From 433967847a13f197266c9707cd4d35173713fee1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 12 Feb 2026 09:02:09 +0100 Subject: [PATCH] wip --- README.md | 156 +++---------- nix/base/packages.nix | 38 ---- nix/flake.lock | 8 +- nix/flake.nix | 61 +++--- nix/home/default.nix | 59 +++++ nix/home/packages.nix | 39 ++++ nix/hosts/carpates/configuration.nix | 37 ---- nix/hosts/carpates/home.nix | 27 --- nix/hosts/limgrave/configuration.nix | 71 +----- nix/hosts/limgrave/hardware-configuration.nix | 2 +- nix/hosts/limgrave/packages.nix | 13 +- v2/flake.lock | 66 ++++++ v2/flake.nix | 75 +++++++ v2/home-manager/home.nix | 66 ++++++ v2/modules/home-manager/default.nix | 6 + v2/modules/nixos/default.nix | 6 + v2/nixos/configuration.nix | 206 ++++++++++++++++++ v2/nixos/hardware-configuration.nix | 55 +++++ v2/nixos/packages.nix | 110 ++++++++++ v2/overlays/default.nix | 23 ++ v2/pkgs/default.nix | 5 + v22/flake.lock | 65 ++++++ v22/flake.nix | 75 +++++++ v22/hosts/limgrave/nixos/default.nix | 161 ++++++++++++++ .../limgrave/nixos/hardware-configuration.nix | 82 +++++++ v22/modules/home-manager/default.nix | 0 v22/modules/nixos/default.nix | 0 v22/overlays/default.nix | 0 v22/pkgs/default.nix | 74 +++++++ 29 files changed, 1251 insertions(+), 335 deletions(-) delete mode 100644 nix/base/packages.nix create mode 100644 nix/home/default.nix create mode 100644 nix/home/packages.nix delete mode 100644 nix/hosts/carpates/configuration.nix delete mode 100644 nix/hosts/carpates/home.nix create mode 100644 v2/flake.lock create mode 100644 v2/flake.nix create mode 100644 v2/home-manager/home.nix create mode 100644 v2/modules/home-manager/default.nix create mode 100644 v2/modules/nixos/default.nix create mode 100644 v2/nixos/configuration.nix create mode 100644 v2/nixos/hardware-configuration.nix create mode 100644 v2/nixos/packages.nix create mode 100644 v2/overlays/default.nix create mode 100644 v2/pkgs/default.nix create mode 100644 v22/flake.lock create mode 100644 v22/flake.nix create mode 100644 v22/hosts/limgrave/nixos/default.nix create mode 100644 v22/hosts/limgrave/nixos/hardware-configuration.nix create mode 100644 v22/modules/home-manager/default.nix create mode 100644 v22/modules/nixos/default.nix create mode 100644 v22/overlays/default.nix create mode 100644 v22/pkgs/default.nix diff --git a/README.md b/README.md index 978d712..dbc1284 100644 --- a/README.md +++ b/README.md @@ -2,140 +2,46 @@ This repository contains my dotfiles and a Nix flake that supports multiple hosts (machines) with a shared base and per-host configuration. -- On NixOS: hosts are built via `nixosConfigurations`. -- On non-NixOS (e.g., Ubuntu): hosts are applied via Home Manager using `homeConfigurations`. +## Nix Configuration -## Bootstrap +The Nix configuration is located in the `nix/` directory. It uses a shared Home Manager configuration for all hosts, while allowing host-specific NixOS or package settings. -```shell -pip install pipx ansible -ansible-playbook --ask-become-pass ansible/main.yml -# Then apply dotfiles with dotter -dotter -``` +### Structure -## NixOS: multi-host layout +- `nix/flake.nix`: Entry point, defines hosts and helpers. +- `nix/home/`: Shared Home Manager configuration (packages, shell, GNOME settings). +- `nix/hosts/`: Host-specific NixOS configurations. -- nix/base/packages.nix — packages installed on all hosts -- nix/hosts// - - configuration.nix — host-specific NixOS configuration - - hardware-configuration.nix — generated per-machine - - packages.nix — extra packages for this host -- nix/flake.nix — exposes each host under nixosConfigurations +### Adding New Hosts -Current hosts: -- limgrave — my main system -- carpates — scaffolded/minimal, ready to extend +#### NixOS Hosts +1. Create a directory in `nix/hosts//`. +2. Add `configuration.nix`, `hardware-configuration.nix`, and `packages.nix` there. +3. Add the host to `nixosConfigurations` in `nix/flake.nix`: + ```nix + limgrave = mkNixos "limgrave" [ + nix-snapd.nixosModules.default + autofirma-nix.nixosModules.default + ]; + ``` -## Naming rule (important) -Your machine hostname must match the Nix flake host name. For example: -- networking.hostName = "limgrave" in the host configuration -- The flake exports nixosConfigurations.limgrave -- The system hostname (output of `hostname -s`) is limgrave +#### Non-NixOS Hosts (e.g., Ubuntu) +1. Add the host to `homeConfigurations` in `nix/flake.nix`: + ```nix + "catalin@ubuntu" = mkHome "ubuntu" "catalin" [ ]; + ``` + *Note: `mkHome` takes `hostname`, `username`, and additional modules.* -This allows the upgrade function to pick the right configuration automatically. - -## Build or switch -From repo root: +### Building and Applying +#### NixOS +Run from the root of the repository: ```bash -# Limgrave (current system) -sudo nixos-rebuild switch --flake ./nix#limgrave - -# carpates (on target machine) -sudo nixos-rebuild switch --flake ./nix#carpates -# Or during install: -# nixos-install --flake /nix#carpates +sudo nixos-rebuild switch --flake .