Jo/puzzlevision
1
0
Fork 0
mirror of https://github.com/Jokiller230/puzzlevision.git synced 2025-10-30 13:20:04 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add direnv and remove some unused stuff
Some checks failed
Nix: validate flake.lock / Check Lockfile (push) Has been cancelled
Details
Nix: validate flake / Validate x86_64-linux (push) Has been cancelled
Details
Trufflehog: check for exposed secrets / Run trufflehog (push) Has been cancelled
Details
Nix: check for unused code / Run deadnix (push) Has been cancelled
Details

Browse source
This commit is contained in:
Jo 2025-10-15 11:07:39 +02:00
parent 92c9d47900
commit fad807fb47
9 changed files with 74 additions and 144 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.sops.yaml
View file

@ -23,8 +23,3 @@ creation_rules:
key_groups:
- age:
- *jo
- path_regex: homes/[^/]+/drfrontend/secrets/.*\.(yaml|env|json|cfg)$
key_groups:
- age:
- *jo

48
flake.lock generated
View file

@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1758186094,
"narHash": "sha256-uvfqk4A5pCKwGvq0f/ZrmqarF80KViSNfYWKdeOYFaw=",
"lastModified": 1760468693,
"narHash": "sha256-JtXWEvA09PLiBOcNws3eUa6WSj/j1aDc1isWXka6ctk=",
"owner": "catppuccin",
"repo": "nix",
"rev": "ff94d16ca2d7f51b9fc4a7f6559dc18de54d1915",
"rev": "2b289e5837767dd9239e4469d6ba69ca4f98038b",
"type": "github"
},
"original": {
@ -56,11 +56,11 @@
]
},
"locked": {
"lastModified": 1756770412,
"narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
"lastModified": 1759362264,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "4524271976b625a4a605beefd893f270620fd751",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
"type": "github"
},
"original": {
@ -94,11 +94,11 @@
]
},
"locked": {
"lastModified": 1758207369,
"narHash": "sha256-BG7GlXo5moXtrFSCqnkIb1Q00szOZXTj5Dx7NmWgves=",
"lastModified": 1760500983,
"narHash": "sha256-zfY4F4CpeUjTGgecIJZ+M7vFpwLc0Gm9epM/iMQd4w8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "b5698ed57db7ee7da5e93df2e6bbada91c88f3ce",
"rev": "c53e65ec92f38d30e3c14f8d628ab55d462947aa",
"type": "github"
},
"original": {
@ -138,11 +138,11 @@
]
},
"locked": {
"lastModified": 1758183841,
"narHash": "sha256-c04iKVUNTZDYlWIcToS9/jLgqA5BgkxTYE0Opn0Hxpw=",
"lastModified": 1760491287,
"narHash": "sha256-BOvhD3Q9fZcxQbjz9YPdOTrWjRnyUVqW2YTFJZI8rQE=",
"owner": "kaylorben",
"repo": "nixcord",
"rev": "1be1e2031b70966b8ae5ec86ada23d8a05e81d73",
"rev": "b88450ad729eed534601ff0813b3fed46dd013cb",
"type": "github"
},
"original": {
@ -153,11 +153,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1757943327,
"narHash": "sha256-w6cDExPBqbq7fTLo4dZ1ozDGeq3yV6dSN4n/sAaS6OM=",
"lastModified": 1760106635,
"narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "67a709cfe5d0643dafd798b0b613ed579de8be05",
"rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903",
"type": "github"
},
"original": {
@ -168,11 +168,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1758035966,
"narHash": "sha256-qqIJ3yxPiB0ZQTT9//nFGQYn8X/PBoJbofA7hRKZnmE=",
"lastModified": 1760284886,
"narHash": "sha256-TK9Kr0BYBQ/1P5kAsnNQhmWWKgmZXwUQr4ZMjCzWf2c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8d4ddb19d03c65a36ad8d189d001dc32ffb0306b",
"rev": "cf3f5c4def3c7b5f1fc012b3d839575dbe552d43",
"type": "github"
},
"original": {
@ -203,11 +203,11 @@
]
},
"locked": {
"lastModified": 1758007585,
"narHash": "sha256-HYnwlbY6RE5xVd5rh0bYw77pnD8lOgbT4mlrfjgNZ0c=",
"lastModified": 1760393368,
"narHash": "sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "f77d4cfa075c3de66fc9976b80e0c4fc69e2c139",
"rev": "ab8d56e85b8be14cff9d93735951e30c3e86a437",
"type": "github"
},
"original": {
@ -239,11 +239,11 @@
]
},
"locked": {
"lastModified": 1758213608,
"narHash": "sha256-/CPyP3EC9EMYuGWrzPRpnWRrmw01N7upfB+xIRxfLUU=",
"lastModified": 1760276212,
"narHash": "sha256-7It9jBYdT8lqJLkKN+i/9RplR2Fv3F7bH02gDVlEV0o=",
"owner": "vicinaehq",
"repo": "vicinae",
"rev": "a026db18b9f9a29edd94305b4e77d196bf91afb0",
"rev": "6c583ff744ce0acf4f1af9c5f5af37057bfcde68",
"type": "github"
},
"original": {

