Standardize formatting using the Nix RFC style, even though it means using spaces 🤢
This commit is contained in:
parent
f0ddde868d
commit
0a412d6f26
218
flake.nix
218
flake.nix
|
@ -1,116 +1,132 @@
|
||||||
# Based on the Auxolotl template: https://github.com/auxolotl/templates
|
# Based on the Auxolotl template: https://github.com/auxolotl/templates
|
||||||
# For info on Flakes, see: https://nixos-and-flakes.thiscute.world/nixos-with-flakes/nixos-with-flakes-enabled
|
# For info on Flakes, see: https://nixos-and-flakes.thiscute.world/nixos-with-flakes/nixos-with-flakes-enabled
|
||||||
{
|
{
|
||||||
description = "Aires' system Flake";
|
description = "Aires' system Flake";
|
||||||
|
|
||||||
inputs = {
|
|
||||||
# Track base packages against unstable
|
|
||||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
|
||||||
|
|
||||||
# Replace Nix with Lix: https://lix.systems/
|
inputs = {
|
||||||
lix = {
|
# Track base packages against unstable
|
||||||
url = "git+https://git@git.lix.systems/lix-project/lix?ref=refs/tags/2.90-beta.1";
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
flake = false;
|
|
||||||
};
|
|
||||||
lix-module = {
|
|
||||||
url = "git+https://git.lix.systems/lix-project/nixos-module";
|
|
||||||
inputs.lix.follows = "lix";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
|
|
||||||
# SecureBoot support
|
# Replace Nix with Lix: https://lix.systems/
|
||||||
lanzaboote.url = "github:nix-community/lanzaboote/v0.3.0";
|
lix = {
|
||||||
|
url = "git+https://git@git.lix.systems/lix-project/lix?ref=refs/tags/2.90-beta.1";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
|
lix-module = {
|
||||||
|
url = "git+https://git.lix.systems/lix-project/nixos-module";
|
||||||
|
inputs.lix.follows = "lix";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
# Flatpak support
|
# SecureBoot support
|
||||||
nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1";
|
lanzaboote.url = "github:nix-community/lanzaboote/v0.3.0";
|
||||||
|
|
||||||
# Hardware configurations
|
# Flatpak support
|
||||||
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1";
|
||||||
|
|
||||||
# Home-manager
|
# Hardware configurations
|
||||||
home-manager = {
|
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
||||||
url = "github:nix-community/home-manager/master";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list where available
|
|
||||||
};
|
|
||||||
|
|
||||||
# TODO: Add Disko - https://github.com/nix-community/disko
|
|
||||||
};
|
|
||||||
|
|
||||||
outputs = inputs@{ self, nixpkgs, lanzaboote, nix-flatpak, home-manager, nixos-hardware, lix-module, ... }:
|
# Home-manager
|
||||||
let
|
home-manager = {
|
||||||
forAllSystems = function:
|
url = "github:nix-community/home-manager/master";
|
||||||
nixpkgs.lib.genAttrs [
|
inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list where available
|
||||||
"x86_64-linux"
|
};
|
||||||
"aarch64-linux"
|
|
||||||
] (system: function nixpkgs.legacyPackages.${system});
|
|
||||||
config.allowUnfree = true;
|
|
||||||
|
|
||||||
# Define shared modules and imports
|
|
||||||
defaultModules = {
|
|
||||||
base = [
|
|
||||||
{ _module.args = { inherit inputs; }; }
|
|
||||||
./hosts/default.nix
|
|
||||||
lix-module.nixosModules.default
|
|
||||||
lanzaboote.nixosModules.lanzaboote
|
|
||||||
nix-flatpak.nixosModules.nix-flatpak
|
|
||||||
home-manager.nixosModules.home-manager {
|
|
||||||
home-manager = {
|
|
||||||
/*
|
|
||||||
When running, Home Manager will use the global package cache.
|
|
||||||
It will also back up any files that it would otherwise overwrite.
|
|
||||||
The originals will have the extension shown below.
|
|
||||||
*/
|
|
||||||
useGlobalPkgs = true;
|
|
||||||
useUserPackages = true;
|
|
||||||
backupFileExtension = "home-manager-backup";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style);
|
|
||||||
nixosConfigurations = {
|
|
||||||
|
|
||||||
Dimaga = nixpkgs.lib.nixosSystem {
|
# TODO: Add Disko - https://github.com/nix-community/disko
|
||||||
system = "x86_64-linux";
|
};
|
||||||
modules = defaultModules.base ++ [
|
|
||||||
nixos-hardware.nixosModules.common-cpu-intel
|
|
||||||
./hosts/Dimaga
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
Haven = nixpkgs.lib.nixosSystem {
|
outputs =
|
||||||
system = "x86_64-linux";
|
inputs@{
|
||||||
modules = defaultModules.base ++ [
|
self,
|
||||||
nixos-hardware.nixosModules.common-cpu-amd-pstate
|
nixpkgs,
|
||||||
./hosts/Haven
|
lanzaboote,
|
||||||
];
|
nix-flatpak,
|
||||||
};
|
home-manager,
|
||||||
|
nixos-hardware,
|
||||||
|
lix-module,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
forAllSystems =
|
||||||
|
function:
|
||||||
|
nixpkgs.lib.genAttrs [
|
||||||
|
"x86_64-linux"
|
||||||
|
"aarch64-linux"
|
||||||
|
] (system: function nixpkgs.legacyPackages.${system});
|
||||||
|
config.allowUnfree = true;
|
||||||
|
|
||||||
Khanda = nixpkgs.lib.nixosSystem {
|
# Define shared modules and imports
|
||||||
system = "x86_64-linux";
|
defaultModules = {
|
||||||
modules = defaultModules.base ++ [
|
base = [
|
||||||
nixos-hardware.nixosModules.microsoft-surface-pro-intel
|
{
|
||||||
./hosts/Khanda
|
_module.args = {
|
||||||
];
|
inherit inputs;
|
||||||
};
|
};
|
||||||
|
}
|
||||||
|
./hosts/default.nix
|
||||||
|
lix-module.nixosModules.default
|
||||||
|
lanzaboote.nixosModules.lanzaboote
|
||||||
|
nix-flatpak.nixosModules.nix-flatpak
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager = {
|
||||||
|
/*
|
||||||
|
When running, Home Manager will use the global package cache.
|
||||||
|
It will also back up any files that it would otherwise overwrite.
|
||||||
|
The originals will have the extension shown below.
|
||||||
|
*/
|
||||||
|
useGlobalPkgs = true;
|
||||||
|
useUserPackages = true;
|
||||||
|
backupFileExtension = "home-manager-backup";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style);
|
||||||
|
nixosConfigurations = {
|
||||||
|
|
||||||
Pihole = nixpkgs.lib.nixosSystem {
|
Dimaga = nixpkgs.lib.nixosSystem {
|
||||||
system = "aarch64-linux";
|
system = "x86_64-linux";
|
||||||
modules = defaultModules.base ++ [
|
modules = defaultModules.base ++ [
|
||||||
nixos-hardware.nixosModules.raspberry-pi-4
|
nixos-hardware.nixosModules.common-cpu-intel
|
||||||
./hosts/Pihole
|
./hosts/Dimaga
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
Shura = nixpkgs.lib.nixosSystem {
|
Haven = nixpkgs.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = defaultModules.base ++ [
|
modules = defaultModules.base ++ [
|
||||||
nixos-hardware.nixosModules.lenovo-legion-16arha7
|
nixos-hardware.nixosModules.common-cpu-amd-pstate
|
||||||
./hosts/Shura
|
./hosts/Haven
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
|
Khanda = nixpkgs.lib.nixosSystem {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
modules = defaultModules.base ++ [
|
||||||
|
nixos-hardware.nixosModules.microsoft-surface-pro-intel
|
||||||
|
./hosts/Khanda
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
Pihole = nixpkgs.lib.nixosSystem {
|
||||||
|
system = "aarch64-linux";
|
||||||
|
modules = defaultModules.base ++ [
|
||||||
|
nixos-hardware.nixosModules.raspberry-pi-4
|
||||||
|
./hosts/Pihole
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
Shura = nixpkgs.lib.nixosSystem {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
modules = defaultModules.base ++ [
|
||||||
|
nixos-hardware.nixosModules.lenovo-legion-16arha7
|
||||||
|
./hosts/Shura
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
|
@ -1,39 +1,40 @@
|
||||||
{ pkgs, ... }: {
|
{ pkgs, ... }:
|
||||||
imports = [ ./hardware-configuration.nix ];
|
{
|
||||||
|
imports = [ ./hardware-configuration.nix ];
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
host = {
|
host = {
|
||||||
role = "workstation";
|
role = "workstation";
|
||||||
apps = {
|
apps = {
|
||||||
development.enable = true;
|
development.enable = true;
|
||||||
kdeconnect.enable = true;
|
kdeconnect.enable = true;
|
||||||
media.enable = true;
|
media.enable = true;
|
||||||
office.enable = true;
|
office.enable = true;
|
||||||
writing.enable = true;
|
writing.enable = true;
|
||||||
};
|
};
|
||||||
ui = {
|
ui = {
|
||||||
flatpak.enable = true;
|
flatpak.enable = true;
|
||||||
gnome.enable = true;
|
gnome.enable = true;
|
||||||
};
|
};
|
||||||
users = {
|
users = {
|
||||||
aires = {
|
aires = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autologin = true;
|
autologin = true;
|
||||||
services = {
|
services = {
|
||||||
syncthing = {
|
syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autostart = true;
|
autostart = true;
|
||||||
enableTray = false;
|
enableTray = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Configure the virtual machine created by nixos-rebuild build-vm
|
# Configure the virtual machine created by nixos-rebuild build-vm
|
||||||
virtualisation.vmVariant.virtualisation = {
|
virtualisation.vmVariant.virtualisation = {
|
||||||
memorySize = 2048;
|
memorySize = 2048;
|
||||||
cores = 2;
|
cores = 2;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,49 +1,62 @@
|
||||||
# Surface Laptop Go 1st gen
|
# Surface Laptop Go 1st gen
|
||||||
{ config, lib, pkgs, modulesPath, ... }: {
|
{
|
||||||
imports = [
|
config,
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
lib,
|
||||||
];
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
initrd = {
|
initrd = {
|
||||||
availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
|
availableKernelModules = [
|
||||||
kernelModules = [ ];
|
"xhci_pci"
|
||||||
luks.devices."luks-5a91100b-8ed9-4090-b1d8-d8291000fe38".device = "/dev/disk/by-uuid/5a91100b-8ed9-4090-b1d8-d8291000fe38";
|
"nvme"
|
||||||
};
|
"usb_storage"
|
||||||
|
"usbhid"
|
||||||
|
"sd_mod"
|
||||||
|
];
|
||||||
|
kernelModules = [ ];
|
||||||
|
luks.devices."luks-5a91100b-8ed9-4090-b1d8-d8291000fe38".device = "/dev/disk/by-uuid/5a91100b-8ed9-4090-b1d8-d8291000fe38";
|
||||||
|
};
|
||||||
|
|
||||||
kernelModules = [ "kvm-intel" ];
|
kernelModules = [ "kvm-intel" ];
|
||||||
extraModulePackages = [ ];
|
extraModulePackages = [ ];
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "/dev/disk/by-uuid/76d67291-5aed-4f2a-b71f-1c2871cefe24";
|
device = "/dev/disk/by-uuid/76d67291-5aed-4f2a-b71f-1c2871cefe24";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = [ "subvol=@,compress=zstd" ];
|
options = [ "subvol=@,compress=zstd" ];
|
||||||
};
|
};
|
||||||
"/boot" = {
|
"/boot" = {
|
||||||
device = "/dev/disk/by-uuid/0C53-A645";
|
device = "/dev/disk/by-uuid/0C53-A645";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [{
|
swapDevices = [
|
||||||
device = "/swapfile";
|
{
|
||||||
size = 4096;
|
device = "/swapfile";
|
||||||
}];
|
size = 4096;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
useDHCP = lib.mkDefault true;
|
useDHCP = lib.mkDefault true;
