMOTE_HOSTS+=("$1")
else
err "$1 is unreachable. Exiting."
exit 1
fi
fi
shift
;;
esac
done
if [ ''${#REMOTE_HOSTS[@]} == 0 ]; then
info "No hostnames provided."
REMOTE_HOSTS=("$HOSTNAME")
fi
git add .
for host in "''${REMOTE_HOSTS[@]}"; do
rebuild_remote $host
done
if ! "$QUICK"; then
prompt "Commit changes" commit
prompt "Reboot system" sudo systemctl reboot
fi
info "Rebuild script completed successfully."
exit 0
''

21
nix/homes/rafiq/darwin.nix
View file

@ -1,21 +0,0 @@
{ lib, ... }:
let
inherit (lib.modules) mkIf;
in
{
flake.modules.homeManager.rafiq =
{
pkgs,
config,
hostName,
hostConfig,
...
}:
mkIf (pkgs.system == "aarch64-darwin" || pkgs.system == "x86_64-darwin") {
home.file."Library/Application Support/aichat/config.yaml".text = ''
model: gemini:gemini-2.0-flash
clients:
- type: gemini
'';
};
}

146
nix/homes/rafiq/default.nix
View file

@ -1,146 +0,0 @@
{ lib, inputs, ... }:
let
inherit (lib.strings) concatStrings;
in
{
flake.modules.homeManager.rafiq =
{ pkgs, ... }:
{
imports = [
inputs.nvf.homeManagerModules.default
inputs.nix-index-database.hmModules.nix-index
];
persistDirs = [
".local/share/zoxide"
"notebook"
];
xdg.configFile."aichat/config.yaml".text = ''
model: gemini:gemini-2.0-flash
clients:
- type: gemini
'';
home = {
sessionVariables = {
EDITOR = "nvim";
FETCH = "hyfetch";
FILE_BROWSER = "yazi";
SHELL = "fish";
};
shellAliases = {
fetch = "hyfetch";
windows = "sudo systemctl reboot --boot-loader-entry=auto-windows";
v = "$EDITOR";
e = "edit";
cd = "z"; # zoxide
ai = "aichat -r %shell% -e";
};
packages = with pkgs; [
fastfetch
ripgrep
aichat
(import ./_scripts/edit.nix { inherit pkgs; })
(import ./_scripts/commit.nix { inherit pkgs; })
(import ./_scripts/note.nix { inherit pkgs; })
(import ./_scripts/rebuild.nix { inherit pkgs; })
];
};
programs = {
mise.enable = true;
nvf.enable = true;
nvf.settings.vim = {
syntaxHighlighting = true;
hideSearchHighlight = true;
searchCase = "ignore";
undoFile.enable = true;
telescope.enable = true;
fzf-lua.enable = true;
git.enable = true;
autopairs.nvim-autopairs.enable = true;
autocomplete = import ./_nvf/autocomplete.nix { inherit lib; };
binds = import ./_nvf/binds.nix;
languages = import ./_nvf/languages.nix;
lsp = import ./_nvf/lsp.nix;
navigation = import ./_nvf/navigation.nix;
notes.todo-comments.enable = true;
options = {
autoindent = true;
backspace = "indent,eol,start";
cursorline = true;
expandtab = true;
shiftwidth = 2;
smartindent = true;
tabstop = 2;
};
snippets = import ./_nvf/snippets.nix { inherit pkgs; };
statusline = import ./_nvf/statusline.nix;
treesitter = {
autotagHtml = true;
fold = true;
indent.disable = [ "markdown" ];
textobjects.enable = true;
};
ui = import ./_nvf/ui.nix;
utility = import ./_nvf/utility.nix;
visuals = import ./_nvf/visuals.nix;
};
zk = {
enable = true;
settings.notebook.dir = "~/notebook";
};
hyfetch = {
enable = true;
settings = {
preset = "bisexual";
mode = "rgb";
light_dark = "dark";
lightness = 0.5;
color_align = {
# Flag color alignment
mode = "horizontal";
fore_back = null;
};
backend = "fastfetch";
};
};
tealdeer.enable = true;
tealdeer.enableAutoUpdates = true;
direnv = {
enable = true;
nix-direnv.enable = true;
};
zoxide.enable = true;
nix-index.enable = true;
nix-index-database.comma.enable = true;
fzf.enable = true;
fzf.enableZshIntegration = true;
yazi = {
enable = true;
shellWrapperName = "t";
settings.mgr.sort_by = "natural";
};
fish.enable = true;
starship = {
enable = true;
settings = {
add_newline = false;
format = concatStrings [
# First Line
## Left Prompt
"$hostname$directory"
"$fill"
## Right Prompt
"$all"
# Second Line
## Left Prompt
"$character"
];
git_branch.format = "[$symbol$branch(:$remote_branch)]($style) ";
shlvl.disabled = false;
username.disabled = true;
fill.symbol = " ";
};
};
};
};
}

14
nix/homes/rafiq/desktop/_hyprland/decoration.nix
View file

@ -1,14 +0,0 @@
{
animation = [ "workspaces, 1, 1, default" ];
general = {
border_size = 2;
gaps_in = 0;
gaps_out = 0;
resize_on_border = true;
};
decoration = {
rounding = 10;
rounding_power = 2;
inactive_opacity = 0.9;
};
}

37
nix/homes/rafiq/desktop/darwin.nix
View file

@ -1,37 +0,0 @@
{ config, ... }:
let
inherit (config.manifest) admin;
in
{
flake.modules.darwin.graphical.homebrew = {
enable = true;
user = admin.username;
onActivation.cleanup = "uninstall";
brews = [
"mise"
"docker"
];
casks = [
"ghostty"
"slack"
"gitify"
"telegram"
"vial"
"linear-linear"
"chatgpt"
];
};
flake.modules.homeManager.rafiq = {
# make sure brew is on the path for M1
programs.zsh.initContent = ''
if [[ $(uname -m) == 'arm64' ]]; then
eval "$(/opt/homebrew/bin/brew shellenv)"
fi
'';
programs.fish.shellInit = ''
if test (uname -m) = "arm64"
eval (/opt/homebrew/bin/brew shellenv)
end
'';
};
}

61
nix/homes/rafiq/desktop/default.nix
View file

@ -1,61 +0,0 @@
{ lib, inputs, ... }:
{
flake.modules.homeManager.rafiq =
{ pkgs, config, ... }:
let
inherit (lib.modules) mkIf;
inherit (builtins) map listToAttrs;
inherit (lib.lists) findFirstIndex;
inherit (inputs.nur.legacyPackages.${pkgs.stdenv.hostPlatform.system}.repos.rycee) firefox-addons;
profiles = listToAttrs (
map (name: {
inherit name;
# If there are duplicate profile names, findFirstIndex will cause issues.
value = profileCfg (findFirstIndex (x: x == name) null syncedProfiles);
}) syncedProfiles
);
syncedProfiles = [
"rafiq"
"test"
];
profileCfg = id: {
inherit id;
settings."extensions.autoDisableScopes" = 0; # Auto enable extensions
extensions = {
force = true;
packages = with firefox-addons; [
darkreader
gesturefy
sponsorblock
ublock-origin
];
};
};
in
mkIf config.graphical {
stylix = {
image = ./wallpaper.png;
targets = {
firefox.colorTheme.enable = true;
firefox.profileNames = syncedProfiles;
};
};
home = {
sessionVariables = {
BROWSER = "firefox";
TERMINAL = "ghostty";
};
};
programs = {
vesktop.enable = true;
thunderbird.enable = true;
thunderbird.profiles.rafiq.isDefault = true;
# ghostty is broken on nix-darwin
ghostty.settings.confirm-close-surface = false;
firefox = {
enable = true;
inherit profiles;
};
};
};
}

232
nix/homes/rafiq/desktop/nixos.nix
View file

@ -1,232 +0,0 @@
{ lib, config, ... }:
let
inherit (config.manifest) admin;
in
{
allowedUnfreePackages = [
"stremio-shell"
"stremio-server"
"steam"
"steam-unwrapped"
];
flake.modules.nixos.graphical =
{ config, pkgs, ... }:
{
fonts.packages = [ pkgs.font-awesome ];
services.getty.autologinUser = admin.username;
# Start Hyprland at boot only if not connecting through SSH
environment.loginShellInit = # sh
''
if [[ -z "$SSH_CLIENT" && -z "$SSH_CONNECTION" ]]; then
if uwsm check may-start; then
exec uwsm start hyprland-uwsm.desktop
fi
fi
'';
environment.variables = {
# Get Electron apps to use Wayland
ELECTRON_OZONE_PLATFORM_HINT = "auto";
NIXOS_OZONE_WL = "1";
};
programs = {
hyprland = {
enable = true;
# Use UWSM to have each process controlled by systemd init
withUWSM = true;
};
steam = {
enable = true;
gamescopeSession.enable = true;
};
};
security.pam.services.hyprlock = { };
services.sunshine = {
enable = true;
capSysAdmin = true;
openFirewall = true;
settings = {
sunshine_name = config.networking.hostName;
origin_pin_allowed = "wan";
origin_web_ui_allowed = "wan";
};
applications = { };
};
# spotifyd
networking.firewall.allowedTCPPorts = [ 5353 ];
networking.firewall.allowedUDPPorts = [ 5353 ];
};
flake.modules.homeManager.rafiq =
{
pkgs,
config,
hostName,
hostConfig,
...
}:
let
inherit (lib.modules) mkMerge mkIf;
in
mkIf (config.graphical && pkgs.system == "x86_64-linux") {
stylix.targets.waybar.addCss = false;
persistDirs = [
"docs"
"repos"
"vids"
"tmp"
".cache/Smart Code ltd/Stremio"
".local/share/Smart Code ltd/Stremio"
".mozilla/firefox"
".tor project"
".local/share/Steam"
".local/share/PrismLauncher"
".config/sunshine"
];
home = {
packages = with pkgs; [
wl-clipboard-rs
stremio
tor-browser
vlc
prismlauncher
];
sessionVariables = {
LAUNCHER = "fuzzel";
LOCKSCREEN = "hyprlock";
NOTIFICATION_DAEMON = "mako";
STATUS_BAR = "waybar";
};
};
# xdg.configFile."uwsm/env".text = # sh
# ''
# # Force apps to scale right with Wayland
# export GDK_SCALE=${mainMonitor.scale}
# export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale}
# '';
# xdg.configFile."uwsm/env-hyprland".text = # sh
# ''
# export GDK_SCALE=${mainMonitor.scale}
# export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale}
# '';
wayland.windowManager.hyprland = {
enable = true;
# This is needed for UWSM
systemd.enable = false;
# Null the packages since we use them system wide
package = null;
portalPackage = null;
settings = mkMerge [
(import ./_hyprland/decoration.nix)
(import ./_hyprland/keybinds.nix { inherit pkgs; })
{
ecosystem.no_update_news = true;
xwayland.force_zero_scaling = true;
monitor =
let
mainMonitor = hostConfig.machine.monitors.main;
in
[
"${mainMonitor.id}, ${mainMonitor.resolution}@${mainMonitor.refresh-rate}, auto, ${mainMonitor.scale}"
", preferred, auto, 1"
];
exec-once = [
"uwsm app -- $LOCKSCREEN"
"uwsm app -- $NOTIFICATION_DAEMON"
"uwsm app -- $STATUS_BAR"
];
}
];
};
services = {
spotifyd.enable = true;
spotifyd.settings.global = {
device_name = "${hostName}";
device_type = "computer";
zeroconf_port = 5353;
};
mako.enable = true;
mako.settings.default-timeout = 10000;
};
programs = {
obs-studio.enable = true;
fuzzel.enable = true;
ghostty.enable = true;
waybar = {
enable = true;
settings = [
{
layer = "top";
modules-left = [
"pulseaudio"
];
modules-right = [
"battery"
"clock"
];
"pulseaudio" = {
format = "{icon} {volume}%";
format-muted = "";
format-icons.default = [
""
""
];
on-click = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
};
"clock" = {
interval = 1;
format = "{:%F %T}";
};
"battery" = {
interval = 1;
bat-compatibility = true;
};
}
];
style = # css
''
window#waybar {
background-color: rgba(0, 0, 0, 0);
}
#pulseaudio,
#battery,
#clock {
padding-top: 5px;
padding-bottom: 5px;
padding-right: 5px;
color: #ffffff;
}
'';
};
hyprlock = {
enable = true;
settings = {
general.hide_cursor = true;
general.ignore_empty_input = true;
background.blur_passes = 5;
background.blur_size = 5;
label = {
text = ''hi, $USER.'';
font_size = 32;
position = "0, 0";
halign = "center";
valign = "center";
zindex = 1;
shadow_passes = 5;
shadow_size = 5;
};
input-field = {
placeholder_text = "";
fade_on_empty = true;
size = "200, 45";
position = "0, -5%";
halign = "center";
valign = "center";
zindex = 1;
shadow_passes = 5;
shadow_size = 5;
};
};
};
};
};
}

BIN
nix/homes/rafiq/desktop/wallpaper.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.5 MiB

54
nix/lib/attrsets.nix
View file

@ -1,54 +0,0 @@
{ lib, ... }:
let
inherit (builtins) attrNames head;
inherit (lib.trivial) pipe;
inherit (lib.attrsets) filterAttrs;
in
{
flake.lib.attrsets = {
/**
`firstAttrNameMatching pred set` filters an attribute set `set` based on a predicate `pred`
and returns the *first* attribute name that satisfies the predicate.
# Example
```nix
let
mySet = {
a = { value = 1; };
b = { value = 2; };
c = { value = 3; };
};
isGreaterThanOne = name: value: value.value > 1;
result = firstAttrNameMatching isGreaterThanOne mySet;
in
result
# Output: "b"
```
# Type
```
firstAttrNameMatching :: (String -> Any -> Bool) -> AttrSet -> String
```
# Arguments
pred
: A function that takes an attribute name and its value and returns a boolean.
set
: The attribute set to filter.
*/
firstAttrNameMatching =
pred: set:
pipe set [
(filterAttrs pred)
attrNames
head
];
};
}

13
nix/lib/lists.nix
View file

@ -1,13 +0,0 @@
let
inherit (builtins) length tail;
in
{
flake.lib.lists = rec {
shortenList =
count: list:
let
len = length list;
in
if len <= count then list else (shortenList count (tail list));
};
}

100
nix/lib/modules.nix
View file

@ -1,100 +0,0 @@
{ lib, config, ... }:
let
inherit (builtins) foldl' attrNames;
inherit (lib.attrsets) mapAttrs;
in
{
flake.lib.modules = {
/**
Fold over the users list and create an attribute set.
# Inputs
`f`
: A function that takes the name of a user and returns an attribute set.
# Type
```
userListToAttrs :: (String -> AttrSet) -> AttrSet
```
# Examples
:::{.example}
## `userListToAttrs` usage example
```nix
flake.manifest.users.rafiq = { ... };
flake.modules.homeManager.users = userListToAttrs (name: {
${name}.home.username = name;
});
=> flake.modules.homeManager.default.users.rafiq.home.username = "rafiq";
```
:::
*/
userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames config.manifest.users);
/**
Return an attribute set for use with a option that needs to be used for all users.
# Inputs
`attrset`
: An attribute set to apply to all the users.
# Type
```
forAllUsers :: AttrSet -> AttrSet
```
# Examples
:::{.example}
## `forAllUsers` usage example
```nix
flake.manifest.users.rafiq = { ... };
flake.modules.nixos.default.users = forAllUsers {
isNormalUser = true;
};
=> flake.modules.nixos.default.users.rafiq.isNormalUser = true;
```
:::
*/
forAllUsers = attrset: mapAttrs (_: _: attrset) config.manifest.users;
/**
Like forAllUsers, but passes in the name and value from the manifest.
# Inputs
`f`
: A function that takes an attribute name and its value, and returns the new value for the attribute.
# Type
```
forAllUsers' :: (String -> Any -> Any) -> AttrSet
```
# Examples
:::{.example}
## `forAllUsers'` usage example
```nix
flake.manifest.users.rafiq = { ... };
flake.modules.homeManager.users = forAllUsers' (name: value: {
home.username = name;
});
=> flake.modules.homeManager.default.users.rafiq.home.username = "rafiq";
```
:::
*/
forAllUsers' = f: mapAttrs f config.manifest.users;
};
}

45
nix/lib/options.nix
View file

@ -1,45 +0,0 @@
{ lib, ... }:
let
inherit (lib.options) mkOption;
inherit (lib.types)
str
path
int
port
attrs
;
in
{
flake.lib.options = {
mkStrOption =
default:
mkOption {
inherit default;
type = str;
};
mkAttrOption =
default:
mkOption {
inherit default;
type = attrs;
};
mkIntOption =
default:
mkOption {
inherit default;
type = int;
};
mkPortOption =
default:
mkOption {
type = port;
inherit default;
};
mkPathOption =
default:
mkOption {
type = path;
inherit default;
};
};
}

