pim/nixos-laptop
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Format repo

Browse source
This commit is contained in:
Pim Kunis 2024-10-26 20:33:47 +02:00
parent db14de3471
commit 573a8cc407
18 changed files with 447 additions and 380 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

332
flake.nix
View file

@ -47,30 +47,33 @@
};
};
outputs =
{ self
, nixpkgs
, ...
}@inputs:
let
supportedSystems = [
"x86_64-linux"
"i686-linux"
"aarch64-linux"
];
forAllSystems' = nixpkgs.lib.genAttrs;
forAllSystems = forAllSystems' supportedSystems;
pkgsForSystem =
system:
import nixpkgs {
inherit system;
};
outputs = {
self,
nixpkgs,
...
} @ inputs: let
supportedSystems = [
"x86_64-linux"
"i686-linux"
"aarch64-linux"
];
forAllSystems' = nixpkgs.lib.genAttrs;
forAllSystems = forAllSystems' supportedSystems;
pkgsForSystem = system:
import nixpkgs {
inherit system;
};
treefmtEval = forAllSystems (
system: inputs.treefmt-nix.lib.evalModule (pkgsForSystem system) ./treefmt.nix
);
treefmtEval = forAllSystems (
system: inputs.treefmt-nix.lib.evalModule (pkgsForSystem system) ./treefmt.nix
);
mkNixosSystem = {extraModule, nixpkgs' ? nixpkgs, useDefaultConfiguration ? true}: nixpkgs'.lib.nixosSystem rec {
mkNixosSystem = {
extraModule,
nixpkgs' ? nixpkgs,
useDefaultConfiguration ? true,
}:
nixpkgs'.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = {
@ -78,187 +81,194 @@
flake = self;
};
modules = [
extraModule
] ++ nixpkgs'.lib.optional useDefaultConfiguration ./nixos;
modules =
[
extraModule
]
++ nixpkgs'.lib.optional useDefaultConfiguration ./nixos;
};
in
{
formatter = forAllSystems (system: (treefmtEval.${system}.config.build.wrapper));
in {
formatter = forAllSystems (system: (treefmtEval.${system}.config.build.wrapper));
nixosConfigurations = {
x260 = mkNixosSystem { extraModule = ({ pkgs, lib, ... }: {
imports = [ inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x260 ];
nixosConfigurations = {
x260 = mkNixosSystem {
extraModule = {
pkgs,
lib,
...
}: {
imports = [inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x260];
config = {
pim.lanzaboote.enable = true;
networking.hostName = "x260";
config = {
pim.lanzaboote.enable = true;
networking.hostName = "x260";
fprintd = {
fprintd = {
enable = true;
tod = {
enable = true;
driver = pkgs.libfprint-2-tod1-vfs0090;
};
};
tod = {
enable = true;
driver = pkgs.libfprint-2-tod1-vfs0090;
swapDevices = [{device = "/dev/disk/by-uuid/6028bf52-404d-4143-9cb0-9b06cd60a373";}];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "rtsx_pci_sdmmc"];
};
};
};
x201 = mkNixosSystem {
extraModule = {
pkgs,
lib,
...
}: {
imports = [inputs.disko.nixosModules.disko];
config = {
networking.hostName = "x201";
boot.initrd.availableKernelModules = ["ehci_pci" "ahci" "usb_storage"];
disko.devices = {
disk = {
sda = {
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
priority = 1; # Needs to be first partition
};
pv_os = {
size = "100%";
content = {
type = "lvm_pv";
vg = "vg_os";
};
};
};
};
};
};
swapDevices = [{ device = "/dev/disk/by-uuid/6028bf52-404d-4143-9cb0-9b06cd60a373"; }];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
};
});
};
lvm_vg.vg_os = {
type = "lvm_vg";
x201 = mkNixosSystem {extraModule = ({ pkgs, lib, ... }: {
imports = [ inputs.disko.nixosModules.disko ];
config = {
networking.hostName = "x201";
lvs = {
swap = {
size = "3GB";
content.type = "swap";
};
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" ];
root = {
size = "100%FREE";
disko.devices = {
disk = {
sda = {
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
priority = 1; # Needs to be first partition
};
pv_os = {
size = "100%";
content = {
type = "lvm_pv";
vg = "vg_os";
};
};
};
};
};
};
lvm_vg.vg_os = {
type = "lvm_vg";
lvs = {
swap = {
size = "3GB";
content.type = "swap";
};
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [ "defaults" ];
};
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = ["defaults"];
};
};
};
};
};
});
};
};
};
sue-cosmic = mkNixosSystem {
useDefaultConfiguration = false;
extraModule = ({ ... }: {
imports = [
inputs.nixos-hardware.nixosModules.dell-xps-13-9310
inputs.nixos-cosmic.nixosModules.default
./modules/nixos/lanzaboote.nix
];
sue-cosmic = mkNixosSystem {
useDefaultConfiguration = false;
extraModule = {...}: {
imports = [
inputs.nixos-hardware.nixosModules.dell-xps-13-9310
inputs.nixos-cosmic.nixosModules.default
./modules/nixos/lanzaboote.nix
];
config = {
nixpkgs.config.allowUnfree = true;
nix.settings = {
substituters = [ "https://cosmic.cachix.org/" ];
trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ];
};
users = {
users.pim = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" "input" "wireshark" "dialout" ];
};
};
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{ device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b"; }];
fileSystems = {
"/" =
{
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" =
{
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" ];
config = {
nixpkgs.config.allowUnfree = true;
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
});
};
sue = mkNixosSystem {extraModule = ({ ... }: {
imports = [ inputs.nixos-hardware.nixosModules.dell-xps-13-9310 ];
users = {
users.pim = {
isNormalUser = true;
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
};
};
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
};
};
};
sue = mkNixosSystem {
extraModule = {...}: {
imports = [inputs.nixos-hardware.nixosModules.dell-xps-13-9310];
config = {
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{ device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b"; }];
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
fileSystems = {
"/" =
{
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/" = {
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" =
{
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
"/boot" = {
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
};
nix.settings = {
substituters = [ "https://cosmic.cachix.org/" ];
trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ];
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" ];
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
# hardware.ipu6 = {
# enable = true;
# platform = "ipu6ep";
# };
};
});
};
};
};
};
}

194
home-manager/default.nix
View file

@ -1,4 +1,11 @@
{ pkgs, lib, config, inputs, flake, ... }: {
{
pkgs,
lib,
config,
inputs,
flake,
...
}: {
imports = [
./neovim
./firefox
@ -17,66 +24,69 @@
mimeApps = {
enable = true;
defaultApplications =
let
applications = {
telegram = {
mimeApp = "org.telegram.desktop.desktop";
mimeTypes = [ "x-scheme-handler/tg" ];
};
librewolf = {
mimeApp = "librewolf.desktop";
mimeTypes = [
"x-scheme-handler/http"
"text/html"
"application/xhtml+xml"
"x-scheme-handler/https"
"application/pdf"
];
};
gnomeTextEditor = {
mimeApp = "org.gnome.TextEditor.desktop";
mimeTypes = [ "text/plain" ];
};
loupe = {
mimeApp = "org.gnome.Loupe.desktop";
mimeTypes = [
"image/jpeg"
"image/png"
"image/gif"
"image/webp"
"image/tiff"
"image/x-tga"
"image/vnd-ms.dds"
"image/x-dds"
"image/bmp"
"image/vnd.microsoft.icon"
"image/vnd.radiance"
"image/x-exr"
"image/x-portable-bitmap"
"image/x-portable-graymap"
"image/x-portable-pixmap"
"image/x-portable-anymap"
"image/x-qoi"
"image/svg+xml"
"image/svg+xml-compressed"
"image/avif"
"image/heic"
"image/jxl"
];
};
defaultApplications = let
applications = {
telegram = {
mimeApp = "org.telegram.desktop.desktop";
mimeTypes = ["x-scheme-handler/tg"];
};
mimeTypesForApp = { mimeApp, mimeTypes }: map
(
mimeType: { "${mimeType}" = mimeApp; }
)
mimeTypes;
in
librewolf = {
mimeApp = "librewolf.desktop";
mimeTypes = [
"x-scheme-handler/http"
"text/html"
"application/xhtml+xml"
"x-scheme-handler/https"
"application/pdf"
];
};
gnomeTextEditor = {
mimeApp = "org.gnome.TextEditor.desktop";
mimeTypes = ["text/plain"];
};
loupe = {
mimeApp = "org.gnome.Loupe.desktop";
mimeTypes = [
"image/jpeg"
"image/png"
"image/gif"
"image/webp"
"image/tiff"
"image/x-tga"
"image/vnd-ms.dds"
"image/x-dds"
"image/bmp"
"image/vnd.microsoft.icon"
"image/vnd.radiance"
"image/x-exr"
"image/x-portable-bitmap"
"image/x-portable-graymap"
"image/x-portable-pixmap"
"image/x-portable-anymap"
"image/x-qoi"
"image/svg+xml"
"image/svg+xml-compressed"
"image/avif"
"image/heic"
"image/jxl"
];
};
};
mimeTypesForApp = {
mimeApp,
mimeTypes,
}:
map
(
mimeType: {"${mimeType}" = mimeApp;}
)
mimeTypes;
in
lib.zipAttrs (lib.flatten (map mimeTypesForApp (builtins.attrValues applications)));
};
};
@ -86,35 +96,37 @@
homeDirectory = "/home/pim";
stateVersion = "23.05";
packages = (with pkgs; [
jellyfin-media-player
virt-manager
]) ++ (with pkgs.unstable; [
attic-client
dbeaver-bin
devenv
bottles-unwrapped
gimp
hexchat
impression
insomnia
keepassxc
krita
libreoffice
# logseq # Has insecure electron dependency
moonlight-qt
nicotine-plus
qFlipper
signal-desktop
strawberry
telegram-desktop
vlc
vorta
wireshark
# nheko # Has insecure olm dependency
handbrake
feishin
]);
packages =
(with pkgs; [
jellyfin-media-player
virt-manager
])
++ (with pkgs.unstable; [
attic-client
dbeaver-bin
devenv
bottles-unwrapped
gimp
hexchat
impression
insomnia
keepassxc
krita
libreoffice
# logseq # Has insecure electron dependency
moonlight-qt
nicotine-plus
qFlipper
signal-desktop
strawberry
telegram-desktop
vlc
vorta
wireshark
# nheko # Has insecure olm dependency
handbrake
feishin
]);
};
programs = {
@ -131,7 +143,7 @@
enable = true;
settings.shell = {
program = lib.getExe config.programs.tmux.package;
args = [ "attach" ];
args = ["attach"];
};
};
@ -143,7 +155,7 @@
atuin = {
enable = true;
flags = [ "--disable-up-arrow" ];
flags = ["--disable-up-arrow"];
enableFishIntegration = true;
settings = {
@ -217,7 +229,7 @@
enable = true;
extraConfig = "User root";
matchBlocks.github = lib.hm.dag.entryBefore [ "*" ] {
matchBlocks.github = lib.hm.dag.entryBefore ["*"] {
hostname = "github.com";
user = "pizzapim";
identitiesOnly = true;

15
home-manager/firefox/addons.nix
View file

@ -1,11 +1,10 @@
pkgs: lib:
let
pkgs: lib: let
rycee-addons = pkgs.nur.repos.rycee.firefox-addons;
custom-addons = import ./custom-addons.nix pkgs lib;
in
with rycee-addons; [
ublock-origin
istilldontcareaboutcookies
keepassxc-browser
custom-addons.simple-style-fox-2
]
with rycee-addons; [
ublock-origin
istilldontcareaboutcookies
keepassxc-browser
custom-addons.simple-style-fox-2
]

46
home-manager/firefox/custom-addons.nix
View file

@ -1,15 +1,22 @@
pkgs: lib:
let
pkgs: lib: let
# Stolen from: https://github.com/nix-community/nur-combined/blob/master/repos/rycee/pkgs/firefox-addons/default.nix
buildFirefoxXpiAddon = lib.makeOverridable ({ stdenv ? pkgs.stdenv
, fetchurl ? pkgs.fetchurl, pname, version, addonId, url, sha256, meta, ...
}:
buildFirefoxXpiAddon = lib.makeOverridable ({
stdenv ? pkgs.stdenv,
fetchurl ? pkgs.fetchurl,
pname,
version,
addonId,
url,
sha256,
meta,
...
}:
stdenv.mkDerivation {
name = "${pname}-${version}";
inherit meta;
src = fetchurl { inherit url sha256; };
src = fetchurl {inherit url sha256;};
preferLocalBuild = true;
allowSubstitutes = true;
@ -25,14 +32,12 @@ in {
pname = "http-version-indicator";
version = "3.2.1";
addonId = "spdyindicator@chengsun.github.com";
url =
"https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
url = "https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
sha256 = "be9518017334ce502a1da514542c2ca4f974217d0c8e6c7c31d518aba57c09a8";
meta = with lib; {
homepage = "https://github.com/bsiegel/http-version-indicator";
description =
"An indicator showing the HTTP version used to load the page in the address bar.";
mozPermissions = [ "<all_urls>" "tabs" "webNavigation" "webRequest" ];
description = "An indicator showing the HTTP version used to load the page in the address bar.";
mozPermissions = ["<all_urls>" "tabs" "webNavigation" "webRequest"];
platforms = platforms.all;
};
};
@ -40,13 +45,11 @@ in {
pname = "indicatetls";
version = "0.3.0";
addonId = "{252ee273-8c8d-4609-b54d-62ae345be0a1}";
url =
"https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
url = "https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
sha256 = "7a3b7edb1085f7b15d279c1013fac1d68f5247cfd6312d5275cb053e24a79465";
meta = with lib; {
homepage = "https://github.com/jannispinter/indicatetls";
description =
"Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
description = "Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
license = licenses.mpl20;
mozPermissions = [
"tabs"
@ -63,15 +66,13 @@ in {
pname = "sixindicator";
version = "1.3.0";
addonId = "{8c9cad02-c069-4e93-909d-d874da819c49}";
url =
"https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
url = "https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
sha256 = "415ab83ed4ac94d1efe114752a09df29536d1bd54cc9b7e5ce5d9ee55a84226d";
meta = with lib; {
homepage = "https://github.com/HostedDinner/SixIndicator";
description =
"Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
description = "Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
license = licenses.mit;
mozPermissions = [ "tabs" "webRequest" "<all_urls>" ];
mozPermissions = ["tabs" "webRequest" "<all_urls>"];
