Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity

Compare commits

base: Toast:430bafb0b278ae4719f8a0e724cfe49429a188c5
Branches Tags
Toast:main
Toast:plasma-refactor
Toast:headscale
Toast:plasma6
Toast:catppuccin
Toast:kde-stuff
Toast:firefox
Toast:upgrade-to-23.05
..
compare: Toast:e88fb8a16e0eeb94dd27b10a76cba6347ae4235b
Branches Tags
Toast:main
Toast:plasma-refactor
Toast:headscale
Toast:plasma6
Toast:catppuccin
Toast:kde-stuff
Toast:firefox
Toast:upgrade-to-23.05

No commits in common. "430bafb0b278ae4719f8a0e724cfe49429a188c5" and "e88fb8a16e0eeb94dd27b10a76cba6347ae4235b" have entirely different histories.
430bafb0b2 ... e88fb8a16e

102 changed files with 2780 additions and 2744 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.helix/languages.toml
View file

@ -1,3 +0,0 @@
[[language]]
name = "nix"
formatter = { command = "alejandra" }

12
.vscode/settings.json vendored
View file

@ -1,15 +1,5 @@
{ {
"editor.detectIndentation": true, "editor.detectIndentation": true,
"editor.insertSpaces": true, "editor.insertSpaces": true,
"editor.defaultFormatter": "jnoortheen.nix-ide", "editor.defaultFormatter": "jnoortheen.nix-ide"
"nix.formatterPath": "alejandra",
"nix.serverSettings": {
"nil": {
"formatting": {
"command": [
"alejandra"
]
}
}
}
} }

384
flake.nix
View file

@ -1,219 +1,205 @@
{ {
description = "Configuration for Everest"; description = "Configuration for Everest";
inputs = { inputs = {
secrets = { secrets = {
url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets"; url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets";
flake = false; flake = false;
}; };
nixpkgs-raw.url = "nixpkgs/nixos-23.11"; nixpkgs-raw.url = "nixpkgs/nixos-23.11";
nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable"; nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable";
agenix = { agenix = {
url = "github:ryantm/agenix"; url = "github:ryantm/agenix";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs-raw"; nixpkgs.follows = "nixpkgs-raw";
darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies
}; };
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-23.11"; url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs-raw"; inputs.nixpkgs.follows = "nixpkgs-raw";
}; };
home-manager-unstable = { home-manager-unstable = {
url = "github:nix-community/home-manager/"; url = "github:nix-community/home-manager/";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
}; };
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
jovian = { jovian = {
url = "github:Jovian-Experiments/Jovian-NixOS"; url = "github:Jovian-Experiments/Jovian-NixOS";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
}; };
nix-impermanence.url = "github:nix-community/impermanence"; nix-impermanence.url = "github:nix-community/impermanence";
/* /*
These are the same input, just following different nixpkgs versions These are the same input, just following different nixpkgs versions
This avoids some wierdness when using one that follows unstable on a stable nixpkgs This avoids some wierdness when using one that follows unstable on a stable nixpkgs
*/ */
nix-index-db = { nix-index-db = {
url = "github:Mic92/nix-index-database"; url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs-raw"; inputs.nixpkgs.follows = "nixpkgs-raw";
}; };
nix-index-db-unstable = { nix-index-db-unstable = {
url = "github:Mic92/nix-index-database"; url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
}; };
plasma-manager = { plasma-manager = {
url = "github:pjones/plasma-manager"; url = "github:pjones/plasma-manager";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
inputs.home-manager.follows = "home-manager-unstable"; inputs.home-manager.follows = "home-manager-unstable";
}; };
catppuccin-vsc = { catppuccin-vsc = {
url = "github:catppuccin/vscode"; url = "github:catppuccin/vscode";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
}; };
vscode-extensions = { vscode-extensions = {
url = "github:nix-community/nix-vscode-extensions"; url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
};
nix-flatpak.url = "github:gmodena/nix-flatpak/main";
nur.url = "github:nix-community/NUR"; };
}; nix-flatpak.url = "github:gmodena/nix-flatpak/main";
outputs = {...} @ inputs: nur.url = "github:nix-community/NUR";
with inputs; };
# Patch nixpkgs
# https://ertt.ca/nix/patch-nixpkgs/
let
nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {
name = "patched-nixpkgs-unstable";
src = nixpkgs-unstable-raw;
patches = [
];
};
nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {
name = "patched-nixpkgs";
src = nixpkgs-raw;
patches = [
./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch
./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch
];
};
# https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26
nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs {self = inputs.self;};
nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs {self = inputs.self;};
in {
devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell {
name = "toast-devshell";
# The agenix cli is not needed to activate a configuration, so instead of installing it
# I'll just add it to de devShell, since that's the only real time I'm going to use it.
packages = with nixpkgs.legacyPackages.x86_64-linux; [
agenix.packages.x86_64-linux.default
git
nix-diff
just
alejandra
];
shellHook = ''
export PS1="$PS1(toast-configs)> "
'';
};
packages = {
x86_64-linux = with import nixpkgs-unstable-raw {system = "x86_64-linux";}; {
anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {};
discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {};
};
};
nixosConfigurations = {
Archie = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
systemPkgs = inputs.nixpkgs-unstable-raw;
flakeSelf = self;
};
/*
I used to set up nixpkgs in the flake, but doing that made
defining overlays in modules impossible (or at least I could
not figure out how)
Also has nice side effect of making it easier to add new systems :3
*/
modules = [
agenix.nixosModules.default
home-manager-unstable.nixosModule
nix-index-db-unstable.nixosModules.nix-index
./roles/common
./roles/desktop
./roles/kde
./roles/gaming
./roles/school
./machines/Archie
];
};
SurfaceGo = nixpkgs-unstable.lib.nixosSystem { outputs = { ... } @inputs: with inputs;
system = "x86_64-linux"; # Patch nixpkgs
specialArgs = { # https://ertt.ca/nix/patch-nixpkgs/
systemPkgs = inputs.nixpkgs-unstable-raw; let
flakeSelf = self; nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {
}; name = "patched-nixpkgs-unstable";
modules = [ src = nixpkgs-unstable-raw;
agenix.nixosModules.default patches = [
home-manager-unstable.nixosModule ];
nixos-hardware.nixosModules.microsoft-surface-go };
nix-index-db-unstable.nixosModules.nix-index nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {
./roles/common name = "patched-nixpkgs";
./roles/desktop src = nixpkgs-raw;
./roles/kde patches = [
./machines/SurfaceGo ./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch
]; ./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch
}; ];
};
# https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26
nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs { self = inputs.self; };
nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs { self = inputs.self; };
in
{
devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell {
name = "toast-devshell";
# The agenix cli is not needed to activate a configuration, so instead of installing it
# I'll just add it to de devShell, since that's the only real time I'm going to use it.
packages = with nixpkgs.legacyPackages.x86_64-linux; [
agenix.packages.x86_64-linux.default
git
nix-diff
just
nix-diff
];
shellHook =''
export PS1="$PS1(toast-configs)> "
'';
};
packages = {
x86_64-linux = with import nixpkgs-unstable-raw { system = "x86_64-linux"; }; {
anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {};
discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {};
};
};
nixosConfigurations = {
Archie = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; };
/*
I used to set up nixpkgs in the flake, but doing that made
defining overlays in modules impossible (or at least I could
not figure out how)
Also has nice side effect of making it easier to add new systems :3
*/
modules = [
agenix.nixosModules.default
home-manager-unstable.nixosModule
nix-index-db-unstable.nixosModules.nix-index
./roles/common
./roles/desktop
./roles/kde
./roles/gaming
./roles/school
./machines/Archie
];
};
SteamDeck = nixpkgs-unstable.lib.nixosSystem { SurfaceGo = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; };
systemPkgs = inputs.nixpkgs-unstable-raw; modules = [
flakeSelf = self; agenix.nixosModules.default
}; home-manager-unstable.nixosModule
modules = [ nixos-hardware.nixosModules.microsoft-surface-go
agenix.nixosModules.default nix-index-db-unstable.nixosModules.nix-index
jovian.nixosModules.default ./roles/common
home-manager-unstable.nixosModule ./roles/desktop
nix-index-db-unstable.nixosModules.nix-index ./roles/kde
./roles/common ./machines/SurfaceGo
./roles/desktop ];
./roles/kde };
./roles/gaming
./roles/school
./machines/SteamDeck
];
};
WinMax2 = nixpkgs-unstable.lib.nixosSystem { SteamDeck = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; };
systemPkgs = inputs.nixpkgs-unstable-raw; modules = [
flakeSelf = self; agenix.nixosModules.default
}; jovian.nixosModules.default
modules = [ home-manager-unstable.nixosModule
agenix.nixosModules.default nix-index-db-unstable.nixosModules.nix-index
jovian.nixosModules.default ./roles/common
home-manager-unstable.nixosModule ./roles/desktop
nix-index-db-unstable.nixosModules.nix-index ./roles/kde
nixos-hardware.nixosModules.gpd-win-max-2-2023 ./roles/gaming
./roles/common ./roles/school
./roles/desktop ./machines/SteamDeck
./roles/kde ];
./roles/gaming };
./roles/school
./machines/WinMax2
];
};
Everest = nixpkgs.lib.nixosSystem { WinMax2 = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; };
systemPkgs = inputs.nixpkgs-raw; modules = [
flakeSelf = self; agenix.nixosModules.default
}; jovian.nixosModules.default
modules = [ home-manager-unstable.nixosModule
agenix.nixosModules.default nix-index-db-unstable.nixosModules.nix-index
home-manager.nixosModule nixos-hardware.nixosModules.gpd-win-max-2-2023
nix-index-db.nixosModules.nix-index ./roles/common
./roles/common ./roles/desktop
./roles/server ./roles/kde
./machines/Everest ./roles/gaming
]; ./roles/school
}; ./machines/WinMax2
}; ];
}; };
Everest = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { systemPkgs = inputs.nixpkgs-raw; flakeSelf = self; };
modules = [
agenix.nixosModules.default
home-manager.nixosModule
nix-index-db.nixosModules.nix-index
./roles/common
./roles/server
./machines/Everest
];
};
};
};
} }

120
machines/Archie/configuration.nix
View file

@ -1,79 +1,81 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{ {
config, # Use grub boot loader
pkgs, boot.loader = {
... systemd-boot.enable = false;
}: { grub = {
# Use grub boot loader enable = true;
boot.loader = { device = "nodev";
systemd-boot.enable = false; efiSupport = true;
grub = { useOSProber = true;
enable = true; };
device = "nodev"; efi.efiSysMountPoint = "/boot/efi";
efiSupport = true; };
useOSProber = true; boot.loader.efi.canTouchEfiVariables = true;
};
efi.efiSysMountPoint = "/boot/efi";
};
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest; boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest;
networking.hostName = "Archie"; # Define your hostname. networking.hostName = "Archie"; # Define your hostname.
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
# Enable CUPS to print documents. # Enable CUPS to print documents.
# services.printing.enable = true; # services.printing.enable = true;
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
hardware.bluetooth.enable = true;
# List packages installed in system profile. To search, run: hardware.bluetooth.enable = true;
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are # List packages installed in system profile. To search, run:
# started in user sessions. # $ nix search wget
# programs.mtr.enable = true; # environment.systemPackages = with pkgs; [
# programs.gnupg.agent = { # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# enable = true; # wget
# enableSSHSupport = true; # ];
# };
# List services that you want to enable: # Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# Enable the OpenSSH daemon. # List services that you want to enable:
# services.openssh.enable = true;
# Open ports in the firewall. # Enable the OpenSSH daemon.
# networking.firewall.allowedTCPPorts = [ ... ]; # services.openssh.enable = true;
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Open ports in the firewall.
# networking.firewall.enable = false; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/Archie/default.nix
View file

@ -1,6 +1,8 @@
{...}: { { ... }:
imports = [
./configuration.nix {
./hardware-configuration.nix imports = [
]; ./configuration.nix
./hardware-configuration.nix
];
} }

127
machines/Archie/hardware-configuration.nix
View file

@ -1,79 +1,76 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
config, imports =
lib, [ (modulesPath + "/installer/scan/not-detected.nix")
modulesPath, ];
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
# Enable support for the Xbox One wireless dongle # Enable support for the Xbox One wireless dongle
hardware.xone.enable = true; hardware.xone.enable = true;
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = ["amdgpu"]; boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@root" "compress=zstd"]; options = [ "subvol=@root" "compress=zstd" ];
}; };
fileSystems."/nix" = { fileSystems."/nix" =
device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@nix" "compress=zstd"]; options = [ "subvol=@nix" "compress=zstd" ];
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; { device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@boot" "compress=zstd"]; options = [ "subvol=@boot" "compress=zstd" ];
}; };
fileSystems."/boot/efi" = { fileSystems."/boot/efi" =
device = "/dev/disk/by-uuid/FB87-4CBC"; { device = "/dev/disk/by-uuid/FB87-4CBC";
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems = { fileSystems = {
/* /*
Mount the root subvolume of the SSD Mount the root subvolume of the SSD
This is helpful for getting things from This is helpful for getting things from
my old Arch install, as well as for running btdu my old Arch install, as well as for running btdu
*/ */
"/mnt/ssd" = { "/mnt/ssd" = {
device = config.fileSystems."/".device; device = config.fileSystems."/".device;
fsType = config.fileSystems."/".fsType; fsType = config.fileSystems."/".fsType;
options = ["subvolid=5" "ro"]; options = [ "subvolid=5" "ro" ];
}; };
"/mnt/windows" = { "/mnt/windows" = {
device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F"; device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F";
fsType = "ntfs3"; fsType = "ntfs3";
neededForBoot = false; neededForBoot = false;
options = ["noauto" "windows_names"]; options = [ "noauto" "windows_names" ];
}; };
"/home" = { "/home" = {
device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@home" "compress=zstd"]; options = [ "subvol=@home" "compress=zstd" ];
}; };
"/persist" = { "/persist" = {
device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@persist" "compress=zstd"]; options = [ "subvol=@persist" "compress=zstd" ];
neededForBoot = true; neededForBoot = true;
}; };
}; };
swapDevices = []; swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

115
machines/Everest/configuration.nix
View file

@ -1,67 +1,68 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{lib, ...}: {
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 5;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
# I'm using Nix OS, it's logo is a snowflake and the computer is { config, pkgs, lib, ... }:
# a lot taller than the pi it's replacing, so Everest! :3 :3
networking.hostName = "Everest"; # Define your hostname.
# Set up networking {
networking = { # Bootloader.
wireless.enable = false; # Computer doesn't have wifi boot.loader.systemd-boot.enable = true;
enableIPv6 = false; boot.loader.timeout = 5;
useNetworkd = true; boot.loader.efi.canTouchEfiVariables = true;
dhcpcd.enable = false; boot.loader.efi.efiSysMountPoint = "/boot/efi";
interfaces.eno1 = {
wakeOnLan.enable = true;
ipv4.addresses = [
{
address = "192.168.0.160";
prefixLength = 24;
}
];
};
# I use networkd, so I need to declare the interface for the default gateway
defaultGateway = {
address = "192.168.0.1";
interface = "eno1";
};
nameservers = ["9.9.9.9"];
};
# Define a user account. Don't forget to set a password with passwd. # I'm using Nix OS, it's logo is a snowflake and the computer is
users.users.toast = { # a lot taller than the pi it's replacing, so Everest! :3 :3
extraGroups = ["networkmanager" "transmission"]; networking.hostName = "Everest"; # Define your hostname.
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop"
];
};
# Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs # Set up networking
boot.tmp.useTmpfs = false; networking = {
wireless.enable = false; # Computer doesn't have wifi
enableIPv6 = false;
useNetworkd = true;
dhcpcd.enable = false;
interfaces.eno1 = {
wakeOnLan.enable = true;
ipv4.addresses = [ {
address = "192.168.0.160";
prefixLength = 24;
} ];
};
# I use networkd, so I need to declare the interface for the default gateway
defaultGateway = {
address = "192.168.0.1";
interface = "eno1";
};
nameservers = [ "9.9.9.9" ];
};
home-manager = { # Define a user account. Don't forget to set a password with passwd.
users.toast = {config, ...}: { users.users.toast = {
home = { extraGroups = [ "networkmanager" "transmission"];
file = { openssh.authorizedKeys.keys = [
# This symlinks the Transmission downloads folder into my user's downloads folder for easy access "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon"
"Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop"
}; ];
}; };
};
};
# Open ports in the firewall. # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs
# No idea what ports 5201 and 21027 do tho boot.tmp.useTmpfs = false;
networking.firewall.allowedTCPPorts = [5201];
networking.firewall.allowedUDPPorts = [5201 21027]; home-manager = {
# Or disable the firewall altogether. users.toast = { config, ... }: {
# networking.firewall.enable = false; home = {
file = {
# This symlinks the Transmission downloads folder into my user's downloads folder for easy access
"Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads";
};
};
};
};
# Open ports in the firewall.
# No idea what ports 5201 and 21027 do tho
networking.firewall.allowedTCPPorts = [ 5201 ];
networking.firewall.allowedUDPPorts = [ 5201 21027];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
} }

12
machines/Everest/default.nix
View file

@ -1,6 +1,8 @@
{...}: { { ... }:
imports = [
./configuration.nix {
./hardware-configuration.nix imports = [
]; ./configuration.nix
./hardware-configuration.nix
];
} }

103
machines/Everest/hardware-configuration.nix
View file

@ -1,64 +1,61 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
config, imports =
lib, [ (modulesPath + "/installer/scan/not-detected.nix")
modulesPath, ];
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = ["compress=zstd" "subvol=@"]; options = [ "compress=zstd" "subvol=@"];
}; };
"/nix" = { "/nix" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = ["compress=zstd" "subvol=@nix"]; options = [ "compress=zstd" "subvol=@nix" ];
}; };
"/home" = { "/home" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = ["compress=zstd" "subvol=@home"]; options = [ "compress=zstd" "subvol=@home" ];
}; };
"/mnt/hdd" = { "/mnt/hdd" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = ["compress=zstd" "subvol=/" "ro"]; options = [ "compress=zstd" "subvol=/" "ro" ];
}; };
"/persist" = { "/persist" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = ["compress=zstd" "subvol=@persist"]; options = [ "compress=zstd" "subvol=@persist" ];
neededForBoot = true; neededForBoot = true;
}; };
}; };
fileSystems."/boot/efi" = { fileSystems."/boot/efi" =
device = "/dev/disk/by-label/Boot"; { device = "/dev/disk/by-label/Boot";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true; # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

164
machines/SteamDeck/configuration.nix
View file

@ -1,103 +1,103 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, lib, ... }:
{ {
config, # Use grub boot loader
pkgs, boot.loader = {
lib, systemd-boot.enable = false;
... grub = {
}: { enable = true;
# Use grub boot loader device = "nodev";
boot.loader = { efiSupport = true;
systemd-boot.enable = false; # No other OS on here :P
grub = { useOSProber = false;
enable = true; };
device = "nodev"; efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint;
efiSupport = true; };
# No other OS on here :P boot.loader.efi.canTouchEfiVariables = true;
useOSProber = false;
};
efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint;
};
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "SteamDeck"; # Define your hostname. networking.hostName = "SteamDeck"; # Define your hostname.
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
jovian = { jovian = {
devices.steamdeck = { devices.steamdeck = {
enable = true; enable = true;
}; };
# Steam Deck UI settings # Steam Deck UI settings
steam = { steam = {
enable = true; enable = true;
autoStart = true; autoStart = true;
user = "toast"; user = "toast";
desktopSession = "plasmawayland"; desktopSession = "plasmawayland";
}; };
decky-loader = { decky-loader = {
enable = true; enable = true;
}; };
}; };
services.xserver.displayManager.sddm.enable = lib.mkForce false; services.xserver.displayManager.sddm.enable = lib.mkForce false;
# Enable bluetooth # Enable bluetooth
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
}; };
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
# Enable CUPS to print documents. # Enable CUPS to print documents.
# services.printing.enable = true; # services.printing.enable = true;
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
# Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs
boot.tmp.useTmpfs = false; boot.tmp.useTmpfs = false;
environment.systemPackages = [pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme]; environment.systemPackages = [ pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme ];
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
# environment.systemPackages = with pkgs; [ # environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
# ]; # ];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;
# programs.gnupg.agent = { # programs.gnupg.agent = {
# enable = true; # enable = true;
# enableSSHSupport = true; # enableSSHSupport = true;
# }; # };
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/SteamDeck/default.nix
View file

@ -1,6 +1,8 @@
{...}: { { ... }:
imports = [
./configuration.nix {
./hardware-configuration.nix imports = [
]; ./configuration.nix
./hardware-configuration.nix
];
} }

123
machines/SteamDeck/hardware-configuration.nix
View file

@ -1,72 +1,71 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
let
# \x20 is the escape code for a space
ssdLabel = ''Deck\\x20SSD'';
in
{ {
config, imports =
lib, [ (modulesPath + "/installer/scan/not-detected.nix")
modulesPath, ];
...
}: let
# \x20 is the escape code for a space
ssdLabel = ''Deck\\x20SSD'';
in {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
# Enable support for the Xbox One wireless dongle # Enable support for the Xbox One wireless dongle
hardware.xone.enable = true; hardware.xone.enable = true;
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci"]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems = { fileSystems = {
"efi_boot_partition" = { "efi_boot_partition" = {
mountPoint = "/boot/efi"; mountPoint = "/boot/efi";
label = "deckboot"; label = "deckboot";
fsType = "vfat"; fsType = "vfat";
}; };
/* /*
Mount the root subvolume of the SSD Mount the root subvolume of the SSD
This is helpful for getting things from This is helpful for getting things from
my old Arch install, as well as for running btdu my old Arch install, as well as for running btdu
*/ */
"btrfs_root_subvolume" = { "btrfs_root_subvolume" = {
mountPoint = "/mnt/ssd"; mountPoint = "/mnt/ssd";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvolid=5" "ro"]; options = [ "subvolid=5" "ro" ];
}; };
"btrfs_root" = { "btrfs_root" = {
mountPoint = "/"; mountPoint = "/";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@" "compress=zstd"]; options = [ "subvol=@" "compress=zstd" ];
}; };
"btrfs_boot" = { "btrfs_boot" = {
mountPoint = "/boot"; mountPoint = "/boot";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@boot" "compress=zstd"]; options = [ "subvol=@boot" "compress=zstd" ];
}; };
"btrfs_home" = { "btrfs_home" = {
mountPoint = "/home"; mountPoint = "/home";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@home" "compress=zstd"]; options = [ "subvol=@home" "compress=zstd" ];
}; };
"btrfs_nix" = { "btrfs_nix" = {
mountPoint = "/nix"; mountPoint = "/nix";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@nix" "compress=zstd"]; options = [ "subvol=@nix" "compress=zstd" ];
}; };
}; };
swapDevices = []; swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

142
machines/SurfaceGo/configuration.nix
View file

@ -1,92 +1,92 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, lib, ... }:
{ {
config, boot = {
pkgs, loader = {
lib, # Use grub boot loader
... systemd-boot.enable = false;
}: { grub = {
boot = { enable = true;
loader = { device = "nodev";
# Use grub boot loader efiSupport = true;
systemd-boot.enable = false; enableCryptodisk = true;
grub = { };
enable = true; efi = {
device = "nodev"; efiSysMountPoint = "/boot/efi";
efiSupport = true; canTouchEfiVariables = true;
enableCryptodisk = true; };
}; };
efi = { # I need systemd for tpm luks unlocking
efiSysMountPoint = "/boot/efi"; initrd.systemd.enable = true;
canTouchEfiVariables = true; };
};
};
# I need systemd for tpm luks unlocking
initrd.systemd.enable = true;
};
security.tpm2.enable = true; security.tpm2.enable = true;
networking.hostName = "SurfaceGo"; # Define your hostname. networking.hostName = "SurfaceGo"; # Define your hostname.
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
console = { console = {
# The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font # The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font
font = "ter-i32n"; font = "ter-i32n";
}; };
# Enable CUPS to print documents. # Enable CUPS to print documents.
# services.printing.enable = true; # services.printing.enable = true;
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
# environment.systemPackages = with pkgs; [ # environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
# ]; # ];
# The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it # The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it
boot.kernelPackages = lib.mkForce pkgs.linuxPackages; boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;
# programs.gnupg.agent = { # programs.gnupg.agent = {
# enable = true; # enable = true;
# enableSSHSupport = true; # enableSSHSupport = true;
# }; # };
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/SurfaceGo/default.nix
View file

@ -1,6 +1,8 @@
{...}: { { ... }:
imports = [
./configuration.nix {
./hardware-configuration.nix imports = [
]; ./configuration.nix
./hardware-configuration.nix
];
} }

75
machines/SurfaceGo/hardware-configuration.nix
View file

@ -1,50 +1,49 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:
{ {
config,
lib,
...
}: {
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf"; boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = { boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf";
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs";
options = ["subvol=@" "compress=zstd"];
};
fileSystems."/boot" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@boot" "compress=zstd"]; options = [ "subvol=@" "compress=zstd" ];
}; };
fileSystems."/nix" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@nix" "compress=zstd"]; options = [ "subvol=@boot" "compress=zstd" ];
}; };
fileSystems."/home" = { fileSystems."/nix" ={
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@home" "compress=zstd"]; options = [ "subvol=@nix" "compress=zstd" ];
}; };
fileSystems."/boot/efi" = { fileSystems."/home" = {
device = "/dev/disk/by-uuid/EC76-201F"; device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "vfat"; fsType = "btrfs";
}; options = [ "subvol=@home" "compress=zstd" ];
};
swapDevices = []; fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/EC76-201F";
fsType = "vfat";
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; swapDevices = [];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

256
machines/WinMax2/configuration.nix
View file

@ -1,153 +1,153 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, lib, ... }:
{ {
config, # Use grub boot loader
pkgs, boot = {
lib, loader = {
... systemd-boot.enable = false;
}: { grub = {
# Use grub boot loader enable = true;
boot = { device = "nodev";
loader = { efiSupport = true;
systemd-boot.enable = false; # No other OS on here :P
grub = { useOSProber = false;
enable = true; };
device = "nodev"; efi = {
efiSupport = true; efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint;
# No other OS on here :P canTouchEfiVariables = true;
useOSProber = false; };
}; };
efi = { /*
efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; I use luks, and the systemd initrd works better for this
canTouchEfiVariables = true; Both for tpm unlocking (soon) and for plymouth
}; */
}; initrd.systemd.enable = true;
/* # Plymouth doesn't support fractional scaling :(
I use luks, and the systemd initrd works better for this plymouth.extraConfig = "DeviceScale=2";
Both for tpm unlocking (soon) and for plymouth
*/
initrd.systemd.enable = true;
# Plymouth doesn't support fractional scaling :(
plymouth.extraConfig = "DeviceScale=2";
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
}; };
networking.hostName = "WinMax2"; # Define your hostname. networking.hostName = "WinMax2"; # Define your hostname.
specialisation.noAVX512.configuration = { specialisation.noAVX512.configuration = {
# For some reason The Finals crashes on CPUs that support AVX512 # For some reason The Finals crashes on CPUs that support AVX512
boot.kernelParams = ["clearcpuid=304"]; boot.kernelParams = [ "clearcpuid=304" ];
}; };
# Sleep fixes # Sleep fixes
boot.kernelParams = ["rtc_cmos.use_acpi_alarm=1"]; boot.kernelParams = [ "rtc_cmos.use_acpi_alarm=1" ];
services.udev.extraRules = '' services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled" ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled"
ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled" ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled"
''; '';
services.handheld-daemon = { services.handheld-daemon = {
package = pkgs.handheld-daemon.overridePythonAttrs rec { package = pkgs.handheld-daemon.overridePythonAttrs rec{
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "hhd-dev"; owner = "hhd-dev";
repo = "hhd"; repo = "hhd";
rev = "v${version}"; rev = "v${version}";
hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc="; hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc=";
}; };
version = "1.3.13"; version = "1.3.13";
}; };
enable = true; enable = true;
user = "root"; user = "root";
}; };
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
services.xserver = { services.xserver = {
xkb.layout = lib.mkForce "us"; xkb.layout = lib.mkForce "us";
displayManager.sddm.settings = { displayManager.sddm.settings = {
General.GreeterEnvironment = "QT_SCREEN_SCALE_FACTORS=1.75"; General.GreeterEnvironment="QT_SCREEN_SCALE_FACTORS=1.75";
}; };
}; };
jovian = { jovian = {
# Steam Deck UI settings # Steam Deck UI settings
steam = { steam = {
enable = true; enable = true;
autoStart = false; autoStart = false;
user = "toast"; user = "toast";
desktopSession = "plasmawayland"; desktopSession = "plasmawayland";
}; };
hardware.amd.gpu.enableBacklightControl = true; hardware.amd.gpu.enableBacklightControl = true;
# Need patched mesa # Need patched mesa
steamos = { steamos = {
enableMesaPatches = true; enableMesaPatches = true;
enableVendorRadv = true; enableVendorRadv = true;
}; };
decky-loader = { decky-loader = {
enable = true; enable = true;
}; };
}; };
# Enable bluetooth # Enable bluetooth
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
}; };
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
# Enable CUPS to print documents. # Enable CUPS to print documents.
# services.printing.enable = true; # services.printing.enable = true;
environment.sessionVariables = { environment.sessionVariables = {
STEAM_FORCE_DESKTOPUI_SCALING = "1.75"; STEAM_FORCE_DESKTOPUI_SCALING = "1.75";
}; };
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
# Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs
boot.tmp.useTmpfs = false; boot.tmp.useTmpfs = false;
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
# environment.systemPackages = with pkgs; [ # environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
# ]; # ];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;
# programs.gnupg.agent = { # programs.gnupg.agent = {
# enable = true; # enable = true;
# enableSSHSupport = true; # enableSSHSupport = true;
# }; # };
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/WinMax2/default.nix
View file

@ -1,6 +1,8 @@
{...}: { { ... }:
imports = [
./configuration.nix {
./hardware-configuration.nix imports = [
]; ./configuration.nix
./hardware-configuration.nix
];
} }

129
machines/WinMax2/hardware-configuration.nix
View file

@ -1,75 +1,74 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, modulesPath, ... }:
let
# \x20 is the escape code for a space
ssdLabel = ''Win\\x20Max\\x202\\x20SSD'';
in
{ {
config, imports = [
lib, (modulesPath + "/installer/scan/not-detected.nix")
modulesPath, ];
...
}: let
# \x20 is the escape code for a space
ssdLabel = ''Win\\x20Max\\x202\\x20SSD'';
in {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci"]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc"; boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc";
fileSystems = { fileSystems = {
"efi_boot_partition" = { "efi_boot_partition" = {
mountPoint = "/boot"; mountPoint = "/boot";
label = "winmax2boot"; label = "winmax2boot";
fsType = "vfat"; fsType = "vfat";
}; };
/* /*
Mount the root subvolume of the SSD Mount the root subvolume of the SSD
This is helpful for getting things from This is helpful for getting things from
my old Arch install, as well as for running btdu my old Arch install, as well as for running btdu
*/ */
"btrfs_root_subvolume" = { "btrfs_root_subvolume" = {
mountPoint = "/mnt/ssd"; mountPoint = "/mnt/ssd";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvolid=5" "ro"]; options = [ "subvolid=5" "ro" ];
}; };
"btrfs_root" = { "btrfs_root" = {
mountPoint = "/"; mountPoint = "/";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@"]; options = [ "subvol=@" ];
}; };
"btrfs_persist" = { "btrfs_persist" = {
mountPoint = "/persist"; mountPoint = "/persist";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@persist"]; options = [ "subvol=@persist" ];
neededForBoot = true; neededForBoot = true;
}; };
"btrfs_home" = { "btrfs_home" = {
mountPoint = "/home"; mountPoint = "/home";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@home"]; options = [ "subvol=@home" ];
}; };
"btrfs_nix" = { "btrfs_nix" = {
mountPoint = "/nix"; mountPoint = "/nix";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@nix"]; options = [ "subvol=@nix" ];
}; };
}; };
swapDevices = []; swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = { hardware = {
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
sensor.iio.bmi260.enable = true; sensor.iio.bmi260.enable = true;
}; };
} }

89
pkgs/anything-sync-daemon/default.nix
View file

@ -1,57 +1,56 @@
{ { stdenv
stdenv, , lib
lib, , fetchFromGitHub
fetchFromGitHub, , makeWrapper
makeWrapper, , rsync
rsync, , gawk
gawk, , pv
pv, , gnutar
gnutar, , zstd
zstd, , util-linux
util-linux, , coreutils
coreutils, , gnugrep
gnugrep, , findutils
findutils,
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "anything-sync-daemon"; pname = "anything-sync-daemon";
version = "6.0.0"; version = "6.0.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "graysky2"; owner = "graysky2";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I="; hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I=";
}; };
patches = [./disableDaemonStopTargets.patch]; patches = [ ./disableDaemonStopTargets.patch ];
nativeBuildInputs = [makeWrapper]; nativeBuildInputs = [ makeWrapper ];
postPatch = '' postPatch = ''
substituteInPlace init/asd* \ substituteInPlace init/asd* \
--replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon --replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon
''; '';
enableParallelBuilding = true; enableParallelBuilding = true;
makeFlags = [ makeFlags = [
"DESTDIR=${placeholder "out"}" "DESTDIR=${placeholder "out"}"
"PREFIX=" "PREFIX="
"INITDIR_SYSTEMD=/lib/systemd/system" "INITDIR_SYSTEMD=/lib/systemd/system"
]; ];
installTargets = ["install-systemd-all"]; installTargets = [ "install-systemd-all" ];
postInstall = '' postInstall = ''
wrapProgram $out/bin/anything-sync-daemon \ wrapProgram $out/bin/anything-sync-daemon \
--suffix PATH : ${lib.makeBinPath [rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]} --suffix PATH : ${lib.makeBinPath [ rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]}
''; '';
meta = with lib; { meta = with lib; {
description = "Symlinks and syncs user specified dirs to RAM"; description = "Symlinks and syncs user specified dirs to RAM";
homepage = "https://github.com/graysky2/anything-sync-daemon/"; homepage = "https://github.com/graysky2/anything-sync-daemon/";
license = lib.licenses.mit; license = lib.licenses.mit;
platforms = platforms.linux; platforms = platforms.linux;
}; };
} }

234
roles/common/configuration.nix
View file

@ -1,136 +1,132 @@
{ config, lib, pkgs, flakeSelf, ... }:
{ {
config, imports = [ flakeSelf.inputs.nur.nixosModules.nur ];
lib, environment = {
pkgs, # As of the 1st of May 2023, the default packages are nano, perl, rsync and strace
flakeSelf, # I don't need any of them, so I just empty the list
... defaultPackages = [];
}: { };
imports = [flakeSelf.inputs.nur.nixosModules.nur];
environment = {
# As of the 1st of May 2023, the default packages are nano, perl, rsync and strace
# I don't need any of them, so I just empty the list
defaultPackages = [];
};
# Set up /tmp # Set up /tmp
boot.tmp = { boot.tmp = {
useTmpfs = false; useTmpfs = false;
# Cleaning out /tmp at boot if it's a tmpfs is quite stupid # Cleaning out /tmp at boot if it's a tmpfs is quite stupid
cleanOnBoot = !config.boot.tmp.useTmpfs; cleanOnBoot = !config.boot.tmp.useTmpfs;
}; };
# Set up zram # Set up zram
zramSwap = { zramSwap = {
enable = true; enable = true;
priority = 100; priority = 100;
memoryPercent = 60; memoryPercent = 60;
# zstd my beloved <3 # zstd my beloved <3
algorithm = "zstd"; algorithm = "zstd";
}; };
# zswap with zram is not a good idea # zswap with zram is not a good idea
boot.kernelParams = ["zswap.enabled=0"]; boot.kernelParams = [ "zswap.enabled=0" ];
# Set up keyboard layout # Set up keyboard layout
services.xserver.xkb.layout = "es"; services.xserver.xkb.layout = "es";
# Set up console # Set up console
console = { console = {
packages = [pkgs.terminus_font]; packages = [ pkgs.terminus_font ];
earlySetup = true; earlySetup = true;
# mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware # mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware
font = lib.mkOverride 999 "ter-i16n"; font = lib.mkOverride 999 "ter-i16n";
# Make the console use X's keyboard configuration # Make the console use X's keyboard configuration
useXkbConfig = true; useXkbConfig = true;
}; };
boot.supportedFilesystems = ["nfs"]; boot.supportedFilesystems = [ "nfs" ];
# Set up localisation # Set up localisation
i18n = { i18n = {
defaultLocale = "en_US.UTF-8"; defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { extraLocaleSettings = {
LC_NUMERIC = "es_ES.UTF-8"; LC_NUMERIC = "es_ES.UTF-8";
# am/pm is nice but mm/dd/yy is yucky # am/pm is nice but mm/dd/yy is yucky
LC_TIME = "es_US.UTF-8"; LC_TIME = "es_US.UTF-8";
LC_MONETARY = "es_ES.UTF-8"; LC_MONETARY = "es_ES.UTF-8";
LC_MEASUREMENT = "es_ES.UTF-8"; LC_MEASUREMENT = "es_ES.UTF-8";
LC_PAPER = "es_ES.UTF-8"; LC_PAPER = "es_ES.UTF-8";
LC_ADDRESS = "es_US.UTF-8"; LC_ADDRESS = "es_US.UTF-8";
LC_NAME = "es_ES.UTF-8"; LC_NAME = "es_ES.UTF-8";
LC_TELEPHONE = "es_ES.UTF-8"; LC_TELEPHONE = "es_ES.UTF-8";
}; };
}; };
services.fwupd.enable = true; services.fwupd.enable = true;
# Set up my user # Set up my user
users.users.toast = { users.users.toast = {
isNormalUser = true; isNormalUser = true;
description = "Toast"; description = "Toast";
extraGroups = ["wheel"]; extraGroups = [ "wheel" ];
}; };
# Set up time zone. # Set up time zone.
time.timeZone = "Europe/Madrid"; time.timeZone = "Europe/Madrid";
nixpkgs.overlays = [ nixpkgs.overlays = [
( (
final: prev: { final: prev: {
catppuccin = prev.catppuccin.override { catppuccin = prev.catppuccin.override {
accent = "mauve"; accent = "mauve";
variant = "mocha"; variant = "mocha";
themeList = [ themeList = [
"bat" "bat"
"btop" "btop"
"starship" "starship"
"grub" "grub"
]; ];
}; };
} }
) )
]; ];
home-manager = { home-manager = {
backupFileExtension = "hm-backup"; backupFileExtension = "hm-backup";
useGlobalPkgs = true; useGlobalPkgs = true;
verbose = true; verbose = true;
users.toast = {...}: { users.toast = { config, ... }: {
home.stateVersion = "23.11"; home.stateVersion = "23.11";
xdg = { xdg = {
userDirs = { userDirs = {
enable = true; enable = true;
createDirectories = true; createDirectories = true;
publicShare = null; # Disable the public folder publicShare = null; # Disable the public folder
}; };
}; };
}; };
}; };
# Set up secrets # Set up secrets
age = { age = {
identityPaths = [ identityPaths = [
"/persist/id_host" "/persist/id_host"
]; ];
}; };
boot.loader.grub = { boot.loader.grub = {
theme = "${pkgs.catppuccin}/grub"; theme = "${pkgs.catppuccin}/grub";
backgroundColor = "#1E1E2E"; backgroundColor = "#1E1E2E";
splashImage = "${pkgs.catppuccin}/grub/background.png"; splashImage = "${pkgs.catppuccin}/grub/background.png";
}; };
/* /*
I used to keep the host keys in the repo as a secret, but since I use the I used to keep the host keys in the repo as a secret, but since I use the
host keys for decrypting too I'm not sure encrypting a key with itself host keys for decrypting too I'm not sure encrypting a key with itself
is a good idea. Now the host keys will need to be placed manually where they are needed is a good idea. Now the host keys will need to be placed manually where they are needed
For first time installs they are generated by services.openssh.hostKeys on servers, and For first time installs they are generated by services.openssh.hostKeys on servers, and
manually on everything else manually on everything else
*/ */
system = { system = {
stateVersion = "23.11"; stateVersion = "23.11";
# Nix on nixos 23.05 does not have dirtyRev # Nix on nixos 23.05 does not have dirtyRev
configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty"; configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty";
nixos.variant_id = lib.strings.toLower config.networking.hostName; nixos.variant_id = lib.strings.toLower config.networking.hostName;
}; };
} }

14
roles/common/default.nix
View file

@ -1,7 +1,9 @@
{...}: { { ... }:
imports = [
./programs {
./services imports = [
./configuration.nix ./programs
]; ./services
./configuration.nix
];
} }

16
roles/common/programs/bash.nix
View file

@ -1,8 +1,10 @@
{...}: { { config, ... }:
home-manager.users.toast = {...}: {
programs.bash = { {
enable = true; home-manager.users.toast = { config, ... }: {
enableVteIntegration = true; programs.bash = {
}; enable = true;
}; enableVteIntegration = true;
};
};
} }

42
roles/common/programs/bat.nix
View file

@ -1,25 +1,21 @@
{ config, pkgs, ... }:
let
themeName = if config.system.nixos.release == "23.11" then "Catppuccin-mocha" else "Catppuccin Mocha";
in
{ {
config, home-manager = {
pkgs, users.toast.programs.bat = {
... enable = true;
}: let config = {
themeName = theme = "catppuccin-mocha";
if config.system.nixos.release == "23.11" };
then "Catppuccin-mocha" themes = {
else "Catppuccin Mocha"; catppuccin-mocha = {
in { src = pkgs.catppuccin;
home-manager = { file = "bat/${themeName}.tmTheme";
users.toast.programs.bat = { };
enable = true; };
config = { };
theme = "catppuccin-mocha"; };
};
themes = {
catppuccin-mocha = {
src = pkgs.catppuccin;
file = "bat/${themeName}.tmTheme";
};
};
};
};
} }

4
roles/common/programs/btop.nix
View file

@ -1,4 +1,6 @@
{pkgs, ...}: { { pkgs, ... }:
{
home-manager = { home-manager = {
users.toast = { users.toast = {
programs.btop = { programs.btop = {

12
roles/common/programs/comma.nix
View file

@ -1,6 +1,8 @@
{...}: { { config, pkgs, ... }:
# Use nix-index-database's comma wrapper
programs.nix-index-database.comma.enable = true; {
# Run programs from the system's nixpkgs # Use nix-index-database's comma wrapper
environment.variables = {COMMA_NIXPKGS_FLAKE = "system";}; programs.nix-index-database.comma.enable = true;
# Run programs from the system's nixpkgs
environment.variables = { COMMA_NIXPKGS_FLAKE="system"; };
} }

8
roles/common/programs/command-not-found.nix
View file

@ -1,4 +1,6 @@
{...}: { { config, ... }:
# The nixpkgs command-not-found script does not work with flakes, so I disable it
programs.command-not-found.enable = false; {
# The nixpkgs command-not-found script does not work with flakes, so I disable it
programs.command-not-found.enable = false;
} }

60
roles/common/programs/default.nix
View file

@ -1,30 +1,32 @@
{pkgs, ...}: { { config, pkgs, ... }:
imports = [
./htop.nix {
./nix.nix imports = [
./micro.nix ./htop.nix
./nix-index.nix ./nix.nix
./command-not-found.nix ./micro.nix
./comma.nix ./nix-index.nix
./bash.nix ./command-not-found.nix
./git.nix ./comma.nix
./starship.nix ./bash.nix
./bat.nix ./git.nix
./btop.nix ./starship.nix
./helix.nix ./bat.nix
./direnv.nix ./btop.nix
]; ./helix.nix
# Some programs dont have a programs.*.enable option, so I install their package here ./direnv.nix
environment.systemPackages = with pkgs; [ ];
speedtest-cli # Some programs dont have a programs.*.enable option, so I install their package here
# Bat has a home manager module, but I want it to be available system wide environment.systemPackages = with pkgs; [
bat speedtest-cli
file # Bat has a home manager module, but I want it to be available system wide
nvd bat
ncdu file
tree nvd
btdu ncdu
iperf3 tree
restic btdu
]; iperf3
restic
];
} }

4
roles/common/programs/direnv.nix
View file

@ -1,4 +1,6 @@
{...}: { { ... }:
{
programs.direnv = { programs.direnv = {
enable = true; enable = true;
nix-direnv = { nix-direnv = {

61
roles/common/programs/git.nix
View file

@ -1,29 +1,34 @@
{pkgs, ...}: let { config, pkgs, ... }:
catppuccinDelta = pkgs.fetchFromGitHub {
owner = "catppuccin"; let
repo = "delta"; catppuccinDelta = pkgs.fetchFromGitHub {
rev = "main"; owner = "catppuccin";
hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs="; repo = "delta";
}; rev = "main";
in { hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs=";
home-manager.users.toast = { };
programs.git = { in
enable = true;
userName = "Toast"; {
userEmail = "toast003@tutamail.com"; home-manager.users.toast = {
delta = { programs.git = {
enable = true; enable = true;
options = { userName = "Toast";
syntax-theme = "catppuccin-mocha"; userEmail = "toast003@tutamail.com";
features = "catppuccin-mocha"; delta = {
}; enable = true;
}; options = {
includes = [{path = "${catppuccinDelta}/themes/mocha.gitconfig";}]; syntax-theme = "catppuccin-mocha";
extraConfig = { features = "catppuccin-mocha";
init.defaultBranch = "main"; };
diff.colorMoved = "default"; };
commit.verbose = "true"; includes = [{ path = "${catppuccinDelta}/themes/mocha.gitconfig"; }];
}; extraConfig = {
}; init.defaultBranch = "main";
}; diff.colorMoved = "default";
commit.verbose = "true";
};
};
};
} }

6
roles/common/programs/helix.nix
View file

@ -1,4 +1,6 @@
{pkgs, ...}: { { pkgs, ... }:
{
home-manager.users.toast = { home-manager.users.toast = {
programs.helix = { programs.helix = {
enable = true; enable = true;
@ -7,7 +9,7 @@
nixpkgs-fmt nixpkgs-fmt
nil nil
]; ];
settings = { settings = {
theme = "catppuccin_mocha"; theme = "catppuccin_mocha";
editor = { editor = {
mouse = true; mouse = true;

26
roles/common/programs/htop.nix
View file

@ -1,13 +1,15 @@
{...}: { { config, ... }:
programs.htop = {
enable = true; {
settings = { programs.htop = {
tree_view = 1; enable = true;
highlight_base_name = 1; settings = {
show_program_path = 0; tree_view = 1;
show_cpu_frequency = 1; highlight_base_name = 1;
show_cpu_temperature = 1; show_program_path = 0;
hide_userland_threads = 1; show_cpu_frequency = 1;
}; show_cpu_temperature = 1;
}; hide_userland_threads = 1;
};
};
} }

29
roles/common/programs/micro.nix
View file

@ -1,14 +1,17 @@
{...}: { { config, pkgs, ... }:
home-manager = {
users.toast = {...}: { {
programs.micro = { home-manager = {
enable = true; users.toast = { config, pkgs, ... }:
settings = { {
clipboard = "internal"; programs.micro = {
indentchar = "|"; enable = true;
softwrap = true; settings = {
}; clipboard = "internal";
}; indentchar = "|";
}; softwrap = true;
}; };
};
};
};
} }

