From d2e37a0e36be947eab629d0e15c92e23e778c0de Mon Sep 17 00:00:00 2001 From: "Gustavo \"Guz\" L de Mello" Date: Thu, 12 Mar 2026 15:34:08 -0300 Subject: [PATCH] feat(guz-lite,guz,browser): use/try qutebrowser again --- configuration.nix | 10 +- flake.nix | 59 ++- home/guz-lite/apps.nix | 1 - home/guz-lite/browser.nix | 347 ------------------ home/guz-lite/browser/default.nix | 126 +++++++ home/guz-lite/browser/profiles.nix | 59 +++ home/guz-lite/browser/scripts.nix | 80 ++++ home/guz-lite/default.nix | 1 + home/guz/browser.nix | 75 +--- hosts/battleship/services.nix | 24 ++ hosts/rusty/base.nix | 146 ++++++++ hosts/rusty/configuration.nix | 13 +- hosts/rusty/disks-ext4.nix | 47 +++ hosts/rusty/disks.nix | 109 ++++-- hosts/rusty/hardware-configuration.nix | 4 +- hosts/virus/configuration.nix | 76 ++++ modules/home-manager/qutebrowser-profiles.nix | 7 +- packages/dotstate/default.nix | 13 + packages/dotstate/dotstate.sh | 28 ++ secrets.nix | 4 + secrets.yaml | 7 +- specialisations/nixos/default.nix | 5 + specialisations/nixos/vm.nix | 37 ++ state.json | 3 + 24 files changed, 809 insertions(+), 472 deletions(-) delete mode 100644 home/guz-lite/browser.nix create mode 100644 home/guz-lite/browser/default.nix create mode 100644 home/guz-lite/browser/profiles.nix create mode 100644 home/guz-lite/browser/scripts.nix create mode 100644 hosts/rusty/base.nix create mode 100644 hosts/rusty/disks-ext4.nix create mode 100644 hosts/virus/configuration.nix create mode 100644 packages/dotstate/default.nix create mode 100644 packages/dotstate/dotstate.sh create mode 100644 specialisations/nixos/default.nix create mode 100644 specialisations/nixos/vm.nix create mode 100644 state.json diff --git a/configuration.nix b/configuration.nix index 3bd9b6f..71fd063 100644 --- a/configuration.nix +++ b/configuration.nix @@ -72,11 +72,19 @@ # Networking networking = { networkmanager.enable = true; - nameservers = ["192.168.0.1" "9.9.9.9"]; + nameservers = [ + /* + "192.168.0.1" + */ + "8.8.8.8" + # "1.1.1.1" + # "9.9.9.9" + ]; }; # Firewall networking.firewall.enable = true; + networking.firewall.allowedUDPPorts = [53]; networking.firewall.allowedTCPPorts = [80 433]; # SSH diff --git a/flake.nix b/flake.nix index c060dd9..ed3d1c3 100644 --- a/flake.nix +++ b/flake.nix @@ -13,6 +13,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + impermanence = { + url = "github:nix-community/impermanence"; + inputs.nixpkgs.follows = ""; + inputs.home-manager.follows = ""; + }; + stylix = { url = "github:danth/stylix/release-25.11"; inputs.nixpkgs.follows = "nixpkgs"; @@ -47,7 +53,8 @@ }; neovim = { - url = "git+https://forge.capytal.company/dot013/nvim"; + # url = "git+https://code.capytal.cc/dot013/nvim"; + url = "git+file:///home/guz/.projects/dot013-nvim"; }; rec-sh = { @@ -55,17 +62,34 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - inputs.nixpkgs.follows = "nixpkgs"; - }; + # affinity = { + # url = "github:mrshmllow/affinity-nix"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; zen-browser = { - url = "github:0xc000022070/zen-browser-flake?tag=1.16t-1759964276"; + url = "github:0xc000022070/zen-browser-flake"; # url = "git+file:///home/guz/.projects/dot013-zen-browser-flake"; inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.home-manager.follows = "home-manager"; }; # hyprland.url = "github:hyprwm/Hyprland"; + + nixpkgs-2505.url = "github:nixos/nixpkgs/nixos-25.05"; + disko-2505 = { + url = "github:nix-community/disko/v1.12.0"; + inputs.nixpkgs.follows = "nixpkgs-2505"; + }; + home-manager-2505 = { + url = "github:nix-community/home-manager/release-25.05"; + inputs.nixpkgs.follows = "nixpkgs-2505"; + }; + stylix-2505 = { + url = "github:danth/stylix/release-25.05"; + inputs.nixpkgs.follows = "nixpkgs-2505"; + inputs.home-manager.follows = "home-manager-2505"; + }; }; outputs = { @@ -140,7 +164,27 @@ ./home/guz-lite/configuration.nix ]; }; - "rusty" = nixpkgs.lib.nixosSystem rec { + "rusty" = inputs.nixpkgs-2505.lib.nixosSystem rec { + system = "x86_64-linux"; + specialArgs = { + pkgs-unstable = import nixpkgs-unstable { + inherit system; + config.allowUnfreePredicate = _: true; + }; + inherit inputs self; + }; + modules = + [ + inputs.home-manager-2505.nixosModules.home-manager + ./style.nix + ] + ++ [ + inputs.stylix-2505.nixosModules.stylix + ./modules/nixos/context.nix + ./hosts/rusty/configuration.nix + ]; + }; + "virus" = nixpkgs.lib.nixosSystem rec { system = "x86_64-linux"; specialArgs = { pkgs-unstable = import nixpkgs-unstable { @@ -150,8 +194,7 @@ inherit inputs self; }; modules = [ - ./modules/nixos/context.nix - ./hosts/rusty/configuration.nix + ./hosts/virus/configuration.nix ]; }; }; @@ -195,6 +238,7 @@ devkit = { lib, pkgs, + stdenv, ... }: let devkitPkgs = self.packages.