Initial Config
This commit is contained in:
commit
3b8a6567b2
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
settings.nix
|
||||
hardware-configuration.nix
|
246
configure.sh
Executable file
246
configure.sh
Executable file
@ -0,0 +1,246 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Change into script dir.
|
||||
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit
|
||||
nixosDir=$(pwd)
|
||||
|
||||
# Defaults
|
||||
defaultHostname="nixos"
|
||||
defaultSwap="8G"
|
||||
defaultName="grmrgecko"
|
||||
defaultDescription="James Coleman"
|
||||
defaultGitName="GRMrGecko"
|
||||
defaultGitEmail="grmrgecko@gmail.com"
|
||||
|
||||
# A simple function to print an array.
|
||||
CHOICE=0
|
||||
chooseOpts() {
|
||||
local opts i
|
||||
CHOICE=-1
|
||||
opts=("$@")
|
||||
# Keep an index to properly index the options.
|
||||
i=0
|
||||
echo
|
||||
# For each option, print it and increment the index.
|
||||
for opt in "${opts[@]}"; do
|
||||
echo "$i) $opt"
|
||||
i=$((i+1))
|
||||
done
|
||||
# Ask for their choice.
|
||||
echo
|
||||
echo -n "Enter choice: "
|
||||
read -r CHOICE
|
||||
# Check inputted index range.
|
||||
if ((CHOICE >= ${#opts[@]} || CHOICE < 0)); then
|
||||
echo "Invalid range"
|
||||
chooseOpts "$@"
|
||||
fi
|
||||
}
|
||||
|
||||
# A looping function to choose Y or N.
|
||||
chooseYN() {
|
||||
local default=""
|
||||
if [[ "$1" =~ \[.*([YN]).*\] ]]; then
|
||||
default=${BASH_REMATCH[1]}
|
||||
fi
|
||||
echo -n "$1: "
|
||||
read -r CHOICE
|
||||
[[ -z $CHOICE ]] && CHOICE=$default
|
||||
if [[ "$CHOICE" =~ ^[yY]$ ]]; then
|
||||
CHOICE="y"
|
||||
elif [[ "$CHOICE" =~ ^[nN]$ ]]; then
|
||||
CHOICE="n"
|
||||
else
|
||||
chooseYN "$1"
|
||||
fi
|
||||
}
|
||||
|
||||
# Determine video drivers based on PCI devices.
|
||||
videoDrivers="unknown"
|
||||
pciRaw=$(lspci | grep -E 'VGA')
|
||||
if [[ "$pciRaw" =~ QXL ]]; then
|
||||
videoDrivers="qxl"
|
||||
elif [[ "$pciRaw" =~ NVIDIA ]]; then
|
||||
videoDrivers="nvidia"
|
||||
elif [[ "$pciRaw" =~ AMD ]]; then
|
||||
videoDrivers="amdgpu"
|
||||
fi
|
||||
|
||||
# Get the packages souce, rather its unstable or stable.
|
||||
PACKAGESOPTS=(
|
||||
"stable"
|
||||
"unstable"
|
||||
)
|
||||
echo "Packages source"
|
||||
chooseOpts "${PACKAGESOPTS[@]}"
|
||||
PACKAGES=${PACKAGESOPTS[$CHOICE]}
|
||||
|
||||
# Get the profile for this system.
|
||||
PROFILEOPTS=()
|
||||
# Build profile list from profiles directory.
|
||||
for profile in ./profiles/*.nix; do
|
||||
PROFILEOPTS+=("$(basename "${profile%.*}")")
|
||||
done
|
||||
echo "Choose your profile"
|
||||
chooseOpts "${PROFILEOPTS[@]}"
|
||||
PROFILE=${PROFILEOPTS[$CHOICE]}
|
||||
|
||||
# Get the hostname.
|
||||
echo -n "Choose hostname [$defaultHostname]: "
|
||||
read -r hostName
|
||||
[[ -z $hostName ]] && hostName=$defaultHostname
|
||||
|
||||
# Determine default disk.
|
||||
diskDefault=""
|
||||
[[ -e /dev/sda ]] && diskDefault="/dev/sda"
|
||||
[[ -e /dev/vda ]] && diskDefault="/dev/vda"
|
||||
echo
|
||||
echo "Select a disk from the list below:"
|
||||
# List disks to allow a choice to be made without stopping
|
||||
# configuration and verifying available disks.
|
||||
lsblk -o PATH,ID-LINK,SIZE -t
|
||||
echo
|
||||
echo -n "Choose disk (/dev/disk/by-id/{ID-LINK}) [$diskDefault]: "
|
||||
read -r disk
|
||||
# If selected disk is none, use the default disk determined above.
|
||||
[[ -z $disk ]] && disk=$diskDefault
|
||||
|
||||
# Get the swap size.
|
||||
echo -n "Swap size [$defaultSwap]: "
|
||||
read -r swapSize
|
||||
[[ -z $swapSize ]] && swapSize=$defaultSwap
|
||||
|
||||
# Determine if we should LUKS encrypt the disk.
|
||||
luks="false"
|
||||
chooseYN "Use LUKS Encryption? [N/y]"
|
||||
if [[ "$CHOICE" == "y" ]]; then
|
||||
luks="true"
|
||||
# Get a password from the user, with confirmation to ensure
|
||||
# we are not setting a typo.
|
||||
while true; do
|
||||
echo -n "Enter your luks encryption passphrase: "
|
||||
read -r -s luksPasswd
|
||||
echo -n "Confirm your luks encryption passphrase: "
|
||||
read -r -s confirmLuksPasswd
|
||||
if [[ "$luksPasswd" == "$confirmLuksPasswd" ]]; then
|
||||
break
|
||||
fi
|
||||
echo "Passwords do not match, try again."
|
||||
done
|
||||
# Save the password to the tmpfs for disko to pick up during partitioning.
|
||||
echo "$luksPasswd" > /tmp/secret.key
|
||||
fi
|
||||
|
||||
# Get username for the main user.
|
||||
echo -n "Main user name [$defaultName]: "
|
||||
read -r name
|
||||
[[ -z $name ]] && name=$defaultName me
|
||||
|
||||
# Get description for the main user.
|
||||
echo -n "Main user description [$defaultDescription]: "
|
||||
read -r description
|
||||
[[ -z $description ]] && description=$defaultDescription
|
||||
|
||||
# Determine password for main user, verifying no typos.
|
||||
while true; do
|
||||
echo -n "Enter password for main user: "
|
||||
read -r -s mainPasswd
|
||||
echo -n "Confirm your password for main user: "
|
||||
read -r -s confirmMainPasswd
|
||||
if [[ "$mainPasswd" == "$confirmMainPasswd" ]]; then
|
||||
break
|
||||
fi
|
||||
echo "Passwords do not match, try again."
|
||||
done
|
||||
# Use mkpasswd to create a hashed password with the lastest
|
||||
# linux password hashing algorithm.
|
||||
password=$(mkpasswd "$mainPasswd")
|
||||
|
||||
# Determine SSH keys to allow into the system.
|
||||
sshKeys=()
|
||||
while true; do
|
||||
echo "To exit loop, press enter."
|
||||
echo -n "Add ssh key (Github Username or ssh key): "
|
||||
read -r keyToAdd
|
||||
|
||||
# If empty, exit loop as all keys were selected.
|
||||
[[ -z $keyToAdd ]] && break
|
||||
|
||||
# If matches an ssh public key, add to list.
|
||||
if [[ "$keyToAdd" =~ ^ssh-.* ]]; then
|
||||
echo "Added key: $keyToAdd"
|
||||
sshKeys+=("$keyToAdd")
|
||||
continue
|
||||
fi
|
||||
|
||||
# If is an username, check github for all keys and add them.
|
||||
if [[ "$keyToAdd" =~ ([a-zA-Z0-9]+) ]]; then
|
||||
githubUsername=${BASH_REMATCH[1]}
|
||||
while read -r key; do
|
||||
if [[ $key == "Not Found" ]]; then
|
||||
echo "Github user provided not found"
|
||||
continue
|
||||
fi
|
||||
echo "Adding key: $key"
|
||||
sshKeys+=("$key")
|
||||
done < <(curl -s -q "https://github.com/$githubUsername.keys")
|
||||
fi
|
||||
done
|
||||
|
||||
# Determine if we want to autologin to the main user,
|
||||
# this may be desirable on full disk encrypted machines.
|
||||
autoLogin="false"
|
||||
chooseYN "Autologin to main user? [N/y]"
|
||||
if [[ "$CHOICE" == "y" ]]; then
|
||||
autoLogin="true"
|
||||
fi
|
||||
|
||||
# Get git name.
|
||||
echo -n "Git name [$defaultGitName]: "
|
||||
read -r gitName
|
||||
[[ -z $gitName ]] && gitName=$defaultGitName me
|
||||
|
||||
# Get git email.
|
||||
echo -n "Git email [$defaultGitEmail]: "
|
||||
read -r gitEmail
|
||||
[[ -z $gitEmail ]] && gitEmail=$defaultGitEmail
|
||||
|
||||
# Generate settings.nix file with above choosen options.
|
||||
echo "Generating settings.nix:"
|
||||
cat <<EOF | tee "$nixosDir/settings.nix"
|
||||
rec {
|
||||
system = "x86_64-linux";
|
||||
timezone = "America/Chicago";
|
||||
locale = "en_US.UTF-8";
|
||||
packages = "${PACKAGES}";
|
||||
profile = "${PROFILE}";
|
||||
hostId = (builtins.substring 0 8 (builtins.readFile "/etc/machine-id"));
|
||||
hostName = "${hostName}";
|
||||
videoDrivers = "${videoDrivers}";
|
||||
disk = {
|
||||
device = "${disk}";
|
||||
swapSize = "${swapSize}";
|
||||
luks = ${luks};
|
||||
};
|
||||
user = {
|
||||
name = "${name}";
|
||||
description = "${description}";
|
||||
hashedPassword = "${password}";
|
||||
openssh.authorizedKeys.keys = [$(printf ' "%s"' "${sshKeys[@]}") ];
|
||||
autoLogin = ${autoLogin};
|
||||
};
|
||||
root = {
|
||||
hashedPassword = user.hashedPassword;
|
||||
openssh.authorizedKeys.keys = user.openssh.authorizedKeys.keys;
|
||||
};
|
||||
git = {
|
||||
name = "${gitName}";
|
||||
email = "${gitEmail}";
|
||||
};
