diff --git a/os/linux/nix/daniel.nix b/os/linux/nix/daniel.nix index ac73092..cab2615 100644 --- a/os/linux/nix/daniel.nix +++ b/os/linux/nix/daniel.nix @@ -7,5 +7,5 @@ wayland.windowManager.sway = { enable = true; - } + }; } \ No newline at end of file diff --git a/os/linux/nix/flake.lock b/os/linux/nix/flake.lock index c80f72a..9ac8fed 100644 --- a/os/linux/nix/flake.lock +++ b/os/linux/nix/flake.lock @@ -19,6 +19,27 @@ "url": "ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1690739034, + "narHash": "sha256-roW02IaiQ3gnEEDMCDWL5YyN+C4nBf/te6vfL7rG0jk=", + "owner": "nix-community", + "repo": "disko", + "rev": "4015740375676402a2ee6adebc3c30ea625b9a94", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "disko", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -109,6 +130,7 @@ "root": { "inputs": { "api-lyte-dev": "api-lyte-dev", + "disko": "disko", "home-manager": "home-manager", "nixpkgs": "nixpkgs_2", "sops-nix": "sops-nix" diff --git a/os/linux/nix/flake.nix b/os/linux/nix/flake.nix index d485a37..15e9fd5 100644 --- a/os/linux/nix/flake.nix +++ b/os/linux/nix/flake.nix @@ -18,6 +18,13 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + disko = { + url = "github:nix-community/disko/master"; # NOTE: lock update! + + # use the version of nixpkgs we specified above rather than the one HM would ordinarily use + inputs.nixpkgs.follows = "nixpkgs"; + }; + sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -47,6 +54,9 @@ system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ + inputs.disko.nixosModules.disko + ./machines/thinker-disks.nix + { _module.args.disks = [ "/dev/nvme0n1" ]; } ./machines/thinker.nix inputs.home-manager.nixosModules.home-manager inputs.sops-nix.nixosModules.sops diff --git a/os/linux/nix/machines/thinker-disks.nix b/os/linux/nix/machines/thinker-disks.nix index e0d33df..b0e7ef8 100644 --- a/os/linux/nix/machines/thinker-disks.nix +++ b/os/linux/nix/machines/thinker-disks.nix @@ -1,51 +1,53 @@ { disks ? [ "/dev/vda" ], ... }: { - disk = { - vdb = { - type = "disk"; - device = builtins.elemAt disks 0; - content = { - type = "gpt"; - partitions = { - ESP = { - label = "EFI"; - name = "ESP"; - size = "512M"; - type = "EF00" ; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ - "defaults" - ]; - }; - }; - luks = { - size = "100%"; - content = { - type = "luks"; - name = "crypted"; - extraOpenArgs = [ "--allow-discards" ]; - # if you want to use the key for interactive login be sure there is no trailing newline - # for example use `echo -n "password" > /tmp/secret.key` - keyFile = "/tmp/secret.key"; # Interactive - # settings.keyFile = "/tmp/password.key"; - # additionalKeyFiles = ["/tmp/additionalSecret.key"]; + disko.devices = { + disk = { + vdb = { + type = "disk"; + device = builtins.elemAt disks 0; + content = { + type = "gpt"; + partitions = { + ESP = { + label = "EFI"; + name = "ESP"; + size = "512M"; + type = "EF00"; content = { - type = "btrfs"; - extraArgs = [ "-f" ]; - subvolumes = { - "/root" = { - mountpoint = "/"; - mountOptions = [ "compress=zstd" "noatime" ]; - }; - "/home" = { - mountpoint = "/home"; - mountOptions = [ "compress=zstd" "noatime" ]; - }; - "/nix" = { - mountpoint = "/nix"; - mountOptions = [ "compress=zstd" "noatime" ]; + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "defaults" + ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "crypted"; + extraOpenArgs = [ "--allow-discards" ]; + # if you want to use the key for interactive login be sure there is no trailing newline + # for example use `echo -n "password" > /tmp/secret.key` + keyFile = "/tmp/secret.key"; # Interactive + # settings.keyFile = "/tmp/password.key"; + # additionalKeyFiles = ["/tmp/additionalSecret.key"]; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; + subvolumes = { + "/root" = { + mountpoint = "/"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/home" = { + mountpoint = "/home"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/nix" = { + mountpoint = "/nix"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; }; }; }; diff --git a/os/linux/nix/machines/thinker.nix b/os/linux/nix/machines/thinker.nix index 27b0f75..07b45d1 100644 --- a/os/linux/nix/machines/thinker.nix +++ b/os/linux/nix/machines/thinker.nix @@ -8,7 +8,6 @@ imports = [ # Include the results of the hardware scan. ./thinker-hardware.nix - "${builtins.fetchTarball "https://github.com/nix-community/disko/archive/master.tar.gz"}/module.nix" ]; # Use the systemd-boot EFI boot loader. @@ -20,6 +19,20 @@ # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. networking.networkmanager.enable = true; + security.polkit.enable = true; + security.rtkit.enable = true; + + programs.fish.enable = true; + users.defaultUserShell = pkgs.fish; + + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + # Set your time zone. time.timeZone = "America/Chicago"; @@ -28,19 +41,18 @@ # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Select internationalisation properties. - # i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # useXkbConfig = true; # use xkbOptions in tty. - # }; + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + useXkbConfig = true; + }; # Enable the X11 windowing system. # services.xserver.enable = true; # Configure keymap in X11 services.xserver.layout = "us"; - services.xserver.xkbOptions = "caps:escape"; + services.xserver.xkbOptions = "ctrl:nocaps"; # Enable CUPS to print documents. # services.printing.enable = true; @@ -67,10 +79,9 @@ dtach exa fd - fish fwupd git - git-delta + delta helix ripgrep sd @@ -97,9 +108,8 @@ dua git-lfs libinput - libinput-gesture + libinput-gestures brightnessctl - thunar # TODO: my font? noto-fonts gimp @@ -112,7 +122,6 @@ pulsemixer pavucontrol pamixer - libpulse playerctl # TODO: wireplumber? swaybg @@ -130,10 +139,15 @@ wget ]; + programs.thunar.enable = true; + services.tailscale = { enable = true; }; + environment.variables = { + EDITOR = "hx"; + }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. @@ -154,11 +168,6 @@ # Or disable the firewall altogether. # networking.firewall.enable = false; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - system.copySystemConfiguration = true; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It's perfectly fine and recommended to leave