Major update to handle multiple systems
This commit is contained in:
3
hosts/ori/README.org
Normal file
3
hosts/ori/README.org
Normal file
@@ -0,0 +1,3 @@
|
||||
#+title: Just chillin'
|
||||
|
||||
This is my profile for a personal computer. It is functionally identical to my [[../work]] profile, but includes extra things like games and social apps!
|
50
hosts/ori/configuration.nix
Normal file
50
hosts/ori/configuration.nix
Normal file
@@ -0,0 +1,50 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
systemSettings = {
|
||||
# users
|
||||
users = [ "emmet" ];
|
||||
adminUsers = [ "emmet" ];
|
||||
|
||||
# hardware
|
||||
cachy.enable = true;
|
||||
cachy.variant = "server";
|
||||
|
||||
virtualization = {
|
||||
docker.enable = true;
|
||||
};
|
||||
|
||||
# dotfiles
|
||||
dotfilesDir = "/etc/nixos";
|
||||
|
||||
# security
|
||||
security = {
|
||||
automount.enable = false;
|
||||
blocklist.enable = true;
|
||||
doas.enable = true;
|
||||
firejail.enable = false; # TODO setup firejail profiles
|
||||
firewall.enable = true;
|
||||
gpg.enable = true;
|
||||
sshd.enable = true;
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
user.users.emmet.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDaeejVJwUVrIZSo1isbu+gkQ7+8ftCgCsczy3OclkEVWHyRTqlG6yp74hr3j8ZNsOhov7c2Q6RqC8oy669hlxi/y9BsvtlI7sBr94oAKFOmkCS4RiK72ngJjBvI0vbk89wQQjmAd3r8B7ZcedpNOC8CkHu8SebKdYPRIUvAbPc3fTEt7DsJkazAepZCB8LEhUp57FAqQ/Ezlt3X/1uwNq5S0EbE9Zm+nUpEfSqR9apY2neKWLyGiCxpK3dzyNOuulCxvtVz+ie2sTk/6SxM+qWEoVVxhdwyxPihEjgC0EvtG0S5mVh5JmcjRkJOzzBHJuw+6r8yWn/AxGdIsoJ4rKNxH1XH1iLHgCraOLOUjUNlmejTcQPu6o92a79fdz2gCHT/BuIjfCW7MErAC3YSmF45TSur/kiWCBaTqYo06pgbQ3w1vKg7fievQlQzsutmg47RvJp6fb74yxuOdVg39cShQu/l8r6zqm21JAeUaaIp4P/0MrAIMOOVUhbK0QgsNElO4yn0ZKH8wGIF8xORh7ikxUIAyq8C41gjJiO2sAFJc3M8DhduQU3X0lHB7U0Qyu+8ZXn05+zdFPXJ73LKc7DCcLkppRXJsdHLSDEFdWqFnV7o08B4qZkPMT4pmvhwhY0Pf1fwavOqxuTstzw18gUGyQzl0foQi0Qrmdazsp2Qw== emmet@snowfire"
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
rclone
|
||||
rdiff-backup
|
||||
rsnapshot
|
||||
cryptsetup
|
||||
gocryptfs
|
||||
attic-client
|
||||
];
|
||||
|
||||
programs.fuse.userAllowOther = true;
|
||||
};
|
||||
|
||||
}
|
14
hosts/ori/default.nix
Normal file
14
hosts/ori/default.nix
Normal file
@@ -0,0 +1,14 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
home-manager.users = builtins.listToAttrs
|
||||
(map (user: { name = user; value =
|
||||
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
|
||||
};
|
||||
}
|
69
hosts/ori/hardware-configuration.nix
Normal file
69
hosts/ori/hardware-configuration.nix
Normal file
@@ -0,0 +1,69 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, inputs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
services.fstrim.enable = true;
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "sd_mod" "sr_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/ea03d496-2769-485d-b5cb-de0b58cb698c";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/4F5E-11FB";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
services.btrfs.autoScrub = {
|
||||
enable = true;
|
||||
interval = "weekly";
|
||||
};
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.br-df7898ffaebc.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.br-e6c4f9058f19.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth00e4385.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth0814d46.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth329e18d.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth54f044d.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth71ad87e.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth8a14ed4.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth906e2ca.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth95a2121.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth96c8b25.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth97cb8cc.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.veth9f4b444.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.vethb88cfbb.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.vethc1707ca.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.vethec441e8.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.vethed69a4e.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.vethf0728b9.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
# Enable OpenGL
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
}
|
20
hosts/ori/home.nix
Normal file
20
hosts/ori/home.nix
Normal file
@@ -0,0 +1,20 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
|
||||
userSettings = {
|
||||
# setup
|
||||
shell = {
|
||||
enable = true;
|
||||
apps.enable = true;
|
||||
};
|
||||
xdg.enable = true;
|
||||
|
||||
# programs
|
||||
ranger.enable = true;
|
||||
git.enable = true;
|
||||
};
|
||||
|
||||
};
|
||||
}
|
3
hosts/polarias/README.org
Normal file
3
hosts/polarias/README.org
Normal file
@@ -0,0 +1,3 @@
|
||||
#+title: Just chillin'
|
||||
|
||||
This is my profile for a personal computer. It is functionally identical to my [[../work]] profile, but includes extra things like games and social apps!
