chris/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Super simplify

Browse Source
This commit is contained in:
chris
2026-02-27 00:51:33 +00:00
parent e847828109
commit 0bfdb5858c
16 changed files with 464 additions and 445 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
flake.lock generated
View File

@@ -2,9 +2,7 @@
"nodes": {
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs-unstable"
]
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1768920986,
@@ -21,29 +19,142 @@
"type": "github"
}
},
"firefox-addons": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1772078860,
"narHash": "sha256-Pojf7QHic9RmZFIoWYx5LoHy1UytoOHuGnLH3U5Nipo=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "ae41eb07a37d1d5cd7b5714df0fbcb315c492e4d",
"type": "gitlab"
},
"original": {
"dir": "pkgs/firefox-addons",
"owner": "rycee",
"repo": "nur-expressions",
"type": "gitlab"
}
},
"home-manager": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1772020340,
"narHash": "sha256-aqBl3GNpCadMoJ/hVkWTijM1Aeilc278MjM+LA3jK6g=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "36e38ca0d9afe4c55405fdf22179a5212243eecc",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.11",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"impermanence",
"nixpkgs"
]
},
"locked": {
"lastModified": 1772060133,
"narHash": "sha256-VuyRptb8v1lVGMlLp4/1vRX3Efwec0CN0S6mKmDPzLg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ce9b6e52500a0ea0ec48f0bbf6d7a3e431d9dfa4",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"inputs": {
"home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1769548169,
"narHash": "sha256-03+JxvzmfwRu+5JafM0DLbxgHttOQZkUtDWBmeUkN8Y=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "7b1d382faf603b6d264f58627330f9faa5cba149",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1772082373,
"narHash": "sha256-wySf8a6hvuqgFdwvvzPPTARBCMLDz7WFAufGkllD1M4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "26eaeac4e409d7b5a6bf6f90a2a2dc223c78d915",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1771903837,
"narHash": "sha256-sdaqdnsQCv3iifzxwB22tUwN/fSHoN7j2myFW5EIkGk=",
"owner": "nixos",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e764fc9a405871f1f6ca3d1394fb422e0a0c3951",
"type": "github"
},
"original": {
"owner": "nixos",
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"nixpkgs_3": {
"locked": {
"lastModified": 1714076141,
"narHash": "sha256-Drmja/f5MRHZCskS6mvzFqxEaZMeciScCTFxWVLqWEY=",
"lastModified": 1771848320,
"narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7bb2ccd8cdc44c91edba16c48d2c8f331fb3d856",
"rev": "2fc6539b481e1d2569f25f8799236694180c0993",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1771848320,
"narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2fc6539b481e1d2569f25f8799236694180c0993",
"type": "github"
},
"original": {
@@ -56,8 +167,10 @@
"root": {
"inputs": {
"disko": "disko",
"nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable"
"firefox-addons": "firefox-addons",
"home-manager": "home-manager",
"impermanence": "impermanence",
"nixpkgs": "nixpkgs_4"
}
}
},

