diff --git a/flake.lock b/flake.lock index bdc643a..d2ec86d 100644 --- a/flake.lock +++ b/flake.lock @@ -64,11 +64,11 @@ "quickshell": "quickshell" }, "locked": { - "lastModified": 1767325825, - "narHash": "sha256-DVQByhV9jLS8Zn2HsYdHMoaH2h+XP90NEVk2f6vhgGg=", + "lastModified": 1767411397, + "narHash": "sha256-L+ua2DR5q1a3aT0TG9n3mCfSpa/WUkxamZOcteGq9+Y=", "owner": "AvengeMedia", "repo": "DankMaterialShell", - "rev": "5e111d89a5e8a3aa473bedde642af63a756a96f2", + "rev": "e1817027b1aafee74fd7d38ef109c932cb6758de", "type": "github" }, "original": { @@ -274,15 +274,16 @@ ] }, "locked": { - "lastModified": 1767104570, - "narHash": "sha256-GKgwu5//R+cLdKysZjGqvUEEOGXXLdt93sNXeb2M/Lk=", + "lastModified": 1767280655, + "narHash": "sha256-YmaYMduV5ko8zURUT1VLGDbVC1L/bxHS0NsiPoZ6bBM=", "owner": "nix-community", "repo": "home-manager", - "rev": "e4e78a2cbeaddd07ab7238971b16468cc1d14daf", + "rev": "d49d2543f02dbd789ed032188c84570d929223cb", "type": "github" }, "original": { "owner": "nix-community", + "ref": "release-25.11", "repo": "home-manager", "type": "github" } @@ -380,11 +381,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1767300597, - "narHash": "sha256-kr8ThYlgv/cvwbYnqy/EAoYtAi3W5XMlmrXtF1YnUmo=", + "lastModified": 1767381047, + "narHash": "sha256-mQTek8IQ9uxaRxEI16iRtKkJ+RVq1QWHpleS5ICy+lc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "31d3181e1ee91e338fb4fb8207d64b8d689310fc", + "rev": "ee67278038b5b6597172b2a3ee9d57f6ad0eafc7", "type": "github" }, "original": { @@ -664,11 +665,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1767319620, - "narHash": "sha256-salrbdHzVTRpgnASAJMX61kuqrg65KiuQ2yxkrVcB8Y=", + "lastModified": 1767405595, + "narHash": "sha256-FTXYiEk7n7H4dz1w1ERIFeNUMiJOpQVnYsv0rVGA0cE=", "owner": "fufexan", "repo": "nix-gaming", - "rev": "f39d1b692c466255e7f5b2fa8ac5b8aead5eadb5", + "rev": "c7c279000ebcca7a02d74494c03804befcd8ba64", "type": "github" }, "original": { @@ -677,6 +678,26 @@ "type": "github" } }, + "nix-index-database": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1765267181, + "narHash": "sha256-d3NBA9zEtBu2JFMnTBqWj7Tmi7R5OikoU2ycrdhQEws=", + "owner": "nix-community", + "repo": "nix-index-database", + "rev": "82befcf7dc77c909b0f2a09f5da910ec95c5b78f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-index-database", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1744536153, @@ -803,11 +824,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1767047869, - "narHash": "sha256-tzYsEzXEVa7op1LTnrLSiPGrcCY6948iD0EcNLWcmzo=", + "lastModified": 1767325753, + "narHash": "sha256-yA/CuWyqm+AQo2ivGy6PlYrjZBQm7jfbe461+4HF2fo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "89dbf01df72eb5ebe3b24a86334b12c27d68016a", + "rev": "64049ca74d63e971b627b5f3178d95642e61cedd", "type": "github" }, "original": { @@ -965,6 +986,7 @@ "hyprland-dots": "hyprland-dots", "linux-desktop-gremlin": "linux-desktop-gremlin", "nix-gaming": "nix-gaming", + "nix-index-database": "nix-index-database", "nixpkgs": "nixpkgs_8", "nvim-dots": "nvim-dots", "pinix": "pinix", @@ -1038,11 +1060,11 @@ }, "unstable": { "locked": { - "lastModified": 1767242400, - "narHash": "sha256-knFaYjeg7swqG1dljj1hOxfg39zrIy8pfGuicjm9s+o=", + "lastModified": 1767273430, + "narHash": "sha256-kDpoFwQ8GLrPiS3KL+sAwreXrph2KhdXuJzo5+vSLoo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c04833a1e584401bb63c1a63ddc51a71e6aa457a", + "rev": "76eec3925eb9bbe193934987d3285473dbcfad50", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0a2963e..99df70b 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; home-manager = { - url = "github:nix-community/home-manager"; + url = "github:nix-community/home-manager/release-25.11"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -72,6 +72,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + # vps OOMs when trying to nix-index with 8 GB of ram + nix-index-database = { + url = "github:nix-community/nix-index-database"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + # TODO: sops-nix = { # url = "github:Mic92/sops-nix"; # inputs.nixpkgs.follows = "nixpkgs"; @@ -93,6 +99,7 @@ dankMaterialShell, pinix, disko, + nix-index-database, aagl, #sops-nix, ... @@ -175,7 +182,7 @@ extraSpecialArgs = { inherit inputs; hyprlanddots = inputs.hyprland-dots; - nvimDotfiles = inputs.nvim-dots; + nvimDots = inputs.nvim-dots; dankMaterialShell = inputs.dankMaterialShell.packages.