tristan/nix
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Add basic modularization

Browse source
This commit is contained in:
Tristan D. 2023-10-05 17:45:31 +02:00
parent 3fcf1952b7
commit 957d87f6e8
Signed by: tristan
SSH key fingerprint: SHA256:U7y6eMb7CQDaTHv9XoX6/BaQnPqyxxKc+Xnfcefi6rY
9 changed files with 507 additions and 464 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
README.md
View file

@ -55,6 +55,36 @@ diff plasma.nix plasma.new.nix
# copy over as needed
```
## 🛠️ Nix Configuration Structure
Here's a brief rundown of the directory structure:
### Top-Level Files
- `flake.nix`: Nix Flake configuration file.
- `configuration.nix`: Main NixOS system configuration entry point.
- `disko.nix`: Disk and filesystem configuration.
- `hardware.nix`: Hardware-related configurations like drivers.
- `home.nix`: Configurations related to user home directories. (home-manager)
- `users.nix`: User account and privilege settings.
### `home-mods` Directory
Stores modules related to specific user applications or environments.
- `dev/default.nix`: Developer-specific configurations.
- `firefox/default.nix`: Firefox browser settings.
- `plasma/default.nix`: KDE Plasma desktop settings.
- `virt/default.nix`: Virtualization-related settings.
### `os-mods` Directory
Holds system-level modules for network, virtualization, etc.
- `network/default.nix`: Network-related settings.
- `virt/default.nix`: OS-level virtualization settings.
## 🙏 Made possible by
- NixOS: https://nixos.org/

106
configuration.nix
View file

@ -7,42 +7,10 @@
}: {
imports = [
./hardware.nix
./os-mods/network
./os-mods/virt
];
systemd.user.services.set-wallpaper = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = "yes";
};
script = ''
FILE="$HOME/.config/plasma-org.kde.plasma.desktop-appletsrc"
IMAGE_PATH="$HOME/.background"
if [[ ! -f "$IMAGE_PATH" ]]; then
echo "Image not found at $IMAGE_PATH. Skipping setting the image."
exit 0
fi
# Extract all containment numbers
CONTAINMENTS=$(${pkgs.ripgrep}/bin/rg "\[Containments\]\[(\d+)\]" -o ~/.config/plasma-org.kde.plasma.desktop-appletsrc -r \$1 | sort | uniq)
for CONTAINMENT in $CONTAINMENTS; do
echo Containment: $CONTAINMENT
${pkgs.libsForQt5.kconfig}/bin/kwriteconfig5 \
--file $FILE \
--group Containments --group $CONTAINMENT \
--key "wallpaperplugin" "org.kde.image";
${pkgs.libsForQt5.kconfig}/bin/kwriteconfig5 \
--file $FILE \
--group Containments --group $CONTAINMENT \
--group Wallpaper --group org.kde.image \
--group General \
--key Image "$IMAGE_PATH";
done
'';
};
nix = {
package = pkgs.nixFlakes;
extraOptions = ''
@ -71,26 +39,9 @@
];
networking.hostName = "nixos-pulse";
networking.networkmanager.enable = true;
networking.nameservers = [
"45.90.28.0#921984.dns.nextdns.io"
"45.90.30.0#921984.dns.nextdns.io"
"2a07:a8c0::#921984.dns.nextdns.io"
"2a07:a8c1::#921984.dns.nextdns.io"
];
services.fwupd.enable = true;
services.resolved = {
enable = true;
dnssec = "true";
domains = ["~."];
fallbackDns = ["1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one"];
extraConfig = ''
DNSOverTLS=yes
'';
};
time.timeZone = "Europe/Berlin";
i18n = {
@ -113,15 +64,6 @@
};
};
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
};
services.mozillavpn = {
enable = true;
};
services.xserver = {
enable = true;
layout = "us";
@ -129,11 +71,11 @@
desktopManager.plasma5.enable = true;
# Sddm
displayManager = {
sddm.enable = true;
defaultSession = "plasmawayland";
sddm.enable = true;
# autoLogin = {
# enable = true;
# user = "tristand";
@ -165,8 +107,6 @@
environment.sessionVariables = {
EDITOR = "nvim";
MOZ_USE_XINPUT2 = "1";
MOZ_ENABLE_WAYLAND = "1";
};
environment.systemPackages = with pkgs; [
@ -177,10 +117,6 @@
neovim
veracrypt
vim
virtiofsd
virt-manager
virt-viewer
virt-top
wl-clipboard
wget
];
@ -210,44 +146,12 @@
services.openssh.enable = true;
networking.firewall.allowedTCPPorts = [22 80 443];
networking.firewall.allowedTCPPorts = [22];
# networking.firewall.allowedUDPPorts = [ ... ];
# Samba
networking.firewall.extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns'';
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
};
virtualisation.libvirtd = {
enable = true;
onShutdown = "suspend";
onBoot = "ignore";
qemu = {
package = pkgs.qemu_kvm;
ovmf.enable = true;
ovmf.packages = [pkgs.OVMFFull.fd];
swtpm.enable = true;
runAsRoot = false;
};
};
# virtualisation.libvirtd.allowedBridges = [
# "virbr0"
# "testbr0"
# ];
# networking.bridges = {
# testbr0 = {
# interfaces = [
# "enp5s0f4u1u1c2"
# ];
# };
# };
powerManagement.powertop.enable = true;
systemd.services.powertop.postStart = ''
HIDDEVICES=$(ls /sys/bus/usb/drivers/usbhid | grep -oE '^[0-9]+-[0-9\.]+' | sort -u)

132
home-mods/dev/default.nix Normal file
View file

@ -0,0 +1,132 @@
{
lib,
pkgs,
config,
inputs,
...
}: {
programs.alacritty = {
enable = true;
settings = {
window.opacity = 0.88;
window.dimensions = {
lines = 40;
columns = 150;
};
};
};
home.sessionVariables = {
TERMINAL = "alacritty";
};
programs.fish = {
enable = true;
interactiveShellInit = ''
any-nix-shell fish --info-right | source
direnv hook fish | source
'';
loginShellInit = ''
direnv hook fish | source
'';
functions = {
ec = "emacsclient $argv";
ecc = "emacsclient -c $argv";
ecr = "emacsclient -r $argv";
ecrr = "emacsclient -r $argv";
};
};
programs.git = {
enable = true;
userName = "Tristan Druyen";
userEmail = "tristan@vault81.de";
aliases = {
ci = "commit";
co = "checkout";
s = "status";
};
extraConfig = {
user.signingkey = "/home/tristand/.ssh/id_ed25519";
commit.gpgsign = true;
gpg.format = "ssh";
};
};
programs.nix-index = {
enable = true;
enableFishIntegration = true;
};
programs.ssh = {
enable = true;
matchBlocks = {
"he3" = {
host = "he3";
hostname = "he3.vault81.de";
user = "root";
identityFile = "~/.ssh/id_hetz_ed25519";
};
"he2" = {
host = "he2";
hostname = "he2.vault81.de";
user = "root";
identityFile = "~/.ssh/id_v81_ed25519";
};
"desk-arch" = {
host = "desk-arch";
hostname = "tristan-desk-arch";
user = "tristand";
identityFile = "~/.ssh/id_v81_ed25519";
};
};
};
programs.gpg = {
enable = true;
};
services.gpg-agent = {
enable = true;
enableExtraSocket = true;
enableSshSupport = true;
};
services.lorri.enable = true;
services.emacs = {
enable = true;
defaultEditor = true;
package = pkgs.emacs-unstable-pgtk;
};
home.packages = with pkgs; [
any-nix-shell
atool
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
aspellDicts.de
binutils
cmake
direnv
fd
gnutls
gnumake
gcc
imagemagick
pandoc
libtool
(lib.mkIf (config.services.gpg-agent.enable)
pinentry_emacs)
(ripgrep.override {withPCRE2 = true;})
rnix-lsp
texlive.combined.scheme-full
zstd
];
}

212
home-mods/firefox/default.nix Normal file
View file

@ -0,0 +1,212 @@
{
config,
lib,
pkgs,
...
}: {
programs.firefox = {
enable = true;
profiles = {
default = {
isDefault = true;
settings = {
# Extensions are managed with Nix, so don't update.
"extensions.update.autoUpdateDefault" = false;
"extensions.update.enabled" = false;
# Sync
# "services.sync.username" = config.etu.user.email;
"services.sync.engine.addons" = false; # Do not sync extensions.
"general.autoScroll" = true; # Middle click to scroll
"browser.startup.page" = 3; # Restore previous windows and tabs.
# Privacy enhancements
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.newtabpage.activity-stream.feeds.snippets" = false;
"browser.newtabpage.activity-stream.feeds.section.topstories" = false;
"browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
"browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.feeds.discoverystreamfeed" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
# Improve performance
"gfx.webrender.all" = true;
# Do Not Track header
"privacy.donottrackheader.enabled" = true;
"privacy.donottrackheader.value" = 1;
# Enable userChrome customisations
# "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
};
extensions = with config.nur.repos.rycee.firefox-addons; [
bitwarden
clearurls
consent-o-matic
darkreader
localcdn
plasma-integration
privacy-badger
rust-search-extension
sidebery
skip-redirect
sponsorblock
tab-stash
ublock-origin
unpaywall
];
search = {
force = true;
default = "DuckDuckGo";
order = ["DuckDuckGo" "Nix Packages" "Nix Options" "NixOS Wiki"];
engines = {
"DuckDuckGo".metaData = {
alias = "@ddg";
};
"Nix Packages" = {
urls = [
{
template = "https://search.nixos.org/packages";
params = [
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "/run/current-system/sw/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"];
};
"Nix Options" = {
urls = [
{
template = "https://search.nixos.org/options";
params = [
{
name = "type";
value = "options";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "/run/current-system/sw/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@no"];
};
"Home-Manager Options" = {
urls = [
{
template = "https://mipmip.github.io/home-manager-option-search";
params = [
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "/run/current-system/sw/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@ho"];
};
"NixOS Wiki" = {
urls = [
{
template = "https://nixos.wiki/index.php?search={searchTerms}";
}
];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000;
definedAliases = ["@nw"];
};
"Bing".metaData.hidden = true;
"Amazon.de".metaData.hidden = true;
"Google".metaData = {
alias = "@g";
hidden = true;
};
};
};
bookmarks = [
{
toolbar = true;
bookmarks = [
{
name = "Home Manager";
url = "https://nixos.wiki/wiki/Home_Manager";
}
];
}
{
name = "wikipedia";
tags = ["wiki"];
keyword = "wiki";
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
}
{
name = "kernel.org";
url = "https://www.kernel.org";
}
{
name = "Nix sites";
bookmarks = [
{
name = "homepage";
url = "https://nixos.org/";
}
{
name = "wiki";
tags = ["wiki" "nix"];
url = "https://nixos.wiki/";
}
{
name = "Nix sites";
bookmarks = [
{
name = "homepage";
url = "https://nixos.org/";
}
{
name = "wiki";
url = "https://nixos.wiki/";
}
];
}
];
}
];
};
};
};
home.sessionVariables = {
BROWSER = "firefox";
MOZ_USE_XINPUT2 = "1";
MOZ_ENABLE_WAYLAND = "1";
};
}

0
plasma.nix → home-mods/plasma/default.nix
View file

41
home-mods/virt/default.nix Normal file
View file

@ -0,0 +1,41 @@
{
config,
lib,
pkgs,
...
}: {
dconf.settings = {
"org/virt-manager/virt-manager/connections" = {
autoconnect = ["qemu:///system"];
uris = ["qemu:///system"];
};
};
xdg.desktopEntries = {
win10 = {
name = "Win 10 VM";
type = "Application";
icon = "windows";
comment = "start the win10 vm";
exec = pkgs.lib.strings.concatStrings [
"bash -c \""
"virsh --connect=qemu:///system start win10; "
"virt-viewer -a -w -c qemu:///system win10 "
"&& virsh --connect=qemu:///system managedsave win10\""
];
};
win11 = {
name = "Win 11 VM";
type = "Application";
icon = "windows";
comment = "start the win11 vm";
exec = pkgs.lib.strings.concatStrings [
"bash -c \""
"virsh --connect=qemu:///system start win11; "
"virsh --connect=qemu:///system resume win11; "
"virt-viewer -a -w -c qemu:///system win11 "
"&& virsh --connect=qemu:///system managedsave win11\""
];
};
};
}

372
home.nix
View file

@ -11,356 +11,35 @@
wallpaperPath = "${wallpaper}/share/wallpapers/nixos-wallpaper.png";
in {
imports = [
./plasma.nix
./home-mods/dev
./home-mods/firefox
./home-mods/plasma
./home-mods/virt
];
dconf.settings = {
"org/virt-manager/virt-manager/connections" = {
autoconnect = ["qemu:///system"];
uris = ["qemu:///system"];
};
};
programs.alacritty = {
enable = true;
settings = {
window.opacity = 0.88;
window.dimensions = {
lines = 40;
columns = 150;
};
};
};
services.lorri.enable = true;
services.emacs = {
enable = true;
defaultEditor = true;
package = pkgs.emacs-unstable-pgtk;
};
programs.nix-index = {
enable = true;
enableFishIntegration = true;
};
programs.fish = {
enable = true;
interactiveShellInit = ''
any-nix-shell fish --info-right | source
direnv hook fish | source
'';
loginShellInit = ''
direnv hook fish | source
'';
functions = {
ec = "emacsclient $argv";
ecc = "emacsclient -c $argv";
ecr = "emacsclient -r $argv";
ecrr = "emacsclient -r $argv";
};
};
programs.firefox = {
enable = true;
profiles = {
default = {
isDefault = true;
settings = {
# Extensions are managed with Nix, so don't update.
"extensions.update.autoUpdateDefault" = false;
"extensions.update.enabled" = false;
# Sync
# "services.sync.username" = config.etu.user.email;
"services.sync.engine.addons" = false; # Do not sync extensions.
"general.autoScroll" = true; # Middle click to scroll
"browser.startup.page" = 3; # Restore previous windows and tabs.
# Privacy enhancements
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.newtabpage.activity-stream.feeds.snippets" = false;
"browser.newtabpage.activity-stream.feeds.section.topstories" = false;
"browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
"browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.feeds.discoverystreamfeed" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
# Improve performance
"gfx.webrender.all" = true;
# Do Not Track header
"privacy.donottrackheader.enabled" = true;
"privacy.donottrackheader.value" = 1;
# Enable userChrome customisations
# "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
};
extensions = with config.nur.repos.rycee.firefox-addons; [
bitwarden
clearurls
consent-o-matic
darkreader
localcdn
plasma-integration
privacy-badger
rust-search-extension
sidebery
skip-redirect
sponsorblock
tab-stash
ublock-origin
unpaywall
];
search = {
force = true;
default = "DuckDuckGo";
order = ["DuckDuckGo" "Nix Packages" "Nix Options" "NixOS Wiki"];
engines = {
"DuckDuckGo".metaData = {
alias = "@ddg";
};
"Nix Packages" = {
urls = [
{
template = "https://search.nixos.org/packages";
params = [
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "/run/current-system/sw/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"];
};
"Nix Options" = {
urls = [
{
template = "https://search.nixos.org/options";
params = [
{
name = "type";
value = "options";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "/run/current-system/sw/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@no"];
};
"Home-Manager Options" = {
urls = [
{
template = "https://mipmip.github.io/home-manager-option-search";
params = [
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "/run/current-system/sw/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@ho"];
};
"NixOS Wiki" = {
urls = [
{
template = "https://nixos.wiki/index.php?search={searchTerms}";
}
];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000;
definedAliases = ["@nw"];
};
"Bing".metaData.hidden = true;
"Amazon.de".metaData.hidden = true;
"Google".metaData = {
alias = "@g";
hidden = true;
};
};
};
bookmarks = [
{
toolbar = true;
bookmarks = [
{
name = "Home Manager";
url = "https://nixos.wiki/wiki/Home_Manager";
}
];
}
{
name = "wikipedia";
tags = ["wiki"];
keyword = "wiki";
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
}
{
name = "kernel.org";
url = "https://www.kernel.org";
}
{
name = "Nix sites";
bookmarks = [
{
name = "homepage";
url = "https://nixos.org/";
}
{
name = "wiki";
tags = ["wiki" "nix"];
url = "https://nixos.wiki/";
}
{
name = "Nix sites";
bookmarks = [
{
name = "homepage";
url = "https://nixos.org/";
}
{
name = "wiki";
url = "https://nixos.wiki/";
}
];
}
];
}
];
};
};
};
programs.git = {
enable = true;
userName = "Tristan Druyen";
userEmail = "tristan@vault81.de";
aliases = {
ci = "commit";
co = "checkout";
s = "status";
};
extraConfig = {
user.signingkey = "/home/tristand/.ssh/id_ed25519";
commit.gpgsign = true;
gpg.format = "ssh";
};
};
programs.ssh = {
enable = true;
matchBlocks = {
"he3" = {
host = "he3";
hostname = "he3.vault81.de";
user = "root";
identityFile = "~/.ssh/id_hetz_ed25519";
};
"he2" = {
host = "he2";
hostname = "he2.vault81.de";
user = "root";
identityFile = "~/.ssh/id_v81_ed25519";
};
"desk-arch" = {
host = "desk-arch";
hostname = "tristan-desk-arch";
user = "tristand";
identityFile = "~/.ssh/id_v81_ed25519";
};
};
};
programs.gpg = {
enable = true;
};
services.gpg-agent = {
enable = true;
enableExtraSocket = true;
enableSshSupport = true;
};
home.file.".background".source = wallpaperPath;
home.username = "tristand";
home.homeDirectory = "/home/tristand";
home.file.".background".source = wallpaperPath;
home.packages = with pkgs; [
any-nix-shell
cavalier
alejandra
atool
alacritty
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
aspellDicts.de
bitwarden
binutils
brave
btop
cmake
emacs-unstable-pgtk
firefox
cavalier
direnv
imagemagick
inkscape
jellyfin-media-player
kate
neofetch
nextcloud-client
onlyoffice-bin
kate
rcm
rustup
direnv
rust-motd
(ripgrep.override {withPCRE2 = true;})
gnutls
gnumake
gcc
pandoc
libtool
fd
imagemagick
pinentry-emacs
python311Full
zstd
rnix-lsp
texlive.combined.scheme-full
rustdesk
tutanota-desktop
signal-desktop
@ -371,38 +50,5 @@ in {
zellij
];
home.sessionVariables = {
BROWSER = "firefox";
TERMINAL = "alacritty";
};
xdg.desktopEntries = {
win10 = {
name = "Win 10 VM";
type = "Application";
icon = "windows";
comment = "start the win10 vm";
exec = pkgs.lib.strings.concatStrings [
"bash -c \""
"virsh --connect=qemu:///system start win10; "
"virt-viewer -a -w -c qemu:///system win10 "
"&& virsh --connect=qemu:///system managedsave win10\""
];
};
win11 = {
name = "Win 11 VM";
type = "Application";
icon = "windows";
comment = "start the win11 vm";
exec = pkgs.lib.strings.concatStrings [
"bash -c \""
"virsh --connect=qemu:///system start win11; "
"virsh --connect=qemu:///system resume win11; "
"virt-viewer -a -w -c qemu:///system win11 "
"&& virsh --connect=qemu:///system managedsave win11\""
];
};
};
home.stateVersion = "23.05";
}

33
os-mods/network/default.nix Normal file
View file

@ -0,0 +1,33 @@
{
config,
lib,
pkgs,
...
}: {
networking.networkmanager.enable = true;
networking.nameservers = [
"45.90.28.0#921984.dns.nextdns.io"
"45.90.30.0#921984.dns.nextdns.io"
"2a07:a8c0::#921984.dns.nextdns.io"
"2a07:a8c1::#921984.dns.nextdns.io"
];
services.resolved = {
enable = true;
dnssec = "true";
domains = ["~."];
fallbackDns = ["1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one"];
extraConfig = ''
DNSOverTLS=yes
'';
};
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
};
services.mozillavpn = {
enable = true;
};
}

45
os-mods/virt/default.nix Normal file
View file

@ -0,0 +1,45 @@
{
config,
lib,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
virtiofsd
virt-manager
virt-viewer
virt-top
];
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
};
virtualisation.libvirtd = {
enable = true;
onShutdown = "suspend";
onBoot = "ignore";
qemu = {
package = pkgs.qemu_kvm;
ovmf.enable = true;
ovmf.packages = [pkgs.OVMFFull.fd];
swtpm.enable = true;
runAsRoot = false;
};
};
# virtualisation.libvirtd.allowedBridges = [
# "virbr0"
# "testbr0"
# ];
# networking.bridges = {
# testbr0 = {
# interfaces = [
# "enp5s0f4u1u1c2"
# ];
# };
# };
}