pagedmov/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

formatted all files with nixfmt, added env variable to hold secrets

Browse Source
This commit is contained in:
pagedmov
2024-11-09 16:20:27 -05:00
parent d38da56ba2
commit 2a1ba18c09
93 changed files with 948 additions and 1254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
hosts/desktop/config.nix
View File

@@ -1,7 +1,5 @@
{pkgs, username, ...}: {
imports = [
./hardware.nix
];
{ pkgs, username, ... }: {
imports = [ ./hardware.nix ];
# My module options
movOpts = {
@@ -28,8 +26,8 @@
nix = {
settings = {
auto-optimise-store = true;
experimental-features = ["nix-command" "flakes"];
substituters = ["https://nix-gaming.cachix.org"];
experimental-features = [ "nix-command" "flakes" ];
substituters = [ "https://nix-gaming.cachix.org" ];
};
gc = {
automatic = true;
@@ -39,31 +37,26 @@
};
environment = {
variables = {
PATH = "${pkgs.clang-tools}/bin:$PATH";
};
shells = with pkgs; [
zsh
bash
];
variables = { PATH = "${pkgs.clang-tools}/bin:$PATH"; };
shells = with pkgs; [ zsh bash ];
};
users = {
groups.persist = {};
groups.persist = { };
users = {
root.initialPassword = "1234";
${username} = {
isNormalUser = true;
initialPassword = "1234";
shell = pkgs.zsh;
extraGroups = ["wheel" "persist" "libvirtd"];
extraGroups = [ "wheel" "persist" "libvirtd" ];
};
};
};
security.sudo.extraConfig = ''
${username} ALL=(ALL) NOPASSWD: /etc/profiles/per-user/${username}/bin/rebuild
'';
nix.settings.allowed-users = ["${username}"];
nix.settings.allowed-users = [ "${username}" ];
time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8";

28
hosts/desktop/hardware.nix
View File

@@ -1,21 +1,14 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
{ config, lib, pkgs, modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-partlabel/disk-main-root";
@@ -30,7 +23,7 @@
fileSystems."/boot" = {
device = "/dev/disk/by-partlabel/disk-main-ESP";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
options = [ "fmask=0077" "dmask=0077" ];
};
fileSystems."/home" = {
@@ -38,7 +31,7 @@
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@@ -49,5 +42,6 @@
# networking.interfaces.wlp15s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

