diff --git a/README.md b/README.md index c7518bf..f5da218 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,17 @@ +## Screenshots + +[Click here](https://old.reddit.com/r/unixporn/comments/1ml7w96/sway_minimalist_rice_on_nixos/) + + ## Unified nix configuration -Update whole flake (clean working directory 1st): `nix flake update --commit-lock-file` +Switch server: `nixos-rebuild switch --target-host root@posixlycorrect.com --use-substitutes --show-trace --flake .\#vps` Switch current machine: `sudo nixos-rebuild switch --flake . --show-trace` Switch current home manager: `home-manager switch --flake . --show-trace` -## Maintenance shit () -Clean shit de Home: `nix store gc` +Update homepage: `nix flake update --commit-lock-file homepage` + +Update whole flake: `nix flake update --commit-lock-file` -Clean shit de sys: `sudo nix store gc` diff --git a/ads b/ads new file mode 100644 index 0000000..8b8c068 --- /dev/null +++ b/ads @@ -0,0 +1,66 @@ +98a3273 (HEAD -> master, origin/master, origin/HEAD) remove tooltip from waybar clock +4807859 add mako config +a715f50 update readme +abb4fe5 update gtlock style +b149e90 update sway config +9dc042f flake.lock: Update +0d7022d add privacy and disk to waybar +158c761 replace wofi with bemenu +6382deb configure sway colors +aa7265e add and configure gtklock +ef8b281 configure tmux +5d14082 configure sway (this is a huge rice) +4316165 remove conduwuit +edeeb5c flake.lock: Update +6c66eb0 switch to sway +52e1424 add trivionomicon input +ef89396 add sway and xdg config +9687235 add i3lock to sys config +0249e29 apply config changes for 25.05 +2c2fa2b flake.lock: Update +19f637c update to 25.05 +60fa062 flake.lock: Update +d098a49 updated flake.lock +fccdb25 replace deluge with qbittorrent +53c2980 add mapping software +bc55915 apply format +d2eb151 vps: add mealie +1755bf7 add deepState dependencies +8ecb978 update syncthing module +d26ff60 add syncthing +95930bc improve firefox module +86cf517 update firefox module +7854100 apply formatter +d7ea157 vps: enable forgejo actions +48d230a improve firefox module +d7f1c06 modularize gui and browsers modules +5b194ca add readme +62a361c apply formatter and fix typo +ae37ebf vps: add wiki-js +cbda46e modularize steam +9f0e981 home: remove zoom +4acb6e2 split theme into its own module and add xdg configuration +7f69245 add vpn addresses to fail2ban whitelist +4a7bda9 add ipv6 support, net module and wireguard vpn +63a190b vps: change syncthing datadir to vps NAS +09a7464 vps: reduce immich worker concurrency +3fefd5b apply formatter +9636646 vps: add immich +7748c67 vps: add nas exports for immich and syncthing +22eecd6 remove 2011 nas export +a785cce vps: add mosh +dd6a8f9 vps: add calibre +05d397f vps: add shiori +6372c2b update flake.nix +9db5b15 vps: remove unused modues +4e63a64 vps: add syncthing +8c2e1b7 vps: upgrade to trilium-next +86e778f flake.lock: Update +3c2751c flake.lock: Update +9cbd93c add xdg portal +534d3b0 vps: remove templatestyles +dd86290 configure gajim +2e0c03a fix qt, gtk and darkmode settings +97056c6 flake.lock: Update +3e0e6e4 add xdg config +bc73e4b add pv diff --git a/flake.lock b/flake.lock index ad772a8..4fad1d3 100644 --- a/flake.lock +++ b/flake.lock @@ -1,6 +1,86 @@ { "nodes": { + "authentik-nix": { + "inputs": { + "authentik-src": "authentik-src", + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils", + "napalm": "napalm", + "nixpkgs": [ + "nixpkgs" + ], + "pyproject-build-systems": "pyproject-build-systems", + "pyproject-nix": "pyproject-nix", + "systems": "systems", + "uv2nix": "uv2nix" + }, + "locked": { + "lastModified": 1753369162, + "narHash": "sha256-pSAsUVueht3WyyFJ3K+QJKWqFZNbyvsXijHOAHApeLk=", + "owner": "nix-community", + "repo": "authentik-nix", + "rev": "1361d269fe10c527528264185567a053252e22b0", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "authentik-nix", + "type": "github" + } + }, + "authentik-src": { + "flake": false, + "locked": { + "lastModified": 1753187012, + "narHash": "sha256-bs/ThY3YixwBObahcS7BrOWj0gsaUXI664ldUQlJul8=", + "owner": "goauthentik", + "repo": "authentik", + "rev": "23ffad1c6be80bea223caf5f1cf265b984b76328", + "type": "github" + }, + "original": { + "owner": "goauthentik", + "ref": "version/2025.6.4", + "repo": "authentik", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { "inputs": { "nixpkgs-lib": [ "nur", @@ -23,7 +103,10 @@ }, "flake-utils": { "inputs": { - "systems": "systems" + "systems": [ + "authentik-nix", + "systems" + ] }, "locked": { "lastModified": 1731533236, @@ -61,6 +144,42 @@ "inputs": { "systems": "systems_3" }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "inputs": { + "systems": "systems_5" + }, "locked": { "lastModified": 1731533236, "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", @@ -97,11 +216,11 @@ ] }, "locked": { - "lastModified": 1755928099, - "narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=", + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", "owner": "nix-community", "repo": "home-manager", - "rev": "4a44fb9f7555da362af9d499817084f4288a957f", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", "type": "github" }, "original": { @@ -111,6 +230,26 @@ "type": "github" } }, + "homepage": { + "inputs": { + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1737639979, + "narHash": "sha256-GP4bOkJMWSp55OpkBmP4VP1S2MUxmXF36fBX6/qxyOw=", + "ref": "master", + "rev": "a07048bb01ee5fb12f683366315fd3fde4f15412", + "revCount": 24, + "type": "git", + "url": "https://git.posixlycorrect.com/fabian/homepage.git" + }, + "original": { + "ref": "master", + "type": "git", + "url": "https://git.posixlycorrect.com/fabian/homepage.git" + } + }, "impermanence": { "locked": { "lastModified": 1737831083, @@ -126,10 +265,53 @@ "type": "github" } }, + "mediawikiSkinCitizen": { + "flake": false, + "locked": { + "lastModified": 1724097552, + "narHash": "sha256-+o5FDWMrEqnva5qcdc45wAYyE2ZtUhEjygUGVt0HsaA=", + "owner": "StarCitizenTools", + "repo": "mediawiki-skins-Citizen", + "rev": "28cd4e18b52aed3270fe7b55bff4545c8314a687", + "type": "github" + }, + "original": { + "owner": "StarCitizenTools", + "ref": "v2.27.0", + "repo": "mediawiki-skins-Citizen", + "type": "github" + } + }, + "napalm": { + "inputs": { + "flake-utils": [ + "authentik-nix", + "flake-utils" + ], + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1725806412, + "narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=", + "owner": "willibutz", + "repo": "napalm", + "rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5", + "type": "github" + }, + "original": { + "owner": "willibutz", + "ref": "avoid-foldl-stack-overflow", + "repo": "napalm", + "type": "github" + } + }, "nixGL": { "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs" + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1752054764, @@ -146,6 +328,34 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1719426051, + "narHash": "sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4=", + "path": "/nix/store/f0ddmw6s86y567yg06h5019z72szbzch-source", + "rev": "89c49874fb15f4124bf71ca5f42a04f2ee5825fd", + "type": "path" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1748740939, + "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "656a64127e9d791a334452c6b6606d17539476e2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1746378225, "narHash": "sha256-OeRSuL8PUjIfL3Q0fTbNJD/fmv1R+K2JAOqWJd3Oceg=", @@ -160,13 +370,13 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_3": { "locked": { - "lastModified": 1755922037, - "narHash": "sha256-wY1+2JPH0ZZC4BQefoZw/k+3+DowFyfOxv17CN/idKs=", + "lastModified": 1754563854, + "narHash": "sha256-YzNTExe3kMY9lYs23mZR7jsVHe5TWnpwNrsPOpFs/b8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b1b3291469652d5a2edb0becc4ef0246fff97a7c", + "rev": "e728d7ae4bb6394bbd19eec52b7358526a44c414", "type": "github" }, "original": { @@ -176,13 +386,13 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1755615617, - "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=", + "lastModified": 1754498491, + "narHash": "sha256-erbiH2agUTD0Z30xcVSFcDHzkRvkRXOQ3lb887bcVrs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "20075955deac2583bb12f07151c2df830ef346b4", + "rev": "c2ae88e026f9525daf89587f3cbee584b92b6134", "type": "github" }, "original": { @@ -194,15 +404,15 @@ }, "nur": { "inputs": { - "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_3" + "flake-parts": "flake-parts_2", + "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1756179127, - "narHash": "sha256-X3V3G2GhSms2QT45olNd2hcU8MqlTdMxDSty+iWV1D0=", + "lastModified": 1754684884, + "narHash": "sha256-GH+UMIOJj7u/bW55dOOpD8HpVpc9WfU61iweM2nM68A=", "owner": "nix-community", "repo": "NUR", - "rev": "278516dbc557696d283514f8c33a054dcace4ace", + "rev": "a7f9761c9dd71359cd9a6529078302a83e6deaac", "type": "github" }, "original": { @@ -211,31 +421,85 @@ "type": "github" } }, + "pyproject-build-systems": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ], + "pyproject-nix": [ + "authentik-nix", + "pyproject-nix" + ], + "uv2nix": [ + "authentik-nix", + "uv2nix" + ] + }, + "locked": { + "lastModified": 1749519371, + "narHash": "sha256-UJONN7mA2stweZCoRcry2aa1XTTBL0AfUOY84Lmqhos=", + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "rev": "7c06967eca687f3482624250428cc12f43c92523", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "type": "github" + } + }, + "pyproject-nix": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750499893, + "narHash": "sha256-ThKBd8XSvITAh2JqU7enOp8AfKeQgf9u7zYC41cnBE4=", + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "rev": "e824458bd917b44bf4c38795dea2650336b2f55d", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "type": "github" + } + }, "root": { "inputs": { - "flake-utils": "flake-utils", + "authentik-nix": "authentik-nix", + "flake-utils": "flake-utils_2", "hm-isolation": "hm-isolation", "home-manager": "home-manager", + "homepage": "homepage", "impermanence": "impermanence", + "mediawikiSkinCitizen": "mediawikiSkinCitizen", "nixGL": "nixGL", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nur": "nur", "trivionomicon": "trivionomicon", - "unstable": "unstable" + "unstable": "unstable", + "vpsadminos": "vpsadminos" } }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -269,30 +533,65 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "trivionomicon": { "inputs": { - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_5", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "path": "./trivionomicon", - "type": "path" + "lastModified": 1754513973, + "narHash": "sha256-7+gk+pQiMILfjajg+S0ceAJkl5ldi7m5WTqlEnmS7hA=", + "ref": "master", + "rev": "c651b8c4706cfc750303db12ae19e58164a6bebb", + "revCount": 28, + "type": "git", + "url": "https://git.posixlycorrect.com/deepState/trivionomicon" }, "original": { - "path": "./trivionomicon", - "type": "path" - }, - "parent": [] + "ref": "master", + "type": "git", + "url": "https://git.posixlycorrect.com/deepState/trivionomicon" + } }, "unstable": { "locked": { - "lastModified": 1755615617, - "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=", + "lastModified": 1754498491, + "narHash": "sha256-erbiH2agUTD0Z30xcVSFcDHzkRvkRXOQ3lb887bcVrs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "20075955deac2583bb12f07151c2df830ef346b4", + "rev": "c2ae88e026f9525daf89587f3cbee584b92b6134", "type": "github" }, "original": { @@ -301,6 +600,46 @@ "repo": "nixpkgs", "type": "github" } + }, + "uv2nix": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ], + "pyproject-nix": [ + "authentik-nix", + "pyproject-nix" + ] + }, + "locked": { + "lastModified": 1750987094, + "narHash": "sha256-GujDElxLgYatnNvuL1U6qd18lcuG6anJMjpfYRScV08=", + "owner": "pyproject-nix", + "repo": "uv2nix", + "rev": "4b703d851b61e664a70238711a8ff0efa1aa2f52", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "uv2nix", + "type": "github" + } + }, + "vpsadminos": { + "locked": { + "lastModified": 1754655349, + "narHash": "sha256-Vuc6jQNHsXhzJGusRG+K9fcI5aEnW9ZQRK22dlM0e2A=", + "owner": "vpsfreecz", + "repo": "vpsadminos", + "rev": "94f162b0a1194115a289b2f1e0f9d13b200d6d0e", + "type": "github" + }, + "original": { + "owner": "vpsfreecz", + "repo": "vpsadminos", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index f36bda0..ec8b67c 100644 --- a/flake.nix +++ b/flake.nix @@ -13,29 +13,132 @@ hm-isolation.url = "github:3442/hm-isolation"; nixGL.url = "github:guibou/nixGL"; flake-utils.url = "github:numtide/flake-utils"; + vpsadminos.url = "github:vpsfreecz/vpsadminos"; + + homepage.url = "git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master"; trivionomicon = { - url = "./trivionomicon"; + url = "git+https://git.posixlycorrect.com/deepState/trivionomicon?ref=master"; inputs.nixpkgs.follows = "nixpkgs"; }; + + authentik-nix = { + url = "github:nix-community/authentik-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + mediawikiSkinCitizen = { + url = "github:StarCitizenTools/mediawiki-skins-Citizen/v2.27.0"; + flake = false; + }; }; - outputs = flakes: - flakes.trivionomicon.lib.mkSystemFlake { - inherit flakes; + outputs = flakes @ { + self, + nixpkgs, + unstable, + home-manager, + nur, + impermanence, + hm-isolation, + nixGL, + flake-utils, + vpsadminos, + homepage, + mediawikiSkinCitizen, + authentik-nix, + trivionomicon, + }: let + system = "x86_64-linux"; - system = "x86_64-linux"; - doctrinePrefix = "local"; + importPkgs = flake: + import flake { + inherit system; - paths = { - localOverlay = "pkgs"; - nixpkgsConfig = "pkgs/config"; - - nixosSource = "sys"; - nixosPlatforms = "sys/platforms"; - - hmSource = "home"; - hmPlatforms = "home/platforms"; + config = import ./pkgs/config nixpkgs.lib; + overlays = [ + self.overlays.default + nur.overlays.default + nixGL.overlay + trivionomicon.overlays.default + ]; }; + + pkgs = importPkgs nixpkgs; + + inherit (pkgs.local.lib) importAll; + + local = final: prev: import ./pkgs {inherit final prev flakes;}; + in + with pkgs.lib; { + formatter.