This gon' break everything
This commit is contained in:
parent
91d18780a5
commit
1ff7ca7f10
56 changed files with 196 additions and 375 deletions
|
@ -1,6 +1,10 @@
|
|||
# NixOS Configuration Repository
|
||||
## NOTE: These configs expect this repo to be cloned to /etc/nixos/git/
|
||||
* `git clone https://git.sysctl.io/albert/nix /etc/nixos/git && ln -s /etc/nixos/git/flake.nix /etc/nixos/flake.nix`
|
||||
```
|
||||
git clone https://git.sysctl.io/albert/nix /etc/nixos/git
|
||||
ln -s /etc/nixos/git/flake.nix /etc/nixos/flake.nix
|
||||
nixos-rebuild switch --flake '/etc/nixos#<HOSTNAME>'
|
||||
```
|
||||
|
||||
---
|
||||
# To Do List
|
||||
|
|
|
@ -1,78 +0,0 @@
|
|||
{ lib, config, pkgs, ... }: {
|
||||
imports = [
|
||||
# Services
|
||||
./services/openssh.nix
|
||||
./services/promtail.nix
|
||||
./services/fail2ban.nix
|
||||
./services/telegraf.nix
|
||||
|
||||
# Modules
|
||||
./modules/nixos.nix # General NixOS items. Flake enablement, etc
|
||||
./modules/secureboot.nix # Secureboot Configs
|
||||
./modules/fonts.nix # Font Configs
|
||||
./modules/networking.nix # Initial Networking configs
|
||||
];
|
||||
|
||||
# Allow unfree packages
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
|
||||
i18n.extraLocaleSettings = {
|
||||
LC_ADDRESS = "en_US.UTF-8";
|
||||
LC_IDENTIFICATION = "en_US.UTF-8";
|
||||
LC_MEASUREMENT = "en_US.UTF-8";
|
||||
LC_MONETARY = "en_US.UTF-8";
|
||||
LC_NAME = "en_US.UTF-8";
|
||||
LC_NUMERIC = "en_US.UTF-8";
|
||||
LC_PAPER = "en_US.UTF-8";
|
||||
LC_TELEPHONE = "en_US.UTF-8";
|
||||
LC_TIME = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
# Define a user account.
|
||||
users.users.albert = {
|
||||
isNormalUser = true;
|
||||
description = "Albert J. Copeland";
|
||||
extraGroups = [ "networkmanager" "wheel" "video" "dbus" ];
|
||||
# video is required for the "light" command to work
|
||||
hashedPassword = "$y$j9T$wKLsIWaA4Gf63RvjedwLJ0$EHKL6BBJV0CAxEKcHHjaBqW085KJ/MGvmbyWzmcWOy6";
|
||||
};
|
||||
|
||||
# List packages installed in system profile
|
||||
environment.systemPackages = with pkgs; [
|
||||
sbctl
|
||||
powerline-go
|
||||
wget
|
||||
killall
|
||||
neovim
|
||||
git
|
||||
duf
|
||||
curl
|
||||
htop
|
||||
btop
|
||||
iftop
|
||||
nload
|
||||
iotop
|
||||
glxinfo
|
||||
tailscale
|
||||
neofetch
|
||||
gnupg
|
||||
fail2ban
|
||||
];
|
||||
|
||||
# Enable tailscale
|
||||
services = {
|
||||
tailscale.enable = true;
|
||||
};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
# system.stateVersion = "23.05"; # Did you read the comment?
|
||||
system.stateVersion = "unstable";
|
||||
}
|
|
@ -1,19 +0,0 @@
|
|||
# If a GUI is enabled, install GUI apps:
|
||||
{ lib, pkgs, config, ... }: {
|
||||
users.users.albert = {
|
||||
packages = with pkgs; [
|
||||
firefox
|
||||
thunderbird
|
||||
bitwarden
|
||||
steam
|
||||
lutris
|
||||
vlc
|
||||
];
|
||||
};
|
||||
|
||||
imports = [
|
||||
# Software configurations
|
||||
../software/firefox.nix
|
||||
../software/weechat.nix
|
||||
];
|
||||
}
|
|
@ -1,27 +0,0 @@
|
|||
{ config, pkgs, ... }: {
|
||||
|
||||
# Enable sound with pipewire.
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
};
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
layout = "us";
|
||||
xkbVariant = "";
|
||||
autorun = true;
|
||||
videoDrivers = [ "nvidia" ];
|
||||
};
|
||||
|
||||
services.xserver = {
|
||||
displayManager.gdm.enable = true;
|
||||
desktopManager.plasma5.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,24 +0,0 @@
|
|||
{ config, pkgs, ... }: {
|
||||
# Enable sound with pipewire.
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
};
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
layout = "us";
|
||||
xkbVariant = "";
|
||||
autorun = true;
|
||||
};
|
||||
|
||||
programs.sway = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
100
flake.nix
100
flake.nix
|
@ -1,94 +1,30 @@
|
|||
{
|
||||
# INFORMATION
|
||||
# When building for a system, remember to change the hostname variable below
|
||||
description = "NixOS System Config";
|
||||
|
||||
inputs = {
|
||||
# NixOS packages
|
||||
unstable-nixpkgs.url = "nixpkgs/nixos-unstable";
|
||||
|
||||
# Manage dotfiles in a home directory
|
||||
home-manager.url = "github:nix-community/home-manager/release-23.05";
|
||||
home-manager.inputs.nixpkgs.follows = "unstable-nixpkgs";
|
||||
|
||||
# Secureboot Configuration
|
||||
lanzaboote.url = "github:nix-community/lanzaboote";
|
||||
lanzaboote.inputs.nixpkgs.follows = "unstable-nixpkgs";
|
||||
|
||||
# Nix User Repository
|
||||
nur.url = "github:nix-community/NUR";
|
||||
|
||||
# Hardware support
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
||||
|
||||
# Encrypted secrets in Nix configuration files
|
||||
sops-nix.url = "github:Mic92/sops-nix";
|
||||
nixpkgs.url = "nixpkgs/nixos-unstable"; # NixOS packages
|
||||
home-manager.url = "github:nix-community/home-manager/release-23.05"; # Manage dotfiles in a home directory
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
lanzaboote.url = "github:nix-community/lanzaboote"; # Secureboot Configuration
|
||||
lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
|
||||
nur.url = "github:nix-community/NUR"; # Nix User Repository
|
||||
sops-nix.url = "github:Mic92/sops-nix"; # Encrypted secrets in Nix configuration files
|
||||
};
|
||||
|
||||
outputs = {
|
||||
self,
|
||||
unstable-nixpkgs,
|
||||
home-manager,
|
||||
lanzaboote,
|
||||
nur,
|
||||
sops-nix,
|
||||
nixos-hardware,
|
||||
...
|
||||
self, nixpkgs, home-manager, lanzaboote, nur, sops-nix, ...
|
||||
}@inputs:
|
||||
let
|
||||
# Variables - Remember to set these
|
||||
hostname = "nixos-laptop"; # Should probably set this in a minimal configuration.nix?
