From e0d7568a9fccef49b0e89225890611d6f538f071 Mon Sep 17 00:00:00 2001 From: Evie Litherland-Smith Date: Sat, 22 Jun 2024 16:39:30 +0100 Subject: [PATCH 1/2] Remove copy directive from Makefile --- Makefile | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/Makefile b/Makefile index aca3e3c7..3e943506 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,6 @@ -.PHONY: build copy +.PHONY: build HOST := $(shell hostname) build: nix build .#nixosConfigurations.$(HOST).config.system.build.toplevel - -copy: build - nix copy --to ssh://pixelifytica@legion ./result - rm ./result From 08b94c7d62dba4c4a85efbb5ddad6ed0c68b4ebb Mon Sep 17 00:00:00 2001 From: Evie Litherland-Smith Date: Mon, 24 Jun 2024 07:31:02 +0100 Subject: [PATCH 2/2] Add pre-commit hook to run gitleaks Search for accidentally included secrets when committing Remove niri package since I've switched to plasma6 --- .envrc | 1 + .pre-commit-config.yaml | 5 ++ configuration/Northstar.nix | 2 - configuration/Vanguard.nix | 7 +- flake.lock | 135 ------------------------------------ flake.nix | 9 +-- 6 files changed, 9 insertions(+), 150 deletions(-) create mode 100644 .envrc create mode 100644 .pre-commit-config.yaml diff --git a/.envrc b/.envrc new file mode 100644 index 00000000..3550a30f --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..f1f8f73f --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.18.4 + hooks: + - id: gitleaks diff --git a/configuration/Northstar.nix b/configuration/Northstar.nix index 7e3cd81b..77d1b399 100644 --- a/configuration/Northstar.nix +++ b/configuration/Northstar.nix @@ -1,11 +1,9 @@ { config, pkgs, - niri, ... }: { imports = [./laptop.nix]; - environment.systemPackages = [niri]; boot = { initrd.kernelModules = ["amdgpu"]; extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; diff --git a/configuration/Vanguard.nix b/configuration/Vanguard.nix index 88a6e79d..99b2e25f 100644 --- a/configuration/Vanguard.nix +++ b/configuration/Vanguard.nix @@ -1,10 +1,5 @@ -{ - config, - niri, - ... -}: { +{config, ...}: { imports = [./desktop.nix]; - environment.systemPackages = [niri]; boot = { initrd.kernelModules = ["amdgpu"]; extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; diff --git a/flake.lock b/flake.lock index fd33ea65..1f4179a0 100644 --- a/flake.lock +++ b/flake.lock @@ -1,67 +1,5 @@ { "nodes": { - "crane": { - "inputs": { - "nixpkgs": [ - "niri", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709610799, - "narHash": "sha256-5jfLQx0U9hXbi2skYMGodDJkIgffrjIOgMRjZqms2QE=", - "owner": "ipetkov", - "repo": "crane", - "rev": "81c393c776d5379c030607866afef6406ca1be57", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "fenix": { - "inputs": { - "nixpkgs": [ - "niri", - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1709274179, - "narHash": "sha256-O6EC6QELBLHzhdzBOJj0chx8AOcd4nDRECIagfT5Nd0=", - "owner": "nix-community", - "repo": "fenix", - "rev": "4be608f4f81d351aacca01b21ffd91028c23cc22", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "monthly", - "repo": "fenix", - "type": "github" - } - }, - "flake-utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1709126324, - "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "d465f4819400de7c8d874d50b982301f28a84605", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "iosevka-custom": { "inputs": { "nixpkgs": "nixpkgs" @@ -80,46 +18,6 @@ "url": "https://git.xenia.me.uk/pixelifytica/iosevka.git" } }, - "niri": { - "inputs": { - "crane": "crane", - "fenix": "fenix", - "flake-utils": "flake-utils", - "nix-filter": "nix-filter", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1716030039, - "narHash": "sha256-MJh0CR2YHJE0GNnxaTcElNMuZUEI0pe9fvC0mfy4484=", - "owner": "yalter", - "repo": "niri", - "rev": "d96a66ddff1a6b88dbe3e23b049f7075533b216f", - "type": "github" - }, - "original": { - "owner": "yalter", - "ref": "v0.1.6", - "repo": "niri", - "type": "github" - } - }, - "nix-filter": { - "locked": { - "lastModified": 1705332318, - "narHash": "sha256-kcw1yFeJe9N4PjQji9ZeX47jg0p9A0DuU4djKvg1a7I=", - "owner": "numtide", - "repo": "nix-filter", - "rev": "3449dc925982ad46246cfc36469baf66e1b64f17", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "nix-filter", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1717602782, @@ -155,41 +53,8 @@ "root": { "inputs": { "iosevka-custom": "iosevka-custom", - "niri": "niri", "nixpkgs": "nixpkgs_2" } - }, - "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1709219524, - "narHash": "sha256-8HHRXm4kYQLdUohNDUuCC3Rge7fXrtkjBUf0GERxrkM=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "9efa23c4dacee88b93540632eb3d88c5dfebfe17", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index cd227a95..583ea8bb 100644 --- a/flake.nix +++ b/flake.nix @@ -9,20 +9,14 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; iosevka-custom.url = "git+https://git.xenia.me.uk/pixelifytica/iosevka.git"; - niri = { - url = "github:yalter/niri/v0.1.6"; # Follow stable releases - inputs.nixpkgs.follows = "nixpkgs"; - }; }; outputs = { nixpkgs, iosevka-custom, - niri, ... }: let defaultSpecialArgs = {system ? "x86_64-linux", ...}: { - niri = niri.packages.${system}.default; iosevkaCustom = { packages = iosevka-custom.outputs.packages.${system}; names = iosevka-custom.outputs.names; @@ -86,7 +80,8 @@ pkgs = import nixpkgs {system = "x86_64-linux";}; in pkgs.mkShellNoCC { - packages = [pkgs.nil]; + packages = with pkgs; [nil pre-commit]; + shellHook = "pre-commit install --install-hooks"; }; nixosConfigurations = { ## Server