diff --git a/.envrc b/.envrc
new file mode 100644
index 0000000..3550a30
--- /dev/null
+++ b/.envrc
@@ -0,0 +1 @@
+use flake
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ef840a1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,9 @@
+result
+
+.idea/
+
+__pycache__/
+
+*.tar.gz
+
+.direnv/
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..8109d3f
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,59 @@
+{
+ "nodes": {
+ "flake-utils": {
+ "inputs": {
+ "systems": "systems"
+ },
+ "locked": {
+ "lastModified": 1689068808,
+ "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "type": "github"
+ }
+ },
+ "nixpkgs": {
+ "locked": {
+ "lastModified": 1688392541,
+ "narHash": "sha256-lHrKvEkCPTUO+7tPfjIcb7Trk6k31rz18vkyqmkeJfY=",
+ "owner": "nixos",
+ "repo": "nixpkgs",
+ "rev": "ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b",
+ "type": "github"
+ },
+ "original": {
+ "id": "nixpkgs",
+ "type": "indirect"
+ }
+ },
+ "root": {
+ "inputs": {
+ "flake-utils": "flake-utils",
+ "nixpkgs": "nixpkgs"
+ }
+ },
+ "systems": {
+ "locked": {
+ "lastModified": 1681028828,
+ "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+ "owner": "nix-systems",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-systems",
+ "repo": "default",
+ "type": "github"
+ }
+ }
+ },
+ "root": "root",
+ "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..4d65db5
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,849 @@
+{
+ description = "Este é o entrypoint público do Imobanco para desenvolvedores, sim um 'nix flake' :)";
+
+ inputs = {
+ flake-utils.url = "github:numtide/flake-utils";
+ };
+
+ outputs =
+ { self
+ , nixpkgs
+ , flake-utils
+ }:
+ flake-utils.lib.eachDefaultSystem (system:
+ let
+ name = "imobanco-entrypoint";
+
+ pkgsAllowUnfree = import nixpkgs {
+ # inherit system;
+ system = "x86_64-linux";
+ config = { allowUnfree = true; };
+ };
+
+ in
+ rec {
+
+ templates = import ./templates;
+
+ nixosConfigurations.nixosBuildVMX86_64LinuxPodman =
+ let
+ pkgs = import nixpkgs {
+ system = "x86_64-linux";
+ config = { allowUnfree = true; };
+ };
+ in
+ nixpkgs.lib.nixosSystem {
+ system = "x86_64-linux";
+ # system = "aarch64-linux";
+ modules =
+ let
+ nixuserKeys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly";
+ in
+ [
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/build-vm.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-vm.nix"
+ # "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-guest.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/installer/cd-dvd/channel.nix"
+
+ ({
+ # https://gist.github.com/andir/88458b13c26a04752854608aacb15c8f#file-configuration-nix-L11-L12
+ boot.loader.grub.extraConfig = "serial --unit=0 --speed=115200 \n terminal_output serial console; terminal_input serial console";
+ boot.kernelParams = [
+ "console=tty0"
+ "console=ttyS0,115200n8"
+ # Set sensible kernel parameters
+ # https://nixos.wiki/wiki/Bootloader
+ # https://git.redbrick.dcu.ie/m1cr0man/nix-configs-rb/commit/ddb4d96dacc52357e5eaec5870d9733a1ea63a5a?lang=pt-PT
+ "boot.shell_on_fail"
+ "panic=30"
+ "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+ # TODO: test it
+ "intel_iommu=on"
+ "iommu=pt"
+
+ # https://discuss.linuxcontainers.org/t/podman-wont-run-containers-in-lxd-cgroup-controller-pids-unavailable/13049/2
+ # https://github.com/NixOS/nixpkgs/issues/73800#issuecomment-729206223
+ # https://github.com/canonical/microk8s/issues/1691#issuecomment-977543458
+ # https://github.com/grahamc/nixos-config/blob/35388280d3b06ada5882d37c5b4f6d3baa43da69/devices/petunia/configuration.nix#L36
+ # cgroup_no_v1=all
+ "swapaccount=0"
+ "systemd.unified_cgroup_hierarchy=0"
+ "group_enable=memory"
+ ];
+
+ boot.tmpOnTmpfs = false;
+ # https://github.com/AtilaSaraiva/nix-dotfiles/blob/main/lib/modules/configHost/default.nix#L271-L273
+ boot.tmpOnTmpfsSize = "100%";
+
+ # https://nixos.wiki/wiki/NixOS:nixos-rebuild_build-vm
+ users.extraGroups.nixgroup.gid = 999;
+
+ users.users.nixuser = {
+ isSystemUser = true;
+ password = "1";
+ createHome = true;
+ home = "/home/nixuser";
+ homeMode = "0700";
+ description = "The VM tester user";
+ group = "nixgroup";
+ extraGroups = [
+ "podman"
+ "kvm"
+ "libvirtd"
+ "wheel"
+ ];
+ packages = with pkgs; [
+ direnv
+ git
+ xorg.xclock
+ file
+ btop
+ # pkgsCross.aarch64-multiplatform-musl.pkgsStatic.hello
+
+ # firefox
+ # vscode
+ # (python3.buildEnv.override
+ # {
+ # extraLibs = with python3Packages; [ scikitimage opencv2 numpy ];
+ # }
+ # )
+ ];
+ shell = pkgs.bashInteractive;
+ uid = 1234;
+ autoSubUidGidRange = true;
+
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly"
+ ];
+ };
+
+ systemd.services.adds-change-workdir = {
+ script = "echo cd /tmp/shared >> /home/nixuser/.profile";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ systemd.services.creates-if-not-exist = {
+ script = "echo touch /home/nixuser/.Xauthority >> /home/nixuser/.profile";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ # https://unix.stackexchange.com/questions/619671/declaring-a-sym-link-in-a-users-home-directory#comment1159159_619703
+ systemd.services.populate-history = {
+ script = "echo \"ls -al /nix/store\" >> /home/nixuser/.bash_history";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ virtualisation = {
+ # following configuration is added only when building VM with build-vm
+ memorySize = 3*1024; # Use MiB memory.
+
+ # nixos-disk-image> ERROR: cptofs failed. diskSize might be too small for closure.
+ diskSize = 19*1024; # Use MiB memory.
+ cores = 7; # Simulate/Emulates number of cores.
+ #
+ podman.enable = true;
+
+ #
+ useNixStoreImage = true;
+ writableStore = true; # TODO
+
+ # https://github.com/nix-community/nixos-generators/blob/10079333313ff62446e6f2b0e7c5231c7431d269/formats/vm-nogui.nix#L17C1-L18
+ # graphics = false;
+ # qemu.options = [ "-serial mon:stdio -display none -monitor none" ];
+ qemu.options = [ "-display none -monitor none -daemonize" ];
+ };
+ security.polkit.enable = true;
+
+ # https://nixos.wiki/wiki/Libvirt
+ boot.extraModprobeConfig = "options kvm_intel nested=1";
+ boot.kernelModules = [
+ "kvm-intel"
+ "vfio-pci"
+ ];
+
+ # hardware.opengl.enable = true;
+ # hardware.opengl.driSupport = true;
+
+ nixpkgs.config.allowUnfree = true;
+ nix = {
+ package = pkgs.nix;
+ # package = pkgsCross.aarch64-multiplatform-musl.pkgsStatic.nix;
+ extraOptions = "experimental-features = nix-command flakes";
+ readOnlyStore = true;
+ };
+
+ # boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+
+ # Enable the X11 windowing system.
+ services.xserver = {
+ enable = true;
+ displayManager.gdm.enable = true;
+ displayManager.startx.enable = true;
+ logFile = "/var/log/X.0.log";
+ desktopManager.xterm.enable = true;
+ # displayManager.gdm.autoLogin.enable = true;
+ # displayManager.gdm.autoLogin.user = "nixuser";
+ };
+ services.spice-vdagentd.enable = true;
+
+ # https://github.com/NixOS/nixpkgs/issues/21332#issuecomment-268730694
+ services.openssh = {
+ allowSFTP = true;
+ kbdInteractiveAuthentication = false;
+ enable = true;
+ forwardX11 = true;
+ passwordAuthentication = false;
+ permitRootLogin = "yes";
+ ports = [ 10022 ];
+ authorizedKeysFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+
+ # https://stackoverflow.com/a/71247061
+ # https://nixos.wiki/wiki/Firewall
+ networking.firewall = {
+ enable = true;
+ allowedTCPPorts = [ 22 80 443 10022 8000 ];
+ };
+
+ programs.ssh.forwardX11 = true;
+ services.qemuGuest.enable = true;
+
+ services.sshd.enable = true;
+
+ programs.dconf.enable = true;
+
+ time.timeZone = "America/Recife";
+ system.stateVersion = "22.11";
+
+ users.users.root = {
+ password = "root";
+ initialPassword = "root";
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+ })
+ ];
+ };
+
+
+ nixosConfigurations.nixosBuildVMAarch64LinuxPodman =
+ let
+ pkgs = import nixpkgs {
+ system = "aarch64-linux";
+ config = { allowUnfree = true; };
+ };
+ in
+ nixpkgs.lib.nixosSystem {
+ system = "aarch64-linux";
+ # system = "aarch64-linux";
+ modules =
+ let
+ nixuserKeys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly";
+ in
+ [
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/build-vm.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-vm.nix"
+ # "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-guest.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/installer/cd-dvd/channel.nix"
+
+ ({
+ # https://gist.github.com/andir/88458b13c26a04752854608aacb15c8f#file-configuration-nix-L11-L12
+ boot.loader.grub.extraConfig = "serial --unit=0 --speed=115200 \n terminal_output serial console; terminal_input serial console";
+ boot.kernelParams = [
+ "console=tty0"
+ "console=ttyS0,115200n8"
+ # Set sensible kernel parameters
+ # https://nixos.wiki/wiki/Bootloader
+ # https://git.redbrick.dcu.ie/m1cr0man/nix-configs-rb/commit/ddb4d96dacc52357e5eaec5870d9733a1ea63a5a?lang=pt-PT
+ "boot.shell_on_fail"
+ "panic=30"
+ "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+ # TODO: test it
+ "intel_iommu=on"
+ "iommu=pt"
+
+ # https://discuss.linuxcontainers.org/t/podman-wont-run-containers-in-lxd-cgroup-controller-pids-unavailable/13049/2
+ # https://github.com/NixOS/nixpkgs/issues/73800#issuecomment-729206223
+ # https://github.com/canonical/microk8s/issues/1691#issuecomment-977543458
+ # https://github.com/grahamc/nixos-config/blob/35388280d3b06ada5882d37c5b4f6d3baa43da69/devices/petunia/configuration.nix#L36
+ # cgroup_no_v1=all
+ "swapaccount=0"
+ "systemd.unified_cgroup_hierarchy=0"
+ "group_enable=memory"
+ ];
+
+ boot.tmpOnTmpfs = false;
+ # https://github.com/AtilaSaraiva/nix-dotfiles/blob/main/lib/modules/configHost/default.nix#L271-L273
+ boot.tmpOnTmpfsSize = "100%";
+
+ # https://nixos.wiki/wiki/NixOS:nixos-rebuild_build-vm
+ users.extraGroups.nixgroup.gid = 999;
+
+ users.users.nixuser = {
+ isSystemUser = true;
+ password = "1";
+ createHome = true;
+ home = "/home/nixuser";
+ homeMode = "0700";
+ description = "The VM tester user";
+ group = "nixgroup";
+ extraGroups = [
+ "podman"
+ "kvm"
+ "libvirtd"
+ "wheel"
+ ];
+ packages = with pkgs; [
+ direnv
+ gitFull
+ xorg.xclock
+ file
+ btop
+ # pkgsCross.aarch64-multiplatform-musl.pkgsStatic.hello
+
+ # firefox
+ # vscode
+ # (python3.buildEnv.override
+ # {
+ # extraLibs = with python3Packages; [ scikitimage opencv2 numpy ];
+ # }
+ # )
+ ];
+ shell = pkgs.bashInteractive;
+ uid = 1234;
+ autoSubUidGidRange = true;
+
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly"
+ ];
+ };
+
+ systemd.services.adds-change-workdir = {
+ script = "echo cd /tmp/shared >> /home/nixuser/.profile";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ systemd.services.creates-if-not-exist = {
+ script = "echo touch /home/nixuser/.Xauthority >> /home/nixuser/.profile";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ # https://unix.stackexchange.com/questions/619671/declaring-a-sym-link-in-a-users-home-directory#comment1159159_619703
+ systemd.services.populate-history = {
+ script = "echo \"ls -al /nix/store\" >> /home/nixuser/.bash_history";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ virtualisation = {
+ # following configuration is added only when building VM with build-vm
+ memorySize = 3*1024; # Use MiB memory.
+
+ # nixos-disk-image> ERROR: cptofs failed. diskSize might be too small for closure.
+ diskSize = 15*1024; # Use MiB memory.
+ cores = 7; # Simulate/Emulates number of cores.
+ #
+ podman.enable = true;
+
+ #
+ useNixStoreImage = true;
+ writableStore = true; # TODO
+
+ # https://github.com/nix-community/nixos-generators/blob/10079333313ff62446e6f2b0e7c5231c7431d269/formats/vm-nogui.nix#L17C1-L18
+ # graphics = false;
+ # qemu.options = [ "-serial mon:stdio -display none -monitor none" ];
+ qemu.options = [ "-display none -monitor none -daemonize" ];
+ };
+ security.polkit.enable = true;
+
+ # https://nixos.wiki/wiki/Libvirt
+ boot.extraModprobeConfig = "options kvm_intel nested=1";
+ boot.kernelModules = [
+ "kvm-intel"
+ "vfio-pci"
+ ];
+
+ # hardware.opengl.enable = true;
+ # hardware.opengl.driSupport = true;
+
+ nixpkgs.config.allowUnfree = true;
+ nix = {
+ package = pkgs.nix;
+ # package = pkgsCross.aarch64-multiplatform-musl.pkgsStatic.nix;
+ extraOptions = "experimental-features = nix-command flakes";
+ readOnlyStore = true;
+ };
+
+ boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+
+ # Enable the X11 windowing system.
+ services.xserver = {
+ enable = true;
+ displayManager.gdm.enable = true;
+ displayManager.startx.enable = true;
+ logFile = "/var/log/X.0.log";
+ desktopManager.xterm.enable = true;
+ # displayManager.gdm.autoLogin.enable = true;
+ # displayManager.gdm.autoLogin.user = "nixuser";
+ };
+ services.spice-vdagentd.enable = true;
+
+ # https://github.com/NixOS/nixpkgs/issues/21332#issuecomment-268730694
+ services.openssh = {
+ allowSFTP = true;
+ kbdInteractiveAuthentication = false;
+ enable = true;
+ forwardX11 = true;
+ passwordAuthentication = false;
+ permitRootLogin = "yes";
+ ports = [ 10022 ];
+ authorizedKeysFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+
+ # https://stackoverflow.com/a/71247061
+ # https://nixos.wiki/wiki/Firewall
+ networking.firewall = {
+ enable = true;
+ allowedTCPPorts = [ 22 80 443 10022 8000 ];
+ };
+
+ programs.ssh.forwardX11 = true;
+ services.qemuGuest.enable = true;
+
+ services.sshd.enable = true;
+
+ programs.dconf.enable = true;
+
+ time.timeZone = "America/Recife";
+ system.stateVersion = "22.11";
+
+ users.users.root = {
+ password = "root";
+ initialPassword = "root";
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+ })
+ ];
+ };
+
+ nixosConfigurations.nixosBuildVMX86_64LinuxDocker =
+ let
+ pkgs = import nixpkgs {
+ system = "x86_64-linux";
+ config = { allowUnfree = true; };
+ };
+ in
+ nixpkgs.lib.nixosSystem {
+ system = "x86_64-linux";
+ # system = "aarch64-linux";
+ modules =
+ let
+ nixuserKeys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly";
+ in
+ [
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/build-vm.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-vm.nix"
+ # "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-guest.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/installer/cd-dvd/channel.nix"
+
+ ({
+ # https://gist.github.com/andir/88458b13c26a04752854608aacb15c8f#file-configuration-nix-L11-L12
+ boot.loader.grub.extraConfig = "serial --unit=0 --speed=115200 \n terminal_output serial console; terminal_input serial console";
+ boot.kernelParams = [
+ "console=tty0"
+ "console=ttyS0,115200n8"
+ # Set sensible kernel parameters
+ # https://nixos.wiki/wiki/Bootloader
+ # https://git.redbrick.dcu.ie/m1cr0man/nix-configs-rb/commit/ddb4d96dacc52357e5eaec5870d9733a1ea63a5a?lang=pt-PT
+ "boot.shell_on_fail"
+ "panic=30"
+ "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+ # TODO: test it
+ "intel_iommu=on"
+ "iommu=pt"
+
+ # https://discuss.linuxcontainers.org/t/podman-wont-run-containers-in-lxd-cgroup-controller-pids-unavailable/13049/2
+ # https://github.com/NixOS/nixpkgs/issues/73800#issuecomment-729206223
+ # https://github.com/canonical/microk8s/issues/1691#issuecomment-977543458
+ # https://github.com/grahamc/nixos-config/blob/35388280d3b06ada5882d37c5b4f6d3baa43da69/devices/petunia/configuration.nix#L36
+ # cgroup_no_v1=all
+ "swapaccount=0"
+ "systemd.unified_cgroup_hierarchy=0"
+ "group_enable=memory"
+ ];
+
+ boot.tmpOnTmpfs = false;
+ # https://github.com/AtilaSaraiva/nix-dotfiles/blob/main/lib/modules/configHost/default.nix#L271-L273
+ boot.tmpOnTmpfsSize = "100%";
+
+ # https://nixos.wiki/wiki/NixOS:nixos-rebuild_build-vm
+ users.extraGroups.nixgroup.gid = 999;
+
+ users.users.nixuser = {
+ isSystemUser = true;
+ password = "1";
+ createHome = true;
+ home = "/home/nixuser";
+ homeMode = "0700";
+ description = "The VM tester user";
+ group = "nixgroup";
+ extraGroups = [
+ "docker"
+ "kvm"
+ "libvirtd"
+ "wheel"
+ ];
+ packages = with pkgs; [
+ direnv
+ gitFull
+ xorg.xclock
+ file
+ # pkgsCross.aarch64-multiplatform-musl.pkgsStatic.hello
+ btop
+ # firefox
+ # vscode
+ # (python3.buildEnv.override
+ # {
+ # extraLibs = with python3Packages; [ scikitimage opencv2 numpy ];
+ # }
+ # )
+ ];
+ shell = pkgs.bashInteractive;
+ uid = 1234;
+ autoSubUidGidRange = true;
+
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly"
+ ];
+ };
+
+ systemd.services.adds-change-workdir = {
+ script = "echo cd /tmp/shared >> /home/nixuser/.profile";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ systemd.services.creates-if-not-exist = {
+ script = "echo touch /home/nixuser/.Xauthority >> /home/nixuser/.profile";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ # https://unix.stackexchange.com/questions/619671/declaring-a-sym-link-in-a-users-home-directory#comment1159159_619703
+ systemd.services.populate-history = {
+ script = "echo \"ls -al /nix/store\" >> /home/nixuser/.bash_history";
+ wantedBy = [ "multi-user.target" ];
+ };
+
+ virtualisation = {
+ # following configuration is added only when building VM with build-vm
+ memorySize = 3072; # Use MiB memory.
+ diskSize = 4096; # Use MiB memory.
+ cores = 7; # Simulate/Emulates number of cores.
+ #
+ docker.enable = true;
+
+ #
+ useNixStoreImage = true;
+ writableStore = true; # TODO
+ };
+ security.polkit.enable = true;
+
+ environment.etc."containers/registries.conf" = {
+ mode = "0644";
+ text = ''
+ [registries.search]
+ registries = ['docker.io', 'localhost']
+ '';
+ };
+
+ # https://nixos.wiki/wiki/Libvirt
+ boot.extraModprobeConfig = "options kvm_intel nested=1";
+ boot.kernelModules = [
+ "kvm-intel"
+ "vfio-pci"
+ ];
+
+ # hardware.opengl.enable = true;
+ # hardware.opengl.driSupport = true;
+
+ nixpkgs.config.allowUnfree = true;
+ nix = {
+ package = pkgs.nix;
+ # package = pkgsCross.aarch64-multiplatform-musl.pkgsStatic.nix;
+ extraOptions = "experimental-features = nix-command flakes";
+ readOnlyStore = true;
+ };
+
+ boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+
+ # Enable the X11 windowing system.
