From a2ec55e8219f8675cda34b94f444ba9ea80216c7 Mon Sep 17 00:00:00 2001 From: Jared Kling Date: Thu, 2 Jan 2025 23:29:54 -0600 Subject: [PATCH] initial commit + sops! --- .sops.yaml | 8 + flake.lock | 314 ++++++++++++++++++++++++++ flake.nix | 51 +++++ home/jared/home.nix | 66 ++++++ hosts/common/nvidia.nix | 21 ++ hosts/tito/configuration.nix | 172 ++++++++++++++ hosts/tito/hardware-configuration.nix | 39 ++++ hosts/xps/configuration.nix | 183 +++++++++++++++ hosts/xps/hardware-configuration.nix | 40 ++++ modules/gnome.nix | 12 + modules/hyprland/hyprland.nix | 54 +++++ modules/nvidia.nix | 17 ++ secrets/secrets.yaml | 24 ++ 13 files changed, 1001 insertions(+) create mode 100644 .sops.yaml create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 home/jared/home.nix create mode 100644 hosts/common/nvidia.nix create mode 100644 hosts/tito/configuration.nix create mode 100644 hosts/tito/hardware-configuration.nix create mode 100644 hosts/xps/configuration.nix create mode 100644 hosts/xps/hardware-configuration.nix create mode 100644 modules/gnome.nix create mode 100644 modules/hyprland/hyprland.nix create mode 100644 modules/nvidia.nix create mode 100644 secrets/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..8af8921 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,8 @@ +keys: + - &xps age18axr5n678k0n0vy763wau57fmtck3q03qgcz3r5kq9nkpkwgye4q5swrgq + +creation_rules: + - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *xps diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..22aafd2 --- /dev/null +++ b/flake.lock @@ -0,0 +1,314 @@ +{ + "nodes": { + "base16": { + "inputs": { + "fromYaml": "fromYaml" + }, + "locked": { + "lastModified": 1708890466, + "narHash": "sha256-LlrC09LoPi8OPYOGPXegD72v+//VapgAqhbOFS3i8sc=", + "owner": "SenchoPens", + "repo": "base16.nix", + "rev": "665b3c6748534eb766c777298721cece9453fdae", + "type": "github" + }, + "original": { + "owner": "SenchoPens", + "repo": "base16.nix", + "type": "github" + } + }, + "base16-fish": { + "flake": false, + "locked": { + "lastModified": 1622559957, + "narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=", + "owner": "tomyun", + "repo": "base16-fish", + "rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe", + "type": "github" + }, + "original": { + "owner": "tomyun", + "repo": "base16-fish", + "type": "github" + } + }, + "base16-foot": { + "flake": false, + "locked": { + "lastModified": 1727574105, + "narHash": "sha256-ByMVgH0rZ1by2YIVJ47gE8/ZHWcG8yqsErQ4tKLbm7Q=", + "owner": "tinted-theming", + "repo": "base16-foot", + "rev": "e558fe47e187093313f19fa6a9eea61940ffbd6b", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "base16-foot", + "type": "github" + } + }, + "base16-helix": { + "flake": false, + "locked": { + "lastModified": 1725860795, + "narHash": "sha256-Z2o8VBPW3I+KKTSfe25kskz0EUj7MpUh8u355Z1nVsU=", + "owner": "tinted-theming", + "repo": "base16-helix", + "rev": "7f795bf75d38e0eea9fed287264067ca187b88a9", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "base16-helix", + "type": "github" + } + }, + "base16-kitty": { + "flake": false, + "locked": { + "lastModified": 1721117198, + "narHash": "sha256-+vEXvEsar7w7wPVRmKx+rJKUTD5DBgLR7jfl0k7VhnE=", + "owner": "kdrag0n", + "repo": "base16-kitty", + "rev": "0898f2677f3a583cc6a89bde29b2b05ac2041e0b", + "type": "github" + }, + "original": { + "owner": "kdrag0n", + "repo": "base16-kitty", + "type": "github" + } + }, + "base16-tmux": { + "flake": false, + "locked": { + "lastModified": 1727571738, + "narHash": "sha256-AOITVZMhqELOzL5Jw54NIX7R8gFbTJqrHEDuPwgGYDQ=", + "owner": "tinted-theming", + "repo": "base16-tmux", + "rev": "44fbe9034653c83a8ae68941aaeeeeb7503cd1ae", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "base16-tmux", + "type": "github" + } + }, + "base16-vim": { + "flake": false, + "locked": { + "lastModified": 1663659192, + "narHash": "sha256-uJvaYYDMXvoo0fhBZUhN8WBXeJ87SRgof6GEK2efFT0=", + "owner": "chriskempson", + "repo": "base16-vim", + "rev": "3be3cd82cd31acfcab9a41bad853d9c68d30478d", + "type": "github" + }, + "original": { + "owner": "chriskempson", + "repo": "base16-vim", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "fromYaml": { + "flake": false, + "locked": { + "lastModified": 