diff --git a/_modules/home/shell/default.nix b/_modules/home/shell/default.nix deleted file mode 100644 index 3613c76..0000000 --- a/_modules/home/shell/default.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.attrsets) attrValues; - inherit (lib.modules) mkIf mkMerge; - inherit (lib.options) mkOption mkEnableOption; - inherit (lib.types) nullOr enum; - - cfg = config.modules.${user}.shell; -in -{ - options.modules.${user}.shell = { - default = mkOption { - type = nullOr (enum ["fish" "zsh" "bash"]); - default = null; - description = "Default system shell"; - }; - - corePkgs.enable = mkEnableOption "core shell packages"; - }; - - config = mkMerge [ - (mkIf (cfg.default != null) { - users.defaultUserShell = pkgs."${cfg.default}"; - - # modules.${user}.shell.toolset.gnupg.enable = true; - }) - - (mkIf cfg.corePkgs.enable { - modules.${user}.shell.toolset = { - bat.enable = true; - btop.enable = true; - eza.enable = true; - fzf.enable = true; - git.enable = true; - starship.enable = true; - tmux.enable = true; - yazi.enable = true; - zoxide.enable = true; - }; - - home-manager.users.${user} = { - home.packages = attrValues { - inherit (pkgs) any-nix-shell pwgen yt-dlp ripdrag; - inherit (pkgs) fd; - - rgFull = pkgs.ripgrep.override {withPCRE2 = true;}; - }; - - home.shellAliases = { - # ls = "eza -a"; - # cat = "bat -pp"; - # y = "yazi"; - # zed = "zeditor ."; - }; - - programs = { - direnv = { - enable = true; - config.global = { - load_dotenv = true; - strict_env = true; - hide_env_diff = true; - }; - nix-direnv.enable = true; - config.whitelist.prefix = ["/home"]; - }; - }; - }; - }) - ]; -} diff --git a/_modules/home/shell/toolset/bat.nix b/_modules/home/shell/toolset/bat.nix deleted file mode 100644 index a1d2177..0000000 --- a/_modules/home/shell/toolset/bat.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; - inherit (lib.options) mkEnableOption; - - cfg = config.modules.${user}.shell.toolset.bat; -in -{ - options.modules.${user}.shell.toolset.bat = { - enable = mkEnableOption "cat replacement"; - }; - - config = mkIf cfg.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ bat ]; - - programs.bat = { - enable = true; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/btop.nix b/_modules/home/shell/toolset/btop.nix deleted file mode 100644 index f4a364d..0000000 --- a/_modules/home/shell/toolset/btop.nix +++ /dev/null @@ -1,95 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib) mkIf mkEnableOption; - inherit (lib.strings) concatStringsSep; - - cfg = config.modules.${user}.shell.toolset.btop; -in -{ - options.modules.${user}.shell.toolset.btop = { - enable = mkEnableOption "system-monitor"; - }; - - config = mkIf cfg.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ btop ]; - - programs.btop = { - enable = true; - settings = { - force_tty = false; - vim_keys = true; # Directional keys: "h,j,k,l,g,G" - update_ms = 1500; # ms (s^{-3}) - temp_scale = "celsius"; - base_10_sizes = false; - show_cpu_freq = true; - clock_format = "%H:%M"; - background_update = true; - disks_filter = "exclude=/boot"; - - rounded_corners = true; - theme_background = false; - truecolor = true; - presets = concatStringsSep "," [ - "cpu:1:default" - "proc:0:default cpu:0:default" - "mem:0:default" - "net:0:default cpu:0:block" - "net:0:tty" - ]; - graph_symbol = "braille"; - graph_symbol_cpu = "default"; - graph_symbol_mem = "default"; - graph_symbol_net = "default"; - graph_symbol_proc = "default"; - shown_boxes = "proc cpu mem net"; - - proc_sorting = "cpu lazy"; - proc_reversed = false; - proc_tree = false; - proc_colors = true; - proc_gradient = true; - proc_per_core = true; - proc_mem_bytes = true; - proc_info_smaps = false; - proc_left = false; - - cpu_graph_upper = "total"; - cpu_graph_lower = "total"; - cpu_single_graph = false; - cpu_bottom = false; - show_uptime = true; - check_temp = true; - cpu_sensor = "Auto"; - show_coretemp = true; - cpu_core_map = ""; - custom_cpu_name = ""; - - mem_graphs = true; - mem_below_net = false; - - show_swap = true; - swap_disk = true; - show_disks = true; - only_physical = true; - use_fstab = false; # Enable -> disables `only_physical` - disk_free_priv = false; - show_io_stat = true; - - io_mode = false; - io_graph_combined = false; - io_graph_speeds = ""; - - net_download = 100; - net_upload = 100; - net_auto = true; - net_sync = false; - net_iface = "br0"; - show_battery = true; - selected_battery = "Auto"; - log_level = "DEBUG"; - }; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/eza.nix b/_modules/home/shell/toolset/eza.nix deleted file mode 100644 index 3e2da9b..0000000 --- a/_modules/home/shell/toolset/eza.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; - inherit (lib.options) mkEnableOption; - - cfg = config.modules.${user}.shell.toolset.eza; -in -{ - options.modules.${user}.shell.toolset.eza = { - enable = mkEnableOption "system-monitor"; - }; - - config = mkIf cfg.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ eza ]; - - programs.eza = { - enable = true; - icons = "auto"; - git = true; - extraOptions = [ - "--hyperlink" - "--across" - "--group-directories-first" - ]; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/fzf.nix b/_modules/home/shell/toolset/fzf.nix deleted file mode 100644 index 3e99666..0000000 --- a/_modules/home/shell/toolset/fzf.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib) mkIf mkEnableOption; - - defShell = config.modules.${user}.shell.default; -in -{ - options.modules.${user}.shell.toolset.fzf = { - enable = mkEnableOption "TUI Fuzzy Finder."; - }; - - config = mkIf config.modules.${user}.shell.toolset.fzf.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ fzf ]; - - programs.fzf = { - enable = true; - enableBashIntegration = true; - enableZshIntegration = defShell == "zsh"; - enableFishIntegration = defShell == "fish"; - - tmux.enableShellIntegration = true; - tmux.shellIntegrationOptions = ["-d 40%"]; - - defaultCommand = "fd --type f"; - defaultOptions = ["--height 40%" "--border"]; - - changeDirWidgetCommand = "fd --type d"; - changeDirWidgetOptions = ["--preview 'tree -C {} | head -200'"]; - - fileWidgetCommand = "fd --type f"; - fileWidgetOptions = ["--preview 'head {}'"]; - historyWidgetOptions = ["--sort" "--exact"]; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/git.nix b/_modules/home/shell/toolset/git.nix deleted file mode 100644 index f40a8ce..0000000 --- a/_modules/home/shell/toolset/git.nix +++ /dev/null @@ -1,112 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.options) mkEnableOption; - inherit (lib.modules) mkIf; -in -{ - options.modules.${user}.shell.toolset.git = { - enable = mkEnableOption "version-control system"; - }; - - config = mkIf config.modules.${user}.shell.toolset.git.enable { - environment.sessionVariables.GITHUB_TOKEN = "$(cat /run/agenix/tokenGH)"; - - home-manager.users.${user} = { - home.packages = with pkgs; [ lazygit lazyjj jujutsu ]; - - programs = { - zsh.initContent = '' - # -------===[ Helpful Git Fn's ]===------- # - gitignore() { - curl -s -o .gitignore https://gitignore.io/api/$1 - } - ''; - - fish.functions = { - gitignore = "curl -sL https://www.gitignore.io/api/$argv"; - }; - - git = { - enable = true; - package = pkgs.gitFull; - difftastic = { - enable = true; - background = "dark"; - color = "always"; - display = "inline"; - }; - - ignores = [ - # General: - "*.bloop" - "*.bsp" - "*.metals" - "*.metals.sbt" - "*metals.sbt" - "*.direnv" - "*.envrc" - "*hie.yaml" - "*.mill-version" - "*.jvmopts" - - # OS-related: - ".DS_Store?" - ".DS_Store" - ".CFUserTextEncoding" - ".Trash" - ".Xauthority" - "thumbs.db" - "Thumbs.db" - "Icon?" - - # Compiled residues: - "*.class" - "*.exe" - "*.o" - "*.pyc" - "*.elc" - ]; - - extraConfig = { - init.defaultBranch = "main"; - core = { - editor = "nvim"; - whitespace = "trailing-space,space-before-tab"; - }; - credential.helper = "${pkgs.gitFull}/bin/git-credential-libsecret"; - - user = { - name = config.modules.${user}.user.full_name; - email = config.modules.${user}.user.email; - signingKey = "~/.ssh/id_rsa.pub"; - }; - - gpg.format = "ssh"; - commit.gpgSign = true; - tag.gpgSign = true; - - push = { - autoSetupRemote = true; - default = "current"; - gpgSign = "if-asked"; - autoSquash = true; - }; - pull.rebase = true; - - filter = { - required = true; - smudge = "git-lfs smudge -- %f"; - process = "git-lfs filter-process"; - clean = "git-lfs clean -- %f"; - }; - - url = { - "https://github.com/".insteadOf = "gh:"; - "git@github.com:".insteadOf = "ssh+gh:"; - }; - }; - }; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/starship.nix b/_modules/home/shell/toolset/starship.nix deleted file mode 100644 index f573ff1..0000000 --- a/_modules/home/shell/toolset/starship.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; - inherit (lib.options) mkEnableOption; -in -{ - options.modules.${user}.shell.toolset.starship = { - enable = mkEnableOption "fancy pansy shell prompt"; - }; - - config = mkIf config.modules.${user}.shell.toolset.starship.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ starship ]; - - programs.starship = { - enable = true; - settings = { - format = "[╭](bold green) $username@$hostname$nix_shell: $directory$cmd_duration$git_branch$git_commit$git_state$git_status$line_break[╰](green bold)$character"; - - username = { - format = "[$user]($style)"; - show_always = true; - }; - - hostname = { - ssh_only = false; - ssh_symbol = "🌐 "; - format = "[$hostname](bold red)"; - trim_at = ".local"; - disabled = false; - }; - - nix_shell = { - symbol = " "; - format = "[$symbol$name]($style) "; - style = "magenta bold"; - }; - - git_branch = { - only_attached = true; - format = "[$symbol$branch]($style) "; - symbol = " "; - style = "yellow bold"; - }; - - git_commit = { - tag_disabled = false; - }; - - git_state = { - style = "magenta bold"; - }; - - git_status = { - format = "[$all_status $ahead_behind]($style) "; - style = "bold green"; - conflicted = "🏳"; - up_to_date = ""; - untracked = " "; - ahead = "⇡\${count}"; - diverged = "⇕⇡\${ahead_count}⇣\${behind_count}"; - behind = "⇣\${count}"; - stashed = " "; - modified = " "; - staged = "[++\($count\)](green)"; - renamed = "襁 "; - deleted = " "; - }; - - directory = { - read_only = " 󰌾"; - }; - - cmd_duration = { - format = "[$duration]($style) "; - style = "blue"; - }; - - os = { - format = "[$symbol](bold white)"; - disabled = false; - - symbols = { - Windows = " "; - Arch = "󰣇"; - Ubuntu = ""; - Macos = "󰀵"; - Manjaro = " "; - Nobara = " "; - Unknown = "󰠥"; - }; - }; - - fill = { - symbol = " "; - }; - }; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/tmux.nix b/_modules/home/shell/toolset/tmux.nix deleted file mode 100644 index 137b600..0000000 --- a/_modules/home/shell/toolset/tmux.nix +++ /dev/null @@ -1,107 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; -in -{ - options.modules.${user}.shell.toolset.tmux = let - inherit (lib.options) mkEnableOption; - in { enable = mkEnableOption "terminal multiplexer"; }; - - config = mkIf config.modules.${user}.shell.toolset.tmux.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ tmux ]; - - programs.tmux = { - enable = true; - secureSocket = true; - keyMode = "vi"; - prefix = "C-a"; - terminal = "tmux-256color"; - - baseIndex = 1; - clock24 = true; - disableConfirmationPrompt = true; - escapeTime = 0; - - aggressiveResize = false; - resizeAmount = 2; - reverseSplit = false; - historyLimit = 5000; - newSession = true; - - plugins = let - inherit (pkgs.tmuxPlugins) resurrect continuum; - in [ - { - plugin = resurrect; - extraConfig = "set -g @resurrect-strategy-nvim 'session'"; - } - { - plugin = continuum; - extraConfig = '' - set -g @continuum-restore 'on' - set -g @continuum-save-interval '60' # minutes - ''; - } - ]; - - extraConfig = '' - # -------===[ Color Correction ]===------- # - set-option -ga terminal-overrides ",*256col*:Tc" - set-option -ga terminal-overrides '*:Ss=\E[%p1%d q:Se=\E[ q' - set-environment -g COLORTERM "truecolor" - - # -------===[ General-Configurations ]===------- # - set-option -g renumber-windows on - set-window-option -g automatic-rename on - set-window-option -g word-separators ' @"=()[]' - - set-option -g mouse on - set-option -s focus-events on - set-option -g renumber-windows on - set-option -g allow-rename off - - # -------===[ Activity/Sound ]===------- # - set-option -g bell-action none - set-option -g visual-bell off - set-option -g visual-silence off - set-option -g visual-activity off - set-window-option -g monitor-activity off - - # -------===[ Status-Bar ]===------- # - set-option -g status on - set-option -g status-interval 1 - set-option -g status-style bg=default,bold,italics - - set-option -g status-position top - set-option -g status-justify left - - set-option -g status-left-length "40" - set-option -g status-right-length "80" - - # -------===[ Keybindings ]===------- # - bind-key c clock-mode - - # Window Control(s): - bind-key q kill-session - bind-key Q kill-server - bind-key t new-window -c '#{pane_current_path}' - - # Buffers: - bind-key b list-buffers - bind-key p paste-buffer - bind-key P choose-buffer - - # Split bindings: - bind-key - split-window -v -c '#{pane_current_path}' - bind-key / split-window -h -c '#{pane_current_path}' - - # Copy/Paste bindings: - bind-key -T copy-mode-vi v send-keys -X begin-selection -N "Start visual mode for selection" - bind-key -T copy-mode-vi y send-keys -X copy-selection -N "Yank text into buffer" - bind-key -T copy-mode-vi r send-keys -X rectangle-toggle -N "Yank region into buffer" - ''; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/yazi.nix b/_modules/home/shell/toolset/yazi.nix deleted file mode 100644 index 252ae8a..0000000 --- a/_modules/home/shell/toolset/yazi.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; - inherit (lib.options) mkEnableOption; - - cfg = config.modules.${user}.shell.toolset.yazi; -in -{ - options.modules.${user}.shell.toolset.yazi = { - enable = mkEnableOption "cli file browser"; - }; - - config = mkIf cfg.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ yazi ]; - - programs.yazi = { - enable = true; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/zellij.nix b/_modules/home/shell/toolset/zellij.nix deleted file mode 100644 index 01f6c8a..0000000 --- a/_modules/home/shell/toolset/zellij.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; - inherit (lib.options) mkEnableOption; -in -{ - options.modules.${user}.shell.toolset.zellij = { - enable = mkEnableOption "terminal multiplexer"; - }; - - config = mkIf config.modules.${user}.shell.toolset.zellij.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ zellij ]; - - programs.zellij = { - enable = true; - attachExistingSession = true; - - settings = {}; - }; - }; - }; -} diff --git a/_modules/home/shell/toolset/zoxide.nix b/_modules/home/shell/toolset/zoxide.nix deleted file mode 100644 index 2d456b8..0000000 --- a/_modules/home/shell/toolset/zoxide.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; - inherit (lib.options) mkEnableOption; - - cfg = config.modules.${user}.shell.toolset.zoxide; -in -{ - options.modules.${user}.shell.toolset.zoxide = { - enable = mkEnableOption "cd replacement"; - }; - - config = mkIf cfg.enable { - home-manager.users.${user} = { - home.packages = with pkgs; [ zoxide ]; - - programs.zoxide = { - enable = true; - }; - }; - }; -} diff --git a/_modules/home/shell/zsh.nix b/_modules/home/shell/zsh.nix deleted file mode 100644 index e6fc881..0000000 --- a/_modules/home/shell/zsh.nix +++ /dev/null @@ -1,104 +0,0 @@ -{ config, lib, pkgs, user, ... }: -let - inherit (lib.modules) mkIf; - - cfg = config.modules.${user}.shell; -in -{ - config = mkIf (cfg.default == "zsh") { - modules.shell.zsh.enable = true; - - modules.${user}.shell = { - corePkgs.enable = true; - }; - - # Enable completion for sys-packages: - environment.pathsToLink = ["/share/zsh"]; - - home-manager.users.${user} = { - # xdg.configFile."zsh-abbreviations" = { - # target = "zsh/abbreviations"; - # text = let - # abbrevs = { - # ls = "eza -al"; - # }; - # in '' - # ${concatStrings (mapAttrsToList - # (k: v: "abbr ${k}=${escapeNixString v}") - # abbrevs - # )} - # ''; - # }; - - programs = { - starship.enableZshIntegration = true; - yazi.enableZshIntegration = true; - zellij.enableZshIntegration = true; - - zsh = { - enable = true; - enableCompletion = true; - autosuggestion.enable = true; - - history = { - size = 10000; - path = "$XDG_CONFIG_HOME/zsh/history"; - }; - - oh-my-zsh = { - enable = true; - plugins = ["git" "docker-compose" "zoxide"]; - }; - - plugins = let - mkZshPlugin = { - pkg, - file ? "${pkg.pname}.plugin.zsh", - }: { - name = pkg.pname; - src = pkg.src; - inherit file; - }; - in - with pkgs; [ - (mkZshPlugin {pkg = zsh-abbr;}) - (mkZshPlugin {pkg = zsh-autopair;}) - (mkZshPlugin {pkg = zsh-you-should-use;}) - (mkZshPlugin { - pkg = zsh-nix-shell; - file = "nix-shell.plugin.zsh"; - }) - - { - name = "zsh-autosuggestion"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-autosuggestions"; - rev = "v0.7.0"; - sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98"; - }; - } - { - name = "zsh-completions"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-completions"; - rev = "0.34.0"; - sha256 = "0jjgvzj3v31yibjmq50s80s3sqi4d91yin45pvn3fpnihcrinam9"; - }; - } - { - name = "zsh-syntax-highlighting"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-syntax-highlighting"; - rev = "0.7.0"; - sha256 = "0s1z3whzwli5452h2yzjzzj27pf1hd45g223yv0v6hgrip9f853r"; - }; - } - ]; - }; - }; - }; - }; -} diff --git a/_modules/system/networking/default.nix b/_modules/system/networking/default.nix deleted file mode 100644 index d8cdec7..0000000 --- a/_modules/system/networking/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, options, lib, pkgs, ... }: let - inherit (lib.modules) mkDefault; - inherit (lib.options) mkOption; - - cfg = config.modules.networking; -in { - options.modules.networking = { - wifi.backend = mkOption { - type = with lib.types; enum [ "wpa_supplicant" "iwd" ]; - default = "wpa_supplicant"; - example = "wpa_supplicant"; - description = "set the backend used for wifi wpa_supplicant by default"; - }; - }; - - config = { - systemd.services.NetworkManager-wait-online.enable = false; - - networking = { - enableIPv6 = true; - useDHCP = mkDefault true; - - firewall.enable = true; - - networkmanager = { - enable = mkDefault true; - wifi.backend = mkDefault config.modules.networking.wifi.backend; - }; - }; - }; -} diff --git a/modules/home/shell/default.nix b/modules/home/shell/default.nix new file mode 100644 index 0000000..ab4f6b3 --- /dev/null +++ b/modules/home/shell/default.nix @@ -0,0 +1,53 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) attrValues mkIf mkMerge mkOption mkEnableOption; + inherit (lib.types) nullOr enum; + + cfg = config.${namespace}.shell; +in +{ + options.${namespace}.shell = { + default = mkOption { + type = nullOr (enum ["fish" "zsh" "bash"]); + default = null; + description = "Default system shell"; + }; + + corePkgs.enable = mkEnableOption "core shell packages"; + }; + + config = mkMerge [ + (mkIf (cfg.default != null) { + users.defaultUserShell = pkgs."${cfg.default}"; + }) + + (mkIf cfg.corePkgs.enable { + ${namespace}.shell.toolset = { + bat.enable = true; + btop.enable = true; + eza.enable = true; + fzf.enable = true; + git.enable = true; + starship.enable = true; + tmux.enable = true; + yazi.enable = true; + zoxide.enable = true; + }; + + home.packages = with pkgs; [ any-nix-shell pwgen yt-dlp ripdrag fd (ripgrep.override {withPCRE2 = true;}) ]; + + programs = { + direnv = { + enable = true; + config.global = { + load_dotenv = true; + strict_env = true; + hide_env_diff = true; + }; + nix-direnv.enable = true; + config.whitelist.prefix = ["/home"]; + }; + }; + }) + ]; +} diff --git a/modules/home/shell/toolset/bat.nix b/modules/home/shell/toolset/bat.nix new file mode 100644 index 0000000..9a1d904 --- /dev/null +++ b/modules/home/shell/toolset/bat.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.toolset.bat; +in +{ + options.${namespace}.shell.toolset.bat = { + enable = mkEnableOption "cat replacement"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ bat ]; + + programs.bat = { + enable = true; + }; + }; +} diff --git a/modules/home/shell/toolset/btop.nix b/modules/home/shell/toolset/btop.nix new file mode 100644 index 0000000..ec30da6 --- /dev/null +++ b/modules/home/shell/toolset/btop.nix @@ -0,0 +1,93 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + inherit (lib.strings) concatStringsSep; + + cfg = config.${namespace}.shell.toolset.btop; +in +{ + options.${namespace}.shell.toolset.btop = { + enable = mkEnableOption "system-monitor"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ btop ]; + + programs.btop = { + enable = true; + settings = { + force_tty = false; + vim_keys = true; # Directional keys: "h,j,k,l,g,G" + update_ms = 1500; # ms (s^{-3}) + temp_scale = "celsius"; + base_10_sizes = false; + show_cpu_freq = true; + clock_format = "%H:%M"; + background_update = true; + disks_filter = "exclude=/boot"; + + rounded_corners = true; + theme_background = false; + truecolor = true; + presets = concatStringsSep "," [ + "cpu:1:default" + "proc:0:default cpu:0:default" + "mem:0:default" + "net:0:default cpu:0:block" + "net:0:tty" + ]; + graph_symbol = "braille"; + graph_symbol_cpu = "default"; + graph_symbol_mem = "default"; + graph_symbol_net = "default"; + graph_symbol_proc = "default"; + shown_boxes = "proc cpu mem net"; + + proc_sorting = "cpu lazy"; + proc_reversed = false; + proc_tree = false; + proc_colors = true; + proc_gradient = true; + proc_per_core = true; + proc_mem_bytes = true; + proc_info_smaps = false; + proc_left = false; + + cpu_graph_upper = "total"; + cpu_graph_lower = "total"; + cpu_single_graph = false; + cpu_bottom = false; + show_uptime = true; + check_temp = true; + cpu_sensor = "Auto"; + show_coretemp = true; + cpu_core_map = ""; + custom_cpu_name = ""; + + mem_graphs = true; + mem_below_net = false; + + show_swap = true; + swap_disk = true; + show_disks = true; + only_physical = true; + use_fstab = false; # Enable -> disables `only_physical` + disk_free_priv = false; + show_io_stat = true; + + io_mode = false; + io_graph_combined = false; + io_graph_speeds = ""; + + net_download = 100; + net_upload = 100; + net_auto = true; + net_sync = false; + net_iface = "br0"; + show_battery = true; + selected_battery = "Auto"; + log_level = "DEBUG"; + }; + }; + }; +} diff --git a/modules/home/shell/toolset/eza.nix b/modules/home/shell/toolset/eza.nix new file mode 100644 index 0000000..936c335 --- /dev/null +++ b/modules/home/shell/toolset/eza.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.toolset.eza; +in +{ + options.${namespace}.shell.toolset.eza = { + enable = mkEnableOption "system-monitor"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ eza ]; + + programs.eza = { + enable = true; + icons = "auto"; + git = true; + extraOptions = [ + "--hyperlink" + "--across" + "--group-directories-first" + ]; + }; + }; +} diff --git a/modules/home/shell/toolset/fzf.nix b/modules/home/shell/toolset/fzf.nix new file mode 100644 index 0000000..031e4ce --- /dev/null +++ b/modules/home/shell/toolset/fzf.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.toolset.fzf; + defShell = config.${namespace}.shell.default; +in +{ + options.${namespace}.shell.toolset.fzf = { + enable = mkEnableOption "TUI Fuzzy Finder."; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ fzf ]; + + programs.fzf = { + enable = true; + enableBashIntegration = true; + enableZshIntegration = defShell == "zsh"; + enableFishIntegration = defShell == "fish"; + + tmux.enableShellIntegration = true; + tmux.shellIntegrationOptions = ["-d 40%"]; + + defaultCommand = "fd --type f"; + defaultOptions = ["--height 40%" "--border"]; + + changeDirWidgetCommand = "fd --type d"; + changeDirWidgetOptions = ["--preview 'tree -C {} | head -200'"]; + + fileWidgetCommand = "fd --type f"; + fileWidgetOptions = ["--preview 'head {}'"]; + historyWidgetOptions = ["--sort" "--exact"]; + }; + }; +} diff --git a/modules/home/shell/toolset/git.nix b/modules/home/shell/toolset/git.nix new file mode 100644 index 0000000..274f579 --- /dev/null +++ b/modules/home/shell/toolset/git.nix @@ -0,0 +1,111 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkEnableOption mkIf; + + cfg = config.${namespace}.shell.toolset.git; +in +{ + options.${namespace}.shell.toolset.git = { + enable = mkEnableOption "version-control system"; + }; + + config = mkIf cfg.enable { + environment.sessionVariables.GITHUB_TOKEN = "$(cat /run/agenix/tokenGH)"; + + home.packages = with pkgs; [ lazygit lazyjj jujutsu ]; + + programs = { + zsh.initContent = '' + # -------===[ Helpful Git Fn's ]===------- # + gitignore() { + curl -s -o .gitignore https://gitignore.io/api/$1 + } + ''; + + fish.functions = { + gitignore = "curl -sL https://www.gitignore.io/api/$argv"; + }; + + git = { + enable = true; + package = pkgs.gitFull; + difftastic = { + enable = true; + background = "dark"; + color = "always"; + display = "inline"; + }; + + ignores = [ + # General: + "*.bloop" + "*.bsp" + "*.metals" + "*.metals.sbt" + "*metals.sbt" + "*.direnv" + "*.envrc" + "*hie.yaml" + "*.mill-version" + "*.jvmopts" + + # OS-related: + ".DS_Store?" + ".DS_Store" + ".CFUserTextEncoding" + ".Trash" + ".Xauthority" + "thumbs.db" + "Thumbs.db" + "Icon?" + + # Compiled residues: + "*.class" + "*.exe" + "*.o" + "*.pyc" + "*.elc" + ]; + + extraConfig = { + init.defaultBranch = "main"; + core = { + editor = "nvim"; + whitespace = "trailing-space,space-before-tab"; + }; + credential.helper = "${pkgs.gitFull}/bin/git-credential-libsecret"; + + user = { + name = config.${namespace}.user.full_name; + email = config.${namespace}.user.email; + signingKey = "~/.ssh/id_rsa.pub"; + }; + + gpg.format = "ssh"; + commit.gpgSign = true; + tag.gpgSign = true; + + push = { + autoSetupRemote = true; + default = "current"; + gpgSign = "if-asked"; + autoSquash = true; + }; + pull.rebase = true; + + filter = { + required = true; + smudge = "git-lfs smudge -- %f"; + process = "git-lfs filter-process"; + clean = "git-lfs clean -- %f"; + }; + + url = { + "https://github.com/".insteadOf = "gh:"; + "git@github.com:".insteadOf = "ssh+gh:"; + }; + }; + }; + }; + }; +} diff --git a/_modules/home/shell/toolset/gnupg.nix b/modules/home/shell/toolset/gnupg.nix similarity index 73% rename from _modules/home/shell/toolset/gnupg.nix rename to modules/home/shell/toolset/gnupg.nix index 33c4765..3a69c23 100644 --- a/_modules/home/shell/toolset/gnupg.nix +++ b/modules/home/shell/toolset/gnupg.nix @@ -1,13 +1,11 @@ { config, lib, pkgs, user, ... }: let - inherit (lib.modules) mkIf; + inherit (lib) mkIf mkEnableOption; - cfg = config.modules.