Compare commits

..

No commits in common. "573a8cc407c10c50d9eac2301f9a32dfbfc4add8" and "08b0fbcd0c63af6c96302b0740e816432acc0014" have entirely different histories.

19 changed files with 350 additions and 477 deletions

View file

@ -549,22 +549,6 @@
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1726871744,
"narHash": "sha256-V5LpfdHyQkUF7RfOaDPrZDP+oqz88lTJrMT1+stXNwo=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a1d92660c6b3b7c26fb883500a80ea9d33321be2",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1729855863,
@ -624,8 +608,7 @@
"nixpkgs-unstable": "nixpkgs-unstable",
"nur": "nur",
"sops-nix": "sops-nix",
"stylix": "stylix",
"treefmt-nix": "treefmt-nix"
"stylix": "stylix"
}
},
"rust-overlay": {
@ -738,24 +721,6 @@
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1729613947,
"narHash": "sha256-XGOvuIPW1XRfPgHtGYXd5MAmJzZtOuwlfKDgxX5KT3s=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "aac86347fb5063960eccb19493e0cadcdb4205ca",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",

122
flake.nix
View file

@ -7,7 +7,6 @@
nur.url = "github:nix-community/NUR";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
stylix.url = "github:pizzapim/stylix/release-24.05";
treefmt-nix.url = "github:numtide/treefmt-nix";
nix-index-database = {
url = "github:nix-community/nix-index-database";
@ -47,33 +46,13 @@
};
};
outputs = {
self,
nixpkgs,
...
} @ inputs: let
supportedSystems = [
"x86_64-linux"
"i686-linux"
"aarch64-linux"
];
forAllSystems' = nixpkgs.lib.genAttrs;
forAllSystems = forAllSystems' supportedSystems;
pkgsForSystem = system:
import nixpkgs {
inherit system;
};
treefmtEval = forAllSystems (
system: inputs.treefmt-nix.lib.evalModule (pkgsForSystem system) ./treefmt.nix
);
mkNixosSystem = {
extraModule,
nixpkgs' ? nixpkgs,
useDefaultConfiguration ? true,
}:
nixpkgs'.lib.nixosSystem rec {
outputs =
{ self
, nixpkgs
, ...
}@inputs:
let
mkNixosSystem = {extraModule, nixpkgs' ? nixpkgs, useDefaultConfiguration ? true}: nixpkgs'.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = {
@ -81,23 +60,15 @@
flake = self;
};
modules =
[
modules = [
extraModule
]
++ nixpkgs'.lib.optional useDefaultConfiguration ./nixos;
] ++ nixpkgs'.lib.optional useDefaultConfiguration ./nixos;
};
in {
formatter = forAllSystems (system: (treefmtEval.${system}.config.build.wrapper));
in
{
nixosConfigurations = {
x260 = mkNixosSystem {
extraModule = {
pkgs,
lib,
...
}: {
imports = [inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x260];
x260 = mkNixosSystem { extraModule = ({ pkgs, lib, ... }: {
imports = [ inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x260 ];
config = {
pim.lanzaboote.enable = true;
@ -112,24 +83,20 @@
};
};
swapDevices = [{device = "/dev/disk/by-uuid/6028bf52-404d-4143-9cb0-9b06cd60a373";}];
swapDevices = [{ device = "/dev/disk/by-uuid/6028bf52-404d-4143-9cb0-9b06cd60a373"; }];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "rtsx_pci_sdmmc"];
};
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
};
});
};
x201 = mkNixosSystem {
extraModule = {
pkgs,
lib,
...
}: {
imports = [inputs.disko.nixosModules.disko];
x201 = mkNixosSystem {extraModule = ({ pkgs, lib, ... }: {
imports = [ inputs.disko.nixosModules.disko ];
config = {
networking.hostName = "x201";
boot.initrd.availableKernelModules = ["ehci_pci" "ahci" "usb_storage"];
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" ];
disko.devices = {
disk = {
@ -174,19 +141,19 @@
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = ["defaults"];
};
mountOptions = [ "defaults" ];
};
};
};
};
};
};
});
};
sue-cosmic = mkNixosSystem {
useDefaultConfiguration = false;
extraModule = {...}: {
extraModule = ({ ... }: {
imports = [
inputs.nixos-hardware.nixosModules.dell-xps-13-9310
inputs.nixos-cosmic.nixosModules.default
@ -196,14 +163,14 @@
config = {
nixpkgs.config.allowUnfree = true;
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
substituters = [ "https://cosmic.cachix.org/" ];
trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ];
};
users = {
users.pim = {
isNormalUser = true;
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
extraGroups = [ "wheel" "docker" "input" "wireshark" "dialout" ];
};
};
@ -212,62 +179,65 @@
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
swapDevices = [{ device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b"; }];
fileSystems = {
"/" = {
"/" =
{
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" = {
"/boot" =
{
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
options = [ "fmask=0022" "dmask=0022" ];
};
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
};
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" ];
};
});
};
sue = mkNixosSystem {
extraModule = {...}: {
imports = [inputs.nixos-hardware.nixosModules.dell-xps-13-9310];
sue = mkNixosSystem {extraModule = ({ ... }: {
imports = [ inputs.nixos-hardware.nixosModules.dell-xps-13-9310 ];
config = {
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
swapDevices = [{ device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b"; }];
fileSystems = {
"/" = {
"/" =
{
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" = {
"/boot" =
{
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
options = [ "fmask=0022" "dmask=0022" ];
};
};
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
substituters = [ "https://cosmic.cachix.org/" ];
trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ];
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" ];
# hardware.ipu6 = {
# enable = true;
# platform = "ipu6ep";
# };
};
};
});
};
};
};