platforms = platforms.all;
};
};
@ -79,13 +80,12 @@ in {
pname = "simple-style-fox-2";
version = "10.0";
addonId = "{317526c6-ff2b-49c9-822e-d77b4a3da1d1}";
url =
"https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
url = "https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
sha256 = "1aaac3ba08d21086d7087015f92a27661940df45a97bf5680588c883f799a97d";
meta = with lib; {
description = "Simple style fox 2";
license = licenses.cc-by-30;
mozPermissions = [ ];
mozPermissions = [];
platforms = platforms.all;
};
};

10
home-manager/firefox/default.nix
View file

@ -1,5 +1,8 @@
{ pkgs, lib, ... }:
let
{
pkgs,
lib,
...
}: let
firefoxAddons = import ./addons.nix pkgs lib;
firefoxSettings = {
"browser.aboutConfig.showWarning" = false;
@ -14,8 +17,7 @@ let
"browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
};
in
{
in {
config = {
programs.firefox = {
enable = true;

36
home-manager/gnome.nix
View file

@ -1,5 +1,11 @@
{ pkgs, lib, flake, config, ... }: {
home.packages = with pkgs; [ gnome.gnome-tweaks ];
{
pkgs,
lib,
flake,
config,
...
}: {
home.packages = with pkgs; [gnome.gnome-tweaks];
dconf.settings = with lib.hm.gvariant; {
"org/gnome/desktop/sound".allow-volume-above-100-percent = true;
@ -20,8 +26,8 @@
};
"org/gnome/desktop/input-sources" = {
sources = [ (mkTuple [ "xkb" "us" ]) ];
xkb-options = [ "terminate:ctrl_alt_bksp" "caps:escape" ];
sources = [(mkTuple ["xkb" "us"])];
xkb-options = ["terminate:ctrl_alt_bksp" "caps:escape"];
};
"org/gnome/shell/extensions/pop-shell" = {
@ -50,19 +56,19 @@
};
"org/gnome/desktop/wm/keybindings" = {
close = [ "<Shift><Super>q" ];
close = ["<Shift><Super>q"];
minimize = mkEmptyArray type.string;
move-to-workspace-1 = [ "<Shift><Super>1" ];
move-to-workspace-2 = [ "<Shift><Super>2" ];
move-to-workspace-3 = [ "<Shift><Super>3" ];
move-to-workspace-4 = [ "<Shift><Super>4" ];
move-to-workspace-1 = ["<Shift><Super>1"];
move-to-workspace-2 = ["<Shift><Super>2"];
move-to-workspace-3 = ["<Shift><Super>3"];
move-to-workspace-4 = ["<Shift><Super>4"];
switch-applications = mkEmptyArray type.string;
switch-applications-backward = mkEmptyArray type.string;
switch-to-workspace-1 = [ "<Super>1" ];
switch-to-workspace-2 = [ "<Super>2" ];
switch-to-workspace-3 = [ "<Super>3" ];
switch-to-workspace-4 = [ "<Super>4" ];
toggle-fullscreen = [ "<Super>f" ];
switch-to-workspace-1 = ["<Super>1"];
switch-to-workspace-2 = ["<Super>2"];
switch-to-workspace-3 = ["<Super>3"];
switch-to-workspace-4 = ["<Super>4"];
toggle-fullscreen = ["<Super>f"];
};
"org/gnome/shell/extensions/space-iflow-randomwallpaper" = {
@ -72,7 +78,7 @@
history-length = 1;
hours = 0;
minutes = 30;
sources = [ "42" ];
sources = ["42"];
fetch-on-startup = true;
};

2
home-manager/neovim/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: {
{pkgs, ...}: {
config = {
programs.neovim = {
enable = true;

2
home-manager/tidal.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ...}: {
{pkgs, ...}: {
home.packages = with pkgs; [
supercollider-with-sc3-plugins
];

6
home-manager/vscode.nix
View file

@ -1,4 +1,8 @@
{ pkgs, lib, ... }: {
{
pkgs,
lib,
...
}: {
programs.vscode = {
enable = true;
package = pkgs.vscodium;

39
nixos/default.nix
View file

@ -1,4 +1,12 @@
{ pkgs, config, lib, inputs, flake, system, ... }: {
{
pkgs,
config,
lib,
inputs,
flake,
system,
...
}: {
imports = [
inputs.home-manager.nixosModules.home-manager
./lanzaboote.nix
@ -19,13 +27,13 @@
xserver = {
enable = true;
displayManager.gdm = { enable = true; };
excludePackages = with pkgs; [ xterm ];
displayManager.gdm = {enable = true;};
excludePackages = with pkgs; [xterm];
};
printing = {
enable = true;
drivers = [ pkgs.hplip pkgs.gutenprint ];
drivers = [pkgs.hplip pkgs.gutenprint];
};
pipewire = {
@ -40,7 +48,7 @@
users = {
users.pim = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" "input" "wireshark" "dialout" ];
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
};
};
@ -94,7 +102,7 @@
nix = {
package = pkgs.nixFlakes;
settings.trusted-users = [ "root" "pim" ];
settings.trusted-users = ["root" "pim"];
extraOptions = ''
experimental-features = nix-command flakes
@ -122,9 +130,10 @@
hostPlatform = lib.mkDefault "x86_64-linux";
config = {
allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"libfprint-2-tod1-goodix"
];
allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [
"libfprint-2-tod1-goodix"
];
};
overlays = [
@ -139,12 +148,12 @@
};
boot = {
kernelModules = [ "kvm-intel" "cdrom" ];
extraModulePackages = [ ];
kernelModules = ["kvm-intel" "cdrom"];
extraModulePackages = [];
initrd = {
availableKernelModules = [ "sd_mod" ];
kernelModules = [ ];
availableKernelModules = ["sd_mod"];
kernelModules = [];
};
kernel.sysctl = {
@ -161,8 +170,8 @@
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit flake inputs; };
extraSpecialArgs = {inherit flake inputs;};
users.pim.imports = [ "${flake}/home-manager" ];
users.pim.imports = ["${flake}/home-manager"];
};
}

60
nixos/gnome.nix
View file

@ -1,34 +1,38 @@
{ pkgs, ... }: {
{pkgs, ...}: {
services.xserver.desktopManager.gnome.enable = true;
environment = {
systemPackages = [
pkgs.gnome.gnome-shell-extensions
] ++ (with pkgs.gnomeExtensions; [
pop-shell
window-is-ready-remover
random-wallpaper
workspaces-indicator-by-open-apps
]);
systemPackages =
[
pkgs.gnome.gnome-shell-extensions
]
++ (with pkgs.gnomeExtensions; [
pop-shell
window-is-ready-remover
random-wallpaper
workspaces-indicator-by-open-apps
]);
gnome.excludePackages = (with pkgs; [
epiphany
gnome-connections
gnome-console
gnome-tour
]) ++ (with pkgs.gnome; [
geary
gnome-calendar
gnome-clocks
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
seahorse
totem
yelp
gnome-weather
]);
gnome.excludePackages =
(with pkgs; [
epiphany
gnome-connections
gnome-console
gnome-tour
])
++ (with pkgs.gnome; [
geary
gnome-calendar
gnome-clocks
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
seahorse
totem
yelp
gnome-weather
]);
};
}

7
nixos/lanzaboote.nix
View file

@ -1,4 +1,9 @@
{ config, lib, inputs, ... }: {
{
config,
lib,
inputs,
...
}: {
imports = [
inputs.lanzaboote.nixosModules.lanzaboote
];

11
nixos/sops.nix
View file

@ -1,7 +1,12 @@
{ inputs, pkgs, flake, ... }: {
imports = [ inputs.sops-nix.nixosModules.sops ];
{
inputs,
pkgs,
flake,
...
}: {
imports = [inputs.sops-nix.nixosModules.sops];
environment.systemPackages = with pkgs; [ sops ];
environment.systemPackages = with pkgs; [sops];
sops = {
age.keyFile = "/home/pim/.config/sops/age/keys.txt";

10
nixos/stylix.nix
View file

@ -1,5 +1,9 @@
{ pkgs, inputs, ... }: {
imports = [ inputs.stylix.nixosModules.stylix ];
{
pkgs,
inputs,
...
}: {
imports = [inputs.stylix.nixosModules.stylix];
stylix = {
enable = true;
@ -14,7 +18,7 @@
fonts = {
monospace = {
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
package = pkgs.nerdfonts.override {fonts = ["JetBrainsMono"];};
name = "JetBrainsMono Nerd Font Mono";
};

4
nixos/tailscale.nix
View file

@ -1,10 +1,10 @@
{pkgs, ...}: {
environment.systemPackages = [ pkgs.gnomeExtensions.tailscale-status ];
environment.systemPackages = [pkgs.gnomeExtensions.tailscale-status];
services.tailscale = {
enable = true;
useRoutingFeatures = "client";
};
networking.networkmanager.unmanaged = [ "tailscale0" ];
networking.networkmanager.unmanaged = ["tailscale0"];
}

2
nixos/tidal.nix
View file

@ -1,3 +1,3 @@
{ ... }: {
{...}: {
users.users.pim.extraGroups = ["audio"];
}

48
nixos/wireguard.nix
View file

@ -1,41 +1,49 @@
{ lib, config, ... }: {
{
lib,
config,
...
}: {
networking = {
useDHCP = lib.mkDefault true;
networkmanager.unmanaged = [ "tailscale0" ];
networkmanager.unmanaged = ["tailscale0"];
wg-quick.interfaces = {
home = {
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
address = [ "10.225.191.4/24" ];
dns = [ "192.168.30.131" ];
address = ["10.225.191.4/24"];
dns = ["192.168.30.131"];
autostart = false;
mtu = 1412;
peers = [{
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
endpoint = "wg.kun.is:51820";
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
allowedIPs = [ "0.0.0.0/0" ];
}];
peers = [
{
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
endpoint = "wg.kun.is:51820";
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
allowedIPs = ["0.0.0.0/0"];
}
];
};
home-no-pihole = {
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
address = [ "10.225.191.4/24" ];
dns = [ "192.168.10.1" ];
address = ["10.225.191.4/24"];
dns = ["192.168.10.1"];
autostart = false;
mtu = 1412;
peers = [{
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
endpoint = "wg.kun.is:51820";
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
allowedIPs = [ "0.0.0.0/0" ];
}];
peers = [
{
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
endpoint = "wg.kun.is:51820";
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
allowedIPs = ["0.0.0.0/0"];
}
];
};
};
};
sops.secrets = {
"wireguard/home/presharedKey" = { };
"wireguard/home/privateKey" = { };
"wireguard/home/presharedKey" = {};
"wireguard/home/privateKey" = {};
};
}

3
treefmt.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
projectRootFile = "flake.nix";
programs.alejandra.enable = true;
}