summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPreston Pan <ret2pop@gmail.com>2025-09-12 19:32:06 -0700
committerPreston Pan <ret2pop@gmail.com>2025-09-12 19:32:06 -0700
commitcae70df061d9fc4f33a2da66a21c86eb3eb1fa3b (patch)
treebaa5edf5af062f3a28647f318165d196b0b7093d
parentc15492d8aa38b7125dc6574c08f6a765aad44fcb (diff)
update before new lock file, working on VPS
Diffstat
-rw-r--r--.env3
-rw-r--r--.gitignore3
-rw-r--r--QWEN.md6
-rw-r--r--config/emacs.el22
-rw-r--r--config/emacs.org31
-rw-r--r--config/nix.org181
-rw-r--r--journal/index.org22
-rw-r--r--nix/disko/btrfs-simple.nix47
-rw-r--r--nix/flake.lock30
-rw-r--r--nix/modules/conduit.nix2
-rw-r--r--nix/modules/configuration.nix2
-rw-r--r--nix/modules/home/git.nix5
-rw-r--r--nix/modules/home/user.nix39
-rw-r--r--nix/modules/home/zsh.nix3
-rw-r--r--nix/modules/maddy.nix2
-rw-r--r--nix/modules/vars.nix7
-rw-r--r--nix/modules/znc.nix2
-rw-r--r--nix/systems/spontaneity/default.nix6
18 files changed, 353 insertions, 60 deletions
diff --git a/.env b/.env
index aef133e..589055a 100644
--- a/.env
+++ b/.env
@@ -1,3 +1,4 @@
OPENAI_API_KEY=nothing
OPENAI_BASE_URL="http://localhost:11434/v1"
-OPENAI_MODEL=qwen3-coder-noloop:latest
+OPENAI_MODEL=renchris/qwen3-coder:30b-gguf-unsloth
+TAVILY_API_KEY=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
diff --git a/.gitignore b/.gitignore
index b836c13..dff3927 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
./website/**
-nix/result \ No newline at end of file
+nix/result
+.env
diff --git a/QWEN.md b/QWEN.md
new file mode 100644
index 0000000..08c0605
--- /dev/null
+++ b/QWEN.md
@@ -0,0 +1,6 @@
+* Git Branch
+The main branch for this repo is `main`.
+* Updating
+When testing if the NixOS configuration builds, test with command `eval `
+* Project
+This project mainly deals with nix files and elisp. Otherwise it is emacs org mode.
diff --git a/config/emacs.el b/config/emacs.el
index 8cb788e..7aa4517 100644
--- a/config/emacs.el
+++ b/config/emacs.el
@@ -187,6 +187,18 @@
:config
(lyrics-fetcher-use-backend 'genius))
+(defun insert-urandom-password (&optional length)
+ (interactive "P")
+ (let ((length (or length 32))
+ (chars "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_=+[]{};:,.<>?"))
