max/os
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: move max into dentritic pattern

Browse Source
This commit is contained in:
Max Koon
2026-05-21 11:26:17 -04:00
parent 5e886ee875
commit 8043068885
90 changed files with 1963 additions and 1586 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
modules/koon/feature/tailscale.nix Normal file
View File

@@ -0,0 +1,17 @@
{ ... }: {
flake.nixosModules.koonFeatureTailscale = { pkgs, ... }: {
services.tailscale.enable = true;
systemd.services.tailscale-restart = {
description = "Restart Tailscale after waking up";
after = [ "suspend.target" ];
wantedBy = [ "suspend.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.systemd}/bin/systemctl restart tailscaled.service";
};
};
};
}

35
modules/koon/host/max/_hardware-configuration.nix Normal file
View File

@@ -0,0 +1,35 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "usb_storage" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/664ec8c7-4c36-414c-bf99-c5346a4579dd";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/02E4-1CF8";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

184
modules/koon/host/max/browser.nix Normal file
View File

@@ -0,0 +1,184 @@
{ self, ... }: {
flake.homeModules.koonMaxBrowser = { pkgs, ... }: {
imports = [
self.inputs.zen-browser.homeModules.beta
];
xdg.mimeApps = let
value = let
browser = self.inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.beta; # or twilight
in
browser.meta.desktopFileName;
associations = builtins.listToAttrs (map (name: {
inherit name value;
}) [
"application/x-extension-shtml"
"application/x-extension-xhtml"
"application/x-extension-html"
"application/x-extension-xht"
"application/x-extension-htm"
"x-scheme-handler/unknown"
"x-scheme-handler/mailto"
"x-scheme-handler/chrome"
"x-scheme-handler/about"
"x-scheme-handler/https"
"x-scheme-handler/http"
"application/xhtml+xml"
"application/json"
"text/plain"
"text/html"
]);
in {
enable = true;
associations.added = associations;
defaultApplications = associations;
};
programs.zen-browser = {
enable = true;
policies = {
AutofillAddressEnabled = false;
AutofillCreditCardEnabled = false;
DisableAppUpdate = true;
DisableFeedbackCommands = true;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DontCheckDefaultBrowser = true;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
Preferences = {
"privacy.resistFingerprinting" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.randomization.canvas.use_siphash" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.randomization.daily_reset.enabled" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.randomization.daily_reset.private.enabled" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.block_mozAddonManager" = {
Value = true;
Status = "locked";
};
};
# ID's can be collected from this command:
# nix run github:tupakkatapa/mozid -- "https://addons.mozilla.org/en-US/firefox/addon/<example>/"
ExtensionSettings = {
# The default behaviour of ctrl+click, shift+click, cmd+click (on macOS) and middle-click when clicking on links is to open the link in a new tab (or new window in the case of shift).
# This behaviour is sometimes broken by silly developers.
"{18b670e2-67df-4b26-b9b0-34835d1f062a}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/link-fixer/latest.xpi";
installation_mode = "force_installed";
};
};
};
profiles.default = let
containers = {
Personal = {
color = "yellow";
icon = "circle";
id = 1;
};
School = {
color = "red";
icon = "fruit";
id = 2;
};
Work = {
color = "blue";
icon = "briefcase";
id = 3;
};
};
spaces = {
Personal = {
id = "c6de089c-410d-4206-961d-ab11f988d40a";
icon = "";
container = containers."Personal".id;
position = 1000;
};
School = {
id = "78aabdad-8aae-4fe0-8ff0-2a0c6c4ccc24";
icon = "🍎";
container = containers."School".id;
position = 2000;
};
Work = {
id = "cdd10fab-4fc5-494b-9041-325e5759195b";
icon = "💼";
container = containers."Work".id;
position = 3000;
};
};
pins = {
# Personal Pins
"Proton Mail" = {
id = "d9942e0a-0997-418d-b357-91727300d184";
container = containers.Personal.id;
url = "https://mail.proton.me";
isEssential = true;
position = 1;
};
"Proton Calendar" = {
id = "6557e03f-c0ab-4656-ac94-acfb1fe19f3c";
container = containers.Personal.id;
url = "https://calendar.proton.me";
isEssential = true;
position = 2;
};
"YNAB" = {
id = "10cb5609-fcd5-4ed6-a48d-24eb22f2d624";
container = containers.Personal.id;
url = "https://app.ynab.com";
isEssential = true;
position = 3;
};
# # School Pins
# "Canvas" = {
# id = "cfbdc143-6a16-46d7-b33e-e9c964725e59";
# workspace = spaces.School.id;
# container = containers.School.id;
# url = "https://clemson.instructure.com/calendar";
# isEssential = true;
# position = 104;
# };
};
in {
containersForce = true;
spacesForce = true;
pinsForce = true;
inherit containers spaces pins;
# This is awesome :)
# https://nur.nix-community.org/repos/rycee/
extensions.packages = with self.inputs.firefox-addons.packages.${pkgs.stdenv.hostPlatform.system}; [
ublock-origin
proton-pass
istilldontcareaboutcookies
darkreader
];
};
};
};
}

152
modules/koon/host/max/configuration.nix Normal file
View File

@@ -0,0 +1,152 @@
{ self, ... }: {
flake.nixosModules.koonMaxConfiguration = { pkgs, lib, modulesPath, ... }: {
imports = [
./_hardware-configuration.nix
self.nixosModules.commonUnstablePkgsOverlay
self.nixosModules.commonFeatureEmail
self.nixosModules.commonFeatureFont
self.nixosModules.commonFeatureLocale
self.nixosModules.commonFeatureYubikey
self.nixosModules.commonFeatureHyprland
self.nixosModules.koonFeatureTailscale
self.nixosModules.koonMaxSops
self.nixosModules.koonMaxUser
self.nixosModules.koonMaxHomeManager
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
boot.m1n1CustomLogo = ../../../../assets/logo.png;
hardware = {
asahi = {
peripheralFirmwareDirectory = ./firmware;
setupAsahiSound = true;
};
graphics = {
enable = true;
extraPackages = with pkgs; [
mesa.opencl
];
};
};
services.upower.enable = true;
services.logind.settings.Login.HandlePowerKey = "ignore";
networking.networkmanager = {
enable = true;
plugins = with pkgs; [
networkmanager-openconnect
];
};
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
};
environment.variables = {
XDG_DATA_HOME = "/home/max/.local/share";
GSK_RENDERER = "ngl";
EDITOR = "nvim";
};
environment.sessionVariables.NIXOS_OZONE_WL = "1";
programs.kdeconnect.enable = true;
environment.systemPackages = with pkgs; [
networkmanager
vim
git
wget
file
just
libreoffice-qt
pkgs-unstable.signal-desktop
pkgs-unstable.gurk-rs
gnupg
(pass.withExtensions (exts: [ exts.pass-otp ]))
pinentry-curses
pinentry-qt
fzf
zip
jq
ffmpeg
ripgrep
unzip
zbar
tt
sc-im
libqalculate
librespeed-cli
gparted
tea
cloudflared
# gcc
prismlauncher
gimp
inkscape
# arm support
pkgs-unstable.sparrow
(writeShellScriptBin "radio" ''
list="
WIOP http://s4.yesstreaming.net:7119/;audio.mp3
FamilyAlter https://usa17.fastcast4u.com/proxy/roloffev?mp=/1
"
choice=$(echo "$list" | awk '{print $1}' | ${fzf}/bin/fzf)
if [[ -n "$choice" ]]; then
url=$(echo "$list" | awk -v name="$choice" '$1==name {print $2}')
${mpg123}/bin/mpg123 "$url"
fi
'')
(pkgs.writeShellScriptBin "battery-graph" ''
${pkgs.coreutils}/bin/tail -n 20 /var/lib/upower/history-charge-bq40z651-69-F8Y3262H468Q1LTA1.dat | ${pkgs.coreutils}/bin/cut -f1,2 | RUBYOPT='-W0' ${pkgs.youplot}/bin/uplot line -w 70
'')
(pkgs.writeShellScriptBin "ocr-clip" ''
${pkgs.grimblast}/bin/grimblast -f save area - | ${pkgs.tesseract}/bin/tesseract stdin stdout | ${pkgs.wl-clipboard}/bin/wl-copy
'')
];
programs.zsh.enable = true;
programs.gnupg.agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
enableSSHSupport = true;
};
time.timeZone = "America/New_York";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
system.stateVersion = "25.05";
};
}