341
flake.nix
View File

@@ -2,67 +2,49 @@
description = "Stationette nix config";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
#impermanence = {
# url = "github:nix-community/impermanence";
# inputs.nixpkgs.follows = "";
# inputs.home-manager.follows = "";
#};
#home-manager.url = "github:nix-community/home-manager/release-25.11";
#home-manager.inputs.nixpkgs.follows = "nixpkgs";
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko/latest";
disko.inputs.nixpkgs.follows = "nixpkgs-unstable";
#firefox-addons = {
# url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
# inputs.nixpkgs.follows = "nixpkgs";
#};
impermanence.url = "github:nix-community/impermanence";
home-manager.url = "github:nix-community/home-manager/release-25.11";
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
#home-manager,
#impermanence,
impermanence,
disko,
home-manager,
...
} @ inputs: let
lib = nixpkgs.lib;
# Supported systems for your flake packages, shell, etc.
# "aarch64-linux"
# "i686-linux"
# "x86_64-linux"
# "aarch64-darwin"
# "x86_64-darwin"
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
#pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
in {
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#stationette'
nixosConfigurations = {
stationette = nixpkgs.lib.nixosSystem {
modules = [
./hardware-configuration.nix
{
imports = [
{
#imports = [
# ./boot.nix
# ./networking.nix
# ./packages.nix
# ./programs.nix
# ./users.nix
#];
}
];
system.stateVersion = "25.11";
}
disko.nixosModules.disko
# nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- --flake=./#stationette --disk=stationette /dev/sda
impermanence.nixosModules.impermanence
home-manager.nixosModules.home-manager
{
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/networkmanager"
"/etc/ssh"
];
files = [
"/etc/machine-id"
];
};
# nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- --flake=./#stationette --disk=stationette /dev/sda
disko.devices = {
disk = {
stationette = {
@@ -110,20 +92,268 @@
};
};
};
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
networking = {
hostName = "stationette";
networkmanager.enable = true;
};
users.users.chris = {
uid = 1000;
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [
"chris"
"wheel"
"networkmanager"
];
};
programs.zsh = {
enable = true;
};
system.stateVersion = "25.11";
environment.systemPackages = with pkgs; [
#bat
#highlight
#btop
#eza
#fzf
#git
#gnumake
#neofetch
#neovim
#ripgrep
#tldr
#unzip
#openssl
#wget
#zip
#zoxide
#jq
#lazygit
#lazysql
#less
#mlocate
#tree
#tmux
#tmuxinator
#wget
#zenity
#gum
#yazi
#rsync
#p7zip
#impala
];
home-manager = {
users.chris = { pkgs, lib, ... }: {
home = {
username = "chris";
homeDirectory = "/home/chris";
stateVersion = "25.11";
persistence."/persist" = {
directories = [
"Downloads"
"Tower"
".config/dotfiles"
".local/share/direnv"
".ssh"
];
};
activation.setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would bootstrap dotfiles from labs.scarif.space"
fi
DOTFILES_DIR="$HOME/.config/dotfiles"
if [ -d "$DOTFILES_DIR/.git" ]; then
# Restore tracked files from the local metadata
${pkgs.git}/bin/git --git-dir="$DOTFILES_DIR/.git" --work-tree="$HOME" checkout -f
${pkgs.git}/bin/git submodule update --init --recursive
else
echo "Dotfiles not found. Running bootstrap script..."
# Setup a temporary workspace
TEMP_DIR=$(mktemp -d)
# Clone the repo (using the public URL for the initial pull)
${pkgs.git}/bin/git clone -b main https://labs.scarif.space/chris/dotfiles.git "$TEMP_DIR"
# Copy files to HOME
${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME"
# Initialize the separate git directory
${pkgs.coreutils}/bin/mkdir -p "$DOTFILES_DIR"
cd "$HOME"
${pkgs.git}/bin/git init --separate-git-dir "$DOTFILES_DIR/.git" "$HOME"
# Update submodules
${pkgs.git}/bin/git submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git
${pkgs.git}/bin/git submodule update --init
