add sam

.gitignore

@@ -23,3 +23,4 @@ test.*
 pre-drv
 post-drv
 post-diff
+pr_body.md

users/sam/default.nix

@@ -0,0 +1,17 @@
+{
+  pkgs,
+  lib,
+  config,
+  name,
+  ...
+}:
+import ../default.nix {
+  inherit
+    pkgs
+    lib
+    config
+    name
+    ;
+  publicKeys = [
+  ];
+}

users/sam/home.nix

@@ -0,0 +1,157 @@
+{
+  config,
+  pkgs,
+  lib,
+  machineConfig,
+  ...
+}:
+
+{
+  imports =
+    [
+      ./home/zsh.nix
+      ./home/git.nix
+    ]
+    ++ lib.optionals (!machineConfig.server) [
+      ./home/gammastep.nix
+      ./non-server.nix
+    ];
+
+  home = {
+    # # Adds the 'hello' command to your environment. It prints a friendly
+    # # "Hello, world!" when run.
+    # pkgs.hello
+
+    # # It is sometimes useful to fine-tune packages, for example, by applying
+    # # overrides. You can do that directly here, just don't forget the
+    # # parentheses. Maybe you want to install Nerd Fonts with a limited number of
+    # # fonts?
+    # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
+
+    # # You can also create simple shell scripts directly inside your
+    # # configuration. For example, this adds a command 'my-hello' to your
+    # # environment:
+    # (pkgs.writeShellScriptBin "my-hello" ''
+    #   echo "Hello, ${config.home.username}!"
+    # '')
+
+    username = "sam";
+    homeDirectory = "/home/sam";
+    packages = with pkgs; [
+      python3
+
+      # useful tools
+      file
+      ncdu
+      neofetch
+      onefetch
+      hyfetch
+      smartmontools
+      wget
+      glances
+      onefetch
+
+      # Rust packages
+      bat
+      cargo-update
+      tealdeer
+
+      # nix specific packages
+      nix-output-monitor
+      nix-prefetch
+      nix-tree
+      nh
+
+      # audit
+      lynis
+
+      gocryptfs
+    ];
+  };
+
+  programs = {
+
+    starship.enable = true;
+
+    fzf = {
+      enable = true;
+      enableZshIntegration = true;
+    };
+
+    direnv = {
+      enable = true;
+      enableZshIntegration = true;
+      nix-direnv.enable = true;
+    };
+
+    eza = {
+      enable = true;
+      icons = "auto";
+      git = true;
+    };
+
+    neovim = {
+      enable = true;
+      defaultEditor = true;
+      vimAlias = true;
+      vimdiffAlias = true;
+      extraConfig = ''
+        set bg=dark
+              set tabstop=2
+        	set shiftwidth=2
+        	set expandtab
+        	set smartindent
+      '';
+    };
+    nix-index = {
+      enable = true;
+      enableZshIntegration = true;
+    };
+
+    tmux.enable = true;
+    topgrade = {
+      enable = true;
+      settings = {
+        misc = {
+          disable = [
+            "system"
+            "nix"
+            "shell"
+            "poetry"
+          ];
+        };
+      };
+    };
+  };
+
+  services.ssh-agent.enable = true;
+
+  # TODO: add environment bs
+  home.sessionVariables = {
+    EDITOR = "nvim";
+  };
+
+  xdg = {
+    enable = true;
+    userDirs = {
+      enable = true;
+      createDirectories = true;
+      extraConfig = {
+        XDG_SCREENSHOTS_DIR = "${config.xdg.userDirs.pictures}/Screenshots";
+      };
+    };
+  };
+
+  sops = lib.mkIf (!machineConfig.server) {
+    age.sshKeyPaths = [ "/home/sam/.ssh/id_ed25519_sops" ];
+    defaultSopsFile = ./secrets.yaml;
+  };
+
+  nix.gc = {
+    automatic = true;
+    frequency = "weekly";
+    options = "--delete-older-than 30d";
+  };
+
+  home.stateVersion = "25.11";
+}