1689549921, + "narHash": "sha256-iX0pk/uB019TdBGlaJEWvBCfydT6sRq+eDcGPifVsCM=", + "owner": "SenchoPens", + "repo": "fromYaml", + "rev": "11fbbbfb32e3289d3c631e0134a23854e7865c84", + "type": "github" + }, + "original": { + "owner": "SenchoPens", + "repo": "fromYaml", + "type": "github" + } + }, + "gnome-shell": { + "flake": false, + "locked": { + "lastModified": 1713702291, + "narHash": "sha256-zYP1ehjtcV8fo+c+JFfkAqktZ384Y+y779fzmR9lQAU=", + "owner": "GNOME", + "repo": "gnome-shell", + "rev": "0d0aadf013f78a7f7f1dc984d0d812971864b934", + "type": "github" + }, + "original": { + "owner": "GNOME", + "ref": "46.1", + "repo": "gnome-shell", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1726989464, + "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "stylix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1724435763, + "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1728328465, + "narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1731763621, + "narHash": "sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c69a9bffbecde46b4b939465422ddc59493d3e4d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1725194671, + "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "sops-nix": "sops-nix", + "stylix": "stylix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1735468296, + "narHash": "sha256-ZjUjbvS06jf4fElOF4ve8EHjbpbRVHHypStoY8HGzk8=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "bcb8b65aa596866eb7e5c3e1a6cccbf5d1560b27", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "stylix": { + "inputs": { + "base16": "base16", + "base16-fish": "base16-fish", + "base16-foot": "base16-foot", + "base16-helix": "base16-helix", + "base16-kitty": "base16-kitty", + "base16-tmux": "base16-tmux", + "base16-vim": "base16-vim", + "flake-compat": "flake-compat", + "gnome-shell": "gnome-shell", + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1718122552, + "narHash": "sha256-A+dBkSwp8ssHKV/WyXb9uqIYrHBqHvtSedU24Lq9lqw=", + "owner": "danth", + "repo": "stylix", + "rev": "e59d2c1725b237c362e4a62f5722f5b268d566c7", + "type": "github" + }, + "original": { + "owner": "danth", + "ref": "release-24.05", + "repo": "stylix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..e660d81 --- /dev/null +++ b/flake.nix @@ -0,0 +1,51 @@ +{ + description = "A very basic flake"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-24.05"; + home-manager.url = "github:nix-community/home-manager?ref=release-24.05"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + #hyprland.url = "github:hyprwm/Hyprland"; + #nix-colors.url = "github:misterio77/nix-colors"; + stylix.url = "github:danth/stylix/release-24.05"; + sops-nix.url = "github:Mic92/sops-nix"; + }; + + outputs = { self, nixpkgs, home-manager, stylix, sops-nix, ... } @ inputs: let + inherit (self) outputs; + username = "jared"; + in { + nixosConfigurations = { + # ============ NixOS Configuration ============ # + tito = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = {inherit inputs username stylix;}; + modules = [ + stylix.nixosModules.stylix + sops-nix.nixosModules.sops + ./hosts/tito/configuration.nix + home-manager.nixosModules.home-manager { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.jared = import ./home/jared/home.nix; + } + ]; + }; + xps = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = {inherit inputs username stylix;}; + modules = [ + stylix.nixosModules.stylix + sops-nix.nixosModules.sops + ./hosts/xps/configuration.nix + home-manager.nixosModules.home-manager { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.jared = import ./home/jared/home.nix; + } + ]; + + }; + }; + }; +} diff --git a/home/jared/home.nix b/home/jared/home.nix new file mode 100644 index 0000000..554ad5e --- /dev/null +++ b/home/jared/home.nix @@ -0,0 +1,66 @@ +# This is your home-manager configuration file +# Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix) +{ + inputs, + outputs, + lib, + config, + pkgs, + stylix, + home-manager, + ... +}: { + home = { + username = "jared"; + homeDirectory = "/home/jared"; + packages = with pkgs; [ + cowsay + ]; + }; + +# stylix.enable = true; + + # Add stuff for your user as you see fit: + # programs.neovim.enable = true; + # home.packages = with pkgs; [ steam ]; + + # Enable home-manager and git + programs.home-manager.enable = true; +# programs.git.enable = true; + programs.kitty.enable = true; + programs.firefox.enable = true; + programs.zellij.enable = true; + programs.zellij.settings = { + keybinds."unbind" = "Ctrl o"; + keybinds.session."bind \"Ctrl p\"".SwitchToMode = "Normal"; + keybinds."shared_except \"session\" \"locked\""."bind \"Ctrl 9\"".SwitchToMode = "Session"; + }; + programs.zsh.enable = true; +# programs.spotify-player.enable = true; + + dconf.settings = { + "org/gnome/desktop/wm/keybindings" = { + switch-applications = []; + switch-applications-backward = []; + switch-windows = [ "Tab" ]; + switch-windows-backward = [ "Tab" ]; + }; + }; + programs.direnv = { + enable = true; + enableBashIntegration = true; + nix-direnv.enable = true; + }; + programs.bash.enable = true; + programs.bash.bashrcExtra = '' + if [ -f .bashrc.orig ]; then + . ~/.bashrc.orig + fi + ''; + + # Nicely reload system units when changing configs +# systemd.user.startServices = "sd-switch"; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + home.stateVersion = "24.05"; +} diff --git a/hosts/common/nvidia.nix b/hosts/common/nvidia.nix new file mode 100644 index 0000000..a22f061 --- /dev/null +++ b/hosts/common/nvidia.nix @@ -0,0 +1,21 @@ + +{ config, lib, pkgs, ... }: + +{ + + environment.systemPackages = with pkgs; [ + #nvidia-docker + ]; + + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = true; + powerManagement.finegrained = false; + open = false; + nvidiaSettings = true; + + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; + virtualisation.docker.enableNvidia = true; + services.xserver.videoDrivers = ["nvidia"]; +} diff --git a/hosts/tito/configuration.nix b/hosts/tito/configuration.nix new file mode 100644 index 0000000..e8e66d9 --- /dev/null +++ b/hosts/tito/configuration.nix @@ -0,0 +1,172 @@ +{ + config, + pkgs, + lib, + inputs, + username, + stylix, + ... +}: { + imports = [ + ./hardware-configuration.nix + ../../modules/nvidia.nix + ../../modules/gnome.nix +# Does not play nicely with Nvidia right now +# ../../modules/hyprland/hyprland.nix + inputs.sops-nix.nixosModules.sops + ]; + + sops.defaultSopsFile = ../../secrets/secrets.yaml; + sops.defaultSopsFormat = "yaml"; + sops.age.keyFile = "/home/${username}/.config/sops/age/keys.txt"; + + sops.secrets."protonvpn/norway_config" = {}; + sops.secrets."protonvpn/us_config" = {}; + sops.secrets."protonvpn/auth-user-pass" = {}; + + boot = { + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + + kernelPackages = pkgs.linuxPackages_latest; + kernel.sysctl = { + "vm.swappiness" = 10; + }; + }; + + networking = { + hostName = "tito"; + networkmanager.enable = true; + }; + + services = { + printing.enable = true; + openssh.enable = true; + tailscale.enable = true; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + }; + + programs = { + steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + chromium.enable = true; + nh = { + enable = true; + #clean.enable = true; + #clean.extraArgs = "--keep-since 4d --keep 3"; + flake = "/etc/nixos"; + }; + }; + + hardware.bluetooth.enable = true; + virtualisation.docker.enable = true; + + users.users.${username} = { + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + "audito" + "video" + "input" + "docker" + ]; + }; + + environment.systemPackages = with pkgs; [ + git + neovim + gcc + tailscale + firefox + htop + nerdfonts + kitty + yazi + nodejs + openvpn + audio-recorder + qemu + qemu_kvm + spotify + strawberry + + ]; + + services.flatpak.enable = true; + services.openvpn.servers = { + proton-norway = { + autoStart = false; + config = '' + config ${config.sops.secrets."protonvpn/norway_config".path} + auth-user-pass ${config.sops.secrets."protonvpn/auth-user-pass".path} + ''; + }; + proton-united-states = { + autoStart = false; + config = '' + config ${config.sops.secrets."protonvpn/us_config".path} + auth-user-pass ${config.sops.secrets."protonvpn/auth-user-pass".path} + ''; + }; + }; + +# stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/da-one-ocean.yaml"; + stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/solarflare.yaml"; + #stylix.image = /home/jared/Pictures/venice.jpg; + stylix.image = /home/jared/Pictures/tropea.jpg; + + stylix.targets.gnome.enable = true; + stylix.cursor.package = pkgs.vimix-cursor-theme; + stylix.cursor.name = "Vimix-Cursors"; +# stylix.enable = true; +# stylix.targets.kitty.enable = true; + + system.stateVersion = "23.11"; + # ============= Maybe common ============= # + hardware.opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; + }; + + networking.nameservers = [ + "192.168.1.3" + "9.9.9.9" + "1.1.1.1" + ]; + + time.timeZone = "America/Chicago"; + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + + nixpkgs.config.allowUnfree = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + +} diff --git a/hosts/tito/hardware-configuration.nix b/hosts/tito/hardware-configuration.nix new file mode 100644 index 0000000..0ffe379 --- /dev/null +++ b/hosts/tito/hardware-configuration.nix @@ -0,0 +1,39 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/b030079d-d72f-43a8-a437-4368f4275b66"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/A646-15B0"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp12s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp13s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/xps/configuration.nix b/hosts/xps/configuration.nix new file mode 100644 index 0000000..6365fa8 --- /dev/null +++ b/hosts/xps/configuration.nix @@ -0,0 +1,183 @@ +{ + config, + pkgs, + lib, + inputs, + username, + stylix, + ... +}: { + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ../../modules/gnome.nix + inputs.sops-nix.nixosModules.sops + ]; + + sops.defaultSopsFile = ../../secrets/secrets.yaml; + sops.defaultSopsFormat = "yaml"; + sops.age.keyFile = "/home/${username}/.config/sops/age/keys.txt"; + + sops.secrets."protonvpn/norway_config" = {}; + sops.secrets."protonvpn/us_config" = {}; + sops.secrets."protonvpn/auth-user-pass" = {}; + + boot = { + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + + kernelPackages = pkgs.linuxPackages_latest; + kernel.sysctl = { + "vm.swappiness" = 10; + }; + }; + + networking = { + hostName = "xps"; + networkmanager.enable = true; + }; + + services = { + printing.enable = true; + openssh.enable = true; + tailscale.enable = true; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + }; + + environment.etc."openvpn/update-resolv-conf".source = "${pkgs.update-resolv-conf}/libexec/openvpn/update-resolv-conf"; + services.openvpn.servers = { + proton-norway = { + autoStart = false; + config = '' + config ${config.sops.secrets."protonvpn/norway_config".path} + auth-user-pass ${config.sops.secrets."protonvpn/auth-user-pass".path} + ''; + }; + proton-united-states = { + autoStart = false; + config = '' + config ${config.sops.secrets."protonvpn/us_config".path} + auth-user-pass ${config.sops.secrets."protonvpn/auth-user-pass".path} + ''; + }; + }; + + programs = { + nh = { + enable = true; + flake = "/home/${username}/nix-config"; + }; + }; + + hardware.bluetooth.enable = true; + virtualisation.docker.enable = true; + + users.users.${username} = { + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + "audio" + "video" + "input" + "docker" + ]; + }; + + # Enable the X11 windowing system. + #services.xserver.enable = true; + + # Enable the Pantheon Desktop Environment. + #services.xserver.displayManager.lightdm.enable = true; + #services.xserver.desktopManager.pantheon.enable = true; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "us"; + variant = ""; + }; + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "jared"; + + environment.systemPackages = with pkgs; [ + git + neovim + gcc + tailscale + firefox + htop + nerdfonts + kitty + yazi + nodejs + openvpn + audio-recorder + qemu + qemu_kvm + spotify + strawberry + unzip + libation + nodePackages.prettier + update-resolv-conf + dconf2nix + libation + sops + ]; + environment.variables = { + EDITOR = "nvim"; + }; + + services.flatpak.enable = true; + stylix.enable = true; + stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/solarflare.yaml"; + stylix.image = /home/jared/Pictures/SupermassiveBinaryBlackHoles.png; + stylix.cursor.package = pkgs.vimix-cursor-theme; + stylix.cursor.name = "Vimix-Cursors"; + stylix.targets.gnome.enable = true; + # stylix.targets.kitty.enable = true; + + system.stateVersion = "23.11"; # Did you read the comment? + + networking.nameservers = [ + "192.168.1.3" + "1.1.1.1" + "9.9.9.9" + ]; + + # Set