From 65daa5589dbe2a1c7cfcc5e3ddd64d0fda5523a6 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Sat, 2 Aug 2025 23:18:02 -0500 Subject: [PATCH 1/9] add DNS secret for Darwin systems --- secrets.nix | 1 + secrets/darwin-policies-json.age | 14 ++++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 secrets/darwin-policies-json.age diff --git a/secrets.nix b/secrets.nix index 16d37c3..15c9717 100644 --- a/secrets.nix +++ b/secrets.nix @@ -19,4 +19,5 @@ in { ++ [ bosephus-host ]; "secrets/pihole.age".publicKeys = system-administrators ++ [ bosephus-host ]; "secrets/ansible-vault-password.age".publicKeys = system-administrators; + "secrets/darwin-policies-json.age".publicKeys = system-administrators; } diff --git a/secrets/darwin-policies-json.age b/secrets/darwin-policies-json.age new file mode 100644 index 0000000..4cde4f3 --- /dev/null +++ b/secrets/darwin-policies-json.age @@ -0,0 +1,14 @@ +age-encryption.org/v1 +-> ssh-ed25519 bN6E9A pP/KN1DuadjXdcmn88HMfbPx3fJtfVPsk6thr0nkdCM +81yMhheSMDQAl0c40l99kE8LgpGFFaO0oM/i04sfYe8 +-> ssh-ed25519 1g/xww /Kp3JUItkd3sWvOD6Te6OqynKnHCE3N4EKC6IVBZzRc +CNWaNgLMNXpLzx9jNZR5sToouRCJxNDife+dTMhw/mc +-> ssh-ed25519 +kBihw qRIX7qPG2+/gsfvEJBp1tAS71fAXeQ42RBk7EjaWdUM +gjlHOUzMZuWZKLLdn/vTDjhDzKul7J0tzvCFwE/eRWE +-> ssh-ed25519 dbKeHw BIkHWULlDEbu+/6pKVhbQccfgGQZy05V5ZrsmOxuilI +G/B1TLuaIi4dnlyp1bo0wCjyBJcfOvv2ecuWLo7Cgl0 +--- t4O2Yxqi3K+siT5JhDW55lHPw2uQ05Y6rcDOPzXbAIY +bd 0Sa^O>&42/xZ/(㿔3K +l|p-W,[0"'B~A.E˝Gt +]q':(ѝ =WW8$E(! \ No newline at end of file From 8cfd5d59e3ccc6fa16269b87490cd14ac29acdb6 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Fri, 8 Aug 2025 22:45:32 -0500 Subject: [PATCH 2/9] Move sqlite browser to Homebrew for Darwin --- homes/desktop.nix | 1 - homes/linux-desktop.nix | 2 +- systems/darwin/corianne.nix | 1 + 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/homes/desktop.nix b/homes/desktop.nix index 7c0fe48..0e376ce 100644 --- a/homes/desktop.nix +++ b/homes/desktop.nix @@ -25,7 +25,6 @@ quarto roboto-slab shellcheck - sqlitebrowser tex-fmt woodpecker-cli (texlive.combine { inherit (texlive) scheme-basic latex-bin latexmk; }) diff --git a/homes/linux-desktop.nix b/homes/linux-desktop.nix index 3e19754..6d78716 100644 --- a/homes/linux-desktop.nix +++ b/homes/linux-desktop.nix @@ -6,7 +6,7 @@ in { imports = [ ./../programs/plasma.nix ]; home = { - packages = with pkgs; [ kwalletcli custom-pkgs.sc4pac ]; + packages = with pkgs; [ kwalletcli sqlitebrowser custom-pkgs.sc4pac ]; sessionVariables = { ZED_WINDOW_DECORATIONS = "server"; }; }; services = { diff --git a/systems/darwin/corianne.nix b/systems/darwin/corianne.nix index 18263d8..e664c2f 100644 --- a/systems/darwin/corianne.nix +++ b/systems/darwin/corianne.nix @@ -85,6 +85,7 @@ "alt-tab" "anki" "anythingllm" + "db-browser-for-sqlite" "firefox" "freetube" "inkscape" From 701387cb751b17826ba545e3ff401a5901693bcc Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Fri, 8 Aug 2025 23:42:19 -0500 Subject: [PATCH 3/9] Install mpv on corianne --- systems/darwin/corianne.