#hostname ``` -## Upgrades: nix_upgrade -A convenience Fish function is provided in fish/conf.d/functions.fish: `nix_upgrade`. -It updates flake inputs and rebuilds the system using a host name that matches the machine hostname. - -Usage: -```fish -# Automatic: uses (hostname -s) → must match a host in nix/flake.nix -nix_upgrade - -# Override the host explicitly (useful for recovery or chroots) -nix_upgrade limgrave -``` -What it does: -1) sudo nix flake update --flake /home/catalin/.dotfiles/nix -2) sudo nixos-rebuild switch --flake /home/catalin/.dotfiles/nix# --upgrade - -Safety checks: -- Verifies nix/flake.nix exists -- Verifies the host is declared in nix/flake.nix -- Prints clear error if the hostname doesn’t map to a known host - -Tip: ensure your system hostname matches one of the directories in nix/hosts/ and the entry under nixosConfigurations in nix/flake.nix. - -## Adding a new host -1) Create a directory: nix/hosts// -2) Add configuration files (start by copying limgrave and trimming, or use the minimal example from carpates) -3) Generate hardware config on the new machine: +#### Non-NixOS (Home Manager) +Run from the root of the repository: ```bash -sudo nixos-generate-config -# Move merge the generated hardware-configuration.nix into nix/hosts// -``` -4) Add the host to nix/flake.nix under nixosConfigurations -5) Make sure networking.hostName = "" in the host configuration -6) Build or install: -```bash -sudo nixos-rebuild switch --flake ./nix# -# or during install: -nixos-install --flake /nix# -``` - -## Notes -- Old single-host files nix/configuration.nix and nix/packages.nix are kept for reference but are not used by the flake. You can remove them once comfortable with the new layout. -- limgrave includes nix-snapd and Home Manager; carpates currently includes Home Manager only. - -## Nix on non-NixOS (Ubuntu, etc.) -You can also use this flake on non-NixOS systems (e.g., Ubuntu) via Home Manager. For that path, hosts are defined under `homeConfigurations` in `nix/flake.nix` and typically live next to their NixOS counterparts. In this repo, `carpates` is prepared for non-NixOS via Home Manager. - -- Naming rule: your machine's hostname (output of `hostname -s`) should match the `homeConfigurations.` entry. Example: `carpates`. -- Packages: non-NixOS hosts usually install user-scoped packages via Home Manager, using the shared base set from `nix/base/packages.nix`. - -### Prerequisites -- Install Nix (multi-user is recommended): - ```bash - sh <(curl -L https://nixos.org/nix/install) --daemon - ``` -- Enable flakes (if not already). On non-NixOS, set in `/etc/nix/nix.conf` or `$XDG_CONFIG_HOME/nix/nix.conf`: - ``` - experimental-features = nix-command flakes - ``` -- Install Home Manager (no separate channel needed when using flakes; we can run it via `nix run` or install it on PATH): - ```bash - # Optional, to have `home-manager` on PATH: - nix profile install github:nix-community/home-manager - ``` - -### Apply the configuration (non-NixOS) -From repo root: -```bash -# Use the prepared Home Manager host (example: carpates) -home-manager switch --flake ./nix#carpates -# If `home-manager` is not installed, you can run it via nix: -nix run github:nix-community/home-manager -- switch --flake ./nix#carpates -``` - -### Upgrades (non-NixOS) -`nix_upgrade` also works on non-NixOS: -```fish -# Auto-detects host from (hostname -s) and runs Home Manager switch -nix_upgrade - -# Or override explicitly -nix_upgrade carpates -``` -What it does on non-NixOS: -- `nix flake update --flake /home/catalin/.dotfiles/nix` -- `home-manager switch --flake /home/catalin/.dotfiles/nix#` (or `nix run ... -- switch` if HM is not on PATH) - -### NixOS vs. non-NixOS summary -- NixOS hosts are declared under `nixosConfigurations` and are applied with `nixos-rebuild`. -- non-NixOS hosts are declared under `homeConfigurations` and are applied with `home-manager switch`. -- The `nix_upgrade` function detects the OS and selects the correct path automatically based on the hostname. +home-manager switch --flake ./nix#user@hostname +``` \ No newline at end of file diff --git a/nix/base/packages.nix b/nix/base/packages.nix deleted file mode 100644 index d0c8b68..0000000 --- a/nix/base/packages.nix +++ /dev/null @@ -1,38 +0,0 @@ -pkgs: with pkgs; [ - vim - wget - git - tmux - eza - bat - jq - curl - atuin - leaf - dotter - kubectl - k9s - trashy - krew - pre-commit - devenv - git-cliff - difftastic - unzip - hadolint - docker-compose - delta - bottom - bat - dust - popeye - kubecolor - kubeconform - kube-score - uv - neovim - ncdu - direnv - asciinema - yq -] diff --git a/nix/flake.lock b/nix/flake.lock index 1ff6c22..f652dcf 100644 --- a/nix/flake.lock +++ b/nix/flake.lock @@ -139,16 +139,16 @@ ] }, "locked": { - "lastModified": 1747688870, - "narHash": "sha256-ypL9WAZfmJr5V70jEVzqGjjQzF0uCkz+AFQF7n9NmNc=", + "lastModified": 1763992789, + "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", "owner": "nix-community", "repo": "home-manager", - "rev": "d5f1f641b289553927b3801580598d200a501863", + "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", + "ref": "release-25.05", "repo": "home-manager", "type": "github" } diff --git a/nix/flake.nix b/nix/flake.nix index e350be4..cba9f86 100644 --- a/nix/flake.nix +++ b/nix/flake.nix @@ -12,7 +12,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; home-manager = { - url = "github:nix-community/home-manager/release-24.11"; + url = "github:nix-community/home-manager/release-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; }; @@ -32,38 +32,47 @@ lib = nixpkgs.lib; pkgs-unstable = unstable.