asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

blue: start flake migration

Browse Source
This commit is contained in:
Asmir A 2023-08-11 20:41:58 +02:00
parent c003245bb5
commit 55a2150b03
2 changed files with 424 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

357
blue/configuration.nix Normal file
View File

@ -0,0 +1,357 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
{
imports =
[
./hardware-configuration.nix
];
system.stateVersion = "23.05";
system.autoUpgrade.enable = true;
nix = {
optimise.automatic = true;
gc.automatic = true;
gc.options = "--delete-older-than 7d";
package = pkgs.nixUnstable;
settings.experimental-features = [ "nix-command" "flakes" ];
};
boot = {
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [ "msr.allow_writes=on" ];
supportedFilesystems = [ "btrfs" ];
tmpOnTmpfs = true;
initrd.compressor = "zstd";
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
#readOnlyNixStore = true;
};
security = {
rtkit.enable = true;
allowSimultaneousMultithreading = true;
sudo.enable = false;
doas.enable = true;
doas.extraRules = [{
users = [ "akill" ];
keepEnv = true;
persist = true;
}];
};
powerManagement = {
enable = true;
};
networking = {
firewall.enable = true;
hostName = "blue";
nameservers = [ "127.0.0.1" "::1" ];
dhcpcd.extraConfig = "nohook resolv.conf";
networkmanager = {
enable = true;
dns = "none";
/*wifi.backend = "iwd"; */
};
};
time.timeZone = "Europe/Sarajevo";
nixpkgs.config.allowUnfree = true;
environment = {
homeBinInPath = true;
variables = {
PATH = "$HOME/.cargo/bin";
};
systemPackages = with pkgs; [
acpi
binutils
bluez
bluez-tools
btop
direnv
fd
file
fzf
fzy
gnupg
gptfdisk
htop
interception-tools
jq
nano
neovim
nix-index
nmap
ntfs3g
ntfsprogs
openhantek6022
pax-utils
pciutils
pstree
psutils
ripgrep
rsync
silver-searcher
strace
tig
unrar
unzip
usbutils
vimpc
vulkan-extension-layer
vulkan-loader
vulkan-tools
vulkan-tools-lunarg
vulkan-validation-layers
wget
xdg-utils
zip
z-lua
swaylock
dmidecode
dnsmasq
dhcpcd
uutils-coreutils
];
};
programs = {
gnupg.agent = { enable = true; enableSSHSupport = true; };
zsh.enable = true;
firejail.enable = true;
adb.enable = true;
wireshark.enable = true;
sway.enable = true;
};
# List services that you want to enable:
systemd = {
services = {
"caps2esc" = {
description = "Intercepts keyboard udev events";
wants = [ "systemd-udevd.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.Nice = -20;
script = ''
${pkgs.interception-tools}/bin/intercept \
-g /dev/input/by-path/*-kbd | \
/opt/caps2esc | ${pkgs.interception-tools}/bin/uinput \
-d /dev/input/by-path/*-kbd \
'';
};
};
extraConfig = ''
DefaultTimeoutStartSec=30s
DefaultTimeoutStopSec=30s
'';
};
services = {
acpid.enable = true;
btrfs.autoScrub.enable = true;
dbus.enable = true;
fstrim.enable = true;
fwupd.enable = true;
ntp.enable = true;
openssh.enable = false;
printing.enable = true;
nextcloud = {
enable = true;
hostName = "localhost";
config.adminpassFile = "${pkgs.writeText "adminpass" "test123"}";
};
jellyfin = {
enable = false;
user = "akill";
openFirewall = false;
};
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
xserver = {
enable = true;
dpi = 144;
libinput.enable = true;
desktopManager.xterm.enable = false;
displayManager = {
lightdm.enable = false;
startx.enable = true;
defaultSession = "none+i3";
};
windowManager.i3.enable = true;
};
udev.packages = [ pkgs.openocd pkgs.rtl-sdr pkgs.openhantek6022 ];
tlp = {
enable = true;
};
actkbd = {
enable = true;
bindings = [
{
keys = [ 113 ];
events = [ "key" ];
command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master toggle'";
}
{
keys = [ 114 ];
events = [ "key" "rep" ];
command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%- unmute'";
}
{
keys = [ 115 ];
events = [ "key" "rep" ];
command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%+ unmute'";
}
{
keys = [ 224 ];
events = [ "key" ];
command = "${pkgs.light}/bin/light -U 5";
}
{
keys = [ 225 ];
events = [ "key" ];
command = "${pkgs.light}/bin/light -A 5";
}
];
};
mpd = {
musicDirectory = "/home/mpd/music";
enable = false;
extraConfig = ''
audio_output {
type "pulse"
name "pulsee srv"
server "127.0.0.1"
}
'';
};
dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = true;
require_dnssec = true;
sources.public-resolvers = {
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
};
};
journald.extraConfig = ''
SystemMaxUse=50M
'';
logind.extraConfig = ''
KillUserProcesses=yes
'';
};
fonts = {
fontconfig = {
cache32Bit = true;
allowBitmaps = true;
useEmbeddedBitmaps = true;
defaultFonts = {
monospace = [ "JetBrainsMono" ];
};
};
fonts = with pkgs; [
dejavu_fonts
dina-font
fira-code
fira-code-symbols
font-awesome
font-awesome_4
inconsolata
iosevka
jetbrains-mono
liberation_ttf
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
proggyfonts
siji
terminus_font
terminus_font_ttf
ubuntu_font_family
];
};
virtualisation = {
containers.storage.settings = {
storage = {
driver = "btrfs";
graphroot = "/var/lib/containers/storage";
runroot = "/run/containers/storage";
};
};
podman = {
enable = true;
dockerCompat = true;
};
};
sound.enable = true;
hardware = {
bluetooth = {
enable = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
};
};
};
opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
];
};
};
zramSwap = {
enable = false;
algorithm = "zstd";
};
users.users.akill = {
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [ "wireshark" "kvm" "tty" "audio" "sound" "adbusers" "dialout" ];
};
}

67
blue/hardware-configuration.nix Normal file
View File

@ -0,0 +1,67 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
boot.initrd.luks.devices."enc_root".device = "/dev/disk/by-uuid/8eb8ac22-d89d-4406-bfbd-ce43e283649f";
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
fileSystems."/var/log" =
{ device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
neededForBoot = true;
};
fileSystems."/persist" =
{ device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4";
fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" "noatime" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/6C85-D29B";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}