${user}.shell.toolset.gnupg; + cfg = config.${namespace}.shell.toolset.gnupg; in { - options.modules.${user}.shell.toolset.gnupg = let - inherit (lib.options) mkEnableOption; - in { + options.${namespace}.shell.toolset.gnupg = { enable = mkEnableOption "cryptographic suite"; }; @@ -16,7 +14,7 @@ in environment.variables.GNUPGHOME = "$XDG_CONFIG_HOME/gnupg"; - home-manager.users.${user}.programs.gnupg = { + programs.gnupg = { enable = true; agent = { diff --git a/modules/home/shell/toolset/starship.nix b/modules/home/shell/toolset/starship.nix new file mode 100644 index 0000000..507d421 --- /dev/null +++ b/modules/home/shell/toolset/starship.nix @@ -0,0 +1,100 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.toolset.starship; +in +{ + options.${namespace}.shell.toolset.starship = { + enable = mkEnableOption "fancy pansy shell prompt"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ starship ]; + + programs.starship = { + enable = true; + settings = { + format = "[╭](bold green) $username@$hostname$nix_shell: $directory$cmd_duration$git_branch$git_commit$git_state$git_status$line_break[╰](green bold)$character"; + + username = { + format = "[$user]($style)"; + show_always = true; + }; + + hostname = { + ssh_only = false; + ssh_symbol = "🌐 "; + format = "[$hostname](bold red)"; + trim_at = ".local"; + disabled = false; + }; + + nix_shell = { + symbol = " "; + format = "[$symbol$name]($style) "; + style = "magenta bold"; + }; + + git_branch = { + only_attached = true; + format = "[$symbol$branch]($style) "; + symbol = " "; + style = "yellow bold"; + }; + + git_commit = { + tag_disabled = false; + }; + + git_state = { + style = "magenta bold"; + }; + + git_status = { + format = "[$all_status $ahead_behind]($style) "; + style = "bold green"; + conflicted = "🏳"; + up_to_date = ""; + untracked = " "; + ahead = "⇡\${count}"; + diverged = "⇕⇡\${ahead_count}⇣\${behind_count}"; + behind = "⇣\${count}"; + stashed = " "; + modified = " "; + staged = "[++\($count\)](green)"; + renamed = "襁 "; + deleted = " "; + }; + + directory = { + read_only = " 󰌾"; + }; + + cmd_duration = { + format = "[$duration]($style) "; + style = "blue"; + }; + + os = { + format = "[$symbol](bold white)"; + disabled = false; + + symbols = { + Windows = " "; + Arch = "󰣇"; + Ubuntu = ""; + Macos = "󰀵"; + Manjaro = " "; + Nobara = " "; + Unknown = "󰠥"; + }; + }; + + fill = { + symbol = " "; + }; + }; + }; + }; +} diff --git a/modules/home/shell/toolset/tmux.nix b/modules/home/shell/toolset/tmux.nix new file mode 100644 index 0000000..26fe163 --- /dev/null +++ b/modules/home/shell/toolset/tmux.nix @@ -0,0 +1,107 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.toolset.tmux; +in +{ + options.${namespace}.shell.toolset.tmux = { + enable = mkEnableOption "terminal multiplexer"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ tmux ]; + + programs.tmux = { + enable = true; + secureSocket = true; + keyMode = "vi"; + prefix = "C-a"; + terminal = "tmux-256color"; + + baseIndex = 1; + clock24 = true; + disableConfirmationPrompt = true; + escapeTime = 0; + + aggressiveResize = false; + resizeAmount = 2; + reverseSplit = false; + historyLimit = 5000; + newSession = true; + + plugins = let + inherit (pkgs.tmuxPlugins) resurrect continuum; + in [ + { + plugin = resurrect; + extraConfig = "set -g @resurrect-strategy-nvim 'session'"; + } + { + plugin = continuum; + extraConfig = '' + set -g @continuum-restore 'on' + set -g @continuum-save-interval '60' # minutes + ''; + } + ]; + + extraConfig = '' + # -------===[ Color Correction ]===------- # + set-option -ga terminal-overrides ",*256col*:Tc" + set-option -ga terminal-overrides '*:Ss=\E[%p1%d q:Se=\E[ q' + set-environment -g COLORTERM "truecolor" + + # -------===[ General-Configurations ]===------- # + set-option -g renumber-windows on + set-window-option -g automatic-rename on + set-window-option -g word-separators ' @"=()[]' + + set-option -g mouse on + set-option -s focus-events on + set-option -g renumber-windows on + set-option -g allow-rename off + + # -------===[ Activity/Sound ]===------- # + set-option -g bell-action none + set-option -g visual-bell off + set-option -g visual-silence off + set-option -g visual-activity off + set-window-option -g monitor-activity off + + # -------===[ Status-Bar ]===------- # + set-option -g status on + set-option -g status-interval 1 + set-option -g status-style bg=default,bold,italics + + set-option -g status-position top + set-option -g status-justify left + + set-option -g status-left-length "40" + set-option -g status-right-length "80" + + # -------===[ Keybindings ]===------- # + bind-key c clock-mode + + # Window Control(s): + bind-key q kill-session + bind-key Q kill-server + bind-key t new-window -c '#{pane_current_path}' + + # Buffers: + bind-key b list-buffers + bind-key p paste-buffer + bind-key P choose-buffer + + # Split bindings: + bind-key - split-window -v -c '#{pane_current_path}' + bind-key / split-window -h -c '#{pane_current_path}' + + # Copy/Paste bindings: + bind-key -T copy-mode-vi v send-keys -X begin-selection -N "Start visual mode for selection" + bind-key -T copy-mode-vi y send-keys -X copy-selection -N "Yank text into buffer" + bind-key -T copy-mode-vi r send-keys -X rectangle-toggle -N "Yank region into buffer" + ''; + }; + }; +} diff --git a/modules/home/shell/toolset/yazi.nix b/modules/home/shell/toolset/yazi.nix new file mode 100644 index 0000000..382c661 --- /dev/null +++ b/modules/home/shell/toolset/yazi.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib.${namespace}) mkIf; + inherit (lib.options) mkEnableOption; + + cfg = config.${namespace}.shell.toolset.yazi; +in +{ + options.${namespace}.shell.toolset.yazi = { + enable = mkEnableOption "cli file browser"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ yazi ]; + + programs.yazi = { + enable = true; + }; + }; +} diff --git a/modules/home/shell/toolset/zellij.nix b/modules/home/shell/toolset/zellij.nix new file mode 100644 index 0000000..da6eae5 --- /dev/null +++ b/modules/home/shell/toolset/zellij.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.toolset.zellij; +in +{ + options.${namespace}.shell.toolset.zellij = { + enable = mkEnableOption "terminal multiplexer"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ zellij ]; + + programs.zellij = { + enable = true; + attachExistingSession = true; + + settings = {}; + }; + }; +} diff --git a/modules/home/shell/toolset/zoxide.nix b/modules/home/shell/toolset/zoxide.nix new file mode 100644 index 0000000..087f216 --- /dev/null +++ b/modules/home/shell/toolset/zoxide.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, user, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.toolset.zoxide; +in +{ + options.${namespace}.shell.toolset.zoxide = { + enable = mkEnableOption "cd replacement"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ zoxide ]; + + programs.zoxide = { + enable = true; + }; + }; +} diff --git a/modules/home/shell/zsh.nix b/modules/home/shell/zsh.nix new file mode 100644 index 0000000..e26cd16 --- /dev/null +++ b/modules/home/shell/zsh.nix @@ -0,0 +1,91 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.shell.zsh; +in +{ + options.${namespace}.shell.zsh = { + enable = mkEnableOption "enable ZSH"; + }; + + config = mkIf cfg.enable { + ${namespace}.shell = { + zsh.enable = true; + corePkgs.enable = true; + }; + + # Enable completion for sys-packages: + environment.pathsToLink = ["/share/zsh"]; + + programs = { + starship.enableZshIntegration = true; + yazi.enableZshIntegration = true; + zellij.enableZshIntegration = true; + + zsh = { + enable = true; + enableCompletion = true; + autosuggestion.enable = true; + + history = { + size = 10000; + path = "$XDG_CONFIG_HOME/zsh/history"; + }; + + oh-my-zsh = { + enable = true; + plugins = ["git" "docker-compose" "zoxide"]; + }; + + plugins = let + mkZshPlugin = { + pkg, + file ? "${pkg.pname}.plugin.zsh", + }: { + name = pkg.pname; + src = pkg.src; + inherit file; + }; + in + with pkgs; [ + (mkZshPlugin {pkg = zsh-abbr;}) + (mkZshPlugin {pkg = zsh-autopair;}) + (mkZshPlugin {pkg = zsh-you-should-use;}) + (mkZshPlugin { + pkg = zsh-nix-shell; + file = "nix-shell.plugin.zsh"; + }) + + { + name = "zsh-autosuggestion"; + src = pkgs.fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-autosuggestions"; + rev = "v0.7.0"; + sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98"; + }; + } + { + name = "zsh-completions"; + src = pkgs.fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-completions"; + rev = "0.34.0"; + sha256 = "0jjgvzj3v31yibjmq50s80s3sqi4d91yin45pvn3fpnihcrinam9"; + }; + } + { + name = "zsh-syntax-highlighting"; + src = pkgs.fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-syntax-highlighting"; + rev = "0.7.0"; + sha256 = "0s1z3whzwli5452h2yzjzzj27pf1hd45g223yv0v6hgrip9f853r"; + }; + } + ]; + }; + }; + }; +} diff --git a/modules/nixos/boot/default.nix b/modules/nixos/boot/default.nix index 5c0c53c..6ff6ac7 100644 --- a/modules/nixos/boot/default.nix +++ b/modules/nixos/boot/default.nix @@ -25,23 +25,27 @@ in config = mkMerge [ ({ - boot.loader = { - systemd-boot.enable = false; - grub.enable = true; + boot = { + kernelPackages = pkgs.linuxPackages_latest; + + loader = { + systemd-boot.enable = false; + grub.enable = true; - grub2-theme = { - enable = true; - theme = "vimix"; - footer = true; + grub2-theme = { + enable = true; + theme = "vimix"; + footer = true; + }; }; }; }) - (mkIf cfg.type == "bios" { + (mkIf (cfg.type == "bios") { boot.loader.grub.efiSupport = false; }) - (mkIf cfg.type == "uefi" { + (mkIf (cfg.type == "uefi") { boot.loader = { efi.canTouchEfiVariables = true; grub = { diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 6efb305..42713e4 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -16,7 +16,7 @@ in }; config = mkMerge [ - (mkIf cfg.preset == "desktop" { + (mkIf (cfg.preset == "desktop") { ${namespace} = mkDefault { hardware.has = { audio = true; @@ -31,8 +31,8 @@ in }; }) - (mkIf cfg.preset == "desktop" { - "${namespace}" = mkDefault { + (mkIf (cfg.preset == "server") { + ${namespace} = mkDefault { services = { ssh.enable = true; }; diff --git a/modules/nixos/desktop/default.nix b/modules/nixos/desktop/default.nix index cca4c69..176b80f 100644 --- a/modules/nixos/desktop/default.nix +++ b/modules/nixos/desktop/default.nix @@ -1,5 +1,6 @@ -{ lib, config, namespace, ... }:let - inherit (lib) mkIf mkOption mkEnableOption mkMerge attrNames filterAttrs readDir; +{ lib, config, namespace, ... }: +let + inherit (lib) mkIf mkOption mkEnableOption mkMerge; inherit (lib.types) nullOr enum; cfg = config.${namespace}.desktop; @@ -7,7 +8,7 @@ in { options.${namespace}.desktop = { use = mkOption { - type = nullOr enum (attrNames (filterAttrs (n: type: type == "directory") (readDir ./.))); + type = nullOr (enum [ "plasma" "gamescope" "gnome" ]); default = null; example = "plasma"; description = "Which desktop to enable"; @@ -17,9 +18,7 @@ in }; config = mkMerge [ - (mkIf cfg.desktop != null { - "${namespace}".desktop.${cfg.use}.enable = true; - + ({ services.displayManager = { enable = true; @@ -28,5 +27,9 @@ in }; }; }) + + (mkIf (cfg.use != null) { + ${namespace}.desktop.${cfg.use}.enable = true; + }) ]; } diff --git a/modules/nixos/shells/zsh.nix b/modules/nixos/shells/zsh.nix new file mode 100644 index 0000000..b9cf75b --- /dev/null +++ b/modules/nixos/shells/zsh.nix @@ -0,0 +1,14 @@ +{ inputs, config, lib, pkgs, namespace, ... }: +let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.shell.zsh; +in +{ + options.${namespace}.shell.zsh = { + enable = mkEnableOption "enable zsh shell"; + }; + + config = mkIf cfg.enable { + }; +} diff --git a/modules/nixos/system/networking.nix b/modules/nixos/system/networking.nix new file mode 100644 index 0000000..c61a81b --- /dev/null +++ b/modules/nixos/system/networking.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) mkDefault; + + cfg = config.${namespace}.system.networking; +in +{ + options.${namespace}.system.networking = {}; + + config = { + systemd.services.NetworkManager-wait-online.enable = false; + + networking = { + enableIPv6 = true; + useDHCP = mkDefault true; + + firewall.enable = true; + + networkmanager = { + enable = true; + wifi.backend = "wpa_supplicant"; + }; + }; + }; +} diff --git a/_modules/system/security.nix b/modules/nixos/system/security/boot.nix similarity index 70% rename from _modules/system/security.nix rename to modules/nixos/system/security/boot.nix index 734c339..ccf1f83 100644 --- a/_modules/system/security.nix +++ b/modules/nixos/system/security/boot.nix @@ -1,43 +1,12 @@ -{ inputs, pkgs, ... }: +{ config, namespace, inputs, ... }: +let + cfg = config.${namespace}.system.security.boot; +in { - imports = [ - inputs.sops-nix.nixosModules.sops - ]; + options.${namespace}.system.security.boot = {}; config = { - environment.systemPackages = with pkgs; [ - bitwarden - sops - ]; - - sops = { - defaultSopsFile = ../../secrets/secrets.yaml; - defaultSopsFormat = "yaml"; - - age.keyFile = "/home/"; - }; - - security = { - sudo.execWheelOnly = true; - acme.acceptTerms = true; - polkit.enable = true; - pam = { - u2f = { - enable = true; - settings.cue = true; - }; - }; - }; - - networking.firewall.enable = true; - programs.gnupg.agent.enable = true; - boot = { - loader.systemd-boot = { - editor = false; - configurationLimit = 50; - }; - kernelModules = [ "tcp_bbr" ]; kernel.sysctl = { ## TCP hardening @@ -74,4 +43,4 @@ }; }; }; -} +} \ No newline at end of file diff --git a/modules/nixos/system/security/default.nix b/modules/nixos/system/security/default.nix new file mode 100644 index 0000000..e168543 --- /dev/null +++ b/modules/nixos/system/security/default.nix @@ -0,0 +1,23 @@ +{ config, namespace, inputs, ... }: +let + cfg = config.${namespace}.system.security; +in +{ + options.${namespace}.system.security = {}; + + config = { + security = { + acme.acceptTerms = true; + polkit.enable = true; + + pam = { + u2f = { + enable = true; + settings.cue = true; + }; + }; + }; + + programs.gnupg.agent.enable = true; + }; +} \ No newline at end of file diff --git a/modules/nixos/system/security/sops.nix b/modules/nixos/system/security/sops.nix new file mode 100644 index 0000000..a75856d --- /dev/null +++ b/modules/nixos/system/security/sops.nix @@ -0,0 +1,22 @@ +{ pkgs, config, namespace, inputs, ... }: +let + cfg = config.${namespace}.system.security.sops; +in +{ + imports = [ + inputs.sops-nix.nixosModules.sops + ]; + + options.${namespace}.system.security.sops = {}; + + config = { + environment.systemPackages = with pkgs; [ sops ]; + + sops = { + defaultSopsFile = ../../../../secrets/secrets.yaml; + defaultSopsFormat = "yaml"; + + age.keyFile = "/home/"; + }; + }; +} \ No newline at end of file diff --git a/modules/nixos/system/security/sudo.nix b/modules/nixos/system/security/sudo.nix new file mode 100644 index 0000000..6dedf50 --- /dev/null +++ b/modules/nixos/system/security/sudo.nix @@ -0,0 +1,23 @@ +{ config, namespace, ... }: +let + cfg = config.${namespace}.system.security.sudo; +in +{ + options.${namespace}.system.security.sudo = {}; + + config = { + security = { + sudo = { + enable = false; + execWheelOnly = true; + }; + + sudo-rs = { + enable = true; + extraConfig = '' + Defaults env_keep += "EDITOR PATH DISPLAY" + ''; + }; + }; + }; +} \ No newline at end of file diff --git a/_modules/system/theming.nix b/modules/nixos/theming.nix similarity index 84% rename from _modules/system/theming.nix rename to modules/nixos/theming.nix index be7b853..d7ddb8e 100644 --- a/_modules/system/theming.nix +++ b/modules/nixos/theming.nix @@ -1,16 +1,15 @@ -{ inputs, config, lib, pkgs, ... }: +{ inputs, config, lib, pkgs, namespace, ... }: let - inherit (lib) mkIf; - inherit (lib.options) mkEnableOption; + inherit (lib) mkIf mkEnableOption; - cfg = config.modules.theming; + cfg = config.${namespace}.theming; in { imports = [ inputs.stylix.nixosModules.stylix ]; - options.modules.theming = { + options.${namespace}.theming = { enable = mkEnableOption "enable theming"; };