kenny/nixos-haus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
26d2aa6503d596742951e0e0add8ba0661812e28
nixos-haus/current

1109 lines
27 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
192.168.0.131 news.bigbox.local
192.168.0.131 gitea.bigbox.local
192.168.0.131 media.bigbox.local
192.168.0.131 torrent.bigbox.local
192.168.0.131 kiwix.bigbox.local
192.168.0.131 syncthing.bigbox.local
192.168.0.131 speed.bigbox.local
192.168.0.131 ai.bigbox.local
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1759036355,
"narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}
{
description = "My modular NixOS configuration";
inputs = {
# nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
# unstable.url = "github:NixOS/nixpkgs/nixos-unstable"
# Add other flake inputs if needed
};
outputs = {
self,
nixpkgs,
...
} @ inputs: {
nixosConfigurations = {
puter = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [./hosts/puter/default.nix];
specialArgs = {inherit inputs;};
};
box = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [./hosts/box/default.nix];
specialArgs = {inherit inputs;};
};
};
};
}
hosts := "puter box"
_check-host host:
if ! echo "{{hosts}}" | grep -qw "{{host}}"; then \
echo "Unknown host:{{host}} \n Must be one of: {{hosts}}"; exit 1;\
fi
update-config: host: _check-host
alejandra .
nix flake update
git add .
git commit
sudo nixos-rebuild switch --upgrade --flake ~/haus#{{host}}
git push
update: host: _check-host
nix flake update
git add .
git commit -m "nix flake update"
sudo nixos-rebuild switch --upgrade --flake ~/haus#{{host}}
git push
update-and-reboot: host: _check-host
nix flake update
git add .
git commit -m "nix flake update"
sudo nixos-rebuild boot --upgrade --flake ~/haus#{{host}}
git push
update-config-and-reboot: host: _check-host
alejandra .
nix flake update
git add .
git commit
sudo nixos-rebuild boot --upgrade --flake ~/haus#{{host}}
git push
upgrade: host: _check-host
sudo nixos-rebuild switch --upgrade --flake ~/haus#{{host}}
clean:
sudo nix-env --delete-generations old
sudo nix-collect-garbage --delete-older-than 30d
sudo nix store optimise
sudo rm -rf /nix/var/nix/downloads/*
sudo journalctl --vacuum-time=30d
# Flakified NixOS config for the whole haus
A better version of the [initial config](http://192.168.0.131:3000/kenny/nixos-cfg) but with both common and specific configs so that we can _easily grow a coherent park_.
# Achieved so far
- [X] Automated puter workflow with justfile
- [X] Modulable set-up with apps and services
- [ ] Box config
- [ ] Adapt justfile for different machines
- [ ] BigBox config
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
libraspberrypi
raspberrypi-eeprom
docker-compose
];
}
{
config,
pkgs,
lib,
...
}: {
imports = [
./dns.nix
./radicale.nix
./glance.nix
./packages.nix
./hardware-configuration.nix
../../modules/raspberrypi.nix
../../modules/common/networking.nix
../../modules/common/shell.nix
./user.nix
];
networking.hostName = "box";
networking.firewall.enable = false;
# This will be overridden by system/default.nix
system.stateVersion = "25.05";
}
{
config,
lib,
pkgs,
modulesPath,
...
}: {
services.pihole-web = {
enable = true;
ports = [8085];
};
services.pihole-ftl = {
enable = true;
#openFirewallDNS = true;
#openFirewallDHCP = true;
queryLogDeleter.enable = true;
lists = [
{
url = "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts";
