max/os
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update flake

Browse Source
This commit is contained in:
Max Koon
2026-01-07 06:03:08 -05:00
parent 14a58df894
commit 01f32d795c
15 changed files with 265 additions and 173 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
flake.lock generated
View File

@@ -48,6 +48,28 @@
"type": "github"
}
},
"firefox-addons": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1767089190,
"narHash": "sha256-TaPGpx3KSx9pjmM4C9kdClz/2JlyHQQaprzBYPWowvg=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "bf40463eb8b5becdc657a2262be71d785bbb35ef",
"type": "gitlab"
},
"original": {
"dir": "pkgs/firefox-addons",
"owner": "rycee",
"repo": "nur-expressions",
"type": "gitlab"
}
},
"flake-compat": {
"locked": {
"lastModified": 1688025799,
@@ -247,6 +269,22 @@
"type": "github"
}
},
"nixpkgs-old": {
"locked": {
"lastModified": 1766399428,
"narHash": "sha256-vS6LSOMDOB3s+L6tqw9IGujxnmUAZQnEG+Vi640LayI=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a6c3a6141ec1b367c58ead3f7f846c772a25f4e5",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1744536153,
@@ -295,6 +333,22 @@
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1764517877,
"narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts",
@@ -377,15 +431,36 @@
"type": "github"
}
},
"proton-pass-cli": {
"inputs": {
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1766050030,
"narHash": "sha256-+jAjk7HyJ4aBo+JQODETpFFtpaXnUakcNx7ckBKhUkY=",
"owner": "yuxqiu",
"repo": "proton-pass-cli-nix",
"rev": "db5bd21dfe19b31d62fb62a7441a4d4c35bdf747",
"type": "github"
},
"original": {
"owner": "yuxqiu",
"repo": "proton-pass-cli-nix",
"type": "github"
}
},
"root": {
"inputs": {
"apple-fonts": "apple-fonts",
"elytrarides": "elytrarides",
"firefox-addons": "firefox-addons",
"home-manager": "home-manager",
"nixos-apple-silicon": "nixos-apple-silicon",
"nixpkgs": "nixpkgs_4",
"nixpkgs-old": "nixpkgs-old",
"nixvim": "nixvim",
"plasma-manager": "plasma-manager",
"proton-pass-cli": "proton-pass-cli",
"sops-nix": "sops-nix",
"terranix": "terranix",
"unstable": "unstable",
@@ -598,11 +673,11 @@
},
"unstable": {
"locked": {
"lastModified": 1765779637,
"narHash": "sha256-KJ2wa/BLSrTqDjbfyNx70ov/HdgNBCBBSQP3BIzKnv4=",
"lastModified": 1766651565,
"narHash": "sha256-QEhk0eXgyIqTpJ/ehZKg9IKS7EtlWxF3N7DXy42zPfU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1306659b587dc277866c7b69eb97e5f07864d8c4",
"rev": "3e2499d5539c16d0d173ba53552a4ff8547f4539",
"type": "github"
},
"original": {

