1
0
Fork 0

Standardize formatting using the Nix RFC style, even though it means using spaces 🤢

This commit is contained in:
Aires 2024-05-07 18:02:59 -04:00
parent f0ddde868d
commit 0a412d6f26
50 changed files with 2049 additions and 1770 deletions

218
flake.nix
View file

@ -1,116 +1,132 @@
# Based on the Auxolotl template: https://github.com/auxolotl/templates # Based on the Auxolotl template: https://github.com/auxolotl/templates
# For info on Flakes, see: https://nixos-and-flakes.thiscute.world/nixos-with-flakes/nixos-with-flakes-enabled # For info on Flakes, see: https://nixos-and-flakes.thiscute.world/nixos-with-flakes/nixos-with-flakes-enabled
{ {
description = "Aires' system Flake"; description = "Aires' system Flake";
inputs = {
# Track base packages against unstable
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
# Replace Nix with Lix: https://lix.systems/ inputs = {
lix = { # Track base packages against unstable
url = "git+https://git@git.lix.systems/lix-project/lix?ref=refs/tags/2.90-beta.1"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake = false;
};
lix-module = {
url = "git+https://git.lix.systems/lix-project/nixos-module";
inputs.lix.follows = "lix";
inputs.nixpkgs.follows = "nixpkgs";
};
# SecureBoot support # Replace Nix with Lix: https://lix.systems/
lanzaboote.url = "github:nix-community/lanzaboote/v0.3.0"; lix = {
url = "git+https://git@git.lix.systems/lix-project/lix?ref=refs/tags/2.90-beta.1";
flake = false;
};
lix-module = {
url = "git+https://git.lix.systems/lix-project/nixos-module";
inputs.lix.follows = "lix";
inputs.nixpkgs.follows = "nixpkgs";
};
# Flatpak support # SecureBoot support
nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1"; lanzaboote.url = "github:nix-community/lanzaboote/v0.3.0";
# Hardware configurations # Flatpak support
nixos-hardware.url = "github:NixOS/nixos-hardware"; nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1";
# Home-manager # Hardware configurations
home-manager = { nixos-hardware.url = "github:NixOS/nixos-hardware";
url = "github:nix-community/home-manager/master";
inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list where available
};
# TODO: Add Disko - https://github.com/nix-community/disko
};
outputs = inputs@{ self, nixpkgs, lanzaboote, nix-flatpak, home-manager, nixos-hardware, lix-module, ... }: # Home-manager
let home-manager = {
forAllSystems = function: url = "github:nix-community/home-manager/master";
nixpkgs.lib.genAttrs [ inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list where available
"x86_64-linux" };
"aarch64-linux"
] (system: function nixpkgs.legacyPackages.${system});
config.allowUnfree = true;
# Define shared modules and imports
defaultModules = {
base = [
{ _module.args = { inherit inputs; }; }
./hosts/default.nix
lix-module.nixosModules.default
lanzaboote.nixosModules.lanzaboote
nix-flatpak.nixosModules.nix-flatpak
home-manager.nixosModules.home-manager {
home-manager = {
/*
When running, Home Manager will use the global package cache.
It will also back up any files that it would otherwise overwrite.
The originals will have the extension shown below.
*/
useGlobalPkgs = true;
useUserPackages = true;
backupFileExtension = "home-manager-backup";
};
}
];
};
in {
formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style);
nixosConfigurations = {
Dimaga = nixpkgs.lib.nixosSystem { # TODO: Add Disko - https://github.com/nix-community/disko
system = "x86_64-linux"; };
modules = defaultModules.base ++ [
nixos-hardware.nixosModules.common-cpu-intel
./hosts/Dimaga
];
};
Haven = nixpkgs.lib.nixosSystem { outputs =
system = "x86_64-linux"; inputs@{
modules = defaultModules.base ++ [ self,
nixos-hardware.nixosModules.common-cpu-amd-pstate nixpkgs,
./hosts/Haven lanzaboote,
]; nix-flatpak,
}; home-manager,
nixos-hardware,
lix-module,
...
}:
let
forAllSystems =
function:
nixpkgs.lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
] (system: function nixpkgs.legacyPackages.${system});
config.allowUnfree = true;
Khanda = nixpkgs.lib.nixosSystem { # Define shared modules and imports
system = "x86_64-linux"; defaultModules = {
modules = defaultModules.base ++ [ base = [
nixos-hardware.nixosModules.microsoft-surface-pro-intel {
./hosts/Khanda _module.args = {
]; inherit inputs;
}; };
}
./hosts/default.nix
lix-module.nixosModules.default
lanzaboote.nixosModules.lanzaboote
nix-flatpak.nixosModules.nix-flatpak
home-manager.nixosModules.home-manager
{
home-manager = {
/*
When running, Home Manager will use the global package cache.
It will also back up any files that it would otherwise overwrite.
The originals will have the extension shown below.
*/
useGlobalPkgs = true;
useUserPackages = true;
backupFileExtension = "home-manager-backup";
};
}
];
};
in
{
formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style);
nixosConfigurations = {
Pihole = nixpkgs.lib.nixosSystem { Dimaga = nixpkgs.lib.nixosSystem {
system = "aarch64-linux"; system = "x86_64-linux";
modules = defaultModules.base ++ [ modules = defaultModules.base ++ [
nixos-hardware.nixosModules.raspberry-pi-4 nixos-hardware.nixosModules.common-cpu-intel
./hosts/Pihole ./hosts/Dimaga
]; ];
}; };
Shura = nixpkgs.lib.nixosSystem { Haven = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = defaultModules.base ++ [ modules = defaultModules.base ++ [
nixos-hardware.nixosModules.lenovo-legion-16arha7 nixos-hardware.nixosModules.common-cpu-amd-pstate
./hosts/Shura ./hosts/Haven
]; ];
}; };
};
};
}
Khanda = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = defaultModules.base ++ [
nixos-hardware.nixosModules.microsoft-surface-pro-intel
./hosts/Khanda
];
};
Pihole = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = defaultModules.base ++ [
nixos-hardware.nixosModules.raspberry-pi-4
./hosts/Pihole
];
};
Shura = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = defaultModules.base ++ [
nixos-hardware.nixosModules.lenovo-legion-16arha7
./hosts/Shura
];
};
};
};
}

View file

@ -1,39 +1,40 @@
{ pkgs, ... }: { { pkgs, ... }:
imports = [ ./hardware-configuration.nix ]; {
imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { host = {
role = "workstation"; role = "workstation";
apps = { apps = {
development.enable = true; development.enable = true;
kdeconnect.enable = true; kdeconnect.enable = true;
media.enable = true; media.enable = true;
office.enable = true; office.enable = true;
writing.enable = true; writing.enable = true;
}; };
ui = { ui = {
flatpak.enable = true; flatpak.enable = true;
gnome.enable = true; gnome.enable = true;
}; };
users = { users = {
aires = { aires = {
enable = true; enable = true;
autologin = true; autologin = true;
services = { services = {
syncthing = { syncthing = {
enable = true; enable = true;
autostart = true; autostart = true;
enableTray = false; enableTray = false;
}; };
}; };
}; };
}; };
}; };
# Configure the virtual machine created by nixos-rebuild build-vm # Configure the virtual machine created by nixos-rebuild build-vm
virtualisation.vmVariant.virtualisation = { virtualisation.vmVariant.virtualisation = {
memorySize = 2048; memorySize = 2048;
cores = 2; cores = 2;
}; };
} }

View file

@ -1,49 +1,62 @@
# Surface Laptop Go 1st gen # Surface Laptop Go 1st gen
{ config, lib, pkgs, modulesPath, ... }: { {
imports = [ config,
(modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = { boot = {
initrd = { initrd = {
availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; availableKernelModules = [
kernelModules = [ ]; "xhci_pci"
luks.devices."luks-5a91100b-8ed9-4090-b1d8-d8291000fe38".device = "/dev/disk/by-uuid/5a91100b-8ed9-4090-b1d8-d8291000fe38"; "nvme"
}; "usb_storage"
"usbhid"
"sd_mod"
];
kernelModules = [ ];
luks.devices."luks-5a91100b-8ed9-4090-b1d8-d8291000fe38".device = "/dev/disk/by-uuid/5a91100b-8ed9-4090-b1d8-d8291000fe38";
};
kernelModules = [ "kvm-intel" ]; kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ]; extraModulePackages = [ ];
}; };
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-uuid/76d67291-5aed-4f2a-b71f-1c2871cefe24"; device = "/dev/disk/by-uuid/76d67291-5aed-4f2a-b71f-1c2871cefe24";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@,compress=zstd" ]; options = [ "subvol=@,compress=zstd" ];
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/0C53-A645"; device = "/dev/disk/by-uuid/0C53-A645";
fsType = "vfat"; fsType = "vfat";
}; };
}; };
swapDevices = [{ swapDevices = [
device = "/swapfile"; {
size = 4096; device = "/swapfile";
}]; size = 4096;
}
];
networking = { networking = {
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = lib.mkDefault true; useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
# Set the hostname. # Set the hostname.
hostName = "Dimaga"; hostName = "Dimaga";
}; };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

View file

@ -1,69 +1,73 @@
{ pkgs, home-manager, lib, config, ... }: {
pkgs,
home-manager,
lib,
config,
...
}:
let let
start-haven = pkgs.writeShellScriptBin "start-haven" (builtins.readFile ./start-haven.sh); start-haven = pkgs.writeShellScriptBin "start-haven" (builtins.readFile ./start-haven.sh);
in in
{ {
imports = [ ./hardware-configuration.nix ]; imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
system.autoUpgrade.enable = lib.mkForce false; system.autoUpgrade.enable = lib.mkForce false;
host = { host = {
role = "server"; role = "server";
apps.development.kubernetes.enable = true; apps.development.kubernetes.enable = true;
services = { services = {
apcupsd.enable = true; apcupsd.enable = true;
duplicacy-web = { duplicacy-web = {
enable = true; enable = true;
autostart = false; autostart = false;
environment = "${config.users.users.aires.home}"; environment = "${config.users.users.aires.home}";
}; };
k3s = { k3s = {
enable = true; enable = true;
role = "server"; role = "server";
}; };
msmtp.enable = true; msmtp.enable = true;
}; };
users = { users = {
aires = { aires = {
enable = true; enable = true;
services = { services = {
syncthing = { syncthing = {
enable = true; enable = true;
autostart = false; autostart = false;
}; };
}; };
}; };
media.enable = true; media.enable = true;
}; };
}; };
# Enable SSH # Enable SSH
services.openssh = { services.openssh = {
enable = true; enable = true;
ports = [ 33105 ]; ports = [ 33105 ];
settings = { settings = {
# require public key authentication for better security # require public key authentication for better security
PasswordAuthentication = false; PasswordAuthentication = false;
KbdInteractiveAuthentication = false; KbdInteractiveAuthentication = false;
PubkeyAuthentication = true; PubkeyAuthentication = true;
PermitRootLogin = "without-password";
};
};
# Enable mdadm and Sapana (RAID 5 primary storage) PermitRootLogin = "without-password";
boot.swraid = { };
enable = true; };
# mdadmConf configured in nix-secrets
};
# Open port for OpenVPN # Enable mdadm and Sapana (RAID 5 primary storage)
networking.firewall.allowedUDPPorts = [ 1194 ]; boot.swraid = {
enable = true;
# mdadmConf configured in nix-secrets
};
# Add script for booting Haven # Open port for OpenVPN
environment.systemPackages = [ networking.firewall.allowedUDPPorts = [ 1194 ];
start-haven
]; # Add script for booting Haven
environment.systemPackages = [ start-haven ];
} }

View file

@ -1,51 +1,67 @@
# Minisforum UM340 # Minisforum UM340
{ config, lib, pkgs, modulesPath, ... }: { {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") ]; lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = { boot = {
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];
kernelModules = [ "kvm-amd" ]; kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ]; extraModulePackages = [ ];
initrd = { initrd = {
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];
availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "btrfs" ]; availableKernelModules = [
kernelModules = [ ]; "nvme"
}; "xhci_pci"
}; "ahci"
"usb_storage"
"usbhid"
"sd_mod"
"btrfs"
];
kernelModules = [ ];
};
};
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a"; device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@,compress=zstd" ]; options = [ "subvol=@,compress=zstd" ];
}; };
"/home" = { "/home" = {
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a"; device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home,compress=zstd" ]; options = [ "subvol=@home,compress=zstd" ];
}; };
"/swap" = { "/swap" = {
device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a"; device = "/dev/disk/by-uuid/2c76c660-3573-4622-8771-f23fa7ee302a";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@swap" ]; options = [ "subvol=@swap" ];
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/0120-A755"; device = "/dev/disk/by-uuid/0120-A755";
fsType = "vfat"; fsType = "vfat";
}; };
}; };
swapDevices = [{ swapDevices = [
device = "/swap/swapfile"; {
size = 16384; device = "/swap/swapfile";
}]; size = 16384;
}
];
networking = { networking = {
useDHCP = lib.mkDefault true; useDHCP = lib.mkDefault true;
hostName = "Haven"; hostName = "Haven";
}; };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
} }

View file

@ -1,44 +1,45 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
imports = [ ./hardware-configuration.nix ]; {
imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
system.autoUpgrade.enable = lib.mkForce false; system.autoUpgrade.enable = lib.mkForce false;
host = { host = {
role = "workstation"; role = "workstation";
apps = { apps = {
development.enable = true; development.enable = true;
kdeconnect.enable = true; kdeconnect.enable = true;
media.enable = true; media.enable = true;
office.enable = true; office.enable = true;
social.enable = true; social.enable = true;
writing.enable = true; writing.enable = true;
}; };
ui = { ui = {
flatpak.enable = true; flatpak.enable = true;
gnome.enable = true; gnome.enable = true;
}; };
users = { users = {
aires = { aires = {
enable = true; enable = true;
autologin = true; autologin = true;
services = { services = {
syncthing = { syncthing = {
enable = true; enable = true;
autostart = true; autostart = true;
enableTray = false; enableTray = false;
}; };
}; };
}; };
}; };
}; };
# Build remotely # Build remotely
nix.distributedBuilds = true; nix.distributedBuilds = true;
# Configure the virtual machine created by nixos-rebuild build-vm # Configure the virtual machine created by nixos-rebuild build-vm
virtualisation.vmVariant.virtualisation = { virtualisation.vmVariant.virtualisation = {
memorySize = 2048; memorySize = 2048;
cores = 2; cores = 2;
}; };
} }

View file

@ -1,56 +1,103 @@
# Surface Pro 9 # Surface Pro 9
{ config, lib, pkgs, modulesPath, ... }: { {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = { boot = {
initrd = { initrd = {
availableKernelModules = [ "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "tpm_crb" "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "surface_kbd" "pinctrl_tigerlake" ]; availableKernelModules = [
kernelModules = [ "tpm_crb" "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "surface_hid" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "surface_kbd" "pinctrl_tigerlake" ]; "surface_aggregator"
"surface_aggregator_registry"
"surface_aggregator_hub"
"surface_hid_core"
"hid_multitouch"
"8250_dw"
"intel_lpss"
"intel_lpss_pci"
"tpm_crb"
"xhci_pci"
"thunderbolt"
"nvme"
"usb_storage"
"sd_mod"
"surface_kbd"
"pinctrl_tigerlake"
];
kernelModules = [
"tpm_crb"
"surface_aggregator"
"surface_aggregator_registry"
"surface_aggregator_hub"
"surface_hid_core"
"surface_hid"
"hid_multitouch"
"8250_dw"
"intel_lpss"
"intel_lpss_pci"
"surface_kbd"
"pinctrl_tigerlake"
];
luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = { luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = {
device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1"; device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1";
crypttabExtraOpts = [ "tpm2-device=auto" ]; crypttabExtraOpts = [ "tpm2-device=auto" ];
}; };
}; };
kernelModules = [ "kvm-intel" "tpm_crb" "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "surface_hid" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "surface_kbd" "pinctrl_tigerlake" ]; kernelModules = [
extraModulePackages = [ ]; "kvm-intel"
}; "tpm_crb"
"surface_aggregator"
"surface_aggregator_registry"
"surface_aggregator_hub"
"surface_hid_core"
"surface_hid"
"hid_multitouch"
"8250_dw"
"intel_lpss"
"intel_lpss_pci"
"surface_kbd"
"pinctrl_tigerlake"
];
extraModulePackages = [ ];
};
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58"; device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@,compress=zstd" ]; options = [ "subvol=@,compress=zstd" ];
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/DD2A-9C83"; device = "/dev/disk/by-uuid/DD2A-9C83";
fsType = "vfat"; fsType = "vfat";
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; } ];
{ device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; }
];
networking = { networking = {
useDHCP = lib.mkDefault true; useDHCP = lib.mkDefault true;
hostName = "Khanda"; hostName = "Khanda";
}; };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# Install/configure additional drivers, particularly for touch # Install/configure additional drivers, particularly for touch
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ libwacom-surface ];
libwacom-surface microsoft-surface = {
]; ipts.enable = true;
microsoft-surface = { surface-control.enable = true;
ipts.enable = true; };
surface-control.enable = true;
};
# FIXME: Use default kernel to avoid full kernel rebuilds # NOTE: Use a default kernel to skip full kernel rebuilds
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; # boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
} }

View file

@ -1,36 +1,37 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
imports = [ ./hardware-configuration.nix ]; {
imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { host = {
role = "server"; role = "server";
users.aires.enable = true; users.aires.enable = true;
boot.enable = false; boot.enable = false;
}; };
networking.hostName = "Pihole"; networking.hostName = "Pihole";
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
libraspberrypi libraspberrypi
raspberrypifw raspberrypifw
raspberrypi-eeprom raspberrypi-eeprom
linuxKernel.kernels.linux_rpi4 linuxKernel.kernels.linux_rpi4
]; ];
# Connect to the network automagically # Connect to the network automagically
networking.networkmanager.enable = lib.mkForce false; networking.networkmanager.enable = lib.mkForce false;
# Enable SSH # Enable SSH
services.openssh = { services.openssh = {
enable = true; enable = true;
ports = [ 33105 ]; ports = [ 33105 ];
settings = { settings = {
PasswordAuthentication = true; PasswordAuthentication = true;
AllowUsers = ["aires"]; AllowUsers = [ "aires" ];
PermitRootLogin = "no"; PermitRootLogin = "no";
}; };
}; };
} }

View file

@ -1,42 +1,49 @@
# Raspberry Pi 4B # Raspberry Pi 4B
# See https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4 # See https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4
{ config, lib, pkgs, modulesPath, nixos-hardware, ... }: {
config,
lib,
pkgs,
modulesPath,
nixos-hardware,
...
}:
{ {
imports = [ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.loader = lib.mkForce { boot.loader = lib.mkForce {
grub.enable = false; grub.enable = false;
generic-extlinux-compatible.enable = true; generic-extlinux-compatible.enable = true;
}; };
#boot.kernelParams = [ #boot.kernelParams = [
# "console=serial0,115200n8" # "console=serial0,115200n8"
#]; #];
fileSystems ."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = [{ swapDevices = [
device = "/swapfile"; {
size = 2048; device = "/swapfile";
}]; size = 2048;
}
];
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
networking.wireless.enable = true; networking.wireless.enable = true;
hardware = { hardware = {
raspberry-pi."4" = { raspberry-pi."4" = {
apply-overlays-dtmerge.enable = true; apply-overlays-dtmerge.enable = true;
}; };
deviceTree = { deviceTree = {
enable = true; enable = true;
filter = "*rpi-4-*.dtb"; filter = "*rpi-4-*.dtb";
}; };
}; };
} }

View file

@ -1,72 +1,83 @@
{ config, pkgs, lib, ... }: {
let config,
# Copy bluetooth device configs pkgs,
shure-aonic-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/shure-aonic-bluetooth-params); lib,
xbox-elite-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/xbox-elite-controller-bluetooth-params); ...
mano-touchpad-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/mano-touchpad-bluetooth-params); }:
let
# Copy bluetooth device configs
shure-aonic-bluetooth = pkgs.writeText "info" (
builtins.readFile ./bluetooth/shure-aonic-bluetooth-params
);
xbox-elite-bluetooth = pkgs.writeText "info" (
builtins.readFile ./bluetooth/xbox-elite-controller-bluetooth-params
);
mano-touchpad-bluetooth = pkgs.writeText "info" (
builtins.readFile ./bluetooth/mano-touchpad-bluetooth-params
);
# Use gremlin user's monitor configuration for GDM (desktop monitor primary). See https://discourse.nixos.org/t/gdm-monitor-configuration/6356/4 # Use gremlin user's monitor configuration for GDM (desktop monitor primary). See https://discourse.nixos.org/t/gdm-monitor-configuration/6356/4
monitorsXmlContent = builtins.readFile ./monitors.xml; monitorsXmlContent = builtins.readFile ./monitors.xml;
monitorsConfig = pkgs.writeText "gdm_monitors.xml" monitorsXmlContent; monitorsConfig = pkgs.writeText "gdm_monitors.xml" monitorsXmlContent;
in in
{ {
imports = [ ./hardware-configuration.nix ]; imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { host = {
role = "workstation"; role = "workstation";
apps = { apps = {
development = { development = {
enable = true; enable = true;
kubernetes.enable = true; kubernetes.enable = true;
}; };
dj.enable = true; dj.enable = true;
gaming.enable = true; gaming.enable = true;
kdeconnect.enable = true; kdeconnect.enable = true;
media.enable = true; media.enable = true;
office.enable = true; office.enable = true;
recording.enable = true; recording.enable = true;
social.enable = true; social.enable = true;
writing.enable = true; writing.enable = true;
}; };
ui = { ui = {
flatpak.enable = true; flatpak.enable = true;
gnome.enable = true; gnome.enable = true;
}; };
users = { users = {
aires = { aires = {
enable = true; enable = true;
services.syncthing = { services.syncthing = {
enable = true; enable = true;
enableTray = false; # Recent versions of STT don't recognize Gnome's tray. Uninstalling for now. enableTray = false; # Recent versions of STT don't recognize Gnome's tray. Uninstalling for now.
}; };
}; };
gremlin = { gremlin = {
enable = true; enable = true;
services.syncthing = { services.syncthing = {
enable = true; enable = true;
enableTray = false; enableTray = false;
}; };
}; };
}; };
}; };
# Move files into target system # Move files into target system
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
# Use gremlin user's monitor config for GDM (defined above) # Use gremlin user's monitor config for GDM (defined above)
"L+ /run/gdm/.config/monitors.xml - - - - ${monitorsConfig}" "L+ /run/gdm/.config/monitors.xml - - - - ${monitorsConfig}"
# Install Bluetooth device profiles # Install Bluetooth device profiles
"d /var/lib/bluetooth/AC:50:DE:9F:AB:88/ 0700 root root" # First, make sure the directory exists "d /var/lib/bluetooth/AC:50:DE:9F:AB:88/ 0700 root root" # First, make sure the directory exists
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/00:0E:DD:72:2F:0C/info - - - - ${shure-aonic-bluetooth}" "L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/00:0E:DD:72:2F:0C/info - - - - ${shure-aonic-bluetooth}"
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F4:6A:D7:3A:16:75/info - - - - ${xbox-elite-bluetooth}" "L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F4:6A:D7:3A:16:75/info - - - - ${xbox-elite-bluetooth}"
"L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F8:5D:3C:7D:9A:00/info - - - - ${mano-touchpad-bluetooth}" "L+ /var/lib/bluetooth/AC:50:DE:9F:AB:88/F8:5D:3C:7D:9A:00/info - - - - ${mano-touchpad-bluetooth}"
]; ];
# Configure the virtual machine created by nixos-rebuild build-vm # Configure the virtual machine created by nixos-rebuild build-vm
virtualisation.vmVariant.virtualisation = { virtualisation.vmVariant.virtualisation = {
memorySize = 4096; memorySize = 4096;
cores = 4; cores = 4;
}; };
} }

View file

@ -1,68 +1,89 @@
# Lenovo Legion Slim 7 Gen 7 AMD (16ARHA7) # Lenovo Legion Slim 7 Gen 7 AMD (16ARHA7)
{ config, lib, pkgs, modulesPath, ... }: { {
imports = [ config,
(modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
# Configure the kernel. # Configure the kernel.
boot = { boot = {
# First, install the latest Zen kernel # First, install the latest Zen kernel
kernelPackages = pkgs.linuxPackages_zen; kernelPackages = pkgs.linuxPackages_zen;
# Hardware defaults detected by nixos-generate-configuration # Hardware defaults detected by nixos-generate-configuration
initrd = { initrd = {
# SystemD in the initrd is required for TPM auto-unlocking. # SystemD in the initrd is required for TPM auto-unlocking.
# See https://discourse.nixos.org/t/full-disk-encryption-tpm2/29454/2 # See https://discourse.nixos.org/t/full-disk-encryption-tpm2/29454/2
# If the LUKS volume is recently created, run this command to bind it to the TPM: # If the LUKS volume is recently created, run this command to bind it to the TPM:
# sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/<device> # sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/<device>
systemd.enable = true; systemd.enable = true;
availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" "tpm_crb" ]; availableKernelModules = [
kernelModules = [ "amdgpu" "tpm_crb" ]; "nvme"
luks.devices."luks-bcf67e34-339e-40b9-8ffd-bec8f7f55248" = { "xhci_pci"
device = "/dev/disk/by-uuid/bcf67e34-339e-40b9-8ffd-bec8f7f55248"; "usbhid"
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking "usb_storage"
}; "sd_mod"
}; "rtsx_pci_sdmmc"
"tpm_crb"
kernelModules = [ "kvm-amd" ]; ];
}; kernelModules = [
"amdgpu"
"tpm_crb"
];
luks.devices."luks-bcf67e34-339e-40b9-8ffd-bec8f7f55248" = {
device = "/dev/disk/by-uuid/bcf67e34-339e-40b9-8ffd-bec8f7f55248";
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking
};
};
fileSystems = { kernelModules = [ "kvm-amd" ];
"/" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7"; };
fsType = "btrfs";
options = [ "subvol=@,compress=zstd" ];
};
"/home" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
fsType = "btrfs";
options = [ "subvol=@home,compress=zstd" ];
};
"/swap" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
fsType = "btrfs";
options = [ "subvol=@swap" ];
};
"/boot" = {
device = "/dev/disk/by-uuid/AFCB-D880";
fsType = "vfat";
};
};
swapDevices = [{ fileSystems = {
device = "/swap/swapfile"; "/" = {
size = 16384; device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
}]; fsType = "btrfs";
options = [ "subvol=@,compress=zstd" ];
};
"/home" = {
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
fsType = "btrfs";
options = [ "subvol=@home,compress=zstd" ];
};
"/swap" = {
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
fsType = "btrfs";
options = [ "subvol=@swap" ];
};
"/boot" = {
device = "/dev/disk/by-uuid/AFCB-D880";
fsType = "vfat";
};
};
networking = { swapDevices = [
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking {
# (the default) this is the recommended approach. When using systemd-networkd it's device = "/swap/swapfile";
# still possible to use this option, but it's recommended to use it in conjunction size = 16384;
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. }
useDHCP = lib.mkDefault true; ];
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
# Set the hostname. networking = {
hostName = "Shura"; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
}; # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; # Set the hostname.
hostName = "Shura";
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
} }

View file

@ -1,15 +1,16 @@
{ lib, pkgs, ... }: { lib, pkgs, ... }:
let let
# Fetch secrets # Fetch secrets
# IMPORTANT: Make sure this repo exists on the filesystem first! # IMPORTANT: Make sure this repo exists on the filesystem first!
nix-secrets = builtins.fetchGit { nix-secrets = builtins.fetchGit {
url = "/home/aires/Development/nix-configuration/nix-secrets"; url = "/home/aires/Development/nix-configuration/nix-secrets";
ref = "main"; ref = "main";
rev = "55fc814d477d956ab885e157f24c2d43f433dc7a"; rev = "55fc814d477d956ab885e157f24c2d43f433dc7a";
}; };
in{ in
imports = [ {
"${nix-secrets}/default.nix" imports = [
../modules/autoimport.nix "${nix-secrets}/default.nix"
]; ../modules/autoimport.nix
];
} }

View file

@ -1,36 +1,41 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
let let
cfg = config.host.apps.development; cfg = config.host.apps.development;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.development = { host.apps.development = {
enable = mkEnableOption (mdDoc "Enables development tools"); enable = mkEnableOption (mdDoc "Enables development tools");
kubernetes.enable = mkEnableOption (mdDoc "Enables kubectl, virtctl, and similar tools."); kubernetes.enable = mkEnableOption (mdDoc "Enables kubectl, virtctl, and similar tools.");
}; };
}; };
config = mkMerge [ config = mkMerge [
(mkIf cfg.enable { (mkIf cfg.enable {
host.ui.flatpak.enable = true; host.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [
"com.vscodium.codium" "com.vscodium.codium"
"dev.k8slens.OpenLens" "dev.k8slens.OpenLens"
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
statix # Nix linting tool statix # Nix linting tool
]; ];
}) })
(mkIf cfg.kubernetes.enable { (mkIf cfg.kubernetes.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
kubectl kubectl
kubernetes-helm kubernetes-helm
kubevirt # Virtctl command-line tool kubevirt # Virtctl command-line tool
]; ];
}) })
]; ];
} }

View file

@ -1,19 +1,17 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.dj; cfg = config.host.apps.dj;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.dj.enable = mkEnableOption (mdDoc "Enables DJing tools (i.e. Mixxx)"); host.apps.dj.enable = mkEnableOption (mdDoc "Enables DJing tools (i.e. Mixxx)");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; host.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [ "org.mixxx.Mixxx" ];
"org.mixxx.Mixxx" };
]; }
};
}

View file

@ -1,27 +1,32 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
# Gaming-related settings # Gaming-related settings
let let
cfg = config.host.apps.gaming; cfg = config.host.apps.gaming;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.gaming.enable = mkEnableOption (mdDoc "Enables gaming features"); host.apps.gaming.enable = mkEnableOption (mdDoc "Enables gaming features");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; host.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [
"gg.minion.Minion" "gg.minion.Minion"
"com.valvesoftware.Steam" "com.valvesoftware.Steam"
"org.firestormviewer.FirestormViewer" "org.firestormviewer.FirestormViewer"
]; ];
# Enable Xbox controller driver (XPadNeo) # Enable Xbox controller driver (XPadNeo)
boot = { boot = {
extraModulePackages = with config.boot.kernelPackages; [ xpadneo ]; extraModulePackages = with config.boot.kernelPackages; [ xpadneo ];
kernelModules = [ "hid_xpadneo" ]; kernelModules = [ "hid_xpadneo" ];
}; };
}; };
} }

View file

@ -1,22 +1,35 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
let let
cfg = config.host.apps.kdeconnect; cfg = config.host.apps.kdeconnect;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.kdeconnect.enable = mkEnableOption (mdDoc "Enables KDE Connect"); host.apps.kdeconnect.enable = mkEnableOption (mdDoc "Enables KDE Connect");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ gnomeExtensions.gsconnect ];
gnomeExtensions.gsconnect
];
networking.firewall = { networking.firewall = {
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; allowedTCPPortRanges = [
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ]; {
}; from = 1714;
}; to = 1764;
} }
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
};
};
}

View file

@ -1,28 +1,28 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.media; cfg = config.host.apps.media;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.media.enable = mkEnableOption (mdDoc "Enables media playback and editing apps"); host.apps.media.enable = mkEnableOption (mdDoc "Enables media playback and editing apps");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; host.ui.flatpak.enable = true;
services.flatpak = { services.flatpak = {
packages = [ packages = [
"com.calibre_ebook.calibre" "com.calibre_ebook.calibre"
"com.github.unrud.VideoDownloader" "com.github.unrud.VideoDownloader"
"io.github.celluloid_player.Celluloid" "io.github.celluloid_player.Celluloid"
"org.kde.krita" "org.kde.krita"
"org.kde.KStyle.Adwaita//5.15-23.08" # Retrieved from https://docs.flatpak.org/en/latest/desktop-integration.html "org.kde.KStyle.Adwaita//5.15-23.08" # Retrieved from https://docs.flatpak.org/en/latest/desktop-integration.html
"org.kde.KStyle.Adwaita//6.6" "org.kde.KStyle.Adwaita//6.6"
"org.kde.WaylandDecoration.QAdwaitaDecorations//5.15-23.08" # Replaced deprecated QGnomePlatform https://wiki.archlinux.org/title/Uniform_look_for_Qt_and_GTK_applications "org.kde.WaylandDecoration.QAdwaitaDecorations//5.15-23.08" # Replaced deprecated QGnomePlatform https://wiki.archlinux.org/title/Uniform_look_for_Qt_and_GTK_applications
"org.kde.WaylandDecoration.QAdwaitaDecorations//6.6" "org.kde.WaylandDecoration.QAdwaitaDecorations//6.6"
]; ];
}; };
}; };
} }

View file

@ -1,20 +1,20 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.office; cfg = config.host.apps.office;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.office.enable = mkEnableOption (mdDoc "Enables office and workstation apps"); host.apps.office.enable = mkEnableOption (mdDoc "Enables office and workstation apps");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; host.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [
"org.libreoffice.LibreOffice" "org.libreoffice.LibreOffice"
"us.zoom.Zoom" "us.zoom.Zoom"
]; ];
}; };
} }