|
||||
system = "x86_64-linux";
|
||||
inherit (self) outputs;
|
||||
stateVersion = "unstable";
|
||||
hmStateVersion = "23.05";
|
||||
|
||||
pkgs = import unstable-nixpkgs {
|
||||
inherit system;
|
||||
config = { allowUnfree = true; };
|
||||
};
|
||||
|
||||
lib = unstable-nixpkgs.lib;
|
||||
libx = import ./lib { inherit inputs outputs stateVersion; };
|
||||
in {
|
||||
# NixOS Configuration files:
|
||||
nixosConfigurations = {
|
||||
# Declare a generic configuration using the $hostname variable:
|
||||
${hostname} = lib.nixosSystem {
|
||||
inherit system;
|
||||
specialArgs = {
|
||||
inherit hostname;
|
||||
nixos-laptop = libx.nixosSystem { hostname = "nixos-laptop"; username = "albert"; desktop = "gnome"; };
|
||||
nixos-desktop = libx.nixosSystem { hostname = "nixos-desktop"; username = "albert"; desktop = "gnome"; };
|
||||
};
|
||||
homeConfigurations = {
|
||||
"albert@nixos-laptop" = libx.mkHome { hostname = "nixos-laptop"; username = "albert"; desktop = "gnome"; };
|
||||
"albert@nixos-desktop" = libx.mkHome { hostname = "nixos-desktop"; username = "albert"; desktop = "gnome"; };
|
||||
};
|
||||
};
|
||||
modules = [
|
||||
# Configuration Imports
|
||||
./configuration.nix # Common NixOS Configuration
|
||||
./hosts/${hostname} # Hardware-specific Configuration
|
||||
|
||||
# Flake Imports
|
||||
sops-nix.nixosModules.sops # Handle secrets
|
||||
lanzaboote.nixosModules.lanzaboote # SecureBoot Configuration
|
||||
nur.nixosModules.nur # NixOS User Repository
|
||||
# nixos-hardware.nixosModules.lenovo-thinkpad-p1 # Thinkpad P1 hardware configuration
|
||||
|
||||
# Home Manager settings
|
||||
home-manager.nixosModules.home-manager {
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
users.albert.imports = [
|
||||
({ config, ... }: import ./users/albert/home.nix {
|
||||
inherit config pkgs hostname hmStateVersion;
|
||||
})
|
||||
];
|
||||
users.root.imports = [
|
||||
({ config, ... }: import ./users/root/home.nix {
|
||||
inherit config pkgs hostname hmStateVersion;
|
||||
})
|
||||
];
|
||||
}; # home-manager
|
||||
nixpkgs.overlays = [
|
||||
nur.overlay
|
||||
];
|
||||
} # home-manager
|
||||
]; # modules
|
||||
}; # lib.nixosSystem - ${hostname}
|
||||
}; # nixosConfiguration
|
||||
}; # in
|
||||
}
|
||||
|
|
|
@ -1,13 +1,7 @@
|
|||
{ config, pkgs, ... }: {
|
||||
programs.git = {
|
||||
enable = true;
|
||||
userName = "albert";
|
||||
userEmail = "albert@sysctl.io";
|
||||
extraConfig = {
|
||||
core.askPass = "false";
|
||||
credential.helper = "cache --timeout=25920000";
|
||||
user.signingkey = "64F6C4EB46C4543A";
|
||||
commit.gpgsign = "true";
|
||||
alias.a = "add --all";
|
||||
alias.ai = "add -i";
|
||||
alias.ap = "apply";
|
|
@ -1,11 +1,19 @@
|
|||
{ config, pkgs, hostname, ... }: {
|
||||
{ config, pkgs, hostname, username, desktop, hmStateVersion, ... }: {
|
||||
imports = [
|
||||
./bash.nix
|
||||
./btop.nix
|
||||
./firefox.nix
|
||||
./git.nix
|
||||
./neovim.nix
|
||||
./neofetch.nix
|
||||
./kitty.nix
|
||||
];
|
||||
# Common app configs
|
||||
./common/software/cli/bash.nix
|
||||
./common/software/cli/btop.nix
|
||||
./common/software/cli/git.nix
|
||||
./common/software/cli/kitty.nix
|
||||
./common/software/cli/neofetch.nix
|
||||
./common/software/cli/neovim.nix
|
||||
