diff --git a/flake.lock b/flake.lock index f53b1f6..44edeab 100644 --- a/flake.lock +++ b/flake.lock @@ -266,11 +266,11 @@ ] }, "locked": { - "lastModified": 1757763404, - "narHash": "sha256-a1h+58wDOtbQXrHoZwLwB7PhXwFhBXRHhNRhAQGq/oY=", + "lastModified": 1751117291, + "narHash": "sha256-iOeiPypZkl6uPL5mQ4aFG4wYVs9w9BJZ2/5XHlLgyIk=", "ref": "refs/heads/main", - "rev": "07a5fbca27ec941c841ad93f2ac65bc529225a51", - "revCount": 46, + "rev": "2a4818dc2158cbdad34a701ab12d0b1cf7f52c46", + "revCount": 45, "type": "git", "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git" }, @@ -290,11 +290,11 @@ ] }, "locked": { - "lastModified": 1757763091, - "narHash": "sha256-V3E6JKGzCrq5u+hp38sAdKv/EoxU+X0qfSoBIPxALi4=", + "lastModified": 1752323001, + "narHash": "sha256-YEcYegmlv12yN9VWrz2qt0nyL+9EeGIlrDvac8Pf7Cw=", "ref": "refs/heads/main", - "rev": "493b7b0343334019b372176f811a966839ba9aa5", - "revCount": 121, + "rev": "75a0ae7a59e687bea5f92791a2d64c048f35846d", + "revCount": 119, "type": "git", "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git" }, @@ -358,11 +358,11 @@ ] }, "locked": { - "lastModified": 1757847061, - "narHash": "sha256-YW8fpD35tD+1zTkxk0WhP7FJSL15JlFfG7tscgkdI+A=", + "lastModified": 1755431984, + "narHash": "sha256-iBgSdzkta6zQ2eIRWjmJTLZ3b1e1EZiCyCPcgCdqPGU=", "ref": "refs/heads/main", - "rev": "ddff8c9b206564dd9b9007e4e894afa6f7860fc8", - "revCount": 30, + "rev": "31abcb7a9583c4ed931f658eca3e3c1970e60814", + "revCount": 28, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, diff --git a/flake.nix b/flake.nix index 4d7ec50..c7e62e0 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,7 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; home-manager = { @@ -49,7 +50,7 @@ }; outputs = - { + inputs@{ self, nixpkgs, home-manager, @@ -58,74 +59,31 @@ nixpkgs-unstable, servicepoint-cli, servicepoint-simulator, + naersk, nix-vscode-extensions, ... }: let devices = { - vinzenz-lpt2 = { - system = "x86_64-linux"; - additional-modules = [ - self.nixosModules.user-vinzenz - - self.nixosModules.gnome - self.nixosModules.wine-gaming - self.nixosModules.steam - self.nixosModules.printing - self.nixosModules.podman - self.nixosModules.vinzenz-desktop-settings - self.nixosModules.intel-graphics - ]; - home-manager-users = { - inherit (self.homeConfigurations) vinzenz; - }; - }; - vinzenz-pc2 = { - system = "x86_64-linux"; - additional-modules = [ - self.nixosModules.user-vinzenz - self.nixosModules.user-ronja - - self.nixosModules.gnome - self.nixosModules.wine-gaming - self.nixosModules.steam - self.nixosModules.printing - self.nixosModules.podman - self.nixosModules.vinzenz-desktop-settings - self.nixosModules.amd-graphics - ]; - home-manager-users = { - inherit (self.homeConfigurations) vinzenz ronja; - }; - }; - ronja-pc = { - system = "x86_64-linux"; - additional-modules = [ - self.nixosModules.user-ronja - - self.nixosModules.gnome - self.nixosModules.steam - self.nixosModules.wine-gaming - self.nixosModules.vinzenz-desktop-settings - ]; - home-manager-users = { - inherit (self.homeConfigurations) ronja; - }; - }; - hetzner-vpn2 = { - system = "aarch64-linux"; - }; - forgejo-runner-1 = { - system = "aarch64-linux"; - additional-modules = [ self.nixosModules.podman ]; - }; + vinzenz-lpt2 = "x86_64-linux"; + vinzenz-pc2 = "x86_64-linux"; + ronja-pc = "x86_64-linux"; + hetzner-vpn2 = "aarch64-linux"; + forgejo-runner-1 = "aarch64-linux"; }; - inherit (nixpkgs) lib; - forDevice = f: lib.mapAttrs (device: value: f (value // { inherit device; })) devices; - supported-systems = lib.attrsets.mapAttrsToList (k: v: v.system) devices; + homeDevices = [ + "vinzenz-lpt2" + "vinzenz-pc2" + "ronja-pc" + ]; + forDevice = f: nixpkgs.lib.mapAttrs f devices; + supported-systems = [ + "x86_64-linux" + "aarch64-linux" + ]; forAllSystems = f: - lib.genAttrs supported-systems ( + nixpkgs.lib.genAttrs supported-systems ( system: f rec { inherit system; @@ -133,141 +91,67 @@ } ); in - { - lib = { - importDir = - dir: - (lib.attrsets.mapAttrs' ( - m: _: - lib.attrsets.nameValuePair (lib.strings.removeSuffix ".nix" m) { imports = [ "${dir}/${m}" ]; } - ) (builtins.readDir dir)); - }; - - overlays = { - unstable-packages = final: prev: { - unstable = import nixpkgs-unstable { - inherit (prev) system config; - }; - }; - }; - - nixosModules = (self.lib.importDir ./nixosModules) // { - niri = { - imports = [ niri.nixosModules.niri ]; - nixpkgs.overlays = [ niri.overlays.niri ]; - }; - pkgs-unstable = { - nixpkgs.overlays = [ self.overlays.unstable-packages ]; - }; - pkgs-vscode-extensions = { - nixpkgs.overlays = [ nix-vscode-extensions.overlays.default ]; - }; - # required modules to use other modules, should not do anything on their own - default = { - imports = [ self.nixosModules.allowed-unfree-list ]; - }; - }; - - homeModules = self.lib.importDir ./homeModules; - homeConfigurations = self.lib.importDir ./homeConfigurations; - - formatter = forAllSystems ({ pkgs, ... }: pkgs.nixfmt-tree); - + rec { nixosConfigurations = forDevice ( - { - device, - system, - home-manager-users ? { }, - additional-modules ? [ ], - }: + device: system: let specialArgs = { - inherit device; + inherit inputs device; }; in nixpkgs.lib.nixosSystem { inherit system specialArgs; modules = [ - { - networking.hostName = device; - nixpkgs = { - inherit system; - hostPlatform = lib.mkDefault system; - }; - system = { - stateVersion = "22.11"; - autoUpgrade.flake = "git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git"; - }; + { networking.hostName = device; } + ./modules/globalinstalls.nix + ./modules/networking.nix + ./modules/nixpkgs.nix + ./modules/lix.nix + + ./hosts/${device}/hardware.nix + ./hosts/${device}/imports.nix + ./hosts/${device}/configuration.nix + + { nixpkgs.overlays = [ - self.overlays.unstable-packages + overlays.unstable-packages ]; - - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - - documentation = { - info.enable = false; # info pages and the info command - doc.enable = false; # documentation distributed in packages' /share/doc - }; } - - ./nixosConfigurations/${device} - - self.nixosModules.default - self.nixosModules.lix-is-nix - self.nixosModules.globalinstalls - self.nixosModules.autoupdate - self.nixosModules.openssh - self.nixosModules.tailscale - self.nixosModules.allowed-unfree-list - self.nixosModules.extra-caches - self.nixosModules.systemd-boot - - zerforschen-plus.nixosModules.default ] - ++ (nixpkgs.lib.optionals (home-manager-users != { }) [ - { - home-manager = { - extraSpecialArgs = specialArgs; - useGlobalPkgs = true; - useUserPackages = true; - }; - - time.timeZone = "Europe/Berlin"; - - home-manager.sharedModules = [ - { home.stateVersion = "22.11"; } - self.homeModules.adwaita - self.homeModules.git - self.homeModules.templates - self.homeModules.zsh-basics - self.homeModules.nano - self.homeModules.gnome-extensions - ]; - - home-manager.users = home-manager-users; - } - - self.nixosModules.pkgs-unstable - self.nixosModules.pkgs-vscode-extensions - self.nixosModules.niri - self.nixosModules.kdeconnect - self.nixosModules.en-de - self.nixosModules.gnome - self.nixosModules.modern-desktop - self.nixosModules.nix-ld - self.nixosModules.quiet-boot - self.nixosModules.firmware-updates - + ++ (nixpkgs.lib.optionals (builtins.elem device homeDevices) [ home-manager.nixosModules.home-manager - servicepoint-simulator.nixosModules.default - servicepoint-cli.nixosModules.default - ]) - ++ additional-modules; + { home-manager.extraSpecialArgs = specialArgs; } + ./modules/home-manager.nix + + ./modules/i18n.nix + + niri.nixosModules.niri + { + nixpkgs.overlays = [ + niri.overlays.niri + overlays.servicepoint-packages + nix-vscode-extensions.overlays.default + ]; + } + ]); } ); + + overlays = { + unstable-packages = final: prev: { + unstable = import nixpkgs-unstable { + system = prev.system; + config = prev.config; + }; + }; + servicepoint-packages = final: prev: { + servicepoint-cli = servicepoint-cli.legacyPackages."${prev.system}".servicepoint-cli; + servicepoint-simulator = + servicepoint-simulator.legacyPackages."