emmet/nixos-config
0
1
Fork 0
Code Issues Pull Requests Projects Wiki Activity

These scripts broke my thinkpad

Browse Source
This commit is contained in:
Emmet
2025-02-16 15:10:05 -06:00
parent 919b71abea
commit 16f689ff07
10 changed files with 62 additions and 275 deletions
Download Patch File Download Diff File Expand all files Collapse all files

123
modules/system/phoenix/default.nix
View File

@ -18,67 +18,68 @@
config = {
environment.systemPackages = with pkgs; [
attic-client
(pkgs.writeScriptBin "phoenix" ''
if [ "$1" = "sync" ]; then
if [ "$#" = 1 ]; then
${config.systemSettings.dotfilesDir}/scripts/sync.sh;
exit 0;
fi
elif [ "$1" = "refresh" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'refresh' command has no subcommands (no $2 subcommand)";
fi
${config.systemSettings.dotfilesDir}/scripts/sync-posthook.sh;
exit 0;
elif [ "$1" = "update" ]; then
${config.systemSettings.dotfilesDir}/scripts/update.sh "''${@:2}";
exit 0;
elif [ "$1" = "upgrade" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'upgrade' command has no subcommands (no $2 subcommand)";
fi
${config.systemSettings.dotfilesDir}/scripts/upgrade.sh;
exit 0;
elif [ "$1" = "pull" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)";
fi
${config.systemSettings.dotfilesDir}/scripts/pull.sh;
exit 0;
elif [ "$1" = "build" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)";
fi
${config.systemSettings.dotfilesDir}/scripts/build.sh;
exit 0;
elif [ "$1" = "harden" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'harden' command has no subcommands (no $2 subcommand)";
fi
${config.systemSettings.dotfilesDir}/scripts/harden.sh;
exit 0;
elif [ "$1" = "soften" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'soften' command has no subcommands (no $2 subcommand)";
fi
${config.systemSettings.dotfilesDir}/scripts/soften.sh;
exit 0;
elif [ "$1" = "gc" ]; then
if [ "$#" -gt 2 ]; then
echo "Warning: The 'gc' command only accepts one argument (collect_older_than)";
fi
if [ "$2" = "full" ]; then
sudo nix-collect-garbage --delete-old;
nix-collect-garbage --delete-old;
elif [ "$2" ]; then
sudo nix-collect-garbage --delete-older-than $2;
nix-collect-garbage --delete-older-than $2;
else
sudo nix-collect-garbage --delete-older-than 30d;
nix-collect-garbage --delete-older-than 30d;
fi
fi
'')
# TODO rewrite this from scratch without wrappers
#(pkgs.writeScriptBin "phoenix" ''
# if [ "$1" = "sync" ]; then
# if [ "$#" = 1 ]; then
# ${config.systemSettings.dotfilesDir}/scripts/sync.sh;
# exit 0;
# fi
# elif [ "$1" = "refresh" ]; then
# if [ "$#" -gt 1 ]; then
# echo "Warning: The 'refresh' command has no subcommands (no $2 subcommand)";
# fi
# ${config.systemSettings.dotfilesDir}/scripts/sync-posthook.sh;
# exit 0;
# elif [ "$1" = "update" ]; then
# ${config.systemSettings.dotfilesDir}/scripts/update.sh "''${@:2}";
# exit 0;
# elif [ "$1" = "upgrade" ]; then
# if [ "$#" -gt 1 ]; then
# echo "Warning: The 'upgrade' command has no subcommands (no $2 subcommand)";
# fi
# ${config.systemSettings.dotfilesDir}/scripts/upgrade.sh;
# exit 0;
# elif [ "$1" = "pull" ]; then
# if [ "$#" -gt 1 ]; then
# echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)";
# fi
# ${config.systemSettings.dotfilesDir}/scripts/pull.sh;
# exit 0;
# elif [ "$1" = "build" ]; then
# if [ "$#" -gt 1 ]; then
# echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)";
# fi
# ${config.systemSettings.dotfilesDir}/scripts/build.sh;
# exit 0;
# elif [ "$1" = "harden" ]; then
# if [ "$#" -gt 1 ]; then
# echo "Warning: The 'harden' command has no subcommands (no $2 subcommand)";
# fi
# ${config.systemSettings.dotfilesDir}/scripts/harden.sh;
# exit 0;
# elif [ "$1" = "soften" ]; then
# if [ "$#" -gt 1 ]; then
# echo "Warning: The 'soften' command has no subcommands (no $2 subcommand)";
# fi
# ${config.systemSettings.dotfilesDir}/scripts/soften.sh;
# exit 0;
# elif [ "$1" = "gc" ]; then
# if [ "$#" -gt 2 ]; then
# echo "Warning: The 'gc' command only accepts one argument (collect_older_than)";
# fi
# if [ "$2" = "full" ]; then
# sudo nix-collect-garbage --delete-old;
# nix-collect-garbage --delete-old;
# elif [ "$2" ]; then
# sudo nix-collect-garbage --delete-older-than $2;
# nix-collect-garbage --delete-older-than $2;
# else
# sudo nix-collect-garbage --delete-older-than 30d;
# nix-collect-garbage --delete-older-than 30d;
# fi
# fi
#'')
];
};
}