users/sam/home/gammastep.nix

@@ -0,0 +1,20 @@
+{ ... }:
+{
+  services.gammastep = {
+    enable = true;
+    provider = "manual";
+    latitude = 40.73;
+    longitude = -73.93;
+    temperature.day = 5700;
+    temperature.night = 3500;
+    settings = {
+      general = {
+        fade = 1;
+        elevation-high = 3;
+        elevation-low = -6;
+        brightness-day = 1.0;
+        brightness-low = 0.8;
+      };
+    };
+  };
+}

users/sam/home/git.nix

@@ -0,0 +1,36 @@
+{ ... }:
+
+{
+  programs.git = {
+    enable = true;
+    lfs.enable = true;
+    signing = {
+      key = "5EFFB75F7C9B74EAA5C4637547940175096C1330";
+      signByDefault = true;
+    };
+    userEmail = "aliceghuston@gmail.com";
+    userName = "ahuston-0";
+    aliases = {
+      gone = ''
+        !git for-each-ref --format '%(refname:short) %(upstream)' | # dump all older branches
+                        awk 'NF < 2 {print $1}' | # get nuked branches
+                        grep -Pv "(^origin/|^origin$|stash)" | # filter out remotes & stash
+                        sed 's/\\x27/\\x5C\\x27/' | # remove single quotes, for xargs reasons
+                        xargs -r git branch -D # nuke the branches
+        # !git fetch -p && git for-each-ref --format '%(refname:short) %(upstream:track)' | # dump all branches
+        #                 awk '$2 == "[gone]" {print $1}' | # get nuked branches
+        #                 sed 's/\\x27/\\x5C\\x27/' | # remove single quotes, for xargs reasons
+        #                 xargs -r git branch -D; # nuke the branches #
+      '';
+    };
+    extraConfig = {
+      push.autosetupremote = true;
+      pull.rebase = true;
+      color.ui = true;
+      init.defaultBranch = "main";
+      format.signoff = true;
+      pack.windowMemory = "2g";
+      pack.packSizeLimit = "1g";
+    };
+  };
+}

