Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity

Compare commits

base: Toast:e88fb8a16e0eeb94dd27b10a76cba6347ae4235b
Branches Tags
Toast:main
Toast:plasma-refactor
Toast:headscale
Toast:plasma6
Toast:catppuccin
Toast:kde-stuff
Toast:firefox
Toast:upgrade-to-23.05
..
compare: Toast:430bafb0b278ae4719f8a0e724cfe49429a188c5
Branches Tags
Toast:main
Toast:plasma-refactor
Toast:headscale
Toast:plasma6
Toast:catppuccin
Toast:kde-stuff
Toast:firefox
Toast:upgrade-to-23.05

4 commits
e88fb8a16e ... 430bafb0b2

Author SHA1 Message Date
Toast
430bafb0b2 Run deadnix 2024-03-20 13:03:05 +01:00
Toast
7888103b1e Format everything with alejandra 2024-03-20 12:54:25 +01:00
Toast
82bbd7ce87 Editors: format using alejandra 2024-03-20 12:44:55 +01:00
Toast
9351f85534 Flake: add alejandra to devshell 2024-03-20 11:45:17 +01:00
102 changed files with 2744 additions and 2780 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.helix/languages.toml Normal file
View file

@ -0,0 +1,3 @@
[[language]]
name = "nix"
formatter = { command = "alejandra" }

12
.vscode/settings.json vendored
View file

@ -1,5 +1,15 @@
{ {
"editor.detectIndentation": true, "editor.detectIndentation": true,
"editor.insertSpaces": true, "editor.insertSpaces": true,
"editor.defaultFormatter": "jnoortheen.nix-ide" "editor.defaultFormatter": "jnoortheen.nix-ide",
"nix.formatterPath": "alejandra",
"nix.serverSettings": {
"nil": {
"formatting": {
"command": [
"alejandra"
]
}
}
}
} }

384
flake.nix
View file

@ -1,205 +1,219 @@
{ {
description = "Configuration for Everest"; description = "Configuration for Everest";
inputs = { inputs = {
secrets = { secrets = {
url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets"; url = "git+ssh://forgejo@git.everest.sable-pancake.ts.net:4222/Toast/nix-secrets";
flake = false; flake = false;
}; };
nixpkgs-raw.url = "nixpkgs/nixos-23.11"; nixpkgs-raw.url = "nixpkgs/nixos-23.11";
nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable"; nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable";
agenix = { agenix = {
url = "github:ryantm/agenix"; url = "github:ryantm/agenix";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs-raw"; nixpkgs.follows = "nixpkgs-raw";
darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies
}; };
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-23.11"; url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs-raw"; inputs.nixpkgs.follows = "nixpkgs-raw";
}; };
home-manager-unstable = { home-manager-unstable = {
url = "github:nix-community/home-manager/"; url = "github:nix-community/home-manager/";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
}; };
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
jovian = { jovian = {
url = "github:Jovian-Experiments/Jovian-NixOS"; url = "github:Jovian-Experiments/Jovian-NixOS";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
}; };
nix-impermanence.url = "github:nix-community/impermanence";
/* nix-impermanence.url = "github:nix-community/impermanence";
These are the same input, just following different nixpkgs versions
This avoids some wierdness when using one that follows unstable on a stable nixpkgs
*/
nix-index-db = {
url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs-raw";
};
nix-index-db-unstable = { /*
url = "github:Mic92/nix-index-database"; These are the same input, just following different nixpkgs versions
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; This avoids some wierdness when using one that follows unstable on a stable nixpkgs
}; */
nix-index-db = {
url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs-raw";
};
plasma-manager = { nix-index-db-unstable = {
url = "github:pjones/plasma-manager"; url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
inputs.home-manager.follows = "home-manager-unstable"; };
};
catppuccin-vsc = { plasma-manager = {
url = "github:catppuccin/vscode"; url = "github:pjones/plasma-manager";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
}; inputs.home-manager.follows = "home-manager-unstable";
};
vscode-extensions = { catppuccin-vsc = {
url = "github:nix-community/nix-vscode-extensions"; url = "github:catppuccin/vscode";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw"; inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
};
}; vscode-extensions = {
nix-flatpak.url = "github:gmodena/nix-flatpak/main"; url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
};
nix-flatpak.url = "github:gmodena/nix-flatpak/main";
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
}; };
outputs = { ... } @inputs: with inputs; outputs = {...} @ inputs:
# Patch nixpkgs with inputs;
# https://ertt.ca/nix/patch-nixpkgs/ # Patch nixpkgs
let # https://ertt.ca/nix/patch-nixpkgs/
nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { let
name = "patched-nixpkgs-unstable"; nixpkgs-unstable-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {
src = nixpkgs-unstable-raw; name = "patched-nixpkgs-unstable";
patches = [ src = nixpkgs-unstable-raw;
]; patches = [
}; ];
nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { };
name = "patched-nixpkgs"; nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {
src = nixpkgs-raw; name = "patched-nixpkgs";
patches = [ src = nixpkgs-raw;
./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch patches = [
./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch ./nixpkgs-patches/0001-catppuccin-add-grub-theme.patch
]; ./nixpkgs-patches/0002-catppuccin-add-starship-theme.patch
}; ];
# https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26 };
nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs { self = inputs.self; }; # https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26
nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs { self = inputs.self; }; nixpkgs-unstable = (import "${nixpkgs-unstable-patched}/flake.nix").outputs {self = inputs.self;};
in nixpkgs = (import "${nixpkgs-patched}/flake.nix").outputs {self = inputs.self;};
{ in {
devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell { devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell {
name = "toast-devshell"; name = "toast-devshell";
# The agenix cli is not needed to activate a configuration, so instead of installing it # The agenix cli is not needed to activate a configuration, so instead of installing it
# I'll just add it to de devShell, since that's the only real time I'm going to use it. # I'll just add it to de devShell, since that's the only real time I'm going to use it.
packages = with nixpkgs.legacyPackages.x86_64-linux; [ packages = with nixpkgs.legacyPackages.x86_64-linux; [
agenix.packages.x86_64-linux.default agenix.packages.x86_64-linux.default
git git
nix-diff nix-diff
just just
nix-diff alejandra
]; ];
shellHook ='' shellHook = ''
export PS1="$PS1(toast-configs)> " export PS1="$PS1(toast-configs)> "
''; '';
}; };
packages = { packages = {
x86_64-linux = with import nixpkgs-unstable-raw { system = "x86_64-linux"; }; { x86_64-linux = with import nixpkgs-unstable-raw {system = "x86_64-linux";}; {
anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {}; anything-sync-daemon = callPackage ./pkgs/anything-sync-daemon {};
discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {}; discord-krisp-fixer = callPackage ./pkgs/discord-krisp-fixer {};
}; };
}; };
nixosConfigurations = { nixosConfigurations = {
Archie = nixpkgs-unstable.lib.nixosSystem { Archie = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; specialArgs = {
/* systemPkgs = inputs.nixpkgs-unstable-raw;
I used to set up nixpkgs in the flake, but doing that made flakeSelf = self;
defining overlays in modules impossible (or at least I could };
not figure out how) /*
Also has nice side effect of making it easier to add new systems :3 I used to set up nixpkgs in the flake, but doing that made
*/ defining overlays in modules impossible (or at least I could
modules = [ not figure out how)
agenix.nixosModules.default Also has nice side effect of making it easier to add new systems :3
home-manager-unstable.nixosModule */
nix-index-db-unstable.nixosModules.nix-index modules = [
./roles/common agenix.nixosModules.default
./roles/desktop home-manager-unstable.nixosModule
./roles/kde nix-index-db-unstable.nixosModules.nix-index
./roles/gaming ./roles/common
./roles/school ./roles/desktop
./machines/Archie ./roles/kde
]; ./roles/gaming
}; ./roles/school
./machines/Archie
];
};
SurfaceGo = nixpkgs-unstable.lib.nixosSystem { SurfaceGo = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; specialArgs = {
modules = [ systemPkgs = inputs.nixpkgs-unstable-raw;
agenix.nixosModules.default flakeSelf = self;
home-manager-unstable.nixosModule };
nixos-hardware.nixosModules.microsoft-surface-go modules = [
nix-index-db-unstable.nixosModules.nix-index agenix.nixosModules.default
./roles/common home-manager-unstable.nixosModule
./roles/desktop nixos-hardware.nixosModules.microsoft-surface-go
./roles/kde nix-index-db-unstable.nixosModules.nix-index
./machines/SurfaceGo ./roles/common
]; ./roles/desktop
}; ./roles/kde
./machines/SurfaceGo
];
};
SteamDeck = nixpkgs-unstable.lib.nixosSystem { SteamDeck = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; specialArgs = {
modules = [ systemPkgs = inputs.nixpkgs-unstable-raw;
agenix.nixosModules.default flakeSelf = self;
jovian.nixosModules.default };
home-manager-unstable.nixosModule modules = [
nix-index-db-unstable.nixosModules.nix-index agenix.nixosModules.default
./roles/common jovian.nixosModules.default
./roles/desktop home-manager-unstable.nixosModule
./roles/kde nix-index-db-unstable.nixosModules.nix-index
./roles/gaming ./roles/common
./roles/school ./roles/desktop
./machines/SteamDeck ./roles/kde
]; ./roles/gaming
}; ./roles/school
./machines/SteamDeck
];
};
WinMax2 = nixpkgs-unstable.lib.nixosSystem { WinMax2 = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { systemPkgs = inputs.nixpkgs-unstable-raw; flakeSelf = self; }; specialArgs = {
modules = [ systemPkgs = inputs.nixpkgs-unstable-raw;
agenix.nixosModules.default flakeSelf = self;
jovian.nixosModules.default };
home-manager-unstable.nixosModule modules = [
nix-index-db-unstable.nixosModules.nix-index agenix.nixosModules.default
nixos-hardware.nixosModules.gpd-win-max-2-2023 jovian.nixosModules.default
./roles/common home-manager-unstable.nixosModule
./roles/desktop nix-index-db-unstable.nixosModules.nix-index
./roles/kde nixos-hardware.nixosModules.gpd-win-max-2-2023
./roles/gaming ./roles/common
./roles/school ./roles/desktop
./machines/WinMax2 ./roles/kde
]; ./roles/gaming
}; ./roles/school
./machines/WinMax2
];
};
Everest = nixpkgs.lib.nixosSystem { Everest = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { systemPkgs = inputs.nixpkgs-raw; flakeSelf = self; }; specialArgs = {
modules = [ systemPkgs = inputs.nixpkgs-raw;
agenix.nixosModules.default flakeSelf = self;
home-manager.nixosModule };
nix-index-db.nixosModules.nix-index modules = [
./roles/common agenix.nixosModules.default
./roles/server home-manager.nixosModule
./machines/Everest nix-index-db.nixosModules.nix-index
]; ./roles/common
}; ./roles/server
}; ./machines/Everest
}; ];
};
};
};
} }

120
machines/Archie/configuration.nix
View file

@ -1,81 +1,79 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{ {
# Use grub boot loader config,
boot.loader = { pkgs,
systemd-boot.enable = false; ...
grub = { }: {
enable = true; # Use grub boot loader
device = "nodev"; boot.loader = {
efiSupport = true; systemd-boot.enable = false;
useOSProber = true; grub = {
}; enable = true;
efi.efiSysMountPoint = "/boot/efi"; device = "nodev";
}; efiSupport = true;
boot.loader.efi.canTouchEfiVariables = true; useOSProber = true;
};
efi.efiSysMountPoint = "/boot/efi";
};
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest; boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest;
networking.hostName = "Archie"; # Define your hostname. networking.hostName = "Archie"; # Define your hostname.
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
# Enable CUPS to print documents. # Enable CUPS to print documents.
# services.printing.enable = true; # services.printing.enable = true;
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
hardware.bluetooth.enable = true;
hardware.bluetooth.enable = true; # List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# List packages installed in system profile. To search, run: # Some programs need SUID wrappers, can be configured further or are
# $ nix search wget # started in user sessions.
# environment.systemPackages = with pkgs; [ # programs.mtr.enable = true;
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # programs.gnupg.agent = {
# wget # enable = true;
# ]; # enableSSHSupport = true;
# };
# Some programs need SUID wrappers, can be configured further or are # List services that you want to enable:
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable: # Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Enable the OpenSSH daemon. # Open ports in the firewall.
# services.openssh.enable = true; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Open ports in the firewall. # Or disable the firewall altogether.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.enable = false;
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/Archie/default.nix
View file

@ -1,8 +1,6 @@
{ ... }: {...}: {
imports = [
{ ./configuration.nix
imports = [ ./hardware-configuration.nix
./configuration.nix ];
./hardware-configuration.nix
];
} }

127
machines/Archie/hardware-configuration.nix
View file

@ -1,76 +1,79 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
# Enable support for the Xbox One wireless dongle # Enable support for the Xbox One wireless dongle
hardware.xone.enable = true; hardware.xone.enable = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [ "amdgpu" ]; boot.initrd.kernelModules = ["amdgpu"];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@root" "compress=zstd" ]; options = ["subvol=@root" "compress=zstd"];
}; };
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" "compress=zstd" ]; options = ["subvol=@nix" "compress=zstd"];
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@boot" "compress=zstd" ]; options = ["subvol=@boot" "compress=zstd"];
}; };
fileSystems."/boot/efi" = fileSystems."/boot/efi" = {
{ device = "/dev/disk/by-uuid/FB87-4CBC"; device = "/dev/disk/by-uuid/FB87-4CBC";
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems = { fileSystems = {
/* /*
Mount the root subvolume of the SSD Mount the root subvolume of the SSD
This is helpful for getting things from This is helpful for getting things from
my old Arch install, as well as for running btdu my old Arch install, as well as for running btdu
*/ */
"/mnt/ssd" = { "/mnt/ssd" = {
device = config.fileSystems."/".device; device = config.fileSystems."/".device;
fsType = config.fileSystems."/".fsType; fsType = config.fileSystems."/".fsType;
options = [ "subvolid=5" "ro" ]; options = ["subvolid=5" "ro"];
}; };
"/mnt/windows" = { "/mnt/windows" = {
device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F"; device = "/dev/disk/by-uuid/B61AFDAC1AFD6A2F";
fsType = "ntfs3"; fsType = "ntfs3";
neededForBoot = false; neededForBoot = false;
options = [ "noauto" "windows_names" ]; options = ["noauto" "windows_names"];
}; };
"/home" = { "/home" = {
device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" "compress=zstd" ]; options = ["subvol=@home" "compress=zstd"];
}; };
"/persist" = { "/persist" = {
device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf"; device = "/dev/disk/by-uuid/5322c217-b87b-4150-8b4c-a8fa17a899bf";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@persist" "compress=zstd" ]; options = ["subvol=@persist" "compress=zstd"];
neededForBoot = true; neededForBoot = true;
}; };
}; };
swapDevices = [ ]; swapDevices = [];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

115
machines/Everest/configuration.nix
View file

@ -1,68 +1,67 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{lib, ...}: {
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 5;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
{ config, pkgs, lib, ... }: # I'm using Nix OS, it's logo is a snowflake and the computer is
# a lot taller than the pi it's replacing, so Everest! :3 :3
networking.hostName = "Everest"; # Define your hostname.
{ # Set up networking
# Bootloader. networking = {
boot.loader.systemd-boot.enable = true; wireless.enable = false; # Computer doesn't have wifi
boot.loader.timeout = 5; enableIPv6 = false;
boot.loader.efi.canTouchEfiVariables = true; useNetworkd = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi"; dhcpcd.enable = false;
interfaces.eno1 = {
wakeOnLan.enable = true;
ipv4.addresses = [
{
address = "192.168.0.160";
prefixLength = 24;
}
];
};
# I use networkd, so I need to declare the interface for the default gateway
defaultGateway = {
address = "192.168.0.1";
interface = "eno1";
};
nameservers = ["9.9.9.9"];
};
# I'm using Nix OS, it's logo is a snowflake and the computer is # Define a user account. Don't forget to set a password with passwd.
# a lot taller than the pi it's replacing, so Everest! :3 :3 users.users.toast = {
networking.hostName = "Everest"; # Define your hostname. extraGroups = ["networkmanager" "transmission"];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop"
];
};
# Set up networking # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs
networking = { boot.tmp.useTmpfs = false;
wireless.enable = false; # Computer doesn't have wifi
enableIPv6 = false;
useNetworkd = true;
dhcpcd.enable = false;
interfaces.eno1 = {
wakeOnLan.enable = true;
ipv4.addresses = [ {
address = "192.168.0.160";
prefixLength = 24;
} ];
};
# I use networkd, so I need to declare the interface for the default gateway
defaultGateway = {
address = "192.168.0.1";
interface = "eno1";
};
nameservers = [ "9.9.9.9" ];
};
# Define a user account. Don't forget to set a password with passwd.
users.users.toast = {
extraGroups = [ "networkmanager" "transmission"];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2bOVmxUNvg9qFv9DlzMmTRlzcNsyNq1F1wBuAXySwsWAzHGaO+WGdSCINxW3k2ccXn7M/o1r89LeTzRzi8sWQYCpBaIqYVszM/r7SvTS4gASyKhM6lNlyUEPOnvCXH7rdtF+fjoA1TJPv7GBk78QRhGh+eVO3qhY1m++5C1CPFlyrc6sSfgIBQJ5GQZFl/7YEgsrPo+M+0Sd7LkaCOyNmJA0Wi0BA3bbf5sJhrZVMMg/p7w+eMphz2kd1VTVjW3yeMq9zLCiu4SOTBNGCMEvKIdUZbQ83lNrqO2z1/3T1bDwJgpz3xusfkNCeNJSmhfFw5ydHEUp/9jshq38WmulKAMw2Kl/Zed62AVU7Ux7YjUkZkWvo8i3eXuLUxoG891S7cWV1/ijs9QMajOLLT14FG7RbzUYYaYlx+/iNGji9d4sp9/oMYyO45TMe+vEezFSBygP7TY0QFOr4xTi49ZRQFsszbFnGRv+k3wVKoGoeNt0xWB8pBEPFtaeHJpQyJX8= id_rsa_moon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeu3crGqtxwaqgoQPt5mWlC8+PL/Icvcvo0MBAaK80L Key for work laptop"
];
};
# Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs home-manager = {
boot.tmp.useTmpfs = false; users.toast = {config, ...}: {
home = {
file = {
# This symlinks the Transmission downloads folder into my user's downloads folder for easy access
"Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads";
};
};
};
};
home-manager = { # Open ports in the firewall.
users.toast = { config, ... }: { # No idea what ports 5201 and 21027 do tho
home = { networking.firewall.allowedTCPPorts = [5201];
file = { networking.firewall.allowedUDPPorts = [5201 21027];
# This symlinks the Transmission downloads folder into my user's downloads folder for easy access # Or disable the firewall altogether.
"Downloads/Transmission".source = config.lib.file.mkOutOfStoreSymlink "/var/lib/transmission/Downloads"; # networking.firewall.enable = false;
};
};
};
};
# Open ports in the firewall.
# No idea what ports 5201 and 21027 do tho
networking.firewall.allowedTCPPorts = [ 5201 ];
networking.firewall.allowedUDPPorts = [ 5201 21027];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
} }

12
machines/Everest/default.nix
View file

@ -1,8 +1,6 @@
{ ... }: {...}: {
imports = [
{ ./configuration.nix
imports = [ ./hardware-configuration.nix
./configuration.nix ];
./hardware-configuration.nix
];
} }

103
machines/Everest/hardware-configuration.nix
View file

@ -1,61 +1,64 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = [ "compress=zstd" "subvol=@"]; options = ["compress=zstd" "subvol=@"];
}; };
"/nix" = { "/nix" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = [ "compress=zstd" "subvol=@nix" ]; options = ["compress=zstd" "subvol=@nix"];
}; };
"/home" = { "/home" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = [ "compress=zstd" "subvol=@home" ]; options = ["compress=zstd" "subvol=@home"];
}; };
"/mnt/hdd" = { "/mnt/hdd" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = [ "compress=zstd" "subvol=/" "ro" ]; options = ["compress=zstd" "subvol=/" "ro"];
}; };
"/persist" = { "/persist" = {
device = "/dev/disk/by-label/Everest"; device = "/dev/disk/by-label/Everest";
fsType = "btrfs"; fsType = "btrfs";
options = [ "compress=zstd" "subvol=@persist" ]; options = ["compress=zstd" "subvol=@persist"];
neededForBoot = true; neededForBoot = true;
}; };
}; };
fileSystems."/boot/efi" = fileSystems."/boot/efi" = {
{ device = "/dev/disk/by-label/Boot"; device = "/dev/disk/by-label/Boot";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true; # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

164
machines/SteamDeck/configuration.nix
View file

@ -1,103 +1,103 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, lib, ... }:
{ {
# Use grub boot loader config,
boot.loader = { pkgs,
systemd-boot.enable = false; lib,
grub = { ...
enable = true; }: {
device = "nodev"; # Use grub boot loader
efiSupport = true; boot.loader = {
# No other OS on here :P systemd-boot.enable = false;
useOSProber = false; grub = {
}; enable = true;
efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; device = "nodev";
}; efiSupport = true;
boot.loader.efi.canTouchEfiVariables = true; # No other OS on here :P
useOSProber = false;
};
efi.efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint;
};
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "SteamDeck"; # Define your hostname. networking.hostName = "SteamDeck"; # Define your hostname.
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
jovian = { jovian = {
devices.steamdeck = { devices.steamdeck = {
enable = true; enable = true;
}; };
# Steam Deck UI settings # Steam Deck UI settings
steam = { steam = {
enable = true; enable = true;
autoStart = true; autoStart = true;
user = "toast"; user = "toast";
desktopSession = "plasmawayland"; desktopSession = "plasmawayland";
}; };
decky-loader = { decky-loader = {
enable = true; enable = true;
}; };
}; };
services.xserver.displayManager.sddm.enable = lib.mkForce false; services.xserver.displayManager.sddm.enable = lib.mkForce false;
# Enable bluetooth # Enable bluetooth
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
}; };
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
# Enable CUPS to print documents. # Enable CUPS to print documents.
# services.printing.enable = true; # services.printing.enable = true;
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
# Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs
boot.tmp.useTmpfs = false; boot.tmp.useTmpfs = false;
environment.systemPackages = [ pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme ]; environment.systemPackages = [pkgs.steamdeck-firmware pkgs.steamdeck-hw-theme];
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
# environment.systemPackages = with pkgs; [ # environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
# ]; # ];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;
# programs.gnupg.agent = { # programs.gnupg.agent = {
# enable = true; # enable = true;
# enableSSHSupport = true; # enableSSHSupport = true;
# }; # };
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/SteamDeck/default.nix
View file

@ -1,8 +1,6 @@
{ ... }: {...}: {
imports = [
{ ./configuration.nix
imports = [ ./hardware-configuration.nix
./configuration.nix ];
./hardware-configuration.nix
];
} }

123
machines/SteamDeck/hardware-configuration.nix
View file

@ -1,71 +1,72 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
let
# \x20 is the escape code for a space
ssdLabel = ''Deck\\x20SSD'';
in
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; modulesPath,
...
}: let
# \x20 is the escape code for a space
ssdLabel = ''Deck\\x20SSD'';
in {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
# Enable support for the Xbox One wireless dongle # Enable support for the Xbox One wireless dongle
hardware.xone.enable = true; hardware.xone.enable = true;
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ]; boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems = { fileSystems = {
"efi_boot_partition" = { "efi_boot_partition" = {
mountPoint = "/boot/efi"; mountPoint = "/boot/efi";
label = "deckboot"; label = "deckboot";
fsType = "vfat"; fsType = "vfat";
}; };
/* /*
Mount the root subvolume of the SSD Mount the root subvolume of the SSD
This is helpful for getting things from This is helpful for getting things from
my old Arch install, as well as for running btdu my old Arch install, as well as for running btdu
*/ */
"btrfs_root_subvolume" = { "btrfs_root_subvolume" = {
mountPoint = "/mnt/ssd"; mountPoint = "/mnt/ssd";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvolid=5" "ro" ]; options = ["subvolid=5" "ro"];
}; };
"btrfs_root" = { "btrfs_root" = {
mountPoint = "/"; mountPoint = "/";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" "compress=zstd" ]; options = ["subvol=@" "compress=zstd"];
}; };
"btrfs_boot" = { "btrfs_boot" = {
mountPoint = "/boot"; mountPoint = "/boot";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@boot" "compress=zstd" ]; options = ["subvol=@boot" "compress=zstd"];
}; };
"btrfs_home" = { "btrfs_home" = {
mountPoint = "/home"; mountPoint = "/home";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" "compress=zstd" ]; options = ["subvol=@home" "compress=zstd"];
}; };
"btrfs_nix" = { "btrfs_nix" = {
mountPoint = "/nix"; mountPoint = "/nix";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" "compress=zstd" ]; options = ["subvol=@nix" "compress=zstd"];
}; };
}; };
swapDevices = [ ]; swapDevices = [];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

142
machines/SurfaceGo/configuration.nix
View file

@ -1,92 +1,92 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, lib, ... }:
{ {
boot = { config,
loader = { pkgs,
# Use grub boot loader lib,
systemd-boot.enable = false; ...
grub = { }: {
enable = true; boot = {
device = "nodev"; loader = {
efiSupport = true; # Use grub boot loader
enableCryptodisk = true; systemd-boot.enable = false;
}; grub = {
efi = { enable = true;
efiSysMountPoint = "/boot/efi"; device = "nodev";
canTouchEfiVariables = true; efiSupport = true;
}; enableCryptodisk = true;
}; };
# I need systemd for tpm luks unlocking efi = {
initrd.systemd.enable = true; efiSysMountPoint = "/boot/efi";
}; canTouchEfiVariables = true;
};
};
# I need systemd for tpm luks unlocking
initrd.systemd.enable = true;
};
security.tpm2.enable = true; security.tpm2.enable = true;
networking.hostName = "SurfaceGo"; # Define your hostname. networking.hostName = "SurfaceGo"; # Define your hostname.
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
console = { console = {
# The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font # The kernel doesn't detect the scree as being HiDPI, so I need to use a bigger font
font = "ter-i32n"; font = "ter-i32n";
}; };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound. # Enable CUPS to print documents.
# sound.enable = true; # services.printing.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable sound.
# services.xserver.libinput.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true;
# List packages installed in system profile. To search, run: # Enable touchpad support (enabled default in most desktopManager).
# $ nix search wget # services.xserver.libinput.enable = true;
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it # List packages installed in system profile. To search, run:
boot.kernelPackages = lib.mkForce pkgs.linuxPackages; # $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are # The surface kernel sometimes fails to suspend/shutdown and I got tired of fighting it
# started in user sessions. boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable: # Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# Enable the OpenSSH daemon. # List services that you want to enable:
# services.openssh.enable = true;
# Open ports in the firewall. # Enable the OpenSSH daemon.
# networking.firewall.allowedTCPPorts = [ ... ]; # services.openssh.enable = true;
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system # Open ports in the firewall.
# (/run/current-system/configuration.nix). This is useful in case you # networking.firewall.allowedTCPPorts = [ ... ];
# accidentally delete configuration.nix. # networking.firewall.allowedUDPPorts = [ ... ];
# system.copySystemConfiguration = true; # Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/SurfaceGo/default.nix
View file

@ -1,8 +1,6 @@
{ ... }: {...}: {
imports = [
{ ./configuration.nix
imports = [ ./hardware-configuration.nix
./configuration.nix ];
./hardware-configuration.nix
];
} }

75
machines/SurfaceGo/hardware-configuration.nix
View file

@ -1,49 +1,50 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:
{ {
config,
lib,
...
}: {
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc" ]; boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf";
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.luks.devices."SSD".device = "/dev/disk/by-uuid/1d8d7578-d3a1-4ea0-90ad-4257266a6caf"; fileSystems."/" = {
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs";
options = ["subvol=@" "compress=zstd"];
};
fileSystems."/" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" "compress=zstd" ]; options = ["subvol=@boot" "compress=zstd"];
}; };
fileSystems."/boot" = { fileSystems."/nix" = {
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@boot" "compress=zstd" ]; options = ["subvol=@nix" "compress=zstd"];
}; };
fileSystems."/nix" ={ fileSystems."/home" = {
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" "compress=zstd" ]; options = ["subvol=@home" "compress=zstd"];
}; };
fileSystems."/home" = { fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/19a52b40-3ff6-47ff-9402-18d8b289643e"; device = "/dev/disk/by-uuid/EC76-201F";
fsType = "btrfs"; fsType = "vfat";
options = [ "subvol=@home" "compress=zstd" ]; };
};
fileSystems."/boot/efi" = { swapDevices = [];
device = "/dev/disk/by-uuid/EC76-201F";
fsType = "vfat";
};
swapDevices = []; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

256
machines/WinMax2/configuration.nix
View file

@ -1,153 +1,153 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, lib, ... }:
{ {
# Use grub boot loader config,
boot = { pkgs,
loader = { lib,
systemd-boot.enable = false; ...
grub = { }: {
enable = true; # Use grub boot loader
device = "nodev"; boot = {
efiSupport = true; loader = {
# No other OS on here :P systemd-boot.enable = false;
useOSProber = false; grub = {
}; enable = true;
efi = { device = "nodev";
efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint; efiSupport = true;
canTouchEfiVariables = true; # No other OS on here :P
}; useOSProber = false;
}; };
/* efi = {
I use luks, and the systemd initrd works better for this efiSysMountPoint = config.fileSystems."efi_boot_partition".mountPoint;
Both for tpm unlocking (soon) and for plymouth canTouchEfiVariables = true;
*/ };
initrd.systemd.enable = true; };
# Plymouth doesn't support fractional scaling :( /*
plymouth.extraConfig = "DeviceScale=2"; I use luks, and the systemd initrd works better for this
Both for tpm unlocking (soon) and for plymouth
*/
initrd.systemd.enable = true;
# Plymouth doesn't support fractional scaling :(
plymouth.extraConfig = "DeviceScale=2";
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
}; };
networking.hostName = "WinMax2"; # Define your hostname. networking.hostName = "WinMax2"; # Define your hostname.
specialisation.noAVX512.configuration = { specialisation.noAVX512.configuration = {
# For some reason The Finals crashes on CPUs that support AVX512 # For some reason The Finals crashes on CPUs that support AVX512
boot.kernelParams = [ "clearcpuid=304" ]; boot.kernelParams = ["clearcpuid=304"];
}; };
# Sleep fixes # Sleep fixes
boot.kernelParams = [ "rtc_cmos.use_acpi_alarm=1" ]; boot.kernelParams = ["rtc_cmos.use_acpi_alarm=1"];
services.udev.extraRules = '' services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled" ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="GXTP7385:00", ATTR{power/wakeup}="disabled"
ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled" ACTION=="add", SUBSYSTEM=="i2c", ATTR{name}=="PNP0C50:00", ATTR{power/wakeup}="disabled"
''; '';
services.handheld-daemon = { services.handheld-daemon = {
package = pkgs.handheld-daemon.overridePythonAttrs rec{ package = pkgs.handheld-daemon.overridePythonAttrs rec {
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "hhd-dev"; owner = "hhd-dev";
repo = "hhd"; repo = "hhd";
rev = "v${version}"; rev = "v${version}";
hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc="; hash = "sha256-Ujbou+f/EvHyqpp3FCNqIyZiCEFxSeQfflR3JmRxWFc=";
}; };
version = "1.3.13"; version = "1.3.13";
}; };
enable = true; enable = true;
user = "root"; user = "root";
}; };
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
services.xserver = { services.xserver = {
xkb.layout = lib.mkForce "us"; xkb.layout = lib.mkForce "us";
displayManager.sddm.settings = { displayManager.sddm.settings = {
General.GreeterEnvironment="QT_SCREEN_SCALE_FACTORS=1.75"; General.GreeterEnvironment = "QT_SCREEN_SCALE_FACTORS=1.75";
}; };
}; };
jovian = { jovian = {
# Steam Deck UI settings # Steam Deck UI settings
steam = { steam = {
enable = true; enable = true;
autoStart = false; autoStart = false;
user = "toast"; user = "toast";
desktopSession = "plasmawayland"; desktopSession = "plasmawayland";
}; };
hardware.amd.gpu.enableBacklightControl = true; hardware.amd.gpu.enableBacklightControl = true;
# Need patched mesa # Need patched mesa
steamos = { steamos = {
enableMesaPatches = true; enableMesaPatches = true;
enableVendorRadv = true; enableVendorRadv = true;
}; };
decky-loader = { decky-loader = {
enable = true; enable = true;
}; };
}; };
# Enable bluetooth # Enable bluetooth
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
}; };
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.layout = "us"; # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape"; # services.xserver.xkbOptions = "eurosign:e,caps:escape";
# Enable CUPS to print documents. # Enable CUPS to print documents.
# services.printing.enable = true; # services.printing.enable = true;
environment.sessionVariables = { environment.sessionVariables = {
STEAM_FORCE_DESKTOPUI_SCALING = "1.75"; STEAM_FORCE_DESKTOPUI_SCALING = "1.75";
}; };
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
# Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs # Large builds (the linux kernel) fail to build because /tmp is too small when using tmpfs
boot.tmp.useTmpfs = false; boot.tmp.useTmpfs = false;
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
# environment.systemPackages = with pkgs; [ # environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
# ]; # ];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;
# programs.gnupg.agent = { # programs.gnupg.agent = {
# enable = true; # enable = true;
# enableSSHSupport = true; # enableSSHSupport = true;
# }; # };
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
} }

12
machines/WinMax2/default.nix
View file

@ -1,8 +1,6 @@
{ ... }: {...}: {
imports = [
{ ./configuration.nix
imports = [ ./hardware-configuration.nix
./configuration.nix ];
./hardware-configuration.nix
];
} }

129
machines/WinMax2/hardware-configuration.nix
View file

@ -1,74 +1,75 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, modulesPath, ... }:
let
# \x20 is the escape code for a space
ssdLabel = ''Win\\x20Max\\x202\\x20SSD'';
in
{ {
imports = [ config,
(modulesPath + "/installer/scan/not-detected.nix") lib,
]; modulesPath,
...
}: let
# \x20 is the escape code for a space
ssdLabel = ''Win\\x20Max\\x202\\x20SSD'';
in {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci" ]; boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usbhid" "sdhci_pci"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc"; boot.initrd.luks.devices."SSD".device = "/dev/disk/by-label/wm2-enc";
fileSystems = { fileSystems = {
"efi_boot_partition" = { "efi_boot_partition" = {
mountPoint = "/boot"; mountPoint = "/boot";
label = "winmax2boot"; label = "winmax2boot";
fsType = "vfat"; fsType = "vfat";
}; };
/* /*
Mount the root subvolume of the SSD Mount the root subvolume of the SSD
This is helpful for getting things from This is helpful for getting things from
my old Arch install, as well as for running btdu my old Arch install, as well as for running btdu
*/ */
"btrfs_root_subvolume" = { "btrfs_root_subvolume" = {
mountPoint = "/mnt/ssd"; mountPoint = "/mnt/ssd";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvolid=5" "ro" ]; options = ["subvolid=5" "ro"];
}; };
"btrfs_root" = { "btrfs_root" = {
mountPoint = "/"; mountPoint = "/";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" ]; options = ["subvol=@"];
}; };
"btrfs_persist" = { "btrfs_persist" = {
mountPoint = "/persist"; mountPoint = "/persist";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@persist" ]; options = ["subvol=@persist"];
neededForBoot = true; neededForBoot = true;
}; };
"btrfs_home" = { "btrfs_home" = {
mountPoint = "/home"; mountPoint = "/home";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = ["subvol=@home"];
}; };
"btrfs_nix" = { "btrfs_nix" = {
mountPoint = "/nix"; mountPoint = "/nix";
label = ssdLabel; label = ssdLabel;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" ]; options = ["subvol=@nix"];
}; };
}; };
swapDevices = [ ]; swapDevices = [];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = { hardware = {
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
sensor.iio.bmi260.enable = true; sensor.iio.bmi260.enable = true;
}; };
} }

91
pkgs/anything-sync-daemon/default.nix
View file

@ -1,56 +1,57 @@
{ stdenv {
, lib stdenv,
, fetchFromGitHub lib,
, makeWrapper fetchFromGitHub,
, rsync makeWrapper,
, gawk rsync,
, pv gawk,
, gnutar pv,
, zstd gnutar,
, util-linux zstd,
, coreutils util-linux,
, gnugrep coreutils,
, findutils gnugrep,
findutils,
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "anything-sync-daemon"; pname = "anything-sync-daemon";
version = "6.0.0"; version = "6.0.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "graysky2"; owner = "graysky2";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I="; hash = "sha256-6nfaAMH5YgK6gimuZ8j1zWLTDOi11KIwW7Bf0Iwh7+I=";
}; };
patches = [ ./disableDaemonStopTargets.patch ]; patches = [./disableDaemonStopTargets.patch];
nativeBuildInputs = [ makeWrapper ]; nativeBuildInputs = [makeWrapper];
postPatch = '' postPatch = ''
substituteInPlace init/asd* \ substituteInPlace init/asd* \
--replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon --replace /usr/bin/anything-sync-daemon $out/bin/anything-sync-daemon
''; '';
enableParallelBuilding = true; enableParallelBuilding = true;
makeFlags = [ makeFlags = [
"DESTDIR=${placeholder "out"}" "DESTDIR=${placeholder "out"}"
"PREFIX=" "PREFIX="
"INITDIR_SYSTEMD=/lib/systemd/system" "INITDIR_SYSTEMD=/lib/systemd/system"
]; ];
installTargets = [ "install-systemd-all" ]; installTargets = ["install-systemd-all"];
postInstall = '' postInstall = ''
wrapProgram $out/bin/anything-sync-daemon \ wrapProgram $out/bin/anything-sync-daemon \
--suffix PATH : ${lib.makeBinPath [ rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]} --suffix PATH : ${lib.makeBinPath [rsync gawk pv gnutar zstd util-linux coreutils gnugrep findutils]}
''; '';
meta = with lib; { meta = with lib; {
description = "Symlinks and syncs user specified dirs to RAM"; description = "Symlinks and syncs user specified dirs to RAM";
homepage = "https://github.com/graysky2/anything-sync-daemon/"; homepage = "https://github.com/graysky2/anything-sync-daemon/";
license = lib.licenses.mit; license = lib.licenses.mit;
platforms = platforms.linux; platforms = platforms.linux;
}; };
} }

238
roles/common/configuration.nix
View file

@ -1,132 +1,136 @@
{ config, lib, pkgs, flakeSelf, ... }:
{ {
imports = [ flakeSelf.inputs.nur.nixosModules.nur ]; config,
environment = { lib,
# As of the 1st of May 2023, the default packages are nano, perl, rsync and strace pkgs,
# I don't need any of them, so I just empty the list flakeSelf,
defaultPackages = []; ...
}; }: {
imports = [flakeSelf.inputs.nur.nixosModules.nur];
environment = {
# As of the 1st of May 2023, the default packages are nano, perl, rsync and strace
# I don't need any of them, so I just empty the list
defaultPackages = [];
};
# Set up /tmp # Set up /tmp
boot.tmp = { boot.tmp = {
useTmpfs = false; useTmpfs = false;
# Cleaning out /tmp at boot if it's a tmpfs is quite stupid # Cleaning out /tmp at boot if it's a tmpfs is quite stupid
cleanOnBoot = !config.boot.tmp.useTmpfs; cleanOnBoot = !config.boot.tmp.useTmpfs;
}; };
# Set up zram # Set up zram
zramSwap = { zramSwap = {
enable = true; enable = true;
priority = 100; priority = 100;
memoryPercent = 60; memoryPercent = 60;
# zstd my beloved <3 # zstd my beloved <3
algorithm = "zstd"; algorithm = "zstd";
}; };
# zswap with zram is not a good idea # zswap with zram is not a good idea
boot.kernelParams = [ "zswap.enabled=0" ]; boot.kernelParams = ["zswap.enabled=0"];
# Set up keyboard layout # Set up keyboard layout
services.xserver.xkb.layout = "es"; services.xserver.xkb.layout = "es";
# Set up console # Set up console
console = { console = {
packages = [ pkgs.terminus_font ]; packages = [pkgs.terminus_font];
earlySetup = true; earlySetup = true;
# mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware # mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware
font = lib.mkOverride 999 "ter-i16n"; font = lib.mkOverride 999 "ter-i16n";
# Make the console use X's keyboard configuration # Make the console use X's keyboard configuration
useXkbConfig = true; useXkbConfig = true;
}; };
boot.supportedFilesystems = [ "nfs" ]; boot.supportedFilesystems = ["nfs"];
# Set up localisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_NUMERIC = "es_ES.UTF-8";
# am/pm is nice but mm/dd/yy is yucky
LC_TIME = "es_US.UTF-8";
LC_MONETARY = "es_ES.UTF-8";
LC_MEASUREMENT = "es_ES.UTF-8";
LC_PAPER = "es_ES.UTF-8";
LC_ADDRESS = "es_US.UTF-8";
LC_NAME = "es_ES.UTF-8";
LC_TELEPHONE = "es_ES.UTF-8";
};
};
services.fwupd.enable = true; # Set up localisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_NUMERIC = "es_ES.UTF-8";
# am/pm is nice but mm/dd/yy is yucky
LC_TIME = "es_US.UTF-8";
LC_MONETARY = "es_ES.UTF-8";
LC_MEASUREMENT = "es_ES.UTF-8";
LC_PAPER = "es_ES.UTF-8";
LC_ADDRESS = "es_US.UTF-8";
LC_NAME = "es_ES.UTF-8";
LC_TELEPHONE = "es_ES.UTF-8";
};
};
# Set up my user services.fwupd.enable = true;
users.users.toast = {
isNormalUser = true;
description = "Toast";
extraGroups = [ "wheel" ];
};
# Set up time zone. # Set up my user
time.timeZone = "Europe/Madrid"; users.users.toast = {
isNormalUser = true;
description = "Toast";
extraGroups = ["wheel"];
};
nixpkgs.overlays = [ # Set up time zone.
( time.timeZone = "Europe/Madrid";
final: prev: {
catppuccin = prev.catppuccin.override {
accent = "mauve";
variant = "mocha";
themeList = [
"bat"
"btop"
"starship"
"grub"
];
};
}
)
];
home-manager = { nixpkgs.overlays = [
backupFileExtension = "hm-backup"; (
useGlobalPkgs = true; final: prev: {
verbose = true; catppuccin = prev.catppuccin.override {
users.toast = { config, ... }: { accent = "mauve";
home.stateVersion = "23.11"; variant = "mocha";
xdg = { themeList = [
userDirs = { "bat"
enable = true; "btop"
createDirectories = true; "starship"
publicShare = null; # Disable the public folder "grub"
}; ];
}; };
}; }
}; )
];
# Set up secrets home-manager = {
age = { backupFileExtension = "hm-backup";
identityPaths = [ useGlobalPkgs = true;
"/persist/id_host" verbose = true;
]; users.toast = {...}: {
}; home.stateVersion = "23.11";
xdg = {
userDirs = {
enable = true;
createDirectories = true;
publicShare = null; # Disable the public folder
};
};
};
};
boot.loader.grub = { # Set up secrets
theme = "${pkgs.catppuccin}/grub"; age = {
backgroundColor = "#1E1E2E"; identityPaths = [
splashImage = "${pkgs.catppuccin}/grub/background.png"; "/persist/id_host"
}; ];
};
/* boot.loader.grub = {
I used to keep the host keys in the repo as a secret, but since I use the theme = "${pkgs.catppuccin}/grub";
host keys for decrypting too I'm not sure encrypting a key with itself backgroundColor = "#1E1E2E";
is a good idea. Now the host keys will need to be placed manually where they are needed splashImage = "${pkgs.catppuccin}/grub/background.png";
For first time installs they are generated by services.openssh.hostKeys on servers, and };
manually on everything else
*/ /*
I used to keep the host keys in the repo as a secret, but since I use the
system = { host keys for decrypting too I'm not sure encrypting a key with itself
stateVersion = "23.11"; is a good idea. Now the host keys will need to be placed manually where they are needed
# Nix on nixos 23.05 does not have dirtyRev For first time installs they are generated by services.openssh.hostKeys on servers, and
configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty"; manually on everything else
nixos.variant_id = lib.strings.toLower config.networking.hostName; */
};
system = {
stateVersion = "23.11";
# Nix on nixos 23.05 does not have dirtyRev
configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty";
nixos.variant_id = lib.strings.toLower config.networking.hostName;
};
} }

14
roles/common/default.nix
View file

@ -1,9 +1,7 @@
{ ... }: {...}: {
imports = [
{ ./programs
imports = [ ./services
./programs ./configuration.nix
./services ];
./configuration.nix
];
} }

16
roles/common/programs/bash.nix
View file

@ -1,10 +1,8 @@
{ config, ... }: {...}: {
home-manager.users.toast = {...}: {
{ programs.bash = {
home-manager.users.toast = { config, ... }: { enable = true;
programs.bash = { enableVteIntegration = true;
enable = true; };
enableVteIntegration = true; };
};
};
} }

42
roles/common/programs/bat.nix
View file

@ -1,21 +1,25 @@
{ config, pkgs, ... }:
let
themeName = if config.system.nixos.release == "23.11" then "Catppuccin-mocha" else "Catppuccin Mocha";
in
{ {
home-manager = { config,
users.toast.programs.bat = { pkgs,
enable = true; ...
config = { }: let
theme = "catppuccin-mocha"; themeName =
}; if config.system.nixos.release == "23.11"
themes = { then "Catppuccin-mocha"
catppuccin-mocha = { else "Catppuccin Mocha";
src = pkgs.catppuccin; in {
file = "bat/${themeName}.tmTheme"; home-manager = {
}; users.toast.programs.bat = {
}; enable = true;
}; config = {
}; theme = "catppuccin-mocha";
};
themes = {
catppuccin-mocha = {
src = pkgs.catppuccin;
file = "bat/${themeName}.tmTheme";
};
};
};
};
} }

6
roles/common/programs/btop.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home-manager = { home-manager = {
users.toast = { users.toast = {
programs.btop = { programs.btop = {
@ -14,4 +12,4 @@
}; };
}; };
}; };
} }

12
roles/common/programs/comma.nix
View file

@ -1,8 +1,6 @@
{ config, pkgs, ... }: {...}: {
# Use nix-index-database's comma wrapper
{ programs.nix-index-database.comma.enable = true;
# Use nix-index-database's comma wrapper # Run programs from the system's nixpkgs
programs.nix-index-database.comma.enable = true; environment.variables = {COMMA_NIXPKGS_FLAKE = "system";};
# Run programs from the system's nixpkgs
environment.variables = { COMMA_NIXPKGS_FLAKE="system"; };
} }

8
roles/common/programs/command-not-found.nix
View file

@ -1,6 +1,4 @@
{ config, ... }: {...}: {
# The nixpkgs command-not-found script does not work with flakes, so I disable it
{ programs.command-not-found.enable = false;
# The nixpkgs command-not-found script does not work with flakes, so I disable it
programs.command-not-found.enable = false;
} }

60
roles/common/programs/default.nix
View file

@ -1,32 +1,30 @@
{ config, pkgs, ... }: {pkgs, ...}: {
imports = [
{ ./htop.nix
imports = [ ./nix.nix
./htop.nix ./micro.nix
./nix.nix ./nix-index.nix
./micro.nix ./command-not-found.nix
./nix-index.nix ./comma.nix
./command-not-found.nix ./bash.nix
./comma.nix ./git.nix
./bash.nix ./starship.nix
./git.nix ./bat.nix
./starship.nix ./btop.nix
./bat.nix ./helix.nix
./btop.nix ./direnv.nix
./helix.nix ];
./direnv.nix # Some programs dont have a programs.*.enable option, so I install their package here
]; environment.systemPackages = with pkgs; [
# Some programs dont have a programs.*.enable option, so I install their package here speedtest-cli
environment.systemPackages = with pkgs; [ # Bat has a home manager module, but I want it to be available system wide
speedtest-cli bat
# Bat has a home manager module, but I want it to be available system wide file
bat nvd
file ncdu
nvd tree
ncdu btdu
tree iperf3
btdu restic
iperf3 ];
restic
];
} }

4
roles/common/programs/direnv.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
programs.direnv = { programs.direnv = {
enable = true; enable = true;
nix-direnv = { nix-direnv = {

61
roles/common/programs/git.nix
View file

@ -1,34 +1,29 @@
{ config, pkgs, ... }: {pkgs, ...}: let
catppuccinDelta = pkgs.fetchFromGitHub {
let owner = "catppuccin";
catppuccinDelta = pkgs.fetchFromGitHub { repo = "delta";
owner = "catppuccin"; rev = "main";
repo = "delta"; hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs=";
rev = "main"; };
hash = "sha256-0QQLkfLBVuB2re6tjtPNuOQZNK0MDBAIFgNGHZM8afs="; in {
}; home-manager.users.toast = {
in programs.git = {
enable = true;
{ userName = "Toast";
home-manager.users.toast = { userEmail = "toast003@tutamail.com";
programs.git = { delta = {
enable = true; enable = true;
userName = "Toast"; options = {
userEmail = "toast003@tutamail.com"; syntax-theme = "catppuccin-mocha";
delta = { features = "catppuccin-mocha";
enable = true; };
options = { };
syntax-theme = "catppuccin-mocha"; includes = [{path = "${catppuccinDelta}/themes/mocha.gitconfig";}];
features = "catppuccin-mocha"; extraConfig = {
}; init.defaultBranch = "main";
}; diff.colorMoved = "default";
includes = [{ path = "${catppuccinDelta}/themes/mocha.gitconfig"; }]; commit.verbose = "true";
extraConfig = { };
init.defaultBranch = "main"; };
diff.colorMoved = "default"; };
commit.verbose = "true";
};
};
};
} }

6
roles/common/programs/helix.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home-manager.users.toast = { home-manager.users.toast = {
programs.helix = { programs.helix = {
enable = true; enable = true;
@ -9,7 +7,7 @@
nixpkgs-fmt nixpkgs-fmt
nil nil
]; ];
settings = { settings = {
theme = "catppuccin_mocha"; theme = "catppuccin_mocha";
editor = { editor = {
mouse = true; mouse = true;

26
roles/common/programs/htop.nix
View file

@ -1,15 +1,13 @@
{ config, ... }: {...}: {
programs.htop = {
{ enable = true;
programs.htop = { settings = {
enable = true; tree_view = 1;
settings = { highlight_base_name = 1;
tree_view = 1; show_program_path = 0;
highlight_base_name = 1; show_cpu_frequency = 1;
show_program_path = 0; show_cpu_temperature = 1;
show_cpu_frequency = 1; hide_userland_threads = 1;
show_cpu_temperature = 1; };
hide_userland_threads = 1; };
};
};
} }

29
roles/common/programs/micro.nix
View file

@ -1,17 +1,14 @@
{ config, pkgs, ... }: {...}: {
home-manager = {
{ users.toast = {...}: {
home-manager = { programs.micro = {
users.toast = { config, pkgs, ... }: enable = true;
{ settings = {
programs.micro = { clipboard = "internal";
enable = true; indentchar = "|";
settings = { softwrap = true;
clipboard = "internal"; };
indentchar = "|"; };
softwrap = true; };
}; };
};
};
};
} }

28
roles/common/programs/nix-index.nix
View file

@ -1,15 +1,15 @@
{ config, ... }: {...}: {
/*
{ environment.systemPackages = [ pkgs.nix-index ];
/* environment.systemPackages = [ pkgs.nix-index ]; programs.bash.interactiveShellInit = ''
programs.bash.interactiveShellInit = '' source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh
source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh '';
''; */ */
programs.nix-index = { programs.nix-index = {
enable = true; enable = true;
enableBashIntegration = true; enableBashIntegration = true;
# I don't use zsh or fish (yet) # I don't use zsh or fish (yet)
enableZshIntegration = false; enableZshIntegration = false;
enableFishIntegration = false; enableFishIntegration = false;
}; };
} }

