diff --git a/.helix/languages.toml b/.helix/languages.toml deleted file mode 100644 index 3c8a111..0000000 --- a/.helix/languages.toml +++ /dev/null @@ -1,3 +0,0 @@ -[[language]] -name = "nix" -formatter = { command = "alejandra" } diff --git a/.vscode/settings.json b/.vscode/settings.json index 4b907f6..fdf6a9a 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,15 +1,5 @@ { "editor.detectIndentation": true, "editor.insertSpaces": true, - "editor.defaultFormatter": "jnoortheen.nix-ide", - "nix.formatterPath": "alejandra", - "nix.serverSettings": { - "nil": { - "formatting": { - "command": [ - "alejandra" - ] - } - } - } + "editor.defaultFormatter": "jnoortheen.nix-ide" } diff --git a/flake.nix b/flake.nix index 81171bf..8dfa996 100644 --- a/flake.nix +++ b/flake.nix @@ -1,219 +1,205 @@ { - description = "Configuration for Everest"; + description = "Configuration for Everest"; - inputs = { - secrets = { - url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets"; - flake = false; - }; - nixpkgs-raw.url = "nixpkgs/nixos-23.11"; - nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable"; + inputs = { + secrets = { + url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets"; + flake = false; + }; + nixpkgs-raw.url = "nixpkgs/nixos-23.11"; + nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable"; - agenix = { - url = "github:ryantm/agenix"; - inputs = { - nixpkgs.follows = "nixpkgs-raw"; - darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies - }; - }; + agenix = { + url = "github:ryantm/agenix"; + inputs = { + nixpkgs.follows = "nixpkgs-raw"; + darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies + }; + }; - home-manager = { - url = "github:nix-community/home-manager/release-23.11"; - inputs.nixpkgs.follows = "nixpkgs-raw"; - }; + home-manager = { + url = "github:nix-community/home-manager/release-23.11"; + inputs.nixpkgs.follows = "nixpkgs-raw"; + }; - home-manager-unstable = { - url = "github:nix-community/home-manager/"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; + home-manager-unstable = { + url = "github:nix-community/home-manager/"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; - nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; - jovian = { - url = "github:Jovian-Experiments/Jovian-NixOS"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; + jovian = { + url = "github:Jovian-Experiments/Jovian-NixOS"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; + + nix-impermanence.url = "github:nix-community/impermanence"; - nix-impermanence.url = "github:nix-community/impermanence"; + /* + These are the same input, just following different nixpkgs versions + This avoids some wierdness when using one that follows unstable on a stable nixpkgs + */ + nix-index-db = { + url = "github:Mic92/nix-index-database"; + inputs.nixpkgs.follows = "nixpkgs-raw"; + }; - /* - These are the same input, just following different nixpkgs versions - This avoids some wierdness when using one that follows unstable on a stable nixpkgs - */ - nix-index-db = { - url = "github:Mic92/nix-index-database"; - inputs.nixpkgs.follows = "nixpkgs-raw"; - }; + nix-index-db-unstable = { + url = "github:Mic92/nix-index-database"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; - nix-index-db-unstable = { - url = "github:Mic92/nix-index-database"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; + plasma-manager = { + url = "github:pjones/plasma-manager"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + inputs.home-manager.follows = "home-manager-unstable"; + }; - plasma-manager = { - url = "github:pjones/plasma-manager"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - inputs.home-manager.follows = "home-manager-unstable"; - }; + catppuccin-vsc = { + url = "github:catppuccin/vscode"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; + }; - catppuccin-vsc = { - url = "github:catppuccin/vscode"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; + vscode-extensions = { + url = "github:nix-community/nix-vscode-extensions"; + inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - vscode-extensions = { - url = "github:nix-community/nix-vscode-extensions"; - inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; - }; - nix-flatpak.url = "github:gmodena/nix-flatpak/main"; + }; + nix-flatpak.url = "github:gmodena/nix-flatpak/main"; - nur.url = "github:nix-community/NUR"; - }; + nur.url = "github:nix-community/NUR"; + }; - outputs = {...} @ inputs: - with inputs; - # Patch nixpkgs - # https://ertt.ca/nix/patch-nixpkgs/ - let - nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { - name = "patched-nixpkgs-unstable"; - src = nixpkgs-unstable-raw; - patches = [ - ]; - }; - nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { - name = "patched-nixpkgs"; - src = nixpkgs-raw; - patches = [ - ./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch - ./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch - ]; - }; - # https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26 - nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs {self = inputs.self;}; - nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs {self = inputs.self;}; - in { - devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell { - name = "toast-devshell"; - # The agenix cli is not needed to activate a configuration, so instead of installing it - # I'll just add it to de devShell, since that's the only real time I'm going to use it. - packages = with nixpkgs.legacyPackages.x86_64-linux; [ - agenix.packages.x86_64-linux.default - git - nix-diff - just - alejandra - ]; - shellHook = '' - export PS1="$PS1(toast-configs)> " - ''; - }; - packages = { - x86_64-linux = with import nixpkgs-unstable-raw {system = "x86_64-linux";}; { - anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {}; - discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {}; - }; - }; - nixosConfigurations = { - Archie = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - systemPkgs = inputs.nixpkgs-unstable-raw; - flakeSelf = self; - }; - /* - I used to set up nixpkgs in the flake, but doing that made - defining overlays in modules impossible (or at least I could - not figure out how) - Also has nice side effect of making it easier to add new systems :3 - */ - modules = [ - agenix.nixosModules.default - home-manager-unstable.nixosModule - nix-index-db-unstable.nixosModules.nix-index - ./roles/common - ./roles/desktop - ./roles/kde - ./roles/gaming - ./roles/school - ./machines/Archie - ]; - }; + outputs = { ... } @inputs: with inputs; + # Patch nixpkgs + # https://ertt.ca/nix/patch-nixpkgs/ + let + nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { + name = "patched-nixpkgs-unstable"; + src = nixpkgs-unstable-raw; + patches = [ + ]; + }; + nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { + name = "patched-nixpkgs"; + src = nixpkgs-raw; + patches = [ + ./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch + ./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch + ]; + }; + # https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26 + nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs { self = inputs.self; }; + nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs { self = inputs.self; }; + in + { + devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell { + name = "toast-devshell"; + # The agenix cli is not needed to activate a configuration, so instead of installing it + # I'll just add it to de devShell, since that's the only real time I'm going to use it. + packages = with nixpkgs.legacyPackages.x86_64-linux; [ + agenix.packages.x86_64-linux.default + git + nix-diff + just + nix-diff + ]; + shellHook ='' + export PS1="$PS1(toast-configs)> " + ''; + }; + packages = { + x86_64-linux = with import nixpkgs-unstable-raw { system = "x86_64-linux"; }; { + anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {}; + discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {}; + }; + }; + nixosConfigurations = { + Archie = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; + /* + I used to set up nixpkgs in the flake, but doing that made + defining overlays in modules impossible (or at least I could + not figure out how) + Also has nice side effect of making it easier to add new systems :3 + */ + modules = [ + agenix.nixosModules.default + home-manager-unstable.nixosModule + nix-index-db-unstable.nixosModules.nix-index + ./roles/common + ./roles/desktop + ./roles/kde + ./roles/gaming + ./roles/school + ./machines/Archie + ]; + }; - SurfaceGo = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - systemPkgs = inputs.nixpkgs-unstable-raw; - flakeSelf = self; - }; - modules = [ - agenix.nixosModules.default - home-manager-unstable.nixosModule - nixos-hardware.nixosModules.microsoft-surface-go - nix-index-db-unstable.nixosModules.nix-index - ./roles/common - ./roles/desktop - ./roles/kde - ./machines/SurfaceGo - ]; - }; + SurfaceGo = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; + modules = [ + agenix.nixosModules.default + home-manager-unstable.nixosModule + nixos-hardware.nixosModules.microsoft-surface-go + nix-index-db-unstable.nixosModules.nix-index + ./roles/common + ./roles/desktop + ./roles/kde + ./machines/SurfaceGo + ]; + }; - SteamDeck = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - systemPkgs = inputs.nixpkgs-unstable-raw; - flakeSelf = self; - }; - modules = [ - agenix.nixosModules.default - jovian.nixosModules.default - home-manager-unstable.nixosModule - nix-index-db-unstable.nixosModules.nix-index - ./roles/common - ./roles/desktop - ./roles/kde - ./roles/gaming - ./roles/school - ./machines/SteamDeck - ]; - }; + SteamDeck = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; + modules = [ + agenix.nixosModules.default + jovian.nixosModules.default + home-manager-unstable.nixosModule + nix-index-db-unstable.nixosModules.nix-index + ./roles/common + ./roles/desktop + ./roles/kde + ./roles/gaming + ./roles/school + ./machines/SteamDeck + ]; + }; - WinMax2 = nixpkgs-unstable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - systemPkgs = inputs.nixpkgs-unstable-raw; - flakeSelf = self; - }; - modules = [ - agenix.nixosModules.default - jovian.nixosModules.default - home-manager-unstable.nixosModule - nix-index-db-unstable.nixosModules.nix-index - nixos-hardware.nixosModules.gpd-win-max-2-2023 - ./roles/common - ./roles/desktop - ./roles/kde - ./roles/gaming - ./roles/school - ./machines/WinMax2 - ]; - }; + WinMax2 = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; + modules = [ + agenix.nixosModules.default + jovian.nixosModules.default + home-manager-unstable.nixosModule + nix-index-db-unstable.nixosModules.nix-index + nixos-hardware.nixosModules.gpd-win-max-2-2023 + ./roles/common + ./roles/desktop + ./roles/kde + ./roles/gaming + ./roles/school + ./machines/WinMax2 + ]; + }; - Everest = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - systemPkgs = inputs.nixpkgs-raw; - flakeSelf = self; - }; - modules = [ - agenix.nixosModules.default - home-manager.nixosModule - nix-index-db.nixosModules.nix-index - ./roles/common - ./roles/server - ./machines/Everest - ]; - }; - }; - }; + Everest = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { systemPkgs = inputs.nixpkgs-raw; flakeSelf = self; }; + modules = [ + agenix.nixosModules.default + home-manager.nixosModule + nix-index-db.nixosModules.nix-index + ./roles/common + ./roles/server + ./machines/Everest + ]; + }; + }; + }; } diff --git a/machines/Archie/configuration.nix b/machines/Archie/configuration.nix index e35d1fe..9c1ae34 100644 --- a/machines/Archie/configuration.nix +++ b/machines/Archie/configuration.nix @@ -1,79 +1,81 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, ... }: + { - config, - pkgs, - ... -}: { - # Use grub boot loader - boot.loader = { - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - useOSProber = true; - }; - efi.efiSysMountPoint = "/boot/efi"; - }; - boot.loader.efi.canTouchEfiVariables = true; + # Use grub boot loader + boot.loader = { + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + useOSProber = true; + }; + efi.efiSysMountPoint = "/boot/efi"; + }; + boot.loader.efi.canTouchEfiVariables = true; - boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest; + boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest; - networking.hostName = "Archie"; # Define your hostname. + networking.hostName = "Archie"; # Define your hostname. - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - # Enable CUPS to print documents. - # services.printing.enable = true; + # Enable CUPS to print documents. + # services.printing.enable = true; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; - hardware.bluetooth.enable = true; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + hardware.bluetooth.enable = true; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # List services that you want to enable: + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + # List services that you want to enable: - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; } + diff --git a/machines/Archie/default.nix b/machines/Archie/default.nix index 187a110..5bf2485 100755 --- a/machines/Archie/default.nix +++ b/machines/Archie/default.nix @@ -1,6 +1,8 @@ -{...}: { - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{ ... }: + +{ + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/Archie/hardware-configuration.nix b/machines/Archie/hardware-configuration.nix index bd32dc6..00a0702 100644 --- a/machines/Archie/hardware-configuration.nix +++ b/machines/Archie/hardware-configuration.nix @@ -1,79 +1,76 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + { - config, - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - # Enable support for the Xbox One wireless dongle - hardware.xone.enable = true; + # Enable support for the Xbox One wireless dongle + hardware.xone.enable = true; - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = ["amdgpu"]; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ "amdgpu" ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = ["subvol=@root" "compress=zstd"]; - }; + fileSystems."/" = + { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = [ "subvol=@root" "compress=zstd" ]; + }; - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = ["subvol=@nix" "compress=zstd"]; - }; + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = [ "subvol=@nix" "compress=zstd" ]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = ["subvol=@boot" "compress=zstd"]; - }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = [ "subvol=@boot" "compress=zstd" ]; + }; - fileSystems."/boot/efi" = { - device = "/dev/disk/by-uuid/FB87-4CBC"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/FB87-4CBC"; + fsType = "vfat"; + }; - fileSystems = { - /* - Mount the root subvolume of the SSD - This is helpful for getting things from - my old Arch install, as well as for running btdu - */ - "/mnt/ssd" = { - device = config.fileSystems."/".device; - fsType = config.fileSystems."/".fsType; - options = ["subvolid=5" "ro"]; - }; - "/mnt/windows" = { - device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F"; - fsType = "ntfs3"; - neededForBoot = false; - options = ["noauto" "windows_names"]; - }; - "/home" = { - device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = ["subvol=@home" "compress=zstd"]; - }; - "/persist" = { - device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; - fsType = "btrfs"; - options = ["subvol=@persist" "compress=zstd"]; - neededForBoot = true; - }; - }; + fileSystems = { + /* + Mount the root subvolume of the SSD + This is helpful for getting things from + my old Arch install, as well as for running btdu + */ + "/mnt/ssd" = { + device = config.fileSystems."/".device; + fsType = config.fileSystems."/".fsType; + options = [ "subvolid=5" "ro" ]; + }; + "/mnt/windows" = { + device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F"; + fsType = "ntfs3"; + neededForBoot = false; + options = [ "noauto" "windows_names" ]; + }; + "/home" = { + device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = [ "subvol=@home" "compress=zstd" ]; + }; + "/persist" = { + device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; + fsType = "btrfs"; + options = [ "subvol=@persist" "compress=zstd" ]; + neededForBoot = true; + }; + }; - swapDevices = []; + swapDevices = [ ]; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/Everest/configuration.nix b/machines/Everest/configuration.nix index c85e788..085260d 100755 --- a/machines/Everest/configuration.nix +++ b/machines/Everest/configuration.nix @@ -1,67 +1,68 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{lib, ...}: { - # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.timeout = 5; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - # I'm using Nix OS, it's logo is a snowflake and the computer is - # a lot taller than the pi it's replacing, so Everest! :3 :3 - networking.hostName = "Everest"; # Define your hostname. +{ config, pkgs, lib, ... }: - # Set up networking - networking = { - wireless.enable = false; # Computer doesn't have wifi - enableIPv6 = false; - useNetworkd = true; - dhcpcd.enable = false; - interfaces.eno1 = { - wakeOnLan.enable = true; - ipv4.addresses = [ - { - address = "192.168.0.160"; - prefixLength = 24; - } - ]; - }; - # I use networkd, so I need to declare the interface for the default gateway - defaultGateway = { - address = "192.168.0.1"; - interface = "eno1"; - }; - nameservers = ["9.9.9.9"]; - }; +{ + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.timeout = 5; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.toast = { - extraGroups = ["networkmanager" "transmission"]; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop" - ]; - }; + # I'm using Nix OS, it's logo is a snowflake and the computer is + # a lot taller than the pi it's replacing, so Everest! :3 :3 + networking.hostName = "Everest"; # Define your hostname. - # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs - boot.tmp.useTmpfs = false; + # Set up networking + networking = { + wireless.enable = false; # Computer doesn't have wifi + enableIPv6 = false; + useNetworkd = true; + dhcpcd.enable = false; + interfaces.eno1 = { + wakeOnLan.enable = true; + ipv4.addresses = [ { + address = "192.168.0.160"; + prefixLength = 24; + } ]; + }; + # I use networkd, so I need to declare the interface for the default gateway + defaultGateway = { + address = "192.168.0.1"; + interface = "eno1"; + }; + nameservers = [ "9.9.9.9" ]; + }; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.toast = { + extraGroups = [ "networkmanager" "transmission"]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop" + ]; + }; - home-manager = { - users.toast = {config, ...}: { - home = { - file = { - # This symlinks the Transmission downloads folder into my user's downloads folder for easy access - "Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads"; - }; - }; - }; - }; + # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs + boot.tmp.useTmpfs = false; - # Open ports in the firewall. - # No idea what ports 5201 and 21027 do tho - networking.firewall.allowedTCPPorts = [5201]; - networking.firewall.allowedUDPPorts = [5201 21027]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + home-manager = { + users.toast = { config, ... }: { + home = { + file = { + # This symlinks the Transmission downloads folder into my user's downloads folder for easy access + "Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads"; + }; + }; + }; + }; + + # Open ports in the firewall. + # No idea what ports 5201 and 21027 do tho + networking.firewall.allowedTCPPorts = [ 5201 ]; + networking.firewall.allowedUDPPorts = [ 5201 21027]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; } diff --git a/machines/Everest/default.nix b/machines/Everest/default.nix index 187a110..5bf2485 100755 --- a/machines/Everest/default.nix +++ b/machines/Everest/default.nix @@ -1,6 +1,8 @@ -{...}: { - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{ ... }: + +{ + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/Everest/hardware-configuration.nix b/machines/Everest/hardware-configuration.nix index 7a97c97..d165feb 100755 --- a/machines/Everest/hardware-configuration.nix +++ b/machines/Everest/hardware-configuration.nix @@ -1,64 +1,61 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + { - config, - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; - fileSystems = { - "/" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = ["compress=zstd" "subvol=@"]; - }; - "/nix" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = ["compress=zstd" "subvol=@nix"]; - }; - "/home" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = ["compress=zstd" "subvol=@home"]; - }; - "/mnt/hdd" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = ["compress=zstd" "subvol=/" "ro"]; - }; - "/persist" = { - device = "/dev/disk/by-label/Everest"; - fsType = "btrfs"; - options = ["compress=zstd" "subvol=@persist"]; - neededForBoot = true; - }; - }; + fileSystems = { + "/" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = [ "compress=zstd" "subvol=@"]; + }; + "/nix" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = [ "compress=zstd" "subvol=@nix" ]; + }; + "/home" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = [ "compress=zstd" "subvol=@home" ]; + }; + "/mnt/hdd" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = [ "compress=zstd" "subvol=/" "ro" ]; + }; + "/persist" = { + device = "/dev/disk/by-label/Everest"; + fsType = "btrfs"; + options = [ "compress=zstd" "subvol=@persist" ]; + neededForBoot = true; + }; + }; - fileSystems."/boot/efi" = { - device = "/dev/disk/by-label/Boot"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = + { device = "/dev/disk/by-label/Boot"; + fsType = "vfat"; + }; - swapDevices = []; + swapDevices = [ ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/SteamDeck/configuration.nix b/machines/SteamDeck/configuration.nix index 6e0b86e..0319993 100755 --- a/machines/SteamDeck/configuration.nix +++ b/machines/SteamDeck/configuration.nix @@ -1,103 +1,103 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, lib, ... }: + { - config, - pkgs, - lib, - ... -}: { - # Use grub boot loader - boot.loader = { - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - # No other OS on here :P - useOSProber = false; - }; - efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; - }; - boot.loader.efi.canTouchEfiVariables = true; + # Use grub boot loader + boot.loader = { + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + # No other OS on here :P + useOSProber = false; + }; + efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; + }; + boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "SteamDeck"; # Define your hostname. + networking.hostName = "SteamDeck"; # Define your hostname. - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - jovian = { - devices.steamdeck = { - enable = true; - }; - # Steam Deck UI settings - steam = { - enable = true; - autoStart = true; - user = "toast"; - desktopSession = "plasmawayland"; - }; - decky-loader = { - enable = true; - }; - }; - services.xserver.displayManager.sddm.enable = lib.mkForce false; + jovian = { + devices.steamdeck = { + enable = true; + }; + # Steam Deck UI settings + steam = { + enable = true; + autoStart = true; + user = "toast"; + desktopSession = "plasmawayland"; + }; + decky-loader = { + enable = true; + }; + }; + services.xserver.displayManager.sddm.enable = lib.mkForce false; - # Enable bluetooth - hardware.bluetooth = { - enable = true; - }; + # Enable bluetooth + hardware.bluetooth = { + enable = true; + }; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - # Enable CUPS to print documents. - # services.printing.enable = true; + # Enable CUPS to print documents. + # services.printing.enable = true; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; - # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs - boot.tmp.useTmpfs = false; + # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs + boot.tmp.useTmpfs = false; - environment.systemPackages = [pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme]; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + environment.systemPackages = [ pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme ]; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # List services that you want to enable: + # List services that you want to enable: - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + # Enable the OpenSSH daemon. + # services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; } + diff --git a/machines/SteamDeck/default.nix b/machines/SteamDeck/default.nix index 187a110..5bf2485 100755 --- a/machines/SteamDeck/default.nix +++ b/machines/SteamDeck/default.nix @@ -1,6 +1,8 @@ -{...}: { - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{ ... }: + +{ + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/SteamDeck/hardware-configuration.nix b/machines/SteamDeck/hardware-configuration.nix index 74f2cd4..1f4cd77 100755 --- a/machines/SteamDeck/hardware-configuration.nix +++ b/machines/SteamDeck/hardware-configuration.nix @@ -1,72 +1,71 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +let + # \x20 is the escape code for a space + ssdLabel = ''Deck\\x20SSD''; +in + { - config, - lib, - modulesPath, - ... -}: let - # \x20 is the escape code for a space - ssdLabel = ''Deck\\x20SSD''; -in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - # Enable support for the Xbox One wireless dongle - hardware.xone.enable = true; + # Enable support for the Xbox One wireless dongle + hardware.xone.enable = true; - boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; - fileSystems = { - "efi_boot_partition" = { - mountPoint = "/boot/efi"; - label = "deckboot"; - fsType = "vfat"; - }; - /* - Mount the root subvolume of the SSD - This is helpful for getting things from - my old Arch install, as well as for running btdu - */ - "btrfs_root_subvolume" = { - mountPoint = "/mnt/ssd"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvolid=5" "ro"]; - }; - "btrfs_root" = { - mountPoint = "/"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@" "compress=zstd"]; - }; - "btrfs_boot" = { - mountPoint = "/boot"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@boot" "compress=zstd"]; - }; - "btrfs_home" = { - mountPoint = "/home"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@home" "compress=zstd"]; - }; - "btrfs_nix" = { - mountPoint = "/nix"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@nix" "compress=zstd"]; - }; - }; + fileSystems = { + "efi_boot_partition" = { + mountPoint = "/boot/efi"; + label = "deckboot"; + fsType = "vfat"; + }; + /* + Mount the root subvolume of the SSD + This is helpful for getting things from + my old Arch install, as well as for running btdu + */ + "btrfs_root_subvolume" = { + mountPoint = "/mnt/ssd"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvolid=5" "ro" ]; + }; + "btrfs_root" = { + mountPoint = "/"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@" "compress=zstd" ]; + }; + "btrfs_boot" = { + mountPoint = "/boot"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@boot" "compress=zstd" ]; + }; + "btrfs_home" = { + mountPoint = "/home"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@home" "compress=zstd" ]; + }; + "btrfs_nix" = { + mountPoint = "/nix"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@nix" "compress=zstd" ]; + }; + }; - swapDevices = []; + swapDevices = [ ]; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/SurfaceGo/configuration.nix b/machines/SurfaceGo/configuration.nix index 49c0620..7b63b8d 100644 --- a/machines/SurfaceGo/configuration.nix +++ b/machines/SurfaceGo/configuration.nix @@ -1,92 +1,92 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, lib, ... }: + { - config, - pkgs, - lib, - ... -}: { - boot = { - loader = { - # Use grub boot loader - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - enableCryptodisk = true; - }; - efi = { - efiSysMountPoint = "/boot/efi"; - canTouchEfiVariables = true; - }; - }; - # I need systemd for tpm luks unlocking - initrd.systemd.enable = true; - }; + boot = { + loader = { + # Use grub boot loader + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + enableCryptodisk = true; + }; + efi = { + efiSysMountPoint = "/boot/efi"; + canTouchEfiVariables = true; + }; + }; + # I need systemd for tpm luks unlocking + initrd.systemd.enable = true; + }; - security.tpm2.enable = true; + security.tpm2.enable = true; - networking.hostName = "SurfaceGo"; # Define your hostname. + networking.hostName = "SurfaceGo"; # Define your hostname. - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - console = { - # The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font - font = "ter-i32n"; - }; + console = { + # The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font + font = "ter-i32n"; + }; + + # Enable CUPS to print documents. + # services.printing.enable = true; - # Enable CUPS to print documents. - # services.printing.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + # The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it + boot.kernelPackages = lib.mkForce pkgs.linuxPackages; - # The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it - boot.kernelPackages = lib.mkForce pkgs.linuxPackages; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # List services that you want to enable: - # List services that you want to enable: + # Enable the OpenSSH daemon. + # services.openssh.enable = true; - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; } + diff --git a/machines/SurfaceGo/default.nix b/machines/SurfaceGo/default.nix index 187a110..5bf2485 100644 --- a/machines/SurfaceGo/default.nix +++ b/machines/SurfaceGo/default.nix @@ -1,6 +1,8 @@ -{...}: { - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{ ... }: + +{ + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/SurfaceGo/hardware-configuration.nix b/machines/SurfaceGo/hardware-configuration.nix index 81a4c56..75c5c1a 100644 --- a/machines/SurfaceGo/hardware-configuration.nix +++ b/machines/SurfaceGo/hardware-configuration.nix @@ -1,50 +1,49 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ + # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, ... }: + { - config, - lib, - ... -}: { - boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf"; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = ["subvol=@" "compress=zstd"]; - }; + boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf"; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = ["subvol=@boot" "compress=zstd"]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = [ "subvol=@" "compress=zstd" ]; + }; - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = ["subvol=@nix" "compress=zstd"]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = [ "subvol=@boot" "compress=zstd" ]; + }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; - fsType = "btrfs"; - options = ["subvol=@home" "compress=zstd"]; - }; + fileSystems."/nix" ={ + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = [ "subvol=@nix" "compress=zstd" ]; + }; - fileSystems."/boot/efi" = { - device = "/dev/disk/by-uuid/EC76-201F"; - fsType = "vfat"; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; + fsType = "btrfs"; + options = [ "subvol=@home" "compress=zstd" ]; + }; - swapDevices = []; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/EC76-201F"; + fsType = "vfat"; + }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + swapDevices = []; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/WinMax2/configuration.nix b/machines/WinMax2/configuration.nix index a5d20c3..026000b 100755 --- a/machines/WinMax2/configuration.nix +++ b/machines/WinMax2/configuration.nix @@ -1,153 +1,153 @@ -# Edit this configuration file to define what should be installed on + # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, lib, ... }: + { - config, - pkgs, - lib, - ... -}: { - # Use grub boot loader - boot = { - loader = { - systemd-boot.enable = false; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - # No other OS on here :P - useOSProber = false; - }; - efi = { - efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; - canTouchEfiVariables = true; - }; - }; - /* - I use luks, and the systemd initrd works better for this - Both for tpm unlocking (soon) and for plymouth - */ - initrd.systemd.enable = true; - # Plymouth doesn't support fractional scaling :( - plymouth.extraConfig = "DeviceScale=2"; + # Use grub boot loader + boot = { + loader = { + systemd-boot.enable = false; + grub = { + enable = true; + device = "nodev"; + efiSupport = true; + # No other OS on here :P + useOSProber = false; + }; + efi = { + efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; + canTouchEfiVariables = true; + }; + }; + /* + I use luks, and the systemd initrd works better for this + Both for tpm unlocking (soon) and for plymouth + */ + initrd.systemd.enable = true; + # Plymouth doesn't support fractional scaling :( + plymouth.extraConfig = "DeviceScale=2"; - kernelPackages = pkgs.linuxPackages_latest; - }; + kernelPackages = pkgs.linuxPackages_latest; + }; - networking.hostName = "WinMax2"; # Define your hostname. + networking.hostName = "WinMax2"; # Define your hostname. - specialisation.noAVX512.configuration = { - # For some reason The Finals crashes on CPUs that support AVX512 - boot.kernelParams = ["clearcpuid=304"]; - }; + specialisation.noAVX512.configuration = { + # For some reason The Finals crashes on CPUs that support AVX512 + boot.kernelParams = [ "clearcpuid=304" ]; + }; - # Sleep fixes - boot.kernelParams = ["rtc_cmos.use_acpi_alarm=1"]; - services.udev.extraRules = '' - ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled" - ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled" - ''; + # Sleep fixes + boot.kernelParams = [ "rtc_cmos.use_acpi_alarm=1" ]; + services.udev.extraRules = '' +ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled" +ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled" + ''; - services.handheld-daemon = { - package = pkgs.handheld-daemon.overridePythonAttrs rec { - src = pkgs.fetchFromGitHub { - owner = "hhd-dev"; - repo = "hhd"; - rev = "v${version}"; - hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc="; - }; - version = "1.3.13"; - }; - enable = true; - user = "root"; - }; + services.handheld-daemon = { + package = pkgs.handheld-daemon.overridePythonAttrs rec{ + src = pkgs.fetchFromGitHub { + owner = "hhd-dev"; + repo = "hhd"; + rev = "v${version}"; + hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc="; + }; + version = "1.3.13"; + }; + enable = true; + user = "root"; + }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - services.xserver = { - xkb.layout = lib.mkForce "us"; - displayManager.sddm.settings = { - General.GreeterEnvironment = "QT_SCREEN_SCALE_FACTORS=1.75"; - }; - }; + services.xserver = { + xkb.layout = lib.mkForce "us"; + displayManager.sddm.settings = { + General.GreeterEnvironment="QT_SCREEN_SCALE_FACTORS=1.75"; + }; + }; - jovian = { - # Steam Deck UI settings - steam = { - enable = true; - autoStart = false; - user = "toast"; - desktopSession = "plasmawayland"; - }; - hardware.amd.gpu.enableBacklightControl = true; - # Need patched mesa - steamos = { - enableMesaPatches = true; - enableVendorRadv = true; - }; - decky-loader = { - enable = true; - }; - }; + jovian = { + # Steam Deck UI settings + steam = { + enable = true; + autoStart = false; + user = "toast"; + desktopSession = "plasmawayland"; + }; + hardware.amd.gpu.enableBacklightControl = true; + # Need patched mesa + steamos = { + enableMesaPatches = true; + enableVendorRadv = true; + }; + decky-loader = { + enable = true; + }; + }; - # Enable bluetooth - hardware.bluetooth = { - enable = true; - }; + # Enable bluetooth + hardware.bluetooth = { + enable = true; + }; - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; - # Enable CUPS to print documents. - # services.printing.enable = true; - environment.sessionVariables = { - STEAM_FORCE_DESKTOPUI_SCALING = "1.75"; - }; + # Enable CUPS to print documents. + # services.printing.enable = true; + environment.sessionVariables = { + STEAM_FORCE_DESKTOPUI_SCALING = "1.75"; + }; - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; - # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs - boot.tmp.useTmpfs = false; + # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs + boot.tmp.useTmpfs = false; - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; - # List services that you want to enable: + # List services that you want to enable: - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + # Enable the OpenSSH daemon. + # services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; } + diff --git a/machines/WinMax2/default.nix b/machines/WinMax2/default.nix index 187a110..5bf2485 100755 --- a/machines/WinMax2/default.nix +++ b/machines/WinMax2/default.nix @@ -1,6 +1,8 @@ -{...