delta/dotfiles
1
0
Fork 0
mirror of https://github.com/deltathetawastaken/dotfiles.git synced 2025-12-06 07:16:37 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

big refactor

Browse source
This commit is contained in:
Your Name 2024-03-23 05:50:22 +03:00
parent 46793e991d
commit 4fc15d34f1
26 changed files with 988 additions and 1050 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
hosts/dlaptop/apps.nix → apps/apps.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, inputs, stable, ... }:
{ pkgs, lib, inputs, stable, self, ... }:
let
lock-false = {
Value = false;
@ -9,14 +9,13 @@ let
Status = "locked";
};
in {
users.users.delta.packages = (with pkgs; [
git
chromium
wl-clipboard
wl-clipboard-x11
(callPackage ../../derivations/audiorelay.nix { })
(callPackage ../../derivations/spotify.nix { })
(callPackage "${self}/derivations/audiorelay.nix" { })
(callPackage "${self}/derivations/spotify.nix" { })
#(callPackage ../derivations/nu_plugin_dns.nix { })
xorg.xwininfo
jq
@ -44,7 +43,9 @@ in {
vesktop
localsend
trayscale
# inputs.firefox.packages.${pkgs.system}.firefox-bin
fishPlugins.done
monero-gui
inputs.telegram-desktop-patched.packages.${pkgs.system}.default
]);
programs.firefox = {
@ -115,4 +116,14 @@ in {
];
};
};
programs.thunar.enable = true;
programs.xfconf.enable = true;
programs.virt-manager.enable = true;
programs.steam.enable = true;
programs.gamemode.enable = true;
programs.thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
}

189
apps/gnome.nix Normal file
View file

@ -0,0 +1,189 @@
{ pkgs, lib, inputs, ... }: with lib.gvariant;
let
# wallpaper = pkgs.stdenv.mkDerivation {
# name = "wallpaper";
# phases = [ "installPhase" ];
# installPhase = ''
# mkdir -p $out/share/backgrounds
# cp ${../wallpaper.png} $out/share/backgrounds/wallpaper.png
# '';
# };
in
{
#imports = [
# inputs.home-manager.nixosModules.home-manager
#];
nixpkgs.overlays = [
(final: prev: {
gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: {
mutter = gnomePrev.mutter.overrideAttrs (old: {
src = pkgs.fetchgit {
url = "https://gitlab.gnome.org/vanvugt/mutter.git";
# GNOME 45: triple-buffering-v4-45
rev = "0b896518b2028d9c4d6ea44806d093fd33793689";
sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w=";
};
});
});
})
];
programs.dconf.enable = true;
programs.dconf.profiles.user.databases = [
{
settings = {
"org/gnome/mutter" = {
experimental-features = [ "scale-monitor-framebuffer" ];
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/"
];
};
"org/gnome/shell/keybindings" = {
show-screenshot-ui = [ "<Shift><Super>s" ];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "<Alt>Return";
command = "/etc/profiles/per-user/delta/bin/kitty_wrapped";
name = "kitty";
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = {
binding = "<Control><Alt>x";
command = "/etc/profiles/per-user/delta/bin/keepassxc";
name = "keepassxc";
};
"org/gnome/desktop/sound" = {
allow-volume-above-100-percent = true;
};
"org/gnome/desktop/wm/keybindings" = {
# close = mkEmptyArray (type.string);
# switch-input-source = [ "<Shift>Alt_L" ];
# switch-input-source-backward = [ "<Alt>Shift_L" ];
};
"org/gnome/desktop/interface" = {
icon-theme = "Papirus-Dark";
color-scheme = "prefer-dark";
gtk-theme = "adw-gtk3-dark";
};
"org/gnome/shell" = {
favorite-apps = [
"firefox.desktop"
"vesktop.desktop"
"org.telegram.desktop.desktop"
"spotify.desktop"
"kitty.desktop"
"org.gnome.Nautilus.desktop"
];
disable-user-extensions = false;
enabled-extensions = [
"activate-window-by-title@lucaswerkmeister.de"
"appindicatorsupport@rgcjonas.gmail.com"
"clipboard-indicator@tudmotu.com"
"gsconnect@andyholmes.github.io"
"tailscale@joaophi.github.com"
"unite@hardpixel.eu"
"user-theme@gnome-shell-extensions.gcampax.github.com"
"pip-on-top@rafostar.github.com"
"cloudflare-warp-toggle@khaled.is-a.dev"
];
};
"org/gnome/desktop/input-sources" = {
mru-sources = [ (mkTuple [ "xkb" "us" ]) ];
sources = [ (mkTuple [ "xkb" "us" ]) (mkTuple [ "xkb" "ru" ]) ];
xkb-options = [ "terminate:ctrl_alt_bksp" "lv3:switch" "compose:ralt" ];
};
"org/gnome/desktop/screensaver" = {
lock-enabled = true;
};
"org/gnome/desktop/notifications" = {
show-in-lock-screen = false;
};
"org/gnome/desktop/session" = {
idle-delay = mkUint32 0;
};
"org/gnome/shell/extensions/unite" = {
enable-titlebar-actions = true;
extend-left-box = false;
hide-activities-button = "never";
hide-app-menu-icon = false;
notifications-position = "center";
reduce-panel-spacing = true;
restrict-to-primary-screen = false;
show-appmenu-button = true;
show-desktop-name = false;
show-legacy-tray = false;
show-window-buttons = "never";
show-window-title = "never";
};
#"org/gnome/shell/extensions/user-theme" = {
# name = "Mojave-Dark-solid-alt";
#};
"org/gnome/shell/weather" = {
automatic-location = true;
};
#"org/gnome/desktop/background" = {
# picture-uri = "file:///run/current-system/sw/share/backgrounds/wallpaper.png";
# picture-uri-dark = "file:///run/current-system/sw/share/backgrounds/wallpaper.png";
#};
"org/gnome/desktop/peripherals/touchpad" = {
tap-to-click = true;
};
"org/gnome/settings-daemon/plugins/power" = {
sleep-inactive-ac-type = "nothing";
};
"org/gnome/settings-daemon/plugins/power" = {
sleep-inactive-battery-timeout = mkUint32 300;
};
};
}
];
environment.systemPackages = with pkgs; [
gnomeExtensions.appindicator
gnomeExtensions.activate-window-by-title
gnomeExtensions.unite
gnomeExtensions.tailscale-qs
gnomeExtensions.gsconnect
gnomeExtensions.clipboard-indicator
gnomeExtensions.pip-on-top
gnomeExtensions.cloudflare-warp-toggle
gnomeExtensions.tiling-assistant
gnome.gnome-tweaks
mojave-gtk-theme
adw-gtk3
papirus-icon-theme
#wallpaper
];
environment.gnome.excludePackages = with pkgs.gnome; [
pkgs.gnome-text-editor
pkgs.gnome-tour
pkgs.orca
epiphany
geary
gnome-backgrounds
gnome-calendar
gnome-characters
gnome-clocks
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
gnome-weather
simple-scan
sushi
totem
yelp
];
services.gnome = {
gnome-browser-connector.enable = false;
gnome-initial-setup.enable = false;
gnome-online-accounts.enable = false;
};
}

26
hosts/dlaptop/scripts.nix → apps/scripts.nix
View file

@ -76,6 +76,7 @@ let
keepassxc = pkgs.writeScriptBin "keepassxc" ''
#!/usr/bin/env bash
${pkgs.coreutils}/bin/base64 -d ${config.sops.secrets.qqq.path} | ${pkgs.keepassxc}/bin/keepassxc --pw-stdin ~/Dropbox/pswd.kdbx
${pkgs.glib}/bin/gdbus call --session --dest org.gnome.Shell --object-path /de/lucaswerkmeister/ActivateWindowByTitle --method de.lucaswerkmeister.ActivateWindowByTitle.activateByWmClass 'org.keepassxc.KeePassXC'
'';
keepassxcDesktopItem = pkgs.makeDesktopItem {
@ -103,6 +104,7 @@ let
${pkgs.coreutils}/bin/sleep 5
${pkgs.gtk3}/bin/gtk-launch dropbox.desktop
${pkgs.gtk3}/bin/gtk-launch org.keepassxc.KeePassXC.desktop
gsettings set org.gnome.desktop.interface cursor-size 16
exit 0
'';
@ -113,14 +115,24 @@ let
exec = "/etc/profiles/per-user/delta/bin/autostart";
type = "Application";
};
firefoxRussia = pkgs.writeScriptBin "firefox-russia" ''
#!/usr/bin/env bash
firejail --blacklist="/var/run/nscd" --ignore="include whitelist-run-common.inc" --net=$(${pkgs.iproute2}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $5}') --dns=77.88.8.1 firefox --class firefox-russia --name firefox-russia -P russia -no-remote
'';
firefoxRussiaDesktopItem = pkgs.makeDesktopItem {
name = "firefox-russia";
desktopName = "Firefox Russia";
icon = "firefox-developer-edition";
exec = "firefox-russia";
};
in {
users.users.delta.packages = with pkgs; [
ephemeralbrowser
ephemeralbrowserDesktopItem
keepassxc
keepassxcDesktopItem
users.users.delta.packages = [
kitty_wrapped
autostart
autostartDesktopItem
ephemeralbrowser ephemeralbrowserDesktopItem
keepassxc keepassxcDesktopItem
autostart autostartDesktopItem
firefoxRussia firefoxRussiaDesktopItem
];
}

120
hosts/dlaptop/socks.nix → apps/socks.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, ... }:
{ pkgs, lib, config, inputs, ... }:
let
socksBuilder = attrs:
{
@ -22,46 +22,57 @@ let
script = attrs.script;
preStart = "while true; do ip addr show dev novpn1 | grep -q 'inet' && break; sleep 1; done";
path = with pkgs; [shadowsocks-libev shadowsocks-v2ray-plugin sing-box wireproxy iproute2 ];
path = with pkgs; [ shadowsocks-libev shadowsocks-v2ray-plugin sing-box wireproxy iproute2 ];
};
};
# IP of the proxies is 192.168.150.2
# IP of the proxies is 192.168.150.2
socksed = [
{ name = "singbox-aus"; script = "sing-box run -c /run/secrets/singbox-aus"; } # port 4000
#{ name = "socks-warp"; script = "wireproxy -c /etc/wireguard/warp0.conf"; } # port 3333
{ name = "socks-warp"; script = "wireproxy -c /etc/wireguard/warp0.conf"; } # port 3333
];
delete_rules = pkgs.writeScriptBin "delete_rules" ''
#!${pkgs.bash}/bin/bash
default_gateway=$(cat /etc/netns/novpn/default_gateway)
default_interface=$(cat /etc/netns/novpn/default_interface)
ip rule del fwmark 150 table 150
ip rule del from 192.168.150.2 table 150
ip rule del to 192.168.150.2 table 150
ip route del default via $default_gateway dev $default_interface table 150
ip route del 192.168.150.2 via 192.168.150.1 dev novpn0 table 150
iptables -t nat -D POSTROUTING -o "$default_interface" -j MASQUERADE
'';
start_novpn = pkgs.writeScriptBin "start_novpn" ''
#!${pkgs.bash}/bin/bash
configure_rules() {
ip rule del fwmark 100 table 150
ip rule del from 192.168.150.2 table 150
ip rule del to 192.168.150.2 table 150
ip route del default via $default_gateway dev $default_interface table 150
ip route del 192.168.150.2 via 192.168.150.1 dev novpn0 table 150
ip rule add fwmark 100 table 150
add_rules() {
ip rule add fwmark 150 table 150
ip rule add from 192.168.150.2 table 150
ip rule add to 192.168.150.2 table 150
ip route add default via $default_gateway dev $default_interface table 150
ip route add default via $default_gateway dev $default_interface table 150
ip route add 192.168.150.2 via 192.168.150.1 dev novpn0 table 150
iptables -t nat -A POSTROUTING -o "$default_interface" -j MASQUERADE
}
default_gateway=$(ip route | awk '/default/ {print $3}')
default_interface=$(ip route | awk '/default/ {print $5}')
set_gateway() {
default_interface_new=$(ip route | awk '/default/ {print $5}')
default_gateway_new=$(ip route | awk '/default/ {print $3}')
if [[ -z "$default_interface" ]]; then
echo "No default interface"
exit 1
fi
if [[ ! -z "$default_interface_new" && ! -z "$default_gateway_new" ]]; then
default_interface=$default_interface_new
default_gateway=$default_gateway_new
echo "$default_gateway" > /etc/netns/novpn/default_gateway
echo "$default_interface" > /etc/netns/novpn/default_interface
fi
}
mkdir -p /etc/netns/novpn/
echo "nameserver 1.1.1.1" > /etc/netns/novpn/resolv.conf
echo "nameserver 1.1.0.1" >> /etc/netns/novpn/resolv.conf
sysctl -wq net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o "$default_interface" -j MASQUERADE
ip link add novpn0 type veth peer name novpn1
ip link set novpn1 netns novpn
@ -72,21 +83,20 @@ let
ip netns exec novpn ip link set novpn1 up
ip netns exec novpn ip route add default via 192.168.150.1
configure_rules
set_gateway
if [[ -z "$default_interface" ]]; then
echo "No default interface"
exit 1
fi
add_rules
sleep 3
ip monitor route | while read -r event; do
case "$event" in
'local '*)
default_interface_new=$(ip route | awk '/default/ {print $5}')
default_gateway_new=$(ip route | awk '/default/ {print $3}')
if [[ ! -z "$default_interface_new" && ! -z "$default_gateway_new" ]]; then
default_interface=$default_interface_new
default_gateway=$default_gateway_new
fi
configure_rules
${delete_rules}/bin/delete_rules
set_gateway
add_rules
;;
esac
done
@ -94,22 +104,25 @@ let
stop_novpn = pkgs.writeScriptBin "stop_novpn" ''
#!${pkgs.bash}/bin/bash
${delete_rules}/bin/delete_rules
rm -rf /etc/netns/novpn/
ip rule del fwmark 100 table 150
ip rule del from 192.168.150.2 table 150
ip rule del to 192.168.150.2 table 150
ip link del novpn0
ip netns del novpn
rm -rf /var/run/netns/novpn/
exit 0
rm -rf /var/run/netns/novpn/
'';
in {
users.users.socks = {
group = "socks";
isSystemUser = true;
};
novpn = {
users.groups.socks = {};
systemd.services = builtins.listToAttrs (map socksBuilder socksed) // { novpn = {
enable = true;
description = "novpn namespace";
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
wants = map (s: "${s.name}.service") socksed;
wants = map (s: "${s.name}.service") socksed ++ [ "network-online.target"];
serviceConfig = {
Restart = "on-failure";
@ -121,20 +134,23 @@ let
preStart = "${stop_novpn}/bin/stop_novpn && ip netns add novpn";
path = with pkgs; [ gawk iproute2 iptables sysctl coreutils ];
};
in {
users.users.socks = {
group = "socks";
isSystemUser = true;
};
};};
users.groups.socks = {};
systemd.services = builtins.listToAttrs (map socksBuilder socksed) // { novpn = novpn; };
users.users.delta.packages = [
(pkgs.writeScriptBin "nyx" ''sudo -u tor -g tor ${inputs.nixpkgs-2105.legacyPackages."x86_64-linux".nyx}/bin/nyx $@'')
];
services.tor = {
enable = true;
client = {
enable = true;
socksListenAddress = 9063;
};
settings = {
Socks5Proxy = "192.168.150.2:3333";
ControlPort = 9051;
CookieAuthentication = true;
};
};
}
users.users.delta.packages = [ (pkgs.makeDesktopItem {
name = "firefox-russia";
desktopName = "Firefox Russia";
icon = "firefox-developer-edition";
exec = ''firejail --blacklist="/var/run/nscd" --ignore="include whitelist-run-common.inc" --netns=novpn firefox -P russia -no-remote'';
}) ];
}

2
hosts/dlaptop/work.nix → apps/work.nix
View file

@ -308,7 +308,7 @@ let
};
in
{
users.users.delta.packages = with pkgs; [
users.users.delta.packages = [
kittyWork
kittyWorkDesktopItem
firefoxWork

BIN
firmware/TAS2XXX38BB.bin
View file

Binary file not shown.

BIN
firmware/TIAS2781RCA4.bin
View file

Binary file not shown.

BIN
firmware/slim7-ssdt
View file

Binary file not shown.

171
flake.lock
View file

@ -21,61 +21,6 @@
"type": "github"
}
},
"cachix": {
"locked": {
"lastModified": 1635350005,
"narHash": "sha256-tAMJnUwfaDEB2aa31jGcu7R7bzGELM9noc91L2PbVjg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1c1f5649bb9c1b0d98637c8c365228f57126f361",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-20.09",
"repo": "nixpkgs",
"type": "github"
}
},
"firefox": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat",
"lib-aggregate": "lib-aggregate",
"mozilla": "mozilla",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1709209504,
"narHash": "sha256-szkYp24Xnxb2nsrHgQY3mVvty/humm+1zGXeZ78uA/k=",
"owner": "nix-community",
"repo": "flake-firefox-nightly",
"rev": "9b78672ec1d66f393a7d7923adbbf7f398473dad",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-firefox-nightly",
"type": "github"
}
},
"flake-compat": {
"locked": {
"lastModified": 1688025799,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -101,24 +46,6 @@
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
@ -140,83 +67,48 @@
]
},
"locked": {
"lastModified": 1706981411,
"narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
"lastModified": 1711133180,
"narHash": "sha256-WJOahf+6115+GMl3wUfURu8fszuNeJLv9qAWFQl3Vmo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "652fda4ca6dafeb090943422c34ae9145787af37",
"rev": "1c2c5e4cabba4c43504ef0f8cc3f3dfa284e2dbb",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
},
"lib-aggregate": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1709208631,
"narHash": "sha256-n+SCii/GQR3zjaZzjhGAjrQQlF+xjaGEjWdpDb4wJ3U=",
"owner": "nix-community",
"repo": "lib-aggregate",
"rev": "1f03ac8dc3a54f68f55d36b5e7fc65afc302a3d7",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lib-aggregate",
"type": "github"
}
},
"mozilla": {
"flake": false,
"locked": {
"lastModified": 1704373101,
"narHash": "sha256-+gi59LRWRQmwROrmE1E2b3mtocwueCQqZ60CwLG+gbg=",
"owner": "mozilla",
"repo": "nixpkgs-mozilla",
"rev": "9b11a87c0cc54e308fa83aac5b4ee1816d5418a2",
"type": "github"
},
"original": {
"owner": "mozilla",
"repo": "nixpkgs-mozilla",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1709128929,
"narHash": "sha256-GWrv9a+AgGhG4/eI/CyVVIIygia7cEy68Huv3P8oyaw=",
"lastModified": 1710806803,
"narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8e74c2f83fe12b4e5a8bd1abbc090575b0f7611",
"rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"nixpkgs-2105": {
"locked": {
"lastModified": 1708821942,
"narHash": "sha256-jd+E1SD59qty65pwqad2mftzkT6vW5nNFWVuvayh4Zw=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "479831ed8b3c9c7b80533999f880c7d0bf6a491b",
"lastModified": 1659914493,
"narHash": "sha256-lkA5X3VNMKirvA+SUzvEhfA7XquWLci+CGi505YFAIs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "022caabb5f2265ad4006c1fa5b1ebe69fb0c3faf",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"owner": "NixOS",
"ref": "nixos-21.05",
"repo": "nixpkgs",
"type": "github"
}
},
@ -319,9 +211,9 @@
"root": {
"inputs": {
"anyrun": "anyrun",
"firefox": "firefox",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs-2105": "nixpkgs-2105",
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable",
"secrets": "secrets",
@ -334,17 +226,17 @@
"sops-nix": "sops-nix"
},
"locked": {
"lastModified": 1711051538,
"narHash": "sha256-/fgXXCdvjvymM/wXivQ09gZI1u/z9Ld79iRg+et08Vo=",
"lastModified": 1711064484,
"narHash": "sha256-v/o2GSHunWVWtLwcVvaakxXaWDazLfs9n1afjb5cXMA=",
"ref": "refs/heads/main",
"rev": "1ac61646be7e98fb8a0a2722b37b194bb4c33569",
"revCount": 1,
"rev": "0da88dbba8f7aa71a1692019825912ac377a5d1b",
"revCount": 2,
"type": "git",
"url": "ssh://git@github.com/deltathetawastaken/secrets"
"url": "ssh://git@github.com/deltathetawastaken/secrets.git"
},
"original": {
"type": "git",
"url": "ssh://git@github.com/deltathetawastaken/secrets"
"url": "ssh://git@github.com/deltathetawastaken/secrets.git"
}
},
"sops-nix": {
@ -381,24 +273,9 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"telegram-desktop-patched": {
"inputs": {
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_4"
},
"locked": {

138
flake.nix
View file

@ -1,28 +1,29 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager/release-23.11";
nixpkgs-2105.url = "github:NixOS/nixpkgs/nixos-21.05";
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
firefox.url = "github:nix-community/flake-firefox-nightly";
firefox.inputs.nixpkgs.follows = "nixpkgs";
anyrun.url = "github:Kirottu/anyrun";
anyrun.inputs.nixpkgs.follows = "nixpkgs-unstable";
telegram-desktop-patched.url = "github:shwewo/telegram-desktop-patched";
secrets.url = "git+ssh://git@github.com/deltathetawastaken/secrets";
#agenix.url = "github:ryantm/agenix";
#agenix.inputs.darwin.follows = "";
#ragenix = {
# url = "github:yaxitech/ragenix";
# inputs.flake-utils.follows = "flake-utils";
# inputs.nixpkgs.follows = "nixpkgs";
#};
secrets.url = "git+ssh://git@github.com/deltathetawastaken/secrets.git";
};
outputs = inputs @ { self, nixpkgs, nixpkgs-stable, nixpkgs-unstable, home-manager, firefox, anyrun, ... }:
outputs = inputs @ { self, nixpkgs, home-manager, anyrun, ... }:
let
pkgs = nixpkgs.legacyPackages."x86_64-linux";
stable = import inputs.nixpkgs-stable { system = "x86_64-linux"; config = { allowUnfree = true; }; };
unstable = import inputs.nixpkgs-unstable { system = "x86_64-linux"; config = { allowUnfree = true; }; };
specialArgs = { inherit inputs self stable unstable homeSettings; };
homeSettings = {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.delta = import ./home/home.nix;
home-manager.extraSpecialArgs = specialArgs;
};
in {
devShells."x86_64-linux".default = pkgs.mkShell {
name = "delta";
@ -32,111 +33,20 @@
pre-commit install &> /dev/null
'';
};
nixosConfigurations.dlaptop = nixpkgs-unstable.lib.nixosSystem {
nixosConfigurations.dlaptop = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
stable = import nixpkgs-stable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
};
modules = [
./hosts/generic.nix
./hosts/dlaptop/configuration.nix
./hosts/dlaptop/hardware-configuration.nix
home-manager.nixosModules.home-manager
inputs.secrets.nixosModules.dlaptop
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.delta = import ./home/home.nix;
home-manager.extraSpecialArgs = {
inherit inputs;
stable = import nixpkgs-stable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
};
}
];
specialArgs = specialArgs;
modules = [ ./hosts/generic.nix ./hosts/dlaptop/system.nix ];
};
nixosConfigurations.intelnuc = nixpkgs-unstable.lib.nixosSystem {
nixosConfigurations.intelnuc = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
stable = import nixpkgs-stable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
};
modules = [
./hosts/generic.nix
./hosts/intelnuc/configuration.nix
./hosts/intelnuc/hardware-configuration.nix
inputs.secrets.nixosModules.intelnuc
];
specialArgs = specialArgs;
modules = [ ./hosts/generic.nix ./hosts/intelnuc/system.nix ];
};
nixosConfigurations.huanan = nixpkgs-unstable.lib.nixosSystem {
nixosConfigurations.huanan = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
stable = import nixpkgs-stable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
};
modules = [
./hosts/generic.nix
./hosts/huanan/configuration.nix
./hosts/huanan/hardware-configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.delta = import ./home/home.nix;
home-manager.extraSpecialArgs = {
inherit inputs;
stable = import nixpkgs-stable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
};
}
];
specialArgs = specialArgs;
modules = [ ./hosts/generic.nix ./hosts/huanan/system.nix ];
};
# devShells = flake-utils.lib.eachDefaultSystem (system: rec {
# pkgs = import nixpkgs {
# inherit system;
# overlays = [ ];
# };
# default = pkgs.mkShell {
# packages = [ ];
# # ...
# };
#});
};
}
}