11
modules/koon/host/max/default.nix Normal file
View File

@@ -0,0 +1,11 @@
{ self, inputs, ... }: {
flake.nixosConfigurations.koonMax = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.inputs.nixos-apple-silicon.nixosModules.apple-silicon-support
self.inputs.sops-nix.nixosModules.sops
self.inputs.home-manager.nixosModules.home-manager
self.nixosModules.koonMaxConfiguration
];
};
}

33
modules/koon/host/max/development/git.nix Normal file
View File

@@ -0,0 +1,33 @@
{ ... }: {
flake.homeModules.koonMaxGit = { lib, ... }:
let
publicGitEmail = "22125083+k2on@users.noreply.github.com";
publicKey = "/home/max/.ssh/id_maxkey.pub";
in {
programs.git = {
enable = true;
settings = {
init.defaultBranch = "main";
push.autoSetupRemote = true;
commit.gpgsign = true;
gpg.format = "ssh";
user.name = "Max Koon";
user.email = publicGitEmail;
user.signing.key = publicKey;
gpg.ssh.allowedSignersFile = "/home/max/.ssh/allowed_signers";
};
signing = {
signByDefault = true;
key = publicKey;
};
};
home.file.".ssh/allowed_signers".text = ''
${publicGitEmail} ${lib.fileContents ./id_maxkey.pub}
'';
};
}

1
modules/koon/host/max/development/id_maxkey.pub Normal file
View File

@@ -0,0 +1 @@
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMywmwW37vjQSd9lqYh9IhGYce9Bi24sTyG3zffpdaJrAAAABHNzaDo= max@koon

