From cc62207eb46c5f24a6c81740f7fbb61d121df4cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= Date: Sun, 8 Jan 2023 12:39:21 +0000 Subject: [PATCH] move newer settings from yoga to common --- flake.nix | 346 +++++++++++++++++------------------ nixos/boxes/yoga/default.nix | 41 +---- nixos/common-hardware.nix | 88 +++++---- nixos/common-services.nix | 20 +- nixos/common.nix | 11 +- 5 files changed, 231 insertions(+), 275 deletions(-) diff --git a/flake.nix b/flake.nix index f4c9a0f4..49588fc5 100644 --- a/flake.nix +++ b/flake.nix @@ -1,194 +1,194 @@ { description = "NixOS configuration with flakes"; - outputs = { - self, - flake-utils, - flake-compat, - home-manager, - nixpkgs-nixos-unstable, - nixpkgs-master, - nixpkgs-stable, - darwin, - nixos-hardware, - nur, - sops, - nil, - helix, - alejandra, - } @ inputs: let - mkServer = pkgs: system: hostname: - pkgs.lib.nixosSystem { - inherit system; - modules = [ - (./. + "/nixos/boxes/${hostname}") - (import ./nixos/server-common.nix) - sops.nixosModules.sops - ]; - specialArgs = {inherit inputs;}; - }; - mkRaspi = pkgs: hostname: - pkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = [(./. + "/nixos/boxes/${hostname}")]; - specialArgs = {inherit inputs;}; - }; - mkKiosk = pkgs: system: hostname: - pkgs.lib.nixosSystem { - inherit system; - modules = [ - (./. + "/nixos/boxes/${hostname}") + outputs = { self, flake-utils, flake-compat, home-manager + , nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin + , nixos-hardware, nur, sops, nil, helix, alejandra, }@inputs: + let + mkServer = pkgs: system: hostname: + pkgs.lib.nixosSystem { + inherit system; + modules = [ + (./. + "/nixos/boxes/${hostname}") + (import ./nixos/server-common.nix) + sops.nixosModules.sops + ]; + specialArgs = { inherit inputs; }; + }; + mkRaspi = pkgs: hostname: + pkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ (./. + "/nixos/boxes/${hostname}") ]; + specialArgs = { inherit inputs; }; + }; + mkKiosk = pkgs: system: hostname: + pkgs.lib.nixosSystem { + inherit system; + modules = [ + (./. + "/nixos/boxes/${hostname}") + (import ./nixos/common.nix) + sops.nixosModules.sops - sops.nixosModules.sops - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.cyryl = { - imports = [./nixos/home-manager ./nixos/home-manager/linux.nix]; - _module.args.inputs = inputs; - _module.args.system = system; + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.cyryl = { + imports = + [ ./nixos/home-manager ./nixos/home-manager/linux.nix ]; + _module.args.inputs = inputs; + _module.args.system = system; + }; + } + ]; + specialArgs = { + inherit inputs system; + nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { + inherit system; + config = { allowUnfree = true; }; }; - } - ]; - specialArgs = {inherit inputs system;}; - }; - mkWorkstation = pkgs: system: hostname: - pkgs.lib.nixosSystem { - inherit system; - modules = [ - (./. + "/nixos/boxes/${hostname}") - (import ./nixos/email-accounts.nix) - (import ./nixos/common.nix) - sops.nixosModules.sops - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.cyryl = { - imports = [./nixos/home-manager ./nixos/home-manager/linux.nix]; - _module.args.inputs = inputs; - _module.args.system = system; + nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { + inherit system; + config = { allowUnfree = true; }; }; - } - ]; - specialArgs = { - inherit inputs system; - nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { - inherit system; - config = {allowUnfree = true;}; - }; - nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { - inherit system; - config = {allowUnfree = true;}; }; }; - }; - mkShell = packageSet: system: let - pkgs = packageSet.legacyPackages.${system}; - in - pkgs.mkShell { - packages = with pkgs; [ - cacert - git - git-lfs - nixpkgs-fmt - openssh - openssl - pkg-config - statix - ]; - }; - in { - devShells = { - "x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin"; - "x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux"; - }; - darwinConfigurations = { - "FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { - system = "x86_64-darwin"; - modules = [ - (./. + "/nixos/boxes/form3") - home-manager.darwinModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.cyryl = { - imports = [./nixos/home-manager]; - _module.args.inputs = inputs; - _module.args.system = system; + mkWorkstation = pkgs: system: hostname: + pkgs.lib.nixosSystem { + inherit system; + modules = [ + (./. + "/nixos/boxes/${hostname}") + (import ./nixos/email-accounts.nix) + (import ./nixos/common.nix) + sops.nixosModules.sops + + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.cyryl = { + imports = + [ ./nixos/home-manager ./nixos/home-manager/linux.nix ]; + _module.args.inputs = inputs; + _module.args.system = system; + }; + } + ]; + specialArgs = { + inherit inputs system; + nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { + inherit system; + config = { allowUnfree = true; }; + }; + nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { + inherit system; + config = { allowUnfree = true; }; }; - } - ]; - }; - }; - - nixosConfigurations = { - foureighty = mkWorkstation nixpkgs-stable "x86_64-linux" "foureighty"; - skinnyv = mkWorkstation nixpkgs-stable "x86_64-linux" "skinnyv"; - thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky"; - bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty"; - vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1"; - yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga"; - homescreen = mkRaspi nixpkgs-stable "homescreen"; - - bootstrap = nixpkgs-stable.lib.nixosSystem rec { - system = "x86_64-linux"; - modules = [(./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops]; - specialArgs = { - inherit inputs system; - nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { - inherit system; - config = {allowUnfree = true;}; }; }; + mkShell = packageSet: system: + let pkgs = packageSet.legacyPackages.${system}; + in pkgs.mkShell { + packages = with pkgs; [ + cacert + git + git-lfs + nixpkgs-fmt + openssh + openssl + pkg-config + statix + ]; + }; + in { + devShells = { + "x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin"; + "x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux"; + }; + darwinConfigurations = { + "FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { + system = "x86_64-darwin"; + modules = [ + (./. + "/nixos/boxes/form3") + home-manager.darwinModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.cyryl = { + imports = [ ./nixos/home-manager ]; + _module.args.inputs = inputs; + _module.args.system = system; + }; + } + ]; + }; }; - # nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage - # sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress - # make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes - raspiimage = nixpkgs-stable.lib.nixosSystem { - system = "aarch64-linux"; - modules = [ - (import - "${inputs.nixpkgs-nixos-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix") - { - environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [ - neovim - htop - btop - atop - ]; - networking.networkmanager.enable = false; - hardware.enableRedistributableFirmware = true; - networking.wireless.enable = true; + nixosConfigurations = { + foureighty = mkWorkstation nixpkgs-stable "x86_64-linux" "foureighty"; + skinnyv = mkWorkstation nixpkgs-stable "x86_64-linux" "skinnyv"; + thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky"; + bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty"; + vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1"; + yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga"; + homescreen = mkRaspi nixpkgs-stable "homescreen"; - services.openssh = { - enable = true; - permitRootLogin = - nixpkgs-stable.lib.mkForce "prohibit-password"; - passwordAuthentication = false; + bootstrap = nixpkgs-stable.lib.nixosSystem rec { + system = "x86_64-linux"; + modules = [ (./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops ]; + specialArgs = { + inherit inputs system; + nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { + inherit system; + config = { allowUnfree = true; }; }; + }; + }; + # nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage + # sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress + # make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes + raspiimage = nixpkgs-stable.