From b94b6223b594a44c3382e606b900c82d94d1fb36 Mon Sep 17 00:00:00 2001 From: Preston Pan Date: Tue, 7 Jan 2025 14:21:20 -0800 Subject: add vars.nix; better README --- README.org | 121 +++++++++++++++++++++++------------------------------- configuration.nix | 52 +++++++++++------------ home.nix | 81 ++++++++++++++++++++++++------------ initial-deploy.sh | 16 +------- vars.nix | 54 ++++++++++++++++++++++++ 5 files changed, 187 insertions(+), 137 deletions(-) create mode 100644 vars.nix diff --git a/README.org b/README.org index 9a3a9ba..00d5e6e 100644 --- a/README.org +++ b/README.org @@ -1,57 +1,52 @@ -* Introduction (Forked from HyprNixMacs) -ToughNix is a configuration that centers around the usage of NixOS and Emacs. -Note that at the time of writing, I use hyprland as my window manager, but that -might change, and therefore hyprnixmacs may not be as accurate of a name. This -entire configuration uses the [[https://github.com/catppuccin/catppuccin][catppuccin theme]]. - +* Introduction +ToughNix is a configuration that centers around the usage of NixOS and Emacs, with vim-centric +keybindings. Note that at the time of writing, This entire configuration uses the [[https://github.com/catppuccin/catppuccin][catppuccin theme]]. ** Why Not EXWM? Because emacs is blocking, and I want to use wayland because it's much better and there's much less cruft. - * Installation -Simply clone the contents of this repository to ~/etc/nixos/~ and run ~sudo nixos-rebuild switch~. -Note that afterwards you will need a ~$HOME/.password-store~ in user ~preston~ which has -an entry named ~Mail~, as well as a ~~/org/website/~ directory made by cloning my -[[https://git.nullring.xyz/ret2pop-website.git/about/][ret2pop website]] repository to that location. Here are all the commands: +Install NixOS, install git (and maybe vim) on your NixOS system, and then on your NixOS system, run: #+begin_src shell - # run as root - # create backup of hardware-configuration.nix and put it back there after - git clone https://github.com/ret2pop/hyprnixmacs.git /etc/nixos/ - # put hardware-configuration.nix back in /etc/nixos - nixos-rebuild switch - su preston - # copy over gpg and ssh keys - git clone root@nullring.xyz:/var/git/passwords.git ~/.password-store/ - mkdir ~/org - git clone https://github.com/ret2pop/ret2pop-website ~/org/website/ - # get music and put it in ~/music + mkdir -p ~/src + git clone https://git.nullring.xyz/toughnix.git ~/src/ + + # Change any system variables that are hardware or person-dependent (do this before inital-deploy) + nano ~/src/toughnix/vars.nix + bash ~/src/toughnix/initial-deploy.sh + + # remove the single CHANGEME line + nano ~/src/toughnix/configuration.nix + + sudo nix --extra-experimental-features nix-command --extra-experimental-features flakes flake update + sudo nixos-rebuild switch --flake .#continuity-dell #+end_src -this process can be highly automated via [[https://github.com/nix-community/nixos-anywhere][NixOS Anywhere]]. Once you have my system with your own gpg and ssh keys, -you can read the following section. +Note the line where we run ~nano~; during this period you should change any hardware or +person-specific settings, and also alter ~configuration.nix~ more if you are using an encrypted drive. +After this process, reboot and log into your user. You will immediately be taken into Hyprland, +and Emacs and Firefox will autostart. * Usage -Make sure that before you use the configuration, all the me-specific configuration is ripped out -and replaced with yours. For instance, any mention of my name in ~configuration.nix~, ~home.nix~, -the emacs config, or ~flake.nix~ should be replaced with mentions of your name, and stuff like server -configurations for email or IRC should be replaced with your own configurations. The system by default -is called ~continuity~. If you don't like this hostname, you can replace it in ~configuration.nix~ and -~flake.nix~ with something else. +On your first install, you will be greeted with firefox, as well as EMacs. If Waybar doesn't +appear, run ~hyprctl monitors~ in a