initial commit

This commit is contained in:
gwg313 2026-04-15 18:26:05 -04:00
commit ebc1be5217
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
143 changed files with 7721 additions and 0 deletions

View file

@ -0,0 +1,155 @@
{
pkgs,
...
}:
{
programs.git = {
enable = true;
settings = {
user = {
name = "gwg313";
email = "gwg313@pm.me";
};
credential = {
helper = "!pass-git-helper $@";
};
user = {
signingkey = "60FF63B4826B7400";
};
commit = {
gpgsign = true;
verbose = "true";
};
diff = {
algorithm = "histogram";
colorMoved = "plain";
mnemonicPrefix = "true";
renames = "true";
compactionHeuristic = "true";
tool = "nvimdiff";
};
"difftool \"nvimdiff\"" = {
cmd = "nvim -d \"$LOCAL\" \"$REMOTE\" -c \"wincmd w\" -c \"wincmd L\"";
};
merge = {
tool = "nvimdiff4";
prompt = "false";
conflictstyle = "zdiff3";
};
"mergetool \"nvimdiff4\"" = {
cmd = "nvim -d $LOCAL $BASE $REMOTE $MERGED -c '$wincmd w' -c 'wincmd J'";
};
mergetool = {
keepBackup = false;
};
init = {
defaultBranch = "main";
};
core = {
pager = "delta";
editor = "nvim";
};
delta = {
features = "line-numbers decorations";
navigate = "true";
whitespace-error-style = "22 reverse";
};
interactive = {
diffFilter = "delta --color-only";
};
push = {
default = "simple";
autoSetupRemote = "true";
followTags = "true";
};
pull = {
rebase = "true";
};
rebase = {
autoSquash = "true";
autoStash = "true";
updateRefs = "true";
};
fetch = {
prune = "true";
pruneTags = "true";
all = "true";
};
tag = {
sort = "version:refname";
};
branch = {
sort = "-committerdate";
};
help = {
autocorrect = "true";
};
rerere = {
enabled = "true";
autoupdate = "true";
};
color.ui = "1";
};
ignores = [
"__pycache__"
".direnv"
"npm-debug.log"
".cache/"
".DS_Store"
".idea/"
"*.swp"
"*.elc"
"auto-save-list"
".direnv/"
"node_modules"
"result"
"result-*"
];
};
programs.zsh = {
shellAliases = {
trackme = "git branch --set-upstream-to=origin/$(git symbolic-ref --short HEAD)";
rebasemain = "git pull origin main --rebase";
hist = ''log --pretty=format:"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)" --graph --date=relative --decorate --all'';
llog = ''log --graph --name-status --pretty=format:"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset" --date=relative'';
g = "lazygit";
ga = "git add";
gc = "git commit";
gcu = "git add . && git commit -m 'Update'";
gp = "git push";
gpl = "git pull";
gs = "git status";
gd = "git diff";
gco = "git checkout";
gcb = "git checkout -b";
gbr = "git branch";
grs = "git reset HEAD~1";
grh = "git reset --hard HEAD~1";
gaa = "git add .";
gcm = "git commit -m";
};
};
home.packages = with pkgs; [
cocogitto
delta
lazygit
gh
pre-commit
graphite-cli
tig
pass-git-helper
];
xdg.configFile."pass-git-helper/git-pass-mapping.ini".text = ''
[git.gwg313.xyz*]
target=git/https/git.gwg313.xyz
line_username=1
'';
}

View file

@ -0,0 +1,82 @@
{ config, ... }:
let
user = config.dendritic.current.primaryUser;
secretName = "wireless.env";
in
{
sops.secrets.${secretName} = {
sopsFile = ../../../../secrets/users/${user}.yaml;
};
networking.networkmanager.ensureProfiles = {
environmentFiles = [
config.sops.secrets.${secretName}.path
];
profiles = {
home-wifi = {
connection.id = "home-wifi";
connection.type = "wifi";
wifi.ssid = "$home_uuid";
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$home_psk";
};
connection.autoconnect-priority = 100;
};
eduroam = {
connection.id = "eduroam";
connection.type = "wifi";
wifi.ssid = "eduroam";
wifi-security = {
key-mgmt = "wpa-eap";
};
"802-1x" = {
eap = "peap;";
identity = "$eduroam_identity";
password = "$school_password";
phase2-auth = "mschapv2";
};
connection.autoconnect = true;
connection.autoconnect-priority = 80;
wifi.powersave = 2;
wifi.mode = "infrastructure";
ipv4.method = "auto";
# ipv4.dns = "8.8.8.8,8.8.4.4.";
# ipv6.dns = "2001:4860:4860::8888";
# wifi.mac-address-randomization = "random";
ipv4.dhcp-send-hostname = false;
# ipv4.dhcp-hostname = "NoName";
# connection.metered = "yes";
};
school = {
connection.id = "School";
connection.type = "wifi";
wifi.ssid = "$school_uuid";
wifi-security = {
key-mgmt = "wpa-eap";
};
"802-1x" = {
eap = "peap;";
identity = "$school_identity";
password = "$school_password";
phase2-auth = "mschapv2";
};
connection.autoconnect = true;
connection.autoconnect-priority = 90;
wifi.powersave = 2;
wifi.mode = "infrastructure";
ipv4.method = "auto";
# ipv4.dns = "8.8.8.8,8.8.4.4.";
# ipv6.dns = "2001:4860:4860::8888";
# wifi.mac-address-randomization = "random";
ipv4.dhcp-send-hostname = false;
# ipv4.dhcp-hostname = "NoName";
# connection.metered = "yes";
};
};
};
}

View file

@ -0,0 +1,53 @@
{
config,
lib,
inputs,
...
}:
{
fileSystems = {
"/books" = {
device = inputs.secrets.nfs.devices.books;
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=90"
];
};
"/music" = {
device = inputs.secrets.nfs.devices.music;
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=90"
];
};
"/personal" = {
device = inputs.secrets.nfs.devices.personal;
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=90"
];
};
"/backups" = {
device = inputs.secrets.nfs.devices.backups;
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=90"
];
};
};
}

View file

@ -0,0 +1,106 @@
{ ... }:
{
programs.ssh = {
enable = true;
hashKnownHosts = true;
matchBlocks = {
"router" = {
hostname = "router.local.gwg313.xyz";
user = "glen";
identityFile = "/home/gwg313/.ssh/home/id_ed25519";
};
"github.com" = {
hostname = "github.com";
identityFile = "/home/gwg313/.ssh/github/id_ed25519";
};
"candlekeep" = {
hostname = "candlekeep.local.gwg313.xyz";
user = "gwg313";
identityFile = "/home/gwg313/.ssh/home/id_ed25519";
};
"candlekeep.zt" = {
hostname = "candlekeep.zt"; # added to hosts in zerotier config
user = "gwg313";
identityFile = "/home/gwg313/.ssh/home/id_ed25519";
};
"grymforge" = {
hostname = "grymforge.local.gwg313.xyz";
user = "gwg313";
identityFile = "/home/gwg313/.ssh/home/id_ed25519";
};
"grymforge.zt" = {
hostname = "grymforge.zt"; # added to hosts in zerotier config
user = "gwg313";
identityFile = "/home/gwg313/.ssh/home/id_ed25519";
extraOptions = {
"VisualHostKey" = "no";
};
};
"waypoint" = {
hostname = "waypoint.local.gwg313.xyz";
user = "root";
identityFile = "/home/gwg313/.ssh/colmena/id_ed25519";
};
"seikan" = {
hostname = "147.182.147.32";
user = "root";
identityFile = "/home/gwg313/.ssh/digital_ocean/id_ed25519";
};
"panopticon" = {
hostname = "10.1.10.9";
user = "root";
identityFile = "/home/gwg313/.ssh/colmena/id_ed25519";
};
"vault-tec" = {
hostname = "10.1.10.13";
user = "root";
identityFile = "/home/gwg313/.ssh/colmena/id_ed25519";
};
"qnx" = {
hostname = "10.1.40.32";
user = "qnxuser";
identitiesOnly = true;
identityFile = "/home/gwg313/.ssh/qnxuser";
extraOptions = {
"Ciphers" = "aes256-ctr";
};
};
"qnxzt" = {
hostname = "10.1.40.32";
user = "qnxuser";
identitiesOnly = true;
identityFile = "/home/gwg313/.ssh/qnxuser";
proxyJump = "grymforge.zt";
extraOptions = {
"Ciphers" = "aes256-ctr";
"VisualHostKey" = "no";
};
};
"qnxproj" = {
hostname = "10.1.10.66";
user = "qnxuser";
identitiesOnly = true;
identityFile = "/home/gwg313/.ssh/qnxuser";
proxyJump = "bastion";
extraOptions = {
"Ciphers" = "aes256-ctr";
"VisualHostKey" = "no";
};
};
"bastion" = {
hostname = "10.1.10.9";
user = "bastion";
identitiesOnly = true;
identityFile = "/home/gwg313/.ssh/qnxuser";
};
};
};
}

View file

@ -0,0 +1,19 @@
{ config, ... }:
let
user = config.dendritic.current.primaryUser;
in
{
services.openssh = {
enable = true;
settings = {
AllowUsers = [ user ];
};
};
users.users.${user}.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILq54YrM3BbhBs0oDLOrc1bkg6FCCmkV4E3pWLZp0ejN gwg313@pm.me"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPZK7127ict2+Urhi1cbD6EIU85mD4lkQ9/ihaif0jsX" # Phone
];
}

View file

@ -0,0 +1,78 @@
{
inputs,
...
}:
{
services.syncthing = {
enable = true;
dataDir = "/home/gwg313";
openDefaultPorts = true;
configDir = "/home/gwg313/.config/syncthing";
user = "gwg313";
group = "users";
guiAddress = "127.0.0.1:8384";
overrideDevices = true;
overrideFolders = true;
settings = {
gui = {
user = inputs.secrets.syncthing.gui_user;
password = inputs.secrets.syncthing.gui_password;
};
devices = {
"grymforge" = {
id = inputs.secrets.syncthing.grymforge_id;
};
};
folders = {
"repos" = {
path = "/home/gwg313/repos";
devices = [ "grymforge" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
"documents" = {
path = "/home/gwg313/Documents";
devices = [ "grymforge" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
"password-store" = {
path = "/home/gwg313/.local/share/password-store";
devices = [ "grymforge" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
"zettelkasten" = {
path = "/home/gwg313/zettelkasten/";
devices = [ "grymforge" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
};
};
};
}

View file

@ -0,0 +1,4 @@
{ lib, ... }:
{
services.usbguard.rules = lib.mkAfter "";
}