envs/home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: envs:f06632f973c7e9c6d43c643395f56eecb125be21
Branches Tags
envs:main envs:improvements
..
compare: envs:main
Branches Tags
envs:main envs:improvements

15 Commits
f06632f973 ... main

Author SHA1 Message Date
Morten Olsen
3c2be26cac improved git flow 2026-01-02 10:25:53 +01:00
Morten Olsen
760f8584cf improved git flow 2025-12-29 21:37:09 +01:00
Morten Olsen
7eb837a068 improved git flow 2025-12-29 21:32:07 +01:00
Morten Olsen
225b91b5d6 improved git flow 2025-12-29 21:27:28 +01:00
Morten Olsen
47a3e90c6c improved git flow 2025-12-29 21:24:37 +01:00
Morten Olsen
7cb12c4582 updated aliases 2025-12-29 21:14:44 +01:00
Morten Olsen
7f087bc39e updated 2025-12-27 00:05:22 +01:00
Morten Olsen
e384cc4829 updates 2025-12-25 00:56:49 +01:00
Morten Olsen
addbe8f963 add kube seal 2025-12-18 09:38:12 +01:00
Morten Olsen
0cbe2bb231 add visual studio code 2025-12-16 23:40:57 +01:00
Morten Olsen
e3c5020937 add argocd 2025-12-16 23:07:53 +01:00
Morten Olsen
2c59d739d7 added zen browser 2025-12-16 23:07:53 +01:00
Morten Olsen
e6167c2f86 improved system setup 2025-12-16 23:07:52 +01:00
Morten Olsen
2056d9a46e install rust 2025-12-16 22:57:06 +01:00
Morten Olsen
19cd2a8224 remove missing pkg 2025-12-16 22:48:54 +01:00
17 changed files with 520 additions and 223 deletions
Expand all files Collapse all files

44
flake.lock generated
View File

@@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1765682243, "lastModified": 1766682973,
"narHash": "sha256-yeCxFV/905Wr91yKt5zrVvK6O2CVXWRMSrxqlAZnLp0=", "narHash": "sha256-GKO35onS711ThCxwWcfuvbIBKXwriahGqs+WZuJ3v9E=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "58bf3ecb2d0bba7bdf363fc8a6c4d49b4d509d03", "rev": "91cdb0e2d574c64fae80d221f4bf09d5592e9ec2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -27,11 +27,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1765684049, "lastModified": 1766784396,
"narHash": "sha256-svCS2r984qEowMT0y3kCrsD/m0J6zaF5I/UusS7QaH0=", "narHash": "sha256-rIlgatT0JtwxsEpzq+UrrIJCRfVAXgbYPzose1DmAcM=",
"owner": "LnL7", "owner": "LnL7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "9b628e171bfaea1a3d1edf31eee46251e0fe4a33", "rev": "f0c8e1f6feb562b5db09cee9fb566a2f989e6b55",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -42,11 +42,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1765644376, "lastModified": 1766747458,
"narHash": "sha256-yqHBL2wYGwjGL2GUF2w3tofWl8qO9tZEuI4wSqbCrtE=", "narHash": "sha256-m63jjuo/ygo8ztkCziYh5OOIbTSXUDkKbqw3Vuqu4a4=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "23735a82a828372c4ef92c660864e82fbe2f5fbe", "rev": "c633f572eded8c4f3c75b8010129854ed404a6ce",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -60,7 +60,31 @@
"inputs": { "inputs": {
"home-manager": "home-manager", "home-manager": "home-manager",
"nix-darwin": "nix-darwin", "nix-darwin": "nix-darwin",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs",
"zen-browser": "zen-browser"
}
},
"zen-browser": {
"inputs": {
"home-manager": [
"home-manager"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1766697593,
"narHash": "sha256-mGZBEN67mxeOsBhplBRLm6L+y++8jU46EEUYgemG1aQ=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "98d8f48ba80a4b6e3b56addad850d57132301075",
"type": "github"
},
"original": {
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"type": "github"
} }
} }
}, },