${system} = pkgs.alejandra; + packages.${system} = pkgs.local; + + overlays.default = final: prev: let + locals = local final prev; + in + locals.override + // { + local = locals; + unstable = importPkgs unstable; + }; + + nixosConfigurations = let + nixosSystem = {modules}: + makeOverridable nixpkgs.lib.nixosSystem { + inherit modules pkgs system; + + specialArgs = { + inherit flakes; + doctrine = import "${trivionomicon}/doctrine" { + inherit pkgs; + namespace = "sys"; + }; + }; + }; + + hostConfig = host: + nixosSystem { + modules = [ + ./sys + host + ]; + }; + in + mapAttrs (_: hostConfig) (importAll {root = ./sys/platforms;}); + + homeConfigurations = let + registry = {...}: { + config.nix.registry = + mapAttrs (_: value: { + flake = value; + }) + flakes; + }; + + home = platform: + home-manager.lib.homeManagerConfiguration { + inherit pkgs; + + modules = [ + ./home + platform + registry + hm-isolation.homeManagerModule + ]; + + extraSpecialArgs = { + inherit flakes; + doctrine = import "${trivionomicon}/doctrine" { + inherit pkgs; + namespace = "hm"; + }; + }; + }; + + platformHome = name: platform: + nameValuePair name (home platform); + in + mapAttrs' platformHome (importAll {root = ./home/platforms;}); }; } diff --git a/home/default.nix b/home/default.nix index 3ba92a1..3db7471 100644 --- a/home/default.nix +++ b/home/default.nix @@ -9,6 +9,5 @@ with lib; { imports = [ ./modules flakes.trivionomicon.homeManagerModules.default - flakes.hm-isolation.homeManagerModule ]; } diff --git a/home/modules/accounts.nix b/home/modules/accounts.nix new file mode 100644 index 0000000..316db96 --- /dev/null +++ b/home/modules/accounts.nix @@ -0,0 +1,22 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.local.services.accounts; +in { + options.local.services.accounts.enable = mkEnableOption "accounts settings"; + config = mkIf cfg.enable { + accounts.email.accounts = { + "josescalante9808@gmail.com" = { + address = "josescalante9808@gmail..com"; + userName = "josescalante9808"; + realName = "josem"; + primary = true; + flavor = "gmail.com"; + }; + }; + }; +} diff --git a/home/modules/baseline.nix b/home/modules/baseline.nix index 1d4f0b1..b4bdc1f 100644 --- a/home/modules/baseline.nix +++ b/home/modules/baseline.nix @@ -34,7 +34,6 @@ in { zip ]; keyboard = { - #TODO switch to normal people variant layout = "us"; variant = "altgr-intl"; }; diff --git a/home/modules/deepState.nix b/home/modules/deepState.nix new file mode 100644 index 0000000..95b2084 --- /dev/null +++ b/home/modules/deepState.nix @@ -0,0 +1,17 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.local.services.deepState; +in { + options.local.services.deepState.enable = mkEnableOption "trivionomicon settings"; + config = mkIf cfg.enable { + home.sessionVariables = { + FSOCIETY_TELEGRAM_BACKUP_N = "0"; + FSOCIETY_TELEGRAM_BACKUP_LOCATION = "/extern/var/fsociety_backup"; + }; + }; +} diff --git a/home/modules/default.nix b/home/modules/default.nix index ff1ad56..c4c29ba 100644 --- a/home/modules/default.nix +++ b/home/modules/default.nix @@ -9,10 +9,14 @@ ./neovim.nix ./baseline.nix ./gaming.nix + ./yubikey.nix ./firefox.nix ./gui ./zsh ./defaultDesktopPack.nix + ./accounts.nix + ./syncthing.nix + ./deepState.nix ./mapping.nix ]; } diff --git a/home/modules/defaultDesktopPack.nix b/home/modules/defaultDesktopPack.nix index fff8bdd..de1a79e 100644 --- a/home/modules/defaultDesktopPack.nix +++ b/home/modules/defaultDesktopPack.nix @@ -22,10 +22,13 @@ in { pavucontrol pdfarranger qpdfview + runelite spotify tdesktop usbutils + vpsfree-client vscodium-fhs + zola ]; }; } diff --git a/home/modules/gaming.nix b/home/modules/gaming.nix index 24158aa..5048854 100644 --- a/home/modules/gaming.nix +++ b/home/modules/gaming.nix @@ -11,10 +11,10 @@ in { enable = mkEnableOption "gaming apps"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [ - lutris - openrct2 - prismlauncher + home.packages = [ + pkgs.lutris + pkgs.openrct2 + pkgs.prismlauncher ]; }; } diff --git a/home/modules/gpg.nix b/home/modules/gpg.nix new file mode 100644 index 0000000..9da6e11 --- /dev/null +++ b/home/modules/gpg.nix @@ -0,0 +1,61 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.local.services.gpg; +in { + options.local.services.gpg = { + enable = mkEnableOption "gpg settings"; + defaultKey = mkOption { + type = types.str; + description = "fingerprint of default public key to be used in gpg, git, email, etc."; + example = "7AA277E604A4173916BBB4E91FFAC35E1798174F"; + }; + }; + config = mkIf cfg.enable { + programs.gpg = { + enable = true; + settings = { + default-key = config.local.services.gpg.defaultKey; + }; + }; + + services.gpg-agent = { + enable = true; + + enableZshIntegration = true; + enableBashIntegration = true; + + enableExtraSocket = true; + enableSshSupport = true; + + defaultCacheTtl = 3600 * 3; + defaultCacheTtlSsh = 3600 * 3; + + maxCacheTtl = 3600 * 6; + maxCacheTtlSsh = 3600 * 6; + + pinentry.package = pkgs.pinentry-emacs; + }; + + accounts.email.accounts = { + "fabian@posixlycorrect.com" = { + gpg = { + encryptByDefault = true; + signByDefault = true; + key = config.local.services.gpg.defaultKey; + }; + }; + }; + + programs.git = { + signing = { + key = config.local.services.gpg.defaultKey; + signByDefault = true; + }; + }; + }; +} diff --git a/home/modules/gui/mako.nix b/home/modules/gui/mako.nix index 7f0dde4..8e226fc 100644 --- a/home/modules/gui/mako.nix +++ b/home/modules/gui/mako.nix @@ -15,7 +15,7 @@ in { anchor = "top-right"; background-color = "#000000"; border-color = "#000000"; - progress-color = "over #FFFFFF"; + progress-color="over #FFFFFF"; border-radius = 0; default-timeout = 7000; font = "JetBrains Mono 10"; diff --git a/home/modules/gui/sway.nix b/home/modules/gui/sway.nix index 7f92cf2..5465d68 100644 --- a/home/modules/gui/sway.nix +++ b/home/modules/gui/sway.nix @@ -57,7 +57,7 @@ in { input = { "*" = { xkb_layout = "us"; - xkb_variant = "altgr-intl"; #TODO change to normal ppl keeb too + xkb_variant = "altgr-intl"; }; }; @@ -156,7 +156,13 @@ in { command = "${lib.getExe pkgs.sway} 'workspace 1; exec ${lib.getExe pkgs.firefox}'"; } { - command = "${lib.getExe pkgs.swaybg} -m fill -i ${config.home.homeDirectory}/Pictures/wallpapers/wallpaper.jpg"; + command = "${lib.getExe pkgs.sway} 'workspace 2; exec ${lib.getExe pkgs.tdesktop}'"; + } + { + command = "${lib.getExe pkgs.sway} 'workspace 2; exec ${lib.getExe pkgs.gajim}'"; + } + { + command = "${lib.getExe pkgs.swaybg} -m fill -i ${config.home.homeDirectory}/Pictures/wallpapers/jupiter.png"; always = true; } { diff --git a/home/modules/gui/waybar.nix b/home/modules/gui/waybar.nix index 9aa66a1..0b1d2c6 100644 --- a/home/modules/gui/waybar.nix +++ b/home/modules/gui/waybar.nix @@ -65,7 +65,7 @@ in { icon-size = 12; }; }; - }; #TODO font negro n shit + }; style = '' * { font-family: "JetBrains Mono", monospace; diff --git a/home/modules/syncthing.nix b/home/modules/syncthing.nix new file mode 100644 index 0000000..4857e63 --- /dev/null +++ b/home/modules/syncthing.nix @@ -0,0 +1,20 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.local.services.syncthing; +in { + options.local.services.syncthing = { + enable = mkEnableOption "syncthing settings"; + }; + + config = mkIf cfg.enable { + services.syncthing = { + enable = true; + tray.enable = true; + }; + }; +} diff --git a/home/modules/terminal/kitty.conf.nix b/home/modules/terminal/kitty.conf.nix index 21f5a60..82904a9 100644 --- a/home/modules/terminal/kitty.conf.nix +++ b/home/modules/terminal/kitty.conf.nix @@ -5,7 +5,7 @@ italic_font JetBrains Mono Italic bold_italic_font JetBrains Mono Bold Italic - font_size 10 + font_size 15 disable_ligatures cursor initial_window_width 1200 diff --git a/home/modules/yubikey.nix b/home/modules/yubikey.nix new file mode 100644 index 0000000..b0b3595 --- /dev/null +++ b/home/modules/yubikey.nix @@ -0,0 +1,20 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.local.apps.yubikey; +in { + options.local.apps.yubikey = { + enable = mkEnableOption "Yubikey home settings"; + }; + config = mkIf cfg.enable { + home.packages = with pkgs; [ + yubikey-manager + yubico-pam + yubikey-personalization + ]; + }; +} diff --git a/home/modules/zsh/zshrc.nix b/home/modules/zsh/zshrc.nix index ed874bb..a7bc271 100644 --- a/home/modules/zsh/zshrc.nix +++ b/home/modules/zsh/zshrc.nix @@ -78,12 +78,14 @@ alias ls='ls --color -F' alias l='ls --color -FhAltr' alias x='killall --ignore-case --user=$(whoami) --interactive' + alias sc='${lib.getExe pkgs.maim} -s -u | ${lib.getExe pkgs.xclip} -selection clipboard -t image/png -i' alias tree='tree -CF' alias lock="betterlockscreen -l" alias nightmode="${lib.getExe pkgs.redshift} -P -O 1000" alias lightmode="${lib.getExe pkgs.redshift} -x=" + alias inbox="echo >> $HOME/gtd/inbox" alias nixoide="nix repl ''" - alias vim=nvim + alias vps="ssh -A vps" bindkey -e bindkey "^[[1;5D" backward-word bindkey "^[[1;5C" forward-word diff --git a/home/platforms/chem@yuki/default.nix b/home/platforms/chem@yuki/default.nix index c51f8ae..2ffbaa9 100644 --- a/home/platforms/chem@yuki/default.nix +++ b/home/platforms/chem@yuki/default.nix @@ -28,12 +28,16 @@ enable = true; prompt = "%B[%~] \${vcs_info_msg_0_}%b"; }; + accounts.enable = true; + deepState.enable = true; + syncthing.enable = true; }; apps = { terminal.enable = true; neovim.enable = true; gaming.enable = true; + yubikey.enable = true; defaultDesktopPack.enable = true; firefox.enable = true; mapping.enable = true; @@ -42,15 +46,15 @@ gui = { enable = true; monitors = { - HDMI-A-4 = { + DP-1 = { width = "1920"; height = "1080"; rate = "59.94"; }; - DP-1 = { - width = "1600"; - height = "900"; - rate = "59.94"; + DP-2 = { + width = "1920"; + height = "1080"; + rate = "143.855"; posX = "1920"; }; }; @@ -59,6 +63,14 @@ home = { packages = with pkgs; [ + darktable + (gajim.override { + enableSecrets = true; + enableUPnP = true; + enableAppIndicator = true; + enableE2E = true; + enableRST = true; + }) gnucash kdePackages.kdenlive nmap diff --git a/pkgs/config/default.nix b/pkgs/config/default.nix index 681271f..0156348 100644 --- a/pkgs/config/default.nix +++ b/pkgs/config/default.nix @@ -1,4 +1,4 @@ -{lib}: +lib: with lib; { android_sdk.accept_license = true; #TODO: what the fuck is this allowUnfreePredicate = pkg: import ./unfree.nix lib (getName pkg); diff --git a/pkgs/default.nix b/pkgs/default.nix index 97d428c..342a2a2 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -6,9 +6,23 @@ with prev.lib; let inherit (final) callPackage fetchpatch; in { + homepage = flakes.homepage.packages.${final.system}.default; + + lib = callPackage ./lib {}; + + st = prev.st.override { + conf = import ./st.nix {}; + + patches = [ + (fetchpatch { + url = "https://st.suckless.org/patches/clipboard/st-clipboard-0.8.3.diff"; + sha256 = "cbb37675e9b4986836c19aadacc616a006df81c9bf394e9e3573e164fa1867cf"; + }) + ]; + }; + override = { - # add python modules here to make them available in all versions } // ( let diff --git a/pkgs/lib/default.nix b/pkgs/lib/default.nix new file mode 100644 index 0000000..e3ab56e --- /dev/null +++ b/pkgs/lib/default.nix @@ -0,0 +1,3 @@ +{callPackage}: { + importAll = callPackage ./importAll.nix {}; +} diff --git a/trivionomicon/doctrine/lib/import-all.nix b/pkgs/lib/importAll.nix similarity index 83% rename from trivionomicon/doctrine/lib/import-all.nix rename to pkgs/lib/importAll.nix index 423dd9c..6acabe9 100644 --- a/trivionomicon/doctrine/lib/import-all.nix +++ b/pkgs/lib/importAll.nix @@ -1,7 +1,6 @@ -{ - lib, +{lib}: { root, - exclude ? ["default"], + exclude ? [], }: with builtins; with lib; @@ -11,7 +10,7 @@ with lib; isMatch = name: type: (hasSuffix ".nix" name || type == "directory") - && ! elem (basename name) exclude; + && ! elem name (map basename exclude); entry = name: _: { name = basename name; diff --git a/sys/modules/default.nix b/sys/modules/default.nix index c8df074..00f03d1 100644 --- a/sys/modules/default.nix +++ b/sys/modules/default.nix @@ -6,6 +6,7 @@ }: { imports = [ ./baseline.nix + ./yubikey.nix ./audio.nix ./graphics.nix ./virtualisation.nix diff --git a/sys/modules/graphics.nix b/sys/modules/graphics.nix index 706c2d3..162e21b 100644 --- a/sys/modules/graphics.nix +++ b/sys/modules/graphics.nix @@ -12,6 +12,11 @@ in { }; config = mkIf cfg.enable { services = { + xserver = { + enable = true; + xkb.layout = "us"; + displayManager.startx.enable = true; + }; libinput.enable = true; }; diff --git a/sys/modules/yubikey.nix b/sys/modules/yubikey.nix new file mode 100644 index 0000000..c5e3008 --- /dev/null +++ b/sys/modules/yubikey.nix @@ -0,0 +1,44 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.local.sys.yubikey; +in { + options.local.sys.yubikey = { + enable = mkEnableOption "yubikey settings"; + }; + config = mkIf cfg.enable { + services = { + pcscd.enable = true; + udev.packages = [pkgs.yubikey-personalization]; + }; + + environment.etc."pkcs11/modules/ykcs11".text = '' + module: ${pkgs.yubico-piv-tool}/lib/libykcs11.so + ''; + + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + security.pam = { + services = { + login.u2fAuth = true; + sudo.u2fAuth = true; + }; + + u2f = { + enable = true; + control = "sufficient"; + settings = { + debug = false; + cue = true; + }; + }; + }; + }; +} diff --git a/sys/platforms/yuki/default.nix b/sys/platforms/yuki/default.nix index b1c5afc..3e76d51 100644 --- a/sys/platforms/yuki/default.nix +++ b/sys/platforms/yuki/default.nix @@ -14,6 +14,7 @@ local.sys = { baseline.enable = true; + yubikey.enable = true; audio.enable = true; graphics.enable = true; virtualisation.enable = true; @@ -24,19 +25,20 @@ users = { chem = { enable = true; + unixId = 1002; }; }; }; - local.sway.enable = true; + trivium.sway.enable = true; networking = { hostName = "yuki"; networkmanager.enable = true; useDHCP = false; # The global useDHCP flag is deprecated, therefore explicitly set to false here. - #interfaces.enp7s0.useDHCP = true; # Per-interface useDHCP will be mandatory in the future, so this generated config - #interfaces.wlp6s0.useDHCP = true; # replicates the default behaviour. + interfaces.enp7s0.useDHCP = true; # Per-interface useDHCP will be mandatory in the future, so this generated config + interfaces.wlp6s0.useDHCP = true; # replicates the default behaviour. }; boot = { @@ -45,7 +47,7 @@ efi.canTouchEfiVariables = true; }; tmp.useTmpfs = true; - kernelPackages = pkgs.linuxPackages_zen; + kernelPackages = pkgs.linuxPackages_latest; }; # Select internationalisation properties. diff --git a/sys/platforms/yuki/hardware-configuration.nix b/sys/platforms/yuki/hardware-configuration.nix index a6bb41e..21935d7 100644 --- a/sys/platforms/yuki/hardware-configuration.nix +++ b/sys/platforms/yuki/hardware-configuration.nix @@ -1,34 +1,30 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + { - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/b925ebc0-f717-4f0d-83ca-a9a29990b8e2"; - fsType = "btrfs"; - }; + fileSystems."/" = + { device = "/dev/disk/by-uuid/b925ebc0-f717-4f0d-83ca-a9a29990b8e2"; + fsType = "btrfs"; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/EC62-0FDF"; - fsType = "vfat"; - options = ["fmask=0022" "dmask=0022"]; - }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/EC62-0FDF"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/trivionomicon/.gitignore b/trivionomicon/.gitignore deleted file mode 100644 index f094862..0000000 --- a/trivionomicon/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -!**/.keep -result diff --git a/trivionomicon/COPYING b/trivionomicon/COPYING deleted file mode 100644 index f288702..0000000 --- a/trivionomicon/COPYING +++ /dev/null @@ -1,674 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 3, 29 June 2007 - - Copyright (C) 2007 Free Software Foundation, Inc. - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The GNU General Public License is a free, copyleft license for -software and other kinds of works. - - The licenses for most software and other practical works are designed -to take away your freedom to share and change the works. By contrast, -the GNU General Public License is intended to guarantee your freedom to -share and change all versions of a program--to make sure it remains free -software for all its users. We, the Free Software Foundation, use the -GNU General Public License for most of our software; it applies also to -any other work released this way by its authors. You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -them if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new -free programs, and that you know you can do these things. - - To protect your rights, we need to prevent others from denying you -these rights or asking you to surrender the rights. Therefore, you have -certain responsibilities if you distribute copies of the software, or if -you modify it: responsibilities to respect the freedom of others. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must pass on to the recipients the same -freedoms that you received. You must make sure that they, too, receive -or can get the source code. And you must show them these terms so they -know their rights. - - Developers that use the GNU GPL protect your rights with two steps: -(1) assert copyright on the software, and (2) offer you this License -giving you legal permission to copy, distribute and/or modify it. - - For the developers' and authors' protection, the GPL clearly explains -that there is no warranty for this free software. For both users' and -authors' sake, the GPL requires that modified versions be marked as -changed, so that their problems will not be attributed erroneously to -authors of previous versions. - - Some devices are designed to deny users access to install or run -modified versions of the software inside them, although the manufacturer -can do so. This is fundamentally incompatible with the aim of -protecting users' freedom to change the software. The systematic -pattern of such abuse occurs in the area of products for individuals to -use, which is precisely where it is most unacceptable. Therefore, we -have designed this version of the GPL to prohibit the practice for those -products. If such problems arise substantially in other domains, we -stand ready to extend this provision to those domains in future versions -of the GPL, as needed to protect the freedom of users. - - Finally, every program is threatened constantly by software patents. -States should not allow patents to restrict development and use of -software on general-purpose computers, but in those that do, we wish to -avoid the special danger that patents applied to a free program could -make it effectively proprietary. To prevent this, the GPL assures that -patents cannot be used to render the program non-free. - - The precise terms and conditions for copying, distribution and -modification follow. - - TERMS AND CONDITIONS - - 0. Definitions. - - "This License" refers to version 3 of the GNU General Public License. - - "Copyright" also means copyright-like laws that apply to other kinds of -works, such as semiconductor masks. - - "The Program" refers to any copyrightable work licensed under this -License. Each licensee is addressed as "you". "Licensees" and -"recipients" may be individuals or organizations. - - To "modify" a work means to copy from or adapt all or part of the work -in a fashion requiring copyright permission, other than the making of an -exact copy. The resulting work is called a "modified version" of the -earlier work or a work "based on" the earlier work. - - A "covered work" means either the unmodified Program or a work based -on the Program. - - To "propagate" a work means to do anything with it that, without -permission, would make you directly or secondarily liable for -infringement under applicable copyright law, except executing it on a -computer or modifying a private copy. Propagation includes copying, -distribution (with or without modification), making available to the -public, and in some countries other activities as well. - - To "convey" a work means any kind of propagation that enables other -parties to make or receive copies. Mere interaction with a user through -a computer network, with no transfer of a copy, is not conveying. - - An interactive user interface displays "Appropriate Legal Notices" -to the extent that it includes a convenient and prominently visible -feature that (1) displays an appropriate copyright notice, and (2) -tells the user that there is no warranty for the work (except to the -extent that warranties are provided), that licensees may convey the -work under this License, and how to view a copy of this License. If -the interface presents a list of user commands or options, such as a -menu, a prominent item in the list meets this criterion. - - 1. Source Code. - - The "source code" for a work means the preferred form of the work -for making modifications to it. "Object code" means any non-source -form of a work. - - A "Standard Interface" means an interface that either is an official -standard defined by a recognized standards body, or, in the case of -interfaces specified for a particular programming language, one that -is widely used among developers working in that language. - - The "System Libraries" of an executable work include anything, other -than the work as a whole, that (a) is included in the normal form of -packaging a Major Component, but which is not part of that Major -Component, and (b) serves only to enable use of the work with that -Major Component, or to implement a Standard Interface for which an -implementation is available to the public in source code form. A -"Major Component", in this context, means a major essential component -(kernel, window system, and so on) of the specific operating system -(if any) on which the executable work runs, or a compiler used to -produce the work, or an object code interpreter used to run it. - - The "Corresponding Source" for a work in object code form means all -the source code needed to generate, install, and (for an executable -work) run the object code and to modify the work, including scripts to -control those activities. However, it does not include the work's -System Libraries, or general-purpose tools or generally available free -programs which are used unmodified in performing those activities but -which are not part of the work. For example, Corresponding Source -includes interface definition files associated with source files for -the work, and the source code for shared libraries and dynamically -linked subprograms that the work is specifically designed to require, -such as by intimate data communication or control flow between those -subprograms and other parts of the work. - - The Corresponding Source need not include anything that users -can regenerate automatically from other parts of the Corresponding -Source. - - The Corresponding Source for a work in source code form is that -same work. - - 2. Basic Permissions. - - All rights granted under this License are granted for the term of -copyright on the Program, and are irrevocable provided the stated -conditions are met. This License explicitly affirms your unlimited -permission to run the unmodified Program. The output from running a -covered work is covered by this License only if the output, given its -content, constitutes a covered work. This License acknowledges your -rights of fair use or other equivalent, as provided by copyright law. - - You may make, run and propagate covered works that you do not -convey, without conditions so long as your license otherwise remains -in force. You may convey covered works to others for the sole purpose -of having them make modifications exclusively for you, or provide you -with facilities for running those works, provided that you comply with -the terms of this License in conveying all material for which you do -not control copyright. Those thus making or running the covered works -for you must do so exclusively on your behalf, under your direction -and control, on terms that prohibit them from making any copies of -your copyrighted material outside their relationship with you. - - Conveying under any other circumstances is permitted solely under -the conditions stated below. Sublicensing is not allowed; section 10 -makes it unnecessary. - - 3. Protecting Users' Legal Rights From Anti-Circumvention Law. - - No covered work shall be deemed part of an effective technological -measure under any applicable law fulfilling obligations under article -11 of the WIPO copyright treaty adopted on 20 December 1996, or -similar laws prohibiting or restricting circumvention of such -measures. - - When you convey a covered work, you waive any legal power to forbid -circumvention of technological measures to the extent such circumvention -is effected by exercising rights under this License with respect to -the covered work, and you disclaim any intention to limit operation or -modification of the work as a means of enforcing, against the work's -users, your or third parties' legal rights to forbid circumvention of -technological measures. - - 4. Conveying Verbatim Copies. - - You may convey verbatim copies of the Program's source code as you -receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice; -keep intact all notices stating that this License and any -non-permissive terms added in accord with section 7 apply to the code; -keep intact all notices of the absence of any warranty; and give all -recipients a copy of this License along with the Program. - - You may charge any price or no price for each copy that you convey, -and you may offer support or warranty protection for a fee. - - 5. Conveying Modified Source Versions. - - You may convey a work based on the Program, or the modifications to -produce it from the Program, in the form of source code under the -terms of section 4, provided that you also meet all of these conditions: - - a) The work must carry prominent notices stating that you modified - it, and giving a relevant date. - - b) The work must carry prominent notices stating that it is - released under this License and any conditions added under section - 7. This requirement modifies the requirement in section 4 to - "keep intact all notices". - - c) You must license the entire work, as a whole, under this - License to anyone who comes into possession of a copy. This - License will therefore apply, along with any applicable section 7 - additional terms, to the whole of the work, and all its parts, - regardless of how they are packaged. This License gives no - permission to license the work in any other way, but it does not - invalidate such permission if you have separately received it. - - d) If the work has interactive user interfaces, each must display - Appropriate Legal Notices; however, if the Program has interactive - interfaces that do not display Appropriate Legal Notices, your - work need not make them do so. - - A compilation of a covered work with other separate and independent -works, which are not by their nature extensions of the covered work, -and which are not combined with it such as to form a larger program, -in or on a volume of a storage or distribution medium, is called an -"aggregate" if the compilation and its resulting copyright are not -used to limit the access or legal rights of the compilation's users -beyond what the individual works permit. Inclusion of a covered work -in an aggregate does not cause this License to apply to the other -parts of the aggregate. - - 6. Conveying Non-Source Forms. - - You may convey a covered work in object code form under the terms -of sections 4 and 5, provided that you also convey the -machine-readable Corresponding Source under the terms of this License, -in one of these ways: - - a) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by the - Corresponding Source fixed on a durable physical medium - customarily used for software interchange. - - b) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by a - written offer, valid for at least three years and valid for as - long as you offer spare parts or customer support for that product - model, to give anyone who possesses the object code either (1) a - copy of the Corresponding Source for all the software in the - product that is covered by this License, on a durable physical - medium customarily used for software interchange, for a price no - more than your reasonable cost of physically performing this - conveying of source, or (2) access to copy the - Corresponding Source from a network server at no charge. - - c) Convey individual copies of the object code with a copy of the - written offer to provide the Corresponding Source. This - alternative is allowed only occasionally and noncommercially, and - only if you received the object code with such an offer, in accord - with subsection 6b. - - d) Convey the object code by offering access from a designated - place (gratis or for a charge), and offer equivalent access to the - Corresponding Source in the same way through the same place at no - further charge. You need not require recipients to copy the - Corresponding Source along with the object code. If the place to - copy the object code is a network server, the Corresponding Source - may be on a different server (operated by you or a third party) - that supports equivalent copying facilities, provided you maintain - clear directions next to the object code saying where to find the - Corresponding Source. Regardless of what server hosts the - Corresponding Source, you remain obligated to ensure that it is - available for as long as needed to satisfy these requirements. - - e) Convey the object code using peer-to-peer transmission, provided - you inform other peers where the object code and Corresponding - Source of the work are being offered to the general public at no - charge under subsection 6d. - - A separable portion of the object code, whose source code is excluded -from the Corresponding Source as a System Library, need not be -included in conveying the object code work. - - A "User Product" is either (1) a "consumer product", which means any -tangible personal property which is normally used for personal, family, -or household purposes, or (2) anything designed or sold for incorporation -into a dwelling. In determining whether a product is a consumer product, -doubtful cases shall be resolved in favor of coverage. For a particular -product received by a particular user, "normally used" refers to a -typical or common use of that class of product, regardless of the status -of the particular user or of the way in which the particular user -actually uses, or expects or is expected to use, the product. A product -is a consumer product regardless of whether the product has substantial -commercial, industrial or non-consumer uses, unless such uses represent -the only significant mode of use of the product. - - "Installation Information" for a User Product means any methods, -procedures, authorization keys, or other information required to install -and execute modified versions of a covered work in that User Product from -a modified version of its Corresponding Source. The information must -suffice to ensure that the continued functioning of the modified object -code is in no case prevented or interfered with solely because -modification has been made. - - If you convey an object code work under this section in, or with, or -specifically for use in, a User Product, and the conveying occurs as -part of a transaction in which the right of possession and use of the -User Product is transferred to the recipient in perpetuity or for a -fixed term (regardless of how the transaction is characterized), the -Corresponding Source conveyed under this section must be accompanied -by the Installation Information. But this requirement does not apply -if neither you nor any third party retains the ability to install -modified object code on the User Product (for example, the work has -been installed in ROM). - - The requirement to provide Installation Information does not include a -requirement to continue to provide support service, warranty, or updates -for a work that has been modified or installed by the recipient, or for -the User Product in which it has been modified or installed. Access to a -network may be denied when the modification itself materially and -adversely affects the operation of the network or violates the rules and -protocols for communication across the network. - - Corresponding Source conveyed, and Installation Information provided, -in accord with this section must be in a format that is publicly -documented (and with an implementation available to the public in -source code form), and must require no special password or key for -unpacking, reading or copying. - - 7. Additional Terms. - - "Additional permissions" are terms that supplement the terms of this -License by making exceptions from one or more of its conditions. -Additional permissions that are applicable to the entire Program shall -be treated as though they were included in this License, to the extent -that they are valid under applicable law. If additional permissions -apply only to part of the Program, that part may be used separately -under those permissions, but the entire Program remains governed by -this License without regard to the additional permissions. - - When you convey a copy of a covered work, you may at your option -remove any additional permissions from that copy, or from any part of -it. (Additional permissions may be written to require their own -removal in certain cases when you modify the work.) You may place -additional permissions on material, added by you to a covered work, -for which you have or can give appropriate copyright permission. - - Notwithstanding any other provision of this License, for material you -add to a covered work, you may (if authorized by the copyright holders of -that material) supplement the terms of this License with terms: - - a) Disclaiming warranty or limiting liability differently from the - terms of sections 15 and 16 of this License; or - - b) Requiring preservation of specified reasonable legal notices or - author attributions in that material or in the Appropriate Legal - Notices displayed by works containing it; or - - c) Prohibiting misrepresentation of the origin of that material, or - requiring that modified versions of such material be marked in - reasonable ways as different from the original version; or - - d) Limiting the use for publicity purposes of names of licensors or - authors of the material; or - - e) Declining to grant rights under trademark law for use of some - trade names, trademarks, or service marks; or - - f) Requiring indemnification of licensors and authors of that - material by anyone who conveys the material (or modified versions of - it) with contractual assumptions of liability to the recipient, for - any liability that these contractual assumptions directly impose on - those licensors and authors. - - All other non-permissive additional terms are considered "further -restrictions" within the meaning of section 10. If the Program as you -received it, or any part of it, contains a notice stating that it is -governed by this License along with a term that is a further -restriction, you may remove that term. If a license document contains -a further restriction but permits relicensing or conveying under this -License, you may add to a covered work material governed by the terms -of that license document, provided that the further restriction does -not survive such relicensing or conveying. - - If you add terms to a covered work in accord with this section, you -must place, in the relevant source files, a statement of the -additional terms that apply to those files, or a notice indicating -where to find the applicable terms. - - Additional terms, permissive or non-permissive, may be stated in the -form of a separately written license, or stated as exceptions; -the above requirements apply either way. - - 8. Termination. - - You may not propagate or modify a covered work except as expressly -provided under this License. Any attempt otherwise to propagate or -modify it is void, and will automatically terminate your rights under -this License (including any patent licenses granted under the third -paragraph of section 11). - - However, if you cease all violation of this License, then your -license from a particular copyright holder is reinstated (a) -provisionally, unless and until the copyright holder explicitly and -finally terminates your license, and (b) permanently, if the copyright -holder fails to notify you of the violation by some reasonable means -prior to 60 days after the cessation. - - Moreover, your license from a particular copyright holder is -reinstated permanently if the copyright holder notifies you of the -violation by some reasonable means, this is the first time you have -received notice of violation of this License (for any work) from that -copyright holder, and you cure the violation prior to 30 days after -your receipt of the notice. - - Termination of your rights under this section does not terminate the -licenses of parties who have received copies or rights from you under -this License. If your rights have been terminated and not permanently -reinstated, you do not qualify to receive new licenses for the same -material under section 10. - - 9. Acceptance Not Required for Having Copies. - - You are not required to accept this License in order to receive or -run a copy of the Program. Ancillary propagation of a covered work -occurring solely as a consequence of using peer-to-peer transmission -to receive a copy likewise does not require acceptance. However, -nothing other than this License grants you permission to propagate or -modify any covered work. These actions infringe copyright if you do -not accept this License. Therefore, by modifying or propagating a -covered