···

       
1
       
 
       
{

     

       
2
       
 
       
  "nodes": {

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
3
       
 
       
    "all-cabal-json": {

     

       
4
       
 
       
      "flake": false,

     

       
5
       
 
       
      "locked": {

     
···

       
186
       
 
       
      "original": {

     

       
187
       
 
       
        "owner": "ipetkov",

     

       
188
       
 
       
        "repo": "crane",

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
189
       
 
       
        "type": "github"

     

       
190
       
 
       
      }

     

       
191
       
 
       
    },

     
···

       
925
       
 
       
    },

     

       
926
       
 
       
    "root": {

     

       
927
       
 
       
      "inputs": {

     

       
0
       
 
       

     

       
928
       
 
       
        "bernbot": "bernbot",

     

       
929
       
 
       
        "blender-bin": "blender-bin",

     

       
930
       
 
       
        "blog": "blog",

     

···

       
1
       
 
       
{

     

       
2
       
 
       
  "nodes": {

     

       
3
       
+
       
    "agenix": {

     

       
4
       
+
       
      "inputs": {

     

       
5
       
+
       
        "darwin": "darwin",

     

       
6
       
+
       
        "nixpkgs": [

     

       
7
       
+
       
          "nixpkgs"

     

       
8
       
+
       
        ]

     

       
9
       
+
       
      },

     

       
10
       
+
       
      "locked": {

     

       
11
       
+
       
        "lastModified": 1682101079,

     

       
12
       
+
       
        "narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=",

     

       
13
       
+
       
        "owner": "ryantm",

     

       
14
       
+
       
        "repo": "agenix",

     

       
15
       
+
       
        "rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447",

     

       
16
       
+
       
        "type": "github"

     

       
17
       
+
       
      },

     

       
18
       
+
       
      "original": {

     

       
19
       
+
       
        "owner": "ryantm",

     

       
20
       
+
       
        "repo": "agenix",

     

       
21
       
+
       
        "type": "github"

     

       
22
       
+
       
      }

     

       
23
       
+
       
    },

     

       
24
       
 
       
    "all-cabal-json": {

     

       
25
       
 
       
      "flake": false,

     

       
26
       
 
       
      "locked": {

     
···

       
207
       
 
       
      "original": {

     

       
208
       
 
       
        "owner": "ipetkov",

     

       
209
       
 
       
        "repo": "crane",

     

       
210
       
+
       
        "type": "github"

     

       
211
       
+
       
      }

     

       
212
       
+
       
    },

     

       
213
       
+
       
    "darwin": {

     

       
214
       
+
       
      "inputs": {

     

       
215
       
+
       
        "nixpkgs": [

     

       
216
       
+
       
          "agenix",

     

       
217
       
+
       
          "nixpkgs"

     

       
218
       
+
       
        ]

     

       
219
       
+
       
      },

     

       
220
       
+
       
      "locked": {

     

       
221
       
+
       
        "lastModified": 1673295039,

     

       
222
       
+
       
        "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",

     

       
223
       
+
       
        "owner": "lnl7",

     

       
224
       
+
       
        "repo": "nix-darwin",

     

       
225
       
+
       
        "rev": "87b9d090ad39b25b2400029c64825fc2a8868943",

     

       
226
       
+
       
        "type": "github"

     

       
227
       
+
       
      },

     

       
228
       
+
       
      "original": {

     

       
229
       
+
       
        "owner": "lnl7",

     

       
230
       
+
       
        "ref": "master",

     

       
231
       
+
       
        "repo": "nix-darwin",

     

       
232
       
 
       
        "type": "github"

     

       
233
       
 
       
      }

     

       
234
       
 
       
    },

     
···

       
968
       
 
       
    },

     

       
969
       
 
       
    "root": {

     

       
970
       
 
       
      "inputs": {

     

       
971
       
+
       
        "agenix": "agenix",

     

       
972
       
 
       
        "bernbot": "bernbot",

     

       
973
       
 
       
        "blender-bin": "blender-bin",

     

       
974
       
 
       
        "blog": "blog",

     

···

       
41
       
 
       
    vscode-extensions.url = "github:nix-community/nix-vscode-extensions";

     

       
42
       
 
       
    vscode-extensions.inputs.nixpkgs.follows = "nixpkgs";

     

       
43
       
 
       


     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
44
       
 
       
    # needed for hyprland setup

     

       
45
       
 
       
    # hyprland.url = "github:hyprwm/Hyprland";

     

       
46
       
 
       
    # hyprland.inputs.nixpkgs.follows = "nixpkgs";

     

···

       
41
       
 
       
    vscode-extensions.url = "github:nix-community/nix-vscode-extensions";

