diff --git a/.sops.yaml b/.sops.yaml index 917f144..df2b354 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -10,3 +10,8 @@ creation_rules: key_groups: - age: - *laptop + - path_regex: nathan/secrets.yaml$ + key_groups: + - age: + - *laptop + - *homebox diff --git a/flake.nix b/flake.nix index 75202f7..21b44c6 100644 --- a/flake.nix +++ b/flake.nix @@ -148,6 +148,19 @@ ]; }; + pi4 = { + system = "aarch64-linux"; + specialArgs = { + inputs = inputs // { + nathan-home-manager = import ./home-manager/nathan; + }; + }; + modules = [ + ./system-config/configuration/pi4 + ./system-config + ]; + }; + live = nixpkgs.lib.nixosSystem { specialArgs = { inputs = inputs // { diff --git a/home-manager/nathan/default.nix b/home-manager/nathan/default.nix index e7376c6..f4076c0 100644 --- a/home-manager/nathan/default.nix +++ b/home-manager/nathan/default.nix @@ -42,6 +42,12 @@ iconTheme.name = "rose-pine-moon"; }; + sops = { + age.keyFile = "/home/nathan/.config/sops/age/keys.txt"; + defaultSopsFile = ./secrets.yaml; + defaultSopsFormat = "yaml"; + }; + services.mpris-proxy.enable = true; programs.ssh.enable = true; diff --git a/home-manager/nathan/dotfiles/default.nix b/home-manager/nathan/dotfiles/default.nix index 2d0e2a5..fd69377 100644 --- a/home-manager/nathan/dotfiles/default.nix +++ b/home-manager/nathan/dotfiles/default.nix @@ -5,6 +5,7 @@ ".config/hypr" = { source = ./hypr; recursive = true; }; ".config/swaylock" = { source = ./swaylock; recursive = true; }; ".config/wal/templates" = { source = ./wal/templates; recursive = true; }; + ".config/zsh" = { source = ./zsh; recursive = true; }; "Pictures/Wallpaper" = { source = ./Wallpaper; recursive = true; }; }; diff --git a/home-manager/nathan/dotfiles/zsh/ohmyposh.toml b/home-manager/nathan/dotfiles/zsh/ohmyposh.toml new file mode 100644 index 0000000..0d03cd6 --- /dev/null +++ b/home-manager/nathan/dotfiles/zsh/ohmyposh.toml @@ -0,0 +1,120 @@ +console_title_template = '{{ .Shell }} in {{ .Folder }}' +version = 3 +final_space = true + +[palette] + c0 = '#0B0704' + c1 = '#846550' + c10 = '#636E90' + c11 = '#6FAEAC' + c12 = '#A5ADA2' + c13 = '#F1DCB7' + c14 = '#A1E7DA' + c15 = '#c2c1c0' + c2 = '#4a526c' + c3 = '#538281' + c4 = '#7b8179' + c5 = '#b4a589' + c6 = '#78ada3' + c7 = '#958d89' + c8 = '#665b54' + c9 = '#B1876B' + +[secondary_prompt] + template = '❭❭ ' + background = 'transparent' + +[transient_prompt] + template = '{{ if gt .Code 0 }}!❭ {{else}}❭ {{end}}' + background = 'transparent' + foreground_templates = ['{{ if gt .Code 0 }}p:c13{{end}}', '{{ if eq .Code 0 }}p:c14{{end}}'] + +[[blocks]] + type = 'prompt' + alignment = 'left' + newline = true + + [[blocks.segments]] + trailing_diamond = '' + template = ' {{ .Icon }} ' + foreground = 'p:c12' + background = 'p:c1' + type = 'os' + style = 'diamond' + + [blocks.segments.properties] + cache_duration = 'none' + + [[blocks.segments]] + trailing_diamond = '' + template = '{{ .UserName }}@{{ .HostName }}' + foreground = 'p:c14' + background = 'p:c2' + type = 'session' + style = 'diamond' + + [blocks.segments.properties] + cache_duration = 'none' + + [[blocks.segments]] + trailing_diamond = '' + template = '{{ .Path }}' + foreground = 'p:c13' + background = 'p:c4' + type = 'path' + style = 'diamond' + + [blocks.segments.properties] + cache_duration = 'none' + style = 'full' + +[[blocks]] + type = 'prompt' + alignment = 'right' + overflow = 'hidden' + + [[blocks.segments]] + leading_diamond = '' + template = '{{ .FormattedMs }}' + foreground = 'p:c13' + background = 'p:c4' + type = 'executiontime' + style = 'diamond' + + [blocks.segments.properties] + cache_duration = 'none' + + [[blocks.segments]] + leading_diamond = '' + foreground = 'p:c14' + background = 'p:c2' + type = 'time' + style = 'diamond' + + [blocks.segments.properties] + cache_duration = 'none' + + [[blocks.segments]] + leading_diamond = '' + foreground = 'p:c12' + background = 'p:c1' + type = 'shell' + style = 'diamond' + + [blocks.segments.properties] + cache_duration = 'none' + +[[blocks]] + type = 'prompt' + alignment = 'left' + newline = true + + [[blocks.segments]] + template = '{{ if gt .Code 0 }}!❭ {{else}}❭ {{end}}' + background = 'transparent' + type = 'text' + style = 'plain' + foreground_templates = ['{{ if gt .Code 0 }}p:c13{{end}}', '{{ if eq .Code 0 }}p:c14{{end}}'] + + [blocks.segments.properties] + cache_duration = 'none' diff --git a/home-manager/nathan/packages/default.nix b/home-manager/nathan/packages/default.nix index a9f468a..e2bfdaf 100644 --- a/home-manager/nathan/packages/default.nix +++ b/home-manager/nathan/packages/default.nix @@ -34,6 +34,8 @@ xfce.thunar grim slurp + curl + wget ]; } diff --git a/home-manager/nathan/programs/default.nix b/home-manager/nathan/programs/default.nix index 73fce56..bb06206 100644 --- a/home-manager/nathan/programs/default.nix +++ b/home-manager/nathan/programs/default.nix @@ -2,6 +2,8 @@ imports = [ ./ags + ./git + ./nh ./hyprland ./terminal ./rofi diff --git a/home-manager/nathan/programs/firefox/default.nix b/home-manager/nathan/programs/firefox/default.nix index 153571e..7367639 100644 --- a/home-manager/nathan/programs/firefox/default.nix +++ b/home-manager/nathan/programs/firefox/default.nix @@ -9,6 +9,19 @@ home.sessionVariables.BROWSER = "${config.programs.firefox.package}/bin/firefox"; + home.packages = lib.mkIf config.homeconfig.wal.enable [ + pkgs.pywalfox-native + ]; + + home.file.".mozilla/native-messaging-hosts/pywalfox.json".text = let + pywalfox-wrapper = pkgs.writeShellScriptBin "pywalfox-wrapper" '' + ${pkgs.pywalfox-native}/bin/pywalfox start + ''; + in lib.replaceStrings [ "" ] [ + "${pywalfox-wrapper}/bin/pywalfox-wrapper" + ] (lib.readFile "${pkgs.pywalfox-native}/lib/python3.12/site-packages/pywalfox/assets/manifest.json"); + + programs.firefox = { enable = true; diff --git a/system-config/programs/git/default.nix b/home-manager/nathan/programs/git/default.nix similarity index 56% rename from system-config/programs/git/default.nix rename to home-manager/nathan/programs/git/default.nix index 1132976..a30b574 100644 --- a/system-config/programs/git/default.nix +++ b/home-manager/nathan/programs/git/default.nix @@ -1,16 +1,17 @@ { config, lib, ... }: { - options.sysconfig.opts.git.enable = lib.options.mkOption {}; - - config = lib.mkIf config.sysconfig.opts.git.enable { + options.homeconfig.git.enable = lib.options.mkOption { + type = lib.types.bool; + default = false; + }; + config = lib.mkIf config.homeconfig.git.enable { + programs.git = { - enable = true; - config = { - user = { - name = "Nathan"; - email = "nathanblunkall5@gmail.com"; - }; + userName = "Nathan"; + userEmail = "nathanblunkall5@gmail.com"; + + extraConfig = { init = { defaultBranch = "master"; }; diff --git a/system-config/programs/nh/default.nix b/home-manager/nathan/programs/nh/default.nix similarity index 65% rename from system-config/programs/nh/default.nix rename to home-manager/nathan/programs/nh/default.nix index 0323b9f..8d9083a 100644 --- a/system-config/programs/nh/default.nix +++ b/home-manager/nathan/programs/nh/default.nix @@ -1,15 +1,15 @@ { config, lib, ... }: { - options.sysconfig.opts.nh.enable = lib.options.mkOption { + options.homeconfig.nh.