lytedev/nix
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

More cleanup

Browse source
This commit is contained in:
Daniel Flanagan 2024-06-29 01:00:18 -05:00
parent a8c0774435
commit 98f36353f4
24 changed files with 19 additions and 733 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
modules/nixos/avahi.nix
View file

@ -1,9 +0,0 @@
{
# enable mDNS and discovery
services.avahi = {
enable = true;
reflector = true;
openFirewall = true;
nssmdns4 = true;
};
}

156
modules/nixos/common.nix
View file

@ -1,156 +0,0 @@
{
overlays,
config,
lib,
pkgs,
colors,
sops-nix,
home-manager,
disko,
modulesPath,
...
}: let
inherit (pkgs) system;
in {
users.groups.valerie = {};
users.groups.daniel = {};
users.users = {
daniel = {
isNormalUser = true;
home = "/home/daniel/.home";
createHome = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
];
group = "daniel";
extraGroups = ["users" "wheel" "video" "dialout" "uucp"];
packages = [];
};
valerie = {
isNormalUser = true;
home = "/home/valerie";
createHome = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
];
group = "valerie";
extraGroups = ["users" "video"];
packages = [];
};
};
programs = {
fish = {
enable = true;
};
tmux = {
enable = true;
clock24 = true;
};
traceroute.enable = true;
git = {
enable = true;
package = pkgs.gitFull;
lfs = {
enable = true;
};
};
# https://github.com/nix-community/home-manager/issues/3113
dconf.enable = true;
};
time = {
timeZone = "America/Chicago";
};
users = {
defaultUserShell = pkgs.fish;
};
# TODO: should not be in common?
# services.udev.extraRules = ''
# # https://betaflight.com/docs/wiki/archive/Installing-Betaflight#step-1
# # ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2e3c", ATTRS{idProduct}=="df11", MODE="0664", GROUP="uucp"
# # ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE="0664", GROUP="uucp"'
# '';
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
overlays.additions
overlays.modifications
overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
nix = {
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
# Not sure why I would need this...
# nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
# registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
settings = {
trusted-users = ["root" "daniel"];
experimental-features = lib.mkDefault ["nix-command" "flakes"];
substituters = [
"https://cache.nixos.org/"
"https://helix.cachix.org"
"https://nix-community.cachix.org"
"https://nix.h.lyte.dev"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="
];
auto-optimise-store = false;
};
};
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness"
'';
# # TODO: regular cron or something?
# programs.nix-index = {
# enable = true;
# # enableFishIntegration = true;
# };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
system.stateVersion = lib.mkDefault "23.11";
}

50
modules/nixos/daniel.nix
View file

@ -1,50 +0,0 @@
{
pkgs,
inputs,
outputs,
...
}: let
inherit (pkgs) system;
in {
# TODO: fonts? right now they are only handled at the nixos-level (desktop-usage module)
# TODO: wallpaper?
home-manager = {
extraSpecialArgs = {
inherit inputs outputs system;
inherit (outputs) colors font;
};
users.daniel = {
accounts.email.accounts = {
primary = {
primary = true;
address = "daniel@lyte.dev";
};
legacy = {
address = "wraithx2@gmail.com";
};
io = {
# TODO: finalize deprecation
address = "daniel@lytedev.io";
};
# TODO: may need to use a sops secret? put in another module?
# work = {
# address = "REDACTED";
# };
};
home = {
username = "daniel";
homeDirectory = "/home/daniel/.home";
};
imports = with outputs.homeManagerModules; [
common
gnome
senpai
iex
cargo
];
};
};
}

34
modules/nixos/default.nix
View file

@ -383,6 +383,10 @@
services.desktopManager.plasma6.enable = true;
programs.dconf.enable = true;
services.xrdp.enable = true;
services.xrdp.defaultWindowManager = "plasma";
services.xrdp.openFirewall = false;
environment.systemPackages = with pkgs; [
wl-clipboard
inkscape
@ -391,24 +395,24 @@
vlc
wl-clipboard
libsForQt5.qt5.qtvirtualkeyboard
kdePackages.qtvirtualkeyboard
maliit-keyboard
maliit-framework
libsForQt5.kate
# libsForQt5.kdenlive
# libsForQt5.merkuro
libsForQt5.kcalc
# libsForQt5.neochat
libsForQt5.filelight
libsForQt5.krdc
libsForQt5.krfb
libsForQt5.kclock
libsForQt5.kweather
libsForQt5.ktorrent
# libsForQt5.kdevelop
# libsForQt5.kdialog
libsForQt5.kdeplasma-addons
kdePackages.kate
# kdePackages.kdenlive
# kdePackages.merkuro
kdePackages.kcalc
# kdePackages.neochat
kdePackages.filelight
kdePackages.krdc
kdePackages.krfb
kdePackages.kclock
kdePackages.kweather
kdePackages.ktorrent
# kdePackages.kdevelop
# kdePackages.kdialog
kdePackages.kdeplasma-addons
];
programs.gnupg.agent = {

35
modules/nixos/desktop-usage.nix
View file

@ -1,35 +0,0 @@
{pkgs, ...}: {
imports = [
./sway.nix
# ./hyprland.nix
./kde-plasma.nix
./fonts.nix
./user-installed-applications.nix
./kde-connect.nix
./troubleshooting-tools.nix
./development-tools.nix
];
environment = {
variables = {
GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark";
GTK_USE_PORTAL = "1";
};
systemPackages = with pkgs; [
marksman
markdown-oxide
gnupg
pinentry-tty
pinentry-curses
];
};
hardware = {
opengl = {
enable = true;
driSupport32Bit = true;
driSupport = true;
};
};
}

78
modules/nixos/development-tools.nix
View file

@ -1,78 +0,0 @@
{pkgs, ...}: {
environment.sessionVariables.NIXOS_OZONE_WL = "1";
programs.neovim = {
enable = true;
# plugins = [
# pkgs.vimPlugins.nvim-treesitter.withAllGrammars
# ];
};
environment.systemPackages = with pkgs; [
taplo # toml language server for editing helix configs per repo
pgcli
oil
watchexec
android-tools
kubectl
stern
libresprite
logseq
audacity
wol
shellcheck
skim
gron
shfmt
vscode-langservers-extracted
nodePackages.bash-language-server
nodePackages.yaml-language-server
xh
curl
google-chrome
];
services.udev.packages = with pkgs; [
platformio
openocd
via
];
programs.adb.enable = true;
users.users.daniel.extraGroups = ["adbusers"];
home-manager.users.daniel = {
home = {
};
programs.nushell = {
enable = true;
};
programs.jujutsu = {
enable = true;
};
programs.k9s = {
enable = true;
};
programs.vscode = {
enable = true;
};
programs.jq = {
enable = true;
};
programs.chromium = {
enable = true;
};
programs.btop = {
enable = true;
package = pkgs.btop.override {
rocmSupport = true;
};
};
};
}

17
modules/nixos/flanfam.nix
View file

@ -1,17 +0,0 @@
{...}: {
users.groups.flanfam = {};
users.users = {
flanfam = {
isNormalUser = true;
home = "/home/flanfam";
createHome = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
];
group = "flanfam";
extraGroups = ["users" "video"];
packages = [];
};
};
}

17
modules/nixos/flanfamkiosk.nix
View file

@ -1,17 +0,0 @@
{...}: {
users.groups.flanfamkiosk = {};
users.users = {
flanfamkiosk = {
isNormalUser = true;
home = "/home/flanfamkiosk";
createHome = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
];
group = "flanfamkiosk";
extraGroups = ["users" "video"];
packages = [];
};
};
}

6
modules/nixos/fonts.nix
View file

@ -1,6 +0,0 @@
{pkgs, ...}: {
fonts.packages = with pkgs; [
(nerdfonts.override {fonts = ["NerdFontsSymbolsOnly"];})
pkgs.iosevkaLyteTerm
];
}

25
modules/nixos/intel.nix
View file

@ -1,25 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
nixpkgs.config = {
packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
};
};
hardware = {
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
opengl = {
extraPackages = with pkgs; [
intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau
libvdpau-va-gl
];
};
};
}