16
flake.nix
View File

@@ -4,6 +4,8 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11";
nixpkgs-old.url = "github:nixos/nixpkgs?ref=nixos-25.05";
unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable";
nixos-apple-silicon.url =
@@ -41,8 +43,15 @@
inputs.nixpkgs.follows = "unstable";
};
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
apple-fonts.url= "github:Lyndeno/apple-fonts.nix";
proton-pass-cli.url = "github:yuxqiu/proton-pass-cli-nix";
plasma-manager = {
url = "github:nix-community/plasma-manager";
inputs.nixpkgs.follows = "nixpkgs";
@@ -51,7 +60,7 @@
};
outputs = { self, nixpkgs, unstable, nixos-apple-silicon, home-manager
, plasma-manager, nixvim, sops-nix, terranix, elytrarides, zen-browser, apple-fonts, ... }:
, plasma-manager, nixvim, sops-nix, terranix, elytrarides, zen-browser, apple-fonts, nixpkgs-old, proton-pass-cli, firefox-addons, ... }:
let
forAllSystems = function:
nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed
@@ -108,10 +117,11 @@
max = let
system = "aarch64-linux";
pkgs-unstable = import unstable { inherit system; };
pkgs-old = import nixpkgs-old { inherit system; };
secrets = import ./secrets;
in nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = { inherit pkgs-unstable secrets zen-browser apple-fonts; };
specialArgs = { inherit pkgs-unstable secrets zen-browser apple-fonts pkgs-old proton-pass-cli; };
modules = [
./host/max/default.nix
nixos-apple-silicon.nixosModules.apple-silicon-support
@@ -120,7 +130,7 @@
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit secrets zen-browser; };
home-manager.extraSpecialArgs = { inherit secrets zen-browser firefox-addons; };
home-manager.users.max = { config, pkgs, lib, ... }: {
imports = [
sops-nix.homeManagerModules.sops

2
home/common/optional/desktop/hyprland/hyprland.nix
View File

@@ -29,6 +29,7 @@
settings = {
"$terminal" = "${pkgs.uwsm}/bin/uwsm-app -- ${pkgs.alacritty}/bin/alacritty";
"$fileManager" = "${pkgs.uwsm}/bin/uwsm-app -- ${pkgs.pcmanfm}/bin/pcmanfm";
"$browser" = "${pkgs.uwsm}/bin/uwsm-app -- zen-beta";
"$menu" = "${pkgs.walker}/bin/walker";
monitor = [
@@ -184,6 +185,7 @@
"$mainMod, W, killactive,"
# bind = $mainMod, M, exit,
"$mainMod, E, exec, $fileManager"
"$mainMod, B, exec, $browser"
# "$mainMod, V, togglefloating,"
"$mainMod, space, exec, $menu"
"$mainMod, P, pseudo, # dwindle"

6
host/ark/default.nix
View File

@@ -15,7 +15,7 @@
./service/radicale.nix
./service/wakapi.nix
./service/elytra.nix
# ./service/elytra.nix
./service/money.nix
];
@@ -51,8 +51,8 @@
"audio.koon.us" = "http://localhost:8021";
"radicale.koon.us" = "http://localhost:5232";
"waka.koon.us" = "http://localhost:3006";
"ride.koon.us" = "http://localhost:3007";
"ride-api.koon.us" = "http://localhost:8080";
# "ride.koon.us" = "http://localhost:3007";
# "ride-api.koon.us" = "http://localhost:8080";
"money.koon.us" = "http://localhost:3160";
"zero.koon.us" = "http://localhost:4848";

19
host/ark/service/git.nix
View File

@@ -1,4 +1,23 @@
{ lib, config, pkgs, ... }: {
services.openssh = {
enable = true;
# hostKeys = [
# { path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519"; }
# { path = "/etc/ssh/ssh_host_rsa_key"; type = "rsa"; bits = 4096; }
# ];
settings = {
# explicitly allow post-quantum KEX
KexAlgorithms = [
"mlkem768x25519-sha256"
"sntrup761x25519-sha512"
"curve25519-sha256"
];
};
};
services.gitea = {
enable = true;
user = "git";

7
host/ark/sops.nix
View File

@@ -24,13 +24,6 @@
owner = config.users.users.wakapi.name;
};
"elytra-backend-env" = {
owner = config.users.users.backend.name;
};
"elytra-frontend-env" = {
owner = config.users.users.elytra-web.name;
};
"money-env" = {
owner = config.users.users.money.name;
};

43
host/max/default.nix
View File

@@ -1,13 +1,4 @@
{ pkgs, config, pkgs-unstable, lib, ... }:
let
openconnect-sso-src = builtins.fetchTree {
type = "github";
owner = "k2on";
repo = "openconnect-sso";
rev = "9d4f61e5c8ccca420ffa87d46c96c17d64fbfb0b";
narHash = "sha256-ENt4/+9Bll70+BkH0Scej02edLi9SNkvBfyvjxUv83w=";
};
in
{ pkgs, pkgs-unstable, ... }:
{
imports = [
./hardware-configuration.nix
@@ -26,9 +17,8 @@ in
../common/optional/locale.nix
../common/optional/email.nix
./zero-cache.nix
./proton.nix
];
services.zero-cache.enable = false;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
@@ -39,14 +29,11 @@ in
hardware = {
asahi = {
peripheralFirmwareDirectory = ./firmware;
# useExperimentalGPUDriver = true;
# experimentalGPUInstallMode = "replace";
setupAsahiSound = true;
};
};
networking.networkmanager.enable = true;
# networking.wireless.iwd.enable = true;
hardware.bluetooth = {
enable = true;
@@ -62,9 +49,8 @@ in
};
environment.sessionVariables.NIXOS_OZONE_WL = "1";
# programs.adb.enable = true;
programs.kdeconnect.enable = true;
environment.systemPackages = with pkgs; [
networkmanager
@@ -84,7 +70,6 @@ in
(pass.withExtensions (exts: [ exts.pass-otp ]))
# pinentry
pinentry-curses
pinentry-qt
@@ -102,7 +87,6 @@ in
tea
kubectl
cloudflared
# gcc
@@ -111,8 +95,6 @@ in
gimp
inkscape
ungoogled-chromium
# arm support
pkgs-unstable.sparrow
@@ -130,8 +112,6 @@ in
${mpg123}/bin/mpg123 "$url"
fi
'')
# (pkgs.callPackage "${openconnect-sso-src}/nix" {}).openconnect-sso
];
programs.zsh.enable = true;
@@ -142,22 +122,5 @@ in
enableSSHSupport = true;
};
# services.keyd = {
# enable = true;
#
# keyboards.default = {
# ids = [ "*" ];
#
# settings = {
# main = {
# pageup = "leftmouse";
# pagedown = "rightmouse";
# };
# };
# };
# };
system.stateVersion = "25.05";
}

5
host/max/home.nix
View File

@@ -15,6 +15,11 @@
./home/zathura.nix
];
gtk = {
enable = true;
colorScheme = "dark";
};
home.username = "max";
home.homeDirectory = "/home/max";
home.stateVersion = "25.05";

84
host/max/home/browser.nix
View File

@@ -1,4 +1,4 @@
{ config, ... }:
{ config, pkgs, firefox-addons, ... }:
{
xdg.mimeApps = {
enable = true;
@@ -32,8 +32,27 @@
programs.zen-browser = {
enable = true;
profiles."default" = {
containersForce = true;
policies = {
AutofillAddressEnabled = false;
AutofillCreditCardEnabled = false;
DisableAppUpdate = true;
DisableFeedbackCommands = true;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DontCheckDefaultBrowser = true;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
};
profiles.default = let
containers = {
Personal = {
color = "yellow";
@@ -51,31 +70,74 @@
id = 3;
};
};
spacesForce = true;
spaces = let
containers = config.programs.zen-browser.profiles."default".containers;
in {
"Personal" = {
spaces = {
Personal = {
id = "c6de089c-410d-4206-961d-ab11f988d40a";
icon = "";
container = containers."Personal".id;
position = 1000;
};
"School" = {
School = {
id = "78aabdad-8aae-4fe0-8ff0-2a0c6c4ccc24";
icon = "🍎";
container = containers."School".id;
position = 2000;
};
"Work" = {
Work = {
id = "cdd10fab-4fc5-494b-9041-325e5759195b";
icon = "💼";
container = containers."Work".id;
position = 3000;
};
};
};
pins = {
# Personal Pins
"Proton Mail" = {
id = "d9942e0a-0997-418d-b357-91727300d184";
container = containers.Personal.id;
url = "https://mail.proton.me";
isEssential = true;
position = 1;
};
"Proton Calendar" = {
id = "6557e03f-c0ab-4656-ac94-acfb1fe19f3c";
container = containers.Personal.id;
url = "https://calendar.proton.me";
isEssential = true;
position = 2;
};
"YNAB" = {
id = "10cb5609-fcd5-4ed6-a48d-24eb22f2d624";
container = containers.Personal.id;
url = "https://app.ynab.com";
isEssential = true;
position = 3;
};
# # School Pins
# "Canvas" = {
# id = "cfbdc143-6a16-46d7-b33e-e9c964725e59";
# workspace = spaces.School.id;
# container = containers.School.id;
# url = "https://clemson.instructure.com/calendar";
# isEssential = true;
# position = 104;
# };
};
in {
containersForce = true;
spacesForce = true;
pinsForce = true;
inherit containers spaces pins;
# This is awesome :)
# https://nur.nix-community.org/repos/rycee/
extensions.packages = with firefox-addons.packages.${pkgs.stdenv.hostPlatform.system}; [
ublock-origin
proton-pass
istilldontcareaboutcookies
];
};
};
programs.firefox = {

