2023-09-22 12:56:48 -05:00
|
|
|
{
|
2023-10-03 11:52:44 -05:00
|
|
|
config,
|
|
|
|
lib,
|
|
|
|
inputs,
|
2024-01-04 17:20:02 -06:00
|
|
|
outputs,
|
2023-10-06 01:11:27 -05:00
|
|
|
pkgs,
|
2024-01-04 17:20:02 -06:00
|
|
|
modulesPath,
|
2023-10-03 11:52:44 -05:00
|
|
|
...
|
2024-02-16 16:10:36 -06:00
|
|
|
}: let
|
|
|
|
inherit (pkgs) system;
|
|
|
|
in {
|
2024-01-02 18:54:46 -06:00
|
|
|
networking.hostName = lib.mkDefault "nixoslyte";
|
|
|
|
|
2024-01-04 17:20:02 -06:00
|
|
|
imports =
|
|
|
|
[
|
|
|
|
(modulesPath + "/installer/scan/not-detected.nix")
|
2024-01-04 18:55:30 -06:00
|
|
|
inputs.sops-nix.nixosModules.sops
|
2024-01-04 17:20:02 -06:00
|
|
|
inputs.disko.nixosModules.disko
|
|
|
|
inputs.home-manager.nixosModules.home-manager
|
|
|
|
]
|
2024-03-28 13:10:51 -05:00
|
|
|
++ [
|
|
|
|
./avahi.nix
|
|
|
|
./daniel.nix
|
|
|
|
];
|
2023-10-03 14:50:00 -05:00
|
|
|
|
|
|
|
hardware.enableRedistributableFirmware = true;
|
|
|
|
|
2023-09-06 01:20:43 -05:00
|
|
|
services.journald.extraConfig = "SystemMaxUse=1G";
|
2023-09-05 23:11:14 -05:00
|
|
|
|
2024-01-13 23:43:06 -06:00
|
|
|
home-manager.useGlobalPkgs = true;
|
2024-05-02 09:52:49 -05:00
|
|
|
home-manager.backupFileExtension = "hm-backup";
|
2024-02-22 15:11:36 -06:00
|
|
|
# home-manager.useUserPkgs = true; # wut is this?
|
2024-01-13 23:43:06 -06:00
|
|
|
|
2023-09-05 23:11:14 -05:00
|
|
|
environment = {
|
|
|
|
variables = {
|
|
|
|
EDITOR = "hx";
|
2024-05-15 19:29:46 -05:00
|
|
|
SYSTEMD_EDITOR = "hx";
|
2023-09-05 23:11:14 -05:00
|
|
|
VISUAL = "hx";
|
|
|
|
PAGER = "less";
|
|
|
|
MANPAGER = "less";
|
|
|
|
};
|
|
|
|
|
2024-03-13 21:34:27 -05:00
|
|
|
systemPackages = with pkgs; [
|
2024-04-14 10:49:34 -05:00
|
|
|
atuin
|
2024-03-13 21:34:27 -05:00
|
|
|
# age
|
|
|
|
# bat
|
|
|
|
# bc
|
|
|
|
# bind
|
|
|
|
# bottom
|
|
|
|
# btrfs-progs
|
|
|
|
# cue
|
|
|
|
curl
|
|
|
|
# dogdns
|
|
|
|
dua
|
|
|
|
eza
|
|
|
|
fd
|
|
|
|
file
|
|
|
|
fzf
|
|
|
|
gnumake
|
2024-05-29 13:42:13 -05:00
|
|
|
gnupg
|
2024-03-13 21:34:27 -05:00
|
|
|
# gron
|
|
|
|
# hexyl
|
|
|
|
iputils
|
|
|
|
# jq
|
|
|
|
killall
|
|
|
|
less
|
|
|
|
mosh
|
|
|
|
# nmap
|
|
|
|
nettools
|
|
|
|
nodePackages.bash-language-server
|
|
|
|
openssl
|
|
|
|
# pciutils
|
|
|
|
# pv
|
|
|
|
# rclone
|
|
|
|
# restic
|
|
|
|
ripgrep
|
|
|
|
rsync
|
|
|
|
# rtx
|
|
|
|
sd
|
|
|
|
shellcheck
|
|
|
|
shfmt
|
|
|
|
# sops
|
|
|
|
smartmontools
|
|
|
|
# sqlite
|
|
|
|
# skim
|
|
|
|
# sysstat
|