28
roles/common/programs/nix-index.nix
View file

@ -1,15 +1,15 @@
{...}: { { config, ... }:
/*
environment.systemPackages = [ pkgs.nix-index ]; {
programs.bash.interactiveShellInit = '' /* environment.systemPackages = [ pkgs.nix-index ];
source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh programs.bash.interactiveShellInit = ''
''; source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh
*/ ''; */
programs.nix-index = { programs.nix-index = {
enable = true; enable = true;
enableBashIntegration = true; enableBashIntegration = true;
# I don't use zsh or fish (yet) # I don't use zsh or fish (yet)
enableZshIntegration = false; enableZshIntegration = false;
enableFishIntegration = false; enableFishIntegration = false;
}; };
} }

53
roles/common/programs/nix.nix
View file

@ -1,30 +1,25 @@
{systemPkgs, ...}: { { config, systemPkgs, ... }:
nix = {
settings = { {
auto-optimise-store = true; nix = {
experimental-features = "nix-command flakes"; settings = {
}; auto-optimise-store = true;
optimise = { experimental-features = "nix-command flakes";
automatic = true; };
dates = ["weekly"]; optimise = {
}; automatic = true;
registry = { dates = [ "weekly" ];
agenix = { };
from = { registry = {
id = "agenix"; agenix = {
type = "indirect"; from = { id = "agenix"; type = "indirect"; };
}; to = { owner = "ryantm"; repo = "agenix"; type = "github"; };
to = { };
owner = "ryantm"; # Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions
repo = "agenix"; # https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html
type = "github"; system.flake = systemPkgs;
}; };
}; # I removed this in the past since I thought that I didn't need it, but turns out comma does :)
# Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions nixPath = [ "nixpkgs=${systemPkgs}" ];
# https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html };
system.flake = systemPkgs;
};
# I removed this in the past since I thought that I didn't need it, but turns out comma does :)
nixPath = ["nixpkgs=${systemPkgs}"];
};
} }

95
roles/common/programs/starship.nix
View file

@ -1,52 +1,53 @@
{ { pkgs, lib, ... }:
pkgs,
lib,
...
}:
with lib; with lib;
with builtins; let with builtins;
catppuccinFlavour = "mocha";
catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml;
presets = { let
nerdFontSymbols = pkgs.fetchurl { catppuccinFlavour = "mocha";
url = "https://starship.rs/presets/toml/nerd-font-symbols.toml"; catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml;
hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug=";
};
};
# -------------------------------- F U N C T I O N S --------------------------------
/* presets = {
Gonna be honest, I have no idea how this works, although it seems to work nerdFontSymbols = pkgs.fetchurl {
Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e url = "https://starship.rs/presets/toml/nerd-font-symbols.toml";
*/ hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug=";
# Takes a list of attrSets and merges them };
mergeAllAttrSets = attrsSets: };
foldl' recursiveUpdate {} attrsSets; # -------------------------------- F U N C T I O N S --------------------------------
# Reads a TOML file and parses it /*
readTomlPreset = file: (fromTOML (readFile file)); Gonna be honest, I have no idea how this works, although it seems to work
in { Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e
programs.starship = { */
enable = true; # Takes a list of attrSets and merges them
settings = mergeAllAttrSets [ mergeAllAttrSets = attrsSets:
(readTomlPreset presets.nerdFontSymbols) foldl' (recursiveUpdate) {} attrsSets;
(readTomlPreset catppuccinStarship)
{ # Reads a TOML file and parses it
nix_shell = { readTomlPreset = file: (fromTOML (readFile file));
disabled = false;
heuristic = true; in
}; {
os = { programs.starship = {
disabled = false; enable = true;
}; settings = mergeAllAttrSets [
directory = { (readTomlPreset presets.nerdFontSymbols)
disabled = false; (readTomlPreset catppuccinStarship)
truncation_length = 6; {
truncation_symbol = ".../"; nix_shell = {
}; disabled = false;
palette = "catppuccin_${catppuccinFlavour}"; heuristic = true;
} };
]; os = {
}; disabled = false;
};
directory = {
disabled = false;
truncation_length = 6;
truncation_symbol = ".../";
};
palette = "catppuccin_${catppuccinFlavour}";
}
];
};
} }

40
roles/common/services/avahi.nix
View file

@ -1,23 +1,19 @@
{config, ...}: let { config, ... }:
old = { let
nssmdns = true; old = {
}; nssmdns = true;
new = { };
nssmdns4 = true; new = {
}; nssmdns4 = true;
in { };
/* in
NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6 {
23.11 doesn't support this, so I need to use the conditional to be able to /*
use the same config for both NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6
*/ 23.11 doesn't support this, so I need to use the conditional to be able to
services.avahi = use the same config for both
{ */
enable = true; services.avahi = {
} enable = true;
// ( } // (if config.system.nixos.release == "23.11" then old else new);
if config.system.nixos.release == "23.11"
then old
else new
);
} }

14
roles/common/services/default.nix
View file

@ -1,7 +1,9 @@
{...}: { { ... }:
imports = [
./avahi.nix {
./tailscale.nix imports = [
./syncthing.nix ./avahi.nix
]; ./tailscale.nix
./syncthing.nix
];
} }

116
roles/common/services/syncthing.nix
View file

@ -1,60 +1,60 @@
{ { config, flakeSelf, ... }:
config,
flakeSelf,
...
}: let
hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
in {
# Get secrets
age.secrets = {
syncthingKey.file = hostSecrets + "/syncthingKey.age";
syncthingCert.file = hostSecrets + "/syncthingCert.age";
};
services.syncthing = { let
key = config.age.secrets.syncthingKey.path; hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
cert = config.age.secrets.syncthingCert.path; in
overrideDevices = true;
overrideFolders = true; {
openDefaultPorts = true; # Get secrets
settings = { age.secrets = {
options = { syncthingKey.file = hostSecrets + "/syncthingKey.age";
urAccepted = 3; syncthingCert.file = hostSecrets + "/syncthingCert.age";
}; };
# Set up devices and folders common to every device
devices = { services.syncthing = {
"phone" = { key = config.age.secrets.syncthingKey.path;
name = "Xiaomi Redmi Note 10 Pro"; cert = config.age.secrets.syncthingCert.path;
id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6"; overrideDevices = true;
}; overrideFolders = true;
"pc" = { openDefaultPorts = true;
name = "Archie"; settings = {
id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY"; options = {
}; urAccepted = 3;
"steamdeck" = { };
name = "Steam Deck"; # Set up devices and folders common to every device
id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN"; devices = {
}; "phone" = {
"server" = { name = "Xiaomi Redmi Note 10 Pro";
name = "Everest"; id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6";
id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ"; };
}; "pc" = {
"surface" = { name = "Archie";
name = "Surface Go"; id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY";
id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4"; };
}; "steamdeck" = {
"winmax2" = { name = "Steam Deck";
name = "Win Max 2"; id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN";
id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS"; };
}; "server" = {
}; name = "Everest";
folders = { id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ";
"passwords" = { };
label = "KeePassXC Passwords"; "surface" = {
id = "rdyaq-ex659"; name = "Surface Go";
devices = ["phone" "pc" "steamdeck" "server" "surface" "winmax2"]; id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4";
}; };
}; "winmax2" = {
}; name = "Win Max 2";
}; id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS";
};
};
folders = {
"passwords" = {
label = "KeePassXC Passwords";
id = "rdyaq-ex659";
devices = [ "phone" "pc" "steamdeck" "server" "surface" "winmax2"];
};
};
};
};
} }

18
roles/common/services/tailscale.nix
View file

@ -1,10 +1,12 @@
{lib, ...}: { { config, lib, ... }:
services.tailscale = {
enable = true;
useRoutingFeatures = lib.mkDefault "client";
};
systemd.services.tailscaled.environment = { {
TS_NO_LOGS_NO_SUPPORT = "true"; services.tailscale = {
}; enable = true;
useRoutingFeatures = lib.mkDefault "client";
};
systemd.services.tailscaled.environment = {
TS_NO_LOGS_NO_SUPPORT = "true";
};
} }

28
roles/desktop/configuration.nix
View file

@ -1,17 +1,19 @@
{pkgs, ...}: { { config, pkgs, ... }:
# Enable scanning
hardware.sane = {
enable = true;
extraBackends = [pkgs.sane-airscan];
};
users.users.toast.extraGroups = ["scanner"];
services.xserver.enable = true; {
# Enable scanning
hardware.sane = {
enable = true;
extraBackends = [ pkgs.sane-airscan ];
};
users.users.toast.extraGroups = [ "scanner" ];
# Set up fonts services.xserver.enable = true;
fonts.packages = [
(pkgs.nerdfonts.override {fonts = ["Hack" "JetBrainsMono"];})
];
boot.plymouth.enable = true; # Set up fonts
fonts.packages = [
( pkgs.nerdfonts.override { fonts = [ "Hack" "JetBrainsMono" ]; } )
];
boot.plymouth.enable = true;
} }

14
roles/desktop/default.nix
View file

@ -1,7 +1,9 @@
{...}: { { ... }:
imports = [
./services {
./programs imports = [
./configuration.nix ./services
]; ./programs
./configuration.nix
];
} }

24
roles/desktop/programs/default.nix
View file

@ -1,12 +1,14 @@
{...}: { { ... }:
imports = [
./discord.nix {
./firefox.nix imports = [
./micro.nix ./discord.nix
./keepassxc.nix ./firefox.nix
./jamesdsp.nix ./micro.nix
./vscode.nix ./keepassxc.nix
./git.nix ./jamesdsp.nix
./ssh.nix ./vscode.nix
]; ./git.nix
./ssh.nix
];
} }

81
roles/desktop/programs/discord.nix
View file

@ -1,44 +1,41 @@
{ { config, pkgs, lib, ... }:
pkgs,
lib,
...
}: let
discordOverlay = _self: super: {
discord = super.discord.override {
withOpenASAR = true;
withVencord = true;
};
# Update some stuff while I wait for nixpkgs
/*
vencord = super.vencord.overrideAttrs rec {
version = "522fdcd";
src = pkgs.fetchFromGitHub {
owner = "Vendicated";
repo = "Vencord";
rev = "522fdcd";
#rev = "v${version}";
hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM=";
};
};
*/
};
stock-discord = _self: super: {
discord = super.discord.override {
withOpenASAR = false;
withVencord = false;
};
};
in {
# Sometimes discord breaks after updates, and launching it stock once fixes it
specialisation.stockDiscord.configuration = {
nixpkgs.overlays = lib.mkAfter [stock-discord];
};
nixpkgs.overlays = [discordOverlay]; let
home-manager.users.toast = { discordOverlay = self: super: {
home.packages = with pkgs; [ discord = super.discord.override {
discord withOpenASAR = true;
vesktop withVencord = true;
]; };
}; # Update some stuff while I wait for nixpkgs
/*vencord = super.vencord.overrideAttrs rec {
version = "522fdcd";
src = pkgs.fetchFromGitHub {
owner = "Vendicated";
repo = "Vencord";
rev = "522fdcd";
#rev = "v${version}";
hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM=";
};
};*/
};
stock-discord = self: super: {
discord = super.discord.override {
withOpenASAR = false;
withVencord = false;
};
};
in
{
# Sometimes discord breaks after updates, and launching it stock once fixes it
specialisation.stockDiscord.configuration = {
nixpkgs.overlays = lib.mkAfter [ stock-discord ];
};
nixpkgs.overlays = [ discordOverlay ];
home-manager.users.toast = {
home.packages = with pkgs; [
discord
vesktop
];
};
} }

110
roles/desktop/programs/firefox.nix
View file

@ -1,55 +1,57 @@
{lib, ...}: { { config, lib, ... }:
# System wide firefox settings
programs.firefox = { {
enable = true; # System wide firefox settings
policies = { programs.firefox = {
"DisablePocket" = true; enable = true;
"DisableTelemetry" = true; policies = {
# You need these for Spotify "DisablePocket" = true;
"EncryptedMediaExtensions" = {"Enabled" = true;}; "DisableTelemetry" = true;
"ExtensionSettings" = { # You need these for Spotify
# TODO: Install extensions the NUR instead of from AMO "EncryptedMediaExtensions" = { "Enabled" = true; };
"uBlock0@raymondhill.net" = { "ExtensionSettings" = {
"installation_mode" = "force_installed"; # TODO: Install extensions the NUR instead of from AMO
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; "uBlock0@raymondhill.net" = {
}; "installation_mode" = "force_installed";
# Decentraleyes "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
"jid1-BoFifL9Vbdl2zQ@jetpack" = { };
"installation_mode" = "normal_installed"; # Decentraleyes
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; "jid1-BoFifL9Vbdl2zQ@jetpack" = {
}; "installation_mode" = "normal_installed";
"jid1-MnnxcxisBPnSXQ@jetpack" = { "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi";
"installation_mode" = "normal_installed"; };
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; "jid1-MnnxcxisBPnSXQ@jetpack" = {
}; "installation_mode" = "normal_installed";
# Uninstall the kde plasma integration extension if KDE is not installed "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
"plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked"; };
}; # Uninstall the kde plasma integration extension if KDE is not installed
"Preferences" = { "plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked";
# Enable video hardware acceleration };
"media.ffmpeg.vaapi.enabled" = { "Preferences" = {
"Value" = true; # Enable video hardware acceleration
"Status" = "default"; "media.ffmpeg.vaapi.enabled" = {
}; "Value" = true;
"dom.security.https_only_mode" = { "Status" = "default";
"Value" = true; };
"Status" = "locked"; "dom.security.https_only_mode" = {
}; "Value" = true;
"general.smoothScroll.msdPhysics.enabled" = { "Status" = "locked";
"Value" = true; };
"Status" = "default"; "general.smoothScroll.msdPhysics.enabled" = {
}; "Value" = true;
}; "Status" = "default";
"PromptForDownloadLocation" = true; };
# I use an external password manager, so the built in one just bothers me };
"PasswordManagerEnabled" = false; "PromptForDownloadLocation" = true;
"Permissions" = { # I use an external password manager, so the built in one just bothers me
"Autoplay" = { "PasswordManagerEnabled" = false;
"Allow" = ["https://www.youtube.com"]; "Permissions" = {
"Default" = "block-audio-video"; "Autoplay" = {
}; "Allow" = [ "https://www.youtube.com" ];
}; "Default" = "block-audio-video";
"FirefoxHome" = {"SponsoredTopSites" = false;}; };
}; };
}; "FirefoxHome" = { "SponsoredTopSites" = false; };
};
};
} }

8
roles/desktop/programs/git.nix
View file

@ -1,8 +1,6 @@
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
home-manager.users.toast = { home-manager.users.toast = {
programs.git = { programs.git = {
package = pkgs.gitFull; package = pkgs.gitFull;
@ -13,6 +11,6 @@
}; };
}; };
home.packages = [pkgs.git-cola]; home.packages = [ pkgs.git-cola ];
}; };
} }

6
roles/desktop/programs/jamesdsp.nix
View file

@ -1,3 +1,5 @@
{pkgs, ...}: { { config, pkgs, ... }:
users.users.toast.packages = [pkgs.jamesdsp];
{
users.users.toast.packages = [ pkgs.jamesdsp ];
} }

124
roles/desktop/programs/keepassxc.nix
View file

@ -1,63 +1,63 @@
{lib, ...}: let { config, pkgs, lib, ... }:
kpxcSettings = lib.generators.toINI {} {
General = { let
# Not sure what changing this does, I'll leave it alone kpxcSettings = lib.generators.toINI {} {
ConfigVersion = 2; General = {
MinimizeAfterUnlock = true; # Not sure what changing this does, I'll leave it alone
AutoSaveAfterEveryChange = false; ConfigVersion = 2;
}; MinimizeAfterUnlock = true;
GUI = { AutoSaveAfterEveryChange = false;
ApplicationTheme = "classic"; };
MinimizeOnStartup = false; GUI = {
MinimizeOnClose = true; ApplicationTheme = "classic";
MinimizeToTray = true; MinimizeOnStartup = false;
ShowTrayIcon = true; MinimizeOnClose = true;
# 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style MinimizeToTray = true;
ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window ShowTrayIcon = true;
# monochrome-light, monochrome-dark or colorful # 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style
TrayIconAppearance = "monochrome-light"; ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window
}; # monochrome-light, monochrome-dark or colorful
Security = { TrayIconAppearance = "monochrome-light";
HideNotes = true; };
IconDownloadFallback = true; Security = {
}; HideNotes = true;
SSHAgent.Enabled = true; IconDownloadFallback = true;
}; };
in { SSHAgent.Enabled = true;
home-manager = { };
extraSpecialArgs = {kpxcSettings = kpxcSettings;}; in
users.toast = {
pkgs, {
kpxcSettings, home-manager = {
... extraSpecialArgs = { kpxcSettings = kpxcSettings; };
}: { users.toast = { config, pkgs, kpxcSettings, ... }: {
# No module for KeePassXC config :( # No module for KeePassXC config :(
home = { home = {
packages = [pkgs.keepassxc]; packages = [ pkgs.keepassxc ];
file = { file = {
".config/keepassxc/keepassxc.ini".text = kpxcSettings; ".config/keepassxc/keepassxc.ini".text = kpxcSettings;
# For some reason the autostart .desktop is not the same as the regular one # For some reason the autostart .desktop is not the same as the regular one
".config/autostart/org.keepassxc.KeePassXC.desktop".text = '' ".config/autostart/org.keepassxc.KeePassXC.desktop".text = ''
[Desktop Entry] [Desktop Entry]
Name=KeePassXC Name=KeePassXC
GenericName=Password Manager GenericName=Password Manager
Exec=keepassxc Exec=keepassxc
TryExec=keepassxc TryExec=keepassxc
Icon=keepassxc Icon=keepassxc
StartupWMClass=keepassxc StartupWMClass=keepassxc
StartupNotify=true StartupNotify=true
Terminal=false Terminal=false
Type=Application Type=Application
Version=1.0 Version=1.0
Categories=Utility;Security;Qt; Categories=Utility;Security;Qt;
MimeType=application/x-keepass2; MimeType=application/x-keepass2;
X-GNOME-Autostart-enabled=true X-GNOME-Autostart-enabled=true
X-GNOME-Autostart-Delay=2 X-GNOME-Autostart-Delay=2
X-KDE-autostart-after=panel X-KDE-autostart-after=panel
X-LXQt-Need-Tray=true X-LXQt-Need-Tray=true
''; '';
}; };
}; };
}; };
}; };
} }

37
roles/desktop/programs/micro.nix
View file

@ -1,18 +1,21 @@
{lib, ...}: { { config, pkgs, lib, ... }:
home-manager = {
users.toast = {pkgs, ...}: { {
programs.micro = { home-manager = {
enable = true; users.toast = { config, pkgs, ... }:
settings = { {
# Use xclip/wl-clipboard for copying and pasting programs.micro = {
clipboard = lib.mkForce "external"; enable = true;
}; settings = {
}; # Use xclip/wl-clipboard for copying and pasting
/* clipboard = lib.mkForce "external";
On a kde wayland session micro uses xsel or xclip instead of wl-clipboard };
which doesn't work, so I only install wl-clipboard here to make micro use it };
*/ /*
home.packages = with pkgs; [wl-clipboard]; On a kde wayland session micro uses xsel or xclip instead of wl-clipboard
}; which doesn't work, so I only install wl-clipboard here to make micro use it
}; */
home.packages = with pkgs; [ wl-clipboard ];
};
};
} }

4
roles/desktop/programs/ssh.nix
View file

@ -1,4 +1,6 @@
{...}: { { ... }:
{
home-manager.users.toast = { home-manager.users.toast = {
programs.ssh = { programs.ssh = {
enable = true; enable = true;

80
roles/desktop/programs/vscode.nix
View file

@ -1,44 +1,40 @@
{ config, pkgs, flakeSelf, ... }:
let inputs = flakeSelf.inputs; in
{ {
pkgs, nixpkgs.overlays = [ inputs.catppuccin-vsc.overlays.default ];
flakeSelf, home-manager.users.toast = {
... home.packages = with pkgs; [
}: let nixpkgs-fmt
inputs = flakeSelf.inputs; ];
in { programs.vscode = {
nixpkgs.overlays = [inputs.catppuccin-vsc.overlays.default]; enable = true;
home-manager.users.toast = { package = pkgs.vscodium;
home.packages = with pkgs; [ mutableExtensionsDir = false;
nixpkgs-fmt extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [
]; jnoortheen.nix-ide
programs.vscode = { (pkgs.catppuccin-vsc.override {
enable = true; workbenchMode = "flat";
package = pkgs.vscodium; extraBordersEnabled = true;
mutableExtensionsDir = false; })
extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [ catppuccin.catppuccin-vsc-icons
jnoortheen.nix-ide waderyan.gitblame
(pkgs.catppuccin-vsc.override { ];
workbenchMode = "flat"; userSettings = {
extraBordersEnabled = true; # VSCode doesn't like nested settings
}) # https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep
catppuccin.catppuccin-vsc-icons # TODO: write a function that unnests settings
waderyan.gitblame "workbench.colorTheme" = "Catppuccin Mocha";
]; "workbench.iconTheme" = "catppuccin-mocha";
userSettings = { "editor.fontFamily" = "JetBrainsMono Nerd Font";
# VSCode doesn't like nested settings "editor.semanticHighlighting.enabled" = true;
# https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep "nix.enableLanguageServer" = true;
# TODO: write a function that unnests settings "nix.serverPath" = "${pkgs.nil}/bin/nil";
"workbench.colorTheme" = "Catppuccin Mocha"; "nix.serverSettings" = {
"workbench.iconTheme" = "catppuccin-mocha"; "nil"."formatting"."command" = [ "nixpkgs-fmt" ];
"editor.fontFamily" = "JetBrainsMono Nerd Font"; };
"editor.semanticHighlighting.enabled" = true; "terminal.integrated.minimumContrastRatio" = 1;
"nix.enableLanguageServer" = true; "window.titleBarStyle" = "custom";
"nix.serverPath" = "${pkgs.nil}/bin/nil"; };
"nix.serverSettings" = { };
"nil"."formatting"."command" = ["nixpkgs-fmt"]; };
};
"terminal.integrated.minimumContrastRatio" = 1;
"window.titleBarStyle" = "custom";
};
};
};
} }

20
roles/desktop/services/default.nix
View file

@ -1,10 +1,12 @@
{...}: { { ... }:
imports = [
./ssh-agent.nix {
./flatpak.nix imports = [
./syncthing.nix ./ssh-agent.nix
./pipewire.nix ./flatpak.nix
./printing.nix ./syncthing.nix
./networkmanager.nix ./pipewire.nix
]; ./printing.nix
./networkmanager.nix
];
} }

32
roles/desktop/services/flatpak.nix
View file

@ -1,17 +1,19 @@
{flakeSelf, ...}: { { config, pkgs, flakeSelf, ... }:
services.flatpak.enable = true;
home-manager = { {
sharedModules = [{imports = [flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak];}]; services.flatpak.enable = true;
users.toast = {
services.flatpak = { home-manager = {
packages = ["tv.plex.PlexDesktop"]; sharedModules = [{ imports = [ flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak ]; }];
uninstallUnmanagedPackages = true; users.toast = {
update.auto = { services.flatpak = {
enable = true; packages = [ "tv.plex.PlexDesktop" ];
onCalendar = "weekly"; uninstallUnmanagedPackages = true;
}; update.auto = {
}; enable = true;
}; onCalendar = "weekly";
}; };
};
};
};
} }

8
roles/desktop/services/networkmanager.nix
View file

@ -1,6 +1,10 @@
{config, ...}: let { config, ... }:
let
tailscaleName = config.services.tailscale.interfaceName; tailscaleName = config.services.tailscale.interfaceName;
in { in
{
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
unmanaged = [ unmanaged = [

16
roles/desktop/services/pipewire.nix
View file

@ -1,9 +1,11 @@
{...}: { { config, ... }:
services.pipewire = {
enable = true;
pulse.enable = true;
};
# This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters {
security.rtkit.enable = true; services.pipewire = {
enable = true;
pulse.enable = true;
};
# This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters
security.rtkit.enable = true;
} }

14
roles/desktop/services/printing.nix
View file

@ -1,7 +1,9 @@
{...}: { { config, ... }:
services.printing = {
enable = true; {
startWhenNeeded = true; services.printing = {
stateless = true; enable = true;
}; startWhenNeeded = true;
stateless = true;
};
} }

38
roles/desktop/services/ssh-agent.nix
View file

@ -1,19 +1,21 @@
{...}: { { config, pkgs, ... }:
programs.ssh.startAgent = true;
/* {
Home assistant added an option that does this programs.ssh.startAgent = true;
https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94 /*
but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one Home assistant added an option that does this
*/ https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94
/* but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one
TODO: fix SSH_AUTH_SOCK not being set in Plasma */
Turns out the NixOS module also has issues :3 /*
The env is set but only in bash, not in the DE, so TODO: fix SSH_AUTH_SOCK not being set in Plasma
keepass can't pick it up. For now I'll just set it manually Turns out the NixOS module also has issues :3
*/ The env is set but only in bash, not in the DE, so
home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = '' keepass can't pick it up. For now I'll just set it manually
if [[ -z "$SSH_AUTH_SOCK" ]]; then */
export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = ''
fi if [[ -z "$SSH_AUTH_SOCK" ]]; then
''; export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent
fi
'';
} }

46
roles/desktop/services/syncthing.nix
View file

@ -1,23 +1,25 @@
{config, ...}: { { config, ... }:
services.syncthing = {
enable = true; {
user = "toast"; services.syncthing = {
group = "users"; enable = true;
dataDir = config.users.users.toast.home; user = "toast";
settings.folders."passwords".path = "~/Documents/Passwords"; group = "users";
}; dataDir = config.users.users.toast.home;
# Allow regular users to stop syncthing settings.folders."passwords".path = "~/Documents/Passwords";
# https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service };
security.polkit.extraConfig = '' # Allow regular users to stop syncthing
polkit.addRule(function(action, subject) { # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
if ( security.polkit.extraConfig = ''
action.id == "org.freedesktop.systemd1.manage-units" && polkit.addRule(function(action, subject) {
action.lookup("unit") == "syncthing.service" && if (
subject.user == "${config.services.syncthing.user}" action.id == "org.freedesktop.systemd1.manage-units" &&
) action.lookup("unit") == "syncthing.service" &&
{ subject.user == "${config.services.syncthing.user}"
return polkit.Result.YES; )
} {
}) return polkit.Result.YES;
''; }
})
'';
} }

12
roles/gaming/default.nix
View file

@ -1,6 +1,8 @@
{...}: { { ... }:
imports = [
./programs {
./services imports = [
]; ./programs
./services
];
} }

24
roles/gaming/programs/default.nix
View file

@ -1,12 +1,14 @@
{pkgs, ...}: { { config, pkgs, ... }:
imports = [
./steam.nix {
./mangohud.nix imports = [
./rpcs3.nix ./steam.nix
./retroarch.nix ./mangohud.nix
]; ./rpcs3.nix
environment.systemPackages = with pkgs; [ ./retroarch.nix
heroic ];
prismlauncher-qt5 environment.systemPackages = with pkgs; [
]; heroic
prismlauncher-qt5
];
} }

27
roles/gaming/programs/mangohud.nix
View file

@ -1,13 +1,16 @@
{...}: { { config, ... }:
home-manager.users.toast = {...}: {
programs.mangohud = { {
enable = true; home-manager.users.toast = { config, ... }:
# This only works for Vulkan, openGL programs still need the mangohud wrapper {
enableSessionWide = true; programs.mangohud = {
settings = { enable = true;
preset = 4; # This only works for Vulkan, openGL programs still need the mangohud wrapper
no_display = true; enableSessionWide = true;
}; settings = {
}; preset = 4;
}; no_display = true;
};
};
};
} }

100
roles/gaming/programs/retroarch.nix
View file

@ -1,74 +1,74 @@
{pkgs, ...}: let { pkgs, ... }:
let
snes-roms = [ snes-roms = [
# ActRaiser # ActRaiser
(pkgs.fetchzip { ( pkgs.fetchzip {
url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/ActRaiser%20%28USA%29.zip"; url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/ActRaiser%20%28USA%29.zip";
hash = "sha256-yxIL5Pqlp8xsx7wvNO1MlB8ffDjS0xpE+yrEfMj61As="; hash = "sha256-yxIL5Pqlp8xsx7wvNO1MlB8ffDjS0xpE+yrEfMj61As=";
}) } )
# Kirby Super Star # Kirby Super Star
(pkgs.fetchzip { ( pkgs.fetchzip {
url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Kirby%20Super%20Star%20%28USA%29.zip"; url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Kirby%20Super%20Star%20%28USA%29.zip";
hash = "sha256-NX5OjCthf4ZiAhamclRBRk8GiMjZX3JLeShm8sQdDfc="; hash = "sha256-NX5OjCthf4ZiAhamclRBRk8GiMjZX3JLeShm8sQdDfc=";
}) } )
# Super Mario Kart # Super Mario Kart
(pkgs.fetchzip { ( pkgs.fetchzip {
url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Super%20Mario%20Kart%20%28USA%29.zip"; url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Super%20Mario%20Kart%20%28USA%29.zip";
hash = "sha256-RLBxPBmBrXCuPdnWE07KamBNgGJ5IntQVUPeij+2HUI="; hash = "sha256-RLBxPBmBrXCuPdnWE07KamBNgGJ5IntQVUPeij+2HUI=";
}) } )
]; ];
in { in
{
home-manager.users.toast = { home-manager.users.toast = {
home = { home = {
packages = [ packages = [(
( pkgs.retroarch.override {
pkgs.retroarch.override { cores = with pkgs.libretro; [
cores = with pkgs.libretro; [ snes9x
snes9x ];
]; settings = {
settings = { video_driver = "vulkan";
video_driver = "vulkan"; video_fullscreen = "true";
video_fullscreen = "true"; menu_swap_ok_cancel_buttons = "true";
menu_swap_ok_cancel_buttons = "true"; input_joypad_driver = "sdl2";
input_joypad_driver = "sdl2"; # Enable touchscreen support
# Enable touchscreen support menu_pointer_enable = "true";
menu_pointer_enable = "true";
# Folder stuffs # Folder stuffs
# System/BIOS files # System/BIOS files
system_directory = "~/.local/share/retroarch/system"; system_directory = "~/.local/share/retroarch/system";
# Downloads # Downloads
core_assets_directory = "~/.local/share/retroarch/downloads"; core_assets_directory = "~/.local/share/retroarch/downloads";
thumbnails_directory = "~/.local/share/retroarch/thumbnails"; thumbnails_directory = "~/.local/share/retroarch/thumbnails";
content_database_path = "~/.local/share/retroarch/database/rdb"; content_database_path = "~/.local/share/retroarch/database/rdb";
cheat_database_path = "~/.local/share/retroarch/cheats"; cheat_database_path = "~/.local/share/retroarch/cheats";
video_filter_dir = "~/.local/share/retroarch/filters/video"; video_filter_dir = "~/.local/share/retroarch/filters/video";
audio_filter_dir = "~/.local/share/retroarch/filters/audio"; audio_filter_dir = "~/.local/share/retroarch/filters/audio";
video_shader_dir = "~/.local/share/retroarch/shaders"; video_shader_dir = "~/.local/share/retroarch/shaders";
recording_output_directory = "~/.local/share/retroarch/records"; recording_output_directory = "~/.local/share/retroarch/records";
overlay_directory = "~/.local/share/retroarch/overlays"; overlay_directory = "~/.local/share/retroarch/overlays";
osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards"; osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards";
screenshot_directory = "~/.local/share/retroarch/screenshots"; screenshot_directory = "~/.local/share/retroarch/screenshots";
playlist_directory = "~/.local/share/retroarch/playlists"; playlist_directory = "~/.local/share/retroarch/playlists";
savefile_directory = "~/.local/share/retroarch/saves"; savefile_directory = "~/.local/share/retroarch/saves";
savestate_directory = "~/.local/share/retroarch/states"; savestate_directory = "~/.local/share/retroarch/states";
log_dir = "~/.local/share/retroarch/logs"; log_dir = "~/.local/share/retroarch/logs";
# By default settings has some things that this overrides, so I need to set them myself # By default settings has some things that this overrides, so I need to set them myself
libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores"; libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores";
joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig"; joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig";
assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets"; assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets";
}; };
} }
) )];
];
file."Games/Roms/SNES/" = { file."Games/Roms/SNES/" = {
onChange = '' onChange = ''
${pkgs.retroarch}/bin/retroarch --scan "/home/toast/Games/Roms/SNES" ${pkgs.retroarch}/bin/retroarch --scan "/home/toast/Games/Roms/SNES"
''; '';
source = pkgs.symlinkJoin { source = pkgs.symlinkJoin {
name = "snes-roms"; name = "snes-roms";
paths = [snes-roms]; paths = [ snes-roms ];
}; };
}; };
}; };
@ -85,7 +85,7 @@ in {
"retroarch" = { "retroarch" = {
label = "RetroArch"; label = "RetroArch";
id = "jxuou-2yjnu"; id = "jxuou-2yjnu";
devices = ["steamdeck" "server" "pc" "winmax2"]; devices = [ "steamdeck" "server" "pc" "winmax2" ];
path = "~/.local/share/retroarch"; path = "~/.local/share/retroarch";
}; };
}; };

36
roles/gaming/programs/rpcs3.nix
View file

@ -1,20 +1,20 @@
{config, ...}: { { config, pkgs, ... }:
environment.systemPackages = with config; [
nur.repos.ataraxiasjel.rpcs3
];
# Compiling RPCS3 takes quite a while
nix.settings = {
substituters = ["https://ataraxiadev-foss.cachix.org"];
trusted-public-keys = ["ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058="];
};
# Increase the memory lock limit {
security.pam.loginLimits = [ environment.systemPackages = with config; [
{ nur.repos.ataraxiasjel.rpcs3
domain = "*"; ];
item = "memlock"; # Compiling RPCS3 takes quite a while
type = "-"; # Applies to both hard and soft limits nix.settings = {
value = "unlimited"; substituters = [ "https://ataraxiadev-foss.cachix.org" ];
} trusted-public-keys = [ "ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058=" ];
]; };
# Increase the memory lock limit
security.pam.loginLimits = [{
domain = "*";
item = "memlock";
type = "-"; # Applies to both hard and soft limits
value = "unlimited";
}];
} }

37
roles/gaming/programs/steam.nix
View file

@ -1,26 +1,21 @@
{ config, pkgs, ... }:
{ {
config, programs.steam = {
pkgs, enable = true;
... # Doubt that I'll use it, but I'll enable it anyways
}: { remotePlay.openFirewall = true;
programs.steam = {
enable = true;
# Doubt that I'll use it, but I'll enable it anyways
remotePlay.openFirewall = true;
extraCompatPackages = with pkgs; [ extraCompatPackages = with pkgs; [
proton-ge-bin proton-ge-bin
]; ];
}; };
# Some linux native games (rise of the tomb raider) use alsa for sound # Some linux native games (rise of the tomb raider) use alsa for sound
services.pipewire.alsa.enable = services.pipewire.alsa.enable = if config.services.pipewire.pulse.enable == true then true else false;
if config.services.pipewire.pulse.enable == true
then true
else false;
# Celeste mod manager # Celeste mod manager
home-manager.users.toast.services.flatpak.packages = [ home-manager.users.toast.services.flatpak.packages = [
"io.github.everestapi.Olympus" "io.github.everestapi.Olympus"
]; ];
} }

10
roles/gaming/services/default.nix
View file

@ -1,5 +1,7 @@
{...}: { { ... }:
imports = [
./syncthing.nix {
]; imports = [
./syncthing.nix
];
} }

36
roles/gaming/services/syncthing.nix
View file

@ -1,19 +1,21 @@
{...}: { { config, ... }:
/*
This file will sync saves for games that don't have cloud saves
TODO: turn this into a module eventually
*/
services.syncthing.settings.folders = { {
"steam-201810" = { /*
label = "Wolfenstein The New Order Saves"; This file will sync saves for games that don't have cloud saves
id = "laxxf-t2wmy"; TODO: turn this into a module eventually
devices = ["steamdeck" "server" "pc"]; */
path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/";
}; services.syncthing.settings.folders = {
}; "steam-201810" = {
home-manager.users.toast.home.file."steam-201810-ignore" = { label = "Wolfenstein The New Order Saves";
target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore"; id = "laxxf-t2wmy";
text = "base/qconsole.log\nbase/wolfConfig.cfg"; devices = [ "steamdeck" "server" "pc" ];
}; path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/";
};
};
home-manager.users.toast.home.file."steam-201810-ignore" = {
target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore";
text = "base/qconsole.log\nbase/wolfConfig.cfg";
};
} }

14
roles/kde/default.nix
View file

@ -1,7 +1,9 @@
{...}: { { ... }:
imports = [
./plasma.nix {
./sddm.nix imports = [
./programs ./plasma.nix
]; ./sddm.nix
./programs
];
} }

318
roles/kde/plasma.nix
View file

@ -1,172 +1,158 @@
{ config, pkgs, lib, flakeSelf, ... }:
let
# Set up the default kde options
balooExcludedDirs = lib.strings.intersperse "," [
"$HOME/.cache/"
"$HOME/.config/"
"$HOME/.local/"
];
baloofilerc = lib.generators.toINI {} {
General = {
# The [$e] part allows you to use environment variables
"exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs;
};
};
# Make custom packages
breezeTint = pkgs.stdenv.mkDerivation {
name = "breeze-tint";
src = "${pkgs.breeze-qt5}";
patches = [ ./patches/BreezeTint.patch ];
installPhase = ''
runHook preInstall
mkdir -p $out/share/color-schemes/
cp -r share/color-schemes/* $out/share/color-schemes/
runHook postInstall
'';
};
# /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package
plasmaDefaults = pkgs.stdenv.mkDerivation {
name = "toast-plasma-defaults";
dontUnpack = true;
installPhase = ''
runHook preInstall
set -x
mkdir -p $out/etc/xdg
echo '${baloofilerc}' > $out/etc/xdg/baloofilerc
runHook postInstall
'';
};
in
{ {
config, services.xserver = {
pkgs, # Enable the Plasma 5 Desktop Environment
lib, desktopManager.plasma5.enable = true;
flakeSelf, displayManager.defaultSession = "plasmawayland";
... };
}: let
# Set up the default kde options
balooExcludedDirs = lib.strings.intersperse "," [
"$HOME/.cache/"
"$HOME/.config/"
"$HOME/.local/"
];
baloofilerc = lib.generators.toINI {} { qt.enable = true;
General = {
# The [$e] part allows you to use environment variables
"exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs;
};
};
# Make custom packages # GTK apps need dconf to grab the correct theme on Wayland
breezeTint = pkgs.stdenv.mkDerivation { programs.dconf.enable = true;
name = "breeze-tint";
src = "${pkgs.breeze-qt5}";
patches = [./patches/BreezeTint.patch];
installPhase = ''
runHook preInstall
mkdir -p $out/share/color-schemes/ # Install the patched Breeze color schemes as well as the plasma default configs
cp -r share/color-schemes/* $out/share/color-schemes/ environment.systemPackages = [ breezeTint plasmaDefaults ];
runHook postInstall # Plasma configs should be on all users
''; home-manager.sharedModules = [
}; (
{ config, ... }:
# /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package let gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc"; in
plasmaDefaults = pkgs.stdenv.mkDerivation { {
name = "toast-plasma-defaults"; gtk.gtk2.configLocation = gtk2rc;
dontUnpack = true; # Kde has an annoying habit of overwriting the gtk2 config file
installPhase = '' home.file."${gtk2rc}".force = true;
runHook preInstall }
)
set -x {
mkdir -p $out/etc/xdg imports = [ flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager ];
echo '${baloofilerc}' > $out/etc/xdg/baloofilerc gtk = {
enable = true;
runHook postInstall # Most apps are dark, so a white cursor is easier to spot
''; cursorTheme = { package = pkgs.breeze-qt5; name = "Breeze_Snow"; };
}; iconTheme = { package = pkgs.breeze-icons; name = "breeze-dark"; };
in { theme = { package = pkgs.breeze-gtk; name = "Breeze"; };
services.xserver = { # Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant
# Enable the Plasma 5 Desktop Environment gtk3.extraConfig.gtk-application-prefer-dark-theme = true;
desktopManager.plasma5.enable = true; gtk4.extraConfig.gtk-application-prefer-dark-theme = true;
displayManager.defaultSession = "plasmawayland"; };
}; home.packages = [(
pkgs.catppuccin-kde.override {
qt.enable = true; flavour = [ "mocha" ];
accents = [ "mauve" ];
# GTK apps need dconf to grab the correct theme on Wayland winDecStyles = [ "classic" ];
programs.dconf.enable = true; }
)];
# Install the patched Breeze color schemes as well as the plasma default configs programs.plasma = {
environment.systemPackages = [breezeTint plasmaDefaults]; enable = true;
overrideConfig = true;
# Plasma configs should be on all users # Delete config files that I fully configure here
home-manager.sharedModules = [ overrideConfigFiles = [
( "plasmashellrc"
{config, ...}: let "plasma-org.kde.plasma.desktop-appletsrc"
gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc"; ];
in { workspace = {
gtk.gtk2.configLocation = gtk2rc; clickItemTo = "select";
# Kde has an annoying habit of overwriting the gtk2 config file cursorTheme = "Breeze_Snow";
home.file."${gtk2rc}".force = true; iconTheme = "breeze-dark";
} lookAndFeel = "Catppuccin-Mocha-Mauve";
) theme = "default";
{ colorScheme = "CatppuccinMochaMauve";
imports = [flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager]; };
gtk = { kwin = {
enable = true; titlebarButtons = {
# Most apps are dark, so a white cursor is easier to spot left = [ "on-all-desktops" "keep-above-windows" ];
cursorTheme = { right = [ "minimize" "maximize" "close" ];
package = pkgs.breeze-qt5; };
name = "Breeze_Snow"; };
}; panels = [{
iconTheme = { location = "bottom";
package = pkgs.breeze-icons; height = 44;
name = "breeze-dark"; widgets = [
}; {
theme = { name = "org.kde.plasma.kickoff";
package = pkgs.breeze-gtk; config.General.icon = "nix-snowflake-white";
name = "Breeze"; }
}; "org.kde.plasma.pager"
# Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant "org.kde.plasma.icontasks"
gtk3.extraConfig.gtk-application-prefer-dark-theme = true; "org.kde.plasma.marginsseparator"
gtk4.extraConfig.gtk-application-prefer-dark-theme = true; "org.kde.plasma.systemtray"
}; {
home.packages = [ name = "org.kde.plasma.digitalclock";
( config.Appearance.showSeconds = "true";
pkgs.catppuccin-kde.override { }
flavour = ["mocha"]; "org.kde.plasma.showdesktop"
accents = ["mauve"]; ];
winDecStyles = ["classic"]; }];
} shortcuts = {
) "kwin" = {
]; "Switch One Desktop to the Left" = [ "Meta+Ctrl+Left" ];
programs.plasma = { "Switch One Desktop to the Right" = [ "Meta+Ctrl+Right" ];
enable = true; };
overrideConfig = true; };
# Delete config files that I fully configure here configFile = {
overrideConfigFiles = [ "kwinrc" = {
"plasmashellrc" "org\\.kde\\.kdecoration2"."BorderSize" = "None";
"plasma-org.kde.plasma.desktop-appletsrc" "Desktops" = {
]; "Number" = 2;
workspace = { "Rows" = 1;
clickItemTo = "select"; };
cursorTheme = "Breeze_Snow"; "TabBox"."LayoutName" = "thumbnail_grid";
iconTheme = "breeze-dark"; };
lookAndFeel = "Catppuccin-Mocha-Mauve"; "kdeglobals"."General"."AccentColor" = null;
theme = "default"; "auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0;
colorScheme = "CatppuccinMochaMauve"; "plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true;
}; };
kwin = { };
titlebarButtons = { }
left = ["on-all-desktops" "keep-above-windows"]; ];
right = ["minimize" "maximize" "close"];
};
};
panels = [
{
location = "bottom";
height = 44;
widgets = [
{
name = "org.kde.plasma.kickoff";
config.General.icon = "nix-snowflake-white";
}
"org.kde.plasma.pager"
"org.kde.plasma.icontasks"
"org.kde.plasma.marginsseparator"
"org.kde.plasma.systemtray"
{
name = "org.kde.plasma.digitalclock";
config.Appearance.showSeconds = "true";
}
"org.kde.plasma.showdesktop"
];
}
];
shortcuts = {
"kwin" = {
"Switch One Desktop to the Left" = ["Meta+Ctrl+Left"];
"Switch One Desktop to the Right" = ["Meta+Ctrl+Right"];
};
};
configFile = {
"kwinrc" = {
"org\\.kde\\.kdecoration2"."BorderSize" = "None";
"Desktops" = {
"Number" = 2;
"Rows" = 1;
};
"TabBox"."LayoutName" = "thumbnail_grid";
};
"kdeglobals"."General"."AccentColor" = null;
"auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0;
"plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true;
};
};
}
];
} }

24
roles/kde/programs/default.nix
View file

@ -1,13 +1,15 @@
{...}: { { config, ... }:
imports = [
./kate.nix
./firefox.nix
./skanpage.nix
./neochat.nix
./konsole.nix
./git.nix
];
# Enable the kde partition manager {
programs.partition-manager.enable = true; imports = [
./kate.nix
./firefox.nix
./skanpage.nix
./neochat.nix
./konsole.nix
./git.nix
];
# Enable the kde partition manager
programs.partition-manager.enable = true;
} }

60
roles/kde/programs/firefox.nix
View file

@ -1,30 +1,32 @@
{...}: { { config, pkgs, ... }:
# KDE specific firefox settings
programs.firefox = { {
policies = { # KDE specific firefox settings
"ExtensionSettings" = { programs.firefox = {
# TODO: Install extensions the NUR instead of from AMO policies = {
"plasma-browser-integration@kde.org" = { "ExtensionSettings" = {
"installation_mode" = "normal_installed"; # TODO: Install extensions the NUR instead of from AMO
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; "plasma-browser-integration@kde.org" = {
}; "installation_mode" = "normal_installed";
}; "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi";
"Preferences" = { };
# Make firefox use the kde file picker };
"widget.use-xdg-desktop-portal.file-picker" = { "Preferences" = {
"Value" = 1; # Make firefox use the kde file picker
"Status" = "default"; "widget.use-xdg-desktop-portal.file-picker" = {
}; "Value" = 1;
/* "Status" = "default";
https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, };
but strangely enough doing so makes firefox ask to be set as the default browser /*
every time you start it up, so I'll disable it https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this,
*/ but strangely enough doing so makes firefox ask to be set as the default browser
"widget.use-xdg-desktop-portal.mime-handler" = { every time you start it up, so I'll disable it
"Value" = 0; */
"Status" = "default"; "widget.use-xdg-desktop-portal.mime-handler" = {
}; "Value" = 0;
}; "Status" = "default";
}; };
}; };
};
};
} }

4
roles/kde/programs/git.nix
View file

@ -1,4 +1,6 @@
{...}: { { pkgs, lib, ... }:
{
home-manager.users.toast = { home-manager.users.toast = {
programs.git = { programs.git = {
extraConfig = { extraConfig = {

14
roles/kde/programs/kate.nix
View file

@ -1,8 +1,10 @@
{pkgs, ...}: { { config, pkgs, ... }:
environment.systemPackages = [pkgs.kate];
# Use kwrite to open text files, and kate if I'm developing stuff {
xdg.mime.defaultApplications = { environment.systemPackages = [ pkgs.kate ];
"text/plain" = "org.kde.kwrite.desktop";
}; # Use kwrite to open text files, and kate if I'm developing stuff
xdg.mime.defaultApplications = {
"text/plain" = "org.kde.kwrite.desktop";
};
} }

22
roles/kde/programs/konsole.nix
View file

@ -1,14 +1,14 @@
{pkgs, ...}: let { pkgs, ... }:
catppuccinKonsole = let
pkgs.fetchFromGitHub { catppuccinKonsole = pkgs.fetchFromGitHub {
owner = "catppuccin"; owner = "catppuccin";
repo = "konsole"; repo = "konsole";
# Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca # Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca
rev = "main"; rev = "main";
hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM="; hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM=";
} } + /Catppuccin-Mocha.colorscheme;
+ /Catppuccin-Mocha.colorscheme; in
in { {
home-manager.users.toast = { home-manager.users.toast = {
xdg.dataFile = { xdg.dataFile = {
"konsole/Catppuccin-Mocha.colorscheme".source = catppuccinKonsole; "konsole/Catppuccin-Mocha.colorscheme".source = catppuccinKonsole;

6
roles/kde/programs/neochat.nix
View file

@ -1,5 +1,7 @@
{pkgs, ...}: { { pkgs, ... }:
{
home-manager.users.toast = { home-manager.users.toast = {
home.packages = [pkgs.neochat]; home.packages = [ pkgs.neochat ];
}; };
} }

17
roles/kde/programs/skanpage.nix
View file

@ -1,12 +1,9 @@
{ config, lib, pkgs, ... }:
{ {
config, # Only install skanpage if scanning is set up
lib, config = lib.mkIf config.hardware.sane.enable {
pkgs, environment.systemPackages = [ pkgs.skanpage ];
... };
}: { # environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else [];
# Only install skanpage if scanning is set up
config = lib.mkIf config.hardware.sane.enable {
environment.systemPackages = [pkgs.skanpage];
};
# environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else [];
} }

106
roles/kde/sddm.nix
View file

@ -1,56 +1,56 @@
{ config, pkgs, ... }:
let
currentTheme = config.services.xserver.displayManager.sddm.theme;
sddm-sugar-candy = pkgs.stdenv.mkDerivation {
pname = "sddm-sugar-candy";
version = "master";
src = pkgs.fetchgit {
url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git";
hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU=";
};
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/sugar-candy
cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy
runHook postInstall
'';
};
/*
Adds a theme.conf.user file to the current sddm theme's folder,
allowing you to change it's configuration without needing to
repackage it
*/
customcfg = pkgs.stdenv.mkDerivation {
name = "sddm-theme-customizer";
dontUnpack = true;
# TODO: generate theme.conf.user outside of installPhase
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/${currentTheme}/
echo "[General]
background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user
runHook postInstall
'';
};
in
{ {
config, # Enable SDDM.
pkgs, services.xserver.displayManager.sddm = {
... enable = true;
}: let theme = "sugar-candy";
currentTheme = config.services.xserver.displayManager.sddm.theme; settings = {
General = { Numlock = "on"; };
Theme = { CursorTheme = "Breeze_Snow"; };
};
};
sddm-sugar-candy = pkgs.stdenv.mkDerivation { environment.systemPackages = [ sddm-sugar-candy customcfg ];
pname = "sddm-sugar-candy";
version = "master";
src = pkgs.fetchgit {
url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git";
hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU=";
};
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/sugar-candy
cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy
runHook postInstall
'';
};
/*
Adds a theme.conf.user file to the current sddm theme's folder,
allowing you to change it's configuration without needing to
repackage it
*/
customcfg = pkgs.stdenv.mkDerivation {
name = "sddm-theme-customizer";
dontUnpack = true;
# TODO: generate theme.conf.user outside of installPhase
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/${currentTheme}/
echo "[General]
background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user
runHook postInstall
'';
};
in {
# Enable SDDM.
services.xserver.displayManager.sddm = {
enable = true;
theme = "sugar-candy";
settings = {
General = {Numlock = "on";};
Theme = {CursorTheme = "Breeze_Snow";};
};
};
environment.systemPackages = [sddm-sugar-candy customcfg];
} }

12
roles/school/default.nix
View file

@ -1,6 +1,8 @@
{...}: { { ... }:
imports = [
./services {
./programs imports = [
]; ./services
./programs
];
} }

24
roles/school/programs/default.nix
View file

@ -1,13 +1,15 @@
{pkgs, ...}: { { config, pkgs, ... }:
imports = [
./virtualbox.nix
./idea.nix
./vscode.nix
./helix.nix
./unity.nix
];
environment.systemPackages = with pkgs; [ {
dia imports = [
]; ./virtualbox.nix
./idea.nix
./vscode.nix
./helix.nix
./unity.nix
];
environment.systemPackages = with pkgs; [
dia
];
} }

5
roles/school/programs/helix.nix
View file

@ -1,4 +1,7 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
home-manager.users.toast = { home-manager.users.toast = {
programs.helix = { programs.helix = {
extraPackages = with pkgs; [ extraPackages = with pkgs; [

58
roles/school/programs/idea.nix
View file

@ -1,31 +1,33 @@
{pkgs, ...}: { config, pkgs, ... }:
with pkgs; {
environment.systemPackages = with jetbrains; [
idea-ultimate
];
home-manager.users.toast = { with pkgs;
# Install plugins {
home.file = { environment.systemPackages = with jetbrains; [
".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl { idea-ultimate
url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar"; ];
hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE=";
};
".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip {
url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip";
hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s=";
};
".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl {
url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar";
hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY=";
};
};
/* home-manager.users.toast = {
If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal # Install plugins
This adds the jdks I want to use to a directory intellij expects jdks to be home.file = {
*/ ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl {
home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk"; url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar";
home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk"; hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE=";
}; };
".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip {
url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip";
hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s=";
};
".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl {
url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar";
hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY=";
};
};
/*
If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal
This adds the jdks I want to use to a directory intellij expects jdks to be
*/
home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk";
home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk";
};
} }

12
roles/school/programs/unity.nix
View file

@ -1,9 +1,9 @@
{pkgs, ...}: { { pkgs, ... }:
{
home-manager.users.toast = { home-manager.users.toast = {
home.packages = [ home.packages = [(
( pkgs.unityhub
pkgs.unityhub )];
)
];
}; };
} }

28
roles/school/programs/virtualbox.nix
View file

@ -1,15 +1,15 @@
{...}: { { config, ... }:
# Need to use visual studio 2019 :(
virtualisation.virtualbox.host = { {
enable = true; # Need to use visual studio 2019 :(
}; virtualisation.virtualbox.host = {
home-manager.sharedModules = [ enable = true;
{ };
systemd.user.tmpfiles.rules = [ home-manager.sharedModules = [{
"d '/%h/VirtualBox VMs'" systemd.user.tmpfiles.rules = [
"h '/%h/VirtualBox VMs' - - - - C " "d '/%h/VirtualBox VMs'"
]; "h '/%h/VirtualBox VMs' - - - - C "
} ];
]; }];
users.users.toast.extraGroups = ["vboxusers"]; users.users.toast.extraGroups = [ "vboxusers" ];
} }

37
roles/school/programs/vscode.nix
View file

@ -1,23 +1,18 @@
{ config, pkgs, lib, flakeSelf, ... }:
let inputs = flakeSelf.inputs; in
{ {
pkgs, home-manager.users.toast.programs.vscode = {
lib, # The redhat xml extension needs an fhs environment
flakeSelf, package = lib.mkForce pkgs.vscodium-fhs;
... extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [
}: let open-vsx.redhat.vscode-xml
inputs = flakeSelf.inputs; open-vsx.tomoki1207.pdf
in { open-vsx.ms-vscode.live-server
home-manager.users.toast.programs.vscode = { open-vsx.ecmel.vscode-html-css
# The redhat xml extension needs an fhs environment open-vsx.angular.ng-template
package = lib.mkForce pkgs.vscodium-fhs; ];
extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [ userSettings = {
open-vsx.redhat.vscode-xml redhat.telemetry.enabled = false;
open-vsx.tomoki1207.pdf };
open-vsx.ms-vscode.live-server };
open-vsx.ecmel.vscode-html-css
open-vsx.angular.ng-template
];
userSettings = {
redhat.telemetry.enabled = false;
};
};
} }

16
roles/school/services/default.nix
View file

@ -1,8 +1,10 @@
{...}: { { ... }:
imports = [
./syncthing.nix {
./mysql.nix imports = [
./xampp.nix ./syncthing.nix
./mongodb.nix ./mysql.nix
]; ./xampp.nix
./mongodb.nix
];
} }

55
roles/school/services/mongodb.nix
View file

@ -1,34 +1,31 @@
{ config, pkgs, lib, ... }:
{ {
config, services.mongodb = {
pkgs, enable = true;
lib, package = pkgs.mongodb-4_4;
... user = "toast";
}: { };
services.mongodb = {
enable = true;
package = pkgs.mongodb-4_4;
user = "toast";
};
# Don't autostart MySQL # Don't autostart MySQL
systemd.services.mongodb.wantedBy = lib.mkForce []; systemd.services.mongodb.wantedBy = lib.mkForce [];
# Allow regular users to start/stop mongodb # Allow regular users to start/stop mongodb
# https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if ( if (
action.id == "org.freedesktop.systemd1.manage-units" && action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "mongodb.service" && action.lookup("unit") == "mongodb.service" &&
subject.user == "${config.services.mongodb.user}" subject.user == "${config.services.mongodb.user}"
) )
{ {
return polkit.Result.YES; return polkit.Result.YES;
} }
}) })
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mongosh mongosh
]; ];
} }

59
roles/school/services/mysql.nix
View file

@ -1,36 +1,33 @@
{ config, pkgs, lib, ... }:
{ {
config, services.mysql = {
pkgs, enable = true;
lib, package = pkgs.mysql80;
... user = "toast";
}: { group = "users";
services.mysql = { };
enable = true;
package = pkgs.mysql80;
user = "toast";
group = "users";
};
# Don't autostart MySQL # Don't autostart MySQL
systemd.services.mysql.wantedBy = lib.mkForce []; systemd.services.mysql.wantedBy = lib.mkForce [];
# Allow regular users to start/stop mysql # Allow regular users to start/stop mysql
# https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if ( if (
action.id == "org.freedesktop.systemd1.manage-units" && action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "mysql.service" && action.lookup("unit") == "mysql.service" &&
subject.user == "${config.services.mysql.user}" subject.user == "${config.services.mysql.user}"
) )
{ {
return polkit.Result.YES; return polkit.Result.YES;
} }
}) })
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mysql-workbench mysql-workbench
mycli mycli
]; ];
} }

20
roles/school/services/syncthing.nix
View file

@ -1,10 +1,12 @@
{...}: { { config, ... }:
services.syncthing.settings.folders = {
"school-things" = { {
label = "School things"; services.syncthing.settings.folders = {
id = "z6alc-nfoqr"; "school-things" = {
devices = ["steamdeck" "server" "pc" "winmax2"]; label = "School things";
path = "~/Documents/School things"; id = "z6alc-nfoqr";
}; devices = [ "steamdeck" "server" "pc" "winmax2" ];
}; path = "~/Documents/School things";
};
};
} }

66
roles/school/services/xampp.nix
View file

@ -1,34 +1,36 @@
{pkgs, ...}: let { config, pkgs, ... }:
booDark = pkgs.fetchzip { let
url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip"; booDark = pkgs.fetchzip {
hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo="; url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip";
}; hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo=";
in { };
# I tried setting up httpd + php in class but I just gave up in
virtualisation.oci-containers = { {
containers."xampp" = { # I tried setting up httpd + php in class but I just gave up
autoStart = false; virtualisation.oci-containers = {
image = "tomsik68/xampp"; containers."xampp" = {
#user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; autoStart = false;
volumes = [ image = "tomsik68/xampp";
"xampp-mysql:/opt/lampp/var/mysql" #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}";
# No dark mode installed by default :( volumes = [
"${booDark}:/opt/lampp/phpmyadmin/themes/booDark" "xampp-mysql:/opt/lampp/var/mysql"
]; # No dark mode installed by default :(
ports = ["41061:22" "41062:80"]; "${booDark}:/opt/lampp/phpmyadmin/themes/booDark"
}; ];
}; ports = [ "41061:22" "41062:80" ];
};
};
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if ( if (
action.id == "org.freedesktop.systemd1.manage-units" && action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "podman-xampp.service" && action.lookup("unit") == "podman-xampp.service" &&
subject.user == "toast" subject.user == "toast"
) )
{ {
return polkit.Result.YES; return polkit.Result.YES;
} }
}) })
''; '';
} }

18
roles/server/avahi.nix
View file

@ -1,9 +1,11 @@
{...}: { { config, ... }:
services.avahi = {
openFirewall = true; {
publish = { services.avahi = {
enable = true; openFirewall = true;
userServices = true; publish = {
}; enable = true;
}; userServices = true;
};
};
} }

30
roles/server/beep.nix
View file

@ -1,16 +1,16 @@
{pkgs, ...}: { { config, pkgs, ... }:
# Beep as soon as possible in the initrd
boot.initrd = { {
kernelModules = ["pcspkr"]; # Beep as soon as possible in the initrd
extraFiles.beep.source = pkgs.beep; boot.initrd = {
postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2"; kernelModules = [ "pcspkr" ];
}; extraFiles.beep.source = pkgs.beep;
/* postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2";
systemd.services.startupBeep = { };
description = "Beep when system started booting"; /*systemd.services.startupBeep = {
wantedBy = [ "sysinit.target" ]; description = "Beep when system started booting";
script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2"; wantedBy = [ "sysinit.target" ];
serviceConfig = { Type = "oneshot"; }; script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2";
}; serviceConfig = { Type = "oneshot"; };
*/ };*/
} }

36
roles/server/ddclient.nix
View file

@ -1,20 +1,20 @@
{ { config, flakeSelf, ... }:
config,
flakeSelf,
...
}: let
hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
in {
# Set up secrets
age.secrets = {ddclient-passwd.file = hostSecrets + "/ddclient-password.age";};
services.ddclient = { let
enable = true; hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
use = "web, web=dynamicdns.park-your-domain.com/getip"; in
protocol = "namecheap";
server = "dynamicdns.park-your-domain.com"; {
username = "toast003.xyz"; # Set up secrets
passwordFile = config.age.secrets.ddclient-passwd.path; age.secrets = { ddclient-passwd.file = hostSecrets + "/ddclient-password.age"; };
domains = ["@"];
}; services.ddclient = {
enable = true;
use = "web, web=dynamicdns.park-your-domain.com/getip";
protocol = "namecheap";
server = "dynamicdns.park-your-domain.com";
username = "toast003.xyz";
passwordFile = config.age.secrets.ddclient-passwd.path;
domains = [ "@" ];
};
} }

36
roles/server/default.nix
View file

@ -1,18 +1,20 @@
{...}: { { ... }:
imports = [
./avahi.nix {
./nfs.nix imports = [
./samba.nix ./avahi.nix
./ssh.nix ./nfs.nix
./forgejo.nix ./samba.nix
./syncthing.nix ./ssh.nix
./endlessh.nix ./forgejo.nix
./transmission.nix ./syncthing.nix
./ddclient.nix ./endlessh.nix
./beep.nix ./transmission.nix
./tailscale.nix ./ddclient.nix
./traefik.nix ./beep.nix
./minecraft.nix ./tailscale.nix
./dns.nix ./traefik.nix
]; ./minecraft.nix
./dns.nix
];
} }