|
||||
}
|
||||
EOF
|
||||
|
||||
# Generate hardware-configuration.nix without filesystems as we use the disko partitoning flake.
|
||||
echo
|
||||
echo "Generating hardware-configuration.nix"
|
||||
nixos-generate-config --no-filesystems --show-hardware-config | tee "$nixosDir/hardware-configuration.nix"
|
86
flake.lock
Normal file
86
flake.lock
Normal file
@ -0,0 +1,86 @@
|
||||
{
|
||||
"nodes": {
|
||||
"disko": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715217706,
|
||||
"narHash": "sha256-yEB5SEHc+o3WJpUPw455OdLy9A+gffvCJX8DZ7NCkuo=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "8eb1b315eef89f3bdc5c9814d1b207c6d64f0046",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715486357,
|
||||
"narHash": "sha256-4pRuzsHZOW5W4CsXI9uhKtiJeQSUoe1d2M9mWU98HC4=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "44677a1c96810a8e8c4ffaeaad10c842402647c1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1715106579,
|
||||
"narHash": "sha256-gZMgKEGiK6YrwGBiccZ1gemiUwjsZ1Zv49KYOgmX2fY=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "8be0d8a1ed4f96d99b09aa616e2afd47acc3da89",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1715087517,
|
||||
"narHash": "sha256-CLU5Tsg24Ke4+7sH8azHWXKd0CFd4mhLWfhYgUiDBpQ=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "b211b392b8486ee79df6cdfb1157ad2133427a29",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"disko": "disko",
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
81
flake.nix
Normal file
81
flake.nix
Normal file
@ -0,0 +1,81 @@
|
||||
{
|
||||
description = "Nixos config flake";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
|
||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
|
||||
disko = {
|
||||
url = "github:nix-community/disko";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
url = "github:nix-community/home-manager";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
outputs = inputs@{ self, ... }:
|
||||
let
|
||||
settings = (if (builtins.pathExists ./settings.nix)
|
||||
then
|
||||
(import ./settings.nix)
|
||||
else
|
||||
(import ./settings-default.nix)
|
||||
);
|
||||
|
||||
nixpkgs = (if (settings.packages == "stable")
|
||||
then
|
||||
inputs.nixpkgs
|
||||
else
|
||||
inputs.nixpkgs-unstable
|
||||
);
|
||||
|
||||
overlay-unstable = final: prev: {
|
||||
unstable = import inputs.nixpkgs-unstable {
|
||||
system = settings.system;
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
};
|
||||
|
||||
pkgs = (import nixpkgs {
|
||||
system = settings.system;
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
allowUnfreePredicate = (_: true);
|
||||
};
|
||||
overlays = [ overlay-unstable ];
|
||||
});
|
||||
|
||||
mkSystem = config: nixpkgs.lib.nixosSystem {
|
||||
system = settings.system;
|
||||
specialArgs = {
|
||||
inherit inputs;
|
||||
inherit pkgs;
|
||||
inherit settings;
|
||||
};
|
||||
modules = [
|
||||
config
|
||||
inputs.disko.nixosModules.disko
|
||||
inputs.home-manager.nixosModules.default
|
||||
];
|
||||
};
|
||||
|
||||
mkHome = config: inputs.home-manager.lib.homeManagerConfiguration {
|
||||
inherit pkgs;
|
||||
extraSpecialArgs = {
|
||||
inherit inputs;
|
||||
inherit settings;
|
||||
};
|
||||
modules = [ config ];
|
||||
};
|
||||
in {
|
||||
nixosConfigurations.default = mkSystem ./hosts/default/configuration.nix;
|
||||
nixosConfigurations.tama = mkSystem ./hosts/tama/configuration.nix;
|
||||
|
||||
homeConfigurations = {
|
||||
${settings.user.name} = mkHome ./users/main-user.nix;
|
||||
};
|
||||
};
|
||||
}
|
19
hosts/default/configuration.nix
Normal file
19
hosts/default/configuration.nix
Normal file
@ -0,0 +1,19 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page, on
|
||||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Enable flakes for package pinning.
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
||||
# Import modules.
|
||||
imports = [
|
||||
../../hardware-configuration.nix
|
||||
../../profiles/${settings.profile}.nix
|
||||
];
|
||||
|
||||
# Do not change the following.
|
||||
system.stateVersion = "23.11";
|
||||
}
|
26
hosts/tama/configuration.nix
Normal file
26
hosts/tama/configuration.nix
Normal file
@ -0,0 +1,26 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page, on
|
||||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Enable flakes for package pinning.
