diff --git a/flake.lock b/flake.lock index 986a9f8..cd9faaf 100644 --- a/flake.lock +++ b/flake.lock @@ -3,17 +3,16 @@ "agenix": { "inputs": { "darwin": "darwin", - "home-manager": "home-manager", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1684153753, - "narHash": "sha256-PVbWt3qrjYAK+T5KplFcO+h7aZWfEj1UtyoKlvcDxh0=", + "lastModified": 1677969766, + "narHash": "sha256-AIp/ZYZMNLDZR/H7iiAlaGpu4lcXsVt9JQpBlf43HRY=", "owner": "ryantm", "repo": "agenix", - "rev": "db5637d10f797bb251b94ef9040b237f4702cde3", + "rev": "03b51fe8e459a946c4b88dcfb6446e45efb2c24e", "type": "github" }, "original": { @@ -65,15 +64,14 @@ "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs-unstable" - ], - "nixpkgs-stable": "nixpkgs-stable" + ] }, "locked": { - "lastModified": 1687494897, - "narHash": "sha256-JnNX/aW8arJew41JYDs1JuZYQqW1C7kXXjo3Sblb3y8=", + "lastModified": 1680257010, + "narHash": "sha256-pNMB9sdoZOXEsszLD5TS0WG5Ysj2rVRmf92uxsxH/9A=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "1ceb43ef790d7676fa50c0085438e51c0b67e657", + "rev": "cfec7f9501cc0e001f49d725a7cd733af7deb2ed", "type": "github" }, "original": { @@ -82,32 +80,13 @@ "type": "github" } }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-utils": { - "inputs": { - "systems": "systems" - }, "locked": { - "lastModified": 1687171271, - "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -117,38 +96,18 @@ } }, "home-manager": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1682203081, - "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager-unstable": { "inputs": { "nixpkgs": [ "nixpkgs-unstable" - ] + ], + "utils": "utils" }, "locked": { - "lastModified": 1687473300, - "narHash": "sha256-4LflQpktYFiub8xVhEN9EZf1cYsr09md01rBJZRCGCc=", + "lastModified": 1678831854, + "narHash": "sha256-7HBmLFNVD2KjovSzypIN9NfyzpWelMe8sNbUVZIRsS0=", "owner": "nix-community", "repo": "home-manager", - "rev": "70ac18872a5f1a57a4546ff58888bf67a8bbb5b3", + "rev": "cae54dc45c0d61c99c1dc8b04bc42f36c76f9771", "type": "github" }, "original": { @@ -158,33 +117,12 @@ } }, "home-manager_2": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1687163790, - "narHash": "sha256-CmG/ZdswJrWM0CMgJiVyWfO6LqaI4SKEAx9IrnYDrpI=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "ac53777f52929bc82efcd2830bfc5aa60bcb4337", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-23.05", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_3": { "inputs": { "nixpkgs": [ "nix-on-droid", "nixpkgs" ], - "utils": "utils" + "utils": "utils_2" }, "locked": { "lastModified": 1663932797, @@ -225,10 +163,10 @@ }, "nix-on-droid": { "inputs": { - "home-manager": "home-manager_3", + "home-manager": "home-manager_2", "nix-formatter-pack": "nix-formatter-pack", "nixpkgs": [ - "nixpkgs-droid" + "nixpkgs" ], "nixpkgs-for-bootstrap": "nixpkgs-for-bootstrap", "nmd": "nmd_2" @@ -250,42 +188,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1687379288, - "narHash": "sha256-cSuwfiqYfeVyqzCRkU9AvLTysmEuSal8nh6CYr+xWog=", + "lastModified": 1678703398, + "narHash": "sha256-Y1mW3dBsoWLHpYm+UIHb5VZ7rx024NNHaF16oZBx++o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ef0bc3976340dab9a4e087a0bcff661a8b2e87f3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-22_11": { - "locked": { - "lastModified": 1669558522, - "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-22.11", - "type": "indirect" - } - }, - "nixpkgs-droid": { - "locked": { - "lastModified": 1687376262, - "narHash": "sha256-xtenf0Nc6So/5uaQqe8u3GVoAs/YdMUFsysPUuK8w1s=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7859e9c101fabbd62551b8f4260124a6e2f01a46", + "rev": "67f26c1cfc5d5783628231e776a81c1ade623e0b", "type": "github" }, "original": { @@ -311,29 +218,13 @@ "type": "github" } }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1687379288, - "narHash": "sha256-cSuwfiqYfeVyqzCRkU9AvLTysmEuSal8nh6CYr+xWog=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ef0bc3976340dab9a4e087a0bcff661a8b2e87f3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-unstable": { "locked": { - "lastModified": 1687412861, - "narHash": "sha256-Z/g0wbL68C+mSGerYS2quv9FXQ1RRP082cAC0Bh4vcs=", + "lastModified": 1678654296, + "narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e603dc5f061ca1d8a19b3ede6a8cf9c9fcba6cdc", + "rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b", "type": "github" }, "original": { @@ -345,11 +236,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1670751203, - "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=", + "lastModified": 1669542132, + "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60", + "rev": "a115bb9bd56831941be3776c8a94005867f316a7", "type": "github" }, "original": { @@ -410,11 +301,9 @@ "inputs": { "agenix": "agenix", "emacs": "emacs", - "home-manager": "home-manager_2", - "home-manager-unstable": "home-manager-unstable", + "home-manager": "home-manager", "nix-on-droid": "nix-on-droid", "nixpkgs": "nixpkgs", - "nixpkgs-droid": "nixpkgs-droid", "nixpkgs-unstable": "nixpkgs-unstable", "snm": "snm" } @@ -422,45 +311,43 @@ "snm": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat", "nixpkgs": "nixpkgs_2", - "nixpkgs-22_11": "nixpkgs-22_11", - "nixpkgs-23_05": [ + "nixpkgs-22_11": [ "nixpkgs" ], - "utils": "utils_2" + "utils": "utils_3" }, "locked": { - "lastModified": 1687462267, - "narHash": "sha256-rNSputjn/0HEHHnsKfQ8mQVEPVchcBw7DsbND7Wg8dk=", + "lastModified": 1671659164, + "narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "24128c3052090311688b09a400aa408ba61c6ee5", + "rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", - "ref": "nixos-23.05", + "ref": "nixos-22.11", "repo": "nixos-mailserver", "type": "gitlab" } }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "utils": { + "locked": { + "lastModified": 1676283394, + "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { "locked": { "lastModified": 1659877975, "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", @@ -475,7 +362,7 @@ "type": "github" } }, - "utils_2": { + "utils_3": { "locked": { "lastModified": 1605370193, "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", diff --git a/flake.nix b/flake.nix index 0d868da..c1bf290 100644 --- a/flake.nix +++ b/flake.nix @@ -1,28 +1,22 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; - nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-22.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; home-manager = { - url = "github:nix-community/home-manager/release-23.05"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - home-manager-unstable = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; # simple mailserver snm = { - url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.05"; - inputs.nixpkgs-23_05.follows = "nixpkgs"; + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.11"; + inputs.nixpkgs-22_11.follows = "nixpkgs"; }; nix-on-droid = { url = "github:t184256/nix-on-droid/release-22.11"; - inputs.nixpkgs.follows = "nixpkgs-droid"; + inputs.nixpkgs.follows = "nixpkgs"; }; emacs = { @@ -30,10 +24,10 @@ inputs.nixpkgs.follows = "nixpkgs-unstable"; }; - # simplex-chat = { - # url = "github:simplex-chat/simplex-chat"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; +# simplex-chat = { +# url = "github:simplex-chat/simplex-chat"; +# inputs.nixpkgs.follows = "nixpkgs"; +# }; # age for nix to store encrypted passwords conveniently agenix = { @@ -68,13 +62,12 @@ nixosConfigurations."dregil" = import ./hosts/dregil { inherit inputs; }; homeConfigurations = import ./outputs/homeConfigurations inputs; - nixOnDroidConfigurations.default = - inputs.nix-on-droid.lib.nixOnDroidConfiguration { - modules = [ - ./hosts/redmi - { nix.registry.nixpkgs.flake = nixpkgs; } - { nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; } - ]; - }; + nixOnDroidConfigurations.default = inputs.nix-on-droid.lib.nixOnDroidConfiguration { + modules = [ + ./hosts/redmi + { nix.registry.nixpkgs.flake = nixpkgs; } + { nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; } + ]; + }; }; } diff --git a/home/cli.nix b/home/cli.nix index c5ebb9f..913f07f 100644 --- a/home/cli.nix +++ b/home/cli.nix @@ -37,18 +37,11 @@ in { pijul sqlite.dev sqlite - - gcc - cmake - graphviz - plantuml - gnuplot - # pass pandoc hledger hledger-web - #hledger-iadd + hledger-iadd hledger-ui #smos #haskellPackages.patat # terminal based presentations using pandoc @@ -109,7 +102,7 @@ in { emacs = { enable = true; - package = pkgs.emacs-unstable; + package = pkgs.emacsUnstable; extraPackages = epkgs: with epkgs; [ vterm ]; }; diff --git a/hosts/thrall/default.nix b/hosts/thrall/default.nix index 5526e14..58d05f8 100644 --- a/hosts/thrall/default.nix +++ b/hosts/thrall/default.nix @@ -23,6 +23,7 @@ in { # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; + boot.loader.grub.version = 