diff --git a/README.md b/README.md index 98a717ca..ad2f489f 100644 --- a/README.md +++ b/README.md @@ -15,10 +15,13 @@ ![Gruv'd Hyprland](./screenshot.png "Hyprland with a Gruvboxy theme") --- # To Do List +* [ ] Look into `nix develop` - [Link](https://zero-to-nix.com/concepts/nix#unified-cli) +* [ ] Build a better dashboard to monitor all my nixified devices * [ ] Look into Remote Builds - [Link](https://nixos.org/manual/nix/stable/advanced-topics/distributed-builds.html) * [ ] Find a way to remove all default search engines in Firefox (Google, Amazon, etc) * [ ] Figure out what the home-manager `account` options are for. * [ ] Security hardening +* [ ] Edit the hosts file * [ ] cronjob * [ ] Change wallpaper at a certain time of day * [ ] emacs @@ -32,7 +35,7 @@ Completed ToDo List [here](complete.md) --- -# Directory structure +# Directory Structure ``` . ├── home-manager diff --git a/flake.nix b/flake.nix index e4cb439f..03d601e3 100644 --- a/flake.nix +++ b/flake.nix @@ -11,8 +11,6 @@ sops-nix.url = "github:Mic92/sops-nix"; doom-emacs.url = "github:nix-community/nix-doom-emacs"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; - nixos-generators.url = "github:/nix-community/nixos-generators"; - nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = { self, nixpkgs, nixpkgs-wayland, home-manager, lanzaboote, nur, sops-nix, doom-emacs, ... } @inputs: let @@ -45,4 +43,10 @@ nixos-rpi4-img = libx.mkImage { hostname = "nixos-rpi4-img"; platform = "aarch64-linux"; format = "sd-aarch64"; }; }; }; -} \ No newline at end of file + + # Devshell for bootstrapping; acessible via 'nix develop' or 'nix-shell' (legacy) + devShells = libx.forAllSystems (system: + let pkgs = nixpkgs.legacyPackages.${system}; + in import ./shell.nix { inherit pkgs; } + ); +} diff --git a/home-manager/common/software/cli/bash.nix b/home-manager/common/software/cli/bash.nix index b12116d2..c6709190 100644 --- a/home-manager/common/software/cli/bash.nix +++ b/home-manager/common/software/cli/bash.nix @@ -44,12 +44,10 @@ }; bashrcExtra = '' sops-edit() { - nix-shell nix-shell -p sops --run "sops $1" } sops-update() { - nix-shell nix-shell -p sops --run "sops updatekeys $1" } diff --git a/nixos/hosts/nixos-rpi4-02/default.nix b/nixos/hosts/nixos-rpi4-02/default.nix index 198e70d9..5a106bcd 100644 --- a/nixos/hosts/nixos-rpi4-02/default.nix +++ b/nixos/hosts/nixos-rpi4-02/default.nix @@ -49,5 +49,5 @@ boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; }; # Temporary - networking.firewall.allowedTCPPorts = [ 22 ]; + # networking.firewall.allowedTCPPorts = [ 22 ]; } \ No newline at end of file diff --git a/nixos/hosts/nixos-rpi4-03/default.nix b/nixos/hosts/nixos-rpi4-03/default.nix index fb21cd7f..4eae0eac 100644 --- a/nixos/hosts/nixos-rpi4-03/default.nix +++ b/nixos/hosts/nixos-rpi4-03/default.nix @@ -49,5 +49,5 @@ boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; }; # Temporary - networking.firewall.allowedTCPPorts = [ 22 ]; + # networking.firewall.allowedTCPPorts = [ 22 ]; } \ No newline at end of file diff --git a/shell.nix b/shell.nix index 8eb160ac..a8d759ac 100644 --- a/shell.nix +++ b/shell.nix @@ -4,14 +4,23 @@ let sops-nix = builtins.fetchTarball { url = "https://github.com/Mic92/sops-nix/archive/master.tar.gz"; }; + lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked; in mkShell { + import (fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz"; + sha256 = lock.narHash; + }) + NIX_CONFIG = "experimental-features = nix-command flakes"; # imports all files ending in .asc/.gpg sopsPGPKeyDirs = [ "${toString ./.}/keys/hosts" "${toString ./.}/keys/users" ]; nativeBuildInputs = [ + pkgs.nix + pkgs.home-manager + pkgs.git (pkgs.callPackage sops-nix {}).sops-import-keys-hook ]; } \ No newline at end of file