+ (insert
+ (with-temp-buffer
+ (call-process "head" nil t nil "-c" (number-to-string length) "/dev/urandom")
+ (let ((bytes (buffer-string)))
+ (mapconcat (lambda (c)
+ (string (elt chars (mod (string-to-char (char-to-string c)) (length chars)))))
+ bytes ""))))))
+
(use-package org-fragtog :hook (org-mode . org-fragtog-mode))
(use-package yasnippet
@@ -415,12 +427,12 @@
;; Programming Projects
"." '(counsel-find-file :wk "find file")
- "p I" '(projectile-add-known-project :wk "Add to project list")
+ "p a" '(projectile-add-known-project :wk "Add to project list")
"N f" '(nix-flake :wk "nix flake menu")
"f" '(:ignore t :wk "file operations")
"f p" '(projectile-switch-project :wk "find project to switch to")
- "f f" '(projectile-find-file :wk "find file in project")
+ "f f" '(counsel-fzf :wk "find file in project")
"f s" '(counsel-rg :wk "find string in project")
"y n s" '(yas-new-snippet :wk "Create new snippet")
@@ -468,6 +480,7 @@
"h m" '(woman :wk "Manual")
"h i" '(info :wk "Info")
+ "s i p" '(insert-urandom-password :wk "insert random password to buffer (for sops)")
"u w" '((lambda () (interactive) (shell-command "rsync -azvP ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/")) :wk "rsync website update")
"h r r" '(lambda () (interactive) (org-babel-load-file (expand-file-name "~/monorepo/config/emacs.org")))))
@@ -631,3 +644,8 @@
(add-to-list 'emms-info-functions 'emms-info-mpd)
(add-to-list 'emms-player-list 'emms-player-mpd)
:config (emms-player-mpd-connect))
+
+(use-package lean4-mode
+ :commands lean4-mode
+ :vc (:url "https://github.com/leanprover-community/lean4-mode.git"
+ :rev "76895d8939111654a472cfc617cfd43fbf5f1eb6"))
diff --git a/config/emacs.org b/config/emacs.org
index 609873f..c4bb4d9 100644
--- a/config/emacs.org
+++ b/config/emacs.org
@@ -234,6 +234,21 @@ This currently doesn't work I'm pretty sure, but it's supposed to fetch lyrics f
:config
(lyrics-fetcher-use-backend 'genius))
#+end_src
+* Passwords
+This is a function that inserts a random password into the buffer. I use this to manage sops-nix.
+#+begin_src emacs-lisp
+ (defun insert-urandom-password (&optional length)
+ (interactive "P")
+ (let ((length (or length 32))
+ (chars "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_=+[]{};:,.<>?"))
+ (insert
+ (with-temp-buffer
+ (call-process "head" nil t nil "-c" (number-to-string length) "/dev/urandom")
+ (let ((bytes (buffer-string)))
+ (mapconcat (lambda (c)
+ (string (elt chars (mod (string-to-char (char-to-string c)) (length chars)))))
+ bytes ""))))))
+#+end_src
* Fragtog
This package is used to generate previews automatically when your cursor hovers over a latex
snippet.
@@ -521,12 +536,12 @@ emacs keybindings.
;; Programming Projects
"." '(counsel-find-file :wk "find file")
- "p I" '(projectile-add-known-project :wk "Add to project list")
+ "p a" '(projectile-add-known-project :wk "Add to project list")
"N f" '(nix-flake :wk "nix flake menu")
"f" '(:ignore t :wk "file operations")
"f p" '(projectile-switch-project :wk "find project to switch to")
- "f f" '(projectile-find-file :wk "find file in project")
+ "f f" '(counsel-fzf :wk "find file in project")
"f s" '(counsel-rg :wk "find string in project")
"y n s" '(yas-new-snippet :wk "Create new snippet")
@@ -574,6 +589,7 @@ emacs keybindings.
"h m" '(woman :wk "Manual")
"h i" '(info :wk "Info")
+ "s i p" '(insert-urandom-password :wk "insert random password to buffer (for sops)")
"u w" '((lambda () (interactive) (shell-command "rsync -azvP ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/")) :wk "rsync website update")
"h r r" '(lambda () (interactive) (org-babel-load-file (expand-file-name "~/monorepo/config/emacs.org")))))
@@ -775,3 +791,14 @@ Set up emms in order to play music from my music directory:
(add-to-list 'emms-player-list 'emms-player-mpd)
:config (emms-player-mpd-connect))
#+end_src
+* Unpinned
+** Lean4
+For some reason, lean4-mode is not in MELPA currently so I have to do this ugly thing:
+#+begin_src emacs-lisp
+ (use-package lean4-mode
+ :commands lean4-mode
+ :vc (:url "https://github.com/leanprover-community/lean4-mode.git"
+ :rev "76895d8939111654a472cfc617cfd43fbf5f1eb6"))
+#+end_src
+and actually pull something from the internet instead of pinning. Thankfully this reproduction issue is probably localized to lean files. Also,
+we're pulling a specific commit so it is still pinned.
diff --git a/config/nix.org b/config/nix.org
index c19fa15..117ad20 100644
--- a/config/nix.org
+++ b/config/nix.org
@@ -258,6 +258,13 @@ largely self-documenting.