24
scripts/build.sh
View File

@ -1,24 +0,0 @@
#!/bin/sh
# Script to build all systems
# And push to attic cache
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
pushd $SCRIPT_DIR/.. &> /dev/null;
nixos-rebuild build --flake .#snowfire;
attic push emmet ./result;
rm ./result;
nixos-rebuild build --flake .#polarias;
attic push emmet ./result;
rm ./result;
nixos-rebuild build --flake .#zenith;
attic push emmet ./result;
rm ./result;
nixos-rebuild build --flake .#stardust;
attic push emmet ./result;
rm ./result;
nixos-rebuild build --flake .#ori;
attic push emmet ./result;
rm ./result;

33
scripts/harden.sh
View File

@ -1,33 +0,0 @@
#!/bin/sh
# This will harden the security of these dotfiles, preventing
# unpriveleged users from editing system-level (root configuration)
# files maliciously
# Run this inside of ~/.dotfiles (or whatever directory you installed
# the dotfiles to)
# Run this as root!
# BTW, this assumes your user account has a PID/GID of 1000
# After running this, the command `nix flake update` will require root
if [ "$#" = 1 ]; then
SCRIPT_DIR=$1;
else
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
fi
pushd $SCRIPT_DIR/.. &> /dev/null;
sudo chown 0:0 .;
sudo chown 0:0 profiles/*;
sudo chown -R 0:0 system;
sudo chown 0:0 -R scripts;
sudo chown -R 0:0 patches;
sudo chown 0:0 flake.lock;
sudo chown 0:0 flake.nix
sudo chown 0:0 profiles
sudo chown 0:0 profiles/*/configuration.nix;
sudo chown 0:0 profiles/homelab/base.nix;
sudo chown 1000:users **/README.org;
popd &> /dev/null;

48
scripts/install.sh
View File

@ -1,48 +0,0 @@
#!/bin/sh
## THIS DOESN'T WORK ANYMORE BTW
# TODO update this..
# Automated script to install my dotfiles
# Clone dotfiles
if [ $# -gt 0 ]
then
SCRIPT_DIR=$1
else
SCRIPT_DIR=~/.dotfiles
fi
nix-shell -p git --command "git clone https://gitlab.com/librephoenix/nixos-config $SCRIPT_DIR"
# Generate hardware config for new system
sudo nixos-generate-config --show-hardware-config > $SCRIPT_DIR/system/hardware-configuration.nix
# Check if uefi or bios
if [ -d /sys/firmware/efi/efivars ]; then
sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"uefi\";/" $SCRIPT_DIR/flake.nix
else
sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"bios\";/" $SCRIPT_DIR/flake.nix
grubDevice=$(findmnt / | awk -F' ' '{ print $2 }' | sed 's/\[.*\]//g' | tail -n 1 | lsblk -no pkname | tail -n 1 )
sed -i "0,/grubDevice.*=.*\".*\";/s//grubDevice = \"\/dev\/$grubDevice\";/" $SCRIPT_DIR/flake.nix
fi
# Patch flake.nix with different username/name and remove email by default
sed -i "0,/emmet/s//$(whoami)/" $SCRIPT_DIR/flake.nix
sed -i "0,/Emmet/s//$(getent passwd $(whoami) | cut -d ':' -f 5 | cut -d ',' -f 1)/" $SCRIPT_DIR/flake.nix
sed -i "s/emmet@librephoenix.com//" $SCRIPT_DIR/flake.nix
sed -i "s+~/.dotfiles+$SCRIPT_DIR+g" $SCRIPT_DIR/flake.nix
# Open up editor to manually edit flake.nix before install
if [ -z "$EDITOR" ]; then
EDITOR=nano;
fi
$EDITOR $SCRIPT_DIR/flake.nix;
# Permissions for files that should be owned by root
sudo $SCRIPT_DIR/scripts/harden.sh $SCRIPT_DIR;
# Rebuild system
sudo nixos-rebuild switch --flake $SCRIPT_DIR#system;
# Install and build home-manager configuration
nix run home-manager/master --extra-experimental-features nix-command --extra-experimental-features flakes -- switch --flake $SCRIPT_DIR#user;

