From fd299a4d39209bc901a90da490e84530a8274de2 Mon Sep 17 00:00:00 2001 From: Tasia Iso Date: Tue, 28 Jan 2025 10:01:00 +0100 Subject: [PATCH] lanzaboote, sway and nixpkgs update --- dotfiles/fontconfig | 8 ++ dotfiles/foot-config.ini | 255 +++++++++++++++++++++++++++++++++++ dotfiles/sway-config | 220 ++++++++++++++++++++++++++++++ dotfiles/swaylock-config | 2 + dotfiles/waybar-config.jsonc | 107 +++++++++++++++ dotfiles/waybar-style.css | 59 ++++++++ flake.lock | 191 ++++++++++++++++++++++++-- flake.nix | 5 + home/tasia/home.nix | 9 ++ hosts/cave/configuration.nix | 45 +++++-- 10 files changed, 874 insertions(+), 27 deletions(-) create mode 100644 dotfiles/fontconfig create mode 100644 dotfiles/foot-config.ini create mode 100644 dotfiles/sway-config create mode 100644 dotfiles/swaylock-config create mode 100644 dotfiles/waybar-config.jsonc create mode 100644 dotfiles/waybar-style.css diff --git a/dotfiles/fontconfig b/dotfiles/fontconfig new file mode 100644 index 0000000..c194116 --- /dev/null +++ b/dotfiles/fontconfig @@ -0,0 +1,8 @@ + + + monospace + + JetBrainsMono Nerd Font + + + diff --git a/dotfiles/foot-config.ini b/dotfiles/foot-config.ini new file mode 100644 index 0000000..77848c2 --- /dev/null +++ b/dotfiles/foot-config.ini @@ -0,0 +1,255 @@ +# -*- conf -*- + +# shell=$SHELL (if set, otherwise user's default shell from /etc/passwd) +# term=foot (or xterm-256color if built with -Dterminfo=disabled) +# login-shell=no + +# app-id=foot # globally set wayland app-id. Default values are "foot" and "footclient" for desktop and server mode +# title=foot +# locked-title=no + +font=JetBrainsMono Nerd Font:size=12 +# font-bold= +# font-italic= +# font-bold-italic= +# font-size-adjustment=0.5 +# line-height= +# letter-spacing=0 +# horizontal-letter-offset=0 +# vertical-letter-offset=0 +# underline-offset= +# underline-thickness= +# strikeout-thickness= +# box-drawings-uses-font-glyphs=no +# dpi-aware=no + +# initial-window-size-pixels=700x500 # Or, +# initial-window-size-chars= +# initial-window-mode=windowed +# pad=0x0 # optionally append 'center' +# resize-by-cells=yes +# resize-keep-grid=yes +# resize-delay-ms=100 + +# bold-text-in-bright=no +# word-delimiters=,│`|:"'()[]{}<> +# selection-target=primary +# workers= +# utmp-helper=/usr/lib/utempter/utempter # When utmp backend is ‘libutempter’ (Linux) +# utmp-helper=/usr/libexec/ulog-helper # When utmp backend is ‘ulog’ (FreeBSD) + +[environment] +# name=value + +[security] +# osc52=enabled # disabled|copy-enabled|paste-enabled|enabled + +[bell] +# urgent=no +# notify=no +# visual=no +# command= +# command-focused=no + +[desktop-notifications] +# command=notify-send --wait --app-name ${app-id} --icon ${app-id} --category ${category} --urgency ${urgency} --expire-time ${expire-time} --hint STRING:image-path:${icon} --hint BOOLEAN:suppress-sound:${muted} --hint STRING:sound-name:${sound-name} --replace-id ${replace-id} ${action-argument} --print-id -- ${title} ${body} +# command-action-argument=--action ${action-name}=${action-label} +# close="" +# inhibit-when-focused=yes + + +[scrollback] +# lines=1000 +# multiplier=3.0 +# indicator-position=relative +# indicator-format="" + +[url] +# launch=xdg-open ${url} +# label-letters=sadfjklewcmpgh +# osc8-underline=url-mode +# protocols=http, https, ftp, ftps, file, gemini, gopher +# uri-characters=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[] + +[cursor] +# style=block +# color= +blink=yes +blink-rate=500 +# beam-thickness=1.5 +# underline-thickness= + +[mouse] +# hide-when-typing=no +# alternate-scroll-mode=yes + +[touch] +# long-press-delay=400 + +[colors] +# alpha=1.0 +background=000000 +foreground=ebdbb2 +regular0=282828 +regular1=cc241d +regular2=98971a +regular3=d79921 +regular4=458588 +regular5=b16286 +regular6=689d6a +regular7=a89984 +bright0=928374 +bright1=fb4934 +bright2=b8bb26 +bright3=fabd2f +bright4=83a598 +bright5=d3869b +bright6=8ec07c +bright7=ebdbb2 +# flash=7f7f00 +# flash-alpha=0.5 + +## dimmed colors (see foot.ini(5) man page) +# dim0= +# ... +# dim7= + +## The remaining 256-color palette +# 16 = <256-color palette #16> +# ... +# 255 = <256-color palette #255> + +## Sixel colors +# sixel0 = 000000 +# sixel1 = 3333cc +# sixel2 = cc2121 +# sixel3 = 33cc33 +# sixel4 = cc33cc +# sixel5 = 33cccc +# sixel6 = cccc33 +# sixel7 = 878787 +# sixel8 = 424242 +# sixel9 = 545499 +# sixel10 = 994242 +# sixel11 = 549954 +# sixel12 = 995499 +# sixel13 = 549999 +# sixel14 = 999954 +# sixel15 = cccccc + +## Misc colors +# selection-foreground= +# selection-background= +# jump-labels= # black-on-yellow +# scrollback-indicator= # black-on-bright-blue +# search-box-no-match= # black-on-red +# search-box-match= # black-on-yellow +# urls= + +[csd] +# preferred=server +# size=26 +# font= +# color= +# hide-when-maximized=no +# double-click-to-maximize=yes +# border-width=0 +# border-color= +# button-width=26 +# button-color= +# button-minimize-color= +# button-maximize-color= +# button-close-color= + +[key-bindings] +# scrollback-up-page=Shift+Page_Up +# scrollback-up-half-page=none +# scrollback-up-line=none +# scrollback-down-page=Shift+Page_Down +# scrollback-down-half-page=none +# scrollback-down-line=none +# scrollback-home=none +# scrollback-end=none +# clipboard-copy=Control+Shift+c XF86Copy +# clipboard-paste=Control+Shift+v XF86Paste +# primary-paste=Shift+Insert +# search-start=Control+Shift+r +# font-increase=Control+plus Control+equal Control+KP_Add +# font-decrease=Control+minus Control+KP_Subtract +# font-reset=Control+0 Control+KP_0 +# spawn-terminal=Control+Shift+n +# minimize=none +# maximize=none +# fullscreen=none +# pipe-visible=[sh -c "xurls | fuzzel | xargs -r firefox"] none +# pipe-scrollback=[sh -c "xurls | fuzzel | xargs -r firefox"] none +# pipe-selected=[xargs -r firefox] none +# pipe-command-output=[wl-copy] none # Copy last command's output to the clipboard +# show-urls-launch=Control+Shift+o +# show-urls-copy=none +# show-urls-persistent=none +# prompt-prev=Control+Shift+z +# prompt-next=Control+Shift+x +# unicode-input=Control+Shift+u +# noop=none +# quit=none + +[search-bindings] +# cancel=Control+g Control+c Escape +# commit=Return +# find-prev=Control+r +# find-next=Control+s +# cursor-left=Left Control+b +# cursor-left-word=Control+Left Mod1+b +# cursor-right=Right Control+f +# cursor-right-word=Control+Right Mod1+f +# cursor-home=Home Control+a +# cursor-end=End Control+e +# delete-prev=BackSpace +# delete-prev-word=Mod1+BackSpace Control+BackSpace +# delete-next=Delete +# delete-next-word=Mod1+d Control+Delete +# extend-char=Shift+Right +# extend-to-word-boundary=Control+w Control+Shift+Right +# extend-to-next-whitespace=Control+Shift+w +# extend-line-down=Shift+Down +# extend-backward-char=Shift+Left +# extend-backward-to-word-boundary=Control+Shift+Left +# extend-backward-to-next-whitespace=none +# extend-line-up=Shift+Up +# clipboard-paste=Control+v Control+Shift+v Control+y XF86Paste +# primary-paste=Shift+Insert +# unicode-input=none +# scrollback-up-page=Shift+Page_Up +# scrollback-up-half-page=none +# scrollback-up-line=none +# scrollback-down-page=Shift+Page_Down +# scrollback-down-half-page=none +# scrollback-down-line=none +# scrollback-home=none +# scrollback-end=none + +[url-bindings] +# cancel=Control+g Control+c Control+d Escape +# toggle-url-visible=t + +[text-bindings] +# \x03=Mod4+c # Map Super+c -> Ctrl+c + +[mouse-bindings] +# scrollback-up-mouse=BTN_WHEEL_BACK +# scrollback-down-mouse=BTN_WHEEL_FORWARD +# font-increase=Control+BTN_WHEEL_BACK +# font-decrease=Control+BTN_WHEEL_FORWARD +# selection-override-modifiers=Shift +# primary-paste=BTN_MIDDLE +# select-begin=BTN_LEFT +# select-begin-block=Control+BTN_LEFT +# select-extend=BTN_RIGHT +# select-extend-character-wise=Control+BTN_RIGHT +# select-word=BTN_LEFT-2 +# select-word-whitespace=Control+BTN_LEFT-2 +# select-quote = BTN_LEFT-3 +# select-row=BTN_LEFT-4 + +# vim: ft=dosini diff --git a/dotfiles/sway-config b/dotfiles/sway-config new file mode 100644 index 0000000..a45155e --- /dev/null +++ b/dotfiles/sway-config @@ -0,0 +1,220 @@ +### Variables +# Logo key. Use Mod1 for Alt. +set $mod Mod4 +# Home row direction keys, like vim +set $left h +set $down j +set $up k +set $right l +# Your preferred terminal emulator +set $term foot +# Your preferred application launcher +for_window [app_id="^launcher$"] floating enable, sticky enable, resize set 30 ppt 60 ppt, border pixel 10 +set $menu exec $term -a launcher -e sway-launcher-desktop + +### Output configuration +# Default wallpaper (more resolutions are available in /usr/share/backgrounds/sway/) +output * bg /home/tasia/Pictures/4_57775b1b34db3099.jpg fill +# output * bg #000000 solid_color +# +# Example configuration: +# +# output HDMI-A-1 resolution 1920x1080 position 1920,0 +# +# You can get the names of your outputs by running: swaymsg -t get_outputs + +### Idle configuration +# This will lock your screen after 300 seconds of inactivity, then turn off +# your displays after another 60 seconds, and turn your screens back on when +# resumed. It will also lock your screen before your computer goes to sleep. + +exec swayidle -w \ + timeout 300 'swaylock' \ + timeout 360 'swaymsg "output * power off"' resume 'swaymsg "output * power on"' \ + before-sleep 'swaylock' + +bindsym $mod+l exec swaylock + +### Input configuration +# You can get the names of your inputs by running: swaymsg -t get_inputs +# Read `man 5 sway-input` for more information about this section. + +input "2:10:TPPS/2_Elan_TrackPoint" { + pointer_accel 0.1 + accel_profile "flat" +} + +input "1:1:AT_Translated_Set_2_keyboard" xkb_layout "fr" + +### Key bindings +# Basics: +# + # Start a terminal + bindsym $mod+Return exec $term + + # Kill focused window + bindsym $mod+Shift+q kill + + # Start your launcher + bindsym $mod+d exec $menu + + # Drag floating windows by holding down $mod and left mouse button. + # Resize them with right mouse button + $mod. + # Despite the name, also works for non-floating windows. + # Change normal to inverse to use left mouse button for resizing and right + # mouse button for dragging. + floating_modifier $mod normal + + # Reload the configuration file + bindsym $mod+Shift+c reload + + # Exit sway (logs you out of your Wayland session) + bindsym $mod+Shift+e exec swaynag -t warning -m 'Log out?' -B 'Yes' 'swaymsg exit' + +# +# Moving around: +# + # Move your focus around +# bindsym $mod+$left focus left +# bindsym $mod+$down focus down +# bindsym $mod+$up focus up +# bindsym $mod+$right focus right + # Or use $mod+[up|down|left|right] + bindsym $mod+Left focus left + bindsym $mod+Down focus down + bindsym $mod+Up focus up + bindsym $mod+Right focus right + + # Move the focused window with the same, but add Shift +# bindsym $mod+Shift+$left move left +# bindsym $mod+Shift+$down move down +# bindsym $mod+Shift+$up move up +# bindsym $mod+Shift+$right move right + # Ditto, with arrow keys + bindsym $mod+Shift+Left move left + bindsym $mod+Shift+Down move down + bindsym $mod+Shift+Up move up + bindsym $mod+Shift+Right move right +# +# Workspaces: +# + # Switch to workspace + bindsym $mod+1 workspace number 1 + bindsym $mod+2 workspace number 2 + bindsym $mod+3 workspace number 3 + bindsym $mod+4 workspace number 4 + bindsym $mod+5 workspace number 5 + bindsym $mod+6 workspace number 6 + bindsym $mod+7 workspace number 7 + bindsym $mod+8 workspace number 8 + bindsym $mod+9 workspace number 9 + bindsym $mod+0 workspace number 10 + # Move focused container to workspace + bindsym $mod+Shift+1 move container to workspace number 1 + bindsym $mod+Shift+2 move container to workspace number 2 + bindsym $mod+Shift+3 move container to workspace number 3 + bindsym $mod+Shift+4 move container to workspace number 4 + bindsym $mod+Shift+5 move container to workspace number 5 + bindsym $mod+Shift+6 move container to workspace number 6 + bindsym $mod+Shift+7 move container to workspace number 7 + bindsym $mod+Shift+8 move container to workspace number 8 + bindsym $mod+Shift+9 move container to workspace number 9 + bindsym $mod+Shift+0 move container to workspace number 10 + # Note: workspaces can have any name you want, not just numbers. + # We just use 1-10 as the default. + +# +# Layout stuff: +# + # You can "split" the current object of your focus with + # $mod+b or $mod+v, for horizontal and vertical splits + # respectively. + bindsym $mod+b splith + bindsym $mod+v splitv + + # Switch the current container between different layout styles + bindsym $mod+s layout stacking + bindsym $mod+w layout tabbed + bindsym $mod+e layout toggle split + + # Make the current focus fullscreen + bindsym $mod+f fullscreen + + # Toggle the current focus between tiling and floating mode + bindsym $mod+Shift+space floating toggle + + # Swap focus between the tiling area and the floating area + bindsym $mod+space focus mode_toggle + + # Move focus to the parent container + bindsym $mod+a focus parent +# +# Scratchpad: +# + # Sway has a "scratchpad", which is a bag of holding for windows. + # You can send windows there and get them back later. + + # Move the currently focused window to the scratchpad + bindsym $mod+Shift+minus move scratchpad + + # Show the next scratchpad window or hide the focused scratchpad window. + # If there are multiple scratchpad windows, this command cycles through them. + bindsym $mod+minus scratchpad show +# +# Resizing containers: +# +mode "resize" { + # left will shrink the containers width + # right will grow the containers width + # up will shrink the containers height + # down will grow the containers height +# bindsym $left resize shrink width 10px +# bindsym $down resize grow height 10px +# bindsym $up resize shrink height 10px +# bindsym $right resize grow width 10px + + # Ditto, with arrow keys + bindsym Left resize shrink width 10px + bindsym Down resize grow height 10px + bindsym Up resize shrink height 10px + bindsym Right resize grow width 10px + + # Return to default mode + bindsym Return mode "default" + bindsym Escape mode "default" +} +bindsym $mod+r mode "resize" +# +# Utilities: +# + # Special keys to adjust volume via PulseAudio + bindsym --locked XF86AudioMute exec pactl set-sink-mute \@DEFAULT_SINK@ toggle + bindsym --locked XF86AudioLowerVolume exec pactl set-sink-volume \@DEFAULT_SINK@ -5% + bindsym --locked XF86AudioRaiseVolume exec pactl set-sink-volume \@DEFAULT_SINK@ +5% + bindsym --locked XF86AudioMicMute exec pactl set-source-mute \@DEFAULT_SOURCE@ toggle + # Special keys to adjust brightness via brightnessctl + bindsym --locked XF86MonBrightnessDown exec brightnessctl set 5%- + bindsym --locked XF86MonBrightnessUp exec brightnessctl set 5%+ + # Special key to take a screenshot with grim + bindsym Print exec grim + +# status bar +bar swaybar_command waybar + +#default_border pixel 4 +gaps inner 6 +gaps outer 6 + +set $border_focused #8c583f +set $border_unfocused #222222 +set $focused_background #111111 +set $unfocused_background #000000 +set $font_color #f29c71 + +client.focused $border_focused $focused_background $font_color +client.unfocused $border_unfocused $unfocused_background $font_color +client.focused_inactive $border_unfocused $unfocused_background $font_color + +font "JetBrainsMono Nerd Font" 10 + +include /etc/sway/config.d/* diff --git a/dotfiles/swaylock-config b/dotfiles/swaylock-config new file mode 100644 index 0000000..7d403bf --- /dev/null +++ b/dotfiles/swaylock-config @@ -0,0 +1,2 @@ +color=000000 +show-failed-attempts diff --git a/dotfiles/waybar-config.jsonc b/dotfiles/waybar-config.jsonc new file mode 100644 index 0000000..888c0fa --- /dev/null +++ b/dotfiles/waybar-config.jsonc @@ -0,0 +1,107 @@ +// -*- mode: json -*- + +{ + "layer": "top", + "position": "top", + + "modules-left": [ + "idle_inhibitor", + "clock", + "sway/workspaces", + "sway/mode" + ], + // "modules-center": [ + // ], + "modules-right": [ + "pulseaudio", + "cpu", + "memory", + "battery", + "disk", + "network", + "tray" + ], + + "sway/workspaces": { + "disable-scroll": true, + "format": "{name}" + }, + + "clock": { + // "format": "{:%F %R (%a)}", + "format": "{:%F %R}", + // TODO + "tooltip": false + }, + + "pulseaudio": { + "format": "{icon} {volume:2}%", + "format-bluetooth": "{icon} {volume}%", + "format-muted": "mute", + "format-icons": { + "headphones": "", + "default": [ + "", + "" + ] + }, + "scroll-step": 5, + "on-click": "pamixer -t", + "on-click-right": "pavucontrol" + }, + "memory": { + "interval": 5, + // "format": "phys {percentage}% swap {swapPercentage}%" + "format": "ram {percentage}%" + }, + "cpu": { + "interval": 5, + "format": "cpu {usage:2}%" + }, + "battery": { + "states": { + "good": 95, + "warning": 30, + "critical": 15 + }, + "format": "{icon} {capacity}%", + "format-icons": [ + "", + "", + "", + "", + "" + ] + }, + "disk": { + "interval": 5, + "format": "hdd {percentage_used:2}%", + "path": "/" + }, + "tray": { + "icon-size": 20 + }, + + "network": { + // "format": "{signalStrength} {essid} up {bandwidthUpBytes} down {bandwidthDownBytes}", + // "interface": "wlp3s0", + "format": "{ifname}", + "format-wifi": "wifi ↑ {bandwidthUpBytes} ↓ {bandwidthDownBytes}", + "format-ethernet": "{ipaddr}/{cidr} 󰊗 ↑ {bandwidthUpBytes} ↓ {bandwidthDownBytes}", + "format-disconnected": "net down", //An empty format will hide the module. + "tooltip-format": "{ifname} via {gwaddr} 󰊗", + "tooltip-format-wifi": "{essid} ({signalStrength}%) ", + "tooltip-format-ethernet": "{ifname} ", + "tooltip-format-disconnected": "Disconnected", + // "max-length": 50 + }, + + "idle_inhibitor": { + "format": "{icon}", + "format-icons": { + "activated": "", + "deactivated": "" + } + } +} + diff --git a/dotfiles/waybar-style.css b/dotfiles/waybar-style.css new file mode 100644 index 0000000..2651de0 --- /dev/null +++ b/dotfiles/waybar-style.css @@ -0,0 +1,59 @@ +* { + font-size: 14px; + font-family: "JetBrainsMono Nerd Font"; +} + +window#waybar { + background: #000000; + color: #f29c71; +} + +#workspaces, +#clock, +#pulseaudio, +#memory, +#cpu, +#battery, +#disk, +#tray, +#network, +#idle_inhibitor { + background: #1a1a1a; + padding: 0 4px; + margin: 0 4px; +} + +#workspaces button { + padding: 0 2px; + color: #333333; +} +#workspaces button.focused { + color: #f29c71; +} +#workspaces button:hover { + box-shadow: inherit; + text-shadow: inherit; +} +#workspaces button:hover { + background: #1a1a1a; + border: #1a1a1a; + padding: 0 3px; +} + +/* +#pulseaudio { + color: #268bd2; +} +#memory { + color: #2aa198; +} +#cpu { + color: #6c71c4; +} +#battery { + color: #859900; +} +#disk { + color: #b58900; +} +*/ diff --git a/flake.lock b/flake.lock index 06cadbd..dcee376 100644 --- a/flake.lock +++ b/flake.lock @@ -23,6 +23,21 @@ "type": "github" } }, + "crane": { + "locked": { + "lastModified": 1731098351, + "narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=", + "owner": "ipetkov", + "repo": "crane", + "rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "darwin": { "inputs": { "nixpkgs": [ @@ -45,6 +60,43 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems_2" @@ -135,6 +187,28 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -199,6 +273,32 @@ "type": "github" } }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "nixpkgs": [ + "stable" + ], + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1737639419, + "narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "a65905a09e2c43ff63be8c0e86a93712361f871e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "v0.4.2", + "repo": "lanzaboote", + "type": "github" + } + }, "libcamera-src": { "flake": false, "locked": { @@ -309,11 +409,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737569578, - "narHash": "sha256-6qY0pk2QmUtBT9Mywdvif0i/CLVgpCjMUn6g9vB+f3M=", + "lastModified": 1737885640, + "narHash": "sha256-GFzPxJzTd1rPIVD4IW+GwJlyGwBDV1Tj5FLYwDQQ9sM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "47addd76727f42d351590c905d9d1905ca895b82", + "rev": "4e96537f163fad24ed9eb317798a79afc85b51b7", "type": "github" }, "original": { @@ -323,6 +423,22 @@ "type": "github" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1736061677, @@ -399,6 +515,33 @@ "type": "github" } }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1731363552, + "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "raspberry-pi-nix": { "inputs": { "libcamera-src": "libcamera-src", @@ -431,6 +574,7 @@ "inputs": { "agenix": "agenix", "home-manager": "home-manager_2", + "lanzaboote": "lanzaboote", "nixpkgs": "nixpkgs", "stable": "stable", "tasiaiso-vulpecula-zone": "tasiaiso-vulpecula-zone", @@ -559,13 +703,34 @@ "type": "github" } }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731897198, + "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "stable": { "locked": { - "lastModified": 1737569578, - "narHash": "sha256-6qY0pk2QmUtBT9Mywdvif0i/CLVgpCjMUn6g9vB+f3M=", + "lastModified": 1737885640, + "narHash": "sha256-GFzPxJzTd1rPIVD4IW+GwJlyGwBDV1Tj5FLYwDQQ9sM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "47addd76727f42d351590c905d9d1905ca895b82", + "rev": "4e96537f163fad24ed9eb317798a79afc85b51b7", "type": "github" }, "original": { @@ -714,11 +879,11 @@ "raspberry-pi-nix": "raspberry-pi-nix" }, "locked": { - "lastModified": 1737689749, - "narHash": "sha256-jOeHjBWn7WQhsoHLVIfD/DtZs/xwWxCjf2O1CQcxcz0=", + "lastModified": 1738015161, + "narHash": "sha256-DKgQIKGvkPiOFiM62RXi8ruDZFQUnlfgoUfprNnEdzM=", "owner": "Thymis-io", "repo": "thymis", - "rev": "1255a03bea92cb21579db8195cddec9413c82222", + "rev": "0b134af9dcdab8e75e5406e2bd34c407449efc60", "type": "github" }, "original": { @@ -733,11 +898,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1737591590, - "narHash": "sha256-XYzWcRfinpItE8Qjb5pPFuKyUYKGku0CYyTB7h0G/Rg=", + "lastModified": 1738029735, + "narHash": "sha256-SUNk/kSIgxo299X+OqnkNbk1e540IvnDYwALHN4BPao=", "ref": "main", - "rev": "c728e05032852704c09cb18ed35d47c3135a6367", - "revCount": 2259, + "rev": "18bab849f770cf254b2f284922c9c2eb8eb5fbe3", + "revCount": 2274, "type": "git", "url": "https://dev.tildefriends.net/cory/tildefriends" }, diff --git a/flake.nix b/flake.nix index d60a701..0884865 100644 --- a/flake.nix +++ b/flake.nix @@ -44,6 +44,10 @@ url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "stable"; }; + lanzaboote = { + url = "github:nix-community/lanzaboote/v0.4.2"; + inputs.nixpkgs.follows = "stable"; + }; }; outputs = { @@ -59,6 +63,7 @@ agenix, tasiaiso-vulpecula-zone, vulpecula-zone, + lanzaboote, ... } @ inputs: let inherit (self) outputs; diff --git a/home/tasia/home.nix b/home/tasia/home.nix index e943510..ce180be 100644 --- a/home/tasia/home.nix +++ b/home/tasia/home.nix @@ -33,6 +33,15 @@ # ".gitconfig".source = ../../dotfiles/.gitconfig; ".librewolf/librewolf.overrides.cfg".source = ../../dotfiles/librewolf.overrides.cfg; + + ".config/fontconfig/conf.d/01-font.conf".source = ../../dotfiles/fontconfig; + ".config/foot/foot.ini".source = ../../dotfiles/foot-config.ini; + + ".config/sway/config".source = ../../dotfiles/sway-config; + ".config/swaylock/config".source = ../../dotfiles/swaylock-config; + + ".config/waybar/config.jsonc".source = ../../dotfiles/waybar-config.jsonc; + ".config/waybar/style.css".source = ../../dotfiles/waybar-style.css; }; shellAliases = { diff --git a/hosts/cave/configuration.nix b/hosts/cave/configuration.nix index 7a2792e..f9738f6 100644 --- a/hosts/cave/configuration.nix +++ b/hosts/cave/configuration.nix @@ -53,21 +53,10 @@ in { # Personal modules # ../../modules/nixos/tildefriends.nix ./yubikey.nix + + inputs.lanzaboote.nixosModules.lanzaboote ]; - # RGB Keyboard backight - #boot.extraModulePackages = with config.boot.kernelPackages; [hid-ite8291r3]; - - #services.udev.extraRules = '' - # ACTION=="add", SUBSYSTEM=="leds", DEVPATH=="*:kbd_backlight", TEST=="color", ATTR{color}="fc4f05" - #''; - - # Nvidia GPU - #hardware.nvidia.prime = { - # intelBusId = "PCI:1:0:0"; - # nvidiaBusId = "PCI:0:2:0"; - #}; - networking = { hostName = "cave"; @@ -139,8 +128,36 @@ in { slurp # screenshot functionality wl-clipboard # wl-copy and wl-paste for copy/paste from stdin / stdout mako # notification system developed by swaywm maintainer + + sbctl + + sway-launcher-desktop + foot + waybar + wayshot ]; + # Lanzaboote currently replaces the systemd-boot module. + # This setting is usually set to true in configuration.nix + # generated at installation time. So we force it to false + # for now. + boot.loader.systemd-boot.enable = lib.mkForce false; + + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + + services.greetd = { + enable = true; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd sway -r"; + user = "greeter"; + }; + }; + }; + # Enable the gnome-keyring secrets vault. # Will be exposed through DBus to programs willing to store secrets. services.gnome.gnome-keyring.enable = true; @@ -159,7 +176,7 @@ in { services.udev.packages = [pkgs.rtl-sdr]; fonts.packages = with pkgs; [ - (nerdfonts.override {fonts = ["CascadiaCode"];}) + (nerdfonts.override {fonts = ["CascadiaCode" "JetBrainsMono"];}) ]; # programs.adb.enable = true;