thiago/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: thiago:main
Branches Tags
thiago:main
thiago:fix
thiago:broken-man
..
compare: thiago:broken-man
Branches Tags
thiago:main
thiago:fix
thiago:broken-man

2 commits
main ... broken-man

Author SHA1 Message Date
Thiago Sposito
8907530a57
fix: systemd nvidia failure 2025-11-21 10:11:22 -03:00
Thiago Sposito
d7b1a49f63
chore: flakelock upgrade and latest 25.11 renames 2025-11-20 09:41:51 -03:00
38 changed files with 251 additions and 1175 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -9,7 +9,7 @@
.DS_Store
Thumbs.db
ehthumbs.db
secrets
# === Editor Configs ===
.vscode/
.idea/

4
dev-templates/rust-minimal/flake.nix
View file

@ -5,8 +5,7 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
};
outputs =
{ self, nixpkgs }:
outputs = { self, nixpkgs }:
let
system = "x86_64-linux";
pkgs = import nixpkgs { inherit system; };
@ -21,3 +20,4 @@
};
};
}

117
flake.lock generated
View file

@ -1,47 +1,5 @@
{
"nodes": {
"alex-lib": {
"inputs": {
"alex-utils": "alex-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1769444523,
"narHash": "sha256-V3XO/kz0HiC0Y3SRF7L00/wIuHbZgW0scMMRmla3+Gc=",
"ref": "refs/heads/main",
"rev": "9aa030a1b1a9b372aec7d473ebeb34fdee4b637e",
"revCount": 27,
"type": "git",
"url": "https://git.sr.ht/~sposito/Alexandria"
},
"original": {
"type": "git",
"url": "https://git.sr.ht/~sposito/Alexandria"
}
},
"alex-utils": {
"inputs": {
"nixpkgs": [
"alex-lib",
"nixpkgs"
]
},
"locked": {
"lastModified": 1768599245,
"narHash": "sha256-ooS9LXab+NLlNQlY3CNQqL/DdXIPTaF8gpphFOdbyfM=",
"ref": "refs/heads/main",
"rev": "e77ca47ba7ce0bbbb142b00a0318884a20b78f29",
"revCount": 27,
"type": "git",
"url": "https://git.sr.ht/~sposito/alex-utils"
},
"original": {
"type": "git",
"url": "https://git.sr.ht/~sposito/alex-utils"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -50,11 +8,11 @@
]
},
"locked": {
"lastModified": 1765835352,
"narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
"lastModified": 1762980239,
"narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "a34fae9c08a15ad73f295041fec82323541400a9",
"rev": "52a2caecc898d0b46b2b905f058ccc5081f842da",
"type": "github"
},
"original": {
@ -88,16 +46,16 @@
]
},
"locked": {
"lastModified": 1767910483,
"narHash": "sha256-MOU5YdVu4DVwuT5ztXgQpPuRRBjSjUGIdUzOQr9iQOY=",
"lastModified": 1763416652,
"narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "82fb7dedaad83e5e279127a38ef410bcfac6d77c",
"rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.11",
"ref": "master",
"repo": "home-manager",
"type": "github"
}
@ -109,11 +67,11 @@
]
},
"locked": {
"lastModified": 1767881232,
"narHash": "sha256-tFFsDO0DloeymMeSc0YZacDl+cppVTNh5x/3ZGHpUXs=",
"lastModified": 1759967497,
"narHash": "sha256-PYD473Ef3v5HNyLKyWroskX87fl6ntgKrzqm+R2Duqo=",
"ref": "refs/heads/main",
"rev": "018c8b6c98768ef060e00e0fabe98a3119a79056",
"revCount": 5,
"rev": "f0fa9781aef42ecbcb280b625632e5933ed04d9f",
"revCount": 4,
"type": "git",
"url": "https://git.sr.ht/~sposito/icons"
},
@ -152,27 +110,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1767799921,
"narHash": "sha256-r4GVX+FToWVE2My8VVZH4V0pTIpnu2ZE8/Z4uxGEMBE=",
"lastModified": 1763421233,
"narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d351d0653aeb7877273920cd3e823994e7579b0b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1767892417,
"narHash": "sha256-dhhvQY67aboBk8b0/u0XB6vwHdgbROZT3fJAjyNh5Ww=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba",
"rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648",
"type": "github"
},
"original": {
@ -192,16 +134,15 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1767448089,
"narHash": "sha256-U1fHsZBnFrUil731NHD9Sg5HoiG+eSHau8OFuClhwW0=",
"lastModified": 1763638001,
"narHash": "sha256-Y1SPkwcPaUjrqPff49J4f1t7npRUDuYazccUsNF9XSQ=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "983751b66f255bbea1adc185364e9e7b73f82358",
"rev": "f4b9a7122425c56d65466fcafb99053730b2646a",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "nixos-25.11",
"repo": "nixvim",
"type": "github"
}
@ -231,11 +172,9 @@
},
"root": {
"inputs": {
"alex-lib": "alex-lib",
"home-manager": "home-manager",
"icons": "icons",
"nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim",
"secrets": "secrets",
"sops-nix": "sops-nix"
@ -244,18 +183,14 @@
"secrets": {
"flake": false,
"locked": {
"lastModified": 1768616087,
"narHash": "sha256-A/3XkeLfNCRUJYMa9f44VYsv6tWYuIMeDrra1J5GYqs=",
"ref": "refs/heads/main",
"rev": "d540ed7731df4e19a15afe810630e5c7786630c4",
"revCount": 3,
"type": "git",
"url": "ssh://git@git.sr.ht/~sposito/secrets"
"path": "git@git.sr.ht/~sposito/secrets",
"type": "path"
},
"original": {
"type": "git",
"url": "ssh://git@git.sr.ht/~sposito/secrets"
}
"path": "git@git.sr.ht/~sposito/secrets",
"type": "path"
},
"parent": []
},
"sops-nix": {
"inputs": {
@ -264,11 +199,11 @@
]
},
"locked": {
"lastModified": 1768032389,
"narHash": "sha256-BVpTd93G0XmAK1iXiBdhUA5Uvt+WmM1YL0mA4REcT68=",
"lastModified": 1763607916,
"narHash": "sha256-VefBA1JWRXM929mBAFohFUtQJLUnEwZ2vmYUNkFnSjE=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "a8cfe238b93166f9f96c0df67a94e572554ee624",
"rev": "877bb495a6f8faf0d89fc10bd142c4b7ed2bcc0b",
"type": "github"
},
"original": {