50
homes/x86_64-linux/drfrontend/default.nix
View file

@ -1,50 +0,0 @@
{
pkgs,
config,
...
}:
{
puzzlevision = {
themes.catppuccin.enable = true;
apps.zed.enable = true;
apps.firefox = {
enable = true;
extensions = [
"uBlock0@raymondhill.net"
"ATBC@EasonWong"
"languagetool-webextension@languagetool.org"
"firefox-enpass@enpass.io"
"firefox@tampermonkey.net"
"wappalyzer@crunchlabz.com"
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}"
"{d49033ac-8969-488c-afb0-5cdb73957f41}"
];
};
};
sops.secrets.wakatime-cfg = {
format = "binary";
sopsFile = ./secrets/wakatime.cfg;
path = "${config.home.homeDirectory}/.wakatime.cfg";
};
home.packages = with pkgs; [
## GENERAL
ghostty
teams-for-linux
enpass
youtube-music
## WEB
ungoogled-chromium
## EDITORS
jetbrains.phpstorm
## RUNTIMES and CLIs for development
bun
git
];
home.stateVersion = "25.05";
}

19
homes/x86_64-linux/drfrontend/secrets/wakatime.cfg
View file

@ -1,19 +0,0 @@
{
"data": "ENC[AES256_GCM,data:UAADE/aH98MYyfxL3ZkZ06lHHTRmmRVuOhiqEyF6DP35sGTC7Mpqe++MTYBDFrD4Rraeao9T2tcu3sL22p9SW9jF7Y2L1YZ9zKKUyP2y+G8PN25GqXWaNwJQG/hxcKs8km448g==,iv:SkyBC+VkwccprAomhXUzdmSQuBDfFn22MKJwjV9ZSzo=,tag:m/uUcl9r3GW3QYCajoAhYw==,type:str]",
"sops": {
"age": [
{
"recipient": "age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5VmtTRHo4NWVuU2tiZTc5\nWUVyeU54ZmtZbi9uUWNablIxSm9aZ3hadjBnCmNiVlBXS2lEbE00VFl6QVRlQk92\nMFI0TVBMVDZiQXg3VzZTaVNEd2RROTQKLS0tIEg3aGwvWXgvVldGTjZFaS95dEVP\nUmZHaGFaNndDRWY5cXBJeGY4TVVqbTgKeFTClhSmX5IQ5+7DXk4HEwTAv4uB/HCl\nVeoKUNaTHme60hWE/J12B2PvxtRa+f6diDMFg11mQkPOZwyEcQWMpg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1ajkq0lalyc75tjhdtpx2yshw5y3wt85fwjy24luf69rvpavg33vqw6c3tc",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnK1NtOE9tZ0poRjdkOTBi\nbWFQbGovY1VvRDN4clJmRGdTSHlzQk5JSmtrCitSc3hnb21CMVVuclZ2YndIOWRk\naDduM3VadDBaWFRDRElZSWlUaXdUZGMKLS0tIEJOUEFoS3ZJQWtkNGFQNk1CdGxI\nSmRFQ25TSXY1S0FHQmhUbWNsT1Z2c2sKBTV2WEW+HynmrrPza8gsIQAK2V3HhYfJ\nrG6rjnzMONd+0Q6Z0KBqgoMfCTjWE9CBnm78DL16u9pRH3CwhpKabg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-22T18:30:26Z",
"mac": "ENC[AES256_GCM,data:/aZOXw2xgQ8UZG5TIWXwHZjlofa08WM2XpPhXUbf2qrx0yyhEyZrtibalCIDdUGgzaZjt8b+qrZqgNE9o+HCUNVX9fU9yCXRL1kpksz9e6HV4S+KIrdHnEFtuRt7r8nP29BotLYoP9KKbA57lL5SYJgPINHq11CAiQLU6A8W8YI=,iv:0zvQe2wRd/qKjrqinc9kgP8RSl47xxD0LofREiK8XOc=,tag:eWhtD/X3CPHTlEZPgp0cjA==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

36
homes/x86_64-linux/jo/default.nix
View file

@ -13,19 +13,25 @@
puzzlevision = {
themes.catppuccin.enable = true;
apps.zed.enable = true;
apps.firefox = {
enable = true;
extensions = [
"uBlock0@raymondhill.net"
"ATBC@EasonWong"
"languagetool-webextension@languagetool.org"
"firefox-enpass@enpass.io"
"firefox@tampermonkey.net"
"wappalyzer@crunchlabz.com"
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}"
"{d49033ac-8969-488c-afb0-5cdb73957f41}"
];
apps = {
zed.enable = true;
firefox = {
enable = true;
extensions = [
"uBlock0@raymondhill.net"
"ATBC@EasonWong"
"languagetool-webextension@languagetool.org"
"firefox-enpass@enpass.io"
"firefox@tampermonkey.net"
"wappalyzer@crunchlabz.com"
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}"
"{d49033ac-8969-488c-afb0-5cdb73957f41}"
];
};
};
cli = {
direnv.enable = true;
};
};
@ -45,13 +51,9 @@
enpass
youtube-music
## WEB
ungoogled-chromium
## EDITORS
apostrophe
jetbrains.phpstorm
arduino-ide
obsidian
## RUNTIMES and CLIs for development

29
modules/home/cli/direnv/default.nix Normal file
View file

@ -0,0 +1,29 @@
{
osConfig,
config,
self,
pkgs,
lib,
...
}:
let
inherit (lib) mkIf mkEnableOption;
inherit (self) namespace;
cfg = config.${namespace}.cli.direnv;
in
{
options.${namespace}.cli.direnv = {
enable = mkEnableOption "enable direnv support";
};
config = mkIf cfg.enable {
programs.direnv = {
enable = true;
nix-direnv.enable = true;
enableFishIntegration = mkIf (osConfig.${namespace}.users.defaultUserShell == pkgs.fish);
};
};
}

2
modules/home/desktop/gnome/default.nix
View file

@ -65,7 +65,7 @@ in
};
};
wallpaper =
mkOpt path ../wallpapers/scenic-landscape-blurred.jpg
mkOpt path ../wallpapers/building_top_sit_dusk.jpg
"Specify the path of your prefered Gnome wallpaper.";
};

28
systems/x86_64-nixos/puzzlevision/default.nix
View file

@ -5,13 +5,11 @@
./hardware-generated.nix
];
# Todo: automate this globally for all workstation and server archetypes!
# Configure Sops
sops.defaultSopsFile = ./secrets/users.yaml;
sops.age.keyFile = "/var/lib/sops-nix/key.txt";
programs.steam.enable = true;
programs.steam.remotePlay.openFirewall = true;
puzzlevision = {
users.jo = {
@ -23,32 +21,8 @@
];
};
users.drfrontend = {
enable = true;
hashedPassword = "$6$mvK9bT756Aok54Vt$vBRnT66Vb3HL0Y5rEMJlHvKkvzVQ.KUciInTmW3FCBFT00IuFMpz3q9RhXPLTLMRPho65bTg9hMnFPb84I774.";
extraGroups = [
"wheel"
"docker"
];
};
archetypes.laptop.enable = true;
system.kernel.version = "linuxPackages_zen";
};
# Configure some last-resort aggressive nix-daemon OOM protection
systemd = {
# Create a separate slice for nix-daemon that is
# memory-managed by the userspace systemd-oomd killer
slices."nix-daemon".sliceConfig = {
ManagedOOMMemoryPressure = "kill";
ManagedOOMMemoryPressureLimit = "50%";
};
services."nix-daemon".serviceConfig.Slice = "nix-daemon.slice";
# If a kernel-level OOM event does occur anyway,
# strongly prefer killing nix-daemon child processes
services."nix-daemon".serviceConfig.OOMScoreAdjust = 1000;
system.kernel.version = "linuxPackages_6_16";
};
boot = {

1
systems/x86_64-nixos/puzzlevision/hardware.nix
View file

@ -77,7 +77,6 @@
# Kill processes before they can cause an OOM exception
earlyoom = {
enable = true;
enableNotifications = true;
};
# Enable Thermald for improved overheating protection