From 509b41049b045885bde71c8eb68e4d665f7c00e8 Mon Sep 17 00:00:00 2001 From: Frantisek Bohacek Date: Thu, 4 Apr 2024 19:46:05 +0200 Subject: [PATCH] chore: remove unnecessary code, use modules instead of imports, split files --- flake.lock | 60 +-------- flake.nix | 42 ++----- hosts/configuration.nix | 107 +++++++--------- hosts/default.nix | 116 ++---------------- hosts/desktop-clotho/default.nix | 38 ++---- hosts/home.nix | 19 +-- hosts/laptop-iapetus/default.nix | 40 ++---- hosts/laptop-phobos/default.nix | 114 +++-------------- hosts/laptop-phobos/udev.nix | 77 ++++++++++++ hosts/nixos-config-options.nix | 15 +++ modules/desktop/default.nix | 2 +- modules/desktop/dm/sddm-themes/sugar-dark.nix | 10 +- modules/desktop/dm/sddm.nix | 7 +- modules/desktop/gnome/default.nix | 32 +---- modules/desktop/qtile/home.nix | 8 +- modules/desktop/virtualisation/default.nix | 23 +--- modules/desktop/virtualisation/podman.nix | 2 + modules/desktop/virtualisation/qemu.nix | 16 ++- modules/desktop/virtualisation/x11vnc.nix | 43 ------- modules/editors/emacs/doom.d/config.el | 2 +- modules/editors/emacs/home.nix | 11 +- modules/editors/home.nix | 12 +- modules/hardware/default.nix | 8 +- modules/hardware/rocm/default.nix | 2 +- modules/hardware/work/default.nix | 18 --- modules/hardware/work/eduroam.patch | 11 -- modules/hardware/work/nvidia.nix | 38 ------ modules/hardware/work/wpa.nix | 15 --- modules/programs/firefox.nix | 21 ++-- modules/programs/games.nix | 2 +- modules/programs/home.nix | 18 +-- modules/programs/iamb.nix | 26 ++++ modules/services/default.nix | 12 +- modules/services/flameshot.nix | 4 +- modules/services/home.nix | 20 +-- modules/services/ssh.nix | 4 +- modules/services/syncthing.nix | 31 ++--- modules/services/wg-options.nix | 9 ++ modules/services/wireguard.nix | 12 +- modules/shell/home.nix | 12 +- nix/default.nix | 34 ----- nix/pacman.nix | 54 -------- 42 files changed, 364 insertions(+), 783 deletions(-) create mode 100644 hosts/laptop-phobos/udev.nix create mode 100644 hosts/nixos-config-options.nix delete mode 100644 modules/desktop/virtualisation/x11vnc.nix delete mode 100644 modules/hardware/work/default.nix delete mode 100644 modules/hardware/work/eduroam.patch delete mode 100644 modules/hardware/work/nvidia.nix delete mode 100644 modules/hardware/work/wpa.nix create mode 100644 modules/programs/iamb.nix create mode 100644 modules/services/wg-options.nix delete mode 100644 nix/default.nix delete mode 100644 nix/pacman.nix diff --git a/flake.lock b/flake.lock index 4c5acf9..82f29b8 100644 --- a/flake.lock +++ b/flake.lock @@ -88,21 +88,6 @@ "type": "github" } }, - "flake-utils_2": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "gitignore": { "inputs": { "nixpkgs": [ @@ -213,27 +198,6 @@ "type": "github" } }, - "nixgl": { - "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1710868679, - "narHash": "sha256-V1o2bCZdeYKP/0zgVp4EN0KUjMItAMk6J7SvCXUI5IU=", - "owner": "guibou", - "repo": "nixGL", - "rev": "d709a8abcde5b01db76ca794280745a43c8662be", - "type": "github" - }, - "original": { - "owner": "guibou", - "repo": "nixGL", - "type": "github" - } - }, "nixos-hardware": { "locked": { "lastModified": 1711352745, @@ -350,12 +314,10 @@ "lanzaboote": "lanzaboote", "nix-fpga-tools": "nix-fpga-tools", "nix-index-database": "nix-index-database", - "nixgl": "nixgl", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "nixpkgs-stable": "nixpkgs-stable_2", - "nur": "nur", - "semi-secrets": "semi-secrets" + "nur": "nur" } }, "rust-overlay": { @@ -383,26 +345,6 @@ "type": "github" } }, - "semi-secrets": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1710275391, - "narHash": "sha256-YF9Yey+QQltY+WpuI4NxhkFVlHdCfc0Ck0TVS67A7AY=", - "ref": "refs/heads/main", - "rev": "a592efb2437f8a0ef332faf7e95b29a2499c0c98", - "revCount": 4, - "type": "git", - "url": "ssh://git@github.com/Rutherther/nixos-semi-secrets" - }, - "original": { - "type": "git", - "url": "ssh://git@github.com/Rutherther/nixos-semi-secrets" - } - }, "systems": { "locked": { "lastModified": 1681028828, diff --git a/flake.nix b/flake.nix index ea52e12..7476908 100644 --- a/flake.nix +++ b/flake.nix @@ -14,30 +14,15 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.05"; - semi-secrets = { - url = "git+ssh://git@github.com/Rutherther/nixos-semi-secrets"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - home-manager = { # User Package Management + home-manager = { url = "github:nix-community/home-manager/master"; inputs.nixpkgs.follows = "nixpkgs"; }; - nur = { # NUR Packages - url = "github:nix-community/NUR"; # Add "nur.nixosModules.nur" to the host modules + nur = { + url = "github:nix-community/NUR"; }; - nixgl = { # OpenGL - url = "github:guibou/nixGL"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - # nix-vscode-extensions = { - # url = "github:nix-community/nix-vscode-extensions"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; - nix-index-database = { url = "github:nix-community/nix-index-database"; inputs.nixpkgs.follows = "nixpkgs"; @@ -58,27 +43,14 @@ }; }; - outputs = inputs @ { self, nixpkgs, nixpkgs-stable, nix-index-database, home-manager, nur, nixgl, nixos-hardware, lanzaboote, ... }: + outputs = inputs @ { self, nixpkgs, nixpkgs-stable, nix-index-database, home-manager, nur, nixos-hardware, lanzaboote, ... }: let - user = "ruther"; - location = "$HOME/.setup"; - - pkgs = import nixpkgs { - system = "x86_64-linux"; - }; - in - { + pkgs = nixpkgs.legacyPackages.x86_64-linux; + in { nixosConfigurations = ( import ./hosts { inherit (nixpkgs) lib; - inherit inputs nixpkgs nixpkgs-stable nix-index-database home-manager nur user location; - } - ); - - homeConfigurations = ( - import ./nix { - inherit (nixpkgs) lib; - inherit inputs nixpkgs nixpkgs-stable nix-index-database home-manager nixgl user location; + inherit inputs nixpkgs nixpkgs-stable nix-index-database nur; } ); diff --git a/hosts/configuration.nix b/hosts/configuration.nix index ea5a6bf..e6d41e0 100644 --- a/hosts/configuration.nix +++ b/hosts/configuration.nix @@ -11,33 +11,56 @@ # └─ default.nix # -{ config, nixpkgs, lib, pkgs, inputs, user, ... }: +{ stable, pkgs, inputs, config, ... }: { - imports = # Home Manager Modules - [(import ../modules/desktop)] ++ - (import ../modules/services); + imports = [ + ../modules/desktop + ../modules/services + ./nixos-config-options.nix + + inputs.home-manager.nixosModules.home-manager + ]; boot.tmp = { cleanOnBoot = true; useTmpfs = true; }; + home-manager.useUserPackages = true; + home-manager.useGlobalPkgs = true; + home-manager.extraSpecialArgs = { + inherit inputs stable; + }; + home-manager.users.