terminal (Windows key + Enter), and you should see the monitors +listed. Then, edit ~/etc/nixos/vars.nix~ accordingly. ** Hyprland *** Wallpaper -To change the wallpaper, change the ~swww add~ line to another wallpaper in my +To change the wallpaper, change the ~swww add~ line in ~home.nix~ to another wallpaper in my [[https://github.com/ret2pop/wallpapers][wallpapers repository]]. *** Keybindings **** Programs +There are other programs too, but these are all you'll need to get started. #+begin_example Win + Return => kitty (Terminal) Win + e => emacs Win + w => firefox -Win + v => discord +Win + v => discord (vencord) Win + d => wofi (Run Launcher) Win + p => wofi (Powermenu) PrintScr => grim (screenshot; look for file in $HOME) #+end_example **** Commands +These commands are inspired by ~vim~. #+begin_example Win + q => kill window Win + Shift + h => move window to left @@ -63,9 +58,6 @@ Win + l => move window focus to right Win + k => move window focus up Win + j => move window focus down #+end_example -** Initialization -To get into a graphical hyprland environment, use type ~h~ into the tty after logging in. This will -take you stright to the graphical session. ** Passwords Passwords will be managed by sops-nix in the future, but for now they are managed with the ~pass~ password manager. To initialize the password store, see @@ -73,16 +65,14 @@ with the ~pass~ password manager. To initialize the password store, see #+begin_src shell pass add Mail #+end_src -and enter your imaps and smtps password. -** Git -In ~home.nix~, change the signing key to your own gpg key. When you git commit, emacs will be your pinentry -device, meaning you will enter the encryption password from emacs. +and enter your imaps and smtps password (they should be the same in this setup). ** Email Email is done from within emacs with mu4e with ~SPC o m~. To initialize mail, run: #+begin_src shell - mbsync prestonpan # see mbsyncrc section of home.nix, change prestonpan to something else there - # then run this command with that changed name. - mu init --maildir=~/email/mbsyncmail/ + mbsync ret2pop # see mbsyncrc section of home.nix, change ret2pop to something else there + # then run this command with that changed name, if you really want. + # Even though it uses my username, it works for everyone. + mu init --maildir=~/email/ret2pop/ mu index #+end_src Note that a prerequisite is initializing ~pass~ and adding a ~Mail~ entry. Be sure to change the imaps @@ -97,33 +87,30 @@ Optionally, go to user settings > Vencord > Themes > Online Themes. Then, instal @import url("https://catppuccin.github.io/discord/dist/catppuccin-mocha-pink.theme.css"); #+end_src ** Waybar -If the bar is not displaying, get your monitor name with ~hyprctl monitors~. Then, in the ~home.nix~ configuration -replace ~LVDS-1~ with whatever your monitor name is that you want the bar to be displayed in. The battery percentage -may not be displayed. If it isn't, then change ~BAT0~ with whatever you see when you run ~ls /sys/class/power_supply~, -assuming you have a laptop with a battery. After that, it should work normally. +If the bar is not displaying, get your monitor name with ~hyprctl monitors~. The battery percentage +may not be displayed. If it isn't, then change ~BAT0~ with whatever you see when you run +~ls /sys/class/power_supply~, assuming you have a laptop with a battery. After that, it should work +normally. ** Music -Replace all mention of ~/home/preston/~ in the mpd configuration of ~home.nix~ with whatever your home directory is. -Place your music files in ~$HOME/music~ and run ~mpc update~, then ~mpc add /~. This should add all your music in -~$HOME/music~ to the playlist to be read by the emacs program ~emms~. +Place your music files in ~$HOME/music~ and run ~mpc update~, then ~mpc add /~. +This should add all your music in ~$HOME/music~ to the playlist to be read by the emacs program ~emms~. ** Emacs -This will be quite the large section as there will be much to explain. Just clone my entire website: -#+begin_src shell - mkdir ~/org/ - git clone https://github.com/ret2pop/ret2pop-website ~/org/website -#+end_src -/Then/ start emacs. On first initialization, make sure to run: +On first initialization, make sure to run: #+begin_src emacs-lisp M-x pdf-tools-install M-x all-the-icons-install-fonts M-x nerd-icons-install-fonts #+end_src -then restart. This will make emacs look not ugly. Then, if you cloned my website, everything should work, although -you should remove my journal entries and all my files in ~mindmap~ and replace them with your own. +then restart. This will make emacs look not ugly. Also edit the very top of +~~/org/website/config/emacs.org~, modify the parameters (email, full name, etc...) to your desired +value. *** Keybindings These are the keybindings that I have set up for emacs. All the other keybindings are ones that are default to the packages installed or the builtin emacs keybindings. Note that I also use evil-mode, so you're going -to have to know vim keybindings. +to have to know vim keybindings. To get started with editing files, press space, and then +press period. #+begin_example + SPC . find-file SPC o a org-agenda SPC c b counsel-bookmark SPC o c org-capture @@ -165,18 +152,12 @@ In the config, replace the IRC configuration (server and name) with your own. Run ~ollama pull zephyr~ to get the zephyr ollama model. *** Mu4e After following the email advice from above, change my mail address and name to your own. -*** Agenda -Make a file ~$HOME/org/agenda.org~. From there, just google org-agenda. -*** Ox-publish -Steal the css stylesheet I use from the root of my website directory, and copy the layout of it. -Honestly, I will finish explaining how I manage my website later because it's a little bit pain -to explain in a concise manner. *** Elfeed Change my RSS feeds out in ~$HOME/org/website/config/elfeed.org~ with ones you want to read. -*** Stem Mode -[[https://github.com/ret2pop/stem][Stem]] is a programming language that I wrote, and in order for code blocks and syntax highlighting -to work, you need to install [[https://github.com/ret2pop/stem-mode][stem-mode]]. Or, you can get rid of stem-mode in the emacs configuration. - +** Website +I update my website with the command ~usite~ (in the terminal). This will work by default if you +set your ~vars.nix~ correctly and you have access to the server you're sshing through with rsync. ** Postamble -Once you've done all those things, you can call the system yours! You've successfully ripped out any part -of the configuration that names me or any of the gpg or ssh keys that I own. +Once you've done all those things, you can call the system yours! If you want to change anything +about the system or fork it to remove any mention of me from the defaults, be my guest. +If you want it to contain parts of my identity, that's also good. diff --git a/configuration.nix b/configuration.nix index a95f866..bf8191b 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,5 +1,7 @@ { config, pkgs, lib, inputs, ... }: - +let + vars = import ./vars.nix; +in { imports = [ @@ -44,17 +46,16 @@ }; boot = { - # CHANGEME delete this initrd entry + # CHANGEME delete initrd entry initrd.luks.devices."luks-30d6b69f-1ec0-4111-b5d3-c0138d485a49".device = "/dev/disk/by-uuid/30d6b69f-1ec0-4111-b5d3-c0138d485a49"; - # CHANGEME delete lanzaboote entry for now + lanzaboote = { - enable = true; + enable = vars.secureBoot; pkiBundle = "/etc/secureboot"; }; loader = { - # CHANGEME to true - systemd-boot.enable = lib.mkForce false; + systemd-boot.enable = lib.mkForce (! vars.secureBoot); efi.canTouchEfiVariables = true; }; @@ -156,7 +157,7 @@ }; networking = { - hostName = "continuity-dell"; + hostName = vars.hostName; networkmanager = { enable = true; # wifi.macAddress = ""; @@ -237,7 +238,7 @@ }; # CHANGEME if using nvidia - videoDrivers = []; + videoDrivers = vars.videoDrivers; enable = true; }; @@ -279,7 +280,7 @@ enable = true; settings = { PasswordAuthentication = true; - AllowUsers = [ "preston" ]; + AllowUsers = [ vars.userName ]; PermitRootLogin = "no"; KbdInteractiveAuthentication = false; }; @@ -338,7 +339,7 @@ doas = { enable = true; extraRules = [{ - users = [ "preston" ]; + users = [ vars.userName ]; keepEnv = true; persist = true; }]; @@ -362,28 +363,27 @@ tree ]; - users = { - users = { - root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch" - ]; + + users.users = { + root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch" + ]; - preston = { - isNormalUser = true; - description = "Preston Pan"; - extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ]; - shell = pkgs.zsh; - packages = [ - ]; - }; + "${vars.userName}" = { + isNormalUser = true; + description = vars.fullName; + extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ]; + shell = pkgs.zsh; + packages = [ + ]; }; }; - nix.settings.experimental-features = "nix-command flakes"; - # CHANGEME timezone - time.timeZone = "America/Vancouver"; + nix.settings.experimental-features = "nix-command flakes"; + time.timeZone = vars.timeZone; i18n.defaultLocale = "en_CA.UTF-8"; + system = { stateVersion = "24.11"; nixos = { diff --git a/home.nix b/home.nix index 1ddf427..a5faddc 100644 --- a/home.nix +++ b/home.nix @@ -1,9 +1,42 @@ -{ pkgs, wallpapers, scripts, ... }: +{ lib, config, pkgs, wallpapers, scripts, ... }: +let + vars = import ./vars.nix; +in { home = { + activation.startup-files = lib.mkAfter '' + if [ ! -d "${config.home.homeDirectory}/org/website/" ]; then + mkdir -p ${config.home.homeDirectory}/org/website/ + ${pkgs.git}/bin/git clone https://git.nullring.xyz/ret2pop-website.git ${config.home.homeDirectory}/org/website/ + fi + + if [ ! -d "${config.home.homeDirectory}/src/publish-org-roam-ui" ]; then + mkdir -p ${config.home.homeDirectory}/src + ${pkgs.git}/bin/git clone https://git.nullring.xyz/publish-org-roam-ui.git ${config.home.homeDirectory}/src/publish-org-roam-ui + fi + + if [ ! -d "${config.home.homeDirectory}/.password-store" ]; then + ${pkgs.git}/bin/git clone ${vars.passwordRepo} ${config.home.homeDirectory}/.password-store + fi + + if [ ! -d "${config.home.homeDirectory}/email/ret2pop/" ]; then + mkdir -p ${config.home.homeDirectory}/email/ret2pop/ + fi + + if [ ! -d "${config.home.homeDirectory}/music" ]; then + mkdir -p ${config.home.homeDirectory}/music + fi + + if [ ! -d "${config.home.homeDirectory}/sounds" ]; then + mkdir -p ${config.home.homeDirectory}/sounds + fi + touch ${config.home.homeDirectory}/org/agenda.org + touch ${config.home.homeDirectory}/org/notes.org + ''; + enableNixpkgsReleaseCheck = false; - username = "preston"; - homeDirectory = "/home/preston"; + username = vars.userName; + homeDirectory = "/home/${vars.userName}"; stateVersion = "23.11"; packages = with pkgs; [ @@ -98,7 +131,7 @@ font = "Fira Code 10"; defaultTimeout = 3000; extraConfig = '' -on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video +on-notify=exec mpv /home/${vars.userName}/sounds/notification.wav --no-config --no-video ''; }; @@ -131,11 +164,11 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video mpd = { enable = true; - dbFile = "/home/preston/.config/mpd/db"; - dataDir = "/home/preston/.config/mpd/"; + dbFile = "/home/${vars.userName}/.config/mpd/db"; + dataDir = "/home/${vars.userName}/.config/mpd/"; network.port = 6600; - musicDirectory = "/home/preston/music"; - playlistDirectory = "/home/preston/.config/mpd/playlists"; + musicDirectory = "/home/${vars.userName}/music"; + playlistDirectory = "/home/${vars.userName}/.config/mpd/playlists"; network.listenAddress = "0.0.0.0"; extraConfig = '' audio_output { @@ -688,6 +721,7 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video }; }; }; + waybar = { enable = true; style = '' @@ -942,12 +976,7 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video position = "top"; height = 50; - output = [ - "HDMI-A-1" - "eDP-1" - "DP-2" - "DP-3" - ]; + output = vars.monitors; modules-left = [ "hyprland/workspaces" ]; modules-center = [ "hyprland/window" ]; @@ -990,9 +1019,9 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video v = "vim"; py = "python3"; rb = "doas nixos-rebuild switch"; - nfu = "cd ~/src/hyprnixmacs && git add . && git commit -m \"new flake lock\" && cd /etc/nixos/ && doas