+ services.xserver = {
+ enable = true;
+ displayManager.gdm.enable = true;
+ displayManager.startx.enable = true;
+ logFile = "/var/log/X.0.log";
+ desktopManager.xterm.enable = true;
+ # displayManager.gdm.autoLogin.enable = true;
+ # displayManager.gdm.autoLogin.user = "nixuser";
+ };
+ services.spice-vdagentd.enable = true;
+
+ # https://github.com/NixOS/nixpkgs/issues/21332#issuecomment-268730694
+ services.openssh = {
+ allowSFTP = true;
+ kbdInteractiveAuthentication = false;
+ enable = true;
+ forwardX11 = true;
+ passwordAuthentication = false;
+ permitRootLogin = "yes";
+ ports = [ 10022 ];
+ authorizedKeysFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+
+ # https://stackoverflow.com/a/71247061
+ # https://nixos.wiki/wiki/Firewall
+ networking.firewall = {
+ enable = true;
+ allowedTCPPorts = [ 22 80 443 10022 8000 ];
+ };
+
+ programs.ssh.forwardX11 = true;
+ services.qemuGuest.enable = true;
+
+ services.sshd.enable = true;
+
+ programs.dconf.enable = true;
+
+ time.timeZone = "America/Recife";
+ system.stateVersion = "22.11";
+
+ users.users.root = {
+ password = "root";
+ initialPassword = "root";
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+ })
+ ];
+ };
+
+ nixosConfigurations.nixosBuildVMAarch64Linux =
+ let
+ pkgs = import nixpkgs {
+ # system = "x86_64-linux";
+ system = "aarch64-linux";
+ config = { allowUnfree = true; };
+ };
+ in
+ nixpkgs.lib.nixosSystem
+ {
+ system = "aarch64-linux";
+ modules =
+ let
+ nixuserKeys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly";
+ in
+ [
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/build-vm.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-vm.nix"
+ # "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/virtualisation/qemu-guest.nix"
+ "${toString (builtins.getFlake "github:NixOS/nixpkgs/a8f8b7db23ec6450e384da183d270b18c58493d4")}/nixos/modules/installer/cd-dvd/channel.nix"
+
+ ({
+ boot.kernelParams = [
+ "console=tty0"
+ "console=ttyAMA0,115200n8"
+ # Set sensible kernel parameters
+ # https://nixos.wiki/wiki/Bootloader
+ # https://git.redbrick.dcu.ie/m1cr0man/nix-configs-rb/commit/ddb4d96dacc52357e5eaec5870d9733a1ea63a5a?lang=pt-PT
+ "boot.shell_on_fail"
+ "panic=30"
+ "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+ # TODO: test it
+ "intel_iommu=on"
+ "iommu=pt"
+
+ # https://discuss.linuxcontainers.org/t/podman-wont-run-containers-in-lxd-cgroup-controller-pids-unavailable/13049/2
+ # https://github.com/NixOS/nixpkgs/issues/73800#issuecomment-729206223
+ # https://github.com/canonical/microk8s/issues/1691#issuecomment-977543458
+ # https://github.com/grahamc/nixos-config/blob/35388280d3b06ada5882d37c5b4f6d3baa43da69/devices/petunia/configuration.nix#L36
+ # cgroup_no_v1=all
+ "swapaccount=0"
+ "systemd.unified_cgroup_hierarchy=0"
+ "group_enable=memory"
+ ];
+
+ boot.tmpOnTmpfs = false;
+ # https://github.com/AtilaSaraiva/nix-dotfiles/blob/main/lib/modules/configHost/default.nix#L271-L273
+ boot.tmpOnTmpfsSize = "100%";
+
+ # https://nixos.wiki/wiki/NixOS:nixos-rebuild_build-vm
+ users.extraGroups.nixgroup.gid = 999;
+
+ users.users.nixuser = {
+ isSystemUser = true;
+ password = "";
+ createHome = true;
+ home = "/home/nixuser";
+ homeMode = "0700";
+ description = "The VM tester user";
+ group = "nixgroup";
+ extraGroups = [
+ "podman"
+ "kvm"
+ "libvirtd"
+ "wheel"
+ ];
+ packages = with pkgs; [
+ direnv
+ file
+ gnumake
+ which
+ coreutils
+ ];
+ shell = pkgs.bashInteractive;
+ uid = 1234;
+ autoSubUidGidRange = true;
+
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly"
+ ];
+ };
+
+ virtualisation = {
+ # following configuration is added only when building VM with build-vm
+ memorySize = 3 * 16; # Use MiB memory.
+ diskSize = 1024 * 16; # Use MiB memory.
+ cores = 6; # Simulate 6 cores.
+
+ #
+ docker.enable = false;
+ podman.enable = true;
+
+ #
+ useNixStoreImage = true;
+ writableStore = true; # TODO
+ };
+
+ nixpkgs.config.allowUnfree = true;
+ nix = {
+ # package = nixpkgs.pkgs.nix;
+ extraOptions = "experimental-features = nix-command flakes";
+ readOnlyStore = true;
+ };
+
+ # https://github.com/NixOS/nixpkgs/issues/21332#issuecomment-268730694
+ services.openssh = {
+ allowSFTP = true;
+ kbdInteractiveAuthentication = false;
+ enable = true;
+ forwardX11 = false;
+ passwordAuthentication = false;
+ permitRootLogin = "yes";
+ ports = [ 10022 ];
+ authorizedKeysFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+
+ time.timeZone = "America/Recife";
+ system.stateVersion = "22.11";
+
+ users.users.root = {
+ password = "root";
+ initialPassword = "root";
+ openssh.authorizedKeys.keyFiles = [
+ "${ ./nixuser-keys.pub }"
+ ];
+ };
+ })
+ ];
+ };
+
+ packages.checkNixFormat = pkgsAllowUnfree.runCommand "check-nix-format" { } ''
+ ${pkgsAllowUnfree.nixpkgs-fmt}/bin/nixpkgs-fmt --check ${./.}
+
+ # For fix
+ # find . -type f -iname '*.nix' -exec nixpkgs-fmt {} \;
+
+ mkdir $out #sucess
+ '';
+
+ apps.${name} = flake-utils.lib.mkApp {
+ inherit name;
+ drv = packages.${name};
+ };
+
+ devShells.default = pkgsAllowUnfree.mkShell {
+ buildInputs = with pkgsAllowUnfree; [
+ bashInteractive
+ coreutils
+ curl
+ gnumake
+ patchelf
+ # poetry
+ python3Full
+ tmate
+ podman
+ ];
+
+ shellHook = ''
+ echo -e 'IMO \n Banco' | "${pkgsAllowUnfree.figlet}/bin/figlet" | cat
+
+ export NIXOS_VM_USER=nixuser
+ export HOST_MAPPED_PORT=10022
+ export REMOVE_DISK=true
+ export QEMU_NET_OPTS=hostfwd=tcp::"$HOST_MAPPED_PORT"-:"$HOST_MAPPED_PORT",hostfwd=tcp::8000-:8000
+ # export QEMU_OPTS="-nographic"
+ # export QEMU_OPTS="-daemonize -display none -monitor none"
+ export SHARED_DIR="$(pwd)"
+ export RUN_BUID_VM_SCRIPT_PATH="''${self.nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm}"/bin/run-nixos-vm
+ export CONTAINER_HOST=ssh://"$NIXOS_VM_USER"@localhost:"$HOST_MAPPED_PORT"/run/user/1234/podman/podman.sock
+
+ "$REMOVE_DISK" && rm -fv nixos.qcow2
+
+ # chmod 0600 .id_ed25519
+ IDENTITY_FULL_PATH=./id_ed25519
+
+ chmod -v 0600 "$IDENTITY_FULL_PATH"
+
+ ssh-keygen -R '[localhost]:10022'
+ ssh-add -l | grep -q 'SHA256:NzLgwADMD4taCNCdiTTRz0yyMdN0AguJVZD+eHiQZjE' || ssh-add "$IDENTITY_FULL_PATH"
+
+ # ssh -T -i "$IDENTITY_FULL_PATH" -o ConnectTimeout=1 -o StrictHostKeyChecking=no nixuser@localhost -p "$HOST_MAPPED_PORT" <<<'systemctl is-active podman.socket' \
+ # || ( "$RUN_BUID_VM_SCRIPT_PATH" & )
+
+ # $("$RUN_BUID_VM_SCRIPT_PATH" < /dev/null &)&
+ # "$RUN_BUID_VM_SCRIPT_PATH"
+
+ # TODO: pq o podman.service não está ativo?
+ # while ! ssh -T -i "$IDENTITY_FULL_PATH" -o ConnectTimeout=1 -o StrictHostKeyChecking=no nixuser@localhost -p "$HOST_MAPPED_PORT" <<<'systemctl is-active podman.socket'; do \
+ # echo $(date +'%d/%m/%Y %H:%M:%S:%3N'); sleep 0.5; done
+
+ '';
+ };
+ });
+}
diff --git a/id_ed25519 b/id_ed25519
new file mode 100644
index 0000000..99d6c3b
--- /dev/null
+++ b/id_ed25519
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5JcgAAAIjoIwah6CMG
+oQAAAAtzc2gtZWQyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5Jcg
+AAAEAbL0Z61S8giktfR53dZ2fztctV/0vML24doU0BMGLRZqyhLx5HU63zJJ5Lx4j+NTC/
+OQZ7Weloc8y+On467klyAAAAAAECAwQF
+-----END OPENSSH PRIVATE KEY-----
diff --git a/nixuser-keys.pub b/nixuser-keys.pub
new file mode 100644
index 0000000..948401d
--- /dev/null
+++ b/nixuser-keys.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyhLx5HU63zJJ5Lx4j+NTC/OQZ7Weloc8y+On467kly
\ No newline at end of file
diff --git a/profile/README.md b/profile/README.md
index da795aa..b737fdc 100644
--- a/profile/README.md
+++ b/profile/README.md
@@ -1,12 +1,1671 @@
# Hi there 👋
-
+
+## Instalação do nix para apenas UM usuário (apenas você utiliza a máquina)
+
+Versão curta: para linux
+```bash
+wget -qO- http://ix.io/4Bqe sh || curl -L http://ix.io/4Bqe | sh \
+&& . "$HOME"/."$(basename $SHELL)"rc \
+&& nix flake --version
+```
+
+
+
+ Versão longa (click para expandir):
+
+```bash
+command -v curl || (command -v apt && sudo apt-get update && sudo apt-get install -y curl)
+command -v curl || (command -v apk && sudo apk add --no-cache curl)
+
+# DAEMON_OR_NO_DAEMON='--'"$((launchctl version 1>/dev/null 2>/dev/null || systemctl --version 1>/dev/null 2>/dev/null) && echo daemon || echo no-daemon)"
+DAEMON_OR_NO_DAEMON='--'"$($(launchctl version 1>/dev/null 2>/dev/null) && echo daemon || echo no-daemon)"
+
+
+NIX_RELEASE_VERSION=2.10.2 \
+&& curl -L https://releases.nixos.org/nix/nix-"${NIX_RELEASE_VERSION}"/install | sh -s -- "$DAEMON_OR_NO_DAEMON" \
+&& . "$HOME"/.nix-profile/etc/profile.d/nix.sh
+
+NAME_SHELL=$(basename $SHELL) \
+&& echo 'export NIX_CONFIG="extra-experimental-features = nix-command flakes"' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo '. "$HOME"/.nix-profile/etc/profile.d/nix.sh' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'eval "$(direnv hook '"$NAME_SHELL"')"' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'export NIX_CONFIG="extra-experimental-features = nix-command flakes"' >> "$HOME"/.profile \
+&& echo '. "$HOME"/.nix-profile/etc/profile.d/nix.sh' >> "$HOME"/.profile \
+&& echo 'eval "$(direnv hook '"$NAME_SHELL"')"' >> "$HOME"/.profile \
+&& . "$HOME"/."$NAME_SHELL"rc \
+&& . "$HOME"/.profile \
+&& nix flake --version \
+&& nix --extra-experimental-features 'nix-command flakes' -vv registry pin nixpkgs github:NixOS/nixpkgs/ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b \
+&& nix --extra-experimental-features 'nix-command flakes' -vv profile install nixpkgs#direnv nixpkgs#git \
+&& . "$HOME"/."$NAME_SHELL"rc \
+&& . "$HOME"/.profile
+```
+
+Para criar a versão curta, crie um arquivo e copie e cole o bloco de código acima no arquivo.
+```bash
+nano arquivo.txt
+```
+
+Após salvar e fechar o arquivo:
+```bash
+cat arquivo.txt | curl -F 'f:1=<-' ix.io
+```
+
+Basta atualizar o hash/id da instalação.
+
+
+
+### Experimental, nix estaticamente compilado, usando /nix
+
+
+
+Versão curta:
+```bash
+wget -qO- http://ix.io/4Jaq | sh \
+&& . "$HOME"/.profile \
+&& nix flake --version
+```
+
+
+
+ Versão longa (click para expandir):
+
+```bash
+test -d /nix || (sudo mkdir -pv -m 0755 /nix/var/nix && sudo -k chown -Rv "$USER": /nix); \
+test $(stat -c %a /nix) -eq 0755 || sudo -k chmod -v 0755 /nix
+
+test -f nix || curl -L https://hydra.nixos.org/build/237228729/download/2/nix > nix && chmod -v +x nix
+test -f nix || wget https://hydra.nixos.org/build/237228729/download/2/nix && chmod -v +x nix
+
+./nix \
+--option experimental-features 'nix-command flakes' \
+registry \
+pin \
+nixpkgs github:NixOS/nixpkgs/ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b
+
+./nix \
+--option experimental-features 'nix-command flakes' \
+shell \
+--ignore-environment \
+--keep HOME \
+--keep USER \
+nixpkgs#busybox-sandbox-shell \
+nixpkgs#toybox \
+-c \
+sh<<'COMMANDS'
+toybox echo $HOME
+toybox echo $USER
+
+type cd \
+&& type echo \
+&& type export \
+&& type type
+
+toybox mkdir -pv "$HOME"/.local/bin \
+&& toybox mv -v nix "$HOME"/.local/bin \
+&& cd "$HOME"/.local/bin \
+&& toybox ln -sfv nix nix-build \
+&& toybox ln -sfv nix nix-channel \
+&& toybox ln -sfv nix nix-collect-garbage \
+&& toybox ln -sfv nix nix-copy-closure \
+&& toybox ln -sfv nix nix-daemon \
+&& toybox ln -sfv nix nix-env \
+&& toybox ln -sfv nix nix-hash \
+&& toybox ln -sfv nix nix-instantiate \
+&& toybox ln -sfv nix nix-prefetch-url \
+&& toybox ln -sfv nix nix-shell \
+&& toybox ln -sfv nix nix-store \
+&& cd \
+&& toybox mkdir -pv "$HOME"/.config/nix \
+&& toybox grep 'experimental-features' "$HOME"/.config/nix/nix.conf -q || (toybox echo 'experimental-features = nix-command flakes' >> "$HOME"/.config/nix/nix.conf) \
+&& toybox grep '.local' "$HOME"/.profile -q || (echo 'export PATH="$HOME"/.nix-profile/bin:"$HOME"/.local/bin:"$PATH"' >> "$HOME"/.profile)
+COMMANDS
+
+. "$HOME"/.profile \
+&& nix flake --version \
+&& nix flake metadata nixpkgs
+```
+
+Para criar a versão curta, crie um arquivo e copie e cole o bloco de código acima no arquivo.
+```bash
+nano arquivo.txt
+```
+
+Após salvar e fechar o arquivo:
+```bash
+cat arquivo.txt | curl -F 'f:1=<-' ix.io
+```
+
+Basta atualizar o hash/id da instalação.
+
+
+
+
+
+ Como obter id do latest build que obteve sucesso no hydra? (click para expandir):
+
+```bash
+# https://github.com/NixOS/nix/issues/6976
+URL=https://hydra.nixos.org/job/nix/master/buildStatic.x86_64-linux/latest
+LATEST_ID_OF_NIX_STATIC_HYDRA_SUCCESSFUL_BUILD="$(curl $URL | grep '"https://hydra.nixos.org/build/' | cut -d'/' -f5 | cut -d'"' -f1)"
+
+echo $LATEST_ID_OF_NIX_STATIC_HYDRA_SUCCESSFUL_BUILD
+```
+
+
+
+## Instalação do nix para MULTIPLOS usuários compartilhando o mesmo computador
+
+
+Versão curta:
+```bash
+CURL_OR_WGET_OR_ERROR=$((curl -V &> /dev/null && echo curl -L) || (wget -V &> /dev/null && echo wget -qO-) || echo Neither curl nor wget are installed) \
+&& $CURL_OR_WGET_OR_ERROR http://ix.io/4J25 | sh \
+&& sudo "$SHELL" -lc 'nix --version'
+```
+
+
+
+ Versão longa (click para expandir):
+
+```bash
+command -v curl || (command -v apt && sudo apt-get update && sudo apt-get install -y curl)
+command -v curl || (command -v apk && sudo apk add --no-cache curl)
+
+DAEMON_OR_NO_DAEMON='--daemon'
+
+
+NIX_RELEASE_VERSION=2.10.2 \
+&& curl -L https://releases.nixos.org/nix/nix-2.18.1/install | sh -s -- --daemon
+
+sudo \
+$SHELL \
+<<'COMMANDS'
+NAME_SHELL=$(basename $SHELL) \
+&& echo 'export NIX_CONFIG="extra-experimental-features = nix-command flakes"' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo '. "$HOME"/.nix-profile/etc/profile.d/nix.sh' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'eval "$(direnv hook '"$NAME_SHELL"')"' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'export DIRENV_LOG_FORMAT=""' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'export NIX_CONFIG="extra-experimental-features = nix-command flakes"' >> "$HOME"/.profile \
+&& echo '. "$HOME"/.nix-profile/etc/profile.d/nix.sh' >> "$HOME"/.profile \
+&& echo 'eval "$(direnv hook '"$NAME_SHELL"')"' >> "$HOME"/.profile \
+&& echo 'export DIRENV_LOG_FORMAT=""' >> "$HOME"/.profile \
+&& . "$HOME"/."$NAME_SHELL"rc \
+&& . "$HOME"/.profile \
+&& nix flake --version \
+&& nix --extra-experimental-features 'nix-command flakes' -vv registry pin nixpkgs github:NixOS/nixpkgs/ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b \
+&& nix --extra-experimental-features 'nix-command flakes' profile install -vv nixpkgs#direnv nixpkgs#git \
+&& . "$HOME"/."$NAME_SHELL"rc \
+&& . "$HOME"/.profile
+COMMANDS
+
+
+sudo ln -sfv "$HOME"/.nix-profile /nix/var/nix/profiles/default/ \
+&& sudo "$SHELL" -lc 'nix profile install -vvv nixpkgs#direnv nixpkgs#git --profile '"$HOME"'/.nix-profile' \
+&& NAME_SHELL=$(basename $SHELL) \
+&& echo 'export NIX_CONFIG="extra-experimental-features = nix-command flakes"' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'eval "$(direnv hook '"$NAME_SHELL"')"' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'export DIRENV_LOG_FORMAT=""' >> "$HOME"/."$NAME_SHELL"rc \
+&& echo 'export NIX_CONFIG="extra-experimental-features = nix-command flakes"' >> "$HOME"/.profile \
+&& echo 'eval "$(direnv hook '"$NAME_SHELL"')"' >> "$HOME"/.profile \
+&& echo 'export DIRENV_LOG_FORMAT=""' >> "$HOME"/.profile
+```
+
+
+Para criar a versão curta, crie um arquivo e copie e cole o bloco de código acima no arquivo.
+```bash
+nano arquivo.txt
+```
+
+Após salvar e fechar o arquivo:
+```bash
+cat arquivo.txt | curl -F 'f:1=<-' ix.io
+```
+
+Basta atualizar o hash/id da instalação.
+
+
+
+
+
+### Para MULTIPLOS usuários compartilhando o mesmo computador
+
+O script abaixo cria um usuário com:
+- `$HOME`;
+- membro do grupo `sudo`, ou seja, equivalente a permissão `root`;
+- configura uma senha para esse user.
+
+```bash
+NOME_DO_SEU_USER=testuser
+
+sudo useradd -m -s "$SHELL" "$NOME_DO_SEU_USER"
+sudo usermod --append --groups sudo "$NOME_DO_SEU_USER"
+sudo passwd "$NOME_DO_SEU_USER"
+
+# TODO: talvez o snipet abaixo possa ser mergido com esse aproveitando
+# que se sabe o "home do user" pois se tem o nome do user
+```
+
+
+Para cada usuário criado que é necessário adicionar esse "hack" para poder utilizar o `podman`:
+```bash
+NAME_SHELL=$(basename $SHELL)
+
+tee -a "$HOME"/."$NAME_SHELL"rc <<'EOF'
+
+FULL_PATH_TO_UIDMAP='/nix/store/kyk7f08qqmn86p0f0wzkr1rqjakbg418-shadow-4.11.1/bin/newuidmap'
+FULL_PATH_TO_GIDMAP='/nix/store/kyk7f08qqmn86p0f0wzkr1rqjakbg418-shadow-4.11.1/bin/newgidmap'
+
+$(test $(stat -c %u:%g "$FULL_PATH_TO_UIDMAP") = $(id -u):$(id -g)) || sudo chown -v $(id -u):$(id -g) "$FULL_PATH_TO_UIDMAP"
+$(test $(stat -c %u:%g "$FULL_PATH_TO_GIDMAP") = $(id -u):$(id -g)) || sudo chown -v $(id -u):$(id -g) "$FULL_PATH_TO_GIDMAP"
+
+unset FULL_PATH_TO_UIDMAP
+unset FULL_PATH_TO_GIDMAP
+
+EOF
+```
+
+
+```bash
+echo 'Start group stuff...' \
+&& SUDO_ADMIN_GROUP_NAME='sudo' \
+&& getent group "$SUDO_ADMIN_GROUP_NAME" || sudo groupadd "$SUDO_ADMIN_GROUP_NAME" \
+&& sudo usermod --append --groups "$SUDO_ADMIN_GROUP_NAME" "$USER" \
+&& echo 'End group stuff!'
+```
+
+```bash
+sudo chown $(id -u):$(id -g) /nix/store/kyk7f08qqmn86p0f0wzkr1rqjakbg418-shadow-4.11.1/bin/new{u,g}idmap
+```
+
+
+```bash
+$(test $(stat -c %u:%g /nix/store) = $(id -u):$(id -g)) \
+|| sudo chown $(id -u):$(id -g) /nix/store/kyk7f08qqmn86p0f0wzkr1rqjakbg418-shadow-4.11.1/bin/new{u,g}idmap
+```
+
+
+```bash
+podman info 1> /dev/null 2> /dev/null \
+|| sudo chown -v $(id -u):sudo /nix/store/kyk7f08qqmn86p0f0wzkr1rqjakbg418-shadow-4.11.1/bin/new{u,g}idmap
+```
+
+Feche o terminal.
+
+
+
+ Imagem OCI com systemd (para ajudar a testar):
+
+```bash
+cat << 'EOF' >> Dockerfile
+FROM docker.io/library/fedora:39
+
+
+RUN dnf -y install hostname systemd xz
+
+RUN groupadd abcgroup \
+ && adduser \
+ --comment '"An unprivileged user with an group"' \
+ --gid abcgroup \
+ --uid 3322 \
+ abcuser \
+ && echo 'abcuser ALL=(ALL) NOPASSWD:SETENV: ALL' > /etc/sudoers.d/abcuser \
+ && usermod --append --groups kvm abcuser
+
+CMD [ "/sbin/init" ]
+EOF
+
+podman build --tag fedora39-systemd .
