diff --git a/hosts/dlaptop/apps.nix b/apps/apps.nix similarity index 86% rename from hosts/dlaptop/apps.nix rename to apps/apps.nix index d8fc241..4acda9a 100644 --- a/hosts/dlaptop/apps.nix +++ b/apps/apps.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, inputs, stable, ... }: +{ pkgs, lib, inputs, stable, self, ... }: let lock-false = { Value = false; @@ -9,14 +9,13 @@ let Status = "locked"; }; in { - users.users.delta.packages = (with pkgs; [ git chromium wl-clipboard wl-clipboard-x11 - (callPackage ../../derivations/audiorelay.nix { }) - (callPackage ../../derivations/spotify.nix { }) + (callPackage "${self}/derivations/audiorelay.nix" { }) + (callPackage "${self}/derivations/spotify.nix" { }) #(callPackage ../derivations/nu_plugin_dns.nix { }) xorg.xwininfo jq @@ -44,7 +43,9 @@ in { vesktop localsend trayscale - # inputs.firefox.packages.${pkgs.system}.firefox-bin + fishPlugins.done + monero-gui + inputs.telegram-desktop-patched.packages.${pkgs.system}.default ]); programs.firefox = { @@ -115,4 +116,14 @@ in { ]; }; }; + + programs.thunar.enable = true; + programs.xfconf.enable = true; + programs.virt-manager.enable = true; + programs.steam.enable = true; + programs.gamemode.enable = true; + programs.thunar.plugins = with pkgs.xfce; [ + thunar-archive-plugin + thunar-volman + ]; } diff --git a/apps/gnome.nix b/apps/gnome.nix new file mode 100644 index 0000000..5fbb790 --- /dev/null +++ b/apps/gnome.nix @@ -0,0 +1,189 @@ +{ pkgs, lib, inputs, ... }: with lib.gvariant; + +let +# wallpaper = pkgs.stdenv.mkDerivation { +# name = "wallpaper"; +# phases = [ "installPhase" ]; +# installPhase = '' +# mkdir -p $out/share/backgrounds +# cp ${../wallpaper.png} $out/share/backgrounds/wallpaper.png +# ''; +# }; +in +{ + #imports = [ + # inputs.home-manager.nixosModules.home-manager + #]; + + nixpkgs.overlays = [ + (final: prev: { + gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: { + mutter = gnomePrev.mutter.overrideAttrs (old: { + src = pkgs.fetchgit { + url = "https://gitlab.gnome.org/vanvugt/mutter.git"; + # GNOME 45: triple-buffering-v4-45 + rev = "0b896518b2028d9c4d6ea44806d093fd33793689"; + sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w="; + }; + }); + }); + }) + ]; + + programs.dconf.enable = true; + programs.dconf.profiles.user.databases = [ + { + settings = { + "org/gnome/mutter" = { + experimental-features = [ "scale-monitor-framebuffer" ]; + }; + "org/gnome/settings-daemon/plugins/media-keys" = { + custom-keybindings = [ + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/" + ]; + }; + "org/gnome/shell/keybindings" = { + show-screenshot-ui = [ "s" ]; + }; + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { + binding = "Return"; + command = "/etc/profiles/per-user/delta/bin/kitty_wrapped"; + name = "kitty"; + }; + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = { + binding = "x"; + command = "/etc/profiles/per-user/delta/bin/keepassxc"; + name = "keepassxc"; + }; + "org/gnome/desktop/sound" = { + allow-volume-above-100-percent = true; + }; + "org/gnome/desktop/wm/keybindings" = { + # close = mkEmptyArray (type.string); + # switch-input-source = [ "Alt_L" ]; + # switch-input-source-backward = [ "Shift_L" ]; + }; + "org/gnome/desktop/interface" = { + icon-theme = "Papirus-Dark"; + color-scheme = "prefer-dark"; + gtk-theme = "adw-gtk3-dark"; + }; + "org/gnome/shell" = { + favorite-apps = [ + "firefox.desktop" + "vesktop.desktop" + "org.telegram.desktop.desktop" + "spotify.desktop" + "kitty.desktop" + "org.gnome.Nautilus.desktop" + ]; + disable-user-extensions = false; + enabled-extensions = [ + "activate-window-by-title@lucaswerkmeister.de" + "appindicatorsupport@rgcjonas.gmail.com" + "clipboard-indicator@tudmotu.com" + "gsconnect@andyholmes.github.io" + "tailscale@joaophi.github.com" + "unite@hardpixel.eu" + "user-theme@gnome-shell-extensions.gcampax.github.com" + "pip-on-top@rafostar.github.com" + "cloudflare-warp-toggle@khaled.is-a.dev" + ]; + }; + "org/gnome/desktop/input-sources" = { + mru-sources = [ (mkTuple [ "xkb" "us" ]) ]; + sources = [ (mkTuple [ "xkb" "us" ]) (mkTuple [ "xkb" "ru" ]) ]; + xkb-options = [ "terminate:ctrl_alt_bksp" "lv3:switch" "compose:ralt" ]; + }; + "org/gnome/desktop/screensaver" = { + lock-enabled = true; + }; + "org/gnome/desktop/notifications" = { + show-in-lock-screen = false; + }; + "org/gnome/desktop/session" = { + idle-delay = mkUint32 0; + }; + "org/gnome/shell/extensions/unite" = { + enable-titlebar-actions = true; + extend-left-box = false; + hide-activities-button = "never"; + hide-app-menu-icon = false; + notifications-position = "center"; + reduce-panel-spacing = true; + restrict-to-primary-screen = false; + show-appmenu-button = true; + show-desktop-name = false; + show-legacy-tray = false; + show-window-buttons = "never"; + show-window-title = "never"; + }; + #"org/gnome/shell/extensions/user-theme" = { + # name = "Mojave-Dark-solid-alt"; + #}; + "org/gnome/shell/weather" = { + automatic-location = true; + }; + #"org/gnome/desktop/background" = { + # picture-uri = "file:///run/current-system/sw/share/backgrounds/wallpaper.png"; + # picture-uri-dark = "file:///run/current-system/sw/share/backgrounds/wallpaper.png"; + #}; + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + }; + "org/gnome/settings-daemon/plugins/power" = { + sleep-inactive-ac-type = "nothing"; + }; + "org/gnome/settings-daemon/plugins/power" = { + sleep-inactive-battery-timeout = mkUint32 300; + }; + }; + } + ]; + + environment.systemPackages = with pkgs; [ + gnomeExtensions.appindicator + gnomeExtensions.activate-window-by-title + gnomeExtensions.unite + gnomeExtensions.tailscale-qs + gnomeExtensions.gsconnect + gnomeExtensions.clipboard-indicator + gnomeExtensions.pip-on-top + gnomeExtensions.cloudflare-warp-toggle + gnomeExtensions.tiling-assistant + gnome.gnome-tweaks + mojave-gtk-theme + adw-gtk3 + papirus-icon-theme + #wallpaper + ]; + + environment.gnome.excludePackages = with pkgs.gnome; [ + pkgs.gnome-text-editor + pkgs.gnome-tour + pkgs.orca + epiphany + geary + gnome-backgrounds + gnome-calendar + gnome-characters + gnome-clocks + gnome-contacts + gnome-font-viewer + gnome-logs + gnome-maps + gnome-music + gnome-weather + simple-scan + sushi + totem + yelp + ]; + + services.gnome = { + gnome-browser-connector.enable = false; + gnome-initial-setup.enable = false; + gnome-online-accounts.enable = false; + }; +} \ No newline at end of file diff --git a/hosts/dlaptop/scripts.nix b/apps/scripts.nix similarity index 81% rename from hosts/dlaptop/scripts.nix rename to apps/scripts.nix index 689bb29..23fcba8 100644 --- a/hosts/dlaptop/scripts.nix +++ b/apps/scripts.nix @@ -76,6 +76,7 @@ let keepassxc = pkgs.writeScriptBin "keepassxc" '' #!/usr/bin/env bash ${pkgs.coreutils}/bin/base64 -d ${config.sops.secrets.qqq.path} | ${pkgs.keepassxc}/bin/keepassxc --pw-stdin ~/Dropbox/pswd.kdbx + ${pkgs.glib}/bin/gdbus call --session --dest org.gnome.Shell --object-path /de/lucaswerkmeister/ActivateWindowByTitle --method de.lucaswerkmeister.ActivateWindowByTitle.activateByWmClass 'org.keepassxc.KeePassXC' ''; keepassxcDesktopItem = pkgs.makeDesktopItem { @@ -103,6 +104,7 @@ let ${pkgs.coreutils}/bin/sleep 5 ${pkgs.gtk3}/bin/gtk-launch dropbox.desktop ${pkgs.gtk3}/bin/gtk-launch org.keepassxc.KeePassXC.desktop + gsettings set org.gnome.desktop.interface cursor-size 16 exit 0 ''; @@ -113,14 +115,24 @@ let exec = "/etc/profiles/per-user/delta/bin/autostart"; type = "Application"; }; + + firefoxRussia = pkgs.writeScriptBin "firefox-russia" '' + #!