From cd0e067dad413e846b7bf1043a942d59a742b3a1 Mon Sep 17 00:00:00 2001 From: Callum Leslie Date: Thu, 12 Sep 2024 17:11:34 +0100 Subject: [PATCH 1/2] secure boot --- flake.lock | 273 ++++++++++++++++++++--- flake.nix | 11 +- hosts/artemis/configuration.nix | 1 + hosts/artemis/hardware-configuration.nix | 6 + 4 files changed, 256 insertions(+), 35 deletions(-) diff --git a/flake.lock b/flake.lock index da43051..f967239 100644 --- a/flake.lock +++ b/flake.lock @@ -184,6 +184,27 @@ } }, "crane": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1717535930, + "narHash": "sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU=", + "owner": "ipetkov", + "repo": "crane", + "rev": "55e7754ec31dac78980c8be45f8a28e80e370946", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { "locked": { "lastModified": 1725409566, "narHash": "sha256-PrtLmqhM6UtJP7v7IGyzjBFhbG4eOAHT6LPYOFmYfbk=", @@ -198,7 +219,7 @@ "type": "github" } }, - "crane_2": { + "crane_3": { "inputs": { "nixpkgs": [ "omnix", @@ -371,6 +392,22 @@ } }, "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { "locked": { "lastModified": 1696426674, "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", @@ -384,7 +421,7 @@ "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, - "flake-compat_5": { + "flake-compat_6": { "flake": false, "locked": { "lastModified": 1688025799, @@ -400,7 +437,7 @@ "type": "github" } }, - "flake-compat_6": { + "flake-compat_7": { "flake": false, "locked": { "lastModified": 1673956053, @@ -416,7 +453,7 @@ "type": "github" } }, - "flake-compat_7": { + "flake-compat_8": { "flake": false, "locked": { "lastModified": 1673956053, @@ -453,6 +490,27 @@ } }, "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1717285511, + "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, @@ -470,7 +528,7 @@ "type": "github" } }, - "flake-parts_3": { + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "nixvim", @@ -492,7 +550,7 @@ "type": "github" } }, - "flake-parts_4": { + "flake-parts_5": { "inputs": { "nixpkgs-lib": [ "nixvim", @@ -514,7 +572,7 @@ "type": "indirect" } }, - "flake-parts_5": { + "flake-parts_6": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" }, @@ -596,6 +654,24 @@ } }, "flake-utils_3": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -610,7 +686,7 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "inputs": { "systems": [ "stylix", @@ -649,8 +725,8 @@ }, "git-hooks": { "inputs": { - "flake-compat": "flake-compat_3", - "gitignore": "gitignore", + "flake-compat": "flake-compat_4", + "gitignore": "gitignore_2", "nixpkgs": [ "nixvim", "neovim-nightly-overlay", @@ -683,7 +759,7 @@ "nixvim", "flake-compat" ], - "gitignore": "gitignore_2", + "gitignore": "gitignore_3", "nixpkgs": [ "nixvim", "nixvim", @@ -710,6 +786,28 @@ } }, "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { "inputs": { "nixpkgs": [ "nixvim", @@ -732,7 +830,7 @@ "type": "github" } }, - "gitignore_2": { + "gitignore_3": { "inputs": { "nixpkgs": [ "nixvim", @@ -755,7 +853,7 @@ "type": "github" } }, - "gitignore_3": { + "gitignore_4": { "inputs": { "nixpkgs": [ "pre-commit-hooks", @@ -795,7 +893,7 @@ }, "hercules-ci-effects": { "inputs": { - "flake-parts": "flake-parts_4", + "flake-parts": "flake-parts_5", "nixpkgs": [ "nixvim", "neovim-nightly-overlay", @@ -880,6 +978,33 @@ "type": "github" } }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts_2", + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1718178907, + "narHash": "sha256-eSZyrQ9uoPB9iPQ8Y5H7gAmAgAvCw3InStmU3oEjqsE=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "b627ccd97d0159214cee5c7db1412b75e4be6086", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "v0.4.1", + "repo": "lanzaboote", + "type": "github" + } + }, "libgit2": { "flake": false, "locked": { @@ -898,8 +1023,8 @@ }, "neovim-nightly-overlay": { "inputs": { - "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts_3", + "flake-compat": "flake-compat_3", + "flake-parts": "flake-parts_4", "git-hooks": "git-hooks", "hercules-ci-effects": "hercules-ci-effects", "neovim-src": "neovim-src", @@ -938,7 +1063,7 @@ "nish": { "inputs": { "advisory-db": "advisory-db", - "crane": "crane", + "crane": "crane_2", "fenix": "fenix", "flake-parts": [ "flake-parts" @@ -972,7 +1097,7 @@ }, "nix": { "inputs": { - "flake-compat": "flake-compat_6", + "flake-compat": "flake-compat_7", "flake-parts": [ "omnix", "flake-parts" @@ -1136,6 +1261,22 @@ } }, "nixpkgs-stable": { + "locked": { + "lastModified": 1710695816, + "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { "locked": { "lastModified": 1720386169, "narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=", @@ -1201,7 +1342,7 @@ }, "nixvim": { "inputs": { - "flake-parts": "flake-parts_2", + "flake-parts": "flake-parts_3", "neovim-nightly-overlay": "neovim-nightly-overlay", "nixpkgs": [ "unstable" @@ -1225,7 +1366,7 @@ "nixvim_2": { "inputs": { "devshell": "devshell", - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_5", "flake-parts": [ "nixvim", "flake-parts" @@ -1286,7 +1427,7 @@ }, "nuschtosSearch": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nixpkgs": [ "nixvim", "nixvim", @@ -1350,7 +1491,7 @@ "omnix", "nix" ], - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "gitignore": [ "omnix", "nix" @@ -1380,16 +1521,43 @@ "type": "github" } }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1717664902, + "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "pre-commit-hooks_2": { "inputs": { "flake-compat": [ "flake-compat" ], - "gitignore": "gitignore_3", + "gitignore": "gitignore_4", "nixpkgs": [ "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { "lastModified": 1725513492, @@ -1429,6 +1597,7 @@ "flake-compat": "flake-compat", "flake-parts": "flake-parts", "home-manager": "home-manager_2", + "lanzaboote": "lanzaboote", "nish": "nish", "nixinate": "nixinate", "nixpkgs": "nixpkgs", @@ -1437,7 +1606,7 @@ "omnix": "omnix", "pre-commit-hooks": "pre-commit-hooks_2", "stylix": "stylix", - "systems": "systems_4", + "systems": "systems_5", "treefmt-nix": "treefmt-nix_3", "unstable": "unstable" } @@ -1461,12 +1630,12 @@ }, "rust-flake": { "inputs": { - "crane": "crane_2", + "crane": "crane_3", "nixpkgs": [ "omnix", "nixpkgs" ], - "rust-overlay": "rust-overlay" + "rust-overlay": "rust-overlay_2" }, "locked": { "lastModified": 1725522236, @@ -1484,6 +1653,31 @@ } }, "rust-overlay": { + "inputs": { + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1717813066, + "narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { "flake": false, "locked": { "lastModified": 1725243956, @@ -1501,8 +1695,8 @@ }, "sbomnix": { "inputs": { - "flake-compat": "flake-compat_5", - "flake-parts": "flake-parts_5", + "flake-compat": "flake-compat_6", + "flake-parts": "flake-parts_6", "flake-root": "flake-root", "nix-visualize": "nix-visualize", "nixpkgs": "nixpkgs_3", @@ -1532,8 +1726,8 @@ "base16-kitty": "base16-kitty", "base16-tmux": "base16-tmux", "base16-vim": "base16-vim", - "flake-compat": "flake-compat_7", - "flake-utils": "flake-utils_4", + "flake-compat": "flake-compat_8", + "flake-utils": "flake-utils_5", "gnome-shell": "gnome-shell", "home-manager": [ "home-manager" @@ -1541,7 +1735,7 @@ "nixpkgs": [ "unstable" ], - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1725290973, @@ -1617,6 +1811,21 @@ "type": "github" } }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index 1064831..4813367 100644 --- a/flake.nix +++ b/flake.nix @@ -20,8 +20,8 @@ nixpkgs.config.allowUnfree = true; nixpkgs.overlays = [self.overlays.default]; } - mod ] + ++ mod ++ mods.sharedModules; }; in @@ -38,8 +38,8 @@ inherit (mods) homeManagerModules nixosModules; # TODO: use ./hosts/ nixosConfigurations = { - artemis = mkLinuxSystem ./hosts/artemis; - hermes = mkLinuxSystem ./hosts/hermes; + artemis = mkLinuxSystem [./hosts/artemis inputs.lanzaboote.nixosModules.lanzaboote]; + hermes = mkLinuxSystem [./hosts/hermes]; }; diskoConfigurations = {}; # maybe? om.health.default = {nix-version.min-required = "2.18.5";}; @@ -160,6 +160,11 @@ treefmt-nix.url = "github:numtide/treefmt-nix"; treefmt-nix.inputs.nixpkgs.follows = "nixpkgs"; + lanzaboote = { + url = "github:nix-community/lanzaboote/v0.4.1"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + # my custom programs nish = { url = "github:callumio/nish"; diff --git a/hosts/artemis/configuration.nix b/hosts/artemis/configuration.nix index 13ce697..e2e7c38 100644 --- a/hosts/artemis/configuration.nix +++ b/hosts/artemis/configuration.nix @@ -37,6 +37,7 @@ killall gcc pkg-config + sbctl nish nsbm ]; diff --git a/hosts/artemis/hardware-configuration.nix b/hosts/artemis/hardware-configuration.nix index ea07f90..3263411 100644 --- a/hosts/artemis/hardware-configuration.nix +++ b/hosts/artemis/hardware-configuration.nix @@ -13,6 +13,12 @@ kernelModules = ["kvm-intel"]; extraModulePackages = []; #kernelPackages = pkgs.linuxPackages_latest; + + loader.systemd-boot.enable = lib.mkForce false; + lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; }; hardware = { bluetooth = { From 1d10befe6138105e9733ee099575b925cac959f9 Mon Sep 17 00:00:00 2001 From: Callum Leslie Date: Thu, 12 Sep 2024 23:16:33 +0100 Subject: [PATCH 2/2] dont use literal programs, use paths --- flake.nix | 3 +- home/c/default.nix | 1 + home/c/programs/fish/default.nix | 14 +- home/c/programs/hypr/default.nix | 82 +++++--- home/c/programs/nvim/.luarc.json | 6 - home/c/programs/nvim/default.nix | 313 ----------------------------- home/c/programs/tmux/default.nix | 23 ++- home/c/programs/waybar/default.nix | 10 +- hosts/artemis/home.nix | 8 +- lib/default.nix | 6 + 10 files changed, 99 insertions(+), 367 deletions(-) delete mode 100644 home/c/programs/nvim/.luarc.json delete mode 100644 home/c/programs/nvim/default.nix create mode 100644 lib/default.nix diff --git a/flake.nix b/flake.nix index 4813367..a5c05d9 100644 --- a/flake.nix +++ b/flake.nix @@ -8,9 +8,10 @@ ... } @ inputs: let mods = import ./modules; + cLib = import ./lib {inherit (nixpkgs) lib;}; mkLinuxSystem = mod: nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs;}; + specialArgs = {inherit inputs cLib;}; modules = [ inputs.home-manager.nixosModules.home-manager diff --git a/home/c/default.nix b/home/c/default.nix index d7e7aa2..3f8bd92 100644 --- a/home/c/default.nix +++ b/home/c/default.nix @@ -19,6 +19,7 @@ }; home.packages = with pkgs; [ + # TODO: sort this out gnome.adwaita-icon-theme networkmanagerapplet libsecret diff --git a/home/c/programs/fish/default.nix b/home/c/programs/fish/default.nix index 4b3c330..4268b18 100644 --- a/home/c/programs/fish/default.nix +++ b/home/c/programs/fish/default.nix @@ -1,8 +1,13 @@ -{pkgs, ...