From d4b9032cf4a1ade2b5378e48ee24b27568d1299d Mon Sep 17 00:00:00 2001 From: Emmet Date: Fri, 5 Apr 2024 17:15:30 -0500 Subject: [PATCH 1/8] Removed broken hyprland plugins --- flake.nix | 5 ----- user/wm/hyprland/hyprbars.nix | 15 --------------- 2 files changed, 20 deletions(-) delete mode 100644 user/wm/hyprland/hyprbars.nix diff --git a/flake.nix b/flake.nix index 42b01c9..92f99aa 100644 --- a/flake.nix +++ b/flake.nix @@ -239,10 +239,5 @@ url = "github:StevenBlack/hosts"; flake = false; }; - - hyprland-plugins = { - url = "github:hyprwm/hyprland-plugins"; - flake = false; - }; }; } diff --git a/user/wm/hyprland/hyprbars.nix b/user/wm/hyprland/hyprbars.nix deleted file mode 100644 index b6ebe61..0000000 --- a/user/wm/hyprland/hyprbars.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, stdenv, pkgs, hyprland-plugins, ... }: - -stdenv.mkDerivation rec { - pname = "hyprbars"; - version = "unstable"; - src = "${hyprland-plugins}/hyprbars"; - nativeBuildInputs = [ pkgs.hyprland.nativeBuildInputs ]; - buildInputs = [ pkgs.hyprland pkgs.hyprland.buildInputs ]; - meta = { - homepage = "https://gitlab.com/phoneybadger/pokemon-colorscripts"; - description = "CLI utility to print out images of pokemon to terminal"; - license = lib.licenses.mit; - maintainers = []; - }; -} From b7654cd2cd689c708af91e11a1f60d92ef6b2beb Mon Sep 17 00:00:00 2001 From: Emmet Date: Sat, 6 Apr 2024 08:29:05 -0500 Subject: [PATCH 2/8] Forgot to remove hyprland-plugins refs from flake --- flake.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 92f99aa..f8142d5 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ outputs = inputs@{ self, nixpkgs, nixpkgs-stable, emacs-pin-nixpkgs, kdenlive-pin-nixpkgs, home-manager, nix-doom-emacs, nix-straight, stylix, - blocklist-hosts, hyprland-plugins, rust-overlay, org-nursery, org-yaap, + blocklist-hosts, rust-overlay, org-nursery, org-yaap, org-side-tree, org-timeblock, org-krita, phscroll, mini-frame, ... }: let # ---- SYSTEM SETTINGS ---- # @@ -134,7 +134,6 @@ inherit (inputs) mini-frame; #inherit (inputs) nix-flatpak; inherit (inputs) stylix; - inherit (inputs) hyprland-plugins; }; }; }; From 05cfe06e850fc86cb48866cdbc8925cbe437287a Mon Sep 17 00:00:00 2001 From: Emmet Date: Sat, 6 Apr 2024 08:32:15 -0500 Subject: [PATCH 3/8] Removed nix rebuild systemd-run wrappers --- user/shell/sh.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/user/shell/sh.nix b/user/shell/sh.nix index b96d8b2..c12635c 100644 --- a/user/shell/sh.nix +++ b/user/shell/sh.nix @@ -11,8 +11,6 @@ let neofetch = "disfetch"; fetch = "disfetch"; gitfetch = "onefetch"; - nixos-rebuild = "systemd-run --no-ask-password --uid=0 --system --scope -p MemoryLimit=16000M -p CPUQuota=60% nixos-rebuild"; - home-manager = "systemd-run --no-ask-password --uid=1000 --user --scope -p MemoryLimit=16000M -p CPUQuota=60% home-manager"; }; in { From 12b3d12decaf9c7354d0867b77fdcfd07163b14c Mon Sep 17 00:00:00 2001 From: Emmet Date: Sat, 6 Apr 2024 08:32:34 -0500 Subject: [PATCH 4/8] Incorporate config updates from homelab --- profiles/homelab/base.nix | 6 ++++++ system/app/docker.nix | 1 + 2 files changed, 7 insertions(+) diff --git a/profiles/homelab/base.nix b/profiles/homelab/base.nix index a66ac09..c0562a5 100644 --- a/profiles/homelab/base.nix +++ b/profiles/homelab/base.nix @@ -4,6 +4,7 @@ imports = [ ../../system/hardware-configuration.nix ../../system/hardware/time.nix # Network time sync + ../../system/security/firewall.nix ../../system/security/doas.nix ../../system/security/gpg.nix ( import ../../system/app/docker.nix {storageDriver = null; inherit pkgs userSettings lib;} ) @@ -71,10 +72,15 @@ git rclone rdiff-backup + rsnapshot cryptsetup gocryptfs ]; + programs.fuse.userAllowOther = true; + + services.haveged.enable = true; + # I use zsh btw environment.shells = with pkgs; [ zsh ]; users.defaultUserShell = pkgs.zsh; diff --git a/system/app/docker.nix b/system/app/docker.nix index 0923aaa..3e36b88 100644 --- a/system/app/docker.nix +++ b/system/app/docker.nix @@ -19,6 +19,7 @@ assert lib.asserts.assertOneOf "storageDriver" storageDriver [ }; users.users.