n8r/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to 25.11, various fixes, converted to using gnome keyring

Browse Source
This commit is contained in:
Nate Anderson 2025-12-05 16:57:40 -07:00
parent 6dfc1553f6
commit 429b8ee99c
5 changed files with 90 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
flake.lock generated
View File

@ -1,25 +1,5 @@
{ {
"nodes": { "nodes": {
"auto-cpufreq": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1752998173,
"narHash": "sha256-ZlYpBp2WOe03UrpjJGz5KTOL/pp7A452hJO/Vc8C4/0=",
"owner": "AdnanHodzic",
"repo": "auto-cpufreq",
"rev": "562278377ffa96f3c1af49c7b499df028ce8d8bd",
"type": "github"
},
"original": {
"owner": "AdnanHodzic",
"repo": "auto-cpufreq",
"type": "github"
}
},
"catppuccin": { "catppuccin": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
@ -66,16 +46,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749154018, "lastModified": 1764866045,
"narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", "narHash": "sha256-0GsEtXV9OquDQ1VclQfP16cU5VZh7NEVIOjSH4UaJuM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", "rev": "f63d0fe9d81d36e5fc95497217a72e02b8b7bcab",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-25.05", "ref": "release-25.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@ -114,11 +94,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1763966396, "lastModified": 1764667669,
"narHash": "sha256-6eeL1YPcY1MV3DDStIDIdy/zZCDKgHdkCmsrLJFiZf0=", "narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5ae3b07d8d6527c42f17c876e404993199144b6a", "rev": "418468ac9527e799809c900eda37cbff999199b6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -130,16 +110,16 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1763948260, "lastModified": 1764831616,
"narHash": "sha256-dY9qLD0H0zOUgU3vWacPY6Qc421BeQAfm8kBuBtPVE0=", "narHash": "sha256-OtzF5wBvO0jgW1WW1rQU9cMGx7zuvkF7CAVJ1ypzkxA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1c8ba8d3f7634acac4a2094eef7c32ad9106532c", "rev": "c97c47f2bac4fa59e2cbdeba289686ae615f8ed4",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-25.05", "ref": "nixos-25.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -182,7 +162,6 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"auto-cpufreq": "auto-cpufreq",
"catppuccin": "catppuccin", "catppuccin": "catppuccin",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",

11
flake.nix
View File

@ -2,23 +2,19 @@
description = "NixOS system flake."; description = "NixOS system flake.";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# bonus inputs # bonus inputs
catppuccin.url = "github:catppuccin/nix"; catppuccin.url = "github:catppuccin/nix";
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
auto-cpufreq = {
url = "github:AdnanHodzic/auto-cpufreq";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, catppuccin, nur, home-manager, auto-cpufreq, nixos-hardware, ... } @ inputs: outputs = { self, nixpkgs, nixpkgs-unstable, catppuccin, nur, home-manager, nixos-hardware, ... } @ inputs:
let let
inherit (self) outputs; inherit (self) outputs;
system = "x86_64-linux"; system = "x86_64-linux";
@ -72,7 +68,6 @@
}; };
modules = [ modules = [
catppuccin.nixosModules.catppuccin catppuccin.nixosModules.catppuccin
auto-cpufreq.nixosModules.default
# Setup home manager # Setup home manager
inputs.home-manager.nixosModules.home-manager { inputs.home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;

60
nate-work/modules/home-manager/home.nix
View File

@ -44,7 +44,6 @@
hyprhome = { hyprhome = {
enable = true; enable = true;
homePackages = with pkgs; [ homePackages = with pkgs; [
chromium
# #
# Dev Tools # Dev Tools
# #
@ -56,19 +55,19 @@
jq jq
gnumake gnumake
mariadb mariadb
lsp-ai
python3
nodejs_24
cmake cmake
## nodejs frontend
nodejs_24
husky
pnpm
yarn
## dev services cli
gh gh
awscli2 awscli2
# AI ## AI
unstable.claude-code unstable.claude-code
unstable.opencode unstable.opencode
# proto ## Go stuff
protobuf
protoc-gen-dart
# Go stuff
go go
unstable.delve unstable.delve
gotools gotools
@ -78,14 +77,6 @@
go-swag go-swag
trivy trivy
# clojure
jre17_minimal
clojure
clojure-lsp
cljfmt
leiningen
emacs
### LSP's ### LSP's
gopls gopls
nil nil
@ -93,26 +84,19 @@
nodePackages_latest.bash-language-server nodePackages_latest.bash-language-server
openscad-lsp openscad-lsp
vscode-langservers-extracted # provides eslint, markdown, json, css, and html lsp vscode-langservers-extracted # provides eslint, markdown, json, css, and html lsp
python311Packages.python-lsp-server
yaml-language-server yaml-language-server
elixir-ls
ltex-ls ltex-ls
### Misc ### Misc
usbutils usbutils
openscad
libxml2
nfs-utils nfs-utils
# For AnyConnect VPN
openconnect
networkmanager-openconnect
# #
# Better Unix # Better Unix
# #
bat bat
duf duf
du-dust dust
fd fd
fzf fzf
lsd lsd
@ -146,14 +130,12 @@
# #
# Other # Other
# #
chromium
keepassxc keepassxc
obs-studio obs-studio
prusa-slicer
gnome-disk-utility gnome-disk-utility
kdePackages.filelight
hugo hugo
unstable.llama-cpp # unstable.davinci-resolve-studio
unstable.davinci-resolve-studio
# #
# Style # Style
@ -190,10 +172,9 @@
# Git setup # Git setup
programs.git = { programs.git = {
enable = true; enable = true;
userEmail = email; settings = {
userName = fullName; user.name = fullName;
extraConfig = { user.email = email;
include = { path = "${config.xdg.configHome}/macchiato.gitconfig"; };
init = { defaultBranch = "main"; }; init = { defaultBranch = "main"; };
merge = { conflictStyle="zdiff3"; }; merge = { conflictStyle="zdiff3"; };
pull = { ff = "only"; }; pull = { ff = "only"; };
@ -205,16 +186,18 @@
}; };
}; };
}; };
delta = {
};
# Better git diffs with delta
programs.delta = {
enable = true; enable = true;
enableGitIntegration = true;
options = { options = {
side-by-side = true; side-by-side = true;
hyperlinks = true; hyperlinks = true;
}; };
}; };
# direnv for auto nix flake shells
};
programs = { programs = {
direnv = { direnv = {
enable = true; enable = true;
@ -234,6 +217,9 @@
theme = "half-life"; theme = "half-life";
}; };
initContent = '' initContent = ''
# integrate ssh-agent from gnome keyring
export SSH_AUTH_SOCK=/run/user/$UID/gcr/ssh
# direnv setup # direnv setup
eval "$(direnv hook zsh)" eval "$(direnv hook zsh)"

6
nate-work/modules/hypr/hyprland.nix
View File

@ -92,8 +92,6 @@ in
enable = true; enable = true;
qemu = { qemu = {
swtpm.enable = true; swtpm.enable = true;
ovmf.enable = true;
ovmf.packages = [ pkgs.OVMFFull.fd ];
}; };
}; };
spiceUSBRedirection.enable = true; spiceUSBRedirection.enable = true;
@ -127,7 +125,7 @@ in
programs.xfconf.enable = true; programs.xfconf.enable = true;
programs.regreet.enable = true; programs.regreet.enable = true;
programs.zsh.enable = true; programs.zsh.enable = true;
programs.ssh.startAgent = true; programs.ssh.startAgent = false; # Using GNOME Keyring's gcr-ssh-agent instead
programs.steam.enable = true; programs.steam.enable = true;
programs.wshowkeys.enable = true; programs.wshowkeys.enable = true;
services.printing = { services.printing = {
@ -154,7 +152,7 @@ in
}; };
}; };
# disable lid switch sleep when plugged into power, laptop docked # disable lid switch sleep when plugged into power, laptop docked
services.logind.lidSwitchExternalPower = "ignore"; services.logind.settings.Login.HandleLidSwitchExternalPower = "ignore";
# For yubioath desktop # For yubioath desktop
services.pcscd.enable = true; services.pcscd.enable = true;
security.polkit.enable = true; security.polkit.enable = true;

47
nate-work/modules/vpn-proxy/vpn-proxy.nix
View File

@ -163,19 +163,7 @@
} }
stop_proxy() { stop_proxy() {
if [ ! -f "$PID_FILE" ]; then if [ -f "$PID_FILE" ]; then
echo "Proxy not running (no PID file)"
# Still try to clean up any orphaned processes
if pgrep -f "ssh -D $SOCKS_PORT" > /dev/null 2>&1; then
echo "Found orphaned SSH process, cleaning up..."
pkill -f "ssh -D $SOCKS_PORT"
fi
# Disable system proxy anyway
gsettings set org.gnome.system.proxy mode 'none'
return 1
fi
local pid local pid
pid=$(cat "$PID_FILE" 2>/dev/null) pid=$(cat "$PID_FILE" 2>/dev/null)
@ -197,18 +185,39 @@
kill -9 "$pid" 2>/dev/null kill -9 "$pid" 2>/dev/null
fi fi
else else
echo "PID $pid not found, cleaning up..." echo "PID $pid not found in process list"
fi fi
# Also kill by pattern as backup
pkill -f "ssh -D $SOCKS_PORT.*$VM_USER@$VM_IP" 2>/dev/null
rm -f "$PID_FILE" rm -f "$PID_FILE"
else
echo "Proxy not running (no PID file found)"
fi
# Disable system proxy # Always clean up orphaned SSH processes
if pgrep -f "ssh -D $SOCKS_PORT" > /dev/null 2>&1; then
echo "Cleaning up orphaned SSH processes..."
pkill -f "ssh -D $SOCKS_PORT"
fi
# Always disable system proxy and clear SOCKS settings
echo "Clearing proxy settings..."
gsettings set org.gnome.system.proxy mode 'none' gsettings set org.gnome.system.proxy mode 'none'
gsettings set org.gnome.system.proxy.socks host ""
gsettings set org.gnome.system.proxy.socks port 0
echo " VPN proxy stopped" # Verify settings are cleared
local proxy_mode
proxy_mode=$(gsettings get org.gnome.system.proxy mode 2>/dev/null)
if [ "$proxy_mode" = "'none'" ]; then
echo " System proxy disabled"
else
echo " Warning: Could not verify proxy was disabled (current mode: $proxy_mode)"
fi
echo " VPN proxy stopped and proxy settings cleared"
# Return success even if there was no PID file
return 0
} }
status_proxy() { status_proxy() {