/usr/bin/env bash + firejail --blacklist="/var/run/nscd" --ignore="include whitelist-run-common.inc" --net=$(${pkgs.iproute2}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $5}') --dns=77.88.8.1 firefox --class firefox-russia --name firefox-russia -P russia -no-remote + ''; + + firefoxRussiaDesktopItem = pkgs.makeDesktopItem { + name = "firefox-russia"; + desktopName = "Firefox Russia"; + icon = "firefox-developer-edition"; + exec = "firefox-russia"; + }; in { - users.users.delta.packages = with pkgs; [ - ephemeralbrowser - ephemeralbrowserDesktopItem - keepassxc - keepassxcDesktopItem + users.users.delta.packages = [ kitty_wrapped - autostart - autostartDesktopItem + ephemeralbrowser ephemeralbrowserDesktopItem + keepassxc keepassxcDesktopItem + autostart autostartDesktopItem + firefoxRussia firefoxRussiaDesktopItem ]; } \ No newline at end of file diff --git a/hosts/dlaptop/socks.nix b/apps/socks.nix similarity index 58% rename from hosts/dlaptop/socks.nix rename to apps/socks.nix index dfac602..6e23bb3 100644 --- a/hosts/dlaptop/socks.nix +++ b/apps/socks.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, ... }: +{ pkgs, lib, config, inputs, ... }: let socksBuilder = attrs: { @@ -22,46 +22,57 @@ let script = attrs.script; preStart = "while true; do ip addr show dev novpn1 | grep -q 'inet' && break; sleep 1; done"; - path = with pkgs; [shadowsocks-libev shadowsocks-v2ray-plugin sing-box wireproxy iproute2 ]; + path = with pkgs; [ shadowsocks-libev shadowsocks-v2ray-plugin sing-box wireproxy iproute2 ]; }; }; - # IP of the proxies is 192.168.150.2 + # IP of the proxies is 192.168.150.2 socksed = [ { name = "singbox-aus"; script = "sing-box run -c /run/secrets/singbox-aus"; } # port 4000 - #{ name = "socks-warp"; script = "wireproxy -c /etc/wireguard/warp0.conf"; } # port 3333 + { name = "socks-warp"; script = "wireproxy -c /etc/wireguard/warp0.conf"; } # port 3333 ]; + delete_rules = pkgs.writeScriptBin "delete_rules" '' + #!${pkgs.bash}/bin/bash + default_gateway=$(cat /etc/netns/novpn/default_gateway) + default_interface=$(cat /etc/netns/novpn/default_interface) + + ip rule del fwmark 150 table 150 + ip rule del from 192.168.150.2 table 150 + ip rule del to 192.168.150.2 table 150 + ip route del default via $default_gateway dev $default_interface table 150 + ip route del 192.168.150.2 via 192.168.150.1 dev novpn0 table 150 + iptables -t nat -D POSTROUTING -o "$default_interface" -j MASQUERADE + ''; + start_novpn = pkgs.writeScriptBin "start_novpn" '' #!${pkgs.bash}/bin/bash - configure_rules() { - ip rule del fwmark 100 table 150 - ip rule del from 192.168.150.2 table 150 - ip rule del to 192.168.150.2 table 150 - ip route del default via $default_gateway dev $default_interface table 150 - ip route del 192.168.150.2 via 192.168.150.1 dev novpn0 table 150 - - ip rule add fwmark 100 table 150 + add_rules() { + ip rule add fwmark 150 table 150 ip rule add from 192.168.150.2 table 150 ip rule add to 192.168.150.2 table 150 - ip route add default via $default_gateway dev $default_interface table 150 + ip route add default via $default_gateway dev $default_interface table 150 ip route add 192.168.150.2 via 192.168.150.1 dev novpn0 table 150 + iptables -t nat -A POSTROUTING -o "$default_interface" -j MASQUERADE } - default_gateway=$(ip route | awk '/default/ {print $3}') - default_interface=$(ip route | awk '/default/ {print $5}') + set_gateway() { + default_interface_new=$(ip route | awk '/default/ {print $5}') + default_gateway_new=$(ip route | awk '/default/ {print $3}') - if [[ -z "$default_interface" ]]; then - echo "No default interface" - exit 1 - fi + if [[ ! -z "$default_interface_new" && ! -z "$default_gateway_new" ]]; then + default_interface=$default_interface_new + default_gateway=$default_gateway_new + echo "$default_gateway" > /etc/netns/novpn/default_gateway + echo "$default_interface" > /etc/netns/novpn/default_interface + fi + } mkdir -p /etc/netns/novpn/ echo "nameserver 1.1.1.1" > /etc/netns/novpn/resolv.conf echo "nameserver 1.1.0.1" >> /etc/netns/novpn/resolv.conf sysctl -wq net.ipv4.ip_forward=1 - iptables -t nat -A POSTROUTING -o "$default_interface" -j MASQUERADE ip link add novpn0 type veth peer name novpn1 ip link set novpn1 netns novpn @@ -72,21 +83,20 @@ let ip netns exec novpn ip link set novpn1 up ip netns exec novpn ip route add default via 192.168.150.1 - configure_rules + set_gateway + if [[ -z "$default_interface" ]]; then + echo "No default interface" + exit 1 + fi + add_rules sleep 3 ip monitor route | while read -r event; do case "$event" in 'local '*) - default_interface_new=$(ip route | awk '/default/ {print $5}') - default_gateway_new=$(ip route | awk '/default/ {print $3}') - - if [[ ! -z "$default_interface_new" && ! -z "$default_gateway_new" ]]; then - default_interface=$default_interface_new - default_gateway=$default_gateway_new - fi - - configure_rules + ${delete_rules}/bin/delete_rules + set_gateway + add_rules ;; esac done @@ -94,22 +104,25 @@ let stop_novpn = pkgs.writeScriptBin "stop_novpn" '' #!${pkgs.bash}/bin/bash + ${delete_rules}/bin/delete_rules rm -rf /etc/netns/novpn/ - ip rule del fwmark 100 table 150 - ip rule del from 192.168.150.2 table 150 - ip rule del to 192.168.150.2 table 150 ip link del novpn0 ip netns del novpn - rm -rf /var/run/netns/novpn/ - exit 0 + rm -rf /var/run/netns/novpn/ ''; +in { + users.users.socks = { + group = "socks"; + isSystemUser = true; + }; - novpn = { + users.groups.socks = {}; + systemd.services = builtins.listToAttrs (map socksBuilder socksed) // { novpn = { enable = true; description = "novpn namespace"; after = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; - wants = map (s: "${s.name}.service") socksed; + wants = map (s: "${s.name}.service") socksed ++ [ "network-online.target"]; serviceConfig = { Restart = "on-failure"; @@ -121,20 +134,23 @@ let preStart = "${stop_novpn}/bin/stop_novpn && ip netns add novpn"; path = with pkgs; [ gawk iproute2 iptables sysctl coreutils ]; - }; -in { - users.users.socks = { - group = "socks"; - isSystemUser = true; - }; + };}; - users.groups.socks = {}; - systemd.services = builtins.listToAttrs (map socksBuilder socksed) // { novpn = novpn; }; + users.users.delta.packages = [ + (pkgs.writeScriptBin "nyx" ''sudo -u tor -g tor ${inputs.nixpkgs-2105.legacyPackages."x86_64-linux".nyx}/bin/nyx $@'') + ]; + + services.tor = { + enable = true; + client = { + enable = true; + socksListenAddress = 9063; + }; + settings = { + Socks5Proxy = "192.168.150.2:3333"; + ControlPort = 9051; + CookieAuthentication = true; + }; + }; +} - users.users.delta.packages = [ (pkgs.makeDesktopItem { - name = "firefox-russia"; - desktopName = "Firefox Russia"; - icon = "firefox-developer-edition"; - exec = ''firejail --blacklist="/var/run/nscd" --ignore="include whitelist-run-common.inc" --netns=novpn firefox -P russia -no-remote''; - }) ]; -} \ No newline at end of file diff --git a/hosts/dlaptop/work.nix b/apps/work.nix similarity index 99% rename from hosts/dlaptop/work.nix rename to apps/work.nix index 8c300db..43cfd3c 100644 --- a/hosts/dlaptop/work.nix +++ b/apps/work.nix @@ -308,7 +308,7 @@ let }; in { - users.users.delta.packages = with pkgs; [ + users.users.delta.packages = [ kittyWork kittyWorkDesktopItem firefoxWork diff --git a/firmware/TAS2XXX38BB.bin b/firmware/TAS2XXX38BB.bin deleted file mode 100644 index d729b97..0000000 Binary files a/firmware/TAS2XXX38BB.bin and /dev/null differ diff --git a/firmware/TIAS2781RCA4.bin b/firmware/TIAS2781RCA4.bin deleted file mode 100644 index 481d133..0000000 Binary files a/firmware/TIAS2781RCA4.bin and /dev/null differ diff --git a/firmware/slim7-ssdt b/firmware/slim7-ssdt deleted file mode 100644 index fb3020c..0000000 Binary files a/firmware/slim7-ssdt and /dev/null differ diff --git a/flake.lock b/flake.lock index a8329f3..4e125eb 100644 --- a/flake.lock +++ b/flake.lock @@ -21,61 +21,6 @@ "type": "github" } }, - "cachix": { - "locked": { - "lastModified": 