add vars.nix; better README

5 files changed, 187 insertions, 137 deletions

diff --git a/README.org b/README.org
index 9a3a9ba..00d5e6e 100644
--- a/README.org
+++ b/README.org
@@ -1,57 +1,52 @@
-* Introduction (Forked from HyprNixMacs)
-ToughNix is a configuration that centers around the usage of NixOS and Emacs.
-Note that at the time of writing, I use hyprland as my window manager, but that
-might change, and therefore hyprnixmacs may not be as accurate of a name. This
-entire configuration uses the [[https://github.com/catppuccin/catppuccin][catppuccin theme]].
-
+* Introduction
+ToughNix is a configuration that centers around the usage of NixOS and Emacs, with vim-centric
+keybindings. Note that at the time of writing, This entire configuration uses the [[https://github.com/catppuccin/catppuccin][catppuccin theme]].
 ** Why Not EXWM?
 Because emacs is blocking, and I want to use wayland because it's much better and there's
 much less cruft.
-
 * Installation
-Simply clone the contents of this repository to ~/etc/nixos/~ and run ~sudo nixos-rebuild switch~.
-Note that afterwards you will need a ~$HOME/.password-store~ in user ~preston~ which has
-an entry named ~Mail~, as well as a ~~/org/website/~ directory made by cloning my
-[[https://git.nullring.xyz/ret2pop-website.git/about/][ret2pop website]] repository to that location. Here are all the commands:
+Install NixOS, install git (and maybe vim) on your NixOS system, and then on your NixOS system, run:
 #+begin_src shell
-  # run as root
-  # create backup of hardware-configuration.nix and put it back there after
-  git clone https://github.com/ret2pop/hyprnixmacs.git /etc/nixos/
-  # put hardware-configuration.nix back in /etc/nixos
-  nixos-rebuild switch
-  su preston
-  # copy over gpg and ssh keys
-  git clone root@nullring.xyz:/var/git/passwords.git ~/.password-store/
-  mkdir ~/org
-  git clone https://github.com/ret2pop/ret2pop-website ~/org/website/
-  # get music and put it in ~/music
+  mkdir -p ~/src
+  git clone https://git.nullring.xyz/toughnix.git ~/src/
+
+  # Change any system variables that are hardware or person-dependent (do this before inital-deploy)
+  nano ~/src/toughnix/vars.nix
+  bash ~/src/toughnix/initial-deploy.sh
+
+  # remove the single CHANGEME line
+  nano ~/src/toughnix/configuration.nix
+
+  sudo nix --extra-experimental-features nix-command --extra-experimental-features flakes flake update
+  sudo nixos-rebuild switch --flake .#continuity-dell
 #+end_src
-this process can be highly automated via [[https://github.com/nix-community/nixos-anywhere][NixOS Anywhere]]. Once you have my system with your own gpg and ssh keys,
-you can read the following section.
+Note the line where we run ~nano~; during this period you should change any hardware or
+person-specific settings, and also alter ~configuration.nix~ more if you are using an encrypted drive.
 