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system}; + + mkNixos = host: modules: lib.nixosSystem { + inherit system; + specialArgs = { inherit pkgs-unstable; }; + modules = [ + ./hosts/${host}/configuration.nix + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.catalin = import ./home; + home-manager.extraSpecialArgs = { inherit pkgs-unstable; }; + } + ] ++ modules; + }; + + # Helper for Home Manager configurations (non-NixOS) + mkHome = host: user: modules: home-manager.lib.homeManagerConfiguration { + inherit pkgs; + modules = [ + ./home + { + home.username = user; + home.homeDirectory = "/home/${user}"; + } + ] ++ modules; + extraSpecialArgs = { inherit pkgs-unstable; }; + }; in { nixosConfigurations = { - limgrave = lib.nixosSystem { - inherit system; - specialArgs = { inherit pkgs-unstable; }; - modules = [ - ./hosts/limgrave/configuration.nix - nix-snapd.nixosModules.default - autofirma-nix.nixosModules.default - home-manager.nixosModules.home-manager - ]; - }; - - carpates = lib.nixosSystem { - inherit system; - specialArgs = { inherit pkgs-unstable; }; - modules = [ - ./hosts/carpates/configuration.nix - home-manager.nixosModules.home-manager - ]; - }; + limgrave = mkNixos "limgrave" [ + nix-snapd.nixosModules.default + autofirma-nix.nixosModules.default + ]; }; # Home Manager configurations for non-NixOS hosts (e.g., Ubuntu) homeConfigurations = { - # For non-NixOS usage on a machine named "carpates". - # Run: home-manager switch --flake ./nix#carpates - carpates = home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./hosts/carpates/home.nix ]; - }; + # For non-NixOS usage. Run: home-manager switch --flake ./nix#catalin@ubuntu + "catalin@limgrave" = mkHome "limgrave" "catalin" [ ]; }; }; } diff --git a/nix/home/default.nix b/nix/home/default.nix new file mode 100644 index 0000000..3f26caf --- /dev/null +++ b/nix/home/default.nix @@ -0,0 +1,59 @@ +{ pkgs, ... }: { + imports = [ + ./packages.nix + ]; + + home.stateVersion = "24.11"; + + programs.fish = { + enable = true; + }; + + programs.bash = { + enable = true; + initExtra = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; + + programs.gnome-shell = { + enable = true; + extensions = [{ package = pkgs.gnomeExtensions.gsconnect; }]; + }; + + dconf.settings = { + "org/gnome/shell" = { + disable-user-extensions = false; + enabled-extensions = with pkgs.gnomeExtensions; [ + gsconnect.extensionUuid + user-themes.extensionUuid + caffeine.extensionUuid + colosseum.extensionUuid + dash-to-dock.extensionUuid + clipboard-indicator.extensionUuid + emoji-copy.extensionUuid + bluetooth-battery-meter.extensionUuid + ]; + }; + }; + + home.packages = with pkgs; [ + gnomeExtensions.user-themes + gnomeExtensions.caffeine + gnomeExtensions.colosseum + gnomeExtensions.dash-to-dock + gnomeExtensions.clipboard-indicator + gnomeExtensions.emoji-copy + gnomeExtensions.gsconnect + gnomeExtensions.bluetooth-battery-meter + gnome-tweaks + catppuccin-gtk + catppuccin-cursors + catppuccin-papirus-folders + catppuccin-grub + ]; +} diff --git a/nix/home/packages.nix b/nix/home/packages.nix new file mode 100644 index 0000000..586edce --- /dev/null +++ b/nix/home/packages.nix @@ -0,0 +1,39 @@ +{ pkgs, ... }: { + home.packages = with pkgs; [ + vim + wget + git + tmux + eza + bat + jq + curl + atuin + leaf + dotter + kubectl + k9s + trashy + krew + pre-commit + devenv + git-cliff + difftastic + unzip + hadolint + docker-compose + delta + bottom + dust + popeye + kubecolor + kubeconform + kube-score + uv + neovim + ncdu + direnv + asciinema + yq + ]; +} diff --git a/nix/hosts/carpates/configuration.nix b/nix/hosts/carpates/configuration.nix deleted file mode 100644 index daf1cd7..0000000 --- a/nix/hosts/carpates/configuration.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, pkgs, pkgs-unstable, ... }: -{ - imports = [ - ./hardware-configuration.nix - ]; - - # Basic system metadata - networking.hostName = "carpates"; - time.timeZone = "Europe/Madrid"; - i18n.defaultLocale = "en_US.UTF-8"; - - # Nix settings - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - nixpkgs.config = { - allowUnfree = true; - allowBroken = false; - }; - - # Users - users.users.catalin = { - isNormalUser = true; - description = "catalin"; - shell = pkgs.fish; - extraGroups = [ "networkmanager" "wheel" ]; - }; - - # Minimal services - networking.networkmanager.enable = true; - services.openssh.enable = true; - - # Base CLI set only (shared across hosts) - environment.systemPackages = import ../../base/packages.nix pkgs; - - programs.fish.enable = true; - - system.stateVersion = "24.11"; -} diff --git a/nix/hosts/carpates/home.nix b/nix/hosts/carpates/home.nix deleted file mode 100644 index 14099f0..0000000 --- a/nix/hosts/carpates/home.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, pkgs, ... }: -{ - # Home Manager configuration for non-NixOS usage on host "carpates". - # Apply with: - # home-manager switch --flake ./nix#carpates - - home.username = "catalin"; - home.homeDirectory = "/home/catalin"; - - # Use the same base CLI set as all hosts - home.packages = import ../../base/packages.nix pkgs; - - programs.fish.enable = true; - - # Example: some common quality-of-life programs - programs.git = { - enable = true; - userName = "catalin"; - userEmail = ""; # set if desired - }; - - # Make sure HM itself can manage its state - programs.home-manager.enable = true; - - # Set the HM release; doesn't have to match NixOS release - home.stateVersion = "24.11"; -} diff --git a/nix/hosts/limgrave/configuration.nix b/nix/hosts/limgrave/configuration.nix index 4b0920a..5241659 100644 --- a/nix/hosts/limgrave/configuration.nix +++ b/nix/hosts/limgrave/configuration.nix @@ -40,47 +40,6 @@ allowedUDPPortRanges = allowedTCPPortRanges; }; - home-manager.users.catalin = { - programs.gnome-shell = { - enable = true; - extensions = [{ package = pkgs.gnomeExtensions.gsconnect; }]; - }; - dconf = { - enable = true; - settings."org/gnome/shell" = { - disable-user-extensions = false; - enabled-extensions = with pkgs.gnomeExtensions; [ - gsconnect.extensionUuid - user-themes.extensionUuid - caffeine.extensionUuid - colosseum.extensionUuid - dash-to-dock.extensionUuid - clipboard-indicator.extensionUuid - emoji-copy.extensionUuid - bluetooth-battery-meter.extensionUuid - ]; - }; - }; - home = { - stateVersion = "24.11"; - enableNixpkgsReleaseCheck = false; - packages = with pkgs; [ - gnomeExtensions.user-themes - gnomeExtensions.caffeine - gnomeExtensions.colosseum - gnomeExtensions.dash-to-dock - gnomeExtensions.clipboard-indicator - gnomeExtensions.emoji-copy - gnomeExtensions.gsconnect - gnomeExtensions.bluetooth-battery-meter - gnome-tweaks - catppuccin-gtk - catppuccin-cursors - catppuccin-papirus-folders - catppuccin-grub - ]; - }; - }; services.xserver = { enable = true; @@ -122,41 +81,15 @@ enable = true; firefoxIntegration.enable = true; }; - programs.dnieremote = { - enable = true; - jumpIntro = "no"; - wifiPort = 9501; - usbPort = 9501; - openFirewall = false; - }; - programs.configuradorfnmt = { - enable = true; - firefoxIntegration.enable = true; - }; - # Configure Firefox PKCS#11 modules for DNIe and OpenSC - programs.firefox.policies = { - SecurityDevices = { - "OpenSC PKCS#11" = "${pkgs.opensc}/lib/opensc-pkcs11.so"; - "DNIeRemote" = "${config.programs.dnieremote.finalPackage}/lib/libdnieremotepkcs11.so"; - }; - }; + nixpkgs.config.allowUnfree = true; services.flatpak.enable = true; programs.nix-ld.enable = true; # Merge base packages with host-specific packages - environment.systemPackages = (import ../../base/packages.nix pkgs) ++ (import ./packages.nix pkgs); + environment.systemPackages = import ./packages.nix pkgs; programs = { - bash = { - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - ''; - }; fish.enable = true; steam = { enable = true; diff --git a/nix/hosts/limgrave/hardware-configuration.nix b/nix/hosts/limgrave/hardware-configuration.nix index 7013bdc..de095d4 100644 --- a/nix/hosts/limgrave/hardware-configuration.nix +++ b/nix/hosts/limgrave/hardware-configuration.nix @@ -77,6 +77,6 @@ # networking.interfaces.docker0.useDHCP = lib.mkDefault true; # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + nixpkgs.hostPlatform = "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/nix/hosts/limgrave/packages.nix b/nix/hosts/limgrave/packages.nix index ede77dd..91d7b21 100644 --- a/nix/hosts/limgrave/packages.nix +++ b/nix/hosts/limgrave/packages.nix @@ -2,7 +2,6 @@ pkgs: with pkgs; [ kitty steam steam-run - vesktop python311 protonup-qt jellyfin-media-player @@ -14,7 +13,7 @@ pkgs: with pkgs; [ fishPlugins.done fishPlugins.colored-man-pages lutris - telegram-desktop + ayugram-desktop restic bitwarden pre-commit @@ -66,12 +65,10 @@ pkgs: with pkgs; [ appimage-run coder xcolor - signal-desktop element-desktop - pavucontrol samrewritten - audacity - mullvad-browser - mullvad-vpn - limo + protontricks + nmap + terragrunt + discord ] diff --git a/v2/flake.lock b/v2/flake.lock new file mode 100644 index 0000000..0e09121 --- /dev/null +++ b/v2/flake.lock @@ -0,0 +1,66 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1770770419, + "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1714076141, + "narHash": "sha256-Drmja/f5MRHZCskS6mvzFqxEaZMeciScCTFxWVLqWEY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "7bb2ccd8cdc44c91edba16c48d2c8f331fb3d856", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/v2/flake.nix b/v2/flake.nix new file mode 100644 index 0000000..84e8294 --- /dev/null +++ b/v2/flake.nix @@ -0,0 +1,75 @@ +{ + description = "Your new nix config"; + + inputs = { + # Nixpkgs + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; + # You can access packages and modules from different nixpkgs revs + # at the same time. Here's an working example: + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + # Also see the 'unstable-packages' overlay at 'overlays/default.nix'. + + # Home manager + home-manager.url = "github:nix-community/home-manager/release-25.11"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = { + self, + nixpkgs, + home-manager, + ... + } @ inputs: let + # Supported systems for your flake packages, shell, etc. + systems = [ + "x86_64-linux" + ]; + # This is a function that generates an attribute by calling a function you + # pass to it, with each system as an argument + forAllSystems = nixpkgs.lib.genAttrs systems; + in { + # Your custom packages + # Accessible through 'nix build', 'nix shell', etc + packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system}); + # Formatter for your nix files, available through 'nix fmt' + # Other options beside 'alejandra' include 'nixpkgs-fmt' + formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); + + # Your custom packages and modifications, exported as overlays + overlays = import ./overlays {inherit inputs;}; + # Reusable nixos modules you might want to export + # These are usually stuff you would upstream into nixpkgs + nixosModules = import ./modules/nixos; + # Reusable home-manager modules you might want to export + # These are usually stuff you would upstream into home-manager + homeManagerModules = import ./modules/home-manager; + + # NixOS configuration entrypoint + # Available through 'nixos-rebuild --flake .