work, you indicate your acceptance of this License to do so. - - 10. Automatic Licensing of Downstream Recipients. - - Each time you convey a covered work, the recipient automatically -receives a license from the original licensors, to run, modify and -propagate that work, subject to this License. You are not responsible -for enforcing compliance by third parties with this License. - - An "entity transaction" is a transaction transferring control of an -organization, or substantially all assets of one, or subdividing an -organization, or merging organizations. If propagation of a covered -work results from an entity transaction, each party to that -transaction who receives a copy of the work also receives whatever -licenses to the work the party's predecessor in interest had or could -give under the previous paragraph, plus a right to possession of the -Corresponding Source of the work from the predecessor in interest, if -the predecessor has it or can get it with reasonable efforts. - - You may not impose any further restrictions on the exercise of the -rights granted or affirmed under this License. For example, you may -not impose a license fee, royalty, or other charge for exercise of -rights granted under this License, and you may not initiate litigation -(including a cross-claim or counterclaim in a lawsuit) alleging that -any patent claim is infringed by making, using, selling, offering for -sale, or importing the Program or any portion of it. - - 11. Patents. - - A "contributor" is a copyright holder who authorizes use under this -License of the Program or a work on which the Program is based. The -work thus licensed is called the contributor's "contributor version". - - A contributor's "essential patent claims" are all patent claims -owned or controlled by the contributor, whether already acquired or -hereafter acquired, that would be infringed by some manner, permitted -by this License, of making, using, or selling its contributor version, -but do not include claims that would be infringed only as a -consequence of further modification of the contributor version. For -purposes of this definition, "control" includes the right to grant -patent sublicenses in a manner consistent with the requirements of -this License. - - Each contributor grants you a non-exclusive, worldwide, royalty-free -patent license under the contributor's essential patent claims, to -make, use, sell, offer for sale, import and otherwise run, modify and -propagate the contents of its contributor version. - - In the following three paragraphs, a "patent license" is any express -agreement or commitment, however denominated, not to enforce a patent -(such as an express permission to practice a patent or covenant not to -sue for patent infringement). To "grant" such a patent license to a -party means to make such an agreement or commitment not to enforce a -patent against the party. - - If you convey a covered work, knowingly relying on a patent license, -and the Corresponding Source of the work is not available for anyone -to copy, free of charge and under the terms of this License, through a -publicly available network server or other readily accessible means, -then you must either (1) cause the Corresponding Source to be so -available, or (2) arrange to deprive yourself of the benefit of the -patent license for this particular work, or (3) arrange, in a manner -consistent with the requirements of this License, to extend the patent -license to downstream recipients. "Knowingly relying" means you have -actual knowledge that, but for the patent license, your conveying the -covered work in a country, or your recipient's use of the covered work -in a country, would infringe one or more identifiable patents in that -country that you have reason to believe are valid. - - If, pursuant to or in connection with a single transaction or -arrangement, you convey, or propagate by procuring conveyance of, a -covered work, and grant a patent license to some of the parties -receiving the covered work authorizing them to use, propagate, modify -or convey a specific copy of the covered work, then the patent license -you grant is automatically extended to all recipients of the covered -work and works based on it. - - A patent license is "discriminatory" if it does not include within -the scope of its coverage, prohibits the exercise of, or is -conditioned on the non-exercise of one or more of the rights that are -specifically granted under this License. You may not convey a covered -work if you are a party to an arrangement with a third party that is -in the business of distributing software, under which you make payment -to the third party based on the extent of your activity of conveying -the work, and under which the third party grants, to any of the -parties who would receive the covered work from you, a discriminatory -patent license (a) in connection with copies of the covered work -conveyed by you (or copies made from those copies), or (b) primarily -for and in connection with specific products or compilations that -contain the covered work, unless you entered into that arrangement, -or that patent license was granted, prior to 28 March 2007. - - Nothing in this License shall be construed as excluding or limiting -any implied license or other defenses to infringement that may -otherwise be available to you under applicable patent law. - - 12. No Surrender of Others' Freedom. - - If conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot convey a -covered work so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you may -not convey it at all. For example, if you agree to terms that obligate you -to collect a royalty for further conveying from those to whom you convey -the Program, the only way you could satisfy both those terms and this -License would be to refrain entirely from conveying the Program. - - 13. Use with the GNU Affero General Public License. - - Notwithstanding any other provision of this License, you have -permission to link or combine any covered work with a work licensed -under version 3 of the GNU Affero General Public License into a single -combined work, and to convey the resulting work. The terms of this -License will continue to apply to the part which is the covered work, -but the special requirements of the GNU Affero General Public License, -section 13, concerning interaction through a network will apply to the -combination as such. - - 14. Revised Versions of this License. - - The Free Software Foundation may publish revised and/or new versions of -the GNU General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - - Each version is given a distinguishing version number. If the -Program specifies that a certain numbered version of the GNU General -Public License "or any later version" applies to it, you have the -option of following the terms and conditions either of that numbered -version or of any later version published by the Free Software -Foundation. If the Program does not specify a version number of the -GNU General Public License, you may choose any version ever published -by the Free Software Foundation. - - If the Program specifies that a proxy can decide which future -versions of the GNU General Public License can be used, that proxy's -public statement of acceptance of a version permanently authorizes you -to choose that version for the Program. - - Later license versions may give you additional or different -permissions. However, no additional obligations are imposed on any -author or copyright holder as a result of your choosing to follow a -later version. - - 15. Disclaimer of Warranty. - - THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT -HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY -OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, -THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM -IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF -ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. Limitation of Liability. - - IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS -THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY -GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE -USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF -DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD -PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH DAMAGES. - - 17. Interpretation of Sections 15 and 16. - - If the disclaimer of warranty and limitation of liability provided -above cannot be given local legal effect according to their terms, -reviewing courts shall apply local law that most closely approximates -an absolute waiver of all civil liability in connection with the -Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -state the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . - -Also add information on how to contact you by electronic and paper mail. - - If the program does terminal interaction, make it output a short -notice like this when it starts in an interactive mode: - - Copyright (C) - This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, your program's commands -might be different; for a GUI interface, you would use an "about box". - - You should also get your employer (if you work as a programmer) or school, -if any, to sign a "copyright disclaimer" for the program, if necessary. -For more information on this, and how to apply and follow the GNU GPL, see -. - - The GNU General Public License does not permit incorporating your program -into proprietary programs. If your program is a subroutine library, you -may consider it more useful to permit linking proprietary applications with -the library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. But first, please read -. diff --git a/trivionomicon/README.md b/trivionomicon/README.md deleted file mode 100644 index aced5a2..0000000 --- a/trivionomicon/README.md +++ /dev/null @@ -1,8 +0,0 @@ -### Push: - - git subtree push --prefix=trivionomicon forgejo@git.posixlycorrect.com:deepState/trivionomicon.git master - - -### Pull: - - git subtree pull --prefix=trivionomicon forgejo@git.posixlycorrect.com:deepState/trivionomicon.git master diff --git a/trivionomicon/doctrine/default.nix b/trivionomicon/doctrine/default.nix deleted file mode 100644 index 0d50d49..0000000 --- a/trivionomicon/doctrine/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - lib ? pkgs.lib, - pkgs, - prefix ? "trivium", - namespace ? null, -}: let - doctrine = - { - lib = import ./lib {inherit lib pkgs doctrine;}; - inherit namespace prefix; - } - // lib.optionalAttrs (pkgs != null) { - inherit pkgs; - }; -in - doctrine diff --git a/trivionomicon/doctrine/lib/default.nix b/trivionomicon/doctrine/lib/default.nix deleted file mode 100644 index e2d84b8..0000000 --- a/trivionomicon/doctrine/lib/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - lib, - doctrine, - pkgs, -}: let - close = vars: f: args: - ( - if builtins.isPath f - then import f - else f - ) - (args // vars); - - closeLib = close {inherit lib;}; - closeFull = close {inherit lib pkgs doctrine;}; -in - { - inherit close; - importAll = closeLib ./import-all.nix; - } - // lib.optionalAttrs (doctrine.namespace != null) { - mkModule = closeFull ./mk-module.nix; - } diff --git a/trivionomicon/doctrine/lib/mk-module.nix b/trivionomicon/doctrine/lib/mk-module.nix deleted file mode 100644 index ffbe6bc..0000000 --- a/trivionomicon/doctrine/lib/mk-module.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ - # The first few arguments are implicitly passed by the 'close' helper - lib, - pkgs, - doctrine, - name, - config, - hm ? null, - sys ? null, - options ? null, - requires ? [], - prefix ? doctrine.prefix, - namespace ? doctrine.namespace, - passthru ? {}, -}: let - optionsSet = import options (passthru - // { - inherit config lib pkgs cfg name doctrine; - }); - - configSet = import configFiles.${namespace} (passthru - // { - inherit config lib pkgs doctrine cfg; - }); - - configFiles = lib.filterAttrs (k: v: v != null) { - inherit sys hm; - }; - - cfg = config.${prefix}.${name}; -in { - config = - lib.optionalAttrs (configFiles ? ${namespace}) - (lib.mkIf cfg.enable (lib.mkMerge [ - configSet - { - assertions = - map (dependency: { - assertion = cfg.enable -> config.${prefix}.${dependency}.enable; - message = "${prefix}.${name}.enable requires ${prefix}.${dependency}.enable"; - }) - requires; - } - ])); - - options.${prefix}.${name} = - lib.optionalAttrs (options != null && optionsSet ? ${namespace}) optionsSet.