diff --git a/.gitignore b/.gitignore index 061818a..3f189cc 100644 --- a/.gitignore +++ b/.gitignore @@ -9,7 +9,7 @@ .DS_Store Thumbs.db ehthumbs.db - +secrets # === Editor Configs === .vscode/ .idea/ diff --git a/flake.lock b/flake.lock index da015d9..0a7908a 100644 --- a/flake.lock +++ b/flake.lock @@ -201,14 +201,18 @@ "secrets": { "flake": false, "locked": { - "path": "git@git.sr.ht/~sposito/secrets", - "type": "path" + "lastModified": 1768616087, + "narHash": "sha256-A/3XkeLfNCRUJYMa9f44VYsv6tWYuIMeDrra1J5GYqs=", + "ref": "refs/heads/main", + "rev": "d540ed7731df4e19a15afe810630e5c7786630c4", + "revCount": 3, + "type": "git", + "url": "ssh://git@git.sr.ht/~sposito/secrets" }, "original": { - "path": "git@git.sr.ht/~sposito/secrets", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "ssh://git@git.sr.ht/~sposito/secrets" + } }, "sops-nix": { "inputs": { diff --git a/flake.nix b/flake.nix index ecf9615..a7a5326 100644 --- a/flake.nix +++ b/flake.nix @@ -21,7 +21,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; secrets = { - url = "git@git.sr.ht/~sposito/secrets"; + url = "git+ssh://git@git.sr.ht/~sposito/secrets"; flake = false; }; }; @@ -95,6 +95,7 @@ modules = [ ./home-manager/nixstation.nix + inputs.sops-nix.homeManagerModules.sops ]; }; }; diff --git a/home-manager/emacs/default.nix b/home-manager/emacs/default.nix index b269ea1..bab4d66 100644 --- a/home-manager/emacs/default.nix +++ b/home-manager/emacs/default.nix @@ -21,6 +21,8 @@ emacsPackages.vterm emacsPackages.treemacs emacsPackages.doom + emacsPackages.mu4e + mu sbcl ]; diff --git a/home-manager/emacs/doom/banner.txt b/home-manager/emacs/doom/banner.txt new file mode 100644 index 0000000..11066d0 --- /dev/null +++ b/home-manager/emacs/doom/banner.txt @@ -0,0 +1,13 @@ + + █████████ ███ █████ + ███░░░░░███ ░░░ ░░███ + ░███ ░░░ ████████ ██████ █████ ████ ███████ ██████ + ░░█████████ ░░███░░███ ███░░███ ███░░ ░░███ ░░░███░ ███░░███ + ░░░░░░░░███ ░███ ░███░███ ░███░░█████ ░███ ░███ ░███ ░███ + ███ ░███ ░███ ░███░███ ░███ ░░░░███ ░███ ░███ ███░███ ░███ + ░░█████████ ░███████ ░░██████ ██████ █████ ██ ░░█████ ░░██████ + ░░░░░░░░░ ░███░░░ ░░░░░░ ░░░░░░ ░░░░░ ░░ ░░░░░ ░░░░░░ + ░███ ___ __ __ __ ___ __ + █████ | __| V |/ \ / _//' _/ + ░░░░░ | _|| \_/ | /\ | \__`._`. + |___|_| |_|_||_|\__/|___/ diff --git a/home-manager/emacs/doom/config.el b/home-manager/emacs/doom/config.el index b06e857..0e12f70 100644 --- a/home-manager/emacs/doom/config.el +++ b/home-manager/emacs/doom/config.el @@ -1,7 +1,18 @@ ;;; $DOOMDIR/config.el -*- lexical-binding: t; -*- +;; Add NixOS mu4e to load-path +(let ((mu4e-dir (car (file-expand-wildcards "~/.nix-profile/share/emacs/site-lisp/elpa/mu4e-*")))) + (when mu4e-dir + (add-to-list 'load-path mu4e-dir))) (add-hook 'scheme-mode-hook #'smartparens-strict-mode) +(defun my-doom-ascii-banner () + (let ((banner-file (expand-file-name "banner.txt" doom-user-dir))) + (when (file-exists-p banner-file) + (insert-file-contents banner-file)))) + +(setq +doom-dashboard-ascii-banner-fn #'my-doom-ascii-banner) + (use-package! lsp-mode :config (add-to-list 'lsp-language-id-configuration '(fennel-mode . "fennel")) @@ -45,3 +56,22 @@ (map! :desc "Toggle terminal (vterm)" "C-~" #'vterm) +(after! mu4e + (setq mu4e-get-mail-command "mbsync -a" + mu4e-update-interval 300 + mu4e-maildir "~/Maildir" + mu4e-change-filenames-when-moving t + sendmail-program "msmtp" + send-mail-function #'sendmail-send-it + message-sendmail-f-is-evil t + message-sendmail-extra-arguments '("--read-envelope-from") + message-send-mail-function #'message-send-mail-with-sendmail) + + (set-email-account! "Proton" + '((mu4e-sent-folder . "/proton/Sent") + (mu4e-drafts-folder . "/proton/Drafts") + (mu4e-trash-folder . "/proton/Trash") + (mu4e-refile-folder . "/proton/Archive") + (user-mail-address . "th.spo@pm.me") + (user-full-name . "Thiago Sposito")) + t)) diff --git a/home-manager/emacs/doom/init.el b/home-manager/emacs/doom/init.el index 80a72f0..77d4a21 100644 --- a/home-manager/emacs/doom/init.el +++ b/home-manager/emacs/doom/init.el @@ -100,7 +100,7 @@ (eval +overlay) ; run code, run (also, repls) lookup ; navigate your code and its documentation llm ; when I said you needed friends, I didn't mean... - (lsp +peek) + lsp ;;(lsp +eglot) ; M-x vscode magit ; a git porcelain for Emacs ;;make ; run make tasks from Emacs @@ -111,8 +111,8 @@ tree-sitter ; syntax and parsing, sitting in a tree... upload ; map local to remote projects via ssh/ftp - :os - (:if (featurep :system 'macos) macos) ; improve compatibility with macOS + ; :os + ;(:if (featurep :system 'macos) macos) ; improve compatibility with macOS ;;tty ; improve the terminal Emacs experience :lang @@ -156,7 +156,7 @@ (lua +fennel +lsp) ; one-based indices? one-based indices markdown ; writing docs for people to ignore ;;nim ; python + lisp at the speed of c - ;;nix ; I hereby declare "nix geht mehr!" + nix ; I hereby declare "nix geht mehr!" ;;ocaml ; an objective camel org ; organize your plain life in plain text ;;php ; perl's insecure younger brother @@ -183,11 +183,12 @@ ;;zig ; C, but simpler :email - ;;(mu4e +org +gmail) + (mu4e +mbsync +org) + ;;notmuch ;;(wanderlust +gmail) - :app: + :app ;;calendar ;;emms ;;everywhere ; *leave* Emacs!? You must be joking diff --git a/home-manager/gnome/default.nix b/home-manager/gnome/default.nix index cfc6359..593eebc 100644 --- a/home-manager/gnome/default.nix +++ b/home-manager/gnome/default.nix @@ -30,6 +30,7 @@ home.packages = with pkgs; [ gnome-tweaks gnomeExtensions.appindicator + gnomeExtensions.force-quit gnomeExtensions.forge gnomeExtensions.gsconnect gnomeExtensions.pop-shell diff --git a/home-manager/home.nix b/home-manager/home.nix index 544cfe4..0c871a8 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -2,6 +2,7 @@ pkgs, lib, inputs, + sops, ... }: let @@ -25,7 +26,9 @@ in ./gnome ./icons.nix ./nvim + ./services ./zsh.nix + ./mail.nix ]; nixpkgs = { @@ -77,6 +80,7 @@ in pandoc pinentry-curses podman + protonmail-bridge python3 racket ripgrep @@ -163,19 +167,34 @@ in background_opacity = 1.0; }; }; - + mbsync.enable = true; vscode = { enable = true; }; }; - services.gpg-agent = { - enable = true; - enableZshIntegration = true; - pinentry.package = pkgs.pinentry-curses; - }; + services = { - #systemd.user.startServices = "sd-switch"; + gpg-agent = { + enable = true; + enableZshIntegration = true; + pinentry.package = pkgs.pinentry-curses; + }; + + protonmail-bridge = { + enable = true; + extraPackages = [ + pkgs.gnome-keyring + ]; + + }; + + }; + sops = { + gnupg.home = "/home/thiago/.gnupg"; + age.keyFile = null; # We are using the Nitrokey (PGP) instead + }; + #systemd.user.startServices = "sd-switch"; home.stateVersion = "25.11"; # sops configuration diff --git a/home-manager/mail.nix b/home-manager/mail.nix new file mode 100644 index 0000000..4701132 --- /dev/null +++ b/home-manager/mail.nix @@ -0,0 +1,58 @@ +{ + pkgs, + config, + sops, + secrets, + ... +}: +{ + sops.secrets = { + "mailpass" = { + sopsFile = secrets.outPath + "/mail.yaml"; + key = "password"; + }; + }; + + accounts.email.accounts.proton = { + primary = true; + address = "th.spo@pm.me"; + userName = "thiago@sposito.ch"; + realName = "Thiago Sposito"; + passwordCommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets.mailpass.path}"; + imap = { + host = "127.0.0.1"; + port = 1143; + tls.enable = true; + }; + + smtp = { + host = "127.0.0.1"; + port = 1025; + tls.enable = true; + }; + + mbsync = { + enable = true; + create = "maildir"; + expunge = "both"; + extraConfig.account = { + SSLType = "STARTTLS"; + TLSType = "STARTTLS"; + CertificateFile = "~/.config/protonmail/bridge-v3/cert.pem"; + AuthMechs = "LOGIN"; + }; + }; + + msmtp = { + enable = true; + extraConfig = { + tls_starttls = "on"; + tls_certcheck = "off"; + }; + }; + }; + + programs.mbsync.enable = true; + programs.msmtp.enable = true; + programs.mu.enable = true; +} diff --git a/home-manager/services/comfy-ui.nix b/home-manager/services/comfy-ui.nix new file mode 100644 index 0000000..c61a129 --- /dev/null +++ b/home-manager/services/comfy-ui.nix @@ -0,0 +1,61 @@ +{ pkgs, config, lib, ... }: + +let + comfyuiSrc = pkgs.fetchFromGitHub { + owner = "Comfy-Org"; + repo = "ComfyUI"; + rev = "master"; + sha256 = "PQfZ0PD/PQn49ElGdzt/El8JrU7clETcLi/6ZUxm8f8="; + }; + + dataDir = "${config.home.homeDirectory}/.local/share/comfyui"; + venvDir = "${dataDir}/.venv"; + + startScript = pkgs.writeShellScript "comfyui-start" '' + set -e + + export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:${pkgs.zlib}/lib:${pkgs.libGL}/lib:/run/opengl-driver/lib:$LD_LIBRARY_PATH" + + mkdir -p ${dataDir} + + # Copy source if not exists or update + if [ ! -f "${dataDir}/main.py" ]; then + cp -r ${comfyuiSrc}/* ${dataDir}/ + chmod -R u+w ${dataDir} + fi + + cd ${dataDir} + + # Create venv on first run + if [ ! -d "${venvDir}" ]; then + ${pkgs.python313}/bin/python -m venv ${venvDir} + ${venvDir}/bin/pip install --upgrade pip + fi + + # Always ensure deps are installed + if [ ! -f "${venvDir}/.deps-installed" ]; then + ${venvDir}/bin/pip install torch torchvision torchaudio --extra-index-url https://download.pytorch.org/whl/cu124 + ${venvDir}/bin/pip install -r requirements.txt + touch ${venvDir}/.deps-installed + fi + + exec ${venvDir}/bin/python main.py "$@" + ''; +in +{ + home.packages = [ pkgs.python313 pkgs.git ]; + + systemd.user.services.comfy-ui = { + Unit = { + Description = "ComfyUI"; + After = [ "network.target" ]; + }; + Service = { + Type = "simple"; + ExecStart = "${startScript}"; + Restart = "on-failure"; + Environment = [ "CUDA_VISIBLE_DEVICES=0" ]; + }; + Install.WantedBy = [ "default.target" ]; + }; +} \ No newline at end of file diff --git a/home-manager/services/default.nix b/home-manager/services/default.nix new file mode 100644 index 0000000..5cf99f7 --- /dev/null +++ b/home-manager/services/default.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + imports = [ + ./comfy-ui.nix + ]; +} + diff --git a/hosts/common/network.nix b/hosts/common/network.nix index 9746e01..80952e0 100644 --- a/hosts/common/network.nix +++ b/hosts/common/network.nix @@ -21,7 +21,7 @@ ]; }; }; - + security.pki.certificateFiles = [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]; services = { opensnitch = { enable = true; diff --git a/hosts/common/users/thiago/default.nix b/hosts/common/users/thiago/default.nix index 18a01d5..2309871 100644 --- a/hosts/common/users/thiago/default.nix +++ b/hosts/common/users/thiago/default.nix @@ -38,4 +38,5 @@ in packages = [ pkgs.home-manager ]; }; + }