cswimr/flake
cswimr/flake
Template
1
1
Fork 0
Code Issues 4 Pull requests 1 Activity

Compare commits

base: cswimr:c9b44fbf1fef1c7e926f36fcb2afa9b76eda1e3c
Branches Tags
cswimr:master
cswimr:renovate/lock-file-maintenance
..
compare: cswimr:029152408200508d0bad1c8f0ecb1eaada604137
Branches Tags
cswimr:renovate/lock-file-maintenance
cswimr:master

No commits in common. "c9b44fbf1fef1c7e926f36fcb2afa9b76eda1e3c" and "029152408200508d0bad1c8f0ecb1eaada604137" have entirely different histories.
c9b44fbf1f ... 0291524082

5 changed files with 21 additions and 276 deletions
Show stats Expand all files Collapse all files

221
flake.lock generated
View file

@ -38,27 +38,6 @@
"type": "github" "type": "github"
} }
}, },
"crane": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717535930,
"narHash": "sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU=",
"owner": "ipetkov",
"repo": "crane",
"rev": "55e7754ec31dac78980c8be45f8a28e80e370946",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"devshell": { "devshell": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -97,22 +76,6 @@
} }
}, },
"flake-compat_2": { "flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
@ -127,27 +90,6 @@
} }
}, },
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixvim", "nixvim",
@ -205,24 +147,6 @@
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_2"
}, },
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_3"
},
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
@ -243,7 +167,7 @@
"nixvim", "nixvim",
"flake-compat" "flake-compat"
], ],
"gitignore": "gitignore_2", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
"nixpkgs" "nixpkgs"
@ -268,28 +192,6 @@
} }
}, },
"gitignore": { "gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
@ -381,33 +283,6 @@
"type": "github" "type": "github"
} }
}, },
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1718178907,
"narHash": "sha256-eSZyrQ9uoPB9iPQ8Y5H7gAmAgAvCw3InStmU3oEjqsE=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "b627ccd97d0159214cee5c7db1412b75e4be6086",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "v0.4.1",
"repo": "lanzaboote",
"type": "github"
}
},
"nix-darwin": { "nix-darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -469,8 +344,8 @@
}, },
"nix-vscode-extensions": { "nix-vscode-extensions": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
@ -503,22 +378,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": {
"locked": {
"lastModified": 1710695816,
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "614b4613980a522ba49f0d194531beddbb7220d3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1713805509, "lastModified": 1713805509,
@ -570,8 +429,8 @@
"nixvim": { "nixvim": {
"inputs": { "inputs": {
"devshell": "devshell", "devshell": "devshell",
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts",
"git-hooks": "git-hooks", "git-hooks": "git-hooks",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nix-darwin": "nix-darwin", "nix-darwin": "nix-darwin",
@ -597,7 +456,7 @@
}, },
"nuschtosSearch": { "nuschtosSearch": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_3",
"ixx": "ixx", "ixx": "ixx",
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
@ -663,39 +522,11 @@
"type": "github" "type": "github"
} }
}, },
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1717664902,
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"catppuccin-vsc": "catppuccin-vsc", "catppuccin-vsc": "catppuccin-vsc",
"compose2nix": "compose2nix", "compose2nix": "compose2nix",
"home-manager": "home-manager", "home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"nix-flatpak": "nix-flatpak", "nix-flatpak": "nix-flatpak",
"nix-vscode-extensions": "nix-vscode-extensions", "nix-vscode-extensions": "nix-vscode-extensions",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
@ -705,31 +536,6 @@
"zen-browser": "zen-browser" "zen-browser": "zen-browser"
} }
}, },
"rust-overlay": {
"inputs": {
"flake-utils": [
"lanzaboote",
"flake-utils"
],
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717813066,
"narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sops-nix": { "sops-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -780,21 +586,6 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [

25
flake.nix
View file

@ -15,10 +15,6 @@
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.1";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-flatpak.url = "github:gmodena/nix-flatpak"; nix-flatpak.url = "github:gmodena/nix-flatpak";
nixvim = { nixvim = {
url = "github:nix-community/nixvim"; url = "github:nix-community/nixvim";
@ -33,12 +29,7 @@
catppuccin-vsc.url = "https://flakehub.com/f/catppuccin/vscode/*.tar.gz"; catppuccin-vsc.url = "https://flakehub.com/f/catppuccin/vscode/*.tar.gz";
}; };
outputs = outputs =
{ { nixpkgs, home-manager, ... }@inputs:
self,
nixpkgs,
home-manager,
...
}@inputs:
let let
user = "cswimr"; user = "cswimr";
system = "x86_64-linux"; system = "x86_64-linux";
@ -78,7 +69,6 @@
./nixos/sudo.nix ./nixos/sudo.nix
./nixos/symlinks.nix ./nixos/symlinks.nix
./nixos/tailscale.nix ./nixos/tailscale.nix
./nixos/tpm.nix
{ {
# enable bluetooth # enable bluetooth
@ -89,18 +79,6 @@
inputs.nixvim.nixosModules.nixvim inputs.nixvim.nixosModules.nixvim
inputs.nix-flatpak.nixosModules.nix-flatpak inputs.nix-flatpak.nixosModules.nix-flatpak
inputs.lanzaboote.nixosModules.lanzaboote
(
{ lib, ... }:
{
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
}
)
# Home Manager # Home Manager
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
@ -119,7 +97,6 @@
users.${user} = { users.${user} = {
imports = [ imports = [
./home-manager/plasma.nix ./home-manager/plasma.nix
./home-manager/tpm.nix
./home-manager/user.nix ./home-manager/user.nix
./home-manager/vscode.nix ./home-manager/vscode.nix
{ {

5
home-manager/tpm.nix
View file

@ -1,5 +0,0 @@
{
programs.ssh.extraConfig = ''
PKCS11Provider = /run/current-system/sw/lib/libtpm2_pkcs11.so
'';
}

29
nixos/configuration.nix
View file

@ -20,21 +20,20 @@
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
# Bootloader. # Bootloader.
boot.loader.systemd-boot.enable = true; boot.loader.grub = {
# boot.loader.grub = { enable = true;
# enable = true; efiSupport = true;
# efiSupport = true; device = "nodev";
# device = "nodev"; theme = pkgs.catppuccin-grub;
# theme = pkgs.catppuccin-grub; extraEntries = ''
# extraEntries = '' menuentry "Firmware Setup" --class menu {
# menuentry "Firmware Setup" --class menu { fwsetup
# fwsetup }
# } '';
# ''; extraFiles = {
# extraFiles = { "theme/icons/menu.png" = "/etc/nixos/assets/img/grub/menu.png";
# "theme/icons/menu.png" = "/etc/nixos/assets/img/grub/menu.png"; };
# }; };
# };
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = hostname; # Define your hostname. networking.hostName = hostname; # Define your hostname.

17
nixos/tpm.nix
View file

@ -1,17 +0,0 @@
{ user, lib, pkgs, ... }:
{
environment.variables = {
TPM2_PKCS11_TCTI = lib.mkDefault "tabrmd:";
};
security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
users.users.${user}.extraGroups = [ "tss" ];
# secure boot configuration
environment.systemPackages = with pkgs; [
sbctl
];
}