${prev.system}".servicepoint-simulator; + }; + }; + + formatter = forAllSystems ({ pkgs, ... }: pkgs.nixfmt-tree); }; } diff --git a/homeConfigurations/ronja/default.nix b/home/ronja/configuration.nix similarity index 98% rename from homeConfigurations/ronja/default.nix rename to home/ronja/configuration.nix index 0f202cd..26cceac 100644 --- a/homeConfigurations/ronja/default.nix +++ b/home/ronja/configuration.nix @@ -1,6 +1,5 @@ { config, pkgs, ... }: { - imports = [ ./vscode.nix ]; config = { home.packages = with pkgs; [ ## Apps diff --git a/home/ronja/default.nix b/home/ronja/default.nix new file mode 100644 index 0000000..7c2f96d --- /dev/null +++ b/home/ronja/default.nix @@ -0,0 +1,25 @@ +{ pkgs, ... }: +{ + config = { + # Define user account + users.users.ronja = { + isNormalUser = true; + name = "ronja"; + description = "Ronja"; + home = "/home/ronja"; + extraGroups = [ + "networkmanager" + "wheel" + "games" + "podman" + "openvscode-server" + ]; + shell = pkgs.zsh; + }; + + home-manager.users.ronja.imports = [ + ./configuration.nix + ./vscode.nix + ]; + }; +} diff --git a/homeConfigurations/ronja/vscode.nix b/home/ronja/vscode.nix similarity index 100% rename from homeConfigurations/ronja/vscode.nix rename to home/ronja/vscode.nix diff --git a/homeConfigurations/vinzenz/.config/containers/policy.json b/home/vinzenz/.config/containers/policy.json similarity index 100% rename from homeConfigurations/vinzenz/.config/containers/policy.json rename to home/vinzenz/.config/containers/policy.json diff --git a/homeConfigurations/vinzenz/.zsh/p10k.zsh b/home/vinzenz/.zsh/p10k.zsh similarity index 99% rename from homeConfigurations/vinzenz/.zsh/p10k.zsh rename to home/vinzenz/.zsh/p10k.zsh index fc3c2b2..3b6355d 100644 --- a/homeConfigurations/vinzenz/.zsh/p10k.zsh +++ b/home/vinzenz/.zsh/p10k.zsh @@ -60,8 +60,8 @@ nodeenv # node.js environment (https://github.com/ekalinin/nodeenv) # node_version # node.js version # go_version # go version (https://golang.org) - rust_version # rustc version (https://www.rust-lang.org) - dotnet_version # .NET version (https://dotnet.microsoft.com) + # rust_version # rustc version (https://www.rust-lang.org) + # dotnet_version # .NET version (https://dotnet.microsoft.com) # php_version # php version (https://www.php.net/) # laravel_version # laravel php framework version (https://laravel.com/) # java_version # java version (https://www.java.com/) @@ -756,14 +756,14 @@ typeset -g POWERLEVEL9K_RANGER_BACKGROUND=0 # Custom icon. # typeset -g POWERLEVEL9K_RANGER_VISUAL_IDENTIFIER_EXPANSION='⭐' - + ####################[ yazi: yazi shell (https://github.com/sxyazi/yazi) ]##################### # Yazi shell color. typeset -g POWERLEVEL9K_YAZI_FOREGROUND=3 typeset -g POWERLEVEL9K_YAZI_BACKGROUND=0 # Custom icon. # typeset -g POWERLEVEL9K_YAZI_VISUAL_IDENTIFIER_EXPANSION='⭐' - + ######################[ nnn: nnn shell (https://github.com/jarun/nnn) ]####################### # Nnn shell color. typeset -g POWERLEVEL9K_NNN_FOREGROUND=0 diff --git a/homeConfigurations/vinzenz/configuration.nix b/home/vinzenz/configuration.nix similarity index 97% rename from homeConfigurations/vinzenz/configuration.nix rename to home/vinzenz/configuration.nix index ace8086..74be21f 100644 --- a/homeConfigurations/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -56,10 +56,6 @@ icu nextcloud-client - - lutris - - foliate ]; home.file = { diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix new file mode 100644 index 0000000..e555eba --- /dev/null +++ b/home/vinzenz/default.nix @@ -0,0 +1,51 @@ +{ pkgs, ... }: +{ + config = { + users.users.vinzenz = { + isNormalUser = true; + name = "vinzenz"; + description = "Vinzenz"; + home = "/home/vinzenz"; + extraGroups = [ + "networkmanager" + "wheel" + "games" + "dialout" + "podman" + "nginx" + "adbusers" + "kvm" + "input" + "video" + ]; + shell = pkgs.zsh; + autoSubUidGidRange = true; + }; + + nix.settings.trusted-users = [ "vinzenz" ]; + + home-manager.users.vinzenz.imports = [ + ./configuration.nix + ./editorconfig.nix + ./fuzzel.nix + ./git.nix + ./gnome.nix + #./niri.nix + ./ssh.nix + ./swaylock.nix + ./vscode.nix + ./waybar.nix + ./zsh.nix + ]; + + allowedUnfreePackages = [ + "rider" + "pycharm-professional" + "jetbrains-toolbox" + + "anydesk" + + "vscode-extension-ms-dotnettools-csharp" + ]; + }; +} diff --git a/homeConfigurations/vinzenz/editorconfig.nix b/home/vinzenz/editorconfig.nix similarity index 97% rename from homeConfigurations/vinzenz/editorconfig.nix rename to home/vinzenz/editorconfig.nix index 1ebffa8..496c714 100644 --- a/homeConfigurations/vinzenz/editorconfig.nix +++ b/home/vinzenz/editorconfig.nix @@ -1,3 +1,4 @@ +{ ... }: { config.editorconfig = { enable = true; diff --git a/homeConfigurations/vinzenz/fuzzel.nix b/home/vinzenz/fuzzel.nix similarity index 100% rename from homeConfigurations/vinzenz/fuzzel.nix rename to home/vinzenz/fuzzel.nix diff --git a/homeConfigurations/vinzenz/git.nix b/home/vinzenz/git.nix similarity index 98% rename from homeConfigurations/vinzenz/git.nix rename to home/vinzenz/git.nix index 537fe61..ddaa890 100644 --- a/homeConfigurations/vinzenz/git.nix +++ b/home/vinzenz/git.nix @@ -1,3 +1,4 @@ +{ ... }: { config.programs.git = { enable = true; diff --git a/home/vinzenz/gnome.nix b/home/vinzenz/gnome.nix new file mode 100644 index 0000000..5648cf6 --- /dev/null +++ b/home/vinzenz/gnome.nix @@ -0,0 +1,26 @@ +{ pkgs, ... }: +{ + config = { + home.packages = + with pkgs.gnomeExtensions; + [ + gsconnect + # battery-health-charging + quick-settings-tweaker + solaar-extension + alphabetical-app-grid + ] + ++ (with pkgs; [ foliate ]); + + dconf.settings = { + "org/gnome/shell" = { + enabled-extensions = [ + "GPaste@gnome-shell-extensions.gnome.org" + "gsconnect@andyholmes.github.io" + "solaar-extension@sidevesh" + "AlphabeticalAppGrid@stuarthayhurst" + ]; + }; + }; + }; +} diff --git a/homeConfigurations/vinzenz/niri.nix b/home/vinzenz/niri.nix similarity index 98% rename from homeConfigurations/vinzenz/niri.nix rename to home/vinzenz/niri.nix index 3562ae1..3cb557a 100644 --- a/homeConfigurations/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -16,7 +16,16 @@ name = "adwaita-dark"; }; - services.mako.enable = true; + services = { + kdeconnect = { + enable = true; + # this still shows up in gnome session starting with 25.05 + # indicator = true; + }; + mako = { + enable = true; + }; + }; programs.niri.settings = { input.keyboard.xkb.layout = "de"; diff --git a/homeConfigurations/vinzenz/ssh.nix b/home/vinzenz/ssh.nix similarity index 99% rename from homeConfigurations/vinzenz/ssh.nix rename to home/vinzenz/ssh.nix index 20b4bae..98acce9 100644 --- a/homeConfigurations/vinzenz/ssh.nix +++ b/home/vinzenz/ssh.nix @@ -1,3 +1,4 @@ +{ ... }: { config.programs.ssh = { enable = true; diff --git a/homeConfigurations/vinzenz/swaylock.nix b/home/vinzenz/swaylock.nix similarity index 100% rename from homeConfigurations/vinzenz/swaylock.nix rename to home/vinzenz/swaylock.nix diff --git a/homeConfigurations/vinzenz/vscode.nix b/home/vinzenz/vscode.nix similarity index 100% rename from homeConfigurations/vinzenz/vscode.nix rename to home/vinzenz/vscode.nix diff --git a/homeConfigurations/vinzenz/waybar.nix b/home/vinzenz/waybar.nix similarity index 100% rename from homeConfigurations/vinzenz/waybar.nix rename to home/vinzenz/waybar.nix diff --git a/homeConfigurations/vinzenz/zsh.nix b/home/vinzenz/zsh.nix similarity index 94% rename from homeConfigurations/vinzenz/zsh.nix rename to home/vinzenz/zsh.nix index 1278aca..d7cbcfa 100644 --- a/homeConfigurations/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -20,7 +20,7 @@ my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; my-ip4 = "ip addr show | grep 192"; deadnix = "nix run github:astro/deadnix -- "; - statix = "nix run github:oppiliappan/statix -- "; + statix = "nix run git+https://git.peppe.rs/languages/statix -- "; }; history = { diff --git a/homeConfigurations/vinzenz/default.nix b/homeConfigurations/vinzenz/default.nix deleted file mode 100644 index 33cfceb..0000000 --- a/homeConfigurations/vinzenz/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - imports = [ - ./configuration.nix - ./editorconfig.nix - ./fuzzel.nix - ./git.nix - ./gnome.nix - #./niri.nix - ./ssh.nix - ./swaylock.nix - ./vscode.nix - ./waybar.nix - ./zsh.nix - ]; -} diff --git a/homeConfigurations/vinzenz/gnome.nix b/homeConfigurations/vinzenz/gnome.nix deleted file mode 100644 index 7424363..0000000 --- a/homeConfigurations/vinzenz/gnome.