Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

restructured repo to support nix-darwin

Browse source
This commit is contained in:
Leyla Becker 2024-11-25 16:58:12 -06:00
parent 3924a5aa8d
commit 0d0443a02a
47 changed files with 111 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

1
configurations/darwin/hesperium/default.nix Normal file
View file

@ -0,0 +1 @@
{...}: {}

11
configurations/home-manager/default.nix Normal file
View file

@ -0,0 +1,11 @@
{
lib,
config,
...
}: let
users = config.host.users;
in {
leyla = lib.mkIf users.leyla.isNormalUser (import ./leyla);
ester = lib.mkIf users.ester.isNormalUser (import ./ester);
eve = lib.mkIf users.eve.isNormalUser (import ./eve);
}

78
configurations/home-manager/ester/default.nix Normal file
View file

@ -0,0 +1,78 @@
{
pkgs,
lib,
osConfig,
...
}: let
userConfig = osConfig.host.users.ester;
in {
imports = [];
config = {
home = {
username = userConfig.name;
homeDirectory = osConfig.users.users.ester.home;
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
stateVersion = "23.11"; # Please read the comment before changing.
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
keyboard.layout = "it,us";
# Home Manager can also manage your environment variables through
# 'home.sessionVariables'. If you don't want to manage your shell through Home
# Manager then you have to manually source 'hm-session-vars.sh' located at
# either
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/ester/etc/profile.d/hm-session-vars.sh
#
sessionVariables = {
# EDITOR = "emacs";
};
packages = lib.lists.optionals userConfig.isDesktopUser (
with pkgs; [
# helvetica font
aileron
firefox
bitwarden
discord
]
);
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
};
};
}

75
configurations/home-manager/eve/default.nix Normal file
View file

@ -0,0 +1,75 @@
{
pkgs,
lib,
osConfig,
...
}: let
userConfig = osConfig.host.users.eve;
in {
imports = [];
config = {
home = {
username = userConfig.name;
homeDirectory = osConfig.users.users.eve.home;
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
stateVersion = "23.11"; # Please read the comment before changing.
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
# Home Manager can also manage your environment variables through
# 'home.sessionVariables'. If you don't want to manage your shell through Home
# Manager then you have to manually source 'hm-session-vars.sh' located at
# either
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/leyla/etc/profile.d/hm-session-vars.sh
#
sessionVariables = {
# EDITOR = "emacs";
};
packages = lib.lists.optionals userConfig.isDesktopUser (
with pkgs; [
firefox
bitwarden
discord
makemkv
signal-desktop
]
);
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
};
};
}

149
configurations/home-manager/leyla/default.nix Normal file
View file

@ -0,0 +1,149 @@
{
pkgs,
osConfig,
...
}: {
imports = [
./i18n.nix
./packages.nix
];
config = {
# Home Manager needs a bit of information about you and the paths it should
# manage.
home = {
username = osConfig.host.users.leyla.name;
homeDirectory = osConfig.users.users.leyla.home;
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
stateVersion = "23.11"; # Please read the comment before changing.
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
".config/user-dirs.dirs" = {
force = true;
text = ''
# This file is written by xdg-user-dirs-update
# If you want to change or add directories, just edit the line you're
# interested in. All local changes will be retained on the next run.
# Format is XDG_xxx_DIR="$HOME/yyy", where yyy is a shell-escaped
# homedir-relative path, or XDG_xxx_DIR="/yyy", where /yyy is an
# absolute path. No other format is supported.
#
XDG_DESKTOP_DIR="$HOME/desktop"
XDG_DOWNLOAD_DIR="$HOME/downloads"
XDG_DOCUMENTS_DIR="$HOME/documents"
XDG_TEMPLATES_DIR="$HOME/documents/templates"
XDG_MUSIC_DIR="$HOME/documents/music"
XDG_PICTURES_DIR="$HOME/documents/photos"
XDG_VIDEOS_DIR="$HOME/documents/videos"
XDG_PUBLICSHARE_DIR="$HOME/documents/public"
'';
};
};
keyboard.layout = "us,it,de";
# Home Manager can also manage your environment variables through
# 'home.sessionVariables'. If you don't want to manage your shell through Home
# Manager then you have to manually source 'hm-session-vars.sh' located at
# either
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/leyla/etc/profile.d/hm-session-vars.sh
#
sessionVariables = {
# EDITOR = "emacs";
};
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
# set up git defaults
git = {
enable = true;
userName = "Leyla Becker";
userEmail = "git@jan-leila.com";
extraConfig.init.defaultBranch = "main";
};
# add direnv to auto load flakes for development
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
config = {
global.hide_env_diff = true;
whitelist.exact = ["/home/leyla/documents/code/nix-config"];
};
};
bash.enable = true;
};
dconf = {
enable = true;
settings = {
"org/gnome/desktop/interface".color-scheme = "prefer-dark";
"org/gnome/shell" = {
disable-user-extensions = false; # enables user extensions
enabled-extensions = [
# Put UUIDs of extensions that you want to enable here.
# If the extension you want to enable is packaged in nixpkgs,
# you can easily get its UUID by accessing its extensionUuid
# field (look at the following example).
pkgs.gnomeExtensions.dash-to-dock.extensionUuid
# Alternatively, you can manually pass UUID as a string.
# "dash-to-dock@micxgx.gmail.com"
];
};
"org/gnome/shell/extensions/dash-to-dock" = {
"dock-position" = "LEFT";
"intellihide-mode" = "ALL_WINDOWS";
"show-trash" = false;
"require-pressure-to-show" = false;
"show-mounts" = false;
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"
];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "<Super>t";
command = "kgx";
name = "Open Terminal";
};
};
};
};
}

339
configurations/home-manager/leyla/firefox.nix Normal file
View file

@ -0,0 +1,339 @@
{
lib,
pkgs,
inputs,
...
}: {
programs.firefox = {
enable = true;
profiles.leyla = {
settings = {
"browser.search.defaultenginename" = "Searx";
"browser.search.order.1" = "Searx";
};
search = {
force = true;
default = "Searx";
engines = {
"Nix Packages" = {
urls = [
{
template = "https://search.nixos.org/packages";
params = [
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"];
};
"NixOS Wiki" = {
urls = [{template = "https://nixos.wiki/index.php?search={searchTerms}";}];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@nw"];
};
"Searx" = {
urls = [{template = "https://search.jan-leila.com/?q={searchTerms}";}];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@searx"];
};
};
};
extensions = with inputs.firefox-addons.packages.${pkgs.system}; [
bitwarden
terms-of-service-didnt-read
multi-account-containers
shinigami-eyes
ublock-origin
sponsorblock
dearrow
df-youtube
return-youtube-dislikes
privacy-badger
decentraleyes
clearurls
localcdn
snowflake
deutsch-de-language-pack
dictionary-german
# (
# buildFirefoxXpiAddon rec {
# pname = "italiano-it-language-pack";
# version = "132.0.20241110.231641";
# addonId = "langpack-it@firefox.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/4392453/italiano_it_language_pack-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Firefox Language Pack for Italiano (it) Italian";
# license = licenses.mpl20;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
# (
# buildFirefoxXpiAddon rec {
# pname = "dizionario-italiano";
# version = "5.1";
# addonId = "it-IT@dictionaries.addons.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/1163874/dizionario_italiano-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Add support for Italian to spellchecking";
# license = licenses.gpl3;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
];
settings = {
# Disable irritating first-run stuff
"browser.disableResetPrompt" = true;
"browser.download.panel.shown" = true;
"browser.feeds.showFirstRunUI" = false;
"browser.messaging-system.whatsNewPanel.enabled" = false;
"browser.rights.3.shown" = true;
"browser.shell.checkDefaultBrowser" = false;
"browser.shell.defaultBrowserCheckCount" = 1;
"browser.startup.homepage_override.mstone" = "ignore";
"browser.uitour.enabled" = false;
"startup.homepage_override_url" = "";
"trailhead.firstrun.didSeeAboutWelcome" = true;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.bookmarks.addedImportButton" = true;
# Usage Experiance
"browser.startup.homepage" = "about:home";
"browser.download.useDownloadDir" = false;
"browser.uiCustomization.state" = builtins.toJSON {
"currentVersion" = 20;
"newElementCount" = 6;
"dirtyAreaCache" = [
"nav-bar"
"PersonalToolbar"
"toolbar-menubar"
"TabsToolbar"
"unified-extensions-area"
"vertical-tabs"
];
"placements" = {
"widget-overflow-fixed-list" = [];
"unified-extensions-area" = [
"privacy_privacy_com-browser-action"
# bitwarden
"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"
"ublock0_raymondhill_net-browser-action"
"sponsorblocker_ajay_app-browser-action"
"dearrow_ajay_app-browser-action"
"jid1-mnnxcxisbpnsxq_jetpack-browser-action"
"_testpilot-containers-browser-action"
"addon_simplelogin-browser-action"
"_74145f27-f039-47ce-a470-a662b129930a_-browser-action"
"jid1-bofifl9vbdl2zq_jetpack-browser-action"
"dfyoutube_example_com-browser-action"
"_b86e4813-687a-43e6-ab65-0bde4ab75758_-browser-action"
"_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action"
"_b11bea1f-a888-4332-8d8a-cec2be7d24b9_-browse-action"
"jid0-3guet1r69sqnsrca5p8kx9ezc3u_jetpack-browser-action"
];
"nav-bar" = [
"back-button"
"forward-button"
"stop-reload-button"
"urlbar-container"
"downloads-button"
"unified-extensions-button"
"reset-pbm-toolbar-button"
];
"toolbar-menubar" = [
"menubar-items"
];
"TabsToolbar" = [
"firefox-view-button"
"tabbrowser-tabs"
"new-tab-button"
"alltabs-button"
];
"vertical-tabs" = [];
"PersonalToolbar" = [
"import-button"
"personal-bookmarks"
];
};
"seen" = [
"save-to-pocket-button"
"developer-button"
"privacy_privacy_com-browser-action"
"sponsorblocker_ajay_app-browser-action"
"ublock0_raymondhill_net-browser-action"
"addon_simplelogin-browser-action"
"dearrow_ajay_app-browser-action"
"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"
"_74145f27-f039-47ce-a470-a662b129930a_-browser-action"
"jid1-bofifl9vbdl2zq_jetpack-browser-action"
"dfyoutube_example_com-browser-action"
"_testpilot-containers-browser-action"
"_b86e4813-687a-43e6-ab65-0bde4ab75758_-browser-action"
"jid1-mnnxcxisbpnsxq_jetpack-browser-action"
"_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action"
"_b11bea1f-a888-4332-8d8a-cec2be7d24b9_-browser-action"
"jid0-3guet1r69sqnsrca5p8kx9ezc3u_jetpack-browser-action"
];
};
"browser.newtabpage.activity-stream.feeds.topsites" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts" = false;
"browser.newtabpage.blocked" = lib.genAttrs [
# Facebook
"4gPpjkxgZzXPVtuEoAL9Ig=="
# Reddit
"gLv0ja2RYVgxKdp0I5qwvA=="
# Amazon
"K00ILysCaEq8+bEqV/3nuw=="
# Twitter
"T9nJot5PurhJSy8n038xGA=="
] (_: 1);
"identity.fxaccounts.enabled" = false;
# Security
"privacy.trackingprotection.enabled" = true;
"dom.security.https_only_mode" = true;
"extensions.formautofill.addresses.enabled" = false;
"extensions.formautofill.creditCards.enabled" = false;
"signon.rememberSignons" = false;
"privacy.sanitize.sanitizeOnShutdown" = true;
"privacy.clearOnShutdown_v2.cache" = true;
"privacy.clearOnShutdown_v2.cookiesAndStorage" = true;
"privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = true;
"urlclassifier.trackingSkipURLs" = "";
"urlclassifier.features.socialtracking.skipURLs" = "";
"dom.security.https_only_mode_pbm" = true;
"dom.security.https_only_mode_error_page_user_suggestions" = true;
# Disable telemetry
"app.shield.optoutstudies.enabled" = false;
"browser.discovery.enabled" = false;
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.ping-centre.telemetry" = false;
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"devtools.onboarding.telemetry.logged" = false;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
};
bookmarks = [
{
name = "Media";
url = "https://jellyfin.jan-leila.com/";
# url = "https://media.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Drive";
url = "https://drive.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Git";
url = "https://git.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Home Automation";
url = "https://home-assistant.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Mail";
url = "https://mail.protonmail.com";
keyword = "";
tags = [""];
}
{
name = "Open Street Map";
url = "https://www.openstreetmap.org/";
keyword = "";
tags = [""];
}
{
name = "Password Manager";
url = "https://vault.bitwarden.com/";
keyword = "";
tags = [""];
}
{
name = "Mastodon";
url = "https://mspsocial.net";
keyword = "";
tags = [""];
}
{
name = "Linked In";
url = "https://www.linkedin.com/";
keyword = "";
tags = [""];
}
{
name = "Job Search";
url = "https://www.jobsinnetwork.com/?state=cleaned_history&language%5B%5D=en&query=react&locations.countryCode%5B%5D=IT&locations.countryCode%5B%5D=DE&locations.countryCode%5B%5D=NL&experience%5B%5D=medior&experience%5B%5D=junior&page=1";
keyword = "";
tags = [""];
}
{
name = "React Docs";
url = "https://react.dev/";
keyword = "";
tags = [""];
}
# Template
# {
# name = "";
# url = "";
# keyword = "";
# tags = [""];
# }
];
};
};
}

