This commit is contained in:
♥ Minnie ♥ 2024-01-14 06:29:18 +08:00
parent 4143db478b
commit bf62eaece2
11 changed files with 160 additions and 174 deletions

View file

@ -16,8 +16,8 @@
}; };
# Add any other flake you might need # Add any other flake you might need
#neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
impermanence.url = "github:nix-community/impermanence";
}; };
outputs = { self, nixpkgs, home-manager, ... }@inputs: outputs = { self, nixpkgs, home-manager, ... }@inputs:
@ -60,7 +60,6 @@
fuchsia = nixpkgs.lib.nixosSystem { fuchsia = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; }; specialArgs = { inherit inputs outputs; };
modules = [ modules = [
# > Our main nixos configuration file <
./nixos/fuchsia/configuration.nix ./nixos/fuchsia/configuration.nix
]; ];
}; };
@ -68,7 +67,6 @@
viridian = nixpkgs.lib.nixosSystem { viridian = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; }; specialArgs = { inherit inputs outputs; };
modules = [ modules = [
# > Our main nixos configuration file <
./nixos/viridian/configuration.nix ./nixos/viridian/configuration.nix
]; ];
}; };

View file

@ -1,7 +1,7 @@
# This is your home-manager configuration file # This is your home-manager configuration file
# Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix) # Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix)
{ inputs, outputs, lib, config, pkgs, ... }: { { inputs, outputs, pkgs, ... }: {
# You can import other home-manager modules here # You can import other home-manager modules here
imports = [ imports = [
# If you want to use modules your own flake exports (from modules/home-manager): # If you want to use modules your own flake exports (from modules/home-manager):
@ -9,6 +9,7 @@
# Or modules exported from other flakes (such as nix-colors): # Or modules exported from other flakes (such as nix-colors):
# inputs.nix-colors.homeManagerModules.default # inputs.nix-colors.homeManagerModules.default
inputs.impermanence.nixosModules.home-manager.impermanence
# You can also split up your configuration and import pieces of it here: # You can also split up your configuration and import pieces of it here:
@ -61,6 +62,7 @@
matchBlocks = { matchBlocks = {
"viridian" = { "viridian" = {
hostname = "192.168.1.102"; hostname = "192.168.1.102";
port = 48654;
}; };
}; };
}; };
@ -84,7 +86,6 @@
runelite runelite
jellyfin-media-player jellyfin-media-player
xmobar xmobar
super-slicer-latest
# Unstable user programs # Unstable user programs
unstable.wezterm unstable.wezterm
]; ];

View file

@ -0,0 +1,27 @@
{ outputs, ... }:
{
imports = [
./nix.nix
./ssh.nix
./system-tools.nix
];
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
];
config = {
allowUnfree = true;
};
};
i18n.defaultLocale = "en_AU.UTF-8";
time.timeZone = "Australia/Perth";
networking.domain = "kanto.dev";
hardware.enableRedistributableFirmware = true;
}

View file

@ -0,0 +1,27 @@
{ config, inputs, lib, ... }:
{
nix = {
gc = {
# Automatically run the garbage collector an a specified time.
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# This will add each flake input as a registry
# To make nix commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
};
}

View file

@ -0,0 +1,13 @@
{ ... }:
{
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
};
ports = [ 48654 ];
openFirewall = true;
};
}

View file

@ -15,6 +15,7 @@
scrot # screenshot scrot # screenshot
direnv # load environment direnv # load environment
jq # JSON processor jq # JSON processor
git # version control
# HTTP # HTTP
curl # transfer dato to/from server curl # transfer dato to/from server

View file

@ -0,0 +1,25 @@
{ ... }:
{
fileSystems."/home/sajenim/.local/share/Steam" = {
device = "/dev/disk/by-label/data";
fsType = "btrfs";
options = [
"subvol=steam"
"compress=zstd:3"
];
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
};
# When we mount our steam filesystem parent directories created are owned by root.
# Lets fix that to avoid home-manager failing to start due to permission errors.
systemd.tmpfiles.rules = [
"d /home/sajenim/.local 0755 sajenim users -"
"d /home/sajenim/.local/share 0755 sajenim users -"
];
}