description = "device that NixOS is installed to";
};
+ fileSystem = lib.mkOption {
+ type = lib.types.str;
+ default = "ext4";
+ example = "btrfs";
+ description = "filesystem to install with disko";
+ };
+
diskoSpec = lib.mkOption {
type = lib.types.attrs;
description = "retains a copy of the disko spec for reflection";
@@ -409,7 +416,6 @@ In order to run docker containers, I need this file:
virtualisation.docker.enable = true;
}
#+end_src
-
** Pipewire
My low latency pipewire configuration is used for music production, as well as for regular
desktop usage. Pipewire is much better than pulseaudio because it supports jack with the same
@@ -511,7 +517,7 @@ distribution soon, and I'm waiting on that.
};
}
#+end_src
-** Murmur
+** TODO Murmur
#+begin_src nix :tangle ../nix/modules/murmur.nix
{ lib, config, ... }:
{
@@ -528,7 +534,7 @@ distribution soon, and I'm waiting on that.
};
}
#+end_src
-** i2pd
+** TODO i2pd
I use i2p for some p2p connections. We enable it with the server profile:
#+begin_src nix :tangle ../nix/modules/i2pd.nix
{ config, lib, ... }:
@@ -543,7 +549,7 @@ I use i2p for some p2p connections. We enable it with the server profile:
};
}
#+end_src
-** Icecast
+** TODO Icecast
This is an internet radio which will host a ton of music.
#+begin_src nix :tangle ../nix/modules/icecast.nix
{ lib, config, ... }:
@@ -632,8 +638,6 @@ for users:
Method = sha256
Hash = d4abdd69aa24de69693885c5bd83a4a0e9ee989e1a69a905041b0dad9abc06ea
Salt = sDY,?H5AxC-!gH3a.:)D
- Hash = ${config.sops.secrets.znc_password_hash}
- Salt = ${config.sops.secrets.znc_password_salt}
</Pass>
'';
modules = [
@@ -672,7 +676,7 @@ still federating and hosting the same protocol.
];
address = "0.0.0.0";
port = 6167;
- allow_registration = true;
+ allow_registration = false;
};
};
}
@@ -864,14 +868,15 @@ world. This was the easiest frontend to set up on NixOS.
] else []);
}
#+end_src
-** Maddy
+** TODO Maddy
#+begin_src nix :tangle ../nix/modules/maddy.nix
{ lib, config, options, ... }:
{
services.maddy = {
enable = lib.mkDefault config.monorepo.profiles.server.enable;
openFirewall = true;
- primaryDomain = "ret2pop.net";
+ hostName = "${config.monorepo.vars.remoteHost}";
+ primaryDomain = "mail.${config.monorepo.vars.remoteHost}";
tls = {
loader = "acme";
};
@@ -882,6 +887,11 @@ world. This was the easiest frontend to set up on NixOS.
"imap tls://0.0.0.0:993 tcp://0.0.0.0:143"
"submission tls://0.0.0.0:465 tcp://0.0.0.0:587"
] options.services.maddy.config.default;
+ ensureCredentials = {
+ "preston@localhost" = {
+ passwordFile = "/secrets/preston-localhost";
+ };
+ };
};
}
#+end_src
@@ -1175,7 +1185,7 @@ because they enhance security.
xdg.portal = {
enable = (! config.monorepo.profiles.ttyonly.enable);
- wlr.enable = true;
+ wlr.enable = (! config.monorepo.profiles.ttyonly.enable);
extraPortals = with pkgs; if (! config.monorepo.profiles.ttyonly.enable) then [
xdg-desktop-portal-gtk
xdg-desktop-portal
@@ -1281,6 +1291,56 @@ because they enhance security.
** Disko
This is the disko configuration for my continuity system. It features a boot and ext4 partition,
with configurable disk.