2; # boot.loader.grub.efiSupport = true; # boot.loader.grub.efiInstallAsRemovable = true; # boot.loader.efi.efiSysMountPoint = "/boot/efi"; @@ -260,17 +261,14 @@ in { enable = true; database.type = "sqlite3"; lfs.enable = true; + domain = "git.failco.de"; + rootUrl = "https://git.failco.de"; + httpAddress = "127.0.0.1"; + httpPort = 3001; settings = { service.DISABLE_REGISTRATION = true; - server = { - DOMAIN = "git.failco.de"; - ROOTURL = "https://git.failco.de"; - HTTP_ADDR = "127.0.0.1"; - HTTP_PORT = 3001; - }; - mailer = { ENABLED = true; MAILER_TYPE = "smtp"; @@ -355,7 +353,7 @@ in { "alex@kobjolke.de" = "me@failco.de"; }; - certificateScheme = "acme-nginx"; + certificateScheme = 3; enableImapSsl = true; enableManageSieve = true; diff --git a/modules/security.nix b/modules/security.nix index 15d365b..3482c16 100644 --- a/modules/security.nix +++ b/modules/security.nix @@ -9,10 +9,10 @@ # tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy # on ssd systems, and volatile! Because it's wiped on reboot. - # boot.tmpOnTmpfs = lib.mkDefault true; +# boot.tmpOnTmpfs = lib.mkDefault true; # If not using tmpfs, which is naturally purged on reboot, we must clean it # /tmp ourselves. /tmp should be volatile storage! - boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs); + boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs); # Fix a security hole in place for backwards compatibility. See desc in # nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix diff --git a/outputs/homeConfigurations/default.nix b/outputs/homeConfigurations/default.nix index a9bd3cc..d9f5027 100644 --- a/outputs/homeConfigurations/default.nix +++ b/outputs/homeConfigurations/default.nix @@ -1,67 +1,75 @@ -inputs: -with inputs; +inputs: with inputs; let pkgs = import nixpkgs-unstable { - system = "x86_64-linux"; - config.allowUnfree = true; - overlays = [ ]; + system = "x86_64-linux"; + config.allowUnfree = true; + overlays = []; }; -in { - "alex@dregil" = home-manager-unstable.lib.homeManagerConfiguration { - inherit pkgs; - modules = [{ - programs.home-manager.enable = true; +in +{ + "alex@dregil" = home-manager.lib.homeManagerConfiguration { + inherit pkgs; + modules = [ + { + programs.home-manager.enable = true; + + home = { + username = "alex"; + homeDirectory = "/home/alex"; + stateVersion = "22.11"; + packages = with pkgs; [ + alacritty # fast terminal + firefox # the browser with the fox - home = { - username = "alex"; - homeDirectory = "/home/alex"; - stateVersion = "22.11"; - packages = with pkgs; [ - alacritty # fast terminal - firefox # the browser with the fox + # social + jitsi-meet-electron # jitsi as a stand-alone app + discord # talk to other people + #inputs.simplex-chat.packages."x86_64-linux"."exe:simplex-chat" - # social - jitsi-meet-electron # jitsi as a stand-alone app - discord # talk to other people - #inputs.simplex-chat.packages."x86_64-linux"."exe:simplex-chat" + # editing + helix # vim like editor + nil # nix language server - # editing - helix # vim like editor - nil # nix language server + # system tools + htop-vim # htop with vim bindings + erdtree # du+tree had sex + dua # ncdu but better + bat # better cat + uhk-agent # my keyboard + mosh # ssh via udp - # system tools - htop-vim # htop with vim bindings - erdtree # du+tree had sex - dua # ncdu but better - bat # better cat - uhk-agent # my keyboard - mosh # ssh via udp + # gaming support + lutris + ]; + }; - # gaming support - lutris - ]; - }; + programs.bash = { + enable = true; + }; - programs.bash = { enable = true; }; + programs.zsh = { + enable = true; + }; - programs.zsh = { enable = true; }; + programs.git = { + enable = true; + userName = "Alexander Kobjolke"; + userEmail = "me@failco.de"; + }; - programs.git = { - enable = true; - userName = "Alexander Kobjolke"; - userEmail = "me@failco.de"; - }; + programs.password-store = { + enable = true; + }; - programs.password-store = { enable = true; }; + # do not show home-manager notifications + news.display = "silent"; - # do not show home-manager notifications - news.display = "silent"; - - services.gpg-agent = { - enable = true; - enableSshSupport = true; - sshKeys = [ "9027AB16B9A7C20BD29F30F55CBA054430BF014C" ]; - }; - }]; - }; + services.gpg-agent = { + enable = true; + enableSshSupport = true; + sshKeys = [ "9027AB16B9A7C20BD29F30F55CBA054430BF014C" ]; + }; + } + ]; + }; }