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ pkgs, ... }: -{ - config = { - home.packages = with pkgs; [ - gitg - meld - simple-scan - pinta - dconf-editor - impression # usb image writer - papers # pdf viewer - gnome-software # for flatpak apps - gnomeExtensions.solaar-extension - snapshot - ]; - - dconf.settings = { - "org/gnome/shell".enabled-extensions = [ - "GPaste@gnome-shell-extensions.gnome.org" - "solaar-extension@sidevesh" - ]; - "org/gnome/desktop/interface".color-scheme = "prefer-dark"; - "org/gnome/desktop/wm/keybindings" = { - switch-windows = [ "Tab" ]; - switch-windows-backward = [ "Tab" ]; - switch-applications = [ "Tab" ]; - switch-applications-backward = [ "Tab" ]; - }; - }; - }; -} diff --git a/homeModules/adwaita.nix b/homeModules/adwaita.nix deleted file mode 100644 index 96d24c7..0000000 --- a/homeModules/adwaita.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, ... }: -{ - gtk = { - enable = true; - iconTheme.name = "Adwaita"; - cursorTheme.name = "Adwaita"; - theme = { - name = "adw-gtk3-dark"; - package = pkgs.adw-gtk3; - }; - }; -} diff --git a/homeModules/git.nix b/homeModules/git.nix deleted file mode 100644 index 76afceb..0000000 --- a/homeModules/git.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - programs = { - git = { - enable = true; - extraConfig.init.defaultBranch = "main"; - }; - - gh = { - enable = true; - gitCredentialHelper.enable = true; - }; - }; -} diff --git a/homeModules/gnome-extensions.nix b/homeModules/gnome-extensions.nix deleted file mode 100644 index 9c30c40..0000000 --- a/homeModules/gnome-extensions.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ - lib, - pkgs, - osConfig, - config, - ... -}: -{ - options.vinzenz.gnome-extensions = - let - mkDefaultEnabledOption = - name: - lib.mkOption { - default = true; - example = false; - description = "Whether to enable ${name}."; - type = lib.types.bool; - }; - in - { - enable = mkDefaultEnabledOption "gnome extended options"; - appindicator.enable = mkDefaultEnabledOption "appindicator"; - caffeine.enable = mkDefaultEnabledOption "caffeine"; - tailscale-qs.enable = lib.mkOption { - default = osConfig.services.tailscale.enable; - example = true; - description = "Whether to enable tailscale quick setting."; - type = lib.types.bool; - }; - alphabetic-apps.enable = mkDefaultEnabledOption "alphabetic app grid"; - clock-show-seconds = mkDefaultEnabledOption "clock seconds"; - show-battery-percentage = mkDefaultEnabledOption "battery percentage"; - enable-numlock = mkDefaultEnabledOption "num lock on login"; - enable-systool-warning = lib.mkEnableOption "system configuration tool warning"; - edge-tiling = mkDefaultEnabledOption "edge tiling"; - dynamic-workspaces = mkDefaultEnabledOption "dynamic workspaces"; - tap-to-click = mkDefaultEnabledOption "tap to click"; - two-finger-scrolling = mkDefaultEnabledOption "two finger scrolling"; - }; - - config = - let - cfg = config.vinzenz.gnome-extensions; - in - lib.mkIf cfg.enable ( - lib.mkMerge [ - { - dconf = { - enable = true; - settings = { - "org/gnome/shell" = { - disable-user-extensions = false; - disabled-extensions = [ ]; - enabled-extensions = [ ]; - }; - - "ca/desrt/dconf-editor".show-warning = cfg.enable-systool-warning; - "org/gnome/tweaks".show-extensions-notice = cfg.enable-systool-warning; - "org/gnome/mutter" = { - inherit (cfg) edge-tiling dynamic-workspaces; - }; - "org/gnome/desktop/peripherals/touchpad" = { - inherit (cfg) tap-to-click; - two-finger-scrolling-enabled = cfg.two-finger-scrolling; - }; - "org/gnome/desktop/interface" = { - inherit (cfg) clock-show-seconds show-battery-percentage; - }; - }; - }; - } - - (lib.mkIf cfg.tailscale-qs.enable { - home.packages = [ pkgs.gnomeExtensions.tailscale-qs ]; - dconf.settings."org/gnome/shell".enabled-extensions = [ "tailscale@joaophi.github.com" ]; - }) - - (lib.mkIf cfg.appindicator.enable { - home.packages = [ pkgs.gnomeExtensions.appindicator ]; - dconf.settings."org/gnome/shell".enabled-extensions = [ "appindicatorsupport@rgcjonas.gmail.com" ]; - }) - - (lib.mkIf cfg.caffeine.enable { - home.packages = [ pkgs.gnomeExtensions.caffeine ]; - dconf.settings."org/gnome/shell".enabled-extensions = [ "caffeine@patapon.info" ]; - }) - - (lib.mkIf cfg.alphabetic-apps.enable { - home.packages = [ pkgs.gnomeExtensions.alphabetical-app-grid ]; - dconf.settings = { - "org/gnome/shell".enabled-extensions = [ "AlphabeticalAppGrid@stuarthayhurst" ]; - "org/gnome/shell/extensions/alphabetical-app-grid".folder-order-position = "start"; - }; - }) - - (lib.mkIf cfg.enable-numlock { - dconf.settings."org/gnome/desktop/peripherals/keyboard".numlock-state = true; - }) - ] - ); -} diff --git a/homeModules/nano.nix b/homeModules/nano.nix deleted file mode 100644 index ab3e7b2..0000000 --- a/homeModules/nano.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ - home = { - sessionVariables.EDITOR = "nano"; - file.".nanorc".text = '' - set linenumbers - set mouse - ''; - }; -} diff --git a/homeModules/templates.nix b/homeModules/templates.nix deleted file mode 100644 index 71d2e0b..0000000 --- a/homeModules/templates.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - home.file = { - "Templates/Empty file".text = ""; - "Templates/Empty bash script".text = '' - #!/usr/bin/env bash - # abort on error, undefined variables - set -eu - # print commands before execution - set -x - ''; - }; -} diff --git a/homeModules/zsh-basics.nix b/homeModules/zsh-basics.nix deleted file mode 100644 index 0b0e281..0000000 --- a/homeModules/zsh-basics.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - programs = { - command-not-found.enable = true; - dircolors.enable = true; - - zsh = { - enable = true; - syntaxHighlighting.enable = true; - autosuggestion.enable = true; - enableVteIntegration = true; - }; - }; -} diff --git a/hooks/pre-commit b/hooks/pre-commit deleted file mode 100755 index 6b6b870..0000000 --- a/hooks/pre-commit +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash -set -euxo pipefail - -nix fmt - -nix flake check --all-systems --show-trace diff --git a/hosts/forgejo-runner-1/configuration.nix b/hosts/forgejo-runner-1/configuration.nix new file mode 100644 index 0000000..345e622 --- /dev/null +++ b/hosts/forgejo-runner-1/configuration.nix @@ -0,0 +1,15 @@ +{ ... }: +{ + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + services.tailscale.useRoutingFeatures = "both"; + system.autoUpgrade.allowReboot = true; + + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + }; +} diff --git a/nixosConfigurations/forgejo-runner-1/forgejo-runner.nix b/hosts/forgejo-runner-1/forgejo-runner.nix similarity index 100% rename from nixosConfigurations/forgejo-runner-1/forgejo-runner.nix rename to hosts/forgejo-runner-1/forgejo-runner.nix diff --git a/nixosConfigurations/forgejo-runner-1/hardware.nix b/hosts/forgejo-runner-1/hardware.nix similarity index 93% rename from nixosConfigurations/forgejo-runner-1/hardware.nix rename to hosts/forgejo-runner-1/hardware.nix index e8fbc56..e3e6880 100644 --- a/nixosConfigurations/forgejo-runner-1/hardware.nix +++ b/hosts/forgejo-runner-1/hardware.nix @@ -3,6 +3,11 @@ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { + nixpkgs = { + hostPlatform = "aarch64-linux"; + system = "aarch64-linux"; + }; + boot = { tmp.cleanOnBoot = true; kernelParams = [ "console=tty" ]; diff --git a/hosts/forgejo-runner-1/imports.nix b/hosts/forgejo-runner-1/imports.nix new file mode 100644 index 0000000..8b867c6 --- /dev/null +++ b/hosts/forgejo-runner-1/imports.