diff --git a/.sops.yaml b/.sops.yaml index a1951bd..056d8ec 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -7,17 +7,27 @@ keys: - &rackserv age1zutg3s4nth679a6av9xqw4km0ezmfkxlnusu78demf0rzazqn3pqk9exgj creation_rules: - - path_regex: secrets/nixdesk + - path_regex: home/profiles/secrets + key_groups: + - age: + - *xun + - path_regex: sys/profiles/secrets/global key_groups: - age: - *xun - *nixdesk - - path_regex: secrets/hopper + - *hopper + - path_regex: sys/profiles/secrets/nixdesk + key_groups: + - age: + - *xun + - *nixdesk + - path_regex: sys/profiles/secrets/hopper key_groups: - age: - *xun - *hopper - - path_regex: secrets/rackserv + - path_regex: sys/profiles/secrets/rackserv key_groups: - age: - *xun diff --git a/Justfile b/Justfile index 1bdd02d..8740874 100644 --- a/Justfile +++ b/Justfile @@ -7,8 +7,13 @@ local OPERATION *FLAGS: {{FLAGS}} \ {{OPERATION}} + +buildiso *FLAGS: + nix build .#nixosConfigurations.liveiso.config.system.build.isoImage {{FLAGS}} + updatekeys: - fd . secrets -E '*.nix' -t f -x sops updatekeys -y + fd . sys/profiles/secrets -E '*.nix' -t f -x sops updatekeys -y + remote OPERATION HOST REMOTEHOST *FLAGS: nixos-rebuild \ diff --git a/flake.nix b/flake.nix index 3360a91..cbfb7f4 100644 --- a/flake.nix +++ b/flake.nix @@ -6,13 +6,11 @@ haumea, ... } @ inputs: let - _load = path: - haumea.lib.load { - src = path; - loader = haumea.lib.loaders.path; - }; - systemProfiles = _load ./sys/profiles; - homeProfiles = _load ./home; + systemProfiles = haumea.lib.load { + src = ./sys/profiles; + loader = haumea.lib.loaders.path; + }; + homeProfiles = ./home; vars = import ./vars; l = nixpkgs.lib; b = builtins; diff --git a/home/cli/gpg.nix b/home/cli/gpg.nix deleted file mode 100644 index 3458bab..0000000 --- a/home/cli/gpg.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - programs.gpg = { - enable = true; - }; -} diff --git a/home/desktop/__common/fuzzel.nix b/home/desktop/common/fuzzel.nix similarity index 100% rename from home/desktop/__common/fuzzel.nix rename to home/desktop/common/fuzzel.nix diff --git a/home/desktop/__common/wl-clipboard.nix b/home/desktop/common/wl-clipboard.nix similarity index 100% rename from home/desktop/__common/wl-clipboard.nix rename to home/desktop/common/wl-clipboard.nix diff --git a/home/desktop/__common/wob.nix b/home/desktop/common/wob.nix similarity index 100% rename from home/desktop/__common/wob.nix rename to home/desktop/common/wob.nix diff --git a/home/desktop/sway/default.nix b/home/desktop/sway/default.nix index f7497cd..b978f6e 100644 --- a/home/desktop/sway/default.nix +++ b/home/desktop/sway/default.nix @@ -6,10 +6,10 @@ ... }: { imports = [ - ../__common/fuzzel.nix - ../__common/wob.nix - ../__common/wl-clipboard.nix - ./__waybar.nix + ../common/fuzzel.nix + ../common/wob.nix + ../common/wl-clipboard.nix + ./waybar.nix ]; # services.gnome-keyring = { diff --git a/home/desktop/sway/__waybar.nix b/home/desktop/sway/waybar.nix similarity index 100% rename from home/desktop/sway/__waybar.nix rename to home/desktop/sway/waybar.nix diff --git a/home/programs/firefox/search-engines.nix b/home/programs/firefox/search-engines.nix index ad87f50..af274f4 100644 --- a/home/programs/firefox/search-engines.nix +++ b/home/programs/firefox/search-engines.nix @@ -3,7 +3,9 @@ pkgs, ... }: { - programs.firefox.profiles.xun.search = { + programs.firefox.profiles.xun.search = let + inherit (lib) attrsToList singleton; + in { force = true; default = "google"; order = [ @@ -45,11 +47,6 @@ icon = "https://github.githubassets.com/favicons/favicon-dark.svg"; definedAliases = ["@ghn"]; }; - "nixpkgs github" = { - urls = mkUrl "https://github.com/search?type=code&q=repo:NixOS/nixpkgs {searchTerms}"; - icon = "https://github.githubassets.com/favicons/favicon-dark.svg"; - definedAliases = ["@nixpkgs"]; - }; "Brave" = { urls = mkUrl "https://search.brave.com/search?q={searchTerms}"; icon = "https://brave.com/static-assets/images/brave-favicon.png"; @@ -60,19 +57,21 @@ icon = "https://www.youtube.com/favicon.ico"; definedAliases = ["@yt"]; }; + "crates.io" = { urls = mkUrl "https://crates.io/search?q={searchTerms}"; icon = "https://crates.io/favicon.ico"; definedAliases = ["@cr"]; }; "noogle" = { - urls = mkUrl "https://noogle.dev/q?term={searchTerms}"; + url = mkUrl "https://noogle.dev/q?term={searchTerms}"; icon = "https://noogle.dev/favicon.png"; - definedAliases = ["@nog"]; + definedAliases = ["@noogle"]; }; "google".metaData.alias = "@go"; "ddb".metaData.alias = "@ddg"; + "wikipedia".metaData.alias = "@wiki"; "bing".metaData.alias = "@bi"; }; }; diff --git a/hosts/hopper/home.nix b/hosts/hopper/home.nix index 2657e9f..af24cb6 100644 --- a/hosts/hopper/home.nix +++ b/hosts/hopper/home.nix @@ -4,20 +4,20 @@ pkgs, ... }: { - imports = with homeProfiles; [ - cli.xdg - cli.comma + imports = map (x: homeProfiles + x) [ + /cli/xdg.nix + /cli/comma.nix - programs.nvim - programs.foot + /programs/nvim.nix + /programs/foot.nix - desktop.xdg-portals - desktop.sway.default + /desktop/xdg-portals.nix + /desktop/sway/default.nix - programs.mpv + /programs/mpv.nix - services.playerctl - services.polkit-agent + /services/playerctl.nix + /services/polkit-agent.nix ]; wayland.windowManager.sway.config.output."HDMI-A-1".scale = "2.0"; diff --git a/hosts/hopper/profiles/lab/caddy.nix b/hosts/hopper/profiles/lab/caddy.nix index 979412f..e8825a6 100644 --- a/hosts/hopper/profiles/lab/caddy.nix +++ b/hosts/hopper/profiles/lab/caddy.nix @@ -20,12 +20,7 @@ in { services.caddy = { enable = true; - globalConfig = '' - metrics - servers { - trusted_proxies static 10.0.0.1 - } - ''; + globalConfig = "metrics"; virtualHosts = let mkPublicEntry = name: destination: { hostName = "${name}.${domain}:80"; @@ -48,7 +43,6 @@ in { navidrome = mkPublicEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}"; vaultwarden = mkPublicEntry "vw" "${bridge}:${toString config.services.vaultwarden.config.ROCKET_PORT}"; abs = mkPublicEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}"; - miniflux = mkPublicEntry "rss" "${bridge}:18632"; navidrome2 = mkPrivateEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}"; slskd = mkPrivateEntry "slskd" "localhost:${toString config.services.slskd.settings.web.port}"; diff --git a/hosts/hopper/profiles/lab/default.nix b/hosts/hopper/profiles/lab/default.nix index 710d3c9..99ae776 100644 --- a/hosts/hopper/profiles/lab/default.nix +++ b/hosts/hopper/profiles/lab/default.nix @@ -9,7 +9,6 @@ ./glances.nix ./homepage.nix ./minecraft.nix - ./miniflux.nix ./navidrome ./prometheus.nix ./restic.nix diff --git a/hosts/hopper/profiles/lab/homepage.nix b/hosts/hopper/profiles/lab/homepage.nix index 9bb6373..f56c91a 100644 --- a/hosts/hopper/profiles/lab/homepage.nix +++ b/hosts/hopper/profiles/lab/homepage.nix @@ -79,12 +79,6 @@ in { icon = "vaultwarden"; }; } - { - "miniflux" = { - href = "https://rss.${domain}"; - icon = "miniflux"; - }; - } ]; } ]; diff --git a/hosts/hopper/profiles/lab/miniflux.nix b/hosts/hopper/profiles/lab/miniflux.nix deleted file mode 100644 index 53572be..0000000 --- a/hosts/hopper/profiles/lab/miniflux.