From 074ab567822facb2e5be840c2cbb26884e425827 Mon Sep 17 00:00:00 2001 From: Alexander Kobjolke Date: Thu, 22 Jun 2023 01:26:08 +0200 Subject: [PATCH 1/2] cli: Add tools needed by emacs --- home/cli.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/home/cli.nix b/home/cli.nix index 913f07f..92c751a 100644 --- a/home/cli.nix +++ b/home/cli.nix @@ -37,6 +37,13 @@ in { pijul sqlite.dev sqlite + + gcc + cmake + graphviz + plantuml + gnuplot + # pass pandoc hledger From 2abe706d195680c231b303b97dbaa25f9426bba1 Mon Sep 17 00:00:00 2001 From: Alexander Kobjolke Date: Fri, 23 Jun 2023 11:25:01 +0200 Subject: [PATCH 2/2] Update to 23.05 --- flake.lock | 219 +++++++++++++++++++------ flake.nix | 37 +++-- home/cli.nix | 4 +- hosts/thrall/default.nix | 14 +- modules/security.nix | 4 +- outputs/homeConfigurations/default.nix | 114 ++++++------- 6 files changed, 253 insertions(+), 139 deletions(-) diff --git a/flake.lock b/flake.lock index cd9faaf..986a9f8 100644 --- a/flake.lock +++ b/flake.lock @@ -3,16 +3,17 @@ "agenix": { "inputs": { "darwin": "darwin", + "home-manager": "home-manager", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1677969766, - "narHash": "sha256-AIp/ZYZMNLDZR/H7iiAlaGpu4lcXsVt9JQpBlf43HRY=", + "lastModified": 1684153753, + "narHash": "sha256-PVbWt3qrjYAK+T5KplFcO+h7aZWfEj1UtyoKlvcDxh0=", "owner": "ryantm", "repo": "agenix", - "rev": "03b51fe8e459a946c4b88dcfb6446e45efb2c24e", + "rev": "db5637d10f797bb251b94ef9040b237f4702cde3", "type": "github" }, "original": { @@ -64,14 +65,15 @@ "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs-unstable" - ] + ], + "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1680257010, - "narHash": "sha256-pNMB9sdoZOXEsszLD5TS0WG5Ysj2rVRmf92uxsxH/9A=", + "lastModified": 1687494897, + "narHash": "sha256-JnNX/aW8arJew41JYDs1JuZYQqW1C7kXXjo3Sblb3y8=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "cfec7f9501cc0e001f49d725a7cd733af7deb2ed", + "rev": "1ceb43ef790d7676fa50c0085438e51c0b67e657", "type": "github" }, "original": { @@ -80,13 +82,32 @@ "type": "github" } }, - "flake-utils": { + "flake-compat": { + "flake": false, "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1687171271, + "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", "type": "github" }, "original": { @@ -98,16 +119,36 @@ "home-manager": { "inputs": { "nixpkgs": [ - "nixpkgs-unstable" - ], - "utils": "utils" + "agenix", + "nixpkgs" + ] }, "locked": { - "lastModified": 1678831854, - "narHash": "sha256-7HBmLFNVD2KjovSzypIN9NfyzpWelMe8sNbUVZIRsS0=", + "lastModified": 1682203081, + "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=", "owner": "nix-community", "repo": "home-manager", - "rev": "cae54dc45c0d61c99c1dc8b04bc42f36c76f9771", + "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager-unstable": { + "inputs": { + "nixpkgs": [ + "nixpkgs-unstable" + ] + }, + "locked": { + "lastModified": 1687473300, + "narHash": "sha256-4LflQpktYFiub8xVhEN9EZf1cYsr09md01rBJZRCGCc=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "70ac18872a5f1a57a4546ff58888bf67a8bbb5b3", "type": "github" }, "original": { @@ -117,12 +158,33 @@ } }, "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1687163790, + "narHash": "sha256-CmG/ZdswJrWM0CMgJiVyWfO6LqaI4SKEAx9IrnYDrpI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "ac53777f52929bc82efcd2830bfc5aa60bcb4337", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-23.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_3": { "inputs": { "nixpkgs": [ "nix-on-droid", "nixpkgs" ], - "utils": "utils_2" + "utils": "utils" }, "locked": { "lastModified": 1663932797, @@ -163,10 +225,10 @@ }, "nix-on-droid": { "inputs": { - "home-manager": "home-manager_2", + "home-manager": "home-manager_3", "nix-formatter-pack": "nix-formatter-pack", "nixpkgs": [ - "nixpkgs" + "nixpkgs-droid" ], "nixpkgs-for-bootstrap": "nixpkgs-for-bootstrap", "nmd": "nmd_2" @@ -188,11 +250,42 @@ }, "nixpkgs": { "locked": { - "lastModified": 1678703398, - "narHash": "sha256-Y1mW3dBsoWLHpYm+UIHb5VZ7rx024NNHaF16oZBx++o=", + "lastModified": 1687379288, + "narHash": "sha256-cSuwfiqYfeVyqzCRkU9AvLTysmEuSal8nh6CYr+xWog=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "67f26c1cfc5d5783628231e776a81c1ade623e0b", + "rev": "ef0bc3976340dab9a4e087a0bcff661a8b2e87f3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-22_11": { + "locked": { + "lastModified": 1669558522, + "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-22.11", + "type": "indirect" + } + }, + "nixpkgs-droid": { + "locked": { + "lastModified": 1687376262, + "narHash": "sha256-xtenf0Nc6So/5uaQqe8u3GVoAs/YdMUFsysPUuK8w1s=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7859e9c101fabbd62551b8f4260124a6e2f01a46", "type": "github" }, "original": { @@ -218,13 +311,29 @@ "type": "github" } }, - "nixpkgs-unstable": { + "nixpkgs-stable": { "locked": { - "lastModified": 1678654296, - "narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=", + "lastModified": 1687379288, + "narHash": "sha256-cSuwfiqYfeVyqzCRkU9AvLTysmEuSal8nh6CYr+xWog=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b", + "rev": "ef0bc3976340dab9a4e087a0bcff661a8b2e87f3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1687412861, + "narHash": "sha256-Z/g0wbL68C+mSGerYS2quv9FXQ1RRP082cAC0Bh4vcs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e603dc5f061ca1d8a19b3ede6a8cf9c9fcba6cdc", "type": "github" }, "original": { @@ -236,11 +345,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1669542132, - "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", + "lastModified": 1670751203, + "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a115bb9bd56831941be3776c8a94005867f316a7", + "rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60", "type": "github" }, "original": { @@ -301,9 +410,11 @@ "inputs": { "agenix": "agenix", "emacs": "emacs", - "home-manager": "home-manager", + "home-manager": "home-manager_2", + "home-manager-unstable": "home-manager-unstable", "nix-on-droid": "nix-on-droid", "nixpkgs": "nixpkgs", + "nixpkgs-droid": "nixpkgs-droid", "nixpkgs-unstable": "nixpkgs-unstable", "snm": "snm" } @@ -311,43 +422,45 @@ "snm": { "inputs": { "blobs": "blobs", + "flake-compat": "flake-compat", "nixpkgs": "nixpkgs_2", - "nixpkgs-22_11": [ + "nixpkgs-22_11": "nixpkgs-22_11", + "nixpkgs-23_05": [ "nixpkgs" ], - "utils": "utils_3" + "utils": "utils_2" }, "locked": { - "lastModified": 1671659164, - "narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=", + "lastModified": 1687462267, + "narHash": "sha256-rNSputjn/0HEHHnsKfQ8mQVEPVchcBw7DsbND7Wg8dk=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd", + "rev": "24128c3052090311688b09a400aa408ba61c6ee5", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", - "ref": "nixos-22.11", + "ref": "nixos-23.05", "repo": "nixos-mailserver", "type": "gitlab" } }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { - "locked": { - "lastModified": 1676283394, - "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_2": { "locked": { "lastModified": 1659877975, "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", @@ -362,7 +475,7 @@ "type": "github" } }, - "utils_3": { + "utils_2": { "locked": { "lastModified": 1605370193, "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", diff --git a/flake.nix b/flake.nix index c1bf290..0d868da 100644 --- a/flake.nix +++ b/flake.nix @@ -1,22 +1,28 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; + nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-22.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; home-manager = { + url = "github:nix-community/home-manager/release-23.05"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + home-manager-unstable = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; # simple mailserver snm = { - url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.11"; - inputs.nixpkgs-22_11.follows = "nixpkgs"; + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.05"; + inputs.nixpkgs-23_05.follows = "nixpkgs"; }; nix-on-droid = { url = "github:t184256/nix-on-droid/release-22.11"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs-droid"; }; emacs = { @@ -24,10 +30,10 @@ inputs.nixpkgs.follows = "nixpkgs-unstable"; }; -# simplex-chat = { -# url = "github:simplex-chat/simplex-chat"; -# inputs.nixpkgs.follows = "nixpkgs"; -# }; + # simplex-chat = { + # url = "github:simplex-chat/simplex-chat"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; # age for nix to store encrypted passwords conveniently agenix = { @@ -62,12 +68,13 @@ nixosConfigurations."dregil" = import ./hosts/dregil { inherit inputs; }; homeConfigurations = import ./outputs/homeConfigurations inputs; - nixOnDroidConfigurations.default = inputs.nix-on-droid.lib.nixOnDroidConfiguration { - modules = [ - ./hosts/redmi - { nix.registry.nixpkgs.flake = nixpkgs; } - { nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; } - ]; - }; + nixOnDroidConfigurations.default = + inputs.nix-on-droid.lib.nixOnDroidConfiguration { + modules = [ + ./hosts/redmi + { nix.registry.nixpkgs.flake = nixpkgs; } + { nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; } + ]; + }; }; } diff --git a/home/cli.nix b/home/cli.nix index 92c751a..c5ebb9f 100644 --- a/home/cli.nix +++ b/home/cli.nix @@ -48,7 +48,7 @@ in { pandoc hledger hledger-web - hledger-iadd + #hledger-iadd hledger-ui #smos #haskellPackages.patat # terminal based presentations using pandoc @@ -109,7 +109,7 @@ in { emacs = { enable = true; - package = pkgs.emacsUnstable; + package = pkgs.emacs-unstable; extraPackages = epkgs: with epkgs; [ vterm ]; }; diff --git a/hosts/thrall/default.nix b/hosts/thrall/default.nix index 58d05f8..5526e14 100644 --- a/hosts/thrall/default.nix +++ b/hosts/thrall/default.nix @@ -23,7 +23,6 @@ in { # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; - boot.loader.grub.version = 2; # boot.loader.grub.efiSupport = true; # boot.loader.grub.efiInstallAsRemovable = true; # boot.loader.efi.efiSysMountPoint = "/boot/efi"; @@ -261,14 +260,17 @@ in { enable = true; database.type = "sqlite3"; lfs.enable = true; - domain = "git.failco.de"; - rootUrl = "https://git.failco.de"; - httpAddress = "127.0.0.1"; - httpPort = 3001; settings = { service.DISABLE_REGISTRATION = true; + server = { + DOMAIN = "git.failco.de"; + ROOTURL = "https://git.failco.de"; + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = 3001; + }; + mailer = { ENABLED = true; MAILER_TYPE = "smtp"; @@ -353,7 +355,7 @@ in { "alex@kobjolke.de" = "me@failco.de"; }; - certificateScheme = 3; + certificateScheme = "acme-nginx"; enableImapSsl = true; enableManageSieve = true; diff --git a/modules/security.nix b/modules/security.nix index 3482c16..15d365b 100644 --- a/modules/security.nix +++ b/modules/security.nix @@ -9,10 +9,10 @@ # tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy # on ssd systems, and volatile! Because it's wiped on reboot. -# boot.tmpOnTmpfs = lib.mkDefault true; + # boot.tmpOnTmpfs = lib.mkDefault true; # If not using tmpfs, which is naturally purged on reboot, we must clean it # /tmp ourselves. /tmp should be volatile storage! - boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs); + boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs); # Fix a security hole in place for backwards compatibility. See desc in # nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix diff --git a/outputs/homeConfigurations/default.nix b/outputs/homeConfigurations/default.nix index d9f5027..a9bd3cc 100644 --- a/outputs/homeConfigurations/default.nix +++ b/outputs/homeConfigurations/default.nix @@ -1,75 +1,67 @@ -inputs: with inputs; +inputs: +with inputs; let pkgs = import nixpkgs-unstable { - system = "x86_64-linux"; - config.allowUnfree = true; - overlays = []; + system = "x86_64-linux"; + config.allowUnfree = true; + overlays = [ ]; }; -in -{ - "alex@dregil" = home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ - { - programs.home-manager.enable = true; - - home = { - username = "alex"; - homeDirectory = "/home/alex"; - stateVersion = "22.11"; - packages = with pkgs; [ - alacritty # fast terminal - firefox # the browser with the fox +in { + "alex@dregil" = home-manager-unstable.lib.homeManagerConfiguration { + inherit pkgs; + modules = [{ + programs.home-manager.enable = true; - # social - jitsi-meet-electron # jitsi as a stand-alone app - discord # talk to other people - #inputs.simplex-chat.packages."x86_64-linux"."exe:simplex-chat" + home = { + username = "alex"; + homeDirectory = "/home/alex"; + stateVersion = "22.11"; + packages = with pkgs; [ + alacritty # fast terminal + firefox # the browser with the fox - # editing - helix # vim like editor - nil # nix language server + # social + jitsi-meet-electron # jitsi as a stand-alone app + discord # talk to other people + #inputs.simplex-chat.packages."x86_64-linux"."exe:simplex-chat" - # system tools - htop-vim # htop with vim bindings - erdtree # du+tree had sex - dua # ncdu but better - bat # better cat - uhk-agent # my keyboard - mosh # ssh via udp + # editing + helix # vim like editor + nil # nix language server - # gaming support - lutris - ]; - }; + # system tools + htop-vim # htop with vim bindings + erdtree # du+tree had sex + dua # ncdu but better + bat # better cat + uhk-agent # my keyboard + mosh # ssh via udp - programs.bash = { - enable = true; - }; + # gaming support + lutris + ]; + }; - programs.zsh = { - enable = true; - }; + programs.bash = { enable = true; }; - programs.git = { - enable = true; - userName = "Alexander Kobjolke"; - userEmail = "me@failco.de"; - }; + programs.zsh = { enable = true; }; - programs.password-store = { - enable = true; - }; + programs.git = { + enable = true; + userName = "Alexander Kobjolke"; + userEmail = "me@failco.de"; + }; - # do not show home-manager notifications - news.display = "silent"; + programs.password-store = { enable = true; }; - services.gpg-agent = { - enable = true; - enableSshSupport = true; - sshKeys = [ "9027AB16B9A7C20BD29F30F55CBA054430BF014C" ]; - }; - } - ]; - }; + # do not show home-manager notifications + news.display = "silent"; + + services.gpg-agent = { + enable = true; + enableSshSupport = true; + sshKeys = [ "9027AB16B9A7C20BD29F30F55CBA054430BF014C" ]; + }; + }]; + }; }