jasmine/dotfiles.nix
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

refactor

Browse source
This commit is contained in:
♥ Minnie ♥ 2024-01-14 06:29:18 +08:00
parent 4143db478b
commit bf62eaece2
11 changed files with 160 additions and 174 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
flake.nix
View file

@ -16,8 +16,8 @@
};
# Add any other flake you might need
#neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
agenix.url = "github:ryantm/agenix";
impermanence.url = "github:nix-community/impermanence";
};
outputs = { self, nixpkgs, home-manager, ... }@inputs:
@ -60,7 +60,6 @@
fuchsia = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
# > Our main nixos configuration file <
./nixos/fuchsia/configuration.nix
];
};
@ -68,7 +67,6 @@
viridian = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
# > Our main nixos configuration file <
./nixos/viridian/configuration.nix
];
};

5
home-manager/sajenim/home.nix
View file

@ -1,7 +1,7 @@
# This is your home-manager configuration file
# Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix)
{ inputs, outputs, lib, config, pkgs, ... }: {
{ inputs, outputs, pkgs, ... }: {
# You can import other home-manager modules here
imports = [
# If you want to use modules your own flake exports (from modules/home-manager):
@ -9,6 +9,7 @@
# Or modules exported from other flakes (such as nix-colors):
# inputs.nix-colors.homeManagerModules.default
inputs.impermanence.nixosModules.home-manager.impermanence
# You can also split up your configuration and import pieces of it here:
@ -61,6 +62,7 @@
matchBlocks = {
"viridian" = {
hostname = "192.168.1.102";
port = 48654;
};
};
};
@ -84,7 +86,6 @@
runelite
jellyfin-media-player
xmobar
super-slicer-latest
# Unstable user programs
unstable.wezterm
];

27
nixos/common/global/default.nix Normal file
View file

@ -0,0 +1,27 @@
{ outputs, ... }:
{
imports = [
./nix.nix
./ssh.nix
./system-tools.nix
];
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
];
config = {
allowUnfree = true;
};
};
i18n.defaultLocale = "en_AU.UTF-8";
time.timeZone = "Australia/Perth";
networking.domain = "kanto.dev";
hardware.enableRedistributableFirmware = true;
}

27
nixos/common/global/nix.nix Normal file
View file

@ -0,0 +1,27 @@
{ config, inputs, lib, ... }:
{
nix = {
gc = {
# Automatically run the garbage collector an a specified time.
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# This will add each flake input as a registry
# To make nix commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
};
}

13
nixos/common/global/ssh.nix Normal file
View file

@ -0,0 +1,13 @@
{ ... }:
{
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
};
ports = [ 48654 ];
openFirewall = true;
};
}

3
nixos/common/system-tools.nix → nixos/common/global/system-tools.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }:
{ pkgs, ... }:
{
environment = {
@ -15,6 +15,7 @@
scrot # screenshot
direnv # load environment
jq # JSON processor
git # version control
# HTTP
curl # transfer dato to/from server

25
nixos/common/optional/steam.nix Normal file
View file

@ -0,0 +1,25 @@
{ ... }:
{
fileSystems."/home/sajenim/.local/share/Steam" = {
device = "/dev/disk/by-label/data";
fsType = "btrfs";
options = [
"subvol=steam"
"compress=zstd:3"
];
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
};
# When we mount our steam filesystem parent directories created are owned by root.
# Lets fix that to avoid home-manager failing to start due to permission errors.
systemd.tmpfiles.rules = [
"d /home/sajenim/.local 0755 sajenim users -"
"d /home/sajenim/.local/share 0755 sajenim users -"
];
}

25
nixos/common/users/sajenim/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ inputs, outputs, pkgs, ... }:
{
imports = [
"${inputs.self}/nixos/common/optional/steam.nix"
];
users.users.sajenim = {
isNormalUser = true;
extraGroups = [ "audio" "docker" "networkmanager" "wheel" ];
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = [
"${inputs.self}/home-manager/sabrina/id_ed25519.pub"
];
hashedPassword = "$y$j9T$qIhW5qL9J9w.w6JWa.bGo/$oddG3HJyOZ1mwHzYnYPJ/MzN38oHEBEvPDc0sB3rAf9";
};
users.mutableUsers = false;
home-manager = {
extraSpecialArgs = { inherit inputs outputs; };
users = {
sajenim = import "${inputs.self}/home-manager/sajenim/home.nix";
};
};
}

153
nixos/fuchsia/configuration.nix
View file

@ -1,98 +1,24 @@
# This is your system's configuration file.
# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
{ inputs, pkgs, ... }:
{ inputs, outputs, lib, config, pkgs, ... }: {
# You can import other NixOS modules here
{
imports = [
# If you want to use modules your own flake exports (from modules/nixos):
# outputs.nixosModules.example
inputs.impermanence.nixosModules.impermanence
inputs.home-manager.nixosModules.home-manager
# Or modules from other flakes (such as nixos-hardware):
# inputs.hardware.nixosModules.common-cpu-amd
# inputs.hardware.nixosModules.common-ssd
../common/global
../common/users/sajenim
# You can also split up your configuration and import pieces of it here:
# Import common configurations
../common/system-tools.nix
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix
];
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
nix = {
gc = {
# Automatically run the garbage collector an a specified time.
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# This will add each flake input as a registry
# To make nix commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
};
# Select internationalisation properties
i18n.defaultLocale = "en_AU.UTF-8";
# Set timezone
time.timeZone = "Australia/Perth";
boot = {
# Kernel to install
kernelPackages = pkgs.linuxPackages_latest;
# Parameters added to the kernel command line
kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ];
# Autoload stage 2 modules
kernelParams = [
# Enable amdgpu driver sysfs API that allows fine grain control of GPU
"amdgpu.ppfeaturemask=0xffffffff"
];
kernelModules = [ "i2c-dev" "i2c-piix4" ];
# Autoload stage 1 modules
initrd.kernelModules = [ "amdgpu" ];
loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi";
};
};
};
hardware = {
@ -100,14 +26,10 @@
enable = true;
powerOnBoot = true;
};
# Setup sound server (Audio Support)
pulseaudio = {
enable = true;
support32Bit = true; # If compatibility with 32-bit applications is desired.
support32Bit = true;
};
# Configure OpenGL
opengl = {
enable = true;
# Vulkan
@ -123,17 +45,10 @@
networking = {
hostName = "fuchsia";
domain = "kanto.dev";
networkmanager.enable = true;
# firewall = {
# enable = true;
# allowedTCPPorts = [ ];
# allowedUDPPorts = [ ];
# };
};
fonts = {
# Install system fonts
packages = with pkgs; [
fantasque-sans-mono
fira-code
@ -144,75 +59,46 @@
];
};
# Setup environment
environment = {
# Symlink /bin/sh to POSIX-Complient shell
binsh = "${pkgs.bash}/bin/bash";
shells = with pkgs; [ zsh ];
# Install packages, prefix with 'unstable.' to use overlay
systemPackages = with pkgs; [
# Audio
pulsemixer
# Code editors
emacs vscode
# Browsers
firefox
# Graphics
gimp inkscape krita
# Printing
blender freecad openscad cura prusa-slicer
blender freecad openscad prusa-slicer
# Misc
openrgb protonup-ng
# Hardware
libratbag piper
];
# Completions for system packages
pathsToLink = [ "/share/zsh" ];
};
programs = {
zsh.enable = true;
# GPG and SSH support for yubikey
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Dedicated Server
};
fuse.userAllowOther = true;
};
services = {
# This setups a SSH server. Very important if you're setting up a headless system.
# Feel free to remove if you don't need it.
openssh = {
enable = true;
# Forbid root login through SSH.
settings.PermitRootLogin = "no";
# Use keys only. Remove if you want to SSH using password (not recommended)
settings.PasswordAuthentication = false;
};
# Our udev rules
udev.packages = with pkgs; [
yubikey-personalization
openrgb
qmk-udev-rules
];
# Setup our xserver
xserver = {
enable = true;
layout = "au";
@ -220,39 +106,24 @@
libinput = {
enable = true;
mouse = {
# Disable mouse acceleration.
accelProfile = "flat";
};
};
displayManager.startx.enable = true;
};
ratbagd.enable = true;
};
# Install docker
virtualisation.docker = {
enable = true;
# Reduce container downtime due to daemon crashes
liveRestore = false;
};
# Login and use sudo with our yubikey
security.pam.services = {
login.u2fAuth = true;
sudo.u2fAuth = true;
};
# Users
users.users.sajenim = {
isNormalUser = true;
extraGroups = [ "audio" "docker" "networkmanager" "wheel" ];
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = [
../../home-manager/sabrina/id_ed25519.pub
];
};
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "22.11";
}

49
nixos/fuchsia/hardware-configuration.nix
View file

@ -1,37 +1,36 @@
# This is just an example, you should generate yours with nixos-generate-config and put it in here.
{ config, lib, pkgs, modulesPath, ... }:
{ config, lib, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
imports = [
../common/optional/ephemeral-btrfs.nix
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/08e24fe4-91d3-4966-83a5-2f1668f2ce0f";
fsType = "ext4";
boot = {
initrd = {
availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
kernelModules = [ "kvm-amd" ];
};
fileSystems."/boot/efi" =
{ device = "/dev/disk/by-uuid/B5A4-2D13";
fsType = "vfat";
loader= {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
};
};
fileSystems."/home/sajenim/Games" =
{ device = "/dev/disk/by-uuid/58097403-9b5b-4cee-b9d1-e3d5fde1a364";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/ESP";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [
{ device = "/swap/swapfile";
size = 16*1024;
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp34s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

3
nixos/viridian/configuration.nix
View file

@ -15,7 +15,6 @@
outputs.nixosModules.qbittorrent
# Or modules from other flakes (such as nixos-hardware):
inputs.agenix.nixosModules.default
# You can also split up your configuration and import pieces of it here:
# ./users.nix
@ -197,7 +196,7 @@
# Install packages, prefix with 'unstable.' to use overlay
systemPackages = with pkgs; [
inputs.agenix.packages."${system}".default
agenix.packages."${system}".default
];
};
programs = {