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + (import + "${inputs.nixpkgs-nixos-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix") + { + environment.systemPackages = + with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [ + neovim + htop + btop + atop + ]; - services.xserver = { - enable = true; - displayManager.lightdm.enable = true; - desktopManager.gnome.enable = true; - libinput.enable = true; - }; + networking.networkmanager.enable = false; + hardware.enableRedistributableFirmware = true; + networking.wireless.enable = true; - users.extraUsers.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" - ]; - sdImage.compressImage = false; - console.earlySetup = true; - } - ]; - specialArgs = {inherit inputs;}; + services.openssh = { + enable = true; + permitRootLogin = + nixpkgs-stable.lib.mkForce "prohibit-password"; + passwordAuthentication = false; + }; + + services.xserver = { + enable = true; + displayManager.lightdm.enable = true; + desktopManager.gnome.enable = true; + libinput.enable = true; + }; + + users.extraUsers.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" + ]; + sdImage.compressImage = false; + console.earlySetup = true; + } + ]; + specialArgs = { inherit inputs; }; + }; }; }; - }; inputs = { nixpkgs-master = { type = "github"; diff --git a/nixos/boxes/yoga/default.nix b/nixos/boxes/yoga/default.nix index db273f34..0bb69f8b 100644 --- a/nixos/boxes/yoga/default.nix +++ b/nixos/boxes/yoga/default.nix @@ -1,26 +1,16 @@ -{ - config, - pkgs, - inputs, - lib, - system, - nixpkgs-nixos-unstable-and-unfree, - ... -}: { +{ config, pkgs, inputs, lib, system, nixpkgs-nixos-unstable-and-unfree, ... }: { networking.hostName = "yoga"; - imports = [./hardware-configuration.nix ../../boot.nix ../../git]; + imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ../../gui ]; boot.kernelPackages = pkgs.linuxPackages_latest; hardware.trackpoint.enable = true; services.hardware.bolt.enable = true; - services.fprintd = {enable = true;}; + services.fprintd = { enable = true; }; - home-manager.users.cyryl = {lib, ...}: { - home.packages = with pkgs; [firefox vim gnome3.gedit git]; - }; + home-manager.users.cyryl = { lib, ... }: { home.packages = with pkgs; [ ]; }; networking.networkmanager.enable = true; @@ -45,13 +35,6 @@ services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; - services.xserver = { - layout = "pl"; - xkbVariant = ""; - }; - - console.keyMap = "pl2"; - services.printing.enable = true; sound.enable = true; @@ -77,9 +60,7 @@ isNormalUser = true; description = "cyryl"; extraGroups = [ "networkmanager" "wheel" ]; - packages = with pkgs; [ - firefox - ]; + packages = with pkgs; [ ]; }; services.fwupd.enable = true; @@ -91,15 +72,5 @@ systemd.services."getty@tty1".enable = false; systemd.services."autovt@tty1".enable = false; - nix = { - settings.auto-optimise-store = true; - gc.automatic = true; - optimise.automatic = true; - package = pkgs.nixUnstable; - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - - system = {stateVersion = "22.11";}; + system = { stateVersion = "22.11"; }; } diff --git a/nixos/common-hardware.nix b/nixos/common-hardware.nix index 05844b0a..b4fb5329 100644 --- a/nixos/common-hardware.nix +++ b/nixos/common-hardware.nix @@ -1,65 +1,61 @@ -{ - config, - pkgs, - nixpkgs-nixos-unstable-and-unfree, - lib, - ... -}: { - boot.kernelModules = ["fuse"]; +{ config, pkgs, nixpkgs-nixos-unstable-and-unfree, lib, ... }: { + boot.kernelModules = [ "fuse" ]; services.smartd.enable = true; sound.enable = true; networking.networkmanager = { enable = true; - dispatcherScripts = [ - { - source = pkgs.writeText "upHook" '' - enable_disable_wifi () - { - result=$(nmcli dev | grep "ethernet" | grep -w "connected") - if [ -n "$result" ]; then - nmcli radio wifi off - else - nmcli radio wifi on - fi - } - - if [ "$2" = "up" ]; then - enable_disable_wifi + dispatcherScripts = [{ + source = pkgs.writeText "upHook" '' + enable_disable_wifi () + { + result=$(nmcli dev | grep "ethernet" | grep -w "connected") + if [ -n "$result" ]; then + nmcli radio wifi off + else + nmcli radio wifi on fi + } - if [ "$2" = "down" ]; then - enable_disable_wifi - fi - ''; - type = "basic"; - } - ]; + if [ "$2" = "up" ]; then + enable_disable_wifi + fi + + if [ "$2" = "down" ]; then + enable_disable_wifi + fi + ''; + type = "basic"; + }]; }; hardware.enableRedistributableFirmware = true; hardware.cpu.intel.updateMicrocode = true; - hardware.pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - support32Bit = true; - extraModules = []; - daemon.config = { - nice-level = -15; - realtime-scheduling = "yes"; - }; - }; hardware.bluetooth = { enable = true; package = pkgs.bluezFull; - settings = {General = {Enable = "Source,Sink,Media,Socket";};}; + settings = { General = { Enable = "Source,Sink,Media,Socket"; }; }; }; services.blueman.enable = true; - environment.systemPackages = with pkgs; [ghostscript poppler]; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + environment.systemPackages = with pkgs; [ ghostscript poppler ]; services.printing = { enable = true; drivers = with pkgs; [ @@ -77,7 +73,8 @@ description = "Epson XP-540 via bolty"; name = "epson_xp540_via_bolty"; deviceUri = "ipp://bolty:631/printers/epson_xp540"; - model = "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd"; + model = + "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd"; ppdOptions = { PageSize = "A4"; Duplex = "DuplexNoTumble"; @@ -86,7 +83,8 @@ { description = "Samsung SCX-4623 Series"; name = "samsung-SCX-4623"; - deviceUri = "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1"; + deviceUri = + "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1"; model = "samsung/SCX-4623FW.ppd"; ppdOptions = { PageSize = "A4"; @@ -95,7 +93,7 @@ } ]; - services.udev.packages = [pkgs.utsushi]; + services.udev.packages = [ pkgs.utsushi ]; hardware.sane = { enable = true; snapshot = true; diff --git a/nixos/common-services.nix b/nixos/common-services.nix index 4ee9c335..e6c781d5 100644 --- a/nixos/common-services.nix +++ b/nixos/common-services.nix @@ -1,12 +1,9 @@ -{ - config, - pkgs, - ... -}: { - console.keyMap = "pl"; - imports = [./tailscale]; +{ config, pkgs, ... }: { + + console.keyMap = "pl2"; + imports = [ ./tailscale ]; services = { - udev.packages = [pkgs.android-udev-rules]; + udev.packages = [ pkgs.android-udev-rules ]; ratbagd.enable = true; fwupd = { @@ -14,11 +11,7 @@ package = pkgs.fwupd; }; - tlp = { - enable = true; - settings = {"DISK_IOSCHED" = "mq-deadline";}; - }; - + power-profiles-daemon.enable = true; upower.enable = true; fstrim.enable = true; clipmenu.enable = true; @@ -33,6 +26,7 @@ enable = true; layout = "pl"; xkbOptions = "caps:ctrl_modifier"; + xkbVariant = ""; libinput = { enable = true; touchpad = { diff --git a/nixos/common.nix b/nixos/common.nix index 99771238..1ed33706 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }: let - stateVersion = "22.05"; + stateVersion = "22.11"; username = "cyryl"; in { imports = [ @@ -73,14 +73,7 @@ in { defaultFonts.monospace = [ "Berkeley Mono" ]; }; - fonts.fonts = with pkgs; - [ - (fetchzip { - url = "file://" + ./fonts.zip; - sha256 = "sha256-EfWED+hF/A0og3+oTYUuDUSq3OhdY2+fHmGKkBMQOnc="; - stripRoot = false; - }) - ]; + fonts.fonts = with pkgs; [ ]; nix = { settings.auto-optimise-store = true;