diff --git a/README.md b/README.md index a091582..2a7987d 100644 --- a/README.md +++ b/README.md @@ -14,22 +14,24 @@ ![Showcase Gif](home/Pictures/Records/record.gif) ## Table of Contents -- [About](#-about) -- [Showcase](#-showcase) -- [Components](#-components) -- [Features](#-features) -- [Installation](#-installation) -- [Keybindings](#️-keybindings) -- [Useful aliases in Fish Shell](#-useful-aliases-in-fish-shell) -- [Useful info for Rustaceans](#-useful-info-for-rustaceans) -- [Yubikey on NixOS](#-yubikey-on-nixos) -- [License](#-license) +- [About]() +- [Showcase]() +- [Components]() +- [Features]() +- [Installation]() +- [Keybindings]() +- [Useful aliases in Fish Shell]() +- [AI Tools and Services]() +- [Useful info for Rustaceans]() +- [Yubikey on NixOS]() +- [License]() ## 📖 About This repository houses my NixOS Linux ❄️ flake configuration, featuring the Hyprland window manager and adorned with the stylish Catppuccin Macchiato theme. I rely on this setup as my daily driver for work and programming, primarily in Rust 🦀. Feel free to utilize it in its entirety or borrow specific components for your own configuration. -🚨 It's essential to note that this configuration is not minimalistic or lightweight and may require some disk space and knowledge to understand. If you're looking for something simpler, this configuration may not be suitable for you. +> [!NOTE] +> It's essential to note that this configuration is not minimalistic or lightweight and may require some disk space and knowledge to understand. If you're looking for something simpler, this configuration may not be suitable for you. This system leverages cutting-edge channels and versions of software to provide you with the latest updates and features. Notably, it utilizes: @@ -38,17 +40,22 @@ This system leverages cutting-edge channels and versions of software to provide - **nixpkgs**: unstable - **rust**: nightly version -This approach ensures that you stay on the forefront of technology, receiving the most recent software advancements promptly. 🚨 However, it's important to note that this emphasis on bleeding-edge software may impact the stability of the system. +This approach ensures that you stay on the forefront of technology, receiving the most recent software advancements promptly. +> [!WARNING] +> However, it's important to note that this emphasis on bleeding-edge software may impact the stability of the system. -🚨 Please note that the system utilizes **Podman** instead of **Docker** for containerization due to various reasons, primarily related to security (rootless and daemonless containers), easier migration to Kubernetes, availability of pods, compatibility with systemd, and better security for `distrobox`. If you prefer to use **Docker** instead of **Podman**, you can make the switch by commenting out the **Podman** section in the `nixos/virtualisation.nix` file and uncommenting the **Docker** section. More details on **Docker** configuration in NixOS can be found [here](https://nixos.wiki/wiki/Docker). +> [!IMPORTANT] +> Please note that the system utilizes **Podman** instead of **Docker** for containerization due to various reasons, primarily related to security (rootless and daemonless containers), easier migration to Kubernetes, availability of pods, compatibility with systemd, and better security for `distrobox`. If you prefer to use **Docker** instead of **Podman**, you can make the switch by commenting out the **Podman** section in the `nixos/virtualisation.nix` file and uncommenting the **Docker** section. More details on **Docker** configuration in NixOS can be found [here](https://nixos.wiki/wiki/Docker). -The system also enables SELinux patches, as well as AppArmor and Tomoyo Linux Security Modules. It includes security daemons such as Fail2Ban and USBGuard, with Firejail preinstalled to meet your security requirements. +> [!NOTE] +> The system also enables SELinux patches, as well as AppArmor and Tomoyo Linux Security Modules. It includes