aires/nix-configuration
aires/nix-configuration
1
0
Fork 0
Code Actions Activity

Standardize formatting using the Nix RFC style, even though it means using spaces 🤢

Browse source
This commit is contained in:
Aires 2024-05-07 18:02:59 -04:00
parent f0ddde868d
commit 0a412d6f26
50 changed files with 2049 additions and 1770 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
flake.nix
View file

@ -36,9 +36,20 @@
# TODO: Add Disko - https://github.com/nix-community/disko
};
outputs = inputs@{ self, nixpkgs, lanzaboote, nix-flatpak, home-manager, nixos-hardware, lix-module, ... }:
outputs =
inputs@{
self,
nixpkgs,
lanzaboote,
nix-flatpak,
home-manager,
nixos-hardware,
lix-module,
...
}:
let
forAllSystems = function:
forAllSystems =
function:
nixpkgs.lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
@ -48,12 +59,17 @@
# Define shared modules and imports
defaultModules = {
base = [
{ _module.args = { inherit inputs; }; }
{
_module.args = {
inherit inputs;
};
}
./hosts/default.nix
lix-module.nixosModules.default
lanzaboote.nixosModules.lanzaboote
nix-flatpak.nixosModules.nix-flatpak
home-manager.nixosModules.home-manager {
home-manager.nixosModules.home-manager
{
home-manager = {
/*
When running, Home Manager will use the global package cache.
@ -67,7 +83,8 @@
}
];
};
in {
in
{
formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style);
nixosConfigurations = {
@ -112,5 +129,4 @@
};
};
};
}
}

3
hosts/Dimaga/default.nix
View file

@ -1,4 +1,5 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05";

27
hosts/Dimaga/hardware-configuration.nix
View file

@ -1,12 +1,23 @@
# Surface Laptop Go 1st gen
{ config, lib, pkgs, modulesPath, ... }: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
availableKernelModules = [
"xhci_pci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
];
kernelModules = [ ];
luks.devices."luks-5a91100b-8ed9-4090-b1d8-d8291000fe38".device = "/dev/disk/by-uuid/5a91100b-8ed9-4090-b1d8-d8291000fe38";
};
@ -27,10 +38,12 @@
};
};
swapDevices = [{
swapDevices = [
{
device = "/swapfile";
size = 4096;
}];
}
];
networking = {
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

12
hosts/Haven/default.nix
View file

@ -1,4 +1,10 @@
{ pkgs, home-manager, lib, config, ... }:
{
pkgs,
home-manager,
lib,
config,
...
}:
let
start-haven = pkgs.writeShellScriptBin "start-haven" (builtins.readFile ./start-haven.sh);
in
@ -63,7 +69,5 @@ in
networking.firewall.allowedUDPPorts = [ 1194 ];
# Add script for booting Haven
environment.systemPackages = [
start-haven
];
environment.systemPackages = [ start-haven ];
}

28
hosts/Haven/hardware-configuration.nix
View file

@ -1,7 +1,13 @@
# Minisforum UM340
{ config, lib, pkgs, modulesPath, ... }: {
imports =
[ (modulesPath + "/installer/scan/not-detected.nix") ];
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
supportedFilesystems = [ "btrfs" ];
@ -10,7 +16,15 @@
initrd = {
supportedFilesystems = [ "btrfs" ];
availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "btrfs" ];
availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
"btrfs"
];
kernelModules = [ ];
};
};
@ -37,10 +51,12 @@
};
};
swapDevices = [{
swapDevices = [
{
device = "/swap/swapfile";
size = 16384;
}];
}
];
networking = {
useDHCP = lib.mkDefault true;

3
hosts/Khanda/default.nix
View file

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05";

69
hosts/Khanda/hardware-configuration.nix
View file

@ -1,11 +1,48 @@
# Surface Pro 9
{ config, lib, pkgs, modulesPath, ... }: {
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [ "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "tpm_crb" "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "surface_kbd" "pinctrl_tigerlake" ];
kernelModules = [ "tpm_crb" "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "surface_hid" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "surface_kbd" "pinctrl_tigerlake" ];
availableKernelModules = [
"surface_aggregator"
"surface_aggregator_registry"
"surface_aggregator_hub"
"surface_hid_core"
"hid_multitouch"
"8250_dw"
"intel_lpss"
"intel_lpss_pci"
"tpm_crb"
"xhci_pci"
"thunderbolt"
"nvme"
"usb_storage"
"sd_mod"
"surface_kbd"
"pinctrl_tigerlake"
];
kernelModules = [
"tpm_crb"
"surface_aggregator"
"surface_aggregator_registry"
"surface_aggregator_hub"
"surface_hid_core"
"surface_hid"
"hid_multitouch"
"8250_dw"
"intel_lpss"
"intel_lpss_pci"
"surface_kbd"
"pinctrl_tigerlake"
];
luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = {
device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1";
@ -13,7 +50,21 @@
};
};
kernelModules = [ "kvm-intel" "tpm_crb" "surface_aggregator" "surface_aggregator_registry" "surface_aggregator_hub" "surface_hid_core" "surface_hid" "hid_multitouch" "8250_dw" "intel_lpss" "intel_lpss_pci" "surface_kbd" "pinctrl_tigerlake" ];
kernelModules = [
"kvm-intel"
"tpm_crb"
"surface_aggregator"
"surface_aggregator_registry"
"surface_aggregator_hub"
"surface_hid_core"
"surface_hid"
"hid_multitouch"
"8250_dw"
"intel_lpss"
"intel_lpss_pci"
"surface_kbd"
"pinctrl_tigerlake"
];
extraModulePackages = [ ];
};
@ -30,9 +81,7 @@
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; }
];
swapDevices = [ { device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; } ];
networking = {
useDHCP = lib.mkDefault true;
@ -43,14 +92,12 @@
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# Install/configure additional drivers, particularly for touch
environment.systemPackages = with pkgs; [
libwacom-surface
];
environment.systemPackages = with pkgs; [ libwacom-surface ];
microsoft-surface = {
ipts.enable = true;
surface-control.enable = true;
};
# FIXME: Use default kernel to avoid full kernel rebuilds
# NOTE: Use a default kernel to skip full kernel rebuilds
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
}

5
hosts/Pihole/default.nix
View file

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05";
@ -29,7 +30,7 @@
settings = {
PasswordAuthentication = true;
AllowUsers = ["aires"];
AllowUsers = [ "aires" ];
PermitRootLogin = "no";
};
};

21
hosts/Pihole/hardware-configuration.nix
View file

@ -1,11 +1,16 @@
# Raspberry Pi 4B
# See https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4
{ config, lib, pkgs, modulesPath, nixos-hardware, ... }:
{
config,
lib,
pkgs,
modulesPath,
nixos-hardware,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.loader = lib.mkForce {
grub.enable = false;
@ -16,15 +21,17 @@
# "console=serial0,115200n8"
#];
fileSystems ."/" = {
fileSystems."/" = {
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
swapDevices = [{
swapDevices = [
{
device = "/swapfile";
size = 2048;
}];
}
];
hardware.enableRedistributableFirmware = true;
networking.wireless.enable = true;

19
hosts/Shura/default.nix
View file

@ -1,9 +1,20 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
# Copy bluetooth device configs
shure-aonic-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/shure-aonic-bluetooth-params);
xbox-elite-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/xbox-elite-controller-bluetooth-params);
mano-touchpad-bluetooth = pkgs.writeText "info" (builtins.readFile ./bluetooth/mano-touchpad-bluetooth-params);
shure-aonic-bluetooth = pkgs.writeText "info" (
builtins.readFile ./bluetooth/shure-aonic-bluetooth-params
);
xbox-elite-bluetooth = pkgs.writeText "info" (
builtins.readFile ./bluetooth/xbox-elite-controller-bluetooth-params
);
mano-touchpad-bluetooth = pkgs.writeText "info" (
builtins.readFile ./bluetooth/mano-touchpad-bluetooth-params
);
# Use gremlin user's monitor configuration for GDM (desktop monitor primary). See https://discourse.nixos.org/t/gdm-monitor-configuration/6356/4
monitorsXmlContent = builtins.readFile ./monitors.xml;

43
hosts/Shura/hardware-configuration.nix
View file

@ -1,8 +1,13 @@
# Lenovo Legion Slim 7 Gen 7 AMD (16ARHA7)
{ config, lib, pkgs, modulesPath, ... }: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
# Configure the kernel.
boot = {
@ -17,8 +22,19 @@
# sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/<device>
systemd.enable = true;
availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" "tpm_crb" ];
kernelModules = [ "amdgpu" "tpm_crb" ];
availableKernelModules = [
"nvme"
"xhci_pci"
"usbhid"
"usb_storage"
"sd_mod"
"rtsx_pci_sdmmc"
"tpm_crb"
];
kernelModules = [
"amdgpu"
"tpm_crb"
];
luks.devices."luks-bcf67e34-339e-40b9-8ffd-bec8f7f55248" = {
device = "/dev/disk/by-uuid/bcf67e34-339e-40b9-8ffd-bec8f7f55248";
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking
@ -29,15 +45,18 @@
};
fileSystems = {
"/" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
"/" = {
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
fsType = "btrfs";
options = [ "subvol=@,compress=zstd" ];
};
"/home" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
"/home" = {
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
fsType = "btrfs";
options = [ "subvol=@home,compress=zstd" ];
};
"/swap" = { device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
"/swap" = {
device = "/dev/disk/by-uuid/b801fbea-4cb5-4255-bea9-a2ce77d1a1b7";
fsType = "btrfs";
options = [ "subvol=@swap" ];
};
@ -47,10 +66,12 @@
};
};
swapDevices = [{
swapDevices = [
{
device = "/swap/swapfile";
size = 16384;
}];
}
];
networking = {
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

3
hosts/default.nix
View file

@ -7,7 +7,8 @@ let
ref = "main";
rev = "55fc814d477d956ab885e157f24c2d43f433dc7a";
};
in{
in
{
imports = [
"${nix-secrets}/default.nix"
../modules/autoimport.nix

7
modules/apps/development.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.host.apps.development;

4
modules/apps/dj.nix
View file

@ -12,8 +12,6 @@ with lib;
config = mkIf cfg.enable {
host.ui.flatpak.enable = true;
services.flatpak.packages = [
"org.mixxx.Mixxx"
];
services.flatpak.packages = [ "org.mixxx.Mixxx" ];
};
}

7
modules/apps/gaming.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
# Gaming-related settings
let

25
modules/apps/kdeconnect.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
cfg = config.host.apps.kdeconnect;
@ -10,13 +15,21 @@ with lib;
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
gnomeExtensions.gsconnect
];
environment.systemPackages = with pkgs; [ gnomeExtensions.gsconnect ];
networking.firewall = {
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
};
};
}

11
modules/apps/social.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
cfg = config.host.apps.social;
@ -17,8 +22,6 @@ with lib;
];
host.ui.flatpak.enable = true;
services.flatpak.packages = [
"com.discordapp.Discord"
];
services.flatpak.packages = [ "com.discordapp.Discord" ];
};
}

7
modules/apps/tmux.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
cfg = config.host.apps.tmux;

7
modules/apps/writing.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
cfg = config.host.apps.writing;

25
modules/autoimport.nix
View file

@ -4,22 +4,25 @@
with lib;
let
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
getDir = dir: mapAttrs
(file: type:
if type == "directory" then getDir "${dir}/${file}" else type
)
(builtins.readDir dir);
getDir =
dir:
mapAttrs (file: type: if type == "directory" then getDir "${dir}/${file}" else type) (
builtins.readDir dir
);
# Collects all files of a directory as a list of strings of paths
files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
files =
dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
# Filters out directories that belong to home-manager, and don't end with .nix or are this file.
# Also, make the strings absolute
validFiles = dir: map
(file: ./. + "/${file}")
(filter
(file: ! hasInfix "home-manager" file && file != "autoimport.nix" && hasSuffix ".nix" file)
(files dir));
validFiles =
dir:
map (file: ./. + "/${file}") (
filter (file: !hasInfix "home-manager" file && file != "autoimport.nix" && hasSuffix ".nix" file) (
files dir
)
);
in
{
imports = validFiles ./.;

11
modules/base/bluetooth.nix
View file

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
cfg = config.host.ui.bluetooth;
@ -27,8 +32,6 @@ with lib;
};
# Add Bluetooth LE audio support
environment.systemPackages = with pkgs; [
liblc3
];
environment.systemPackages = with pkgs; [ liblc3 ];
};
}

9
modules/base/bootloader.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
# Bootloader
let
@ -23,7 +28,7 @@ with lib;
};
};
config = mkIf cfg.enable (mkMerge[
config = mkIf cfg.enable (mkMerge [
(mkIf cfg.secureboot.enable {
boot = {
# Enable Secure Boot

20
modules/base/nix.nix
View file

@ -1,9 +1,19 @@
# Nix configuration
{ pkgs, config, lib, inputs, ... }: {
{
pkgs,
config,
lib,
inputs,
...
}:
{
nix = {
settings = {
# Enable Flakes
experimental-features = [ "nix-command" "flakes" ];
experimental-features = [
"nix-command"
"flakes"
];
# Use Lix instead of Nix
extra-substituters = [ "https://cache.lix.systems" ];
@ -22,7 +32,8 @@
# Configure remote build machines (mainly Haven)
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
buildMachines = [{
buildMachines = [
{
hostName = "haven";
systems = [
"x86_64-linux"
@ -35,7 +46,8 @@
"benchmark"
"big-parllel"
];
}];
}
];
# When using a builder, use its package store
extraOptions = ''

3
modules/base/programs.nix
View file

@ -1,5 +1,6 @@
# Set up program defaults
{ config, ... }: {
{ config, ... }:
{
# Set up base apps
programs = {
direnv.enable = true;

3
modules/base/system.nix
View file

@ -1,5 +1,6 @@
# System options
{ pkgs, config, ... }: {
{ pkgs, config, ... }:
{
# Set up the environment
environment = {
# Install base packages

2
modules/roles/default.nix
View file

@ -1,4 +1,4 @@
{lib, ...}:
{ lib, ... }:
with lib;
{

10
modules/roles/server.nix
View file

@ -1,8 +1,14 @@
{ config, lib, modulesPath, pkgs, ... }:
{
config,
lib,
modulesPath,
pkgs,
...
}:
let
inherit (config.host) role;
in
with lib;
with lib;
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

14
modules/roles/workstation.nix
View file

@ -1,8 +1,14 @@
{ config, lib, modulesPath, pkgs, ... }:
{
config,
lib,
modulesPath,
pkgs,
...
}:
let
inherit (config.host) role;
in
with lib;
with lib;
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
@ -23,9 +29,7 @@ in
consoleLogLevel = 1;
# Add kernel parameters
kernelParams = [
"quiet"
];
kernelParams = [ "quiet" ];
};
};
}

7
modules/services/apcupsd.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
cfg = config.host.services.apcupsd;
in

3
modules/services/btrfs.nix
View file

@ -1,6 +1,7 @@
# Services to run on BTRFS filesystems.
# Only run if the root partition is BTRFS.
{ config, lib, ... }: {
{ config, lib, ... }:
{
services.btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
enable = true;
interval = "weekly";

18
modules/services/duplicacy-web.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
cfg = config.host.services.duplicacy-web;
@ -25,9 +30,7 @@ rec {
config = mkIf cfg.enable {
nixpkgs.config.allowUnfree = true;
environment.systemPackages = [
duplicacy-web
];
environment.systemPackages = [ duplicacy-web ];
networking.firewall.allowedTCPPorts = [ 3875 ];
@ -35,7 +38,10 @@ rec {
systemd.services."duplicacy-web" = {
enable = true;
wants = [ "network-online.target" ];
after = [ "syslog.target" "network-online.target" ];
after = [
"syslog.target"
"network-online.target"
];
description = "Start the Duplicacy backup service and web UI";
serviceConfig = {
Type = "simple";
@ -47,6 +53,6 @@ rec {
environment = {
HOME = cfg.environment;
};
} // optionalAttrs cfg.autostart { wantedBy = ["multi-user.target"]; }; # Start at boot if autostart is enabled.
} // optionalAttrs cfg.autostart { wantedBy = [ "multi-user.target" ]; }; # Start at boot if autostart is enabled.
};
}

11
modules/services/k3s.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.host.services.k3s;
in
@ -26,9 +31,7 @@ with lib;
config = mkIf cfg.enable {
# Add packages for developing with K3s.
# For details, see https://nixos.wiki/wiki/K3s
environment.systemPackages = with pkgs; [
k3s
];
environment.systemPackages = with pkgs; [ k3s ];
networking.firewall = {
allowedTCPPorts = [

15
modules/ui/audio.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
cfg = config.host.ui.audio;
@ -8,7 +13,9 @@ with lib;
options = {
host.ui.audio = {
enable = mkEnableOption (mdDoc "Enables audio");
enableLowLatency = mkEnableOption (mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup ");
enableLowLatency = mkEnableOption (
mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup "
);
};
};
@ -41,8 +48,6 @@ with lib;
};
};
services.flatpak.packages = mkIf config.host.ui.flatpak.enable [
"com.github.wwmm.easyeffects"
];
services.flatpak.packages = mkIf config.host.ui.flatpak.enable [ "com.github.wwmm.easyeffects" ];
};
}

25
modules/ui/flatpak.nix
View file

@ -1,4 +1,10 @@
{ nix-flatpak, pkgs, config, lib, ... }:
{
nix-flatpak,
pkgs,
config,
lib,
...
}:
# Flatpak support and options
let
@ -26,7 +32,10 @@ with lib;
# Add remote(s)
remotes = [
{ name = "flathub"; location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; }
{
name = "flathub";
location = "https://dl.flathub.org/repo/flathub.flatpakrepo";
}
];
# Install Flatpaks. For details, see https://github.com/gmodena/nix-flatpak
@ -44,11 +53,16 @@ with lib;
# NOTE: If fonts in Flatpaks appear incorrect (like squares), run this command to regenerate the font cache:
# flatpak list --columns=application | xargs -I %s -- flatpak run --command=fc-cache %s -f -v
system.fsPackages = [ pkgs.bindfs ];
fileSystems = let
fileSystems =
let
mkRoSymBind = path: {
device = path;
fsType = "fuse.bindfs";
options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ];
options = [
"ro"
"resolve-symlinks"
"x-gvfs-hide"
];
};
aggregatedIcons = pkgs.buildEnv {
name = "system-icons";
@ -65,7 +79,8 @@ with lib;
paths = config.fonts.packages;
pathsToLink = [ "/share/fonts" ];
};
in {
in
{
"/usr/share/icons" = mkRoSymBind "${aggregatedIcons}/share/icons";
"/usr/local/share/fonts" = mkRoSymBind "${aggregatedFonts}/share/fonts";
};

17
modules/ui/gnome.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
# UI and desktop-related options
let
@ -36,9 +41,7 @@ with lib;
};
# Remove default packages that came with the install
excludePackages = with pkgs; [
xterm
];
excludePackages = with pkgs; [ xterm ];
};
# Install Flatpaks
@ -69,12 +72,14 @@ with lib;
environment = {
# Remove default Gnome packages that came with the install, then install the ones I actually use
gnome.excludePackages = (with pkgs; [
gnome.excludePackages =
(with pkgs; [
gnome-photos
gnome-tour
gnomeExtensions.extension-list
gedit # text editor
]) ++ (with pkgs.gnome; [
])
++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
gnome-calendar

25
modules/users/aires/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
# Define 'aires'
let
@ -29,7 +34,13 @@ with lib;
isNormalUser = true;
description = "Aires";
uid = 1000;
extraGroups = [ "input" "networkmanager" "plugdev" "tss" "wheel" ]; # tss group has access to TPM devices
extraGroups = [
"input"
"networkmanager"
"plugdev"
"tss"
"wheel"
]; # tss group has access to TPM devices
# Allow systemd services to run even while aires is logged out
linger = true;
@ -57,9 +68,7 @@ with lib;
homeDirectory = "/home/aires";
# Install extra packages, specifically gnome extensions
packages = lib.mkIf config.host.ui.gnome.enable [
pkgs.gnomeExtensions.wallpaper-slideshow
];
packages = lib.mkIf config.host.ui.gnome.enable [ pkgs.gnomeExtensions.wallpaper-slideshow ];
# Set environment variables
sessionVariables = {
@ -130,9 +139,7 @@ with lib;
];
# Open port 8080
networking.firewall.allowedTCPPorts = [
8080
];
networking.firewall.allowedTCPPorts = [ 8080 ];
home-manager.users.aires = {
# Syncthing options
@ -147,7 +154,7 @@ with lib;
# Override the default Syncthing settings so it doesn't start on boot
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
Install = lib.mkForce {};
Install = lib.mkForce { };
};
};
})

10
modules/users/common/home-manager/gnome.nix
View file

@ -1,4 +1,10 @@
{ lib, pkgs, osConfig, ... }: {
{
lib,
pkgs,
osConfig,
...
}:
{
# Additional Gnome configurations via home-manager.
dconf.settings = lib.mkIf osConfig.host.ui.gnome.enable {
"org/gnome/mutter" = {
@ -49,7 +55,7 @@
# Make alt-tab switch windows, not applications
"org/gnome/desktop/wm/keybindings" = {
switch-tab = [];
switch-tab = [ ];
switch-windows = [ "<Alt>Tab" ];
switch-windows-backward = [ "<Shift><Alt>Tab" ];
};

7
modules/users/common/home-manager/zsh.nix
View file

@ -1,5 +1,6 @@
# Additional ZSH settings via Home Manager
{ pkgs, ... }: {
{ pkgs, ... }:
{
programs.zsh = {
enable = true;
autosuggestion.enable = true;
@ -22,9 +23,7 @@
];
oh-my-zsh = {
enable = true;
plugins = [
"git"
];
plugins = [ "git" ];
};
};
}

30
modules/users/gremlin/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
# Define 'gremlin' user
let
@ -29,7 +34,10 @@ with lib;
isNormalUser = true;
description = "Gremlin";
uid = 1001;
extraGroups = [ "networkmanager" "input" ];
extraGroups = [
"networkmanager"
"input"
];
# Allow systemd services to keep running even while gremlin is logged out
linger = true;
@ -61,9 +69,7 @@ with lib;
};
# Install packages specific to Gremlin
packages = [
pkgs.awscli2
];
packages = [ pkgs.awscli2 ];
};
programs = {
@ -83,8 +89,16 @@ with lib;
zsh = {
# Install and source the p10k theme
plugins = [
{ name = "powerlevel10k"; src = pkgs.zsh-powerlevel10k; file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme"; }
{ name = "powerlevel10k-config"; src = ./p10k-config; file = "p10k.zsh"; }
{
name = "powerlevel10k";
src = pkgs.zsh-powerlevel10k;
file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
}
{
name = "powerlevel10k-config";
src = ./p10k-config;
file = "p10k.zsh";
}
];
shellAliases = {
please = "sudo";
@ -118,7 +132,7 @@ with lib;
# Override the default Syncthing settings so it doesn't start on boot
systemd.user.services."syncthing" = mkIf (!cfg.services.syncthing.autostart) {
Install = lib.mkForce {};
Install = lib.mkForce { };
};
};
})

7
modules/users/media/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
# Define user for managing media on Haven
let

2
nix-secrets

@ -1 +1 @@
Subproject commit b08463a68a07f237232a5951b9e0e58071b9f479
Subproject commit d7db8c62406e2389138e8aaaeb6e9e94494ae1ae