feat: add lazygit alias to lg

configuration.nix

@@ -6,8 +6,7 @@
 let
   myRizin = pkgs.rizin.passthru.withPlugins
     (plugins: [ plugins.jsdec plugins.rz-ghidra ]);
-in
-{
+in {
   imports = [
     ./hardware-configuration.nix
     ./services/virtual.nix
@@ -18,9 +17,33 @@ in
 
   nixpkgs.config.allowUnfree = true;
 
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-  boot.loader.grub.device = "/dev/nvme1n1p1";
+  boot.loader = {
+    systemd-boot.enable = false;
+    efi = {
+      canTouchEfiVariables = true;
+      efiSysMountPoint = "/boot/efi";
+    };
+    grub = {
+      efiSupport = true;
+      device = "nodev";
+      extraConfig = ''
+        GRUB_DEFAULT=saved
+        GRUB_SAFEDEFAULT=false
+      '';
+      useOSProber = true;
+    };
+  };
+
+  security.sudo = {
+    enable = true;
+    extraRules = [{
+      commands = [{
+        command = "${pkgs.grub2}/bin/grub-reboot";
+        options = [ "NOPASSWD" ];
+      }];
+      groups = [ "wheel" ];
+    }];
+  };
 
   networking.hostName = "haskell"; # Define your hostname.
 
@@ -68,6 +91,7 @@ in
   };
 
   users.groups.libvirtd.members = [ "allen" ];
+  users.groups.plugdev.members = [ "allen" ];
 
   programs.firefox.enable = true;
   programs.wireshark.enable = true;
@@ -93,19 +117,15 @@ in
     libGL
     openal
     myRizin
+    libgit2
     inputs.helix.packages."${pkgs.system}".helix
   ];
 
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
 
-  environment.sessionVariables = {
-    LD_LIBRARY_PATH = lib.makeLibraryPath [
-      pkgs.libglvnd
-      pkgs.libGL
-      pkgs.glfw
-      pkgs.pulseaudio
-      pkgs.libgit2
-    ];
+  environment.variables = {
+    LD_LIBRARY_PATH = lib.makeLibraryPath
+      (with pkgs; [ libglvnd libGL glfw pulseaudio libgit2 ]);
   };
 
   environment.variables.EDITOR = "vim";

hardware-configuration.nix

@@ -9,7 +9,8 @@
   boot.initrd.availableKernelModules =
     [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "uas" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelParams = [ "intel_iommu=on" ];
+  boot.kernelParams =
+    [ "intel_iommu=on" "modprobe.blacklist=dvb_usb_rtl28xxu" ];
   boot.kernelModules = [ "kvm-intel" "vfio_pci" ];
   boot.extraModulePackages = [ ];
 
@@ -36,7 +37,7 @@
     options = [ "subvol=nix" ];
   };
 
-  fileSystems."/boot" = {
+  fileSystems."/boot/efi" = {
     device = "/dev/disk/by-uuid/E808-5876";
     fsType = "vfat";
     options = [ "fmask=0022" "dmask=0022" ];
@@ -50,6 +51,8 @@
 
   swapDevices = [ ];
 
+  services.udev.packages = [ pkgs.rtl-sdr ];
+
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
   # still possible to use this option, but it's recommended to use it in conjunction

home.nix

@@ -28,8 +28,17 @@
     tools = import ./pkgs/tools.nix { inherit pkgs; };
     util = import ./pkgs/util.nix { inherit pkgs; };
     games = import ./pkgs/games.nix { inherit pkgs; };
+    unstable = import (builtins.fetchTarball {
+      url = "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz";
+      sha256 = "1ijgd8hy1ii0k0s48yhnzw09c7zdjnp1fq8wfj7jgajwmlfwy3xg";
+    }) { system = "x86_64-linux"; };
+    unstables = import ./pkgs/unstable.nix {
+      inherit pkgs;
+      inherit unstable;
+    };
+
   in fonts ++ minecraft ++ misc ++ network ++ programming ++ tools ++ util
-  ++ games;
+  ++ games ++ unstables;
 
   programs.direnv.enable = true;
   programs.direnv.nix-direnv.enable = true;

modules/home/alacritty.nix

@@ -12,6 +12,7 @@
       };
       scrolling.multiplier = 5;
       selection.save_to_clipboard = true;
+      colors = { primary = { background = "#040404"; }; };
     };
   };
 }

