From 55ee036fd7ebed24097c8da1ca8a0b0829264670 Mon Sep 17 00:00:00 2001 From: Emile Date: Sat, 9 Mar 2024 22:56:01 +0100 Subject: big bang --- nix/hosts/caladan/README.md | 3 + nix/hosts/caladan/aliases.nix | 53 +++++++++ nix/hosts/caladan/darwin-configuration.nix | 82 +++++++++++++ nix/hosts/caladan/functions.zsh | 30 +++++ nix/hosts/caladan/home_emile.nix | 180 +++++++++++++++++++++++++++++ nix/hosts/caladan/home_hydra.nix | 18 +++ nix/hosts/caladan/overlay.nix | 18 +++ nix/hosts/caladan/session_variables.zsh | 35 ++++++ nix/hosts/caladan/ssh.pub | 1 + 9 files changed, 420 insertions(+) create mode 100644 nix/hosts/caladan/README.md create mode 100644 nix/hosts/caladan/aliases.nix create mode 100644 nix/hosts/caladan/darwin-configuration.nix create mode 100644 nix/hosts/caladan/functions.zsh create mode 100644 nix/hosts/caladan/home_emile.nix create mode 100644 nix/hosts/caladan/home_hydra.nix create mode 100644 nix/hosts/caladan/overlay.nix create mode 100644 nix/hosts/caladan/session_variables.zsh create mode 100644 nix/hosts/caladan/ssh.pub (limited to 'nix/hosts/caladan') diff --git a/nix/hosts/caladan/README.md b/nix/hosts/caladan/README.md new file mode 100644 index 0000000..733f564 --- /dev/null +++ b/nix/hosts/caladan/README.md @@ -0,0 +1,3 @@ +# caladan + +m1 macbook air \ No newline at end of file diff --git a/nix/hosts/caladan/aliases.nix b/nix/hosts/caladan/aliases.nix new file mode 100644 index 0000000..5ffff74 --- /dev/null +++ b/nix/hosts/caladan/aliases.nix @@ -0,0 +1,53 @@ +{ + ":q" = "exit"; + ls = "eza"; + ytop = "btm"; + + # short forms + tf = "terraform"; + h = "mosh hack"; + + r2help = ''r2 -qq -c "?*~..." --''; + mosh = "mosh --no-init"; + t = "task"; + tw = "timew"; + + ipa = "scutil --nwi"; + + # this can be super nice and super annoying at the same time: + # ssh = "kitty +kitten ssh"; + + light = "kitty +kitten themes --reload-in=all Ayu Light"; + dark = "kitty +kitten themes --reload-in=all Ayu"; + + + ".." = "cd .."; + "..." = "cd ../.."; + "...." = "cd ../../.."; + "....." = "cd ../../../.."; + + grep = "grep --color=auto"; + nix-stray-roots = '' + nix-store --gc --print-roots | egrep -v "^(/nix/var|/run/w+-system|{memory)"''; + + holdmybeer = "sudo "; + + servethis = "python3 -m http.server"; + + # nmap foo + nmap_open_ports = "nmap --open"; + nmap_list_interfaces = "nmap --iflist"; + nmap_slow = "sudo nmap -sS -v -T1"; + nmap_fin = "sudo nmap -sF -v"; + nmap_full = "sudo nmap -sS -T4 -PE -PP -PS80,443 -PY -g 53 -A -p1-65535 -v"; + nmap_check_for_firewall = "sudo nmap -sA -p1-65535 -v -T4"; + nmap_ping_through_firewall = "nmap -PS -PA"; + nmap_fast = "nmap -F -T5 --version-light --top-ports 300"; + nmap_detect_versions = "sudo nmap -sV -p1-65535 -O --osscan-guess -T4 -Pn"; + nmap_check_for_vulns = "nmap --script = vuln"; + nmap_full_udp = "sudo nmap -sS -sU -T4 -A -v -PE -PS22,25,80 -PA21,23,80,443,3389 "; + nmap_traceroute = "sudo nmap -sP -PE -PS22,25,80 -PA21,23,80,3389 -PU -PO --traceroute "; + nmap_full_with_scripts = "sudo nmap -sS -sU -T4 -A -v -PE -PP -PS21,22,23,25,80,113,31339 -PA80,113,443,10042 -PO --script all " ; + nmap_web_safe_osscan = "sudo nmap -p 80,443 -O -v --osscan-guess --fuzzy "; + nmap_ping_scan = "nmap -n -sP"; +} diff --git a/nix/hosts/caladan/darwin-configuration.nix b/nix/hosts/caladan/darwin-configuration.nix new file mode 100644 index 0000000..b31b6b3 --- /dev/null +++ b/nix/hosts/caladan/darwin-configuration.nix @@ -0,0 +1,82 @@ +{ pkgs, lib, ... }: + +{ + imports = [ + ./overlay.nix + ]; + + users.users.emile = { + name = "emile"; + home = "/Users/emile"; + }; + + users.users.hydra = { + name = "hydra"; + home = "/Users/hydra"; + }; + + nix = { + useDaemon = true; + package = pkgs.nixFlakes; + extraOptions = '' + builders-use-substitutes = true + auto-optimise-store = true + '' + lib.optionalString (pkgs.system == "aarch64-darwin") '' + extra-platforms = x86_64-darwin aarch64-darwin + ''; + + settings = { + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + ]; + substituters = [ + "https://cache.nixos.org" + ]; + + experimental-features = [ "nix-command" "flakes" ]; + }; + + distributedBuilds = true; + + buildMachines = [ + { + hostName = "corrino.emile.space"; + system = "x86_64-linux"; + maxJobs = 1; + speedFactor = 2; + + # Feature | Derivations requiring it + # --------------|----------------------------------------------------- + # kvm | Everything which builds inside a vm, like NixOS tests + # nixos-test | Machine can run NixOS tests + # big-parallel | kernel config, libreoffice, evolution, llvm and chromium. + # benchmark | Machine can generate metrics (Means the builds usually + # | takes the same amount of time) + + # cat /etc/nix/machines + # root@corrino x86_64-linux /home/nix/.ssh/id_ed25519 8 1 kvm,benchmark + + supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + mandatoryFeatures = [ ]; + } + ]; + }; + + nixpkgs = { + config.allowUnfree = true; + }; + + programs.fish.enable = true; + + services.nix-daemon.enable = true; + + security.pam.enableSudoTouchIdAuth = true; + + environment = { + systemPackages = [ + pkgs.yarr + ]; + shells = with pkgs; [ bashInteractive zsh fish ]; + }; + +} diff --git a/nix/hosts/caladan/functions.zsh b/nix/hosts/caladan/functions.zsh new file mode 100644 index 0000000..b134ef3 --- /dev/null +++ b/nix/hosts/caladan/functions.zsh @@ -0,0 +1,30 @@ +function pmk() { + docker run \ + -v \ + "$(pwd):/pwn" \ + --cap-add=SYS_PTRACE \ + --security-opt seccomp=unconfined \ + -d \ + --name $1 \ + -i \ + ctf_ubuntu22.10; +} + +function pcd() { + docker exec \ + -it \ + --workdir /pwn \ + $1 \ + bash; +} + +function prm() { + docker stop $1; +} + +function pls() { + docker ps \ + -a \ + -f ancestor=ctf_ubuntu22.10 \ + --format "{{.Names}}"; +} diff --git a/nix/hosts/caladan/home_emile.nix b/nix/hosts/caladan/home_emile.nix new file mode 100644 index 0000000..d3428cf --- /dev/null +++ b/nix/hosts/caladan/home_emile.nix @@ -0,0 +1,180 @@ +{ pkgs, lib, ... }: + +{ + home = { + stateVersion = "22.11"; + username = "emile"; + homeDirectory = "/Users/emile"; + }; + + # let home-manager install and manage itself + programs = { + home-manager.enable = true; + + direnv = { + enable = true; + nix-direnv.enable = true; + }; + + htop = { + enable = true; + settings.show_program_with_path = true; + }; + + zsh = { + enable = true; + enableCompletion = true; + #syntaxHighlighting.enable = true; + shellAliases = import ./aliases.nix; + enableAutosuggestions = true; + oh-my-zsh = { + enable = true; + plugins = [ "git" "vi-mode" "web-search" "urltools" ]; + }; + + # this has to be added, so we can ssh into the host using deploy-rs and + # access the `nix-store` stuff + envExtra = '' + if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then + . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' + fi + ''; + + initExtraBeforeCompInit = '' + ${builtins.readFile ./session_variables.zsh} + ${builtins.readFile ./functions.zsh} + + eval "$(direnv hook zsh)" + + setopt autocd # cd without needing to use the cd command + ''; + }; + + kitty = { + enable = true; + + # font = pkgs.iosevka; + + font = { + name = "Iosevka Nerd Font"; + size = 13; + }; + + settings = { + font_size = 12; + + disable_ligatures = "never"; + close_on_child_death = "yes"; + + tab_bar_edge = "top"; + tab_bar_style = "slant"; + tab_bar_min_tabs = 1; + + # tab_title_template = "{index}[{layout_name[0:2]}]: {title.replace('emile', 'e')[title.rfind('/')+1:]}"; + tab_title_template = "{index}[{layout_name[0:2]}]: {title.replace('emile', 'e')}"; + + editor = "/Users/emile/.cargo/bin/hx"; + + macos_option_as_alt = "no"; + macos_quit_when_last_window_closed = "yes"; + + kitty_mod = "ctrl+shift"; + + clear_all_shortcuts = ""; + }; + + keybindings = { + "cmd+enter" = "launch --cwd=current --location=split"; + "cmd+shift+enter" = "launch --cwd=current --location=hsplit"; + + "cmd+shift+h" = "move_window left"; + "cmd+shift+j" = "move_window down"; + "cmd+shift+k" = "move_window up"; + "cmd+shift+l" = "move_window right"; + + "cmd+shift+m" = "detach_window ask"; + + "command+j" = "kitten pass_keys.py neighboring_window bottom command+j"; + "command+k" = "kitten