+*** Btrfs
+#+begin_src nix :tangle ../nix/disko/btrfs-simple.nix
+ { lib, config, ... }:
+ let
+ spec = {
+ disko.devices = {
+ disk = {
+ main = {
+ type = "disk";
+ device = config.monorepo.vars.device;
+ content = {
+ type = "gpt";
+ partitions = {
+ ESP = {
+ priority = 1;
+ name = "ESP";
+ start = "1M";
+ end = "128M";
+ type = "EF00";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ mountOptions = [ "umask=0077" ];
+ };
+ };
+ root = {
+ size = "100%";
+ content = {
+ type = "btrfs";
+ extraArgs = [ "-f" ]; # Override existing partition
+ mountpoint = "/";
+ mountOptions = [
+ "compress=zstd"
+ "noatime"
+ ];
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+ in
+ {
+ monorepo.vars.diskoSpec = spec;
+ disko.devices = spec.disko.devices;
+ }
+#+end_src
*** Simple
This configuration is used for simple partitioning schemes with EFI.
#+begin_src nix :tangle ../nix/disko/drive-simple.nix
@@ -1999,30 +2059,33 @@ the timezone.
My git configuration uses information set in the ~vars.nix~ in order to set configuration options.
Make sure those are set correctly. I've set it to sign by default.
#+begin_src nix :tangle ../nix/modules/home/git.nix
-{ lib, config, ... }:
-{
- programs.git = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- userName = config.monorepo.vars.fullName;
- userEmail = config.monorepo.profiles.email.email;
- signing = {
- key = config.monorepo.vars.gpgKey;
- signByDefault = true;
- };
+ { lib, config, ... }:
+ {
+ programs.git = {
+ enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
+ userName = config.monorepo.vars.fullName;
+ userEmail = config.monorepo.profiles.email.email;
+ signing = {
+ key = config.monorepo.vars.gpgKey;
+ signByDefault = true;
+ };
- extraConfig = {
- init.defaultBranch = "main";
- };
+ extraConfig = {
+ init.defaultBranch = "main";
+ };
- aliases = {
- co = "checkout";
- c = "commit";
- a = "add";
- s = "switch";
- b = "branch";
+ aliases = {
+ pl = "pull";
+ ps = "push";
+ co = "checkout";
+ c = "commit";
+ a = "add";
+ st = "status";
+ sw = "switch";
+ b = "branch";
+ };
};
- };
-}
+ }
#+end_src
*** Hyprland
My compositor/window manager. This automatically starts on startup. Instructions on how
@@ -2952,6 +3015,9 @@ standard.
};
shellAliases = {
+ se = "sops edit";
+ f = "vim $(fzf)";
+ e = "cd $(find . -type d -print | fzf)";
c = "clear";
g = "git";
v = "vim";
@@ -3030,6 +3096,7 @@ for these configurations.
mupdf
zathura
+ fzf
# passwords
age sops
@@ -3065,6 +3132,44 @@ for these configurations.
pfetch
libnotify
htop
+
+ (pkgs.writeShellScriptBin "help"
+ ''
+ #!/usr/bin/env sh
+ # Portable, colored, nicely aligned alias list
+
+ # Generate uncolored alias pairs
+ aliases=$(cat <<'EOF'
+ ${let aliases = config.programs.zsh.shellAliases;
+ in lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value:
+ "${name} -> ${value}"
+ ) aliases)}
+ EOF
+ )
+
+ # Align and color using awk
+ echo "$aliases" | awk '
+ BEGIN {
+ GREEN="\033[0;32m";
+ YELLOW="\033[0;33m";
+ RESET="\033[0m";
+ maxlen=0;
+ }
+ {
+ # Split line on " -> "
+ split($0, parts, / -> /);
+ name[NR]=parts[1];
+ cmd[NR]=parts[2];
+ if(length(parts[1])>maxlen) maxlen=length(parts[1]);
+ }
+ END {
+ for(i=1;i<=NR;i++) {
+ # printf with fixed width for alias name
+ printf "%s%-*s%s -> %s%s%s\n", GREEN, maxlen, name[i], RESET, YELLOW, cmd[i], RESET;
+ }
+ }'
+ '')
+
(writeShellScriptBin "remote-build"
''
#!/bin/bash
@@ -3222,14 +3327,22 @@ Spontaneity is my VPS instance.
boot.loader.grub.device = "nodev";
networking = {
+ interfaces.ens3.ipv6.addresses = [
+ {
+ address = "2001:19f0:5401:10d0:5400:5ff:fe4a:7794";
+ prefixLength = 64;
+ }
+ ];
firewall.allowedTCPPorts = [
80
+ 143
443
465
+ 587
993
- 8448
6697
6667
+ 8448
];
domains = {
enable = true;
@@ -3247,7 +3360,9 @@ Spontaneity is my VPS instance.