}: { - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; +{ ... }: + +{ + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; } diff --git a/machines/WinMax2/hardware-configuration.nix b/machines/WinMax2/hardware-configuration.nix index 45745ac..2f8b16b 100755 --- a/machines/WinMax2/hardware-configuration.nix +++ b/machines/WinMax2/hardware-configuration.nix @@ -1,75 +1,74 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, modulesPath, ... }: + +let + # \x20 is the escape code for a space + ssdLabel = ''Win\\x20Max\\x202\\x20SSD''; +in + { - config, - lib, - modulesPath, - ... -}: let - # \x20 is the escape code for a space - ssdLabel = ''Win\\x20Max\\x202\\x20SSD''; -in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; - boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc"; + boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc"; - fileSystems = { - "efi_boot_partition" = { - mountPoint = "/boot"; - label = "winmax2boot"; - fsType = "vfat"; - }; - /* - Mount the root subvolume of the SSD - This is helpful for getting things from - my old Arch install, as well as for running btdu - */ - "btrfs_root_subvolume" = { - mountPoint = "/mnt/ssd"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvolid=5" "ro"]; - }; - "btrfs_root" = { - mountPoint = "/"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@"]; - }; - "btrfs_persist" = { - mountPoint = "/persist"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@persist"]; - neededForBoot = true; - }; - "btrfs_home" = { - mountPoint = "/home"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@home"]; - }; - "btrfs_nix" = { - mountPoint = "/nix"; - label = ssdLabel; - fsType = "btrfs"; - options = ["subvol=@nix"]; - }; - }; + fileSystems = { + "efi_boot_partition" = { + mountPoint = "/boot"; + label = "winmax2boot"; + fsType = "vfat"; + }; + /* + Mount the root subvolume of the SSD + This is helpful for getting things from + my old Arch install, as well as for running btdu + */ + "btrfs_root_subvolume" = { + mountPoint = "/mnt/ssd"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvolid=5" "ro" ]; + }; + "btrfs_root" = { + mountPoint = "/"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + "btrfs_persist" = { + mountPoint = "/persist"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@persist" ]; + neededForBoot = true; + }; + "btrfs_home" = { + mountPoint = "/home"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + "btrfs_nix" = { + mountPoint = "/nix"; + label = ssdLabel; + fsType = "btrfs"; + options = [ "subvol=@nix" ]; + }; + }; - swapDevices = []; + swapDevices = [ ]; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware = { - cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - sensor.iio.bmi260.enable = true; - }; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware = { + cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + sensor.iio.bmi260.enable = true; + }; } diff --git a/pkgs/anything-sync-daemon/default.nix b/pkgs/anything-sync-daemon/default.nix index afa5417..974bf9a 100644 --- a/pkgs/anything-sync-daemon/default.nix +++ b/pkgs/anything-sync-daemon/default.nix @@ -1,57 +1,56 @@ -{ - stdenv, - lib, - fetchFromGitHub, - makeWrapper, - rsync, - gawk, - pv, - gnutar, - zstd, - util-linux, - coreutils, - gnugrep, - findutils, +{ stdenv +, lib +, fetchFromGitHub +, makeWrapper +, rsync +, gawk +, pv +, gnutar +, zstd +, util-linux +, coreutils +, gnugrep +, findutils }: stdenv.mkDerivation rec { - pname = "anything-sync-daemon"; - version = "6.0.0"; + pname = "anything-sync-daemon"; + version = "6.0.0"; - src = fetchFromGitHub { - owner = "graysky2"; - repo = pname; - rev = "v${version}"; - hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I="; - }; + src = fetchFromGitHub { + owner = "graysky2"; + repo = pname; + rev = "v${version}"; + hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I="; + }; - patches = [./disableDaemonStopTargets.patch]; + patches = [ ./disableDaemonStopTargets.patch ]; - nativeBuildInputs = [makeWrapper]; + nativeBuildInputs = [ makeWrapper ]; - postPatch = '' - substituteInPlace init/asd* \ - --replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon - ''; + postPatch = '' + substituteInPlace init/asd* \ + --replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon + ''; - enableParallelBuilding = true; + enableParallelBuilding = true; - makeFlags = [ - "DESTDIR=${placeholder "out"}" - "PREFIX=" - "INITDIR_SYSTEMD=/lib/systemd/system" - ]; + makeFlags = [ + "DESTDIR=${placeholder "out"}" + "PREFIX=" + "INITDIR_SYSTEMD=/lib/systemd/system" + ]; - installTargets = ["install-systemd-all"]; + installTargets = [ "install-systemd-all" ]; - postInstall = '' - wrapProgram $out/bin/anything-sync-daemon \ - --suffix PATH : ${lib.makeBinPath [rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]} - ''; - - meta = with lib; { - description = "Symlinks and syncs user specified dirs to RAM"; - homepage = "https://github.com/graysky2/anything-sync-daemon/"; - license = lib.licenses.mit; - platforms = platforms.linux; - }; + postInstall = '' + wrapProgram $out/bin/anything-sync-daemon \ + --suffix PATH : ${lib.makeBinPath [ rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]} + ''; + + meta = with lib; { + description = "Symlinks and syncs user specified dirs to RAM"; + homepage = "https://github.com/graysky2/anything-sync-daemon/"; + license = lib.licenses.mit; + platforms = platforms.linux; + }; } diff --git a/roles/common/configuration.nix b/roles/common/configuration.nix index 53fa7ba..3e42588 100755 --- a/roles/common/configuration.nix +++ b/roles/common/configuration.nix @@ -1,136 +1,132 @@ +{ config, lib, pkgs, flakeSelf, ... }: + { - config, - lib, - pkgs, - flakeSelf, - ... -}: { - imports = [flakeSelf.inputs.nur.nixosModules.nur]; - environment = { - # As of the 1st of May 2023, the default packages are nano, perl, rsync and strace - # I don't need any of them, so I just empty the list - defaultPackages = []; - }; + imports = [ flakeSelf.inputs.nur.nixosModules.nur ]; + environment = { + # As of the 1st of May 2023, the default packages are nano, perl, rsync and strace + # I don't need any of them, so I just empty the list + defaultPackages = []; + }; - # Set up /tmp - boot.tmp = { - useTmpfs = false; - # Cleaning out /tmp at boot if it's a tmpfs is quite stupid - cleanOnBoot = !config.boot.tmp.useTmpfs; - }; + # Set up /tmp + boot.tmp = { + useTmpfs = false; + # Cleaning out /tmp at boot if it's a tmpfs is quite stupid + cleanOnBoot = !config.boot.tmp.useTmpfs; + }; - # Set up zram - zramSwap = { - enable = true; - priority = 100; - memoryPercent = 60; - # zstd my beloved <3 - algorithm = "zstd"; - }; - # zswap with zram is not a good idea - boot.kernelParams = ["zswap.enabled=0"]; + # Set up zram + zramSwap = { + enable = true; + priority = 100; + memoryPercent = 60; + # zstd my beloved <3 + algorithm = "zstd"; + }; + # zswap with zram is not a good idea + boot.kernelParams = [ "zswap.enabled=0" ]; - # Set up keyboard layout - services.xserver.xkb.layout = "es"; + # Set up keyboard layout + services.xserver.xkb.layout = "es"; - # Set up console - console = { - packages = [pkgs.terminus_font]; - earlySetup = true; - # mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware - font = lib.mkOverride 999 "ter-i16n"; - # Make the console use X's keyboard configuration - useXkbConfig = true; - }; + # Set up console + console = { + packages = [ pkgs.terminus_font ]; + earlySetup = true; + # mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware + font = lib.mkOverride 999 "ter-i16n"; + # Make the console use X's keyboard configuration + useXkbConfig = true; + }; - boot.supportedFilesystems = ["nfs"]; + boot.supportedFilesystems = [ "nfs" ]; + + # Set up localisation + i18n = { + defaultLocale = "en_US.UTF-8"; + extraLocaleSettings = { + LC_NUMERIC = "es_ES.UTF-8"; + # am/pm is nice but mm/dd/yy is yucky + LC_TIME = "es_US.UTF-8"; + LC_MONETARY = "es_ES.UTF-8"; + LC_MEASUREMENT = "es_ES.UTF-8"; + LC_PAPER = "es_ES.UTF-8"; + LC_ADDRESS = "es_US.UTF-8"; + LC_NAME = "es_ES.UTF-8"; + LC_TELEPHONE = "es_ES.UTF-8"; + }; + }; - # Set up localisation - i18n = { - defaultLocale = "en_US.UTF-8"; - extraLocaleSettings = { - LC_NUMERIC = "es_ES.UTF-8"; - # am/pm is nice but mm/dd/yy is yucky - LC_TIME = "es_US.UTF-8"; - LC_MONETARY = "es_ES.UTF-8"; - LC_MEASUREMENT = "es_ES.UTF-8"; - LC_PAPER = "es_ES.UTF-8"; - LC_ADDRESS = "es_US.UTF-8"; - LC_NAME = "es_ES.UTF-8"; - LC_TELEPHONE = "es_ES.UTF-8"; - }; - }; + services.fwupd.enable = true; - services.fwupd.enable = true; + # Set up my user + users.users.toast = { + isNormalUser = true; + description = "Toast"; + extraGroups = [ "wheel" ]; + }; - # Set up my user - users.users.toast = { - isNormalUser = true; - description = "Toast"; - extraGroups = ["wheel"]; - }; + # Set up time zone. + time.timeZone = "Europe/Madrid"; - # Set up time zone. - time.timeZone = "Europe/Madrid"; + nixpkgs.overlays = [ + ( + final: prev: { + catppuccin = prev.catppuccin.override { + accent = "mauve"; + variant = "mocha"; + themeList = [ + "bat" + "btop" + "starship" + "grub" + ]; + }; + } + ) + ]; - nixpkgs.overlays = [ - ( - final: prev: { - catppuccin = prev.catppuccin.override { - accent = "mauve"; - variant = "mocha"; - themeList = [ - "bat" - "btop" - "starship" - "grub" - ]; - }; - } - ) - ]; + home-manager = { + backupFileExtension = "hm-backup"; + useGlobalPkgs = true; + verbose = true; + users.toast = { config, ... }: { + home.stateVersion = "23.11"; + xdg = { + userDirs = { + enable = true; + createDirectories = true; + publicShare = null; # Disable the public folder + }; + }; + }; + }; - home-manager = { - backupFileExtension = "hm-backup"; - useGlobalPkgs = true; - verbose = true; - users.toast = {...}: { - home.stateVersion = "23.11"; - xdg = { - userDirs = { - enable = true; - createDirectories = true; - publicShare = null; # Disable the public folder - }; - }; - }; - }; + # Set up secrets + age = { + identityPaths = [ + "/persist/id_host" + ]; + }; - # Set up secrets - age = { - identityPaths = [ - "/persist/id_host" - ]; - }; + boot.loader.grub = { + theme = "${pkgs.catppuccin}/grub"; + backgroundColor = "#1E1E2E"; + splashImage = "${pkgs.catppuccin}/grub/background.png"; + }; - boot.loader.grub = { - theme = "${pkgs.catppuccin}/grub"; - backgroundColor = "#1E1E2E"; - splashImage = "${pkgs.catppuccin}/grub/background.png"; - }; - - /* - I used to keep the host keys in the repo as a secret, but since I use the - host keys for decrypting too I'm not sure encrypting a key with itself - is a good idea. Now the host keys will need to be placed manually where they are needed - For first time installs they are generated by services.openssh.hostKeys on servers, and - manually on everything else - */ - - system = { - stateVersion = "23.11"; - # Nix on nixos 23.05 does not have dirtyRev - configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty"; - nixos.variant_id = lib.strings.toLower config.networking.hostName; - }; + /* + I used to keep the host keys in the repo as a secret, but since I use the + host keys for decrypting too I'm not sure encrypting a key with itself + is a good idea. Now the host keys will need to be placed manually where they are needed + For first time installs they are generated by services.openssh.hostKeys on servers, and + manually on everything else + */ + + system = { + stateVersion = "23.11"; + # Nix on nixos 23.05 does not have dirtyRev + configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty"; + nixos.variant_id = lib.strings.toLower config.networking.hostName; + }; } diff --git a/roles/common/default.nix b/roles/common/default.nix index c9bfd8b..1e090a3 100755 --- a/roles/common/default.nix +++ b/roles/common/default.nix @@ -1,7 +1,9 @@ -{...}: { - imports = [ - ./programs - ./services - ./configuration.nix - ]; +{ ... }: + +{ + imports = [ + ./programs + ./services + ./configuration.nix + ]; } diff --git a/roles/common/programs/bash.nix b/roles/common/programs/bash.nix index 66bfbea..a87dea5 100644 --- a/roles/common/programs/bash.nix +++ b/roles/common/programs/bash.nix @@ -1,8 +1,10 @@ -{...}: { - home-manager.users.toast = {...}: { - programs.bash = { - enable = true; - enableVteIntegration = true; - }; - }; +{ config, ... }: + +{ + home-manager.users.toast = { config, ... }: { + programs.bash = { + enable = true; + enableVteIntegration = true; + }; + }; } diff --git a/roles/common/programs/bat.nix b/roles/common/programs/bat.nix index 021d531..43a53d1 100644 --- a/roles/common/programs/bat.nix +++ b/roles/common/programs/bat.nix @@ -1,25 +1,21 @@ +{ config, pkgs, ... }: + +let + themeName = if config.system.nixos.release == "23.11" then "Catppuccin-mocha" else "Catppuccin Mocha"; +in { - config, - pkgs, - ... -}: let - themeName = - if config.system.nixos.release == "23.11" - then "Catppuccin-mocha" - else "Catppuccin Mocha"; -in { - home-manager = { - users.toast.programs.bat = { - enable = true; - config = { - theme = "catppuccin-mocha"; - }; - themes = { - catppuccin-mocha = { - src = pkgs.catppuccin; - file = "bat/${themeName}.tmTheme"; - }; - }; - }; - }; + home-manager = { + users.toast.programs.bat = { + enable = true; + config = { + theme = "catppuccin-mocha"; + }; + themes = { + catppuccin-mocha = { + src = pkgs.catppuccin; + file = "bat/${themeName}.tmTheme"; + }; + }; + }; + }; } diff --git a/roles/common/programs/btop.nix b/roles/common/programs/btop.nix index c0bf0de..5150cbf 100644 --- a/roles/common/programs/btop.nix +++ b/roles/common/programs/btop.nix @@ -1,4 +1,6 @@ -{pkgs, ...}: { +{ pkgs, ... }: + +{ home-manager = { users.toast = { programs.btop = { @@ -12,4 +14,4 @@ }; }; }; -} +} \ No newline at end of file diff --git a/roles/common/programs/comma.nix b/roles/common/programs/comma.nix index c04afcb..3c3f07b 100644 --- a/roles/common/programs/comma.nix +++ b/roles/common/programs/comma.nix @@ -1,6 +1,8 @@ -{...}: { - # Use nix-index-database's comma wrapper - programs.nix-index-database.comma.enable = true; - # Run programs from the system's nixpkgs - environment.variables = {COMMA_NIXPKGS_FLAKE = "system";}; +{ config, pkgs, ... }: + +{ + # Use nix-index-database's comma wrapper + programs.nix-index-database.comma.enable = true; + # Run programs from the system's nixpkgs + environment.variables = { COMMA_NIXPKGS_FLAKE="system"; }; } diff --git a/roles/common/programs/command-not-found.nix b/roles/common/programs/command-not-found.nix index e3dcd3a..0816b39 100755 --- a/roles/common/programs/command-not-found.nix +++ b/roles/common/programs/command-not-found.nix @@ -1,4 +1,6 @@ -{...}: { - # The nixpkgs command-not-found script does not work with flakes, so I disable it - programs.command-not-found.enable = false; +{ config, ... }: + +{ + # The nixpkgs command-not-found script does not work with flakes, so I disable it + programs.command-not-found.enable = false; } diff --git a/roles/common/programs/default.nix b/roles/common/programs/default.nix index feff14d..bc89f3a 100755 --- a/roles/common/programs/default.nix +++ b/roles/common/programs/default.nix @@ -1,30 +1,32 @@ -{pkgs, ...}: { - imports = [ - ./htop.nix - ./nix.nix - ./micro.nix - ./nix-index.nix - ./command-not-found.nix - ./comma.nix - ./bash.nix - ./git.nix - ./starship.nix - ./bat.nix - ./btop.nix - ./helix.nix - ./direnv.nix - ]; - # Some programs dont have a programs.*.enable option, so I install their package here - environment.systemPackages = with pkgs; [ - speedtest-cli - # Bat has a home manager module, but I want it to be available system wide - bat - file - nvd - ncdu - tree - btdu - iperf3 - restic - ]; +{ config, pkgs, ... }: + +{ + imports = [ + ./htop.nix + ./nix.nix + ./micro.nix + ./nix-index.nix + ./command-not-found.nix + ./comma.nix + ./bash.nix + ./git.nix + ./starship.nix + ./bat.nix + ./btop.nix + ./helix.nix + ./direnv.nix + ]; + # Some programs dont have a programs.*.enable option, so I install their package here + environment.systemPackages = with pkgs; [ + speedtest-cli + # Bat has a home manager module, but I want it to be available system wide + bat + file + nvd + ncdu + tree + btdu + iperf3 + restic + ]; } diff --git a/roles/common/programs/direnv.nix b/roles/common/programs/direnv.nix index 856dcbb..c0ab11a 100644 --- a/roles/common/programs/direnv.nix +++ b/roles/common/programs/direnv.nix @@ -1,4 +1,6 @@ -{...}: { +{ ... }: + +{ programs.direnv = { enable = true; nix-direnv = { diff --git a/roles/common/programs/git.nix b/roles/common/programs/git.nix index 3b125df..17fdf47 100644 --- a/roles/common/programs/git.nix +++ b/roles/common/programs/git.nix @@ -1,29 +1,34 @@ -{pkgs, ...}: let - catppuccinDelta = pkgs.fetchFromGitHub { - owner = "catppuccin"; - repo = "delta"; - rev = "main"; - hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs="; - }; -in { - home-manager.users.toast = { - programs.git = { - enable = true; - userName = "Toast"; - userEmail = "toast003@tutamail.com"; - delta = { - enable = true; - options = { - syntax-theme = "catppuccin-mocha"; - features = "catppuccin-mocha"; - }; - }; - includes = [{path = "${catppuccinDelta}/themes/mocha.gitconfig";}]; - extraConfig = { - init.defaultBranch = "main"; - diff.colorMoved = "default"; - commit.verbose = "true"; - }; - }; - }; +{ config, pkgs, ... }: + +let + catppuccinDelta = pkgs.fetchFromGitHub { + owner = "catppuccin"; + repo = "delta"; + rev = "main"; + hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs="; + }; +in + +{ + home-manager.users.toast = { + programs.git = { + enable = true; + userName = "Toast"; + userEmail = "toast003@tutamail.com"; + delta = { + enable = true; + options = { + syntax-theme = "catppuccin-mocha"; + features = "catppuccin-mocha"; + }; + }; + includes = [{ path = "${catppuccinDelta}/themes/mocha.gitconfig"; }]; + extraConfig = { + init.defaultBranch = "main"; + diff.colorMoved = "default"; + commit.verbose = "true"; + }; + }; + }; } + diff --git a/roles/common/programs/helix.nix b/roles/common/programs/helix.nix index 70fa320..78f09da 100644 --- a/roles/common/programs/helix.nix +++ b/roles/common/programs/helix.nix @@ -1,4 +1,6 @@ -{pkgs, ...}: { +{ pkgs, ... }: + +{ home-manager.users.toast = { programs.helix = { enable = true; @@ -7,7 +9,7 @@ nixpkgs-fmt nil ]; - settings = { + settings = { theme = "catppuccin_mocha"; editor = { mouse = true; diff --git a/roles/common/programs/htop.nix b/roles/common/programs/htop.nix index 4d8bd79..4eb7fbe 100755 --- a/roles/common/programs/htop.nix +++ b/roles/common/programs/htop.nix @@ -1,13 +1,15 @@ -{...}: { - programs.htop = { - enable = true; - settings = { - tree_view = 1; - highlight_base_name = 1; - show_program_path = 0; - show_cpu_frequency = 1; - show_cpu_temperature = 1; - hide_userland_threads = 1; - }; - }; +{ config, ... }: + +{ + programs.htop = { + enable = true; + settings = { + tree_view = 1; + highlight_base_name = 1; + show_program_path = 0; + show_cpu_frequency = 1; + show_cpu_temperature = 1; + hide_userland_threads = 1; + }; + }; } diff --git a/roles/common/programs/micro.nix b/roles/common/programs/micro.nix index 75df151..e92646b 100644 --- a/roles/common/programs/micro.nix +++ b/roles/common/programs/micro.nix @@ -1,14 +1,17 @@ -{...}: { - home-manager = { - users.toast = {...}: { - programs.micro = { - enable = true; - settings = { - clipboard = "internal"; - indentchar = "|"; - softwrap = true; - }; - }; - }; - }; +{ config, pkgs, ... }: + +{ + home-manager = { + users.toast = { config, pkgs, ... }: + { + programs.micro = { + enable = true; + settings = { + clipboard = "internal"; + indentchar = "|"; + softwrap = true; + }; + }; + }; + }; } diff --git a/roles/common/programs/nix-index.nix b/roles/common/programs/nix-index.nix index c3a8177..492f770 100755 --- a/roles/common/programs/nix-index.nix +++ b/roles/common/programs/nix-index.nix @@ -1,15 +1,15 @@ -{...}: { - /* - environment.systemPackages = [ pkgs.nix-index ]; - programs.bash.interactiveShellInit = '' - source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh - ''; - */ - programs.nix-index = { - enable = true; - enableBashIntegration = true; - # I don't use zsh or fish (yet) - enableZshIntegration = false; - enableFishIntegration = false; - }; +{ config, ... }: + +{ + /* environment.systemPackages = [ pkgs.nix-index ]; + programs.bash.interactiveShellInit = '' +source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh + ''; */ + programs.nix-index = { + enable = true; + enableBashIntegration = true; + # I don't use zsh or fish (yet) + enableZshIntegration = false; + enableFishIntegration = false; + }; } diff --git a/roles/common/programs/nix.nix b/roles/common/programs/nix.nix index 1663df2..41e4cc2 100755 --- a/roles/common/programs/nix.nix +++ b/roles/common/programs/nix.nix @@ -1,30 +1,25 @@ -{systemPkgs, ...}: { - nix = { - settings = { - auto-optimise-store = true; - experimental-features = "nix-command flakes"; - }; - optimise = { - automatic = true; - dates = ["weekly"]; - }; - registry = { - agenix = { - from = { - id = "agenix"; - type = "indirect"; - }; - to = { - owner = "ryantm"; - repo = "agenix"; - type = "github"; - }; - }; - # Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions - # https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html - system.flake = systemPkgs; - }; - # I removed this in the past since I thought that I didn't need it, but turns out comma does :) - nixPath = ["nixpkgs=${systemPkgs}"]; - }; +{ config, systemPkgs, ... }: + +{ + nix = { + settings = { + auto-optimise-store = true; + experimental-features = "nix-command flakes"; + }; + optimise = { + automatic = true; + dates = [ "weekly" ]; + }; + registry = { + agenix = { + from = { id = "agenix"; type = "indirect"; }; + to = { owner = "ryantm"; repo = "agenix"; type = "github"; }; + }; + # Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions + # https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html + system.flake = systemPkgs; + }; + # I removed this in the past since I thought that I didn't need it, but turns out comma does :) + nixPath = [ "nixpkgs=${systemPkgs}" ]; + }; } diff --git a/roles/common/programs/starship.nix b/roles/common/programs/starship.nix index 8e60667..3a29736 100644 --- a/roles/common/programs/starship.nix +++ b/roles/common/programs/starship.nix @@ -1,52 +1,53 @@ -{ - pkgs, - lib, - ... -}: +{ pkgs, lib, ... }: + with lib; -with builtins; let - catppuccinFlavour = "mocha"; - catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml; +with builtins; - presets = { - nerdFontSymbols = pkgs.fetchurl { - url = "https://starship.rs/presets/toml/nerd-font-symbols.toml"; - hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug="; - }; - }; - # -------------------------------- F U N C T I O N S -------------------------------- +let + catppuccinFlavour = "mocha"; + catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml; - /* - Gonna be honest, I have no idea how this works, although it seems to work - Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e - */ - # Takes a list of attrSets and merges them - mergeAllAttrSets = attrsSets: - foldl' recursiveUpdate {} attrsSets; + presets = { + nerdFontSymbols = pkgs.fetchurl { + url = "https://starship.rs/presets/toml/nerd-font-symbols.toml"; + hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug="; + }; + }; + # -------------------------------- F U N C T I O N S -------------------------------- - # Reads a TOML file and parses it - readTomlPreset = file: (fromTOML (readFile file)); -in { - programs.starship = { - enable = true; - settings = mergeAllAttrSets [ - (readTomlPreset presets.nerdFontSymbols) - (readTomlPreset catppuccinStarship) - { - nix_shell = { - disabled = false; - heuristic = true; - }; - os = { - disabled = false; - }; - directory = { - disabled = false; - truncation_length = 6; - truncation_symbol = ".../"; - }; - palette = "catppuccin_${catppuccinFlavour}"; - } - ]; - }; + /* + Gonna be honest, I have no idea how this works, although it seems to work + Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e + */ + # Takes a list of attrSets and merges them + mergeAllAttrSets = attrsSets: + foldl' (recursiveUpdate) {} attrsSets; + + # Reads a TOML file and parses it + readTomlPreset = file: (fromTOML (readFile file)); + +in +{ + programs.starship = { + enable = true; + settings = mergeAllAttrSets [ + (readTomlPreset presets.nerdFontSymbols) + (readTomlPreset catppuccinStarship) + { + nix_shell = { + disabled = false; + heuristic = true; + }; + os = { + disabled = false; + }; + directory = { + disabled = false; + truncation_length = 6; + truncation_symbol = ".../"; + }; + palette = "catppuccin_${catppuccinFlavour}"; + } + ]; + }; } diff --git a/roles/common/services/avahi.nix b/roles/common/services/avahi.nix index 5136f64..ef9d747 100755 --- a/roles/common/services/avahi.nix +++ b/roles/common/services/avahi.nix @@ -1,23 +1,19 @@ -{config, ...}: let - old = { - nssmdns = true; - }; - new = { - nssmdns4 = true; - }; -in { - /* - NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6 - 23.11 doesn't support this, so I need to use the conditional to be able to - use the same config for both - */ - services.avahi = - { - enable = true; - } - // ( - if config.system.nixos.release == "23.11" - then old - else new - ); +{ config, ... }: +let + old = { + nssmdns = true; + }; + new = { + nssmdns4 = true; + }; +in +{ + /* + NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6 + 23.11 doesn't support this, so I need to use the conditional to be able to + use the same config for both + */ + services.avahi = { + enable = true; + } // (if config.system.nixos.release == "23.11" then old else new); } diff --git a/roles/common/services/default.nix b/roles/common/services/default.nix index 960410b..a045e1c 100644 --- a/roles/common/services/default.nix +++ b/roles/common/services/default.nix @@ -1,7 +1,9 @@ -{...}: { - imports = [ - ./avahi.nix - ./tailscale.nix - ./syncthing.nix - ]; +{ ... }: + +{ + imports = [ + ./avahi.nix + ./tailscale.nix + ./syncthing.nix + ]; } diff --git a/roles/common/services/syncthing.nix b/roles/common/services/syncthing.nix index 8d81a53..501b4e3 100755 --- a/roles/common/services/syncthing.nix +++ b/roles/common/services/syncthing.nix @@ -1,60 +1,60 @@ -{ - config, - flakeSelf, - ... -}: let - hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; -in { - # Get secrets - age.secrets = { - syncthingKey.file = hostSecrets + "/syncthingKey.age"; - syncthingCert.file = hostSecrets + "/syncthingCert.age"; - }; +{ config, flakeSelf, ... }: - services.syncthing = { - key = config.age.secrets.syncthingKey.path; - cert = config.age.secrets.syncthingCert.path; - overrideDevices = true; - overrideFolders = true; - openDefaultPorts = true; - settings = { - options = { - urAccepted = 3; - }; - # Set up devices and folders common to every device - devices = { - "phone" = { - name = "Xiaomi Redmi Note 10 Pro"; - id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6"; - }; - "pc" = { - name = "Archie"; - id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY"; - }; - "steamdeck" = { - name = "Steam Deck"; - id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN"; - }; - "server" = { - name = "Everest"; - id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ"; - }; - "surface" = { - name = "Surface Go"; - id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4"; - }; - "winmax2" = { - name = "Win Max 2"; - id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS"; - }; - }; - folders = { - "passwords" = { - label = "KeePassXC Passwords"; - id = "rdyaq-ex659"; - devices = ["phone" "pc" "steamdeck" "server" "surface" "winmax2"]; - }; - }; - }; - }; +let + hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; +in + +{ + # Get secrets + age.secrets = { + syncthingKey.file = hostSecrets + "/syncthingKey.age"; + syncthingCert.file = hostSecrets + "/syncthingCert.age"; + }; + + services.syncthing = { + key = config.age.secrets.syncthingKey.path; + cert = config.age.secrets.syncthingCert.path; + overrideDevices = true; + overrideFolders = true; + openDefaultPorts = true; + settings = { + options = { + urAccepted = 3; + }; + # Set up devices and folders common to every device + devices = { + "phone" = { + name = "Xiaomi Redmi Note 10 Pro"; + id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6"; + }; + "pc" = { + name = "Archie"; + id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY"; + }; + "steamdeck" = { + name = "Steam Deck"; + id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN"; + }; + "server" = { + name = "Everest"; + id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ"; + }; + "surface" = { + name = "Surface Go"; + id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4"; + }; + "winmax2" = { + name = "Win Max 2"; + id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS"; + }; + }; + folders = { + "passwords" = { + label = "KeePassXC Passwords"; + id = "rdyaq-ex659"; + devices = [ "phone" "pc" "steamdeck" "server" "surface" "winmax2"]; + }; + }; + }; + }; } diff --git a/roles/common/services/tailscale.nix b/roles/common/services/tailscale.nix index a7c0338..176bded 100644 --- a/roles/common/services/tailscale.nix +++ b/roles/common/services/tailscale.nix @@ -1,10 +1,12 @@ -{lib, ...}: { - services.tailscale = { - enable = true; - useRoutingFeatures = lib.mkDefault "client"; - }; +{ config, lib, ... }: - systemd.services.tailscaled.environment = { - TS_NO_LOGS_NO_SUPPORT = "true"; - }; +{ + services.tailscale = { + enable = true; + useRoutingFeatures = lib.mkDefault "client"; + }; + + systemd.services.tailscaled.environment = { + TS_NO_LOGS_NO_SUPPORT = "true"; + }; } diff --git a/roles/desktop/configuration.nix b/roles/desktop/configuration.nix index 26030cf..ab3242a 100644 --- a/roles/desktop/configuration.nix +++ b/roles/desktop/configuration.nix @@ -1,17 +1,19 @@ -{pkgs, ...}: { - # Enable scanning - hardware.sane = { - enable = true; - extraBackends = [pkgs.sane-airscan]; - }; - users.users.toast.extraGroups = ["scanner"]; +{ config, pkgs, ... }: - services.xserver.enable = true; +{ + # Enable scanning + hardware.sane = { + enable = true; + extraBackends = [ pkgs.sane-airscan ]; + }; + users.users.toast.extraGroups = [ "scanner" ]; - # Set up fonts - fonts.packages = [ - (pkgs.nerdfonts.override {fonts = ["Hack" "JetBrainsMono"];}) - ]; + services.xserver.enable = true; - boot.plymouth.enable = true; + # Set up fonts + fonts.packages = [ + ( pkgs.nerdfonts.override { fonts = [ "Hack" "JetBrainsMono" ]; } ) + ]; + + boot.plymouth.enable = true; } diff --git a/roles/desktop/default.nix b/roles/desktop/default.nix index d8e1f2b..7933104 100644 --- a/roles/desktop/default.nix +++ b/roles/desktop/default.nix @@ -1,7 +1,9 @@ -{...}: { - imports = [ - ./services - ./programs - ./configuration.nix - ]; +{ ... }: + +{ + imports = [ + ./services + ./programs + ./configuration.nix + ]; } diff --git a/roles/desktop/programs/default.nix b/roles/desktop/programs/default.nix index 6a06ba2..fe5bf8e 100755 --- a/roles/desktop/programs/default.nix +++ b/roles/desktop/programs/default.nix @@ -1,12 +1,14 @@ -{...}: { - imports = [ - ./discord.nix - ./firefox.nix - ./micro.nix - ./keepassxc.nix - ./jamesdsp.nix - ./vscode.nix - ./git.nix - ./ssh.nix - ]; +{ ... }: + +{ + imports = [ + ./discord.nix + ./firefox.nix + ./micro.nix + ./keepassxc.nix + ./jamesdsp.nix + ./vscode.nix + ./git.nix + ./ssh.nix + ]; } diff --git a/roles/desktop/programs/discord.nix b/roles/desktop/programs/discord.nix index 722d013..db431ab 100644 --- a/roles/desktop/programs/discord.nix +++ b/roles/desktop/programs/discord.nix @@ -1,44 +1,41 @@ -{ - pkgs, - lib, - ... -}: let - discordOverlay = _self: super: { - discord = super.discord.override { - withOpenASAR = true; - withVencord = true; - }; - # Update some stuff while I wait for nixpkgs - /* - vencord = super.vencord.overrideAttrs rec { - version = "522fdcd"; - src = pkgs.fetchFromGitHub { - owner = "Vendicated"; - repo = "Vencord"; - rev = "522fdcd"; - #rev = "v${version}"; - hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM="; - }; - }; - */ - }; - stock-discord = _self: super: { - discord = super.discord.override { - withOpenASAR = false; - withVencord = false; - }; - }; -in { - # Sometimes discord breaks after updates, and launching it stock once fixes it - specialisation.stockDiscord.configuration = { - nixpkgs.overlays = lib.mkAfter [stock-discord]; - }; +{ config, pkgs, lib, ... }: - nixpkgs.overlays = [discordOverlay]; - home-manager.users.toast = { - home.packages = with pkgs; [ - discord - vesktop - ]; - }; + let + discordOverlay = self: super: { + discord = super.discord.override { + withOpenASAR = true; + withVencord = true; + }; + # Update some stuff while I wait for nixpkgs + /*vencord = super.vencord.overrideAttrs rec { + version = "522fdcd"; + src = pkgs.fetchFromGitHub { + owner = "Vendicated"; + repo = "Vencord"; + rev = "522fdcd"; + #rev = "v${version}"; + hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM="; + }; + };*/ + }; + stock-discord = self: super: { + discord = super.discord.override { + withOpenASAR = false; + withVencord = false; + }; + }; + in +{ + # Sometimes discord breaks after updates, and launching it stock once fixes it + specialisation.stockDiscord.configuration = { + nixpkgs.overlays = lib.mkAfter [ stock-discord ]; + }; + + nixpkgs.overlays = [ discordOverlay ]; + home-manager.users.toast = { + home.packages = with pkgs; [ + discord + vesktop + ]; + }; } diff --git a/roles/desktop/programs/firefox.nix b/roles/desktop/programs/firefox.nix index 96b50a9..89e1e27 100644 --- a/roles/desktop/programs/firefox.nix +++ b/roles/desktop/programs/firefox.nix @@ -1,55 +1,57 @@ -{lib, ...}: { - # System wide firefox settings - programs.firefox = { - enable = true; - policies = { - "DisablePocket" = true; - "DisableTelemetry" = true; - # You need these for Spotify - "EncryptedMediaExtensions" = {"Enabled" = true;}; - "ExtensionSettings" = { - # TODO: Install extensions the NUR instead of from AMO - "uBlock0@raymondhill.net" = { - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; - }; - # Decentraleyes - "jid1-BoFifL9Vbdl2zQ@jetpack" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; - }; - "jid1-MnnxcxisBPnSXQ@jetpack" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; - }; - # Uninstall the kde plasma integration extension if KDE is not installed - "plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked"; - }; - "Preferences" = { - # Enable video hardware acceleration - "media.ffmpeg.vaapi.enabled" = { - "Value" = true; - "Status" = "default"; - }; - "dom.security.https_only_mode" = { - "Value" = true; - "Status" = "locked"; - }; - "general.smoothScroll.msdPhysics.enabled" = { - "Value" = true; - "Status" = "default"; - }; - }; - "PromptForDownloadLocation" = true; - # I use an external password manager, so the built in one just bothers me - "PasswordManagerEnabled" = false; - "Permissions" = { - "Autoplay" = { - "Allow" = ["https://www.youtube.com"]; - "Default" = "block-audio-video"; - }; - }; - "FirefoxHome" = {"SponsoredTopSites" = false;}; - }; - }; +{ config, lib, ... }: + +{ + # System wide firefox settings + programs.firefox = { + enable = true; + policies = { + "DisablePocket" = true; + "DisableTelemetry" = true; + # You need these for Spotify + "EncryptedMediaExtensions" = { "Enabled" = true; }; + "ExtensionSettings" = { + # TODO: Install extensions the NUR instead of from AMO + "uBlock0@raymondhill.net" = { + "installation_mode" = "force_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; + }; + # Decentraleyes + "jid1-BoFifL9Vbdl2zQ@jetpack" = { + "installation_mode" = "normal_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; + }; + "jid1-MnnxcxisBPnSXQ@jetpack" = { + "installation_mode" = "normal_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; + }; + # Uninstall the kde plasma integration extension if KDE is not installed + "plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked"; + }; + "Preferences" = { + # Enable video hardware acceleration + "media.ffmpeg.vaapi.enabled" = { + "Value" = true; + "Status" = "default"; + }; + "dom.security.https_only_mode" = { + "Value" = true; + "Status" = "locked"; + }; + "general.smoothScroll.msdPhysics.enabled" = { + "Value" = true; + "Status" = "default"; + }; + }; + "PromptForDownloadLocation" = true; + # I use an external password manager, so the built in one just bothers me + "PasswordManagerEnabled" = false; + "Permissions" = { + "Autoplay" = { + "Allow" = [ "https://www.youtube.com" ]; + "Default" = "block-audio-video"; + }; + }; + "FirefoxHome" = { "SponsoredTopSites" = false; }; + }; + }; } diff --git a/roles/desktop/programs/git.nix b/roles/desktop/programs/git.nix index 594c3e7..d630bdd 100644 --- a/roles/desktop/programs/git.nix +++ b/roles/desktop/programs/git.nix @@ -1,8 +1,6 @@ +{ pkgs, lib, ... }: + { - pkgs, - lib, - ... -}: { home-manager.users.toast = { programs.git = { package = pkgs.gitFull; @@ -13,6 +11,6 @@ }; }; - home.packages = [pkgs.git-cola]; + home.packages = [ pkgs.git-cola ]; }; } diff --git a/roles/desktop/programs/jamesdsp.nix b/roles/desktop/programs/jamesdsp.nix index a9933bc..4316cb5 100644 --- a/roles/desktop/programs/jamesdsp.nix +++ b/roles/desktop/programs/jamesdsp.nix @@ -1,3 +1,5 @@ -{pkgs, ...