TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-01-10 17:34:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

starting

Browse source
This commit is contained in:
TheWanderingCrow 2025-05-18 20:24:35 -04:00
parent bc81713c7d
commit 2b95839d67
92 changed files with 7 additions and 4495 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.envrc
View file

@ -1 +0,0 @@
use nix

62
.terraform.lock.hcl generated
View file

@ -1,62 +0,0 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/backblaze/b2" {
version = "0.10.0"
constraints = "0.10.0"
hashes = [
"h1:e4sWNH6KEXlb7SXKSq3DRuY9StJG6ezZYZqrzLzgO/0=",
"zh:03d4ec22a8a47dfc4e1beccd261f37b22113646d246853195fe5d8cb6febf90c",
"zh:08c9ea953b3dcb01aeebd372b9bd2c1a6c1f0b996125bde03c094bc5e75fb55b",
"zh:4f8589276b11f00feb511bd500e2f02abe41371ce2ab74507dd53a7e1110e944",
"zh:8bfcdb1b1cfaa20fa0f717758fca38290e6bd5ff6499ad196dd2f68f95aeab18",
"zh:dfac030714a098956d6df3bf6277d08c19b5b037cd7ec30821ec2edb0de49328",
]
}
provider "registry.terraform.io/digitalocean/digitalocean" {
version = "2.48.2"
constraints = "2.48.2"
hashes = [
"h1:y7q0SCCnYga9rvhSmp5fMH+nxrQHBXEbzqmgeNq+lo8=",
"zh:09299913d836a4b03176ffe33661b93962ea55e352e073f964623196ea6e28ec",
"zh:09fc8c2ddfe81549dff5e9becad75601b6e3bcfaaf8c8717adb808e8b1a2e43e",
"zh:46e799ef82c5239170c4013aacf06c320e5ac9ddd37c83353c7e9a743750efc6",
"zh:5ecb6388a96f4e5e049afb0c2b46fd7ca6aabab33f5c91eebdfd9420b631080c",
"zh:602ef48a3bd4405e708d0acc37daed1977ec3f4808b79ab550098ca7d1fd0b1d",
"zh:616ec732598cb2775dba6a525636563cc3cd389b8273b7eea8e818c55a56b949",
"zh:6b35e3a493b9d3e744dc63a47b2d91e9a5a804448d1122d84c7a68f966d01a89",
"zh:70b339c806dc5f18354a9062c90b34b9e246a91d24c6fabb03d1deae1d1c2466",
"zh:8bc1e95c05c1088b6058b38d624031a5993f8e6aacd746572d42f87901b722ec",
"zh:a138c45dde46c7ae9587a7b3043ab2502502be882f88eaa6bdcff12c9762e4ac",
"zh:a978ed11324729f551781360cbe253730872461ff4a89becd3ec9331e00c2f7d",
"zh:bf80ba60b1f14c5c7d241e4dd0f2c1e6485f17f107a4dd21f09afdf7d9489b7d",
"zh:d219b3de335dd988f4d76daebc9dfe2f0825fbb6721fd075a858b32e073ec726",
"zh:d8894873d654ef534a58be5c35702f57d93faac12ca736ee56b80942bcc7114b",
"zh:e05e8ea72e41c5f019a23bfe8b9e66da3dd50f6ba7344b4225ba99fb852e89a0",
"zh:e4441b27c8e96ac8b791ae93b6fa002bdd941f1a4ff6210b322f3bddb754976b",
]
}
provider "registry.terraform.io/hashicorp/aws" {
version = "5.86.0"
constraints = "5.86.0"
hashes = [
"h1:dVxrQ67Ikqv/1/rfopK/wvCdETlUbQ6ZFuNOH+vEWqs=",
"zh:1587c6a0199dc33d066c13e1628bc0dd966d7d6740cb2007b636524a3ec99430",
"zh:15af46cc5bb43a37c24438cb3a36d44209a89d923ea4d4d631b56b1a89717b26",
"zh:166902101ac1cc8ec4f53e3bdcbab2eac7eb448b1c428c2e622adbf9ce1a679c",
"zh:284d116ac9d4a4de74cd1f52486f00e10bc400d9654f92a8990ea0093c43ff78",
"zh:4135e928f20d456172c8ab4ae3d4d8e411b6feddc94aaa1347c92469d52f1e61",
"zh:72b317d17182c3e0ee72f2851d25565d369cb6ee803b12adc9b6c6d3dbfca8d7",
"zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
"zh:9dd0e80964e215ff658b708be72ccda8a20f63af7eaebdd6f11eb0461633bb03",
"zh:a18e502c16b7b6b216b888eab9a5c66b1ed103847fce6985850e4fc9e364a3e8",
"zh:c239f12648d7f7bbadbf5db0b57aaa9429abe70b574975b581784b4f17b7ed79",
"zh:c5164ca8254b9973ee985a3841a4b1f776844c7dcbc112ab3a88a0096e7e2198",
"zh:d93ac58092c3fffc5ddc688b39721fbfacc353e8965001060a5a1ce934d97246",
"zh:e877f1be2ebe67a2d163b7488f47cff4c95aca9c541ddfa25ad16c6ecc98f6a8",
"zh:eb71af6dfdd2b5670b5b957397a576d6053587c75750c17acc105fb44ed806eb",
"zh:ff6aa4f88f8e789375391bc8c886c636fb3e4a45a3fd7dc291bca17c2b8d4184",
]
}

672
flake.lock generated
View file

@ -1,672 +0,0 @@
{
"nodes": {
"devshell": {
"inputs": {
"nixpkgs": [
"nix-topology",
"nixpkgs"
]
},
"locked": {
"lastModified": 1728330715,
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
"owner": "numtide",
"repo": "devshell",
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1741352980,
"narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"terranix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1736143030,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1738453229,
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"nix-topology",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1747106332,
"narHash": "sha256-mOdRWJzJAMp0hF8aSResyp8BeOO5VoSng1uqtEq+8xI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "535a541b429c1e89f0955c160df1d6d2bfeaf802",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"mnw": {
"locked": {
"lastModified": 1742255973,
"narHash": "sha256-XfEGVKatTgEMMOVb4SNp1LYLQOSzzrFTDMVDTZFyMVE=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "b982dbd5e6d55d4438832b3567c09bc2a129649d",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"nil": {
"inputs": {
"flake-utils": [
"nvix",
"nvf",
"flake-utils"
],
"nixpkgs": [
"nvix",
"nvf",
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1741118843,
"narHash": "sha256-ggXU3RHv6NgWw+vc+HO4/9n0GPufhTIUjVuLci8Za8c=",
"owner": "oxalica",
"repo": "nil",
"rev": "577d160da311cc7f5042038456a0713e9863d09e",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "nil",
"type": "github"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1747138802,
"narHash": "sha256-Ou4zV3OskaDKlkuiM2VT+1w/xceXoZ5RRM4ZuW7n5+I=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "f88be00227161a1e9369a1d199f452dd5d720feb",
"type": "github"
},
"original": {
"owner": "LnL7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"nix-secrets": {
"locked": {
"lastModified": 1744206986,
"narHash": "sha256-A1NwG07LfibJZmnW2FWHOMan/xe0EgLTEj8bz+INbsE=",
"ref": "refs/heads/master",
"rev": "6de047c8c08ae13c01e7361b262c4585017f8133",
"revCount": 60,
"type": "git",
"url": "ssh://git@github.com/TheWanderingCrow/nix-secrets"
},
"original": {
"type": "git",
"url": "ssh://git@github.com/TheWanderingCrow/nix-secrets"
}
},
"nix-topology": {
"inputs": {
"devshell": "devshell",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1744142264,
"narHash": "sha256-h5KyodobZm8dx/HSNN+basgdmjxrQxudjrss4gAQpZk=",
"owner": "oddlama",
"repo": "nix-topology",
"rev": "f49121cbbf4a86c560638ade406d99ee58deb7aa",
"type": "github"
},
"original": {
"owner": "oddlama",
"repo": "nix-topology",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1730531603,
"narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1740877520,
"narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "147dee35aab2193b174e4c0868bd80ead5ce755c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1738452942,
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1746904237,
"narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1742288794,
"narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1741865919,
"narHash": "sha256-4thdbnP6dlbdq+qZWTsm4ffAwoS8Tiq1YResB+RP6WE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "573c650e8a14b2faa0041645ab18aed7e60f0c9a",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1744868846,
"narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1728956102,
"narHash": "sha256-J8zo+UYNjHATsxn2/ROl8iaji2RgLm+sG7b3VcD36YM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "3d85bae2431f20ab1ac5cf14d03d314dffe629af",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1739214665,
"narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nmd": {
"flake": false,
"locked": {
"lastModified": 1705050560,
"narHash": "sha256-x3zzcdvhJpodsmdjqB4t5mkVW22V3wqHLOun0KRBzUI=",
"owner": "~rycee",
"repo": "nmd",
"rev": "66d9334933119c36f91a78d565c152a4fdc8d3d3",
"type": "sourcehut"
},
"original": {
"owner": "~rycee",
"repo": "nmd",
"type": "sourcehut"
}
},
"nvf": {
"inputs": {
"flake-parts": "flake-parts",
"flake-utils": "flake-utils_2",
"mnw": "mnw",
"nil": "nil",
"nixpkgs": "nixpkgs_4",
"nmd": "nmd",
"systems": "systems_3"
},
"locked": {
"lastModified": 1742471089,
"narHash": "sha256-wiGkhJcDdg2/wy4QxaudNsU98y7CzzZpB6pnjUrNNDQ=",
"owner": "notashelf",
"repo": "nvf",
"rev": "3a28d05684f7f4e314eb4e56a5af624b648ab278",
"type": "github"
},
"original": {
"owner": "notashelf",
"repo": "nvf",
"type": "github"
}
},
"nvix": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"nvf": "nvf"
},
"locked": {
"lastModified": 1743793029,
"narHash": "sha256-Bc1PGjBv8qUXimCaBFN0OmpWpu6JF2ku+NlN5Am6gH0=",
"owner": "TheWanderingCrow",
"repo": "nvix",
"rev": "1c204563ef9bff09c8b1571e038185d2f38fdf36",
"type": "github"
},
"original": {
"owner": "TheWanderingCrow",
"repo": "nvix",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nix-topology",
"nixpkgs"
],
"nixpkgs-stable": [
"nix-topology",
"nixpkgs"
]
},
"locked": {
"lastModified": 1730797577,
"narHash": "sha256-SrID5yVpyUfknUTGWgYkTyvdr9J1LxUym4om3SVGPkg=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "1864030ed24a2b8b4e4d386a5eeaf0c5369e50a9",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nix-darwin": "nix-darwin",
"nix-secrets": "nix-secrets",
"nix-topology": "nix-topology",
"nixpkgs": "nixpkgs_2",
"nvix": "nvix",
"sops-nix": "sops-nix",
"terranix": "terranix",
"the-nest": "the-nest",
"unstable-small": "unstable-small"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"nvix",
"nvf",
"nil",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741055476,
"narHash": "sha256-52vwEV0oS2lCnx3c/alOFGglujZTLmObit7K8VblnS8=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "aefb7017d710f150970299685e8d8b549d653649",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1746485181,
"narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "e93ee1d900ad264d65e9701a5c6f895683433386",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"terranix": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_6",
"systems": "systems_4"
},
"locked": {
"lastModified": 1745783272,
"narHash": "sha256-BPGEM7RN58GFI6+y9GhG3E/7DEfNo9GvvYM3PJ/x5wU=",
"owner": "terranix",
"repo": "terranix",
"rev": "81d8ff31bb1f5329180068ab450bc06ecbd4683c",
"type": "github"
},
"original": {
"owner": "terranix",
"repo": "terranix",
"type": "github"
}
},
"the-nest": {
"inputs": {
"flake-parts": "flake-parts_3",
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1745340936,
"narHash": "sha256-zBUwIWHbm0rYREb8014yU4uL8yJiwJ6nkEVOnMrkbOs=",
"owner": "TheWanderingCrow",
"repo": "the-nest",
"rev": "b30f2ab3a461f85f6edca8405b6bcc9f6d178c7d",
"type": "github"
},
"original": {
"owner": "TheWanderingCrow",
"repo": "the-nest",
"type": "github"
}
},
"unstable-small": {
"locked": {
"lastModified": 1747114929,
"narHash": "sha256-GnQGiZiOnGfxM9oVhgqOJk0Qv1aZ11p5Aloac2tdoKY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "fab95ba4b9523f310644e6e6087c0014535c8e02",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

144
flake.nix
View file

@ -1,143 +1,13 @@
{
description = "Entry point for NixOS";
description = "CrOS Flake";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
unstable-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
nix-darwin.url = "github:LnL7/nix-darwin/master";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nvix.url = "github:TheWanderingCrow/nvix";
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
crowpkgs.url = "github:TheWanderingCrow/crowpkgs";
nix-secrets = "github:TheWanderingCrow/nix-secrets";
sops-nix.url = "github:Mic92/sops-nix";
nix-secrets.url = "git+ssh://git@github.com/TheWanderingCrow/nix-secrets";
terranix.url = "github:terranix/terranix";
the-nest.url = "github:TheWanderingCrow/the-nest";
nix-topology.url = "github:oddlama/nix-topology";
};
outputs = {
self,
nixpkgs,
home-manager,
sops-nix,
terranix,
nix-topology,
...
} @ inputs: let
baseModules = [
home-manager.nixosModules.home-manager
sops-nix.nixosModules.sops
];
topology = [
nix-topology.nixosModules.default
];
in {
#########
# NixOS #
#########
nixosConfigurations = {
###################
# Primary Desktop #
###################
Parzival = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
./hosts/Parzival
]
++ baseModules
++ topology;
};
###################
# Personal Laptop #
###################
Parzival-Mobile = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
./hosts/Parzival-Mobile
]
++ baseModules;
};
######################
# Work Issued Laptop #
######################
Parzival-Framework = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
./hosts/Parzival-Framework
]
++ baseModules;
};
################
# Wife Desktop #
################
Dragneel = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
./hosts/Dragneel
]
++ baseModules;
};
###############
# Home Server #
###############
WCE-Overseer = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
./hosts/WCE-Overseer
]
++ baseModules
++ topology;
};
###################################
# ISO Installer w/ recovery tools #
###################################
Parzival-Live = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
./hosts/Parzival-Live
]
++ baseModules;
};
};
############
# Terranix #
############
terranix = {
wce = terranix.lib.terranixConfiguration {
system = "x86_64-linux";
modules = [./infra/wce.nix];
};
};
################
# Nix Topology #
################
topology.x86_64-linux = let
pkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [nix-topology.overlays.default];
};
in
import nix-topology {
inherit pkgs;
modules = [
./infra/topology.nix
{
nixosConfigurations = {
WCE-Overseer = self.nixosConfigurations.WCE-Overseer;
Parzival = self.nixosConfigurations.Parzival;
};
}
];
};
};
}

22
hosts/Dragneel/default.nix
View file

@ -1,22 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
../../modules
];
networking.hostName = "Dragneel";
user.dragneel.enable = true;
desktop.kde.enable = true;
module.gui.enable = true;
module.gaming.enable = true;
programs.noisetorch.enable = true;
}

56
hosts/Dragneel/hardware-configuration.nix
View file

@ -1,56 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["sg" "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
};
};
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp8s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.amdgpu = {
initrd.enable = true;
amdvlk.enable = true;
opencl.enable = true;
};
hardware.rtl-sdr.enable = true;
}

24
hosts/Parzival-Framework/default.nix
View file

@ -1,24 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
../../modules
];
networking.hostName = "Parzival-Framework";
user.crow.enable = true;
desktop.sway.enable = true;
module.gui.enable = true;
module.programming.enable = true;
module.hacking.enable = true;
module.mudding.enable = true;
software.keyd.enable = true;
module.gaming.enable = true;
}

48
hosts/Parzival-Framework/hardware-configuration.nix
View file

@ -1,48 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
};
};
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.bluetooth.enable = true;
}

26
hosts/Parzival-Live/default.nix
View file

@ -1,26 +0,0 @@
{
inputs,
modulesPath,
lib,
...
}: {
imports = [
../../modules
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
];
nix.settings.auto-optimise-store = true;
nixpkgs.hostPlatform = "x86_64-linux";
boot.supportedFilesystems = lib.mkForce ["zfs" "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs"];
networking.wireless.enable = false;
users.users.nixos.authorizedKeys.keyFiles = lib.mkForce [
inputs.nix-secrets.keys.default
];
user.live.enable = true;
module.programming.enable = true;
}

24
hosts/Parzival-Mobile/default.nix
View file

@ -1,24 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
../../modules
];
networking.hostName = "Parzival-Mobile";
user.crow.enable = true;
desktop.sway.enable = true;
module.gui.enable = true;
module.programming.enable = true;
module.hacking.enable = true;
module.mudding.enable = true;
module.gaming.enable = true;
software.keyd.enable = true;
}

51
hosts/Parzival-Mobile/hardware-configuration.nix
View file

@ -1,51 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
};
};
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [
{device = "/dev/disk/by-uuid/928718de-b495-4a7c-b9d4-eb491b6c8253";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

34
hosts/Parzival/default.nix
View file

@ -1,34 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./topology-config.nix
../../modules
];
networking.hostName = "Parzival";
user.crow.enable = true;
desktop.sway.enable = true;
module.gui.enable = true;
module.programming.enable = true;
module.hacking.enable = true;
module.mudding.enable = true;
module.gaming.enable = true;
module.appdevel.enable = true;
module.hobbies.enable = true;
programs.noisetorch.enable = true;
virtualisation.virtualbox.host = {
enableKvm = true;
enable = true;
addNetworkInterface = false;
};
}

56
hosts/Parzival/hardware-configuration.nix
View file

@ -1,56 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["sg" "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
};
};
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp8s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.amdgpu = {
initrd.enable = true;
amdvlk.enable = true;
opencl.enable = true;
};
hardware.rtl-sdr.enable = true;
}

14
hosts/Parzival/topology-config.nix
View file

@ -1,14 +0,0 @@
{config, ...}: let
inherit (config.lib.topology) mkInternet mkRouter mkConnection;
in {
topology.self = {
hardware.info = "Primary Desktop";
interfaces = {
wlan0 = {
addresses = ["192.168.141.1"];
network = "home";
physicalConnections = [(mkConnection "router" "wlan0")];
};
};
};
}

19
hosts/WCE-Overseer/default.nix
View file

@ -1,19 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./topology-config.nix
../../modules
];
networking.hostName = "WCE-Overseer";
networking.hostId = "7fb1c512";
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
user.overseer.enable = true;
}

45
hosts/WCE-Overseer/hardware-configuration.nix
View file

@ -1,45 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.supportedFilesystems = ["zfs"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
};
};
fileSystems."/" = {
device = "zroot";
fsType = "zfs";
};
fileSystems."/boot" = {
device = "/dev/sda1";
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp8s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

44
hosts/WCE-Overseer/thinkcenter-disks.nix
View file

@ -1,44 +0,0 @@
{
disko.devices = {
disk = {
disk0 = {
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
ESP = {
label = "boot";
type = "EF00";
size = "500M";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
root = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
mode = "";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
};
};
};
}

14
hosts/WCE-Overseer/topology-config.nix
View file

@ -1,14 +0,0 @@
{config, ...}: let
inherit (config.lib.topology) mkInternet mkRouter mkConnection;
in {
topology.self = {
hardware.info = "ThinkCentre M710q";
interfaces = {
eth0 = {
addresses = ["192.168.0.30"];
network = "home";
physicalConnections = [(mkConnection "router" "eth3")];
};
};
};
}

39
infra/topology.nix
View file

@ -1,39 +0,0 @@
{config, ...}: let
inherit (config.lib.topology) mkInternet mkRouter mkConnection;
in {
# Define networks/nodes here
networks = {
home = {
name = "Home Network";
cidrv4 = "192.168.0.0/16";
style = {
primaryColor = "#69398b";
secondaryColor = "#9277ae";
pattern = "solid";
};
};
wce-networks = {
name = "WCE AWS VPC";
cidrv4 = "172.31.0.0/16";
cidrv6 = "2600:1f18:22fc:c200::/56";
style = {
primaryColor = "#FF9900";
secondaryColor = "#FF9900";
pattern = "solid";
};
};
};
nodes.internet = mkInternet {
connections = mkConnection "router" "wan1";
};
nodes.router = mkRouter "TP-Link" {
info = "AX1450 Wi-Fi 6 Router";
interfaceGroups = [
["wan1"]
["eth1" "eth2" "eth3" "eth4"]
["wlan0"]
];
};
}

47
infra/wce.nix
View file

@ -1,47 +0,0 @@
{...}: {
terraform = {
required_providers = {
digitalocean = {
source = "digitalocean/digitalocean";
version = "2.48.2";
};
aws = {
source = "hashicorp/aws";
version = "5.86.0";
};
b2 = {
source = "Backblaze/b2";
version = "0.10.0";
};
};
backend."s3" = {
bucket = "wce-20250207201121178400000001";
key = "terraform.tfstate";
region = "us-east-1";
};
};
provider."aws" = {
region = "us-east-1";
profile = "wce";
};
resource = {
"aws_s3_bucket"."state" = {
bucket_prefix = "wce-";
tags = {
Name = "WCE State Bucket";
};
};
"b2_bucket"."media" = {
bucket_name = "wce-media-backup";
bucket_type = "allPrivate";
lifecycle_rules = {
file_name_prefix = "";
days_from_uploading_to_hiding = 1;
days_from_hiding_to_deleting = 1;
};
};
};
}

53
modules/core.nix
View file

@ -1,53 +0,0 @@
{
inputs,
config,
pkgs,
...
}: {
config = {
system.stateVersion = "24.05";
time.timeZone = "America/New_York";
nix.settings = {
experimental-features = ["flakes" "nix-command"];
trusted-users = ["@wheel"];
#substituters = [" https://cache.wanderingcrow.net/wce-cache"];
#trusted-public-keys = ["wce-cache:s5otDeH048aZEGwQ2EQn6UfFJn6YgP71bcOok1jX1Q0="];
};
users.mutableUsers = false;
users.users.root.hashedPassword = "$y$j9T$pEz.3JBh6Ft3FIYrp14Ti1$RQsOWum40HbwEb7t69LGjUCh6E9w/ANi7lNIopGsu0A";
environment.variables = {
EDITOR = "nvim";
VISUAL = "nvim";
NIXPKGS_ALLOW_UNFREE = 1;
};
fonts.packages = with pkgs; [
font-awesome
nerd-fonts.noto
nerd-fonts.hack
nerd-fonts.jetbrains-mono
];
nixpkgs = {
config = {
allowUnfree = true;
permittedInsecurePackages =
[
"SDL_ttf-2.0.11"
]
++ (
if config.module.gaming.enable
then [
"dotnet-runtime-wrapped-7.0.20"
"dotnet-runtime-7.0.20"
]
else []
);
};
overlays = [
];
};
};
}

11
modules/default.nix
View file

@ -1,11 +0,0 @@
{
imports = [
./core.nix
./options.nix
./users
./desktops
./hardware
./software
./security
];
}

11
modules/desktops/default.nix
View file

@ -1,11 +0,0 @@
{
lib,
config,
...
}: {
imports = [
# Wayland desktops here
./sway.nix
./kde.nix
];
}

17
modules/desktops/kde.nix
View file

@ -1,17 +0,0 @@
{
inputs,
pkgs,
lib,
config,
...
}:
lib.mkIf config.desktop.kde.enable {
services.desktopManager.plasma6 = {
enable = true;
};
services.displayManager.sddm = {
enable = true;
wayland.enable = true;
};
}

