diff --git a/flake.nix b/flake.nix index c574db8..ffc62e8 100644 --- a/flake.nix +++ b/flake.nix @@ -163,6 +163,9 @@ niriPackage = inputs.niri.packages.${system}.niri-unstable; + # --- Desktop-channel pkgs (used by portable homeConfigurations) --- + desktopPkgs = import nixpkgs { inherit system; }; + # --- Server (muffin) plumbing --- bootstrapPkgs = import nixpkgs-stable { inherit system; }; patchedStableSrc = bootstrapPkgs.applyPatches { @@ -367,6 +370,24 @@ muffin = muffinHost; }; + # Standalone home-manager profile — usable on any x86_64-linux machine + # with nix installed (NixOS or not). Activate with: + # nix run home-manager/master -- switch --flake ".#primary" + # Ships the shared terminal profile (fish, helix, modern CLI, git). + homeConfigurations.primary = home-manager.lib.homeManagerConfiguration { + pkgs = desktopPkgs; + modules = [ + ./home/profiles/terminal.nix + { + home = { + username = username; + homeDirectory = "/home/${username}"; + stateVersion = "24.11"; + }; + } + ]; + }; + deploy.nodes.muffin = { hostname = "server-public"; profiles.system = { @@ -395,6 +416,11 @@ path = test; }) testSuite ); + + # Buildenv of every binary in the portable terminal profile. Install + # without home-manager via: + # nix profile install ".#cli-tools" + cli-tools = self.homeConfigurations.primary.config.home.path; } // (serverPkgs.lib.mapAttrs' (name: test: { name = "test-${name}"; diff --git a/home/profiles/gui.nix b/home/profiles/gui.nix index 85aed92..8a95571 100644 --- a/home/profiles/gui.nix +++ b/home/profiles/gui.nix @@ -227,4 +227,11 @@ uris = [ "qemu:///system" ]; }; }; + + # macOS-style clipboard aliases — depend on wl-clipboard, so scoped here + # rather than in the shared fish config. + programs.fish.shellAliases = { + pbcopy = "${pkgs.wl-clipboard}/bin/wl-copy"; + pbpaste = "${pkgs.wl-clipboard}/bin/wl-paste"; + }; } diff --git a/home/profiles/no-gui.nix b/home/profiles/no-gui.nix index d210c4c..c2d070e 100644 --- a/home/profiles/no-gui.nix +++ b/home/profiles/no-gui.nix @@ -59,66 +59,89 @@ let # jasmin ]; - common_tools = with pkgs; [ - # hex viewer - hexyl - - # find typos in code - typos - - # replacements for common posix tools - eza # ls replacement - bat # pretty `cat` clone - delta # viewer for `git` and `diff` output - dust # pretty `du` version - duf # better `df` clone - gping # `ping`... but with a graph!! - tldr # `man` but more straight-forward and simpler - ripgrep # grep, but written in rust, respects .gitignore, and very very fast, command is `rg` - fd # alternative to `find` - - # status tools - htop - bottom - - # other tools - unzip - wget - killall - file - b3sum - - # "A hexadecimal, binary, and ASCII dump utility with color support" - tinyxxd - - # networking tool - lsof - - # view SMART status of drives + # hardware diagnostics — wanted on dev machines, not part of the shared + # terminal profile (which is meant to be portable to any machine). + hw_diag = with pkgs; [ smartmontools - - # adds `sensors` command lm_sensors - - # lspci pciutils + ]; + + # dev-only tools. Universal CLI (bat, rg, htop, jq, …) lives in terminal.nix. + dev_tools = with pkgs; [ + # python formatter + ruff + + # for website generation + hugo + go + + waypipe + + sshfs + + # serial viewer + minicom + + ffmpeg-full + + # microcontroller tooling + probe-rs-tools + + (python313.withPackages ( + ps: with ps; [ + mypy # type checking + types-requests # add types for requests methods + + python-lsp-server # lsp + python-lsp-ruff # ruff integration + pyserial + + numpy + matplotlib + notebook + + pandas + ] + )) + + binwalk + + # clang-format and clang-tidy + clang-tools + clang + gdb + + nixpkgs-review + + nmap + + # terminal image viewer + timg + + tcpdump + + borgbackup + + # used to deploy nix system to server + # (and in the future, desktop) + deploy-rs + + # power stuff + powerstat + + yt-dlp + + # JS runtime + bun # convert between various units units - - jq - - # DNS things - dig - - bun ]; - in { imports = [ - ../progs/fish.nix - ../progs/helix.nix + ./terminal.nix ../progs/pi.nix ( { ... }: @@ -132,92 +155,23 @@ in home.stateVersion = stateVersion; - home.packages = - with pkgs; - lib.concatLists [ - [ - # python formatter - ruff + home.packages = lib.concatLists [ + rust_pkgs + lsps + java_tools + hw_diag + dev_tools + ]; - # for website generation - hugo - go + # fish aliases that depend on packages only present in this profile. + # Universal aliases (ls/la/ll/lt, git-size) live in home/progs/fish.nix. + programs.fish.shellAliases = { + c = "${lib.getExe pkgs.cargo}"; + cr = "${lib.getExe pkgs.cargo} run"; + cb = "${lib.getExe pkgs.cargo} build"; - # for benchmaking stuff - hyperfine - - pfetch-rs - waypipe - - sshfs - - # nix formatter - nixfmt-tree - - # serial viewer - minicom - - # "~~matt's~~ my trace route" - mtr - - ffmpeg-full - - # microcontroller tooling - probe-rs-tools - - (python313.withPackages ( - ps: with ps; [ - mypy # type checking - types-requests # add types for requests methods - - python-lsp-server # lsp - python-lsp-ruff # ruff integration - pyserial - - numpy - matplotlib - notebook - - pandas - ] - )) - - binwalk - - # clang-format and clang-tidy - clang-tools - clang - gdb - - git-crypt - - imagemagick - - nixpkgs-review - - nmap - - # terminal image viewer - timg - - tcpdump - - borgbackup - - # used to deploy nix system to server - # (and in the future, desktop) - deploy-rs - - # power stuff - powerstat - - yt-dlp - ] - rust_pkgs - lsps - java_tools - common_tools - ]; + gcc-native = "${lib.getExe pkgs.gcc} -Q --help=target -mtune=native -march=native | ${lib.getExe pkgs.gnugrep} -E '^\\s+\\-(mtune|march)=' | ${pkgs.coreutils}/bin/tr -d '[:blank:]'"; + }; # https://github.com/flamegraph-rs/flamegraph home.file.".cargo/config.toml".text = '' @@ -225,38 +179,4 @@ in linker = "${lib.getExe pkgs.clang}" rustflags = ["-Clink-arg=-Wl,--no-rosegment"] ''; - - # git (self explanatory) - programs.git = { - enable = true; - package = pkgs.git; - - lfs.enable = true; - - ignores = [ ".sisyphus" ]; - - settings = { - init = { - # master -> main - defaultBranch = "main"; - }; - push.autoSetupRemote = true; - user = { - name = "Simon Gardling"; - email = "titaniumtown@proton.me"; - }; - }; - - # gpg signing keys - signing = { - key = "9AB28AC10ECE533D"; - signByDefault = true; - }; - }; - - # better way to view diffs - programs.delta = { - enable = true; - enableGitIntegration = true; - }; } diff --git a/home/profiles/terminal.nix b/home/profiles/terminal.nix new file mode 100644 index 0000000..9f6d86b --- /dev/null +++ b/home/profiles/terminal.nix @@ -0,0 +1,102 @@ +# Shared terminal-tools profile. +# +# The set of CLI tooling I want available on every machine I use: +# - mreow + yarn pick this up via home/profiles/no-gui.nix +# - muffin picks this up via hosts/muffin/home.nix +# - any non-NixOS machine picks it up via the homeConfigurations output in flake.nix +# +# Scope is intentionally narrow: the daily-driver shell (fish + helix + modern +# CLI replacements + git). No language toolchains, no hardware-specific admin +# tools, no GUI-adjacent utilities — those belong in profiles layered on top. +{ + lib, + pkgs, + ... +}: +{ + imports = [ + ../progs/fish.nix + ../progs/helix.nix + ]; + + home.packages = with pkgs; [ + # modern CLI replacements for POSIX basics + eza # ls + bat # cat + delta # diff viewer (also wired into git below) + dust # du + duf # df + gping # ping, with a graph + ripgrep # grep, respects .gitignore + fd # find + tldr # man, simpler + + # system / process tools + htop + bottom + lsof + file + killall + unzip + tmux + wget + + # network + dig + mtr + + # text / data + jq + hexyl + tinyxxd + b3sum + typos + + # media (handy from a shell, lightweight enough to be universal) + imagemagick + + # universal dev-adjacent + git-crypt + hyperfine + + # nix + nixfmt-tree + + # shell greeter (invoked from fish's interactiveShellInit) + pfetch-rs + ]; + + # Git: mechanical config + identity lives here so `git` works out of the box + # on every machine. Signing is opt-in via lib.mkDefault so machines without + # my GPG key can override `signing.signByDefault = false` without fighting + # priority. + programs.git = { + enable = true; + package = pkgs.git; + + lfs.enable = true; + + ignores = [ ".sisyphus" ]; + + settings = { + init.defaultBranch = "main"; + push.autoSetupRemote = true; + user = { + name = "Simon Gardling"; + email = "titaniumtown@proton.me"; + }; + }; + + signing = { + format = "openpgp"; + key = lib.mkDefault "9AB28AC10ECE533D"; + signByDefault = lib.mkDefault true; + }; + }; + + # Pretty diff viewer, wired into git. + programs.delta = { + enable = true; + enableGitIntegration = true; + }; +} diff --git a/home/progs/fish.nix b/home/progs/fish.nix index bd3ad1c..d3c8e88 100644 --- a/home/progs/fish.nix +++ b/home/progs/fish.nix @@ -1,7 +1,12 @@ +# Shared fish configuration — imported from home/profiles/terminal.nix, so it +# runs on every host (mreow, yarn, muffin, and any machine using the portable +# homeConfigurations output). +# +# Desktop/dev-specific aliases (cargo, gcc, wl-clipboard) are added from the +# profile that owns their dependencies, not here. { pkgs, lib, ... }: let eza = "${lib.getExe pkgs.eza} --color=always --group-directories-first"; - cargo = "${lib.getExe pkgs.cargo}"; coreutils = "${pkgs.coreutils}/bin"; in { @@ -9,21 +14,17 @@ in enable = true; interactiveShellInit = '' - #disable greeting + # disable greeting set fish_greeting - #fixes gnupg password entry + # fixes gnupg password entry export GPG_TTY=(${coreutils}/tty) - #pfetch on shell start (disable pkgs because of execution time) + # pfetch on shell start (disable pkgs because of execution time) PF_INFO="ascii title os host kernel uptime memory editor wm" ${lib.getExe pkgs.pfetch-rs} ''; shellAliases = { - c = cargo; - cr = "${cargo} run"; - cb = "${cargo} build"; - # from DistroTube's dot files: Changing "ls" to "eza" ls = "${eza} -al"; la = "${eza} -a"; @@ -38,12 +39,6 @@ in ${coreutils}/sort --numeric-sort --key=2 | ${coreutils}/cut -c 1-12,41- | ${coreutils}/numfmt --field=2 --to=iec-i --suffix=B --padding=7 --round=nearest''; - - # aliases for (I think) macos commands - pbcopy = "${pkgs.wl-clipboard}/bin/wl-copy"; - pbpaste = "${pkgs.wl-clipboard}/bin/wl-paste"; - - gcc-native = "${lib.getExe pkgs.gcc} -Q --help=target -mtune=native -march=native | ${lib.getExe pkgs.gnugrep} -E '^\\s+\-(mtune|march)=' | ${coreutils}/tr -d '[:blank:]'"; }; shellInit = '' diff --git a/hosts/muffin/default.nix b/hosts/muffin/default.nix index 6334d8e..298c281 100644 --- a/hosts/muffin/default.nix +++ b/hosts/muffin/default.nix @@ -161,35 +161,21 @@ ]; }; + # Root-facing admin tools only. User-facing CLI (fish, helix, htop, bottom, + # tmux, ripgrep, lsof, wget, pfetch-rs, …) is provided via home-manager in + # home/profiles/terminal.nix — shared with mreow and yarn. environment.systemPackages = with pkgs; [ - helix lm_sensors - bottom - htop - - neofetch - borgbackup smartmontools - ripgrep - intel-gpu-tools iotop iftop - - tmux - - wget - powertop - lsof - reflac - pfetch-rs - sbctl # add `skdump` diff --git a/hosts/muffin/home.nix b/hosts/muffin/home.nix index cb59b11..72fbd8a 100644 --- a/hosts/muffin/home.nix +++ b/hosts/muffin/home.nix @@ -1,31 +1,12 @@ +{ ... }: { - pkgs, - lib, - ... -}: -{ + imports = [ + ../../home/profiles/terminal.nix + ]; + home.stateVersion = "24.11"; - programs.fish = { - enable = true; - interactiveShellInit = '' - # disable greeting - set fish_greeting - - # pfetch on shell start (disable pkgs because of execution time) - PF_INFO="ascii title os host kernel uptime memory editor wm" ${lib.getExe pkgs.pfetch-rs} - ''; - - shellAliases = - let - eza = "${lib.getExe pkgs.eza} --color=always --group-directories-first"; - in - { - # from DistroTube's dot files: Changing "ls" to "eza" - ls = "${eza} -al"; - la = "${eza} -a"; - ll = "${eza} -l"; - lt = "${eza} -aT"; - }; - }; + # Muffin typically doesn't have the GPG key loaded (no agent forwarded, + # no key in the keyring). Unsigned commits here rather than failing silently. + programs.git.signing.signByDefault = false; }