|
|
|
unzip
|
|
|
|
# usbutils
|
|
|
|
# watchexec
|
|
|
|
wget
|
|
|
|
# xh
|
|
|
|
zellij
|
|
|
|
# zstd
|
|
|
|
inputs.home-manager.packages.${system}.home-manager
|
|
|
|
inputs.helix.packages.${system}.helix
|
|
|
|
];
|
2023-09-05 23:11:14 -05:00
|
|
|
};
|
|
|
|
|
2024-06-10 09:56:13 -05:00
|
|
|
users.groups.valerie = {};
|
2023-10-18 09:14:19 -05:00
|
|
|
users.groups.daniel = {};
|
|
|
|
|
2023-09-05 22:39:17 -05:00
|
|
|
users.users = {
|
|
|
|
daniel = {
|
|
|
|
isNormalUser = true;
|
|
|
|
home = "/home/daniel/.home";
|
2023-12-04 09:15:37 -06:00
|
|
|
createHome = true;
|
2023-09-05 22:39:17 -05:00
|
|
|
openssh.authorizedKeys.keys = [
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
|
|
|
|
];
|
2023-09-06 00:57:08 -05:00
|
|
|
group = "daniel";
|
2023-10-27 21:46:38 -05:00
|
|
|
extraGroups = ["users" "wheel" "video" "dialout" "uucp"];
|
2023-10-03 11:52:44 -05:00
|
|
|
packages = [];
|
2023-09-05 22:39:17 -05:00
|
|
|
};
|
|
|
|
|
2024-06-10 09:56:13 -05:00
|
|
|
valerie = {
|
|
|
|
isNormalUser = true;
|
|
|
|
home = "/home/valerie";
|
|
|
|
createHome = true;
|
|
|
|
openssh.authorizedKeys.keys = [
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
|
|
|
|
];
|
|
|
|
group = "valerie";
|
|
|
|
extraGroups = ["users" "video"];
|
|
|
|
packages = [];
|
|
|
|
};
|
|
|
|
|
2023-09-05 22:39:17 -05:00
|
|
|
root = {
|
|
|
|
openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
i18n = {
|
|
|
|
defaultLocale = "en_US.UTF-8";
|
|
|
|
};
|
|
|
|
|
2024-01-24 20:25:19 -06:00
|
|
|
programs.mosh = {
|
|
|
|
enable = true;
|
|
|
|
openFirewall = true;
|
|
|
|
};
|
|
|
|
|
2023-09-05 22:39:17 -05:00
|
|
|
services = {
|
2024-02-16 16:32:14 -06:00
|
|
|
xserver.xkb = {
|
2023-09-05 22:39:17 -05:00
|
|
|
layout = "us";
|
2024-02-16 16:32:14 -06:00
|
|
|
options = "ctrl:nocaps";
|
2023-09-05 22:39:17 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
openssh = {
|
|
|
|
enable = true;
|
2023-09-05 23:11:14 -05:00
|
|
|
|
|
|
|
settings = {
|
|
|
|
PasswordAuthentication = false;
|
2024-01-24 20:25:19 -06:00
|
|
|
KbdInteractiveAuthentication = false;
|
2024-02-22 15:28:52 -06:00
|
|
|
PermitRootLogin = "prohibit-password";
|
2023-09-05 23:11:14 -05:00
|
|
|
};
|
|
|
|
|
2024-01-24 21:07:35 -06:00
|
|
|
openFirewall = lib.mkDefault true;
|
2023-09-05 23:11:14 -05:00
|
|
|
|
|
|
|
# listenAddresses = [
|
|
|
|
# { addr = "0.0.0.0"; port = 22; }
|
|
|
|
# ];
|
|
|
|
};
|
|
|
|
|
|
|
|
tailscale = {
|
|
|
|