"${config.monorepo.vars.remoteHost}" = {};
"matrix.${config.monorepo.vars.remoteHost}" = {};
"www.${config.monorepo.vars.remoteHost}" = {};
- "mail.${config.monorepo.vars.remoteHost}" = {};
+ "mail.${config.monorepo.vars.remoteHost}" = {
+ mx.data = "10 mail.${config.monorepo.vars.remoteHost}.";
+ };
"nullring.xyz" = {};
"git.nullring.xyz" = {};
diff --git a/journal/index.org b/journal/index.org
index 6183061..2c2fc6c 100644
--- a/journal/index.org
+++ b/journal/index.org
@@ -36,6 +36,28 @@ done
#+end_src
#+RESULTS:
+- [[file:20250909.org][20250909.org]]
+- [[file:20250908.org][20250908.org]]
+- [[file:20250826.org][20250826.org]]
+- [[file:20250723.org][20250723.org]]
+- [[file:20250720.org][20250720.org]]
+- [[file:20250703.org][20250703.org]]
+- [[file:20250626.org][20250626.org]]
+- [[file:20250602.org][20250602.org]]
+- [[file:20250321.org][20250321.org]]
+- [[file:20250317.org][20250317.org]]
+- [[file:20250313.org][20250313.org]]
+- [[file:20250311.org][20250311.org]]
+- [[file:20250310.org][20250310.org]]
+- [[file:20250308.org][20250308.org]]
+- [[file:20250305.org][20250305.org]]
+- [[file:20250302.org][20250302.org]]
+- [[file:20250222.org][20250222.org]]
+- [[file:20250220.org][20250220.org]]
+- [[file:20250218.org][20250218.org]]
+- [[file:20250214.org][20250214.org]]
+- [[file:20250211.org][20250211.org]]
+- [[file:20250203.org][20250203.org]]
- [[file:20250201.org][20250201.org]]
- [[file:20250123.org][20250123.org]]
- [[file:20250119.org][20250119.org]]
diff --git a/nix/disko/btrfs-simple.nix b/nix/disko/btrfs-simple.nix
new file mode 100644
index 0000000..08fafd4
--- /dev/null
+++ b/nix/disko/btrfs-simple.nix
@@ -0,0 +1,47 @@
+{ lib, config, ... }:
+let
+ spec = {
+ disko.devices = {
+ disk = {
+ main = {
+ type = "disk";
+ device = config.monorepo.vars.device;
+ content = {
+ type = "gpt";
+ partitions = {
+ ESP = {
+ priority = 1;
+ name = "ESP";
+ start = "1M";
+ end = "128M";
+ type = "EF00";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ mountOptions = [ "umask=0077" ];
+ };
+ };
+ root = {
+ size = "100%";
+ content = {
+ type = "btrfs";
+ extraArgs = [ "-f" ]; # Override existing partition
+ mountpoint = "/";
+ mountOptions = [
+ "compress=zstd"
+ "noatime"
+ ];
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+};
+in
+{
+ monorepo.vars.diskoSpec = spec;
+ disko.devices = spec.disko.devices;
+}
diff --git a/nix/flake.lock b/nix/flake.lock
index f90d69b..7f2b3b2 100644
--- a/nix/flake.lock
+++ b/nix/flake.lock
@@ -378,11 +378,11 @@
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1757068644,
- "narHash": "sha256-NOrUtIhTkIIumj1E/Rsv1J37Yi3xGStISEo8tZm3KW4=",
+ "lastModified": 1757347588,
+ "narHash": "sha256-tLdkkC6XnsY9EOZW9TlpesTclELy8W7lL2ClL+nma8o=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "8eb28adfa3dc4de28e792e3bf49fcf9007ca8ac9",
+ "rev": "b599843bad24621dcaa5ab60dac98f9b0eb1cabe",
"type": "github"
},
"original": {
@@ -394,11 +394,11 @@
},
