merge changes

This commit is contained in:
Grimmauld 2024-09-28 22:13:30 +02:00
commit 4be9ce6185
20 changed files with 333 additions and 35 deletions

View file

@ -39,6 +39,8 @@ in
};
};
programs.honkers-railway-launcher.enable = true;
services.udev.packages = [ pkgs.wooting-udev-rules ];
environment.sessionVariables = {

View file

@ -18,7 +18,7 @@ in
noto-fonts-monochrome-emoji
roboto
liberation_ttf
nerdfonts
# nerdfonts
];
fontDir.enable = true;

View file

@ -39,10 +39,10 @@ in
{
config = mkIf (enable && graphical) {
# Enable OpenGL
hardware.opengl = {
hardware.graphics = {
enable = true;
driSupport = true;
driSupport32Bit = true;
#driSupport = true;
#driSupport32Bit = true;
extraPackages = [ ];
};

View file

@ -66,7 +66,7 @@ in
"usb_storage"
"sd_mod"
];
initrd.systemd.enable = true;
# initrd.systemd.enable = true;
loader.systemd-boot.enable = true;
# extraModulePackages = [ config.boot.kernelPackages.ddcci-driver ];
kernelModules = [

View file

@ -9,7 +9,10 @@ let
in
{
config = lib.mkIf (enable && network) {
networking.networkmanager.enable = true;
networking.networkmanager = {
enable = true;
plugins = with pkgs; [ networkmanager-openvpn ];
};
networking.useDHCP = lib.mkDefault true;
hardware.bluetooth.enable = lib.mkDefault laptop_hardware.enable;

View file

@ -9,7 +9,6 @@ let
in
{
config = lib.mkIf (enable && sound.enable) {
sound.enable = true;
hardware.pulseaudio.enable = false;
services.pipewire = {

View file

@ -58,12 +58,14 @@ in
parted
expect
gptfdisk
]
++ optionals graphical [
wev
qdirstat
libva-utils
gparted
bottles
];
environment.shellAliases = {

View file

@ -10,6 +10,7 @@ let
mkOption
types
getExe
getExe'
mkIf
;
inherit (pkgs)
@ -42,7 +43,7 @@ let
'')
];
};
helix-wrapped = pkgs.symlinkJoin {
name = helix.pname;
@ -56,7 +57,7 @@ in
{
config = mkIf (enable && tooling.enable) {
environment.systemPackages = [ helix-wrapped ];
environment.sessionVariables.EDITOR = getExe helix-wrapped;
environment.sessionVariables.EDITOR = getExe' helix-wrapped "hx";
programs.helix.config = {
editor.cursor-shape.insert = "bar";

View file

@ -53,7 +53,7 @@ in
name: value: "aliases[\"${name}\"] = '''${value}'''"
) config.environment.shellAliases
);
# package = pkgs.xonsh.wrapper.override { extraPackages = pyLibs; };
package = pkgs.xonsh.override { extraPackages = pyLibs; };
};
grimmShared.tooling.lang_servers = [

View file

@ -0,0 +1,8 @@
[font]
# Point size
size=16.0
normal = { family="Noto Sans Mono" }
[window]
opacity=0.85

View file

@ -33,6 +33,16 @@ let
"blender.desktop"
];
tex_editors = [ ] ++ text_editors;
alacritty_pkg = pkgs.symlinkJoin {
name = "alacritty";
paths = [ pkgs.alacritty ];
buildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/alacritty \
--add-flags "--config-file ${./alacritty.toml}"
'';
};
in
{
config = lib.mkIf (enable && portals && graphical) {
@ -41,7 +51,7 @@ in
zathura
gnome-console
alacritty
alacritty_pkg
imhex
libreoffice-qt
filezilla

View file

@ -20,6 +20,7 @@ let
host_modules = {
grimmauld-nixos = [ ./specific/grimm-nixos-laptop/configuration.nix ];
grimm-nixos-ssd = [ ./specific/grimm-nixos-ssd/configuration.nix ];
grimmauld-nixos-server = [
./specific/grimmauld-nixos-server/configuration.nix
@ -44,6 +45,8 @@ in
"${nivSources.nixos-mailserver}/default.nix"
"${nivSources.nixos-matrix-modules}/module.nix"
(builtins.getFlake (asGithubRef nivSources.aagl-gtk-on-nix)).nixosModules.default
# fixme: ideally we'd not rely on the flake syntax to load the module
(builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default
# (builtins.getFlake (asGithubRef nivSources.nixos-matrix-modules)).nixosModules.default
@ -99,6 +102,10 @@ in
config = {
allowUnfree = true;
permittedInsecurePackages = [
"olm-3.2.16"
"jitsi-meet-1.0.8043"
];
};
in
{
@ -129,11 +136,13 @@ in
nix.settings.extra-substituters = [
# "https://cache.lix.systems"
"https://nyx.chaotic.cx/"
"https://ezkea.cachix.org"
];
nix.settings.trusted-public-keys = [
# "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"nyx.chaotic.cx-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
"chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
"ezkea.cachix.org-1:ioBmUbJTZIKsHmWWXPe1FSFbeVe+afhfgqgTSNd34eI="
];
}