17
flake.nix
View file

@ -2,23 +2,18 @@
description = "my NixOS Config";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
alex-lib ={
url = "git+https://git.sr.ht/~sposito/Alexandria";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
inputs.nixpkgs.follows = "nixpkgs";
url = "github:nix-community/home-manager/release-25.11";
url = "github:nix-community/home-manager/master";
};
icons = {
url = "git+https://git.sr.ht/~sposito/icons";
inputs.nixpkgs.follows = "nixpkgs";
};
nixvim = {
url = "github:nix-community/nixvim/nixos-25.11";
url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
@ -26,7 +21,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
secrets = {
url = "git+ssh://git@git.sr.ht/~sposito/secrets";
url = "git@git.sr.ht/~sposito/secrets";
flake = false;
};
};
@ -35,7 +30,6 @@
{
self,
nixpkgs,
nixpkgs-unstable,
home-manager,
...
}@inputs:
@ -81,7 +75,6 @@
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {
inherit inputs outputs;
alex-lib = inputs.alex-lib;
icons = inputs.icons;
sops = inputs.sops-nix;
secrets = inputs.secrets;
@ -94,7 +87,6 @@
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {
inherit inputs outputs;
alex-lib = inputs.alex-lib;
icons = inputs.icons;
sops = inputs.sops-nix;
secrets = inputs.secrets;
@ -102,7 +94,6 @@
modules = [
./home-manager/nixstation.nix
inputs.sops-nix.homeManagerModules.sops
];
};
};

9
home-manager/backup.nix
View file

@ -1,11 +1,4 @@
{
config,
lib,
pkgs,
sops,
secrets,
...
}:
{ config, lib, pkgs, sops, secrets, ... }:
{
# --- sops secret integration ---

3
home-manager/custom.nix
View file

@ -8,8 +8,7 @@ let
mojo = pkgs.callPackage (noverbySrc + "/packages/mojo.nix") { };
magic = pkgs.callPackage (noverbySrc + "/packages/magic.nix") { };
in
{
in {
home.packages = [
mojo
magic

35
home-manager/emacs/default.nix
View file

@ -1,35 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
programs.emacs = {
enable = true;
package = pkgs.emacs.override {
withNativeCompilation = true;
};
};
home.packages = with pkgs; [
cmake
emacs-all-the-icons-fonts
emacsPackages.evil
emacsPackages.vterm
emacsPackages.treemacs
emacsPackages.doom
emacsPackages.mu4e
mu
sbcl
];
home.activation.linkDoomConfig = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
if [ ! -e "${config.home.homeDirectory}/.config/doom" ]; then
$DRY_RUN_CMD mkdir -p "${config.home.homeDirectory}/.config"
$DRY_RUN_CMD ln -sfn "/home/thiago/.config/nix-conf/home-manager/emacs/doom" "${config.home.homeDirectory}/.config/doom"
fi
'';
}

13
home-manager/emacs/doom/banner.txt
View file

@ -1,13 +0,0 @@
█████████ ███ █████
███░░░░░███ ░░░ ░░███
░███ ░░░ ████████ ██████ █████ ████ ███████ ██████
░░█████████ ░░███░░███ ███░░███ ███░░ ░░███ ░░░███░ ███░░███
░░░░░░░░███ ░███ ░███░███ ░███░░█████ ░███ ░███ ░███ ░███
███ ░███ ░███ ░███░███ ░███ ░░░░███ ░███ ░███ ███░███ ░███
░░█████████ ░███████ ░░██████ ██████ █████ ██ ░░█████ ░░██████
░░░░░░░░░ ░███░░░ ░░░░░░ ░░░░░░ ░░░░░ ░░ ░░░░░ ░░░░░░
░███ ___ __ __ __ ___ __
█████ | __| V |/ \ / _//' _/
░░░░░ | _|| \_/ | /\ | \__`._`.
|___|_| |_|_||_|\__/|___/

77
home-manager/emacs/doom/config.el
View file

@ -1,77 +0,0 @@
;;; $DOOMDIR/config.el -*- lexical-binding: t; -*-
;; Add NixOS mu4e to load-path
(let ((mu4e-dir (car (file-expand-wildcards "~/.nix-profile/share/emacs/site-lisp/elpa/mu4e-*"))))
(when mu4e-dir
(add-to-list 'load-path mu4e-dir)))
(add-hook 'scheme-mode-hook #'smartparens-strict-mode)
(defun my-doom-ascii-banner ()
(let ((banner-file (expand-file-name "banner.txt" doom-user-dir)))
(when (file-exists-p banner-file)
(insert-file-contents banner-file))))
(setq +doom-dashboard-ascii-banner-fn #'my-doom-ascii-banner)
(use-package! lsp-mode
:config
(add-to-list 'lsp-language-id-configuration '(fennel-mode . "fennel"))
(lsp-register-client
(make-lsp-client :new-connection (lsp-stdio-connection "fennel-ls")
:activation-fn (lsp-activate-on "fennel")
:server-id 'fennel-ls)))
(add-hook 'fennel-mode-hook #'lsp!)
(setq user-full-name "Thiago Sposito"
user-mail-address "th.spo@pm.me")
(setq doom-font (font-spec :family "FiraCode Nerd Font Mono" :size 22 :weight 'semi-light)
doom-variable-pitch-font (font-spec :family "FiraCode Nerd Font" :size 18))
(setq doom-theme 'doom-one)
(setq display-line-numbers-type t)
(setq org-directory "~/org/")
(after! treemacs
(treemacs-follow-mode 1)
(treemacs-project-follow-mode 1))
(add-hook 'window-setup-hook #'treemacs)
(setq shell-file-name (executable-find "zsh")
explicit-shell-file-name shell-file-name)
(set-popup-rule! "^\\*vterm"
:side 'bottom
:size 0.3
:select t
:quit t
:ttl nil)
(map! :desc "Toggle terminal (vterm)"
"C-~" #'vterm)
(after! mu4e
(setq mu4e-get-mail-command "mbsync -a"
mu4e-update-interval 300
mu4e-maildir "~/Maildir"
mu4e-change-filenames-when-moving t
sendmail-program "msmtp"
send-mail-function #'sendmail-send-it
message-sendmail-f-is-evil t
message-sendmail-extra-arguments '("--read-envelope-from")
message-send-mail-function #'message-send-mail-with-sendmail)
(set-email-account! "Proton"
'((mu4e-sent-folder . "/proton/Sent")
(mu4e-drafts-folder . "/proton/Drafts")
(mu4e-trash-folder . "/proton/Trash")
(mu4e-refile-folder . "/proton/Archive")
(user-mail-address . "th.spo@pm.me")
(user-full-name . "Thiago Sposito"))
t))

13
home-manager/emacs/doom/custom.el
View file

@ -1,13 +0,0 @@
;;; -*- lexical-binding: t -*-
(custom-set-variables
;; custom-set-variables was added by Custom.
;; If you edit it by hand, you could mess it up, so be careful.
;; Your init file should contain only one such instance.
;; If there is more than one, they won't work right.
'(package-selected-packages '(vterm)))
(custom-set-faces
;; custom-set-faces was added by Custom.
;; If you edit it by hand, you could mess it up, so be careful.
;; Your init file should contain only one such instance.
;; If there is more than one, they won't work right.
)

11
home-manager/emacs/doom/early-init.el
View file

@ -1,11 +0,0 @@
;;; early-init.el -*- lexical-binding: t; -*-
;; Set the background early to prevent the white flash
(setq default-frame-alist
'((background-color . "#282c34") ; Standard Doom One background
(vertical-scroll-bars . nil)
(tool-bar-lines . 0)
(menu-bar-lines . 0)))
;; Ensure the title bar is dark on macOS/compatible systems
(add-to-list 'default-frame-alist '(ns-appearance . dark))

