From 2187e7a7ed9604000207d4192492cc25cc16a26f Mon Sep 17 00:00:00 2001 From: Tristan Druyen Date: Sat, 4 Nov 2023 03:41:14 +0100 Subject: [PATCH] WIP - Allow kde connect in firewall - Add neofetch theme - modularize amdgpu stuff - add rbw bw cli - switch to firefox beta - add krita & mpv - add monero to desktop - add corectrl - update flakes - add protonup-qt --- flake.lock | 42 ++++++++++++++++----------------- flake.nix | 4 +--- home-mods/desktop/default.nix | 9 +++++++ home-mods/dev/default.nix | 2 +- home-mods/firefox/default.nix | 2 +- home-mods/shell/default.nix | 21 +++++++++++++++-- os-mods/amdgpu/default.nix | 29 +++++++++++++++++++++++ os-mods/common/default.nix | 16 ++++++++++++- os-mods/desktop/default.nix | 16 +++++++++++++ systems/nixos-desk/default.nix | 28 ++++++++++------------ systems/nixos-pulse/default.nix | 20 +++------------- users/default.nix | 4 ++-- 12 files changed, 130 insertions(+), 63 deletions(-) create mode 100644 os-mods/amdgpu/default.nix diff --git a/flake.lock b/flake.lock index c1e10e3..8aebb4f 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1698422527, - "narHash": "sha256-SDu3Xg263t3oXIyTaH0buOvFnKIDeZsvKDBtOz+jRbs=", + "lastModified": 1699099781, + "narHash": "sha256-2WAs839yL6xmIPBLNVwbft46BDh0/RAjq1bAKNRqeR4=", "owner": "nix-community", "repo": "disko", - "rev": "944d338d24a9d043a3f7461c30ee6cfe4f9cca30", + "rev": "548962c50b8afad7b8c820c1d6e21dc8394d6e65", "type": "github" }, "original": { @@ -31,11 +31,11 @@ ] }, "locked": { - "lastModified": 1699031794, - "narHash": "sha256-yf69PmHplQwg8G81Y+vOUxAqIvcpEjKCeftE8B5R69M=", + "lastModified": 1699237218, + "narHash": "sha256-4BRgCLbDJmU3Wbv8/nZ+S6MIuM4vC/s6X++N5Ao/I3Q=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "c1ecbd6ee4b45991444b511a22f88af2b920aee1", + "rev": "5ce24eed757d854bb290a0a0499053226fec1fc8", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1698550809, - "narHash": "sha256-Um8+Wi6EAH5dCgfgl7OqaVd4wFJn6FKLafcP5QPr/98=", + "lastModified": 1699156599, + "narHash": "sha256-Qk9ZE/pG9lNIGUVNArJxL0Hc0Soa92eQPPIhcDwWinU=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "1f0981f5baeb78e3c89a8980ff1a39f06876fa8c", + "rev": "5388a4002179d6778d212dc2fdcc7ac3fdbd5b65", "type": "github" }, "original": { @@ -216,11 +216,11 @@ }, "nixos-unstable": { "locked": { - "lastModified": 1698924604, - "narHash": "sha256-GCFbkl2tj8fEZBZCw3Tc0AkGo0v+YrQlohhEGJ/X4s0=", + "lastModified": 1699099776, + "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fa804edfb7869c9fb230e174182a8a1a7e512c40", + "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", "type": "github" }, "original": { @@ -232,11 +232,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1698942558, - "narHash": "sha256-/UmnB+mEd6Eg3mJBrAgqRcyZX//RSjHphcCO7Ig9Bpk=", + "lastModified": 1699169573, + "narHash": "sha256-cvUb1xZkvOp3W2SzylStrTirhVd9zCeo5utJl9nSIhw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "621f51253edffa1d6f08d5fce4f08614c852d17e", + "rev": "aeefe2054617cae501809b82b44a8e8f7be7cc4b", "type": "github" }, "original": { @@ -264,11 +264,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1699034771, - "narHash": "sha256-S0iAvl1oETS6cVFP7aVNodY9eMnbaTtuypi0XiGXiLg=", + "lastModified": 