nix flake update"; + nfu = "cd ~/src/toughnix && git add . && git commit -m \"new flake lock\" && cd /etc/nixos/ && doas nix flake update"; usite - = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/"; + = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ ${vars.websiteLocation}"; sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; i3 = "exec ${pkgs.i3-gaps}/bin/i3"; }; @@ -1092,8 +1121,8 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video # CHANGEME different email server and account extraConfig = '' IMAPAccount ret2pop - Host imap.gmail.com - User ret2pop@gmail.com + Host ${vars.imapsServer} + User ${vars.userName} PassCmd "pass Mail" Port 993 TLSType IMAPS @@ -1132,16 +1161,16 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video logfile ~/.msmtp.log # Gmail - account preston - host smtp.gmail.com + account ${vars.userName} + host ${vars.smtpsServer} port 587 - from ret2pop@gmail.com - user ret2pop@gmail.com + from ${vars.email} + user ${vars.email} passwordeval "pass Mail" # Set a default account - account default : preston + account default : ${vars.userName} ''; }; @@ -1152,11 +1181,11 @@ on-notify=exec mpv /home/preston/sounds/notification.wav --no-config --no-video git = { enable = true; # CHANGEME name and email - userName = "Preston Pan"; - userEmail = "ret2pop@gmail.com"; + userName = vars.fullName; + userEmail = vars.email; signing = { # CHANGEME GIT SIGNING KEY - key = "AEC273BF75B6F54D81343A1AC1FE6CED393AE6C1"; + key = vars.gpgKey; signByDefault = true; }; diff --git a/initial-deploy.sh b/initial-deploy.sh index 0ab475e..ac71dd2 100755 --- a/initial-deploy.sh +++ b/initial-deploy.sh @@ -8,18 +8,4 @@ sudo ln $HOME/src/toughnix/flake.nix /etc/nixos/ sudo ln $HOME/src/toughnix/flake.lock /etc/nixos/ sudo ln $HOME/src/toughnix/configuration.nix /etc/nixos/ sudo ln $HOME/src/toughnix/home.nix /etc/nixos/ - -mkdir -p ~/org -git clone git@nullring.xyz:/var/git/ret2pop-website ~/org/website -# git clone https://git.nullring.xyz/ret2pop-website.git ~/org/website -mkdir -p ~/src -git clone git@nullring.xyz:/var/git/publish-org-roam-ui ~/src -# git clone https://git.nullring.xyz/publish-org-roam-ui.git ~/org/website - -cd /etc/nixos -sudo nix --extra-experimental-features nix-command --extra-experimental-features flakes flake update -sudo nixos-rebuild switch --flake .#continuity-dell - -echo "Installlation done! Rebooting..." -sleep 3 -reboot +sudo cp $HOME/src/toughnix/vars.nix /etc/nixos/ diff --git a/vars.nix b/vars.nix new file mode 100644 index 0000000..3243438 --- /dev/null +++ b/vars.nix @@ -0,0 +1,54 @@ +{ + # set your host name. + hostName = "continuity-dell"; + + # username used for unix username as well as msmtp configuration name. + userName = "preston"; + + # your full name + fullName = "Preston Pan"; + + # Create a new gpg key for this system or import your keys from another system + gpgKey = "AEC273BF75B6F54D81343A1AC1FE6CED393AE6C1"; + + # If you're not forking my website, this value doesn't matter + websiteLocation = "root@nullring.xyz:/usr/share/nginx/ret2pop/"; + + # GPG encrypted password repository (leave as default value and change later if you don't have one) + passwordRepo = "https://git.nullring.xyz/passwords.git"; + + # email used for `From` and also as your login email. + email = "ret2pop@gmail.com"; + + # IMAPS server. Must be encrypted. + imapsServer = "imap.gmail.com"; + + # SMTPS server. Must be encrypted. + smtpsServer = "smtp.gmail.com"; + + # Change to your timezone + timeZone = "America/Vancouver"; + + # After rebooting, use the command `hyprctl monitors` in order to check which monitor + # you are using. This is so that waybar knows which monitors to appear in. + monitors = [ + "HDMI-A-1" + "eDP-1" + "DP-2" + "DP-3" + ]; + + # enable video drivers based on your system. + # Example: + # videoDrivers = [ + # "nvidia" + # "amdgpu" + # ] + videoDrivers = [ + ]; + + # use false if this is your first install of continuity. + # See https://github.com/nix-community/lanzaboote/blob/master/docs/QUICK_START.md + # for more information. + secureBoot = true; +} -- cgit