200
home-manager/emacs/doom/init.el
View file

@ -1,200 +0,0 @@
;;; init.el -*- lexical-binding: t; -*-
;; This file controls what Doom modules are enabled and what order they load
;; in. Remember to run 'doom sync' after modifying it!
;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
;; documentation. There you'll find a link to Doom's Module Index where all
;; of our modules are listed, including what flags they support.
;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
;; 'C-c c k' for non-vim users) to view its documentation. This works on
;; flags as well (those symbols that start with a plus).
;;
;; Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
;; directory (for easy access to its source code).
(doom! :input
;;bidi ; (tfel ot) thgir etirw uoy gnipleh
;;chinese
;;japanese
;;layout ; auie,ctsrnm is the superior home row
:completion
(company +childframe) ; the ultimate code completion backend
;;(corfu +orderless) ; complete with cap(f), cape and a flying feather!
;;helm ; the *other* search engine for love and life
;;ido ; the other *other* search engine...
;;ivy ; a search engine for love and life
vertico ; the search engine of the future
:ui
deft ; notational velocity for Emacs
doom ; what makes DOOM look the way it does
doom-dashboard ; a nifty splash screen for Emacs
;;doom-quit ; DOOM quit-message prompts when you quit Emacs
(emoji +unicode) ; 🙂
hl-todo ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
indent-guides ; highlighted indent columns
ligatures ; ligatures and symbols to make your code pretty again
minimap ; show a map of the code on the side
modeline ; snazzy, Atom-inspired modeline, plus API
;;nav-flash ; blink cursor line after big motions
;;neotree ; a project drawer, like NERDTree for vim
ophints ; highlight the region an operation acts on
(popup +defaults) ; tame sudden yet inevitable temporary windows
smooth-scroll ; So smooth you won't believe it's not butter
tabs ; a tab bar for Emacs
treemacs ; a project drawer, like neotree but cooler
;;unicode ; extended unicode support for various languages
(vc-gutter +pretty) ; vcs diff in the fringe
vi-tilde-fringe ; fringe tildes to mark beyond EOB
window-select ; visually switch windows
workspaces ; tab emulation, persistence & separate workspaces
;;zen ; distraction-free coding or writing
:editor
(evil +everywhere); come to the dark side, we have cookies
file-templates ; auto-snippets for empty files
fold ; (nigh) universal code folding
;;(format +onsave) ; automated prettiness
;;god ; run Emacs commands without modifier keys
;;lispy ; vim for lisp, for people who don't like vim
multiple-cursors ; editing in many places at once
;;objed ; text object editing for the innocent
;;parinfer ; turn lisp into python, sort of
;;rotate-text ; cycle region at point between text candidates
snippets ; my elves. They type so I don't have to
(whitespace +guess +trim) ; a butler for your whitespace
;;word-wrap ; soft wrapping with language-aware indent
:emacs
dired ; making dired pretty [functional]
electric ; smarter, keyword-based electric-indent
;;eww ; the internet is gross
;;ibuffer ; interactive buffer management
tramp ; remote files at your arthritic fingertips
undo ; persistent, smarter undo for your inevitable mistakes
vc ; version-control and Emacs, sitting in a tree
:term
;;eshell ; the elisp shell that works everywhere
;;shell ; simple shell REPL for Emacs
;;term ; basic terminal emulator for Emacs
vterm ; the best terminal emulation in Emacs
:checkers
syntax ; tasing you for every semicolon you forget
;;(spell +flyspell) ; tasing you for misspelling mispelling
;;grammar ; tasing grammar mistake every you make
:tools
;;ansible
;;biblio ; Writes a PhD for you (citation needed)
;;collab ; buffers with friends
;;debugger ; FIXME stepping through code, to help you add bugs
direnv
docker
editorconfig ; let someone else argue about tabs vs spaces
;;ein ; tame Jupyter notebooks with emacs
(eval +overlay) ; run code, run (also, repls)
lookup ; navigate your code and its documentation
llm ; when I said you needed friends, I didn't mean...
lsp
;;(lsp +eglot) ; M-x vscode
magit ; a git porcelain for Emacs
;;make ; run make tasks from Emacs
pass ; password manager for nerds
(pdf +org) ; pdf enhancements
;;terraform ; infrastructure as code
;;tmux ; an API for interacting with tmux
tree-sitter ; syntax and parsing, sitting in a tree...
upload ; map local to remote projects via ssh/ftp
; :os
;(:if (featurep :system 'macos) macos) ; improve compatibility with macOS
;;tty ; improve the terminal Emacs experience
:lang
;;ada ; In strong typing we (blindly) trust
;;agda ; types of types of types of types...
;;beancount ; mind the GAAP
;;(cc +lsp) ; C > C++ == 1
;;clojure ; java with a lisp
;;common-lisp ; if you've seen one lisp, you've seen them all
;;coq ; proofs-as-programs
;;crystal ; ruby at the speed of c
;;csharp ; unity, .NET, and mono shenanigans
;;data ; config/data formats
;;(dart +flutter) ; paint ui and not much else
;;dhall
;;elixir ; erlang done right
;;elm ; care for a cup of TEA?
emacs-lisp ; drown in parentheses
;;erlang ; an elegant language for a more civilized age
;;ess ; emacs speaks statistics
;;factor
;;faust ; dsp, but you get to keep your soul
;;fortran ; in FORTRAN, GOD is REAL (unless declared INTEGER)
;;fsharp ; ML stands for Microsoft's Language
;;fstar ; (dependent) types and (monadic) effects and Z3
;;gdscript ; the language you waited for
;;(go +lsp) ; the hipster dialect
;;(graphql +lsp) ; Give queries a REST
;;(haskell +lsp) ; a language that's lazier than I am
;;hy ; readability of scheme w/ speed of python
;;idris ; a language you can depend on
;;json ; At least it ain't XML
;;janet ; Fun fact: Janet is me!
;;(java +lsp) ; the poster child for carpal tunnel syndrome
;;javascript ; all(hope(abandon(ye(who(enter(here))))))
;;julia ; a better, faster MATLAB
;;kotlin ; a better, slicker Java(Script)
;;latex ; writing papers in Emacs has never been so fun
;;lean ; for folks with too much to prove
;;ledger ; be audit you can be
(lua +fennel +lsp) ; one-based indices? one-based indices
markdown ; writing docs for people to ignore
;;nim ; python + lisp at the speed of c
nix ; I hereby declare "nix geht mehr!"
;;ocaml ; an objective camel
org ; organize your plain life in plain text
;;php ; perl's insecure younger brother
;;plantuml ; diagrams for confusing people more
;;graphviz ; diagrams for confusing yourself even more
;;purescript ; javascript, but functional
;;python ; beautiful is better than ugly
;;qt ; the 'cutest' gui framework ever
;;racket ; a DSL for DSLs
;;raku ; the artist formerly known as perl6
;;rest ; Emacs as a REST client
;;rst ; ReST in peace
;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
;;(rust +lsp) ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
;;scala ; java, but good
(scheme +guile +chez) ; a fully conniving family of lisps
sh ; she sells {ba,z,fi}sh shells on the C xor
;;sml
;;solidity ; do you need a blockchain? No.
;;swift ; who asked for emoji variables?
;;terra ; Earth and Moon in alignment for performance.
;;web ; the tubes
;;yaml ; JSON, but readable
;;zig ; C, but simpler
:email
(mu4e +mbsync +org)
;;notmuch
;;(wanderlust +gmail)
:app
;;calendar
;;emms
;;everywhere ; *leave* Emacs!? You must be joking
irc ; how neckbeards socialize
(rss +org) ; emacs as an RSS reader
:config
;;literate
(default +bindings +smartparens))

54
home-manager/emacs/doom/packages.el
View file

@ -1,54 +0,0 @@
;; -*- no-byte-compile: t; -*-
;;; $DOOMDIR/packages.el
;; To install a package:
;;
;; 1. Declare them here in a `package!' statement,
;; 2. Run 'doom sync' in the shell,
;; 3. Restart Emacs.
;;
;; Use 'C-h f package\!' to look up documentation for the `package!' macro.
;; To install SOME-PACKAGE from MELPA, ELPA or emacsmirror:
;; (package! some-package)
;; To install a package directly from a remote git repo, you must specify a
;; `:recipe'. You'll find documentation on what `:recipe' accepts here:
;; https://github.com/radian-software/straight.el#the-recipe-format
;; (package! another-package
;; :recipe (:host github :repo "username/repo"))
;; If the package you are trying to install does not contain a PACKAGENAME.el
;; file, or is located in a subdirectory of the repo, you'll need to specify
;; `:files' in the `:recipe':
;; (package! this-package
;; :recipe (:host github :repo "username/repo"
;; :files ("some-file.el" "src/lisp/*.el")))
;; If you'd like to disable a package included with Doom, you can do so here
;; with the `:disable' property:
;; (package! builtin-package :disable t)
;; You can override the recipe of a built in package without having to specify
;; all the properties for `:recipe'. These will inherit the rest of its recipe
;; from Doom or MELPA/ELPA/Emacsmirror:
;; (package! builtin-package :recipe (:nonrecursive t))
;; (package! builtin-package-2 :recipe (:repo "myfork/package"))
;; Specify a `:branch' to install a package from a particular branch or tag.
;; This is required for some packages whose default branch isn't 'master' (which
;; our package manager can't deal with; see radian-software/straight.el#279)
;; (package! builtin-package :recipe (:branch "develop"))
;; Use `:pin' to specify a particular commit to install.
;; (package! builtin-package :pin "1a2b3c4d5e")
;; Doom's packages are pinned to a specific commit and updated from release to
;; release. The `unpin!' macro allows you to unpin single packages...
;; (unpin! pinned-package)
;; ...or multiple packages
;; (unpin! pinned-package another-pinned-package)
;; ...Or *all* packages (NOT RECOMMENDED; will likely break things)
;; (unpin! t)

7
home-manager/gnome/default.nix
View file

@ -3,11 +3,9 @@
{
dconf.settings = {
"org/gnome/desktop/interface" = {
gtk-theme = "Adwaita-dark";
};
"org/gnome/shell" = {
disable-user-extensions = true;
disable-user-extensions = false;
favorite-apps = [
"org.gnome.Settings.desktop"
"org.gnome.Nautilus.desktop"
@ -30,7 +28,6 @@
home.packages = with pkgs; [
gnome-tweaks
gnomeExtensions.appindicator
gnomeExtensions.force-quit
gnomeExtensions.forge
gnomeExtensions.gsconnect
gnomeExtensions.pop-shell

100
home-manager/home.nix
View file

@ -1,37 +1,17 @@
{
config,
pkgs,
lib,
inputs,
sops,
alex-lib,
...
}:
let
system = "x86_64-linux";
pkgsUnstable = import inputs.nixpkgs-unstable {
inherit system;
config.allowUnfree = true;
config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"code-cursor"
"cursor"
"cursor-cli"
"vscode"
];
};
alpkgs = alex-lib.packages.${system};
in
{
imports = [
# ./backup.nix
./custom.nix
./emacs
./gnome
./icons.nix
./nvim
./services
./zsh.nix
./mail.nix
];
nixpkgs = {
@ -41,9 +21,6 @@ in
pkg:
builtins.elem (lib.getName pkg) [
"code-cursor"
"cursor"
"cursor-cli"
"vscode"
];
};
};
@ -51,67 +28,54 @@ in
home = {
homeDirectory = "/home/thiago";
packages = with pkgs; [
alpkgs.antifennel
alpkgs.fennel
alpkgs.fnlfmt
alpkgs.fennel-ls
alpkgs.luajit
cmake
pkgsUnstable.code-cursor
pkgsUnstable.cursor-cli
code-cursor
direnv
distrobox
fd
fira-code
firefox
glow
guile
guile-lsp-server
hwinfo
inkscape
keymapp
lazygit
lua-language-server
luajitPackages.luacheck
libinput
nerd-fonts.fira-code
nil
nitrokey-app2
nixd
nixfmt-rfc-style
nixpkgs-fmt
nodejs
nixfmt-rfc-style
nodejs_20
nordic
obsidian
pandoc
pinentry-curses
podman
protonmail-bridge
python3
racket
ripgrep
shellcheck
statix
stylua
uget
unzip
vscode
waydroid
wl-clipboard
xorg.xhost
zed-editor
];
sessionVariables = {
# DBUS_SESSION_BUS_ADDRESS = "unix:path=${config.home.homeDirectory}/.dbus-session-bus";
DBUS_SESSION_BUS_ADDRESS = "unix:path=${config.home.homeDirectory}/.dbus-session-bus";
};
username = "thiago";
};
programs = {
git = {
enable = true;
lfs.enable = true;
signing = {
key = "EC7C84664FF515B63AD510B63065EA73A976D430";
signByDefault = false;
};
settings = {
aliases = {
alias = {
br = "branch";
ca = "commit --amend";
can = "commit --amend --no-edit";
@ -120,7 +84,8 @@ in
lg = "log --oneline --graph --decorate --all";
st = "status";
};
extraConfig = {
user.email = "th.spo@pm.me";
user.name = "Thiago Sposito";
color.ui = "auto";
core = {
editor = "nvim";
@ -129,16 +94,6 @@ in
init.defaultBranch = "main";
pull.rebase = true;
};
lfs.enable = true;
signing = {
key = "EC7C84664FF515B63AD510B63065EA73A976D430";
signByDefault = false;
};
user = {
email = "th.spo@pm.me";
name = "Thiago Sposito";
};
};
};
gpg = {
@ -154,8 +109,6 @@ in
# splitting
"ctrl+shift+enter" = "new_window";
"ctrl+shift+\\" = "new_window --location=hsplit";
"super+-" = "new_window --location=hsplit";
"super+|" = "new_window --location=vsplit";
# resizing
"ctrl+alt+left" = "resize_window narrower";
"ctrl+alt+right" = "resize_window wider";
@ -172,34 +125,19 @@ in
background_opacity = 1.0;
};
};
mbsync.enable = true;
vscode = {
enable = true;
};
};
services = {
gpg-agent = {
services.gpg-agent = {
enable = true;
enableZshIntegration = true;
pinentry.package = pkgs.pinentry-curses;
};
protonmail-bridge = {
enable = true;
extraPackages = [
pkgs.gnome-keyring
];
};
};
sops = {
gnupg.home = "/home/thiago/.gnupg";
age.keyFile = null; # We are using the Nitrokey (PGP) instead
};
#systemd.user.startServices = "sd-switch";
systemd.user.startServices = "sd-switch";
home.stateVersion = "25.11";
# sops configuration