#your-hostname' + nixosConfigurations = { + # FIXME replace with your hostname + limgrave = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs;}; + modules = [ + # > Our main nixos configuration file < + ./nixos/configuration.nix + ]; + }; + }; + + # Standalone home-manager configuration entrypoint + # Available through 'home-manager --flake .#your-username@your-hostname' + homeConfigurations = { + # FIXME replace with your username@hostname + "catalin@limgrave" = home-manager.lib.homeManagerConfiguration { + # Home-manager requires 'pkgs' instance + pkgs = nixpkgs.legacyPackages.x86_64-linux; # FIXME replace x86_64-linux with your architecure + extraSpecialArgs = {inherit inputs;}; + modules = [ + # > Our main home-manager configuration file < + ./home-manager/home.nix + ]; + }; + }; + }; +} diff --git a/v2/home-manager/home.nix b/v2/home-manager/home.nix new file mode 100644 index 0000000..9030601 --- /dev/null +++ b/v2/home-manager/home.nix @@ -0,0 +1,66 @@ +# This is your home-manager configuration file +# Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix) +{ + inputs, + lib, + config, + pkgs, + ... +}: { + # You can import other home-manager modules here + imports = [ + # If you want to use modules your own flake exports (from modules/home-manager): + # inputs.self.homeManagerModules.example + + # Or modules exported from other flakes (such as nix-colors): + # inputs.nix-colors.homeManagerModules.default + + # You can also split up your configuration and import pieces of it here: + # ./nvim.nix + ]; + + nixpkgs = { + # You can add overlays here + overlays = [ + # Add overlays your own flake exports (from overlays and pkgs dir): + inputs.self.overlays.additions + inputs.self.overlays.modifications + inputs.self.overlays.unstable-packages + + # You can also add overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; + + # TODO: Set your username + home = { + username = "your-username"; + homeDirectory = "/home/your-username"; + }; + + # Add stuff for your user as you see fit: + # programs.neovim.enable = true; + # home.packages = with pkgs; [ steam ]; + + # Enable home-manager and git + programs.home-manager.enable = true; + programs.git.enable = true; + + # Nicely reload system units when changing configs + systemd.user.startServices = "sd-switch"; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + home.stateVersion = "23.05"; +} diff --git a/v2/modules/home-manager/default.nix b/v2/modules/home-manager/default.nix new file mode 100644 index 0000000..45aae31 --- /dev/null +++ b/v2/modules/home-manager/default.nix @@ -0,0 +1,6 @@ +# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module). +# These should be stuff you would like to share with others, not your personal configurations. +{ + # List your module files here + # my-module = import ./my-module.nix; +} diff --git a/v2/modules/nixos/default.nix b/v2/modules/nixos/default.nix new file mode 100644 index 0000000..8605069 --- /dev/null +++ b/v2/modules/nixos/default.nix @@ -0,0 +1,6 @@ +# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module). +# These should be stuff you would like to share with others, not your personal configurations. +{ + # List your module files here + # my-module = import ./my-module.nix; +} diff --git a/v2/nixos/configuration.nix b/v2/nixos/configuration.nix new file mode 100644 index 0000000..3f44965 --- /dev/null +++ b/v2/nixos/configuration.nix @@ -0,0 +1,206 @@ +# This is your system's configuration file. +# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix) +{ + inputs, + lib, + config, + pkgs, + ... +}: { + # You can import other NixOS modules here + imports = [ + # If you want to use modules your own flake exports (from modules/nixos): + # inputs.self.nixosModules.example + + # Or modules from other flakes (such as nixos-hardware): + # inputs.hardware.nixosModules.common-cpu-amd + # inputs.hardware.nixosModules.common-ssd + + # You can also split up your configuration and import pieces of it here: + # ./users.nix + + # Import your generated (nixos-generate-config) hardware configuration + ./hardware-configuration.nix + ]; + + nixpkgs = { + # You can add overlays here + overlays = [ + # Add overlays your own flake exports (from overlays and pkgs dir): + inputs.self.overlays.additions + inputs.self.overlays.modifications + inputs.self.overlays.unstable-packages + + # You can also add overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; + + nix = let + flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs; + in { + settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + # Opinionated: disable global registry + flake-registry = ""; + download-buffer-size = 524288000; + # Workaround for https://github.com/NixOS/nix/issues/9574 + nix-path = config.nix.nixPath; + }; + # Opinionated: disable channels + channel.enable = false; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 1w"; + }; + # Opinionated: make flake registry and nix path match flake inputs + registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs; + nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs; + extraOptions = '' + trusted-users = root catalin + ''; + }; + + # FIXME: Add the rest of your current configuration + + nixpkgs.config.allowBroken = true; + nixpkgs.config.permittedInsecurePackages = [ "electron-33.4.11" "mono-5.20.1.34" "qtwebengine-5.15.19" ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.supportedFilesystems = [ "ntfs" ]; + + + networking.networkmanager.enable = true; + services.mullvad-vpn.enable = true; + + + environment.sessionVariables.MOZ_ENABLE_WAYLAND = 0; + + time.timeZone = "Europe/Madrid"; + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "es_ES.UTF-8"; + LC_IDENTIFICATION = "es_ES.UTF-8"; + LC_MEASUREMENT = "es_ES.UTF-8"; + LC_MONETARY = "es_ES.UTF-8"; + LC_NAME = "es_ES.UTF-8"; + LC_NUMERIC = "es_ES.UTF-8"; + LC_PAPER = "es_ES.UTF-8"; + LC_TELEPHONE = "es_ES.UTF-8"; + LC_TIME = "es_ES.UTF-8"; + }; + + networking.firewall = rec { + allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; + allowedUDPPortRanges = allowedTCPPortRanges; + }; + + + services.xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + windowManager.openbox.enable = true; + + xkb = { + layout = "us"; + variant = ""; + }; + }; + + services.printing.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + hardware.graphics.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + programs.firefox.enable = true; + programs = { + fish.enable = true; + steam = { + enable = true; + package = pkgs.steam.override { + extraLibraries = p: with p; [ (lib.getLib networkmanager) ]; + }; + }; + }; + + xdg.portal.enable = true; + xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + xdg.portal.config.common.default = "gtk"; + + programs.mtr.enable = true; + programs.dconf.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + systemd.services.flatpak-repo = { + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.flatpak ]; + script = '' + flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo + ''; + }; + + + fonts.packages = with pkgs; [ + atkinson-hyperlegible + ]; + + boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + services.tailscale.enable = true; + virtualisation.docker.enable = true; + networking.nameservers = [ "192.168.1.7" "1.1.1.1" ]; + + + system.autoUpgrade.enable = true; + + environment.systemPackages = import ./packages.nix pkgs; + + networking.hostName = "limgrave"; + + users.users = { + catalin = { + isNormalUser = true; + description = "catalin"; + shell = pkgs.fish; + useDefaultShell = true; + extraGroups = [ "networkmanager" "wheel" "docker" "nas" ]; + packages = with pkgs; [ flatpak ]; + }; + }; + users.groups.nas.gid = 568; + + + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = true; + }; + }; + + system.stateVersion = "24.11"; +} diff --git a/v2/nixos/hardware-configuration.nix b/v2/nixos/hardware-configuration.nix new file mode 100644 index 0000000..907963d --- /dev/null +++ b/v2/nixos/hardware-configuration.nix @@ -0,0 +1,55 @@ + +{ config, lib, pkgs, modulesPath, ... }: + +{ + boot.loader.systemd-boot.enable = true; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/07b5dda3-2fcd-494b-893c-72301d637e9a"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/04FD-A91D"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + + fileSystems."/mnt/zeruel/nas1" = + { device = "zeruel.fuku:/mnt/pool1/nas1"; + fsType = "nfs"; + options = [ "x-systemd.automount" "noauto" ]; + }; + + fileSystems."/mnt/zeruel/dcsi" = + { device = "zeruel.fuku:/mnt/pool1/dcsi"; + fsType = "nfs"; + options = [ "x-systemd.automount" "noauto" ]; + }; + + fileSystems."/mnt/windoze2" = + { device = "/dev/disk/by-uuid/6084BE5384BE2B82"; + fsType = "ntfs-3g"; + options = [ "rw" "uid=1000"]; + }; + fileSystems."/mnt/windoze" = + { device = "/dev/disk/by-uuid/46B01460B01458AF"; + fsType = "ntfs-3g"; + options = [ "rw" "uid=1000"]; + }; + swapDevices = + [ { device = "/dev/disk/by-uuid/03ecd98d-013f-4476-b43a-bcae0bc1de67"; } + ]; + + networking.useDHCP = lib.mkDefault true; + + # Set your system kind (needed for flakes) + nixpkgs.hostPlatform = "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/v2/nixos/packages.nix b/v2/nixos/packages.nix new file mode 100644 index 0000000..fa1c4bb --- /dev/null +++ b/v2/nixos/packages.nix @@ -0,0 +1,110 @@ +pkgs: with pkgs; [ + vim + wget + git + tmux + eza + bat + jq + curl + atuin + leaf + dotter + kubectl + k9s + trashy + krew + pre-commit + devenv + git-cliff + difftastic + unzip + hadolint + docker-compose + delta + bottom + dust + popeye + kubecolor + kubeconform + kube-score + uv + neovim + ncdu + direnv + asciinema + yq + + kitty + steam + steam-run + python311 + protonup-qt + jellyfin-media-player + spotify + adwaita-icon-theme + fishPlugins.z + fishPlugins.tide + fishPlugins.transient-fish + fishPlugins.done + fishPlugins.colored-man-pages + lutris + ayugram-desktop + restic + bitwarden-desktop + pre-commit + cargo + inconsolata + google-chrome + yt-dlp + mpv + gnumake + stremio + kubernetes-helm + opentofu + kubeseal + openssl + xclip + resticprofile + gnupg + awscli2 + kor + exiftool + jetbrains-toolbox + chiaki-ng + gnome-themes-extra + tela-circle-icon-theme + hmcl + rose-pine-gtk-theme + rose-pine-icon-theme + rose-pine-cursor + vlc + unrar-wrapper + atkinson-hyperlegible + libreoffice-qt + hunspell + hunspellDicts.es_ES + hunspellDicts.en_US + sqlite-interactive + ffmpeg + filezilla + lrcget + picard + gimp + yq + qbittorrent + p7zip + ansible + k3sup + gamemode + lm_sensors + appimage-run + coder + xcolor + element-desktop + samrewritten + protontricks + nmap + terragrunt + discord +] diff --git a/v2/overlays/default.nix b/v2/overlays/default.nix new file mode 100644 index 0000000..7bfcb4c --- /dev/null +++ b/v2/overlays/default.nix @@ -0,0 +1,23 @@ +# This file defines overlays +{inputs, ...}: { + # This one brings our custom packages from the 'pkgs' directory + additions = final: _prev: import ../pkgs final.pkgs; + + # This one contains whatever you want to overlay + # You can change versions, add patches, set compilation flags, anything really. + # https://nixos.wiki/wiki/Overlays + modifications = final: prev: { + # example = prev.example.overrideAttrs (oldAttrs: rec { + # ... + # }); + }; + + # When applied, the unstable nixpkgs set (declared in the flake inputs) will + # be accessible through 'pkgs.unstable' + unstable-packages = final: _prev: { + unstable = import inputs.nixpkgs-unstable { + system = final.system; + config.allowUnfree = true; + }; + }; +} diff --git a/v2/pkgs/default.nix b/v2/pkgs/default.nix new file mode 100644 index 0000000..3d9e23c --- /dev/null +++ b/v2/pkgs/default.nix @@ -0,0 +1,5 @@ +# Custom packages, that can be defined similarly to ones from nixpkgs +# You can build them using 'nix build .#example' +pkgs: { + # example = pkgs.callPackage ./example { }; +} diff --git a/v22/flake.lock b/v22/flake.lock new file mode 100644 index 0000000..79c38b5 --- /dev/null +++ b/v22/flake.lock @@ -0,0 +1,65 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1763992789, + "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1767313136, + "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "systems": "systems" + } + }, + "systems": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/v22/flake.nix b/v22/flake.nix new file mode 100644 index 0000000..985ed84 --- /dev/null +++ b/v22/flake.nix @@ -0,0 +1,75 @@ +{ + description = "My NixOS configuration"; + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; + #unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + #nix-snapd.url = "github:nix-community/nix-snapd"; + #nix-snapd.inputs.nixpkgs.follows = "nixpkgs"; + systems.url = "github:nix-systems/default-linux"; + #autofirma-nix = { + # url = "github:nix-community/autofirma-nix/release-25.05"; + # inputs.nixpkgs.follows = "nixpkgs"; + #}; + home-manager = { + url = "github:nix-community/home-manager/release-25.05"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + nixConfig = { + extra-substituters = [ + "https://nix-community.cachix.org" + ]; + como cuando experimenta extra-trusted-public-keys = [ + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; + outputs = { + self, + nixpkgs, + systems, + home-manager, + } @ inputs: let + inherit (self) outputs; + lib = nixpkgs.lib // home-manager.lib; + forEachSystem = f: lib.genAttrs (import systems) (system: f pkgsFor.${system}); + pkgsFor = lib.genAttrs (import systems) ( + system: + import nixpkgs { + inherit system; + config.allowUnfree = true; + } + ); + in { + inherit lib; + + #nixosModules = import ./modules/nixos; + #homeManagerModules = import ./modules/home-manager; + #overlays = import ./overlays {inherit inputs;}; + + packages = forEachSystem (pkgs: import ./pkgs {inherit pkgs;}); + + # NixOS configuration entrypoint + # Available through 'nixos-rebuild --flake .#your-hostname' + nixosConfigurations = { + limgrave = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs;}; + modules = [ + ./hosts/limgrave/nixos + ]; + }; + }; + + # Standalone home-manager configuration entrypoint + # Available through 'home-manager --flake .#your-username@your-hostname' + homeConfigurations = { + "catalin@limgrave" = home-manager.lib.homeManagerConfiguration { + # Home-manager requires 'pkgs' instance + pkgs = pkgsFor.x86_64-linux; + extraSpecialArgs = {inherit inputs;}; + modules = [ + ./hosts/limgrave/home + ]; + }; + }; + }; +} \ No newline at end of file diff --git a/v22/hosts/limgrave/nixos/default.nix b/v22/hosts/limgrave/nixos/default.nix new file mode 100644 index 0000000..1aa7029 --- /dev/null +++ b/v22/hosts/limgrave/nixos/default.nix @@ -0,0 +1,161 @@ +{ pkgs, inputs, ... }: +{ + imports = [ + ./hardware-configuration.nix + ]; + + nixpkgs.config.allowBroken = true; + nix.settings.download-buffer-size = 524288000; + nixpkgs.config.permittedInsecurePackages = [ "electron-33.4.11" "mono-5.20.1.34" ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.supportedFilesystems = [ "ntfs" ]; + + services.snap.enable = false; + + networking.hostName = "limgrave"; + networking.networkmanager.enable = true; + services.mullvad-vpn.enable = true; + + + environment.sessionVariables.MOZ_ENABLE_WAYLAND = 0; + + time.timeZone = "Europe/Madrid"; + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "es_ES.UTF-8"; + LC_IDENTIFICATION = "es_ES.UTF-8"; + LC_MEASUREMENT = "es_ES.UTF-8"; + LC_MONETARY = "es_ES.UTF-8"; + LC_NAME = "es_ES.UTF-8"; + LC_NUMERIC = "es_ES.UTF-8"; + LC_PAPER = "es_ES.UTF-8"; + LC_TELEPHONE = "es_ES.UTF-8"; + LC_TIME = "es_ES.UTF-8"; + }; + + networking.firewall = rec { + allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; + allowedUDPPortRanges = allowedTCPPortRanges; + }; + + + services.xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + windowManager.openbox.enable = true; + + xkb = { + layout = "us"; + variant = ""; + }; + }; + + services.printing.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + hardware.graphics.