View file

@ -1,36 +1,36 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.recording; cfg = config.host.apps.recording;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.recording.enable = mkEnableOption (mdDoc "Enables video editing tools"); host.apps.recording.enable = mkEnableOption (mdDoc "Enables video editing tools");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; host.ui.flatpak.enable = true;
services.flatpak = { services.flatpak = {
packages = [ packages = [
"com.obsproject.Studio" "com.obsproject.Studio"
"com.obsproject.Studio.Plugin.DroidCam" "com.obsproject.Studio.Plugin.DroidCam"
"org.kde.kdenlive" "org.kde.kdenlive"
]; ];
}; };
# Add a virtual camera to use with Droidcam # Add a virtual camera to use with Droidcam
boot = { boot = {
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback.out ]; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback.out ];
kernelModules = [ "v4l2loopback" ]; kernelModules = [ "v4l2loopback" ];
# Note on v4l2loopback kernel module parameters: # Note on v4l2loopback kernel module parameters:
# exclusive_caps: Skype, Zoom, Teams etc. will only show device when actually streaming. This MUST be set to 1 for Chrome to detect virtual cameras. # exclusive_caps: Skype, Zoom, Teams etc. will only show device when actually streaming. This MUST be set to 1 for Chrome to detect virtual cameras.
# card_label: Name of virtual camera, how it'll show up in Skype, Zoom, Teams # card_label: Name of virtual camera, how it'll show up in Skype, Zoom, Teams
# https://github.com/umlaeute/v4l2loopback # https://github.com/umlaeute/v4l2loopback
extraModprobeConfig = '' extraModprobeConfig = ''
options v4l2loopback exclusive_caps=1 card_label="Virtual Camera" options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
''; '';
}; };
}; };
} }

View file

@ -1,24 +1,27 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
let let
cfg = config.host.apps.social; cfg = config.host.apps.social;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.social.enable = mkEnableOption (mdDoc "Enables chat apps"); host.apps.social.enable = mkEnableOption (mdDoc "Enables chat apps");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# Check Beeper Flatpak status here: https://github.com/daegalus/beeper-flatpak-wip/issues/1 # Check Beeper Flatpak status here: https://github.com/daegalus/beeper-flatpak-wip/issues/1
beeper beeper
]; ];
host.ui.flatpak.enable = true; host.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [ "com.discordapp.Discord" ];
"com.discordapp.Discord" };
];
};
} }

View file

@ -1,19 +1,24 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
let let
cfg = config.host.apps.tmux; cfg = config.host.apps.tmux;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.tmux.enable = mkEnableOption (mdDoc "Enables tmux - terminal multiplexer"); host.apps.tmux.enable = mkEnableOption (mdDoc "Enables tmux - terminal multiplexer");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.tmux = { programs.tmux = {
enable = true; enable = true;
newSession = true; newSession = true;
clock24 = true; clock24 = true;
}; };
}; };
} }

View file

@ -1,29 +1,34 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
let let
cfg = config.host.apps.writing; cfg = config.host.apps.writing;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.writing.enable = mkEnableOption (mdDoc "Enables writing and editing tools"); host.apps.writing.enable = mkEnableOption (mdDoc "Enables writing and editing tools");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Install packages for building ebooks # Install packages for building ebooks
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
haskellPackages.pandoc haskellPackages.pandoc
haskellPackages.pandoc-cli haskellPackages.pandoc-cli
haskellPackages.pandoc-crossref haskellPackages.pandoc-crossref
texliveSmall texliveSmall
]; ];
# Spelling and grammer checking: hosted on localhost:8081 # Spelling and grammer checking: hosted on localhost:8081
services.languagetool = { services.languagetool = {
enable = true; enable = true;
port = 8090; port = 8090;
public = false; public = false;
allowOrigin = "*"; allowOrigin = "*";
}; };
}; };
} }

View file

@ -3,24 +3,27 @@
{ lib, ... }: { lib, ... }:
with lib; with lib;
let let
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype # Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
getDir = dir: mapAttrs getDir =
(file: type: dir:
if type == "directory" then getDir "${dir}/${file}" else type mapAttrs (file: type: if type == "directory" then getDir "${dir}/${file}" else type) (
) builtins.readDir dir
(builtins.readDir dir); );
# Collects all files of a directory as a list of strings of paths # Collects all files of a directory as a list of strings of paths
files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir)); files =
dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
# Filters out directories that belong to home-manager, and don't end with .nix or are this file. # Filters out directories that belong to home-manager, and don't end with .nix or are this file.
# Also, make the strings absolute # Also, make the strings absolute
validFiles = dir: map validFiles =
(file: ./. + "/${file}") dir:
(filter map (file: ./. + "/${file}") (
(file: ! hasInfix "home-manager" file && file != "autoimport.nix" && hasSuffix ".nix" file) filter (file: !hasInfix "home-manager" file && file != "autoimport.nix" && hasSuffix ".nix" file) (
(files dir)); files dir
)
);
in in
{ {
imports = validFiles ./.; imports = validFiles ./.;
} }

View file

@ -1,34 +1,37 @@
{ lib, config, pkgs, ... }: {
lib,
config,
pkgs,
...
}:
let let
cfg = config.host.ui.bluetooth; cfg = config.host.ui.bluetooth;
in in
with lib; with lib;
{ {
options = { options = {
host.ui.bluetooth = { host.ui.bluetooth = {
enable = mkEnableOption (mdDoc "Enables bluetooth"); enable = mkEnableOption (mdDoc "Enables bluetooth");
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Set up Bluetooth # Set up Bluetooth
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
powerOnBoot = true; powerOnBoot = true;
settings = { settings = {
General = { General = {
Enable = "Source,Sink,Media,Socket"; Enable = "Source,Sink,Media,Socket";
Experimental = true; Experimental = true;
KernelExperimental = true; KernelExperimental = true;
}; };
}; };
}; };
# Add Bluetooth LE audio support # Add Bluetooth LE audio support
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ liblc3 ];
liblc3 };
]; }
};
}

View file

@ -1,62 +1,67 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
# Bootloader # Bootloader
let let
cfg = config.host.boot; cfg = config.host.boot;
in in
with lib; with lib;
{ {
options = { options = {
host.boot = { host.boot = {
enable = mkOption { enable = mkOption {
description = "Automatically configures the bootloader. Set to false to configure manually."; description = "Automatically configures the bootloader. Set to false to configure manually.";
type = types.bool; type = types.bool;
default = true; default = true;
}; };
secureboot.enable = mkOption {
description = "Enables Secureboot";
type = types.bool;
default = true;
};
};
};
config = mkIf cfg.enable (mkMerge[ secureboot.enable = mkOption {
(mkIf cfg.secureboot.enable { description = "Enables Secureboot";
boot = { type = types.bool;
# Enable Secure Boot default = true;
bootspec.enable = true; };
};
# Disable systemd-boot. We lanzaboote now. };
loader.systemd-boot.enable = false;
loader.efi.canTouchEfiVariables = true;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
# Increase bootloader font size config = mkIf cfg.enable (mkMerge [
lanzaboote.settings.console-mode = "auto"; (mkIf cfg.secureboot.enable {
}; boot = {
# Enable Secure Boot
bootspec.enable = true;
# Set up TPM. See https://nixos.wiki/wiki/TPM # Disable systemd-boot. We lanzaboote now.
# After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module loader.systemd-boot.enable = false;
environment.systemPackages = with pkgs; [ tpm2-tss ]; loader.efi.canTouchEfiVariables = true;
security.tpm2 = { lanzaboote = {
enable = true; enable = true;
pkcs11.enable = true; pkiBundle = "/etc/secureboot";
tctiEnvironment.enable = true; };
};
})
# Plain boot # Increase bootloader font size
(mkIf (!cfg.secureboot.enable) { lanzaboote.settings.console-mode = "auto";
boot = { };
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true; # Set up TPM. See https://nixos.wiki/wiki/TPM
}; # After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module
}) environment.systemPackages = with pkgs; [ tpm2-tss ];
]); security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
})
# Plain boot
(mkIf (!cfg.secureboot.enable) {
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
};
})
]);
} }

View file

@ -1,10 +1,10 @@
_: { _: {
networking = { networking = {
# Enable networking via NetworkManager # Enable networking via NetworkManager
networkmanager.enable = true; networkmanager.enable = true;
# Enable firewall # Enable firewall
nftables.enable = true; nftables.enable = true;
firewall.enable = true; firewall.enable = true;
}; };
} }

View file

@ -1,45 +1,57 @@
# Nix configuration # Nix configuration
{ pkgs, config, lib, inputs, ... }: { {
nix = { pkgs,
settings = { config,
# Enable Flakes lib,
experimental-features = [ "nix-command" "flakes" ]; inputs,
...
}:
{
nix = {
settings = {
# Enable Flakes
experimental-features = [
"nix-command"
"flakes"
];
# Use Lix instead of Nix # Use Lix instead of Nix
extra-substituters = [ "https://cache.lix.systems" ]; extra-substituters = [ "https://cache.lix.systems" ];
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ]; trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
# Avoid signature verification messages when doing remote builds # Avoid signature verification messages when doing remote builds
trusted-users = [ "${config.users.users.aires.name}" ]; trusted-users = [ "${config.users.users.aires.name}" ];
}; };
# Enable periodic nix store optimization # Enable periodic nix store optimization
optimise.automatic = true; optimise.automatic = true;
# Configure NixOS to use the same software channel as Flakes # Configure NixOS to use the same software channel as Flakes
registry = lib.mapAttrs (_: value: { flake = value; }) inputs; registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# Configure remote build machines (mainly Haven) # Configure remote build machines (mainly Haven)
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config # To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
buildMachines = [{ buildMachines = [
hostName = "haven"; {
systems = [ hostName = "haven";
"x86_64-linux" systems = [
"aarch64-linux" "x86_64-linux"
]; "aarch64-linux"
protocol = "ssh-ng"; ];
supportedFeatures = [ protocol = "ssh-ng";
"nixos-test" supportedFeatures = [
"kvm" "nixos-test"
"benchmark" "kvm"
"big-parllel" "benchmark"
]; "big-parllel"
}]; ];
}
];
# When using a builder, use its package store # When using a builder, use its package store
extraOptions = '' extraOptions = ''
builders-use-substitutes = true builders-use-substitutes = true
''; '';
}; };
} }

View file

@ -1,29 +1,30 @@
# Set up program defaults # Set up program defaults
{ config, ... }: { { config, ... }:
# Set up base apps {
programs = { # Set up base apps
direnv.enable = true; programs = {
direnv.enable = true;
nano = { nano = {
enable = true; enable = true;
syntaxHighlight = true; syntaxHighlight = true;
nanorc = '' nanorc = ''
set linenumbers set linenumbers
set tabsize 4 set tabsize 4
set softwrap set softwrap
''; '';
}; };
nh = { nh = {
enable = true; enable = true;
flake = "${config.users.users.aires.home}/Development/nix-configuration"; flake = "${config.users.users.aires.home}/Development/nix-configuration";
# Alternative garbage collection system to nix.gc.automatic # Alternative garbage collection system to nix.gc.automatic
clean = { clean = {
enable = true; enable = true;
dates = "daily"; dates = "daily";
extraArgs = "--keep-since 7d --keep 10"; # Keep the last 10 entries extraArgs = "--keep-since 7d --keep 10"; # Keep the last 10 entries
}; };
}; };
}; };
} }