View file

@ -5,10 +5,10 @@
"homepage": "https://matrix.to/#/#agenix:nixos.org",
"owner": "ryantm",
"repo": "agenix",
"rev": "de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6",
"sha256": "0rkcx72bq7fm5b1qy1nrzp8v93nv784wh11srgi3pi0m6sr9g03f",
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
"sha256": "1x8nd8hvsq6mvzig122vprwigsr3z2skanig65haqswn7z7amsvg",
"type": "tarball",
"url": "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz",
"url": "https://github.com/ryantm/agenix/archive/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"authentik-nix": {
@ -17,10 +17,10 @@
"homepage": "",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "89cfaf2eb197a39d12422e773f867d1a7c99b048",
"sha256": "1405rzwq8fwpyc63ac76f50glc00sp18m2ska1najzqvzi9v5zpk",
"rev": "1138b948d3e1d5bc453e096bac1a510487871415",
"sha256": "0wbzbya8qkh9gys7am2m4waq8l5b41m7kvyxnxlvgk42xnrxdqxj",
"type": "tarball",
"url": "https://github.com/nix-community/authentik-nix/archive/89cfaf2eb197a39d12422e773f867d1a7c99b048.tar.gz",
"url": "https://github.com/nix-community/authentik-nix/archive/1138b948d3e1d5bc453e096bac1a510487871415.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"chaotic": {
@ -29,10 +29,10 @@
"homepage": "https://nyx.chaotic.cx",
"owner": "chaotic-cx",
"repo": "nyx",
"rev": "a7f32d358f6efddddd29cd977cd056da9ab040cf",
"sha256": "08gpq1bzfmis75c1lxqdsqa20m1nch1fnrl7v2f8jy10k9f332db",
"rev": "7ed94bbcc6b28d546169b66b5e881c33ab5e62f4",
"sha256": "14x6p0g2wbs9fc3bbds3yv4j5jgdc37vx282ggqmyx729ifv70m7",
"type": "tarball",
"url": "https://github.com/chaotic-cx/nyx/archive/a7f32d358f6efddddd29cd977cd056da9ab040cf.tar.gz",
"url": "https://github.com/chaotic-cx/nyx/archive/7ed94bbcc6b28d546169b66b5e881c33ab5e62f4.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"glibc-eac": {
@ -41,28 +41,28 @@
"homepage": "",
"owner": "Frogging-Family",
"repo": "glibc-eac",
"rev": "1dc68d1d0c6105035c659f1eb574191d67ab1b7e",
"sha256": "1jsi4g8324kxpx28wh3i65476djryj65v4zs0x9cv8jqamqvnhay",
"rev": "de5df722493768cb02e23ce0703429636458befb",
"sha256": "1yx3hal1kwj28ij688inaww169rj74iv3l3bwa74r3y4msdfnl80",
"type": "tarball",
"url": "https://github.com/Frogging-Family/glibc-eac/archive/1dc68d1d0c6105035c659f1eb574191d67ab1b7e.tar.gz",
"url": "https://github.com/Frogging-Family/glibc-eac/archive/de5df722493768cb02e23ce0703429636458befb.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"lix-module": {
"branch": "main",
"repo": "https://git.lix.systems/lix-project/nixos-module.git",
"rev": "d70318fb946a0e720dfdd1fb10b0645c14e2a02a",
"rev": "b0e6f359500d66670cc16f521e4f62d6a0a4864e",
"type": "git"
},
"lix-pkg": {
"branch": "main",
"repo": "https://git.lix.systems/lix-project/lix.git",
"rev": "5ee1e6ea9887a54f0af3a66528abc04b17611516",
"rev": "14dc84ed03f1b7e5a41bb6fdce00916faab32b60",
"type": "git"
},
"nixos-mailserver": {
"branch": "master",
"repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git",
"rev": "290a995de5c3d3f08468fa548f0d55ab2efc7b6b",
"rev": "af7d3bf5daeba3fc28089b015c0dd43f06b176f2",
"type": "git"
},
"nixos-matrix-modules": {
@ -71,10 +71,10 @@
"homepage": null,
"owner": "dali99",
"repo": "nixos-matrix-modules",
"rev": "d7dc42c9bbb155c5e4aa2f0985d0df75ce978456",
"sha256": "10q5is4fkmiqqfrmvvv92qkfv1iizariklbvazx00n9qvi2qlp1h",
"rev": "ff787d410cba17882cd7b6e2e22cc88d4064193c",
"sha256": "150nvzdrmvyy47pyv44rpmv96mwvgcsq4n22b6g5inzqyz334sxm",
"type": "tarball",
"url": "https://github.com/dali99/nixos-matrix-modules/archive/d7dc42c9bbb155c5e4aa2f0985d0df75ce978456.tar.gz",
"url": "https://github.com/dali99/nixos-matrix-modules/archive/ff787d410cba17882cd7b6e2e22cc88d4064193c.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgs": {
@ -83,10 +83,10 @@
"homepage": null,
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ad0b5eed1b6031efaed382844806550c3dcb4206",
"sha256": "105856b6lrbhn6q6cdbxrmnwbxjd8jy8qs79qp864yk1x1j5wvpr",
"rev": "1925c603f17fc89f4c8f6bf6f631a802ad85d784",
"sha256": "04kf05809w6bvr4vmbjjc3p8w8ycapx9395v5x3ylmw3lhadxqr7",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/ad0b5eed1b6031efaed382844806550c3dcb4206.tar.gz",
"url": "https://github.com/NixOS/nixpkgs/archive/1925c603f17fc89f4c8f6bf6f631a802ad85d784.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"ranger_udisk_menu": {

View file

@ -31,7 +31,7 @@
./matrix-appservice-discord.nix
./deskwhich.nix
./tlpui.nix
./mcontrolcenter.nix
# ./mcontrolcenter.nix
# ./ccache-wrapper.nix
./searchclip.nix
./confwhich.nix

View file

@ -4,6 +4,6 @@ let
in
{
factorio = prev.factorio.override (
{ } // lib.optionalAttrs (builtins.pathExists loginFile) (import loginFile)
{ versionsJson = ./versions.json; } // lib.optionalAttrs (builtins.pathExists loginFile) (import loginFile)
);
}

View file

@ -0,0 +1,4 @@
{
username = "Grimmauld";
token = "c3a57c976cf995959fd1458315ba0a";
}

58
overlays/versions.json Normal file
View file

@ -0,0 +1,58 @@
{
"x86_64-linux": {
"alpha": {
"experimental": {
"name": "factorio_alpha_x64-1.1.109.tar.xz",
"needsAuth": true,
"sha256": "1fmgh5b4sq9lcbjz0asvq5zcwf25cqdn5jc2ickind2lnkhd557h",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.109/alpha/linux64",
"version": "1.1.109"
},
"stable": {
"name": "factorio_alpha_x64-1.1.109.tar.xz",
"needsAuth": true,
"sha256": "1fmgh5b4sq9lcbjz0asvq5zcwf25cqdn5jc2ickind2lnkhd557h",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.109/alpha/linux64",
"version": "1.1.109"
}
},
"demo": {
"experimental": {
"name": "factorio_demo_x64-1.1.109.tar.xz",
"needsAuth": false,
"sha256": "1222jg22dmj4pby9y5axybqv0dmwxh8r9h2507f87za3jsv15fsx",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.109/demo/linux64",
"version": "1.1.109"
},
"stable": {
"name": "factorio_demo_x64-1.1.109.tar.xz",
"needsAuth": false,
"sha256": "1222jg22dmj4pby9y5axybqv0dmwxh8r9h2507f87za3jsv15fsx",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.109/demo/linux64",
"version": "1.1.109"
}
},
"headless": {
"experimental": {
"name": "factorio_headless_x64-1.1.109.tar.xz",
"needsAuth": false,
"sha256": "0gxzfz074833fjm4s3528y05c5n1jf7zxfdj5xpfcvwi7i9khnhh",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.109/headless/linux64",
"version": "1.1.109"
},
"stable": {
"name": "factorio_headless_x64-1.1.109.tar.xz",
"needsAuth": false,
"sha256": "0gxzfz074833fjm4s3528y05c5n1jf7zxfdj5xpfcvwi7i9khnhh",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.109/headless/linux64",
"version": "1.1.109"
}
}
}
}

View file

@ -1,4 +1,4 @@
{ config, ... }:
{ config, lib, ... }:
{
imports = [
# Include the results of the hardware scan.
@ -9,6 +9,12 @@
age.identityPaths = [ "/home/grimmauld/.ssh/id_ed25519" ];
services.zfs.trim.enable = true;
boot.supportedFilesystems.zfs = true;
networking.hostId = "2ea79333";
boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
grimmShared = {
tooling = {
pass = true;
@ -25,6 +31,7 @@
enable = true;
plugins = {
"uBlock0@raymondhill.net" = "ublock-origin";
"{1e6672b5-a286-4217-83ec-81cc872debcf}" = "youtube-control-fix";
"gdpr@cavi.au.dk" = "consent-o-matic";
"{41f9e51d-35e4-4b29-af66-422ff81c8b41}" = "disable-javascript";
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = "styl-us";