53
roles/common/programs/nix.nix
View file

@ -1,25 +1,30 @@
{ config, systemPkgs, ... }: {systemPkgs, ...}: {
nix = {
{ settings = {
nix = { auto-optimise-store = true;
settings = { experimental-features = "nix-command flakes";
auto-optimise-store = true; };
experimental-features = "nix-command flakes"; optimise = {
}; automatic = true;
optimise = { dates = ["weekly"];
automatic = true; };
dates = [ "weekly" ]; registry = {
}; agenix = {
registry = { from = {
agenix = { id = "agenix";
from = { id = "agenix"; type = "indirect"; }; type = "indirect";
to = { owner = "ryantm"; repo = "agenix"; type = "github"; }; };
}; to = {
# Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions owner = "ryantm";
# https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html repo = "agenix";
system.flake = systemPkgs; type = "github";
}; };
# I removed this in the past since I thought that I didn't need it, but turns out comma does :) };
nixPath = [ "nixpkgs=${systemPkgs}" ]; # Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions
}; # https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html
system.flake = systemPkgs;
};
# I removed this in the past since I thought that I didn't need it, but turns out comma does :)
nixPath = ["nixpkgs=${systemPkgs}"];
};
} }

101
roles/common/programs/starship.nix
View file

@ -1,53 +1,52 @@
{ pkgs, lib, ... }:
with lib;
with builtins;
let
catppuccinFlavour = "mocha";
catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml;
presets = {
nerdFontSymbols = pkgs.fetchurl {
url = "https://starship.rs/presets/toml/nerd-font-symbols.toml";
hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug=";
};
};
# -------------------------------- F U N C T I O N S --------------------------------
/*
Gonna be honest, I have no idea how this works, although it seems to work
Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e
*/
# Takes a list of attrSets and merges them
mergeAllAttrSets = attrsSets:
foldl' (recursiveUpdate) {} attrsSets;
# Reads a TOML file and parses it
readTomlPreset = file: (fromTOML (readFile file));
in
{ {
programs.starship = { pkgs,
enable = true; lib,
settings = mergeAllAttrSets [ ...
(readTomlPreset presets.nerdFontSymbols) }:
(readTomlPreset catppuccinStarship) with lib;
{ with builtins; let
nix_shell = { catppuccinFlavour = "mocha";
disabled = false; catppuccinStarship = pkgs.catppuccin + /starship/${catppuccinFlavour}.toml;
heuristic = true;
}; presets = {
os = { nerdFontSymbols = pkgs.fetchurl {
disabled = false; url = "https://starship.rs/presets/toml/nerd-font-symbols.toml";
}; hash = "sha256-BVe5JMSIa3CoY2Wf9pvcF1EUtDVCWCLhW3IyKuwfHug=";
directory = { };
disabled = false; };
truncation_length = 6; # -------------------------------- F U N C T I O N S --------------------------------
truncation_symbol = ".../";
}; /*
palette = "catppuccin_${catppuccinFlavour}"; Gonna be honest, I have no idea how this works, although it seems to work
} Stolen from https://gist.github.com/pdalpra/daf339f59288201a6c8ba7dc84e9060e
]; */
}; # Takes a list of attrSets and merges them
mergeAllAttrSets = attrsSets:
foldl' recursiveUpdate {} attrsSets;
# Reads a TOML file and parses it
readTomlPreset = file: (fromTOML (readFile file));
in {
programs.starship = {
enable = true;
settings = mergeAllAttrSets [
(readTomlPreset presets.nerdFontSymbols)
(readTomlPreset catppuccinStarship)
{
nix_shell = {
disabled = false;
heuristic = true;
};
os = {
disabled = false;
};
directory = {
disabled = false;
truncation_length = 6;
truncation_symbol = ".../";
};
palette = "catppuccin_${catppuccinFlavour}";
}
];
};
} }

40
roles/common/services/avahi.nix
View file

@ -1,19 +1,23 @@
{ config, ... }: {config, ...}: let
let old = {
old = { nssmdns = true;
nssmdns = true; };
}; new = {
new = { nssmdns4 = true;
nssmdns4 = true; };
}; in {
in /*
{ NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6
/* 23.11 doesn't support this, so I need to use the conditional to be able to
NixOS 24.05 changed the option for mnds to be able to turn on/off IPv6 use the same config for both
23.11 doesn't support this, so I need to use the conditional to be able to */
use the same config for both services.avahi =
*/ {
services.avahi = { enable = true;
enable = true; }
} // (if config.system.nixos.release == "23.11" then old else new); // (
if config.system.nixos.release == "23.11"
then old
else new
);
} }

14
roles/common/services/default.nix
View file

@ -1,9 +1,7 @@
{ ... }: {...}: {
imports = [
{ ./avahi.nix
imports = [ ./tailscale.nix
./avahi.nix ./syncthing.nix
./tailscale.nix ];
./syncthing.nix
];
} }

114
roles/common/services/syncthing.nix
View file

@ -1,60 +1,60 @@
{ config, flakeSelf, ... }:
let
hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
in
{ {
# Get secrets config,
age.secrets = { flakeSelf,
syncthingKey.file = hostSecrets + "/syncthingKey.age"; ...
syncthingCert.file = hostSecrets + "/syncthingCert.age"; }: let
}; hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
in {
# Get secrets
age.secrets = {
syncthingKey.file = hostSecrets + "/syncthingKey.age";
syncthingCert.file = hostSecrets + "/syncthingCert.age";
};
services.syncthing = { services.syncthing = {
key = config.age.secrets.syncthingKey.path; key = config.age.secrets.syncthingKey.path;
cert = config.age.secrets.syncthingCert.path; cert = config.age.secrets.syncthingCert.path;
overrideDevices = true; overrideDevices = true;
overrideFolders = true; overrideFolders = true;
openDefaultPorts = true; openDefaultPorts = true;
settings = { settings = {
options = { options = {
urAccepted = 3; urAccepted = 3;
}; };
# Set up devices and folders common to every device # Set up devices and folders common to every device
devices = { devices = {
"phone" = { "phone" = {
name = "Xiaomi Redmi Note 10 Pro"; name = "Xiaomi Redmi Note 10 Pro";
id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6"; id = "K7KNZ5V-XREUADL-CROQXPV-6AA4H65-2VUD34Z-VQWKJ6S-LWWW4EE-XPNEZQ6";
}; };
"pc" = { "pc" = {
name = "Archie"; name = "Archie";
id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY"; id = "NJPX754-64AQNP3-7GZFIRZ-W2EDRJQ-27ORWYM-X5YXEXQ-ERRTRTQ-BSYD4AY";
}; };
"steamdeck" = { "steamdeck" = {
name = "Steam Deck"; name = "Steam Deck";
id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN"; id = "DNFEGEA-PDEVW5A-O5VBVQK-IUXI7J5-MAHCQAG-2JLEFFM-DSXB6AS-TX6ZHAN";
}; };
"server" = { "server" = {
name = "Everest"; name = "Everest";
id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ"; id = "2GXFZJZ-CF56ER2-SISBGOF-VNXJIG5-GQC6ECA-NHCHAPX-677RSJT-RI5POAZ";
}; };
"surface" = { "surface" = {
name = "Surface Go"; name = "Surface Go";
id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4"; id = "HTVSF3O-AHY3TNH-BLVSEGK-HRRSMHC-H5LJWVF-NDKGM6O-ATWZALC-YXNV2Q4";
}; };
"winmax2" = { "winmax2" = {
name = "Win Max 2"; name = "Win Max 2";
id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS"; id = "X2NILRM-ADRBQ23-AFREAZA-62GVFDF-UVMPR4L-KGHMUNY-BJ2C3CQ-RBT43QS";
}; };
}; };
folders = { folders = {
"passwords" = { "passwords" = {
label = "KeePassXC Passwords"; label = "KeePassXC Passwords";
id = "rdyaq-ex659"; id = "rdyaq-ex659";
devices = [ "phone" "pc" "steamdeck" "server" "surface" "winmax2"]; devices = ["phone" "pc" "steamdeck" "server" "surface" "winmax2"];
}; };
}; };
}; };
}; };
} }

18
roles/common/services/tailscale.nix
View file

@ -1,12 +1,10 @@
{ config, lib, ... }: {lib, ...}: {
services.tailscale = {
enable = true;
useRoutingFeatures = lib.mkDefault "client";
};
{ systemd.services.tailscaled.environment = {
services.tailscale = { TS_NO_LOGS_NO_SUPPORT = "true";
enable = true; };
useRoutingFeatures = lib.mkDefault "client";
};
systemd.services.tailscaled.environment = {
TS_NO_LOGS_NO_SUPPORT = "true";
};
} }

28
roles/desktop/configuration.nix
View file

@ -1,19 +1,17 @@
{ config, pkgs, ... }: {pkgs, ...}: {
# Enable scanning
hardware.sane = {
enable = true;
extraBackends = [pkgs.sane-airscan];
};
users.users.toast.extraGroups = ["scanner"];
{ services.xserver.enable = true;
# Enable scanning
hardware.sane = {
enable = true;
extraBackends = [ pkgs.sane-airscan ];
};
users.users.toast.extraGroups = [ "scanner" ];
services.xserver.enable = true; # Set up fonts
fonts.packages = [
(pkgs.nerdfonts.override {fonts = ["Hack" "JetBrainsMono"];})
];
# Set up fonts boot.plymouth.enable = true;
fonts.packages = [
( pkgs.nerdfonts.override { fonts = [ "Hack" "JetBrainsMono" ]; } )
];
boot.plymouth.enable = true;
} }

14
roles/desktop/default.nix
View file

@ -1,9 +1,7 @@
{ ... }: {...}: {
imports = [
{ ./services
imports = [ ./programs
./services ./configuration.nix
./programs ];
./configuration.nix
];
} }

24
roles/desktop/programs/default.nix
View file

@ -1,14 +1,12 @@
{ ... }: {...}: {
imports = [
{ ./discord.nix
imports = [ ./firefox.nix
./discord.nix ./micro.nix
./firefox.nix ./keepassxc.nix
./micro.nix ./jamesdsp.nix
./keepassxc.nix ./vscode.nix
./jamesdsp.nix ./git.nix
./vscode.nix ./ssh.nix
./git.nix ];
./ssh.nix
];
} }

79
roles/desktop/programs/discord.nix
View file

@ -1,41 +1,44 @@
{ config, pkgs, lib, ... }:
let
discordOverlay = self: super: {
discord = super.discord.override {
withOpenASAR = true;
withVencord = true;
};
# Update some stuff while I wait for nixpkgs
/*vencord = super.vencord.overrideAttrs rec {
version = "522fdcd";
src = pkgs.fetchFromGitHub {
owner = "Vendicated";
repo = "Vencord";
rev = "522fdcd";
#rev = "v${version}";
hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM=";
};
};*/
};
stock-discord = self: super: {
discord = super.discord.override {
withOpenASAR = false;
withVencord = false;
};
};
in
{ {
# Sometimes discord breaks after updates, and launching it stock once fixes it pkgs,
specialisation.stockDiscord.configuration = { lib,
nixpkgs.overlays = lib.mkAfter [ stock-discord ]; ...
}; }: let
discordOverlay = _self: super: {
discord = super.discord.override {
withOpenASAR = true;
withVencord = true;
};
# Update some stuff while I wait for nixpkgs
/*
vencord = super.vencord.overrideAttrs rec {
version = "522fdcd";
src = pkgs.fetchFromGitHub {
owner = "Vendicated";
repo = "Vencord";
rev = "522fdcd";
#rev = "v${version}";
hash = "sha256-9G7FNL4pHaaLachzJmeAol0WpNUj533K2FNa7DH0eBM=";
};
};
*/
};
stock-discord = _self: super: {
discord = super.discord.override {
withOpenASAR = false;
withVencord = false;
};
};
in {
# Sometimes discord breaks after updates, and launching it stock once fixes it
specialisation.stockDiscord.configuration = {
nixpkgs.overlays = lib.mkAfter [stock-discord];
};
nixpkgs.overlays = [ discordOverlay ]; nixpkgs.overlays = [discordOverlay];
home-manager.users.toast = { home-manager.users.toast = {
home.packages = with pkgs; [ home.packages = with pkgs; [
discord discord
vesktop vesktop
]; ];
}; };
} }

110
roles/desktop/programs/firefox.nix
View file

@ -1,57 +1,55 @@
{ config, lib, ... }: {lib, ...}: {
# System wide firefox settings
{ programs.firefox = {
# System wide firefox settings enable = true;
programs.firefox = { policies = {
enable = true; "DisablePocket" = true;
policies = { "DisableTelemetry" = true;
"DisablePocket" = true; # You need these for Spotify
"DisableTelemetry" = true; "EncryptedMediaExtensions" = {"Enabled" = true;};
# You need these for Spotify "ExtensionSettings" = {
"EncryptedMediaExtensions" = { "Enabled" = true; }; # TODO: Install extensions the NUR instead of from AMO
"ExtensionSettings" = { "uBlock0@raymondhill.net" = {
# TODO: Install extensions the NUR instead of from AMO "installation_mode" = "force_installed";
"uBlock0@raymondhill.net" = { "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
"installation_mode" = "force_installed"; };
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; # Decentraleyes
}; "jid1-BoFifL9Vbdl2zQ@jetpack" = {
# Decentraleyes "installation_mode" = "normal_installed";
"jid1-BoFifL9Vbdl2zQ@jetpack" = { "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi";
"installation_mode" = "normal_installed"; };
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; "jid1-MnnxcxisBPnSXQ@jetpack" = {
}; "installation_mode" = "normal_installed";
"jid1-MnnxcxisBPnSXQ@jetpack" = { "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
"installation_mode" = "normal_installed"; };
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; # Uninstall the kde plasma integration extension if KDE is not installed
}; "plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked";
# Uninstall the kde plasma integration extension if KDE is not installed };
"plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked"; "Preferences" = {
}; # Enable video hardware acceleration
"Preferences" = { "media.ffmpeg.vaapi.enabled" = {
# Enable video hardware acceleration "Value" = true;
"media.ffmpeg.vaapi.enabled" = { "Status" = "default";
"Value" = true; };
"Status" = "default"; "dom.security.https_only_mode" = {
}; "Value" = true;
"dom.security.https_only_mode" = { "Status" = "locked";
"Value" = true; };
"Status" = "locked"; "general.smoothScroll.msdPhysics.enabled" = {
}; "Value" = true;
"general.smoothScroll.msdPhysics.enabled" = { "Status" = "default";
"Value" = true; };
"Status" = "default"; };
}; "PromptForDownloadLocation" = true;
}; # I use an external password manager, so the built in one just bothers me
"PromptForDownloadLocation" = true; "PasswordManagerEnabled" = false;
# I use an external password manager, so the built in one just bothers me "Permissions" = {
"PasswordManagerEnabled" = false; "Autoplay" = {
"Permissions" = { "Allow" = ["https://www.youtube.com"];
"Autoplay" = { "Default" = "block-audio-video";
"Allow" = [ "https://www.youtube.com" ]; };
"Default" = "block-audio-video"; };
}; "FirefoxHome" = {"SponsoredTopSites" = false;};
}; };
"FirefoxHome" = { "SponsoredTopSites" = false; }; };
};
};
} }

8
roles/desktop/programs/git.nix
View file

@ -1,6 +1,8 @@
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
home-manager.users.toast = { home-manager.users.toast = {
programs.git = { programs.git = {
package = pkgs.gitFull; package = pkgs.gitFull;
@ -11,6 +13,6 @@
}; };
}; };
home.packages = [ pkgs.git-cola ]; home.packages = [pkgs.git-cola];
}; };
} }

6
roles/desktop/programs/jamesdsp.nix
View file

@ -1,5 +1,3 @@
{ config, pkgs, ... }: {pkgs, ...}: {
users.users.toast.packages = [pkgs.jamesdsp];
{
users.users.toast.packages = [ pkgs.jamesdsp ];
} }

124
roles/desktop/programs/keepassxc.nix
View file

@ -1,63 +1,63 @@
{ config, pkgs, lib, ... }: {lib, ...}: let
kpxcSettings = lib.generators.toINI {} {
let General = {
kpxcSettings = lib.generators.toINI {} { # Not sure what changing this does, I'll leave it alone
General = { ConfigVersion = 2;
# Not sure what changing this does, I'll leave it alone MinimizeAfterUnlock = true;
ConfigVersion = 2; AutoSaveAfterEveryChange = false;
MinimizeAfterUnlock = true; };
AutoSaveAfterEveryChange = false; GUI = {
}; ApplicationTheme = "classic";
GUI = { MinimizeOnStartup = false;
ApplicationTheme = "classic"; MinimizeOnClose = true;
MinimizeOnStartup = false; MinimizeToTray = true;
MinimizeOnClose = true; ShowTrayIcon = true;
MinimizeToTray = true; # 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style
ShowTrayIcon = true; ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window
# 0 is icons, 1 is text, 2 is text next to icons, 3 is text under icons, and 4 is follow style # monochrome-light, monochrome-dark or colorful
ToolButtonStyle = 0; # Would choose 4 but it's too big for a small window TrayIconAppearance = "monochrome-light";
# monochrome-light, monochrome-dark or colorful };
TrayIconAppearance = "monochrome-light"; Security = {
}; HideNotes = true;
Security = { IconDownloadFallback = true;
HideNotes = true; };
IconDownloadFallback = true; SSHAgent.Enabled = true;
}; };
SSHAgent.Enabled = true; in {
}; home-manager = {
in extraSpecialArgs = {kpxcSettings = kpxcSettings;};
users.toast = {
{ pkgs,
home-manager = { kpxcSettings,
extraSpecialArgs = { kpxcSettings = kpxcSettings; }; ...
users.toast = { config, pkgs, kpxcSettings, ... }: { }: {
# No module for KeePassXC config :( # No module for KeePassXC config :(
home = { home = {
packages = [ pkgs.keepassxc ]; packages = [pkgs.keepassxc];
file = { file = {
".config/keepassxc/keepassxc.ini".text = kpxcSettings; ".config/keepassxc/keepassxc.ini".text = kpxcSettings;
# For some reason the autostart .desktop is not the same as the regular one # For some reason the autostart .desktop is not the same as the regular one
".config/autostart/org.keepassxc.KeePassXC.desktop".text = '' ".config/autostart/org.keepassxc.KeePassXC.desktop".text = ''
[Desktop Entry] [Desktop Entry]
Name=KeePassXC Name=KeePassXC
GenericName=Password Manager GenericName=Password Manager
Exec=keepassxc Exec=keepassxc
TryExec=keepassxc TryExec=keepassxc
Icon=keepassxc Icon=keepassxc
StartupWMClass=keepassxc StartupWMClass=keepassxc
StartupNotify=true StartupNotify=true
Terminal=false Terminal=false
Type=Application Type=Application
Version=1.0 Version=1.0
Categories=Utility;Security;Qt; Categories=Utility;Security;Qt;
MimeType=application/x-keepass2; MimeType=application/x-keepass2;
X-GNOME-Autostart-enabled=true X-GNOME-Autostart-enabled=true
X-GNOME-Autostart-Delay=2 X-GNOME-Autostart-Delay=2
X-KDE-autostart-after=panel X-KDE-autostart-after=panel
X-LXQt-Need-Tray=true X-LXQt-Need-Tray=true
''; '';
}; };
}; };
}; };
}; };
} }

37
roles/desktop/programs/micro.nix
View file

@ -1,21 +1,18 @@
{ config, pkgs, lib, ... }: {lib, ...}: {
home-manager = {
{ users.toast = {pkgs, ...}: {
home-manager = { programs.micro = {
users.toast = { config, pkgs, ... }: enable = true;
{ settings = {
programs.micro = { # Use xclip/wl-clipboard for copying and pasting
enable = true; clipboard = lib.mkForce "external";
settings = { };
# Use xclip/wl-clipboard for copying and pasting };
clipboard = lib.mkForce "external"; /*
}; On a kde wayland session micro uses xsel or xclip instead of wl-clipboard
}; which doesn't work, so I only install wl-clipboard here to make micro use it
/* */
On a kde wayland session micro uses xsel or xclip instead of wl-clipboard home.packages = with pkgs; [wl-clipboard];
which doesn't work, so I only install wl-clipboard here to make micro use it };
*/ };
home.packages = with pkgs; [ wl-clipboard ];
};
};
} }

4
roles/desktop/programs/ssh.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
home-manager.users.toast = { home-manager.users.toast = {
programs.ssh = { programs.ssh = {
enable = true; enable = true;

80
roles/desktop/programs/vscode.nix
View file

@ -1,40 +1,44 @@
{ config, pkgs, flakeSelf, ... }:
let inputs = flakeSelf.inputs; in
{ {
nixpkgs.overlays = [ inputs.catppuccin-vsc.overlays.default ]; pkgs,
home-manager.users.toast = { flakeSelf,
home.packages = with pkgs; [ ...
nixpkgs-fmt }: let
]; inputs = flakeSelf.inputs;
programs.vscode = { in {
enable = true; nixpkgs.overlays = [inputs.catppuccin-vsc.overlays.default];
package = pkgs.vscodium; home-manager.users.toast = {
mutableExtensionsDir = false; home.packages = with pkgs; [
extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [ nixpkgs-fmt
jnoortheen.nix-ide ];
(pkgs.catppuccin-vsc.override { programs.vscode = {
workbenchMode = "flat"; enable = true;
extraBordersEnabled = true; package = pkgs.vscodium;
}) mutableExtensionsDir = false;
catppuccin.catppuccin-vsc-icons extensions = with inputs.vscode-extensions.extensions.x86_64-linux.open-vsx; [
waderyan.gitblame jnoortheen.nix-ide
]; (pkgs.catppuccin-vsc.override {
userSettings = { workbenchMode = "flat";
# VSCode doesn't like nested settings extraBordersEnabled = true;
# https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep })
# TODO: write a function that unnests settings catppuccin.catppuccin-vsc-icons
"workbench.colorTheme" = "Catppuccin Mocha"; waderyan.gitblame
"workbench.iconTheme" = "catppuccin-mocha"; ];
"editor.fontFamily" = "JetBrainsMono Nerd Font"; userSettings = {
"editor.semanticHighlighting.enabled" = true; # VSCode doesn't like nested settings
"nix.enableLanguageServer" = true; # https://stackoverflow.com/questions/74134436/is-it-possible-to-express-settings-in-vs-codes-settings-json-where-each-dot-sep
"nix.serverPath" = "${pkgs.nil}/bin/nil"; # TODO: write a function that unnests settings
"nix.serverSettings" = { "workbench.colorTheme" = "Catppuccin Mocha";
"nil"."formatting"."command" = [ "nixpkgs-fmt" ]; "workbench.iconTheme" = "catppuccin-mocha";
}; "editor.fontFamily" = "JetBrainsMono Nerd Font";
"terminal.integrated.minimumContrastRatio" = 1; "editor.semanticHighlighting.enabled" = true;
"window.titleBarStyle" = "custom"; "nix.enableLanguageServer" = true;
}; "nix.serverPath" = "${pkgs.nil}/bin/nil";
}; "nix.serverSettings" = {
}; "nil"."formatting"."command" = ["nixpkgs-fmt"];
};
"terminal.integrated.minimumContrastRatio" = 1;
"window.titleBarStyle" = "custom";
};
};
};
} }

20
roles/desktop/services/default.nix
View file

@ -1,12 +1,10 @@
{ ... }: {...}: {
imports = [
{ ./ssh-agent.nix
imports = [ ./flatpak.nix
./ssh-agent.nix ./syncthing.nix
./flatpak.nix ./pipewire.nix
./syncthing.nix ./printing.nix
./pipewire.nix ./networkmanager.nix
./printing.nix ];
./networkmanager.nix
];
} }

32
roles/desktop/services/flatpak.nix
View file

@ -1,19 +1,17 @@
{ config, pkgs, flakeSelf, ... }: {flakeSelf, ...}: {
services.flatpak.enable = true;
{ home-manager = {
services.flatpak.enable = true; sharedModules = [{imports = [flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak];}];
users.toast = {
home-manager = { services.flatpak = {
sharedModules = [{ imports = [ flakeSelf.inputs.nix-flatpak.homeManagerModules.nix-flatpak ]; }]; packages = ["tv.plex.PlexDesktop"];
users.toast = { uninstallUnmanagedPackages = true;
services.flatpak = { update.auto = {
packages = [ "tv.plex.PlexDesktop" ]; enable = true;
uninstallUnmanagedPackages = true; onCalendar = "weekly";
update.auto = { };
enable = true; };
onCalendar = "weekly"; };
}; };
};
};
};
} }

8
roles/desktop/services/networkmanager.nix
View file

@ -1,10 +1,6 @@
{ config, ... }: {config, ...}: let
let
tailscaleName = config.services.tailscale.interfaceName; tailscaleName = config.services.tailscale.interfaceName;
in in {
{
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
unmanaged = [ unmanaged = [

16
roles/desktop/services/pipewire.nix
View file

@ -1,11 +1,9 @@
{ config, ... }: {...}: {
services.pipewire = {
enable = true;
pulse.enable = true;
};
{ # This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters
services.pipewire = { security.rtkit.enable = true;
enable = true;
pulse.enable = true;
};
# This allows pipewire to get realtime priority, which (hopefully) gets rid of stutters
security.rtkit.enable = true;
} }

14
roles/desktop/services/printing.nix
View file

@ -1,9 +1,7 @@
{ config, ... }: {...}: {
services.printing = {
{ enable = true;
services.printing = { startWhenNeeded = true;
enable = true; stateless = true;
startWhenNeeded = true; };
stateless = true;
};
} }

38
roles/desktop/services/ssh-agent.nix
View file

@ -1,21 +1,19 @@
{ config, pkgs, ... }: {...}: {
programs.ssh.startAgent = true;
{ /*
programs.ssh.startAgent = true; Home assistant added an option that does this
/* https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94
Home assistant added an option that does this but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one
https://github.com/nix-community/home-manager/commit/2d9210f25ed18d5d4e11e6b886de4027c0c51a94 */
but since I still need to fix home-manager's envvars not applying I'll stick to the NixOS one /*
*/ TODO: fix SSH_AUTH_SOCK not being set in Plasma
/* Turns out the NixOS module also has issues :3
TODO: fix SSH_AUTH_SOCK not being set in Plasma The env is set but only in bash, not in the DE, so
Turns out the NixOS module also has issues :3 keepass can't pick it up. For now I'll just set it manually
The env is set but only in bash, not in the DE, so */
keepass can't pick it up. For now I'll just set it manually home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = ''
*/ if [[ -z "$SSH_AUTH_SOCK" ]]; then
home-manager.users.toast.xdg.configFile."plasma-workspace/env/ssh-agent.sh".text = '' export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent
if [[ -z "$SSH_AUTH_SOCK" ]]; then fi
export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent '';
fi
'';
} }

46
roles/desktop/services/syncthing.nix
View file

@ -1,25 +1,23 @@
{ config, ... }: {config, ...}: {
services.syncthing = {
{ enable = true;
services.syncthing = { user = "toast";
enable = true; group = "users";
user = "toast"; dataDir = config.users.users.toast.home;
group = "users"; settings.folders."passwords".path = "~/Documents/Passwords";
dataDir = config.users.users.toast.home; };
settings.folders."passwords".path = "~/Documents/Passwords"; # Allow regular users to stop syncthing
}; # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
# Allow regular users to stop syncthing security.polkit.extraConfig = ''
# https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service polkit.addRule(function(action, subject) {
security.polkit.extraConfig = '' if (
polkit.addRule(function(action, subject) { action.id == "org.freedesktop.systemd1.manage-units" &&
if ( action.lookup("unit") == "syncthing.service" &&
action.id == "org.freedesktop.systemd1.manage-units" && subject.user == "${config.services.syncthing.user}"
action.lookup("unit") == "syncthing.service" && )
subject.user == "${config.services.syncthing.user}" {
) return polkit.Result.YES;
{ }
return polkit.Result.YES; })
} '';
})
'';
} }

12
roles/gaming/default.nix
View file

@ -1,8 +1,6 @@
{ ... }: {...}: {
imports = [
{ ./programs
imports = [ ./services
./programs ];
./services
];
} }

24
roles/gaming/programs/default.nix
View file

@ -1,14 +1,12 @@
{ config, pkgs, ... }: {pkgs, ...}: {
imports = [
{ ./steam.nix
imports = [ ./mangohud.nix
./steam.nix ./rpcs3.nix
./mangohud.nix ./retroarch.nix
./rpcs3.nix ];
./retroarch.nix environment.systemPackages = with pkgs; [
]; heroic
environment.systemPackages = with pkgs; [ prismlauncher-qt5
heroic ];
prismlauncher-qt5
];
} }

27
roles/gaming/programs/mangohud.nix
View file

@ -1,16 +1,13 @@
{ config, ... }: {...}: {
home-manager.users.toast = {...}: {
{ programs.mangohud = {
home-manager.users.toast = { config, ... }: enable = true;
{ # This only works for Vulkan, openGL programs still need the mangohud wrapper
programs.mangohud = { enableSessionWide = true;
enable = true; settings = {
# This only works for Vulkan, openGL programs still need the mangohud wrapper preset = 4;
enableSessionWide = true; no_display = true;
settings = { };
preset = 4; };
no_display = true; };
};
};
};
} }

102
roles/gaming/programs/retroarch.nix
View file

@ -1,79 +1,79 @@
{ pkgs, ... }: {pkgs, ...}: let
let
snes-roms = [ snes-roms = [
# ActRaiser # ActRaiser
( pkgs.fetchzip { (pkgs.fetchzip {
url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/ActRaiser%20%28USA%29.zip"; url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/ActRaiser%20%28USA%29.zip";
hash = "sha256-yxIL5Pqlp8xsx7wvNO1MlB8ffDjS0xpE+yrEfMj61As="; hash = "sha256-yxIL5Pqlp8xsx7wvNO1MlB8ffDjS0xpE+yrEfMj61As=";
} ) })
# Kirby Super Star # Kirby Super Star
( pkgs.fetchzip { (pkgs.fetchzip {
url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Kirby%20Super%20Star%20%28USA%29.zip"; url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Kirby%20Super%20Star%20%28USA%29.zip";
hash = "sha256-NX5OjCthf4ZiAhamclRBRk8GiMjZX3JLeShm8sQdDfc="; hash = "sha256-NX5OjCthf4ZiAhamclRBRk8GiMjZX3JLeShm8sQdDfc=";
} ) })
# Super Mario Kart # Super Mario Kart
( pkgs.fetchzip { (pkgs.fetchzip {
url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Super%20Mario%20Kart%20%28USA%29.zip"; url = "https://myrient.erista.me/files/No-Intro/Nintendo%20-%20Super%20Nintendo%20Entertainment%20System/Super%20Mario%20Kart%20%28USA%29.zip";
hash = "sha256-RLBxPBmBrXCuPdnWE07KamBNgGJ5IntQVUPeij+2HUI="; hash = "sha256-RLBxPBmBrXCuPdnWE07KamBNgGJ5IntQVUPeij+2HUI=";
} ) })
]; ];
in in {
{
home-manager.users.toast = { home-manager.users.toast = {
home = { home = {
packages = [( packages = [
pkgs.retroarch.override { (
cores = with pkgs.libretro; [ pkgs.retroarch.override {
snes9x cores = with pkgs.libretro; [
]; snes9x
settings = { ];
video_driver = "vulkan"; settings = {
video_fullscreen = "true"; video_driver = "vulkan";
menu_swap_ok_cancel_buttons = "true"; video_fullscreen = "true";
input_joypad_driver = "sdl2"; menu_swap_ok_cancel_buttons = "true";
# Enable touchscreen support input_joypad_driver = "sdl2";
menu_pointer_enable = "true"; # Enable touchscreen support
menu_pointer_enable = "true";
# Folder stuffs # Folder stuffs
# System/BIOS files # System/BIOS files
system_directory = "~/.local/share/retroarch/system"; system_directory = "~/.local/share/retroarch/system";
# Downloads # Downloads
core_assets_directory = "~/.local/share/retroarch/downloads"; core_assets_directory = "~/.local/share/retroarch/downloads";
thumbnails_directory = "~/.local/share/retroarch/thumbnails"; thumbnails_directory = "~/.local/share/retroarch/thumbnails";
content_database_path = "~/.local/share/retroarch/database/rdb"; content_database_path = "~/.local/share/retroarch/database/rdb";
cheat_database_path = "~/.local/share/retroarch/cheats"; cheat_database_path = "~/.local/share/retroarch/cheats";
video_filter_dir = "~/.local/share/retroarch/filters/video"; video_filter_dir = "~/.local/share/retroarch/filters/video";
audio_filter_dir = "~/.local/share/retroarch/filters/audio"; audio_filter_dir = "~/.local/share/retroarch/filters/audio";
video_shader_dir = "~/.local/share/retroarch/shaders"; video_shader_dir = "~/.local/share/retroarch/shaders";
recording_output_directory = "~/.local/share/retroarch/records"; recording_output_directory = "~/.local/share/retroarch/records";
overlay_directory = "~/.local/share/retroarch/overlays"; overlay_directory = "~/.local/share/retroarch/overlays";
osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards"; osk_overlay_directory = "~/.local/share/retroarch/overlays/keyboards";
screenshot_directory = "~/.local/share/retroarch/screenshots"; screenshot_directory = "~/.local/share/retroarch/screenshots";
playlist_directory = "~/.local/share/retroarch/playlists"; playlist_directory = "~/.local/share/retroarch/playlists";
savefile_directory = "~/.local/share/retroarch/saves"; savefile_directory = "~/.local/share/retroarch/saves";
savestate_directory = "~/.local/share/retroarch/states"; savestate_directory = "~/.local/share/retroarch/states";
log_dir = "~/.local/share/retroarch/logs"; log_dir = "~/.local/share/retroarch/logs";
# By default settings has some things that this overrides, so I need to set them myself # By default settings has some things that this overrides, so I need to set them myself
libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores"; libretro_info_path = "${pkgs.libretro-core-info}/share/retroarch/cores";
joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig"; joypad_autoconfig_dir = "${pkgs.retroarch-joypad-autoconfig}/share/libretro/autoconfig";
assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets"; assets_directory = "${pkgs.retroarch-assets}/share/retroarch/assets";
}; };
} }
)]; )
];
file."Games/Roms/SNES/" = { file."Games/Roms/SNES/" = {
onChange = '' onChange = ''
${pkgs.retroarch}/bin/retroarch --scan "/home/toast/Games/Roms/SNES" ${pkgs.retroarch}/bin/retroarch --scan "/home/toast/Games/Roms/SNES"
''; '';
source = pkgs.symlinkJoin { source = pkgs.symlinkJoin {
name = "snes-roms"; name = "snes-roms";
paths = [ snes-roms ]; paths = [snes-roms];
}; };
}; };
}; };
# Retroarch is dumb since it doesn't generate some folders (but it does for others) # Retroarch is dumb since it doesn't generate some folders (but it does for others)
systemd.user.tmpfiles.rules = [ systemd.user.tmpfiles.rules = [
"d /%h/.local/share/retroarch/playlists" "d /%h/.local/share/retroarch/playlists"
"d /%h/.local/share/retroarch/saves" "d /%h/.local/share/retroarch/saves"
"d /%h/.local/share/retroarch/states" "d /%h/.local/share/retroarch/states"
@ -85,7 +85,7 @@ in
"retroarch" = { "retroarch" = {
label = "RetroArch"; label = "RetroArch";
id = "jxuou-2yjnu"; id = "jxuou-2yjnu";
devices = [ "steamdeck" "server" "pc" "winmax2" ]; devices = ["steamdeck" "server" "pc" "winmax2"];
path = "~/.local/share/retroarch"; path = "~/.local/share/retroarch";
}; };
}; };

36
roles/gaming/programs/rpcs3.nix
View file

@ -1,20 +1,20 @@
{ config, pkgs, ... }: {config, ...}: {
environment.systemPackages = with config; [
nur.repos.ataraxiasjel.rpcs3
];
# Compiling RPCS3 takes quite a while
nix.settings = {
substituters = ["https://ataraxiadev-foss.cachix.org"];
trusted-public-keys = ["ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058="];
};
{ # Increase the memory lock limit
environment.systemPackages = with config; [ security.pam.loginLimits = [
nur.repos.ataraxiasjel.rpcs3 {
]; domain = "*";
# Compiling RPCS3 takes quite a while item = "memlock";
nix.settings = { type = "-"; # Applies to both hard and soft limits
substituters = [ "https://ataraxiadev-foss.cachix.org" ]; value = "unlimited";
trusted-public-keys = [ "ataraxiadev-foss.cachix.org-1:ws/jmPRUF5R8TkirnV1b525lP9F/uTBsz2KraV61058=" ]; }
}; ];
# Increase the memory lock limit
security.pam.loginLimits = [{
domain = "*";
item = "memlock";
type = "-"; # Applies to both hard and soft limits
value = "unlimited";
}];
} }

37
roles/gaming/programs/steam.nix
View file

@ -1,21 +1,26 @@
{ config, pkgs, ... }:
{ {
programs.steam = { config,
enable = true; pkgs,
# Doubt that I'll use it, but I'll enable it anyways ...
remotePlay.openFirewall = true; }: {
programs.steam = {
enable = true;
# Doubt that I'll use it, but I'll enable it anyways
remotePlay.openFirewall = true;
extraCompatPackages = with pkgs; [ extraCompatPackages = with pkgs; [
proton-ge-bin proton-ge-bin
]; ];
}; };
# Some linux native games (rise of the tomb raider) use alsa for sound # Some linux native games (rise of the tomb raider) use alsa for sound
services.pipewire.alsa.enable = if config.services.pipewire.pulse.enable == true then true else false; services.pipewire.alsa.enable =
if config.services.pipewire.pulse.enable == true
then true
else false;
# Celeste mod manager # Celeste mod manager
home-manager.users.toast.services.flatpak.packages = [ home-manager.users.toast.services.flatpak.packages = [
"io.github.everestapi.Olympus" "io.github.everestapi.Olympus"
]; ];
} }

10
roles/gaming/services/default.nix
View file

@ -1,7 +1,5 @@
{ ... }: {...}: {
imports = [
{ ./syncthing.nix
imports = [ ];
./syncthing.nix
];
} }

36
roles/gaming/services/syncthing.nix
View file

@ -1,21 +1,19 @@
{ config, ... }: {...}: {
/*
This file will sync saves for games that don't have cloud saves
TODO: turn this into a module eventually
*/
{ services.syncthing.settings.folders = {
/* "steam-201810" = {
This file will sync saves for games that don't have cloud saves label = "Wolfenstein The New Order Saves";
TODO: turn this into a module eventually id = "laxxf-t2wmy";
*/ devices = ["steamdeck" "server" "pc"];
path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/";
services.syncthing.settings.folders = { };
"steam-201810" = { };
label = "Wolfenstein The New Order Saves"; home-manager.users.toast.home.file."steam-201810-ignore" = {
id = "laxxf-t2wmy"; target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore";
devices = [ "steamdeck" "server" "pc" ]; text = "base/qconsole.log\nbase/wolfConfig.cfg";
path = "~/.local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/"; };
};
};
home-manager.users.toast.home.file."steam-201810-ignore" = {
target = ".local/share/Steam/steamapps/compatdata/201810/pfx/drive_c/users/steamuser/Saved Games/MachineGames/Wolfenstein The New Order/.stignore";
text = "base/qconsole.log\nbase/wolfConfig.cfg";
};
} }

14
roles/kde/default.nix
View file

@ -1,9 +1,7 @@
{ ... }: {...}: {
imports = [
{ ./plasma.nix
imports = [ ./sddm.nix
./plasma.nix ./programs
./sddm.nix ];
./programs
];
} }

318
roles/kde/plasma.nix
View file

@ -1,158 +1,172 @@
{ config, pkgs, lib, flakeSelf, ... }:
let
# Set up the default kde options
balooExcludedDirs = lib.strings.intersperse "," [
"$HOME/.cache/"
"$HOME/.config/"
"$HOME/.local/"
];
baloofilerc = lib.generators.toINI {} {
General = {
# The [$e] part allows you to use environment variables
"exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs;
};
};
# Make custom packages
breezeTint = pkgs.stdenv.mkDerivation {
name = "breeze-tint";
src = "${pkgs.breeze-qt5}";
patches = [ ./patches/BreezeTint.patch ];
installPhase = ''
runHook preInstall
mkdir -p $out/share/color-schemes/
cp -r share/color-schemes/* $out/share/color-schemes/
runHook postInstall
'';
};
# /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package
plasmaDefaults = pkgs.stdenv.mkDerivation {
name = "toast-plasma-defaults";
dontUnpack = true;
installPhase = ''
runHook preInstall
set -x
mkdir -p $out/etc/xdg
echo '${baloofilerc}' > $out/etc/xdg/baloofilerc
runHook postInstall
'';
};
in
{ {
services.xserver = { config,
# Enable the Plasma 5 Desktop Environment pkgs,
desktopManager.plasma5.enable = true; lib,
displayManager.defaultSession = "plasmawayland"; flakeSelf,
}; ...
}: let
# Set up the default kde options
balooExcludedDirs = lib.strings.intersperse "," [
"$HOME/.cache/"
"$HOME/.config/"
"$HOME/.local/"
];
qt.enable = true; baloofilerc = lib.generators.toINI {} {
General = {
# The [$e] part allows you to use environment variables
"exclude folders[$e]" = lib.strings.concatStrings balooExcludedDirs;
};
};
# GTK apps need dconf to grab the correct theme on Wayland # Make custom packages
programs.dconf.enable = true; breezeTint = pkgs.stdenv.mkDerivation {
name = "breeze-tint";
src = "${pkgs.breeze-qt5}";
patches = [./patches/BreezeTint.patch];
installPhase = ''
runHook preInstall
# Install the patched Breeze color schemes as well as the plasma default configs mkdir -p $out/share/color-schemes/
environment.systemPackages = [ breezeTint plasmaDefaults ]; cp -r share/color-schemes/* $out/share/color-schemes/
# Plasma configs should be on all users runHook postInstall
home-manager.sharedModules = [ '';
( };
{ config, ... }:
let gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc"; in # /etc/xdg is not read by plasma, so to change the default settings you need to put them in a package
{ plasmaDefaults = pkgs.stdenv.mkDerivation {
gtk.gtk2.configLocation = gtk2rc; name = "toast-plasma-defaults";
# Kde has an annoying habit of overwriting the gtk2 config file dontUnpack = true;
home.file."${gtk2rc}".force = true; installPhase = ''
} runHook preInstall
)
{ set -x
imports = [ flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager ]; mkdir -p $out/etc/xdg
gtk = { echo '${baloofilerc}' > $out/etc/xdg/baloofilerc
enable = true;
# Most apps are dark, so a white cursor is easier to spot runHook postInstall
cursorTheme = { package = pkgs.breeze-qt5; name = "Breeze_Snow"; }; '';
iconTheme = { package = pkgs.breeze-icons; name = "breeze-dark"; }; };
theme = { package = pkgs.breeze-gtk; name = "Breeze"; }; in {
# Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant services.xserver = {
gtk3.extraConfig.gtk-application-prefer-dark-theme = true; # Enable the Plasma 5 Desktop Environment
gtk4.extraConfig.gtk-application-prefer-dark-theme = true; desktopManager.plasma5.enable = true;
}; displayManager.defaultSession = "plasmawayland";
home.packages = [( };
pkgs.catppuccin-kde.override {
flavour = [ "mocha" ]; qt.enable = true;
accents = [ "mauve" ];
winDecStyles = [ "classic" ]; # GTK apps need dconf to grab the correct theme on Wayland
} programs.dconf.enable = true;
)];
programs.plasma = { # Install the patched Breeze color schemes as well as the plasma default configs
enable = true; environment.systemPackages = [breezeTint plasmaDefaults];
overrideConfig = true;
# Delete config files that I fully configure here # Plasma configs should be on all users
overrideConfigFiles = [ home-manager.sharedModules = [
"plasmashellrc" (
"plasma-org.kde.plasma.desktop-appletsrc" {config, ...}: let
]; gtk2rc = "${config.xdg.configHome}/gtk-2.0/gtkrc";
workspace = { in {
clickItemTo = "select"; gtk.gtk2.configLocation = gtk2rc;
cursorTheme = "Breeze_Snow"; # Kde has an annoying habit of overwriting the gtk2 config file
iconTheme = "breeze-dark"; home.file."${gtk2rc}".force = true;
lookAndFeel = "Catppuccin-Mocha-Mauve"; }
theme = "default"; )
colorScheme = "CatppuccinMochaMauve"; {
}; imports = [flakeSelf.inputs.plasma-manager.homeManagerModules.plasma-manager];
kwin = { gtk = {
titlebarButtons = { enable = true;
left = [ "on-all-desktops" "keep-above-windows" ]; # Most apps are dark, so a white cursor is easier to spot
right = [ "minimize" "maximize" "close" ]; cursorTheme = {
}; package = pkgs.breeze-qt5;
}; name = "Breeze_Snow";
panels = [{ };
location = "bottom"; iconTheme = {
height = 44; package = pkgs.breeze-icons;
widgets = [ name = "breeze-dark";
{ };
name = "org.kde.plasma.kickoff"; theme = {
config.General.icon = "nix-snowflake-white"; package = pkgs.breeze-gtk;
} name = "Breeze";
"org.kde.plasma.pager" };
"org.kde.plasma.icontasks" # Gtk2 doesn't have a dark mode, so I just tell gtk 3 and 4 to use the dark variant
"org.kde.plasma.marginsseparator" gtk3.extraConfig.gtk-application-prefer-dark-theme = true;
"org.kde.plasma.systemtray" gtk4.extraConfig.gtk-application-prefer-dark-theme = true;
{ };
name = "org.kde.plasma.digitalclock"; home.packages = [
config.Appearance.showSeconds = "true"; (
} pkgs.catppuccin-kde.override {
"org.kde.plasma.showdesktop" flavour = ["mocha"];
]; accents = ["mauve"];
}]; winDecStyles = ["classic"];
shortcuts = { }
"kwin" = { )
"Switch One Desktop to the Left" = [ "Meta+Ctrl+Left" ]; ];
"Switch One Desktop to the Right" = [ "Meta+Ctrl+Right" ]; programs.plasma = {
}; enable = true;
}; overrideConfig = true;
configFile = { # Delete config files that I fully configure here
"kwinrc" = { overrideConfigFiles = [
"org\\.kde\\.kdecoration2"."BorderSize" = "None"; "plasmashellrc"
"Desktops" = { "plasma-org.kde.plasma.desktop-appletsrc"
"Number" = 2; ];
"Rows" = 1; workspace = {
}; clickItemTo = "select";
"TabBox"."LayoutName" = "thumbnail_grid"; cursorTheme = "Breeze_Snow";
}; iconTheme = "breeze-dark";
"kdeglobals"."General"."AccentColor" = null; lookAndFeel = "Catppuccin-Mocha-Mauve";
"auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0; theme = "default";
"plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true; colorScheme = "CatppuccinMochaMauve";
}; };
}; kwin = {
} titlebarButtons = {
]; left = ["on-all-desktops" "keep-above-windows"];
right = ["minimize" "maximize" "close"];
};
};
panels = [
{
location = "bottom";
height = 44;
widgets = [
{
name = "org.kde.plasma.kickoff";
config.General.icon = "nix-snowflake-white";
}
"org.kde.plasma.pager"
"org.kde.plasma.icontasks"
"org.kde.plasma.marginsseparator"
"org.kde.plasma.systemtray"
{
name = "org.kde.plasma.digitalclock";
config.Appearance.showSeconds = "true";
}
"org.kde.plasma.showdesktop"
];
}
];
shortcuts = {
"kwin" = {
"Switch One Desktop to the Left" = ["Meta+Ctrl+Left"];
"Switch One Desktop to the Right" = ["Meta+Ctrl+Right"];
};
};
configFile = {
"kwinrc" = {
"org\\.kde\\.kdecoration2"."BorderSize" = "None";
"Desktops" = {
"Number" = 2;
"Rows" = 1;
};
"TabBox"."LayoutName" = "thumbnail_grid";
};
"kdeglobals"."General"."AccentColor" = null;
"auroraerc"."CatppuccinMocha-Classic"."ButtonSize" = 0;
"plasmanotifyrc"."Notifications"."NormalAlwaysOnTop" = true;
};
};
}
];
} }

24
roles/kde/programs/default.nix
View file

@ -1,15 +1,13 @@
{ config, ... }: {...}: {
imports = [
./kate.nix
./firefox.nix
./skanpage.nix
./neochat.nix
./konsole.nix
./git.nix
];
{ # Enable the kde partition manager
imports = [ programs.partition-manager.enable = true;
./kate.nix
./firefox.nix
./skanpage.nix
./neochat.nix
./konsole.nix
./git.nix
];
# Enable the kde partition manager
programs.partition-manager.enable = true;
} }

60
roles/kde/programs/firefox.nix
View file

@ -1,32 +1,30 @@
{ config, pkgs, ... }: {...}: {
# KDE specific firefox settings
{ programs.firefox = {
# KDE specific firefox settings policies = {
programs.firefox = { "ExtensionSettings" = {
policies = { # TODO: Install extensions the NUR instead of from AMO
"ExtensionSettings" = { "plasma-browser-integration@kde.org" = {
# TODO: Install extensions the NUR instead of from AMO "installation_mode" = "normal_installed";
"plasma-browser-integration@kde.org" = { "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi";
"installation_mode" = "normal_installed"; };
"install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; };
}; "Preferences" = {
}; # Make firefox use the kde file picker
"Preferences" = { "widget.use-xdg-desktop-portal.file-picker" = {
# Make firefox use the kde file picker "Value" = 1;
"widget.use-xdg-desktop-portal.file-picker" = { "Status" = "default";
"Value" = 1; };
"Status" = "default"; /*
}; https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this,
/* but strangely enough doing so makes firefox ask to be set as the default browser
https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, every time you start it up, so I'll disable it
but strangely enough doing so makes firefox ask to be set as the default browser */
every time you start it up, so I'll disable it "widget.use-xdg-desktop-portal.mime-handler" = {
*/ "Value" = 0;
"widget.use-xdg-desktop-portal.mime-handler" = { "Status" = "default";
"Value" = 0; };
"Status" = "default"; };
}; };
}; };
};
};
} }

4
roles/kde/programs/git.nix
View file

@ -1,6 +1,4 @@
{ pkgs, lib, ... }: {...}: {
{
home-manager.users.toast = { home-manager.users.toast = {
programs.git = { programs.git = {
extraConfig = { extraConfig = {

14
roles/kde/programs/kate.nix
View file

@ -1,10 +1,8 @@
{ config, pkgs, ... }: {pkgs, ...}: {
environment.systemPackages = [pkgs.kate];
{ # Use kwrite to open text files, and kate if I'm developing stuff
environment.systemPackages = [ pkgs.kate ]; xdg.mime.defaultApplications = {
"text/plain" = "org.kde.kwrite.desktop";
# Use kwrite to open text files, and kate if I'm developing stuff };
xdg.mime.defaultApplications = {
"text/plain" = "org.kde.kwrite.desktop";
};
} }

24
roles/kde/programs/konsole.nix
View file

@ -1,17 +1,17 @@
{ pkgs, ... }: {pkgs, ...}: let
let catppuccinKonsole =
catppuccinKonsole = pkgs.fetchFromGitHub { pkgs.fetchFromGitHub {
owner = "catppuccin"; owner = "catppuccin";
repo = "konsole"; repo = "konsole";
# Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca # Latest commit is 7d86b8a1e56e58f6b5649cdaac543a573ac194ca
rev = "main"; rev = "main";
hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM="; hash = "sha256-EwSJMTxnaj2UlNJm1t6znnatfzgm1awIQQUF3VPfCTM=";
} + /Catppuccin-Mocha.colorscheme; }
in + /Catppuccin-Mocha.colorscheme;
{ in {
home-manager.users.toast = { home-manager.users.toast = {
xdg.dataFile = { xdg.dataFile = {
"konsole/Catppuccin-Mocha.colorscheme".source = catppuccinKonsole; "konsole/Catppuccin-Mocha.colorscheme".source = catppuccinKonsole;
}; };
}; };
} }

