pim/nixos-laptop
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Format repo

Browse source
This commit is contained in:
Pim Kunis 2024-10-26 20:33:47 +02:00
parent db14de3471
commit 573a8cc407
18 changed files with 447 additions and 380 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

332
flake.nix
View file

@ -47,30 +47,33 @@
}; };
}; };
outputs = outputs = {
{ self self,
, nixpkgs nixpkgs,
, ... ...
}@inputs: } @ inputs: let
let supportedSystems = [
supportedSystems = [ "x86_64-linux"
"x86_64-linux" "i686-linux"
"i686-linux" "aarch64-linux"
"aarch64-linux" ];
]; forAllSystems' = nixpkgs.lib.genAttrs;
forAllSystems' = nixpkgs.lib.genAttrs; forAllSystems = forAllSystems' supportedSystems;
forAllSystems = forAllSystems' supportedSystems; pkgsForSystem = system:
pkgsForSystem = import nixpkgs {
system: inherit system;
import nixpkgs { };
inherit system;
};
treefmtEval = forAllSystems ( treefmtEval = forAllSystems (
system: inputs.treefmt-nix.lib.evalModule (pkgsForSystem system) ./treefmt.nix system: inputs.treefmt-nix.lib.evalModule (pkgsForSystem system) ./treefmt.nix
); );
mkNixosSystem = {extraModule, nixpkgs' ? nixpkgs, useDefaultConfiguration ? true}: nixpkgs'.lib.nixosSystem rec { mkNixosSystem = {
extraModule,
nixpkgs' ? nixpkgs,
useDefaultConfiguration ? true,
}:
nixpkgs'.lib.nixosSystem rec {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = {
@ -78,187 +81,194 @@
flake = self; flake = self;
}; };
modules = [ modules =
extraModule [
] ++ nixpkgs'.lib.optional useDefaultConfiguration ./nixos; extraModule
]
++ nixpkgs'.lib.optional useDefaultConfiguration ./nixos;
}; };
in in {
{ formatter = forAllSystems (system: (treefmtEval.${system}.config.build.wrapper));
formatter = forAllSystems (system: (treefmtEval.${system}.config.build.wrapper));
nixosConfigurations = { nixosConfigurations = {
x260 = mkNixosSystem { extraModule = ({ pkgs, lib, ... }: { x260 = mkNixosSystem {
imports = [ inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x260 ]; extraModule = {
pkgs,
lib,
...
}: {
imports = [inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x260];
config = { config = {
pim.lanzaboote.enable = true; pim.lanzaboote.enable = true;
networking.hostName = "x260"; networking.hostName = "x260";
fprintd = { fprintd = {
enable = true;
tod = {
enable = true; enable = true;
driver = pkgs.libfprint-2-tod1-vfs0090;
};
};
tod = { swapDevices = [{device = "/dev/disk/by-uuid/6028bf52-404d-4143-9cb0-9b06cd60a373";}];
enable = true; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
driver = pkgs.libfprint-2-tod1-vfs0090; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "rtsx_pci_sdmmc"];
};
};
};
x201 = mkNixosSystem {
extraModule = {
pkgs,
lib,
...
}: {
imports = [inputs.disko.nixosModules.disko];
config = {
networking.hostName = "x201";
boot.initrd.availableKernelModules = ["ehci_pci" "ahci" "usb_storage"];
disko.devices = {
disk = {
sda = {
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
priority = 1; # Needs to be first partition
};
pv_os = {
size = "100%";
content = {
type = "lvm_pv";
vg = "vg_os";
};
};
};
};
}; };
}; };
swapDevices = [{ device = "/dev/disk/by-uuid/6028bf52-404d-4143-9cb0-9b06cd60a373"; }]; lvm_vg.vg_os = {
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; type = "lvm_vg";
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
};
});
};
x201 = mkNixosSystem {extraModule = ({ pkgs, lib, ... }: { lvs = {
imports = [ inputs.disko.nixosModules.disko ]; swap = {
config = { size = "3GB";
networking.hostName = "x201"; content.type = "swap";
};
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" ]; root = {
size = "100%FREE";
disko.devices = {
disk = {
sda = {
device = "/dev/sda";
type = "disk";
content = { content = {
type = "gpt"; type = "filesystem";
partitions = { format = "ext4";
boot = { mountpoint = "/";
size = "1M"; mountOptions = ["defaults"];
type = "EF02"; # for grub MBR
priority = 1; # Needs to be first partition
};
pv_os = {
size = "100%";
content = {
type = "lvm_pv";
vg = "vg_os";
};
};
};
};
};
};
lvm_vg.vg_os = {
type = "lvm_vg";
lvs = {
swap = {
size = "3GB";
content.type = "swap";
};
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [ "defaults" ];
};
}; };
}; };
}; };
}; };
}; };
}); };
}; };
};
sue-cosmic = mkNixosSystem { sue-cosmic = mkNixosSystem {
useDefaultConfiguration = false; useDefaultConfiguration = false;
extraModule = ({ ... }: { extraModule = {...}: {
imports = [ imports = [
inputs.nixos-hardware.nixosModules.dell-xps-13-9310 inputs.nixos-hardware.nixosModules.dell-xps-13-9310
inputs.nixos-cosmic.nixosModules.default inputs.nixos-cosmic.nixosModules.default
./modules/nixos/lanzaboote.nix ./modules/nixos/lanzaboote.nix
]; ];
config = { config = {
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nix.settings = { nix.settings = {
substituters = [ "https://cosmic.cachix.org/" ]; substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ]; trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
users = {
users.pim = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" "input" "wireshark" "dialout" ];
};
};
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{ device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b"; }];
fileSystems = {
"/" =
{
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" =
{
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" ];
}; };
});
};
sue = mkNixosSystem {extraModule = ({ ... }: { users = {
imports = [ inputs.nixos-hardware.nixosModules.dell-xps-13-9310 ]; users.pim = {
isNormalUser = true;
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
};
};
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
};
};
};
sue = mkNixosSystem {
extraModule = {...}: {
imports = [inputs.nixos-hardware.nixosModules.dell-xps-13-9310];
config = { config = {
pim.lanzaboote.enable = true; pim.lanzaboote.enable = true;
networking.hostName = "xps-9315"; networking.hostName = "xps-9315";
swapDevices = [{ device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b"; }]; swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
fileSystems = { fileSystems = {
"/" = "/" = {
{ device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a"; fsType = "ext4";
fsType = "ext4"; };
};
"/boot" = "/boot" = {
{ device = "/dev/disk/by-uuid/560E-F8A2";
device = "/dev/disk/by-uuid/560E-F8A2"; fsType = "vfat";
fsType = "vfat"; options = ["fmask=0022" "dmask=0022"];
options = [ "fmask=0022" "dmask=0022" ]; };
};
}; };
nix.settings = { nix.settings = {
substituters = [ "https://cosmic.cachix.org/" ]; substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ]; trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
}; };
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494"; boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" ]; boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
# hardware.ipu6 = { # hardware.ipu6 = {
# enable = true; # enable = true;
# platform = "ipu6ep"; # platform = "ipu6ep";
# }; # };
}; };
});
}; };
}; };
}; };
};
} }

194
home-manager/default.nix
View file

@ -1,4 +1,11 @@
{ pkgs, lib, config, inputs, flake, ... }: { {
pkgs,
lib,
config,
inputs,
flake,
...
}: {
imports = [ imports = [
./neovim ./neovim
./firefox ./firefox
@ -17,66 +24,69 @@
mimeApps = { mimeApps = {
enable = true; enable = true;
defaultApplications = defaultApplications = let
let applications = {
applications = { telegram = {
telegram = { mimeApp = "org.telegram.desktop.desktop";
mimeApp = "org.telegram.desktop.desktop"; mimeTypes = ["x-scheme-handler/tg"];
mimeTypes = [ "x-scheme-handler/tg" ];
};
librewolf = {
mimeApp = "librewolf.desktop";
mimeTypes = [
"x-scheme-handler/http"
"text/html"
"application/xhtml+xml"
"x-scheme-handler/https"
"application/pdf"
];
};
gnomeTextEditor = {
mimeApp = "org.gnome.TextEditor.desktop";
mimeTypes = [ "text/plain" ];
};
loupe = {
mimeApp = "org.gnome.Loupe.desktop";
mimeTypes = [
"image/jpeg"
"image/png"
"image/gif"
"image/webp"
"image/tiff"
"image/x-tga"
"image/vnd-ms.dds"
"image/x-dds"
"image/bmp"
"image/vnd.microsoft.icon"
"image/vnd.radiance"
"image/x-exr"
"image/x-portable-bitmap"
"image/x-portable-graymap"
"image/x-portable-pixmap"
"image/x-portable-anymap"
"image/x-qoi"
"image/svg+xml"
"image/svg+xml-compressed"
"image/avif"
"image/heic"
"image/jxl"
];
};
}; };
mimeTypesForApp = { mimeApp, mimeTypes }: map librewolf = {
( mimeApp = "librewolf.desktop";
mimeType: { "${mimeType}" = mimeApp; }
) mimeTypes = [
mimeTypes; "x-scheme-handler/http"
in "text/html"
"application/xhtml+xml"
"x-scheme-handler/https"
"application/pdf"
];
};
gnomeTextEditor = {
mimeApp = "org.gnome.TextEditor.desktop";
mimeTypes = ["text/plain"];
};
loupe = {
mimeApp = "org.gnome.Loupe.desktop";
mimeTypes = [
"image/jpeg"
"image/png"
"image/gif"
"image/webp"
"image/tiff"
"image/x-tga"
"image/vnd-ms.dds"
"image/x-dds"
"image/bmp"
"image/vnd.microsoft.icon"
"image/vnd.radiance"
"image/x-exr"
"image/x-portable-bitmap"
"image/x-portable-graymap"
"image/x-portable-pixmap"
"image/x-portable-anymap"
"image/x-qoi"
"image/svg+xml"
"image/svg+xml-compressed"
"image/avif"
"image/heic"
"image/jxl"
];
};
};
mimeTypesForApp = {
mimeApp,
mimeTypes,
}:
map
(
mimeType: {"${mimeType}" = mimeApp;}
)
mimeTypes;
in
lib.zipAttrs (lib.flatten (map mimeTypesForApp (builtins.attrValues applications))); lib.zipAttrs (lib.flatten (map mimeTypesForApp (builtins.attrValues applications)));
}; };
}; };
@ -86,35 +96,37 @@
homeDirectory = "/home/pim"; homeDirectory = "/home/pim";
stateVersion = "23.05"; stateVersion = "23.05";
packages = (with pkgs; [ packages =
jellyfin-media-player (with pkgs; [
virt-manager jellyfin-media-player
]) ++ (with pkgs.unstable; [ virt-manager
attic-client ])
dbeaver-bin ++ (with pkgs.unstable; [
devenv attic-client
bottles-unwrapped dbeaver-bin
gimp devenv
hexchat bottles-unwrapped
impression gimp
insomnia hexchat
keepassxc impression
krita insomnia
libreoffice keepassxc
# logseq # Has insecure electron dependency krita
moonlight-qt libreoffice
nicotine-plus # logseq # Has insecure electron dependency
qFlipper moonlight-qt
signal-desktop nicotine-plus
strawberry qFlipper
telegram-desktop signal-desktop
vlc strawberry
vorta telegram-desktop
wireshark vlc
# nheko # Has insecure olm dependency vorta
handbrake wireshark
feishin # nheko # Has insecure olm dependency
]); handbrake
feishin
]);
}; };
programs = { programs = {
@ -131,7 +143,7 @@
enable = true; enable = true;
settings.shell = { settings.shell = {
program = lib.getExe config.programs.tmux.package; program = lib.getExe config.programs.tmux.package;
args = [ "attach" ]; args = ["attach"];
}; };
}; };
@ -143,7 +155,7 @@
atuin = { atuin = {
enable = true; enable = true;
flags = [ "--disable-up-arrow" ]; flags = ["--disable-up-arrow"];
enableFishIntegration = true; enableFishIntegration = true;
settings = { settings = {
@ -217,7 +229,7 @@
enable = true; enable = true;
extraConfig = "User root"; extraConfig = "User root";
matchBlocks.github = lib.hm.dag.entryBefore [ "*" ] { matchBlocks.github = lib.hm.dag.entryBefore ["*"] {
hostname = "github.com"; hostname = "github.com";
user = "pizzapim"; user = "pizzapim";
identitiesOnly = true; identitiesOnly = true;

15
home-manager/firefox/addons.nix
View file

@ -1,11 +1,10 @@
pkgs: lib: pkgs: lib: let
let
rycee-addons = pkgs.nur.repos.rycee.firefox-addons; rycee-addons = pkgs.nur.repos.rycee.firefox-addons;
custom-addons = import ./custom-addons.nix pkgs lib; custom-addons = import ./custom-addons.nix pkgs lib;
in in
with rycee-addons; [ with rycee-addons; [
ublock-origin ublock-origin
istilldontcareaboutcookies istilldontcareaboutcookies
keepassxc-browser keepassxc-browser
custom-addons.simple-style-fox-2 custom-addons.simple-style-fox-2
] ]

46
home-manager/firefox/custom-addons.nix
View file

@ -1,15 +1,22 @@
pkgs: lib: pkgs: lib: let
let
# Stolen from: https://github.com/nix-community/nur-combined/blob/master/repos/rycee/pkgs/firefox-addons/default.nix # Stolen from: https://github.com/nix-community/nur-combined/blob/master/repos/rycee/pkgs/firefox-addons/default.nix
buildFirefoxXpiAddon = lib.makeOverridable ({ stdenv ? pkgs.stdenv buildFirefoxXpiAddon = lib.makeOverridable ({
, fetchurl ? pkgs.fetchurl, pname, version, addonId, url, sha256, meta, ... stdenv ? pkgs.stdenv,
}: fetchurl ? pkgs.fetchurl,
pname,
version,
addonId,
url,
sha256,
meta,
...
}:
stdenv.mkDerivation { stdenv.mkDerivation {
name = "${pname}-${version}"; name = "${pname}-${version}";
inherit meta; inherit meta;
src = fetchurl { inherit url sha256; }; src = fetchurl {inherit url sha256;};
preferLocalBuild = true; preferLocalBuild = true;
allowSubstitutes = true; allowSubstitutes = true;
@ -25,14 +32,12 @@ in {
pname = "http-version-indicator"; pname = "http-version-indicator";
version = "3.2.1"; version = "3.2.1";
addonId = "spdyindicator@chengsun.github.com"; addonId = "spdyindicator@chengsun.github.com";
url = url = "https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
"https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
sha256 = "be9518017334ce502a1da514542c2ca4f974217d0c8e6c7c31d518aba57c09a8"; sha256 = "be9518017334ce502a1da514542c2ca4f974217d0c8e6c7c31d518aba57c09a8";
meta = with lib; { meta = with lib; {
homepage = "https://github.com/bsiegel/http-version-indicator"; homepage = "https://github.com/bsiegel/http-version-indicator";
description = description = "An indicator showing the HTTP version used to load the page in the address bar.";
"An indicator showing the HTTP version used to load the page in the address bar."; mozPermissions = ["<all_urls>" "tabs" "webNavigation" "webRequest"];
mozPermissions = [ "<all_urls>" "tabs" "webNavigation" "webRequest" ];
platforms = platforms.all; platforms = platforms.all;
}; };
}; };
@ -40,13 +45,11 @@ in {
pname = "indicatetls"; pname = "indicatetls";
version = "0.3.0"; version = "0.3.0";
addonId = "{252ee273-8c8d-4609-b54d-62ae345be0a1}"; addonId = "{252ee273-8c8d-4609-b54d-62ae345be0a1}";
url = url = "https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
"https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
sha256 = "7a3b7edb1085f7b15d279c1013fac1d68f5247cfd6312d5275cb053e24a79465"; sha256 = "7a3b7edb1085f7b15d279c1013fac1d68f5247cfd6312d5275cb053e24a79465";
meta = with lib; { meta = with lib; {
homepage = "https://github.com/jannispinter/indicatetls"; homepage = "https://github.com/jannispinter/indicatetls";
description = description = "Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
"Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
license = licenses.mpl20; license = licenses.mpl20;
mozPermissions = [ mozPermissions = [
"tabs" "tabs"
@ -63,15 +66,13 @@ in {
pname = "sixindicator"; pname = "sixindicator";
version = "1.3.0"; version = "1.3.0";
addonId = "{8c9cad02-c069-4e93-909d-d874da819c49}"; addonId = "{8c9cad02-c069-4e93-909d-d874da819c49}";
url = url = "https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
"https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
sha256 = "415ab83ed4ac94d1efe114752a09df29536d1bd54cc9b7e5ce5d9ee55a84226d"; sha256 = "415ab83ed4ac94d1efe114752a09df29536d1bd54cc9b7e5ce5d9ee55a84226d";
meta = with lib; { meta = with lib; {
homepage = "https://github.com/HostedDinner/SixIndicator"; homepage = "https://github.com/HostedDinner/SixIndicator";
description = description = "Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
"Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
license = licenses.mit; license = licenses.mit;
mozPermissions = [ "tabs" "webRequest" "<all_urls>" ]; mozPermissions = ["tabs" "webRequest" "<all_urls>"];
platforms = platforms.all; platforms = platforms.all;
}; };
}; };
@ -79,13 +80,12 @@ in {
pname = "simple-style-fox-2"; pname = "simple-style-fox-2";
version = "10.0"; version = "10.0";
addonId = "{317526c6-ff2b-49c9-822e-d77b4a3da1d1}"; addonId = "{317526c6-ff2b-49c9-822e-d77b4a3da1d1}";
url = url = "https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
"https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
sha256 = "1aaac3ba08d21086d7087015f92a27661940df45a97bf5680588c883f799a97d"; sha256 = "1aaac3ba08d21086d7087015f92a27661940df45a97bf5680588c883f799a97d";
meta = with lib; { meta = with lib; {
description = "Simple style fox 2"; description = "Simple style fox 2";
license = licenses.cc-by-30; license = licenses.cc-by-30;
mozPermissions = [ ]; mozPermissions = [];
platforms = platforms.all; platforms = platforms.all;
}; };
}; };

10
home-manager/firefox/default.nix
View file

@ -1,5 +1,8 @@
{ pkgs, lib, ... }: {
let pkgs,
lib,
...
}: let
firefoxAddons = import ./addons.nix pkgs lib; firefoxAddons = import ./addons.nix pkgs lib;
firefoxSettings = { firefoxSettings = {
"browser.aboutConfig.showWarning" = false; "browser.aboutConfig.showWarning" = false;
@ -14,8 +17,7 @@ let
"browser.newtabpage.activity-stream.showSponsored" = false; "browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false; "browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
}; };
in in {
{
config = { config = {
programs.firefox = { programs.firefox = {
enable = true; enable = true;

36
home-manager/gnome.nix
View file

@ -1,5 +1,11 @@
{ pkgs, lib, flake, config, ... }: { {
home.packages = with pkgs; [ gnome.gnome-tweaks ]; pkgs,
lib,
flake,
config,
...
}: {
home.packages = with pkgs; [gnome.gnome-tweaks];
dconf.settings = with lib.hm.gvariant; { dconf.settings = with lib.hm.gvariant; {
"org/gnome/desktop/sound".allow-volume-above-100-percent = true; "org/gnome/desktop/sound".allow-volume-above-100-percent = true;
@ -20,8 +26,8 @@
}; };
"org/gnome/desktop/input-sources" = { "org/gnome/desktop/input-sources" = {
sources = [ (mkTuple [ "xkb" "us" ]) ]; sources = [(mkTuple ["xkb" "us"])];
xkb-options = [ "terminate:ctrl_alt_bksp" "caps:escape" ]; xkb-options = ["terminate:ctrl_alt_bksp" "caps:escape"];
}; };
"org/gnome/shell/extensions/pop-shell" = { "org/gnome/shell/extensions/pop-shell" = {
@ -50,19 +56,19 @@
}; };
"org/gnome/desktop/wm/keybindings" = { "org/gnome/desktop/wm/keybindings" = {
close = [ "<Shift><Super>q" ]; close = ["<Shift><Super>q"];
minimize = mkEmptyArray type.string; minimize = mkEmptyArray type.string;
move-to-workspace-1 = [ "<Shift><Super>1" ]; move-to-workspace-1 = ["<Shift><Super>1"];
move-to-workspace-2 = [ "<Shift><Super>2" ]; move-to-workspace-2 = ["<Shift><Super>2"];
move-to-workspace-3 = [ "<Shift><Super>3" ]; move-to-workspace-3 = ["<Shift><Super>3"];
move-to-workspace-4 = [ "<Shift><Super>4" ]; move-to-workspace-4 = ["<Shift><Super>4"];
switch-applications = mkEmptyArray type.string; switch-applications = mkEmptyArray type.string;
switch-applications-backward = mkEmptyArray type.string; switch-applications-backward = mkEmptyArray type.string;
switch-to-workspace-1 = [ "<Super>1" ]; switch-to-workspace-1 = ["<Super>1"];
switch-to-workspace-2 = [ "<Super>2" ]; switch-to-workspace-2 = ["<Super>2"];
switch-to-workspace-3 = [ "<Super>3" ]; switch-to-workspace-3 = ["<Super>3"];
switch-to-workspace-4 = [ "<Super>4" ]; switch-to-workspace-4 = ["<Super>4"];
toggle-fullscreen = [ "<Super>f" ]; toggle-fullscreen = ["<Super>f"];
}; };
"org/gnome/shell/extensions/space-iflow-randomwallpaper" = { "org/gnome/shell/extensions/space-iflow-randomwallpaper" = {
@ -72,7 +78,7 @@
history-length = 1; history-length = 1;
hours = 0; hours = 0;
minutes = 30; minutes = 30;
sources = [ "42" ]; sources = ["42"];
fetch-on-startup = true; fetch-on-startup = true;
}; };

2
home-manager/neovim/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { {pkgs, ...}: {
config = { config = {
programs.neovim = { programs.neovim = {
enable = true; enable = true;

2
home-manager/tidal.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ...}: { {pkgs, ...}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
supercollider-with-sc3-plugins supercollider-with-sc3-plugins
]; ];

6
home-manager/vscode.nix
View file

@ -1,4 +1,8 @@
{ pkgs, lib, ... }: { {
pkgs,
lib,
...
}: {
programs.vscode = { programs.vscode = {
enable = true; enable = true;
package = pkgs.vscodium; package = pkgs.vscodium;

39
nixos/default.nix
View file

@ -1,4 +1,12 @@
{ pkgs, config, lib, inputs, flake, system, ... }: { {
pkgs,
config,
lib,
inputs,
flake,
system,
...
}: {
imports = [ imports = [
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
./lanzaboote.nix ./lanzaboote.nix
@ -19,13 +27,13 @@
xserver = { xserver = {
enable = true; enable = true;
displayManager.gdm = { enable = true; }; displayManager.gdm = {enable = true;};
excludePackages = with pkgs; [ xterm ]; excludePackages = with pkgs; [xterm];
}; };
printing = { printing = {
enable = true; enable = true;
drivers = [ pkgs.hplip pkgs.gutenprint ]; drivers = [pkgs.hplip pkgs.gutenprint];
}; };
pipewire = { pipewire = {
@ -40,7 +48,7 @@
users = { users = {
users.pim = { users.pim = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "docker" "input" "wireshark" "dialout" ]; extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
}; };
}; };
@ -94,7 +102,7 @@
nix = { nix = {
package = pkgs.nixFlakes; package = pkgs.nixFlakes;
settings.trusted-users = [ "root" "pim" ]; settings.trusted-users = ["root" "pim"];
extraOptions = '' extraOptions = ''
experimental-features = nix-command flakes experimental-features = nix-command flakes
@ -122,9 +130,10 @@
hostPlatform = lib.mkDefault "x86_64-linux"; hostPlatform = lib.mkDefault "x86_64-linux";
config = { config = {
allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ allowUnfreePredicate = pkg:
"libfprint-2-tod1-goodix" builtins.elem (lib.getName pkg) [
]; "libfprint-2-tod1-goodix"
];
}; };
overlays = [ overlays = [
@ -139,12 +148,12 @@
}; };
boot = { boot = {
kernelModules = [ "kvm-intel" "cdrom" ]; kernelModules = ["kvm-intel" "cdrom"];
extraModulePackages = [ ]; extraModulePackages = [];
initrd = { initrd = {
availableKernelModules = [ "sd_mod" ]; availableKernelModules = ["sd_mod"];
kernelModules = [ ]; kernelModules = [];
}; };
kernel.sysctl = { kernel.sysctl = {
@ -161,8 +170,8 @@
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = { inherit flake inputs; }; extraSpecialArgs = {inherit flake inputs;};
users.pim.imports = [ "${flake}/home-manager" ]; users.pim.imports = ["${flake}/home-manager"];
}; };
} }

60
nixos/gnome.nix
View file

@ -1,34 +1,38 @@
{ pkgs, ... }: { {pkgs, ...}: {
services.xserver.desktopManager.gnome.enable = true; services.xserver.desktopManager.gnome.enable = true;
environment = { environment = {
systemPackages = [ systemPackages =
pkgs.gnome.gnome-shell-extensions [
] ++ (with pkgs.gnomeExtensions; [ pkgs.gnome.gnome-shell-extensions
pop-shell ]
window-is-ready-remover ++ (with pkgs.gnomeExtensions; [
random-wallpaper pop-shell
workspaces-indicator-by-open-apps window-is-ready-remover
]); random-wallpaper
workspaces-indicator-by-open-apps
]);
gnome.excludePackages = (with pkgs; [ gnome.excludePackages =
epiphany (with pkgs; [
gnome-connections epiphany
gnome-console gnome-connections
gnome-tour gnome-console
]) ++ (with pkgs.gnome; [ gnome-tour
geary ])
gnome-calendar ++ (with pkgs.gnome; [
gnome-clocks geary
gnome-contacts gnome-calendar
gnome-font-viewer gnome-clocks
gnome-logs gnome-contacts
gnome-maps gnome-font-viewer
gnome-music gnome-logs
seahorse gnome-maps
totem gnome-music
yelp seahorse
gnome-weather totem
]); yelp
gnome-weather
]);
}; };
} }

7
nixos/lanzaboote.nix
View file

@ -1,4 +1,9 @@
{ config, lib, inputs, ... }: { {
config,
lib,
inputs,
...
}: {
imports = [ imports = [
inputs.lanzaboote.nixosModules.lanzaboote inputs.lanzaboote.nixosModules.lanzaboote
]; ];

11
nixos/sops.nix
View file

@ -1,7 +1,12 @@
{ inputs, pkgs, flake, ... }: { {
imports = [ inputs.sops-nix.nixosModules.sops ]; inputs,
pkgs,
flake,
...
}: {
imports = [inputs.sops-nix.nixosModules.sops];
environment.systemPackages = with pkgs; [ sops ]; environment.systemPackages = with pkgs; [sops];
sops = { sops = {
age.keyFile = "/home/pim/.config/sops/age/keys.txt"; age.keyFile = "/home/pim/.config/sops/age/keys.txt";

10
nixos/stylix.nix
View file

@ -1,5 +1,9 @@
{ pkgs, inputs, ... }: { {
imports = [ inputs.stylix.nixosModules.stylix ]; pkgs,
inputs,
...
}: {
imports = [inputs.stylix.nixosModules.stylix];
stylix = { stylix = {
enable = true; enable = true;
@ -14,7 +18,7 @@
fonts = { fonts = {
monospace = { monospace = {
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }; package = pkgs.nerdfonts.override {fonts = ["JetBrainsMono"];};
name = "JetBrainsMono Nerd Font Mono"; name = "JetBrainsMono Nerd Font Mono";
}; };

4
nixos/tailscale.nix
View file

@ -1,10 +1,10 @@
{pkgs, ...}: { {pkgs, ...}: {
environment.systemPackages = [ pkgs.gnomeExtensions.tailscale-status ]; environment.systemPackages = [pkgs.gnomeExtensions.tailscale-status];
services.tailscale = { services.tailscale = {
enable = true; enable = true;
useRoutingFeatures = "client"; useRoutingFeatures = "client";
}; };
networking.networkmanager.unmanaged = [ "tailscale0" ]; networking.networkmanager.unmanaged = ["tailscale0"];
} }

2
nixos/tidal.nix
View file

@ -1,3 +1,3 @@
{ ... }: { {...}: {
users.users.pim.extraGroups = ["audio"]; users.users.pim.extraGroups = ["audio"];
} }

48
nixos/wireguard.nix
View file

@ -1,41 +1,49 @@
{ lib, config, ... }: { {
lib,
config,
...
}: {
networking = { networking = {
useDHCP = lib.mkDefault true; useDHCP = lib.mkDefault true;
networkmanager.unmanaged = [ "tailscale0" ]; networkmanager.unmanaged = ["tailscale0"];
wg-quick.interfaces = { wg-quick.interfaces = {
home = { home = {
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path; privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
address = [ "10.225.191.4/24" ]; address = ["10.225.191.4/24"];
dns = [ "192.168.30.131" ]; dns = ["192.168.30.131"];
autostart = false; autostart = false;
mtu = 1412; mtu = 1412;
peers = [{ peers = [
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path; {
endpoint = "wg.kun.is:51820"; presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg="; endpoint = "wg.kun.is:51820";
allowedIPs = [ "0.0.0.0/0" ]; publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
}]; allowedIPs = ["0.0.0.0/0"];
}
];
}; };
home-no-pihole = { home-no-pihole = {
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path; privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
address = [ "10.225.191.4/24" ]; address = ["10.225.191.4/24"];
dns = [ "192.168.10.1" ]; dns = ["192.168.10.1"];
autostart = false; autostart = false;
mtu = 1412; mtu = 1412;
peers = [{ peers = [
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path; {
endpoint = "wg.kun.is:51820"; presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg="; endpoint = "wg.kun.is:51820";
allowedIPs = [ "0.0.0.0/0" ]; publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
}]; allowedIPs = ["0.0.0.0/0"];
}
];
}; };
}; };
}; };
sops.secrets = { sops.secrets = {
"wireguard/home/presharedKey" = { }; "wireguard/home/presharedKey" = {};
"wireguard/home/privateKey" = { }; "wireguard/home/privateKey" = {};
}; };
} }

3
treefmt.nix
View file

@ -1,5 +1,4 @@
{ ... }: {...}: {
{
projectRootFile = "flake.nix"; projectRootFile = "flake.nix";
programs.alejandra.enable = true; programs.alejandra.enable = true;
} }