69
nix/lib/services.nix
View file

@ -1,69 +0,0 @@
{ config, lib, ... }:
let
inherit (builtins) length concatStringsSep;
inherit (lib.options) mkEnableOption;
inherit (lib.strings) splitString;
inherit (lib.lists) singleton;
inherit (lib.modules) mkMerge mkIf;
inherit (cfg.lib.options) mkStrOption mkPortOption mkAttrOption;
inherit (cfg.lib.lists) shortenList;
cfg = config.flake;
in
{
flake.lib.services = rec {
splitDomain = domain: splitString "." domain;
isRootDomain = domain: length (splitDomain domain) <= 2;
mkRootDomain = domain: concatStringsSep "." (shortenList 2 (splitDomain domain));
mkWildcardDomain = rootDomain: concatStringsSep "." ((singleton "*") ++ (splitDomain rootDomain));
mkHost = domain: if isRootDomain domain then domain else mkWildcardDomain (mkRootDomain domain);
mkWebApp =
{
config,
name,
defaultPort,
persistDirs ? [ ],
extraOptions ? { },
extraConfig ? { },
}:
let
cfg = config.server.web-apps.${name};
networkingConfig =
{
config,
cfg,
name,
}:
mkIf (cfg.domain != "") {
assertions = singleton {
assertion = config.server.web-servers.nginx.enable;
message = "You must enable a web server if you want to set server.web-apps.${name}.domain.";
};
server.ddns.domains = singleton (mkRootDomain cfg.domain);
server.web-servers.nginx.proxies = singleton {
source = cfg.domain;
target = "http://${config.networking.hostName}:${toString cfg.port}";
};
};
in
{
options.server.web-apps.${name} = {
enable = mkEnableOption "";
port = mkPortOption defaultPort;
domain = mkStrOption "";
openFirewall = mkEnableOption "";
extraCfg = mkAttrOption { };
} // extraOptions;
config = mkIf cfg.enable (mkMerge [
{
inherit persistDirs;
networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = singleton cfg.port; };
}
(networkingConfig { inherit config cfg name; })
extraConfig
]);
};
};
}

104
nix/manifest.nix
View file

@ -1,104 +0,0 @@
{
manifest = {
users.rafiq = {
primary = true;
name = "Mohammad Rafiq";
email = "rafiq@rrv.sh";
shell = "fish";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n rafiq";
};
hosts = {
darwin = {
venus = {
graphical = true;
machine.platform = "intel";
};
hephaestus = {
graphical = true;
machine.platform = "apple-silicon";
};
};
nixos = {
nemesis = {
graphical = true;
machine = {
platform = "amd";
gpu = "nvidia";
root.drive = "/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434";
monitors.main = {
id = "desc:OOO AN-270W04K";
resolution = "3840x2160";
refresh-rate = "60";
scale = "2";
};
};
extraCfg = {
machine = {
bluetooth.enable = true;
usb.automount = true;
usb.qmk.enable = true;
virtualisation = {
podman.enable = true;
podman.distrobox.enable = true;
};
};
server.web-apps = {
comfy-ui.enable = true;
sd-webui-forge.enable = true;
};
};
};
apollo = {
graphical = false;
machine = {
platform = "intel";
root.drive = "/dev/disk/by-id/nvme-eui.002538d221b47b01";
};
extraCfg.server = {
ddns = {
enable = true;
domains = [
"aenyrathia.wiki"
"slayment.com"
];
};
web-servers = {
enableSSL = true;
nginx = {
enable = true;
proxies = [
{
source = "aenyrathia.wiki";
target = "http://helios:5896";
}
{
source = "il.bwfiq.com";
target = "http://helios:2283";
}
];
};
};
databases = {
mongodb.enable = true;
mysql.enable = true;
postgresql.enable = true;
};
web-apps = {
librechat = {
enable = true;
domain = "chat.bwfiq.com";
};
forgejo = {
enable = true;
domain = "git.rrv.sh";
openFirewall = true;
};
rrv-sh.enable = true;
rrv-sh.domain = "rrv.sh";
};
};
};
};
};
};
}

31
nix/meta.nix
View file

@ -1,31 +0,0 @@
{
lib,
config,
inputs,
...
}:
let
inherit (lib.options) mkOption;
inherit (lib.types) path lazyAttrsOf raw;
inherit (inputs.flake-parts.lib) mkSubmoduleOptions;
cfg = config.flake;
in
{
options.flake = mkSubmoduleOptions {
self = mkOption { type = raw; };
lib = mkOption {
type = lazyAttrsOf raw;
default = { };
};
paths = {
root = mkOption { type = path; };
secrets = mkOption {
type = path;
readOnly = true;
};
};
};
config.flake = {
paths.secrets = cfg.paths.root + "/secrets";
};
}

17
nix/modules/cli/git.nix
View file

@ -1,17 +0,0 @@
{ config, ... }:
let
inherit (config.manifest) users;
in
{
flake.modules.homeManager.default =
{ config, ... }:
{
home.sessionVariables.GIT_CONFIG_GLOBAL = "$HOME/.config/git/config";
programs.git = {
enable = true;
userName = users.${config.home.username}.name;
userEmail = users.${config.home.username}.email;
signing.key = "~/.ssh/id_ed25519.pub";
};
};
}

13
nix/modules/cli/nix.nix
View file

@ -1,13 +0,0 @@
{
flake.modules.nixos.default.nix.settings.experimental-features = [
"nix-command"
"flakes"
];
flake.modules.darwin.default = {
nix.enable = false;
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
};
}

36
nix/modules/cli/shell.nix
View file

@ -1,36 +0,0 @@
{ config, lib, ... }:
let
cfg = config.flake;
inherit (config.manifest) users;
inherit (cfg.lib.modules) forAllUsers';
inherit (lib.attrsets) mapAttrs';
in
{
flake.modules = {
nixos.default =
{ pkgs, ... }:
{
programs = mapAttrs' (name: value: {
name = value.shell;
value.enable = true;
}) users;
users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; });
};
darwin.default =
{ pkgs, ... }:
{
programs = mapAttrs' (name: value: {
name = value.shell;
value.enable = true;
}) users;
users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; });
environment.shells = [ pkgs.fish ];
};
homeManager.default =
{ config, ... }:
{
programs.${users.${config.home.username}.shell}.enable = true;
home.shell.enableShellIntegration = true;
};
};
}

17
nix/modules/graphical/default.nix
View file

@ -1,17 +0,0 @@
{ lib, ... }:
let
inherit (lib.options) mkEnableOption;
in
{
flake.modules = {
nixos.graphical = {
home-manager.sharedModules = [ { graphical = true; } ];
services.pipewire = {
enable = true;
pulse.enable = true;
};
};
homeManager.default.options.graphical = mkEnableOption "";
darwin.graphical.home-manager.sharedModules = [ { graphical = true; } ];
};
}

20
nix/modules/graphical/stylix.nix
View file

@ -1,20 +0,0 @@
{ inputs, ... }:
{
# needs to be default because the options get
# evaluated even if graphical is set to false
flake.modules.nixos.default =
{ pkgs, ... }:
{
imports = [ inputs.stylix.nixosModules.stylix ];
stylix.enable = true;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
};
flake.modules.darwin.default =
{ pkgs, ... }:
{
imports = [ inputs.stylix.darwinModules.stylix ];
stylix.enable = true;
#TODO: move into manifest
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
};
}

18
nix/modules/machine/bootloader.nix
View file

@ -1,18 +0,0 @@
{
flake.modules.nixos.default.boot = {
initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
loader.efi.canTouchEfiVariables = true;
#TODO: disable for mbp?
loader.systemd-boot = {
enable = true;
configurationLimit = 5;
};
};
}

58
nix/modules/machine/default.nix
View file

@ -1,58 +0,0 @@
{ lib, ... }:
let
inherit (lib.options) mkEnableOption;
inherit (lib.modules) mkIf mkMerge;
in
{
flake.modules.nixos.default =
{
config,
modulesPath,
pkgs,
...
}:
let
cfg = config.machine;
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
options.machine = {
bluetooth.enable = mkEnableOption "";
usb.automount = mkEnableOption "";
usb.qmk.enable = mkEnableOption "";
};
config = mkMerge [
(mkIf cfg.usb.automount {
services.udisks2.enable = true;
home-manager.sharedModules = [
{
services.udiskie = {
enable = true;
automount = true;
notify = true;
};
}
];
})
(mkIf cfg.usb.qmk.enable {
hardware.keyboard.qmk.enable = true;
services.udev = {
packages = with pkgs; [
vial
qmk
qmk-udev-rules
qmk_hid
];
};
})
(mkIf cfg.bluetooth.enable {
persistDirs = [ "/var/lib/bluetooth" ];
hardware.bluetooth = {
enable = true;
settings.General.Experimental = true;
};
})
];
};
}

37
nix/modules/machine/gpu.nix
View file

@ -1,37 +0,0 @@
{
allowedUnfreePackages = [
"nvidia-x11"
"nvidia-settings"
];
flake.modules.nixos.default =
{
config,
pkgs,
hostConfig,
...
}:
let
inherit (hostConfig.machine) gpu;
in
if gpu == "nvidia" then
{
hardware = {
graphics.enable = true;
graphics.extraPackages = [ pkgs.nvidia-vaapi-driver ];
nvidia.open = true;
nvidia.package = config.boot.kernelPackages.nvidiaPackages.latest;
};
services.xserver.videoDrivers = [ "nvidia" ];
environment.variables = {
LIBVA_DRIVER_NAME = "nvidia";
__GLX_VENDOR_LIBRARY_NAME = "nvidia";
NVD_BACKEND = "direct";
};
nix.settings.substituters = [ "https://cuda-maintainers.cachix.org" ];
nix.settings.trusted-public-keys = [
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
];
}
else
{ };
}

23
nix/modules/machine/platform.nix
View file

@ -1,23 +0,0 @@
{
flake.modules.nixos.default =
{ hostConfig, ... }:
let
inherit (hostConfig.machine) platform;
arch = if platform == "amd" || platform == "intel" then "x86_64" else "aarch64";
in
{
hardware.cpu.${platform}.updateMicrocode = true;
boot.kernelModules = [ "kvm-${platform}" ];
nixpkgs.hostPlatform = "${arch}-linux";
};
flake.modules.darwin.default =
{ hostConfig, ... }:
let
inherit (hostConfig.machine) platform;
arch = if platform == "intel" then "x86_64" else "aarch64";
in
{
nixpkgs.hostPlatform = "${arch}-darwin";
};
}

95
nix/modules/machine/root.nix
View file

@ -1,95 +0,0 @@
{ lib, inputs, ... }:
let
inherit (lib.modules) mkMerge mkIf mkAfter;
in
{
flake.modules.nixos.default =
{ hostConfig, ... }:
let
inherit (hostConfig.machine) root;
in
{
imports = [ inputs.disko.nixosModules.disko ];
config = mkMerge [
{
# BTRFS - may add more later on
boot.initrd.kernelModules = [ "dm-snapshot" ];
disko.devices.disk.main = {
device = root.drive;
content.type = "gpt";
content.partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "ESP";
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
swap = {
size = "4G";
content = {
type = "swap";
resumeDevice = true;
};
};
root = {
name = "root";
size = "100%";
content = {
type = "lvm_pv";
vg = "root_vg";
};
};
};
};
disko.devices.lvm_vg.root_vg = {
type = "lvm_vg";
lvs.root = {
size = "100%FREE";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root".mountpoint = "/";
"/persist" = {
mountpoint = "/persist";
mountOptions = [
"subvol=persist"
"noatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"subvol=nix"
"noatime"
];
};
};
};
};
};
}
# Ephemeral by default - assumes btrfs
(mkIf root.ephemeral {
boot.initrd.postDeviceCommands = mkAfter ''
mkdir /btrfs_tmp
mount /dev/root_vg/root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
btrfs subvolume delete "/btrfs_tmp/root"
fi
'';
})
];
};
}

36
nix/modules/machine/virtualisation.nix
View file

@ -1,36 +0,0 @@
{ lib, config, ... }:
let
inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption;
inherit (lib.lists) optional;
inherit (config.flake.lib.modules) forAllUsers;
in
{
flake.modules.nixos.default =
{ pkgs, config, ... }:
let
cfg = config.machine.virtualisation;
in
{
options.machine.virtualisation = {
podman.enable = mkEnableOption "";
podman.distrobox.enable = mkEnableOption "";
};
config = mkIf cfg.podman.enable {
virtualisation.containers.enable = true;
virtualisation.podman = {
enable = true;
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
users.users = forAllUsers {
extraGroups = [ "podman" ];
autoSubUidGidRange = cfg.podman.distrobox.enable;
};
home-manager.sharedModules = optional cfg.podman.distrobox.enable {
home.packages = [ pkgs.distrobox ];
persistDirs = [ ".local/share/containers" ];
};
};
};
}

Some files were not shown because too many files have changed in this diff Show more