vinzenz/nixos-configuration
0
0
Fork 0
mirror of https://github.com/kaesaecracker/nixos-configuration.git synced 2025-01-18 18:40:14 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

restructure user management

Browse source
This commit is contained in:
Vinzenz Schroeter 2023-09-24 12:39:28 +02:00
parent 3a9a7242fc
commit ddb7df4a4e
16 changed files with 482 additions and 481 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
hetzner-vpn1.nix
View file

@ -7,8 +7,12 @@
]; ];
config = { config = {
my.server.enable = true; my = {
enabledUsers = ["vinzenz"];
server.enable = true;
};
# TODO change to user "vinzenz" when tested
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf''
]; ];

3
modules/default.nix
View file

@ -5,10 +5,11 @@ modulesCfg: {lib, ...}: {
./nixpkgs.nix ./nixpkgs.nix
./globalinstalls.nix ./globalinstalls.nix
./server.nix ./server.nix
./desktop
] ]
++ (map (path: (import path modulesCfg)) [ ++ (map (path: (import path modulesCfg)) [
./desktop
./hardware ./hardware
./users
]); ]);
config = { config = {

31
modules/desktop/default.nix
View file

@ -1,25 +1,16 @@
modulesCfg: { {
config, config,
pkgs, pkgs,
lib, lib,
... ...
}: let }: let
enableHomeManager = modulesCfg.enableHomeManager;
cfg = config.my.desktop; cfg = config.my.desktop;
in { in {
imports = imports = [
[ ./gnome.nix
./gnome.nix ./kde.nix
./kde.nix ./gaming.nix
./vinzenz.nix ];
./ronja.nix
./gaming.nix
]
++ lib.optionals enableHomeManager [
<home-manager/nixos>
];
options.my.modulesCfg.enableHomeManager = lib.mkEnableOption "enable home manager";
options.my.desktop.enable = lib.mkEnableOption "desktop"; options.my.desktop.enable = lib.mkEnableOption "desktop";
@ -57,6 +48,7 @@ in {
}; };
programs = { programs = {
git.package = pkgs.gitFull;
steam = { steam = {
enable = true; enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
@ -96,15 +88,6 @@ in {
''; '';
}; };
programs = {
zsh.enable = true;
git = {
enable = true;
package = pkgs.gitFull;
};
};
environment = { environment = {
pathsToLink = ["/share/zsh"]; pathsToLink = ["/share/zsh"];

101
modules/desktop/gnome.nix
View file

@ -4,60 +4,63 @@
lib, lib,
... ...
}: let }: let
desktopCfg = config.my.desktop; isEnabled = config.my.desktop.enableGnome;
isEnabled = desktopCfg.enableGnome; enableHomeManager = config.my.modulesCfg.enableHomeManager;
applyGnomeUserSettings = {
home.packages = with pkgs; [
gnome.gpaste
amberol
];
dconf.settings = {
"org/gnome/desktop/peripherals/keyboard" = {
numlock-state = true;
};
};
};
in { in {
options.my.desktop.enableGnome = lib.mkEnableOption "gnome desktop"; options.my.desktop.enableGnome = lib.mkEnableOption "gnome desktop";
config = lib.mkIf isEnabled { config = lib.mkMerge [
my.desktop.enable = true; (lib.mkIf isEnabled {
my.desktop.enable = true;
services = { services = {
xserver = { xserver = {
# Enable the GNOME Desktop Environment. # Enable the GNOME Desktop Environment.
displayManager.gdm.enable = true; displayManager.gdm.enable = true;
desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;
};
gnome = {
tracker-miners.enable = false;
tracker.enable = false;
};
}; };
gnome = { programs.gpaste.enable = true;
tracker-miners.enable = false;
tracker.enable = false; environment = {
systemPackages = with pkgs; [
gnomeExtensions.gsconnect
];
# remove some gnome default apps
gnome.excludePackages = with pkgs.gnome; [
cheese # photo booth
epiphany # web browser
evince # document viewer
geary # email client
seahorse # password manager
gnome-clocks
gnome-maps
gnome-weather
gnome-music
pkgs.gnome-connections
];
}; };
}; })
(lib.mkIf (isEnabled && enableHomeManager) {
environment.systemPackages = with pkgs; [ home-manager.sharedModules = [
gnomeExtensions.gsconnect {
]; home.packages = with pkgs; [
amberol
# remove some gnome default apps ];
environment.gnome.excludePackages = with pkgs.gnome; [ dconf.settings = {
cheese # photo booth "org/gnome/desktop/peripherals/keyboard" = {
epiphany # web browser numlock-state = true;
evince # document viewer };
geary # email client };
seahorse # password manager }
gnome-clocks ];
gnome-maps })
gnome-weather ];
gnome-music
pkgs.gnome-connections
];
home-manager.users = {
vinzenz = lib.mkIf desktopCfg.vinzenz.enable applyGnomeUserSettings;
ronja = lib.mkIf desktopCfg.ronja.enable applyGnomeUserSettings;
};
};
} }