users/sam/home/zsh.nix

@@ -0,0 +1,123 @@
+{ lib, ... }:
+{
+
+  programs.zsh = {
+
+    enable = true;
+    oh-my-zsh = {
+      enable = true;
+      plugins = [
+        "git"
+        "docker"
+        "docker-compose"
+        "colored-man-pages"
+        "helm"
+        "kubectl"
+        "minikube"
+        "rust"
+        "skaffold"
+        "systemd"
+        "tmux"
+        "ufw"
+        "z"
+      ];
+    };
+    /*
+      To specify the order, use lib.mkOrder.
+
+      Common order values:
+
+      500 (mkBefore): Early initialization (replaces initExtraFirst)
+
+      550: Before completion initialization (replaces initExtraBeforeCompInit)
+
+      1000 (default): General configuration (replaces initExtra)
+
+      1500 (mkAfter): Last to run configuration
+
+      To specify both content in Early initialization and General configuration, use lib.mkMerge.
+
+      e.g.
+
+      initContent = let zshConfigEarlyInit = lib.mkOrder 500 “do something”; zshConfig = lib.mkOrder 1000 “do something”; in lib.mkMerge [ zshConfigEarlyInit zshConfig ];
+    */
+
+    initContent = lib.mkOrder 1000 ''
+      # functions
+      function mount-data {
+          if [[ -f /home/alice/backup/.noconnection ]]; then
+      	sshfs -p 10934 lily@192.168.1.154:/mnt/backup/data/ ~/backup -C
+          else
+      	echo "Connection to backup server already open."
+          fi
+      }
+
+      function mount-backup {
+          if [[ -f /home/alice/backup/.noconnection ]]; then
+          	sudo borgmatic mount --options allow_other,nonempty --archive latest --mount-point ~/backup -c /etc/borgmatic/config_checkless.yaml
+          else
+              echo "Connection to backup server already open."
+          fi
+      }
+
+      function mount-ubuntu {
+          if [[ -f /home/alice/backup/.noconnection ]]; then
+              sshfs lily@192.168.76.101:/mnt/backup/ubuntu.old/ ~/backup -C
+          else
+              echo "Connection to backup server already open."
+          fi
+      }
+    '';
+    shellAliases = {
+      "sgc" = "sudo git -C /root/dotfiles";
+      ## SSH
+      "ssh-init" =
+        "ssh-add -t 2h  ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails  ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh";
+
+      ## Backups
+      "borgmatic-backup-quick" =
+        "sudo borgmatic --log-file-verbosity 2 -v1 --progress --log-file=/var/log/borgmatic.log -c /etc/borgmatic/config_checkless.yaml";
+      "borgmatic-backup-full" =
+        "sudo borgmatic --log-file-verbosity 2 -v1 --log-file=/var/log/borgmatic.log -c /etc/borgmatic/config_full_arch.yaml";
+      "umount-backup" =
+        "sudo borgmatic umount --mount-point /home/alice/backup -c /etc/borgmatic/config_checkless.yaml";
+      "restic-backup" = "/home/alice/Scripts/restic/backup.sh";
+
+      ## VPN
+      "pfSense-vpn" = "sudo openvpn --config /etc/openvpn/client/pfSense-TCP4-1194-alice-config.ovpn";
+      "pfSense-vpn-all" = "sudo openvpn --config /etc/openvpn/client/pfSense-TCP4-1195-alice-config.ovpn";
+
+      ## Utilities
+      "lrt" = "eza --icons -lsnew";
+      "lynis-grep" = ''sudo lynis audit system 2&>1 | grep -v "egrep"'';
+      "egrep" = "grep -E";
+      "htgp" = "history | grep";
+      "gen_walpaper" = "wal -i '/home/alice/Pictures/Wallpapers/1440pdump'";
+      "vlgdf" = "valgrind --leak-check=full --show-leak-kinds=all --track-origins=yes";
+      "libreoffice-writer" = "libreoffice --writer";
+      "libreoffice-calc" = "libreoffice --calc";
+      "notes" = "code /home/alice/Scripts/Notes/dendron.code-workspace";
+      "ua-drop-caches" = "sudo paccache -rk3; yay -Sc --aur --noconfirm";
+      "ua-update-all" = ''
+        (export TMPFILE="$(mktemp)"; \
+              sudo true; \
+              rate-mirrors --save=$TMPFILE --protocol https\
+              --country-test-mirrors-per-country 10 arch --max-delay=21600 \
+                && sudo mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist-backup \
+                && sudo mv $TMPFILE /etc/pacman.d/mirrorlist \
+                && ua-drop-caches \
+                && yay -Syyu)
+      '';
+
+      # applications (rofi entries)
+      "ARMEclipse" = "nohup /opt/DS-5_CE/bin/eclipse &";
+      "Wizard101-old" = "prime-run playonlinux --run Wizard\\ 101";
+      "Wizard101" =
+        "prime-run ~/.wine/drive_c/ProgramData/KingsIsle Entertainment/Wizard101/Wizard101.exe";
+      "Pirate101" = "prime-run playonlinux --run Pirate\\ 101";
+      "octave" = "prime-run octave --gui";
+      "pc-firefox" = "proxychains firefox -P qbit -no-remote -P 127.0.0.1:9050";
+      "hx" = "helix";
+    };
+  };
+}

users/sam/non-server.nix

@@ -0,0 +1,33 @@
+{ pkgs, outputs, ... }:
+
+{
+  home.packages = with pkgs; [
+    shellcheck
+
+    # nix tools
+    nil
+    nixfmt-rfc-style
+    nix-init
+
+    # markdown
+    nodePackages.markdownlint-cli
+
+    # language depedencies
+    enchant
+    nuspell
+    hunspellDicts.en-us
+    languagetool
+
+    # latex
+    texlive.combined.scheme-medium
+
+    nextcloud-client
+    bitwarden-cli
+    bitwarden-menu
+    wtype
+    zathura
+    obsidian
+    libreoffice-qt-fresh
+    wlr-randr
+  ];
+}