From 21da9f6da2f3bb5215d4d552149f31a8cae85d60 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Thu, 27 Feb 2025 13:59:11 -0600 Subject: [PATCH] feat: hyprland module and adding telchar --- .archive/hosts/telchar/default.nix | 93 -------- .archive/profiles/hw-framework-16-7840hs.nix | 32 --- .archive/profiles/role-workstation.nix | 79 ------- flake.lock | 220 +++++++++++------- flake.nix | 21 ++ nixos/home/jahanson/global.nix | 6 +- nixos/home/jahanson/sworkstation.nix | 7 +- nixos/home/jahanson/workstation.nix | 52 +---- nixos/home/modules/de/default.nix | 5 + nixos/home/modules/de/hyprland.nix | 29 +++ nixos/home/modules/default.nix | 6 +- nixos/home/modules/programs/default.nix | 3 +- nixos/hosts/shadowfax/default.nix | 47 +--- nixos/hosts/telchar/default.nix | 84 +++++++ .../hosts/telchar/secrets.sops.yaml | 0 nixos/modules/nixos/de/default.nix | 7 + nixos/modules/nixos/de/gnome.nix | 114 +++++++++ nixos/modules/nixos/de/hyprland.nix | 115 +++++++++ nixos/modules/nixos/de/kde.nix | 70 ++++++ nixos/modules/nixos/default.nix | 10 +- .../default.nix | 14 +- nixos/profiles/disko/simple-efi.nix | 33 +++ nixos/profiles/hw-framework-16-7840hs.nix | 59 +++++ nixos/profiles/hw-threadripperpro.nix | 16 +- nixos/profiles/role-dev.nix | 11 +- nixos/profiles/role-workstation.nix | 72 ++++++ 26 files changed, 796 insertions(+), 409 deletions(-) delete mode 100644 .archive/hosts/telchar/default.nix delete mode 100644 .archive/profiles/hw-framework-16-7840hs.nix delete mode 100644 .archive/profiles/role-workstation.nix create mode 100644 nixos/home/modules/de/default.nix create mode 100644 nixos/home/modules/de/hyprland.nix create mode 100644 nixos/hosts/telchar/default.nix rename {.archive => nixos}/hosts/telchar/secrets.sops.yaml (100%) create mode 100644 nixos/modules/nixos/de/default.nix create mode 100644 nixos/modules/nixos/de/gnome.nix create mode 100644 nixos/modules/nixos/de/hyprland.nix create mode 100644 nixos/modules/nixos/de/kde.nix create mode 100644 nixos/profiles/disko/simple-efi.nix create mode 100644 nixos/profiles/hw-framework-16-7840hs.nix create mode 100644 nixos/profiles/role-workstation.nix diff --git a/.archive/hosts/telchar/default.nix b/.archive/hosts/telchar/default.nix deleted file mode 100644 index fbda4fa..0000000 --- a/.archive/hosts/telchar/default.nix +++ /dev/null @@ -1,93 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - networking.hostId = "4488bd1a"; - networking.hostName = "telchar"; - boot = { - initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "thunderbolt" - "usbhid" - "usb_storage" - "sd_mod" - ]; - initrd.kernelModules = [ "amdgpu" ]; - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; - }; - - swapDevices = [ ]; - virtualisation.docker.enable = true; - - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - - # Enable Flatpak support - services.flatpak.enable = true; - - ## Base config programs. - programs = { - # Enable Wireshark - wireshark.enable = true; - # Enable OpenJDK - java.enable = true; - }; - - # sops - sops.secrets = { - "syncthing/publicCert" = { - sopsFile = ./secrets.sops.yaml; - owner = "jahanson"; - mode = "400"; - restartUnits = [ "syncthing.service" ]; - }; - "syncthing/privateKey" = { - sopsFile = ./secrets.sops.yaml; - owner = "jahanson"; - mode = "400"; - restartUnits = [ "syncthing.service" ]; - }; - }; - - ## System settings and services. - mySystem = { - purpose = "Development"; - - services.syncthing = { - enable = true; - user = "jahanson"; - publicCertPath = config.sops.secrets."syncthing/publicCert".path; - privateKeyPath = config.sops.secrets."syncthing/privateKey".path; - }; - - ## Desktop Environment - ## Gnome - # de.gnome.enable = true; - ## KDE - de.kde.enable = true; - - ## Games - games.steam.enable = true; - - ## System config - system = { - motd.networkInterfaces = [ "wlp1s0" ]; - fingerprint-reader-on-laptop-lid.enable = true; - }; - - framework_wifi_swap.enable = true; - security._1password.enable = true; - }; -} diff --git a/.archive/profiles/hw-framework-16-7840hs.nix b/.archive/profiles/hw-framework-16-7840hs.nix deleted file mode 100644 index a8333bb..0000000 --- a/.archive/profiles/hw-framework-16-7840hs.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - mySystem = { - security.wheelNeedsSudoPassword = false; - }; - - boot = { - # for managing/mounting nfs - supportedFilesystems = [ "nfs" ]; - - loader = { - systemd-boot.enable = true; - efi = { - canTouchEfiVariables = true; - }; - }; - }; - - # For updating firmware on the Framework. - services.fwupd.enable = true; - - networking = { - useDHCP = lib.mkDefault true; - networkmanager.enable = true; - }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/.archive/profiles/role-workstation.nix b/.archive/profiles/role-workstation.nix deleted file mode 100644 index 7b7703b..0000000 --- a/.archive/profiles/role-workstation.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -# Role for workstations -# Covers desktops/laptops, expected to have a GUI and do workloads -# Will have home-manager installs -let - vivaldiOverride = pkgs.vivaldi.override { - proprietaryCodecs = true; - enableWidevine = true; - }; -in -with config; -{ - mySystem = { - shell.fish.enable = true; - editor.vscode.enable = true; - - system.resticBackup.local.enable = false; - system.resticBackup.remote.enable = false; - }; - - boot = { - binfmt.emulatedSystems = [ "aarch64-linux" ]; # Enabled for raspi4 compilation - plymouth.enable = true; # hide console with splash screen - }; - - nix.settings = { - # Avoid disk full issues - max-free = lib.mkDefault (1000 * 1000 * 1000); - min-free = lib.mkDefault (128 * 1000 * 1000); - }; - - services = { - # set xserver videodrivers if used - xserver.enable = true; - # Enable the Gnome keyring for auto unlocking ssh keys on login - gnome.gnome-keyring.enable = true; - fwupd.enable = config.boot.loader.systemd-boot.enable; # fwupd does not work in BIOS mode - thermald.enable = true; - smartd.enable = true; - }; - - hardware = { - enableAllFirmware = true; - sensor.hddtemp = { - enable = true; - drives = [ "/dev/disk/by-id/*" ]; - }; - }; - - environment.systemPackages = with pkgs; [ - # Sensors etc - lm_sensors - cpufrequtils - cpupower-gui - vivaldiOverride - gparted - termius - ]; - - i18n = { - defaultLocale = lib.mkDefault "en_US.UTF-8"; - }; - - programs = { - mtr.enable = true; - ssh.startAgent = true; - - # Enable appimage support and executing them via the appimage-run helper. - appimage = { - enable = true; - binfmt = true; - }; - }; -} diff --git a/flake.lock b/flake.lock index b420f89..8e5bff6 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,25 @@ { "nodes": { + "ags": { + "inputs": { + "nixpkgs": "nixpkgs", + "systems": "systems" + }, + "locked": { + "lastModified": 1735346349, + "narHash": "sha256-n/VeEnc6fra2SPgm2ppzwQ52ggYDhpzmBnIBrVD/f+0=", + "owner": "Aylur", + "repo": "ags", + "rev": "237601999d65a4663bcbab934f4f6ce1f579d728", + "type": "github" + }, + "original": { + "owner": "Aylur", + "ref": "v1", + "repo": "ags", + "type": "github" + } + }, "aquamarine": { "inputs": { "hyprutils": [ @@ -20,11 +40,11 @@ ] }, "locked": { - "lastModified": 1739103745, - "narHash": "sha256-c53dcRaw0F4Os9WD05HwIRs9kTDZw4Mxe1XK4edEALo=", + "lastModified": 1739298463, + "narHash": "sha256-oAFv9jKwwA7d7384d2LeywDSgwhvb3ZnrwbfoWPhXsI=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "a3dda0d10ce9aa1d1dfb7a6c139ea8c2872c74bd", + "rev": "f239e5aadd6d23c48e085c2de3397e2058e54d16", "type": "github" }, "original": { @@ -57,11 +77,11 @@ ] }, "locked": { - "lastModified": 1739529569, - "narHash": "sha256-sQzLVCRPfAV/TJXru/jhCyecMXinG/sW8KLoYg0nOpk=", + "lastModified": 1740485968, + "narHash": "sha256-WK+PZHbfDjLyveXAxpnrfagiFgZWaTJglewBWniTn2Y=", "owner": "nix-community", "repo": "disko", - "rev": "e51159153b5fbe5c41caab41a7212df93c42d34b", + "rev": "19c1140419c4f1cdf88ad4c1cfb6605597628940", "type": "github" }, "original": { @@ -129,11 +149,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "type": "github" }, "original": { @@ -184,11 +204,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "lastModified": 1738453229, + "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", "type": "github" }, "original": { @@ -217,7 +237,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -235,14 +255,14 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -253,7 +273,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1710146030, @@ -271,7 +291,7 @@ }, "flake-utils_4": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1731533236, @@ -289,7 +309,7 @@ }, "flake-utils_5": { "inputs": { - "systems": "systems_7" + "systems": "systems_8" }, "locked": { "lastModified": 1681202837, @@ -349,11 +369,11 @@ ] }, "locked": { - "lastModified": 1736373539, - "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", + "lastModified": 1739757849, + "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", + "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", "type": "github" }, "original": { @@ -431,17 +451,17 @@ "hyprlang": "hyprlang", "hyprutils": "hyprutils", "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems", + "systems": "systems_2", "xdph": "xdph" }, "locked": { - "lastModified": 1739547063, - "narHash": "sha256-HOKqsauJjL2hsocuCc+ryMZ+LXkoIOCGOyYvAJ20a40=", + "lastModified": 1740614171, + "narHash": "sha256-M4V9mn/XlGaz0ghcAICZZ5ErU7gB/J4dRGZ5eC9axng=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "df3fba157279de53c582344b59699a21ac5d62b5", + "rev": "d5920bc5da75b8eaf3476bc814bd46d225709788", "type": "github" }, "original": { @@ -614,11 +634,11 @@ ] }, "locked": { - "lastModified": 1739048933, - "narHash": "sha256-ck6MaoYvISBQKqZR+HcxXnx0wOhyCauxfVMaV5zhJxQ=", + "lastModified": 1739891528, + "narHash": "sha256-h8HOCZ/rw2Buzku+GKF77VXxrGjCSOQkLhptiEKMYg0=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "e4e018a2ca6f5a9c33511973454199e1c7c85499", + "rev": "61a5382f4b1ab578064d470b1b3d3f0df396b8ba", "type": "github" }, "original": { @@ -705,11 +725,11 @@ }, "mnw": { "locked": { - "lastModified": 1735150973, - "narHash": "sha256-OJhcCAoaMMXeD6o4qI/hxBCNELJp4dN8D5LJZc8w8XA=", + "lastModified": 1738852285, + "narHash": "sha256-8Y1uyE6gGHxdU0Vcx2CMg/dAmDSxJw19aAl3TKbbo54=", "owner": "Gerg-L", "repo": "mnw", - "rev": "40cd0b006cc48dffd0f8698ad7f54cf1d56779a6", + "rev": "6ae73dc9cb72cea17bcc2e3d4670825f483e80e8", "type": "github" }, "original": { @@ -802,11 +822,11 @@ ] }, "locked": { - "lastModified": 1739497562, - "narHash": "sha256-E6tyMwiJ0ijr5R9yTuOH+/xlafBLqeHdgtLhjb126vg=", + "lastModified": 1740620959, + "narHash": "sha256-2yp4ipvKG1cZf4OJYelOiDMtZ4qxGn4PPFXlpiVMcuo=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "72fe220930c409d400827c630ede7604ff892039", + "rev": "91ee2f20fe2500359ba04f6ca86d39e950345d1f", "type": "github" }, "original": { @@ -824,11 +844,11 @@ ] }, "locked": { - "lastModified": 1739497746, - "narHash": "sha256-Bfok+AZ/iTOmJNndwR7wOZbsuL5/gks3GH2qvWTxpGs=", + "lastModified": 1740655383, + "narHash": "sha256-HHb6wtlHWy/CW3oCtOyOQrNnzgtsvwvwM6wAlDvfTec=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "6113f471097e12ff293e86b36e74aee21c55204e", + "rev": "bcf7577daac02aa1a7dfaddc79324b7c6ca4af81", "type": "github" }, "original": { @@ -839,11 +859,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1738816619, - "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=", + "lastModified": 1740646007, + "narHash": "sha256-dMReDQobS3kqoiUCQIYI9c0imPXRZnBubX20yX/G5LE=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "2eccff41bab80839b1d25b303b53d339fbb07087", + "rev": "009b764ac98a3602d41fc68072eeec5d24fc0e49", "type": "github" }, "original": { @@ -855,11 +875,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739020877, - "narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=", + "lastModified": 1725634671, + "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a79cfe0ebd24952b580b1cf08cd906354996d547", + "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c", "type": "github" }, "original": { @@ -871,14 +891,14 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1733096140, - "narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=", + "lastModified": 1738452942, + "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" } }, "nixpkgs-lib_2": { @@ -911,11 +931,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1739446958, - "narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", + "lastModified": 1740560979, + "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2ff53fe64443980e139eaa286017f53f88336dd0", + "rev": "5135c59491985879812717f4c9fea69604e7f26f", "type": "github" }, "original": { @@ -927,11 +947,27 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1739357830, - "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", + "lastModified": 1739020877, + "narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a79cfe0ebd24952b580b1cf08cd906354996d547", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1740463929, + "narHash": "sha256-4Xhu/3aUdCKeLfdteEHMegx5ooKQvwPHNkOgNCXQrvc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", + "rev": "5d7db4668d7a0c6cc5fc8cf6ef33b008b2b1ed8b", "type": "github" }, "original": { @@ -941,13 +977,13 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1739446958, - "narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", + "lastModified": 1740560979, + "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2ff53fe64443980e139eaa286017f53f88336dd0", + "rev": "5135c59491985879812717f4c9fea69604e7f26f", "type": "github" }, "original": { @@ -957,13 +993,13 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { - "lastModified": 1737370608, - "narHash": "sha256-hFA6SmioeqvGW/XvZa9bxniAeulksCOcj3kokdNT/YE=", + "lastModified": 1740303746, + "narHash": "sha256-XcdiWLEhjJkMxDLKQJ0CCivmYYCvA5MDxu9pMybM5kM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "300081d0cc72df578b02d914df941b8ec62240e6", + "rev": "2d068ae5c6516b2d04562de50a58c682540de9bf", "type": "github" }, "original": { @@ -973,7 +1009,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1682134069, "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", @@ -1028,15 +1064,15 @@ "nur": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1739562611, - "narHash": "sha256-YKw4sV2bHkyHiS03REG27T/26QrvJ9VxBMelB7r6sRE=", + "lastModified": 1740661727, + "narHash": "sha256-FayYwfyYLL+EtaRcN2H3YV8Z0XJhjYRvhOYPpq7k9NA=", "owner": "nix-community", "repo": "NUR", - "rev": "0d4c07bb0a1524767f4fd7cc80f98a27bb52c676", + "rev": "32eb8668e5b3de02c6d5891ee1736c2ab35148f8", "type": "github" }, "original": { @@ -1051,16 +1087,16 @@ "flake-utils": "flake-utils_4", "mnw": "mnw", "nil": "nil", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nmd": "nmd", - "systems": "systems_6" + "systems": "systems_7" }, "locked": { - "lastModified": 1739534392, - "narHash": "sha256-OkDPZJm1gH3Fi8e+0km1ULrq8sLQS6wwjQqacz+w/ZA=", + "lastModified": 1740659022, + "narHash": "sha256-eUbuxeOQFKZln1ctHDgJDyRzvEK8XkjG6pMVkONQEBA=", "owner": "notashelf", "repo": "nvf", - "rev": "4196be3ac8d374450314f8595f30d0b86accba11", + "rev": "7e53fc47243448fdd01adf2a5b780831853c5dca", "type": "github" }, "original": { @@ -1179,6 +1215,7 @@ }, "root": { "inputs": { + "ags": "ags", "disko": "disko", "home-manager": "home-manager", "hyprland": "hyprland", @@ -1188,7 +1225,7 @@ "nix-minecraft": "nix-minecraft", "nix-vscode-extensions": "nix-vscode-extensions", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nixpkgs-unstable": "nixpkgs-unstable", "nixvirt-git": "nixvirt-git", "nur": "nur", @@ -1303,16 +1340,16 @@ }, "systems_2": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1391,6 +1428,21 @@ "type": "github" } }, + "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "talhelper": { "inputs": { "flake-parts": "flake-parts_3", @@ -1399,11 +1451,11 @@ ] }, "locked": { - "lastModified": 1739519313, - "narHash": "sha256-synif7QRviwxRYKhi/53vDISk2Ts6b70NKPbg2/o9Pc=", + "lastModified": 1740628241, + "narHash": "sha256-7yzmrdbrw7PzTAeWwEr+r5lmevbSuife4cOJl96Kv7w=", "owner": "budimanjojo", "repo": "talhelper", - "rev": "4bc81a3f086ae9a9786954f241cca86a8c8a15f8", + "rev": "e23e0e77e3c7c9fb08e0d783a11fa1d92227a70d", "type": "github" }, "original": { @@ -1458,7 +1510,7 @@ "vscode-server": { "inputs": { "flake-utils": "flake-utils_5", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1729422940, diff --git a/flake.nix b/flake.nix index 0f3b971..c7f55a5 100644 --- a/flake.nix +++ b/flake.nix @@ -91,6 +91,8 @@ url = "github:hyprwm/hyprland-plugins"; inputs.hyprland.follows = "hyprland"; }; + # Hyprland AGS (Application Grouping System) + ags.url = "github:Aylur/ags/v1"; # nvf - A highly modular, extensible and distro-agnostic Neovim configuration framework for Nix/NixOS. nvf.url = "github:notashelf/nvf"; @@ -206,6 +208,25 @@ ]; }; + "telchar" = mkNixosConfig { + # Framework 16 Ryzen 7 7840HS - Radeon 780M Graphics + # Hyprland first, QEMU Windows second + hostname = "telchar"; + system = "x86_64-linux"; + hardwareModules = [ + inputs.nixos-hardware.nixosModules.framework-16-7040-amd + ./nixos/profiles/hw-framework-16-7840hs.nix + disko.nixosModules.disko + (import ./nixos/profiles/disko/simple-efi.nix {disk = "/dev/nvme0n1";}) + lix-module.nixosModules.default + ]; + profileModules = [ + ./nixos/profiles/role-dev.nix + ./nixos/profiles/role-workstation.nix + {home-manager.users.jahanson = ./nixos/home/jahanson/workstation.nix;} + ]; + }; + "telperion" = mkNixosConfig { # HP-S01 Intel G5900 # Network services server diff --git a/nixos/home/jahanson/global.nix b/nixos/home/jahanson/global.nix index 22948e5..1a861a4 100644 --- a/nixos/home/jahanson/global.nix +++ b/nixos/home/jahanson/global.nix @@ -2,9 +2,7 @@ pkgs, config, ... -}: -with config; -{ +}: { imports = [ ../modules ]; @@ -32,7 +30,6 @@ with config; }; home = { - # Install these packages for my user packages = with pkgs; [ # misc @@ -106,7 +103,6 @@ with config; # backup tools unstable.rclone unstable.restic - ]; }; }; diff --git a/nixos/home/jahanson/sworkstation.nix b/nixos/home/jahanson/sworkstation.nix index 780f54b..cd77c85 100644 --- a/nixos/home/jahanson/sworkstation.nix +++ b/nixos/home/jahanson/sworkstation.nix @@ -5,8 +5,11 @@ config = { myHome = { - programs.firefox.enable = true; - programs.thunderbird.enable = true; + de.hyprland.enable = true; + programs = { + firefox.enable = true; + thunderbird.enable = true; + }; shell = { # soon(tm) # ghostty.enable = true; diff --git a/nixos/home/jahanson/workstation.nix b/nixos/home/jahanson/workstation.nix index b87179c..3289899 100644 --- a/nixos/home/jahanson/workstation.nix +++ b/nixos/home/jahanson/workstation.nix @@ -1,37 +1,16 @@ -{ - pkgs, - inputs, - ... -}: -let - coderMainline = pkgs.coder.override { channel = "mainline"; }; -in -{ +{pkgs, ...}: { imports = [ ./global.nix - inputs.krewfile.homeManagerModules.krewfile ]; config = { - # Krewfile management - programs.krewfile = { - enable = true; - krewPackage = pkgs.krew; - indexes = { - "netshoot" = "https://github.com/nilic/kubectl-netshoot.git"; - }; - plugins = [ - "netshoot/netshoot" - "resource-capacity" - "rook-ceph" - ]; - }; - + # Custom Home Manager Configuration myHome = { - programs.firefox.enable = true; - programs.thunderbird.enable = true; + de.hyprland.enable = true; + programs = { + firefox.enable = true; + thunderbird.enable = true; + }; shell = { - wezterm.enable = true; - git = { enable = true; username = "Joseph Hanson"; @@ -41,15 +20,16 @@ in }; }; + # Home Manager Configuration home = { # Install these packages for my user packages = with pkgs; [ # apps - obsidian - parsec-bin + # parsec-bin solaar # open source manager for logitech unifying receivers unstable.bruno # unstable.fractal + unstable.obsidian unstable.httpie unstable.jetbrains.datagrip unstable.jetbrains.rust-rover @@ -57,23 +37,13 @@ in unstable.talosctl # overlay override unstable.telegram-desktop unstable.tidal-hifi - unstable.xpipe + # unstable.xpipe # unstable.vesktop # gpu issues. Using the flatpak version solves this issue. vlc yt-dlp # cli brightnessctl - - # dev utils - kubectl - minio-client # S3 management - pre-commit # Pre-commit tasks for git - shellcheck # shell script linting - unstable.act # run GitHub actions locally - unstable.kubebuilder # k8s controller development - unstable.nodePackages_latest.prettier # code formatter - coderMainline # VSCode in the browser -- has overlay ]; }; }; diff --git a/nixos/home/modules/de/default.nix b/nixos/home/modules/de/default.nix new file mode 100644 index 0000000..b02afc2 --- /dev/null +++ b/nixos/home/modules/de/default.nix @@ -0,0 +1,5 @@ +{...}: { + imports = [ + ./hyprland.nix + ]; +} diff --git a/nixos/home/modules/de/hyprland.nix b/nixos/home/modules/de/hyprland.nix new file mode 100644 index 0000000..138e880 --- /dev/null +++ b/nixos/home/modules/de/hyprland.nix @@ -0,0 +1,29 @@ +{ + lib, + config, + pkgs, + inputs, + ... +}: +with lib; let + cfg = config.myHome.de.hyprland; +in { + options.myHome.de.hyprland.enable = mkEnableOption "Hyprland"; + + imports = [inputs.ags.homeManagerModules.default]; + config = mkIf cfg.enable { + programs.ags = { + enable = true; + + # I don't want Home Manager to manage these config files. + # Just setup the programs. + configDir = null; + + extraPackages = with pkgs; [ + gtksourceview + webkitgtk_6_0 + accountsservice + ]; + }; + }; +} diff --git a/nixos/home/modules/default.nix b/nixos/home/modules/default.nix index f520e75..627c98c 100644 --- a/nixos/home/modules/default.nix +++ b/nixos/home/modules/default.nix @@ -1,7 +1,6 @@ -{ lib, ... }: -{ - +{lib, ...}: { imports = [ + ./de ./shell ./programs ./security @@ -33,5 +32,4 @@ allowUnfree = true; }; }; - } diff --git a/nixos/home/modules/programs/default.nix b/nixos/home/modules/programs/default.nix index b84d8c8..4a5d28c 100644 --- a/nixos/home/modules/programs/default.nix +++ b/nixos/home/modules/programs/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./browsers ./thunderbird diff --git a/nixos/hosts/shadowfax/default.nix b/nixos/hosts/shadowfax/default.nix index 361db02..63aa1ee 100644 --- a/nixos/hosts/shadowfax/default.nix +++ b/nixos/hosts/shadowfax/default.nix @@ -102,20 +102,6 @@ in { # System packages environment.systemPackages = with pkgs; [ - # Hyprland - libva-utils # to view graphics capabilities - greetd.tuigreet - rofi-wayland - grim - inxi - nvtopPackages.full - pyprland - swaynotificationcenter - swww - wallust - wl-clipboard - wlogout - wlr-randr # dev uv # fun @@ -138,26 +124,6 @@ in { # VSCode Compatibility Settings nix-ld.enable = true; - - # Hyprland - hyprland = { - enable = true; - package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; - portalPackage = - inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; - withUWSM = true; - # xwayland.enable = true; - }; - - waybar.enable = true; - thunar.enable = true; - thunar.plugins = with pkgs.xfce; [ - exo - mousepad - thunar-archive-plugin - thunar-volman - tumbler - ]; }; # Open ports in the firewall. @@ -230,16 +196,6 @@ in { vscode-server.enable = true; xserver.videoDrivers = ["nvidia"]; - greetd = { - enable = true; - vt = 3; - settings = { - default_session = { - user = "jahanson"; - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd='uwsm start select'"; # start Hyprland with a TUI login manager - }; - }; - }; }; # sops @@ -247,6 +203,9 @@ in { # System settings and services. mySystem = { + ## Desktop Environment + # Hyprland + de.hyprland.enable = true; # VS Code editor.vscode.enable = true; # Containers diff --git a/nixos/hosts/telchar/default.nix b/nixos/hosts/telchar/default.nix new file mode 100644 index 0000000..76118cc --- /dev/null +++ b/nixos/hosts/telchar/default.nix @@ -0,0 +1,84 @@ +{ + config, + pkgs, + ... +}: { + imports = []; + swapDevices = []; + virtualisation.docker.enable = true; + + # System packages + environment.systemPackages = with pkgs; [ + uv + fastfetch + ]; + + environment.sessionVariables = { + # Wayland and Chromium/Electron apps. + NIXOS_OZONE_WL = "1"; + }; + + # sops + sops.secrets = { + "syncthing/publicCert" = { + sopsFile = ./secrets.sops.yaml; + owner = "jahanson"; + mode = "400"; + restartUnits = ["syncthing.service"]; + }; + "syncthing/privateKey" = { + sopsFile = ./secrets.sops.yaml; + owner = "jahanson"; + mode = "400"; + restartUnits = ["syncthing.service"]; + }; + }; + + services = { + # Tailscale + tailscale = { + enable = true; + openFirewall = true; + }; + # Pipewire and Pulseaudio + pipewire = { + enable = true; + alsa.enable = true; + jack.enable = true; + pulse.enable = true; + }; + blueman.enable = true; + }; + + ## System settings and services. + mySystem = { + purpose = "Development"; + + services.syncthing = { + enable = false; + user = "jahanson"; + publicCertPath = config.sops.secrets."syncthing/publicCert".path; + privateKeyPath = config.sops.secrets."syncthing/privateKey".path; + }; + + ## Desktop Environment + ## Gnome + # de.gnome.enable = true; + ## KDE + # de.kde.enable = true; + ## Hyprland + de.hyprland.enable = true; + + ## Games + # games.steam.enable = true; + + ## System config + system = { + motd.networkInterfaces = ["wlp1s0"]; + fingerprint-reader-on-laptop-lid.enable = true; + }; + + framework_wifi_swap.enable = true; + security._1password.enable = true; + }; +} diff --git a/.archive/hosts/telchar/secrets.sops.yaml b/nixos/hosts/telchar/secrets.sops.yaml similarity index 100% rename from .archive/hosts/telchar/secrets.sops.yaml rename to nixos/hosts/telchar/secrets.sops.yaml diff --git a/nixos/modules/nixos/de/default.nix b/nixos/modules/nixos/de/default.nix new file mode 100644 index 0000000..769b5c0 --- /dev/null +++ b/nixos/modules/nixos/de/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./gnome.nix + ./hyprland.nix + ./kde.nix + ]; +} diff --git a/nixos/modules/nixos/de/gnome.nix b/nixos/modules/nixos/de/gnome.nix new file mode 100644 index 0000000..495b1dc --- /dev/null +++ b/nixos/modules/nixos/de/gnome.nix @@ -0,0 +1,114 @@ +{ + lib, + config, + pkgs, + ... +}: let + cfg = config.mySystem.de.gnome; +in { + options = { + mySystem.de.gnome = { + enable = + lib.mkEnableOption "GNOME" + // { + default = false; + }; + systrayicons = + lib.mkEnableOption "Enable systray icons" + // { + default = true; + }; + gsconnect = + lib.mkEnableOption "Enable gsconnect (KDEConnect for GNOME)" + // { + default = true; + }; + }; + }; + + config = lib.mkIf cfg.enable { + # Ref: https://nixos.wiki/wiki/GNOME + + services = { + displayManager = { + defaultSession = "gnome"; + autoLogin = { + enable = false; + user = "jahanson"; # TODO move to config overlay + }; + }; + + xserver = { + enable = true; + xkb.layout = "us"; # `localctl` will give you + + displayManager = { + gdm.enable = true; + }; + desktopManager = { + # GNOME + gnome.enable = true; + }; + }; + + udev.packages = lib.optionals cfg.systrayicons [pkgs.gnome.gnome-settings-daemon]; # support appindicator + }; + + # systyray icons + # extra pkgs and extensions + environment = { + systemPackages = with pkgs; + [ + wl-clipboard # ls ~/Downloads | wl-copy or wl-paste > clipboard.txt + playerctl # gsconnect play/pause command + pamixer # gcsconnect volume control + gnome.gnome-tweaks + gnome.dconf-editor + + # This installs the extension packages, but + # dont forget to enable them per-user in dconf settings -> "org/gnome/shell" + gnomeExtensions.vitals + gnomeExtensions.caffeine + gnomeExtensions.dash-to-dock + ] + ++ optionals cfg.systrayicons [pkgs.gnomeExtensions.appindicator]; + }; + + # enable gsconnect + # this method also opens the firewall ports required when enable = true + programs.kdeconnect = lib.mkIf cfg.gsconnect { + enable = true; + package = pkgs.gnomeExtensions.gsconnect; + }; + + # GNOME connection to browsers - requires flag on browser as well + services.gnome.gnome-browser-connector.enable = lib.any (user: user.programs.firefox.enable) ( + lib.attrValues config.home-manager.users + ); + + # And dconf + programs.dconf.enable = true; + + # Exclude default GNOME packages that dont interest me. + environment.gnome.excludePackages = + (with pkgs; [ + gnome-photos + gnome-tour + gedit # text editor + ]) + ++ (with pkgs.gnome; [ + cheese # webcam tool + gnome-music + gnome-terminal + epiphany # web browser + geary # email reader + evince # document viewer + gnome-characters + totem # video player + tali # poker game + iagno # go game + hitori # sudoku game + atomix # puzzle game + ]); + }; +} diff --git a/nixos/modules/nixos/de/hyprland.nix b/nixos/modules/nixos/de/hyprland.nix new file mode 100644 index 0000000..4a24fed --- /dev/null +++ b/nixos/modules/nixos/de/hyprland.nix @@ -0,0 +1,115 @@ +{ + lib, + config, + pkgs, + inputs, + ... +}: let + cfg = config.mySystem.de.hyprland; +in { + options = { + mySystem.de.hyprland = { + enable = + lib.mkEnableOption "Hyprland" + // { + default = false; + }; + }; + }; + config = lib.mkIf cfg.enable { + # Hyprland nixpkgs system packages + environment.systemPackages = with pkgs; [ + # Hyprland + cava # Audio visualizer + cliphist # Clipboard history + duf # du tui - Disk Usage + greetd.tuigreet # TUI login manager + grim # Screenshot tool + hypridle # Hyprland idle daemon + inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.ags # AGS + inxi # System information tool + libva-utils # to view graphics capabilities + loupe # Screenshot tool + nvtopPackages.full # Video card monitoring + nwg-displays # Display manager for Hyprland + nwg-look # GTK settings editor, designed for Wayland. + pyprland # Python bindings for Hyprland + rofi-wayland # Window switcher and run dialog + slurp # Select a region in Wayland + swappy # Snapshot editor, designed for Wayland. + swaynotificationcenter + swww # Wallpaper daemon for wayland + wallust # Generate and change colors schemes on the fly. + wl-clipboard # Pipe to and from the clipboard + wlogout + wlr-randr # Wayland screen management + wofi # Rofi for Wayland + yad # Display dialog boxes from shell scripts + (mpv.override {scripts = [mpvScripts.mpris];}) + # XDG things + xdg-user-dirs + xdg-utils + # GTK things + gnome-system-monitor + bc + baobab + glib + # Qt things + gsettings-qt + libsForQt5.qtstyleplugin-kvantum # Kvantum theme engine + # bar + libappindicator + libnotify + ]; + + # Hyprland nixpkgs program modules + programs = { + # Hyprland DE + hyprland = { + enable = true; + package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; + portalPackage = + inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; + withUWSM = true; + }; + ## Additional programs for the overall Hyprland experience + waybar.enable = true; + hyprlock.enable = true; + nm-applet.indicator = true; # Compatability; Application indicator for NetworkManager + thunar.enable = true; + thunar.plugins = with pkgs.xfce; [ + exo + mousepad + thunar-archive-plugin + thunar-volman + tumbler + ]; + }; + # Hyprland nixpkgs service modules + services = { + greetd = { + enable = true; + vt = 3; + settings = { + default_session = { + user = "jahanson"; + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd='uwsm start select'"; # start Hyprland with a TUI login manager + }; + }; + }; + }; + # Fonts + fonts.packages = with pkgs; [ + fira-code + font-awesome + jetbrains-mono + noto-fonts + noto-fonts-cjk-sans + terminus_font + victor-mono + unstable.nerd-fonts.jetbrains-mono + unstable.nerd-fonts.fira-code + unstable.nerd-fonts.fantasque-sans-mono + ]; + }; +} diff --git a/nixos/modules/nixos/de/kde.nix b/nixos/modules/nixos/de/kde.nix new file mode 100644 index 0000000..bf9adc7 --- /dev/null +++ b/nixos/modules/nixos/de/kde.nix @@ -0,0 +1,70 @@ +{ + lib, + config, + pkgs, + ... +}: +let + cfg = config.mySystem.de.kde; + flameshotOverride = pkgs.unstable.flameshot.override { enableWlrSupport = true; }; +in +{ + options = { + mySystem.de.kde = { + enable = lib.mkEnableOption "KDE" // { + default = false; + }; + }; + }; + + config = lib.mkIf cfg.enable { + # Ref: https://wiki.nixos.org/wiki/KDE + + # KDE + services = { + displayManager = { + sddm = { + enable = true; + wayland = { + enable = true; + }; + }; + }; + desktopManager.plasma6.enable = true; + }; + + security = { + # realtime process priority + rtkit.enable = true; + # KDE Wallet PAM integration for unlocking the default wallet on login + pam.services."sddm".kwallet.enable = true; + }; + + # enable pipewire for sound + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + + # extra pkgs and extensions + environment = { + systemPackages = with pkgs; [ + wl-clipboard # ls ~/Downloads | wl-copy or wl-paste > clipboard.txt + playerctl # gsconnect play/pause command + vorta # Borg backup tool + flameshotOverride # screenshot tool + libsForQt5.qt5.qtbase # for vivaldi compatibility + kdePackages.discover # KDE software center -- mainly for flatpak updates + ]; + }; + + # enable kdeconnect + # this method also opens the firewall ports required when enable = true + programs.kdeconnect = { + enable = true; + }; + }; +} diff --git a/nixos/modules/nixos/default.nix b/nixos/modules/nixos/default.nix index 0328596..ca78588 100644 --- a/nixos/modules/nixos/default.nix +++ b/nixos/modules/nixos/default.nix @@ -1,8 +1,12 @@ -{ lib, config, ... }: -with lib; { + lib, + config, + ... +}: +with lib; { imports = [ ./containers + ./de ./editor ./hardware ./lib.nix @@ -51,7 +55,7 @@ with lib; monitoring.prometheus.scrapeConfigs = mkOption { type = lib.types.listOf lib.types.attrs; description = "Prometheus scrape targets"; - default = [ ]; + default = []; }; }; diff --git a/nixos/modules/nixos/system/fingerprint-reader-on-laptop-lid/default.nix b/nixos/modules/nixos/system/fingerprint-reader-on-laptop-lid/default.nix index 4fe5697..393bfe8 100644 --- a/nixos/modules/nixos/system/fingerprint-reader-on-laptop-lid/default.nix +++ b/nixos/modules/nixos/system/fingerprint-reader-on-laptop-lid/default.nix @@ -17,8 +17,7 @@ lib, pkgs, ... -}: -let +}: let cfg = config.mySystem.system.fingerprint-reader-on-laptop-lid; laptop-lid = pkgs.writeShellScript "laptop-lid" '' lock=/var/lock/fingerprint-reader-disabled @@ -36,8 +35,7 @@ let rm "$lock" fi ''; -in -{ +in { options.mySystem.system.fingerprint-reader-on-laptop-lid = { enable = lib.mkEnableOption "disable fingerprint reader when laptop lid closes"; }; @@ -69,15 +67,15 @@ in auth required ${pkgs.fprintd}/lib/security/pam_fprintd.so auth optional pam_permit.so auth required pam_env.so - auth [success=ok default=1] ${pkgs.gnome.gdm}/lib/security/pam_gdm.so - auth optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so + auth [success=ok default=1] ${pkgs.gdm}/lib/security/pam_gdm.so + auth optional ${pkgs.gnome-keyring}/lib/security/pam_gnome_keyring.so account include login password required pam_deny.so session include login - session optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start + session optional ${pkgs.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start ''; }; @@ -91,7 +89,7 @@ in "multi-user.target" "suspend.target" ]; - after = [ "suspend.target" ]; + after = ["suspend.target"]; }; }; } diff --git a/nixos/profiles/disko/simple-efi.nix b/nixos/profiles/disko/simple-efi.nix new file mode 100644 index 0000000..6d8819d --- /dev/null +++ b/nixos/profiles/disko/simple-efi.nix @@ -0,0 +1,33 @@ +{disk ? "/dev/sda"}: { + disko.devices = { + disk = { + main = { + device = disk; + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + type = "EF00"; + size = "1G"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = ["umask=0077"]; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos/profiles/hw-framework-16-7840hs.nix b/nixos/profiles/hw-framework-16-7840hs.nix new file mode 100644 index 0000000..d274573 --- /dev/null +++ b/nixos/profiles/hw-framework-16-7840hs.nix @@ -0,0 +1,59 @@ +{ + lib, + config, + ... +}: { + imports = []; + hardware = { + cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + # Enable bluetooth + bluetooth = { + enable = true; + powerOnBoot = true; + }; + }; + + boot = { + # for managing/mounting nfs + supportedFilesystems = ["nfs"]; + + # EFI, systemd-bootd instead of grub. + loader = { + systemd-boot.enable = true; + efi = { + canTouchEfiVariables = true; + }; + }; + + initrd.availableKernelModules = [ + "xhci_pci" # usb 3.0 and other pci devices + "nvme" # nvme drives + "usbhid" # usb keyboards and mice + "usb_storage" # usb storage devices + "sd_mod" # Storage devices + "thunderbolt" # Thunderbolt devices + ]; + + initrd.kernelModules = ["amdgpu"]; # AMD GPU + kernelModules = ["kvm-amd"]; # hardware assisted virtualization + extraModulePackages = []; + }; + mySystem = { + security.wheelNeedsSudoPassword = false; # Allow wheel group to sudo without password + }; + + networking = { + hostId = "4488bd1a"; # Unique identifier for the host, often for ZFS. + hostName = "telchar"; + }; + + # For updating firmware on the Framework. + services.fwupd.enable = true; + + networking = { + useDHCP = lib.mkDefault true; + networkmanager.enable = true; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/nixos/profiles/hw-threadripperpro.nix b/nixos/profiles/hw-threadripperpro.nix index c175873..d4a9f55 100644 --- a/nixos/profiles/hw-threadripperpro.nix +++ b/nixos/profiles/hw-threadripperpro.nix @@ -1,6 +1,5 @@ -{ lib, ... }: -{ - imports = [ ]; +{lib, ...}: { + imports = []; boot = { loader.systemd-boot.enable = true; @@ -13,9 +12,9 @@ "usb_storage" "sd_mod" ]; - initrd.kernelModules = [ ]; - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; + initrd.kernelModules = []; + kernelModules = ["kvm-amd"]; + extraModulePackages = []; }; mySystem = { @@ -52,9 +51,9 @@ }; "40-bond0" = { matchConfig.Name = "bond0"; - address = [ "10.1.1.61/24" ]; + address = ["10.1.1.61/24"]; routes = [ - { Gateway = "10.1.1.1"; } + {Gateway = "10.1.1.1";} ]; networkConfig = { LinkLocalAddressing = "no"; @@ -70,5 +69,6 @@ useDHCP = lib.mkDefault false; nftables.enable = true; }; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/nixos/profiles/role-dev.nix b/nixos/profiles/role-dev.nix index 2a61743..535890a 100644 --- a/nixos/profiles/role-dev.nix +++ b/nixos/profiles/role-dev.nix @@ -65,10 +65,13 @@ vhs ]; - programs.direnv = { - # TODO move to home-manager - enable = true; - nix-direnv.enable = true; + programs = { + mtr.enable = true; + direnv = { + # TODO move to home-manager + enable = true; + nix-direnv.enable = true; + }; }; }; } diff --git a/nixos/profiles/role-workstation.nix b/nixos/profiles/role-workstation.nix new file mode 100644 index 0000000..da24e2f --- /dev/null +++ b/nixos/profiles/role-workstation.nix @@ -0,0 +1,72 @@ +{ + config, + lib, + pkgs, + ... +}: +# Role for workstations +# Covers desktops/laptops, expected to have a GUI and do workloads +# Will have home-manager installs +let + vivaldiOverride = pkgs.vivaldi.override { + proprietaryCodecs = true; + enableWidevine = true; + }; +in + with config; { + mySystem = { + shell.fish.enable = true; + editor.vscode.enable = true; + }; + + boot = { + binfmt.emulatedSystems = ["aarch64-linux"]; # Enabled for compiling aarch64 binaries on x86_64 + }; + + nix.settings = { + # Avoid disk full issues + max-free = lib.mkDefault (1000 * 1000 * 1000); + min-free = lib.mkDefault (128 * 1000 * 1000); + }; + + services = { + thermald.enable = true; + smartd.enable = true; + # Enable Flatpak support + flatpak.enable = true; + }; + + hardware = { + enableAllFirmware = true; + sensor.hddtemp = { + enable = true; + drives = ["/dev/disk/by-id/*"]; + }; + }; + + environment.systemPackages = with pkgs; [ + # Sensors etc + lm_sensors + cpufrequtils + cpupower-gui + gparted + # Browser + vivaldiOverride + ]; + + i18n = { + defaultLocale = lib.mkDefault "en_US.UTF-8"; + }; + + programs = { + ssh.startAgent = true; + # Enable OpenJDK + java.enable = true; + + # Enable appimage support and executing them via the appimage-run helper. + appimage = { + enable = true; + binfmt = true; + }; + }; + }