|
||||
# User configs
|
||||
./users/${username}
|
||||
]
|
||||
++ lib.optional (builtins.isString.desktop) [
|
||||
./common/software/gui/firefox.nix
|
||||
./common/software/gui/thunderbird.nix
|
||||
./hosts/${hostname}/desktops/${desktop}
|
||||
]
|
||||
}
|
|
@ -1,12 +1,16 @@
|
|||
{ config, pkgs, hostname, hmStateVersion, ... }: {
|
||||
home.stateVersion = "${hmStateVersion}";
|
||||
imports = [
|
||||
# Host specific Configs:
|
||||
../../hosts/${hostname}/home-manager
|
||||
home.stateVersion = hmStateVersion;
|
||||
|
||||
# Universal Configs:
|
||||
../../home-manager
|
||||
];
|
||||
programs.git = {
|
||||
userName = "albert";
|
||||
userEmail = "albert@sysctl.io";
|
||||
extraConfig = {
|
||||
core.askPass = "false";
|
||||
credential.helper = "cache --timeout=25920000";
|
||||
user.signingkey = "64F6C4EB46C4543A";
|
||||
commit.gpgsign = "true";
|
||||
};
|
||||
}
|
||||
|
||||
accounts = {
|
||||
email = {
|
|
@ -1,7 +0,0 @@
|
|||
{ imports, ... }: {
|
||||
imports = [
|
||||
# imports.nixos-hardware.nixosModules.lenovo-thinkpad-p1
|
||||
./nixos
|
||||
# home-manager is imported from users/user/home.nix
|
||||
];
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
{ config, pkgs, hostname, ... }: {
|
||||
imports = [
|
||||
# ./hyprland
|
||||
./gnome
|
||||
];
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
{ config, pkgs, hostname, ... }: {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./configuration.nix
|
||||
];
|
||||
}
|
|
@ -1,39 +0,0 @@
|
|||
{ config, lib, pkgs, modulesPath, ... }: {
|
||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "thunderbolt" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" "acpi_call" ];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call ];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-label/ROOT";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" ];
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."DISK".device = "/dev/nvme0n1p1";
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-label/BOOT";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
# Enable Swap on LUKS
|
||||
boot.initrd.luks.devices."SWAP" = {
|
||||
device = "/dev/nvme0n1p2";
|
||||
keyFile = "/crypto_keyfile.bin";
|
||||
};
|
||||
|
||||
# Set up the keyfile
|
||||
boot.initrd.secrets."/crypto_keyfile.bin" = null;
|
||||
# Hibernation resume device
|
||||
boot.resumeDevice = "/dev/disk/by-label/SWAP";
|
||||
# Confirm the swap devices
|
||||
swapDevices = [ { device = "/dev/disk/by-label/SWAP"; } ];
|
||||
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -117,21 +117,16 @@
|
|||
# Gnome relevant packages
|
||||
gnome3.gnome-tweaks
|
||||
papirus-icon-theme
|
||||
|
||||
# General packages
|
||||
# https://github.com/gvolpe/dconf2nix
|
||||
dconf2nix
|
||||
dconf2nix # https://github.com/gvolpe/dconf2nix
|
||||
];
|
||||
|
||||
imports = [
|
||||
# Gnome Themes
|
||||
./gnome/themes/gruvbox.nix
|
||||
./gnome/themes/tokyo-night.nix
|
||||
./gnome/themes/nordic.nix
|
||||
./gnome/themes/vimix.nix
|
||||
./gnome/themes/fluent.nix
|
||||
./themes/gruvbox.nix
|
||||
./themes/tokyo-night.nix
|
||||
./themes/nordic.nix
|
||||
./themes/vimix.nix
|
||||
./themes/fluent.nix
|
||||
# You may need to edit which theme you're using in dconf.nix if you remove themes
|
||||
];