1635350005, - "narHash": "sha256-tAMJnUwfaDEB2aa31jGcu7R7bzGELM9noc91L2PbVjg=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "1c1f5649bb9c1b0d98637c8c365228f57126f361", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-20.09", - "repo": "nixpkgs", - "type": "github" - } - }, - "firefox": { - "inputs": { - "cachix": "cachix", - "flake-compat": "flake-compat", - "lib-aggregate": "lib-aggregate", - "mozilla": "mozilla", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709209504, - "narHash": "sha256-szkYp24Xnxb2nsrHgQY3mVvty/humm+1zGXeZ78uA/k=", - "owner": "nix-community", - "repo": "flake-firefox-nightly", - "rev": "9b78672ec1d66f393a7d7923adbbf7f398473dad", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "flake-firefox-nightly", - "type": "github" - } - }, - "flake-compat": { - "locked": { - "lastModified": 1688025799, - "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", - "owner": "nix-community", - "repo": "flake-compat", - "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -101,24 +46,6 @@ "inputs": { "systems": "systems" }, - "locked": { - "lastModified": 1709126324, - "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "d465f4819400de7c8d874d50b982301f28a84605", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { - "inputs": { - "systems": "systems_2" - }, "locked": { "lastModified": 1710146030, "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", @@ -140,83 +67,48 @@ ] }, "locked": { - "lastModified": 1706981411, - "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=", + "lastModified": 1711133180, + "narHash": "sha256-WJOahf+6115+GMl3wUfURu8fszuNeJLv9qAWFQl3Vmo=", "owner": "nix-community", "repo": "home-manager", - "rev": "652fda4ca6dafeb090943422c34ae9145787af37", + "rev": "1c2c5e4cabba4c43504ef0f8cc3f3dfa284e2dbb", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-23.11", "repo": "home-manager", "type": "github" } }, - "lib-aggregate": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1709208631, - "narHash": "sha256-n+SCii/GQR3zjaZzjhGAjrQQlF+xjaGEjWdpDb4wJ3U=", - "owner": "nix-community", - "repo": "lib-aggregate", - "rev": "1f03ac8dc3a54f68f55d36b5e7fc65afc302a3d7", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "lib-aggregate", - "type": "github" - } - }, - "mozilla": { - "flake": false, - "locked": { - "lastModified": 1704373101, - "narHash": "sha256-+gi59LRWRQmwROrmE1E2b3mtocwueCQqZ60CwLG+gbg=", - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "rev": "9b11a87c0cc54e308fa83aac5b4ee1816d5418a2", - "type": "github" - }, - "original": { - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1709128929, - "narHash": "sha256-GWrv9a+AgGhG4/eI/CyVVIIygia7cEy68Huv3P8oyaw=", + "lastModified": 1710806803, + "narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c8e74c2f83fe12b4e5a8bd1abbc090575b0f7611", + "rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.11", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs-lib": { + "nixpkgs-2105": { "locked": { - "lastModified": 1708821942, - "narHash": "sha256-jd+E1SD59qty65pwqad2mftzkT6vW5nNFWVuvayh4Zw=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "479831ed8b3c9c7b80533999f880c7d0bf6a491b", + "lastModified": 1659914493, + "narHash": "sha256-lkA5X3VNMKirvA+SUzvEhfA7XquWLci+CGi505YFAIs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "022caabb5f2265ad4006c1fa5b1ebe69fb0c3faf", "type": "github" }, "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", + "owner": "NixOS", + "ref": "nixos-21.05", + "repo": "nixpkgs", "type": "github" } }, @@ -319,9 +211,9 @@ "root": { "inputs": { "anyrun": "anyrun", - "firefox": "firefox", "home-manager": "home-manager", "nixpkgs": "nixpkgs", + "nixpkgs-2105": "nixpkgs-2105", "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable", "secrets": "secrets", @@ -334,17 +226,17 @@ "sops-nix": "sops-nix" }, "locked": { - "lastModified": 1711051538, - "narHash": "sha256-/fgXXCdvjvymM/wXivQ09gZI1u/z9Ld79iRg+et08Vo=", + "lastModified": 1711064484, + "narHash": "sha256-v/o2GSHunWVWtLwcVvaakxXaWDazLfs9n1afjb5cXMA=", "ref": "refs/heads/main", - "rev": "1ac61646be7e98fb8a0a2722b37b194bb4c33569", - "revCount": 1, + "rev": "0da88dbba8f7aa71a1692019825912ac377a5d1b", + "revCount": 2, "type": "git", - "url": "ssh://git@github.com/deltathetawastaken/secrets" + "url": "ssh://git@github.com/deltathetawastaken/secrets.git" }, "original": { "type": "git", - "url": "ssh://git@github.com/deltathetawastaken/secrets" + "url": "ssh://git@github.com/deltathetawastaken/secrets.git" } }, "sops-nix": { @@ -381,24 +273,9 @@ "type": "github" } }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "telegram-desktop-patched": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": "nixpkgs_4" }, "locked": { diff --git a/flake.nix b/flake.nix index 2d0a264..00b77af 100644 --- a/flake.nix +++ b/flake.nix @@ -1,28 +1,29 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - home-manager.url = "github:nix-community/home-manager/release-23.11"; + nixpkgs-2105.url = "github:NixOS/nixpkgs/nixos-21.05"; + home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - firefox.url = "github:nix-community/flake-firefox-nightly"; - firefox.inputs.nixpkgs.follows = "nixpkgs"; anyrun.url = "github:Kirottu/anyrun"; anyrun.inputs.nixpkgs.follows = "nixpkgs-unstable"; telegram-desktop-patched.url = "github:shwewo/telegram-desktop-patched"; - secrets.url = "git+ssh://git@github.com/deltathetawastaken/secrets"; - #agenix.url = "github:ryantm/agenix"; - #agenix.inputs.darwin.follows = ""; - #ragenix = { - # url = "github:yaxitech/ragenix"; - # inputs.flake-utils.follows = "flake-utils"; - # inputs.nixpkgs.follows = "nixpkgs"; - #}; + secrets.url = "git+ssh://git@github.com/deltathetawastaken/secrets.git"; }; - outputs = inputs @ { self, nixpkgs, nixpkgs-stable, nixpkgs-unstable, home-manager, firefox, anyrun, ... }: + outputs = inputs @ { self, nixpkgs, home-manager, anyrun, ... }: let pkgs = nixpkgs.legacyPackages."x86_64-linux"; + stable = import inputs.nixpkgs-stable { system = "x86_64-linux"; config = { allowUnfree = true; }; }; + unstable = import inputs.nixpkgs-unstable { system = "x86_64-linux"; config = { allowUnfree = true; }; }; + specialArgs = { inherit inputs self stable unstable homeSettings; }; + homeSettings = { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.delta = import ./home/home.nix; + home-manager.extraSpecialArgs = specialArgs; + }; in { devShells."x86_64-linux".default = pkgs.mkShell { name = "delta"; @@ -32,111 +33,20 @@ pre-commit install &> /dev/null ''; }; - nixosConfigurations.dlaptop = nixpkgs-unstable.lib.nixosSystem { + nixosConfigurations.dlaptop = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - specialArgs = { - inherit inputs; - stable = import nixpkgs-stable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - unstable = import nixpkgs-unstable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - }; - modules = [ - ./hosts/generic.nix - ./hosts/dlaptop/configuration.nix - ./hosts/dlaptop/hardware-configuration.nix - home-manager.nixosModules.home-manager - inputs.secrets.nixosModules.dlaptop - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.delta = import ./home/home.nix; - home-manager.extraSpecialArgs = { - inherit inputs; - stable = import nixpkgs-stable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - unstable = import nixpkgs-unstable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - }; - } - ]; + specialArgs = specialArgs; + modules = [ ./hosts/generic.nix ./hosts/dlaptop/system.nix ]; }; - nixosConfigurations.intelnuc = nixpkgs-unstable.lib.nixosSystem { + nixosConfigurations.intelnuc = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - specialArgs = { - inherit inputs; - stable = import nixpkgs-stable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - unstable = import