your time zone. + time.timeZone = "America/Chicago"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + #sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + + nixpkgs.config.allowUnfree = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; +} diff --git a/hosts/xps/hardware-configuration.nix b/hosts/xps/hardware-configuration.nix new file mode 100644 index 0000000..1a7edb7 --- /dev/null +++ b/hosts/xps/hardware-configuration.nix @@ -0,0 +1,40 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/77969bfa-44f3-44f2-9c57-69fd161f6a75"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/FFD6-BA11"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/d495d805-4feb-4b25-ab7d-8eeb66efe3a7"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/gnome.nix b/modules/gnome.nix new file mode 100644 index 0000000..bff2ac1 --- /dev/null +++ b/modules/gnome.nix @@ -0,0 +1,12 @@ +{ config, pkgs, stylix, ... }: +{ + # Enable the X11 windowing system. + services.xserver.enable = true; + +# stylix.targets.gnome.enable = true; + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; +} + diff --git a/modules/hyprland/hyprland.nix b/modules/hyprland/hyprland.nix new file mode 100644 index 0000000..9c08bac --- /dev/null +++ b/modules/hyprland/hyprland.nix @@ -0,0 +1,54 @@ +{ config, pkgs, stylix, ... }: +{ + programs.hyprland = { + enable = true; +# nvidiaPatches = true; + xwayland.enable = true; + }; + + services.xserver = { + enable = true; + }; + + services.displayManager.sddm.enable = true; + services.displayManager.sddm.wayland.enable = true; + + environment.sessionVariables = { + # Cursor could be invisible without this + WLR_NO_HARDWARE_CURSORS = "1"; + # Electron, use wayland + NIXOS_OZONE_WL = "1"; + }; + + environment.systemPackages = with pkgs; [ + # bar + (waybar.overrideAttrs (oldAttrs: { + mesonFlags = oldAttrs.mesonFlags ++ [ "-Dexperimental=true" ]; + }) + ) + #Elkowar wacky widges (alternate bar) + #eww + + # notifications + dunst + #mako + + libnotify + + # wallpaper + swww + + # app-launcher + rofi-wayland + ]; + + services.dbus.enable = true; + xdg.portal.enable = true; + xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + + hardware = { + opengl.enable = true; + nvidia.modesetting.enable = true; + }; +} + diff --git a/modules/nvidia.nix b/modules/nvidia.nix new file mode 100644 index 0000000..b12c73f --- /dev/null +++ b/modules/nvidia.nix @@ -0,0 +1,17 @@ + +{ config, lib, pkgs, ... }: + +{ + + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = true; + powerManagement.finegrained = false; + open = false; + nvidiaSettings = true; + + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; + virtualisation.docker.enableNvidia = true; + services.xserver.videoDrivers = ["nvidia"]; +} diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml new file mode 100644 index 0000000..f78bdba --- /dev/null +++ b/secrets/secrets.yaml @@ -0,0 +1,24 @@ +protonvpn: + norway_config: ENC[AES256_GCM,data:KqvjlPR1TVRUUvsE8jOADkNa03F6X5zEh7qp+0r2cb6rsrSelTLbtbvU1B9oSlYD5GBL6aK+6bQe5ZHqodVh9tKfp/74Vh7ua2b3diiaW8/kfP+gk+K28P4Yojum3xzYO/4Bt48Lry/jOSzwnV59Y4NEdt9F6t/YrHnMPS3vIGY+ub8uEn0ZsxKK70BgYTzOfNTtGv9dvv8F7sJin0Be6fzchux35we92c6K5uze5hn0vIsqFMzZ7N4QUlAFKz+bFYQ3dBwbC9ZAFTz2rIZHkmrHfHZJdGYqG/5Xen2IrZ8Hda7U3j7Q9k26XxcmUA6+HD/V2QcSOmNrdGOUT6bISd4TXh653ARBZnYAf/K+ruwtbYvtghI6N0li7zzJ4R6LqQfcPbaTtzjMYUbTEZ/IglzbH2rYvwhhVWfenO71VHzYiRMpQKshtm2x6iggpx9NOUV/U2Gum7UMk7I8lvpLFohnv7t4v2z381a1TrMphsi4yQYfCbVV+nnhuzp0JhOAlla8RaX0Eo5jZ4/VJvAsmLw8+gzs9gDbfUXOS4Nh/LqS8A6GvJwrzGvZk51KEYQST3RKyHU1MlSTgls4dYCecaPdZzcD9BP/H3qpOUaQTR+3TmdBjQ+9qs+vRNu8TyCwcnSlb/ybMpPkiizl4tpUd/fggUop+pKEXGS6ZhOd7h8NrhyCAXI/eULsuAi/Y2LaG5dAKDBbYByTc4f6iDquazrBpCSLsn8ALHZFiadZ/7u1yi4NVhAQatMmkSVgASvzaTlpxNEJukWqaNNKck4I3abghnysyiHmp9Hj5+gk2ckxktFa809+EhHVT9UAGP5YNdp+PNN5J23Insy129WvwQYQ1S1yJdI+5jt4mIFJYd68onRd9jFDsqPxowxbDCrBkFLhd1w48UqKscD3joQ9JJK85Wo29m1fOWM0jqNiT84dvRsVBQRp6VP96Xiy6CTqd6lMG2lRv+gJVshLAYfsU68aC0y5TtSqOqNrkxE9gb4UpBmF5Zz27HXZtC7PHABe1IUR+41j9RoXps5vCl9Jg4lE0DspAGKEEXw055XKo6iSGtHCxaV4dOz7aiQrGMNQT4zrlRD5z4b0ixg/KbWxhRBYPGVW4JzgpstvtSqL5yzGjduvs/9OludKFdvAKirCSI833l5ik1334Tm518IuKiTKZXJzgYJ4KrxA+5qCrUs7lND2fLvAUr10vPuq1XuwvsacW5bu6ut690SYRLsSWsiTQNEQjlvoQhh5XEM5YV+OcP/Aaqls1INra24hkKp4Ai2b5X8R5gZqyKzA2arDPzyN5Hbk4MxWBHnNs/Y60wTn3aHWR6JbtYCZ8IM8dpQalLtStguRmyLrZLbc4aqdC0HmURAxktapT2GhHOuo4M/PZcITT6gNQDoQk71SlDaItVkBx/4Jg3TG7rHc87KcAs2YTd6JcH+/sLsoZgu9DF8JP1Pp0UEU/cNAgv/AOOU75eFAOsc/tMUD2NLDMWNp+v6s6rhyNwaY1QTY9cAXyNL8YZri0Alpjzn68OoSrSC8BD8H/SnvyXNhtX7HleBYFMf4kOsFezFHOYb8iSZOY5LycLuH449vZS+jRbD6sMjErmvHTTL36yl1XGUEIk8VsqWsIOBGFjWTdev8DtNCOXHvwGqUaySnPvgylcCf0Unl+HTefW5cAGhSuH4x2GUehIkji8YJnkDErHSFBWI4LEp1VB197pbhGRE5ZDKXQ0kO0N7aYgcOe5iXMlO0SAAHQDGIl2Lp7SmLJdLZN1E/qyQGPEB03qici2Uu2YLn2L35fshnzne4qdivfNzh2GdK57dBU8QHHrr0op4CVw/xldqvHzljx+6pEs7ULDljYA8fYiBKiS9qSEzZxKfxbgYyS4OURHsJpDkNurQPguBAMr3+zTEEOymvbpScEQNYvmxTkzpliezBpEHcqmiONxJAnRMCn8kgqqsnOy7zjRgrx74dK2bJyM70T7Caj84OTUr+FlfqFiC9kBTjnKWZGa4Vxgve9KvZzVycc6EmlyXErMoeh/JyCtTugjBXlEVTcynuhxwP2T/1PfujPBu3y0tJX9EAI7nWXAqMFQAHICg2o9hh9t/ryQ7wH869pWhxK9iI0Dq3dezFPEl10SDJ/YGrMXtg6TgR2qIVvP0z0lCABbYayPze5CVVyenur7pl3hTRzmrW1ahdBReMTR7KBS3NL6p7yjbYEH+sFhwFwQ5xSUAa265AEhXw/1+iJ6u7xayrl0qtCLsm03B4SmjxZAPY/alYZtmZYTaT7ZNWjHXXF5zUUeI6378bKZpgyAWZYj9iV9OgZusyvHDJYrTbe0qLC+SS/WAqec7xNmGe6m7iVJENF1PmQuljQbBzhLr/ltlonKQcbQJDqYyCTQbyz5Kr59v1H7/xe10cldh/kHrGDlhmH0Tqgbxaj1XaxPas9WKcQFyhNrLRaAulWFfDSgbqapcTn3v+ClgNUaoUFq8ESzsHmQ/+sSaX7+RTspKG6L1piJUu44lTf1zRXGzVYe4gPa3fOZqf58ND64Ti3K780g+sLMG5fghLWO9snyGaxDFSaIZXAOac6uyNnCtFPBCy04GrXoGGeO5njdeN5RLLITdGDcAx2Xcce9ej6bfVJ7/u5DRPagqqEM4qQA0F1GsCG3b3WORomWjU/YRv9/tKY8CsGeCAccDS2bAY4s2PjqD4hjaiGdRRpCt29368C/OdtZ2epdQeVgj84kdq0lThmS42ez7vHlADUD06AzmXd9JELy7SVXWa5o/v6JUb5MJumWe8MJgpumSK5Uo/tanduS7SjBAytEhOzSaXHwNPmsFoHpjM/Tojoc/AmKrkKKecRe+g8P4PnB7kLex25Yn/xpS5yJ15FKOzDZ6rAmt/pbQldhOgYWBfj0Bon90H16vFUpfe6xPLiI7JmKJ+YptumzI3zPBNP1KFS32rUdFa5D6cJYjdCY6LiNXoyo1+vuIy/5zhipLqG6qyaUxlpf1xGnOhGaw2kL9NwVeU1gPTI6yYMl1zsbCl1HCUUAgilOIICfLnJZhWl7LpMqssf8Gq7D7S/j+kumk6SrKt3EdCrg2MNsRgGkxQswRofFUpsPQvS/BVu2V8FFzO1OQZTG/KM3bBatrLLhgy3KyNoEZQGxCef4/rQYl7i4EQvrQsL4Afv59Wqur4jgIf/it1CDE+l2q25fY2PdzV9NUjpNlDBjVCgZbWYsPBwwIHfMWFWEWGjVuTDXpW/hFcEG7FtqxyKOb1l6niJuPuARrCd70r19SFtpfmi/x7HCkN1QanE7Hfvu6ajTNGwlKTjWdM3HEnAhxUGSl9RIaaE3tDb0lenzpjVD8GTZpy/X+eV8DIHUDBaxoJP1kUs9TjsUJetswNyn++N3vlKB8ex+wa7pfUnI9eg32Etzl9cyADI/6GfafInDLu9hKE5bsFUZMLDsIvGJ3ODYwfDxuZnl3WiRm/gNDHH9GES73dYzunDXUYX2N3ymhRXFcVZXfjEAHNYzrTbWxMsjQTOahOM/zivf8AjZS2GMTRdiUMHKs6f1yiJ7YEs/WduSl2sTwENN1edFcqmwiM3cMgGPSgWajo+hln0C6jwPbGf7HPfEKxvAW3/4pyRBViLuI6W2es9kGMezreKkrWNivfQqeiR+dilllpAPY3wnMIEeMMae9+u6dnRz6RtwXtTeXTpHbmcYbauByW8TjLRzqV7K3u3zqQiRN6y/2GPSELrMvFo3I4eMWnOM2Of5J1f8gmiuLqW5yAKZZdG3ERSQd0a0to+uWe/dDnNefA7pqrVgDo7+C+S8OpaSuOCMEGBE81E7DBiCKKx8ftv56Ftg/yHuySIJiotJyDPE7bTQ1peK8sDgU/L9//zal3cfTolg4CFrYRlZ4ZNfa/Z14NGQcCGWLpPDE+mOky0le2yjO6JrLMCjOf70tKtfq/GSpY00sAsB9dl8tzzQlHTluYgiAC8IWFOzPUa8Zop3gxoWy0UhL22RtBYdp/R6ZaUIB+QTSCaw2u3WqsanpMj6c5BvccqoAdEcMoxDBK0lSFkumj2L5SbmVwct+V2Kkxw1q5UuTvRqk/mXWDN2L4zfwJ/u2r4/u0JIi/woa7+JRnR5G3sEqD063caJUNI+oMVT53f2mSrSNCFURdq9vQ7XOt1JRx5lfFBhVfs8JvGTUDVkmyqa1KXU50v5QjYvXaZ/dhKv6lj9U4pE7c9jLYXInKbu/IYXrz25/KDADAT9qQIfOu5INlTV9q3RpJdwJGcz2WfW0/VgrBbTgfnJ6WjGfhkE7rE3ZWFo2yY3BS5za3F+3YgbbowNNes0QazEgkSHi9xmaHi8GJmQbuD2my0QuMR/Wq4Oy7Z1ZLQhYIamdP81fKsGmr9UiazVZ2anDftoAZg/gDGea1ppdsiaGdFkOnb4JI23Pvi/h5dnPv14p4fh4Iaab5Ed+yIabEF2qfRBim4MDImxWlIcRrPAKPPTvk3erQX38SGu3IpgK+k2gIPIyzptMx3gSjF9P7Wrh5EVnGyDObWXuZMTfuLizYI971719YmPlYevC+t/s2SfQSJO29RnlvHyvlxK7J6mmJmdvPen/y9XOFKB0RoXaykD0Aw8xfYId2GxhCpDzrwy/zowPnKgSoIX7EHzs5D9md6d7KEJDy/CbdJ48SwtdT9PnPYaHJX4CeHJwzOWRnNuhnIBRvHka6Jw0vrUkSDnoz+xyYhl5DboxziuFkAO3JHSvFROXcLVGu1TYzgrx56fibR4Xo6i5zLSZUxuICH/glacLKaWh7SI3Hbn4jcu+4iUp5NafQnyCToHqors0xoTFKfWRS+TWimZ0pKzjijBTXUY0nTEZGTVFGmXyTqDbcQt1iQ4xSag42XSUW73o82s8bq4KQ2LxC0aSRH0T86/KL95l+6mU93gkD6P4+7SD3wFP0Drl1TdVTySgyOinbOG80+v5YAN3Rypy6Hm4o5wjdlaOt8FtK+GomC0/BrZ2IiwW9iBMwa520g8AC4DfkCDA6D5dXWvPry21ypGSyWMdLIRRWQB4AYoQXUoneSCsdMf/c8C6jBJwjpcAf6GQmeLiTw72x+s/o7p9CA8sk9f72YXp2FJPvxELuRUscj6Yi/DJyGMbBkqQDtGdImbR4RPwWAk19kb6tnRYTQoVhvQ8+wpEcBWJvXFxJms5UjHusHgSQSpPJPCNG0DFP1ymT8DLDbrpfQZyrs3tU8YodA9dcjLY29W1SrGGLRKfFh6qmVpNZhC+XHv8RpEiAn9FGV/ihJvI4s9LlAiVnnfMnbwo7C8TOLl21OR5DoIKs7BTSD8BcpuUv/nHnNFyTwia/6pqhDLn9m7nbOmqhCy/SHWMapOf2zhm3vqXFPlC3X3nhw7IM1Euu5zoN/91Lqi3u1Bvt4WFEGsIDC5n0uHwTEH1//MfeEP9OQsLW6ldyIzv44jHii96oChMEXxdWw/drs+Cxw0AbJENAtjmbrdUBBMbhtsTXm0Ja3t+g2dvYWDh4tuRx0nzeF5C1Rnhlk3LPkX2j6fnNQKACA/aUkvm49dDw9+xQu+SXrXL1Xm2UGq/d2tkXO8