${pkgs.system}.devkit; @@ -235,6 +279,7 @@ ... }: { davincify = pkgs.callPackage ./packages/davincify {}; + dotstate = pkgs.callPackage ./packages/dotstate {}; untrack = pkgs.callPackage ./packages/untrack {}; audacity4 = pkgs.callPackage ./packages/audacity4 {}; diff --git a/home/guz-lite/apps.nix b/home/guz-lite/apps.nix index 927f93e..611e574 100644 --- a/home/guz-lite/apps.nix +++ b/home/guz-lite/apps.nix @@ -7,7 +7,6 @@ imports = [ inputs.nix-flatpak.homeManagerModules.nix-flatpak inputs.rec-sh.homeManagerModules.rec-sh - ./browser.nix ]; programs.rec-sh.enable = true; diff --git a/home/guz-lite/browser.nix b/home/guz-lite/browser.nix deleted file mode 100644 index 2e5627b..0000000 --- a/home/guz-lite/browser.nix +++ /dev/null @@ -1,347 +0,0 @@ -{ - config, - lib, - osConfig, - pkgs, - self, - ... -}: { - imports = [ - self.homeManagerModules.zen-browser - ]; - - xdg.mimeApps.defaultApplications = with lib; - listToAttrs (map (name: { - inherit name; - value = config.programs.zen-browser.package.meta.desktopFileName; - }) [ - "application/x-extension-shtml" - "application/x-extension-xhtml" - "application/x-extension-html" - "application/x-extension-xht" - "application/x-extension-htm" - "x-scheme-handler/unknown" - "x-scheme-handler/mailto" - "x-scheme-handler/chrome" - "x-scheme-handler/about" - "x-scheme-handler/https" - "x-scheme-handler/http" - "application/xhtml+xml" - "application/json" - "text/plain" - "text/html" - ]); - - programs.zen-browser = let - locked = v: { - Value = v; - Status = "locked"; - }; - settings = { - "beacon.enabled" = locked false; - "browser.startup.page" = locked 3; - "device.sensors.enabled" = locked false; - "dom.battery.enabled" = locked false; - "dom.event.clipboardevents.enabled" = locked false; - "geo.enabled" = locked false; - "media.peerconnection.enabled" = locked false; - "privacy.clearHistory.cookiesAndStorage" = locked false; - "privacy.clearHistory.siteSettings" = locked false; - "privacy.firstparty.isolate" = locked true; - "privacy.resistFingerprinting" = locked true; - "privacy.trackingprotection.enabled" = locked true; - "privacy.trackingprotection.socialtracking.enabled" = locked true; - "webgl.disabled" = true; - "zen.view.use-single-toolbar" = false; - }; - in { - enable = true; - profiles."default" = { - containersForce = true; - containers = { - Personal = { - color = "purple"; - icon = "fingerprint"; - id = 1; - }; - Work = { - color = "blue"; - icon = "briefcase"; - id = 2; - }; - Shopping = { - color = "yellow"; - icon = "cart"; - id = 4; - }; - Goverment = { - color = "orange"; - icon = "dollar"; - id = 5; - }; - }; - extensions.force = true; - extensions.settings = { - "tridactyl.vim@cmcaine.co.uk".settings = { - userconfig = { - configVersion = "2.0"; - nmaps = { - "K" = "tabprev"; - "J" = "tabnext"; - }; - theme = "midnight"; - searchurls = with lib; - mapAttrs' (n: v: - nameValuePair - ( - if v?definedAliases - then elemAt v.definedAliases 0 - else n - ) - (replaceString "{searchTerms}" "" (elemAt v.urls 0).template)) - config.programs.zen-browser.profiles."default".search.engines; - }; - }; - "uBlock0@raymondhill.net".settings = { - selectedFilterLists = [ - "user-filters" - "ublock-filters" - "ublock-badware" - "ublock-privacy" - "ublock-unbreak" - "ublock-quick-fixes" - "easylist" - "easyprivacy" - "urlhaus-1" - "plowe-0" - ]; - dynamicFilteringString = '' - behind-the-scene * * noop - behind-the-scene * inline-script noop - behind-the-scene * 1p-script noop - behind-the-scene * 3p-script noop - behind-the-scene * 3p-frame noop - behind-the-scene * image noop - behind-the-scene * 3p noop - * * 3p-script block - * * 3p-frame block - capytal.cc * * noop - capytal.company * * noop - guz.one * * noop - keikos.work * * noop - lored.dev * * noop - home-manager-options.extranix.com extranix.com * noop - home-manager-options.extranix.com home-manager-options.extranix.com * noop - ''; - }; - "{ef87d84c-2127-493f-b952-5b4e744245bc}".settings = { - baseUrl = "http://127.0.0.1:5600"; - consentRequired = true; - consent = true; - hostname = osConfig.networking.hostName; - enabled = true; - browserName = "zen"; - }; - "7esoorv3@alefvanoon.anonaddy.me".settings = with builtins; fromJSON (readFile ./libredirect.json); - }; - search.default = "brave"; - search.force = true; - search.engines = { - brave = { - name = "Brave"; - urls = [{template = "https://search.brave.com/search?q={searchTerms}";}]; - }; - go = { - name = "Go Packages"; - urls = [{template = "https://pkg.go.dev/search?q={searchTerms}";}]; - icon = pkgs.fetchurl { - url = "https://pkg.go.dev/static/shared/logo/go-white.svg"; - hash = "sha256-oqFYZnPAxESEpY0Qcz5OPiCMTWXyI1nqOEYmsdbGqy4="; - }; - definedAliases = ["@go"]; - }; - mdn = { - name = "MDN"; - urls = [{template = "https://developer.mozilla.org/en-US/search?q={searchTerms}";}]; - icon = pkgs.fetchurl { - url = "https://developer.mozilla.org/static/client/mdn-m.70aac857e4a908d0.svg"; - hash = "sha256-sTAKxjk5b8lUaa9057LOH0H3N54LeXkPF/mOe4gpHDI="; - }; - definedAliases = ["@mdn"]; - }; - nix-home-manager = { - name = "Home Manager"; - urls = [{template = "https://home-manager-options.extranix.com/?query={searchTerms}";}]; - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@hm"]; - }; - nix-noodle = { - name = "Noodle"; - urls = [{template = "https://noogle.dev/q?term={searchTerms}";}]; - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@lib"]; - }; - nix-options = { - name = "Nix Options"; - urls = [{template = "https://search.nixos.org/options?query={searchTerms}";}]; - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@opt"]; - }; - nix-packages = { - name = "Nix Packages"; - urls = [{template = "https://search.nixos.org/packages?query={searchTerms}";}]; - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@pkg"]; - }; - nix-wiki = { - name = "Nix Wiki"; - urls = [ - {template = "https://wiki.nixos.org/w/index.php?search={searchTerms}";} - {template = "https://nixos.wiki/index.php?search={searchTerms}";} - ]; - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@wiki"]; - }; - }; - settings = with builtins; - mapAttrs (n: v: - if isAttrs v - then v.Value - else v) - settings; - shortcuts = { - "key_search" = {key = "";}; - "key_search2" = {key = "";}; - "zen-workspace-forward" = { - key = "j"; - modifiers = { - control = true; - }; - action = "cmd_zenWorkspaceForward"; - }; - "zen-workspace-backward" = { - key = "k"; - modifiers = { - control = true; - }; - action = "cmd_zenWorkspaceBackward"; - }; - }; - spacesForce = true; - spaces = let - containers = config.programs.zen-browser.profiles."default".containers; - in { - "Space" = { - id = "c6de089c-410d-4206-961d-ab11f988d40a"; - position = 1000; - }; - "Work" = { - id = "cdd10fab-4fc5-494b-9041-325e5759195b"; - icon = "chrome://browser/skin/zen-icons/selectable/star-1.svg"; - container = containers."Work".id; - position = 2000; - }; - "Shopping" = { - id = "78aabdad-8aae-4fe0-8ff0-2a0c6c4ccc24"; - icon = "chrome://browser/skin/zen-icons/selectable/basket.svg"; - container = containers."Shopping".id; - position = 5000; - }; - "Goverment" = { - id = "7e83e835-caef-4b94-be0c-b6b3959d0830"; - icon = "chrome://browser/skin/zen-icons/selectable/folder.svg"; - container = containers."Goverment".id; - position = 6000; - }; - }; - }; - policies = { - AutofillAdressEnabled = true; - AutofillCreditCardEnabled = false; - EnableTrackingProtection = { - Value = true; - Locked = true; - Cryptomining = true; - Fingerprinting = true; - }; - ExtensionSettings = { - "@contain-facebook" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/facebook-container/latest.xpi"; - installation_mode = "force_installed"; - }; - "7esoorv3@alefvanoon.anonaddy.me" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/libredirect/latest.xpi"; - installation_mode = "force_installed"; - }; - "addon@darkreader.org" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi"; - installation_mode = "force_installed"; - }; - "addon@simplelogin" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/simplelogin/latest.xpi"; - installation_mode = "force_installed"; - }; - "deArrow@ajay.app" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/dearrow/latest.xpi"; - installation_mode = "force_installed"; - }; - "extraneous@sysrqmagician.github.io" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/extraneous/latest.xpi"; - installation_mode = "force_installed"; - }; - "idcac-pub@guus.ninja" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/istilldontcareaboutcookies/latest.xpi"; - installation_mode = "force_installed"; - }; - "tridactyl.vim@cmcaine.co.uk" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/tridactyl-vim/latest.xpi"; - installation_mode = "force_installed"; - }; - "sponsorBlocker@ajay.app" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi"; - installation_mode = "force_installed"; - }; - "uBlock0@raymondhill.net" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; - installation_mode = "force_installed"; - }; - "{74145f27-f039-47ce-a470-a662b129930a}" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/clearurls/latest.xpi"; - installation_mode = "force_installed"; - }; - "{aecec67f-0d10-4fa7-b7c7-609a2db280cf}" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/violentmonkey/latest.xpi"; - installation_mode = "force_installed"; - }; - "{ef87d84c-2127-493f-b952-5b4e744245bc}" = { - install_url = "https://addons.mozilla.org/firefox/downloads/latest/aw-watcher-web/latest.xpi"; - installation_mode = "force_installed"; - }; - }; - DisableAppUpdate = true; - DisableFeedbackCommands = true; - DisableFirefoxStudies = true; - DisablePocket = true; - DisableTelemetry = true; - DontCheckDefaultBrowser = true; - NoDefaultBookmarks = true; - OfferToSaveLogins = false; - Preferences = with builtins; - mapAttrs ( - n: v: - if isAttrs v - then v - else {Value = v;} - ) - settings; - ShowHomeButton = false; - WindowsSSO = false; - }; - }; - - programs.mpv.enable = true; - programs.mpv.scripts = with pkgs.mpvScripts; [ - quality-menu - sponsorblock - ]; -} diff --git a/home/guz-lite/browser/default.nix b/home/guz-lite/browser/default.nix new file mode 100644 index 0000000..16e3010 --- /dev/null +++ b/home/guz-lite/browser/default.nix @@ -0,0 +1,126 @@ +{ + config, + self, + pkgs, + lib, + ... +}: +with lib; { + imports = [ + self.homeManagerModules.qutebrowser-profiles + ./scripts.nix + ./profiles.nix + ]; + + xdg.mimeApps.defaultApplications = with lib; + listToAttrs (map (name: { + inherit name; + value = config.programs.qutebrowser.package.meta.desktopFileName; + }) [ + "application/x-extension-shtml" + "application/x-extension-xhtml" + "application/x-extension-html" + "application/x-extension-xhtm" + "application/x-extension-htm" + "x-scheme-handler/unknown" + "x-scheme-handler/mailto" + "x-scheme-handler/chrome" + "x-scheme-handler/about" + "x-scheme-handler/https" + "x-scheme-handler/http" + "application/xhtml+xml" + "application/json" + "text/plain" + "text/html" + ]); + + programs.qutebrowser.enable = true; + programs.qutebrowser.keyBindings = { + normal = { + ",m" = "spawn umpv {url}"; + ",M" = "hint links spawn umpv {hint-url}"; + ";M" = "hint --rapid links spawn umpv {hint-url}"; + "tD" = "config-cycle -t -u {url} colors.webpage.darkmode.enabled false true ;; reload"; + }; + }; + programs.qutebrowser.settings = { + auto_save.session = true; + confirm_quit = ["downloads"]; + + tabs.width = builtins.floor (1920 * 0.1); + tabs.position = "left"; + + # Colors + colors.tabs.pinned.even.bg = mkForce "#181818"; + colors.tabs.pinned.odd.bg = mkForce "#181818"; + + colors.tabs.selected.even.bg = mkForce "#CDD6F4"; # Catppuccin's Text + colors.tabs.selected.odd.bg = mkForce "#CDD6F4"; # Catppuccin's Text + colors.tabs.selected.even.fg = mkForce "#111111"; + colors.tabs.selected.odd.fg = mkForce "#111111"; + + colors.tabs.pinned.selected.even.bg = mkForce "#CDD6F4"; # Catppuccin's Text + colors.tabs.pinned.selected.odd.bg = mkForce "#CDD6F4"; # Catppuccin's Text + + ## Darkmode + colors.webpage.darkmode.enabled = true; + colors.webpage.darkmode.algorithm = "lightness-cielab"; + colors.webpage.darkmode.policy.images = "never"; + + # Prevent fingerprinting + content.canvas_reading = false; + content.cookies.accept = "all"; + content.cookies.store = true; + content.geolocation = false; + content.webgl = false; + content.webrtc_ip_handling_policy = "default-public-interface-only"; + }; + programs.qutebrowser.extraConfig = '' + config.set('colors.webpage.darkmode.enabled', False, 'file://*') + config.set('colors.webpage.darkmode.enabled', False, 'http://*:*/*') + + config.set('colors.webpage.darkmode.enabled', False, 'capytal.company') + config.set('colors.webpage.darkmode.enabled', False, '*.capytal.company') + config.set('colors.webpage.darkmode.enabled', False, 'capytal.cc') + config.set('colors.webpage.darkmode.enabled', False, '*.capytal.cc') + config.set('colors.webpage.darkmode.enabled', False, 'lored.dev') + config.set('colors.webpage.darkmode.enabled', False, '*.lored.dev') + config.set('colors.webpage.darkmode.enabled', False, 'guz.one') + config.set('colors.webpage.darkmode.enabled', False, '*.guz.one') + + # Thanks to @hseg on GitHub (https://github.com/qutebrowser/qutebrowser/issues/6880#issuecomment-1815248845) + config.bind('o', 'cmd-set-text -s :open -s') + config.bind('go', 'cmd-set-text :open -s {url:pretty}') + config.bind('O', 'cmd-set-text -s :open -s -t') + config.bind('gO', 'cmd-set-text :open -s -t -r {url:pretty}') + config.bind('xo', 'cmd-set-text -s :open -s -b') + config.bind('xO', 'cmd-set-text :open -s -b -r {url:pretty}') + config.bind('wo', 'cmd-set-text -s :open -s -w') + config.bind('wO', 'cmd-set-text :open -s -w {url:pretty}') + config.bind('pp', 'open -s -- {clipboard}') + config.bind('pP', 'open -s -- {primary}') + config.bind('Pp', 'open -s -t -- {clipboard}') + config.bind('PP', 'open -s -t -- {primary}') + config.bind('wp', 'open -s -w -- {clipboard}') + config.bind('wP', 'open -s -w -- {primary}') + ''; + programs.qutebrowser.searchEngines = { + DEFAULT = "https://search.brave.com/search?q={}"; + # Nix + pkg = "https://search.nixos.org/packages?query={}"; + opt = "https://search.nixos.org/options?query={}"; + lib = "https://noogle.dev/q?term={}"; + hm = "https://home-manager-options.extranix.com/?query={}"; + wiki = "https://wiki.nixos.org/w/index.php?search={}"; + + # Wikipedia + w = "https://en.wikipedia.org/wiki/Special:Search?search={}&go=Go&ns0=1"; + wpt = "https://pt.wikipedia.org/wiki/Special:Search?search={}&go=Go&ns0=1"; + }; + + programs.mpv.enable = true; + programs.mpv.scripts = with pkgs.mpvScripts; [ + quality-menu + sponsorblock + ]; +} diff --git a/home/guz-lite/browser/profiles.nix b/home/guz-lite/browser/profiles.nix new file mode 100644 index 0000000..a3155ba --- /dev/null +++ b/home/guz-lite/browser/profiles.nix @@ -0,0 +1,59 @@ +{config, ...}: { + programs.qutebrowser.profiles = let + programmingSearchEngines = { + # Languages + go = "https://pkg.go.dev/search?q={}"; + }; + setColor = c: { + colors.tabs.selected.even.bg = c; + colors.tabs.selected.odd.bg = c; + colors.tabs.pinned.selected.even.bg = c; + colors.tabs.pinned.selected.odd.bg = c; + }; + in { + "art" = { + settings = setColor "#CBA6F7"; # Catppuccin's Mauve; + }; + "personal" = { + settings = setColor "#F5E0DC"; # Catppuccin's Rosewater + }; + "work" = { + settings = setColor "#74C7EC"; # Catppuccin's Sapphire + searchEngines = programmingSearchEngines; + }; + "job" = { + settings = + (config.programs.qutebrowser.profiles."work".settings) + // { + confirm_quit = ["always"]; + content.webgl = true; + } + // (setColor "#A6E2A1"); # Catppuccin's Green + searchEngines = programmingSearchEngines; + }; + "shopping" = { + settings = setColor "#F9E2AF"; # Catppuccin's Yellow + }; + "goverment" = { + settings = setColor "#A6ADC8"; # Catppuccin's Subtext 1 + }; + "academic" = { + settings = + { + confirm_quit = ["always"]; + content.webgl = true; + } + // setColor "#19236F"; + }; + "facebook" = { + settings = setColor "#1877F2"; # Facebook's Blue + }; + "yt-music" = { + settings = + { + tabs.width = 10; + } + // (setColor "#FF0000"); # Youtube's Red + }; + }; +} diff --git a/home/guz-lite/browser/scripts.nix b/home/guz-lite/browser/scripts.nix new file mode 100644 index 0000000..e65bb49 --- /dev/null +++ b/home/guz-lite/browser/scripts.nix @@ -0,0 +1,80 @@ +{pkgs, ...