prep main darwin config

modules/common/agenix.nix

@@ -4,6 +4,6 @@
   ];
 
   age.identityPaths = [
-    "/home/thegeneralist/.ssh/id_ed25519"
+    "~/.ssh/id_ed25519"
   ];
 }

modules/common/custom-options.nix

@@ -0,0 +1,11 @@
+{ lib, pkgs, ... }:
+
+{
+  options = {
+    onLinux = lib.mkOption {
+      type = lib.types.bool;
+      default = pkgs.stdenv.isLinux;
+      description = "Whether the system is running on Linux";
+    };
+  };
+}

modules/common/default.nix

@@ -1 +0,0 @@
-{}

modules/common/dns-options.nix

@@ -0,0 +1,13 @@
+{ lib, options, ... }: let
+  inherit (lib) mkOption;
+in {
+  options.dnsServers = mkOption {
+    default = [
+      "45.90.28.0#365fed.dns.nextdns.io"
+      "2a07:a8c0::#365fed.dns.nextdns.io"
+      "45.90.30.0#365fed.dns.nextdns.io"
+      "2a07:a8c1::#365fed.dns.nextdns.io"
+      "100.100.100.100#shorthair-wall.ts.net"
+    ];
+  };
+}

modules/common/ghostty.nix

@@ -0,0 +1,29 @@
+{ pkgs, ... }: {
+  # environment.variables = {
+  #   TERMINAL = "ghostty";
+  # };
+  #
+  # home-manager.sharedModules = [{
+  #   programs.ghostty = {
+  #     enable = true;
+  #     package = pkgs.ghostty;
+  #
+  #     clearDefaultKeybinds = false;
+  #     settings = {
+  #       theme = "tokyonight";
+  #       font-family = "JetBrainsMono NL NFM Medium";
+  #       font-size = 16;
+  #
+  #       shell-integration-features = "no-cursor";
+  #
+  #       cursor-style = "block";
+  #       background-opacity = 1;
+  #
+  #       background-blur-radius = 0;
+  #
+  #       gtk-titlebar = false;
+  #       mouse-hide-while-typing = true;
+  #     };
+  #   };
+  # }];
+}

modules/common/home-manager.nix

@@ -0,0 +1,6 @@
+{
+  home-manager = {
+    useGlobalPkgs   = true;
+    useUserPackages = true;
+  };
+}

modules/common/neovim.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, ... }: {
+{ pkgs, options, lib, ... }: {
   environment.variables.EDITOR = "nvim";
 
   home-manager.sharedModules = [{
@@ -27,15 +27,18 @@
       #llvmPackages_20.clangWithLibcAndBasicRtAndLibcxx
     ];
 
-    home.file.".config/i3status" = {
-      source = ../home/dotfiles/i3status;
-      force = true;
-      recursive = true;
+    home.file = lib.mkIf options.onLinux {
+      ".config/i3status" = {
+        source = ../home/dotfiles/i3status;
+        force = true;
+        recursive = true;
+      };
     };
-  }];
 
-  programs.npm.npmrc = ''
-    prefix=~/.npm-packages
-    color=true
-  '';
+    # TODO: this
+    # programs.npm.npmrc = ''
+    #   prefix=~/.npm-packages
+    #   color=true
+    # '';
+  }];
 }

modules/common/nix.nix

@@ -0,0 +1,24 @@
+{ pkgs, lib, ...}: {
+  # todo: gc
+  # todo: cache
+  environment.systemPackages = with pkgs; [
+    nh
+  ];
+
+  lib.debug.traceVal = pkgs.nh;
+
+  nix.settings.experimental-features = [
+    "flakes"
+    "nix-command"
+    "pipe-operators"
+  ];
+
+  home-manager.sharedModules  = [{
+    programs.nh = {
+      enable = true;
+      clean.enable = true;
+      clean.extraArgs = "--keep-since 4d --keep 3";
+      flake = "~/config";
+    };
+  }];
+}

modules/common/nushell/config.nu

@@ -1,6 +1,18 @@
 $env.config.buffer_editor = "/home/thegeneralist/.nix-profile/bin/nvim"
 $env.config.show_banner = false
 
+$env.config = {
+  shell_integration: {
+    osc2:                   false
+    osc7:                   true
+    osc8:                   true
+    osc9_9:                 false
+    osc133:                 true
+    osc633:                 true
+    reset_application_mode: true
+  }
+}
+
 # Basic Aliases
 alias v = nvim .
 alias ff = fastfetch --load-config examples/10.jsonc

modules/common/nushell/default.nix

@@ -1,11 +1,32 @@
-{ config, pkgs, lib, ... }: let
-  inherit (lib) readFile;
+{ config, pkgs, lib, wrapper-manager, ... }: let
+  inherit (lib) readFile getExe mkIf optionalAttrs;
 in {
   # TODO: starship + change the zoxide src
   # TODO: Rust tooling
-  environment = {
+  home-manager.sharedModules = [
+    (homeArgs: {
+      xdg = {
+        enable = true;
+        configHome = "~/.config";
+      };
+      programs.nushell = {
+        enable = true;
+        package = pkgs.nushell;
+        configFile.text = readFile ./config.nu;
+        envFile.text = readFile ./env.nu;
+        environmentVariables = config.environment.variables // homeArgs.config.home.sessionVariables;
+      };
+    })
+  ];
+
+  environment =  optionalAttrs config.onLinux {
+    sessionVariables.SHELLS = getExe pkgs.nushell;
+  } // {
+    shells = mkIf (!config.onLinux) [ pkgs.nushell pkgs.zsh ];
+
     systemPackages = with pkgs; [
       nushell
+      fish
       zoxide
       ripgrep
       jq
@@ -37,13 +58,4 @@ in {
       rb = "nh os switch . -v -- --show-trace --verbose";
     };
   };
-
-  home-manager.sharedModules = [{
-    programs.nushell = {
-      enable = true;
-      configFile.text = readFile ./config.nu;
-      envFile.text = readFile ./env.nu;
-      environmentVariables = config.environment.variables;
-    };
-  }];
 }

modules/common/nushell/env.nu

@@ -1,6 +1,12 @@
-
+$env.ENV_CONVERSIONS.PATH = {
+  from_string: {|string|
+    $string | split row (char esep) | path expand --no-symlink
+  }
+  to_string: {|value|
+    $value | path expand --no-symlink | str join (char esep)
+  }
+}
 # NVM
-# TODO: this
 # source ("/Users/thegeneralist/.nvm/" | path join "nvm.sh")
 