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.nh.enable { + config = lib.mkIf config.homeconfig.nh.enable { programs.nh = { enable = true; - #flake = "/home/nathan/Projects/Olympus"; + flake = "/home/nathan/Projects/Olympus"; clean = { enable = true; diff --git a/home-manager/nathan/programs/pywal/default.nix b/home-manager/nathan/programs/pywal/default.nix index 960cf12..6227aa4 100644 --- a/home-manager/nathan/programs/pywal/default.nix +++ b/home-manager/nathan/programs/pywal/default.nix @@ -5,11 +5,7 @@ default = false; }; - config = let - pywalfox-wrapper = pkgs.writeShellScriptBin "pywalfox-wrapper" '' - ${pkgs.pywalfox-native}/bin/pywalfox start - ''; - in lib.mkIf config.homeconfig.wal.enable { + config = lib.mkIf config.homeconfig.wal.enable { home.packages = with pkgs; [ @@ -20,12 +16,8 @@ pywal16 imagemagick - pywalfox-native ]; - home.file.".mozilla/native-messaging-hosts/pywalfox.json".text = lib.replaceStrings [ "" ] [ - "${pywalfox-wrapper}/bin/pywalfox-wrapper" - ] (lib.readFile "${pkgs.pywalfox-native}/lib/python3.12/site-packages/pywalfox/assets/manifest.json"); - + }; } diff --git a/home-manager/nathan/programs/terminal/zsh/default.nix b/home-manager/nathan/programs/terminal/zsh/default.nix index c54485c..a0157e3 100644 --- a/home-manager/nathan/programs/terminal/zsh/default.nix +++ b/home-manager/nathan/programs/terminal/zsh/default.nix @@ -32,10 +32,12 @@ share = true; }; - initContent = lib.mkBefore '' + initContent = if config.homeconfig.wal.enable then (lib.mkBefore '' cat ${config.home.homeDirectory}/.cache/wal/sequences eval "$(oh-my-posh init zsh --config ${config.home.homeDirectory}/.cache/wal/ohmyposh.toml)" - ''; + '') else (lib.mkBefore '' + eval "$(oh-my-posh init zsh --config ${config.home.homeDirectory}/.config/zsh/ohmyposh.toml)" + ''); }; diff --git a/home-manager/nathan/secrets.yaml b/home-manager/nathan/secrets.yaml new file mode 100644 index 0000000..e69de29 diff --git a/system-config/configuration/homebox/default.nix b/system-config/configuration/homebox/default.nix index dcc5d9e..43670e8 100644 --- a/system-config/configuration/homebox/default.nix +++ b/system-config/configuration/homebox/default.nix @@ -111,7 +111,8 @@ users.users."nathan" = { isNormalUser = true; - hashedPasswordFile = config.sops.secrets."nathan/pass".path; + initialPassword = "7567"; + #hashedPasswordFile = config.sops.secrets."nathan/pass".path; extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. @@ -160,6 +161,8 @@ calcurse.enable = true; rofi.enable = true; firefox.enable = true; + git.enable = true; + nh.enable = true; }; } { @@ -178,8 +181,6 @@ pipewire.enable = true; ags.enable = true; hyprland.enable = true; - git.enable = true; - nh.enable = true; netbird.enable = true; minecraft.enable = false; steam.enable = false; diff --git a/system-config/configuration/pi4/default.nix b/system-config/configuration/pi4/default.nix new file mode 100644 index 0000000..302c90e --- /dev/null +++ b/system-config/configuration/pi4/default.nix @@ -0,0 +1,149 @@ +{ config, lib, pkgs, inputs, ... }: { + + imports = [ + ./hardware-configuration.nix + + inputs.disko.nixosModules.default + + (import ./disko.nix { device1 = "/dev/mmcblk0"; }) + + inputs.home-manager.nixosModules.default + + inputs.sops-nix.nixosModules.sops + ]; + + config = { + + sysconfig.opts = { + openssh.enable = true; + #pipewire.enable = true; + git.enable = true; + nh.enable = true; + netbird.enable = true; + }; + + home-manager = { + backupFileExtension = "backup"; + extraSpecialArgs = { inherit inputs; }; + sharedModules = [ inputs.sops-nix.homeManagerModules.sops ]; + users = { + "nathan" = lib.mkMerge [ + { + config.homeconfig = { + homeScripts.enable = false; + minimal = true; + mpd.enable = true; + }; + } + inputs.nathan-home-manager + ]; + }; + }; + + boot = { + loader = { + grub.enable = false; + generic-extlinux-compatible.enable = true; + }; + }; + + networking = { + hostName = "pi4"; + nameservers = [ "1.1.1.1" "1.0.0.1" ]; + networkmanager.enable = true; + }; + + time.timeZone = "America/Chicago"; + + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + + hardware = { + bluetooth.enable = true; + + }; + + programs.zsh.enable = true; + + environment.shells = with pkgs; [ zsh ]; + + users = { + defaultUserShell = pkgs.zsh; + + groups.gpio = {}; + + users = { + nathan = { + isNormalUser = true; + description = "Nathan"; + initialPassword = "7567"; + extraGroups = [ + "wheel" + "networkmanager" + "gpio" + "spi" + "audio" + "pulse" + "pulse-access" + ]; + }; + }; + }; + + services = { + udev.extraRules = '' + ''; + + pulseaudio = { + enable = true; + extraConfig = '' + ''; + }; + + services.avahi = { + + enable = true; + ipv4 = true; + ipv6 = true; + openFirewall = true; + nssmdns4 = true; + wideArea = true; + + }; + }; + + nix = { + nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; + settings = { + experimental-features = [ "nix-command" "flakes" ]; + }; + }; + + sops = { + age.keyFile = "/home/nathan/.config/sops/age/keys.txt"; + defaultSopsFile = ./secrets.yaml; + defaultSopsFormat = "yaml"; + }; + + + + fonts.packages = with pkgs; [ nerd-fonts.fira-code ]; + + sound.enable = true; + + security.rtkit.enable = true; + + system.stateVersion = "25.05"; + }; +} diff --git a/system-config/configuration/pi4/disko.nix b/system-config/configuration/pi4/disko.nix new file mode 100644 index 0000000..b2fb02c --- /dev/null +++ b/system-config/configuration/pi4/disko.nix @@ -0,0 +1,66 @@ +{ + device1 ? throw "Set this to your disk device, e.g. /dev/sda", + ... +}: { + disko.devices = { + disk = { + main = { + device = device1; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + name = "boot"; + size = "1M"; + type = "EF02"; + }; + esp = { + name = "ESP"; + size = "500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "lvm_pv"; + vg = "root_vg"; + }; + }; + }; + }; + }; + }; + lvm_vg = { + root_vg = { + type = "lvm_vg"; + lvs = { + root = { + size = "100%FREE"; + content = { + type = "btrfs"; + extraArgs = ["-f"]; + + subvolumes = { + "/root" = { + mountpoint = "/"; + }; + + "/nix" = { + mountOptions = ["subvol=nix" "noatime"]; + mountpoint = "/nix"; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/system-config/configuration/pi4/hardware-configuration.nix b/system-config/configuration/pi4/hardware-configuration.nix new file mode 100644 index 0000000..12cfbb5 --- /dev/null +++ b/system-config/configuration/pi4/hardware-configuration.nix @@ -0,0 +1,27 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.end0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlan0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +} diff --git a/system-config/configuration/pi4/secrets.yaml b/system-config/configuration/pi4/secrets.yaml new file mode 100644 index 0000000..19108f8 --- /dev/null +++ b/system-config/configuration/pi4/secrets.yaml @@ -0,0 +1,17 @@ +nathan: + pass: ENC[AES256_GCM,data:O8d4PQ==,iv:CClnfFd/xUrfLBIb2ZDlBYm1GQVWwawMqePRYnRtSeE=,tag:mk++Mml+x5xT7aHiOQv25Q==,type:str] +sops: + age: + - recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2MEIyRjR0a25UU3hnR2Zw + WXFaaXJYNWFSMmZsR1FsYVB1WlBkZWptSHhzCkRGRitnNkc3MEtjV05KRXlXT3RR + TVhnVlpUdzFiSEwxbHNOT3dyQ0dzbG8KLS0tIElMc3g4SHRxZTVnOCtVcktRb25D + Y2ZpR25VNGVoMi9ibW8wbW5rYTQ3R00Ka6/KLXSSRP9WJDV0RBHHS5nALfd/3xDu + y+QS+Ueh56kQT2zbYpYBRIPDgI3LZgwlTifQCDJ9ZPq0LGgu4XbEqQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-08-01T23:42:11Z" + mac: ENC[AES256_GCM,data:7kHz3rhmzaieuY97ISA7RmEQnPn6E7Ta6sioPXvVBCLOmgwqhtITDXZw7be7/Da/BZr7O2rFcw6RaFiOdreLEzz9Kp8c5AzqXa5V6Mxhs0XJPFZ4Xkabzc3cBrm6QqKVi5PSUjPv6wDmZP7tvgzS/pny9SBmzlWOItSvs3Dw+5I=,iv:yNdtnJkmt3veZj6sDrbuNpBFc9UQVYaWlG6zmfdyfI4=,tag:tRwXGMHtQtXWrTzzMFFN0w==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/system-config/programs/default.nix b/system-config/programs/default.nix index 63fe80f..2d9f749 100644 --- a/system-config/programs/default.nix +++ b/system-config/programs/default.nix @@ -3,8 +3,6 @@ imports = [ ./hyprland ./ags - ./git - ./nh ./steam ]; }