|
||||||
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
|
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
# Set the hostname.
|
# Set the hostname.
|
||||||
hostName = "Dimaga";
|
hostName = "Dimaga";
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,69 +1,73 @@
|
||||||
{ pkgs, home-manager, lib, config, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
home-manager,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
start-haven = pkgs.writeShellScriptBin "start-haven" (builtins.readFile ./start-haven.sh);
|
start-haven = pkgs.writeShellScriptBin "start-haven" (builtins.readFile ./start-haven.sh);
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ ./hardware-configuration.nix ];
|
imports = [ ./hardware-configuration.nix ];
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
system.autoUpgrade.enable = lib.mkForce false;
|
system.autoUpgrade.enable = lib.mkForce false;
|
||||||
|
|
||||||
host = {
|
host = {
|
||||||
role = "server";
|
role = "server";
|
||||||
apps.development.kubernetes.enable = true;
|
apps.development.kubernetes.enable = true;
|
||||||
services = {
|
services = {
|
||||||
apcupsd.enable = true;
|
apcupsd.enable = true;
|
||||||
duplicacy-web = {
|
duplicacy-web = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autostart = false;
|
autostart = false;
|
||||||
environment = "${config.users.users.aires.home}";
|
environment = "${config.users.users.aires.home}";
|
||||||
};
|
};
|
||||||
k3s = {
|
k3s = {
|
||||||
enable = true;
|
enable = true;
|
||||||
role = "server";
|
role = "server";
|
||||||
};
|
};
|
||||||
msmtp.enable = true;
|
msmtp.enable = true;
|
||||||
};
|
};
|
||||||
users = {
|
users = {
|
||||||
aires = {
|
aires = {
|
||||||
enable = true;
|
enable = true;
|
||||||
services = {
|
services = {
|
||||||
syncthing = {
|
syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autostart = false;
|
autostart = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
media.enable = true;
|
media.enable = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Enable SSH
|
# Enable SSH
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
ports = [ 33105 ];
|
ports = [ 33105 ];
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
# require public key authentication for better security
|
# require public key authentication for better security
|
||||||
PasswordAuthentication = false;
|
PasswordAuthentication = false;
|
||||||
KbdInteractiveAuthentication = false;
|
KbdInteractiveAuthentication = false;
|
||||||
PubkeyAuthentication = true;
|
PubkeyAuthentication = true;
|
||||||
|
|
||||||
PermitRootLogin = "without-password";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Enable mdadm and Sapana (RAID 5 primary storage)
|
PermitRootLogin = "without-password";
|
||||||
boot.swraid = {
|
};
|
||||||
enable = true;
|
};
|
||||||
# mdadmConf configured in nix-secrets
|
|
||||||
};
|
|
||||||
|
|
||||||
# Open port for OpenVPN
|
# Enable mdadm and Sapana (RAID 5 primary storage)
|
||||||
networking.firewall.allowedUDPPorts = [ 1194 ];
|
boot.swraid = {
|
||||||
|
enable = true;
|
||||||
|
# mdadmConf configured in nix-secrets
|
||||||
|
};
|
||||||
|
|
||||||
# Add script for booting Haven
|
# Open port for OpenVPN
|
||||||
environment.systemPackages = [
|
networking.firewall.allowedUDPPorts = [ 1194 ];
|
||||||
start-haven
|
|
||||||
];
|
# Add script for booting Haven
|
||||||
|
environment.systemPackages = [ start-haven ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,51 +1,67 @@
|
||||||
# Minisforum UM340
|
# Minisforum UM340
|
||||||
{ config, lib, pkgs, modulesPath, ... }: {
|
{
|
||||||
imports =
|
config,
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix") ];
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
supportedFilesystems = [ "btrfs" ];
|
supportedFilesystems = [ "btrfs" ];
|
||||||
kernelModules = [ "kvm-amd" ];
|
kernelModules = [ "kvm-amd" ];
|
||||||
extraModulePackages = [ ];
|
extraModulePackages = [ ];
|
||||||
|
|
||||||
initrd = {
|
initrd = {
|
||||||
supportedFilesystems = [ "btrfs" ];
|
supportedFilesystems = [ "btrfs" ];
|
||||||
availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "btrfs" ];
|
availableKernelModules = [
|
||||||
kernelModules = [ ];
|
"nvme"
|
||||||
};
|
"xhci_pci"
|
||||||
};
|
"ahci"
|
||||||
|
"usb_storage"
|
||||||
|
"usbhid"
|
||||||
|
"sd_mod"
|
||||||
|
"btrfs"
|
||||||
|
];
|
||||||
|
kernelModules = [ ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
|
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = [ "subvol=@,compress=zstd" ];
|
options = [ "subvol=@,compress=zstd" ];
|
||||||
};
|
};
|
||||||
"/home" = {
|
"/home" = {
|
||||||
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
|
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = [ "subvol=@home,compress=zstd" ];
|
options = [ "subvol=@home,compress=zstd" ];
|
||||||
};
|
};
|
||||||
"/swap" = {
|
"/swap" = {
|
||||||
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
|
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = [ "subvol=@swap" ];
|
options = [ "subvol=@swap" ];
|
||||||
};
|
};
|
||||||
"/boot" = {
|
"/boot" = {
|
||||||
device = "/dev/disk/by-uuid/0120-A755";
|
device = "/dev/disk/by-uuid/0120-A755";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [{
|
swapDevices = [
|
||||||
device = "/swap/swapfile";
|
{
|
||||||
size = 16384;
|
device = "/swap/swapfile";
|
||||||
}];
|
size = 16384;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
useDHCP = lib.mkDefault true;
|
useDHCP = lib.mkDefault true;
|
||||||
hostName = "Haven";
|
hostName = "Haven";
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,44 +1,45 @@
|
||||||
{ pkgs, lib, ... }: {
|
{ pkgs, lib, ... }:
|
||||||
imports = [ ./hardware-configuration.nix ];
|
{
|
||||||
|
imports = [ ./hardware-configuration.nix ];
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
system.autoUpgrade.enable = lib.mkForce false;
|
system.autoUpgrade.enable = lib.mkForce false;
|
||||||
|
|
||||||
host = {
|
host = {
|
||||||
role = "workstation";
|
role = "workstation";
|
||||||
apps = {
|
apps = {
|
||||||
development.enable = true;
|
development.enable = true;
|
||||||
kdeconnect.enable = true;
|
kdeconnect.enable = true;
|
||||||
media.enable = true;
|
media.enable = true;
|
||||||
office.enable = true;
|
office.enable = true;
|
||||||
social.enable = true;
|
social.enable = true;
|
||||||
writing.enable = true;
|
writing.enable = true;
|
||||||
};
|
};
|
||||||
ui = {
|
ui = {
|
||||||
flatpak.enable = true;
|
flatpak.enable = true;
|
||||||
gnome.enable = true;
|
gnome.enable = true;
|
||||||
};
|
};
|
||||||
users = {
|
users = {
|
||||||
aires = {
|
aires = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autologin = true;
|
autologin = true;
|
||||||
services = {
|
services = {
|
||||||
syncthing = {
|
syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autostart = true;
|
autostart = true;
|
||||||
enableTray = false;
|
enableTray = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Build remotely
|
# Build remotely
|
||||||
nix.distributedBuilds = true;
|
nix.distributedBuilds = true;
|
||||||
|
|
||||||
# Configure the virtual machine created by nixos-rebuild build-vm
|
# Configure the virtual machine created by nixos-rebuild build-vm
|
||||||
virtualisation.vmVariant.virtualisation = {
|
virtualisation.vmVariant.virtualisation = {
|
||||||
memorySize = 2048;
|
memorySize = 2048;
|
||||||
cores = 2;
|
cores = 2;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,56 +1,103 @@
|
||||||
# Surface Pro 9
|
# Surface Pro 9
|
||||||
{ config, lib, pkgs, modulesPath, ... }: {
|
{
|
||||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
initrd = {
|
initrd = {
|
||||||
availableKernelModules = [ "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "tpm_crb" "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "surface_kbd" "pinctrl_tigerlake" ];
|
availableKernelModules = [
|
||||||
kernelModules = [ "tpm_crb" "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "surface_hid" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "surface_kbd" "pinctrl_tigerlake" ];
|
"surface_aggregator"
|
||||||
|
"surface_aggregator_registry"
|
||||||
|
"surface_aggregator_hub"
|
||||||
|
"surface_hid_core"
|
||||||
|
"hid_multitouch"
|
||||||
|
"8250_dw"
|
||||||
|
"intel_lpss"
|
||||||
|
"intel_lpss_pci"
|
||||||
|
"tpm_crb"
|
||||||
|
"xhci_pci"
|
||||||
|
"thunderbolt"
|
||||||
|
"nvme"
|
||||||
|
"usb_storage"
|
||||||
|
"sd_mod"
|
||||||
|
"surface_kbd"
|
||||||
|
"pinctrl_tigerlake"
|
||||||
|
];
|
||||||
|
kernelModules = [
|
||||||
|
"tpm_crb"
|
||||||
|
"surface_aggregator"
|
||||||
|
"surface_aggregator_registry"
|
||||||
|
"surface_aggregator_hub"
|
||||||
|
"surface_hid_core"
|
||||||
|
"surface_hid"
|
||||||
|
"hid_multitouch"
|
||||||
|
"8250_dw"
|
||||||
|
"intel_lpss"
|
||||||
|
"intel_lpss_pci"
|
||||||
|
"surface_kbd"
|
||||||
|
"pinctrl_tigerlake"
|
||||||
|
];
|
||||||
|
|
||||||
luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = {
|
luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = {
|
||||||
device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1";
|
device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1";
|
||||||
crypttabExtraOpts = [ "tpm2-device=auto" ];
|
crypttabExtraOpts = [ "tpm2-device=auto" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
kernelModules = [ "kvm-intel" "tpm_crb" "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "surface_hid" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "surface_kbd" "pinctrl_tigerlake" ];
|
kernelModules = [
|
||||||
extraModulePackages = [ ];
|
"kvm-intel"
|
||||||
};
|
"tpm_crb"
|
||||||
|
"surface_aggregator"
|
||||||
|
"surface_aggregator_registry"
|
||||||
|
"surface_aggregator_hub"
|
||||||
|
"surface_hid_core"
|
||||||
|
"surface_hid"
|
||||||
|
"hid_multitouch"
|
||||||
|
"8250_dw"
|
||||||
|
"intel_lpss"
|
||||||
|
"intel_lpss_pci"
|
||||||
|
"surface_kbd"
|
||||||
|
"pinctrl_tigerlake"
|
||||||
|
];
|
||||||
|
extraModulePackages = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58";
|
device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = [ "subvol=@,compress=zstd" ];
|
options = [ "subvol=@,compress=zstd" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
"/boot" = {
|
"/boot" = {
|
||||||
device = "/dev/disk/by-uuid/DD2A-9C83";
|
device = "/dev/disk/by-uuid/DD2A-9C83";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [
|
swapDevices = [ { device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; } ];
|
||||||
{ device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; }
|
|
||||||
];
|
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
useDHCP = lib.mkDefault true;
|
useDHCP = lib.mkDefault true;
|
||||||
hostName = "Khanda";
|
hostName = "Khanda";
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
|
||||||
# Install/configure additional drivers, particularly for touch
|
# Install/configure additional drivers, particularly for touch
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ libwacom-surface ];
|
||||||
libwacom-surface
|
microsoft-surface = {
|
||||||
];
|
ipts.enable = true;
|
||||||
microsoft-surface = {
|
surface-control.enable = true;
|
||||||
ipts.enable = true;
|
};
|
||||||
surface-control.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
# FIXME: Use default kernel to avoid full kernel rebuilds
|
# NOTE: Use a default kernel to skip full kernel rebuilds
|
||||||
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,36 +1,37 @@
|
||||||
{ pkgs, lib, ... }: {
|
{ pkgs, lib, ... }:
|
||||||
imports = [ ./hardware-configuration.nix ];
|
{
|
||||||
|
imports = [ ./hardware-configuration.nix ];
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
host = {
|
host = {
|
||||||
role = "server";
|
role = "server";
|
||||||
users.aires.enable = true;
|
users.aires.enable = true;
|
||||||
boot.enable = false;
|
boot.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.hostName = "Pihole";
|
networking.hostName = "Pihole";
|
||||||
time.timeZone = "America/New_York";
|
time.timeZone = "America/New_York";
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
libraspberrypi
|
libraspberrypi
|
||||||
raspberrypifw
|
raspberrypifw
|
||||||
raspberrypi-eeprom
|
raspberrypi-eeprom
|
||||||
linuxKernel.kernels.linux_rpi4
|
linuxKernel.kernels.linux_rpi4
|
||||||
];
|
];
|
||||||
|
|
||||||
# Connect to the network automagically
|
# Connect to the network automagically
|
||||||
networking.networkmanager.enable = lib.mkForce false;
|
networking.networkmanager.enable = lib.mkForce false;
|
||||||
|
|
||||||
# Enable SSH
|
# Enable SSH
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
ports = [ 33105 ];
|
ports = [ 33105 ];
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
PasswordAuthentication = true;
|
PasswordAuthentication = true;
|
||||||
AllowUsers = ["aires"];
|
AllowUsers = [ "aires" ];
|
||||||
PermitRootLogin = "no";
|
PermitRootLogin = "no";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,42 +1,49 @@
|
||||||
# Raspberry Pi 4B
|
# Raspberry Pi 4B
|
||||||
# See https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4
|
# See https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4
|
||||||
{ config, lib, pkgs, modulesPath, nixos-hardware, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
nixos-hardware,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.loader = lib.mkForce {
|
boot.loader = lib.mkForce {
|
||||||
grub.enable = false;
|
grub.enable = false;
|
||||||
generic-extlinux-compatible.enable = true;
|
generic-extlinux-compatible.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
#boot.kernelParams = [
|
#boot.kernelParams = [
|
||||||
# "console=serial0,115200n8"
|
# "console=serial0,115200n8"
|
||||||
#];
|
#];
|
||||||
|
|
||||||
fileSystems ."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
|
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [{
|
swapDevices = [
|
||||||
device = "/swapfile";
|
{
|
||||||
size = 2048;
|
device = "/swapfile";
|
||||||
}];
|
size = 2048;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
networking.wireless.enable = true;
|
networking.wireless.enable = true;
|
||||||
|
|
||||||
hardware = {
|
hardware = {
|
||||||
raspberry-pi."4" = {
|
raspberry-pi."4" = {
|
||||||
apply-overlays-dtmerge.enable = true;
|
apply-overlays-dtmerge.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
deviceTree = {
|
deviceTree = {
|
||||||
enable = true;
|
enable = true;
|
||||||
filter = "*rpi-4-*.dtb";
|
filter = "*rpi-4-*.dtb";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,72 +1,83 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
# Copy bluetooth device configs
|
pkgs,
|
||||||
shure-aonic-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/shure-aonic-bluetooth-params);
|
lib,
|
||||||
xbox-elite-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/xbox-elite-controller-bluetooth-params);
|
...
|
||||||
mano-touchpad-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/mano-touchpad-bluetooth-params);
|
}:
|
||||||
|
let
|
||||||
|
# Copy bluetooth device configs
|
||||||
|
shure-aonic-bluetooth = pkgs.writeText "info" (
|
||||||
|
builtins.readFile ./bluetooth/shure-aonic-bluetooth-params
|
||||||
|
);
|
||||||
|
xbox-elite-bluetooth = pkgs.writeText "info" (
|
||||||
|
builtins.readFile ./bluetooth/xbox-elite-controller-bluetooth-params
|
||||||
|
);
|
||||||
|
mano-touchpad-bluetooth = pkgs.writeText "info" (
|
||||||
|
builtins.readFile ./bluetooth/mano-touchpad-bluetooth-params
|
||||||
|
);
|
||||||
|
|
||||||
# Use gremlin user's monitor configuration for GDM (desktop monitor primary). See https://discourse.nixos.org/t/gdm-monitor-configuration/6356/4
|
# Use gremlin user's monitor configuration for GDM (desktop monitor primary). See https://discourse.nixos.org/t/gdm-monitor-configuration/6356/4
|
||||||
monitorsXmlContent = builtins.readFile ./monitors.xml;
|
monitorsXmlContent = builtins.readFile ./monitors.xml;
|
||||||
monitorsConfig = pkgs.writeText "gdm_monitors.xml" monitorsXmlContent;
|
monitorsConfig = pkgs.writeText "gdm_monitors.xml" monitorsXmlContent;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ ./hardware-configuration.nix ];
|
imports = [ ./hardware-configuration.nix ];
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
host = {
|
host = {
|
||||||
role = "workstation";
|
role = "workstation";
|
||||||
apps = {
|
apps = {
|
||||||
development = {
|
development = {
|
||||||
enable = true;
|
enable = true;
|
||||||
kubernetes.enable = true;
|
kubernetes.enable = true;
|
||||||
};
|
};
|
||||||
dj.enable = true;
|
dj.enable = true;
|
||||||
gaming.enable = true;
|
gaming.enable = true;
|
||||||
kdeconnect.enable = true;
|
kdeconnect.enable = true;
|
||||||
media.enable = true;
|
media.enable = true;
|
||||||
office.enable = true;
|
office.enable = true;
|
||||||
recording.enable = true;
|
recording.enable = true;
|
||||||
social.enable = true;
|
social.enable = true;
|
||||||
writing.enable = true;
|
writing.enable = true;
|
||||||
};
|
};
|
||||||
ui = {
|
ui = {
|
||||||
flatpak.enable = true;
|
flatpak.enable = true;
|
||||||
gnome.enable = true;
|
gnome.enable = true;
|
||||||
};
|
};
|
||||||
users = {
|
users = {
|
||||||
aires = {
|
aires = {
|
||||||
enable = true;
|
enable = true;
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableTray = false; # Recent versions of STT don't recognize Gnome's tray. Uninstalling for now.
|
enableTray = false; # Recent versions of STT don't recognize Gnome's tray. Uninstalling for now.
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
gremlin = {
|
gremlin = {
|
||||||
enable = true;
|
enable = true;
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableTray = false;
|
enableTray = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Move files into target system
|
# Move files into target system
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
# Use gremlin user's monitor config for GDM (defined above)
|
# Use gremlin user's monitor config for GDM (defined above)
|
||||||
"L+ /run/gdm/.config/monitors.xml - - - - ${monitorsConfig}"
|
"L+ /run/gdm/.config/monitors.xml - - - - ${monitorsConfig}"
|
||||||
|
|
||||||
# Install Bluetooth device profiles
|
# Install Bluetooth device profiles
|
||||||
"d /var/lib/bluetooth/AC:50:DE:9F:AB:88/ 0700 root root" # First, make sure the directory exists
|
"d /var/lib/bluetooth/AC:50:DE:9F:AB:88/ 0700 root root" # First, make sure the directory exists
|
||||||
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/00:0E:DD:72:2F:0C/info - - - - ${shure-aonic-bluetooth}"
|
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/00:0E:DD:72:2F:0C/info - - - - ${shure-aonic-bluetooth}"
|
||||||
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F4:6A:D7:3A:16:75/info - - - - ${xbox-elite-bluetooth}"
|
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F4:6A:D7:3A:16:75/info - - - - ${xbox-elite-bluetooth}"
|
||||||
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F8:5D:3C:7D:9A:00/info - - - - ${mano-touchpad-bluetooth}"
|
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F8:5D:3C:7D:9A:00/info - - - - ${mano-touchpad-bluetooth}"
|
||||||
];
|
];
|
||||||
|
|
||||||
# Configure the virtual machine created by nixos-rebuild build-vm
|
# Configure the virtual machine created by nixos-rebuild build-vm
|
||||||
virtualisation.vmVariant.virtualisation = {
|
virtualisation.vmVariant.virtualisation = {
|
||||||
memorySize = 4096;
|
memorySize = 4096;
|
||||||
cores = 4;
|
cores = 4;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,68 +1,89 @@
|
||||||
# Lenovo Legion Slim 7 Gen 7 AMD (16ARHA7)
|
# Lenovo Legion Slim 7 Gen 7 AMD (16ARHA7)
|
||||||
{ config, lib, pkgs, modulesPath, ... }: {
|
{
|
||||||
imports = [
|
config,
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
lib,
|
||||||
];
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
# Configure the kernel.
|
# Configure the kernel.
|
||||||
boot = {
|
boot = {
|
||||||
# First, install the latest Zen kernel
|
# First, install the latest Zen kernel
|
||||||
kernelPackages = pkgs.linuxPackages_zen;
|
kernelPackages = pkgs.linuxPackages_zen;
|
||||||
|
|
||||||
# Hardware defaults detected by nixos-generate-configuration
|
# Hardware defaults detected by nixos-generate-configuration
|
||||||
initrd = {
|
initrd = {
|
||||||
# SystemD in the initrd is required for TPM auto-unlocking.
|
# SystemD in the initrd is required for TPM auto-unlocking.
|
||||||
# See https://discourse.nixos.org/t/full-disk-encryption-tpm2/29454/2
|
# See https://discourse.nixos.org/t/full-disk-encryption-tpm2/29454/2
|
||||||
# If the LUKS volume is recently created, run this command to bind it to the TPM:
|
# If the LUKS volume is recently created, run this command to bind it to the TPM:
|
||||||
# sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/<device>
|
# sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/<device>
|
||||||
systemd.enable = true;
|
systemd.enable = true;
|
||||||
|
|
||||||
availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" "tpm_crb" ];
|
availableKernelModules = [
|
||||||
kernelModules = [ "amdgpu" "tpm_crb" ];
|
"nvme"
|
||||||
luks.devices."luks-bcf67e34-339e-40b9-8ffd-bec8f7f55248" = {
|
"xhci_pci"
|
||||||
device = "/dev/disk/by-uuid/bcf67e34-339e-40b9-8ffd-bec8f7f55248";
|
"usbhid"
|
||||||
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking
|
"usb_storage"
|
||||||
};
|
"sd_mod"
|
||||||
};
|
"rtsx_pci_sdmmc"
|
||||||
|
"tpm_crb"
|
||||||
kernelModules = [ "kvm-amd" ];
|
];
|
||||||
};
|
kernelModules = [
|
||||||
|
"amdgpu"
|
||||||
|
"tpm_crb"
|
||||||
|
];
|
||||||
|
luks.devices."luks-bcf67e34-339e-40b9-8ffd-bec8f7f55248" = {
|
||||||
|
device = "/dev/disk/by-uuid/bcf67e34-339e-40b9-8ffd-bec8f7f55248";
|
||||||
|
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
fileSystems = {
|
kernelModules = [ "kvm-amd" ];
|
||||||
"/" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
|
};
|
||||||
fsType = "btrfs";
|
|
||||||
options = [ "subvol=@,compress=zstd" ];
|
|
||||||
};
|
|
||||||
"/home" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
|
|
||||||
fsType = "btrfs";
|
|
||||||
options = [ "subvol=@home,compress=zstd" ];
|
|
||||||
};
|
|
||||||
"/swap" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
|
|
||||||
fsType = "btrfs";
|
|
||||||
options = [ "subvol=@swap" ];
|
|
||||||
};
|
|
||||||
"/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/AFCB-D880";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [{
|
fileSystems = {
|
||||||
device = "/swap/swapfile";
|
"/" = {
|
||||||
size = 16384;
|
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
|
||||||
}];
|
fsType = "btrfs";
|
||||||
|
options = [ "subvol=@,compress=zstd" ];
|
||||||
|
};
|
||||||
|
"/home" = {
|
||||||
|
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [ "subvol=@home,compress=zstd" ];
|
||||||
|
};
|
||||||
|
"/swap" = {
|
||||||
|
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [ "subvol=@swap" ];
|
||||||
|
};
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/AFCB-D880";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
networking = {
|
swapDevices = [
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
{
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
device = "/swap/swapfile";
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
size = 16384;
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
}
|
||||||
useDHCP = lib.mkDefault true;
|
];
|
||||||
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
# Set the hostname.
|
networking = {
|
||||||
hostName = "Shura";
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
};
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
# Set the hostname.
|
||||||
|
hostName = "Shura";
|
||||||
|
};
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,16 @@
|
||||||
{ lib, pkgs, ... }:
|
{ lib, pkgs, ... }:
|
||||||
let
|
let
|
||||||
# Fetch secrets
|
# Fetch secrets
|
||||||
# IMPORTANT: Make sure this repo exists on the filesystem first!
|
# IMPORTANT: Make sure this repo exists on the filesystem first!
|
||||||
nix-secrets = builtins.fetchGit {
|
nix-secrets = builtins.fetchGit {
|
||||||
url = "/home/aires/Development/nix-configuration/nix-secrets";
|
url = "/home/aires/Development/nix-configuration/nix-secrets";
|
||||||
ref = "main";
|
ref = "main";
|
||||||
rev = "55fc814d477d956ab885e157f24c2d43f433dc7a";
|
rev = "55fc814d477d956ab885e157f24c2d43f433dc7a";
|
||||||
};
|
};
|
||||||
in{
|
in
|
||||||
imports = [
|
{
|
||||||
"${nix-secrets}/default.nix"
|
imports = [
|
||||||
../modules/autoimport.nix
|
"${nix-secrets}/default.nix"
|
||||||
];
|
../modules/autoimport.nix
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,36 +1,41 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.development;
|
cfg = config.host.apps.development;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.development = {
|
host.apps.development = {
|
||||||
enable = mkEnableOption (mdDoc "Enables development tools");
|
enable = mkEnableOption (mdDoc "Enables development tools");
|
||||||
kubernetes.enable = mkEnableOption (mdDoc "Enables kubectl, virtctl, and similar tools.");
|
kubernetes.enable = mkEnableOption (mdDoc "Enables kubectl, virtctl, and similar tools.");
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkMerge [
|
config = mkMerge [
|
||||||
(mkIf cfg.enable {
|
(mkIf cfg.enable {
|
||||||
host.ui.flatpak.enable = true;
|
host.ui.flatpak.enable = true;
|
||||||
|
|
||||||
services.flatpak.packages = [
|
services.flatpak.packages = [
|
||||||
"com.vscodium.codium"
|
"com.vscodium.codium"
|
||||||
"dev.k8slens.OpenLens"
|
"dev.k8slens.OpenLens"
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
statix # Nix linting tool
|
statix # Nix linting tool
|
||||||
];
|
];
|
||||||
})
|
})
|
||||||
(mkIf cfg.kubernetes.enable {
|
(mkIf cfg.kubernetes.enable {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
kubectl
|
kubectl
|
||||||
kubernetes-helm
|
kubernetes-helm
|
||||||
kubevirt # Virtctl command-line tool
|
kubevirt # Virtctl command-line tool
|
||||||
];
|
];
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,19 +1,17 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.dj;
|
cfg = config.host.apps.dj;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.dj.enable = mkEnableOption (mdDoc "Enables DJing tools (i.e. Mixxx)");
|
host.apps.dj.enable = mkEnableOption (mdDoc "Enables DJing tools (i.e. Mixxx)");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
host.ui.flatpak.enable = true;
|
host.ui.flatpak.enable = true;
|
||||||
|
|
||||||
services.flatpak.packages = [
|
services.flatpak.packages = [ "org.mixxx.Mixxx" ];
|
||||||
"org.mixxx.Mixxx"
|
};
|
||||||
];
|
}
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,27 +1,32 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
# Gaming-related settings
|
# Gaming-related settings
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.gaming;
|
cfg = config.host.apps.gaming;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.gaming.enable = mkEnableOption (mdDoc "Enables gaming features");
|
host.apps.gaming.enable = mkEnableOption (mdDoc "Enables gaming features");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
host.ui.flatpak.enable = true;
|
host.ui.flatpak.enable = true;
|
||||||
services.flatpak.packages = [
|
services.flatpak.packages = [
|
||||||
"gg.minion.Minion"
|
"gg.minion.Minion"
|
||||||
"com.valvesoftware.Steam"
|
"com.valvesoftware.Steam"
|
||||||
"org.firestormviewer.FirestormViewer"
|
"org.firestormviewer.FirestormViewer"
|
||||||
];
|
];
|
||||||
|
|
||||||
# Enable Xbox controller driver (XPadNeo)
|
# Enable Xbox controller driver (XPadNeo)
|
||||||
boot = {
|
boot = {
|
||||||
extraModulePackages = with config.boot.kernelPackages; [ xpadneo ];
|
extraModulePackages = with config.boot.kernelPackages; [ xpadneo ];
|
||||||
kernelModules = [ "hid_xpadneo" ];
|
kernelModules = [ "hid_xpadneo" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,22 +1,35 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.kdeconnect;
|
cfg = config.host.apps.kdeconnect;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.kdeconnect.enable = mkEnableOption (mdDoc "Enables KDE Connect");
|
host.apps.kdeconnect.enable = mkEnableOption (mdDoc "Enables KDE Connect");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ gnomeExtensions.gsconnect ];
|
||||||
gnomeExtensions.gsconnect
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
|
allowedTCPPortRanges = [
|
||||||
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
|
{
|
||||||
};
|
from = 1714;
|
||||||
};
|
to = 1764;
|
||||||
}
|
}
|
||||||
|
];
|
||||||
|
allowedUDPPortRanges = [
|
||||||
|
{
|
||||||
|
from = 1714;
|
||||||
|
to = 1764;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
|
@ -1,28 +1,28 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.media;
|
cfg = config.host.apps.media;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.media.enable = mkEnableOption (mdDoc "Enables media playback and editing apps");
|
host.apps.media.enable = mkEnableOption (mdDoc "Enables media playback and editing apps");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
host.ui.flatpak.enable = true;
|
host.ui.flatpak.enable = true;
|
||||||
|
|
||||||
services.flatpak = {
|
services.flatpak = {
|
||||||
packages = [
|
packages = [
|
||||||
"com.calibre_ebook.calibre"
|
"com.calibre_ebook.calibre"
|
||||||
"com.github.unrud.VideoDownloader"
|
"com.github.unrud.VideoDownloader"
|
||||||
"io.github.celluloid_player.Celluloid"
|
"io.github.celluloid_player.Celluloid"
|
||||||
"org.kde.krita"
|
"org.kde.krita"
|
||||||
"org.kde.KStyle.Adwaita//5.15-23.08" # Retrieved from https://docs.flatpak.org/en/latest/desktop-integration.html
|
"org.kde.KStyle.Adwaita//5.15-23.08" # Retrieved from https://docs.flatpak.org/en/latest/desktop-integration.html
|
||||||
"org.kde.KStyle.Adwaita//6.6"
|
"org.kde.KStyle.Adwaita//6.6"
|
||||||
"org.kde.WaylandDecoration.QAdwaitaDecorations//5.15-23.08" # Replaced deprecated QGnomePlatform https://wiki.archlinux.org/title/Uniform_look_for_Qt_and_GTK_applications
|
"org.kde.WaylandDecoration.QAdwaitaDecorations//5.15-23.08" # Replaced deprecated QGnomePlatform https://wiki.archlinux.org/title/Uniform_look_for_Qt_and_GTK_applications
|
||||||
"org.kde.WaylandDecoration.QAdwaitaDecorations//6.6"
|
"org.kde.WaylandDecoration.QAdwaitaDecorations//6.6"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,20 +1,20 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.office;
|
cfg = config.host.apps.office;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.office.enable = mkEnableOption (mdDoc "Enables office and workstation apps");
|
host.apps.office.enable = mkEnableOption (mdDoc "Enables office and workstation apps");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
host.ui.flatpak.enable = true;
|
host.ui.flatpak.enable = true;
|
||||||
|
|
||||||
services.flatpak.packages = [
|
services.flatpak.packages = [
|
||||||
"org.libreoffice.LibreOffice"
|
"org.libreoffice.LibreOffice"
|
||||||
"us.zoom.Zoom"
|
"us.zoom.Zoom"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,36 +1,36 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.recording;
|
cfg = config.host.apps.recording;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.recording.enable = mkEnableOption (mdDoc "Enables video editing tools");
|
host.apps.recording.enable = mkEnableOption (mdDoc "Enables video editing tools");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
host.ui.flatpak.enable = true;
|
host.ui.flatpak.enable = true;
|
||||||
|
|
||||||
services.flatpak = {
|
services.flatpak = {
|
||||||
packages = [
|
packages = [
|
||||||
"com.obsproject.Studio"
|
"com.obsproject.Studio"
|
||||||
"com.obsproject.Studio.Plugin.DroidCam"
|
"com.obsproject.Studio.Plugin.DroidCam"
|
||||||
"org.kde.kdenlive"
|
"org.kde.kdenlive"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Add a virtual camera to use with Droidcam
|
# Add a virtual camera to use with Droidcam
|
||||||
boot = {
|
boot = {
|
||||||
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback.out ];
|
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback.out ];
|
||||||
kernelModules = [ "v4l2loopback" ];
|
kernelModules = [ "v4l2loopback" ];
|
||||||
# Note on v4l2loopback kernel module parameters:
|
# Note on v4l2loopback kernel module parameters:
|
||||||
# exclusive_caps: Skype, Zoom, Teams etc. will only show device when actually streaming. This MUST be set to 1 for Chrome to detect virtual cameras.
|
# exclusive_caps: Skype, Zoom, Teams etc. will only show device when actually streaming. This MUST be set to 1 for Chrome to detect virtual cameras.
|
||||||
# card_label: Name of virtual camera, how it'll show up in Skype, Zoom, Teams
|
# card_label: Name of virtual camera, how it'll show up in Skype, Zoom, Teams
|
||||||
# https://github.com/umlaeute/v4l2loopback
|
# https://github.com/umlaeute/v4l2loopback
|
||||||
extraModprobeConfig = ''
|
extraModprobeConfig = ''
|
||||||
options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
|
options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,24 +1,27 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.social;
|
cfg = config.host.apps.social;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.social.enable = mkEnableOption (mdDoc "Enables chat apps");
|
host.apps.social.enable = mkEnableOption (mdDoc "Enables chat apps");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
# Check Beeper Flatpak status here: https://github.com/daegalus/beeper-flatpak-wip/issues/1
|
# Check Beeper Flatpak status here: https://github.com/daegalus/beeper-flatpak-wip/issues/1
|
||||||
beeper
|
beeper
|
||||||
];
|
];
|
||||||
|
|
||||||
host.ui.flatpak.enable = true;
|
host.ui.flatpak.enable = true;
|
||||||
services.flatpak.packages = [
|
services.flatpak.packages = [ "com.discordapp.Discord" ];
|
||||||
"com.discordapp.Discord"
|
};
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,19 +1,24 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.tmux;
|
cfg = config.host.apps.tmux;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.tmux.enable = mkEnableOption (mdDoc "Enables tmux - terminal multiplexer");
|
host.apps.tmux.enable = mkEnableOption (mdDoc "Enables tmux - terminal multiplexer");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
programs.tmux = {
|
programs.tmux = {
|
||||||
enable = true;
|
enable = true;
|
||||||
newSession = true;
|
newSession = true;
|
||||||
clock24 = true;
|
clock24 = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,29 +1,34 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.apps.writing;
|
cfg = config.host.apps.writing;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.apps.writing.enable = mkEnableOption (mdDoc "Enables writing and editing tools");
|
host.apps.writing.enable = mkEnableOption (mdDoc "Enables writing and editing tools");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Install packages for building ebooks
|
# Install packages for building ebooks
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
haskellPackages.pandoc
|
haskellPackages.pandoc
|
||||||
haskellPackages.pandoc-cli
|
haskellPackages.pandoc-cli
|
||||||
haskellPackages.pandoc-crossref
|
haskellPackages.pandoc-crossref
|
||||||
texliveSmall
|
texliveSmall
|
||||||
];
|
];
|
||||||
|
|
||||||
# Spelling and grammer checking: hosted on localhost:8081
|
# Spelling and grammer checking: hosted on localhost:8081
|
||||||
services.languagetool = {
|
services.languagetool = {
|
||||||
enable = true;
|
enable = true;
|
||||||
port = 8090;
|
port = 8090;
|
||||||
public = false;
|
public = false;
|
||||||
allowOrigin = "*";
|
allowOrigin = "*";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,24 +3,27 @@
|
||||||
{ lib, ... }:
|
{ lib, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
|
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
|
||||||
getDir = dir: mapAttrs
|
getDir =
|
||||||
(file: type:
|
dir:
|
||||||
if type == "directory" then getDir "${dir}/${file}" else type
|
mapAttrs (file: type: if type == "directory" then getDir "${dir}/${file}" else type) (
|
||||||
)
|
builtins.readDir dir
|
||||||
(builtins.readDir dir);
|
);
|
||||||
|
|
||||||
# Collects all files of a directory as a list of strings of paths
|
# Collects all files of a directory as a list of strings of paths
|
||||||
files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
|
files =
|
||||||
|
dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
|
||||||
|
|
||||||
# Filters out directories that belong to home-manager, and don't end with .nix or are this file.
|
# Filters out directories that belong to home-manager, and don't end with .nix or are this file.
|
||||||
# Also, make the strings absolute
|
# Also, make the strings absolute
|
||||||
validFiles = dir: map
|
validFiles =
|
||||||
(file: ./. + "/${file}")
|
dir:
|
||||||
(filter
|
map (file: ./. + "/${file}") (
|
||||||
(file: ! hasInfix "home-manager" file && file != "autoimport.nix" && hasSuffix ".nix" file)
|
filter (file: !hasInfix "home-manager" file && file != "autoimport.nix" && hasSuffix ".nix" file) (
|
||||||
(files dir));
|
files dir
|
||||||
|
)
|
||||||
|
);
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = validFiles ./.;
|
imports = validFiles ./.;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,34 +1,37 @@
|
||||||
{ lib, config, pkgs, ... }:
|
{
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.ui.bluetooth;
|
cfg = config.host.ui.bluetooth;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
host.ui.bluetooth = {
|
host.ui.bluetooth = {
|
||||||
enable = mkEnableOption (mdDoc "Enables bluetooth");
|
enable = mkEnableOption (mdDoc "Enables bluetooth");
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Set up Bluetooth
|
# Set up Bluetooth
|
||||||
hardware.bluetooth = {
|
hardware.bluetooth = {
|
||||||
enable = true;
|
enable = true;
|
||||||
powerOnBoot = true;
|
powerOnBoot = true;
|
||||||
settings = {
|
settings = {
|
||||||
General = {
|
General = {
|
||||||
Enable = "Source,Sink,Media,Socket";
|
Enable = "Source,Sink,Media,Socket";
|
||||||
Experimental = true;
|
Experimental = true;
|
||||||
KernelExperimental = true;
|
KernelExperimental = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Add Bluetooth LE audio support
|
# Add Bluetooth LE audio support
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ liblc3 ];
|
||||||
liblc3
|
};
|
||||||
];
|
}
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,62 +1,67 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
# Bootloader
|
# Bootloader
|
||||||
let
|
let
|
||||||
cfg = config.host.boot;
|
cfg = config.host.boot;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
host.boot = {
|
host.boot = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
description = "Automatically configures the bootloader. Set to false to configure manually.";
|
description = "Automatically configures the bootloader. Set to false to configure manually.";
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = true;
|
default = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
secureboot.enable = mkOption {
|
|
||||||
description = "Enables Secureboot";
|
|
||||||
type = types.bool;
|
|
||||||
default = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf cfg.enable (mkMerge[
|
secureboot.enable = mkOption {
|
||||||
(mkIf cfg.secureboot.enable {
|
description = "Enables Secureboot";
|
||||||
boot = {
|
type = types.bool;
|
||||||
# Enable Secure Boot
|
default = true;
|
||||||
bootspec.enable = true;
|
};
|
||||||
|
};
|
||||||
# Disable systemd-boot. We lanzaboote now.
|
};
|
||||||
loader.systemd-boot.enable = false;
|
|
||||||
loader.efi.canTouchEfiVariables = true;
|
|
||||||
lanzaboote = {
|
|
||||||
enable = true;
|
|
||||||
pkiBundle = "/etc/secureboot";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Increase bootloader font size
|
config = mkIf cfg.enable (mkMerge [
|
||||||
lanzaboote.settings.console-mode = "auto";
|
(mkIf cfg.secureboot.enable {
|
||||||
};
|
boot = {
|
||||||
|
# Enable Secure Boot
|
||||||
|
bootspec.enable = true;
|
||||||
|
|
||||||
# Set up TPM. See https://nixos.wiki/wiki/TPM
|
# Disable systemd-boot. We lanzaboote now.
|
||||||
# After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module
|
loader.systemd-boot.enable = false;
|
||||||
environment.systemPackages = with pkgs; [ tpm2-tss ];
|
loader.efi.canTouchEfiVariables = true;
|
||||||
security.tpm2 = {
|
lanzaboote = {
|
||||||
enable = true;
|
enable = true;
|
||||||
pkcs11.enable = true;
|
pkiBundle = "/etc/secureboot";
|
||||||
tctiEnvironment.enable = true;
|
};
|
||||||
};
|
|
||||||
})
|
|
||||||
|
|
||||||
# Plain boot
|
# Increase bootloader font size
|
||||||
(mkIf (!cfg.secureboot.enable) {
|
lanzaboote.settings.console-mode = "auto";
|
||||||
boot = {
|
};
|
||||||
loader.systemd-boot.enable = true;
|
|
||||||
loader.efi.canTouchEfiVariables = true;
|
# Set up TPM. See https://nixos.wiki/wiki/TPM
|
||||||
};
|
# After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module
|
||||||
})
|
environment.systemPackages = with pkgs; [ tpm2-tss ];
|
||||||
]);
|
security.tpm2 = {
|
||||||
|
enable = true;
|
||||||
|
pkcs11.enable = true;
|
||||||
|
tctiEnvironment.enable = true;
|
||||||
|
};
|
||||||
|
})
|
||||||
|
|
||||||
|
# Plain boot
|
||||||
|
(mkIf (!cfg.secureboot.enable) {
|
||||||
|
boot = {
|
||||||
|
loader.systemd-boot.enable = true;
|
||||||
|
loader.efi.canTouchEfiVariables = true;
|
||||||
|
};
|
||||||
|
})
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
_: {
|
_: {
|
||||||
networking = {
|
networking = {
|
||||||
# Enable networking via NetworkManager
|
# Enable networking via NetworkManager
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
|
|
||||||
# Enable firewall
|
# Enable firewall
|
||||||
nftables.enable = true;
|
nftables.enable = true;
|
||||||
firewall.enable = true;
|
firewall.enable = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,45 +1,57 @@
|
||||||
# Nix configuration
|
# Nix configuration
|
||||||
{ pkgs, config, lib, inputs, ... }: {
|
{
|
||||||
nix = {
|
pkgs,
|
||||||
settings = {
|
config,
|
||||||
# Enable Flakes
|
lib,
|
||||||
experimental-features = [ "nix-command" "flakes" ];
|
inputs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
|
nix = {
|
||||||
|
settings = {
|
||||||
|
# Enable Flakes
|
||||||
|
experimental-features = [
|
||||||
|
"nix-command"
|
||||||
|
"flakes"
|
||||||
|
];
|
||||||
|
|
||||||
# Use Lix instead of Nix
|
# Use Lix instead of Nix
|
||||||
extra-substituters = [ "https://cache.lix.systems" ];
|
extra-substituters = [ "https://cache.lix.systems" ];
|
||||||
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
|
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
|
||||||
|
|
||||||
# Avoid signature verification messages when doing remote builds
|
# Avoid signature verification messages when doing remote builds
|
||||||
trusted-users = [ "${config.users.users.aires.name}" ];
|
trusted-users = [ "${config.users.users.aires.name}" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Enable periodic nix store optimization
|
# Enable periodic nix store optimization
|
||||||
optimise.automatic = true;
|
optimise.automatic = true;
|
||||||
|
|
||||||
# Configure NixOS to use the same software channel as Flakes
|
# Configure NixOS to use the same software channel as Flakes
|
||||||
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
|
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
|
||||||
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
|
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
|
||||||
|
|
||||||
# Configure remote build machines (mainly Haven)
|
# Configure remote build machines (mainly Haven)
|
||||||
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
|
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
|
||||||
buildMachines = [{
|
buildMachines = [
|
||||||
hostName = "haven";
|
{
|
||||||
systems = [
|
hostName = "haven";
|
||||||
"x86_64-linux"
|
systems = [
|
||||||
"aarch64-linux"
|
"x86_64-linux"
|
||||||
];
|
"aarch64-linux"
|
||||||
protocol = "ssh-ng";
|
];
|
||||||
supportedFeatures = [
|
protocol = "ssh-ng";
|
||||||
"nixos-test"
|
supportedFeatures = [
|
||||||
"kvm"
|
"nixos-test"
|
||||||
"benchmark"
|
"kvm"
|
||||||
"big-parllel"
|
"benchmark"
|
||||||
];
|
"big-parllel"
|
||||||
}];
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
# When using a builder, use its package store
|
# When using a builder, use its package store
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
builders-use-substitutes = true
|
builders-use-substitutes = true
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,29 +1,30 @@
|
||||||
# Set up program defaults
|
# Set up program defaults
|
||||||
{ config, ... }: {
|
{ config, ... }:
|
||||||
# Set up base apps
|
{
|
||||||
programs = {
|
# Set up base apps
|
||||||
direnv.enable = true;
|
programs = {
|
||||||
|
direnv.enable = true;
|
||||||
|
|
||||||
nano = {
|
nano = {
|
||||||
enable = true;
|
enable = true;
|
||||||
syntaxHighlight = true;
|
syntaxHighlight = true;
|
||||||
nanorc = ''
|
nanorc = ''
|
||||||
set linenumbers
|
set linenumbers
|
||||||
set tabsize 4
|
set tabsize 4
|
||||||
set softwrap
|
set softwrap
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
nh = {
|
nh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
flake = "${config.users.users.aires.home}/Development/nix-configuration";
|
flake = "${config.users.users.aires.home}/Development/nix-configuration";
|
||||||
|
|
||||||
# Alternative garbage collection system to nix.gc.automatic
|
# Alternative garbage collection system to nix.gc.automatic
|
||||||
clean = {
|
clean = {
|
||||||
enable = true;
|
enable = true;
|
||||||
dates = "daily";
|
dates = "daily";
|
||||||
extraArgs = "--keep-since 7d --keep 10"; # Keep the last 10 entries
|
extraArgs = "--keep-since 7d --keep 10"; # Keep the last 10 entries
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
# Install ZSH for all users
|
# Install ZSH for all users
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
users.defaultUserShell = pkgs.zsh;
|
users.defaultUserShell = pkgs.zsh;
|
||||||
|
|
||||||
# Show a neat system statistics screen when opening a terminal
|
# Show a neat system statistics screen when opening a terminal
|
||||||
environment.systemPackages = with pkgs; [ fastfetch ];
|
environment.systemPackages = with pkgs; [ fastfetch ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,54 +1,55 @@
|
||||||
# System options
|
# System options
|
||||||
{ pkgs, config, ... }: {
|
{ pkgs, config, ... }:
|
||||||
# Set up the environment
|
{
|
||||||
environment = {
|
# Set up the environment
|
||||||
# Install base packages
|
environment = {
|
||||||
systemPackages = with pkgs; [
|
# Install base packages
|
||||||
bash
|
systemPackages = with pkgs; [
|
||||||
dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113
|
bash
|
||||||
direnv
|
dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113
|
||||||
git
|
direnv
|
||||||
home-manager
|
git
|
||||||
nano
|
home-manager
|
||||||
p7zip
|
nano
|
||||||
fastfetch
|
p7zip
|
||||||
nh # Nix Helper: https://github.com/viperML/nh
|
fastfetch
|
||||||
];
|
nh # Nix Helper: https://github.com/viperML/nh
|
||||||
|
];
|
||||||
|
|
||||||
variables = {
|
variables = {
|
||||||
EDITOR = "nano"; # Set default editor to nano
|
EDITOR = "nano"; # Set default editor to nano
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Configure automatic updates
|
# Configure automatic updates
|
||||||
system.autoUpgrade = {
|
system.autoUpgrade = {
|
||||||
enable = true;
|
enable = true;
|
||||||
flake = "${config.users.users.aires.home}/Development/nix-configuration";
|
flake = "${config.users.users.aires.home}/Development/nix-configuration";
|
||||||
dates = "daily";
|
dates = "daily";
|
||||||
allowReboot = false;
|
allowReboot = false;
|
||||||
operation = "boot"; # Don't switch, just create a boot entry
|
operation = "boot"; # Don't switch, just create a boot entry
|
||||||
};
|
};
|
||||||
|
|
||||||
# Enable fwupd (firmware updater)
|
# Enable fwupd (firmware updater)
|
||||||
services.fwupd.enable = true;
|
services.fwupd.enable = true;