${namespace} - // { - enable = lib.mkEnableOption name; - }; -} diff --git a/trivionomicon/flake.lock b/trivionomicon/flake.lock deleted file mode 100644 index 8730827..0000000 --- a/trivionomicon/flake.lock +++ /dev/null @@ -1,61 +0,0 @@ -{ - "nodes": { - "flake-utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1754292888, - "narHash": "sha256-1ziydHSiDuSnaiPzCQh1mRFBsM2d2yRX9I+5OPGEmIE=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "ce01daebf8489ba97bd1609d185ea276efdeb121", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "root": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/trivionomicon/flake.nix b/trivionomicon/flake.nix deleted file mode 100644 index f2ee049..0000000 --- a/trivionomicon/flake.nix +++ /dev/null @@ -1,218 +0,0 @@ -{ - inputs = { - flake-utils.url = "github:numtide/flake-utils"; - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; - }; - - outputs = { - self, - nixpkgs, - flake-utils, - }: let - mapOverlayOverride = namespace: overlay: final: prev: let - overlayPkgs = overlay final prev; - in - { - "${namespace}" = builtins.removeAttrs overlayPkgs ["override"]; - } - // (overlayPkgs.override or {}); - - doctrineNoPkgs = self.lib.mkDoctrine { - lib = nixpkgs.lib; - pkgs = null; - }; - in - flake-utils.lib.eachDefaultSystem (system: let - pkgs = import nixpkgs {inherit system;}; - in { - formatter = pkgs.alejandra; - - packages = - (import nixpkgs { - inherit system; - overlays = [(mapOverlayOverride doctrineNoPkgs.prefix (import ./pkgs))]; - }).${ - doctrineNoPkgs.prefix - }; - }) - // { - templates = let - system-flake = { - path = ./templates/system-flake; - description = "Opinionated flake for a NixOS system with Home Manager"; - }; - in { - inherit system-flake; - - default = system-flake; - }; - - overlays = let - overlay = mapOverlayOverride doctrineNoPkgs.prefix (import ./pkgs); - in { - default = overlay; - ${doctrineNoPkgs.prefix} = overlay; - }; - - homeManagerModules.default = ./modules; - nixosModules.default = ./modules; - - lib = { - mkDoctrine = import ./doctrine; - - mkSystemFlake = { - flakes, - system, - doctrinePrefix ? null, - formatter ? "alejandra", - paths ? {}, - }: let - mkDoctrine = args: - self.lib.mkDoctrine - (args - // optionalAttrs (doctrinePrefix != null) { - prefix = doctrinePrefix; - }); - - doctrineNoPkgs = mkDoctrine { - lib = nixpkgs.lib; - pkgs = null; - }; - - optionalFlake = name: - if flakes ? "${name}" - then flakes.${name} - else null; - - requireFlake = name: - if flakes ? "${name}" - then flakes.${name} - else throw "Required flake input '${name}' is missing"; - - nur = optionalFlake "nur"; - nixpkgs = requireFlake "nixpkgs"; - unstable = optionalFlake "unstable"; - - home-manager = - if hmSourcePath != null - then requireFlake "home-manager" - else null; - - pathFromSelf = path: builtins.toPath "${flakes.self}" + "/${path}"; - - localOverlayPath = pathFromSelf paths.localOverlay; - nixpkgsConfigPath = pathFromSelf paths.nixpkgsConfig; - nixosSourcePath = pathFromSelf paths.nixosSource; - nixosPlatformsPath = pathFromSelf paths.nixosPlatforms; - hmSourcePath = pathFromSelf paths.hmSource; - hmPlatformsPath = pathFromSelf paths.hmPlatforms; - - pkgs = importPkgs nixpkgs; - - importPkgs = flake: - import flake ({ - inherit system; - - overlays = let - conditions = [ - { - overlay = nur.overlays.default; - condition = nur != null; - } - # NB: Preserve the relative order - { - overlay = self.overlays.default; - condition = true; - } - { - overlay = flakes.self.overlays.default; - condition = true; - } - ]; - in - builtins.map (cond: cond.overlay) (builtins.filter (cond: cond.condition) conditions); - } - // optionalAttrs (paths ? nixpkgsConfig) { - config = import nixpkgsConfigPath {inherit (nixpkgs) lib;}; - }); - - inherit (pkgs) lib; - inherit (nixpkgs.lib) optionalAttrs; # Prevents infinite recursion - inherit (doctrineNoPkgs) prefix; - inherit (doctrineNoPkgs.lib) importAll; - in - { - formatter.${system} = - if formatter == "alejandra" - then pkgs.alejandra - else if formatter == "nixpkgs-fmt" - then pkgs.nixpkgs-fmt - else throw "Unknown formatter: '${formatter}'"; - - packages.${system} = pkgs.${prefix}; - - overlays.default = final: prev: let - overlay = final: prev: - if paths ? localOverlay - then import localOverlayPath {inherit final prev flakes;} - else {}; - in - mapOverlayOverride prefix overlay final prev - // optionalAttrs (unstable != null) { - unstable = importPkgs unstable; - }; - } - // optionalAttrs (paths ? nixosSource) { - nixosConfigurations = let - nixosSystem = {modules}: - lib.makeOverridable nixpkgs.lib.nixosSystem { - inherit modules pkgs system; - - specialArgs = { - inherit flakes; - - doctrine = mkDoctrine { - inherit pkgs; - namespace = "sys"; - }; - }; - }; - - hostConfig = platform: - nixosSystem { - modules = [ - self.nixosModules.default - nixosSourcePath - platform - ]; - }; - in - lib.mapAttrs (_: hostConfig) (importAll {root = nixosPlatformsPath;}); - } - // optionalAttrs (paths ? hmSource) { - homeConfigurations = let - home = name: platform: - home-manager.lib.homeManagerConfiguration { - inherit pkgs; - - extraSpecialArgs = { - inherit flakes; - - doctrine = mkDoctrine { - inherit pkgs; - namespace = "hm"; - }; - }; - - modules = [ - self.homeManagerModules.default - hmSourcePath - platform - ]; - }; - in - lib.mapAttrs home (importAll {root = hmPlatformsPath;}); - }; - }; - }; -} diff --git a/trivionomicon/modules/athena-bccr/default.nix b/trivionomicon/modules/athena-bccr/default.nix deleted file mode 100644 index 93c5660..0000000 --- a/trivionomicon/modules/athena-bccr/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - config, - lib, - pkgs, - doctrine, - ... -}: -doctrine.lib.mkModule { - inherit config; - name = "athena-bccr"; - hm = ./hm.nix; - sys = ./sys.nix; - options = ./options.nix; -} diff --git a/trivionomicon/modules/athena-bccr/hm.nix b/trivionomicon/modules/athena-bccr/hm.nix deleted file mode 100644 index 0678e3c..0000000 --- a/trivionomicon/modules/athena-bccr/hm.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - pkgs, - lib, - cfg, - doctrine, - ... -}: let - athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release}; -in { - home.packages = [ - athena.firmador - (athena.gaudi.override {inherit (cfg) gaudiHash;}) - ]; -} diff --git a/trivionomicon/modules/athena-bccr/options.nix b/trivionomicon/modules/athena-bccr/options.nix deleted file mode 100644 index eb61cf5..0000000 --- a/trivionomicon/modules/athena-bccr/options.nix +++ /dev/null @@ -1,30 +0,0 @@ -{lib, ...}: -with lib.types; { - hm = { - gaudiHash = lib.mkOption { - type = nullOr str; - default = null; - description = "hash of the Gaudi client"; - }; - - release = lib.mkOption { - type = str; - default = "latest"; - description = "pinned athena-bccr release tag"; - }; - }; - - sys = { - group = lib.mkOption { - type = str; - default = "users"; - description = "user group with full access to the smartcard reader"; - }; - - release = lib.mkOption { - type = str; - default = "latest"; - description = "pinned athena-bccr release tag"; - }; - }; -} diff --git a/trivionomicon/modules/athena-bccr/sys.nix b/trivionomicon/modules/athena-bccr/sys.nix deleted file mode 100644 index 631185d..0000000 --- a/trivionomicon/modules/athena-bccr/sys.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - pkgs, - lib, - cfg, - doctrine, - ... -}: let - athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release}; -in { - environment = { - etc = { - "Athena".source = "${athena.ase-pkcs11}/etc/Athena"; - - "pkcs11/modules/asep11".text = '' - module: ${athena.libasep11} - ''; - }; - - systemPackages = [athena.ase-pkcs11]; - }; - - #FIXME: Extremadamente peligroso si BCCR o MICITT caen, investigar política nacional de root CA - security.pki.certificateFiles = ["${athena.bccr-cacerts}/root-ca.pem"]; - - services = { - pcscd.enable = true; - - udev.extraRules = '' - # Athena Smartcard Solutions, Inc. ASEDrive V3CR - ATTRS{idVendor}=="0dc3", ATTRS{idProduct}=="1004", MODE="660", GROUP="${cfg.group}", TAG+="uaccess" - ''; - }; - - users.groups.${cfg.group} = {}; -} diff --git a/trivionomicon/modules/default.nix b/trivionomicon/modules/default.nix deleted file mode 100644 index 0c0fd4c..0000000 --- a/trivionomicon/modules/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -{doctrine, ...}: { - imports = builtins.attrValues (doctrine.lib.importAll {root = ./.;}); -} diff --git a/trivionomicon/modules/laptop/default.nix b/trivionomicon/modules/laptop/default.nix deleted file mode 100644 index b908d47..0000000 --- a/trivionomicon/modules/laptop/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - config, - doctrine, - ... -}: -doctrine.lib.mkModule { - inherit config; - name = "laptop"; - sys = ./sys.nix; -} diff --git a/trivionomicon/modules/laptop/sys.nix b/trivionomicon/modules/laptop/sys.nix deleted file mode 100644 index 252f49c..0000000 --- a/trivionomicon/modules/laptop/sys.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: { - services = { - tlp.enable = lib.mkDefault true; - upower.enable = lib.mkDefault true; - }; -} diff --git a/trivionomicon/modules/nix-registry/default.nix b/trivionomicon/modules/nix-registry/default.nix deleted file mode 100644 index 8406d88..0000000 --- a/trivionomicon/modules/nix-registry/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - config, - lib, - pkgs, - doctrine, - flakes, - ... -}: -doctrine.lib.mkModule { - inherit config; - name = "nix-registry"; - hm = ./hm.nix; - options = ./options.nix; - - passthru = {inherit flakes;}; -} diff --git a/trivionomicon/modules/nix-registry/hm.nix b/trivionomicon/modules/nix-registry/hm.nix deleted file mode 100644 index 1c57e95..0000000 --- a/trivionomicon/modules/nix-registry/hm.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - pkgs, - lib, - cfg, - flakes, - ... -}: let - registryName = name: - if name == "self" - then cfg.renameSelf - else name; - - registryFilter = { - nixpkgs = true; - unstable = true; - self = cfg.renameSelf != null; - }; -in { - nix.registry = - lib.mapAttrs' - (name: value: lib.nameValuePair (registryName name) {flake = value;}) - (lib.filterAttrs (name: _: registryFilter.${name} or cfg.allInputs) flakes); -} diff --git a/trivionomicon/modules/nix-registry/options.nix b/trivionomicon/modules/nix-registry/options.nix deleted file mode 100644 index e8898ec..0000000 --- a/trivionomicon/modules/nix-registry/options.nix +++ /dev/null @@ -1,19 +0,0 @@ -{lib, ...}: -with lib.types; { - hm = { - allInputs = mkOption { - type = bool; - default = default; - description = '' - Include all flake inputs. If false, only 'nixpkgs' and 'unstable' - (if available) will be added to the flake registry by default. - ''; - }; - - renameSelf = mkOption { - type = nullOr str; - default = "self"; - description = "Registry name to use for the 'self' input"; - }; - }; -} diff --git a/trivionomicon/modules/sway/default.nix b/trivionomicon/modules/sway/default.nix deleted file mode 100644 index 9f49e7c..0000000 --- a/trivionomicon/modules/sway/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - config, - lib, - pkgs, - doctrine, - ... -}: -doctrine.lib.mkModule { - inherit config; - name = "sway"; - sys = ./sys.nix; - options = ./options.nix; -} diff --git a/trivionomicon/modules/sway/options.nix b/trivionomicon/modules/sway/options.nix deleted file mode 100644 index e433039..0000000 --- a/trivionomicon/modules/sway/options.nix +++ /dev/null @@ -1,3 +0,0 @@ -{...}: { - sys = {}; -} diff --git a/trivionomicon/modules/sway/sys.nix b/trivionomicon/modules/sway/sys.nix deleted file mode 100644 index 9c8b664..0000000 --- a/trivionomicon/modules/sway/sys.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - services.libinput.enable = true; - hardware.graphics.enable = true; - - xdg.portal = { - enable = true; - wlr.enable = true; - extraPortals = with pkgs; [xdg-desktop-portal-gtk]; - xdgOpenUsePortal = true; - - # warning: xdg-desktop-portal 1.17 reworked how portal implementations are loaded, you - # should either set `xdg.portal.config` or `xdg.portal.configPackages` - # to specify which portal backend to use for the requested interface. - # - # https://github.com/flatpak/xdg-desktop-portal/blob/1.18.1/doc/portals.conf.rst.in - # - # If you simply want to keep the behaviour in < 1.17, which uses the first - # portal implementation found in lexicographical order, use the following: - # - # xdg.portal.config.common.default = "*"; - config.common.default = "*"; - }; - - environment = { - sessionVariables.NIXOS_OZONE_WL = "1"; - - systemPackages = with pkgs; [ - qt5.qtwayland - qt6.qtwayland - ]; - }; - - programs = { - gtklock = { - enable = lib.mkDefault true; - - config = {}; - modules = []; - }; - }; -} diff --git a/trivionomicon/modules/thinkpad/default.nix b/trivionomicon/modules/thinkpad/default.nix deleted file mode 100644 index e210947..0000000 --- a/trivionomicon/modules/thinkpad/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - config, - doctrine, - ... -}: -doctrine.lib.mkModule { - inherit config; - name = "thinkpad"; - sys = ./sys.nix; - requires = ["laptop"]; -} diff --git a/trivionomicon/modules/thinkpad/sys.nix b/trivionomicon/modules/thinkpad/sys.nix deleted file mode 100644 index bc96146..0000000 --- a/trivionomicon/modules/thinkpad/sys.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - # For suspending to RAM to work, set Config -> Power -> Sleep State to "Linux" in EFI. - # See https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_6)#Suspend_issues - # Fingerprint sensor requires a firmware-update to work. - - boot = { - extraModulePackages = with config.boot.kernelPackages; [acpi_call]; - extraModprobeConfig = "options iwlwifi 11n_disable=1 wd_disable=1"; - - # acpi_call makes tlp work for newer thinkpads - kernelModules = ["acpi_call"]; - - # Force use of the thinkpad_acpi driver for backlight control. - # This allows the backlight save/load systemd service to work. - kernelParams = ["acpi_backlight=native"]; - }; - - hardware.firmware = [pkgs.sof-firmware]; - - services = { - fprintd.enable = lib.mkDefault true; - thinkfan.enable = lib.mkDefault true; - tp-auto-kbbl.enable = lib.mkDefault true; - }; -} diff --git a/trivionomicon/modules/yubico/default.nix b/trivionomicon/modules/yubico/default.nix deleted file mode 100644 index 71bed70..0000000 --- a/trivionomicon/modules/yubico/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - config, - lib, - pkgs, - doctrine, - ... -}: -doctrine.lib.mkModule { - inherit config; - name = "yubico"; - hm = ./hm.nix; - sys = ./sys.nix; -} diff --git a/trivionomicon/modules/yubico/hm.nix b/trivionomicon/modules/yubico/hm.nix deleted file mode 100644 index 8d06368..0000000 --- a/trivionomicon/modules/yubico/hm.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - home.packages = [ - pkgs.yubikey-manager - ]; -} diff --git a/trivionomicon/modules/yubico/sys.nix b/trivionomicon/modules/yubico/sys.nix deleted file mode 100644 index 3cd009f..0000000 --- a/trivionomicon/modules/yubico/sys.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - environment.etc."pkcs11/modules/ykcs11".text = '' - module: ${pkgs.yubico-piv-tool}/lib/libykcs11.so - ''; - - services = { - pcscd.enable = true; - udev.packages = [pkgs.yubikey-personalization]; - }; -} diff --git a/trivionomicon/pkgs/athena-bccr/0001-Remove-CheckUpdatePlugin-from-default-list.patch b/trivionomicon/pkgs/athena-bccr/0001-Remove-CheckUpdatePlugin-from-default-list.patch deleted file mode 100644 index e7fc5d5..0000000 --- a/trivionomicon/pkgs/athena-bccr/0001-Remove-CheckUpdatePlugin-from-default-list.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 5e7eb46f46af6a29a2aea19db722ebc28baede25 Mon Sep 17 00:00:00 2001 -From: Alejandro Soto -Date: Sat, 21 Jun 2025 22:37:19 -0600 -Subject: [PATCH] Remove CheckUpdatePlugin from default list - ---- - src/main/java/cr/libre/firmador/Settings.java | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/main/java/cr/libre/firmador/Settings.java b/src/main/java/cr/libre/firmador/Settings.java -index e5ddf01..a028d6e 100644 ---- a/src/main/java/cr/libre/firmador/Settings.java -+++ b/src/main/java/cr/libre/firmador/Settings.java -@@ -81,7 +81,7 @@ public class Settings { - - public Settings() { - activePlugins.add("cr.libre.firmador.plugins.DummyPlugin"); -- activePlugins.add("cr.libre.firmador.plugins.CheckUpdatePlugin"); -+ // activePlugins.add("cr.libre.firmador.plugins.CheckUpdatePlugin"); - availablePlugins.add("cr.libre.firmador.plugins.DummyPlugin"); - availablePlugins.add("cr.libre.firmador.plugins.CheckUpdatePlugin"); - } --- -2.49.0 - diff --git a/trivionomicon/pkgs/athena-bccr/LaunchGaudi.java b/trivionomicon/pkgs/athena-bccr/LaunchGaudi.java deleted file mode 100644 index e4bcdbf..0000000 --- a/trivionomicon/pkgs/athena-bccr/LaunchGaudi.java +++ /dev/null @@ -1,12 +0,0 @@ -// Los del BCCR no se molestaron en ponerle un main al Agente Gaudi porque el -// actualizador (que a su vez sí tiene main) carga el jar en memoria y crea una -// instancia de Inicializador usando reflexión. El actualizador no es relevante -// en Nix. En todo caso, dicho actualizador es sumamente frágil y me daría -// demasiada pereza arreglarlo, así que en su lugar usamos este stub para -// launchear Gaudi. - -public class LaunchGaudi { - public static void main(String[] args) { - new InicializadorCliente.Inicializador(""); - } -} diff --git a/trivionomicon/pkgs/athena-bccr/default.nix b/trivionomicon/pkgs/athena-bccr/default.nix deleted file mode 100644 index a5f79ca..0000000 --- a/trivionomicon/pkgs/athena-bccr/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - callPackage, - lib, -}: let - latest = "deb64-rev26"; - - releases = lib.mapAttrs (name: release: release // {name = name;}) (import ./releases.nix); - - overrideUnwrapped = default: new: let - args = default // new; - unwrappedPkgs = lib.filterAttrs (name: _: ! lib.elem name ["override" "overrideDerivation"]) (callPackage ./unwrapped.nix args); - in - lib.fix (unwrapped: lib.mapAttrs (_: pkg: callPackage pkg unwrapped) unwrappedPkgs) - // { - override = overrideUnwrapped args; - }; - - pkgsForRelease = release: let - ase-pkcs11 = unwrapped.ase-idprotect.lib; - libasep11 = "${ase-pkcs11}/lib/x64-athena/libASEP11.so"; - unwrapped = overrideUnwrapped {inherit release;} {}; - in { - inherit ase-pkcs11 libasep11; - inherit (unwrapped) ase-idprotect bccr-cacerts; - - gaudi = callPackage ./gaudi-env.nix {inherit unwrapped;}; - firmador = callPackage ./firmador.nix {inherit libasep11;}; - }; -in - lib.mapAttrs (_: pkgsForRelease) (releases // {latest = releases.${latest};}) diff --git a/trivionomicon/pkgs/athena-bccr/firmador.nix b/trivionomicon/pkgs/athena-bccr/firmador.nix deleted file mode 100644 index d280b56..0000000 --- a/trivionomicon/pkgs/athena-bccr/firmador.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - fetchgit, - lib, - makeWrapper, - maven, - openjdk, - wrapGAppsHook, - libasep11 ? null, -}: let - jdk = openjdk.override { - enableJavaFX = true; - }; - - version = "1.9.8"; -in - maven.buildMavenPackage { - pname = "firmador"; - inherit version; - - src = fetchgit { - url = "https://codeberg.org/firmador/firmador"; - rev = version; - hash = "sha256-xdiVPjihRADPK4nG+WQHWsDzVYLCeN6ouQ6SDtjf1qQ="; - }; - - patches = [ - ./0001-Remove-CheckUpdatePlugin-from-default-list.patch - ]; - - mvnHash = "sha256-h1zoStTgaE7toWWKq0Y0ahOORyltChwjmaMYjLgs1VE="; - - nativeBuildInputs = [ - makeWrapper - wrapGAppsHook - ]; - - postPatch = lib.optionalString (libasep11 != null) '' - sed -i 's@/usr/lib/x64-athena/libASEP11.so@${libasep11}@g' src/main/java/cr/libre/firmador/CRSigner.java - ''; - - installPhase = '' - runHook preInstall - - mkdir -p $out/bin $out/share/java - install -Dm644 target/firmador.jar $out/share/java - - makeWrapper ${jdk}/bin/java $out/bin/firmador \ - --add-flags "-jar $out/share/java/firmador.jar" - - runHook postInstall - ''; - - meta = { - homepage = "https://firmador.libre.cr"; - license = lib.licenses.gpl3Plus; - }; - } diff --git a/trivionomicon/pkgs/athena-bccr/gaudi-env.nix b/trivionomicon/pkgs/athena-bccr/gaudi-env.nix deleted file mode 100644 index 0ca1b82..0000000 --- a/trivionomicon/pkgs/athena-bccr/gaudi-env.nix +++ /dev/null @@ -1,62 +0,0 @@ -{ - buildFHSEnv, - curl, - lib, - writeShellScriptBin, - gaudiHash ? null, - unwrapped, -}: let - unwrappedWithGaudi = unwrapped.override {inherit gaudiHash;}; -in - buildFHSEnv { - name = "gaudi"; - - targetPkgs = pkgs: [ - unwrappedWithGaudi.ase-idprotect.lib - unwrappedWithGaudi.gaudi - - (writeShellScriptBin "launch-gaudi" '' - set -o errexit - set -o pipefail - set -o nounset - - PATH="${lib.makeBinPath [curl]}:$PATH" - - echo "$0: testing for incompatible releases..." >&2 - - jar_name=bccr-firma-fva-clienteMultiplataforma.jar - url="https://www.firmadigital.go.cr/Bccr.Firma.Fva.Actualizador.ClienteFirmadorJava//recursosLiberica17/actualizador/$jar_name" - ca_file="${unwrappedWithGaudi.bccr-cacerts}/root-ca.pem" - url_hash=$(curl -sS --cacert "$ca_file" "$url" | sha256sum | cut -d' ' -f1) - jar_path="${unwrappedWithGaudi.gaudi}/share/java/$jar_name" - jar_hash=$(sha256sum "$jar_path" | cut -d' ' -f1) - - if [ "$url_hash" != "$jar_hash" ]; then - last_modified=$(curl -sS --head --cacert "$ca_file" "$url" | grep -i '^last-modified:' | head -1) - - echo "$0: sha256 mismatch for $jar_path due to server-side update" >&2 - echo "$0: expected: $url_hash" >&2 - echo "$0: actual: $jar_hash" >&2 - echo "$0: $last_modified" >&2 - echo "$0: run the following to download the new client JAR, then update your derivation:" >&2 - echo "$0: \$ ${unwrappedWithGaudi.update-gaudi}" >&2 - - exit 1 - fi - - cache_path_1="''${XDG_CACHE_HOME:-$HOME/.cache}/Agente-GAUDI" - cache_path_2="''${XDG_CACHE_HOME:-$HOME/.cache}/Firmador-BCCR" - - for cache_path in "$cache_path_1" "$cache_path_2"; do - mkdir -p "$cache_path" - ln -sf -- ${unwrappedWithGaudi.gaudi}/share/java/bccr-firma-fva-clienteMultiplataforma.jar "$cache_path" - done - - cp -f --no-preserve=mode -t "$cache_path_1" -- "${unwrappedWithGaudi.gaudi}/share/java/config.properties" - - exec gaudi - '') - ]; - - runScript = "launch-gaudi"; - } diff --git a/trivionomicon/pkgs/athena-bccr/releases.nix b/trivionomicon/pkgs/athena-bccr/releases.nix deleted file mode 100644 index e965172..0000000 --- a/trivionomicon/pkgs/athena-bccr/releases.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - "deb64-rev26" = { - # nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum sfd_ClientesLinux_DEB64_Rev26.zip | cut -d' ' -f1) - hash = "sha256-ZPWP9TqJQ5coJAPzUSiaXKVItBWlqFM4smCjOf+gqQM="; - basename = "sfd_ClientesLinux_DEB64_Rev26"; - - srcPaths = { - gaudi = "Firma Digital/Agente GAUDI/agente-gaudi_20.0_amd64.deb"; - idprotect = "Firma Digital/PinTool/IDProtect PINTool 7.24.02/DEB/idprotectclient_7.24.02-0_amd64.deb"; - }; - }; -} diff --git a/trivionomicon/pkgs/athena-bccr/unwrapped.nix b/trivionomicon/pkgs/athena-bccr/unwrapped.nix deleted file mode 100644 index d6f3f38..0000000 --- a/trivionomicon/pkgs/athena-bccr/unwrapped.nix +++ /dev/null @@ -1,226 +0,0 @@ -{ - lib, - requireFile, - release, - gaudiHash ? null, - ... -}: let - inherit (release) srcPaths; - - src = requireFile { - url = "https://soportefirmadigital.com"; - name = "${release.basename}.zip"; - - inherit (release) hash; - }; - - gaudiUpdateSrc = {update-gaudi}: - requireFile { - url = "${update-gaudi}"; - name = "gaudi-update-${release.name}.zip"; - - hash = gaudiHash; - }; - - moduleFromDeb = name: args @ { - stdenv, - dpkg, - unzip, - srcPath, - ... - }: - stdenv.mkDerivation ({ - pname = "${name}-unwrapped"; - version = release.name; - - inherit src; - - nativeBuildInputs = [dpkg unzip] ++ (args.nativeBuildInputs or []); - - postUnpack = '' - dpkg -x ${lib.escapeShellArg "${release.basename}/${srcPath}"} ${lib.escapeShellArg release.basename} - ''; - } - // lib.removeAttrs args ["stdenv" "dpkg" "unzip" "srcPath" "nativeBuildInputs"]); -in { - ase-idprotect = { - autoPatchelfHook, - dpkg, - fontconfig, - freetype, - pcsclite, - stdenv, - unzip, - xorg, - zlib, - ... - }: - moduleFromDeb "ase-idprotect" { - inherit dpkg stdenv unzip; - srcPath = srcPaths.idprotect; - - buildInputs = [ - fontconfig - freetype - pcsclite - stdenv.cc.cc.lib - xorg.libX11 - xorg.libXext - zlib - ]; - - nativeBuildInputs = [ - autoPatchelfHook - ]; - - outputs = ["out" "lib"]; - - installPhase = '' - runHook preInstall - - install -m755 -d $out/bin $lib/{etc,lib/x64-athena} - install -m755 usr/bin/IDProtect{_Manager,PINTool} $out/bin/ - install -m755 usr/lib/x64-athena/* $lib/lib/x64-athena - cp -r etc/Athena $lib/etc/Athena - - runHook postInstall - ''; - - preFixup = '' - patchelf --set-rpath $lib/lib/x64-athena $out/bin/* - ''; - }; - - gaudi = { - autoPatchelfHook, - dpkg, - makeWrapper, - openjdk, - pkgs, - stdenv, - unzip, - writeShellScriptBin, - update-gaudi, - ... - }: let - jdk = openjdk.override { - enableJavaFX = true; - openjfx_jdk = pkgs."openjfx${lib.head (lib.splitString "." openjdk.version)}".override {withWebKit = true;}; - }; - - fakeSudo = writeShellScriptBin "sudo" ""; - gaudiUpdate = gaudiUpdateSrc {inherit update-gaudi;}; - in - moduleFromDeb "gaudi" { - inherit dpkg stdenv unzip; - srcPath = srcPaths.gaudi; - - nativeBuildInputs = [ - autoPatchelfHook - jdk - makeWrapper - ]; - - preBuild = lib.optionalString (gaudiHash != null) '' - unzip -o ${gaudiUpdate} -d opt/Agente-GAUDI/lib/app - ''; - - buildPhase = '' - runHook preBuild - - install -m755 -d $out/{bin,opt/Firmador-BCCR/lib} - cp -r opt/Agente-GAUDI/lib/app $out/opt/Firmador-BCCR/lib/app - - # Preserves the original filename and avoids -LaunchGaudi.java - ln -s ${./LaunchGaudi.java} LaunchGaudi.java - - javac \ - -cp opt/Agente-GAUDI/lib/app/bccr-firma-fva-clienteMultiplataforma.jar \ - -d $out/opt/Firmador-BCCR/lib/app \ - LaunchGaudi.java - - runHook postBuild - ''; - - installPhase = '' - runHook preInstall - - install -m755 -d $out/{share,opt/Firmador-BCCR/lib/runtime/lib} - install -m755 -D opt/Agente-GAUDI/bin/Agente-GAUDI $out/opt/Firmador-BCCR/bin/Agente-GAUDI - install -m755 -D opt/Agente-GAUDI/lib/libapplauncher.so $out/opt/Firmador-BCCR/lib/libapplauncher.so - - ln -s ../opt/Firmador-BCCR/lib/app $out/share/java - ln -s Firmador-BCCR $out/opt/Agente-GAUDI - ln -s ${jdk}/lib/openjdk/lib/libjli.so $out/opt/Firmador-BCCR/lib/runtime/lib/libjli.so - - makeWrapper ${jdk}/bin/java $out/bin/gaudi \ - --prefix PATH : ${fakeSudo}/bin \ - --add-flags "-cp $out/share/java:$out/share/java/bccr-firma-fva-clienteMultiplataforma.jar" \ - --add-flags "-Djavax.net.ssl.trustStore=$out/opt/Firmador-BCCR/lib/app/bccr.cacerts" \ - --add-flags "LaunchGaudi" - - runHook postInstall - ''; - }; - - bccr-cacerts = { - openssl, - stdenv, - unzip, - ... - }: - stdenv.mkDerivation { - pname = "bccr-cacerts"; - version = release.name; - - inherit src; - - nativeBuildInputs = [ - openssl - unzip - ]; - - installPhase = '' - cp -r Firma\ Digital/Certificados $out - openssl x509 -in $out/CA\ RAIZ\ NACIONAL\ -\ COSTA\ RICA\ v2.crt -out $out/root-ca.pem -text - ''; - }; - - update-gaudi = { - wget, - writeShellScript, - zip, - bccr-cacerts, - ... - }: - writeShellScript "update-gaudi" '' - set -o errexit - set -o pipefail - set -o nounset - - temp_dir="$(mktemp -d)" - trap 'cd / && rm -rf -- "$temp_dir"' EXIT - cd "$temp_dir" - - PATH="${lib.makeBinPath [wget zip]}:$PATH" - ca_cert="${bccr-cacerts}/root-ca.pem" - base_url="https://www.firmadigital.go.cr/Bccr.Firma.Fva.Actualizador.ClienteFirmadorJava//recursosLiberica17/actualizador" - - wget --ca-certificate="$ca_cert" "$base_url/bccr.cacerts" - wget --ca-certificate="$ca_cert" "$base_url/config.properties" - wget --ca-certificate="$ca_cert" "$base_url/bccr-firma-fva-clienteMultiplataforma.jar" - wget --ca-certificate="$ca_cert" "$base_url/ServicioActualizadorClienteBCCR.jar" - - # https://gist.github.com/stokito/c588b8d6a6a0aee211393d68eea678f2 - TZ=UTC find . -exec touch --no-dereference -a -m -t 198002010000.00 {} + - zip_path="$PWD/gaudi-update-${release.name}.zip" - TZ=UTC zip -q --move --recurse-paths --symlinks -X "$zip_path" . - TZ=UTC touch -a -m -t 198002010000.00 "$zip_path" - - set -x - nix-store --add-fixed sha256 "$zip_path" - set +x - - echo -e "\ngaudiHash: $(nix-hash --to-sri --type sha256 $(sha256sum "$zip_path" | cut -d' ' -f1))" - ''; -} diff --git a/trivionomicon/pkgs/default.nix b/trivionomicon/pkgs/default.nix deleted file mode 100644 index 484ca77..0000000 --- a/trivionomicon/pkgs/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -final: prev: -with prev.lib; let - inherit (final) callPackage; -in { - override = {}; - - athena-bccr = callPackage ./athena-bccr {}; - spliit = callPackage ./spliit {}; -} diff --git a/trivionomicon/pkgs/spliit/default.nix b/trivionomicon/pkgs/spliit/default.nix deleted file mode 100644 index 280e820..0000000 --- a/trivionomicon/pkgs/spliit/default.nix +++ /dev/null @@ -1,76 +0,0 @@ -{ - buildNpmPackage, - fetchFromGitHub, - nodePackages, - lib, - writeShellScriptBin, - pkgs, -}: let - schemaEngine = "${pkgs.prisma-engines}/bin/schema-engine"; - queryEngineBin = "${pkgs.prisma-engines}/bin/query-engine"; - queryEngineLib = "${pkgs.prisma-engines}/lib/libquery_engine.node"; - buildFlags = ["--ignore-scripts"]; -in - buildNpmPackage { - pname = "spliit2"; - version = "master-20250420"; - - src = fetchFromGitHub { - repo = "spliit"; - owner = "spliit-app"; - - rev = "a11efc79c13298c0d282e47496d132538752405f"; - hash = "sha256-v4gaPzLzBbbqw/LDYxe1fiyficcrqcGOop23YPiTrdc="; - }; - - npmDepsHash = "sha256-sd0/7ruNUFxUKTeTwx/v8Vc/G3llkXP6RSDE78h3qVU="; - - nativeBuildInputs = [pkgs.openssl]; - - npmRebuildFlags = buildFlags; - - PRISMA_SCHEMA_ENGINE_BINARY = schemaEngine; - PRISMA_QUERY_ENGINE_BINARY = queryEngineBin; - PRISMA_QUERY_ENGINE_LIBRARY = queryEngineLib; - - preBuild = '' - cp -v scripts/build.env .env - - npx prisma generate - ''; - - npmBuildFlags = buildFlags; - - postInstall = '' - cp -r .next public package.json next.config.mjs $out/lib/node_modules/spliit2 - - install -Dvm755 -t $out/bin ${lib.getExe (writeShellScriptBin "spliit2" '' - set -euxo pipefail - - cd @out@/lib/node_modules/spliit2 - - export PATH="$PWD/node_modules/.bin:$PATH" - export NEXT_TELEMETRY_DISABLED=1 - - export PRISMA_SCHEMA_ENGINE_BINARY="${schemaEngine}" - export PRISMA_QUERY_ENGINE_BINARY="${queryEngineBin}" - export PRISMA_QUERY_ENGINE_LIBRARY="${queryEngineLib}" - - prisma migrate deploy - next start - '')} - - substituteInPlace $out/bin/spliit2 \ - --replace @out@ $out - - wrapProgram $out/bin/spliit2 \ - --prefix PATH : ${lib.makeBinPath [pkgs.openssl]} - ''; - - meta = { - description = "Free and Open Source Alternative to Splitwise. Share expenses with your friends and family."; - homepage = "https://spliit.app"; - license = lib.licenses.mit; - maintainers = with lib.maintainers; []; - }; - } diff --git a/trivionomicon/templates/system-flake/.gitignore b/trivionomicon/templates/system-flake/.gitignore deleted file mode 100644 index 21f979d..0000000 --- a/trivionomicon/templates/system-flake/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -!**/.keep -result -flake.lock diff --git a/trivionomicon/templates/system-flake/flake.nix b/trivionomicon/templates/system-flake/flake.nix deleted file mode 100644 index 6afe06f..0000000 --- a/trivionomicon/templates/system-flake/flake.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; - unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - - home-manager = { - url = "github:nix-community/home-manager/release-24.11"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - trivium = { - url = "git+https://git.posixlycorrect.com/deepState/trivionomicon.git"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - }; - - outputs = flakes @ { - self, - nixpkgs, - unstable, - home-manager, - trivium, - }: - trivium.lib.mkSystemFlake { - system = "x86_64-linux"; - inherit flakes; - }; -} diff --git a/trivionomicon/templates/system-flake/home/default.nix b/trivionomicon/templates/system-flake/home/default.nix deleted file mode 100644 index 49439c7..0000000 --- a/trivionomicon/templates/system-flake/home/default.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ - config, - pkgs, - ... -}: { - # This value determines the Home Manager release that your configuration is - # compatible with. This helps avoid breakage when a new Home Manager release - # introduces backwards incompatible changes. - # - # You should not change this value, even if you update Home Manager. If you do - # want to update the value, then make sure to first check the Home Manager - # release notes. - home.stateVersion = "24.11"; # Please read the comment before changing. - - # The home.packages option allows you to install Nix packages into your - # environment. - home.packages = [ - # # Adds the 'hello' command to your environment. It prints a friendly - # # "Hello, world!" when run. - # pkgs.hello - - # # It is sometimes useful to fine-tune packages, for example, by applying - # # overrides. You can do that directly here, just don't forget the - # # parentheses. Maybe you want to install Nerd Fonts with a limited number of - # # fonts? - # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) - - # # You can also create simple shell scripts directly inside your - # # configuration. For example, this adds a command 'my-hello' to your - # # environment: - # (pkgs.writeShellScriptBin "my-hello" '' - # echo "Hello, ${config.home.username}!" - # '') - ]; - - # Home Manager is pretty good at managing dotfiles. The primary way to manage - # plain files is through 'home.file'. - home.file = { - # # Building this configuration will create a copy of 'dotfiles/screenrc' in - # # the Nix store. Activating the configuration will then make '~/.screenrc' a - # # symlink to the Nix store copy. - # ".screenrc".source = dotfiles/screenrc; - - # # You can also set the file content immediately. - # ".gradle/gradle.properties".text = '' - # org.gradle.console=verbose - # org.gradle.daemon.idletimeout=3600000 - # ''; - }; - - # Home Manager can also manage your environment variables through - # 'home.sessionVariables'. These will be explicitly sourced when using a - # shell provided by Home Manager. If you don't want to manage your shell - # through Home Manager then you have to manually source 'hm-session-vars.sh' - # located at either - # - # ~/.nix-profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # /etc/profiles/per-user//etc/profile.d/hm-session-vars.sh - # - home.sessionVariables = { - # EDITOR = "emacs"; - }; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; -} diff --git a/trivionomicon/templates/system-flake/home/platform/me@foo/default.nix b/trivionomicon/templates/system-flake/home/platform/me@foo/default.nix deleted file mode 100644 index 6481e85..0000000 --- a/trivionomicon/templates/system-flake/home/platform/me@foo/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - config, - pkgs, - ... -}: { - # Home Manager needs a bit of information about you and the paths it should - # manage. - home.username = "ale"; - home.homeDirectory = "/home/ale"; -} diff --git a/trivionomicon/templates/system-flake/pkgs/config/default.nix b/trivionomicon/templates/system-flake/pkgs/config/default.nix deleted file mode 100644 index 47abe76..0000000 --- a/trivionomicon/templates/system-flake/pkgs/config/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{lib}: -with lib; { - android_sdk.accept_license = true; - allowUnfreePredicate = pkg: import ./unfree.nix lib (getName pkg); -} diff --git a/trivionomicon/templates/system-flake/pkgs/config/unfree.nix b/trivionomicon/templates/system-flake/pkgs/config/unfree.nix deleted file mode 100644 index deda971..0000000 --- a/trivionomicon/templates/system-flake/pkgs/config/unfree.nix +++ /dev/null @@ -1,7 +0,0 @@ -lib: name: -with lib; - elem name [ - "libproprietary-v3" - "closed-source-pkg" - "favorite-abandonware" - ] diff --git a/trivionomicon/templates/system-flake/pkgs/default.nix b/trivionomicon/templates/system-flake/pkgs/default.nix deleted file mode 100644 index 78a86d4..0000000 --- a/trivionomicon/templates/system-flake/pkgs/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -final: prev: -with prev.lib; let - inherit (final) callPackage fetchpatch; -in { - lib = callPackage ./lib {}; - - hello-world = callPackage ./hello-world {}; - - override = { - sl = prev.sl.overrideAttrs {pname = "my-sl";}; - }; -} diff --git a/trivionomicon/templates/system-flake/pkgs/hello-world/Makefile b/trivionomicon/templates/system-flake/pkgs/hello-world/Makefile deleted file mode 100644 index 4eef056..0000000 --- a/trivionomicon/templates/system-flake/pkgs/hello-world/Makefile +++ /dev/null @@ -1,6 +0,0 @@ -CFLAGS += -O3 -s - -all: hello-world - -%: %.c - $(CC) $(CFLAGS) -o $@ $< diff --git a/trivionomicon/templates/system-flake/pkgs/hello-world/default.nix b/trivionomicon/templates/system-flake/pkgs/hello-world/default.nix deleted file mode 100644 index 19047a1..0000000 --- a/trivionomicon/templates/system-flake/pkgs/hello-world/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{stdenv, ...}: -stdenv.mkDerivation { - name = "hello-world"; - version = "1.0.0"; - - src = ./.; - - installPhase = '' - mkdir -p $out/bin - cp hello-world $out/bin - ''; - - meta.mainProgram = "hello-world"; -} diff --git a/trivionomicon/templates/system-flake/pkgs/hello-world/hello-world.c b/trivionomicon/templates/system-flake/pkgs/hello-world/hello-world.c deleted file mode 100644 index d6cfa6b..0000000 --- a/trivionomicon/templates/system-flake/pkgs/hello-world/hello-world.c +++ /dev/null @@ -1,7 +0,0 @@ -#include - -int main() -{ - printf("Hello, world!\n"); - return 0; -} diff --git a/trivionomicon/templates/system-flake/pkgs/lib/default.nix b/trivionomicon/templates/system-flake/pkgs/lib/default.nix deleted file mode 100644 index ab54163..0000000 --- a/trivionomicon/templates/system-flake/pkgs/lib/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -{callPackage}: { - fibonacci = callPackage ./fibonacci.nix {}; -} diff --git a/trivionomicon/templates/system-flake/pkgs/lib/fibonacci.nix b/trivionomicon/templates/system-flake/pkgs/lib/fibonacci.nix deleted file mode 100644 index a12576b..0000000 --- a/trivionomicon/templates/system-flake/pkgs/lib/fibonacci.nix +++ /dev/null @@ -1,7 +0,0 @@ -let - fib = n: - if n > 1 - then fib (n - 1) + fib (n - 2) - else 1; -in - fib diff --git a/trivionomicon/templates/system-flake/sys/default.nix b/trivionomicon/templates/system-flake/sys/default.nix deleted file mode 100644 index fa0f994..0000000 --- a/trivionomicon/templates/system-flake/sys/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{pkgs, ...}: { - # Let 'nixos-version --json' know about the Git revision - # of this flake. - system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev; - - # Network configuration. - networking.firewall.allowedTCPPorts = [80]; - - # Enable a web server. - services.httpd = { - enable = true; - adminAddr = "morty@example.org"; - }; -} diff --git a/trivionomicon/templates/system-flake/sys/platform/foo/default.nix b/trivionomicon/templates/system-flake/sys/platform/foo/default.nix deleted file mode 100644 index ef84269..0000000 --- a/trivionomicon/templates/system-flake/sys/platform/foo/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{pkgs, ...}: { - boot.isContainer = true; - - # Network configuration. - networking.useDHCP = false; -}