8
roles/kde/programs/neochat.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home-manager.users.toast = { home-manager.users.toast = {
home.packages = [ pkgs.neochat ]; home.packages = [pkgs.neochat];
}; };
} }

17
roles/kde/programs/skanpage.nix
View file

@ -1,9 +1,12 @@
{ config, lib, pkgs, ... }:
{ {
# Only install skanpage if scanning is set up config,
config = lib.mkIf config.hardware.sane.enable { lib,
environment.systemPackages = [ pkgs.skanpage ]; pkgs,
}; ...
# environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else []; }: {
# Only install skanpage if scanning is set up
config = lib.mkIf config.hardware.sane.enable {
environment.systemPackages = [pkgs.skanpage];
};
# environment.systemPackages = if config.hardware.sane.enable == true then [ pkgs.skanpage ] else [];
} }

106
roles/kde/sddm.nix
View file

@ -1,56 +1,56 @@
{ config, pkgs, ... }:
let
currentTheme = config.services.xserver.displayManager.sddm.theme;
sddm-sugar-candy = pkgs.stdenv.mkDerivation {
pname = "sddm-sugar-candy";
version = "master";
src = pkgs.fetchgit {
url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git";
hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU=";
};
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/sugar-candy
cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy
runHook postInstall
'';
};
/*
Adds a theme.conf.user file to the current sddm theme's folder,
allowing you to change it's configuration without needing to
repackage it
*/
customcfg = pkgs.stdenv.mkDerivation {
name = "sddm-theme-customizer";
dontUnpack = true;
# TODO: generate theme.conf.user outside of installPhase
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/${currentTheme}/
echo "[General]
background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user
runHook postInstall
'';
};
in
{ {
# Enable SDDM. config,
services.xserver.displayManager.sddm = { pkgs,
enable = true; ...
theme = "sugar-candy"; }: let
settings = { currentTheme = config.services.xserver.displayManager.sddm.theme;
General = { Numlock = "on"; };
Theme = { CursorTheme = "Breeze_Snow"; };
};
};
environment.systemPackages = [ sddm-sugar-candy customcfg ]; sddm-sugar-candy = pkgs.stdenv.mkDerivation {
pname = "sddm-sugar-candy";
version = "master";
src = pkgs.fetchgit {
url = "https://framagit.org/MarianArlt/sddm-sugar-candy.git";
hash = "sha256-XggFVsEXLYklrfy1ElkIp9fkTw4wvXbyVkaVCZq4ZLU=";
};
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/sugar-candy
cp -r /build/sddm-sugar-candy/* $out/share/sddm/themes/sugar-candy
runHook postInstall
'';
};
/*
Adds a theme.conf.user file to the current sddm theme's folder,
allowing you to change it's configuration without needing to
repackage it
*/
customcfg = pkgs.stdenv.mkDerivation {
name = "sddm-theme-customizer";
dontUnpack = true;
# TODO: generate theme.conf.user outside of installPhase
installPhase = ''
runHook preInstall
mkdir -p $out/share/sddm/themes/${currentTheme}/
echo "[General]
background = ${pkgs.plasma-workspace-wallpapers}/share/wallpapers/MilkyWay/contents/images/5120x2880.png" >> $out/share/sddm/themes/${currentTheme}/theme.conf.user
runHook postInstall
'';
};
in {
# Enable SDDM.
services.xserver.displayManager.sddm = {
enable = true;
theme = "sugar-candy";
settings = {
General = {Numlock = "on";};
Theme = {CursorTheme = "Breeze_Snow";};
};
};
environment.systemPackages = [sddm-sugar-candy customcfg];
} }

12
roles/school/default.nix
View file

@ -1,8 +1,6 @@
{ ... }: {...}: {
imports = [
{ ./services
imports = [ ./programs
./services ];
./programs
];
} }

24
roles/school/programs/default.nix
View file

@ -1,15 +1,13 @@
{ config, pkgs, ... }: {pkgs, ...}: {
imports = [
./virtualbox.nix
./idea.nix
./vscode.nix
./helix.nix
./unity.nix
];
{ environment.systemPackages = with pkgs; [
imports = [ dia
./virtualbox.nix ];
./idea.nix
./vscode.nix
./helix.nix
./unity.nix
];
environment.systemPackages = with pkgs; [
dia
];
} }

5
roles/school/programs/helix.nix
View file

@ -1,7 +1,4 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
home-manager.users.toast = { home-manager.users.toast = {
programs.helix = { programs.helix = {
extraPackages = with pkgs; [ extraPackages = with pkgs; [

58
roles/school/programs/idea.nix
View file

@ -1,33 +1,31 @@
{ config, pkgs, ... }: {pkgs, ...}:
with pkgs; {
environment.systemPackages = with jetbrains; [
idea-ultimate
];
with pkgs; home-manager.users.toast = {
{ # Install plugins
environment.systemPackages = with jetbrains; [ home.file = {
idea-ultimate ".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl {
]; url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar";
hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE=";
};
".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip {
url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip";
hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s=";
};
".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl {
url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar";
hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY=";
};
};
home-manager.users.toast = { /*
# Install plugins If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal
home.file = { This adds the jdks I want to use to a directory intellij expects jdks to be
".local/share/JetBrains/IntelliJIdea2023.3/catppuccin.jar".source = fetchurl { */
url = "https://github.com/catppuccin/jetbrains/releases/download/v3.2.3/Catppuccin.Theme-3.2.3.jar"; home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk";
hash = "sha256-v5BZ2UKEBA/0DHKGwmprmuu0RcJCDsxzWmCdnX9aXpE="; home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk";
}; };
".local/share/JetBrains/IntelliJIdea2023.3/rainbow-brackets".source = fetchzip {
url = "https://github.com/izhangzhihao/intellij-rainbow-brackets/releases/download/latest/intellij-rainbow-brackets-2023.3.9-233.zip";
hash = "sha256-faMDP6kU21WOHVjY5Aj4/Glqymo1iUCTuUJdHsq1N/s=";
};
".local/share/JetBrains/IntelliJIdea2023.3/catppuccin-icons.jar".source = fetchurl {
url = "https://github.com/catppuccin/jetbrains-icons/releases/download/v1.1.1/Catppuccin.Icons-1.1.1.jar";
hash = "sha256-Bn0Yn0RlNmJQCSC0MJQrKjeERzfHhupWnyYm0YjXFwY=";
};
};
/*
If you use programs.java.enable intellij picks up the jdk package directly, which is not ideal
This adds the jdks I want to use to a directory intellij expects jdks to be
*/
home.file.".jdks/jdk8".source = "${pkgs.jdk8}/lib/openjdk";
home.file.".jdks/jdk17".source = "${pkgs.jdk17}/lib/openjdk";
};
} }

12
roles/school/programs/unity.nix
View file

@ -1,9 +1,9 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home-manager.users.toast = { home-manager.users.toast = {
home.packages = [( home.packages = [
pkgs.unityhub (
)]; pkgs.unityhub
)
];
}; };
} }

28
roles/school/programs/virtualbox.nix
View file

@ -1,15 +1,15 @@
{ config, ... }: {...}: {
# Need to use visual studio 2019 :(
{ virtualisation.virtualbox.host = {
# Need to use visual studio 2019 :( enable = true;
virtualisation.virtualbox.host = { };
enable = true; home-manager.sharedModules = [
}; {
home-manager.sharedModules = [{ systemd.user.tmpfiles.rules = [
systemd.user.tmpfiles.rules = [ "d '/%h/VirtualBox VMs'"
"d '/%h/VirtualBox VMs'" "h '/%h/VirtualBox VMs' - - - - C "
"h '/%h/VirtualBox VMs' - - - - C " ];
]; }
}]; ];
users.users.toast.extraGroups = [ "vboxusers" ]; users.users.toast.extraGroups = ["vboxusers"];
} }

37
roles/school/programs/vscode.nix
View file

@ -1,18 +1,23 @@
{ config, pkgs, lib, flakeSelf, ... }:
let inputs = flakeSelf.inputs; in
{ {
home-manager.users.toast.programs.vscode = { pkgs,
# The redhat xml extension needs an fhs environment lib,
package = lib.mkForce pkgs.vscodium-fhs; flakeSelf,
extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [ ...
open-vsx.redhat.vscode-xml }: let
open-vsx.tomoki1207.pdf inputs = flakeSelf.inputs;
open-vsx.ms-vscode.live-server in {
open-vsx.ecmel.vscode-html-css home-manager.users.toast.programs.vscode = {
open-vsx.angular.ng-template # The redhat xml extension needs an fhs environment
]; package = lib.mkForce pkgs.vscodium-fhs;
userSettings = { extensions = with inputs.vscode-extensions.extensions.x86_64-linux; [
redhat.telemetry.enabled = false; open-vsx.redhat.vscode-xml
}; open-vsx.tomoki1207.pdf
}; open-vsx.ms-vscode.live-server
open-vsx.ecmel.vscode-html-css
open-vsx.angular.ng-template
];
userSettings = {
redhat.telemetry.enabled = false;
};
};
} }

16
roles/school/services/default.nix
View file

@ -1,10 +1,8 @@
{ ... }: {...}: {
imports = [
{ ./syncthing.nix
imports = [ ./mysql.nix
./syncthing.nix ./xampp.nix
./mysql.nix ./mongodb.nix
./xampp.nix ];
./mongodb.nix
];
} }

55
roles/school/services/mongodb.nix
View file

@ -1,31 +1,34 @@
{ config, pkgs, lib, ... }:
{ {
services.mongodb = { config,
enable = true; pkgs,
package = pkgs.mongodb-4_4; lib,
user = "toast"; ...
}; }: {
services.mongodb = {
enable = true;
package = pkgs.mongodb-4_4;
user = "toast";
};
# Don't autostart MySQL # Don't autostart MySQL
systemd.services.mongodb.wantedBy = lib.mkForce []; systemd.services.mongodb.wantedBy = lib.mkForce [];
# Allow regular users to start/stop mongodb # Allow regular users to start/stop mongodb
# https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if ( if (
action.id == "org.freedesktop.systemd1.manage-units" && action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "mongodb.service" && action.lookup("unit") == "mongodb.service" &&
subject.user == "${config.services.mongodb.user}" subject.user == "${config.services.mongodb.user}"
) )
{ {
return polkit.Result.YES; return polkit.Result.YES;
} }
}) })
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mongosh mongosh
]; ];
} }

59
roles/school/services/mysql.nix
View file

@ -1,33 +1,36 @@
{ config, pkgs, lib, ... }:
{ {
services.mysql = { config,
enable = true; pkgs,
package = pkgs.mysql80; lib,
user = "toast"; ...
group = "users"; }: {
}; services.mysql = {
enable = true;
package = pkgs.mysql80;
user = "toast";
group = "users";
};
# Don't autostart MySQL # Don't autostart MySQL
systemd.services.mysql.wantedBy = lib.mkForce []; systemd.services.mysql.wantedBy = lib.mkForce [];
# Allow regular users to start/stop mysql # Allow regular users to start/stop mysql
# https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if ( if (
action.id == "org.freedesktop.systemd1.manage-units" && action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "mysql.service" && action.lookup("unit") == "mysql.service" &&
subject.user == "${config.services.mysql.user}" subject.user == "${config.services.mysql.user}"
) )
{ {
return polkit.Result.YES; return polkit.Result.YES;
} }
}) })
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mysql-workbench mysql-workbench
mycli mycli
]; ];
} }

20
roles/school/services/syncthing.nix
View file

@ -1,12 +1,10 @@
{ config, ... }: {...}: {
services.syncthing.settings.folders = {
{ "school-things" = {
services.syncthing.settings.folders = { label = "School things";
"school-things" = { id = "z6alc-nfoqr";
label = "School things"; devices = ["steamdeck" "server" "pc" "winmax2"];
id = "z6alc-nfoqr"; path = "~/Documents/School things";
devices = [ "steamdeck" "server" "pc" "winmax2" ]; };
path = "~/Documents/School things"; };
};
};
} }

68
roles/school/services/xampp.nix
View file

@ -1,36 +1,34 @@
{ config, pkgs, ... }: {pkgs, ...}: let
let booDark = pkgs.fetchzip {
booDark = pkgs.fetchzip { url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip";
url = "https://github.com/adorade/boodark/releases/download/v1.1.1/boodark-v1.1.1.zip"; hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo=";
hash = "sha256-GE/FtFlU6A4I9sRyjMhQIidGpDLD99Wzzngz3QI/rSo="; };
}; in {
in # I tried setting up httpd + php in class but I just gave up
{ virtualisation.oci-containers = {
# I tried setting up httpd + php in class but I just gave up containers."xampp" = {
virtualisation.oci-containers = { autoStart = false;
containers."xampp" = { image = "tomsik68/xampp";
autoStart = false; #user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}";
image = "tomsik68/xampp"; volumes = [
#user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}"; "xampp-mysql:/opt/lampp/var/mysql"
volumes = [ # No dark mode installed by default :(
"xampp-mysql:/opt/lampp/var/mysql" "${booDark}:/opt/lampp/phpmyadmin/themes/booDark"
# No dark mode installed by default :( ];
"${booDark}:/opt/lampp/phpmyadmin/themes/booDark" ports = ["41061:22" "41062:80"];
]; };
ports = [ "41061:22" "41062:80" ]; };
};
};
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if ( if (
action.id == "org.freedesktop.systemd1.manage-units" && action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "podman-xampp.service" && action.lookup("unit") == "podman-xampp.service" &&
subject.user == "toast" subject.user == "toast"
) )
{ {
return polkit.Result.YES; return polkit.Result.YES;
} }
}) })
''; '';
} }

20
roles/server/avahi.nix
View file

@ -1,11 +1,9 @@
{ config, ... }: {...}: {
services.avahi = {
{ openFirewall = true;
services.avahi = { publish = {
openFirewall = true; enable = true;
publish = { userServices = true;
enable = true; };
userServices = true; };
}; }
};
}

30
roles/server/beep.nix
View file

@ -1,16 +1,16 @@
{ config, pkgs, ... }: {pkgs, ...}: {
# Beep as soon as possible in the initrd
{ boot.initrd = {
# Beep as soon as possible in the initrd kernelModules = ["pcspkr"];
boot.initrd = { extraFiles.beep.source = pkgs.beep;
kernelModules = [ "pcspkr" ]; postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2";
extraFiles.beep.source = pkgs.beep; };
postDeviceCommands = "/beep/bin/beep -f 3000 -l 50 -r 2"; /*
}; systemd.services.startupBeep = {
/*systemd.services.startupBeep = { description = "Beep when system started booting";
description = "Beep when system started booting"; wantedBy = [ "sysinit.target" ];
wantedBy = [ "sysinit.target" ]; script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2";
script = "${pkgs.beep}/bin/beep -f 3000 -l 50 -r 2"; serviceConfig = { Type = "oneshot"; };
serviceConfig = { Type = "oneshot"; }; };
};*/ */
} }

34
roles/server/ddclient.nix
View file

@ -1,20 +1,20 @@
{ config, flakeSelf, ... }:
let
hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
in
{ {
# Set up secrets config,
age.secrets = { ddclient-passwd.file = hostSecrets + "/ddclient-password.age"; }; flakeSelf,
...
}: let
hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
in {
# Set up secrets
age.secrets = {ddclient-passwd.file = hostSecrets + "/ddclient-password.age";};
services.ddclient = { services.ddclient = {
enable = true; enable = true;
use = "web, web=dynamicdns.park-your-domain.com/getip"; use = "web, web=dynamicdns.park-your-domain.com/getip";
protocol = "namecheap"; protocol = "namecheap";
server = "dynamicdns.park-your-domain.com"; server = "dynamicdns.park-your-domain.com";
username = "toast003.xyz"; username = "toast003.xyz";
passwordFile = config.age.secrets.ddclient-passwd.path; passwordFile = config.age.secrets.ddclient-passwd.path;
domains = [ "@" ]; domains = ["@"];
}; };
} }

36
roles/server/default.nix
View file

@ -1,20 +1,18 @@
{ ... }: {...}: {
imports = [
{ ./avahi.nix
imports = [ ./nfs.nix
./avahi.nix ./samba.nix
./nfs.nix ./ssh.nix
./samba.nix ./forgejo.nix
./ssh.nix ./syncthing.nix
./forgejo.nix ./endlessh.nix
./syncthing.nix ./transmission.nix
./endlessh.nix ./ddclient.nix
./transmission.nix ./beep.nix
./ddclient.nix ./tailscale.nix
./beep.nix ./traefik.nix
./tailscale.nix ./minecraft.nix
./traefik.nix ./dns.nix
./minecraft.nix ];
./dns.nix
];
} }

24
roles/server/dns.nix
View file

@ -1,22 +1,20 @@
{ ... }: {...}: {
{
services.dnsmasq = { services.dnsmasq = {
enable = true; enable = true;
# Only using this for tailscale IPs, so better to let tailscale itself deal with it # Only using this for tailscale IPs, so better to let tailscale itself deal with it
resolveLocalQueries = false; resolveLocalQueries = false;
settings = { settings = {
listen-address = [ "100.73.96.48" ]; listen-address = ["100.73.96.48"];
/* /*
Dnsmasq tries to use the tailscale dns server, which is bad cause that points to dnsmasq Dnsmasq tries to use the tailscale dns server, which is bad cause that points to dnsmasq
From the little testing I have done it seems to not cause any issues, but better to be safe From the little testing I have done it seems to not cause any issues, but better to be safe
than sorry :P than sorry :P
*/ */
dns-loop-detect = true; dns-loop-detect = true;
# If this isn't set a cname that targets a host might return the wrong ip # If this isn't set a cname that targets a host might return the wrong ip
localise-queries = true; localise-queries = true;
## IPv6 is not a thing in Spain so I'm guaranteed to not use it ## IPv6 is not a thing in Spain so I'm guaranteed to not use it
@ -29,11 +27,11 @@
# Add tailscale hosts # Add tailscale hosts
networking.hosts = { networking.hosts = {
"100.73.96.48" = [ "everest" ]; "100.73.96.48" = ["everest"];
"100.113.139.93" = [ "archie" ]; "100.113.139.93" = ["archie"];
"100.85.48.85" = [ "steamdeck" ]; "100.85.48.85" = ["steamdeck"];
"100.96.92.13" = [ "surfecego" ]; "100.96.92.13" = ["surfecego"];
"100.106.73.20" = [ "winmax2" ]; "100.106.73.20" = ["winmax2"];
}; };
# Dnsmasq conflicts with the resolved dns stub listener # Dnsmasq conflicts with the resolved dns stub listener

18
roles/server/endlessh.nix
View file

@ -1,10 +1,8 @@
{ config, ... }: {...}: {
# I prefer using the go implementation
{ services.endlessh-go = {
# I prefer using the go implementation enable = true;
services.endlessh-go = { openFirewall = true;
enable = true; extraOptions = ["-alsologtostderr" "-v=1"];
openFirewall = true; };
extraOptions = [ "-alsologtostderr" "-v=1"] ; }
};
}

10
roles/server/forgejo.nix
View file

@ -1,6 +1,8 @@
{ config, lib, ... }:
{ {
config,
lib,
...
}: {
specialisation.forgejoEnableRegistration.configuration.services.forgejo.settings.service.DISABLE_REGISTRATION = false; specialisation.forgejoEnableRegistration.configuration.services.forgejo.settings.service.DISABLE_REGISTRATION = false;
services.forgejo = { services.forgejo = {
enable = true; enable = true;
@ -22,7 +24,7 @@
}; };
# Add a cname for forgejo # Add a cname for forgejo
services.dnsmasq.settings.cname = [ "git.everest.sable-pancake.ts.net,everest" ]; services.dnsmasq.settings.cname = ["git.everest.sable-pancake.ts.net,everest"];
# Set up traefik as the reverse proxy for Forgejo # Set up traefik as the reverse proxy for Forgejo
services.traefik = { services.traefik = {
@ -35,7 +37,7 @@
}; };
}; };
services.forgejo.loadBalancer.servers = [ services.forgejo.loadBalancer.servers = [
{ url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; } {url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";}
]; ];
}; };
}; };

217
roles/server/minecraft.nix
View file

@ -1,115 +1,116 @@
{ config, pkgs, flakeSelf, ... }:
let
atfc = builtins.fetchurl {
url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download";
sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x";
};
puffish_skills = builtins.fetchurl {
url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download";
sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil";
};
spark = builtins.fetchurl {
url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download";
sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x";
};
port = 25565;
users = config.users;
in
{ {
users = { config,
groups.minecraft = { pkgs,
members = [ "toast" ]; flakeSelf,
gid = 987; ...
}; }: let
users.atfc = { atfc = builtins.fetchurl {
isSystemUser = true; url = "https://www.curseforge.com/api/v1/mods/813246/files/4732590/download";
uid = 988; sha256 = "0yl6ixmhfgqvcj3kfshpf8fy42vkkmjbn7d7yg86jx0ykiiq5f9x";
group = "minecraft"; };
home = "/var/lib/minecraft/atfc"; puffish_skills = builtins.fetchurl {
homeMode = "750"; url = "https://www.curseforge.com/api/v1/mods/835091/files/4747353/download";
createHome = true; sha256 = "1pwx8zqih019l12lrmllrjv2al0mjzwj4p5qmc4ps1g555jy8qil";
}; };
}; spark = builtins.fetchurl {
url = "https://www.curseforge.com/api/v1/mods/361579/files/4505375/download";
virtualisation.oci-containers = { sha256 = "1708lrx1nif0mvf7ambw8504j12wbn0vm69wsh21p8ylqpql1s4x";
containers."minecraft-atfc" = { };
autoStart = true;
image = "itzg/minecraft-server";
#user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}";
environment = {
TZ = "Europe/Madrid";
EULA = "true";
TYPE = "forge";
MEMORY = "2G";
UID = toString users.users.atfc.uid;
GID = toString users.groups.minecraft.gid;
VERSION = "1.18.2";
FORGE_VERSION = "40.2.10";
GENERIC_PACK = "/modpack.zip";
#USE_AIKAR_FLAGS = "true";
#STOP_DURATION = "70";
STOP_SERVER_ANNOUNCE_DELAY = "25";
# server.properties port = 25565;
MOTD = "Toast's modded minecraft server"; users = config.users;
DIFFICULTY = "hard"; in {
SNOOPER_ENABLED = "false"; users = {
SPAWN_PROTECTION = "0"; groups.minecraft = {
LEVEL_TYPE = "tfc:tng"; members = ["toast"];
BROADCAST_CONSOLE_TO_OPS = "true"; gid = 987;
BROADCAST_RCON_TO_OPS = "true"; };
VIEW_DISTANCE = "16"; users.atfc = {
MAX_PLAYERS = "4"; isSystemUser = true;
uid = 988;
group = "minecraft";
home = "/var/lib/minecraft/atfc";
homeMode = "750";
createHome = true;
};
};
RCON_CMDS_LAST_DISCONNECT = "save-all"; virtualisation.oci-containers = {
containers."minecraft-atfc" = {
OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff"; autoStart = true;
EXISTING_OPS_FILE = "synchronize"; image = "itzg/minecraft-server";
#user = "${toString users.users.atfc.uid}:${toString users.groups.minecraft.gid}";
environment = {
TZ = "Europe/Madrid";
EULA = "true";
TYPE = "forge";
MEMORY = "2G";
UID = toString users.users.atfc.uid;
GID = toString users.groups.minecraft.gid;
VERSION = "1.18.2";
FORGE_VERSION = "40.2.10";
GENERIC_PACK = "/modpack.zip";
#USE_AIKAR_FLAGS = "true";
WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7"; #STOP_DURATION = "70";
EXISTING_WHITELIST_FILE = "synchronize"; STOP_SERVER_ANNOUNCE_DELAY = "25";
# Auto pause needs this # server.properties
MAX_TICK_TIME = "-1"; MOTD = "Toast's modded minecraft server";
AUTOPAUSE_KNOCK_INTERFACE = "tap0"; DIFFICULTY = "hard";
ENABLE_AUTOPAUSE = "true"; SNOOPER_ENABLED = "false";
}; SPAWN_PROTECTION = "0";
extraOptions = [ LEVEL_TYPE = "tfc:tng";
"--network=slirp4netns:port_handler=slirp4netns" BROADCAST_CONSOLE_TO_OPS = "true";
"--cap-add=CAP_NET_RAW" BROADCAST_RCON_TO_OPS = "true";
]; VIEW_DISTANCE = "16";
MAX_PLAYERS = "4";
volumes = [
"${atfc}:/modpack.zip"
"${puffish_skills}:/mods/puffish_skills.jar"
"${spark}:/mods/spark.jar"
"${users.users.atfc.home}:/data"
#"/tmp/minecraft:/data"
];
ports = [ "25565:${toString port}" ];
};
};
networking.firewall.allowedTCPPorts = [ port ];
# anything-sync-daemon config RCON_CMDS_LAST_DISCONNECT = "save-all";
systemd.packages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ];
environment.systemPackages = with pkgs; [ flakeSelf.packages.x86_64-linux.anything-sync-daemon ]; OPS = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff";
fileSystems.minecraftTmpfs = { EXISTING_OPS_FILE = "synchronize";
device = "none";
fsType = "tmpfs"; WHITELIST = "b3ca4afb-a3da-4a78-85c3-2292fd0787e2,0cb3d02a-1d1f-4d7f-b70c-bd53dc155cff,03f080e8-ce8e-4b90-a312-734747ce7db0,ea88f690-cf46-4416-bfd5-6f6b165885f7";
mountPoint = "/mnt/minecraftTmpfs"; EXISTING_WHITELIST_FILE = "synchronize";
options = [ "size=4G "];
}; # Auto pause needs this
environment.etc."asd.conf".text = MAX_TICK_TIME = "-1";
''WHATTOSYNC=('/var/lib/minecraft') AUTOPAUSE_KNOCK_INTERFACE = "tap0";
VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}" ENABLE_AUTOPAUSE = "true";
USE_OVERLAYFS="yes" ''; };
systemd.services.asd = { extraOptions = [
wantedBy = [ "podman-minecraft-atfc.service" ]; "--network=slirp4netns:port_handler=slirp4netns"
before = [ "podman-minecraft-atfc.service" ]; "--cap-add=CAP_NET_RAW"
}; ];
volumes = [
"${atfc}:/modpack.zip"
"${puffish_skills}:/mods/puffish_skills.jar"
"${spark}:/mods/spark.jar"
"${users.users.atfc.home}:/data"
#"/tmp/minecraft:/data"
];
ports = ["25565:${toString port}"];
};
};
networking.firewall.allowedTCPPorts = [port];
# anything-sync-daemon config
systemd.packages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon];
environment.systemPackages = with pkgs; [flakeSelf.packages.x86_64-linux.anything-sync-daemon];
fileSystems.minecraftTmpfs = {
device = "none";
fsType = "tmpfs";
mountPoint = "/mnt/minecraftTmpfs";
options = ["size=4G "];
};
environment.etc."asd.conf".text = '' WHATTOSYNC=('/var/lib/minecraft')
VOLATILE="${config.fileSystems.minecraftTmpfs.mountPoint}"
USE_OVERLAYFS="yes" '';
systemd.services.asd = {
wantedBy = ["podman-minecraft-atfc.service"];
before = ["podman-minecraft-atfc.service"];
};
} }

64
roles/server/nfs.nix
View file

@ -1,36 +1,34 @@
{ config, lib, ... }: {config, ...}: {
services = {
nfs.server = {
enable = true;
exports = ''
${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid})
'';
# NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall
statdPort = 4000;
lockdPort = 4001;
mountdPort = 4002;
};
{ avahi.extraServiceFiles = {
services = { Transmission-downloads-nfs = ''
nfs.server = { <?xml version="1.0" standalone='no'?>
enable = true; <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
exports = '' <service-group>
${config.services.transmission.settings.download-dir} *.sable-pancake.ts.net(ro,all_squash,anonuid=${toString config.users.users.transmission.uid},anongid=${toString config.users.groups.transmission.gid}) <name replace-wildcards="yes">Transmission Downloads on %h (NFS)</name>
''; <service>
# NFSv3 uses random ports, so you need to make them static to be able to pass though the firewall <type>_nfs._tcp</type>
statdPort = 4000; <port>2049</port>
lockdPort = 4001; <txt-record>path=${config.services.transmission.settings.download-dir}</txt-record>
mountdPort = 4002; </service>
}; </service-group>
'';
};
};
avahi.extraServiceFiles = { networking.firewall = {
Transmission-downloads-nfs = '' allowedTCPPorts = [111 2049 4000 40001 4002];
<?xml version="1.0" standalone='no'?> allowedUDPPorts = [111 2049 4000 40001 4002];
<!DOCTYPE service-group SYSTEM "avahi-service.dtd"> };
<service-group>
<name replace-wildcards="yes">Transmission Downloads on %h (NFS)</name>
<service>
<type>_nfs._tcp</type>
<port>2049</port>
<txt-record>path=${config.services.transmission.settings.download-dir}</txt-record>
</service>
</service-group>
'';
};
};
networking.firewall = {
allowedTCPPorts = [ 111 2049 4000 40001 4002 ];
allowedUDPPorts = [ 111 2049 4000 40001 4002 ];
};
} }

68
roles/server/samba.nix
View file

@ -1,37 +1,35 @@
{ config, lib, ... }: {config, ...}: {
services = {
samba = {
enable = true;
openFirewall = true;
extraConfig = ''
map to guest = bad user
guest account = transmission
'';
shares = {
"Transmission downloads" = {
path = "${config.services.transmission.settings.download-dir}";
"read only" = true;
public = true;
"guest only" = true;
browseable = true;
};
};
};
{ avahi.extraServiceFiles = {
services = { Transmission-downloads-smb = ''
samba = { <?xml version="1.0" standalone='no'?>
enable = true; <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
openFirewall = true; <service-group>
extraConfig = '' <name replace-wildcards="yes">SMB shares on %h</name>
map to guest = bad user <service>
guest account = transmission <type>_smb._tcp</type>
''; <port>139</port>
shares = { </service>
"Transmission downloads" = { </service-group>
path = "${config.services.transmission.settings.download-dir}"; '';
"read only" = true; };
public = true; };
"guest only" = true;
browseable = true;
};
};
};
avahi.extraServiceFiles = {
Transmission-downloads-smb = ''
<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">SMB shares on %h</name>
<service>
<type>_smb._tcp</type>
<port>139</port>
</service>
</service-group>
'';
};
};
} }

20
roles/server/ssh.nix
View file

@ -1,12 +1,10 @@
{ config, ... }: {...}: {
services.openssh = {
{ enable = true;
services.openssh = { settings = {
enable = true; PermitRootLogin = "no";
settings = { PasswordAuthentication = false;
PermitRootLogin = "no"; };
PasswordAuthentication = false; startWhenNeeded = true;
}; };
startWhenNeeded = true;
};
} }

106
roles/server/syncthing.nix
View file

@ -1,57 +1,55 @@
{ config, ... }: {config, ...}: {
services.syncthing = {
enable = true;
key = config.age.secrets.syncthingKey.path;
cert = config.age.secrets.syncthingCert.path;
guiAddress = "0.0.0.0:8384";
settings.folders = {
"passwords" = {
path = "${config.services.syncthing.dataDir}/passwords";
};
"school-things" = {
label = "School things";
id = "z6alc-nfoqr";
devices = ["steamdeck" "server" "pc" "winmax2"];
path = "${config.services.syncthing.dataDir}/school-things";
};
"steam-201810" = {
label = "Wolfenstein The New Order Saves";
id = "laxxf-t2wmy";
devices = ["steamdeck" "server" "pc" "winmax2"];
path = "${config.services.syncthing.dataDir}/steam-201810";
};
"retroarch" = {
label = "RetroArch";
id = "jxuou-2yjnu";
devices = ["steamdeck" "server" "pc" "winmax2"];
path = "${config.services.syncthing.dataDir}/retroarch";
};
};
};
systemd.services.syncthing.serviceConfig = {
# Allow syncthing to change ownership of files
AmbientCapabilities = "CAP_CHOWN CAP_FOWNER";
};
{ # Add a cname for syncthing
services.syncthing = { services.dnsmasq.settings.cname = ["sync.everest.sable-pancake.ts.net,everest"];
enable = true;
key = config.age.secrets.syncthingKey.path;
cert = config.age.secrets.syncthingCert.path;
guiAddress = "0.0.0.0:8384";
settings.folders = {
"passwords" = {
path = "${config.services.syncthing.dataDir}/passwords";
};
"school-things" = {
label = "School things";
id = "z6alc-nfoqr";
devices = [ "steamdeck" "server" "pc" "winmax2" ];
path = "${config.services.syncthing.dataDir}/school-things";
};
"steam-201810" = {
label = "Wolfenstein The New Order Saves";
id = "laxxf-t2wmy";
devices = [ "steamdeck" "server" "pc" "winmax2" ];
path = "${config.services.syncthing.dataDir}/steam-201810";
};
"retroarch"= {
label = "RetroArch";
id = "jxuou-2yjnu";
devices = [ "steamdeck" "server" "pc" "winmax2" ];
path = "${config.services.syncthing.dataDir}/retroarch";
};
};
};
systemd.services.syncthing.serviceConfig = {
# Allow syncthing to change ownership of files
AmbientCapabilities = "CAP_CHOWN CAP_FOWNER";
};
# Add a cname for syncthing # Set up traefik as the reverse proxy for syncthing
services.dnsmasq.settings.cname = [ "sync.everest.sable-pancake.ts.net,everest" ]; services.traefik = {
dynamicConfigOptions = {
# Set up traefik as the reverse proxy for syncthing http = {
services.traefik = { routers = {
dynamicConfigOptions = { syncthing-subdomain = {
http = { rule = "Host(`sync.everest.sable-pancake.ts.net`)";
routers = { service = "syncthing";
syncthing-subdomain = { };
rule = "Host(`sync.everest.sable-pancake.ts.net`)"; };
service = "syncthing"; services.syncthing.loadBalancer.servers = [
}; {url = "http://localhost:8384";}
}; ];
services.syncthing.loadBalancer.servers = [ };
{ url = "http://localhost:8384"; } };
]; };
};
};
};
} }

12
roles/server/tailscale.nix
View file

@ -1,8 +1,6 @@
{ config, ... }: {...}: {
services.tailscale = {
{ # This is needed for being an exit node
services.tailscale = { useRoutingFeatures = "server";
# This is needed for being an exit node };
useRoutingFeatures = "server";
};
} }

Some files were not shown because too many files have changed in this diff Show more