From ff0f7eba26214a0ef8014facdaea400535bb8790 Mon Sep 17 00:00:00 2001 From: Richie Cahill Date: Tue, 11 Feb 2025 21:43:01 -0500 Subject: [PATCH] boot strapping --- .github/workflows/build_systems.yml | 1 + flake.nix | 6 + systems/brendans-system/default.nix | 37 +++ systems/brendans-system/hardware.nix | 69 +++++ systems/brendans-system/nvidia.nix | 14 + systems/brendans-system/programs.nix | 6 + users/brendan/default.nix | 49 ++++ users/brendan/home/cli/default.nix | 9 + users/brendan/home/cli/direnv.nix | 8 + users/brendan/home/cli/git.nix | 12 + users/brendan/home/cli/zsh.nix | 29 ++ users/brendan/home/global.nix | 21 ++ users/brendan/home/gui/default.nix | 28 ++ users/brendan/home/gui/firefox/default.nix | 255 ++++++++++++++++++ users/brendan/home/gui/firefox/github.svg | 3 + users/brendan/home/gui/firefox/kagi.png | Bin 0 -> 924 bytes .../home/gui/firefox/search_engines.nix | 84 ++++++ users/brendan/home/gui/vscode/default.nix | 19 ++ .../home/gui/vscode/extension_manager.py | 68 +++++ .../brendan/home/gui/vscode/keybindings.json | 20 ++ users/brendan/home/gui/vscode/settings.json | 71 +++++ users/brendan/home/programs.nix | 16 ++ users/brendan/home/ssh_config.nix | 41 +++ users/brendan/systems/brendans-system.nix | 6 + users/secrets.yaml | 7 +- 25 files changed, 876 insertions(+), 3 deletions(-) create mode 100644 systems/brendans-system/default.nix create mode 100644 systems/brendans-system/hardware.nix create mode 100644 systems/brendans-system/nvidia.nix create mode 100644 systems/brendans-system/programs.nix create mode 100644 users/brendan/default.nix create mode 100644 users/brendan/home/cli/default.nix create mode 100644 users/brendan/home/cli/direnv.nix create mode 100644 users/brendan/home/cli/git.nix create mode 100644 users/brendan/home/cli/zsh.nix create mode 100644 users/brendan/home/global.nix create mode 100644 users/brendan/home/gui/default.nix create mode 100644 users/brendan/home/gui/firefox/default.nix create mode 100644 users/brendan/home/gui/firefox/github.svg create mode 100644 users/brendan/home/gui/firefox/kagi.png create mode 100644 users/brendan/home/gui/firefox/search_engines.nix create mode 100644 users/brendan/home/gui/vscode/default.nix create mode 100644 users/brendan/home/gui/vscode/extension_manager.py create mode 100644 users/brendan/home/gui/vscode/keybindings.json create mode 100644 users/brendan/home/gui/vscode/settings.json create mode 100644 users/brendan/home/programs.nix create mode 100644 users/brendan/home/ssh_config.nix create mode 100644 users/brendan/systems/brendans-system.nix diff --git a/.github/workflows/build_systems.yml b/.github/workflows/build_systems.yml index 98cad34..05a1b77 100644 --- a/.github/workflows/build_systems.yml +++ b/.github/workflows/build_systems.yml @@ -15,6 +15,7 @@ jobs: - "bob" - "jeeves" - "rhapsody-in-green" + - "brendans-system" steps: - uses: actions/checkout@v4 - name: Build default package diff --git a/flake.nix b/flake.nix index ef3daee..649406f 100644 --- a/flake.nix +++ b/flake.nix @@ -97,6 +97,12 @@ ]; specialArgs = { inherit inputs outputs; }; }; + brendans-system = lib.nixosSystem { + modules = [ + ./systems/brendans-system + ]; + specialArgs = { inherit inputs outputs; }; + }; }; }; } diff --git a/systems/brendans-system/default.nix b/systems/brendans-system/default.nix new file mode 100644 index 0000000..bea964a --- /dev/null +++ b/systems/brendans-system/default.nix @@ -0,0 +1,37 @@ +{ + imports = [ + ../../users/brendan + ../../common/global + ../../common/optional/desktop.nix + ../../common/optional/docker.nix + ../../common/optional/steam.nix + ../../common/optional/systemd-boot.nix + ../../common/optional/update.nix + ../../common/optional/zerotier.nix + ./hardware.nix + ./nvidia.nix + ./programs.nix + ]; + + networking = { + hostName = "bob"; + hostId = "7c678a41"; + firewall.enable = true; + networkmanager.enable = true; + }; + + services = { + displayManager = { + enable = true; + autoLogin = { + user = "gaming"; + enable = true; + }; + defaultSession = "plasma"; + }; + + openssh.ports = [ 262 ]; + }; + + system.stateVersion = "24.05"; +} diff --git a/systems/brendans-system/hardware.nix b/systems/brendans-system/hardware.nix new file mode 100644 index 0000000..c278c69 --- /dev/null +++ b/systems/brendans-system/hardware.nix @@ -0,0 +1,69 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot = { + initrd = { + availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + kernelModules = [ ]; + luks.devices."luks-root-pool-nvme-Samsung_SSD_990_PRO_with_Heatsink_1TB_S73JNJ0X114418B-part2" = { + device = "/dev/disk/by-id/nvme-Samsung_SSD_990_PRO_with_Heatsink_1TB_S73JNJ0X114418B-part2"; + bypassWorkqueues = true; + allowDiscards = true; + keyFileSize = 4096; + keyFile = "/dev/disk/by-id/usb-Samsung_Flash_Drive_FIT_0374620080067131-0:0"; + }; + }; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + }; + + fileSystems = { + "/" = lib.mkDefault { + device = "root_pool/root"; + fsType = "zfs"; + }; + + "/home" = { + device = "root_pool/home"; + fsType = "zfs"; + }; + + "/var" = { + device = "root_pool/var"; + fsType = "zfs"; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/609D-FF29"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; + + swapDevices = [ ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/systems/brendans-system/nvidia.nix b/systems/brendans-system/nvidia.nix new file mode 100644 index 0000000..4ae4e3b --- /dev/null +++ b/systems/brendans-system/nvidia.nix @@ -0,0 +1,14 @@ +{ config, ... }: +{ + services.xserver.videoDrivers = [ "nvidia" ]; + hardware = { + nvidia = { + modesetting.enable = true; + powerManagement.enable = true; + package = config.boot.kernelPackages.nvidiaPackages.beta; + nvidiaSettings = true; + open = true; + }; + nvidia-container-toolkit.enable = true; + }; +} diff --git a/systems/brendans-system/programs.nix b/systems/brendans-system/programs.nix new file mode 100644 index 0000000..b5a566b --- /dev/null +++ b/systems/brendans-system/programs.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: +{ + environment.systemPackages = with pkgs; [ + jellyfin-media-player + ]; +} diff --git a/users/brendan/default.nix b/users/brendan/default.nix new file mode 100644 index 0000000..d2fc3ac --- /dev/null +++ b/users/brendan/default.nix @@ -0,0 +1,49 @@ +{ + pkgs, + config, + ... +}: +let + ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups; +in +{ + + sops.secrets.brendan_password = { + sopsFile = ../secrets.yaml; + neededForUsers = true; + }; + + users = { + users.brendan = { + isNormalUser = true; + + hashedPasswordFile = "${config.sops.secrets.brendan_password.path}"; + + shell = pkgs.zsh; + group = "brendan"; + extraGroups = + [ + "audio" + "video" + "wheel" + "users" + ] + ++ ifTheyExist [ + "dialout" + "docker" + "hass" + "libvirtd" + "networkmanager" + "plugdev" + "scanner" + "uaccess" + "wireshark" + ]; + uid = 1001; + }; + + groups.brendan.gid = 1001; + }; + + home-manager.users.brendan = import ./systems/${config.networking.hostName}.nix; +} diff --git a/users/brendan/home/cli/default.nix b/users/brendan/home/cli/default.nix new file mode 100644 index 0000000..863c25f --- /dev/null +++ b/users/brendan/home/cli/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ + ./direnv.nix + ./git.nix + ./zsh.nix + ]; + + programs.starship.enable = true; +} diff --git a/users/brendan/home/cli/direnv.nix b/users/brendan/home/cli/direnv.nix new file mode 100644 index 0000000..75129d9 --- /dev/null +++ b/users/brendan/home/cli/direnv.nix @@ -0,0 +1,8 @@ +{ + + programs.direnv = { + enable = true; + enableZshIntegration = true; + nix-direnv.enable = true; + }; +} diff --git a/users/brendan/home/cli/git.nix b/users/brendan/home/cli/git.nix new file mode 100644 index 0000000..70d5c29 --- /dev/null +++ b/users/brendan/home/cli/git.nix @@ -0,0 +1,12 @@ +{ + programs.git = { + enable = true; + userEmail = "XXXXXXXXXXXXXXXXX"; + userName = "XXXXXXXXXXXXXXXXX"; + extraConfig = { + pull.rebase = true; + color.ui = true; + }; + lfs.enable = true; + }; +} diff --git a/users/brendan/home/cli/zsh.nix b/users/brendan/home/cli/zsh.nix new file mode 100644 index 0000000..03535b9 --- /dev/null +++ b/users/brendan/home/cli/zsh.nix @@ -0,0 +1,29 @@ +{ + programs.zsh = { + enable = true; + syntaxHighlighting.enable = true; + history.size = 10000; + oh-my-zsh = { + enable = true; + plugins = [ + "git" + "docker" + "docker-compose" + "colored-man-pages" + "rust" + "systemd" + "tmux" + "ufw" + "z" + ]; + }; + shellAliases = { + "lrt" = "eza --icons -lsnew"; + "ls" = "eza"; + "ll" = "eza --long --group"; + "la" = "eza --all"; + + "rebuild" = "sudo nixos-rebuild switch --flake /home/brendan/dotfiles#$HOST"; + }; + }; +} diff --git a/users/brendan/home/global.nix b/users/brendan/home/global.nix new file mode 100644 index 0000000..6190f47 --- /dev/null +++ b/users/brendan/home/global.nix @@ -0,0 +1,21 @@ +{ config, ... }: +{ + imports = [ + ./cli + ./programs.nix + ]; + + programs = { + home-manager.enable = true; + git.enable = true; + }; + + home = { + username = "brendan"; + homeDirectory = "/home/${config.home.username}"; + stateVersion = "24.05"; + sessionVariables = { + FLAKE = "$HOME/dotfiles"; + }; + }; +} diff --git a/users/brendan/home/gui/default.nix b/users/brendan/home/gui/default.nix new file mode 100644 index 0000000..0144ea9 --- /dev/null +++ b/users/brendan/home/gui/default.nix @@ -0,0 +1,28 @@ +{ pkgs, ... }: +{ + imports = [ + ./firefox + ./vscode + ]; + + home.packages = with pkgs; [ + candy-icons + chromium + discord-canary + gimp + gparted + mediainfo + nemo + nemo-fileroller + obs-studio + obsidian + prismlauncher + proxychains + prusa-slicer + signal-desktop + sweet-nova + util-linux + vlc + zoom-us + ]; +} diff --git a/users/brendan/home/gui/firefox/default.nix b/users/brendan/home/gui/firefox/default.nix new file mode 100644 index 0000000..b3f42b4 --- /dev/null +++ b/users/brendan/home/gui/firefox/default.nix @@ -0,0 +1,255 @@ +{ inputs, ... }: +{ + imports = [ ./search_engines.nix ]; + + programs.firefox = { + enable = true; + profiles.richie = { + extensions = with inputs.firefox-addons.packages.x86_64-linux; [ + bitwarden + darkreader + dearrow + fastforwardteam + return-youtube-dislikes + sponsorblock + ublock-origin + ]; + search = { + force = true; + default = "kagi"; + order = [ + "kagi" + "DuckDuckGo" + "Google" + ]; + }; + settings = { + # SECTION: FASTFOX + # GENERAL + "content.notify.interval" = 100000; + + # GFX + "gfx.canvas.accelerated.cache-items" = 4096; + "gfx.canvas.accelerated.cache-size" = 512; + "gfx.content.skia-font-cache-size" = 20; + + # DISK CACHE + "browser.cache.jsbc_compression_level" = 3; + + # MEDIA CACHE + "media.memory_cache_max_size" = 65536; + "media.cache_readahead_limit" = 7200; + "media.cache_resume_threshold" = 3600; + + # IMAGE CACHE + "image.mem.decode_bytes_at_a_time" = 32768; + + # NETWORK + "network.buffer.cache.size" = 262144; + "network.buffer.cache.count" = 128; + "network.http.max-connections" = 1800; + "network.http.max-persistent-connections-per-server" = 10; + "network.http.max-urgent-start-excessive-connections-per-host" = 5; + "network.http.pacing.requests.enabled" = false; + "network.dnsCacheExpiration" = 3600; + "network.dns.max_high_priority_threads" = 8; + "network.ssl_tokens_cache_capacity" = 10240; + + # SPECULATIVE LOADING + "network.dns.disablePrefetch" = true; + "network.prefetch-next" = false; + "network.predictor.enabled" = false; + + # EXPERIMENTAL + "layout.css.grid-template-masonry-value.enabled" = true; + "dom.enable_web_task_scheduling" = true; + "layout.css.has-selector.enabled" = true; + "dom.security.sanitizer.enabled" = true; + + # SECTION: SECUREFOX + # TRACKING PROTECTION + "browser.contentblocking.category" = "strict"; + "urlclassifier.trackingSkipURLs" = "*.reddit.com, *.twitter.com, *.twimg.com, *.tiktok.com"; + "urlclassifier.features.socialtracking.skipURLs" = "*.instagram.com, *.twitter.com, *.twimg.com"; + "network.cookie.sameSite.noneRequiresSecure" = true; + "browser.download.start_downloads_in_tmp_dir" = true; + "browser.helperApps.deleteTempFileOnExit" = true; + "browser.uitour.enabled" = false; + "privacy.globalprivacycontrol.enabled" = true; + + # OCSP & CERTS / HPKP + "security.OCSP.enabled" = 0; + "security.remote_settings.crlite_filters.enabled" = true; + "security.pki.crlite_mode" = 2; + + # SSL / TLS + "security.ssl.treat_unsafe_negotiation_as_broken" = true; + "browser.xul.error_pages.expert_bad_cert" = true; + "security.tls.enable_0rtt_data" = false; + + # DISK AVOIDANCE + "browser.privatebrowsing.forceMediaMemoryCache" = true; + "browser.sessionstore.interval" = 60000; + + # SHUTDOWN & SANITIZING + "privacy.history.custom" = true; + + # SEARCH / URL BAR + "browser.search.separatePrivateDefault.ui.enabled" = true; + "browser.urlbar.update2.engineAliasRefresh" = true; + # PREF: restore search engine suggestions + "browser.search.suggest.enabled" = true; + "browser.urlbar.suggest.quicksuggest.sponsored" = false; + "browser.urlbar.suggest.quicksuggest.nonsponsored" = false; + "browser.formfill.enable" = false; + "security.insecure_connection_text.enabled" = true; + "security.insecure_connection_text.pbmode.enabled" = true; + "network.IDN_show_punycode" = true; + + # HTTPS-FIRST POLICY + "dom.security.https_first" = true; + "dom.security.https_first_schemeless" = true; + + # PASSWORDS + "signon.formlessCapture.enabled" = false; + "signon.rememberSignons" = false; + "signon.privateBrowsingCapture.enabled" = false; + "network.auth.subresource-http-auth-allow" = 1; + "editor.truncate_user_pastes" = false; + + # MIXED CONTENT + CROSS-SITE + "security.mixed_content.block_display_content" = true; + "security.mixed_content.upgrade_display_content" = true; + "security.mixed_content.upgrade_display_content.image" = true; + "pdfjs.enableScripting" = false; + "extensions.postDownloadThirdPartyPrompt" = false; + + # HEADERS / REFERERS + "network.http.referer.XOriginTrimmingPolicy" = 2; + + # CONTAINERS + "privacy.userContext.ui.enabled" = true; + + # WEBRTC + "media.peerconnection.ice.proxy_only_if_behind_proxy" = true; + "media.peerconnection.ice.default_address_only" = true; + + # SAFE BROWSING + "browser.safebrowsing.downloads.remote.enabled" = false; + + # MOZILLA + # PREF: allow websites to ask you to receive site notifications + "permissions.default.desktop-notification" = 0; # allow websites to ask + # PREF: allow websites to ask you for your location + "permissions.default.geo" = 0; + "geo.provider.network.url" = + "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"; + "permissions.manager.defaultsUrl" = ""; + "webchannel.allowObject.urlWhitelist" = ""; + + # TELEMETRY + "datareporting.policy.dataSubmissionEnabled" = false; + "datareporting.healthreport.uploadEnabled" = false; + "toolkit.telemetry.unified" = false; + "toolkit.telemetry.enabled" = false; + "toolkit.telemetry.server" = "data:,"; + "toolkit.telemetry.archive.enabled" = false; + "toolkit.telemetry.newProfilePing.enabled" = false; + "toolkit.telemetry.shutdownPingSender.enabled" = false; + "toolkit.telemetry.updatePing.enabled" = false; + "toolkit.telemetry.bhrPing.enabled" = false; + "toolkit.telemetry.firstShutdownPing.enabled" = false; + "toolkit.telemetry.coverage.opt-out" = true; + "toolkit.coverage.opt-out" = true; + "toolkit.coverage.endpoint.base" = ""; + "browser.ping-centre.telemetry" = false; + "browser.newtabpage.activity-stream.feeds.telemetry" = false; + "browser.newtabpage.activity-stream.telemetry" = false; + + # EXPERIMENTS + "app.shield.optoutstudies.enabled" = false; + "app.normandy.enabled" = false; + "app.normandy.api_url" = ""; + + # CRASH REPORTS + "breakpad.reportURL" = ""; + "browser.tabs.crashReporting.sendReport" = false; + "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; + + # DETECTION + "captivedetect.canonicalURL" = ""; + "network.captive-portal-service.enabled" = false; + "network.connectivity-service.enabled" = false; + + # SECTION: PESKYFOX + # MOZILLA UI + "browser.privatebrowsing.vpnpromourl" = ""; + "extensions.getAddons.showPane" = false; + "extensions.htmlaboutaddons.recommendations.enabled" = false; + "browser.discovery.enabled" = false; + "browser.shell.checkDefaultBrowser" = false; + "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false; + "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false; + "browser.preferences.moreFromMozilla" = false; + "browser.tabs.tabmanager.enabled" = false; + "browser.aboutConfig.showWarning" = false; + "browser.aboutwelcome.enabled" = false; + + # THEME ADJUSTMENTS + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + "browser.compactmode.show" = true; + "browser.display.focus_ring_on_anything" = true; + "browser.display.focus_ring_style" = 0; + "browser.display.focus_ring_width" = 0; + "layout.css.prefers-color-scheme.content-override" = 2; + + # COOKIE BANNER HANDLING + "cookiebanners.service.mode" = 1; + "cookiebanners.service.mode.privateBrowsing" = 1; + + # FULLSCREEN NOTICE + "full-screen-api.transition-duration.enter" = "0 0"; + "full-screen-api.transition-duration.leave" = "0 0"; + "full-screen-api.warning.delay" = -1; + "full-screen-api.warning.timeout" = 0; + + # URL BAR + "browser.urlbar.suggest.calculator" = true; + "browser.urlbar.unitConversion.enabled" = true; + "browser.urlbar.trending.featureGate" = false; + + # NEW TAB PAGE + "browser.newtabpage.activity-stream.feeds.topsites" = false; + "browser.newtabpage.activity-stream.feeds.section.topstories" = false; + + # POCKET + "extensions.pocket.enabled" = false; + + # DOWNLOADS + "browser.download.always_ask_before_handling_new_types" = true; + "browser.download.manager.addToRecentDocs" = false; + + # PDF + "browser.download.open_pdf_attachments_inline" = true; + + # TAB BEHAVIOR + "browser.bookmarks.openInTabClosesMenu" = false; + "browser.menu.showViewImageInfo" = true; + "findbar.highlightAll" = true; + "layout.word_select.eat_space_to_next_word" = false; + + # SECTION: MY OVERRIDES + "browser.startup.homepage" = "https://google.com"; + "identity.fxaccounts.enabled" = false; + + # SECTION SMOOTHFOX + # OPTION: SHARPEN SCROLLING * + "apz.overscroll.enabled" = true; # DEFAULT NON-LINUX + "mousewheel.min_line_scroll_amount" = 10; # 10-40; adjust this number to your liking; default=5 + "general.smoothScroll.mouseWheel.durationMinMS" = 80; # default=50 + "general.smoothScroll.currentVelocityWeighting" = "0.15"; # default=.25 + "general.smoothScroll.stopDecelerationWeighting" = "0.6"; # default=.4 + }; + }; + }; +} diff --git a/users/brendan/home/gui/firefox/github.svg b/users/brendan/home/gui/firefox/github.svg new file mode 100644 index 0000000..1159a10 --- /dev/null +++ b/users/brendan/home/gui/firefox/github.svg @@ -0,0 +1,3 @@ + + + diff --git a/users/brendan/home/gui/firefox/kagi.png b/users/brendan/home/gui/firefox/kagi.png new file mode 100644 index 0000000000000000000000000000000000000000..9f6067f35895b2fe71cf98016eb4d5623124ff74 GIT binary patch literal 924 zcmeAS@N?(olHy`uVBq!ia0y~yU{C;I4mJh`hT^KKFANL}jKx9jP7LeL$-HD>U=H(i zaSVxY-#a}shc{5VVE(}IqO`Lk|3a!nw+<%Z@~n@$eLOC26wS)N+cZUt2fNYzZ3 z5TP_tiKEsrAX+#iC@E7@zQtv=qsdkGty{wLj=$bBG5wj{T#NX7v#ZbloqvC(rSbO| z$BvUa?^6U`I@mPbxL_&%k9~s3gT$>fe%Yz7P`@J2$y9&Gbb@dU#}Y-wO&>-5MHF}$ z>hFC0FTO|bd(J~`KLMlD)>4Xj*$KPf2k9>7nt9bu{9u6jmDBqU{_?T-e<0wt6}wp9 z=D=w-0+;UZlX(?ikZ*VBhHt>n!#pb(1p*j8#c$d_ncuSY*eOlsgoBPhmIQGcx-%#! zF-*NXNx9(XMBAeFunTv&i`@@=IrwegErz4>6W^q1tluEsBUF%YU6Qr9Jbo)fR+d5? z>k6gI8^wGVC@?QtG-vNt2D5oh%I0g6I{zwWiiBKu2$P$0cI&zIGuX73?`9F0o+D~C zi-}9&%Ad*&FE*5}`O*Knz@o2w!5i%_ex}n`rO)22T$AQ}X~B!lmf<_(XC1$?nL~ab z+kL;_lzSdGCX2+C{0w}(_`~vp3)X#QsrbluEZ@+z?Q27^_TlbxcbLD&&nz~-yfD1I zifP5ug{Bv_2-=)(IL5o?P~&@p1kswcCdXq}GOAwB)eH%ldFZ3;!&6or-z1XlS0_F) z)6g-hjXEy1!0%Z^i`RlBB5dmlCv7^n--=;l@7(Jdj57OKUmMLm+9Y>c?eHzhs(*b9 z+qo0&)!7<8-I}Pj#OKoY?W`*%UQid^*HY8;KDXIa{o%=Ijz9OruPoo5pKdXY$&mMJ zv$lV9!}5H^!rhuTcIw{Y-`S@VQjs6su)4pu)-L00(t}i%erNUzVh`SV&)9lhYw`tt zwlYrryIW;fgopfnHA}bQ*6&c>6|(w5()Wb@mNy;meOqx~^+v7Xqz}vTFDeRb?frk> zxAf>!zvT;r%N73iY<+meah5I5H{A_ic`~*?4Yhw*tLc$>C+g~3lMfDuGag6vs>`>{ zd7kEAI&VJXD^uR=t+_v0-;3Bhn&jtZWfvQ?VAZV`oZ{*S{ur9AULy1PcgC}`Y=&{_ z4U^B$=D%QcP3^T6W2N&CFSQmKzrEM*HWf6nR5HhVI^BI}vSY!wIUP4z74G$3p2X@R m#K0v`)cs*<4BxrGOneS18`NXGIvE%k7(8A5T-G@yGywof(xmAC literal 0 HcmV?d00001 diff --git a/users/brendan/home/gui/firefox/search_engines.nix b/users/brendan/home/gui/firefox/search_engines.nix new file mode 100644 index 0000000..898ee80 --- /dev/null +++ b/users/brendan/home/gui/firefox/search_engines.nix @@ -0,0 +1,84 @@ +{ pkgs, ... }: +{ + programs.firefox.profiles.richie.search.engines = { + "Nix Options" = { + urls = [ + { + template = "https://search.nixos.org/options"; + params = [ + { + name = "type"; + value = "packages"; + } + { + name = "channel"; + value = "unstable"; + } + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@o" ]; + }; + "Nix Packages" = { + urls = [ + { + template = "https://search.nixos.org/packages"; + params = [ + { + name = "type"; + value = "packages"; + } + { + name = "channel"; + value = "unstable"; + } + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@n" ]; + }; + "kagi" = { + urls = [ + { + template = "https://kagi.com/search?"; + params = [ + { + name = "q"; + value = "{searchTerms}"; + } + ]; + } + ]; + icon = ./kagi.png; + }; + github = { + urls = [ + { + template = "https://github.com/search?"; + params = [ + { + name = "q"; + value = "{searchTerms}"; + } + { + name = "type"; + value = "code"; + } + ]; + } + ]; + icon = ./github.svg; + definedAliases = [ "@g" ]; + }; + }; +} diff --git a/users/brendan/home/gui/vscode/default.nix b/users/brendan/home/gui/vscode/default.nix new file mode 100644 index 0000000..eb3d599 --- /dev/null +++ b/users/brendan/home/gui/vscode/default.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ... }: +let + vscode_dir = "/home/richie/projects/nix-dotfiles/users/richie/home/gui/vscode"; +in +{ + # mutable symlinks to key binds and settings + xdg.configFile."Code/User/settings.json".source = + config.lib.file.mkOutOfStoreSymlink "${vscode_dir}/settings.json"; + xdg.configFile."Code/User/keybindings.json".source = + config.lib.file.mkOutOfStoreSymlink "${vscode_dir}/keybindings.json"; + + home.packages = with pkgs; [ nil ]; + + programs.vscode = { + enable = true; + package = pkgs.vscode; + mutableExtensionsDir = true; + }; +} diff --git a/users/brendan/home/gui/vscode/extension_manager.py b/users/brendan/home/gui/vscode/extension_manager.py new file mode 100644 index 0000000..8a4162c --- /dev/null +++ b/users/brendan/home/gui/vscode/extension_manager.py @@ -0,0 +1,68 @@ +from subprocess import run + + +def get_installed_extensions(): + process = run("code --list-extensions".split(), check=True, capture_output=True) + return set(process.stdout.decode("utf-8").strip().split("\n")) + + +def main(): + print("starting vscode extension manager") + + extensions = { + # vscode + "ms-azuretools.vscode-docker", + "ms-vscode-remote.remote-containers", + "ms-vscode-remote.remote-ssh-edit", + "ms-vscode-remote.remote-ssh", + "ms-vscode.hexeditor", + "ms-vscode.remote-explorer", + "ms-vsliveshare.vsliveshare", + "oderwat.indent-rainbow", + "usernamehw.errorlens", + # git + "codezombiech.gitignore", + "eamodio.gitlens", + "gitHub.vscode-github-actions", + # python + "charliermarsh.ruff", + "ms-python.python", + "ms-python.vscode-pylance", + "ms-python.debugpy", + # rust + "rust-lang.rust-analyzer", + # MD + "davidanson.vscode-markdownlint", + "yzhang.markdown-all-in-one", + # configs + "redhat.vscode-yaml", + "tamasfe.even-better-toml", + # shell + "timonwong.shellcheck", + "foxundermoon.shell-format", + # nix + "jnoortheen.nix-ide", + # database + "mtxr.sqltools-driver-pg", + "mtxr.sqltools", + # other + "esbenp.prettier-vscode", + "mechatroner.rainbow-csv", + "streetsidesoftware.code-spell-checker", + "supermaven.supermaven", + } + + installed_extensions = get_installed_extensions() + + missing_extensions = extensions.difference(installed_extensions) + for extension in missing_extensions: + run(f"code --install-extension {extension} --force".split(), check=True) + + if extra_extensions := installed_extensions.difference(extensions): + print(f"Extra extensions installed: {extra_extensions}") + + print("vscode extension manager finished") + + +if __name__ == "__main__": + main() diff --git a/users/brendan/home/gui/vscode/keybindings.json b/users/brendan/home/gui/vscode/keybindings.json new file mode 100644 index 0000000..091d316 --- /dev/null +++ b/users/brendan/home/gui/vscode/keybindings.json @@ -0,0 +1,20 @@ +[ + { + "key": "shift+alt+f", + "command": "editor.action.formatDocument", + "when": "editorHasDocumentFormattingProvider && editorTextFocus && !editorReadonly && !inCompositeEditor" + }, + { + "key": "alt+a d", + "command": "cSpell.addWordToWorkspaceSettings" + }, + { + "key": "ctrl+shift+`", + "command": "workbench.action.createTerminalEditor" + }, + { + "key": "ctrl+shift+`", + "command": "-workbench.action.terminal.new", + "when": "terminalProcessSupported || terminalWebExtensionContributedProfile" + } +] diff --git a/users/brendan/home/gui/vscode/settings.json b/users/brendan/home/gui/vscode/settings.json new file mode 100644 index 0000000..c94fec9 --- /dev/null +++ b/users/brendan/home/gui/vscode/settings.json @@ -0,0 +1,71 @@ +{ + // vscode settings + "diffEditor.ignoreTrimWhitespace": false, + "editor.formatOnSave": true, + "editor.minimap.renderCharacters": false, + "editor.minimap.showSlider": "always", + "explorer.confirmDelete": false, + "explorer.confirmDragAndDrop": false, + "explorer.confirmPasteNative": false, + "files.autoSave": "afterDelay", + "git.autofetch": true, + "git.confirmSync": false, + "git.fetchOnPull": true, + "git.pruneOnFetch": true, + "terminal.integrated.scrollback": 10000, + "update.mode": "none", + "workbench.colorTheme": "Default Dark+", + + // turns off all sounds and announcements + "accessibility.signals.terminalCommandFailed": { + "sound": "off", + "announcement": "off" + }, + "accessibility.signals.terminalQuickFix": { + "sound": "off", + "announcement": "off" + }, + "accessibility.signals.terminalBell": { + "sound": "off", + "announcement": "off" + }, + + // database settings + "sqltools.connections": [ + { + "previewLimit": 50, + "server": "192.168.90.40", + "port": 5432, + "askForPassword": true, + "driver": "PostgreSQL", + "name": "main", + "database": "postgres", + "username": "richie" + } + ], + + // formatters + "[html]": { "editor.defaultFormatter": "esbenp.prettier-vscode" }, + "[jsonc]": { "editor.defaultFormatter": "esbenp.prettier-vscode" }, + "[markdown]": { "editor.defaultFormatter": "esbenp.prettier-vscode" }, + "[nix]": { "editor.defaultFormatter": "jnoortheen.nix-ide" }, + "[python]": { "editor.defaultFormatter": "charliermarsh.ruff" }, + "[yaml]": { "editor.defaultFormatter": "redhat.vscode-yaml" }, + + // spell check + "cSpell.enabled": true, + "cSpell.language": "en,en-US", + "cSpell.enableFiletypes": ["bat", "csv", "nix", "toml"], + "cSpell.userWords": ["Cahill", "syncthing"], + + // nix + "nix.enableLanguageServer": true, + "nix.serverPath": "nil", + + // force the use of rust-analyzer from dev shell + "rust-analyzer.server.path": "rust-analyzer", + "redhat.telemetry.enabled": true, + "gitlens.plusFeatures.enabled": false, + // new + "hediet.vscode-drawio.resizeImages": null +} diff --git a/users/brendan/home/programs.nix b/users/brendan/home/programs.nix new file mode 100644 index 0000000..f39bc57 --- /dev/null +++ b/users/brendan/home/programs.nix @@ -0,0 +1,16 @@ +{ pkgs, ... }: +{ + home.packages = with pkgs; [ + # python + poetry + python313 + ruff + # nix + nix-init + nix-output-monitor + nix-prefetch + nix-tree + nixfmt-rfc-style + treefmt + ]; +} diff --git a/users/brendan/home/ssh_config.nix b/users/brendan/home/ssh_config.nix new file mode 100644 index 0000000..e36226f --- /dev/null +++ b/users/brendan/home/ssh_config.nix @@ -0,0 +1,41 @@ +{ + programs.ssh = { + enable = true; + + matchBlocks = { + jeeves = { + hostname = "192.168.90.40"; + user = "richie"; + identityFile = "~/.ssh/id_ed25519"; + port = 629; + dynamicForwards = [ { port = 9050; } ]; + }; + unlock-jeeves = { + hostname = "192.168.95.14"; + user = "root"; + identityFile = "~/.ssh/id_ed25519"; + port = 2222; + }; + jeevesjr = { + hostname = "192.168.90.35"; + user = "richie"; + identityFile = "~/.ssh/id_ed25519"; + port = 352; + dynamicForwards = [ { port = 9050; } ]; + }; + bob = { + hostname = "192.168.90.25"; + user = "richie"; + identityFile = "~/.ssh/id_ed25519"; + port = 262; + dynamicForwards = [ { port = 9050; } ]; + }; + rhapsody-in-green = { + hostname = "192.168.90.221"; + user = "richie"; + identityFile = "~/.ssh/id_ed25519"; + port = 922; + }; + }; + }; +} diff --git a/users/brendan/systems/brendans-system.nix b/users/brendan/systems/brendans-system.nix new file mode 100644 index 0000000..b1d9590 --- /dev/null +++ b/users/brendan/systems/brendans-system.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ../home/global.nix + ../home/gui + ]; +} diff --git a/users/secrets.yaml b/users/secrets.yaml index 099d422..b0d2a15 100644 --- a/users/secrets.yaml +++ b/users/secrets.yaml @@ -1,3 +1,4 @@ +brendan_password: ENC[AES256_GCM,data:KGDUpvtRBCdJpT/YyaXGy1v/ijuDrphZ+bceMDonVU7/PGhOt3zv4b9v4lcaA/E+RsTPvp7tOJX99LggSyjNxABkZy9MeOcjJA==,iv:23H9vY5LQXMtrKQCduQ8OMTPsNy52z5KG6bFHvZ95ms=,tag:B3cHKPUCtbib6ew+YtZw6A==,type:str] richie_password: ENC[AES256_GCM,data:DMi3M8aqrQ60APIofr8wJMh+VZ14hLRxz6jWZgzswr0pV/QVSX53ShBFr90ruO3mucOLYv0l+bI31covfqMAhXWBJp9wUgtC2Q==,iv:qgtn30hZfIL4dBnQSLkjbo7zPJA4m9TR0f52sTFc0v4=,tag:ydLbcGyXjv0fE+4b5ECX5w==,type:str] gaming_password: ENC[AES256_GCM,data:i692UsQaCOjE4V1y9d8yYDlK+TRMIprCHJkhl1UBZRMqe9a2LTUtmbbn/xlCYQd2tADJvn+dkx1jLfV4CqaqWOj5YSUFfpgsEw==,iv:3Y7hXQcmpzNN7hF+BDvO52uFB4o5D0dHvxemJ0ZoSIM=,tag:zzLGNDVAMCs2GPMqXp2BtQ==,type:str] sops: @@ -51,8 +52,8 @@ sops: UzQzWEFtSDJwR201cmZoeXh5T0RmSk0KWLOpw5cWbtnfVP/ISa7n1vZchoD+nxmn 7yr7igpEIro0Sd238KinOQYswVaT0NHB9p1dSW/mN+aGQliSNLzkDQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-01-07T20:13:43Z" - mac: ENC[AES256_GCM,data:Q5fmv+MRVYGUQ4j+28CcGWHmgT1178N+haVS9xa0c99OKuPZdfSndAG0QVDhh/jYq+7zXs6zzLtBjB+egkoDfxJXfJOmg3E46UMO3vDHaEcIZD16ZbWJaz4Z/+yabqhDURKtgfGiu4xPv3OtGbwcP5kud17WcHNfY/LT+Y+LSD8=,iv:y3K3kCroIh+RTplUe4tM8B9rbLgIHCbE6FJawngam8Q=,tag:2VTIWlLp4cOwm18BfIlz5g==,type:str] + lastmodified: "2025-02-12T02:37:13Z" + mac: ENC[AES256_GCM,data:TJsVuu7sevYmskFKj1V872A5NWZYQm5Ta6Ln6kdRYgJbn23EiGK2qRgI8OrM5RSA8MNXI8ggy5/Z3RiclszsLWMq6qO5rmiCR3ZKkThmeBwImw6kAEfSmwMTmVGAGO4KQcDV3eAyT/Q/kcVByEx72Dp8PsCIpd+Vmn33HCiRsYM=,iv:ndw86ofFW/GIBXe2f3HTRNWE5rD+5CJHsTKvfUkmPEY=,tag:rN76/5TCj90vsp/o4ju0pQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.9.2 + version: 3.9.4