}: { - users.users.toast.packages = [pkgs.jamesdsp]; +{ config, pkgs, ... }: + +{ + users.users.toast.packages = [ pkgs.jamesdsp ]; } diff --git a/roles/desktop/programs/keepassxc.nix b/roles/desktop/programs/keepassxc.nix index ad2dbb2..7b42daf 100644 --- a/roles/desktop/programs/keepassxc.nix +++ b/roles/desktop/programs/keepassxc.nix @@ -1,63 +1,63 @@ -{lib, ...}: let - kpxcSettings = lib.generators.toINI {} { - General = { - # Not sure what changing this does, I'll leave it alone - ConfigVersion = 2; - MinimizeAfterUnlock = true; - AutoSaveAfterEveryChange = false; - }; - GUI = { - ApplicationTheme = "classic"; - MinimizeOnStartup = false; - MinimizeOnClose = true; - MinimizeToTray = true; - ShowTrayIcon = true; - # 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style - ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window - # monochrome-light, monochrome-dark or colorful - TrayIconAppearance = "monochrome-light"; - }; - Security = { - HideNotes = true; - IconDownloadFallback = true; - }; - SSHAgent.Enabled = true; - }; -in { - home-manager = { - extraSpecialArgs = {kpxcSettings = kpxcSettings;}; - users.toast = { - pkgs, - kpxcSettings, - ... - }: { - # No module for KeePassXC config :( - home = { - packages = [pkgs.keepassxc]; - file = { - ".config/keepassxc/keepassxc.ini".text = kpxcSettings; - # For some reason the autostart .desktop is not the same as the regular one - ".config/autostart/org.keepassxc.KeePassXC.desktop".text = '' - [Desktop Entry] - Name=KeePassXC - GenericName=Password Manager - Exec=keepassxc - TryExec=keepassxc - Icon=keepassxc - StartupWMClass=keepassxc - StartupNotify=true - Terminal=false - Type=Application - Version=1.0 - Categories=Utility;Security;Qt; - MimeType=application/x-keepass2; - X-GNOME-Autostart-enabled=true - X-GNOME-Autostart-Delay=2 - X-KDE-autostart-after=panel - X-LXQt-Need-Tray=true - ''; - }; - }; - }; - }; +{ config, pkgs, lib, ... }: + +let + kpxcSettings = lib.generators.toINI {} { + General = { + # Not sure what changing this does, I'll leave it alone + ConfigVersion = 2; + MinimizeAfterUnlock = true; + AutoSaveAfterEveryChange = false; + }; + GUI = { + ApplicationTheme = "classic"; + MinimizeOnStartup = false; + MinimizeOnClose = true; + MinimizeToTray = true; + ShowTrayIcon = true; + # 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style + ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window + # monochrome-light, monochrome-dark or colorful + TrayIconAppearance = "monochrome-light"; + }; + Security = { + HideNotes = true; + IconDownloadFallback = true; + }; + SSHAgent.Enabled = true; + }; +in + +{ + home-manager = { + extraSpecialArgs = { kpxcSettings = kpxcSettings; }; + users.toast = { config, pkgs, kpxcSettings, ... }: { + # No module for KeePassXC config :( + home = { + packages = [ pkgs.keepassxc ]; + file = { + ".config/keepassxc/keepassxc.ini".text = kpxcSettings; + # For some reason the autostart .desktop is not the same as the regular one + ".config/autostart/org.keepassxc.KeePassXC.desktop".text = '' + [Desktop Entry] + Name=KeePassXC + GenericName=Password Manager + Exec=keepassxc + TryExec=keepassxc + Icon=keepassxc + StartupWMClass=keepassxc + StartupNotify=true + Terminal=false + Type=Application + Version=1.0 + Categories=Utility;Security;Qt; + MimeType=application/x-keepass2; + X-GNOME-Autostart-enabled=true + X-GNOME-Autostart-Delay=2 + X-KDE-autostart-after=panel + X-LXQt-Need-Tray=true + ''; + }; + }; + }; + }; } diff --git a/roles/desktop/programs/micro.nix b/roles/desktop/programs/micro.nix index d934774..a09e819 100644 --- a/roles/desktop/programs/micro.nix +++ b/roles/desktop/programs/micro.nix @@ -1,18 +1,21 @@ -{lib, ...}: { - home-manager = { - users.toast = {pkgs, ...}: { - programs.micro = { - enable = true; - settings = { - # Use xclip/wl-clipboard for copying and pasting - clipboard = lib.mkForce "external"; - }; - }; - /* - On a kde wayland session micro uses xsel or xclip instead of wl-clipboard - which doesn't work, so I only install wl-clipboard here to make micro use it - */ - home.packages = with pkgs; [wl-clipboard]; - }; - }; +{ config, pkgs, lib, ... }: + +{ + home-manager = { + users.toast = { config, pkgs, ... }: + { + programs.micro = { + enable = true; + settings = { + # Use xclip/wl-clipboard for copying and pasting + clipboard = lib.mkForce "external"; + }; + }; + /* + On a kde wayland session micro uses xsel or xclip instead of wl-clipboard + which doesn't work, so I only install wl-clipboard here to make micro use it + */ + home.packages = with pkgs; [ wl-clipboard ]; + }; + }; } diff --git a/roles/desktop/programs/ssh.nix b/roles/desktop/programs/ssh.nix index 86f1b2d..b3f17f0 100644 --- a/roles/desktop/programs/ssh.nix +++ b/roles/desktop/programs/ssh.nix @@ -1,4 +1,6 @@ -{...}: { +{ ... }: + +{ home-manager.users.toast = { programs.ssh = { enable = true; diff --git a/roles/desktop/programs/vscode.nix b/roles/desktop/programs/vscode.nix index 0147762..d75c465 100644 --- a/roles/desktop/programs/vscode.nix +++ b/roles/desktop/programs/vscode.nix @@ -1,44 +1,40 @@ +{ config, pkgs, flakeSelf, ... }: +let inputs = flakeSelf.inputs; in { - pkgs, - flakeSelf, - ... -}: let - inputs = flakeSelf.inputs; -in { - nixpkgs.overlays = [inputs.catppuccin-vsc.overlays.default]; - home-manager.users.toast = { - home.packages = with pkgs; [ - nixpkgs-fmt - ]; - programs.vscode = { - enable = true; - package = pkgs.vscodium; - mutableExtensionsDir = false; - extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [ - jnoortheen.nix-ide - (pkgs.catppuccin-vsc.override { - workbenchMode = "flat"; - extraBordersEnabled = true; - }) - catppuccin.catppuccin-vsc-icons - waderyan.gitblame - ]; - userSettings = { - # VSCode doesn't like nested settings - # https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep - # TODO: write a function that unnests settings - "workbench.colorTheme" = "Catppuccin Mocha"; - "workbench.iconTheme" = "catppuccin-mocha"; - "editor.fontFamily" = "JetBrainsMono Nerd Font"; - "editor.semanticHighlighting.enabled" = true; - "nix.enableLanguageServer" = true; - "nix.serverPath" = "${pkgs.nil}/bin/nil"; - "nix.serverSettings" = { - "nil"."formatting"."command" = ["nixpkgs-fmt"]; - }; - "terminal.integrated.minimumContrastRatio" = 1; - "window.titleBarStyle" = "custom"; - }; - }; - }; + nixpkgs.overlays = [ inputs.catppuccin-vsc.overlays.default ]; + home-manager.users.toast = { + home.packages = with pkgs; [ + nixpkgs-fmt + ]; + programs.vscode = { + enable = true; + package = pkgs.vscodium; + mutableExtensionsDir = false; + extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [ + jnoortheen.nix-ide + (pkgs.catppuccin-vsc.override { + workbenchMode = "flat"; + extraBordersEnabled = true; + }) + catppuccin.catppuccin-vsc-icons + waderyan.gitblame + ]; + userSettings = { + # VSCode doesn't like nested settings + # https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep + # TODO: write a function that unnests settings + "workbench.colorTheme" = "Catppuccin Mocha"; + "workbench.iconTheme" = "catppuccin-mocha"; + "editor.fontFamily" = "JetBrainsMono Nerd Font"; + "editor.semanticHighlighting.enabled" = true; + "nix.enableLanguageServer" = true; + "nix.serverPath" = "${pkgs.nil}/bin/nil"; + "nix.serverSettings" = { + "nil"."formatting"."command" = [ "nixpkgs-fmt" ]; + }; + "terminal.integrated.minimumContrastRatio" = 1; + "window.titleBarStyle" = "custom"; + }; + }; + }; } diff --git a/roles/desktop/services/default.nix b/roles/desktop/services/default.nix index f08cc3b..c746c38 100644 --- a/roles/desktop/services/default.nix +++ b/roles/desktop/services/default.nix @@ -1,10 +1,12 @@ -{...}: { - imports = [ - ./ssh-agent.nix - ./flatpak.nix - ./syncthing.nix - ./pipewire.nix - ./printing.nix - ./networkmanager.nix - ]; +{ ... }: + +{ + imports = [ + ./ssh-agent.nix + ./flatpak.nix + ./syncthing.nix + ./pipewire.nix + ./printing.nix + ./networkmanager.nix + ]; } diff --git a/roles/desktop/services/flatpak.nix b/roles/desktop/services/flatpak.nix index 57d5456..20903f8 100644 --- a/roles/desktop/services/flatpak.nix +++ b/roles/desktop/services/flatpak.nix @@ -1,17 +1,19 @@ -{flakeSelf, ...}: { - services.flatpak.enable = true; +{ config, pkgs, flakeSelf, ... }: - home-manager = { - sharedModules = [{imports = [flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak];}]; - users.toast = { - services.flatpak = { - packages = ["tv.plex.PlexDesktop"]; - uninstallUnmanagedPackages = true; - update.auto = { - enable = true; - onCalendar = "weekly"; - }; - }; - }; - }; +{ + services.flatpak.enable = true; + + home-manager = { + sharedModules = [{ imports = [ flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak ]; }]; + users.toast = { + services.flatpak = { + packages = [ "tv.plex.PlexDesktop" ]; + uninstallUnmanagedPackages = true; + update.auto = { + enable = true; + onCalendar = "weekly"; + }; + }; + }; + }; } diff --git a/roles/desktop/services/networkmanager.nix b/roles/desktop/services/networkmanager.nix index d56c81b..7a64922 100644 --- a/roles/desktop/services/networkmanager.nix +++ b/roles/desktop/services/networkmanager.nix @@ -1,6 +1,10 @@ -{config, ...}: let +{ config, ... }: + +let tailscaleName = config.services.tailscale.interfaceName; -in { +in + +{ networking.networkmanager = { enable = true; unmanaged = [ diff --git a/roles/desktop/services/pipewire.nix b/roles/desktop/services/pipewire.nix index f32365b..d064adb 100644 --- a/roles/desktop/services/pipewire.nix +++ b/roles/desktop/services/pipewire.nix @@ -1,9 +1,11 @@ -{...}: { - services.pipewire = { - enable = true; - pulse.enable = true; - }; +{ config, ... }: - # This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters - security.rtkit.enable = true; +{ + services.pipewire = { + enable = true; + pulse.enable = true; + }; + + # This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters + security.rtkit.enable = true; } diff --git a/roles/desktop/services/printing.nix b/roles/desktop/services/printing.nix index 49a590d..f32c58f 100644 --- a/roles/desktop/services/printing.nix +++ b/roles/desktop/services/printing.nix @@ -1,7 +1,9 @@ -{...}: { - services.printing = { - enable = true; - startWhenNeeded = true; - stateless = true; - }; +{ config, ... }: + +{ + services.printing = { + enable = true; + startWhenNeeded = true; + stateless = true; + }; } diff --git a/roles/desktop/services/ssh-agent.nix b/roles/desktop/services/ssh-agent.nix index 6f734f8..31b9f73 100644 --- a/roles/desktop/services/ssh-agent.nix +++ b/roles/desktop/services/ssh-agent.nix @@ -1,19 +1,21 @@ -{...}: { - programs.ssh.startAgent = true; - /* - Home assistant added an option that does this - https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94 - but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one - */ - /* - TODO: fix SSH_AUTH_SOCK not being set in Plasma - Turns out the NixOS module also has issues :3 - The env is set but only in bash, not in the DE, so - keepass can't pick it up. For now I'll just set it manually - */ - home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = '' - if [[ -z "$SSH_AUTH_SOCK" ]]; then - export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent - fi - ''; +{ config, pkgs, ... }: + +{ + programs.ssh.startAgent = true; + /* + Home assistant added an option that does this + https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94 + but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one + */ + /* + TODO: fix SSH_AUTH_SOCK not being set in Plasma + Turns out the NixOS module also has issues :3 + The env is set but only in bash, not in the DE, so + keepass can't pick it up. For now I'll just set it manually + */ + home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = '' + if [[ -z "$SSH_AUTH_SOCK" ]]; then + export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent + fi + ''; } diff --git a/roles/desktop/services/syncthing.nix b/roles/desktop/services/syncthing.nix index ba2ca9f..84dc962 100644 --- a/roles/desktop/services/syncthing.nix +++ b/roles/desktop/services/syncthing.nix @@ -1,23 +1,25 @@ -{config, ...}: { - services.syncthing = { - enable = true; - user = "toast"; - group = "users"; - dataDir = config.users.users.toast.home; - settings.folders."passwords".path = "~/Documents/Passwords"; - }; - # Allow regular users to stop syncthing - # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "syncthing.service" && - subject.user == "${config.services.syncthing.user}" - ) - { - return polkit.Result.YES; - } - }) - ''; +{ config, ... }: + +{ + services.syncthing = { + enable = true; + user = "toast"; + group = "users"; + dataDir = config.users.users.toast.home; + settings.folders."passwords".path = "~/Documents/Passwords"; + }; + # Allow regular users to stop syncthing + # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "syncthing.service" && + subject.user == "${config.services.syncthing.user}" + ) + { + return polkit.Result.YES; + } + }) + ''; } diff --git a/roles/gaming/default.nix b/roles/gaming/default.nix index 2d8f4ab..cccac83 100644 --- a/roles/gaming/default.nix +++ b/roles/gaming/default.nix @@ -1,6 +1,8 @@ -{...}: { - imports = [ - ./programs - ./services - ]; +{ ... }: + +{ + imports = [ + ./programs + ./services + ]; } diff --git a/roles/gaming/programs/default.nix b/roles/gaming/programs/default.nix index 445b615..8e5776f 100755 --- a/roles/gaming/programs/default.nix +++ b/roles/gaming/programs/default.nix @@ -1,12 +1,14 @@ -{pkgs, ...}: { - imports = [ - ./steam.nix - ./mangohud.nix - ./rpcs3.nix - ./retroarch.nix - ]; - environment.systemPackages = with pkgs; [ - heroic - prismlauncher-qt5 - ]; +{ config, pkgs, ... }: + +{ + imports = [ + ./steam.nix + ./mangohud.nix + ./rpcs3.nix + ./retroarch.nix + ]; + environment.systemPackages = with pkgs; [ + heroic + prismlauncher-qt5 + ]; } diff --git a/roles/gaming/programs/mangohud.nix b/roles/gaming/programs/mangohud.nix index 91e4675..fe418d4 100644 --- a/roles/gaming/programs/mangohud.nix +++ b/roles/gaming/programs/mangohud.nix @@ -1,13 +1,16 @@ -{...}: { - home-manager.users.toast = {...}: { - programs.mangohud = { - enable = true; - # This only works for Vulkan, openGL programs still need the mangohud wrapper - enableSessionWide = true; - settings = { - preset = 4; - no_display = true; - }; - }; - }; +{ config, ... }: + +{ + home-manager.users.toast = { config, ... }: + { + programs.mangohud = { + enable = true; + # This only works for Vulkan, openGL programs still need the mangohud wrapper + enableSessionWide = true; + settings = { + preset = 4; + no_display = true; + }; + }; + }; } diff --git a/roles/gaming/programs/retroarch.nix b/roles/gaming/programs/retroarch.nix index 3088ab2..5f47ca2 100644 --- a/roles/gaming/programs/retroarch.nix +++ b/roles/gaming/programs/retroarch.nix @@ -1,79 +1,79 @@ -{pkgs, ...}: let +{ pkgs, ... }: +let snes-roms = [ # ActRaiser - (pkgs.fetchzip { + ( pkgs.fetchzip { url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/ActRaiser%20%28USA%29.zip"; hash = "sha256-yxIL5Pqlp8xsx7wvNO1MlB8ffDjS0xpE+yrEfMj61As="; - }) + } ) # Kirby Super Star - (pkgs.fetchzip { + ( pkgs.fetchzip { url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Kirby%20Super%20Star%20%28USA%29.zip"; hash = "sha256-NX5OjCthf4ZiAhamclRBRk8GiMjZX3JLeShm8sQdDfc="; - }) + } ) # Super Mario Kart - (pkgs.fetchzip { + ( pkgs.fetchzip { url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Super%20Mario%20Kart%20%28USA%29.zip"; hash = "sha256-RLBxPBmBrXCuPdnWE07KamBNgGJ5IntQVUPeij+2HUI="; - }) + } ) ]; -in { +in +{ home-manager.users.toast = { home = { - packages = [ - ( - pkgs.retroarch.override { - cores = with pkgs.libretro; [ - snes9x - ]; - settings = { - video_driver = "vulkan"; - video_fullscreen = "true"; - menu_swap_ok_cancel_buttons = "true"; - input_joypad_driver = "sdl2"; - # Enable touchscreen support - menu_pointer_enable = "true"; + packages = [( + pkgs.retroarch.override { + cores = with pkgs.libretro; [ + snes9x + ]; + settings = { + video_driver = "vulkan"; + video_fullscreen = "true"; + menu_swap_ok_cancel_buttons = "true"; + input_joypad_driver = "sdl2"; + # Enable touchscreen support + menu_pointer_enable = "true"; - # Folder stuffs + # Folder stuffs - # System/BIOS files - system_directory = "~/.local/share/retroarch/system"; - # Downloads - core_assets_directory = "~/.local/share/retroarch/downloads"; - thumbnails_directory = "~/.local/share/retroarch/thumbnails"; - content_database_path = "~/.local/share/retroarch/database/rdb"; - cheat_database_path = "~/.local/share/retroarch/cheats"; - video_filter_dir = "~/.local/share/retroarch/filters/video"; - audio_filter_dir = "~/.local/share/retroarch/filters/audio"; - video_shader_dir = "~/.local/share/retroarch/shaders"; - recording_output_directory = "~/.local/share/retroarch/records"; - overlay_directory = "~/.local/share/retroarch/overlays"; - osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards"; - screenshot_directory = "~/.local/share/retroarch/screenshots"; - playlist_directory = "~/.local/share/retroarch/playlists"; - savefile_directory = "~/.local/share/retroarch/saves"; - savestate_directory = "~/.local/share/retroarch/states"; - log_dir = "~/.local/share/retroarch/logs"; + # System/BIOS files + system_directory = "~/.local/share/retroarch/system"; + # Downloads + core_assets_directory = "~/.local/share/retroarch/downloads"; + thumbnails_directory = "~/.local/share/retroarch/thumbnails"; + content_database_path = "~/.local/share/retroarch/database/rdb"; + cheat_database_path = "~/.local/share/retroarch/cheats"; + video_filter_dir = "~/.local/share/retroarch/filters/video"; + audio_filter_dir = "~/.local/share/retroarch/filters/audio"; + video_shader_dir = "~/.local/share/retroarch/shaders"; + recording_output_directory = "~/.local/share/retroarch/records"; + overlay_directory = "~/.local/share/retroarch/overlays"; + osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards"; + screenshot_directory = "~/.local/share/retroarch/screenshots"; + playlist_directory = "~/.local/share/retroarch/playlists"; + savefile_directory = "~/.local/share/retroarch/saves"; + savestate_directory = "~/.local/share/retroarch/states"; + log_dir = "~/.local/share/retroarch/logs"; - # By default settings has some things that this overrides, so I need to set them myself - libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores"; - joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig"; - assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets"; - }; - } - ) - ]; + # By default settings has some things that this overrides, so I need to set them myself + libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores"; + joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig"; + assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets"; + }; + } + )]; file."Games/Roms/SNES/" = { onChange = '' ${pkgs.retroarch}/bin/retroarch --scan "/home/toast/Games/Roms/SNES" ''; source = pkgs.symlinkJoin { name = "snes-roms"; - paths = [snes-roms]; + paths = [ snes-roms ]; }; }; }; # Retroarch is dumb since it doesn't generate some folders (but it does for others) - systemd.user.tmpfiles.rules = [ + systemd.user.tmpfiles.rules = [ "d /%h/.local/share/retroarch/playlists" "d /%h/.local/share/retroarch/saves" "d /%h/.local/share/retroarch/states" @@ -85,7 +85,7 @@ in { "retroarch" = { label = "RetroArch"; id = "jxuou-2yjnu"; - devices = ["steamdeck" "server" "pc" "winmax2"]; + devices = [ "steamdeck" "server" "pc" "winmax2" ]; path = "~/.local/share/retroarch"; }; }; diff --git a/roles/gaming/programs/rpcs3.nix b/roles/gaming/programs/rpcs3.nix index ef1be51..97d3279 100644 --- a/roles/gaming/programs/rpcs3.nix +++ b/roles/gaming/programs/rpcs3.nix @@ -1,20 +1,20 @@ -{config, ...