${system}.default; }; users.cobray = import ./home-manager/cobray.nix; @@ -190,6 +197,7 @@ }; modules = [ disko.nixosModules.disko + nix-index-database.nixosModules.nix-index { nixpkgs = { config = { @@ -199,7 +207,6 @@ hostPlatform = system; overlays = [ (final: prev: { - pinix = inputs.pinix.packages.${system}.default; inherit (customPkgs) minijinja-cli @@ -220,8 +227,10 @@ useUserPackages = true; extraSpecialArgs = { inherit inputs; - nvimDotfiles = inputs.nvim-dots; + nvimDots = inputs.nvim-dots; + hyprlanddots = inputs.hyprland-dots; }; + users.alteur = import ./home-manager/alteur.nix; }; } ]; diff --git a/home-manager/alteur.nix b/home-manager/alteur.nix new file mode 100644 index 0000000..ba063d0 --- /dev/null +++ b/home-manager/alteur.nix @@ -0,0 +1,50 @@ +{ + config, + lib, + pkgs, + nvimDots, + hyprlanddots, + ... +}: { + imports = [ + ./modules/fish.nix + ./modules/lazygit.nix + ./modules/nvim.nix + ./modules/starship.nix + ./modules/zellij.nix + ]; + home = { + username = "alteur"; + homeDirectory = "/home/alteur"; + stateVersion = "25.11"; + activation.ServerInit = lib.hm.dag.entryAfter ["linkGeneration"] '' + set -euo pipefail + umask 022 + repo=${lib.escapeShellArg hyprlanddots} + nvimrepo=${lib.escapeShellArg nvimDots} + mkdir -p "${config.xdg.configHome}" + copy_dir() { + src="$1"; dest="$2"; skip="''${3:-true}" + [ -d "$src" ] || return 0 + [ "$skip" = "true" ] && [ -e "$dest" ] && return 0 + mkdir -p "$dest" + if [ -x ${pkgs.rsync}/bin/rsync ]; then + ${pkgs.rsync}/bin/rsync -rlD \ + --chmod=Du=rwx,Dgo=rx,Fu=rw,Fgo=r \ + -- "$src"/ "$dest"/ + else + cp -R -P --no-preserve=mode,ownership,timestamps -- "$src"/. "$dest"/ + fi + chmod -R u+rwX "$dest" + } + copy_dir "$repo/fish" "${config.xdg.configHome}/fish" + copy_dir "$nvimrepo" "${config.xdg.configHome}/nvim" + if [ -f "$repo/starship.toml" ] && [ ! -e "${config.xdg.configHome}/starship.toml" ]; then + install -Dm0644 "$repo/starship.toml" "${config.xdg.configHome}/starship.toml" + fi + ''; + }; + programs.home-manager.enable = true; + #home.packages = with pkgs; [ + #]; +} diff --git a/hosts/magus.nix b/hosts/magus.nix index ea2d800..9313b83 100644 --- a/hosts/magus.nix +++ b/hosts/magus.nix @@ -18,6 +18,11 @@ ./modules/npm.nix ./modules/nixos.nix ./modules/appimage.nix + ./modules/tailscale.nix + ./modules/rust.nix + ./modules/python.nix + ./modules/go.nix + ./modules/ld.nix ]; system.stateVersion = "25.11"; @@ -26,13 +31,12 @@ efiSupport = false; }; + programs.fish.enable = true; + environment.systemPackages = with pkgs; [ - git - btop - ffmpeg - yt-dlp - fastfetch - zellij + busybox + xclip + direnv ]; nix = { gc = { diff --git a/hosts/server/security.nix b/hosts/server/security.nix index 7850ea7..fbf7c58 100644 --- a/hosts/server/security.nix +++ b/hosts/server/security.nix @@ -10,12 +10,16 @@ PermitRootLogin = "prohibit-password"; PasswordAuthentication = false; }; + extraConfig = '' + StreamLocalBindUnlink yes + ''; }; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK29z1CTXF77ykGyklPM8X3SxeMYM7zHyoIDGi2C9/HU riiidge.racer@gmail.com" ]; users.users.alteur = { isNormalUser = true; + shell = pkgs.fish; extraGroups = ["wheel" "docker"]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK29z1CTXF77ykGyklPM8X3SxeMYM7zHyoIDGi2C9/HU riiidge.racer@gmail.com"