rhelmot
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rhelmot:cbe8d0dcb224d910ca4b1b891114641e04ae2665
Branches Tags
rhelmot:main
rhelmot:nixbsd-demo
..
compare: rhelmot:71cff1d700607f5eb6971f0ac29fbc32766bada8
Branches Tags
rhelmot:main
rhelmot:nixbsd-demo

2 Commits
cbe8d0dcb2 ... 71cff1d700

Author SHA1 Message Date
Audrey 71cff1d700 LMAO 2026-03-05 11:16:16 -07:00
Audrey 06d8d76eee try to wire up remote socket forwarding 2026-03-04 12:50:19 -07:00
6 changed files with 94 additions and 13 deletions
Show Stats Expand all files Collapse all files

1
configuration-nixos.nix
View File

@ -48,6 +48,7 @@ in {
]; ];
programs = { programs = {
zoxide.enable = true;
firejail.enable = true; firejail.enable = true;
virt-manager.enable = true; virt-manager.enable = true;
nix-ld = { nix-ld = {

19
configuration.nix
View File

@ -70,6 +70,13 @@ in {
sqlite sqlite
cronie cronie
editorconfig-core-c editorconfig-core-c
(writeShellScriptBin "rhelmot-footclient" ''
#!/bin/sh
if [ -n "''${RHELMOT_FOOTSOCK:-}" ] && [ -S "''${RHELMOT_FOOTSOCK}" ]; then
exec footclient --server-socket="''${RHELMOT_FOOTSOCK}" "$@"
fi
exec footclient "$@"
'')
(python3.withPackages (p: lib.concatMap (pl: pl p) rhelmot.globalPythonPackages)) (python3.withPackages (p: lib.concatMap (pl: pl p) rhelmot.globalPythonPackages))
]; ];
@ -131,6 +138,7 @@ in {
enable = true; enable = true;
extraConfig = builtins.readFile ./dotfiles/tmux.conf; extraConfig = builtins.readFile ./dotfiles/tmux.conf;
}; };
ssh.extraConfig = builtins.readFile ./dotfiles/ssh-config;
direnv.enable = true; direnv.enable = true;
htop.enable = true; htop.enable = true;
git = { git = {
@ -167,9 +175,15 @@ in {
environment.etc."gdb/gdbinit".source = ./dotfiles/gdb-init.gdb; environment.etc."gdb/gdbinit".source = ./dotfiles/gdb-init.gdb;
environment.etc."venv-default.txt".source = ./dotfiles/venv-default.txt; environment.etc."venv-default.txt".source = ./dotfiles/venv-default.txt;
# Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh.enable = true;
# uh oh...
services.openssh.settings.AcceptEnv = "RHELMOT_SWAYSOCK RHELMOT_FOOTSOCK RHELMOT_REMOTE_SWAYSOCK RHELMOT_REMOTE_FOOTSOCK";
environment.sessionVariables = {
RHELMOT_SWAYSOCK = "/dev/null";
RHELMOT_FOOTSOCK = "/dev/null";
RHELMOT_REMOTE_SWAYSOCK = "/tmp/rhelmot-disabled-sway.sock";
RHELMOT_REMOTE_FOOTSOCK = "/tmp/rhelmot-disabled-foot.sock";
};
services.sanoid = lib.mkIf config.boot.zfs.enabled { services.sanoid = lib.mkIf config.boot.zfs.enabled {
enable = true; enable = true;
@ -231,4 +245,3 @@ in {
}; };
}; };
} }

2
dotfiles/kakoune/config/30-fzf.kak
View File

@ -26,7 +26,7 @@ define-command -docstring "terminal but floating" terminal-floating -params .. %
set-option global fzf_terminal_command 'terminal-floating' set-option global fzf_terminal_command 'terminal-floating'
define-command sway-terminal-floating -params .. %{ define-command sway-terminal-floating -params .. %{
nop %sh{ sway fullscreen disable } nop %sh{ sway fullscreen disable }
set-option local termcmd "footclient --title=fzf.kak.picker sh -c" set-option local termcmd "rhelmot-footclient --title=fzf.kak.picker sh -c"
wayland-terminal-window %arg{@} wayland-terminal-window %arg{@}
} }

10
dotfiles/ssh-config Normal file
View File

@ -0,0 +1,10 @@
Match tagged trusted
SendEnv RHELMOT_SWAYSOCK RHELMOT_FOOTSOCK RHELMOT_REMOTE_SWAYSOCK RHELMOT_REMOTE_FOOTSOCK
StreamLocalBindUnlink yes
ExitOnForwardFailure no
Match tagged trusted exec "test -S \"${RHELMOT_SWAYSOCK}\" && test -n \"${RHELMOT_REMOTE_SWAYSOCK}\""
RemoteForward ${RHELMOT_REMOTE_SWAYSOCK} ${RHELMOT_SWAYSOCK}
Match tagged trusted exec "test -S \"${RHELMOT_FOOTSOCK}\" && test -n \"${RHELMOT_REMOTE_FOOTSOCK}\""
RemoteForward ${RHELMOT_REMOTE_FOOTSOCK} ${RHELMOT_FOOTSOCK}

57
dotfiles/zsh-init.sh
View File

@ -162,6 +162,63 @@ export npm_config_prefix=~/.local
export HISTSIZE=100000 export HISTSIZE=100000
export SAVEHIST=100000 export SAVEHIST=100000
# Initialize SSH-forwarding variables so ssh_config env expansions remain valid.
: ${RHELMOT_SWAYSOCK:=/dev/null}
: ${RHELMOT_FOOTSOCK:=/dev/null}
: ${RHELMOT_REMOTE_SWAYSOCK:=/tmp/rhelmot-disabled-sway.sock}
: ${RHELMOT_REMOTE_FOOTSOCK:=/tmp/rhelmot-disabled-foot.sock}
# If remote socket forwards are present, opt in to them; otherwise leave local workflow unchanged.
if [[ -n "$RHELMOT_REMOTE_SWAYSOCK" && -S "$RHELMOT_REMOTE_SWAYSOCK" ]]; then
export SWAYSOCK="$RHELMOT_REMOTE_SWAYSOCK"
fi
if [[ -n "$RHELMOT_REMOTE_FOOTSOCK" && -S "$RHELMOT_REMOTE_FOOTSOCK" ]]; then
export RHELMOT_FOOTSOCK="$RHELMOT_REMOTE_FOOTSOCK"
fi
function _rhelmot_ssh_with_remote_ui_forwarding() {
local local_sway local_foot
local_sway="${SWAYSOCK:-$RHELMOT_SWAYSOCK}"
local_foot="$RHELMOT_FOOTSOCK"
if [[ -z "$local_foot" ]]; then
for candidate in \
"${XDG_RUNTIME_DIR:-}/foot-${WAYLAND_DISPLAY:-}.sock" \
"${XDG_RUNTIME_DIR:-}/foot.sock" \
"/tmp/foot.sock"; do
if [[ -S "$candidate" ]]; then
local_foot="$candidate"
break
fi
done
fi
[[ -S "$local_sway" ]] || local_sway="/dev/null"
[[ -S "$local_foot" ]] || local_foot="/dev/null"
if [[ "$local_sway" == "/dev/null" && "$local_foot" == "/dev/null" ]]; then
command ssh "$@"
return
fi
mkdir -p -m 700 "$HOME/.ssh"
local nonce remote_sway remote_foot
nonce="$(date +%s)-$$-$RANDOM"
remote_sway="$HOME/.ssh/rhelmot-sway-$nonce.sock"
remote_foot="$HOME/.ssh/rhelmot-foot-$nonce.sock"
env \
RHELMOT_SWAYSOCK="$local_sway" \
RHELMOT_FOOTSOCK="$local_foot" \
RHELMOT_REMOTE_SWAYSOCK="$remote_sway" \
RHELMOT_REMOTE_FOOTSOCK="$remote_foot" \
command ssh -P rhelmot-kak-remote-forward-request "$@"
}
function ssh() {
_rhelmot_ssh_with_remote_ui_forwarding "$@"
}
# site vars, functions, and aliases # site vars, functions, and aliases
if [ -e ~/.site_aliases.sh ]; then if [ -e ~/.site_aliases.sh ]; then
source ~/.site_aliases.sh source ~/.site_aliases.sh

18
sites/clove/hardware-configuration.nix
View File

@ -13,7 +13,7 @@
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" =
{ device = "system/tier1/root"; { device = "clove/tier1/root";
fsType = "zfs"; fsType = "zfs";
}; };
@ -24,42 +24,42 @@
}; };
fileSystems."/var" = fileSystems."/var" =
{ device = "system/tier1/var"; { device = "clove/tier1/var";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/home" = fileSystems."/home" =
{ device = "system/tier1/home"; { device = "clove/tier1/home";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var/lib/containers" = fileSystems."/var/lib/containers" =
{ device = "system/tier2/containers"; { device = "clove/tier2/containers";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var/log" = fileSystems."/var/log" =
{ device = "system/tier2/log"; { device = "clove/tier2/log";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var/spool" = fileSystems."/var/spool" =
{ device = "system/tier2/spool"; { device = "clove/tier2/spool";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var/tmp" = fileSystems."/var/tmp" =
{ device = "system/scratch/tmp"; { device = "clove/scratch/tmp";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/nix" = fileSystems."/nix" =
{ device = "system/scratch/nix"; { device = "clove/scratch/nix";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var/cache" = fileSystems."/var/cache" =
{ device = "system/scratch/cache"; { device = "clove/scratch/cache";
fsType = "zfs"; fsType = "zfs";
}; };