modules/home/fish.nix

@@ -1,4 +1,8 @@
 { pkgs, ... }: {
+  home.file.".config/fish/completions/flux.fish".source =
+    ../../shell/completions/flux.fish;
+  home.file.".config/fish/kube.fish".source = ../../shell/kube.fish;
+
   programs.fish = {
     enable = true;
     shellInit = ''
@@ -11,9 +15,21 @@
       set -gx OPENSSL_LIB_DIR ${pkgs.openssl.out}/lib;
       set -gx OPENSSL_INCLUDE_DIR ${pkgs.openssl.dev}/include;
       set -gx PKG_CONFIG_PATH ${pkgs.openssl.dev}/lib/pkgconfig;
-      alias vi="nvim"
+      alias v="nvim"
+      alias c="clear"
       alias rb="sudo nixos-rebuild switch --flake ~/nixos-config#"
+      alias boot-rb="sudo nixos-rebuild --install-bootloader boot --flake ~/nixos-config#"
       alias dry-rb="sudo nixos-rebuild dry-build --flake ~/nixos-config#"
+
+      alias win="grub-reboot 'Windows Boot Manager (on /dev/sda2)' && reboot"
+
+      alias qwer="reboot"
+      alias zxcv="shutdown now"
+      alias lg="lazygit"
+
+      if test -f $HOME/.config/fish/kube.fish
+        source $HOME/.config/fish/kube.fish
+      end
     '';
     plugins = [
       # Enable a plugin (here grc for colorized command output) from nixpkgs

modules/home/git.nix

@@ -10,6 +10,7 @@
       credential.credentialStore = "store";
       init.defaultBranch = "main";
       core.editor = "nvim";
+      push.autoSetupRemote = true;
     };
   };
 }

pkgs/programming.nix

@@ -9,11 +9,16 @@ with pkgs; [
   lldb
   tokio-console
   iaito
+  clang
+  valgrind
   ghidra-bin
+  protobuf
+  buf
   uv
   unityhub
   python313Packages.r2pipe
   python312Packages.r2pipe
+  gh
   python312Packages.pip
   nodejs
   go
@@ -21,7 +26,6 @@ with pkgs; [
   binwalk
   dotnet-sdk_9
   csharp-ls
-  gcc
   cmake
   gnumake
   graalvmPackages.graalvm-ce

pkgs/tools.nix

@@ -26,6 +26,7 @@ with pkgs; [
   win2xcur
   waypaper
   swww
+  sdrpp
   rofi-wayland
   hyprshot
   vesktop

pkgs/unstable.nix

@@ -0,0 +1,6 @@
+# things in the nixos unstable registry
+
+{ pkgs, unstable, ... }:
+
+with pkgs;
+[ ]

pkgs/util.nix

@@ -9,15 +9,28 @@ with pkgs; [
   # archives
   zip
   xz
+  rtl-sdr
+  hyprpicker
+  grub2
   zlib
   unzip
   p7zip
+  fd
+
+  # k8s
+  kubectx
+  k9s
+  lens
+  fluxcd
+  kubescape
 
   # utils
   xclip
   openssl
   ffmpeg
+  reptyr
   cloc
+  protocol
   piper-tts
   pavucontrol
   ripgrep
@@ -55,6 +68,5 @@ with pkgs; [
   bridge-utils
 
   cudaPackages.cudatoolkit
-  airspy
   airspyhf
 ]

services/virtual.nix

@@ -13,11 +13,4 @@
   };
 
   programs.virt-manager.enable = true;
-
-  services.k3s = {
-    enable = true;
-    clusterInit = true;
-    extraFlags =
-      "--cluster-cidr=10.42.0.0/16,2a10:3781:25ac:2::/64 --service-cidr=10.43.0.0/16,2a10:3781:25ac:3::/112 --flannel-iface enp5s0";
-  };
 }