12
configurations/home-manager/leyla/i18n.nix Normal file
View file

@ -0,0 +1,12 @@
{...}: {
i18n = {
defaultLocale = "en_IE.UTF-8";
extraLocaleSettings = {
# LC_ADDRESS = "en_IE.UTF-8"; # lets just get used to this one now
# LC_TELEPHONE = "en_IE.UTF-8"; # lets just get used to this one now
LC_MONETARY = "en_US.UTF-8"; # to be changed once I move
LC_PAPER = "en_US.UTF-8"; # convenient for american printers until I move
};
};
}

86
configurations/home-manager/leyla/packages.nix Normal file
View file

@ -0,0 +1,86 @@
{
lib,
osConfig,
pkgs,
...
}: let
userConfig = osConfig.host.users.leyla;
hardware = osConfig.host.hardware;
in {
imports = [
./vscode.nix
./firefox.nix
];
home = {
packages =
lib.lists.optionals userConfig.isTerminalUser (
with pkgs; [
# command line tools
yt-dlp
ffmpeg
imagemagick
]
)
++ (
lib.lists.optionals userConfig.isDesktopUser (
with pkgs; [
# helvetica font
aileron
gnomeExtensions.dash-to-dock
#foss platforms
signal-desktop
bitwarden
ungoogled-chromium
libreoffice
inkscape
gimp
krita
freecad
# cura
# kicad-small
makemkv
transmission_4-gtk
onionshare
easytag
# rhythmbox
(lib.mkIf hardware.graphicsAcceleration.enable obs-studio)
# wireshark
# rpi-imager
# fritzing
mfoc
# proprietary platforms
discord
obsidian
steam
(lib.mkIf hardware.graphicsAcceleration.enable davinci-resolve)
anki-bin
# development tools
androidStudioPackages.canary
jetbrains.idea-community
dbeaver-bin
bruno
qFlipper
proxmark3
godot_4-mono
# system tools
protonvpn-gui
openvpn
nextcloud-client
noisetorch
# hardware managment tools
(lib.mkIf hardware.piperMouse.enable piper)
(lib.mkIf hardware.openRGB.enable openrgb)
(lib.mkIf hardware.viaKeyboard.enable via)
]
)
);
};
}

102
configurations/home-manager/leyla/vscode.nix Normal file
View file

@ -0,0 +1,102 @@
{
lib,
pkgs,
inputs,
osConfig,
...
}: let
nix-development-enabled = osConfig.host.nix-development.enable;
in {
nixpkgs = {
overlays = [
inputs.nix-vscode-extensions.overlays.default
];
};
programs = {
bash.shellAliases = {
code = "codium";
};
vscode = let
extensions = inputs.nix-vscode-extensions.extensions.${pkgs.system};
open-vsx = extensions.open-vsx;
vscode-marketplace = extensions.vscode-marketplace;
in {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
userSettings = lib.mkMerge [
{
"workbench.colorTheme" = "Atom One Dark";
"cSpell.userWords" = [
"webdav"
];
}
(lib.mkIf nix-development-enabled {
"nix.enableLanguageServer" = true;
"nix.serverPath" = "nil";
"[nix]" = {
"editor.defaultFormatter" = "kamadorueda.alejandra";
"editor.formatOnPaste" = true;
"editor.formatOnSave" = true;
"editor.formatOnType" = true;
};
"alejandra.program" = "alejandra";
"nixpkgs" = {
"expr" = "import <nixpkgs> {}";
};
})
];
extensions = (
with open-vsx;
[
# vs code feel extensions
ms-vscode.atom-keybindings
akamud.vscode-theme-onedark
streetsidesoftware.code-spell-checker
streetsidesoftware.code-spell-checker-german
streetsidesoftware.code-spell-checker-italian
jeanp413.open-remote-ssh
# html extensions
formulahendry.auto-rename-tag
ms-vscode.live-server
# js extensions
dsznajder.es7-react-js-snippets
dbaeumer.vscode-eslint
standard.vscode-standard
firsttris.vscode-jest-runner
stylelint.vscode-stylelint
tauri-apps.tauri-vscode
# astro blog extensions
astro-build.astro-vscode
unifiedjs.vscode-mdx
# misc extensions
bungcip.better-toml
]
++ (lib.lists.optionals nix-development-enabled [
# nix extensions
pinage404.nix-extension-pack
jnoortheen.nix-ide
kamadorueda.alejandra
])
++ (
with vscode-marketplace; [
# js extensions
karyfoundation.nearley
]
)
);
};
};
}