security daemons such as Fail2Ban and USBGuard, with Firejail preinstalled to meet your security requirements. You have the flexibility to customize these configurations according to your needs by modifying the respective configuration files. ## 🌟 Showcase -The showcased images do not reflect the latest version of the system's appearance. The final setup may vary slightly. +> [!IMPORTANT] +> The showcased images do not reflect the latest version of the system's appearance. The final setup may vary slightly. ![Screenshot 1](home/Pictures/Screenshots/screenshot-1.png) ![Screenshot 2](home/Pictures/Screenshots/screenshot-2.png) @@ -111,21 +118,37 @@ And many other useful utilities. The full list can be found in the system config 2. Temporarily install ripgrep and fish using the command: `nix-shell -p ripgrep fish --run fish`. You can also use classic bash and grep for the next step without installing fish and ripgrep. 3. Run the command `rg --hidden FIXME` and change/add lines to match your device, swaps, partitions, peripherals, file systems, etc. in the configuration files. - 🚨 Ensure that you configure USBGuard in the `nixos/usb.nix` file to avoid potential issues. By default, USBGuard blocks all USB devices, which can lead to the disabling of crucial hardware components such as the integrated camera, bluetooth, wifi, etc. To configure USBGuard properly, add your trusted USB devices to the configuration. You can obtain a list of all connected devices by using the `lsusb` command from the `usbutils` package. + > [!IMPORTANT] + > Ensure that you configure USBGuard in the `nixos/usb.nix` file to avoid potential issues. By default, USBGuard blocks all USB devices, which can lead to the disabling of crucial hardware components such as the integrated camera, bluetooth, wifi, etc. To configure USBGuard properly, add your trusted USB devices to the configuration. You can obtain a list of all connected devices by using the `lsusb` command from the `usbutils` package. - Failure to configure USBGuard appropriately may result in the inability to connect any USB devices to your machine. If needed, you can also disable USBGuard altogether by setting `services.usbguard.enable` to `false` in the configuration:`services.usbguard.enable = false;`. This step ensures that USBGuard is not actively blocking any USB devices. + > [!WARNING] + > Failure to configure USBGuard appropriately may result in the inability to connect any USB devices to your machine. If needed, you can also disable USBGuard altogether by setting `services.usbguard.enable` to `false` in the configuration:`services.usbguard.enable = false;`. This step ensures that USBGuard is not actively blocking any USB devices. - 🚨 Remember to update the monitor settings in the Hyprland configuration file located at `home/.config/hypr/hyprland.conf`. + > [!IMPORTANT] + > Remember to update the monitor settings in the Hyprland configuration file located at `home/.config/hypr/hyprland.conf`. - 🚨 Also, important: If you use disk encryption with LUKS and want to use encrypted swap, you need to enable swap on LUKS. This is usually auto-generated in `/etc/nixos/configuration.nix` as the `boot.initrd.luks.devices."luks-...".device = "/dev/disk/by-uuid/...";` code block, if you set this option up during the NixOS installation process. You can simply copy this snippet to either `nixos/swap.nix`, `nixos/hardware-configuration.nix`, or `nixos/configuration.nix` (Personally, I prefer to copy it to `hardware-configuration.nix`). + > [!IMPORTANT] + > Also, important: If you use disk encryption with LUKS and want to use encrypted swap, you need to enable swap on LUKS. This is usually auto-generated in `/etc/nixos/configuration.nix` as the `boot.initrd.luks.devices."luks-...".device = "/dev/disk/by-uuid/...";` code block, if you set this option up during the NixOS installation process. You can simply copy this snippet to either `nixos/swap.nix`, `nixos/hardware-configuration.nix`, or `nixos/configuration.nix` (Personally, I prefer to copy it to `hardware-configuration.nix`). + > Alternatively, you can set it up manually or use [swap encryption with a random key](https://nixos.wiki/wiki/Swap#Encrypt_swap_with_random_key). - Alternatively, you can set it up manually or use [swap encryption with a random key](https://nixos.wiki/wiki/Swap#Encrypt_swap_with_random_key). +4. To change the default username and/or hostname, run the command `rg --hidden 'xnm'` to find and fix all instances of the username, and `rg --hidden 'isitreal-laptop'` for the hostname. + > [!IMPORTANT] + > Make sure to change the username to match yours set during installation to avoid login issues. + + > [!IMPORTANT] + > Also, don't forget to delete or change to my git settings in `home/.gitconfig`, `home/projects/.gitconfig.personal`, `home/.ssh/config`, and `home/work/.gitconfig.work` files, as they are configured for my personal use. -4. To change the default username and/or hostname, run the command `rg --hidden 'xnm'` to find and fix all instances of the username, and `rg --hidden 'isitreal-laptop'` for the hostname. 🚨 Make sure to change the username to match yours set during installation to avoid login issues. 🚨 Also, don't forget to delete or change to yours the git settings in `home/.gitconfig`, `home/projects/.gitconfig.personal`, and `home/work/.gitconfig.work` files, as they are configured for my personal use. 5. Enable `flake` support (more [here](https://nixos.wiki/wiki/Flakes#Enable_flakes_temporarily)) on your current system. Don't forget to run `sudo nixos-rebuild switch` after enabling `flake` in your `/etc/configuration.nix`. 6. Copy or move all files (with replacements) from the `home` directory to your `$HOME` directory in Linux. -7. Copy or move all files (with replacements and **sudo** permissions) from the `nixos` directory to `/etc/nixos/`. 🚨 Ensure that `system.stateVersion = "your_version";` is correctly set to the release version of the initial installation of your system in the `configuration.nix` file. 🚨 Also, for security reasons, ensure all files in the `/etc/nixos` directory are owned by **root**. If not, change ownership using the command: `sudo chown -R root:root /etc/nixos`. -8. Run the command `sudo nixos-rebuild switch --flake /etc/nixos#your-hostname --update-input nixpkgs --update-input rust-overlay --commit-lock-file --upgrade` or `nswitchu`. If you chose first command, replace `your-hostname` with your hostname before running the command; by default, hostname is set to `isitreal-laptop`. +7. Copy or move all files (with replacements and **sudo** permissions) from the `nixos` directory to `/etc/nixos/`. + + > [!IMPORTANT] + > Ensure that `system.stateVersion = "your_version";` is correctly set to the release version of the initial installation of your system in the `configuration.nix` file. + + > [!IMPORTANT] + > Also, for security reasons, ensure all files in the `/etc/nixos` directory are owned by **root**. If not, change ownership using the command: `sudo chown -R root:root /etc/nixos`. + +8. Run the command `sudo nix flake update --flake /etc/nixos; and sudo nixos-rebuild switch --flake /etc/nixos#your-hostname --upgrade` or `nswitchu`. If you chose first command, replace `your-hostname` with your hostname before running the command; by default, hostname is set to `isitreal-laptop`. 9. Post-installation configuration: - Import GNOME settings along with the theme by executing the following command: `dconf load / < home/.config/gnome_settings_backup.dconf`. Additionally, you can use tools like **gnome-tweaks** or **themechanger** to fine-tune specific theme preferences to your liking. @@ -146,6 +169,15 @@ And many other useful utilities. The full list can be found in the system config - Select the imported profile named "catppuccin-theme". - Click "Load" and exit from "Settings". + - Apply Open-WebUI Settings + - Navigate to the Open-WebUI page: `http://localhost:8888`. + - Signup or signin if you haven't already done so. + - Click on the user photo in the top-right corner. + - From the dropdown menu, select "Admin Panel". + - In the Admin Panel, go to the "Settings" tab. + - Under the Settings tab, locate and click on the "Database" section. + - Click "Import Config from JSON File" and select the configuration file: `home/.config/open-webui-config.json` from your file manager. + - Login to your accounts. - Customize graphical applications to suit your preferences. @@ -231,6 +263,47 @@ NixOS-specific commands: You can customize this configuration by adding more aliases to the file and editing existing ones. This makes your experience more personalized and smoother. +## 🤖 AI Tools and Services + +This configuration includes several AI/LLM tools and services for local development and experimentation: + +**Local AI Services:** +- **Ollama** - Local LLM server with pre-loaded models: + - Accessible at `http://localhost:11434` + - Models: `llama3.2:3b`, `llama3.2-vision:11b`, `phi4:14b`, `deepseek-r1:7b`, `dolphin3:8b`, `smallthinker:3b` + - Text embedding model: `nomic-embed-text` + - CUDA acceleration enabled for GPU inference + +- **SearXNG (Searx fork)** - Privacy-respecting meta search engine: + - Accessible at `http://localhost:7777` + - Supports HTML and JSON formats + - 🔒 Remember to set `SEARX_SECRET_KEY` in your environment file: `home/.config/.env.searxng` + +- **Open WebUI** - Local ChatGPT-style UI for Ollama: + - Accessible at `http://localhost:8888` + - Modern web interface with conversation history + - Supports model switching and prompt templates + +**AI Tools:** +- `aichat` - ChatGPT-like CLI and REPL with lot of features +- `aider-chat` - Code assistant/chat directly in the terminal +- `alpaca` - GUI LLM client with markdown support +- `oterm` - TUI LLM client with markdown support + +> [!NOTE] +> These AI services are enabled by default. + +To disable them: +1. Edit `nixos/llm.nix` +2. Disable services by setting their `enable` attribute to `false`: + ```nix + services.ollama.enable = false; + services.searx.enable = false; + services.open-webui.enable = false; + ``` +3. Remove AI CLI tools from `environment.systemPackages` if desired +4. Rebuild your configuration with `nswitch` + ## 🦀 Useful info for Rustaceans Here are some tips to enhance your Rust experience on this system: @@ -271,6 +344,8 @@ Here are some tips to enhance your Rust experience on this system: - `cargo-modules` - `cargo-bloat` - `cargo-unused-features` + - `cargo-feature` + - `cargo-features-manager` - `bacon` 5. **Environment Setup:** @@ -282,9 +357,11 @@ This repo contains a NixOS configuration file (`nixos/yubikey.nix`) enabling: - Yubikey authentication with pam_u2f - Passwordless login in greetd, sudo, ssh, and hyprlock -🚨 Personal Recommendation: While convenient, using a Yubikey for display managers (like greetd) and screen lockers (like hyprlock) without additional two-factor or multi-factor authentication (2FA/MFA) has risks. If your Yubikey is lost or stolen, someone could gain full system access before you reset keys. Yubikeys excel at protecting against online attacks but are less secure against offline attacks. +> [!WARNING] +> While convenient, using a Yubikey for display managers (like greetd) and screen lockers (like hyprlock) without additional two-factor or multi-factor authentication (2FA/MFA) has risks. If your Yubikey is lost or stolen, someone could gain full system access before you reset keys. Yubikeys excel at protecting against online attacks but are less secure against offline attacks. -🛡️ For enhanced security and a passwordless experience: +> [!TIP] +> For enhanced security and a passwordless experience: You can consider a YubiKey Bio Series device. These keys support FIDO2/WebAuthn and FIDO U2F and has built in fingerprint scanner for strong authentication. Please note, they do not offer Smart card, OpenPGP, or OTP functionality. ## 📜 License diff --git a/home/.config/.env.searxng b/home/.config/.env.searxng new file mode 100644 index 0000000..d3b23ba --- /dev/null +++ b/home/.config/.env.searxng @@ -0,0 +1 @@ +SEARX_SECRET_KEY=your_custom_key_here # FIXME diff --git a/home/.config/helix/config.toml b/home/.config/helix/config.toml index 17be542..8ab4bab 100644 --- a/home/.config/helix/config.toml +++ b/home/.config/helix/config.toml @@ -34,7 +34,7 @@ display-inlay-hints = true enable = true [keys.normal] -backspace = { w = ":w", d = ":bc", S-d = ":bca", q = ":q", A-q = ":q!", A-d = ":bc!", A-S-d = ":bca!" } +backspace = { w = ":w", d = ":bc", S-d = ":bca", q = ":q", A-w = ":w!", A-q = ":q!", A-d = ":bc!", A-S-d = ":bca!" } S-l = ":bn" S-h = ":bp" S-right = ":bn" diff --git a/home/.config/open-webui-config.json b/home/.config/open-webui-config.json new file mode 100644 index 0000000..062d235 --- /dev/null +++ b/home/.config/open-webui-config.json @@ -0,0 +1,220 @@ +{ + "version": 0, + "ui": { + "default_locale": "", + "prompt_suggestions": [ + { + "title": [ + "Help me study", + "vocabulary for a college entrance exam" + ], + "content": "Help me study vocabulary: write a sentence for me to fill in the blank, and I'll try to pick the correct option." + }, + { + "title": [ + "Give me ideas", + "for what to do with my kids' art" + ], + "content": "What are 5 creative things I could do with my kids' art? I don't want to throw them away, but it's also so much clutter." + }, + { + "title": [ + "Tell me a fun fact", + "about the Roman Empire" + ], + "content": "Tell me a random fun fact about the Roman Empire" + }, + { + "title": [ + "Show me a code snippet", + "of a website's sticky header" + ], + "content": "Show me a code snippet of a website's sticky header in CSS and JavaScript." + }, + { + "title": [ + "Explain options trading", + "if I'm familiar with buying and selling stocks" + ], + "content": "Explain options trading in simple terms if I'm familiar with buying and selling stocks." + }, + { + "title": [ + "Overcome procrastination", + "give me tips" + ], + "content": "Could you start by asking me about instances when I procrastinate the most and then give me some suggestions to overcome it?" + }, + { + "title": [ + "Grammar check", + "rewrite it for better readability " + ], + "content": "Check the following sentence for grammar and clarity: \"[sentence]\". Rewrite it for better readability while maintaining its original meaning." + } + ], + "enable_signup": false, + "default_user_role": "pending", + "enable_community_sharing": true, + "enable_message_rating": true + }, + "rag": { + "embedding_engine": "ollama", + "embedding_model": "nomic-embed-text:latest", + "openai_api_base_url": "https://api.openai.com/v1", + "openai_api_key": "", + "ollama": { + "url": "http://localhost:11434", + "key": "" + }, + "embedding_batch_size": 1, + "pdf_extract_images": false, + "file": { + "max_size": null, + "max_count": null + }, + "CONTENT_EXTRACTION_ENGINE": "", + "tika_server_url": "http://tika:9998", + "text_splitter": "", + "chunk_size": 1000, + "chunk_overlap": 100, + "template": "### Task:\nRespond to the user query using the provided context, incorporating inline citations in the format [source_id] **only when the tag is explicitly provided** in the context.\n\n### Guidelines:\n- If you don't know the answer, clearly state that.\n- If uncertain, ask the user for clarification.\n- Respond in the same language as the user's query.\n- If the context is unreadable or of poor quality, inform the user and provide the best possible answer.\n- If the answer isn't present in the context but you possess the knowledge, explain this to the user and provide the answer using your own understanding.\n- **Only include inline citations using [source_id] when a tag is explicitly provided in the context.** \n- Do not cite if the tag is not provided in the context. \n- Do not use XML tags in your response.\n- Ensure citations are concise and directly related to the information provided.\n\n### Example of Citation:\nIf the user asks about a specific topic and the information is found in \"whitepaper.pdf\" with a provided , the response should include the citation like so: \n* \"According to the study, the proposed method increases efficiency by 20% [whitepaper.pdf].\"\nIf no is present, the response should omit the citation.\n\n### Output:\nProvide a clear and direct response to the user's query, including inline citations in the format [source_id] only when the tag is present in the context.\n\n\n{{CONTEXT}}\n\n\n\n{{QUERY}}\n\n", + "top_k": 3, + "relevance_threshold": 0, + "enable_hybrid_search": false, + "youtube_loader_language": [ + "en" + ], + "youtube_loader_proxy_url": "", + "enable_web_loader_ssl_verification": false, + "web": { + "search": { + "enable": true, + "engine": "searxng", + "searxng_query_url": "http://localhost:7777/search?q=", + "google_pse_api_key": "", + "google_pse_engine_id": "", + "brave_search_api_key": "", + "kagi_search_api_key": "", + "mojeek_search_api_key": "", + "serpstack_api_key": "", + "serpstack_https": true, + "serper_api_key": "", + "serply_api_key": "", + "tavily_api_key": "", + "searchapi_api_key": "", + "searchapi_engine": "", + "jina_api_key": "", + "bing_search_v7_endpoint": "https://api.bing.microsoft.com/v7.0/search", + "bing_search_v7_subscription_key": "", + "result_count": 5, + "concurrent_requests": 10, + "exa_api_key": "" + } + } + }, + "google_drive": { + "enable": false + }, + "webhook_url": "", + "auth": { + "admin": { + "show": true + }, + "api_key": { + "enable": false, + "endpoint_restrictions": false, + "allowed_endpoints": "" + }, + "jwt_expiry": "-1" + }, + "webui": { + "url": "http://localhost:8090" + }, + "channels": { + "enable": false + }, + "audio": { + "tts": { + "openai": { + "api_base_url": "https://api.openai.com/v1", + "api_key": "" + }, + "api_key": "", + "engine": "transformers", + "model": "", + "voice": "", + "split_on": "punctuation", + "azure": { + "speech_region": "eastus", + "speech_output_format": "audio-24khz-160kbitrate-mono-mp3" + } + }, + "stt": { + "openai": { + "api_base_url": "https://api.openai.com/v1", + "api_key": "" + }, + "engine": "", + "model": "", + "whisper_model": "base" + } + }, + "image_generation": { + "engine": "comfyui", + "enable": false, + "prompt": { + "enable": true + }, + "openai": { + "api_base_url": "https://api.openai.com/v1", + "api_key": "" + }, + "automatic1111": { + "base_url": "", + "api_auth": "", + "cfg_scale": null, + "sampler": null, + "scheduler": null + }, + "comfyui": { + "base_url": "", + "workflow": "{\n \"3\": {\n \"inputs\": {\n \"seed\": 0,\n \"steps\": 20,\n \"cfg\": 8,\n \"sampler_name\": \"euler\",\n \"scheduler\": \"normal\",\n \"denoise\": 1,\n \"model\": [\n \"4\",\n 0\n ],\n \"positive\": [\n \"6\",\n 0\n ],\n \"negative\": [\n \"7\",\n 0\n ],\n \"latent_image\": [\n \"5\",\n 0\n ]\n },\n \"class_type\": \"KSampler\",\n \"_meta\": {\n \"title\": \"KSampler\"\n }\n },\n \"4\": {\n \"inputs\": {\n \"ckpt_name\": \"model.safetensors\"\n },\n \"class_type\": \"CheckpointLoaderSimple\",\n \"_meta\": {\n \"title\": \"Load Checkpoint\"\n }\n },\n \"5\": {\n \"inputs\": {\n \"width\": 512,\n \"height\": 512,\n \"batch_size\": 1\n },\n \"class_type\": \"EmptyLatentImage\",\n \"_meta\": {\n \"title\": \"Empty Latent Image\"\n }\n },\n \"6\": {\n \"inputs\": {\n \"text\": \"Prompt\",\n \"clip\": [\n \"4\",\n 1\n ]\n },\n \"class_type\": \"CLIPTextEncode\",\n \"_meta\": {\n \"title\": \"CLIP Text Encode (Prompt)\"\n }\n },\n \"7\": {\n \"inputs\": {\n \"text\": \"\",\n \"clip\": [\n \"4\",\n 1\n ]\n },\n \"class_type\": \"CLIPTextEncode\",\n \"_meta\": {\n \"title\": \"CLIP Text Encode (Prompt)\"\n }\n },\n \"8\": {\n \"inputs\": {\n \"samples\": [\n \"3\",\n 0\n ],\n \"vae\": [\n \"4\",\n 2\n ]\n },\n \"class_type\": \"VAEDecode\",\n \"_meta\": {\n \"title\": \"VAE Decode\"\n }\n },\n \"9\": {\n \"inputs\": {\n \"filename_prefix\": \"ComfyUI\",\n \"images\": [\n \"8\",\n 0\n ]\n },\n \"class_type\": \"SaveImage\",\n \"_meta\": {\n \"title\": \"Save Image\"\n }\n }\n}", + "nodes": [ + { + "type": "prompt", + "key": "text", + "node_ids": [] + }, + { + "type": "model", + "key": "ckpt_name", + "node_ids": [] + }, + { + "type": "width", + "key": "width", + "node_ids": [] + }, + { + "type": "height", + "key": "height", + "node_ids": [] + }, + { + "type": "steps", + "key": "steps", + "node_ids": [] + }, + { + "type": "seed", + "key": "seed", + "node_ids": [] + } + ] + }, + "model": "", + "size": "512x512", + "steps": 50 + } +} \ No newline at end of file diff --git a/home/.config/qutebrowser/config.py b/home/.config/qutebrowser/config.py index d942270..889be64 100644 --- a/home/.config/qutebrowser/config.py +++ b/home/.config/qutebrowser/config.py @@ -5,4 +5,14 @@ config.load_autoconfig() # set the flavour you'd like to use # valid options are 'mocha', 'macchiato', 'frappe', and 'latte' -catppuccin.setup(c, 'macchiato') \ No newline at end of file +catppuccin.setup(c, 'macchiato') + +config.bind('', 'scroll up') +config.bind('', 'scroll down') +config.bind('', 'scroll left') +config.bind('', 'scroll right') + +config.bind('', 'back') +config.bind('', 'forward') +config.bind('', 'tab-next') +config.bind('', 'tab-prev') diff --git a/home/.local/share/oterm/config.json b/home/.local/share/oterm/config.json new file mode 100644 index 0000000..bf58f96 --- /dev/null +++ b/home/.local/share/oterm/config.json @@ -0,0 +1,4 @@ +{ + "theme": "catppuccin-mocha", + "splash-screen": true +} \ No newline at end of file diff --git a/nixos/llm.nix b/nixos/llm.nix index abefe83..27b72af 100644 --- a/nixos/llm.nix +++ b/nixos/llm.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { @@ -14,9 +14,13 @@ server = { port = 7777; bind_address = "127.0.0.1"; - secret_key = "your_key_here"; # FIXME: generate and paste your custom key here + secret_key = "@SEARX_SECRET_KEY@"; # FIXME: Set up this key in the .env file described below, name of variable `SEARX_SECRET_KEY` + }; + search = { + formats = [ "html" "json" ]; }; }; + environmentFile = "${config.users.users.xnm.home}/.config/.env.searxng"; # FIXME: The location of the `.env` file where you need to set up the key }; services.open-webui = { diff --git a/nixos/rust.nix b/nixos/rust.nix index 3bfea88..35d09f7 100644 --- a/nixos/rust.nix +++ b/nixos/rust.nix @@ -24,6 +24,8 @@ cargo-modules cargo-bloat cargo-unused-features + cargo-feature + cargo-features-manager bacon evcxr #rust repl ]; diff --git a/nixos/virtualisation.nix b/nixos/virtualisation.nix index 885c258..5b0577b 100644 --- a/nixos/virtualisation.nix +++ b/nixos/virtualisation.nix @@ -5,30 +5,32 @@ # virtualisation.containerd.enable = true; # Enable Docker - # virtualisation.docker.enable = true; - # virtualisation.docker.rootless = { + # virtualisation.docker = { # enable = true; - # setSocketVariable = true; + # rootless = { + # enable = true; + # setSocketVariable = true; + # daemon.settings.features.cdi = true; + # }; # }; # users.extraGroups.docker.members = [ "xnm" ]; # Enable Podman - virtualisation = { - podman = { - enable = true; + virtualisation.podman = { + enable = true; - # Create a `docker` alias for podman, to use it as a drop-in replacement - dockerCompat = true; - dockerSocket.enable = true; + # Create a `docker` alias for podman, to use it as a drop-in replacement + dockerCompat = true; + dockerSocket.enable = true; - # Required for containers under podman-compose to be able to talk to each other. - defaultNetwork.settings.dns_enabled = true; - }; + # Required for containers under podman-compose to be able to talk to each other. + defaultNetwork.settings.dns_enabled = true; }; environment.variables.DBX_CONTAINER_MANAGER = "podman"; users.extraGroups.podman.members = [ "xnm" ]; environment.systemPackages = with pkgs; [ + nvidia-docker # nerdctl # firecracker diff --git a/nixos/work.nix b/nixos/work.nix index ac71809..85c694a 100644 --- a/nixos/work.nix +++ b/nixos/work.nix @@ -5,9 +5,11 @@ slack aws-sam-cli awscli2 + ssm-session-manager-plugin cargo-lambda gnumake cmake + redli firebase-tools ]; }