jahanson/nix-config-tn
Archived
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

chore: inital pre-commit tidy

Browse source
This commit is contained in:
truxnell 2024-03-18 08:04:32 +11:00
parent 837fdfed30
commit c807e69147
28 changed files with 360 additions and 304 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -1,3 +1,3 @@
.mozilla
**/*.tmp.sops.yaml
result
result

15
flake.nix
View file

@ -17,12 +17,14 @@
url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, sops-nix, ... }@inputs:
with inputs;
{
outputs = {
self,
nixpkgs,
sops-nix,
...
} @ inputs:
with inputs; {
# Use nixpkgs-fmt for 'nix fmt'
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
@ -33,12 +35,11 @@
(x: {
name = x;
value = nixpkgs.lib.nixosSystem {
# Make inputs and the flake itself accessible as module parameters.
# Technically, adding the inputs is redundant as they can be also
# accessed with flake-self.inputs.X, but adding them individually
# allows to only pass what is needed to each module.
specialArgs = { flake-self = self; } // inputs;
specialArgs = {flake-self = self;} // inputs;
system = "x86_64-linux";

9
iso/iso.nix
View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
imports = [
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
@ -15,12 +18,10 @@
pkgs.vim
pkgs.git
pkgs.dnsutils
];
systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
systemd.services.sshd.wantedBy = pkgs.lib.mkForce ["multi-user.target"];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
];
}

4
nixos/home-manager/.gitkeep
View file

@ -1,4 +1,4 @@
My home infrastructure,
My home infrastructure,
![](https://imgur.com/ISNnzgN.png)
@ -23,7 +23,7 @@ My home infrastructure,
- [work_laptop](hosts/work_laptop/README.md) (nix-darwin running on a MacBook Pro)
- [modules](modules) (Custom NixOS and home-manager modules)
- [overlays](overlays) (Custom overlays, primarily used for packages currently)
- [pkgs](pkgs) (Custom Packages, mainly items not yet in official nixpkgs)
- [pkgs](pkgs) (Custom Packages, mainly items not yet in official nixpkgs)
- [shell.nix](shell.nix) (Shell for bootstrapping flake-enabled nix and home-manager)
- [nixpkgs.nix](nixpkgs.nix) (Used by shell.nix - useful to avoid using channels when using legacy nix commands)

24
nixos/hosts/bootstrap/configuration.nix
View file

@ -1,16 +1,16 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{
imports =
[
# Host-specific
./hardware-configuration.nix
];
config,
lib,
pkgs,
...
}: {
imports = [
# Host-specific
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -63,7 +63,6 @@
];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
@ -88,7 +87,6 @@
};
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
@ -104,7 +102,7 @@
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
];
# may fix issues with network service failing during a nixos-rebuild
@ -139,6 +137,4 @@
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}

26
nixos/hosts/common/nixos/default.nix
View file

@ -1,12 +1,20 @@
{ inputs, outputs, config, sops-nix, ... }: {
imports = [
# inputs.home-manager.nixosModules.home-manager
#inputs.sops-nix.nixosModules.sops
./locale.nix
./nix.nix
./openssh.nix
./packages.nix
] ++ (builtins.attrValues {});
{
inputs,
outputs,
config,
sops-nix,
...
}: {
imports =
[
# inputs.home-manager.nixosModules.home-manager
#inputs.sops-nix.nixosModules.sops
./locale.nix
./nix.nix
./openssh.nix
./packages.nix
]
++ (builtins.attrValues {});
# home-manager.extraSpecialArgs = { inherit inputs outputs; }; TODO Home-manager

2
nixos/hosts/common/nixos/locale.nix
View file

@ -1,4 +1,4 @@
{ lib, ... }: {
{lib, ...}: {
i18n = {
defaultLocale = lib.mkDefault "en_US.UTF-8";
};

7
nixos/hosts/common/nixos/nix.nix
View file

@ -1,8 +1,11 @@
{ inputs, lib, ... }:
{
inputs,
lib,
...
}: {
nix = {
settings = {
experimental-features = [ "nix-command" "flakes" ];
experimental-features = ["nix-command" "flakes"];
};
gc = {
automatic = true;

13
nixos/hosts/common/nixos/openssh.nix
View file

@ -1,11 +1,12 @@
{ outputs, lib, config, ... }:
let
{
outputs,
lib,
config,
...
}: let
inherit (config.networking) hostName;
hosts = outputs.nixosConfigurations;
in
{
in {
services.openssh = {
enable = true;
settings = {

17
nixos/hosts/common/nixos/packages.nix
View file

@ -1,5 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
environment.systemPackages = with pkgs; [
bat
jq
@ -10,13 +14,14 @@
git
dnsutils
nvd
gh
# TODO Move
nixpkgs-fmt
nil
gh
sops
];
programs.direnv = {
# TODO move to home-manager
enable = true;
nix-direnv.enable = true;
};
programs.mtr.enable = true;
}

25
nixos/hosts/common/nixos/users/truxnell/default.nix
View file

@ -1,24 +1,29 @@
{ pkgs, config, ... }:
let ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
in
{
pkgs,
config,
...
}: let
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
in {
users.users.truxnell = {
isNormalUser = true;
shell = pkgs.fish;
# passwordFile = config.sops.secrets.taylor-password.path;
# initialHashedPassword = ""; # TODO add key
extraGroups = [
"wheel"
] ++ ifTheyExist [
"network"
"samba-users"
];
extraGroups =
[
"wheel"
]
++ ifTheyExist [
"network"
"samba-users"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
];
packages = [ pkgs.home-manager ];
packages = [pkgs.home-manager];
};
# home-manager.users.taylor = import ../../../../../home-manager/taylor_${config.networking.hostName}.nix; TODO home-manager?

9
nixos/hosts/common/optional/chrony.nix
View file

@ -1,6 +1,11 @@
{ inputs, outputs, config, ... }: {
{
inputs,
outputs,
config,
...
}: {
# Time
networking.timeServers = [ "10.8.10.1" ];
networking.timeServers = ["10.8.10.1"];
services.chrony = {
enable = true;
};

17
nixos/hosts/common/optional/cloudflare-dyndns.nix
View file

@ -1,5 +1,8 @@
{ config, lib, ... }: {
{
config,
lib,
...
}: {
# Current nixpkgs cf-ddns only supports using a env file for the apitoken
# but not for domains, which makes them hard to find.
# To circumvent this, I put both in the 'apiTokenFile' var
@ -13,8 +16,7 @@
config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".sopsFile = ./cloudflare-dyndns.sops.yaml;
# Restart when secret changes
config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".restartUnits = [ "cloudflare-dyndns" ];
config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".restartUnits = ["cloudflare-dyndns"];
# Cloudflare dynamic dns to keep my DNS records pointed at home
config.services.cloudflare-dyndns = {
@ -22,11 +24,6 @@
ipv6 = false;
proxied = true;
apiTokenFile = config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".path;
domains = [ ];
domains = [];
};
}

16
nixos/hosts/common/optional/dnscrypt-proxy2.nix
View file

@ -1,14 +1,18 @@
# Ref: https://nixos.wiki/wiki/Encrypted_DNS#dnscrypt-proxy2
{ inputs, outputs, pkgs, config, ... }: {
{
inputs,
outputs,
pkgs,
config,
...
}: {
# Disable resolvd to ensure it doesnt re-write /etc/resolv.conf
config.services.resolved.enable = false;
# Fix this devices DNS resolv.conf else resolvd will point it to dnscrypt
# causing a risk of no dns if service fails.
config.networking = {
nameservers = [ "10.8.10.1" ]; # TODO make varible IP
nameservers = ["10.8.10.1"]; # TODO make varible IP
dhcpcd.extraConfig = "nohook resolv.conf";
};
@ -18,7 +22,7 @@
config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".mode = "0444"; # This is world-readable but theres nothing security related in the file
# Restart dnscrypt when secret changes
config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".restartUnits = [ "dnscrypt-proxy2" ];
config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".restartUnits = ["dnscrypt-proxy2"];
config.services.dnscrypt-proxy2 = {
enable = true;
@ -26,7 +30,7 @@
require_dnssec = true;
forwarding_rules = config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".path;
server_names = [ "NextDNS-f6fe35" ];
server_names = ["NextDNS-f6fe35"];
static = {
"NextDNS-f6fe35" = {