101
configurations/home-manager/leyla/vscode/default.nix Normal file
View file

@ -0,0 +1,101 @@
{
lib,
pkgs,
inputs,
osConfig,
...
}: let
nix-development-enabled = osConfig.host.nix-development.enable;
in {
nixpkgs = {
overlays = [
inputs.nix-vscode-extensions.overlays.default
];
};
programs = {
bash.shellAliases = {
code = "codium";
};
vscode = let
extensions = inputs.nix-vscode-extensions.extensions.${pkgs.system};
open-vsx = extensions.open-vsx;
vscode-marketplace = extensions.vscode-marketplace;
in {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
userSettings = lib.mkMerge [
{
"workbench.colorTheme" = "Atom One Dark";
"cSpell.language" = "en,de-DE,it";
"cSpell.userWords" = import ./user-words.nix;
}
(lib.mkIf nix-development-enabled {
"nix.enableLanguageServer" = true;
"nix.serverPath" = "nil";
"[nix]" = {
"editor.defaultFormatter" = "kamadorueda.alejandra";
"editor.formatOnPaste" = true;
"editor.formatOnSave" = true;
"editor.formatOnType" = true;
};
"alejandra.program" = "alejandra";
"nixpkgs" = {
"expr" = "import <nixpkgs> {}";
};
})
];
extensions = (
with open-vsx;
[
# vs code feel extensions
ms-vscode.atom-keybindings
akamud.vscode-theme-onedark
streetsidesoftware.code-spell-checker
streetsidesoftware.code-spell-checker-german
streetsidesoftware.code-spell-checker-italian
jeanp413.open-remote-ssh
# html extensions
formulahendry.auto-rename-tag
ms-vscode.live-server
# js extensions
dsznajder.es7-react-js-snippets
dbaeumer.vscode-eslint
standard.vscode-standard
firsttris.vscode-jest-runner
stylelint.vscode-stylelint
tauri-apps.tauri-vscode
# astro blog extensions
astro-build.astro-vscode
unifiedjs.vscode-mdx
# misc extensions
bungcip.better-toml
]
++ (lib.lists.optionals nix-development-enabled [
# nix extensions
pinage404.nix-extension-pack
jnoortheen.nix-ide
kamadorueda.alejandra
])
++ (
with vscode-marketplace; [
# js extensions
karyfoundation.nearley
]
)
);
};
};
}

3
configurations/home-manager/leyla/vscode/user-words.nix Normal file
View file

@ -0,0 +1,3 @@
[
"leyla"
]

90
configurations/nixos/defiant/configuration.nix Normal file
View file

@ -0,0 +1,90 @@
# server nas
{
inputs,
pkgs,
...
}: {
imports = [
inputs.disko.nixosModules.disko
./services.nix
];
nixpkgs.config.allowUnfree = true;
host = {
users = {
leyla = {
isDesktopUser = true;
isTerminalUser = true;
isPrincipleUser = true;
};
ester.isNormalUser = false;
eve.isNormalUser = false;
};
};
boot.loader.grub = {
enable = true;
zfsSupport = true;
efiSupport = true;
efiInstallAsRemovable = true;
};
apps = {
base_domain = "jan-leila.com";
macvlan = {
subnet = "192.168.1.0/24";
gateway = "192.168.1.1";
networkInterface = "bond0";
};
pihole = {
image = "pihole/pihole:2024.07.0";
ip = "192.168.1.201";
};
headscale = {
subdomain = "vpn";
};
jellyfin = {
subdomain = "media";
};
forgejo = {
subdomain = "git";
};
nextcloud = {
subdomain = "drive";
};
};
services = {
zfs = {
autoScrub.enable = true;
autoSnapshot.enable = true;
};
# temp enable desktop enviroment for setup
# Enable the X11 windowing system.
xserver = {
enable = true;
# Enable the GNOME Desktop Environment.
displayManager = {
gdm.enable = true;
};
desktopManager = {
gnome.enable = true;
xterm.enable = false;
};
# Get rid of xTerm
excludePackages = [pkgs.xterm];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

8
configurations/nixos/defiant/default.nix Normal file
View file

@ -0,0 +1,8 @@
# server nas
{...}: {
imports = [
./configuration.nix
./disko-config.nix
./hardware-configuration.nix
];
}

141
configurations/nixos/defiant/disko-config.nix Normal file
View file

@ -0,0 +1,141 @@
{...}: let
bootDisk = devicePath: {
type = "disk";
device = devicePath;
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
};
};
};
zfsDisk = devicePath: {
type = "disk";
device = devicePath;
content = {
type = "gpt";
partitions = {
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "rpool";
};
};
};
};
};
# cacheDisk = devicePath: swapSize: {
# type = "disk";
# device = devicePath;
# content = {
# type = "gpt";
# partitions = {
# encryptedSwap = {
# size = swapSize;
# content = {
# type = "swap";
# randomEncryption = true;
# discardPolicy = "both";
# resumeDevice = true;
# };
# };
# zfs = {
# size = "100%";
# content = {
# type = "zfs";
# pool = "rpool";
# };
# };
# };
# };
# };
in {
disko.devices = {
disk = {
boot = bootDisk "/dev/disk/by-path/pci-0000:23:00.3-usb-0:1:1.0-scsi-0:0:0:0";
hd_13_tb_a = zfsDisk "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTCXVEB";
hd_13_tb_b = zfsDisk "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTCXWSC";
hd_13_tb_c = zfsDisk "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTD10EH";
# ssd_2_tb_a = cacheDisk "64G" "/dev/disk/by-id/XXX";
};
zpool = {
rpool = {
type = "zpool";
mode = {
topology = {
type = "topology";
vdev = [
{
# should this only mirror for this inital config with 3 drives we will used raidz2 for future configs???
mode = "mirror";
members = [
"hd_13_tb_a"
"hd_13_tb_b"
"hd_13_tb_c"
];
}
];
cache = [];
# cache = [ "ssd_2_tb_a" ];z
};
};
options = {
ashift = "12";
};
rootFsOptions = {
# encryption = "on";
# keyformat = "hex";
# keylocation = "prompt";
compression = "lz4";
xattr = "sa";
acltype = "posixacl";
canmount = "off";
"com.sun:auto-snapshot" = "false";
};
datasets = {
root = {
type = "zfs_fs";
mountpoint = "/";
options.mountpoint = "legacy";
postCreateHook = "zfs snapshot rpool/root@blank";
};
home = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/home";
postCreateHook = "zfs snapshot rpool/home@blank";
};
nix = {
type = "zfs_fs";
mountpoint = "/nix";
};
persistent = {
type = "zfs_fs";
mountpoint = "/persistent";
options = {
"com.sun:auto-snapshot" = "true";
};
};
};
};
};
};
}