enable = true;
|
|
|
|
useRoutingFeatures = lib.mkDefault "client";
|
2023-09-05 22:39:17 -05:00
|
|
|
};
|
2023-09-05 23:51:32 -05:00
|
|
|
|
|
|
|
fwupd.enable = true;
|
|
|
|
smartd.enable = true;
|
2023-09-05 22:39:17 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
console = {
|
2024-01-16 21:14:14 -06:00
|
|
|
# font = "Lat2-Terminus16";
|
2023-09-05 22:39:17 -05:00
|
|
|
useXkbConfig = true;
|
|
|
|
earlySetup = true;
|
|
|
|
|
2024-01-04 22:29:12 -06:00
|
|
|
colors = with outputs.colors; [
|
2023-10-05 10:41:31 -05:00
|
|
|
bg
|
|
|
|
red
|
|
|
|
green
|
|
|
|
orange
|
|
|
|
blue
|
|
|
|
purple
|
|
|
|
yellow
|
|
|
|
fg3
|
|
|
|
fgdim
|
|
|
|
red
|
|
|
|
green
|
|
|
|
orange
|
|
|
|
blue
|
|
|
|
purple
|
|
|
|
yellow
|
|
|
|
fg
|
2023-09-19 20:56:24 -05:00
|
|
|
];
|
2023-09-05 22:39:17 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
useDHCP = lib.mkDefault true;
|
2023-09-05 23:11:14 -05:00
|
|
|
|
|
|
|
firewall = {
|
|
|
|
enable = lib.mkDefault true;
|
|
|
|
allowPing = lib.mkDefault true;
|
2024-01-24 20:25:19 -06:00
|
|
|
allowedTCPPorts = lib.mkDefault [22];
|
2024-03-13 21:12:14 -05:00
|
|
|
allowedUDPPortRanges = [
|
|
|
|
{
|
|
|
|
# mosh
|
|
|
|
from = 60000;
|
|
|
|
to = 60010;
|
|
|
|
}
|
|
|
|
];
|
2023-09-05 23:11:14 -05:00
|
|
|
};
|
2023-10-10 14:29:31 -05:00
|
|
|
|
|
|
|
extraHosts = ''
|
|
|
|
::1 host.docker.internal
|
|
|
|
127.0.0.1 host.docker.internal
|
2024-03-29 10:14:41 -05:00
|
|
|
|
2024-01-25 16:33:03 -06:00
|
|
|
::1 host.containers.internal
|
|
|
|
127.0.0.1 host.containers.internal
|
2023-10-10 14:29:31 -05:00
|
|
|
'';
|
2023-09-05 22:39:17 -05:00
|
|
|
};
|
|
|
|
|
2023-09-05 23:51:32 -05:00
|
|
|
programs = {
|
|
|
|
fish = {
|
|
|
|
enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
tmux = {
|
|
|
|
enable = true;
|
|
|
|
clock24 = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
traceroute.enable = true;
|
|
|
|
|
|
|
|
git = {
|
|
|
|
enable = true;
|
2023-11-07 17:09:05 -06:00
|
|
|
package = pkgs.gitFull;
|
2023-09-05 23:51:32 -05:00
|
|
|
|
|
|
|
lfs = {
|
2023-09-05 22:39:17 -05:00
|
|
|
enable = true;
|
|
|
|
};
|
|
|
|
};
|
2023-09-28 12:29:21 -05:00
|
|
|
|
|
|
|
# https://github.com/nix-community/home-manager/issues/3113
|
|
|
|
dconf.enable = true;
|
2023-09-05 23:51:32 -05:00
|
|
|
};
|
2023-09-05 22:39:17 -05:00
|
|
|
|
|
|
|
time = {
|
|
|
|
timeZone = "America/Chicago";
|
|
|
|
};
|
|
|
|
|
|
|
|
users = {
|
|
|
|
defaultUserShell = pkgs.fish;
|
|
|
|
};