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ../../modules/podman.nix + ./forgejo-runner.nix + ]; +} diff --git a/hosts/hetzner-vpn2/configuration.nix b/hosts/hetzner-vpn2/configuration.nix new file mode 100644 index 0000000..8e16ff7 --- /dev/null +++ b/hosts/hetzner-vpn2/configuration.nix @@ -0,0 +1,21 @@ +{ ... }: +{ + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + + services.tailscale.useRoutingFeatures = "both"; + + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + #ronja.openssh.authorizedKeys.keys = [ + # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + #]; + }; + + system.autoUpgrade.allowReboot = true; +} diff --git a/nixosConfigurations/hetzner-vpn2/hardware.nix b/hosts/hetzner-vpn2/hardware.nix similarity index 93% rename from nixosConfigurations/hetzner-vpn2/hardware.nix rename to hosts/hetzner-vpn2/hardware.nix index d7c96f0..e8fa931 100644 --- a/nixosConfigurations/hetzner-vpn2/hardware.nix +++ b/hosts/hetzner-vpn2/hardware.nix @@ -3,6 +3,11 @@ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { + nixpkgs = { + hostPlatform = "aarch64-linux"; + system = "aarch64-linux"; + }; + boot = { tmp.cleanOnBoot = true; kernelParams = [ "console=tty" ]; diff --git a/hosts/hetzner-vpn2/imports.nix b/hosts/hetzner-vpn2/imports.nix new file mode 100644 index 0000000..3fadabb --- /dev/null +++ b/hosts/hetzner-vpn2/imports.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./nginx.nix + ]; +} diff --git a/nixosConfigurations/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix similarity index 84% rename from nixosConfigurations/hetzner-vpn2/nginx.nix rename to hosts/hetzner-vpn2/nginx.nix index 2520533..8fa27c6 100644 --- a/nixosConfigurations/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ inputs, pkgs, ... }: let blog-domain-socket = "/run/nginx/blog.sock"; anubis-domain-socket = "/run/anubis/anubis-blog.sock"; @@ -72,26 +72,28 @@ in addSSL = true; enableACME = true; locations."/" = { - proxyPass = "http://unix:" + anubis-domain-socket; + proxyPass = ("http://unix:" + anubis-domain-socket); }; }; "blog-in-anubis" = { - root = pkgs.zerforschen-plus-content; + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; listen = [ { - addr = "unix:" + blog-domain-socket; + addr = ("unix:" + blog-domain-socket); } ]; }; }; }; - anubis.instances.main = { - enable = true; - settings = { - BIND = anubis-domain-socket; - TARGET = "unix://" + blog-domain-socket; + anubis = { + instances.main = { + enable = true; + settings = { + BIND = anubis-domain-socket; + TARGET = "unix://" + blog-domain-socket; + }; }; }; }; diff --git a/hosts/ronja-pc/configuration.nix b/hosts/ronja-pc/configuration.nix new file mode 100644 index 0000000..0e9124d --- /dev/null +++ b/hosts/ronja-pc/configuration.nix @@ -0,0 +1,26 @@ +{ + config, + pkgs, + ... +}: +{ + # Configure keymap in X11 + services.xserver.xkb = { + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + ]; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; +} diff --git a/nixosConfigurations/ronja-pc/hardware.nix b/hosts/ronja-pc/hardware.nix similarity index 77% rename from nixosConfigurations/ronja-pc/hardware.nix rename to hosts/ronja-pc/hardware.nix index e6ad854..f668726 100644 --- a/nixosConfigurations/ronja-pc/hardware.nix +++ b/hosts/ronja-pc/hardware.nix @@ -1,8 +1,6 @@ { lib, ... }: { boot = { - supportedFilesystems = [ "btrfs" ]; - initrd.supportedFilesystems = [ "btrfs" ]; kernelModules = [ "kvm-intel" ]; extraModulePackages = [ ]; initrd = { @@ -39,10 +37,6 @@ { device = "/dev/disk/by-uuid/bf9d19fb-499b-4bfb-b67d-131fa5bf8259"; } ]; - hardware.bluetooth.enable = true; - - networking = { - networkmanager.enable = true; - useDHCP = lib.mkDefault true; - }; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = true; } diff --git a/hosts/ronja-pc/imports.nix b/hosts/ronja-pc/imports.nix new file mode 100644 index 0000000..8b9ed4b --- /dev/null +++ b/hosts/ronja-pc/imports.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/desktop-environment.nix + ../../modules/desktop-hardware.nix + + ../../home/ronja + ]; +} diff --git a/nixosConfigurations/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/configuration.nix similarity index 94% rename from nixosConfigurations/vinzenz-lpt2/default.nix rename to hosts/vinzenz-lpt2/configuration.nix index 58eac82..b38f25a 100644 --- a/nixosConfigurations/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -1,8 +1,6 @@ +{ ... }: { - imports = [ - ./hardware.nix - ./nginx.nix - ]; + imports = [ ./nginx.nix ]; config = { nix.settings.extra-platforms = [ diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix new file mode 100644 index 0000000..f51ccd1 --- /dev/null +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -0,0 +1,63 @@ +{ lib, ... }: +{ + imports = [ ../../modules/intel-graphics.nix ]; + config = { + # intel cpu + boot.kernelModules = [ + "kvm-intel" + "xe" + ]; + hardware.cpu.intel.updateMicrocode = true; + + boot.loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + + hardware.enableRedistributableFirmware = true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + boot.initrd = { + availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + ]; + luks.devices = { + "luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3" = { + device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; + }; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/E2B7-2BC1"; + fsType = "vfat"; + }; + }; + + swapDevices = [ + { + device = "/var/lib/swapfile"; + size = 32 * 1024; + } + ]; + + services.thermald.enable = true; + services.hardware.bolt.enable = true; # thunderbolt security + }; +} diff --git a/hosts/vinzenz-lpt2/imports.nix b/hosts/vinzenz-lpt2/imports.nix new file mode 100644 index 0000000..f9a0ae1 --- /dev/null +++ b/hosts/vinzenz-lpt2/imports.nix @@ -0,0 +1,14 @@ +{ + imports = [ + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + ../../modules/podman.nix + #../../modules/niri.nix + ../../modules/desktop-environment.nix + ../../modules/desktop-hardware.nix + + ../../home/vinzenz + ../../home/ronja + ]; +} diff --git a/nixosConfigurations/vinzenz-lpt2/nginx.nix b/hosts/vinzenz-lpt2/nginx.nix similarity index 83% rename from nixosConfigurations/vinzenz-lpt2/nginx.nix rename to hosts/vinzenz-lpt2/nginx.nix index d5fd6a4..302a271 100644 --- a/nixosConfigurations/vinzenz-lpt2/nginx.nix +++ b/hosts/vinzenz-lpt2/nginx.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ inputs, pkgs, ... }: let blog-domain-socket = "/run/nginx/blog.sock"; anubis-domain-socket = "/run/anubis/anubis-blog.sock"; @@ -29,15 +29,15 @@ in "vinzenz-lpt2" = { locations."/" = { - proxyPass = "http://unix:" + anubis-domain-socket; + proxyPass = ("http://unix:" + anubis-domain-socket); }; }; "vinzenz-lpt2-in-anubis" = { - root = pkgs.zerforschen-plus-content; + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; listen = [ { - addr = "unix:" + blog-domain-socket; + addr = ("unix:" + blog-domain-socket); } ]; }; diff --git a/nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix b/hosts/vinzenz-lpt2/zerforschen-plus.nix similarity index 86% rename from nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix rename to hosts/vinzenz-lpt2/zerforschen-plus.nix index d2b919d..af3ea3c 100644 --- a/nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix +++ b/hosts/vinzenz-lpt2/zerforschen-plus.nix @@ -1,5 +1,7 @@ { pkgs, + system, + inputs, ... }: { @@ -26,7 +28,7 @@ "zerforschen.plus" = { #addSSL = true; #enableACME = true; - root = pkgs.zerforschen-plus-content; + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; }; }; }; diff --git a/nixosConfigurations/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/configuration.nix similarity index 93% rename from nixosConfigurations/vinzenz-pc2/default.nix rename to hosts/vinzenz-pc2/configuration.nix index 23505b1..4f6b859 100644 --- a/nixosConfigurations/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -5,7 +5,6 @@ ./vscode-server.nix ./hass.nix ]; - config = { nix.settings.extra-platforms = [ "aarch64-linux" @@ -33,10 +32,5 @@ ]; environment.systemPackages = with pkgs; [ lact ]; - - networking.firewall.allowedUDPPorts = [ - # Factorio - 34197 - ]; }; } diff --git a/nixosConfigurations/vinzenz-pc2/fstab.nix b/hosts/vinzenz-pc2/fstab.nix similarity index 100% rename from nixosConfigurations/vinzenz-pc2/fstab.nix rename to hosts/vinzenz-pc2/fstab.nix diff --git a/hosts/vinzenz-pc2/hardware.nix b/hosts/vinzenz-pc2/hardware.nix new file mode 100644 index 0000000..316d9a2 --- /dev/null +++ b/hosts/vinzenz-pc2/hardware.nix @@ -0,0 +1,25 @@ +{ ... }: +{ + imports = [ ../../modules/amd-graphics.nix ]; + config = { + # amd cpu + boot.kernelModules = [ "kvm-amd" ]; + hardware.cpu.amd.updateMicrocode = true; + + boot = { + initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "sd_mod" + ]; # "usb_storage" + loader.efi.efiSysMountPoint = "/boot"; + }; + + fileSystems = import ./fstab.nix; + swapDevices = [ ]; + + networking.interfaces.eno1.wakeOnLan.enable = true; + }; +} diff --git a/nixosConfigurations/vinzenz-pc2/hass.nix b/hosts/vinzenz-pc2/hass.nix similarity index 100% rename from nixosConfigurations/vinzenz-pc2/hass.nix rename to hosts/vinzenz-pc2/hass.nix diff --git a/hosts/vinzenz-pc2/imports.nix b/hosts/vinzenz-pc2/imports.nix new file mode 100644 index 0000000..f9a0ae1 --- /dev/null +++ b/hosts/vinzenz-pc2/imports.nix @@ -0,0 +1,14 @@ +{ + imports = [ + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + ../../modules/podman.nix + #../../modules/niri.nix + ../../modules/desktop-environment.nix + ../../modules/desktop-hardware.nix + + ../../home/vinzenz + ../../home/ronja + ]; +} diff --git a/nixosConfigurations/vinzenz-pc2/vscode-server.nix b/hosts/vinzenz-pc2/vscode-server.nix similarity index 66% rename from nixosConfigurations/vinzenz-pc2/vscode-server.nix rename to hosts/vinzenz-pc2/vscode-server.nix index 6632b1f..199c015 100644 --- a/nixosConfigurations/vinzenz-pc2/vscode-server.nix +++ b/hosts/vinzenz-pc2/vscode-server.nix @@ -15,12 +15,16 @@ ]; }; - networking.firewall.allowedTCPPorts = [ - 8542 - 8543 - 8544 - 80 - 1313 - 5201 - ]; + networking = { + firewall = { + allowedTCPPorts = [ + 8542 + 8543 + 8544 + 80 + 1313 + 5201 + ]; + }; + }; } diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix new file mode 100644 index 0000000..041d700 --- /dev/null +++ b/modules/amd-graphics.nix @@ -0,0 +1,22 @@ +{ pkgs, config, ... }: +{ + config = { + boot.kernelModules = [ "amdgpu" ]; + services.xserver.videoDrivers = [ "amdgpu" ]; + + hardware = { + graphics.enable = true; + amdgpu = { + opencl.enable = true; + amdvlk = { + # TODO: this creates black borders around GNOME apps + # enable = true; + # support32Bit.enable = config.hardware.graphics.enable32Bit; + }; + overdrive.enable = true; + }; + }; + + environment.systemPackages = with pkgs; [ nvtopPackages.amd ]; + }; +} diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix new file mode 100644 index 0000000..ffb00eb --- /dev/null +++ b/modules/desktop-environment.nix @@ -0,0 +1,121 @@ +{ pkgs, ... }: +{ + config = { + services = { + xserver.enable = true; + libinput.enable = true; + flatpak.enable = true; + fstrim.enable = true; + earlyoom = { + enable = true; + freeMemThreshold = 5; + }; + }; + + # Enable sound with pipewire. + security.rtkit.enable = true; + services = { + pulseaudio.enable = false; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + #jack.enable = true; + }; + }; + + programs = { + kdeconnect.enable = true; + firefox = { + enable = true; + languagePacks = [ + "en-US" + "de" + ]; + }; + nix-ld = { + enable = true; + libraries = with pkgs; [ + stdenv.cc.cc + zlib + zstd + curl + openssl + attr + libssh + bzip2 + libxml2 + acl + libsodium + util-linux + xz + systemd + ]; + }; + appimage = { + enable = true; + binfmt = true; + }; + }; + + networking = { + firewall = { + allowedTCPPortRanges = [ + { + # KDE Connect / gsconnect + from = 1714; + to = 1764; + } + ]; + allowedUDPPortRanges = [ + { + # KDE Connect / gsconnect + from = 1714; + to = 1764; + } + ]; + }; + }; + + systemd = { + # save some boot time because nothing actually requires network connectivity + services.NetworkManager-wait-online.enable = false; + + # prevent stuck units from preventing shutdown (default is 120s) + extraConfig = '' + DefaultTimeoutStopSec=10s + ''; + }; + + environment.systemPackages = with pkgs; [ + lm_sensors + + # office + libreoffice-qt + hunspell + hunspellDicts.de-de + hunspellDicts.en-us-large + ]; + + fonts = { + enableDefaultPackages = true; + fontconfig.defaultFonts.monospace = [ "FiraCode Nerd Font" ]; + packages = with pkgs; [ + nerd-fonts.fira-code + roboto-mono + recursive + ]; + }; + + hardware.logitech.wireless = { + enable = true; + enableGraphical = true; + }; + + system.autoUpgrade = { + allowReboot = false; + operation = "boot"; + }; + }; +} diff --git a/modules/desktop-hardware.nix b/modules/desktop-hardware.nix new file mode 100644 index 0000000..a8b2f93 --- /dev/null +++ b/modules/desktop-hardware.nix @@ -0,0 +1,48 @@ +{ + lib, + pkgs, + ... +}: +{ + config = { + boot = { + kernelPackages = pkgs.linuxPackages_zen; + kernelParams = [ + "quiet" + "udev.log_level=3" + ]; + supportedFilesystems = [ "btrfs" ]; + initrd.supportedFilesystems = [ "btrfs" ]; + consoleLogLevel = 0; + initrd.verbose = false; + plymouth.enable = true; + loader = { + timeout = 3; + efi.canTouchEfiVariables = true; + systemd-boot = { + enable = true; + editor = false; # do not allow changing kernel parameters + consoleMode = "max"; + }; + }; + }; + + networking.networkmanager.enable = true; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true; + + hardware = { + enableRedistributableFirmware = true; + bluetooth.enable = true; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + services.fwupd.enable = true; + }; +} diff --git a/modules/gaming.nix b/modules/gaming.nix new file mode 100644 index 0000000..4214c23 --- /dev/null +++ b/modules/gaming.nix @@ -0,0 +1,81 @@ +{ pkgs, ... }: +{ + config = { + hardware = { + graphics = { + enable32Bit = true; + extraPackages = with pkgs; [ mangohud ]; + extraPackages32 = with pkgs; [ mangohud ]; + }; + + steam-hardware.enable = true; + xpadneo.enable = true; + }; + + environment.systemPackages = with pkgs; [ + wineWowPackages.stagingFull + wineWowPackages.fonts + winetricks + dxvk + mangohud + vulkan-tools + glxinfo + lutris + ]; + + programs = { + xwayland.enable = true; + steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + gamescopeSession.enable = false; + }; + gamemode.enable = true; + }; + + networking.firewall = { + allowedUDPPorts = [ + # Factorio + 34197 + + # steam network transfer + 3478 + ]; + + allowedTCPPorts = [ + # steam network transfer + 24070 + ]; + + allowedTCPPortRanges = [ + # steam network transfer + { + from = 27015; + to = 27050; + } + ]; + + allowedUDPPortRanges = [ + # steam network transfer + { + from = 4379; + to = 4380; + } + { + from = 27000; + to = 27100; + } + ]; + }; + + allowedUnfreePackages = [ + "steam" + "steam-original" + "steam-run" + "steam-unwrapped" + "ut1999" + ]; + }; +} diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix new file mode 100644 index 0000000..c4c21d2 --- /dev/null +++ b/modules/globalinstalls.nix @@ -0,0 +1,34 @@ +{ pkgs, ... }: +{ + config = { + environment = { + systemPackages = with pkgs; [ + ncdu + glances + iotop + + pciutils + lsof + dig + + screen + + tldr + neofetch + + nix-output-monitor + ]; + }; + + programs = { + zsh.enable = true; + htop.enable = true; + iotop.enable = true; + git.enable = true; + nano = { + enable = true; + syntaxHighlight = true; + }; + }; + }; +} diff --git a/modules/gnome-shared-dconf.nix b/modules/gnome-shared-dconf.nix new file mode 100644 index 0000000..b9b3716 --- /dev/null +++ b/modules/gnome-shared-dconf.nix @@ -0,0 +1,46 @@ +{ + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + clock-show-seconds = true; + show-battery-percentage = true; + }; + "org/gnome/mutter" = { + edge-tiling = true; + dynamic-workspaces = true; + }; + "org/gnome/desktop/peripherals/keyboard" = { + numlock-state = true; + }; + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + two-finger-scrolling-enabled = true; + }; + "org/gnome/tweaks" = { + show-extensions-notice = false; + }; + "org/gnome/shell" = { + disable-user-extensions = false; + disabled-extensions = [ ]; + enabled-extensions = [ + "tailscale@joaophi.github.com" + "appindicatorsupport@rgcjonas.gmail.com" + "workspace-indicator@gnome-shell-extensions.gcampax.github.com" + "caffeine@patapon.info" + ]; + }; + "ca/desrt/dconf-editor" = { + show-warning = false; + }; + "org/gnome/desktop/wm/keybindings" = { + switch-windows = [ "Tab" ]; + switch-windows-backward = [ "Tab" ]; + switch-applications = [ "Tab" ]; + switch-applications-backward = [ "Tab" ]; + }; + "org/gnome/shell/extensions/alphabetical-app-grid" = { + folder-order-position = "start"; + }; + "org/gnome/shell/extensions/gsconnect" = { + enabled = true; + }; +} diff --git a/modules/gnome.nix b/modules/gnome.nix new file mode 100644 index 0000000..f5a5dc0 --- /dev/null +++ b/modules/gnome.nix @@ -0,0 +1,101 @@ +{ pkgs, ... }: +{ + config = { + services = { + xserver = { + # Enable the GNOME Desktop Environment. + desktopManager.gnome = { + enable = true; + extraGSettingsOverridePackages = [ pkgs.mutter ]; + extraGSettingsOverrides = '' + [org.gnome.mutter] + experimental-features=['scale-monitor-framebuffer'] + ''; + }; + displayManager.gdm.enable = true; + excludePackages = with pkgs; [ xterm ]; + }; + + displayManager.defaultSession = "gnome"; + + gnome = { + tinysparql.enable = false; + localsearch.enable = false; + sushi.enable = true; + gnome-remote-desktop.enable = true; + }; + }; + + programs = { + dconf.enable = true; + gpaste.enable = true; + kdeconnect.package = pkgs.gnomeExtensions.gsconnect; + }; + + # remove some gnome default apps + environment.gnome.excludePackages = with pkgs; [ + cheese # photo booth + epiphany # web browser + evince # document viewer + geary # email client + gnome-maps + gnome-weather + gnome-tour + sysprof + orca # screen reader + gnome-weather + gnome-backgrounds + gnome-user-docs + yelp # help app + # gnome-music + # totem # video player + # snapshot # camera + # baobab # disk usage + ]; + + # RDP connections + networking.firewall.allowedTCPPorts = [ 3389 ]; + + home-manager.sharedModules = [ + { + home.packages = + with pkgs; + [ + gitg + meld + simple-scan + pinta + dconf-editor + gpaste + ghex + impression + papers + + # graphical installer for flatpak apps + gnome-software + ] + ++ (with gnomeExtensions; [ + caffeine + appindicator + ]); + + dconf.settings = import ./gnome-shared-dconf.nix; + + gtk = { + enable = true; + iconTheme.name = "Adwaita"; + cursorTheme.name = "Adwaita"; + theme = { + name = "adw-gtk3-dark"; + package = pkgs.adw-gtk3; + }; + }; + } + + { + home.packages = with pkgs; [ trayscale ] ++ (with gnomeExtensions; [ tailscale-qs ]); + dconf.settings."org/gnome/shell".enabled-extensions = [ "tailscale@joaophi.github.com" ]; + } + ]; + }; +} diff --git a/modules/home-manager.nix b/modules/home-manager.nix new file mode 100644 index 0000000..9af6a19 --- /dev/null +++ b/modules/home-manager.nix @@ -0,0 +1,61 @@ +_: { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + sharedModules = [ + # set stateVersion + { home.stateVersion = "22.11"; } + # make nano the default editor + { + home = { + sessionVariables.EDITOR = "nano"; + file.".nanorc".text = '' + set linenumbers + set mouse + ''; + }; + } + # command line niceness + { + programs = { + command-not-found.enable = true; + dircolors.enable = true; + + zsh = { + enable = true; + syntaxHighlighting.enable = true; + autosuggestion.enable = true; + enableVteIntegration = true; + }; + }; + } + # common git config + { + programs = { + git = { + enable = true; + extraConfig.init.defaultBranch = "main"; + }; + + gh = { + enable = true; + gitCredentialHelper.enable = true; + }; + }; + } + # Templates + { + home.file = { + "Templates/Empty file".text = ""; + "Templates/Empty bash script".text = '' + #!/usr/bin/env bash + # abort on error, undefined variables + set -eu + # print commands before execution + set -x + ''; + }; + } + ]; + }; +} diff --git a/modules/i18n.nix b/modules/i18n.nix new file mode 100644 index 0000000..3d789f0 --- /dev/null +++ b/modules/i18n.nix @@ -0,0 +1,19 @@ +_: { + config = { + time.timeZone = "Europe/Berlin"; + i18n = { + defaultLocale = "en_US.UTF-8"; + extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + }; + }; +} diff --git a/nixosModules/intel-graphics.nix b/modules/intel-graphics.nix similarity index 100% rename from nixosModules/intel-graphics.nix rename to modules/intel-graphics.nix diff --git a/nixosModules/latex.nix b/modules/latex.nix similarity index 100% rename from nixosModules/latex.nix rename to modules/latex.nix diff --git a/modules/lix.nix b/modules/lix.nix new file mode 100644 index 0000000..55a3265 --- /dev/null +++ b/modules/lix.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: +{ + nixpkgs.overlays = [ (final: prev: { + inherit (prev.lixPackageSets.stable) + nixpkgs-review + nix-eval-jobs + nix-fast-build + colmena; + }) ]; + + nix.package = pkgs.lixPackageSets.stable.lix; +} diff --git a/modules/networking.nix b/modules/networking.nix new file mode 100644 index 0000000..a6a8d03 --- /dev/null +++ b/modules/networking.nix @@ -0,0 +1,23 @@ +_: { + config = { + services.openssh = { + enable = true; + openFirewall = true; + settings = { + PermitRootLogin = "without-password"; + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + }; + }; + + services.tailscale = { + enable = true; + openFirewall = true; + }; + + networking.firewall = { + enable = true; + checkReversePath = "loose"; + }; + }; +} diff --git a/nixosModules/niri.nix b/modules/niri.nix similarity index 100% rename from nixosModules/niri.nix rename to modules/niri.nix diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix new file mode 100644 index 0000000..aba3504 --- /dev/null +++ b/modules/nixpkgs.nix @@ -0,0 +1,59 @@ +{ config, lib, ... }: +{ + options.allowedUnfreePackages = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + example = [ "steam" ]; + }; + config = { + nixpkgs.config = { + # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085 + allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.allowedUnfreePackages; + }; + + nix = { + settings = { + substituters = [ + "https://cache.nixos.org/" + "https://nix-community.cachix.org" + "https://cache.lix.systems" + "https://niri.cachix.org" + ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" + "niri.cachix.org-1:Wv0OmO7PsuocRKzfDoJ3mulSl7Z6oezYhGhR+3W2964=" + ]; + experimental-features = [ + "nix-command" + "flakes" + ]; + }; + gc = { + automatic = true; + dates = "daily"; + options = "--delete-older-than 7d"; + }; + optimise.automatic = true; + }; + + system = { + stateVersion = "22.11"; + # enable auto updates + autoUpgrade = { + enable = true; + dates = "daily"; + flake = "git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git"; + }; + }; + + documentation = { + enable = true; # documentation of packages + nixos.enable = false; # nixos documentation + man.enable = true; # manual pages and the man command + info.enable = false; # info pages and the info command + doc.enable = false; # documentation distributed in packages' /share/doc + }; + }; +} diff --git a/nixosModules/podman.nix b/modules/podman.nix similarity index 97% rename from nixosModules/podman.nix rename to modules/podman.nix index 93540f8..abecea4 100644 --- a/nixosModules/podman.nix +++ b/modules/podman.nix @@ -1,4 +1,4 @@ -{ +_: { virtualisation = { containers.enable = true; podman = { diff --git a/modules/printing.nix b/modules/printing.nix new file mode 100644 index 0000000..4b74421 --- /dev/null +++ b/modules/printing.nix @@ -0,0 +1,14 @@ +_: { + config = { + services = { + # Enable CUPS to print documents. + printing.enable = true; + + avahi = { + enable = true; # runs the Avahi daemon + nssmdns4 = true; # enables the mDNS NSS plug-in + openFirewall = true; # opens the firewall for UDP port 5353 + }; + }; + }; +} diff --git a/nixosConfigurations/forgejo-runner-1/default.nix b/nixosConfigurations/forgejo-runner-1/default.nix deleted file mode 100644 index f9d3c3f..0000000 --- a/nixosConfigurations/forgejo-runner-1/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - imports = [ - ./hardware.nix - ./forgejo-runner.nix - ]; - - config = { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - services.tailscale.useRoutingFeatures = "both"; - system.autoUpgrade.allowReboot = true; - - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - }; - }; -} diff --git a/nixosConfigurations/hetzner-vpn2/default.nix b/nixosConfigurations/hetzner-vpn2/default.nix deleted file mode 100644 index 591dc20..0000000 --- a/nixosConfigurations/hetzner-vpn2/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - imports = [ - ./hardware.nix - ./nginx.nix - ]; - - config = { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - - services.tailscale.useRoutingFeatures = "both"; - - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - #ronja.openssh.authorizedKeys.keys = [ - # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - #]; - }; - - system.autoUpgrade.allowReboot = true; - }; -} diff --git a/nixosConfigurations/ronja-pc/default.nix b/nixosConfigurations/ronja-pc/default.nix deleted file mode 100644 index dd22382..0000000 --- a/nixosConfigurations/ronja-pc/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - pkgs, - ... -}: -{ - imports = [ - ./hardware.nix - ]; - - config = { - # Configure keymap in X11 - services.xserver.xkb = { - layout = "de"; - variant = ""; - }; - - # Configure console keymap - console.keyMap = "de"; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - ]; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ];}; - }; -} diff --git a/nixosConfigurations/vinzenz-lpt2/hardware.nix b/nixosConfigurations/vinzenz-lpt2/hardware.nix deleted file mode 100644 index 175a168..0000000 --- a/nixosConfigurations/vinzenz-lpt2/hardware.