|
||||||
|
|
||||||
# Set your time zone.
|
# Set your time zone.
|
||||||
time.timeZone = "America/New_York";
|
time.timeZone = "America/New_York";
|
||||||
|
|
||||||
# Select internationalisation properties.
|
# Select internationalisation properties.
|
||||||
i18n = {
|
i18n = {
|
||||||
defaultLocale = "en_US.UTF-8";
|
defaultLocale = "en_US.UTF-8";
|
||||||
|
|
||||||
extraLocaleSettings = {
|
extraLocaleSettings = {
|
||||||
LC_ADDRESS = "en_US.UTF-8";
|
LC_ADDRESS = "en_US.UTF-8";
|
||||||
LC_IDENTIFICATION = "en_US.UTF-8";
|
LC_IDENTIFICATION = "en_US.UTF-8";
|
||||||
LC_MEASUREMENT = "en_US.UTF-8";
|
LC_MEASUREMENT = "en_US.UTF-8";
|
||||||
LC_MONETARY = "en_US.UTF-8";
|
LC_MONETARY = "en_US.UTF-8";
|
||||||
LC_NAME = "en_US.UTF-8";
|
LC_NAME = "en_US.UTF-8";
|
||||||
LC_NUMERIC = "en_US.UTF-8";
|
LC_NUMERIC = "en_US.UTF-8";
|
||||||
LC_PAPER = "en_US.UTF-8";
|
LC_PAPER = "en_US.UTF-8";
|
||||||
LC_TELEPHONE = "en_US.UTF-8";
|
LC_TELEPHONE = "en_US.UTF-8";
|
||||||
LC_TIME = "en_US.UTF-8";
|
LC_TIME = "en_US.UTF-8";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
{lib, ...}:
|
{ lib, ... }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.role = mkOption {
|
host.role = mkOption {
|
||||||
type = types.enum [
|
type = types.enum [
|
||||||
"server"
|
"server"
|
||||||
"workstation"
|
"workstation"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,16 +1,22 @@
|
||||||
{ config, lib, modulesPath, pkgs, ... }:
|
|
||||||
let
|
|
||||||
inherit (config.host) role;
|
|
||||||
in
|
|
||||||
with lib;
|
|
||||||
{
|
{
|
||||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
config,
|
||||||
|
lib,
|
||||||
|
modulesPath,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
inherit (config.host) role;
|
||||||
|
in
|
||||||
|
with lib;
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
config = mkIf (role == "server") {
|
config = mkIf (role == "server") {
|
||||||
host.apps.tmux.enable = true;
|
host.apps.tmux.enable = true;
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
htop
|
htop
|
||||||
mdadm
|
mdadm
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,31 +1,35 @@
|
||||||
{ config, lib, modulesPath, pkgs, ... }:
|
|
||||||
let
|
|
||||||
inherit (config.host) role;
|
|
||||||
in
|
|
||||||
with lib;
|
|
||||||
{
|
{
|
||||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
config,
|
||||||
|
lib,
|
||||||
|
modulesPath,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
inherit (config.host) role;
|
||||||
|
in
|
||||||
|
with lib;
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
config = mkIf (role == "workstation") {
|
config = mkIf (role == "workstation") {
|
||||||
host.ui = {
|
host.ui = {
|
||||||
audio.enable = true;
|
audio.enable = true;
|
||||||
bluetooth.enable = true;
|
bluetooth.enable = true;
|
||||||
gnome.enable = true;
|
gnome.enable = true;
|
||||||
flatpak.enable = true;
|
flatpak.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
# Enable Plymouth
|
# Enable Plymouth
|
||||||
plymouth.enable = true;
|
plymouth.enable = true;
|
||||||
plymouth.theme = "bgrt";
|
plymouth.theme = "bgrt";
|
||||||
|
|
||||||
# Increase minimum log level. This removes ACPI errors from the boot screen.
|
# Increase minimum log level. This removes ACPI errors from the boot screen.
|
||||||
consoleLogLevel = 1;
|
consoleLogLevel = 1;
|
||||||
|
|
||||||
# Add kernel parameters
|
# Add kernel parameters
|
||||||
kernelParams = [
|
kernelParams = [ "quiet" ];
|
||||||
"quiet"
|
};
|
||||||
];
|
};
|
||||||
};
|
}
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,17 +1,22 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.host.services.apcupsd;
|
cfg = config.host.services.apcupsd;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.services.apcupsd.enable = mkEnableOption (mdDoc "Enables apcupsd");
|
host.services.apcupsd.enable = mkEnableOption (mdDoc "Enables apcupsd");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
services.apcupsd = {
|
services.apcupsd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
configText = builtins.readFile ./etc/apcupsd.conf;
|
configText = builtins.readFile ./etc/apcupsd.conf;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
# Services to run on BTRFS filesystems.
|
# Services to run on BTRFS filesystems.
|
||||||
# Only run if the root partition is BTRFS.
|
# Only run if the root partition is BTRFS.
|
||||||
{ config, lib, ... }: {
|
{ config, lib, ... }:
|
||||||
services.btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
|
{
|
||||||
enable = true;
|
services.btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
|
||||||
interval = "weekly";
|
enable = true;
|
||||||
fileSystems = [ "/" ];
|
interval = "weekly";
|
||||||
};
|
fileSystems = [ "/" ];
|
||||||
}
|
};
|
||||||
|
}
|
||||||
|
|
|
@ -1,52 +1,58 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.services.duplicacy-web;
|
cfg = config.host.services.duplicacy-web;
|
||||||
duplicacy-web = pkgs.callPackage ../../packages/duplicacy-web.nix { inherit pkgs lib; };
|
duplicacy-web = pkgs.callPackage ../../packages/duplicacy-web.nix { inherit pkgs lib; };
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
rec {
|
rec {
|
||||||
options = {
|
options = {
|
||||||
host.services.duplicacy-web = {
|
host.services.duplicacy-web = {
|
||||||
enable = mkEnableOption (mdDoc "Enables duplicacy-web");
|
enable = mkEnableOption (mdDoc "Enables duplicacy-web");
|
||||||
autostart = mkOption {
|
autostart = mkOption {
|
||||||
default = true;
|
default = true;
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
description = "Whether to auto-start duplicacy-web on boot";
|
description = "Whether to auto-start duplicacy-web on boot";
|
||||||
};
|
};
|
||||||
|
|
||||||
environment = mkOption {
|
environment = mkOption {
|
||||||
default = "";
|
default = "";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
description = "Environment where duplicacy-web stores its config files";
|
description = "Environment where duplicacy-web stores its config files";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [ duplicacy-web ];
|
||||||
duplicacy-web
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 3875 ];
|
networking.firewall.allowedTCPPorts = [ 3875 ];
|
||||||
|
|
||||||
# Install systemd service.
|
# Install systemd service.
|
||||||
systemd.services."duplicacy-web" = {
|
systemd.services."duplicacy-web" = {
|
||||||
enable = true;
|
enable = true;
|
||||||
wants = [ "network-online.target" ];
|
wants = [ "network-online.target" ];
|
||||||
after = [ "syslog.target" "network-online.target" ];
|
after = [
|
||||||
description = "Start the Duplicacy backup service and web UI";
|
"syslog.target"
|
||||||
serviceConfig = {
|
"network-online.target"
|
||||||
Type = "simple";
|
];
|
||||||
ExecStart = ''${duplicacy-web}/duplicacy-web'';
|
description = "Start the Duplicacy backup service and web UI";
|
||||||
Restart = "on-failure";
|
serviceConfig = {
|
||||||
RestartSrc = 10;
|
Type = "simple";
|
||||||
KillMode = "process";
|
ExecStart = ''${duplicacy-web}/duplicacy-web'';
|
||||||
};
|
Restart = "on-failure";
|
||||||
environment = {
|
RestartSrc = 10;
|
||||||
HOME = cfg.environment;
|
KillMode = "process";
|
||||||
};
|
};
|
||||||
} // optionalAttrs cfg.autostart { wantedBy = ["multi-user.target"]; }; # Start at boot if autostart is enabled.
|
environment = {
|
||||||
};
|
HOME = cfg.environment;
|
||||||
|
};
|
||||||
|
} // optionalAttrs cfg.autostart { wantedBy = [ "multi-user.target" ]; }; # Start at boot if autostart is enabled.
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,57 +1,60 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.host.services.k3s;
|
cfg = config.host.services.k3s;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.services.k3s = {
|
host.services.k3s = {
|
||||||
enable = mkEnableOption (mdDoc "Enables K3s");
|
enable = mkEnableOption (mdDoc "Enables K3s");
|
||||||
role = mkOption {
|
role = mkOption {
|
||||||
default = "server";
|
default = "server";
|
||||||
type = types.enum [
|
type = types.enum [
|
||||||
"agent"
|
"agent"
|
||||||
"server"
|
"server"
|
||||||
];
|
];
|
||||||
description = "Which K3s role to use";
|
description = "Which K3s role to use";
|
||||||
};
|
};
|
||||||
serverAddr = mkOption {
|
serverAddr = mkOption {
|
||||||
default = "";
|
default = "";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
description = "If an agent, this is the address of the server.";
|
description = "If an agent, this is the address of the server.";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Add packages for developing with K3s.
|
# Add packages for developing with K3s.
|
||||||
# For details, see https://nixos.wiki/wiki/K3s
|
# For details, see https://nixos.wiki/wiki/K3s
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ k3s ];
|
||||||
k3s
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [
|
||||||
6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
|
6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
|
||||||
# 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
|
# 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
|
||||||
# 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
|
# 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
|
||||||
];
|
];
|
||||||
allowedUDPPorts = [
|
allowedUDPPorts = [
|
||||||
# 8472 # k3s, flannel: required if using multi-node for inter-node networking
|
# 8472 # k3s, flannel: required if using multi-node for inter-node networking
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.k3s = {
|
services.k3s = {
|
||||||
enable = true;
|
enable = true;
|
||||||
inherit (cfg) role;
|
inherit (cfg) role;
|
||||||
extraFlags = toString [
|
extraFlags = toString [
|
||||||
# "--kubelet-arg=v=4" # Optionally add additional args to k3s
|
# "--kubelet-arg=v=4" # Optionally add additional args to k3s
|
||||||
];
|
];
|
||||||
} // optionalAttrs (cfg.role == "agent") { inherit (cfg) serverAddr; };
|
} // optionalAttrs (cfg.role == "agent") { inherit (cfg) serverAddr; };
|
||||||
|
|
||||||
# Increase number of open file handlers so K3s doesn't exhaust them...again.
|
# Increase number of open file handlers so K3s doesn't exhaust them...again.
|
||||||
systemd.extraConfig = ''
|
systemd.extraConfig = ''
|
||||||
DefaultLimitNOFILE=8192:1048576
|
DefaultLimitNOFILE=8192:1048576
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,18 +2,18 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.services.msmtp;
|
cfg = config.host.services.msmtp;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.services.msmtp.enable = mkEnableOption (mdDoc "Enables mail server");
|
host.services.msmtp.enable = mkEnableOption (mdDoc "Enables mail server");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
programs.msmtp = {
|
programs.msmtp = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# Authentication details set in nix-secrets
|
# Authentication details set in nix-secrets
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
# Configure SMART monitoring
|
# Configure SMART monitoring
|
||||||
_: {
|
_: {
|
||||||
services.smartd = {
|
services.smartd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autodetect = true;
|
autodetect = true;
|
||||||
notifications.wall.enable = true;
|
notifications.wall.enable = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +1,17 @@
|
||||||
# Configure systemD
|
# Configure systemD
|
||||||
_: {
|
_: {
|
||||||
services = {
|
services = {
|
||||||
# Allow systemd user services to keep running after the user has logged out
|
# Allow systemd user services to keep running after the user has logged out
|
||||||
logind.killUserProcesses = false;
|
logind.killUserProcesses = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Reduce systemd logout time to 30s
|
# Reduce systemd logout time to 30s
|
||||||
environment.etc = {
|
environment.etc = {
|
||||||
"systemd/system.conf.d/10-reduce-logout-wait-time.conf" = {
|
"systemd/system.conf.d/10-reduce-logout-wait-time.conf" = {
|
||||||
text = ''
|
text = ''
|
||||||
[Manager]
|
[Manager]
|
||||||
DefaultTimeoutStopSec=30s
|
DefaultTimeoutStopSec=30s
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,48 +1,53 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.host.ui.audio;
|
cfg = config.host.ui.audio;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.ui.audio = {
|
host.ui.audio = {
|
||||||
enable = mkEnableOption (mdDoc "Enables audio");
|
enable = mkEnableOption (mdDoc "Enables audio");
|
||||||
enableLowLatency = mkEnableOption (mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup ");
|
enableLowLatency = mkEnableOption (
|
||||||
};
|
mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup "
|
||||||
};
|
);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Enable sound with pipewire.