# Set URLs back to SSH
${pkgs.git}/bin/git submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git
${pkgs.git}/bin/git remote set-url origin git@labs.scarif.space:chris/dotfiles.git
# Clean up
${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR"
${pkgs.coreutils}/bin/rm -f "$HOME/.git"
echo "Dotfiles bootstrapped successfully."
fi
'';
packages = with pkgs; [
# jetbrains.rider
# android-studio
# beekeeper-studio
# brave
# discord
# spotify
# go
# lua
# nodePackages.pnpm
# (python3.withPackages (python-pkgs: [ python-pkgs.pip python-pkgs.requests ]))
# rustup
# zig
# obsidian
# thunderbird
# libreoffice-qt
# pkgs-unstable.nerd-fonts.fira-code
# hunspell
# blueberry
# steam
# steam-run
# viewnior
# pkgs-unstable.hyprshot
# catppuccin-cursors.macchiatoBlue
# catppuccin-gtk
# papirus-folders
# pkgs-unstable.php84Packages.composer
# pkgs-unstable.php84Packages.xdebug
# pkgs-unstable.php84Extensions.sqlite3
# pkgs-unstable.php84Extensions.redis
# pkgs-unstable.php84Extensions.sodium
# pkgs-unstable.php84Extensions.pgsql
# pkgs-unstable.php84Extensions.iconv
# pkgs-unstable.php84Extensions.gd
# pkgs-unstable.php84Extensions.zip
# php
# antigravity
# gimp
# kdePackages.dolphin
# enpass
# enpass-cli
# expressvpn
# jellyfin-ffmpeg
# inkscape
# krita
# libreoffice-fresh
# nextcloud-client
# nodejs_24
# signal-desktop
# sxiv
# tenacity
# unzip
# zathura
# ghostty
# wally-cli
# kdePackages.wacomtablet
# kdePackages.print-manager
# mpv
# vlc
# telegram-desktop
];
};
programs = let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
in {
# firefox = {
# enable = true;
# package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
# extraPolicies = {
# DisableTelemetry = true;
# DisableFirefoxStudies = true;
# EnableTrackingProtection = {
# Value= true;
# Locked = true;
# Cryptomining = true;
# Fingerprinting = true;
# };
# DisablePocket = true;
# DisableFirefoxAccounts = true;
# DisableAccounts = true;
# DisableFirefoxScreenshots = true;
# OverrideFirstRunPage = "";
# OverridePostUpdatePage = "";
# DontCheckDefaultBrowser = true;
# DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab"
# DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
# SearchBar = "unified"; # alternative: "separate"
# /* ---- EXTENSIONS ---- */
# ExtensionSettings = {
# "*".installation_mode = "allowed"; # blocks all addons except the ones specified below
# # Enpass
# "firefox-enpass@enpass.io" = {
# install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi";
# installation_mode = "force_installed";
# };
# };
# /* ---- PREFERENCES ---- */
# # Set preferences shared by all profiles.
# Preferences = {
# "browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
# "extensions.pocket.enabled" = lock-false;
# "extensions.screenshots.disabled" = lock-true;
# "browser.topsites.contile.enabled" = lock-false;
# "browser.formfill.enable" = lock-false;
# "browser.search.suggest.enabled" = lock-false;
# "browser.search.suggest.enabled.private" = lock-false;
# "browser.urlbar.suggest.searches" = lock-false;
# "browser.urlbar.showSearchSuggestionsFirst" = lock-false;
# "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
# "browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
# "browser.newtabpage.activity-stream.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
# };
# };
# };
# };
};
nixpkgs = {
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
permittedInsecurePackages = [
"electron-25.9.0" # Obsidian
"beekeeper-studio-5.3.4"
];
};
};
};
extraSpecialArgs = {
inherit inputs;
};
};
}
#home-manager.nixosModules.home-manager
#{
# imports = [
# impermanence.nixosModules.impermanence
# ];
# home-manager = {
# users.chris = import ./home;
# extraSpecialArgs = {
# inherit pkgs-unstable;
# inherit inputs;
# };
# };
#}
];
};
};
@@ -133,7 +363,6 @@
# chris = home-manager.lib.homeManagerConfiguration {
# inherit pkgs;
# extraSpecialArgs = {
# inherit pkgs-unstable;
# inherit inputs;
# };
# modules = [