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ pkgs, lib, ... }: -{ - # intel cpu - boot.kernelModules = [ - "kvm-intel" - "xe" - ]; - - networking = { - networkmanager.enable = true; - useDHCP = lib.mkDefault true; - }; - - boot = { - kernelPackages = pkgs.linuxPackages_zen; - supportedFilesystems = [ "btrfs" ]; - initrd = { - supportedFilesystems = [ "btrfs" ]; - availableKernelModules = [ - "xhci_pci" - "thunderbolt" - "nvme" - ]; - luks.devices = { - "luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3" = { - device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; - }; - }; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/E2B7-2BC1"; - fsType = "vfat"; - }; - }; - - swapDevices = [ - { - device = "/var/lib/swapfile"; - size = 32 * 1024; - } - ]; - - services.thermald.enable = true; - services.hardware.bolt.enable = true; # thunderbolt security - - hardware.bluetooth.enable = true; -} diff --git a/nixosConfigurations/vinzenz-pc2/hardware.nix b/nixosConfigurations/vinzenz-pc2/hardware.nix deleted file mode 100644 index 9e875c3..0000000 --- a/nixosConfigurations/vinzenz-pc2/hardware.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ pkgs, lib, ... }: -{ - # amd cpu - boot.kernelModules = [ "kvm-amd" ]; - - boot = { - initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "ahci" - "usbhid" - "sd_mod" - ]; # "usb_storage" - kernelPackages = pkgs.linuxPackages_zen; - supportedFilesystems = [ "btrfs" ]; - initrd.supportedFilesystems = [ "btrfs" ]; - loader.efi.efiSysMountPoint = "/boot"; - }; - - fileSystems = import ./fstab.nix; - swapDevices = [ ]; - - networking = { - networkmanager.enable = true; - useDHCP = lib.mkDefault true; - interfaces.eno1.wakeOnLan.enable = true; - }; - - hardware.bluetooth.enable = true; -} diff --git a/nixosModules/allowed-unfree-list.nix b/nixosModules/allowed-unfree-list.nix deleted file mode 100644 index 7bfa758..0000000 --- a/nixosModules/allowed-unfree-list.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ lib, config, ... }: -{ - options.allowedUnfreePackages = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - example = [ "steam" ]; - }; - - config = { - nixpkgs.config = { - # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085 - allowUnfreePredicate = lib.mkDefault ( - pkg: builtins.elem (lib.getName pkg) config.allowedUnfreePackages - ); - }; - }; -} diff --git a/nixosModules/amd-graphics.nix b/nixosModules/amd-graphics.nix deleted file mode 100644 index cca6393..0000000 --- a/nixosModules/amd-graphics.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ pkgs, ... }: -{ - boot.kernelModules = [ "amdgpu" ]; - services.xserver.videoDrivers = [ "amdgpu" ]; - - hardware = { - graphics.enable = true; - amdgpu = { - opencl.enable = true; - amdvlk = { - # TODO: this creates black borders around GNOME apps - # enable = true; - # support32Bit.enable = config.hardware.graphics.enable32Bit; - }; - overdrive.enable = true; - }; - }; - - environment.systemPackages = with pkgs; [ nvtopPackages.amd ]; -} diff --git a/nixosModules/autoupdate.nix b/nixosModules/autoupdate.nix deleted file mode 100644 index 0f26b7e..0000000 --- a/nixosModules/autoupdate.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - nix = { - optimise.automatic = true; - gc = { - automatic = true; - dates = "daily"; - options = "--delete-older-than 7d"; - }; - }; - - system.autoUpgrade = { - enable = true; - dates = "daily"; - # do not forget to set `flake` when using this module! - }; -} diff --git a/nixosModules/en-de.nix b/nixosModules/en-de.nix deleted file mode 100644 index a91780e..0000000 --- a/nixosModules/en-de.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ pkgs, ... }: -{ - i18n = { - defaultLocale = "en_US.UTF-8"; - extraLocales = [ - "de_DE.UTF-8/UTF-8" - ]; - extraLocaleSettings = { - LC_ADDRESS = "de_DE.UTF-8"; - LC_IDENTIFICATION = "de_DE.UTF-8"; - LC_MEASUREMENT = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - LC_NAME = "de_DE.UTF-8"; - LC_NUMERIC = "de_DE.UTF-8"; - LC_PAPER = "de_DE.UTF-8"; - LC_TELEPHONE = "de_DE.UTF-8"; - LC_TIME = "de_DE.UTF-8"; - }; - }; - - programs.firefox.languagePacks = [ - "en-US" - "de" - ]; - - environment.systemPackages = [ - pkgs.hunspell - pkgs.hunspellDicts.de-de - pkgs.hunspellDicts.en-us - ]; -} diff --git a/nixosModules/extra-caches.nix b/nixosModules/extra-caches.nix deleted file mode 100644 index 6af372f..0000000 --- a/nixosModules/extra-caches.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - nix.settings = { - substituters = [ - "https://cache.nixos.org/" - "https://nix-community.cachix.org" - "https://cache.lix.systems" - "https://niri.cachix.org" - ]; - trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" - "niri.cachix.org-1:Wv0OmO7PsuocRKzfDoJ3mulSl7Z6oezYhGhR+3W2964=" - ]; - }; -} diff --git a/nixosModules/firmware-updates.nix b/nixosModules/firmware-updates.nix deleted file mode 100644 index 8e81b72..0000000 --- a/nixosModules/firmware-updates.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - hardware = { - enableRedistributableFirmware = true; - cpu = { - amd.updateMicrocode = true; - intel.updateMicrocode = true; - }; - }; - - services.fwupd.enable = true; -} diff --git a/nixosModules/globalinstalls.nix b/nixosModules/globalinstalls.nix deleted file mode 100644 index 47fb343..0000000 --- a/nixosModules/globalinstalls.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - ncdu - glances - lsof - dig - screen - tldr - nix-output-monitor - ]; - - programs = { - zsh.enable = true; - htop.enable = true; - iotop.enable = true; - git.enable = true; - nano = { - enable = true; - syntaxHighlight = true; - }; - }; -} diff --git a/nixosModules/gnome.nix b/nixosModules/gnome.nix deleted file mode 100644 index 7a6f920..0000000 --- a/nixosModules/gnome.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: -{ - options.vinzenz = { - keep-gnome-default-apps = lib.mkEnableOption "keep gnome default apps"; - }; - - config = lib.mkMerge [ - { - services = { - xserver = { - # Enable the GNOME Desktop Environment. - desktopManager.gnome = { - enable = true; - extraGSettingsOverridePackages = [ pkgs.mutter ]; - extraGSettingsOverrides = '' - [org.gnome.mutter] - experimental-features=['scale-monitor-framebuffer'] - ''; - }; - displayManager.gdm.enable = true; - excludePackages = [ pkgs.xterm ]; - }; - - displayManager.defaultSession = "gnome"; - - gnome = { - tinysparql.enable = false; - localsearch.enable = false; - sushi.enable = true; - }; - }; - - programs = { - dconf.enable = true; - gpaste.enable = true; - }; - } - (lib.mkIf (!config.vinzenz.keep-gnome-default-apps) { - environment.gnome.excludePackages = with pkgs; [ - cheese # photo booth - epiphany # web browser - evince # document viewer - geary # email client - gnome-maps - gnome-weather - gnome-tour - sysprof - orca # screen reader - gnome-weather - gnome-backgrounds - gnome-user-docs - yelp # help app - gnome-music - totem # video player - snapshot # camera - baobab # disk usage - ]; - }) - ]; -} diff --git a/nixosModules/kdeconnect.nix b/nixosModules/kdeconnect.nix deleted file mode 100644 index 16b669f..0000000 --- a/nixosModules/kdeconnect.