227
nixos/hosts/common/optional/editors/vscode/default.nix
View file

@ -1,138 +1,137 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
# Enable vscode & addons
environment.systemPackages = with pkgs; [
(vscode-with-extensions.override {
vscode = vscodium;
vscodeExtensions = with vscode-extensions; [
bbenoist.nix
vscodeExtensions = with vscode-extensions;
[
bbenoist.nix
]
++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
{
name = "prettier-vscode";
publisher = "esbenp";
version = "10.1.0";
sha256 = "01s0vi2h917mqfpdrhqhp2ijwkibw95yk2js0l587wvajbbry2s9";
}
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
{
name = "vscode-docker";
publisher = "ms-azuretools";
version = "1.28.0";
sha256 = "0nmc3pdgxpmr6k2ksdczkv9bbwszncfczik0xjympqnd2k0ra9h0";
}
{
name = "prettier-vscode";
publisher = "esbenp";
version = "10.1.0";
sha256 = "01s0vi2h917mqfpdrhqhp2ijwkibw95yk2js0l587wvajbbry2s9";
}
{
name = "gitlens";
publisher = "eamodio";
version = "14.7.0";
sha256 = "07f9fryaci8lsrdahgll5yhlzf5rhscpy1zd258hi211ymvkxlmy";
}
{
name = "vscode-docker";
publisher = "ms-azuretools";
version = "1.28.0";
sha256 = "0nmc3pdgxpmr6k2ksdczkv9bbwszncfczik0xjympqnd2k0ra9h0";
}
{
name = "remote-containers";
publisher = "ms-vscode-remote";
version = "0.327.0";
sha256 = "0asswm55bx5gpz08cgpmgfvnb0494irj0gsvzx5nwknqfzpj07lz";
}
{
name = "gitlens";
publisher = "eamodio";
version = "14.7.0";
sha256 = "07f9fryaci8lsrdahgll5yhlzf5rhscpy1zd258hi211ymvkxlmy";
}
{
name = "remote-ssh";
publisher = "ms-vscode-remote";
version = "0.107.1";
sha256 = "1q9xp8id9afhjx67zc7a61zb572f296apvdz305xd5v4brqd9xrf";
}
{
name = "remote-containers";
publisher = "ms-vscode-remote";
version = "0.327.0";
sha256 = "0asswm55bx5gpz08cgpmgfvnb0494irj0gsvzx5nwknqfzpj07lz";
}
{
name = "vscode-yaml";
publisher = "redhat";
version = "1.14.0";
sha256 = "0pww9qndd2vsizsibjsvscz9fbfx8srrj67x4vhmwr581q674944";
}
{
name = "remote-ssh";
publisher = "ms-vscode-remote";
version = "0.107.1";
sha256 = "1q9xp8id9afhjx67zc7a61zb572f296apvdz305xd5v4brqd9xrf";
}
{
name = "todo-tree";
publisher = "gruntfuggly";
version = "0.0.226";
sha256 = "0yrc9qbdk7zznd823bqs1g6n2i5xrda0f9a7349kknj9wp1mqgqn";
}
{
name = "vscode-yaml";
publisher = "redhat";
version = "1.14.0";
sha256 = "0pww9qndd2vsizsibjsvscz9fbfx8srrj67x4vhmwr581q674944";
}
{
name = "path-autocomplete";
publisher = "ionutvmi";
version = "1.25.0";
sha256 = "0jjqh3p456p1aafw1gl6xgxw4cqqzs3hssr74mdsmh77bjizcgcb";
}
{
name = "even-better-toml";
publisher = "tamasfe";
version = "0.19.2";
sha256 = "0q9z98i446cc8bw1h1mvrddn3dnpnm2gwmzwv2s3fxdni2ggma14";
}
{
name = "linter";
publisher = "fnando";
version = "0.0.19";
sha256 = "13bllbxd7sy4qlclh37qvvnjp1v13al11nskcf2a8pmnmj455v4g";
}
{
name = "todo-tree";
publisher = "gruntfuggly";
version = "0.0.226";
sha256 = "0yrc9qbdk7zznd823bqs1g6n2i5xrda0f9a7349kknj9wp1mqgqn";
}
{
name = "catppuccin-vsc";
publisher = "catppuccin";
version = "3.11.0";
sha256 = "12bzx1pv9pxbm08dhvl8pskpz1vg2whxmasl0qk2x54swa2rhi4d";
}
{
name = "path-autocomplete";
publisher = "ionutvmi";
version = "1.25.0";
sha256 = "0jjqh3p456p1aafw1gl6xgxw4cqqzs3hssr74mdsmh77bjizcgcb";
}
{
name = "catppuccin-vsc-icons";
publisher = "catppuccin";
version = "1.8.0";
sha256 = "12sw9f00vnmppmvhwbamyjcap3acjs1f67mdmyv6ka52mav58z8z";
}
{
name = "even-better-toml";
publisher = "tamasfe";
version = "0.19.2";
sha256 = "0q9z98i446cc8bw1h1mvrddn3dnpnm2gwmzwv2s3fxdni2ggma14";
}
{
name = "nix-ide";
publisher = "jnoortheen";
version = "0.2.2";
sha256 = "1264027sjh9a112si0y0p3pk3y36shj5b4qkpsj207z7lbxqq0wg";
}
{
name = "linter";
publisher = "fnando";
version = "0.0.19";
sha256 = "13bllbxd7sy4qlclh37qvvnjp1v13al11nskcf2a8pmnmj455v4g";
}
{
name = "vscode-swissknife";
publisher = "luisfontes19";
version = "1.8.1";
sha256 = "1rpk8zayzkn2kg4jjdd2fy6xl50kib71dqg73v46326cr4dwxa7c";
}
{
name = "catppuccin-vsc";
publisher = "catppuccin";
version = "3.11.0";
sha256 = "12bzx1pv9pxbm08dhvl8pskpz1vg2whxmasl0qk2x54swa2rhi4d";
}
{
name = "pre-commit-helper";
publisher = "elagil";
version = "0.5.0";
sha256 = "05cs1ndnha9dgv1ys23z81ajk300wpixqmks0lfmrj1zwyjg2wlj";
}
{
name = "catppuccin-vsc-icons";
publisher = "catppuccin";
version = "1.8.0";
sha256 = "12sw9f00vnmppmvhwbamyjcap3acjs1f67mdmyv6ka52mav58z8z";
}
{
name = "sops-edit";
publisher = "shipitsmarter";
version = "1.0.0";
sha256 = "0b2z9khiwrpf6gxdb9y315ayqkibvgixmvx82in5rlp8pndb6sq4";
}
{
name = "nix-ide";
publisher = "jnoortheen";
version = "0.2.2";
sha256 = "1264027sjh9a112si0y0p3pk3y36shj5b4qkpsj207z7lbxqq0wg";
}
{
name = "vscode-swissknife";
publisher = "luisfontes19";
version = "1.8.1";
sha256 = "1rpk8zayzkn2kg4jjdd2fy6xl50kib71dqg73v46326cr4dwxa7c";
}
{
name = "pre-commit-helper";
publisher = "elagil";
version = "0.5.0";
sha256 = "05cs1ndnha9dgv1ys23z81ajk300wpixqmks0lfmrj1zwyjg2wlj";
}
{
name = "sops-edit";
publisher = "shipitsmarter";
version = "1.0.0";
sha256 = "0b2z9khiwrpf6gxdb9y315ayqkibvgixmvx82in5rlp8pndb6sq4";
}
{
name = "json5-for-vscode";
publisher = "tudoudou";
version = "0.0.3";
sha256 = "1d1c18mr91ll5fsp0l0aszyi7nx0ad352ssm0fm40z81m4dmzm0w";
}
];
{
name = "json5-for-vscode";
publisher = "tudoudou";
version = "0.0.3";
sha256 = "1d1c18mr91ll5fsp0l0aszyi7nx0ad352ssm0fm40z81m4dmzm0w";
}
];
})
];
}

9
nixos/hosts/common/optional/editors/vscode/extensions.nix
View file

@ -1,12 +1,7 @@
# Warning, this file is autogenerated by nix4vscode. Don't modify this manually.
{ pkgs }:
let
{pkgs}: let
vscode-utils = pkgs.vscode-utils;
in
{
in {
"ms-python"."python" = vscode-utils.extensionFromVscodeMarketplace {
name = "python";
publisher = "ms-python";

10
nixos/hosts/common/optional/firefox.nix
View file

@ -1,8 +1,10 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
programs.firefox = {
enable = true;
};
}
}

49
nixos/hosts/common/optional/gnome.nix
View file

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
# Ref: https://nixos.wiki/wiki/GNOME
# GNOME plz
@ -12,32 +15,32 @@
defaultSession = "gnome"; # TODO move to config overlay
autoLogin.user = "truxnell"; # TODO move to config overlay
};
layout = "us"; # `localctl` will give you
layout = "us"; # `localctl` will give you
};
# And dconf
programs.dconf.enable = true;
# dconf write /org/gnome/mutter/experimental-features "['scale-monitor-framebuffer']"
# Exclude default GNOME packages that dont interest me.
environment.gnome.excludePackages = (with pkgs; [
gnome-photos
gnome-tour
]) ++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
gnome-terminal
gedit # text editor
epiphany # web browser
geary # email reader
evince # document viewer
gnome-characters
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
environment.gnome.excludePackages =
(with pkgs; [
gnome-photos
gnome-tour
])
++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
gnome-terminal
gedit # text editor
epiphany # web browser
geary # email reader
evince # document viewer
gnome-characters
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
}

2
nixos/hosts/common/optional/maddy.conf
View file

@ -27,4 +27,4 @@ target.smtp remote_smtp {
require_tls yes
auth plain {env:SMTP_USERNAME} {env:SMTP_PASSWORD}
targets tls://{env:SMTP_SERVER}:{env:SMTP_PORT}
}
}

17
nixos/hosts/common/optional/maddy.nix
View file

@ -1,5 +1,9 @@
{ inputs, outputs, config, ... }: {
{
inputs,
outputs,
config,
...
}: {
# init secret
config.sops.secrets."system/mail/maddy/envFile" = {
sopsFile = ./maddy.sops.yaml;
@ -8,15 +12,12 @@
};
# Restart dnscrypt when secret changes
config.sops.secrets."system/mail/maddy/envFile".restartUnits = [ "maddy" ];
config.sops.secrets."system/mail/maddy/envFile".restartUnits = ["maddy"];
#
#
config.services.maddy = {
enable = true;
secrets = [ config.sops.secrets."system/mail/maddy/envFile".path ];
secrets = [config.sops.secrets."system/mail/maddy/envFile".path];
config = builtins.readFile ./maddy.conf;
};
}

12
nixos/hosts/common/optional/monitoring.nix
View file

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
services.prometheus.exporters = {
node = {
enable = true;
@ -20,10 +23,9 @@
enable = true;
};
};
networking.firewall.allowedTCPPorts = [
config.services.prometheus.exporters.node.port
config.services.prometheus.exporters.smartctl.port
];
}
}

12
nixos/hosts/common/optional/sops-nix.nix
View file

@ -1,7 +1,11 @@
{ inputs, outputs, config, ... }: {
# SOPS settings
{
inputs,
outputs,
config,
...
}: {
# SOPS settings
# https://github.com/Mic92/sops-nix
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
}

51
nixos/hosts/nixosvm/default.nix
View file

@ -1,31 +1,30 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{
imports =
[
# Host-specific
./hardware-configuration.nix
config,
lib,
pkgs,
...
}: {
imports = [
# Host-specific
./hardware-configuration.nix
# Common imports
../common/nixos
../common/nixos/users/truxnell
../common/optional/fish.nix
../common/optional/monitoring.nix
../common/optional/reboot-required.nix
../common/optional/dnscrypt-proxy2.nix
../common/optional/gnome.nix
../common/optional/editors/vscode
../common/optional/firefox.nix
../common/optional/sops-nix.nix
../common/optional/cloudflare-dyndns.nix
../common/optional/maddy.nix
];
# Common imports
../common/nixos
../common/nixos/users/truxnell
../common/optional/fish.nix
../common/optional/monitoring.nix
../common/optional/reboot-required.nix
../common/optional/dnscrypt-proxy2.nix
../common/optional/gnome.nix
../common/optional/editors/vscode
../common/optional/firefox.nix
../common/optional/sops-nix.nix
../common/optional/cloudflare-dyndns.nix
../common/optional/maddy.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -51,9 +50,6 @@
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
@ -68,7 +64,6 @@
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
@ -107,6 +102,4 @@
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}

41
nixos/hosts/nixosvm/hardware-configuration.nix
View file

@ -1,30 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = [ "ata_piix" "mptspi" "uhci_hcd" "ehci_pci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["ata_piix" "mptspi" "uhci_hcd" "ehci_pci" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
swapDevices =
[{ device = "/dev/sda2"; }];
swapDevices = [{device = "/dev/sda2";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -37,6 +38,4 @@
virtualisation.vmware.guest.enable = true;
virtualisation.virtualbox.guest.enable = true;
virtualisation.virtualbox.guest.x11 = true;
}

8
nixos/hosts/playground/default.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
imports = [ ./playground.nix ];
config,
lib,
...
}: {
imports = [./playground.nix];
boot.isContainer = true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
networking = {

11
nixos/hosts/playground/playground.nix
View file

@ -1,3 +1,8 @@
{ config, pkgs, lib, inputs, outputs, ... }:
{ }
{
config,
pkgs,
lib,
inputs,
outputs,
...
}: {}

3
nixos/overlays/default.nix
View file

@ -1,5 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
unstable-packages = final: _prev: {
unstable = import inputs.nixpkgs-unstable {
system = final.system;

26
shell.nix Normal file
View file

@ -0,0 +1,26 @@
# Shell for bootstrapping flake-enabled nix and other tooling
{
pkgs ?
# If pkgs is not defined, instanciate nixpkgs from locked commit
let
lock =
(builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked;
nixpkgs = fetchTarball {
url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz";
sha256 = lock.narHash;
};
in
import nixpkgs {overlays = [];},
...
}:
pkgs.mkShell {
NIX_CONFIG = "extra-experimental-features = nix-command flakes repl-flake";
nativeBuildInputs = with pkgs; [
nixpkgs-fmt
nil
sops
pre-commit
go-task
alejandra
];
}