20
modules/nixos/kde-connect.nix
View file

@ -1,20 +0,0 @@
{
programs.kdeconnect = {
enable = true;
};
networking.firewall = {
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
};
}

52
modules/nixos/kde-plasma.nix
View file

@ -1,52 +0,0 @@
{pkgs, ...}: {
imports = [./pipewire.nix];
# NOTE: Plasma and Kitty seem to have some weird interactions where
# occasionally, kitty's window will try to move or resize and crash the
# compositor. Plasma recovers, but the Kitty window is quite dead and gone.
# This has lost me a few minutes' work when I have not saved a file while
# typing and I go to resize kitty and crash loses my work.
# It is entirely possible that this is due to my configuration, though, and
# not the fault of the applications themselves!
# https://www.reddit.com/r/kde/comments/ohiwqf/kitty_crashes_plasma_wayland_session/
# https://gitlab.archlinux.org/archlinux/packaging/packages/kitty/-/issues/3
# NOTE: I'm switching to wezterm. Will this solve my issue?
# Update: seems so?
services.desktopManager.plasma6.enable = true;
services.displayManager.sddm.enable = true;
services.displayManager.sddm.wayland.enable = true;
services.xserver.enable = true;
qt.enable = true;
programs.dconf.enable = true;
services.dbus.enable = true;
environment = {
systemPackages = with pkgs; [
inkscape
krita
noto-fonts
vlc
wl-clipboard
libsForQt5.qt5.qtvirtualkeyboard
maliit-keyboard
maliit-framework
# libsForQt5.kate
# libsForQt5.kdenlive
# libsForQt5.merkuro
# libsForQt5.kcalc
# libsForQt5.neochat
# libsForQt5.filelight
# libsForQt5.krdc
# libsForQt5.krfb
# libsForQt5.kclock
# libsForQt5.kweather
# libsForQt5.ktorrent
# libsForQt5.kdevelop
# libsForQt5.kdialog
# libsForQt5.kdeplasma-addons
];
};
}

9
modules/nixos/lutris.nix
View file

@ -1,9 +0,0 @@
{pkgs, ...}: {
environment = {
systemPackages = with pkgs; [
wineWowPackages.waylandFull
lutris
winetricks
];
};
}

19
modules/nixos/music-production.nix
View file

@ -1,19 +0,0 @@
{pkgs, ...}: {
# TODO: may want to force nixpkgs-stable for a more-stable music production
# environment?
imports = [
{
environment.systemPackages = with pkgs; [
helvum # pipewire graph/patchbay GUI
ardour # DAW
helm # synth
];
}
];
# TODO: things to look into for music production:
# - https://linuxmusicians.com/viewtopic.php?t=27016
# - KXStudio?
# - falktx (https://github.com/DISTRHO/Cardinal)
# -
}

16
modules/nixos/pipewire-low-latency.nix
View file

@ -1,16 +0,0 @@
{
services.pipewire.extraConfig = {
# "pipewire/pipewire.conf.d/92-low-latency.conf".text = ''
# context.properties = {
# default.clock.rate = 48000
# default.clock.quantum = 128
# default.clock.min-quantum = 128
# default.clock.max-quantum = 128
# }
# jack.properties = {
# node.latency = 128/48000
# }
# '';
};
}

29
modules/nixos/pipewire.nix
View file

@ -1,29 +0,0 @@
{...}: {
sound.enable = true;
services.pipewire = {
enable = true;
wireplumber.enable = true;
pulse.enable = true;
jack.enable = true;
alsa = {
enable = true;
support32Bit = true;
};
};
hardware = {
pulseaudio = {
enable = false;
support32Bit = true;
};
};
security = {
# I forget why I need these exactly...
polkit.enable = true;
rtkit.enable = true;
};
}

23
modules/nixos/podman.nix
View file

@ -1,23 +0,0 @@
{pkgs, ...}: {
environment = {
systemPackages = with pkgs; [
podman-compose
];
};
virtualisation = {
podman = {
enable = true;
# Create a `docker` alias for podman, to use it as a drop-in replacement
dockerCompat = true;
# Required for containers under podman-compose to be able to talk to each other.
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = {
backend = "podman";
};
};
}

