Lillian-Violet/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Big refactor, need to test still

Browse source
This commit is contained in:
Lillian Violet 2023-12-28 12:47:58 +01:00
parent 85eb74721e
commit ba1d04f83a
26 changed files with 17 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

247
nixos/hosts/shodan/configuration.nix Normal file
View file

@ -0,0 +1,247 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: {
imports = [
#Jovian Nixos
(
# Put the most recent revision here:
let
revision = "4d24d2ff927a8b8a698bbacdb1966045bcadf872";
in
builtins.fetchTarball {
url = "https://github.com/Jovian-Experiments/Jovian-NixOS/archive/${revision}.tar.gz";
# Update the hash as needed:
sha256 = "sha256:1bj0vm734jllsl7kyicdjlcpm30q6syzavr3im89m0f5bpnzkj7l";
}
+ "/modules"
)
# If you want to use modules your own flake exports (from modules/home-manager):
# outputs.homeManagerModules.example
inputs.home-manager.nixosModules.home-manager
# Or modules exported from other flakes (such as nix-colors):
# inputs.nix-colors.homeManagerModules.default
# You can also split up your configuration and import pieces of it here:
# ./nvim.nix
./hardware-configuration.nix
];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = false;
networking.domain = "";
services.openssh.enable = true;
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
#Set up sops config, and configure where the keyfile is, then set the mode for the unencrypted keys
sops.defaultSopsFile = ../../secrets/shodan-Lillian.yaml;
sops.age.keyFile = ./keys.txt;
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
};
environment.systemPackages = with pkgs; [
#System:
alejandra
git
git-filter-repo
home-manager
noto-fonts
noto-fonts-emoji-blob-bin
noto-fonts-emoji
oh-my-zsh
rsync
wget
zsh
#KDE:
krunner-translator
libsForQt5.discover
libsForQt5.kcalc
libsForQt5.kdepim-addons
libsForQt5.kirigami2
libsForQt5.kdeconnect-kde
libsForQt5.krunner-ssh
libsForQt5.krunner-symbols
libsForQt5.packagekit-qt
libportal-qt5
#Gaming:
steam
heroic-unwrapped
];
#Enable steam deck steam interface
jovian.steam.enable = true;
#Autostart this inteface at login
jovian.steam.autoStart = true;
#What desktop to start when switching to desktop session
jovian.steam.desktopSession = "plasmawayland";
jovian.steam.user = "lillian";
#Enable gyro service for CEMU
jovian.devices.steamdeck.enableGyroDsuService = true;
#Enable auto updates for the BIOS and controller firmware
jovian.devices.steamdeck.autoUpdate = true;
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
hardware.opengl.driSupport32Bit = true; # Enables support for 32bit libs that steam uses
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the KDE Plasma Desktop Environment.
services.xserver.desktopManager.plasma5.enable = true;
programs.kdeconnect.enable = true;
# Enable flatpak support
services.flatpak.enable = true;
services.packagekit.enable = true;
# Configure keymap in X11
services.xserver = {
layout = "us";
xkbVariant = "";
};
# Enable networking
networking.networkmanager.enable = true;
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [22];
# Set your time zone.
time.timeZone = "Europe/Amsterdam";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "nl_NL.UTF-8";
LC_IDENTIFICATION = "nl_NL.UTF-8";
LC_MEASUREMENT = "nl_NL.UTF-8";
LC_MONETARY = "nl_NL.UTF-8";
LC_NAME = "nl_NL.UTF-8";
LC_NUMERIC = "nl_NL.UTF-8";
LC_PAPER = "nl_NL.UTF-8";
LC_TELEPHONE = "nl_NL.UTF-8";
LC_TIME = "nl_NL.UTF-8";
};
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable bluetooth hardware
hardware.bluetooth.enable = true;
# Enable fwupd daemon and user space client
services.fwupd.enable = true;
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
programs.noisetorch = {
enable = true;
};
programs.zsh = {
enable = true;
};
programs.git = {
enable = true;
};
users.users = {
lillian = {
openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnYgErCnva8fvLvsmTMC6dHJp2Fvwja0BYL8K/58ugDxNA0PVGj5PpEMar5yhi4AFGGYL4EgD75tRgI/WQU87ZiKjJ6HFIhgX9curncB2kIJ0JoA+FIQMNOT72GFuhjcO4svanrobsMrRmcn193suXY/N6m6F+3pitxBfHPWuPKKjlZqVBzpqCdz9pXoGOk48OSYv7Zyw8roVsUw3fqJqs68LRLM/winWVhVSPabXGyX7PAAW51Nbv6M64REs+V1a+wGvK5sGhRy7lIBAIuD22tuL4/PZojST1hasKN+7cSp7F1QTi4u0yeQ2+gIclQNuhfvghzl6zcVEpOycFouSIJaJjo8jyuHkbm4I2XfALVTFHe7sLpYNNS7Mf6E6i5rHvAvtXI4UBx/LjgPOj7RWZFaotxQRk1D+N0y2xNrO4ft6mS+hrJ/+ybp1XTGdtlkpUDKjiTZkV7Z4fq9J0jtijvtxRfcPhjia50IIHtZ28wVBMCCwYzh5pR15F/XbvKCc= lillian@EDI"];
isNormalUser = true;
extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "decky"];
shell = pkgs.zsh;
};
};
# Enable completion of system packages by zsh
environment.pathsToLink = ["/share/zsh"];
home-manager = {
extraSpecialArgs = {inherit inputs outputs;};
users = {
# Import your home-manager configuration
lillian = import ../../home-manager/shodan-Lillian.nix;
};
};
networking.hostName = "shodan";
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.configurationLimit = 3;
boot.loader.efi.canTouchEfiVariables = true;
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "unstable";
}

42
nixos/hosts/shodan/hardware-configuration.nix Normal file
View file

@ -0,0 +1,42 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/19a654d6-c3c7-44fb-9752-fbc6bd7024a2";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/5636-9CA7";
fsType = "vfat";
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0f3u1u4.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}