}: { + programs.qutebrowser.greasemonkey = [ + # Youtube Adblocking + (pkgs.fetchurl { + url = "https://raw.githubusercontent.com/afreakk/greasemonkeyscripts/refs/heads/master/youtube_adblock.js"; + hash = "sha256-AyD9VoLJbKPfqmDEwFIEBMl//EIV/FYnZ1+ona+VU9c="; + }) + + # Youtube Sponsorblock + (pkgs.fetchurl { + url = "https://raw.githubusercontent.com/afreakk/greasemonkeyscripts/refs/heads/master/youtube_sponsorblock.js"; + hash = "sha256-nwNade1oHP+w5LGUPJSgAX1+nQZli4Rhe8FFUoF5mLE="; + }) + + # Reddit adblock + (pkgs.fetchurl { + url = "https://github.com/afreakk/greasemonkeyscripts/raw/refs/heads/master/reddit_adblock.js"; + hash = "sha256-KmCXL4GrZtwPLRyAvAxADpyjbdY5UFnS/XKZFKtg7tk="; + }) + + # Pinterest adblock + (pkgs.writeText "pinterest_adblock.js" '' + // ==UserScript== + // @name remove ads from pinterest + // @version 1.0.0 + // @author guz + // @match *://*.pinterest.com/* + // ==/UserScript== + + const removeShit = () => { + document.querySelectorAll('[data-grid-item]:has([title="Promoted by"])').forEach((e) => e.remove()); + document.querySelectorAll('[data-grid-item]:has([data-test-id="oneTapPromotedPin"])').forEach((e) => e.remove()); + document.querySelectorAll('[data-grid-item]:has([aria-label="Product Pin"])').forEach((e) => e.remove()); + // document.querySelectorAll('[data-grid-item]:has-text(ideas you might love)').forEach((e) => e.remove()); + // document.querySelectorAll('[data-grid-item]:has-text(Seaches to try)').forEach((e) => e.remove()); + }; + (trySetInterval = () => { + window.setInterval(removeShit, 1000); + })(); + '') + + # Privacy Redirector + (pkgs.substitute { + src = pkgs.fetchurl { + url = "https://github.com/dybdeskarphet/privacy-redirector/raw/refs/heads/main/privacy-redirector.user.js"; + hash = "sha256-xj36+/3coiStIxftWCJUWHokSEmr+YRLOTktbmn5TkU="; + }; + substitutions = [ + # ON-OFF (Redirection / Farside) + "--replace" + "pinterest = [true, true]" + "pinterest = [false, false]" + "--replace" + "tumblr = [true, false]" + "tumblr = [false, false]" + "--replace" + "wikipedia = [true, false]" + "wikipedia = [false, false]" + "--replace" + "youtube = [true, false]" + "youtube = [false, false]" + "--replace" + "instagram = [true, true]" + "instagram = [false, false]" + ]; + }) + + # # Aternos Anti-Anti-Adblock + # (pkgs.fetchurl { + # url = "https://gist.github.com/DvilMuck/f2b14f3f65e8f22974d781277158f82a/raw/66a0d8d9dd598fc516c3c9d9bbf6ef3f0f6a7a1e/aternosAntiAntiadblock.user.js"; + # hash = "sha256-PBFCt9o22D7WAN8S6C2BnLKgG3J5zZ/mWbWspCKcm6k="; + # }) + # + # # Aternos block tracking + # (pkgs.fetchurl { + # url = "https://gist.github.com/DvilMuck/f2b14f3f65e8f22974d781277158f82a/raw/66a0d8d9dd598fc516c3c9d9bbf6ef3f0f6a7a1e/aternosBlockTracking.user.js"; + # hash = "sha256-GDDx3gbvh28qiB3Gi61k/pdM11wJhcV7dwCRGNvq30c="; + # }) + ]; +} diff --git a/home/guz-lite/default.nix b/home/guz-lite/default.nix index acaa51a..1c8da51 100644 --- a/home/guz-lite/default.nix +++ b/home/guz-lite/default.nix @@ -6,6 +6,7 @@ ../worm/default.nix ./desktop + ./browser ./apps.nix ./style.nix diff --git a/home/guz/browser.nix b/home/guz/browser.nix index 5c77434..73182ad 100644 --- a/home/guz/browser.nix +++ b/home/guz/browser.nix @@ -1,68 +1,13 @@ -{ - config, - lib, - osConfig, - ... -}: { - programs.zen-browser = { - profiles."default" = { - containers = { - Job = { - color = "green"; - icon = "briefcase"; - id = 3; - }; - }; - extensions.settings = { - "tridactyl.vim@cmcaine.co.uk".settings = { - userconfig = { - autocontain = let - containers = config.programs.zen-browser.profiles."default".containers; - in - lib.concatMapAttrs (n: v: { - "^https?://[^/]*\"${n}\"/" = v; - "^https?://[^/]*\"www.${n}\"/" = v; - "^https?://([^/]*\\.|)${n}\\.com/" = v; - }) { - "linkedin.com" = containers."Job".name; - }; - autocontainmode = "relaxed"; - }; - }; - }; - # modsForce = true; - # mods = let - # store = inputs.zen-theme-store; - # in { - # "0c3d77bf-44fc-47a6-a183-39205dfa5f7e" = "${store}/themes/0c3d77bf-44fc-47a6-a183-39205dfa5f7e/theme.json"; - # "c8d9e6e6-e702-4e15-8972-3596e57cf398" = pkgs.fetchurl { - # url = "https://raw.githubusercontent.com/zen-browser/theme-store/refs/heads/main/themes/c8d9e6e6-e702-4e15-8972-3596e57cf398/theme.json"; - # hash = "sha256-v6VfUwdz01it0anDwwPcCSVufWCybue8CsPBd8X9KT0="; - # }; - # }; - spaces = let - containers = config.programs.zen-browser.profiles."default".containers; - in { - "Work2" = { - id = "1ea280f4-e428-4273-ace1-ad4f64a00cf5"; - icon = "chrome://browser/skin/zen-icons/selectable/star.svg"; - container = containers."Work".id; - position = 3000; - }; - "Work3" = { - id = "2a5a1ca3-66df-4194-8ff9-63d0abb8eaae"; - icon = "chrome://browser/skin/zen-icons/selectable/sun.svg"; - container = containers."Work".id; - position = 4000; - }; - "Job" = lib.mkIf (osConfig.context.job) { - id = "d7a663aa-3818-4ae7-b4b1-3d12a76d9c60"; - icon = "chrome://browser/skin/zen-icons/selectable/planet.svg"; - container = containers."Job".id; - position = 4500; - }; - }; - }; +{config, ...