92
modules/desktop/kde.nix
View file

@ -4,62 +4,58 @@
lib, lib,
... ...
}: let }: let
desktopCfg = config.my.desktop; isEnabled = config.my.desktop.enableKde;
isEnabled = desktopCfg.enableKde; enableHomeManager = config.my.modulesCfg.enableHomeManager;
applyKdeUserSettings = {
home = {
packages = with pkgs; [
];
};
services.kdeconnect = {
enable = true;
indicator = true;
};
};
in { in {
options.my.desktop.enableKde = lib.mkEnableOption "KDE desktop"; options.my.desktop.enableKde = lib.mkEnableOption "KDE desktop";
config = lib.mkIf isEnabled { config = lib.mkMerge [
my.desktop.enable = true; (lib.mkIf isEnabled {
my.desktop.enable = true;
# flatpak xdg-portal-kde crashes, otherwise this would be global # flatpak xdg-portal-kde crashes, otherwise this would be global
services.flatpak.enable = false; services.flatpak.enable = false;
services = { services = {
# Enable the KDE Plasma Desktop Environment. # Enable the KDE Plasma Desktop Environment.
xserver = { xserver = {
desktopManager.plasma5.enable = true; desktopManager.plasma5.enable = true;
displayManager = { displayManager = {
sddm.enable = true; sddm.enable = true;
defaultSession = "plasmawayland"; defaultSession = "plasmawayland";
};
}; };
}; };
};
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
libsForQt5.kate libsForQt5.kate
libsForQt5.kalk libsForQt5.kalk
];
plasma5.excludePackages = with pkgs.libsForQt5; [
elisa
gwenview
okular
khelpcenter
];
};
programs = {
dconf.enable = true;
partition-manager.enable = true;
};
})
(lib.mkIf (isEnabled && enableHomeManager) {
home-manager.sharedModules = [
{
services.kdeconnect = {
enable = true;
indicator = true;
};
}
]; ];
})
plasma5.excludePackages = with pkgs.libsForQt5; [ ];
elisa
gwenview
okular
khelpcenter
];
};
programs = {
dconf.enable = true;
partition-manager.enable = true;
};
home-manager.users = {
vinzenz = lib.mkIf desktopCfg.vinzenz.enable applyKdeUserSettings;
ronja = lib.mkIf desktopCfg.ronja.enable applyKdeUserSettings;
};
};
} }

109
modules/desktop/ronja.nix
View file

@ -1,109 +0,0 @@
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.my.desktop.ronja;
in {
options.my.desktop.ronja.enable = lib.mkEnableOption "user ronja";
config = lib.mkIf cfg.enable {
# Define user account
users.users.ronja = {
isNormalUser = true;
description = "Ronja Spiegelberg";
extraGroups = ["networkmanager" "wheel"];
shell = pkgs.zsh;
};
# home manager
home-manager.users.ronja = {
config,
pkgs,
...
}: {
home = {
username = "ronja";
homeDirectory = "/home/ronja";
stateVersion = "22.11";
sessionVariables = {
EDITOR = "nano";
};
packages = with pkgs; [
## Apps
telegram-desktop
kdiff3
];
file.".nanorc".text = ''
set linenumbers
set mouse
'';
};
programs = {
home-manager.enable = true;
firefox.enable = true;
command-not-found.enable = true;
dircolors.enable = true;
htop.enable = true;
zsh = {
enable = true;
enableSyntaxHighlighting = true;
enableAutosuggestions = true;
enableVteIntegration = true;
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
expireDuplicatesFirst = true;
};
oh-my-zsh = {
enable = true;
theme = "agnoster";
plugins = ["git" "sudo" "systemadmin"];
};
};
git = {
enable = true;
userName = "Ronja Spiegelberg";
userEmail = "ronja.spiegelberg@gmail.com";
extraConfig = {
pull.ff = "only";
init.defaultBranch = "main";
merge.tool = "kdiff3";
};
};
gh = {
enable = true;
enableGitCredentialHelper = true;
};
chromium = {
enable = true;
extensions = [
{
# ublock origin
id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";
}
{
id = "dcpihecpambacapedldabdbpakmachpb";
updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml";
}
];
};
};
};
};
}

223
modules/desktop/vinzenz.nix
View file

@ -1,223 +0,0 @@
{
config,
pkgs,
lib,
...
}: let
cfg = config.my.desktop.vinzenz;
in {
options.my.desktop.vinzenz.enable = lib.mkEnableOption "user vinzenz";
config = lib.mkIf cfg.enable {
# Define user account
users.users.vinzenz = {
isNormalUser = true;
description = "Vinzenz Schroeter";
extraGroups = ["networkmanager" "wheel"];
shell = pkgs.zsh;
};
# home manager
home-manager.users.vinzenz = {
config,
pkgs,
...
}: {
home = {
username = "vinzenz";
homeDirectory = "/home/vinzenz";
stateVersion = "22.11";
sessionVariables = {
EDITOR = "nano";
};
packages = with pkgs; [
keepassxc
insync
telegram-desktop
simple-scan
wireguard-tools
element-desktop
etcher
iotop
lsof
wirelesstools
thefuck
dotnet-sdk_7
jetbrains.rider
alejandra
arduino
uucp
screen
jetbrains.pycharm-professional
kdiff3
docker
youtube-music
];
file.".nanorc".text = ''
set linenumbers
set mouse
'';
};
programs = {
home-manager.enable = true;
firefox.enable = true;
command-not-found.enable = true;
dircolors.enable = true;
fzf.enable = true;
htop.enable = true;
mangohud.enable = true;
zsh = {
enable = true;
enableSyntaxHighlighting = true;
enableAutosuggestions = true;
enableVteIntegration = true;
initExtra = ''
eval "$(direnv hook zsh)";
eval $(thefuck --alias);
'';
shellAliases = {
my-apply = "sudo nixos-rebuild boot";
my-switch = "sudo nixos-rebuild switch";
my-update = "sudo nixos-rebuild boot --upgrade";
my-fmt = "alejandra .";
my-direnvallow = "echo \"use nix\" > .envrc && direnv allow";
my-ip4 = "ip addr show | grep 192";
};
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
expireDuplicatesFirst = true;
};
oh-my-zsh = {
enable = true;
theme = "agnoster";
plugins = ["git" "sudo" "docker" "systemadmin" "thefuck"];
};
};
git = {
enable = true;
userName = "Vinzenz Schroeter";
userEmail = "vinzenz.f.s@gmail.com";
aliases = {
prettylog = "log --pretty=oneline --graph";
};
extraConfig = {
pull.ff = "only";
init.defaultBranch = "main";
merge.tool = "kdiff3";
push.autoSetupRemote = "true";
};
};
gh = {
enable = true;
enableGitCredentialHelper = true;
};
vscode = {
enable = true;
package = pkgs.vscodium;
enableUpdateCheck = false;
extensions = with pkgs; [
vscode-extensions.bbenoist.nix
vscode-extensions.ms-python.python
vscode-extensions.kamadorueda.alejandra
];
userSettings = {
"git.autofetch" = true;
"update.mode" = "none";
"editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace";
"editor.fontLigatures" = true;
"editor.formatOnSave" = true;
"editor.formatOnSaveMode" = "modificationsIfAvailable";
"editor.minimap.autohide" = true;
"diffEditor.diffAlgorithm" = "advanced";
"explorer.excludeGitIgnore" = true;
"workbench.startupEditor" = "readme";
"markdown.extension.tableFormatter.normalizeIndentation" = true;
"markdown.extension.toc.orderedList" = false;
"telemetry.telemetryLevel" = "off";
"redhat.telemetry.enabled" = false;
"workbench.enableExperiments" = false;
};
};
direnv = {
enable = true;
nix-direnv.enable = true;
};
chromium = {
enable = true;
extensions = [
{
# ublock origin
id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";
}
{
id = "dcpihecpambacapedldabdbpakmachpb";
updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml";
}
];
};
exa = {
enable = true;
git = true;
icons = true;
enableAliases = true;
extraOptions = [
"--group-directories-first"
"--header"
];
};
micro = {
enable = true;
settings = {
colorcolumn = 120;
hlsearch = true;
savecursor = true;
saveundo = true;
scrollbar = true;
smartpaste = true;
};
};
# checked https://rycee.gitlab.io/home-manager/options.html until "programs.notmuch"
};
editorconfig = {
enable = true;
settings = {
"*" = {
charset = "utf-8";
end_of_line = "lf";
trim_trailing_whitespace = true;
insert_final_newline = true;
max_line_width = 120;
indent_style = "space";
indent_size = 4;
};
"*.nix" = {
indent_size = 2;
};
};
};
};
};
}

