rearrange things

This commit is contained in:
iFargle 2023-07-12 15:08:57 +09:00
parent 9f8af0d750
commit 0141332392
14 changed files with 29 additions and 449 deletions

View file

@ -31,3 +31,13 @@ Repo for nix configuration files
* `nix-shell -p sops --run "sops secrets/secret_file.yml` * `nix-shell -p sops --run "sops secrets/secret_file.yml`
* New shell alias: `sops secrets/secret_file.yml` * New shell alias: `sops secrets/secret_file.yml`
2. Ensure your GPG keys are set up. 2. Ensure your GPG keys are set up.
# Lanzaboote / SecureBoot
* Instructions here - [Link](https://git.sysctl.io/Mirrors/lanzaboote/src/branch/master/docs/QUICK_START.md)
1. Create your keys: `sbctl create-keys`
2. Verify your machine is ready for SecureBoot: `sbctl verify` - Everything except `*-bzImage.efi` are signed
3. Enter Secureboot Setup mode in your EFI Settings on the motherboard (F10)
* Security -> SecureBoot -> Set to Enabled and "Reset to Setup Mode" and exit
4. Enroll the keys: `sbctl enroll-keys --microsoft`
* If you wish, you acan select --tpm-eventlog, but checksums will change later (ie, at a kernel rebuild)
5. Reboot and verify you are activated: `bootctl status`

View file

@ -18,9 +18,6 @@
./services/telegraf.nix ./services/telegraf.nix
]; ];
# Define the default sops file:
sops.defaultSopsFile = ./secrets/secrets.yaml;
# Keep the system up-to-date automatically # Keep the system up-to-date automatically
system = { system = {
autoUpgrade = { autoUpgrade = {
@ -112,6 +109,9 @@
neofetch neofetch
gnupg gnupg
fail2ban fail2ban
# nvtop for use with nvidia cards
nvtop-nvidia
]; ];
# Enable various system services # Enable various system services

View file

@ -7,7 +7,6 @@
steam steam
lutris lutris
vlc vlc
vscodium
]; ];
}; };
@ -32,10 +31,6 @@
enable = true; enable = true;
layout = "us"; layout = "us";
xkbVariant = ""; xkbVariant = "";
# libinput = {
# enable = true;
# touchpad.tapping = true;
# };
# Enable nVidia drivers # Enable nVidia drivers
videoDrivers = [ "nvidia" ]; videoDrivers = [ "nvidia" ];

View file

@ -1,296 +0,0 @@
{
"nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1683560683,
"narHash": "sha256-XAygPMN5Xnk/W2c1aW0jyEa6lfMDZWlQgiNtmHXytPc=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "006c75898cf814ef9497252b022e91c946ba8e17",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1660459072,
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"stable-nixpkgs"
]
},
"locked": {
"lastModified": 1687871164,
"narHash": "sha256-bBFlPthuYX322xOlpJvkjUBz0C+MOBjZdDOOJJ+G2jU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "07c347bb50994691d7b0095f45ebd8838cf6bc38",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.05",
"repo": "home-manager",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"nixpkgs": [
"stable-nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix"
},
"locked": {
"lastModified": 1687124707,
"narHash": "sha256-BEC2y7zwDI/Saeupr9rijLvwb0OoqTD9vntlcyciyrM=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "c758cdad465e0c8174db57dc493f51a89f0e3372",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lanzaboote",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1688188316,
"narHash": "sha256-CXuQllDKCxtZaB/umnZOvoJ/d4kJguYgffeTA9l1B3o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8277b539d371bf4308fc5097911aa58bfac1794f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1678872516,
"narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1688256355,
"narHash": "sha256-/E+OSabu4ii5+ccWff2k4vxDsXYhpc4hwnm0s6JOz7Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f553c016a31277246f8d3724d3b1eee5e8c0842c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1688272984,
"narHash": "sha256-RzQzZ4msqK2ECgJn0fqgujhoPJvAy8LsbGfv3KByf1U=",
"owner": "nix-community",
"repo": "NUR",
"rev": "c2acdb273bef64edc5f786c53381f736690b6fbf",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"flake-utils": [
"lanzaboote",
"flake-utils"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1684842236,
"narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "61e567d6497bc9556f391faebe5e410e6623217f",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"nur": "nur",
"sops-nix": "sops-nix",
"stable-nixpkgs": "stable-nixpkgs",
"unstable-nixpkgs": "unstable-nixpkgs"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1688268466,
"narHash": "sha256-fArazqgYyEFiNcqa136zVYXihuqzRHNOOeVICayU2Yg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "5ed3c22c1fa0515e037e36956a67fe7e32c92957",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"stable-nixpkgs": {
"locked": {
"lastModified": 1688109178,
"narHash": "sha256-BSdeYp331G4b1yc7GIRgAnfUyaktW2nl7k0C577Tttk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b72aa95f7f096382bff3aea5f8fde645bca07422",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"unstable-nixpkgs": {
"locked": {
"lastModified": 1688231357,
"narHash": "sha256-ZOn16X5jZ6X5ror58gOJAxPfFLAQhZJ6nOUeS4tfFwo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "645ff62e09d294a30de823cb568e9c6d68e92606",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
}
},
"root": "root",
"version": 7
}