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
||||
# Import modules.
|
||||
imports = [
|
||||
../../hardware-configuration.nix
|
||||
../../profiles/${settings.profile}.nix
|
||||
../../modules/nixos/zfs.nix
|
||||
];
|
||||
|
||||
# Enable NFS export for kvm storage.
|
||||
services.nfs.server.enable = true;
|
||||
services.nfs.server.exports = ''
|
||||
/mnt/kvm 10.0.100.5(rw,async,no_subtree_check,no_root_squash,fsid=1) 10.0.100.7(rw,async,no_subtree_check,no_root_squash,fsid=1) 10.0.100.8(rw,async,no_subtree_check,no_root_squash,fsid=1) 10.0.100.13(rw,async,no_subtree_check,no_root_squash,fsid=1)
|
||||
'';
|
||||
|
||||
# Do not change the following.
|
||||
system.stateVersion = "23.11";
|
||||
}
|
20
install.sh
Executable file
20
install.sh
Executable file
@ -0,0 +1,20 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Change into script dir.
|
||||
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit
|
||||
nixosDir=$(pwd)
|
||||
|
||||
# Get short hostname to work with host specific configurations.
|
||||
host=$(hostname -s)
|
||||
if [[ -n $nixHostOverride ]]; then
|
||||
host=$nixHostOverride
|
||||
fi
|
||||
|
||||
# Confirm host configuration is available; If not, we should not continue.
|
||||
if ! grep -q "nixosConfigurations.$host" flake.nix; then
|
||||
host="default"
|
||||
fi
|
||||
|
||||
# Install NixOS.
|
||||
# shellcheck disable=SC2068
|
||||
nix --extra-experimental-features 'nix-command flakes' run 'github:nix-community/disko#disko-install' -- --impure --flake "path:$nixosDir/#$host" $@
|
9
modules/home/git.nix
Normal file
9
modules/home/git.nix
Normal file
@ -0,0 +1,9 @@
|
||||
{pkgs, settings, ...}:
|
||||
|
||||
{
|
||||
programs.git = {
|
||||
enable = true;
|
||||
userName = settings.git.name;
|
||||
userEmail = settings.git.email;
|
||||
};
|
||||
}
|
8
modules/home/zsh.nix
Normal file
8
modules/home/zsh.nix
Normal file
@ -0,0 +1,8 @@
|
||||
{pkgs, settings, ...}:
|
||||
|
||||
{
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
dotDir = ".config/zsh";
|
||||
};
|
||||
}
|
100
modules/nixos/common.nix
Normal file
100
modules/nixos/common.nix
Normal file
@ -0,0 +1,100 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Import modules.
|
||||
imports = [
|
||||
(import (if (settings.disk.luks)
|
||||
then
|
||||
./disko-luks.nix
|
||||
else
|
||||
./disko.nix
|
||||
) {
|
||||
device = settings.disk.device;
|
||||
swapSize = settings.disk.swapSize;
|
||||
})
|
||||
] ++ (if settings.videoDrivers=="unknown" then [] else [ ./video-drivers/${settings.videoDrivers}.nix ]);
|
||||
|
||||
# Allow unfree packages.
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = [ "btrfs" ];
|
||||
|
||||
# BTRFS Scrubbing Services.
|
||||
services.btrfs.autoScrub.enable = true;
|
||||
services.btrfs.autoScrub.interval = "weekly";
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = settings.timezone;
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = settings.locale;
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver.xkb = {
|
||||
layout = "us";
|
||||
variant = "";
|
||||
};
|
||||
|
||||
# console = {
|
||||
# font = "Lat2-Terminus16";
|
||||
# keyMap = "us";
|
||||
# useXkbConfig = true; # use xkb.options in tty.
|
||||
# };
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
users.groups.mlocate = {};
|
||||
environment.systemPackages = with pkgs; [
|
||||
# Text Editors
|
||||
vim
|
||||
nano
|
||||
|
||||
# Network
|
||||
wget
|
||||
curl
|
||||
git
|
||||
rsync
|
||||
borgbackup
|
||||
|
||||
# Disk Tools
|
||||
btrfs-progs
|
||||
nfs-utils
|
||||
parted
|
||||
ncdu
|
||||
pv
|
||||
|
||||
# System Tools
|
||||
sudo
|
||||
cron
|
||||
mlocate
|
||||
tmux
|
||||
killall
|
||||
pciutils
|
||||
|
||||
# Performance monitor
|
||||
nmon
|
||||
iotop
|
||||
htop
|
||||
];
|
||||
|
||||
# Compatibility with scripts.
|
||||
system.activationScripts.binbash = {
|
||||
text =
|
||||
''
|
||||
ln -sfn /run/current-system/sw/bin/bash /bin/bash
|
||||
'';
|
||||
};
|
||||
|
||||
# Nix Package Auto Cleanup
|
||||
nix = {
|
||||
settings.auto-optimise-store = true;
|
||||
gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
options = "--delete-oder-than 7d";
|
||||
};
|
||||
};
|
||||
}
|
15
modules/nixos/desktop-environments/hyperland.nix
Normal file
15
modules/nixos/desktop-environments/hyperland.nix
Normal file
@ -0,0 +1,15 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
programs.hyprland = {
|
||||
# Install the packages from nixpkgs
|
||||
enable = true;
|
||||
# Whether to enable XWayland
|
||||
xwayland.enable = true;
|
||||
};
|
||||
|
||||
# Extra global packages for guis.
|
||||
environment.systemPackages = with pkgs; [
|
||||
xdg-desktop-portal-hyprland
|
||||
];
|
||||
}
|
7
modules/nixos/desktop-environments/plasma.nix
Normal file
7
modules/nixos/desktop-environments/plasma.nix
Normal file
@ -0,0 +1,7 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Enable the Desktop Environment.
|
||||
services.xserver.desktopManager.plasma5.enable = false;
|
||||
services.desktopManager.plasma6.enable = true;
|
||||
}
|
88
modules/nixos/desktop.nix
Normal file
88
modules/nixos/desktop.nix
Normal file
@ -0,0 +1,88 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Import desktop environments.
|
||||
imports = [
|
||||
./desktop-environments/plasma.nix
|
||||
./desktop-environments/hyperland.nix
|
||||
];
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.enable = true;
|
||||
|
||||
# Enable the Display Manager.
|
||||
services.displayManager.sddm.enable = true;
|
||||
services.displayManager.sddm.wayland.enable = true;
|
||||
|
||||
# Enable automatic login for the user.
|
||||
services.displayManager.autoLogin.enable = settings.user.autoLogin;
|
||||
services.displayManager.autoLogin.user = if settings.user.autoLogin then settings.user.name else "";
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
services.libinput.enable = true;
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
services.printing.enable = true;
|
||||
|
||||
# Enable sound with pipewire.
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
# If you want to use JACK applications, uncomment this
|
||||
#jack.enable = true;
|
||||
|
||||
# use the example session manager (no others are packaged yet so this is enabled by default,
|
||||
# no need to redefine it in your config for now)
|
||||
#media-session.enable = true;
|
||||
};
|
||||
|
||||
# Enable Flatpak
|
||||
services.flatpak.enable = true;
|
||||
|
||||
# Install firefox.
|
||||
programs.firefox.enable = true;
|
||||
|
||||
# Gui applications for the main user.
|
||||
users.users.${settings.user.name}.packages = with pkgs; [
|
||||
# Internet
|
||||
thunderbird
|
||||
ungoogled-chromium
|
||||
|
||||
# Remote management
|
||||
remmina
|
||||
transmission-remote-gtk
|
||||
|
||||
# Development
|
||||
kate
|
||||
arduino-ide
|
||||
|
||||
# Multimedia
|
||||
clementine
|
||||
mpv
|
||||
vlc
|
||||
kdePackages.k3b
|
||||
|
||||
# Software defined radio
|
||||
gqrx
|
||||
];
|
||||
|
||||
# Kodi
|
||||
services.xserver.desktopManager.kodi.enable = true;
|
||||
services.xserver.desktopManager.kodi.package = pkgs.kodi.withPackages (pkgs: with pkgs; [
|
||||
# osmc-skin
|
||||
jellyfin
|
||||
pvr-hdhomerun
|
||||
pvr-iptvsimple
|
||||
]);
|
||||
|
||||
# Extra global packages for guis.
|
||||
environment.systemPackages = with pkgs; [
|
||||
xdg-utils
|
||||
xdg-desktop-portal
|
||||
];
|
||||
}
|
65
modules/nixos/disko-luks.nix
Normal file
65
modules/nixos/disko-luks.nix
Normal file
@ -0,0 +1,65 @@
|
||||
{
|
||||
device ? throw "Set this to your disk device, e.g. /dev/disk/by-id/id",
|
||||
swapSize ? "8G",
|
||||
...
|
||||
}: {
|
||||
disko.devices = {
|
||||
disk.main = {
|
||||
inherit device;
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
name = "boot";
|
||||
size = "500M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountOptions = [ "fmask=0022" "dmask=0022" ];
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
root = {
|
||||
name = "root";
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "crypted";
|
||||
settings.allowDiscards = true;
|
||||
passwordFile = "/tmp/secret.key";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = [ "-f" ];
|
||||
|
||||
subvolumes = {
|
||||
"/root" = {
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/";
|
||||
};
|
||||
|
||||
"/home" = {
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/home";
|
||||
};
|
||||
|
||||
"/nix" = {
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/nix";
|
||||
};
|
||||
|
||||
"/swap" = {
|
||||
mountOptions = [ "noatime" ];
|
||||
mountpoint = "/swap";
|
||||
swap.swapfile.size = swapSize;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
59
modules/nixos/disko.nix
Normal file
59
modules/nixos/disko.nix
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
device ? throw "Set this to your disk device, e.g. /dev/disk/by-id/id",
|
||||
swapSize ? "8G",
|
||||
...
|
||||
}: {
|
||||
disko.devices = {
|
||||
disk.main = {
|
||||
inherit device;
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
name = "boot";
|
||||
size = "500M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountOptions = [ "fmask=0022" "dmask=0022" ];
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
root = {
|
||||
name = "root";
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = [ "-f" ];
|
||||
|
||||
subvolumes = {
|
||||
"/root" = {
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/";
|
||||
};
|
||||
|
||||
"/home" = {
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/home";
|
||||
};
|
||||
|
||||
"/nix" = {
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/nix";
|
||||
};
|
||||
|
||||
"/swap" = {
|
||||
mountOptions = [ "noatime" ];
|
||||
mountpoint = "/swap";
|
||||
swap.swapfile.size = swapSize;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
13
modules/nixos/docker.nix
Normal file
13
modules/nixos/docker.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Install Docker
|
||||
virtualisation.docker.enable = true;
|
||||
virtualisation.docker.storageDriver = "btrfs";
|
||||
users.users.${settings.user.name}.extraGroups = [ "docker" ];
|
||||
|
||||
# Distrobox
|
||||
environment.systemPackages = with pkgs; [
|
||||
distrobox
|
||||
];
|
||||
}
|
11
modules/nixos/gaming.nix
Normal file
11
modules/nixos/gaming.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Enable steam for gamming.
|
||||
programs.steam.enable = true;
|
||||
|
||||
# Gui applications for the main user.
|
||||
users.users.${settings.user.name}.packages = with pkgs; [
|
||||
lutris
|
||||
];
|
||||
}
|
21
modules/nixos/management.nix
Normal file
21
modules/nixos/management.nix
Normal file
@ -0,0 +1,21 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
cockpit
|
||||
];
|
||||
|
||||
services.cockpit = {
|
||||
enable = true;
|
||||
port = 9090;
|
||||
settings = {
|
||||
WebService = {
|
||||
AllowUnencrypted = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
services.openssh.settings.PermitRootLogin = "without-password";
|
||||
}
|
60
modules/nixos/monitoring.nix
Normal file
60
modules/nixos/monitoring.nix
Normal file
@ -0,0 +1,60 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
users.groups.telegraf = {};
|
||||
users.users.telegraf = {
|
||||
isNormalUser = false;
|
||||
isSystemUser = true;
|
||||
group = "telegraf";
|
||||
};
|
||||
|
||||
# List packages installed in system profile.
|
||||
environment.systemPackages = with pkgs; [
|
||||
telegraf
|
||||
smartmontools
|
||||
nvme-cli
|
||||
lm_sensors
|
||||
];
|
||||
|
||||
security.sudo = {
|
||||
enable = true;
|
||||
extraRules = [{
|
||||
commands = [
|
||||
{
|
||||
command = "${pkgs.smartmontools}/bin/smartctl";
|
||||
options = [ "NOPASSWD" ];
|
||||
}
|
||||
{
|
||||
command = "${pkgs.nvme-cli}/bin/nvme";
|
||||
options = [ "NOPASSWD" ];
|
||||
}
|
||||
];
|
||||
users = [ "telegraf" ];
|
||||
}];
|
||||
};
|
||||
|
||||
systemd.services.telegraf = {
|
||||
enable = true;
|
||||
description = "Telegraf";
|
||||
after = [ "network.target" ];
|
||||
path = [
|
||||
"/run/wrappers"
|
||||
pkgs.lm_sensors
|
||||
pkgs.smartmontools
|
||||
pkgs.nvme-cli
|
||||
];
|
||||
serviceConfig = {
|
||||
Type = "notify";
|
||||
NotifyAccess = "all";
|
||||
User = "telegraf";
|
||||
ExecStart = "${pkgs.telegraf}/bin/telegraf -config /etc/telegraf/telegraf.conf -config-directory /etc/telegraf/telegraf.d";
|
||||
ExecReload = "/bin/kill -HUP $MAINPID";
|
||||
Restart = "on-failure";
|
||||
RestartForceExitStatus = "SIGPIPE";
|
||||
KillMode = "mixed";
|
||||
TimeoutStopSec = "5";
|
||||
LimitMEMLOCK = "8M:8M";
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
}
|
21
modules/nixos/network.nix
Normal file
21
modules/nixos/network.nix
Normal file
@ -0,0 +1,21 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Network host configuration.
|
||||
networking.hostId = settings.hostId;
|
||||
networking.hostName = settings.hostName;
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
networking.firewall.enable = false;
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
dnsutils
|
||||
iperf
|
||||
nmap
|
||||
netcat-gnu
|
||||
];
|
||||
}
|
50
modules/nixos/users.nix
Normal file
50
modules/nixos/users.nix
Normal file
@ -0,0 +1,50 @@
|
||||
{ inputs, config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
guiAddress = "0.0.0.0:8384";
|
||||
user = settings.user.name;
|
||||
dataDir = "/home/${settings.user.name}";
|
||||
};
|
||||
|
||||
# Enable ZSH.
|
||||
programs.zsh.enable = true;
|
||||
|
||||
# Rebuild users.
|
||||
users.mutableUsers = false;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.groups.${settings.user.name}.gid = 1000;
|
||||
users.users.${settings.user.name} = {
|
||||
isNormalUser = true;
|
||||
description = settings.user.description;
|
||||
extraGroups = [ "networkmanager" "wheel" ];
|
||||
uid = 1000;
|
||||
group = settings.user.name;
|
||||
shell = pkgs.zsh;
|
||||
hashedPassword = settings.user.hashedPassword;
|
||||
openssh.authorizedKeys.keys = settings.user.openssh.authorizedKeys.keys;
|
||||
};
|
||||
users.users.root = {
|
||||
shell = pkgs.zsh;
|
||||
hashedPassword = settings.root.hashedPassword;
|
||||
openssh.authorizedKeys.keys = settings.root.openssh.authorizedKeys.keys;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
unstable.nodejs_22
|
||||
pure-prompt
|
||||
fastfetch
|
||||
];
|
||||
|
||||
home-manager = {
|
||||
extraSpecialArgs = {
|
||||
inherit inputs;
|
||||
inherit settings;
|
||||
};
|
||||
users = {
|
||||
${settings.user.name} = import ../../users/main-user.nix;
|
||||
};
|
||||
};
|
||||
}
|
12
modules/nixos/video-drivers/amdgpu.nix
Normal file
12
modules/nixos/video-drivers/amdgpu.nix
Normal file
@ -0,0 +1,12 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Display drivers.
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
};
|
||||
boot.initrd.kernelModules = [ "amdgpu" ];
|
||||
services.xserver.videoDrivers = [ "amdgpu" ];
|
||||
}
|
43
modules/nixos/video-drivers/nvidia.nix
Normal file
43
modules/nixos/video-drivers/nvidia.nix
Normal file
@ -0,0 +1,43 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Display drivers.
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
};
|
||||
services.xserver.videoDrivers = [ "nvidia" ];
|
||||
|
||||
hardware.nvidia = {
|
||||
|
||||
# Modesetting is required.
|
||||
modesetting.enable = false;
|
||||
|
||||
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
|
||||
# Enable this if you have graphical corruption issues or application crashes after waking
|
||||
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
|
||||
# of just the bare essentials.
|
||||
powerManagement.enable = false;
|
||||
|
||||
# Fine-grained power management. Turns off GPU when not in use.
|
||||
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
|
||||
powerManagement.finegrained = false;
|
||||
|
||||
# Use the NVidia open source kernel module (not to be confused with the
|
||||
# independent third-party "nouveau" open source driver).
|
||||
# Support is limited to the Turing and later architectures. Full list of
|
||||
# supported GPUs is at:
|
||||
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
|
||||
# Only available from driver 515.43.04+
|
||||
# Currently alpha-quality/buggy, so false is currently the recommended setting.
|
||||
open = false;
|
||||
|
||||
# Enable the Nvidia settings menu,
|
||||
# accessible via `nvidia-settings`.
|
||||
nvidiaSettings = true;
|
||||
|
||||
# Optionally, you may need to select the appropriate driver version for your specific GPU.
|
||||
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
};
|
||||
}
|
13
modules/nixos/video-drivers/qxl.nix
Normal file
13
modules/nixos/video-drivers/qxl.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Display drivers.
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
};
|
||||
services.xserver.videoDrivers = [ "qxl" ];
|
||||
# services.qemuGuest.enable = true;
|
||||
services.spice-vdagentd.enable = true;
|
||||
}
|
53
modules/nixos/virtualization.nix
Normal file
53
modules/nixos/virtualization.nix
Normal file
@ -0,0 +1,53 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking.extraHosts =
|
||||
''
|
||||
10.0.100.5 kiki kiki.gec.im
|
||||
10.0.100.6 tama tama.gec.im
|
||||
10.0.100.7 kate kate.gec.im
|
||||
10.0.100.8 mika mika.gec.im
|
||||
10.0.100.13 gaming-pc gaming-pc.gec.im
|
||||
'';
|
||||
|
||||
networking.localCommands =
|
||||
''
|
||||
/run/current-system/sw/bin/iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
|
||||
'';
|
||||
|
||||
boot.kernel.sysctl."net.bridge.bridge-nf-call-ip6tables" = 0;
|
||||
boot.kernel.sysctl."net.bridge.bridge-nf-call-iptables" = 0;
|
||||
boot.kernel.sysctl."net.bridge.bridge-nf-call-arptables" = 0;
|
||||
|
||||
virtualisation.libvirtd = {
|
||||
enable = true;
|
||||
qemu = {
|
||||
package = pkgs.qemu_full;
|
||||
runAsRoot = true;
|
||||
swtpm.enable = true;
|
||||
ovmf = {
|
||||
enable = true;
|
||||
packages = [(pkgs.OVMF.override {
|
||||
secureBoot = true;
|
||||
tpmSupport = true;
|
||||
}).fd];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
(python311.withPackages(ps: with ps; [ pip pandas requests libvirt lxml packaging ]))
|
||||
qemu_full
|
||||
libvirt
|
||||
swtpm
|
||||
edk2
|
||||
];
|
||||
|
||||
# Compatibility with libvirt internals.
|
||||
system.activationScripts.binqemu = {
|
||||
text =
|
||||
''
|
||||
ln -sfn /run/current-system/sw/bin/qemu-system-x86_64 /usr/bin/qemu-system-x86_64
|
||||
'';
|
||||
};
|
||||
}
|
14
modules/nixos/zfs.nix
Normal file
14
modules/nixos/zfs.nix
Normal file
@ -0,0 +1,14 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
|
||||
# Set kernel to latest compatible version with ZFS.
|
||||
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
zfs
|
||||
];
|
||||
|
||||
services.zfs.autoScrub.enable = true;
|
||||
}
|
13
profiles/desktop.nix
Normal file
13
profiles/desktop.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Import modules.
|
||||
imports = [
|
||||
../modules/nixos/common.nix
|
||||
../modules/nixos/network.nix
|
||||
../modules/nixos/users.nix
|
||||
../modules/nixos/management.nix
|
||||
../modules/nixos/desktop.nix
|
||||
../modules/nixos/docker.nix
|
||||
];
|
||||
}
|
9
profiles/gaming-pc.nix
Normal file
9
profiles/gaming-pc.nix
Normal file
@ -0,0 +1,9 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Import modules.
|
||||
imports = [
|
||||
./desktop.nix
|
||||
../modules/nixos/gaming.nix
|
||||
];
|
||||
}
|
18
profiles/virtual-machine-host.nix
Normal file
18
profiles/virtual-machine-host.nix
Normal file
@ -0,0 +1,18 @@
|
||||
{ config, lib, pkgs, settings, ... }:
|
||||
|
||||
{
|
||||
# Import modules.
|
||||
imports = [
|
||||
../modules/nixos/common.nix
|
||||
../modules/nixos/network.nix
|
||||
../modules/nixos/users.nix
|
||||
../modules/nixos/management.nix
|
||||
../modules/nixos/monitoring.nix
|
||||
../modules/nixos/virtualization.nix
|
||||
];
|
||||
|
||||
# Allow unsupported SPF+ modules.
|
||||
boot.kernelParams = [
|
||||
"ixgbe.allow_unsupported_sfp=1"
|
||||
];
|
||||
}
|
20
rebuild.sh
Executable file
20
rebuild.sh
Executable file
@ -0,0 +1,20 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Change into script dir.
|
||||
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit
|
||||
nixosDir=$(pwd)
|
||||
|
||||
# Get short hostname to work with host specific configurations.
|
||||
host=$(hostname -s)
|
||||
if [[ -n $nixHostOverride ]]; then
|
||||
host=$nixHostOverride
|
||||
fi
|
||||
|
||||
# Confirm host configuration is available; If not, we should not continue.
|
||||
if ! grep -q "nixosConfigurations.$host" flake.nix; then
|
||||
host="default"
|
||||
fi
|
||||
|
||||
# Rebuild and switch.
|
||||
# shellcheck disable=SC2068
|
||||
nixos-rebuild switch --impure --flake "path:$nixosDir/#$host" $@
|
8
rsync.sh
Executable file
8
rsync.sh
Executable file
@ -0,0 +1,8 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Change into script dir.
|
||||
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit
|
||||
nixosDir=$(pwd)
|
||||
|
||||
# Sync configuration via rsync.
|
||||
rsync -av --delete --exclude settings.nix --exclude hardware-configuration.nix "$nixosDir/" "$1:nixos/"
|
30
settings-default.nix
Normal file
30
settings-default.nix
Normal file
@ -0,0 +1,30 @@
|
||||
rec {
|
||||
system = "x86_64-linux";
|
||||
timezone = "America/Chicago";
|
||||
locale = "en_US.UTF-8";
|
||||
packages = "stable";
|
||||
profile = "desktop";
|
||||
hostId = (builtins.substring 0 8 (builtins.readFile "/etc/machine-id"));
|
||||
hostName = "nixos";
|
||||
videoDrivers = "unknown";
|
||||
disk = {
|
||||
device = "/dev/sda";
|
||||
swapSize = "8G";
|
||||
luks = false;
|
||||
};
|
||||
user = {
|
||||
name = "grmrgecko";
|
||||
description = "James Coleman";
|
||||
hashedPassword = "";
|
||||
openssh.authorizedKeys.keys = [];
|
||||
autoLogin = false;
|
||||
};
|
||||
root = {
|
||||
hashedPassword = user.hashedPassword;
|
||||
openssh.authorizedKeys.keys = user.openssh.authorizedKeys.keys;
|
||||
};
|
||||
git = {
|
||||
name = "GRMrGecko";
|
||||
email = "grmrgecko@gmail.com";
|
||||
};
|
||||
}
|
32
update.sh
Executable file
32
update.sh
Executable file
@ -0,0 +1,32 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Change into script dir.
|
||||
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit
|
||||
nixosDir=$(pwd)
|
||||
|
||||
# Get short hostname to work with host specific configurations.
|
||||
host=$(hostname -s)
|
||||
if [[ -n $nixHostOverride ]]; then
|
||||
host=$nixHostOverride
|
||||
fi
|
||||
|
||||
# Confirm host configuration is available; If not, we should not continue.
|
||||
if ! grep -q "nixosConfigurations.$host" flake.nix; then
|
||||
host="default"
|
||||
fi
|
||||
|
||||
# Update nixpkgs.
|
||||
if ! sudo -u grmrgecko nix flake update "$nixosDir"; then
|
||||
echo "Update failed"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Add updated lock file to git staging for rebuild below.
|
||||
sudo -u grmrgecko git add flake.lock
|
||||
|
||||
# Commit update.
|
||||
sudo -u grmrgecko git commit -m "Flake update $(date)"
|
||||
|
||||
# Rebuild and switch.
|
||||
# shellcheck disable=SC2068
|
||||
nixos-rebuild switch --impure --flake "path:$nixosDir/#$host" $@
|
24
users/main-user.nix
Normal file
24
users/main-user.nix
Normal file
@ -0,0 +1,24 @@
|
||||
{pkgs, settings, ...}:
|
||||
|
||||
{
|
||||
imports = [
|
||||
../modules/home/git.nix
|
||||
../modules/home/zsh.nix
|
||||
];
|
||||
|
||||
home.username = settings.user.name;
|
||||
home.homeDirectory = "/home/${settings.user.name}";
|
||||
|
||||
# Let Home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
|
||||
# This value determines the Home Manager release that your
|
||||
# configuration is compatible with. This helps avoid breakage
|
||||
# when a new Home Manager release introduces backwards
|
||||
# incompatible changes.
|
||||
#
|
||||
# You can update Home Manager without changing this value. See
|
||||
# the Home Manager release notes for a list of state version
|
||||
# changes in each release.
|
||||
home.stateVersion = "23.11";
|
||||
}
|
Loading…
Reference in New Issue
Block a user