BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

desktop-2024-11-02-18-22-53

Browse Source
This commit is contained in:
Alexander Szczepanski
2024-11-02 18:22:53 +01:00
parent 1a09797f50
commit 0a0324c40e
7 changed files with 84 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
configs/browser.nix
View File

@ -2,13 +2,12 @@
{ {
programs.firefox = { programs.firefox = {
enable = true; enable = true;
nativeMessagingHosts.packages = with pkgs; [ uget-integrator ]; # nativeMessagingHosts.packages = with pkgs; [ uget-integrator ];
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
uget # uget
brave brave
# firefox
librewolf librewolf
tor-browser-bundle-bin tor-browser-bundle-bin
]; ];

1
configs/user-gui.nix
View File

@ -66,7 +66,6 @@
]; ];
home-manager.users.alex = { pkgs, ... }: { home-manager.users.alex = { pkgs, ... }: {
# services = { syncthing = { enable = true; }; };
programs = { programs = {
vscode = { vscode = {
enable = true; enable = true;

1
configs/user.nix
View File

@ -30,7 +30,6 @@ in
users.alex = { users.alex = {
isNormalUser = true; isNormalUser = true;
uid = 1000; uid = 1000;
# hashedPassword = secrets.hashedPassword;
hashedPasswordFile = config.sops.secrets.hashedPassword.path; hashedPasswordFile = config.sops.secrets.hashedPassword.path;
extraGroups = [ extraGroups = [
"wheel" "wheel"

26
configs/virtualisation.nix
View File

@ -2,36 +2,10 @@
{ {
users.extraGroups.vboxusers.members = [ "alex" ]; users.extraGroups.vboxusers.members = [ "alex" ];
# "libvirtd"
# "qemu-libvirtd"
# "kvm"
virtualisation = { virtualisation = {
virtualbox.host = { virtualbox.host = {
enable = true; enable = true;
enableExtensionPack = true; enableExtensionPack = true;
}; };
vmware.host.enable = true;
# libvirtd = {
# enable = true;
# qemu = {
# package = pkgs.qemu_kvm;
# swtpm.enable = true;
# ovmf = {
# enable = true;
# packages = [
# (pkgs.OVMF.override {
# secureBoot = true;
# tpmSupport = true;
# }).fd
# ];
# };
# };
# };
# spiceUSBRedirection.enable = true;
}; };
# environment.systemPackages = with pkgs; [ proot virtiofsd ];
} }

30
flake.lock generated
View File

@ -8,11 +8,11 @@
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1730390431, "lastModified": 1730555728,
"narHash": "sha256-M+rMhDB69Y35IlhmAMN4ErDige+wKPwhb6HDqpF14Rw=", "narHash": "sha256-jBr4WUPat+R/79DBdk85hKyqDfoJII4Z+V+GoevYNDY=",
"owner": "chaotic-cx", "owner": "chaotic-cx",
"repo": "nyx", "repo": "nyx",
"rev": "40388a7427ee32af175c5169ae7587ffd2dec125", "rev": "e734744bc2e9ca9aa577555bf028c5ea51eb5f77",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -102,11 +102,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730450782, "lastModified": 1730490306,
"narHash": "sha256-0AfApF8aexgB6o34qqLW2cCX4LaWJajBVdU6ddiWZBM=", "narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "8ca921e5a806b5b6171add542defe7bdac79d189", "rev": "1743615b61c7285976f85b303a36cdf88a556503",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -161,11 +161,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1730399394, "lastModified": 1730468752,
"narHash": "sha256-ryBNcIi3X3YPc7hsTLYzp13NFsnp/i+v+stWjB8fryk=", "narHash": "sha256-PixWHyqvcwst38jnOunWe/WjwlZ5R327zR/C+e0slAA=",
"owner": "taj-ny", "owner": "taj-ny",
"repo": "kwin-effects-forceblur", "repo": "kwin-effects-forceblur",
"rev": "9100b4f6fb7c81b66fd773f7943ad6a51371a496", "rev": "411567be19109495f9afe56a2ccf404be0599d86",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -199,11 +199,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1730368399, "lastModified": 1730537918,
"narHash": "sha256-F8vJtG389i9fp3k2/UDYHMed3PLCJYfxCqwiVP7b9ig=", "narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "da14839ac5f38ee6adbdb4e6db09b5eef6d6ccdc", "rev": "f6e0cd5c47d150c4718199084e5764f968f1b560",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -331,11 +331,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1726560853,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github" "type": "github"
}, },
"original": { "original": {

123
machine/desktop/configuration.nix
View File

@ -52,8 +52,8 @@ in
defaultSopsFile = ../../secrets.yaml; defaultSopsFile = ../../secrets.yaml;
validateSopsFiles = true; validateSopsFiles = true;
age = { age = {
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
keyFile = "/var/lib/sops-nix/key.txt"; keyFile = "/persist/var/lib/sops-nix/key.txt";
generateKey = true; generateKey = true;
}; };
@ -76,12 +76,20 @@ in
"benchmark" "benchmark"
"big-parallel" "big-parallel"
"kvm" "kvm"
"gccarch-znver2" "gccarch-znver3"
]; ];
trusted-substituters = [ "https://ai.cachix.org" ]; trusted-substituters = [ "https://ai.cachix.org" ];
trusted-public-keys = [ "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" ]; trusted-public-keys = [ "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" ];
}; };
chaotic.nyx.cache.enable = false;
# nixpkgs.localSystem = {
# gcc.arch = "znver3";
# gcc.tune = "znver3";
# system = "x86_64-linux";
# };
boot = { boot = {
loader = { loader = {
grub = { grub = {
@ -96,9 +104,9 @@ in
tmp.useTmpfs = false; tmp.useTmpfs = false;
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];
kernelPackages = pkgs.pkgs.linuxPackages_cachyos-rc; kernelPackages = pkgs.pkgs.linuxPackages_cachyos;
kernelModules = [ "nct6775" ]; kernelModules = [ "nct6775" ];
extraModulePackages = with pkgs.pkgs.linuxPackages_cachyos-rc; [ ryzen-smu ]; extraModulePackages = with pkgs.pkgs.linuxPackages_cachyos; [ ryzen-smu ];
# kernelParams = [ "clearcpuid=514" ]; # kernelParams = [ "clearcpuid=514" ];
# kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ]; # kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ];
# kernelPatches = [{ # kernelPatches = [{
@ -157,31 +165,6 @@ in
}; };
}; };
environment.persistence."/persist" = {
directories = [
"/etc/coolercontrol"
"/etc/NetworkManager/system-connections"
"/etc/nixos"
"/var/lib/bluetooth"
"/var/lib/docker"
"/var/lib/nixos"
"/var/lib/samba"
# "/var/lib/sddm"
"/var/lib/systemd/rfkill"
"/var/lib/tailscale"
"/var/lib/tuptime"
"/var/lib/vnstat"
];
files = [
# "/etc/machine-id"
"/etc/NIXOS"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
systemd.services = { systemd.services = {
monitor = { monitor = {
description = "AMDGPU Control Daemon"; description = "AMDGPU Control Daemon";
@ -198,30 +181,56 @@ in
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
environment.systemPackages = with pkgs; [ environment = {
inputs.kwin-effects-forceblur.packages.${pkgs.system}.default systemPackages = with pkgs; [
lact inputs.kwin-effects-forceblur.packages.${pkgs.system}.default
amdgpu_top lact
amdgpu_top
python3 python3
python311Packages.tkinter python311Packages.tkinter
snapraid snapraid
mergerfs mergerfs
gimp gimp
clinfo clinfo
gparted gparted
mission-center mission-center
resources resources
stressapptest stressapptest
ryzen-monitor-ng ryzen-monitor-ng
qdiskinfo qdiskinfo
# fan2go # fan2go
# unigine-superposition # unigine-superposition
jdk jdk
]; ];
persistence."/persist" = {
directories = [
"/etc/coolercontrol"
"/etc/NetworkManager/system-connections"
"/etc/nixos"
"/var/lib/bluetooth"
"/var/lib/docker"
"/var/lib/nixos"
"/var/lib/samba"
"/var/lib/sddm"
"/var/lib/systemd/rfkill"
"/var/lib/tailscale"
"/var/lib/tuptime"
"/var/lib/vnstat"
];
files = [
# "/etc/machine-id"
"/etc/NIXOS"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
};
hardware = { hardware = {
keyboard.qmk.enable = true; keyboard.qmk.enable = true;
@ -354,14 +363,14 @@ in
}; };
security = { security = {
rtkit.enable = true; # rtkit.enable = true;
apparmor.enable = true; # apparmor.enable = true;
auditd.enable = true; # auditd.enable = true;
audit.enable = true; # audit.enable = true;
audit.rules = [ # audit.rules = [
"-a exit,always -F arch=b64 -S execve" # "-a exit,always -F arch=b64 -S execve"
]; # ];
sudo.extraConfig = '' sudo.extraConfig = ''
# rollback results in sudo lectures after each reboot # rollback results in sudo lectures after each reboot

2
machine/desktop/hardware-configuration.nix
View File

@ -57,6 +57,6 @@
swapDevices = [{ device = "/dev/disk/by-uuid/831be7b8-5b1b-4bda-a27d-5a1c4efb2c4d"; }]; swapDevices = [{ device = "/dev/disk/by-uuid/831be7b8-5b1b-4bda-a27d-5a1c4efb2c4d"; }];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; # nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }