Initial commit

2024-12-17 00:22:23 +03:00 · 2024-12-17 00:22:23 +03:00 · 1518f7007b
commit 1518f7007b
39 changed files with 1779 additions and 0 deletions
--- a/m/default.nix
+++ b/m/default.nix
@ -0,0 +1,16 @@
+{
+  imports = [
+    ./sddm.nix
+    ./sops.nix
+    ./hypr.nix
+    ./kde.nix
+    ./sys.nix
+    ./unfree.nix
+    ./firefox.nix
+    ./home
+    ./vpn
+    ./rust.nix
+
+    ./masters
+  ];
+}
--- a/m/firefox.nix
+++ b/m/firefox.nix
@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  firefox = config.maid.firefox;
+in
+{
+  options.maid.firefox = {
+    enable = lib.mkEnableOption "firefox";
+  };
+
+  config.programs.firefox = lib.mkIf firefox.enable {
+    enable = true;
+  };
+}
--- a/m/home/default.nix
+++ b/m/home/default.nix
@ -0,0 +1,18 @@
+{ inputs, config, lib, ... }:
+let
+  hm = config.maid.hm;
+  masters = config.maid.masters;
+in
+{
+  options.maid.hm = {
+    enable = lib.mkEnableOption "home-manager";
+  };
+
+  config.home-manager = lib.mkIf hm.enable {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+
+    extraSpecialArgs = { inherit inputs; };
+    users.nero = lib.mkIf masters.nero.enable (import ./nero);
+  };
+}
--- a/m/home/helix/default.nix
+++ b/m/home/helix/default.nix
@ -0,0 +1,28 @@
+{ pkgs, ... }:
+let
+  sonokai = import themes/sonokai;
+  langs = (import ./langs) pkgs;
+in
+{
+  programs.helix = {
+    enable = true;
+
+    settings = {
+      theme = "sonokai-andromeda";
+      editor.cursor-shape = {
+        normal = "block";
+        insert = "bar";
+        select = "underline";
+      };
+    };
+
+    languages = {
+      language-server.rust-analyzer.config = {
+        rust.analyzerTargetDir = true;
+      };
+    };
+    themes = {
+      sonokai-andromeda = sonokai "andromeda";
+    };
+  };
+}
--- a/m/home/helix/langs/default.nix
+++ b/m/home/helix/langs/default.nix
@ -0,0 +1,15 @@
+{ pkgs, ... }:
+rec {
+  use = name: (import ./${"${name}.nix"}) pkgs;
+  combine = lhs: rhs: {
+    lsp = (lhs.lsp or {}) // (rhs.lsp or {});
+    entries = (lhs.entries or []) ++ (rhs.entries or []);
+  };
+
+  intoHelixFormat = cfg: {
+    language-server = cfg.lsp;
+    language = cfg.entries;
+  };
+  useMany = langs: builtins.foldl' combine {} (map use langs);
+}
+
--- a/m/home/helix/langs/nix.nix
+++ b/m/home/helix/langs/nix.nix
@ -0,0 +1,15 @@
+{ pkgs, ... }:
+{
+  lsp.nixd = {
+    command = "${pkgs.nixd}/bin/nixd";
+  };
+  entries = [{
+    name = "Nix";
+    scope = "source.nix";
+    injection-regex = "nix";
+    file-types = ["nix"];
+    comment-tokens = "#";
+    indent = { tab-width = 2; unit = "  "; };
+    language-servers = [ "nixd" ];
+  }];
+}
--- a/m/home/helix/nigger.toml
+++ b/m/home/helix/nigger.toml
@ -0,0 +1,2 @@
+[a]
+b = 10
--- a/m/home/helix/themes/sonokai/default.nix
+++ b/m/home/helix/themes/sonokai/default.nix
@ -0,0 +1,179 @@
+palette:
+{
+  "attribute" = "purple";
+  "comment" = "grey";
+  "constant" = "purple";
+  "constant.character.escape" = "orange";
+  "constant.numeric" = "purple";
+  "constructor" = "blue";
+  "diagnostic" = { "underlined" = { "style" = "line"; }; };
+  "diagnostic.error" = {
+    "underline" = {
+      "color" = "red";
+      "style" = "curl";
+    };
+  };
+  "diagnostic.hint" = {
+    "underline" = {
+      "color" = "blue";
+      "style" = "dotted";
+    };
+  };
+  "diagnostic.info" = {
+    "underline" = {
+      "color" = "green";
+      "style" = "dotted";
+    };
+  };
+  "diagnostic.warning" = {
+    "underline" = {
+      "color" = "yellow";
+      "style" = "curl";
+    };
+  };
+  "diff.delta" = "orange";
+  "diff.minus" = "red";
+  "diff.plus" = "green";
+  "error" = "red";
+  "function" = "green";
+  "function.builtin" = "blue";
+  "function.macro" = "purple";
+  "hint" = "blue";
+  "info" = "green";
+  "keyword" = "red";
+  "keyword.directive" = "purple";
+  "label" = "orange";
+  "markup.bold" = { "modifiers" = [ "bold" ]; };
+  "markup.heading.1" = {
+    "fg" = "red";
+    "modifiers" = [ "bold" ];
+  };
+  "markup.heading.2" = {
+    "fg" = "orange";
+    "modifiers" = [ "bold" ];
+  };
+  "markup.heading.3" = {
+    "fg" = "yellow";
+    "modifiers" = [ "bold" ];
+  };
+  "markup.heading.4" = {
+    "fg" = "green";
+    "modifiers" = [ "bold" ];
+  };
+  "markup.heading.5" = {
+    "fg" = "blue";
+    "modifiers" = [ "bold" ];
+  };
+  "markup.heading.6" = {
+    "fg" = "fg";
+    "modifiers" = [ "bold" ];
+  };
+  "markup.heading.marker" = "grey";
+  "markup.italic" = { "modifiers" = [ "italic" ]; };
+  "markup.link.text" = "purple";
+  "markup.link.url" = {
+    "fg" = "blue";
+    "modifiers" = [ "underlined" ];
+  };
+  "markup.list" = "red";
+  "markup.quote" = "grey";
+  "markup.raw" = "green";
+  "module" = "blue";
+  "namespace" = "blue";
+  "operator" = "orange";
+  "punctuation" = "grey";
+  "punctuation.bracket" = "fg";
+  "punctuation.delimiter" = "grey";
+  "special" = "orange";
+  "string" = "yellow";
+  "string.regexp" = "orange";
+  "tag" = "yellow";
+  "type" = "blue";
+  "ui.background" = { "bg" = "bg0"; };
+  "ui.background.separator" = "grey";
+  "ui.bufferline" = {
+    "bg" = "bg1";
+    "fg" = "grey";
+  };
+  "ui.bufferline.active" = {
+    "bg" = "bg4";
+    "fg" = "fg";
+    "modifiers" = [ "bold" ];
+  };
+  "ui.cursor" = {
+    "bg" = "fg";
+    "fg" = "bg0";
+  };
+  "ui.cursor.insert" = {
+    "bg" = "grey";
+    "fg" = "black";
+  };
+  "ui.cursor.match" = {
+    "bg" = "diff_yellow";
+    "fg" = "orange";
+  };
+  "ui.cursor.select" = {
+    "bg" = "blue";
+    "fg" = "bg0";
+  };
+  "ui.cursorline.primary" = { "bg" = "bg1"; };
+  "ui.cursorline.secondary" = { "bg" = "bg1"; };
+  "ui.help" = {
+    "bg" = "bg2";
+    "fg" = "fg";
+  };
+  "ui.linenr" = "grey";
+  "ui.linenr.selected" = "fg";
+  "ui.menu" = {
+    "bg" = "bg3";
+    "fg" = "fg";
+  };
+  "ui.menu.selected" = {
+    "bg" = "green";
+    "fg" = "bg0";
+  };
+  "ui.popup" = {
+    "bg" = "bg2";
+    "fg" = "grey";
+  };
+  "ui.selection" = { "bg" = "bg4"; };
+  "ui.statusline" = {
+    "bg" = "bg3";
+    "fg" = "fg";
+  };
+  "ui.statusline.inactive" = {
+    "bg" = "bg1";
+    "fg" = "grey";
+  };
+  "ui.statusline.insert" = {
+    "bg" = "yellow";
+    "fg" = "bg0";
+    "modifiers" = [ "bold" ];
+  };
+  "ui.statusline.normal" = {
+    "bg" = "fg";
+    "fg" = "bg0";
+    "modifiers" = [ "bold" ];
+  };
+  "ui.statusline.select" = {
+    "bg" = "blue";
+    "fg" = "bg0";
+    "modifiers" = [ "bold" ];
+  };
+  "ui.text" = "fg";
+  "ui.text.focus" = "green";
+  "ui.virtual.indent-guide" = { "fg" = "bg4"; };
+  "ui.virtual.ruler" = { "bg" = "bg2"; };
+  "ui.virtual.whitespace" = { "fg" = "bg4"; };
+  "ui.window" = {
+    "bg" = "bg0";
+    "fg" = "grey";
+  };
+  "variable" = "fg";
+  "variable.builtin" = "orange";
+  "variable.other.member" = "fg";
+  "variable.parameter" = "fg";
+  "warning" = "yellow";
+
+  palette = import (./. + "/palettes/${palette}.nix");
+}
--- a/m/home/helix/themes/sonokai/palettes/andromeda.nix
+++ b/m/home/helix/themes/sonokai/palettes/andromeda.nix
@ -0,0 +1,25 @@
+{
+  black = "#181a1c";
+  bg0 = "#2b2d3a";
+  bg1 = "#333648";
+  bg2 = "#363a4e";
+  bg3 = "#393e53";
+  bg4 = "#3f445b";
+  bg_red = "#ff6188";
+  diff_red = "#55393d";
+  bg_green = "#a9dc76";
+  diff_green = "#394634";
+  bg_blue = "#77d5f0";
+  diff_blue = "#354157";
+  diff_yellow = "#4e432f";
+  fg = "#e1e3e4";
+  red = "#fb617e";
+  orange = "#f89860";
+  yellow = "#edc763";
+  green = "#9ed06c";
+  cyan = "#ef9062"; # added for compatibility with `edge` scheme
+  blue = "#6dcae8";
+  purple = "#bb97ee";
+  grey = "#7e8294";
+  grey_dim = "#5a5e7a";
+}
--- a/m/home/nero/default.nix
+++ b/m/home/nero/default.nix
@ -0,0 +1,81 @@
+{ config, inputs, pkgs, ... }:
+{
+  programs.direnv = {
+    enable = true;
+    enableBashIntegration = true;
+    nix-direnv.enable = true;
+  };
+  programs.bash = {
+    enable = true;
+    bashrcExtra = ''
+      eval "$(direnv hook bash)"
+    '';
+  };
+
+  programs.wezterm = {
+    package = inputs.wezterm.packages.${pkgs.system}.default;
+    enable = true;
+    enableBashIntegration = true;
+
+    extraConfig = ''
+      return {
+        enable_wayland = true
+      }
+    '';
+  };
+
+  home.username = "nero";
+  home.homeDirectory = "/home/nero";
+
+  home.stateVersion = "25.05";
+  home.file = {
+    ".terraformrc".text = ''
+      provider_installation {
+        network_mirror {
+          url = "https://terraform-mirror.yandexcloud.net/"
+          include = ["registry.terraform.io/*/*"]
+        }
+        direct {
+          exclude = ["registry.terraform.io/*/*"]
+        }
+      }
+    '';
+    ".cargo/config.toml" = {
+      text = ''
+        [net]
+        git-fetch-with-cli = true 
+
+        [target.x86_64-unknown-linux-gnu] 
+        linker = "${pkgs.clang}/bin/clang" 
+        rustflags = ["-C", "link-arg=--ld-path=${pkgs.mold}/bin/mold"]
+      '';
+    };
+  };
+  dconf.settings = {
+    "org/gnome/desktop/interface" = {
+      color-scheme = "prefer-dark";
+      gtk-theme = "Adwaita-dark";
+    };
+  };
+
+  gtk = {
+    enable = true;
+    theme = {
+      name = "Adwaita-dark";
+      package = pkgs.gnome-themes-extra;
+    };
+  };
+  xdg.portal = {
+    enable = true;
+    extraPortals = with pkgs; [ xdg-desktop-portal-gtk ];
+    configPackages = with pkgs; [ xdg-desktop-portal-gtk ];
+  };
+  qt = {
+    enable = true;
+    platformTheme.name = "Adwaita-dark";
+    style = {
+      name = "Adwaita-dark";
+      package = pkgs.adwaita-qt;
+    };
+  };
+}
--- a/m/hypr.nix
+++ b/m/hypr.nix
@ -0,0 +1,34 @@
+{ lib, config, inputs, pkgs, ... }:
+let
+  hypr = config.maid.hypr;
+in
+{
+  options.maid.hypr = {
+    enable = lib.mkEnableOption "hyprland";
+  };
+
+  config = lib.mkIf hypr.enable {
+    programs.hyprland = {
+      enable = true;
+      package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
+      portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland;
+    };
+
+    environment.systemPackages = with pkgs; [
+      dunst
+      waybar
+      wofi
+      hyprshot
+    ];
+    environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+    fonts.packages = with pkgs; [
+      font-awesome_5
+    ];
+    qt = {
+      enable = true;
+      platformTheme = "gnome";
+      style = "adwaita-dark";
+    };
+  };
+}
--- a/m/kde.nix
+++ b/m/kde.nix
@ -0,0 +1,18 @@
+{ config, lib, pkgs, ... }:
+let
+  kde = config.maid.kde;
+in
+{
+  options.maid.kde = {
+    enable = lib.mkEnableOption "KDE6";
+  };
+
+  config = lib.mkIf kde.enable {
+    services.desktopManager.plasma6.enable = true;
+    environment.plasma6.excludePackages = with pkgs.kdePackages; [
+      plasma-browser-integration
+      konsole
+      oxygen
+    ];
+  };
+}
--- a/m/masters/default.nix
+++ b/m/masters/default.nix
@ -0,0 +1,7 @@
+{
+  imports = [
+    ./nero.nix
+  ];
+
+  users.mutableUsers = false;
+}
--- a/m/masters/nero.nix
+++ b/m/masters/nero.nix
@ -0,0 +1,37 @@
+{ lib, pkgs, config, ... }:
+let
+  types = lib.types;
+  masters = config.maid.masters;
+  hm = config.maid.hm;
+
+  mkUser = name: {
+    enable = lib.mkEnableOption name;
+    override = lib.mkOption {
+      type = types.attrs;
+      default = {};
+    };
+  };
+in
+{
+  options.maid.masters = {
+    nero = mkUser "nero";
+  };
+
+  config = lib.mkIf masters.nero.enable {
+    sops.secrets."users/nero/passwordHash" = {
+      neededForUsers = true;
+      sopsFile = ../../secrets/users.yaml;
+    };
+
+    users.users.nero = {
+      isNormalUser = true;
+      uid = 1000;
+      hashedPasswordFile = config.sops.secrets."users/nero/passwordHash".path;
+      extraGroups = [ "networkmanager" "docker" "wheel" "adbuser" ];
+
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaWnT7mpLERhm3zIWglNy094a7F7d7cpEImLZYwwWoS nero@lil-maid"
+      ];
+    } // masters.nero.override;
+  };
+}
--- a/m/rust.nix
+++ b/m/rust.nix
@ -0,0 +1,27 @@
+{ pkgs, config, inputs, lib, ... }:
+let
+  rust = config.maid.rust;
+in
+{
+  options.maid.rust = {
+    enable = lib.mkEnableOption "rust toolchain";
+  };
+
+  config = lib.mkIf rust.enable {
+    nixpkgs.overlays = [ inputs.fenix.overlays.default ];
+    
+    environment.systemPackages = with pkgs; [
+      (fenix.complete.withComponents [
+        "rustc"
+        "cargo"
+        "rustfmt"
+        "rust-src"
+        "rust-analyzer"
+        "clippy"
+        "miri"
+      ])
+      sccache
+      cargo-edit
+    ];
+  };
+}
--- a/m/sddm.nix
+++ b/m/sddm.nix
@ -0,0 +1,17 @@
+{ config, lib, ... }:
+let
+  sddm = config.maid.sddm;
+in
+{
+  options.maid.sddm = {
+    enable = lib.mkEnableOption "sddm";
+  };
+
+  config.services.displayManager.sddm = lib.mkIf sddm.enable {
+    enable = true;
+    enableHidpi = true;
+    wayland = {
+      enable = true;
+    };
+  };
+}
--- a/m/signal.nix
+++ b/m/signal.nix
@ -0,0 +1,3 @@
+{
+  
+}
--- a/m/sops.nix
+++ b/m/sops.nix
@ -0,0 +1,28 @@
+{ lib, config, ... }:
+let
+  sops = config.maid.sops;
+in
+{
+  options.maid.sops = {
+    enable = lib.mkEnableOption "sops";
+
+    work.enable = lib.mkEnableOption "work secrets";
+    viendesu.enable = lib.mkEnableOption "VienDesu!";
+  };
+
+  config.sops = lib.mkIf sops.enable {
+    age.keyFile = "/var/lib/sops-nix/key.txt";
+
+    secrets = lib.mkMerge [
+      (lib.mkIf sops.viendesu.enable {
+        "viendesu/shadowsocks/gneg".sopsFile = ../secrets/viendesu.yaml;
+        "viendesu/shadowsocks/yor".sopsFile = ../secrets/viendesu.yaml;
+      })
+      (lib.mkIf sops.work.enable {
+        "work/ovpn".sopsFile = ../secrets/work.yaml;
+        "work/password".sopsFile = ../secrets/work.yaml;
+        "work/shadowsocks".sopsFile = ../secrets/work.yaml;
+      })
+    ];
+  };
+}
--- a/m/sys.nix
+++ b/m/sys.nix
@ -0,0 +1,68 @@
+{ pkgs, lib, config, inputs, ... }:
+let
+  types = lib.types;
+  sys = config.maid.sys;
+in
+{
+  options.maid.sys = {
+    enable = lib.mkEnableOption "whole maid system";
+    tz = lib.mkOption {
+      type = types.str;
+      default = "Europe/Moscow";
+    };
+    hostname = lib.mkOption {
+      type = types.str;
+    };
+
+    bluetooth = {
+      enable = lib.mkEnableOption "bluetooth";
+      powerOnBoot = lib.mkOption {
+        type = types.bool;
+        default = true;
+        description = "whether to power on bluetooth on system startup";
+      };
+    };
+  };
+
+  config = lib.mkIf sys.enable {
+    time.timeZone = sys.tz;
+    networking.hostName = sys.hostname;
+
+    nix.settings = {
+      substituters = [
+        "https://hyprland.cachix.org"
+        "https://wezterm.cachix.org"
+        ];
+      trusted-public-keys = [
+        "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+        "wezterm.cachix.org-1:kAbhjYUC9qvblTE+s7S+kl5XM1zVa4skO+E/1IDWdH0="
+      ];
+
+      experimental-features = [ "nix-command" "flakes" ];
+    };
+
+    environment.systemPackages = with pkgs; [
+      jujutsu
+      ifuse
+      libimobiledevice
+    ];
+    services.usbmuxd.enable = true;
+
+    hardware.bluetooth = lib.mkIf sys.bluetooth.enable {
+      enable = true;
+      powerOnBoot = sys.bluetooth.powerOnBoot;
+    };
+    # nixpkgs.overlays = [
+    #   (final: prev:
+    #     let
+    #       der = pkgs.callPackage ./ivpn {
+    #         buildGoModule = pkgs.buildGo122Module;
+    #       };
+    #     in
+    #     { ivpn = der.ivpn;
+    #       ivpn-service = der.ivpn-service;
+    #     }
+    #   )
+    # ];
+  };
+}
--- a/m/unfree.nix
+++ b/m/unfree.nix
@ -0,0 +1,14 @@
+{ config, lib, ... }:
+let
+  unfree = config.maid.unfree;
+  types = lib.types;
+in
+{
+  options.maid.unfree = lib.mkOption {
+    type = types.listOf types.str;
+    description = "unfree software list";
+    default = [];
+  };
+
+  config.nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.maid.unfree;
+}
--- a/m/vpn/default.nix
+++ b/m/vpn/default.nix
@ -0,0 +1,5 @@
+{
+  imports = [
+    ./hft.nix
+  ];
+}
--- a/m/vpn/hft.nix
+++ b/m/vpn/hft.nix
@ -0,0 +1,39 @@
+{ pkgs, lib, config, ... }:
+let
+  types = lib.types;
+  hft = config.maid.vpn.hft;
+in
+{
+  options.maid.vpn.hft = {
+    enable = lib.mkEnableOption "OpenVPN HFT";
+    autoStart = lib.mkOption {
+      type = types.bool;
+      default = false;
+      description = "Whether to start VPN on system start";
+    };
+  };
+
+  config = lib.mkIf hft.enable {
+    services.openvpn.servers.hft = {
+      autoStart = hft.autoStart;
+      updateResolvConf = true;
+
+      config = ''
+        config ${config.sops.secrets."work/ovpn".path}
+        askpass ${config.sops.secrets."work/password".path}
+      '';
+    };
+
+    systemd.services.hft-shadowsocks = {
+      wantedBy = [ "openvpn-hft.service" ];
+      partOf = [ "openvpn-hft.service" ];
+      after = [ "network.target" ];
+
+      description = "Shadowsocks to bypass OpenVPN block";
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = ''${pkgs.shadowsocks-rust}/bin/sslocal --config ${config.sops.secrets."work/shadowsocks".path}'';
+      };
+    };
+  };
+}