43
modules/nixos/postgres.nix
View file

@ -1,43 +0,0 @@
{pkgs, ...}: {
# this is really just for development usage
services.postgresql = {
enable = true;
ensureDatabases = ["daniel"];
ensureUsers = [
{
name = "daniel";
ensureDBOwnership = true;
}
];
# enableTCPIP = true;
package = pkgs.postgresql_15;
authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method
local all postgres peer map=superuser_map
local all daniel peer map=superuser_map
local sameuser all peer map=superuser_map
# lan ipv4
host all all 10.0.0.0/24 trust
host all all 127.0.0.1/32 trust
# tailnet ipv4
host all all 100.64.0.0/10 trust
'';
identMap = ''
# ArbitraryMapName systemUser DBUser
superuser_map root postgres
superuser_map postgres postgres
superuser_map daniel postgres
superuser_map /^(.*)$ \1 # Let other names login as themselves
'';
};
environment.systemPackages = with pkgs; [
pgcli
];
}

13
modules/nixos/printing.nix
View file

@ -1,13 +0,0 @@
{pkgs, ...}: {
services.printing.enable = true;
services.printing.browsing = true;
services.printing.browsedConf = ''
BrowseDNSSDSubTypes _cups,_print
BrowseLocalProtocols all
BrowseRemoteProtocols all
CreateIPPPrinterQueues All
BrowseProtocols all
'';
services.printing.drivers = [pkgs.gutenprint];
}

44
modules/nixos/steam.nix
View file

@ -1,44 +0,0 @@
{pkgs, ...}: {
programs.gamescope.enable = true;
programs.steam = {
enable = true;
extest.enable = true;
gamescopeSession.enable = true;
extraPackages = with pkgs; [
gamescope
];
extraCompatPackages = with pkgs; [
proton-ge-bin
];
localNetworkGameTransfers.openFirewall = true;
remotePlay.openFirewall = true;
};
hardware.steam-hardware.enable = true;
services.udev.packages = with pkgs; [steam];
environment.systemPackages = with pkgs; [
dualsensectl
];
# TODO: remote play ports - should be unnecessary due to
# programs.steam.remotePlay.openFirewall = true;
networking.firewall.allowedUDPPortRanges = [
# UDP 27031, 27036
{
from = 27031;
to = 27036;
}
];
networking.firewall.allowedTCPPortRanges = [
# TCP 27036, 27037
{
from = 27036;
to = 27037;
}
];
}

11
modules/nixos/troubleshooting-tools.nix
View file

@ -1,11 +0,0 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
pciutils
usbutils
htop
bottom
nmap
dogdns
dnsutils
];
}

4
modules/nixos/user-installed-applications.nix
View file

@ -1,4 +0,0 @@
{pkgs, ...}: {
services.flatpak.enable = true;
programs.appimage.binfmt = true;
}

32
modules/nixos/valerie.nix
View file

@ -1,32 +0,0 @@
{
pkgs,
inputs,
outputs,
...
}: let
inherit (pkgs) system;
in {
home-manager = {
extraSpecialArgs = {
inherit inputs outputs system;
inherit (outputs) colors font;
};
users.valerie = {
# accounts.email.accounts = {
# primary = {
# primary = true;
# address = "";
# };
# };
home = {
username = "valerie";
homeDirectory = "/home/valerie";
};
imports = with outputs.homeManagerModules; [
common
];
};
};
}

10
modules/nixos/wifi.nix
View file

@ -1,10 +0,0 @@
{lib, ...}: let
inherit (lib) mkDefault;
in {
networking.networkmanager.enable = mkDefault true;
systemd.services.NetworkManager-wait-online.enable = mkDefault false;
# TODO: networking.networkmanager.wifi.backend = "iwd"; ?
# TODO: powersave?
# TODO: can I pre-configure my usual wifi networks with SSIDs and PSKs loaded from secrets?
}