View file

@ -27,6 +27,7 @@
# nVidia prime selector alias: # nVidia prime selector alias:
prime-select = "nvidia-offload"; prime-select = "nvidia-offload";
XDG_DATA_HOME="$HOME/.local/share"
# docker # docker
d = "docker"; d = "docker";

View file

@ -43,14 +43,13 @@
}; };
}; };
# Fingerprint software
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# Fingerprint software
fprintd fprintd
nvtop-nvidia
]; ];
imports = [ imports = [
# Modules # Modules
../../modules/powertop.nix ../../modules/powertop.nix
]; ];
}

View file

@ -1,6 +1,7 @@
{ config, pkgs, ... }: { { config, pkgs, hostname, ... }: {
services.openssh = { services.openssh = {
enable = true; enable = true;
# Defaults to true -- I don't like it when services default to true for opening firewalls.
openFirewall = false; openFirewall = false;
settings = { settings = {
LogLevel = "VERBOSE"; # Used for fail2ban monitoring LogLevel = "VERBOSE"; # Used for fail2ban monitoring
@ -9,6 +10,7 @@
}; };
banner = '' banner = ''
-- --
Welcome to ${hostname}
You are accessing a U.S. Government (USG) Information You are accessing a U.S. Government (USG) Information
System (IS) that is provided for USG-authorized use only. System (IS) that is provided for USG-authorized use only.

View file

@ -13,7 +13,6 @@
lm_sensors lm_sensors
telegraf telegraf
smartmontools smartmontools
fail2ban
]; ];
# Allow telegraf to talk to other executables it requires: # Allow telegraf to talk to other executables it requires:

View file

@ -9,16 +9,6 @@ with lib.hm.gvariant;
keyrings-selected = [ "openssh:///home/albert/.ssh" ]; keyrings-selected = [ "openssh:///home/albert/.ssh" ];
}; };
"apps/seahorse/windows/key-manager" = {
height = 476;
width = 600;
};
"org/gnome/Console" = {
last-window-size = mkTuple [ 824 754 ];
theme = "dark";
};
"org/gnome/GWeather4" = { "org/gnome/GWeather4" = {
temperature-unit = "centigrade"; temperature-unit = "centigrade";
}; };
@ -37,11 +27,6 @@ with lib.hm.gvariant;
size = mkTuple [ 870 690 ]; size = mkTuple [ 870 690 ];
}; };
"org/gnome/control-center" = {
last-panel = "display";
window-state = mkTuple [ 980 640 ];
};
"org/gnome/desktop/app-folders" = { "org/gnome/desktop/app-folders" = {
folder-children = [ "Utilities" "YaST" ]; folder-children = [ "Utilities" "YaST" ];
}; };
@ -72,11 +57,6 @@ with lib.hm.gvariant;
show-weekdate = false; show-weekdate = false;
}; };
"org/gnome/desktop/input-sources" = {
sources = [ (mkTuple [ "xkb" "us" ]) ];
xkb-options = [ "terminate:ctrl_alt_bksp" ];
};
"org/gnome/desktop/interface" = { "org/gnome/desktop/interface" = {
clock-show-date = true; clock-show-date = true;
clock-show-weekday = false; clock-show-weekday = false;
@ -89,20 +69,7 @@ with lib.hm.gvariant;
}; };
"org/gnome/desktop/notifications" = { "org/gnome/desktop/notifications" = {
application-children = [ "gnome-power-panel" "bitwarden" "firefox" ]; show-banners = true;
show-banners = false;
};
"org/gnome/desktop/notifications/application/bitwarden" = {
application-id = "bitwarden.desktop";
};
"org/gnome/desktop/notifications/application/firefox" = {
application-id = "firefox.desktop";
};
"org/gnome/desktop/notifications/application/gnome-power-panel" = {
application-id = "gnome-power-panel.desktop";
}; };
"org/gnome/desktop/peripherals/touchpad" = { "org/gnome/desktop/peripherals/touchpad" = {
@ -110,65 +77,14 @@ with lib.hm.gvariant;
two-finger-scrolling-enabled = true; two-finger-scrolling-enabled = true;
}; };
"org/gnome/desktop/screensaver" = {
color-shading-type = "solid";
picture-options = "zoom";
primary-color = "#3a4ba0";
secondary-color = "#2f302f";
};
"org/gnome/desktop/wm/keybindings" = {
maximize = [];
unmaximize = [];
};
"org/gnome/desktop/wm/preferences" = { "org/gnome/desktop/wm/preferences" = {
button-layout = "appmenu:minimize,maximize,close"; button-layout = "appmenu:minimize,maximize,close";
}; };
"org/gnome/evolution-data-server" = {
migrated = true;
};
"org/gnome/gnome-system-monitor" = {
# This breaks dconf.nix import for some reason..
# cpu-colors = [ (mkTuple [ mkUint32 0 "#e6194B" ]) (mkTuple [ 1 "#f58231" ]) (mkTuple [ 2 "#ffe119" ]) (mkTuple [ 3 "#bfef45" ]) (mkTuple [ 4 "#3cb44b" ]) (mkTuple [ 5 "#42d4f4" ]) (mkTuple [ 6 "#4363d8" ]) (mkTuple [ 7 "#911eb4" ]) (mkTuple [ 8 "#f032e6" ]) (mkTuple [ 9 "#fabebe" ]) (mkTuple [ 10 "#ffd8b1" ]) (mkTuple [ 11 "#fffac8" ]) (mkTuple [ 12 "#aaffc3" ]) (mkTuple [ 13 "#469990" ]) (mkTuple [ 14 "#000075" ]) (mkTuple [ 15 "#e6beff" ]) (mkTuple [ 16 "#d4867999f332" ]) (mkTuple [ 17 "#7999f332b10b" ]) (mkTuple [ 18 "#f3328d907999" ]) (mkTuple [ 19 "#7999891df332" ]) ];
current-tab = "disks";
maximized = false;
network-total-in-bits = false;
show-dependencies = false;
show-whose-processes = "user";
window-state = mkTuple [ 850 649 ];
};
"org/gnome/gnome-system-monitor/disktreenew" = {
col-6-visible = true;
col-6-width = 0;
};
"org/gnome/mutter" = { "org/gnome/mutter" = {
edge-tiling = false; edge-tiling = false;
}; };
"org/gnome/mutter/keybindings" = {
toggle-tiled-left = [];
toggle-tiled-right = [];
};
"org/gnome/nautilus/preferences" = {
default-folder-viewer = "icon-view";
migrated-gtk-settings = true;
search-filter-time-type = "last_modified";
};
"org/gnome/nautilus/window-state" = {
initial-size = mkTuple [ 986 674 ];
};
"org/gnome/photos" = {
window-maximized = true;
};
"org/gnome/settings-daemon/plugins/color" = { "org/gnome/settings-daemon/plugins/color" = {
night-light-enabled = true; night-light-enabled = true;
night-light-temperature = mkUint32 3418; night-light-temperature = mkUint32 3418;
@ -176,7 +92,6 @@ with lib.hm.gvariant;
"org/gnome/shell" = { "org/gnome/shell" = {
app-picker-layout = "[{'org.gnome.Extensions.desktop': <{'position': <0>}>, 'htop.desktop': <{'position': <1>}>, 'nixos-manual.desktop': <{'position': <2>}>, 'nvidia-settings.desktop': <{'position': <3>}>, 'vlc.desktop': <{'position': <4>}>, 'xterm.desktop': <{'position': <5>}>, 'org.gnome.Settings.desktop': <{'position': <6>}>, 'org.gnome.Calculator.desktop': <{'position': <7>}>, 'org.gnome.clocks.desktop': <{'position': <8>}>, 'org.gnome.Contacts.desktop': <{'position': <9>}>, 'simple-scan.desktop': <{'position': <10>}>, 'yelp.desktop': <{'position': <11>}>, 'org.gnome.Calendar.desktop': <{'position': <12>}>, 'gnome-system-monitor.desktop': <{'position': <13>}>, 'org.gnome.TextEditor.desktop': <{'position': <14>}>, 'Utilities': <{'position': <15>}>, 'org.gnome.Weather.desktop': <{'position': <16>}>, 'org.gnome.Photos.desktop': <{'position': <17>}>}]"; app-picker-layout = "[{'org.gnome.Extensions.desktop': <{'position': <0>}>, 'htop.desktop': <{'position': <1>}>, 'nixos-manual.desktop': <{'position': <2>}>, 'nvidia-settings.desktop': <{'position': <3>}>, 'vlc.desktop': <{'position': <4>}>, 'xterm.desktop': <{'position': <5>}>, 'org.gnome.Settings.desktop': <{'position': <6>}>, 'org.gnome.Calculator.desktop': <{'position': <7>}>, 'org.gnome.clocks.desktop': <{'position': <8>}>, 'org.gnome.Contacts.desktop': <{'position': <9>}>, 'simple-scan.desktop': <{'position': <10>}>, 'yelp.desktop': <{'position': <11>}>, 'org.gnome.Calendar.desktop': <{'position': <12>}>, 'gnome-system-monitor.desktop': <{'position': <13>}>, 'org.gnome.TextEditor.desktop': <{'position': <14>}>, 'Utilities': <{'position': <15>}>, 'org.gnome.Weather.desktop': <{'position': <16>}>, 'org.gnome.Photos.desktop': <{'position': <17>}>}]";
command-history = [ "restart gnome-shell" "restart" "gnome-shell -r" "r" ];
disable-user-extensions = false; disable-user-extensions = false;
disabled-extensions = [ "workspace-indicator@gnome-shell-extensions.gcampax.github.com" ]; disabled-extensions = [ "workspace-indicator@gnome-shell-extensions.gcampax.github.com" ];
enabled-extensions = [ "blur-my-shell@aunetx" "caffeine@patapon.info" "dash-to-dock@micxgx.gmail.com" "user-theme@gnome-shell-extensions.gcampax.github.com" "Vitals@CoreCoding.com" "tiling-assistant@leleat-on-github" "hibernate-status@dromi" "nightthemeswitcher@romainvigier.fr" ]; enabled-extensions = [ "blur-my-shell@aunetx" "caffeine@patapon.info" "dash-to-dock@micxgx.gmail.com" "user-theme@gnome-shell-extensions.gcampax.github.com" "Vitals@CoreCoding.com" "tiling-assistant@leleat-on-github" "hibernate-status@dromi" "nightthemeswitcher@romainvigier.fr" ];
@ -234,51 +149,6 @@ with lib.hm.gvariant;
sunset = 19.0; sunset = 19.0;
}; };
"org/gnome/shell/extensions/tiling-assistant" = {
activate-layout0 = [];
activate-layout1 = [];
activate-layout2 = [];
activate-layout3 = [];
active-window-hint = 1;
active-window-hint-color = "rgb(53,132,228)";
auto-tile = [];
center-window = [];
debugging-free-rects = [];
debugging-show-tiled-rects = [];
default-move-mode = 0;
dynamic-keybinding-behavior = 0;
enable-raise-tile-group = false;
import-layout-examples = false;
last-version-installed = 41;
overridden-settings = "{'org.gnome.mutter.edge-tiling': <false>}";
restore-window = [ "<Super>Down" ];
search-popup-layout = [];
single-screen-gap = 20;
tile-bottom-half = [ "<Super>KP_2" ];
tile-bottom-half-ignore-ta = [];
tile-bottomleft-quarter = [ "<Super>KP_1" ];
tile-bottomleft-quarter-ignore-ta = [];
tile-bottomright-quarter = [ "<Super>KP_3" ];
tile-bottomright-quarter-ignore-ta = [];
tile-edit-mode = [ "<Super>t" ];
tile-left-half = [ "<Super>Left" "<Super>KP_4" ];
tile-left-half-ignore-ta = [];
tile-maximize = [ "<Super>Up" "<Super>KP_5" ];
tile-maximize-horizontally = [];
tile-maximize-vertically = [];
tile-right-half = [ "<Super>Right" "<Super>KP_6" ];
tile-right-half-ignore-ta = [];
tile-top-half = [ "<Super>KP_8" ];
tile-top-half-ignore-ta = [];
tile-topleft-quarter = [ "<Super>KP_7" ];
tile-topleft-quarter-ignore-ta = [];
tile-topright-quarter = [ "<Super>KP_9" ];
tile-topright-quarter-ignore-ta = [];
toggle-always-on-top = [];
toggle-tiling-popup = [];
window-gap = 20;
};
"org/gnome/shell/extensions/user-theme" = { "org/gnome/shell/extensions/user-theme" = {
name = "vimix-dark-doder"; name = "vimix-dark-doder";
}; };

View file

@ -2,9 +2,9 @@
home.stateVersion = "23.05"; home.stateVersion = "23.05";
imports = [ imports = [
./gnome-dconf.nix ./gnome-dconf.nix
../../common/dotfiles/git.nix ../../home-manager/git.nix
../../common/dotfiles/neovim.nix ../../home-manager/neovim.nix
../../common/dotfiles/bash.nix ../../home-manager/bash.nix
../../common/dotfiles/firefox.nix ../../home-manager/firefox.nix
]; ];
} }

View file

@ -1,8 +1,8 @@
{ config, pkgs, ... }: { { config, pkgs, ... }: {
home.stateVersion = "23.05"; home.stateVersion = "23.05";
imports = [ imports = [
../../common/dotfiles/git.nix ../../home-manager/git.nix
../../common/dotfiles/neovim.nix ../../home-manager/neovim.nix
../../common/dotfiles/bash.nix ../../home-manager/bash.nix
]; ];
} }