185
flake.nix
View File

@@ -16,90 +16,115 @@
url = "github:LnL7/nix-darwin"; url = "github:LnL7/nix-darwin";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
};
outputs = { zen-browser = {
self, url = "github:0xc000022070/zen-browser-flake";
nixpkgs, inputs = {
home-manager, # IMPORTANT: we're using "libgbm" and is only available in unstable so ensure
nix-darwin, # to have it up-to-date or simply don't specify the nixpkgs input
... nixpkgs.follows = "nixpkgs";
} @ inputs: let home-manager.follows = "home-manager";
# Default username - can be overridden per-host if needed
username = "alice";
# Common special args passed to all modules
specialArgs = {inherit inputs username;};
in {
# Darwin (macOS) system configurations
darwinConfigurations = {
# Personal machine configuration
"personal" = nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
inherit specialArgs;
modules = [
# Host-specific darwin configuration
./hosts/personal
# Home Manager as a darwin module
home-manager.darwinModules.home-manager
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = specialArgs;
users.${username} = {...}: {
imports = [
./home
./home/personal.nix
];
};
};
}
];
};
# Work machine configuration
"work" = nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
inherit specialArgs;
modules = [
# Host-specific darwin configuration
./hosts/work
# Home Manager as a darwin module
home-manager.darwinModules.home-manager
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = specialArgs;
users.${username} = {...}: {
imports = [
./home
./home/work.nix
];
};
};
}
];
}; };
}; };
};
# Development shell for working on this repository outputs =
devShells = let {
systems = ["aarch64-darwin" "x86_64-darwin"]; self,
forAllSystems = nixpkgs.lib.genAttrs systems; nixpkgs,
home-manager,
nix-darwin,
...
}@inputs:
let
# Default username - can be overridden per-host if needed
username = "alice";
# Common special args passed to all modules
specialArgs = { inherit inputs username; };
in in
forAllSystems (system: let {
pkgs = nixpkgs.legacyPackages.${system}; # Darwin (macOS) system configurations
in { darwinConfigurations = {
default = pkgs.mkShell { # Personal machine configuration
packages = with pkgs; [ "personal" = nix-darwin.lib.darwinSystem {
nixfmt-rfc-style system = "aarch64-darwin";
nil # Nix LSP inherit specialArgs;
modules = [
# Host-specific darwin configuration
./hosts/personal
# Home Manager as a darwin module
home-manager.darwinModules.home-manager
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = specialArgs;
users.${username} =
{ ... }:
{
imports = [
./home
./home/personal.nix
];
};
};
}
]; ];
}; };
});
}; # Work machine configuration
} "work" = nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
inherit specialArgs;
modules = [
# Host-specific darwin configuration
./hosts/work
# Home Manager as a darwin module
home-manager.darwinModules.home-manager
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = specialArgs;
users.${username} =
{ ... }:
{
imports = [
./home
./home/work.nix
];
};
};
}
];
};
};
# Development shell for working on this repository
devShells =
let
systems = [
"aarch64-darwin"
"x86_64-darwin"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
in
forAllSystems (
system:
let
pkgs = nixpkgs.legacyPackages.${system};
in
{
default = pkgs.mkShell {
packages = with pkgs; [
nixfmt-rfc-style
nil # Nix LSP
];
};
}
);
};
}

10
home/default.nix
View File

@@ -7,10 +7,14 @@
pkgs, pkgs,
lib, lib,
username, username,
inputs,
... ...
}: { }:
{
# Import shared modules # Import shared modules
imports = [ imports = [
inputs.zen-browser.homeModules.beta
# Shell configuration (zsh, starship, atuin, direnv, zoxide, fzf, pyenv) # Shell configuration (zsh, starship, atuin, direnv, zoxide, fzf, pyenv)
../modules/home/shell.nix ../modules/home/shell.nix
@@ -29,7 +33,7 @@
home = { home = {
# Home Manager needs a bit of information about you and the paths it should manage # Home Manager needs a bit of information about you and the paths it should manage
username = username; inherit username;
homeDirectory = "/Users/${username}"; homeDirectory = "/Users/${username}";
# This value determines the Home Manager release that your configuration is # This value determines the Home Manager release that your configuration is
@@ -80,4 +84,4 @@
aerospace.enable = true; aerospace.enable = true;
# jellyfin-tui is configured per-profile in personal.nix # jellyfin-tui is configured per-profile in personal.nix
}; };
} }

5
home/personal.nix
View File

@@ -7,7 +7,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
# Import personal-specific modules # Import personal-specific modules
imports = [ imports = [
../modules/home/git.nix ../modules/home/git.nix
@@ -73,7 +74,7 @@
zen-browser = { zen-browser = {
enable = true; enable = true;
} };
}; };
# Personal-only packages # Personal-only packages

3
home/work.nix
View File

@@ -7,7 +7,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
# Import work-specific modules # Import work-specific modules
imports = [ imports = [
../modules/home/git.nix ../modules/home/git.nix

4
hosts/personal/default.nix
View File

@@ -8,14 +8,14 @@
lib, lib,
username, username,
... ...
}: { }:
{
# Import darwin modules # Import darwin modules
imports = [ imports = [
../../modules/darwin/system.nix ../../modules/darwin/system.nix
../../modules/darwin/homebrew.nix ../../modules/darwin/homebrew.nix
]; ];
# System-level programs # System-level programs
programs = { programs = {
# Enable zsh as it's the default macOS shell # Enable zsh as it's the default macOS shell

3
hosts/work/default.nix
View File

@@ -8,7 +8,8 @@
lib, lib,
username, username,
... ...
}: { }:
{
# Import darwin modules # Import darwin modules
imports = [ imports = [
../../modules/darwin/system.nix ../../modules/darwin/system.nix

2
mise.toml Normal file
View File

@@ -0,0 +1,2 @@
[tools]
rust = "latest"

37
modules/darwin/homebrew.nix
View File

@@ -9,9 +9,11 @@
pkgs, pkgs,
... ...
}: }:
with lib; let with lib;
let
cfg = config.modules.homebrew; cfg = config.modules.homebrew;
in { in
{
options.modules.homebrew = { options.modules.homebrew = {
enable = mkEnableOption "Homebrew management via nix-darwin"; enable = mkEnableOption "Homebrew management via nix-darwin";
@@ -23,13 +25,16 @@ in {
# Password management # Password management
"1password" "1password"
"1password-cli" "1password-cli"
"bitwarden"
# Terminal & Development # Terminal & Development
"ghostty" "ghostty"
"dbeaver-community" "dbeaver-community"
"visual-studio-code"
# Window management # Window management
"aerospace" "aerospace"
"claude-code"
# Productivity # Productivity
"raycast" "raycast"
@@ -42,6 +47,8 @@ in {
# Networking & IoT # Networking & IoT
"localsend" "localsend"
"home-assistant" "home-assistant"
"cursor-cli"
]; ];
description = "Homebrew casks to install on all machines"; description = "Homebrew casks to install on all machines";
}; };
@@ -59,6 +66,7 @@ in {
# Communication # Communication
"signal" "signal"
"thunderbird"
# Gaming # Gaming
"steam" "steam"
@@ -103,7 +111,6 @@ in {
"fluxcd/tap/flux" "fluxcd/tap/flux"
"sst/tap/opencode" "sst/tap/opencode"
"tree-sitter-cli" "tree-sitter-cli"
"borders"
]; ];
description = "Homebrew formulae to install (for packages not in nixpkgs)"; description = "Homebrew formulae to install (for packages not in nixpkgs)";
}; };
@@ -123,7 +130,11 @@ in {
# Cleanup behavior # Cleanup behavior
cleanup = mkOption { cleanup = mkOption {
type = types.enum ["none" "uninstall" "zap"]; type = types.enum [
"none"
"uninstall"
"zap"
];
default = "zap"; default = "zap";
description = '' description = ''
Cleanup behavior for Homebrew packages: Cleanup behavior for Homebrew packages:
@@ -146,7 +157,7 @@ in {
# Upgrade outdated packages # Upgrade outdated packages
upgrade = true; upgrade = true;
# Cleanup behavior for unmanaged packages # Cleanup behavior for unmanaged packages
cleanup = cfg.cleanup; inherit (cfg) cleanup;
}; };
# Global settings # Global settings
@@ -158,26 +169,18 @@ in {
}; };
# Taps (third-party repositories) # Taps (third-party repositories)
taps = cfg.taps; inherit (cfg) taps;
# Formulae (CLI tools from Homebrew) # Formulae (CLI tools from Homebrew)
brews = cfg.brews; inherit (cfg) brews;
caskArgs.no_quarantine = true; caskArgs.no_quarantine = true;
# Casks (GUI applications) # Casks (GUI applications)
casks = casks =
cfg.casks.shared cfg.casks.shared
++ ( ++ (if cfg.casks.enablePersonal then cfg.casks.personal else [ ])
if cfg.casks.enablePersonal ++ (if cfg.casks.enableWork then cfg.casks.work else [ ]);
then cfg.casks.personal
else []
)
++ (
if cfg.casks.enableWork
then cfg.casks.work
else []
);
}; };
}; };
} }

14
modules/darwin/system.nix
View File

@@ -5,17 +5,16 @@
lib, lib,
username, username,
... ...
}: { }:
# Import darwin modules {
imports = [
../modules/darwin/homebrew.nix
];
# Nix configuration # Nix configuration
nix = { nix = {
settings = { settings = {
# Enable flakes and new nix command # Enable flakes and new nix command
experimental-features = ["nix-command" "flakes"]; experimental-features = [
"nix-command"
"flakes"
];
# Avoid unwanted garbage collection when using nix-direnv # Avoid unwanted garbage collection when using nix-direnv
keep-outputs = true; keep-outputs = true;
keep-derivations = true; keep-derivations = true;
@@ -40,7 +39,6 @@
DisableConsoleAccess = true; DisableConsoleAccess = true;
}; };
dock = { dock = {
autohide = true; autohide = true;
autohide-delay = 0.0; autohide-delay = 0.0;

47
modules/home/apps.nix
View File

@@ -7,9 +7,11 @@
pkgs, pkgs,
lib, lib,
... ...
}: let }:
let
cfg = config.modules.apps; cfg = config.modules.apps;
in { in
{
options.modules.apps = { options.modules.apps = {
enable = lib.mkEnableOption "application configurations"; enable = lib.mkEnableOption "application configurations";
@@ -29,7 +31,6 @@ in {
}; };
}; };
jellyfin-tui = { jellyfin-tui = {
enable = lib.mkOption { enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
@@ -64,6 +65,46 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
programs.zen-browser = lib.mkIf cfg.zen-browser.enable {
enable = true;
policies =
let
mkExtensionSettings = builtins.mapAttrs (
_: pluginId: {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/${pluginId}/latest.xpi";
installation_mode = "force_installed";
}
);
in
{
AutofillAddressEnabled = true;
AutofillCreditCardEnabled = false;
DisableAppUpdate = true;
DisableFeedbackCommands = true;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DontCheckDefaultBrowser = true;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
ExtensionSettings = mkExtensionSettings {
#"78272b6fa58f4a1abaac99321d503a20@proton.me" = "proton-pass";
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = "bitwarden-password-manager";
"{d7742d87-e61d-4b78-b8a1-b469842139fa}" = "vimium-ff";
"readeck@readeck.com" = "readeck";
"@testpilot-containers" = "multi-account-containers";
"uBlock0@raymondhill.net" = "ublock-origin";
};
};
};
# Aerospace window manager configuration (macOS) # Aerospace window manager configuration (macOS)
# Placed at ~/.aerospace.toml # Placed at ~/.aerospace.toml
home.file = lib.mkMerge [ home.file = lib.mkMerge [

62
modules/home/git-files.nix
View File

@@ -13,34 +13,42 @@
lib, lib,
... ...
}: }:
with lib; let with lib;
let
cfg = config.modules.gitFiles; cfg = config.modules.gitFiles;
# Helper function to generate gitconfig content # Helper function to generate gitconfig content
mkGitConfig = { mkGitConfig =
email, {
signingKey, email,
urlRewrites ? {}, signingKey,
}: '' urlRewrites ? { },
[user] }:
email = ${email} ''
name = Morten Olsen [user]
signingkey = ${signingKey} email = ${email}
name = Morten Olsen
signingkey = ${signingKey}
[commit] [commit]
gpgsign = true gpgsign = true
[gpg] [gpg]
format = ssh format = ssh
[gpg "ssh"] [gpg "ssh"]
program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign" program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"
${optionalString (urlRewrites != {}) (concatStringsSep "\n" (mapAttrsToList (name: value: '' ${optionalString (urlRewrites != { }) (
concatStringsSep "\n" (
mapAttrsToList (name: value: ''
[url "${name}"] [url "${name}"]
insteadOf = ${value}'') urlRewrites))} insteadOf = ${value}'') urlRewrites
''; )
in { )}
'';
in
{
options.modules.gitFiles = { options.modules.gitFiles = {
enable = mkEnableOption "Project-specific git configuration files"; enable = mkEnableOption "Project-specific git configuration files";
@@ -102,8 +110,8 @@ in {
# Used on personal machine for all projects under ~/Projects/ # Used on personal machine for all projects under ~/Projects/
(mkIf cfg.personal.enable { (mkIf cfg.personal.enable {
"Projects/.gitconfig".text = mkGitConfig { "Projects/.gitconfig".text = mkGitConfig {
email = cfg.personal.email; inherit (cfg.personal) email;
signingKey = cfg.personal.signingKey; inherit (cfg.personal) signingKey;
urlRewrites = { urlRewrites = {
"ssh://git@ssh-gitea.olsen.cloud:2205/" = "https://gitea.olsen.cloud/"; "ssh://git@ssh-gitea.olsen.cloud:2205/" = "https://gitea.olsen.cloud/";
"git@github-private:" = "https://github.com/"; "git@github-private:" = "https://github.com/";
@@ -115,8 +123,8 @@ in {
# Used on work machine for personal projects under ~/Projects/private/ # Used on work machine for personal projects under ~/Projects/private/
(mkIf cfg.private.enable { (mkIf cfg.private.enable {
"Projects/private/.gitconfig".text = mkGitConfig { "Projects/private/.gitconfig".text = mkGitConfig {
email = cfg.private.email; inherit (cfg.private) email;
signingKey = cfg.private.signingKey; inherit (cfg.private) signingKey;
urlRewrites = { urlRewrites = {
"ssh://git@ssh-gitea.olsen.cloud:2205/" = "https://gitea.olsen.cloud/"; "ssh://git@ssh-gitea.olsen.cloud:2205/" = "https://gitea.olsen.cloud/";
"git@github-private:" = "https://github.com/"; "git@github-private:" = "https://github.com/";
@@ -128,8 +136,8 @@ in {
# Used on work machine for work projects under ~/Projects/zeronorth/ # Used on work machine for work projects under ~/Projects/zeronorth/
(mkIf cfg.zeronorth.enable { (mkIf cfg.zeronorth.enable {
"Projects/zeronorth/.gitconfig".text = mkGitConfig { "Projects/zeronorth/.gitconfig".text = mkGitConfig {
email = cfg.zeronorth.email; inherit (cfg.zeronorth) email;
signingKey = cfg.zeronorth.signingKey; inherit (cfg.zeronorth) signingKey;
urlRewrites = { urlRewrites = {
"git@github-zeronorth:" = "https://github.com/"; "git@github-zeronorth:" = "https://github.com/";
}; };

239
modules/home/git.nix
View File

@@ -11,9 +11,11 @@
lib, lib,
... ...
}: }:
with lib; let with lib;
let
cfg = config.modules.git; cfg = config.modules.git;
in { in
{
options.modules.git = { options.modules.git = {
enable = mkEnableOption "Git configuration"; enable = mkEnableOption "Git configuration";
@@ -36,21 +38,23 @@ in {
}; };
includes = mkOption { includes = mkOption {
type = types.listOf (types.submodule { type = types.listOf (
options = { types.submodule {
condition = mkOption { options = {
type = types.str; condition = mkOption {
description = "The includeIf condition (e.g., gitdir:~/Projects/)"; type = types.str;
example = "gitdir:~/Projects/"; description = "The includeIf condition (e.g., gitdir:~/Projects/)";
example = "gitdir:~/Projects/";
};
path = mkOption {
type = types.str;
description = "Path to the included gitconfig file";
example = "~/Projects/.gitconfig";
};
}; };
path = mkOption { }
type = types.str; );
description = "Path to the included gitconfig file"; default = [ ];
example = "~/Projects/.gitconfig";
};
};
});
default = [];
description = "List of conditional includes for project-specific git configurations"; description = "List of conditional includes for project-specific git configurations";
}; };
}; };
@@ -80,18 +84,26 @@ in {
programs.git = { programs.git = {
enable = true; enable = true;
# User configuration
userName = cfg.userName;
userEmail = cfg.userEmail;
# Signing configuration with 1Password # Signing configuration with 1Password
signing = { signing = {
key = cfg.signingKey; key = cfg.signingKey;
signByDefault = true; signByDefault = true;
}; };
# Extra configuration # Conditional includes for project-specific configurations
extraConfig = { includes = map (inc: {
inherit (inc) condition;
inherit (inc) path;
}) cfg.includes;
# All git settings using the new unified settings option
settings = {
# User configuration
user = {
name = cfg.userName;
email = cfg.userEmail;
};
# Core settings (pager is set by programs.delta) # Core settings (pager is set by programs.delta)
core = { core = {
hooksPath = "/dev/null"; hooksPath = "/dev/null";
@@ -113,6 +125,57 @@ in {
autoSetupRemote = true; autoSetupRemote = true;
}; };
# Rebase settings
rebase = {
autoStash = true;
updateRefs = true;
};
# Rerere (Reuse Recorded Resolution) - automatically reuse conflict resolutions
rerere = {
enabled = true;
};
# Color settings
color = {
ui = "auto";
branch = "auto";
diff = "auto";
status = "auto";
};
# Diff settings
diff = {
compactionHeuristic = true;
algorithm = "patience";
colorMoved = "default";
};
# Merge settings
merge = {
conflictStyle = "zdiff3";
};
# Fetch settings
fetch = {
prune = true;
showForcedUpdates = true;
};
# Advice settings (disable annoying messages)
advice = {
detachedHead = false;
statusHints = true;
addIgnoredFile = false;
};
# Blame settings
blame = {
colorLines = true;
markUnblamables = true;
markUnblamableLines = true;
};
# GPG/SSH signing settings # GPG/SSH signing settings
gpg = { gpg = {
format = "ssh"; format = "ssh";
@@ -144,29 +207,117 @@ in {
"difftool \"nvimdiff\"" = { "difftool \"nvimdiff\"" = {
cmd = "nvim -d \"$LOCAL\" \"$REMOTE\""; cmd = "nvim -d \"$LOCAL\" \"$REMOTE\"";
}; };
};
# Aliases # Aliases
aliases = { alias = {
graph = "log --graph --color --pretty=format:\"%C(yellow)%H%C(green)%d%C(reset)%n%x20%cd%n%x20%cn%C(blue)%x20(%ce)%x20%C(cyan)[gpg:%GK%x20%G?]%C(reset)%n%x20%s%n\"";
ll = "log --oneline";
st = "status -sb";
cm = "commit -m";
append = "commit --amend --no-edit";
sobmodules = "submodule update --init --recursive";
df = "difftool -t nvimdiff -y";
last = "log -1 --stat";
br = "branch --format='%(HEAD) %(color:yellow)%(refname:short)%(color:reset) - %(contents:subject) %(color:green)(%(committerdate:relative)) [%(authorname)]' --sort=-committerdate";
brr = "branch --remote --format='%(HEAD) %(color:yellow)%(refname:short)%(color:reset) - %(contents:subject) %(color:green)(%(committerdate:relative)) [%(authorname)]' --sort=-committerdate";
undo = "reset HEAD~1 --mixed";
unstage = "reset HEAD --";
};
# Conditional includes for project-specific configurations # Log and history aliases
includes = map (inc: { # =====
condition = inc.condition;
path = inc.path; # Pretty graph log with GPG info
}) cfg.includes; history = "log --graph --color --pretty=format:\"%C(yellow)%H%C(green)%d%C(reset)%n%x20%cd%n%x20%cn%C(blue)%x20(%ce)%x20%C(cyan)[gpg:%GK%x20%G?]%C(reset)%n%x20%s%n\"";
graph = "log --graph --color --pretty=format:\"%C(yellow)%H%C(green)%d%C(reset)%n%x20%cd%n%x20%cn%C(blue)%x20(%ce)%x20%C(cyan)[gpg:%GK%x20%G?]%C(reset)%n%x20%s%n\"";
# One-line log
ll = "log --oneline";
# Last commit with stats
last = "log -1 --stat";
# Status and branch aliases
# =====
# Short branch status
st = "status -sb";
# Formatted local branches
local-branches = "branch --format='%(HEAD) %(color:yellow)%(refname:short)%(color:reset) - %(contents:subject) %(color:green)(%(committerdate:relative)) [%(authorname)]' --sort=-committerdate";
# Formatted remote branches
remote-branches = "branch --remote --format='%(HEAD) %(color:yellow)%(refname:short)%(color:reset) - %(contents:subject) %(color:green)(%(committerdate:relative)) [%(authorname)]' --sort=-committerdate";
# Create and switch to new branch
new-branch = "!f() { git checkout -b \"$1\"; }; f";
# Switch branch (interactive with fzf)
switch-branch = "!f() { branch=$(git branch --format='%(refname:short)' | fzf --height 40%); [ -n \"$branch\" ] && git checkout \"$branch\"; }; f";
# Delete branch (with confirmation)
delete-branch = "!f() { git branch -d \"$1\" 2>/dev/null || git branch -D \"$1\"; }; f";
# Commit aliases
# =====
# Commit with message
cm = "commit -m";
# Amend last commit without editing message
amend = "commit --amend --no-edit";
append = "commit --amend --no-edit";
# Stage all and amend to last commit
fix = "!git add . && git commit --amend --no-edit";
# Stage all, amend, and safely force push with lease and force-if-includes
fck = "!f() { git add . && git commit --amend --no-edit && git push --force-with-lease --force-if-includes; }; f";
# Stage all, commit with message, and push
save = "!f() { git add --all && git commit -m \"$*\" && git push; }; f";
# Fixup workflow aliases
# =====
# Interactive fixup: pick commit with fzf, stage all, create fixup
fix-commit = "!f() { commit=$(git log --oneline --color=always | fzf --ansi --height 40% | awk '{print $1}'); [ -n \"$commit\" ] && git add . && git commit --fixup=\"$commit\"; }; f";
apply-fixes = "!f() { upstream=$(git rev-parse --abbrev-ref --symbolic-full-name @{upstream} 2>/dev/null); if [ -n \"$upstream\" ]; then git rebase -i --autosquash \"$upstream\"; elif git show-ref --verify --quiet refs/remotes/origin/main; then git rebase -i --autosquash origin/main; elif git show-ref --verify --quiet refs/remotes/origin/master; then git rebase -i --autosquash origin/master; elif git show-ref --verify --quiet refs/heads/main; then git rebase -i --autosquash main; elif git show-ref --verify --quiet refs/heads/master; then git rebase -i --autosquash master; else first_commit=$(git rev-list --reverse HEAD | head -1); if [ -n \"$first_commit\" ]; then base=$(git rev-parse \"$first_commit^\" 2>/dev/null); if [ -n \"$base\" ] && [ \"$base\" != \"$first_commit\" ]; then git rebase -i --autosquash \"$base\"; else echo \"Could not determine base. Usage: git apply-fixes <base-branch>\"; fi; else echo \"No base branch found. Usage: git apply-fixes <base-branch>\"; fi; fi; }; f";
# Squash all commits unique to current branch (auto-detects default branch)
cleanup = "!f() { default=$(git remote show origin 2>/dev/null | sed -n '/HEAD branch/s/.*: //p' || echo \"main\"); if ! git show-ref --verify --quiet \"refs/remotes/origin/$default\"; then default=\"master\"; fi; if git show-ref --verify --quiet \"refs/remotes/origin/$default\"; then base=$(git merge-base HEAD \"origin/$default\"); git rebase -i \"$base\"; else echo \"Could not find default branch (main/master). Usage: git squash-all <base-branch>\"; fi; }; f";
squash-all = "!f() { default=$(git remote show origin 2>/dev/null | sed -n '/HEAD branch/s/.*: //p' || echo \"main\"); if ! git show-ref --verify --quiet \"refs/remotes/origin/$default\"; then default=\"master\"; fi; if git show-ref --verify --quiet \"refs/remotes/origin/$default\"; then base=$(git merge-base HEAD \"origin/$default\"); git rebase -i \"$base\"; else echo \"Could not find default branch (main/master). Usage: git squash-all <base-branch>\"; fi; }; f";
# Staging aliases
# =====
# Stage all files
stage-all = "add --all";
# Unstage all staged files
unstage = "reset HEAD --";
# Interactive staging with fzf
stage = "!f() { git status -s | fzf --multi --ansi --height 40% | awk '{print $2}' | xargs git add; }; f";
# Undo and reset aliases
# =====
# Interactive undo: pick state from reflog, show diff, confirm before hard reset
undo = "!f() { target=$(git reflog --color=always --date=relative --format=\"%C(yellow)%h%C(reset) %C(cyan)%gd%C(reset) %C(green)%gs%C(reset)\" | fzf --ansi --height 40% --header=\"Select a state to reset to\" | awk '{print $1}'); if [ -n \"$target\" ]; then echo \"\n=== Diff between HEAD and selected state ===\n\"; git diff --color=always HEAD \"$target\"; echo \"\n=== This will discard all changes above ===\n\"; read -p \"Reset to $target? (y/N): \" confirm; if [ \"$confirm\" = \"y\" ] || [ \"$confirm\" = \"Y\" ]; then git reset --hard \"$target\"; else echo \"Reset cancelled.\"; fi; fi; }; f";
# Remote operations aliases
# =====
# Fetch from all remotes
fetch-all = "fetch --all";
# Pull latest changes
pull-latest = "!f() { default=$(git remote show origin 2>/dev/null | sed -n '/HEAD branch/s/.*: //p' || echo \"main\"); if ! git show-ref --verify --quiet \"refs/remotes/origin/$default\"; then default=\"master\"; fi; git pull origin \"$default\"; }; f";
# Push and set upstream
push-new = "!f() { git push -u origin $(git rev-parse --abbrev-ref HEAD); }; f";
# Update from main/master (rebase)
update-from-main = "!f() { default=$(git remote show origin 2>/dev/null | sed -n '/HEAD branch/s/.*: //p' || echo \"main\"); if ! git show-ref --verify --quiet \"refs/remotes/origin/$default\"; then default=\"master\"; fi; git fetch origin && git rebase \"origin/$default\"; }; f";
# Stash aliases
# =====
# Save current changes to stash
stash-save = "stash push -m";
# Apply and remove stash (interactive with fzf)
stash-pop = "!f() { stash=$(git stash list --color=always | fzf --ansi --height 40% | awk -F: '{print $1}'); [ -n \"$stash\" ] && git stash pop \"$stash\"; }; f";
# List stashes
stash-list = "stash list";
# Workflow aliases
# =====
# Create new feature branch from main/master
new-feature = "!f() { default=$(git remote show origin 2>/dev/null | sed -n '/HEAD branch/s/.*: //p' || echo \"main\"); if ! git show-ref --verify --quiet \"refs/remotes/origin/$default\"; then default=\"master\"; fi; git fetch origin && git checkout -b \"$1\" \"origin/$default\"; }; f";
# Compare current branch with another branch
compare = "!f() { git diff \"$1\"..HEAD; }; f";
# Other aliases
# =====
# Initialize and update submodules
sobmodules = "submodule update --init --recursive";
# Diff tool using nvimdiff
df = "difftool -t nvimdiff -y";
};
};
}; };
}; };
} }

46
modules/home/packages.nix
View File

@@ -9,7 +9,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
home.packages = with pkgs; [ home.packages = with pkgs; [
# ======================================================================== # ========================================================================
# Shell Tools # Shell Tools
@@ -27,9 +28,10 @@
ripgrep # Modern grep (aliased as grep) ripgrep # Modern grep (aliased as grep)
delta # Modern diff with syntax highlighting (aliased as diff) delta # Modern diff with syntax highlighting (aliased as diff)
dust # A more intuitive version of du written in rust dust # A more intuitive version of du written in rust
duf # A better df alternative duf # A better df alternative
hyperfine # A command-line benchmarking tool. hyperfine # A command-line benchmarking tool.
choose # A human-friendly and fast alternative to cut and (sometimes) awk choose # A human-friendly and fast alternative to cut and (sometimes) awk
coreutils
yazi # File manager yazi # File manager
# ======================================================================== # ========================================================================
@@ -62,7 +64,6 @@
# Languages and Runtimes # Languages and Runtimes
nodejs_22 # Node.js LTS (replaces NVM) nodejs_22 # Node.js LTS (replaces NVM)
deno # JavaScript/TypeScript runtime deno # JavaScript/TypeScript runtime
rustup # Rust toolchain manager
python313 # Python 3.13 python313 # Python 3.13
# pyenv is configured in shell.nix # pyenv is configured in shell.nix
uv # Fast Python package installer uv # Fast Python package installer
@@ -88,6 +89,11 @@
k9s # Kubernetes TUI k9s # Kubernetes TUI
istioctl # Istio service mesh CLI istioctl # Istio service mesh CLI
fluxcd # GitOps toolkit fluxcd # GitOps toolkit
popeye
argocd
kubeseal
kubebuilder
kind
# ======================================================================== # ========================================================================
# Infrastructure and Cloud Tools # Infrastructure and Cloud Tools
@@ -109,6 +115,7 @@
age # Modern encryption tool age # Modern encryption tool
sops # Secrets management sops # Secrets management
rustscan # The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). nmap alternative. rustscan # The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). nmap alternative.
bitwarden-cli
# ======================================================================== # ========================================================================
# Miscellaneous Tools # Miscellaneous Tools
@@ -124,12 +131,19 @@
mob mob
zsh-fast-syntax-highlighting zsh-fast-syntax-highlighting
jellyfin-tui jellyfin-tui
mpv
# ======================================================================== # ========================================================================
# Nix Tools # Nix Tools
# ======================================================================== # ========================================================================
nixfmt-rfc-style # Nix code formatter nixfmt-rfc-style # Nix code formatter
nil # Nix language server nil # Nix language server
# ========================================================================
# AAI tools
# ========================================================================
gemini-cli
opencode
]; ];
# ======================================================================== # ========================================================================
@@ -179,4 +193,30 @@
programs.lazygit = { programs.lazygit = {
enable = true; enable = true;
}; };
programs.k9s = {
enable = true;
plugins = {
"edit-secret" = {
shortCut = "Ctrl-X";
confirm = false;
description = "Edit Decoded Secret";
scopes = [ "secrets" ];
command = "sh";
background = false;
args = [
"-c"
''
tempfile=$(mktemp);
secret=$(kubectl get secrets --context $CONTEXT --namespace $NAMESPACE $NAME -o json);
printf '%s\n' $secret | jq '.data | map_values(@base64d)' > $tempfile;
vim $tempfile;
secret_data=$(cat $tempfile | jq -c '. | map_values(@base64)');
rm $tempfile;
printf '%s\n' $secret | jq -r --argjson secret_data "$secret_data" '.data = $secret_data' | kubectl apply -f -;
''
];
};
};
};
} }

19
modules/home/shell.nix
View File

@@ -13,7 +13,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
# ========================================================================== # ==========================================================================
# Zsh Configuration # Zsh Configuration
# ========================================================================== # ==========================================================================
@@ -69,9 +70,6 @@
"--color=fg:#cdd6f4,header:#f38ba8,info:#cba6f7,pointer:#f5e0dc" "--color=fg:#cdd6f4,header:#f38ba8,info:#cba6f7,pointer:#f5e0dc"
"--color=marker:#f5e0dc,fg+:#cdd6f4,prompt:#cba6f7,hl+:#f38ba8" "--color=marker:#f5e0dc,fg+:#cdd6f4,prompt:#cba6f7,hl+:#f38ba8"
]; ];
# NVM directory
NVM_DIR = "$HOME/.nvm";
}; };
# Shell aliases (migrated from 01-env.sh and 01-nvim.sh) # Shell aliases (migrated from 01-env.sh and 01-nvim.sh)
@@ -237,12 +235,6 @@
enableZshIntegration = true; enableZshIntegration = true;
}; };
# ==========================================================================
# NVM - Node Version Manager
# ==========================================================================
# NVM is installed via Homebrew and sourced in the shell
# This allows managing multiple Node.js versions per project
# ========================================================================== # ==========================================================================
# Pyenv - Python version management # Pyenv - Python version management
# ========================================================================== # ==========================================================================
@@ -281,13 +273,14 @@
${pkgs.mise}/bin/mise use --global bun@latest ${pkgs.mise}/bin/mise use --global bun@latest
${pkgs.mise}/bin/mise use --global deno@latest ${pkgs.mise}/bin/mise use --global deno@latest
${pkgs.mise}/bin/mise use --global uv@latest ${pkgs.mise}/bin/mise use --global uv@latest
${pkgs.mise}/bin/mise use --global rust@latest
''; '';
programs.nushell = { programs.nushell = {
enable = true; enable = true;
# The config.nu can be anywhere you want if you like to edit your Nushell with Nu # The config.nu can be anywhere you want if you like to edit your Nushell with Nu
# configFile.source = ./.../config.nu; # configFile.source = ./.../config.nu;
# for editing directly to config.nu # for editing directly to config.nu
extraConfig = '' extraConfig = ''
let carapace_completer = {|spans| let carapace_completer = {|spans|
carapace $spans.0 nushell ...$spans | from json carapace $spans.0 nushell ...$spans | from json
@@ -312,13 +305,13 @@
split row (char esep) | split row (char esep) |
append /usr/bin/env append /usr/bin/env
) )
''; '';
shellAliases = { shellAliases = {
vi = "hx"; vi = "hx";
vim = "hx"; vim = "hx";
nano = "hx"; nano = "hx";
}; };
}; };
programs.carapace = { programs.carapace = {
enable = true; enable = true;
enableNushellIntegration = true; enableNushellIntegration = true;

16
modules/home/ssh.nix
View File

@@ -8,9 +8,11 @@
lib, lib,
... ...
}: }:
with lib; let with lib;
let
cfg = config.modules.ssh; cfg = config.modules.ssh;
in { in
{
options.modules.ssh = { options.modules.ssh = {
enable = mkEnableOption "SSH configuration"; enable = mkEnableOption "SSH configuration";
@@ -65,7 +67,7 @@ in {
enableDefaultConfig = false; enableDefaultConfig = false;
# Include colima SSH config for container access # Include colima SSH config for container access
includes = ["~/.colima/ssh_config"]; includes = [ "~/.colima/ssh_config" ];
# 1Password SSH agent integration (macOS) # 1Password SSH agent integration (macOS)
extraConfig = '' extraConfig = ''
@@ -119,7 +121,7 @@ in {
identityFile = cfg.githubZeronorthKeyPath; identityFile = cfg.githubZeronorthKeyPath;
identitiesOnly = true; identitiesOnly = true;
}; };
# Docker server # Docker server
"docker.host" = { "docker.host" = {
hostname = "docker.olsen.cloud"; hostname = "docker.olsen.cloud";
@@ -128,7 +130,7 @@ in {
identityFile = cfg.githubPrivateKeyPath; identityFile = cfg.githubPrivateKeyPath;
identitiesOnly = true; identitiesOnly = true;
}; };
# NAS server # NAS server
"nas.host" = { "nas.host" = {
hostname = "192.168.20.106"; hostname = "192.168.20.106";
@@ -137,7 +139,7 @@ in {
identityFile = cfg.githubPrivateKeyPath; identityFile = cfg.githubPrivateKeyPath;
identitiesOnly = true; identitiesOnly = true;
}; };
# Private MacBook # Private MacBook
"macbook.host" = { "macbook.host" = {
hostname = "192.168.3.9"; hostname = "192.168.3.9";
@@ -146,7 +148,7 @@ in {
identityFile = cfg.githubPrivateKeyPath; identityFile = cfg.githubPrivateKeyPath;
identitiesOnly = true; identitiesOnly = true;
}; };
# ZN MacBook # ZN MacBook
"zn.host" = { "zn.host" = {
hostname = "192.168.3.3"; hostname = "192.168.3.3";

7
modules/home/tmux.nix
View File

@@ -7,7 +7,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
programs.tmux = { programs.tmux = {
enable = true; enable = true;
@@ -116,6 +117,8 @@
# Utils - lazygit popup # Utils - lazygit popup
bind -r g display-popup -d '#{pane_current_path}' -w80% -h80% -E lazygit bind -r g display-popup -d '#{pane_current_path}' -w80% -h80% -E lazygit
bind -r o display-popup -d '#{pane_current_path}' -w80% -h80% -E yazi
bind -r p display-popup -d '#{pane_current_path}' -w80% -h80% -E $SHELL
''; '';
}; };
} }