|
# Enable sound with pipewire.
|
||||||
sound.enable = true;
|
sound.enable = true;
|
||||||
security.rtkit.enable = true;
|
security.rtkit.enable = true;
|
||||||
hardware.pulseaudio = {
|
hardware.pulseaudio = {
|
||||||
enable = false;
|
enable = false;
|
||||||
package = pkgs.pulseaudioFull; # Enable extra audio codecs
|
package = pkgs.pulseaudioFull; # Enable extra audio codecs
|
||||||
};
|
};
|
||||||
|
|
||||||
services.pipewire = {
|
services.pipewire = {
|
||||||
enable = true;
|
enable = true;
|
||||||
alsa.enable = true;
|
alsa.enable = true;
|
||||||
alsa.support32Bit = true;
|
alsa.support32Bit = true;
|
||||||
pulse.enable = true;
|
pulse.enable = true;
|
||||||
jack.enable = true;
|
jack.enable = true;
|
||||||
|
|
||||||
# Reduce audio latency per https://nixos.wiki/wiki/PipeWire#Low-latency_setup
|
# Reduce audio latency per https://nixos.wiki/wiki/PipeWire#Low-latency_setup
|
||||||
extraConfig.pipewire = mkIf cfg.enableLowLatency {
|
extraConfig.pipewire = mkIf cfg.enableLowLatency {
|
||||||
"92-low-latency.conf" = {
|
"92-low-latency.conf" = {
|
||||||
"context.properties" = {
|
"context.properties" = {
|
||||||
"default.clock.rate" = 48000;
|
"default.clock.rate" = 48000;
|
||||||
"default.clock.quantum" = 32;
|
"default.clock.quantum" = 32;
|
||||||
"default.clock.min-quantum" = 32;
|
"default.clock.min-quantum" = 32;
|
||||||
"default.clock.max-quantum" = 32;
|
"default.clock.max-quantum" = 32;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.flatpak.packages = mkIf config.host.ui.flatpak.enable [
|
services.flatpak.packages = mkIf config.host.ui.flatpak.enable [ "com.github.wwmm.easyeffects" ];
|
||||||
"com.github.wwmm.easyeffects"
|
};
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,73 +1,88 @@
|
||||||
{ nix-flatpak, pkgs, config, lib, ... }:
|
{
|
||||||
|
nix-flatpak,
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
# Flatpak support and options
|
# Flatpak support and options
|
||||||
let
|
let
|
||||||
cfg = config.host.ui.flatpak;
|
cfg = config.host.ui.flatpak;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.ui.flatpak.enable = mkEnableOption (mdDoc "Enables Flatpak");
|
host.ui.flatpak.enable = mkEnableOption (mdDoc "Enables Flatpak");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Enable Flatpak
|
# Enable Flatpak
|
||||||
services.flatpak = {
|
services.flatpak = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
# Manage all Flatpak packages and remotes
|
# Manage all Flatpak packages and remotes
|
||||||
uninstallUnmanaged = true;
|
uninstallUnmanaged = true;
|
||||||
|
|
||||||
# Enable daily automatic updates
|
# Enable daily automatic updates
|
||||||
update.auto = {
|
update.auto = {
|
||||||
enable = true;
|
enable = true;
|
||||||
onCalendar = "daily";
|
onCalendar = "daily";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Add remote(s)
|
# Add remote(s)
|
||||||
remotes = [
|
remotes = [
|
||||||
{ name = "flathub"; location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; }
|
{
|
||||||
];
|
name = "flathub";
|
||||||
|
location = "https://dl.flathub.org/repo/flathub.flatpakrepo";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
# Install Flatpaks. For details, see https://github.com/gmodena/nix-flatpak
|
# Install Flatpaks. For details, see https://github.com/gmodena/nix-flatpak
|
||||||
packages = [
|
packages = [
|
||||||
"com.github.tchx84.Flatseal"
|
"com.github.tchx84.Flatseal"
|
||||||
"md.obsidian.Obsidian"
|
"md.obsidian.Obsidian"
|
||||||
"net.waterfox.waterfox"
|
"net.waterfox.waterfox"
|
||||||
"org.keepassxc.KeePassXC"
|
"org.keepassxc.KeePassXC"
|
||||||
"org.mozilla.firefox"
|
"org.mozilla.firefox"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Workaround for getting Flatpak apps to use system fonts, icons, and cursors
|
# Workaround for getting Flatpak apps to use system fonts, icons, and cursors
|
||||||
# For details (and source), see https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1767513263
|
# For details (and source), see https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1767513263
|
||||||
# NOTE: If fonts in Flatpaks appear incorrect (like squares), run this command to regenerate the font cache:
|
# NOTE: If fonts in Flatpaks appear incorrect (like squares), run this command to regenerate the font cache:
|
||||||
# flatpak list --columns=application | xargs -I %s -- flatpak run --command=fc-cache %s -f -v
|
# flatpak list --columns=application | xargs -I %s -- flatpak run --command=fc-cache %s -f -v
|
||||||
system.fsPackages = [ pkgs.bindfs ];
|
system.fsPackages = [ pkgs.bindfs ];
|
||||||
fileSystems = let
|
fileSystems =
|
||||||
mkRoSymBind = path: {
|
let
|
||||||
device = path;
|
mkRoSymBind = path: {
|
||||||
fsType = "fuse.bindfs";
|
device = path;
|
||||||
options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ];
|
fsType = "fuse.bindfs";
|
||||||
};
|
options = [
|
||||||
aggregatedIcons = pkgs.buildEnv {
|
"ro"
|
||||||
name = "system-icons";
|
"resolve-symlinks"
|
||||||
paths = with pkgs; [
|
"x-gvfs-hide"
|
||||||
#libsForQt5.breeze-qt5 # for plasma
|
];
|
||||||
gnome.gnome-themes-extra
|
};
|
||||||
papirus-icon-theme
|
aggregatedIcons = pkgs.buildEnv {
|
||||||
qogir-icon-theme
|
name = "system-icons";
|
||||||
];
|
paths = with pkgs; [
|
||||||
pathsToLink = [ "/share/icons" ];
|
#libsForQt5.breeze-qt5 # for plasma
|
||||||
};
|
gnome.gnome-themes-extra
|
||||||
aggregatedFonts = pkgs.buildEnv {
|
papirus-icon-theme
|
||||||
name = "system-fonts";
|
qogir-icon-theme
|
||||||
paths = config.fonts.packages;
|
];
|
||||||
pathsToLink = [ "/share/fonts" ];
|
pathsToLink = [ "/share/icons" ];
|
||||||
};
|
};
|
||||||
in {
|
aggregatedFonts = pkgs.buildEnv {
|
||||||
"/usr/share/icons" = mkRoSymBind "${aggregatedIcons}/share/icons";
|
name = "system-fonts";
|
||||||
"/usr/local/share/fonts" = mkRoSymBind "${aggregatedFonts}/share/fonts";
|
paths = config.fonts.packages;
|
||||||
};
|
pathsToLink = [ "/share/fonts" ];
|
||||||
};
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
"/usr/share/icons" = mkRoSymBind "${aggregatedIcons}/share/icons";
|
||||||
|
"/usr/local/share/fonts" = mkRoSymBind "${aggregatedFonts}/share/fonts";
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,134 +1,139 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
# UI and desktop-related options
|
# UI and desktop-related options
|
||||||
let
|
let
|
||||||
cfg = config.host.ui.gnome;
|
cfg = config.host.ui.gnome;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
host.ui.gnome.enable = mkEnableOption (mdDoc "Enables Gnome");
|
host.ui.gnome.enable = mkEnableOption (mdDoc "Enables Gnome");
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
host.ui = {
|
host.ui = {
|
||||||
audio.enable = true;
|
audio.enable = true;
|
||||||
flatpak.enable = true;
|
flatpak.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
|
||||||
# Configure the xserver
|
|
||||||
xserver = {
|
|
||||||
# Enable the X11 windowing system.
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
# Configure keymap in X11
|
services = {
|
||||||
xkb = {
|
# Configure the xserver
|
||||||
layout = "us";
|
xserver = {
|
||||||
variant = "";
|
# Enable the X11 windowing system.
|
||||||
};
|
enable = true;
|
||||||
|
|
||||||
# Enable Gnome
|
# Configure keymap in X11
|
||||||
desktopManager.gnome.enable = true;
|
xkb = {
|
||||||
displayManager = {
|
layout = "us";
|
||||||
gdm.enable = true;
|
variant = "";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Remove default packages that came with the install
|
# Enable Gnome
|
||||||
excludePackages = with pkgs; [
|
desktopManager.gnome.enable = true;
|
||||||
xterm
|
displayManager = {
|
||||||
];
|
gdm.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Install Flatpaks
|
# Remove default packages that came with the install
|
||||||
flatpak.packages = [
|
excludePackages = with pkgs; [ xterm ];
|
||||||
"com.mattjakeman.ExtensionManager"
|
};
|
||||||
"dev.geopjr.Tuba"
|
|
||||||
"org.bluesabre.MenuLibre"
|
|
||||||
"org.gnome.baobab"
|
|
||||||
"org.gnome.Calculator"
|
|
||||||
"org.gnome.Characters"
|
|
||||||
"org.gnome.Calendar"
|
|
||||||
"org.gnome.Evince"
|
|
||||||
"org.gnome.Evolution"
|
|
||||||
"org.gnome.FileRoller"
|
|
||||||
"org.gnome.Firmware"
|
|
||||||
"org.gnome.gitg"
|
|
||||||
"org.gnome.Loupe" # Gnome's fancy new image viewer
|
|
||||||
"org.gnome.Music"
|
|
||||||
"org.gnome.seahorse.Application"
|
|
||||||
"org.gnome.TextEditor"
|
|
||||||
"org.gnome.World.Secrets"
|
|
||||||
"org.gtk.Gtk3theme.Adwaita-dark"
|
|
||||||
];
|
|
||||||
|
|
||||||
# Disable CUPS - not needed
|
# Install Flatpaks
|
||||||
printing.enable = false;
|
flatpak.packages = [
|
||||||
};
|
"com.mattjakeman.ExtensionManager"
|
||||||
|
"dev.geopjr.Tuba"
|
||||||
environment = {
|
"org.bluesabre.MenuLibre"
|
||||||
# Remove default Gnome packages that came with the install, then install the ones I actually use
|
"org.gnome.baobab"
|
||||||
gnome.excludePackages = (with pkgs; [
|
"org.gnome.Calculator"
|
||||||
gnome-photos
|
"org.gnome.Characters"
|
||||||
gnome-tour
|
"org.gnome.Calendar"
|
||||||
gnomeExtensions.extension-list
|
"org.gnome.Evince"
|
||||||
gedit # text editor
|
"org.gnome.Evolution"
|
||||||
]) ++ (with pkgs.gnome; [
|
"org.gnome.FileRoller"
|
||||||
cheese # webcam tool
|
"org.gnome.Firmware"
|
||||||
gnome-music
|
"org.gnome.gitg"
|
||||||
gnome-calendar
|
"org.gnome.Loupe" # Gnome's fancy new image viewer
|
||||||
epiphany # web browser
|
"org.gnome.Music"
|
||||||
geary # email reader
|
"org.gnome.seahorse.Application"
|
||||||
evince # document viewer
|
"org.gnome.TextEditor"
|
||||||
gnome-characters
|
"org.gnome.World.Secrets"
|
||||||
gnome-software
|
"org.gtk.Gtk3theme.Adwaita-dark"
|
||||||
totem # video player
|
];
|
||||||
tali # poker game
|
|
||||||
iagno # go game
|
|
||||||
hitori # sudoku game
|
|
||||||
atomix # puzzle game
|
|
||||||
]);
|
|
||||||
|
|
||||||
# Install additional Gnome packages
|
# Disable CUPS - not needed
|
||||||
systemPackages = with pkgs; [
|
printing.enable = false;
|
||||||
# Gnome tweak tools
|
};
|
||||||
gnome.gnome-tweaks
|
|
||||||
# Gnome extensions
|
|
||||||
# FIXME: Disable temporarily due to broken version in Nixpkgs
|
|
||||||
#gnomeExtensions.appindicator
|
|
||||||
#gnomeExtensions.dash-to-panel
|
|
||||||
#gnomeExtensions.forge
|
|
||||||
# Themeing
|
|
||||||
gnome.gnome-themes-extra
|
|
||||||
papirus-icon-theme
|
|
||||||
qogir-icon-theme
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# Manage fonts
|
environment = {
|
||||||
fonts = {
|
# Remove default Gnome packages that came with the install, then install the ones I actually use
|
||||||
# Install extra fonts
|
gnome.excludePackages =
|
||||||
packages = with pkgs; [
|
(with pkgs; [
|
||||||
noto-fonts
|
gnome-photos
|
||||||
noto-fonts-cjk
|
gnome-tour
|
||||||
noto-fonts-emoji
|
gnomeExtensions.extension-list
|
||||||
liberation_ttf
|
gedit # text editor
|
||||||
fira-code
|
])
|
||||||
fira-code-symbols
|
++ (with pkgs.gnome; [
|
||||||
fira
|
cheese # webcam tool
|
||||||
roboto-slab
|
gnome-music
|
||||||
];
|
gnome-calendar
|
||||||
|
epiphany # web browser
|
||||||
|
geary # email reader
|
||||||
|
evince # document viewer
|
||||||
|
gnome-characters
|
||||||
|
gnome-software
|
||||||
|
totem # video player
|
||||||
|
tali # poker game
|
||||||
|
iagno # go game
|
||||||
|
hitori # sudoku game
|
||||||
|
atomix # puzzle game
|
||||||
|
]);
|
||||||
|
|
||||||
# Enable font dir for use with Flatpak. See https://nixos.wiki/wiki/Fonts#Flatpak_applications_can.27t_find_system_fonts
|
# Install additional Gnome packages
|
||||||
fontDir.enable = true;
|
systemPackages = with pkgs; [
|
||||||
};
|
# Gnome tweak tools
|
||||||
|
gnome.gnome-tweaks
|
||||||
|
# Gnome extensions
|
||||||
|
# FIXME: Disable temporarily due to broken version in Nixpkgs
|
||||||
|
#gnomeExtensions.appindicator
|
||||||
|
#gnomeExtensions.dash-to-panel
|
||||||
|
#gnomeExtensions.forge
|
||||||
|
# Themeing
|
||||||
|
gnome.gnome-themes-extra
|
||||||
|
papirus-icon-theme
|
||||||
|
qogir-icon-theme
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
# Gnome UI integration for KDE apps
|
# Manage fonts
|
||||||
qt = {
|
fonts = {
|
||||||
enable = true;
|
# Install extra fonts
|
||||||
platformTheme = "gnome";
|
packages = with pkgs; [
|
||||||
style = "adwaita-dark";
|
noto-fonts
|
||||||
};
|
noto-fonts-cjk
|
||||||
};
|
noto-fonts-emoji
|
||||||
|
liberation_ttf
|
||||||
|
fira-code
|
||||||
|
fira-code-symbols
|
||||||
|
fira
|
||||||
|
roboto-slab
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enable font dir for use with Flatpak. See https://nixos.wiki/wiki/Fonts#Flatpak_applications_can.27t_find_system_fonts
|
||||||
|
fontDir.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Gnome UI integration for KDE apps
|
||||||
|
qt = {
|
||||||
|
enable = true;
|
||||||
|
platformTheme = "gnome";
|
||||||
|
style = "adwaita-dark";
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,89 +1,98 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
# Define 'aires'
|
# Define 'aires'
|
||||||
let
|
let
|
||||||
cfg = config.host.users.aires;
|
cfg = config.host.users.aires;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.users.aires = {
|
host.users.aires = {
|
||||||
enable = mkEnableOption (mdDoc "Enables aires user account");
|
enable = mkEnableOption (mdDoc "Enables aires user account");
|
||||||
autologin = mkEnableOption (mdDoc "Automatically logs aires in on boot");
|
autologin = mkEnableOption (mdDoc "Automatically logs aires in on boot");
|
||||||
|
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = mkEnableOption (mdDoc "Enables Syncthing");
|
enable = mkEnableOption (mdDoc "Enables Syncthing");
|
||||||
enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application");
|
enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application");
|
||||||
autostart = mkOption {
|
autostart = mkOption {