288
modules/koon/host/max/development/neovim.nix Normal file
View File

@@ -0,0 +1,288 @@
{ self, ... }: {
flake.homeModules.koonMaxNeovim = { pkgs, ... }: {
imports = [
self.inputs.nixvim.homeModules.nixvim
];
programs.nixvim = {
enable = true;
colorschemes.tokyonight.enable = true;
globals = {
mapleader = " ";
maplocalleader = " ";
};
clipboard = {
providers.wl-copy.enable = true;
register = "unnamedplus";
};
opts = {
background = "dark";
relativenumber = true;
cursorline = true;
number = true;
tabstop = 2;
expandtab = true;
signcolumn = "yes";
updatetime = 250;
list = true;
listchars.__raw = "{ tab = '» ', trail = '·', nbsp = '' }";
};
extraConfigLua = ''
vim.g.transparent_enabled = true
require('transparent').setup({ exclude_groups = { "CursorLine" } })
require('stay-centered').setup({ enable = true })
require('mini.ai').setup()
'';
keymaps = [
{
mode = "n";
key = "<Esc>";
action = "<cmd>nohlsearch<CR>";
}
{
mode = "n";
key = "<leader>a";
action.__raw = "function() require'harpoon':list():add() end";
}
{
mode = "n";
key = "<C-e>";
action.__raw =
"function() require'harpoon'.ui:toggle_quick_menu(require'harpoon':list()) end";
}
{
mode = "n";
key = "<C-j>";
action.__raw = "function() require'harpoon':list():select(1) end";
}
{
mode = "n";
key = "<C-k>";
action.__raw = "function() require'harpoon':list():select(2) end";
}
{
mode = "n";
key = "<C-l>";
action.__raw = "function() require'harpoon':list():select(3) end";
}
{
mode = "n";
key = "<C-;>";
action.__raw = "function() require'harpoon':list():select(4) end";
}
{
mode = "n";
key = "<leader>b";
action = "<cmd>Neotree<CR>";
}
{
mode = "n";
key = "<leader>l";
action = "<cmd>Neotree reveal<CR>";
}
];
autoCmd = [
{
event = [ "BufWritePre" ];
pattern = "*";
command = "lua vim.lsp.buf.format()";
}
];
diagnostic.settings.virtual_text = true;
userCommands.W.command = "w";
plugins = {
web-devicons.enable = true;
sleuth.enable = true;
lastplace.enable = true;
gitsigns.enable = true;
highlight-colors.enable = true;
todo-comments.enable = true;
goyo.enable = true;
treesitter = {
enable = true;
settings = {
ensureInstalled =
[ "typescript" "rust" "php" "blade" "python" "nix" ];
highlight = { enable = true; };
indent = { enable = true; };
};
};
lsp = {
enable = true;
servers = {
tsgo.enable = true;
tailwindcss.enable = false;
biome.enable = false;
rust_analyzer = {
enable = true;
installCargo = true;
installRustc = true;
};
clangd.enable = true;
phpactor.enable = true;
pylsp.enable = true;
pyright.enable = true;
nixd.enable = true;
};
keymaps = {
extra = [
{
mode = "n";
key = "gd";
action.__raw = "require('telescope.builtin').lsp_definitions";
options = { desc = "LSP: [G]oto [D]efinition"; };
}
{
mode = "n";
key = "gr";
action.__raw = "require('telescope.builtin').lsp_references";
options = { desc = "LSP: [G]oto [R]eferences"; };
}
];
lspBuf = {
"<leader>." = {
mode = [ "n" "x" ];
action = "code_action";
desc = "Code action";
};
};
};
};
lazydev.enable = true;
luasnip.enable = true;
telescope = {
enable = true;
extensions = {
fzf-native.enable = true;
ui-select.enable = true;
};
keymaps = {
"<leader>sf" = {
mode = "n";
action = "find_files";
options = { desc = "[S]earch [F]iles"; };
};
"<leader>sk" = {
mode = "n";
action = "live_grep";
options = { desc = "[S]earch [S]tring"; };
};
};
settings = {
extensions.__raw =
"{ ['ui-select'] = { require('telescope.themes').get_dropdown() } }";
};
};
cmp = {
enable = true;
settings = {
snippet = {
expand = ''
function(args)
require('luasnip').lsp_expand(args.body)
end
'';
};
completion = { completeopt = "menu,menuone,noinsert"; };
formatting = {
format = ''require("nvim-highlight-colors").format'';
};
mapping = {
"<CR>" = "cmp.mapping.confirm { select = true }";
"<Tab>" = "cmp.mapping.select_next_item()";
"<S-Tab>" = "cmp.mapping.select_prev_item()";
"<Down>" = "cmp.mapping.select_next_item()";
"<Up>" = "cmp.mapping.select_prev_item()";
"<C-j>" = "cmp.mapping.select_next_item()";
"<C-k>" = "cmp.mapping.select_prev_item()";
};
sources = [
{
name = "lazydev";
group_index = 0;
}
{ name = "nvim_lsp"; }
{ name = "luasnip"; }
{ name = "path"; }
{ name = "nvim_lsp_signature_help"; }
];
};
};
harpoon = {
enable = true;
settings.settings = { save_on_toggle = true; };
};
neo-tree = {
enable = true;
settings = {
window.width = 25;
filesystem = {
filtered_items = {
visible = true;
};
};
};
};
wakatime.enable = true;
autoclose.enable = true;
ts-autotag.enable = true;
bullets.enable = true;
spider = {
enable = true;
settings = {
subwordMovement = true;
skipInsignificantPunctuation = false;
};
keymaps = {
motions = {
"w" = "w";
"e" = "e";
"b" = "b";
};
};
};
transparent.enable = true;
};
extraPlugins = with pkgs.vimPlugins; [
stay-centered-nvim
mini-ai
];
};
};
}