nixpkgs-unstable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - }; - modules = [ - ./hosts/generic.nix - ./hosts/intelnuc/configuration.nix - ./hosts/intelnuc/hardware-configuration.nix - inputs.secrets.nixosModules.intelnuc - ]; + specialArgs = specialArgs; + modules = [ ./hosts/generic.nix ./hosts/intelnuc/system.nix ]; }; - nixosConfigurations.huanan = nixpkgs-unstable.lib.nixosSystem { + nixosConfigurations.huanan = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - specialArgs = { - inherit inputs; - stable = import nixpkgs-stable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - unstable = import nixpkgs-unstable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - }; - modules = [ - ./hosts/generic.nix - ./hosts/huanan/configuration.nix - ./hosts/huanan/hardware-configuration.nix - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.delta = import ./home/home.nix; - home-manager.extraSpecialArgs = { - inherit inputs; - stable = import nixpkgs-stable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - unstable = import nixpkgs-unstable { - system = "x86_64-linux"; - config = { allowUnfree = true; }; - }; - }; - } - ]; + specialArgs = specialArgs; + modules = [ ./hosts/generic.nix ./hosts/huanan/system.nix ]; }; - - # devShells = flake-utils.lib.eachDefaultSystem (system: rec { - # pkgs = import nixpkgs { - # inherit system; - # overlays = [ ]; - # }; - # default = pkgs.mkShell { - # packages = [ ]; - # # ... - # }; - #}); - - }; -} +} \ No newline at end of file diff --git a/home/gnome.nix b/home/gnome.nix deleted file mode 100644 index 6bcc2bd..0000000 --- a/home/gnome.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ inputs, home, config, lib, ... }: - -{ - - dconf = { - enable = true; - settings = { - "org/gnome/settings-daemon/plugins/media-keys" = { - custom-keybindings = [ - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/" - ]; - }; - "org/gnome/shell/keybindings" = { - show-screenshot-ui = [ "s" ]; - }; - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { - binding = "Return"; - command = "/etc/profiles/per-user/delta/bin/kitty_wrapped"; - name = "kitty"; - }; - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = { - binding = "x"; - command = "/etc/profiles/per-user/delta/bin/keepassxc"; - name = "keepassxc"; - }; - "org/gnome/desktop/sound" = { - allow-volume-above-100-percent = true; - }; - "org/gnome/mutter" = { - experimental-features = [ "scale-monitor-framebuffer" ]; - }; - #"org/gnome/mutter" = { - # experimental-features = lib.mkForce [ ]; - #}; - "org/gnome/settings-daemon/plugins/power".sleep-inactive-battery-timeout = - 300; - }; - }; -} diff --git a/home/home.nix b/home/home.nix index 4b2f245..622ea7e 100644 --- a/home/home.nix +++ b/home/home.nix @@ -5,22 +5,38 @@ home.stateVersion = "23.11"; imports = [ - ./programs ./theme.nix - ./gnome.nix ]; services.blueman-applet.enable = true; services.network-manager-applet.enable = true; - programs.vscode = { + enable = true; + package = pkgs.vscodium; + extensions = with pkgs.vscode-extensions; [ + matklad.rust-analyzer + jnoortheen.nix-ide + ]; + enableUpdateCheck = false; + userSettings = { + "window.titleBarStyle" = "custom"; + "nix.enableLanguageServer"= true; + "nix.serverPath" = "${pkgs.nil}/bin/nil"; + "nix.serverSettings" = { + nil = { + formatting = { + command = [ "${pkgs.nixfmt}/bin/nixfmt" ]; + }; + }; + }; + }; + }; + + programs.git = { enable = true; - package = pkgs.vscodium; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - brettm12345.nixfmt-vscode - ]; + userName = "delta"; + userEmail = "delta@example.com"; }; #xdg.desktopEntries = { diff --git a/home/programs/hypr/hyprland-environment.nix b/home/programs/hypr/hyprland-environment.nix deleted file mode 100644 index 1b2ee3a..0000000 --- a/home/programs/hypr/hyprland-environment.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, pkgs, ... }: - -{ - home = { - sessionVariables = { - #EDITOR = "lvim"; - #BROWSER = "librewolf"; - #TERMINAL = "kitty"; - #GBM_BACKEND= "nvidia-drm"; - #__GLX_VENDOR_LIBRARY_NAME= "nvidia"; - #LIBVA_DRIVER_NAME= "nvidia"; # hardware acceleration - __GL_VRR_ALLOWED = "1"; - #WLR_NO_HARDWARE_CURSORS = "1"; - #WLR_RENDERER_ALLOW_SOFTWARE = "1"; - CLUTTER_BACKEND = "wayland"; - WLR_RENDERER = "vulkan"; - - XDG_CURRENT_DESKTOP = "Hyprland"; - XDG_SESSION_DESKTOP = "Hyprland"; - XDG_SESSION_TYPE = "wayland"; - - MOZ_USE_XINPUT2 = "1"; - }; - }; -} diff --git a/hosts/dlaptop/apps/gnome.nix b/hosts/dlaptop/apps/gnome.nix new file mode 100644 index 0000000..3f76825 --- /dev/null +++ b/hosts/dlaptop/apps/gnome.nix @@ -0,0 +1,191 @@ +{ pkgs, lib, inputs, ... }: with lib.gvariant; + +let +# wallpaper = pkgs.stdenv.mkDerivation { +# name = "wallpaper"; +# phases = [ "installPhase" ]; +# installPhase = '' +# mkdir -p $out/share/backgrounds +# cp ${../wallpaper.png} $out/share/backgrounds/wallpaper.png +# ''; +# }; +in +{ + #imports = [ + # inputs.home-manager.nixosModules.home-manager + #]; + + + + nixpkgs.overlays = [ + (final: prev: { + gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: { + mutter = gnomePrev.mutter.overrideAttrs (old: { + src = pkgs.fetchgit { + url = "https://gitlab.gnome.org/vanvugt/mutter.git"; + # GNOME 45: triple-buffering-v4-45 + rev = "0b896518b2028d9c4d6ea44806d093fd33793689"; + sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w="; + }; + }); + }); + }) + ]; + + programs.dconf.enable = true; + programs.dconf.profiles.user.databases = [ + { + settings = { + "org/gnome/mutter" = { + experimental-features = [ "scale-monitor-framebuffer" ]; + }; + "org/gnome/settings-daemon/plugins/media-keys" = { + custom-keybindings = [ + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/" + ]; + }; + "org/gnome/shell/keybindings" = { + show-screenshot-ui = [ "s" ]; + }; + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { + binding = "Return"; + command = "/etc/profiles/per-user/delta/bin/kitty_wrapped"; + name = "kitty"; + }; + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = { + binding = "x"; + command = "/etc/profiles/per-user/delta/bin/keepassxc"; + name = "keepassxc"; + }; + "org/gnome/desktop/sound" = { + allow-volume-above-100-percent = true; + }; + "org/gnome/desktop/wm/keybindings" = { + # close = mkEmptyArray (type.string); + # switch-input-source = [ "Alt_L" ]; + # switch-input-source-backward = [ "Shift_L" ]; + }; + "org/gnome/desktop/interface" = { + icon-theme = "Papirus-Dark"; + color-scheme = "prefer-dark"; + gtk-theme = "adw-gtk3-dark"; + }; + "org/gnome/shell" = { + favorite-apps = [ + "firefox.desktop" + "vesktop.desktop" + "org.telegram.desktop.desktop" + "spotify.desktop" + "kitty.desktop" + "org.gnome.Nautilus.desktop" + ]; + disable-user-extensions = false; + enabled-extensions = [ + "activate-window-by-title@lucaswerkmeister.de" + "appindicatorsupport@rgcjonas.gmail.com" + "clipboard-indicator@tudmotu.com" + "gsconnect@andyholmes.github.io" + "tailscale@joaophi.github.com" + "unite@hardpixel.eu" + "user-theme@gnome-shell-extensions.gcampax.github.com" + "pip-on-top@rafostar.github.com" + "cloudflare-warp-toggle@khaled.is-a.dev" + ]; + }; + "org/gnome/desktop/input-sources" = { + mru-sources = [ (mkTuple [ "xkb" "us" ]) ]; + sources = [ (mkTuple [ "xkb" "us" ]) (mkTuple [ "xkb" "ru" ]) ]; + xkb-options = [ "terminate:ctrl_alt_bksp" "lv3:switch" "compose:ralt" ]; + }; + "org/gnome/desktop/screensaver" = { + lock-enabled = true; + }; + "org/gnome/desktop/notifications" = { + show-in-lock-screen = false; + }; + "org/gnome/desktop/session" = { + idle-delay = mkUint32 0; + }; + "org/gnome/shell/extensions/unite" = { + enable-titlebar-actions = true; + extend-left-box = false; + hide-activities-button = "never"; + hide-app-menu-icon = false; + notifications-position = "center"; + reduce-panel-spacing = true; + restrict-to-primary-screen = false; + show-appmenu-button = true; + show-desktop-name = false; + show-legacy-tray = false; + show-window-buttons = "never"; + show-window-title = "never"; + }; + #"org/gnome/shell/extensions/user-theme" = { + # name = "Mojave-Dark-solid-alt"; + #}; + "org/gnome/shell/weather" = { + automatic-location = true; + }; + #"org/gnome/desktop/background" = { + # picture-uri = "file:///run/current-system/sw/share/backgrounds/wallpaper.png"; + # picture-uri-dark = "file:///run/current-system/sw/share/backgrounds/wallpaper.png"; + #}; + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + }; + "org/gnome/settings-daemon/plugins/power" = { + sleep-inactive-ac-type = "nothing"; + }; + "org/gnome/settings-daemon/plugins/power" = { + sleep-inactive-battery-timeout = mkUint32 300; + }; + }; + } + ]; + + environment.systemPackages = with pkgs; [ + gnomeExtensions.appindicator + gnomeExtensions.activate-window-by-title + gnomeExtensions.unite + gnomeExtensions.tailscale-qs + gnomeExtensions.gsconnect + gnomeExtensions.clipboard-indicator + gnomeExtensions.pip-on-top + gnomeExtensions.cloudflare-warp-toggle + gnomeExtensions.tiling-assistant + gnome.gnome-tweaks + mojave-gtk-theme + adw-gtk3 + papirus-icon-theme + #wallpaper + ]; + + environment.gnome.excludePackages = with pkgs.gnome; [ + pkgs.gnome-text-editor + pkgs.gnome-tour + pkgs.orca + epiphany + geary + gnome-backgrounds + gnome-calendar + gnome-characters + gnome-clocks + gnome-contacts + gnome-font-viewer + gnome-logs + gnome-maps + gnome-music + gnome-weather + simple-scan + sushi + totem + yelp + ]; + + services.gnome = { + gnome-browser-connector.enable = false; + gnome-initial-setup.enable = false; + gnome-online-accounts.enable = false; + }; +} \ No newline at end of file diff --git a/hosts/dlaptop/configuration.nix b/hosts/dlaptop/configuration.nix deleted file mode 100644 index 3be85fe..0000000 --- a/hosts/dlaptop/configuration.nix +++ /dev/null @@ -1,414 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ inputs, stable, unstable, config, pkgs, age, lib, ... }: - -{ - time.timeZone = "Europe/Moscow"; - i18n.defaultLocale = "en_GB.UTF-8"; - - # i18n.extraLocaleSettings = { - # #LC_TIME = "ru_RU.UTF-8"; - # #LC_ALL = "en_GB.UTF-8"; - # }; - - # age.rekey = { - # hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGGL2UD0frl9F2OPBiPlSQqxDsuACbAVgwH24F0KT14L delta@dlaptop"; - # #masterIdentities = [ "/home/delta/.ssh/id_ed25519" ]; - # masterIdentities = [ "/home/delta/.secrets/key.txt" ]; - # storageMode = "local"; - # localStorageDir = ../../secrets/rekeyed/${config.networking.hostName}; - # }; - - imports = [ - ./socks.nix - ./apps.nix - ./work.nix - ./scripts.nix - ]; - - - - hardware.opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - extraPackages = [ pkgs.amdvlk ]; - extraPackages32 = [ pkgs.driversi686Linux.amdvlk ]; - }; - - nixpkgs.overlays = [ - (final: prev: { - gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: { - mutter = gnomePrev.mutter.overrideAttrs (old: { - src = pkgs.fetchgit { - url = "https://gitlab.gnome.org/vanvugt/mutter.git"; - # GNOME 45: triple-buffering-v4-45 - rev = "0b896518b2028d9c4d6ea44806d093fd33793689"; - sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w="; - }; - }); - }); - }) - ]; - - environment.sessionVariables = { - QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; - QT_QPA_PLATFORM = "wayland"; - STEAM_FORCE_DESKTOPUI_SCALING = "1"; - NIXOS_OZONE_WL = "1"; - XCURSOR_SIZE = "16"; - }; - - #services.dnscrypt-proxy2 = { - # enable = true; - # settings = { - # ipv6_servers = true; - # require_dnssec = true; - # server_names = [ "cloudflare" ]; - # }; - #}; - - users.groups.no-net = {}; - #services.connman.wifi.backend = "iwd"; - networking = { - hostName = "dlaptop"; - nameservers = [ "100.92.15.128" "fd7a:115c:a1e0::b21c:f80" ]; - networkmanager.dns = "none"; - networkmanager.enable = true; - #wireless.iwd.enable = true; - #networkmanager.wifi.backend = "iwd"; - useDHCP = lib.mkDefault true; - interfaces.wlp1s0.proxyARP = true; - iproute2.enable = true; - - firewall = { - enable = true; - allowedTCPPorts = [ - # qbittorrent - 4780 - # audiorelay - 59100 - # localsend - 53317 - #syncthing - 22000 - ]; - allowedUDPPorts = [ - # audiorelay - 59100 - 59200 - # localsend - 53317 - #syncthing - 22000 - 21027 - ]; - allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kde connect - allowedUDPPortRanges = [ { from = 1714; to = 1764; } ]; - checkReversePath = "loose"; - extraCommands = '' - iptables -A OUTPUT -m owner --gid-owner no-net -j REJECT - ''; - }; - }; - - users.groups.cloudflared = { }; - users.users.cloudflared = { - group = "cloudflared"; - isSystemUser = true; - }; - - users.groups.socks = { }; - services.cloudflared.enable = false; - services.cloudflared.tunnels = { - "dlaptop" = { - default = "http_status:404"; - credentialsFile = "/run/secrets/cloudflared"; - }; - }; - - systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.Restart = lib.mkForce "on-failure"; - systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.RestartSec = lib.mkForce 60; - - programs.captive-browser = { - browser = ''firejail --ignore="include whitelist-run-common.inc" --private --profile=chromium ${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/env XDG_CONFIG_HOME="$PREV_CONFIG_HOME" ${pkgs.chromium}/bin/chromium --user-data-dir=''${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive --proxy-server="socks5://$PROXY" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" --no-first-run --new-window --incognito -no-default-browser-check http://cache.nixos.org/' ''; - interface = "wlp1s0"; - enable = true; - }; - - security = { - sudo.wheelNeedsPassword = false; - wrappers = { - firejail = { - source = "${pkgs.firejail.out}/bin/firejail"; - }; - }; - pam.loginLimits = [{ #needed for swaylock - domain = "@users"; - item = "rtprio"; - type = "-"; - value = 1; - }]; - pam.services.swaylock = { }; - rtkit.enable = true; - }; - - powerManagement.enable = true; - services.power-profiles-daemon.enable = false; - services.tlp = { - enable = true; - settings = { - CPU_SCALING_GOVERNOR_ON_AC = "powersave"; - CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; - - CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; - CPU_ENERGY_PERF_POLICY_ON_AC = "balance_performance"; - - CPU_SCALING_MAX_FREQ_ON_AC = 6600000; - CPU_SCALING_MAX_FREQ_ON_BAT = 1600000; - - PLATFORM_PROFILE_ON_AC = "balanced"; - PLATFORM_PROFILE_ON_BAT = "low-power"; - - #Trubo boost control - CPU_BOOST_ON_AC = 1; - CPU_BOOST_ON_BAT = 1; - CPU_HWP_DYN_BOOST_ON_AC = 1; - CPU_HWP_DYN_BOOST_ON_BAT = 1; - - #Optional helps save long term battery health - #START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge - #STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging - - }; - }; - - services.xserver = { - enable = true; - videoDrivers = [ "modesetting" ]; - displayManager = { - gdm.enable = true; - autoLogin = { - enable = false; - user = "delta"; - }; - }; - desktopManager.gnome.enable = true; - layout = "us"; - xkbVariant = ""; - excludePackages = [ pkgs.xterm ]; - }; - - services.gnome = { - gnome-browser-connector.enable = false; - gnome-initial-setup.enable = false; - gnome-online-accounts.enable = false; - }; - - services.flatpak.enable = true; - services.printing.enable = true; - - services.pipewire = { - enable = true; - wireplumber.enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - - sound = { - enable = true; - extraConfig = "\n"; - }; - hardware.pulseaudio.enable = false; - - services.tailscale.enable = true; - services.syncthing.enable = true; - services.blueman.enable = true; - services.tumbler.enable = true; - services.gvfs.enable = true; - services.udev.packages = [ - pkgs.gnome.gnome-settings-daemon - pkgs.android-udev-rules - pkgs.yubikey-personalization - ]; - #services.udev.extraRules = '' - # #yubikey autostart - # ENV{ID_VENDOR}=="Yubico", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0010|0111|0112|0113|0114|0115|0116|0401|0402|0403|0404|0405|0406|0407|0410", SYMLINK+="yubikey", TAG+="systemd" - #''; - #systemd.user.services.yubioath = { - # enable = true; - # description = "Autostart Yubico Authenticator"; - # after = [ "dev-yubikey.device" ]; - # unitConfig = { - # StopPropagatedFrom="dev-yubikey.device"; #comment to not close app after yubi remove - # }; - # serviceConfig = { - # Type = "oneshot"; - # }; - # - # script = "${pkgs.yubioath-flutter}/bin/yubioath-flutter"; - #}; - - - - programs.thunar.enable = true; - programs.firejail.enable = true; - programs.hyprland.enable = true; - programs.xfconf.enable = true; - programs.dconf.enable = true; - programs.virt-manager.enable = true; - programs.steam.enable = true; - programs.gamemode.enable = true; - programs.thunar.plugins = with pkgs.xfce; [ - thunar-archive-plugin - thunar-volman - ]; - - xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-hyprland ]; - - environment = { - gnome.excludePackages = [ - #pkgs.gnome-connections - #pkgs.gnome-console - pkgs.gnome-text-editor - pkgs.gnome-tour - #pkgs.gnome.adwaita-icon-theme - pkgs.gnome.epiphany # browser - #pkgs.gnome.evince # pdf + office files - #pkgs.gnome.file-roller #archive explorer - pkgs.gnome.geary - pkgs.gnome.gnome-backgrounds - pkgs.gnome.gnome-calendar - pkgs.gnome.gnome-characters - pkgs.gnome.gnome-clocks - pkgs.gnome.gnome-contacts - pkgs.gnome.gnome-font-viewer - pkgs.gnome.gnome-logs - pkgs.gnome.gnome-maps - pkgs.gnome.gnome-music - #pkgs.gnome.gnome-themes-extra - pkgs.gnome.gnome-weather - #pkgs.gnome.nautilus - pkgs.gnome.simple-scan - pkgs.gnome.sushi - pkgs.gnome.totem - pkgs.gnome.yelp - pkgs.orca - ]; - }; - - virtualisation = { - podman = { - enable = true; - dockerCompat = true; - }; - spiceUSBRedirection.enable = true; - libvirtd.enable = true; - }; - - environment.systemPackages = with pkgs; [ - gnomeExtensions.appindicator - gnomeExtensions.activate-window-by-title - gnomeExtensions.unite - gnomeExtensions.tailscale-qs - gnomeExtensions.gsconnect - gnomeExtensions.clipboard-indicator - gnomeExtensions.tiling-assistant - #gnomeExtensions.wintile-windows-10-window-tiling-for-gnome - gnomeExtensions.cloudflare-warp-toggle - gnome.gnome-tweaks - - mojave-gtk-theme - adw-gtk3 - any-nix-shell - openconnect - oath-toolkit - expect - ffmpegthumbnailer - webp-pixbuf-loader - freetype - poppler - f3d - nufraw-thumbnailer - android-tools - firefox - #firefox_nightly - #inputs.anyrun.packages.${pkgs.system}.anyrun - inputs.telegram-desktop-patched.packages.${pkgs.system}.default - # inputs.ragenix.packages.x86_64-linux.default - sops - yubikey-manager-qt - yubico-piv-tool - yubioath-flutter - yubikey-personalization - yubikey-personalization-gui - (pkgs.writeScriptBin "warp-cli" "${pkgs.cloudflare-warp}/bin/warp-cli $@") - age-plugin-yubikey - ]; - - services.pcscd.enable = true; - - #users.users.socks = { - # group = "socks"; - # isSystemUser = true; - #}; - #users.groups.socks = { }; - - #systemd.services.singbox-aus = { - # enable = true; - # description = "avoid censorship"; - # wantedBy = [ "multi-user.target" ]; - # serviceConfig = { - # Restart = "on-failure"; - # RestartSec = "15"; - # User = "socks"; - # Group = "socks"; - # }; - # script = "sing-box run -c /run/secrets/singbox-aus"; - # path = with unstable; [ - # shadowsocks-libev - # shadowsocks-v2ray-plugin - # sing-box - # ]; - #}; - - systemd.services.cloudflare-warp = { - enable = true; - description = "cloudflare warp service"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Restart = "on-failure"; - RestartSec = "15"; - }; - script = "${pkgs.cloudflare-warp}/bin/warp-svc"; - - postStart = '' - while true; do - set -e - status=$(${pkgs.cloudflare-warp}/bin/warp-cli status || true) - set +e - if [[ "$status" != *"Unable to connect to CloudflareWARP daemon"* ]]; then - ${pkgs.cloudflare-warp}/bin/warp-cli set-custom-endpoint 162.159.193.1:2408 - exit 0 - fi - sleep 15 - done - ''; - - }; - - #config.services.openssh.hostKeys = [ "/home/delta/.ssh/id_ed25519" ]; - - systemd.services.NetworkManager-wait-online.enable = false; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.11"; # Did you read the comment? -} diff --git a/hosts/dlaptop/hardware-configuration.nix b/hosts/dlaptop/hardware-configuration.nix deleted file mode 100644 index 772e54f..0000000 --- a/hosts/dlaptop/hardware-configuration.nix +++ /dev/null @@ -1,80 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ unstable, config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - hardware.firmware = [ - (pkgs.runCommandNoCC "subwoofer" { } '' - mkdir -p $out/lib/firmware/ - cp ${../../firmware/TAS2XXX38BB.bin} $out/lib/firmware/TAS2XXX38BB.bin - cp ${../../firmware/TIAS2781RCA4.bin} $out/lib/firmware/TIAS2781RCA4.bin - '') - ]; - - boot.loader.systemd-boot.enable = true; - boot.loader.systemd-boot.extraInstallCommands = '' - patch_slim7_ssdt=$( - - ${pkgs.coreutils}/bin/cp -f ${ - ../../firmware/slim7-ssdt - } /boot/EFI/nixos/slim7-ssdt - for file in /boot/loader/entries/nixos-generation-*.conf; do - ${pkgs.gnused}/bin/sed -i '0,/^initrd\s/{s/^initrd\s/initrd \/efi\/nixos\/slim7-ssdt\n&/}' "$file" - done - ) - ''; - boot.kernelParams = [ - "rtc_cmos.use_acpi_alarm=1" - "ideapad_laptop.allow_v4_dytc=1" - "amd_pstate=active" - "initcall_blacklist=acpi_cpufreq_init" - "nowatchdog" - "amd_pstate.shared_mem=1" - ]; - boot.kernelModules = [ "amd-pstate" "acpi_call" "amdgpu" "kvm-amd" ]; - boot.loader.efi.canTouchEfiVariables = true; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelPackages = unstable.linuxPackages_zen; - boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call cpupower ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/6b2d5c46-92de-42d0-a272-16b7ef7f30af"; - fsType = "ext4"; - }; - - boot.initrd.luks.devices."luks-db81e97a-eb4b-43c5-b128-ef838495fc9a".device = - "/dev/disk/by-uuid/db81e97a-eb4b-43c5-b128-ef838495fc9a"; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/6770-34DC"; - fsType = "vfat"; - }; - - swapDevices = [{ - device = "/var/lib/swapfile"; - size = 32 * 1024; - }]; - - hardware.opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - #extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl amdvlk ]; - #extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; - }; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/dlaptop/hardware.nix b/hosts/dlaptop/hardware.nix new file mode 100644 index 0000000..368e556 --- /dev/null +++ b/hosts/dlaptop/hardware.nix @@ -0,0 +1,95 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ unstable, config, lib, pkgs, modulesPath, self, ... }: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.prepend = lib.mkOrder 0 [ "${pkgs.fetchurl { + url = "https://gitlab.freedesktop.org/drm/amd/uploads/9fe228c7aa403b78c61fb1e29b3b35e3/slim7-ssdt"; + sha256 = "sha256-Ef4QTxdjt33OJEPLAPEChvvSIXx3Wd/10RGvLfG5JUs="; + name = "slim7-ssdt"; + }}" ]; + + hardware.firmware = [ + (pkgs.runCommandNoCC "subwoofer" { } '' + mkdir -p $out/lib/firmware/ + cp ${pkgs.fetchurl { + url = "https://raw.githubusercontent.com/darinpp/yoga-slim-7/main/lib/firmware/TAS2XXX38BB.bin"; + sha256 = "sha256-qyZxBlnWEnrgbh0crgFf//pKZMTtCqh+CkA+pUNU/+E="; + name = "TAS2XXX38BB.bin"; + }} $out/lib/firmware/TAS2XXX38BB.bin + cp ${pkgs.fetchurl { + url = "https://raw.githubusercontent.com/darinpp/yoga-slim-7/main/lib/firmware/TIAS2781RCA4.bin"; + sha256 = "sha256-Zj7mwS8DsBinZ8BYvcySc753Aq/xid7vAeQOH/oir6Q="; + name = "TIAS2781RCA4.bin"; + }} $out/lib/firmware/TIAS2781RCA4.bin + '') + ]; + + boot.loader.systemd-boot.enable = true; + + boot.kernelParams = [ + "rtc_cmos.use_acpi_alarm=1" + "ideapad_laptop.allow_v4_dytc=1" + "amd_pstate=active" + "initcall_blacklist=acpi_cpufreq_init" + "nowatchdog" + "amd_pstate.shared_mem=1" + ]; + + boot.kernelModules = [ "amd-pstate" "acpi_call" "amdgpu" "kvm-amd" "vfat" "nls_cp437" "nls_iso8859-1" ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "vfat" "nls_cp437" "nls_iso8859-1" ]; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot"; + boot.initrd.kernelModules = [ ]; + boot.kernelPackages = unstable.linuxPackages_zen; + boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call cpupower ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/6b2d5c46-92de-42d0-a272-16b7ef7f30af"; + fsType = "ext4"; + }; + + boot.initrd.luks = { + yubikeySupport = true; + devices."cryptroot" = { + device = "/dev/nvme0n1p2"; + yubikey = { + slot = 2; + gracePeriod = 7; + keyLength = 64; + saltLength = 16; + twoFactor = false; + storage = { + device = "/dev/nvme0n1p1"; + fsType = "vfat"; + path = "/crypt-storage/default"; + }; + }; + }; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/6770-34DC"; + fsType = "vfat"; + }; + + swapDevices = [{ + device = "/var/lib/swapfile"; + size = 32 * 1024; + }]; + + hardware.opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; + extraPackages = [ pkgs.amdvlk ]; + extraPackages32 = [ pkgs.driversi686Linux.amdvlk ]; + }; + + networking.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/dlaptop/services.nix b/hosts/dlaptop/services.nix new file mode 100644 index 0000000..ee5f46b --- /dev/null +++ b/hosts/dlaptop/services.nix @@ -0,0 +1,61 @@ +{ pkgs, lib, ... }: +{ + users.users.delta.packages = [ + (pkgs.writeScriptBin "warp-cli" "${pkgs.cloudflare-warp}/bin/warp-cli $@") + ]; + + systemd.services.cloudflare-warp = { + enable = true; + description = "cloudflare warp service"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Restart = "on-failure"; + RestartSec = "15"; + }; + script = "${pkgs.cloudflare-warp}/bin/warp-svc"; + + postStart = '' + while true; do + set -e + status=$(${pkgs.cloudflare-warp}/bin/warp-cli status || true) + set +e + if [[ "$status" != *"Unable to connect to CloudflareWARP daemon"* ]]; then + ${pkgs.cloudflare-warp}/bin/warp-cli set-custom-endpoint 162.159.193.1:2408 + exit 0 + fi + sleep 15 + done + ''; + }; + + users.groups.cloudflared = { }; + users.users.cloudflared = { + group = "cloudflared"; + isSystemUser = true; + }; + + services.cloudflared.enable = false; + services.cloudflared.tunnels = { + "dlaptop" = { + default = "http_status:404"; + credentialsFile = "/run/secrets/cloudflared"; + }; + }; + + services.tailscale.enable = true; + services.syncthing.enable = true; + services.blueman.enable = true; + services.tumbler.enable = true; + services.gvfs.enable = true; + services.flatpak.enable = true; + services.printing.enable = true; + services.pcscd.enable = true; + services.udev.packages = [ + pkgs.gnome.gnome-settings-daemon + pkgs.android-udev-rules + pkgs.yubikey-personalization + ]; + + systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.Restart = lib.mkForce "on-failure"; + systemd.services.cloudflared-tunnel-dlaptop.serviceConfig.RestartSec = lib.mkForce 60; +} \ No newline at end of file diff --git a/hosts/dlaptop/system.nix b/hosts/dlaptop/system.nix new file mode 100644 index 0000000..ac44ef5 --- /dev/null +++ b/hosts/dlaptop/system.nix @@ -0,0 +1,162 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ pkgs, lib, inputs, self, homeSettings, ... }: + +{ + imports = [ + ./hardware.nix + ./services.nix + ./xorg.nix + "${self}/apps/apps.nix" + "${self}/apps/socks.nix" + "${self}/apps/scripts.nix" + "${self}/apps/work.nix" + inputs.secrets.nixosModules.dlaptop + inputs.home-manager.nixosModules.home-manager homeSettings + ]; + + time.timeZone = "Europe/Moscow"; + i18n.defaultLocale = "en_GB.UTF-8"; + + networking = { + hostName = "dlaptop"; + nameservers = [ "100.92.15.128" "fd7a:115c:a1e0::b21c:f80" ]; + networkmanager.dns = "none"; + networkmanager.enable = true; + useDHCP = lib.mkDefault true; + interfaces.wlp1s0.proxyARP = true; + iproute2.enable = true; + + firewall = { + enable = true; + allowedTCPPorts = [ + # qbittorrent + 4780 + # audiorelay + 59100 + # localsend + 53317 + #syncthing + 22000 + ]; + allowedUDPPorts = [ + # audiorelay + 59100 + 59200 + # localsend + 53317 + #syncthing + 22000 + 21027 + ]; + allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kde connect + allowedUDPPortRanges = [ { from = 1714; to = 1764; } ]; + checkReversePath = "loose"; + }; + }; + + systemd.services.NetworkManager-wait-online.enable = false; + + programs.captive-browser = { + browser = ''firejail --ignore="include whitelist-run-common.inc" --private --profile=chromium ${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/env XDG_CONFIG_HOME="$PREV_CONFIG_HOME" ${pkgs.chromium}/bin/chromium --user-data-dir=''${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive --proxy-server="socks5://$PROXY" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" --no-first-run --new-window --incognito -no-default-browser-check http://cache.nixos.org/' ''; + interface = "wlp1s0"; + enable = true; + }; + + security = { + sudo.wheelNeedsPassword = false; + pam.loginLimits = [{ #needed for swaylock + domain = "@users"; + item = "rtprio"; + type = "-"; + value = 1; + }]; + pam.services.swaylock = { }; + }; + + powerManagement.enable = true; + services.power-profiles-daemon.enable = false; + services.tlp = { + enable = true; + settings = { + CPU_SCALING_GOVERNOR_ON_AC = "powersave"; + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + + CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; + CPU_ENERGY_PERF_POLICY_ON_AC = "balance_performance"; + + CPU_SCALING_MAX_FREQ_ON_AC = 6600000; + CPU_SCALING_MAX_FREQ_ON_BAT = 1600000; + + PLATFORM_PROFILE_ON_AC = "balanced"; + PLATFORM_PROFILE_ON_BAT = "low-power"; + + #Trubo boost control + CPU_BOOST_ON_AC = 1; + CPU_BOOST_ON_BAT = 1; + CPU_HWP_DYN_BOOST_ON_AC = 1; + CPU_HWP_DYN_BOOST_ON_BAT = 1; + + #Optional helps save long term battery health + #START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge + #STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging + + }; + }; + + services.pipewire = { + enable = true; + wireplumber.enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + sound.enable = true; + hardware.pulseaudio.enable = false; + + virtualisation = { + podman = { + enable = true; + dockerCompat = true; + }; + spiceUSBRedirection.enable = true; + libvirtd.enable = true; + }; + + environment.systemPackages = with pkgs; [ + openvpn + any-nix-shell + + #work scripts + openconnect + oath-toolkit + expect + + # Thunar stuff + ffmpegthumbnailer + webp-pixbuf-loader + freetype + poppler + f3d + nufraw-thumbnail + + android-tools + firefox + tor-browser + #inputs.anyrun.packages.