diff --git a/flake.nix b/flake.nix index 096bd6a..81171bf 100644 --- a/flake.nix +++ b/flake.nix @@ -1,205 +1,219 @@ { - description = "Configuration for Everest"; + description = "Configuration for Everest"; - inputs = { - secrets = { - url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets"; - flake = false; - }; - nixpkgs-raw.url = "nixpkgs/nixos-23.11"; - nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable"; + inputs = { + secrets = { + url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets"; + flake = false; + }; + nixpkgs-raw.url = "nixpkgs/nixos-23.11"; + nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable"; - agenix = { - url = "github:ryantm/agenix"; - inputs = { - nixpkgs.follows = "nixpkgs-raw"; - darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies - }; - }; + agenix = { + url = "github:ryantm/agenix"; + inputs = { + nixpkgs.follows = "nixpkgs-raw"; + darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies + }; + }; - home-manager = { - url = "github:nix-community/home-manager/release-23.11"; - inputs.nixpkgs.follows = "nixpkgs-raw"; - }; + home-manager = { + url = "github:nix-community/home-manager/release-23.11"; + inputs.nixpkgs.follows = "nixpkgs-raw"; + }; - home-manager-unstable = { - url = "github:nix-community/home-manager/"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; + home-manager-unstable = { + url = "github:nix-community/home-manager/"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; - nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; - jovian = { - url = "github:Jovian-Experiments/Jovian-NixOS"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; - - nix-impermanence.url = "github:nix-community/impermanence"; + jovian = { + url = "github:Jovian-Experiments/Jovian-NixOS"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; - /* - These are the same input, just following different nixpkgs versions - This avoids some wierdness when using one that follows unstable on a stable nixpkgs - */ - nix-index-db = { - url = "github:Mic92/nix-index-database"; - inputs.nixpkgs.follows = "nixpkgs-raw"; - }; + nix-impermanence.url = "github:nix-community/impermanence"; - nix-index-db-unstable = { - url = "github:Mic92/nix-index-database"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; + /* + These are the same input, just following different nixpkgs versions + This avoids some wierdness when using one that follows unstable on a stable nixpkgs + */ + nix-index-db = { + url = "github:Mic92/nix-index-database"; + inputs.nixpkgs.follows = "nixpkgs-raw"; + }; - plasma-manager = { - url = "github:pjones/plasma-manager"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - inputs.home-manager.follows = "home-manager-unstable"; - }; + nix-index-db-unstable = { + url = "github:Mic92/nix-index-database"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; - catppuccin-vsc = { - url = "github:catppuccin/vscode"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; + plasma-manager = { + url = "github:pjones/plasma-manager"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + inputs.home-manager.follows = "home-manager-unstable"; + }; - vscode-extensions = { - url = "github:nix-community/nix-vscode-extensions"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + catppuccin-vsc = { + url = "github:catppuccin/vscode"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; - }; - nix-flatpak.url = "github:gmodena/nix-flatpak/main"; + vscode-extensions = { + url = "github:nix-community/nix-vscode-extensions"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; + nix-flatpak.url = "github:gmodena/nix-flatpak/main"; - nur.url = "github:nix-community/NUR"; - }; + nur.url = "github:nix-community/NUR"; + }; - outputs = { ... } @inputs: with inputs; - # Patch nixpkgs - # https://ertt.ca/nix/patch-nixpkgs/ - let - nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { - name = "patched-nixpkgs-unstable"; - src = nixpkgs-unstable-raw; - patches = [ - ]; - }; - nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { - name = "patched-nixpkgs"; - src = nixpkgs-raw; - patches = [ - ./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch - ./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch - ]; - }; - # https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26 - nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs { self = inputs.self; }; - nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs { self = inputs.self; }; - in - { - devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell { - name = "toast-devshell"; - # The agenix cli is not needed to activate a configuration, so instead of installing it - # I'll just add it to de devShell, since that's the only real time I'm going to use it. - packages = with nixpkgs.legacyPackages.x86_64-linux; [ - agenix.packages.x86_64-linux.default - git - nix-diff - just - alejandra - ]; - shellHook ='' - export PS1="$PS1(toast-configs)> " - ''; - }; - packages = { - x86_64-linux = with import nixpkgs-unstable-raw { system = "x86_64-linux"; }; { - anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {}; - discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {}; - }; - }; - nixosConfigurations = { - Archie = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; - /* - I used to set up nixpkgs in the flake, but doing that made - defining overlays in modules impossible (or at least I could - not figure out how) - Also has nice side effect of making it easier to add new systems :3 - */ - modules = [ - agenix.nixosModules.default - home-manager-unstable.nixosModule - nix-index-db-unstable.nixosModules.nix-index - ./roles/common - ./roles/desktop - ./roles/kde - ./roles/gaming - ./roles/school - ./machines/Archie - ]; - }; + outputs = {...} @ inputs: + with inputs; + # Patch nixpkgs + # https://ertt.ca/nix/patch-nixpkgs/ + let + nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { + name = "patched-nixpkgs-unstable"; + src = nixpkgs-unstable-raw; + patches = [ + ]; + }; + nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { + name = "patched-nixpkgs"; + src = nixpkgs-raw; + patches = [ + ./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch + ./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch + ]; + }; + # https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26 + nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs {self = inputs.self;}; + nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs {self = inputs.self;}; + in { + devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell { + name = "toast-devshell"; + # The agenix cli is not needed to activate a configuration, so instead of installing it + # I'll just add it to de devShell, since that's the only real time I'm going to use it. + packages = with nixpkgs.legacyPackages.x86_64-linux; [ + agenix.packages.x86_64-linux.default + git + nix-diff + just + alejandra + ]; + shellHook = '' + export PS1="$PS1(toast-configs)> " + ''; + }; + packages = { + x86_64-linux = with import nixpkgs-unstable-raw {system = "x86_64-linux";}; { + anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {}; + discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {}; + }; + }; + nixosConfigurations = { + Archie = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + systemPkgs = inputs.nixpkgs-unstable-raw; + flakeSelf = self; + }; + /* + I used to set up nixpkgs in the flake, but doing that made + defining overlays in modules impossible (or at least I could + not figure out how) + Also has nice side effect of making it easier to add new systems :3 + */ + modules = [ + agenix.nixosModules.default + home-manager-unstable.nixosModule + nix-index-db-unstable.nixosModules.nix-index + ./roles/common + ./roles/desktop + ./roles/kde + ./roles/gaming + ./roles/school + ./machines/Archie + ]; + }; - SurfaceGo = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; - modules = [ - agenix.nixosModules.default - home-manager-unstable.nixosModule - nixos-hardware.nixosModules.microsoft-surface-go - nix-index-db-unstable.nixosModules.nix-index - ./roles/common - ./roles/desktop - ./roles/kde - ./machines/SurfaceGo - ]; - }; + SurfaceGo = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + systemPkgs = inputs.nixpkgs-unstable-raw; + flakeSelf = self; + }; + modules = [ + agenix.nixosModules.default + home-manager-unstable.nixosModule + nixos-hardware.nixosModules.microsoft-surface-go + nix-index-db-unstable.nixosModules.nix-index + ./roles/common + ./roles/desktop + ./roles/kde + ./machines/SurfaceGo + ]; + }; - SteamDeck = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; - modules = [ - agenix.nixosModules.default - jovian.nixosModules.default - home-manager-unstable.nixosModule - nix-index-db-unstable.nixosModules.nix-index - ./roles/common - ./roles/desktop - ./roles/kde - ./roles/gaming - ./roles/school - ./machines/SteamDeck - ]; - }; + SteamDeck = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + systemPkgs = inputs.nixpkgs-unstable-raw; + flakeSelf = self; + }; + modules = [ + agenix.nixosModules.default + jovian.nixosModules.default + home-manager-unstable.nixosModule + nix-index-db-unstable.nixosModules.nix-index + ./roles/common + ./roles/desktop + ./roles/kde + ./roles/gaming + ./roles/school + ./machines/SteamDeck + ]; + }; - WinMax2 = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; - modules = [ - agenix.nixosModules.default - jovian.nixosModules.default - home-manager-unstable.nixosModule - nix-index-db-unstable.nixosModules.nix-index - nixos-hardware.nixosModules.gpd-win-max-2-2023 - ./roles/common - ./roles/desktop - ./roles/kde - ./roles/gaming - ./roles/school - ./machines/WinMax2 - ]; - }; + WinMax2 = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + systemPkgs = inputs.nixpkgs-unstable-raw; + flakeSelf = self; + }; + modules = [ + agenix.nixosModules.default + jovian.nixosModules.default + home-manager-unstable.nixosModule + nix-index-db-unstable.nixosModules.nix-index + nixos-hardware.nixosModules.gpd-win-max-2-2023 + ./roles/common + ./roles/desktop + ./roles/kde + ./roles/gaming + ./roles/school + ./machines/WinMax2 + ]; + }; - Everest = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { systemPkgs = inputs.nixpkgs-raw; flakeSelf = self; }; - modules = [ - agenix.nixosModules.default - home-manager.nixosModule - nix-index-db.nixosModules.nix-index - ./roles/common - ./roles/server - ./machines/Everest - ]; - }; - }; - }; + Everest = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + systemPkgs = inputs.nixpkgs-raw; + flakeSelf = self; + }; + modules = [ + agenix.nixosModules.default + home-manager.nixosModule + nix-index-db.nixosModules.nix-index + ./roles/common + ./roles/server + ./machines/Everest + ]; + }; + }; + }; } diff --git a/machines/Archie/configuration.nix b/machines/Archie/configuration.nix index 9c1ae34..e35d1fe 100644 --- a/machines/Archie/configuration.nix +++ b/machines/Archie/configuration.nix @@ -1,81 +1,79 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). - -{ config, pkgs, ... }: - { - # Use grub boot loader - boot.loader = { - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - useOSProber = true; - }; - efi.efiSysMountPoint = "/boot/efi"; - }; - boot.loader.efi.canTouchEfiVariables = true; + config, + pkgs, + ... +}: { + # Use grub boot loader + boot.loader = { + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + useOSProber = true; + }; + efi.efiSysMountPoint = "/boot/efi"; + }; + boot.loader.efi.canTouchEfiVariables = true; - boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest; + boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest; - networking.hostName = "Archie"; # Define your hostname. + networking.hostName = "Archie"; # Define your hostname. - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - # Enable CUPS to print documents. - # services.printing.enable = true; + # Enable CUPS to print documents. + # services.printing.enable = true; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + hardware.bluetooth.enable = true; - hardware.bluetooth.enable = true; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # List services that you want to enable: - # List services that you want to enable: + # Enable the OpenSSH daemon. + # services.openssh.enable = true; - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; } - diff --git a/machines/Archie/default.nix b/machines/Archie/default.nix index 5bf2485..187a110 100755 --- a/machines/Archie/default.nix +++ b/machines/Archie/default.nix @@ -1,8 +1,6 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{...}: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/Archie/hardware-configuration.nix b/machines/Archie/hardware-configuration.nix index 00a0702..ccd1840 100644 --- a/machines/Archie/hardware-configuration.nix +++ b/machines/Archie/hardware-configuration.nix @@ -1,76 +1,80 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - # Enable support for the Xbox One wireless dongle - hardware.xone.enable = true; + # Enable support for the Xbox One wireless dongle + hardware.xone.enable = true; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ "amdgpu" ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = ["amdgpu"]; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; - fileSystems."/" = - { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = [ "subvol=@root" "compress=zstd" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = ["subvol=@root" "compress=zstd"]; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = [ "subvol=@nix" "compress=zstd" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = ["subvol=@nix" "compress=zstd"]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = [ "subvol=@boot" "compress=zstd" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = ["subvol=@boot" "compress=zstd"]; + }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/FB87-4CBC"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/FB87-4CBC"; + fsType = "vfat"; + }; - fileSystems = { - /* - Mount the root subvolume of the SSD - This is helpful for getting things from - my old Arch install, as well as for running btdu - */ - "/mnt/ssd" = { - device = config.fileSystems."/".device; - fsType = config.fileSystems."/".fsType; - options = [ "subvolid=5" "ro" ]; - }; - "/mnt/windows" = { - device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F"; - fsType = "ntfs3"; - neededForBoot = false; - options = [ "noauto" "windows_names" ]; - }; - "/home" = { - device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = [ "subvol=@home" "compress=zstd" ]; - }; - "/persist" = { - device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = [ "subvol=@persist" "compress=zstd" ]; - neededForBoot = true; - }; - }; + fileSystems = { + /* + Mount the root subvolume of the SSD + This is helpful for getting things from + my old Arch install, as well as for running btdu + */ + "/mnt/ssd" = { + device = config.fileSystems."/".device; + fsType = config.fileSystems."/".fsType; + options = ["subvolid=5" "ro"]; + }; + "/mnt/windows" = { + device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F"; + fsType = "ntfs3"; + neededForBoot = false; + options = ["noauto" "windows_names"]; + }; + "/home" = { + device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = ["subvol=@home" "compress=zstd"]; + }; + "/persist" = { + device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = ["subvol=@persist" "compress=zstd"]; + neededForBoot = true; + }; + }; - swapDevices = [ ]; + swapDevices = []; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/Everest/configuration.nix b/machines/Everest/configuration.nix index 085260d..d7f8a46 100755 --- a/machines/Everest/configuration.nix +++ b/machines/Everest/configuration.nix @@ -1,68 +1,72 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, lib, ... }: - { - # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.timeout = 5; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; + config, + pkgs, + lib, + ... +}: { + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.timeout = 5; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; - # I'm using Nix OS, it's logo is a snowflake and the computer is - # a lot taller than the pi it's replacing, so Everest! :3 :3 - networking.hostName = "Everest"; # Define your hostname. + # I'm using Nix OS, it's logo is a snowflake and the computer is + # a lot taller than the pi it's replacing, so Everest! :3 :3 + networking.hostName = "Everest"; # Define your hostname. - # Set up networking - networking = { - wireless.enable = false; # Computer doesn't have wifi - enableIPv6 = false; - useNetworkd = true; - dhcpcd.enable = false; - interfaces.eno1 = { - wakeOnLan.enable = true; - ipv4.addresses = [ { - address = "192.168.0.160"; - prefixLength = 24; - } ]; - }; - # I use networkd, so I need to declare the interface for the default gateway - defaultGateway = { - address = "192.168.0.1"; - interface = "eno1"; - }; - nameservers = [ "9.9.9.9" ]; - }; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.toast = { - extraGroups = [ "networkmanager" "transmission"]; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop" - ]; - }; + # Set up networking + networking = { + wireless.enable = false; # Computer doesn't have wifi + enableIPv6 = false; + useNetworkd = true; + dhcpcd.enable = false; + interfaces.eno1 = { + wakeOnLan.enable = true; + ipv4.addresses = [ + { + address = "192.168.0.160"; + prefixLength = 24; + } + ]; + }; + # I use networkd, so I need to declare the interface for the default gateway + defaultGateway = { + address = "192.168.0.1"; + interface = "eno1"; + }; + nameservers = ["9.9.9.9"]; + }; - # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs - boot.tmp.useTmpfs = false; + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.toast = { + extraGroups = ["networkmanager" "transmission"]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop" + ]; + }; - home-manager = { - users.toast = { config, ... }: { - home = { - file = { - # This symlinks the Transmission downloads folder into my user's downloads folder for easy access - "Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads"; - }; - }; - }; - }; + # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs + boot.tmp.useTmpfs = false; - # Open ports in the firewall. - # No idea what ports 5201 and 21027 do tho - networking.firewall.allowedTCPPorts = [ 5201 ]; - networking.firewall.allowedUDPPorts = [ 5201 21027]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + home-manager = { + users.toast = {config, ...