|
||||||
default = true;
|
default = true;
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
description = "Whether to auto-start Syncthing on boot";
|
description = "Whether to auto-start Syncthing on boot";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable (mkMerge [
|
config = mkIf cfg.enable (mkMerge [
|
||||||
{
|
{
|
||||||
users.users.aires = {
|
users.users.aires = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
description = "Aires";
|
description = "Aires";
|
||||||
uid = 1000;
|
uid = 1000;
|
||||||
extraGroups = [ "input" "networkmanager" "plugdev" "tss" "wheel" ]; # tss group has access to TPM devices
|
extraGroups = [
|
||||||
|
"input"
|
||||||
|
"networkmanager"
|
||||||
|
"plugdev"
|
||||||
|
"tss"
|
||||||
|
"wheel"
|
||||||
|
]; # tss group has access to TPM devices
|
||||||
|
|
||||||
# Allow systemd services to run even while aires is logged out
|
# Allow systemd services to run even while aires is logged out
|
||||||
linger = true;
|
linger = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Install aires-specific Flatpaks
|
# Install aires-specific Flatpaks
|
||||||
services.flatpak.packages = mkIf config.services.flatpak.enable [
|
services.flatpak.packages = mkIf config.services.flatpak.enable [
|
||||||
"com.discordapp.Discord"
|
"com.discordapp.Discord"
|
||||||
"org.telegram.desktop"
|
"org.telegram.desktop"
|
||||||
];
|
];
|
||||||
|
|
||||||
# Configure home-manager
|
# Configure home-manager
|
||||||
home-manager.users.aires = {
|
home-manager.users.aires = {
|
||||||
imports = [
|
imports = [
|
||||||
../common/home-manager/gnome.nix
|
../common/home-manager/gnome.nix
|
||||||
../common/home-manager/zsh.nix
|
../common/home-manager/zsh.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
home = {
|
home = {
|
||||||
# The state version is required and should stay at the version you originally installed.
|
# The state version is required and should stay at the version you originally installed.
|
||||||
stateVersion = "24.05";
|
stateVersion = "24.05";
|
||||||
|
|
||||||
# Basic setup
|
# Basic setup
|
||||||
username = "aires";
|
username = "aires";
|
||||||
homeDirectory = "/home/aires";
|
homeDirectory = "/home/aires";
|
||||||
|
|
||||||
# Install extra packages, specifically gnome extensions
|
# Install extra packages, specifically gnome extensions
|
||||||
packages = lib.mkIf config.host.ui.gnome.enable [
|
packages = lib.mkIf config.host.ui.gnome.enable [ pkgs.gnomeExtensions.wallpaper-slideshow ];
|
||||||
pkgs.gnomeExtensions.wallpaper-slideshow
|
|
||||||
];
|
|
||||||
|
|
||||||
# Set environment variables
|
# Set environment variables
|
||||||
sessionVariables = {
|
sessionVariables = {
|
||||||
KUBECONFIG = "/home/aires/.kube/config";
|
KUBECONFIG = "/home/aires/.kube/config";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
programs = {
|
programs = {
|
||||||
# Let home Manager install and manage itself.
|
# Let home Manager install and manage itself.
|
||||||
home-manager.enable = true;
|
home-manager.enable = true;
|
||||||
|
|
||||||
# Set up git
|
# Set up git
|
||||||
git = {
|
git = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# Username and email set in nix-secrets
|
# Username and email set in nix-secrets
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
push.autoSetupRemote = "true";
|
push.autoSetupRemote = "true";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Set up Zsh
|
# Set up Zsh
|
||||||
zsh = {
|
zsh = {
|
||||||
oh-my-zsh = {
|
oh-my-zsh = {
|
||||||
theme = "gentoo";
|
theme = "gentoo";
|
||||||
};
|
};
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
update = "upgrade";
|
update = "upgrade";
|
||||||
|
@ -95,61 +104,59 @@ with lib;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# SSH set up in nix-secrets
|
# SSH set up in nix-secrets
|
||||||
|
|
||||||
# Gnome settings specific to aires on Shura
|
# Gnome settings specific to aires on Shura
|
||||||
dconf.settings = lib.mkIf (config.networking.hostName == "Shura") {
|
dconf.settings = lib.mkIf (config.networking.hostName == "Shura") {
|
||||||
"org/gnome/desktop/interface" = {
|
"org/gnome/desktop/interface" = {
|
||||||
# Increase font scaling;
|
# Increase font scaling;
|
||||||
text-scaling-factor = 1.3;
|
text-scaling-factor = 1.3;
|
||||||
|
|
||||||
# Dark mode
|
# Dark mode
|
||||||
color-scheme = "prefer-dark";
|
color-scheme = "prefer-dark";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
# Autologin aires
|
# Autologin aires
|
||||||
(mkIf cfg.autologin {
|
(mkIf cfg.autologin {
|
||||||
services.displayManager.autoLogin = {
|
services.displayManager.autoLogin = {
|
||||||
enable = true;
|
enable = true;
|
||||||
user = "aires";
|
user = "aires";
|
||||||
};
|
};
|
||||||
systemd.services = {
|
systemd.services = {
|
||||||
"getty@tty1".enable = false;
|
"getty@tty1".enable = false;
|
||||||
"autovt@tty1".enable = false;
|
"autovt@tty1".enable = false;
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
# Enable Syncthing
|
# Enable Syncthing
|
||||||
(mkIf cfg.services.syncthing.enable {
|
(mkIf cfg.services.syncthing.enable {
|
||||||
users.users.aires.packages = [
|
users.users.aires.packages = [
|
||||||
pkgs.syncthing
|
pkgs.syncthing
|
||||||
(mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray)
|
(mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray)
|
||||||
];
|
];
|
||||||
|
|
||||||
# Open port 8080
|
# Open port 8080
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [ 8080 ];
|
||||||
8080
|
|
||||||
];
|
|
||||||
|
|
||||||
home-manager.users.aires = {
|
home-manager.users.aires = {
|
||||||
# Syncthing options
|
# Syncthing options
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--gui-address=0.0.0.0:8080"
|
"--gui-address=0.0.0.0:8080"
|
||||||
"--home=${config.users.users.aires.home}/.config/syncthing"
|
"--home=${config.users.users.aires.home}/.config/syncthing"
|
||||||
"--no-default-folder"
|
"--no-default-folder"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Override the default Syncthing settings so it doesn't start on boot
|
# Override the default Syncthing settings so it doesn't start on boot
|
||||||
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
|
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
|
||||||
Install = lib.mkForce {};
|
Install = lib.mkForce { };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,134 +1,140 @@
|
||||||
{ lib, pkgs, osConfig, ... }: {
|
{
|
||||||
# Additional Gnome configurations via home-manager.
|
lib,
|
||||||
dconf.settings = lib.mkIf osConfig.host.ui.gnome.enable {
|
pkgs,
|
||||||
"org/gnome/mutter" = {
|
osConfig,
|
||||||
edge-tiling = true;
|
...
|
||||||
workspaces-only-on-primary = false;
|
}:
|
||||||
experimental-features = [
|
{
|
||||||
"scale-monitor-framebuffer" # Fractional scaling
|
# Additional Gnome configurations via home-manager.
|
||||||
"variable-refresh-rate"
|
dconf.settings = lib.mkIf osConfig.host.ui.gnome.enable {
|
||||||
];
|
"org/gnome/mutter" = {
|
||||||
};
|
edge-tiling = true;
|
||||||
|
workspaces-only-on-primary = false;
|
||||||
|
experimental-features = [
|
||||||
|
"scale-monitor-framebuffer" # Fractional scaling
|
||||||
|
"variable-refresh-rate"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
"org/gnome/desktop/interface" = {
|
"org/gnome/desktop/interface" = {
|
||||||
# Configure fonts
|
# Configure fonts
|
||||||
font-name = "Fira Sans Semi-Light 11";
|
font-name = "Fira Sans Semi-Light 11";
|
||||||
document-font-name = "Roboto Slab 11";
|
document-font-name = "Roboto Slab 11";
|
||||||
monospace-font-name = "Liberation Mono 11";
|
monospace-font-name = "Liberation Mono 11";
|
||||||
titlebar-font = "Fira Sans Semi-Bold 11";
|
titlebar-font = "Fira Sans Semi-Bold 11";
|
||||||
|
|
||||||
# Configure hinting
|
# Configure hinting
|
||||||
font-hinting = "slight";
|
font-hinting = "slight";
|
||||||
font-antialiasing = "rgba";
|
font-antialiasing = "rgba";
|
||||||
|
|
||||||
# Configure workspace
|
# Configure workspace
|
||||||
enable-hot-corners = true;
|
enable-hot-corners = true;
|
||||||
|
|
||||||
# Set icon theme
|
# Set icon theme
|
||||||
icon-theme = "Papirus-Dark";
|
icon-theme = "Papirus-Dark";
|
||||||
|
|
||||||
# Set legacy application theme
|
# Set legacy application theme
|
||||||
gtk-theme = "Adwaita-dark";
|
gtk-theme = "Adwaita-dark";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Configure touchpad scroll & tap behavior
|
# Configure touchpad scroll & tap behavior
|
||||||
"org/gnome/desktop/peripherals/touchpad" = {
|
"org/gnome/desktop/peripherals/touchpad" = {
|
||||||
disable-while-typing = true;
|
disable-while-typing = true;
|
||||||
click-method = "fingers";
|
click-method = "fingers";
|
||||||
tap-to-click = true;
|
tap-to-click = true;
|
||||||
natural-scroll = true;
|
natural-scroll = true;
|
||||||
two-finger-scrolling-enabled = true;
|
two-finger-scrolling-enabled = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Tweak window management
|
# Tweak window management
|
||||||
"org/gnome/desktop/wm/preferences" = {
|
"org/gnome/desktop/wm/preferences" = {
|
||||||
button-layout = "appmenu:minimize,maximize,close";
|
button-layout = "appmenu:minimize,maximize,close";
|
||||||
resize-with-right-button = true;
|
resize-with-right-button = true;
|
||||||
focus-mode = "click";
|
focus-mode = "click";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Make alt-tab switch windows, not applications
|
# Make alt-tab switch windows, not applications
|
||||||
"org/gnome/desktop/wm/keybindings" = {
|
"org/gnome/desktop/wm/keybindings" = {
|
||||||
switch-tab = [];
|
switch-tab = [ ];
|
||||||
switch-windows = [ "<Alt>Tab" ];
|
switch-windows = [ "<Alt>Tab" ];
|
||||||
switch-windows-backward = [ "<Shift><Alt>Tab" ];
|
switch-windows-backward = [ "<Shift><Alt>Tab" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
"org/gnome/shell" = {
|
"org/gnome/shell" = {
|
||||||
disable-user-extensions = false;
|
disable-user-extensions = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
FIXME: Still needs work
|
FIXME: Still needs work
|
||||||
"org/gnome/shell/extensions/dash-to-panel" = {
|
"org/gnome/shell/extensions/dash-to-panel" = {
|
||||||
animate-appicon-hover = false;
|
animate-appicon-hover = false;
|
||||||
animate-appicon-hover-animation-extent = {
|
animate-appicon-hover-animation-extent = {
|
||||||
RIPPLE = 4;
|
RIPPLE = 4;
|
||||||
PLANK = 4;
|
PLANK = 4;
|
||||||
SIMPLE = 1;
|
SIMPLE = 1;
|
||||||
};
|
};
|
||||||
appicon-margin = 8;
|
appicon-margin = 8;
|
||||||
appicon-padding = 8;
|
appicon-padding = 8;
|
||||||
available-monitors= [0];
|
available-monitors= [0];
|
||||||
dot-position = "BOTTOM";
|
dot-position = "BOTTOM";
|
||||||
hotkeys-overlay-combo= "TEMPORARILY";
|
hotkeys-overlay-combo= "TEMPORARILY";
|
||||||
leftbox-padding = -1;
|
leftbox-padding = -1;
|
||||||
panel-anchors = {"0" = "MIDDLE"; };
|
panel-anchors = {"0" = "MIDDLE"; };
|
||||||
panel-element-positions={
|
panel-element-positions={
|
||||||
"0" = [{
|
"0" = [{
|
||||||
"element" = "dateMenu";
|
"element" = "dateMenu";
|
||||||
"visible" = true;
|
"visible" = true;
|
||||||
"position" = "stackedTL";
|
"position" = "stackedTL";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "activitiesButton";
|
"element" = "activitiesButton";
|
||||||
"visible" = true;
|
"visible" = true;
|
||||||
"position" = "stackedTL";
|
"position" = "stackedTL";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "showAppsButton";
|
"element" = "showAppsButton";
|
||||||
"visible" = true;
|
"visible" = true;
|
||||||
"position" = "centerMonitor";
|
"position" = "centerMonitor";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "leftBox";
|
"element" = "leftBox";
|
||||||
"visible" = false;
|
"visible" = false;
|
||||||
"position" = "stackedTL";
|
"position" = "stackedTL";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "taskbar";
|
"element" = "taskbar";
|
||||||
"visible" = true;
|
"visible" = true;
|
||||||
"position" = "centerMonitor";
|
"position" = "centerMonitor";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "centerBox";
|
"element" = "centerBox";
|
||||||
"visible" = false;
|
"visible" = false;
|
||||||
"position" = "stackedBR";
|
"position" = "stackedBR";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "rightBox";
|
"element" = "rightBox";
|
||||||
"visible" = false;
|
"visible" = false;
|
||||||
"position" = "stackedBR";
|
"position" = "stackedBR";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "systemMenu";
|
"element" = "systemMenu";
|
||||||
"visible" = true;
|
"visible" = true;
|
||||||
"position"= "stackedBR";
|
"position"= "stackedBR";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
"element" = "desktopButton";
|
"element" = "desktopButton";
|
||||||
"visible" = false;
|
"visible" = false;
|
||||||
"position" = "stackedBR";
|
"position" = "stackedBR";
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
panel-lengths = { "0" = 100; };
|
panel-lengths = { "0" = 100; };
|
||||||
panel-positions = { "0" = "TOP"; };
|
panel-positions = { "0" = "TOP"; };
|
||||||
panel-sizes = { "0" = 64; };
|
panel-sizes = { "0" = 64; };
|
||||||
primary-monitor = 0;
|
primary-monitor = 0;
|
||||||
status-icon-padding = -1;
|
status-icon-padding = -1;
|
||||||
tray-padding = -1;
|
tray-padding = -1;
|
||||||
window-preview-title-position = "TOP";
|
window-preview-title-position = "TOP";
|
||||||
};
|
};
|
||||||
*/
|
*/
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,30 +1,29 @@
|
||||||
# Additional ZSH settings via Home Manager
|
# Additional ZSH settings via Home Manager
|
||||||
{ pkgs, ... }: {
|
{ pkgs, ... }:
|
||||||
programs.zsh = {
|
{
|
||||||
enable = true;
|
programs.zsh = {
|
||||||
autosuggestion.enable = true;
|
enable = true;
|
||||||
syntaxHighlighting.enable = true;
|
autosuggestion.enable = true;
|
||||||
history.ignoreDups = true; # Do not enter command lines into the history list if they are duplicates of the previous event.