${pkgs.system}.anyrun + sops + yubikey-manager-qt + yubico-piv-tool + yubioath-flutter + yubikey-personalization + yubikey-personalization-gui + age-plugin-yubikey + lua5_4 + nodejs_21 + ]; + + system.stateVersion = "23.11"; # Don't forget the comment +} \ No newline at end of file diff --git a/hosts/dlaptop/xorg.nix b/hosts/dlaptop/xorg.nix new file mode 100644 index 0000000..b255ae3 --- /dev/null +++ b/hosts/dlaptop/xorg.nix @@ -0,0 +1,34 @@ +{ lib, pkgs, self, ... }: + +{ + imports = [ + "${self}/apps/gnome.nix" + ]; + + programs.hyprland.enable = true; + xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-hyprland ]; + + environment.sessionVariables = { + QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; + QT_QPA_PLATFORM = "wayland"; + STEAM_FORCE_DESKTOPUI_SCALING = "1"; + NIXOS_OZONE_WL = "1"; + XCURSOR_SIZE = "16"; + }; + + services.xserver = { + enable = true; + videoDrivers = [ "modesetting" ]; + displayManager = { + gdm.enable = true; + autoLogin = { + enable = false; + user = "delta"; + }; + }; + desktopManager.gnome.enable = true; + xkb.layout = "us"; + xkb.variant = ""; + excludePackages = [ pkgs.xterm ]; + }; +} \ No newline at end of file diff --git a/hosts/generic.nix b/hosts/generic.nix index 864edcc..de01a83 100644 --- a/hosts/generic.nix +++ b/hosts/generic.nix @@ -57,10 +57,11 @@ in { fishPlugins.grc fishPlugins.autopair fishPlugins.z - #fishPlugins.tide - #fishPlugins.hydro + fishPlugins.tide fishPlugins.fzf-fish fishPlugins.sponge + #fishPlugins.async-prompt + fd fzf grc unstable.nh @@ -68,6 +69,7 @@ in { dnsutils inetutils killall + (pkgs.writeScriptBin "reboot" ''read -p "Do you REALLY want to reboot? (y/N) " answer; [[ $answer == [Yy]* ]] && ${pkgs.systemd}/bin/reboot'') ]; programs.command-not-found.enable = false; @@ -82,10 +84,22 @@ in { set TERM "xterm-256color" set fish_greeting #${pkgs.any-nix-shell}/bin/any-nix-shell fish --info-right | source - any-nix-shell fish --info-right | source + any-nix-shell fish --info-right | source + tide configure --auto --style=Lean --prompt_colors='16 colors' --show_time=No --lean_prompt_height='Two lines' --prompt_connection=Disconnected --prompt_spacing=Compact --icons='Few icons' --transient=No ''; }; - users.defaultUserShell = pkgs.fish; + programs.tmux.enable = true; programs.direnv.enable = true; + programs.firejail.enable = true; + + security.wrappers = { + firejail = { + source = "${pkgs.firejail.out}/bin/firejail"; + }; + }; + + users.defaultUserShell = pkgs.fish; + security.rtkit.enable = true; + boot.tmp.cleanOnBoot = true; } diff --git a/hosts/huanan/configuration.nix b/hosts/huanan/configuration.nix deleted file mode 100644 index 6de02c0..0000000 --- a/hosts/huanan/configuration.nix +++ /dev/null @@ -1,152 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ inputs, unstable, config, pkgs, ... }: - -{ - security = { - sudo.wheelNeedsPassword = false; - wrappers = { - firejail = { - source = "${pkgs.firejail.out}/bin/firejail"; - }; - }; - pam.loginLimits = [{ - domain = "@users"; - item = "rtprio"; - type = "-"; - value = 1; - }]; - #pam.services.swaylock = { }; - rtkit.enable = true; - }; - - programs.thunar.enable = true; - programs.firejail.enable = true; - programs.hyprland.enable = true; - programs.xfconf.enable = true; - programs.dconf.enable = true; - programs.virt-manager.enable = true; - programs.steam.enable = true; - programs.gamemode.enable = true; - programs.thunar.plugins = with pkgs.xfce; [ - thunar-archive-plugin - thunar-volman - ]; - - xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-hyprland ]; - services.xserver.videoDrivers = ["nvidia"]; - - hardware.nvidia = { - modesetting.enable = true; - powerManagement.enable = false; - open = false; - nvidiaSettings = true; - }; - - boot.loader.grub.enable = true; - boot.loader.grub.device = "/dev/nvme0n1"; - boot.loader.grub.useOSProber = true; - - networking.hostName = "huanan"; - networking.networkmanager.enable = true; - time.timeZone = "Europe/Moscow"; - - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ALL = "en_US.UTF-8"; - }; - - services.xserver.enable = true; - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - services.xserver.displayManager.gdm.wayland = false; - - services.xserver = { - layout = "us"; - xkbVariant = ""; - }; - - services.printing.enable = true; - sound.enable = true; - hardware.pulseaudio.enable = false; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - - environment.systemPackages = with pkgs; [ - gnomeExtensions.appindicator - gnomeExtensions.activate-window-by-title - gnomeExtensions.unite - gnomeExtensions.tailscale-qs - gnomeExtensions.gsconnect - gnomeExtensions.clipboard-indicator - gnomeExtensions.tiling-assistant - #gnomeExtensions.wintile-windows-10-window-tiling-for-gnome - gnomeExtensions.advanced-alttab-window-switcher - gnome.gnome-tweaks - mojave-gtk-theme - adw-gtk3 - any-nix-shell - openconnect - oath-toolkit - expect - ffmpegthumbnailer - webp-pixbuf-loader - freetype - poppler - f3d - nufraw-thumbnailer - curl - inputs.telegram-desktop-patched.packages.${pkgs.system}.default - ]; - - environment = { - gnome.excludePackages = [ - #pkgs.gnome-connections - #pkgs.gnome-console - pkgs.gnome-text-editor - pkgs.gnome-tour - #pkgs.gnome.adwaita-icon-theme - pkgs.gnome.epiphany # browser - #pkgs.gnome.evince # pdf + office files - #pkgs.gnome.file-roller #archive explorer - pkgs.gnome.geary - pkgs.gnome.gnome-backgrounds - pkgs.gnome.gnome-calendar - pkgs.gnome.gnome-characters - pkgs.gnome.gnome-clocks - pkgs.gnome.gnome-contacts - pkgs.gnome.gnome-font-viewer - pkgs.gnome.gnome-logs - pkgs.gnome.gnome-maps - pkgs.gnome.gnome-music - #pkgs.gnome.gnome-themes-extra - pkgs.gnome.gnome-weather - #pkgs.gnome.nautilus - pkgs.gnome.simple-scan - pkgs.gnome.sushi - pkgs.gnome.totem - pkgs.gnome.yelp - pkgs.orca - ]; - }; - - virtualisation = { - podman = { - enable = true; - dockerCompat = true; - }; - spiceUSBRedirection.enable = true; - libvirtd.enable = true; - }; - - services.openssh.enable = true; - networking.firewall.enable = false; - system.stateVersion = "23.11"; # Did you read the comment? -} \ No newline at end of file diff --git a/hosts/huanan/hardware-configuration.nix b/hosts/huanan/hardware.nix similarity index 84% rename from hosts/huanan/hardware-configuration.nix rename to hosts/huanan/hardware.nix index ede448c..bfac058 100644 --- a/hosts/huanan/hardware-configuration.nix +++ b/hosts/huanan/hardware.nix @@ -12,7 +12,10 @@ boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - boot.kernelPackages = unstable.linuxPackages_zen; + boot.kernelPackages = pkgs.linuxPackages_zen; + boot.loader.grub.enable = true; + boot.loader.grub.device = "/dev/nvme0n1"; + boot.loader.grub.useOSProber = true; fileSystems."/" = { device = "/dev/disk/by-uuid/63db5f65-03bf-455e-ad82-36307c29df79"; diff --git a/hosts/huanan/system.nix b/hosts/huanan/system.nix new file mode 100644 index 0000000..183bac0 --- /dev/null +++ b/hosts/huanan/system.nix @@ -0,0 +1,53 @@ +{ lib, pkgs, inputs, self, ... }: + +{ + imports = [ + ./hardware.nix + "${self}/apps/gnome.nix" + "${self}/apps/apps.nix" + inputs.home-manager.nixosModules.home-manager + ]; + + time.timeZone = "Europe/Moscow"; + i18n.defaultLocale = "en_GB.UTF-8"; + + services.xserver = { + enable = true; + videoDrivers = [ "nvidia" ]; + displayManager = { + gdm = { + enable = true; + wayland = false; + }; + }; + desktopManager.gnome.enable = true; + xkb.layout = "us"; + xkb.variant = ""; + excludePackages = [ pkgs.xterm ]; + }; + + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = false; + open = false; + nvidiaSettings = true; + }; + + networking = { + hostName = "huanan"; + networkmanager.enable = true; + firewall.enable = false; + }; + + sound.enable = true; + hardware.pulseaudio.enable = false; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + services.openssh.enable = true; + system.stateVersion = "23.11"; # Did you read the comment? +} \ No newline at end of file diff --git a/hosts/intelnuc/hardware-configuration.nix b/hosts/intelnuc/hardware.nix similarity index 100% rename from hosts/intelnuc/hardware-configuration.nix rename to hosts/intelnuc/hardware.nix diff --git a/hosts/intelnuc/configuration.nix b/hosts/intelnuc/system.nix similarity index 97% rename from hosts/intelnuc/configuration.nix rename to hosts/intelnuc/system.nix index e36e864..09123ce 100644 --- a/hosts/intelnuc/configuration.nix +++ b/hosts/intelnuc/system.nix @@ -1,6 +1,11 @@ { config, pkgs, inputs,... }: { + imports = [ + ./hardware.nix + inputs.secrets.nixosModules.intelnuc + ]; + boot.loader.grub.enable = true; boot.loader.grub.device = "/dev/sda"; boot.loader.grub.useOSProber = true;