20
modules/globalinstalls.nix
View file

@ -1,10 +1,18 @@
{pkgs, ...}: { {pkgs, ...}: {
config = { config = {
environment.systemPackages = with pkgs; [ environment = {
pciutils pathsToLink = ["/share/zsh"];
ncdu systemPackages = with pkgs; [
htop pciutils
tldr ncdu
]; tldr
];
};
programs = {
git.enable = true;
zsh.enable = true;
htop.enable = true;
};
}; };
} }

5
modules/server.nix
View file

@ -23,11 +23,6 @@ in {
}; };
}; };
programs = {
git.enable = true;
zsh.enable = true;
};
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedTCPPortRanges = [ allowedTCPPortRanges = [

69
modules/users/default.nix Normal file
View file

@ -0,0 +1,69 @@
modulesCfg: {
config,
pkgs,
lib,
...
}: let
enableHomeManager = modulesCfg.enableHomeManager;
in {
options.my = {
modulesCfg.enableHomeManager = lib.mkEnableOption "enable home manager";
enabledUsers = lib.mkOption {
type = lib.types.listOf lib.types.str;
};
};
imports =
[
./vinzenz.nix
./ronja.nix
]
++ lib.optionals enableHomeManager [
<home-manager/nixos>
];
config = lib.mkIf enableHomeManager {
home-manager.sharedModules = [
# set stateVersion
{home.stateVersion = "22.11";}
# make nano the default editor
{
home = {
sessionVariables.EDITOR = "nano";
file.".nanorc".text = lib.mkDefault ''
set linenumbers
set mouse
'';
};
}
# command line niceness
{
programs = {
command-not-found.enable = true;
dircolors.enable = true;
zsh = {
enable = true;
enableSyntaxHighlighting = true;
enableAutosuggestions = true;
enableVteIntegration = true;
};
};
}
# common git config
{
programs = {
git = {
enable = true;
extraConfig.init.defaultBranch = "main";
};
gh = {
enable = true;
enableGitCredentialHelper = true;
};
};
}
];
};
}

55
modules/users/ronja-home.nix Normal file
View file

@ -0,0 +1,55 @@
{
config,
pkgs,
...
}: {
home .packages = with pkgs; [
## Apps
telegram-desktop
kdiff3
];
programs = {
home-manager.enable = true;
firefox.enable = true;
zsh = {
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
expireDuplicatesFirst = true;
};
oh-my-zsh = {
enable = true;
theme = "agnoster";
plugins = ["git" "sudo" "systemadmin"];
};
};
git = {
userName = "Ronja Spiegelberg";
userEmail = "ronja.spiegelberg@gmail.com";
extraConfig = {
pull.ff = "only";
merge.tool = "kdiff3";
};
};
chromium = {
enable = true;
extensions = [
{
# ublock origin
id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";
}
{
id = "dcpihecpambacapedldabdbpakmachpb";
updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml";
}
];
};
};
}

25
modules/users/ronja.nix Normal file
View file

@ -0,0 +1,25 @@
{
config,
pkgs,
lib,
...
}: let
isUserEnabled = builtins.elem "ronja" config.my.enabledUsers;
in {
config = lib.mkMerge [
(lib.mkIf isUserEnabled {
# Define user account
users.users.ronja = {
isNormalUser = true;
name = "ronja";
description = "Ronja Spiegelberg";
home = "/home/ronja";
extraGroups = ["networkmanager" "wheel" "games"];
shell = pkgs.zsh;
};
})
(lib.mkIf (isUserEnabled && config.my.modulesCfg.enableHomeManager) {
home-manager.users.ronja = import ./ronja-home.nix;
})
];
}

