diff --git a/config/base.nix b/config/base.nix index 54822e5..c8d7313 100644 --- a/config/base.nix +++ b/config/base.nix @@ -14,6 +14,7 @@ ./network.nix ./programs.nix ./system.nix + ./sway.nix ]; nixpkgs = { overlays = [ @@ -49,9 +50,20 @@ auto-optimise-store = true; }; - virtualisation.docker = { - enable = true; - liveRestore = false; + virtualisation = { + podman = { + enable = true; + + # Create a `docker` alias for podman, to use it as a drop-in replacement + dockerCompat = true; + + # Required for containers under podman-compose to be able to talk to each other. + defaultNetwork.settings.dns_enabled = true; + }; + docker = { + enable = true; + liveRestore = false; + }; }; services.pulseaudio.enable = false; @@ -120,6 +132,7 @@ console.keyMap = "sv-latin1"; environment.systemPackages = with pkgs; [ + waypipe (st.overrideAttrs (oldAttrs: rec { src = builtins.fetchGit { url = "https://github.com/fwastring/st"; @@ -160,19 +173,19 @@ "ipsec.d/ipsec.nm-l2tp.secrets" ]; }; - xserver = { - displayManager = { - startx.enable = true; - }; - enable = true; - xkb = { - layout = "se"; - variant = ""; - }; - windowManager.dwm = { - enable = true; - }; - }; + # xserver = { + # displayManager = { + # startx.enable = true; + # }; + # enable = true; + # xkb = { + # layout = "se"; + # variant = ""; + # }; + # windowManager.dwm = { + # enable = true; + # }; + # }; blueman = { enable = true; }; diff --git a/config/dev.nix b/config/dev.nix index a3aa878..74fdbe9 100644 --- a/config/dev.nix +++ b/config/dev.nix @@ -26,13 +26,17 @@ in yq skopeo umoci + velero + podman-tui azure-cli - dotnetCorePackages.sdk_8_0_3xx + dotnetCorePackages.dotnet_9.sdk google-cloud-sdk jira-cli-go gh allure + kubectx + python314 awscli unstable.minio-client diff --git a/config/k3s.nix b/config/k3s.nix index 3a5fe2e..a18b564 100644 --- a/config/k3s.nix +++ b/config/k3s.nix @@ -10,10 +10,10 @@ let in { networking.firewall.allowedTCPPorts = [ - 6443 # k3s: required so that pods can reach the API server (running on port 6443 by default) + 6443 5173 - # 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration - # 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration + 8080 + 3000 ]; services.k3s = { enable = true; @@ -38,7 +38,6 @@ in }; environment.systemPackages = with pkgs; [ - neovim k3s cifs-utils nfs-utils diff --git a/config/lsp.nix b/config/lsp.nix index 2600a4a..fbd9b66 100644 --- a/config/lsp.nix +++ b/config/lsp.nix @@ -26,5 +26,6 @@ typescript typescript-language-server lua-language-server + marksman ]; } diff --git a/config/sway.nix b/config/sway.nix new file mode 100644 index 0000000..f5625c4 --- /dev/null +++ b/config/sway.nix @@ -0,0 +1,29 @@ +{ config, pkgs, lib, ... }: +{ + environment.systemPackages = with pkgs; [ + grim # screenshot functionality + slurp # screenshot functionality + wl-clipboard # wl-copy and wl-paste for copy/paste from stdin / stdout + mako # notification system developed by swaywm maintainer + ]; + + # Enable the gnome-keyring secrets vault. + # Will be exposed through DBus to programs willing to store secrets. + services.gnome.gnome-keyring.enable = true; + + # enable Sway window manager + programs.sway = { + enable = true; + wrapperFeatures.gtk = true; + }; + + services.greetd = { + enable = true; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd sway"; + user = "greeter"; + }; + }; + }; +} diff --git a/config/system.nix b/config/system.nix index 0570621..f487947 100644 --- a/config/system.nix +++ b/config/system.nix @@ -63,6 +63,10 @@ ])) lazygit chawan + go-passbolt-cli + waypipe + wl-clipboard + smartmontools # Typesetting typst diff --git a/flake.lock b/flake.lock index 71f3684..0227024 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,79 @@ { "nodes": { + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753121425, + "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "neovim-nightly-overlay", + "hercules-ci-effects", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1751413152, + "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", + "type": "github" + }, + "original": { + "id": "flake-parts", + "type": "indirect" + } + }, "fw-pkgs": { "locked": { "lastModified": 1730710113, @@ -16,6 +90,73 @@ "type": "github" } }, + "git-hooks": { + "inputs": { + "flake-compat": "flake-compat_2", + "gitignore": "gitignore", + "nixpkgs": [ + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750779888, + "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "neovim-nightly-overlay", + "git-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "hercules-ci-effects": { + "inputs": { + "flake-parts": "flake-parts_2", + "nixpkgs": [ + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1752595130, + "narHash": "sha256-CNBgr4OZSuklGtNOa9CnTNo9+Xceqn/EDAC1Tc43fH8=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "5f2e09654b2e70ba643e41609d9f9b6640f22113", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -37,18 +178,58 @@ "type": "github" } }, + "neovim-nightly-overlay": { + "inputs": { + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "git-hooks": "git-hooks", + "hercules-ci-effects": "hercules-ci-effects", + "neovim-src": "neovim-src", + "nixpkgs": "nixpkgs", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1753637925, + "narHash": "sha256-0a+a6cv95THQvQ5/Pqy2yKTbnZrvq0OkOY9Wdvr06/A=", + "owner": "nix-community", + "repo": "neovim-nightly-overlay", + "rev": "06556188ee8c7ddfbe7b39d652cf409d0f912705", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "neovim-nightly-overlay", + "type": "github" + } + }, + "neovim-src": { + "flake": false, + "locked": { + "lastModified": 1753559931, + "narHash": "sha256-QIsckK2f4A1PG8hF3TboXYWrYEv3DtVtz+tTFs9V00w=", + "owner": "neovim", + "repo": "neovim", + "rev": "b4ba27c238ec342bcb01fa59ab1eaf6996a4c6ee", + "type": "github" + }, + "original": { + "owner": "neovim", + "repo": "neovim", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1748162331, - "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", + "lastModified": 1753432016, + "narHash": "sha256-cnL5WWn/xkZoyH/03NNUS7QgW5vI7D1i74g48qplCvg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", + "rev": "6027c30c8e9810896b92429f0092f624f7b1aace", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.05", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -69,13 +250,51 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1748162331, + "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { "fw-pkgs": "fw-pkgs", "home-manager": "home-manager", - "nixpkgs": "nixpkgs", + "neovim-nightly-overlay": "neovim-nightly-overlay", + "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable" } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753439394, + "narHash": "sha256-Bv9h1AJegLI8uAhiJ1sZ4XAndYxhgf38tMgCQwiEpmc=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "2673921c03d6e75fdf4aa93e025772608d1482cf", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", diff --git a/maskiner/work-desktop/configuration.nix b/maskiner/work-desktop/configuration.nix index 199f70b..f053f2c 100644 --- a/maskiner/work-desktop/configuration.nix +++ b/maskiner/work-desktop/configuration.nix @@ -18,6 +18,7 @@ ../../config/lsp.nix ../../config/network.nix ../../config/system.nix + ../../config/k3s.nix ]; nixpkgs = { overlays = [ @@ -53,9 +54,23 @@ auto-optimise-store = true; }; - virtualisation.docker = { - enable = true; - liveRestore = false; + + + # virtualisation.containers.enable = true; + virtualisation = { + # podman = { + # enable = true; + # + # # Create a `docker` alias for podman, to use it as a drop-in replacement + # dockerCompat = true; + # + # # Required for containers under podman-compose to be able to talk to each other. + # defaultNetwork.settings.dns_enabled = true; + # }; + docker = { + enable = true; + liveRestore = false; + }; }; networking.networkmanager.enable = true; diff --git a/shared/fish.nix b/shared/fish.nix index c70c0b1..698d91c 100644 --- a/shared/fish.nix +++ b/shared/fish.nix @@ -34,21 +34,19 @@ } ]; shellAbbrs = { - ls = "eza -l --no-time --no-permissions --no-user"; - k = "kubectl"; + ls = "eza -l"; ka = "kubectl apply -f"; - e = "nvim"; t = "timew"; + todo = "jira issue list -a 'Fredrik Wastring' -s ~Done -s ~Closed -s ~Released --plain"; cam = "jira issue create && jira issue assign && jira issue move"; - latest = "git log | head -1 | awk '{print $2;}' | xsel -ib"; - vpnup = "nmcli con up 'iFacts VPN'"; + e = "kubectx"; s = { setCursor = "%"; expansion = "cha https://search.wastring.com/search?q=%"; }; - vpndown = { + c = { setCursor = "%"; - expansion = "nmcli con down 'iFacts VPN'"; + expansion = "ssh 'fw:%@gateway.internalifacts.se' -p 2222"; }; dl = { setCursor = "&"; @@ -65,6 +63,8 @@ set -Ux FZF_TMUX_OPTS "-p" set -e GOROOT set -e GOPATH + gh completion -s fish > ~/.config/fish/completions/gh.fish + set -gx PATH $PATH $HOME/.krew/bin # Mocha set -Ux FZF_DEFAULT_OPTS "\ diff --git a/uninstal.sh b/uninstal.sh new file mode 100755 index 0000000..acf6b2e --- /dev/null +++ b/uninstal.sh @@ -0,0 +1,23 @@ +#!/bin/sh +set -x +systemctl stop k3s +systemctl disable k3s +systemctl daemon-reload +rm -f /etc/systemd/system/k3s.service +rm -f /usr/local/bin/k3s +if [ -L /usr/local/bin/kubectl ]; then + rm -f /usr/local/bin/kubectl +fi +if [ -L /usr/local/bin/crictl ]; then + rm -f /usr/local/bin/crictl +fi +if [ -e /sys/fs/cgroup/systemd/system.slice/k3s.service/cgroup.procs ]; then + kill -9 `cat /sys/fs/cgroup/systemd/system.slice/k3s.service/cgroup.procs` +fi +umount `cat /proc/self/mounts | awk '{print $2}' | grep '^/run/k3s'` +umount `cat /proc/self/mounts | awk '{print $2}' | grep '^/var/lib/rancher/k3s'` + +rm -rf /var/lib/rancher/k3s +rm -rf /etc/rancher/k3s + +rm -f /usr/local/bin/k3s-uninstall.sh