BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

desktop-2024-11-02-18-22-53

Browse Source
This commit is contained in:
Alexander Szczepanski
2024-11-02 18:22:53 +01:00
parent 1a09797f50
commit 0a0324c40e
7 changed files with 84 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
configs/browser.nix
View File

@ -2,13 +2,12 @@
{
programs.firefox = {
enable = true;
nativeMessagingHosts.packages = with pkgs; [ uget-integrator ];
# nativeMessagingHosts.packages = with pkgs; [ uget-integrator ];
};
environment.systemPackages = with pkgs; [
uget
# uget
brave
# firefox
librewolf
tor-browser-bundle-bin
];

1
configs/user-gui.nix
View File

@ -66,7 +66,6 @@
];
home-manager.users.alex = { pkgs, ... }: {
# services = { syncthing = { enable = true; }; };
programs = {
vscode = {
enable = true;

1
configs/user.nix
View File

@ -30,7 +30,6 @@ in
users.alex = {
isNormalUser = true;
uid = 1000;
# hashedPassword = secrets.hashedPassword;
hashedPasswordFile = config.sops.secrets.hashedPassword.path;
extraGroups = [
"wheel"

26
configs/virtualisation.nix
View File

@ -2,36 +2,10 @@
{
users.extraGroups.vboxusers.members = [ "alex" ];
# "libvirtd"
# "qemu-libvirtd"
# "kvm"
virtualisation = {
virtualbox.host = {
enable = true;
enableExtensionPack = true;
};
vmware.host.enable = true;
# libvirtd = {
# enable = true;
# qemu = {
# package = pkgs.qemu_kvm;
# swtpm.enable = true;
# ovmf = {
# enable = true;
# packages = [
# (pkgs.OVMF.override {
# secureBoot = true;
# tpmSupport = true;
# }).fd
# ];
# };
# };
# };
# spiceUSBRedirection.enable = true;
};
# environment.systemPackages = with pkgs; [ proot virtiofsd ];
}

30
flake.lock generated
View File

@ -8,11 +8,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1730390431,
"narHash": "sha256-M+rMhDB69Y35IlhmAMN4ErDige+wKPwhb6HDqpF14Rw=",
"lastModified": 1730555728,
"narHash": "sha256-jBr4WUPat+R/79DBdk85hKyqDfoJII4Z+V+GoevYNDY=",
"owner": "chaotic-cx",
"repo": "nyx",
"rev": "40388a7427ee32af175c5169ae7587ffd2dec125",
"rev": "e734744bc2e9ca9aa577555bf028c5ea51eb5f77",
"type": "github"
},
"original": {
@ -102,11 +102,11 @@
]
},
"locked": {
"lastModified": 1730450782,
"narHash": "sha256-0AfApF8aexgB6o34qqLW2cCX4LaWJajBVdU6ddiWZBM=",
"lastModified": 1730490306,
"narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8ca921e5a806b5b6171add542defe7bdac79d189",
"rev": "1743615b61c7285976f85b303a36cdf88a556503",
"type": "github"
},
"original": {
@ -161,11 +161,11 @@
"utils": "utils"
},
"locked": {
"lastModified": 1730399394,
"narHash": "sha256-ryBNcIi3X3YPc7hsTLYzp13NFsnp/i+v+stWjB8fryk=",
"lastModified": 1730468752,
"narHash": "sha256-PixWHyqvcwst38jnOunWe/WjwlZ5R327zR/C+e0slAA=",
"owner": "taj-ny",
"repo": "kwin-effects-forceblur",
"rev": "9100b4f6fb7c81b66fd773f7943ad6a51371a496",
"rev": "411567be19109495f9afe56a2ccf404be0599d86",
"type": "github"
},
"original": {
@ -199,11 +199,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1730368399,
"narHash": "sha256-F8vJtG389i9fp3k2/UDYHMed3PLCJYfxCqwiVP7b9ig=",
"lastModified": 1730537918,
"narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "da14839ac5f38ee6adbdb4e6db09b5eef6d6ccdc",
"rev": "f6e0cd5c47d150c4718199084e5764f968f1b560",
"type": "github"
},
"original": {
@ -331,11 +331,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {

85
machine/desktop/configuration.nix
View File

@ -52,8 +52,8 @@ in
defaultSopsFile = ../../secrets.yaml;
validateSopsFiles = true;
age = {
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
keyFile = "/var/lib/sops-nix/key.txt";
sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
keyFile = "/persist/var/lib/sops-nix/key.txt";
generateKey = true;
};
@ -76,12 +76,20 @@ in
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver2"
"gccarch-znver3"
];
trusted-substituters = [ "https://ai.cachix.org" ];
trusted-public-keys = [ "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" ];
};
chaotic.nyx.cache.enable = false;
# nixpkgs.localSystem = {
# gcc.arch = "znver3";
# gcc.tune = "znver3";
# system = "x86_64-linux";
# };
boot = {
loader = {
grub = {
@ -96,9 +104,9 @@ in
tmp.useTmpfs = false;
supportedFilesystems = [ "btrfs" ];
kernelPackages = pkgs.pkgs.linuxPackages_cachyos-rc;
kernelPackages = pkgs.pkgs.linuxPackages_cachyos;
kernelModules = [ "nct6775" ];
extraModulePackages = with pkgs.pkgs.linuxPackages_cachyos-rc; [ ryzen-smu ];
extraModulePackages = with pkgs.pkgs.linuxPackages_cachyos; [ ryzen-smu ];
# kernelParams = [ "clearcpuid=514" ];
# kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ];
# kernelPatches = [{
@ -157,31 +165,6 @@ in
};
};
environment.persistence."/persist" = {
directories = [
"/etc/coolercontrol"
"/etc/NetworkManager/system-connections"
"/etc/nixos"
"/var/lib/bluetooth"
"/var/lib/docker"
"/var/lib/nixos"
"/var/lib/samba"
# "/var/lib/sddm"
"/var/lib/systemd/rfkill"
"/var/lib/tailscale"
"/var/lib/tuptime"
"/var/lib/vnstat"
];
files = [
# "/etc/machine-id"
"/etc/NIXOS"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
systemd.services = {
monitor = {
description = "AMDGPU Control Daemon";
@ -198,7 +181,8 @@ in
time.timeZone = "Europe/Berlin";
environment.systemPackages = with pkgs; [
environment = {
systemPackages = with pkgs; [
inputs.kwin-effects-forceblur.packages.${pkgs.system}.default
lact
amdgpu_top
@ -222,6 +206,31 @@ in
jdk
];
persistence."/persist" = {
directories = [
"/etc/coolercontrol"
"/etc/NetworkManager/system-connections"
"/etc/nixos"
"/var/lib/bluetooth"
"/var/lib/docker"
"/var/lib/nixos"
"/var/lib/samba"
"/var/lib/sddm"
"/var/lib/systemd/rfkill"
"/var/lib/tailscale"
"/var/lib/tuptime"
"/var/lib/vnstat"
];
files = [
# "/etc/machine-id"
"/etc/NIXOS"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
};
hardware = {
keyboard.qmk.enable = true;
@ -354,14 +363,14 @@ in
};
security = {
rtkit.enable = true;
apparmor.enable = true;
# rtkit.enable = true;
# apparmor.enable = true;
auditd.enable = true;
audit.enable = true;
audit.rules = [
"-a exit,always -F arch=b64 -S execve"
];
# auditd.enable = true;
# audit.enable = true;
# audit.rules = [
# "-a exit,always -F arch=b64 -S execve"
# ];
sudo.extraConfig = ''
# rollback results in sudo lectures after each reboot

2
machine/desktop/hardware-configuration.nix
View File

@ -57,6 +57,6 @@
swapDevices = [{ device = "/dev/disk/by-uuid/831be7b8-5b1b-4bda-a27d-5a1c4efb2c4d"; }];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
# nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}