From 55a2150b033d7dae852573d36e4326fa49fb8d4d Mon Sep 17 00:00:00 2001 From: Asmir A Date: Fri, 11 Aug 2023 20:41:58 +0200 Subject: [PATCH 1/2] blue: start flake migration --- blue/configuration.nix | 357 ++++++++++++++++++++++++++++++++ blue/hardware-configuration.nix | 67 ++++++ 2 files changed, 424 insertions(+) create mode 100644 blue/configuration.nix create mode 100644 blue/hardware-configuration.nix diff --git a/blue/configuration.nix b/blue/configuration.nix new file mode 100644 index 0000000..f752d7c --- /dev/null +++ b/blue/configuration.nix @@ -0,0 +1,357 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: +{ + imports = + [ + ./hardware-configuration.nix + ]; + + + system.stateVersion = "23.05"; + system.autoUpgrade.enable = true; + + nix = { + optimise.automatic = true; + gc.automatic = true; + gc.options = "--delete-older-than 7d"; + package = pkgs.nixUnstable; + settings.experimental-features = [ "nix-command" "flakes" ]; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + kernelParams = [ "msr.allow_writes=on" ]; + supportedFilesystems = [ "btrfs" ]; + tmpOnTmpfs = true; + initrd.compressor = "zstd"; + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + #readOnlyNixStore = true; + }; + + security = { + rtkit.enable = true; + allowSimultaneousMultithreading = true; + sudo.enable = false; + doas.enable = true; + doas.extraRules = [{ + users = [ "akill" ]; + keepEnv = true; + persist = true; + }]; + }; + + powerManagement = { + enable = true; + }; + + networking = { + firewall.enable = true; + hostName = "blue"; + nameservers = [ "127.0.0.1" "::1" ]; + dhcpcd.extraConfig = "nohook resolv.conf"; + + networkmanager = { + enable = true; + dns = "none"; + /*wifi.backend = "iwd"; */ + }; + + }; + + time.timeZone = "Europe/Sarajevo"; + + nixpkgs.config.allowUnfree = true; + environment = { + homeBinInPath = true; + variables = { + PATH = "$HOME/.cargo/bin"; + }; + systemPackages = with pkgs; [ + acpi + binutils + bluez + bluez-tools + btop + direnv + fd + file + fzf + fzy + gnupg + gptfdisk + htop + interception-tools + jq + nano + neovim + nix-index + nmap + ntfs3g + ntfsprogs + openhantek6022 + pax-utils + pciutils + pstree + psutils + ripgrep + rsync + silver-searcher + strace + tig + unrar + unzip + usbutils + vimpc + vulkan-extension-layer + vulkan-loader + vulkan-tools + vulkan-tools-lunarg + vulkan-validation-layers + wget + xdg-utils + zip + z-lua + swaylock + dmidecode + dnsmasq + dhcpcd + uutils-coreutils + ]; + }; + + programs = { + gnupg.agent = { enable = true; enableSSHSupport = true; }; + zsh.enable = true; + firejail.enable = true; + adb.enable = true; + wireshark.enable = true; + sway.enable = true; + }; + + # List services that you want to enable: + systemd = { + services = { + "caps2esc" = { + description = "Intercepts keyboard udev events"; + wants = [ "systemd-udevd.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig.Nice = -20; + script = '' + ${pkgs.interception-tools}/bin/intercept \ + -g /dev/input/by-path/*-kbd | \ + /opt/caps2esc | ${pkgs.interception-tools}/bin/uinput \ + -d /dev/input/by-path/*-kbd \ + ''; + }; + }; + + extraConfig = '' + DefaultTimeoutStartSec=30s + DefaultTimeoutStopSec=30s + ''; + }; + + services = { + acpid.enable = true; + btrfs.autoScrub.enable = true; + dbus.enable = true; + fstrim.enable = true; + fwupd.enable = true; + ntp.enable = true; + openssh.enable = false; + printing.enable = true; + + nextcloud = { + enable = true; + hostName = "localhost"; + config.adminpassFile = "${pkgs.writeText "adminpass" "test123"}"; + }; + + jellyfin = { + enable = false; + user = "akill"; + openFirewall = false; + }; + + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + xserver = { + enable = true; + dpi = 144; + libinput.enable = true; + desktopManager.xterm.enable = false; + displayManager = { + lightdm.enable = false; + startx.enable = true; + defaultSession = "none+i3"; + }; + windowManager.i3.enable = true; + }; + + udev.packages = [ pkgs.openocd pkgs.rtl-sdr pkgs.openhantek6022 ]; + + tlp = { + enable = true; + }; + + actkbd = { + enable = true; + bindings = [ + + { + keys = [ 113 ]; + events = [ "key" ]; + command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master toggle'"; + } + + { + keys = [ 114 ]; + events = [ "key" "rep" ]; + command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%- unmute'"; + } + + { + keys = [ 115 ]; + events = [ "key" "rep" ]; + command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%+ unmute'"; + } + + { + keys = [ 224 ]; + events = [ "key" ]; + command = "${pkgs.light}/bin/light -U 5"; + } + + { + keys = [ 225 ]; + events = [ "key" ]; + command = "${pkgs.light}/bin/light -A 5"; + } + ]; + }; + + mpd = { + musicDirectory = "/home/mpd/music"; + enable = false; + extraConfig = '' + audio_output { + type "pulse" + name "pulsee srv" + server "127.0.0.1" + } + ''; + }; + + dnscrypt-proxy2 = { + enable = true; + settings = { + ipv6_servers = true; + require_dnssec = true; + + sources.public-resolvers = { + urls = [ + "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" + "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" + ]; + cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; + minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; + }; + }; + }; + + journald.extraConfig = '' + SystemMaxUse=50M + ''; + + logind.extraConfig = '' + KillUserProcesses=yes + ''; + }; + + fonts = { + fontconfig = { + cache32Bit = true; + allowBitmaps = true; + useEmbeddedBitmaps = true; + defaultFonts = { + monospace = [ "JetBrainsMono" ]; + }; + }; + + fonts = with pkgs; [ + dejavu_fonts + dina-font + fira-code + fira-code-symbols + font-awesome + font-awesome_4 + inconsolata + iosevka + jetbrains-mono + liberation_ttf + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + proggyfonts + siji + terminus_font + terminus_font_ttf + ubuntu_font_family + ]; + }; + + virtualisation = { + containers.storage.settings = { + storage = { + driver = "btrfs"; + graphroot = "/var/lib/containers/storage"; + runroot = "/run/containers/storage"; + }; + }; + podman = { + enable = true; + dockerCompat = true; + }; + }; + + sound.enable = true; + + hardware = { + bluetooth = { + enable = true; + settings = { + General = { + Enable = "Source,Sink,Media,Socket"; + }; + }; + }; + + opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; + extraPackages = with pkgs; [ + ]; + }; + }; + + zramSwap = { + enable = false; + algorithm = "zstd"; + }; + + users.users.akill = { + isNormalUser = true; + shell = pkgs.zsh; + extraGroups = [ "wireshark" "kvm" "tty" "audio" "sound" "adbusers" "dialout" ]; + }; +} diff --git a/blue/hardware-configuration.nix b/blue/hardware-configuration.nix new file mode 100644 index 0000000..e5f834c --- /dev/null +++ b/blue/hardware-configuration.nix @@ -0,0 +1,67 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; + fsType = "btrfs"; + options = [ "subvol=root" "compress=zstd" "noatime" ]; + }; + + boot.initrd.luks.devices."enc_root".device = "/dev/disk/by-uuid/8eb8ac22-d89d-4406-bfbd-ce43e283649f"; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; + fsType = "btrfs"; + options = [ "subvol=home" "compress=zstd" "noatime" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress=zstd" "noatime" ]; + }; + + fileSystems."/var/log" = + { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; + fsType = "btrfs"; + options = [ "subvol=log" "compress=zstd" "noatime" ]; + neededForBoot = true; + }; + + fileSystems."/persist" = + { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; + fsType = "btrfs"; + options = [ "subvol=persist" "compress=zstd" "noatime" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/6C85-D29B"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} From 2d8a742ed12eaddb1095dfd578eb03b4aed69e8f Mon Sep 17 00:00:00 2001 From: Asmir A Date: Thu, 7 Sep 2023 10:57:18 +0200 Subject: [PATCH 2/2] blue: add skelet for blue host --- blue/configuration.nix | 54 +----------------------------------------- flake.lock | 30 +++++++++++------------ flake.nix | 16 +++++++++++++ home/home.nix | 4 ++-- home/home_packages.nix | 2 +- home/i3status-rust.nix | 7 +----- home/sway.nix | 13 ++++++---- 7 files changed, 45 insertions(+), 81 deletions(-) diff --git a/blue/configuration.nix b/blue/configuration.nix index f752d7c..e3cd396 100644 --- a/blue/configuration.nix +++ b/blue/configuration.nix @@ -6,7 +6,6 @@ { imports = [ - ./hardware-configuration.nix ]; @@ -70,57 +69,6 @@ variables = { PATH = "$HOME/.cargo/bin"; }; - systemPackages = with pkgs; [ - acpi - binutils - bluez - bluez-tools - btop - direnv - fd - file - fzf - fzy - gnupg - gptfdisk - htop - interception-tools - jq - nano - neovim - nix-index - nmap - ntfs3g - ntfsprogs - openhantek6022 - pax-utils - pciutils - pstree - psutils - ripgrep - rsync - silver-searcher - strace - tig - unrar - unzip - usbutils - vimpc - vulkan-extension-layer - vulkan-loader - vulkan-tools - vulkan-tools-lunarg - vulkan-validation-layers - wget - xdg-utils - zip - z-lua - swaylock - dmidecode - dnsmasq - dhcpcd - uutils-coreutils - ]; }; programs = { @@ -197,7 +145,7 @@ windowManager.i3.enable = true; }; - udev.packages = [ pkgs.openocd pkgs.rtl-sdr pkgs.openhantek6022 ]; + udev.packages = [ pkgs.rtl-sdr pkgs.openhantek6022 ]; tlp = { enable = true; diff --git a/flake.lock b/flake.lock index 5ac8ef8..2dba681 100644 --- a/flake.lock +++ b/flake.lock @@ -75,11 +75,11 @@ ] }, "locked": { - "lastModified": 1691599243, - "narHash": "sha256-Lw3VRCFFbjQLxZu37rL/o2RBb95VG8iThEhEkqo3SV8=", + "lastModified": 1693972774, + "narHash": "sha256-Dt9UZs0/DaIex598quYRYFuGabUbvFdNrHuvGc6HjBc=", "owner": "nix-community", "repo": "home-manager", - "rev": "a8f8f48320c64bd4e3a266a850bbfde2c6fe3a04", + "rev": "b22d7bab30076bbb73744867d6c5bf7d6380570c", "type": "github" }, "original": { @@ -123,11 +123,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1690066826, - "narHash": "sha256-6L2qb+Zc0BFkh72OS9uuX637gniOjzU6qCDBpjB2LGY=", + "lastModified": 1693675694, + "narHash": "sha256-2pIOyQwGyy2FtFAUIb8YeKVmOCcPOTVphbAvmshudLE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ce45b591975d070044ca24e3003c830d26fea1c8", + "rev": "5601118d39ca9105f8e7b39d4c221d3388c0419d", "type": "github" }, "original": { @@ -153,11 +153,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1691472822, - "narHash": "sha256-XVfYZ2oB3lNPVq6sHCY9WkdQ8lHoIDzzbpg8bB6oBxA=", + "lastModified": 