+
+podman kill test-fedora39-systemd || true \
+&& podman rm --force test-fedora39-systemd || true \
+&& podman \
+run \
+--detach=true \
+--name=test-fedora39-systemd \
+--interactive=false \
+--tty=true \
+--privileged=true \
+--rm=true \
+localhost/fedora39-systemd \
+&& podman ps
+
+# Para checar que o systemd está funcionando
+podman \
+exec \
+--interactive=true \
+--tty=true \
+--user=abcuser \
+--workdir=/home/abcuser \
+test-fedora39-systemd \
+bash \
+-c \
+'
+systemctl status swap.target \
+&& systemctl status dbus.socket \
+&& systemctl status system.slice \
+&& systemctl status user.slice
+'
+
+podman \
+exec \
+--interactive=true \
+--tty=false \
+--user=abcuser \
+--workdir=/home/abcuser \
+test-fedora39-systemd \
+bash<<'COMMANDS'
+CURL_OR_WGET_OR_ERROR=$((curl -V &> /dev/null && echo curl -L) || (wget -V &> /dev/null && echo wget -qO-) || echo Neither curl nor wget are installed) \
+&& $CURL_OR_WGET_OR_ERROR http://ix.io/4J25 | sh \
+&& sudo "$SHELL" -lc 'nix --version'
+COMMANDS
+
+
+podman \
+exec \
+--interactive=true \
+--tty=true \
+--user=abcuser \
+--workdir=/home/abcuser \
+test-fedora39-systemd \
+bash \
+-cl \
+'
+nix flake --version
+'
+
+
+podman \
+exec \
+--interactive=true \
+--tty=true \
+--user=abcuser \
+--workdir=/home/abcuser \
+test-fedora39-systemd \
+bash
+```
+
+Notas:
+- [Allow gc-ing with a rootless daemon](https://github.com/NixOS/nix/pull/5380)
+- [Extra-secure store objects that Nix cannot modify](https://github.com/NixOS/nix/issues/7471)
+
+
+
+
+
+
+## Parte 2, home-manager + nix, apenas GNU/Linux
+
+Existem 3 tipos de configurações, descritos nas próximas seções: apenas CLI, apenas CLI slim, e com
+programas com interface gráfica.
+
+1.1) Apenas programas CLI:
+
+
+Versão curta:
+```bash
+# http://ix.io/4AKW
+# http://ix.io/4ATD
+wget -qO- http://ix.io/4Bqg || curl -L http://ix.io/4Bqg | sh
+```
+
+
+
+ Versão longa (click para expandir):
+
+```bash
+# Precisa das variáveis de ambiente USER e HOME
+# export DUMMY_USER="$(id -un)"
+# TODO: checar se $USER tem alguma string, caso não pelo menos imprimir logs
+export DUMMY_USER="$USER"
+DIRECTORY_TO_CLONE=/home/"$USER"/.config/nixpkgs
+
+IS_DARWIN=$(nix eval nixpkgs#stdenv.isDarwin)
+IS_LINUX=$(nix eval nixpkgs#stdenv.isLinux)
+FLAKE_ARCHITECTURE=$(nix eval --impure --raw --expr 'builtins.currentSystem').
+
+if [ "$IS_DARWIN" = "true" ]; then
+ echo 'The system archtecture was detected as: '"$FLAKE_ARCHITECTURE"
+ DUMMY_HOME_PREFIX='/Users'
+fi
+
+if [ "$IS_LINUX" = "true" ]; then
+ echo 'The system archtecture was detected as: '"$FLAKE_ARCHITECTURE"
+ DUMMY_HOME_PREFIX='/home'
+fi
+
+# Útil para testar usando um diretório diferente:
+CONFIG_NIXPKGS=${OVERRIDE_DIRECTORY_CONFIG_NIXPKGS:-.config/nixpkgs}
+
+export DUMMY_HOME="$DUMMY_HOME_PREFIX"/"$USER"
+export DUMMY_HOSTNAME="$(hostname)"
+
+HM_ATTR_FULL_NAME='"'"$DUMMY_USER"-"$DUMMY_HOSTNAME"'"'
+FLAKE_ATTR="$DIRECTORY_TO_CLONE""#homeConfigurations."'\"'"$HM_ATTR_FULL_NAME"'\"'".activationPackage"
+
+BASE_FLAKE_URI='github:NixOS/nixpkgs/ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b#'
+
+# --option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+# --option extra-substituters "s3://playing-bucket-nix-cache-test" \
+# time \
+nix \
+--extra-experimental-features 'nix-command flakes' \
+--option eval-cache false \
+shell \
+"$BASE_FLAKE_URI"git \
+"$BASE_FLAKE_URI"bashInteractive \
+"$BASE_FLAKE_URI"coreutils \
+"$BASE_FLAKE_URI"gnused \
+"$BASE_FLAKE_URI"home-manager \
+--command \
+bash <<-EOF
+ echo $DIRECTORY_TO_CLONE
+ rm -frv $DIRECTORY_TO_CLONE
+ mkdir -pv $DIRECTORY_TO_CLONE
+
+ cd $DIRECTORY_TO_CLONE
+
+ export NIX_CONFIG='extra-experimental-features = nix-command flakes'
+ echo $NIX_CONFIG
+
+ nix \
+ --extra-experimental-features 'nix-command flakes' \
+ flake \
+ init \
+ --template \
+ github:PedroRegisPOAR/.github/feature/dx-with-nix-and-home-manager#templates.x86_64-linux.startSlimConfig
+
+ sed -i 's/username = ".*";/username = "'$DUMMY_USER'";/g' flake.nix \
+ && sed -i 's/hostname = ".*";/hostname = "'"$DUMMY_HOSTNAME"'";/g' flake.nix \
+ && git init \
+ && git status \
+ && git add . \
+ && nix flake lock \
+ --override-input nixpkgs github:NixOS/nixpkgs/ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b \
+ --override-input home-manager github:nix-community/home-manager/b372d7f8d5518aaba8a4058a453957460481afbc \
+ && git status \
+ && git add . \
+ && git commit -m 'First nix home-manager commit from installer'
+
+ echo "$FLAKE_ATTR"
+ # TODO:
+ # --max-jobs 0 \
+ # --option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+ # --option extra-substituters "s3://playing-bucket-nix-cache-test" \
+ nix \
+ --extra-experimental-features 'nix-command flakes' \
+ --option eval-cache false \
+ build \
+ --keep-failed \
+ --no-link \
+ --print-build-logs \
+ --print-out-paths \
+ "$FLAKE_ATTR"
+
+ nix --extra-experimental-features 'nix-command flakes' -vvv profile remove '.*'
+
+ export NIXPKGS_ALLOW_UNFREE=1 \
+ && home-manager switch -b backuphm --impure --flake \
+ "$DIRECTORY_TO_CLONE"#"$HM_ATTR_FULL_NAME" \
+ && home-manager generations
+
+ #
+ TARGET_SHELL='zsh' \
+ && FULL_TARGET_SHELL=/home/"$DUMMY_USER"/.nix-profile/bin/"\$TARGET_SHELL" \
+ && echo \
+ && ls -al "\$FULL_TARGET_SHELL" \
+ && echo \
+ && echo "\$FULL_TARGET_SHELL" | sudo tee -a /etc/shells \
+ && echo \
+ && sudo \
+ -k \
+ /usr/sbin/usermod \
+ -s \
+ /home/"$DUMMY_USER"/.nix-profile/bin/"\$TARGET_SHELL" \
+ "$DUMMY_USER"
+
+EOF
+```
+
+
+
+
+```bash
+# TODO: se não existir criar?
+create-nix-hardcoded-sign-cache-keys
+
+send-signed-closure-run-time-of-flake-uri-attr-to-bucket \
+"$HOME"/.config/nixpkgs#'homeConfigurations."vagrant-alpine316.localdomain".activationPackage'
+```
+
+
+```bash
+nix \
+--option eval-cache false \
+--option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+--option extra-substituters "s3://playing-bucket-nix-cache-test" \
+build \
+--keep-failed \
+--max-jobs 0 \
+--no-link \
+--print-build-logs \
+--print-out-paths \
+/nix/store/a7mqcffbs91k9r3g7qvc7kax2kpabn7m-home-manager-generation
+```
+
+```bash
+tee ~/.ssh/config <> "$HOME"/.zprofile
+```
+Refs.:
+- https://brew.sh/
+- https://github.com/orgs/Homebrew/discussions/3199
+- https://github.com/Homebrew/brew/issues/3428
+- https://stackoverflow.com/questions/75140626/installing-brew-hangs-in-docker-build
+- https://stackoverflow.com/a/76188907
+- https://apple.stackexchange.com/questions/458026/which-etc-zsh-related-files-are-safe-from-os-update-overwrites
+
+
+Instalando o `hello`:
+```bash
+brew install hello
+```
+
+Testando o `hello`:
+```bash
+hello
+```
+
+Desistalando o `hello`:
+```bash
+brew uninstall hello
+```
+
+#### Mac and nix
+
+1)
+```bash
+NIX_RELEASE_VERSION=2.10.2 \
+&& curl -L https://releases.nixos.org/nix/nix-"${NIX_RELEASE_VERSION}"/install | sh -s \
+&& echo 'export NIX_CONFIG="extra-experimental-features = 'nix-command flakes'"' >> "$HOME"/.zprofile
+```
+Ref.:
+- https://github.com/NixOS/nix/issues/3616#issuecomment-1430907248
+- https://github.com/NixOS/nix/issues/3616#issuecomment-1554690522
+- https://github.com/NixOS/nix/issues/3616#issuecomment-1557404536
+
+
+2) Feche o terminal, o instalador "obriga".
+
+3) Abra o terminal:
+```bash
+nix profile install nixpkgs#hello nixpkgs#tmate
+```
+
+4) Testando a execussão do `hello`:
+```bash
+hello
+```
+
+
+##### Outros testes no Mac
+
+
+```bash
+nix eval --impure --raw --expr 'builtins.currentSystem'
+```
+
+
+```bash
+nix build --no-link --print-build-logs nixpkgs#hello \
+&& nix build --no-link --print-build-logs --rebuild nixpkgs#hello
+```
+
+```bash
+nix build --print-build-logs nixpkgs#pkgsCross.x86_64-embedded.hello
+```
+
+```bash
+nix build --print-build-logs nixpkgs#pkgsCross.x86_64-embedded.pkgsStatic.hello
+```
+
+```bash
+nix build --no-link --print-build-logs github:NixOS/nixpkgs/nixpkgs-unstable#darwin.builder
+```
+
+
+```bash
+EXPR_NIX='
+ (
+ with builtins.getFlake "github:NixOS/nixpkgs/da0b0bc6a5d699a8a9ffbf9e1b19e8642307062a";
+ with legacyPackages.${builtins.currentSystem};
+ python3.withPackages (p: with p; [ pandas ])
+ )
+'
+
+# --rebuild \
+nix \
+build \
+--impure \
+--option enforce-determinism false \
+--no-link \
+--print-build-logs \
+--expr \
+"$EXPR_NIX"
+
+
+nix \
+shell \
+--impure \
+--expr \
+"$EXPR_NIX" \
+--command \
+python3 -c 'import pandas as pd; pd.DataFrame(); print(pd.__version__)'
+```
+
+Quebrado:
+```bash
+nix \
+build \
+--impure \
+--no-enforce-determinism \
+--no-link \
+--print-build-logs \
+--rebuild \
+--expr \
+"$EXPR_NIX"
+```
+
+
+Quebrado:
+```bash
+nix \
+build \
+--impure \
+--builders "" \
+--no-link \
+--print-build-logs \
+--rebuild \
+--expr \
+"$EXPR_NIX"
+```
+
+
+#### x86_64-linux with podman
+
+Podman
+
+```bash
+nix \
+build \
+--max-jobs auto \
+--no-link \
+--no-show-trace \
+--print-build-logs \
+.#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm
+```
+
+
+```bash
+nix \
+develop \
+.# \
+-c \
+"$SHELL" \
+-c \
+'"$RUN_BUID_VM_SCRIPT_PATH"'
+
+nix \
+develop \
+.# \
+-c \
+"$SHELL" \
+<<'COMMANDS'
+while ! ssh -T -i id_ed25519 -o ConnectTimeout=1 -o StrictHostKeyChecking=no nixuser@localhost -p "$HOST_MAPPED_PORT" <<<'systemctl is-active podman.socket'; do \
+ echo $(date +'%d/%m/%Y %H:%M:%S:%3N'); sleep 0.5; done
+COMMANDS
+
+nix \
+develop \
+.# \
+-c \
+"$SHELL" \
+-c \
+'podman run -it --rm docker.io/library/alpine sh -c "cat /etc/os-*release"'
+```
+
+```bash
+# TODO: the nix static
+# ls -al "$HOME"/.local/share/nix/root/$(nix eval --raw github:PedroRegisPOAR/.github/c5ff24579ff2dfe933e517660ab218e8bacfe9e1#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm)
+
+nix \
+develop \
+github:PedroRegisPOAR/.github/987db9a0aee4728509ad6fb4d175b0350511900c \
+-c \
+"$SHELL" \
+-c \
+'"$RUN_BUID_VM_SCRIPT_PATH"'
+
+nix \
+develop \
+github:PedroRegisPOAR/.github/987db9a0aee4728509ad6fb4d175b0350511900c \
+-c \
+"$SHELL" \
+<<'COMMANDS'
+while ! ssh -T -i id_ed25519 -o ConnectTimeout=1 -o StrictHostKeyChecking=no nixuser@localhost -p "$HOST_MAPPED_PORT" <<<'systemctl is-active podman.socket'; do \
+ echo $(date +'%d/%m/%Y %H:%M:%S:%3N'); sleep 0.5; done
+COMMANDS
+
+nix \
+develop \
+github:PedroRegisPOAR/.github/987db9a0aee4728509ad6fb4d175b0350511900c \
+-c \
+"$SHELL" \
+-c \
+'podman run -it --rm docker.io/library/alpine sh -c "cat /etc/os-*release"'
+```
+
+```bash
+time \
+nix \
+build \
+--max-jobs auto \
+--no-link \
+--no-show-trace \
+--print-build-logs \
+github:PedroRegisPOAR/.github/987db9a0aee4728509ad6fb4d175b0350511900c#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm
+
+send-signed-closure-run-time-of-flake-uri-attr-to-bucket \
+github:PedroRegisPOAR/.github/c5ff24579ff2dfe933e517660ab218e8bacfe9e1#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm
+```
+
+
+```bash
+time \
+nix \
+--option eval-cache false \
+--option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+--option extra-substituters "s3://playing-bucket-nix-cache-test" \
+build \
+--keep-failed \
+--max-jobs 0 \
+--no-link \
+--no-show-trace \
+--print-build-logs \
+--print-out-paths \
+github:PedroRegisPOAR/.github/c5ff24579ff2dfe933e517660ab218e8bacfe9e1#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm
+```
+
+
+```bash
+mkdir -pv ~/sandbox/sandbox && cd $_
+
+export HOST_MAPPED_PORT=10022
+export REMOVE_DISK=true
+export QEMU_NET_OPTS='hostfwd=tcp::'"$HOST_MAPPED_PORT"'-:'"$HOST_MAPPED_PORT"',hostfwd=tcp::8000-:8000'
+# export QEMU_OPTS='-nographic'
+export SHARED_DIR="$(pwd)"
+
+"$REMOVE_DISK" && rm -fv nixos.qcow2
+# nc 1>/dev/null 2>/dev/null || nix profile install nixpkgs#netcat
+# nc -v -4 localhost "$HOST_MAPPED_PORT" -w 1 -z && echo 'There is something already using the port:'"$HOST_MAPPED_PORT"
+
+# sudo lsof -t -i tcp:"$HOST_MAPPED_PORT" -s tcp:listen
+# sudo lsof -t -i tcp:"$HOST_MAPPED_PORT" -s tcp:listen | sudo xargs --no-run-if-empty kill
+
+cat << 'EOF' >> id_ed25519
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5JcgAAAIjoIwah6CMG
+oQAAAAtzc2gtZWQyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5Jcg
+AAAEAbL0Z61S8giktfR53dZ2fztctV/0vML24doU0BMGLRZqyhLx5HU63zJJ5Lx4j+NTC/
+OQZ7Weloc8y+On467klyAAAAAAECAwQF
+-----END OPENSSH PRIVATE KEY-----
+EOF
+
+chmod -v 0600 id_ed25519
+
+
+
+ssh-keygen -R '[localhost]:10022'
+# Oh crap, it made me wast many many days
+ssh-add id_ed25519
+
+#--option eval-cache false \
+#--option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+#--option extra-substituters "s3://playing-bucket-nix-cache-test" \
+# --max-jobs 0 \
+nix \
+build \
+--no-link \
+--no-show-trace \
+--print-build-logs \
+--print-out-paths \
+github:PedroRegisPOAR/.github/2e545b9b040150742c5dca89e98b0540e4021ba9#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm
+
+nix \
+run \
+github:PedroRegisPOAR/.github/2e545b9b040150742c5dca89e98b0540e4021ba9#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxPodman.config.system.build.vm \
+< /dev/null &
+
+
+while ! ssh -T -i id_ed25519 -o ConnectTimeout=1 -o StrictHostKeyChecking=no nixuser@localhost -p "$HOST_MAPPED_PORT" <<<'systemctl is-active podman.socket'; do \
+ echo $(date +'%d/%m/%Y %H:%M:%S:%3N'); sleep 0.5; done \
+&& ssh-keygen -R '[localhost]:'"$HOST_MAPPED_PORT"; \
+ssh \
+-i id_ed25519 \
+-X \
+-o StrictHostKeyChecking=no \
+nixuser@localhost \
+-p "$HOST_MAPPED_PORT"
+
+#< nix \
+&& mv nix "$HOME"/.local/bin \
+&& chmod +x "$HOME"/.local/bin/nix \
+&& mkdir -pv "$HOME"/.config/nix \
+&& echo 'experimental-features = nix-command flakes' >> "$HOME"/.config/nix/nix.conf \
+&& nix flake --version \
+&& nix registry pin nixpkgs github:NixOS/nixpkgs/ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b
+```
+
+
+
+
+```bash
+# make down
+ssh \
+-T \
+-i id_ed25519 \
+-X \
+-o StrictHostKeyChecking=no \
+root@localhost \
+-p "$HOST_MAPPED_PORT" \
+<<<'shutdown now'
+```
+
+
+Broken:
+```bash
+ssh \
+-fnNT \
+-L/tmp/podman.sock:/run/user/1234/podman/podman.sock \
+-i id_ed25519 \
+ssh://nixuser@localhost:10022 \
+-o StreamLocalBindUnlink=yes
+
+export CONTAINER_HOST=unix:///tmp/podman.sock
+
+podman run -it --rm docker.io/library/alpine sh -c 'cat /etc/os-*release'
+```
+Refs.:
+- https://github.com/containers/podman/issues/11397#issuecomment-1321090051
+
+
+```bash
+sudo netstat -nptl
+```
+Refs.:
+- https://serverfault.com/a/1083002
+
+
+##### podman system connection add
+
+```bash
+export DOCKER_HOST="ssh://root@podman-romote-host"
+podman system connection add --identity ~/.ssh/id_rsa production $DOCKER_HOST
+podman run hello-world
+```
+Refs.:
+- https://stackoverflow.com/a/75533656
+- https://github.com/containers/podman/issues/11668#issuecomment-947983711
+
+
+```bash
+podman --remote --identity id_ed25519 --url ssh://nixuser@localhost:10022 images
+```
+Refs.:
+- https://stackoverflow.com/a/74634171
+
+
+#### x86_64-linux with docker
+
+Docker
+
+```bash
+nix \
+build \
+--max-jobs auto \
+--no-link \
+--no-show-trace \
+--print-build-logs \
+#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxDocker.config.system.build.vm
+```
+
+```bash
+nix \
+build \
+--max-jobs auto \
+--no-link \
+--no-show-trace \
+--print-build-logs \
+github:PedroRegisPOAR/.github/c6ca5765957381ac7fa55b50462f62441ebee989#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxDocker.config.system.build.vm
+
+send-signed-closure-run-time-of-flake-uri-attr-to-bucket \
+github:PedroRegisPOAR/.github/c6ca5765957381ac7fa55b50462f62441ebee989#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxDocker.config.system.build.vm
+```
+
+
+```bash
+time \
+nix \
+--option eval-cache false \
+--option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+--option extra-substituters "s3://playing-bucket-nix-cache-test" \
+build \
+--keep-failed \
+--max-jobs 0 \
+--no-link \
+--no-show-trace \
+--print-build-logs \
+--print-out-paths \
+github:PedroRegisPOAR/.github/c6ca5765957381ac7fa55b50462f62441ebee989#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxDocker.config.system.build.vm
+```
+
+
+```bash
+mkdir -pv ~/sandbox/sandbox && cd $_
+
+export HOST_MAPPED_PORT=10022
+export REMOVE_DISK=true
+export QEMU_NET_OPTS='hostfwd=tcp::'"$HOST_MAPPED_PORT"'-:'"$HOST_MAPPED_PORT"',hostfwd=tcp::8000-:8000'
+export QEMU_OPTS='-nographic'
+export SHARED_DIR="$(pwd)"
+
+
+pgrep qemu | xargs kill
+"$REMOVE_DISK" && rm -fv nixos.qcow2
+
+# nc 1>/dev/null 2>/dev/null || nix profile install nixpkgs#netcat
+# nc -v -4 localhost "$HOST_MAPPED_PORT" -w 1 -z && echo 'There is something already using the port:'"$HOST_MAPPED_PORT"
+
+# sudo lsof -t -i tcp:"$HOST_MAPPED_PORT" -s tcp:listen
+# sudo lsof -t -i tcp:"$HOST_MAPPED_PORT" -s tcp:listen | sudo xargs --no-run-if-empty kill
+
+cat << 'EOF' >> id_ed25519
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5JcgAAAIjoIwah6CMG
+oQAAAAtzc2gtZWQyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5Jcg
+AAAEAbL0Z61S8giktfR53dZ2fztctV/0vML24doU0BMGLRZqyhLx5HU63zJJ5Lx4j+NTC/
+OQZ7Weloc8y+On467klyAAAAAAECAwQF
+-----END OPENSSH PRIVATE KEY-----
+EOF
+
+chmod -v 0600 id_ed25519
+
+
+#nix \
+#--option eval-cache false \
+#--option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+#--option extra-substituters "s3://playing-bucket-nix-cache-test" \
+#build \
+#--keep-failed \
+#--max-jobs 0 \
+#--no-link \
+#--no-show-trace \
+#--print-build-logs \
+#--print-out-paths \
+#github:PedroRegisPOAR/.github/c6ca5765957381ac7fa55b50462f62441ebee989#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxDocker.config.system.build.vm
+
+nix \
+run \
+github:PedroRegisPOAR/.github/c6ca5765957381ac7fa55b50462f62441ebee989#nixosConfigurations.x86_64-linux.nixosBuildVMX86_64LinuxDocker.config.system.build.vm \
+< /dev/null &
+
+
+while ! ssh -i id_ed25519 -o ConnectTimeout=1 -o StrictHostKeyChecking=no nixuser@localhost -p "$HOST_MAPPED_PORT" <<<'nix flake metadata nixpkgs'; do \
+ echo $(date +'%d/%m/%Y %H:%M:%S:%3N'); sleep 0.5; done \
+&& ssh-keygen -R '[localhost]:'"$HOST_MAPPED_PORT"; \
+ssh \
+-i id_ed25519 \
+-X \
+-o ConnectTimeout=1 \
+-o StrictHostKeyChecking=no \
+nixuser@localhost \
+-p "$HOST_MAPPED_PORT"
+
+#</dev/null 2>/dev/null || nix profile install nixpkgs#netcat
+# nc -v -4 localhost "$HOST_MAPPED_PORT" -w 1 -z && echo 'There is something already using the port:'"$HOST_MAPPED_PORT"
+
+# sudo lsof -t -i tcp:10022 -s tcp:listen
+# sudo lsof -t -i tcp:10022 -s tcp:listen | sudo xargs --no-run-if-empty kill
+
+cat << 'EOF' >> id_ed25519
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5JcgAAAIjoIwah6CMG
+oQAAAAtzc2gtZWQyNTUxOQAAACCsoS8eR1Ot8ySeS8eI/jUwvzkGe1npaHPMvjp+Ou5Jcg
+AAAEAbL0Z61S8giktfR53dZ2fztctV/0vML24doU0BMGLRZqyhLx5HU63zJJ5Lx4j+NTC/
+OQZ7Weloc8y+On467klyAAAAAAECAwQF
+-----END OPENSSH PRIVATE KEY-----
+EOF
+
+chmod -v 0600 id_ed25519
+
+
+
+
+nix \
+run \
+github:PedroRegisPOAR/.github/991bde1c67c86bc382601c01b2cb7dd6754c953e#nixosConfigurations.x86_64-linux.nixosBuildVMAarch64Linux.config.system.build.vm \
+< /dev/null &
+
+
+while ! ssh -i id_ed25519 -o ConnectTimeout=1 -o StrictHostKeyChecking=no nixuser@localhost -p 10022 <<<'nix flake metadata nixpkgs'; do \
+ echo $(date +'%d/%m/%Y %H:%M:%S:%3N'); sleep 0.5; done \
+&& ssh-keygen -R '[localhost]:10022'; \
+ssh \
+-i id_ed25519 \
+-X \
+-o StrictHostKeyChecking=no \
+nixuser@localhost \
+-p 10022
+
+#</dev/null
+ # vulkan-loader
+ # vulkan-headers
+ # mesa_drivers
+ # linuxPackages.nvidia_x11
+ # cudatoolkit
+ # cudatoolkit.lib
+ # mpi
+
+ #
+ steam-run
+
+ xorg.xclock
+ hello
+ sl
+ asciiquarium
+ figlet
+ cowsay
+ ponysay
+ cmatrix
+
+ # Just enabling it is ok, and might be better
+ # nix
+ # nixVersions.nix_2_10
+
+ # pciutils # lspci and others
+ # coreboot-utils
+
+ # # TODO: testar com o zsh
+ ## bashInteractive # https://www.reddit.com/r/NixOS/comments/zx4kmh/alpinewsl_home_manager_bash_issue/
+ coreutils
+ binutils
+ utillinux
+ xorg.xkill
+ glibc.bin
+ patchelf
+ gparted
+ # glxinfo
+ file
+ findutils
+ gnugrep
+ gnumake
+ gnused
+ gawk
+ hexdump
+ which
+ xz
+ exfat
+ procps
+ curl
+ wget
+ lsof
+ tree
+ ripgrep
+ killall
+ nmap
+ netcat
+ nettools
+ tmate
+ strace
+ # ptrace
+ traceroute
+ man
+ man-db
+ (aspellWithDicts (d: with d; [ de en pt_BR ])) # nix repl --expr 'import {}' <<<'builtins.attrNames aspellDicts' | tr ' ' '\n'
+ gnome.simple-scan
+ imagemagick
+ nix-prefetch-git
+ nixfmt
+ hydra-check
+ nixos-option
+ shellcheck
+
+ fontconfig
+ # fontforge-gtk # TODO: testar fontes usando esse programa
+ # pango
+
+ # arphic-ukai
+ # arphic-uming
+ # aurulent-sans
+ # comic-relief
+ # corefonts # Microsoft free fonts
+ # dejavu_fonts
+ # dina-font
+ # fira # Monospace
+ # fira-code
+ # fira-code-symbols
+ # font-awesome # font-awesome-ttf, font-awesome_4
+ # freefont_ttf
+ # hack-font
+ # hasklig
+ # inconsolata # Monospace
+ # ionicons
+ # lato
+ # liberation_ttf
+ # lineicons
+ # montserrat
+ # mplus-outline-fonts
+ nerdfonts # Really big, but only this font fixed some issues with starship
+ # noto-fonts
+ # noto-fonts-emoji
+ # noto-fonts-extra
+ powerline
+ powerline-fonts
+ # source-han-sans-japanese
+ # source-han-sans-korean
+ # source-han-sans-simplified-chinese
+ # source-han-sans-traditional-chinese
+ # source-sans
+ # source-sans-pro
+ # sudo-font
+ # symbola
+ # twemoji-color-font
+ # ubuntu_font_family
+ # unifont # International languages
+ # wqy_microhei
+ # wqy_zenhei
+ # xkcd-font
+
+ # (nerdfonts.override { fonts = [ "FiraCode"]; })
+ # (
+ # nerdfonts.override {
+ # fonts = [
+ # "AnonymousPro"
+ # "DroidSansMono"
+ # "FiraCode"
+ # "JetBrainsMono"
+ # "Noto"
+ # "Terminus"
+ # "Hack"
+ # "Ubuntu"
+ # "UbuntuMono"
+ # ];
+ # }
+ # )
+
+ # zsh-nix-shell
+ # zsh-powerlevel10k
+ # zsh-powerlevel9k
+ # zsh-syntax-highlighting
+
+ oh-my-zsh
+ # zsh-completions-latest
+
+ # gcc
+ # gdb
+ # clang
+ # rustc
+ # python3Full
+ # julia-bin
+
+ graphviz # dot command comes from here
+ jq
+ unixtools.xxd
+
+ gzip
+ # unrar
+ unzip
+ gnutar
+
+ btop
+ htop
+ asciinema
+ git
+ openssh
+ # sshfs # TODO: testar
+
+ podman
+ # runc
+ # skopeo
+ # conmon
+ # slirp4netns
+ # shadow
+
+ (
+ writeScriptBin "ix" ''
+ #! ${pkgs.runtimeShell} -e
+ "$@" | "curl" -F 'f:1=<-' ix.io
+ ''
+ )
+
+ (
+ writeScriptBin "erw" ''
+ #! ${pkgs.runtimeShell} -e
+ echo "$(readlink -f "$(which $1)")"
+ ''
+ )
+
+ (
+ writeScriptBin "crw" ''
+ #! ${pkgs.runtimeShell} -e
+ cat "$(readlink -f "$(which $1)")"
+ ''
+ )
+
+ (
+ writeScriptBin "generate-new-ed25519-key-pair" ''
+ #! ${pkgs.runtimeShell} -e
+
+ ssh-keygen \
+ -t ed25519 \
+ -C "$(git config user.email)" \
+ -f "$HOME"/.ssh/id_ed25519 \
+ -N "" \
+ && echo \
+ && cat "$HOME"/.ssh/id_ed25519.pub \
+ && echo
+ ''
+ )
+
+ (
+ writeScriptBin "nfm" ''
+ #! ${pkgs.runtimeShell} -e
+ nix flake metadata $1 --json | jq -r '.url'
+ ''
+ )
+
+ (
+ writeScriptBin "hms" ''
+ export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "gphms" ''
+ echo $(cd "$HOME/.config/nixpkgs" && git pull) \
+ && export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "build-pulling-all-from-cache" ''
+ #! ${pkgs.runtimeShell} -e
+
+ set -x
+
+ export NIXPKGS_ALLOW_UNFREE=1
+
+ nix \
+ --option eval-cache false \
+ --option extra-substituters https://playing-bucket-nix-cache-test.s3.amazonaws.com \
+ --option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+ build \
+ --impure \
+ --keep-failed \
+ --max-jobs 0 \
+ --no-link \
+ --print-build-logs \
+ --print-out-paths \
+ ~/.config/nixpkgs#homeConfigurations."$(id -un)"-"$(hostname)".activationPackage
+ ''
+ )
+
+ (
+ writeScriptBin "gphms-cache" ''
+ #! ${pkgs.runtimeShell} -e
+
+ build-pulling-all-from-cache || true
+
+ echo $(cd "$HOME/.config/nixpkgs" && git pull) \
+ && export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "nr" ''
+ nix repl --expr 'import {}'
+ ''
+ )
+ ];
+
+ # https://github.com/nix-community/home-manager/blob/782cb855b2f23c485011a196c593e2d7e4fce746/modules/targets/generic-linux.nix
+ targets.genericLinux.enable = true;
+
+ nix = {
+ enable = true;
+ # What about github:NixOS/nix#nix-static can it be injected here? What would break?
+ # package = pkgs.pkgsStatic.nixVersions.nix_2_10;
+ package = pkgs.nixVersions.nix_2_10;
+ # Could be useful:
+ # export NIX_CONFIG='extra-experimental-features = nix-command flakes'
+ extraOptions = ''
+ experimental-features = nix-command flakes
+ '';
+
+ settings = {
+ # use-sandbox = true;
+ show-trace = true;
+ # system-features = [ "big-parallel" "kvm" "recursive-nix" "nixos-test" ];
+ keep-outputs = true;
+ keep-derivations = true;
+
+ tarball-ttl = 60 * 60 * 24 * 7 * 4; # = 2419200 = one month
+ # readOnlyStore = true;
+
+ # trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
+ # trusted-substituters = "fooooo";
+ };
+ };
+
+ nixpkgs.config = {
+ allowBroken = false;
+ allowUnfree = true;
+ # TODO: test it
+ # android_sdk.accept_license = true;
+ };
+
+ services.systembus-notify.enable = true;
+ services.spotifyd.enable = true;
+
+ fonts = {
+ # enableFontDir = true;
+ # enableGhostscriptFonts = true;
+ # fonts = with pkgs; [
+ # powerline-fonts
+ # ];
+ fontconfig = {
+ enable = true;
+ # defaultFonts = {
+ # monospace = [ "Droid Sans Mono Slashed for Powerline" ];
+ # };
+ };
+ };
+
+ programs.bash = {
+ enable = false;
+ # bashrcExtra = "echo foo-bar";
+ sessionVariables = {
+ A_B_C = "a-b-c";
+ FONTCONFIG_FILE = "${pkgs.fontconfig.out}/etc/fonts/fonts.conf";
+ FONTCONFIG_PATH = "${pkgs.fontconfig.out}/etc/fonts/";
+ };
+ };
+
+ # TODO: documentar e testar
+ home.extraOutputsToInstall = [
+ "/share/zsh"
+ "/share/bash"
+ "/share/fish"
+ "/share/fonts" # fc-cache -frv
+ # /etc/fonts
+ ];
+
+ # https://www.reddit.com/r/NixOS/comments/fenb4u/zsh_with_ohmyzsh_with_powerlevel10k_in_nix/
+ programs.zsh = {
+ # Your zsh config
+ enable = true;
+ enableCompletion = true;
+ dotDir = ".config/zsh";
+ enableAutosuggestions = true;
+ enableSyntaxHighlighting = true;
+ envExtra = ''
+ if [ -e ~/.nix-profile/etc/profile.d/nix.sh ]; then
+ . ~/.nix-profile/etc/profile.d/nix.sh
+ fi
+ '';
+
+ # initExtra = "neofetch --ascii_distro NixOS_small --color_blocks off --disable cpu gpu memory term de resolution kernel model";
+ initExtra = "${pkgs.neofetch}/bin/neofetch"; # TODO: checar se esse pacote é seguro
+
+ # promptInit = ''
+ # export POWERLEVEL9K_MODE=nerdfont-complete
+ # source ${pkgs.zsh-powerlevel9k}/share/zsh-powerlevel9k/powerlevel9k.zsh-theme
+ # '';
+
+ # initExtraBeforeCompInit = ''eval "$(direnv hook zsh)"'';
+ autocd = true;
+
+
+ shellAliases = {
+ l = "ls -al";
+
+ #
+ nb = "nix build";
+ npi = "nix profile install nixpkgs#";
+ ns = "nix shell";
+ # nr = "nix repl --expr 'import {}'";
+
+ rmall = "rm -frv {*,.*}";
+ };
+
+ # > closed and reopened the terminal. Then it worked.
+ # https://discourse.nixos.org/t/home-manager-doesnt-seem-to-recognize-sessionvariables/8488/8
+ sessionVariables = {
+ # EDITOR = "nvim";
+ # DEFAULT_USER = "foo-bar";
+ # ZSH_AUTOSUGGEST_USE_ASYNC="true";
+ # ZSH_AUTOSUGGEST_MANUAL_REBIND="true";
+ # PROMPT="|%F{153}%n@%m%f|%F{174}%1~%f> ";
+
+ LANG = "en_US.utf8";
+ # fc-match list
+ FONTCONFIG_FILE = "${pkgs.fontconfig.out}/etc/fonts/fonts.conf";
+ FONTCONFIG_PATH = "${pkgs.fontconfig.out}/etc/fonts/";
+ };
+
+ historySubstringSearch.enable = true;
+
+ history = {
+ save = 50000;
+ size = 50000;
+ path = "$HOME/.cache/zsh_history";
+ expireDuplicatesFirst = true;
+ };
+
+ oh-my-zsh = {
+ enable = true;
+ # https://github.com/Xychic/NixOSConfig/blob/76b638086dfcde981292831106a43022588dc670/home/home-manager.nix
+ plugins = [
+ # "autojump"
+ "aws"
+ # "cargo"
+ "catimg"
+ "colored-man-pages"
+ "colorize"
+ "command-not-found"
+ "common-aliases"
+ "copyfile"
+ "copypath"
+ "cp"
+ "direnv"
+ "docker"
+ "docker-compose"
+ "emacs"
+ "encode64"
+ "extract"
+ "fancy-ctrl-z"
+ "fzf"
+ "gcloud"
+ "git"
+ "git-extras"
+ "git-flow-avh"
+ "github"
+ "gitignore"
+ "gradle"
+ "history"
+ "history-substring-search"
+ "kubectl"
+ "man"
+ "mvn"
+ "node"
+ "npm"
+ "pass"
+ "pip"
+ "poetry"
+ "python"
+ "ripgrep"
+ "rsync"
+ "rust"
+ "scala"
+ "ssh-agent"
+ "sudo"
+ "systemadmin" # https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/systemadmin
+ "systemd"
+ "terraform"
+ # "thefuck"
+ "tig"
+ "timer"
+ # "tmux" # It needs tmux to be installed
+ "vagrant"
+ "vi-mode"
+ "vim-interaction"
+ "yarn"
+ "z"
+ "zsh-navigation-tools"
+ ];
+ theme = "robbyrussell";
+ # theme = "bira";
+ # theme = "powerlevel10k";
+ # theme = "powerlevel9k/powerlevel9k";
+ # theme = "agnoster";
+ # theme = "gallois";
+ # theme = "gentoo";
+ # theme = "af-magic";
+ # theme = "half-life";
+ # theme = "rgm";
+ # theme = "crcandy";
+ # theme = "fishy";
+ };
+ };
+
+ # programs.starship = {
+ # enable = true;
+ # enableZshIntegration = true;
+ # };
+
+ # Credits:
+ # https://gist.github.com/s-a-c/0e44dc7766922308924812d4c019b109
+ # https://gist.github.com/search?q=So+either+put+%22Important+Documents%22+before+%22Documents%22+or+use+the+substituted+version%3A%3B&ref=searchresults
+ programs.starship = {
+ enable = true;
+ enableZshIntegration = true;
+ settings = {
+ # "$schema" = "https://starship.rs/config-schema.json";
+ add_newline = true;
+ command_timeout = 500;
+ continuation_prompt = "[∙](bright-black) ";
+ # format = "[](0x9A348E)$username$hostname$localip$shlvl$singularity$kubernetes[](fg:0x9A348E bg:0xDA627D)$directory$vcsh[](fg:0xDA627D bg:0xFCA17D)$git_branch$git_commit$git_state$git_metrics$git_status$hg_branch[](fg:0x86BBD8 bg:0x06969A)$docker_context$package$buf[](fg:0xFCA17D bg:0x86BBD8)$c$cmake$cobol$container$daml$dart$deno$dotnet$elixir$elm$erlang$golang$haskell$helm$java$julia$kotlin$lua$nim$nodejs$ocaml$perl$php$pulumi$purescript$python$rlang$red$ruby$rust$scala$swift$terraform$vlang$vagrant$zig$nix_shell$conda$spack$memory_usage$aws$gcloud$openstack$azure$env_var$crystal$custom$sudo$cmd_duration$line_break$jobs$battery[](fg:0x06969A bg:0x33658A)$time$status$shell$character";
+ right_format = "";
+ scan_timeout = 30;
+ aws = {
+ format = "[$symbol($profile )(($region) )([$duration] )]($style)";
+ symbol = "🅰 ";
+ style = "bold yellow";
+ disabled = false;
+ expiration_symbol = "X";
+ force_display = false;
+ };
+ aws.region_aliases = { };
+ aws.profile_aliases = { };
+ azure = {
+ format = "[$symbol($subscription)([$duration])]($style) ";
+ symbol = "ﴃ ";
+ style = "blue bold";
+ disabled = true;
+ };
+ battery = {
+ format = "[$symbol$percentage]($style) ";
+ charging_symbol = " ";
+ discharging_symbol = " ";
+ empty_symbol = " ";
+ full_symbol = " ";
+ unknown_symbol = " ";
+ disabled = false;
+ display = [
+ {
+ style = "red bold";
+ threshold = 10;
+ }
+ ];
+ };
+ buf = {
+ format = "[$symbol ($version)]($style)";
+ version_format = "v$raw";
+ symbol = "";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "buf.yaml"
+ "buf.gen.yaml"
+ "buf.work.yaml"
+ ];
+ detect_folders = [ ];
+ };
+ c = {
+ format = "[$symbol($version(-$name) )]($style)";
+ version_format = "v$raw";
+ style = "fg:149 bold bg:0x86BBD8";
+ symbol = " ";
+ disabled = false;
+ detect_extensions = [
+ "c"
+ "h"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ # commands = [
+ # [
+ # "cc"
+ # "--version"
+ # ]
+ # [
+ # "gcc"
+ # "--version"
+ # ]
+ # [
+ # "clang"
+ # "--version"
+ # ]
+ # ];
+ };
+ character = {
+ format = "$symbol ";
+ vicmd_symbol = "[❮](bold green)";
+ disabled = false;
+ success_symbol = "[➜](bold green) ";
+ error_symbol = "[✗](bold red) ";
+ };
+ cmake = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "△ ";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "CMakeLists.txt"
+ "CMakeCache.txt"
+ ];
+ detect_folders = [ ];
+ };
+ cmd_duration = {
+ min_time = 2000;
+ format = "⏱ [$duration]($style) ";
+ style = "yellow bold";
+ show_milliseconds = false;
+ disabled = false;
+ show_notifications = false;
+ min_time_to_notify = 45000;
+ };
+ cobol = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "⚙️ ";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [
+ "cbl"
+ "cob"
+ "CBL"
+ "COB"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ conda = {
+ truncation_length = 1;
+ format = "[$symbol$environment]($style) ";
+ symbol = " ";
+ style = "green bold";
+ ignore_base = true;
+ disabled = false;
+ };
+ container = {
+ format = "[$symbol [$name]]($style) ";
+ symbol = "⬢";
+ style = "red bold dimmed";
+ disabled = false;
+ };
+ crystal = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🔮 ";
+ style = "bold red";
+ disabled = false;
+ detect_extensions = [ "cr" ];
+ detect_files = [ "shard.yml" ];
+ detect_folders = [ ];
+ };
+ dart = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🎯 ";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [ "dart" ];
+ detect_files = [
+ "pubspec.yaml"
+ "pubspec.yml"
+ "pubspec.lock"
+ ];
+ detect_folders = [ ".dart_tool" ];
+ };
+ deno = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🦕 ";
+ style = "green bold";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "deno.json"
+ "deno.jsonc"
+ "mod.ts"
+ "deps.ts"
+ "mod.js"
+ "deps.js"
+ ];
+ detect_folders = [ ];
+ };
+ directory = {
+ disabled = false;
+ fish_style_pwd_dir_length = 0;
+ format = "[$path]($style)[$read_only]($read_only_style) ";
+ home_symbol = "~";
+ read_only = " ";
+ read_only_style = "red";
+ repo_root_format = "[$before_root_path]($style)[$repo_root]($repo_root_style)[$path]($style)[$read_only]($read_only_style) ";
+ style = "cyan bold bg:0xDA627D";
+ truncate_to_repo = true;
+ truncation_length = 3;
+ truncation_symbol = "…/";
+ use_logical_path = true;
+ use_os_path_sep = true;
+ };
+ directory.substitutions = {
+ # Here is how you can shorten some long paths by text replacement;
+ # similar to mapped_locations in Oh My Posh:;
+ "Documents" = " ";
+ "Downloads" = " ";
+ "Music" = " ";
+ "Pictures" = " ";
+ # Keep in mind that the order matters. For example:;
+ # "Important Documents" = " ";
+ # will not be replaced, because "Documents" was already substituted before.;
+ # So either put "Important Documents" before "Documents" or use the substituted version:;
+ # "Important " = " ";
+ "Important " = " ";
+ };
+ docker_context = {
+ format = "[$symbol$context]($style) ";
+ style = "blue bold bg:0x06969A";
+ symbol = " ";
+ only_with_files = true;
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "docker-compose.yml"
+ "docker-compose.yaml"
+ "Dockerfile"
+ ];
+ detect_folders = [ ];
+ };
+ dotnet = {
+ format = "[$symbol($version )(🎯 $tfm )]($style)";
+ version_format = "v$raw";
+ symbol = "🥅 ";
+ style = "blue bold";
+ heuristic = true;
+ disabled = false;
+ detect_extensions = [
+ "csproj"
+ "fsproj"
+ "xproj"
+ ];
+ detect_files = [
+ "global.json"
+ "project.json"
+ "Directory.Build.props"
+ "Directory.Build.targets"
+ "Packages.props"
+ ];
+ detect_folders = [ ];
+ };
+ elixir = {
+ format = "[$symbol($version (OTP $otp_version) )]($style)";
+ version_format = "v$raw";
+ style = "bold purple bg:0x86BBD8";
+ symbol = " ";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [ "mix.exs" ];
+ detect_folders = [ ];
+ };
+ elm = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ style = "cyan bold bg:0x86BBD8";
+ symbol = " ";
+ disabled = false;
+ detect_extensions = [ "elm" ];
+ detect_files = [
+ "elm.json"
+ "elm-package.json"
+ ".elm-version"
+ ];
+ detect_folders = [ "elm-stuff" ];
+ };
+ env_var = { };
+ env_var.SHELL = {
+ format = "[$symbol($env_value )]($style)";
+ style = "grey bold italic dimmed";
+ symbol = "e:";
+ disabled = true;
+ variable = "SHELL";
+ default = "unknown shell";
+ };
+ env_var.USER = {
+ format = "[$symbol($env_value )]($style)";
+ style = "grey bold italic dimmed";
+ symbol = "e:";
+ disabled = true;
+ default = "unknown user";
+ };
+ erlang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = " ";
+ style = "bold red";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "rebar.config"
+ "erlang.mk"
+ ];
+ detect_folders = [ ];
+ };
+ fill = {
+ style = "bold black";
+ symbol = ".";
+ disabled = false;
+ };
+ gcloud = {
+ format = "[$symbol$account(@$domain)(($region))(($project))]($style) ";
+ symbol = "☁️ ";
+ style = "bold blue";
+ disabled = false;
+ };
+ gcloud.project_aliases = { };
+ gcloud.region_aliases = { };
+ git_branch = {
+ format = "[$symbol$branch(:$remote_branch)]($style) ";
+ symbol = " ";
+ style = "bold purple bg:0xFCA17D";
+ truncation_length = 9223372036854775807;
+ truncation_symbol = "…";
+ only_attached = false;
+ always_show_remote = false;
+ ignore_branches = [ ];
+ disabled = false;
+ };
+ git_commit = {
+ commit_hash_length = 7;
+ format = "[($hash$tag)]($style) ";
+ style = "green bold";
+ only_detached = true;
+ disabled = false;
+ tag_symbol = " 🏷 ";
+ tag_disabled = true;
+ };
+ git_metrics = {
+ added_style = "bold green";
+ deleted_style = "bold red";
+ only_nonzero_diffs = true;
+ format = "([+$added]($added_style) )([-$deleted]($deleted_style) )";
+ disabled = false;
+ };
+ git_state = {
+ am = "AM";
+ am_or_rebase = "AM/REBASE";
+ bisect = "BISECTING";
+ cherry_pick = "🍒PICKING(bold red)";
+ disabled = false;
+ format = "([$state( $progress_current/$progress_total)]($style)) ";
+ merge = "MERGING";
+ rebase = "REBASING";
+ revert = "REVERTING";
+ style = "bold yellow";
+ };
+ git_status = {
+ ahead = "🏎💨$count";
+ behind = "😰$count";
+ conflicted = "🏳";
+ deleted = "🗑";
+ disabled = false;
+ diverged = "😵";
+ # format = "([[$all_status$ahead_behind]]($style) )";
+ ignore_submodules = false;
+ modified = "📝";
+ renamed = "👅";
+ staged = "[++($count)](green)";
+ stashed = "📦";
+ style = "red bold bg:0xFCA17D";
+ untracked = "🤷";
+ up_to_date = "✓";
+ };
+ golang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = " ";
+ style = "bold cyan bg:0x86BBD8";
+ disabled = false;
+ detect_extensions = [ "go" ];
+ detect_files = [
+ "go.mod"
+ "go.sum"
+ "glide.yaml"
+ "Gopkg.yml"
+ "Gopkg.lock"
+ ".go-version"
+ ];
+ detect_folders = [ "Godeps" ];
+ };
+ haskell = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "λ ";
+ style = "bold purple bg:0x86BBD8";
+ disabled = false;
+ detect_extensions = [
+ "hs"
+ "cabal"
+ "hs-boot"
+ ];
+ detect_files = [
+ "stack.yaml"
+ "cabal.project"
+ ];
+ detect_folders = [ ];
+ };
+ helm = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "⎈ ";
+ style = "bold white";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "helmfile.yaml"
+ "Chart.yaml"
+ ];
+ detect_folders = [ ];
+ };
+ hg_branch = {
+ symbol = " ";
+ style = "bold purple";
+ format = "on [$symbol$branch]($style) ";
+ truncation_length = 9223372036854775807;
+ truncation_symbol = "…";
+ disabled = true;
+ };
+ hostname = {
+ disabled = false;
+ format = "[$ssh_symbol](blue dimmed bold)[$hostname]($style) ";
+ ssh_only = false;
+ style = "green dimmed bold";
+ trim_at = ".";
+ };
+ java = {
+ disabled = false;
+ format = "[$symbol($version )]($style)";
+ style = "red dimmed bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ detect_extensions = [
+ "java"
+ "class"
+ "jar"
+ "gradle"
+ "clj"
+ "cljc"
+ ];
+ detect_files = [
+ "pom.xml"
+ "build.gradle.kts"
+ "build.sbt"
+ ".java-version"
+ "deps.edn"
+ "project.clj"
+ "build.boot"
+ ];
+ detect_folders = [ ];
+ };
+ jobs = {
+ threshold = 1;
+ symbol_threshold = 0;
+ number_threshold = 2;
+ format = "[$symbol$number]($style) ";
+ symbol = "✦";
+ style = "bold blue";
+ disabled = false;
+ };
+ julia = {
+ disabled = false;
+ format = "[$symbol($version )]($style)";
+ style = "bold purple bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ detect_extensions = [ "jl" ];
+ detect_files = [
+ "Project.toml"
+ "Manifest.toml"
+ ];
+ detect_folders = [ ];
+ };
+ kotlin = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🅺 ";
+ style = "bold blue";
+ kotlin_binary = "kotlin";
+ disabled = false;
+ detect_extensions = [
+ "kt"
+ "kts"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ kubernetes = {
+ disabled = false;
+ format = "[$symbol$context( ($namespace))]($style) in ";
+ style = "cyan bold";
+ symbol = "⛵ ";
+ };
+ kubernetes.context_aliases = { };
+ line_break = {
+ disabled = false;
+ };
+ localip = {
+ disabled = false;
+ format = "[@$localipv4]($style) ";
+ ssh_only = false;
+ style = "yellow bold";
+ };
+ lua = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🌙 ";
+ style = "bold blue";
+ lua_binary = "lua";
+ disabled = false;
+ detect_extensions = [ "lua" ];
+ detect_files = [ ".lua-version" ];
+ detect_folders = [ "lua" ];
+ };
+ memory_usage = {
+ disabled = false;
+ format = "$symbol[$ram( | $swap)]($style) ";
+ style = "white bold dimmed";
+ symbol = " ";
+ # threshold = 75;
+ threshold = -1;
+ };
+ nim = {
+ format = "[$symbol($version )]($style)";
+ style = "yellow bold bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [
+ "nim"
+ "nims"
+ "nimble"
+ ];
+ detect_files = [ "nim.cfg" ];
+ detect_folders = [ ];
+ };
+ nix_shell = {
+ format = "[$symbol$state( ($name))]($style) ";
+ disabled = false;
+ impure_msg = "[impure](bold red)";
+ pure_msg = "[pure](bold green)";
+ style = "bold blue";
+ symbol = " ";
+ };
+ nodejs = {
+ format = "[$symbol($version )]($style)";
+ not_capable_style = "bold red";
+ style = "bold green bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [
+ "js"
+ "mjs"
+ "cjs"
+ "ts"
+ "mts"
+ "cts"
+ ];
+ detect_files = [
+ "package.json"
+ ".node-version"
+ ".nvmrc"
+ ];
+ detect_folders = [ "node_modules" ];
+ };
+ ocaml = {
+ format = "[$symbol($version )(($switch_indicator$switch_name) )]($style)";
+ global_switch_indicator = "";
+ local_switch_indicator = "*";
+ style = "bold yellow";
+ symbol = "🐫 ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [
+ "opam"
+ "ml"
+ "mli"
+ "re"
+ "rei"
+ ];
+ detect_files = [
+ "dune"
+ "dune-project"
+ "jbuild"
+ "jbuild-ignore"
+ ".merlin"
+ ];
+ detect_folders = [
+ "_opam"
+ "esy.lock"
+ ];
+ };
+ openstack = {
+ format = "[$symbol$cloud(($project))]($style) ";
+ symbol = "☁️ ";
+ style = "bold yellow";
+ disabled = false;
+ };
+ package = {
+ format = "[$symbol$version]($style) ";
+ symbol = "📦 ";
+ style = "208 bold";
+ display_private = false;
+ disabled = false;
+ version_format = "v$raw";
+ };
+ perl = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🐪 ";
+ style = "149 bold";
+ disabled = false;
+ detect_extensions = [
+ "pl"
+ "pm"
+ "pod"
+ ];
+ detect_files = [
+ "Makefile.PL"
+ "Build.PL"
+ "cpanfile"
+ "cpanfile.snapshot"
+ "META.json"
+ "META.yml"
+ ".perl-version"
+ ];
+ detect_folders = [ ];
+ };
+ php = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🐘 ";
+ style = "147 bold";
+ disabled = false;
+ detect_extensions = [ "php" ];
+ detect_files = [
+ "composer.json"
+ ".php-version"
+ ];
+ detect_folders = [ ];
+ };
+ pulumi = {
+ format = "[$symbol($username@)$stack]($style) ";
+ version_format = "v$raw";
+ symbol = " ";
+ style = "bold 5";
+ disabled = false;
+ };
+ purescript = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "<=> ";
+ style = "bold white";
+ disabled = false;
+ detect_extensions = [ "purs" ];
+ detect_files = [ "spago.dhall" ];
+ detect_folders = [ ];
+ };
+ python = {
+ format = "[$symbol$pyenv_prefix($version )(($virtualenv) )]($style)";
+ python_binary = [
+ "python"
+ "python3"
+ "python2"
+ ];
+ pyenv_prefix = "pyenv ";
+ pyenv_version_name = true;
+ style = "yellow bold";
+ symbol = "🐍 ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [ "py" ];
+ detect_files = [
+ "requirements.txt"
+ ".python-version"
+ "pyproject.toml"
+ "Pipfile"
+ "tox.ini"
+ "setup.py"
+ "__init__.py"
+ ];
+ detect_folders = [ ];
+ };
+ red = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🔺 ";
+ style = "red bold";
+ disabled = false;
+ detect_extensions = [
+ "red"
+ "reds"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ rlang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ style = "blue bold";
+ symbol = "📐 ";
+ disabled = false;
+ detect_extensions = [
+ "R"
+ "Rd"
+ "Rmd"
+ "Rproj"
+ "Rsx"
+ ];
+ detect_files = [ ".Rprofile" ];
+ detect_folders = [ ".Rproj.user" ];
+ };
+ ruby = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "💎 ";
+ style = "bold red";
+ disabled = false;
+ detect_extensions = [ "rb" ];
+ detect_files = [
+ "Gemfile"
+ ".ruby-version"
+ ];
+ detect_folders = [ ];
+ detect_variables = [
+ "RUBY_VERSION"
+ "RBENV_VERSION"
+ ];
+ };
+ rust = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🦀 ";
+ style = "bold red bg:0x86BBD8";
+ disabled = false;
+ detect_extensions = [ "rs" ];
+ detect_files = [ "Cargo.toml" ];
+ detect_folders = [ ];
+ };
+ scala = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ disabled = false;
+ style = "red bold";
+ symbol = "🆂 ";
+ detect_extensions = [
+ "sbt"
+ "scala"
+ ];
+ detect_files = [
+ ".scalaenv"
+ ".sbtenv"
+ "build.sbt"
+ ];
+ detect_folders = [ ".metals" ];
+ };
+ shell = {
+ format = "[$indicator]($style) ";
+ bash_indicator = "bsh";
+ cmd_indicator = "cmd";
+ elvish_indicator = "esh";
+ fish_indicator = "";
+ ion_indicator = "ion";
+ nu_indicator = "nu";
+ powershell_indicator = "_";
+ style = "white bold";
+ tcsh_indicator = "tsh";
+ unknown_indicator = "mystery shell";
+ xonsh_indicator = "xsh";
+ zsh_indicator = "zsh";
+ disabled = false;
+ };
+ shlvl = {
+ threshold = 2;
+ format = "[$symbol$shlvl]($style) ";
+ symbol = "↕️ ";
+ repeat = false;
+ style = "bold yellow";
+ disabled = true;
+ };
+ singularity = {
+ format = "[$symbol[$env]]($style) ";
+ style = "blue bold dimmed";
+ symbol = "📦 ";
+ disabled = false;
+ };
+ spack = {
+ truncation_length = 1;
+ format = "[$symbol$environment]($style) ";
+ symbol = "🅢 ";
+ style = "blue bold";
+ disabled = false;
+ };
+ status = {
+ format = "[$symbol$status]($style) ";
+ map_symbol = true;
+ not_executable_symbol = "🚫";
+ not_found_symbol = "🔍";
+ pipestatus = false;
+ pipestatus_format = "[$pipestatus] => [$symbol$common_meaning$signal_name$maybe_int]($style)";
+ pipestatus_separator = "|";
+ recognize_signal_code = true;
+ signal_symbol = "⚡";
+ style = "bold red bg:blue";
+ success_symbol = "🟢 SUCCESS";
+ symbol = "🔴 ";
+ disabled = true;
+ };
+ sudo = {
+ format = "[as $symbol]($style)";
+ symbol = "🧙 ";
+ style = "bold blue";
+ allow_windows = false;
+ disabled = true;
+ };
+ swift = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🐦 ";
+ style = "bold 202";
+ disabled = false;
+ detect_extensions = [ "swift" ];
+ detect_files = [ "Package.swift" ];
+ detect_folders = [ ];
+ };
+ terraform = {
+ format = "[$symbol$workspace]($style) ";
+ version_format = "v$raw";
+ symbol = "💠 ";
+ style = "bold 105";
+ disabled = false;
+ detect_extensions = [
+ "tf"
+ "tfplan"
+ "tfstate"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ".terraform" ];
+ };
+ time = {
+ format = "[$symbol $time]($style) ";
+ style = "bold yellow bg:0x33658A";
+ use_12hr = false;
+ disabled = false;
+ utc_time_offset = "local";
+ # time_format = "%R"; # Hour:Minute Format;
+ time_format = "%T"; # Hour:Minute:Seconds Format;
+ time_range = "-";
+ };
+ username = {
+ format = "[$user]($style) ";
+ show_always = true;
+ style_root = "red bold bg:0x9A348E";
+ style_user = "yellow bold bg:0x9A348E";
+ disabled = false;
+ };
+ vagrant = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "⍱ ";
+ style = "cyan bold";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [ "Vagrantfile" ];
+ detect_folders = [ ];
+ };
+ vcsh = {
+ symbol = "";
+ style = "bold yellow";
+ format = "[$symbol$repo]($style) ";
+ disabled = false;
+ };
+ vlang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "V ";
+ style = "blue bold";
+ disabled = false;
+ detect_extensions = [ "v" ];
+ detect_files = [
+ "v.mod"
+ "vpkg.json"
+ ".vpkg-lock.json"
+ ];
+ detect_folders = [ ];
+ };
+ zig = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "↯ ";
+ style = "bold yellow";
+ disabled = false;
+ detect_extensions = [ "zig" ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ custom = { };
+ };
+ };
+
+ # https://nix-community.github.io/home-manager/options.html#opt-programs.direnv.config
+ programs.direnv = {
+ enable = true;
+ nix-direnv = {
+ enable = true;
+ };
+ enableZshIntegration = true;
+ };
+
+ programs.fzf = {
+ enable = true;
+ enableZshIntegration = true;
+ # enableBashIntegration = true;
+ # enableFishIntegration = true;
+ };
+
+ # This makes it so that if you type the name of a program that
+ # isn't installed, it will tell you which package contains it.
+ # https://eevie.ro/posts/2022-01-24-how-i-nix.html
+ #
+ programs.nix-index = {
+ enable = true;
+ # enableFishIntegration = true;
+ # enableBashIntegration = true;
+ enableZshIntegration = true;
+ };
+
+ programs.home-manager = {
+ enable = true;
+ };
+}
diff --git a/templates/start-config/.envrc b/templates/start-config/.envrc
new file mode 100644
index 0000000..3550a30
--- /dev/null
+++ b/templates/start-config/.envrc
@@ -0,0 +1 @@
+use flake
diff --git a/templates/start-config/.gitignore b/templates/start-config/.gitignore
new file mode 100644
index 0000000..3231e7b
--- /dev/null
+++ b/templates/start-config/.gitignore
@@ -0,0 +1,8 @@
+result
+
+.idea/
+
+__pycache__/
+
+*.tar.gz
+.direnv/
diff --git a/templates/start-config/flake.nix b/templates/start-config/flake.nix
new file mode 100644
index 0000000..7d8f6a9
--- /dev/null
+++ b/templates/start-config/flake.nix
@@ -0,0 +1,50 @@
+{
+ description = "Home Manager configuration";
+
+ inputs = {
+ # Specify the source of Home Manager and Nixpkgs
+ home-manager.url = "github:nix-community/home-manager";
+ nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+ home-manager.inputs.nixpkgs.follows = "nixpkgs";
+ };
+
+ outputs = { nixpkgs, home-manager, ... }:
+ let
+ system = "x86_64-linux";
+ username = "1M0b4nc0";
+ hostname = "fooo";
+ in
+ {
+ homeConfigurations."${username}-${hostname}" = home-manager.lib.homeManagerConfiguration {
+ pkgs = nixpkgs.legacyPackages.${system};
+
+ modules = [
+ {
+ home = {
+ inherit username;
+ homeDirectory = "/home/${username}"; # TODO: esse caminho muda no Mac!
+ stateVersion = "22.11";
+ };
+ programs.home-manager.enable = true;
+ }
+ ./home.nix
+ ];
+
+ # TODO: how to: Optionally use extraSpecialArgs
+ # to pass through arguments to home.nix
+ };
+
+ devShells.default = pkgs.mkShell {
+ buildInputs = with pkgs; [
+ bashInteractive
+ coreutils
+ curl
+ gnumake
+ patchelf
+ poetry
+ python3Full
+ tmate
+ ];
+ };
+ };
+}
diff --git a/templates/start-config/home.nix b/templates/start-config/home.nix
new file mode 100644
index 0000000..da3cf4b
--- /dev/null
+++ b/templates/start-config/home.nix
@@ -0,0 +1,1633 @@
+{ pkgs, ... }:
+
+{
+
+ # Home Manager needs a bit of information about you and the
+ # paths it should manage.
+ # home.username = "ubuntu";
+ # home.homeDirectory = "/home/ubuntu";
+
+ home.packages = with pkgs; [
+ # Graphical packages
+ #anydesk
+ #blender
+ #brave
+ #dbeaver
+ #discord
+ #gimp
+ #gitkraken
+ #google-chrome
+ #inkscape
+ #insomnia
+ #jetbrains.pycharm-community
+ #keepassxc
+ #kolourpaint
+ #libreoffice
+ #obsidian
+ #okular
+ #peek
+ #postman
+ #qbittorrent
+ #spotify
+ #tdesktop
+ #virt-manager
+ #vlc
+ #vscodium
+
+ xorg.xclock
+
+ # sudo $(which lshw) -C display
+ # sudo dmesg | grep drm
+ # glxgears -info
+ # lspci | grep -i vga
+ # mesa
+ # mesa-demos
+ # libglvnd # find / -name 'libGL.so' 2>/dev/null
+ # vulkan-loader
+ # vulkan-headers
+ # mesa_drivers
+ # linuxPackages.nvidia_x11
+ # cudatoolkit
+ # cudatoolkit.lib
+ # mpi
+
+ #
+ steam-run
+
+ xorg.xclock
+ hello
+ sl
+ asciiquarium
+ figlet
+ cowsay
+ ponysay
+ cmatrix
+
+ # Just enabling it is ok, and might be better
+ # nix
+ # nixVersions.nix_2_10
+
+ # pciutils # lspci and others
+ # coreboot-utils
+
+ # # TODO: testar com o zsh
+ ## bashInteractive # https://www.reddit.com/r/NixOS/comments/zx4kmh/alpinewsl_home_manager_bash_issue/
+ coreutils
+ binutils
+ utillinux
+ xorg.xkill
+ glibc.bin
+ patchelf
+ gparted
+ # glxinfo
+ file
+ findutils
+ gnugrep
+ gnumake
+ gnused
+ gawk
+ hexdump
+ which
+ xz
+ exfat
+ procps
+ curl
+ wget
+ lsof
+ tree
+ ripgrep
+ killall
+ nmap
+ netcat
+ nettools
+ tmate
+ strace
+ # ptrace
+ traceroute
+ man
+ man-db
+ (aspellWithDicts (d: with d; [ de en pt_BR ])) # nix repl --expr 'import {}' <<<'builtins.attrNames aspellDicts' | tr ' ' '\n'
+ gnome.simple-scan
+ imagemagick
+ nix-prefetch-git
+ nixfmt
+ hydra-check
+ nixos-option
+ shellcheck
+
+ fontconfig
+ # fontforge-gtk # TODO: testar fontes usando esse programa
+ # pango
+
+ # arphic-ukai
+ # arphic-uming
+ # aurulent-sans
+ # comic-relief
+ # corefonts # Microsoft free fonts
+ # dejavu_fonts
+ # dina-font
+ # fira # Monospace
+ # fira-code
+ # fira-code-symbols
+ # font-awesome # font-awesome-ttf, font-awesome_4
+ # freefont_ttf
+ # hack-font
+ # hasklig
+ # inconsolata # Monospace
+ # ionicons
+ # lato
+ # liberation_ttf
+ # lineicons
+ # montserrat
+ # mplus-outline-fonts
+ # nerdfonts # Really big, but only this font fixed some issues with starship
+ # noto-fonts
+ # noto-fonts-emoji
+ # noto-fonts-extra
+ powerline
+ powerline-fonts
+ # source-han-sans-japanese
+ # source-han-sans-korean
+ # source-han-sans-simplified-chinese
+ # source-han-sans-traditional-chinese
+ # source-sans
+ # source-sans-pro
+ # sudo-font
+ # symbola
+ # twemoji-color-font
+ # ubuntu_font_family
+ # unifont # International languages
+ # wqy_microhei
+ # wqy_zenhei
+ # xkcd-font
+
+ # (nerdfonts.override { fonts = [ "FiraCode"]; })
+ (
+ nerdfonts.override {
+ fonts = [
+ # "3270"
+ # "Agave"
+ # "AnonymousPro"
+ # "Arimo"
+ # "AurulentSansMono"
+ # "BigBlueTerminal"
+ # "BitstreamVeraSansMono"
+ # "CascadiaCode"
+ # "CodeNewRoman"
+ # "Cousine"
+ # "DaddyTimeMono"
+ # "DejaVuSansMono"
+ # "DroidSansMono"
+ # "FantasqueSansMono"
+ "FiraCode"
+ # "FiraMono"
+ # "FontPatcher"
+ # "Go-Mono"
+ # "Gohu"
+ # "Hack"
+ # "Hasklig"
+ # "HeavyData"
+ # "Hermit"
+ # "iA-Writer"
+ # "IBMPlexMono"
+ # "Inconsolata"
+ # "InconsolataGo"
+ # "InconsolataLGC"
+ # "Iosevka"
+ "JetBrainsMono"
+ # "Lekton"
+ # "LiberationMono"
+ # "Lilex"
+ # "Meslo"
+ # "Monofur"
+ # "Monoid"
+ # "Mononoki"
+ # "MPlus"
+ # "NerdFontsSymbolsOnly"
+ # "Noto"
+ # "OpenDyslexic"
+ # "Overpass"
+ # "ProFont"
+ # "ProggyClean"
+ # "RobotoMono"
+ # "ShareTechMono"
+ # "SourceCodePro"
+ # "SpaceMono"
+ # "Terminus"
+ # "Tinos"
+ "Ubuntu"
+ # "UbuntuMono"
+ # "VictorMono"
+ ];
+ }
+ )
+
+ # zsh-nix-shell
+ # zsh-powerlevel10k
+ # zsh-powerlevel9k
+ # zsh-syntax-highlighting
+
+ oh-my-zsh
+ # zsh-completions-latest
+
+ # gcc
+ # gdb
+ # clang
+ # rustc
+ # python3Full
+ # julia-bin
+
+ graphviz # dot command comes from here
+ jq
+ unixtools.xxd
+
+ gzip
+ # unrar
+ unzip
+ gnutar
+
+ btop
+ htop
+ asciinema
+ git
+ openssh
+ # sshfs # TODO: testar
+
+ podman
+ # runc
+ # skopeo
+ # conmon
+ # slirp4netns
+ # shadow
+
+ (
+ writeScriptBin "ix" ''
+ #! ${pkgs.runtimeShell} -e
+ "$@" | "curl" -F 'f:1=<-' ix.io
+ ''
+ )
+
+ (
+ writeScriptBin "erw" ''
+ #! ${pkgs.runtimeShell} -e
+ echo "$(readlink -f "$(which $1)")"
+ ''
+ )
+
+ (
+ writeScriptBin "crw" ''
+ #! ${pkgs.runtimeShell} -e
+ cat "$(readlink -f "$(which $1)")"
+ ''
+ )
+
+ (
+ writeScriptBin "myexternalip" ''
+ #! ${pkgs.runtimeShell} -e
+ # https://askubuntu.com/questions/95910/command-for-determining-my-public-ip#comment1985064_712144
+
+ curl https://checkip.amazonaws.com
+ ''
+ )
+
+ (
+ writeScriptBin "mynatip" ''
+ #! ${pkgs.runtimeShell} -e
+ # https://unix.stackexchange.com/a/569306
+ # https://serverfault.com/a/256506
+
+ NETWORK_INTERFACE_NAME=$(route | awk '
+ BEGIN { min = -1 }
+ $1 == "default" {
+ if (min < 0 || $5 < min) {
+ min = $5
+ iface = $8
+ }
+ }
+ END {
+ if (iface == "") {
+ print "No \"default\" route found!" > "/dev/stderr"
+ exit 1
+ } else {
+ print iface
+ exit 0
+ }
+ }
+ '
+ )
+
+ ip addr show dev $NETWORK_INTERFACE_NAME | grep "inet " | awk '{ print $2 }' | cut -d'/' -f1
+ ''
+ )
+
+ (
+ writeScriptBin "generate-new-ed25519-key-pair" ''
+ #! ${pkgs.runtimeShell} -e
+ ssh-keygen \
+ -t ed25519 \
+ -C "$(git config user.email)" \
+ -f "$HOME"/.ssh/id_ed25519 \
+ -N "" \
+ && echo \
+ && cat "$HOME"/.ssh/id_ed25519.pub \
+ && echo
+
+
+ while $(echo 'yes' | ssh -T -o ConnectTimeout=1 git@github.com &>/dev/null); do echo $(date +'%d/%m/%Y %H:%M:%S:%3N') && sleep 0.5; done
+
+ ssh -T -o ConnectTimeout=1 git@github.com &>/dev/null
+ test $? -eq 1 || echo "Error in ssh -T -o ConnectTimeout=1 git@github.com
+
+ ''
+ )
+
+ (
+ writeScriptBin "try-install-openssh-server" ''
+ #! ${pkgs.runtimeShell} -e
+ command -v sshd || (command -v apt && sudo apt-get update && sudo apt-get install -y openssh-server)
+ command -v sshd || (command -v apk && sudo apk add --no-cache -y openssh-server)
+ ''
+ )
+
+ (
+ writeScriptBin "nfm" ''
+ #! ${pkgs.runtimeShell} -e
+ nix flake metadata $1 --json | jq -r '.url'
+ ''
+ )
+
+ (
+ writeScriptBin "hms" ''
+ export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "gphms" ''
+
+ DIRECTORY_TO_CLONE=/home/"$USER"/.config/nixpkgs
+
+
+ echo $(cd "$HOME/.config/nixpkgs" && git pull) \
+ && export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "build-pulling-all-from-cache" ''
+ #! ${pkgs.runtimeShell} -e
+
+ set -x
+
+ export NIXPKGS_ALLOW_UNFREE=1
+
+ nix \
+ --option eval-cache false \
+ --option extra-substituters https://playing-bucket-nix-cache-test.s3.amazonaws.com \
+ --option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+ build \
+ --impure \
+ --keep-failed \
+ --max-jobs 0 \
+ --no-link \
+ --print-build-logs \
+ --print-out-paths \
+ ~/.config/nixpkgs#homeConfigurations."$(id -un)"-"$(hostname)".activationPackage
+ ''
+ )
+
+ (
+ writeScriptBin "gphms-cache" ''
+ #! ${pkgs.runtimeShell} -e
+
+ build-pulling-all-from-cache || true
+
+ echo $(cd "$HOME/.config/nixpkgs" && git pull) \
+ && export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "create-nix-hardcoded-sign-cache-keys" ''
+
+ CACHE_KEYS_FULL_PATH="$HOME"/.nix-sing-cache-keys
+ mkdir -m 0700 -pv "$CACHE_KEYS_FULL_PATH"
+
+ cat > "$CACHE_KEYS_FULL_PATH"/cache-pub-key.pem << 'EOF'
+ binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg=
+ EOF
+
+ cat > "$CACHE_KEYS_FULL_PATH"/cache-priv-key.pem << 'EOF'
+ binarycache-1:LS3ApFX0izjIwKCDJFquhuF2+ENxhAv0jdF838AyhUVeI8dL9dP/OIwe7mEahDxnQrzyxrUSqLmQVNjKXfcUmA==
+ EOF
+
+ chown -v $USER "$CACHE_KEYS_FULL_PATH"/cache-priv-key.pem \
+ && chmod 0600 -v "$CACHE_KEYS_FULL_PATH"/cache-priv-key.pem
+ ''
+ )
+
+ (
+ writeScriptBin "nr" ''
+ nix repl --expr 'import {}'
+ ''
+ )
+
+ (
+ writeScriptBin "script-post-build-hook" ''
+ set -euf
+
+ echo "post-build-hook"
+ echo "-- ''${OUT_PATHS} --"
+ echo "^^ ''${DRV_PATH} ^^"
+
+ # set -x
+
+ KEY_FILE=cache-priv-key.pem
+ # Testar ?region=eu-west-1
+ CACHE=s3://playing-bucket-nix-cache-test/
+
+ # mapfile -t DERIVATIONS < <(echo "''${OUT_PATHS[@]}" | xargs nix path-info --derivation)
+ # mapfile -t DERIVATIONS < <(echo "''${OUT_PATHS[@]}" | xargs nix path-info)
+ # mapfile -t DEPENDENCIES < <(echo "''${DRV_PATH[@]}" | xargs nix-store --query --requisites --include-outputs --force-realise)
+
+ # Only runtime for now
+ mapfile -t DEPENDENCIES < <(echo "''${OUT_PATHS[@]}" | xargs nix path-info --recursive)
+
+ # TODO: é o correto assinar as derivações, os .drv?
+ # echo "''${DERIVATIONS[@]}" | xargs nix store sign --key-file "$KEY_FILE" --recursive
+
+ # TODO:
+ echo "''${DEPENDENCIES[@]}" | xargs nix store sign --key-file "$KEY_FILE" --recursive
+
+ # echo "''${DEPENDENCIES[@]}" | xargs nix copy --eval-store auto --no-check-sigs -vvv --to "$CACHE"
+ echo "''${DEPENDENCIES[@]}" | xargs nix copy -vvv --to "$CACHE"
+
+ ''
+ )
+
+ (
+ writeScriptBin "e-script-post-build-hook" ''
+ erw script-post-build-hook
+ ''
+ )
+ ];
+
+ # https://github.com/nix-community/home-manager/blob/782cb855b2f23c485011a196c593e2d7e4fce746/modules/targets/generic-linux.nix
+ targets.genericLinux.enable = true;
+
+ nix = {
+ enable = true;
+ # What about github:NixOS/nix#nix-static can it be injected here? What would break?
+ # package = pkgs.pkgsStatic.nixVersions.nix_2_10;
+ package = pkgs.nixVersions.nix_2_10;
+ # Could be useful:
+ # export NIX_CONFIG='extra-experimental-features = nix-command flakes'
+ extraOptions = ''
+ experimental-features = nix-command flakes
+ trusted-public-keys = binarycache-1:tcdI+LZIBrh5xmvW2P0NO5ZPwTKpkCoGq3Hmmj58yOI=
+ substituters = https://playing-bucket-nix-cache-test.s3.amazonaws.com
+ '';
+
+ settings = {
+ # use-sandbox = true;
+ show-trace = true;
+ # system-features = [ "big-parallel" "kvm" "recursive-nix" "nixos-test" ];
+ keep-outputs = true;
+ keep-derivations = true;
+
+ tarball-ttl = 60 * 60 * 24 * 7 * 4; # = 2419200 = one month
+ # readOnlyStore = true;
+
+ # trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
+ # trusted-substituters = "fooooo";
+ };
+ };
+
+ nixpkgs.config = {
+ allowBroken = false;
+ allowUnfree = true;
+ # TODO: test it
+ # android_sdk.accept_license = true;
+ };
+
+ services.systembus-notify.enable = true;
+ services.spotifyd.enable = true;
+
+ fonts = {
+ # enableFontDir = true;
+ # enableGhostscriptFonts = true;
+ # fonts = with pkgs; [
+ # powerline-fonts
+ # ];
+ fontconfig = {
+ enable = true;
+ # defaultFonts = {
+ # monospace = [ "Droid Sans Mono Slashed for Powerline" ];
+ # };
+ };
+ };
+
+ programs.bash = {
+ enable = false;
+ # bashrcExtra = "echo foo-bar";
+ sessionVariables = {
+ A_B_C = "a-b-c";
+ FONTCONFIG_FILE = "${pkgs.fontconfig.out}/etc/fonts/fonts.conf";
+ FONTCONFIG_PATH = "${pkgs.fontconfig.out}/etc/fonts/";
+ };
+ };
+
+ # TODO: documentar e testar
+ home.extraOutputsToInstall = [
+ "/share/zsh"
+ "/share/bash"
+ "/share/fish"
+ "/share/fonts" # fc-cache -frv
+ # /etc/fonts
+ ];
+
+ # https://www.reddit.com/r/NixOS/comments/fenb4u/zsh_with_ohmyzsh_with_powerlevel10k_in_nix/
+ programs.zsh = {
+ # Your zsh config
+ enable = true;
+ enableCompletion = true;
+ dotDir = ".config/zsh";
+ enableAutosuggestions = true;
+ enableSyntaxHighlighting = true;
+ envExtra = ''
+ if [ -e ~/.nix-profile/etc/profile.d/nix.sh ]; then
+ . ~/.nix-profile/etc/profile.d/nix.sh
+ fi
+ '';
+
+ # initExtra = "neofetch --ascii_distro NixOS_small --color_blocks off --disable cpu gpu memory term de resolution kernel model";
+ initExtra = "${pkgs.neofetch}/bin/neofetch"; # TODO: checar se esse pacote é seguro
+
+ # promptInit = ''
+ # export POWERLEVEL9K_MODE=nerdfont-complete
+ # source ${pkgs.zsh-powerlevel9k}/share/zsh-powerlevel9k/powerlevel9k.zsh-theme
+ # '';
+
+ # initExtraBeforeCompInit = ''eval "$(direnv hook zsh)"'';
+ autocd = true;
+
+
+ shellAliases = {
+ l = "ls -al";
+
+ #
+ nb = "nix build";
+ npi = "nix profile install nixpkgs#";
+ ns = "nix shell";
+ # nr = "nix repl --expr 'import {}'";
+
+ rmall = "rm -frv {*,.*}";
+ };
+
+ # > closed and reopened the terminal. Then it worked.
+ # https://discourse.nixos.org/t/home-manager-doesnt-seem-to-recognize-sessionvariables/8488/8
+ sessionVariables = {
+ # EDITOR = "nvim";
+ # DEFAULT_USER = "foo-bar";
+ # ZSH_AUTOSUGGEST_USE_ASYNC="true";
+ # ZSH_AUTOSUGGEST_MANUAL_REBIND="true";
+ # PROMPT="|%F{153}%n@%m%f|%F{174}%1~%f> ";
+
+ LANG = "en_US.utf8";
+ # fc-match list
+ FONTCONFIG_FILE = "${pkgs.fontconfig.out}/etc/fonts/fonts.conf";
+ FONTCONFIG_PATH = "${pkgs.fontconfig.out}/etc/fonts/";
+ };
+
+ historySubstringSearch.enable = true;
+
+ history = {
+ save = 50000;
+ size = 50000;
+ path = "$HOME/.cache/zsh_history";
+ expireDuplicatesFirst = true;
+ };
+
+ oh-my-zsh = {
+ enable = true;
+ # https://github.com/Xychic/NixOSConfig/blob/76b638086dfcde981292831106a43022588dc670/home/home-manager.nix
+ plugins = [
+ # "autojump"
+ "aws"
+ # "cargo"
+ "catimg"
+ "colored-man-pages"
+ "colorize"
+ "command-not-found"
+ "common-aliases"
+ "copyfile"
+ "copypath"
+ "cp"
+ "direnv"
+ "docker"
+ "docker-compose"
+ "emacs"
+ "encode64"
+ "extract"
+ "fancy-ctrl-z"
+ "fzf"
+ "gcloud"
+ "git"
+ "git-extras"
+ "git-flow-avh"
+ "github"
+ "gitignore"
+ "gradle"
+ "history"
+ "history-substring-search"
+ "kubectl"
+ "man"
+ "mvn"
+ "node"
+ "npm"
+ "pass"
+ "pip"
+ "poetry"
+ "python"
+ "ripgrep"
+ "rsync"
+ "rust"
+ "scala"
+ "ssh-agent"
+ "sudo"
+ "systemadmin" # https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/systemadmin
+ "systemd"
+ "terraform"
+ # "thefuck"
+ "tig"
+ "timer"
+ # "tmux" # It needs tmux to be installed
+ "vagrant"
+ "vi-mode"
+ "vim-interaction"
+ "yarn"
+ "z"
+ "zsh-navigation-tools"
+ ];
+ theme = "robbyrussell";
+ # theme = "bira";
+ # theme = "powerlevel10k";
+ # theme = "powerlevel9k/powerlevel9k";
+ # theme = "agnoster";
+ # theme = "gallois";
+ # theme = "gentoo";
+ # theme = "af-magic";
+ # theme = "half-life";
+ # theme = "rgm";
+ # theme = "crcandy";
+ # theme = "fishy";
+ };
+ };
+
+ # programs.starship = {
+ # enable = true;
+ # enableZshIntegration = true;
+ # };
+
+ # Credits:
+ # https://gist.github.com/s-a-c/0e44dc7766922308924812d4c019b109
+ # https://gist.github.com/search?q=So+either+put+%22Important+Documents%22+before+%22Documents%22+or+use+the+substituted+version%3A%3B&ref=searchresults
+ programs.starship = {
+ enable = true;
+ enableZshIntegration = true;
+ settings = {
+ # "$schema" = "https://starship.rs/config-schema.json";
+ add_newline = true;
+ command_timeout = 500;
+ continuation_prompt = "[∙](bright-black) ";
+ # format = "[](0x9A348E)$username$hostname$localip$shlvl$singularity$kubernetes[](fg:0x9A348E bg:0xDA627D)$directory$vcsh[](fg:0xDA627D bg:0xFCA17D)$git_branch$git_commit$git_state$git_metrics$git_status$hg_branch[](fg:0x86BBD8 bg:0x06969A)$docker_context$package$buf[](fg:0xFCA17D bg:0x86BBD8)$c$cmake$cobol$container$daml$dart$deno$dotnet$elixir$elm$erlang$golang$haskell$helm$java$julia$kotlin$lua$nim$nodejs$ocaml$perl$php$pulumi$purescript$python$rlang$red$ruby$rust$scala$swift$terraform$vlang$vagrant$zig$nix_shell$conda$spack$memory_usage$aws$gcloud$openstack$azure$env_var$crystal$custom$sudo$cmd_duration$line_break$jobs$battery[](fg:0x06969A bg:0x33658A)$time$status$shell$character";
+ right_format = "";
+ scan_timeout = 30;
+ aws = {
+ format = "[$symbol($profile )(($region) )([$duration] )]($style)";
+ symbol = "🅰 ";
+ style = "bold yellow";
+ disabled = false;
+ expiration_symbol = "X";
+ force_display = false;
+ };
+ aws.region_aliases = { };
+ aws.profile_aliases = { };
+ azure = {
+ format = "[$symbol($subscription)([$duration])]($style) ";
+ symbol = "ﴃ ";
+ style = "blue bold";
+ disabled = true;
+ };
+ battery = {
+ format = "[$symbol$percentage]($style) ";
+ charging_symbol = " ";
+ discharging_symbol = " ";
+ empty_symbol = " ";
+ full_symbol = " ";
+ unknown_symbol = " ";
+ disabled = false;
+ display = [
+ {
+ style = "red bold";
+ threshold = 10;
+ }
+ ];
+ };
+ buf = {
+ format = "[$symbol ($version)]($style)";
+ version_format = "v$raw";
+ symbol = "";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "buf.yaml"
+ "buf.gen.yaml"
+ "buf.work.yaml"
+ ];
+ detect_folders = [ ];
+ };
+ c = {
+ format = "[$symbol($version(-$name) )]($style)";
+ version_format = "v$raw";
+ style = "fg:149 bold bg:0x86BBD8";
+ symbol = " ";
+ disabled = false;
+ detect_extensions = [
+ "c"
+ "h"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ # commands = [
+ # [
+ # "cc"
+ # "--version"
+ # ]
+ # [
+ # "gcc"
+ # "--version"
+ # ]
+ # [
+ # "clang"
+ # "--version"
+ # ]
+ # ];
+ };
+ character = {
+ format = "$symbol ";
+ vicmd_symbol = "[❮](bold green)";
+ disabled = false;
+ success_symbol = "[➜](bold green) ";
+ error_symbol = "[✗](bold red) ";
+ };
+ cmake = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "△ ";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "CMakeLists.txt"
+ "CMakeCache.txt"
+ ];
+ detect_folders = [ ];
+ };
+ cmd_duration = {
+ min_time = 2000;
+ format = "⏱ [$duration]($style) ";
+ style = "yellow bold";
+ show_milliseconds = false;
+ disabled = false;
+ show_notifications = false;
+ min_time_to_notify = 45000;
+ };
+ cobol = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "⚙️ ";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [
+ "cbl"
+ "cob"
+ "CBL"
+ "COB"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ conda = {
+ truncation_length = 1;
+ format = "[$symbol$environment]($style) ";
+ symbol = " ";
+ style = "green bold";
+ ignore_base = true;
+ disabled = false;
+ };
+ container = {
+ format = "[$symbol [$name]]($style) ";
+ symbol = "⬢";
+ style = "red bold dimmed";
+ disabled = false;
+ };
+ crystal = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🔮 ";
+ style = "bold red";
+ disabled = false;
+ detect_extensions = [ "cr" ];
+ detect_files = [ "shard.yml" ];
+ detect_folders = [ ];
+ };
+ dart = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🎯 ";
+ style = "bold blue";
+ disabled = false;
+ detect_extensions = [ "dart" ];
+ detect_files = [
+ "pubspec.yaml"
+ "pubspec.yml"
+ "pubspec.lock"
+ ];
+ detect_folders = [ ".dart_tool" ];
+ };
+ deno = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🦕 ";
+ style = "green bold";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "deno.json"
+ "deno.jsonc"
+ "mod.ts"
+ "deps.ts"
+ "mod.js"
+ "deps.js"
+ ];
+ detect_folders = [ ];
+ };
+ directory = {
+ disabled = false;
+ fish_style_pwd_dir_length = 0;
+ format = "[$path]($style)[$read_only]($read_only_style) ";
+ home_symbol = "~";
+ read_only = " ";
+ read_only_style = "red";
+ repo_root_format = "[$before_root_path]($style)[$repo_root]($repo_root_style)[$path]($style)[$read_only]($read_only_style) ";
+ style = "cyan bold bg:0xDA627D";
+ truncate_to_repo = true;
+ truncation_length = 3;
+ truncation_symbol = "…/";
+ use_logical_path = true;
+ use_os_path_sep = true;
+ };
+ directory.substitutions = {
+ # Here is how you can shorten some long paths by text replacement;
+ # similar to mapped_locations in Oh My Posh:;
+ "Documents" = " ";
+ "Downloads" = " ";
+ "Music" = " ";
+ "Pictures" = " ";
+ # Keep in mind that the order matters. For example:;
+ # "Important Documents" = " ";
+ # will not be replaced, because "Documents" was already substituted before.;
+ # So either put "Important Documents" before "Documents" or use the substituted version:;
+ # "Important " = " ";
+ "Important " = " ";
+ };
+ docker_context = {
+ format = "[$symbol$context]($style) ";
+ style = "blue bold bg:0x06969A";
+ symbol = " ";
+ only_with_files = true;
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "docker-compose.yml"
+ "docker-compose.yaml"
+ "Dockerfile"
+ ];
+ detect_folders = [ ];
+ };
+ dotnet = {
+ format = "[$symbol($version )(🎯 $tfm )]($style)";
+ version_format = "v$raw";
+ symbol = "🥅 ";
+ style = "blue bold";
+ heuristic = true;
+ disabled = false;
+ detect_extensions = [
+ "csproj"
+ "fsproj"
+ "xproj"
+ ];
+ detect_files = [
+ "global.json"
+ "project.json"
+ "Directory.Build.props"
+ "Directory.Build.targets"
+ "Packages.props"
+ ];
+ detect_folders = [ ];
+ };
+ elixir = {
+ format = "[$symbol($version (OTP $otp_version) )]($style)";
+ version_format = "v$raw";
+ style = "bold purple bg:0x86BBD8";
+ symbol = " ";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [ "mix.exs" ];
+ detect_folders = [ ];
+ };
+ elm = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ style = "cyan bold bg:0x86BBD8";
+ symbol = " ";
+ disabled = false;
+ detect_extensions = [ "elm" ];
+ detect_files = [
+ "elm.json"
+ "elm-package.json"
+ ".elm-version"
+ ];
+ detect_folders = [ "elm-stuff" ];
+ };
+ env_var = { };
+ env_var.SHELL = {
+ format = "[$symbol($env_value )]($style)";
+ style = "grey bold italic dimmed";
+ symbol = "e:";
+ disabled = true;
+ variable = "SHELL";
+ default = "unknown shell";
+ };
+ env_var.USER = {
+ format = "[$symbol($env_value )]($style)";
+ style = "grey bold italic dimmed";
+ symbol = "e:";
+ disabled = true;
+ default = "unknown user";
+ };
+ erlang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = " ";
+ style = "bold red";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "rebar.config"
+ "erlang.mk"
+ ];
+ detect_folders = [ ];
+ };
+ fill = {
+ style = "bold black";
+ symbol = ".";
+ disabled = false;
+ };
+ gcloud = {
+ format = "[$symbol$account(@$domain)(($region))(($project))]($style) ";
+ symbol = "☁️ ";
+ style = "bold blue";
+ disabled = false;
+ };
+ gcloud.project_aliases = { };
+ gcloud.region_aliases = { };
+ git_branch = {
+ format = "[$symbol$branch(:$remote_branch)]($style) ";
+ symbol = " ";
+ style = "bold purple bg:0xFCA17D";
+ truncation_length = 9223372036854775807;
+ truncation_symbol = "…";
+ only_attached = false;
+ always_show_remote = false;
+ ignore_branches = [ ];
+ disabled = false;
+ };
+ git_commit = {
+ commit_hash_length = 7;
+ format = "[($hash$tag)]($style) ";
+ style = "green bold";
+ only_detached = true;
+ disabled = false;
+ tag_symbol = " 🏷 ";
+ tag_disabled = true;
+ };
+ git_metrics = {
+ added_style = "bold green";
+ deleted_style = "bold red";
+ only_nonzero_diffs = true;
+ format = "([+$added]($added_style) )([-$deleted]($deleted_style) )";
+ disabled = false;
+ };
+ git_state = {
+ am = "AM";
+ am_or_rebase = "AM/REBASE";
+ bisect = "BISECTING";
+ cherry_pick = "🍒PICKING(bold red)";
+ disabled = false;
+ format = "([$state( $progress_current/$progress_total)]($style)) ";
+ merge = "MERGING";
+ rebase = "REBASING";
+ revert = "REVERTING";
+ style = "bold yellow";
+ };
+ git_status = {
+ ahead = "🏎💨$count";
+ behind = "😰$count";
+ conflicted = "🏳";
+ deleted = "🗑";
+ disabled = false;
+ diverged = "😵";
+ # format = "([[$all_status$ahead_behind]]($style) )";
+ ignore_submodules = false;
+ modified = "📝";
+ renamed = "👅";
+ staged = "[++($count)](green)";
+ stashed = "📦";
+ style = "red bold bg:0xFCA17D";
+ untracked = "🤷";
+ up_to_date = "✓";
+ };
+ golang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = " ";
+ style = "bold cyan bg:0x86BBD8";
+ disabled = false;
+ detect_extensions = [ "go" ];
+ detect_files = [
+ "go.mod"
+ "go.sum"
+ "glide.yaml"
+ "Gopkg.yml"
+ "Gopkg.lock"
+ ".go-version"
+ ];
+ detect_folders = [ "Godeps" ];
+ };
+ haskell = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "λ ";
+ style = "bold purple bg:0x86BBD8";
+ disabled = false;
+ detect_extensions = [
+ "hs"
+ "cabal"
+ "hs-boot"
+ ];
+ detect_files = [
+ "stack.yaml"
+ "cabal.project"
+ ];
+ detect_folders = [ ];
+ };
+ helm = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "⎈ ";
+ style = "bold white";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [
+ "helmfile.yaml"
+ "Chart.yaml"
+ ];
+ detect_folders = [ ];
+ };
+ hg_branch = {
+ symbol = " ";
+ style = "bold purple";
+ format = "on [$symbol$branch]($style) ";
+ truncation_length = 9223372036854775807;
+ truncation_symbol = "…";
+ disabled = true;
+ };
+ hostname = {
+ disabled = false;
+ format = "[$ssh_symbol](blue dimmed bold)[$hostname]($style) ";
+ ssh_only = false;
+ style = "green dimmed bold";
+ trim_at = ".";
+ };
+ java = {
+ disabled = false;
+ format = "[$symbol($version )]($style)";
+ style = "red dimmed bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ detect_extensions = [
+ "java"
+ "class"
+ "jar"
+ "gradle"
+ "clj"
+ "cljc"
+ ];
+ detect_files = [
+ "pom.xml"
+ "build.gradle.kts"
+ "build.sbt"
+ ".java-version"
+ "deps.edn"
+ "project.clj"
+ "build.boot"
+ ];
+ detect_folders = [ ];
+ };
+ jobs = {
+ threshold = 1;
+ symbol_threshold = 0;
+ number_threshold = 2;
+ format = "[$symbol$number]($style) ";
+ symbol = "✦";
+ style = "bold blue";
+ disabled = false;
+ };
+ julia = {
+ disabled = false;
+ format = "[$symbol($version )]($style)";
+ style = "bold purple bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ detect_extensions = [ "jl" ];
+ detect_files = [
+ "Project.toml"
+ "Manifest.toml"
+ ];
+ detect_folders = [ ];
+ };
+ kotlin = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🅺 ";
+ style = "bold blue";
+ kotlin_binary = "kotlin";
+ disabled = false;
+ detect_extensions = [
+ "kt"
+ "kts"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ kubernetes = {
+ disabled = false;
+ format = "[$symbol$context( ($namespace))]($style) in ";
+ style = "cyan bold";
+ symbol = "⛵ ";
+ };
+ kubernetes.context_aliases = { };
+ line_break = {
+ disabled = false;
+ };
+ localip = {
+ disabled = false;
+ format = "[@$localipv4]($style) ";
+ ssh_only = false;
+ style = "yellow bold";
+ };
+ lua = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🌙 ";
+ style = "bold blue";
+ lua_binary = "lua";
+ disabled = false;
+ detect_extensions = [ "lua" ];
+ detect_files = [ ".lua-version" ];
+ detect_folders = [ "lua" ];
+ };
+ memory_usage = {
+ disabled = false;
+ format = "$symbol[$ram( | $swap)]($style) ";
+ style = "white bold dimmed";
+ symbol = " ";
+ # threshold = 75;
+ threshold = -1;
+ };
+ nim = {
+ format = "[$symbol($version )]($style)";
+ style = "yellow bold bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [
+ "nim"
+ "nims"
+ "nimble"
+ ];
+ detect_files = [ "nim.cfg" ];
+ detect_folders = [ ];
+ };
+ nix_shell = {
+ format = "[$symbol$state( ($name))]($style) ";
+ disabled = false;
+ impure_msg = "[impure](bold red)";
+ pure_msg = "[pure](bold green)";
+ style = "bold blue";
+ symbol = " ";
+ };
+ nodejs = {
+ format = "[$symbol($version )]($style)";
+ not_capable_style = "bold red";
+ style = "bold green bg:0x86BBD8";
+ symbol = " ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [
+ "js"
+ "mjs"
+ "cjs"
+ "ts"
+ "mts"
+ "cts"
+ ];
+ detect_files = [
+ "package.json"
+ ".node-version"
+ ".nvmrc"
+ ];
+ detect_folders = [ "node_modules" ];
+ };
+ ocaml = {
+ format = "[$symbol($version )(($switch_indicator$switch_name) )]($style)";
+ global_switch_indicator = "";
+ local_switch_indicator = "*";
+ style = "bold yellow";
+ symbol = "🐫 ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [
+ "opam"
+ "ml"
+ "mli"
+ "re"
+ "rei"
+ ];
+ detect_files = [
+ "dune"
+ "dune-project"
+ "jbuild"
+ "jbuild-ignore"
+ ".merlin"
+ ];
+ detect_folders = [
+ "_opam"
+ "esy.lock"
+ ];
+ };
+ openstack = {
+ format = "[$symbol$cloud(($project))]($style) ";
+ symbol = "☁️ ";
+ style = "bold yellow";
+ disabled = false;
+ };
+ package = {
+ format = "[$symbol$version]($style) ";
+ symbol = "📦 ";
+ style = "208 bold";
+ display_private = false;
+ disabled = false;
+ version_format = "v$raw";
+ };
+ perl = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🐪 ";
+ style = "149 bold";
+ disabled = false;
+ detect_extensions = [
+ "pl"
+ "pm"
+ "pod"
+ ];
+ detect_files = [
+ "Makefile.PL"
+ "Build.PL"
+ "cpanfile"
+ "cpanfile.snapshot"
+ "META.json"
+ "META.yml"
+ ".perl-version"
+ ];
+ detect_folders = [ ];
+ };
+ php = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🐘 ";
+ style = "147 bold";
+ disabled = false;
+ detect_extensions = [ "php" ];
+ detect_files = [
+ "composer.json"
+ ".php-version"
+ ];
+ detect_folders = [ ];
+ };
+ pulumi = {
+ format = "[$symbol($username@)$stack]($style) ";
+ version_format = "v$raw";
+ symbol = " ";
+ style = "bold 5";
+ disabled = false;
+ };
+ purescript = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "<=> ";
+ style = "bold white";
+ disabled = false;
+ detect_extensions = [ "purs" ];
+ detect_files = [ "spago.dhall" ];
+ detect_folders = [ ];
+ };
+ python = {
+ format = "[$symbol$pyenv_prefix($version )(($virtualenv) )]($style)";
+ python_binary = [
+ "python"
+ "python3"
+ "python2"
+ ];
+ pyenv_prefix = "pyenv ";
+ pyenv_version_name = true;
+ style = "yellow bold";
+ symbol = "🐍 ";
+ version_format = "v$raw";
+ disabled = false;
+ detect_extensions = [ "py" ];
+ detect_files = [
+ "requirements.txt"
+ ".python-version"
+ "pyproject.toml"
+ "Pipfile"
+ "tox.ini"
+ "setup.py"
+ "__init__.py"
+ ];
+ detect_folders = [ ];
+ };
+ red = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🔺 ";
+ style = "red bold";
+ disabled = false;
+ detect_extensions = [
+ "red"
+ "reds"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ rlang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ style = "blue bold";
+ symbol = "📐 ";
+ disabled = false;
+ detect_extensions = [
+ "R"
+ "Rd"
+ "Rmd"
+ "Rproj"
+ "Rsx"
+ ];
+ detect_files = [ ".Rprofile" ];
+ detect_folders = [ ".Rproj.user" ];
+ };
+ ruby = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "💎 ";
+ style = "bold red";
+ disabled = false;
+ detect_extensions = [ "rb" ];
+ detect_files = [
+ "Gemfile"
+ ".ruby-version"
+ ];
+ detect_folders = [ ];
+ detect_variables = [
+ "RUBY_VERSION"
+ "RBENV_VERSION"
+ ];
+ };
+ rust = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🦀 ";
+ style = "bold red bg:0x86BBD8";
+ disabled = false;
+ detect_extensions = [ "rs" ];
+ detect_files = [ "Cargo.toml" ];
+ detect_folders = [ ];
+ };
+ scala = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ disabled = false;
+ style = "red bold";
+ symbol = "🆂 ";
+ detect_extensions = [
+ "sbt"
+ "scala"
+ ];
+ detect_files = [
+ ".scalaenv"
+ ".sbtenv"
+ "build.sbt"
+ ];
+ detect_folders = [ ".metals" ];
+ };
+ shell = {
+ format = "[$indicator]($style) ";
+ bash_indicator = "bsh";
+ cmd_indicator = "cmd";
+ elvish_indicator = "esh";
+ fish_indicator = "";
+ ion_indicator = "ion";
+ nu_indicator = "nu";
+ powershell_indicator = "_";
+ style = "white bold";
+ tcsh_indicator = "tsh";
+ unknown_indicator = "mystery shell";
+ xonsh_indicator = "xsh";
+ zsh_indicator = "zsh";
+ disabled = false;
+ };
+ shlvl = {
+ threshold = 2;
+ format = "[$symbol$shlvl]($style) ";
+ symbol = "↕️ ";
+ repeat = false;
+ style = "bold yellow";
+ disabled = true;
+ };
+ singularity = {
+ format = "[$symbol[$env]]($style) ";
+ style = "blue bold dimmed";
+ symbol = "📦 ";
+ disabled = false;
+ };
+ spack = {
+ truncation_length = 1;
+ format = "[$symbol$environment]($style) ";
+ symbol = "🅢 ";
+ style = "blue bold";
+ disabled = false;
+ };
+ status = {
+ format = "[$symbol$status]($style) ";
+ map_symbol = true;
+ not_executable_symbol = "🚫";
+ not_found_symbol = "🔍";
+ pipestatus = false;
+ pipestatus_format = "[$pipestatus] => [$symbol$common_meaning$signal_name$maybe_int]($style)";
+ pipestatus_separator = "|";
+ recognize_signal_code = true;
+ signal_symbol = "⚡";
+ style = "bold red bg:blue";
+ success_symbol = "🟢 SUCCESS";
+ symbol = "🔴 ";
+ disabled = true;
+ };
+ sudo = {
+ format = "[as $symbol]($style)";
+ symbol = "🧙 ";
+ style = "bold blue";
+ allow_windows = false;
+ disabled = true;
+ };
+ swift = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "🐦 ";
+ style = "bold 202";
+ disabled = false;
+ detect_extensions = [ "swift" ];
+ detect_files = [ "Package.swift" ];
+ detect_folders = [ ];
+ };
+ terraform = {
+ format = "[$symbol$workspace]($style) ";
+ version_format = "v$raw";
+ symbol = "💠 ";
+ style = "bold 105";
+ disabled = false;
+ detect_extensions = [
+ "tf"
+ "tfplan"
+ "tfstate"
+ ];
+ detect_files = [ ];
+ detect_folders = [ ".terraform" ];
+ };
+ time = {
+ format = "[$symbol $time]($style) ";
+ style = "bold yellow bg:0x33658A";
+ use_12hr = false;
+ disabled = false;
+ utc_time_offset = "local";
+ # time_format = "%R"; # Hour:Minute Format;
+ time_format = "%T"; # Hour:Minute:Seconds Format;
+ time_range = "-";
+ };
+ username = {
+ format = "[$user]($style) ";
+ show_always = true;
+ style_root = "red bold bg:0x9A348E";
+ style_user = "yellow bold bg:0x9A348E";
+ disabled = false;
+ };
+ vagrant = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "⍱ ";
+ style = "cyan bold";
+ disabled = false;
+ detect_extensions = [ ];
+ detect_files = [ "Vagrantfile" ];
+ detect_folders = [ ];
+ };
+ vcsh = {
+ symbol = "";
+ style = "bold yellow";
+ format = "[$symbol$repo]($style) ";
+ disabled = false;
+ };
+ vlang = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "V ";
+ style = "blue bold";
+ disabled = false;
+ detect_extensions = [ "v" ];
+ detect_files = [
+ "v.mod"
+ "vpkg.json"
+ ".vpkg-lock.json"
+ ];
+ detect_folders = [ ];
+ };
+ zig = {
+ format = "[$symbol($version )]($style)";
+ version_format = "v$raw";
+ symbol = "↯ ";
+ style = "bold yellow";
+ disabled = false;
+ detect_extensions = [ "zig" ];
+ detect_files = [ ];
+ detect_folders = [ ];
+ };
+ custom = { };
+ };
+ };
+
+ # https://nix-community.github.io/home-manager/options.html#opt-programs.direnv.config
+ programs.direnv = {
+ enable = true;
+ nix-direnv = {
+ enable = true;
+ };
+ enableZshIntegration = true;
+ };
+
+ programs.fzf = {
+ enable = true;
+ enableZshIntegration = true;
+ # enableBashIntegration = true;
+ # enableFishIntegration = true;
+ };
+
+ # This makes it so that if you type the name of a program that
+ # isn't installed, it will tell you which package contains it.
+ # https://eevie.ro/posts/2022-01-24-how-i-nix.html
+ #
+ programs.nix-index = {
+ enable = true;
+ # enableFishIntegration = true;
+ # enableBashIntegration = true;
+ enableZshIntegration = true;
+ };
+
+ programs.home-manager = {
+ enable = true;
+ };
+}
diff --git a/templates/start-slim-config/.envrc b/templates/start-slim-config/.envrc
new file mode 100644
index 0000000..3550a30
--- /dev/null
+++ b/templates/start-slim-config/.envrc
@@ -0,0 +1 @@
+use flake
diff --git a/templates/start-slim-config/.gitignore b/templates/start-slim-config/.gitignore
new file mode 100644
index 0000000..3231e7b
--- /dev/null
+++ b/templates/start-slim-config/.gitignore
@@ -0,0 +1,8 @@
+result
+
+.idea/
+
+__pycache__/
+
+*.tar.gz
+.direnv/
diff --git a/templates/start-slim-config/flake.nix b/templates/start-slim-config/flake.nix
new file mode 100644
index 0000000..b113a8f
--- /dev/null
+++ b/templates/start-slim-config/flake.nix
@@ -0,0 +1,79 @@
+{
+ description = "Home Manager configuration";
+
+ inputs = {
+ /*
+ Specify the source of Home Manager and Nixpkgs
+ nix flake metadata github:nix-community/home-manager/release-22.11
+
+ nix flake update \
+ --override-input home-manager github:nix-community/home-manager/$(nix eval --impure --raw --expr '(builtins.getFlake "github:nix-community/home-manager/release-23.05").rev') \
+ --override-input nixpkgs github:NixOS/nixpkgs/$(nix eval --impure --raw --expr '(builtins.getFlake "github:NixOS/nixpkgs/release-23.05").rev')
+
+ # https://channels.nix.gsc.io/nixos-22.11/history
+ # https://github.com/NixOS/nix/issues/3779#issuecomment-653598626
+ nix flake lock \
+ --override-input nixpkgs github:NixOS/nixpkgs/ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b \
+ --override-input home-manager github:nix-community/home-manager/b372d7f8d5518aaba8a4058a453957460481afbc
+
+ nix flake lock \
+ --override-input nixpkgs github:NixOS/nixpkgs/$(nix eval --impure --raw --expr '(builtins.getFlake "github:NixOS/nixpkgs/release-23.05").rev') \
+ --override-input home-manager github:nix-community/home-manager/$(nix eval --impure --raw --expr '(builtins.getFlake "github:nix-community/home-manager/release-23.05").rev')
+
+ */
+ home-manager.url = "github:nix-community/home-manager";
+
+ nixpkgs.url = "github:nixos/nixpkgs";
+ home-manager.inputs.nixpkgs.follows = "nixpkgs";
+ };
+
+ outputs = { nixpkgs, home-manager, ... }:
+ let
+ system = "x86_64-linux";
+ username = "1M0b4nc0";
+ hostname = "fooo";
+
+ pkgs = nixpkgs.legacyPackages.${system};
+ in
+ {
+ homeConfigurations."${username}-${hostname}" = home-manager.lib.homeManagerConfiguration {
+ pkgs = nixpkgs.legacyPackages.${system};
+
+ modules = [
+ # https://discourse.nixos.org/t/flakes-error-error-attribute-outpath-missing/18044/2
+ # ({...}: { nix.registry.nixpkgs.flake = nixpkgs; })
+ {
+ home = {
+ inherit username;
+ homeDirectory = "/home/${username}"; # TODO: esse caminho muda no Mac!
+ stateVersion = "22.11";
+ # https://discourse.nixos.org/t/correct-way-to-use-nixpkgs-in-nix-shell-on-flake-based-system-without-channels/19360/3
+ # sessionVariables.NIX_PATH = "nixpkgs=nixpkgs=flake:?";
+ sessionVariables.NIX_PATH = "nixpkgs=${nixpkgs.outPath}";
+ enableNixpkgsReleaseCheck = true;
+ };
+ programs.home-manager.enable = true;
+ }
+ ./home.nix
+ ];
+
+ # TODO: how to: Optionally use extraSpecialArgs
+ # to pass through arguments to home.nix
+ extraSpecialArgs = { nixpkgs = nixpkgs; };
+ };
+
+ devShells.x86_64-linux.default = pkgs.mkShell {
+ buildInputs = with pkgs; [
+ bashInteractive
+ coreutils
+ curl
+ gnumake
+ patchelf
+ poetry
+ python3Full
+ tmate
+ ];
+ };
+
+ };
+}
diff --git a/templates/start-slim-config/home.nix b/templates/start-slim-config/home.nix
new file mode 100644
index 0000000..c74f303
--- /dev/null
+++ b/templates/start-slim-config/home.nix
@@ -0,0 +1,750 @@
+{ pkgs, nixpkgs, ... }:
+
+{
+
+ # Home Manager needs a bit of information about you and the
+ # paths it should manage.
+ # home.username = "ubuntu";
+ # home.homeDirectory = "/home/ubuntu";
+
+ home.packages = with pkgs; [
+ xorg.xclock
+ hello
+
+ # Just enabling it is ok, and might be better
+ # nix
+ # nixVersions.nix_2_10
+
+ # pciutils # lspci and others
+ # coreboot-utils
+
+ # # TODO: testar com o zsh
+ ## bashInteractive # https://www.reddit.com/r/NixOS/comments/zx4kmh/alpinewsl_home_manager_bash_issue/
+ coreutils
+ file
+ findutils
+ gnugrep
+ gnumake
+ gnused
+ gawk
+ hexdump
+ which
+ xz
+ procps
+ curl
+ lsof
+ tree
+ killall
+ btop
+ # nmap
+ # netcat
+ # nettools
+ tmate
+ strace
+ # ptrace
+ # traceroute
+ man
+ man-db
+ # (aspellWithDicts (d: with d; [ de en pt_BR ])) # nix repl --expr 'import {}' <<<'builtins.attrNames aspellDicts' | tr ' ' '\n'
+ # nix-prefetch-git
+ # nixfmt
+ # hydra-check
+ # nixos-option
+ # shellcheck
+ nano
+ vim
+
+ # fontconfig
+ # fontforge-gtk # TODO: testar fontes usando esse programa
+ # pango
+
+ # nerdfonts
+ # powerline
+ # powerline-fonts
+
+
+ # (nerdfonts.override { fonts = [ "FiraCode"]; })
+ # (
+ # nerdfonts.override {
+ # fonts = [
+ # "AnonymousPro"
+ # "DroidSansMono"
+ # "FiraCode"
+ # "JetBrainsMono"
+ # "Noto"
+ # "Terminus"
+ # "Hack"
+ # "Ubuntu"
+ # "UbuntuMono"
+ # ];
+ # }
+ # )
+
+ # zsh-nix-shell
+ # zsh-powerlevel10k
+ # zsh-powerlevel9k
+ # zsh-syntax-highlighting
+
+ oh-my-zsh
+ # zsh-completions-latest
+
+ # gcc
+ # gdb
+ # clang
+ # rustc
+ # python3Full
+ # julia-bin
+
+ # graphviz # dot command comes from here
+ jq
+ # unixtools.xxd
+
+ # gzip
+ # # unrar
+ # unzip
+ # gnutar
+ #
+ # btop
+ # htop
+ # asciinema
+ git
+ openssh
+ awscli
+
+ podman
+
+ (
+ writeScriptBin "ix" ''
+ #! ${pkgs.runtimeShell} -e
+ "$@" | "curl" -F 'f:1=<-' ix.io
+ ''
+ )
+
+ (
+ writeScriptBin "erw" ''
+ #! ${pkgs.runtimeShell} -e
+ echo "$(readlink -f "$(which $1)")"
+ ''
+ )
+
+ (
+ writeScriptBin "frw" ''
+ #! ${pkgs.runtimeShell} -e
+ file "$(readlink -f "$(which $1)")"
+ ''
+ )
+
+ (
+ writeScriptBin "crw" ''
+ #! ${pkgs.runtimeShell} -e
+ cat "$(readlink -f "$(which $1)")"
+ ''
+ )
+
+ (
+ writeScriptBin "send-signed-closure-run-time-of-flake-uri-attr-to-bucket" ''
+ #! ${pkgs.runtimeShell} -e
+
+ export NIXPKGS_ALLOW_UNFREE=1
+ FLAKE_EXPR=$1
+
+ nix build --no-link --print-build-logs "$FLAKE_EXPR"
+
+ nix path-info --impure --recursive "$FLAKE_EXPR" \
+ | wc -l
+
+ nix path-info --impure --recursive "$FLAKE_EXPR" \
+ | xargs nix store sign --key-file "$HOME"/.nix-sing-cache-keys/cache-priv-key.pem --recursive
+
+ nix path-info --impure --recursive "$FLAKE_EXPR" \
+ | xargs -I{} nix \
+ copy \
+ --max-jobs $(nproc) \
+ -vvv \
+ --no-check-sigs \
+ {} \
+ --to 's3://playing-bucket-nix-cache-test'
+ ''
+ )
+
+ (
+ writeScriptBin "send-signed-closure-run-time-of-flake-expression-to-bucket" ''
+ #! ${pkgs.runtimeShell} -e
+
+ export NIXPKGS_ALLOW_UNFREE=1
+ FLAKE_EXPR=$1
+
+ nix build --no-link --print-build-logs --expr "$FLAKE_EXPR"
+
+ nix path-info --impure --recursive --expr "$FLAKE_EXPR" \
+ | wc -l
+
+ nix path-info --impure --recursive --expr "$FLAKE_EXPR" \
+ | xargs nix store sign --key-file "$HOME"/.nix-sing-cache-keys/cache-priv-key.pem --recursive
+
+ nix path-info --impure --recursive --expr "$FLAKE_EXPR" \
+ | xargs -I{} nix \
+ copy \
+ --max-jobs $(nproc) \
+ -vvv \
+ --no-check-sigs \
+ {} \
+ --to 's3://playing-bucket-nix-cache-test'
+ ''
+ )
+
+ (
+ writeScriptBin "self-send-to-bucket" ''
+ #! ${pkgs.runtimeShell} -e
+ send-signed-closure-run-time-of-flake-uri-attr-to-bucket \
+ ~/.config/nixpkgs#homeConfigurations.'"'"$(id -un)"-"$(hostname)"'"'.activationPackage
+ ''
+ )
+
+ (
+ writeScriptBin "myexternalip" ''
+ #! ${pkgs.runtimeShell} -e
+ # https://askubuntu.com/questions/95910/command-for-determining-my-public-ip#comment1985064_712144
+
+ curl https://checkip.amazonaws.com
+ ''
+ )
+
+ (
+ writeScriptBin "mynatip" ''
+ #! ${pkgs.runtimeShell} -e
+ # https://unix.stackexchange.com/a/569306
+ # https://serverfault.com/a/256506
+
+ NETWORK_INTERFACE_NAME=$(route | awk '
+ BEGIN { min = -1 }
+ $1 == "default" {
+ if (min < 0 || $5 < min) {
+ min = $5
+ iface = $8
+ }
+ }
+ END {
+ if (iface == "") {
+ print "No \"default\" route found!" > "/dev/stderr"
+ exit 1
+ } else {
+ print iface
+ exit 0
+ }
+ }
+ '
+ )
+
+ ip addr show dev $NETWORK_INTERFACE_NAME | grep "inet " | awk '{ print $2 }' | cut -d'/' -f1
+ ''
+ )
+
+ (
+ writeScriptBin "generate-new-ed25519-key-pair" ''
+ #! ${pkgs.runtimeShell} -e
+ ssh-keygen \
+ -t ed25519 \
+ -C "$(git config user.email)" \
+ -f "$HOME"/.ssh/id_ed25519 \
+ -N "" \
+ && echo \
+ && cat "$HOME"/.ssh/id_ed25519.pub \
+ && echo
+ ''
+ )
+
+ (
+ writeScriptBin "try-install-openssh-server" ''
+ #! ${pkgs.runtimeShell} -e
+ command -v sshd || (command -v apt && sudo apt-get update && sudo apt-get install -y openssh-server)
+ command -v sshd || (command -v apk && sudo apk add --no-cache -y openssh-server)
+ ''
+ )
+
+ (
+ writeScriptBin "try-ubuntu-screensaver-lock-disable" ''
+ #! ${pkgs.runtimeShell} -e
+ # https://linuxhint.com/disable-screen-lock-ubuntu/
+
+ gsettings set org.gnome.desktop.screensaver lock-enabled false
+ ''
+ )
+
+ (
+ writeScriptBin "try-ubuntu-screensaver-lock-enable" ''
+ #! ${pkgs.runtimeShell} -e
+ gsettings set org.gnome.desktop.screensaver lock-enabled true
+ ''
+ )
+
+ (
+ writeScriptBin "nfmn" ''
+ #! ${pkgs.runtimeShell} -e
+ nix flake metadata nixpkgs
+ ''
+ )
+
+ (
+ writeScriptBin "nfm" ''
+ #! ${pkgs.runtimeShell} -e
+ nix flake metadata $1
+ ''
+ )
+
+
+ (
+ writeScriptBin "nfmn-j" ''
+ #! ${pkgs.runtimeShell} -e
+ nix flake metadata nixpkgs --json | jq -r '.url'
+ ''
+ )
+
+ (
+ writeScriptBin "nfm-j" ''
+ #! ${pkgs.runtimeShell} -e
+ nix flake metadata $1 --json | jq -r '.url'
+ ''
+ )
+
+ (
+ writeScriptBin "hms" ''
+ export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "gphms" ''
+ echo $(cd "$HOME/.config/nixpkgs" && git pull) \
+ && export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "build-pulling-all-from-cache" ''
+ #! ${pkgs.runtimeShell} -e
+
+ set -x
+
+ export NIXPKGS_ALLOW_UNFREE=1
+
+ nix \
+ --option eval-cache false \
+ --option extra-substituters https://playing-bucket-nix-cache-test.s3.amazonaws.com \
+ --option extra-trusted-public-keys binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg= \
+ build \
+ --impure \
+ --keep-failed \
+ --max-jobs 0 \
+ --no-link \
+ --print-build-logs \
+ --print-out-paths \
+ ~/.config/nixpkgs#homeConfigurations."$(id -un)"-"$(hostname)".activationPackage
+ ''
+ )
+
+ (
+ writeScriptBin "build-and-send-to-cache" ''
+ #! ${pkgs.runtimeShell} -e
+
+ set -x
+
+ export NIXPKGS_ALLOW_UNFREE=1
+
+ nix \
+ build \
+ --impure \
+ --keep-failed \
+ --no-link \
+ --print-build-logs \
+ --print-out-paths \
+ ~/.config/nixpkgs#homeConfigurations."$(id -un)"-"$(hostname)".activationPackage \
+ --post-build-hook e-script-post-build-hook
+ ''
+ )
+
+ (
+ writeScriptBin "gphms-cache" ''
+ #! ${pkgs.runtimeShell} -e
+
+ build-pulling-all-from-cache || true
+
+ echo $(cd "$HOME/.config/nixpkgs" && git pull) \
+ && export NIXPKGS_ALLOW_UNFREE=1; \
+ home-manager switch --impure --flake "$HOME/.config/nixpkgs"#"$(id -un)"-"$(hostname)"
+ ''
+ )
+
+ (
+ writeScriptBin "create-nix-hardcoded-sign-cache-keys" ''
+
+ CACHE_KEYS_FULL_PATH="$HOME"/.nix-sing-cache-keys
+ mkdir -m 0700 -pv "$CACHE_KEYS_FULL_PATH"
+
+ cat > "$CACHE_KEYS_FULL_PATH"/cache-pub-key.pem << 'EOF'
+ binarycache-1:XiPHS/XT/ziMHu5hGoQ8Z0K88sa1Eqi5kFTYyl33FJg=
+ EOF
+
+ cat > "$CACHE_KEYS_FULL_PATH"/cache-priv-key.pem << 'EOF'
+ binarycache-1:LS3ApFX0izjIwKCDJFquhuF2+ENxhAv0jdF838AyhUVeI8dL9dP/OIwe7mEahDxnQrzyxrUSqLmQVNjKXfcUmA==
+ EOF
+
+ chown -v $USER "$CACHE_KEYS_FULL_PATH"/cache-priv-key.pem \
+ && chmod 0600 -v "$CACHE_KEYS_FULL_PATH"/cache-priv-key.pem
+ ''
+ )
+
+ (
+ writeScriptBin "send-signed-closure-run-time-of-flake-uri-attr-to-bucket" ''
+ #! ${pkgs.runtimeShell} -e
+
+ export NIXPKGS_ALLOW_UNFREE=1
+ FLAKE_EXPR=$1
+
+ nix build --no-link --print-build-logs "$FLAKE_EXPR"
+
+ nix path-info --impure --recursive "$FLAKE_EXPR" \
+ | wc -l
+
+ nix path-info --impure --recursive "$FLAKE_EXPR" \
+ | xargs nix store sign --key-file "$HOME"/.nix-sing-cache-keys/cache-priv-key.pem --recursive
+
+ nix path-info --impure --recursive "$FLAKE_EXPR" \
+ | xargs -I{} nix \
+ copy \
+ --max-jobs $(nproc) \
+ -vvv \
+ --no-check-sigs \
+ {} \
+ --to 's3://playing-bucket-nix-cache-test'
+ ''
+ )
+
+ (
+ writeScriptBin "send-signed-closure-run-time-of-flake-expression-to-bucket" ''
+ #! ${pkgs.runtimeShell} -e
+
+ export NIXPKGS_ALLOW_UNFREE=1
+ FLAKE_EXPR=$1
+
+ nix build --no-link --print-build-logs --expr "$FLAKE_EXPR"
+
+ nix path-info --impure --recursive --expr "$FLAKE_EXPR" \
+ | wc -l
+
+ nix path-info --impure --recursive --expr "$FLAKE_EXPR" \
+ | xargs nix store sign --key-file "$HOME"/.nix-sing-cache-keys/cache-priv-key.pem --recursive
+
+ nix path-info --impure --recursive --expr "$FLAKE_EXPR" \
+ | xargs -I{} nix \
+ copy \
+ --max-jobs $(nproc) \
+ -vvv \
+ --no-check-sigs \
+ {} \
+ --to 's3://playing-bucket-nix-cache-test'
+ ''
+ )
+
+ (
+ writeScriptBin "nr" ''
+ nix repl --expr 'import {}'
+ ''
+ )
+
+ (
+ writeScriptBin "script-post-build-hook" ''
+ set -euf
+
+ echo "post-build-hook"
+ echo "-- ''${OUT_PATHS} --"
+ echo "^^ ''${DRV_PATH} ^^"
+
+ # set -x
+
+ KEY_FILE=cache-priv-key.pem
+ # Testar ?region=eu-west-1
+ CACHE=s3://playing-bucket-nix-cache-test/
+
+ # mapfile -t DERIVATIONS < <(echo "''${OUT_PATHS[@]}" | xargs nix path-info --derivation)
+ # mapfile -t DERIVATIONS < <(echo "''${OUT_PATHS[@]}" | xargs nix path-info)
+ # mapfile -t DEPENDENCIES < <(echo "''${DRV_PATH[@]}" | xargs nix-store --query --requisites --include-outputs --force-realise)
+
+ # Only runtime for now
+ mapfile -t DEPENDENCIES < <(echo "''${OUT_PATHS[@]}" | xargs nix path-info --recursive)
+
+ # TODO: é o correto assinar as derivações, os .drv?
+ # echo "''${DERIVATIONS[@]}" | xargs nix store sign --key-file "$KEY_FILE" --recursive
+
+ # TODO:
+ echo "''${DEPENDENCIES[@]}" | xargs nix store sign --key-file "$KEY_FILE" --recursive
+
+ # echo "''${DEPENDENCIES[@]}" | xargs nix copy --eval-store auto --no-check-sigs -vvv --to "$CACHE"
+ echo "''${DEPENDENCIES[@]}" | xargs nix copy -vvv --to "$CACHE"
+
+ ''
+ )
+
+ (
+ writeScriptBin "e-script-post-build-hook" ''
+ erw script-post-build-hook
+ ''
+ )
+ ];
+
+ # https://github.com/nix-community/home-manager/blob/782cb855b2f23c485011a196c593e2d7e4fce746/modules/targets/generic-linux.nix
+ targets.genericLinux.enable = true;
+
+ nix = {
+ enable = true;
+ # What about github:NixOS/nix#nix-static can it be injected here? What would break?
+ # package = pkgs.pkgsStatic.nixVersions.nix_2_10;
+ package = pkgs.nixVersions.nix_2_10;
+ # Could be useful:
+ # export NIX_CONFIG='extra-experimental-features = nix-command flakes'
+ extraOptions = ''
+ experimental-features = nix-command flakes
+ '';
+
+ registry.nixpkgs.flake = nixpkgs;
+
+ settings = {
+ # use-sandbox = true;
+ show-trace = false;
+ # system-features = [ "big-parallel" "kvm" "recursive-nix" "nixos-test" ];
+ keep-outputs = true;
+ keep-derivations = true;
+
+ tarball-ttl = 60 * 60 * 24 * 7 * 4 * 12; # = 2419200 * 12 = 12 months
+ # readOnlyStore = true;
+
+ # trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
+ # trusted-substituters = "fooooo";
+ };
+ };
+
+ # TODO: terminar de testar
+ # since we set PAGER to this above, make sure it's installed
+ programs.less.enable = true;
+ # programs.less.envVariables.PAGER = "foo-bar";
+
+ nixpkgs.config = {
+ allowBroken = false;
+ allowUnfree = true;
+ # TODO: test it
+ # android_sdk.accept_license = true;
+
+ # allowUnfreePredicate = (pkg: true);
+ };
+
+ services.systembus-notify.enable = true;
+ # services.spotifyd.enable = true;
+
+ fonts = {
+ # enableFontDir = true;
+ # enableGhostscriptFonts = true;
+ # fonts = with pkgs; [
+ # powerline-fonts
+ # ];
+ fontconfig = {
+ enable = true;
+ # defaultFonts = {
+ # monospace = [ "Droid Sans Mono Slashed for Powerline" ];
+ # };
+ };
+ };
+
+ # TODO: documentar e testar
+ home.extraOutputsToInstall = [
+ "/share/zsh"
+ "/share/bash"
+ "/share/fish"
+ "/share/fonts" # fc-cache -frv
+ # /etc/fonts
+ ];
+
+ # https://www.reddit.com/r/NixOS/comments/fenb4u/zsh_with_ohmyzsh_with_powerlevel10k_in_nix/
+ programs.zsh = {
+ # Your zsh config
+ enable = true;
+ enableCompletion = true;
+ dotDir = ".config/zsh";
+ enableAutosuggestions = true;
+ enableSyntaxHighlighting = true;
+ envExtra = ''
+ if [ -e ~/.nix-profile/etc/profile.d/nix.sh ]; then
+ . ~/.nix-profile/etc/profile.d/nix.sh
+ fi
+ '';
+
+ # initExtra = "neofetch --ascii_distro NixOS_small --color_blocks off --disable cpu gpu memory term de resolution kernel model";
+ # initExtra = "${pkgs.neofetch}/bin/neofetch"; # TODO: checar se esse pacote é seguro
+
+ # promptInit = ''
+ # export POWERLEVEL9K_MODE=nerdfont-complete
+ # source ${pkgs.zsh-powerlevel9k}/share/zsh-powerlevel9k/powerlevel9k.zsh-theme
+ # '';
+
+ # initExtraBeforeCompInit = ''eval "$(direnv hook zsh)"'';
+ autocd = true;
+
+
+ shellAliases = {
+ l = "ls -al";
+
+ #
+ nb = "nix build";
+ npi = "nix profile install nixpkgs#";
+ ns = "nix shell";
+ # nr = "nix repl --expr 'import {}'";
+
+ rmall = "rm -frv {*,.*}";
+ };
+
+ # > closed and reopened the terminal. Then it worked.
+ # https://discourse.nixos.org/t/home-manager-doesnt-seem-to-recognize-sessionvariables/8488/8
+ sessionVariables = {
+ # EDITOR = "nvim";
+ # DEFAULT_USER = "foo-bar";
+ # ZSH_AUTOSUGGEST_USE_ASYNC="true";
+ # ZSH_AUTOSUGGEST_MANUAL_REBIND="true";
+ # PROMPT="|%F{153}%n@%m%f|%F{174}%1~%f> ";
+
+ # PAGER = "less";
+
+ CUSTOM_ENVIROMENT_VARIABLE = "Foo-101-Bar";
+
+ LANG = "en_US.utf8";
+ # fc-match list
+ FONTCONFIG_FILE = "${pkgs.fontconfig.out}/etc/fonts/fonts.conf";
+ FONTCONFIG_PATH = "${pkgs.fontconfig.out}/etc/fonts/";
+ };
+
+ historySubstringSearch.enable = true;
+
+ history = {
+ save = 50000;
+ size = 50000;
+ path = "$HOME/.cache/zsh_history";
+ expireDuplicatesFirst = true;
+ };
+
+ oh-my-zsh = {
+ enable = true;
+ # https://github.com/Xychic/NixOSConfig/blob/76b638086dfcde981292831106a43022588dc670/home/home-manager.nix
+ plugins = [
+ # "autojump"
+ "aws"
+ # "cargo"
+ "catimg"
+ "colored-man-pages"
+ "colorize"
+ "command-not-found"
+ "common-aliases"
+ "copyfile"
+ "copypath"
+ "cp"
+ "direnv"
+ "docker"
+ "docker-compose"
+ "emacs"
+ "encode64"
+ "extract"
+ "fancy-ctrl-z"
+ "fzf"
+ "gcloud"
+ "git"
+ "git-extras"
+ "git-flow-avh"
+ "github"
+ "gitignore"
+ "gradle"
+ "history"
+ "history-substring-search"
+ "kubectl"
+ "man"
+ "mvn"
+ "node"
+ "npm"
+ "pass"
+ "pip"
+ "poetry"
+ "python"
+ "ripgrep"
+ "rsync"
+ "rust"
+ "scala"
+ "ssh-agent"
+ "sudo"
+ "systemadmin" # https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/systemadmin
+ "systemd"
+ "terraform"
+ # "thefuck"
+ "tig"
+ "timer"
+ # "tmux" # It needs tmux to be installed
+ "vagrant"
+ "vi-mode"
+ "vim-interaction"
+ "yarn"
+ "z"
+ "zsh-navigation-tools"
+ ];
+ theme = "robbyrussell";
+ # theme = "bira";
+ # theme = "powerlevel10k";
+ # theme = "powerlevel9k/powerlevel9k";
+ # theme = "agnoster";
+ # theme = "gallois";
+ # theme = "gentoo";
+ # theme = "af-magic";
+ # theme = "half-life";
+ # theme = "rgm";
+ # theme = "crcandy";
+ # theme = "fishy";
+ };
+ };
+
+ programs.starship = {
+ enable = true;
+ enableZshIntegration = true;
+ settings = {
+ # "$schema" = "https://starship.rs/config-schema.json";
+ # add_newline = true;
+ command_timeout = 50000; # TODO: qual a unidade?
+ };
+ };
+
+ # https://nix-community.github.io/home-manager/options.html#opt-programs.direnv.config
+ programs.direnv = {
+ enable = true;
+ nix-direnv = {
+ enable = true;
+ };
+ enableZshIntegration = true;
+ };
+
+ programs.fzf = {
+ enable = true;
+ enableZshIntegration = true;
+ # enableBashIntegration = true;
+ # enableFishIntegration = true;
+ };
+
+ # This makes it so that if you type the name of a program that
+ # isn't installed, it will tell you which package contains it.
+ # https://eevie.ro/posts/2022-01-24-how-i-nix.html
+ #
+ programs.nix-index = {
+ enable = true;
+ # enableFishIntegration = true;
+ # enableBashIntegration = true;
+ enableZshIntegration = true;
+ };
+
+ programs.home-manager = {
+ enable = true;
+ };
+}