View file

@ -0,0 +1,25 @@
{ inputs, outputs, pkgs, ... }:
{
imports = [
"${inputs.self}/nixos/common/optional/steam.nix"
];
users.users.sajenim = {
isNormalUser = true;
extraGroups = [ "audio" "docker" "networkmanager" "wheel" ];
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = [
"${inputs.self}/home-manager/sabrina/id_ed25519.pub"
];
hashedPassword = "$y$j9T$qIhW5qL9J9w.w6JWa.bGo/$oddG3HJyOZ1mwHzYnYPJ/MzN38oHEBEvPDc0sB3rAf9";
};
users.mutableUsers = false;
home-manager = {
extraSpecialArgs = { inherit inputs outputs; };
users = {
sajenim = import "${inputs.self}/home-manager/sajenim/home.nix";
};
};
}

View file

@ -1,98 +1,24 @@
# This is your system's configuration file. { inputs, pkgs, ... }:
# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
{ inputs, outputs, lib, config, pkgs, ... }: { {
# You can import other NixOS modules here
imports = [ imports = [
# If you want to use modules your own flake exports (from modules/nixos):
# outputs.nixosModules.example
inputs.impermanence.nixosModules.impermanence inputs.impermanence.nixosModules.impermanence
inputs.home-manager.nixosModules.home-manager
# Or modules from other flakes (such as nixos-hardware): ../common/global
# inputs.hardware.nixosModules.common-cpu-amd ../common/users/sajenim
# inputs.hardware.nixosModules.common-ssd
# You can also split up your configuration and import pieces of it here:
# Import common configurations
../common/system-tools.nix
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
nix = {
gc = {
# Automatically run the garbage collector an a specified time.
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# This will add each flake input as a registry
# To make nix commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
};
# Select internationalisation properties
i18n.defaultLocale = "en_AU.UTF-8";
# Set timezone
time.timeZone = "Australia/Perth";
boot = { boot = {
# Kernel to install
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
# Parameters added to the kernel command line kernelParams = [
kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ]; # Enable amdgpu driver sysfs API that allows fine grain control of GPU
# Autoload stage 2 modules "amdgpu.ppfeaturemask=0xffffffff"
];
kernelModules = [ "i2c-dev" "i2c-piix4" ]; kernelModules = [ "i2c-dev" "i2c-piix4" ];
# Autoload stage 1 modules
initrd.kernelModules = [ "amdgpu" ]; initrd.kernelModules = [ "amdgpu" ];
loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi";
};
};
}; };
hardware = { hardware = {
@ -100,14 +26,10 @@
enable = true; enable = true;
powerOnBoot = true; powerOnBoot = true;
}; };
# Setup sound server (Audio Support)
pulseaudio = { pulseaudio = {
enable = true; enable = true;
support32Bit = true; # If compatibility with 32-bit applications is desired. support32Bit = true;
}; };
# Configure OpenGL
opengl = { opengl = {
enable = true; enable = true;
# Vulkan # Vulkan
@ -123,17 +45,10 @@
networking = { networking = {
hostName = "fuchsia"; hostName = "fuchsia";
domain = "kanto.dev";
networkmanager.enable = true; networkmanager.enable = true;
# firewall = {
# enable = true;
# allowedTCPPorts = [ ];
# allowedUDPPorts = [ ];
# };
}; };
fonts = { fonts = {
# Install system fonts
packages = with pkgs; [ packages = with pkgs; [
fantasque-sans-mono fantasque-sans-mono
fira-code fira-code
@ -144,75 +59,46 @@
]; ];
}; };
# Setup environment
environment = { environment = {
# Symlink /bin/sh to POSIX-Complient shell # Symlink /bin/sh to POSIX-Complient shell
binsh = "${pkgs.bash}/bin/bash"; binsh = "${pkgs.bash}/bin/bash";
shells = with pkgs; [ zsh ]; shells = with pkgs; [ zsh ];
# Install packages, prefix with 'unstable.' to use overlay # Install packages, prefix with 'unstable.' to use overlay
systemPackages = with pkgs; [ systemPackages = with pkgs; [
# Audio # Audio
pulsemixer pulsemixer
# Code editors # Code editors
emacs vscode emacs vscode
# Browsers # Browsers
firefox firefox
# Graphics # Graphics
gimp inkscape krita gimp inkscape krita
# Printing # Printing
blender freecad openscad cura prusa-slicer blender freecad openscad prusa-slicer
# Misc # Misc
openrgb protonup-ng openrgb protonup-ng
# Hardware # Hardware
libratbag piper libratbag piper
]; ];
# Completions for system packages # Completions for system packages
pathsToLink = [ "/share/zsh" ]; pathsToLink = [ "/share/zsh" ];
}; };
programs = { programs = {
zsh.enable = true; zsh.enable = true;
# GPG and SSH support for yubikey
gnupg.agent = { gnupg.agent = {
enable = true; enable = true;
enableSSHSupport = true; enableSSHSupport = true;
}; };
fuse.userAllowOther = true;
steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Dedicated Server
};
}; };
services = { services = {
# This setups a SSH server. Very important if you're setting up a headless system.
# Feel free to remove if you don't need it.
openssh = {
enable = true;
# Forbid root login through SSH.
settings.PermitRootLogin = "no";
# Use keys only. Remove if you want to SSH using password (not recommended)
settings.PasswordAuthentication = false;
};
# Our udev rules
udev.packages = with pkgs; [ udev.packages = with pkgs; [
yubikey-personalization yubikey-personalization
openrgb openrgb
qmk-udev-rules qmk-udev-rules
]; ];
# Setup our xserver
xserver = { xserver = {
enable = true; enable = true;
layout = "au"; layout = "au";
@ -220,39 +106,24 @@
libinput = { libinput = {
enable = true; enable = true;
mouse = { mouse = {
# Disable mouse acceleration.
accelProfile = "flat"; accelProfile = "flat";
}; };
}; };
displayManager.startx.enable = true; displayManager.startx.enable = true;
}; };
ratbagd.enable = true; ratbagd.enable = true;
}; };
# Install docker
virtualisation.docker = { virtualisation.docker = {
enable = true; enable = true;
# Reduce container downtime due to daemon crashes
liveRestore = false; liveRestore = false;
}; };
# Login and use sudo with our yubikey
security.pam.services = { security.pam.services = {
login.u2fAuth = true; login.u2fAuth = true;
sudo.u2fAuth = true; sudo.u2fAuth = true;
}; };
# Users
users.users.sajenim = {
isNormalUser = true;
extraGroups = [ "audio" "docker" "networkmanager" "wheel" ];
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = [
../../home-manager/sabrina/id_ed25519.pub
];
};
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "22.11"; system.stateVersion = "22.11";
} }