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - vars, - config, - ... -}: { - services.miniflux = { - enable = true; - adminCredentialsFile = config.sops.secrets.miniflux.path; - config = { - BASE_URL = "https://miniflux.${vars.domain}"; - LISTEN_ADDR = "${config.vpnNamespaces."wg".bridgeAddress}:18632"; - }; - }; -} diff --git a/hosts/hopper/profiles/lab/vpn-namespace.nix b/hosts/hopper/profiles/lab/vpn-namespace.nix index 6b8b5e0..b0d6033 100644 --- a/hosts/hopper/profiles/lab/vpn-namespace.nix +++ b/hosts/hopper/profiles/lab/vpn-namespace.nix @@ -11,7 +11,6 @@ config.services.audiobookshelf.port config.services.navidrome.settings.Port config.services.glances.port - 18632 ]; in { extraCommands = builtins.concatStringsSep "\n" (map diff --git a/hosts/hopper/profiles/persistent.nix b/hosts/hopper/profiles/persistent.nix index d358f8d..cf8d5ca 100644 --- a/hosts/hopper/profiles/persistent.nix +++ b/hosts/hopper/profiles/persistent.nix @@ -8,7 +8,6 @@ "/var/log" "/var/lib/nixos" "/var/lib/bluetooth" - "/var/lib/postgresql" ]; files = [ "/etc/machine-id" diff --git a/hosts/nixdesk/default.nix b/hosts/nixdesk/default.nix index 751a2c5..40bb650 100644 --- a/hosts/nixdesk/default.nix +++ b/hosts/nixdesk/default.nix @@ -65,7 +65,6 @@ programs.home-manager # programs.qt programs.adb - programs.gpg programs.openrgb programs.tools programs.thunar diff --git a/hosts/nixdesk/home.nix b/hosts/nixdesk/home.nix index 11eb409..4dd5344 100644 --- a/hosts/nixdesk/home.nix +++ b/hosts/nixdesk/home.nix @@ -6,64 +6,63 @@ homeProfiles, ... }: { - imports = with homeProfiles; [ - cli.zsh - cli.fish + imports = map (x: homeProfiles + x) [ + /cli/zsh.nix + /cli/fish.nix - cli.xdg - cli.direnv - cli.tmux - cli.comma - cli.irssi - cli.gpg - cli.git - cli.github - cli.jujutsu + /cli/xdg.nix + /cli/direnv.nix + /cli/tmux.nix + /cli/comma.nix + /cli/irssi.nix + /cli/git.nix + /cli/github.nix + /cli/jujutsu.nix - programs.nvim + /programs/nvim.nix - programs.firefox.default - programs.tor - programs.chromium + /programs/firefox/default.nix + /programs/tor.nix + /programs/chromium.nix - programs.foot + /programs/foot.nix - themes.dark.default + /themes/dark/default.nix # desktop - desktop.xdg-portals - desktop.sway.default + /desktop/xdg-portals.nix + /desktop/sway/default.nix # development - develop.common - develop.docs + /develop/common.nix + /develop/docs.nix - develop.langs.haskell - develop.langs.go - develop.langs.js - develop.langs.rust - develop.langs.elixir - develop.langs.nix - develop.langs.zig - develop.langs.lua - develop.langs.c - develop.langs.csharp + /develop/langs/haskell.nix + /develop/langs/go.nix + /develop/langs/js.nix + /develop/langs/rust.nix + /develop/langs/elixir.nix + /develop/langs/nix.nix + /develop/langs/zig.nix + /develop/langs/lua.nix + /develop/langs/c.nix + /develop/langs/csharp.nix # programs - programs.discord - programs.obs + /programs/discord.nix + /programs/obs.nix - programs.beets - programs.cmus + /programs/beets.nix + /programs/cmus.nix - programs.mpv + /programs/mpv.nix # gaming - programs.mangohud - programs.jc141 + /programs/mangohud.nix + /programs/jc141.nix - services.playerctl - services.polkit-agent + /services/playerctl.nix + /services/polkit-agent.nix ]; wayland.windowManager.sway.extraConfig = '' diff --git a/sys/profiles/programs/gpg.nix b/sys/profiles/programs/gpg.nix deleted file mode 100644 index fc6e537..0000000 --- a/sys/profiles/programs/gpg.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - programs.gnupg.agent = { - enable = true; - }; -}