|
syntaxHighlighting.enable = true;
|
||||||
prezto = {
|
history.ignoreDups = true; # Do not enter command lines into the history list if they are duplicates of the previous event.
|
||||||
git.submoduleIgnore = "untracked"; # Ignore submodules when they are untracked.
|
prezto = {
|
||||||
};
|
git.submoduleIgnore = "untracked"; # Ignore submodules when they are untracked.
|
||||||
plugins = [
|
};
|
||||||
{
|
plugins = [
|
||||||
name = "zsh-nix-shell";
|
{
|
||||||
file = "nix-shell.plugin.zsh";
|
name = "zsh-nix-shell";
|
||||||
src = pkgs.fetchFromGitHub {
|
file = "nix-shell.plugin.zsh";
|
||||||
owner = "chisui";
|
src = pkgs.fetchFromGitHub {
|
||||||
repo = "zsh-nix-shell";
|
owner = "chisui";
|
||||||
rev = "v0.8.0";
|
repo = "zsh-nix-shell";
|
||||||
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
|
rev = "v0.8.0";
|
||||||
};
|
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
|
||||||
}
|
};
|
||||||
];
|
}
|
||||||
oh-my-zsh = {
|
];
|
||||||
enable = true;
|
oh-my-zsh = {
|
||||||
plugins = [
|
enable = true;
|
||||||
"git"
|
plugins = [ "git" ];
|
||||||
];
|
};
|
||||||
};
|
};
|
||||||
};
|
}
|
||||||
}
|
|
||||||
|
|
|
@ -1,126 +1,140 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
# Define 'gremlin' user
|
# Define 'gremlin' user
|
||||||
let
|
let
|
||||||
cfg = config.host.users.gremlin;
|
cfg = config.host.users.gremlin;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options = {
|
options = {
|
||||||
host.users.gremlin = {
|
host.users.gremlin = {
|
||||||
enable = mkEnableOption (mdDoc "Enables gremlin user account");
|
enable = mkEnableOption (mdDoc "Enables gremlin user account");
|
||||||
|
|
||||||
services.syncthing = {
|
|
||||||
enable = mkEnableOption (mdDoc "Enables Syncthing");
|
|
||||||
enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application");
|
|
||||||
autostart = mkOption {
|
|
||||||
default = true;
|
|
||||||
type = types.bool;
|
|
||||||
description = "Whether to auto-start Syncthing on boot";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkMerge [
|
services.syncthing = {
|
||||||
(mkIf cfg.enable {
|
enable = mkEnableOption (mdDoc "Enables Syncthing");
|
||||||
# Add Gremlin account
|
enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application");
|
||||||
users.users.gremlin = {
|
autostart = mkOption {
|
||||||
isNormalUser = true;
|
default = true;
|
||||||
description = "Gremlin";
|
type = types.bool;
|
||||||
uid = 1001;
|
description = "Whether to auto-start Syncthing on boot";
|
||||||
extraGroups = [ "networkmanager" "input" ];
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# Allow systemd services to keep running even while gremlin is logged out
|
config = mkMerge [
|
||||||
linger = true;
|
(mkIf cfg.enable {
|
||||||
};
|
# Add Gremlin account
|
||||||
|
users.users.gremlin = {
|
||||||
|
isNormalUser = true;
|
||||||
|
description = "Gremlin";
|
||||||
|
uid = 1001;
|
||||||
|
extraGroups = [
|
||||||
|
"networkmanager"
|
||||||
|
"input"
|
||||||
|
];
|
||||||
|
|
||||||
# Install gremlin-specific flatpaks
|
# Allow systemd services to keep running even while gremlin is logged out
|
||||||
services.flatpak.packages = lib.mkIf config.services.flatpak.enable [
|
linger = true;
|
||||||
"com.google.Chrome"
|
};
|
||||||
"com.slack.Slack"
|
|
||||||
];
|
|
||||||
|
|
||||||
home-manager.users.gremlin = {
|
# Install gremlin-specific flatpaks
|
||||||
imports = [
|
services.flatpak.packages = lib.mkIf config.services.flatpak.enable [
|
||||||
../common/home-manager/gnome.nix
|
"com.google.Chrome"
|
||||||
../common/home-manager/zsh.nix
|
"com.slack.Slack"
|
||||||
];
|
];
|
||||||
|
|
||||||
home = {
|
home-manager.users.gremlin = {
|
||||||
# Basic setup
|
imports = [
|
||||||
username = "gremlin";
|
../common/home-manager/gnome.nix
|
||||||
homeDirectory = "/home/gremlin";
|
../common/home-manager/zsh.nix
|
||||||
|
];
|
||||||
|
|
||||||
# The state version is required and should stay at the version you originally installed.
|
home = {
|
||||||
stateVersion = "24.05";
|
# Basic setup
|
||||||
|
username = "gremlin";
|
||||||
|
homeDirectory = "/home/gremlin";
|
||||||
|
|
||||||
# Set environment variables
|
# The state version is required and should stay at the version you originally installed.
|
||||||
sessionVariables = {
|
stateVersion = "24.05";
|
||||||
KUBECONFIG = "/home/gremlin/.kube/config";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Install packages specific to Gremlin
|
|
||||||
packages = [
|
|
||||||
pkgs.awscli2
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
programs = {
|
# Set environment variables
|
||||||
# Let home Manager install and manage itself.
|
sessionVariables = {
|
||||||
home-manager.enable = true;
|
KUBECONFIG = "/home/gremlin/.kube/config";
|
||||||
|
};
|
||||||
|
|
||||||
# Set up git
|
# Install packages specific to Gremlin
|
||||||
git = {
|
packages = [ pkgs.awscli2 ];
|
||||||
# Name and email set in nix-secrets
|
};
|
||||||
enable = true;
|
|
||||||
extraConfig = {
|
|
||||||
push.autoSetupRemote = "true";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Set up Zsh
|
programs = {
|
||||||
zsh = {
|
# Let home Manager install and manage itself.
|
||||||
# Install and source the p10k theme
|
home-manager.enable = true;
|
||||||
plugins = [
|
|
||||||
{ name = "powerlevel10k"; src = pkgs.zsh-powerlevel10k; file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme"; }
|
|
||||||
{ name = "powerlevel10k-config"; src = ./p10k-config; file = "p10k.zsh"; }
|
|
||||||
];
|
|
||||||
shellAliases = {
|
|
||||||
please = "sudo";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# SSH entries set in nix-secrets
|
# Set up git
|
||||||
};
|
git = {
|
||||||
})
|
# Name and email set in nix-secrets
|
||||||
|
enable = true;
|
||||||
|
extraConfig = {
|
||||||
|
push.autoSetupRemote = "true";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# Enable Syncthing
|
# Set up Zsh
|
||||||
(mkIf cfg.services.syncthing.enable {
|
zsh = {
|
||||||
users.users.gremlin = {
|
# Install and source the p10k theme
|
||||||
packages = [
|
plugins = [
|
||||||
pkgs.syncthing
|
{
|
||||||
(mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray)
|
name = "powerlevel10k";
|
||||||
];
|
src = pkgs.zsh-powerlevel10k;
|
||||||
};
|
file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "powerlevel10k-config";
|
||||||
|
src = ./p10k-config;
|
||||||
|
file = "p10k.zsh";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
shellAliases = {
|
||||||
|
please = "sudo";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
home-manager.users.gremlin = {
|
# SSH entries set in nix-secrets
|
||||||
# Syncthing options
|
};
|
||||||
services.syncthing = {
|
})
|
||||||
enable = true;
|
|
||||||
extraOptions = [
|
|
||||||
"--gui-address=0.0.0.0:8081"
|
|
||||||
"--home=${config.users.users.gremlin.home}/.config/syncthing"
|
|
||||||
"--no-default-folder"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# Override the default Syncthing settings so it doesn't start on boot
|
# Enable Syncthing
|
||||||
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
|
(mkIf cfg.services.syncthing.enable {
|
||||||
Install = lib.mkForce {};
|
users.users.gremlin = {
|
||||||
};
|
packages = [
|
||||||
};
|
pkgs.syncthing
|
||||||
})
|
(mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray)
|
||||||
];
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
home-manager.users.gremlin = {
|
||||||
|
# Syncthing options
|
||||||
|
services.syncthing = {
|
||||||
|
enable = true;
|
||||||
|
extraOptions = [
|
||||||
|
"--gui-address=0.0.0.0:8081"
|
||||||
|
"--home=${config.users.users.gremlin.home}/.config/syncthing"
|
||||||
|
"--no-default-folder"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Override the default Syncthing settings so it doesn't start on boot
|
||||||
|
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
|
||||||
|
Install = lib.mkForce { };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,29 +1,34 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
# Define user for managing media on Haven
|
# Define user for managing media on Haven
|
||||||
let
|
let
|
||||||
cfg = config.host.users.media;
|
cfg = config.host.users.media;
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
host.users.media = {
|
host.users.media = {
|
||||||
enable = mkEnableOption (mdDoc "Enables media user account");
|
enable = mkEnableOption (mdDoc "Enables media user account");
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
users.groups."media" = {
|
users.groups."media" = {
|
||||||
gid = 1001;
|
gid = 1001;
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.media = {
|
users.users.media = {
|
||||||
isNormalUser = false;
|
isNormalUser = false;
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
description = "Media manager";
|
description = "Media manager";
|
||||||
uid = 1001;
|
uid = 1001;
|
||||||
group = "media";
|
group = "media";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
Subproject commit b08463a68a07f237232a5951b9e0e58071b9f479
|
Subproject commit d7db8c62406e2389138e8aaaeb6e9e94494ae1ae
|
|
@ -1,27 +1,27 @@
|
||||||
{ pkgs, lib }:
|
{ pkgs, lib }:
|
||||||
|
|
||||||
pkgs.stdenv.mkDerivation rec {
|
pkgs.stdenv.mkDerivation rec {
|
||||||
pname = "duplicacy-web";
|
pname = "duplicacy-web";
|
||||||
version = "1.8.0";
|
version = "1.8.0";
|
||||||
|
|
||||||
src = builtins.fetchurl {
|
src = builtins.fetchurl {
|
||||||
url = "https://acrosync.com/duplicacy-web/duplicacy_web_linux_x64_${version}";
|
url = "https://acrosync.com/duplicacy-web/duplicacy_web_linux_x64_${version}";
|
||||||
sha256 = "f0b4d4c16781a6ccb137f161df9de86574e7a55660c582682c63062e26476c4a";
|
sha256 = "f0b4d4c16781a6ccb137f161df9de86574e7a55660c582682c63062e26476c4a";
|
||||||
};
|
};
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
dontUnpack = true;
|
dontUnpack = true;
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
install -D $src $out/duplicacy-web
|
install -D $src $out/duplicacy-web
|
||||||
chmod a+x $out/duplicacy-web
|
chmod a+x $out/duplicacy-web
|
||||||
'';
|
'';
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
homepage = "https://duplicacy.com";
|
homepage = "https://duplicacy.com";
|
||||||
description = "A new generation cloud backup tool";
|
description = "A new generation cloud backup tool";
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
license = licenses.unfreeRedistributable;
|
license = licenses.unfreeRedistributable;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue