diff --git a/flake.nix b/flake.nix index d8d361a..dfde150 100644 --- a/flake.nix +++ b/flake.nix @@ -36,42 +36,43 @@ disko.devices = { disk = { stationette = { - type = "disk"; - device = "/dev/sda"; # Check this with lsblk - content = { - type = "gpt"; - partitions = { - ESP = { - size = "512M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "fmask=0022" "dmask=0022" "umask=0077" ]; + type = "disk"; + device = "/dev/sda"; # Check this with lsblk + content = { + type = "gpt"; + partitions = { + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "fmask=0022" "dmask=0022" "umask=0077" ]; + }; }; - }; - root = { - size = "100%"; - content = { - type = "btrfs"; - extraArgs = [ "-f" ]; # Force overwrite - subvolumes = { - "/root" = { - mountpoint = "/"; - mountOptions = [ "compress=zstd" "noatime" ]; - }; - "/nix" = { - mountpoint = "/nix"; - mountOptions = [ "compress=zstd" "noatime" ]; - }; - "/persist" = { - mountpoint = "/persist"; - mountOptions = [ "compress=zstd" "noatime" ]; - }; - "/swap" = { - mountpoint = "/.swapvol"; - swap.swapfile.size = "8G"; + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; # Force overwrite + subvolumes = { + "/root" = { + mountpoint = "/"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/nix" = { + mountpoint = "/nix"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/persist" = { + mountpoint = "/persist"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/swap" = { + mountpoint = "/.swapvol"; + swap.swapfile.size = "8G"; + }; }; }; }; @@ -80,295 +81,294 @@ }; }; }; - }; - boot.loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - environment = { - persistence."/persist" = { - hideMounts = true; - directories = [ - "/var/log" - "/var/lib/bluetooth" - "/var/lib/networkmanager" - "/etc/ssh" - ]; - files = [ - "/etc/machine-id" + boot.loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + environment = { + persistence."/persist" = { + hideMounts = true; + directories = [ + "/var/log" + "/var/lib/bluetooth" + "/var/lib/networkmanager" + "/etc/ssh" + ]; + files = [ + "/etc/machine-id" + ]; + }; + systemPackages = with pkgs; [ + bat + #highlight + btop + eza + fzf + git + #gnumake + #neofetch + neovim + ripgrep + tldr + unzip + openssl + wget + zip + zoxide + jq + lazygit + #sqlit + less + mlocate + tree + tmux + tmuxinator + wget + zenity + gum + yazi + rsync + p7zip + impala ]; }; - systemPackages = with pkgs; [ - bat - #highlight - btop - eza - fzf - git - #gnumake - #neofetch - neovim - ripgrep - tldr - unzip - openssl - wget - zip - zoxide - jq - lazygit - #sqlit - less - mlocate - tree - tmux - tmuxinator - wget - zenity - gum - yazi - rsync - p7zip - impala - ]; - }; - networking = { - hostName = "stationette"; - networkmanager.enable = true; - }; - users.users.chris = { - uid = 1000; - isNormalUser = true; - initialPassword = "changeme123"; - shell = pkgs.zsh; - extraGroups = [ - "chris" - "wheel" - "networkmanager" - ]; - }; - programs.zsh = { - enable = true; - }; + networking = { + hostName = "stationette"; + networkmanager.enable = true; + }; + users.users.chris = { + uid = 1000; + isNormalUser = true; + initialPassword = "changeme123"; + shell = pkgs.zsh; + extraGroups = [ + "chris" + "wheel" + "networkmanager" + ]; + }; + programs.zsh = { + enable = true; + }; - system.stateVersion = "25.11"; - home-manager = { - users.chris = { pkgs, lib, ... }: { - home = { - username = "chris"; - homeDirectory = "/home/chris"; - stateVersion = "25.11"; - persistence."/persist" = { - directories = [ - "Downloads" - "Tower" - ".config/dotfiles" - ".local/share/direnv" - ".ssh" - ]; - }; - activation.setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] '' + system.stateVersion = "25.11"; + home-manager = { + users.chris = { pkgs, lib, ... }: { + home = { + username = "chris"; + homeDirectory = "/home/chris"; + stateVersion = "25.11"; + persistence."/persist" = { + directories = [ + "Downloads" + "Tower" + ".config/dotfiles" + ".local/share/direnv" + ".ssh" + ]; + }; + activation.setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] '' if [[ -v DRY_RUN ]]; then echo "Dry run: Would bootstrap dotfiles from labs.scarif.space" - exit + exit fi DOTFILES_DIR="$HOME/.config/dotfiles" if [ -d "$DOTFILES_DIR/.git" ]; then - SOURCE="$DOTFILES_DIR/.git" + SOURCE="$DOTFILES_DIR/.git" else - SOURCE="https://labs.scarif.space/chris/dotfiles.git" + SOURCE="https://labs.scarif.space/chris/dotfiles.git" # Initialize the separate git directory if [ ! -d "$DOTFILES_DIR" ]; then - ${pkgs.coreutils}/bin/mkdir -p "$DOTFILES_DIR" - fi - fi + ${pkgs.coreutils}/bin/mkdir -p "$DOTFILES_DIR" + fi + fi TEMP_DIR=$(mktemp -d) - ${pkgs.git}/bin/git clone -b main "$SOURCE" "$TEMP_DIR" + ${pkgs.git}/bin/git clone -b main "$SOURCE" "$TEMP_DIR" - ${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME" + ${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME" cd "$HOME" - ${pkgs.git}/bin/git init --separate-git-dir "$DOTFILES_DIR/.git" "$HOME" + ${pkgs.git}/bin/git init --separate-git-dir "$DOTFILES_DIR/.git" "$HOME" - ${pkgs.git}/bin/git submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git - ${pkgs.git}/bin/git submodule update --init + ${pkgs.git}/bin/git submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git + ${pkgs.git}/bin/git submodule update --init - ${pkgs.git}/bin/git submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git - ${pkgs.git}/bin/git remote set-url origin git@labs.scarif.space:chris/dotfiles.git + ${pkgs.git}/bin/git submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git + ${pkgs.git}/bin/git remote set-url origin git@labs.scarif.space:chris/dotfiles.git # Clean up - ${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR" - ${pkgs.coreutils}/bin/rm -f "$HOME/.git" + ${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR" + ${pkgs.coreutils}/bin/rm -f "$HOME/.git" echo "Dotfiles bootstrapped successfully." - ''; - packages = with pkgs; [ - # jetbrains.rider - # android-studio - # beekeeper-studio - # brave - # discord - # spotify - # go - # lua - # nodePackages.pnpm - # (python3.withPackages (python-pkgs: [ python-pkgs.pip python-pkgs.requests ])) - # rustup - # zig - # obsidian - # thunderbird - # libreoffice-qt - # pkgs-unstable.nerd-fonts.fira-code - # hunspell - # blueberry - # steam - # steam-run - # viewnior - # pkgs-unstable.hyprshot - # catppuccin-cursors.macchiatoBlue - # catppuccin-gtk - # papirus-folders - # pkgs-unstable.php84Packages.composer - # pkgs-unstable.php84Packages.xdebug - # pkgs-unstable.php84Extensions.sqlite3 - # pkgs-unstable.php84Extensions.redis - # pkgs-unstable.php84Extensions.sodium - # pkgs-unstable.php84Extensions.pgsql - # pkgs-unstable.php84Extensions.iconv - # pkgs-unstable.php84Extensions.gd - # pkgs-unstable.php84Extensions.zip - # php - # antigravity - # gimp - # kdePackages.dolphin - # enpass - # enpass-cli - # expressvpn - # jellyfin-ffmpeg - # inkscape - # krita - # libreoffice-fresh - # nextcloud-client - # nodejs_24 - # signal-desktop - # sxiv - # tenacity - # unzip - # zathura - # ghostty - # wally-cli - # kdePackages.wacomtablet - # kdePackages.print-manager - # mpv - # vlc - # telegram-desktop - ]; - }; - programs = let - lock-false = { - Value = false; - Status = "locked"; - }; - lock-true = { - Value = true; - Status = "locked"; - }; - in { - # firefox = { - # enable = true; - # package = pkgs.wrapFirefox pkgs.firefox-unwrapped { - # extraPolicies = { - # DisableTelemetry = true; - # DisableFirefoxStudies = true; - # EnableTrackingProtection = { - # Value= true; - # Locked = true; - # Cryptomining = true; - # Fingerprinting = true; - # }; - # DisablePocket = true; - # DisableFirefoxAccounts = true; - # DisableAccounts = true; - # DisableFirefoxScreenshots = true; - # OverrideFirstRunPage = ""; - # OverridePostUpdatePage = ""; - # DontCheckDefaultBrowser = true; - # DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab" - # DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on" - # SearchBar = "unified"; # alternative: "separate" - - # /* ---- EXTENSIONS ---- */ - # ExtensionSettings = { - # "*".installation_mode = "allowed"; # blocks all addons except the ones specified below - # # Enpass - # "firefox-enpass@enpass.io" = { - # install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi"; - # installation_mode = "force_installed"; - # }; - # }; - - # /* ---- PREFERENCES ---- */ - # # Set preferences shared by all profiles. - # Preferences = { - # "browser.contentblocking.category" = { Value = "strict"; Status = "locked"; }; - # "extensions.pocket.enabled" = lock-false; - # "extensions.screenshots.disabled" = lock-true; - # "browser.topsites.contile.enabled" = lock-false; - # "browser.formfill.enable" = lock-false; - # "browser.search.suggest.enabled" = lock-false; - # "browser.search.suggest.enabled.private" = lock-false; - # "browser.urlbar.suggest.searches" = lock-false; - # "browser.urlbar.showSearchSuggestionsFirst" = lock-false; - # "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false; - # "browser.newtabpage.activity-stream.feeds.snippets" = lock-false; - # "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false; - # "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false; - # "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false; - # "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false; - # "browser.newtabpage.activity-stream.showSponsored" = lock-false; - # "browser.newtabpage.activity-stream.system.showSponsored" = lock-false; - # "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false; - # }; - # }; - # }; - # }; - }; - nixpkgs = { - config = { - allowUnfree = true; - allowUnfreePredicate = (_: true); - - permittedInsecurePackages = [ - "electron-25.9.0" # Obsidian - "beekeeper-studio-5.3.4" + ''; + packages = with pkgs; [ + # jetbrains.rider + # android-studio + # beekeeper-studio + # brave + # discord + # spotify + # go + # lua + # nodePackages.pnpm + # (python3.withPackages (python-pkgs: [ python-pkgs.pip python-pkgs.requests ])) + # rustup + # zig + # obsidian + # thunderbird + # libreoffice-qt + # pkgs-unstable.nerd-fonts.fira-code + # hunspell + # blueberry + # steam + # steam-run + # viewnior + # pkgs-unstable.hyprshot + # catppuccin-cursors.macchiatoBlue + # catppuccin-gtk + # papirus-folders + # pkgs-unstable.php84Packages.composer + # pkgs-unstable.php84Packages.xdebug + # pkgs-unstable.php84Extensions.sqlite3 + # pkgs-unstable.php84Extensions.redis + # pkgs-unstable.php84Extensions.sodium + # pkgs-unstable.php84Extensions.pgsql + # pkgs-unstable.php84Extensions.iconv + # pkgs-unstable.php84Extensions.gd + # pkgs-unstable.php84Extensions.zip + # php + # antigravity + # gimp + # kdePackages.dolphin + # enpass + # enpass-cli + # expressvpn + # jellyfin-ffmpeg + # inkscape + # krita + # libreoffice-fresh + # nextcloud-client + # nodejs_24 + # signal-desktop + # sxiv + # tenacity + # unzip + # zathura + # ghostty + # wally-cli + # kdePackages.wacomtablet + # kdePackages.print-manager + # mpv + # vlc + # telegram-desktop ]; }; + programs = let + lock-false = { + Value = false; + Status = "locked"; + }; + lock-true = { + Value = true; + Status = "locked"; + }; + in { + # firefox = { + # enable = true; + # package = pkgs.wrapFirefox pkgs.firefox-unwrapped { + # extraPolicies = { + # DisableTelemetry = true; + # DisableFirefoxStudies = true; + # EnableTrackingProtection = { + # Value= true; + # Locked = true; + # Cryptomining = true; + # Fingerprinting = true; + # }; + # DisablePocket = true; + # DisableFirefoxAccounts = true; + # DisableAccounts = true; + # DisableFirefoxScreenshots = true; + # OverrideFirstRunPage = ""; + # OverridePostUpdatePage = ""; + # DontCheckDefaultBrowser = true; + # DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab" + # DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on" + # SearchBar = "unified"; # alternative: "separate" + + # /* ---- EXTENSIONS ---- */ + # ExtensionSettings = { + # "*".installation_mode = "allowed"; # blocks all addons except the ones specified below + # # Enpass + # "firefox-enpass@enpass.io" = { + # install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi"; + # installation_mode = "force_installed"; + # }; + # }; + + # /* ---- PREFERENCES ---- */ + # # Set preferences shared by all profiles. + # Preferences = { + # "browser.contentblocking.category" = { Value = "strict"; Status = "locked"; }; + # "extensions.pocket.enabled" = lock-false; + # "extensions.screenshots.disabled" = lock-true; + # "browser.topsites.contile.enabled" = lock-false; + # "browser.formfill.enable" = lock-false; + # "browser.search.suggest.enabled" = lock-false; + # "browser.search.suggest.enabled.private" = lock-false; + # "browser.urlbar.suggest.searches" = lock-false; + # "browser.urlbar.showSearchSuggestionsFirst" = lock-false; + # "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false; + # "browser.newtabpage.activity-stream.feeds.snippets" = lock-false; + # "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false; + # "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false; + # "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false; + # "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false; + # "browser.newtabpage.activity-stream.showSponsored" = lock-false; + # "browser.newtabpage.activity-stream.system.showSponsored" = lock-false; + # "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false; + # }; + # }; + # }; + # }; + }; + nixpkgs = { + config = { + allowUnfree = true; + allowUnfreePredicate = (_: true); + + permittedInsecurePackages = [ + "electron-25.9.0" # Obsidian + "beekeeper-studio-5.3.4" + ]; + }; + }; + }; + extraSpecialArgs = { + inherit inputs; }; }; - extraSpecialArgs = { - inherit inputs; - }; - }; - } - ]; + } + ]; + }; }; - }; - # Standalone home-manager configuration entrypoint - #homeConfigurations = { - # chris = home-manager.lib.homeManagerConfiguration { - # inherit pkgs; - # extraSpecialArgs = { - # inherit inputs; - # }; - # modules = [ - # ./home - # ]; - # }; - #}; - }; + # Standalone home-manager configuration entrypoint + #homeConfigurations = { + # chris = home-manager.lib.homeManagerConfiguration { + # inherit pkgs; + # extraSpecialArgs = { + # inherit inputs; + # }; + # modules = [ + # ./home + # ]; + # }; + #}; + }; }