From f0912dc558aa8fefbeead5aa827bf26b09aae09d Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Sun, 1 Jun 2025 12:57:22 -0400 Subject: [PATCH] add sam --- .gitignore | 1 + users/sam/default.nix | 17 ++++ users/sam/home.nix | 157 +++++++++++++++++++++++++++++++++++ users/sam/home/gammastep.nix | 20 +++++ users/sam/home/git.nix | 36 ++++++++ users/sam/home/zsh.nix | 123 +++++++++++++++++++++++++++ users/sam/non-server.nix | 33 ++++++++ users/sam/secrets.yaml | 0 8 files changed, 387 insertions(+) create mode 100644 users/sam/default.nix create mode 100644 users/sam/home.nix create mode 100644 users/sam/home/gammastep.nix create mode 100644 users/sam/home/git.nix create mode 100644 users/sam/home/zsh.nix create mode 100644 users/sam/non-server.nix create mode 100644 users/sam/secrets.yaml diff --git a/.gitignore b/.gitignore index 371e127..cb0934e 100644 --- a/.gitignore +++ b/.gitignore @@ -23,3 +23,4 @@ test.* pre-drv post-drv post-diff +pr_body.md diff --git a/users/sam/default.nix b/users/sam/default.nix new file mode 100644 index 0000000..08d6f05 --- /dev/null +++ b/users/sam/default.nix @@ -0,0 +1,17 @@ +{ + pkgs, + lib, + config, + name, + ... +}: +import ../default.nix { + inherit + pkgs + lib + config + name + ; + publicKeys = [ + ]; +} diff --git a/users/sam/home.nix b/users/sam/home.nix new file mode 100644 index 0000000..a529a08 --- /dev/null +++ b/users/sam/home.nix @@ -0,0 +1,157 @@ +{ + config, + pkgs, + lib, + machineConfig, + ... +}: + +{ + imports = + [ + ./home/zsh.nix + ./home/git.nix + ] + ++ lib.optionals (!machineConfig.server) [ + ./home/gammastep.nix + ./non-server.nix + ]; + + home = { + # # Adds the 'hello' command to your environment. It prints a friendly + # # "Hello, world!" when run. + # pkgs.hello + + # # It is sometimes useful to fine-tune packages, for example, by applying + # # overrides. You can do that directly here, just don't forget the + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of + # # fonts? + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) + + # # You can also create simple shell scripts directly inside your + # # configuration. For example, this adds a command 'my-hello' to your + # # environment: + # (pkgs.writeShellScriptBin "my-hello" '' + # echo "Hello, ${config.home.username}!" + # '') + + username = "sam"; + homeDirectory = "/home/sam"; + packages = with pkgs; [ + python3 + + # useful tools + file + ncdu + neofetch + onefetch + hyfetch + smartmontools + wget + glances + onefetch + + # Rust packages + bat + cargo-update + tealdeer + + # nix specific packages + nix-output-monitor + nix-prefetch + nix-tree + nh + + # audit + lynis + + gocryptfs + ]; + }; + + programs = { + + starship.enable = true; + + fzf = { + enable = true; + enableZshIntegration = true; + }; + + direnv = { + enable = true; + enableZshIntegration = true; + nix-direnv.enable = true; + }; + + eza = { + enable = true; + icons = "auto"; + git = true; + }; + + neovim = { + enable = true; + defaultEditor = true; + vimAlias = true; + vimdiffAlias = true; + extraConfig = '' + set bg=dark + set tabstop=2 + set shiftwidth=2 + set expandtab + set smartindent + ''; + }; + nix-index = { + enable = true; + enableZshIntegration = true; + }; + + tmux.enable = true; + topgrade = { + enable = true; + settings = { + misc = { + disable = [ + "system" + "nix" + "shell" + "poetry" + ]; + }; + }; + }; + }; + + services.ssh-agent.enable = true; + + # TODO: add environment bs + home.sessionVariables = { + EDITOR = "nvim"; + }; + + xdg = { + enable = true; + userDirs = { + enable = true; + createDirectories = true; + extraConfig = { + XDG_SCREENSHOTS_DIR = "${config.xdg.userDirs.pictures}/Screenshots"; + }; + }; + }; + + sops = lib.mkIf (!machineConfig.server) { + age.sshKeyPaths = [ "/home/sam/.ssh/id_ed25519_sops" ]; + defaultSopsFile = ./secrets.yaml; + }; + + nix.gc = { + automatic = true; + frequency = "weekly"; + options = "--delete-older-than 30d"; + }; + + home.stateVersion = "25.11"; +} diff --git a/users/sam/home/gammastep.nix b/users/sam/home/gammastep.nix new file mode 100644 index 0000000..92b8801 --- /dev/null +++ b/users/sam/home/gammastep.nix @@ -0,0 +1,20 @@ +{ ... }: +{ + services.gammastep = { + enable = true; + provider = "manual"; + latitude = 40.73; + longitude = -73.93; + temperature.day = 5700; + temperature.night = 3500; + settings = { + general = { + fade = 1; + elevation-high = 3; + elevation-low = -6; + brightness-day = 1.0; + brightness-low = 0.8; + }; + }; + }; +} diff --git a/users/sam/home/git.nix b/users/sam/home/git.nix new file mode 100644 index 0000000..4f79be1 --- /dev/null +++ b/users/sam/home/git.nix @@ -0,0 +1,36 @@ +{ ... }: + +{ + programs.git = { + enable = true; + lfs.enable = true; + signing = { + key = "5EFFB75F7C9B74EAA5C4637547940175096C1330"; + signByDefault = true; + }; + userEmail = "aliceghuston@gmail.com"; + userName = "ahuston-0"; + aliases = { + gone = '' + !git for-each-ref --format '%(refname:short) %(upstream)' | # dump all older branches + awk 'NF < 2 {print $1}' | # get nuked branches + grep -Pv "(^origin/|^origin$|stash)" | # filter out remotes & stash + sed 's/\\x27/\\x5C\\x27/' | # remove single quotes, for xargs reasons + xargs -r git branch -D # nuke the branches + # !git fetch -p && git for-each-ref --format '%(refname:short) %(upstream:track)' | # dump all branches + # awk '$2 == "[gone]" {print $1}' | # get nuked branches + # sed 's/\\x27/\\x5C\\x27/' | # remove single quotes, for xargs reasons + # xargs -r git branch -D; # nuke the branches # + ''; + }; + extraConfig = { + push.autosetupremote = true; + pull.rebase = true; + color.ui = true; + init.defaultBranch = "main"; + format.signoff = true; + pack.windowMemory = "2g"; + pack.packSizeLimit = "1g"; + }; + }; +} diff --git a/users/sam/home/zsh.nix b/users/sam/home/zsh.nix new file mode 100644 index 0000000..a2d3c73 --- /dev/null +++ b/users/sam/home/zsh.nix @@ -0,0 +1,123 @@ +{ lib, ... }: +{ + + programs.zsh = { + + enable = true; + oh-my-zsh = { + enable = true; + plugins = [ + "git" + "docker" + "docker-compose" + "colored-man-pages" + "helm" + "kubectl" + "minikube" + "rust" + "skaffold" + "systemd" + "tmux" + "ufw" + "z" + ]; + }; + /* + To specify the order, use lib.mkOrder. + + Common order values: + + 500 (mkBefore): Early initialization (replaces initExtraFirst) + + 550: Before completion initialization (replaces initExtraBeforeCompInit) + + 1000 (default): General configuration (replaces initExtra) + + 1500 (mkAfter): Last to run configuration + + To specify both content in Early initialization and General configuration, use lib.mkMerge. + + e.g. + + initContent = let zshConfigEarlyInit = lib.mkOrder 500 “do something”; zshConfig = lib.mkOrder 1000 “do something”; in lib.mkMerge [ zshConfigEarlyInit zshConfig ]; + */ + + initContent = lib.mkOrder 1000 '' + # functions + function mount-data { + if [[ -f /home/alice/backup/.noconnection ]]; then + sshfs -p 10934 lily@192.168.1.154:/mnt/backup/data/ ~/backup -C + else + echo "Connection to backup server already open." + fi + } + + function mount-backup { + if [[ -f /home/alice/backup/.noconnection ]]; then + sudo borgmatic mount --options allow_other,nonempty --archive latest --mount-point ~/backup -c /etc/borgmatic/config_checkless.yaml + else + echo "Connection to backup server already open." + fi + } + + function mount-ubuntu { + if [[ -f /home/alice/backup/.noconnection ]]; then + sshfs lily@192.168.76.101:/mnt/backup/ubuntu.old/ ~/backup -C + else + echo "Connection to backup server already open." + fi + } + ''; + shellAliases = { + "sgc" = "sudo git -C /root/dotfiles"; + ## SSH + "ssh-init" = + "ssh-add -t 2h ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh"; + + ## Backups + "borgmatic-backup-quick" = + "sudo borgmatic --log-file-verbosity 2 -v1 --progress --log-file=/var/log/borgmatic.log -c /etc/borgmatic/config_checkless.yaml"; + "borgmatic-backup-full" = + "sudo borgmatic --log-file-verbosity 2 -v1 --log-file=/var/log/borgmatic.log -c /etc/borgmatic/config_full_arch.yaml"; + "umount-backup" = + "sudo borgmatic umount --mount-point /home/alice/backup -c /etc/borgmatic/config_checkless.yaml"; + "restic-backup" = "/home/alice/Scripts/restic/backup.sh"; + + ## VPN + "pfSense-vpn" = "sudo openvpn --config /etc/openvpn/client/pfSense-TCP4-1194-alice-config.ovpn"; + "pfSense-vpn-all" = "sudo openvpn --config /etc/openvpn/client/pfSense-TCP4-1195-alice-config.ovpn"; + + ## Utilities + "lrt" = "eza --icons -lsnew"; + "lynis-grep" = ''sudo lynis audit system 2&>1 | grep -v "egrep"''; + "egrep" = "grep -E"; + "htgp" = "history | grep"; + "gen_walpaper" = "wal -i '/home/alice/Pictures/Wallpapers/1440pdump'"; + "vlgdf" = "valgrind --leak-check=full --show-leak-kinds=all --track-origins=yes"; + "libreoffice-writer" = "libreoffice --writer"; + "libreoffice-calc" = "libreoffice --calc"; + "notes" = "code /home/alice/Scripts/Notes/dendron.code-workspace"; + "ua-drop-caches" = "sudo paccache -rk3; yay -Sc --aur --noconfirm"; + "ua-update-all" = '' + (export TMPFILE="$(mktemp)"; \ + sudo true; \ + rate-mirrors --save=$TMPFILE --protocol https\ + --country-test-mirrors-per-country 10 arch --max-delay=21600 \ + && sudo mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist-backup \ + && sudo mv $TMPFILE /etc/pacman.d/mirrorlist \ + && ua-drop-caches \ + && yay -Syyu) + ''; + + # applications (rofi entries) + "ARMEclipse" = "nohup /opt/DS-5_CE/bin/eclipse &"; + "Wizard101-old" = "prime-run playonlinux --run Wizard\\ 101"; + "Wizard101" = + "prime-run ~/.wine/drive_c/ProgramData/KingsIsle Entertainment/Wizard101/Wizard101.exe"; + "Pirate101" = "prime-run playonlinux --run Pirate\\ 101"; + "octave" = "prime-run octave --gui"; + "pc-firefox" = "proxychains firefox -P qbit -no-remote -P 127.0.0.1:9050"; + "hx" = "helix"; + }; + }; +} diff --git a/users/sam/non-server.nix b/users/sam/non-server.nix new file mode 100644 index 0000000..8251109 --- /dev/null +++ b/users/sam/non-server.nix @@ -0,0 +1,33 @@ +{ pkgs, outputs, ... }: + +{ + home.packages = with pkgs; [ + shellcheck + + # nix tools + nil + nixfmt-rfc-style + nix-init + + # markdown + nodePackages.markdownlint-cli + + # language depedencies + enchant + nuspell + hunspellDicts.en-us + languagetool + + # latex + texlive.combined.scheme-medium + + nextcloud-client + bitwarden-cli + bitwarden-menu + wtype + zathura + obsidian + libreoffice-qt-fresh + wlr-randr + ]; +} diff --git a/users/sam/secrets.yaml b/users/sam/secrets.yaml new file mode 100644 index 0000000..e69de29