+After this process, reboot and log into your user. You will immediately be taken into Hyprland,
+and Emacs and Firefox will autostart.
 * Usage
-Make sure that before you use the configuration, all the me-specific configuration is ripped out
-and replaced with yours. For instance, any mention of my name in ~configuration.nix~, ~home.nix~,
-the emacs config, or ~flake.nix~ should be replaced with mentions of your name, and stuff like server
-configurations for email or IRC should be replaced with your own configurations. The system by default
-is called ~continuity~. If you don't like this hostname, you can replace it in ~configuration.nix~ and
-~flake.nix~ with something else.
+On your first install, you will be greeted with firefox, as well as EMacs. If Waybar doesn't
+appear, run ~hyprctl monitors~ in a terminal (Windows key + Enter), and you should see the monitors
+listed. Then, edit ~/etc/nixos/vars.nix~ accordingly.
 ** Hyprland
 *** Wallpaper
-To change the wallpaper, change the ~swww add~ line to another wallpaper in my
+To change the wallpaper, change the ~swww add~ line in ~home.nix~ to another wallpaper in my
 [[https://github.com/ret2pop/wallpapers][wallpapers repository]].
 *** Keybindings
 **** Programs
+There are other programs too, but these are all you'll need to get started.
 #+begin_example
 Win + Return => kitty (Terminal)
 Win + e => emacs
 Win + w => firefox
-Win + v => discord
+Win + v => discord (vencord)
 Win + d => wofi (Run Launcher)
 Win + p => wofi (Powermenu)
 PrintScr => grim (screenshot; look for file in $HOME)
 #+end_example
 **** Commands
+These commands are inspired by ~vim~.
 #+begin_example
 Win + q => kill window
 Win + Shift + h => move window to left
@@ -63,9 +58,6 @@ Win + l => move window focus to right
 Win + k => move window focus up
 Win + j => move window focus down
 #+end_example
-** Initialization
-To get into a graphical hyprland environment, use type ~h~ into the tty after logging in. This will
-take you stright to the graphical session.
 ** Passwords
 Passwords will be managed by sops-nix in the future, but for now they are managed
 with the ~pass~ password manager. To initialize the password store, see
@@ -73,16 +65,14 @@ with the ~pass~ password manager. To initialize the password store, see
 #+begin_src shell
 pass add Mail
 #+end_src
-and enter your imaps and smtps password.
-** Git
-In ~home.nix~, change the signing key to your own gpg key. When you git commit, emacs will be your pinentry
-device, meaning you will enter the encryption password from emacs.
+and enter your imaps and smtps password (they should be the same in this setup).
 ** Email
 Email is done from within emacs with mu4e with ~SPC o m~. To initialize mail, run:
 #+begin_src shell
-  mbsync prestonpan # see mbsyncrc section of home.nix, change prestonpan to something else there
-                    # then run this command with that changed name.
-  mu init --maildir=~/email/mbsyncmail/
+  mbsync ret2pop    # see mbsyncrc section of home.nix, change ret2pop to something else there
+                    # then run this command with that changed name, if you really want.
+                    # Even though it uses my username, it works for everyone.
+  mu init --maildir=~/email/ret2pop/
   mu index
 #+end_src
 Note that a prerequisite is initializing ~pass~ and adding a ~Mail~ entry. Be sure to change the imaps
@@ -97,33 +87,30 @@ Optionally, go to user settings > Vencord > Themes > Online Themes. Then, instal
   @import url("https://catppuccin.github.io/discord/dist/catppuccin-mocha-pink.theme.css");
 #+end_src
 ** Waybar
-If the bar is not displaying, get your monitor name with ~hyprctl monitors~. Then, in the ~home.nix~ configuration
-replace ~LVDS-1~ with whatever your monitor name is that you want the bar to be displayed in. The battery percentage
-may not be displayed. If it isn't, then change ~BAT0~ with whatever you see when you run ~ls /sys/class/power_supply~,
-assuming you have a laptop with a battery. After that, it should work normally.
+If the bar is not displaying, get your monitor name with ~hyprctl monitors~. The battery percentage
+may not be displayed. If it isn't, then change ~BAT0~ with whatever you see when you run
+~ls /sys/class/power_supply~, assuming you have a laptop with a battery. After that, it should work
+normally.
 ** Music
-Replace all mention of ~/home/preston/~ in the mpd configuration of ~home.nix~ with whatever your home directory is.
-Place your music files in ~$HOME/music~ and run ~mpc update~, then ~mpc add /~. This should add all your music in
-~$HOME/music~ to the playlist to be read by the emacs program ~emms~.
+Place your music files in ~$HOME/music~ and run ~mpc update~, then ~mpc add /~.
+This should add all your music in ~$HOME/music~ to the playlist to be read by the emacs program ~emms~.
 ** Emacs
-This will be quite the large section as there will be much to explain. Just clone my entire website:
-#+begin_src shell
-  mkdir ~/org/
-  git clone https://github.com/ret2pop/ret2pop-website ~/org/website
-#+end_src
-/Then/ start emacs. On first initialization, make sure to run:
+On first initialization, make sure to run:
 #+begin_src emacs-lisp
   M-x pdf-tools-install
   M-x all-the-icons-install-fonts
   M-x nerd-icons-install-fonts 
 #+end_src
-then restart. This will make emacs look not ugly. Then, if you cloned my website, everything should work, although
-you should remove my journal entries and all my files in ~mindmap~ and replace them with your own.
+then restart. This will make emacs look not ugly. Also edit the very top of
+~~/org/website/config/emacs.org~, modify the parameters (email, full name, etc...) to your desired
+value.
 *** Keybindings
 These are the keybindings that I have set up for emacs. All the other keybindings are ones that are default
 to the packages installed or the builtin emacs keybindings. Note that I also use evil-mode, so you're going
-to have to know vim keybindings.
+to have to know vim keybindings. To get started with editing files, press space, and then
+press period.
 #+begin_example
+  SPC . find-file
   SPC o a org-agenda
   SPC c b counsel-bookmark
   SPC o c org-capture
@@ -165,18 +152,12 @@ In the config, replace the IRC configuration (server and name) with your own.
 Run ~ollama pull zephyr~ to get the zephyr ollama model.
 *** Mu4e
 After following the email advice from above, change my mail address and name to your own.
-*** Agenda
-Make a file ~$HOME/org/agenda.org~. From there, just google org-agenda.
-*** Ox-publish
-Steal the css stylesheet I use from the root of my website directory, and copy the layout of it.
-Honestly, I will finish explaining how I manage my website later because it's a little bit pain
-to explain in a concise manner.
 *** Elfeed
 Change my RSS feeds out in ~$HOME/org/website/config/elfeed.org~ with ones you want to read.
-*** Stem Mode
-[[https://github.com/ret2pop/stem][Stem]] is a programming language that I wrote, and in order for code blocks and syntax highlighting
-to work, you need to install [[https://github.com/ret2pop/stem-mode][stem-mode]]. Or, you can get rid of stem-mode in the emacs configuration.
-
+** Website
+I update my website with the command ~usite~ (in the terminal). This will work by default if you
+set your ~vars.nix~ correctly and you have access to the server you're sshing through with rsync.
 ** Postamble
-Once you've done all those things, you can call the system yours! You've successfully ripped out any part
-of the configuration that names me or any of the gpg or ssh keys that I own.
+Once you've done all those things, you can call the system yours! If you want to change anything
+about the system or fork it to remove any mention of me from the defaults, be my guest.
+If you want it to contain parts of my identity, that's also good.
diff --git a/configuration.nix b/configuration.nix
index a95f866..bf8191b 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,5 +1,7 @@
 { config, pkgs, lib, inputs, ... }:
-
+let
+  vars = import ./vars.nix;
+in
 {
   imports =
     [
@@ -44,17 +46,16 @@
   };
 