}: { + programs.qutebrowser.profiles = let + art = config.programs.qutebrowser.profiles."art"; + work = config.programs.qutebrowser.profiles."work"; + in { + # HACK: `inherit` is being used to prevent infinite recursion + "art-2" = {inherit (art) settings searchEngines;}; + "art-3" = {inherit (art) settings searchEngines;}; + "work-2" = {inherit (work) settings searchEngines;}; + "work-3" = {inherit (work) settings searchEngines;}; }; # The *state version* indicates which default diff --git a/hosts/battleship/services.nix b/hosts/battleship/services.nix index eb0453d..233d8cd 100644 --- a/hosts/battleship/services.nix +++ b/hosts/battleship/services.nix @@ -48,4 +48,28 @@ }; }; }; + + services.gitea = { + enable = false; + settings = { + server = rec { + HTTP_PORT = 3617; + DOMAIN = "localhost:${toString HTTP_PORT}"; + + ROOT_URL = "http://${DOMAIN}"; + }; + service = { + ENABLE_USER_HEATMAP = true; + }; + ui = { + DEFAULT_THEME = "capytal-dark"; + THEMES = lib.concatStringsSep "," [ + "lored-dark" + "lored-light" + "forgejo-dark" + ]; + FILE_ICON_THEME = "material"; + }; + }; + }; } diff --git a/hosts/rusty/base.nix b/hosts/rusty/base.nix new file mode 100644 index 0000000..b9278b8 --- /dev/null +++ b/hosts/rusty/base.nix @@ -0,0 +1,146 @@ +{ + lib, + pkgs, + ... +}: { + imports = [ + ../../secrets.nix + ]; + + context = { + job = false; + }; + + # GnuPG keyring + programs.gnupg.agent = { + enable = true; + pinentryPackage = pkgs.pinentry-gtk2; + settings = {default-cache-ttl = 3600 * 24;}; + }; + services.pcscd.enable = true; + + # Yet another nix cli helper + programs.nh = { + enable = true; + clean.enable = true; + clean.extraArgs = "--keep-since 7d --keep 3"; + flake = "/home/guz/.projects/dot013-nix"; + }; + + # QMK keyboard + hardware.keyboard.qmk.enable = true; + services.udev.packages = with pkgs; [via vial]; + + # Enable Nix-LD for standalone binaries (useful for development) + programs.nix-ld.enable = true; + + # Bluetooth + hardware.bluetooth.enable = true; + hardware.bluetooth.powerOnBoot = true; + services.blueman.enable = true; + + # Audio + services.pipewire = { + enable = true; + + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + + wireplumber.enable = true; + + extraConfig = { + pipewire-pulse."switch-on-connect.conf" = { + "pulse.cmd" = [ + { + cmd = "load-module"; + args = "module-switch-on-connect"; + } + ]; + }; + }; + }; + security.rtkit.enable = true; + services.pulseaudio.enable = lib.mkForce false; + environment.systemPackages = with pkgs; [ + pwvucontrol + via + vial + ]; + + # Networking + networking = { + networkmanager.enable = true; + nameservers = [ + /* + "192.168.0.1" + */ + "8.8.8.8" + # "1.1.1.1" + # "9.9.9.9" + ]; + }; + + # Firewall + networking.firewall.enable = true; + networking.firewall.allowedUDPPorts = [53]; + networking.firewall.allowedTCPPorts = [80 433]; + + # SSH + services.openssh.enable = true; + services.openssh.settings = { + PasswordAuthentication = false; + PermitRootLogin = "forced-commands-only"; + }; + + # Mosh + programs.mosh.enable = true; + programs.mosh.openFirewall = true; + + # Tailscale + services.tailscale.enable = true; + + # Locale + time.timeZone = "America/Sao_Paulo"; + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = let + locale = "pt_BR.UTF-8"; + in { + LC_ADDRESS = locale; + LC_IDENTIFICATION = locale; + LC_MEASUREMENT = locale; + LC_MONETARY = locale; + LC_NAME = locale; + LC_NUMERIC = locale; + LC_PAPER = locale; + LC_TELEPHONE = locale; + LC_TIME = locale; + }; + + # Keyboard + services.xserver.xkb = { + layout = "br"; + }; + console.keyMap = "br-abnt2"; + + security.polkit.enable = true; + + # Bootloader + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernel.sysctl."kernel.yama.ptrace_scope" = lib.mkForce 0; + + # Nix + nix.settings = { + experimental-features = ["nix-command" "flakes"]; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It's perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.11"; # Did you read the comment? +} diff --git a/hosts/rusty/configuration.nix b/hosts/rusty/configuration.nix index 5bf3c8d..9134e77 100644 --- a/hosts/rusty/configuration.nix +++ b/hosts/rusty/configuration.nix @@ -4,11 +4,14 @@ ... }: { imports = [ - ../../configuration.nix + ./base.nix + ../../home/worm/configuration.nix - inputs.disko.nixosModules.disko + inputs.disko-2505.nixosModules.disko ./disks.nix + # ./impermanence.nix + ./hardware-configuration.nix ]; @@ -33,12 +36,6 @@ services.logind.lidSwitch = "suspend"; services.logind.lidSwitchExternalPower = "lock"; - boot.supportedFilesystems = { - btrfs = true; - }; - boot.kernelParams = ["resume_offset=533760"]; - boot.resumeDevice = "/dev/disk/by-label/nixos"; - # HACK: Acer Aspire is a Bitch boot.loader.systemd-boot.enable = lib.mkForce true; boot.loader.efi.canTouchEfiVariables = lib.mkForce false; diff --git a/hosts/rusty/disks-ext4.nix b/hosts/rusty/disks-ext4.nix new file mode 100644 index 0000000..995a931 --- /dev/null +++ b/hosts/rusty/disks-ext4.nix @@ -0,0 +1,47 @@ +{ + disko.devices = { + disk.main = { + device = "/dev/sda"; # This will be overwritten by disko-install + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + label = "boot"; + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = ["defaults"]; + }; + }; + luks = { + end = "-4G"; + label = "luks"; + content = { + type = "luks"; + name = "cryptroot"; + settings = {crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];}; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + swap = { + size = "100%"; + content = { + type = "swap"; + randomEncryption = true; + priority = 100; + resumeDevice = true; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/rusty/disks.nix b/hosts/rusty/disks.nix index c387d01..8b5c7e4 100644 --- a/hosts/rusty/disks.nix +++ b/hosts/rusty/disks.nix @@ -17,50 +17,83 @@ mountOptions = ["defaults"]; }; }; - luks = { + root = { size = "100%"; - label = "luks"; content = { - type = "luks"; - name = "cryptroot"; - extraOpenArgs = [ - "--allow-discards" - "--perf-no_read_workqueue" - "--perf-no_write_workqueue" - ]; - settings = {crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];}; - content = { - type = "btrfs"; - extraArgs = ["-L" "nixos" "-f"]; - subvolumes = { - "/root" = { - mountpoint = "/"; - mountOptions = ["subvol=root" "compress=zstd" "noatime"]; - }; - "/home" = { - mountpoint = "/home"; - mountOptions = ["subvol=home" "compress=zstd" "noatime"]; - }; - "/nix" = { - mountpoint = "/nix"; - mountOptions = ["subvol=nix" "compress=zstd" "noatime"]; - }; - "/persist" = { - mountpoint = "/persist"; - mountOptions = ["subvol=persist" "compress=zstd" "noatime"]; - }; - "/log" = { - mountpoint = "/var/log"; - mountOptions = ["subvol=log" "compress=zstd" "noatime"]; - }; - "/swap" = { - mountpoint = "/swap"; - swap.swapfile.size = "4G"; - }; + type = "btrfs"; + extraArgs = ["-L" "nixos" "-f"]; + subvolumes = { + "/root" = { + mountpoint = "/"; + mountOptions = ["subvol=root" "compress=zstd" "noatime"]; + }; + "/home" = { + mountpoint = "/home"; + mountOptions = ["subvol=home" "compress=zstd" "noatime"]; + }; + "/nix" = { + mountpoint = "/nix"; + mountOptions = ["subvol=nix" "compress=zstd" "noatime"]; + }; + "/persist" = { + mountpoint = "/persist"; + mountOptions = ["subvol=persist" "compress=zstd" "noatime"]; + }; + "/log" = { + mountpoint = "/var/log"; + mountOptions = ["subvol=log" "compress=zstd" "noatime"]; + }; + "/swap" = { + mountpoint = "/swap"; + swap.swapfile.size = "4G"; }; }; }; }; + # luks = { + # size = "100%"; + # label = "luks"; + # content = { + # type = "luks"; + # name = "cryptroot"; + # extraOpenArgs = [ + # "--allow-discards" + # "--perf-no_read_workqueue" + # "--perf-no_write_workqueue" + # ]; + # settings = {crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];}; + # content = { + # type = "btrfs"; + # extraArgs = ["-L" "nixos" "-f"]; + # subvolumes = { + # "/root" = { + # mountpoint = "/"; + # mountOptions = ["subvol=root" "compress=zstd" "noatime"]; + # }; + # "/home" = { + # mountpoint = "/home"; + # mountOptions = ["subvol=home" "compress=zstd" "noatime"]; + # }; + # "/nix" = { + # mountpoint = "/nix"; + # mountOptions = ["subvol=nix" "compress=zstd" "noatime"]; + # }; + # "/persist" = { + # mountpoint = "/persist"; + # mountOptions = ["subvol=persist" "compress=zstd" "noatime"]; + # }; + # "/log" = { + # mountpoint = "/var/log"; + # mountOptions = ["subvol=log" "compress=zstd" "noatime"]; + # }; + # "/swap" = { + # mountpoint = "/swap"; + # swap.swapfile.size = "4G"; + # }; + # }; + # }; + # }; + # }; }; }; }; diff --git a/hosts/rusty/hardware-configuration.nix b/hosts/rusty/hardware-configuration.nix index 61ccb89..1a983d7 100644 --- a/hosts/rusty/hardware-configuration.nix +++ b/hosts/rusty/hardware-configuration.nix @@ -12,11 +12,11 @@ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "sd_mod"]; + boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc"]; boot.initrd.kernelModules = []; boot.kernelModules = ["kvm-intel"]; boot.extraModulePackages = []; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/virus/configuration.nix b/hosts/virus/configuration.nix new file mode 100644 index 0000000..949aad3 --- /dev/null +++ b/hosts/virus/configuration.nix @@ -0,0 +1,76 @@ +{ + inputs, + self, + config, + modulesPath, + pkgs, + ... +}: { + imports = [ + "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" + ]; + + # Users + users.users."guz" = { + useDefaultShell = true; + isNormalUser = true; + + password = null; + extraGroups = ["wheel" "guz"]; + }; + users.groups."guz" = {}; + + environment.systemPackages = + [ + inputs.disko.packages.${pkgs.stdenv.hostPlatform.system}.default + ] + ++ (with self.packages.${pkgs.stdenv.hostPlatform.system}.devkit; [ + git + lazygit + neovim + starship + tmux + yazi + zellij + zsh + ]); + + # Locale + time.timeZone = "America/Sao_Paulo"; + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = let + locale = "pt_BR.UTF-8"; + in { + LC_ADDRESS = locale; + LC_IDENTIFICATION = locale; + LC_MEASUREMENT = locale; + LC_MONETARY = locale; + LC_NAME = locale; + LC_NUMERIC = locale; + LC_PAPER = locale; + LC_TELEPHONE = locale; + LC_TIME = locale; + }; + + # Keyboard + services.xserver.xkb = { + layout = "br"; + }; + console.keyMap = "br-abnt2"; + + swapDevices = [ + { + device = "/var/lib/swapfile"; + size = 16 * 1024; + } + ]; + + # Nix + nix.settings = { + experimental-features = ["nix-command" "flakes"]; + }; + + nixpkgs.config.allowBroken = true; + + # boot.kernelPackages = pkgs.linuxPackages_latest; +} diff --git a/modules/home-manager/qutebrowser-profiles.nix b/modules/home-manager/qutebrowser-profiles.nix index 9c24db5..f7d145b 100644 --- a/modules/home-manager/qutebrowser-profiles.nix +++ b/modules/home-manager/qutebrowser-profiles.nix @@ -174,7 +174,7 @@ in in mkIf (cfg.enable && cfg.profiles != {}) { programs.qutebrowser.package = pkgs.stdenv.mkDerivation { - inherit (pkgs.qutebrowser) name pname meta; + inherit (pkgs.qutebrowser) name pname; buildCommand = let desktopEntry = pkgs.makeDesktopItem { name = "qutebrowser"; @@ -208,6 +208,11 @@ in } ''; dontBuild = true; + meta = + meta + // { + desktopFileName = "qutebrowser.desktop"; + }; }; xdg.desktopEntries = mergeAttrsList (mapAttrsToList (n: v: let diff --git a/packages/dotstate/default.nix b/packages/dotstate/default.nix new file mode 100644 index 0000000..ae24d67 --- /dev/null +++ b/packages/dotstate/default.nix @@ -0,0 +1,13 @@ +{pkgs, ...}: +with pkgs; + writers.writeBashBin "dotstate" { + makeWrapperArgs = [ + "--prefix" + "PATH" + ":" + "${lib.makeBinPath [ + socat + jq + ]}" + ]; + } (builtins.readFile ./dotstate.sh) diff --git a/packages/dotstate/dotstate.sh b/packages/dotstate/dotstate.sh new file mode 100644 index 0000000..4124603 --- /dev/null +++ b/packages/dotstate/dotstate.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +dotstate() { + local SOCKET="/tmp/dotstate.sock" + + local cmd="$1" + shift 1 + + case "$cmd" in + "get") + if [ ! -f "$SOCKET" ]; then + echo '{}' | socat - UNIX-LISTEN:"$SOCKET" & + socat -u UNIX-CONNECT:"$SOCKET" - + else + socat -u UNIX-CONNECT:"$SOCKET" - + fi + ;; + "set") + echo "$@" | socat - UNIX-LISTEN:"$SOCKET" + ;; + *) + echo "Incorrect command" + ;; + esac + +} + +dotstate "$@" diff --git a/secrets.nix b/secrets.nix index 81977f4..5997582 100644 --- a/secrets.nix +++ b/secrets.nix @@ -22,4 +22,8 @@ sops.secrets."guz/git-envs" = { owner = config.users.users.guz.name; }; + + # sops.secrets."services/minio/credentialsFile" = { + # owner = config.users.users.minio.name; + # }; } diff --git a/secrets.yaml b/secrets.yaml index 8429ea9..281fdcc 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -1,3 +1,6 @@ +services: + minio: + credentialsFile: ENC[AES256_GCM,data:b3ZS3dJOjUMTFNY0vnCr+u5SZaUtf2DR4zCIGH/OpZWWjJIxjRPKp6aPM5ok/XnYu8cv/4FHwMM=,iv:ZnzLCTI0cEVHGy7mMUNGiQlseOXxvNgWrD1mkthwkNE=,tag:8Ii6fNg2syJcyxNAww+6SQ==,type:str] guz: password: ENC[AES256_GCM,data:0D9a5w==,iv:+ahN7Y5rsJGCB6/sLgA11yt6YjPDIs1Q7qyTSBqp/No=,tag:pqnd/zAKu4ZFSsrInPPO5g==,type:str] git-envs: ENC[AES256_GCM,data:ze7jgpqZ9WFzd6rQds3dTa5FQniZsx31f8qLr1IQ9VpMuEqGlFBLD5vMxeW49XCYQyNJdR0wjLA9QuW6hDN9VXdIm8D4k1GNC7S2Uac2ROslf5sITHjByIM5mKCtt5pttM+Z+MysrvHT6TKiQLdIpSfxYzmLkbEE23/qhBCZ+uK3kqHCJJwCuS19e0s1eTCgvI6gYQXAYU5NI2plSeq7VJc3esug3X3+W4TMn9pveknmjTrJZfXavlCQ5y6yyDIA+aFB5gKJjFWMfKn78GDrMhaw3F8xRt5AOWLh4R5TlZbGnsVLrJK7GK3BwPRB+vS46Di+Je9vog98TXX7ZHRtT8516qnE6J+pYDuh2vRo2gSri/AywSqYKYp8b5iMV+lVvWZBVGUee6USp0ufVUlC1H5qOd2eKysIRXFz2axfRVDu4m17tbjG0XrwjUEo+XkeW5XqRqcQ0V3EmxrUmy2e4RT39394UZUG1Ab2qvowgIYFzmOIRUUPZ4b6IOeKFwnHCbRt2WYFVQto1D8RRRPZO/hU8hc5k/NFBwTxIg8ulr8dCLZPHarkZGaVSTwiHCSOppKlVYlvhgzniaCkJIAYwfaVnjsxGbWKHRuquB3S6YbskUy8qxohAX/0oIjWLihFbqmzBnNmp36cqPC7tFgfJKxCLnlwsveyDVK0AaADBMHhkpcHW7CWb0s9ZwpHrqgIq4XJ37ncieOvQFDgSZ1F8G8/6/avQo42WbeoMkPcbAWrfR/6ZMsps6MK99PeYfju+AbUwfq6m3hcIBIRiko4sn2GsbkkTfmrzOGeMSO/YT4SLJrnYqq67NzQGlh985+8nqPb98LSBxsRQ5umiJyGdytWn5I+Hw1AYXo7WIl4jrV+vhvv4viH0QMZFmIHwTYqCnT7C1zBZwkz1X6j8ZpUHF6vG36U7dxcZcogjhUa5ITqvIe/96OmJ7uGtIQ94ZeuJbrFFAYncRs0Zql8x1bksJkmZ9HX+m09/h6cl3NZ8KPk36cha1MIkQtuOPPwmuVm6fE9jG7gKjNK1Gk/LXR/or9gzX3YWwt5KAfPKRiWz2Bf2y5RmJOCkrN7kSy7iV5yFsUgd64vWQ3jRKwfHsHHJX0XyIGfNYyY2af8kr/iJdzmTqLSilEw5Fs16irHj/yWti7UJR4miDQJydoxfTguv9kLHzoPKpy40iwnZeJS1cnQFQuY6Qf+HyKBWOU141J9kd/w7px1Muu0SN4q+WxdXTGuHYJJqqJsPxkgtpWYdrklaHfd+9XEHqjIZDuqZJ9M5ctptiPvJgJP1n7AzKlnwClEI/RqrLomZMW4JfD63gsIxFFK13BGwggzcOEz7VKRmo08CUFWpnAeOzQDwax6+o6X1jPxQdv2+oFPZRmqyrV9QjvXogG03uOjaO+zMfhj5Ykoom3IQv803hW3xrToshcyg2+qyamfj0c7DAI+h5VPohH+iiBRWiQJCmUJSkPmAgSLFwkuPNfFJ/0CKjWhFVNaXgx4HRQnH0evpHPFFN0JCrgROh14vf0J4bjIMi+v1gerhwBvBjuTNM41ZsTncFnRGMgaaRIp+UwGGSB9aZf7DdXVzcsvFdqRIUgsLSWJApmkvA6W3gyME3Pugp0K6QsADPbg/fJV3HukElC3RIPX89QYLENCFqutTtH0DqEoQKiNhY1TXorS3g==,iv:6vBiIpZvLjWb1X2mQRf/IGDvU60NtJ8TaYPtKA5GepA=,tag:f4sW9OAO4BA3gHwLuaR/rw==,type:str] @@ -12,7 +15,7 @@ sops: TUIyZG5rVC9PM21RR1ZtaXhKUytyL2sKH49RFJJi94RFtbyJMYM2oLETQ3sgpXkJ BFyQJClKlbE5In6XnvJ0PjXForr8tYFIZ2YG7/Y2jf/hXMtIHO/02g== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-06-28T00:37:00Z" - mac: ENC[AES256_GCM,data:u0JZYQm3y/dizTsV2jl2jO/AV7PTts2Tpwbbzx65gILaG1Yf3IrifXxNjBPXQtLSFoFXJ5pluzzFZbKn91JE36nScNprIlXPIOFbNRBHSmBL0vNmTYXrTm3ukUx7BmSoV/hMNgqdaeGGhBFEZwKjun6pfjBfd/UFjuB7kWo6NnQ=,iv:SPu6Gr4BItzeVMV3zc5/mNhuzD3BGjbITVEBaHodQhA=,tag:HOX+L3GSXJfxR5/N2SusLA==,type:str] + lastmodified: "2025-08-30T20:35:23Z" + mac: ENC[AES256_GCM,data:/FHbARTFlkCBBMlAVw9NOEZVbGlNzUZ46sxlec0IDnilGmsvE3gw7Bn5BxvppFGlOiyMaegTDrMGySu03osqy8ih1X9ZhDEGtsSHHqEMYjdu7oEzs2doBmst93exKfsYGYL8tgXNeFrv2BPSi3sv3loH1xCL/Az4XH4QVfWAt4A=,iv:sv87Za6o5YcNeF9uAdjAem21UgN7m2sYPJNgd+WOmV8=,tag:7lie8wlUqo71DQlVSt6AfQ==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 diff --git a/specialisations/nixos/default.nix b/specialisations/nixos/default.nix new file mode 100644 index 0000000..5ad8a2f --- /dev/null +++ b/specialisations/nixos/default.nix @@ -0,0 +1,5 @@ +{...}: { + imports = [ + ./vm.nix + ]; +} diff --git a/specialisations/nixos/vm.nix b/specialisations/nixos/vm.nix new file mode 100644 index 0000000..c3fe4e7 --- /dev/null +++ b/specialisations/nixos/vm.nix @@ -0,0 +1,37 @@ +{ + config, + lib, + pkgs, + ... +}: { + virtualisation.virtualbox.host.enable = true; + virtualisation.virtualbox.host.enableExtensionPack = true; + users.extraGroups.vboxusers.members = ["guz"]; + + boot.kernelParams = ["kvm.enable_virt_at_load=0"]; + + programs.dconf.enable = true; + + users.users."guz".extraGroups = ["libvirtd"]; + users.users."guz".packages = with pkgs; [ + virt-manager + virt-viewer + spice + spice-gtk + spice-protocol + win-virtio + win-spice + adwaita-icon-theme + quickemu + ]; + + # virtualisation.libvirtd = { + # enable = true; + # qemu = { + # swtpm.enable = true; + # ovmf.enable = true; + # ovmf.packages = [pkgs.OVMFFull.fd]; + # }; + # }; + # virtualisation.spiceUSBRedirection.enable = true; +} diff --git a/state.json b/state.json new file mode 100644 index 0000000..139a990 --- /dev/null +++ b/state.json @@ -0,0 +1,3 @@ +{ + "hello": 2 +}