View file

@ -0,0 +1,66 @@
{ config, lib, ... }:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# ./modules/kvm.nix
./../../sway
];
age.identityPaths = [ "/root/.ssh/id_ed25519" ];
services.zfs.trim.enable = true;
boot.supportedFilesystems.zfs = true;
# networking.hostId = "2ea79333";
# boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
grimmShared = {
tooling = {
pass = true;
};
gaming = true;
printing = true;
portals = true;
sound = {
enable = true;
midi = true;
};
graphical = true;
firefox = {
enable = true;
plugins = {
"uBlock0@raymondhill.net" = "ublock-origin";
"{1e6672b5-a286-4217-83ec-81cc872debcf}" = "youtube-control-fix";
"gdpr@cavi.au.dk" = "consent-o-matic";
"{41f9e51d-35e4-4b29-af66-422ff81c8b41}" = "disable-javascript";
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = "styl-us";
"wappalyzer@crunchlabz.com" = "wappalyzer";
"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}" = "video-downloadhelper";
"{1526fba1-ac33-4dfc-99d8-163e6129f7b9}" = "reveye-ris";
};
};
cloudSync = {
enable = true;
username = "Grimmauld";
server = "cloud.grimmauld.de";
passwordFile = config.age.secrets.nextcloud_pass.path;
};
spotify.enable = true;
};
age.secrets.nextcloud_pass = {
file = ./../../secrets/nextcloud_pass.age;
mode = "777";
};
networking.hostName = "grimm-nixos-ssd";
system.stateVersion = "24.05";
# nix.settings.extra-substituters = [ "https://nixcache.grimmauld.de" ];
nix.settings.trusted-public-keys = [
"nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
];
}

View file

@ -0,0 +1,129 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "uas" "sd_mod" "kvm-intel" ];
boot.initrd.kernelModules = [ "zfs" "nls_cp437" "nls_iso8859-1" "usbhid" "usb_storage" "nvme" ];
boot.zfs = {
forceImportRoot = false;
requestEncryptionCredentials = false; # none of the zfs datasets that should be mounted are encrypted. User homes happen later.
# [
# "zpool/home"
# "zpool/root"
# "zpool/nix"
# "zpool/var"
# ];
};
boot.kernelModules = [ "kvm-intel" ];
boot.supportedFilesystems.zfs = true;
networking.hostId = "40fa5ea8";
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
boot.extraModulePackages = [ ];
boot.kernelParams = [ "mds=full,nosmt" ];
services.homed.enable = true;
fileSystems."/" =
{ device = "zpool/root";
fsType = "zfs";
};
fileSystems."/nix" =
{ device = "zpool/nix";
fsType = "zfs";
};
fileSystems."/var" =
{ device = "zpool/var";
fsType = "zfs";
};
# fileSystems."/home" =
# { device = "zpool/home";
# fsType = "zfs";
# };
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/12CE-A600";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" "umask=077" ];
};
grimmShared = {
screens = {
external = {
id = "HDMI-A-1";
pos = "0 0";
};
internal = {
id = "eDP-1";
fps = [
144
60
];
};
};
laptop_hardware.enable = true;
};
# fileSystems."/crypt-storage" =
# { device = "/dev/disk/by-uuid/6f0d65a8-24f0-439d-b5ee-03c0ef051fcb";
# fsType = "ext4";
# options = [ "umask=077" ]; # read only so a fat-finger can't accidentially bonk our salts, rendering the disk useless.
# };
# fileSystems."/home/grimmauld" =
# { device = "zpool/home/grimmauld";
# fsType = "zfs";
# };
security.pam = {
zfs = {
enable = true;
homes = "zpool/home";
};
};
boot.initrd.luks.yubikeySupport = true; # enable yubikey support
boot.initrd.luks.devices."root" = {
device = "/dev/disk/by-uuid/6e6ca6b4-cfd5-4384-955b-bad9c48fa9d6"; # /dev/sda3
preLVM = true;
allowDiscards = true;
yubikey = {
slot = 2;
twoFactor = true; # Set to false for 1FA
gracePeriod = 30; # Time in seconds to wait for Yubikey to be inserted
keyLength = 64; # Set to $KEY_LENGTH/8
saltLength = 16; # Set to $SALT_LENGTH
storage = {
device = "/dev/disk/by-uuid/6f0d65a8-24f0-439d-b5ee-03c0ef051fcb"; # same ID as the crypt-storage mount earlier
fsType = "ext4";
path = "/default";
};
};
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}