UYFDoXpL9cy1HzFJx7zOiJbhnX434EjGMEuvdQh2Wv24RnqszvncC4bWIW85uvcpfTMd1iCM7IdFNez2ZI7IzXfC9tk51kdKPZWeKvu+3faUZ/r1FUbvBsvF5TbSRSHhR28eZHXuOchTBEB2rmYD5at+pfyM8Ojan6lPJLFfCPi470hDCs7u2SzI+57/3HA/XYoquMD4y0q61zZnPKsLtDtNRXhpg/ZzVgJslzH7QeKT6FuqUyPixU6K6QOSOwv/VLqQjjlSbeGVEfnYwE+ojIbAR0ZtoyQXq4952s7Xx0aieqnBeqsus+lNchkQjOzdDWVO3SD8+5vx8FqpL+E9IxC+xM97Edo0ths2lJKGfAKrn437OHoJ7TJMzQ68/q5fXM3W7mnaV2TLUa+i0NwqsBp6YUrXehnbtK2rw1zsecMwjBdZ35XcubkQtgELMEsdWkdbzo0r3oD+H9DZsGWaRTIrl15LEStHnIasHFjpdjoQg3tqXueLLdNohLdpCSOmuaQ0l4/qvv39G7LDgLe8WUhxVKC3VA8ferzGdT7igf1090BUhT3vond562O4f33CO15Ot+oidH3w/aYcEMpRH3nN2Nmr6+uaKoorhGIh8CflYonuW4dZFTv2jtwXhFTlJ8tG4EI4RDDZcrLn/k9qUCa5JaXzXJFQGpagFhRUs9LQAUDAd/0L3SgiKWokPsVBTp8szInrfNvGOQ2adJTLZeSeDIaPoPKF1nwS91xWDDBQoUilNyoXXbIyduHXGyFpnE2MEeH7uXFHSXLD/AjvlTfntFTl2NWWjkAHL8L7tj4VwcoRurZDFeZpxkUsxqY+2V5DvC+P1ESbEjpCZCWjU4GpiVmG+pi4wos+Fl6C6xpQFo0zLhCqfFyrojxtJfHIvSnxwZ6lBfxqYpjCr+aTflD4tSCJE2rq0SG2lemqDTi8DiCn/fj3Nr636amhzZ+wwnC3XD2Q==,iv:v3/uGtvd1m7p/CDpqT7Ygusb9wF8A3kPqC/oljDBKSM=,tag:Fr6w63m+n0CM+rvV7VpYXg==,type:str] + us_config: ENC[AES256_GCM,data:EOVkZUIcqtSut7gFwSDpv69NE/R8xLZBYf2zfD64O2ovkU6A9pzbpXfq5/UszSFQY+csw19IClSW5GxuJUcRO9CxosytTcGisuBxOgzI82k+XtjMdpw41BhHDu6SPDD05uKK+3PjltOsb2uUK0yXEa4gOo6/PZKLaxoaujeUGzSXXKAy90WsJ2M8bN8gUwGrPuHKsnGbdHOGZlJHSlRjfGJ0I68kURadtFbI3UgvaXWbLkfo0ZymyTc3yppCIob4vfOu2lIJosF7Mm92F5LewYi4ih3k1Z7TDMgTGU3hWhrUtmeb8Zg9jarfigzzSeR8wVKrH5VywfAcM2Vfe1N2E+xwxanl6cyFMYyq/k9Ldnr+46CrhfqG9w1/1JFBJcZTUWBZk6pvn2PuGbmCKl/fhMMbxssY+yeaDh6KfTCiT4xPUhJYE2vrl9LDv6xLGXAxgierOuEpVINatPN1+o9eLsyt+BvJIaK+BGVx+OPXmtDabDXedbJFRgOnhW8Yl85JxJjdfcIUJLZ7E0bgcrxTrsk0uKNgnR946QnCaJt4TjS7vh4zm0rpjaMCky8fD7LxoToUxuV/xQsk1yhp7Q6g9ZwgS/qC8SHbbFcgPzagMDpTv43Q1/g2VYWniiHBFneqazGA3swOTeaIwK+LfTdro1s6GpN5tdYc+FzWlbUHLrHdHzpjJ54zjKmKJXSNf10cTzuhl6XAYdotlO7T+K8ZkscAPeRdcuNz+3DRhQrvlTgEEjPS1At8miml/rIPJLjkfY9ggRQs/FWWNH5XnvzLBMw58S6VdQAkuoy6Uav+1avkaiuCtnUzZlYM+T3+O26bLyJ9DQ//Yr0Wsw+l3OqZHbB6ellFMsu0DvnCr7/wnk39fVEDx2duMorxTUDAJppsyCTNkhjfipwhy43TRy+EtryLXaaPrlOzEK49BQgW+WC2IQypGSHT7EfRFG6cYOdgeHjc8RPGCJ4kijzi/e39hQwuTmN8r5z+pTEGsSxXn69b0wk4bMO5eQLJiOjh4Yb1dlNOp/Ha/kbwF6uJiwL6QuAPljVyYnJllWt9OR1ziFjVMzpCxBQozRv32FqpT6TRsXRaUuoRkDri7HxKfVl5Mw42WPqSgg2aM1YTEBQE5HkoY2ZEJM5vMJy/QtukYyy9DyIOorFcenytDYOilXXf9wiV2PHHPEbGo6StlaPOxRIMqoA2C6xqXuJStBS1BHO3fmKdtVDQtsgxmUO8ISHynKVIPG2rTtfShqZbbkL1/dTiHf/sse8JPHDKDCQdno//nYJwlYrz9tf4ykMSa6q+nCC1bsMie84xbnrN1h7K8YiawqSNNHo2+ocNYOCYQa40JULAKR+DkNGwsQJraUKGqyHgSLh46ExCDUBbH4Eww065CjEDmOTOmhwWJ2qINjGaF+VTGogtg0vsktP0uYVhqjqQA8963xYZU0FJAsTyX+ebs1mMxxnGmEvBJ4r+1oAm9ln9tTxYvqv0isL3rtOIz7fhAlck/XRnP+6isBLgpXUd6V9ZuJfhVYs2RruWTPcviPiShwmptvWeoRwy62bJzbjT0KGj8aO8/9tDZPCTjWuaEP2SJtOGRUwRNI0sXWOpZbGs9rnv+3HEMVfpiMiSUJ5GiQwoVkEqgeReWPvf6wTBk2q1rhXQYarcHr1sPtiqHBuMKI4i2sT3UZBOlPNWtRxnWZ/UPWJ+vo0u6MIMkQ7opzkLY9jJ/YWoWDFKdwkgjdLwTzq9F0StSxqaWDA1+aSlmTWioRTzU3D6Pw0zcOpFvKxXgXSOlJoQ21Leevt8EX5HiWupRZQYTks0kLS0XDEcCngevncGWOPXi2Q3OlabzVcc0YORMeUIS2AlfODkHCvG1/oBlIVTpK93cAyiDxLhQlKXLdw9DfKIPtSRyt1hFc2IQsc7kB90bExTtRJmvxTlbAqK8t4qWb9aV7p1odeQ3c9V2N9TFz+Nsz44yEh4IH9iEtyHwxy/xY6uLCg2hyN2AA98R3PXG6Os9o2QJ3YEliJdfSd9iAU/4ynC+AyMW7LECNSLwvsSw+UQ9ZU2LG/DnlDkSnwDdBhbgAU4CTInvxsIpsfIXfFzz6BNWqfjMUWRSomPyJ/zjnmfJ4gQfZC/tIavQniMVKms7mvVc4tZDqWwVY8W0/IkoeaZbEBq3MzT60kxINgoRMbZWDHiKTYiCV6r0A5yBhkeABleYZPDblsYirLEAMFwPCnrECnprYaUfxct/fOycKzNq608+CnXfqjM/2pYIIncUWbXumJvshAjHTDwxNPhPqkzo1hsZHcijG5pt6XuFeyhYCzI0rCFzZtWXdZM9ByD66cMasbI1AfBk9Cw0b8xrXgg7HnUsS09RnRR2Wnvd6BeVP4IaNHxRUos9vIsDXCJu3b63BY8brphPYDga0rwEQXyK2XlqzA3IFYD3y0l8/R+o/cVJw/TM/emj9uS4QS25cMwyTV8ZkmZGwPAKI4nzAOWsPYU5uQjXvNF8PnhioO0zDBtKRI73BAGD3tUZ7BvLwpfxkVi9q74CdY4+rGqNnbZL2LDUxZcW/ILafGCpTa+C3Th1F2TdW0TG7zyL9g13586ntyQhkYlI0N2PBWBQ9267oUrEiTzfl1eOVYvSd1H/KZ10vEs4UH1OzsDRHJYV0Bw4S/Xo+5Q6gkL+/NUk/Qopjb6jvVU2jeIqRHuBC80MrZhFkgM5BvyJeBhy9mYMQODQ3dASA8REEEICFrYBGQwEoJOuBYEepJUE2gOH5luiDkSWK9XBo5LCt5CSppElS7bmnEXRmkORUB66DKuTGlANLZPMq2BJGOV+vjrKeTKdW4+Crr7zStS067fFiURH73WXdeTw2WwCJSm3b/5mzcRjDm/sOq2XlyNS+MSJNgqKoowE5HNCqcm3cJP31gX+bB9t8x0dfekEynmO/OBnMOToKKOP+D1ga703/VR1L2HiMRMd6Ux1IQySaHhtYv2cpQV15AIDakMJIKShq5f2sDz36OMpJAGA9poVU9DkUjXr8jBfXh3WRbFzbGV0UGYrqVsFXYYg5fCQwCqiN4wZYn6pE6linlTddDiWVpBqEv9bwUtrV6veYUyNnbSKhFQy3hDLCWsolOovwENcgpw427M9YmL7Os5OxSHp3wRRDBFe3BSdmaPXHI4hCH1CjbuSZ4SlAaTK1uMbCiji6U2Mjpnq6VKFYsdm7gzA1Qc1pCaWoG4aBMskiJmpEy4/mcDs6M8VvHw7qZmkFFaPlpqT6OHREFQWl6vNRdmtpzEPnRj+v6YcvCfW9P79IuGJVPIuU2VwkZaq8FXoULu/d1tOM3yy+PPjN3jKIFLw8LRdLzTpIhPfkjhWFOjhywjaKiCkDyhfbEZjE4+HBGL2ju7jnkPTmNxH8RAG/SH+p1G4sdMTVGl9RYDbC43TMb7kt2f1irRiptIhWUwGpaG5r9xMWTOkMaNV8LgkH7tYfhHCef7Q7KQdLiGB1gnprIALOWA3KN45n/kEWWF/oAUP9ZNj5zPgpK4S70bxmUwU4kn2mYN6P2H9P3SWH6/fwJd+RhYjaKgNdx4pd/2GYLa8HKnNaZ43RcA3aL1/UNltBpxO3swxfAejIgI2fOLG6swS8InrtlmeyjponmFiAQLPA8PL37oFpMYV6qk47CKtYBKeeQIrx5tD76j/NbVhZam+4tM8Aqmh1SUarCmmblPnWpyqdedolIe+xKvAYFm3spIKSlozT36vf+gexI7EKkjNXlAq67XE+LQZnNqlSnQNVSwT2IgU1l+nfAL9CR/qymlb0x6R28HztHjNvSEJaIr9GYbuWzmqZGTD3zKstIhrgyqHYm2xpancIulgXax01oEz/I0qPcc5iyq4C8qdQbWTgkKT8kl8ERCZzJQD2zbvEevc3UmFwVGpby7tVUhKEeUEfXE7hOEc7VWdwrgcjoDexROkdo0R9Dhgs4qCuXCxDrv0DTmasnw+CjOsaV5O9wGAlTB5mEpdy1GcVrPTAIxCzKNMlr3ykKgXBI2eCJD2rbz999TJRm/acB+jwLcgXKk79zKVjqfPpXgTGyevdHIaKllYAsO4qyggQ7z/sGkqgNTz6xo70UAYMQemSSyHoDo06bhBf8GZjYeC6DLG3uMnpEmGQRh7xb1dgs1NibuBL/NdOlpnfuFPVi8tuFvRcR8IYYNbnPkzfQvtzW9RisyeaHJ+xtI4zRi94pOpHCKXkJJXBtscZVM8ME3JzHgCSqziLIWfLcb6eziGXPk+tPM1UR2R/96m4aRYgpKbNeEc7Ixh5ZMpQBCdPrIKu0ZlFdNCpfvqwDqIsPUE3CHijw1yf3gSM50t3p4iHD4gJJKfKlzLvzi9+jOs1VqZQ2h6PBEGFzRLTOoS0yk2cm6oy5QNdHoQ4BQCNG3mYqV37Vp5B7ok46fW+8pw+l/UqfXIe2mq1FIPfKV7euu30cR52YArydkt3PeSFkd15rQGicPAPKOsyl6hMb8dZA4jwbFI+BGNAcqFyVr6OI+mhDtOIHSGJIyhzI6PrEYfNTjICXbH0qxoItnL7Q5j8b8ZAsE8BH4Qnqn41dJkJVXiX1vLMtmilYpQcXJ3iOe0EguWdCQIQIodjeLkKi8dwDCYcaql+oDjLTu+VQUW2QHERrwP7gJjs+3Puwhud4sKZhs3jIlzdporRKS/dImhUVPeEg2EuXH9RgZfoldBZVN9T8xiFhprkE8QpaPkDOp2QE89SSZeacg3s9ezwABrTFzUwIHjDD0YLhjraMIaqCzEUwbMxtjFhqNWUYTTSq2dt5RCyqO352/sOQD64kdB9ilEediybCfiEPZCUCAdYicEbGuYD33vWCqgxseAuBHQOMRUNfBl0nw73xxqq8xS7hftBdGRfserHxpQbRCVlSni8GPBs/7KZMrpJ4VniTiIbaYRHoKI4qCmgztVmh37Z9fznpjO5NOfH42EH9jUohNgaPJ/0JOpOsV/BclUHVnhFCh+F396DsEc1jSazOXlU6ur8KQTPE1QslIiac7axsmmIK9yCW7zVv731CUTuRF1lyCZ1ek1VaQNWwjfT3QxxHNTDK8FdW2rT7+LMBGPZfg9ZonGN0Usn14kyBC6fwIkHQjJRfBfUn91066e9wYk/XBcpJhgKXGdWGeqRgQuEYGr7J7hEv+pSztrON+Fu3dxArA3X3d/X9CS/dCbeyJFInDoqKuuZD8Hv0pvz2mm6FYHKrmf03OQoQMHH9jRefmv/ZzhTU/oc2JqsIIuhwG2i1t5NMsk4UcXo/PwkABlZv6q39vBSgArJIs4yhAT5US+oF3jGR8kjxvyVrWJKPPivj3Ng0KxvJjdD20+S8p8i/zvN6bXDwoYfa9EE71Aqqll0lN50KpZkxN2Vyb/REGG6QIwqVbhoenSC3zsK/kKnjvtRpOxk/4oHPCAy14I4j/2MkTYATbs9+4hHxnVX+y2CScyOPLH/f/mf1q30tCeBuGRTv/zeN6YDl5XgZqRjVCdb224eclY+1ExSXTNQumOd+9Cs76PaS0AM5wDGQDHB6dx2RjkOQPqj2EOFCqAhr86yHxz/wnQUn2XH+RrnL86aYQFtOpJ5letlFPbO5ULOJRtNERu88EuICp9PnMzAnYj8ZMtPuHu1PuEOE9jZG/GCwCnAoy1F832G48zsteZ8KY0+JMJLhqWJzUCRoayUCoxoubkAIQJRz67CE2MeYj5oE09HqlxJGCy/zbQq/9obrfqEeLMYFTD/LbSB/sSW2cHWJKgcgGJ+1Bq/AGO4I/0DkJ2hlnyOQC49dvu/vlUXRsaL5fYE8RhB82ozpYn3AfRvTH+7ZAslK7UP8+omwgI6QiswhFce9mnw5WQ+gzoBz+K55rWAOBw5kAko2StQBWYT/FDqjD2qFpewRzabFBtLIjRQs6AXBRabA3pTF4eCDKhO4NhdlUOcXZcfz0S+rbFSsRrJD+53CsXC3q/Ovw9J857DQcOfmn8wE92msbtiHUaC5XVMiiFuq5BFWAMOJ/1jiL4LrechsVNDBAGFkBKPkEOnBA8BfLUYFiYhPhIpWnyRmHzEeu38Cg+ElvCm/xidAZUt5WrXAdMKBDYEEUzRPyLA1RGBtGMX1ZwSh9GWWd2V0/R3HM4IGlD3bVwS/N8rW/a6+m9HokuR2C5ltk2FCKMSwyw6HlpTDeZ3YszAub1iXlKs9q+fTFAdra9il8xWwH1tP2VFmaU48U67wekQexGDgNQM9u/A0yZbZ2nGQW6mDkW82ANS+vH3IhfC9FQwiyxTHkCFXbRekYJSPSo9S0pBBE6mG5TQteJ0rg+KGuAPTQ7d+ZIHR3WAuBIpQtneFkEg==,iv:fmcUNirnR62KW70z/HCLedGo2774O+72lwy4hgYCZN8=,tag:ksIOzGj1m4WhubzddeKgiA==,type:str] + auth-user-pass: ENC[AES256_GCM,data:w1fjGadsiXlwBUcEIz2OVnMnfdOR9I5CcJu1kBoBYsGWBAib1zY9+nLhs9Pf4Iwou2SgRvo=,iv:92hpesCj74WyTKGJ6sNAdbuJrmwmq508HVJHevw1hxY=,tag:wn5NhAIktjJIQ94z6cuyIg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age18axr5n678k0n0vy763wau57fmtck3q03qgcz3r5kq9nkpkwgye4q5swrgq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzdkJuOUNxamZLQU8zRXNh + S3N4OFF2ZlZ4dU1NeHg1YjEyV3NZWU9SOUU4CjhwSHZLSWwyUE96cTJ6SVkvVHFJ + REdrdkQ1d0VpYTFvREJLQXNUMzNKK1EKLS0tIDNGcDJUTUJOYzQ0cUY5Rm5adHVZ + U1IxTXlqN0F1Z1psUkdQNkpERmtEdFUKnm4kcuC16TAmqSZNAtDrqEGCLJfR+3qL + 4YitkQl2F5JBTMvn+9GZuAyp9SnOJaufGPVnJc9Lbhir9jS7aRjKgQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-01-03T05:18:58Z" + mac: ENC[AES256_GCM,data:ORSusXznCxIPNLo30my5D50d1Mh6oQdFGi2sQquO/E0jQ84CPwQIkfeDmzlIGAUsVrAHCXvBHViIqtMG/O2PICiSfDU4GIxwIO99Gaebwn8fbASQPhkfs4JMv7i5UqCCw53iqyE/MZSSQfpWO128yj82vSFKPdPLdf6o4t+0eo0=,iv:AiXNlfp6fjrhsWeqOdZOXmfInLXBlD5WHbMzRvBgKGk=,tag:iAdHLuRzjU/5G6k7pFf9YA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1