|
2023-10-27 21:46:38 -05:00
|
|
|
|
2024-01-02 18:54:46 -06:00
|
|
|
# TODO: should not be in common?
|
|
|
|
# services.udev.extraRules = ''
|
|
|
|
# # https://betaflight.com/docs/wiki/archive/Installing-Betaflight#step-1
|
|
|
|
# # ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2e3c", ATTRS{idProduct}=="df11", MODE="0664", GROUP="uucp"
|
|
|
|
# # ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE="0664", GROUP="uucp"'
|
|
|
|
# '';
|
2024-01-04 17:20:02 -06:00
|
|
|
|
|
|
|
nixpkgs = {
|
|
|
|
# You can add overlays here
|
|
|
|
overlays = [
|
|
|
|
# Add overlays your own flake exports (from overlays and pkgs dir):
|
|
|
|
outputs.overlays.additions
|
|
|
|
outputs.overlays.modifications
|
|
|
|
outputs.overlays.unstable-packages
|
|
|
|
|
|
|
|
# You can also add overlays exported from other flakes:
|
|
|
|
# neovim-nightly-overlay.overlays.default
|
|
|
|
|
|
|
|
# Or define it inline, for example:
|
|
|
|
# (final: prev: {
|
|
|
|
# hi = final.hello.overrideAttrs (oldAttrs: {
|
|
|
|
# patches = [ ./change-hello-to-hi.patch ];
|
|
|
|
# });
|
|
|
|
# })
|
|
|
|
];
|
|
|
|
# Configure your nixpkgs instance
|
|
|
|
config = {
|
|
|
|
# Disable if you don't want unfree packages
|
|
|
|
allowUnfree = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
nix = {
|
2024-02-16 16:10:36 -06:00
|
|
|
# This will additionally add your inputs to the system's legacy channels
|
|
|
|
# Making legacy nix commands consistent as well, awesome!
|
|
|
|
# Not sure why I would need this...
|
|
|
|
# nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
|
|
|
|
|
2024-01-04 17:20:02 -06:00
|
|
|
# This will add each flake input as a registry
|
|
|
|
# To make nix3 commands consistent with your flake
|
2024-02-20 17:18:49 -06:00
|
|
|
# registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
2024-01-04 17:20:02 -06:00
|
|
|
|
|
|
|
settings = {
|
|
|
|
trusted-users = ["root" "daniel"];
|
2024-02-20 17:18:49 -06:00
|
|
|
|
2024-01-04 17:20:02 -06:00
|
|
|
experimental-features = lib.mkDefault ["nix-command" "flakes"];
|
2024-02-20 17:18:49 -06:00
|
|
|
|
2024-01-04 17:20:02 -06:00
|
|
|
substituters = [
|
|
|
|
"https://cache.nixos.org/"
|
|
|
|
"https://helix.cachix.org"
|
|
|
|
"https://nix-community.cachix.org"
|
2024-06-10 09:56:13 -05:00
|
|
|
# "https://nix.h.lyte.dev"
|
2024-01-04 17:20:02 -06:00
|
|
|
];
|
2024-02-20 17:18:49 -06:00
|
|
|
|
2024-01-04 17:20:02 -06:00
|
|
|
trusted-public-keys = [
|
|
|
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
|
|
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
|
|
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
|
|
"h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="
|
|
|
|
];
|
|
|
|
|
2024-02-20 17:18:49 -06:00
|
|
|
auto-optimise-store = false;
|
|
|
|
};
|
2024-01-04 17:20:02 -06:00
|
|
|
};
|
|
|
|
|
2024-03-26 11:04:47 -05:00
|
|
|
services.udev.extraRules = ''
|
|
|
|
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
|
|
|
|
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness"
|
|
|
|
'';
|
|
|
|
|
2024-02-21 20:33:50 -06:00
|
|
|
# # TODO: regular cron or something?
|
|
|
|
# programs.nix-index = {
|
|
|
|
# enable = true;
|
|
|
|
# # enableFishIntegration = true;
|
|
|
|
# };
|
2024-02-21 20:10:10 -06:00
|
|
|
|
2024-01-24 20:25:19 -06:00
|
|
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
|
|
|
2024-01-04 17:20:02 -06:00
|
|
|
system.stateVersion = lib.mkDefault "23.11";
|
2023-09-05 22:39:17 -05:00
|
|
|
}
|