shell/completions/flux.fish

@@ -0,0 +1,235 @@
+# fish completion for flux                                 -*- shell-script -*-
+
+function __flux_debug
+    set -l file "$BASH_COMP_DEBUG_FILE"
+    if test -n "$file"
+        echo "$argv" >> $file
+    end
+end
+
+function __flux_perform_completion
+    __flux_debug "Starting __flux_perform_completion"
+
+    # Extract all args except the last one
+    set -l args (commandline -opc)
+    # Extract the last arg and escape it in case it is a space
+    set -l lastArg (string escape -- (commandline -ct))
+
+    __flux_debug "args: $args"
+    __flux_debug "last arg: $lastArg"
+
+    # Disable ActiveHelp which is not supported for fish shell
+    set -l requestComp "FLUX_ACTIVE_HELP=0 $args[1] __complete $args[2..-1] $lastArg"
+
+    __flux_debug "Calling $requestComp"
+    set -l results (eval $requestComp 2> /dev/null)
+
+    # Some programs may output extra empty lines after the directive.
+    # Let's ignore them or else it will break completion.
+    # Ref: https://github.com/spf13/cobra/issues/1279
+    for line in $results[-1..1]
+        if test (string trim -- $line) = ""
+            # Found an empty line, remove it
+            set results $results[1..-2]
+        else
+            # Found non-empty line, we have our proper output
+            break
+        end
+    end
+
+    set -l comps $results[1..-2]
+    set -l directiveLine $results[-1]
+
+    # For Fish, when completing a flag with an = (e.g., <program> -n=<TAB>)
+    # completions must be prefixed with the flag
+    set -l flagPrefix (string match -r -- '-.*=' "$lastArg")
+
+    __flux_debug "Comps: $comps"
+    __flux_debug "DirectiveLine: $directiveLine"
+    __flux_debug "flagPrefix: $flagPrefix"
+
+    for comp in $comps
+        printf "%s%s\n" "$flagPrefix" "$comp"
+    end
+
+    printf "%s\n" "$directiveLine"
+end
+
+# this function limits calls to __flux_perform_completion, by caching the result behind $__flux_perform_completion_once_result
+function __flux_perform_completion_once
+    __flux_debug "Starting __flux_perform_completion_once"
+
+    if test -n "$__flux_perform_completion_once_result"
+        __flux_debug "Seems like a valid result already exists, skipping __flux_perform_completion"
+        return 0
+    end
+
+    set --global __flux_perform_completion_once_result (__flux_perform_completion)
+    if test -z "$__flux_perform_completion_once_result"
+        __flux_debug "No completions, probably due to a failure"
+        return 1
+    end
+
+    __flux_debug "Performed completions and set __flux_perform_completion_once_result"
+    return 0
+end
+
+# this function is used to clear the $__flux_perform_completion_once_result variable after completions are run
+function __flux_clear_perform_completion_once_result
+    __flux_debug ""
+    __flux_debug "========= clearing previously set __flux_perform_completion_once_result variable =========="
+    set --erase __flux_perform_completion_once_result
+    __flux_debug "Successfully erased the variable __flux_perform_completion_once_result"
+end
+
+function __flux_requires_order_preservation
+    __flux_debug ""
+    __flux_debug "========= checking if order preservation is required =========="
+
+    __flux_perform_completion_once
+    if test -z "$__flux_perform_completion_once_result"
+        __flux_debug "Error determining if order preservation is required"
+        return 1
+    end
+
+    set -l directive (string sub --start 2 $__flux_perform_completion_once_result[-1])
+    __flux_debug "Directive is: $directive"
+
+    set -l shellCompDirectiveKeepOrder 32
+    set -l keeporder (math (math --scale 0 $directive / $shellCompDirectiveKeepOrder) % 2)
+    __flux_debug "Keeporder is: $keeporder"
+
+    if test $keeporder -ne 0
+        __flux_debug "This does require order preservation"
+        return 0
+    end
+
+    __flux_debug "This doesn't require order preservation"
+    return 1
+end
+
+
+# This function does two things:
+# - Obtain the completions and store them in the global __flux_comp_results
+# - Return false if file completion should be performed
+function __flux_prepare_completions
+    __flux_debug ""
+    __flux_debug "========= starting completion logic =========="
+
+    # Start fresh
+    set --erase __flux_comp_results
+
+    __flux_perform_completion_once
+    __flux_debug "Completion results: $__flux_perform_completion_once_result"
+
+    if test -z "$__flux_perform_completion_once_result"
+        __flux_debug "No completion, probably due to a failure"
+        # Might as well do file completion, in case it helps
+        return 1
+    end
+
+    set -l directive (string sub --start 2 $__flux_perform_completion_once_result[-1])
+    set --global __flux_comp_results $__flux_perform_completion_once_result[1..-2]
+
+    __flux_debug "Completions are: $__flux_comp_results"