194
configurations/nixos/defiant/hardware-configuration.nix Normal file
View file

@ -0,0 +1,194 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
security.sudo.extraConfig = "Defaults lecture=never";
boot = {
initrd = {
availableKernelModules = ["xhci_pci" "aacraid" "ahci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
# TODO: figure out some kind of snapshotting before rollbacks
# postDeviceCommands = lib.mkAfter ''
# zfs rollback -r rpool/root@blank
# zfs rollback -r rpool/home@blank
# '';
# systemd = {
# enable = lib.mkDefault true;
# services.rollback = {
# description = "Rollback root filesystem to a pristine state on boot";
# wantedBy = [
# "zfs.target"
# "initrd.target"
# ];
# after = [
# "zfs-import-rpool.service"
# ];
# before = [
# "sysroot.mount"
# "fs.target"
# ];
# path = with pkgs; [
# zfs
# ];
# unitConfig.DefaultDependencies = "no";
# # serviceConfig = {
# # Type = "oneshot";
# # ExecStart =
# # "${config.boot.zfs.package}/sbin/zfs rollback -r rpool/home@blank";
# # };
# serviceConfig.Type = "oneshot";
# script = ''
# zfs list -t snapshot || echo
# zfs rollback -r rpool/root@blank
# zfs rollback -r rpool/home@blank
# '';
# };
# };
};
kernelModules = ["kvm-amd"];
kernelParams = ["quiet"];
extraModulePackages = [];
supportedFilesystems = ["zfs"];
zfs.extraPools = ["rpool"];
};
swapDevices = [];
# fileSystems = {
# "/" = {
# neededForBoot = true;
# };
# "/home" = {
# neededForBoot = true;
# };
# "/persistent" = {
# neededForBoot = true;
# };
# };
networking = {
hostId = "c51763d6";
hostName = "defiant"; # Define your hostname.
useNetworkd = true;
};
# environment.persistence."/persistent" = {
# enable = true;
# hideMounts = true;
# directories = [
# # "/run/secrets"
# "/etc/ssh"
# "/var/log"
# "/var/lib/nixos"
# "/var/lib/systemd/coredump"
# # config.apps.pihole.directory.root
# # config.apps.jellyfin.mediaDirectory
# # config.services.jellyfin.configDir
# # config.services.jellyfin.cacheDir
# # config.services.jellyfin.dataDir
# # "/var/hass" # config.users.users.hass.home
# # "/var/postgresql" # config.users.users.postgresql.home
# # "/var/forgejo" # config.users.users.forgejo.home
# # "/var/nextcloud" # config.users.users.nextcloud.home
# # "/var/headscale" # config.users.users.headscale.home
# ];
# files = [
# "/etc/machine-id"
# # config.environment.sessionVariables.SOPS_AGE_KEY_FILE
# ];
# users.leyla = {
# directories = [
# "documents"
# ".ssh"
# ];
# files = [];
# };
# };
# systemd.services = {
# # https://github.com/openzfs/zfs/issues/10891
# systemd-udev-settle.enable = false;
# # Snapshots are not accessible on boot for some reason this should fix it
# # https://github.com/NixOS/nixpkgs/issues/257505
# zfs-mount = {
# serviceConfig = {
# # ExecStart = [ "${lib.getExe' pkgs.util-linux "mount"} -a -t zfs -o remount" ];
# ExecStart = [
# "${lib.getExe' pkgs.util-linux "mount"} -t zfs rpool/root -o remount"
# "${lib.getExe' pkgs.util-linux "mount"} -t zfs rpool/home -o remount"
# "${lib.getExe' pkgs.util-linux "mount"} -t zfs rpool/persistent -o remount"
# ];
# };
# };
# };
systemd.network = {
enable = true;
netdevs = {
"10-bond0" = {
netdevConfig = {
Kind = "bond";
Name = "bond0";
};
bondConfig = {
Mode = "802.3ad";
TransmitHashPolicy = "layer3+4";
};
};
};
networks = {
"30-enp4s0" = {
matchConfig.Name = "enp4s0";
networkConfig.Bond = "bond0";
DHCP = "no";
};
"30-enp5s0" = {
matchConfig.Name = "enp5s0";
networkConfig.Bond = "bond0";
DHCP = "no";
};
"40-bond0" = {
matchConfig.Name = "bond0";
linkConfig.RequiredForOnline = "carrier";
networkConfig.LinkLocalAddressing = "no";
DHCP = "ipv4";
address = [
# configure addresses including subnet mask
"192.168.1.10/24"
# TODO: ipv6 address configuration
];
};
};
};
networking.networkmanager.enable = true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = {
# TODO: hardware graphics
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
}

453
configurations/nixos/defiant/services.nix Normal file
View file

@ -0,0 +1,453 @@
{
lib,
config,
pkgs,
inputs,
...
}: let
jellyfinPort = 8096;
nfsPort = 2049;
dnsPort = 53;
httpPort = 80;
httpsPort = 443;
isDebug = false;
in {
imports = [];
options = {
apps = {
base_domain = lib.mkOption {
type = lib.types.str;
};
macvlan = {
subnet = lib.mkOption {
type = lib.types.str;
description = "Subnet for macvlan address range";
};
gateway = lib.mkOption {
type = lib.types.str;
description = "Gateway for macvlan";
# TODO: see if we can default this to systemd network gateway
};
networkInterface = lib.mkOption {
type = lib.types.str;
description = "Parent network interface for macvlan";
# TODO: see if we can default this some interface?
};
};
pihole = {
image = lib.mkOption {
type = lib.types.str;
description = "container image to use for pi-hole";
};
# TODO: check against subnet for macvlan
ip = lib.mkOption {
type = lib.types.str;
description = "ip address to use for pi-hole";
};
directory = {
root = lib.mkOption {
type = lib.types.str;
description = "directory that pihole will be hosted at";
default = "/var/lib/pihole";
};
data = lib.mkOption {
type = lib.types.str;
description = "directory that pihole data will be hosted at";
default = "${config.apps.pihole.directory.root}/data";
};
};
};
headscale = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that headscale will be hosted at";
default = "headscale";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that headscale will be hosted at";
default = "${config.apps.headscale.subdomain}.${config.apps.base_domain}";
};
};
jellyfin = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that jellyfin will be hosted at";
default = "jellyfin";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that jellyfin will be hosted at";
default = "${config.apps.jellyfin.subdomain}.${config.apps.base_domain}";
};
mediaDirectory = lib.mkOption {
type = lib.types.str;
description = "directory that jellyfin will be at";
default = "/home/jellyfin";
};
};
forgejo = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that forgejo will be hosted at";
default = "forgejo";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that forgejo will be hosted at";
default = "${config.apps.forgejo.subdomain}.${config.apps.base_domain}";
};
};
home-assistant = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that home-assistant will be hosted at";
default = "home-assistant";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that home-assistant will be hosted at";
default = "${config.apps.home-assistant.subdomain}.${config.apps.base_domain}";
};
};
searx = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that searx will be hosted at";
default = "search";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that searx will be hosted at";
default = "${config.apps.searx.subdomain}.${config.apps.base_domain}";
};
};
nextcloud = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that nextcloud will be hosted at";
default = "nextcloud";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that nextcloud will be hosted at";
default = "${config.apps.nextcloud.subdomain}.${config.apps.base_domain}";
};
};
};
};
config = {
sops.secrets = {
"services/pi-hole" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
};
"services/searx" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
};
"services/nextcloud_adminpass" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
owner = config.users.users.nextcloud.name;
};
};
virtualisation = {
# Runtime
podman = {
enable = true;
autoPrune.enable = true;
dockerCompat = true;
defaultNetwork.settings = {
# Required for container networking to be able to use names.
dns_enabled = true;
};
};
oci-containers = {
backend = "podman";
containers = {
pihole = let
passwordFileLocation = "/var/lib/pihole/webpassword.txt";
in {
image = config.apps.pihole.image;
volumes = [
"${config.apps.pihole.directory.data}:/etc/pihole:rw"
"${config.sops.secrets."services/pi-hole".path}:${passwordFileLocation}"
];
environment = {
TZ = "America/Chicago";
WEBPASSWORD_FILE = passwordFileLocation;
PIHOLE_UID = toString config.users.users.pihole.uid;
PIHOLE_GID = toString config.users.groups.pihole.gid;
};
log-driver = "journald";
extraOptions = [
"--ip=${config.apps.pihole.ip}"
"--network=macvlan"
];
};
};
};
};
# TODO: dynamic users
systemd = {
tmpfiles.rules = [
"d ${config.apps.jellyfin.mediaDirectory} 2775 jellyfin jellyfin_media -" # is /home/docker/jellyfin/media on existing server
"d ${config.apps.pihole.directory.root} 755 pihole pihole -" # is /home/docker/pihole on old system
"d ${config.apps.pihole.directory.data} 755 pihole pihole -" # is /home/docker/pihole on old system
];
services = {
"podman-pihole" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-macvlan.service"
];
requires = [
"podman-network-macvlan.service"
];
partOf = [
"podman-compose-root.target"
];
wantedBy = [
"podman-compose-root.target"
];
};
"podman-network-macvlan" = {
path = [pkgs.podman];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "podman network rm -f macvlan";
};
script = ''
podman network inspect macvlan || podman network create --driver macvlan --subnet ${config.apps.macvlan.subnet} --gateway ${config.apps.macvlan.gateway} --opt parent=${config.apps.macvlan.networkInterface} macvlan
'';
partOf = ["podman-compose-root.target"];
wantedBy = ["podman-compose-root.target"];
};
# nextcloud-setup = {
# after = ["network.target"];
# };
headscale = {
after = ["postgresql.service"];
requires = ["postgresql.service"];
};
};
# disable computer sleeping
targets = {
sleep.enable = false;
suspend.enable = false;
hibernate.enable = false;
hybrid-sleep.enable = false;
# Root service
# When started, this will automatically create all resources and start
# the containers. When stopped, this will teardown all resources.
"podman-compose-root" = {
unitConfig = {
Description = "Root target for podman targets.";
};
wantedBy = ["multi-user.target"];
};
};
};
services = {
# DNS stub needs to be disabled so pi hole can bind
# resolved.extraConfig = "DNSStubListener=no";
nfs.server = {
enable = true;
exports = ''
/home/leyla 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/eve 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/ester 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/users 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
'';
};
postgresql = {
enable = true;
ensureUsers = [
{
name = "postgres";
}
{
name = "forgejo";
ensureDBOwnership = true;
}
{
name = "headscale";
ensureDBOwnership = true;
}
];
ensureDatabases = [
"forgejo"
"headscale"
# "nextcloud"
];
identMap = ''
# ArbitraryMapName systemUser DBUser
# Administration Users
superuser_map postgres postgres
superuser_map root postgres
superuser_map leyla postgres
# Client Users
superuser_map forgejo forgejo
superuser_map headscale headscale
'';
# configuration here lets users access the db that matches their name and lets user postgres access everything
authentication = pkgs.lib.mkOverride 10 ''
# type database DBuser origin-address auth-method optional_ident_map
local all postgres peer map=superuser_map
local sameuser all peer map=superuser_map
'';
};
headscale = {
enable = true;
user = "headscale";
group = "headscale";
address = "0.0.0.0";
port = 8080;
settings = {
server_url = "https://${config.apps.headscale.hostname}";
dns.base_domain = "clients.${config.apps.headscale.hostname}";
logtail.enabled = true;
database = {
type = "postgres";
postgres = {
host = "/run/postgresql";
port = config.services.postgresql.settings.port;
user = "headscale";
name = "headscale";
};
};
};
};
jellyfin = {
enable = true;
};
forgejo = {
enable = true;
database = {
type = "postgres";
socket = "/run/postgresql";
};
lfs.enable = true;
settings = {
server = {
DOMAIN = config.apps.forgejo.hostname;
HTTP_PORT = 8081;
};
};
};
home-assistant = {
enable = true;
config.http = {
server_port = 8082;
use_x_forwarded_for = true;
trusted_proxies = ["127.0.0.1"];
ip_ban_enabled = true;
login_attempts_threshold = 10;
};
};
searx = {
enable = true;
environmentFile = config.sops.secrets."services/searx".path;
settings = {
server = {
port = 8083;
secret_key = "@SEARXNG_SECRET@";
};
};
};
# nextcloud here is built using its auto setup mysql db because it was not playing nice with postgres
nextcloud = {
enable = true;
package = pkgs.nextcloud30;
hostName = config.apps.nextcloud.hostname;
config = {
adminpassFile = config.sops.secrets."services/nextcloud_adminpass".path;
};
};
nginx = {
enable = true;
virtualHosts = {
${config.apps.headscale.hostname} = {
# forceSSL = true;
# enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
};
${config.apps.jellyfin.hostname} = {
# forceSSL = true;
# enableACME = true;
locations."/".proxyPass = "http://localhost:${toString jellyfinPort}";
};
${config.apps.forgejo.hostname} = {
# forceSSL = true;
# enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";
};
${config.apps.home-assistant.hostname} = {
# forceSSL = true;
# enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.home-assistant.config.http.server_port}";
};
${config.apps.searx.hostname} = {
# forceSSL = true;
# enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.searx.settings.server.port}";
};
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = "jan-leila@protonmail.com";
};
networking.firewall.allowedTCPPorts =
[
httpPort
httpsPort
dnsPort
nfsPort
]
++ (lib.optional isDebug [
jellyfinPort
config.services.headscale.port
config.services.forgejo.settings.server.HTTP_PORT
config.services.home-assistant.config.http.server_port
config.services.postgresql.settings.port
config.services.searx.settings.server.port
]);
environment.systemPackages = [
config.services.headscale.package
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
};
}

46
configurations/nixos/horizon/configuration.nix Normal file
View file

@ -0,0 +1,46 @@
{inputs, ...}: {
imports = [
inputs.nixos-hardware.nixosModules.framework-11th-gen-intel
];
nixpkgs.config.allowUnfree = true;
host = {
users = {
leyla = {
isDesktopUser = true;
isTerminalUser = true;
isPrincipleUser = true;
};
ester.isDesktopUser = true;
eve.isDesktopUser = true;
};
};
# enabled virtualisation for docker
# virtualisation.docker = {
# enable = true;
# rootless = {
# enable = true;
# setSocketVariable = true;
# };
# };
# users.extraGroups.docker.members = ["leyla"];
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

7
configurations/nixos/horizon/default.nix Normal file
View file

@ -0,0 +1,7 @@
# leyla laptop
{...}: {
imports = [
./configuration.nix
./hardware-configuration.nix
];
}

107
configurations/nixos/horizon/hardware-configuration.nix Normal file
View file

@ -0,0 +1,107 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-intel" "sg"];
extraModulePackages = [];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/866d422b-f816-4ad9-9846-791839cb9337";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/E138-65B5";
fsType = "vfat";
};
"/mnt/leyla_home" = {
device = "defiant:/home/leyla";
fsType = "nfs";
options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/eve_home" = {
device = "defiant:/home/eve";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/ester_home" = {
device = "defiant:/home/ester";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/users_home" = {
device = "defiant:/home/users";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/legacy_leyla_home" = {
device = "server.arpa:/home/leyla";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/legacy_share_home" = {
device = "server.arpa:/home/share";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/legacy_docker_home" = {
device = "server.arpa:/home/docker";
fsType = "nfs";
options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
};
};
environment.systemPackages = with pkgs; [
cachefilesd
];
services.cachefilesd.enable = true;
swapDevices = [
{device = "/dev/disk/by-uuid/be98e952-a072-4c3a-8c12-69500b5a2fff";}
];
networking = {
networkmanager.enable = true;
useDHCP = lib.mkDefault true;
hostName = "horizon"; # Define your hostname.
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware = {
graphics.enable = true;
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
}

