kenny/nixos-haus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
27bee63c24814f53023e3966e54d6f26fdd3a9af
nixos-haus/current

571 lines
13 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1751011381,
"narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}
{
description = "My modular NixOS configuration";
inputs = {
# nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
# unstable.url = "github:NixOS/nixpkgs/nixos-unstable"
# Add other flake inputs if needed
};
outputs = { self, nixpkgs, ... }@inputs: {
nixosConfigurations = {
puter = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ ./hosts/puter/default.nix ];
specialArgs = { inherit inputs; };
};
};
};
}
update-config:
alejandra .
nix flake update
git add .
git commit
sudo nixos-rebuild switch --upgrade --flake ~/flakescfg
git push
update:
nix flake update
git add .
git commit -m "nix flake update"
sudo nixos-rebuild switch --upgrade --flake ~/flakescfg
git push
update-and-reboot:
nix flake update
git add .
git commit -m "nix flake update"
sudo nixos-rebuild boot --upgrade --flake ~/flakescfg
git push
update-config-and-reboot:
alejandra .
nix flake update
git add .
git commit
sudo nixos-rebuild boot --upgrade --flake ~/flakescfg
git push
upgrade:
sudo nixos-rebuild switch --upgrade --flake ~/flakescfg
# Puter's NixOS Config
This is the config.
{
config,
pkgs,
...
}: {
systemd.timers."kondo" = {
wantedBy = ["timers.target"];
timerConfig = {
#OnBootSec = "5m";
#OnUnitActiveSec = "5m";
Unit = "kondo.service";
OnCalendar = "weekly";
Persistent = true;
};
};
systemd.services."kondo" = {
script = ''
kondo --all --ignored-dirs dev/current
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
}
{
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./cronjobs.nix
./syncthing.nix
./packages.nix
./de/default.nix
../../modules/common/nix.nix
../../modules/common/networking.nix
../../modules/common/shell.nix
../../modules/common/utils.nix
];
networking.hostName = "puter";
# This will be overridden by system/default.nix
system.stateVersion = "24.05";
}
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel" "wl"];
boot.extraModulePackages = [config.boot.kernelPackages.broadcom_sta];
fileSystems."/" = {
device = "/dev/disk/by-uuid/19a0aa4c-8d49-4545-9ed6-cd4a952f9353";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-08992355-1404-44dc-9bb4-fd32f1d0b62d".device = "/dev/disk/by-uuid/08992355-1404-44dc-9bb4-fd32f1d0b62d";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F54E-7011";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [{device = "/dev/disk/by-uuid/c9b7b195-d072-4574-8e39-a5e4f90ca84d";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens9.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.luks.devices."luks-d27fc6c5-7edd-4c18-ab70-3ca02a28abcc".device = "/dev/disk/by-uuid/d27fc6c5-7edd-4c18-ab70-3ca02a28abcc";
nixpkgs.config.packageOverrides = pkgs: {
intel-vaapi-driver =
pkgs.intel-vaapi-driver.override {enableHybridCodec = true;};
};
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
intel-vaapi-driver
libvdpau-va-gl
];
};
environment.sessionVariables = {LIBVA_DRIVER_NAME = "iHD";};
hardware.facetimehd = {
enable = true;
withCalibration = true;
};
services.logind = {
# lidSwitch = "ignore";
# lidSwitchDocked = "ignore";
# lidSwitchExternalPower = "ignore";
extraConfig = ''
HandlePowerKey=ignore
HandleSuspendKey=ignore
'';
# This goes in the extraConfig section IdleAction=ignore
};
environment.systemPackages = with pkgs; [
mbpfan
thermald
];
boot.kernelModules = ["wl"];
boot.blacklistedKernelModules = ["b43" "ssb" "brcmfmac" "brcmsmac" "bcma"];
boot.extraModulePackages = [config.boot.kernelPackages.broadcom_sta];
}
{
config,
pkgs,
...
}: {
users.users.user = {
isNormalUser = true;
description = "user";
extraGroups = ["networkmanager" "wheel" "video" "libvirtd"];
nixpkgs.config = {chromium = {enableWideVine = true;};};
packages = with pkgs; [
# stuff needed by neovim
fzf
lazygit
tree-sitter
neovim
mcfly
luajitPackages.luarocks-nix
# Dev stuff, most of it might be replaced by devenvs later on
ghostty
tealdeer
vscodium
gcc
python
alejandra
starship
devenv
nodejs
mermaid-cli
rustup
delta
just
kondo
# Productivity apps
obsidian
onlyoffice-desktopeditors
keepassxc
evolution
signal-desktop
anki-bin
pomodoro-gtk
ticker
newsboat
# web browsers
ungoogled-chromium
tor-browser-bundle-bin
transmission_4-gtk
# multimedia
vlc
mpv
yt-dlp
freetube
];
};
#ciscoPacketTracer8
#parallel-disk-usage
}
{
config,
pkgs,
...
}: {
services.syncthing = {
enable = true;
openDefaultPorts = true;
dataDir = "/home/user/Documents/syncthing/";
configDir = "/home/user/.config/syncthing";
user = "user";
# Optional: GUI credentials (can be set in the browser instead if you don't want plaintext credentials in your configuration.nix file)
# or the password hash can be generated with "syncthing generate --config <path> --gui-password=<password>"
settings.gui = {
user = "user";
password = "user";
};
settings = {
devices = {
"phone" = {
id = "N3RII7R-4YOKJ46-HY6NSTD-TPE7SW4-N66CWVQ-J2JVW7E-NARRMBF-JG27YQ7";
};
};
folders = {
"brain_zero" = {
# Name of folder in Syncthing, also the folder ID
path = "/home/user/brain_zero/"; # Which folder to add to Syncthing
devices = ["phone"]; # Which devices to share the folder with
};
};
};
};
}
{
config,
pkgs,
...
}: {
# Enable with systemctl --user enable --now docker
virtualisation.docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
}
{
config,
pkgs,
...
}: {
virtualisation.libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = true;
swtpm.enable = true;
ovmf = {
enable = true;
packages = [
(pkgs.OVMF.override {
secureBoot = true;
tpmSupport = true;
}).fd
];
};
};
};
environment.systemPackages = with pkgs; [
virt-manager
qemu_kvm
];
}
{
config,
pkgs,
...
}: {
networking.networkmanager.enable = true;
time.timeZone = "Europe/Bucharest";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "ro_RO.UTF-8";
LC_IDENTIFICATION = "ro_RO.UTF-8";
LC_MEASUREMENT = "ro_RO.UTF-8";
LC_MONETARY = "ro_RO.UTF-8";
LC_NAME = "ro_RO.UTF-8";
LC_NUMERIC = "ro_RO.UTF-8";
LC_PAPER = "ro_RO.UTF-8";
LC_TELEPHONE = "ro_RO.UTF-8";
LC_TIME = "ro_RO.UTF-8";
};
environment.systemPackages = with pkgs; [
torsocks
];
# 9050,9063,8118(HTTP)
services.tor = {
enable = true;
client.enable = true;
openFirewall = true;
settings = {ControlPort = 9051;};
};
}
{
config,
pkgs,
...
}: {
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.extraOptions = ''
trusted-users = root user
'';
}
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
lynis
];
}
{
config,
pkgs,
lib,
...
}: {
environment.variables.EDITOR = "nvim";
users.users.user.shell = pkgs.bash;
environment.shells = with pkgs; [bash];
programs.bash = {
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
programs.fish.enable = true;
programs.starship = {
enable = true;
settings = {
add_newline = true;
command_timeout = 1300;
scan_timeout = 50;
format = ''
$all$nix_shell$nodejs$lua$golang$rust$php$git_branch$git_commit$git_state$git_status
$username$hostname$directory'';
character = {
success_symbol = "[](bold green) ";
error_symbol = "[✗](bold red) ";
};
};
};
#programs.zsh = {
# enable = true;
# enableCompletion = true;
# autosuggestions.enable = true;
# syntaxHighlighting.enable = true;
#
# shellAliases = {
# update = "sudo nixos-rebuild switch";
# upgrade = "sudo nixos-rebuild switch --upgrade";
# proxy-grabber =
# "if [ $# -eq 0 ]; then torsocks curl -sL https://cdn.jsdelivr.net/gh/proxifly/free-proxy-list@main/proxies/all/data.txt else countrycode=$(echo $1 | tr '[:lower:]' '[:upper:]') torsocks curl -sL https://cdn.jsdelivr.net/gh/proxifly/free-proxy-list@main/proxies/countries/$countrycode/data.txt fi";
# usbdiff =
# "lsblk > diff1 && echo 'SLEEPING 5...' && sleep 5 && lsblk > diff2 && diff diff1 diff2 && rm diff1 diff2";
# };
#
# oh-my-zsh = {
# enable = true;
# plugins = [ "git" ];
# theme = "clean";
# };
#};
}
{
config,
pkgs,
...
}: {
programs.neovim = {defaultEditor = true;};
environment.systemPackages = with pkgs; [
pciutils
btop
nload
htop
nethogs
uutils-coreutils-noprefix
nvim
git
curl
bat
eza
dua
ripgrep
dig
fd
proxychains-ng
unzip
wget
];
}
{
config,
pkgs,
...
}: {
imports = [./gnome.nix ./sway.nix];
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
layout = "us";
xkbVariant = "";
};
# Enable sound with pipewire.
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is en>
# no need to redefine it in your config for now)
#media-session.enable = true;
};
}
{
config,
pkgs,
...
}: {
services.xserver.desktopManager.gnome.enable = true;
programs.kdeconnect.enable = true;
environment.systemPackages = with pkgs; [
gnome-tweaks
# GNOME-specific packages
bustle
collision
commit
dialect
fretboard
#gaphor
hieroglyphic
junction
keypunch
letterpress
gnome-obfuscate
shortwave
solanum
wike
commit
wl-clipboard
gnomeExtensions.gsconnect
gnomeExtensions.astra-monitor
lm_sensors
iotop
gtop
wirelesstools
];
}
{
config,
pkgs,
...
}: {
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
};
environment.systemPackages = with pkgs; [
mako # Notification daemon for Sway
playerctl
# Other Sway-specific packages
];
programs.light.enable = true; # For brightness control
}
Reference in New Issue View Git Blame Copy Permalink