1693844670, + "narHash": "sha256-t69F2nBB8DNQUWHD809oJZJVE+23XBrth4QZuVd6IE0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "41c7605718399dcfa53dd7083793b6ae3bc969ff", + "rev": "3c15feef7770eb5500a4b8792623e2d6f598c9c1", "type": "github" }, "original": { @@ -184,11 +184,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1690026219, - "narHash": "sha256-oOduRk/kzQxOBknZXTLSEYd7tk+GoKvr8wV6Ab+t4AU=", + "lastModified": 1693626178, + "narHash": "sha256-Rpiy6lIOu4zny8tfGuIeN1ji9eSz9nPmm9yBhh/4IOM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f465da166263bc0d4b39dfd4ca28b777c92d4b73", + "rev": "bfb7dfec93f3b5d7274db109f2990bc889861caf", "type": "github" }, "original": { @@ -234,11 +234,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1690199016, - "narHash": "sha256-yTLL72q6aqGmzHq+C3rDp3rIjno7EJZkFLof6Ika7cE=", + "lastModified": 1693898833, + "narHash": "sha256-OIrMAGNYNeLs6IvBynxcXub7aSW3GEUvWNsb7zx6zuU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "c36df4fe4bf4bb87759b1891cab21e7a05219500", + "rev": "faf21ac162173c2deb54e5fdeed002a9bd6e8623", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ee13bb9..93da671 100644 --- a/flake.nix +++ b/flake.nix @@ -53,6 +53,22 @@ } ]; }; + + blue = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + {_module.args = inputs;} + ./blue/configuration.nix + ./blue/hardware-configuration.nix + ./packages.nix + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.akill = import ./home/home.nix; + } + ]; + }; }; devShell.x86_64-linux = pkgs.mkShell { diff --git a/home/home.nix b/home/home.nix index 15b45bb..d3ae925 100644 --- a/home/home.nix +++ b/home/home.nix @@ -53,7 +53,7 @@ in { slang = "eng,en"; alang = "eng,en"; hwdec = "auto"; - vo = "dmabuf-wayland"; + vo = "gpu-next"; ao = "pipewire"; script-opts-set = "ytdl_hook-ytdl_path=yt-dlp,sponsorblock-local_database=no,sponsorblock-skip_categories=[sponsor,intro,selfpromo]"; ytdl-format = "bestvideo[height<=?1080]+bestaudio/best"; @@ -127,7 +127,7 @@ in { qutebrowser = { enable = true; - package = pkgs.qutebrowser-qt6; + package = pkgs.qutebrowser; keyBindings = { normal = { "j" = "scroll-px 0 25"; diff --git a/home/home_packages.nix b/home/home_packages.nix index e4d92c6..661c8c7 100644 --- a/home/home_packages.nix +++ b/home/home_packages.nix @@ -32,7 +32,7 @@ imv jellyfin-media-player kdenlive - kicad + /*kicad*/ kodi-wayland libnotify libreoffice diff --git a/home/i3status-rust.nix b/home/i3status-rust.nix index 5a56de7..e344e7f 100644 --- a/home/i3status-rust.nix +++ b/home/i3status-rust.nix @@ -31,12 +31,7 @@ } { block = "net"; - device = "wlan0"; - interval = 2; - } - { - block = "net"; - device = "enp5s0"; + device = "eno1"; interval = 2; } { diff --git a/home/sway.nix b/home/sway.nix index 101fbc1..860c94b 100644 --- a/home/sway.nix +++ b/home/sway.nix @@ -33,16 +33,21 @@ modifier = "Mod4"; output = { eDP-1 = { - bg = "~/pic/weird_dragon.jpg stretch"; /* + bg = "~/pic/weird_dragon.jpg stretch"; scale = "1.4"; */ }; + + HDMI-A-4 = { + res = "1920x1080"; + }; }; + input = { - "1:1:AT_Translated_Set_2_keyboard" = {repeat_delay = "150";}; - "1:1:AT_Translated_Set_2_keyboard" = {repeat_rate = "70";}; - "2:7:SynPS/2_Synaptics_TouchPad" = {tap = "enabled";}; + "type:keyboard" = { repeat_delay = "150"; }; + "type:keyboard" = { repeat_rate = "70"; }; + "*TouchPad" = { tap = "enabled"; }; }; bars = [