6
home-manager/icons.nix
View file

@ -1,13 +1,13 @@
{ icons, pkgs, ... }:
{
home.packages = [ icons.packages.${pkgs.system}.default ];
home.packages = [ icons.packages.${pkgs.stdenv.hostPlatform.system}.default ];
xdg.desktopEntries = {
kitty = {
name = "Kitty";
exec = "kitty";
icon = "${
icons.packages.${pkgs.system}.default
icons.packages.${pkgs.stdenv.hostPlatform.system}.default
}/share/icons/hicolor/scalable/apps/custom/kitty.svg";
terminal = false;
categories = [
@ -19,7 +19,7 @@
name = "UXTerm";
exec = "uxterm";
icon = "${
icons.packages.${pkgs.system}.default
icons.packages.${pkgs.stdenv.hostPlatform.system}.default
}/share/icons/hicolor/scalable/apps/custom/mini.xterm.svg";
terminal = false;
categories = [

58
home-manager/mail.nix
View file

@ -1,58 +0,0 @@
{
pkgs,
config,
sops,
secrets,
...
}:
{
sops.secrets = {
"mailpass" = {
sopsFile = secrets.outPath + "/mail.yaml";
key = "password";
};
};
accounts.email.accounts.proton = {
primary = true;
address = "th.spo@pm.me";
userName = "thiago@sposito.ch";
realName = "Thiago Sposito";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets.mailpass.path}";
imap = {
host = "127.0.0.1";
port = 1143;
tls.enable = true;
};
smtp = {
host = "127.0.0.1";
port = 1025;
tls.enable = true;
};
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
extraConfig.account = {
SSLType = "STARTTLS";
TLSType = "STARTTLS";
CertificateFile = "~/.config/protonmail/bridge-v3/cert.pem";
AuthMechs = "LOGIN";
};
};
msmtp = {
enable = true;
extraConfig = {
tls_starttls = "on";
tls_certcheck = "off";
};
};
};
programs.mbsync.enable = true;
programs.msmtp.enable = true;
programs.mu.enable = true;
}

3
home-manager/nixstation.nix
View file

@ -11,6 +11,7 @@
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"code-cursor"
"steam-original"
"steam-run"
"steam"
@ -21,6 +22,6 @@
heroic
steam
steam-run
mindustry
code-cursor
];
}

3
home-manager/nvim/.nfnl.fnl
View file

@ -1,3 +0,0 @@
{:compiler-options {:compilerEnv _G}}

50
home-manager/nvim/default.nix
View file

@ -6,26 +6,7 @@
];
home.packages = with pkgs; [
ripgrep
gcc
];
home.file.".config/nvim/extraconfig.fnl" = {
source = ./extraconfig.fnl;
};
home.file.".config/nvim/.nfnl.fnl" = {
source = ./.nfnl.fnl;
};
# Compile Fennel to Lua at build time
home.file.".config/nvim/extraconfig.lua" = {
text = builtins.readFile (
pkgs.runCommand "extraconfig-compiled.lua"
{
buildInputs = [ pkgs.luajitPackages.fennel ];
}
''
${pkgs.luajitPackages.fennel}/bin/fennel --compile ${./extraconfig.fnl} > $out
''
);
};
programs.nixvim = {
enable = true;
colorschemes.nord.enable = true;
@ -40,7 +21,6 @@
};
plugins = {
conjure.enable = true;
avante = {
enable = true;
};
@ -67,10 +47,6 @@
lspkind.enable = true;
lsp-lines.enable = true;
treesitter = {
enable = true;
};
none-ls = {
enable = true;
sources = {
@ -89,30 +65,6 @@
conform-nvim.enable = true;
};
extraPlugins = with pkgs.vimPlugins; [
nvim-web-devicons
(pkgs.vimUtils.buildVimPlugin {
name = "nfnl";
src = pkgs.fetchFromGitHub {
owner = "Olical";
repo = "nfnl";
rev = "v1.3.0";
hash = "sha256-ug2vAVI3C99TZxFpXw/+AJLRAc+3FLq92bFVhkZUL7A=";
};
})
(pkgs.vimUtils.buildVimPlugin {
name = "vim-fennel-syntax";
src = pkgs.fetchFromGitHub {
owner = "m15a";
repo = "vim-fennel-syntax";
rev = "e7299d5"; # v1.3.0
hash = "sha256-CL3ooywWpGicmzine9qteHTGajAZ2qnIcK9CByaONvc=";
};
})
];
extraConfigLua = ''
-- Load compiled Fennel config
dofile(vim.fn.expand("~/.config/nvim/extraconfig.lua"))
'';
extraConfigLua = builtins.readFile ./extraconfig.lua;
};
}

96
home-manager/nvim/extraconfig.fnl
View file

@ -1,96 +0,0 @@
(do
(local cmp (require :cmp))
(local avante (require :avante))
(local cmp-nvim-lsp (require :cmp_nvim_lsp))
(local treesitter (require :nvim-treesitter.configs))
;; Configure fennel-ls LSP server using new vim.lsp API
;; Note: vim-fennel-syntax plugin handles filetype detection automatically
(local base-capabilities (vim.lsp.protocol.make_client_capabilities))
(local capabilities (cmp-nvim-lsp.default_capabilities base-capabilities))
;; Find fennel-ls in PATH
(local fennel-ls-path (vim.fn.exepath "fennel-ls"))
(local fennel-ls-cmd (if (= fennel-ls-path "") ["fennel-ls"] [fennel-ls-path]))
;; Setup fennel-ls using autocmd to start on Fennel files
(vim.api.nvim_create_autocmd "FileType" {
:pattern [:fennel]
:callback (fn []
(local root (vim.fs.find [".nfnl.fnl" ".git" "fnl"] {:upward true}))
(local root-dir (if root (vim.fs.dirname (. root 1)) (vim.fn.getcwd)))
(vim.lsp.start {
:name :fennel_ls
:cmd fennel-ls-cmd
:root_dir root-dir
:settings {
:fennel {
:extra-globals "vim"
}
}
:capabilities capabilities
}))
})
;; Enable inlay hints for better documentation
(vim.lsp.inlay_hint.enable true {:buftype [""]})
;; Configure Treesitter to ensure Fennel grammar is installed
;; Use writable directory for parsers (not the read-only nix store)
(local parser_install_dir (.. (vim.fn.stdpath :data) "/treesitter"))
(vim.opt.runtimepath:prepend parser_install_dir)
(treesitter.setup {
:ensure_installed [:fennel :lua]
:highlight {:enable true}
:indent {:enable true}
:parser_install_dir parser_install_dir
})
(cmp.setup {
:mapping {
:<C-Space> (cmp.mapping.complete)
:<CR> (cmp.mapping.confirm {:select true})
:<Tab> (cmp.mapping.select_next_item)
:<S-Tab> (cmp.mapping.select_prev_item)
}
:sources [
{:name :nvim_lsp}
{:name :buffer}
{:name :path}
]
})
(vim.api.nvim_create_autocmd "LspAttach" {
:callback (fn [args]
(local buf args.buf)
(local opts {:buffer buf})
(vim.keymap.set "n" "gd" vim.lsp.buf.definition opts)
(vim.keymap.set "n" "gr" vim.lsp.buf.references opts)
(vim.keymap.set "n" "K" vim.lsp.buf.hover opts)
(vim.keymap.set "n" "<leader>rn" vim.lsp.buf.rename opts)
(vim.keymap.set "n" "<leader>ca" vim.lsp.buf.code_action opts)
(vim.keymap.set "n" "<leader>f" (fn []
(vim.lsp.buf.format {:async true}))
opts)
(vim.keymap.set "n" "<A-j>" ":m .+1<CR>==")
(vim.keymap.set "n" "<A-k>" ":m .-2<CR>=="))
})
(avante.setup {
:provider "ollama"
:providers {
:ollama {
:endpoint "http://127.0.0.1:11434"
:model "gpt-oss:20b"
:extra_request_body {
:temperature 0
:num_ctx 8192
}
}
}
})
)

47
home-manager/nvim/extraconfig.lua Normal file
View file

@ -0,0 +1,47 @@
local cmp = require'cmp'
local avante = require("avante")
cmp.setup({
mapping = {
['<C-Space>'] = cmp.mapping.complete(), -- trigger manually
['<CR>'] = cmp.mapping.confirm({ select = true }), -- confirm with Enter
['<Tab>'] = cmp.mapping.select_next_item(),
['<S-Tab>'] = cmp.mapping.select_prev_item(),
},
sources = {
{ name = 'nvim_lsp' },
{ name = 'buffer' },
{ name = 'path' },
},
vim.api.nvim_create_autocmd("LspAttach", {
callback = function(args)
local buf = args.buf
local opts = { buffer = buf }
vim.keymap.set("n", "gd", vim.lsp.buf.definition, opts)
vim.keymap.set("n", "gr", vim.lsp.buf.references, opts)
vim.keymap.set("n", "K", vim.lsp.buf.hover, opts)
vim.keymap.set("n", "<leader>rn", vim.lsp.buf.rename, opts)
vim.keymap.set("n", "<leader>ca", vim.lsp.buf.code_action, opts)
vim.keymap.set("n", "<leader>f", function() vim.lsp.buf.format({ async = true }) end, opts)
vim.keymap.set("n", "<A-j>", ":m .+1<CR>==")
vim.keymap.set("n", "<A-k>", ":m .-2<CR>==")
end
})
})
avante.setup({
provider = "ollama",
providers = {
ollama = {
endpoint = "http://127.0.0.1:11434",
model = "gpt-oss:20b",
extra_request_body = {
temperature = 0,
num_ctx = 8192,
},
},
},
})

143
home-manager/services/comfy-ui.nix
View file

@ -1,143 +0,0 @@
{ pkgs, config, lib, ... }:
let
comfyuiSrc = pkgs.fetchFromGitHub {
owner = "Comfy-Org";
repo = "ComfyUI";
rev = "v0.9.2";
sha256 = "PQfZ0PD/PQn49ElGdzt/El8JrU7clETcLi/6ZUxm8f8=";
};
controlnetAux = pkgs.fetchFromGitHub {
owner = "Fannovel16";
repo = "comfyui_controlnet_aux";
rev = "136f125c89aed92ced1b6fbb491e13719b72fcc0";
sha256 = "DlspkqzN7Ls8kXWQMtVQygzsgu/z6FtjMqDthuza/Kc=";
};
ipAdapter = pkgs.fetchFromGitHub {
owner = "cubiq";
repo = "ComfyUI_IPAdapter_plus";
rev = "main";
sha256 = "Ft9WJcmjzon2tAMJq5na24iqYTnQWEQFSKUElSVwYgw=";
};
toolingNodes = pkgs.fetchFromGitHub {
owner = "Acly";
repo = "comfyui-tooling-nodes";
rev = "main";
sha256 = "tVvpVWDpihy7zdV/L7cOpsWE68l15xKIwuM3EriUM+Y=";
};
inpaintNodes = pkgs.fetchFromGitHub {
owner = "Acly";
repo = "comfyui-inpaint-nodes";
rev = "main";
sha256 = "Uy6ppXNAQAOIkmoJB8miAzVUXZ0Elyp+w+kwNxWZjvo=";
};
dataDir = "${config.home.homeDirectory}/.local/share/comfyui";
venvDir = "${dataDir}/.venv";
customNodesDir = "${dataDir}/custom_nodes";
kritaModelsDir = "${config.home.homeDirectory}/.var/app/org.kde.krita/data/krita/ai_diffusion/server/models";
startScript = pkgs.writeShellScript "comfyui-start" ''
set -e
export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:${pkgs.zlib}/lib:${pkgs.libGL}/lib:${pkgs.glib}/lib:${pkgs.xorg.libxcb}/lib:${pkgs.xorg.libX11}/lib:${pkgs.xorg.libXext}/lib:/run/opengl-driver/lib:$LD_LIBRARY_PATH"
mkdir -p ${dataDir}
mkdir -p ${customNodesDir}
# Copy source if not exists
if [ ! -f "${dataDir}/main.py" ]; then
cp -r ${comfyuiSrc}/* ${dataDir}/
chmod -R u+w ${dataDir}
fi
# Create extra_model_paths.yaml to use Krita AI Diffusion models
cat > ${dataDir}/extra_model_paths.yaml << EOF
krita_ai:
base_path: ${kritaModelsDir}
checkpoints: checkpoints/
clip_vision: clip_vision/
controlnet: controlnet/
diffusion_models: diffusion_models/
embeddings: embeddings/
inpaint: inpaint/
ipadapter: ipadapter/
loras: loras/
style_models: style_models/
text_encoders: text_encoders/
upscale_models: upscale_models/
vae: vae/
EOF
# Install custom nodes
if [ ! -d "${customNodesDir}/comfyui_controlnet_aux" ]; then
cp -r ${controlnetAux} ${customNodesDir}/comfyui_controlnet_aux
chmod -R u+w ${customNodesDir}/comfyui_controlnet_aux
fi
if [ ! -d "${customNodesDir}/ComfyUI_IPAdapter_plus" ]; then
cp -r ${ipAdapter} ${customNodesDir}/ComfyUI_IPAdapter_plus
chmod -R u+w ${customNodesDir}/ComfyUI_IPAdapter_plus
fi
if [ ! -d "${customNodesDir}/comfyui-tooling-nodes" ]; then
cp -r ${toolingNodes} ${customNodesDir}/comfyui-tooling-nodes
chmod -R u+w ${customNodesDir}/comfyui-tooling-nodes
fi
if [ ! -d "${customNodesDir}/comfyui-inpaint-nodes" ]; then
cp -r ${inpaintNodes} ${customNodesDir}/comfyui-inpaint-nodes
chmod -R u+w ${customNodesDir}/comfyui-inpaint-nodes
fi
cd ${dataDir}
# Create venv on first run
if [ ! -d "${venvDir}" ]; then
${pkgs.python313}/bin/python -m venv ${venvDir}
${venvDir}/bin/pip install --upgrade pip
fi
# Install deps
if [ ! -f "${venvDir}/.deps-installed" ]; then
${venvDir}/bin/pip install torch torchvision torchaudio --extra-index-url https://download.pytorch.org/whl/cu124
${venvDir}/bin/pip install -r requirements.txt
touch ${venvDir}/.deps-installed
fi
# Install custom nodes deps
if [ ! -f "${venvDir}/.custom-nodes-installed" ]; then
for node in ${customNodesDir}/*/; do
if [ -f "$node/requirements.txt" ]; then
# Replace opencv-python with headless version (no GUI deps)
sed 's/opencv-python>=/opencv-python-headless>=/g' "$node/requirements.txt" > /tmp/requirements_patched.txt
${venvDir}/bin/pip install -r /tmp/requirements_patched.txt || true
fi
done
touch ${venvDir}/.custom-nodes-installed
fi
exec ${venvDir}/bin/python main.py "$@"
'';
in
{
home.packages = [ pkgs.python313 pkgs.git ];
systemd.user.services.comfy-ui = {
Unit = {
Description = "ComfyUI";
After = [ "network.target" ];
};
Service = {
Type = "simple";
ExecStart = "${startScript}";
Restart = "on-failure";
Environment = [ "CUDA_VISIBLE_DEVICES=0" ];
};
Install.WantedBy = [ "default.target" ];
};
}