View file

@ -1,10 +1,10 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
# Install ZSH for all users # Install ZSH for all users
programs.zsh.enable = true; programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
# Show a neat system statistics screen when opening a terminal # Show a neat system statistics screen when opening a terminal
environment.systemPackages = with pkgs; [ fastfetch ]; environment.systemPackages = with pkgs; [ fastfetch ];
} }

View file

@ -1,54 +1,55 @@
# System options # System options
{ pkgs, config, ... }: { { pkgs, config, ... }:
# Set up the environment {
environment = { # Set up the environment
# Install base packages environment = {
systemPackages = with pkgs; [ # Install base packages
bash systemPackages = with pkgs; [
dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113 bash
direnv dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113
git direnv
home-manager git
nano home-manager
p7zip nano
fastfetch p7zip
nh # Nix Helper: https://github.com/viperML/nh fastfetch
]; nh # Nix Helper: https://github.com/viperML/nh
];
variables = { variables = {
EDITOR = "nano"; # Set default editor to nano EDITOR = "nano"; # Set default editor to nano
}; };
}; };
# Configure automatic updates # Configure automatic updates
system.autoUpgrade = { system.autoUpgrade = {
enable = true; enable = true;
flake = "${config.users.users.aires.home}/Development/nix-configuration"; flake = "${config.users.users.aires.home}/Development/nix-configuration";
dates = "daily"; dates = "daily";
allowReboot = false; allowReboot = false;
operation = "boot"; # Don't switch, just create a boot entry operation = "boot"; # Don't switch, just create a boot entry
}; };
# Enable fwupd (firmware updater) # Enable fwupd (firmware updater)
services.fwupd.enable = true; services.fwupd.enable = true;
# Set your time zone. # Set your time zone.
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
# Select internationalisation properties. # Select internationalisation properties.
i18n = { i18n = {
defaultLocale = "en_US.UTF-8"; defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8"; LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8";
}; };
}; };
} }

View file

@ -1,13 +1,13 @@
{lib, ...}: { lib, ... }:
with lib; with lib;
{ {
options = { options = {
host.role = mkOption { host.role = mkOption {
type = types.enum [ type = types.enum [
"server" "server"
"workstation" "workstation"
]; ];
}; };
}; };
} }

View file

@ -1,16 +1,22 @@
{ config, lib, modulesPath, pkgs, ... }:
let
inherit (config.host) role;
in
with lib;
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
lib,
modulesPath,
pkgs,
...
}:
let
inherit (config.host) role;
in
with lib;
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
config = mkIf (role == "server") { config = mkIf (role == "server") {
host.apps.tmux.enable = true; host.apps.tmux.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
htop htop
mdadm mdadm
]; ];
}; };
} }

View file

@ -1,31 +1,35 @@
{ config, lib, modulesPath, pkgs, ... }:
let
inherit (config.host) role;
in
with lib;
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
lib,
modulesPath,
pkgs,
...
}:
let
inherit (config.host) role;
in
with lib;
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
config = mkIf (role == "workstation") { config = mkIf (role == "workstation") {
host.ui = { host.ui = {
audio.enable = true; audio.enable = true;
bluetooth.enable = true; bluetooth.enable = true;
gnome.enable = true; gnome.enable = true;
flatpak.enable = true; flatpak.enable = true;
}; };
boot = { boot = {
# Enable Plymouth # Enable Plymouth
plymouth.enable = true; plymouth.enable = true;
plymouth.theme = "bgrt"; plymouth.theme = "bgrt";
# Increase minimum log level. This removes ACPI errors from the boot screen. # Increase minimum log level. This removes ACPI errors from the boot screen.
consoleLogLevel = 1; consoleLogLevel = 1;
# Add kernel parameters # Add kernel parameters
kernelParams = [ kernelParams = [ "quiet" ];
"quiet" };
]; };
}; }
};
}

View file

@ -1,17 +1,22 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
let let
cfg = config.host.services.apcupsd; cfg = config.host.services.apcupsd;
in in
with lib; with lib;
{ {
options = { options = {
host.services.apcupsd.enable = mkEnableOption (mdDoc "Enables apcupsd"); host.services.apcupsd.enable = mkEnableOption (mdDoc "Enables apcupsd");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.apcupsd = { services.apcupsd = {
enable = true; enable = true;
configText = builtins.readFile ./etc/apcupsd.conf; configText = builtins.readFile ./etc/apcupsd.conf;
}; };
}; };
} }

View file

@ -1,9 +1,10 @@
# Services to run on BTRFS filesystems. # Services to run on BTRFS filesystems.
# Only run if the root partition is BTRFS. # Only run if the root partition is BTRFS.
{ config, lib, ... }: { { config, lib, ... }:
services.btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") { {
enable = true; services.btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
interval = "weekly"; enable = true;
fileSystems = [ "/" ]; interval = "weekly";
}; fileSystems = [ "/" ];
} };
}

View file

@ -1,52 +1,58 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
let let
cfg = config.host.services.duplicacy-web; cfg = config.host.services.duplicacy-web;
duplicacy-web = pkgs.callPackage ../../packages/duplicacy-web.nix { inherit pkgs lib; }; duplicacy-web = pkgs.callPackage ../../packages/duplicacy-web.nix { inherit pkgs lib; };
in in
with lib; with lib;
rec { rec {
options = { options = {
host.services.duplicacy-web = { host.services.duplicacy-web = {
enable = mkEnableOption (mdDoc "Enables duplicacy-web"); enable = mkEnableOption (mdDoc "Enables duplicacy-web");
autostart = mkOption { autostart = mkOption {
default = true; default = true;
type = types.bool; type = types.bool;
description = "Whether to auto-start duplicacy-web on boot"; description = "Whether to auto-start duplicacy-web on boot";
}; };
environment = mkOption { environment = mkOption {
default = ""; default = "";
type = types.str; type = types.str;
description = "Environment where duplicacy-web stores its config files"; description = "Environment where duplicacy-web stores its config files";
}; };
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
environment.systemPackages = [ environment.systemPackages = [ duplicacy-web ];
duplicacy-web
];
networking.firewall.allowedTCPPorts = [ 3875 ]; networking.firewall.allowedTCPPorts = [ 3875 ];
# Install systemd service. # Install systemd service.
systemd.services."duplicacy-web" = { systemd.services."duplicacy-web" = {
enable = true; enable = true;
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
after = [ "syslog.target" "network-online.target" ]; after = [
description = "Start the Duplicacy backup service and web UI"; "syslog.target"
serviceConfig = { "network-online.target"
Type = "simple"; ];
ExecStart = ''${duplicacy-web}/duplicacy-web''; description = "Start the Duplicacy backup service and web UI";
Restart = "on-failure"; serviceConfig = {
RestartSrc = 10; Type = "simple";
KillMode = "process"; ExecStart = ''${duplicacy-web}/duplicacy-web'';
}; Restart = "on-failure";
environment = { RestartSrc = 10;
HOME = cfg.environment; KillMode = "process";
}; };
} // optionalAttrs cfg.autostart { wantedBy = ["multi-user.target"]; }; # Start at boot if autostart is enabled. environment = {
}; HOME = cfg.environment;
};
} // optionalAttrs cfg.autostart { wantedBy = [ "multi-user.target" ]; }; # Start at boot if autostart is enabled.
};
} }

View file

@ -1,57 +1,60 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
let let
cfg = config.host.services.k3s; cfg = config.host.services.k3s;
in in
with lib; with lib;
{ {
options = { options = {
host.services.k3s = { host.services.k3s = {
enable = mkEnableOption (mdDoc "Enables K3s"); enable = mkEnableOption (mdDoc "Enables K3s");
role = mkOption { role = mkOption {
default = "server"; default = "server";
type = types.enum [ type = types.enum [
"agent" "agent"
"server" "server"
]; ];
description = "Which K3s role to use"; description = "Which K3s role to use";
}; };
serverAddr = mkOption { serverAddr = mkOption {
default = ""; default = "";
type = types.str; type = types.str;
description = "If an agent, this is the address of the server."; description = "If an agent, this is the address of the server.";
}; };
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Add packages for developing with K3s. # Add packages for developing with K3s.
# For details, see https://nixos.wiki/wiki/K3s # For details, see https://nixos.wiki/wiki/K3s
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ k3s ];
k3s
];
networking.firewall = { networking.firewall = {
allowedTCPPorts = [ allowedTCPPorts = [
6443 # k3s: required so that pods can reach the API server (running on port 6443 by default) 6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
# 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration # 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
# 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration # 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
# 8472 # k3s, flannel: required if using multi-node for inter-node networking # 8472 # k3s, flannel: required if using multi-node for inter-node networking
]; ];
}; };
services.k3s = { services.k3s = {
enable = true; enable = true;
inherit (cfg) role; inherit (cfg) role;
extraFlags = toString [ extraFlags = toString [
# "--kubelet-arg=v=4" # Optionally add additional args to k3s # "--kubelet-arg=v=4" # Optionally add additional args to k3s
]; ];
} // optionalAttrs (cfg.role == "agent") { inherit (cfg) serverAddr; }; } // optionalAttrs (cfg.role == "agent") { inherit (cfg) serverAddr; };
# Increase number of open file handlers so K3s doesn't exhaust them...again. # Increase number of open file handlers so K3s doesn't exhaust them...again.
systemd.extraConfig = '' systemd.extraConfig = ''
DefaultLimitNOFILE=8192:1048576 DefaultLimitNOFILE=8192:1048576
''; '';
}; };
} }

View file

@ -2,18 +2,18 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.services.msmtp; cfg = config.host.services.msmtp;
in in
with lib; with lib;
{ {
options = { options = {
host.services.msmtp.enable = mkEnableOption (mdDoc "Enables mail server"); host.services.msmtp.enable = mkEnableOption (mdDoc "Enables mail server");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.msmtp = { programs.msmtp = {
enable = true; enable = true;
# Authentication details set in nix-secrets # Authentication details set in nix-secrets
}; };
}; };
} }

View file

@ -1,8 +1,8 @@
# Configure SMART monitoring # Configure SMART monitoring
_: { _: {
services.smartd = { services.smartd = {
enable = true; enable = true;
autodetect = true; autodetect = true;
notifications.wall.enable = true; notifications.wall.enable = true;
}; };
} }

View file

@ -1,17 +1,17 @@
# Configure systemD # Configure systemD
_: { _: {
services = { services = {
# Allow systemd user services to keep running after the user has logged out # Allow systemd user services to keep running after the user has logged out
logind.killUserProcesses = false; logind.killUserProcesses = false;
}; };
# Reduce systemd logout time to 30s # Reduce systemd logout time to 30s
environment.etc = { environment.etc = {
"systemd/system.conf.d/10-reduce-logout-wait-time.conf" = { "systemd/system.conf.d/10-reduce-logout-wait-time.conf" = {
text = '' text = ''
[Manager] [Manager]
DefaultTimeoutStopSec=30s DefaultTimeoutStopSec=30s
''; '';
}; };
}; };
} }

View file

@ -1,48 +1,53 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
let let
cfg = config.host.ui.audio; cfg = config.host.ui.audio;
in in
with lib; with lib;
{ {
options = { options = {
host.ui.audio = { host.ui.audio = {
enable = mkEnableOption (mdDoc "Enables audio"); enable = mkEnableOption (mdDoc "Enables audio");
enableLowLatency = mkEnableOption (mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup "); enableLowLatency = mkEnableOption (
}; mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup "
}; );
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Enable sound with pipewire. # Enable sound with pipewire.
sound.enable = true; sound.enable = true;
security.rtkit.enable = true; security.rtkit.enable = true;
hardware.pulseaudio = { hardware.pulseaudio = {
enable = false; enable = false;
package = pkgs.pulseaudioFull; # Enable extra audio codecs package = pkgs.pulseaudioFull; # Enable extra audio codecs
}; };
services.pipewire = { services.pipewire = {
enable = true; enable = true;
alsa.enable = true; alsa.enable = true;
alsa.support32Bit = true; alsa.support32Bit = true;
pulse.enable = true; pulse.enable = true;
jack.enable = true; jack.enable = true;
# Reduce audio latency per https://nixos.wiki/wiki/PipeWire#Low-latency_setup # Reduce audio latency per https://nixos.wiki/wiki/PipeWire#Low-latency_setup
extraConfig.pipewire = mkIf cfg.enableLowLatency { extraConfig.pipewire = mkIf cfg.enableLowLatency {
"92-low-latency.conf" = { "92-low-latency.conf" = {
"context.properties" = { "context.properties" = {
"default.clock.rate" = 48000; "default.clock.rate" = 48000;
"default.clock.quantum" = 32; "default.clock.quantum" = 32;
"default.clock.min-quantum" = 32; "default.clock.min-quantum" = 32;
"default.clock.max-quantum" = 32; "default.clock.max-quantum" = 32;
}; };
}; };
}; };
}; };
services.flatpak.packages = mkIf config.host.ui.flatpak.enable [ services.flatpak.packages = mkIf config.host.ui.flatpak.enable [ "com.github.wwmm.easyeffects" ];
"com.github.wwmm.easyeffects" };
];
};
} }

View file

@ -1,73 +1,88 @@
{ nix-flatpak, pkgs, config, lib, ... }: {
nix-flatpak,
pkgs,
config,
lib,
...
}:
# Flatpak support and options # Flatpak support and options
let let
cfg = config.host.ui.flatpak; cfg = config.host.ui.flatpak;
in in
with lib; with lib;
{ {
options = { options = {
host.ui.flatpak.enable = mkEnableOption (mdDoc "Enables Flatpak"); host.ui.flatpak.enable = mkEnableOption (mdDoc "Enables Flatpak");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Enable Flatpak # Enable Flatpak
services.flatpak = { services.flatpak = {
enable = true; enable = true;
# Manage all Flatpak packages and remotes # Manage all Flatpak packages and remotes
uninstallUnmanaged = true; uninstallUnmanaged = true;
# Enable daily automatic updates # Enable daily automatic updates
update.auto = { update.auto = {
enable = true; enable = true;
onCalendar = "daily"; onCalendar = "daily";
}; };
# Add remote(s) # Add remote(s)
remotes = [ remotes = [
{ name = "flathub"; location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; } {
]; name = "flathub";
location = "https://dl.flathub.org/repo/flathub.flatpakrepo";
}
];
# Install Flatpaks. For details, see https://github.com/gmodena/nix-flatpak # Install Flatpaks. For details, see https://github.com/gmodena/nix-flatpak
packages = [ packages = [
"com.github.tchx84.Flatseal" "com.github.tchx84.Flatseal"
"md.obsidian.Obsidian" "md.obsidian.Obsidian"
"net.waterfox.waterfox" "net.waterfox.waterfox"
"org.keepassxc.KeePassXC" "org.keepassxc.KeePassXC"
"org.mozilla.firefox" "org.mozilla.firefox"
]; ];
}; };
# Workaround for getting Flatpak apps to use system fonts, icons, and cursors # Workaround for getting Flatpak apps to use system fonts, icons, and cursors
# For details (and source), see https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1767513263 # For details (and source), see https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1767513263
# NOTE: If fonts in Flatpaks appear incorrect (like squares), run this command to regenerate the font cache: # NOTE: If fonts in Flatpaks appear incorrect (like squares), run this command to regenerate the font cache:
# flatpak list --columns=application | xargs -I %s -- flatpak run --command=fc-cache %s -f -v # flatpak list --columns=application | xargs -I %s -- flatpak run --command=fc-cache %s -f -v
system.fsPackages = [ pkgs.bindfs ]; system.fsPackages = [ pkgs.bindfs ];
fileSystems = let fileSystems =
mkRoSymBind = path: { let
device = path; mkRoSymBind = path: {
fsType = "fuse.bindfs"; device = path;
options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ]; fsType = "fuse.bindfs";
}; options = [
aggregatedIcons = pkgs.buildEnv { "ro"
name = "system-icons"; "resolve-symlinks"
paths = with pkgs; [ "x-gvfs-hide"
#libsForQt5.breeze-qt5 # for plasma ];
gnome.gnome-themes-extra };
papirus-icon-theme aggregatedIcons = pkgs.buildEnv {
qogir-icon-theme name = "system-icons";
]; paths = with pkgs; [
pathsToLink = [ "/share/icons" ]; #libsForQt5.breeze-qt5 # for plasma
}; gnome.gnome-themes-extra
aggregatedFonts = pkgs.buildEnv { papirus-icon-theme
name = "system-fonts"; qogir-icon-theme
paths = config.fonts.packages; ];
pathsToLink = [ "/share/fonts" ]; pathsToLink = [ "/share/icons" ];
}; };
in { aggregatedFonts = pkgs.buildEnv {
"/usr/share/icons" = mkRoSymBind "${aggregatedIcons}/share/icons"; name = "system-fonts";
"/usr/local/share/fonts" = mkRoSymBind "${aggregatedFonts}/share/fonts"; paths = config.fonts.packages;
}; pathsToLink = [ "/share/fonts" ];
}; };
in
{
"/usr/share/icons" = mkRoSymBind "${aggregatedIcons}/share/icons";
"/usr/local/share/fonts" = mkRoSymBind "${aggregatedFonts}/share/fonts";
};
};
} }

View file

@ -1,134 +1,139 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
# UI and desktop-related options # UI and desktop-related options
let let
cfg = config.host.ui.gnome; cfg = config.host.ui.gnome;
in in
with lib; with lib;
{ {
options = { options = {
host.ui.gnome.enable = mkEnableOption (mdDoc "Enables Gnome"); host.ui.gnome.enable = mkEnableOption (mdDoc "Enables Gnome");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui = { host.ui = {
audio.enable = true; audio.enable = true;
flatpak.enable = true; flatpak.enable = true;
}; };
services = {
# Configure the xserver
xserver = {
# Enable the X11 windowing system.
enable = true;
# Configure keymap in X11 services = {
xkb = { # Configure the xserver
layout = "us"; xserver = {
variant = ""; # Enable the X11 windowing system.
}; enable = true;
# Enable Gnome # Configure keymap in X11
desktopManager.gnome.enable = true; xkb = {
displayManager = { layout = "us";
gdm.enable = true; variant = "";
}; };
# Remove default packages that came with the install # Enable Gnome
excludePackages = with pkgs; [ desktopManager.gnome.enable = true;
xterm displayManager = {
]; gdm.enable = true;
}; };
# Install Flatpaks # Remove default packages that came with the install
flatpak.packages = [ excludePackages = with pkgs; [ xterm ];
"com.mattjakeman.ExtensionManager" };
"dev.geopjr.Tuba"
"org.bluesabre.MenuLibre"
"org.gnome.baobab"
"org.gnome.Calculator"
"org.gnome.Characters"
"org.gnome.Calendar"
"org.gnome.Evince"
"org.gnome.Evolution"
"org.gnome.FileRoller"
"org.gnome.Firmware"
"org.gnome.gitg"
"org.gnome.Loupe" # Gnome's fancy new image viewer
"org.gnome.Music"
"org.gnome.seahorse.Application"
"org.gnome.TextEditor"
"org.gnome.World.Secrets"
"org.gtk.Gtk3theme.Adwaita-dark"
];
# Disable CUPS - not needed # Install Flatpaks
printing.enable = false; flatpak.packages = [
}; "com.mattjakeman.ExtensionManager"
"dev.geopjr.Tuba"
environment = { "org.bluesabre.MenuLibre"
# Remove default Gnome packages that came with the install, then install the ones I actually use "org.gnome.baobab"
gnome.excludePackages = (with pkgs; [ "org.gnome.Calculator"
gnome-photos "org.gnome.Characters"
gnome-tour "org.gnome.Calendar"
gnomeExtensions.extension-list "org.gnome.Evince"
gedit # text editor "org.gnome.Evolution"
]) ++ (with pkgs.gnome; [ "org.gnome.FileRoller"
cheese # webcam tool "org.gnome.Firmware"
gnome-music "org.gnome.gitg"
gnome-calendar "org.gnome.Loupe" # Gnome's fancy new image viewer
epiphany # web browser "org.gnome.Music"
geary # email reader "org.gnome.seahorse.Application"
evince # document viewer "org.gnome.TextEditor"
gnome-characters "org.gnome.World.Secrets"
gnome-software "org.gtk.Gtk3theme.Adwaita-dark"
totem # video player ];
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
# Install additional Gnome packages # Disable CUPS - not needed
systemPackages = with pkgs; [ printing.enable = false;
# Gnome tweak tools };
gnome.gnome-tweaks
# Gnome extensions
# FIXME: Disable temporarily due to broken version in Nixpkgs
#gnomeExtensions.appindicator
#gnomeExtensions.dash-to-panel
#gnomeExtensions.forge
# Themeing
gnome.gnome-themes-extra
papirus-icon-theme
qogir-icon-theme
];
};
# Manage fonts environment = {
fonts = { # Remove default Gnome packages that came with the install, then install the ones I actually use
# Install extra fonts gnome.excludePackages =
packages = with pkgs; [ (with pkgs; [
noto-fonts gnome-photos
noto-fonts-cjk gnome-tour
noto-fonts-emoji gnomeExtensions.extension-list
liberation_ttf gedit # text editor
fira-code ])
fira-code-symbols ++ (with pkgs.gnome; [
fira cheese # webcam tool
roboto-slab gnome-music
]; gnome-calendar
epiphany # web browser
geary # email reader
evince # document viewer
gnome-characters
gnome-software
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
# Enable font dir for use with Flatpak. See https://nixos.wiki/wiki/Fonts#Flatpak_applications_can.27t_find_system_fonts # Install additional Gnome packages
fontDir.enable = true; systemPackages = with pkgs; [
}; # Gnome tweak tools
gnome.gnome-tweaks
# Gnome extensions
# FIXME: Disable temporarily due to broken version in Nixpkgs
#gnomeExtensions.appindicator
#gnomeExtensions.dash-to-panel
#gnomeExtensions.forge
# Themeing
gnome.gnome-themes-extra
papirus-icon-theme
qogir-icon-theme
];
};
# Gnome UI integration for KDE apps # Manage fonts
qt = { fonts = {
enable = true; # Install extra fonts
platformTheme = "gnome"; packages = with pkgs; [
style = "adwaita-dark"; noto-fonts
}; noto-fonts-cjk
}; noto-fonts-emoji
liberation_ttf
fira-code
fira-code-symbols
fira
roboto-slab
];
# Enable font dir for use with Flatpak. See https://nixos.wiki/wiki/Fonts#Flatpak_applications_can.27t_find_system_fonts
fontDir.enable = true;
};
# Gnome UI integration for KDE apps
qt = {
enable = true;
platformTheme = "gnome";
style = "adwaita-dark";
};
};
} }

View file

@ -1,89 +1,98 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
# Define 'aires' # Define 'aires'
let let
cfg = config.host.users.aires; cfg = config.host.users.aires;
in in
with lib; with lib;
{ {
options = { options = {
host.users.aires = { host.users.aires = {
enable = mkEnableOption (mdDoc "Enables aires user account"); enable = mkEnableOption (mdDoc "Enables aires user account");
autologin = mkEnableOption (mdDoc "Automatically logs aires in on boot"); autologin = mkEnableOption (mdDoc "Automatically logs aires in on boot");
services.syncthing = { services.syncthing = {
enable = mkEnableOption (mdDoc "Enables Syncthing"); enable = mkEnableOption (mdDoc "Enables Syncthing");
enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application"); enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application");
autostart = mkOption { autostart = mkOption {
default = true; default = true;
type = types.bool; type = types.bool;
description = "Whether to auto-start Syncthing on boot"; description = "Whether to auto-start Syncthing on boot";
}; };
}; };
}; };
}; };
config = mkIf cfg.enable (mkMerge [ config = mkIf cfg.enable (mkMerge [
{ {
users.users.aires = { users.users.aires = {
isNormalUser = true; isNormalUser = true;
description = "Aires"; description = "Aires";
uid = 1000; uid = 1000;
extraGroups = [ "input" "networkmanager" "plugdev" "tss" "wheel" ]; # tss group has access to TPM devices extraGroups = [
"input"
"networkmanager"
"plugdev"
"tss"
"wheel"
]; # tss group has access to TPM devices
# Allow systemd services to run even while aires is logged out # Allow systemd services to run even while aires is logged out
linger = true; linger = true;
}; };
# Install aires-specific Flatpaks # Install aires-specific Flatpaks
services.flatpak.packages = mkIf config.services.flatpak.enable [ services.flatpak.packages = mkIf config.services.flatpak.enable [
"com.discordapp.Discord" "com.discordapp.Discord"
"org.telegram.desktop" "org.telegram.desktop"
]; ];
# Configure home-manager # Configure home-manager
home-manager.users.aires = { home-manager.users.aires = {
imports = [ imports = [
../common/home-manager/gnome.nix ../common/home-manager/gnome.nix
../common/home-manager/zsh.nix ../common/home-manager/zsh.nix
]; ];
home = { home = {
# The state version is required and should stay at the version you originally installed. # The state version is required and should stay at the version you originally installed.
stateVersion = "24.05"; stateVersion = "24.05";
# Basic setup # Basic setup
username = "aires"; username = "aires";
homeDirectory = "/home/aires"; homeDirectory = "/home/aires";
# Install extra packages, specifically gnome extensions # Install extra packages, specifically gnome extensions
packages = lib.mkIf config.host.ui.gnome.enable [ packages = lib.mkIf config.host.ui.gnome.enable [ pkgs.gnomeExtensions.wallpaper-slideshow ];
pkgs.gnomeExtensions.wallpaper-slideshow
];
# Set environment variables # Set environment variables
sessionVariables = { sessionVariables = {
KUBECONFIG = "/home/aires/.kube/config"; KUBECONFIG = "/home/aires/.kube/config";
}; };
}; };
programs = { programs = {
# Let home Manager install and manage itself. # Let home Manager install and manage itself.
home-manager.enable = true; home-manager.enable = true;
# Set up git # Set up git
git = { git = {
enable = true; enable = true;
# Username and email set in nix-secrets # Username and email set in nix-secrets
extraConfig = { extraConfig = {
push.autoSetupRemote = "true"; push.autoSetupRemote = "true";
}; };
}; };
# Set up Zsh # Set up Zsh
zsh = { zsh = {
oh-my-zsh = { oh-my-zsh = {
theme = "gentoo"; theme = "gentoo";
}; };
shellAliases = { shellAliases = {
update = "upgrade"; update = "upgrade";
@ -95,61 +104,59 @@ with lib;
}; };
}; };
# SSH set up in nix-secrets # SSH set up in nix-secrets
# Gnome settings specific to aires on Shura # Gnome settings specific to aires on Shura
dconf.settings = lib.mkIf (config.networking.hostName == "Shura") { dconf.settings = lib.mkIf (config.networking.hostName == "Shura") {
"org/gnome/desktop/interface" = { "org/gnome/desktop/interface" = {
# Increase font scaling; # Increase font scaling;
text-scaling-factor = 1.3; text-scaling-factor = 1.3;
# Dark mode # Dark mode
color-scheme = "prefer-dark"; color-scheme = "prefer-dark";
}; };
}; };
}; };
} }
# Autologin aires # Autologin aires
(mkIf cfg.autologin { (mkIf cfg.autologin {
services.displayManager.autoLogin = { services.displayManager.autoLogin = {
enable = true; enable = true;
user = "aires"; user = "aires";
}; };
systemd.services = { systemd.services = {
"getty@tty1".enable = false; "getty@tty1".enable = false;
"autovt@tty1".enable = false; "autovt@tty1".enable = false;
}; };
}) })
# Enable Syncthing # Enable Syncthing
(mkIf cfg.services.syncthing.enable { (mkIf cfg.services.syncthing.enable {
users.users.aires.packages = [ users.users.aires.packages = [
pkgs.syncthing pkgs.syncthing
(mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray) (mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray)
]; ];
# Open port 8080 # Open port 8080
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [ 8080 ];
8080
];
home-manager.users.aires = { home-manager.users.aires = {
# Syncthing options # Syncthing options
services.syncthing = { services.syncthing = {
enable = true; enable = true;
extraOptions = [ extraOptions = [
"--gui-address=0.0.0.0:8080" "--gui-address=0.0.0.0:8080"
"--home=${config.users.users.aires.home}/.config/syncthing" "--home=${config.users.users.aires.home}/.config/syncthing"
"--no-default-folder" "--no-default-folder"
]; ];
}; };
# Override the default Syncthing settings so it doesn't start on boot # Override the default Syncthing settings so it doesn't start on boot
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) { systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
Install = lib.mkForce {}; Install = lib.mkForce { };
}; };
}; };
}) })
]); ]);
} }

View file

@ -1,134 +1,140 @@
{ lib, pkgs, osConfig, ... }: { {
# Additional Gnome configurations via home-manager. lib,
dconf.settings = lib.mkIf osConfig.host.ui.gnome.enable { pkgs,
"org/gnome/mutter" = { osConfig,
edge-tiling = true; ...
workspaces-only-on-primary = false; }:
experimental-features = [ {
"scale-monitor-framebuffer" # Fractional scaling # Additional Gnome configurations via home-manager.
"variable-refresh-rate" dconf.settings = lib.mkIf osConfig.host.ui.gnome.enable {
]; "org/gnome/mutter" = {
}; edge-tiling = true;
workspaces-only-on-primary = false;
experimental-features = [
"scale-monitor-framebuffer" # Fractional scaling
"variable-refresh-rate"
];
};
"org/gnome/desktop/interface" = { "org/gnome/desktop/interface" = {
# Configure fonts # Configure fonts
font-name = "Fira Sans Semi-Light 11"; font-name = "Fira Sans Semi-Light 11";
document-font-name = "Roboto Slab 11"; document-font-name = "Roboto Slab 11";
monospace-font-name = "Liberation Mono 11"; monospace-font-name = "Liberation Mono 11";
titlebar-font = "Fira Sans Semi-Bold 11"; titlebar-font = "Fira Sans Semi-Bold 11";
# Configure hinting # Configure hinting
font-hinting = "slight"; font-hinting = "slight";
font-antialiasing = "rgba"; font-antialiasing = "rgba";
# Configure workspace # Configure workspace
enable-hot-corners = true; enable-hot-corners = true;
# Set icon theme # Set icon theme
icon-theme = "Papirus-Dark"; icon-theme = "Papirus-Dark";
# Set legacy application theme # Set legacy application theme
gtk-theme = "Adwaita-dark"; gtk-theme = "Adwaita-dark";
}; };
# Configure touchpad scroll & tap behavior # Configure touchpad scroll & tap behavior
"org/gnome/desktop/peripherals/touchpad" = { "org/gnome/desktop/peripherals/touchpad" = {
disable-while-typing = true; disable-while-typing = true;
click-method = "fingers"; click-method = "fingers";
tap-to-click = true; tap-to-click = true;
natural-scroll = true; natural-scroll = true;
two-finger-scrolling-enabled = true; two-finger-scrolling-enabled = true;
}; };
# Tweak window management # Tweak window management
"org/gnome/desktop/wm/preferences" = { "org/gnome/desktop/wm/preferences" = {
button-layout = "appmenu:minimize,maximize,close"; button-layout = "appmenu:minimize,maximize,close";
resize-with-right-button = true; resize-with-right-button = true;
focus-mode = "click"; focus-mode = "click";
}; };
# Make alt-tab switch windows, not applications # Make alt-tab switch windows, not applications
"org/gnome/desktop/wm/keybindings" = { "org/gnome/desktop/wm/keybindings" = {
switch-tab = []; switch-tab = [ ];
switch-windows = [ "<Alt>Tab" ]; switch-windows = [ "<Alt>Tab" ];
switch-windows-backward = [ "<Shift><Alt>Tab" ]; switch-windows-backward = [ "<Shift><Alt>Tab" ];
}; };
"org/gnome/shell" = { "org/gnome/shell" = {
disable-user-extensions = false; disable-user-extensions = false;
}; };
/* /*
FIXME: Still needs work FIXME: Still needs work
"org/gnome/shell/extensions/dash-to-panel" = { "org/gnome/shell/extensions/dash-to-panel" = {
animate-appicon-hover = false; animate-appicon-hover = false;
animate-appicon-hover-animation-extent = { animate-appicon-hover-animation-extent = {
RIPPLE = 4; RIPPLE = 4;
PLANK = 4; PLANK = 4;
SIMPLE = 1; SIMPLE = 1;
}; };
appicon-margin = 8; appicon-margin = 8;
appicon-padding = 8; appicon-padding = 8;
available-monitors= [0]; available-monitors= [0];
dot-position = "BOTTOM"; dot-position = "BOTTOM";
hotkeys-overlay-combo= "TEMPORARILY"; hotkeys-overlay-combo= "TEMPORARILY";
leftbox-padding = -1; leftbox-padding = -1;
panel-anchors = {"0" = "MIDDLE"; }; panel-anchors = {"0" = "MIDDLE"; };
panel-element-positions={ panel-element-positions={
"0" = [{ "0" = [{
"element" = "dateMenu"; "element" = "dateMenu";
"visible" = true; "visible" = true;
"position" = "stackedTL"; "position" = "stackedTL";
} }
{ {
"element" = "activitiesButton"; "element" = "activitiesButton";
"visible" = true; "visible" = true;
"position" = "stackedTL"; "position" = "stackedTL";
} }
{ {
"element" = "showAppsButton"; "element" = "showAppsButton";
"visible" = true; "visible" = true;
"position" = "centerMonitor"; "position" = "centerMonitor";
} }
{ {
"element" = "leftBox"; "element" = "leftBox";
"visible" = false; "visible" = false;
"position" = "stackedTL"; "position" = "stackedTL";
} }
{ {
"element" = "taskbar"; "element" = "taskbar";
"visible" = true; "visible" = true;
"position" = "centerMonitor"; "position" = "centerMonitor";
} }
{ {
"element" = "centerBox"; "element" = "centerBox";
"visible" = false; "visible" = false;
"position" = "stackedBR"; "position" = "stackedBR";
} }
{ {
"element" = "rightBox"; "element" = "rightBox";
"visible" = false; "visible" = false;
"position" = "stackedBR"; "position" = "stackedBR";
} }
{ {
"element" = "systemMenu"; "element" = "systemMenu";
"visible" = true; "visible" = true;
"position"= "stackedBR"; "position"= "stackedBR";
} }
{ {
"element" = "desktopButton"; "element" = "desktopButton";
"visible" = false; "visible" = false;
"position" = "stackedBR"; "position" = "stackedBR";
}]; }];
}; };
panel-lengths = { "0" = 100; }; panel-lengths = { "0" = 100; };
panel-positions = { "0" = "TOP"; }; panel-positions = { "0" = "TOP"; };
panel-sizes = { "0" = 64; }; panel-sizes = { "0" = 64; };
primary-monitor = 0; primary-monitor = 0;
status-icon-padding = -1; status-icon-padding = -1;
tray-padding = -1; tray-padding = -1;
window-preview-title-position = "TOP"; window-preview-title-position = "TOP";
}; };
*/ */
}; };
} }

View file

@ -1,30 +1,29 @@
# Additional ZSH settings via Home Manager # Additional ZSH settings via Home Manager
{ pkgs, ... }: { { pkgs, ... }:
programs.zsh = { {
enable = true; programs.zsh = {
autosuggestion.enable = true; enable = true;
syntaxHighlighting.enable = true; autosuggestion.enable = true;
history.ignoreDups = true; # Do not enter command lines into the history list if they are duplicates of the previous event. syntaxHighlighting.enable = true;
prezto = { history.ignoreDups = true; # Do not enter command lines into the history list if they are duplicates of the previous event.
git.submoduleIgnore = "untracked"; # Ignore submodules when they are untracked. prezto = {
}; git.submoduleIgnore = "untracked"; # Ignore submodules when they are untracked.
plugins = [ };
{ plugins = [
name = "zsh-nix-shell"; {
file = "nix-shell.plugin.zsh"; name = "zsh-nix-shell";
src = pkgs.fetchFromGitHub { file = "nix-shell.plugin.zsh";
owner = "chisui"; src = pkgs.fetchFromGitHub {
repo = "zsh-nix-shell"; owner = "chisui";
rev = "v0.8.0"; repo = "zsh-nix-shell";
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7"; rev = "v0.8.0";
}; sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
} };
]; }
oh-my-zsh = { ];
enable = true; oh-my-zsh = {
plugins = [ enable = true;
"git" plugins = [ "git" ];
]; };
}; };
}; }
}

View file

@ -1,126 +1,140 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
# Define 'gremlin' user # Define 'gremlin' user
let let
cfg = config.host.users.gremlin; cfg = config.host.users.gremlin;
in in
with lib; with lib;
{ {
options = { options = {
host.users.gremlin = { host.users.gremlin = {
enable = mkEnableOption (mdDoc "Enables gremlin user account"); enable = mkEnableOption (mdDoc "Enables gremlin user account");
services.syncthing = {
enable = mkEnableOption (mdDoc "Enables Syncthing");
enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application");
autostart = mkOption {
default = true;
type = types.bool;
description = "Whether to auto-start Syncthing on boot";
};
};
};
};
config = mkMerge [ services.syncthing = {
(mkIf cfg.enable { enable = mkEnableOption (mdDoc "Enables Syncthing");
# Add Gremlin account enableTray = mkEnableOption (mdDoc "Enables the Syncthing Tray application");
users.users.gremlin = { autostart = mkOption {
isNormalUser = true; default = true;
description = "Gremlin"; type = types.bool;
uid = 1001; description = "Whether to auto-start Syncthing on boot";
extraGroups = [ "networkmanager" "input" ]; };
};
};
};
# Allow systemd services to keep running even while gremlin is logged out config = mkMerge [
linger = true; (mkIf cfg.enable {
}; # Add Gremlin account
users.users.gremlin = {
isNormalUser = true;
description = "Gremlin";
uid = 1001;
extraGroups = [
"networkmanager"
"input"
];
# Install gremlin-specific flatpaks # Allow systemd services to keep running even while gremlin is logged out
services.flatpak.packages = lib.mkIf config.services.flatpak.enable [ linger = true;
"com.google.Chrome" };
"com.slack.Slack"
];
home-manager.users.gremlin = { # Install gremlin-specific flatpaks
imports = [ services.flatpak.packages = lib.mkIf config.services.flatpak.enable [
../common/home-manager/gnome.nix "com.google.Chrome"
../common/home-manager/zsh.nix "com.slack.Slack"
]; ];
home = { home-manager.users.gremlin = {
# Basic setup imports = [
username = "gremlin"; ../common/home-manager/gnome.nix
homeDirectory = "/home/gremlin"; ../common/home-manager/zsh.nix
];
# The state version is required and should stay at the version you originally installed. home = {
stateVersion = "24.05"; # Basic setup
username = "gremlin";
homeDirectory = "/home/gremlin";
# Set environment variables # The state version is required and should stay at the version you originally installed.
sessionVariables = { stateVersion = "24.05";
KUBECONFIG = "/home/gremlin/.kube/config";
};
# Install packages specific to Gremlin
packages = [
pkgs.awscli2
];
};
programs = { # Set environment variables
# Let home Manager install and manage itself. sessionVariables = {
home-manager.enable = true; KUBECONFIG = "/home/gremlin/.kube/config";
};
# Set up git # Install packages specific to Gremlin
git = { packages = [ pkgs.awscli2 ];
# Name and email set in nix-secrets };
enable = true;
extraConfig = {
push.autoSetupRemote = "true";
};
};
# Set up Zsh programs = {
zsh = { # Let home Manager install and manage itself.
# Install and source the p10k theme home-manager.enable = true;
plugins = [
{ name = "powerlevel10k"; src = pkgs.zsh-powerlevel10k; file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme"; }
{ name = "powerlevel10k-config"; src = ./p10k-config; file = "p10k.zsh"; }
];
shellAliases = {
please = "sudo";
};
};
};
# SSH entries set in nix-secrets # Set up git
}; git = {
}) # Name and email set in nix-secrets
enable = true;
extraConfig = {
push.autoSetupRemote = "true";
};
};
# Enable Syncthing # Set up Zsh
(mkIf cfg.services.syncthing.enable { zsh = {
users.users.gremlin = { # Install and source the p10k theme
packages = [ plugins = [
pkgs.syncthing {
(mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray) name = "powerlevel10k";
]; src = pkgs.zsh-powerlevel10k;
}; file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
}
{
name = "powerlevel10k-config";
src = ./p10k-config;
file = "p10k.zsh";
}
];
shellAliases = {
please = "sudo";
};
};
};
home-manager.users.gremlin = { # SSH entries set in nix-secrets
# Syncthing options };
services.syncthing = { })
enable = true;
extraOptions = [
"--gui-address=0.0.0.0:8081"
"--home=${config.users.users.gremlin.home}/.config/syncthing"
"--no-default-folder"
];
};
# Override the default Syncthing settings so it doesn't start on boot # Enable Syncthing
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) { (mkIf cfg.services.syncthing.enable {
Install = lib.mkForce {}; users.users.gremlin = {
}; packages = [
}; pkgs.syncthing
}) (mkIf cfg.services.syncthing.enableTray pkgs.syncthingtray)
]; ];
};
home-manager.users.gremlin = {
# Syncthing options
services.syncthing = {
enable = true;
extraOptions = [
"--gui-address=0.0.0.0:8081"
"--home=${config.users.users.gremlin.home}/.config/syncthing"
"--no-default-folder"
];
};
# Override the default Syncthing settings so it doesn't start on boot
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
Install = lib.mkForce { };
};
};
})
];
} }

View file

@ -1,29 +1,34 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
# Define user for managing media on Haven # Define user for managing media on Haven
let let
cfg = config.host.users.media; cfg = config.host.users.media;
in in
with lib; with lib;
{ {
options = { options = {
host.users.media = { host.users.media = {
enable = mkEnableOption (mdDoc "Enables media user account"); enable = mkEnableOption (mdDoc "Enables media user account");
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.groups."media" = { users.groups."media" = {
gid = 1001; gid = 1001;
}; };
users.users.media = { users.users.media = {
isNormalUser = false; isNormalUser = false;
isSystemUser = true; isSystemUser = true;
description = "Media manager"; description = "Media manager";
uid = 1001; uid = 1001;
group = "media"; group = "media";
}; };
}; };
} }

@ -1 +1 @@
Subproject commit b08463a68a07f237232a5951b9e0e58071b9f479 Subproject commit d7db8c62406e2389138e8aaaeb6e9e94494ae1ae

View file

@ -1,27 +1,27 @@
{ pkgs, lib }: { pkgs, lib }:
pkgs.stdenv.mkDerivation rec { pkgs.stdenv.mkDerivation rec {
pname = "duplicacy-web"; pname = "duplicacy-web";
version = "1.8.0"; version = "1.8.0";
src = builtins.fetchurl { src = builtins.fetchurl {
url = "https://acrosync.com/duplicacy-web/duplicacy_web_linux_x64_${version}"; url = "https://acrosync.com/duplicacy-web/duplicacy_web_linux_x64_${version}";
sha256 = "f0b4d4c16781a6ccb137f161df9de86574e7a55660c582682c63062e26476c4a"; sha256 = "f0b4d4c16781a6ccb137f161df9de86574e7a55660c582682c63062e26476c4a";
}; };
doCheck = false; doCheck = false;
dontUnpack = true; dontUnpack = true;
installPhase = '' installPhase = ''
install -D $src $out/duplicacy-web install -D $src $out/duplicacy-web
chmod a+x $out/duplicacy-web chmod a+x $out/duplicacy-web
''; '';
meta = with lib; { meta = with lib; {
homepage = "https://duplicacy.com"; homepage = "https://duplicacy.com";
description = "A new generation cloud backup tool"; description = "A new generation cloud backup tool";
platforms = platforms.linux; platforms = platforms.linux;
license = licenses.unfreeRedistributable; license = licenses.unfreeRedistributable;
}; };
} }