cyplo/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

move newer settings from yoga to common

Browse source
This commit is contained in:
Cyryl Płotnicki 2023-01-08 12:39:21 +00:00
parent 93b10f9a82
commit cc62207eb4
5 changed files with 231 additions and 275 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

346
flake.nix
View file

@ -1,194 +1,194 @@
{ {
description = "NixOS configuration with flakes"; description = "NixOS configuration with flakes";
outputs = { outputs = { self, flake-utils, flake-compat, home-manager
self, , nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin
flake-utils, , nixos-hardware, nur, sops, nil, helix, alejandra, }@inputs:
flake-compat, let
home-manager, mkServer = pkgs: system: hostname:
nixpkgs-nixos-unstable, pkgs.lib.nixosSystem {
nixpkgs-master, inherit system;
nixpkgs-stable, modules = [
darwin, (./. + "/nixos/boxes/${hostname}")
nixos-hardware, (import ./nixos/server-common.nix)
nur, sops.nixosModules.sops
sops, ];
nil, specialArgs = { inherit inputs; };
helix, };
alejandra, mkRaspi = pkgs: hostname:
} @ inputs: let pkgs.lib.nixosSystem {
mkServer = pkgs: system: hostname: system = "aarch64-linux";
pkgs.lib.nixosSystem { modules = [ (./. + "/nixos/boxes/${hostname}") ];
inherit system; specialArgs = { inherit inputs; };
modules = [ };
(./. + "/nixos/boxes/${hostname}") mkKiosk = pkgs: system: hostname:
(import ./nixos/server-common.nix) pkgs.lib.nixosSystem {
sops.nixosModules.sops inherit system;
]; modules = [
specialArgs = {inherit inputs;}; (./. + "/nixos/boxes/${hostname}")
}; (import ./nixos/common.nix)
mkRaspi = pkgs: hostname: sops.nixosModules.sops
pkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [(./. + "/nixos/boxes/${hostname}")];
specialArgs = {inherit inputs;};
};
mkKiosk = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
sops.nixosModules.sops home-manager.nixosModules.home-manager
{
home-manager.nixosModules.home-manager home-manager.useGlobalPkgs = true;
{ home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true; home-manager.users.cyryl = {
home-manager.useUserPackages = true; imports =
home-manager.users.cyryl = { [ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix]; _module.args.inputs = inputs;
_module.args.inputs = inputs; _module.args.system = system;
_module.args.system = system; };
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = { allowUnfree = true; };
}; };
} nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
]; inherit system;
specialArgs = {inherit inputs system;}; config = { allowUnfree = true; };
};
mkWorkstation = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
(import ./nixos/email-accounts.nix)
(import ./nixos/common.nix)
sops.nixosModules.sops
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
_module.args.inputs = inputs;
_module.args.system = system;
}; };
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = {allowUnfree = true;};
};
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = {allowUnfree = true;};
}; };
}; };
}; mkWorkstation = pkgs: system: hostname:
mkShell = packageSet: system: let pkgs.lib.nixosSystem {
pkgs = packageSet.legacyPackages.${system}; inherit system;
in modules = [
pkgs.mkShell { (./. + "/nixos/boxes/${hostname}")
packages = with pkgs; [ (import ./nixos/email-accounts.nix)
cacert (import ./nixos/common.nix)
git sops.nixosModules.sops
git-lfs
nixpkgs-fmt home-manager.nixosModules.home-manager
openssh {
openssl home-manager.useGlobalPkgs = true;
pkg-config home-manager.useUserPackages = true;
statix home-manager.users.cyryl = {
]; imports =
}; [ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
in { _module.args.inputs = inputs;
devShells = { _module.args.system = system;
"x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin"; };
"x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux"; }
}; ];
darwinConfigurations = { specialArgs = {
"FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { inherit inputs system;
system = "x86_64-darwin"; nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
modules = [ inherit system;
(./. + "/nixos/boxes/form3") config = { allowUnfree = true; };
home-manager.darwinModules.home-manager };
{ nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
home-manager.useGlobalPkgs = true; inherit system;
home-manager.useUserPackages = true; config = { allowUnfree = true; };
home-manager.users.cyryl = {
imports = [./nixos/home-manager];
_module.args.inputs = inputs;
_module.args.system = system;
}; };
}
];
};
};
nixosConfigurations = {
foureighty = mkWorkstation nixpkgs-stable "x86_64-linux" "foureighty";
skinnyv = mkWorkstation nixpkgs-stable "x86_64-linux" "skinnyv";
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1";
yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga";
homescreen = mkRaspi nixpkgs-stable "homescreen";
bootstrap = nixpkgs-stable.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [(./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = {allowUnfree = true;};
}; };
}; };
mkShell = packageSet: system:
let pkgs = packageSet.legacyPackages.${system};
in pkgs.mkShell {
packages = with pkgs; [
cacert
git
git-lfs
nixpkgs-fmt
openssh
openssl
pkg-config
statix
];
};
in {
devShells = {
"x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin";
"x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux";
};
darwinConfigurations = {
"FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec {
system = "x86_64-darwin";
modules = [
(./. + "/nixos/boxes/form3")
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports = [ ./nixos/home-manager ];
_module.args.inputs = inputs;
_module.args.system = system;
};
}
];
};
}; };
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes
raspiimage = nixpkgs-stable.lib.nixosSystem {
system = "aarch64-linux";
modules = [
(import
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
{
environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
neovim
htop
btop
atop
];
networking.networkmanager.enable = false; nixosConfigurations = {
hardware.enableRedistributableFirmware = true; foureighty = mkWorkstation nixpkgs-stable "x86_64-linux" "foureighty";
networking.wireless.enable = true; skinnyv = mkWorkstation nixpkgs-stable "x86_64-linux" "skinnyv";
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1";
yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga";
homescreen = mkRaspi nixpkgs-stable "homescreen";
services.openssh = { bootstrap = nixpkgs-stable.lib.nixosSystem rec {
enable = true; system = "x86_64-linux";
permitRootLogin = modules = [ (./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops ];
nixpkgs-stable.lib.mkForce "prohibit-password"; specialArgs = {
passwordAuthentication = false; inherit inputs system;
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = { allowUnfree = true; };
}; };
};
};
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes
raspiimage = nixpkgs-stable.lib.nixosSystem {
system = "aarch64-linux";
modules = [
(import
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
{
environment.systemPackages =
with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
neovim
htop
btop
atop
];
services.xserver = { networking.networkmanager.enable = false;
enable = true; hardware.enableRedistributableFirmware = true;
displayManager.lightdm.enable = true; networking.wireless.enable = true;
desktopManager.gnome.enable = true;
libinput.enable = true;
};
users.extraUsers.root.openssh.authorizedKeys.keys = [ services.openssh = {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" enable = true;
]; permitRootLogin =
sdImage.compressImage = false; nixpkgs-stable.lib.mkForce "prohibit-password";
console.earlySetup = true; passwordAuthentication = false;
} };
];
specialArgs = {inherit inputs;}; services.xserver = {
enable = true;
displayManager.lightdm.enable = true;
desktopManager.gnome.enable = true;
libinput.enable = true;
};
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
];
sdImage.compressImage = false;
console.earlySetup = true;
}
];
specialArgs = { inherit inputs; };
};
}; };
}; };
};
inputs = { inputs = {
nixpkgs-master = { nixpkgs-master = {
type = "github"; type = "github";

41
nixos/boxes/yoga/default.nix
View file

@ -1,26 +1,16 @@
{ { config, pkgs, inputs, lib, system, nixpkgs-nixos-unstable-and-unfree, ... }: {
config,
pkgs,
inputs,
lib,
system,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "yoga"; networking.hostName = "yoga";
imports = [./hardware-configuration.nix ../../boot.nix ../../git]; imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ../../gui ];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
hardware.trackpoint.enable = true; hardware.trackpoint.enable = true;
services.hardware.bolt.enable = true; services.hardware.bolt.enable = true;
services.fprintd = {enable = true;}; services.fprintd = { enable = true; };
home-manager.users.cyryl = {lib, ...}: { home-manager.users.cyryl = { lib, ... }: { home.packages = with pkgs; [ ]; };
home.packages = with pkgs; [firefox vim gnome3.gedit git];
};
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
@ -45,13 +35,6 @@
services.xserver.displayManager.gdm.enable = true; services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true; services.xserver.desktopManager.gnome.enable = true;
services.xserver = {
layout = "pl";
xkbVariant = "";
};
console.keyMap = "pl2";
services.printing.enable = true; services.printing.enable = true;
sound.enable = true; sound.enable = true;
@ -77,9 +60,7 @@
isNormalUser = true; isNormalUser = true;
description = "cyryl"; description = "cyryl";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; [ packages = with pkgs; [ ];
firefox
];
}; };
services.fwupd.enable = true; services.fwupd.enable = true;
@ -91,15 +72,5 @@
systemd.services."getty@tty1".enable = false; systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false; systemd.services."autovt@tty1".enable = false;
nix = { system = { stateVersion = "22.11"; };
settings.auto-optimise-store = true;
gc.automatic = true;
optimise.automatic = true;
package = pkgs.nixUnstable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
system = {stateVersion = "22.11";};
} }

88
nixos/common-hardware.nix
View file

@ -1,65 +1,61 @@
{ { config, pkgs, nixpkgs-nixos-unstable-and-unfree, lib, ... }: {
config, boot.kernelModules = [ "fuse" ];
pkgs,
nixpkgs-nixos-unstable-and-unfree,
lib,
...
}: {
boot.kernelModules = ["fuse"];
services.smartd.enable = true; services.smartd.enable = true;
sound.enable = true; sound.enable = true;
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
dispatcherScripts = [ dispatcherScripts = [{
{ source = pkgs.writeText "upHook" ''
source = pkgs.writeText "upHook" '' enable_disable_wifi ()
enable_disable_wifi () {
{ result=$(nmcli dev | grep "ethernet" | grep -w "connected")
result=$(nmcli dev | grep "ethernet" | grep -w "connected") if [ -n "$result" ]; then
if [ -n "$result" ]; then nmcli radio wifi off
nmcli radio wifi off else
else nmcli radio wifi on
nmcli radio wifi on
fi
}
if [ "$2" = "up" ]; then
enable_disable_wifi
fi fi
}
if [ "$2" = "down" ]; then if [ "$2" = "up" ]; then
enable_disable_wifi enable_disable_wifi
fi fi
'';
type = "basic"; if [ "$2" = "down" ]; then
} enable_disable_wifi
]; fi
'';
type = "basic";
}];
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
hardware.cpu.intel.updateMicrocode = true; hardware.cpu.intel.updateMicrocode = true;
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
support32Bit = true;
extraModules = [];
daemon.config = {
nice-level = -15;
realtime-scheduling = "yes";
};
};
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
package = pkgs.bluezFull; package = pkgs.bluezFull;
settings = {General = {Enable = "Source,Sink,Media,Socket";};}; settings = { General = { Enable = "Source,Sink,Media,Socket"; }; };
}; };
services.blueman.enable = true; services.blueman.enable = true;
environment.systemPackages = with pkgs; [ghostscript poppler]; hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
environment.systemPackages = with pkgs; [ ghostscript poppler ];
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [
@ -77,7 +73,8 @@
description = "Epson XP-540 via bolty"; description = "Epson XP-540 via bolty";
name = "epson_xp540_via_bolty"; name = "epson_xp540_via_bolty";
deviceUri = "ipp://bolty:631/printers/epson_xp540"; deviceUri = "ipp://bolty:631/printers/epson_xp540";
model = "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd"; model =
"epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
ppdOptions = { ppdOptions = {
PageSize = "A4"; PageSize = "A4";
Duplex = "DuplexNoTumble"; Duplex = "DuplexNoTumble";
@ -86,7 +83,8 @@
{ {
description = "Samsung SCX-4623 Series"; description = "Samsung SCX-4623 Series";
name = "samsung-SCX-4623"; name = "samsung-SCX-4623";
deviceUri = "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1"; deviceUri =
"usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
model = "samsung/SCX-4623FW.ppd"; model = "samsung/SCX-4623FW.ppd";
ppdOptions = { ppdOptions = {
PageSize = "A4"; PageSize = "A4";
@ -95,7 +93,7 @@
} }
]; ];
services.udev.packages = [pkgs.utsushi]; services.udev.packages = [ pkgs.utsushi ];
hardware.sane = { hardware.sane = {
enable = true; enable = true;
snapshot = true; snapshot = true;

20
nixos/common-services.nix
View file

@ -1,12 +1,9 @@
{ { config, pkgs, ... }: {
config,
pkgs, console.keyMap = "pl2";
... imports = [ ./tailscale ];
}: {
console.keyMap = "pl";
imports = [./tailscale];
services = { services = {
udev.packages = [pkgs.android-udev-rules]; udev.packages = [ pkgs.android-udev-rules ];
ratbagd.enable = true; ratbagd.enable = true;
fwupd = { fwupd = {
@ -14,11 +11,7 @@
package = pkgs.fwupd; package = pkgs.fwupd;
}; };
tlp = { power-profiles-daemon.enable = true;
enable = true;
settings = {"DISK_IOSCHED" = "mq-deadline";};
};
upower.enable = true; upower.enable = true;
fstrim.enable = true; fstrim.enable = true;
clipmenu.enable = true; clipmenu.enable = true;
@ -33,6 +26,7 @@
enable = true; enable = true;
layout = "pl"; layout = "pl";
xkbOptions = "caps:ctrl_modifier"; xkbOptions = "caps:ctrl_modifier";
xkbVariant = "";
libinput = { libinput = {
enable = true; enable = true;
touchpad = { touchpad = {

11
nixos/common.nix
View file

@ -1,6 +1,6 @@
{ config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }: { config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }:
let let
stateVersion = "22.05"; stateVersion = "22.11";
username = "cyryl"; username = "cyryl";
in { in {
imports = [ imports = [
@ -73,14 +73,7 @@ in {
defaultFonts.monospace = [ "Berkeley Mono" ]; defaultFonts.monospace = [ "Berkeley Mono" ];
}; };
fonts.fonts = with pkgs; fonts.fonts = with pkgs; [ ];
[
(fetchzip {
url = "file://" + ./fonts.zip;
sha256 = "sha256-EfWED+hF/A0og3+oTYUuDUSq3OhdY2+fHmGKkBMQOnc=";
stripRoot = false;
})
];
nix = { nix = {
settings.auto-optimise-store = true; settings.auto-optimise-store = true;