 # GPG TTY

modules/common/packages.nix

@@ -0,0 +1,13 @@
+{ pkgs, lib, ...}: let
+  inherit (lib) attrValues;
+in {
+  environment.systemPackages = attrValues {
+    inherit (pkgs)
+      wget
+      zsh
+      neovim
+      vim
+      home-manager
+    ;
+  };
+}

modules/common/tailscale.nix

@@ -0,0 +1,7 @@
+{ config, ... }: {
+  services.tailscale = {
+    enable = true;
+  };
+
+  networking.search = [ "shorthair-wall.ts.net" ];
+}

modules/darwin/default.nix

@@ -1 +0,0 @@
-

modules/darwin/dns.nix

@@ -0,0 +1,11 @@
+{ config, lib, ... }: {
+  networking.knownNetworkServices = [
+    "Wi-Fi"
+    "Firewall"
+    "Thunderbolt Bridge"
+  ];
+
+  networking.dns = config.dnsServers
+    |> map (lib.splitString "#")
+    |> map lib.head;
+}

modules/darwin/ssh.nix

@@ -0,0 +1,14 @@
+# { lib, ... }: let
+#   sshOptions = {
+#     PermitRootLogin = "no";
+#     PasswordAuthentication = "no";
+#   };
+# in {
+#   services.openssh = {
+#     enable = true;
+#     extraConfig = sshOptions
+#       |> lib.mapAttrsToList (name: value: "${name} ${value}")
+#       |> lib.concatStringsSep "\n";
+#   };
+# }
+{}

modules/home/default.nix

@@ -1,10 +1,8 @@
-{ config, pkgs, inputs, lib, ... }: {
+{ config, options, pkgs, inputs, lib, ... }: {
   home.username = "thegeneralist";
-  home.homeDirectory = "/home/thegeneralist";
+  home.homeDirectory = if options.onLinux then "/home/thegeneralist" else "/Users/thegeneralist";
 
   home.packages = with pkgs; [
-    android-tools
-
     zip
     xz
     unzip

modules/linux/dns.nix

@@ -0,0 +1,15 @@
+{ config, lib, ... }: let
+  inherit (lib) concatStringsSep;
+in {
+  # TODO: add fallback & check other options
+  services.resolved = {
+    enable = true;
+
+    extraConfig = config.dnsServers
+      |> map (server: "DNS=${server}")
+      |> concatStringsSep "\n";
+
+    dnssec     = "true";
+    dnsovertls = "true";
+  };
+}

modules/linux/ghostty.nix

@@ -1,29 +0,0 @@
-{ pkgs, ... }: {
-  environment.variables = {
-    TERMINAL = "ghostty";
-  };
-
-  home-manager.sharedModules = [{
-    programs.ghostty = {
-      enable = true;
-      package = pkgs.ghostty;
-
-      clearDefaultKeybinds = false;
-      settings = {
-        theme = "tokyonight";
-        font-family = "JetBrainsMono NL NFM Medium";
-        font-size = 16;
-
-        shell-integration-features = "no-cursor";
-
-        cursor-style = "block";
-        background-opacity = 1;
-
-        background-blur-radius = 0;
-
-        gtk-titlebar = false;
-        mouse-hide-while-typing = true;
-      };
-    };
-  }];
-}

modules/linux/nix.nix

@@ -1,8 +0,0 @@
-{
-  # todo: gc
-  nix.settings.experimental-features = [
-    "flakes"
-    "nix-command"
-    "pipe-operators"
-  ];
-}

modules/linux/packages.nix

@@ -1,13 +1,8 @@
-{ pkgs, lib, agenix, ...}: let
+{ pkgs, lib, ...}: let
   inherit (lib) attrValues;
 in {
   environment.systemPackages = attrValues {
     inherit (pkgs)
-      wget
-      zsh
-      neovim
-      vim
-      home-manager
       protonup-qt
       pipewire
       pwvucontrol

modules/linux/ssh.nix

@@ -6,8 +6,4 @@
       PasswordAuthentication = false;
     };
   };
-
-  networking.firewall.enable = true;
-  networking.firewall.allowedTCPPorts = [ 22 ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
 }

modules/linux/tailscale.nix

@@ -1,4 +1,4 @@
-{ config, ... }: {
+{ config, ...}: {
   age.secrets.tailscaleMarshall.file = ./tailscale-marshall.age;
   services.tailscale = {
     enable = true;
@@ -11,7 +11,10 @@
     authKeyFile = config.age.secrets.tailscaleMarshall.path;
   };
 
-  networking.nameservers = [ "100.100.100.100" "8.8.8.8" "1.1.1.1" ];
-  networking.search = [ "shorthair-wall.ts.net" ];
+  networking.firewall.enable = true;
   networking.firewall.trustedInterfaces = [ "tailscale0" ];
+
+  # for SSH
+  networking.firewall.allowedTCPPorts = [ 22 ];
+  networking.nameservers = [ "100.100.100.100" "8.8.8.8" "1.1.1.1" ];
 }