${config.nixos-config.defaultUser} = { + imports = [ + inputs.nix-index-database.hmModules.nix-index + ./home.nix + ./${config.networking.hostName}/home.nix + ./nixos-config-options.nix + + { + nixos-config = { + inherit (config.nixos-config) defaultUser location; + }; + } + ]; + }; + hardware.pulseaudio.enable = false; - users.groups.plugdev.members = [ "${user}" ]; - users.users.${user} = { # System User + users.users.${config.nixos-config.defaultUser} = { isNormalUser = true; - extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "scanner" "kvm" "libvirtd" "plex" "podman" "input" "tty" ]; - shell = pkgs.zsh; # Default shell + extraGroups = [ + "wheel" "video" "audio" "camera" + "networkmanager" "lp" "scanner" + "plex" ]; + shell = pkgs.zsh; }; - programs.zsh.enable = true; # has to be here to set shell to zsh - # zsh is configured at home-manager level afterwards + programs.zsh.enable = true; networking.networkmanager.enable = true; - programs.command-not-found.enable = false; - security.sudo.wheelNeedsPassword = true; programs.dconf.enable = true; services.udisks2.enable = true; @@ -45,15 +68,11 @@ time.timeZone = "Europe/Prague"; # Time zone and internationalisation i18n = { defaultLocale = "en_US.UTF-8"; - extraLocaleSettings = { # Extra locale settings that need to be overwritten - # LC_TIME = "cs_CZ.UTF-8"; - # LC_MONETARY = "cs_CZ.UTF-8"; - }; }; console = { font = "Lat2-Terminus16"; - keyMap = "us"; # or us/azerty/etc + keyMap = "us"; }; security.rtkit.enable = true; @@ -99,9 +118,9 @@ environment = { variables = { - TERMINAL = "alacritty"; - EDITOR = "nvim"; - VISUAL = "nvim"; + TERMINAL = "kitty"; + EDITOR = "emacsclient"; + VISUAL = "emacsclient"; }; pathsToLink = [ "/share/zsh" ]; systemPackages = with pkgs; [ # Default packages installed system-wide @@ -131,23 +150,8 @@ }; }; - # services.pipewire.wireplumber.configPackages = - # environment.etc = { - # "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' - # bluez_monitor.properties = { - # ["bluez5.msbc-support"] = true; - # ["bluez5.sbc-xq-support"] = true; - # ["bluez5.enable-faststream"] = true; - # ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag ]"; - # ["bluez5.hfphsp-backend"] = "hsphfpd"; - # } - # ''; - # }; - systemd.network = { - wait-online = { - enable = false; - }; + wait-online.enable = false; }; nix = { # Nix Package Manager settings @@ -158,18 +162,7 @@ "nixpkgs-stable=flake:nixpkgs-stable" ]; - # package = pkgs.nixVersions.stable.overrideAttrs (old: { - # patches = old.patches or [ ] ++ [ - # (pkgs.fetchpatch { - # url = "https://github.com/NixOS/nix/commit/b6ae3be9c6ec4e9de55479188e76fc330b2304dd.patch"; - # hash = "sha256-VyIywGo1ie059wXmGWx+bNeHz9lNk6nlkJ/Qgd1kmzw="; - # }) - # ]; - # }); - settings = { - # reject-flake-config = true; - connect-timeout = 5; flake-registry = ""; # Do not pollute with external flake registry @@ -178,6 +171,10 @@ substituters = [ "https://cache.nixos.org" ]; + + keep-outputs = true; + keep-derivations = true; + experimental-features = [ "nix-command" "flakes" ]; }; gc = { # Automatic garbage collection @@ -185,24 +182,12 @@ dates = "weekly"; options = "--delete-older-than 2d"; }; - - extraOptions = '' - experimental-features = nix-command flakes - keep-outputs = true - keep-derivations = true - ''; }; - nixpkgs.config.allowUnfree = true; # Allow proprietary software. - - # nixpkgs.overlays = [ - # (final: prev: { - # xz = inputs.nixpkgs-stable.legacyPackages.${prev.hostPlatform.system}.xz; - # }) - # ]; + nixpkgs.config.allowUnfree = true; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - system = { # NixOS settings + system = { stateVersion = "23.05"; }; } diff --git a/hosts/default.nix b/hosts/default.nix index 6365450..a27142d 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,40 +1,23 @@ # # These are the different profiles that can be used when building NixOS. # -# flake.nix -# └─ ./hosts +# flake.nix +# └─ ./hosts # ├─ default.nix * # ├─ configuration.nix # ├─ home.nix # └─ ./desktop OR ./laptop OR ./work OR ./vm # ├─ ./default.nix -# └─ ./home.nix +# └─ ./home.nix # -{ lib, inputs, nixpkgs, nixpkgs-stable, nix-index-database, home-manager, nur, user, location, ... }: +{ lib, inputs, ...}: -let - system = "x86_64-linux"; # System architecture - - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = true; # Allow proprietary software - }; - - stable = import nixpkgs-stable { - inherit system; - config.allowUnfree = true; # Allow proprietary software - }; - - lib = nixpkgs.lib; -in { - laptop-iapetus = lib.nixosSystem { # Laptop profile # Ideapad S540 - inherit system; specialArgs = { - inherit inputs stable user location; + inherit inputs; }; modules = [ inputs.nixos-hardware.nixosModules.common-cpu-intel @@ -42,120 +25,41 @@ in inputs.nixos-hardware.nixosModules.common-pc-laptop inputs.nixos-hardware.nixosModules.common-pc-laptop-acpi_call inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd - nur.nixosModules.nur - { nixpkgs.overlays = [ nur.overlay ]; } ./laptop-iapetus ./configuration.nix - - home-manager.nixosModules.home-manager { - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = { - inherit inputs stable user location; - }; - home-manager.users.${user} = { - imports = [ - nur.hmModules.nur - nix-index-database.hmModules.nix-index - { nixpkgs.overlays = [ nur.overlay ]; } - (import ./home.nix) - (import ./laptop-iapetus/home.nix) - ]; - }; - } ]; }; laptop-phobos = lib.nixosSystem { # Laptop profile # Thinkpad T14s - inherit system; specialArgs = { - inherit inputs stable user location; + inherit inputs; }; modules = [ inputs.lanzaboote.nixosModules.lanzaboote inputs.nixos-hardware.nixosModules.lenovo-thinkpad-t14s-amd-gen1 - nur.nixosModules.nur - { nixpkgs.overlays = [ nur.overlay ]; } ./laptop-phobos ./configuration.nix - - home-manager.nixosModules.home-manager { - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = { - inherit inputs stable user location; - }; - home-manager.users.${user} = { - imports = [ - nur.hmModules.nur - nix-index-database.hmModules.nix-index - { nixpkgs.overlays = [ nur.overlay ]; } - (import ./home.nix) - (import ./laptop-phobos/home.nix) - ]; - }; - } ]; }; desktop-clotho = lib.nixosSystem { # Desktop profile - inherit system; specialArgs = { - inherit inputs stable system user location; - }; # Pass flake variable - modules = [ # Modules that are used. - nur.nixosModules.nur - { nixpkgs.overlays = [ nur.overlay ]; } + inherit inputs; + }; + modules = [ ./desktop-clotho ./configuration.nix - - home-manager.nixosModules.home-manager { # Home-Manager module that is used. - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = { - inherit inputs stable user location; - }; # Pass flake variable - home-manager.users.${user} = { - imports = [ - nur.hmModules.nur - nix-index-database.hmModules.nix-index - { nixpkgs.overlays = [ nur.overlay ]; } - ./home.nix - ./desktop-clotho/home.nix - ]; - }; - } ]; }; vm = lib.nixosSystem { # VM profile - inherit system; specialArgs = { - inherit inputs stable user location; + inherit inputs; }; modules = [ - nur.nixosModules.nur - { nixpkgs.overlays = [ nur.overlay ]; } ./vm ./configuration.nix - - home-manager.nixosModules.home-manager { - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = { - inherit inputs stable user location; - }; - home-manager.users.${user} = { - imports = [ - nur.hmModules.nur - nix-index-database.hmModules.nix-index - { nixpkgs.overlays = [ nur.overlay ]; } - (import ./home.nix) - (import ./vm/home.nix) - ]; - }; - } ]; }; } diff --git a/hosts/desktop-clotho/default.nix b/hosts/desktop-clotho/default.nix index 3abe19a..02d0342 100644 --- a/hosts/desktop-clotho/default.nix +++ b/hosts/desktop-clotho/default.nix @@ -18,20 +18,17 @@ # └─ default.nix # -{ inputs, pkgs, lib, user, config, location, ... }: +{ pkgs, ... }: { - imports = # For now, if applying to other system, swap files - [(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix - [(import ../../modules/desktop/dm/sddm.nix)] ++ # Desktop manager - [(import ../../modules/desktop/qtile/default.nix)] ++ # Window Manager - [(import ../../modules/programs/games.nix)] ++ - (import ../../modules/desktop/virtualisation) ++ # Window Manager - (import ../../modules/hardware) ++ # Hardware devices - [(import ../../modules/programs/fpga/vivado { - inherit pkgs lib config; - vivadoPath = "/data/Linux/fpga/apps/xilinx/Vivado/2023.1/bin/vivado"; - })]; + imports = [ + ./hardware-configuration.nix + ../../modules/desktop/dm/sddm.nix + ../../modules/desktop/qtile/default.nix + ../../modules/programs/games.nix + ../../modules/desktop/virtualisation + ../../modules/hardware + ]; networking.hostName = "desktop-clotho"; @@ -76,26 +73,11 @@ xserver.videoDrivers = [ "amdgpu" ]; }; - networking.wireguard.interfaces = { - wg0 = { - ips = [ "${inputs.semi-secrets.wg.lan.desktopIp}/32" ]; - }; - }; + wg.ip = "192.168.32.21"; services.nix-serve = { enable = true; secretKeyFile = "/var/cache-priv-key.pem"; openFirewall = true; }; - - # nixpkgs.overlays = [ # This overlay will pull the latest version of Discord - # (self: super: { - # discord = super.discord.overrideAttrs ( - # _: { src = builtins.fetchTarball { - # url = "https://discord.com/api/download?platform=linux&format=tar.gz"; - # sha256 = "1z980p3zmwmy29cdz2v8c36ywrybr7saw8n0w7wlb74m63zb9gpi"; - # };} - # ); - # }) - # ]; } diff --git a/hosts/home.nix b/hosts/home.nix index 5131288..47f6a53 100644 --- a/hosts/home.nix +++ b/hosts/home.nix @@ -11,20 +11,21 @@ # └─ default.nix # -{ config, lib, nix-index-database, nixpkgs, inputs, stable, pkgs, user, location, ... }: +{ config, inputs, pkgs, ... }: { - imports = # Home Manager Modules - (import ../modules/programs/home.nix) ++ - (import ../modules/shell/home.nix) ++ - (import ../modules/editors/home.nix) ++ - (import ../modules/services/home.nix); + imports = [ + ../modules/programs/home.nix + ../modules/shell/home.nix + ../modules/editors/home.nix + ../modules/services/home.nix + ]; - # nixpkgs.config.allowUnfree = true; nix = { registry.nixpkgs.flake = inputs.nixpkgs; registry.nixpkgs-stable.flake = inputs.nixpkgs-stable; }; + home.sessionVariables.NIX_PATH = "nixpkgs=flake:nixpkgs$\{NIX_PATH:+:$NIX_PATH}"; @@ -92,8 +93,8 @@ }; home = { - username = "${user}"; - homeDirectory = "/home/${user}"; + username = config.nixos-config.defaultUser; + homeDirectory = "/home/${config.nixos-config.defaultUser}"; packages = with pkgs; [ # Terminal diff --git a/hosts/laptop-iapetus/default.nix b/hosts/laptop-iapetus/default.nix index b887e36..ec13370 100644 --- a/hosts/laptop-iapetus/default.nix +++ b/hosts/laptop-iapetus/default.nix @@ -16,19 +16,16 @@ # └─ default.nix # -{ inputs, config, pkgs, lib, user, ... }: +{ pkgs, ... }: { - imports = # For now, if applying to other system, swap files - [(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix - [(import ../../modules/desktop/dm/sddm.nix)] ++ # Desktop manager - [(import ../../modules/desktop/qtile/default.nix)] ++ # Window Manager - (import ../../modules/hardware) ++ - (import ../../modules/desktop/virtualisation) ++ - [(import ../../modules/programs/fpga/vivado { - inherit pkgs lib config; - vivadoPath = "/data/fpga/xilinx/Vivado/2023.1/bin/vivado"; - })]; # Hardware devices + imports = [ + ./hardware-configuration.nix + ../../modules/desktop/dm/sddm.nix + ../../modules/desktop/qtile/default.nix + ../../modules/hwardware + ../../modules/desktop/virtualisation + ]; networking.hostName = "laptop-iapetus"; @@ -56,8 +53,8 @@ }; environment = { - systemPackages = with pkgs; [ - xorg.xf86videointel + systemPackages = [ + pkgs.xorg.xf86videointel ]; }; @@ -102,20 +99,5 @@ }; }; - networking.wireguard.interfaces = { - wg0 = { - ips = [ "${inputs.semi-secrets.wg.lan.laptopIp}/32" ]; - }; - }; - - nix = { - settings = { - substituters = [ - "desktop.local" - ]; - trusted-substituters = [ - "desktop.local:3XEsbBcVpKcx0ViXnZwcagllTUazVnc+Rzx5DKUU1Rs=" - ]; - }; - }; + wg.ip = "192.168.32.22"; } diff --git a/hosts/laptop-phobos/default.nix b/hosts/laptop-phobos/default.nix index 4553c84..009e7d1 100644 --- a/hosts/laptop-phobos/default.nix +++ b/hosts/laptop-phobos/default.nix @@ -16,84 +16,18 @@ # └─ default.nix # -{ inputs, config, pkgs, lib, user, ... }: - -let - trezor-udev-rules = pkgs.writeTextFile { - name = "trezor-udev-rules"; - destination = "/etc/udev/rules.d/100-trezor.rules"; - text = '' - # Trezor: The Original Hardware Wallet - # https://trezor.io/ - # - # Put this file into /etc/udev/rules.d - # - # If you are creating a distribution package, - # put this into /usr/lib/udev/rules.d or /lib/udev/rules.d - # depending on your distribution - - # Trezor - SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" - - # Trezor v2 - SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" - ''; - }; - - ti-udev-rules = pkgs.writeTextFile { - name = "tiva-c-launchpad-udev-rules"; - destination = "/etc/udev/rules.d/100-tiva-c.rules"; - text = '' - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0403",ATTRS{idProduct}=="a6d0",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0403",ATTRS{idProduct}=="a6d1",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0403",ATTRS{idProduct}=="6010",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="1cbe",ATTRS{idProduct}=="00fd",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="1cbe",ATTRS{idProduct}=="00ff",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef1",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef2",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef3",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef4",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="f432",MODE:="600", TAG+="uaccess" - SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0d28",ATTRS{idProduct}=="0204",MODE:="600", TAG+="uaccess" - KERNEL=="hidraw*",ATTRS{busnum}=="*",ATTRS{idVendor}=="0d28",ATTRS{idProduct}=="0204",MODE:="600", TAG+="uaccess" - ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef0",ENV{ID_MM_DEVICE_IGNORE}="1" - ATTRS{idVendor}=="0c55",ATTRS{idProduct}=="0220",ENV{ID_MM_DEVICE_IGNORE}="1" - KERNEL=="ttyACM[0-9]*",MODE:="0600", TAG+="uaccess" - ''; - }; - - stlink-udev-rules = pkgs.writeTextFile { - name = "stlink-udev-rules"; - destination ="/etc/udev/rules.d/100-stlink.rules"; - text = '' - # ST-LINK V2 - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3748", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv2_%n" - - # ST-LINK V2.1 - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374b", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv2-1_%n" - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3752", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv2-1_%n" - - # ST-LINK V3 - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374d", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3loader_%n" - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374e", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3_%n" - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374f", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3_%n" - SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3753", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3_%n" - ''; - }; -in { - imports = # For now, if applying to other system, swap files - [(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix - #[(import ../../modules/desktop/dm/sddm.nix)] ++ # Desktop manager - [(import ../../modules/desktop/dm/gdm.nix)] ++ # Desktop manager - [(import ../../modules/desktop/qtile/default.nix)] ++ # Window Manager - [(import ../../modules/desktop/gnome/default.nix)] ++ # Window Manager - (import ../../modules/hardware) ++ - [(import ../../modules/hardware/rocm)] ++ - [(import ../../modules/programs/games.nix)] ++ - (import ../../modules/desktop/virtualisation); +{ pkgs, lib, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ../../modules/desktop/dm/gdm.nix + ../../modules/desktop/qtile/default.nix + ../../modules/desktop/gnome/default.nix + ../../modules/hardware + ../../modules/desktop/virtualisation + ./udev.nix + ]; networking.hostName = "laptop-phobos"; @@ -143,10 +77,10 @@ in { programs = { xss-lock = let xsecurelock = (pkgs.xsecurelock.overrideAttrs(attrs: { - postInstall = attrs.postInstall or "" + '' - wrapProgram $out/bin/xsecurelock --set XSECURELOCK_COMPOSITE_OBSCURER 0 - ''; - })); + postInstall = attrs.postInstall or "" + '' + wrapProgram $out/bin/xsecurelock --set XSECURELOCK_COMPOSITE_OBSCURER 0 + ''; + })); in { enable = true; lockerCommand = "${xsecurelock}/bin/xsecurelock"; @@ -156,16 +90,6 @@ in { services = { logind.lidSwitch = "suspend"; # suspend on lid close - udev = { - packages = [ - inputs.nix-fpga-tools.packages.x86_64-linux.ise-udev-rules - inputs.nix-fpga-tools.packages.x86_64-linux.vivado-udev-rules - trezor-udev-rules - ti-udev-rules - stlink-udev-rules - ]; - }; - xserver.libinput = { enable = true; touchpad = { @@ -184,9 +108,5 @@ in { }; # Wireguard - networking.wireguard.interfaces = { - wg0 = { - ips = [ "${inputs.semi-secrets.wg.lan.laptopPhobosIp}/32" ]; - }; - }; + wg.ip = "192.168.32.25"; } diff --git a/hosts/laptop-phobos/udev.nix b/hosts/laptop-phobos/udev.nix new file mode 100644 index 0000000..bc6fcf9 --- /dev/null +++ b/hosts/laptop-phobos/udev.nix @@ -0,0 +1,77 @@ +{ inputs, config, pkgs, ... }: + +let + trezor-udev-rules = pkgs.writeTextFile { + name = "trezor-udev-rules"; + destination = "/etc/udev/rules.d/100-trezor.rules"; + text = '' + # Trezor: The Original Hardware Wallet + # https://trezor.io/ + # + # Put this file into /etc/udev/rules.d + # + # If you are creating a distribution package, + # put this into /usr/lib/udev/rules.d or /lib/udev/rules.d + # depending on your distribution + + # Trezor + SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + + # Trezor v2 + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + ''; + }; + + ti-udev-rules = pkgs.writeTextFile { + name = "tiva-c-launchpad-udev-rules"; + destination = "/etc/udev/rules.d/100-tiva-c.rules"; + text = '' + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0403",ATTRS{idProduct}=="a6d0",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0403",ATTRS{idProduct}=="a6d1",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0403",ATTRS{idProduct}=="6010",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="1cbe",ATTRS{idProduct}=="00fd",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="1cbe",ATTRS{idProduct}=="00ff",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef1",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef2",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef3",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef4",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0451",ATTRS{idProduct}=="f432",MODE:="600", TAG+="uaccess" + SUBSYSTEM=="usb",ENV{DEVTYPE}=="usb_device",ATTRS{idVendor}=="0d28",ATTRS{idProduct}=="0204",MODE:="600", TAG+="uaccess" + KERNEL=="hidraw*",ATTRS{busnum}=="*",ATTRS{idVendor}=="0d28",ATTRS{idProduct}=="0204",MODE:="600", TAG+="uaccess" + ATTRS{idVendor}=="0451",ATTRS{idProduct}=="bef0",ENV{ID_MM_DEVICE_IGNORE}="1" + ATTRS{idVendor}=="0c55",ATTRS{idProduct}=="0220",ENV{ID_MM_DEVICE_IGNORE}="1" + KERNEL=="ttyACM[0-9]*",MODE:="0600", TAG+="uaccess" + ''; + }; + + stlink-udev-rules = pkgs.writeTextFile { + name = "stlink-udev-rules"; + destination ="/etc/udev/rules.d/100-stlink.rules"; + text = '' + # ST-LINK V2 + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3748", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv2_%n" + + # ST-LINK V2.1 + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374b", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv2-1_%n" + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3752", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv2-1_%n" + + # ST-LINK V3 + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374d", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3loader_%n" + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374e", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3_%n" + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="374f", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3_%n" + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3753", MODE="600", TAG+="uaccess", SYMLINK+="stlinkv3_%n" + ''; + }; +in { + services.udev.packages = [ + trezor-udev-rules + ti-udev-rules + stlink-udev-rules + + inputs.nix-fpga-tools.packages.${config.nixpkgs.hostPlatform.system}.ise-udev-rules + inputs.nix-fpga-tools.packages.${config.nixpkgs.hostPlatform.system}.vivado-udev-rules + ]; +} diff --git a/hosts/nixos-config-options.nix b/hosts/nixos-config-options.nix new file mode 100644 index 0000000..b2d00ff --- /dev/null +++ b/hosts/nixos-config-options.nix @@ -0,0 +1,15 @@ +{ lib, ... }: + +{ + options.nixos-config = { + defaultUser = lib.mkOption { + type = lib.types.str; + default = "ruther"; + }; + + location = lib.mkOption { + type = lib.types.str; + default = "$HOME/.setup"; + }; + }; +} diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index f120a9e..7422603 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ pkgs, ... }: { services = { diff --git a/modules/desktop/dm/sddm-themes/sugar-dark.nix b/modules/desktop/dm/sddm-themes/sugar-dark.nix index 459ebe9..778d25a 100644 --- a/modules/desktop/dm/sddm-themes/sugar-dark.nix +++ b/modules/desktop/dm/sddm-themes/sugar-dark.nix @@ -1,10 +1,17 @@ -{ stdenv, fetchFromGitHub }: +{ stdenv, fetchFromGitHub, libsForQt5 }: { sddm-sugar-dark = stdenv.mkDerivation rec { pname = "sddm-sugar-dark-theme"; version = "1.2"; dontBuild = true; + + propagatedBuildInputs = [ + libsForQt5.qt5.qtquickcontrols2 + libsForQt5.qt5.qtgraphicaleffects + libsForQt5.qt5.qtsvg + ]; + installPhase = '' mkdir -p $out/share/sddm/themes/sugar-dark @@ -14,6 +21,7 @@ cp -aR $src/* theme.conf.user $out/share/sddm/themes/sugar-dark/ ''; + src = fetchFromGitHub { owner = "MarianArlt"; repo = "sddm-sugar-dark"; diff --git a/modules/desktop/dm/sddm.nix b/modules/desktop/dm/sddm.nix index d863cdc..d988e5a 100644 --- a/modules/desktop/dm/sddm.nix +++ b/modules/desktop/dm/sddm.nix @@ -3,13 +3,8 @@ let themes = pkgs.callPackage ./sddm-themes/sugar-dark.nix {}; in { - environment.systemPackages = with pkgs; [ + environment.systemPackages = [ themes.sddm-sugar-dark - - # Dependencies of sugar dark theme - libsForQt5.qt5.qtquickcontrols2 - libsForQt5.qt5.qtgraphicaleffects - libsForQt5.qt5.qtsvg ]; services = { diff --git a/modules/desktop/gnome/default.nix b/modules/desktop/gnome/default.nix index c9ed6d8..1b7fad7 100644 --- a/modules/desktop/gnome/default.nix +++ b/modules/desktop/gnome/default.nix @@ -2,35 +2,9 @@ # Gnome configuration # -{ config, lib, pkgs, ... }: +{ pkgs, ... }: -let - paperwm = pkgs.stdenv.mkDerivation (finalAttrs: rec { - pname = "gnome-shell-extension-paperwm"; - version = "44.15.1"; - - src = pkgs.fetchFromGitHub { - owner = "paperwm"; - repo = "PaperWM"; - rev = "v${version}"; - hash = "sha256-89tW/3TLx7gvjnQfpfH8fkaxx7duYXRiCi5bkBRm9UU="; - }; - - dontConfigure = true; - dontBuild = true; - - installPhase = '' - runHook preInstall - - mkdir -p "$out/share/gnome-shell/extensions/paperwm@paperwm.github.com" - cp -r . "$out/share/gnome-shell/extensions/paperwm@paperwm.github.com" - - runHook postInstall - ''; - - passthru.extensionUuid = "paperwm@paperwm.github.com"; - }); -in { +{ programs = { zsh.enable = true; dconf.enable = true; @@ -66,8 +40,6 @@ in { hash = "sha256-Ual7kAOeGPe3DF5XHf5eziscYeMLUnDktEGU41Yl4E4="; } + "/instantworkspaceswitcher@amalantony.net"; }) - - # paperwm ]; gnome.excludePackages = (with pkgs; [ # Gnome ignored packages gnome-tour diff --git a/modules/desktop/qtile/home.nix b/modules/desktop/qtile/home.nix index 918e88e..67a84c7 100644 --- a/modules/desktop/qtile/home.nix +++ b/modules/desktop/qtile/home.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, user, location, ... }: +{ config, pkgs, ... }: { systemd.user.targets.qtile-services = { @@ -27,12 +27,12 @@ from string import Template import os - setupLocationRef = Template("${location}") - configLocationRef = Template("${location}/modules/desktop/qtile/config") + setupLocationRef = Template("${config.nixos-config.location}") + configLocationRef = Template("${config.nixos-config.location}/modules/desktop/qtile/config") setupLocation = setupLocationRef.substitute(os.environ) configLocation = configLocationRef.substitute(os.environ) - sequenceDetectorExec = "sequence_detector -c /home/${user}/.config/qtile/sequence-detector.config.json " + sequenceDetectorExec = "sequence_detector -c /home/${config.nixos-config.defaultUser}/.config/qtile/sequence-detector.config.json " ''; } diff --git a/modules/desktop/virtualisation/default.nix b/modules/desktop/virtualisation/default.nix index 2d2d893..b37a8ac 100644 --- a/modules/desktop/virtualisation/default.nix +++ b/modules/desktop/virtualisation/default.nix @@ -1,17 +1,6 @@ -# -# Specific system configuration settings for desktop -# -# flake.nix -# ├─ ./hosts -# │ └─ ./desktop -# │ └─ default.nix -# └─ ./modules -# └─ ./desktop -# └─ ./virtualisation -# └─ default.nix * -# - -[ - ./podman.nix - ./qemu.nix -] +{ + imports = [ + ./qemu.nix + ./podman.nix + ]; +} diff --git a/modules/desktop/virtualisation/podman.nix b/modules/desktop/virtualisation/podman.nix index 7283eec..2f6da58 100644 --- a/modules/desktop/virtualisation/podman.nix +++ b/modules/desktop/virtualisation/podman.nix @@ -5,6 +5,8 @@ { config, pkgs, user, ... }: { + users.groups.podman.members = [ "root" config.nixos-config.defaultUser ]; + virtualisation.podman = { enable = true; dockerCompat = true; diff --git a/modules/desktop/virtualisation/qemu.nix b/modules/desktop/virtualisation/qemu.nix index f494359..6685520 100644 --- a/modules/desktop/virtualisation/qemu.nix +++ b/modules/desktop/virtualisation/qemu.nix @@ -1,17 +1,16 @@ # -# Qemu/KVM with virt-manager +# Qemu/KVM with virt-manager # -{ config, pkgs, user, ... }: +{ config, pkgs, ... }: { - users.groups.libvirtd.members = [ "root" "${user}" ]; - users.groups.kvm.members = [ "root" "${user}" ]; + users.groups.libvirtd.members = [ "root" config.nixos-config.defaultUser ]; + users.groups.kvm.members = [ "root" config.nixos-config.defaultUser ]; virtualisation = { libvirtd = { - enable = true; # Virtual drivers - #qemuPackage = pkgs.qemu_kvm; # Default + enable = true; qemu = { ovmf.enable = true; ovmf.packages = [ pkgs.OVMFFull.fd ]; @@ -24,7 +23,6 @@ spiceUSBRedirection.enable = true; # USB passthrough }; - environment = { etc = { "ovmf/edk2-x86_64-secure-code.fd" = { @@ -41,12 +39,12 @@ virt-viewer qemu OVMF - gvfs # Used for shared folders between Linux and Windows + gvfs # Used for shared folders between Linux and Windows swtpm ]; }; - services = { # Enable file sharing between OS + services = { # Enable file sharing between OS gvfs.enable = true; }; } diff --git a/modules/desktop/virtualisation/x11vnc.nix b/modules/desktop/virtualisation/x11vnc.nix deleted file mode 100644 index 8992428..0000000 --- a/modules/desktop/virtualisation/x11vnc.nix +++ /dev/null @@ -1,43 +0,0 @@ -# -# VNC Remote Connect Server -# - -{ config, lib, pkgs, user, ... }: - -{ - config = lib.mkIf (config.services.xserver.enable) {# Only evaluate code if using X11 - networking.firewall.allowedTCPPorts = [ 5900 ]; # Since x11vpn defaults to port 5900. Open this port in firewall - - environment = { # VNC used for remote access to the desktop - systemPackages = with pkgs; [ - x11vnc - ]; - }; - - systemd.services."x11vnc" = { # Made into a custom service - enable = true; - description = "VNC Server for X11"; - requires = [ "display-manager.service" ]; - after = [ "display-manager.service" ]; - serviceConfig = { # Password is stored in document passwd at $HOME. This needs auth and link to display. Otherwise x11vnc won't detect the display - ExecStart = "${pkgs.x11vnc}/bin/x11vnc -passwdfile /home/${user}/passwd -noxdamage -nap -many -repeat -clear_keys -capslock -xkb -forever -loop100 -auth /var/run/lightdm/root/:0 -display :0 -clip 1920x1080+1920+0"; - #ExecStart = "${pkgs.x11vnc}/bin/x11vnc -passwdfile /home/${user}/passwd -noxdamage -nap -many -repeat -clear_keys -capslock -xkb -forever -loop100 -auth /var/run/lightdm/root/:0 -display :0"; - ExecStop = "${pkgs.x11vnc}/bin/x11vnc -R stop"; - }; - wantedBy = [ "multi-user.target" ]; - }; - }; - # passwdfile: File on /home/{user}/passwd - # noxdamage: Quicker render (maybe not optimal) - # nap: If no acitivity, take longer naps - # many: keep listening for more connections - # repeat: X server key auto repeat - # clear_keys: clear modifier keys on startup and exit - # capslock: Dont ignore capslock - # xkb: Use xkeyboard - # forever: Keep listening for connection after disconnect - # loop100: Loop to restart service but wait 100ms - # auth: X authority file location so vnc also works from display manager (lightdm) - # display: Which display to show. Even with multiple monitors it's 0 - # clip: Only show specific monitor using xinerama or pixel coordinates you can find using $ xrandr -q. Can be removed to show all. -} diff --git a/modules/editors/emacs/doom.d/config.el b/modules/editors/emacs/doom.d/config.el index 348aa8b..3f29186 100644 --- a/modules/editors/emacs/doom.d/config.el +++ b/modules/editors/emacs/doom.d/config.el @@ -263,4 +263,4 @@ (remove-hook 'doom-first-buffer-hook #'smartparens-global-mode) -(add-hook 'write-file-hooks 'delete-trailing-whitespace) +(add-hook 'write-file-functions 'delete-trailing-whitespace) diff --git a/modules/editors/emacs/home.nix b/modules/editors/emacs/home.nix index 7340d51..d7c7fc7 100644 --- a/modules/editors/emacs/home.nix +++ b/modules/editors/emacs/home.nix @@ -11,10 +11,10 @@ # -{ config, user, unstable, pkgs, inputs, location, ... }: +{ lib, pkgs, config, ... }: let - doomRev = "844a82c"; + doomRev = "5f5a163c49207a7083ab1ecc9e78d268fd6600b8"; in { services.emacs = { enable = true; @@ -44,9 +44,14 @@ in { if [ ! -d "$EMACS" ]; then ${pkgs.git}/bin/git clone https://github.com/doomemacs/doomemacs $EMACS (cd $EMACS && ${pkgs.git}/bin/git checkout ${doomRev}) + else + curr_rev=$(cd $EMACS && ${lib.getExe pkgs.git} rev-parse HEAD) + if [[ "$curr_rev" != "${doomRev}" ]]; then + (cd $EMACS && ${lib.getExe pkgs.git} fetch --all && ${lib.getExe pkgs.git} checkout ${doomRev}) + fi fi if [ ! -d "$HOME/.doom.d" ]; then - ln -s ${location}/modules/editors/emacs/doom.d $HOME/.doom.d + ln -s ${config.nixos-config.location}/modules/editors/emacs/doom.d $HOME/.doom.d fi ''; }; diff --git a/modules/editors/home.nix b/modules/editors/home.nix index 546474f..37cde6f 100644 --- a/modules/editors/home.nix +++ b/modules/editors/home.nix @@ -9,11 +9,11 @@ # └─ default.nix * # └─ ... # - -[ - ./emacs/home.nix - ./nvim/home.nix - # ./vscode/home.nix -] +{ + imports = [ + ./emacs/home.nix + ./nvim/home.nix + ]; +} # Comment out emacs if you are not using native doom emacs. (import from host configuration.nix) diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index a2067e7..bfc65b0 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -10,6 +10,8 @@ # └─ default.nix * # └─ ... # -[ - ./bluetooth.nix -] +{ + imports = [ + ./bluetooth.nix + ]; +} diff --git a/modules/hardware/rocm/default.nix b/modules/hardware/rocm/default.nix index 179a4c5..ee12bfb 100644 --- a/modules/hardware/rocm/default.nix +++ b/modules/hardware/rocm/default.nix @@ -1,4 +1,4 @@ -{ config, nixpkgs, lib, pkgs, ... }: +{ pkgs }: { systemd.tmpfiles.rules = [ diff --git a/modules/hardware/work/default.nix b/modules/hardware/work/default.nix deleted file mode 100644 index 2481e13..0000000 --- a/modules/hardware/work/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -# -# Hardware -# -# flake.nix -# ├─ ./hosts -# │ └─ ./work -# │ └─ default.nix -# └─ ./modules -# └─ ./hardware -# └─ ./work -# └─ default.nix * -# └─ ... -# - -[ - #./nvidia.nix - ./wpa.nix -] diff --git a/modules/hardware/work/eduroam.patch b/modules/hardware/work/eduroam.patch deleted file mode 100644 index 882b5e0..0000000 --- a/modules/hardware/work/eduroam.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- wpa_supplicant-2.10/src/crypto/tls_openssl.c -+++ src/crypto/tls_openssl.c.legacy -@@ -1048,7 +1048,7 @@ - - SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv2); - SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv3); -- -+ SSL_CTX_set_options(ssl, SSL_OP_LEGACY_SERVER_CONNECT); - SSL_CTX_set_mode(ssl, SSL_MODE_AUTO_RETRY); - - #ifdef SSL_MODE_NO_AUTO_CHAIN diff --git a/modules/hardware/work/nvidia.nix b/modules/hardware/work/nvidia.nix deleted file mode 100644 index 10fa4e0..0000000 --- a/modules/hardware/work/nvidia.nix +++ /dev/null @@ -1,38 +0,0 @@ -# -# NVIDIA drivers so that the laptop video card can get offloaded to specific applications. -# Either start the desktop or packages using nvidia-offload. -# For example $ nvidia-offload kdenlive -# Currently only used with work laptop using NVIDIA MX330 -# - -{ config, pkgs, ... }: - -let - nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' - export __NV_PRIME_RENDER_OFFLOAD=1 - export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export __VK_LAYER_NV_optimus=NVIDIA_only - exec "$@" - ''; -in -{ - environment.systemPackages = [ nvidia-offload ]; - - services.xserver.videoDrivers = [ "nvidia" ]; - hardware = { - opengl.enable = true; - nvidia = { - package = config.boot.kernelPackages.nvidiaPackages.stable; - prime = { - offload.enable = true; - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:45:0:0"; - }; - modesetting.enable = true; - powerManagement.enable = true; - }; - }; - - #boot.kernelParams = [ "modules_blacklist=i915" ]; -} diff --git a/modules/hardware/work/wpa.nix b/modules/hardware/work/wpa.nix deleted file mode 100644 index 18306fe..0000000 --- a/modules/hardware/work/wpa.nix +++ /dev/null @@ -1,15 +0,0 @@ -# -# The latest OpenSSL package uses SSL3, meaning it will no longer support certain legacy protocols. -# I guess my work's network isn't set up as securaly as they want us to think. -# This patch makes it back available to connect to legacy servers. -# - -{ config, lib, pkgs, ... }: - -{ - nixpkgs.config.packageOverrides = pkgs: rec { - wpa_supplicant = pkgs.wpa_supplicant.overrideAttrs (attrs: { - patches = attrs.patches ++ [ ./eduroam.patch ]; - }); - }; -} diff --git a/modules/programs/firefox.nix b/modules/programs/firefox.nix index 8d3bd27..306f350 100644 --- a/modules/programs/firefox.nix +++ b/modules/programs/firefox.nix @@ -1,18 +1,13 @@ -{ inputs, config, lib, nixpkgs, pkgs, ... }: +{ inputs, config, pkgs, ... }: let - nur = config.nur.repos; - buildFirefoxXpiAddon = pkgs.nur.repos.rycee.firefox-addons.buildFirefoxXpiAddon; - my-nur = import (builtins.fetchTarball { - url = "https://github.com/Rutherther/nur-pkgs/archive/179f884ebb068f1803bd54647aee1f672b90db49.tar.gz"; - sha256 = "06kx9pn0682gn1r4kfhjbsg3b80gp4wpp8mp0p8v47zhbcvwqka6"; - }) { inherit pkgs; }; + nur = import inputs.nur { + # TODO replace this x86 64 linux with actual host system + # will have to be passed from nixos config probably + nurpkgs = import inputs.nixpkgs { system = "x86_64-linux"; }; + inherit pkgs; + }; in { - nixpkgs.overlays = [ - # my-nur.overlays.firefoxpwa - # my-nur.overlays.firefox-native-messaging - ]; - home.packages = [ # pkgs.firefoxpwa ]; @@ -34,7 +29,7 @@ in { #navigator-toolbox { font-family:Ubuntu !important } ''; - extensions = with nur.rycee.firefox-addons; [ + extensions = with nur.repos.rycee.firefox-addons; [ # Basic proton-pass # Password manager darkreader # Dark pages diff --git a/modules/programs/games.nix b/modules/programs/games.nix index 7160fc2..40a6b63 100644 --- a/modules/programs/games.nix +++ b/modules/programs/games.nix @@ -5,7 +5,7 @@ # Do not forget to enable Steam play for all title in the settings menu # -{ config, pkgs, nur, lib, ... }: +{ pkgs, lib, ... }: { environment.systemPackages = [ diff --git a/modules/programs/home.nix b/modules/programs/home.nix index 578c229..6f11a89 100644 --- a/modules/programs/home.nix +++ b/modules/programs/home.nix @@ -10,11 +10,13 @@ # └─ ... # -[ - ./alacritty.nix - ./iamb.nix - ./rofi.nix - ./clipmenu.nix - ./firefox.nix - ./email.nix -] +{ + imports = [ + ./alacritty.nix + ./iamb.nix + ./rofi.nix + ./clipmenu.nix + ./firefox.nix + ./email.nix + ]; +} diff --git a/modules/programs/iamb.nix b/modules/programs/iamb.nix new file mode 100644 index 0000000..48f47f9 --- /dev/null +++ b/modules/programs/iamb.nix @@ -0,0 +1,26 @@ +{ config, pkgs, lib, ... }: + +let + cfg = config.programs.iamb; + settingsFormat = pkgs.formats.toml {}; +in { + options = { + programs.iamb = { + enable = lib.mkEnableOption "Enable iamb program"; + package = lib.mkPackageOption pkgs "iamb" { nullable = true;}; + + settings = lib.mkOption { + inherit (settingsFormat) type; + }; + }; + }; + + config = lib.mkIf cfg.enable { + home.packages = [ + cfg.package + ]; + + xdg.configFile."iamb/config.toml".source = + settingsFormat.generate "config.toml" config.programs.iamb.settings; + }; +} diff --git a/modules/services/default.nix b/modules/services/default.nix index f43c21c..2935245 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -10,8 +10,10 @@ # └─ ... # -[ - ./syncthing.nix - ./wireguard.nix - ./ssh.nix -] +{ + imports = [ + ./syncthing.nix + ./wireguard.nix + ./ssh.nix + ]; +} diff --git a/modules/services/flameshot.nix b/modules/services/flameshot.nix index 846e4cd..935871a 100644 --- a/modules/services/flameshot.nix +++ b/modules/services/flameshot.nix @@ -2,10 +2,10 @@ # Screenshots # -{ config, lib, pkgs, user, ... }: +{ config, lib, ... }: let - screensDir = "/home/${user}/screens"; + screensDir = "${config.home.homeDirectory}/screens"; in { systemd.user.services.flameshot = lib.mkIf config.services.flameshot.enable { diff --git a/modules/services/home.nix b/modules/services/home.nix index 7c442f5..868c99c 100644 --- a/modules/services/home.nix +++ b/modules/services/home.nix @@ -10,12 +10,14 @@ # └─ ... # -[ - ./dunst.nix - ./flameshot.nix - ./picom.nix - ./udiskie.nix - ./redshift.nix - ./mpris-ctl.nix - ./autorandr.nix -] +{ + imports = [ + ./dunst.nix + ./flameshot.nix + ./picom.nix + ./udiskie.nix + ./redshift.nix + ./mpris-ctl.nix + ./autorandr.nix + ]; +} diff --git a/modules/services/ssh.nix b/modules/services/ssh.nix index 83733a3..3601898 100644 --- a/modules/services/ssh.nix +++ b/modules/services/ssh.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, user, ... }: +{ config, ... }: { services.openssh = { @@ -12,7 +12,7 @@ }; }; - users.users.${user}.openssh.authorizedKeys.keys = [ + users.users.${config.nixos-config.defaultUser}.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCLdKvP+WQmsoJebj4x0o8k/RniDpYDv3H+b+PWByChKPq4ThEnpL6P4sr0dpZ4NbWmDT9YPGuDEyZRxhrIerUKw+z8Jm32b8FeeYcEdoBlZTBz4WuN7G9FkDIYdqBYdnUaWh8/KeuZbUp/jB/d1Uv8rBdPSML1JlUPg8U/Z5Oky68LYUO60DfLoQZ+qD5AeTw4zPRACA5OOJj20eIDhiXKyp60eTXAiwrfC2RZJWURc4i92Oforua3OZEZfL1Z+xOjAhbKymPZIzKuzIIIVP/abnWv3b/shCCrR70wuZZ6QleY+DTcNsburmDfUP+3f+C1fF3mg6loZaGokGMwKtNI/0UVWHQW5BPkWfvkQmsW4jl02P174IlAGwvEkhTfBzmuaPKuf+0D+rJH+1FengEFmAPhaN6WIMFYGTScbOn46BS8v3oWhW5A+CQ1pMA9myu1fDr7WKrNCDdW9X398ByKA88OpEOU+vQcwgg6EPb/SuAlFDYBSgz0TX6IGl4demc= ruther@ntb-nixos" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQD0mhvKW3dgLTGLGMgGdMgUFz14F16pRzSAH7IU/OssnYXmi+TlkXLakHtmNWLdb6IEEjS2od0iDW4I71awJjL/VqRSBBt/1t6ndM6M79pD6feU9uYaPMB20ORyZh5D+1zjWX4cFVlcfCQ2bUyV0D+VRoDrN/YWFhPU0XNMZjatqN8JNKljM0hwWt9OPuQdlwG5KnrbDPUn8gf6kZtfVWRamDrLLMKsGBeGw4oZVJLAPYJlaYps15VuySTw114n6/L16qpH/rUgDc5QFyrmtIE+l5wd5QteH489eG+8gAZfsbYj+pihek09rHch318ecsLYz/DxotB71BXsQH7nb0NPHk1VI8L6//meoCXNJc4Itbg7Jh2Oo/bDfYX9IyPEw2TRa3P+rbEO9N4vMxCgX+TuHNX/mTk0OFpJVu8AAwMlF2lalI8fpBKospP5PFoyIgrW7ab5dkQRGDTk+Bw1ed4KXMKl6RJejvDPuOAmpeOlosinz6OPj/rbR9hR48makxk= ruther@desktop-nixos" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIbHBbRaxwfOIyYYL6caWx8Afre8R+GRIgbX/zSGNmMq ruther@nord2-phone" diff --git a/modules/services/syncthing.nix b/modules/services/syncthing.nix index a0f74b9..09a5e58 100644 --- a/modules/services/syncthing.nix +++ b/modules/services/syncthing.nix @@ -1,6 +1,9 @@ -{ inputs, config, lib, pkgs, user, ... }: +{ config, ... }: -{ +let + user = config.nixos-config.defaultUser; + homePath = config.home-manager.users.${user}.home.homeDirectory; +in { networking.firewall = { allowedTCPPorts = [ 22000 ]; allowedUDPPorts = [ 22000 21027 ]; @@ -16,28 +19,27 @@ settings = { devices = { - "phone" = { id = inputs.semi-secrets.syncthing.devices.phone; }; - "desktop" = { id = inputs.semi-secrets.syncthing.devices.desktop; }; - "laptop-old" = { id = inputs.semi-secrets.syncthing.devices.laptop; }; - "laptop" = { id = inputs.semi-secrets.syncthing.devices.laptopPhobos; }; + phone = { id = "SRCBWOD-UBR76WT-ZB4OLV2-34U6TRL-YLVMSGQ-I5JYZP6-VD7XR6S-5732ZAZ"; }; + desktop = { id = "BVFWKZE-DWZTSJR-OHCLGY3-X2PU7F3-XMPMGEH-QONACL5-MMRJE5O-CHRY4Q5"; }; + laptop = { id = "3AGVM6S-RFTHVHR-OGK5RHI-YDEO6GN-RU4ZH77-VLBZAC7-JVHD6S6-VISXGQT"; }; }; folders = { "uni" = { - path = "/home/${user}/doc/uni"; - devices = [ "phone" "desktop" "laptop" "laptop-old" ]; + path = "${homePath}/doc/uni"; + devices = [ "phone" "desktop" "laptop" ]; }; "notes" = { - path = "/home/${user}/doc/notes/obsidian/Notes"; - devices = [ "phone" "desktop" "laptop" "laptop-old" ]; + path = "${homePath}/doc/notes/obsidian/Notes"; + devices = [ "phone" "desktop" "laptop" ]; }; "camera" = { - path = "/home/${user}/doc/camera"; - devices = [ "phone" "desktop" "laptop" "laptop-old" ]; + path = "${homePath}/doc/camera"; + devices = [ "phone" "desktop" "laptop" ]; }; "study" = { - path = "/home/${user}/doc/study"; - devices = [ "phone" "desktop" "laptop" "laptop-old" ]; + path = "${homePath}/doc/study"; + devices = [ "phone" "desktop" "laptop" ]; }; }; options = { @@ -45,7 +47,6 @@ relaysEnabled = false; globalAnnounceEnabled = false; localAnnounceEnabled = true; - #alwaysLocalNets = true; }; }; }; diff --git a/modules/services/wg-options.nix b/modules/services/wg-options.nix new file mode 100644 index 0000000..6a0a811 --- /dev/null +++ b/modules/services/wg-options.nix @@ -0,0 +1,9 @@ +{ lib, ... }: + +{ + options.wg = { + ip = lib.mkOption { + type = lib.types.str; + }; + }; +} diff --git a/modules/services/wireguard.nix b/modules/services/wireguard.nix index 1d12c20..f3ca0f0 100644 --- a/modules/services/wireguard.nix +++ b/modules/services/wireguard.nix @@ -1,13 +1,16 @@ -{ inputs, config, lib, pkgs, user, location, ... }: +{ config, ... }: { + imports = [ + ./wg-options.nix + ]; + networking.firewall = { allowedUDPPorts = [ 51820 ]; }; networking = { nameservers = [ - #inputs.semi-secrets.wg.lan.serverIp "1.1.1.1" "1.0.0.1" ]; @@ -23,6 +26,7 @@ networking.wireguard.interfaces = { wg0 = { + ips = [ "${config.wg.ip}/32" ]; listenPort = 51820; generatePrivateKeyFile = true; @@ -31,11 +35,11 @@ peers = [ { publicKey = "ZOVjmgUak67kLhNVgZwyb0bro3Yi4vCJbGArv+35IWQ="; - endpoint = inputs.semi-secrets.wg.serverEndpoint; + endpoint = "78.46.201.50:51820"; # The ip is not refreshed, as the kernel cannot perform DNS resolution. Use dynamicEndpointRefreshSeconds, # in case the ip is refreshed often. If not, sync after refresh should be alright. - allowedIPs = [ inputs.semi-secrets.wg.allowedIp ]; + allowedIPs = [ "192.168.32.0/24" ]; persistentKeepalive = 25; } ]; diff --git a/modules/shell/home.nix b/modules/shell/home.nix index fbcfd0a..2c245fc 100644 --- a/modules/shell/home.nix +++ b/modules/shell/home.nix @@ -10,8 +10,10 @@ # └─ ... # -[ - ./git.nix - ./zsh.nix - ./direnv.nix -] +{ + imports = [ + ./git.nix + ./zsh.nix + ./direnv.nix + ]; +} diff --git a/nix/default.nix b/nix/default.nix deleted file mode 100644 index e88640c..0000000 --- a/nix/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -# -# These are the diffent profiles that can be used when building Nix. -# -# flake.nix -# └─ ./nix -# └─ default.nix * -# - -{ lib, inputs, nixpkgs, home-manager, nixgl, user, location, ... }: - -let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; -in -{ - pacman = home-manager.lib.homeManagerConfiguration { # Currently only host that can be built - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = true; - }; - extraSpecialArgs = { inherit inputs nixgl user location; }; - modules = [ - ./pacman.nix - { - home = { - username = "${user}"; - homeDirectory = "/home/${user}"; - packages = [ pkgs.home-manager ]; - stateVersion = "23.05"; - }; - } - ]; - }; -} diff --git a/nix/pacman.nix b/nix/pacman.nix deleted file mode 100644 index ac88781..0000000 --- a/nix/pacman.nix +++ /dev/null @@ -1,54 +0,0 @@ -# -# Nix setup using Home-manager -# -# flake.nix -# └─ ./nix -# ├─ default.nix -# └─ pacman.nix * -# - -{ config, pkgs, inputs, nixgl, user, location, ... }: - -{ - imports = - (import ../modules/editors/home.nix) ++ - # (import ../modules/programs/home.nix) ++ # Some problems with alacritty, see nixGL, but still, the .desktop files are not great - (import ../modules/shell/home.nix); - - fonts.fontconfig.enable = true; - home = { - packages = with pkgs; [ - # Fonts - carlito # NixOS - vegur # NixOS - source-code-pro - jetbrains-mono - font-awesome # Icons - corefonts # MS - (nerdfonts.override { # Nerdfont Icons override - fonts = [ - "FiraCode" - ]; - }) - ]; - }; - - xdg = { - enable = true; - systemDirs.data = [ "/home/${user}/.nix-profile/share" ]; # Will add nix packages to XDG_DATA_DIRS and thus accessible from the menus. - }; - - nix = { # Nix Package Manager settings - settings ={ - auto-optimise-store = true; # Optimise syslinks - }; - package = pkgs.nixFlakes; # Enable nixFlakes on system - registry.nixpkgs.flake = inputs.nixpkgs; - extraOptions = '' - experimental-features = nix-command flakes - keep-outputs = true - keep-derivations = true - ''; - }; - nixpkgs.config.allowUnfree = true; # Allow proprietary software. -} -- 2.48.1