View file

@ -1,37 +1,36 @@
# This is just an example, you should generate yours with nixos-generate-config and put it in here. { config, lib, ... }:
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [
../common/optional/ephemeral-btrfs.nix
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot = {
boot.kernelModules = [ "kvm-amd" ]; initrd = {
boot.extraModulePackages = [ ]; availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
kernelModules = [ "kvm-amd" ];
fileSystems."/" = };
{ device = "/dev/disk/by-uuid/08e24fe4-91d3-4966-83a5-2f1668f2ce0f"; loader= {
fsType = "ext4"; systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
};
}; };
fileSystems."/boot/efi" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/B5A4-2D13"; device = "/dev/disk/by-label/ESP";
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/home/sajenim/Games" = swapDevices = [
{ device = "/dev/disk/by-uuid/58097403-9b5b-4cee-b9d1-e3d5fde1a364"; { device = "/swap/swapfile";
fsType = "ext4"; size = 16*1024;
}; }
];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp34s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

View file

@ -15,7 +15,6 @@
outputs.nixosModules.qbittorrent outputs.nixosModules.qbittorrent
# Or modules from other flakes (such as nixos-hardware): # Or modules from other flakes (such as nixos-hardware):
inputs.agenix.nixosModules.default
# You can also split up your configuration and import pieces of it here: # You can also split up your configuration and import pieces of it here:
# ./users.nix # ./users.nix
@ -197,7 +196,7 @@
# Install packages, prefix with 'unstable.' to use overlay # Install packages, prefix with 'unstable.' to use overlay
systemPackages = with pkgs; [ systemPackages = with pkgs; [
inputs.agenix.packages."${system}".default agenix.packages."${system}".default
]; ];
}; };
programs = { programs = {