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/systems/darwin/corianne.nix b/systems/darwin/corianne.nix index e664c2f..fd5a2af 100644 --- a/systems/darwin/corianne.nix +++ b/systems/darwin/corianne.nix @@ -79,6 +79,7 @@ "docker-buildx" "docker-credential-helper" "firefoxpwa" + "mpv" "r" ]; casks = [ From 93ca3df9d59271bc513d708fdd36a07f747c5554 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Sun, 10 Aug 2025 03:55:09 -0500 Subject: [PATCH 4/9] add Kagi to Firefox search --- programs/firefox.nix | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/programs/firefox.nix b/programs/firefox.nix index 9512b83..cd29552 100644 --- a/programs/firefox.nix +++ b/programs/firefox.nix @@ -75,7 +75,7 @@ }) ]; search = { - default = "Milliron X Search"; + default = "Kagi"; privateDefault = "Milliron X Search"; force = true; engines = { @@ -108,6 +108,41 @@ updateInterval = 7 * 24 * 60 * 60 * 1000; definedAliases = [ "@pxt" ]; }; + "Kagi" = { + urls = [ + { + rels = [ "results" ]; + type = "text/html"; + method = "GET"; + template = "https://kagi.com/search?q={searchTerms}"; + } + { + rels = [ "suggestions" ]; + type = "application/x-suggestions+json"; + method = "GET"; + template = + "https://kagisuggest.com/api/autosuggest?q={searchTerms}"; + } + ]; + icon = "https://kagi.com/favicon.ico"; + updateInterval = 24 * 60 * 60 * 1000; # every day + definedAliases = [ "@kg" ]; + }; + # Based on which bangs I use, I should also add (in no particular order): + # - Dockerhub + # - WineHQ + # - nixpkgs + # - YouTube + # - IMDB + # - Flathub + # - USPS/UPS/DHL/FedEx + # - PubMed + # - Cabi Abstracts? + # - Conda + # - Marginalia + # - AlternativeTo + # - Wikipedia + # - Google Scholar }; }; settings = { From b6eaa2213dda1fe57cbe9a6dbbd675ed6fa51f16 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Sun, 10 Aug 2025 04:03:34 -0500 Subject: [PATCH 5/9] remove cspell extension from Zed --- programs/zed.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/programs/zed.nix b/programs/zed.nix index 8917582..c547430 100644 --- a/programs/zed.nix +++ b/programs/zed.nix @@ -4,7 +4,6 @@ extensions = [ "basher" "clojure" - "cspell" "dockerfile" "earthfile" "git-firefly" @@ -27,7 +26,6 @@ auto_install_extensions = { basher = true; clojure = true; - cspell = true; dockerfile = true; earthfile = true; git-firefly = true; From 3af910aa81720742bcb543060c1e220f1f1575a6 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Sun, 10 Aug 2025 04:03:57 -0500 Subject: [PATCH 6/9] Require cmd+enter to sumbit prompts in Zed --- programs/zed.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/programs/zed.nix b/programs/zed.nix index c547430..1937ba4 100644 --- a/programs/zed.nix +++ b/programs/zed.nix @@ -18,6 +18,7 @@ ]; userSettings = { agent = { + use_modifier_to_send = true; default_model = { provider = "copilot_chat"; model = "gpt-4.1"; From 9e641f6253ae39564edb6935e5b5a32b9a0f5157 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Sun, 10 Aug 2025 04:21:38 -0500 Subject: [PATCH 7/9] Remove redundant extension setting for Zed --- programs/zed.nix | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/programs/zed.nix b/programs/zed.nix index 1937ba4..d71d9f5 100644 --- a/programs/zed.nix +++ b/programs/zed.nix @@ -24,21 +24,6 @@ model = "gpt-4.1"; }; }; - auto_install_extensions = { - basher = true; - clojure = true; - dockerfile = true; - earthfile = true; - git-firefly = true; - html = true; - julia = true; - latex = true; - macos-classic = true; - nix = true; - r = true; - toml = true; - xml = true; - }; buffer_font_family = "FiraCode Nerd Font"; buffer_font_size = 11; features = { edit_prediction_provider = "zed"; }; From 09faf471359d83413280a4aa477141c5878ce964 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Sun, 10 Aug 2025 05:53:42 -0500 Subject: [PATCH 8/9] Speed up JuliaFormatter by specifying no startup file and shared project --- homes/common.nix | 3 +++ programs/zed.nix | 2 ++ 2 files changed, 5 insertions(+) diff --git a/homes/common.nix b/homes/common.nix index f3897fb..f387f4b 100644 --- a/homes/common.nix +++ b/homes/common.nix @@ -94,6 +94,9 @@ in { installRunic = lib.hm.dag.entryAfter [ "writeBoundary" ] '' run ${pkgs.julia-bin}/bin/julia --project=@runic --startup-file=no -e 'using Pkg; Pkg.add(name="Runic", version="${runic_version}")' ''; + installJuliaFormatter = lib.hm.dag.entryAfter [ "writeBoundary" ] '' + run ${pkgs.julia-bin}/bin/julia --project=@JuliaFormatter --startup-file=no -e 'using Pkg; Pkg.add(name="JuliaFormatter", version="2.1.6")' + ''; }; }; programs = { diff --git a/programs/zed.nix b/programs/zed.nix index d71d9f5..64f5d3f 100644 --- a/programs/zed.nix +++ b/programs/zed.nix @@ -33,6 +33,8 @@ external = { command = "julia"; arguments = [ + "--project=@JuliaFormatter" + "--startup-file=no" "-e" "using JuliaFormatter; print(format_text(String(read(stdin))));" ]; From 45d305995421af1b6cde777226661f1e09688e21 Mon Sep 17 00:00:00 2001 From: "Thomas A. Christensen II" <25492070+MillironX@users.noreply.github.com> Date: Sun, 10 Aug 2025 21:08:52 -0500 Subject: [PATCH 9/9] Add unquarantine step to Darwin config --- systems/darwin/corianne.nix | 40 +++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/systems/darwin/corianne.nix b/systems/darwin/corianne.nix index fd5a2af..a07cc97 100644 --- a/systems/darwin/corianne.nix +++ b/systems/darwin/corianne.nix @@ -33,6 +33,46 @@ system.keyboard.enableKeyMapping = true; system.primaryUser = "millironx"; + # nix-darwin doesn't provide a nice injection point for running activation + # scripts like home-manager does. In other words, we can't add an arbitrary + # number of activation scripts with well-defined entry points into the system + # activation process. Instead, we can rely on these three obscure and + # discouraged activation points to bootstrap stuff: + # https://github.com/nix-darwin/nix-darwin/blob/e04a388232d9a6ba56967ce5b53a8a6f713cdfcf/modules/system/activation-scripts.nix#L152-L156 + # In this case, we are using the postActivation section (since it runs after + # homebrew) to unquarantine any casks that might have updated and are now + # in quarantine again. + system.activationScripts.postActivation.text = '' + echo unquarantining Homebrew casks... + PATH="/opt/homebrew/bin:${ + pkgs.lib.makeBinPath [ pkgs.jq pkgs.gnugrep ] + }:/usr/bin:$PATH" \ + sudo \ + --preserve-env=PATH \ + --user=${config.system.primaryUser} \ + --set-home \ + brew info \ + --casks \ + --installed \ + --json=v2 \ + | jq \ + --raw-output0 \ + '.casks[] + | select(.artifacts[] | type == "object" and has("app")) + | "\(.artifacts[]?.app | first // empty)"' \ + | xargs \ + --null \ + -I{} \ + sh -c 'xattr "$0" | \ + grep \ + --quiet \ + com.apple.quarantine \ + && echo "$0" \ + && xattr -vrd com.apple.quarantine "$0" \ + || true' \ + /Applications/{} + ''; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; nixpkgs.hostPlatform = "aarch64-darwin";