From c63221b54d8e8a5c5c9efdcb2a9bce11454aea26 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Wed, 26 Nov 2025 08:00:21 -0300 Subject: [PATCH 01/25] chore: fix gnome issues --- flake.lock | 36 ++++++++++++++++----------------- home-manager/gnome/default.nix | 2 +- home-manager/home.nix | 17 +++++++++------- home-manager/nixstation.nix | 1 + hosts/common/default.nix | 2 +- hosts/common/nvidia/default.nix | 2 +- 6 files changed, 32 insertions(+), 28 deletions(-) diff --git a/flake.lock b/flake.lock index f57f1c7..e322434 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ ] }, "locked": { - "lastModified": 1759362264, - "narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", + "lastModified": 1763759067, + "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "758cf7296bee11f1706a574c77d072b8a7baa881", + "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", "type": "github" }, "original": { @@ -46,11 +46,11 @@ ] }, "locked": { - "lastModified": 1759853171, - "narHash": "sha256-uqbhyXtqMbYIiMqVqUhNdSuh9AEEkiasoK3mIPIVRhk=", + "lastModified": 1764075860, + "narHash": "sha256-KYEIHCBBw+/lwKsJNRNoUxBB4ZY2LK0G0T8f+0i65q0=", "owner": "nix-community", "repo": "home-manager", - "rev": "1a09eb84fa9e33748432a5253102d01251f72d6d", + "rev": "295d90e22d557ccc3049dc92460b82f372cd3892", "type": "github" }, "original": { @@ -110,11 +110,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1759831965, - "narHash": "sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH+47XEBo=", + "lastModified": 1763966396, + "narHash": "sha256-6eeL1YPcY1MV3DDStIDIdy/zZCDKgHdkCmsrLJFiZf0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c9b6fb798541223bbb396d287d16f43520250518", + "rev": "5ae3b07d8d6527c42f17c876e404993199144b6a", "type": "github" }, "original": { @@ -134,11 +134,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1759927289, - "narHash": "sha256-EWdwR9l+JG466rPuNmjjzDPvQAuh37lmhgWa2xeaMdk=", + "lastModified": 1764065466, + "narHash": "sha256-tH0yk53OPuT+D/Vlb6IXtZYJ9zb/TfHcTIm7P3eWRNA=", "owner": "nix-community", "repo": "nixvim", - "rev": "57006a3ace4a3c889ab61b70fd5d8b197de8314e", + "rev": "b67ff4d1b29b590ab6865bc9eac785c28006f228", "type": "github" }, "original": { @@ -157,11 +157,11 @@ ] }, "locked": { - "lastModified": 1758662783, - "narHash": "sha256-igrxT+/MnmcftPOHEb+XDwAMq3Xg1Xy7kVYQaHhPlAg=", + "lastModified": 1761730856, + "narHash": "sha256-t1i5p/vSWwueZSC0Z2BImxx3BjoUDNKyC2mk24krcMY=", "owner": "NuschtOS", "repo": "search", - "rev": "7d4c0fc4ffe3bd64e5630417162e9e04e64b27a4", + "rev": "e29de6db0cb3182e9aee75a3b1fd1919d995d85b", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1760393368, - "narHash": "sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E=", + "lastModified": 1764021963, + "narHash": "sha256-1m84V2ROwNEbqeS9t37/mkry23GBhfMt8qb6aHHmjuc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "ab8d56e85b8be14cff9d93735951e30c3e86a437", + "rev": "c482a1c1bbe030be6688ed7dc84f7213f304f1ec", "type": "github" }, "original": { diff --git a/home-manager/gnome/default.nix b/home-manager/gnome/default.nix index 4d7e6ed..13b320a 100644 --- a/home-manager/gnome/default.nix +++ b/home-manager/gnome/default.nix @@ -5,7 +5,7 @@ dconf.settings = { "org/gnome/shell" = { - disable-user-extensions = false; + disable-user-extensions = true; favorite-apps = [ "org.gnome.Settings.desktop" "org.gnome.Nautilus.desktop" diff --git a/home-manager/home.nix b/home-manager/home.nix index ffbfdfc..d7f656b 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -37,14 +37,14 @@ inkscape keymapp lazygit - libinput +# libinput nerd-fonts.fira-code nil nitrokey-app2 nixd nixpkgs-fmt nixfmt-rfc-style - nodejs_20 + # nodejs_20 nordic obsidian pinentry-curses @@ -61,13 +61,15 @@ ]; sessionVariables = { - DBUS_SESSION_BUS_ADDRESS = "unix:path=${config.home.homeDirectory}/.dbus-session-bus"; + # DBUS_SESSION_BUS_ADDRESS = "unix:path=${config.home.homeDirectory}/.dbus-session-bus"; }; username = "thiago"; }; programs = { git = { + enable = true; + settings = { aliases = { br = "branch"; ca = "commit --amend"; @@ -77,7 +79,6 @@ lg = "log --oneline --graph --decorate --all"; st = "status"; }; - enable = true; extraConfig = { color.ui = "auto"; core = { @@ -92,8 +93,10 @@ key = "EC7C84664FF515B63AD510B63065EA73A976D430"; signByDefault = false; }; - userEmail = "th.spo@pm.me"; - userName = "Thiago Sposito"; + user = { + email = "th.spo@pm.me"; + name = "Thiago Sposito"; + };}; }; gpg = { @@ -137,7 +140,7 @@ pinentry.package = pkgs.pinentry-curses; }; - systemd.user.startServices = "sd-switch"; + #systemd.user.startServices = "sd-switch"; home.stateVersion = "25.11"; # sops configuration diff --git a/home-manager/nixstation.nix b/home-manager/nixstation.nix index e05f888..638a9dd 100644 --- a/home-manager/nixstation.nix +++ b/home-manager/nixstation.nix @@ -23,5 +23,6 @@ steam steam-run code-cursor + mindustry ]; } diff --git a/hosts/common/default.nix b/hosts/common/default.nix index 199fbb6..ff8ab56 100644 --- a/hosts/common/default.nix +++ b/hosts/common/default.nix @@ -54,7 +54,7 @@ pciutils pcsc-safenet pcsclite - pcsctools + pcsc-tools pkcs11helper podman-compose rclone diff --git a/hosts/common/nvidia/default.nix b/hosts/common/nvidia/default.nix index ebce0c9..5f2ef99 100644 --- a/hosts/common/nvidia/default.nix +++ b/hosts/common/nvidia/default.nix @@ -45,8 +45,8 @@ environment.systemPackages = with pkgs; [ cudaPackages.cuda_nvcc cudaPackages.cudatoolkit - glxinfo libepoxy + mesa-demos libglvnd nvidia-container-toolkit vulkan-tools From 0cb9c93c5c3d9306ba8062f103e98713df2dce78 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 4 Dec 2025 23:51:41 -0300 Subject: [PATCH 02/25] chore: update flake.lock and flake.nix to use release-25.11 for nixpkgs and home-manager --- flake.lock | 16 ++++++++-------- flake.nix | 4 ++-- home-manager/home.nix | 5 ++++- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index e322434..e948ed6 100644 --- a/flake.lock +++ b/flake.lock @@ -46,16 +46,16 @@ ] }, "locked": { - "lastModified": 1764075860, - "narHash": "sha256-KYEIHCBBw+/lwKsJNRNoUxBB4ZY2LK0G0T8f+0i65q0=", + "lastModified": 1764866045, + "narHash": "sha256-0GsEtXV9OquDQ1VclQfP16cU5VZh7NEVIOjSH4UaJuM=", "owner": "nix-community", "repo": "home-manager", - "rev": "295d90e22d557ccc3049dc92460b82f372cd3892", + "rev": "f63d0fe9d81d36e5fc95497217a72e02b8b7bcab", "type": "github" }, "original": { "owner": "nix-community", - "ref": "master", + "ref": "release-25.11", "repo": "home-manager", "type": "github" } @@ -110,16 +110,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1763966396, - "narHash": "sha256-6eeL1YPcY1MV3DDStIDIdy/zZCDKgHdkCmsrLJFiZf0=", + "lastModified": 1764677808, + "narHash": "sha256-H3lC7knbXOBrHI9hITQ7modLuX20mYJVhZORL5ioms0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5ae3b07d8d6527c42f17c876e404993199144b6a", + "rev": "1aab89277eb2d87823d5b69bae631a2496cff57a", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-25.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 6c03276..5e2b12c 100644 --- a/flake.nix +++ b/flake.nix @@ -2,11 +2,11 @@ description = "my NixOS Config"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; home-manager = { inputs.nixpkgs.follows = "nixpkgs"; - url = "github:nix-community/home-manager/master"; + url = "github:nix-community/home-manager/release-25.11"; }; icons = { url = "git+https://git.sr.ht/~sposito/icons"; diff --git a/home-manager/home.nix b/home-manager/home.nix index d7f656b..8f881a1 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -1,5 +1,4 @@ { - config, pkgs, lib, ... @@ -31,6 +30,8 @@ code-cursor direnv distrobox + emacs + emacs-all-the-icons-fonts fira-code firefox hwinfo @@ -67,6 +68,8 @@ }; programs = { + + git = { enable = true; settings = { From 2e6aa91f360999cd64c135ebf9ac2bda9c1e13c1 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 13 Dec 2025 11:11:01 -0300 Subject: [PATCH 03/25] feat: initial emacs config --- home-manager/emacs/default.nix | 37 ++++++++++++++++++ home-manager/emacs/init.el | 70 ++++++++++++++++++++++++++++++++++ home-manager/home.nix | 3 +- home-manager/zsh.nix | 6 +-- 4 files changed, 111 insertions(+), 5 deletions(-) create mode 100644 home-manager/emacs/default.nix create mode 100644 home-manager/emacs/init.el diff --git a/home-manager/emacs/default.nix b/home-manager/emacs/default.nix new file mode 100644 index 0000000..417400e --- /dev/null +++ b/home-manager/emacs/default.nix @@ -0,0 +1,37 @@ +{ pkgs, ... }: + +{ + home.packages = with pkgs; [ + emacs-all-the-icons-fonts + sbcl + ]; + programs.emacs = { + enable = true; + extraPackages = epkgs: with epkgs; [ + use-package + magit + org + org-roam + evil + evil-collection + which-key + counsel + ivy + swiper + doom-themes + nord-theme + projectile + flycheck + company + lsp-mode + lsp-ui + dap-mode + treemacs + treemacs-evil + treemacs-projectile + sly + ]; + extraConfig = builtins.readFile ./init.el; + }; +} + diff --git a/home-manager/emacs/init.el b/home-manager/emacs/init.el new file mode 100644 index 0000000..e52a4d7 --- /dev/null +++ b/home-manager/emacs/init.el @@ -0,0 +1,70 @@ +(require 'package) +(package-initialize) + +(eval-when-compile + (require 'use-package)) + +(use-package evil + :init + (evil-mode 1)) + +(use-package evil-collection + :after evil + :config + (evil-collection-init)) + +(use-package which-key + :config + (which-key-mode)) + +(use-package ivy + :config + (ivy-mode 1)) + +(use-package counsel + :after ivy + :config + (counsel-mode 1)) + +(use-package swiper + :after ivy) + +(use-package doom-themes + :config + (load-theme 'doom-one t)) + +(use-package projectile + :config + (projectile-mode 1)) + +(use-package company + :config + (global-company-mode)) + +(use-package flycheck + :config + (global-flycheck-mode)) + +(use-package lsp-mode + :hook ((python-mode . lsp) + (rust-mode . lsp) + (go-mode . lsp)) + :commands lsp) + +(use-package lsp-ui + :after lsp-mode + :commands lsp-ui-mode) + +(use-package treemacs + :commands treemacs) + +(use-package treemacs-evil + :after (treemacs evil)) + +(use-package treemacs-projectile + :after (treemacs projectile)) + +(use-package sly + :config + (setq inferior-lisp-program "sbcl")) + diff --git a/home-manager/home.nix b/home-manager/home.nix index 8f881a1..17e581c 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -7,6 +7,7 @@ imports = [ # ./backup.nix ./custom.nix + ./emacs ./gnome ./icons.nix ./nvim @@ -30,10 +31,10 @@ code-cursor direnv distrobox - emacs emacs-all-the-icons-fonts fira-code firefox + guile hwinfo inkscape keymapp diff --git a/home-manager/zsh.nix b/home-manager/zsh.nix index f2660dd..5a2ab49 100644 --- a/home-manager/zsh.nix +++ b/home-manager/zsh.nix @@ -1,7 +1,4 @@ { - config, - lib, - pkgs, ... }: { @@ -10,7 +7,7 @@ source = ./scripts/lsgpu.sh; executable = true; }; - + programs.zsh = { enable = true; autosuggestion.enable = true; @@ -20,6 +17,7 @@ export GPG_TTY=$(tty) export EDITOR="nvim -n -c 'set noswapfile nobackup nowritebackup'" export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) + export PATH="$HOME/.config/emacs/bin:$PATH" ''; From 9d852d120ef0f69695b1751387609b5f65b6acca Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 19:39:34 -0300 Subject: [PATCH 04/25] feat: nvim: add Fennel config support via nfnl, treesitter, plugins --- home-manager/nvim/default.nix | 48 +++++++++++++++- home-manager/nvim/extraconfig.fnl | 96 +++++++++++++++++++++++++++++++ 2 files changed, 143 insertions(+), 1 deletion(-) create mode 100644 home-manager/nvim/extraconfig.fnl diff --git a/home-manager/nvim/default.nix b/home-manager/nvim/default.nix index 438e593..112fc78 100644 --- a/home-manager/nvim/default.nix +++ b/home-manager/nvim/default.nix @@ -6,7 +6,24 @@ ]; home.packages = with pkgs; [ ripgrep + gcc ]; + home.file.".config/nvim/extraconfig.fnl" = { + source = ./extraconfig.fnl; + }; + home.file.".config/nvim/.nfnl.fnl" = { + source = ./.nfnl.fnl; + }; + # Compile Fennel to Lua at build time + home.file.".config/nvim/extraconfig.lua" = { + text = builtins.readFile ( + pkgs.runCommand "extraconfig-compiled.lua" { + buildInputs = [ pkgs.luajitPackages.fennel ]; + } '' + ${pkgs.luajitPackages.fennel}/bin/fennel --compile ${./extraconfig.fnl} > $out + '' + ); + }; programs.nixvim = { enable = true; colorschemes.nord.enable = true; @@ -21,6 +38,7 @@ }; plugins = { + conjure.enable = true; avante = { enable = true; }; @@ -47,6 +65,10 @@ lspkind.enable = true; lsp-lines.enable = true; + treesitter = { + enable = true; + }; + none-ls = { enable = true; sources = { @@ -65,6 +87,30 @@ conform-nvim.enable = true; }; - extraConfigLua = builtins.readFile ./extraconfig.lua; + extraPlugins = with pkgs.vimPlugins; [ + nvim-web-devicons + (pkgs.vimUtils.buildVimPlugin { + name = "nfnl"; + src = pkgs.fetchFromGitHub { + owner = "Olical"; + repo = "nfnl"; + rev = "v1.3.0"; + hash = "sha256-ug2vAVI3C99TZxFpXw/+AJLRAc+3FLq92bFVhkZUL7A="; + }; + }) + (pkgs.vimUtils.buildVimPlugin { + name = "vim-fennel-syntax"; + src = pkgs.fetchFromGitHub { + owner = "m15a"; + repo = "vim-fennel-syntax"; + rev = "e7299d5"; #v1.3.0 + hash = "sha256-CL3ooywWpGicmzine9qteHTGajAZ2qnIcK9CByaONvc="; + }; + }) + ]; + extraConfigLua = '' + -- Load compiled Fennel config + dofile(vim.fn.expand("~/.config/nvim/extraconfig.lua")) + ''; }; } diff --git a/home-manager/nvim/extraconfig.fnl b/home-manager/nvim/extraconfig.fnl new file mode 100644 index 0000000..a56bb40 --- /dev/null +++ b/home-manager/nvim/extraconfig.fnl @@ -0,0 +1,96 @@ +(do + (local cmp (require :cmp)) + (local avante (require :avante)) + (local cmp-nvim-lsp (require :cmp_nvim_lsp)) + (local treesitter (require :nvim-treesitter.configs)) + + ;; Configure fennel-ls LSP server using new vim.lsp API + ;; Note: vim-fennel-syntax plugin handles filetype detection automatically + (local base-capabilities (vim.lsp.protocol.make_client_capabilities)) + (local capabilities (cmp-nvim-lsp.default_capabilities base-capabilities)) + + ;; Find fennel-ls in PATH + (local fennel-ls-path (vim.fn.exepath "fennel-ls")) + (local fennel-ls-cmd (if (= fennel-ls-path "") ["fennel-ls"] [fennel-ls-path])) + + ;; Setup fennel-ls using autocmd to start on Fennel files + (vim.api.nvim_create_autocmd "FileType" { + :pattern [:fennel] + :callback (fn [] + (local root (vim.fs.find [".nfnl.fnl" ".git" "fnl"] {:upward true})) + (local root-dir (if root (vim.fs.dirname (. root 1)) (vim.fn.getcwd))) + (vim.lsp.start { + :name :fennel_ls + :cmd fennel-ls-cmd + :root_dir root-dir + :settings { + :fennel { + :extra-globals "vim" + } + } + :capabilities capabilities + })) + }) + + ;; Enable inlay hints for better documentation + (vim.lsp.inlay_hint.enable true {:buftype [""]}) + + ;; Configure Treesitter to ensure Fennel grammar is installed + ;; Use writable directory for parsers (not the read-only nix store) + (local parser_install_dir (.. (vim.fn.stdpath :data) "/treesitter")) + (vim.opt.runtimepath:prepend parser_install_dir) + + (treesitter.setup { + :ensure_installed [:fennel :lua] + :highlight {:enable true} + :indent {:enable true} + :parser_install_dir parser_install_dir + }) + + (cmp.setup { + :mapping { + : (cmp.mapping.complete) + : (cmp.mapping.confirm {:select true}) + : (cmp.mapping.select_next_item) + : (cmp.mapping.select_prev_item) + } + :sources [ + {:name :nvim_lsp} + {:name :buffer} + {:name :path} + ] + }) + + (vim.api.nvim_create_autocmd "LspAttach" { + :callback (fn [args] + (local buf args.buf) + (local opts {:buffer buf}) + + (vim.keymap.set "n" "gd" vim.lsp.buf.definition opts) + (vim.keymap.set "n" "gr" vim.lsp.buf.references opts) + (vim.keymap.set "n" "K" vim.lsp.buf.hover opts) + (vim.keymap.set "n" "rn" vim.lsp.buf.rename opts) + (vim.keymap.set "n" "ca" vim.lsp.buf.code_action opts) + (vim.keymap.set "n" "f" (fn [] + (vim.lsp.buf.format {:async true})) + opts) + + (vim.keymap.set "n" "" ":m .+1==") + (vim.keymap.set "n" "" ":m .-2==")) + }) + + (avante.setup { + :provider "ollama" + :providers { + :ollama { + :endpoint "http://127.0.0.1:11434" + :model "gpt-oss:20b" + :extra_request_body { + :temperature 0 + :num_ctx 8192 + } + } + } + }) + ) + From 95afe7044a767351aee4183a289ee7f99fa147e3 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 19:54:14 -0300 Subject: [PATCH 05/25] feat: emacs config init --- home-manager/emacs/default.nix | 55 ++++---- home-manager/emacs/doom/config.el | 47 +++++++ home-manager/emacs/doom/init.el | 199 ++++++++++++++++++++++++++++ home-manager/emacs/doom/packages.el | 54 ++++++++ home-manager/emacs/init.el | 70 ---------- 5 files changed, 323 insertions(+), 102 deletions(-) create mode 100644 home-manager/emacs/doom/config.el create mode 100644 home-manager/emacs/doom/init.el create mode 100644 home-manager/emacs/doom/packages.el delete mode 100644 home-manager/emacs/init.el diff --git a/home-manager/emacs/default.nix b/home-manager/emacs/default.nix index 417400e..60a3309 100644 --- a/home-manager/emacs/default.nix +++ b/home-manager/emacs/default.nix @@ -1,37 +1,28 @@ -{ pkgs, ... }: +{ pkgs, lib, config, ... }: { - home.packages = with pkgs; [ - emacs-all-the-icons-fonts - sbcl - ]; programs.emacs = { enable = true; - extraPackages = epkgs: with epkgs; [ - use-package - magit - org - org-roam - evil - evil-collection - which-key - counsel - ivy - swiper - doom-themes - nord-theme - projectile - flycheck - company - lsp-mode - lsp-ui - dap-mode - treemacs - treemacs-evil - treemacs-projectile - sly - ]; - extraConfig = builtins.readFile ./init.el; - }; -} + package = pkgs.emacs.override { + withNativeCompilation = true; + }; + }; + + home.packages = with pkgs; [ + cmake + emacs-all-the-icons-fonts + emacsPackages.evil + emacsPackages.vterm + emacsPackages.treemacs + emacsPackages.doom + sbcl + ]; + + home.activation.linkDoomConfig = lib.hm.dag.entryAfter ["writeBoundary"] '' + if [ ! -e "${config.home.homeDirectory}/.config/doom" ]; then + $DRY_RUN_CMD mkdir -p "${config.home.homeDirectory}/.config" + $DRY_RUN_CMD ln -sfn "/home/thiago/.config/nix-conf/home-manager/emacs/doom" "${config.home.homeDirectory}/.config/doom" + fi + ''; +} diff --git a/home-manager/emacs/doom/config.el b/home-manager/emacs/doom/config.el new file mode 100644 index 0000000..b06e857 --- /dev/null +++ b/home-manager/emacs/doom/config.el @@ -0,0 +1,47 @@ +;;; $DOOMDIR/config.el -*- lexical-binding: t; -*- + +(add-hook 'scheme-mode-hook #'smartparens-strict-mode) + +(use-package! lsp-mode + :config + (add-to-list 'lsp-language-id-configuration '(fennel-mode . "fennel")) + + (lsp-register-client + (make-lsp-client :new-connection (lsp-stdio-connection "fennel-ls") + :activation-fn (lsp-activate-on "fennel") + :server-id 'fennel-ls))) + +(add-hook 'fennel-mode-hook #'lsp!) + +(setq user-full-name "Thiago Sposito" + user-mail-address "th.spo@pm.me") + +(setq doom-font (font-spec :family "FiraCode Nerd Font Mono" :size 22 :weight 'semi-light) + doom-variable-pitch-font (font-spec :family "FiraCode Nerd Font" :size 18)) + +(setq doom-theme 'doom-one) + +(setq display-line-numbers-type t) + +(setq org-directory "~/org/") + +(after! treemacs + (treemacs-follow-mode 1) + (treemacs-project-follow-mode 1)) + +(add-hook 'window-setup-hook #'treemacs) + + +(setq shell-file-name (executable-find "zsh") + explicit-shell-file-name shell-file-name) + +(set-popup-rule! "^\\*vterm" + :side 'bottom + :size 0.3 + :select t + :quit t + :ttl nil) + +(map! :desc "Toggle terminal (vterm)" + "C-~" #'vterm) + diff --git a/home-manager/emacs/doom/init.el b/home-manager/emacs/doom/init.el new file mode 100644 index 0000000..80a72f0 --- /dev/null +++ b/home-manager/emacs/doom/init.el @@ -0,0 +1,199 @@ +;;; init.el -*- lexical-binding: t; -*- + +;; This file controls what Doom modules are enabled and what order they load +;; in. Remember to run 'doom sync' after modifying it! + +;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's +;; documentation. There you'll find a link to Doom's Module Index where all +;; of our modules are listed, including what flags they support. + +;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or +;; 'C-c c k' for non-vim users) to view its documentation. This works on +;; flags as well (those symbols that start with a plus). +;; +;; Alternatively, press 'gd' (or 'C-c c d') on a module to browse its +;; directory (for easy access to its source code). + +(doom! :input + ;;bidi ; (tfel ot) thgir etirw uoy gnipleh + ;;chinese + ;;japanese + ;;layout ; auie,ctsrnm is the superior home row + + :completion + (company +childframe) ; the ultimate code completion backend + ;;(corfu +orderless) ; complete with cap(f), cape and a flying feather! + ;;helm ; the *other* search engine for love and life + ;;ido ; the other *other* search engine... + ;;ivy ; a search engine for love and life + vertico ; the search engine of the future + + :ui + deft ; notational velocity for Emacs + doom ; what makes DOOM look the way it does + doom-dashboard ; a nifty splash screen for Emacs + ;;doom-quit ; DOOM quit-message prompts when you quit Emacs + (emoji +unicode) ; 🙂 + hl-todo ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW + indent-guides ; highlighted indent columns + ligatures ; ligatures and symbols to make your code pretty again + minimap ; show a map of the code on the side + modeline ; snazzy, Atom-inspired modeline, plus API + ;;nav-flash ; blink cursor line after big motions + ;;neotree ; a project drawer, like NERDTree for vim + ophints ; highlight the region an operation acts on + (popup +defaults) ; tame sudden yet inevitable temporary windows + smooth-scroll ; So smooth you won't believe it's not butter + tabs ; a tab bar for Emacs + treemacs ; a project drawer, like neotree but cooler + ;;unicode ; extended unicode support for various languages + (vc-gutter +pretty) ; vcs diff in the fringe + vi-tilde-fringe ; fringe tildes to mark beyond EOB + window-select ; visually switch windows + workspaces ; tab emulation, persistence & separate workspaces + ;;zen ; distraction-free coding or writing + + :editor + (evil +everywhere); come to the dark side, we have cookies + file-templates ; auto-snippets for empty files + fold ; (nigh) universal code folding + ;;(format +onsave) ; automated prettiness + ;;god ; run Emacs commands without modifier keys + ;;lispy ; vim for lisp, for people who don't like vim + multiple-cursors ; editing in many places at once + ;;objed ; text object editing for the innocent + ;;parinfer ; turn lisp into python, sort of + ;;rotate-text ; cycle region at point between text candidates + snippets ; my elves. They type so I don't have to + (whitespace +guess +trim) ; a butler for your whitespace + ;;word-wrap ; soft wrapping with language-aware indent + + :emacs + dired ; making dired pretty [functional] + electric ; smarter, keyword-based electric-indent + ;;eww ; the internet is gross + ;;ibuffer ; interactive buffer management + tramp ; remote files at your arthritic fingertips + undo ; persistent, smarter undo for your inevitable mistakes + vc ; version-control and Emacs, sitting in a tree + + :term + ;;eshell ; the elisp shell that works everywhere + ;;shell ; simple shell REPL for Emacs + ;;term ; basic terminal emulator for Emacs + vterm ; the best terminal emulation in Emacs + + :checkers + syntax ; tasing you for every semicolon you forget + ;;(spell +flyspell) ; tasing you for misspelling mispelling + ;;grammar ; tasing grammar mistake every you make + + :tools + ;;ansible + ;;biblio ; Writes a PhD for you (citation needed) + ;;collab ; buffers with friends + ;;debugger ; FIXME stepping through code, to help you add bugs + direnv + docker + editorconfig ; let someone else argue about tabs vs spaces + ;;ein ; tame Jupyter notebooks with emacs + (eval +overlay) ; run code, run (also, repls) + lookup ; navigate your code and its documentation + llm ; when I said you needed friends, I didn't mean... + (lsp +peek) + ;;(lsp +eglot) ; M-x vscode + magit ; a git porcelain for Emacs + ;;make ; run make tasks from Emacs + pass ; password manager for nerds + ;;pdf ; pdf enhancements + ;;terraform ; infrastructure as code + ;;tmux ; an API for interacting with tmux + tree-sitter ; syntax and parsing, sitting in a tree... + upload ; map local to remote projects via ssh/ftp + + :os + (:if (featurep :system 'macos) macos) ; improve compatibility with macOS + ;;tty ; improve the terminal Emacs experience + + :lang + ;;ada ; In strong typing we (blindly) trust + ;;agda ; types of types of types of types... + ;;beancount ; mind the GAAP + ;;(cc +lsp) ; C > C++ == 1 + ;;clojure ; java with a lisp + ;;common-lisp ; if you've seen one lisp, you've seen them all + ;;coq ; proofs-as-programs + ;;crystal ; ruby at the speed of c + ;;csharp ; unity, .NET, and mono shenanigans + ;;data ; config/data formats + ;;(dart +flutter) ; paint ui and not much else + ;;dhall + ;;elixir ; erlang done right + ;;elm ; care for a cup of TEA? + emacs-lisp ; drown in parentheses + ;;erlang ; an elegant language for a more civilized age + ;;ess ; emacs speaks statistics + ;;factor + ;;faust ; dsp, but you get to keep your soul + ;;fortran ; in FORTRAN, GOD is REAL (unless declared INTEGER) + ;;fsharp ; ML stands for Microsoft's Language + ;;fstar ; (dependent) types and (monadic) effects and Z3 + ;;gdscript ; the language you waited for + ;;(go +lsp) ; the hipster dialect + ;;(graphql +lsp) ; Give queries a REST + ;;(haskell +lsp) ; a language that's lazier than I am + ;;hy ; readability of scheme w/ speed of python + ;;idris ; a language you can depend on + ;;json ; At least it ain't XML + ;;janet ; Fun fact: Janet is me! + ;;(java +lsp) ; the poster child for carpal tunnel syndrome + ;;javascript ; all(hope(abandon(ye(who(enter(here)))))) + ;;julia ; a better, faster MATLAB + ;;kotlin ; a better, slicker Java(Script) + ;;latex ; writing papers in Emacs has never been so fun + ;;lean ; for folks with too much to prove + ;;ledger ; be audit you can be + (lua +fennel +lsp) ; one-based indices? one-based indices + markdown ; writing docs for people to ignore + ;;nim ; python + lisp at the speed of c + ;;nix ; I hereby declare "nix geht mehr!" + ;;ocaml ; an objective camel + org ; organize your plain life in plain text + ;;php ; perl's insecure younger brother + ;;plantuml ; diagrams for confusing people more + ;;graphviz ; diagrams for confusing yourself even more + ;;purescript ; javascript, but functional + ;;python ; beautiful is better than ugly + ;;qt ; the 'cutest' gui framework ever + ;;racket ; a DSL for DSLs + ;;raku ; the artist formerly known as perl6 + ;;rest ; Emacs as a REST client + ;;rst ; ReST in peace + ;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"} + ;;(rust +lsp) ; Fe2O3.unwrap().unwrap().unwrap().unwrap() + ;;scala ; java, but good + (scheme +guile) ; a fully conniving family of lisps + sh ; she sells {ba,z,fi}sh shells on the C xor + ;;sml + ;;solidity ; do you need a blockchain? No. + ;;swift ; who asked for emoji variables? + ;;terra ; Earth and Moon in alignment for performance. + ;;web ; the tubes + ;;yaml ; JSON, but readable + ;;zig ; C, but simpler + + :email + ;;(mu4e +org +gmail) + ;;notmuch + ;;(wanderlust +gmail) + + :app: + ;;calendar + ;;emms + ;;everywhere ; *leave* Emacs!? You must be joking + ;;irc ; how neckbeards socialize + ;;(rss +org) ; emacs as an RSS reader + + :config + ;;literate + (default +bindings +smartparens)) diff --git a/home-manager/emacs/doom/packages.el b/home-manager/emacs/doom/packages.el new file mode 100644 index 0000000..d2680fe --- /dev/null +++ b/home-manager/emacs/doom/packages.el @@ -0,0 +1,54 @@ +;; -*- no-byte-compile: t; -*- +;;; $DOOMDIR/packages.el + +;; To install a package: +;; +;; 1. Declare them here in a `package!' statement, +;; 2. Run 'doom sync' in the shell, +;; 3. Restart Emacs. +;; +;; Use 'C-h f package\!' to look up documentation for the `package!' macro. + + +;; To install SOME-PACKAGE from MELPA, ELPA or emacsmirror: +;; (package! some-package) + +;; To install a package directly from a remote git repo, you must specify a +;; `:recipe'. You'll find documentation on what `:recipe' accepts here: +;; https://github.com/radian-software/straight.el#the-recipe-format +;; (package! another-package +;; :recipe (:host github :repo "username/repo")) + +;; If the package you are trying to install does not contain a PACKAGENAME.el +;; file, or is located in a subdirectory of the repo, you'll need to specify +;; `:files' in the `:recipe': +;; (package! this-package +;; :recipe (:host github :repo "username/repo" +;; :files ("some-file.el" "src/lisp/*.el"))) + +;; If you'd like to disable a package included with Doom, you can do so here +;; with the `:disable' property: +;; (package! builtin-package :disable t) + +;; You can override the recipe of a built in package without having to specify +;; all the properties for `:recipe'. These will inherit the rest of its recipe +;; from Doom or MELPA/ELPA/Emacsmirror: +;; (package! builtin-package :recipe (:nonrecursive t)) +;; (package! builtin-package-2 :recipe (:repo "myfork/package")) + +;; Specify a `:branch' to install a package from a particular branch or tag. +;; This is required for some packages whose default branch isn't 'master' (which +;; our package manager can't deal with; see radian-software/straight.el#279) +;; (package! builtin-package :recipe (:branch "develop")) + +;; Use `:pin' to specify a particular commit to install. +;; (package! builtin-package :pin "1a2b3c4d5e") + + +;; Doom's packages are pinned to a specific commit and updated from release to +;; release. The `unpin!' macro allows you to unpin single packages... +;; (unpin! pinned-package) +;; ...or multiple packages +;; (unpin! pinned-package another-pinned-package) +;; ...Or *all* packages (NOT RECOMMENDED; will likely break things) +;; (unpin! t) diff --git a/home-manager/emacs/init.el b/home-manager/emacs/init.el deleted file mode 100644 index e52a4d7..0000000 --- a/home-manager/emacs/init.el +++ /dev/null @@ -1,70 +0,0 @@ -(require 'package) -(package-initialize) - -(eval-when-compile - (require 'use-package)) - -(use-package evil - :init - (evil-mode 1)) - -(use-package evil-collection - :after evil - :config - (evil-collection-init)) - -(use-package which-key - :config - (which-key-mode)) - -(use-package ivy - :config - (ivy-mode 1)) - -(use-package counsel - :after ivy - :config - (counsel-mode 1)) - -(use-package swiper - :after ivy) - -(use-package doom-themes - :config - (load-theme 'doom-one t)) - -(use-package projectile - :config - (projectile-mode 1)) - -(use-package company - :config - (global-company-mode)) - -(use-package flycheck - :config - (global-flycheck-mode)) - -(use-package lsp-mode - :hook ((python-mode . lsp) - (rust-mode . lsp) - (go-mode . lsp)) - :commands lsp) - -(use-package lsp-ui - :after lsp-mode - :commands lsp-ui-mode) - -(use-package treemacs - :commands treemacs) - -(use-package treemacs-evil - :after (treemacs evil)) - -(use-package treemacs-projectile - :after (treemacs projectile)) - -(use-package sly - :config - (setq inferior-lisp-program "sbcl")) - From 87d106fd87d995948b0868fa8136d99d34f6017e Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 19:55:26 -0300 Subject: [PATCH 06/25] chore: sync nixvim package version --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 5e2b12c..29abea5 100644 --- a/flake.nix +++ b/flake.nix @@ -13,7 +13,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; nixvim = { - url = "github:nix-community/nixvim"; + url = "github:nix-community/nixvim/nixos-25.11"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix = { From b93123bb5a562096ddf8c6876519e758824d754e Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 19:57:54 -0300 Subject: [PATCH 07/25] chore: vm optmizations --- hosts/Nixstation/default.nix | 2 +- hosts/Nixstation/hardware-configuration.nix | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/hosts/Nixstation/default.nix b/hosts/Nixstation/default.nix index de4ff33..379e0e8 100644 --- a/hosts/Nixstation/default.nix +++ b/hosts/Nixstation/default.nix @@ -17,11 +17,11 @@ }; environment = { + gnome.excludePackages = [ pkgs.epiphany ]; systemPackages = with pkgs; [ act btrfs-progs cudatoolkit - ]; }; diff --git a/hosts/Nixstation/hardware-configuration.nix b/hosts/Nixstation/hardware-configuration.nix index 0c1950a..4c38ab4 100644 --- a/hosts/Nixstation/hardware-configuration.nix +++ b/hosts/Nixstation/hardware-configuration.nix @@ -21,7 +21,13 @@ "sd_mod" "xhci_pci" ]; - kernelParams = [ "amd_pstate=active" "usbcore.autosuspend=-1" ]; + kernelParams = [ # used to improve VM perfomance (guix experiments) + "amd_pstate=active" + "usbcore.autosuspend=-1" + "hugepagesz=1G" + "hugepages=16" + "default_hugepagesz=1G" + ]; initrd.kernelModules = [ ]; kernelModules = [ "kvm-amd" "iwlwifi" ]; extraModulePackages = [ ]; From 59a277b0ad695f3930bdd037b152fe65165c10e0 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 19:59:52 -0300 Subject: [PATCH 08/25] feat: nvim with lua leftovers from 9d852d1 --- home-manager/nvim/.nfnl.fnl | 3 ++ home-manager/nvim/extraconfig.lua | 47 ------------------------------- 2 files changed, 3 insertions(+), 47 deletions(-) create mode 100644 home-manager/nvim/.nfnl.fnl delete mode 100644 home-manager/nvim/extraconfig.lua diff --git a/home-manager/nvim/.nfnl.fnl b/home-manager/nvim/.nfnl.fnl new file mode 100644 index 0000000..292a87d --- /dev/null +++ b/home-manager/nvim/.nfnl.fnl @@ -0,0 +1,3 @@ +{:compiler-options {:compilerEnv _G}} + + diff --git a/home-manager/nvim/extraconfig.lua b/home-manager/nvim/extraconfig.lua deleted file mode 100644 index c4025f4..0000000 --- a/home-manager/nvim/extraconfig.lua +++ /dev/null @@ -1,47 +0,0 @@ -local cmp = require'cmp' -local avante = require("avante") - -cmp.setup({ - mapping = { - [''] = cmp.mapping.complete(), -- trigger manually - [''] = cmp.mapping.confirm({ select = true }), -- confirm with Enter - [''] = cmp.mapping.select_next_item(), - [''] = cmp.mapping.select_prev_item(), - }, - sources = { - { name = 'nvim_lsp' }, - { name = 'buffer' }, - { name = 'path' }, - }, - vim.api.nvim_create_autocmd("LspAttach", { - callback = function(args) - local buf = args.buf - local opts = { buffer = buf } - - vim.keymap.set("n", "gd", vim.lsp.buf.definition, opts) - vim.keymap.set("n", "gr", vim.lsp.buf.references, opts) - vim.keymap.set("n", "K", vim.lsp.buf.hover, opts) - vim.keymap.set("n", "rn", vim.lsp.buf.rename, opts) - vim.keymap.set("n", "ca", vim.lsp.buf.code_action, opts) - vim.keymap.set("n", "f", function() vim.lsp.buf.format({ async = true }) end, opts) - - vim.keymap.set("n", "", ":m .+1==") - vim.keymap.set("n", "", ":m .-2==") - end - }) -}) - - -avante.setup({ - provider = "ollama", - providers = { - ollama = { - endpoint = "http://127.0.0.1:11434", - model = "gpt-oss:20b", - extra_request_body = { - temperature = 0, - num_ctx = 8192, - }, - }, - }, -}) \ No newline at end of file From b066b117d8e4442ac3b4b97c279d54e803db35d8 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 20:02:00 -0300 Subject: [PATCH 09/25] feat: xp vm config for printing --- hosts/common/network.nix | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/hosts/common/network.nix b/hosts/common/network.nix index 51b09cc..afed8af 100644 --- a/hosts/common/network.nix +++ b/hosts/common/network.nix @@ -66,11 +66,26 @@ "workgroup" = "WORKGROUP"; "server string" = "smbnix"; "netbios name" = "smbnix"; - "hosts allow" = "192.168.0. 192.168. 192.168.122.55 127.0.0.1 localhost"; + "hosts allow" = "192.168.0. 192.168. 192.168.122.55 127.0.0.1 192.168.122.197 localhost"; "hosts deny" = "0.0.0.0/0"; "guest account" = "nobody"; "map to guest" = "bad user"; security = "user"; + # used for xp priter vm + # # Windows XP compatibility settings + # "server min protocol" = "NT1"; # Enable SMB1 for Windows XP + # "client min protocol" = "NT1"; + # "ntlm auth" = "yes"; # Required for Windows XP + # "lanman auth" = "yes"; # Required for Windows XP + # }; + # # Share for Windows XP access + # "shared" = { + # "path" = "/home/thiago/shared"; + # "browseable" = "yes"; + # "read only" = "no"; + # "guest ok" = "yes"; + # "create mask" = "0644"; + # "directory mask" = "0755"; }; }; }; From cbb99f9680bc06b4ca3b7ae23bfd43ff8a2234f2 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 20:04:23 -0300 Subject: [PATCH 10/25] feat: add luajit and fennel to PATH --- home-manager/home.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/home-manager/home.nix b/home-manager/home.nix index 17e581c..c73ae93 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -31,7 +31,8 @@ code-cursor direnv distrobox - emacs-all-the-icons-fonts + fd + fennel-ls fira-code firefox guile @@ -39,7 +40,10 @@ inkscape keymapp lazygit -# libinput + luajit + lua-language-server + luajitPackages.fennel + luajitPackages.luacheck nerd-fonts.fira-code nil nitrokey-app2 From efa12b59e5061e7a3eccc119858f1292d3961478 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 20:05:07 -0300 Subject: [PATCH 11/25] chore: general home manager maintenance (see below) > update flakes > add GNOME Adwaita-dark > extend unfree and home pkgs, > update keybinds, > clean steam/cursor-cli predicate : --- flake.lock | 31 ++++++++++++++++--------------- home-manager/gnome/default.nix | 4 +++- home-manager/home.nix | 19 +++++++++++++++---- home-manager/nixstation.nix | 2 -- 4 files changed, 34 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index e948ed6..d86c397 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ ] }, "locked": { - "lastModified": 1763759067, - "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", + "lastModified": 1765835352, + "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", + "rev": "a34fae9c08a15ad73f295041fec82323541400a9", "type": "github" }, "original": { @@ -46,11 +46,11 @@ ] }, "locked": { - "lastModified": 1764866045, - "narHash": "sha256-0GsEtXV9OquDQ1VclQfP16cU5VZh7NEVIOjSH4UaJuM=", + "lastModified": 1767280655, + "narHash": "sha256-YmaYMduV5ko8zURUT1VLGDbVC1L/bxHS0NsiPoZ6bBM=", "owner": "nix-community", "repo": "home-manager", - "rev": "f63d0fe9d81d36e5fc95497217a72e02b8b7bcab", + "rev": "d49d2543f02dbd789ed032188c84570d929223cb", "type": "github" }, "original": { @@ -110,11 +110,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1764677808, - "narHash": "sha256-H3lC7knbXOBrHI9hITQ7modLuX20mYJVhZORL5ioms0=", + "lastModified": 1767047869, + "narHash": "sha256-tzYsEzXEVa7op1LTnrLSiPGrcCY6948iD0EcNLWcmzo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1aab89277eb2d87823d5b69bae631a2496cff57a", + "rev": "89dbf01df72eb5ebe3b24a86334b12c27d68016a", "type": "github" }, "original": { @@ -134,15 +134,16 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1764065466, - "narHash": "sha256-tH0yk53OPuT+D/Vlb6IXtZYJ9zb/TfHcTIm7P3eWRNA=", + "lastModified": 1766849711, + "narHash": "sha256-gtLBwhgjERca1UCzGkFplD5epIVRiNkePHVVtyFr73g=", "owner": "nix-community", "repo": "nixvim", - "rev": "b67ff4d1b29b590ab6865bc9eac785c28006f228", + "rev": "cae79c48e93bd61e478dfc12456bf68b1ce66074", "type": "github" }, "original": { "owner": "nix-community", + "ref": "nixos-25.11", "repo": "nixvim", "type": "github" } @@ -199,11 +200,11 @@ ] }, "locked": { - "lastModified": 1764021963, - "narHash": "sha256-1m84V2ROwNEbqeS9t37/mkry23GBhfMt8qb6aHHmjuc=", + "lastModified": 1766894905, + "narHash": "sha256-pn8AxxfajqyR/Dmr1wnZYdUXHgM3u6z9x0Z1Ijmz2UQ=", "owner": "Mic92", "repo": "sops-nix", - "rev": "c482a1c1bbe030be6688ed7dc84f7213f304f1ec", + "rev": "61b39c7b657081c2adc91b75dd3ad8a91d6f07a7", "type": "github" }, "original": { diff --git a/home-manager/gnome/default.nix b/home-manager/gnome/default.nix index 13b320a..a2811f9 100644 --- a/home-manager/gnome/default.nix +++ b/home-manager/gnome/default.nix @@ -3,7 +3,9 @@ { dconf.settings = { - + "org/gnome/desktop/interface" = { + gtk-theme = "Adwaita-dark"; + }; "org/gnome/shell" = { disable-user-extensions = true; favorite-apps = [ diff --git a/home-manager/home.nix b/home-manager/home.nix index c73ae93..e32e0be 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -5,7 +5,6 @@ }: { imports = [ - # ./backup.nix ./custom.nix ./emacs ./gnome @@ -21,6 +20,8 @@ pkg: builtins.elem (lib.getName pkg) [ "code-cursor" + "cursor-cli" + "vscode" ]; }; }; @@ -28,14 +29,18 @@ home = { homeDirectory = "/home/thiago"; packages = with pkgs; [ + cmake code-cursor + cursor-cli direnv distrobox fd fennel-ls fira-code firefox + glow guile + guile-lsp-server hwinfo inkscape keymapp @@ -48,22 +53,26 @@ nil nitrokey-app2 nixd - nixpkgs-fmt nixfmt-rfc-style - # nodejs_20 + nixpkgs-fmt + nodejs nordic obsidian + pandoc pinentry-curses podman python3 + racket ripgrep + shellcheck statix + stylua uget unzip + vscode waydroid wl-clipboard xorg.xhost - zed-editor ]; sessionVariables = { @@ -120,6 +129,8 @@ # splitting "ctrl+shift+enter" = "new_window"; "ctrl+shift+\\" = "new_window --location=hsplit"; + "super+-" = "new_window --location=hsplit"; + "super+|" = "new_window --location=vsplit"; # resizing "ctrl+alt+left" = "resize_window narrower"; "ctrl+alt+right" = "resize_window wider"; diff --git a/home-manager/nixstation.nix b/home-manager/nixstation.nix index 638a9dd..159453e 100644 --- a/home-manager/nixstation.nix +++ b/home-manager/nixstation.nix @@ -11,7 +11,6 @@ nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "code-cursor" "steam-original" "steam-run" "steam" @@ -22,7 +21,6 @@ heroic steam steam-run - code-cursor mindustry ]; } From 337ee6db4ab7cefdd31af898d8507f7e6d12f527 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 21:53:40 -0300 Subject: [PATCH 12/25] feat: add editors to unstable, update lock --- flake.lock | 49 +++++++++++++++++++++++++++++-------------- flake.nix | 3 ++- home-manager/home.nix | 11 +++++++--- 3 files changed, 43 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index d86c397..da015d9 100644 --- a/flake.lock +++ b/flake.lock @@ -46,11 +46,11 @@ ] }, "locked": { - "lastModified": 1767280655, - "narHash": "sha256-YmaYMduV5ko8zURUT1VLGDbVC1L/bxHS0NsiPoZ6bBM=", + "lastModified": 1767910483, + "narHash": "sha256-MOU5YdVu4DVwuT5ztXgQpPuRRBjSjUGIdUzOQr9iQOY=", "owner": "nix-community", "repo": "home-manager", - "rev": "d49d2543f02dbd789ed032188c84570d929223cb", + "rev": "82fb7dedaad83e5e279127a38ef410bcfac6d77c", "type": "github" }, "original": { @@ -67,11 +67,11 @@ ] }, "locked": { - "lastModified": 1759967497, - "narHash": "sha256-PYD473Ef3v5HNyLKyWroskX87fl6ntgKrzqm+R2Duqo=", + "lastModified": 1767881232, + "narHash": "sha256-tFFsDO0DloeymMeSc0YZacDl+cppVTNh5x/3ZGHpUXs=", "ref": "refs/heads/main", - "rev": "f0fa9781aef42ecbcb280b625632e5933ed04d9f", - "revCount": 4, + "rev": "018c8b6c98768ef060e00e0fabe98a3119a79056", + "revCount": 5, "type": "git", "url": "https://git.sr.ht/~sposito/icons" }, @@ -110,11 +110,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1767047869, - "narHash": "sha256-tzYsEzXEVa7op1LTnrLSiPGrcCY6948iD0EcNLWcmzo=", + "lastModified": 1767799921, + "narHash": "sha256-r4GVX+FToWVE2My8VVZH4V0pTIpnu2ZE8/Z4uxGEMBE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "89dbf01df72eb5ebe3b24a86334b12c27d68016a", + "rev": "d351d0653aeb7877273920cd3e823994e7579b0b", "type": "github" }, "original": { @@ -124,6 +124,22 @@ "type": "github" } }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1767892417, + "narHash": "sha256-dhhvQY67aboBk8b0/u0XB6vwHdgbROZT3fJAjyNh5Ww=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { "flake-parts": "flake-parts", @@ -134,11 +150,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1766849711, - "narHash": "sha256-gtLBwhgjERca1UCzGkFplD5epIVRiNkePHVVtyFr73g=", + "lastModified": 1767448089, + "narHash": "sha256-U1fHsZBnFrUil731NHD9Sg5HoiG+eSHau8OFuClhwW0=", "owner": "nix-community", "repo": "nixvim", - "rev": "cae79c48e93bd61e478dfc12456bf68b1ce66074", + "rev": "983751b66f255bbea1adc185364e9e7b73f82358", "type": "github" }, "original": { @@ -176,6 +192,7 @@ "home-manager": "home-manager", "icons": "icons", "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable", "nixvim": "nixvim", "secrets": "secrets", "sops-nix": "sops-nix" @@ -200,11 +217,11 @@ ] }, "locked": { - "lastModified": 1766894905, - "narHash": "sha256-pn8AxxfajqyR/Dmr1wnZYdUXHgM3u6z9x0Z1Ijmz2UQ=", + "lastModified": 1768032389, + "narHash": "sha256-BVpTd93G0XmAK1iXiBdhUA5Uvt+WmM1YL0mA4REcT68=", "owner": "Mic92", "repo": "sops-nix", - "rev": "61b39c7b657081c2adc91b75dd3ad8a91d6f07a7", + "rev": "a8cfe238b93166f9f96c0df67a94e572554ee624", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 29abea5..1ec703c 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; - + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager = { inputs.nixpkgs.follows = "nixpkgs"; url = "github:nix-community/home-manager/release-25.11"; @@ -30,6 +30,7 @@ { self, nixpkgs, + nixpkgs-unstable, home-manager, ... }@inputs: diff --git a/home-manager/home.nix b/home-manager/home.nix index e32e0be..9b86234 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -1,8 +1,12 @@ { pkgs, lib, + inputs, ... }: +let + pkgsUnstable = inputs.nixpkgs-unstable.legacyPackages.x86_64-linux; +in { imports = [ ./custom.nix @@ -20,6 +24,7 @@ pkg: builtins.elem (lib.getName pkg) [ "code-cursor" + "cursor" "cursor-cli" "vscode" ]; @@ -30,8 +35,8 @@ homeDirectory = "/home/thiago"; packages = with pkgs; [ cmake - code-cursor - cursor-cli + pkgsUnstable.code-cursor + pkgsUnstable.cursor-cli direnv distrobox fd @@ -167,4 +172,4 @@ # age.keyFile = "/home/thiago/.config/sops/age/keys.txt"; # gnupg.home = "/home/thiago/.gnupg"; # }; -} +} \ No newline at end of file From be381d1ebd9ad1b3dd7c0ab133dffa5351a332a4 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sat, 10 Jan 2026 21:54:04 -0300 Subject: [PATCH 13/25] chore: autoformat --- dev-templates/rust-minimal/flake.nix | 4 +- flake.nix | 2 +- home-manager/backup.nix | 9 ++- home-manager/custom.nix | 5 +- home-manager/emacs/default.nix | 9 ++- home-manager/gnome/default.nix | 2 +- home-manager/home.nix | 71 ++++++++++++--------- home-manager/nvim/default.nix | 14 ++-- home-manager/zsh.nix | 2 +- hosts/Nixbook/hardware-configuration.nix | 58 ++++++++--------- hosts/Nixcloud/hardware-configuration.nix | 16 +++-- hosts/Nixstation/hardware-configuration.nix | 23 ++++--- hosts/common/default.nix | 6 +- hosts/common/network.nix | 32 +++++----- hosts/common/nvidia/default.nix | 7 +- hosts/common/nvidia/passthrough.nix | 5 +- hosts/common/users/thiago/default.nix | 2 +- hosts/husky.nix | 7 +- 18 files changed, 158 insertions(+), 116 deletions(-) diff --git a/dev-templates/rust-minimal/flake.nix b/dev-templates/rust-minimal/flake.nix index bf7243c..c91674b 100644 --- a/dev-templates/rust-minimal/flake.nix +++ b/dev-templates/rust-minimal/flake.nix @@ -5,7 +5,8 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; }; - outputs = { self, nixpkgs }: + outputs = + { self, nixpkgs }: let system = "x86_64-linux"; pkgs = import nixpkgs { inherit system; }; @@ -20,4 +21,3 @@ }; }; } - diff --git a/flake.nix b/flake.nix index 1ec703c..ecf9615 100644 --- a/flake.nix +++ b/flake.nix @@ -49,7 +49,7 @@ ./hosts/Nixbook ]; }; - + Nixstation = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs outputs; diff --git a/home-manager/backup.nix b/home-manager/backup.nix index 26d6954..d2d6102 100644 --- a/home-manager/backup.nix +++ b/home-manager/backup.nix @@ -1,4 +1,11 @@ -{ config, lib, pkgs, sops, secrets, ... }: +{ + config, + lib, + pkgs, + sops, + secrets, + ... +}: { # --- sops secret integration --- diff --git a/home-manager/custom.nix b/home-manager/custom.nix index e5a2c96..f36e61a 100644 --- a/home-manager/custom.nix +++ b/home-manager/custom.nix @@ -6,9 +6,10 @@ let rev = "393b8fbe74b0382a9cf7cbfd33e2a3e2b430ba71"; }; - mojo = pkgs.callPackage (noverbySrc + "/packages/mojo.nix") { }; + mojo = pkgs.callPackage (noverbySrc + "/packages/mojo.nix") { }; magic = pkgs.callPackage (noverbySrc + "/packages/magic.nix") { }; -in { +in +{ home.packages = [ mojo magic diff --git a/home-manager/emacs/default.nix b/home-manager/emacs/default.nix index 60a3309..b269ea1 100644 --- a/home-manager/emacs/default.nix +++ b/home-manager/emacs/default.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: { programs.emacs = { @@ -19,7 +24,7 @@ sbcl ]; - home.activation.linkDoomConfig = lib.hm.dag.entryAfter ["writeBoundary"] '' + home.activation.linkDoomConfig = lib.hm.dag.entryAfter [ "writeBoundary" ] '' if [ ! -e "${config.home.homeDirectory}/.config/doom" ]; then $DRY_RUN_CMD mkdir -p "${config.home.homeDirectory}/.config" $DRY_RUN_CMD ln -sfn "/home/thiago/.config/nix-conf/home-manager/emacs/doom" "${config.home.homeDirectory}/.config/doom" diff --git a/home-manager/gnome/default.nix b/home-manager/gnome/default.nix index a2811f9..cfc6359 100644 --- a/home-manager/gnome/default.nix +++ b/home-manager/gnome/default.nix @@ -3,7 +3,7 @@ { dconf.settings = { - "org/gnome/desktop/interface" = { + "org/gnome/desktop/interface" = { gtk-theme = "Adwaita-dark"; }; "org/gnome/shell" = { diff --git a/home-manager/home.nix b/home-manager/home.nix index 9b86234..544cfe4 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -5,7 +5,18 @@ ... }: let - pkgsUnstable = inputs.nixpkgs-unstable.legacyPackages.x86_64-linux; + pkgsUnstable = import inputs.nixpkgs-unstable { + system = "x86_64-linux"; + config.allowUnfree = true; + config.allowUnfreePredicate = + pkg: + builtins.elem (lib.getName pkg) [ + "code-cursor" + "cursor" + "cursor-cli" + "vscode" + ]; + }; in { imports = [ @@ -80,45 +91,45 @@ in xorg.xhost ]; sessionVariables = { - - # DBUS_SESSION_BUS_ADDRESS = "unix:path=${config.home.homeDirectory}/.dbus-session-bus"; + + # DBUS_SESSION_BUS_ADDRESS = "unix:path=${config.home.homeDirectory}/.dbus-session-bus"; }; username = "thiago"; }; programs = { - git = { enable = true; settings = { - aliases = { - br = "branch"; - ca = "commit --amend"; - can = "commit --amend --no-edit"; - ci = "commit"; - co = "checkout"; - lg = "log --oneline --graph --decorate --all"; - st = "status"; - }; - extraConfig = { - color.ui = "auto"; - core = { - editor = "nvim"; - autocrlf = "input"; + aliases = { + br = "branch"; + ca = "commit --amend"; + can = "commit --amend --no-edit"; + ci = "commit"; + co = "checkout"; + lg = "log --oneline --graph --decorate --all"; + st = "status"; + }; + extraConfig = { + color.ui = "auto"; + core = { + editor = "nvim"; + autocrlf = "input"; + }; + init.defaultBranch = "main"; + pull.rebase = true; + }; + lfs.enable = true; + signing = { + key = "EC7C84664FF515B63AD510B63065EA73A976D430"; + signByDefault = false; + }; + user = { + email = "th.spo@pm.me"; + name = "Thiago Sposito"; }; - init.defaultBranch = "main"; - pull.rebase = true; }; - lfs.enable = true; - signing = { - key = "EC7C84664FF515B63AD510B63065EA73A976D430"; - signByDefault = false; - }; - user = { - email = "th.spo@pm.me"; - name = "Thiago Sposito"; - };}; }; gpg = { @@ -172,4 +183,4 @@ in # age.keyFile = "/home/thiago/.config/sops/age/keys.txt"; # gnupg.home = "/home/thiago/.gnupg"; # }; -} \ No newline at end of file +} diff --git a/home-manager/nvim/default.nix b/home-manager/nvim/default.nix index 112fc78..006b207 100644 --- a/home-manager/nvim/default.nix +++ b/home-manager/nvim/default.nix @@ -17,11 +17,13 @@ # Compile Fennel to Lua at build time home.file.".config/nvim/extraconfig.lua" = { text = builtins.readFile ( - pkgs.runCommand "extraconfig-compiled.lua" { - buildInputs = [ pkgs.luajitPackages.fennel ]; - } '' - ${pkgs.luajitPackages.fennel}/bin/fennel --compile ${./extraconfig.fnl} > $out - '' + pkgs.runCommand "extraconfig-compiled.lua" + { + buildInputs = [ pkgs.luajitPackages.fennel ]; + } + '' + ${pkgs.luajitPackages.fennel}/bin/fennel --compile ${./extraconfig.fnl} > $out + '' ); }; programs.nixvim = { @@ -103,7 +105,7 @@ src = pkgs.fetchFromGitHub { owner = "m15a"; repo = "vim-fennel-syntax"; - rev = "e7299d5"; #v1.3.0 + rev = "e7299d5"; # v1.3.0 hash = "sha256-CL3ooywWpGicmzine9qteHTGajAZ2qnIcK9CByaONvc="; }; }) diff --git a/home-manager/zsh.nix b/home-manager/zsh.nix index 5a2ab49..d883ebc 100644 --- a/home-manager/zsh.nix +++ b/home-manager/zsh.nix @@ -7,7 +7,7 @@ source = ./scripts/lsgpu.sh; executable = true; }; - + programs.zsh = { enable = true; autosuggestion.enable = true; diff --git a/hosts/Nixbook/hardware-configuration.nix b/hosts/Nixbook/hardware-configuration.nix index a76fc96..a36f8d7 100644 --- a/hosts/Nixbook/hardware-configuration.nix +++ b/hosts/Nixbook/hardware-configuration.nix @@ -1,7 +1,8 @@ -{ config -, lib -, modulesPath -, ... +{ + config, + lib, + modulesPath, + ... }: { @@ -23,38 +24,37 @@ extraModulePackages = [ ]; }; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; - fsType = "btrfs"; - options = [ "subvol=@root" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; + fsType = "btrfs"; + options = [ "subvol=@root" ]; + }; - fileSystems."/nix" = - { - device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; - fsType = "btrfs"; - options = [ "subvol=@nix" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; + fsType = "btrfs"; + options = [ "subvol=@nix" ]; + }; - fileSystems."/var/log" = - { - device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; - fsType = "btrfs"; - options = [ "subvol=@log" ]; - }; + fileSystems."/var/log" = { + device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; + fsType = "btrfs"; + options = [ "subvol=@log" ]; + }; - fileSystems."/home" = - { - device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/50A0-7758"; fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; + options = [ + "fmask=0022" + "dmask=0022" + ]; }; swapDevices = [ diff --git a/hosts/Nixcloud/hardware-configuration.nix b/hosts/Nixcloud/hardware-configuration.nix index c0db864..56c06ac 100644 --- a/hosts/Nixcloud/hardware-configuration.nix +++ b/hosts/Nixcloud/hardware-configuration.nix @@ -1,11 +1,19 @@ { modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - + nixpkgs.hostPlatform = "x86_64-linux"; - + boot.loader.grub.device = "/dev/sda"; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + "vmw_pvscsi" + ]; boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; } diff --git a/hosts/Nixstation/hardware-configuration.nix b/hosts/Nixstation/hardware-configuration.nix index 4c38ab4..e96aaa4 100644 --- a/hosts/Nixstation/hardware-configuration.nix +++ b/hosts/Nixstation/hardware-configuration.nix @@ -1,8 +1,9 @@ -{ config -, lib -, modulesPath -, pkgs -, ... +{ + config, + lib, + modulesPath, + pkgs, + ... }: { @@ -21,15 +22,19 @@ "sd_mod" "xhci_pci" ]; - kernelParams = [ # used to improve VM perfomance (guix experiments) + kernelParams = [ + # used to improve VM perfomance (guix experiments) "amd_pstate=active" "usbcore.autosuspend=-1" - "hugepagesz=1G" - "hugepages=16" + "hugepagesz=1G" + "hugepages=16" "default_hugepagesz=1G" ]; initrd.kernelModules = [ ]; - kernelModules = [ "kvm-amd" "iwlwifi" ]; + kernelModules = [ + "kvm-amd" + "iwlwifi" + ]; extraModulePackages = [ ]; }; fileSystems = { diff --git a/hosts/common/default.nix b/hosts/common/default.nix index ff8ab56..9aae68a 100644 --- a/hosts/common/default.nix +++ b/hosts/common/default.nix @@ -15,12 +15,12 @@ (final: prev: { libnitrokey = prev.libnitrokey.overrideAttrs (old: { cmakeFlags = (old.cmakeFlags or [ ]) ++ [ - "-DCMAKE_POLICY_VERSION_MINIMUM=3.5" + "-DCMAKE_POLICY_VERSION_MINIMUM=3.5" ]; }); epsonscan2 = prev.epsonscan2.overrideAttrs (old: { cmakeFlags = (old.cmakeFlags or [ ]) ++ [ - "-DCMAKE_POLICY_VERSION_MINIMUM=3.5" + "-DCMAKE_POLICY_VERSION_MINIMUM=3.5" ]; }); }) @@ -102,7 +102,7 @@ enable = true; drivers = [ pkgs.epson-escpr ]; }; - + pcscd.enable = true; # xserver.displayManager.sessionCommands = # "${pkgs.xorg.xmodmap}/bin/xmodmap -e 'keycode 64 = Alt_L'"; diff --git a/hosts/common/network.nix b/hosts/common/network.nix index afed8af..9746e01 100644 --- a/hosts/common/network.nix +++ b/hosts/common/network.nix @@ -38,7 +38,7 @@ # openssh.settings.X11Forwarding = true; }; - virtualisation ={ + virtualisation = { docker = { enable = true; logDriver = "journald"; @@ -71,21 +71,21 @@ "guest account" = "nobody"; "map to guest" = "bad user"; security = "user"; - # used for xp priter vm - # # Windows XP compatibility settings - # "server min protocol" = "NT1"; # Enable SMB1 for Windows XP - # "client min protocol" = "NT1"; - # "ntlm auth" = "yes"; # Required for Windows XP - # "lanman auth" = "yes"; # Required for Windows XP - # }; - # # Share for Windows XP access - # "shared" = { - # "path" = "/home/thiago/shared"; - # "browseable" = "yes"; - # "read only" = "no"; - # "guest ok" = "yes"; - # "create mask" = "0644"; - # "directory mask" = "0755"; + # used for xp priter vm + # # Windows XP compatibility settings + # "server min protocol" = "NT1"; # Enable SMB1 for Windows XP + # "client min protocol" = "NT1"; + # "ntlm auth" = "yes"; # Required for Windows XP + # "lanman auth" = "yes"; # Required for Windows XP + # }; + # # Share for Windows XP access + # "shared" = { + # "path" = "/home/thiago/shared"; + # "browseable" = "yes"; + # "read only" = "no"; + # "guest ok" = "yes"; + # "create mask" = "0644"; + # "directory mask" = "0755"; }; }; }; diff --git a/hosts/common/nvidia/default.nix b/hosts/common/nvidia/default.nix index 5f2ef99..323dafd 100644 --- a/hosts/common/nvidia/default.nix +++ b/hosts/common/nvidia/default.nix @@ -1,6 +1,7 @@ -{ pkgs -, config -, ... +{ + pkgs, + config, + ... }: { boot = { diff --git a/hosts/common/nvidia/passthrough.nix b/hosts/common/nvidia/passthrough.nix index 9b5adf4..b58199e 100644 --- a/hosts/common/nvidia/passthrough.nix +++ b/hosts/common/nvidia/passthrough.nix @@ -1,6 +1,7 @@ # Under maintanence -{ pkgs -, ... +{ + pkgs, + ... }: let # Optional helper for manual (re)binding at runtime diff --git a/hosts/common/users/thiago/default.nix b/hosts/common/users/thiago/default.nix index 0d0f0de..18a01d5 100644 --- a/hosts/common/users/thiago/default.nix +++ b/hosts/common/users/thiago/default.nix @@ -13,7 +13,7 @@ in "scard" "wheel" "lp" - "scanner" + "scanner" ] ++ ifTheyExist [ "docker" diff --git a/hosts/husky.nix b/hosts/husky.nix index 78eb612..555a4a8 100644 --- a/hosts/husky.nix +++ b/hosts/husky.nix @@ -5,11 +5,13 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; }; - outputs = { self, nixpkgs, ... }: + outputs = + { self, nixpkgs, ... }: let system = "aarch64-linux"; pkgs = import nixpkgs { inherit system; }; - in { + in + { devShells.${system}.default = pkgs.mkShell { buildInputs = with pkgs; [ git @@ -26,4 +28,3 @@ }; }; } - From a84e66b4a236e2d549e71a70cd1810d473f9652b Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 15 Jan 2026 14:15:38 -0300 Subject: [PATCH 14/25] chore: emacs config --- home-manager/emacs/doom/custom.el | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 home-manager/emacs/doom/custom.el diff --git a/home-manager/emacs/doom/custom.el b/home-manager/emacs/doom/custom.el new file mode 100644 index 0000000..b77df85 --- /dev/null +++ b/home-manager/emacs/doom/custom.el @@ -0,0 +1,13 @@ +;;; -*- lexical-binding: t -*- +(custom-set-variables + ;; custom-set-variables was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + '(package-selected-packages '(vterm))) +(custom-set-faces + ;; custom-set-faces was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + ) From cd02abbf62430110cf9fd1afcea1d5925b393d64 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 15 Jan 2026 14:30:45 -0300 Subject: [PATCH 15/25] fix: Nixcloud correct configuration for the host --- hosts/Nixcloud/default.nix | 86 +++++++++++++---------- hosts/Nixcloud/hardware-configuration.nix | 16 ++--- hosts/Nixcloud/networking.nix | 6 +- 3 files changed, 58 insertions(+), 50 deletions(-) diff --git a/hosts/Nixcloud/default.nix b/hosts/Nixcloud/default.nix index e2670e3..6440f99 100644 --- a/hosts/Nixcloud/default.nix +++ b/hosts/Nixcloud/default.nix @@ -9,13 +9,57 @@ imports = [ ./hardware-configuration.nix ./networking.nix + ]; + boot.loader.grub = { + enable = true; + efiSupport = true; # Enable EFI features + efiInstallAsRemovable = true; # Force install without accessing BIOS variables + }; boot.tmp.cleanOnBoot = true; + nix = { + registry = (lib.mapAttrs (_: flake: { inherit flake; })) ( + (lib.filterAttrs (_: lib.isType "flake")) inputs + ); + + nixPath = [ "/etc/nix/path" ]; + + settings = { + download-buffer-size = "512M"; + experimental-features = "nix-command flakes"; + auto-optimise-store = true; + }; + }; + + environment = { + shells = with pkgs; [ bash ]; + etc = lib.mapAttrs' (name: value: { + name = "nix/path/${name}"; + value.source = value.flake; + }) config.nix.registry; + systemPackages = with pkgs; [ + git + sops + wget + ]; + }; + zramSwap.enable = true; + programs = { + gnupg = { + agent = { + enableSSHSupport = true; + enable = true; + pinentryPackage = pkgs.pinentry-tty; + }; + }; + }; networking.hostName = "srv1065175"; networking.domain = "hstgr.cloud"; + services.openssh.enable = true; + users.users = { root.openssh.authorizedKeys.keyFiles = [ (builtins.fetchurl { @@ -32,44 +76,10 @@ }) ]; }; - system.stateVersion = "23.11"; - - environment = { - shells = with pkgs; [ bash ]; - etc = lib.mapAttrs' (name: value: { - name = "nix/path/${name}"; - value.source = value.flake; - }) config.nix.registry; - systemPackages = with pkgs; [ - git - sops - wget - ]; - }; - - nix = { - registry = (lib.mapAttrs (_: flake: { inherit flake; })) ( - (lib.filterAttrs (_: lib.isType "flake")) inputs - ); - - nixPath = [ "/etc/nix/path" ]; - - settings = { - download-buffer-size = "512M"; - experimental-features = "nix-command flakes"; - auto-optimise-store = true; - }; - }; - - programs = { - gnupg = { - agent = { - enableSSHSupport = true; - enable = true; - pinentryPackage = pkgs.pinentry-tty; - }; - }; - }; + boot.kernelParams = [ + "console=tty1" + "console=ttyS0,115200" + ]; time.timeZone = "America/Sao_Paulo"; } diff --git a/hosts/Nixcloud/hardware-configuration.nix b/hosts/Nixcloud/hardware-configuration.nix index 56c06ac..430838a 100644 --- a/hosts/Nixcloud/hardware-configuration.nix +++ b/hosts/Nixcloud/hardware-configuration.nix @@ -1,19 +1,17 @@ { modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot.loader.grub.device = "nodev"; - nixpkgs.hostPlatform = "x86_64-linux"; - - boot.loader.grub.device = "/dev/sda"; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" - "vmw_pvscsi" - ]; + "vmw_pvscsi" ]; boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { - device = "/dev/sda1"; - fsType = "ext4"; + fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + fileSystems."/boot" = { + device = "/dev/sda15"; + fsType = "vfat"; }; -} +} \ No newline at end of file diff --git a/hosts/Nixcloud/networking.nix b/hosts/Nixcloud/networking.nix index 82cf395..5c58c54 100644 --- a/hosts/Nixcloud/networking.nix +++ b/hosts/Nixcloud/networking.nix @@ -1,10 +1,10 @@ { lib, ... }: { + # This file was populated at runtime with the networking + # details gathered from the active system. networking = { nameservers = [ - "45.143.83.10" - "1.1.1.1" - "8.8.4.4" + "8.8.8.8" ]; defaultGateway = "72.61.129.254"; defaultGateway6 = { From c2e79022d1d1fd84285f173d5a5b3a77ae11934c Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 15 Jan 2026 14:38:28 -0300 Subject: [PATCH 16/25] fix: update keys hash --- hosts/Nixcloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/Nixcloud/default.nix b/hosts/Nixcloud/default.nix index 6440f99..1466ab4 100644 --- a/hosts/Nixcloud/default.nix +++ b/hosts/Nixcloud/default.nix @@ -65,14 +65,14 @@ (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; name = "sposito-srht-keys"; - sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc"; + sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; }) ]; nimbus.openssh.authorizedKeys.keys = [ (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; name = "sposito-srht-keys"; - sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc"; + sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; }) ]; }; From b0f14a29bbc8300db585564accff1674e1690f00 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 15 Jan 2026 14:40:47 -0300 Subject: [PATCH 17/25] Revert "fix: update keys hash" This reverts commit c2e79022d1d1fd84285f173d5a5b3a77ae11934c. --- hosts/Nixcloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/Nixcloud/default.nix b/hosts/Nixcloud/default.nix index 1466ab4..6440f99 100644 --- a/hosts/Nixcloud/default.nix +++ b/hosts/Nixcloud/default.nix @@ -65,14 +65,14 @@ (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; name = "sposito-srht-keys"; - sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; + sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc"; }) ]; nimbus.openssh.authorizedKeys.keys = [ (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; name = "sposito-srht-keys"; - sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; + sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc"; }) ]; }; From eb227623b5656e7ff3e23cb373d72310989a8213 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 15 Jan 2026 14:58:23 -0300 Subject: [PATCH 18/25] fix: add hostPlatform to nixcloud --- hosts/Nixcloud/hardware-configuration.nix | 27 ++++++++++++++--------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/hosts/Nixcloud/hardware-configuration.nix b/hosts/Nixcloud/hardware-configuration.nix index 430838a..147a8f5 100644 --- a/hosts/Nixcloud/hardware-configuration.nix +++ b/hosts/Nixcloud/hardware-configuration.nix @@ -1,17 +1,24 @@ -{ modulesPath, ... }: +{ modulesPath, lib, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.loader.grub.device = "nodev"; - - boot.initrd.availableKernelModules = [ - "ata_piix" - "uhci_hcd" - "xen_blkfront" - "vmw_pvscsi" ]; boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + boot.loader.grub.device = "nodev"; + + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; fileSystems."/boot" = { device = "/dev/sda15"; fsType = "vfat"; }; -} \ No newline at end of file + + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "vmw_pvscsi" + "xen_blkfront" + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} From b9302a7d22fab070ce16396077c19c03bc071eab Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 15 Jan 2026 15:01:07 -0300 Subject: [PATCH 19/25] fix: update hash key --- hosts/Nixcloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/Nixcloud/default.nix b/hosts/Nixcloud/default.nix index 6440f99..1466ab4 100644 --- a/hosts/Nixcloud/default.nix +++ b/hosts/Nixcloud/default.nix @@ -65,14 +65,14 @@ (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; name = "sposito-srht-keys"; - sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc"; + sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; }) ]; nimbus.openssh.authorizedKeys.keys = [ (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; name = "sposito-srht-keys"; - sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc"; + sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; }) ]; }; From 7f5ad94534df8327c414c68543a494ab5b3e2b49 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Thu, 15 Jan 2026 15:07:21 -0300 Subject: [PATCH 20/25] fix: add normaluser --- hosts/Nixcloud/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/Nixcloud/default.nix b/hosts/Nixcloud/default.nix index 1466ab4..848e7f2 100644 --- a/hosts/Nixcloud/default.nix +++ b/hosts/Nixcloud/default.nix @@ -68,6 +68,7 @@ sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; }) ]; + nimbus.isNormalUser = true; nimbus.openssh.authorizedKeys.keys = [ (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; From 0251529a8a79e195c935c0f4346512160ab9df31 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Sun, 18 Jan 2026 20:40:32 -0300 Subject: [PATCH 21/25] feat: add email integration with mu4e and protonmail-bridge - Configure mu4e in Doom Emacs with Proton mail account - Add protonmail-bridge service and mbsync/msmtp for mail sync - Integrate sops-nix for secrets management (mail password) - Create mail.nix with full IMAP/SMTP configuration - Add ComfyUI user service module - Add custom ASCII banner for Doom dashboard - Enable nix module in Doom Emacs - Add force-quit gnome extension - Ignore secrets directory in git - also add comfy-ui --- .gitignore | 2 +- flake.lock | 16 ++++--- flake.nix | 3 +- home-manager/emacs/default.nix | 2 + home-manager/emacs/doom/banner.txt | 13 ++++++ home-manager/emacs/doom/config.el | 30 +++++++++++++ home-manager/emacs/doom/init.el | 13 +++--- home-manager/gnome/default.nix | 1 + home-manager/home.nix | 33 ++++++++++++--- home-manager/mail.nix | 58 +++++++++++++++++++++++++ home-manager/services/comfy-ui.nix | 61 +++++++++++++++++++++++++++ home-manager/services/default.nix | 7 +++ hosts/common/network.nix | 2 +- hosts/common/users/thiago/default.nix | 1 + 14 files changed, 220 insertions(+), 22 deletions(-) create mode 100644 home-manager/emacs/doom/banner.txt create mode 100644 home-manager/mail.nix create mode 100644 home-manager/services/comfy-ui.nix create mode 100644 home-manager/services/default.nix diff --git a/.gitignore b/.gitignore index 061818a..3f189cc 100644 --- a/.gitignore +++ b/.gitignore @@ -9,7 +9,7 @@ .DS_Store Thumbs.db ehthumbs.db - +secrets # === Editor Configs === .vscode/ .idea/ diff --git a/flake.lock b/flake.lock index da015d9..0a7908a 100644 --- a/flake.lock +++ b/flake.lock @@ -201,14 +201,18 @@ "secrets": { "flake": false, "locked": { - "path": "git@git.sr.ht/~sposito/secrets", - "type": "path" + "lastModified": 1768616087, + "narHash": "sha256-A/3XkeLfNCRUJYMa9f44VYsv6tWYuIMeDrra1J5GYqs=", + "ref": "refs/heads/main", + "rev": "d540ed7731df4e19a15afe810630e5c7786630c4", + "revCount": 3, + "type": "git", + "url": "ssh://git@git.sr.ht/~sposito/secrets" }, "original": { - "path": "git@git.sr.ht/~sposito/secrets", - "type": "path" - }, - "parent": [] + "type": "git", + "url": "ssh://git@git.sr.ht/~sposito/secrets" + } }, "sops-nix": { "inputs": { diff --git a/flake.nix b/flake.nix index ecf9615..a7a5326 100644 --- a/flake.nix +++ b/flake.nix @@ -21,7 +21,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; secrets = { - url = "git@git.sr.ht/~sposito/secrets"; + url = "git+ssh://git@git.sr.ht/~sposito/secrets"; flake = false; }; }; @@ -95,6 +95,7 @@ modules = [ ./home-manager/nixstation.nix + inputs.sops-nix.homeManagerModules.sops ]; }; }; diff --git a/home-manager/emacs/default.nix b/home-manager/emacs/default.nix index b269ea1..bab4d66 100644 --- a/home-manager/emacs/default.nix +++ b/home-manager/emacs/default.nix @@ -21,6 +21,8 @@ emacsPackages.vterm emacsPackages.treemacs emacsPackages.doom + emacsPackages.mu4e + mu sbcl ]; diff --git a/home-manager/emacs/doom/banner.txt b/home-manager/emacs/doom/banner.txt new file mode 100644 index 0000000..11066d0 --- /dev/null +++ b/home-manager/emacs/doom/banner.txt @@ -0,0 +1,13 @@ + + █████████ ███ █████ + ███░░░░░███ ░░░ ░░███ + ░███ ░░░ ████████ ██████ █████ ████ ███████ ██████ + ░░█████████ ░░███░░███ ███░░███ ███░░ ░░███ ░░░███░ ███░░███ + ░░░░░░░░███ ░███ ░███░███ ░███░░█████ ░███ ░███ ░███ ░███ + ███ ░███ ░███ ░███░███ ░███ ░░░░███ ░███ ░███ ███░███ ░███ + ░░█████████ ░███████ ░░██████ ██████ █████ ██ ░░█████ ░░██████ + ░░░░░░░░░ ░███░░░ ░░░░░░ ░░░░░░ ░░░░░ ░░ ░░░░░ ░░░░░░ + ░███ ___ __ __ __ ___ __ + █████ | __| V |/ \ / _//' _/ + ░░░░░ | _|| \_/ | /\ | \__`._`. + |___|_| |_|_||_|\__/|___/ diff --git a/home-manager/emacs/doom/config.el b/home-manager/emacs/doom/config.el index b06e857..0e12f70 100644 --- a/home-manager/emacs/doom/config.el +++ b/home-manager/emacs/doom/config.el @@ -1,7 +1,18 @@ ;;; $DOOMDIR/config.el -*- lexical-binding: t; -*- +;; Add NixOS mu4e to load-path +(let ((mu4e-dir (car (file-expand-wildcards "~/.nix-profile/share/emacs/site-lisp/elpa/mu4e-*")))) + (when mu4e-dir + (add-to-list 'load-path mu4e-dir))) (add-hook 'scheme-mode-hook #'smartparens-strict-mode) +(defun my-doom-ascii-banner () + (let ((banner-file (expand-file-name "banner.txt" doom-user-dir))) + (when (file-exists-p banner-file) + (insert-file-contents banner-file)))) + +(setq +doom-dashboard-ascii-banner-fn #'my-doom-ascii-banner) + (use-package! lsp-mode :config (add-to-list 'lsp-language-id-configuration '(fennel-mode . "fennel")) @@ -45,3 +56,22 @@ (map! :desc "Toggle terminal (vterm)" "C-~" #'vterm) +(after! mu4e + (setq mu4e-get-mail-command "mbsync -a" + mu4e-update-interval 300 + mu4e-maildir "~/Maildir" + mu4e-change-filenames-when-moving t + sendmail-program "msmtp" + send-mail-function #'sendmail-send-it + message-sendmail-f-is-evil t + message-sendmail-extra-arguments '("--read-envelope-from") + message-send-mail-function #'message-send-mail-with-sendmail) + + (set-email-account! "Proton" + '((mu4e-sent-folder . "/proton/Sent") + (mu4e-drafts-folder . "/proton/Drafts") + (mu4e-trash-folder . "/proton/Trash") + (mu4e-refile-folder . "/proton/Archive") + (user-mail-address . "th.spo@pm.me") + (user-full-name . "Thiago Sposito")) + t)) diff --git a/home-manager/emacs/doom/init.el b/home-manager/emacs/doom/init.el index 80a72f0..77d4a21 100644 --- a/home-manager/emacs/doom/init.el +++ b/home-manager/emacs/doom/init.el @@ -100,7 +100,7 @@ (eval +overlay) ; run code, run (also, repls) lookup ; navigate your code and its documentation llm ; when I said you needed friends, I didn't mean... - (lsp +peek) + lsp ;;(lsp +eglot) ; M-x vscode magit ; a git porcelain for Emacs ;;make ; run make tasks from Emacs @@ -111,8 +111,8 @@ tree-sitter ; syntax and parsing, sitting in a tree... upload ; map local to remote projects via ssh/ftp - :os - (:if (featurep :system 'macos) macos) ; improve compatibility with macOS + ; :os + ;(:if (featurep :system 'macos) macos) ; improve compatibility with macOS ;;tty ; improve the terminal Emacs experience :lang @@ -156,7 +156,7 @@ (lua +fennel +lsp) ; one-based indices? one-based indices markdown ; writing docs for people to ignore ;;nim ; python + lisp at the speed of c - ;;nix ; I hereby declare "nix geht mehr!" + nix ; I hereby declare "nix geht mehr!" ;;ocaml ; an objective camel org ; organize your plain life in plain text ;;php ; perl's insecure younger brother @@ -183,11 +183,12 @@ ;;zig ; C, but simpler :email - ;;(mu4e +org +gmail) + (mu4e +mbsync +org) + ;;notmuch ;;(wanderlust +gmail) - :app: + :app ;;calendar ;;emms ;;everywhere ; *leave* Emacs!? You must be joking diff --git a/home-manager/gnome/default.nix b/home-manager/gnome/default.nix index cfc6359..593eebc 100644 --- a/home-manager/gnome/default.nix +++ b/home-manager/gnome/default.nix @@ -30,6 +30,7 @@ home.packages = with pkgs; [ gnome-tweaks gnomeExtensions.appindicator + gnomeExtensions.force-quit gnomeExtensions.forge gnomeExtensions.gsconnect gnomeExtensions.pop-shell diff --git a/home-manager/home.nix b/home-manager/home.nix index 544cfe4..0c871a8 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -2,6 +2,7 @@ pkgs, lib, inputs, + sops, ... }: let @@ -25,7 +26,9 @@ in ./gnome ./icons.nix ./nvim + ./services ./zsh.nix + ./mail.nix ]; nixpkgs = { @@ -77,6 +80,7 @@ in pandoc pinentry-curses podman + protonmail-bridge python3 racket ripgrep @@ -163,19 +167,34 @@ in background_opacity = 1.0; }; }; - + mbsync.enable = true; vscode = { enable = true; }; }; - services.gpg-agent = { - enable = true; - enableZshIntegration = true; - pinentry.package = pkgs.pinentry-curses; - }; + services = { - #systemd.user.startServices = "sd-switch"; + gpg-agent = { + enable = true; + enableZshIntegration = true; + pinentry.package = pkgs.pinentry-curses; + }; + + protonmail-bridge = { + enable = true; + extraPackages = [ + pkgs.gnome-keyring + ]; + + }; + + }; + sops = { + gnupg.home = "/home/thiago/.gnupg"; + age.keyFile = null; # We are using the Nitrokey (PGP) instead + }; + #systemd.user.startServices = "sd-switch"; home.stateVersion = "25.11"; # sops configuration diff --git a/home-manager/mail.nix b/home-manager/mail.nix new file mode 100644 index 0000000..4701132 --- /dev/null +++ b/home-manager/mail.nix @@ -0,0 +1,58 @@ +{ + pkgs, + config, + sops, + secrets, + ... +}: +{ + sops.secrets = { + "mailpass" = { + sopsFile = secrets.outPath + "/mail.yaml"; + key = "password"; + }; + }; + + accounts.email.accounts.proton = { + primary = true; + address = "th.spo@pm.me"; + userName = "thiago@sposito.ch"; + realName = "Thiago Sposito"; + passwordCommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets.mailpass.path}"; + imap = { + host = "127.0.0.1"; + port = 1143; + tls.enable = true; + }; + + smtp = { + host = "127.0.0.1"; + port = 1025; + tls.enable = true; + }; + + mbsync = { + enable = true; + create = "maildir"; + expunge = "both"; + extraConfig.account = { + SSLType = "STARTTLS"; + TLSType = "STARTTLS"; + CertificateFile = "~/.config/protonmail/bridge-v3/cert.pem"; + AuthMechs = "LOGIN"; + }; + }; + + msmtp = { + enable = true; + extraConfig = { + tls_starttls = "on"; + tls_certcheck = "off"; + }; + }; + }; + + programs.mbsync.enable = true; + programs.msmtp.enable = true; + programs.mu.enable = true; +} diff --git a/home-manager/services/comfy-ui.nix b/home-manager/services/comfy-ui.nix new file mode 100644 index 0000000..c61a129 --- /dev/null +++ b/home-manager/services/comfy-ui.nix @@ -0,0 +1,61 @@ +{ pkgs, config, lib, ... }: + +let + comfyuiSrc = pkgs.fetchFromGitHub { + owner = "Comfy-Org"; + repo = "ComfyUI"; + rev = "master"; + sha256 = "PQfZ0PD/PQn49ElGdzt/El8JrU7clETcLi/6ZUxm8f8="; + }; + + dataDir = "${config.home.homeDirectory}/.local/share/comfyui"; + venvDir = "${dataDir}/.venv"; + + startScript = pkgs.writeShellScript "comfyui-start" '' + set -e + + export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:${pkgs.zlib}/lib:${pkgs.libGL}/lib:/run/opengl-driver/lib:$LD_LIBRARY_PATH" + + mkdir -p ${dataDir} + + # Copy source if not exists or update + if [ ! -f "${dataDir}/main.py" ]; then + cp -r ${comfyuiSrc}/* ${dataDir}/ + chmod -R u+w ${dataDir} + fi + + cd ${dataDir} + + # Create venv on first run + if [ ! -d "${venvDir}" ]; then + ${pkgs.python313}/bin/python -m venv ${venvDir} + ${venvDir}/bin/pip install --upgrade pip + fi + + # Always ensure deps are installed + if [ ! -f "${venvDir}/.deps-installed" ]; then + ${venvDir}/bin/pip install torch torchvision torchaudio --extra-index-url https://download.pytorch.org/whl/cu124 + ${venvDir}/bin/pip install -r requirements.txt + touch ${venvDir}/.deps-installed + fi + + exec ${venvDir}/bin/python main.py "$@" + ''; +in +{ + home.packages = [ pkgs.python313 pkgs.git ]; + + systemd.user.services.comfy-ui = { + Unit = { + Description = "ComfyUI"; + After = [ "network.target" ]; + }; + Service = { + Type = "simple"; + ExecStart = "${startScript}"; + Restart = "on-failure"; + Environment = [ "CUDA_VISIBLE_DEVICES=0" ]; + }; + Install.WantedBy = [ "default.target" ]; + }; +} \ No newline at end of file diff --git a/home-manager/services/default.nix b/home-manager/services/default.nix new file mode 100644 index 0000000..5cf99f7 --- /dev/null +++ b/home-manager/services/default.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + imports = [ + ./comfy-ui.nix + ]; +} + diff --git a/hosts/common/network.nix b/hosts/common/network.nix index 9746e01..80952e0 100644 --- a/hosts/common/network.nix +++ b/hosts/common/network.nix @@ -21,7 +21,7 @@ ]; }; }; - + security.pki.certificateFiles = [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]; services = { opensnitch = { enable = true; diff --git a/hosts/common/users/thiago/default.nix b/hosts/common/users/thiago/default.nix index 18a01d5..2309871 100644 --- a/hosts/common/users/thiago/default.nix +++ b/hosts/common/users/thiago/default.nix @@ -38,4 +38,5 @@ in packages = [ pkgs.home-manager ]; }; + } From 91587da1cb26c47211a9a90ba1382b67f53d4ff4 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Mon, 26 Jan 2026 10:54:04 -0300 Subject: [PATCH 22/25] feat: emacs config --- home-manager/emacs/doom/early-init.el | 11 ++++ home-manager/emacs/doom/init.el | 8 +-- home-manager/services/comfy-ui.nix | 90 +++++++++++++++++++++++++-- home-manager/services/default.nix | 1 + 4 files changed, 102 insertions(+), 8 deletions(-) create mode 100644 home-manager/emacs/doom/early-init.el diff --git a/home-manager/emacs/doom/early-init.el b/home-manager/emacs/doom/early-init.el new file mode 100644 index 0000000..9439656 --- /dev/null +++ b/home-manager/emacs/doom/early-init.el @@ -0,0 +1,11 @@ +;;; early-init.el -*- lexical-binding: t; -*- + +;; Set the background early to prevent the white flash +(setq default-frame-alist + '((background-color . "#282c34") ; Standard Doom One background + (vertical-scroll-bars . nil) + (tool-bar-lines . 0) + (menu-bar-lines . 0))) + +;; Ensure the title bar is dark on macOS/compatible systems +(add-to-list 'default-frame-alist '(ns-appearance . dark)) diff --git a/home-manager/emacs/doom/init.el b/home-manager/emacs/doom/init.el index 77d4a21..965e2de 100644 --- a/home-manager/emacs/doom/init.el +++ b/home-manager/emacs/doom/init.el @@ -105,7 +105,7 @@ magit ; a git porcelain for Emacs ;;make ; run make tasks from Emacs pass ; password manager for nerds - ;;pdf ; pdf enhancements + (pdf +org) ; pdf enhancements ;;terraform ; infrastructure as code ;;tmux ; an API for interacting with tmux tree-sitter ; syntax and parsing, sitting in a tree... @@ -172,7 +172,7 @@ ;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"} ;;(rust +lsp) ; Fe2O3.unwrap().unwrap().unwrap().unwrap() ;;scala ; java, but good - (scheme +guile) ; a fully conniving family of lisps + (scheme +guile +chez) ; a fully conniving family of lisps sh ; she sells {ba,z,fi}sh shells on the C xor ;;sml ;;solidity ; do you need a blockchain? No. @@ -192,8 +192,8 @@ ;;calendar ;;emms ;;everywhere ; *leave* Emacs!? You must be joking - ;;irc ; how neckbeards socialize - ;;(rss +org) ; emacs as an RSS reader + irc ; how neckbeards socialize + (rss +org) ; emacs as an RSS reader :config ;;literate diff --git a/home-manager/services/comfy-ui.nix b/home-manager/services/comfy-ui.nix index c61a129..ac48957 100644 --- a/home-manager/services/comfy-ui.nix +++ b/home-manager/services/comfy-ui.nix @@ -4,26 +4,96 @@ let comfyuiSrc = pkgs.fetchFromGitHub { owner = "Comfy-Org"; repo = "ComfyUI"; - rev = "master"; + rev = "v0.9.2"; sha256 = "PQfZ0PD/PQn49ElGdzt/El8JrU7clETcLi/6ZUxm8f8="; }; + controlnetAux = pkgs.fetchFromGitHub { + owner = "Fannovel16"; + repo = "comfyui_controlnet_aux"; + rev = "136f125c89aed92ced1b6fbb491e13719b72fcc0"; + sha256 = "DlspkqzN7Ls8kXWQMtVQygzsgu/z6FtjMqDthuza/Kc="; + }; + + ipAdapter = pkgs.fetchFromGitHub { + owner = "cubiq"; + repo = "ComfyUI_IPAdapter_plus"; + rev = "main"; + sha256 = "Ft9WJcmjzon2tAMJq5na24iqYTnQWEQFSKUElSVwYgw="; + }; + + toolingNodes = pkgs.fetchFromGitHub { + owner = "Acly"; + repo = "comfyui-tooling-nodes"; + rev = "main"; + sha256 = "tVvpVWDpihy7zdV/L7cOpsWE68l15xKIwuM3EriUM+Y="; + }; + + inpaintNodes = pkgs.fetchFromGitHub { + owner = "Acly"; + repo = "comfyui-inpaint-nodes"; + rev = "main"; + sha256 = "Uy6ppXNAQAOIkmoJB8miAzVUXZ0Elyp+w+kwNxWZjvo="; + }; + dataDir = "${config.home.homeDirectory}/.local/share/comfyui"; venvDir = "${dataDir}/.venv"; + customNodesDir = "${dataDir}/custom_nodes"; + kritaModelsDir = "${config.home.homeDirectory}/.var/app/org.kde.krita/data/krita/ai_diffusion/server/models"; startScript = pkgs.writeShellScript "comfyui-start" '' set -e - export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:${pkgs.zlib}/lib:${pkgs.libGL}/lib:/run/opengl-driver/lib:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:${pkgs.zlib}/lib:${pkgs.libGL}/lib:${pkgs.glib}/lib:${pkgs.xorg.libxcb}/lib:${pkgs.xorg.libX11}/lib:${pkgs.xorg.libXext}/lib:/run/opengl-driver/lib:$LD_LIBRARY_PATH" mkdir -p ${dataDir} + mkdir -p ${customNodesDir} - # Copy source if not exists or update + # Copy source if not exists if [ ! -f "${dataDir}/main.py" ]; then cp -r ${comfyuiSrc}/* ${dataDir}/ chmod -R u+w ${dataDir} fi + # Create extra_model_paths.yaml to use Krita AI Diffusion models + cat > ${dataDir}/extra_model_paths.yaml << EOF +krita_ai: + base_path: ${kritaModelsDir} + checkpoints: checkpoints/ + clip_vision: clip_vision/ + controlnet: controlnet/ + diffusion_models: diffusion_models/ + embeddings: embeddings/ + inpaint: inpaint/ + ipadapter: ipadapter/ + loras: loras/ + style_models: style_models/ + text_encoders: text_encoders/ + upscale_models: upscale_models/ + vae: vae/ +EOF + + # Install custom nodes + if [ ! -d "${customNodesDir}/comfyui_controlnet_aux" ]; then + cp -r ${controlnetAux} ${customNodesDir}/comfyui_controlnet_aux + chmod -R u+w ${customNodesDir}/comfyui_controlnet_aux + fi + + if [ ! -d "${customNodesDir}/ComfyUI_IPAdapter_plus" ]; then + cp -r ${ipAdapter} ${customNodesDir}/ComfyUI_IPAdapter_plus + chmod -R u+w ${customNodesDir}/ComfyUI_IPAdapter_plus + fi + + if [ ! -d "${customNodesDir}/comfyui-tooling-nodes" ]; then + cp -r ${toolingNodes} ${customNodesDir}/comfyui-tooling-nodes + chmod -R u+w ${customNodesDir}/comfyui-tooling-nodes + fi + + if [ ! -d "${customNodesDir}/comfyui-inpaint-nodes" ]; then + cp -r ${inpaintNodes} ${customNodesDir}/comfyui-inpaint-nodes + chmod -R u+w ${customNodesDir}/comfyui-inpaint-nodes + fi + cd ${dataDir} # Create venv on first run @@ -32,13 +102,25 @@ let ${venvDir}/bin/pip install --upgrade pip fi - # Always ensure deps are installed + # Install deps if [ ! -f "${venvDir}/.deps-installed" ]; then ${venvDir}/bin/pip install torch torchvision torchaudio --extra-index-url https://download.pytorch.org/whl/cu124 ${venvDir}/bin/pip install -r requirements.txt touch ${venvDir}/.deps-installed fi + # Install custom nodes deps + if [ ! -f "${venvDir}/.custom-nodes-installed" ]; then + for node in ${customNodesDir}/*/; do + if [ -f "$node/requirements.txt" ]; then + # Replace opencv-python with headless version (no GUI deps) + sed 's/opencv-python>=/opencv-python-headless>=/g' "$node/requirements.txt" > /tmp/requirements_patched.txt + ${venvDir}/bin/pip install -r /tmp/requirements_patched.txt || true + fi + done + touch ${venvDir}/.custom-nodes-installed + fi + exec ${venvDir}/bin/python main.py "$@" ''; in diff --git a/home-manager/services/default.nix b/home-manager/services/default.nix index 5cf99f7..2332aca 100644 --- a/home-manager/services/default.nix +++ b/home-manager/services/default.nix @@ -5,3 +5,4 @@ ]; } + From d5db6daa8c7c3a6812c8a27401967741e12af42e Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Fri, 30 Jan 2026 14:40:40 -0300 Subject: [PATCH 23/25] feat: update fennel and luajit origins to alex-lib --- flake.lock | 43 +++++++++++++++++++++++++++ flake.nix | 7 +++++ home-manager/home.nix | 13 +++++--- home-manager/services/default.nix | 1 + hosts/common/users/thiago/default.nix | 2 +- 5 files changed, 61 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 0a7908a..18083c3 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,47 @@ { "nodes": { + "alex-lib": { + "inputs": { + "alex-utils": "alex-utils", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1769444523, + "narHash": "sha256-V3XO/kz0HiC0Y3SRF7L00/wIuHbZgW0scMMRmla3+Gc=", + "ref": "refs/heads/main", + "rev": "9aa030a1b1a9b372aec7d473ebeb34fdee4b637e", + "revCount": 27, + "type": "git", + "url": "https://git.sr.ht/~sposito/Alexandria" + }, + "original": { + "type": "git", + "url": "https://git.sr.ht/~sposito/Alexandria" + } + }, + "alex-utils": { + "inputs": { + "nixpkgs": [ + "alex-lib", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1768599245, + "narHash": "sha256-ooS9LXab+NLlNQlY3CNQqL/DdXIPTaF8gpphFOdbyfM=", + "ref": "refs/heads/main", + "rev": "e77ca47ba7ce0bbbb142b00a0318884a20b78f29", + "revCount": 27, + "type": "git", + "url": "https://git.sr.ht/~sposito/alex-utils" + }, + "original": { + "type": "git", + "url": "https://git.sr.ht/~sposito/alex-utils" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -189,6 +231,7 @@ }, "root": { "inputs": { + "alex-lib": "alex-lib", "home-manager": "home-manager", "icons": "icons", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index a7a5326..6755438 100644 --- a/flake.nix +++ b/flake.nix @@ -4,6 +4,11 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + alex-lib ={ + url = "git+https://git.sr.ht/~sposito/Alexandria"; + inputs.nixpkgs.follows = "nixpkgs"; + }; home-manager = { inputs.nixpkgs.follows = "nixpkgs"; url = "github:nix-community/home-manager/release-25.11"; @@ -76,6 +81,7 @@ pkgs = nixpkgs.legacyPackages.x86_64-linux; extraSpecialArgs = { inherit inputs outputs; + alex-lib = inputs.alex-lib; icons = inputs.icons; sops = inputs.sops-nix; secrets = inputs.secrets; @@ -88,6 +94,7 @@ pkgs = nixpkgs.legacyPackages.x86_64-linux; extraSpecialArgs = { inherit inputs outputs; + alex-lib = inputs.alex-lib; icons = inputs.icons; sops = inputs.sops-nix; secrets = inputs.secrets; diff --git a/home-manager/home.nix b/home-manager/home.nix index 0c871a8..a8d5c0f 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -3,11 +3,13 @@ lib, inputs, sops, + alex-lib, ... }: let + system = "x86_64-linux"; pkgsUnstable = import inputs.nixpkgs-unstable { - system = "x86_64-linux"; + inherit system; config.allowUnfree = true; config.allowUnfreePredicate = pkg: @@ -18,6 +20,7 @@ let "vscode" ]; }; + alpkgs = alex-lib.packages.${system}; in { imports = [ @@ -48,13 +51,17 @@ in home = { homeDirectory = "/home/thiago"; packages = with pkgs; [ + alpkgs.antifennel + alpkgs.fennel + alpkgs.fnlfmt + alpkgs.fennel-ls + alpkgs.luajit cmake pkgsUnstable.code-cursor pkgsUnstable.cursor-cli direnv distrobox fd - fennel-ls fira-code firefox glow @@ -64,9 +71,7 @@ in inkscape keymapp lazygit - luajit lua-language-server - luajitPackages.fennel luajitPackages.luacheck nerd-fonts.fira-code nil diff --git a/home-manager/services/default.nix b/home-manager/services/default.nix index 2332aca..40a5a8e 100644 --- a/home-manager/services/default.nix +++ b/home-manager/services/default.nix @@ -6,3 +6,4 @@ } + diff --git a/hosts/common/users/thiago/default.nix b/hosts/common/users/thiago/default.nix index 2309871..5bd8739 100644 --- a/hosts/common/users/thiago/default.nix +++ b/hosts/common/users/thiago/default.nix @@ -31,7 +31,7 @@ in (builtins.fetchurl { url = "https://meta.sr.ht/~sposito.keys"; name = "sposito-srht-keys"; - sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc"; + sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; }) ]; From 20e8bd96bd4c88dd3d74e7d92eac61f4b401e046 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Fri, 30 Jan 2026 15:25:37 -0300 Subject: [PATCH 24/25] chore: reconfigure nix cloud --- hosts/Nixcloud/default.nix | 85 +++++++---------------- hosts/Nixcloud/forgejo.nix | 41 +++++++++++ hosts/Nixcloud/hardware-configuration.nix | 18 +++-- 3 files changed, 73 insertions(+), 71 deletions(-) create mode 100644 hosts/Nixcloud/forgejo.nix diff --git a/hosts/Nixcloud/default.nix b/hosts/Nixcloud/default.nix index 848e7f2..3ff32b6 100644 --- a/hosts/Nixcloud/default.nix +++ b/hosts/Nixcloud/default.nix @@ -1,16 +1,11 @@ -{ - config, - inputs, - lib, - pkgs, - ... -}: +{ ... }: { imports = [ ./hardware-configuration.nix ./networking.nix - + ./forgejo.nix ]; + boot.loader.grub = { enable = true; efiSupport = true; # Enable EFI features @@ -18,69 +13,37 @@ }; boot.tmp.cleanOnBoot = true; - nix = { - registry = (lib.mapAttrs (_: flake: { inherit flake; })) ( - (lib.filterAttrs (_: lib.isType "flake")) inputs - ); - - nixPath = [ "/etc/nix/path" ]; - - settings = { - download-buffer-size = "512M"; - experimental-features = "nix-command flakes"; - auto-optimise-store = true; - }; - }; - - environment = { - shells = with pkgs; [ bash ]; - etc = lib.mapAttrs' (name: value: { - name = "nix/path/${name}"; - value.source = value.flake; - }) config.nix.registry; - systemPackages = with pkgs; [ - git - sops - wget - ]; - }; zramSwap.enable = true; - programs = { - gnupg = { - agent = { - enableSSHSupport = true; - enable = true; - pinentryPackage = pkgs.pinentry-tty; - }; - }; - }; + networking.hostName = "srv1065175"; networking.domain = "hstgr.cloud"; services.openssh.enable = true; - - users.users = { - root.openssh.authorizedKeys.keyFiles = [ - (builtins.fetchurl { - url = "https://meta.sr.ht/~sposito.keys"; - name = "sposito-srht-keys"; - sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; - }) - ]; - nimbus.isNormalUser = true; - nimbus.openssh.authorizedKeys.keys = [ - (builtins.fetchurl { - url = "https://meta.sr.ht/~sposito.keys"; - name = "sposito-srht-keys"; - sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi"; - }) - ]; + users.users.root.openssh.authorizedKeys.keys = [ + ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjC5EuxC6un3StoRkn1X1Mv09Mx1icGfN5fnlWRfqFPtiwAusJA+q0p2MktujY/+kDOpzExtjbXP5CtW7zcUfeitO26BY0WH106P4ttsq/0zzq5pmPXxGn9crN7JqFp3f9LMlL0F+3Oa0mJ6HcS2UgQEUYS6ofJBV1CLeMfkv75F+iy7AG1V9EaT4pvwdmAJ+6XXSo+UtadWOZGlWVRETyDcxa2H/aS/e+JrQfeAHM9f9cyeZqO9OHFWmuzHDc2T014+OhzzWnLUC/nUc1KUELvha1cT1ViMbcF62cjQXxip/5GGsIkw+7PdJFTn3ITwRO1+06qs6WnO4ceh8wIyOblUgTfRvIXkB7nnanC3CupqLbT+s/HeRiwnI4aih7lDrB717dPTy/ZfNXqxy1K51bZzRTXzkY+oUF1eqG37KvGoFZ6Zjf8KMrtTWBhqdIWV/kY4ZBTtvtiU81iXEWbobcyTzsIzKtZhCrGt+KxFUYV90u+ts3jrFdHIsN/tIzuEKz2ZZ8f749u2Q9jgIwe1KLtTwmSDjAV5gkbnE7ZDMB82pTzlwdrZ/VkCIu3/EtoWq3Y+NrKL4OzWL74Tzgsn28jvsegrnz5Lp24zPpNmBzCgbkwPStFjvp16G6pUiTLAAn9YiBqYbbvDbGxun55QMwYORGsdk5hISaC/cPzaUKkQ== thiago@sposito.ch'' + ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCWstSULudWNwPQxyS2J7Qygw8CozDDy8WsPjsYzKPI9s0B/KLU0g1oX42bBvn4DgNpzGrpb6IGHpRQohStt7vcOxb9XpfhIOcIr45gU3k3lcPjh6vj8/ZoNQlRDIfxs83RDImvveYABuI/Hq42mLV1kI5qnQHaJxuW73AuYKNzE3Z3PUl5Kw6MgzSZ96QlpiQDn/js7ZTBF/YZ18kPh9E9O1y+EDhcJ4gn38rFIMYMG/KbJB22hYyYQHo0WkJlZ2jScnjv1op2yHPM4lfjOnnyL+LhOQLN8VrHayDWXtJcIW0nEKT+1R/7qkSH/5ELA2c/gznfkdTDzfG8+P3WAzNF openpgp:0xC25417F1'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICRAJaRuXqVeAs/Y5CeTbyc9lSbyvchkVqiML/yl6wbh thiago@Nixbook'' + ]; + users.users.nimbus = { + isNormalUser = true; + extraGroups = [ "wheel" ]; }; + + security.sudo.extraRules = [ + { + users = [ "nimbus" ]; + commands = [ + { + command = "ALL"; + options = [ "NOPASSWD" ]; + } + ]; + } + ]; system.stateVersion = "23.11"; boot.kernelParams = [ "console=tty1" "console=ttyS0,115200" ]; - time.timeZone = "America/Sao_Paulo"; } diff --git a/hosts/Nixcloud/forgejo.nix b/hosts/Nixcloud/forgejo.nix new file mode 100644 index 0000000..52189fe --- /dev/null +++ b/hosts/Nixcloud/forgejo.nix @@ -0,0 +1,41 @@ +{ lib, config, ... }: +let + cfg = config.services.forgejo; + srv = cfg.settings.server; + domain = "git.sposi.to"; +in +{ + security.acme = { + acceptTerms = true; + defaults.email = "thiago@sposi.to"; + }; + + services.nginx = { + enable = true; + virtualHosts.${domain} = { + forceSSL = true; + enableACME = true; + extraConfig = '' + client_max_body_size 512M; + ''; + locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}"; + }; + }; + + services.forgejo = { + enable = true; + database.type = "sqlite3"; + lfs.enable = true; + settings = { + server = { + DOMAIN = domain; + ROOT_URL = "https://${domain}/"; + HTTP_PORT = 3000; + }; + service.DISABLE_REGISTRATION = true; + }; + }; + + services.forgejo.settings.server.SSH_PORT = lib.mkDefault (lib.head (config.services.openssh.ports or [ 22 ])); +} + diff --git a/hosts/Nixcloud/hardware-configuration.nix b/hosts/Nixcloud/hardware-configuration.nix index 147a8f5..566c4f3 100644 --- a/hosts/Nixcloud/hardware-configuration.nix +++ b/hosts/Nixcloud/hardware-configuration.nix @@ -1,9 +1,15 @@ { modulesPath, lib, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.kernelModules = [ "nvme" ]; boot.loader.grub.device = "nodev"; - + + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + "vmw_pvscsi" + ]; + boot.initrd.kernelModules = [ "nvme" ]; fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; @@ -12,13 +18,5 @@ device = "/dev/sda15"; fsType = "vfat"; }; - - boot.initrd.availableKernelModules = [ - "ata_piix" - "uhci_hcd" - "vmw_pvscsi" - "xen_blkfront" - ]; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } From b2be34b8fece71ea4ebe4ba02db4f7a2686e5856 Mon Sep 17 00:00:00 2001 From: Thiago Sposito Date: Wed, 4 Feb 2026 19:08:30 -0300 Subject: [PATCH 25/25] feat: expose nginx --- hosts/Nixcloud/default.nix | 11 ++++++++++- hosts/Nixcloud/forgejo.nix | 3 ++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/hosts/Nixcloud/default.nix b/hosts/Nixcloud/default.nix index 3ff32b6..dd56ec2 100644 --- a/hosts/Nixcloud/default.nix +++ b/hosts/Nixcloud/default.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pkgs, ... }: { imports = [ ./hardware-configuration.nix @@ -16,9 +16,18 @@ zramSwap.enable = true; + environment.systemPackages = with pkgs; [ + git + ]; + networking.hostName = "srv1065175"; networking.domain = "hstgr.cloud"; + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjC5EuxC6un3StoRkn1X1Mv09Mx1icGfN5fnlWRfqFPtiwAusJA+q0p2MktujY/+kDOpzExtjbXP5CtW7zcUfeitO26BY0WH106P4ttsq/0zzq5pmPXxGn9crN7JqFp3f9LMlL0F+3Oa0mJ6HcS2UgQEUYS6ofJBV1CLeMfkv75F+iy7AG1V9EaT4pvwdmAJ+6XXSo+UtadWOZGlWVRETyDcxa2H/aS/e+JrQfeAHM9f9cyeZqO9OHFWmuzHDc2T014+OhzzWnLUC/nUc1KUELvha1cT1ViMbcF62cjQXxip/5GGsIkw+7PdJFTn3ITwRO1+06qs6WnO4ceh8wIyOblUgTfRvIXkB7nnanC3CupqLbT+s/HeRiwnI4aih7lDrB717dPTy/ZfNXqxy1K51bZzRTXzkY+oUF1eqG37KvGoFZ6Zjf8KMrtTWBhqdIWV/kY4ZBTtvtiU81iXEWbobcyTzsIzKtZhCrGt+KxFUYV90u+ts3jrFdHIsN/tIzuEKz2ZZ8f749u2Q9jgIwe1KLtTwmSDjAV5gkbnE7ZDMB82pTzlwdrZ/VkCIu3/EtoWq3Y+NrKL4OzWL74Tzgsn28jvsegrnz5Lp24zPpNmBzCgbkwPStFjvp16G6pUiTLAAn9YiBqYbbvDbGxun55QMwYORGsdk5hISaC/cPzaUKkQ== thiago@sposito.ch'' diff --git a/hosts/Nixcloud/forgejo.nix b/hosts/Nixcloud/forgejo.nix index 52189fe..5e74e92 100644 --- a/hosts/Nixcloud/forgejo.nix +++ b/hosts/Nixcloud/forgejo.nix @@ -7,7 +7,7 @@ in { security.acme = { acceptTerms = true; - defaults.email = "thiago@sposi.to"; + defaults.email = "th.spo@pm.me"; }; services.nginx = { @@ -15,6 +15,7 @@ in virtualHosts.${domain} = { forceSSL = true; enableACME = true; + # Allow HTTP initially for ACME challenge, will redirect to HTTPS once cert is ready extraConfig = '' client_max_body_size 512M; '';