"nixpkgs_3": {
"locked": {
- "lastModified": 1757068644,
- "narHash": "sha256-NOrUtIhTkIIumj1E/Rsv1J37Yi3xGStISEo8tZm3KW4=",
+ "lastModified": 1757347588,
+ "narHash": "sha256-tLdkkC6XnsY9EOZW9TlpesTclELy8W7lL2ClL+nma8o=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "8eb28adfa3dc4de28e792e3bf49fcf9007ca8ac9",
+ "rev": "b599843bad24621dcaa5ab60dac98f9b0eb1cabe",
"type": "github"
},
"original": {
@@ -410,11 +410,11 @@
},
"nixpkgs_4": {
"locked": {
- "lastModified": 1744868846,
- "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=",
+ "lastModified": 1757034884,
+ "narHash": "sha256-PgLSZDBEWUHpfTRfFyklmiiLBE1i1aGCtz4eRA3POao=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c",
+ "rev": "ca77296380960cd497a765102eeb1356eb80fed0",
"type": "github"
},
"original": {
@@ -430,11 +430,11 @@
"nixpkgs": "nixpkgs_3"
},
"locked": {
- "lastModified": 1757367609,
- "narHash": "sha256-/sMr7GRnb7Y3i0w+qg/5y1LWB3FL8Wai0tPn9aiUlw4=",
+ "lastModified": 1757500034,
+ "narHash": "sha256-27oRr29r98W9/9AFsusHsI3SDtMJtZL2wVbvx/a9dIo=",
"owner": "nix-community",
"repo": "NUR",
- "rev": "6291367b23c38821ca01c64f93c11c5cb56748ad",
+ "rev": "356f3a0c8a844ca237d144bf8a58cf8ad706cf16",
"type": "github"
},
"original": {
@@ -558,11 +558,11 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
- "lastModified": 1754988908,
- "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
+ "lastModified": 1757449901,
+ "narHash": "sha256-qwN8nYdSRnmmyyi+uR6m4gXnVktmy5smG1MOrSFD8PI=",
"owner": "Mic92",
"repo": "sops-nix",
- "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
+ "rev": "3b4a369df9dd6ee171a7ea4448b50e2528faf850",
"type": "github"
},
"original": {
diff --git a/nix/modules/conduit.nix b/nix/modules/conduit.nix
index ce2c23e..e47c7a2 100644
--- a/nix/modules/conduit.nix
+++ b/nix/modules/conduit.nix
@@ -10,7 +10,7 @@
];
address = "0.0.0.0";
port = 6167;
- allow_registration = true;
+ allow_registration = false;
};
};
}
diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix
index 7234333..27002ff 100644
--- a/nix/modules/configuration.nix
+++ b/nix/modules/configuration.nix
@@ -284,7 +284,7 @@
xdg.portal = {
enable = (! config.monorepo.profiles.ttyonly.enable);
- wlr.enable = true;
+ wlr.enable = (! config.monorepo.profiles.ttyonly.enable);
extraPortals = with pkgs; if (! config.monorepo.profiles.ttyonly.enable) then [
xdg-desktop-portal-gtk
xdg-desktop-portal
diff --git a/nix/modules/home/git.nix b/nix/modules/home/git.nix
index 9c15aac..0e6e66c 100644
--- a/nix/modules/home/git.nix
+++ b/nix/modules/home/git.nix
@@ -14,10 +14,13 @@
};
aliases = {
+ pl = "pull";
+ ps = "push";
co = "checkout";
c = "commit";
a = "add";
- s = "switch";
+ st = "status";
+ sw = "switch";
b = "branch";
};
};
diff --git a/nix/modules/home/user.nix b/nix/modules/home/user.nix
index d0cad9a..24b61da 100644
--- a/nix/modules/home/user.nix
+++ b/nix/modules/home/user.nix
@@ -29,6 +29,7 @@
mupdf
zathura
+ fzf
# passwords
age sops
@@ -64,6 +65,44 @@
