n8r/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to 25.11, various fixes, converted to using gnome keyring

Browse Source
This commit is contained in:
Nate Anderson 2025-12-05 16:57:40 -07:00
parent 6dfc1553f6
commit 429b8ee99c
5 changed files with 90 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
flake.lock generated
View File

@ -1,25 +1,5 @@
{ {
"nodes": { "nodes": {
"auto-cpufreq": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1752998173,
"narHash": "sha256-ZlYpBp2WOe03UrpjJGz5KTOL/pp7A452hJO/Vc8C4/0=",
"owner": "AdnanHodzic",
"repo": "auto-cpufreq",
"rev": "562278377ffa96f3c1af49c7b499df028ce8d8bd",
"type": "github"
},
"original": {
"owner": "AdnanHodzic",
"repo": "auto-cpufreq",
"type": "github"
}
},
"catppuccin": { "catppuccin": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
@ -66,16 +46,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749154018, "lastModified": 1764866045,
"narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", "narHash": "sha256-0GsEtXV9OquDQ1VclQfP16cU5VZh7NEVIOjSH4UaJuM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", "rev": "f63d0fe9d81d36e5fc95497217a72e02b8b7bcab",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-25.05", "ref": "release-25.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@ -114,11 +94,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1763966396, "lastModified": 1764667669,
"narHash": "sha256-6eeL1YPcY1MV3DDStIDIdy/zZCDKgHdkCmsrLJFiZf0=", "narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5ae3b07d8d6527c42f17c876e404993199144b6a", "rev": "418468ac9527e799809c900eda37cbff999199b6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -130,16 +110,16 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1763948260, "lastModified": 1764831616,
"narHash": "sha256-dY9qLD0H0zOUgU3vWacPY6Qc421BeQAfm8kBuBtPVE0=", "narHash": "sha256-OtzF5wBvO0jgW1WW1rQU9cMGx7zuvkF7CAVJ1ypzkxA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1c8ba8d3f7634acac4a2094eef7c32ad9106532c", "rev": "c97c47f2bac4fa59e2cbdeba289686ae615f8ed4",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-25.05", "ref": "nixos-25.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -182,7 +162,6 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"auto-cpufreq": "auto-cpufreq",
"catppuccin": "catppuccin", "catppuccin": "catppuccin",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",

11
flake.nix
View File

@ -2,23 +2,19 @@
description = "NixOS system flake."; description = "NixOS system flake.";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# bonus inputs # bonus inputs
catppuccin.url = "github:catppuccin/nix"; catppuccin.url = "github:catppuccin/nix";
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
auto-cpufreq = {
url = "github:AdnanHodzic/auto-cpufreq";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, catppuccin, nur, home-manager, auto-cpufreq, nixos-hardware, ... } @ inputs: outputs = { self, nixpkgs, nixpkgs-unstable, catppuccin, nur, home-manager, nixos-hardware, ... } @ inputs:
let let
inherit (self) outputs; inherit (self) outputs;
system = "x86_64-linux"; system = "x86_64-linux";
@ -72,7 +68,6 @@
}; };
modules = [ modules = [
catppuccin.nixosModules.catppuccin catppuccin.nixosModules.catppuccin
auto-cpufreq.nixosModules.default
# Setup home manager # Setup home manager
inputs.home-manager.nixosModules.home-manager { inputs.home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;

68
nate-work/modules/home-manager/home.nix
View File

@ -44,7 +44,6 @@
hyprhome = { hyprhome = {
enable = true; enable = true;
homePackages = with pkgs; [ homePackages = with pkgs; [
chromium
# #
# Dev Tools # Dev Tools
# #
@ -56,19 +55,19 @@
jq jq
gnumake gnumake
mariadb mariadb
lsp-ai
python3
nodejs_24
cmake cmake
## nodejs frontend
nodejs_24
husky
pnpm
yarn
## dev services cli
gh gh
awscli2 awscli2
# AI ## AI
unstable.claude-code unstable.claude-code
unstable.opencode unstable.opencode
# proto ## Go stuff
protobuf
protoc-gen-dart
# Go stuff
go go
unstable.delve unstable.delve
gotools gotools
@ -78,14 +77,6 @@
go-swag go-swag
trivy trivy
# clojure
jre17_minimal
clojure
clojure-lsp
cljfmt
leiningen
emacs
### LSP's ### LSP's
gopls gopls
nil nil
@ -93,26 +84,19 @@
nodePackages_latest.bash-language-server nodePackages_latest.bash-language-server
openscad-lsp openscad-lsp
vscode-langservers-extracted # provides eslint, markdown, json, css, and html lsp vscode-langservers-extracted # provides eslint, markdown, json, css, and html lsp
python311Packages.python-lsp-server
yaml-language-server yaml-language-server
elixir-ls
ltex-ls ltex-ls
### Misc ### Misc
usbutils usbutils
openscad
libxml2
nfs-utils nfs-utils
# For AnyConnect VPN
openconnect
networkmanager-openconnect
# #
# Better Unix # Better Unix
# #
bat bat
duf duf
du-dust dust
fd fd
fzf fzf
lsd lsd
@ -146,14 +130,12 @@
# #
# Other # Other
# #
chromium
keepassxc keepassxc
obs-studio obs-studio
prusa-slicer
gnome-disk-utility gnome-disk-utility
kdePackages.filelight
hugo hugo
unstable.llama-cpp # unstable.davinci-resolve-studio
unstable.davinci-resolve-studio
# #
# Style # Style
@ -190,10 +172,9 @@
# Git setup # Git setup
programs.git = { programs.git = {
enable = true; enable = true;
userEmail = email; settings = {
userName = fullName; user.name = fullName;
extraConfig = { user.email = email;
include = { path = "${config.xdg.configHome}/macchiato.gitconfig"; };
init = { defaultBranch = "main"; }; init = { defaultBranch = "main"; };
merge = { conflictStyle="zdiff3"; }; merge = { conflictStyle="zdiff3"; };
pull = { ff = "only"; }; pull = { ff = "only"; };
@ -205,16 +186,18 @@
}; };
}; };
}; };
delta = {
enable = true;
options = {
side-by-side = true;
hyperlinks = true;
};
};
}; };
# Better git diffs with delta
programs.delta = {
enable = true;
enableGitIntegration = true;
options = {
side-by-side = true;
hyperlinks = true;
};
};
# direnv for auto nix flake shells
programs = { programs = {
direnv = { direnv = {
enable = true; enable = true;
@ -234,6 +217,9 @@
theme = "half-life"; theme = "half-life";
}; };
initContent = '' initContent = ''
# integrate ssh-agent from gnome keyring
export SSH_AUTH_SOCK=/run/user/$UID/gcr/ssh
# direnv setup # direnv setup
eval "$(direnv hook zsh)" eval "$(direnv hook zsh)"

6
nate-work/modules/hypr/hyprland.nix
View File

@ -92,8 +92,6 @@ in
enable = true; enable = true;
qemu = { qemu = {
swtpm.enable = true; swtpm.enable = true;
ovmf.enable = true;
ovmf.packages = [ pkgs.OVMFFull.fd ];
}; };
}; };
spiceUSBRedirection.enable = true; spiceUSBRedirection.enable = true;
@ -127,7 +125,7 @@ in
programs.xfconf.enable = true; programs.xfconf.enable = true;
programs.regreet.enable = true; programs.regreet.enable = true;
programs.zsh.enable = true; programs.zsh.enable = true;
programs.ssh.startAgent = true; programs.ssh.startAgent = false; # Using GNOME Keyring's gcr-ssh-agent instead
programs.steam.enable = true; programs.steam.enable = true;
programs.wshowkeys.enable = true; programs.wshowkeys.enable = true;
services.printing = { services.printing = {
@ -154,7 +152,7 @@ in
}; };
}; };
# disable lid switch sleep when plugged into power, laptop docked # disable lid switch sleep when plugged into power, laptop docked
services.logind.lidSwitchExternalPower = "ignore"; services.logind.settings.Login.HandleLidSwitchExternalPower = "ignore";
# For yubioath desktop # For yubioath desktop
services.pcscd.enable = true; services.pcscd.enable = true;
security.polkit.enable = true; security.polkit.enable = true;

85
nate-work/modules/vpn-proxy/vpn-proxy.nix
View File

@ -163,52 +163,61 @@
} }
stop_proxy() { stop_proxy() {
if [ ! -f "$PID_FILE" ]; then if [ -f "$PID_FILE" ]; then
echo "Proxy not running (no PID file)" local pid
# Still try to clean up any orphaned processes pid=$(cat "$PID_FILE" 2>/dev/null)
if pgrep -f "ssh -D $SOCKS_PORT" > /dev/null 2>&1; then
echo "Found orphaned SSH process, cleaning up..." # Kill the specific SSH process
pkill -f "ssh -D $SOCKS_PORT" if [ -n "$pid" ] && ps -p "$pid" > /dev/null 2>&1; then
echo "Stopping VPN proxy (PID: $pid)..."
kill "$pid" 2>/dev/null
# Wait for process to die
local retry=0
while [ $retry -lt 5 ] && ps -p "$pid" > /dev/null 2>&1; do
sleep 1
retry=$((retry + 1))
done
# Force kill if still alive
if ps -p "$pid" > /dev/null 2>&1; then
echo "Process didn't stop gracefully, force killing..."
kill -9 "$pid" 2>/dev/null
fi
else
echo "PID $pid not found in process list"
fi fi
# Disable system proxy anyway rm -f "$PID_FILE"
gsettings set org.gnome.system.proxy mode 'none'
return 1
fi
local pid
pid=$(cat "$PID_FILE" 2>/dev/null)
# Kill the specific SSH process
if [ -n "$pid" ] && ps -p "$pid" > /dev/null 2>&1; then
echo "Stopping VPN proxy (PID: $pid)..."
kill "$pid" 2>/dev/null
# Wait for process to die
local retry=0
while [ $retry -lt 5 ] && ps -p "$pid" > /dev/null 2>&1; do
sleep 1
retry=$((retry + 1))
done
# Force kill if still alive
if ps -p "$pid" > /dev/null 2>&1; then
echo "Process didn't stop gracefully, force killing..."
kill -9 "$pid" 2>/dev/null
fi
else else
echo "PID $pid not found, cleaning up..." echo "Proxy not running (no PID file found)"
fi fi
# Also kill by pattern as backup # Always clean up orphaned SSH processes
pkill -f "ssh -D $SOCKS_PORT.*$VM_USER@$VM_IP" 2>/dev/null if pgrep -f "ssh -D $SOCKS_PORT" > /dev/null 2>&1; then
echo "Cleaning up orphaned SSH processes..."
pkill -f "ssh -D $SOCKS_PORT"
fi
rm -f "$PID_FILE" # Always disable system proxy and clear SOCKS settings
echo "Clearing proxy settings..."
# Disable system proxy
gsettings set org.gnome.system.proxy mode 'none' gsettings set org.gnome.system.proxy mode 'none'
gsettings set org.gnome.system.proxy.socks host ""
gsettings set org.gnome.system.proxy.socks port 0
echo " VPN proxy stopped" # Verify settings are cleared
local proxy_mode
proxy_mode=$(gsettings get org.gnome.system.proxy mode 2>/dev/null)
if [ "$proxy_mode" = "'none'" ]; then
echo " System proxy disabled"
else
echo " Warning: Could not verify proxy was disabled (current mode: $proxy_mode)"
fi
echo " VPN proxy stopped and proxy settings cleared"
# Return success even if there was no PID file
return 0
} }
status_proxy() { status_proxy() {