fixes and added tau

flake.lock

@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1680266963,
+        "lastModified": 1683754942,
-        "narHash": "sha256-IW/lzbUCOcldLHWHjNSg1YoViDnZOmz0ZJL7EH9OkV8=",
+        "narHash": "sha256-L+Bj8EL4XLmODRIuOkk9sI6FDECVzK+C8jeZFv7q6eY=",
         "owner": "LnL7",
         "repo": "nix-darwin",
-        "rev": "99d4187d11be86b49baa3a1aec0530004072374f",
+        "rev": "252541bd05a7f55f3704a3d014ad1badc1e3360d",
         "type": "github"
       },
       "original": {
@@ -24,15 +24,14 @@
       "inputs": {
         "nixpkgs": [
           "nixpkgs"
-        ],
+        ]
-        "utils": "utils"
       },
       "locked": {
-        "lastModified": 1680389554,
+        "lastModified": 1683989410,
-        "narHash": "sha256-+8FUmS4GbDMynQErZGXKg+wU76rq6mI5fprxFXFWKSM=",
+        "narHash": "sha256-puF/QsIkp4ch0sf6M5mNzbdZtYcq2MJHcKre9wJ3ZYo=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "ddd8866c0306c48f465e7f48432e6f1ecd1da7f8",
+        "rev": "6702b22b9805bc1879715d4111e3764cd4237aed",
         "type": "github"
       },
       "original": {
@@ -43,11 +42,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1680487167,
+        "lastModified": 1683777345,
-        "narHash": "sha256-9FNIqrxDZgSliGGN2XJJSvcDYmQbgOANaZA4UWnTdg4=",
+        "narHash": "sha256-V2p/A4RpEGqEZussOnHYMU6XglxBJGCODdzoyvcwig8=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "53dad94e874c9586e71decf82d972dfb640ef044",
+        "rev": "635a306fc8ede2e34cb3dd0d6d0a5d49362150ed",
         "type": "github"
       },
       "original": {
@@ -61,21 +60,6 @@
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs"
       }
-    },
-    "utils": {
-      "locked": {
-        "lastModified": 1676283394,
-        "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
     }
   },
   "root": "root",

flake.nix

@@ -19,20 +19,32 @@
         config.allowUnfree = true;
         config.allowUnsupportedSystem = false;
         config.allowBroken = false;
+        config.permittedInsecurePackages = [
+          "libgcrypt-1.8.10"
+        ];
         overlays = import ./overlays.nix;
         system = "x86_64-linux";
       };
 
-      nixpkgs_aarch64 = import nixpkgs {
+      nixpkgs_aarch64_darwin = import nixpkgs {
         config.allowUnfree = true;
         config.allowUnsupportedSystem = false;
         config.allowBroken = false;
         overlays = import ./overlays.nix;
         system = "aarch64-darwin";
       };
+
+      nixpkgs_aarch64_linux = import nixpkgs {
+        config.allowUnfree = true;
+        config.allowUnsupportedSystem = false;
+        config.allowBroken = false;
+        overlays = import ./overlays.nix;
+        system = "aarch64-linux";
+      };
     in
     {
-      nixosConfigurations."MDesktop" = nixpkgs.lib.nixosSystem {
+      nixosConfigurations."MDesktop" = nixpkgs.lib.nixosSystem
+      {
         specialArgs = { inherit username; };
         pkgs = nixpkgs_x86_64;
         system = "x86_64-linux";
@@ -45,9 +57,23 @@
         ] ++ utils.nixFilesIn ./systems/mdesktop;
       };
 
+      nixosConfigurations."tau" = nixpkgs.lib.nixosSystem
+      {
+        specialArgs = { inherit username; };
+        pkgs = nixpkgs_aarch64_linux;
+        system = "aarch64-linux";
+        modules = [
+          home-manager.nixosModules.home-manager
+          {
+            home-manager.users.${username}.imports = utils.nixFilesIn ./maddie/common ++ utils.nixFilesIn ./maddie/nixos;
+            home-manager.extraSpecialArgs = { inherit username; pkgs = nixpkgs_aarch64_linux; };
+          }
+        ] ++ utils.nixFilesIn ./systems/tau;
+      };
+
       darwinConfigurations."MMacBookPro" = darwin.lib.darwinSystem
       {
-        pkgs = nixpkgs_aarch64;
+        pkgs = nixpkgs_aarch64_darwin;
         specialArgs = { inherit username; };
         system = "aarch64-darwin";
         modules = [
@@ -55,13 +81,14 @@
           {
             home-manager.useUserPackages = true;
             home-manager.users.${username}.imports = utils.nixFilesIn ./maddie/common ++ utils.nixFilesIn ./maddie/macos;
-            home-manager.extraSpecialArgs = { inherit username; pkgs = nixpkgs_aarch64; };
+            home-manager.extraSpecialArgs = { inherit username; pkgs = nixpkgs_aarch64_darwin; };
           }
         ] ++ utils.nixFilesIn ./systems/mmacbookpro;
       };
 
       formatter.x86_64-linux = nixpkgs_x86_64.legacyPackages.x86_64-linux.nixpkgs-fmt;
-      formatter.aarch64-darwin = nixpkgs_aarch64.legacyPackages.aarch64-darwin.nixpkgs-fmt;
+      formatter.aarch64-darwin = nixpkgs_aarch64_darwin.legacyPackages.aarch64-darwin.nixpkgs-fmt;
+      formatter.aarch64-linux = nixpkgs_aarch64_linux.legacyPackages.aarch64-linux.nixpkgs-fmt;
     };
 }
 

maddie/common/lsp.nix

@@ -7,7 +7,7 @@
     nodePackages.bash-language-server
     nodePackages.vim-language-server
     nodePackages.pyright
-    rust-analyzer
+    /* rust-analyzer */
     rnix-lsp
     universal-ctags
   ];

systems/mdesktop/gpg.nix

@@ -1,9 +1,10 @@
-{ config, ... }:
+{ config, pkgs, ... }:
 
 {
+  # programs.gnupg.package = pkgs.gnupg22;
   programs.gnupg.agent = {
     enable = true;
-    enableSSHSupport = true;
+    enableSSHSupport = false;
     pinentryFlavor = "gtk2";
   };
 }

systems/mdesktop/nixos.nix

@@ -1,6 +1,6 @@
 { config, lib, ... }:
 
 {
-  system.stateVersion = "22.05";
+  system.stateVersion = "23.05";
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }

systems/mdesktop/yubikey.nix

@@ -15,8 +15,8 @@
     };
   };
 
-  environment.systemPackages = with pkgs; [
+  /* environment.systemPackages = with pkgs; [ */
-    yubioath-flutter
+  /*   yubioath-flutter */
-    yubikey-personalization
+  /*   yubikey-personalization */
-  ];
+  /* ]; */
 }

systems/mmacbookpro/apps.nix

@@ -40,13 +40,14 @@
       "sketch"
 
       # Development
-      "lapce"
+      "zed"
       "neovide"
       "pycharm"
       "webstorm"
       "clion"
       "goland"
       "appcode"
+      "datagrip"
       "android-studio"
       "fleet"
       "tower"

systems/tau/android.nix

@@ -0,0 +1,5 @@
+{ config, ... }:
+
+{
+  programs.adb.enable = true;
+}

systems/tau/audio.nix

@@ -0,0 +1,14 @@
+{ config, ... }:
+
+{
+  sound.enable = true;
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+}

systems/tau/bluetooth.nix

@@ -0,0 +1,6 @@
+{ config, ... }:
+
+{
+  hardware.bluetooth.enable = true;
+  services.blueman.enable = true;
+}

systems/tau/boot.nix

@@ -0,0 +1,6 @@
+{ config, ... }:
+
+{
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+}

systems/tau/doas.nix

@@ -0,0 +1,13 @@
+{ config, username, ... }:
+
+{
+  security.sudo.enable = false;
+  security.doas = {
+    enable = true;
+    extraRules = [{
+      users = [ "${username}" ];
+      keepEnv = true;
+      persist = true;
+    }];
+  };
+}

systems/tau/firewall.nix

@@ -0,0 +1,6 @@
+{ config, ... }:
+
+{
+  # Disable the firewall altogether
+  networking.firewall.enable = false;
+}

systems/tau/fonts.nix

@@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+{
+  fonts.fonts = with pkgs; [
+    nerdfonts
+    font-awesome
+    source-han-sans
+    source-han-serif
+    source-han-code-jp
+  ];
+}

systems/tau/gpg.nix

@@ -0,0 +1,9 @@
+{ config, ... }:
+
+{
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+    pinentryFlavor = "gtk2";
+  };
+}

systems/tau/locale.nix

@@ -0,0 +1,13 @@
+{ config, ... }:
+
+{
+  # Time zone
+  time.timeZone = "Europe/London";
+
+  # Internationalisation properties
+  i18n.defaultLocale = "en_GB.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "uk";
+  };
+}

systems/tau/networking.nix

@@ -0,0 +1,17 @@
+{ config, lib, ... }:
+
+{
+  # DHCP
+  networking.useDHCP = lib.mkDefault true;
+
+  # Hostname
+  networking.hostName = "tau";
+
+  # Enable wireless support & configuration
+  networking.wireless.enable = true;
+  networking.wireless.networks = {
+    "BT-C5CPMR_5GEXT" = {
+      psk = "hN3LtFrkp36bXc";
+    };
+  };
+}

systems/tau/nix.nix

@@ -0,0 +1,16 @@
+{ config, pkgs, ... }:
+
+{
+  # Enable flakes and nix-command
+  nix = {
+    package = pkgs.nixVersions.stable;
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+      auto-optimise-store = true;
+    };
+    gc = {
+      automatic = true;
+      options = "--delete-older-than 7d";
+    };
+  };
+}

systems/tau/nixos.nix

@@ -0,0 +1,6 @@
+{ config, lib, ... }:
+
+{
+  system.stateVersion = "23.05";
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}

systems/tau/openrazer.nix

@@ -0,0 +1,9 @@
+{ config, username, ... }:
+
+{
+  hardware.openrazer = {
+    enable = true;
+    users = [ "${username}" ];
+    devicesOffOnScreensaver = false;
+  };
+}

systems/tau/openrgb.nix

@@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+
+{
+  services.hardware.openrgb = {
+    enable = true;
+    package = pkgs.openrgb-with-all-plugins;
+  };
+}

systems/tau/packages.nix

@@ -0,0 +1,47 @@
+{ config, pkgs, ... }:
+
+{
+  # System-wide packages
+  # I want these available for all users at all times
+  environment.systemPackages = with pkgs; [
+    # Xorg packages
+    xorg.xinit
+    xorg.xkill
+    xorg.xprop
+    xorg.xwininfo
+    xorg.xrandr
+    xdotool
+    xclip
+
+    # Processes
+    killall
+    appimage-run
+
+    # Filesystems
+    dosfstools
+    btrfs-progs
+    ntfs3g
+    exfatprogs
+    libimobiledevice
+    ifuse
+
+    # Archives
+    zip
+    unrar
+    unzip
+    p7zip
+
+    # Cli tools
+    ripgrep
+    wget
+    fzf
+    bat
+
+    # XDG
+    xdg-utils
+    xdg-user-dirs
+
+    # Git
+    git
+  ];
+}

systems/tau/security.nix

@@ -0,0 +1,6 @@
+{ config, pkgs, ... }:
+
+{
+  programs.slock.enable = true;
+  security.wrappers.slock.source = "${pkgs.slock.out}/bin/slock";
+}

systems/tau/services.nix

@@ -0,0 +1,6 @@
+{ config, ... }:
+
+{
+  # Misc services
+  services.usbmuxd.enable = true;
+}

systems/tau/ssh.nix

@@ -0,0 +1,13 @@
+{ config, ... }:
+
+{
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+    };
+  };
+  programs.ssh.hostKeyAlgorithms = [ "sk-ssh-ed25519@openssh.com" "ssh-ed25519" ];
+}

systems/tau/syncthing.nix

@@ -0,0 +1,42 @@
+{ config, username, ... }:
+
+{
+  services.syncthing = {
+    enable = true;
+    user = "${username}";
+    group = "users";
+    dataDir = "/home/${username}";
+    configDir = "/home/${username}/.config/syncthing";
+    guiAddress = "0.0.0.0:8384";
+    overrideFolders = true;
+    overrideDevices = true;
+    devices = {
+      "M.Phone.Pixel" = { id = "WMGWVOU-DFZQSZO-46XQJQA-Q5XD5ZB-NDXK5SP-LXNAADH-Z2KJN4P-4P4UXA5"; };
+      "M.MacBookPro" = { id = "A5HRCSI-RWYZ6GG-SCBZ2OJ-PG6T7VP-WKDN2VP-CNXIQ3B-VCJ7ZHO-MTV63QP"; };
+      "Lambda" = { id = "ZYNSFWR-F3ZNDDT-66TSJWB-PRP3KQK-IWTTABU-GGWT5DL-RWC7VAE-LI5AXQQ"; };
+    };
+    folders = {
+      "Documents" = {
+        path = "/home/${username}/Documents";
+        devices = [ "M.Phone.Pixel" "M.MacBookPro" ];
+      };
+      "Pictures" = {
+        path = "/home/${username}/Pictures";
+        devices = [ "M.Phone.Pixel" "M.MacBookPro" ];
+      };
+      "Videos" = {
+        path = "/home/${username}/Videos";
+        devices = [ "M.Phone.Pixel" "M.MacBookPro" ];
+      };
+      "Music" = {
+        path = "/home/${username}/Music";
+        devices = [ "M.Phone.Pixel" "M.MacBookPro" ];
+      };
+      "Android Camera" = {
+        id = "pixel_7_pro_2qyx-photos";
+        path = "/home/${username}/Pictures/DCIM";
+        devices = [ "M.Phone.Pixel" "M.MacBookPro" ];
+      };
+    };
+  };
+}

systems/tau/systemd.nix

@@ -0,0 +1,8 @@
+{ config, ... }:
+
+{
+  # Stop systemd from hanging for ages
+  systemd.extraConfig = ''
+    DefaultTimeoutStopSec=10s
+  '';
+}

systems/tau/users.nix

@@ -0,0 +1,11 @@
+{ config, pkgs, username, ... }:
+
+{
+  users.users.${username} = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    description = "Madeleine";
+    extraGroups = [ "adbusers" "dialout" "libvirtd" "plugdev" ];
+    openssh.authorizedKeys.keyFiles = [ ../../maddie/common/ssh/id_ed25519_sk.pub ];
+  };
+}

systems/tau/virtualisation.nix

@@ -0,0 +1,6 @@
+{ config, ... }:
+
+{
+  virtualisation.libvirtd.enable = true;
+  programs.dconf.enable = true;
+}

systems/tau/xorg.nix

@@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+
+{
+  services.xserver = {
+    # Enable X11 windowing system
+    enable = true;
+
+    # Set gb X11 keymap
+    layout = "gb";
+    xkbOptions = "eurosign:e";
+
+    # Use startx for starting window managers
+    displayManager = {
+      startx.enable = true;
+    };
+  };
+}

systems/tau/yubikey.nix

@@ -0,0 +1,22 @@
+{ config, pkgs, ... }:
+
+{
+  services.pcscd.enable = true;
+  services.udev.packages = [ pkgs.yubikey-personalization pkgs.android-udev-rules ];
+  security.pam = {
+    services = {
+      login.u2fAuth = true;
+      doas.u2fAuth = true;
+    };
+    yubico = {
+      enable = true;
+      mode = "challenge-response";
+      control = "optional";
+    };
+  };
+
+  /* environment.systemPackages = with pkgs; [ */
+  /*   yubioath-flutter */
+  /*   yubikey-personalization */
+  /* ]; */
+}

systems/tau/zsh.nix

@@ -0,0 +1,10 @@
+{ config, pkgs, ... }:
+
+{
+  programs.zsh = {
+    enable = true;
+    autosuggestions.enable = true;
+    syntaxHighlighting.enable = true;
+  };
+  users.defaultUserShell = pkgs.zsh;
+}