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: -{ - config = lib.mkMerge [ - { - networking.firewall = - let - kdeconnect-range = { - from = 1714; - to = 1764; - }; - in - { - allowedTCPPortRanges = [ kdeconnect-range ]; - allowedUDPPortRanges = [ kdeconnect-range ]; - }; - - programs.kdeconnect.enable = true; - home-manager.sharedModules = [ - { - services.kdeconnect = { - enable = true; - # this still shows up in gnome session starting with 25.05 - # indicator = true; - }; - } - ]; - } - - (lib.mkIf config.services.xserver.desktopManager.gnome.enable { - # replace kdeconnect with gsconnect - programs.kdeconnect.package = pkgs.gnomeExtensions.gsconnect; - - home-manager.sharedModules = [ - ( - { pkgs, ... }: - { - home.packages = [ pkgs.gnomeExtensions.gsconnect ]; - # enable gsconnect extension - dconf.settings = { - "org/gnome/shell".enabled-extensions = [ "gsconnect@andyholmes.github.io" ]; - "org/gnome/shell/extensions/gsconnect".enabled = true; - }; - } - ) - ]; - }) - ]; -} diff --git a/nixosModules/lix-is-nix.nix b/nixosModules/lix-is-nix.nix deleted file mode 100644 index 3480d06..0000000 --- a/nixosModules/lix-is-nix.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: -{ - nixpkgs.overlays = [ - (final: prev: { - inherit (prev.lixPackageSets.stable) - nixpkgs-review - nix-eval-jobs - nix-fast-build - colmena - ; - }) - ]; - - nix.package = pkgs.lixPackageSets.latest.lix; -} diff --git a/nixosModules/modern-desktop.nix b/nixosModules/modern-desktop.nix deleted file mode 100644 index f1879bd..0000000 --- a/nixosModules/modern-desktop.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ - services = { - xserver.enable = true; - libinput.enable = true; - flatpak.enable = true; - fstrim.enable = true; - earlyoom = { - enable = true; - freeMemThreshold = 5; - }; - }; - - # Enable sound with pipewire. - security.rtkit.enable = true; - services = { - pulseaudio.enable = false; - pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - #jack.enable = true; - }; - }; - - systemd = { - # save some boot time because nothing actually requires network connectivity - services.NetworkManager-wait-online.enable = false; - - # prevent stuck units from preventing shutdown (default is 120s) - extraConfig = '' - DefaultTimeoutStopSec=10s - ''; - }; - - programs = { - xwayland.enable = true; - - appimage = { - enable = true; - binfmt = true; - }; - }; - - system.autoUpgrade = { - allowReboot = false; - operation = "boot"; - }; -} diff --git a/nixosModules/nix-ld.nix b/nixosModules/nix-ld.nix deleted file mode 100644 index 382aa3d..0000000 --- a/nixosModules/nix-ld.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ pkgs, ... }: -{ - programs.nix-ld = { - enable = true; - libraries = with pkgs; [ - stdenv.cc.cc - zlib - zstd - curl - openssl - attr - libssh - bzip2 - libxml2 - acl - libsodium - util-linux - xz - systemd - ]; - }; -} diff --git a/nixosModules/openssh.nix b/nixosModules/openssh.nix deleted file mode 100644 index ed24fe2..0000000 --- a/nixosModules/openssh.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - services.openssh = { - enable = true; - openFirewall = true; - settings = { - PermitRootLogin = "without-password"; - PasswordAuthentication = false; - KbdInteractiveAuthentication = false; - }; - }; -} diff --git a/nixosModules/printing.nix b/nixosModules/printing.nix deleted file mode 100644 index c85edd7..0000000 --- a/nixosModules/printing.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - services = { - # Enable CUPS to print documents. - printing.enable = true; - - avahi = { - enable = true; # runs the Avahi daemon - nssmdns4 = true; # enables the mDNS NSS plug-in - openFirewall = true; # opens the firewall for UDP port 5353 - }; - }; -} diff --git a/nixosModules/quiet-boot.nix b/nixosModules/quiet-boot.nix deleted file mode 100644 index 8dbcd57..0000000 --- a/nixosModules/quiet-boot.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - boot = { - kernelParams = [ - "quiet" - "udev.log_level=3" - ]; - consoleLogLevel = 0; - initrd.verbose = false; - plymouth.enable = true; - }; -} diff --git a/nixosModules/steam.nix b/nixosModules/steam.nix deleted file mode 100644 index b0991e6..0000000 --- a/nixosModules/steam.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - hardware.steam-hardware.enable = true; - - programs = { - steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - localNetworkGameTransfers.openFirewall = true; - gamescopeSession.enable = false; - }; - gamemode.enable = true; - }; - - # steam network transfer - networking.firewall = { - allowedUDPPorts = [ 3478 ]; - allowedTCPPorts = [ 24070 ]; - - allowedTCPPortRanges = [ - { - from = 27015; - to = 27050; - } - ]; - - allowedUDPPortRanges = [ - { - from = 4379; - to = 4380; - } - { - from = 27000; - to = 27100; - } - ]; - }; - - allowedUnfreePackages = [ - "steam" - "steam-original" - "steam-run" - "steam-unwrapped" - ]; -} diff --git a/nixosModules/systemd-boot.nix b/nixosModules/systemd-boot.nix deleted file mode 100644 index 321a26c..0000000 --- a/nixosModules/systemd-boot.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - boot.loader = { - timeout = 3; - efi.canTouchEfiVariables = true; - systemd-boot = { - enable = true; - editor = false; # do not allow changing kernel parameters - consoleMode = "max"; - }; - }; -} diff --git a/nixosModules/tailscale.nix b/nixosModules/tailscale.nix deleted file mode 100644 index e51ee7f..0000000 --- a/nixosModules/tailscale.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ - services.tailscale = { - enable = true; - openFirewall = true; - }; - - networking.firewall.checkReversePath = "loose"; -} diff --git a/nixosModules/user-ronja.nix b/nixosModules/user-ronja.nix deleted file mode 100644 index b374ab9..0000000 --- a/nixosModules/user-ronja.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ pkgs, ... }: -{ - users.users.ronja = { - isNormalUser = true; - name = "ronja"; - description = "Ronja"; - home = "/home/ronja"; - extraGroups = [ - "networkmanager" - "wheel" - "games" - "podman" - "openvscode-server" - ]; - shell = pkgs.zsh; - }; - - nix.settings.trusted-users = [ "ronja" ]; -} diff --git a/nixosModules/user-vinzenz.nix b/nixosModules/user-vinzenz.nix deleted file mode 100644 index b48e750..0000000 --- a/nixosModules/user-vinzenz.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ pkgs, ... }: -{ - users.users.vinzenz = { - isNormalUser = true; - name = "vinzenz"; - description = "Vinzenz"; - home = "/home/vinzenz"; - extraGroups = [ - "networkmanager" - "wheel" - "games" - "dialout" - "podman" - "nginx" - "adbusers" - "kvm" - "input" - "video" - ]; - shell = pkgs.zsh; - autoSubUidGidRange = true; - }; - - nix.settings.trusted-users = [ "vinzenz" ]; - - allowedUnfreePackages = [ - "rider" - "pycharm-professional" - "jetbrains-toolbox" - - "anydesk" - - "vscode-extension-ms-dotnettools-csharp" - ]; -} diff --git a/nixosModules/vinzenz-desktop-settings.nix b/nixosModules/vinzenz-desktop-settings.nix deleted file mode 100644 index 24b4b4f..0000000 --- a/nixosModules/vinzenz-desktop-settings.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ pkgs, ... }: -{ - programs.firefox.enable = true; - - environment.systemPackages = with pkgs; [ - lm_sensors - libreoffice-qt6 - ]; - - fonts = { - enableDefaultPackages = true; - fontconfig.defaultFonts.monospace = [ "FiraCode Nerd Font" ]; - packages = with pkgs; [ - nerd-fonts.fira-code - roboto-mono - recursive - ]; - }; - - hardware.logitech.wireless = { - enable = true; - enableGraphical = true; - }; - - # RDP connections - services.gnome.gnome-remote-desktop.enable = true; - networking.firewall.allowedTCPPorts = [ 3389 ]; -} diff --git a/nixosModules/wine-gaming.nix b/nixosModules/wine-gaming.nix deleted file mode 100644 index 2b9cb51..0000000 --- a/nixosModules/wine-gaming.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ pkgs, ... }: -{ - hardware = { - graphics = { - enable32Bit = true; - extraPackages = with pkgs; [ mangohud ]; - extraPackages32 = with pkgs; [ mangohud ]; - }; - - xpadneo.enable = true; - }; - - environment.systemPackages = with pkgs; [ - wineWowPackages.stagingFull - wineWowPackages.fonts - winetricks - dxvk - mangohud - vulkan-tools - glxinfo - ]; -}