GRMrGecko
4 months ago
commit
3b8a6567b2
34 changed files with 1296 additions and 0 deletions
-
2.gitignore
-
246configure.sh
-
86flake.lock
-
81flake.nix
-
19hosts/default/configuration.nix
-
26hosts/tama/configuration.nix
-
20install.sh
-
9modules/home/git.nix
-
8modules/home/zsh.nix
-
100modules/nixos/common.nix
-
15modules/nixos/desktop-environments/hyperland.nix
-
7modules/nixos/desktop-environments/plasma.nix
-
88modules/nixos/desktop.nix
-
65modules/nixos/disko-luks.nix
-
59modules/nixos/disko.nix
-
13modules/nixos/docker.nix
-
11modules/nixos/gaming.nix
-
21modules/nixos/management.nix
-
60modules/nixos/monitoring.nix
-
21modules/nixos/network.nix
-
50modules/nixos/users.nix
-
12modules/nixos/video-drivers/amdgpu.nix
-
43modules/nixos/video-drivers/nvidia.nix
-
13modules/nixos/video-drivers/qxl.nix
-
53modules/nixos/virtualization.nix
-
14modules/nixos/zfs.nix
-
13profiles/desktop.nix
-
9profiles/gaming-pc.nix
-
18profiles/virtual-machine-host.nix
-
20rebuild.sh
-
8rsync.sh
-
30settings-default.nix
-
32update.sh
-
24users/main-user.nix
@ -0,0 +1,2 @@ |
|||||
|
settings.nix |
||||
|
hardware-configuration.nix |
@ -0,0 +1,246 @@ |
|||||
|
#!/usr/bin/env bash |
||||
|
|
||||
|
# Change into script dir. |
||||
|
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit |
||||
|
nixosDir=$(pwd) |
||||
|
|
||||
|
# Defaults |
||||
|
defaultHostname="nixos" |
||||
|
defaultSwap="8G" |
||||
|
defaultName="grmrgecko" |
||||
|
defaultDescription="James Coleman" |
||||
|
defaultGitName="GRMrGecko" |
||||
|
defaultGitEmail="grmrgecko@gmail.com" |
||||
|
|
||||
|
# A simple function to print an array. |
||||
|
CHOICE=0 |
||||
|
chooseOpts() { |
||||
|
local opts i |
||||
|
CHOICE=-1 |
||||
|
opts=("$@") |
||||
|
# Keep an index to properly index the options. |
||||
|
i=0 |
||||
|
echo |
||||
|
# For each option, print it and increment the index. |
||||
|
for opt in "${opts[@]}"; do |
||||
|
echo "$i) $opt" |
||||
|
i=$((i+1)) |
||||
|
done |
||||
|
# Ask for their choice. |
||||
|
echo |
||||
|
echo -n "Enter choice: " |
||||
|
read -r CHOICE |
||||
|
# Check inputted index range. |
||||
|
if ((CHOICE >= ${#opts[@]} || CHOICE < 0)); then |
||||
|
echo "Invalid range" |
||||
|
chooseOpts "$@" |
||||
|
fi |
||||
|
} |
||||
|
|
||||
|
# A looping function to choose Y or N. |
||||
|
chooseYN() { |
||||
|
local default="" |
||||
|
if [[ "$1" =~ \[.*([YN]).*\] ]]; then |
||||
|
default=${BASH_REMATCH[1]} |
||||
|
fi |
||||
|
echo -n "$1: " |
||||
|
read -r CHOICE |
||||
|
[[ -z $CHOICE ]] && CHOICE=$default |
||||
|
if [[ "$CHOICE" =~ ^[yY]$ ]]; then |
||||
|
CHOICE="y" |
||||
|
elif [[ "$CHOICE" =~ ^[nN]$ ]]; then |
||||
|
CHOICE="n" |
||||
|
else |
||||
|
chooseYN "$1" |
||||
|
fi |
||||
|
} |
||||
|
|
||||
|
# Determine video drivers based on PCI devices. |
||||
|
videoDrivers="unknown" |
||||
|
pciRaw=$(lspci | grep -E 'VGA') |
||||
|
if [[ "$pciRaw" =~ QXL ]]; then |
||||
|
videoDrivers="qxl" |
||||
|
elif [[ "$pciRaw" =~ NVIDIA ]]; then |
||||
|
videoDrivers="nvidia" |
||||
|
elif [[ "$pciRaw" =~ AMD ]]; then |
||||
|
videoDrivers="amdgpu" |
||||
|
fi |
||||
|
|
||||
|
# Get the packages souce, rather its unstable or stable. |
||||
|
PACKAGESOPTS=( |
||||
|
"stable" |
||||
|
"unstable" |
||||
|
) |
||||
|
echo "Packages source" |
||||
|
chooseOpts "${PACKAGESOPTS[@]}" |
||||
|
PACKAGES=${PACKAGESOPTS[$CHOICE]} |
||||
|
|
||||
|
# Get the profile for this system. |
||||
|
PROFILEOPTS=() |
||||
|
# Build profile list from profiles directory. |
||||
|
for profile in ./profiles/*.nix; do |
||||
|
PROFILEOPTS+=("$(basename "${profile%.*}")") |
||||
|
done |
||||
|
echo "Choose your profile" |
||||
|
chooseOpts "${PROFILEOPTS[@]}" |
||||
|
PROFILE=${PROFILEOPTS[$CHOICE]} |
||||
|
|
||||
|
# Get the hostname. |
||||
|
echo -n "Choose hostname [$defaultHostname]: " |
||||
|
read -r hostName |
||||
|
[[ -z $hostName ]] && hostName=$defaultHostname |
||||
|
|
||||
|
# Determine default disk. |
||||
|
diskDefault="" |
||||
|
[[ -e /dev/sda ]] && diskDefault="/dev/sda" |
||||
|
[[ -e /dev/vda ]] && diskDefault="/dev/vda" |
||||
|
echo |
||||
|
echo "Select a disk from the list below:" |
||||
|
# List disks to allow a choice to be made without stopping |
||||
|
# configuration and verifying available disks. |
||||
|
lsblk -o PATH,ID-LINK,SIZE -t |
||||
|
echo |
||||
|
echo -n "Choose disk (/dev/disk/by-id/{ID-LINK}) [$diskDefault]: " |
||||
|
read -r disk |
||||
|
# If selected disk is none, use the default disk determined above. |
||||
|
[[ -z $disk ]] && disk=$diskDefault |
||||
|
|
||||
|
# Get the swap size. |
||||
|
echo -n "Swap size [$defaultSwap]: " |
||||
|
read -r swapSize |
||||
|
[[ -z $swapSize ]] && swapSize=$defaultSwap |
||||
|
|
||||
|
# Determine if we should LUKS encrypt the disk. |
||||
|
luks="false" |
||||
|
chooseYN "Use LUKS Encryption? [N/y]" |
||||
|
if [[ "$CHOICE" == "y" ]]; then |
||||
|
luks="true" |
||||
|
# Get a password from the user, with confirmation to ensure |
||||
|
# we are not setting a typo. |
||||
|
while true; do |
||||
|
echo -n "Enter your luks encryption passphrase: " |
||||
|
read -r -s luksPasswd |
||||
|
echo -n "Confirm your luks encryption passphrase: " |
||||
|
read -r -s confirmLuksPasswd |
||||
|
if [[ "$luksPasswd" == "$confirmLuksPasswd" ]]; then |
||||
|
break |
||||
|
fi |
||||
|
echo "Passwords do not match, try again." |
||||
|
done |
||||
|
# Save the password to the tmpfs for disko to pick up during partitioning. |
||||
|
echo "$luksPasswd" > /tmp/secret.key |
||||
|
fi |
||||
|
|
||||
|
# Get username for the main user. |
||||
|
echo -n "Main user name [$defaultName]: " |
||||
|
read -r name |
||||
|
[[ -z $name ]] && name=$defaultName me |
||||
|
|
||||
|
# Get description for the main user. |
||||
|
echo -n "Main user description [$defaultDescription]: " |
||||
|
read -r description |
||||
|
[[ -z $description ]] && description=$defaultDescription |
||||
|
|
||||
|
# Determine password for main user, verifying no typos. |
||||
|
while true; do |
||||
|
echo -n "Enter password for main user: " |
||||
|
read -r -s mainPasswd |
||||
|
echo -n "Confirm your password for main user: " |
||||
|
read -r -s confirmMainPasswd |
||||
|
if [[ "$mainPasswd" == "$confirmMainPasswd" ]]; then |
||||
|
break |
||||
|
fi |
||||
|
echo "Passwords do not match, try again." |
||||
|
done |
||||
|
# Use mkpasswd to create a hashed password with the lastest |
||||
|
# linux password hashing algorithm. |
||||
|
password=$(mkpasswd "$mainPasswd") |
||||
|
|
||||
|
# Determine SSH keys to allow into the system. |
||||
|
sshKeys=() |
||||
|
while true; do |
||||
|
echo "To exit loop, press enter." |
||||
|
echo -n "Add ssh key (Github Username or ssh key): " |
||||
|
read -r keyToAdd |
||||
|
|
||||
|
# If empty, exit loop as all keys were selected. |
||||
|
[[ -z $keyToAdd ]] && break |
||||
|
|
||||
|
# If matches an ssh public key, add to list. |
||||
|
if [[ "$keyToAdd" =~ ^ssh-.* ]]; then |
||||
|
echo "Added key: $keyToAdd" |
||||
|
sshKeys+=("$keyToAdd") |
||||
|
continue |
||||
|
fi |
||||
|
|
||||
|
# If is an username, check github for all keys and add them. |
||||
|
if [[ "$keyToAdd" =~ ([a-zA-Z0-9]+) ]]; then |
||||
|
githubUsername=${BASH_REMATCH[1]} |
||||
|
while read -r key; do |
||||
|
if [[ $key == "Not Found" ]]; then |
||||
|
echo "Github user provided not found" |
||||
|
continue |
||||
|
fi |
||||
|
echo "Adding key: $key" |
||||
|
sshKeys+=("$key") |
||||
|
done < <(curl -s -q "https://github.com/$githubUsername.keys") |
||||
|
fi |
||||
|
done |
||||
|
|
||||
|
# Determine if we want to autologin to the main user, |
||||
|
# this may be desirable on full disk encrypted machines. |
||||
|
autoLogin="false" |
||||
|
chooseYN "Autologin to main user? [N/y]" |
||||
|
if [[ "$CHOICE" == "y" ]]; then |
||||
|
autoLogin="true" |
||||
|
fi |
||||
|
|
||||
|
# Get git name. |
||||
|
echo -n "Git name [$defaultGitName]: " |
||||
|
read -r gitName |
||||
|
[[ -z $gitName ]] && gitName=$defaultGitName me |
||||
|
|
||||
|
# Get git email. |
||||
|
echo -n "Git email [$defaultGitEmail]: " |
||||
|
read -r gitEmail |
||||
|
[[ -z $gitEmail ]] && gitEmail=$defaultGitEmail |
||||
|
|
||||
|
# Generate settings.nix file with above choosen options. |
||||
|
echo "Generating settings.nix:" |
||||
|
cat <<EOF | tee "$nixosDir/settings.nix" |
||||
|
rec { |
||||
|
system = "x86_64-linux"; |
||||
|
timezone = "America/Chicago"; |
||||
|
locale = "en_US.UTF-8"; |
||||
|
packages = "${PACKAGES}"; |
||||
|
profile = "${PROFILE}"; |
||||
|
hostId = (builtins.substring 0 8 (builtins.readFile "/etc/machine-id")); |
||||
|
hostName = "${hostName}"; |
||||
|
videoDrivers = "${videoDrivers}"; |
||||
|
disk = { |
||||
|
device = "${disk}"; |
||||
|
swapSize = "${swapSize}"; |
||||
|
luks = ${luks}; |
||||
|
}; |
||||
|
user = { |
||||
|
name = "${name}"; |
||||
|
description = "${description}"; |
||||
|
hashedPassword = "${password}"; |
||||
|
openssh.authorizedKeys.keys = [$(printf ' "%s"' "${sshKeys[@]}") ]; |
||||
|
autoLogin = ${autoLogin}; |
||||
|
}; |
||||
|
root = { |
||||
|
hashedPassword = user.hashedPassword; |
||||
|
openssh.authorizedKeys.keys = user.openssh.authorizedKeys.keys; |
||||
|
}; |
||||
|
git = { |
||||
|
name = "${gitName}"; |
||||
|
email = "${gitEmail}"; |
||||
|
}; |
||||
|
} |
||||
|
EOF |
||||
|
|
||||
|
# Generate hardware-configuration.nix without filesystems as we use the disko partitoning flake. |
||||
|
echo |
||||
|
echo "Generating hardware-configuration.nix" |
||||
|
nixos-generate-config --no-filesystems --show-hardware-config | tee "$nixosDir/hardware-configuration.nix" |
@ -0,0 +1,86 @@ |
|||||
|
{ |
||||
|
"nodes": { |
||||
|
"disko": { |
||||
|
"inputs": { |
||||
|
"nixpkgs": [ |
||||
|
"nixpkgs" |
||||
|
] |
||||
|
}, |
||||
|
"locked": { |
||||
|
"lastModified": 1715217706, |
||||
|
"narHash": "sha256-yEB5SEHc+o3WJpUPw455OdLy9A+gffvCJX8DZ7NCkuo=", |
||||
|
"owner": "nix-community", |
||||
|
"repo": "disko", |
||||
|
"rev": "8eb1b315eef89f3bdc5c9814d1b207c6d64f0046", |
||||
|
"type": "github" |
||||
|
}, |
||||
|
"original": { |
||||
|
"owner": "nix-community", |
||||
|
"repo": "disko", |
||||
|
"type": "github" |
||||
|
} |
||||
|
}, |
||||
|
"home-manager": { |
||||
|
"inputs": { |
||||
|
"nixpkgs": [ |
||||
|
"nixpkgs" |
||||
|
] |
||||
|
}, |
||||
|
"locked": { |
||||
|
"lastModified": 1715486357, |
||||
|
"narHash": "sha256-4pRuzsHZOW5W4CsXI9uhKtiJeQSUoe1d2M9mWU98HC4=", |
||||
|
"owner": "nix-community", |
||||
|
"repo": "home-manager", |
||||
|
"rev": "44677a1c96810a8e8c4ffaeaad10c842402647c1", |
||||
|
"type": "github" |
||||
|
}, |
||||
|
"original": { |
||||
|
"owner": "nix-community", |
||||
|
"repo": "home-manager", |
||||
|
"type": "github" |
||||
|
} |
||||
|
}, |
||||
|
"nixpkgs": { |
||||
|
"locked": { |
||||
|
"lastModified": 1715106579, |
||||
|
"narHash": "sha256-gZMgKEGiK6YrwGBiccZ1gemiUwjsZ1Zv49KYOgmX2fY=", |
||||
|
"owner": "nixos", |
||||
|
"repo": "nixpkgs", |
||||
|
"rev": "8be0d8a1ed4f96d99b09aa616e2afd47acc3da89", |
||||
|
"type": "github" |
||||
|
}, |
||||
|
"original": { |
||||
|
"owner": "nixos", |
||||
|
"ref": "nixos-23.11", |
||||
|
"repo": "nixpkgs", |
||||
|
"type": "github" |
||||
|
} |
||||
|
}, |
||||
|
"nixpkgs-unstable": { |
||||
|
"locked": { |
||||
|
"lastModified": 1715087517, |
||||
|
"narHash": "sha256-CLU5Tsg24Ke4+7sH8azHWXKd0CFd4mhLWfhYgUiDBpQ=", |
||||
|
"owner": "nixos", |
||||
|
"repo": "nixpkgs", |
||||
|
"rev": "b211b392b8486ee79df6cdfb1157ad2133427a29", |
||||
|
"type": "github" |
||||
|
}, |
||||
|
"original": { |
||||
|
"owner": "nixos", |
||||
|
"ref": "nixos-unstable", |
||||
|
"repo": "nixpkgs", |
||||
|
"type": "github" |
||||
|
} |
||||
|
}, |
||||
|
"root": { |
||||
|
"inputs": { |
||||
|
"disko": "disko", |
||||
|
"home-manager": "home-manager", |
||||
|
"nixpkgs": "nixpkgs", |
||||
|
"nixpkgs-unstable": "nixpkgs-unstable" |
||||
|
} |
||||
|
} |
||||
|
}, |
||||
|
"root": "root", |
||||
|
"version": 7 |
||||
|
} |
@ -0,0 +1,81 @@ |
|||||
|
{ |
||||
|
description = "Nixos config flake"; |
||||
|
|
||||
|
inputs = { |
||||
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; |
||||
|
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; |
||||
|
|
||||
|
disko = { |
||||
|
url = "github:nix-community/disko"; |
||||
|
inputs.nixpkgs.follows = "nixpkgs"; |
||||
|
}; |
||||
|
|
||||
|
home-manager = { |
||||
|
url = "github:nix-community/home-manager"; |
||||
|
inputs.nixpkgs.follows = "nixpkgs"; |
||||
|
}; |
||||
|
}; |
||||
|
|
||||
|
outputs = inputs@{ self, ... }: |
||||
|
let |
||||
|
settings = (if (builtins.pathExists ./settings.nix) |
||||
|
then |
||||
|
(import ./settings.nix) |
||||
|
else |
||||
|
(import ./settings-default.nix) |
||||
|
); |
||||
|
|
||||
|
nixpkgs = (if (settings.packages == "stable") |
||||
|
then |
||||
|
inputs.nixpkgs |
||||
|
else |
||||
|
inputs.nixpkgs-unstable |
||||
|
); |
||||
|
|
||||
|
overlay-unstable = final: prev: { |
||||
|
unstable = import inputs.nixpkgs-unstable { |
||||
|
system = settings.system; |
||||
|
config.allowUnfree = true; |
||||
|
}; |
||||
|
}; |
||||
|
|
||||
|
pkgs = (import nixpkgs { |
||||
|
system = settings.system; |
||||
|
config = { |
||||
|
allowUnfree = true; |
||||
|
allowUnfreePredicate = (_: true); |
||||
|
}; |
||||
|
overlays = [ overlay-unstable ]; |
||||
|
}); |
||||
|
|
||||
|
mkSystem = config: nixpkgs.lib.nixosSystem { |
||||
|
system = settings.system; |
||||
|
specialArgs = { |
||||
|
inherit inputs; |
||||
|
inherit pkgs; |
||||
|
inherit settings; |
||||
|
}; |
||||
|
modules = [ |
||||
|
config |
||||
|
inputs.disko.nixosModules.disko |
||||
|
inputs.home-manager.nixosModules.default |
||||
|
]; |
||||
|
}; |
||||
|
|
||||
|
mkHome = config: inputs.home-manager.lib.homeManagerConfiguration { |
||||
|
inherit pkgs; |
||||
|
extraSpecialArgs = { |
||||
|
inherit inputs; |
||||
|
inherit settings; |
||||
|
}; |
||||
|
modules = [ config ]; |
||||
|
}; |
||||
|
in { |
||||
|
nixosConfigurations.default = mkSystem ./hosts/default/configuration.nix; |
||||
|
nixosConfigurations.tama = mkSystem ./hosts/tama/configuration.nix; |
||||
|
|
||||
|
homeConfigurations = { |
||||
|
${settings.user.name} = mkHome ./users/main-user.nix; |
||||
|
}; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,19 @@ |
|||||
|
# Edit this configuration file to define what should be installed on |
||||
|
# your system. Help is available in the configuration.nix(5) man page, on |
||||
|
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). |
||||
|
|
||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Enable flakes for package pinning. |
||||
|
nix.settings.experimental-features = [ "nix-command" "flakes" ]; |
||||
|
|
||||
|
# Import modules. |
||||
|
imports = [ |
||||
|
../../hardware-configuration.nix |
||||
|
../../profiles/${settings.profile}.nix |
||||
|
]; |
||||
|
|
||||
|
# Do not change the following. |
||||
|
system.stateVersion = "23.11"; |
||||
|
} |
@ -0,0 +1,26 @@ |
|||||
|
# Edit this configuration file to define what should be installed on |
||||
|
# your system. Help is available in the configuration.nix(5) man page, on |
||||
|
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). |
||||
|
|
||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Enable flakes for package pinning. |
||||
|
nix.settings.experimental-features = [ "nix-command" "flakes" ]; |
||||
|
|
||||
|
# Import modules. |
||||
|
imports = [ |
||||
|
../../hardware-configuration.nix |
||||
|
../../profiles/${settings.profile}.nix |
||||
|
../../modules/nixos/zfs.nix |
||||
|
]; |
||||
|
|
||||
|
# Enable NFS export for kvm storage. |
||||
|
services.nfs.server.enable = true; |
||||
|
services.nfs.server.exports = '' |
||||
|
/mnt/kvm 10.0.100.5(rw,async,no_subtree_check,no_root_squash,fsid=1) 10.0.100.7(rw,async,no_subtree_check,no_root_squash,fsid=1) 10.0.100.8(rw,async,no_subtree_check,no_root_squash,fsid=1) 10.0.100.13(rw,async,no_subtree_check,no_root_squash,fsid=1) |
||||
|
''; |
||||
|
|
||||
|
# Do not change the following. |
||||
|
system.stateVersion = "23.11"; |
||||
|
} |
@ -0,0 +1,20 @@ |
|||||
|
#!/usr/bin/env bash |
||||
|
|
||||
|
# Change into script dir. |
||||
|
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit |
||||
|
nixosDir=$(pwd) |
||||
|
|
||||
|
# Get short hostname to work with host specific configurations. |
||||
|
host=$(hostname -s) |
||||
|
if [[ -n $nixHostOverride ]]; then |
||||
|
host=$nixHostOverride |
||||
|
fi |
||||
|
|
||||
|
# Confirm host configuration is available; If not, we should not continue. |
||||
|
if ! grep -q "nixosConfigurations.$host" flake.nix; then |
||||
|
host="default" |
||||
|
fi |
||||
|
|
||||
|
# Install NixOS. |
||||
|
# shellcheck disable=SC2068 |
||||
|
nix --extra-experimental-features 'nix-command flakes' run 'github:nix-community/disko#disko-install' -- --impure --flake "path:$nixosDir/#$host" $@ |
@ -0,0 +1,9 @@ |
|||||
|
{pkgs, settings, ...}: |
||||
|
|
||||
|
{ |
||||
|
programs.git = { |
||||
|
enable = true; |
||||
|
userName = settings.git.name; |
||||
|
userEmail = settings.git.email; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,8 @@ |
|||||
|
{pkgs, settings, ...}: |
||||
|
|
||||
|
{ |
||||
|
programs.zsh = { |
||||
|
enable = true; |
||||
|
dotDir = ".config/zsh"; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,100 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Import modules. |
||||
|
imports = [ |
||||
|
(import (if (settings.disk.luks) |
||||
|
then |
||||
|
./disko-luks.nix |
||||
|
else |
||||
|
./disko.nix |
||||
|
) { |
||||
|
device = settings.disk.device; |
||||
|
swapSize = settings.disk.swapSize; |
||||
|
}) |
||||
|
] ++ (if settings.videoDrivers=="unknown" then [] else [ ./video-drivers/${settings.videoDrivers}.nix ]); |
||||
|
|
||||
|
# Allow unfree packages. |
||||
|
nixpkgs.config.allowUnfree = true; |
||||
|
|
||||
|
# Use the systemd-boot EFI boot loader. |
||||
|
boot.loader.systemd-boot.enable = true; |
||||
|
boot.loader.efi.canTouchEfiVariables = true; |
||||
|
boot.supportedFilesystems = [ "btrfs" ]; |
||||
|
|
||||
|
# BTRFS Scrubbing Services. |
||||
|
services.btrfs.autoScrub.enable = true; |
||||
|
services.btrfs.autoScrub.interval = "weekly"; |
||||
|
|
||||
|
# Set your time zone. |
||||
|
time.timeZone = settings.timezone; |
||||
|
|
||||
|
# Select internationalisation properties. |
||||
|
i18n.defaultLocale = settings.locale; |
||||
|
|
||||
|
# Configure keymap in X11 |
||||
|
services.xserver.xkb = { |
||||
|
layout = "us"; |
||||
|
variant = ""; |
||||
|
}; |
||||
|
|
||||
|
# console = { |
||||
|
# font = "Lat2-Terminus16"; |
||||
|
# keyMap = "us"; |
||||
|
# useXkbConfig = true; # use xkb.options in tty. |
||||
|
# }; |
||||
|
|
||||
|
# List packages installed in system profile. To search, run: |
||||
|
# $ nix search wget |
||||
|
users.groups.mlocate = {}; |
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
# Text Editors |
||||
|
vim |
||||
|
nano |
||||
|
|
||||
|
# Network |
||||
|
wget |
||||
|
curl |
||||
|
git |
||||
|
rsync |
||||
|
borgbackup |
||||
|
|
||||
|
# Disk Tools |
||||
|
btrfs-progs |
||||
|
nfs-utils |
||||
|
parted |
||||
|
ncdu |
||||
|
pv |
||||
|
|
||||
|
# System Tools |
||||
|
sudo |
||||
|
cron |
||||
|
mlocate |
||||
|
tmux |
||||
|
killall |
||||
|
pciutils |
||||
|
|
||||
|
# Performance monitor |
||||
|
nmon |
||||
|
iotop |
||||
|
htop |
||||
|
]; |
||||
|
|
||||
|
# Compatibility with scripts. |
||||
|
system.activationScripts.binbash = { |
||||
|
text = |
||||
|
'' |
||||
|
ln -sfn /run/current-system/sw/bin/bash /bin/bash |
||||
|
''; |
||||
|
}; |
||||
|
|
||||
|
# Nix Package Auto Cleanup |
||||
|
nix = { |
||||
|
settings.auto-optimise-store = true; |
||||
|
gc = { |
||||
|
automatic = true; |
||||
|
dates = "weekly"; |
||||
|
options = "--delete-oder-than 7d"; |
||||
|
}; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,15 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
programs.hyprland = { |
||||
|
# Install the packages from nixpkgs |
||||
|
enable = true; |
||||
|
# Whether to enable XWayland |
||||
|
xwayland.enable = true; |
||||
|
}; |
||||
|
|
||||
|
# Extra global packages for guis. |
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
xdg-desktop-portal-hyprland |
||||
|
]; |
||||
|
} |
@ -0,0 +1,7 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Enable the Desktop Environment. |
||||
|
services.xserver.desktopManager.plasma5.enable = false; |
||||
|
services.desktopManager.plasma6.enable = true; |
||||
|
} |
@ -0,0 +1,88 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Import desktop environments. |
||||
|
imports = [ |
||||
|
./desktop-environments/plasma.nix |
||||
|
./desktop-environments/hyperland.nix |
||||
|
]; |
||||
|
|
||||
|
# Enable the X11 windowing system. |
||||
|
services.xserver.enable = true; |
||||
|
|
||||
|
# Enable the Display Manager. |
||||
|
services.displayManager.sddm.enable = true; |
||||
|
services.displayManager.sddm.wayland.enable = true; |
||||
|
|
||||
|
# Enable automatic login for the user. |
||||
|
services.displayManager.autoLogin.enable = settings.user.autoLogin; |
||||
|
services.displayManager.autoLogin.user = if settings.user.autoLogin then settings.user.name else ""; |
||||
|
|
||||
|
# Enable touchpad support (enabled default in most desktopManager). |
||||
|
services.libinput.enable = true; |
||||
|
|
||||
|
# Enable CUPS to print documents. |
||||
|
services.printing.enable = true; |
||||
|
|
||||
|
# Enable sound with pipewire. |
||||
|
sound.enable = true; |
||||
|
hardware.pulseaudio.enable = false; |
||||
|
security.rtkit.enable = true; |
||||
|
services.pipewire = { |
||||
|
enable = true; |
||||
|
alsa.enable = true; |
||||
|
alsa.support32Bit = true; |
||||
|
pulse.enable = true; |
||||
|
# If you want to use JACK applications, uncomment this |
||||
|
#jack.enable = true; |
||||
|
|
||||
|
# use the example session manager (no others are packaged yet so this is enabled by default, |
||||
|
# no need to redefine it in your config for now) |
||||
|
#media-session.enable = true; |
||||
|
}; |
||||
|
|
||||
|
# Enable Flatpak |
||||
|
services.flatpak.enable = true; |
||||
|
|
||||
|
# Install firefox. |
||||
|
programs.firefox.enable = true; |
||||
|
|
||||
|
# Gui applications for the main user. |
||||
|
users.users.${settings.user.name}.packages = with pkgs; [ |
||||
|
# Internet |
||||
|
thunderbird |
||||
|
ungoogled-chromium |
||||
|
|
||||
|
# Remote management |
||||
|
remmina |
||||
|
transmission-remote-gtk |
||||
|
|
||||
|
# Development |
||||
|
kate |
||||
|
arduino-ide |
||||
|
|
||||
|
# Multimedia |
||||
|
clementine |
||||
|
mpv |
||||
|
vlc |
||||
|
kdePackages.k3b |
||||
|
|
||||
|
# Software defined radio |
||||
|
gqrx |
||||
|
]; |
||||
|
|
||||
|
# Kodi |
||||
|
services.xserver.desktopManager.kodi.enable = true; |
||||
|
services.xserver.desktopManager.kodi.package = pkgs.kodi.withPackages (pkgs: with pkgs; [ |
||||
|
# osmc-skin |
||||
|
jellyfin |
||||
|
pvr-hdhomerun |
||||
|
pvr-iptvsimple |
||||
|
]); |
||||
|
|
||||
|
# Extra global packages for guis. |
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
xdg-utils |
||||
|
xdg-desktop-portal |
||||
|
]; |
||||
|
} |
@ -0,0 +1,65 @@ |
|||||
|
{ |
||||
|
device ? throw "Set this to your disk device, e.g. /dev/disk/by-id/id", |
||||
|
swapSize ? "8G", |
||||
|
... |
||||
|
}: { |
||||
|
disko.devices = { |
||||
|
disk.main = { |
||||
|
inherit device; |
||||
|
type = "disk"; |
||||
|
content = { |
||||
|
type = "gpt"; |
||||
|
partitions = { |
||||
|
ESP = { |
||||
|
name = "boot"; |
||||
|
size = "500M"; |
||||
|
type = "EF00"; |
||||
|
content = { |
||||
|
type = "filesystem"; |
||||
|
format = "vfat"; |
||||
|
mountOptions = [ "fmask=0022" "dmask=0022" ]; |
||||
|
mountpoint = "/boot"; |
||||
|
}; |
||||
|
}; |
||||
|
root = { |
||||
|
name = "root"; |
||||
|
size = "100%"; |
||||
|
content = { |
||||
|
type = "luks"; |
||||
|
name = "crypted"; |
||||
|
settings.allowDiscards = true; |
||||
|
passwordFile = "/tmp/secret.key"; |
||||
|
content = { |
||||
|
type = "btrfs"; |
||||
|
extraArgs = [ "-f" ]; |
||||
|
|
||||
|
subvolumes = { |
||||
|
"/root" = { |
||||
|
mountOptions = [ "compress=zstd" ]; |
||||
|
mountpoint = "/"; |
||||
|
}; |
||||
|
|
||||
|
"/home" = { |
||||
|
mountOptions = [ "compress=zstd" ]; |
||||
|
mountpoint = "/home"; |
||||
|
}; |
||||
|
|
||||
|
"/nix" = { |
||||
|
mountOptions = [ "compress=zstd" ]; |
||||
|
mountpoint = "/nix"; |
||||
|
}; |
||||
|
|
||||
|
"/swap" = { |
||||
|
mountOptions = [ "noatime" ]; |
||||
|
mountpoint = "/swap"; |
||||
|
swap.swapfile.size = swapSize; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,59 @@ |
|||||
|
{ |
||||
|
device ? throw "Set this to your disk device, e.g. /dev/disk/by-id/id", |
||||
|
swapSize ? "8G", |
||||
|
... |
||||
|
}: { |
||||
|
disko.devices = { |
||||
|
disk.main = { |
||||
|
inherit device; |
||||
|
type = "disk"; |
||||
|
content = { |
||||
|
type = "gpt"; |
||||
|
partitions = { |
||||
|
ESP = { |
||||
|
name = "boot"; |
||||
|
size = "500M"; |
||||
|
type = "EF00"; |
||||
|
content = { |
||||
|
type = "filesystem"; |
||||
|
format = "vfat"; |
||||
|
mountOptions = [ "fmask=0022" "dmask=0022" ]; |
||||
|
mountpoint = "/boot"; |
||||
|
}; |
||||
|
}; |
||||
|
root = { |
||||
|
name = "root"; |
||||
|
size = "100%"; |
||||
|
content = { |
||||
|
type = "btrfs"; |
||||
|
extraArgs = [ "-f" ]; |
||||
|
|
||||
|
subvolumes = { |
||||
|
"/root" = { |
||||
|
mountOptions = [ "compress=zstd" ]; |
||||
|
mountpoint = "/"; |
||||
|
}; |
||||
|
|
||||
|
"/home" = { |
||||
|
mountOptions = [ "compress=zstd" ]; |
||||
|
mountpoint = "/home"; |
||||
|
}; |
||||
|
|
||||
|
"/nix" = { |
||||
|
mountOptions = [ "compress=zstd" ]; |
||||
|
mountpoint = "/nix"; |
||||
|
}; |
||||
|
|
||||
|
"/swap" = { |
||||
|
mountOptions = [ "noatime" ]; |
||||
|
mountpoint = "/swap"; |
||||
|
swap.swapfile.size = swapSize; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,13 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Install Docker |
||||
|
virtualisation.docker.enable = true; |
||||
|
virtualisation.docker.storageDriver = "btrfs"; |
||||
|
users.users.${settings.user.name}.extraGroups = [ "docker" ]; |
||||
|
|
||||
|
# Distrobox |
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
distrobox |
||||
|
]; |
||||
|
} |
@ -0,0 +1,11 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Enable steam for gamming. |
||||
|
programs.steam.enable = true; |
||||
|
|
||||
|
# Gui applications for the main user. |
||||
|
users.users.${settings.user.name}.packages = with pkgs; [ |
||||
|
lutris |
||||
|
]; |
||||
|
} |
@ -0,0 +1,21 @@ |
|||||
|
{ config, lib, pkgs, ... }: |
||||
|
|
||||
|
{ |
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
cockpit |
||||
|
]; |
||||
|
|
||||
|
services.cockpit = { |
||||
|
enable = true; |
||||
|
port = 9090; |
||||
|
settings = { |
||||
|
WebService = { |
||||
|
AllowUnencrypted = true; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
|
||||
|
# Enable the OpenSSH daemon. |
||||
|
services.openssh.enable = true; |
||||
|
services.openssh.settings.PermitRootLogin = "without-password"; |
||||
|
} |
@ -0,0 +1,60 @@ |
|||||
|
{ config, lib, pkgs, ... }: |
||||
|
|
||||
|
{ |
||||
|
users.groups.telegraf = {}; |
||||
|
users.users.telegraf = { |
||||
|
isNormalUser = false; |
||||
|
isSystemUser = true; |
||||
|
group = "telegraf"; |
||||
|
}; |
||||
|
|
||||
|
# List packages installed in system profile. |
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
telegraf |
||||
|
smartmontools |
||||
|
nvme-cli |
||||
|
lm_sensors |
||||
|
]; |
||||
|
|
||||
|
security.sudo = { |
||||
|
enable = true; |
||||
|
extraRules = [{ |
||||
|
commands = [ |
||||
|
{ |
||||
|
command = "${pkgs.smartmontools}/bin/smartctl"; |
||||
|
options = [ "NOPASSWD" ]; |
||||
|
} |
||||
|
{ |
||||
|
command = "${pkgs.nvme-cli}/bin/nvme"; |
||||
|
options = [ "NOPASSWD" ]; |
||||
|
} |
||||
|
]; |
||||
|
users = [ "telegraf" ]; |
||||
|
}]; |
||||
|
}; |
||||
|
|
||||
|
systemd.services.telegraf = { |
||||
|
enable = true; |
||||
|
description = "Telegraf"; |
||||
|
after = [ "network.target" ]; |
||||
|
path = [ |
||||
|
"/run/wrappers" |
||||
|
pkgs.lm_sensors |
||||
|
pkgs.smartmontools |
||||
|
pkgs.nvme-cli |
||||
|
]; |
||||
|
serviceConfig = { |
||||
|
Type = "notify"; |
||||
|
NotifyAccess = "all"; |
||||
|
User = "telegraf"; |
||||
|
ExecStart = "${pkgs.telegraf}/bin/telegraf -config /etc/telegraf/telegraf.conf -config-directory /etc/telegraf/telegraf.d"; |
||||
|
ExecReload = "/bin/kill -HUP $MAINPID"; |
||||
|
Restart = "on-failure"; |
||||
|
RestartForceExitStatus = "SIGPIPE"; |
||||
|
KillMode = "mixed"; |
||||
|
TimeoutStopSec = "5"; |
||||
|
LimitMEMLOCK = "8M:8M"; |
||||
|
}; |
||||
|
wantedBy = [ "multi-user.target" ]; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,21 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Network host configuration. |
||||
|
networking.hostId = settings.hostId; |
||||
|
networking.hostName = settings.hostName; |
||||
|
|
||||
|
# Open ports in the firewall. |
||||
|
# networking.firewall.allowedTCPPorts = [ ... ]; |
||||
|
# networking.firewall.allowedUDPPorts = [ ... ]; |
||||
|
# Or disable the firewall altogether. |
||||
|
networking.firewall.enable = false; |
||||
|
networking.networkmanager.enable = true; |
||||
|
|
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
dnsutils |
||||
|
iperf |
||||
|
nmap |
||||
|
netcat-gnu |
||||
|
]; |
||||
|
} |
@ -0,0 +1,50 @@ |
|||||
|
{ inputs, config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
services.syncthing = { |
||||
|
enable = true; |
||||
|
guiAddress = "0.0.0.0:8384"; |
||||
|
user = settings.user.name; |
||||
|
dataDir = "/home/${settings.user.name}"; |
||||
|
}; |
||||
|
|
||||
|
# Enable ZSH. |
||||
|
programs.zsh.enable = true; |
||||
|
|
||||
|
# Rebuild users. |
||||
|
users.mutableUsers = false; |
||||
|
|
||||
|
# Define a user account. Don't forget to set a password with ‘passwd’. |
||||
|
users.groups.${settings.user.name}.gid = 1000; |
||||
|
users.users.${settings.user.name} = { |
||||
|
isNormalUser = true; |
||||
|
description = settings.user.description; |
||||
|
extraGroups = [ "networkmanager" "wheel" ]; |
||||
|
uid = 1000; |
||||
|
group = settings.user.name; |
||||
|
shell = pkgs.zsh; |
||||
|
hashedPassword = settings.user.hashedPassword; |
||||
|
openssh.authorizedKeys.keys = settings.user.openssh.authorizedKeys.keys; |
||||
|
}; |
||||
|
users.users.root = { |
||||
|
shell = pkgs.zsh; |
||||
|
hashedPassword = settings.root.hashedPassword; |
||||
|
openssh.authorizedKeys.keys = settings.root.openssh.authorizedKeys.keys; |
||||
|
}; |
||||
|
|
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
unstable.nodejs_22 |
||||
|
pure-prompt |
||||
|
fastfetch |
||||
|
]; |
||||
|
|
||||
|
home-manager = { |
||||
|
extraSpecialArgs = { |
||||
|
inherit inputs; |
||||
|
inherit settings; |
||||
|
}; |
||||
|
users = { |
||||
|
${settings.user.name} = import ../../users/main-user.nix; |
||||
|
}; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,12 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Display drivers. |
||||
|
hardware.opengl = { |
||||
|
enable = true; |
||||
|
driSupport = true; |
||||
|
driSupport32Bit = true; |
||||
|
}; |
||||
|
boot.initrd.kernelModules = [ "amdgpu" ]; |
||||
|
services.xserver.videoDrivers = [ "amdgpu" ]; |
||||
|
} |
@ -0,0 +1,43 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Display drivers. |
||||
|
hardware.opengl = { |
||||
|
enable = true; |
||||
|
driSupport = true; |
||||
|
driSupport32Bit = true; |
||||
|
}; |
||||
|
services.xserver.videoDrivers = [ "nvidia" ]; |
||||
|
|
||||
|
hardware.nvidia = { |
||||
|
|
||||
|
# Modesetting is required. |
||||
|
modesetting.enable = false; |
||||
|
|
||||
|
# Nvidia power management. Experimental, and can cause sleep/suspend to fail. |
||||
|
# Enable this if you have graphical corruption issues or application crashes after waking |
||||
|
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead |
||||
|
# of just the bare essentials. |
||||
|
powerManagement.enable = false; |
||||
|
|
||||
|
# Fine-grained power management. Turns off GPU when not in use. |
||||
|
# Experimental and only works on modern Nvidia GPUs (Turing or newer). |
||||
|
powerManagement.finegrained = false; |
||||
|
|
||||
|
# Use the NVidia open source kernel module (not to be confused with the |
||||
|
# independent third-party "nouveau" open source driver). |
||||
|
# Support is limited to the Turing and later architectures. Full list of |
||||
|
# supported GPUs is at: |
||||
|
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus |
||||
|
# Only available from driver 515.43.04+ |
||||
|
# Currently alpha-quality/buggy, so false is currently the recommended setting. |
||||
|
open = false; |
||||
|
|
||||
|
# Enable the Nvidia settings menu, |
||||
|
# accessible via `nvidia-settings`. |
||||
|
nvidiaSettings = true; |
||||
|
|
||||
|
# Optionally, you may need to select the appropriate driver version for your specific GPU. |
||||
|
package = config.boot.kernelPackages.nvidiaPackages.stable; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,13 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Display drivers. |
||||
|
hardware.opengl = { |
||||
|
enable = true; |
||||
|
driSupport = true; |
||||
|
driSupport32Bit = true; |
||||
|
}; |
||||
|
services.xserver.videoDrivers = [ "qxl" ]; |
||||
|
# services.qemuGuest.enable = true; |
||||
|
services.spice-vdagentd.enable = true; |
||||
|
} |
@ -0,0 +1,53 @@ |
|||||
|
{ config, lib, pkgs, ... }: |
||||
|
|
||||
|
{ |
||||
|
networking.extraHosts = |
||||
|
'' |
||||
|
10.0.100.5 kiki kiki.gec.im |
||||
|
10.0.100.6 tama tama.gec.im |
||||
|
10.0.100.7 kate kate.gec.im |
||||
|
10.0.100.8 mika mika.gec.im |
||||
|
10.0.100.13 gaming-pc gaming-pc.gec.im |
||||
|
''; |
||||
|
|
||||
|
networking.localCommands = |
||||
|
'' |
||||
|
/run/current-system/sw/bin/iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT |
||||
|
''; |
||||
|
|
||||
|
boot.kernel.sysctl."net.bridge.bridge-nf-call-ip6tables" = 0; |
||||
|
boot.kernel.sysctl."net.bridge.bridge-nf-call-iptables" = 0; |
||||
|
boot.kernel.sysctl."net.bridge.bridge-nf-call-arptables" = 0; |
||||
|
|
||||
|
virtualisation.libvirtd = { |
||||
|
enable = true; |
||||
|
qemu = { |
||||
|
package = pkgs.qemu_full; |
||||
|
runAsRoot = true; |
||||
|
swtpm.enable = true; |
||||
|
ovmf = { |
||||
|
enable = true; |
||||
|
packages = [(pkgs.OVMF.override { |
||||
|
secureBoot = true; |
||||
|
tpmSupport = true; |
||||
|
}).fd]; |
||||
|
}; |
||||
|
}; |
||||
|
}; |
||||
|
|
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
(python311.withPackages(ps: with ps; [ pip pandas requests libvirt lxml packaging ])) |
||||
|
qemu_full |
||||
|
libvirt |
||||
|
swtpm |
||||
|
edk2 |
||||
|
]; |
||||
|
|
||||
|
# Compatibility with libvirt internals. |
||||
|
system.activationScripts.binqemu = { |
||||
|
text = |
||||
|
'' |
||||
|
ln -sfn /run/current-system/sw/bin/qemu-system-x86_64 /usr/bin/qemu-system-x86_64 |
||||
|
''; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,14 @@ |
|||||
|
{ config, lib, pkgs, ... }: |
||||
|
|
||||
|
{ |
||||
|
boot.supportedFilesystems = [ "zfs" ]; |
||||
|
|
||||
|
# Set kernel to latest compatible version with ZFS. |
||||
|
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; |
||||
|
|
||||
|
environment.systemPackages = with pkgs; [ |
||||
|
zfs |
||||
|
]; |
||||
|
|
||||
|
services.zfs.autoScrub.enable = true; |
||||
|
} |
@ -0,0 +1,13 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Import modules. |
||||
|
imports = [ |
||||
|
../modules/nixos/common.nix |
||||
|
../modules/nixos/network.nix |
||||
|
../modules/nixos/users.nix |
||||
|
../modules/nixos/management.nix |
||||
|
../modules/nixos/desktop.nix |
||||
|
../modules/nixos/docker.nix |
||||
|
]; |
||||
|
} |
@ -0,0 +1,9 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Import modules. |
||||
|
imports = [ |
||||
|
./desktop.nix |
||||
|
../modules/nixos/gaming.nix |
||||
|
]; |
||||
|
} |
@ -0,0 +1,18 @@ |
|||||
|
{ config, lib, pkgs, settings, ... }: |
||||
|
|
||||
|
{ |
||||
|
# Import modules. |
||||
|
imports = [ |
||||
|
../modules/nixos/common.nix |
||||
|
../modules/nixos/network.nix |
||||
|
../modules/nixos/users.nix |
||||
|
../modules/nixos/management.nix |
||||
|
../modules/nixos/monitoring.nix |
||||
|
../modules/nixos/virtualization.nix |
||||
|
]; |
||||
|
|
||||
|
# Allow unsupported SPF+ modules. |
||||
|
boot.kernelParams = [ |
||||
|
"ixgbe.allow_unsupported_sfp=1" |
||||
|
]; |
||||
|
} |
@ -0,0 +1,20 @@ |
|||||
|
#!/usr/bin/env bash |
||||
|
|
||||
|
# Change into script dir. |
||||
|
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit |
||||
|
nixosDir=$(pwd) |
||||
|
|
||||
|
# Get short hostname to work with host specific configurations. |
||||
|
host=$(hostname -s) |
||||
|
if [[ -n $nixHostOverride ]]; then |
||||
|
host=$nixHostOverride |
||||
|
fi |
||||
|
|
||||
|
# Confirm host configuration is available; If not, we should not continue. |
||||
|
if ! grep -q "nixosConfigurations.$host" flake.nix; then |
||||
|
host="default" |
||||
|
fi |
||||
|
|
||||
|
# Rebuild and switch. |
||||
|
# shellcheck disable=SC2068 |
||||
|
nixos-rebuild switch --impure --flake "path:$nixosDir/#$host" $@ |
@ -0,0 +1,8 @@ |
|||||
|
#!/usr/bin/env bash |
||||
|
|
||||
|
# Change into script dir. |
||||
|
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit |
||||
|
nixosDir=$(pwd) |
||||
|
|
||||
|
# Sync configuration via rsync. |
||||
|
rsync -av --delete --exclude settings.nix --exclude hardware-configuration.nix "$nixosDir/" "$1:nixos/" |
@ -0,0 +1,30 @@ |
|||||
|
rec { |
||||
|
system = "x86_64-linux"; |
||||
|
timezone = "America/Chicago"; |
||||
|
locale = "en_US.UTF-8"; |
||||
|
packages = "stable"; |
||||
|
profile = "desktop"; |
||||
|
hostId = (builtins.substring 0 8 (builtins.readFile "/etc/machine-id")); |
||||
|
hostName = "nixos"; |
||||
|
videoDrivers = "unknown"; |
||||
|
disk = { |
||||
|
device = "/dev/sda"; |
||||
|
swapSize = "8G"; |
||||
|
luks = false; |
||||
|
}; |
||||
|
user = { |
||||
|
name = "grmrgecko"; |
||||
|
description = "James Coleman"; |
||||
|
hashedPassword = ""; |
||||
|
openssh.authorizedKeys.keys = []; |
||||
|
autoLogin = false; |
||||
|
}; |
||||
|
root = { |
||||
|
hashedPassword = user.hashedPassword; |
||||
|
openssh.authorizedKeys.keys = user.openssh.authorizedKeys.keys; |
||||
|
}; |
||||
|
git = { |
||||
|
name = "GRMrGecko"; |
||||
|
email = "grmrgecko@gmail.com"; |
||||
|
}; |
||||
|
} |
@ -0,0 +1,32 @@ |
|||||
|
#!/usr/bin/env bash |
||||
|
|
||||
|
# Change into script dir. |
||||
|
cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null || exit |
||||
|
nixosDir=$(pwd) |
||||
|
|
||||
|
# Get short hostname to work with host specific configurations. |
||||
|
host=$(hostname -s) |
||||
|
if [[ -n $nixHostOverride ]]; then |
||||
|
host=$nixHostOverride |
||||
|
fi |
||||
|
|
||||
|
# Confirm host configuration is available; If not, we should not continue. |
||||
|
if ! grep -q "nixosConfigurations.$host" flake.nix; then |
||||
|
host="default" |
||||
|
fi |
||||
|
|
||||
|
# Update nixpkgs. |
||||
|
if ! sudo -u grmrgecko nix flake update "$nixosDir"; then |
||||
|
echo "Update failed" |
||||
|
exit 1 |
||||
|
fi |
||||
|
|
||||
|
# Add updated lock file to git staging for rebuild below. |
||||
|
sudo -u grmrgecko git add flake.lock |
||||
|
|
||||
|
# Commit update. |
||||
|
sudo -u grmrgecko git commit -m "Flake update $(date)" |
||||
|
|
||||
|
# Rebuild and switch. |
||||
|
# shellcheck disable=SC2068 |
||||
|
nixos-rebuild switch --impure --flake "path:$nixosDir/#$host" $@ |
@ -0,0 +1,24 @@ |
|||||
|
{pkgs, settings, ...}: |
||||
|
|
||||
|
{ |
||||
|
imports = [ |
||||
|
../modules/home/git.nix |
||||
|
../modules/home/zsh.nix |
||||
|
]; |
||||
|
|
||||
|
home.username = settings.user.name; |
||||
|
home.homeDirectory = "/home/${settings.user.name}"; |
||||
|
|
||||
|
# Let Home Manager install and manage itself. |
||||
|
programs.home-manager.enable = true; |
||||
|
|
||||
|
# This value determines the Home Manager release that your |
||||
|
# configuration is compatible with. This helps avoid breakage |
||||
|
# when a new Home Manager release introduces backwards |
||||
|
# incompatible changes. |
||||
|
# |
||||
|
# You can update Home Manager without changing this value. See |
||||
|
# the Home Manager release notes for a list of state version |
||||
|
# changes in each release. |
||||
|
home.stateVersion = "23.11"; |
||||
|
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue