emacs main repo parity

.codex/config.toml

@@ -18,3 +18,4 @@ cwd = "/home/jawz/Development/NixOS"
 [mcp_servers.nixos]
 command = "nix"
 args = ["run", "github:utensils/mcp-nixos", "--"]
+startup_timeout_sec = 300

dotfiles/doom/init.el

@@ -43,6 +43,7 @@
        ;;neotree           ; a project drawer, like NERDTree for vim
        ophints           ; highlight the region an operation acts on
        (popup +defaults)   ; tame sudden yet inevitable temporary windows
+       (smooth-scroll +interpolate)     ; So smooth you won't believe it's not butter
        ;;tabs              ; a tab bar for Emacs
        (treemacs +lsp)         ; a project drawer, like neotree but cooler
        ;;unicode           ; extended unicode support for various languages
@@ -64,6 +65,7 @@
        ;;parinfer          ; turn lisp into python, sort of
        rotate-text       ; cycle region at point between text candidates
        snippets          ; my elves. They type so I don't have to
+       (whitespace +guess +trim)  ; a butler for your whitespace
        ;;word-wrap         ; soft wrapping with language-aware indent
 
        :emacs
@@ -71,6 +73,7 @@
        electric          ; smarter, keyword-based electric-indent
        eww ; the internet is gross
        ibuffer         ; interactive buffer management
+       tramp             ; remote files at your arthritic fingertips
        (undo +tree)              ; persistent, smarter undo for your inevitable mistakes
        vc                ; version-control and Emacs, sitting in a tree
 
@@ -96,21 +99,24 @@
        ;;ein               ; tame Jupyter notebooks with emacs
        (eval +overlay)     ; run code, run (also, repls)
        (lookup +dictionary + offline)              ; navigate your code and its documentation
+       llm               ; when I said you needed friends, I didn't mean...
        (lsp +peek)               ; M-x vscode
        magit             ; a git porcelain for Emacs
        ;;make              ; run make tasks from Emacs
        ;;pass              ; password manager for nerds
        ;;pdf               ; pdf enhancements
        ;;prodigy           ; FIXME managing external services & code builders
-       ;;terraform         ; infrastructure as code
+       (terraform +lsp)        ; infrastructure as code
        tmux              ; an API for interacting with tmux
        ;; tree-sitter       ; syntax and parsing, sitting in a tree...
        upload            ; map local to remote projects via ssh/ftp
 
        :os
        ;;(:if (featurep :system 'macos) macos) ; improve compatibility with macOS       tty               ; improve the terminal Emacs experience
+       tty               ; improve the terminal Emacs experience
 
        :lang
+       ;;ada               ; In strong typing we (blindly) trust
        ;;agda              ; types of types of types of types...
        ;;beancount         ; mind the GAAP
        (cc +lsp)         ; C > C++ == 1
@@ -139,6 +145,7 @@
        ;;hy                ; readability of scheme w/ speed of python
        ;;idris             ; a language you can depend on
        (json +lsp)              ; At least it ain't XML
+       ;;janet             ; Fun fact: Janet is me!
        ;;(java +lsp)       ; the poster child for carpal tunnel syndrome
        (javascript +lsp)       ; all(hope(abandon(ye(who(enter(here))))))
        (julia +lsp)            ; a better, faster MATLAB

dotfiles/doom/packages.el

@@ -49,15 +49,9 @@
 ;; ...Or *all* packages (NOT RECOMMENDED; will likely break things)
                                         ;(unpin! t)
 
-;; (package! nixos-options) ;; enable when migrating to nixos
-;; (package! quick-preview) ;; preview files with sushi
-
-
-;; (package! codeium :recipe (:host github :repo "Exafunction/codeium.el"))
-(package! config-general-mode)
 (package! dired-open)
 (package! dired-subtree)
-;; (package! doom-modeline-now-playing)
+(package! expand-region)
 (package! ini-mode)
 (package! insert-esv) ;; bible passages
 (package! olivetti) ;; writing mode centering text, looks like word
@@ -68,11 +62,14 @@
 (package! peep-dired) ;; kind of cool but never could make it work
 (package! php-cs-fixer)
 (package! systemd)
+;;   :recipe (:host github :repo "tecosaur/ox-chameleon"))
 ;; (package! 2048-game)
 ;; (package! academic-phrases)
 ;; (package! caddyfile-mode)
 ;; (package! clippy)
+;; (package! codeium :recipe (:host github :repo "Exafunction/codeium.el"))
 ;; (package! crontab-mode) ;; crontab colors
+;; (package! doom-modeline-now-playing)
 ;; (package! evil-tutor) ;; vim tutorial
 ;; (package! ewal) ;; theme colors based on pywal
 ;; (package! ewal-doom-themes)
@@ -81,16 +78,14 @@
 ;; (package! flycheck-aspell)
 ;; (package! ivy-posframe)
 ;; (package! mw-thesaurus)
+;; (package! nixos-options) ;; enable when migrating to nixos
 ;; (package! org-appear) ;; couldn't get it to work
 ;; (package! org-recur) ;; works but I want to keep org vanilla
 ;; (package! ox-chameleon
-;;   :recipe (:host github :repo "tecosaur/ox-chameleon"))
+;; (package! quick-preview) ;; preview files with sushi
 ;; (package! renpy)
 ;; (package! resize-window)
 ;; (package! tldr)
 ;; (package! typit) ;; type speed test
 ;; (package! vimgolf) ;; vim puzzles
 ;; (package! wc-mode) ;; displays character count of buffer
-
-(package! expand-region)
-(package! gptel :recipe (:nonrecursive t))

hosts/vps/configuration.nix

@@ -48,17 +48,21 @@ in
     ./nginx-nextcloud.nix
     ../../config/base.nix
   ];
-  my = import ./toggles.nix { inherit config inputs; } // {
+  my =
-    secureHost = true;
+    import ./toggles.nix {
-    users.nixremote = {
+      inherit config inputs lib;
-      enable = true;
+    }
-      authorizedKeys = inputs.self.lib.getSshKeys [
+    // {
-        "nixworkstation"
+      secureHost = true;
-        "nixserver"
+      users.nixremote = {
-        "nixminiserver"
+        enable = true;
-      ];
+        authorizedKeys = inputs.self.lib.getSshKeys [
+          "nixworkstation"
+          "nixserver"
+          "nixminiserver"
+        ];
+      };
     };
-  };
   sops.age = {
     generateKey = true;
     keyFile = "/var/lib/sops-nix/key.txt";
@@ -151,7 +155,12 @@ in
       www-data = { };
     };
     users = {
-      nginx.extraGroups = [ "www-data" ];
+      nginx = lib.mkIf config.my.secureHost {
+        extraGroups = [
+          "www-data"
+          "lidarr-reports"
+        ];
+      };
       deploy = {
         isSystemUser = true;
         group = "deploy";

hosts/vps/hardware-configuration.nix

@@ -1,5 +1,6 @@
 {
   lib,
+  config,
   modulesPath,
   ...
 }:
@@ -33,11 +34,17 @@
     };
   };
   fileSystems."/" = {
-    device = "/dev/disk/by-uuid/f222513b-ded1-49fa-b591-20ce86a2fe7f";
+    device = lib.mkForce (
+      if config.my.build.baseImage then
+        "/dev/sda"
+      else
+        "/dev/disk/by-uuid/f222513b-ded1-49fa-b591-20ce86a2fe7f"
+    );
     fsType = "ext4";
   };
-  swapDevices = [
+  swapDevices = lib.mkMerge [
-    { device = "/dev/disk/by-uuid/f1408ea6-59a0-11ed-bc9d-525400000001"; }
+    [ { device = "/dev/disk/by-uuid/f1408ea6-59a0-11ed-bc9d-525400000001"; } ]
+    (lib.mkIf config.my.build.baseImage [ { device = "/dev/sdb"; } ])
   ];
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }

hosts/vps/nginx-nextcloud.nix

@@ -3,7 +3,7 @@ let
   cfg = config.my.servers.nextcloud;
 in
 {
-  config = lib.mkIf (cfg.enableProxy && config.my.enableProxy) {
+  config = lib.mkIf (cfg.enableProxy && config.my.enableProxy && config.my.secureHost) {
     services.nginx.virtualHosts.${cfg.host} = {
       forceSSL = true;
       enableACME = true;

hosts/vps/toggles.nix

@@ -1,4 +1,8 @@
-{ config, inputs }:
+{
+  config,
+  inputs,
+  lib,
+}:
 let
   inherit (inputs.self.lib)
     enableList
@@ -16,59 +20,67 @@ let
       ip = wgServerIp;
     };
   };
-in
+  baseToggles = {
-{
+    services = enableList mkEnabled [
-  enableProxy = true;
+      "network"
-  enableContainers = true;
+      "wireguard"
-  apps.dictionaries.enable = true;
-  apps.dictionaries.users = "jawz";
-  services = enableList mkEnabled [
-    "network"
-    "wireguard"
-  ];
-  shell = enableList mkEnabledWithUsers [
-    "multimedia"
-    "tools"
-  ];
-  dev = enableList mkEnabledWithUsers [
-    "nix"
-    "sh"
-  ];
-  websites = {
-    portfolio.enableProxy = true;
-    lidarrMbReport.enableProxy = true;
-  };
-  servers =
-    enableList mkEnabledWithProxy [
-      "isso"
-      "microbin"
-    ]
-    // enableList mkEnabledProxySocketIp [
-      "audiobookshelf"
-      "collabora"
-      "jellyfin"
-      "nextcloud"
-      "plausible"
-      "plex"
-    ]
-    // enableList mkEnabledProxyIp [
-      "atticd"
-      "bazarr"
-      "gitea"
-      "homepage"
-      "kavita"
-      "keycloak"
-      "lidarr"
-      "linkwarden"
-      "maloja"
-      "mealie"
-      "metube"
-      "multi-scrobbler"
-      "oauth2-proxy"
-      "prowlarr"
-      "radarr"
-      "sonarr"
-      "vaultwarden"
-      "yamtrack"
     ];
-}
+    shell = enableList mkEnabledWithUsers [
+      "multimedia"
+      "tools"
+    ];
+    dev = enableList mkEnabledWithUsers [
+      "nix"
+      "sh"
+    ];
+    apps.dictionaries = {
+      enable = true;
+      users = "jawz";
+    };
+  };
+  secureToggles = {
+    enableProxy = true;
+    enableContainers = true;
+    websites = {
+      portfolio.enableProxy = true;
+      lidarrMbReport.enableProxy = true;
+    };
+    servers =
+      enableList mkEnabledWithProxy [
+        "isso"
+        "microbin"
+      ]
+      // enableList mkEnabledProxySocketIp [
+        "audiobookshelf"
+        "collabora"
+        "jellyfin"
+        "nextcloud"
+        "plausible"
+        "plex"
+      ]
+      // enableList mkEnabledProxyIp [
+        "atticd"
+        "bazarr"
+        "gitea"
+        "homepage"
+        "kavita"
+        "keycloak"
+        "lidarr"
+        "linkwarden"
+        "maloja"
+        "mealie"
+        "metube"
+        "multi-scrobbler"
+        "oauth2-proxy"
+        "prowlarr"
+        "radarr"
+        "sonarr"
+        "vaultwarden"
+        "yamtrack"
+      ];
+  };
+in
+lib.mkMerge [
+  baseToggles
+  (lib.mkIf config.my.secureHost secureToggles)
+]

modules/dev/emacs.nix

@@ -84,12 +84,5 @@
           extra ++ themes;
       };
     };
-    systemd.user.services.emacs = {
-      Install.WantedBy = [ "graphical-session.target" ];
-      Unit = {
-        After = [ "graphical-session.target" ];
-        Wants = [ "graphical-session.target" ];
-      };
-    };
   };
 }

modules/modules.nix

@@ -130,6 +130,11 @@ in
     };
     enableContainers = lib.mkEnableOption "container services (Docker/Podman)";
     enableProxy = lib.mkEnableOption "nginx reverse proxy for services";
+    build.baseImage = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Whether to enable base image settings for this host build.";
+    };
     toggleUsers = lib.mkOption {
       type = lib.types.attrsOf (lib.types.either lib.types.str (lib.types.listOf lib.types.str));
       default = {

parts/packages.nix

@@ -26,6 +26,17 @@
           exec ${mcpPython}/bin/python -m mcp_server.server
         '';
       };
+      vpsLinodeConfig = inputs.self.nixosConfigurations.vps.extendModules {
+        modules = [
+          (
+            { lib, ... }:
+            {
+              my.secureHost = lib.mkForce false;
+              my.build.baseImage = true;
+            }
+          )
+        ];
+      };
       mcpTests = pkgs.writeShellApplication {
         name = "mcp-tests";
         runtimeInputs = with pkgs.python3Packages; [
@@ -43,7 +54,7 @@
     {
       packages = (inputs.jawz-scripts.packages.${system} or { }) // {
         emacs-vm = inputs.self.nixosConfigurations.emacs.config.system.build.vm;
-        vps-linode = inputs.self.nixosConfigurations.vps.config.system.build.images.linode;
+        vps-linode = vpsLinodeConfig.config.system.build.images.linode;
         mcp-tests = mcpTests;
         nixos-mcp = nixosMcp;
         nixos-mcp-server = mcpServerPkg;