40
home/gnome.nix
View file

@ -1,40 +0,0 @@
{ inputs, home, config, lib, ... }:
{
dconf = {
enable = true;
settings = {
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/"
];
};
"org/gnome/shell/keybindings" = {
show-screenshot-ui = [ "<Shift><Super>s" ];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "<Alt>Return";
command = "/etc/profiles/per-user/delta/bin/kitty_wrapped";
name = "kitty";
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = {
binding = "<Control><Alt>x";
command = "/etc/profiles/per-user/delta/bin/keepassxc";
name = "keepassxc";
};
"org/gnome/desktop/sound" = {
allow-volume-above-100-percent = true;
};
"org/gnome/mutter" = {
experimental-features = [ "scale-monitor-framebuffer" ];
};
#"org/gnome/mutter" = {
# experimental-features = lib.mkForce [ ];
#};
"org/gnome/settings-daemon/plugins/power".sleep-inactive-battery-timeout =
300;
};
};
}

32
home/home.nix
View file

@ -5,22 +5,38 @@
home.stateVersion = "23.11";
imports = [
./programs
./theme.nix
./gnome.nix
];
services.blueman-applet.enable = true;
services.network-manager-applet.enable = true;
programs.vscode = {
enable = true;
package = pkgs.vscodium;
extensions = with pkgs.vscode-extensions; [
matklad.rust-analyzer
jnoortheen.nix-ide
];
enableUpdateCheck = false;
userSettings = {
"window.titleBarStyle" = "custom";
"nix.enableLanguageServer"= true;
"nix.serverPath" = "${pkgs.nil}/bin/nil";
"nix.serverSettings" = {
nil = {
formatting = {
command = [ "${pkgs.nixfmt}/bin/nixfmt" ];
};
};
};
};
};
programs.git = {
enable = true;
package = pkgs.vscodium;
extensions = with pkgs.vscode-extensions; [
bbenoist.nix
brettm12345.nixfmt-vscode
];
userName = "delta";
userEmail = "delta@example.com";
};
#xdg.desktopEntries = {

25
home/programs/hypr/hyprland-environment.nix
View file

@ -1,25 +0,0 @@
{ config, pkgs, ... }:
{
home = {
sessionVariables = {
#EDITOR = "lvim";
#BROWSER = "librewolf";
#TERMINAL = "kitty";
#GBM_BACKEND= "nvidia-drm";
#__GLX_VENDOR_LIBRARY_NAME= "nvidia";
#LIBVA_DRIVER_NAME= "nvidia"; # hardware acceleration
__GL_VRR_ALLOWED = "1";
#WLR_NO_HARDWARE_CURSORS = "1";
#WLR_RENDERER_ALLOW_SOFTWARE = "1";
CLUTTER_BACKEND = "wayland";
WLR_RENDERER = "vulkan";
XDG_CURRENT_DESKTOP = "Hyprland";
XDG_SESSION_DESKTOP = "Hyprland";
XDG_SESSION_TYPE = "wayland";
MOZ_USE_XINPUT2 = "1";
};
};
}

191
hosts/dlaptop/apps/gnome.nix Normal file
View file

@ -0,0 +1,191 @@
{ pkgs, lib, inputs, ... }: with lib.gvariant;
let
# wallpaper = pkgs.stdenv.mkDerivation {
# name = "wallpaper";
# phases = [ "installPhase" ];
# installPhase = ''
# mkdir -p $out/share/backgrounds
# cp ${../wallpaper.png} $out/share/backgrounds/wallpaper.png
# '';
# };
in
{
#imports = [
# inputs.home-manager.nixosModules.home-manager
#];
nixpkgs.overlays = [
(final: prev: {
gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: {
mutter = gnomePrev.mutter.overrideAttrs (old: {
src = pkgs.fetchgit {
url = "https://gitlab.gnome.org/vanvugt/mutter.git";
# GNOME 45: triple-buffering-v4-45
rev = "0b896518b2028d9c4d6ea44806d093fd33793689";
sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w=";
};
});
});
})
];
programs.dconf.enable = true;
programs.dconf.profiles.user.databases = [
{
settings = {
"org/gnome/mutter" = {
experimental-features = [ "scale-monitor-framebuffer" ];
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/"
];
};
"org/gnome/shell/keybindings" = {
show-screenshot-ui = [ "<Shift><Super>s" ];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "<Alt>Return";
command = "/etc/profiles/per-user/delta/bin/kitty_wrapped";
name = "kitty";
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = {
binding = "<Control><Alt>x";
command = "/etc/profiles/per-user/delta/bin/keepassxc";
name = "keepassxc";
};
"org/gnome/desktop/sound" = {
allow-volume-above-100-percent = true;
};
"org/gnome/desktop/wm/keybindings" = {
# close = mkEmptyArray (type.string);
# switch-input-source = [ "<Shift>Alt_L" ];
# switch-input-source-backward = [ "<Alt>Shift_L" ];
};
"org/gnome/desktop/interface" = {
icon-theme = "Papirus-Dark";
color-scheme = "prefer-dark";
gtk-theme = "adw-gtk3-dark";
};
"org/gnome/shell" = {
favorite-apps = [
"firefox.desktop"
"vesktop.desktop"
"org.telegram.desktop.desktop"
"spotify.desktop"
"kitty.desktop"
"org.gnome.Nautilus.desktop"
];
disable-user-extensions = false;
enabled-extensions = [
"activate-window-by-title@lucaswerkmeister.de"
"appindicatorsupport@rgcjonas.gmail.com"
"clipboard-indicator@tudmotu.com"
"gsconnect@andyholmes.github.io"
"tailscale@joaophi.github.com"
"unite@hardpixel.eu"
"user-theme@gnome-shell-extensions.gcampax.github.com"
"pip-on-top@rafostar.github.com"
"cloudflare-warp-toggle@khaled.is-a.dev"
];
};
"org/gnome/desktop/input-sources" = {
mru-sources = [ (mkTuple [ "xkb" "us" ]) ];
sources = [ (mkTuple [ "xkb" "us" ]) (mkTuple [ "xkb" "ru" ]) ];
xkb-options = [ "terminate:ctrl_alt_bksp" "lv3:switch" "compose:ralt" ];
};
"org/gnome/desktop/screensaver" = {
lock-enabled = true;
};
"org/gnome/desktop/notifications" = {
show-in-lock-screen = false;
};
"org/gnome/desktop/session" = {
idle-delay = mkUint32 0;
};
"org/gnome/shell/extensions/unite" = {
enable-titlebar-actions = true;
extend-left-box = false;
hide-activities-button = "never";
hide-app-menu-icon = false;
notifications-position = "center";
reduce-panel-spacing = true;
restrict-to-primary-screen = false;
show-appmenu-button = true;
show-desktop-name = false;
show-legacy-tray = false;
show-window-buttons = "never";
show-window-title = "never";
};
#"org/gnome/shell/extensions/user-theme" = {
# name = "Mojave-Dark-solid-alt";
#};
"org/gnome/shell/weather" = {
automatic-location = true;
};
#"org/gnome/desktop/background" = {
# picture-uri = "file:///run/current-system/sw/share/backgrounds/wallpaper.png";
# picture-uri-dark = "file:///run/current-system/sw/share/backgrounds/wallpaper.png";
#};
"org/gnome/desktop/peripherals/touchpad" = {
tap-to-click = true;
};
"org/gnome/settings-daemon/plugins/power" = {
sleep-inactive-ac-type = "nothing";
};
"org/gnome/settings-daemon/plugins/power" = {
sleep-inactive-battery-timeout = mkUint32 300;
};
};
}
];
environment.systemPackages = with pkgs; [
gnomeExtensions.appindicator
gnomeExtensions.activate-window-by-title
gnomeExtensions.unite
gnomeExtensions.tailscale-qs
gnomeExtensions.gsconnect
gnomeExtensions.clipboard-indicator
gnomeExtensions.pip-on-top
gnomeExtensions.cloudflare-warp-toggle
gnomeExtensions.tiling-assistant
gnome.gnome-tweaks
mojave-gtk-theme
adw-gtk3
papirus-icon-theme
#wallpaper
];
environment.gnome.excludePackages = with pkgs.gnome; [
pkgs.gnome-text-editor
pkgs.gnome-tour
pkgs.orca
epiphany
geary
gnome-backgrounds
gnome-calendar
gnome-characters
gnome-clocks
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
gnome-weather
simple-scan
sushi
totem
yelp
];
services.gnome = {
gnome-browser-connector.enable = false;
gnome-initial-setup.enable = false;
gnome-online-accounts.enable = false;
};
}

414
hosts/dlaptop/configuration.nix
View file

@ -1,414 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ inputs, stable, unstable, config, pkgs, age, lib, ... }:
{
time.timeZone = "Europe/Moscow";
i18n.defaultLocale = "en_GB.UTF-8";
# i18n.extraLocaleSettings = {
# #LC_TIME = "ru_RU.UTF-8";
# #LC_ALL = "en_GB.UTF-8";
# };
# age.rekey = {
# hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGGL2UD0frl9F2OPBiPlSQqxDsuACbAVgwH24F0KT14L delta@dlaptop";
# #masterIdentities = [ "/home/delta/.ssh/id_ed25519" ];
# masterIdentities = [ "/home/delta/.secrets/key.txt" ];
# storageMode = "local";
# localStorageDir = ../../secrets/rekeyed/${config.networking.hostName};
# };
imports = [
./socks.nix
./apps.nix
./work.nix
./scripts.nix
];
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = [ pkgs.amdvlk ];
extraPackages32 = [ pkgs.driversi686Linux.amdvlk ];
};
nixpkgs.overlays = [
(final: prev: {
gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: {
mutter = gnomePrev.mutter.overrideAttrs (old: {
src = pkgs.fetchgit {
url = "https://gitlab.gnome.org/vanvugt/mutter.git";
# GNOME 45: triple-buffering-v4-45
rev = "0b896518b2028d9c4d6ea44806d093fd33793689";
sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w=";
};
});
});
})
];
environment.sessionVariables = {
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
QT_QPA_PLATFORM = "wayland";
STEAM_FORCE_DESKTOPUI_SCALING = "1";
NIXOS_OZONE_WL = "1";
XCURSOR_SIZE = "16";
};
#services.dnscrypt-proxy2 = {
# enable = true;
# settings = {
# ipv6_servers = true;
# require_dnssec = true;
# server_names = [ "cloudflare" ];
# };
#};
users.groups.no-net = {};
#services.connman.wifi.backend = "iwd";
networking = {
hostName = "dlaptop";
nameservers = [ "100.92.15.128" "fd7a:115c:a1e0::b21c:f80" ];
networkmanager.dns = "none";
networkmanager.enable = true;
#wireless.iwd.enable = true;
#networkmanager.wifi.backend = "iwd";
useDHCP = lib.mkDefault true;
interfaces.wlp1s0.proxyARP = true;
iproute2.enable = true;
firewall = {
enable = true;
allowedTCPPorts = [
# qbittorrent
4780
# audiorelay
59100
# localsend
53317
#syncthing
22000
];
allowedUDPPorts = [
# audiorelay
59100
59200
# localsend
53317
#syncthing
22000
21027
];
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kde connect
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
checkReversePath = "loose";
extraCommands = ''
iptables -A OUTPUT -m owner --gid-owner no-net -j REJECT
'';
};
};
users.groups.cloudflared = { };
users.users.cloudflared = {
group = "cloudflared";
isSystemUser = true;
};
users.groups.socks = { };
services.cloudflared.enable = false;
services.cloudflared.tunnels = {
"dlaptop" = {
default = "http_status:404";
credentialsFile = "/run/secrets/cloudflared";
};
};
systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.Restart = lib.mkForce "on-failure";
systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.RestartSec = lib.mkForce 60;
programs.captive-browser = {
browser = ''firejail --ignore="include whitelist-run-common.inc" --private --profile=chromium ${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/env XDG_CONFIG_HOME="$PREV_CONFIG_HOME" ${pkgs.chromium}/bin/chromium --user-data-dir=''${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive --proxy-server="socks5://$PROXY" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" --no-first-run --new-window --incognito -no-default-browser-check http://cache.nixos.org/' '';
interface = "wlp1s0";
enable = true;
};
security = {
sudo.wheelNeedsPassword = false;
wrappers = {
firejail = {
source = "${pkgs.firejail.out}/bin/firejail";
};
};
pam.loginLimits = [{ #needed for swaylock
domain = "@users";
item = "rtprio";
type = "-";
value = 1;
}];
pam.services.swaylock = { };
rtkit.enable = true;
};
powerManagement.enable = true;
services.power-profiles-daemon.enable = false;
services.tlp = {
enable = true;
settings = {
CPU_SCALING_GOVERNOR_ON_AC = "powersave";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_ENERGY_PERF_POLICY_ON_AC = "balance_performance";
CPU_SCALING_MAX_FREQ_ON_AC = 6600000;
CPU_SCALING_MAX_FREQ_ON_BAT = 1600000;
PLATFORM_PROFILE_ON_AC = "balanced";
PLATFORM_PROFILE_ON_BAT = "low-power";
#Trubo boost control
CPU_BOOST_ON_AC = 1;
CPU_BOOST_ON_BAT = 1;
CPU_HWP_DYN_BOOST_ON_AC = 1;
CPU_HWP_DYN_BOOST_ON_BAT = 1;
#Optional helps save long term battery health
#START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge
#STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging
};
};
services.xserver = {
enable = true;
videoDrivers = [ "modesetting" ];
displayManager = {
gdm.enable = true;
autoLogin = {
enable = false;
user = "delta";
};
};
desktopManager.gnome.enable = true;
layout = "us";
xkbVariant = "";
excludePackages = [ pkgs.xterm ];
};
services.gnome = {
gnome-browser-connector.enable = false;
gnome-initial-setup.enable = false;
gnome-online-accounts.enable = false;
};
services.flatpak.enable = true;
services.printing.enable = true;
services.pipewire = {
enable = true;
wireplumber.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
sound = {
enable = true;
extraConfig = "\n";
};
hardware.pulseaudio.enable = false;
services.tailscale.enable = true;
services.syncthing.enable = true;
services.blueman.enable = true;
services.tumbler.enable = true;
services.gvfs.enable = true;
services.udev.packages = [
pkgs.gnome.gnome-settings-daemon
pkgs.android-udev-rules
pkgs.yubikey-personalization
];
#services.udev.extraRules = ''
# #yubikey autostart
# ENV{ID_VENDOR}=="Yubico", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0010|0111|0112|0113|0114|0115|0116|0401|0402|0403|0404|0405|0406|0407|0410", SYMLINK+="yubikey", TAG+="systemd"
#'';
#systemd.user.services.yubioath = {
# enable = true;
# description = "Autostart Yubico Authenticator";
# after = [ "dev-yubikey.device" ];
# unitConfig = {
# StopPropagatedFrom="dev-yubikey.device"; #comment to not close app after yubi remove
# };
# serviceConfig = {
# Type = "oneshot";
# };
#
# script = "${pkgs.yubioath-flutter}/bin/yubioath-flutter";
#};
programs.thunar.enable = true;
programs.firejail.enable = true;
programs.hyprland.enable = true;
programs.xfconf.enable = true;
programs.dconf.enable = true;
programs.virt-manager.enable = true;
programs.steam.enable = true;
programs.gamemode.enable = true;
programs.thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-hyprland ];
environment = {
gnome.excludePackages = [
#pkgs.gnome-connections
#pkgs.gnome-console
pkgs.gnome-text-editor
pkgs.gnome-tour
#pkgs.gnome.adwaita-icon-theme
pkgs.gnome.epiphany # browser
#pkgs.gnome.evince # pdf + office files
#pkgs.gnome.file-roller #archive explorer
pkgs.gnome.geary
pkgs.gnome.gnome-backgrounds
pkgs.gnome.gnome-calendar
pkgs.gnome.gnome-characters
pkgs.gnome.gnome-clocks
pkgs.gnome.gnome-contacts
pkgs.gnome.gnome-font-viewer
pkgs.gnome.gnome-logs
pkgs.gnome.gnome-maps
pkgs.gnome.gnome-music
#pkgs.gnome.gnome-themes-extra
pkgs.gnome.gnome-weather
#pkgs.gnome.nautilus
pkgs.gnome.simple-scan
pkgs.gnome.sushi
pkgs.gnome.totem
pkgs.gnome.yelp
pkgs.orca
];
};
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
spiceUSBRedirection.enable = true;
libvirtd.enable = true;
};
environment.systemPackages = with pkgs; [
gnomeExtensions.appindicator
gnomeExtensions.activate-window-by-title
gnomeExtensions.unite
gnomeExtensions.tailscale-qs
gnomeExtensions.gsconnect
gnomeExtensions.clipboard-indicator
gnomeExtensions.tiling-assistant
#gnomeExtensions.wintile-windows-10-window-tiling-for-gnome
gnomeExtensions.cloudflare-warp-toggle
gnome.gnome-tweaks
mojave-gtk-theme
adw-gtk3
any-nix-shell
openconnect
oath-toolkit
expect
ffmpegthumbnailer
webp-pixbuf-loader
freetype
poppler
f3d
nufraw-thumbnailer
android-tools
firefox
#firefox_nightly
#inputs.anyrun.packages.${pkgs.system}.anyrun
inputs.telegram-desktop-patched.packages.${pkgs.system}.default
# inputs.ragenix.packages.x86_64-linux.default
sops
yubikey-manager-qt
yubico-piv-tool
yubioath-flutter
yubikey-personalization
yubikey-personalization-gui
(pkgs.writeScriptBin "warp-cli" "${pkgs.cloudflare-warp}/bin/warp-cli $@")
age-plugin-yubikey
];
services.pcscd.enable = true;
#users.users.socks = {
# group = "socks";
# isSystemUser = true;
#};
#users.groups.socks = { };
#systemd.services.singbox-aus = {
# enable = true;
# description = "avoid censorship";
# wantedBy = [ "multi-user.target" ];
# serviceConfig = {
# Restart = "on-failure";
# RestartSec = "15";
# User = "socks";
# Group = "socks";
# };
# script = "sing-box run -c /run/secrets/singbox-aus";
# path = with unstable; [
# shadowsocks-libev
# shadowsocks-v2ray-plugin
# sing-box
# ];
#};
systemd.services.cloudflare-warp = {
enable = true;
description = "cloudflare warp service";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Restart = "on-failure";
RestartSec = "15";
};
script = "${pkgs.cloudflare-warp}/bin/warp-svc";
postStart = ''
while true; do
set -e
status=$(${pkgs.cloudflare-warp}/bin/warp-cli status || true)
set +e
if [[ "$status" != *"Unable to connect to CloudflareWARP daemon"* ]]; then
${pkgs.cloudflare-warp}/bin/warp-cli set-custom-endpoint 162.159.193.1:2408
exit 0
fi
sleep 15
done
'';
};
#config.services.openssh.hostKeys = [ "/home/delta/.ssh/id_ed25519" ];
systemd.services.NetworkManager-wait-online.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}

80
hosts/dlaptop/hardware-configuration.nix
View file

@ -1,80 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ unstable, config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
hardware.firmware = [
(pkgs.runCommandNoCC "subwoofer" { } ''
mkdir -p $out/lib/firmware/
cp ${../../firmware/TAS2XXX38BB.bin} $out/lib/firmware/TAS2XXX38BB.bin
cp ${../../firmware/TIAS2781RCA4.bin} $out/lib/firmware/TIAS2781RCA4.bin
'')
];
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.extraInstallCommands = ''
patch_slim7_ssdt=$(
${pkgs.coreutils}/bin/cp -f ${
../../firmware/slim7-ssdt
} /boot/EFI/nixos/slim7-ssdt
for file in /boot/loader/entries/nixos-generation-*.conf; do
${pkgs.gnused}/bin/sed -i '0,/^initrd\s/{s/^initrd\s/initrd \/efi\/nixos\/slim7-ssdt\n&/}' "$file"
done
)
'';
boot.kernelParams = [
"rtc_cmos.use_acpi_alarm=1"
"ideapad_laptop.allow_v4_dytc=1"
"amd_pstate=active"
"initcall_blacklist=acpi_cpufreq_init"
"nowatchdog"
"amd_pstate.shared_mem=1"
];
boot.kernelModules = [ "amd-pstate" "acpi_call" "amdgpu" "kvm-amd" ];
boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelPackages = unstable.linuxPackages_zen;
boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call cpupower ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/6b2d5c46-92de-42d0-a272-16b7ef7f30af";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-db81e97a-eb4b-43c5-b128-ef838495fc9a".device =
"/dev/disk/by-uuid/db81e97a-eb4b-43c5-b128-ef838495fc9a";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/6770-34DC";
fsType = "vfat";
};
swapDevices = [{
device = "/var/lib/swapfile";
size = 32 * 1024;
}];
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
#extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl amdvlk ];
#extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

95
hosts/dlaptop/hardware.nix Normal file
View file

@ -0,0 +1,95 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ unstable, config, lib, pkgs, modulesPath, self, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.prepend = lib.mkOrder 0 [ "${pkgs.fetchurl {
url = "https://gitlab.freedesktop.org/drm/amd/uploads/9fe228c7aa403b78c61fb1e29b3b35e3/slim7-ssdt";
sha256 = "sha256-Ef4QTxdjt33OJEPLAPEChvvSIXx3Wd/10RGvLfG5JUs=";
name = "slim7-ssdt";
}}" ];
hardware.firmware = [
(pkgs.runCommandNoCC "subwoofer" { } ''
mkdir -p $out/lib/firmware/
cp ${pkgs.fetchurl {
url = "https://raw.githubusercontent.com/darinpp/yoga-slim-7/main/lib/firmware/TAS2XXX38BB.bin";
sha256 = "sha256-qyZxBlnWEnrgbh0crgFf//pKZMTtCqh+CkA+pUNU/+E=";
name = "TAS2XXX38BB.bin";
}} $out/lib/firmware/TAS2XXX38BB.bin
cp ${pkgs.fetchurl {
url = "https://raw.githubusercontent.com/darinpp/yoga-slim-7/main/lib/firmware/TIAS2781RCA4.bin";
sha256 = "sha256-Zj7mwS8DsBinZ8BYvcySc753Aq/xid7vAeQOH/oir6Q=";
name = "TIAS2781RCA4.bin";
}} $out/lib/firmware/TIAS2781RCA4.bin
'')
];
boot.loader.systemd-boot.enable = true;
boot.kernelParams = [
"rtc_cmos.use_acpi_alarm=1"
"ideapad_laptop.allow_v4_dytc=1"
"amd_pstate=active"
"initcall_blacklist=acpi_cpufreq_init"
"nowatchdog"
"amd_pstate.shared_mem=1"
];
boot.kernelModules = [ "amd-pstate" "acpi_call" "amdgpu" "kvm-amd" "vfat" "nls_cp437" "nls_iso8859-1" ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "vfat" "nls_cp437" "nls_iso8859-1" ];
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot";
boot.initrd.kernelModules = [ ];
boot.kernelPackages = unstable.linuxPackages_zen;
boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call cpupower ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/6b2d5c46-92de-42d0-a272-16b7ef7f30af";
fsType = "ext4";
};
boot.initrd.luks = {
yubikeySupport = true;
devices."cryptroot" = {
device = "/dev/nvme0n1p2";
yubikey = {
slot = 2;
gracePeriod = 7;
keyLength = 64;
saltLength = 16;
twoFactor = false;
storage = {
device = "/dev/nvme0n1p1";
fsType = "vfat";
path = "/crypt-storage/default";
};
};
};
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/6770-34DC";
fsType = "vfat";
};
swapDevices = [{
device = "/var/lib/swapfile";
size = 32 * 1024;
}];
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = [ pkgs.amdvlk ];
extraPackages32 = [ pkgs.driversi686Linux.amdvlk ];
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

61
hosts/dlaptop/services.nix Normal file
View file

@ -0,0 +1,61 @@
{ pkgs, lib, ... }:
{
users.users.delta.packages = [
(pkgs.writeScriptBin "warp-cli" "${pkgs.cloudflare-warp}/bin/warp-cli $@")
];
systemd.services.cloudflare-warp = {
enable = true;
description = "cloudflare warp service";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Restart = "on-failure";
RestartSec = "15";
};
script = "${pkgs.cloudflare-warp}/bin/warp-svc";
postStart = ''
while true; do
set -e
status=$(${pkgs.cloudflare-warp}/bin/warp-cli status || true)
set +e
if [[ "$status" != *"Unable to connect to CloudflareWARP daemon"* ]]; then
${pkgs.cloudflare-warp}/bin/warp-cli set-custom-endpoint 162.159.193.1:2408
exit 0
fi
sleep 15
done
'';
};
users.groups.cloudflared = { };
users.users.cloudflared = {
group = "cloudflared";
isSystemUser = true;
};
services.cloudflared.enable = false;
services.cloudflared.tunnels = {
"dlaptop" = {
default = "http_status:404";
credentialsFile = "/run/secrets/cloudflared";
};
};
services.tailscale.enable = true;
services.syncthing.enable = true;
services.blueman.enable = true;
services.tumbler.enable = true;
services.gvfs.enable = true;
services.flatpak.enable = true;
services.printing.enable = true;
services.pcscd.enable = true;
services.udev.packages = [
pkgs.gnome.gnome-settings-daemon
pkgs.android-udev-rules
pkgs.yubikey-personalization
];
systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.Restart = lib.mkForce "on-failure";
systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.RestartSec = lib.mkForce 60;
}

162
hosts/dlaptop/system.nix Normal file
View file

@ -0,0 +1,162 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs, lib, inputs, self, homeSettings, ... }:
{
imports = [
./hardware.nix
./services.nix
./xorg.nix
"${self}/apps/apps.nix"
"${self}/apps/socks.nix"
"${self}/apps/scripts.nix"
"${self}/apps/work.nix"
inputs.secrets.nixosModules.dlaptop
inputs.home-manager.nixosModules.home-manager homeSettings
];
time.timeZone = "Europe/Moscow";
i18n.defaultLocale = "en_GB.UTF-8";
networking = {
hostName = "dlaptop";
nameservers = [ "100.92.15.128" "fd7a:115c:a1e0::b21c:f80" ];
networkmanager.dns = "none";
networkmanager.enable = true;
useDHCP = lib.mkDefault true;
interfaces.wlp1s0.proxyARP = true;
iproute2.enable = true;
firewall = {
enable = true;
allowedTCPPorts = [
# qbittorrent
4780
# audiorelay
59100
# localsend
53317
#syncthing
22000
];
allowedUDPPorts = [
# audiorelay
59100
59200
# localsend
53317
#syncthing
22000
21027
];
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kde connect
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
checkReversePath = "loose";
};
};
systemd.services.NetworkManager-wait-online.enable = false;
programs.captive-browser = {
browser = ''firejail --ignore="include whitelist-run-common.inc" --private --profile=chromium ${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/env XDG_CONFIG_HOME="$PREV_CONFIG_HOME" ${pkgs.chromium}/bin/chromium --user-data-dir=''${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive --proxy-server="socks5://$PROXY" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" --no-first-run --new-window --incognito -no-default-browser-check http://cache.nixos.org/' '';
interface = "wlp1s0";
enable = true;
};
security = {
sudo.wheelNeedsPassword = false;
pam.loginLimits = [{ #needed for swaylock
domain = "@users";
item = "rtprio";
type = "-";
value = 1;
}];
pam.services.swaylock = { };
};
powerManagement.enable = true;
services.power-profiles-daemon.enable = false;
services.tlp = {
enable = true;
settings = {
CPU_SCALING_GOVERNOR_ON_AC = "powersave";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_ENERGY_PERF_POLICY_ON_AC = "balance_performance";
CPU_SCALING_MAX_FREQ_ON_AC = 6600000;
CPU_SCALING_MAX_FREQ_ON_BAT = 1600000;
PLATFORM_PROFILE_ON_AC = "balanced";
PLATFORM_PROFILE_ON_BAT = "low-power";
#Trubo boost control
CPU_BOOST_ON_AC = 1;
CPU_BOOST_ON_BAT = 1;
CPU_HWP_DYN_BOOST_ON_AC = 1;
CPU_HWP_DYN_BOOST_ON_BAT = 1;
#Optional helps save long term battery health
#START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge
#STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging
};
};
services.pipewire = {
enable = true;
wireplumber.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
sound.enable = true;
hardware.pulseaudio.enable = false;
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
spiceUSBRedirection.enable = true;
libvirtd.enable = true;
};
environment.systemPackages = with pkgs; [
openvpn
any-nix-shell
#work scripts
openconnect
oath-toolkit
expect
# Thunar stuff
ffmpegthumbnailer
webp-pixbuf-loader
freetype
poppler
f3d
nufraw-thumbnail
android-tools
firefox
tor-browser
#inputs.anyrun.packages.${pkgs.system}.anyrun
sops
yubikey-manager-qt
yubico-piv-tool
yubioath-flutter
yubikey-personalization
yubikey-personalization-gui
age-plugin-yubikey
lua5_4
nodejs_21
];
system.stateVersion = "23.11"; # Don't forget the comment
}

34
hosts/dlaptop/xorg.nix Normal file
View file

@ -0,0 +1,34 @@
{ lib, pkgs, self, ... }:
{
imports = [
"${self}/apps/gnome.nix"
];
programs.hyprland.enable = true;
xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-hyprland ];
environment.sessionVariables = {
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
QT_QPA_PLATFORM = "wayland";
STEAM_FORCE_DESKTOPUI_SCALING = "1";
NIXOS_OZONE_WL = "1";
XCURSOR_SIZE = "16";
};
services.xserver = {
enable = true;
videoDrivers = [ "modesetting" ];
displayManager = {
gdm.enable = true;
autoLogin = {
enable = false;
user = "delta";
};
};
desktopManager.gnome.enable = true;
xkb.layout = "us";
xkb.variant = "";
excludePackages = [ pkgs.xterm ];
};
}

22
hosts/generic.nix
View file

@ -57,10 +57,11 @@ in {
fishPlugins.grc
fishPlugins.autopair
fishPlugins.z
#fishPlugins.tide
#fishPlugins.hydro
fishPlugins.tide
fishPlugins.fzf-fish
fishPlugins.sponge
#fishPlugins.async-prompt
fd
fzf
grc
unstable.nh
@ -68,6 +69,7 @@ in {
dnsutils
inetutils
killall
(pkgs.writeScriptBin "reboot" ''read -p "Do you REALLY want to reboot? (y/N) " answer; [[ $answer == [Yy]* ]] && ${pkgs.systemd}/bin/reboot'')
];
programs.command-not-found.enable = false;
@ -82,10 +84,22 @@ in {
set TERM "xterm-256color"
set fish_greeting
#${pkgs.any-nix-shell}/bin/any-nix-shell fish --info-right | source
any-nix-shell fish --info-right | source
any-nix-shell fish --info-right | source
tide configure --auto --style=Lean --prompt_colors='16 colors' --show_time=No --lean_prompt_height='Two lines' --prompt_connection=Disconnected --prompt_spacing=Compact --icons='Few icons' --transient=No
'';
};
users.defaultUserShell = pkgs.fish;
programs.tmux.enable = true;
programs.direnv.enable = true;
programs.firejail.enable = true;
security.wrappers = {
firejail = {
source = "${pkgs.firejail.out}/bin/firejail";
};
};
users.defaultUserShell = pkgs.fish;
security.rtkit.enable = true;
boot.tmp.cleanOnBoot = true;
}

152
hosts/huanan/configuration.nix
View file

@ -1,152 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ inputs, unstable, config, pkgs, ... }:
{
security = {
sudo.wheelNeedsPassword = false;
wrappers = {
firejail = {
source = "${pkgs.firejail.out}/bin/firejail";
};
};
pam.loginLimits = [{
domain = "@users";
item = "rtprio";
type = "-";
value = 1;
}];
#pam.services.swaylock = { };
rtkit.enable = true;
};
programs.thunar.enable = true;
programs.firejail.enable = true;
programs.hyprland.enable = true;
programs.xfconf.enable = true;
programs.dconf.enable = true;
programs.virt-manager.enable = true;
programs.steam.enable = true;
programs.gamemode.enable = true;
programs.thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-hyprland ];
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia = {
modesetting.enable = true;
powerManagement.enable = false;
open = false;
nvidiaSettings = true;
};
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/nvme0n1";
boot.loader.grub.useOSProber = true;
networking.hostName = "huanan";
networking.networkmanager.enable = true;
time.timeZone = "Europe/Moscow";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ALL = "en_US.UTF-8";
};
services.xserver.enable = true;
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
services.xserver.displayManager.gdm.wayland = false;
services.xserver = {
layout = "us";
xkbVariant = "";
};
services.printing.enable = true;
sound.enable = true;
hardware.pulseaudio.enable = false;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
environment.systemPackages = with pkgs; [
gnomeExtensions.appindicator
gnomeExtensions.activate-window-by-title
gnomeExtensions.unite
gnomeExtensions.tailscale-qs
gnomeExtensions.gsconnect
gnomeExtensions.clipboard-indicator
gnomeExtensions.tiling-assistant
#gnomeExtensions.wintile-windows-10-window-tiling-for-gnome
gnomeExtensions.advanced-alttab-window-switcher
gnome.gnome-tweaks
mojave-gtk-theme
adw-gtk3
any-nix-shell
openconnect
oath-toolkit
expect
ffmpegthumbnailer
webp-pixbuf-loader
freetype
poppler
f3d
nufraw-thumbnailer
curl
inputs.telegram-desktop-patched.packages.${pkgs.system}.default
];
environment = {
gnome.excludePackages = [
#pkgs.gnome-connections
#pkgs.gnome-console
pkgs.gnome-text-editor
pkgs.gnome-tour
#pkgs.gnome.adwaita-icon-theme
pkgs.gnome.epiphany # browser
#pkgs.gnome.evince # pdf + office files
#pkgs.gnome.file-roller #archive explorer
pkgs.gnome.geary
pkgs.gnome.gnome-backgrounds
pkgs.gnome.gnome-calendar
pkgs.gnome.gnome-characters
pkgs.gnome.gnome-clocks
pkgs.gnome.gnome-contacts
pkgs.gnome.gnome-font-viewer
pkgs.gnome.gnome-logs
pkgs.gnome.gnome-maps
pkgs.gnome.gnome-music
#pkgs.gnome.gnome-themes-extra
pkgs.gnome.gnome-weather
#pkgs.gnome.nautilus
pkgs.gnome.simple-scan
pkgs.gnome.sushi
pkgs.gnome.totem
pkgs.gnome.yelp
pkgs.orca
];
};
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
spiceUSBRedirection.enable = true;
libvirtd.enable = true;
};
services.openssh.enable = true;
networking.firewall.enable = false;
system.stateVersion = "23.11"; # Did you read the comment?
}

5
hosts/huanan/hardware-configuration.nix → hosts/huanan/hardware.nix
View file

@ -12,7 +12,10 @@
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.kernelPackages = unstable.linuxPackages_zen;
boot.kernelPackages = pkgs.linuxPackages_zen;
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/nvme0n1";
boot.loader.grub.useOSProber = true;
fileSystems."/" =
{ device = "/dev/disk/by-uuid/63db5f65-03bf-455e-ad82-36307c29df79";

53
hosts/huanan/system.nix Normal file
View file

@ -0,0 +1,53 @@
{ lib, pkgs, inputs, self, ... }:
{
imports = [
./hardware.nix
"${self}/apps/gnome.nix"
"${self}/apps/apps.nix"
inputs.home-manager.nixosModules.home-manager
];
time.timeZone = "Europe/Moscow";
i18n.defaultLocale = "en_GB.UTF-8";
services.xserver = {
enable = true;
videoDrivers = [ "nvidia" ];
displayManager = {
gdm = {
enable = true;
wayland = false;
};
};
desktopManager.gnome.enable = true;
xkb.layout = "us";
xkb.variant = "";
excludePackages = [ pkgs.xterm ];
};
hardware.nvidia = {
modesetting.enable = true;
powerManagement.enable = false;
open = false;
nvidiaSettings = true;
};
networking = {
hostName = "huanan";
networkmanager.enable = true;
firewall.enable = false;
};
sound.enable = true;
hardware.pulseaudio.enable = false;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
services.openssh.enable = true;
system.stateVersion = "23.11"; # Did you read the comment?
}

0
hosts/intelnuc/hardware-configuration.nix → hosts/intelnuc/hardware.nix
View file

5
hosts/intelnuc/configuration.nix → hosts/intelnuc/system.nix
View file

@ -1,6 +1,11 @@
{ config, pkgs, inputs,... }:
{
imports = [
./hardware.nix
inputs.secrets.nixosModules.intelnuc
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true;