pass_keys.py neighboring_window top command+k"; + "command+h" = "kitten pass_keys.py neighboring_window left command+h"; + "command+l" = "kitten pass_keys.py neighboring_window right command+l"; + "command+b" = "combine : clear_terminal scroll active : send_text normal,application \x0c"; + + # "ctrl+n" = "send_text all \x0e"; + "ctrl+e" = "send_text all \x01h"; + "ctrl+n" = "send_text all \x01i"; + "ctrlshift++n" = "send_text all \x01i"; + + "ctrl+left" = "resize_window wider"; + "ctrl+right" = "resize_window narrower"; + "ctrl+up" = "resize_window shorter"; + "ctrl+down" = "resize_window taller"; + }; + + environment = { }; + }; + }; + + home.packages = with pkgs; [ + coreutils mpv + + # terminal foo + kitty + jq ripgrep fd eza lsd tree broot + du-dust mktemp htop rsync + p7zip imagemagick binwalk lftp + graphviz + + git tig + + # nix related tools + deploy-rs + cachix + nixos-rebuild + + # editor + helix + nodePackages_latest.typescript-language-server # js language server + nil # nix language server + nodePackages.yaml-language-server # yaml language server + + # binary foo + radare2 + + # network foo + curl + wireguard-tools + # tailscale + + # rss foo + yarr + + # go foo + go delve + + # c foo + cmake + + # iot hack foo + minicom + + SDL2 + + # macos foo + # karabiner-elements + + # qemu tooling + qemu + sphinx #docs + virt-manager + + # lisp foo + unstable.sbcl + + # infrastructure as code foo + terraform ansible + + ] ++ lib.optionals stdenv.isDarwin [ + m-cli + ]; +} diff --git a/nix/hosts/caladan/home_hydra.nix b/nix/hosts/caladan/home_hydra.nix new file mode 100644 index 0000000..63d3563 --- /dev/null +++ b/nix/hosts/caladan/home_hydra.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + home = { + stateVersion = "22.11"; + username = "hydra"; + homeDirectory = "/Users/hydra"; + }; + + # let home-manager install and manage itself + programs = { + home-manager.enable = true; + }; + + home.packages = with pkgs; [ + tailscale + ]; +} diff --git a/nix/hosts/caladan/overlay.nix b/nix/hosts/caladan/overlay.nix new file mode 100644 index 0000000..a96e3f3 --- /dev/null +++ b/nix/hosts/caladan/overlay.nix @@ -0,0 +1,18 @@ +{ ... }: + +{ + nixpkgs = { + overlays = [ + (self: super: { + # helix-2303 = self.callPackage ../../pkgs/helix-2303 { }; + # r2 = self.callPackage ../../pkgs/radare2-5.8.4 { }; + # ansel = self.callPackage ../../pkgs/ansel { }; + # typst = self.callPackage ../pkgs/radare2-5.8.4 { }; + }) + ]; + config = { + allowUnfree = true; + allowBroken= true; + }; + }; +} diff --git a/nix/hosts/caladan/session_variables.zsh b/nix/hosts/caladan/session_variables.zsh new file mode 100644 index 0000000..863f31c --- /dev/null +++ b/nix/hosts/caladan/session_variables.zsh @@ -0,0 +1,35 @@ +export PROMPT="; " # minimal prompt +export RPROMPT="%F{green}%/%F{reset}" +export PROMPT_EOL_MARK="%" # hide EOL sign ('%') + +export EDITOR="hx" +export LC_ALL="en_US.UTF-8" +export LANG="en_US.UTF-8" + + +export GOPATH=~/go +export GOBIN=$GOPATH/bin + +# /usr/local/bin is mac specific and where brew installs stuff. As we are +# making use of brew as fallback so we need to add it +export PATH="$HOME/.local/bin:$HOME/.nix-profile/bin:/usr/local/bin:$PATH" +export PATH=$PATH:~/go/bin +export PATH=$PATH:~/.emacs.d/bin +export PATH=$PATH:~/bin +export PATH=$PATH:"/Applications/Racket v8.8/bin" +export PATH=/Users/emile/.cargo/bin:$PATH +export PATH=$PATH:/opt/homebrew/bin + +# uxn +export PATH=$PATH:/Users/emile/Documents/projects/uxn/bin + +# fzf +export FZF_BASE=$(whereis fzf | awk '{print $2}' | sed "s/fzf$//g") +if [ -n "${commands[fzf-share]}" ]; then + source "$(fzf-share)/key-bindings.zsh" + source "$(fzf-share)/completion.zsh" +fi + +if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then + . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' +fi diff --git a/nix/hosts/caladan/ssh.pub b/nix/hosts/caladan/ssh.pub new file mode 100644 index 0000000..e68dee1 --- /dev/null +++ b/nix/hosts/caladan/ssh.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPZi43zHEsoWaQomLGaftPE5k0RqVrZyiTtGqZlpWsew -- cgit 1.4.1