209
hosts/installer/default.nix
View File

@@ -1,10 +1,5 @@
{
lib,
pkgs,
modulesPath,
inputs,
...
}: let
{ lib, pkgs, modulesPath, inputs, ... }:
let
extraFigletFonts = pkgs.fetchFromGitHub {
owner = "xero";
repo = "figlet-fonts";
@@ -12,7 +7,7 @@
sha256 = "sha256-dAs7N66D2Fpy4/UB5Za1r2qb1iSAJR6TMmau1asxgtY=";
};
toilet-extrafonts = pkgs.toilet.overrideAttrs (oldAttrs: {
buildInputs = oldAttrs.buildInputs or [] ++ [extraFigletFonts];
buildInputs = oldAttrs.buildInputs or [ ] ++ [ extraFigletFonts ];
installPhase = ''
make install PREFIX=$out
@@ -28,11 +23,7 @@ in {
];
nixpkgs.hostPlatform = "x86_64-linux";
system.stateVersion = "24.05";
nix = {
settings = {
experimental-features = ["nix-command" "flakes"];
};
};
nix = { settings = { experimental-features = [ "nix-command" "flakes" ]; }; };
networking = {
wireless.enable = false;
@@ -65,11 +56,9 @@ in {
home-manager = {
users.root = {
programs.home-manager.enable = true;
home= {
home = {
stateVersion = "24.05";
file = {
"disko.nix".source = ./disko-ext4-singledisk.nix;
};
file = { "disko.nix".source = ./disko-ext4-singledisk.nix; };
};
};
};
@@ -81,106 +70,106 @@ in {
programs = {
zsh = {
enable = true;
ohMyZsh = {
enable = true;
plugins = ["git" "fzf"];
};
enableCompletion = true;
ohMyZsh = {
enable = true;
plugins = [ "git" "fzf" ];
};
histFile = "$HOME/.zsh_history";
histSize = 10000;
enableCompletion = true;
autosuggestions = {
enable = true;
highlightStyle = "fg=#4C566A,underline";
};
histFile = "$HOME/.zsh_history";
histSize = 10000;
shellAliases = {
grep = "grep --color=auto";
vi = "nvim";
mv = "mv -v";
cp = "cp -vr";
".." = "cd ..";
psg = "ps aux | grep -v grep | grep -i -e VSZ -e";
mkdir = "mkdir -p";
pk = "pkill -9 -f";
svc = "sudo systemctl";
};
promptInit = ''
bindkey -v
type starship_zle-keymap-select >/dev/null || \
{
eval "$(starship init zsh)"
}
'';
setOptions = [
"APPEND_HISTORY"
"INC_APPEND_HISTORY"
"SHARE_HISTORY"
"CORRECT"
"NO_NOMATCH"
"LIST_PACKED"
"ALWAYS_TO_END"
"GLOB_COMPLETE"
"COMPLETE_ALIASES"
"COMPLETE_IN_WORD"
"AUTO_CD"
"AUTO_CONTINUE"
"LONG_LIST_JOBS"
"HIST_VERIFY"
"SHARE_HISTORY"
"HIST_IGNORE_SPACE"
"HIST_SAVE_NO_DUPS"
"HIST_IGNORE_ALL_DUPS"
"EXTENDED_GLOB"
"TRANSIENT_RPROMPT"
"INTERACTIVE_COMMENTS"
];
shellInit = ''
export EDITOR="nvim"
export SUDO_EDITOR="nvim"
export VISUAL="nvim"
export LANG="en_US.UTF-8"
autosuggestions = {
enable = true;
highlightStyle = "fg=#4C566A,underline";
};
unalias ls
ls() {
eza -1 --group-directories-first --icons "$@"
}
shellAliases = {
grep = "grep --color=auto";
vi = "nvim";
mv = "mv -v";
cp = "cp -vr";
".." = "cd ..";
psg = "ps aux | grep -v grep | grep -i -e VSZ -e";
mkdir = "mkdir -p";
pk = "pkill -9 -f";
svc = "sudo systemctl";
};
promptInit = ''
bindkey -v
type starship_zle-keymap-select >/dev/null || \
{
eval "$(starship init zsh)"
}
'';
setOptions = [
"APPEND_HISTORY"
"INC_APPEND_HISTORY"
"SHARE_HISTORY"
"CORRECT"
"NO_NOMATCH"
"LIST_PACKED"
"ALWAYS_TO_END"
"GLOB_COMPLETE"
"COMPLETE_ALIASES"
"COMPLETE_IN_WORD"
"AUTO_CD"
"AUTO_CONTINUE"
"LONG_LIST_JOBS"
"HIST_VERIFY"
"SHARE_HISTORY"
"HIST_IGNORE_SPACE"
"HIST_SAVE_NO_DUPS"
"HIST_IGNORE_ALL_DUPS"
"EXTENDED_GLOB"
"TRANSIENT_RPROMPT"
"INTERACTIVE_COMMENTS"
];
shellInit = ''
export EDITOR="nvim"
export SUDO_EDITOR="nvim"
export VISUAL="nvim"
export LANG="en_US.UTF-8"
y() {
local tmp="$(mktemp -t "yazi-cwd.XXXXXX")"
yazi "$@" --cwd-file="$tmp"
if cwd="$(command cat -- "$tmp")" && [ -n "$cwd" ] && [ "$cwd" != "$PWD" ]; then
builtin cd -- "$cwd"
fi
rm -f -- "$tmp"
}
unalias ls
ls() {
eza -1 --group-directories-first --icons "$@"
}
cd() {
export SOUNDS_ENABLED=0
eza -1 --group-directories-first --icons "$@"
builtin cd "$@" || exit
export SOUNDS_ENABLED=1
}
if [ ! -e $HOME/.zsh_history ]; then
touch $HOME/.zsh_history
chmod 600 $HOME/.zsh_history
fi
y() {
local tmp="$(mktemp -t "yazi-cwd.XXXXXX")"
yazi "$@" --cwd-file="$tmp"
if cwd="$(command cat -- "$tmp")" && [ -n "$cwd" ] && [ "$cwd" != "$PWD" ]; then
builtin cd -- "$cwd"
fi
rm -f -- "$tmp"
}
autoload -U compinit # completion
autoload -U terminfo # terminfo keys
zmodload -i zsh/complist # menu completion
autoload -U promptinit # prompt
cd() {
export SOUNDS_ENABLED=0
eza -1 --group-directories-first --icons "$@"
builtin cd "$@" || exit
export SOUNDS_ENABLED=1
}
if [ ! -e $HOME/.zsh_history ]; then
touch $HOME/.zsh_history
chmod 600 $HOME/.zsh_history
fi
autoload -U up-line-or-beginning-search; zle -N up-line-or-beginning-search
autoload -U down-line-or-beginning-search; zle -N down-line-or-beginning-search
autoload -U compinit # completion
autoload -U terminfo # terminfo keys
zmodload -i zsh/complist # menu completion
autoload -U promptinit # prompt
unalias ls
clear
'';
autoload -U up-line-or-beginning-search; zle -N up-line-or-beginning-search
autoload -U down-line-or-beginning-search; zle -N down-line-or-beginning-search
unalias ls
clear
'';
};
starship = {
enable = true;
@@ -201,7 +190,9 @@ in {
format = "[$user]($style)";
};
directory = {
format = "\n[$path](bold cyan)[/](bold green) ";
format = ''
[$path](bold cyan)[/](bold green) '';
style = "bold #b4befe";
};
@@ -220,7 +211,9 @@ in {
};
git_branch = {
format = "\non [$symbol$branch](bold purple)";
format = ''
on [$symbol$branch](bold purple)'';
symbol = " ";
truncation_length = 15;
style = "bold purple";

10
hosts/installer/disko-ext4-singledisk.nix
View File

@@ -1,11 +1,7 @@
# USAGE in your configuration.nix.
# Update devices to match your hardware.
{
device ? throw "Set this to your disk device, e.g. /dev/sda",
root_size,
nix_size,
...
}: {
{ device ? throw "Set this to your disk device, e.g. /dev/sda", root_size
, nix_size, ... }: {
disko.devices = {
disk = {
main = {
@@ -25,7 +21,7 @@
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
mountOptions = [ "umask=0077" ];
};
};
nix = {

32
hosts/laptop/config.nix
View File

@@ -1,18 +1,11 @@
{pkgs, config, ...}: {
imports = [
./hardware.nix
./home.nix
];
{ pkgs, config, ... }: {
imports = [ ./hardware.nix ./home.nix ];
powerProfiles.enable = true;
boot = {
kernelModules = ["acpi_call"];
kernelModules = [ "acpi_call" ];
extraModulePackages = with config.boot.kernelPackages;
[
acpi_call
cpupower
]
++ [pkgs.cpupower-gui];
[ acpi_call cpupower ] ++ [ pkgs.cpupower-gui ];
};
networkModule.enable = true;
@@ -26,20 +19,9 @@
sysServices.enable = true;
environment = {
variables = {
PATH = "${pkgs.clang-tools}/bin:$PATH";
};
shells = with pkgs; [
zsh
bash
];
systemPackages = with pkgs; [
acpi
brightnessctl
cpupower-gui
powertop
];
variables = { PATH = "${pkgs.clang-tools}/bin:$PATH"; };
shells = with pkgs; [ zsh bash ];
systemPackages = with pkgs; [ acpi brightnessctl cpupower-gui powertop ];
};
}

28
hosts/laptop/hardware.nix
View File

@@ -1,21 +1,14 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
{ config, lib, pkgs, modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/sda4";
@@ -30,7 +23,7 @@
fileSystems."/boot" = {
device = "/dev/sda2";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
options = [ "fmask=0077" "dmask=0077" ];
};
fileSystems."/home" = {
@@ -38,7 +31,7 @@
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@@ -49,5 +42,6 @@
# networking.interfaces.wlp15s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

20
hosts/server/config.nix
View File

@@ -1,12 +1,5 @@
{
pkgs,
username,
...
}: {
imports = [
./hardware.nix
./home.nix
];
{ pkgs, username, ... }: {
imports = [ ./hardware.nix ./home.nix ];
movOpts = {
nixSettings.enable = true;
networkModule.enable = true;
@@ -18,9 +11,7 @@
jellyfinConfig.enable = true;
caddyConfig.enable = true;
};
networking.firewall = {
allowedTCPPorts = [ 443 8920 ];
};
networking.firewall = { allowedTCPPorts = [ 443 8920 ]; };
environment = {
etc."tmpfiles.d/home-permissions.conf".text = ''
d /home/pagedmov 0750 pagedmov users -
@@ -29,9 +20,6 @@
PATH = "${pkgs.clang-tools}/bin:$PATH";
TERM = "kitty";
};
shells = with pkgs; [
zsh
bash
];
shells = with pkgs; [ zsh bash ];
};
}

44
hosts/server/hardware.nix
View File

@@ -4,35 +4,34 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/c40b3b09-688d-4fe3-96f9-8e3d75b0a7b7";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/c40b3b09-688d-4fe3-96f9-8e3d75b0a7b7";
fsType = "ext4";
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/1048d206-0a27-4e4e-b9a4-4f068bab5439";
fsType = "ext4";
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/1048d206-0a27-4e4e-b9a4-4f068bab5439";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/357E-BCCD";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/357E-BCCD";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/b53ab583-f32e-4144-a2ee-f341e54f8233";
fsType = "ext4";
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/b53ab583-f32e-4144-a2ee-f341e54f8233";
fsType = "ext4";
};
swapDevices = [ ];
@@ -45,5 +44,6 @@
# networking.interfaces.wlp11s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}