1699186365, + "narHash": "sha256-Pxrw5U8mBsL3NlrJ6q1KK1crzvSUcdfwb9083sKDrcU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "27ead4fec31f241baed776d046b1dcac431a5919", + "rev": "a0b3b06b7a82c965ae0bb1d59f6e386fe755001d", "type": "github" }, "original": { @@ -296,11 +296,11 @@ }, "nur": { "locked": { - "lastModified": 1699046991, - "narHash": "sha256-O0Puo3J45XDu8xS8XaDXgrZQxcCnslAAVVwLRc0twEk=", + "lastModified": 1699236273, + "narHash": "sha256-D3aPI98dUTuktW9jo05y7E31j++1E81dmP8/aQx1lrM=", "owner": "nix-community", "repo": "NUR", - "rev": "d83d6250f6b930c260c908d06783b5459a060aca", + "rev": "8476fe748f6f45fb2340f24a792c0475a0c849a7", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f7305ee..17477a4 100644 --- a/flake.nix +++ b/flake.nix @@ -165,9 +165,8 @@ [ ./systems/nixos-pulse { - nix.registry.nixpkgs.flake = nixpkgs; nixpkgs.pkgs = pkgs; - + nix.registry.nixpkgs.flake = nixpkgs; home-manager.sharedModules = hmModules; home-manager.extraSpecialArgs = args; } @@ -179,7 +178,6 @@ [ ./systems/nixos-desk { - _module.args = args; nixpkgs.pkgs = pkgs; nix.registry.nixpkgs.flake = nixpkgs; home-manager.sharedModules = hmModules; diff --git a/home-mods/desktop/default.nix b/home-mods/desktop/default.nix index 222a4d0..fd25ce8 100644 --- a/home-mods/desktop/default.nix +++ b/home-mods/desktop/default.nix @@ -11,11 +11,17 @@ let wallpaperPath = "${wallpaper}/share/wallpapers/nixos-wallpaper.png"; in { + programs.mpv = { + enable = true; + package = pkgs.unstable-pkgs.mpv; + }; + home = { file.".background".source = wallpaperPath; packages = with pkgs.unstable-pkgs; [ airshipper + blender bitwarden brave cavalier @@ -25,11 +31,14 @@ in inkscape jellyfin-media-player kate + krita libsForQt5.kdeconnect-kde libsForQt5.plasma-vault + libsForQt5.plasma-browser-integration neofetch nextcloud-client onlyoffice-bin + protonup-qt rustdesk spotify signal-desktop diff --git a/home-mods/dev/default.nix b/home-mods/dev/default.nix index 46ed54b..8dac6b8 100644 --- a/home-mods/dev/default.nix +++ b/home-mods/dev/default.nix @@ -39,7 +39,7 @@ cmake curl direnv - config.services.emacs.package + emacs-unstable-pgtk fd gnutls gnumake diff --git a/home-mods/firefox/default.nix b/home-mods/firefox/default.nix index b13ba2d..2252ff6 100644 --- a/home-mods/firefox/default.nix +++ b/home-mods/firefox/default.nix @@ -5,7 +5,7 @@ }: { programs.firefox = { enable = true; - package = pkgs.unstable-pkgs.firefox; + package = pkgs.unstable-pkgs.firefox-beta; profiles = { default = { diff --git a/home-mods/shell/default.nix b/home-mods/shell/default.nix index fef10e9..b5add8b 100644 --- a/home-mods/shell/default.nix +++ b/home-mods/shell/default.nix @@ -10,9 +10,21 @@ let ref = "master"; rev = "986398504d09e585c7d1a8d73a6394024fe6f164"; }; + neofetchThemesSrc = builtins.fetchGit { + url = "https://github.com/Chick2D/neofetch-themes"; + ref = "main"; + rev = "c7392136bed264258c9b8788b14410e1ff06d602"; + }; in { programs = { + rbw = { + enable = true; + settings = { + base_url = "https://bw.vlt81.de"; + email = "tristandruyen@vault81.de"; + }; + }; starship = { enable = true; package = pkgs.unstable-pkgs.starship; @@ -105,7 +117,7 @@ in emacs = { enable = true; defaultEditor = true; - package = lib.mkDefault pkgs.unstable-pkgs.emacs-unstable; + package = lib.mkDefault pkgs.unstable-pkgs.emacs-pgtk-unstable; }; }; @@ -115,11 +127,16 @@ in chmod u+rw -R ~/.config/emacs cp -r ${doomemacsSrc}/. "$HOME/.config/emacs" ''; + activation.setupNeofetch = lib.hm.dag.entryAfter [ "writeBoundary" ] '' + mkdir ~/.config/neofetch -p + chmod u+rw -R ~/.config/neofetch + cp ${neofetchThemesSrc}/normal/acenoster.conf "$HOME/.config/neofetch/config.conf" + ''; file.".config/doom" = { recursive = true; source = ../../ext/doom; - onChange = "${config.home.homeDirectory}/.config/emacs/bin/doom sync"; + # onChange = "${config.home.homeDirectory}/.config/emacs/bin/doom sync"; }; packages = with pkgs.unstable-pkgs; [ diff --git a/os-mods/amdgpu/default.nix b/os-mods/amdgpu/default.nix new file mode 100644 index 0000000..2626044 --- /dev/null +++ b/os-mods/amdgpu/default.nix @@ -0,0 +1,29 @@ +{ config +, lib +, pkgs +, ... +}: { + boot = { + initrd.availableKernelModules = [ "amdgpu" ]; + kernelModules = [ "amdgpu" ]; + # kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ]; + }; + + programs.corectrl = { + enable = true; + gpuOverclock.enable = true; + }; + + services.xserver.videoDrivers = [ "amdgpu" ]; + systemd.tmpfiles.rules = [ + "L+ /opt/rocm/hip - - - - ${pkgs.hip}" + ]; + hardware.opengl = { + driSupport = true; + driSupport32Bit = true; + extraPackages = with pkgs; [ + rocm-opencl-icd + rocm-opencl-runtime + ]; + }; +} diff --git a/os-mods/common/default.nix b/os-mods/common/default.nix index 1014c3f..b333d93 100644 --- a/os-mods/common/default.nix +++ b/os-mods/common/default.nix @@ -1,7 +1,11 @@ { config +, lib , pkgs +, inputs +, system , ... }: { + nixpkgs.hostPlatform = lib.mkDefault system; nix = { gc = { automatic = true; @@ -15,6 +19,8 @@ ''; }; + home-manager.backupFileExtension = "bak"; + # locale time.timeZone = "Europe/Berlin"; @@ -86,5 +92,13 @@ avahi.nssmdns = true; }; - networking.firewall.extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; + networking.firewall = { + extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; + allowedTCPPortRanges = [ + { + from = 22; + to = 22; + } # ssh + ]; + }; } diff --git a/os-mods/desktop/default.nix b/os-mods/desktop/default.nix index ea691ec..fabf722 100644 --- a/os-mods/desktop/default.nix +++ b/os-mods/desktop/default.nix @@ -25,6 +25,22 @@ (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "NerdFontsSymbolsOnly" ]; }) ]; + networking.firewall = { + enable = true; + allowedTCPPortRanges = [ + { + from = 1714; + to = 1764; + } # KDE Connect + ]; + allowedUDPPortRanges = [ + { + from = 1714; + to = 1764; + } # KDE Connect + ]; + }; + services = { xserver = { enable = true; diff --git a/systems/nixos-desk/default.nix b/systems/nixos-desk/default.nix index 5a290a2..91d8c7b 100644 --- a/systems/nixos-desk/default.nix +++ b/systems/nixos-desk/default.nix @@ -8,6 +8,7 @@ }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") + ../../os-mods/amdgpu ../../os-mods/common ../../os-mods/desktop ../../os-mods/network @@ -17,6 +18,16 @@ ]; system.stateVersion = "23.05"; + # Monero ######### + services.monero.enable = true; + services.monero.dataDir = "/media/SanDisk/monero"; + services.monero.limits.upload = 1024; + environment.systemPackages = with pkgs; [ + monero-gui + monero-cli + ]; + ################### + boot = { kernelPackages = pkgs.linuxPackages_zen; loader = { @@ -28,36 +39,23 @@ }; initrd = { - availableKernelModules = [ "amdgpu" "ahci" "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ]; + availableKernelModules = [ "ahci" "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ]; kernelModules = [ ]; systemd.enable = true; }; - kernelModules = [ "kvm-amd" "amdgpu" ]; + kernelModules = [ "kvm-amd" ]; extraModulePackages = [ ]; }; services.btrfs.autoScrub.enable = true; - services.xserver.videoDrivers = [ "amdgpu" ]; networking = { hostName = "nixos-desk"; useDHCP = lib.mkDefault true; }; - systemd.tmpfiles.rules = [ - "L+ /opt/rocm/hip - - - - ${pkgs.hip}" - ]; hardware = { - opengl = { - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; [ - rocm-opencl-icd - rocm-opencl-runtime - ]; - }; - cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; }; diff --git a/systems/nixos-pulse/default.nix b/systems/nixos-pulse/default.nix index 4f89d3b..5d74e4c 100644 --- a/systems/nixos-pulse/default.nix +++ b/systems/nixos-pulse/default.nix @@ -8,6 +8,7 @@ }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") + ../../os-mods/amdgpu ../../os-mods/common ../../os-mods/desktop ../../os-mods/network @@ -17,8 +18,6 @@ ]; system.stateVersion = "23.05"; - nixpkgs.hostPlatform = lib.mkDefault system; - boot = { kernelPackages = pkgs.linuxPackages_zen; kernelPatches = [ @@ -36,17 +35,16 @@ }; initrd = { - availableKernelModules = [ "amdgpu" "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ]; + availableKernelModules = [ "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ]; kernelModules = [ ]; systemd.enable = true; }; - kernelModules = [ "kvm-amd" "amdgpu" ]; + kernelModules = [ "kvm-amd" ]; extraModulePackages = [ ]; }; services.btrfs.autoScrub.enable = true; - services.xserver.videoDrivers = [ "amdgpu" ]; networking = { hostName = "nixos-pulse"; @@ -103,10 +101,6 @@ done ''; }; - - tmpfiles.rules = [ - "L+ /opt/rocm/hip - - - - ${pkgs.hip}" - ]; }; services.udev.extraRules = '' ACTION=="add", KERNEL=="enp5s0f4u1u1c2", TAG+="systemd", ENV{SYSTEMD_WANTS}="network-addresses-enp5s0f4u1u1c2.service" @@ -122,14 +116,6 @@ enable = true; package = inputs.tuxedo-nixos.packages.${system}.default; }; - opengl = { - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; [ - rocm-opencl-icd - rocm-opencl-runtime - ]; - }; cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; }; diff --git a/users/default.nix b/users/default.nix index e41aa65..87ba883 100644 --- a/users/default.nix +++ b/users/default.nix @@ -8,7 +8,7 @@ users.users.tester = { isNormalUser = true; description = "Testa Test"; - extraGroups = [ "audio" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; + extraGroups = [ "audio" "corectrl" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; shell = pkgs.unstable-os.fish; home = "/home/tester"; hashedPassword = "$6$YJT50/Za3FSFQuNT$0orD1URwoURoRKO9sIAsUiIHxOtEOjmPXn5Mp7vAmIYlgVmI629qS7YPUInmztEtEorRpkSMbV3.fCy9NQhKX."; @@ -16,7 +16,7 @@ users.users.tristand = { isNormalUser = true; description = "Tristan Druyen"; - extraGroups = [ "audio" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; + extraGroups = [ "audio" "corectrl" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; shell = pkgs.unstable-os.fish; home = "/home/tristand"; hashedPassword = "$6$Wj.XY8JgH5EWuog4$HnbtPJXDEqKXFrzkPVEjih3PytcpBCrkfL7TAwkXd0IFced7kGMlZNliNsAqQ3XqfyUzAYiiKTIqoPVJEk.s..";