pfetch
libnotify
htop
+
+ (pkgs.writeShellScriptBin "help"
+ ''
+#!/usr/bin/env sh
+# Portable, colored, nicely aligned alias list
+
+# Generate uncolored alias pairs
+aliases=$(cat <<'EOF'
+${let aliases = config.programs.zsh.shellAliases;
+ in lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value:
+ "${name} -> ${value}"
+ ) aliases)}
+EOF
+ )
+
+# Align and color using awk
+echo "$aliases" | awk '
+BEGIN {
+ GREEN="\033[0;32m";
+ YELLOW="\033[0;33m";
+ RESET="\033[0m";
+ maxlen=0;
+ }
+{
+ # Split line on " -> "
+ split($0, parts, / -> /);
+ name[NR]=parts[1];
+ cmd[NR]=parts[2];
+ if(length(parts[1])>maxlen) maxlen=length(parts[1]);
+}
+END {
+ for(i=1;i<=NR;i++) {
+ # printf with fixed width for alias name
+ printf "%s%-*s%s -> %s%s%s\n", GREEN, maxlen, name[i], RESET, YELLOW, cmd[i], RESET;
+ }
+}'
+'')
+
(writeShellScriptBin "remote-build"
''
#!/bin/bash
diff --git a/nix/modules/home/zsh.nix b/nix/modules/home/zsh.nix
index e12a2d8..cb4f1b0 100644
--- a/nix/modules/home/zsh.nix
+++ b/nix/modules/home/zsh.nix
@@ -21,6 +21,9 @@
};
shellAliases = {
+ se = "sops edit";
+ f = "vim $(fzf)";
+ e = "cd $(find . -type d -print | fzf)";
c = "clear";
g = "git";
v = "vim";
diff --git a/nix/modules/maddy.nix b/nix/modules/maddy.nix
index 158b6b5..f97ba05 100644
--- a/nix/modules/maddy.nix
+++ b/nix/modules/maddy.nix
@@ -3,7 +3,7 @@
services.maddy = {
enable = lib.mkDefault config.monorepo.profiles.server.enable;
openFirewall = true;
- primaryDomain = "ret2pop.net";
+ primaryDomain = "${config.monorepo.vars.remoteHost}";
tls = {
loader = "acme";
};
diff --git a/nix/modules/vars.nix b/nix/modules/vars.nix
index 4b7c894..de9736e 100644
--- a/nix/modules/vars.nix
+++ b/nix/modules/vars.nix
@@ -8,6 +8,13 @@
description = "device that NixOS is installed to";
};
+ fileSystem = lib.mkOption {
+ type = lib.types.str;
+ default = "ext4";
+ example = "btrfs";
+ description = "filesystem to install with disko";
+ };
+
diskoSpec = lib.mkOption {
type = lib.types.attrs;
description = "retains a copy of the disko spec for reflection";
diff --git a/nix/modules/znc.nix b/nix/modules/znc.nix
index d32d564..c2e2079 100644
--- a/nix/modules/znc.nix
+++ b/nix/modules/znc.nix
@@ -10,8 +10,6 @@
Method = sha256
Hash = d4abdd69aa24de69693885c5bd83a4a0e9ee989e1a69a905041b0dad9abc06ea
Salt = sDY,?H5AxC-!gH3a.:)D
- Hash = ${config.sops.secrets.znc_password_hash}
- Salt = ${config.sops.secrets.znc_password_salt}
</Pass>
'';
modules = [
diff --git a/nix/systems/spontaneity/default.nix b/nix/systems/spontaneity/default.nix
index 5460428..3ab7a9e 100644
--- a/nix/systems/spontaneity/default.nix
+++ b/nix/systems/spontaneity/default.nix
@@ -18,6 +18,12 @@
boot.loader.grub.device = "nodev";
networking = {
+ interfaces.ens3.ipv6.addresses = [
+ {
+ address = "2001:19f0:5401:10d0:5400:5ff:fe4a:7794";
+ prefixLength = 64;
+ }
+ ];
firewall.allowedTCPPorts = [
80
443
generated by cgit v1.3 (git 2.53.0) at 2026-05-31 15:42:58 +0000