9
home-manager/services/default.nix
View file

@ -1,9 +0,0 @@
{ ... }:
{
imports = [
./comfy-ui.nix
];
}

4
home-manager/zsh.nix
View file

@ -1,4 +1,7 @@
{
config,
lib,
pkgs,
...
}:
{
@ -17,7 +20,6 @@
export GPG_TTY=$(tty)
export EDITOR="nvim -n -c 'set noswapfile nobackup nowritebackup'"
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
export PATH="$HOME/.config/emacs/bin:$PATH"
'';

26
hosts/Nixbook/hardware-configuration.nix
View file

@ -1,8 +1,7 @@
{
config,
lib,
modulesPath,
...
{ config
, lib
, modulesPath
, ...
}:
{
@ -24,25 +23,29 @@
extraModulePackages = [ ];
};
fileSystems."/" = {
fileSystems."/" =
{
device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab";
fsType = "btrfs";
options = [ "subvol=@root" ];
};
fileSystems."/nix" = {
fileSystems."/nix" =
{
device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab";
fsType = "btrfs";
options = [ "subvol=@nix" ];
};
fileSystems."/var/log" = {
fileSystems."/var/log" =
{
device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab";
fsType = "btrfs";
options = [ "subvol=@log" ];
};
fileSystems."/home" = {
fileSystems."/home" =
{
device = "/dev/disk/by-uuid/492e3157-429e-4b9b-995f-c341c83b17ab";
fsType = "btrfs";
options = [ "subvol=@home" ];
@ -51,10 +54,7 @@
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/50A0-7758";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices = [

99
hosts/Nixcloud/default.nix
View file

@ -1,58 +1,75 @@
{ pkgs, ... }:
{
config,
inputs,
lib,
pkgs,
...
}:
{
imports = [
./hardware-configuration.nix
./networking.nix
./forgejo.nix
];
boot.loader.grub = {
enable = true;
efiSupport = true; # Enable EFI features
efiInstallAsRemovable = true; # Force install without accessing BIOS variables
};
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
environment.systemPackages = with pkgs; [
git
];
networking.hostName = "srv1065175";
networking.domain = "hstgr.cloud";
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjC5EuxC6un3StoRkn1X1Mv09Mx1icGfN5fnlWRfqFPtiwAusJA+q0p2MktujY/+kDOpzExtjbXP5CtW7zcUfeitO26BY0WH106P4ttsq/0zzq5pmPXxGn9crN7JqFp3f9LMlL0F+3Oa0mJ6HcS2UgQEUYS6ofJBV1CLeMfkv75F+iy7AG1V9EaT4pvwdmAJ+6XXSo+UtadWOZGlWVRETyDcxa2H/aS/e+JrQfeAHM9f9cyeZqO9OHFWmuzHDc2T014+OhzzWnLUC/nUc1KUELvha1cT1ViMbcF62cjQXxip/5GGsIkw+7PdJFTn3ITwRO1+06qs6WnO4ceh8wIyOblUgTfRvIXkB7nnanC3CupqLbT+s/HeRiwnI4aih7lDrB717dPTy/ZfNXqxy1K51bZzRTXzkY+oUF1eqG37KvGoFZ6Zjf8KMrtTWBhqdIWV/kY4ZBTtvtiU81iXEWbobcyTzsIzKtZhCrGt+KxFUYV90u+ts3jrFdHIsN/tIzuEKz2ZZ8f749u2Q9jgIwe1KLtTwmSDjAV5gkbnE7ZDMB82pTzlwdrZ/VkCIu3/EtoWq3Y+NrKL4OzWL74Tzgsn28jvsegrnz5Lp24zPpNmBzCgbkwPStFjvp16G6pUiTLAAn9YiBqYbbvDbGxun55QMwYORGsdk5hISaC/cPzaUKkQ== thiago@sposito.ch''
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCWstSULudWNwPQxyS2J7Qygw8CozDDy8WsPjsYzKPI9s0B/KLU0g1oX42bBvn4DgNpzGrpb6IGHpRQohStt7vcOxb9XpfhIOcIr45gU3k3lcPjh6vj8/ZoNQlRDIfxs83RDImvveYABuI/Hq42mLV1kI5qnQHaJxuW73AuYKNzE3Z3PUl5Kw6MgzSZ96QlpiQDn/js7ZTBF/YZ18kPh9E9O1y+EDhcJ4gn38rFIMYMG/KbJB22hYyYQHo0WkJlZ2jScnjv1op2yHPM4lfjOnnyL+LhOQLN8VrHayDWXtJcIW0nEKT+1R/7qkSH/5ELA2c/gznfkdTDzfG8+P3WAzNF openpgp:0xC25417F1''
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICRAJaRuXqVeAs/Y5CeTbyc9lSbyvchkVqiML/yl6wbh thiago@Nixbook''
users.users = {
root.openssh.authorizedKeys.keyFiles = [
(builtins.fetchurl {
url = "https://meta.sr.ht/~sposito.keys";
name = "sposito-srht-keys";
sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc";
})
];
nimbus.openssh.authorizedKeys.keys = [
(builtins.fetchurl {
url = "https://meta.sr.ht/~sposito.keys";
name = "sposito-srht-keys";
sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc";
})
];
users.users.nimbus = {
isNormalUser = true;
extraGroups = [ "wheel" ];
};
security.sudo.extraRules = [
{
users = [ "nimbus" ];
commands = [
{
command = "ALL";
options = [ "NOPASSWD" ];
}
];
}
];
system.stateVersion = "23.11";
boot.kernelParams = [
"console=tty1"
"console=ttyS0,115200"
environment = {
shells = with pkgs; [ bash ];
etc = lib.mapAttrs' (name: value: {
name = "nix/path/${name}";
value.source = value.flake;
}) config.nix.registry;
systemPackages = with pkgs; [
git
sops
wget
];
};
nix = {
registry = (lib.mapAttrs (_: flake: { inherit flake; })) (
(lib.filterAttrs (_: lib.isType "flake")) inputs
);
nixPath = [ "/etc/nix/path" ];
settings = {
download-buffer-size = "512M";
experimental-features = "nix-command flakes";
auto-optimise-store = true;
};
};
programs = {
gnupg = {
agent = {
enableSSHSupport = true;
enable = true;
pinentryPackage = pkgs.pinentry-tty;
};
};
};
time.timeZone = "America/Sao_Paulo";
}