}: { + home = { + file = { + # This symlinks the Transmission downloads folder into my user's downloads folder for easy access + "Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads"; + }; + }; + }; + }; + + # Open ports in the firewall. + # No idea what ports 5201 and 21027 do tho + networking.firewall.allowedTCPPorts = [5201]; + networking.firewall.allowedUDPPorts = [5201 21027]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; } diff --git a/machines/Everest/default.nix b/machines/Everest/default.nix index 5bf2485..187a110 100755 --- a/machines/Everest/default.nix +++ b/machines/Everest/default.nix @@ -1,8 +1,6 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{...}: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/Everest/hardware-configuration.nix b/machines/Everest/hardware-configuration.nix index d165feb..007bc26 100755 --- a/machines/Everest/hardware-configuration.nix +++ b/machines/Everest/hardware-configuration.nix @@ -1,61 +1,65 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; - fileSystems = { - "/" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = [ "compress=zstd" "subvol=@"]; - }; - "/nix" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = [ "compress=zstd" "subvol=@nix" ]; - }; - "/home" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = [ "compress=zstd" "subvol=@home" ]; - }; - "/mnt/hdd" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = [ "compress=zstd" "subvol=/" "ro" ]; - }; - "/persist" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = [ "compress=zstd" "subvol=@persist" ]; - neededForBoot = true; - }; - }; + fileSystems = { + "/" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = ["compress=zstd" "subvol=@"]; + }; + "/nix" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = ["compress=zstd" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = ["compress=zstd" "subvol=@home"]; + }; + "/mnt/hdd" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = ["compress=zstd" "subvol=/" "ro"]; + }; + "/persist" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = ["compress=zstd" "subvol=@persist"]; + neededForBoot = true; + }; + }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-label/Boot"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-label/Boot"; + fsType = "vfat"; + }; - swapDevices = [ ]; + swapDevices = []; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/SteamDeck/configuration.nix b/machines/SteamDeck/configuration.nix index 0319993..6e0b86e 100755 --- a/machines/SteamDeck/configuration.nix +++ b/machines/SteamDeck/configuration.nix @@ -1,103 +1,103 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). - -{ config, pkgs, lib, ... }: - { - # Use grub boot loader - boot.loader = { - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - # No other OS on here :P - useOSProber = false; - }; - efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; - }; - boot.loader.efi.canTouchEfiVariables = true; + config, + pkgs, + lib, + ... +}: { + # Use grub boot loader + boot.loader = { + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + # No other OS on here :P + useOSProber = false; + }; + efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; + }; + boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "SteamDeck"; # Define your hostname. + networking.hostName = "SteamDeck"; # Define your hostname. - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - jovian = { - devices.steamdeck = { - enable = true; - }; - # Steam Deck UI settings - steam = { - enable = true; - autoStart = true; - user = "toast"; - desktopSession = "plasmawayland"; - }; - decky-loader = { - enable = true; - }; - }; - services.xserver.displayManager.sddm.enable = lib.mkForce false; + jovian = { + devices.steamdeck = { + enable = true; + }; + # Steam Deck UI settings + steam = { + enable = true; + autoStart = true; + user = "toast"; + desktopSession = "plasmawayland"; + }; + decky-loader = { + enable = true; + }; + }; + services.xserver.displayManager.sddm.enable = lib.mkForce false; - # Enable bluetooth - hardware.bluetooth = { - enable = true; - }; + # Enable bluetooth + hardware.bluetooth = { + enable = true; + }; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - # Enable CUPS to print documents. - # services.printing.enable = true; + # Enable CUPS to print documents. + # services.printing.enable = true; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; - # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs - boot.tmp.useTmpfs = false; + # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs + boot.tmp.useTmpfs = false; - environment.systemPackages = [ pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme ]; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + environment.systemPackages = [pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme]; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # List services that you want to enable: + # List services that you want to enable: - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + # Enable the OpenSSH daemon. + # services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; } - diff --git a/machines/SteamDeck/default.nix b/machines/SteamDeck/default.nix index 5bf2485..187a110 100755 --- a/machines/SteamDeck/default.nix +++ b/machines/SteamDeck/default.nix @@ -1,8 +1,6 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{...}: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/SteamDeck/hardware-configuration.nix b/machines/SteamDeck/hardware-configuration.nix index 1f4cd77..dfb3835 100755 --- a/machines/SteamDeck/hardware-configuration.nix +++ b/machines/SteamDeck/hardware-configuration.nix @@ -1,71 +1,73 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -let - # \x20 is the escape code for a space - ssdLabel = ''Deck\\x20SSD''; -in - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: let + # \x20 is the escape code for a space + ssdLabel = ''Deck\\x20SSD''; +in { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - # Enable support for the Xbox One wireless dongle - hardware.xone.enable = true; + # Enable support for the Xbox One wireless dongle + hardware.xone.enable = true; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; - fileSystems = { - "efi_boot_partition" = { - mountPoint = "/boot/efi"; - label = "deckboot"; - fsType = "vfat"; - }; - /* - Mount the root subvolume of the SSD - This is helpful for getting things from - my old Arch install, as well as for running btdu - */ - "btrfs_root_subvolume" = { - mountPoint = "/mnt/ssd"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvolid=5" "ro" ]; - }; - "btrfs_root" = { - mountPoint = "/"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@" "compress=zstd" ]; - }; - "btrfs_boot" = { - mountPoint = "/boot"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@boot" "compress=zstd" ]; - }; - "btrfs_home" = { - mountPoint = "/home"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@home" "compress=zstd" ]; - }; - "btrfs_nix" = { - mountPoint = "/nix"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@nix" "compress=zstd" ]; - }; - }; + fileSystems = { + "efi_boot_partition" = { + mountPoint = "/boot/efi"; + label = "deckboot"; + fsType = "vfat"; + }; + /* + Mount the root subvolume of the SSD + This is helpful for getting things from + my old Arch install, as well as for running btdu + */ + "btrfs_root_subvolume" = { + mountPoint = "/mnt/ssd"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvolid=5" "ro"]; + }; + "btrfs_root" = { + mountPoint = "/"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@" "compress=zstd"]; + }; + "btrfs_boot" = { + mountPoint = "/boot"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@boot" "compress=zstd"]; + }; + "btrfs_home" = { + mountPoint = "/home"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@home" "compress=zstd"]; + }; + "btrfs_nix" = { + mountPoint = "/nix"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@nix" "compress=zstd"]; + }; + }; - swapDevices = [ ]; + swapDevices = []; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/SurfaceGo/configuration.nix b/machines/SurfaceGo/configuration.nix index 7b63b8d..49c0620 100644 --- a/machines/SurfaceGo/configuration.nix +++ b/machines/SurfaceGo/configuration.nix @@ -1,92 +1,92 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). - -{ config, pkgs, lib, ... }: - { - boot = { - loader = { - # Use grub boot loader - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - enableCryptodisk = true; - }; - efi = { - efiSysMountPoint = "/boot/efi"; - canTouchEfiVariables = true; - }; - }; - # I need systemd for tpm luks unlocking - initrd.systemd.enable = true; - }; + config, + pkgs, + lib, + ... +}: { + boot = { + loader = { + # Use grub boot loader + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + enableCryptodisk = true; + }; + efi = { + efiSysMountPoint = "/boot/efi"; + canTouchEfiVariables = true; + }; + }; + # I need systemd for tpm luks unlocking + initrd.systemd.enable = true; + }; - security.tpm2.enable = true; + security.tpm2.enable = true; - networking.hostName = "SurfaceGo"; # Define your hostname. + networking.hostName = "SurfaceGo"; # Define your hostname. - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - console = { - # The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font - font = "ter-i32n"; - }; - - # Enable CUPS to print documents. - # services.printing.enable = true; + console = { + # The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font + font = "ter-i32n"; + }; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable CUPS to print documents. + # services.printing.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; - # The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it - boot.kernelPackages = lib.mkForce pkgs.linuxPackages; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it + boot.kernelPackages = lib.mkForce pkgs.linuxPackages; - # List services that you want to enable: + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + # List services that you want to enable: - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + # Enable the OpenSSH daemon. + # services.openssh.enable = true; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; } - diff --git a/machines/SurfaceGo/default.nix b/machines/SurfaceGo/default.nix index 5bf2485..187a110 100644 --- a/machines/SurfaceGo/default.nix +++ b/machines/SurfaceGo/default.nix @@ -1,8 +1,6 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{...}: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/SurfaceGo/hardware-configuration.nix b/machines/SurfaceGo/hardware-configuration.nix index 75c5c1a..955cc05 100644 --- a/machines/SurfaceGo/hardware-configuration.nix +++ b/machines/SurfaceGo/hardware-configuration.nix @@ -1,49 +1,51 @@ - # Do not modify this file! It was generated by ‘nixos-generate-config’ +# Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - { + config, + lib, + pkgs, + ... +}: { + boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf"; - boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf"; + fileSystems."/" = { + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = ["subvol=@" "compress=zstd"]; + }; - fileSystems."/" = { - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = [ "subvol=@" "compress=zstd" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = ["subvol=@boot" "compress=zstd"]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = [ "subvol=@boot" "compress=zstd" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = ["subvol=@nix" "compress=zstd"]; + }; - fileSystems."/nix" ={ - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = [ "subvol=@nix" "compress=zstd" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = ["subvol=@home" "compress=zstd"]; + }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = [ "subvol=@home" "compress=zstd" ]; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/EC76-201F"; + fsType = "vfat"; + }; - fileSystems."/boot/efi" = { - device = "/dev/disk/by-uuid/EC76-201F"; - fsType = "vfat"; - }; + swapDevices = []; - swapDevices = []; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/WinMax2/configuration.nix b/machines/WinMax2/configuration.nix index 026000b..a5d20c3 100755 --- a/machines/WinMax2/configuration.nix +++ b/machines/WinMax2/configuration.nix @@ -1,153 +1,153 @@ - # Edit this configuration file to define what should be installed on +# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). - -{ config, pkgs, lib, ... }: - { - # Use grub boot loader - boot = { - loader = { - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - # No other OS on here :P - useOSProber = false; - }; - efi = { - efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; - canTouchEfiVariables = true; - }; - }; - /* - I use luks, and the systemd initrd works better for this - Both for tpm unlocking (soon) and for plymouth - */ - initrd.systemd.enable = true; - # Plymouth doesn't support fractional scaling :( - plymouth.extraConfig = "DeviceScale=2"; + config, + pkgs, + lib, + ... +}: { + # Use grub boot loader + boot = { + loader = { + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + # No other OS on here :P + useOSProber = false; + }; + efi = { + efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; + canTouchEfiVariables = true; + }; + }; + /* + I use luks, and the systemd initrd works better for this + Both for tpm unlocking (soon) and for plymouth + */ + initrd.systemd.enable = true; + # Plymouth doesn't support fractional scaling :( + plymouth.extraConfig = "DeviceScale=2"; - kernelPackages = pkgs.linuxPackages_latest; - }; + kernelPackages = pkgs.linuxPackages_latest; + }; - networking.hostName = "WinMax2"; # Define your hostname. + networking.hostName = "WinMax2"; # Define your hostname. - specialisation.noAVX512.configuration = { - # For some reason The Finals crashes on CPUs that support AVX512 - boot.kernelParams = [ "clearcpuid=304" ]; - }; + specialisation.noAVX512.configuration = { + # For some reason The Finals crashes on CPUs that support AVX512 + boot.kernelParams = ["clearcpuid=304"]; + }; - # Sleep fixes - boot.kernelParams = [ "rtc_cmos.use_acpi_alarm=1" ]; - services.udev.extraRules = '' -ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled" -ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled" - ''; + # Sleep fixes + boot.kernelParams = ["rtc_cmos.use_acpi_alarm=1"]; + services.udev.extraRules = '' + ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled" + ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled" + ''; - services.handheld-daemon = { - package = pkgs.handheld-daemon.overridePythonAttrs rec{ - src = pkgs.fetchFromGitHub { - owner = "hhd-dev"; - repo = "hhd"; - rev = "v${version}"; - hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc="; - }; - version = "1.3.13"; - }; - enable = true; - user = "root"; - }; + services.handheld-daemon = { + package = pkgs.handheld-daemon.overridePythonAttrs rec { + src = pkgs.fetchFromGitHub { + owner = "hhd-dev"; + repo = "hhd"; + rev = "v${version}"; + hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc="; + }; + version = "1.3.13"; + }; + enable = true; + user = "root"; + }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - services.xserver = { - xkb.layout = lib.mkForce "us"; - displayManager.sddm.settings = { - General.GreeterEnvironment="QT_SCREEN_SCALE_FACTORS=1.75"; - }; - }; + services.xserver = { + xkb.layout = lib.mkForce "us"; + displayManager.sddm.settings = { + General.GreeterEnvironment = "QT_SCREEN_SCALE_FACTORS=1.75"; + }; + }; - jovian = { - # Steam Deck UI settings - steam = { - enable = true; - autoStart = false; - user = "toast"; - desktopSession = "plasmawayland"; - }; - hardware.amd.gpu.enableBacklightControl = true; - # Need patched mesa - steamos = { - enableMesaPatches = true; - enableVendorRadv = true; - }; - decky-loader = { - enable = true; - }; - }; + jovian = { + # Steam Deck UI settings + steam = { + enable = true; + autoStart = false; + user = "toast"; + desktopSession = "plasmawayland"; + }; + hardware.amd.gpu.enableBacklightControl = true; + # Need patched mesa + steamos = { + enableMesaPatches = true; + enableVendorRadv = true; + }; + decky-loader = { + enable = true; + }; + }; - # Enable bluetooth - hardware.bluetooth = { - enable = true; - }; + # Enable bluetooth + hardware.bluetooth = { + enable = true; + }; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - # Enable CUPS to print documents. - # services.printing.enable = true; - environment.sessionVariables = { - STEAM_FORCE_DESKTOPUI_SCALING = "1.75"; - }; + # Enable CUPS to print documents. + # services.printing.enable = true; + environment.sessionVariables = { + STEAM_FORCE_DESKTOPUI_SCALING = "1.75"; + }; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; - # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs - boot.tmp.useTmpfs = false; + # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs + boot.tmp.useTmpfs = false; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # List services that you want to enable: + # List services that you want to enable: - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + # Enable the OpenSSH daemon. + # services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; } - diff --git a/machines/WinMax2/default.nix b/machines/WinMax2/default.nix index 5bf2485..187a110 100755 --- a/machines/WinMax2/default.nix +++ b/machines/WinMax2/default.nix @@ -1,8 +1,6 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{...}: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/WinMax2/hardware-configuration.nix b/machines/WinMax2/hardware-configuration.nix index 2f8b16b..45745ac 100755 --- a/machines/WinMax2/hardware-configuration.nix +++ b/machines/WinMax2/hardware-configuration.nix @@ -1,74 +1,75 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, modulesPath, ... }: - -let - # \x20 is the escape code for a space - ssdLabel = ''Win\\x20Max\\x202\\x20SSD''; -in - { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + modulesPath, + ... +}: let + # \x20 is the escape code for a space + ssdLabel = ''Win\\x20Max\\x202\\x20SSD''; +in { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; - boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc"; + boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc"; - fileSystems = { - "efi_boot_partition" = { - mountPoint = "/boot"; - label = "winmax2boot"; - fsType = "vfat"; - }; - /* - Mount the root subvolume of the SSD - This is helpful for getting things from - my old Arch install, as well as for running btdu - */ - "btrfs_root_subvolume" = { - mountPoint = "/mnt/ssd"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvolid=5" "ro" ]; - }; - "btrfs_root" = { - mountPoint = "/"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; - "btrfs_persist" = { - mountPoint = "/persist"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@persist" ]; - neededForBoot = true; - }; - "btrfs_home" = { - mountPoint = "/home"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; - "btrfs_nix" = { - mountPoint = "/nix"; - label = ssdLabel; - fsType = "btrfs"; - options = [ "subvol=@nix" ]; - }; - }; + fileSystems = { + "efi_boot_partition" = { + mountPoint = "/boot"; + label = "winmax2boot"; + fsType = "vfat"; + }; + /* + Mount the root subvolume of the SSD + This is helpful for getting things from + my old Arch install, as well as for running btdu + */ + "btrfs_root_subvolume" = { + mountPoint = "/mnt/ssd"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvolid=5" "ro"]; + }; + "btrfs_root" = { + mountPoint = "/"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@"]; + }; + "btrfs_persist" = { + mountPoint = "/persist"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@persist"]; + neededForBoot = true; + }; + "btrfs_home" = { + mountPoint = "/home"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@home"]; + }; + "btrfs_nix" = { + mountPoint = "/nix"; + label = ssdLabel; + fsType = "btrfs"; + options = ["subvol=@nix"]; + }; + }; - swapDevices = [ ]; + swapDevices = []; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware = { - cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - sensor.iio.bmi260.enable = true; - }; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware = { + cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + sensor.iio.bmi260.enable = true; + }; } diff --git a/pkgs/anything-sync-daemon/default.nix b/pkgs/anything-sync-daemon/default.nix index 974bf9a..afa5417 100644 --- a/pkgs/anything-sync-daemon/default.nix +++ b/pkgs/anything-sync-daemon/default.nix @@ -1,56 +1,57 @@ -{ stdenv -, lib -, fetchFromGitHub -, makeWrapper -, rsync -, gawk -, pv -, gnutar -, zstd -, util-linux -, coreutils -, gnugrep -, findutils +{ + stdenv, + lib, + fetchFromGitHub, + makeWrapper, + rsync, + gawk, + pv, + gnutar, + zstd, + util-linux, + coreutils, + gnugrep, + findutils, }: stdenv.mkDerivation rec { - pname = "anything-sync-daemon"; - version = "6.0.0"; + pname = "anything-sync-daemon"; + version = "6.0.0"; - src = fetchFromGitHub { - owner = "graysky2"; - repo = pname; - rev = "v${version}"; - hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I="; - }; + src = fetchFromGitHub { + owner = "graysky2"; + repo = pname; + rev = "v${version}"; + hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I="; + }; - patches = [ ./disableDaemonStopTargets.patch ]; + patches = [./disableDaemonStopTargets.patch]; - nativeBuildInputs = [ makeWrapper ]; + nativeBuildInputs = [makeWrapper]; - postPatch = '' - substituteInPlace init/asd* \ - --replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon - ''; + postPatch = '' + substituteInPlace init/asd* \ + --replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon + ''; - enableParallelBuilding = true; + enableParallelBuilding = true; - makeFlags = [ - "DESTDIR=${placeholder "out"}" - "PREFIX=" - "INITDIR_SYSTEMD=/lib/systemd/system" - ]; + makeFlags = [ + "DESTDIR=${placeholder "out"}" + "PREFIX=" + "INITDIR_SYSTEMD=/lib/systemd/system" + ]; - installTargets = [ "install-systemd-all" ]; + installTargets = ["install-systemd-all"]; - postInstall = '' - wrapProgram $out/bin/anything-sync-daemon \ - --suffix PATH : ${lib.makeBinPath [ rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]} - ''; - - meta = with lib; { - description = "Symlinks and syncs user specified dirs to RAM"; - homepage = "https://github.com/graysky2/anything-sync-daemon/"; - license = lib.licenses.mit; - platforms = platforms.linux; - }; + postInstall = '' + wrapProgram $out/bin/anything-sync-daemon \ + --suffix PATH : ${lib.makeBinPath [rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]} + ''; + + meta = with lib; { + description = "Symlinks and syncs user specified dirs to RAM"; + homepage = "https://github.com/graysky2/anything-sync-daemon/"; + license = lib.licenses.mit; + platforms = platforms.linux; + }; } diff --git a/roles/common/configuration.nix b/roles/common/configuration.nix index 3e42588..210eb6f 100755 --- a/roles/common/configuration.nix +++ b/roles/common/configuration.nix @@ -1,132 +1,136 @@ -{ config, lib, pkgs, flakeSelf, ... }: - { - imports = [ flakeSelf.inputs.nur.nixosModules.nur ]; - environment = { - # As of the 1st of May 2023, the default packages are nano, perl, rsync and strace - # I don't need any of them, so I just empty the list - defaultPackages = []; - }; + config, + lib, + pkgs, + flakeSelf, + ... +}: { + imports = [flakeSelf.inputs.nur.nixosModules.nur]; + environment = { + # As of the 1st of May 2023, the default packages are nano, perl, rsync and strace + # I don't need any of them, so I just empty the list + defaultPackages = []; + }; - # Set up /tmp - boot.tmp = { - useTmpfs = false; - # Cleaning out /tmp at boot if it's a tmpfs is quite stupid - cleanOnBoot = !config.boot.tmp.useTmpfs; - }; + # Set up /tmp + boot.tmp = { + useTmpfs = false; + # Cleaning out /tmp at boot if it's a tmpfs is quite stupid + cleanOnBoot = !config.boot.tmp.useTmpfs; + }; - # Set up zram - zramSwap = { - enable = true; - priority = 100; - memoryPercent = 60; - # zstd my beloved <3 - algorithm = "zstd"; - }; - # zswap with zram is not a good idea - boot.kernelParams = [ "zswap.enabled=0" ]; + # Set up zram + zramSwap = { + enable = true; + priority = 100; + memoryPercent = 60; + # zstd my beloved <3 + algorithm = "zstd"; + }; + # zswap with zram is not a good idea + boot.kernelParams = ["zswap.enabled=0"]; - # Set up keyboard layout - services.xserver.xkb.layout = "es"; + # Set up keyboard layout + services.xserver.xkb.layout = "es"; - # Set up console - console = { - packages = [ pkgs.terminus_font ]; - earlySetup = true; - # mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware - font = lib.mkOverride 999 "ter-i16n"; - # Make the console use X's keyboard configuration - useXkbConfig = true; - }; + # Set up console + console = { + packages = [pkgs.terminus_font]; + earlySetup = true; + # mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware + font = lib.mkOverride 999 "ter-i16n"; + # Make the console use X's keyboard configuration + useXkbConfig = true; + }; - boot.supportedFilesystems = [ "nfs" ]; - - # Set up localisation - i18n = { - defaultLocale = "en_US.UTF-8"; - extraLocaleSettings = { - LC_NUMERIC = "es_ES.UTF-8"; - # am/pm is nice but mm/dd/yy is yucky - LC_TIME = "es_US.UTF-8"; - LC_MONETARY = "es_ES.UTF-8"; - LC_MEASUREMENT = "es_ES.UTF-8"; - LC_PAPER = "es_ES.UTF-8"; - LC_ADDRESS = "es_US.UTF-8"; - LC_NAME = "es_ES.UTF-8"; - LC_TELEPHONE = "es_ES.UTF-8"; - }; - }; + boot.supportedFilesystems = ["nfs"]; - services.fwupd.enable = true; + # Set up localisation + i18n = { + defaultLocale = "en_US.UTF-8"; + extraLocaleSettings = { + LC_NUMERIC = "es_ES.UTF-8"; + # am/pm is nice but mm/dd/yy is yucky + LC_TIME = "es_US.UTF-8"; + LC_MONETARY = "es_ES.UTF-8"; + LC_MEASUREMENT = "es_ES.UTF-8"; + LC_PAPER = "es_ES.UTF-8"; + LC_ADDRESS = "es_US.UTF-8"; + LC_NAME = "es_ES.UTF-8"; + LC_TELEPHONE = "es_ES.UTF-8"; + }; + }; - # Set up my user - users.users.toast = { - isNormalUser = true; - description = "Toast"; - extraGroups = [ "wheel" ]; - }; + services.fwupd.enable = true; - # Set up time zone. - time.timeZone = "Europe/Madrid"; + # Set up my user + users.users.toast = { + isNormalUser = true; + description = "Toast"; + extraGroups = ["wheel"]; + }; - nixpkgs.overlays = [ - ( - final: prev: { - catppuccin = prev.catppuccin.override { - accent = "mauve"; - variant = "mocha"; - themeList = [ - "bat" - "btop" - "starship" - "grub" - ]; - }; - } - ) - ]; + # Set up time zone. + time.timeZone = "Europe/Madrid"; - home-manager = { - backupFileExtension = "hm-backup"; - useGlobalPkgs = true; - verbose = true; - users.toast = { config, ... }: { - home.stateVersion = "23.11"; - xdg = { - userDirs = { - enable = true; - createDirectories = true; - publicShare = null; # Disable the public folder - }; - }; - }; - }; + nixpkgs.overlays = [ + ( + final: prev: { + catppuccin = prev.catppuccin.override { + accent = "mauve"; + variant = "mocha"; + themeList = [ + "bat" + "btop" + "starship" + "grub" + ]; + }; + } + ) + ]; - # Set up secrets - age = { - identityPaths = [ - "/persist/id_host" - ]; - }; + home-manager = { + backupFileExtension = "hm-backup"; + useGlobalPkgs = true; + verbose = true; + users.toast = {config, ...}: { + home.stateVersion = "23.11"; + xdg = { + userDirs = { + enable = true; + createDirectories = true; + publicShare = null; # Disable the public folder + }; + }; + }; + }; - boot.loader.grub = { - theme = "${pkgs.catppuccin}/grub"; - backgroundColor = "#1E1E2E"; - splashImage = "${pkgs.catppuccin}/grub/background.png"; - }; + # Set up secrets + age = { + identityPaths = [ + "/persist/id_host" + ]; + }; - /* - I used to keep the host keys in the repo as a secret, but since I use the - host keys for decrypting too I'm not sure encrypting a key with itself - is a good idea. Now the host keys will need to be placed manually where they are needed - For first time installs they are generated by services.openssh.hostKeys on servers, and - manually on everything else - */ - - system = { - stateVersion = "23.11"; - # Nix on nixos 23.05 does not have dirtyRev - configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty"; - nixos.variant_id = lib.strings.toLower config.networking.hostName; - }; + boot.loader.grub = { + theme = "${pkgs.catppuccin}/grub"; + backgroundColor = "#1E1E2E"; + splashImage = "${pkgs.catppuccin}/grub/background.png"; + }; + + /* + I used to keep the host keys in the repo as a secret, but since I use the + host keys for decrypting too I'm not sure encrypting a key with itself + is a good idea. Now the host keys will need to be placed manually where they are needed + For first time installs they are generated by services.openssh.hostKeys on servers, and + manually on everything else + */ + + system = { + stateVersion = "23.11"; + # Nix on nixos 23.05 does not have dirtyRev + configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty"; + nixos.variant_id = lib.strings.toLower config.networking.hostName; + }; } diff --git a/roles/common/default.nix b/roles/common/default.nix index 1e090a3..c9bfd8b 100755 --- a/roles/common/default.nix +++ b/roles/common/default.nix @@ -1,9 +1,7 @@ -{ ... }: - -{ - imports = [ - ./programs - ./services - ./configuration.nix - ]; +{...}: { + imports = [ + ./programs + ./services + ./configuration.nix + ]; } diff --git a/roles/common/programs/bash.nix b/roles/common/programs/bash.nix index a87dea5..bfcc625 100644 --- a/roles/common/programs/bash.nix +++ b/roles/common/programs/bash.nix @@ -1,10 +1,8 @@ -{ config, ... }: - -{ - home-manager.users.toast = { config, ... }: { - programs.bash = { - enable = true; - enableVteIntegration = true; - }; - }; +{config, ...}: { + home-manager.users.toast = {config, ...}: { + programs.bash = { + enable = true; + enableVteIntegration = true; + }; + }; } diff --git a/roles/common/programs/bat.nix b/roles/common/programs/bat.nix index 43a53d1..021d531 100644 --- a/roles/common/programs/bat.nix +++ b/roles/common/programs/bat.nix @@ -1,21 +1,25 @@ -{ config, pkgs, ... }: - -let - themeName = if config.system.nixos.release == "23.11" then "Catppuccin-mocha" else "Catppuccin Mocha"; -in { - home-manager = { - users.toast.programs.bat = { - enable = true; - config = { - theme = "catppuccin-mocha"; - }; - themes = { - catppuccin-mocha = { - src = pkgs.catppuccin; - file = "bat/${themeName}.tmTheme"; - }; - }; - }; - }; + config, + pkgs, + ... +}: let + themeName = + if config.system.nixos.release == "23.11" + then "Catppuccin-mocha" + else "Catppuccin Mocha"; +in { + home-manager = { + users.toast.programs.bat = { + enable = true; + config = { + theme = "catppuccin-mocha"; + }; + themes = { + catppuccin-mocha = { + src = pkgs.catppuccin; + file = "bat/${themeName}.tmTheme"; + }; + }; + }; + }; } diff --git a/roles/common/programs/btop.nix b/roles/common/programs/btop.nix index 5150cbf..c0bf0de 100644 --- a/roles/common/programs/btop.nix +++ b/roles/common/programs/btop.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home-manager = { users.toast = { programs.btop = { @@ -14,4 +12,4 @@ }; }; }; -} \ No newline at end of file +} diff --git a/roles/common/programs/comma.nix b/roles/common/programs/comma.nix index 3c3f07b..e276b89 100644 --- a/roles/common/programs/comma.nix +++ b/roles/common/programs/comma.nix @@ -1,8 +1,10 @@ -{ config, pkgs, ... }: - { - # Use nix-index-database's comma wrapper - programs.nix-index-database.comma.enable = true; - # Run programs from the system's nixpkgs - environment.variables = { COMMA_NIXPKGS_FLAKE="system"; }; + config, + pkgs, + ... +}: { + # Use nix-index-database's comma wrapper + programs.nix-index-database.comma.enable = true; + # Run programs from the system's nixpkgs + environment.variables = {COMMA_NIXPKGS_FLAKE = "system";}; } diff --git a/roles/common/programs/command-not-found.nix b/roles/common/programs/command-not-found.nix index 0816b39..8dfa3d1 100755 --- a/roles/common/programs/command-not-found.nix +++ b/roles/common/programs/command-not-found.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -{ - # The nixpkgs command-not-found script does not work with flakes, so I disable it - programs.command-not-found.enable = false; +{config, ...}: { + # The nixpkgs command-not-found script does not work with flakes, so I disable it + programs.command-not-found.enable = false; } diff --git a/roles/common/programs/default.nix b/roles/common/programs/default.nix index bc89f3a..8a8df10 100755 --- a/roles/common/programs/default.nix +++ b/roles/common/programs/default.nix @@ -1,32 +1,34 @@ -{ config, pkgs, ... }: - { - imports = [ - ./htop.nix - ./nix.nix - ./micro.nix - ./nix-index.nix - ./command-not-found.nix - ./comma.nix - ./bash.nix - ./git.nix - ./starship.nix - ./bat.nix - ./btop.nix - ./helix.nix - ./direnv.nix - ]; - # Some programs dont have a programs.*.enable option, so I install their package here - environment.systemPackages = with pkgs; [ - speedtest-cli - # Bat has a home manager module, but I want it to be available system wide - bat - file - nvd - ncdu - tree - btdu - iperf3 - restic - ]; + config, + pkgs, + ... +}: { + imports = [ + ./htop.nix + ./nix.nix + ./micro.nix + ./nix-index.nix + ./command-not-found.nix + ./comma.nix + ./bash.nix + ./git.nix + ./starship.nix + ./bat.nix + ./btop.nix + ./helix.nix + ./direnv.nix + ]; + # Some programs dont have a programs.*.enable option, so I install their package here + environment.systemPackages = with pkgs; [ + speedtest-cli + # Bat has a home manager module, but I want it to be available system wide + bat + file + nvd + ncdu + tree + btdu + iperf3 + restic + ]; } diff --git a/roles/common/programs/direnv.nix b/roles/common/programs/direnv.nix index c0ab11a..856dcbb 100644 --- a/roles/common/programs/direnv.nix +++ b/roles/common/programs/direnv.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { programs.direnv = { enable = true; nix-direnv = { diff --git a/roles/common/programs/git.nix b/roles/common/programs/git.nix index 17fdf47..c9b673a 100644 --- a/roles/common/programs/git.nix +++ b/roles/common/programs/git.nix @@ -1,34 +1,33 @@ -{ config, pkgs, ... }: - -let - catppuccinDelta = pkgs.fetchFromGitHub { - owner = "catppuccin"; - repo = "delta"; - rev = "main"; - hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs="; - }; -in - { - home-manager.users.toast = { - programs.git = { - enable = true; - userName = "Toast"; - userEmail = "toast003@tutamail.com"; - delta = { - enable = true; - options = { - syntax-theme = "catppuccin-mocha"; - features = "catppuccin-mocha"; - }; - }; - includes = [{ path = "${catppuccinDelta}/themes/mocha.gitconfig"; }]; - extraConfig = { - init.defaultBranch = "main"; - diff.colorMoved = "default"; - commit.verbose = "true"; - }; - }; - }; + config, + pkgs, + ... +}: let + catppuccinDelta = pkgs.fetchFromGitHub { + owner = "catppuccin"; + repo = "delta"; + rev = "main"; + hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs="; + }; +in { + home-manager.users.toast = { + programs.git = { + enable = true; + userName = "Toast"; + userEmail = "toast003@tutamail.com"; + delta = { + enable = true; + options = { + syntax-theme = "catppuccin-mocha"; + features = "catppuccin-mocha"; + }; + }; + includes = [{path = "${catppuccinDelta}/themes/mocha.gitconfig";}]; + extraConfig = { + init.defaultBranch = "main"; + diff.colorMoved = "default"; + commit.verbose = "true"; + }; + }; + }; } - diff --git a/roles/common/programs/helix.nix b/roles/common/programs/helix.nix index 78f09da..70fa320 100644 --- a/roles/common/programs/helix.nix +++ b/roles/common/programs/helix.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home-manager.users.toast = { programs.helix = { enable = true; @@ -9,7 +7,7 @@ nixpkgs-fmt nil ]; - settings = { + settings = { theme = "catppuccin_mocha"; editor = { mouse = true; diff --git a/roles/common/programs/htop.nix b/roles/common/programs/htop.nix index 4eb7fbe..27c0ea1 100755 --- a/roles/common/programs/htop.nix +++ b/roles/common/programs/htop.nix @@ -1,15 +1,13 @@ -{ config, ... }: - -{ - programs.htop = { - enable = true; - settings = { - tree_view = 1; - highlight_base_name = 1; - show_program_path = 0; - show_cpu_frequency = 1; - show_cpu_temperature = 1; - hide_userland_threads = 1; - }; - }; +{config, ...}: { + programs.htop = { + enable = true; + settings = { + tree_view = 1; + highlight_base_name = 1; + show_program_path = 0; + show_cpu_frequency = 1; + show_cpu_temperature = 1; + hide_userland_threads = 1; + }; + }; } diff --git a/roles/common/programs/micro.nix b/roles/common/programs/micro.nix index e92646b..ab14d1d 100644 --- a/roles/common/programs/micro.nix +++ b/roles/common/programs/micro.nix @@ -1,17 +1,22 @@ -{ config, pkgs, ... }: - { - home-manager = { - users.toast = { config, pkgs, ... }: - { - programs.micro = { - enable = true; - settings = { - clipboard = "internal"; - indentchar = "|"; - softwrap = true; - }; - }; - }; - }; + config, + pkgs, + ... +}: { + home-manager = { + users.toast = { + config, + pkgs, + ... + }: { + programs.micro = { + enable = true; + settings = { + clipboard = "internal"; + indentchar = "|"; + softwrap = true; + }; + }; + }; + }; } diff --git a/roles/common/programs/nix-index.nix b/roles/common/programs/nix-index.nix index 492f770..cce8c55 100755 --- a/roles/common/programs/nix-index.nix +++ b/roles/common/programs/nix-index.nix @@ -1,15 +1,15 @@ -{ config, ... }: - -{ - /* environment.systemPackages = [ pkgs.nix-index ]; - programs.bash.interactiveShellInit = '' -source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh - ''; */ - programs.nix-index = { - enable = true; - enableBashIntegration = true; - # I don't use zsh or fish (yet) - enableZshIntegration = false; - enableFishIntegration = false; - }; +{config, ...}: { + /* + environment.systemPackages = [ pkgs.nix-index ]; + programs.bash.interactiveShellInit = '' + source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh + ''; + */ + programs.nix-index = { + enable = true; + enableBashIntegration = true; + # I don't use zsh or fish (yet) + enableZshIntegration = false; + enableFishIntegration = false; + }; } diff --git a/roles/common/programs/nix.nix b/roles/common/programs/nix.nix index 41e4cc2..9444f9b 100755 --- a/roles/common/programs/nix.nix +++ b/roles/common/programs/nix.nix @@ -1,25 +1,34 @@ -{ config, systemPkgs, ... }: - { - nix = { - settings = { - auto-optimise-store = true; - experimental-features = "nix-command flakes"; - }; - optimise = { - automatic = true; - dates = [ "weekly" ]; - }; - registry = { - agenix = { - from = { id = "agenix"; type = "indirect"; }; - to = { owner = "ryantm"; repo = "agenix"; type = "github"; }; - }; - # Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions - # https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html - system.flake = systemPkgs; - }; - # I removed this in the past since I thought that I didn't need it, but turns out comma does :) - nixPath = [ "nixpkgs=${systemPkgs}" ]; - }; + config, + systemPkgs, + ... +}: { + nix = { + settings = { + auto-optimise-store = true; + experimental-features = "nix-command flakes"; + }; + optimise = { + automatic = true; + dates = ["weekly"]; + }; + registry = { + agenix = { + from = { + id = "agenix"; + type = "indirect"; + }; + to = { + owner = "ryantm"; + repo = "agenix"; + type = "github"; + }; + }; + # Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions + # https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html + system.flake = systemPkgs; + }; + # I removed this in the past since I thought that I didn't need it, but turns out comma does :) + nixPath = ["nixpkgs=${systemPkgs}"]; + }; } diff --git a/roles/common/programs/starship.nix b/roles/common/programs/starship.nix index 3a29736..8e60667 100644 --- a/roles/common/programs/starship.nix +++ b/roles/common/programs/starship.nix @@ -1,53 +1,52 @@ -{ pkgs, lib, ... }: - -with lib; -with builtins; - -let - catppuccinFlavour = "mocha"; - catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml; - - presets = { - nerdFontSymbols = pkgs.fetchurl { - url = "https://starship.rs/presets/toml/nerd-font-symbols.toml"; - hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug="; - }; - }; - # -------------------------------- F U N C T I O N S -------------------------------- - - /* - Gonna be honest, I have no idea how this works, although it seems to work - Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e - */ - # Takes a list of attrSets and merges them - mergeAllAttrSets = attrsSets: - foldl' (recursiveUpdate) {} attrsSets; - - # Reads a TOML file and parses it - readTomlPreset = file: (fromTOML (readFile file)); - -in { - programs.starship = { - enable = true; - settings = mergeAllAttrSets [ - (readTomlPreset presets.nerdFontSymbols) - (readTomlPreset catppuccinStarship) - { - nix_shell = { - disabled = false; - heuristic = true; - }; - os = { - disabled = false; - }; - directory = { - disabled = false; - truncation_length = 6; - truncation_symbol = ".../"; - }; - palette = "catppuccin_${catppuccinFlavour}"; - } - ]; - }; + pkgs, + lib, + ... +}: +with lib; +with builtins; let + catppuccinFlavour = "mocha"; + catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml; + + presets = { + nerdFontSymbols = pkgs.fetchurl { + url = "https://starship.rs/presets/toml/nerd-font-symbols.toml"; + hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug="; + }; + }; + # -------------------------------- F U N C T I O N S -------------------------------- + + /* + Gonna be honest, I have no idea how this works, although it seems to work + Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e + */ + # Takes a list of attrSets and merges them + mergeAllAttrSets = attrsSets: + foldl' recursiveUpdate {} attrsSets; + + # Reads a TOML file and parses it + readTomlPreset = file: (fromTOML (readFile file)); +in { + programs.starship = { + enable = true; + settings = mergeAllAttrSets [ + (readTomlPreset presets.nerdFontSymbols) + (readTomlPreset catppuccinStarship) + { + nix_shell = { + disabled = false; + heuristic = true; + }; + os = { + disabled = false; + }; + directory = { + disabled = false; + truncation_length = 6; + truncation_symbol = ".../"; + }; + palette = "catppuccin_${catppuccinFlavour}"; + } + ]; + }; } diff --git a/roles/common/services/avahi.nix b/roles/common/services/avahi.nix index ef9d747..5136f64 100755 --- a/roles/common/services/avahi.nix +++ b/roles/common/services/avahi.nix @@ -1,19 +1,23 @@ -{ config, ... }: -let - old = { - nssmdns = true; - }; - new = { - nssmdns4 = true; - }; -in -{ - /* - NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6 - 23.11 doesn't support this, so I need to use the conditional to be able to - use the same config for both - */ - services.avahi = { - enable = true; - } // (if config.system.nixos.release == "23.11" then old else new); +{config, ...}: let + old = { + nssmdns = true; + }; + new = { + nssmdns4 = true; + }; +in { + /* + NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6 + 23.11 doesn't support this, so I need to use the conditional to be able to + use the same config for both + */ + services.avahi = + { + enable = true; + } + // ( + if config.system.nixos.release == "23.11" + then old + else new + ); } diff --git a/roles/common/services/default.nix b/roles/common/services/default.nix index a045e1c..960410b 100644 --- a/roles/common/services/default.nix +++ b/roles/common/services/default.nix @@ -1,9 +1,7 @@ -{ ... }: - -{ - imports = [ - ./avahi.nix - ./tailscale.nix - ./syncthing.nix - ]; +{...}: { + imports = [ + ./avahi.nix + ./tailscale.nix + ./syncthing.nix + ]; } diff --git a/roles/common/services/syncthing.nix b/roles/common/services/syncthing.nix index 501b4e3..8d81a53 100755 --- a/roles/common/services/syncthing.nix +++ b/roles/common/services/syncthing.nix @@ -1,60 +1,60 @@ -{ config, flakeSelf, ... }: - -let - hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; -in - { - # Get secrets - age.secrets = { - syncthingKey.file = hostSecrets + "/syncthingKey.age"; - syncthingCert.file = hostSecrets + "/syncthingCert.age"; - }; + config, + flakeSelf, + ... +}: let + hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; +in { + # Get secrets + age.secrets = { + syncthingKey.file = hostSecrets + "/syncthingKey.age"; + syncthingCert.file = hostSecrets + "/syncthingCert.age"; + }; - services.syncthing = { - key = config.age.secrets.syncthingKey.path; - cert = config.age.secrets.syncthingCert.path; - overrideDevices = true; - overrideFolders = true; - openDefaultPorts = true; - settings = { - options = { - urAccepted = 3; - }; - # Set up devices and folders common to every device - devices = { - "phone" = { - name = "Xiaomi Redmi Note 10 Pro"; - id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6"; - }; - "pc" = { - name = "Archie"; - id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY"; - }; - "steamdeck" = { - name = "Steam Deck"; - id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN"; - }; - "server" = { - name = "Everest"; - id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ"; - }; - "surface" = { - name = "Surface Go"; - id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4"; - }; - "winmax2" = { - name = "Win Max 2"; - id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS"; - }; - }; - folders = { - "passwords" = { - label = "KeePassXC Passwords"; - id = "rdyaq-ex659"; - devices = [ "phone" "pc" "steamdeck" "server" "surface" "winmax2"]; - }; - }; - }; - }; + services.syncthing = { + key = config.age.secrets.syncthingKey.path; + cert = config.age.secrets.syncthingCert.path; + overrideDevices = true; + overrideFolders = true; + openDefaultPorts = true; + settings = { + options = { + urAccepted = 3; + }; + # Set up devices and folders common to every device + devices = { + "phone" = { + name = "Xiaomi Redmi Note 10 Pro"; + id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6"; + }; + "pc" = { + name = "Archie"; + id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY"; + }; + "steamdeck" = { + name = "Steam Deck"; + id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN"; + }; + "server" = { + name = "Everest"; + id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ"; + }; + "surface" = { + name = "Surface Go"; + id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4"; + }; + "winmax2" = { + name = "Win Max 2"; + id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS"; + }; + }; + folders = { + "passwords" = { + label = "KeePassXC Passwords"; + id = "rdyaq-ex659"; + devices = ["phone" "pc" "steamdeck" "server" "surface" "winmax2"]; + }; + }; + }; + }; } diff --git a/roles/common/services/tailscale.nix b/roles/common/services/tailscale.nix index 176bded..92080d1 100644 --- a/roles/common/services/tailscale.nix +++ b/roles/common/services/tailscale.nix @@ -1,12 +1,14 @@ -{ config, lib, ... }: - { - services.tailscale = { - enable = true; - useRoutingFeatures = lib.mkDefault "client"; - }; + config, + lib, + ... +}: { + services.tailscale = { + enable = true; + useRoutingFeatures = lib.mkDefault "client"; + }; - systemd.services.tailscaled.environment = { - TS_NO_LOGS_NO_SUPPORT = "true"; - }; + systemd.services.tailscaled.environment = { + TS_NO_LOGS_NO_SUPPORT = "true"; + }; } diff --git a/roles/desktop/configuration.nix b/roles/desktop/configuration.nix index ab3242a..c56559d 100644 --- a/roles/desktop/configuration.nix +++ b/roles/desktop/configuration.nix @@ -1,19 +1,21 @@ -{ config, pkgs, ... }: - { - # Enable scanning - hardware.sane = { - enable = true; - extraBackends = [ pkgs.sane-airscan ]; - }; - users.users.toast.extraGroups = [ "scanner" ]; + config, + pkgs, + ... +}: { + # Enable scanning + hardware.sane = { + enable = true; + extraBackends = [pkgs.sane-airscan]; + }; + users.users.toast.extraGroups = ["scanner"]; - services.xserver.enable = true; + services.xserver.enable = true; - # Set up fonts - fonts.packages = [ - ( pkgs.nerdfonts.override { fonts = [ "Hack" "JetBrainsMono" ]; } ) - ]; + # Set up fonts + fonts.packages = [ + (pkgs.nerdfonts.override {fonts = ["Hack" "JetBrainsMono"];}) + ]; - boot.plymouth.enable = true; + boot.plymouth.enable = true; } diff --git a/roles/desktop/default.nix b/roles/desktop/default.nix index 7933104..d8e1f2b 100644 --- a/roles/desktop/default.nix +++ b/roles/desktop/default.nix @@ -1,9 +1,7 @@ -{ ... }: - -{ - imports = [ - ./services - ./programs - ./configuration.nix - ]; +{...}: { + imports = [ + ./services + ./programs + ./configuration.nix + ]; } diff --git a/roles/desktop/programs/default.nix b/roles/desktop/programs/default.nix index fe5bf8e..6a06ba2 100755 --- a/roles/desktop/programs/default.nix +++ b/roles/desktop/programs/default.nix @@ -1,14 +1,12 @@ -{ ... }: - -{ - imports = [ - ./discord.nix - ./firefox.nix - ./micro.nix - ./keepassxc.nix - ./jamesdsp.nix - ./vscode.nix - ./git.nix - ./ssh.nix - ]; +{...}: { + imports = [ + ./discord.nix + ./firefox.nix + ./micro.nix + ./keepassxc.nix + ./jamesdsp.nix + ./vscode.nix + ./git.nix + ./ssh.nix + ]; } diff --git a/roles/desktop/programs/discord.nix b/roles/desktop/programs/discord.nix index db431ab..71b3c07 100644 --- a/roles/desktop/programs/discord.nix +++ b/roles/desktop/programs/discord.nix @@ -1,41 +1,45 @@ -{ config, pkgs, lib, ... }: - - let - discordOverlay = self: super: { - discord = super.discord.override { - withOpenASAR = true; - withVencord = true; - }; - # Update some stuff while I wait for nixpkgs - /*vencord = super.vencord.overrideAttrs rec { - version = "522fdcd"; - src = pkgs.fetchFromGitHub { - owner = "Vendicated"; - repo = "Vencord"; - rev = "522fdcd"; - #rev = "v${version}"; - hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM="; - }; - };*/ - }; - stock-discord = self: super: { - discord = super.discord.override { - withOpenASAR = false; - withVencord = false; - }; - }; - in { - # Sometimes discord breaks after updates, and launching it stock once fixes it - specialisation.stockDiscord.configuration = { - nixpkgs.overlays = lib.mkAfter [ stock-discord ]; - }; + config, + pkgs, + lib, + ... +}: let + discordOverlay = self: super: { + discord = super.discord.override { + withOpenASAR = true; + withVencord = true; + }; + # Update some stuff while I wait for nixpkgs + /* + vencord = super.vencord.overrideAttrs rec { + version = "522fdcd"; + src = pkgs.fetchFromGitHub { + owner = "Vendicated"; + repo = "Vencord"; + rev = "522fdcd"; + #rev = "v${version}"; + hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM="; + }; + }; + */ + }; + stock-discord = self: super: { + discord = super.discord.override { + withOpenASAR = false; + withVencord = false; + }; + }; +in { + # Sometimes discord breaks after updates, and launching it stock once fixes it + specialisation.stockDiscord.configuration = { + nixpkgs.overlays = lib.mkAfter [stock-discord]; + }; - nixpkgs.overlays = [ discordOverlay ]; - home-manager.users.toast = { - home.packages = with pkgs; [ - discord - vesktop - ]; - }; + nixpkgs.overlays = [discordOverlay]; + home-manager.users.toast = { + home.packages = with pkgs; [ + discord + vesktop + ]; + }; } diff --git a/roles/desktop/programs/firefox.nix b/roles/desktop/programs/firefox.nix index 89e1e27..bb2e697 100644 --- a/roles/desktop/programs/firefox.nix +++ b/roles/desktop/programs/firefox.nix @@ -1,57 +1,59 @@ -{ config, lib, ... }: - { - # System wide firefox settings - programs.firefox = { - enable = true; - policies = { - "DisablePocket" = true; - "DisableTelemetry" = true; - # You need these for Spotify - "EncryptedMediaExtensions" = { "Enabled" = true; }; - "ExtensionSettings" = { - # TODO: Install extensions the NUR instead of from AMO - "uBlock0@raymondhill.net" = { - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; - }; - # Decentraleyes - "jid1-BoFifL9Vbdl2zQ@jetpack" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; - }; - "jid1-MnnxcxisBPnSXQ@jetpack" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; - }; - # Uninstall the kde plasma integration extension if KDE is not installed - "plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked"; - }; - "Preferences" = { - # Enable video hardware acceleration - "media.ffmpeg.vaapi.enabled" = { - "Value" = true; - "Status" = "default"; - }; - "dom.security.https_only_mode" = { - "Value" = true; - "Status" = "locked"; - }; - "general.smoothScroll.msdPhysics.enabled" = { - "Value" = true; - "Status" = "default"; - }; - }; - "PromptForDownloadLocation" = true; - # I use an external password manager, so the built in one just bothers me - "PasswordManagerEnabled" = false; - "Permissions" = { - "Autoplay" = { - "Allow" = [ "https://www.youtube.com" ]; - "Default" = "block-audio-video"; - }; - }; - "FirefoxHome" = { "SponsoredTopSites" = false; }; - }; - }; + config, + lib, + ... +}: { + # System wide firefox settings + programs.firefox = { + enable = true; + policies = { + "DisablePocket" = true; + "DisableTelemetry" = true; + # You need these for Spotify + "EncryptedMediaExtensions" = {"Enabled" = true;}; + "ExtensionSettings" = { + # TODO: Install extensions the NUR instead of from AMO + "uBlock0@raymondhill.net" = { + "installation_mode" = "force_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; + }; + # Decentraleyes + "jid1-BoFifL9Vbdl2zQ@jetpack" = { + "installation_mode" = "normal_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; + }; + "jid1-MnnxcxisBPnSXQ@jetpack" = { + "installation_mode" = "normal_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; + }; + # Uninstall the kde plasma integration extension if KDE is not installed + "plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked"; + }; + "Preferences" = { + # Enable video hardware acceleration + "media.ffmpeg.vaapi.enabled" = { + "Value" = true; + "Status" = "default"; + }; + "dom.security.https_only_mode" = { + "Value" = true; + "Status" = "locked"; + }; + "general.smoothScroll.msdPhysics.enabled" = { + "Value" = true; + "Status" = "default"; + }; + }; + "PromptForDownloadLocation" = true; + # I use an external password manager, so the built in one just bothers me + "PasswordManagerEnabled" = false; + "Permissions" = { + "Autoplay" = { + "Allow" = ["https://www.youtube.com"]; + "Default" = "block-audio-video"; + }; + }; + "FirefoxHome" = {"SponsoredTopSites" = false;}; + }; + }; } diff --git a/roles/desktop/programs/git.nix b/roles/desktop/programs/git.nix index d630bdd..594c3e7 100644 --- a/roles/desktop/programs/git.nix +++ b/roles/desktop/programs/git.nix @@ -1,6 +1,8 @@ -{ pkgs, lib, ... }: - { + pkgs, + lib, + ... +}: { home-manager.users.toast = { programs.git = { package = pkgs.gitFull; @@ -11,6 +13,6 @@ }; }; - home.packages = [ pkgs.git-cola ]; + home.packages = [pkgs.git-cola]; }; } diff --git a/roles/desktop/programs/jamesdsp.nix b/roles/desktop/programs/jamesdsp.nix index 4316cb5..3f1aa35 100644 --- a/roles/desktop/programs/jamesdsp.nix +++ b/roles/desktop/programs/jamesdsp.nix @@ -1,5 +1,7 @@ -{ config, pkgs, ... }: - { - users.users.toast.packages = [ pkgs.jamesdsp ]; + config, + pkgs, + ... +}: { + users.users.toast.packages = [pkgs.jamesdsp]; } diff --git a/roles/desktop/programs/keepassxc.nix b/roles/desktop/programs/keepassxc.nix index 7b42daf..3eedb2b 100644 --- a/roles/desktop/programs/keepassxc.nix +++ b/roles/desktop/programs/keepassxc.nix @@ -1,63 +1,69 @@ -{ config, pkgs, lib, ... }: - -let - kpxcSettings = lib.generators.toINI {} { - General = { - # Not sure what changing this does, I'll leave it alone - ConfigVersion = 2; - MinimizeAfterUnlock = true; - AutoSaveAfterEveryChange = false; - }; - GUI = { - ApplicationTheme = "classic"; - MinimizeOnStartup = false; - MinimizeOnClose = true; - MinimizeToTray = true; - ShowTrayIcon = true; - # 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style - ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window - # monochrome-light, monochrome-dark or colorful - TrayIconAppearance = "monochrome-light"; - }; - Security = { - HideNotes = true; - IconDownloadFallback = true; - }; - SSHAgent.Enabled = true; - }; -in - { - home-manager = { - extraSpecialArgs = { kpxcSettings = kpxcSettings; }; - users.toast = { config, pkgs, kpxcSettings, ... }: { - # No module for KeePassXC config :( - home = { - packages = [ pkgs.keepassxc ]; - file = { - ".config/keepassxc/keepassxc.ini".text = kpxcSettings; - # For some reason the autostart .desktop is not the same as the regular one - ".config/autostart/org.keepassxc.KeePassXC.desktop".text = '' - [Desktop Entry] - Name=KeePassXC - GenericName=Password Manager - Exec=keepassxc - TryExec=keepassxc - Icon=keepassxc - StartupWMClass=keepassxc - StartupNotify=true - Terminal=false - Type=Application - Version=1.0 - Categories=Utility;Security;Qt; - MimeType=application/x-keepass2; - X-GNOME-Autostart-enabled=true - X-GNOME-Autostart-Delay=2 - X-KDE-autostart-after=panel - X-LXQt-Need-Tray=true - ''; - }; - }; - }; - }; + config, + pkgs, + lib, + ... +}: let + kpxcSettings = lib.generators.toINI {} { + General = { + # Not sure what changing this does, I'll leave it alone + ConfigVersion = 2; + MinimizeAfterUnlock = true; + AutoSaveAfterEveryChange = false; + }; + GUI = { + ApplicationTheme = "classic"; + MinimizeOnStartup = false; + MinimizeOnClose = true; + MinimizeToTray = true; + ShowTrayIcon = true; + # 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style + ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window + # monochrome-light, monochrome-dark or colorful + TrayIconAppearance = "monochrome-light"; + }; + Security = { + HideNotes = true; + IconDownloadFallback = true; + }; + SSHAgent.Enabled = true; + }; +in { + home-manager = { + extraSpecialArgs = {kpxcSettings = kpxcSettings;}; + users.toast = { + config, + pkgs, + kpxcSettings, + ... + }: { + # No module for KeePassXC config :( + home = { + packages = [pkgs.keepassxc]; + file = { + ".config/keepassxc/keepassxc.ini".text = kpxcSettings; + # For some reason the autostart .desktop is not the same as the regular one + ".config/autostart/org.keepassxc.KeePassXC.desktop".text = '' + [Desktop Entry] + Name=KeePassXC + GenericName=Password Manager + Exec=keepassxc + TryExec=keepassxc + Icon=keepassxc + StartupWMClass=keepassxc + StartupNotify=true + Terminal=false + Type=Application + Version=1.0 + Categories=Utility;Security;Qt; + MimeType=application/x-keepass2; + X-GNOME-Autostart-enabled=true + X-GNOME-Autostart-Delay=2 + X-KDE-autostart-after=panel + X-LXQt-Need-Tray=true + ''; + }; + }; + }; + }; } diff --git a/roles/desktop/programs/micro.nix b/roles/desktop/programs/micro.nix index a09e819..38fda68 100644 --- a/roles/desktop/programs/micro.nix +++ b/roles/desktop/programs/micro.nix @@ -1,21 +1,27 @@ -{ config, pkgs, lib, ... }: - { - home-manager = { - users.toast = { config, pkgs, ... }: - { - programs.micro = { - enable = true; - settings = { - # Use xclip/wl-clipboard for copying and pasting - clipboard = lib.mkForce "external"; - }; - }; - /* - On a kde wayland session micro uses xsel or xclip instead of wl-clipboard - which doesn't work, so I only install wl-clipboard here to make micro use it - */ - home.packages = with pkgs; [ wl-clipboard ]; - }; - }; + config, + pkgs, + lib, + ... +}: { + home-manager = { + users.toast = { + config, + pkgs, + ... + }: { + programs.micro = { + enable = true; + settings = { + # Use xclip/wl-clipboard for copying and pasting + clipboard = lib.mkForce "external"; + }; + }; + /* + On a kde wayland session micro uses xsel or xclip instead of wl-clipboard + which doesn't work, so I only install wl-clipboard here to make micro use it + */ + home.packages = with pkgs; [wl-clipboard]; + }; + }; } diff --git a/roles/desktop/programs/ssh.nix b/roles/desktop/programs/ssh.nix index b3f17f0..86f1b2d 100644 --- a/roles/desktop/programs/ssh.nix +++ b/roles/desktop/programs/ssh.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { home-manager.users.toast = { programs.ssh = { enable = true; diff --git a/roles/desktop/programs/vscode.nix b/roles/desktop/programs/vscode.nix index d75c465..ba6fa43 100644 --- a/roles/desktop/programs/vscode.nix +++ b/roles/desktop/programs/vscode.nix @@ -1,40 +1,45 @@ -{ config, pkgs, flakeSelf, ... }: -let inputs = flakeSelf.inputs; in { - nixpkgs.overlays = [ inputs.catppuccin-vsc.overlays.default ]; - home-manager.users.toast = { - home.packages = with pkgs; [ - nixpkgs-fmt - ]; - programs.vscode = { - enable = true; - package = pkgs.vscodium; - mutableExtensionsDir = false; - extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [ - jnoortheen.nix-ide - (pkgs.catppuccin-vsc.override { - workbenchMode = "flat"; - extraBordersEnabled = true; - }) - catppuccin.catppuccin-vsc-icons - waderyan.gitblame - ]; - userSettings = { - # VSCode doesn't like nested settings - # https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep - # TODO: write a function that unnests settings - "workbench.colorTheme" = "Catppuccin Mocha"; - "workbench.iconTheme" = "catppuccin-mocha"; - "editor.fontFamily" = "JetBrainsMono Nerd Font"; - "editor.semanticHighlighting.enabled" = true; - "nix.enableLanguageServer" = true; - "nix.serverPath" = "${pkgs.nil}/bin/nil"; - "nix.serverSettings" = { - "nil"."formatting"."command" = [ "nixpkgs-fmt" ]; - }; - "terminal.integrated.minimumContrastRatio" = 1; - "window.titleBarStyle" = "custom"; - }; - }; - }; + config, + pkgs, + flakeSelf, + ... +}: let + inputs = flakeSelf.inputs; +in { + nixpkgs.overlays = [inputs.catppuccin-vsc.overlays.default]; + home-manager.users.toast = { + home.packages = with pkgs; [ + nixpkgs-fmt + ]; + programs.vscode = { + enable = true; + package = pkgs.vscodium; + mutableExtensionsDir = false; + extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [ + jnoortheen.nix-ide + (pkgs.catppuccin-vsc.override { + workbenchMode = "flat"; + extraBordersEnabled = true; + }) + catppuccin.catppuccin-vsc-icons + waderyan.gitblame + ]; + userSettings = { + # VSCode doesn't like nested settings + # https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep + # TODO: write a function that unnests settings + "workbench.colorTheme" = "Catppuccin Mocha"; + "workbench.iconTheme" = "catppuccin-mocha"; + "editor.fontFamily" = "JetBrainsMono Nerd Font"; + "editor.semanticHighlighting.enabled" = true; + "nix.enableLanguageServer" = true; + "nix.serverPath" = "${pkgs.nil}/bin/nil"; + "nix.serverSettings" = { + "nil"."formatting"."command" = ["nixpkgs-fmt"]; + }; + "terminal.integrated.minimumContrastRatio" = 1; + "window.titleBarStyle" = "custom"; + }; + }; + }; } diff --git a/roles/desktop/services/default.nix b/roles/desktop/services/default.nix index c746c38..f08cc3b 100644 --- a/roles/desktop/services/default.nix +++ b/roles/desktop/services/default.nix @@ -1,12 +1,10 @@ -{ ... }: - -{ - imports = [ - ./ssh-agent.nix - ./flatpak.nix - ./syncthing.nix - ./pipewire.nix - ./printing.nix - ./networkmanager.nix - ]; +{...}: { + imports = [ + ./ssh-agent.nix + ./flatpak.nix + ./syncthing.nix + ./pipewire.nix + ./printing.nix + ./networkmanager.nix + ]; } diff --git a/roles/desktop/services/flatpak.nix b/roles/desktop/services/flatpak.nix index 20903f8..775bf53 100644 --- a/roles/desktop/services/flatpak.nix +++ b/roles/desktop/services/flatpak.nix @@ -1,19 +1,22 @@ -{ config, pkgs, flakeSelf, ... }: - { - services.flatpak.enable = true; + config, + pkgs, + flakeSelf, + ... +}: { + services.flatpak.enable = true; - home-manager = { - sharedModules = [{ imports = [ flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak ]; }]; - users.toast = { - services.flatpak = { - packages = [ "tv.plex.PlexDesktop" ]; - uninstallUnmanagedPackages = true; - update.auto = { - enable = true; - onCalendar = "weekly"; - }; - }; - }; - }; + home-manager = { + sharedModules = [{imports = [flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak];}]; + users.toast = { + services.flatpak = { + packages = ["tv.plex.PlexDesktop"]; + uninstallUnmanagedPackages = true; + update.auto = { + enable = true; + onCalendar = "weekly"; + }; + }; + }; + }; } diff --git a/roles/desktop/services/networkmanager.nix b/roles/desktop/services/networkmanager.nix index 7a64922..d56c81b 100644 --- a/roles/desktop/services/networkmanager.nix +++ b/roles/desktop/services/networkmanager.nix @@ -1,10 +1,6 @@ -{ config, ... }: - -let +{config, ...}: let tailscaleName = config.services.tailscale.interfaceName; -in - -{ +in { networking.networkmanager = { enable = true; unmanaged = [ diff --git a/roles/desktop/services/pipewire.nix b/roles/desktop/services/pipewire.nix index d064adb..c25506f 100644 --- a/roles/desktop/services/pipewire.nix +++ b/roles/desktop/services/pipewire.nix @@ -1,11 +1,9 @@ -{ config, ... }: +{config, ...}: { + services.pipewire = { + enable = true; + pulse.enable = true; + }; -{ - services.pipewire = { - enable = true; - pulse.enable = true; - }; - - # This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters - security.rtkit.enable = true; + # This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters + security.rtkit.enable = true; } diff --git a/roles/desktop/services/printing.nix b/roles/desktop/services/printing.nix index f32c58f..faa6c14 100644 --- a/roles/desktop/services/printing.nix +++ b/roles/desktop/services/printing.nix @@ -1,9 +1,7 @@ -{ config, ... }: - -{ - services.printing = { - enable = true; - startWhenNeeded = true; - stateless = true; - }; +{config, ...}: { + services.printing = { + enable = true; + startWhenNeeded = true; + stateless = true; + }; } diff --git a/roles/desktop/services/ssh-agent.nix b/roles/desktop/services/ssh-agent.nix index 31b9f73..a2de598 100644 --- a/roles/desktop/services/ssh-agent.nix +++ b/roles/desktop/services/ssh-agent.nix @@ -1,21 +1,23 @@ -{ config, pkgs, ... }: - { - programs.ssh.startAgent = true; - /* - Home assistant added an option that does this - https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94 - but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one - */ - /* - TODO: fix SSH_AUTH_SOCK not being set in Plasma - Turns out the NixOS module also has issues :3 - The env is set but only in bash, not in the DE, so - keepass can't pick it up. For now I'll just set it manually - */ - home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = '' - if [[ -z "$SSH_AUTH_SOCK" ]]; then - export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent - fi - ''; + config, + pkgs, + ... +}: { + programs.ssh.startAgent = true; + /* + Home assistant added an option that does this + https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94 + but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one + */ + /* + TODO: fix SSH_AUTH_SOCK not being set in Plasma + Turns out the NixOS module also has issues :3 + The env is set but only in bash, not in the DE, so + keepass can't pick it up. For now I'll just set it manually + */ + home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = '' + if [[ -z "$SSH_AUTH_SOCK" ]]; then + export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent + fi + ''; } diff --git a/roles/desktop/services/syncthing.nix b/roles/desktop/services/syncthing.nix index 84dc962..ba2ca9f 100644 --- a/roles/desktop/services/syncthing.nix +++ b/roles/desktop/services/syncthing.nix @@ -1,25 +1,23 @@ -{ config, ... }: - -{ - services.syncthing = { - enable = true; - user = "toast"; - group = "users"; - dataDir = config.users.users.toast.home; - settings.folders."passwords".path = "~/Documents/Passwords"; - }; - # Allow regular users to stop syncthing - # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "syncthing.service" && - subject.user == "${config.services.syncthing.user}" - ) - { - return polkit.Result.YES; - } - }) - ''; +{config, ...}: { + services.syncthing = { + enable = true; + user = "toast"; + group = "users"; + dataDir = config.users.users.toast.home; + settings.folders."passwords".path = "~/Documents/Passwords"; + }; + # Allow regular users to stop syncthing + # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "syncthing.service" && + subject.user == "${config.services.syncthing.user}" + ) + { + return polkit.Result.YES; + } + }) + ''; } diff --git a/roles/gaming/default.nix b/roles/gaming/default.nix index cccac83..2d8f4ab 100644 --- a/roles/gaming/default.nix +++ b/roles/gaming/default.nix @@ -1,8 +1,6 @@ -{ ... }: - -{ - imports = [ - ./programs - ./services - ]; +{...}: { + imports = [ + ./programs + ./services + ]; } diff --git a/roles/gaming/programs/default.nix b/roles/gaming/programs/default.nix index 8e5776f..a81bba7 100755 --- a/roles/gaming/programs/default.nix +++ b/roles/gaming/programs/default.nix @@ -1,14 +1,16 @@ -{ config, pkgs, ... }: - { - imports = [ - ./steam.nix - ./mangohud.nix - ./rpcs3.nix - ./retroarch.nix - ]; - environment.systemPackages = with pkgs; [ - heroic - prismlauncher-qt5 - ]; + config, + pkgs, + ... +}: { + imports = [ + ./steam.nix + ./mangohud.nix + ./rpcs3.nix + ./retroarch.nix + ]; + environment.systemPackages = with pkgs; [ + heroic + prismlauncher-qt5 + ]; } diff --git a/roles/gaming/programs/mangohud.nix b/roles/gaming/programs/mangohud.nix index fe418d4..41db63d 100644 --- a/roles/gaming/programs/mangohud.nix +++ b/roles/gaming/programs/mangohud.nix @@ -1,16 +1,13 @@ -{ config, ... }: - -{ - home-manager.users.toast = { config, ... }: - { - programs.mangohud = { - enable = true; - # This only works for Vulkan, openGL programs still need the mangohud wrapper - enableSessionWide = true; - settings = { - preset = 4; - no_display = true; - }; - }; - }; +{config, ...}: { + home-manager.users.toast = {config, ...}: { + programs.mangohud = { + enable = true; + # This only works for Vulkan, openGL programs still need the mangohud wrapper + enableSessionWide = true; + settings = { + preset = 4; + no_display = true; + }; + }; + }; } diff --git a/roles/gaming/programs/retroarch.nix b/roles/gaming/programs/retroarch.nix index 5f47ca2..3088ab2 100644 --- a/roles/gaming/programs/retroarch.nix +++ b/roles/gaming/programs/retroarch.nix @@ -1,79 +1,79 @@ -{ pkgs, ... }: -let +{pkgs, ...}: let snes-roms = [ # ActRaiser - ( pkgs.fetchzip { + (pkgs.fetchzip { url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/ActRaiser%20%28USA%29.zip"; hash = "sha256-yxIL5Pqlp8xsx7wvNO1MlB8ffDjS0xpE+yrEfMj61As="; - } ) + }) # Kirby Super Star - ( pkgs.fetchzip { + (pkgs.fetchzip { url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Kirby%20Super%20Star%20%28USA%29.zip"; hash = "sha256-NX5OjCthf4ZiAhamclRBRk8GiMjZX3JLeShm8sQdDfc="; - } ) + }) # Super Mario Kart - ( pkgs.fetchzip { + (pkgs.fetchzip { url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Super%20Mario%20Kart%20%28USA%29.zip"; hash = "sha256-RLBxPBmBrXCuPdnWE07KamBNgGJ5IntQVUPeij+2HUI="; - } ) + }) ]; -in -{ +in { home-manager.users.toast = { home = { - packages = [( - pkgs.retroarch.override { - cores = with pkgs.libretro; [ - snes9x - ]; - settings = { - video_driver = "vulkan"; - video_fullscreen = "true"; - menu_swap_ok_cancel_buttons = "true"; - input_joypad_driver = "sdl2"; - # Enable touchscreen support - menu_pointer_enable = "true"; + packages = [ + ( + pkgs.retroarch.override { + cores = with pkgs.libretro; [ + snes9x + ]; + settings = { + video_driver = "vulkan"; + video_fullscreen = "true"; + menu_swap_ok_cancel_buttons = "true"; + input_joypad_driver = "sdl2"; + # Enable touchscreen support + menu_pointer_enable = "true"; - # Folder stuffs + # Folder stuffs - # System/BIOS files - system_directory = "~/.local/share/retroarch/system"; - # Downloads - core_assets_directory = "~/.local/share/retroarch/downloads"; - thumbnails_directory = "~/.local/share/retroarch/thumbnails"; - content_database_path = "~/.local/share/retroarch/database/rdb"; - cheat_database_path = "~/.local/share/retroarch/cheats"; - video_filter_dir = "~/.local/share/retroarch/filters/video"; - audio_filter_dir = "~/.local/share/retroarch/filters/audio"; - video_shader_dir = "~/.local/share/retroarch/shaders"; - recording_output_directory = "~/.local/share/retroarch/records"; - overlay_directory = "~/.local/share/retroarch/overlays"; - osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards"; - screenshot_directory = "~/.local/share/retroarch/screenshots"; - playlist_directory = "~/.local/share/retroarch/playlists"; - savefile_directory = "~/.local/share/retroarch/saves"; - savestate_directory = "~/.local/share/retroarch/states"; - log_dir = "~/.local/share/retroarch/logs"; + # System/BIOS files + system_directory = "~/.local/share/retroarch/system"; + # Downloads + core_assets_directory = "~/.local/share/retroarch/downloads"; + thumbnails_directory = "~/.local/share/retroarch/thumbnails"; + content_database_path = "~/.local/share/retroarch/database/rdb"; + cheat_database_path = "~/.local/share/retroarch/cheats"; + video_filter_dir = "~/.local/share/retroarch/filters/video"; + audio_filter_dir = "~/.local/share/retroarch/filters/audio"; + video_shader_dir = "~/.local/share/retroarch/shaders"; + recording_output_directory = "~/.local/share/retroarch/records"; + overlay_directory = "~/.local/share/retroarch/overlays"; + osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards"; + screenshot_directory = "~/.local/share/retroarch/screenshots"; + playlist_directory = "~/.local/share/retroarch/playlists"; + savefile_directory = "~/.local/share/retroarch/saves"; + savestate_directory = "~/.local/share/retroarch/states"; + log_dir = "~/.local/share/retroarch/logs"; - # By default settings has some things that this overrides, so I need to set them myself - libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores"; - joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig"; - assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets"; - }; - } - )]; + # By default settings has some things that this overrides, so I need to set them myself + libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores"; + joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig"; + assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets"; + }; + } + ) + ]; file."Games/Roms/SNES/" = { onChange = '' ${pkgs.retroarch}/bin/retroarch --scan "/home/toast/Games/Roms/SNES" ''; source = pkgs.symlinkJoin { name = "snes-roms"; - paths = [ snes-roms ]; + paths = [snes-roms]; }; }; }; # Retroarch is dumb since it doesn't generate some folders (but it does for others) - systemd.user.tmpfiles.rules = [ + systemd.user.tmpfiles.rules = [ "d /%h/.local/share/retroarch/playlists" "d /%h/.local/share/retroarch/saves" "d /%h/.local/share/retroarch/states" @@ -85,7 +85,7 @@ in "retroarch" = { label = "RetroArch"; id = "jxuou-2yjnu"; - devices = [ "steamdeck" "server" "pc" "winmax2" ]; + devices = ["steamdeck" "server" "pc" "winmax2"]; path = "~/.local/share/retroarch"; }; }; diff --git a/roles/gaming/programs/rpcs3.nix b/roles/gaming/programs/rpcs3.nix index 97d3279..bb7f908 100644 --- a/roles/gaming/programs/rpcs3.nix +++ b/roles/gaming/programs/rpcs3.nix @@ -1,20 +1,24 @@ -{ config, pkgs, ... }: - { - environment.systemPackages = with config; [ - nur.repos.ataraxiasjel.rpcs3 - ]; - # Compiling RPCS3 takes quite a while - nix.settings = { - substituters = [ "https://ataraxiadev-foss.cachix.org" ]; - trusted-public-keys = [ "ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058=" ]; - }; + config, + pkgs, + ... +}: { + environment.systemPackages = with config; [ + nur.repos.ataraxiasjel.rpcs3 + ]; + # Compiling RPCS3 takes quite a while + nix.settings = { + substituters = ["https://ataraxiadev-foss.cachix.org"]; + trusted-public-keys = ["ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058="]; + }; - # Increase the memory lock limit - security.pam.loginLimits = [{ - domain = "*"; - item = "memlock"; - type = "-"; # Applies to both hard and soft limits - value = "unlimited"; - }]; + # Increase the memory lock limit + security.pam.loginLimits = [ + { + domain = "*"; + item = "memlock"; + type = "-"; # Applies to both hard and soft limits + value = "unlimited"; + } + ]; } diff --git a/roles/gaming/programs/steam.nix b/roles/gaming/programs/steam.nix index 321633c..baf9b11 100644 --- a/roles/gaming/programs/steam.nix +++ b/roles/gaming/programs/steam.nix @@ -1,21 +1,26 @@ - { config, pkgs, ... }: - { - programs.steam = { - enable = true; - # Doubt that I'll use it, but I'll enable it anyways - remotePlay.openFirewall = true; + config, + pkgs, + ... +}: { + programs.steam = { + enable = true; + # Doubt that I'll use it, but I'll enable it anyways + remotePlay.openFirewall = true; - extraCompatPackages = with pkgs; [ - proton-ge-bin - ]; - }; + extraCompatPackages = with pkgs; [ + proton-ge-bin + ]; + }; - # Some linux native games (rise of the tomb raider) use alsa for sound - services.pipewire.alsa.enable = if config.services.pipewire.pulse.enable == true then true else false; + # Some linux native games (rise of the tomb raider) use alsa for sound + services.pipewire.alsa.enable = + if config.services.pipewire.pulse.enable == true + then true + else false; - # Celeste mod manager - home-manager.users.toast.services.flatpak.packages = [ - "io.github.everestapi.Olympus" - ]; + # Celeste mod manager + home-manager.users.toast.services.flatpak.packages = [ + "io.github.everestapi.Olympus" + ]; } diff --git a/roles/gaming/services/default.nix b/roles/gaming/services/default.nix index 69a706a..24b067d 100644 --- a/roles/gaming/services/default.nix +++ b/roles/gaming/services/default.nix @@ -1,7 +1,5 @@ -{ ... }: - -{ - imports = [ - ./syncthing.nix - ]; +{...}: { + imports = [ + ./syncthing.nix + ]; } diff --git a/roles/gaming/services/syncthing.nix b/roles/gaming/services/syncthing.nix index ed786b6..c9749c6 100644 --- a/roles/gaming/services/syncthing.nix +++ b/roles/gaming/services/syncthing.nix @@ -1,21 +1,19 @@ -{ config, ... }: +{config, ...}: { + /* + This file will sync saves for games that don't have cloud saves + TODO: turn this into a module eventually + */ -{ - /* - This file will sync saves for games that don't have cloud saves - TODO: turn this into a module eventually - */ - - services.syncthing.settings.folders = { - "steam-201810" = { - label = "Wolfenstein The New Order Saves"; - id = "laxxf-t2wmy"; - devices = [ "steamdeck" "server" "pc" ]; - path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/"; - }; - }; - home-manager.users.toast.home.file."steam-201810-ignore" = { - target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore"; - text = "base/qconsole.log\nbase/wolfConfig.cfg"; - }; + services.syncthing.settings.folders = { + "steam-201810" = { + label = "Wolfenstein The New Order Saves"; + id = "laxxf-t2wmy"; + devices = ["steamdeck" "server" "pc"]; + path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/"; + }; + }; + home-manager.users.toast.home.file."steam-201810-ignore" = { + target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore"; + text = "base/qconsole.log\nbase/wolfConfig.cfg"; + }; } diff --git a/roles/kde/default.nix b/roles/kde/default.nix index 9aaf999..363920a 100755 --- a/roles/kde/default.nix +++ b/roles/kde/default.nix @@ -1,9 +1,7 @@ -{ ... }: - -{ - imports = [ - ./plasma.nix - ./sddm.nix - ./programs - ]; +{...}: { + imports = [ + ./plasma.nix + ./sddm.nix + ./programs + ]; } diff --git a/roles/kde/plasma.nix b/roles/kde/plasma.nix index 45f154f..6cd8e09 100644 --- a/roles/kde/plasma.nix +++ b/roles/kde/plasma.nix @@ -1,158 +1,172 @@ -{ config, pkgs, lib, flakeSelf, ... }: - -let - # Set up the default kde options - balooExcludedDirs = lib.strings.intersperse "," [ - "$HOME/.cache/" - "$HOME/.config/" - "$HOME/.local/" - ]; - - baloofilerc = lib.generators.toINI {} { - General = { - # The [$e] part allows you to use environment variables - "exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs; - }; - }; - - # Make custom packages - breezeTint = pkgs.stdenv.mkDerivation { - name = "breeze-tint"; - src = "${pkgs.breeze-qt5}"; - patches = [ ./patches/BreezeTint.patch ]; - installPhase = '' - runHook preInstall - - mkdir -p $out/share/color-schemes/ - cp -r share/color-schemes/* $out/share/color-schemes/ - - runHook postInstall - ''; - }; - - # /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package - plasmaDefaults = pkgs.stdenv.mkDerivation { - name = "toast-plasma-defaults"; - dontUnpack = true; - installPhase = '' - runHook preInstall - - set -x - mkdir -p $out/etc/xdg - echo '${baloofilerc}' > $out/etc/xdg/baloofilerc - - runHook postInstall - ''; - }; - -in - { - services.xserver = { - # Enable the Plasma 5 Desktop Environment - desktopManager.plasma5.enable = true; - displayManager.defaultSession = "plasmawayland"; - }; + config, + pkgs, + lib, + flakeSelf, + ... +}: let + # Set up the default kde options + balooExcludedDirs = lib.strings.intersperse "," [ + "$HOME/.cache/" + "$HOME/.config/" + "$HOME/.local/" + ]; - qt.enable = true; + baloofilerc = lib.generators.toINI {} { + General = { + # The [$e] part allows you to use environment variables + "exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs; + }; + }; - # GTK apps need dconf to grab the correct theme on Wayland - programs.dconf.enable = true; + # Make custom packages + breezeTint = pkgs.stdenv.mkDerivation { + name = "breeze-tint"; + src = "${pkgs.breeze-qt5}"; + patches = [./patches/BreezeTint.patch]; + installPhase = '' + runHook preInstall - # Install the patched Breeze color schemes as well as the plasma default configs - environment.systemPackages = [ breezeTint plasmaDefaults ]; + mkdir -p $out/share/color-schemes/ + cp -r share/color-schemes/* $out/share/color-schemes/ - # Plasma configs should be on all users - home-manager.sharedModules = [ - ( - { config, ... }: - let gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc"; in - { - gtk.gtk2.configLocation = gtk2rc; - # Kde has an annoying habit of overwriting the gtk2 config file - home.file."${gtk2rc}".force = true; - } - ) - { - imports = [ flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager ]; - gtk = { - enable = true; - # Most apps are dark, so a white cursor is easier to spot - cursorTheme = { package = pkgs.breeze-qt5; name = "Breeze_Snow"; }; - iconTheme = { package = pkgs.breeze-icons; name = "breeze-dark"; }; - theme = { package = pkgs.breeze-gtk; name = "Breeze"; }; - # Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant - gtk3.extraConfig.gtk-application-prefer-dark-theme = true; - gtk4.extraConfig.gtk-application-prefer-dark-theme = true; - }; - home.packages = [( - pkgs.catppuccin-kde.override { - flavour = [ "mocha" ]; - accents = [ "mauve" ]; - winDecStyles = [ "classic" ]; - } - )]; - programs.plasma = { - enable = true; - overrideConfig = true; - # Delete config files that I fully configure here - overrideConfigFiles = [ - "plasmashellrc" - "plasma-org.kde.plasma.desktop-appletsrc" - ]; - workspace = { - clickItemTo = "select"; - cursorTheme = "Breeze_Snow"; - iconTheme = "breeze-dark"; - lookAndFeel = "Catppuccin-Mocha-Mauve"; - theme = "default"; - colorScheme = "CatppuccinMochaMauve"; - }; - kwin = { - titlebarButtons = { - left = [ "on-all-desktops" "keep-above-windows" ]; - right = [ "minimize" "maximize" "close" ]; - }; - }; - panels = [{ - location = "bottom"; - height = 44; - widgets = [ - { - name = "org.kde.plasma.kickoff"; - config.General.icon = "nix-snowflake-white"; - } - "org.kde.plasma.pager" - "org.kde.plasma.icontasks" - "org.kde.plasma.marginsseparator" - "org.kde.plasma.systemtray" - { - name = "org.kde.plasma.digitalclock"; - config.Appearance.showSeconds = "true"; - } - "org.kde.plasma.showdesktop" - ]; - }]; - shortcuts = { - "kwin" = { - "Switch One Desktop to the Left" = [ "Meta+Ctrl+Left" ]; - "Switch One Desktop to the Right" = [ "Meta+Ctrl+Right" ]; - }; - }; - configFile = { - "kwinrc" = { - "org\\.kde\\.kdecoration2"."BorderSize" = "None"; - "Desktops" = { - "Number" = 2; - "Rows" = 1; - }; - "TabBox"."LayoutName" = "thumbnail_grid"; - }; - "kdeglobals"."General"."AccentColor" = null; - "auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0; - "plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true; - }; - }; - } - ]; + runHook postInstall + ''; + }; + + # /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package + plasmaDefaults = pkgs.stdenv.mkDerivation { + name = "toast-plasma-defaults"; + dontUnpack = true; + installPhase = '' + runHook preInstall + + set -x + mkdir -p $out/etc/xdg + echo '${baloofilerc}' > $out/etc/xdg/baloofilerc + + runHook postInstall + ''; + }; +in { + services.xserver = { + # Enable the Plasma 5 Desktop Environment + desktopManager.plasma5.enable = true; + displayManager.defaultSession = "plasmawayland"; + }; + + qt.enable = true; + + # GTK apps need dconf to grab the correct theme on Wayland + programs.dconf.enable = true; + + # Install the patched Breeze color schemes as well as the plasma default configs + environment.systemPackages = [breezeTint plasmaDefaults]; + + # Plasma configs should be on all users + home-manager.sharedModules = [ + ( + {config, ...}: let + gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc"; + in { + gtk.gtk2.configLocation = gtk2rc; + # Kde has an annoying habit of overwriting the gtk2 config file + home.file."${gtk2rc}".force = true; + } + ) + { + imports = [flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager]; + gtk = { + enable = true; + # Most apps are dark, so a white cursor is easier to spot + cursorTheme = { + package = pkgs.breeze-qt5; + name = "Breeze_Snow"; + }; + iconTheme = { + package = pkgs.breeze-icons; + name = "breeze-dark"; + }; + theme = { + package = pkgs.breeze-gtk; + name = "Breeze"; + }; + # Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant + gtk3.extraConfig.gtk-application-prefer-dark-theme = true; + gtk4.extraConfig.gtk-application-prefer-dark-theme = true; + }; + home.packages = [ + ( + pkgs.catppuccin-kde.override { + flavour = ["mocha"]; + accents = ["mauve"]; + winDecStyles = ["classic"]; + } + ) + ]; + programs.plasma = { + enable = true; + overrideConfig = true; + # Delete config files that I fully configure here + overrideConfigFiles = [ + "plasmashellrc" + "plasma-org.kde.plasma.desktop-appletsrc" + ]; + workspace = { + clickItemTo = "select"; + cursorTheme = "Breeze_Snow"; + iconTheme = "breeze-dark"; + lookAndFeel = "Catppuccin-Mocha-Mauve"; + theme = "default"; + colorScheme = "CatppuccinMochaMauve"; + }; + kwin = { + titlebarButtons = { + left = ["on-all-desktops" "keep-above-windows"]; + right = ["minimize" "maximize" "close"]; + }; + }; + panels = [ + { + location = "bottom"; + height = 44; + widgets = [ + { + name = "org.kde.plasma.kickoff"; + config.General.icon = "nix-snowflake-white"; + } + "org.kde.plasma.pager" + "org.kde.plasma.icontasks" + "org.kde.plasma.marginsseparator" + "org.kde.plasma.systemtray" + { + name = "org.kde.plasma.digitalclock"; + config.Appearance.showSeconds = "true"; + } + "org.kde.plasma.showdesktop" + ]; + } + ]; + shortcuts = { + "kwin" = { + "Switch One Desktop to the Left" = ["Meta+Ctrl+Left"]; + "Switch One Desktop to the Right" = ["Meta+Ctrl+Right"]; + }; + }; + configFile = { + "kwinrc" = { + "org\\.kde\\.kdecoration2"."BorderSize" = "None"; + "Desktops" = { + "Number" = 2; + "Rows" = 1; + }; + "TabBox"."LayoutName" = "thumbnail_grid"; + }; + "kdeglobals"."General"."AccentColor" = null; + "auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0; + "plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true; + }; + }; + } + ]; } diff --git a/roles/kde/programs/default.nix b/roles/kde/programs/default.nix index b39dcfc..21f09ba 100644 --- a/roles/kde/programs/default.nix +++ b/roles/kde/programs/default.nix @@ -1,15 +1,13 @@ -{ config, ... }: +{config, ...}: { + imports = [ + ./kate.nix + ./firefox.nix + ./skanpage.nix + ./neochat.nix + ./konsole.nix + ./git.nix + ]; -{ - imports = [ - ./kate.nix - ./firefox.nix - ./skanpage.nix - ./neochat.nix - ./konsole.nix - ./git.nix - ]; - - # Enable the kde partition manager - programs.partition-manager.enable = true; + # Enable the kde partition manager + programs.partition-manager.enable = true; } diff --git a/roles/kde/programs/firefox.nix b/roles/kde/programs/firefox.nix index 9892650..14eab1a 100644 --- a/roles/kde/programs/firefox.nix +++ b/roles/kde/programs/firefox.nix @@ -1,32 +1,34 @@ -{ config, pkgs, ... }: - { - # KDE specific firefox settings - programs.firefox = { - policies = { - "ExtensionSettings" = { - # TODO: Install extensions the NUR instead of from AMO - "plasma-browser-integration@kde.org" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; - }; - }; - "Preferences" = { - # Make firefox use the kde file picker - "widget.use-xdg-desktop-portal.file-picker" = { - "Value" = 1; - "Status" = "default"; - }; - /* - https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, - but strangely enough doing so makes firefox ask to be set as the default browser - every time you start it up, so I'll disable it - */ - "widget.use-xdg-desktop-portal.mime-handler" = { - "Value" = 0; - "Status" = "default"; - }; - }; - }; - }; + config, + pkgs, + ... +}: { + # KDE specific firefox settings + programs.firefox = { + policies = { + "ExtensionSettings" = { + # TODO: Install extensions the NUR instead of from AMO + "plasma-browser-integration@kde.org" = { + "installation_mode" = "normal_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; + }; + }; + "Preferences" = { + # Make firefox use the kde file picker + "widget.use-xdg-desktop-portal.file-picker" = { + "Value" = 1; + "Status" = "default"; + }; + /* + https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, + but strangely enough doing so makes firefox ask to be set as the default browser + every time you start it up, so I'll disable it + */ + "widget.use-xdg-desktop-portal.mime-handler" = { + "Value" = 0; + "Status" = "default"; + }; + }; + }; + }; } diff --git a/roles/kde/programs/git.nix b/roles/kde/programs/git.nix index 9d1c045..59a3924 100644 --- a/roles/kde/programs/git.nix +++ b/roles/kde/programs/git.nix @@ -1,6 +1,8 @@ -{ pkgs, lib, ... }: - { + pkgs, + lib, + ... +}: { home-manager.users.toast = { programs.git = { extraConfig = { diff --git a/roles/kde/programs/kate.nix b/roles/kde/programs/kate.nix index 9379ba5..9151416 100644 --- a/roles/kde/programs/kate.nix +++ b/roles/kde/programs/kate.nix @@ -1,10 +1,12 @@ -{ config, pkgs, ... }: - { - environment.systemPackages = [ pkgs.kate ]; + config, + pkgs, + ... +}: { + environment.systemPackages = [pkgs.kate]; - # Use kwrite to open text files, and kate if I'm developing stuff - xdg.mime.defaultApplications = { - "text/plain" = "org.kde.kwrite.desktop"; - }; + # Use kwrite to open text files, and kate if I'm developing stuff + xdg.mime.defaultApplications = { + "text/plain" = "org.kde.kwrite.desktop"; + }; } diff --git a/roles/kde/programs/konsole.nix b/roles/kde/programs/konsole.nix index 0dfdf57..709903a 100644 --- a/roles/kde/programs/konsole.nix +++ b/roles/kde/programs/konsole.nix @@ -1,17 +1,17 @@ -{ pkgs, ... }: -let - catppuccinKonsole = pkgs.fetchFromGitHub { - owner = "catppuccin"; - repo = "konsole"; - # Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca - rev = "main"; - hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM="; - } + /Catppuccin-Mocha.colorscheme; -in -{ +{pkgs, ...}: let + catppuccinKonsole = + pkgs.fetchFromGitHub { + owner = "catppuccin"; + repo = "konsole"; + # Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca + rev = "main"; + hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM="; + } + + /Catppuccin-Mocha.colorscheme; +in { home-manager.users.toast = { xdg.dataFile = { "konsole/Catppuccin-Mocha.colorscheme".source = catppuccinKonsole; }; }; -} \ No newline at end of file +} diff --git a/roles/kde/programs/neochat.nix b/roles/kde/programs/neochat.nix index f2009b3..0e666d4 100644 --- a/roles/kde/programs/neochat.nix +++ b/roles/kde/programs/neochat.nix @@ -1,7 +1,5 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home-manager.users.toast = { - home.packages = [ pkgs.neochat ]; + home.packages = [pkgs.neochat]; }; -} \ No newline at end of file +} diff --git a/roles/kde/programs/skanpage.nix b/roles/kde/programs/skanpage.nix index 508a7da..08ed4e4 100644 --- a/roles/kde/programs/skanpage.nix +++ b/roles/kde/programs/skanpage.nix @@ -1,9 +1,12 @@ -{ config, lib, pkgs, ... }: - { - # Only install skanpage if scanning is set up - config = lib.mkIf config.hardware.sane.enable { - environment.systemPackages = [ pkgs.skanpage ]; - }; -# environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else []; + config, + lib, + pkgs, + ... +}: { + # Only install skanpage if scanning is set up + config = lib.mkIf config.hardware.sane.enable { + environment.systemPackages = [pkgs.skanpage]; + }; + # environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else []; } diff --git a/roles/kde/sddm.nix b/roles/kde/sddm.nix index 3fedc02..8fd3b6a 100644 --- a/roles/kde/sddm.nix +++ b/roles/kde/sddm.nix @@ -1,56 +1,56 @@ -{ config, pkgs, ... }: - -let - currentTheme = config.services.xserver.displayManager.sddm.theme; - - sddm-sugar-candy = pkgs.stdenv.mkDerivation { - pname = "sddm-sugar-candy"; - version = "master"; - src = pkgs.fetchgit { - url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git"; - hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU="; - }; - installPhase = '' - runHook preInstall - - mkdir -p $out/share/sddm/themes/sugar-candy - cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy - - runHook postInstall - ''; - }; - - /* - Adds a theme.conf.user file to the current sddm theme's folder, - allowing you to change it's configuration without needing to - repackage it - */ - customcfg = pkgs.stdenv.mkDerivation { - name = "sddm-theme-customizer"; - dontUnpack = true; - # TODO: generate theme.conf.user outside of installPhase - installPhase = '' - runHook preInstall - - mkdir -p $out/share/sddm/themes/${currentTheme}/ - echo "[General] - background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user - - runHook postInstall - ''; - }; -in - { - # Enable SDDM. - services.xserver.displayManager.sddm = { - enable = true; - theme = "sugar-candy"; - settings = { - General = { Numlock = "on"; }; - Theme = { CursorTheme = "Breeze_Snow"; }; - }; - }; + config, + pkgs, + ... +}: let + currentTheme = config.services.xserver.displayManager.sddm.theme; - environment.systemPackages = [ sddm-sugar-candy customcfg ]; + sddm-sugar-candy = pkgs.stdenv.mkDerivation { + pname = "sddm-sugar-candy"; + version = "master"; + src = pkgs.fetchgit { + url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git"; + hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU="; + }; + installPhase = '' + runHook preInstall + + mkdir -p $out/share/sddm/themes/sugar-candy + cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy + + runHook postInstall + ''; + }; + + /* + Adds a theme.conf.user file to the current sddm theme's folder, + allowing you to change it's configuration without needing to + repackage it + */ + customcfg = pkgs.stdenv.mkDerivation { + name = "sddm-theme-customizer"; + dontUnpack = true; + # TODO: generate theme.conf.user outside of installPhase + installPhase = '' + runHook preInstall + + mkdir -p $out/share/sddm/themes/${currentTheme}/ + echo "[General] + background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user + + runHook postInstall + ''; + }; +in { + # Enable SDDM. + services.xserver.displayManager.sddm = { + enable = true; + theme = "sugar-candy"; + settings = { + General = {Numlock = "on";}; + Theme = {CursorTheme = "Breeze_Snow";}; + }; + }; + + environment.systemPackages = [sddm-sugar-candy customcfg]; } diff --git a/roles/school/default.nix b/roles/school/default.nix index cb3d38f..515d2d6 100644 --- a/roles/school/default.nix +++ b/roles/school/default.nix @@ -1,8 +1,6 @@ -{ ... }: - -{ - imports = [ - ./services - ./programs - ]; +{...}: { + imports = [ + ./services + ./programs + ]; } diff --git a/roles/school/programs/default.nix b/roles/school/programs/default.nix index 6bc4de6..cef6e88 100644 --- a/roles/school/programs/default.nix +++ b/roles/school/programs/default.nix @@ -1,15 +1,17 @@ - { config, pkgs, ... }: - { - imports = [ - ./virtualbox.nix - ./idea.nix - ./vscode.nix - ./helix.nix - ./unity.nix - ]; - - environment.systemPackages = with pkgs; [ - dia - ]; + config, + pkgs, + ... +}: { + imports = [ + ./virtualbox.nix + ./idea.nix + ./vscode.nix + ./helix.nix + ./unity.nix + ]; + + environment.systemPackages = with pkgs; [ + dia + ]; } diff --git a/roles/school/programs/helix.nix b/roles/school/programs/helix.nix index f28b348..f26c5d0 100644 --- a/roles/school/programs/helix.nix +++ b/roles/school/programs/helix.nix @@ -1,7 +1,4 @@ - -{ pkgs, ... }: - -{ +{pkgs, ...}: { home-manager.users.toast = { programs.helix = { extraPackages = with pkgs; [ diff --git a/roles/school/programs/idea.nix b/roles/school/programs/idea.nix index ea3b5de..a13dd63 100644 --- a/roles/school/programs/idea.nix +++ b/roles/school/programs/idea.nix @@ -1,33 +1,35 @@ -{ config, pkgs, ... }: - -with pkgs; { - environment.systemPackages = with jetbrains; [ - idea-ultimate - ]; + config, + pkgs, + ... +}: +with pkgs; { + environment.systemPackages = with jetbrains; [ + idea-ultimate + ]; - home-manager.users.toast = { - # Install plugins - home.file = { - ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl { - url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar"; - hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE="; - }; - ".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip { - url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip"; - hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s="; - }; - ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl { - url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar"; - hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY="; - }; - }; + home-manager.users.toast = { + # Install plugins + home.file = { + ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl { + url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar"; + hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE="; + }; + ".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip { + url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip"; + hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s="; + }; + ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl { + url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar"; + hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY="; + }; + }; - /* - If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal - This adds the jdks I want to use to a directory intellij expects jdks to be - */ - home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk"; - home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk"; - }; + /* + If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal + This adds the jdks I want to use to a directory intellij expects jdks to be + */ + home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk"; + home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk"; + }; } diff --git a/roles/school/programs/unity.nix b/roles/school/programs/unity.nix index 0a5d1a3..88943e1 100644 --- a/roles/school/programs/unity.nix +++ b/roles/school/programs/unity.nix @@ -1,9 +1,9 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home-manager.users.toast = { - home.packages = [( - pkgs.unityhub - )]; + home.packages = [ + ( + pkgs.unityhub + ) + ]; }; } diff --git a/roles/school/programs/virtualbox.nix b/roles/school/programs/virtualbox.nix index 08f95b1..0e88135 100644 --- a/roles/school/programs/virtualbox.nix +++ b/roles/school/programs/virtualbox.nix @@ -1,15 +1,15 @@ -{ config, ... }: - -{ - # Need to use visual studio 2019 :( - virtualisation.virtualbox.host = { - enable = true; - }; - home-manager.sharedModules = [{ - systemd.user.tmpfiles.rules = [ - "d '/%h/VirtualBox VMs'" - "h '/%h/VirtualBox VMs' - - - - C " - ]; - }]; - users.users.toast.extraGroups = [ "vboxusers" ]; +{config, ...}: { + # Need to use visual studio 2019 :( + virtualisation.virtualbox.host = { + enable = true; + }; + home-manager.sharedModules = [ + { + systemd.user.tmpfiles.rules = [ + "d '/%h/VirtualBox VMs'" + "h '/%h/VirtualBox VMs' - - - - C " + ]; + } + ]; + users.users.toast.extraGroups = ["vboxusers"]; } diff --git a/roles/school/programs/vscode.nix b/roles/school/programs/vscode.nix index fa55360..331f5f5 100644 --- a/roles/school/programs/vscode.nix +++ b/roles/school/programs/vscode.nix @@ -1,18 +1,24 @@ -{ config, pkgs, lib, flakeSelf, ... }: -let inputs = flakeSelf.inputs; in { - home-manager.users.toast.programs.vscode = { - # The redhat xml extension needs an fhs environment - package = lib.mkForce pkgs.vscodium-fhs; - extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [ - open-vsx.redhat.vscode-xml - open-vsx.tomoki1207.pdf - open-vsx.ms-vscode.live-server - open-vsx.ecmel.vscode-html-css - open-vsx.angular.ng-template - ]; - userSettings = { - redhat.telemetry.enabled = false; - }; - }; + config, + pkgs, + lib, + flakeSelf, + ... +}: let + inputs = flakeSelf.inputs; +in { + home-manager.users.toast.programs.vscode = { + # The redhat xml extension needs an fhs environment + package = lib.mkForce pkgs.vscodium-fhs; + extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [ + open-vsx.redhat.vscode-xml + open-vsx.tomoki1207.pdf + open-vsx.ms-vscode.live-server + open-vsx.ecmel.vscode-html-css + open-vsx.angular.ng-template + ]; + userSettings = { + redhat.telemetry.enabled = false; + }; + }; } diff --git a/roles/school/services/default.nix b/roles/school/services/default.nix index 0fa68eb..350d7bd 100644 --- a/roles/school/services/default.nix +++ b/roles/school/services/default.nix @@ -1,10 +1,8 @@ -{ ... }: - -{ - imports = [ - ./syncthing.nix - ./mysql.nix - ./xampp.nix - ./mongodb.nix - ]; +{...}: { + imports = [ + ./syncthing.nix + ./mysql.nix + ./xampp.nix + ./mongodb.nix + ]; } diff --git a/roles/school/services/mongodb.nix b/roles/school/services/mongodb.nix index cb8cee1..75f7c7a 100644 --- a/roles/school/services/mongodb.nix +++ b/roles/school/services/mongodb.nix @@ -1,31 +1,34 @@ -{ config, pkgs, lib, ... }: - { - services.mongodb = { - enable = true; - package = pkgs.mongodb-4_4; - user = "toast"; - }; + config, + pkgs, + lib, + ... +}: { + services.mongodb = { + enable = true; + package = pkgs.mongodb-4_4; + user = "toast"; + }; - # Don't autostart MySQL - systemd.services.mongodb.wantedBy = lib.mkForce []; + # Don't autostart MySQL + systemd.services.mongodb.wantedBy = lib.mkForce []; - # Allow regular users to start/stop mongodb - # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "mongodb.service" && - subject.user == "${config.services.mongodb.user}" - ) - { - return polkit.Result.YES; - } - }) - ''; + # Allow regular users to start/stop mongodb + # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "mongodb.service" && + subject.user == "${config.services.mongodb.user}" + ) + { + return polkit.Result.YES; + } + }) + ''; - environment.systemPackages = with pkgs; [ - mongosh - ]; + environment.systemPackages = with pkgs; [ + mongosh + ]; } diff --git a/roles/school/services/mysql.nix b/roles/school/services/mysql.nix index c4e08e9..fbbd3f9 100644 --- a/roles/school/services/mysql.nix +++ b/roles/school/services/mysql.nix @@ -1,33 +1,36 @@ -{ config, pkgs, lib, ... }: - { - services.mysql = { - enable = true; - package = pkgs.mysql80; - user = "toast"; - group = "users"; - }; + config, + pkgs, + lib, + ... +}: { + services.mysql = { + enable = true; + package = pkgs.mysql80; + user = "toast"; + group = "users"; + }; - # Don't autostart MySQL - systemd.services.mysql.wantedBy = lib.mkForce []; + # Don't autostart MySQL + systemd.services.mysql.wantedBy = lib.mkForce []; - # Allow regular users to start/stop mysql - # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "mysql.service" && - subject.user == "${config.services.mysql.user}" - ) - { - return polkit.Result.YES; - } - }) - ''; + # Allow regular users to start/stop mysql + # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "mysql.service" && + subject.user == "${config.services.mysql.user}" + ) + { + return polkit.Result.YES; + } + }) + ''; - environment.systemPackages = with pkgs; [ - mysql-workbench - mycli - ]; + environment.systemPackages = with pkgs; [ + mysql-workbench + mycli + ]; } diff --git a/roles/school/services/syncthing.nix b/roles/school/services/syncthing.nix index a649b75..bb23f47 100644 --- a/roles/school/services/syncthing.nix +++ b/roles/school/services/syncthing.nix @@ -1,12 +1,10 @@ -{ config, ... }: - -{ - services.syncthing.settings.folders = { - "school-things" = { - label = "School things"; - id = "z6alc-nfoqr"; - devices = [ "steamdeck" "server" "pc" "winmax2" ]; - path = "~/Documents/School things"; - }; - }; +{config, ...}: { + services.syncthing.settings.folders = { + "school-things" = { + label = "School things"; + id = "z6alc-nfoqr"; + devices = ["steamdeck" "server" "pc" "winmax2"]; + path = "~/Documents/School things"; + }; + }; } diff --git a/roles/school/services/xampp.nix b/roles/school/services/xampp.nix index 99f65bf..22eed0d 100644 --- a/roles/school/services/xampp.nix +++ b/roles/school/services/xampp.nix @@ -1,36 +1,38 @@ -{ config, pkgs, ... }: -let - booDark = pkgs.fetchzip { - url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip"; - hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo="; - }; -in { - # I tried setting up httpd + php in class but I just gave up - virtualisation.oci-containers = { - containers."xampp" = { - autoStart = false; - image = "tomsik68/xampp"; - #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; - volumes = [ - "xampp-mysql:/opt/lampp/var/mysql" - # No dark mode installed by default :( - "${booDark}:/opt/lampp/phpmyadmin/themes/booDark" - ]; - ports = [ "41061:22" "41062:80" ]; - }; - }; + config, + pkgs, + ... +}: let + booDark = pkgs.fetchzip { + url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip"; + hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo="; + }; +in { + # I tried setting up httpd + php in class but I just gave up + virtualisation.oci-containers = { + containers."xampp" = { + autoStart = false; + image = "tomsik68/xampp"; + #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; + volumes = [ + "xampp-mysql:/opt/lampp/var/mysql" + # No dark mode installed by default :( + "${booDark}:/opt/lampp/phpmyadmin/themes/booDark" + ]; + ports = ["41061:22" "41062:80"]; + }; + }; - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "podman-xampp.service" && - subject.user == "toast" - ) - { - return polkit.Result.YES; - } - }) - ''; -} \ No newline at end of file + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "podman-xampp.service" && + subject.user == "toast" + ) + { + return polkit.Result.YES; + } + }) + ''; +} diff --git a/roles/server/avahi.nix b/roles/server/avahi.nix index 9302bb7..bfbb229 100755 --- a/roles/server/avahi.nix +++ b/roles/server/avahi.nix @@ -1,11 +1,9 @@ -{ config, ... }: - -{ - services.avahi = { - openFirewall = true; - publish = { - enable = true; - userServices = true; - }; - }; -} \ No newline at end of file +{config, ...}: { + services.avahi = { + openFirewall = true; + publish = { + enable = true; + userServices = true; + }; + }; +} diff --git a/roles/server/beep.nix b/roles/server/beep.nix index b454726..1758887 100755 --- a/roles/server/beep.nix +++ b/roles/server/beep.nix @@ -1,16 +1,20 @@ -{ config, pkgs, ... }: - { - # Beep as soon as possible in the initrd - boot.initrd = { - kernelModules = [ "pcspkr" ]; - extraFiles.beep.source = pkgs.beep; - postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2"; - }; - /*systemd.services.startupBeep = { - description = "Beep when system started booting"; - wantedBy = [ "sysinit.target" ]; - script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2"; - serviceConfig = { Type = "oneshot"; }; - };*/ + config, + pkgs, + ... +}: { + # Beep as soon as possible in the initrd + boot.initrd = { + kernelModules = ["pcspkr"]; + extraFiles.beep.source = pkgs.beep; + postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2"; + }; + /* + systemd.services.startupBeep = { + description = "Beep when system started booting"; + wantedBy = [ "sysinit.target" ]; + script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2"; + serviceConfig = { Type = "oneshot"; }; + }; + */ } diff --git a/roles/server/ddclient.nix b/roles/server/ddclient.nix index 5a88f7f..d747a30 100755 --- a/roles/server/ddclient.nix +++ b/roles/server/ddclient.nix @@ -1,20 +1,20 @@ -{ config, flakeSelf, ... }: - -let - hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; -in - { - # Set up secrets - age.secrets = { ddclient-passwd.file = hostSecrets + "/ddclient-password.age"; }; + config, + flakeSelf, + ... +}: let + hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; +in { + # Set up secrets + age.secrets = {ddclient-passwd.file = hostSecrets + "/ddclient-password.age";}; - services.ddclient = { - enable = true; - use = "web, web=dynamicdns.park-your-domain.com/getip"; - protocol = "namecheap"; - server = "dynamicdns.park-your-domain.com"; - username = "toast003.xyz"; - passwordFile = config.age.secrets.ddclient-passwd.path; - domains = [ "@" ]; - }; + services.ddclient = { + enable = true; + use = "web, web=dynamicdns.park-your-domain.com/getip"; + protocol = "namecheap"; + server = "dynamicdns.park-your-domain.com"; + username = "toast003.xyz"; + passwordFile = config.age.secrets.ddclient-passwd.path; + domains = ["@"]; + }; } diff --git a/roles/server/default.nix b/roles/server/default.nix index a52b02b..aa16bef 100755 --- a/roles/server/default.nix +++ b/roles/server/default.nix @@ -1,20 +1,18 @@ -{ ... }: - -{ - imports = [ - ./avahi.nix - ./nfs.nix - ./samba.nix - ./ssh.nix - ./forgejo.nix - ./syncthing.nix - ./endlessh.nix - ./transmission.nix - ./ddclient.nix - ./beep.nix - ./tailscale.nix - ./traefik.nix - ./minecraft.nix - ./dns.nix - ]; +{...}: { + imports = [ + ./avahi.nix + ./nfs.nix + ./samba.nix + ./ssh.nix + ./forgejo.nix + ./syncthing.nix + ./endlessh.nix + ./transmission.nix + ./ddclient.nix + ./beep.nix + ./tailscale.nix + ./traefik.nix + ./minecraft.nix + ./dns.nix + ]; } diff --git a/roles/server/dns.nix b/roles/server/dns.nix index 600dfc1..22c91de 100644 --- a/roles/server/dns.nix +++ b/roles/server/dns.nix @@ -1,22 +1,20 @@ -{ ... }: - -{ +{...}: { services.dnsmasq = { enable = true; - + # Only using this for tailscale IPs, so better to let tailscale itself deal with it resolveLocalQueries = false; - + settings = { - listen-address = [ "100.73.96.48" ]; - + listen-address = ["100.73.96.48"]; + /* Dnsmasq tries to use the tailscale dns server, which is bad cause that points to dnsmasq From the little testing I have done it seems to not cause any issues, but better to be safe than sorry :P */ dns-loop-detect = true; - + # If this isn't set a cname that targets a host might return the wrong ip localise-queries = true; ## IPv6 is not a thing in Spain so I'm guaranteed to not use it @@ -29,11 +27,11 @@ # Add tailscale hosts networking.hosts = { - "100.73.96.48" = [ "everest" ]; - "100.113.139.93" = [ "archie" ]; - "100.85.48.85" = [ "steamdeck" ]; - "100.96.92.13" = [ "surfecego" ]; - "100.106.73.20" = [ "winmax2" ]; + "100.73.96.48" = ["everest"]; + "100.113.139.93" = ["archie"]; + "100.85.48.85" = ["steamdeck"]; + "100.96.92.13" = ["surfecego"]; + "100.106.73.20" = ["winmax2"]; }; # Dnsmasq conflicts with the resolved dns stub listener diff --git a/roles/server/endlessh.nix b/roles/server/endlessh.nix index 6646d1e..6495f26 100755 --- a/roles/server/endlessh.nix +++ b/roles/server/endlessh.nix @@ -1,10 +1,8 @@ -{ config, ... }: - -{ - # I prefer using the go implementation - services.endlessh-go = { - enable = true; - openFirewall = true; - extraOptions = [ "-alsologtostderr" "-v=1"] ; - }; -} \ No newline at end of file +{config, ...}: { + # I prefer using the go implementation + services.endlessh-go = { + enable = true; + openFirewall = true; + extraOptions = ["-alsologtostderr" "-v=1"]; + }; +} diff --git a/roles/server/forgejo.nix b/roles/server/forgejo.nix index 7075395..b8f04c9 100644 --- a/roles/server/forgejo.nix +++ b/roles/server/forgejo.nix @@ -1,6 +1,8 @@ -{ config, lib, ... }: - { + config, + lib, + ... +}: { specialisation.forgejoEnableRegistration.configuration.services.forgejo.settings.service.DISABLE_REGISTRATION = false; services.forgejo = { enable = true; @@ -22,7 +24,7 @@ }; # Add a cname for forgejo - services.dnsmasq.settings.cname = [ "git.everest.sable-pancake.ts.net,everest" ]; + services.dnsmasq.settings.cname = ["git.everest.sable-pancake.ts.net,everest"]; # Set up traefik as the reverse proxy for Forgejo services.traefik = { @@ -35,7 +37,7 @@ }; }; services.forgejo.loadBalancer.servers = [ - { url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; } + {url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";} ]; }; }; diff --git a/roles/server/minecraft.nix b/roles/server/minecraft.nix index 50a01cc..5743b39 100644 --- a/roles/server/minecraft.nix +++ b/roles/server/minecraft.nix @@ -1,115 +1,116 @@ -{ config, pkgs, flakeSelf, ... }: -let - atfc = builtins.fetchurl { - url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download"; - sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x"; - }; - puffish_skills = builtins.fetchurl { - url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download"; - sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil"; - }; - spark = builtins.fetchurl { - url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download"; - sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x"; - }; - - port = 25565; - users = config.users; -in { - users = { - groups.minecraft = { - members = [ "toast" ]; - gid = 987; - }; - users.atfc = { - isSystemUser = true; - uid = 988; - group = "minecraft"; - home = "/var/lib/minecraft/atfc"; - homeMode = "750"; - createHome = true; - }; - }; - - virtualisation.oci-containers = { - containers."minecraft-atfc" = { - autoStart = true; - image = "itzg/minecraft-server"; - #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; - environment = { - TZ = "Europe/Madrid"; - EULA = "true"; - TYPE = "forge"; - MEMORY = "2G"; - UID = toString users.users.atfc.uid; - GID = toString users.groups.minecraft.gid; - VERSION = "1.18.2"; - FORGE_VERSION = "40.2.10"; - GENERIC_PACK = "/modpack.zip"; - #USE_AIKAR_FLAGS = "true"; - - #STOP_DURATION = "70"; - STOP_SERVER_ANNOUNCE_DELAY = "25"; + config, + pkgs, + flakeSelf, + ... +}: let + atfc = builtins.fetchurl { + url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download"; + sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x"; + }; + puffish_skills = builtins.fetchurl { + url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download"; + sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil"; + }; + spark = builtins.fetchurl { + url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download"; + sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x"; + }; - # server.properties - MOTD = "Toast's modded minecraft server"; - DIFFICULTY = "hard"; - SNOOPER_ENABLED = "false"; - SPAWN_PROTECTION = "0"; - LEVEL_TYPE = "tfc:tng"; - BROADCAST_CONSOLE_TO_OPS = "true"; - BROADCAST_RCON_TO_OPS = "true"; - VIEW_DISTANCE = "16"; - MAX_PLAYERS = "4"; + port = 25565; + users = config.users; +in { + users = { + groups.minecraft = { + members = ["toast"]; + gid = 987; + }; + users.atfc = { + isSystemUser = true; + uid = 988; + group = "minecraft"; + home = "/var/lib/minecraft/atfc"; + homeMode = "750"; + createHome = true; + }; + }; - RCON_CMDS_LAST_DISCONNECT = "save-all"; - - OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff"; - EXISTING_OPS_FILE = "synchronize"; + virtualisation.oci-containers = { + containers."minecraft-atfc" = { + autoStart = true; + image = "itzg/minecraft-server"; + #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; + environment = { + TZ = "Europe/Madrid"; + EULA = "true"; + TYPE = "forge"; + MEMORY = "2G"; + UID = toString users.users.atfc.uid; + GID = toString users.groups.minecraft.gid; + VERSION = "1.18.2"; + FORGE_VERSION = "40.2.10"; + GENERIC_PACK = "/modpack.zip"; + #USE_AIKAR_FLAGS = "true"; - WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7"; - EXISTING_WHITELIST_FILE = "synchronize"; + #STOP_DURATION = "70"; + STOP_SERVER_ANNOUNCE_DELAY = "25"; - # Auto pause needs this - MAX_TICK_TIME = "-1"; - AUTOPAUSE_KNOCK_INTERFACE = "tap0"; - ENABLE_AUTOPAUSE = "true"; - }; - extraOptions = [ - "--network=slirp4netns:port_handler=slirp4netns" - "--cap-add=CAP_NET_RAW" - ]; - - volumes = [ - "${atfc}:/modpack.zip" - "${puffish_skills}:/mods/puffish_skills.jar" - "${spark}:/mods/spark.jar" - "${users.users.atfc.home}:/data" - #"/tmp/minecraft:/data" - ]; - ports = [ "25565:${toString port}" ]; - }; - }; - - networking.firewall.allowedTCPPorts = [ port ]; + # server.properties + MOTD = "Toast's modded minecraft server"; + DIFFICULTY = "hard"; + SNOOPER_ENABLED = "false"; + SPAWN_PROTECTION = "0"; + LEVEL_TYPE = "tfc:tng"; + BROADCAST_CONSOLE_TO_OPS = "true"; + BROADCAST_RCON_TO_OPS = "true"; + VIEW_DISTANCE = "16"; + MAX_PLAYERS = "4"; - # anything-sync-daemon config - systemd.packages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ]; - environment.systemPackages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ]; - fileSystems.minecraftTmpfs = { - device = "none"; - fsType = "tmpfs"; - mountPoint = "/mnt/minecraftTmpfs"; - options = [ "size=4G "]; - }; - environment.etc."asd.conf".text = -''WHATTOSYNC=('/var/lib/minecraft') -VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}" -USE_OVERLAYFS="yes" ''; - systemd.services.asd = { - wantedBy = [ "podman-minecraft-atfc.service" ]; - before = [ "podman-minecraft-atfc.service" ]; - }; - + RCON_CMDS_LAST_DISCONNECT = "save-all"; + + OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff"; + EXISTING_OPS_FILE = "synchronize"; + + WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7"; + EXISTING_WHITELIST_FILE = "synchronize"; + + # Auto pause needs this + MAX_TICK_TIME = "-1"; + AUTOPAUSE_KNOCK_INTERFACE = "tap0"; + ENABLE_AUTOPAUSE = "true"; + }; + extraOptions = [ + "--network=slirp4netns:port_handler=slirp4netns" + "--cap-add=CAP_NET_RAW" + ]; + + volumes = [ + "${atfc}:/modpack.zip" + "${puffish_skills}:/mods/puffish_skills.jar" + "${spark}:/mods/spark.jar" + "${users.users.atfc.home}:/data" + #"/tmp/minecraft:/data" + ]; + ports = ["25565:${toString port}"]; + }; + }; + + networking.firewall.allowedTCPPorts = [port]; + + # anything-sync-daemon config + systemd.packages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon]; + environment.systemPackages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon]; + fileSystems.minecraftTmpfs = { + device = "none"; + fsType = "tmpfs"; + mountPoint = "/mnt/minecraftTmpfs"; + options = ["size=4G "]; + }; + environment.etc."asd.conf".text = '' WHATTOSYNC=('/var/lib/minecraft') + VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}" + USE_OVERLAYFS="yes" ''; + systemd.services.asd = { + wantedBy = ["podman-minecraft-atfc.service"]; + before = ["podman-minecraft-atfc.service"]; + }; } diff --git a/roles/server/nfs.nix b/roles/server/nfs.nix index d91dd87..f87c4a7 100755 --- a/roles/server/nfs.nix +++ b/roles/server/nfs.nix @@ -1,36 +1,38 @@ -{ config, lib, ... }: - { - services = { - nfs.server = { - enable = true; - exports = '' - ${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid}) - ''; - # NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall - statdPort = 4000; - lockdPort = 4001; - mountdPort = 4002; - }; + config, + lib, + ... +}: { + services = { + nfs.server = { + enable = true; + exports = '' + ${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid}) + ''; + # NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall + statdPort = 4000; + lockdPort = 4001; + mountdPort = 4002; + }; - avahi.extraServiceFiles = { - Transmission-downloads-nfs = '' - - - - Transmission Downloads on %h (NFS) - - _nfs._tcp - 2049 - path=${config.services.transmission.settings.download-dir} - - -''; - }; - }; + avahi.extraServiceFiles = { + Transmission-downloads-nfs = '' + + + + Transmission Downloads on %h (NFS) + + _nfs._tcp + 2049 + path=${config.services.transmission.settings.download-dir} + + + ''; + }; + }; - networking.firewall = { - allowedTCPPorts = [ 111 2049 4000 40001 4002 ]; - allowedUDPPorts = [ 111 2049 4000 40001 4002 ]; - }; + networking.firewall = { + allowedTCPPorts = [111 2049 4000 40001 4002]; + allowedUDPPorts = [111 2049 4000 40001 4002]; + }; } diff --git a/roles/server/samba.nix b/roles/server/samba.nix index dcd25aa..bb7def4 100755 --- a/roles/server/samba.nix +++ b/roles/server/samba.nix @@ -1,37 +1,39 @@ -{ config, lib, ... }: - { - services = { - samba = { - enable = true; - openFirewall = true; - extraConfig = '' -map to guest = bad user -guest account = transmission -''; - shares = { - "Transmission downloads" = { - path = "${config.services.transmission.settings.download-dir}"; - "read only" = true; - public = true; - "guest only" = true; - browseable = true; - }; - }; - }; + config, + lib, + ... +}: { + services = { + samba = { + enable = true; + openFirewall = true; + extraConfig = '' + map to guest = bad user + guest account = transmission + ''; + shares = { + "Transmission downloads" = { + path = "${config.services.transmission.settings.download-dir}"; + "read only" = true; + public = true; + "guest only" = true; + browseable = true; + }; + }; + }; - avahi.extraServiceFiles = { - Transmission-downloads-smb = '' - - - - SMB shares on %h - - _smb._tcp - 139 - - -''; - }; - }; + avahi.extraServiceFiles = { + Transmission-downloads-smb = '' + + + + SMB shares on %h + + _smb._tcp + 139 + + + ''; + }; + }; } diff --git a/roles/server/ssh.nix b/roles/server/ssh.nix index 576cd3b..0275ca1 100755 --- a/roles/server/ssh.nix +++ b/roles/server/ssh.nix @@ -1,12 +1,10 @@ -{ config, ... }: - -{ - services.openssh = { - enable = true; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - startWhenNeeded = true; - }; +{config, ...}: { + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; + startWhenNeeded = true; + }; } diff --git a/roles/server/syncthing.nix b/roles/server/syncthing.nix index 1d2b61f..b0e8f8c 100755 --- a/roles/server/syncthing.nix +++ b/roles/server/syncthing.nix @@ -1,57 +1,55 @@ -{ config, ... }: +{config, ...}: { + services.syncthing = { + enable = true; + key = config.age.secrets.syncthingKey.path; + cert = config.age.secrets.syncthingCert.path; + guiAddress = "0.0.0.0:8384"; + settings.folders = { + "passwords" = { + path = "${config.services.syncthing.dataDir}/passwords"; + }; + "school-things" = { + label = "School things"; + id = "z6alc-nfoqr"; + devices = ["steamdeck" "server" "pc" "winmax2"]; + path = "${config.services.syncthing.dataDir}/school-things"; + }; + "steam-201810" = { + label = "Wolfenstein The New Order Saves"; + id = "laxxf-t2wmy"; + devices = ["steamdeck" "server" "pc" "winmax2"]; + path = "${config.services.syncthing.dataDir}/steam-201810"; + }; + "retroarch" = { + label = "RetroArch"; + id = "jxuou-2yjnu"; + devices = ["steamdeck" "server" "pc" "winmax2"]; + path = "${config.services.syncthing.dataDir}/retroarch"; + }; + }; + }; + systemd.services.syncthing.serviceConfig = { + # Allow syncthing to change ownership of files + AmbientCapabilities = "CAP_CHOWN CAP_FOWNER"; + }; -{ - services.syncthing = { - enable = true; - key = config.age.secrets.syncthingKey.path; - cert = config.age.secrets.syncthingCert.path; - guiAddress = "0.0.0.0:8384"; - settings.folders = { - "passwords" = { - path = "${config.services.syncthing.dataDir}/passwords"; - }; - "school-things" = { - label = "School things"; - id = "z6alc-nfoqr"; - devices = [ "steamdeck" "server" "pc" "winmax2" ]; - path = "${config.services.syncthing.dataDir}/school-things"; - }; - "steam-201810" = { - label = "Wolfenstein The New Order Saves"; - id = "laxxf-t2wmy"; - devices = [ "steamdeck" "server" "pc" "winmax2" ]; - path = "${config.services.syncthing.dataDir}/steam-201810"; - }; - "retroarch"= { - label = "RetroArch"; - id = "jxuou-2yjnu"; - devices = [ "steamdeck" "server" "pc" "winmax2" ]; - path = "${config.services.syncthing.dataDir}/retroarch"; - }; - }; - }; - systemd.services.syncthing.serviceConfig = { - # Allow syncthing to change ownership of files - AmbientCapabilities = "CAP_CHOWN CAP_FOWNER"; - }; + # Add a cname for syncthing + services.dnsmasq.settings.cname = ["sync.everest.sable-pancake.ts.net,everest"]; - # Add a cname for syncthing - services.dnsmasq.settings.cname = [ "sync.everest.sable-pancake.ts.net,everest" ]; - - # Set up traefik as the reverse proxy for syncthing - services.traefik = { - dynamicConfigOptions = { - http = { - routers = { - syncthing-subdomain = { - rule = "Host(`sync.everest.sable-pancake.ts.net`)"; - service = "syncthing"; - }; - }; - services.syncthing.loadBalancer.servers = [ - { url = "http://localhost:8384"; } - ]; - }; - }; - }; + # Set up traefik as the reverse proxy for syncthing + services.traefik = { + dynamicConfigOptions = { + http = { + routers = { + syncthing-subdomain = { + rule = "Host(`sync.everest.sable-pancake.ts.net`)"; + service = "syncthing"; + }; + }; + services.syncthing.loadBalancer.servers = [ + {url = "http://localhost:8384";} + ]; + }; + }; + }; } diff --git a/roles/server/tailscale.nix b/roles/server/tailscale.nix index 36ba593..0f0fba4 100644 --- a/roles/server/tailscale.nix +++ b/roles/server/tailscale.nix @@ -1,8 +1,6 @@ -{ config, ... }: - -{ - services.tailscale = { - # This is needed for being an exit node - useRoutingFeatures = "server"; - }; +{config, ...}: { + services.tailscale = { + # This is needed for being an exit node + useRoutingFeatures = "server"; + }; } diff --git a/roles/server/traefik.nix b/roles/server/traefik.nix index d611211..5e44607 100644 --- a/roles/server/traefik.nix +++ b/roles/server/traefik.nix @@ -1,33 +1,31 @@ -{ config, ... }: +{config, ...}: { + specialisation.traefikEnableWebUI.configuration.services.traefik = { + staticConfigOptions = { + api = { + # Enable the web ui + insecure = true; + dashboard = true; + }; + }; + }; -{ - specialisation.traefikEnableWebUI.configuration.services.traefik = { - staticConfigOptions = { - api = { - # Enable the web ui - insecure = true; - dashboard = true; - }; - }; - }; - - services.traefik = { - enable = true; - staticConfigOptions = { - entryPoints = { - http = { address = "100.73.96.48:80"; }; - }; - }; - }; + services.traefik = { + enable = true; + staticConfigOptions = { + entryPoints = { + http = {address = "100.73.96.48:80";}; + }; + }; + }; - systemd = { - units.tailscaled.requiredBy = [ "traefik.service" ]; - # We have somewhat frequent power outages, and our ISP router takes - # ages to boot up. If I don't add a delay, traefik tries to bind to - # the tailscale interface before it's ready, making it crash too much - # in too little time - services.traefik.serviceConfig.RestartSec = 120; - }; + systemd = { + units.tailscaled.requiredBy = ["traefik.service"]; + # We have somewhat frequent power outages, and our ISP router takes + # ages to boot up. If I don't add a delay, traefik tries to bind to + # the tailscale interface before it's ready, making it crash too much + # in too little time + services.traefik.serviceConfig.RestartSec = 120; + }; - networking.firewall.allowedTCPPorts = [ 80 8080 ]; + networking.firewall.allowedTCPPorts = [80 8080]; } diff --git a/roles/server/transmission.nix b/roles/server/transmission.nix index ed17095..3e64aec 100755 --- a/roles/server/transmission.nix +++ b/roles/server/transmission.nix @@ -1,34 +1,32 @@ -{ config , ... }: +{config, ...}: { + services.transmission = { + enable = true; + openFirewall = true; + settings = { + incomplete-dir-enabled = false; + rpc-bind-address = "0.0.0.0"; + rpc-host-whitelist = "transmission.everest.sable-pancake.ts.net"; + rpc-whitelist = "127.0.0.1"; + }; + }; -{ - services.transmission = { - enable = true; - openFirewall = true; - settings = { - incomplete-dir-enabled = false; - rpc-bind-address = "0.0.0.0"; - rpc-host-whitelist = "transmission.everest.sable-pancake.ts.net"; - rpc-whitelist = "127.0.0.1"; - }; - }; + # Add a cname for transmission + services.dnsmasq.settings.cname = ["transmission.everest.sable-pancake.ts.net,everest"]; - # Add a cname for transmission - services.dnsmasq.settings.cname = [ "transmission.everest.sable-pancake.ts.net,everest" ]; - - # Set up traefik as the reverse proxy for transmission - services.traefik = { - dynamicConfigOptions = { - http = { - routers = { - transmission-subdomain = { - rule = "Host(`transmission.everest.sable-pancake.ts.net`)"; - service = "transmission"; - }; - }; - services.transmission.loadBalancer.servers = [ - { url = "http://localhost:${toString config.services.transmission.settings.rpc-port}"; } - ]; - }; - }; - }; + # Set up traefik as the reverse proxy for transmission + services.traefik = { + dynamicConfigOptions = { + http = { + routers = { + transmission-subdomain = { + rule = "Host(`transmission.everest.sable-pancake.ts.net`)"; + service = "transmission"; + }; + }; + services.transmission.loadBalancer.servers = [ + {url = "http://localhost:${toString config.services.transmission.settings.rpc-port}";} + ]; + }; + }; + }; }