36
host/max/home/nvim.nix
View File

@@ -29,26 +29,9 @@
};
highlight = {
Normal = {
bg = "NONE";
ctermbg = "NONE";
};
NormalFloat = {
bg = "NONE";
ctermbg = "NONE";
};
SignColumn = {
bg = "NONE";
ctermbg = "NONE";
};
EndOfBuffer = {
bg = "NONE";
ctermbg = "NONE";
};
};
extraConfigLua = ''
vim.g.transparent_enabled = true
require('transparent').setup({ exclude_groups = { "CursorLine" } })
require('stay-centered').setup({ enable = true })
require('mini.ai').setup()
'';
@@ -284,9 +267,22 @@
};
};
transparent.enable = true;
};
extraPlugins = with pkgs.vimPlugins; [ stay-centered-nvim mini-ai ];
extraPlugins = with pkgs.vimPlugins; [
stay-centered-nvim
mini-ai
(pkgs.vimUtils.buildVimPlugin {
name = "neominimap";
src = pkgs.fetchFromGitHub {
owner = "Isrothy";
repo = "neominimap.nvim";
rev = "c827a43e5cad146e007c8b1f2a9744798d029e6f";
hash = "sha256-MQxeYIm0QLS2HROvGLD6Rc21Hqx3USF9OXcw1shNTWg=";
};
})
];
};
}

17
host/max/home/terminal.nix
View File

@@ -42,7 +42,6 @@
enableCompletion = true;
autosuggestion = {
enable = true;
highlight = "fg=#bbbbbb";
};
syntaxHighlighting.enable = true;
dotDir = "${config.home.homeDirectory}/.config/zsh";
@@ -60,6 +59,18 @@
zle -N fzf-project
bindkey '^G' fzf-project
fzf-files() {
selected=$(rg --files | fzf)
if [[ -n $selected ]]; then
xargs $EDITOR $selected
zle reset-prompt
fi
zle redisplay
}
zle -N fzf-files
bindkey -M viins '^F' fzf-files
'';
shellAliases = {
@@ -71,7 +82,9 @@
p = "pnpm";
g = "pnpm run build && ~/dev/personal/genesis/packages/genesis/dist/bin.js";
tt = "tt --theme one-light -n 10";
ns = "nix-shell --run zsh -p";
tt = "tt -notheme -n 10";
bible = "nvim ~/bible.txt -R";
notes = "nvim ~/notes";

