catalin/dotfiles
1
0
Fork 0
Code Activity

wip

Browse source
This commit is contained in:
cătălin 2026-02-12 09:02:09 +01:00
commit 433967847a
No known key found for this signature in database
29 changed files with 1251 additions and 335 deletions
Download patch file Download diff file Expand all files Collapse all files

158
README.md
View file

@ -2,140 +2,46 @@
This repository contains my dotfiles and a Nix flake that supports multiple hosts (machines) with a shared base and per-host configuration.
- On NixOS: hosts are built via `nixosConfigurations`.
- On non-NixOS (e.g., Ubuntu): hosts are applied via Home Manager using `homeConfigurations`.
## Nix Configuration
## Bootstrap
The Nix configuration is located in the `nix/` directory. It uses a shared Home Manager configuration for all hosts, while allowing host-specific NixOS or package settings.
```shell
pip install pipx ansible
ansible-playbook --ask-become-pass ansible/main.yml
# Then apply dotfiles with dotter
dotter
```
### Structure
## NixOS: multi-host layout
- `nix/flake.nix`: Entry point, defines hosts and helpers.
- `nix/home/`: Shared Home Manager configuration (packages, shell, GNOME settings).
- `nix/hosts/`: Host-specific NixOS configurations.
- nix/base/packages.nix — packages installed on all hosts
- nix/hosts/<host>/
- configuration.nix — host-specific NixOS configuration
- hardware-configuration.nix — generated per-machine
- packages.nix — extra packages for this host
- nix/flake.nix — exposes each host under nixosConfigurations
### Adding New Hosts
Current hosts:
- limgrave — my main system
- carpates — scaffolded/minimal, ready to extend
## Naming rule (important)
Your machine hostname must match the Nix flake host name. For example:
- networking.hostName = "limgrave" in the host configuration
- The flake exports nixosConfigurations.limgrave
- The system hostname (output of `hostname -s`) is limgrave
This allows the upgrade function to pick the right configuration automatically.
## Build or switch
From repo root:
```bash
# Limgrave (current system)
sudo nixos-rebuild switch --flake ./nix#limgrave
# carpates (on target machine)
sudo nixos-rebuild switch --flake ./nix#carpates
# Or during install:
# nixos-install --flake <repo-path>/nix#carpates
```
## Upgrades: nix_upgrade
A convenience Fish function is provided in fish/conf.d/functions.fish: `nix_upgrade`.
It updates flake inputs and rebuilds the system using a host name that matches the machine hostname.
Usage:
```fish
# Automatic: uses (hostname -s) → must match a host in nix/flake.nix
nix_upgrade
# Override the host explicitly (useful for recovery or chroots)
nix_upgrade limgrave
```
What it does:
1) sudo nix flake update --flake /home/catalin/.dotfiles/nix
2) sudo nixos-rebuild switch --flake /home/catalin/.dotfiles/nix#<host> --upgrade
Safety checks:
- Verifies nix/flake.nix exists
- Verifies the host is declared in nix/flake.nix
- Prints clear error if the hostname doesnt map to a known host
Tip: ensure your system hostname matches one of the directories in nix/hosts/ and the entry under nixosConfigurations in nix/flake.nix.
## Adding a new host
1) Create a directory: nix/hosts/<newhost>/
2) Add configuration files (start by copying limgrave and trimming, or use the minimal example from carpates)
3) Generate hardware config on the new machine:
```bash
sudo nixos-generate-config
# Move merge the generated hardware-configuration.nix into nix/hosts/<newhost>/
```
4) Add the host to nix/flake.nix under nixosConfigurations
5) Make sure networking.hostName = "<newhost>" in the host configuration
6) Build or install:
```bash
sudo nixos-rebuild switch --flake ./nix#<newhost>
# or during install:
nixos-install --flake <repo-path>/nix#<newhost>
```
## Notes
- Old single-host files nix/configuration.nix and nix/packages.nix are kept for reference but are not used by the flake. You can remove them once comfortable with the new layout.
- limgrave includes nix-snapd and Home Manager; carpates currently includes Home Manager only.
## Nix on non-NixOS (Ubuntu, etc.)
You can also use this flake on non-NixOS systems (e.g., Ubuntu) via Home Manager. For that path, hosts are defined under `homeConfigurations` in `nix/flake.nix` and typically live next to their NixOS counterparts. In this repo, `carpates` is prepared for non-NixOS via Home Manager.
- Naming rule: your machine's hostname (output of `hostname -s`) should match the `homeConfigurations.<host>` entry. Example: `carpates`.
- Packages: non-NixOS hosts usually install user-scoped packages via Home Manager, using the shared base set from `nix/base/packages.nix`.
### Prerequisites
- Install Nix (multi-user is recommended):
```bash
sh <(curl -L https://nixos.org/nix/install) --daemon
```
- Enable flakes (if not already). On non-NixOS, set in `/etc/nix/nix.conf` or `$XDG_CONFIG_HOME/nix/nix.conf`:
```
experimental-features = nix-command flakes
```
- Install Home Manager (no separate channel needed when using flakes; we can run it via `nix run` or install it on PATH):
```bash
# Optional, to have `home-manager` on PATH:
nix profile install github:nix-community/home-manager
#### NixOS Hosts
1. Create a directory in `nix/hosts/<hostname>/`.
2. Add `configuration.nix`, `hardware-configuration.nix`, and `packages.nix` there.
3. Add the host to `nixosConfigurations` in `nix/flake.nix`:
```nix
limgrave = mkNixos "limgrave" [
nix-snapd.nixosModules.default
autofirma-nix.nixosModules.default
];
```
### Apply the configuration (non-NixOS)
From repo root:
#### Non-NixOS Hosts (e.g., Ubuntu)
1. Add the host to `homeConfigurations` in `nix/flake.nix`:
```nix
"catalin@ubuntu" = mkHome "ubuntu" "catalin" [ ];
```
*Note: `mkHome` takes `hostname`, `username`, and additional modules.*
### Building and Applying
#### NixOS
Run from the root of the repository:
```bash
# Use the prepared Home Manager host (example: carpates)
home-manager switch --flake ./nix#carpates
# If `home-manager` is not installed, you can run it via nix:
nix run github:nix-community/home-manager -- switch --flake ./nix#carpates
sudo nixos-rebuild switch --flake .#hostname
```
### Upgrades (non-NixOS)
`nix_upgrade` also works on non-NixOS:
```fish
# Auto-detects host from (hostname -s) and runs Home Manager switch
nix_upgrade
# Or override explicitly
nix_upgrade carpates
#### Non-NixOS (Home Manager)
Run from the root of the repository:
```bash
home-manager switch --flake ./nix#user@hostname
```
What it does on non-NixOS:
- `nix flake update --flake /home/catalin/.dotfiles/nix`
- `home-manager switch --flake /home/catalin/.dotfiles/nix#<host>` (or `nix run ... -- switch` if HM is not on PATH)
### NixOS vs. non-NixOS summary
- NixOS hosts are declared under `nixosConfigurations` and are applied with `nixos-rebuild`.
- non-NixOS hosts are declared under `homeConfigurations` and are applied with `home-manager switch`.
- The `nix_upgrade` function detects the OS and selects the correct path automatically based on the hostname.

38
nix/base/packages.nix
View file

@ -1,38 +0,0 @@
pkgs: with pkgs; [
vim
wget
git
tmux
eza
bat
jq
curl
atuin
leaf
dotter
kubectl
k9s
trashy
krew
pre-commit
devenv
git-cliff
difftastic
unzip
hadolint
docker-compose
delta
bottom
bat
dust
popeye
kubecolor
kubeconform
kube-score
uv
neovim
ncdu
direnv
asciinema
yq
]

8
nix/flake.lock generated
View file

@ -139,16 +139,16 @@
]
},
"locked": {
"lastModified": 1747688870,
"narHash": "sha256-ypL9WAZfmJr5V70jEVzqGjjQzF0uCkz+AFQF7n9NmNc=",
"lastModified": 1763992789,
"narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "d5f1f641b289553927b3801580598d200a501863",
"rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}

55
nix/flake.nix
View file

@ -12,7 +12,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
};
@ -32,38 +32,47 @@
lib = nixpkgs.lib;
pkgs-unstable = unstable.legacyPackages.${system};
pkgs = nixpkgs.legacyPackages.${system};
mkNixos = host: modules: lib.nixosSystem {
inherit system;
specialArgs = { inherit pkgs-unstable; };
modules = [
./hosts/${host}/configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.catalin = import ./home;
home-manager.extraSpecialArgs = { inherit pkgs-unstable; };
}
] ++ modules;
};
# Helper for Home Manager configurations (non-NixOS)
mkHome = host: user: modules: home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home
{
home.username = user;
home.homeDirectory = "/home/${user}";
}
] ++ modules;
extraSpecialArgs = { inherit pkgs-unstable; };
};
in
{
nixosConfigurations = {
limgrave = lib.nixosSystem {
inherit system;
specialArgs = { inherit pkgs-unstable; };
modules = [
./hosts/limgrave/configuration.nix
limgrave = mkNixos "limgrave" [
nix-snapd.nixosModules.default
autofirma-nix.nixosModules.default
home-manager.nixosModules.home-manager
];
};
carpates = lib.nixosSystem {
inherit system;
specialArgs = { inherit pkgs-unstable; };
modules = [
./hosts/carpates/configuration.nix
home-manager.nixosModules.home-manager
];
};
};
# Home Manager configurations for non-NixOS hosts (e.g., Ubuntu)
homeConfigurations = {
# For non-NixOS usage on a machine named "carpates".
# Run: home-manager switch --flake ./nix#carpates
carpates = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [ ./hosts/carpates/home.nix ];
};
# For non-NixOS usage. Run: home-manager switch --flake ./nix#catalin@ubuntu
"catalin@limgrave" = mkHome "limgrave" "catalin" [ ];
};
};
}

59
nix/home/default.nix Normal file
View file

@ -0,0 +1,59 @@
{ pkgs, ... }: {
imports = [
./packages.nix
];
home.stateVersion = "24.11";
programs.fish = {
enable = true;
};
programs.bash = {
enable = true;
initExtra = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
programs.gnome-shell = {
enable = true;
extensions = [{ package = pkgs.gnomeExtensions.gsconnect; }];
};
dconf.settings = {
"org/gnome/shell" = {
disable-user-extensions = false;
enabled-extensions = with pkgs.gnomeExtensions; [
gsconnect.extensionUuid
user-themes.extensionUuid
caffeine.extensionUuid
colosseum.extensionUuid
dash-to-dock.extensionUuid
clipboard-indicator.extensionUuid
emoji-copy.extensionUuid
bluetooth-battery-meter.extensionUuid
];
};
};
home.packages = with pkgs; [
gnomeExtensions.user-themes
gnomeExtensions.caffeine
gnomeExtensions.colosseum
gnomeExtensions.dash-to-dock
gnomeExtensions.clipboard-indicator
gnomeExtensions.emoji-copy
gnomeExtensions.gsconnect
gnomeExtensions.bluetooth-battery-meter
gnome-tweaks
catppuccin-gtk
catppuccin-cursors
catppuccin-papirus-folders
catppuccin-grub
];
}

39
nix/home/packages.nix Normal file
View file

@ -0,0 +1,39 @@
{ pkgs, ... }: {
home.packages = with pkgs; [
vim
wget
git
tmux
eza
bat
jq
curl
atuin
leaf
dotter
kubectl
k9s
trashy
krew
pre-commit
devenv
git-cliff
difftastic
unzip
hadolint
docker-compose
delta
bottom
dust
popeye
kubecolor
kubeconform
kube-score
uv
neovim
ncdu
direnv
asciinema
yq
];
}

37
nix/hosts/carpates/configuration.nix
View file

@ -1,37 +0,0 @@
{ config, pkgs, pkgs-unstable, ... }:
{
imports = [
./hardware-configuration.nix
];
# Basic system metadata
networking.hostName = "carpates";
time.timeZone = "Europe/Madrid";
i18n.defaultLocale = "en_US.UTF-8";
# Nix settings
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config = {
allowUnfree = true;
allowBroken = false;
};
# Users
users.users.catalin = {
isNormalUser = true;
description = "catalin";
shell = pkgs.fish;
extraGroups = [ "networkmanager" "wheel" ];
};
# Minimal services
networking.networkmanager.enable = true;
services.openssh.enable = true;
# Base CLI set only (shared across hosts)
environment.systemPackages = import ../../base/packages.nix pkgs;
programs.fish.enable = true;
system.stateVersion = "24.11";
}

27
nix/hosts/carpates/home.nix
View file

@ -1,27 +0,0 @@
{ config, pkgs, ... }:
{
# Home Manager configuration for non-NixOS usage on host "carpates".
# Apply with:
# home-manager switch --flake ./nix#carpates
home.username = "catalin";
home.homeDirectory = "/home/catalin";
# Use the same base CLI set as all hosts
home.packages = import ../../base/packages.nix pkgs;
programs.fish.enable = true;
# Example: some common quality-of-life programs
programs.git = {
enable = true;
userName = "catalin";
userEmail = ""; # set if desired
};
# Make sure HM itself can manage its state
programs.home-manager.enable = true;
# Set the HM release; doesn't have to match NixOS release
home.stateVersion = "24.11";
}

71
nix/hosts/limgrave/configuration.nix
View file

@ -40,47 +40,6 @@
allowedUDPPortRanges = allowedTCPPortRanges;
};
home-manager.users.catalin = {
programs.gnome-shell = {
enable = true;
extensions = [{ package = pkgs.gnomeExtensions.gsconnect; }];
};
dconf = {
enable = true;
settings."org/gnome/shell" = {
disable-user-extensions = false;
enabled-extensions = with pkgs.gnomeExtensions; [
gsconnect.extensionUuid
user-themes.extensionUuid
caffeine.extensionUuid
colosseum.extensionUuid
dash-to-dock.extensionUuid
clipboard-indicator.extensionUuid
emoji-copy.extensionUuid
bluetooth-battery-meter.extensionUuid
];
};
};
home = {
stateVersion = "24.11";
enableNixpkgsReleaseCheck = false;
packages = with pkgs; [
gnomeExtensions.user-themes
gnomeExtensions.caffeine
gnomeExtensions.colosseum
gnomeExtensions.dash-to-dock
gnomeExtensions.clipboard-indicator
gnomeExtensions.emoji-copy
gnomeExtensions.gsconnect
gnomeExtensions.bluetooth-battery-meter
gnome-tweaks
catppuccin-gtk
catppuccin-cursors
catppuccin-papirus-folders
catppuccin-grub
];
};
};
services.xserver = {
enable = true;
@ -122,41 +81,15 @@
enable = true;
firefoxIntegration.enable = true;
};
programs.dnieremote = {
enable = true;
jumpIntro = "no";
wifiPort = 9501;
usbPort = 9501;
openFirewall = false;
};
programs.configuradorfnmt = {
enable = true;
firefoxIntegration.enable = true;
};
# Configure Firefox PKCS#11 modules for DNIe and OpenSC
programs.firefox.policies = {
SecurityDevices = {
"OpenSC PKCS#11" = "${pkgs.opensc}/lib/opensc-pkcs11.so";
"DNIeRemote" = "${config.programs.dnieremote.finalPackage}/lib/libdnieremotepkcs11.so";
};
};
nixpkgs.config.allowUnfree = true;
services.flatpak.enable = true;
programs.nix-ld.enable = true;
# Merge base packages with host-specific packages
environment.systemPackages = (import ../../base/packages.nix pkgs) ++ (import ./packages.nix pkgs);
environment.systemPackages = import ./packages.nix pkgs;
programs = {
bash = {
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
fish.enable = true;
steam = {
enable = true;

2
nix/hosts/limgrave/hardware-configuration.nix
View file

@ -77,6 +77,6 @@
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
nixpkgs.hostPlatform = "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

13
nix/hosts/limgrave/packages.nix
View file

@ -2,7 +2,6 @@ pkgs: with pkgs; [
kitty
steam
steam-run
vesktop
python311
protonup-qt
jellyfin-media-player
@ -14,7 +13,7 @@ pkgs: with pkgs; [
fishPlugins.done
fishPlugins.colored-man-pages
lutris
telegram-desktop
ayugram-desktop
restic
bitwarden
pre-commit
@ -66,12 +65,10 @@ pkgs: with pkgs; [
appimage-run
coder
xcolor
signal-desktop
element-desktop
pavucontrol
samrewritten
audacity
mullvad-browser
mullvad-vpn
limo
protontricks
nmap
terragrunt
discord
]

66
v2/flake.lock generated Normal file
View file

@ -0,0 +1,66 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1770260404,
"narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1770770419,
"narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1714076141,
"narHash": "sha256-Drmja/f5MRHZCskS6mvzFqxEaZMeciScCTFxWVLqWEY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7bb2ccd8cdc44c91edba16c48d2c8f331fb3d856",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable"
}
}
},
"root": "root",
"version": 7
}

75
v2/flake.nix Normal file
View file

@ -0,0 +1,75 @@
{
description = "Your new nix config";
inputs = {
# Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
# You can access packages and modules from different nixpkgs revs
# at the same time. Here's an working example:
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Also see the 'unstable-packages' overlay at 'overlays/default.nix'.
# Home manager
home-manager.url = "github:nix-community/home-manager/release-25.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = {
self,
nixpkgs,
home-manager,
...
} @ inputs: let
# Supported systems for your flake packages, shell, etc.
systems = [
"x86_64-linux"
];
# This is a function that generates an attribute by calling a function you
# pass to it, with each system as an argument
forAllSystems = nixpkgs.lib.genAttrs systems;
in {
# Your custom packages
# Accessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
# Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
# Your custom packages and modifications, exported as overlays
overlays = import ./overlays {inherit inputs;};
# Reusable nixos modules you might want to export
# These are usually stuff you would upstream into nixpkgs
nixosModules = import ./modules/nixos;
# Reusable home-manager modules you might want to export
# These are usually stuff you would upstream into home-manager
homeManagerModules = import ./modules/home-manager;
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = {
# FIXME replace with your hostname
limgrave = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules = [
# > Our main nixos configuration file <
./nixos/configuration.nix
];
};
};
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {
# FIXME replace with your username@hostname
"catalin@limgrave" = home-manager.lib.homeManagerConfiguration {
# Home-manager requires 'pkgs' instance
pkgs = nixpkgs.legacyPackages.x86_64-linux; # FIXME replace x86_64-linux with your architecure
extraSpecialArgs = {inherit inputs;};
modules = [
# > Our main home-manager configuration file <
./home-manager/home.nix
];
};
};
};
}