|
||||
# Idea... Move these to a separate file and tie it into dconf
|
||||
# sections that load the theme automatically when I want it.
|
||||
}
|
|
@ -11,7 +11,6 @@
|
|||
enable = true;
|
||||
allowedTCPPorts = [ ];
|
||||
allowedUDPPorts = [ ];
|
||||
interfaces.tailscale0.allowedTCPPorts = [ 22 ];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, ... }: {
|
||||
{ ... }: {
|
||||
# Enable flakes: https://nixos.wiki/wiki/Flakes
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
3
nixos/common/services/fwupd.nix
Normal file
3
nixos/common/services/fwupd.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
_: {
|
||||
services.fwupd.enable = true;
|
||||
}
|
5
nixos/common/services/tailscale.nix
Normal file
5
nixos/common/services/tailscale.nix
Normal file
|
@ -0,0 +1,5 @@
|
|||
{ config, pkgs, ... }: {
|
||||
# Enable tailscale and open port 22 on it
|
||||
services = { tailscale.enable = true; };
|
||||
firewall.interfaces.tailscale0.allowedTCPPorts = [ 22 ];
|
||||
}
|
56
nixos/default.nix
Normal file
56
nixos/default.nix
Normal file
|
@ -0,0 +1,56 @@
|
|||
{ lib, config, pkgs, hostname, stateVersion, username, desktop, ... }: {
|
||||
imports = [
|
||||
# Services
|
||||
./common/services/openssh.nix
|
||||
./common/services/promtail.nix
|
||||
./common/services/fail2ban.nix
|
||||
./common/services/telegraf.nix
|
||||
./common/services/tailscale.nix
|
||||
./common/services/fwupd.nix
|
||||
|
||||
# Modules
|
||||
./common/modules/fonts.nix # Font Configs
|
||||
./common/modules/networking.nix # Initial Networking configs
|
||||
./common/modules/nixos.nix # NixOS related items
|
||||
|
||||
./users/${username}
|
||||
./hosts/${hostname}
|
||||
] ++ lib.optional (builtins.isString desktop) ./common/desktops/${desktop};
|
||||
|
||||
# List packages installed in system profile
|
||||
environment.systemPackages = with pkgs; [
|
||||
sbctl
|
||||
powerline-go
|
||||
wget
|
||||
killall
|
||||
curl
|
||||
glxinfo
|
||||
neofetch
|
||||
rsync
|
||||
gnupg
|
||||
git
|
||||
duf
|
||||
du-dust
|
||||
home-manager
|
||||
btop
|
||||
iftop
|
||||
nload
|
||||
iotop
|
||||
];
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
i18n.extraLocaleSettings = {
|
||||
LC_ADDRESS = "en_US.UTF-8";
|
||||
LC_IDENTIFICATION = "en_US.UTF-8";
|
||||
LC_MEASUREMENT = "en_US.UTF-8";
|
||||
LC_MONETARY = "en_US.UTF-8";
|
||||
LC_NAME = "en_US.UTF-8";
|
||||
LC_NUMERIC = "en_US.UTF-8";
|
||||
LC_PAPER = "en_US.UTF-8";
|
||||
LC_TELEPHONE = "en_US.UTF-8";
|
||||
LC_TIME = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
system.stateVersion = stateVersion;
|
||||
}
|
|
@ -1,14 +1,45 @@
|
|||
{ lib, config, pkgs, ... }: {
|
||||
|
||||
{ config, lib, pkgs, modulesPath, desktop, username ... }: {
|
||||
imports = [
|
||||
# Desktop Environments
|
||||
../../../desktops/common.nix
|
||||
# ../../../desktops/hyprland.nix
|
||||
../../../desktops/gnome.nix
|
||||
# Power Mamagement
|
||||
../../../modules/powertop.nix
|
||||
../../common/services/powertop.nix # PowerTop
|
||||
../../common/modules/secureboot.nix # SecureBoot
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "thunderbolt" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" "acpi_call" ];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call ];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-label/ROOT";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" ];
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."DISK".device = "/dev/nvme0n1p1";
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-label/BOOT";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
# Enable Swap on LUKS
|
||||
boot.initrd.luks.devices."SWAP" = {
|
||||
device = "/dev/nvme0n1p2";
|
||||
keyFile = "/crypto_keyfile.bin";
|
||||
};
|
||||
|
||||
# Set up the keyfile
|
||||
boot.initrd.secrets."/crypto_keyfile.bin" = null;
|
||||
# Hibernation resume device
|
||||
boot.resumeDevice = "/dev/disk/by-label/SWAP";
|
||||
# Confirm the swap devices
|
||||
swapDevices = [ { device = "/dev/disk/by-label/SWAP"; } ];
|
||||
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Asia/Tokyo";
|
||||
|
||||
|
@ -44,9 +75,9 @@
|
|||
dynamicBoost.enable = true;
|
||||
# nvidiaPersistenced = false;
|
||||
package = config.boot.kernelPackages.nvidiaPackages.latest;
|
||||
# powerManagement.finegrained = true;
|
||||
# powerManagement.enable = true;
|
||||
# modesetting.enable = true;
|
||||
powerManagement.finegrained = true;
|
||||
powerManagement.enable = true;
|
||||
modesetting.enable = true;
|
||||
prime = {
|
||||
reverseSync.enable = true;
|
||||
sync.enable = false;
|
||||
|
@ -71,8 +102,10 @@
|
|||
nvtop-nvidia
|
||||
# Game related things
|
||||
gamemode
|
||||
# WINE
|
||||
wineWowPackages.stable
|
||||
winetricks
|
||||
wineWowPackages.waylandFull
|
||||
];