32
host/max/proton.nix Normal file
View File

@@ -0,0 +1,32 @@
{ pkgs, proton-pass-cli, config, ... }:
let
cache-path = "$HOME/.cache/pass";
proton-pass = pkgs.writeShellScriptBin "pass-cli" ''
export PROTON_PASS_KEY_PROVIDER="env"
export PROTON_PASS_ENCRYPTION_KEY="${config.sops.secrets.proton_key.path}"
exec ${proton-pass-cli.packages.${pkgs.system}.default}/bin/pass-cli "$@"
'';
pass-sync = pkgs.writeShellScriptBin "pass-sync" ''
mkdir -p "${cache-path}"
vaults=$(${proton-pass}/bin/pass-cli vault list --output json | ${pkgs.jq}/bin/jq '.vaults[].name' -r)
for vault in $vaults; do
${proton-pass}/bin/pass-cli item list $vault --filter-state active --output json | ${pkgs.jq}/bin/jq '.items[].content.title' -r > "${cache-path}/$vault"
done
'';
pass-fzf = pkgs.writeShellScriptBin "pass-fzf" ''
selected=$(for f in ~/.cache/pass/*; do while IFS= read -r line; do echo "$(basename "$f"): $line"; done < "$f"; done | fzf)
vault=$(echo "$selected" | cut -d':' -f1)
item=$(echo "$selected" | cut -d':' -f2- | sed 's/^ //')
${proton-pass}/bin/pass-cli item view --vault-name "$vault" --item-title "$item" --output json | ${pkgs.jq}/bin/jq '.item.content.content.Login.password' | ${pkgs.wl-clipboard}/bin/wl-copy
'';
in {
environment.systemPackages = [
proton-pass
pass-sync
pass-fzf
];
}

4
host/max/sops.nix
View File

@@ -20,6 +20,10 @@
inherit (config.users.users.max) group;
path = "/home/max/.config/Yubico/u2f_keys";
};
"proton_key" = {};
};
};
environment.sessionVariables.PROTON_PASS_ENCRYPTION_KEY = config.sops.secrets.proton_key.path;
}

2
host/max/user.nix
View File

@@ -11,6 +11,8 @@
shell = pkgs.zsh;
};
programs.adb.enable = true;
virtualisation.docker = {
enable = true;

84
host/max/zero-cache.nix
View File

@@ -1,84 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.zero-cache;
inherit (lib)
mkEnableOption
mkIf
;
litestream = pkgs.buildGoModule rec {
pname = "litestream-zero";
version = "0.3.13+z0.0.6";
src = pkgs.fetchFromGitHub {
owner = "rocicorp";
repo = "litestream";
rev = "zero@v0.0.6";
sha256 = "sha256-sBKmz2fBoYzYi1kUVeiugLBLPdqHc+fXCBkI8Cttakg=";
};
vendorHash = "sha256-PlfDJbhzbH/ZgtQ35KcB6HtPEDTDgss7Lv8BcKT/Dgg=";
ldflags = [
"-s"
"-w"
"-X main.Version=${version}"
# nix does not like to build with this
# "-extldflags '-static'"
];
doCheck = false;
tags = [
"osusergo"
"netgo"
"sqlite_omit_load_extension"
];
subPackages = [ "cmd/litestream" ];
};
zero-cache = pkgs.buildNpmPackage rec {
name = "zero-cache";
src = pkgs.fetchFromGitHub {
owner = "rocicorp";
repo = "mono";
rev = "zero/v0.23.2025081401";
hash = "sha256-NQcG/vnfUmle/6eNXXmnMqzNvniK8R/mO5RYdMX9pnE=";
};
npmDepsHash = "sha256-9vX9eODN8AfcLcMSjm6KzAAUmPIHfe2BILt0juya5us=";
makeCacheWritable = true;
npmFlags = [ "--legacy-peer-deps" ];
};
in
{
options = {
services.zero-cache = {
enable = mkEnableOption "Zero-cache, the server component of the Zero sync engine.";
};
};
config = mkIf cfg.enable {
systemd.services.zero-cache = {
description = "Zero Cache";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = "${zero-cache}/bin/zero-cache";
RemainAfterExit = true;
};
};
};
}