173
modules/users/vinzenz-home.nix Normal file
View file

@ -0,0 +1,173 @@
{
config,
pkgs,
...
}: {
home.packages = with pkgs; [
keepassxc
insync
telegram-desktop
simple-scan
wireguard-tools
element-desktop
etcher
iotop
lsof
wirelesstools
thefuck
dotnet-sdk_7
jetbrains.rider
alejandra
arduino
uucp
screen
jetbrains.pycharm-professional
kdiff3
docker
youtube-music
];
programs = {
home-manager.enable = true;
firefox.enable = true;
fzf.enable = true;
mangohud.enable = true;
zsh = {
initExtra = ''
eval "$(direnv hook zsh)";
eval $(thefuck --alias);
'';
shellAliases = {
my-apply = "sudo nixos-rebuild boot";
my-switch = "sudo nixos-rebuild switch";
my-update = "sudo nixos-rebuild boot --upgrade";
my-fmt = "alejandra .";
my-test = "sudo nixos-rebuild test";
my-direnvallow = "echo \"use nix\" > .envrc && direnv allow";
my-ip4 = "ip addr show | grep 192";
};
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
expireDuplicatesFirst = true;
};
oh-my-zsh = {
enable = true;
theme = "agnoster";
plugins = ["git" "sudo" "docker" "systemadmin" "thefuck"];
};
};
git = {
enable = true;
userName = "Vinzenz Schroeter";
userEmail = "vinzenz.f.s@gmail.com";
aliases = {
prettylog = "log --pretty=oneline --graph";
};
extraConfig = {
pull.ff = "only";
init.defaultBranch = "main";
merge.tool = "kdiff3";
push.autoSetupRemote = "true";
};
};
vscode = {
enable = true;
package = pkgs.vscodium;
enableUpdateCheck = false;
extensions = with pkgs; [
vscode-extensions.bbenoist.nix
vscode-extensions.ms-python.python
vscode-extensions.kamadorueda.alejandra
];
userSettings = {
"git.autofetch" = true;
"update.mode" = "none";
"editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace";
"editor.fontLigatures" = true;
"editor.formatOnSave" = true;
"editor.formatOnSaveMode" = "modificationsIfAvailable";
"editor.minimap.autohide" = true;
"diffEditor.diffAlgorithm" = "advanced";
"explorer.excludeGitIgnore" = true;
"workbench.startupEditor" = "readme";
"markdown.extension.tableFormatter.normalizeIndentation" = true;
"markdown.extension.toc.orderedList" = false;
"telemetry.telemetryLevel" = "off";
"redhat.telemetry.enabled" = false;
"workbench.enableExperiments" = false;
};
};
direnv = {
enable = true;
nix-direnv.enable = true;
};
chromium = {
enable = true;
extensions = [
{
# ublock origin
id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";
}
{
id = "dcpihecpambacapedldabdbpakmachpb";
updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml";
}
];
};
exa = {
enable = true;
git = true;
icons = true;
enableAliases = true;
extraOptions = [
"--group-directories-first"
"--header"
];
};
micro = {
enable = true;
settings = {
colorcolumn = 120;
hlsearch = true;
savecursor = true;
saveundo = true;
scrollbar = true;
smartpaste = true;
};
};
# checked https://rycee.gitlab.io/home-manager/options.html until "programs.notmuch"
};
editorconfig = {
enable = true;
settings = {
"*" = {
charset = "utf-8";
end_of_line = "lf";
trim_trailing_whitespace = true;
insert_final_newline = true;
max_line_width = 120;
indent_style = "space";
indent_size = 4;
};
"*.nix" = {
indent_size = 2;
};
};
};
}

24
modules/users/vinzenz.nix Normal file
View file

@ -0,0 +1,24 @@
{
config,
pkgs,
lib,
...
}: let
isUserEnabled = builtins.elem "vinzenz" config.my.enabledUsers;
in {
config = lib.mkMerge [
(lib.mkIf isUserEnabled {
users.users.vinzenz = {
isNormalUser = true;
name = "vinzenz";
description = "Vinzenz Schroeter";
home = "/home/vinzenz";
extraGroups = ["networkmanager" "wheel" "games"];
shell = pkgs.zsh;
};
})
(lib.mkIf (isUserEnabled && config.my.modulesCfg.enableHomeManager) {
home-manager.users.vinzenz = import ./vinzenz-home.nix;
})
];
}

11
vinzenz-lpt.nix
View file

@ -7,11 +7,12 @@
]; ];
config = { config = {
my.desktop = { my = {
enableGnome = true; enabledUsers = ["vinzenz"];
enableGaming = true; desktop = {
enableGnome = true;
vinzenz.enable = true; enableGaming = true;
};
}; };
# flatpak xdg-portal-kde crashes, otherwise this would be global # flatpak xdg-portal-kde crashes, otherwise this would be global

16
vinzenz-pc2.nix
View file

@ -7,16 +7,12 @@
]; ];
config = { config = {
my.desktop = { my = {
enableKde = true; enabledUsers = ["vinzenz" "ronja"];
enableGaming = true; desktop = {
enableKde = true;
vinzenz.enable = true; enableGaming = true;
ronja.enable = true; };
};
users.groups."games" = {
members = ["vinzenz" "ronja"];
}; };
users.users.vinzenz.openssh.authorizedKeys.keys = [ users.users.vinzenz.openssh.authorizedKeys.keys = [