20
scripts/pull.sh
View File

@ -1,20 +0,0 @@
#!/bin/sh
# Automated script to update my non-primary systems
# config to be in sync with upstream git repo while
# preserving local edits to dotfiles via git stash
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
# Relax permissions temporarily so git can work
sudo $SCRIPT_DIR/soften.sh $SCRIPT_DIR;
# Stash local edits, pull changes, and re-apply local edits
pushd $SCRIPT_DIR/.. &> /dev/null;
git stash;
git pull;
git stash apply;
popd &> /dev/null;
# Permissions for files that should be owned by root
sudo $SCRIPT_DIR/harden.sh $SCRIPT_DIR;

27
scripts/soften.sh
View File

@ -1,27 +0,0 @@
#!/bin/sh
# This will soften the security of these dotfiles, allowing
# the default unpriveleged user with UID/GID of 1000 to edit ALL FILES
# in the dotfiles directory
# This mainly is just here to be used by some scripts
# Run this inside of ~/.dotfiles (or whatever directory you installed
# the dotfiles to)
# Run this as root!
# BTW, this assumes your user account has a UID/GID of 1000
# After running this, YOUR UNPRIVELEGED USER CAN MAKE EDITS TO
# IMPORTANT SYSTEM FILES WHICH MAY COMPROMISE THE SYSTEM AFTER
# RUNNING nixos-rebuild switch!
if [ "$#" = 1 ]; then
SCRIPT_DIR=$1;
else
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
fi
pushd $SCRIPT_DIR/scripts &> /dev/null;
sudo chown -R 1000:users .;
popd &> /dev/null;

22
scripts/sync-posthook.sh
View File

@ -1,22 +0,0 @@
#!/bin/sh
# Post hooks to be called after a
# configuration sync
# Mainly just to reload stylix
# xmonad
pgrep xmobar &> /dev/null && echo "Killing old xmobar instances" && echo "Running killall xmobar" && killall xmobar &> /dev/null; # xmonad will restart xmobar
pgrep xmonad &> /dev/null && echo "Recompiling xmonad" && echo "Running xmonad --recompile && xmonad --restart" && xmonad --recompile &> /dev/null && xmonad --restart &> /dev/null;
pgrep .dunst-wrapped &> /dev/null && echo "Restarting dunst" && killall .dunst-wrapped && echo "Running dunst" && dunst &> /dev/null & disown;
pgrep xmonad &> /dev/null && echo "Reapplying background from stylix via feh" && echo "Running ~/.fehbg-stylix" && ~/.fehbg-stylix &> /dev/null & disown;
# hyprland
pgrep Hyprland &> /dev/null && echo "Reloading hyprland" && hyprctl reload &> /dev/null;
pgrep .waybar-wrapped &> /dev/null && echo "Restarting waybar" && killall .waybar-wrapped && echo "Running waybar" && waybar &> /dev/null & disown;
pgrep fnott &> /dev/null && echo "Restarting fnott" && killall fnott && echo "Running fnott" && fnott &> /dev/null & disown;
pgrep hyprpaper &> /dev/null && echo "Reapplying background via hyprpaper" && killall hyprpaper && echo "Running hyprpaper" && hyprpaper &> /dev/null & disown;
pgrep nwggrid-server &> /dev/null && echo "Restarting nwggrid-server" && killall nwggrid-server && echo "Running nwggrid-wrapper" && nwggrid-wrapper &> /dev/null & disown;
# emacs
pgrep emacs &> /dev/null && echo "Reloading emacs stylix theme" && echo "Running emacsclient --no-wait --eval \"(load-theme 'doom-stylix t nil)\"" && emacsclient --no-wait --eval "(load-theme 'doom-stylix t nil)" &> /dev/null;

13
scripts/sync.sh
View File

@ -1,13 +0,0 @@
#!/bin/sh
# Script to synchronize system state
# with configuration files for nixos system
# and home-manager
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
# Rebuild system
sudo nixos-rebuild switch --flake $SCRIPT_DIR/..;
# Refresh
$SCRIPT_DIR/sync-posthook.sh

15
scripts/update.sh
View File

@ -1,15 +0,0 @@
#!/bin/sh
# Script to update my flake without
# synchronizing configuration
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
OUTOFDATEFLAKEREFS=(hyprland/hyprcursor)
# Update flake
pushd $SCRIPT_DIR/.. &> /dev/null;
sudo nix flake update "$@";
if [ "$#" -eq 0 ]; then
sudo nix flake update $OUTOFDATEFLAKEREFS;
fi
popd &> /dev/null;

12
scripts/upgrade.sh
View File

@ -1,12 +0,0 @@
#!/bin/sh
# Script to update system and sync
# Does not pull changes from git
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
# Update flake
$SCRIPT_DIR/update.sh;
# Synchronize system
$SCRIPT_DIR/sync.sh;