|
||||
|
||||
}
|
12
nixos/users/albert/default.nix
Normal file
12
nixos/users/albert/default.nix
Normal file
|
@ -0,0 +1,12 @@
|
|||
{ config, desktop, lib, pkgs, ... }: {
|
||||
# Define a user account.
|
||||
imports = [ ] ++ lib.optional (builtins.isString desktop) ./desktop.nix;
|
||||
users.users.albert = {
|
||||
isNormalUser = true;
|
||||
description = "Albert J. Copeland";
|
||||
# video is required for the "light" command to work
|
||||
extraGroups = [ "networkmanager" "wheel" ] ++ ifExists [ "video" ];
|
||||
hashedPassword = "$y$j9T$wKLsIWaA4Gf63RvjedwLJ0$EHKL6BBJV0CAxEKcHHjaBqW085KJ/MGvmbyWzmcWOy6";
|
||||
packages = [ pkgs.home-manager ];
|
||||
};
|
||||
}
|
14
nixos/users/albert/desktop.nix
Normal file
14
nixos/users/albert/desktop.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ lib, pkgs, desktop, ... }: {
|
||||
environment.systemPackages = with pkgs; [
|
||||
firefox
|
||||
thunderbird
|
||||
bitwarden
|
||||
steam
|
||||
lutris
|
||||
vlc
|
||||
];
|
||||
|
||||
imports = [
|
||||
../../common/software/gui/firefox.nix
|
||||
];
|
||||
}
|
20
shell.nix
20
shell.nix
|
@ -11,26 +11,6 @@ mkShell {
|
|||
"${toString ./.}/keys/hosts"
|
||||
"${toString ./.}/keys/users"
|
||||
];
|
||||
# Also single files can be imported.
|
||||
#sopsPGPKeys = [
|
||||
# "${toString ./.}/keys/users/mic92.asc"
|
||||
# "${toString ./.}/keys/hosts/server01.asc"
|
||||
#];
|
||||
|
||||
# This hook can also import gpg keys into its own seperate
|
||||
# gpg keyring instead of using the default one. This allows
|
||||
# to isolate otherwise unrelated server keys from the user gpg keychain.
|
||||
# By uncommenting the following lines, it will set GNUPGHOME
|
||||
# to .git/gnupg.
|
||||
# Storing it inside .git prevents accedentially commiting private keys.
|
||||
# After setting this option you will also need to import your own
|
||||
# private key into keyring, i.e. using a a command like this
|
||||
# (replacing 0000000000000000000000000000000000000000 with your fingerprint)
|
||||
# $ (unset GNUPGHOME; gpg --armor --export-secret-key 0000000000000000000000000000000000000000) | gpg --import
|
||||
#sopsCreateGPGHome = true;
|
||||
# To use a different directory for gpg dirs set sopsGPGHome
|
||||
#sopsGPGHome = "${toString ./.}/../gnupg";
|
||||
|
||||
nativeBuildInputs = [
|
||||
(pkgs.callPackage sops-nix {}).sops-import-keys-hook
|
||||
];
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
{ config, pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [
|
||||
weechat
|
||||
weechatScripts.weechat-matrix
|
||||
];
|
||||
}
|
|
@ -1,10 +0,0 @@
|
|||
{ config, pkgs, hostname, hmStateVersion, ... }: {
|
||||
home.stateVersion = "${hmStateVersion}";
|
||||
imports = [
|
||||
# Host specific Configs:
|
||||
# ../../hosts/${hostname}/home-manager
|
||||
|
||||
# Universal Configs:
|
||||
../../home-manager
|
||||
];
|
||||
}
|
Loading…
Reference in a new issue