42
hosts/Nixcloud/forgejo.nix
View file

@ -1,42 +0,0 @@
{ lib, config, ... }:
let
cfg = config.services.forgejo;
srv = cfg.settings.server;
domain = "git.sposi.to";
in
{
security.acme = {
acceptTerms = true;
defaults.email = "th.spo@pm.me";
};
services.nginx = {
enable = true;
virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
# Allow HTTP initially for ACME challenge, will redirect to HTTPS once cert is ready
extraConfig = ''
client_max_body_size 512M;
'';
locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
};
};
services.forgejo = {
enable = true;
database.type = "sqlite3";
lfs.enable = true;
settings = {
server = {
DOMAIN = domain;
ROOT_URL = "https://${domain}/";
HTTP_PORT = 3000;
};
service.DISABLE_REGISTRATION = true;
};
};
services.forgejo.settings.server.SSH_PORT = lib.mkDefault (lib.head (config.services.openssh.ports or [ 22 ]));
}

23
hosts/Nixcloud/hardware-configuration.nix
View file

@ -1,22 +1,11 @@
{ modulesPath, lib, ... }:
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub.device = "nodev";
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
];
nixpkgs.hostPlatform = "x86_64-linux";
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = {
device = "/dev/sda1";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/sda15";
fsType = "vfat";
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
}

6
hosts/Nixcloud/networking.nix
View file

@ -1,10 +1,10 @@
{ lib, ... }:
{
# This file was populated at runtime with the networking
# details gathered from the active system.
networking = {
nameservers = [
"8.8.8.8"
"45.143.83.10"
"1.1.1.1"
"8.8.4.4"
];
defaultGateway = "72.61.129.254";
defaultGateway6 = {

2
hosts/Nixstation/default.nix
View file

@ -17,11 +17,11 @@
};
environment = {
gnome.excludePackages = [ pkgs.epiphany ];
systemPackages = with pkgs; [
act
btrfs-progs
cudatoolkit
];
};

25
hosts/Nixstation/hardware-configuration.nix
View file

@ -1,9 +1,8 @@
{
config,
lib,
modulesPath,
pkgs,
...
{ config
, lib
, modulesPath
, pkgs
, ...
}:
{
@ -22,19 +21,9 @@
"sd_mod"
"xhci_pci"
];
kernelParams = [
# used to improve VM perfomance (guix experiments)
"amd_pstate=active"
"usbcore.autosuspend=-1"
"hugepagesz=1G"
"hugepages=16"
"default_hugepagesz=1G"
];
kernelParams = [ "amd_pstate=active" "usbcore.autosuspend=-1" ];
initrd.kernelModules = [ ];
kernelModules = [
"kvm-amd"
"iwlwifi"
];
kernelModules = [ "kvm-amd" "iwlwifi" ];
extraModulePackages = [ ];
};
fileSystems = {

21
hosts/common/network.nix
View file

@ -21,7 +21,7 @@
];
};
};
security.pki.certificateFiles = [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
services = {
opensnitch = {
enable = true;
@ -38,7 +38,7 @@
# openssh.settings.X11Forwarding = true;
};
virtualisation = {
virtualisation ={
docker = {
enable = true;
logDriver = "journald";
@ -66,26 +66,11 @@
"workgroup" = "WORKGROUP";
"server string" = "smbnix";
"netbios name" = "smbnix";
"hosts allow" = "192.168.0. 192.168. 192.168.122.55 127.0.0.1 192.168.122.197 localhost";
"hosts allow" = "192.168.0. 192.168. 192.168.122.55 127.0.0.1 localhost";
"hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
security = "user";
# used for xp priter vm
# # Windows XP compatibility settings
# "server min protocol" = "NT1"; # Enable SMB1 for Windows XP
# "client min protocol" = "NT1";
# "ntlm auth" = "yes"; # Required for Windows XP
# "lanman auth" = "yes"; # Required for Windows XP
# };
# # Share for Windows XP access
# "shared" = {
# "path" = "/home/thiago/shared";
# "browseable" = "yes";
# "read only" = "no";
# "guest ok" = "yes";
# "create mask" = "0644";
# "directory mask" = "0755";
};
};
};

14
hosts/common/nvidia/default.nix
View file

@ -1,13 +1,12 @@
{
pkgs,
config,
...
{ pkgs
, config
, ...
}:
{
boot = {
kernelModules = [ "nvidia" ];
kernelParams = [ "nvidia-drm.modset=1" ];
blacklistedKernelModules = [ "nouveau" ];
kernelParams = [ "nvidia-drm.modeset=1" ];
blacklistedKernelModules = [ "nouveau" "amdgpu" ];
};
hardware = {
graphics = {
@ -32,7 +31,7 @@
desktopManager.gnome.enable = true;
displayManager = {
gdm.enable = true;
gdm.wayland = true;
# gdm.wayland = true;
defaultSession = "gnome";
};
@ -47,7 +46,6 @@
cudaPackages.cuda_nvcc
cudaPackages.cudatoolkit
libepoxy
mesa-demos
libglvnd
nvidia-container-toolkit
vulkan-tools

5
hosts/common/nvidia/passthrough.nix
View file

@ -1,7 +1,6 @@
# Under maintanence
{
pkgs,
...
{ pkgs
, ...
}:
let
# Optional helper for manual (re)binding at runtime

3
hosts/common/users/thiago/default.nix
View file

@ -31,12 +31,11 @@ in
(builtins.fetchurl {
url = "https://meta.sr.ht/~sposito.keys";
name = "sposito-srht-keys";
sha256 = "1a0qcpbdkmdhnhhqvcmf6rq7zmjap6kxiwrcmmgs0fbhrlcyhkmi";
sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc";
})
];
packages = [ pkgs.home-manager ];
};
}

7
hosts/husky.nix
View file

@ -5,13 +5,11 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
};
outputs =
{ self, nixpkgs, ... }:
outputs = { self, nixpkgs, ... }:
let
system = "aarch64-linux";
pkgs = import nixpkgs { inherit system; };
in
{
in {
devShells.${system}.default = pkgs.mkShell {
buildInputs = with pkgs; [
git
@ -28,3 +26,4 @@
};
};
}