Origami404/flake
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

flake init

Browse Source
This commit is contained in:
Origami404
2024-06-22 07:01:00 +08:00
commit f5dbb17136
7 changed files with 587 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.sops.yaml
+7
View File
@@ -0,0 +1,7 @@
keys:
- &primary age1npdfwkrrq89585wjamxxthdswwh4fmmfs5a07v70g7n6vhdhvf3sc0rv5r
creation_rules:
- path_regex: secrets/secrets.yaml$
key_groups:
- age:
- *primary
configuration.nix
+149
View File
@@ -0,0 +1,149 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, inputs, helix, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
inputs.sops-nix.nixosModules.sops
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
boot.loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi";
};
grub = {
efiSupport = true;
device = "nodev";
};
};
networking.hostName = "um790-nix";
networking.networkmanager.enable = true;
time.timeZone = "Asia/Shanghai";
nix.settings = {
extra-trusted-users = ["origami"];
extra-substituters = [
"https://mirror.tuna.edu.cn/nix-channels/store"
"https://cache.nixos.org"
];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
git
vim
wget
curl
# Shell & Editor
fish # better shell
helix.packages."${pkgs.system}".helix
# Archives
zip
xz
unzip
p7zip
zstd
gnutar
atool # all-in-one tar
# Modern unix
ripgrep # better grep
jq # better cat on json
bat # better cat on everything
eza # better ls
fzf # A command-line fuzzy finder
du-dust # better du
duf # better df
fd # better find
btop # better top
procs # better ps
zoxide # better cd
scc # better cloc
# Networking
mtr # better traceroute
iperf3
q # better dig/nslookup
socat # better netcat
nmap
# Misc
file
which
tree
gnused # sed
gawk # awk
gnupg
pciutils # lspci
usbutils # lsusb
neofetch
v2raya # Only for Chinese user
# nix related
#
# it provides the command `nom` works just like `nix`
# with more details log output
nix-output-monitor
# system call monitoring
strace # system call monitoring
ltrace # library call monitoring
lsof # list open files
# Desktop Utils
kitty # Terminal emulator
wofi # Application runner
chromium # Web browser
dunst # Notication daemon
pipewire # Sound manager
wireplumber
waybar # Status bar
];
#programs.hyprland.enable = true;
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
# Users
programs.fish.enable = true;
users.groups.origami.gid = 1000;
users.users.origami = {
isNormalUser = true;
shell = pkgs.fish;
description = "Origami404";
group = "origami";
extraGroups = [ "networkmanager" "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAZxRoweHoLfoaydPqhsLnc4EGgwTp7Uz1DZ2DG447B+ origami@fedora"
];
};
security.sudo.wheelNeedsPassword = false;
sops.defaultSopsFile = ./secrets/secrets.yaml;
sops.defaultSopsFormat = "yaml";
sops.age.keyFile = "/home/origami/.config/sops/age/keys.txt"
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
system.stateVersion = "23.11";
}
flake.lock
Generated
+298
View File
@@ -0,0 +1,298 @@
{
"nodes": {
"crane": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": [
"helix",
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1688772518,
"narHash": "sha256-ol7gZxwvgLnxNSZwFTDJJ49xVY5teaSvF7lzlo3YQfM=",
"owner": "ipetkov",
"repo": "crane",
"rev": "8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1689068808,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"helix": {
"inputs": {
"crane": "crane",
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1703879161,
"narHash": "sha256-TNEsdsaCG1+PvGINrV/zw7emzwpfWiml4b77l2n5UEI=",
"owner": "helix-editor",
"repo": "helix",
"rev": "85fce2f5b6c9f35ab9d3361f3933288a28db83d4",
"type": "github"
},
"original": {
"owner": "helix-editor",
"repo": "helix",
"rev": "85fce2f5b6c9f35ab9d3361f3933288a28db83d4",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1703367386,
"narHash": "sha256-FMbm48UGrBfOWGt8+opuS+uLBLQlRfhiYXhHNcYMS5k=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "d5824a76bc6bb93d1dce9ebbbcb09a9b6abcc224",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1690272529,
"narHash": "sha256-MakzcKXEdv/I4qJUtq/k/eG+rVmyOZLnYNC2w1mB59Y=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ef99fa5c5ed624460217c31ac4271cfb5cb2502c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1718478900,
"narHash": "sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c884223af91820615a6146af1ae1fea25c107005",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1703900474,
"narHash": "sha256-Zu+chYVYG2cQ4FCbhyo6rc5Lu0ktZCjRbSPE0fDgukI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9dd7699928e26c3c00d5d46811f1358524081062",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1718276985,
"narHash": "sha256-u1fA0DYQYdeG+5kDm1bOoGcHtX0rtC7qs2YA2N1X++I=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3f84a279f1a6290ce154c5531378acc827836fbb",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"helix": "helix",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs_2",
"sops-nix": "sops-nix"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"helix",
"crane",
"flake-utils"
],
"nixpkgs": [
"helix",
"crane",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704075545,
"narHash": "sha256-L3zgOuVKhPjKsVLc3yTm2YJ6+BATyZBury7wnhyc8QU=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "a0df72e106322b67e9c6e591fe870380bd0da0d5",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"flake-utils": [
"helix",
"flake-utils"
],
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1690424156,
"narHash": "sha256-Bpml+L280tHTQpwpC5/BJbU4HSvEzMvW8IZ4gAXimhE=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "f335a0213504c7e6481c359dc1009be9cf34432c",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1718506969,
"narHash": "sha256-Pm9I/BMQHbsucdWf6y9G3xBZh3TMlThGo4KBbeoeczg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "797ce4c1f45a85df6dd3d9abdc53f2691bea9251",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}
flake.nix
+32
View File
@@ -0,0 +1,32 @@
{
description = "Origami404's NixOS Flake";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
home-manager = {
url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs";
};
helix.url = "github:helix-editor/helix/85fce2f5b6c9f35ab9d3361f3933288a28db83d4";
sops-nix.url = "github:Mic92/sops-nix";
};
outputs = { nixpkgs, home-manager, ... }@inputs: {
nixosConfigurations = {
"um790-nix" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = inputs;
modules = [
./configuration.nix
#home-manager.nixosModules.home-manager {
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
# home-manager.users.origami = import ./home.nix;
# home-manager.extraSpecialArgs = inputs;
#}
];
};
};
};
}
hardware-configuration.nix
+53
View File
@@ -0,0 +1,53 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/1b3938f0-358f-4358-b7fb-b448b6eba56a";
fsType = "btrfs";
options = [ "subvol=@nixos" ];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/1b3938f0-358f-4358-b7fb-b448b6eba56a";
fsType = "btrfs";
options = [ "subvol=@nix" ];
};
fileSystems."/boot/efi" =
{ device = "/dev/disk/by-uuid/1861-1CA6";
fsType = "vfat";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/1b3938f0-358f-4358-b7fb-b448b6eba56a";
fsType = "btrfs";
options = [ "subvol=@home" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
home.nix
+27
View File
@@ -0,0 +1,27 @@
{ config, pkgs, ... }:
{
home.username = "origami";
home.homeDirectory = "/home/origami";
programs.home-manager.enable = true;
programs.git = {
enable = true;
userName = "origami";
userEmail = "Origami404@foxmail.com";
};
home.packages = with pkgs;[];
programs.bash = {
enable = true;
enableCompletion = true;
bashrcExtra = ''
export PATH="$PATH:$HOME/bin:$HOME/.local/bin:$HOME/go/bin"
'';
};
home.stateVersion = "23.11";
}
secrets/secrets.yaml
+21
View File
@@ -0,0 +1,21 @@
ssh-private-key: ENC[AES256_GCM,data:6FGOhPZQOJ8=,iv:RB+wxIUupe8GSzTzprH3C1naMq9XyBcEJYpWvY+8kWk=,tag:phDITUcI3+zgpJfKS/tpHQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1npdfwkrrq89585wjamxxthdswwh4fmmfs5a07v70g7n6vhdhvf3sc0rv5r
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHMVg5b2FTTkU2eGJ1U21B
TExGWi9RSFNqMTlXQlBKODV6RzAzWGppbHhVCmhwaHBZY0FqbmpCZkhYTFExT05t
cExOT0V3T1V5UEN2M0FTaFJLb2NDb0kKLS0tIFJrVVFVdEtzMC9PZ09MdzJSTktG
MW4wQS80V3VpWlpYMWdDYWFTMk81VEkK0bBT2NFCNd4OpMbi8jq/mnOM/1Qa3pWT
P0JVrJSJM3pfrYaLfeRbmKvTh/NwX1IygqrNZ6BqduhQs/xRsZtCQQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-21T21:50:37Z"
mac: ENC[AES256_GCM,data:ObwmSRiLU/OBTUX0k0SftiwDwmkKxVOziI2KLBR1p4wL/Me/Qp5wOzJYd83p+cBlxIpn8rjtUxbS+bz0p3mMckeTfoJjyElnn8gx/fJYLsdnXSIqcyfUOA9XWV16t7jeQj2ZW8OcTns0+O1+A1TCucvwXX4xugB2h4kzcFuZS6U=,iv:q0N7HdlWN9MltUI3N5nXU1FzTPz1oi0jl/T8YvGSP8Q=,tag:U1HkWvheOM8D0gQ/yWBJ+A==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1