41
modules/desktops/sway.nix
View file

@ -1,41 +0,0 @@
{
inputs,
pkgs,
lib,
config,
...
}: {
config = {
programs.sway = lib.mkIf config.desktop.sway.enable {
enable = true;
xwayland.enable = true;
extraPackages = with pkgs; [
foot
wofi
swaynotificationcenter
udiskie
polkit_gnome
swayidle
sway-audio-idle-inhibit
swaylock-effects
sway-contrib.grimshot
waybar
wl-clipboard
xorg.xrandr
hyprlock
grim
slurp
swappy
wljoywake
];
};
programs.dconf.enable = true;
environment = lib.mkIf config.desktop.sway.enable {
sessionVariables = {
NIXOS_OZONE_WL = "1";
WLR_NO_HARDWARE_CURSORS = "1";
};
};
};
}

9
modules/hardware/audio.nix
View file

@ -1,9 +0,0 @@
{
services.pulseaudio.support32Bit = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
}

13
modules/hardware/default.nix
View file

@ -1,13 +0,0 @@
{
lib,
config,
...
}: {
imports = [
./network.nix
./audio.nix
./graphics.nix
];
hardware.uinput.enable = true;
}

3
modules/hardware/graphics.nix
View file

@ -1,3 +0,0 @@
{config, ...}: {
hardware.graphics.enable32Bit = config.module.gaming.enable;
}

3
modules/hardware/network.nix
View file

@ -1,3 +0,0 @@
{
config.networking.networkmanager.enable = true;
}

114
modules/options.nix
View file

@ -1,114 +0,0 @@
{
config,
lib,
...
}: {
# Start definitions for mkEnableOptions
options = {
module = {
enable = lib.mkEnableOption "enables packages";
core.enable = lib.mkEnableOption "enables required packages";
gui.enable = lib.mkEnableOption "enables gui+DE packages";
programming.enable = lib.mkEnableOption "enables programming packages";
hacking.enable = lib.mkEnableOption "enables hacking packages";
mudding.enable = lib.mkEnableOption "enables mudding packages";
gaming.enable = lib.mkEnableOption "enables gaming packages";
os-gaming.enable = lib.mkEnableOption "enables some neat but obscure open-source games";
appdevel.enable = lib.mkEnableOption "enables app development in flutter";
vr.enable = lib.mkEnableOption "enables VR utilities";
art.enable = lib.mkEnableOption "enabled graphical art stuff";
hobbies.enable = lib.mkEnableOption "some misc packages related to hobbies";
};
software = {
keyd.enable = lib.mkEnableOption "enabled keyd overrides (useful for non-QMK enabled devices)";
usershell.enable = lib.mkEnableOption "opinionated usershell";
docker.enable = lib.mkEnableOption "enable rootless docker";
};
user = {
enable = lib.mkEnableOption "enables users";
crow = {
enable = lib.mkEnableOption "enable crow";
home.enable = lib.mkEnableOption "enable home configuration";
};
dragneel = {
enable = lib.mkEnableOption "enable dragneel";
home.enable = lib.mkEnableOption "enable home configuration";
};
overseer = {
enable = lib.mkEnableOption "enable container overseer user";
};
live = {
enable = lib.mkEnableOption "enable live disk user";
};
};
desktop = {
sway.enable = lib.mkEnableOption "enables sway";
swayfx.enable = lib.mkEnableOption "enable sway with eye candy";
niri.enable = lib.mkEnableOption "enable niri window manager";
kde.enable = lib.mkEnableOption "KDE with Plasma6";
};
ricing = {
basic.enable = lib.mkEnableOption "enable basic ricing";
wasteland.enable = lib.mkEnableOption "post-collapse themed rice";
};
};
# Set default option states in config
config = {
module = {
enable = lib.mkDefault true;
core.enable = lib.mkDefault true;
gui.enable = lib.mkDefault false;
programming.enable = lib.mkDefault false;
hacking.enable = lib.mkDefault false;
mudding.enable = lib.mkDefault false;
gaming.enable = lib.mkDefault false;
os-gaming.enable = lib.mkDefault false;
appdevel.enable = lib.mkDefault false;
vr.enable = lib.mkDefault false;
art.enable = lib.mkDefault false;
hobbies.enable = lib.mkDefault false;
};
software = {
keyd.enable = lib.mkDefault false;
usershell.enable = lib.mkDefault true;
docker.enable = lib.mkDefault false;
};
user = {
enable = lib.mkDefault true;
crow = {
enable = lib.mkDefault false;
home.enable = lib.mkDefault config.user.crow.enable;
};
dragneel = {
enable = lib.mkDefault false;
home.enable = lib.mkDefault config.user.dragneel.enable;
};
overseer = {
enable = lib.mkDefault false;
};
live = {
enable = lib.mkDefault false;
};
};
# Desktop options are declared in their relevant modules in module/desktops
desktop = {
sway.enable = lib.mkDefault false;
swayfx.enable = lib.mkDefault false;
niri.enable = lib.mkDefault false;
kde.enable = lib.mkDefault false;
};
ricing = {
basic.enable = lib.mkDefault true;
wasteland.enable = lib.mkDefault false;
};
};
}

6
modules/security/default.nix
View file

@ -1,6 +0,0 @@
{
imports = [
./users.nix
./ssh.nix
];
}

15
modules/security/ssh.nix
View file

@ -1,15 +0,0 @@
{
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
PasswordAuthentication = false;
};
hostKeys = [
{
path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
];
};
}

3
modules/security/users.nix
View file

@ -1,3 +0,0 @@
{
security.sudo.wheelNeedsPassword = false;
}

9
modules/software/default.nix
View file

@ -1,9 +0,0 @@
{
imports = [
./docker.nix
./programs.nix
./keyd.nix
./usershell.nix
./xdg.nix
];
}

13
modules/software/docker.nix
View file

@ -1,13 +0,0 @@
{
config,
lib,
...
}: {
virtualisation.docker = lib.mkIf config.software.docker.enable {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
}

35
modules/software/keyd.nix
View file

@ -1,35 +0,0 @@
{
lib,
config,
...
}: {
config.services.keyd = lib.mkIf config.software.keyd.enable {
enable = true;
keyboards.default = {
ids = ["*"];
settings = {
main = {
capslock = "layer(standardL2)";
};
standardL2 = {
w = "up";
s = "down";
a = "left";
d = "right";
b = "C-b";
space = "playpause";
"." = "nextsong";
"," = "previoussong";
"[" = "delete";
"]" = "end";
escape = "~";
home = "end";
};
};
};
};
}

153
modules/software/programs.nix
View file

@ -1,153 +0,0 @@
{
inputs,
pkgs,
lib,
config,
...
}: {
environment.systemPackages = with pkgs;
(
# Core packages
if config.module.core.enable
then [
vim
wget
screen
git
curl
tmux
pulseaudio
ouch
restic
file
usbutils
fastfetch
rclone
]
else []
)
++ (
if config.module.gui.enable
then [
# Writing
hunspellDicts.en-us
libreoffice
hunspell
# Audio
pavucontrol
pulsemixer
noisetorch
easyeffects
# Communication
mattermost-desktop
slack
zoom-us
vesktop
discord
signal-desktop
teamspeak_client
# Music
spotify
# Utilities
gimp
pulseaudio-ctl
playerctl
brightnessctl
calibre
freecad-wayland
]
else []
)
++ (
if config.module.programming.enable
then [
inputs.nvix.packages.${pkgs.system}.default
jwt-cli
jq
cloc
meld
]
else []
)
++ (
if config.module.hacking.enable
then [
metasploit
exploitdb
ghidra
wireshark
termshark
nmap
hashcat
dirstalk
rtl-sdr
]
else []
)
++ (
if config.module.mudding.enable
then [
mudlet
]
else []
)
++ (
if config.module.appdevel.enable
then [
flutter
waydroid
ungoogled-chromium
]
else []
)
++ (
if config.module.gaming.enable
then [
obs-studio
olive-editor
steam
protontricks
protonup-qt
steamtinkerlaunch
prismlauncher
mudlet
gamescope
gamemode
r2modman
vintagestory
]
else []
)
++ (
if config.module.os-gaming.enable
then [
widelands
wesnoth
ufoai
cataclysm-dda
# redeclipse
megaglest
# savagexr if it existed
superTuxKart
# openra but it's insecure
openttd
xonotic
supermariowar
]
else []
)
++ (
if config.module.hobbies.enable
then [
python312Packages.meshtastic
brewtarget
krita
pureref
]
else []
);
}

89
modules/software/usershell.nix
View file

@ -1,89 +0,0 @@
{
config,
lib,
pkgs,
...
}: {
config = lib.mkIf config.software.usershell.enable {
programs.zsh = {
enable = true;
autosuggestions = {
enable = true;
async = true;
};
syntaxHighlighting = {
enable = true;
};
shellAliases = {
lah = "ls -lah";
set-nixpkgs-upstream = "git remote add upstream https://github.com/NixOS/nixpkgs.git";
nup = "sudo nixos-rebuild switch --flake .";
};
};
programs.starship = let
raisin_black = "#262932";
blood_red = "#710000";
rich_lemon = "#FDF500";
keppel = "#1AC5B0";
electric_blue = "#36EBF3";
blushing_purple = "#9370DB";
frostbite = "#E455AE";
steel_pink = "#CB1DCD";
pale_silver = "#D1C5C0";
in {
enable = true;
settings = {
format = "[ ](${rich_lemon})[ CrOS](bg:${rich_lemon} fg:${raisin_black})$username$hostname[ ](fg:${rich_lemon} bg:${blushing_purple})$directory[ ](fg:${blushing_purple} bg:${frostbite})$git_branch$git_status[ ](fg:${frostbite} bg:${steel_pink})$nix_shell[ ](${steel_pink})";
right_format = "[ ](${rich_lemon})$time[ ](${rich_lemon})";
# Left Modules
username = {
disabled = false;
format = "[ $user]($style)";
style_user = "fg:${keppel} bg:${rich_lemon}";
style_root = "fg:${blood_red} bg:${rich_lemon}";
};
hostname = {
disabled = false;
format = "[@$hostname ]($style)";
style = "fg:${keppel} bg:${rich_lemon}";
ssh_only = false;
ssh_symbol = "";
};
directory = {
disabled = false;
format = "[ $path ]($style)";
style = "bg:${blushing_purple} fg:${raisin_black}";
truncation_length = 3;
truncation_symbol = "/";
};
git_branch = {
disabled = false;
format = "[ $symbol $branch ]($style)";
symbol = "";
style = "fg:${raisin_black} bg:${frostbite}";
};
git_status = {
disabled = false;
format = "[$all_status$ahead_behind]($style)";
style = "fg:${raisin_black} bg:${frostbite}";
};
nix_shell = {
disabled = false;
format = "[$symbol $name]($style)";
style = "bg:${steel_pink} fg:${electric_blue}";
symbol = "";
};
# Right Modules
time = {
disabled = false;
format = "[$time]($style)";
style = "fg:${raisin_black} bg:${rich_lemon}";
};
};
};
users.defaultUserShell = pkgs.zsh;
};
}

19
modules/software/xdg.nix
View file

@ -1,19 +0,0 @@
{pkgs, ...}: {
config.xdg.portal = {
xdgOpenUsePortal = true;
enable = true;
wlr.enable = true;
wlr.settings.screencast = {
output_name = "DP-1";
chooser_type = "simple";
chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or";
};
lxqt.enable = true;
extraPortals = [
pkgs.xdg-desktop-portal-wlr
pkgs.xdg-desktop-portal-gtk
pkgs.kdePackages.xdg-desktop-portal-kde
];
config.common.default = "*";
};
}

8
modules/users/crow/configs/direnv.nix
View file

@ -1,8 +0,0 @@
{
programs = {
direnv = {
enable = true;
nix-direnv.enable = true;
};
};
}

64
modules/users/crow/configs/firefox.nix
View file

@ -1,64 +0,0 @@
{
programs.firefox = {
enable = true;
policies = {
BlockAboutConfig = true;
DisableFirefoxStudies = true;
DisableFormHistory = true;
DisablePasswordReveal = true;
DisablePocket = true;
DisableProfileImport = true;
DontCheckDefaultBrowser = true;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
Homepage = {
URL = "https://home.wanderingcrow.net";
StartPage = "homepage";
};
OfferToSaveLogins = false;
PasswordManagerEnabled = false;
ExtensionSettings = {
#"*".installation_mode = "blocked";
"*".blocked_install_message = "Please manage extensions through your NixOS config";
# Bitwarden
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/{446900e4-71c2-419f-a6a7-df9c091e268b}/latest.xpl";
default_area = "navbar";
};
"uBlock0@raymondhill.net" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/uBlock0@raymondhill.net/latest.xpl";
default_area = "menupanel";
};
# Vimium
"{d7742d87-e61d-4b78-b8a1-b469842139fa}" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/{d7742d87-e61d-4b78-b8a1-b469842139fa}/latest.xpl";
default_area = "menupanel";
};
# Cookie CURL Dumper
"{12cf650b-1822-40aa-bff0-996df6948878}" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/{12cf650b-1822-40aa-bff0-996df6948878}/latest.xpl";
default_area = "menupanel";
};
# Violentmonkey
"{aecec67f-0d10-4fa7-b7c7-609a2db280cf}" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/{aecec67f-0d10-4fa7-b7c7-609a2db280cf}/latest.xpl";
default_area = "menupanel";
};
"sponsorBlocker@ajay.app" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/sponsorBlocker@ajay.app/latest.xpl";
default_area = "menupanel";
};
};
};
};
}

16
modules/users/crow/configs/git.nix
View file

@ -1,16 +0,0 @@
{
programs.git = {
enable = true;
userName = "TheWanderingCrow";
userEmail = "contact@wanderingcrow.net";
extraConfig = {
init = {
defaultBranch = "main";
};
};
lfs = {
enable = true;
skipSmudge = true;
};
};
}

256
modules/users/crow/configs/hypr/hyprland.conf
View file

@ -1,256 +0,0 @@
################
### MONITORS ###
################
# See https://wiki.hyprland.org/Configuring/Monitors/
source = /home/crow/.config/hypr/monitors.conf
###################
### MY PROGRAMS ###
###################
# See https://wiki.hyprland.org/Configuring/Keywords/
# Set programs that you use
$terminal = foot
$menu = wofi --show run
#################
### AUTOSTART ###
#################
# Autostart necessary processes (like notifications daemons, status bars, etc.)
# Or execute your favorite apps at launch like this:
# exec-once = $terminal
# exec-once = nm-applet &
# exec-once = waybar & hyprpaper & firefox
# exec-once = mpvpaper -o "--loop-file=inf --hwdec=auto --no-audio" '*' .config/hypr/dedsec.mp4
exec-once = waybar
exec-once = swaync
exec-once = udiskie
exec-once = /usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1
###################
### IDLE CONFIG ###
###################
exec-once = swayidle -w timeout 300 'swaylock --screenshots --effect-blur 10x7 --effect-pixelate 20 --clock --indicator --indicator-thickness 6 --ring-color 6F6AB5' timeout 600 'hyprctl dispatch dpms off' resume 'hyprctl dispatch dpms on' before-sleep 'swaylock --screenshots --effect-blur 10x7 --effect-pixelate 20 --clock --indicator --indicator-thickness 6 --ring-color 6F6AB5'
#############################
### ENVIRONMENT VARIABLES ###
#############################
# See https://wiki.hyprland.org/Configuring/Environment-variables/
env = XCURSOR_SIZE,24
env = HYPRCURSOR_SIZE,24
#####################
### LOOK AND FEEL ###
#####################
# Refer to https://wiki.hyprland.org/Configuring/Variables/
# https://wiki.hyprland.org/Configuring/Variables/#general
general {
gaps_in = 5
gaps_out = 20
border_size = 2
# https://wiki.hyprland.org/Configuring/Variables/#variable-types for info about colors
col.active_border = rgba(33ccffee) rgba(00ff99ee) 45deg
col.inactive_border = rgba(595959aa)
# Set to true enable resizing windows by clicking and dragging on borders and gaps
resize_on_border = false
# Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on
allow_tearing = false
layout = dwindle
}
# https://wiki.hyprland.org/Configuring/Variables/#decoration
decoration {
rounding = 10
# Change transparency of focused and unfocused windows
active_opacity = 1.0
inactive_opacity = 1.0
drop_shadow = true
shadow_range = 4
shadow_render_power = 3
col.shadow = rgba(1a1a1aee)
# https://wiki.hyprland.org/Configuring/Variables/#blur
blur {
enabled = true
size = 3
passes = 1
vibrancy = 0.1696
}
}
# https://wiki.hyprland.org/Configuring/Variables/#animations
animations {
enabled = true
# Default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more
bezier = myBezier, 0.05, 0.9, 0.1, 1.05
animation = windows, 1, 7, myBezier
animation = windowsOut, 1, 7, default, popin 80%
animation = border, 1, 10, default
animation = borderangle, 1, 8, default
animation = fade, 1, 7, default
animation = workspaces, 1, 6, default
}
# See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more
dwindle {
pseudotile = true # Master switch for pseudotiling. Enabling is bound to mod + P in the keybinds section below
preserve_split = true # You probably want this
}
# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
master {
new_status = master
}
# https://wiki.hyprland.org/Configuring/Variables/#misc
misc {
force_default_wallpaper = 2 # Set to 0 or 1 to disable the anime mascot wallpapers
disable_hyprland_logo = false # If true disables the random hyprland logo / anime girl background. :(
}
#############
### INPUT ###
#############
# https://wiki.hyprland.org/Configuring/Variables/#input
input {
kb_layout = us
kb_variant =
kb_model =
kb_options =
kb_rules =
follow_mouse = 1
sensitivity = 0 # -1.0 - 1.0, 0 means no modification.
touchpad {
natural_scroll = false
}
}
# https://wiki.hyprland.org/Configuring/Variables/#gestures
gestures {
workspace_swipe = false
}
# Example per-device config
# See https://wiki.hyprland.org/Configuring/Keywords/#per-device-input-configs for more
device {
name = epic-mouse-v1
sensitivity = -0.5
}
####################
### KEYBINDINGSS ###
####################
# See https://wiki.hyprland.org/Configuring/Keywords/
$mod = SUPER # Sets "Windows" key as main modifier
bind = $mod SHIFT, Q, killactive
bind = $mod, Return, exec, $terminal
bind = $mod SHIFT, E, exit
bind = $mod SHIFT, N, exec, networkmanager_dmenu
bind = $mod, N, exec, swaync-client -t sw
bind = $mod, D, exec, $menu
bind = $mod SHIFT, D, exec, UDISKIE_DMENU_LAUNCHER="wofi" udiskie-dmenu -matching regex -dmenu -i -no-custom -multi-select
bind = $mod, P, pseudo
bind = $mod, J, togglesplit
bind = $mod, F, fullscreen
bind = $mod, Space, togglefloating
bind = $mod SHIFT, Z, exec, swaylock --screenshots --effect-blur 10x7 --effect-pixelate 20 --clock --indicator --indicator-thickness 6 --ring-color 6F6AB5
# lock on lid closed
bindl=,switch:Lid Switch, exec, swaylock --screenshots --effect-blur 10x7 --effect-pixelate 20 --clock --indicator --indicator-thickness 6 --ring-color 6F6AB5
# Move focus with mod + arrow keys
bind = $mod, left, movefocus, l
bind = $mod, right, movefocus, r
bind = $mod, up, movefocus, u
bind = $mod, down, movefocus, d
# Switch workspaces with mod + [0-9]
bind = $mod, 1, workspace, 1
bind = $mod, 2, workspace, 2
bind = $mod, 3, workspace, 3
bind = $mod, 4, workspace, 4
bind = $mod, 5, workspace, 5
bind = $mod, 6, workspace, 6
bind = $mod, 7, workspace, 7
bind = $mod, 8, workspace, 8
bind = $mod, 9, workspace, 9
bind = $mod, 0, workspace, 10
# Move active window to a workspace with mod + SHIFT + [0-9]
bind = $mod SHIFT, 1, movetoworkspacesilent, 1
bind = $mod SHIFT, 2, movetoworkspacesilent, 2
bind = $mod SHIFT, 3, movetoworkspacesilent, 3
bind = $mod SHIFT, 4, movetoworkspacesilent, 4
bind = $mod SHIFT, 5, movetoworkspacesilent, 5
bind = $mod SHIFT, 6, movetoworkspacesilent, 6
bind = $mod SHIFT, 7, movetoworkspacesilent, 7
bind = $mod SHIFT, 8, movetoworkspacesilent, 8
bind = $mod SHIFT, 9, movetoworkspacesilent, 9
bind = $mod SHIFT, 0, movetoworkspacesilent, 10
# Example special workspace (scratchpad)
bind = $mod, Minus, togglespecialworkspace, magic
bind = $mod SHIFT, Minus, movetoworkspacesilent, special:magic
# Scroll through existing workspaces with mod + scroll
bind = $mod, mouse_down, workspace, e+1
bind = $mod, mouse_up, workspace, e-1
# Move/resize windows with mod + LMB/RMB and dragging
bindm = $mod, mouse:272, movewindow
bindm = $mod, mouse:273, resizewindow
# Media controls:
bind = , XF86AudioRaiseVolume,exec, pulseaudio-ctl up
bind = , XF86AudioLowerVolume, exec, pulseaudio-ctl down
bind = , XF86AudioMute, exec, pulseaudio-ctl mute
bind = , XF86AudioMicMute, exec, pulseaudio-ctl mute-input
bind = , XF86AudioPlay, exec, playerctl play-pause
bind = , XF86AudioNext, exec, playerctl next
bind = , XF86AudioPrev, exec, playerctl previous
bind = , XF86MonBrightnessUp, exec, brightnessctl s +5%
bind = , XF86MonBrightnessDown, exec, brightnessctl s 5%-
bind = , Print, exec, grimshot --cursor copy area
##############################
### WINDOWS AND WORKSPACES ###
##############################
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
# See https://wiki.hyprland.org/Configuring/Workspace-Rules/ for workspace rules
# Example windowrule v1
# windowrule = float, ^(kitty)$
# Example windowrule v2
# windowrulev2 = float,class:^(kitty)$,title:^(kitty)$
windowrulev2 = suppressevent maximize, class:.* # You'll probably like this.

58
modules/users/crow/configs/hypr/hyprlock.conf
View file

@ -1,58 +0,0 @@
# Colors
$white = rgba(255,255,255,1)
$transparent = rgba(0,0,0,0.2)
$black = rgba(0,0,0,1)
$error = rgba(255,0,0,1)
$warning = rgba(255,193,7,1)
# BACGROUND
background {
monitor =
path = ~/.config/hypr/lockscreen-1
contrast = 1
brightness = 0.5
vibrancy = 0.2
vibrancy_darkness = 0.2
}
general {
no_fade_in = true
no_fade_out = true
hide_cursor = false
grace = 0
disable_loading_bar = true
}
# TIME
label {
monitor =
text = cmd[update:1000] echo "$(date +"%-I:%M")"
color = $white
font_size = 95
font_family = JetBrains Mono Extrabold
position = 0, 200
halign = center
valign = center
}
# PASSWORD
input-field {
monitor =
size = 250, 60
outline_thickness = 2
dots_size = 0.2
dots_spacing = 0.35
dots_center = true
outer_color = $transparent
inner_color = $transparent
font_color = $white
fade_on_empty = false
rounding = -1
placeholder_text = <span>Password for $USER:</span>
hide_input = false
position = 0, -200
halign = center
valign = center
}

2
modules/users/crow/configs/hypr/parzival-monitors.conf
View file

@ -1,2 +0,0 @@
monitor=HDMI-A-1,1920x1080@74.97,0x0,1.0,transform,1
monitor=DP-2,2560x1440@169.83,1080x215,1.0

0
modules/users/crow/configs/hypr/parzival_mobile-monitors.conf
View file

15
modules/users/crow/configs/ssh.nix
View file

@ -1,15 +0,0 @@
{
programs.ssh = {
enable = true;
extraConfig = ''
Host github.com
User git
PreferredAuthentications publickey
IdentityFile /home/crow/.ssh/id_ed25519
Host Overseer
User overseer
HostName 192.168.0.30
IdentityFile /home/crow/.ssh/wanderingcrow
'';
};
}

19
modules/users/crow/configs/sway/parzival-monitors.conf
View file

@ -1,19 +0,0 @@
output HDMI-A-1 mode 1920x1080@74.973Hz
output HDMI-A-1 pos 0 0
output HDMI-A-1 transform 270
output DP-1 mode 2560x1440@169.831Hz
output DP-1 pos 1080 215
# Backgrounds
output HDMI-A-1 background /home/crow/.config/sway/background-2 fill
output DP-1 background /home/crow/.config/sway/background-1 fill
# Assign specific workspaces to specific outputs
workspace 1 output HDMI-A-1 # Firefox
workspace 2 output HDMI-A-1 # Comms
workspace 3 output DP-1 # Terminal
workspace 5 output DP-1 # Mudlet
# Assign wacom tablet to primary monitor
input type:tablet_tool map_to_output DP-1

14
modules/users/crow/configs/sway/parzival_framework-monitors.conf
View file

@ -1,14 +0,0 @@
output eDP-1 mode 2256x1504@59.999Hz
output eDP-1 pos 0 0
output "Lenovo Group Limited L15 U133NKFT" mode 1920x1080@60.000Hz
output "Lenovo Group Limited L15 U133NKFT" pos -1920 0
# Backgrounds
output * background /home/crow/.config/sway/background-3 fill
# Assign specific workspaces to specific outputs
workspace 1 output "Lenovo Group Limited L15 U133NKFT" # Firefox
workspace 2 output eDP-1 # Comms
workspace 3 output eDP-1 # Terminal
workspace 5 output "Lenovo Group Limited L15 U133NKFT" # Mudlet

1
modules/users/crow/configs/sway/parzival_mobile-monitors.conf
View file

@ -1 +0,0 @@
output * background /home/crow/.config/sway/background-3 fill

168
modules/users/crow/configs/sway/sway.conf
View file

@ -1,168 +0,0 @@
set $mod Mod4
###########################
### Systemd Integration ###
###########################
exec systemctl --user import-environment XDG_SESSION_TYPE XDG_CURRENT_DESKTOP
exec dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
################
### MONITORS ###
################
include /home/crow/.config/sway/monitors.conf
###################
### MY PROGRAMS ###
###################
set $term foot
set $menu wofi --show run | xargs swaymsg exec --
exec waybar
exec swaync
exec udiskie
exec /usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1
###################
### IDLE CONFIG ###
###################
exec swayidle -w timeout 300 'hyprlock'
exec wljoywake # prevent screen sleep on joystick input
set $lock 'hyprlock'
bindswitch --reload --locked lid:on exec $lock
for_window [app_id="firefox"] inhibit_idle fullscreen
bindsym $mod+Shift+z exec $lock
### Input configuration
#
# Example configuration:
#
# input "2:14:SynPS/2_Synaptics_TouchPad" {
# dwt enabled
# tap enabled
# natural_scroll enabled
# middle_emulation enabled
# }
#
# You can get the names of your inputs by running: swaymsg -t get_inputs
# Read `man 5 sway-input` for more information about this section.
###################
### KEYBINDINGS ###
###################
bindsym $mod+Return exec $term
bindsym $mod+Shift+q kill
bindsym $mod+Shift+e exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -B 'Yes, exit sway' 'swaymsg exit'
bindsym $mod+Shift+n exec networkmanager_dmenu
bindsym $mod+n exec swaync-client -t -sw
bindsym $mod+d exec $menu
bindsym $mod+Shift+d exec UDISKIE_DMENU_LAUNCHER="wofi" udiskie-dmenu -matching regex -dmenu -i -no-custom -multi-select
# Reload the configuration file
bindsym $mod+Shift+c reload
floating_modifier $mod normal
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
##################
### WORKSPACES ###
##################
bindsym $mod+1 workspace number 1
bindsym $mod+2 workspace number 2
bindsym $mod+3 workspace number 3
bindsym $mod+4 workspace number 4
bindsym $mod+5 workspace number 5
bindsym $mod+6 workspace number 6
bindsym $mod+7 workspace number 7
bindsym $mod+8 workspace number 8
bindsym $mod+9 workspace number 9
bindsym $mod+0 workspace number 10
# Move focused container to workspace
bindsym $mod+Shift+1 move container to workspace number 1
bindsym $mod+Shift+2 move container to workspace number 2
bindsym $mod+Shift+3 move container to workspace number 3
bindsym $mod+Shift+4 move container to workspace number 4
bindsym $mod+Shift+5 move container to workspace number 5
bindsym $mod+Shift+6 move container to workspace number 6
bindsym $mod+Shift+7 move container to workspace number 7
bindsym $mod+Shift+8 move container to workspace number 8
bindsym $mod+Shift+9 move container to workspace number 9
bindsym $mod+Shift+0 move container to workspace number 10
#
# Layout stuff:
#
# You can "split" the current object of your focus with
# $mod+b or $mod+v, for horizontal and vertical splits
# respectively.
bindsym $mod+b splith
bindsym $mod+v splitv
# Switch the current container between different layout styles
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# Make the current focus fullscreen
bindsym $mod+f fullscreen
# Toggle the current focus between tiling and floating mode
bindsym $mod+Shift+space floating toggle
# Swap focus between the tiling area and the floating area
bindsym $mod+space focus mode_toggle
# Move focus to the parent container
bindsym $mod+a focus parent
#
# Scratchpad:
#
# Sway has a "scratchpad", which is a bag of holding for windows.
# You can send windows there and get them back later.
# Move the currently focused window to the scratchpad
bindsym $mod+Shift+minus move scratchpad
# Show the next scratchpad window or hide the focused scratchpad window.
# If there are multiple scratchpad windows, this command cycles through them.
bindsym $mod+minus scratchpad show
#
# Resizing containers:
#
mode "resize" {
bindsym Left resize shrink width 10px
bindsym Down resize grow height 10px
bindsym Up resize shrink height 10px
bindsym Right resize grow width 10px
# Return to default mode
bindsym Return mode "default"
bindsym Escape mode "default"
}
bindsym $mod+r mode "resize"
# Media controls:
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle
bindsym XF86AudioMicMute exec pulseaudio-ctl mute-input
bindsym XF86AudioPlay exec playerctl play-pause
bindsym XF86AudioNext exec playerctl next
bindsym XF86AudioPrev exec playerctl previous
bindsym XF86MonBrightnessUp exec brightnessctl s +5%
bindsym XF86MonBrightnessDown exec brightnessctl s 5%-
bindsym Print exec grim -g "$(slurp)" - | swappy -f -

17
modules/users/crow/configs/tmux.nix
View file

@ -1,17 +0,0 @@
{
programs.tmux = {
enable = true;
keyMode = "vi";
extraConfig = ''
bind | split-window -h
bind - split-window -v
unbind '"'
unbind %
bind -n M-Left select-pane -L
bind -n M-Right select-pane -R
bind -n M-Up select-pane -U
bind -n M-Down select-pane -D
'';
};
}

BIN
modules/users/crow/configs/wallpapers/cyber_defiance.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.5 MiB

BIN
modules/users/crow/configs/wallpapers/cyber_skyscrapers.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 571 KiB

BIN
modules/users/crow/configs/wallpapers/kali_lol.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 16 KiB

BIN
modules/users/crow/configs/wallpapers/wrecked_ship.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 4.5 MiB

235
modules/users/crow/configs/waybar.nix
View file

@ -1,235 +0,0 @@
{osConfig, ...}: let
# screenshots/og_waybar.jpg
og_waybar = {
jsonc = {
mainBar = {
layer = "top";
position = "top";
height = 30;
spacing = 4;
mode = "dock";
margin = "10";
modules-left = ["sway/workspaces"];
modules-center = ["clock"];
modules-right = ["network" "battery" "backlight" "pulseaudio" "tray"];
tray = {
spacing = 10;
};
"sway/workspaces" = {
format = "{icon}";
format-icons = {
"1" = "󰈹";
"2" = "";
"3" = "";
"4" = "󰎆";
"5" = "󰓥";
"urgent" = "";
"active" = "";
"default" = "";
};
sort-by-number = true;
persistent-workspaces = {
"1" = ["HDMI-A-1"];
"2" = ["HDMI-A-1"];
"3" = ["DP-1"];
};
};
clock = {
tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
format-alt = "{:%m-%d-%Y}";
};
network = {
format-wifi = "{essid} ({signalStrength}%) ";
format-ethernet = "{ipaddr}/{cidr} ";
tooltip-format = "{ifname} via {gwaddr} ";
format-linked = "{ifname} (No IP) ";
format-disconnected = "Disconnected ";
format-alt = "{ifname}: {ipaddr}/{cidr}";
};
battery = {
states = {
warning = 30;
critical = 15;
};
format = "{capacity}% {icon}";
format-full = "{capacity}% {icon}";
format-charging = "{capacity}% ";
format-plugged = "{capacity}% ";
format-alt = "{time} {icon}";
format-icons = ["" "" "" "" ""];
interval = 30;
};
backlight = {
format = "{percent}% {icon}";
format-icons = ["󰃞" "󰃟" "󰃠"];
};
pulseaudio = {
format = "{volume}% {icon} {format_source}";
format-bluetooth = "{volume}% {icon} {format_source}";
format-bluetooth-muted = " {icon} {format_source}";
format-muted = " {format_source}";
format-source = "{volume}% ";
format-source-muted = "";
format-icons = {
headphone = "";
hands-free = "";
headset = "";
phone = "";
portable = "";
car = "";
default = ["" "" ""];
};
on-click = "pavucontrol";
};
};
};
style = ''
@define-color fg #AAB775;
@define-color bg #060617;
@define-color disabled #a5a5a5;
@define-color alert #f53c3c;
@define-color activegreen #8fb666;
* {
min-height: 0;
font-family: "JetBrainsMono Nerd Font", "Hack Nerd Font", "Font Awesome 6 Free Regular", "Font Awesome 6 Free Solid", "Font Awesome 6 Brands";
font-size: 14px;
}
window#waybar {
color: @fg;
background: @bg;
transition-property: background-color;
border-radius: 25px;
transition-duration: 0.5s;
}
window#waybar.empty {
opacity: 0.3;
}
button {
/* Use box-shadow instead of border so the text isn't offset */
box-shadow: inset 0 -3px transparent;
/* Avoid rounded borders under each button name */
border: none;
border-radius: 0;
}
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
button:hover {
background: inherit;
box-shadow: inset 0 -3px transparent;
}
#workspaces button {
color: @fg;
/* padding : 0px 5px; */
}
#workspaces button.urgent {
color: @alert;
}
#workspaces button.empty {
color: @disabled;
}
#workspaces button.active {
border-bottom: 2px solid #DCAA9B;
border-radius: 0;
margin-top: 2px;
color: #DCAA9B;
transition: none;
}
/* If workspaces is the leftmost module, omit left margin */
.modules-left > widget:first-child > #workspaces {
margin-left: 0;
}
/* If workspaces is the rightmost module, omit right margin */
.modules-right > widget:last-child > #workspaces {
margin-right: 0;
}
#clock,
#battery,
#cpu,
#memory,
#disk,
#temperature,
#language,
#backlight,
#backlight-slider,
#network,
#pulseaudio,
#wireplumber,
#custom-media,
#taskbar,
#tray,
#tray menu,
#tray > .needs-attention,
#tray > .passive,
#tray > .active,
#mode,
#idle_inhibitor,
#scratchpad,
#custom-power,
#window,
#mpd {
padding: 0px 5px;
padding-right: 10px;
margin: 3px 3px;
color: @fg;
}
#custom-power {
color: @fg;
padding-left: 10px;
}
#custom-separator {
color: @disabled;
}
#network.disconnected,
#pulseaudio.muted,
#wireplumber.muted {
color: @alert;
}
#battery.charging,
#battery.plugged {
color: #26a65b;
}
label:focus {
background-color: #333333;
}
#battery.critical:not(.charging) {
background-color: @alert;
color: @fg;
animation-name: blink;
animation-duration: 0.5s;
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
'';
};
in {
programs.waybar = {
enable = true;
settings =
if osConfig.ricing.basic.enable
then og_waybar.jsonc
else {};
style =
if osConfig.ricing.basic.enable
then og_waybar.style
else "";
};
}

5
modules/users/crow/configs/zsh.nix
View file

@ -1,5 +0,0 @@
{
programs.zsh = {
enable = true;
};
}

10
modules/users/crow/default.nix
View file

@ -1,10 +0,0 @@
{
lib,
config,
...
}: {
imports = [
./user.nix
./secrets.nix
];
}

56
modules/users/crow/home.nix
View file

@ -1,56 +0,0 @@
{
osConfig,
config,
inputs,
pkgs,
lib,
...
}: let
hyprMonitorConfig =
if osConfig.networking.hostName == "Parzival"
then ./configs/hypr/parzival-monitors.conf
else if osConfig.networking.hostName == "Parzival-Mobile" || osConfig.networking.hostName == "Parzival-Framework"
then ./configs/hypr/parzival_mobile-monitors.conf
else null;
swayMonitorConfig =
if osConfig.networking.hostName == "Parzival"
then ./configs/sway/parzival-monitors.conf
else if osConfig.networking.hostName == "Parzival-Mobile"
then ./configs/sway/parzival_mobile-monitors.conf
else if osConfig.networking.hostName == "Parzival-Framework"
then ./configs/sway/parzival_framework-monitors.conf
else null;
in {
imports = [
./configs/firefox.nix
./configs/waybar.nix
./configs/tmux.nix
./configs/git.nix
./configs/ssh.nix
./configs/zsh.nix
./configs/direnv.nix
];
home = {
username = "crow";
homeDirectory = "/home/crow";
stateVersion = "24.05";
# Hyprland
file.".config/hypr/hyprland.conf".source = ./configs/hypr/hyprland.conf;
file.".config/hypr/monitors.conf".source = lib.mkIf (hyprMonitorConfig != null) hyprMonitorConfig;
file.".config/hypr/hyprlock.conf".source = ./configs/hypr/hyprlock.conf;
# Sway
file.".config/sway/config".source = ./configs/sway/sway.conf;
file.".config/sway/monitors.conf".source = lib.mkIf (swayMonitorConfig != null) swayMonitorConfig;
file.".config/sway/background-1".source = ./configs/wallpapers/cyber_defiance.jpg;
file.".config/sway/background-2".source = ./configs/wallpapers/cyber_skyscrapers.jpg;
file.".config/sway/background-3".source = ./configs/wallpapers/kali_lol.jpg;
file.".config/hypr/lockscreen-1".source = ./configs/wallpapers/wrecked_ship.jpg;
};
xdg = {
configHome = "/home/crow/.config";
enable = true;
};
}

71
modules/users/crow/secrets.nix
View file

@ -1,71 +0,0 @@
{
lib,
inputs,
config,
...
}:
lib.mkIf config.user.crow.enable {
sops = {
defaultSopsFile = inputs.nix-secrets.secrets.parzival;
age.keyFile = "/var/lib/sops-nix/key.txt";
age.generateKey = true;
};
#######
# AWS #
#######
sops.secrets."aws/wce/access_key" = {};
sops.secrets."aws/wce/secret_key" = {};
sops.secrets."aws/work/access_key" = {};
sops.secrets."aws/work/secret_key" = {};
sops.templates."aws_shared_config" = {
owner = config.users.users.crow.name;
content = ''
[default]
aws_access_key_id=${config.sops.placeholder."aws/work/access_key"}
aws_secret_access_key=${config.sops.placeholder."aws/work/secret_key"}
[wce]
aws_access_key_id=${config.sops.placeholder."aws/wce/access_key"}
aws_secret_access_key=${config.sops.placeholder."aws/wce/secret_key"}
'';
};
system.userActivationScripts.link_aws_secrets.text = ''
rm -rf /home/crow/.aws
mkdir -p /home/crow/.aws
ln -s ${config.sops.templates."aws_shared_config".path} /home/crow/.aws/credentials
'';
################
# DigitalOcean #
################
sops.secrets."digitalocean/token" = {
owner = config.users.users.crow.name;
};
##############
# Cloudflare #
##############
sops.secrets."cloudflare/token" = {
owner = config.users.users.crow.name;
};
sops.secrets."backblaze/id" = {
owner = config.users.users.crow.name;
};
sops.secrets."backblaze/key" = {
owner = config.users.users.crow.name;
};
sops.secrets."restic/wce-media-backup/endpoint" = {
owner = config.users.users.crow.name;
};
sops.secrets."restic/wce-media-backup/password" = {
owner = config.users.users.crow.name;
};
}

17
modules/users/crow/user.nix
View file

@ -1,17 +0,0 @@
{
inputs,
lib,
config,
...
}: {
users.users.crow = lib.mkIf config.user.crow.enable {
isNormalUser = true;
hashedPassword = "$y$j9T$wDC7wMJxCLNvdf8L8s6jZ.$U06F381x07fzu.updEsoegiWtbFvsrRJ7DLN9gR7un0";
extraGroups = ["wheel" "networkmanager" "audio" "plugdev" "dialout" "input" "uinput" "docker" "podman"];
openssh.authorizedKeys.keyFiles = [
inputs.nix-secrets.keys.default
];
};
home-manager.users.crow = lib.mkIf config.user.crow.home.enable ./home.nix;
}

12
modules/users/default.nix
View file

@ -1,12 +0,0 @@
{config, ...}: {
imports = [
./crow
./overseer
];
config.home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
backupFileExtension = "backup";
};
}

9
modules/users/dragneel/default.nix
View file

@ -1,9 +0,0 @@
{
lib,
config,
...
}: {
imports = [
./user.nix
];
}

20
modules/users/dragneel/home.nix
View file

@ -1,20 +0,0 @@
{
osConfig,
config,
inputs,
pkgs,
lib,
...
}: {
imports = [];
home = {
username = "dragneel";
homeDirectory = "/home/dragneel";
stateVersion = "24.05";
};
xdg = {
configHome = "/home/dragneel/.config";
enable = true;
};
}

19
modules/users/dragneel/user.nix
View file

@ -1,19 +0,0 @@
{
inputs,
lib,
config,
...
}:
lib.mkIf config.user.dragneel.enable {
users.users.dragneel = {
isNormalUser = true;
hashedPassword = "$y$j9T$QA39xfvBrwChIi7CBsLgn.$jyWUKiP6QGY4rMtFTcBZgw7s1IJdiaIK6ZUwnU3Wmj7";
group = "wheel";
extraGroups = ["wheel" "networkmanager" "audio" "plugdev"];
openssh.authorizedKeys.keyFiles = [
inputs.nix-secrets.keys.default
];
};
home-manager.users.dragneel = ./home.nix;
}

9
modules/users/live/default.nix
View file

@ -1,9 +0,0 @@
{
lib,
config,
...
}: {
imports = [
./user.nix
];
}

16
modules/users/live/user.nix
View file

@ -1,16 +0,0 @@
{
inputs,
lib,
config,
...
}:
lib.mkIf config.user.live.enable {
config.users.users.live = {
isNormalUser = true;
initialPassword = "live";
extraGroups = ["wheel" "networkmanager" "audio" "plugdev"];
openssh.authorizedKeys.keyFiles = [
inputs.nix-secrets.keys.default
];
};
}

54
modules/users/overseer/acme.nix
View file

@ -1,54 +0,0 @@
{
lib,
pkgs,
config,
...
}:
lib.mkIf config.user.overseer.enable {
sops = {
secrets = {
"aws/access_key" = {};
"aws/secret_key" = {};
"aws/region" = {};
};
templates = {
"aws_shared_credentials".content = ''
[default]
aws_access_key_id=${config.sops.placeholder."aws/access_key"}
aws_secret_access_key=${config.sops.placeholder."aws/secret_key"}
'';
"aws_env".content = ''
AWS_REGION=${config.sops.placeholder."aws/region"}
'';
};
};
security.acme = {
acceptTerms = true;
defaults = {
email = "infrastructure@wanderingcrow.net";
group = config.services.nginx.group;
dnsProvider = "route53";
credentialFiles = {
"AWS_SHARED_CREDENTIALS_FILE" = config.sops.templates."aws_shared_credentials".path;
};
environmentFile = config.sops.templates."aws_env".path;
};
certs = {
"wanderingcrow.net" = {};
"umami.wanderingcrow.net" = {};
"garage.wanderingcrow.net" = {};
"bar.wanderingcrow.net" = {};
"home.wanderingcrow.net" = {};
"homebox.wanderingcrow.net" = {};
"cache.wanderingcrow.net" = {};
"openhab.wanderingcrow.net" = {};
"frigate.wanderingcrow.net" = {};
"notes.wanderingcrow.net" = {};
"grocy.wanderingcrow.net" = {};
"barcodebuddy.grocy.wanderingcrow.net" = {};
"budget.wanderingcrow.net" = {};
"matrix.wanderingcrow.net" = {};
};
};
}

49
modules/users/overseer/backups.nix
View file

@ -1,49 +0,0 @@
let
volumePath = "/overseer/services";
restic-default = {
user = "root";
timerConfig = {
OnCalendar = "hourly";
Persistent = true;
};
paths = [
# bar-assistant.nix
"${volumePath}/bar-assistant"
"${volumePath}/meilisearch"
# homebox.nix
"/var/lib/homebox/data"
# lubelogger.nix
"${volumePath}/lubelogger"
# trilium.nix
"/var/lib/trilium/backup"
# grocy
"/var/lib/grocy"
# actualbudget
"${volumePath}/actualbudget"
];
};
in
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
# Restic secrets
sops.secrets."restic/borg-base/url" = {};
sops.secrets."restic/borg-base/key" = {};
services.restic.backups = {
borg-base =
restic-default
// {
repositoryFile = config.sops.secrets."restic/borg-base/url".path;
passwordFile = config.sops.secrets."restic/borg-base/key".path;
};
};
}

10
modules/users/overseer/default.nix
View file

@ -1,10 +0,0 @@
{
imports = [
./user.nix
./setup.nix
./secrets.nix
./acme.nix
./backups.nix
./services
];
}

14
modules/users/overseer/secrets.nix
View file

@ -1,14 +0,0 @@
{
lib,
inputs,
config,
pkgs,
...
}:
lib.mkIf config.user.overseer.enable {
sops = {
defaultSopsFile = inputs.nix-secrets.secrets.overseer;
age.keyFile = "/var/lib/sops-nix/key.txt";
age.generateKey = true;
};
}

41
modules/users/overseer/services/actualbudget.nix
View file

@ -1,41 +0,0 @@
{
lib,
config,
...
}: let
volumePath = "/overseer/services";
in
lib.mkIf config.user.overseer.enable {
systemd.tmpfiles.rules = [
"d ${volumePath}/actualbudget"
];
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"budget.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "budget.wanderingcrow.net";
locations = {
"/" = {
proxyPass = "http://10.88.0.12";
};
};
};
};
};
virtualisation.oci-containers = {
backend = "podman";
containers = {
"actualbudget" = {
image = "actualbudget/actual-server:latest";
volumes = ["${volumePath}/actualbudget:/data"];
extraOptions = ["--ip=10.88.0.12"];
environment = {
ACTUAL_PORT = "80";
};
};
};
};
}

58
modules/users/overseer/services/attic.nix
View file

@ -1,58 +0,0 @@
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
sops = {
secrets."attic/server_token" = {};
secrets."cloudflare/r2/access_key" = {};
secrets."cloudflare/r2/secret_key" = {};
templates."attic-env".content = ''
ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64=${config.sops.placeholder."attic/server_token"}
AWS_ACCESS_KEY_ID=${config.sops.placeholder."cloudflare/r2/access_key"}
AWS_SECRET_ACCESS_KEY=${config.sops.placeholder."cloudflare/r2/secret_key"}
'';
};
services = {
atticd = {
enable = true;
mode = "monolithic";
environmentFile = config.sops.templates."attic-env".path;
settings = {
listen = "[::]:8080";
api-endpoint = "https://cache.wanderingcrow.net/";
jwt = {};
chunking = {
nar-size-threshold = 64 * 1024; # 64 KiB
min-size = 16 * 1024; # 16 KiB
avg-size = 64 * 1024; # 64 KiB
max-size = 256 * 1024; # 256 KiB
};
storage = {
type = "s3";
region = "";
bucket = "wce-attic-cache";
endpoint = "https://68c4b3ab47c1a97037ab5a938f772d69.r2.cloudflarestorage.com";
};
};
};
nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"cache.wanderingcrow.net" = {
forceSSL = true;
extraConfig = ''
client_max_body_size 0;
'';
useACMEHost = "cache.wanderingcrow.net";
locations."/" = {
proxyPass = "http://localhost:8080";
proxyWebsockets = true;
};
};
};
};
};
}

109
modules/users/overseer/services/bar-assistant.nix
View file

@ -1,109 +0,0 @@
let
volumePath = "/overseer/services";
in
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
###########
# SECRETS #
###########
sops = {
# Meilisearch secrets
secrets."meilisearch/masterkey" = {};
templates."meilisearch-environment".content = ''
MEILI_MASTER_KEY=${config.sops.placeholder."meilisearch/masterkey"}
'';
# Bar Assistant secrets
templates."bar_assistant-env".content = ''
MEILISEARCH_KEY=${config.sops.placeholder."meilisearch/masterkey"}
'';
};
systemd.tmpfiles.rules = [
"d ${volumePath}/bar-assistant 770 33 33"
"d ${volumePath}/meilisearch"
];
###########
# Routing #
###########
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"bar.wanderingcrow.net" = {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 172.220.132.255;
deny all;
'';
forceSSL = true;
useACMEHost = "bar.wanderingcrow.net";
locations = {
"/search/" = {
proxyPass = "http://10.88.0.3:7700/";
priority = 1;
};
"/api/" = {
proxyPass = "http://10.88.0.4:8080/";
priority = 1;
};
"/" = {
proxyPass = "http://10.88.0.5:8080/";
};
};
};
};
};
###########
# Service #
###########
virtualisation.oci-containers = {
backend = "podman";
containers = {
"meilisearch" = {
image = "getmeili/meilisearch:v1.8";
volumes = ["${volumePath}/meilisearch:/meili_data"];
extraOptions = ["--ip=10.88.0.3"];
environmentFiles = [config.sops.templates."meilisearch-environment".path];
environment = {
MEILI_ENV = "production";
MEILI_NO_ANALYTICS = "true";
};
};
"bar-assistant" = {
image = "barassistant/server:v4";
volumes = ["${volumePath}/bar-assistant:/var/www/cocktails/storage/bar-assistant"];
dependsOn = ["meilisearch"];
extraOptions = ["--ip=10.88.0.4"];
environmentFiles = [config.sops.templates."bar_assistant-env".path];
environment = {
APP_URL = "https://bar.wanderingcrow.net/api";
MEILISEARCH_HOST = "https://bar.wanderingcrow.net/search";
CACHE_DRIVER = "file";
SESSION_DRIVER = "file";
ALLOW_REGISTRATION = "true";
};
};
"salt-rim" = {
image = "barassistant/salt-rim:v3";
dependsOn = ["bar-assistant"];
extraOptions = ["--ip=10.88.0.5"];
ports = ["3001:8080"];
environment = {
API_URL = "https://bar.wanderingcrow.net/api";
MEILIESEARCH_URL = "https://bar.wanderingcrow.net/search";
};
};
};
};
}

10
modules/users/overseer/services/calibre.nix
View file

@ -1,10 +0,0 @@
{
config,
lib,
...
}:
lib.mkIf config.user.overseer.enable {
services.calibre-web = {
enable = true;
};
}

17
modules/users/overseer/services/default.nix
View file

@ -1,17 +0,0 @@
{
imports = [
./bar-assistant.nix
./homebox.nix
./homepage.nix
./the-nest.nix
./umami.nix
./lubelogger.nix
./openhab.nix
./frigate.nix
./trilium.nix
./grocy.nix
./actualbudget.nix
./glances.nix
./matrix.nix
];
}

192
modules/users/overseer/services/frigate.nix
View file

@ -1,192 +0,0 @@
let
volumePath = "/overseer/services";
in
{
pkgs,
lib,
config,
...
}: let
frigateConfig = pkgs.writeText "config.yaml" (lib.generators.toYAML {} {
auth.reset_admin_password = true; # roll the admin password every restart, depend on user accounts for long-lived access
tls.enabled = false; # off because we're doing ssl through nginx
mqtt = {
# TODO: add mqtt broker
enabled = false;
};
notifications = {
enabled = true;
email = "frigate@wanderingcrow.net";
};
###################
# go2rtc restream #
###################
go2rtc = {
streams = {
wce-0001 = [
"rtsp://thingino:thingino@192.168.150.1:554/ch0"
];
wce-0001_sub = [
"rtsp://thingino:thingino@192.168.150.1:554/ch1"
];
wce-0002 = [
"rtsp://thingino:thingino@192.168.150.2:554/ch0"
];
wce-0002_sub = [
"rtsp://thingino:thingino@192.168.150.2:554/ch1"
];
};
};
#############
# Detectors #
#############
detectors = {
ov_0 = {
type = "openvino";
device = "CPU";
};
};
model = {
width = 300;
height = 300;
input_tensor = "nhwc";
input_pixel_format = "bgr";
path = "/openvino-model/ssdlite_mobilenet_v2.xml";
labelmap_path = "/openvino-model/coco_91cl_bkgr.txt";
};
objects = {
track = [
"person"
"cat"
"car"
"dog"
];
};
review = {
alerts = {
labels = [
"person"
"cat"
];
};
};
####################
# Data Persistence #
####################
record = {
enabled = true;
retain.days = 0; # as per official documentation
alerts = {
retain.days = 14;
};
detections = {
retain.days = 14;
};
};
#################
# Camera config #
#################
cameras = {
wce-0001 = {
ffmpeg = {
inputs = [
{
path = "rtsp://127.0.0.1:8554/wce-0001";
roles = ["record"];
}
{
path = "rtsp://127.0.0.1:8554/wce-0001_sub";
roles = ["detect"];
}
];
};
live.stream_name = "wce-0001_sub";
motion = {
enabled = true;
mask = [
"0,0,0.196,0.002,0.195,0.045,0,0.043" # timestamp
"0.898,0,0.896,0.045,1,0.048,0.999,0.002" # uptime
];
};
detect.enabled = true;
};
wce-0002 = {
ffmpeg = {
inputs = [
{
path = "rtsp://127.0.0.1:8554/wce-0002";
roles = ["record"];
}
{
path = "rtsp://127.0.0.1:8554/wce-0002_sub";
roles = ["detect"];
}
];
};
live.stream_name = "wce-0002_sub";
motion = {
enabled = true;
mask = [
"0,0,0.196,0.002,0.195,0.045,0,0.043" # timestamp
"0.898,0,0.896,0.045,1,0.048,0.999,0.002" # uptime
];
};
detect.enabled = true;
};
};
});
in
lib.mkIf config.user.overseer.enable {
sops = {
templates."frigate_env".content = ''
FRIGATE_JWT_SECRET=${config.sops.placeholder."frigate/jwt"}
'';
secrets = {
"frigate/jwt" = {};
};
};
systemd.tmpfiles.rules = [
"d ${volumePath}/frigate"
"d ${volumePath}/frigate/media/frigate"
"d ${volumePath}/frigate/db"
"f ${volumePath}/frigate/db/frigate.db"
];
###########
# Service #
###########
virtualisation.oci-containers = {
backend = "podman";
containers = {
"frigate" = {
image = "ghcr.io/blakeblackshear/frigate:stable";
environmentFiles = [config.sops.templates."frigate_env".path];
volumes = [
"/etc/localtime:/etc/localtime:ro"
"${volumePath}/frigate/media/frigate:/media/frigate"
"${frigateConfig}:/config/config.yaml:ro"
"${volumePath}/frigate/db/frigate.db:/config/frigate.db"
];
extraOptions = [
"--shm-size=612m"
"--ip=10.88.0.10"
];
};
};
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"frigate.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "frigate.wanderingcrow.net";
locations."/" = {
proxyPass = "http://10.88.0.10:8971";
proxyWebsockets = true;
};
};
};
};
}

10
modules/users/overseer/services/glances.nix
View file

@ -1,10 +0,0 @@
{
config,
lib,
...
}:
lib.mkIf config.user.overseer.enable {
services.glances = {
enable = true;
};
}

43
modules/users/overseer/services/grocy.nix
View file

@ -1,43 +0,0 @@
let
volumePath = "/overseer/services";
in
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
systemd.tmpfiles.rules = [
"d ${volumePath}/barcodebuddy"
];
services.nginx.virtualHosts = {
"grocy.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "grocy.wanderingcrow.net";
};
"barcodebuddy.grocy.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "barcodebuddy.grocy.wanderingcrow.net";
locations."/" = {
proxyPass = "http://10.88.0.11:80";
proxyWebsockets = true;
};
};
};
services.grocy = {
enable = true;
hostName = "grocy.wanderingcrow.net";
nginx.enableSSL = false;
};
virtualisation.oci-containers.containers = {
barcodebuddy = {
image = "f0rc3/barcodebuddy:latest";
volumes = ["${volumePath}/barcodebuddy:/config"];
extraOptions = ["--ip=10.88.0.11"];
};
};
}

36
modules/users/overseer/services/homebox.nix
View file

@ -1,36 +0,0 @@
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
services = {
nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"homebox.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "homebox.wanderingcrow.net";
locations."/" = {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 172.220.132.255;
deny all;
'';
proxyPass = "http://localhost:7745";
proxyWebsockets = true;
};
};
};
};
homebox = {
enable = true;
settings = {
HBOX_OPTIONS_ALLOW_REGISTRATION = "true";
};
};
};
}

258
modules/users/overseer/services/homepage.nix
View file

@ -1,258 +0,0 @@
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
# Homepage.dev secrets
sops = {
secrets = {
"homepage/openmeteo/lat" = {};
"homepage/openmeteo/long" = {};
"lubelogger/user" = {};
"lubelogger/pass" = {};
};
templates."homepage-environment".content = ''
HOMEPAGE_VAR_LAT = ${config.sops.placeholder."homepage/openmeteo/lat"}
HOMEPAGE_VAR_LONG = ${config.sops.placeholder."homepage/openmeteo/long"}
HOMEPAGE_VAR_LUBELOGGERUSER = ${config.sops.placeholder."lubelogger/user"}
HOMEPAGE_VAR_LUBELOGGERPASS = ${config.sops.placeholder."lubelogger/pass"}
HOMEPAGE_ALLOWED_HOSTS = home.wanderingcrow.net
'';
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"home.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "home.wanderingcrow.net";
locations."/" = {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 172.220.132.255;
deny all;
'';
proxyPass = "http://localhost:8089";
proxyWebsockets = true;
};
};
};
};
services = {
homepage-dashboard = {
enable = true;
listenPort = 8089;
environmentFile = config.sops.templates."homepage-environment".path;
settings = {
theme = "dark";
};
services = [
{
"Services" = [
{
"Garage" = {
icon = "https://garage.wanderingcrow.net/favicon.ico";
href = "https://garage.wanderingcrow.net";
description = "Vehicle management";
widget = {
type = "lubelogger";
url = "https://garage.wanderingcrow.net";
username = "{{HOMEPAGE_VAR_LUBELOGGERUSER}}";
password = "{{HOMEPAGE_VAR_LUBELOGGERPASS}}";
};
};
}
];
}
];
widgets = [
{
search = {
provider = "duckduckgo";
target = "_blank";
};
}
{
openmeteo = {
timezone = "America/New_York";
units = "imperial";
cache = "5";
latitude = "{{HOMEPAGE_VAR_LAT}}";
longitude = "{{HOMEPAGE_VAR_LONG}}";
};
}
{
glances = {
url = "http://localhost:61208";
version = 4;
disk = "/";
label = "Overseer";
};
}
];
bookmarks = [
{
WCE = [
{
Grocy = [
{
icon = "grocy.svg";
href = "https://grocy.wanderingcrow.net";
}
];
}
{
Homebox = [
{
icon = "https://homebox.wanderingcrow.net/favicon.svg";
href = "https://homebox.wanderingcrow.net";
}
];
}
{
Bar = [
{
icon = "https://bar.wanderingcrow.net/favicon.svg";
href = "https://bar.wanderingcrow.net";
}
];
}
];
}
{
"Day to Day" = [
{
Messages = [
{
icon = "google-messages.svg";
href = "https://messages.google.com/web";
}
];
}
{
YouTube = [
{
icon = "youtube.svg";
href = "https://youtube.com";
}
];
}
{
"Proton Mail" = [
{
icon = "proton-mail.svg";
href = "https://mail.proton.me";
}
];
}
{
Crunchyroll = [
{
icon = "https://www.crunchyroll.com/build/assets/img/favicons/favicon-v2-32x32.png";
href = "https://crunchyroll.com";
}
];
}
{
Instagram = [
{
icon = "instagram.svg";
href = "https://instagram.com";
}
];
}
{
Aetolia = [
{
icon = "https://aetolia.com/wp-content/uploads/2020/04/favicon.ico";
href = "https://aetolia.com";
}
];
}
{
Amazon = [
{
icon = "amazon.svg";
href = "https://amazon.com";
}
];
}
];
}
{
Work = [
{
Jira = [
{
icon = "jira.svg";
href = "https://home.atlassian.com/";
}
];
}
{
AWS = [
{
icon = "aws.svg";
href = "https://console.aws.amazon.com/";
}
];
}
{
Email = [
{
icon = "gmail.svg";
href = "https://mail.google.com/mail/u/1/#inbox";
}
];
}
{
Groups = [
{
icon = "https://www.gstatic.com/images/branding/product/1x/groups_32dp.png";
href = "https://groups.google.com/u/1/";
}
];
}
];
}
{
Nix = [
{
Search = [
{
icon = "https://search.nixos.org/images/nix-logo.png";
href = "https://search.nixos.org";
}
];
}
{
"PR Tracker" = [
{
href = "https://nixpk.gs/pr-tracker.html";
}
];
}
{
"Home Manager Options" = [
{
href = "https://home-manager-options.extranix.com/";
}
];
}
{
"Nixpkgs Versions" = [
{
href = "https://lazamar.co.uk/nix-versions/";
}
];
}
];
}
];
};
};
}

67
modules/users/overseer/services/lubelogger.nix
View file

@ -1,67 +0,0 @@
let
volumePath = "/overseer/services";
in
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
systemd.tmpfiles.rules = [
"d ${volumePath}/lubelogger"
"d ${volumePath}/lubelogger/data"
"d ${volumePath}/lubelogger/keys"
];
###########
# Service #
###########
sops = {
secrets = {
"lubelogger/user_hash" = {};
"lubelogger/pass_hash" = {};
};
templates."lubelogger-env".content = ''
LC_ALL=en_US.UTF-8
LANG=en_US.UTF-8
MailConfig__EmailServer=""
MailConfig__EmailFrom=""
MailConfig__Port=587
MailConfig__Username=""
MailConfig__Password=""
UserNameHash="${config.sops.placeholder."lubelogger/user_hash"}"
UserPasswordHash="${config.sops.placeholder."lubelogger/pass_hash"}"
LUBELOGGER_CUSTOM_WIDGETS=true
'';
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"garage.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "garage.wanderingcrow.net";
locations."/" = {
proxyPass = "http://10.88.0.8:8080";
proxyWebsockets = true;
};
};
};
};
virtualisation.oci-containers = {
backend = "podman";
containers = {
"lubelogger" = {
image = "ghcr.io/hargata/lubelogger:latest";
extraOptions = ["--ip=10.88.0.8"];
environmentFiles = [config.sops.templates."lubelogger-env".path];
volumes = [
"${volumePath}/lubelogger/data:/App/data"
"${volumePath}/lubelogger/keys:/root/.aspnet/DataProtection-Keys"
];
};
};
};
}

87
modules/users/overseer/services/matrix.nix
View file

@ -1,87 +0,0 @@
{
lib,
config,
...
}: let
fqdn = "matrix.wanderingcrow.net";
baseUrl = "https://${fqdn}";
clientConfig."m.homeserver".base_url = baseUrl;
serverConfig."m.server" = "${fqdn}:443";
mkWellKnown = data: ''
default_type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON data}';
'';
in
lib.mkIf config.user.overseer.enable {
############
# Database #
############
services.postgresql = {
enable = true;
ensureUsers = [
{
name = "matrix-synapse";
ensureDBOwnership = true;
}
];
ensureDatabases = ["matrix-synapse"];
};
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
"wanderingcrow.net" = {
forceSSL = lib.mkDefault true;
useACMEHost = lib.mkDefault "wanderingcrow.net";
locations = {
"= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
"= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
};
};
"${fqdn}" = {
forceSSL = true;
useACMEHost = "${fqdn}";
locations = {
"/".extraConfig = ''return 404;'';
"/_matrix".proxyPass = "http://localhost:8008";
"/_synapse/client".proxyPass = "http://localhost:8008";
};
};
};
};
services.matrix-synapse = {
enable = true;
settings = {
server_name = "wanderingcrow.net";
public_baseurl = baseUrl;
listeners = [
{
port = 8008;
bind_addresses = ["::1"];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = ["client" "federation"];
compress = true;
}
];
}
];
database = {
name = "psycopg2";
args = {
user = "matrix-synapse";
database = "matrix-synapse";
};
};
};
};
}

52
modules/users/overseer/services/openhab.nix
View file

@ -1,52 +0,0 @@
let
volumePath = "/overseer/services";
in
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
systemd.tmpfiles.rules = [
"d ${volumePath}/openhab openhab"
"d ${volumePath}/openhab/conf openhab"
"d ${volumePath}/openhab/userdata openhab"
"d ${volumePath}/openhab/addons openhab"
];
###########
# Service #
###########
virtualisation.oci-containers = {
backend = "podman";
containers."openhab" = {
image = "openhab/openhab:5.0.0.M1";
extraOptions = ["--ip=10.88.0.9"];
volumes = [
"${volumePath}/openhab/conf:/openhab/conf"
"${volumePath}/openhab/userdata:/openhab/userdata"
"${volumePath}/openhab/addons:/openhab/addons"
];
};
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"openhab.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "openhab.wanderingcrow.net";
locations."/" = {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 172.220.132.255;
deny all;
'';
proxyPass = "http://10.88.0.9:8080";
};
};
};
};
}

24
modules/users/overseer/services/the-nest.nix
View file

@ -1,24 +0,0 @@
{
lib,
config,
inputs,
...
}:
lib.mkIf config.user.overseer.enable {
services = {
nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"wanderingcrow.net" = {
default = true;
forceSSL = true;
useACMEHost = "wanderingcrow.net";
locations."/" = {
root = inputs.the-nest.outputs.packages.x86_64-linux.default;
};
};
};
};
};
}

31
modules/users/overseer/services/trilium.nix
View file

@ -1,31 +0,0 @@
{
lib,
config,
pkgs,
...
}:
lib.mkIf config.user.overseer.enable {
services = {
trilium-server = {
enable = true;
package = pkgs.trilium-next-server;
instanceName = "WanderingCrow";
port = 8090;
};
nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"notes.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "notes.wanderingcrow.net";
locations."/" = {
proxyPass = "http://127.0.0.1:8090";
proxyWebsockets = true;
};
};
};
};
};
}

72
modules/users/overseer/services/umami.nix
View file

@ -1,72 +0,0 @@
let
volumePath = "/overseer/services";
in
{
lib,
config,
...
}:
lib.mkIf config.user.overseer.enable {
systemd.tmpfiles.rules = [
"d ${volumePath}/umami"
];
###########
# Service #
###########
sops = {
secrets = {
"umami/secret" = {};
"umami/db_url" = {};
"umami/db_pass" = {};
};
templates."umami-env".content = ''
APP_SECRET=${config.sops.placeholder."umami/secret"}
DATABASE_TYPE=postgresql
DATABASE_URL=${config.sops.placeholder."umami/db_url"}
'';
templates."umami-db".content = ''
POSTGRES_DB=umami
POSTGRES_USER=umami
POSTGRES_PASSWORD=${config.sops.placeholder."umami/db_pass"}
'';
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"umami.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "umami.wanderingcrow.net";
locations."/" = {
proxyPass = "http://10.88.0.6:3000";
proxyWebsockets = true;
};
locations."/script.js" = {
extraConfig = ''
deny 172.220.132.255;
'';
};
};
};
};
virtualisation.oci-containers = {
backend = "podman";
containers = {
"umami" = {
image = "ghcr.io/umami-software/umami:postgresql-latest";
dependsOn = ["umami-db"];
extraOptions = ["--ip=10.88.0.6"];
environmentFiles = [config.sops.templates."umami-env".path];
};
"umami-db" = {
image = "postgres:15-alpine";
volumes = ["${volumePath}/umami:/var/lib/postgresql/data"];
extraOptions = ["--ip=10.88.0.7"];
environmentFiles = [config.sops.templates."umami-db".path];
};
};
};
}

30
modules/users/overseer/services/vintagestory-server.nix
View file

@ -1,30 +0,0 @@
{
pkgs,
lib,
config,
...
}: let
modsPath = lib.mkDefault "";
firstAdmin = lib.mkDefault "";
serverDir = lib.mkDefault "/var/lib/vintagestory-server";
in {
environment.systemPackages = [
pkgs.vintagestory
];
systemd.services."vintagestory-server" = {
enable = lib.mkDefault true;
description = "Vintage Story Server";
after = ["network.target"];
wantedBy = ["multi-user.target"];
path = ["${pkgs.vintagestory}"];
serviceConfig = {
WorkingDirectory = "${serverDir}";
Restart = "always";
RestartSec = "30";
StandardOutput = "syslog";
StandardError = "syslog";
SyslogIdentifier = "VSSRV";
};
};
}

26
modules/users/overseer/setup.nix
View file

@ -1,26 +0,0 @@
let
volumePath = "/overseer/services";
in
{
lib,
inputs,
config,
pkgs,
...
}:
lib.mkIf config.user.overseer.enable {
# Base dir
systemd.tmpfiles.rules = [
"d ${volumePath}"
"D ${volumePath}/tmp - - - 30m"
];
# NGINX Ports
networking.firewall.allowedTCPPorts = [
443
80
];
# Pin virtualisation backend to podman
virtualisation.oci-containers.backend = "podman";
}

16
modules/users/overseer/user.nix
View file

@ -1,16 +0,0 @@
{
inputs,
lib,
config,
...
}: {
config.users.users.overseer = lib.mkIf config.user.overseer.enable {
isNormalUser = true;
initialPassword = "changeme";
extraGroups = ["wheel" "libvirtd"];
openssh.authorizedKeys.keyFiles = [
inputs.nix-secrets.keys.default
inputs.nix-secrets.keys.overseer
];
};
}

20
shell.nix
View file

@ -1,20 +0,0 @@
{pkgs ? import <nixpkgs> {}, ...}: {
default = pkgs.mkShell {
NIX_CONFIG = "extra-experimental-features = nix-command flakes";
DIGITALOCEAN_TOKEN = builtins.readFile /run/secrets/digitalocean/token;
CLOUDFLARE_API_TOKEN = builtins.readFile /run/secrets/cloudflare/token;
AWS_PROFILE = "wce";
B2_APPLICATION_KEY_ID = builtins.readFile /run/secrets/backblaze/id;
B2_APPLICATION_KEY = builtins.readFile /run/secrets/backblaze/key;
nativeBuildInputs = with pkgs; [
git
vim
terraform
doctl
awscli2
];
shellHook = ''
nix build .#terranix.wce -o config.tf.json
'';
};
}