${userSettings.username}.extraGroups = [ "docker" ]; environment.systemPackages = with pkgs; [ + docker docker-compose lazydocker ]; From 0e5eb73efeae8166865b90284426d9545fba6de9 Mon Sep 17 00:00:00 2001 From: Emmet Date: Sat, 6 Apr 2024 08:34:57 -0500 Subject: [PATCH 5/8] Updated system --- flake.lock | 47 +++++++++++++++-------------------------------- 1 file changed, 15 insertions(+), 32 deletions(-) diff --git a/flake.lock b/flake.lock index 3ff47dd..b76d2ca 100644 --- a/flake.lock +++ b/flake.lock @@ -150,11 +150,11 @@ "blocklist-hosts": { "flake": false, "locked": { - "lastModified": 1712150903, - "narHash": "sha256-mXtiXj+4Sm8nfHYI/cNItG/tOLeP1Rs9LEEgxYxY8rc=", + "lastModified": 1712248646, + "narHash": "sha256-pEiprVaO6CmIJ1qJMQn/y8vHvRQwiQq7CwbhzlneCOA=", "owner": "StevenBlack", "repo": "hosts", - "rev": "4d96abf2bc07773124ebc348a347254ba0601179", + "rev": "a340ebf0b8e9f81476c0ec0b6a9767858aea325c", "type": "github" }, "original": { @@ -481,11 +481,11 @@ ] }, "locked": { - "lastModified": 1712093955, - "narHash": "sha256-94I0sXz6fiVBvUAk2tg6t3UpM5rOImj4JTSTNFbg64s=", + "lastModified": 1712390667, + "narHash": "sha256-ebq+fJZfobqpsAdGDGpxNWSySbQejRwW9cdiil6krCo=", "owner": "nix-community", "repo": "home-manager", - "rev": "80546b220e95a575c66c213af1b09fe255299438", + "rev": "b787726a8413e11b074cde42704b4af32d95545c", "type": "github" }, "original": { @@ -516,22 +516,6 @@ "type": "github" } }, - "hyprland-plugins": { - "flake": false, - "locked": { - "lastModified": 1712142571, - "narHash": "sha256-cwe70xoqlBqTNiZltjMMx3CLahiAnaPBkysUmSCpkdk=", - "owner": "hyprwm", - "repo": "hyprland-plugins", - "rev": "4334510363a8420f17d88505d13405d5126eabf0", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-plugins", - "type": "github" - } - }, "kdenlive-pin-nixpkgs": { "locked": { "lastModified": 1709012981, @@ -628,11 +612,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1712122226, - "narHash": "sha256-pmgwKs8Thu1WETMqCrWUm0CkN1nmCKX3b51+EXsAZyY=", + "lastModified": 1712163089, + "narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "08b9151ed40350725eb40b1fe96b0b86304a654b", + "rev": "fd281bd6b7d3e32ddfa399853946f782553163b5", "type": "github" }, "original": { @@ -643,11 +627,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1711668574, - "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=", + "lastModified": 1712310679, + "narHash": "sha256-XgC/a/giEeNkhme/AV1ToipoZ/IVm1MV2ntiK4Tm+pw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659", + "rev": "72da83d9515b43550436891f538ff41d68eecc7f", "type": "github" }, "original": { @@ -903,7 +887,6 @@ "eaf-browser": "eaf-browser", "emacs-pin-nixpkgs": "emacs-pin-nixpkgs", "home-manager": "home-manager", - "hyprland-plugins": "hyprland-plugins", "kdenlive-pin-nixpkgs": "kdenlive-pin-nixpkgs", "mini-frame": "mini-frame", "nix-doom-emacs": "nix-doom-emacs", @@ -942,11 +925,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1712110341, - "narHash": "sha256-8LU2IM4ctHz043hlzoFUwQS1QIdhiMGEH/oIfPCxoWU=", + "lastModified": 1712369449, + "narHash": "sha256-tbWug3uXPlSm1j0xD80Y3xbP+otT6gLnQo1e/vQat48=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "74deb67494783168f5b6d2071d73177e6bccab65", + "rev": "41b3b080cc3e4b3a48e933b87fc15a05f1870779", "type": "github" }, "original": { From