# Alternatively, use the file from nixpkgs. Note its contents won't be
# automatically updated by Pi-hole, as it would with an online URL.
# url = "file://${pkgs.stevenblack-blocklist}/hosts";
description = "Steven Black's unified adlist";
}
{
url = "https://codeberg.org/hagezi/mirror2/raw/branch/main/dns-blocklists/adblock/ultimate.txt";
description = "Hagezi Ultimate";
}
{
url = "https://codeberg.org/hagezi/mirror2/raw/branch/main/dns-blocklists/adblock/nsfw.txt";
description = "Hazegi NSFW";
}
];
settings = {
files.macvendor = lib.mkForce "/var/lib/pihole/macvendor.db";
dns = {
domainNeeded = true;
expandHosts = true;
interface = "end0";
listeningMode = "BIND";
domain = "lan";
upstreams = ["9.9.9.11"];
hosts = [
"*.bigbox.lan 192.168.0.131"
"bigbox.lan 192.168.0.131"
"inv.bigbox.lan 192.168.0.131"
"media.bigbox.lan 192.168.0.131"
"type.bigbox.lan 192.168.0.131"
"bookmarks.bigbox.lan 192.168.0.131"
"bin.bigbox.lan 192.168.0.131"
"ai.bigbox.lan 192.168.0.131"
"speed.bigbox.lan 192.168.0.131"
"syncthing.bigbox.lan 192.168.0.131"
"kiwix.bigbox.lan 192.168.0.131"
"torrent.bigbox.lan 192.168.0.131"
"gitea.bigbox.lan 192.168.0.131"
"news.bigbox.lan 192.168.0.131"
];
};
dhcp = {
active = false;
router = "192.168.0.1";
start = "192.168.0.2";
end = "192.168.0.99";
netmask = "255.255.255.0";
leaseTime = "1d";
#ipv6 = true;
multiDNS = true;
rapidCommit = true;
hosts = [
# Static address for the current host
"d8:3a:dd:9a:c1:99,192.168.0.101,box,infinite"
"80:ce:62:ed:ba:2b,192.168.0.131,bigbox,infinite"
"60:30:d4:6b:89:10,192.168.0.100,puter,infinite"
];
};
misc.dnsmasq_lines = [
# This DHCP server is the only one on the network
#"dhcp-authoritative"
# Source: https://data.iana.org/root-anchors/root-anchors.xml
"trust-anchor=.,38696,8,2,683D2D0ACB8C9B712A1948B27F741219298D0A450D612C483AF444A4C0FB2B16"
];
};
};
}
{
config,
pkgs,
...
}: {
}
{
config,
lib,
pkgs,
modulesPath,
...
}: {
services.glance = {
enable = true;
settings = {
server.port = 8080;
server.host = "192.168.0.101";
pages = [
{
name = "HomeLAN";
#hide-desktop-navigation = true;
columns = [
{
size = "small";
widgets = [
{
type = "search";
search-engine = "startpage";
new-tab = true;
autofocus = true;
placeholder = "Startpage | @in, @media, @pkg, @git";
bangs = [
{
title = "Invidious";
shortcut = "@in";
url = "http://192.168.0.131:4000/search?q={QUERY}";
}
{
title = "NixOS Packages";
shortcut = "@pkg";
url = "https://search.nixos.org/packages?query={QUERY}";
}
{
title = "Jellyfin";
shortcut = "@media";
url = "http://192.168.0.131:8096/web/#/search.html?query={QUERY}";
}
{
title = "Github";
shortcut = "@git";
url = "https://github.com/search?q={QUERY}&type=repositories";
}
];
}
{
type = "monitor";
cache = "1m";
style = "compact";
title = "Health";
sites = [
{
title = "Gitea";
url = "http://192.168.0.131:3010/user/login";
}
{
title = "Jellyfin";
url = "http://192.168.0.131:8096/web/#/home.html";
}
{
title = "Invidious";
url = "http://192.168.0.131:4000";
}
{
title = "Transmission";
url = "http://192.168.0.131:9091";
}
{
title = "OpenWebUI";
url = "http://192.168.0.131:3005/auth?redirect=%2F";
}
{
title = "FreshRSS";
url = "http://192.168.0.131:8011";
}
{
title = "Karakeep";
url = "http://192.168.0.131:5000";
}
{
title = "Syncthing";
url = "http://192.168.0.131:8384";
}
{
title = "Radicale";
url = "http://192.168.0.101:5232";
}
{
title = "NetData";
url = "http://192.168.0.131:19999/v3";
}
{
title = "Keybr";
url = "http://192.168.0.131:3000";
}
{
title = "Speedtest Tracker";
url = "http://192.168.0.131:8765/";
}
{
title = "PiHole";
url = "http://192.168.0.101:8085";
}
{
title = "Dozzle";
url = "http://192.168.0.131:8009";
}
{
title = "TP-Link";
url = "http://192.168.0.1";
}
];
}
{
type = "server-stats";
name = "Box";
}
];
}
{
size = "full";
widgets = [
{
type = "group";
widgets = [
{
type = "hacker-news";
limit = 40;
collapse-after = 5;
}
{
type = "lobsters";
sort-by = "hot";
#tags = [ "c" "rust" "networking" ];
tags = ["rust" "networking" "c" "culture" "law" "cryptography" "hardware" "science" "linux" "windows" "nix" "android" "privacy" "security" "virtualization" "editors" "systemd" "vim"];
}
];
}
{
type = "group";
widgets = [
{
type = "iframe";
source = "http://192.168.0.131:19999/v3";
height = 800;
}
];
}
];
}
{
size = "small";
widgets = [
{
type = "to-do";
}
{
type = "weather";
location = "Bucharest, Romania";
units = "metric";
hour-format = "24h";
}
{
type = "twitch-channels";
channels = [
"theprimeagen"
"tsoding"
"euuhhh"
];
}
];
}
];
}
];
};
};
}
{
config,
lib,
pkgs,
...
}: {
boot.blacklistedKernelModules = [
"bluetooth"
"btbcm"
"hci_uart"
"hci_bcm"
];
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = ["xhci_pci" "usbhid" "usb_storage"];
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = ["noatime"];
};
};
hardware.enableRedistributableFirmware = true;
}
{
config,
pkgs,
...
}: {
imports = [
../../modules/userapps/utils.nix
];
services.openssh.enable = true;
security.sudo = {
enable = true;
wheelNeedsPassword = false;
};
}
{
config,
lib,
pkgs,
modulesPath,
...
}: {
services.radicale = {
enable = true;
settings.server.hosts = ["192.168.0.101:5232"];
settings.auth.type = "htpasswd";
#settings.auth.htpasswd_filename = "/home/boxuser/radicale/config/users";
settings.auth.htpasswd_encryption = "plain";
#settings.storage.filesystem_folder = "/home/boxuser/radicale/data/collections";
};
}
{ config, pkgs, lib, ...}:
{
users.users.boxuser = {
isNormalUser = true;
group = "boxuser";
extraGroups = ["wheel" "docker" "networkmanager"]; # Enable sudo for the user.
hashedPassword = "$6$Gk6L21XBSf.YbfU1$eadMLbwvAgudTjPOLCsZfRNxfGptARnAazhs0xz/GcNEYGQS/GjLov/jJsHnPIKBNIPQJEG4XhZ3K097bfi1c1";
packages = with pkgs; [
fastfetch
];
};
users.groups.boxuser = {};
}
{
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
#./syncthing.nix
./packages.nix
./de/default.nix
../../modules/userapps/kondo_timer.nix
../../modules/common/nix.nix
../../modules/common/networking.nix
../../modules/common/shell.nix
../../modules/common/security.nix
#../../modules/common/wine.nix
../../modules/common/libvirt.nix
];
networking.hostName = "puter";
# This will be overridden by system/default.nix
system.stateVersion = "24.05";
security.pki.certificates = ["/home/user/.config/bigbox.local.crt"];
}
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel" "wl"];
boot.extraModulePackages = [config.boot.kernelPackages.broadcom_sta];
fileSystems."/" = {
device = "/dev/disk/by-uuid/19a0aa4c-8d49-4545-9ed6-cd4a952f9353";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-08992355-1404-44dc-9bb4-fd32f1d0b62d".device = "/dev/disk/by-uuid/08992355-1404-44dc-9bb4-fd32f1d0b62d";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F54E-7011";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [{device = "/dev/disk/by-uuid/c9b7b195-d072-4574-8e39-a5e4f90ca84d";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens9.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.luks.devices."luks-d27fc6c5-7edd-4c18-ab70-3ca02a28abcc".device = "/dev/disk/by-uuid/d27fc6c5-7edd-4c18-ab70-3ca02a28abcc";
nixpkgs.config.packageOverrides = pkgs: {
intel-vaapi-driver =
pkgs.intel-vaapi-driver.override {enableHybridCodec = true;};
};
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
intel-vaapi-driver
libvdpau-va-gl
];
};
environment.sessionVariables = {LIBVA_DRIVER_NAME = "i965";};
hardware.facetimehd = {
enable = true;
withCalibration = true;
};
#services.logind = {
# lidSwitch = "ignore";
# lidSwitchDocked = "ignore";
# lidSwitchExternalPower = "ignore";
# extraConfig = ''
# HandlePowerKey=ignore
# HandleSuspendKey=ignore
# '';
# This goes in the extraConfig section IdleAction=ignore
#};
environment.systemPackages = with pkgs; [mbpfan thermald];
boot.blacklistedKernelModules = ["b43" "ssb" "brcmfmac" "brcmsmac" "bcma"];
nixpkgs.config.allowInsecurePredicate = pkg:
builtins.elem (lib.getName pkg) [
"broadcom-sta" # aka “wl”
"python"
"qtwebengine"
];
powerManagement = {
enable = true;
cpuFreqGovernor = "performance";
};
}
{
config,
pkgs,
...
}: {
nixpkgs.config.permittedInsecurePackages = ["qtwebengine-5.15.19"];
nixpkgs.config = {chromium = {enableWideVine = true;};};
imports = [
../../modules/userapps/utils.nix
#../../modules/common/steam.nix
../../modules/userapps/devutils.nix
../../modules/userapps/internet.nix
../../modules/userapps/media.nix
../../modules/userapps/productivity.nix
];
users.users.user = {
isNormalUser = true;
description = "user";
extraGroups = ["networkmanager" "wheel" "video" "libvirtd"];
};
}
{
config,
pkgs,
...
}: {
services.syncthing = {
enable = true;
openDefaultPorts = true;
dataDir = "/home/user/Documents/syncthing/";
configDir = "/home/user/.config/syncthing";
user = "user";
# Optional: GUI credentials (can be set in the browser instead if you don't want plaintext credentials in your configuration.nix file)
# or the password hash can be generated with "syncthing generate --config <path> --gui-password=<password>"
settings.gui = {
user = "user";
password = "user";
};
settings = {
devices = {
"phone" = {
id = "N3RII7R-4YOKJ46-HY6NSTD-TPE7SW4-N66CWVQ-J2JVW7E-NARRMBF-JG27YQ7";
};
"bigbox" = {
id = "RFFXZJI-HJTEDCU-M7MU3SW-M7DJK4U-MESRKYA-OGHYOSG-KNZO7JB-6LQ5VAE";
};
};
folders = {
"brain_zero" = {
# Name of folder in Syncthing, also the folder ID
path = "/home/user/brain_zero/"; # Which folder to add to Syncthing
devices = ["phone"]; # Which devices to share the folder with
ignores = [".obsidian/workspace-mobile.json" ".obsidian/workspace.json"];
};
"brain_zero_readonly" = {
# Name of folder in Syncthing, also the folder ID
path = "/home/user/brain_zero/"; # Which folder to add to Syncthing
type = "sendonly";
devices = ["bigbox"]; # Which devices to share the folder with
};
"puter_home" = {
path = "/home/user/";
type = "sendonly";
devices = ["bigbox"];
ignores = [".*" "!.ssh/"];
};
};
};
};
}
{
config,
pkgs,
...
}: {
# Enable with systemctl --user enable --now docker
virtualisation.docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
}
{
config,
pkgs,
...
}: {
virtualisation.libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = true;
swtpm.enable = true;
ovmf = {
enable = true;
packages = [
(pkgs.OVMF.override {
secureBoot = true;
tpmSupport = true;
}).fd
];
};
};
};
environment.systemPackages = with pkgs; [virt-manager qemu_kvm quickemu];
}
{
config,
pkgs,
...
}: {
networking.networkmanager.enable = true;
networking.networkmanager.dns = "none";
networking.nameservers = ["192.168.0.101" "9.9.9.11" "149.112.112.11"];
time.timeZone = "Europe/Bucharest";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "ro_RO.UTF-8";
LC_IDENTIFICATION = "ro_RO.UTF-8";
LC_MEASUREMENT = "ro_RO.UTF-8";
LC_MONETARY = "ro_RO.UTF-8";
LC_NAME = "ro_RO.UTF-8";
LC_NUMERIC = "ro_RO.UTF-8";
LC_PAPER = "ro_RO.UTF-8";
LC_TELEPHONE = "ro_RO.UTF-8";
LC_TIME = "ro_RO.UTF-8";
};
environment.systemPackages = with pkgs; [torsocks];
# 9050,9063,8118(HTTP)
services.tor = {
enable = true;
client.enable = true;
openFirewall = true;
settings = {ControlPort = 9051;};
};
services.chrony = {
enable = true;
enableNTS = true;
servers = ["nts.teambelgium.net" "ptbtime1.ptb.de" "paris.time.system76.com"];
};
}
{
config,
pkgs,
...
}: {
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.extraOptions = ''
trusted-users = root user
'';
}
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
lynis
];
}
{
config,
pkgs,
lib,
...
}: {
environment.variables.EDITOR = "nvim";
users.users.user.shell = pkgs.bash;
environment.shells = with pkgs; [bash];
programs.bash = {
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
programs.fish.enable = true;
environment.systemPackages = with pkgs; [starship];
programs.starship = {
enable = true;
settings = {
add_newline = true;
command_timeout = 1300;
scan_timeout = 50;
format = ''
$all$nix_shell$nodejs$lua$golang$rust$php$git_branch$git_commit$git_state$git_status
$username$hostname$directory'';
character = {
success_symbol = "[](bold green) ";
error_symbol = "[✗](bold red) ";
};
};
};
#programs.zsh = {
# enable = true;
# enableCompletion = true;
# autosuggestions.enable = true;
# syntaxHighlighting.enable = true;
#
# shellAliases = {
# update = "sudo nixos-rebuild switch";
# upgrade = "sudo nixos-rebuild switch --upgrade";
# proxy-grabber =
# "if [ $# -eq 0 ]; then torsocks curl -sL https://cdn.jsdelivr.net/gh/proxifly/free-proxy-list@main/proxies/all/data.txt else countrycode=$(echo $1 | tr '[:lower:]' '[:upper:]') torsocks curl -sL https://cdn.jsdelivr.net/gh/proxifly/free-proxy-list@main/proxies/countries/$countrycode/data.txt fi";
# usbdiff =
# "lsblk > diff1 && echo 'SLEEPING 5...' && sleep 5 && lsblk > diff2 && diff diff1 diff2 && rm diff1 diff2";
# };
#
# oh-my-zsh = {
# enable = true;
# plugins = [ "git" ];
# theme = "clean";
# };
#};
}
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
# support both 32-bit and 64-bit applications
wineWowPackages.stable
lutris
];
}
{
config,
pkgs,
...
}: {
programs.neovim = {defaultEditor = true;};
environment.systemPackages = with pkgs; [
# Dev stuff, most of it might be replaced by devenvs later on
ghostty
tealdeer
vscodium
gcc
python
alejandra
devenv
nodejs
mermaid-cli
rustup
delta
just
kondo
ciscoPacketTracer8
# stuff needed by neovim
vimPlugins.LazyVim
texliveSmall # for pdflatex
fzf
lazygit
tree-sitter
neovim
mcfly
luajitPackages.luarocks-nix
tectonic
];
}
{
config,
pkgs,
...
}: {
programs.neovim = {defaultEditor = true;};
environment.systemPackages = with pkgs; [
];
}
{
config,
pkgs,
...
}: {
programs.neovim = {defaultEditor = true;};
environment.systemPackages = with pkgs; [
# Chatting
signal-desktop
element-desktop
# web browsers
ungoogled-chromium
tor-browser-bundle-bin
librewolf
transmission_4-gtk
];
}
{
config,
pkgs,
...
}: {
systemd.timers."kondo" = {
wantedBy = ["timers.target"];
timerConfig = {
#OnBootSec = "5m";
#OnUnitActiveSec = "5m";
Unit = "kondo.service";
OnCalendar = "weekly";
Persistent = true;
};
};
systemd.services."kondo" = {
script = ''
kondo --all --ignored-dirs dev/current
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
}
{
config,
pkgs,
...
}: {
programs.neovim = {defaultEditor = true;};
environment.systemPackages = with pkgs; [
# multimedia
vlc
mpv
yt-dlp
freetube
jellyfin-media-player
feishin
];
}
{
config,
pkgs,
...
}: {
programs.neovim = {defaultEditor = true;};
environment.systemPackages = with pkgs; [
# Productivity apps
obsidian
onlyoffice-desktopeditors
keepassxc
evolution
anki-bin
pomodoro-gtk
#ticker
];
}
{
config,
pkgs,
...
}: {
programs.steam = {
enable = true;
# remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
# dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
# localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
}
{
config,
pkgs,
...
}: {
programs.neovim = {defaultEditor = true;};
environment.systemPackages = with pkgs; [
parallel-disk-usage
pciutils
btop
nload
htop
nethogs
uutils-coreutils-noprefix
neovim
git
curl
bat
eza
dua
ripgrep
dig
fd
proxychains-ng
unzip
wget
];
}
{
config,
pkgs,
...
}: {
imports = [./gnome.nix ./sway.nix];
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
layout = "us";
xkbVariant = "";
};
# Enable sound with pipewire.
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is en>
# no need to redefine it in your config for now)
#media-session.enable = true;
};
}
{
config,
pkgs,
...
}: {
services.xserver.desktopManager.gnome.enable = true;
programs.kdeconnect.enable = true;
environment.systemPackages = with pkgs; [
gnome-tweaks
# GNOME-specific packages
bustle
collision
commit
dialect
fretboard
#gaphor
hieroglyphic
junction
keypunch
letterpress
gnome-obfuscate
shortwave
solanum
wike
commit
wl-clipboard
gnomeExtensions.gsconnect
gnomeExtensions.astra-monitor
lm_sensors
iotop
gtop
wirelesstools
];
}
{
config,
pkgs,
...
}: {
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
};
environment.systemPackages = with pkgs; [
mako # Notification daemon for Sway
playerctl
pavucontrol
# Other Sway-specific packages
];
programs.light.enable = true; # For brightness control
}
Reference in New Issue View Git Blame Copy Permalink