233
configurations/nixos/twilight/configuration.nix Normal file
View file

@ -0,0 +1,233 @@
{pkgs, ...}: {
nixpkgs.config.allowUnfree = true;
host = {
users = {
leyla = {
isDesktopUser = true;
isTerminalUser = true;
isPrincipleUser = true;
};
ester.isDesktopUser = true;
eve.isDesktopUser = true;
};
hardware = {
piperMouse.enable = true;
viaKeyboard.enable = true;
openRGB.enable = true;
graphicsAcceleration.enable = true;
};
};
systemd.tmpfiles.rules = [
"L+ /run/gdm/.config/monitors.xml - - - - ${pkgs.writeText "gdm-monitors.xml" ''
<monitors version="2">
<configuration>
<logicalmonitor>
<x>0</x>
<y>156</y>
<scale>1</scale>
<monitor>
<monitorspec>
<connector>DP-4</connector>
<vendor>DEL</vendor>
<product>DELL U2719D</product>
<serial>8RGXNS2</serial>
</monitorspec>
<mode>
<width>2560</width>
<height>1440</height>
<rate>59.951</rate>
</mode>
</monitor>
</logicalmonitor>
<logicalmonitor>
<x>2560</x>
<y>324</y>
<scale>1</scale>
<primary>yes</primary>
<monitor>
<monitorspec>
<connector>DP-2</connector>
<vendor>GSM</vendor>
<product>LG ULTRAGEAR</product>
<serial>0x00068c96</serial>
</monitorspec>
<mode>
<width>1920</width>
<height>1080</height>
<rate>240.001</rate>
</mode>
</monitor>
</logicalmonitor>
<logicalmonitor>
<x>4480</x>
<y>0</y>
<scale>1</scale>
<transform>
<rotation>left</rotation>
<flipped>no</flipped>
</transform>
<monitor>
<monitorspec>
<connector>HDMI-0</connector>
<vendor>HWP</vendor>
<product>HP w2207</product>
<serial>CND7332S88</serial>
</monitorspec>
<mode>
<width>1600</width>
<height>1000</height>
<rate>59.999</rate>
</mode>
</monitor>
</logicalmonitor>
</configuration>
<configuration>
<logicalmonitor>
<x>0</x>
<y>0</y>
<scale>1</scale>
<primary>yes</primary>
<monitor>
<monitorspec>
<connector>DP-1</connector>
<vendor>DEL</vendor>
<product>DELL U2719D</product>
<serial>8RGXNS2</serial>
</monitorspec>
<mode>
<width>2560</width>
<height>1440</height>
<rate>59.951</rate>
</mode>
</monitor>
</logicalmonitor>
<logicalmonitor>
<x>4480</x>
<y>226</y>
<scale>1</scale>
<transform>
<rotation>left</rotation>
<flipped>no</flipped>
</transform>
<monitor>
<monitorspec>
<connector>HDMI-1</connector>
<vendor>HWP</vendor>
<product>HP w2207</product>
<serial>CND7332S88</serial>
</monitorspec>
<mode>
<width>1680</width>
<height>1050</height>
<rate>59.954</rate>
</mode>
</monitor>
</logicalmonitor>
<logicalmonitor>
<x>2560</x>
<y>226</y>
<scale>1</scale>
<monitor>
<monitorspec>
<connector>DP-2</connector>
<vendor>GSM</vendor>
<product>LG ULTRAGEAR</product>
<serial>0x00068c96</serial>
</monitorspec>
<mode>
<width>1920</width>
<height>1080</height>
<rate>240.001</rate>
</mode>
</monitor>
</logicalmonitor>
</configuration>
<configuration>
<logicalmonitor>
<x>2560</x>
<y>228</y>
<scale>1</scale>
<primary>yes</primary>
<monitor>
<monitorspec>
<connector>DP-2</connector>
<vendor>GSM</vendor>
<product>LG ULTRAGEAR</product>
<serial>0x00068c96</serial>
</monitorspec>
<mode>
<width>1920</width>
<height>1080</height>
<rate>240.001</rate>
</mode>
</monitor>
</logicalmonitor>
<logicalmonitor>
<x>4480</x>
<y>69</y>
<scale>1</scale>
<transform>
<rotation>left</rotation>
<flipped>no</flipped>
</transform>
<monitor>
<monitorspec>
<connector>HDMI-1</connector>
<vendor>HWP</vendor>
<product>HP w2207</product>
<serial>CND7332S88</serial>
</monitorspec>
<mode>
<width>1680</width>
<height>1050</height>
<rate>59.954</rate>
</mode>
</monitor>
</logicalmonitor>
<logicalmonitor>
<x>0</x>
<y>0</y>
<scale>1</scale>
<monitor>
<monitorspec>
<connector>DP-3</connector>
<vendor>DEL</vendor>
<product>DELL U2719D</product>
<serial>8RGXNS2</serial>
</monitorspec>
<mode>
<width>2560</width>
<height>1440</height>
<rate>59.951</rate>
</mode>
</monitor>
</logicalmonitor>
<disabled>
<monitorspec>
<connector>None-1</connector>
<vendor>unknown</vendor>
<product>unknown</product>
<serial>unknown</serial>
</monitorspec>
</disabled>
</configuration>
</monitors>
''}"
];
# enabled virtualisation for docker
# virtualisation.docker.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

7
configurations/nixos/twilight/default.nix Normal file
View file

@ -0,0 +1,7 @@
# leyla desktop
{...}: {
imports = [
./configuration.nix
./hardware-configuration.nix
];
}

125
configurations/nixos/twilight/hardware-configuration.nix Normal file
View file

@ -0,0 +1,125 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd" "sg"];
extraModulePackages = [];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
services.xserver = {
# Load nvidia driver for Xorg and Wayland
videoDrivers = ["nvidia"];
# Use X instead of wayland for gaming reasons
displayManager.gdm.wayland = false;
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/8be49c65-2b57-48f1-b74d-244d26061adb";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/3006-3867";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
"/mnt/leyla_home" = {
device = "server.arpa:/home/leyla";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/share_home" = {
device = "server.arpa:/home/share";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/docker_home" = {
device = "server.arpa:/home/docker";
fsType = "nfs";
options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
};
};
environment.systemPackages = with pkgs; [
cachefilesd
];
swapDevices = [];
networking = {
networkmanager.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = lib.mkDefault true;
hostName = "twilight"; # Define your hostname.
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = {
# Enable OpenGL
graphics.enable = true;
# install graphics drivers
nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
# Enable this if you have graphical corruption issues or application crashes after waking
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
# of just the bare essentials.
powerManagement.enable = false;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting.
open = false;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.production;
};
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
}