a4883bd3d67411f96a2df98b603ba74688cae14f Mon Sep 17 00:00:00 2001 From: Emmet Date: Sat, 6 Apr 2024 08:48:57 -0500 Subject: [PATCH 6/8] Fixed home-manager version mismatch for servers --- flake.lock | 68 ++++++++++++++++++++++++++++++++++++------------------ flake.nix | 21 +++++++++++++---- 2 files changed, 61 insertions(+), 28 deletions(-) diff --git a/flake.lock b/flake.lock index b76d2ca..537a652 100644 --- a/flake.lock +++ b/flake.lock @@ -475,27 +475,6 @@ } }, "home-manager": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712390667, - "narHash": "sha256-ebq+fJZfobqpsAdGDGpxNWSySbQejRwW9cdiil6krCo=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "b787726a8413e11b074cde42704b4af32d95545c", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "master", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { "inputs": { "nixpkgs": [ "stylix", @@ -516,6 +495,48 @@ "type": "github" } }, + "home-manager-stable": { + "inputs": { + "nixpkgs": [ + "nixpkgs-stable" + ] + }, + "locked": { + "lastModified": 1712386041, + "narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-23.11", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager-unstable": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1712390667, + "narHash": "sha256-ebq+fJZfobqpsAdGDGpxNWSySbQejRwW9cdiil6krCo=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "b787726a8413e11b074cde42704b4af32d95545c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "home-manager", + "type": "github" + } + }, "kdenlive-pin-nixpkgs": { "locked": { "lastModified": 1709012981, @@ -886,7 +907,8 @@ "eaf": "eaf", "eaf-browser": "eaf-browser", "emacs-pin-nixpkgs": "emacs-pin-nixpkgs", - "home-manager": "home-manager", + "home-manager-stable": "home-manager-stable", + "home-manager-unstable": "home-manager-unstable", "kdenlive-pin-nixpkgs": "kdenlive-pin-nixpkgs", "mini-frame": "mini-frame", "nix-doom-emacs": "nix-doom-emacs", @@ -967,7 +989,7 @@ "base16-vim": "base16-vim", "flake-compat": "flake-compat_2", "gnome-shell": "gnome-shell", - "home-manager": "home-manager_2", + "home-manager": "home-manager", "nixpkgs": "nixpkgs_3" }, "locked": { diff --git a/flake.nix b/flake.nix index f8142d5..3386aba 100644 --- a/flake.nix +++ b/flake.nix @@ -1,9 +1,9 @@ { description = "Flake of LibrePhoenix"; - outputs = inputs@{ self, nixpkgs, nixpkgs-stable, emacs-pin-nixpkgs, - kdenlive-pin-nixpkgs, home-manager, nix-doom-emacs, nix-straight, stylix, - blocklist-hosts, rust-overlay, org-nursery, org-yaap, + outputs = inputs@{ self, nixpkgs, nixpkgs-stable, emacs-pin-nixpkgs, kdenlive-pin-nixpkgs, + home-manager-unstable, home-manager-stable, nix-doom-emacs, + nix-straight, stylix, blocklist-hosts, rust-overlay, org-nursery, org-yaap, org-side-tree, org-timeblock, org-krita, phscroll, mini-frame, ... }: let # ---- SYSTEM SETTINGS ---- # @@ -98,6 +98,14 @@ else nixpkgs.lib); + # use home-manager-stable if running a server (homelab or worklab profile) + # otherwise use home-manager-unstable + home-manager = (if ((systemSettings.profile == "homelab") || (systemSettings.profile == "worklab")) + then + home-manager-stable + else + home-manager-unstable); + # Systems that can run tests: supportedSystems = [ "aarch64-linux" "i686-linux" "x86_64-linux" ]; @@ -183,8 +191,11 @@ emacs-pin-nixpkgs.url = "nixpkgs/f72123158996b8d4449de481897d855bc47c7bf6"; kdenlive-pin-nixpkgs.url = "nixpkgs/cfec6d9203a461d9d698d8a60ef003cac6d0da94"; - home-manager.url = "github:nix-community/home-manager/master"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; + home-manager-unstable.url = "github:nix-community/home-manager/master"; + home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs"; + + home-manager-stable.url = "github:nix-community/home-manager/release-23.11"; + home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable"; nix-doom-emacs.url = "github:nix-community/nix-doom-emacs"; nix-doom-emacs.inputs.nixpkgs.follows = "emacs-pin-nixpkgs"; From df76ef046a04c508fd45a718848f764d15305ef9 Mon Sep 17 00:00:00 2001 From: Emmet Date: Sat, 6 Apr 2024 13:43:37 -0500 Subject: [PATCH 7/8] Strangely fixes some qt themes (mainly kdenlive) --- user/style/oomox-current.conf.mustache | 11 +++-------- user/style/stylix.nix | 13 +++---------- 2 files changed, 6 insertions(+), 18 deletions(-) diff --git a/user/style/oomox-current.conf.mustache b/user/style/oomox-current.conf.mustache index 7da9bd0..762bade 100644 --- a/user/style/oomox-current.conf.mustache +++ b/user/style/oomox-current.conf.mustache @@ -1,10 +1,5 @@ # FG BTN_BG bright less brdark less da txt fg br text btn fg txt bg bg shadow sel bg sel fg link visited alt bg default tooltip bg tooltip_fg [ColorScheme] - active_colors=#{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base0F-hex}}, #{{base07-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}}, 181b24, #{{base07-hex}} -disabled_colors=#767081, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #767081, #767081, #767081, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #767081, #{{base00-hex}}, #767081, #{{base00-hex}}, #767081 -inactive_colors=#{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base07-hex}}, #{{base07-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}} - -# FG BTN_BG bright less br dark less da txt fg br text btn fg txt bg bg shadow sel bg sel fg link visite alt bg default tooltip bg tooltip_fg -# active_colors=#{{base07-hex}}, #{{base02-hex}}, #{{base00-hex}}, #cbc7c4, #9f9d9a, #b8b5b2, #{{base07-hex}}, #ff0000, #{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #767472, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}}, 181b24, #{{base07-hex}} -#disabled_colors=#767081, #{{base02-hex}}, #{{base00-hex}}, #cbc7c4, #9f9d9a, #b8b5b2, #767081, #ffec17, #{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #767472, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #767081, #{{base00-hex}}, #767081, #{{base00-hex}}, #767081 -#inactive_colors=#{{base07-hex}}, #{{base02-hex}}, #{{base00-hex}}, #cbc7c4, #9f9d9a, #b8b5b2, #{{base07-hex}}, #ff9040, #{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #767472, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}} + active_colors=#{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base07-hex}}, #{{base07-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}} + disabled_colors=#767081, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #767081, #767081, #767081, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #767081, #{{base00-hex}}, #767081, #{{base00-hex}}, #767081 + inactive_colors=#{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base07-hex}}, #{{base07-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base00-hex}}, #{{base01-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}}, #{{base00-hex}}, #{{base07-hex}} diff --git a/user/style/stylix.nix b/user/style/stylix.nix index ca316d2..1fe5de0 100644 --- a/user/style/stylix.nix +++ b/user/style/stylix.nix @@ -70,6 +70,7 @@ in }; font.size = config.stylix.fonts.sizes.terminal; }; + stylix.targets.kde.enable = true; stylix.targets.kitty.enable = true; stylix.targets.gtk.enable = true; stylix.targets.rofi.enable = if (userSettings.wmType == "x11") then true else false; @@ -119,20 +120,12 @@ in wallpaper = DP-1,''+config.stylix.image+'' ''; home.packages = with pkgs; [ - qt5ct pkgs.libsForQt5.breeze-qt5 + libsForQt5.qt5ct pkgs.libsForQt5.breeze-qt5 libsForQt5.breeze-icons ]; - home.sessionVariables = { - QT_QPA_PLATFORMTHEME="qt5ct"; - }; - programs.zsh.sessionVariables = { - QT_QPA_PLATFORMTHEME="qt5ct"; - }; - programs.bash.sessionVariables = { - QT_QPA_PLATFORMTHEME="qt5ct"; - }; qt = { enable = true; style.package = pkgs.libsForQt5.breeze-qt5; style.name = "breeze-dark"; + platformTheme = "kde"; }; } From 5b80e2c4971c95e03fd3389de3e3c8a87a1c342f Mon Sep 17 00:00:00 2001 From: Emmet Date: Sat, 6 Apr 2024 13:58:01 -0500 Subject: [PATCH 8/8] Testing update system from git repo script --- harden.sh | 3 +++ install.sh | 5 +++-- soften.sh | 27 +++++++++++++++++++++++++++ update.sh | 23 +++++++++++++++++++++++ 4 files changed, 56 insertions(+), 2 deletions(-) create mode 100755 soften.sh create mode 100755 update.sh diff --git a/harden.sh b/harden.sh index 73aa3e9..1eb1da8 100755 --- a/harden.sh +++ b/harden.sh @@ -27,5 +27,8 @@ chown 0:0 flake.lock; chown 0:0 flake.nix chown 0:0 profiles/*/configuration.nix; chown 0:0 harden.sh; +chown 0:0 soften.sh; +chown 0:0 install.sh; +chown 0:0 update.sh; chown 1000:users **/README.org; popd &> /dev/null; diff --git a/install.sh b/install.sh index cfe44f2..f8993a0 100755 --- a/install.sh +++ b/install.sh @@ -28,11 +28,12 @@ if [ -z "$EDITOR" ]; then fi $EDITOR ~/.dotfiles/flake.nix; +# Permissions for files that should be owned by root +sudo ~/.dotfiles/harden.sh ~/.dotfiles; + # Rebuild system sudo nixos-rebuild switch --flake ~/.dotfiles#system; # Install and build home-manager configuration nix run home-manager/master --extra-experimental-features nix-command --extra-experimental-features flakes -- switch --flake ~/.dotfiles#user; -# Permissions for files that should be owned by root -sudo ~/.dotfiles/harden.sh ~/.dotfiles; diff --git a/soften.sh b/soften.sh new file mode 100755 index 0000000..55dbbc5 --- /dev/null +++ b/soften.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +# This will soften the security of these dotfiles, allowing +# the default unpriveleged user with UID/GID of 1000 to edit ALL FILES +# in the dotfiles directory + +# This mainly is just here to be used by some scripts + +# Run this inside of ~/.dotfiles (or whatever directory you installed +# the dotfiles to) + +# Run this as root! + +# BTW, this assumes your user account has a UID/GID of 1000 + +# After running this, YOUR UNPRIVELEGED USER CAN MAKE EDITS TO +# IMPORTANT SYSTEM FILES WHICH MAY COMPROMISE THE SYSTEM AFTER +# RUNNING nixos-rebuild switch! + +if [ "$#" = 1 ]; then + dotfilesDir=$1; +else + dotfilesDir=$(pwd); +fi +pushd $dotfilesDir &> /dev/null; +chown -R 1000:users .; +popd &> /dev/null; diff --git a/update.sh b/update.sh new file mode 100755 index 0000000..8c890b6 --- /dev/null +++ b/update.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +# Automated script to update my non-primary systems +# to be in sync with upstream git repo while +# preserving local edits to dotfiles via git stash + +# Relax permissions temporarily so git can work +sudo ~/.dotfiles/soften.sh ~/.dotfiles; + +# Stash local edits, pull changes, and re-apply local edits +git stash +git pull +git stash apply + +# Permissions for files that should be owned by root +sudo ~/.dotfiles/harden.sh ~/.dotfiles; + +# Rebuild system +sudo nixos-rebuild switch --flake ~/.dotfiles#system; + +# Install and build home-manager configuration +home-manager --extra-experimental-features nix-command --extra-experimental-features flakes -- switch --flake ~/.dotfiles#user; +