|
49
hosts/polarias/configuration.nix
Normal file
49
hosts/polarias/configuration.nix
Normal file
@@ -0,0 +1,49 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
systemSettings = {
|
||||
# users
|
||||
users = [ "emmet" ];
|
||||
adminUsers = [ "emmet" ];
|
||||
|
||||
# hardware
|
||||
cachy.enable = true;
|
||||
bluetooth.enable = true;
|
||||
tlp.enable = true;
|
||||
printing.enable = true;
|
||||
|
||||
# software
|
||||
flatpak.enable = false;
|
||||
virtualization = {
|
||||
docker.enable = true;
|
||||
virtualMachines.enable = true;
|
||||
};
|
||||
|
||||
# wm
|
||||
hyprland.enable = true;
|
||||
|
||||
# dotfiles
|
||||
dotfilesDir = "/etc/nixos";
|
||||
|
||||
# security
|
||||
security = {
|
||||
automount.enable = true;
|
||||
blocklist.enable = true;
|
||||
doas.enable = true;
|
||||
firejail.enable = false; # TODO setup firejail profiles
|
||||
firewall.enable = true;
|
||||
gpg.enable = true;
|
||||
openvpn.enable = true;
|
||||
sshd.enable = false;
|
||||
};
|
||||
|
||||
# style
|
||||
stylix = {
|
||||
enable = true;
|
||||
theme = "ayu-dark";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
14
hosts/polarias/default.nix
Normal file
14
hosts/polarias/default.nix
Normal file
@@ -0,0 +1,14 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
home-manager.users = builtins.listToAttrs
|
||||
(map (user: { name = user; value =
|
||||
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
|
||||
};
|
||||
}
|
103
hosts/polarias/hardware-configuration.nix
Normal file
103
hosts/polarias/hardware-configuration.nix
Normal file
@@ -0,0 +1,103 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
services.fstrim.enable = true;
|
||||
|
||||
services.xserver.videoDrivers = lib.mkDefault [ "modesetting" ];
|
||||
|
||||
hardware.graphics = {
|
||||
enable = lib.mkDefault true;
|
||||
enable32Bit = lib.mkDefault true;
|
||||
};
|
||||
|
||||
# my stupid usb hub crashes systemct suspend half of the time now
|
||||
# https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Sleep_hooks
|
||||
systemd.services.root-suspend = {
|
||||
enable = true;
|
||||
description = "Root systemd suspend prehook";
|
||||
unitConfig = {
|
||||
Description = "Root systemd suspend prehook";
|
||||
Before = "sleep.target";
|
||||
};
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${pkgs.uhubctl}/bin/uhubctl -a off";
|
||||
};
|
||||
wantedBy = [ "sleep.target" ];
|
||||
};
|
||||
systemd.services.root-resume = {
|
||||
enable = true;
|
||||
description = "Root systemd suspend posthook";
|
||||
unitConfig = {
|
||||
Description = "Root systemd suspend posthook";
|
||||
After = "suspend.target";
|
||||
};
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${pkgs.uhubctl}/bin/uhubctl -a on";
|
||||
};
|
||||
wantedBy = [ "suspend.target" ];
|
||||
};
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "rtsx_pci_sdmmc" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/3618968f-1717-4c8e-b0d8-2556d18d2c4b";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."luks-06fa6e93-9bde-4703-830e-7ee1a7292a19".device = "/dev/disk/by-uuid/06fa6e93-9bde-4703-830e-7ee1a7292a19";
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/E1BC-04BB";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0077" "dmask=0077" ];
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/d52b7852-f35f-4325-9adc-24aa5d3da2a3";
|
||||
}
|
||||
];
|
||||
|
||||
services.pipewire.enable = lib.mkForce false;
|
||||
hardware.pulseaudio.enable = true;
|
||||
hardware.pulseaudio.daemon.config = {
|
||||
default-sample-format = "float32ne";
|
||||
default-sample-rate = 48000;
|
||||
alternate-sample-rate = 44100;
|
||||
default-sample-channels = 2;
|
||||
default-channel-map = "front-left,front-right";
|
||||
default-fragments = 2;
|
||||
default-fragment-size-msec = 125;
|
||||
resample-method = "speex-float-5";
|
||||
enable-lfe-remixing = "no";
|
||||
high-priority = "yes";
|
||||
nice-level = -11;
|
||||
realtime-scheduling = "yes";
|
||||
realtime-priority = 9;
|
||||
rlimit-rtprio = 9;
|
||||
rlimit-rttime = -1;
|
||||
daemonize = "no";
|
||||
};
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
41
hosts/polarias/home.nix
Normal file
41
hosts/polarias/home.nix
Normal file
@@ -0,0 +1,41 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
|
||||
userSettings = {
|
||||
# setup
|
||||
shell = {
|
||||
enable = true;
|
||||
apps.enable = true;
|
||||
extraApps.enable = true;
|
||||
};
|
||||
xdg.enable = true;
|
||||
|
||||
# programs
|
||||
browser = "qutebrowser";
|
||||
brave.enable = true;
|
||||
editor = "emacs";
|
||||
ranger.enable = true;
|
||||
git.enable = true;
|
||||
engineering.enable = true;
|
||||
art.enable = true;
|
||||
flatpak.enable = false;
|
||||
godot.enable = true;
|
||||
keepass.enable = true;
|
||||
media.enable = true;
|
||||
music.enable = true;
|
||||
office.enable = true;
|
||||
|
||||
# wm
|
||||
hyprland.enable = true;
|
||||
|
||||
# style
|
||||
stylix.enable = true;
|
||||
|
||||
# hardware
|
||||
bluetooth.enable = true;
|
||||
};
|
||||
|
||||
};
|
||||
}
|
@@ -45,6 +45,13 @@
|
||||
theme = "io";
|
||||
};
|
||||
};
|
||||
|
||||
users.users.emmet.description = "Emmet";
|
||||
home-manager.users.emmet.userSettings = {
|
||||
name = "Emmet";
|
||||
email = "emmet@librephoenix.com";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
@@ -40,5 +40,16 @@
|
||||
# hardware
|
||||
bluetooth.enable = true;
|
||||
};
|
||||
|
||||
wayland.windowManager.hyprland = lib.mkIf config.userSettings.hyprland.enable {
|
||||
settings = {
|
||||
monitor = [
|
||||
"eDP-1,1920x1080@300,900x1080,1"
|
||||
"HDMI-A-1,1920x1080,1920x0,1"
|
||||
"DP-1,1920x1080,0x0,1"
|
||||
];
|
||||
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
3
hosts/stardust/README.org
Normal file
3
hosts/stardust/README.org
Normal file
@@ -0,0 +1,3 @@
|
||||
#+title: Just chillin'
|
||||
|
||||
This is my profile for a personal computer. It is functionally identical to my [[../work]] profile, but includes extra things like games and social apps!
|
52
hosts/stardust/configuration.nix
Normal file
52
hosts/stardust/configuration.nix
Normal file
@@ -0,0 +1,52 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
systemSettings = {
|
||||
# users
|
||||
users = [ "corrina" ];
|
||||
adminUsers = [ "corrina" ];
|
||||
|
||||
# hardware
|
||||
cachy.enable = true;
|
||||
bluetooth.enable = true;
|
||||
tlp.enable = true;
|
||||
printing.enable = true;
|
||||
|
||||
# software
|
||||
flatpak.enable = false;
|
||||
gaming.enable = true;
|
||||
virtualization = {
|
||||
docker.enable = true;
|
||||
};
|
||||
|
||||
# wm
|
||||
plasma.enable = true;
|
||||
|
||||
# security
|
||||
security = {
|
||||
automount.enable = true;
|
||||
blocklist.enable = true;
|
||||
doas.enable = true;
|
||||
firejail.enable = false; # TODO setup firejail profiles
|
||||
firewall.enable = true;
|
||||
gpg.enable = true;
|
||||
openvpn.enable = true;
|
||||
sshd.enable = false;
|
||||
};
|
||||
|
||||
# style
|
||||
stylix = {
|
||||
enable = true;
|
||||
theme = "eris";
|
||||
};
|
||||
};
|
||||
|
||||
users.users.corrina.description = "Corrina";
|
||||
home-manager.users.corrina.userSettings = {
|
||||
name = "Corrina";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
14
hosts/stardust/default.nix
Normal file
14
hosts/stardust/default.nix
Normal file
@@ -0,0 +1,14 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
home-manager.users = builtins.listToAttrs
|
||||
(map (user: { name = user; value =
|
||||
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
|
||||
};
|
||||
}
|
41
hosts/stardust/hardware-configuration.nix
Normal file
41
hosts/stardust/hardware-configuration.nix
Normal file
@@ -0,0 +1,41 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/3d07095a-0dc5-4a51-99be-592352b5755c";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."luks-cc9ec6bd-3b81-47ad-b289-4c56da1fc791".device = "/dev/disk/by-uuid/cc9ec6bd-3b81-47ad-b289-4c56da1fc791";
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/5179-698C";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wwan0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
38
hosts/stardust/home.nix
Normal file
38
hosts/stardust/home.nix
Normal file
@@ -0,0 +1,38 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
|
||||
userSettings = {
|
||||
# setup
|
||||
shell = {
|
||||
enable = true;
|
||||
apps.enable = true;
|
||||
extraApps.enable = true;
|
||||
};
|
||||
xdg.enable = true;
|
||||
|
||||
# programs
|
||||
browser = "brave";
|
||||
editor = "kate";
|
||||
ranger.enable = true;
|
||||
git.enable = true;
|
||||
art.enable = true;
|
||||
flatpak.enable = false;
|
||||
godot.enable = true;
|
||||
keepass.enable = true;
|
||||
media.enable = true;
|
||||
office.enable = true;
|
||||
|
||||
# wm
|
||||
plasma.enable = true;
|
||||
|
||||
# style
|
||||
stylix.enable = true;
|
||||
|
||||
# hardware
|
||||
bluetooth.enable = true;
|
||||
};
|
||||
|
||||
};
|
||||
}
|
3
hosts/zenith/README.org
Normal file
3
hosts/zenith/README.org
Normal file
@@ -0,0 +1,3 @@
|
||||
#+title: Just chillin'
|
||||
|
||||
This is my profile for a personal computer. It is functionally identical to my [[../work]] profile, but includes extra things like games and social apps!
|
49
hosts/zenith/configuration.nix
Normal file
49
hosts/zenith/configuration.nix
Normal file
@@ -0,0 +1,49 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
systemSettings = {
|
||||
# users
|
||||
users = [ "emmet" ];
|
||||
adminUsers = [ "emmet" ];
|
||||
|
||||
# hardware
|
||||
cachy.enable = true;
|
||||
bluetooth.enable = true;
|
||||
tlp.enable = true;
|
||||
printing.enable = true;
|
||||
|
||||
# software
|
||||
flatpak.enable = false;
|
||||
virtualization = {
|
||||
docker.enable = true;
|
||||
virtualMachines.enable = true;
|
||||
};
|
||||
|
||||
# wm
|
||||
hyprland.enable = true;
|
||||
|
||||
# dotfiles
|
||||
dotfilesDir = "/etc/nixos";
|
||||
|
||||
# security
|
||||
security = {
|
||||
automount.enable = true;
|
||||
blocklist.enable = true;
|
||||
doas.enable = true;
|
||||
firejail.enable = false; # TODO setup firejail profiles
|
||||
firewall.enable = true;
|
||||
gpg.enable = true;
|
||||
openvpn.enable = true;
|
||||
sshd.enable = false;
|
||||
};
|
||||
|
||||
# style
|
||||
stylix = {
|
||||
enable = true;
|
||||
theme = "alph";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
14
hosts/zenith/default.nix
Normal file
14
hosts/zenith/default.nix
Normal file
@@ -0,0 +1,14 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
home-manager.users = builtins.listToAttrs
|
||||
(map (user: { name = user; value =
|
||||
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
|
||||
};
|
||||
}
|
86
hosts/zenith/hardware-configuration.nix
Normal file
86
hosts/zenith/hardware-configuration.nix
Normal file
@@ -0,0 +1,86 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, inputs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
services.fstrim.enable = true;
|
||||
|
||||
services.xserver.videoDrivers = lib.mkDefault [ "modesetting" ];
|
||||
|
||||
hardware.graphics = {
|
||||
enable = lib.mkDefault true;
|
||||
enable32Bit = lib.mkDefault true;
|
||||
};
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "ahci" "nvme" "usbhid" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [ zenpower ];
|
||||
|
||||
# my stupid usb hub crashes systemct suspend half of the time now
|
||||
# https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Sleep_hooks
|
||||
systemd.services.root-suspend = {
|
||||
enable = true;
|
||||
description = "Root systemd suspend prehook";
|
||||
unitConfig = {
|
||||
Description = "Root systemd suspend prehook";
|
||||
Before = "sleep.target";
|
||||
};
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${pkgs.uhubctl}/bin/uhubctl -a off";
|
||||
};
|
||||
wantedBy = [ "sleep.target" ];
|
||||
};
|
||||
systemd.services.root-resume = {
|
||||
enable = true;
|
||||
description = "Root systemd suspend posthook";
|
||||
unitConfig = {
|
||||
Description = "Root systemd suspend posthook";
|
||||
After = "suspend.target";
|
||||
};
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${pkgs.uhubctl}/bin/uhubctl -a on";
|
||||
};
|
||||
wantedBy = [ "suspend.target" ];
|
||||
};
|
||||
|
||||
services.btrfs.autoScrub = {
|
||||
enable = true;
|
||||
interval = "weekly";
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/ca98a0cc-4a50-4e28-84e5-0dddcbfea155";
|
||||
fsType = "btrfs";
|
||||
options = [ "noatime,compress-force=zstd:2,discard=async,commit=120,clear_cache,space_cache=v2,subvol=@" ];
|
||||
};
|
||||
|
||||
boot.loader.efi.efiSysMountPoint = "/boot";
|
||||
|
||||
boot.initrd.luks.devices."luks-9c74f9e5-41c3-4ba6-8a87-059dbcd4e2b3".device = "/dev/disk/by-uuid/9c74f9e5-41c3-4ba6-8a87-059dbcd4e2b3";
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/4898-D64F";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0077" "dmask=0077" ];
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
65
hosts/zenith/home.nix
Normal file
65
hosts/zenith/home.nix
Normal file
@@ -0,0 +1,65 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = {
|
||||
|
||||
userSettings = {
|
||||
# setup
|
||||
shell = {
|
||||
enable = true;
|
||||
apps.enable = true;
|
||||
};
|
||||
xdg.enable = true;
|
||||
|
||||
# programs
|
||||
browser = "qutebrowser";
|
||||
brave.enable = true;
|
||||
editor = "emacs";
|
||||
ranger.enable = true;
|
||||
git.enable = true;
|
||||
engineering.enable = true;
|
||||
art.enable = true;
|
||||
flatpak.enable = false;
|
||||
godot.enable = true;
|
||||
keepass.enable = true;
|
||||
media.enable = true;
|
||||
music.enable = true;
|
||||
office.enable = true;
|
||||
recording.enable = true;
|
||||
virtualization = {
|
||||
virtualMachines.enable = true;
|
||||
};
|
||||
|
||||
# wm
|
||||
hyprland.enable = true;
|
||||
|
||||
# style
|
||||
stylix.enable = true;
|
||||
|
||||
# hardware
|
||||
bluetooth.enable = true;
|
||||
};
|
||||
|
||||
wayland.windowManager.hyprland = lib.mkIf config.userSettings.hyprland.enable {
|
||||
settings = {
|
||||
bind = [
|
||||
''SUPER,E,exec,if hyprctl clients | grep qutegmail; then echo "scratch_mail respawn not needed"; else qutebrowser --qt-flag enable-gpu-rasterization --qt-flag enable-native-gpu-memory-buffers --qt-flag num-raster-threads=4 -B ~/.browser/Teaching :'set input.mode_override passthrough -u mail.google.com' :'set window.title_format qutegmail' :'set tabs.show never' :'set statusbar.show never' https://mail.google.com; fi''
|
||||
"SUPER,E,togglespecialworkspace,scratch_email"
|
||||
];
|
||||
|
||||
windowrulev2 = [
|
||||
"float,title:^(qutegmail)$"
|
||||
"size 80% 85%,title:^(qutegmail)$"
|
||||
"workspace special:scratch_email ,title:^(qutegmail)$"
|
||||
"center,title:^(qutegmail)$"
|
||||
];
|
||||
|
||||
monitor = [
|
||||
"eDP-1,1920x1080,1920x0,1"
|
||||
"HDMI-A-1,1920x1080,0x0,1"
|
||||
];
|
||||
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
Reference in New Issue
Block a user