}: { - environment.systemPackages = with config; [ - nur.repos.ataraxiasjel.rpcs3 - ]; - # Compiling RPCS3 takes quite a while - nix.settings = { - substituters = ["https://ataraxiadev-foss.cachix.org"]; - trusted-public-keys = ["ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058="]; - }; +{ config, pkgs, ... }: - # Increase the memory lock limit - security.pam.loginLimits = [ - { - domain = "*"; - item = "memlock"; - type = "-"; # Applies to both hard and soft limits - value = "unlimited"; - } - ]; +{ + environment.systemPackages = with config; [ + nur.repos.ataraxiasjel.rpcs3 + ]; + # Compiling RPCS3 takes quite a while + nix.settings = { + substituters = [ "https://ataraxiadev-foss.cachix.org" ]; + trusted-public-keys = [ "ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058=" ]; + }; + + # Increase the memory lock limit + security.pam.loginLimits = [{ + domain = "*"; + item = "memlock"; + type = "-"; # Applies to both hard and soft limits + value = "unlimited"; + }]; } diff --git a/roles/gaming/programs/steam.nix b/roles/gaming/programs/steam.nix index baf9b11..321633c 100644 --- a/roles/gaming/programs/steam.nix +++ b/roles/gaming/programs/steam.nix @@ -1,26 +1,21 @@ + { config, pkgs, ... }: + { - config, - pkgs, - ... -}: { - programs.steam = { - enable = true; - # Doubt that I'll use it, but I'll enable it anyways - remotePlay.openFirewall = true; + programs.steam = { + enable = true; + # Doubt that I'll use it, but I'll enable it anyways + remotePlay.openFirewall = true; - extraCompatPackages = with pkgs; [ - proton-ge-bin - ]; - }; + extraCompatPackages = with pkgs; [ + proton-ge-bin + ]; + }; - # Some linux native games (rise of the tomb raider) use alsa for sound - services.pipewire.alsa.enable = - if config.services.pipewire.pulse.enable == true - then true - else false; + # Some linux native games (rise of the tomb raider) use alsa for sound + services.pipewire.alsa.enable = if config.services.pipewire.pulse.enable == true then true else false; - # Celeste mod manager - home-manager.users.toast.services.flatpak.packages = [ - "io.github.everestapi.Olympus" - ]; + # Celeste mod manager + home-manager.users.toast.services.flatpak.packages = [ + "io.github.everestapi.Olympus" + ]; } diff --git a/roles/gaming/services/default.nix b/roles/gaming/services/default.nix index 24b067d..69a706a 100644 --- a/roles/gaming/services/default.nix +++ b/roles/gaming/services/default.nix @@ -1,5 +1,7 @@ -{...}: { - imports = [ - ./syncthing.nix - ]; +{ ... }: + +{ + imports = [ + ./syncthing.nix + ]; } diff --git a/roles/gaming/services/syncthing.nix b/roles/gaming/services/syncthing.nix index 5a1daa0..ed786b6 100644 --- a/roles/gaming/services/syncthing.nix +++ b/roles/gaming/services/syncthing.nix @@ -1,19 +1,21 @@ -{...}: { - /* - This file will sync saves for games that don't have cloud saves - TODO: turn this into a module eventually - */ +{ config, ... }: - services.syncthing.settings.folders = { - "steam-201810" = { - label = "Wolfenstein The New Order Saves"; - id = "laxxf-t2wmy"; - devices = ["steamdeck" "server" "pc"]; - path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/"; - }; - }; - home-manager.users.toast.home.file."steam-201810-ignore" = { - target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore"; - text = "base/qconsole.log\nbase/wolfConfig.cfg"; - }; +{ + /* + This file will sync saves for games that don't have cloud saves + TODO: turn this into a module eventually + */ + + services.syncthing.settings.folders = { + "steam-201810" = { + label = "Wolfenstein The New Order Saves"; + id = "laxxf-t2wmy"; + devices = [ "steamdeck" "server" "pc" ]; + path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/"; + }; + }; + home-manager.users.toast.home.file."steam-201810-ignore" = { + target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore"; + text = "base/qconsole.log\nbase/wolfConfig.cfg"; + }; } diff --git a/roles/kde/default.nix b/roles/kde/default.nix index 363920a..9aaf999 100755 --- a/roles/kde/default.nix +++ b/roles/kde/default.nix @@ -1,7 +1,9 @@ -{...}: { - imports = [ - ./plasma.nix - ./sddm.nix - ./programs - ]; +{ ... }: + +{ + imports = [ + ./plasma.nix + ./sddm.nix + ./programs + ]; } diff --git a/roles/kde/plasma.nix b/roles/kde/plasma.nix index 6cd8e09..45f154f 100644 --- a/roles/kde/plasma.nix +++ b/roles/kde/plasma.nix @@ -1,172 +1,158 @@ +{ config, pkgs, lib, flakeSelf, ... }: + +let + # Set up the default kde options + balooExcludedDirs = lib.strings.intersperse "," [ + "$HOME/.cache/" + "$HOME/.config/" + "$HOME/.local/" + ]; + + baloofilerc = lib.generators.toINI {} { + General = { + # The [$e] part allows you to use environment variables + "exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs; + }; + }; + + # Make custom packages + breezeTint = pkgs.stdenv.mkDerivation { + name = "breeze-tint"; + src = "${pkgs.breeze-qt5}"; + patches = [ ./patches/BreezeTint.patch ]; + installPhase = '' + runHook preInstall + + mkdir -p $out/share/color-schemes/ + cp -r share/color-schemes/* $out/share/color-schemes/ + + runHook postInstall + ''; + }; + + # /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package + plasmaDefaults = pkgs.stdenv.mkDerivation { + name = "toast-plasma-defaults"; + dontUnpack = true; + installPhase = '' + runHook preInstall + + set -x + mkdir -p $out/etc/xdg + echo '${baloofilerc}' > $out/etc/xdg/baloofilerc + + runHook postInstall + ''; + }; + +in + { - config, - pkgs, - lib, - flakeSelf, - ... -}: let - # Set up the default kde options - balooExcludedDirs = lib.strings.intersperse "," [ - "$HOME/.cache/" - "$HOME/.config/" - "$HOME/.local/" - ]; + services.xserver = { + # Enable the Plasma 5 Desktop Environment + desktopManager.plasma5.enable = true; + displayManager.defaultSession = "plasmawayland"; + }; - baloofilerc = lib.generators.toINI {} { - General = { - # The [$e] part allows you to use environment variables - "exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs; - }; - }; + qt.enable = true; - # Make custom packages - breezeTint = pkgs.stdenv.mkDerivation { - name = "breeze-tint"; - src = "${pkgs.breeze-qt5}"; - patches = [./patches/BreezeTint.patch]; - installPhase = '' - runHook preInstall + # GTK apps need dconf to grab the correct theme on Wayland + programs.dconf.enable = true; - mkdir -p $out/share/color-schemes/ - cp -r share/color-schemes/* $out/share/color-schemes/ + # Install the patched Breeze color schemes as well as the plasma default configs + environment.systemPackages = [ breezeTint plasmaDefaults ]; - runHook postInstall - ''; - }; - - # /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package - plasmaDefaults = pkgs.stdenv.mkDerivation { - name = "toast-plasma-defaults"; - dontUnpack = true; - installPhase = '' - runHook preInstall - - set -x - mkdir -p $out/etc/xdg - echo '${baloofilerc}' > $out/etc/xdg/baloofilerc - - runHook postInstall - ''; - }; -in { - services.xserver = { - # Enable the Plasma 5 Desktop Environment - desktopManager.plasma5.enable = true; - displayManager.defaultSession = "plasmawayland"; - }; - - qt.enable = true; - - # GTK apps need dconf to grab the correct theme on Wayland - programs.dconf.enable = true; - - # Install the patched Breeze color schemes as well as the plasma default configs - environment.systemPackages = [breezeTint plasmaDefaults]; - - # Plasma configs should be on all users - home-manager.sharedModules = [ - ( - {config, ...}: let - gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc"; - in { - gtk.gtk2.configLocation = gtk2rc; - # Kde has an annoying habit of overwriting the gtk2 config file - home.file."${gtk2rc}".force = true; - } - ) - { - imports = [flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager]; - gtk = { - enable = true; - # Most apps are dark, so a white cursor is easier to spot - cursorTheme = { - package = pkgs.breeze-qt5; - name = "Breeze_Snow"; - }; - iconTheme = { - package = pkgs.breeze-icons; - name = "breeze-dark"; - }; - theme = { - package = pkgs.breeze-gtk; - name = "Breeze"; - }; - # Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant - gtk3.extraConfig.gtk-application-prefer-dark-theme = true; - gtk4.extraConfig.gtk-application-prefer-dark-theme = true; - }; - home.packages = [ - ( - pkgs.catppuccin-kde.override { - flavour = ["mocha"]; - accents = ["mauve"]; - winDecStyles = ["classic"]; - } - ) - ]; - programs.plasma = { - enable = true; - overrideConfig = true; - # Delete config files that I fully configure here - overrideConfigFiles = [ - "plasmashellrc" - "plasma-org.kde.plasma.desktop-appletsrc" - ]; - workspace = { - clickItemTo = "select"; - cursorTheme = "Breeze_Snow"; - iconTheme = "breeze-dark"; - lookAndFeel = "Catppuccin-Mocha-Mauve"; - theme = "default"; - colorScheme = "CatppuccinMochaMauve"; - }; - kwin = { - titlebarButtons = { - left = ["on-all-desktops" "keep-above-windows"]; - right = ["minimize" "maximize" "close"]; - }; - }; - panels = [ - { - location = "bottom"; - height = 44; - widgets = [ - { - name = "org.kde.plasma.kickoff"; - config.General.icon = "nix-snowflake-white"; - } - "org.kde.plasma.pager" - "org.kde.plasma.icontasks" - "org.kde.plasma.marginsseparator" - "org.kde.plasma.systemtray" - { - name = "org.kde.plasma.digitalclock"; - config.Appearance.showSeconds = "true"; - } - "org.kde.plasma.showdesktop" - ]; - } - ]; - shortcuts = { - "kwin" = { - "Switch One Desktop to the Left" = ["Meta+Ctrl+Left"]; - "Switch One Desktop to the Right" = ["Meta+Ctrl+Right"]; - }; - }; - configFile = { - "kwinrc" = { - "org\\.kde\\.kdecoration2"."BorderSize" = "None"; - "Desktops" = { - "Number" = 2; - "Rows" = 1; - }; - "TabBox"."LayoutName" = "thumbnail_grid"; - }; - "kdeglobals"."General"."AccentColor" = null; - "auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0; - "plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true; - }; - }; - } - ]; + # Plasma configs should be on all users + home-manager.sharedModules = [ + ( + { config, ... }: + let gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc"; in + { + gtk.gtk2.configLocation = gtk2rc; + # Kde has an annoying habit of overwriting the gtk2 config file + home.file."${gtk2rc}".force = true; + } + ) + { + imports = [ flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager ]; + gtk = { + enable = true; + # Most apps are dark, so a white cursor is easier to spot + cursorTheme = { package = pkgs.breeze-qt5; name = "Breeze_Snow"; }; + iconTheme = { package = pkgs.breeze-icons; name = "breeze-dark"; }; + theme = { package = pkgs.breeze-gtk; name = "Breeze"; }; + # Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant + gtk3.extraConfig.gtk-application-prefer-dark-theme = true; + gtk4.extraConfig.gtk-application-prefer-dark-theme = true; + }; + home.packages = [( + pkgs.catppuccin-kde.override { + flavour = [ "mocha" ]; + accents = [ "mauve" ]; + winDecStyles = [ "classic" ]; + } + )]; + programs.plasma = { + enable = true; + overrideConfig = true; + # Delete config files that I fully configure here + overrideConfigFiles = [ + "plasmashellrc" + "plasma-org.kde.plasma.desktop-appletsrc" + ]; + workspace = { + clickItemTo = "select"; + cursorTheme = "Breeze_Snow"; + iconTheme = "breeze-dark"; + lookAndFeel = "Catppuccin-Mocha-Mauve"; + theme = "default"; + colorScheme = "CatppuccinMochaMauve"; + }; + kwin = { + titlebarButtons = { + left = [ "on-all-desktops" "keep-above-windows" ]; + right = [ "minimize" "maximize" "close" ]; + }; + }; + panels = [{ + location = "bottom"; + height = 44; + widgets = [ + { + name = "org.kde.plasma.kickoff"; + config.General.icon = "nix-snowflake-white"; + } + "org.kde.plasma.pager" + "org.kde.plasma.icontasks" + "org.kde.plasma.marginsseparator" + "org.kde.plasma.systemtray" + { + name = "org.kde.plasma.digitalclock"; + config.Appearance.showSeconds = "true"; + } + "org.kde.plasma.showdesktop" + ]; + }]; + shortcuts = { + "kwin" = { + "Switch One Desktop to the Left" = [ "Meta+Ctrl+Left" ]; + "Switch One Desktop to the Right" = [ "Meta+Ctrl+Right" ]; + }; + }; + configFile = { + "kwinrc" = { + "org\\.kde\\.kdecoration2"."BorderSize" = "None"; + "Desktops" = { + "Number" = 2; + "Rows" = 1; + }; + "TabBox"."LayoutName" = "thumbnail_grid"; + }; + "kdeglobals"."General"."AccentColor" = null; + "auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0; + "plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true; + }; + }; + } + ]; } diff --git a/roles/kde/programs/default.nix b/roles/kde/programs/default.nix index bbfc028..b39dcfc 100644 --- a/roles/kde/programs/default.nix +++ b/roles/kde/programs/default.nix @@ -1,13 +1,15 @@ -{...}: { - imports = [ - ./kate.nix - ./firefox.nix - ./skanpage.nix - ./neochat.nix - ./konsole.nix - ./git.nix - ]; +{ config, ... }: - # Enable the kde partition manager - programs.partition-manager.enable = true; +{ + imports = [ + ./kate.nix + ./firefox.nix + ./skanpage.nix + ./neochat.nix + ./konsole.nix + ./git.nix + ]; + + # Enable the kde partition manager + programs.partition-manager.enable = true; } diff --git a/roles/kde/programs/firefox.nix b/roles/kde/programs/firefox.nix index bbe1638..9892650 100644 --- a/roles/kde/programs/firefox.nix +++ b/roles/kde/programs/firefox.nix @@ -1,30 +1,32 @@ -{...}: { - # KDE specific firefox settings - programs.firefox = { - policies = { - "ExtensionSettings" = { - # TODO: Install extensions the NUR instead of from AMO - "plasma-browser-integration@kde.org" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; - }; - }; - "Preferences" = { - # Make firefox use the kde file picker - "widget.use-xdg-desktop-portal.file-picker" = { - "Value" = 1; - "Status" = "default"; - }; - /* - https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, - but strangely enough doing so makes firefox ask to be set as the default browser - every time you start it up, so I'll disable it - */ - "widget.use-xdg-desktop-portal.mime-handler" = { - "Value" = 0; - "Status" = "default"; - }; - }; - }; - }; +{ config, pkgs, ... }: + +{ + # KDE specific firefox settings + programs.firefox = { + policies = { + "ExtensionSettings" = { + # TODO: Install extensions the NUR instead of from AMO + "plasma-browser-integration@kde.org" = { + "installation_mode" = "normal_installed"; + "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; + }; + }; + "Preferences" = { + # Make firefox use the kde file picker + "widget.use-xdg-desktop-portal.file-picker" = { + "Value" = 1; + "Status" = "default"; + }; + /* + https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, + but strangely enough doing so makes firefox ask to be set as the default browser + every time you start it up, so I'll disable it + */ + "widget.use-xdg-desktop-portal.mime-handler" = { + "Value" = 0; + "Status" = "default"; + }; + }; + }; + }; } diff --git a/roles/kde/programs/git.nix b/roles/kde/programs/git.nix index e4e40d4..9d1c045 100644 --- a/roles/kde/programs/git.nix +++ b/roles/kde/programs/git.nix @@ -1,4 +1,6 @@ -{...}: { +{ pkgs, lib, ... }: + +{ home-manager.users.toast = { programs.git = { extraConfig = { diff --git a/roles/kde/programs/kate.nix b/roles/kde/programs/kate.nix index 7f034fc..9379ba5 100644 --- a/roles/kde/programs/kate.nix +++ b/roles/kde/programs/kate.nix @@ -1,8 +1,10 @@ -{pkgs, ...}: { - environment.systemPackages = [pkgs.kate]; +{ config, pkgs, ... }: - # Use kwrite to open text files, and kate if I'm developing stuff - xdg.mime.defaultApplications = { - "text/plain" = "org.kde.kwrite.desktop"; - }; +{ + environment.systemPackages = [ pkgs.kate ]; + + # Use kwrite to open text files, and kate if I'm developing stuff + xdg.mime.defaultApplications = { + "text/plain" = "org.kde.kwrite.desktop"; + }; } diff --git a/roles/kde/programs/konsole.nix b/roles/kde/programs/konsole.nix index 709903a..0dfdf57 100644 --- a/roles/kde/programs/konsole.nix +++ b/roles/kde/programs/konsole.nix @@ -1,17 +1,17 @@ -{pkgs, ...}: let - catppuccinKonsole = - pkgs.fetchFromGitHub { - owner = "catppuccin"; - repo = "konsole"; - # Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca - rev = "main"; - hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM="; - } - + /Catppuccin-Mocha.colorscheme; -in { +{ pkgs, ... }: +let + catppuccinKonsole = pkgs.fetchFromGitHub { + owner = "catppuccin"; + repo = "konsole"; + # Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca + rev = "main"; + hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM="; + } + /Catppuccin-Mocha.colorscheme; +in +{ home-manager.users.toast = { xdg.dataFile = { "konsole/Catppuccin-Mocha.colorscheme".source = catppuccinKonsole; }; }; -} +} \ No newline at end of file diff --git a/roles/kde/programs/neochat.nix b/roles/kde/programs/neochat.nix index 0e666d4..f2009b3 100644 --- a/roles/kde/programs/neochat.nix +++ b/roles/kde/programs/neochat.nix @@ -1,5 +1,7 @@ -{pkgs, ...}: { +{ pkgs, ... }: + +{ home-manager.users.toast = { - home.packages = [pkgs.neochat]; + home.packages = [ pkgs.neochat ]; }; -} +} \ No newline at end of file diff --git a/roles/kde/programs/skanpage.nix b/roles/kde/programs/skanpage.nix index 08ed4e4..508a7da 100644 --- a/roles/kde/programs/skanpage.nix +++ b/roles/kde/programs/skanpage.nix @@ -1,12 +1,9 @@ +{ config, lib, pkgs, ... }: + { - config, - lib, - pkgs, - ... -}: { - # Only install skanpage if scanning is set up - config = lib.mkIf config.hardware.sane.enable { - environment.systemPackages = [pkgs.skanpage]; - }; - # environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else []; + # Only install skanpage if scanning is set up + config = lib.mkIf config.hardware.sane.enable { + environment.systemPackages = [ pkgs.skanpage ]; + }; +# environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else []; } diff --git a/roles/kde/sddm.nix b/roles/kde/sddm.nix index 8fd3b6a..3fedc02 100644 --- a/roles/kde/sddm.nix +++ b/roles/kde/sddm.nix @@ -1,56 +1,56 @@ +{ config, pkgs, ... }: + +let + currentTheme = config.services.xserver.displayManager.sddm.theme; + + sddm-sugar-candy = pkgs.stdenv.mkDerivation { + pname = "sddm-sugar-candy"; + version = "master"; + src = pkgs.fetchgit { + url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git"; + hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU="; + }; + installPhase = '' + runHook preInstall + + mkdir -p $out/share/sddm/themes/sugar-candy + cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy + + runHook postInstall + ''; + }; + + /* + Adds a theme.conf.user file to the current sddm theme's folder, + allowing you to change it's configuration without needing to + repackage it + */ + customcfg = pkgs.stdenv.mkDerivation { + name = "sddm-theme-customizer"; + dontUnpack = true; + # TODO: generate theme.conf.user outside of installPhase + installPhase = '' + runHook preInstall + + mkdir -p $out/share/sddm/themes/${currentTheme}/ + echo "[General] + background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user + + runHook postInstall + ''; + }; +in + { - config, - pkgs, - ... -}: let - currentTheme = config.services.xserver.displayManager.sddm.theme; + # Enable SDDM. + services.xserver.displayManager.sddm = { + enable = true; + theme = "sugar-candy"; + settings = { + General = { Numlock = "on"; }; + Theme = { CursorTheme = "Breeze_Snow"; }; + }; + }; - sddm-sugar-candy = pkgs.stdenv.mkDerivation { - pname = "sddm-sugar-candy"; - version = "master"; - src = pkgs.fetchgit { - url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git"; - hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU="; - }; - installPhase = '' - runHook preInstall - - mkdir -p $out/share/sddm/themes/sugar-candy - cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy - - runHook postInstall - ''; - }; - - /* - Adds a theme.conf.user file to the current sddm theme's folder, - allowing you to change it's configuration without needing to - repackage it - */ - customcfg = pkgs.stdenv.mkDerivation { - name = "sddm-theme-customizer"; - dontUnpack = true; - # TODO: generate theme.conf.user outside of installPhase - installPhase = '' - runHook preInstall - - mkdir -p $out/share/sddm/themes/${currentTheme}/ - echo "[General] - background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user - - runHook postInstall - ''; - }; -in { - # Enable SDDM. - services.xserver.displayManager.sddm = { - enable = true; - theme = "sugar-candy"; - settings = { - General = {Numlock = "on";}; - Theme = {CursorTheme = "Breeze_Snow";}; - }; - }; - - environment.systemPackages = [sddm-sugar-candy customcfg]; + environment.systemPackages = [ sddm-sugar-candy customcfg ]; } diff --git a/roles/school/default.nix b/roles/school/default.nix index 515d2d6..cb3d38f 100644 --- a/roles/school/default.nix +++ b/roles/school/default.nix @@ -1,6 +1,8 @@ -{...}: { - imports = [ - ./services - ./programs - ]; +{ ... }: + +{ + imports = [ + ./services + ./programs + ]; } diff --git a/roles/school/programs/default.nix b/roles/school/programs/default.nix index 2bbc214..6bc4de6 100644 --- a/roles/school/programs/default.nix +++ b/roles/school/programs/default.nix @@ -1,13 +1,15 @@ -{pkgs, ...}: { - imports = [ - ./virtualbox.nix - ./idea.nix - ./vscode.nix - ./helix.nix - ./unity.nix - ]; + { config, pkgs, ... }: - environment.systemPackages = with pkgs; [ - dia - ]; +{ + imports = [ + ./virtualbox.nix + ./idea.nix + ./vscode.nix + ./helix.nix + ./unity.nix + ]; + + environment.systemPackages = with pkgs; [ + dia + ]; } diff --git a/roles/school/programs/helix.nix b/roles/school/programs/helix.nix index f26c5d0..f28b348 100644 --- a/roles/school/programs/helix.nix +++ b/roles/school/programs/helix.nix @@ -1,4 +1,7 @@ -{pkgs, ...}: { + +{ pkgs, ... }: + +{ home-manager.users.toast = { programs.helix = { extraPackages = with pkgs; [ diff --git a/roles/school/programs/idea.nix b/roles/school/programs/idea.nix index 7f818a5..ea3b5de 100644 --- a/roles/school/programs/idea.nix +++ b/roles/school/programs/idea.nix @@ -1,31 +1,33 @@ -{pkgs, ...}: -with pkgs; { - environment.systemPackages = with jetbrains; [ - idea-ultimate - ]; +{ config, pkgs, ... }: - home-manager.users.toast = { - # Install plugins - home.file = { - ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl { - url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar"; - hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE="; - }; - ".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip { - url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip"; - hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s="; - }; - ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl { - url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar"; - hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY="; - }; - }; +with pkgs; +{ + environment.systemPackages = with jetbrains; [ + idea-ultimate + ]; - /* - If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal - This adds the jdks I want to use to a directory intellij expects jdks to be - */ - home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk"; - home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk"; - }; + home-manager.users.toast = { + # Install plugins + home.file = { + ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl { + url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar"; + hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE="; + }; + ".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip { + url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip"; + hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s="; + }; + ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl { + url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar"; + hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY="; + }; + }; + + /* + If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal + This adds the jdks I want to use to a directory intellij expects jdks to be + */ + home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk"; + home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk"; + }; } diff --git a/roles/school/programs/unity.nix b/roles/school/programs/unity.nix index 88943e1..0a5d1a3 100644 --- a/roles/school/programs/unity.nix +++ b/roles/school/programs/unity.nix @@ -1,9 +1,9 @@ -{pkgs, ...}: { +{ pkgs, ... }: + +{ home-manager.users.toast = { - home.packages = [ - ( - pkgs.unityhub - ) - ]; + home.packages = [( + pkgs.unityhub + )]; }; } diff --git a/roles/school/programs/virtualbox.nix b/roles/school/programs/virtualbox.nix index 58e7ff1..08f95b1 100644 --- a/roles/school/programs/virtualbox.nix +++ b/roles/school/programs/virtualbox.nix @@ -1,15 +1,15 @@ -{...}: { - # Need to use visual studio 2019 :( - virtualisation.virtualbox.host = { - enable = true; - }; - home-manager.sharedModules = [ - { - systemd.user.tmpfiles.rules = [ - "d '/%h/VirtualBox VMs'" - "h '/%h/VirtualBox VMs' - - - - C " - ]; - } - ]; - users.users.toast.extraGroups = ["vboxusers"]; +{ config, ... }: + +{ + # Need to use visual studio 2019 :( + virtualisation.virtualbox.host = { + enable = true; + }; + home-manager.sharedModules = [{ + systemd.user.tmpfiles.rules = [ + "d '/%h/VirtualBox VMs'" + "h '/%h/VirtualBox VMs' - - - - C " + ]; + }]; + users.users.toast.extraGroups = [ "vboxusers" ]; } diff --git a/roles/school/programs/vscode.nix b/roles/school/programs/vscode.nix index e39e633..fa55360 100644 --- a/roles/school/programs/vscode.nix +++ b/roles/school/programs/vscode.nix @@ -1,23 +1,18 @@ +{ config, pkgs, lib, flakeSelf, ... }: +let inputs = flakeSelf.inputs; in { - pkgs, - lib, - flakeSelf, - ... -}: let - inputs = flakeSelf.inputs; -in { - home-manager.users.toast.programs.vscode = { - # The redhat xml extension needs an fhs environment - package = lib.mkForce pkgs.vscodium-fhs; - extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [ - open-vsx.redhat.vscode-xml - open-vsx.tomoki1207.pdf - open-vsx.ms-vscode.live-server - open-vsx.ecmel.vscode-html-css - open-vsx.angular.ng-template - ]; - userSettings = { - redhat.telemetry.enabled = false; - }; - }; + home-manager.users.toast.programs.vscode = { + # The redhat xml extension needs an fhs environment + package = lib.mkForce pkgs.vscodium-fhs; + extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [ + open-vsx.redhat.vscode-xml + open-vsx.tomoki1207.pdf + open-vsx.ms-vscode.live-server + open-vsx.ecmel.vscode-html-css + open-vsx.angular.ng-template + ]; + userSettings = { + redhat.telemetry.enabled = false; + }; + }; } diff --git a/roles/school/services/default.nix b/roles/school/services/default.nix index 350d7bd..0fa68eb 100644 --- a/roles/school/services/default.nix +++ b/roles/school/services/default.nix @@ -1,8 +1,10 @@ -{...}: { - imports = [ - ./syncthing.nix - ./mysql.nix - ./xampp.nix - ./mongodb.nix - ]; +{ ... }: + +{ + imports = [ + ./syncthing.nix + ./mysql.nix + ./xampp.nix + ./mongodb.nix + ]; } diff --git a/roles/school/services/mongodb.nix b/roles/school/services/mongodb.nix index 75f7c7a..cb8cee1 100644 --- a/roles/school/services/mongodb.nix +++ b/roles/school/services/mongodb.nix @@ -1,34 +1,31 @@ +{ config, pkgs, lib, ... }: + { - config, - pkgs, - lib, - ... -}: { - services.mongodb = { - enable = true; - package = pkgs.mongodb-4_4; - user = "toast"; - }; + services.mongodb = { + enable = true; + package = pkgs.mongodb-4_4; + user = "toast"; + }; - # Don't autostart MySQL - systemd.services.mongodb.wantedBy = lib.mkForce []; + # Don't autostart MySQL + systemd.services.mongodb.wantedBy = lib.mkForce []; - # Allow regular users to start/stop mongodb - # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "mongodb.service" && - subject.user == "${config.services.mongodb.user}" - ) - { - return polkit.Result.YES; - } - }) - ''; + # Allow regular users to start/stop mongodb + # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "mongodb.service" && + subject.user == "${config.services.mongodb.user}" + ) + { + return polkit.Result.YES; + } + }) + ''; - environment.systemPackages = with pkgs; [ - mongosh - ]; + environment.systemPackages = with pkgs; [ + mongosh + ]; } diff --git a/roles/school/services/mysql.nix b/roles/school/services/mysql.nix index fbbd3f9..c4e08e9 100644 --- a/roles/school/services/mysql.nix +++ b/roles/school/services/mysql.nix @@ -1,36 +1,33 @@ +{ config, pkgs, lib, ... }: + { - config, - pkgs, - lib, - ... -}: { - services.mysql = { - enable = true; - package = pkgs.mysql80; - user = "toast"; - group = "users"; - }; + services.mysql = { + enable = true; + package = pkgs.mysql80; + user = "toast"; + group = "users"; + }; - # Don't autostart MySQL - systemd.services.mysql.wantedBy = lib.mkForce []; + # Don't autostart MySQL + systemd.services.mysql.wantedBy = lib.mkForce []; - # Allow regular users to start/stop mysql - # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "mysql.service" && - subject.user == "${config.services.mysql.user}" - ) - { - return polkit.Result.YES; - } - }) - ''; + # Allow regular users to start/stop mysql + # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "mysql.service" && + subject.user == "${config.services.mysql.user}" + ) + { + return polkit.Result.YES; + } + }) + ''; - environment.systemPackages = with pkgs; [ - mysql-workbench - mycli - ]; + environment.systemPackages = with pkgs; [ + mysql-workbench + mycli + ]; } diff --git a/roles/school/services/syncthing.nix b/roles/school/services/syncthing.nix index 84cd213..a649b75 100644 --- a/roles/school/services/syncthing.nix +++ b/roles/school/services/syncthing.nix @@ -1,10 +1,12 @@ -{...}: { - services.syncthing.settings.folders = { - "school-things" = { - label = "School things"; - id = "z6alc-nfoqr"; - devices = ["steamdeck" "server" "pc" "winmax2"]; - path = "~/Documents/School things"; - }; - }; +{ config, ... }: + +{ + services.syncthing.settings.folders = { + "school-things" = { + label = "School things"; + id = "z6alc-nfoqr"; + devices = [ "steamdeck" "server" "pc" "winmax2" ]; + path = "~/Documents/School things"; + }; + }; } diff --git a/roles/school/services/xampp.nix b/roles/school/services/xampp.nix index 26ee73b..99f65bf 100644 --- a/roles/school/services/xampp.nix +++ b/roles/school/services/xampp.nix @@ -1,34 +1,36 @@ -{pkgs, ...}: let - booDark = pkgs.fetchzip { - url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip"; - hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo="; - }; -in { - # I tried setting up httpd + php in class but I just gave up - virtualisation.oci-containers = { - containers."xampp" = { - autoStart = false; - image = "tomsik68/xampp"; - #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; - volumes = [ - "xampp-mysql:/opt/lampp/var/mysql" - # No dark mode installed by default :( - "${booDark}:/opt/lampp/phpmyadmin/themes/booDark" - ]; - ports = ["41061:22" "41062:80"]; - }; - }; +{ config, pkgs, ... }: +let + booDark = pkgs.fetchzip { + url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip"; + hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo="; + }; +in +{ + # I tried setting up httpd + php in class but I just gave up + virtualisation.oci-containers = { + containers."xampp" = { + autoStart = false; + image = "tomsik68/xampp"; + #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; + volumes = [ + "xampp-mysql:/opt/lampp/var/mysql" + # No dark mode installed by default :( + "${booDark}:/opt/lampp/phpmyadmin/themes/booDark" + ]; + ports = [ "41061:22" "41062:80" ]; + }; + }; - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if ( - action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "podman-xampp.service" && - subject.user == "toast" - ) - { - return polkit.Result.YES; - } - }) - ''; -} + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "podman-xampp.service" && + subject.user == "toast" + ) + { + return polkit.Result.YES; + } + }) + ''; +} \ No newline at end of file diff --git a/roles/server/avahi.nix b/roles/server/avahi.nix index b0d3798..9302bb7 100755 --- a/roles/server/avahi.nix +++ b/roles/server/avahi.nix @@ -1,9 +1,11 @@ -{...}: { - services.avahi = { - openFirewall = true; - publish = { - enable = true; - userServices = true; - }; - }; -} +{ config, ... }: + +{ + services.avahi = { + openFirewall = true; + publish = { + enable = true; + userServices = true; + }; + }; +} \ No newline at end of file diff --git a/roles/server/beep.nix b/roles/server/beep.nix index f8be721..b454726 100755 --- a/roles/server/beep.nix +++ b/roles/server/beep.nix @@ -1,16 +1,16 @@ -{pkgs, ...}: { - # Beep as soon as possible in the initrd - boot.initrd = { - kernelModules = ["pcspkr"]; - extraFiles.beep.source = pkgs.beep; - postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2"; - }; - /* - systemd.services.startupBeep = { - description = "Beep when system started booting"; - wantedBy = [ "sysinit.target" ]; - script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2"; - serviceConfig = { Type = "oneshot"; }; - }; - */ +{ config, pkgs, ... }: + +{ + # Beep as soon as possible in the initrd + boot.initrd = { + kernelModules = [ "pcspkr" ]; + extraFiles.beep.source = pkgs.beep; + postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2"; + }; + /*systemd.services.startupBeep = { + description = "Beep when system started booting"; + wantedBy = [ "sysinit.target" ]; + script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2"; + serviceConfig = { Type = "oneshot"; }; + };*/ } diff --git a/roles/server/ddclient.nix b/roles/server/ddclient.nix index d747a30..5a88f7f 100755 --- a/roles/server/ddclient.nix +++ b/roles/server/ddclient.nix @@ -1,20 +1,20 @@ -{ - config, - flakeSelf, - ... -}: let - hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; -in { - # Set up secrets - age.secrets = {ddclient-passwd.file = hostSecrets + "/ddclient-password.age";}; +{ config, flakeSelf, ... }: - services.ddclient = { - enable = true; - use = "web, web=dynamicdns.park-your-domain.com/getip"; - protocol = "namecheap"; - server = "dynamicdns.park-your-domain.com"; - username = "toast003.xyz"; - passwordFile = config.age.secrets.ddclient-passwd.path; - domains = ["@"]; - }; +let + hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; +in + +{ + # Set up secrets + age.secrets = { ddclient-passwd.file = hostSecrets + "/ddclient-password.age"; }; + + services.ddclient = { + enable = true; + use = "web, web=dynamicdns.park-your-domain.com/getip"; + protocol = "namecheap"; + server = "dynamicdns.park-your-domain.com"; + username = "toast003.xyz"; + passwordFile = config.age.secrets.ddclient-passwd.path; + domains = [ "@" ]; + }; } diff --git a/roles/server/default.nix b/roles/server/default.nix index aa16bef..a52b02b 100755 --- a/roles/server/default.nix +++ b/roles/server/default.nix @@ -1,18 +1,20 @@ -{...}: { - imports = [ - ./avahi.nix - ./nfs.nix - ./samba.nix - ./ssh.nix - ./forgejo.nix - ./syncthing.nix - ./endlessh.nix - ./transmission.nix - ./ddclient.nix - ./beep.nix - ./tailscale.nix - ./traefik.nix - ./minecraft.nix - ./dns.nix - ]; +{ ... }: + +{ + imports = [ + ./avahi.nix + ./nfs.nix + ./samba.nix + ./ssh.nix + ./forgejo.nix + ./syncthing.nix + ./endlessh.nix + ./transmission.nix + ./ddclient.nix + ./beep.nix + ./tailscale.nix + ./traefik.nix + ./minecraft.nix + ./dns.nix + ]; } diff --git a/roles/server/dns.nix b/roles/server/dns.nix index 22c91de..600dfc1 100644 --- a/roles/server/dns.nix +++ b/roles/server/dns.nix @@ -1,20 +1,22 @@ -{...}: { +{ ... }: + +{ services.dnsmasq = { enable = true; - + # Only using this for tailscale IPs, so better to let tailscale itself deal with it resolveLocalQueries = false; - + settings = { - listen-address = ["100.73.96.48"]; - + listen-address = [ "100.73.96.48" ]; + /* Dnsmasq tries to use the tailscale dns server, which is bad cause that points to dnsmasq From the little testing I have done it seems to not cause any issues, but better to be safe than sorry :P */ dns-loop-detect = true; - + # If this isn't set a cname that targets a host might return the wrong ip localise-queries = true; ## IPv6 is not a thing in Spain so I'm guaranteed to not use it @@ -27,11 +29,11 @@ # Add tailscale hosts networking.hosts = { - "100.73.96.48" = ["everest"]; - "100.113.139.93" = ["archie"]; - "100.85.48.85" = ["steamdeck"]; - "100.96.92.13" = ["surfecego"]; - "100.106.73.20" = ["winmax2"]; + "100.73.96.48" = [ "everest" ]; + "100.113.139.93" = [ "archie" ]; + "100.85.48.85" = [ "steamdeck" ]; + "100.96.92.13" = [ "surfecego" ]; + "100.106.73.20" = [ "winmax2" ]; }; # Dnsmasq conflicts with the resolved dns stub listener diff --git a/roles/server/endlessh.nix b/roles/server/endlessh.nix index 9650d7c..6646d1e 100755 --- a/roles/server/endlessh.nix +++ b/roles/server/endlessh.nix @@ -1,8 +1,10 @@ -{...}: { - # I prefer using the go implementation - services.endlessh-go = { - enable = true; - openFirewall = true; - extraOptions = ["-alsologtostderr" "-v=1"]; - }; -} +{ config, ... }: + +{ + # I prefer using the go implementation + services.endlessh-go = { + enable = true; + openFirewall = true; + extraOptions = [ "-alsologtostderr" "-v=1"] ; + }; +} \ No newline at end of file diff --git a/roles/server/forgejo.nix b/roles/server/forgejo.nix index b8f04c9..7075395 100644 --- a/roles/server/forgejo.nix +++ b/roles/server/forgejo.nix @@ -1,8 +1,6 @@ +{ config, lib, ... }: + { - config, - lib, - ... -}: { specialisation.forgejoEnableRegistration.configuration.services.forgejo.settings.service.DISABLE_REGISTRATION = false; services.forgejo = { enable = true; @@ -24,7 +22,7 @@ }; # Add a cname for forgejo - services.dnsmasq.settings.cname = ["git.everest.sable-pancake.ts.net,everest"]; + services.dnsmasq.settings.cname = [ "git.everest.sable-pancake.ts.net,everest" ]; # Set up traefik as the reverse proxy for Forgejo services.traefik = { @@ -37,7 +35,7 @@ }; }; services.forgejo.loadBalancer.servers = [ - {url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";} + { url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; } ]; }; }; diff --git a/roles/server/minecraft.nix b/roles/server/minecraft.nix index 5743b39..50a01cc 100644 --- a/roles/server/minecraft.nix +++ b/roles/server/minecraft.nix @@ -1,116 +1,115 @@ +{ config, pkgs, flakeSelf, ... }: +let + atfc = builtins.fetchurl { + url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download"; + sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x"; + }; + puffish_skills = builtins.fetchurl { + url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download"; + sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil"; + }; + spark = builtins.fetchurl { + url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download"; + sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x"; + }; + + port = 25565; + users = config.users; +in { - config, - pkgs, - flakeSelf, - ... -}: let - atfc = builtins.fetchurl { - url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download"; - sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x"; - }; - puffish_skills = builtins.fetchurl { - url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download"; - sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil"; - }; - spark = builtins.fetchurl { - url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download"; - sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x"; - }; + users = { + groups.minecraft = { + members = [ "toast" ]; + gid = 987; + }; + users.atfc = { + isSystemUser = true; + uid = 988; + group = "minecraft"; + home = "/var/lib/minecraft/atfc"; + homeMode = "750"; + createHome = true; + }; + }; + + virtualisation.oci-containers = { + containers."minecraft-atfc" = { + autoStart = true; + image = "itzg/minecraft-server"; + #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; + environment = { + TZ = "Europe/Madrid"; + EULA = "true"; + TYPE = "forge"; + MEMORY = "2G"; + UID = toString users.users.atfc.uid; + GID = toString users.groups.minecraft.gid; + VERSION = "1.18.2"; + FORGE_VERSION = "40.2.10"; + GENERIC_PACK = "/modpack.zip"; + #USE_AIKAR_FLAGS = "true"; + + #STOP_DURATION = "70"; + STOP_SERVER_ANNOUNCE_DELAY = "25"; - port = 25565; - users = config.users; -in { - users = { - groups.minecraft = { - members = ["toast"]; - gid = 987; - }; - users.atfc = { - isSystemUser = true; - uid = 988; - group = "minecraft"; - home = "/var/lib/minecraft/atfc"; - homeMode = "750"; - createHome = true; - }; - }; + # server.properties + MOTD = "Toast's modded minecraft server"; + DIFFICULTY = "hard"; + SNOOPER_ENABLED = "false"; + SPAWN_PROTECTION = "0"; + LEVEL_TYPE = "tfc:tng"; + BROADCAST_CONSOLE_TO_OPS = "true"; + BROADCAST_RCON_TO_OPS = "true"; + VIEW_DISTANCE = "16"; + MAX_PLAYERS = "4"; - virtualisation.oci-containers = { - containers."minecraft-atfc" = { - autoStart = true; - image = "itzg/minecraft-server"; - #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; - environment = { - TZ = "Europe/Madrid"; - EULA = "true"; - TYPE = "forge"; - MEMORY = "2G"; - UID = toString users.users.atfc.uid; - GID = toString users.groups.minecraft.gid; - VERSION = "1.18.2"; - FORGE_VERSION = "40.2.10"; - GENERIC_PACK = "/modpack.zip"; - #USE_AIKAR_FLAGS = "true"; + RCON_CMDS_LAST_DISCONNECT = "save-all"; + + OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff"; + EXISTING_OPS_FILE = "synchronize"; - #STOP_DURATION = "70"; - STOP_SERVER_ANNOUNCE_DELAY = "25"; + WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7"; + EXISTING_WHITELIST_FILE = "synchronize"; - # server.properties - MOTD = "Toast's modded minecraft server"; - DIFFICULTY = "hard"; - SNOOPER_ENABLED = "false"; - SPAWN_PROTECTION = "0"; - LEVEL_TYPE = "tfc:tng"; - BROADCAST_CONSOLE_TO_OPS = "true"; - BROADCAST_RCON_TO_OPS = "true"; - VIEW_DISTANCE = "16"; - MAX_PLAYERS = "4"; + # Auto pause needs this + MAX_TICK_TIME = "-1"; + AUTOPAUSE_KNOCK_INTERFACE = "tap0"; + ENABLE_AUTOPAUSE = "true"; + }; + extraOptions = [ + "--network=slirp4netns:port_handler=slirp4netns" + "--cap-add=CAP_NET_RAW" + ]; + + volumes = [ + "${atfc}:/modpack.zip" + "${puffish_skills}:/mods/puffish_skills.jar" + "${spark}:/mods/spark.jar" + "${users.users.atfc.home}:/data" + #"/tmp/minecraft:/data" + ]; + ports = [ "25565:${toString port}" ]; + }; + }; + + networking.firewall.allowedTCPPorts = [ port ]; - RCON_CMDS_LAST_DISCONNECT = "save-all"; - - OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff"; - EXISTING_OPS_FILE = "synchronize"; - - WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7"; - EXISTING_WHITELIST_FILE = "synchronize"; - - # Auto pause needs this - MAX_TICK_TIME = "-1"; - AUTOPAUSE_KNOCK_INTERFACE = "tap0"; - ENABLE_AUTOPAUSE = "true"; - }; - extraOptions = [ - "--network=slirp4netns:port_handler=slirp4netns" - "--cap-add=CAP_NET_RAW" - ]; - - volumes = [ - "${atfc}:/modpack.zip" - "${puffish_skills}:/mods/puffish_skills.jar" - "${spark}:/mods/spark.jar" - "${users.users.atfc.home}:/data" - #"/tmp/minecraft:/data" - ]; - ports = ["25565:${toString port}"]; - }; - }; - - networking.firewall.allowedTCPPorts = [port]; - - # anything-sync-daemon config - systemd.packages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon]; - environment.systemPackages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon]; - fileSystems.minecraftTmpfs = { - device = "none"; - fsType = "tmpfs"; - mountPoint = "/mnt/minecraftTmpfs"; - options = ["size=4G "]; - }; - environment.etc."asd.conf".text = '' WHATTOSYNC=('/var/lib/minecraft') - VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}" - USE_OVERLAYFS="yes" ''; - systemd.services.asd = { - wantedBy = ["podman-minecraft-atfc.service"]; - before = ["podman-minecraft-atfc.service"]; - }; + # anything-sync-daemon config + systemd.packages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ]; + environment.systemPackages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ]; + fileSystems.minecraftTmpfs = { + device = "none"; + fsType = "tmpfs"; + mountPoint = "/mnt/minecraftTmpfs"; + options = [ "size=4G "]; + }; + environment.etc."asd.conf".text = +''WHATTOSYNC=('/var/lib/minecraft') +VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}" +USE_OVERLAYFS="yes" ''; + systemd.services.asd = { + wantedBy = [ "podman-minecraft-atfc.service" ]; + before = [ "podman-minecraft-atfc.service" ]; + }; + } diff --git a/roles/server/nfs.nix b/roles/server/nfs.nix index 5122cc7..d91dd87 100755 --- a/roles/server/nfs.nix +++ b/roles/server/nfs.nix @@ -1,34 +1,36 @@ -{config, ...}: { - services = { - nfs.server = { - enable = true; - exports = '' - ${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid}) - ''; - # NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall - statdPort = 4000; - lockdPort = 4001; - mountdPort = 4002; - }; +{ config, lib, ... }: - avahi.extraServiceFiles = { - Transmission-downloads-nfs = '' - - - - Transmission Downloads on %h (NFS) - - _nfs._tcp - 2049 - path=${config.services.transmission.settings.download-dir} - - - ''; - }; - }; +{ + services = { + nfs.server = { + enable = true; + exports = '' + ${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid}) + ''; + # NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall + statdPort = 4000; + lockdPort = 4001; + mountdPort = 4002; + }; - networking.firewall = { - allowedTCPPorts = [111 2049 4000 40001 4002]; - allowedUDPPorts = [111 2049 4000 40001 4002]; - }; + avahi.extraServiceFiles = { + Transmission-downloads-nfs = '' + + + + Transmission Downloads on %h (NFS) + + _nfs._tcp + 2049 + path=${config.services.transmission.settings.download-dir} + + +''; + }; + }; + + networking.firewall = { + allowedTCPPorts = [ 111 2049 4000 40001 4002 ]; + allowedUDPPorts = [ 111 2049 4000 40001 4002 ]; + }; } diff --git a/roles/server/samba.nix b/roles/server/samba.nix index f4fd086..dcd25aa 100755 --- a/roles/server/samba.nix +++ b/roles/server/samba.nix @@ -1,35 +1,37 @@ -{config, ...}: { - services = { - samba = { - enable = true; - openFirewall = true; - extraConfig = '' - map to guest = bad user - guest account = transmission - ''; - shares = { - "Transmission downloads" = { - path = "${config.services.transmission.settings.download-dir}"; - "read only" = true; - public = true; - "guest only" = true; - browseable = true; - }; - }; - }; +{ config, lib, ... }: - avahi.extraServiceFiles = { - Transmission-downloads-smb = '' - - - - SMB shares on %h - - _smb._tcp - 139 - - - ''; - }; - }; +{ + services = { + samba = { + enable = true; + openFirewall = true; + extraConfig = '' +map to guest = bad user +guest account = transmission +''; + shares = { + "Transmission downloads" = { + path = "${config.services.transmission.settings.download-dir}"; + "read only" = true; + public = true; + "guest only" = true; + browseable = true; + }; + }; + }; + + avahi.extraServiceFiles = { + Transmission-downloads-smb = '' + + + + SMB shares on %h + + _smb._tcp + 139 + + +''; + }; + }; } diff --git a/roles/server/ssh.nix b/roles/server/ssh.nix index ede04a3..576cd3b 100755 --- a/roles/server/ssh.nix +++ b/roles/server/ssh.nix @@ -1,10 +1,12 @@ -{...}: { - services.openssh = { - enable = true; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - startWhenNeeded = true; - }; +{ config, ... }: + +{ + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; + startWhenNeeded = true; + }; } diff --git a/roles/server/syncthing.nix b/roles/server/syncthing.nix index b0e8f8c..1d2b61f 100755 --- a/roles/server/syncthing.nix +++ b/roles/server/syncthing.nix @@ -1,55 +1,57 @@ -{config, ...}: { - services.syncthing = { - enable = true; - key = config.age.secrets.syncthingKey.path; - cert = config.age.secrets.syncthingCert.path; - guiAddress = "0.0.0.0:8384"; - settings.folders = { - "passwords" = { - path = "${config.services.syncthing.dataDir}/passwords"; - }; - "school-things" = { - label = "School things"; - id = "z6alc-nfoqr"; - devices = ["steamdeck" "server" "pc" "winmax2"]; - path = "${config.services.syncthing.dataDir}/school-things"; - }; - "steam-201810" = { - label = "Wolfenstein The New Order Saves"; - id = "laxxf-t2wmy"; - devices = ["steamdeck" "server" "pc" "winmax2"]; - path = "${config.services.syncthing.dataDir}/steam-201810"; - }; - "retroarch" = { - label = "RetroArch"; - id = "jxuou-2yjnu"; - devices = ["steamdeck" "server" "pc" "winmax2"]; - path = "${config.services.syncthing.dataDir}/retroarch"; - }; - }; - }; - systemd.services.syncthing.serviceConfig = { - # Allow syncthing to change ownership of files - AmbientCapabilities = "CAP_CHOWN CAP_FOWNER"; - }; +{ config, ... }: - # Add a cname for syncthing - services.dnsmasq.settings.cname = ["sync.everest.sable-pancake.ts.net,everest"]; +{ + services.syncthing = { + enable = true; + key = config.age.secrets.syncthingKey.path; + cert = config.age.secrets.syncthingCert.path; + guiAddress = "0.0.0.0:8384"; + settings.folders = { + "passwords" = { + path = "${config.services.syncthing.dataDir}/passwords"; + }; + "school-things" = { + label = "School things"; + id = "z6alc-nfoqr"; + devices = [ "steamdeck" "server" "pc" "winmax2" ]; + path = "${config.services.syncthing.dataDir}/school-things"; + }; + "steam-201810" = { + label = "Wolfenstein The New Order Saves"; + id = "laxxf-t2wmy"; + devices = [ "steamdeck" "server" "pc" "winmax2" ]; + path = "${config.services.syncthing.dataDir}/steam-201810"; + }; + "retroarch"= { + label = "RetroArch"; + id = "jxuou-2yjnu"; + devices = [ "steamdeck" "server" "pc" "winmax2" ]; + path = "${config.services.syncthing.dataDir}/retroarch"; + }; + }; + }; + systemd.services.syncthing.serviceConfig = { + # Allow syncthing to change ownership of files + AmbientCapabilities = "CAP_CHOWN CAP_FOWNER"; + }; - # Set up traefik as the reverse proxy for syncthing - services.traefik = { - dynamicConfigOptions = { - http = { - routers = { - syncthing-subdomain = { - rule = "Host(`sync.everest.sable-pancake.ts.net`)"; - service = "syncthing"; - }; - }; - services.syncthing.loadBalancer.servers = [ - {url = "http://localhost:8384";} - ]; - }; - }; - }; + # Add a cname for syncthing + services.dnsmasq.settings.cname = [ "sync.everest.sable-pancake.ts.net,everest" ]; + + # Set up traefik as the reverse proxy for syncthing + services.traefik = { + dynamicConfigOptions = { + http = { + routers = { + syncthing-subdomain = { + rule = "Host(`sync.everest.sable-pancake.ts.net`)"; + service = "syncthing"; + }; + }; + services.syncthing.loadBalancer.servers = [ + { url = "http://localhost:8384"; } + ]; + }; + }; + }; } diff --git a/roles/server/tailscale.nix b/roles/server/tailscale.nix index d0c6aed..36ba593 100644 --- a/roles/server/tailscale.nix +++ b/roles/server/tailscale.nix @@ -1,6 +1,8 @@ -{...}: { - services.tailscale = { - # This is needed for being an exit node - useRoutingFeatures = "server"; - }; +{ config, ... }: + +{ + services.tailscale = { + # This is needed for being an exit node + useRoutingFeatures = "server"; + }; } diff --git a/roles/server/traefik.nix b/roles/server/traefik.nix index 171f64d..d611211 100644 --- a/roles/server/traefik.nix +++ b/roles/server/traefik.nix @@ -1,31 +1,33 @@ -{...}: { - specialisation.traefikEnableWebUI.configuration.services.traefik = { - staticConfigOptions = { - api = { - # Enable the web ui - insecure = true; - dashboard = true; - }; - }; - }; +{ config, ... }: - services.traefik = { - enable = true; - staticConfigOptions = { - entryPoints = { - http = {address = "100.73.96.48:80";}; - }; - }; - }; +{ + specialisation.traefikEnableWebUI.configuration.services.traefik = { + staticConfigOptions = { + api = { + # Enable the web ui + insecure = true; + dashboard = true; + }; + }; + }; + + services.traefik = { + enable = true; + staticConfigOptions = { + entryPoints = { + http = { address = "100.73.96.48:80"; }; + }; + }; + }; - systemd = { - units.tailscaled.requiredBy = ["traefik.service"]; - # We have somewhat frequent power outages, and our ISP router takes - # ages to boot up. If I don't add a delay, traefik tries to bind to - # the tailscale interface before it's ready, making it crash too much - # in too little time - services.traefik.serviceConfig.RestartSec = 120; - }; + systemd = { + units.tailscaled.requiredBy = [ "traefik.service" ]; + # We have somewhat frequent power outages, and our ISP router takes + # ages to boot up. If I don't add a delay, traefik tries to bind to + # the tailscale interface before it's ready, making it crash too much + # in too little time + services.traefik.serviceConfig.RestartSec = 120; + }; - networking.firewall.allowedTCPPorts = [80 8080]; + networking.firewall.allowedTCPPorts = [ 80 8080 ]; } diff --git a/roles/server/transmission.nix b/roles/server/transmission.nix index 3e64aec..ed17095 100755 --- a/roles/server/transmission.nix +++ b/roles/server/transmission.nix @@ -1,32 +1,34 @@ -{config, ...}: { - services.transmission = { - enable = true; - openFirewall = true; - settings = { - incomplete-dir-enabled = false; - rpc-bind-address = "0.0.0.0"; - rpc-host-whitelist = "transmission.everest.sable-pancake.ts.net"; - rpc-whitelist = "127.0.0.1"; - }; - }; +{ config , ... }: - # Add a cname for transmission - services.dnsmasq.settings.cname = ["transmission.everest.sable-pancake.ts.net,everest"]; +{ + services.transmission = { + enable = true; + openFirewall = true; + settings = { + incomplete-dir-enabled = false; + rpc-bind-address = "0.0.0.0"; + rpc-host-whitelist = "transmission.everest.sable-pancake.ts.net"; + rpc-whitelist = "127.0.0.1"; + }; + }; - # Set up traefik as the reverse proxy for transmission - services.traefik = { - dynamicConfigOptions = { - http = { - routers = { - transmission-subdomain = { - rule = "Host(`transmission.everest.sable-pancake.ts.net`)"; - service = "transmission"; - }; - }; - services.transmission.loadBalancer.servers = [ - {url = "http://localhost:${toString config.services.transmission.settings.rpc-port}";} - ]; - }; - }; - }; + # Add a cname for transmission + services.dnsmasq.settings.cname = [ "transmission.everest.sable-pancake.ts.net,everest" ]; + + # Set up traefik as the reverse proxy for transmission + services.traefik = { + dynamicConfigOptions = { + http = { + routers = { + transmission-subdomain = { + rule = "Host(`transmission.everest.sable-pancake.ts.net`)"; + service = "transmission"; + }; + }; + services.transmission.loadBalancer.servers = [ + { url = "http://localhost:${toString config.services.transmission.settings.rpc-port}"; } + ]; + }; + }; + }; }