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + users.users.catalin = { + isNormalUser = true; + description = "catalin"; + shell = pkgs.fish; + useDefaultShell = true; + extraGroups = [ "networkmanager" "wheel" "docker" "nas" ]; + packages = with pkgs; [ flatpak ]; + }; + users.groups.nas.gid = 568; + + programs.firefox.enable = true; + # Enable smart card service and eID tooling (AutoFirma stack) + services.pcscd.enable = true; + programs.autofirma = { + enable = true; + firefoxIntegration.enable = true; + }; + programs.dnieremote = { + enable = true; + jumpIntro = "no"; + wifiPort = 9501; + usbPort = 9501; + openFirewall = false; + }; + programs.configuradorfnmt = { + enable = true; + firefoxIntegration.enable = true; + }; + # Configure Firefox PKCS#11 modules for DNIe and OpenSC + programs.firefox.policies = { + SecurityDevices = { + "OpenSC PKCS#11" = "${pkgs.opensc}/lib/opensc-pkcs11.so"; + "DNIeRemote" = "${config.programs.dnieremote.finalPackage}/lib/libdnieremotepkcs11.so"; + }; + }; + nixpkgs.config.allowUnfree = true; + services.flatpak.enable = true; + programs.nix-ld.enable = true; + + # Merge base packages with host-specific packages + environment.systemPackages = import ./packages.nix pkgs; + + programs = { + fish.enable = true; + steam = { + enable = true; + package = pkgs.steam.override { + extraLibraries = p: with p; [ (lib.getLib networkmanager) ]; + }; + }; + }; + + xdg.portal.enable = true; + xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + xdg.portal.config.common.default = "gtk"; + + programs.mtr.enable = true; + programs.dconf.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + systemd.services.flatpak-repo = { + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.flatpak ]; + script = '' + flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo + ''; + }; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 1w"; + }; + + fonts.packages = with pkgs; [ + atkinson-hyperlegible + ]; + + boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + services.openssh.enable = true; + services.tailscale.enable = true; + virtualisation.docker.enable = true; + networking.nameservers = [ "192.168.1.7" "1.1.1.1" ]; + + nix.extraOptions = '' + trusted-users = root catalin + ''; + + system.autoUpgrade.enable = true; + system.stateVersion = "24.11"; +} diff --git a/v22/hosts/limgrave/nixos/hardware-configuration.nix b/v22/hosts/limgrave/nixos/hardware-configuration.nix new file mode 100644 index 0000000..7013bdc --- /dev/null +++ b/v22/hosts/limgrave/nixos/hardware-configuration.nix @@ -0,0 +1,82 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/07b5dda3-2fcd-494b-893c-72301d637e9a"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/04FD-A91D"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + +# fileSystems."/snap/acestreamplayer/17" = +# { device = "/var/lib/snapd/snaps/acestreamplayer_17.snap"; +# fsType = "squashfs"; +# options = [ "loop" ]; +# }; +# +# fileSystems."/snap/core22/1722" = +# { device = "/var/lib/snapd/snaps/core22_1722.snap"; +# fsType = "squashfs"; +# options = [ "loop" ]; +# }; +# +# fileSystems."/snap/snapd/23258" = +# { device = "/var/lib/snapd/snaps/snapd_23258.snap"; +# fsType = "squashfs"; +# options = [ "loop" ]; +# }; +# + fileSystems."/mnt/zeruel/nas1" = + { device = "zeruel.fuku:/mnt/pool1/nas1"; + fsType = "nfs"; + options = [ "x-systemd.automount" "noauto" ]; + }; + + fileSystems."/mnt/zeruel/dcsi" = + { device = "zeruel.fuku:/mnt/pool1/dcsi"; + fsType = "nfs"; + options = [ "x-systemd.automount" "noauto" ]; + }; + + fileSystems."/mnt/windoze2" = + { device = "/dev/disk/by-uuid/6084BE5384BE2B82"; + fsType = "ntfs-3g"; + options = [ "rw" "uid=1000"]; + }; + fileSystems."/mnt/windoze" = + { device = "/dev/disk/by-uuid/46B01460B01458AF"; + fsType = "ntfs-3g"; + options = [ "rw" "uid=1000"]; + }; + swapDevices = + [ { device = "/dev/disk/by-uuid/03ecd98d-013f-4476-b43a-bcae0bc1de67"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.br-71a907d8e6fd.useDHCP = lib.mkDefault true; + # networking.interfaces.docker0.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/v22/modules/home-manager/default.nix b/v22/modules/home-manager/default.nix new file mode 100644 index 0000000..e69de29 diff --git a/v22/modules/nixos/default.nix b/v22/modules/nixos/default.nix new file mode 100644 index 0000000..e69de29 diff --git a/v22/overlays/default.nix b/v22/overlays/default.nix new file mode 100644 index 0000000..e69de29 diff --git a/v22/pkgs/default.nix b/v22/pkgs/default.nix new file mode 100644 index 0000000..120834e --- /dev/null +++ b/v22/pkgs/default.nix @@ -0,0 +1,74 @@ +pkgs: with pkgs; [ + kitty + steam + steam-run + python311 + protonup-qt + jellyfin-media-player + spotify + adwaita-icon-theme + fishPlugins.z + fishPlugins.tide + fishPlugins.transient-fish + fishPlugins.done + fishPlugins.colored-man-pages + lutris + ayugram-desktop + restic + bitwarden + pre-commit + cargo + inconsolata + google-chrome + yt-dlp + mpv + gnumake + stremio + kubernetes-helm + opentofu + kubeseal + openssl + xclip + resticprofile + gnupg + awscli2 + kor + exiftool + jetbrains-toolbox + chiaki-ng + gnome-themes-extra + tela-circle-icon-theme + hmcl + rose-pine-gtk-theme + rose-pine-icon-theme + rose-pine-cursor + vlc + unrar-wrapper + atkinson-hyperlegible + libreoffice-qt + hunspell + hunspellDicts.es_ES + hunspellDicts.en_US + sqlite-interactive + ffmpeg + filezilla + lrcget + picard + gimp + yq + qbittorrent + p7zip + ansible + k3sup + gamemode + lm_sensors + appimage-run + coder + xcolor + element-desktop + samrewritten + protontricks + nmap + terragrunt + discord +] \ No newline at end of file