52
hardware-configuration.nix
View File

@@ -4,22 +4,60 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-partlabel/disk-stationette-root";
fileSystems."/" = {
device = "/dev/disk/by-partlabel/disk-stationette-root";
fsType = "btrfs";
options = [ "subvol=root" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-partlabel/disk-stationette-ESP";
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/disk/by-label/disk-stationette-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(dat +%Y-%m-%d_%H-%M-%S)
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9 -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
fileSystems."/persist" = {
device = "/dev/disk/by-partlabel/disk-stationette-root";
neededForBoot = true;
fsType = "btrfs";
options = [ "subvol=persist" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-partlabel/disk-stationette-root";
neededForBoot = true;
fsType = "btrfs";
options = [ "subvol=nix" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-partlabel/disk-stationette-ESP";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};

21
home/default.nix
View File

@@ -1,21 +0,0 @@
{
inputs,
lib,
config,
pkgs,
pkgs-unstable,
...
}: {
imports = [
inputs.impermanence.nixosModules.home-manager.impermanence
./user
];
home = {
username = "chris";
homeDirectory = "/home/chris";
};
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
home.stateVersion = "23.05";
}

19
home/user/default.nix
View File

@@ -1,19 +0,0 @@
{
imports = [
./packages.nix
./programs.nix
./scripts.nix
];
nixpkgs = {
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
permittedInsecurePackages = [
"electron-25.9.0" # Obsidian
"beekeeper-studio-5.3.4"
];
};
};
}

12
home/user/impermanence.nix
View File

@@ -1,12 +0,0 @@
{
home.persistenec."/persist/home/chris" = {
directories = [
"Downloads"
"Tower"
".config/dotfiles"
".local/share/direnv"
".ssh"
];
"allowOther" = true;
};
}

65
home/user/packages.nix
View File

@@ -1,65 +0,0 @@
{ pkgs, pkgs-unstable, ... }:
{
home.packages = with pkgs; [
# jetbrains.rider
# android-studio
# beekeeper-studio
# brave
# discord
# spotify
# go
# lua
# nodePackages.pnpm
# (python3.withPackages (python-pkgs: [ python-pkgs.pip python-pkgs.requests ]))
# rustup
# zig
# obsidian
# thunderbird
# libreoffice-qt
# pkgs-unstable.nerd-fonts.fira-code
# hunspell
# blueberry
# steam
# steam-run
# viewnior
# pkgs-unstable.hyprshot
# catppuccin-cursors.macchiatoBlue
# catppuccin-gtk
# papirus-folders
# pkgs-unstable.php84Packages.composer
# pkgs-unstable.php84Packages.xdebug
# pkgs-unstable.php84Extensions.sqlite3
# pkgs-unstable.php84Extensions.redis
# pkgs-unstable.php84Extensions.sodium
# pkgs-unstable.php84Extensions.pgsql
# pkgs-unstable.php84Extensions.iconv
# pkgs-unstable.php84Extensions.gd
# pkgs-unstable.php84Extensions.zip
# php
# antigravity
# gimp
# kdePackages.dolphin
# enpass
# enpass-cli
# expressvpn
# jellyfin-ffmpeg
# inkscape
# krita
# libreoffice-fresh
# nextcloud-client
# nodejs_24
# signal-desktop
# sxiv
# tenacity
# unzip
# zathura
# ghostty
# wally-cli
# kdePackages.wacomtablet
# kdePackages.print-manager
# mpv
# vlc
# telegram-desktop
];
}

75
home/user/programs.nix
View File

@@ -1,75 +0,0 @@
{ pkgs, inputs, ... }:
let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
in
{
programs = {
# firefox = {
# enable = true;
# package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
# extraPolicies = {
# DisableTelemetry = true;
# DisableFirefoxStudies = true;
# EnableTrackingProtection = {
# Value= true;
# Locked = true;
# Cryptomining = true;
# Fingerprinting = true;
# };
# DisablePocket = true;
# DisableFirefoxAccounts = true;
# DisableAccounts = true;
# DisableFirefoxScreenshots = true;
# OverrideFirstRunPage = "";
# OverridePostUpdatePage = "";
# DontCheckDefaultBrowser = true;
# DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab"
# DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
# SearchBar = "unified"; # alternative: "separate"
# /* ---- EXTENSIONS ---- */
# ExtensionSettings = {
# "*".installation_mode = "allowed"; # blocks all addons except the ones specified below
# # Enpass
# "firefox-enpass@enpass.io" = {
# install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi";
# installation_mode = "force_installed";
# };
# };
# /* ---- PREFERENCES ---- */
# # Set preferences shared by all profiles.
# Preferences = {
# "browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
# "extensions.pocket.enabled" = lock-false;
# "extensions.screenshots.disabled" = lock-true;
# "browser.topsites.contile.enabled" = lock-false;
# "browser.formfill.enable" = lock-false;
# "browser.search.suggest.enabled" = lock-false;
# "browser.search.suggest.enabled.private" = lock-false;
# "browser.urlbar.suggest.searches" = lock-false;
# "browser.urlbar.showSearchSuggestionsFirst" = lock-false;
# "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
# "browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
# "browser.newtabpage.activity-stream.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
# };
# };
# };
# };
};
programs.home-manager.enable = true;
}

43
home/user/scripts.nix
View File

@@ -1,43 +0,0 @@
{ config, pkgs, lib, ... }:
{
home.activation.setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] ''
DOTFILES_DIR="$HOME/.config/dotfiles"
if [ ! -d "$DOTFILES_DIR/.git" ]; then
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would bootstrap dotfiles from labs.scarif.space"
else
echo "Dotfiles not found. Running bootstrap script..."
# Setup a temporary workspace
TEMP_DIR=$(mktemp -d)
# Clone the repo (using the public URL for the initial pull)
${pkgs.git}/bin/git clone -b main https://labs.scarif.space/chris/dotfiles.git "$TEMP_DIR"
# Copy files to HOME
${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME"
# Initialize the separate git directory
${pkgs.coreutils}/bin/mkdir -p "$DOTFILES_DIR"
cd "$HOME"
${pkgs.git}/bin/git init --separate-git-dir "$DOTFILES_DIR/.git" "$HOME"
# Update submodules
${pkgs.git}/bin/git submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git
${pkgs.git}/bin/git submodule update --init
# Set URLs back to SSH
${pkgs.git}/bin/git submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git
${pkgs.git}/bin/git remote set-url origin git@labs.scarif.space:chris/dotfiles.git
# Clean up
${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR"
${pkgs.coreutils}/bin/rm -f "$HOME/.git"
echo "Dotfiles bootstrapped successfully."
fi
fi
'';
}

34
modules/boot.nix
View File

@@ -1,34 +0,0 @@
{ config, pkgs, lib, ... }:
{
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/disk/by-label/NIXOS /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(dat +%Y-%m-%d_%H-%M-%S)
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9 -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
}

11
modules/default.nix
View File

@@ -1,11 +0,0 @@
{ ... }:
{
imports = [
./boot.nix
./networking.nix
./packages.nix
./programs.nix
./users.nix
];
}

14
modules/impermanenc.nix
View File

@@ -1,14 +0,0 @@
{
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/networkmanager"
"/etc/ssh"
];
files = [
"/etc/machine-id"
]
};
}

8
modules/networking.nix
View File

@@ -1,8 +0,0 @@
{ config, pkgs, ... }:
{
networking = {
hostName = "stationette";
networkmanager.enable = true;
};
}

37
modules/packages.nix
View File

@@ -1,37 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
bat
highlight
btop
eza
fzf
git
gnumake
neofetch
neovim
ripgrep
tldr
unzip
openssl
wget
zip
zoxide
jq
lazygit
lazysql
less
mlocate
tree
tmux
tmuxinator
wget
zenity
gum
yazi
rsync
p7zip
impala
];
}

9
modules/programs.nix
View File

@@ -1,9 +0,0 @@
{ config, pkgs, ... }:
{
programs = {
zsh = {
enable = true;
};
};
}

13
modules/users.nix
View File

@@ -1,13 +0,0 @@
{ config, pkgs, ... }:
{
users.users.chris = {
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [
"chris"
"wheel"
"networkmanager"
];
};
}