View file

@ -1,11 +1,4 @@
{
pkgs,
lib,
config,
inputs,
flake,
...
}: {
{ pkgs, lib, config, inputs, flake, ... }: {
imports = [
./neovim
./firefox
@ -24,11 +17,12 @@
mimeApps = {
enable = true;
defaultApplications = let
defaultApplications =
let
applications = {
telegram = {
mimeApp = "org.telegram.desktop.desktop";
mimeTypes = ["x-scheme-handler/tg"];
mimeTypes = [ "x-scheme-handler/tg" ];
};
librewolf = {
@ -45,7 +39,7 @@
gnomeTextEditor = {
mimeApp = "org.gnome.TextEditor.desktop";
mimeTypes = ["text/plain"];
mimeTypes = [ "text/plain" ];
};
loupe = {
@ -77,13 +71,9 @@
};
};
mimeTypesForApp = {
mimeApp,
mimeTypes,
}:
map
mimeTypesForApp = { mimeApp, mimeTypes }: map
(
mimeType: {"${mimeType}" = mimeApp;}
mimeType: { "${mimeType}" = mimeApp; }
)
mimeTypes;
in
@ -96,12 +86,10 @@
homeDirectory = "/home/pim";
stateVersion = "23.05";
packages =
(with pkgs; [
packages = (with pkgs; [
jellyfin-media-player
virt-manager
])
++ (with pkgs.unstable; [
]) ++ (with pkgs.unstable; [
attic-client
dbeaver-bin
devenv
@ -143,7 +131,7 @@
enable = true;
settings.shell = {
program = lib.getExe config.programs.tmux.package;
args = ["attach"];
args = [ "attach" ];
};
};
@ -155,7 +143,7 @@
atuin = {
enable = true;
flags = ["--disable-up-arrow"];
flags = [ "--disable-up-arrow" ];
enableFishIntegration = true;
settings = {
@ -229,7 +217,7 @@
enable = true;
extraConfig = "User root";
matchBlocks.github = lib.hm.dag.entryBefore ["*"] {
matchBlocks.github = lib.hm.dag.entryBefore [ "*" ] {
hostname = "github.com";
user = "pizzapim";
identitiesOnly = true;

View file

@ -1,10 +1,11 @@
pkgs: lib: let
pkgs: lib:
let
rycee-addons = pkgs.nur.repos.rycee.firefox-addons;
custom-addons = import ./custom-addons.nix pkgs lib;
in
with rycee-addons; [
with rycee-addons; [
ublock-origin
istilldontcareaboutcookies
keepassxc-browser
custom-addons.simple-style-fox-2
]
]

View file

@ -1,22 +1,15 @@
pkgs: lib: let
pkgs: lib:
let
# Stolen from: https://github.com/nix-community/nur-combined/blob/master/repos/rycee/pkgs/firefox-addons/default.nix
buildFirefoxXpiAddon = lib.makeOverridable ({
stdenv ? pkgs.stdenv,
fetchurl ? pkgs.fetchurl,
pname,
version,
addonId,
url,
sha256,
meta,
...
buildFirefoxXpiAddon = lib.makeOverridable ({ stdenv ? pkgs.stdenv
, fetchurl ? pkgs.fetchurl, pname, version, addonId, url, sha256, meta, ...
}:
stdenv.mkDerivation {
name = "${pname}-${version}";
inherit meta;
src = fetchurl {inherit url sha256;};
src = fetchurl { inherit url sha256; };
preferLocalBuild = true;
allowSubstitutes = true;
@ -32,12 +25,14 @@ in {
pname = "http-version-indicator";
version = "3.2.1";
addonId = "spdyindicator@chengsun.github.com";
url = "https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
url =
"https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
sha256 = "be9518017334ce502a1da514542c2ca4f974217d0c8e6c7c31d518aba57c09a8";
meta = with lib; {
homepage = "https://github.com/bsiegel/http-version-indicator";
description = "An indicator showing the HTTP version used to load the page in the address bar.";
mozPermissions = ["<all_urls>" "tabs" "webNavigation" "webRequest"];
description =
"An indicator showing the HTTP version used to load the page in the address bar.";
mozPermissions = [ "<all_urls>" "tabs" "webNavigation" "webRequest" ];
platforms = platforms.all;
};
};
@ -45,11 +40,13 @@ in {
pname = "indicatetls";
version = "0.3.0";
addonId = "{252ee273-8c8d-4609-b54d-62ae345be0a1}";
url = "https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
url =
"https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
sha256 = "7a3b7edb1085f7b15d279c1013fac1d68f5247cfd6312d5275cb053e24a79465";
meta = with lib; {
homepage = "https://github.com/jannispinter/indicatetls";
description = "Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
description =
"Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
license = licenses.mpl20;
mozPermissions = [
"tabs"
@ -66,13 +63,15 @@ in {
pname = "sixindicator";
version = "1.3.0";
addonId = "{8c9cad02-c069-4e93-909d-d874da819c49}";
url = "https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
url =
"https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
sha256 = "415ab83ed4ac94d1efe114752a09df29536d1bd54cc9b7e5ce5d9ee55a84226d";
meta = with lib; {
homepage = "https://github.com/HostedDinner/SixIndicator";
description = "Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
description =
"Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
license = licenses.mit;
mozPermissions = ["tabs" "webRequest" "<all_urls>"];
mozPermissions = [ "tabs" "webRequest" "<all_urls>" ];
platforms = platforms.all;
};
};
@ -80,12 +79,13 @@ in {
pname = "simple-style-fox-2";
version = "10.0";
addonId = "{317526c6-ff2b-49c9-822e-d77b4a3da1d1}";
url = "https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
url =
"https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
sha256 = "1aaac3ba08d21086d7087015f92a27661940df45a97bf5680588c883f799a97d";
meta = with lib; {
description = "Simple style fox 2";
license = licenses.cc-by-30;
mozPermissions = [];
mozPermissions = [ ];
platforms = platforms.all;
};
};

View file

@ -1,8 +1,5 @@
{
pkgs,
lib,
...
}: let
{ pkgs, lib, ... }:
let
firefoxAddons = import ./addons.nix pkgs lib;
firefoxSettings = {
"browser.aboutConfig.showWarning" = false;
@ -17,7 +14,8 @@
"browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
};
in {
in
{
config = {
programs.firefox = {
enable = true;

View file

@ -1,11 +1,5 @@
{
pkgs,
lib,
flake,
config,
...
}: {
home.packages = with pkgs; [gnome.gnome-tweaks];
{ pkgs, lib, flake, config, ... }: {
home.packages = with pkgs; [ gnome.gnome-tweaks ];
dconf.settings = with lib.hm.gvariant; {
"org/gnome/desktop/sound".allow-volume-above-100-percent = true;
@ -26,8 +20,8 @@
};
"org/gnome/desktop/input-sources" = {
sources = [(mkTuple ["xkb" "us"])];
xkb-options = ["terminate:ctrl_alt_bksp" "caps:escape"];
sources = [ (mkTuple [ "xkb" "us" ]) ];
xkb-options = [ "terminate:ctrl_alt_bksp" "caps:escape" ];
};
"org/gnome/shell/extensions/pop-shell" = {
@ -56,19 +50,19 @@
};
"org/gnome/desktop/wm/keybindings" = {
close = ["<Shift><Super>q"];
close = [ "<Shift><Super>q" ];
minimize = mkEmptyArray type.string;
move-to-workspace-1 = ["<Shift><Super>1"];
move-to-workspace-2 = ["<Shift><Super>2"];
move-to-workspace-3 = ["<Shift><Super>3"];
move-to-workspace-4 = ["<Shift><Super>4"];
move-to-workspace-1 = [ "<Shift><Super>1" ];
move-to-workspace-2 = [ "<Shift><Super>2" ];
move-to-workspace-3 = [ "<Shift><Super>3" ];
move-to-workspace-4 = [ "<Shift><Super>4" ];
switch-applications = mkEmptyArray type.string;
switch-applications-backward = mkEmptyArray type.string;
switch-to-workspace-1 = ["<Super>1"];
switch-to-workspace-2 = ["<Super>2"];
switch-to-workspace-3 = ["<Super>3"];
switch-to-workspace-4 = ["<Super>4"];
toggle-fullscreen = ["<Super>f"];
switch-to-workspace-1 = [ "<Super>1" ];
switch-to-workspace-2 = [ "<Super>2" ];
switch-to-workspace-3 = [ "<Super>3" ];
switch-to-workspace-4 = [ "<Super>4" ];
toggle-fullscreen = [ "<Super>f" ];
};
"org/gnome/shell/extensions/space-iflow-randomwallpaper" = {
@ -78,7 +72,7 @@
history-length = 1;
hours = 0;
minutes = 30;
sources = ["42"];
sources = [ "42" ];
fetch-on-startup = true;
};

View file

@ -1,4 +1,4 @@
{pkgs, ...}: {
{ pkgs, ... }: {
config = {
programs.neovim = {
enable = true;

View file

@ -1,4 +1,4 @@
{pkgs, ...}: {
{ pkgs, ...}: {
home.packages = with pkgs; [
supercollider-with-sc3-plugins
];

View file

@ -1,8 +1,4 @@
{
pkgs,
lib,
...
}: {
{ pkgs, lib, ... }: {
programs.vscode = {
enable = true;
package = pkgs.vscodium;

View file

@ -1,12 +1,4 @@
{
pkgs,
config,
lib,
inputs,
flake,
system,
...
}: {
{ pkgs, config, lib, inputs, flake, system, ... }: {
imports = [
inputs.home-manager.nixosModules.home-manager
./lanzaboote.nix
@ -27,13 +19,13 @@
xserver = {
enable = true;
displayManager.gdm = {enable = true;};
excludePackages = with pkgs; [xterm];
displayManager.gdm = { enable = true; };
excludePackages = with pkgs; [ xterm ];
};
printing = {
enable = true;
drivers = [pkgs.hplip pkgs.gutenprint];
drivers = [ pkgs.hplip pkgs.gutenprint ];
};
pipewire = {
@ -48,7 +40,7 @@
users = {
users.pim = {
isNormalUser = true;
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
extraGroups = [ "wheel" "docker" "input" "wireshark" "dialout" ];
};
};
@ -102,7 +94,7 @@
nix = {
package = pkgs.nixFlakes;
settings.trusted-users = ["root" "pim"];
settings.trusted-users = [ "root" "pim" ];
extraOptions = ''
experimental-features = nix-command flakes
@ -130,8 +122,7 @@
hostPlatform = lib.mkDefault "x86_64-linux";
config = {
allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [
allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"libfprint-2-tod1-goodix"
];
};
@ -148,12 +139,12 @@
};
boot = {
kernelModules = ["kvm-intel" "cdrom"];
extraModulePackages = [];
kernelModules = [ "kvm-intel" "cdrom" ];
extraModulePackages = [ ];
initrd = {
availableKernelModules = ["sd_mod"];
kernelModules = [];
availableKernelModules = [ "sd_mod" ];
kernelModules = [ ];
};
kernel.sysctl = {
@ -170,8 +161,8 @@
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = {inherit flake inputs;};
extraSpecialArgs = { inherit flake inputs; };
users.pim.imports = ["${flake}/home-manager"];
users.pim.imports = [ "${flake}/home-manager" ];
};
}

View file

@ -1,26 +1,22 @@
{pkgs, ...}: {
{ pkgs, ... }: {
services.xserver.desktopManager.gnome.enable = true;
environment = {
systemPackages =
[
systemPackages = [
pkgs.gnome.gnome-shell-extensions
]
++ (with pkgs.gnomeExtensions; [
] ++ (with pkgs.gnomeExtensions; [
pop-shell
window-is-ready-remover
random-wallpaper
workspaces-indicator-by-open-apps
]);
gnome.excludePackages =
(with pkgs; [
gnome.excludePackages = (with pkgs; [
epiphany
gnome-connections
gnome-console
gnome-tour
])
++ (with pkgs.gnome; [
]) ++ (with pkgs.gnome; [
geary
gnome-calendar
gnome-clocks

View file

@ -1,9 +1,4 @@
{
config,
lib,
inputs,
...
}: {
{ config, lib, inputs, ... }: {
imports = [
inputs.lanzaboote.nixosModules.lanzaboote
];

View file

@ -1,12 +1,7 @@
{
inputs,
pkgs,
flake,
...
}: {
imports = [inputs.sops-nix.nixosModules.sops];
{ inputs, pkgs, flake, ... }: {
imports = [ inputs.sops-nix.nixosModules.sops ];
environment.systemPackages = with pkgs; [sops];
environment.systemPackages = with pkgs; [ sops ];
sops = {
age.keyFile = "/home/pim/.config/sops/age/keys.txt";

View file

@ -1,9 +1,5 @@
{
pkgs,
inputs,
...
}: {
imports = [inputs.stylix.nixosModules.stylix];
{ pkgs, inputs, ... }: {
imports = [ inputs.stylix.nixosModules.stylix ];
stylix = {
enable = true;
@ -18,7 +14,7 @@
fonts = {
monospace = {
package = pkgs.nerdfonts.override {fonts = ["JetBrainsMono"];};
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
name = "JetBrainsMono Nerd Font Mono";
};

View file

@ -1,10 +1,10 @@
{pkgs, ...}: {
environment.systemPackages = [pkgs.gnomeExtensions.tailscale-status];
environment.systemPackages = [ pkgs.gnomeExtensions.tailscale-status ];
services.tailscale = {
enable = true;
useRoutingFeatures = "client";
};
networking.networkmanager.unmanaged = ["tailscale0"];
networking.networkmanager.unmanaged = [ "tailscale0" ];
}

View file

@ -1,3 +1,3 @@
{...}: {
{ ... }: {
users.users.pim.extraGroups = ["audio"];
}

View file

@ -1,49 +1,41 @@
{
lib,
config,
...
}: {
{ lib, config, ... }: {
networking = {
useDHCP = lib.mkDefault true;
networkmanager.unmanaged = ["tailscale0"];
networkmanager.unmanaged = [ "tailscale0" ];
wg-quick.interfaces = {
home = {
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
address = ["10.225.191.4/24"];
dns = ["192.168.30.131"];
address = [ "10.225.191.4/24" ];
dns = [ "192.168.30.131" ];
autostart = false;
mtu = 1412;
peers = [
{
peers = [{
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
endpoint = "wg.kun.is:51820";
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
allowedIPs = ["0.0.0.0/0"];
}
];
allowedIPs = [ "0.0.0.0/0" ];
}];
};
home-no-pihole = {
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
address = ["10.225.191.4/24"];
dns = ["192.168.10.1"];
address = [ "10.225.191.4/24" ];
dns = [ "192.168.10.1" ];
autostart = false;
mtu = 1412;
peers = [
{
peers = [{
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
endpoint = "wg.kun.is:51820";
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
allowedIPs = ["0.0.0.0/0"];
}
];
allowedIPs = [ "0.0.0.0/0" ];
}];
};
};
};
sops.secrets = {
"wireguard/home/presharedKey" = {};
"wireguard/home/privateKey" = {};
"wireguard/home/presharedKey" = { };
"wireguard/home/privateKey" = { };
};
}

View file

@ -1,4 +0,0 @@
{...}: {
projectRootFile = "flake.nix";
programs.alejandra.enable = true;
}