thegeneralist01/config-new
1
Fork 0
Code Issues Pull requests Activity

prep main darwin config

Browse source
This commit is contained in:
TheGeneralist 2025-05-29 15:35:31 +02:00
parent 50da7ffff8
commit 523aaff701
No known key found for this signature in database
GPG key ID: C391D4D52D630F45
32 changed files with 423 additions and 142 deletions
Download patch file Download diff file Expand all files Collapse all files

159
flake.lock generated
View file

@ -43,6 +43,43 @@
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
@ -84,6 +121,37 @@
"type": "github"
}
},
"git-hooks-nix": {
"inputs": {
"flake-compat": [
"nix"
],
"gitignore": [
"nix"
],
"nixpkgs": [
"nix",
"nixpkgs"
],
"nixpkgs-stable": [
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1734279981,
"narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -91,11 +159,11 @@
]
},
"locked": {
"lastModified": 1747875884,
"narHash": "sha256-tdVx4kghhdy62LKuTnwE2RytOe8o88tah/yhpyuL0D4=",
"lastModified": 1748227609,
"narHash": "sha256-SaSdslyo6UGDpPUlmrPA4dWOEuxCy2ihRN9K6BnqYsA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f9186c64fcc6ee5f0114547acf9e814c806a640b",
"rev": "d23d20f55d49d8818ac1f1b2783671e8a6725022",
"type": "github"
},
"original": {
@ -104,6 +172,28 @@
"type": "github"
}
},
"nix": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"git-hooks-nix": "git-hooks-nix",
"nixpkgs": "nixpkgs",
"nixpkgs-23-11": "nixpkgs-23-11",
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1748188105,
"narHash": "sha256-skPu7lTZrTr6gShsN47IGPUX4+Y0CbI2gl8tG3Dh7hM=",
"owner": "NixOS",
"repo": "nix",
"rev": "543cee1c9272238f9402e5643402b99f952415c3",
"type": "github"
},
"original": {
"id": "nix",
"type": "indirect"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
@ -111,11 +201,11 @@
]
},
"locked": {
"lastModified": 1747820204,
"narHash": "sha256-oY/mH8K1LOd+YbO58sw9ORtOdTxy3rR9lvTzOJKVUtA=",
"lastModified": 1748149228,
"narHash": "sha256-mmonYFesFo42UUS49Hd0bcbVJRWX/aHBCDYUkkvylf4=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "e2676937faf868111dcea6a4a9cf4b6549907c9d",
"rev": "a9939228f661df370c4094fe85f683e45d761dbe",
"type": "github"
},
"original": {
@ -127,11 +217,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1747744144,
"narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=",
"lastModified": 1747179050,
"narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f",
"rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e",
"type": "github"
},
"original": {
@ -141,6 +231,38 @@
"type": "github"
}
},
"nixpkgs-23-11": {
"locked": {
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1741992157,
@ -173,13 +295,30 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1747744144,
"narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"ghostty": "ghostty",
"home-manager": "home-manager",
"nix": "nix",
"nix-darwin": "nix-darwin",
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs_2"
}
},
"systems": {

16
flake.nix
View file

@ -1,4 +1,4 @@
{
{
description = "thegeneralist's config flake";
inputs = {
@ -20,14 +20,22 @@
ghostty = {
url = "github:ghostty-org/ghostty";
};
# wrapper-manager = {
# url = "github:viperML/wrapper-manager";
# inputs.nixpkgs.follows = "nixpkgs";
# };
#nix.url = "github:DeterminateSystems/nix-src";
};
outputs = inputs@{ self, nixpkgs, ... }: let
outputs = inputs@{ self, nixpkgs, nix-darwin, nix, ... }: let
inherit (builtins) readDir;
inherit (nixpkgs.lib) attrsToList const groupBy listToAttrs mapAttrs;
inherit (nixpkgs.lib) attrsToList const groupBy listToAttrs mapAttrs last mkOption splitString;
#nix.enable = false;
lib = nixpkgs.lib // nix-darwin.lib;
targetHost = readDir ./hosts
|> mapAttrs (name: const <| import ./hosts/${name} nixpkgs.lib inputs self)
|> mapAttrs (name: const <| import ./hosts/${name} lib inputs self)
|> attrsToList
|> groupBy (host:
if host.name == "thegeneralist" then

22
hosts/thegeneralist-mbp/configuration.nix
View file

@ -5,28 +5,24 @@
{ self, config, pkgs, lib, inputs, ... }:
{
imports =
[
./hardware-configuration.nix
inputs.agenix.darwinModules.default
# inputs.home-manager.darwinModules.default
];
# age.secrets.hostkey.file = ./hostkey.age;
# services.openssh.hostKeys = [{
# type = "ed25519";
# path = config.age.secrets.hostkey.path;
# }];
imports = [ ./hardware-configuration.nix ];
users.users.thegeneralist = {
name = "thegeneralist";
home = "/Users/thegeneralist";
shell = pkgs.nushell;
shell = pkgs.zsh;
# openssh.authorizedKeys.keys = let
# inherit (import ../../keys.nix) thegeneralist;
# in [ thegeneralist ];
};
# home-manager = {
# extraSpecialArgs = { inherit inputs; };
# users = {
# thegeneralist = import (self + /modules/home);
# };
# };
# home-manager.users.thegeneralist.home = {
# stateVersion = "24.11";
# homeDirectory = "/Users/thegeneralist";

29
hosts/thegeneralist-mbp/default.nix
View file

@ -1,6 +1,22 @@
lib: inputs: self: lib.nixosSystem {
lib: inputs: self: lib.darwinSystem {
specialArgs = inputs // { inherit inputs; inherit self; };
modules = [
# Extensions: nixosModules, darwinModules, overlays
({ pkgs, lib, inputs, ... }: let
inherit (lib) attrValues hasAttrByPath getAttrFromPath filter;
collect = packagePath: (attrValues inputs)
|> filter (hasAttrByPath packagePath)
|> map (getAttrFromPath packagePath);
modules = collect [ "darwinModules" "default" ];
# todo
extensions = {
nixpkgs.overlays = collect [ "overlays" "default" ];
imports = modules;
};
in extensions)
./configuration.nix
# Modules
@ -11,16 +27,5 @@ lib: inputs: self: lib.nixosSystem {
in {
imports = commonModules ++ darwinModules;
})
# Overlays
({ pkgs, lib, ... }: let
inherit (lib) attrValues hasAttrByPath getAttrFromPath filter;
packagePath = [ "overlays" "default" ];
overlays = (attrValues inputs)
|> filter (hasAttrByPath packagePath)
|> map (getAttrFromPath packagePath);
in {
nixpkgs.overlays = overlays;
})
];
}

BIN
hosts/thegeneralist-mbp/hostkey.age
View file

Binary file not shown.

19
hosts/thegeneralist/configuration.nix
View file

@ -5,18 +5,7 @@
{ self, config, pkgs, lib, inputs, ... }:
{
imports =
[
./hardware-configuration.nix
inputs.agenix.nixosModules.default
inputs.home-manager.nixosModules.default
];
age.secrets.hostkey.file = ./hostkey.age;
services.openssh.hostKeys = [{
type = "ed25519";
path = config.age.secrets.hostkey.path;
}];
imports = [ ./hardware-configuration.nix ];
users.users.thegeneralist = {
isNormalUser = true;
@ -36,6 +25,12 @@
};
};
age.secrets.hostkey.file = ./hostkey.age;
services.openssh.hostKeys = [{
type = "ed25519";
path = config.age.secrets.hostkey.path;
}];
# Some programs
services.libinput.enable = true;
programs.firefox.enable = true;

29
hosts/thegeneralist/default.nix
View file

@ -1,21 +1,30 @@
lib: inputs: self: lib.nixosSystem {
specialArgs = inputs // { inherit inputs; inherit self; };
modules = [
./configuration.nix
({ pkgs, ... }: let
inherit (lib) filter hasSuffix;
modules = lib.filesystem.listFilesRecursive ../../modules/linux |> filter (hasSuffix ".nix");
in {
imports = modules;
})
# Extensions: nixosModules, darwinModules, overlays
({ pkgs, lib, ... }: let
inherit (lib) attrValues hasAttrByPath getAttrFromPath filter;
packagePath = [ "overlays" "default" ];
overlays = (attrValues inputs)
collect = packagePath: (attrValues inputs)
|> filter (hasAttrByPath packagePath)
|> map (getAttrFromPath packagePath);
modules = collect [ "nixosModules" "default" ];
extensions = modules // {
nixpkgs.overlays = collect [ "overlays" "default" ];
imports = modules;
};
in extensions)
./configuration.nix
# Modules
({ pkgs, ... }: let
inherit (lib) filter hasSuffix;
commonModules = lib.filesystem.listFilesRecursive ../../modules/common |> filter (hasSuffix ".nix");
linuxModules = lib.filesystem.listFilesRecursive ../../modules/linux |> filter (hasSuffix ".nix");
in {
nixpkgs.overlays = overlays;
imports = commonModules ++ linuxModules;
})
];
}

2
modules/linux/agenix.nix → modules/common/agenix.nix
View file

@ -4,6 +4,6 @@
];
age.identityPaths = [
"/home/thegeneralist/.ssh/id_ed25519"
"~/.ssh/id_ed25519"
];
}

11
modules/common/custom-options.nix Normal file
View file

@ -0,0 +1,11 @@
{ lib, pkgs, ... }:
{
options = {
onLinux = lib.mkOption {
type = lib.types.bool;
default = pkgs.stdenv.isLinux;
description = "Whether the system is running on Linux";
};
};
}

1
modules/common/default.nix
View file

@ -1 +0,0 @@
{}

13
modules/common/dns-options.nix Normal file
View file

@ -0,0 +1,13 @@
{ lib, options, ... }: let
inherit (lib) mkOption;
in {
options.dnsServers = mkOption {
default = [
"45.90.28.0#365fed.dns.nextdns.io"
"2a07:a8c0::#365fed.dns.nextdns.io"
"45.90.30.0#365fed.dns.nextdns.io"
"2a07:a8c1::#365fed.dns.nextdns.io"
"100.100.100.100#shorthair-wall.ts.net"
];
};
}

29
modules/common/ghostty.nix Normal file
View file

@ -0,0 +1,29 @@
{ pkgs, ... }: {
# environment.variables = {
# TERMINAL = "ghostty";
# };
#
# home-manager.sharedModules = [{
# programs.ghostty = {
# enable = true;
# package = pkgs.ghostty;
#
# clearDefaultKeybinds = false;
# settings = {
# theme = "tokyonight";
# font-family = "JetBrainsMono NL NFM Medium";
# font-size = 16;
#
# shell-integration-features = "no-cursor";
#
# cursor-style = "block";
# background-opacity = 1;
#
# background-blur-radius = 0;
#
# gtk-titlebar = false;
# mouse-hide-while-typing = true;
# };
# };
# }];
}

0
modules/linux/git.nix → modules/common/git.nix
View file

6
modules/common/home-manager.nix Normal file
View file

@ -0,0 +1,6 @@
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
}

23
modules/linux/neovim.nix → modules/common/neovim.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, ... }: {
{ pkgs, options, lib, ... }: {
environment.variables.EDITOR = "nvim";
home-manager.sharedModules = [{
@ -27,15 +27,18 @@
#llvmPackages_20.clangWithLibcAndBasicRtAndLibcxx
];
home.file.".config/i3status" = {
source = ../home/dotfiles/i3status;
force = true;
recursive = true;
home.file = lib.mkIf options.onLinux {
".config/i3status" = {
source = ../home/dotfiles/i3status;
force = true;
recursive = true;
};
};
}];
programs.npm.npmrc = ''
prefix=~/.npm-packages
color=true
'';
# TODO: this
# programs.npm.npmrc = ''
# prefix=~/.npm-packages
# color=true
# '';
}];
}

24
modules/common/nix.nix Normal file
View file

@ -0,0 +1,24 @@
{ pkgs, lib, ...}: {
# todo: gc
# todo: cache
environment.systemPackages = with pkgs; [
nh
];
lib.debug.traceVal = pkgs.nh;
nix.settings.experimental-features = [
"flakes"
"nix-command"
"pipe-operators"
];
home-manager.sharedModules = [{
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "~/config";
};
}];
}

12
modules/linux/nushell/config.nu → modules/common/nushell/config.nu
View file

@ -1,6 +1,18 @@
$env.config.buffer_editor = "/home/thegeneralist/.nix-profile/bin/nvim"
$env.config.show_banner = false
$env.config = {
shell_integration: {
osc2: false
osc7: true
osc8: true
osc9_9: false
osc133: true
osc633: true
reset_application_mode: true
}
}
# Basic Aliases
alias v = nvim .
alias ff = fastfetch --load-config examples/10.jsonc

36
modules/linux/nushell/default.nix → modules/common/nushell/default.nix
View file

@ -1,11 +1,32 @@
{ config, pkgs, lib, ... }: let
inherit (lib) readFile;
{ config, pkgs, lib, wrapper-manager, ... }: let
inherit (lib) readFile getExe mkIf optionalAttrs;
in {
# TODO: starship + change the zoxide src
# TODO: Rust tooling
environment = {
home-manager.sharedModules = [
(homeArgs: {
xdg = {
enable = true;
configHome = "~/.config";
};
programs.nushell = {
enable = true;
package = pkgs.nushell;
configFile.text = readFile ./config.nu;
envFile.text = readFile ./env.nu;
environmentVariables = config.environment.variables // homeArgs.config.home.sessionVariables;
};
})
];
environment = optionalAttrs config.onLinux {
sessionVariables.SHELLS = getExe pkgs.nushell;
} // {
shells = mkIf (!config.onLinux) [ pkgs.nushell pkgs.zsh ];
systemPackages = with pkgs; [
nushell
fish
zoxide
ripgrep
jq
@ -37,13 +58,4 @@ in {
rb = "nh os switch . -v -- --show-trace --verbose";
};
};
home-manager.sharedModules = [{
programs.nushell = {
enable = true;
configFile.text = readFile ./config.nu;
envFile.text = readFile ./env.nu;
environmentVariables = config.environment.variables;
};
}];
}

10
modules/linux/nushell/env.nu → modules/common/nushell/env.nu
View file

@ -1,6 +1,12 @@
$env.ENV_CONVERSIONS.PATH = {
from_string: {|string|
$string | split row (char esep) | path expand --no-symlink
}
to_string: {|value|
$value | path expand --no-symlink | str join (char esep)
}
}
# NVM
# TODO: this
# source ("/Users/thegeneralist/.nvm/" | path join "nvm.sh")
# GPG TTY

13
modules/common/packages.nix Normal file
View file

@ -0,0 +1,13 @@
{ pkgs, lib, ...}: let
inherit (lib) attrValues;
in {
environment.systemPackages = attrValues {
inherit (pkgs)
wget
zsh
neovim
vim
home-manager
;
};
}

7
modules/common/tailscale.nix Normal file
View file

@ -0,0 +1,7 @@
{ config, ... }: {
services.tailscale = {
enable = true;
};
networking.search = [ "shorthair-wall.ts.net" ];
}