   boot = {
-    # CHANGEME delete this initrd entry
+    # CHANGEME delete initrd entry
     initrd.luks.devices."luks-30d6b69f-1ec0-4111-b5d3-c0138d485a49".device = "/dev/disk/by-uuid/30d6b69f-1ec0-4111-b5d3-c0138d485a49";
-    # CHANGEME delete lanzaboote entry for now
+
     lanzaboote = {
-      enable = true;
+      enable = vars.secureBoot;
       pkiBundle = "/etc/secureboot";
     };
 
     loader = {
-      # CHANGEME to true
-      systemd-boot.enable = lib.mkForce false;
+      systemd-boot.enable = lib.mkForce (! vars.secureBoot);
       efi.canTouchEfiVariables = true;
     };
     
@@ -156,7 +157,7 @@
   };
 
   networking = {
-    hostName = "continuity-dell";
+    hostName = vars.hostName;
     networkmanager = {
       enable = true;
       # wifi.macAddress = "";
@@ -237,7 +238,7 @@
       };
 
       # CHANGEME if using nvidia
-      videoDrivers = [];
+      videoDrivers = vars.videoDrivers;
       enable = true;
     };
 
@@ -279,7 +280,7 @@
       enable = true;
       settings = {
         PasswordAuthentication = true;
-        AllowUsers = [ "preston" ];
+        AllowUsers = [ vars.userName ];
         PermitRootLogin = "no";
         KbdInteractiveAuthentication = false;
       };
@@ -338,7 +339,7 @@
     doas = {
       enable = true;
       extraRules = [{
-        users = [ "preston" ];
+        users = [ vars.userName ];
         keepEnv = true;
         persist = true;
       }];
@@ -362,28 +363,27 @@
     tree
   ];
 
-  users = {
-    users = {
-      root.openssh.authorizedKeys.keys = [
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch"
-      ];
+  
+  users.users = {
+    root.openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch"
+    ];
 
-      preston = {
-        isNormalUser = true;
-        description = "Preston Pan";
-        extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ];
-        shell = pkgs.zsh;
-        packages = [
-        ];
-      };
+    "${vars.userName}" = {
+      isNormalUser = true;
+      description = vars.fullName;
+      extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ];
+      shell = pkgs.zsh;
+      packages = [
+      ];
     };
   };
 
-  nix.settings.experimental-features = "nix-command flakes";
 
-  # CHANGEME timezone
-  time.timeZone = "America/Vancouver";
+  nix.settings.experimental-features = "nix-command flakes";
+  time.timeZone = vars.timeZone;
   i18n.defaultLocale = "en_CA.UTF-8";
+
   system = {
     stateVersion = "24.11";
     nixos = {
diff --git a/home.nix b/home.nix
index 1ddf427..a5faddc 100644
--- a/home.nix
+++ b/home.nix
@@ -1,9 +1,42 @@
-{ pkgs, wallpapers, scripts, ... }:
+{ lib, config, pkgs, wallpapers, scripts, ... }:
+let
+  vars = import ./vars.nix;
+in
 {
   home = {
+    activation.startup-files = lib.mkAfter ''
+    if [ ! -d "${config.home.homeDirectory}/org/website/" ]; then
+      mkdir -p ${config.home.homeDirectory}/org/website/
+      ${pkgs.git}/bin/git clone https://git.nullring.xyz/ret2pop-website.git ${config.home.homeDirectory}/org/website/
+    fi
+
+    if [ ! -d "${config.home.homeDirectory}/src/publish-org-roam-ui" ]; then
+      mkdir -p ${config.home.homeDirectory}/src
+      ${pkgs.git}/bin/git clone https://git.nullring.xyz/publish-org-roam-ui.git ${config.home.homeDirectory}/src/publish-org-roam-ui
+    fi
+
+    if [ ! -d "${config.home.homeDirectory}/.password-store" ]; then
+      ${pkgs.git}/bin/git clone ${vars.passwordRepo} ${config.home.homeDirectory}/.password-store
+    fi
+
+    if [ ! -d "${config.home.homeDirectory}/email/ret2pop/" ]; then
+      mkdir -p ${config.home.homeDirectory}/email/ret2pop/
+    fi
+
+    if [ ! -d "${config.home.homeDirectory}/music" ]; then
+      mkdir -p ${config.home.homeDirectory}/music
+    fi
+
+    if [ ! -d "${config.home.homeDirectory}/sounds" ]; then
+      mkdir -p ${config.home.homeDirectory}/sounds
+    fi
+    touch ${config.home.homeDirectory}/org/agenda.org
+    touch ${config.home.homeDirectory}/org/notes.org
+    '';
+
     enableNixpkgsReleaseCheck = false;
-    username = "preston";
-    homeDirectory = "/home/preston";
+    username = vars.userName;
+    homeDirectory = "/home/${vars.userName}";
     stateVersion = "23.11";
     
     packages = with pkgs; [
@@ -98,7 +131,7 @@
       font = "Fira Code 10";
       defaultTimeout = 3000;
       extraConfig = ''
-on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
+on-notify=exec mpv /home/${vars.userName}/sounds/notification.wav --no-config --no-video
 '';
     };
 
@@ -131,11 +164,11 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
 
     mpd = {
       enable = true;
-      dbFile = "/home/preston/.config/mpd/db";
-      dataDir = "/home/preston/.config/mpd/";
+      dbFile = "/home/${vars.userName}/.config/mpd/db";
+      dataDir = "/home/${vars.userName}/.config/mpd/";
       network.port = 6600;
-      musicDirectory = "/home/preston/music";
-      playlistDirectory = "/home/preston/.config/mpd/playlists";
+      musicDirectory = "/home/${vars.userName}/music";
+      playlistDirectory = "/home/${vars.userName}/.config/mpd/playlists";
       network.listenAddress = "0.0.0.0";
       extraConfig = ''
       audio_output {
@@ -688,6 +721,7 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
         };
       };
     };
+
     waybar = {
       enable = true;
       style = ''
@@ -942,12 +976,7 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
           position = "top";
           height = 50;
 
-          output = [
-            "HDMI-A-1"
-            "eDP-1"
-            "DP-2"
-            "DP-3"
-          ];
+          output = vars.monitors;
 
           modules-left = [ "hyprland/workspaces" ];
           modules-center = [ "hyprland/window" ];
@@ -990,9 +1019,9 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
         v = "vim";
         py = "python3";
         rb = "doas nixos-rebuild switch";
-        nfu = "cd ~/src/hyprnixmacs && git add . && git commit -m \"new flake lock\" && cd /etc/nixos/ && doas nix flake update";
+        nfu = "cd ~/src/toughnix && git add . && git commit -m \"new flake lock\" && cd /etc/nixos/ && doas nix flake update";
         usite
-        = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/";
+        = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ ${vars.websiteLocation}";
         sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l";
         i3 = "exec ${pkgs.i3-gaps}/bin/i3";
       };
@@ -1092,8 +1121,8 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
       # CHANGEME different email server and account
       extraConfig = ''
       IMAPAccount ret2pop
-      Host imap.gmail.com
-      User ret2pop@gmail.com
+      Host ${vars.imapsServer}
+      User ${vars.userName}
       PassCmd "pass Mail"
       Port 993
       TLSType IMAPS
@@ -1132,16 +1161,16 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
       logfile        ~/.msmtp.log
 