+    __flux_debug "Directive is: $directive"
+
+    set -l shellCompDirectiveError 1
+    set -l shellCompDirectiveNoSpace 2
+    set -l shellCompDirectiveNoFileComp 4
+    set -l shellCompDirectiveFilterFileExt 8
+    set -l shellCompDirectiveFilterDirs 16
+
+    if test -z "$directive"
+        set directive 0
+    end
+
+    set -l compErr (math (math --scale 0 $directive / $shellCompDirectiveError) % 2)
+    if test $compErr -eq 1
+        __flux_debug "Received error directive: aborting."
+        # Might as well do file completion, in case it helps
+        return 1
+    end
+
+    set -l filefilter (math (math --scale 0 $directive / $shellCompDirectiveFilterFileExt) % 2)
+    set -l dirfilter (math (math --scale 0 $directive / $shellCompDirectiveFilterDirs) % 2)
+    if test $filefilter -eq 1; or test $dirfilter -eq 1
+        __flux_debug "File extension filtering or directory filtering not supported"
+        # Do full file completion instead
+        return 1
+    end
+
+    set -l nospace (math (math --scale 0 $directive / $shellCompDirectiveNoSpace) % 2)
+    set -l nofiles (math (math --scale 0 $directive / $shellCompDirectiveNoFileComp) % 2)
+
+    __flux_debug "nospace: $nospace, nofiles: $nofiles"
+
+    # If we want to prevent a space, or if file completion is NOT disabled,
+    # we need to count the number of valid completions.
+    # To do so, we will filter on prefix as the completions we have received
+    # may not already be filtered so as to allow fish to match on different
+    # criteria than the prefix.
+    if test $nospace -ne 0; or test $nofiles -eq 0
+        set -l prefix (commandline -t | string escape --style=regex)
+        __flux_debug "prefix: $prefix"
+
+        set -l completions (string match -r -- "^$prefix.*" $__flux_comp_results)
+        set --global __flux_comp_results $completions
+        __flux_debug "Filtered completions are: $__flux_comp_results"
+
+        # Important not to quote the variable for count to work
+        set -l numComps (count $__flux_comp_results)
+        __flux_debug "numComps: $numComps"
+
+        if test $numComps -eq 1; and test $nospace -ne 0
+            # We must first split on \t to get rid of the descriptions to be
+            # able to check what the actual completion will be.
+            # We don't need descriptions anyway since there is only a single
+            # real completion which the shell will expand immediately.
+            set -l split (string split --max 1 \t $__flux_comp_results[1])
+
+            # Fish won't add a space if the completion ends with any
+            # of the following characters: @=/:.,
+            set -l lastChar (string sub -s -1 -- $split)
+            if not string match -r -q "[@=/:.,]" -- "$lastChar"
+                # In other cases, to support the "nospace" directive we trick the shell
+                # by outputting an extra, longer completion.
+                __flux_debug "Adding second completion to perform nospace directive"
+                set --global __flux_comp_results $split[1] $split[1].
+                __flux_debug "Completions are now: $__flux_comp_results"
+            end
+        end
+
+        if test $numComps -eq 0; and test $nofiles -eq 0
+            # To be consistent with bash and zsh, we only trigger file
+            # completion when there are no other completions
+            __flux_debug "Requesting file completion"
+            return 1
+        end
+    end
+
+    return 0
+end
+
+# Since Fish completions are only loaded once the user triggers them, we trigger them ourselves
+# so we can properly delete any completions provided by another script.
+# Only do this if the program can be found, or else fish may print some errors; besides,
+# the existing completions will only be loaded if the program can be found.
+if type -q "flux"
+    # The space after the program name is essential to trigger completion for the program
+    # and not completion of the program name itself.
+    # Also, we use '> /dev/null 2>&1' since '&>' is not supported in older versions of fish.
+    complete --do-complete "flux " > /dev/null 2>&1
+end
+
+# Remove any pre-existing completions for the program since we will be handling all of them.
+complete -c flux -e
+
+# this will get called after the two calls below and clear the $__flux_perform_completion_once_result global
+complete -c flux -n '__flux_clear_perform_completion_once_result'
+# The call to __flux_prepare_completions will setup __flux_comp_results
+# which provides the program's completion choices.
+# If this doesn't require order preservation, we don't use the -k flag
+complete -c flux -n 'not __flux_requires_order_preservation && __flux_prepare_completions' -f -a '$__flux_comp_results'
+# otherwise we use the -k flag
+complete -k -c flux -n '__flux_requires_order_preservation && __flux_prepare_completions' -f -a '$__flux_comp_results'

