diff --git a/configuration.nix b/configuration.nix index 1724d84..df8ba96 100644 --- a/configuration.nix +++ b/configuration.nix @@ -6,8 +6,7 @@ let myRizin = pkgs.rizin.passthru.withPlugins (plugins: [ plugins.jsdec plugins.rz-ghidra ]); -in -{ +in { imports = [ ./hardware-configuration.nix ./services/virtual.nix @@ -68,6 +67,7 @@ in }; users.groups.libvirtd.members = [ "allen" ]; + users.groups.plugdev.members = [ "allen" ]; programs.firefox.enable = true; programs.wireshark.enable = true; @@ -93,19 +93,15 @@ in libGL openal myRizin + libgit2 inputs.helix.packages."${pkgs.system}".helix ]; nix.settings.experimental-features = [ "nix-command" "flakes" ]; - environment.sessionVariables = { - LD_LIBRARY_PATH = lib.makeLibraryPath [ - pkgs.libglvnd - pkgs.libGL - pkgs.glfw - pkgs.pulseaudio - pkgs.libgit2 - ]; + environment.variables = { + LD_LIBRARY_PATH = lib.makeLibraryPath + (with pkgs; [ libglvnd libGL glfw pulseaudio libgit2 ]); }; environment.variables.EDITOR = "vim"; diff --git a/hardware-configuration.nix b/hardware-configuration.nix index 440a796..ef34fae 100644 --- a/hardware-configuration.nix +++ b/hardware-configuration.nix @@ -9,7 +9,7 @@ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "uas" "sd_mod" ]; boot.initrd.kernelModules = [ ]; - boot.kernelParams = [ "intel_iommu=on" ]; + boot.kernelParams = [ "intel_iommu=on" "modprobe.blacklist=dvb_usb_rtl28xxu" ]; boot.kernelModules = [ "kvm-intel" "vfio_pci" ]; boot.extraModulePackages = [ ]; @@ -50,6 +50,8 @@ swapDevices = [ ]; + services.udev.packages = [ pkgs.rtl-sdr ]; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction diff --git a/home.nix b/home.nix index 7aadb18..008ba34 100644 --- a/home.nix +++ b/home.nix @@ -28,8 +28,17 @@ tools = import ./pkgs/tools.nix { inherit pkgs; }; util = import ./pkgs/util.nix { inherit pkgs; }; games = import ./pkgs/games.nix { inherit pkgs; }; + unstable = import (builtins.fetchTarball { + url = "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz"; + sha256 = "1ijgd8hy1ii0k0s48yhnzw09c7zdjnp1fq8wfj7jgajwmlfwy3xg"; + }) { system = "x86_64-linux"; }; + unstables = import ./pkgs/unstable.nix { + inherit pkgs; + inherit unstable; + }; + in fonts ++ minecraft ++ misc ++ network ++ programming ++ tools ++ util - ++ games; + ++ games ++ unstables; programs.direnv.enable = true; programs.direnv.nix-direnv.enable = true; diff --git a/modules/home/alacritty.nix b/modules/home/alacritty.nix index 5acbcf0..368a08a 100644 --- a/modules/home/alacritty.nix +++ b/modules/home/alacritty.nix @@ -12,6 +12,7 @@ }; scrolling.multiplier = 5; selection.save_to_clipboard = true; + colors = { primary = { background = "#040404"; }; }; }; }; } diff --git a/modules/home/fish.nix b/modules/home/fish.nix index 00a9383..f49926c 100644 --- a/modules/home/fish.nix +++ b/modules/home/fish.nix @@ -1,4 +1,8 @@ { pkgs, ... }: { + home.file.".config/fish/completions/flux.fish".source = + ../../shell/completions/flux.fish; + home.file.".config/fish/kube.fish".source = ../../shell/kube.fish; + programs.fish = { enable = true; shellInit = '' @@ -14,6 +18,10 @@ alias vi="nvim" alias rb="sudo nixos-rebuild switch --flake ~/nixos-config#" alias dry-rb="sudo nixos-rebuild dry-build --flake ~/nixos-config#" + + if test -f $HOME/.config/fish/kube.fish + source $HOME/.config/fish/kube.fish + end ''; plugins = [ # Enable a plugin (here grc for colorized command output) from nixpkgs diff --git a/modules/home/git.nix b/modules/home/git.nix index d73cc14..3e8a45a 100644 --- a/modules/home/git.nix +++ b/modules/home/git.nix @@ -10,6 +10,7 @@ credential.credentialStore = "store"; init.defaultBranch = "main"; core.editor = "nvim"; + push.autoSetupRemote = true; }; }; } diff --git a/pkgs/programming.nix b/pkgs/programming.nix index 4c853c4..374f1a3 100644 --- a/pkgs/programming.nix +++ b/pkgs/programming.nix @@ -10,6 +10,8 @@ with pkgs; [ tokio-console iaito ghidra-bin + protobuf + buf uv unityhub python313Packages.r2pipe diff --git a/pkgs/tools.nix b/pkgs/tools.nix index bc43992..40db0b7 100644 --- a/pkgs/tools.nix +++ b/pkgs/tools.nix @@ -26,6 +26,7 @@ with pkgs; [ win2xcur waypaper swww + sdrpp rofi-wayland hyprshot vesktop diff --git a/pkgs/unstable.nix b/pkgs/unstable.nix new file mode 100644 index 0000000..84b2e60 --- /dev/null +++ b/pkgs/unstable.nix @@ -0,0 +1,6 @@ +# things in the nixos unstable registry + +{ pkgs, unstable, ... }: + +with pkgs; +[ ] diff --git a/pkgs/util.nix b/pkgs/util.nix index d3b861f..a42061b 100644 --- a/pkgs/util.nix +++ b/pkgs/util.nix @@ -9,15 +9,27 @@ with pkgs; [ # archives zip xz + rtl-sdr + hyprpicker zlib unzip p7zip + fd + + # k8s + kubectx + k9s + lens + fluxcd + kubescape # utils xclip openssl ffmpeg + reptyr cloc + protocol piper-tts pavucontrol ripgrep @@ -55,6 +67,5 @@ with pkgs; [ bridge-utils cudaPackages.cudatoolkit - airspy airspyhf ] diff --git a/services/virtual.nix b/services/virtual.nix index ed32e92..028cb01 100644 --- a/services/virtual.nix +++ b/services/virtual.nix @@ -13,11 +13,4 @@ }; programs.virt-manager.enable = true; - - services.k3s = { - enable = true; - clusterInit = true; - extraFlags = - "--cluster-cidr=10.42.0.0/16,2a10:3781:25ac:2::/64 --service-cidr=10.43.0.0/16,2a10:3781:25ac:3::/112 --flannel-iface enp5s0"; - }; } diff --git a/shell/completions/flux.fish b/shell/completions/flux.fish new file mode 100644 index 0000000..8320d27 --- /dev/null +++ b/shell/completions/flux.fish @@ -0,0 +1,235 @@ +# fish completion for flux -*- shell-script -*- + +function __flux_debug + set -l file "$BASH_COMP_DEBUG_FILE" + if test -n "$file" + echo "$argv" >> $file + end +end + +function __flux_perform_completion + __flux_debug "Starting __flux_perform_completion" + + # Extract all args except the last one + set -l args (commandline -opc) + # Extract the last arg and escape it in case it is a space + set -l lastArg (string escape -- (commandline -ct)) + + __flux_debug "args: $args" + __flux_debug "last arg: $lastArg" + + # Disable ActiveHelp which is not supported for fish shell + set -l requestComp "FLUX_ACTIVE_HELP=0 $args[1] __complete $args[2..-1] $lastArg" + + __flux_debug "Calling $requestComp" + set -l results (eval $requestComp 2> /dev/null) + + # Some programs may output extra empty lines after the directive. + # Let's ignore them or else it will break completion. + # Ref: https://github.com/spf13/cobra/issues/1279 + for line in $results[-1..1] + if test (string trim -- $line) = "" + # Found an empty line, remove it + set results $results[1..-2] + else + # Found non-empty line, we have our proper output + break + end + end + + set -l comps $results[1..-2] + set -l directiveLine $results[-1] + + # For Fish, when completing a flag with an = (e.g., -n=) + # completions must be prefixed with the flag + set -l flagPrefix (string match -r -- '-.*=' "$lastArg") + + __flux_debug "Comps: $comps" + __flux_debug "DirectiveLine: $directiveLine" + __flux_debug "flagPrefix: $flagPrefix" + + for comp in $comps + printf "%s%s\n" "$flagPrefix" "$comp" + end + + printf "%s\n" "$directiveLine" +end + +# this function limits calls to __flux_perform_completion, by caching the result behind $__flux_perform_completion_once_result +function __flux_perform_completion_once + __flux_debug "Starting __flux_perform_completion_once" + + if test -n "$__flux_perform_completion_once_result" + __flux_debug "Seems like a valid result already exists, skipping __flux_perform_completion" + return 0 + end + + set --global __flux_perform_completion_once_result (__flux_perform_completion) + if test -z "$__flux_perform_completion_once_result" + __flux_debug "No completions, probably due to a failure" + return 1 + end + + __flux_debug "Performed completions and set __flux_perform_completion_once_result" + return 0 +end + +# this function is used to clear the $__flux_perform_completion_once_result variable after completions are run +function __flux_clear_perform_completion_once_result + __flux_debug "" + __flux_debug "========= clearing previously set __flux_perform_completion_once_result variable ==========" + set --erase __flux_perform_completion_once_result + __flux_debug "Successfully erased the variable __flux_perform_completion_once_result" +end + +function __flux_requires_order_preservation + __flux_debug "" + __flux_debug "========= checking if order preservation is required ==========" + + __flux_perform_completion_once + if test -z "$__flux_perform_completion_once_result" + __flux_debug "Error determining if order preservation is required" + return 1 + end + + set -l directive (string sub --start 2 $__flux_perform_completion_once_result[-1]) + __flux_debug "Directive is: $directive" + + set -l shellCompDirectiveKeepOrder 32 + set -l keeporder (math (math --scale 0 $directive / $shellCompDirectiveKeepOrder) % 2) + __flux_debug "Keeporder is: $keeporder" + + if test $keeporder -ne 0 + __flux_debug "This does require order preservation" + return 0 + end + + __flux_debug "This doesn't require order preservation" + return 1 +end + + +# This function does two things: +# - Obtain the completions and store them in the global __flux_comp_results +# - Return false if file completion should be performed +function __flux_prepare_completions + __flux_debug "" + __flux_debug "========= starting completion logic ==========" + + # Start fresh + set --erase __flux_comp_results + + __flux_perform_completion_once + __flux_debug "Completion results: $__flux_perform_completion_once_result" + + if test -z "$__flux_perform_completion_once_result" + __flux_debug "No completion, probably due to a failure" + # Might as well do file completion, in case it helps + return 1 + end + + set -l directive (string sub --start 2 $__flux_perform_completion_once_result[-1]) + set --global __flux_comp_results $__flux_perform_completion_once_result[1..-2] + + __flux_debug "Completions are: $__flux_comp_results" + __flux_debug "Directive is: $directive" + + set -l shellCompDirectiveError 1 + set -l shellCompDirectiveNoSpace 2 + set -l shellCompDirectiveNoFileComp 4 + set -l shellCompDirectiveFilterFileExt 8 + set -l shellCompDirectiveFilterDirs 16 + + if test -z "$directive" + set directive 0 + end + + set -l compErr (math (math --scale 0 $directive / $shellCompDirectiveError) % 2) + if test $compErr -eq 1 + __flux_debug "Received error directive: aborting." + # Might as well do file completion, in case it helps + return 1 + end + + set -l filefilter (math (math --scale 0 $directive / $shellCompDirectiveFilterFileExt) % 2) + set -l dirfilter (math (math --scale 0 $directive / $shellCompDirectiveFilterDirs) % 2) + if test $filefilter -eq 1; or test $dirfilter -eq 1 + __flux_debug "File extension filtering or directory filtering not supported" + # Do full file completion instead + return 1 + end + + set -l nospace (math (math --scale 0 $directive / $shellCompDirectiveNoSpace) % 2) + set -l nofiles (math (math --scale 0 $directive / $shellCompDirectiveNoFileComp) % 2) + + __flux_debug "nospace: $nospace, nofiles: $nofiles" + + # If we want to prevent a space, or if file completion is NOT disabled, + # we need to count the number of valid completions. + # To do so, we will filter on prefix as the completions we have received + # may not already be filtered so as to allow fish to match on different + # criteria than the prefix. + if test $nospace -ne 0; or test $nofiles -eq 0 + set -l prefix (commandline -t | string escape --style=regex) + __flux_debug "prefix: $prefix" + + set -l completions (string match -r -- "^$prefix.*" $__flux_comp_results) + set --global __flux_comp_results $completions + __flux_debug "Filtered completions are: $__flux_comp_results" + + # Important not to quote the variable for count to work + set -l numComps (count $__flux_comp_results) + __flux_debug "numComps: $numComps" + + if test $numComps -eq 1; and test $nospace -ne 0 + # We must first split on \t to get rid of the descriptions to be + # able to check what the actual completion will be. + # We don't need descriptions anyway since there is only a single + # real completion which the shell will expand immediately. + set -l split (string split --max 1 \t $__flux_comp_results[1]) + + # Fish won't add a space if the completion ends with any + # of the following characters: @=/:., + set -l lastChar (string sub -s -1 -- $split) + if not string match -r -q "[@=/:.,]" -- "$lastChar" + # In other cases, to support the "nospace" directive we trick the shell + # by outputting an extra, longer completion. + __flux_debug "Adding second completion to perform nospace directive" + set --global __flux_comp_results $split[1] $split[1]. + __flux_debug "Completions are now: $__flux_comp_results" + end + end + + if test $numComps -eq 0; and test $nofiles -eq 0 + # To be consistent with bash and zsh, we only trigger file + # completion when there are no other completions + __flux_debug "Requesting file completion" + return 1 + end + end + + return 0 +end + +# Since Fish completions are only loaded once the user triggers them, we trigger them ourselves +# so we can properly delete any completions provided by another script. +# Only do this if the program can be found, or else fish may print some errors; besides, +# the existing completions will only be loaded if the program can be found. +if type -q "flux" + # The space after the program name is essential to trigger completion for the program + # and not completion of the program name itself. + # Also, we use '> /dev/null 2>&1' since '&>' is not supported in older versions of fish. + complete --do-complete "flux " > /dev/null 2>&1 +end + +# Remove any pre-existing completions for the program since we will be handling all of them. +complete -c flux -e + +# this will get called after the two calls below and clear the $__flux_perform_completion_once_result global +complete -c flux -n '__flux_clear_perform_completion_once_result' +# The call to __flux_prepare_completions will setup __flux_comp_results +# which provides the program's completion choices. +# If this doesn't require order preservation, we don't use the -k flag +complete -c flux -n 'not __flux_requires_order_preservation && __flux_prepare_completions' -f -a '$__flux_comp_results' +# otherwise we use the -k flag +complete -k -c flux -n '__flux_requires_order_preservation && __flux_prepare_completions' -f -a '$__flux_comp_results' diff --git a/shell/kube.fish b/shell/kube.fish new file mode 100644 index 0000000..ecfe36f --- /dev/null +++ b/shell/kube.fish @@ -0,0 +1,119 @@ +alias kn="kubens" + +# other +alias k='kubectl' +alias kl='kubectl logs' +alias kexec='kubectl exec -it' +alias kpf='kubectl port-forward' +alias kaci='kubectl auth can-i' +alias kat='kubectl attach' +alias kapir='kubectl api-resources' +alias kapiv='kubectl api-versions' + +# get +alias kg='kubectl get' +alias kgns='kubectl get ns' +alias kgp='kubectl get pods' +alias kgs='kubectl get secrets' +alias kgd='kubectl get deploy' +alias kgrs='kubectl get rs' +alias kgss='kubectl get sts' +alias kgds='kubectl get ds' +alias kgcm='kubectl get configmap' +alias kgcj='kubectl get cronjob' +alias kgj='kubectl get job' +alias kgsvc='kubectl get svc -o wide' +alias kgn='kubectl get no -o wide' +alias kgr='kubectl get roles' +alias kgrb='kubectl get rolebindings' +alias kgcr='kubectl get clusterroles' +alias kgrb='kubectl get clusterrolebindings' +alias kgsa='kubectl get sa' +alias kgnp='kubectl get netpol' + +# edit +alias ke='kubectl edit' +alias kens='kubectl edit ns' +alias kes='kubectl edit secrets' +alias ked='kubectl edit deploy' +alias kers='kubectl edit rs' +alias kess='kubectl edit sts' +alias keds='kubectl edit ds' +alias kesvc='kubectl edit svc' +alias kecm='kubectl edit cm' +alias kecj='kubectl edit cj' +alias ker='kubectl edit roles' +alias kecr='kubectl edit clusterroles' +alias kerb='kubectl edit clusterrolebindings' +alias kesa='kubectl edit sa' +alias kenp='kubectl edit netpol' + +# describe +alias kd='kubectl describe' +alias kdns='kubectl describe ns' +alias kdp='kubectl describe pod' +alias kds='kubectl describe secrets' +alias kdd='kubectl describe deploy' +alias kdrs='kubectl describe rs' +alias kdss='kubectl describe sts' +alias kdds='kubectl describe ds' +alias kdsvc='kubectl describe svc' +alias kdcm='kubectl describe cm' +alias kdcj='kubectl describe cj' +alias kdj='kubectl describe job' +alias kdsa='kubectl describe sa' +alias kdr='kubectl describe roles' +alias kdrb='kubectl describe rolebindings' +alias kdcr='kubectl describe clusterroles' +alias kdcrb='kubectl describe clusterrolebindings' +alias kdnp='kubectl describe netpol' + +# delete +alias kdel='kubectl delete' +alias kdelns='kubectl delete ns' +alias kdels='kubectl delete secrets' +alias kdelp='kubectl delete po' +alias kdeld='kubectl delete deployment' +alias kdelrs='kubectl delete rs' +alias kdelss='kubectl delete sts' +alias kdelds='kubectl delete ds' +alias kdelsvc='kubectl delete svc' +alias kdelcm='kubectl delete cm' +alias kdelcj='kubectl delete cj' +alias kdelj='kubectl delete job' +alias kdelr='kubectl delete roles' +alias kdelrb='kubectl delete rolebindings' +alias kdelcr='kubectl delete clusterroles' +alias kdelrb='kubectl delete clusterrolebindings' +alias kdelsa='kubectl delete sa' +alias kdelnp='kubectl delete netpol' + +# mock +alias kmock='kubectl create mock -o yaml --dry-run=client' +alias kmockns='kubectl create ns mock -o yaml --dry-run=client' +alias kmockcm='kubectl create cm mock -o yaml --dry-run=client' +alias kmocksa='kubectl create sa mock -o yaml --dry-run=client' + +# config +alias kcfg='kubectl config' +alias kcfgv='kubectl config view' +alias kcfgns='kubectl config set-context --current --namespace' +alias kcfgcurrent='kubectl config current-context' +alias kcfggc='kubectl config get-contexts' +alias kcfgsc='kubectl config set-context' +alias kcfguc='kubectl config use-context' +alias kcfgv='kubectl config view' + +# Kubescape related +alias kssbom='kubectl -n kubescape get sbomspdxv2p3s' +alias kssbomf='kubectl -n kubescape get sbomspdxv2p3filtereds' +alias kssboms='kubectl -n kubescape get sbomsummaries' +alias ksvulns='kubectl -n kubescape get vulnerabilitymanifestsummaries' +alias ksvuln='kubectl -n kubescape get vulnerabilitymanifests' + +# Kubescape related with labels +alias kssboml='kubectl -n kubescape get sbomspdxv2p3s --show-labels' +alias kssbomfl='kubectl -n kubescape get sbomspdxv2p3filtereds --show-labels' +alias kssbomsl='kubectl -n kubescape get sbomsummaries --show-labels' +alias ksvulnsl='kubectl -n kubescape get vulnerabilitymanifestsummaries --show-labels' +alias ksvulnl='kubectl -n kubescape get vulnerabilitymanifests --show-labels'