16
roles/server/dns.nix
View file

@ -1,4 +1,6 @@
{...}: { { ... }:
{
services.dnsmasq = { services.dnsmasq = {
enable = true; enable = true;
@ -6,7 +8,7 @@
resolveLocalQueries = false; resolveLocalQueries = false;
settings = { settings = {
listen-address = ["100.73.96.48"]; listen-address = [ "100.73.96.48" ];
/* /*
Dnsmasq tries to use the tailscale dns server, which is bad cause that points to dnsmasq Dnsmasq tries to use the tailscale dns server, which is bad cause that points to dnsmasq
@ -27,11 +29,11 @@
# Add tailscale hosts # Add tailscale hosts
networking.hosts = { networking.hosts = {
"100.73.96.48" = ["everest"]; "100.73.96.48" = [ "everest" ];
"100.113.139.93" = ["archie"]; "100.113.139.93" = [ "archie" ];
"100.85.48.85" = ["steamdeck"]; "100.85.48.85" = [ "steamdeck" ];
"100.96.92.13" = ["surfecego"]; "100.96.92.13" = [ "surfecego" ];
"100.106.73.20" = ["winmax2"]; "100.106.73.20" = [ "winmax2" ];
}; };
# Dnsmasq conflicts with the resolved dns stub listener # Dnsmasq conflicts with the resolved dns stub listener

16
roles/server/endlessh.nix
View file

@ -1,8 +1,10 @@
{...}: { { config, ... }:
# I prefer using the go implementation
services.endlessh-go = { {
enable = true; # I prefer using the go implementation
openFirewall = true; services.endlessh-go = {
extraOptions = ["-alsologtostderr" "-v=1"]; enable = true;
}; openFirewall = true;
extraOptions = [ "-alsologtostderr" "-v=1"] ;
};
} }

10
roles/server/forgejo.nix
View file

@ -1,8 +1,6 @@
{ config, lib, ... }:
{ {
config,
lib,
...
}: {
specialisation.forgejoEnableRegistration.configuration.services.forgejo.settings.service.DISABLE_REGISTRATION = false; specialisation.forgejoEnableRegistration.configuration.services.forgejo.settings.service.DISABLE_REGISTRATION = false;
services.forgejo = { services.forgejo = {
enable = true; enable = true;
@ -24,7 +22,7 @@
}; };
# Add a cname for forgejo # Add a cname for forgejo
services.dnsmasq.settings.cname = ["git.everest.sable-pancake.ts.net,everest"]; services.dnsmasq.settings.cname = [ "git.everest.sable-pancake.ts.net,everest" ];
# Set up traefik as the reverse proxy for Forgejo # Set up traefik as the reverse proxy for Forgejo
services.traefik = { services.traefik = {
@ -37,7 +35,7 @@
}; };
}; };
services.forgejo.loadBalancer.servers = [ services.forgejo.loadBalancer.servers = [
{url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";} { url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; }
]; ];
}; };
}; };

205
roles/server/minecraft.nix
View file

@ -1,116 +1,115 @@
{ config, pkgs, flakeSelf, ... }:
let
atfc = builtins.fetchurl {
url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download";
sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x";
};
puffish_skills = builtins.fetchurl {
url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download";
sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil";
};
spark = builtins.fetchurl {
url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download";
sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x";
};
port = 25565;
users = config.users;
in
{ {
config, users = {
pkgs, groups.minecraft = {
flakeSelf, members = [ "toast" ];
... gid = 987;
}: let };
atfc = builtins.fetchurl { users.atfc = {
url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download"; isSystemUser = true;
sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x"; uid = 988;
}; group = "minecraft";
puffish_skills = builtins.fetchurl { home = "/var/lib/minecraft/atfc";
url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download"; homeMode = "750";
sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil"; createHome = true;
}; };
spark = builtins.fetchurl { };
url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download";
sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x";
};
port = 25565; virtualisation.oci-containers = {
users = config.users; containers."minecraft-atfc" = {
in { autoStart = true;
users = { image = "itzg/minecraft-server";
groups.minecraft = { #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}";
members = ["toast"]; environment = {
gid = 987; TZ = "Europe/Madrid";
}; EULA = "true";
users.atfc = { TYPE = "forge";
isSystemUser = true; MEMORY = "2G";
uid = 988; UID = toString users.users.atfc.uid;
group = "minecraft"; GID = toString users.groups.minecraft.gid;
home = "/var/lib/minecraft/atfc"; VERSION = "1.18.2";
homeMode = "750"; FORGE_VERSION = "40.2.10";
createHome = true; GENERIC_PACK = "/modpack.zip";
}; #USE_AIKAR_FLAGS = "true";
};
virtualisation.oci-containers = { #STOP_DURATION = "70";
containers."minecraft-atfc" = { STOP_SERVER_ANNOUNCE_DELAY = "25";
autoStart = true;
image = "itzg/minecraft-server";
#user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}";
environment = {
TZ = "Europe/Madrid";
EULA = "true";
TYPE = "forge";
MEMORY = "2G";
UID = toString users.users.atfc.uid;
GID = toString users.groups.minecraft.gid;
VERSION = "1.18.2";
FORGE_VERSION = "40.2.10";
GENERIC_PACK = "/modpack.zip";
#USE_AIKAR_FLAGS = "true";
#STOP_DURATION = "70"; # server.properties
STOP_SERVER_ANNOUNCE_DELAY = "25"; MOTD = "Toast's modded minecraft server";
DIFFICULTY = "hard";
SNOOPER_ENABLED = "false";
SPAWN_PROTECTION = "0";
LEVEL_TYPE = "tfc:tng";
BROADCAST_CONSOLE_TO_OPS = "true";
BROADCAST_RCON_TO_OPS = "true";
VIEW_DISTANCE = "16";
MAX_PLAYERS = "4";
# server.properties RCON_CMDS_LAST_DISCONNECT = "save-all";
MOTD = "Toast's modded minecraft server";
DIFFICULTY = "hard";
SNOOPER_ENABLED = "false";
SPAWN_PROTECTION = "0";
LEVEL_TYPE = "tfc:tng";
BROADCAST_CONSOLE_TO_OPS = "true";
BROADCAST_RCON_TO_OPS = "true";
VIEW_DISTANCE = "16";
MAX_PLAYERS = "4";
RCON_CMDS_LAST_DISCONNECT = "save-all"; OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff";
EXISTING_OPS_FILE = "synchronize";
OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff"; WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7";
EXISTING_OPS_FILE = "synchronize"; EXISTING_WHITELIST_FILE = "synchronize";
WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7"; # Auto pause needs this
EXISTING_WHITELIST_FILE = "synchronize"; MAX_TICK_TIME = "-1";
AUTOPAUSE_KNOCK_INTERFACE = "tap0";
ENABLE_AUTOPAUSE = "true";
};
extraOptions = [
"--network=slirp4netns:port_handler=slirp4netns"
"--cap-add=CAP_NET_RAW"
];
# Auto pause needs this volumes = [
MAX_TICK_TIME = "-1"; "${atfc}:/modpack.zip"
AUTOPAUSE_KNOCK_INTERFACE = "tap0"; "${puffish_skills}:/mods/puffish_skills.jar"
ENABLE_AUTOPAUSE = "true"; "${spark}:/mods/spark.jar"
}; "${users.users.atfc.home}:/data"
extraOptions = [ #"/tmp/minecraft:/data"
"--network=slirp4netns:port_handler=slirp4netns" ];
"--cap-add=CAP_NET_RAW" ports = [ "25565:${toString port}" ];
]; };
};
volumes = [ networking.firewall.allowedTCPPorts = [ port ];
"${atfc}:/modpack.zip"
"${puffish_skills}:/mods/puffish_skills.jar"
"${spark}:/mods/spark.jar"
"${users.users.atfc.home}:/data"
#"/tmp/minecraft:/data"
];
ports = ["25565:${toString port}"];
};
};
networking.firewall.allowedTCPPorts = [port]; # anything-sync-daemon config
systemd.packages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ];
environment.systemPackages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ];
fileSystems.minecraftTmpfs = {
device = "none";
fsType = "tmpfs";
mountPoint = "/mnt/minecraftTmpfs";
options = [ "size=4G "];
};
environment.etc."asd.conf".text =
''WHATTOSYNC=('/var/lib/minecraft')
VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}"
USE_OVERLAYFS="yes" '';
systemd.services.asd = {
wantedBy = [ "podman-minecraft-atfc.service" ];
before = [ "podman-minecraft-atfc.service" ];
};
# anything-sync-daemon config
systemd.packages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon];
environment.systemPackages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon];
fileSystems.minecraftTmpfs = {
device = "none";
fsType = "tmpfs";
mountPoint = "/mnt/minecraftTmpfs";
options = ["size=4G "];
};
environment.etc."asd.conf".text = '' WHATTOSYNC=('/var/lib/minecraft')
VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}"
USE_OVERLAYFS="yes" '';
systemd.services.asd = {
wantedBy = ["podman-minecraft-atfc.service"];
before = ["podman-minecraft-atfc.service"];
};
} }

64
roles/server/nfs.nix
View file

@ -1,34 +1,36 @@
{config, ...}: { { config, lib, ... }:
services = {
nfs.server = {
enable = true;
exports = ''
${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid})
'';
# NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall
statdPort = 4000;
lockdPort = 4001;
mountdPort = 4002;
};
avahi.extraServiceFiles = { {
Transmission-downloads-nfs = '' services = {
<?xml version="1.0" standalone='no'?> nfs.server = {
<!DOCTYPE service-group SYSTEM "avahi-service.dtd"> enable = true;
<service-group> exports = ''
<name replace-wildcards="yes">Transmission Downloads on %h (NFS)</name> ${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid})
<service> '';
<type>_nfs._tcp</type> # NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall
<port>2049</port> statdPort = 4000;
<txt-record>path=${config.services.transmission.settings.download-dir}</txt-record> lockdPort = 4001;
</service> mountdPort = 4002;
</service-group> };
'';
};
};
networking.firewall = { avahi.extraServiceFiles = {
allowedTCPPorts = [111 2049 4000 40001 4002]; Transmission-downloads-nfs = ''
allowedUDPPorts = [111 2049 4000 40001 4002]; <?xml version="1.0" standalone='no'?>
}; <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">Transmission Downloads on %h (NFS)</name>
<service>
<type>_nfs._tcp</type>
<port>2049</port>
<txt-record>path=${config.services.transmission.settings.download-dir}</txt-record>
</service>
</service-group>
'';
};
};
networking.firewall = {
allowedTCPPorts = [ 111 2049 4000 40001 4002 ];
allowedUDPPorts = [ 111 2049 4000 40001 4002 ];
};
} }

68
roles/server/samba.nix
View file

@ -1,35 +1,37 @@
{config, ...}: { { config, lib, ... }:
services = {
samba = {
enable = true;
openFirewall = true;
extraConfig = ''
map to guest = bad user
guest account = transmission
'';
shares = {
"Transmission downloads" = {
path = "${config.services.transmission.settings.download-dir}";
"read only" = true;
public = true;
"guest only" = true;
browseable = true;
};
};
};
avahi.extraServiceFiles = { {
Transmission-downloads-smb = '' services = {
<?xml version="1.0" standalone='no'?> samba = {
<!DOCTYPE service-group SYSTEM "avahi-service.dtd"> enable = true;
<service-group> openFirewall = true;
<name replace-wildcards="yes">SMB shares on %h</name> extraConfig = ''
<service> map to guest = bad user
<type>_smb._tcp</type> guest account = transmission
<port>139</port> '';
</service> shares = {
</service-group> "Transmission downloads" = {
''; path = "${config.services.transmission.settings.download-dir}";
}; "read only" = true;
}; public = true;
"guest only" = true;
browseable = true;
};
};
};
avahi.extraServiceFiles = {
Transmission-downloads-smb = ''
<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">SMB shares on %h</name>
<service>
<type>_smb._tcp</type>
<port>139</port>
</service>
</service-group>
'';
};
};
} }

20
roles/server/ssh.nix
View file

@ -1,10 +1,12 @@
{...}: { { config, ... }:
services.openssh = {
enable = true; {
settings = { services.openssh = {
PermitRootLogin = "no"; enable = true;
PasswordAuthentication = false; settings = {
}; PermitRootLogin = "no";
startWhenNeeded = true; PasswordAuthentication = false;
}; };
startWhenNeeded = true;
};
} }

106
roles/server/syncthing.nix
View file

@ -1,55 +1,57 @@
{config, ...}: { { config, ... }:
services.syncthing = {
enable = true;
key = config.age.secrets.syncthingKey.path;
cert = config.age.secrets.syncthingCert.path;
guiAddress = "0.0.0.0:8384";
settings.folders = {
"passwords" = {
path = "${config.services.syncthing.dataDir}/passwords";
};
"school-things" = {
label = "School things";
id = "z6alc-nfoqr";
devices = ["steamdeck" "server" "pc" "winmax2"];
path = "${config.services.syncthing.dataDir}/school-things";
};
"steam-201810" = {
label = "Wolfenstein The New Order Saves";
id = "laxxf-t2wmy";
devices = ["steamdeck" "server" "pc" "winmax2"];
path = "${config.services.syncthing.dataDir}/steam-201810";
};
"retroarch" = {
label = "RetroArch";
id = "jxuou-2yjnu";
devices = ["steamdeck" "server" "pc" "winmax2"];
path = "${config.services.syncthing.dataDir}/retroarch";
};
};
};
systemd.services.syncthing.serviceConfig = {
# Allow syncthing to change ownership of files
AmbientCapabilities = "CAP_CHOWN CAP_FOWNER";
};
# Add a cname for syncthing {
services.dnsmasq.settings.cname = ["sync.everest.sable-pancake.ts.net,everest"]; services.syncthing = {
enable = true;
key = config.age.secrets.syncthingKey.path;
cert = config.age.secrets.syncthingCert.path;
guiAddress = "0.0.0.0:8384";
settings.folders = {
"passwords" = {
path = "${config.services.syncthing.dataDir}/passwords";
};
"school-things" = {
label = "School things";
id = "z6alc-nfoqr";
devices = [ "steamdeck" "server" "pc" "winmax2" ];
path = "${config.services.syncthing.dataDir}/school-things";
};
"steam-201810" = {
label = "Wolfenstein The New Order Saves";
id = "laxxf-t2wmy";
devices = [ "steamdeck" "server" "pc" "winmax2" ];
path = "${config.services.syncthing.dataDir}/steam-201810";
};
"retroarch"= {
label = "RetroArch";
id = "jxuou-2yjnu";
devices = [ "steamdeck" "server" "pc" "winmax2" ];
path = "${config.services.syncthing.dataDir}/retroarch";
};
};
};
systemd.services.syncthing.serviceConfig = {
# Allow syncthing to change ownership of files
AmbientCapabilities = "CAP_CHOWN CAP_FOWNER";
};
# Set up traefik as the reverse proxy for syncthing # Add a cname for syncthing
services.traefik = { services.dnsmasq.settings.cname = [ "sync.everest.sable-pancake.ts.net,everest" ];
dynamicConfigOptions = {
http = { # Set up traefik as the reverse proxy for syncthing
routers = { services.traefik = {
syncthing-subdomain = { dynamicConfigOptions = {
rule = "Host(`sync.everest.sable-pancake.ts.net`)"; http = {
service = "syncthing"; routers = {
}; syncthing-subdomain = {
}; rule = "Host(`sync.everest.sable-pancake.ts.net`)";
services.syncthing.loadBalancer.servers = [ service = "syncthing";
{url = "http://localhost:8384";} };
]; };
}; services.syncthing.loadBalancer.servers = [
}; { url = "http://localhost:8384"; }
}; ];
};
};
};
} }

12
roles/server/tailscale.nix
View file

@ -1,6 +1,8 @@
{...}: { { config, ... }:
services.tailscale = {
# This is needed for being an exit node {
useRoutingFeatures = "server"; services.tailscale = {
}; # This is needed for being an exit node
useRoutingFeatures = "server";
};
} }

Some files were not shown because too many files have changed in this diff Show more