38
modules/koon/host/max/development/ssh.nix Normal file
View File

@@ -0,0 +1,38 @@
{ ... }: {
flake.homeModules.koonMaxSsh = { pkgs, ... }: {
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"*" = {
addKeysToAgent = "yes";
};
"m1" = {
host = "m1";
user = "admin";
};
"ark" = {
host = "ark";
user = "admin";
};
"ssh.koon.us" = {
host = "ssh.koon.us";
user = "git";
proxyCommand = "${pkgs.cloudflared}/bin/cloudflared access ssh --hostname %h";
};
"git" = {
host = "github.com";
user = "git";
identityFile = [
"~/.ssh/id_maxkey"
];
};
};
};
home.file = {
".ssh/id_maxkey.pub".source = ./id_maxkey.pub;
};
};
}

BIN
modules/koon/host/max/firmware/all_firmware.tar.gz Executable file
View File

Binary file not shown.

BIN
modules/koon/host/max/firmware/kernelcache.release.mac14j Executable file
View File

Binary file not shown.

54
modules/koon/host/max/home.nix Normal file
View File

@@ -0,0 +1,54 @@
{ self, inputs, ... }: {
flake.nixosModules.koonMaxHomeManager = { ... }: {
imports = [
inputs.home-manager.nixosModules.home-manager
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit inputs self; };
users.max = {
imports = [ self.homeModules.koonMaxHome ];
};
};
};
flake.homeModules.koonMaxHome = { ... }: {
imports = [
self.homeModules.commonFeatureHyprlandConfig
self.homeModules.commonFeatureHypridle
self.homeModules.commonFeatureHyprlock
self.homeModules.commonFeatureNotifications
self.homeModules.commonFeatureOsd
self.homeModules.commonFeatureWalker
self.homeModules.commonFeatureWallpaper
self.homeModules.commonFeatureWaybar
self.homeModules.commonFeatureZathura
self.homeModules.commonFeatureAlacritty
self.homeModules.commonFeatureLf
self.homeModules.commonFeatureTmux
self.homeModules.commonFeatureStarship
self.homeModules.commonFeatureDirenv
self.homeModules.commonFeatureImageViewer
self.homeModules.commonFeatureMusic
self.homeModules.commonFeatureZsh
self.homeModules.koonMaxBrowser
self.homeModules.koonMaxNeovim
self.homeModules.koonMaxGit
self.homeModules.koonMaxSsh
];
gtk = {
enable = true;
colorScheme = "dark";
};
home.username = "max";
home.homeDirectory = "/home/max";
home.stateVersion = "25.05";
};
}

34
modules/koon/host/max/sops.nix Normal file
View File

@@ -0,0 +1,34 @@
{ self, ... }: {
flake.nixosModules.koonMaxSops = { config, ... }: {
sops = {
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = "${self}/secrets/koon/max/default.yaml";
validateSopsFiles = false;
secrets = {
"yubico/u2f_keys" = {
owner = config.users.users.max.name;
inherit (config.users.users.max) group;
path = "/home/max/.config/Yubico/u2f_keys";
};
"ssh_keys/max" = {
owner = config.users.users.max.name;
inherit (config.users.users.max) group;
path = "/home/max/.ssh/id_maxkey";
mode = "0600";
};
"waka_config" = {
owner = config.users.users.max.name;
inherit (config.users.users.max) group;
path = "/home/max/.wakatime.cfg";
};
"proton_key" = {};
};
};
environment.sessionVariables.PROTON_PASS_ENCRYPTION_KEY = config.sops.secrets.proton_key.path;
};
}

31
modules/koon/host/max/user.nix Normal file
View File

@@ -0,0 +1,31 @@
{ ... }: {
flake.nixosModules.koonMaxUser = { pkgs, config, ... }: {
sops.secrets.max-password.neededForUsers = true;
users.mutableUsers = true;
users.users.max = {
isNormalUser = true;
# hashedPasswordFile = config.sops.secrets.max-password.path;
password = "password";
extraGroups = [ "wheel" "networkmanager" "video" "kvm" "docker" "ydotool" ];
packages = with pkgs; [ tree ];
shell = pkgs.zsh;
};
programs.adb.enable = true;
virtualisation.docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
};
}