66
v2/home-manager/home.nix Normal file
View file

@ -0,0 +1,66 @@
# This is your home-manager configuration file
# Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix)
{
inputs,
lib,
config,
pkgs,
...
}: {
# You can import other home-manager modules here
imports = [
# If you want to use modules your own flake exports (from modules/home-manager):
# inputs.self.homeManagerModules.example
# Or modules exported from other flakes (such as nix-colors):
# inputs.nix-colors.homeManagerModules.default
# You can also split up your configuration and import pieces of it here:
# ./nvim.nix
];
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
inputs.self.overlays.additions
inputs.self.overlays.modifications
inputs.self.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
# TODO: Set your username
home = {
username = "your-username";
homeDirectory = "/home/your-username";
};
# Add stuff for your user as you see fit:
# programs.neovim.enable = true;
# home.packages = with pkgs; [ steam ];
# Enable home-manager and git
programs.home-manager.enable = true;
programs.git.enable = true;
# Nicely reload system units when changing configs
systemd.user.startServices = "sd-switch";
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
home.stateVersion = "23.05";
}

6
v2/modules/home-manager/default.nix Normal file
View file

@ -0,0 +1,6 @@
# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
# These should be stuff you would like to share with others, not your personal configurations.
{
# List your module files here
# my-module = import ./my-module.nix;
}

6
v2/modules/nixos/default.nix Normal file
View file

@ -0,0 +1,6 @@
# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
# These should be stuff you would like to share with others, not your personal configurations.
{
# List your module files here
# my-module = import ./my-module.nix;
}

206
v2/nixos/configuration.nix Normal file
View file

@ -0,0 +1,206 @@
# This is your system's configuration file.
# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
{
inputs,
lib,
config,
pkgs,
...
}: {
# You can import other NixOS modules here
imports = [
# If you want to use modules your own flake exports (from modules/nixos):
# inputs.self.nixosModules.example
# Or modules from other flakes (such as nixos-hardware):
# inputs.hardware.nixosModules.common-cpu-amd
# inputs.hardware.nixosModules.common-ssd
# You can also split up your configuration and import pieces of it here:
# ./users.nix
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix
];
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
inputs.self.overlays.additions
inputs.self.overlays.modifications
inputs.self.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
nix = let
flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
in {
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Opinionated: disable global registry
flake-registry = "";
download-buffer-size = 524288000;
# Workaround for https://github.com/NixOS/nix/issues/9574
nix-path = config.nix.nixPath;
};
# Opinionated: disable channels
channel.enable = false;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 1w";
};
# Opinionated: make flake registry and nix path match flake inputs
registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs;
nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
extraOptions = ''
trusted-users = root catalin
'';
};
# FIXME: Add the rest of your current configuration
nixpkgs.config.allowBroken = true;
nixpkgs.config.permittedInsecurePackages = [ "electron-33.4.11" "mono-5.20.1.34" "qtwebengine-5.15.19" ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "ntfs" ];
networking.networkmanager.enable = true;
services.mullvad-vpn.enable = true;
environment.sessionVariables.MOZ_ENABLE_WAYLAND = 0;
time.timeZone = "Europe/Madrid";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "es_ES.UTF-8";
LC_IDENTIFICATION = "es_ES.UTF-8";
LC_MEASUREMENT = "es_ES.UTF-8";
LC_MONETARY = "es_ES.UTF-8";
LC_NAME = "es_ES.UTF-8";
LC_NUMERIC = "es_ES.UTF-8";
LC_PAPER = "es_ES.UTF-8";
LC_TELEPHONE = "es_ES.UTF-8";
LC_TIME = "es_ES.UTF-8";
};
networking.firewall = rec {
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
allowedUDPPortRanges = allowedTCPPortRanges;
};
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
windowManager.openbox.enable = true;
xkb = {
layout = "us";
variant = "";
};
};
services.printing.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
hardware.graphics.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
programs.firefox.enable = true;
programs = {
fish.enable = true;
steam = {
enable = true;
package = pkgs.steam.override {
extraLibraries = p: with p; [ (lib.getLib networkmanager) ];
};
};
};
xdg.portal.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
xdg.portal.config.common.default = "gtk";
programs.mtr.enable = true;
programs.dconf.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
systemd.services.flatpak-repo = {
wantedBy = [ "multi-user.target" ];
path = [ pkgs.flatpak ];
script = ''
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
'';
};
fonts.packages = with pkgs; [
atkinson-hyperlegible
];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
services.tailscale.enable = true;
virtualisation.docker.enable = true;
networking.nameservers = [ "192.168.1.7" "1.1.1.1" ];
system.autoUpgrade.enable = true;
environment.systemPackages = import ./packages.nix pkgs;
networking.hostName = "limgrave";
users.users = {
catalin = {
isNormalUser = true;
description = "catalin";
shell = pkgs.fish;
useDefaultShell = true;
extraGroups = [ "networkmanager" "wheel" "docker" "nas" ];
packages = with pkgs; [ flatpak ];
};
};
users.groups.nas.gid = 568;
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = true;
};
};
system.stateVersion = "24.11";
}

55
v2/nixos/hardware-configuration.nix Normal file
View file

@ -0,0 +1,55 @@
{ config, lib, pkgs, modulesPath, ... }:
{
boot.loader.systemd-boot.enable = true;
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/07b5dda3-2fcd-494b-893c-72301d637e9a";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/04FD-A91D";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
fileSystems."/mnt/zeruel/nas1" =
{ device = "zeruel.fuku:/mnt/pool1/nas1";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
fileSystems."/mnt/zeruel/dcsi" =
{ device = "zeruel.fuku:/mnt/pool1/dcsi";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
fileSystems."/mnt/windoze2" =
{ device = "/dev/disk/by-uuid/6084BE5384BE2B82";
fsType = "ntfs-3g";
options = [ "rw" "uid=1000"];
};
fileSystems."/mnt/windoze" =
{ device = "/dev/disk/by-uuid/46B01460B01458AF";
fsType = "ntfs-3g";
options = [ "rw" "uid=1000"];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/03ecd98d-013f-4476-b43a-bcae0bc1de67"; }
];
networking.useDHCP = lib.mkDefault true;
# Set your system kind (needed for flakes)
nixpkgs.hostPlatform = "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

110
v2/nixos/packages.nix Normal file
View file

@ -0,0 +1,110 @@
pkgs: with pkgs; [
vim
wget
git
tmux
eza
bat
jq
curl
atuin
leaf
dotter
kubectl
k9s
trashy
krew
pre-commit
devenv
git-cliff
difftastic
unzip
hadolint
docker-compose
delta
bottom
dust
popeye
kubecolor
kubeconform
kube-score
uv
neovim
ncdu
direnv
asciinema
yq
kitty
steam
steam-run
python311
protonup-qt
jellyfin-media-player
spotify
adwaita-icon-theme
fishPlugins.z
fishPlugins.tide
fishPlugins.transient-fish
fishPlugins.done
fishPlugins.colored-man-pages
lutris
ayugram-desktop
restic
bitwarden-desktop
pre-commit
cargo
inconsolata
google-chrome
yt-dlp
mpv
gnumake
stremio
kubernetes-helm
opentofu
kubeseal
openssl
xclip
resticprofile
gnupg
awscli2
kor
exiftool
jetbrains-toolbox
chiaki-ng
gnome-themes-extra
tela-circle-icon-theme
hmcl
rose-pine-gtk-theme
rose-pine-icon-theme
rose-pine-cursor
vlc
unrar-wrapper
atkinson-hyperlegible
libreoffice-qt
hunspell
hunspellDicts.es_ES
hunspellDicts.en_US
sqlite-interactive
ffmpeg
filezilla
lrcget
picard
gimp
yq
qbittorrent
p7zip
ansible
k3sup
gamemode
lm_sensors
appimage-run
coder
xcolor
element-desktop
samrewritten
protontricks
nmap
terragrunt
discord
]

23
v2/overlays/default.nix Normal file
View file

@ -0,0 +1,23 @@
# This file defines overlays
{inputs, ...}: {
# This one brings our custom packages from the 'pkgs' directory
additions = final: _prev: import ../pkgs final.pkgs;
# This one contains whatever you want to overlay
# You can change versions, add patches, set compilation flags, anything really.
# https://nixos.wiki/wiki/Overlays
modifications = final: prev: {
# example = prev.example.overrideAttrs (oldAttrs: rec {
# ...
# });
};
# When applied, the unstable nixpkgs set (declared in the flake inputs) will
# be accessible through 'pkgs.unstable'
unstable-packages = final: _prev: {
unstable = import inputs.nixpkgs-unstable {
system = final.system;
config.allowUnfree = true;
};
};
}

5
v2/pkgs/default.nix Normal file
View file

@ -0,0 +1,5 @@
# Custom packages, that can be defined similarly to ones from nixpkgs
# You can build them using 'nix build .#example'
pkgs: {
# example = pkgs.callPackage ./example { };
}

65
v22/flake.lock generated Normal file
View file

@ -0,0 +1,65 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1763992789,
"narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1767313136,
"narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"systems": "systems"
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

75
v22/flake.nix Normal file
View file

@ -0,0 +1,75 @@
{
description = "My NixOS configuration";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
#unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
#nix-snapd.url = "github:nix-community/nix-snapd";
#nix-snapd.inputs.nixpkgs.follows = "nixpkgs";
systems.url = "github:nix-systems/default-linux";
#autofirma-nix = {
# url = "github:nix-community/autofirma-nix/release-25.05";
# inputs.nixpkgs.follows = "nixpkgs";
#};
home-manager = {
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
};
nixConfig = {
extra-substituters = [
"https://nix-community.cachix.org"
];
como cuando experimenta extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
};
outputs = {
self,
nixpkgs,
systems,
home-manager,
} @ inputs: let
inherit (self) outputs;
lib = nixpkgs.lib // home-manager.lib;
forEachSystem = f: lib.genAttrs (import systems) (system: f pkgsFor.${system});
pkgsFor = lib.genAttrs (import systems) (
system:
import nixpkgs {
inherit system;
config.allowUnfree = true;
}
);
in {
inherit lib;
#nixosModules = import ./modules/nixos;
#homeManagerModules = import ./modules/home-manager;
#overlays = import ./overlays {inherit inputs;};
packages = forEachSystem (pkgs: import ./pkgs {inherit pkgs;});
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = {
limgrave = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules = [
./hosts/limgrave/nixos
];
};
};
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {
"catalin@limgrave" = home-manager.lib.homeManagerConfiguration {
# Home-manager requires 'pkgs' instance
pkgs = pkgsFor.x86_64-linux;
extraSpecialArgs = {inherit inputs;};
modules = [
./hosts/limgrave/home
];
};
};
};
}

161
v22/hosts/limgrave/nixos/default.nix Normal file
View file

@ -0,0 +1,161 @@
{ pkgs, inputs, ... }:
{
imports = [
./hardware-configuration.nix
];
nixpkgs.config.allowBroken = true;
nix.settings.download-buffer-size = 524288000;
nixpkgs.config.permittedInsecurePackages = [ "electron-33.4.11" "mono-5.20.1.34" ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "ntfs" ];
services.snap.enable = false;
networking.hostName = "limgrave";
networking.networkmanager.enable = true;
services.mullvad-vpn.enable = true;
environment.sessionVariables.MOZ_ENABLE_WAYLAND = 0;
time.timeZone = "Europe/Madrid";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "es_ES.UTF-8";
LC_IDENTIFICATION = "es_ES.UTF-8";
LC_MEASUREMENT = "es_ES.UTF-8";
LC_MONETARY = "es_ES.UTF-8";
LC_NAME = "es_ES.UTF-8";
LC_NUMERIC = "es_ES.UTF-8";
LC_PAPER = "es_ES.UTF-8";
LC_TELEPHONE = "es_ES.UTF-8";
LC_TIME = "es_ES.UTF-8";
};
networking.firewall = rec {
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
allowedUDPPortRanges = allowedTCPPortRanges;
};
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
windowManager.openbox.enable = true;
xkb = {
layout = "us";
variant = "";
};
};
services.printing.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
hardware.graphics.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
users.users.catalin = {
isNormalUser = true;
description = "catalin";
shell = pkgs.fish;
useDefaultShell = true;
extraGroups = [ "networkmanager" "wheel" "docker" "nas" ];
packages = with pkgs; [ flatpak ];
};
users.groups.nas.gid = 568;
programs.firefox.enable = true;
# Enable smart card service and eID tooling (AutoFirma stack)
services.pcscd.enable = true;
programs.autofirma = {
enable = true;
firefoxIntegration.enable = true;
};
programs.dnieremote = {
enable = true;
jumpIntro = "no";
wifiPort = 9501;
usbPort = 9501;
openFirewall = false;
};
programs.configuradorfnmt = {
enable = true;
firefoxIntegration.enable = true;
};
# Configure Firefox PKCS#11 modules for DNIe and OpenSC
programs.firefox.policies = {
SecurityDevices = {
"OpenSC PKCS#11" = "${pkgs.opensc}/lib/opensc-pkcs11.so";
"DNIeRemote" = "${config.programs.dnieremote.finalPackage}/lib/libdnieremotepkcs11.so";
};
};
nixpkgs.config.allowUnfree = true;
services.flatpak.enable = true;
programs.nix-ld.enable = true;
# Merge base packages with host-specific packages
environment.systemPackages = import ./packages.nix pkgs;
programs = {
fish.enable = true;
steam = {
enable = true;
package = pkgs.steam.override {
extraLibraries = p: with p; [ (lib.getLib networkmanager) ];
};
};
};
xdg.portal.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
xdg.portal.config.common.default = "gtk";
programs.mtr.enable = true;
programs.dconf.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
systemd.services.flatpak-repo = {
wantedBy = [ "multi-user.target" ];
path = [ pkgs.flatpak ];
script = ''
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
'';
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 1w";
};
fonts.packages = with pkgs; [
atkinson-hyperlegible
];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
services.openssh.enable = true;
services.tailscale.enable = true;
virtualisation.docker.enable = true;
networking.nameservers = [ "192.168.1.7" "1.1.1.1" ];
nix.extraOptions = ''
trusted-users = root catalin
'';
system.autoUpgrade.enable = true;
system.stateVersion = "24.11";
}