}: let +{ + pkgs, + cLib, + ... +}: let mkFishPlug = pkg: { name = pkg.pname; inherit (pkg) src; }; + tmux = cLib.getProgFor pkgs "tmux"; in { programs.fish = { enable = true; @@ -12,14 +17,15 @@ in { trap __trap_exit_tmux EXIT ''; + # TODO: dont use this directly shellAliases = {v = "nvim";}; functions = { __trap_exit_tmux = { body = '' - test (tmux list-windows | wc -l) = 1 || exit - test (tmux list-panes | wc -l) = 1 || exit - tmux switch-client -t main + test (${tmux} list-windows | wc -l) = 1 || exit + test (${tmux} list-panes | wc -l) = 1 || exit + ${tmux} switch-client -t main ''; }; }; diff --git a/home/c/programs/hypr/default.nix b/home/c/programs/hypr/default.nix index bcdacdb..a3e9483 100644 --- a/home/c/programs/hypr/default.nix +++ b/home/c/programs/hypr/default.nix @@ -1,4 +1,28 @@ -{...}: { +{ + pkgs, + cLib, + ... +}: let + getProgFor' = cLib.getProgFor' pkgs; + getProgFor = cLib.getProgFor pkgs; + web = getProgFor "firefox"; + mail = getProgFor "betterbird"; + chat = getProgFor "discord"; + media = getProgFor "spotify"; + terminal = getProgFor "alacritty"; + runner = getProgFor "rofi"; + rofi-rbw = getProgFor "rofi-rbw-wayland"; + tmux = getProgFor "tmux"; + slurp = getProgFor "slurp"; + grim = getProgFor "grim"; + wl-copy = getProgFor' "wl-clipboard" "wl-copy"; + mullvad = getProgFor' "mullvad-vpn" "mullvad-gui"; + playerctl = getProgFor "playerctl"; + brightnessctl = getProgFor "brightnessctl"; + wpctl = getProgFor' "wireplumber" "wpctl"; + hyprlock = getProgFor "hyprlock"; + hyprctl = getProgFor' "hyprland" "hyprctl"; +in { services = { blueman-applet.enable = true; network-manager-applet.enable = true; @@ -65,7 +89,7 @@ enable = true; systemd.enable = true; xwayland.enable = true; - # TODO: move to nix config over text + settings = { "monitor" = ",prefered,auto,1"; @@ -137,13 +161,13 @@ "$mainMod SHIFT, q, exit" "$mainMod, F, fullscreen" "$mainMod SHIFT, f, togglefloating" - "$mainMod, d, exec, rofi -show drun" - "$mainMod, w, exec, rofi -show window" - "$mainMod, p, exec, rofi-rbw --no-folder" + "$mainMod, d, exec, ${runner} -show drun" + "$mainMod, w, exec, ${runner} -show window" + "$mainMod, p, exec, ${rofi-rbw} --no-folder" "$mainMod, s, togglesplit" - "$mainMod SHIFT, r, exec, hyprctl reload" - "$mainMod, return, exec, alacritty -e tmux new -A -s main" - "$mainMod SHIFT, return, exec, [float; pin] alacritty -e tmux new -A -s main" + "$mainMod SHIFT, r, exec, ${hyprctl} reload" + "$mainMod, return, exec, ${terminal} -e ${tmux} new -A -s main" + "$mainMod SHIFT, return, exec, [float; pin] ${terminal} -e ${tmux} new -A -s main" "$mainMod, b, workspace, name:web" "$mainMod, n, workspace, name:chat" @@ -172,9 +196,9 @@ "$mainMod SHIFT, l, movewindow, r" "$mainMod SHIFT, k, movewindow, u" "$mainMod SHIFT, j, movewindow, d" - ''SHIFT, Print, exec, grim -g "$(slurp)" - | wl-copy'' - ", Print, exec, grim - | wl-copy" - "$mainMod, 0, exec, hyprlock" + ''SHIFT, Print, exec, ${grim} -g "$(${slurp})" - | ${wl-copy}'' + ", Print, exec, ${grim} - | ${wl-copy}" + "$mainMod, 0, exec, ${hyprlock}" ] ++ (builtins.concatLists (builtins.genList (x: let ws = x + 1; @@ -187,10 +211,10 @@ 9)); workspace = [ - "name:web, on-created-empty: firefox" - "name:chat, on-created-empty: discord" - "name:media, on-created-empty: spotify" - "name:mail, on-created-empty: betterbird" + "name:web, on-created-empty: ${web}" + "name:chat, on-created-empty: ${chat}" + "name:media, on-created-empty: ${media}" + "name:mail, on-created-empty: ${mail}" ]; bindm = [ @@ -199,25 +223,19 @@ ]; bindle = [ - ", XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+" - ", XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-" - ", XF86AudioMute , exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle" - ", XF86AudioMicMute , exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle" - ", XF86AudioPlay , exec, playerctl play-pause" - ", XF86AudioPause , exec, playerctl play-pause" - ", XF86AudioNext , exec, playerctl next" - ", XF86AudioPrev , exec, playerctl previous" - ", XF86MonBrightnessUp, exec, brightnessctl -c backlight set +5%" - ", XF86MonBrightnessDown, exec, brightnessctl -c backlight set 5%-" + ", XF86AudioRaiseVolume, exec, ${wpctl} set-volume @DEFAULT_AUDIO_SINK@ 5%+" + ", XF86AudioLowerVolume, exec, ${wpctl} set-volume @DEFAULT_AUDIO_SINK@ 5%-" + ", XF86AudioMute , exec, ${wpctl} set-mute @DEFAULT_AUDIO_SINK@ toggle" + ", XF86AudioMicMute , exec, ${wpctl} set-mute @DEFAULT_AUDIO_SOURCE@ toggle" + ", XF86AudioPlay , exec, ${playerctl} play-pause" + ", XF86AudioPause , exec, ${playerctl} play-pause" + ", XF86AudioNext , exec, ${playerctl} next" + ", XF86AudioPrev , exec, ${playerctl} previous" + ", XF86MonBrightnessUp, exec, ${brightnessctl} -c backlight set +5%" + ", XF86MonBrightnessDown, exec, ${brightnessctl} -c backlight set 5%-" ]; - exec = [ - #"pkill wpaperd & sleep 0.5 && wpaperd" - #"pkill waybar & sleep 0.5 && waybar" - #"pkill mako & sleep 0.5 && mako" - ]; - - exec-once = ["mullvad-gui"]; + exec-once = [(toString mullvad)]; }; }; } diff --git a/home/c/programs/nvim/.luarc.json b/home/c/programs/nvim/.luarc.json deleted file mode 100644 index 904146d..0000000 --- a/home/c/programs/nvim/.luarc.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "diagnostics.globals": [ - "vim", - "lsp_on_attach" - ] -} diff --git a/home/c/programs/nvim/default.nix b/home/c/programs/nvim/default.nix deleted file mode 100644 index 000a085..0000000 --- a/home/c/programs/nvim/default.nix +++ /dev/null @@ -1,313 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - programs.neovim = let - leaders = '' - vim.g.mapleader = ' ' - vim.g.maplocalleader = ' ' - ''; - toLua = str: '' - lua << EOF - ${leaders} - ${str} - EOF - ''; - toLuaFile = file: '' - lua << EOF - ${leaders} - ${builtins.readFile file} - EOF - ''; - toLuaFileLSP = file: '' - lua << EOF - ${leaders} - ${builtins.readFile ./plugin/lsp/lsp-keys.lua} - ${builtins.readFile file} - EOF - ''; - - fromGit = ref: rev: repo: - pkgs.vimUtils.buildVimPlugin { - pname = "${lib.strings.sanitizeDerivationName repo}"; - version = ref; - src = builtins.fetchGit { - url = "https://github.com/${repo}.git"; - inherit ref; - inherit rev; - }; - }; - - # always installs latest version - pluginGit = fromGit "HEAD"; - in { - enable = true; - - # package = pkgs.neovim-nightly; - - extraPackages = with pkgs; [ - # Rust - rust-analyzer - cargo - rustc - rustfmt - - # YAML - yaml-language-server - - # JSON - nodePackages.vscode-json-languageserver - - # Go - gopls - - # Typescript - nodePackages.typescript - nodePackages.typescript-language-server - - # Javascript - eslint_d - - # Python - nodePackages.pyright - black - - # Util - ripgrep - fzf - - # C-Family - clang-tools - - # Shell - shellcheck - shfmt - - # Lua - lua-language-server - selene - stylua - - # Nix - rnix-lsp - nixfmt - statix - - # LLM - ollama - - # Haskell - haskellPackages.haskell-debug-adapter - haskellPackages.haskell-language-server - haskellPackages.fourmolu - ghc - - # Docker - dockerfile-language-server-nodejs - docker-compose-language-service - ]; - - defaultEditor = true; - - viAlias = true; - vimAlias = true; - vimdiffAlias = true; - - extraLuaConfig = '' - ${builtins.readFile ./options.lua} - ''; - - plugins = with pkgs.vimPlugins; [ - { - plugin = nvim-lspconfig; - config = toLuaFileLSP ./plugin/lsp/lsp.lua; - } - - { - plugin = crates-nvim; - config = toLua "require('crates').setup()"; - } - - { - plugin = rustaceanvim; - config = toLuaFileLSP ./plugin/lsp/rust.lua; - } - - { - plugin = haskell-tools-nvim; - config = toLuaFileLSP ./plugin/lsp/haskell.lua; - } - - { - plugin = SchemaStore-nvim; - config = toLuaFileLSP ./plugin/lsp/schemastore.lua; - } - - { - plugin = todo-comments-nvim; - config = - toLua - "require('todo-comments').setup(); vim.api.nvim_set_keymap('n', 'vtd', ':TodoTelescope', { noremap = true });"; - } - - { - plugin = comment-nvim; - config = toLua "require('Comment').setup()"; - } - - { - plugin = onedark-nvim; - config = "colorscheme onedark"; - } - - neodev-nvim - - { - plugin = nvim-cmp; - config = toLuaFile ./plugin/cmp.lua; - } - - { - plugin = telescope-nvim; - config = toLuaFile ./plugin/telescope.lua; - } - - { - plugin = - pluginGit "951b163e55ce7639eb320c450bde9283c4fe968b" - "laytan/cloak.nvim"; - config = toLuaFile ./plugin/cloak.lua; - } - - { - plugin = - pluginGit "41ad952c8269fa7aa3a4b8a5abb44541cb628313" - "David-Kunz/gen.nvim"; - config = toLuaFile ./plugin/gen.lua; - } - - { - plugin = nvim-dap; - config = toLuaFile ./plugin/debugger.lua; - } - - { - plugin = - pluginGit "fd35a46f4b7c1b244249266bdcb2da3814f01724" - "xiyaowong/transparent.nvim"; - config = toLua "require('transparent').setup{}"; - } - - nvim-dap-ui - telescope-dap-nvim - nvim-dap-virtual-text - - telescope-fzf-native-nvim - - cmp_luasnip - cmp-nvim-lsp - - luasnip - friendly-snippets - - { - plugin = hardtime-nvim; - config = toLua "require('hardtime').setup()"; - } - - { - plugin = nvim-surround; - config = toLua "require('nvim-surround').setup{}"; - } - - { - plugin = harpoon; - config = toLuaFile ./plugin/harpoon.lua; - } - - { - plugin = lualine-nvim; - config = - toLua - "require('lualine').setup{options = {icons_enabled = true, theme = 'onedark', component_separators = '|', section_separators = ''}, sections = { lualine_a = { { 'buffers', } } }}"; - } - - { - plugin = nvim-autopairs; - config = toLua "require('nvim-autopairs').setup {}"; - } - - { - plugin = leap-nvim; - config = toLua "require('leap.user').add_default_mappings()"; - } - - { - plugin = none-ls-nvim; - config = toLuaFile ./plugin/lsp/none-ls.lua; - } - - { - plugin = oil-nvim; - config = toLuaFile ./plugin/oil.lua; - } - - { - plugin = zen-mode-nvim; - config = toLuaFile ./plugin/zen.lua; - } - twilight-nvim - - nvim-web-devicons - - { - plugin = undotree; - config = - toLua "vim.keymap.set('n', 'u', vim.cmd.UndotreeToggle)"; - } - - { - plugin = gitsigns-nvim; - config = toLuaFile ./plugin/gitsigns.lua; - } - - { - plugin = nvim-treesitter.withPlugins (p: [ - p.tree-sitter-nix - p.tree-sitter-vim - p.tree-sitter-bash - p.tree-sitter-lua - p.tree-sitter-python - p.tree-sitter-rust - p.tree-sitter-json - p.tree-sitter-c - p.tree-sitter-comment - p.tree-sitter-javascript - p.tree-sitter-fish - p.tree-sitter-dockerfile - p.tree-sitter-cpp - p.tree-sitter-git_config - p.tree-sitter-git_rebase - p.tree-sitter-gitattributes - p.tree-sitter-gitcommit - p.tree-sitter-gitignore - p.tree-sitter-markdown - p.tree-sitter-markdown_inline - p.tree-sitter-make - p.tree-sitter-norg - p.tree-sitter-ssh_config - p.tree-sitter-typescript - p.tree-sitter-tsx - p.tree-sitter-haskell - p.tree-sitter-yaml - p.tree-sitter-zig - ]); - config = toLuaFile ./plugin/treesitter.lua; - } - - vim-nix - ]; - }; -} diff --git a/home/c/programs/tmux/default.nix b/home/c/programs/tmux/default.nix index ffabf71..0f4cfeb 100644 --- a/home/c/programs/tmux/default.nix +++ b/home/c/programs/tmux/default.nix @@ -1,4 +1,13 @@ -{pkgs, ...}: { +{ + pkgs, + cLib, + ... +}: let + getProgFor = cLib.getProgFor pkgs; + getProgFor' = cLib.getProgFor' pkgs; + tmux = getProgFor "tmux"; + tmux-sessionizer = getProgFor' "tmux-sessionizer-cl" "tmux-sessionizer"; +in { programs.tmux = { enable = true; shortcut = "x"; @@ -42,9 +51,9 @@ bind \\ split-window -v -c "#{pane_current_path}" bind c new-window -c "#{pane_current_path}" - bind-key -r s run-shell "tmux display-popup -E 'tmux-sessionizer -s'" - bind-key -r f run-shell "tmux display-popup -E 'tmux-sessionizer -p'" - bind-key -r m run-shell "tmux switch-client -t main" + bind-key -r s run-shell "${tmux} display-popup -E '${tmux-sessionizer} -s'" + bind-key -r f run-shell "${tmux} display-popup -E '${tmux-sessionizer} -p'" + bind-key -r m run-shell "${tmux} switch-client -t main" bind S choose-tree bind -r k select-pane -U @@ -54,7 +63,7 @@ ''; }; - home.packages = [ - pkgs.tmux-sessionizer-cl - ]; + # home.packages = [ + # pkgs.tmux-sessionizer-cl + # ]; } diff --git a/home/c/programs/waybar/default.nix b/home/c/programs/waybar/default.nix index e5c5bfe..1d941fc 100644 --- a/home/c/programs/waybar/default.nix +++ b/home/c/programs/waybar/default.nix @@ -1,4 +1,10 @@ -{pkgs, ...}: { +{ + pkgs, + cLib, + ... +}: let + soundControl = cLib.getProgFor pkgs "pwvucontrol"; +in { programs.waybar = { enable = true; package = pkgs.waybar.override { @@ -35,7 +41,7 @@ tooltip = false; }; wireplumber = { - on-click = "${pkgs.pwvucontrol}/bin/pwvucontrol"; + on-click = toString soundControl; format = "{icon} {volume}%"; format-muted = ""; format-icons = ["" "" ""]; diff --git a/hosts/artemis/home.nix b/hosts/artemis/home.nix index fb18af5..3bfde5c 100644 --- a/hosts/artemis/home.nix +++ b/hosts/artemis/home.nix @@ -1,4 +1,8 @@ -{inputs, ...}: { +{ + inputs, + cLib, + ... +}: { programs.hyprlock.enable = true; security.pam.services.hyprlock = {}; home-manager = { @@ -11,6 +15,6 @@ inputs.self.homeManagerModules.trayscale ]; users.c = import ../../home/c; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = {inherit inputs cLib;}; }; } diff --git a/lib/default.nix b/lib/default.nix new file mode 100644 index 0000000..c8b84db --- /dev/null +++ b/lib/default.nix @@ -0,0 +1,6 @@ +{lib, ...}: let + getProgFor' = pkgs: prog: progn: lib.getExe' pkgs.${prog} progn; + getProgFor = pkgs: prog: getProgFor' pkgs prog prog; +in { + inherit getProgFor getProgFor'; +}