       # Gmail
-      account        preston
-      host           smtp.gmail.com
+      account        ${vars.userName}
+      host           ${vars.smtpsServer}
       port           587
-      from           ret2pop@gmail.com
-      user           ret2pop@gmail.com
+      from           ${vars.email}
+      user           ${vars.email}
       passwordeval   "pass Mail"
 
 
       # Set a default account
-      account default : preston
+      account default : ${vars.userName}
     '';
     };
 
@@ -1152,11 +1181,11 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video
     git = {
       enable = true;
       # CHANGEME name and email
-      userName = "Preston Pan";
-      userEmail = "ret2pop@gmail.com";
+      userName = vars.fullName;
+      userEmail = vars.email;
       signing = {
         # CHANGEME GIT SIGNING KEY
-        key = "AEC273BF75B6F54D81343A1AC1FE6CED393AE6C1";
+        key = vars.gpgKey;
         signByDefault = true;
       };
 
diff --git a/initial-deploy.sh b/initial-deploy.sh
index 0ab475e..ac71dd2 100755
--- a/initial-deploy.sh
+++ b/initial-deploy.sh
@@ -8,18 +8,4 @@ sudo ln $HOME/src/toughnix/flake.nix /etc/nixos/
 sudo ln $HOME/src/toughnix/flake.lock /etc/nixos/
 sudo ln $HOME/src/toughnix/configuration.nix /etc/nixos/
 sudo ln $HOME/src/toughnix/home.nix /etc/nixos/
-
-mkdir -p ~/org
-git clone git@nullring.xyz:/var/git/ret2pop-website ~/org/website
-# git clone https://git.nullring.xyz/ret2pop-website.git ~/org/website
-mkdir -p ~/src
-git clone git@nullring.xyz:/var/git/publish-org-roam-ui ~/src
-# git clone https://git.nullring.xyz/publish-org-roam-ui.git ~/org/website
-
-cd /etc/nixos
-sudo nix --extra-experimental-features nix-command --extra-experimental-features flakes flake update
-sudo nixos-rebuild switch --flake .#continuity-dell
-
-echo "Installlation done! Rebooting..."
-sleep 3
-reboot
+sudo cp $HOME/src/toughnix/vars.nix /etc/nixos/
diff --git a/vars.nix b/vars.nix
new file mode 100644
index 0000000..3243438
--- /dev/null
+++ b/vars.nix
@@ -0,0 +1,54 @@
+{
+  # set your host name.
+  hostName = "continuity-dell";
+
+  # username used for unix username as well as msmtp configuration name.
+  userName = "preston";
+
+  # your full name
+  fullName = "Preston Pan";
+
+  # Create a new gpg key for this system or import your keys from another system
+  gpgKey = "AEC273BF75B6F54D81343A1AC1FE6CED393AE6C1";
+
+  # If you're not forking my website, this value doesn't matter
+  websiteLocation = "root@nullring.xyz:/usr/share/nginx/ret2pop/";
+
+  # GPG encrypted password repository (leave as default value and change later if you don't have one)
+  passwordRepo = "https://git.nullring.xyz/passwords.git";
+
+  # email used for `From` and also as your login email.
+  email = "ret2pop@gmail.com";
+
+  # IMAPS server. Must be encrypted.
+  imapsServer = "imap.gmail.com";
+
+  # SMTPS server. Must be encrypted.
+  smtpsServer = "smtp.gmail.com";
+
+  # Change to your timezone
+  timeZone = "America/Vancouver";
+
+  # After rebooting, use the command `hyprctl monitors` in order to check which monitor
+  # you are using. This is so that waybar knows which monitors to appear in.
+  monitors = [
+    "HDMI-A-1"
+    "eDP-1"
+    "DP-2"
+    "DP-3"
+  ];
+
+  # enable video drivers based on your system.
+  # Example:
+  # videoDrivers = [
+  #   "nvidia"
+  #   "amdgpu"
+  # ]
+  videoDrivers = [
+  ];
+
+  # use false if this is your first install of continuity.
+  # See https://github.com/nix-community/lanzaboote/blob/master/docs/QUICK_START.md
+  # for more information.
+  secureBoot = true;
+}