M hosts/default.nix => hosts/default.nix +31 -0
@@ 65,6 65,37 @@ in
];
};
+ laptop-phobos = lib.nixosSystem { # Laptop profile
+ # Thinkpad T14s
+ inherit system;
+ specialArgs = {
+ inherit inputs stable user location;
+ };
+ modules = [
+ inputs.nixos-hardware.nixosModules.lenovo-thinkpad-t14s-amd-gen1
+ nur.nixosModules.nur
+ { nixpkgs.overlays = [ nur.overlay ]; }
+ ./laptop-phobos
+ ./configuration.nix
+
+ home-manager.nixosModules.home-manager {
+ home-manager.useUserPackages = true;
+ home-manager.extraSpecialArgs = {
+ inherit inputs stable user location;
+ };
+ home-manager.users.${user} = {
+ imports = [
+ nur.hmModules.nur
+ nix-index-database.hmModules.nix-index
+ { nixpkgs.overlays = [ nur.overlay ]; }
+ (import ./home.nix)
+ (import ./laptop-phobos/home.nix)
+ ];
+ };
+ }
+ ];
+ };
+
desktop-clotho = lib.nixosSystem { # Desktop profile
inherit system;
specialArgs = {
A hosts/laptop-phobos/default.nix => hosts/laptop-phobos/default.nix +101 -0
@@ 0,0 1,101 @@
+#
+# Specific system configuration settings for desktop
+#
+# flake.nix
+# ├─ ./hosts
+# │ └─ ./laptop
+# │ ├─ default.nix *
+# │ └─ hardware-configuration.nix
+# └─ ./modules
+# ├─ ./desktop
+# │ ├─ ./bspwm
+# │ │ └─ default.nix
+# │ └─ ./virtualisation
+# │ └─ docker.nix
+# └─ ./hardware
+# └─ default.nix
+#
+
+{ inputs, config, pkgs, lib, user, ... }:
+
+{
+ imports = # For now, if applying to other system, swap files
+ [(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix
+ [(import ../../modules/desktop/dm/sddm.nix)] ++ # Desktop manager
+ [(import ../../modules/desktop/qtile/default.nix)] ++ # Window Manager
+ [(import ../../modules/desktop/gnome/default.nix)] ++ # Window Manager
+ (import ../../modules/hardware) ++
+ (import ../../modules/desktop/virtualisation);
+
+ networking.hostName = "laptop-phobos";
+
+ boot = { # Boot options
+ kernelPackages = pkgs.linuxPackages_latest;
+
+ loader = { # EFI Boot
+ efi = {
+ canTouchEfiVariables = true;
+ };
+ systemd-boot = {
+ enable = true;
+ editor = false; # Better security, disallows passing /bin/sh to start as root
+ configurationLimit = 5;
+ };
+ timeout = 1; # Grub auto select time
+ };
+
+ initrd.luks.devices = {
+ "crypted-linux-root" = {
+ device = "/dev/disk/by-label/crypted-linux-root";
+ preLVM = true;
+ # allowDiscards = true;
+ };
+ };
+ };
+
+ hardware = { # No xbacklight, this is the alterantive
+ brillo.enable = true;
+ };
+
+ programs = {
+ xss-lock = let
+ xsecurelock = (pkgs.xsecurelock.overrideAttrs(attrs: {
+ postInstall = attrs.postInstall or "" + ''
+ wrapProgram $out/bin/xsecurelock --set XSECURELOCK_COMPOSITE_OBSCURER 0
+ '';
+ }));
+ in {
+ enable = true;
+ lockerCommand = "${xsecurelock}/bin/xsecurelock";
+ };
+ };
+
+ services = {
+ # tlp.enable = true; # TLP and auto-cpufreq for power management
+ logind.lidSwitch = "lock"; # lock on lid close
+ auto-cpufreq.enable = true;
+ blueman.enable = true;
+
+ xserver.libinput = {
+ enable = true;
+ touchpad = {
+ naturalScrolling = true;
+ tapping = true;
+ };
+ };
+
+ printing = {
+ enable = true;
+ drivers = [
+ pkgs.splix
+ pkgs.samsung-unified-linux-driver
+ ];
+ };
+ };
+
+ networking.wireguard.interfaces = {
+ wg0 = {
+ ips = [ "${inputs.semi-secrets.wg.lan.laptopPhobosIp}/32" ];
+ };
+ };
+}
A hosts/laptop-phobos/hardware-configuration.nix => hosts/laptop-phobos/hardware-configuration.nix +38 -0
@@ 0,0 1,38 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ];
+ boot.initrd.kernelModules = [ "dm-snapshot" ];
+ boot.kernelModules = [ "kvm-amd" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-label/nixos-root";
+ fsType = "ext4";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-label/BOOT";
+ fsType = "vfat";
+ };
+
+ swapDevices = [ ];
+
+ # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+ # (the default) this is the recommended approach. When using systemd-networkd it's
+ # still possible to use this option, but it's recommended to use it in conjunction
+ # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+ networking.useDHCP = lib.mkDefault true;
+ # networking.interfaces.eth0.useDHCP = lib.mkDefault true;
+ # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+ hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
A hosts/laptop-phobos/home.nix => hosts/laptop-phobos/home.nix +40 -0
@@ 0,0 1,40 @@
+#
+# Home-manager configuration for laptop
+#
+# flake.nix
+# ├─ ./hosts
+# │ └─ ./laptop
+# │ └─ home.nix *
+# └─ ./modules
+# └─ ./desktop
+# └─ ./bspwm
+# └─ home.nix
+#
+
+{ pkgs, lib, config, ... }:
+
+{
+ imports =
+ [
+ ../../modules/desktop/qtile/home.nix # Window Manager
+ ../../modules/desktop/gnome/home.nix
+ ];
+
+ home = { # Specific packages for laptop
+ packages = [
+ pkgs.distrobox
+
+ # Power Management
+ pkgs.acpi
+ ];
+ };
+
+ services = { # Applets
+ network-manager-applet.enable = true; # Network
+ cbatticon = {
+ enable = true;
+ criticalLevelPercent = 10;
+ lowLevelPercent = 20;
+ };
+ };
+}
M modules/services/syncthing.nix => modules/services/syncthing.nix +7 -6
@@ 16,26 16,27 @@
devices = {
"phone" = { id = inputs.semi-secrets.syncthing.devices.phone; };
- "nixos-desktop" = { id = inputs.semi-secrets.syncthing.devices.desktop; };
- "nixos-laptop" = { id = inputs.semi-secrets.syncthing.devices.laptop; };
+ "desktop" = { id = inputs.semi-secrets.syncthing.devices.desktop; };
+ "laptop-old" = { id = inputs.semi-secrets.syncthing.devices.laptop; };
+ "laptop" = { id = inputs.semi-secrets.syncthing.devices.laptopPhobos; };
};
folders = {
"uni" = {
path = "/home/${user}/doc/uni";
- devices = [ "phone" "nixos-desktop" "nixos-laptop" ];
+ devices = [ "phone" "desktop" "laptop" "laptop-old" ];
};
"notes" = {
path = "/home/${user}/doc/notes/obsidian/Notes";
- devices = [ "phone" "nixos-desktop" "nixos-laptop" ];
+ devices = [ "phone" "desktop" "laptop" "laptop-old" ];
};
"camera" = {
path = "/home/${user}/doc/camera";
- devices = [ "phone" "nixos-desktop" "nixos-laptop" ];
+ devices = [ "phone" "desktop" "laptop" "laptop-old" ];
};
"study" = {
path = "/home/${user}/doc/study";
- devices = [ "phone" "nixos-desktop" "nixos-laptop" ];
+ devices = [ "phone" "desktop" "laptop" "laptop-old" ];
};
};
options = {
M modules/services/wireguard.nix => modules/services/wireguard.nix +1 -1
@@ 7,7 7,7 @@
networking = {
nameservers = [
- inputs.semi-secrets.wg.lan.serverIp
+ #inputs.semi-secrets.wg.lan.serverIp
"1.1.1.1"
"1.0.0.1"
];