82
v22/hosts/limgrave/nixos/hardware-configuration.nix Normal file
View file

@ -0,0 +1,82 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/07b5dda3-2fcd-494b-893c-72301d637e9a";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/04FD-A91D";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
# fileSystems."/snap/acestreamplayer/17" =
# { device = "/var/lib/snapd/snaps/acestreamplayer_17.snap";
# fsType = "squashfs";
# options = [ "loop" ];
# };
#
# fileSystems."/snap/core22/1722" =
# { device = "/var/lib/snapd/snaps/core22_1722.snap";
# fsType = "squashfs";
# options = [ "loop" ];
# };
#
# fileSystems."/snap/snapd/23258" =
# { device = "/var/lib/snapd/snaps/snapd_23258.snap";
# fsType = "squashfs";
# options = [ "loop" ];
# };
#
fileSystems."/mnt/zeruel/nas1" =
{ device = "zeruel.fuku:/mnt/pool1/nas1";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
fileSystems."/mnt/zeruel/dcsi" =
{ device = "zeruel.fuku:/mnt/pool1/dcsi";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
fileSystems."/mnt/windoze2" =
{ device = "/dev/disk/by-uuid/6084BE5384BE2B82";
fsType = "ntfs-3g";
options = [ "rw" "uid=1000"];
};
fileSystems."/mnt/windoze" =
{ device = "/dev/disk/by-uuid/46B01460B01458AF";
fsType = "ntfs-3g";
options = [ "rw" "uid=1000"];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/03ecd98d-013f-4476-b43a-bcae0bc1de67"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.br-71a907d8e6fd.useDHCP = lib.mkDefault true;
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

0
v22/modules/home-manager/default.nix Normal file
View file

0
v22/modules/nixos/default.nix Normal file
View file

0
v22/overlays/default.nix Normal file
View file

74
v22/pkgs/default.nix Normal file
View file

@ -0,0 +1,74 @@
pkgs: with pkgs; [
kitty
steam
steam-run
python311
protonup-qt
jellyfin-media-player
spotify
adwaita-icon-theme
fishPlugins.z
fishPlugins.tide
fishPlugins.transient-fish
fishPlugins.done
fishPlugins.colored-man-pages
lutris
ayugram-desktop
restic
bitwarden
pre-commit
cargo
inconsolata
google-chrome
yt-dlp
mpv
gnumake
stremio
kubernetes-helm
opentofu
kubeseal
openssl
xclip
resticprofile
gnupg
awscli2
kor
exiftool
jetbrains-toolbox
chiaki-ng
gnome-themes-extra
tela-circle-icon-theme
hmcl
rose-pine-gtk-theme
rose-pine-icon-theme
rose-pine-cursor
vlc
unrar-wrapper
atkinson-hyperlegible
libreoffice-qt
hunspell
hunspellDicts.es_ES
hunspellDicts.en_US
sqlite-interactive
ffmpeg
filezilla
lrcget
picard
gimp
yq
qbittorrent
p7zip
ansible
k3sup
gamemode
lm_sensors
appimage-run
coder
xcolor
element-desktop
samrewritten
protontricks
nmap
terragrunt
discord
]