shell/kube.fish

@@ -0,0 +1,119 @@
+alias kn="kubens"
+
+# other
+alias k='kubectl'
+alias kl='kubectl logs'
+alias kexec='kubectl exec -it'
+alias kpf='kubectl port-forward'
+alias kaci='kubectl auth can-i'
+alias kat='kubectl attach'
+alias kapir='kubectl api-resources'
+alias kapiv='kubectl api-versions'
+
+# get
+alias kg='kubectl get'
+alias kgns='kubectl get ns'
+alias kgp='kubectl get pods'
+alias kgs='kubectl get secrets'
+alias kgd='kubectl get deploy'
+alias kgrs='kubectl get rs'
+alias kgss='kubectl get sts'
+alias kgds='kubectl get ds'
+alias kgcm='kubectl get configmap'
+alias kgcj='kubectl get cronjob'
+alias kgj='kubectl get job'
+alias kgsvc='kubectl get svc -o wide'
+alias kgn='kubectl get no -o wide'
+alias kgr='kubectl get roles'
+alias kgrb='kubectl get rolebindings'
+alias kgcr='kubectl get clusterroles'
+alias kgrb='kubectl get clusterrolebindings'
+alias kgsa='kubectl get sa'
+alias kgnp='kubectl get netpol'
+
+# edit
+alias ke='kubectl edit'
+alias kens='kubectl edit ns'
+alias kes='kubectl edit secrets'
+alias ked='kubectl edit deploy'
+alias kers='kubectl edit rs'
+alias kess='kubectl edit sts'
+alias keds='kubectl edit ds'
+alias kesvc='kubectl edit svc'
+alias kecm='kubectl edit cm'
+alias kecj='kubectl edit cj'
+alias ker='kubectl edit roles'
+alias kecr='kubectl edit clusterroles'
+alias kerb='kubectl edit clusterrolebindings'
+alias kesa='kubectl edit sa'
+alias kenp='kubectl edit netpol'
+
+# describe
+alias kd='kubectl describe'
+alias kdns='kubectl describe ns'
+alias kdp='kubectl describe pod'
+alias kds='kubectl describe secrets'
+alias kdd='kubectl describe deploy'
+alias kdrs='kubectl describe rs'
+alias kdss='kubectl describe sts'
+alias kdds='kubectl describe ds'
+alias kdsvc='kubectl describe svc'
+alias kdcm='kubectl describe cm'
+alias kdcj='kubectl describe cj'
+alias kdj='kubectl describe job'
+alias kdsa='kubectl describe sa'
+alias kdr='kubectl describe roles'
+alias kdrb='kubectl describe rolebindings'
+alias kdcr='kubectl describe clusterroles'
+alias kdcrb='kubectl describe clusterrolebindings'
+alias kdnp='kubectl describe netpol'
+
+# delete
+alias kdel='kubectl delete'
+alias kdelns='kubectl delete ns'
+alias kdels='kubectl delete secrets'
+alias kdelp='kubectl delete po'
+alias kdeld='kubectl delete deployment'
+alias kdelrs='kubectl delete rs'
+alias kdelss='kubectl delete sts'
+alias kdelds='kubectl delete ds'
+alias kdelsvc='kubectl delete svc'
+alias kdelcm='kubectl delete cm'
+alias kdelcj='kubectl delete cj'
+alias kdelj='kubectl delete job'
+alias kdelr='kubectl delete roles'
+alias kdelrb='kubectl delete rolebindings'
+alias kdelcr='kubectl delete clusterroles'
+alias kdelrb='kubectl delete clusterrolebindings'
+alias kdelsa='kubectl delete sa'
+alias kdelnp='kubectl delete netpol'
+
+# mock
+alias kmock='kubectl create mock -o yaml --dry-run=client'
+alias kmockns='kubectl create ns mock -o yaml --dry-run=client'
+alias kmockcm='kubectl create cm mock -o yaml --dry-run=client'
+alias kmocksa='kubectl create sa mock -o yaml --dry-run=client'
+
+# config
+alias kcfg='kubectl config'
+alias kcfgv='kubectl config view'
+alias kcfgns='kubectl config set-context --current --namespace'
+alias kcfgcurrent='kubectl config current-context'
+alias kcfggc='kubectl config get-contexts'
+alias kcfgsc='kubectl config set-context'
+alias kcfguc='kubectl config use-context'
+alias kcfgv='kubectl config view'
+
+# Kubescape related
+alias kssbom='kubectl -n kubescape get sbomspdxv2p3s'
+alias kssbomf='kubectl -n kubescape get sbomspdxv2p3filtereds'
+alias kssboms='kubectl -n kubescape get sbomsummaries'
+alias ksvulns='kubectl -n kubescape get vulnerabilitymanifestsummaries'
+alias ksvuln='kubectl -n kubescape get vulnerabilitymanifests'
+
+# Kubescape related with labels
+alias kssboml='kubectl -n kubescape get sbomspdxv2p3s --show-labels'
+alias kssbomfl='kubectl -n kubescape get sbomspdxv2p3filtereds --show-labels'
+alias kssbomsl='kubectl -n kubescape get sbomsummaries --show-labels'
+alias ksvulnsl='kubectl -n kubescape get vulnerabilitymanifestsummaries --show-labels'
+alias ksvulnl='kubectl -n kubescape get vulnerabilitymanifests --show-labels'