0
modules/linux/zsh.nix → modules/common/zsh.nix
View file

1
modules/darwin/default.nix
View file

@ -1 +0,0 @@

11
modules/darwin/dns.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, lib, ... }: {
networking.knownNetworkServices = [
"Wi-Fi"
"Firewall"
"Thunderbolt Bridge"
];
networking.dns = config.dnsServers
|> map (lib.splitString "#")
|> map lib.head;
}

14
modules/darwin/ssh.nix Normal file
View file

@ -0,0 +1,14 @@
# { lib, ... }: let
# sshOptions = {
# PermitRootLogin = "no";
# PasswordAuthentication = "no";
# };
# in {
# services.openssh = {
# enable = true;
# extraConfig = sshOptions
# |> lib.mapAttrsToList (name: value: "${name} ${value}")
# |> lib.concatStringsSep "\n";
# };
# }
{}

6
modules/home/default.nix
View file

@ -1,10 +1,8 @@
{ config, pkgs, inputs, lib, ... }: {
{ config, options, pkgs, inputs, lib, ... }: {
home.username = "thegeneralist";
home.homeDirectory = "/home/thegeneralist";
home.homeDirectory = if options.onLinux then "/home/thegeneralist" else "/Users/thegeneralist";
home.packages = with pkgs; [
android-tools
zip
xz
unzip

15
modules/linux/dns.nix Normal file
View file

@ -0,0 +1,15 @@
{ config, lib, ... }: let
inherit (lib) concatStringsSep;
in {
# TODO: add fallback & check other options
services.resolved = {
enable = true;
extraConfig = config.dnsServers
|> map (server: "DNS=${server}")
|> concatStringsSep "\n";
dnssec = "true";
dnsovertls = "true";
};
}

29
modules/linux/ghostty.nix
View file

@ -1,29 +0,0 @@
{ pkgs, ... }: {
environment.variables = {
TERMINAL = "ghostty";
};
home-manager.sharedModules = [{
programs.ghostty = {
enable = true;
package = pkgs.ghostty;
clearDefaultKeybinds = false;
settings = {
theme = "tokyonight";
font-family = "JetBrainsMono NL NFM Medium";
font-size = 16;
shell-integration-features = "no-cursor";
cursor-style = "block";
background-opacity = 1;
background-blur-radius = 0;
gtk-titlebar = false;
mouse-hide-while-typing = true;
};
};
}];
}

8
modules/linux/nix.nix
View file

@ -1,8 +0,0 @@
{
# todo: gc
nix.settings.experimental-features = [
"flakes"
"nix-command"
"pipe-operators"
];
}

7
modules/linux/packages.nix
View file

@ -1,13 +1,8 @@
{ pkgs, lib, agenix, ...}: let
{ pkgs, lib, ...}: let
inherit (lib) attrValues;
in {
environment.systemPackages = attrValues {
inherit (pkgs)
wget
zsh
neovim
vim
home-manager
protonup-qt
pipewire
pwvucontrol

4
modules/linux/ssh.nix
View file

@ -6,8 +6,4 @@
PasswordAuthentication = false;
};
};
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 22 ];
# networking.firewall.allowedUDPPorts = [ ... ];
}

9
modules/linux/tailscale.nix
View file

@ -1,4 +1,4 @@
{ config, ... }: {
{ config, ...}: {
age.secrets.tailscaleMarshall.file = ./tailscale-marshall.age;
services.tailscale = {
enable = true;
@ -11,7 +11,10 @@
authKeyFile = config.age.secrets.tailscaleMarshall.path;
};
networking.nameservers = [ "100.100.100.100" "8.8.8.8" "1.1.1.1" ];
networking.search = [ "shorthair-wall.ts.net" ];
networking.firewall.enable = true;
networking.firewall.trustedInterfaces = [ "tailscale0" ];
# for SSH
networking.firewall.allowedTCPPorts = [ 22 ];
networking.nameservers = [ "100.100.100.100" "8.8.8.8" "1.1.1.1" ];
}