     

       
42
       
 
       
    vscode-extensions.inputs.nixpkgs.follows = "nixpkgs";

     

       
43
       
 
       


     

       
44
       
+
       
    agenix.url = "github:ryantm/agenix";

     

       
45
       
+
       
    agenix.inputs.nixpkgs.follows = "nixpkgs";

     

       
46
       
+
       


     

       
47
       
 
       
    # needed for hyprland setup

     

       
48
       
 
       
    # hyprland.url = "github:hyprwm/Hyprland";

     

       
49
       
 
       
    # hyprland.inputs.nixpkgs.follows = "nixpkgs";

     

···

       
9
       
 
       
  imports = with inputs;

     

       
10
       
 
       
  with nixos-hardware.nixosModules;

     

       
11
       
 
       
    [

     

       
0
       
 
       

     

       
12
       
 
       
      nixpkgs.nixosModules.notDetected

     

       
13
       
 
       
      nixos-persistence.nixosModule

     

       
14
       
 
       
      common-pc-ssd

     

···

       
9
       
 
       
  imports = with inputs;

     

       
10
       
 
       
  with nixos-hardware.nixosModules;

     

       
11
       
 
       
    [

     

       
12
       
+
       
      inputs.agenix.nixosModules.default

     

       
13
       
 
       
      nixpkgs.nixosModules.notDetected

     

       
14
       
 
       
      nixos-persistence.nixosModule

     

       
15
       
 
       
      common-pc-ssd

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
{config, ...}: {

     

       
2
       
+
       
  nix.extraOptions = ''

     

       
3
       
+
       
    !include ${config.age.secrets.nixGithubAccessToken.path}

     

       
4
       
+
       
  '';

     

       
5
       
+
       
}

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
{

     

       
2
       
+
       
  age.secrets.nixGithubAccessToken.file = ../../../secrets/nixGithubAccessToken.age;

     

       
3
       
+
       
  age.secrets.wgServerPrivateKey.file = ../../../secrets/wgServerPrivateKey.age;

     

       
4
       
+
       
}

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
{config, ...}: {

     

       
2
       
+
       
  networking.wireguard.enable = true;

     

       
3
       
+
       
  networking.wireguard.interfaces."wg0" = {

     

       
4
       
+
       
    privateKeyFile = config.age.secrets.wgServerPrivateKey.path;

     

       
5
       
+
       
    peers = [{

     

       
6
       
+
       
      publicKey = import ./wgProxyPublicKey.key.pub;

     

       
7
       
+
       
      allowedIPs = ["10.99.0.1/32"];

     

       
8
       
+
       
      endpoint = "${import ./wgProxyPublicIp}:51820";

     

       
9
       
+
       
    }];

     

       
10
       
+
       
  };

     

       
11
       
+
       
}
     

···

       
1
       
 
       
{

     

       
2
       
 
       
  inputs,

     

       
3
       
-
       
  pkgs,

     

       
4
       
-
       
  config,

     

       
5
       
-
       
  lib,

     

       
6
       
 
       
  tlib,

     

       
7
       
 
       
  ...

     

       
8
       
-
       
}: {

     

       
9
       
-
       
  imports = tlib.importFolder (toString ./modules);

     

       
0
       
 
       

     

       
0
       
 
       

     

       
10
       
 
       


     

       
11
       
 
       
  boot.cleanTmpDir = true;

     

       
12
       
 
       
  zramSwap.enable = true;

     

···

       
1
       
 
       
{

     

       
2
       
 
       
  inputs,

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
3
       
 
       
  tlib,

     

       
4
       
 
       
  ...

     

       
5
       
+
       
}: { 

     

       
6
       
+
       
  imports = [

     

       
7
       
+
       
    inputs.agenix.nixosModules.default

     

       
8
       
+
       
  ] ++ (tlib.importFolder (toString ./modules));

     

       
9
       
 
       


     

       
10
       
 
       
  boot.cleanTmpDir = true;

     

       
11
       
 
       
  zramSwap.enable = true;

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
{

     

       
2
       
+
       
  age.secrets.bernbotToken.file = ../../../secrets/bernbotToken.age;

     

       
3
       
+
       
  age.secrets.wgProxyPrivateKey.file = ../../../secrets/wgProxyPrivateKey.age;

     

       
4
       
+
       
}

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
{config, ...}: {

     

       
2
       
+
       
  networking.wireguard.enable = true;

     

       
3
       
+
       
  networking.wireguard.interfaces."wg0" = {

     

       
4
       
+
       
    listenPort = 51820;

     

       
5
       
+
       
    privateKeyFile = config.age.secrets.wgProxyPrivateKey.path;

     

       
6
       
+
       
    peers = [{

     

       
7
       
+
       
      publicKey = import ./wgServerPublicKey.key.pub;

     

       
8
       
+
       
      allowedIPs = ["10.99.0.2/32"];

     

       
9
       
+
       
    }];

     

       
10
       
+
       
  };

     

       
11
       
+
       
}
     

···

       
2
       
 
       
  pkgs,

     

       
3
       
 
       
  lib,

     

       
4
       
 
       
  inputs,

     

       
5
       
-
       
  config,

     

       
6
       
 
       
  ...

     

       
7
       
 
       
}: {

     

       
8
       
 
       
  nix = {

     
···

       
20
       
 
       
      fallback = true

     

       
21
       
 
       
      extra-experimental-features = nix-command flakes

     

       
22
       
 
       
      builders-use-substitutes = true

     

       
23
       
-
       
      netrc-file = /etc/nix/netrc

     

       
24
       
 
       
    '';

     

       
25
       
 
       
    nixPath = ["nixpkgs=${inputs.nixpkgs}" "home-manager=${inputs.home}"];

     

       
26
       
 
       
  };

     

···

       
2
       
 
       
  pkgs,

     

       
3
       
 
       
  lib,

     

       
4
       
 
       
  inputs,

     

       
0
       
 
       

     

       
5
       
 
       
  ...

     

       
6
       
 
       
}: {

     

       
7
       
 
       
  nix = {

     
···

       
19
       
 
       
      fallback = true

     

       
20
       
 
       
      extra-experimental-features = nix-command flakes

     

       
21
       
 
       
      builders-use-substitutes = true

     

       
0
       
 
       

     

       
22
       
 
       
    '';

     

       
23
       
 
       
    nixPath = ["nixpkgs=${inputs.nixpkgs}" "home-manager=${inputs.home}"];

     

       
24
       
 
       
  };

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
{inputs}: final: prev: {

     

       
2
       
+
       
  agenix = inputs.agenix.packages."${final.system}".agenix;

     

       
3
       
+
       
}

     

···

       
1
       
-
       
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUeDBW4hnHgnT0SjVFeGDztht9owObSmiyWXmmIEGQp2IMPqFpCxkOU61osvfCf4ZT92Ok9iJTohLwFBvHJRD/+CH8/b54sgFAx1lLObkJOMLz4iWZ5y4fNtBYuIA2McQSQoMDpDz6TDym7v7HF7zoUyBmfHMT/9WiX/z6Ft9hY63eh9DcF7WVURzeUvXLApt9wUYUxxdC2KZ/VrDPrIOxCcOgj3le+1zTiD8zwfAGhkzRD3IEx0yCYK6oztrh6WTwA5ZW+cLziH2sVEvSHFa2O398gIvZpzsdYTcQt06d/oyZIvftcpxD8IvjpGgHEsN/mAg0ovexyqAVk+TV/1XySKaoPPVCekap0R50CVD9kEk+GlD78XBYi++aAMIq0/D+NOXkgksfODt3yJPPzQx4KH8gcn0dQJM5zeyTwDfclzMRqCwL1eVHY00EbtG9IcLmMsWk/lM6vpHfyHqHlqNJ3CnUuDBccz9p5ORC1cuj4r9CmXPPmh7OYk7gGiQb4oxuqsYClzp93qmU7qMvGwmxBJaVagNIJgBqb5fsne0OMlcer5CH4L31ozszkSkzCXtFWNoTdgQHU1J3DxxL9WQJCfKku4EPJadYOh80USnauOke5CqfsGtf6uMq4l5Ylcc1QcNhRqxpeTLAIZx0EYDhmQ4eGjAZbiv6ddUp9dAdiQ== openpgp:0xDE3C8FCD

     

···

       
0
       
 
       

     

···

       
3
       
 
       
  default = with pkgs;

     

       
4
       
 
       
    mkShell {

     

       
5
       
 
       
      name = "prts";

     

       
6
       
-
       
      buildInputs = [git git-crypt alejandra helix];

     

       
7
       
 
       
      shellHook = "echo \"$(tput bold)welcome to PRTS, $USER$(tput sgr0)\"";

     

       
8
       
 
       
    };

     

       
9
       
 
       
})

     

···

       
3
       
 
       
  default = with pkgs;

     

       
4
       
 
       
    mkShell {

     

       
5
       
 
       
      name = "prts";

     

       
6
       
+
       
      buildInputs = [git git-crypt alejandra helix agenix];

     

       
7
       
 
       
      shellHook = "echo \"$(tput bold)welcome to PRTS, $USER$(tput sgr0)\"";

     

       
8
       
 
       
    };

     

       
9
       
 
       
})