BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

some adjustments

Browse Source
This commit is contained in:
Alexander Szczepanski
2021-11-08 14:23:12 +01:00
parent 944acf586f
commit 2bdb4244b3
14 changed files with 215 additions and 225 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
configs/bspwm.nix
View File

@ -18,14 +18,13 @@ in
}; };
defaultSession = "xsession"; defaultSession = "xsession";
session = [{ session = [{
manage = "desktop"; manage = "desktop";
name = "xsession"; name = "xsession";
start = ''exec $HOME/.xsession''; start = ''exec $HOME/.xsession'';
}]; }];
}; };
desktopManager = { desktopManager = {
gnome.enable = true;
xfce = { xfce = {
enable = true; enable = true;
noDesktop = true; noDesktop = true;
@ -41,7 +40,7 @@ in
}; };
home-manager.users.alex = { pkgs, ... }: { home-manager.users.alex = { pkgs, ... }: {
services = { services = {
# picom = { # picom = {
# enable = true; # enable = true;
# blur = true; # blur = true;
@ -127,7 +126,7 @@ in
bspc query -N -n "focused.$\{layer\}" && layer=below; \ bspc query -N -n "focused.$\{layer\}" && layer=below; \
bspc node -l "$layer"''; bspc node -l "$layer"'';
"super + {s,f,k}" = "super + {s,f,k}" =
''state={floating,fullscreen,pseudo_tiled}; \ ''state={floating,fullscreen,pseudo_tiled}; \
bspc query -N -n "focused.$\{state\}" && state=tiled; \ bspc query -N -n "focused.$\{state\}" && state=tiled; \
bspc node -t "$state" ''; bspc node -t "$state" '';
"super + alt + {Left,Down,Up,Right}" = "bspc node -p {west,south,north,east}"; "super + alt + {Left,Down,Up,Right}" = "bspc node -p {west,south,north,east}";
@ -166,52 +165,52 @@ in
flameshot.enable = true; flameshot.enable = true;
}; };
xsession = { xsession = {
enable = true; enable = true;
pointerCursor = { pointerCursor = {
defaultCursor = "left_ptr"; defaultCursor = "left_ptr";
name = "elementary"; name = "elementary";
package = pkgs.pantheon.elementary-icon-theme; package = pkgs.pantheon.elementary-icon-theme;
}; };
windowManager = { windowManager = {
command = pkgs.lib.mkForce '' command = pkgs.lib.mkForce ''
${pkgs.bspwm}/bin/bspwm -c ~/.config/bspwm/bspwmrc & ${pkgs.bspwm}/bin/bspwm -c ~/.config/bspwm/bspwmrc &
${pkgs.xfce.xfce4-session}/bin/xfce4-session ${pkgs.xfce.xfce4-session}/bin/xfce4-session
''; '';
bspwm = { bspwm = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''
bspc wm --adopt-orphans bspc wm --adopt-orphans
node /home/alex/Sync/windows.js
bspc subscribe monitor_add monitor_remove| while read -r a event; do
node /home/alex/Sync/windows.js node /home/alex/Sync/windows.js
done & bspc subscribe monitor_add monitor_remove| while read -r a event; do
''; node /home/alex/Sync/windows.js
settings = { done &
border_width = 4; '';
window_gap = 5; settings = {
top_padding = 0; border_width = 4;
left_padding = 0; window_gap = 5;
right_padding = 0; top_padding = 0;
bottom_padding = 0; left_padding = 0;
split_ratio = 0.50; right_padding = 0;
borderless_monocle = true; bottom_padding = 0;
single_monocle = true; split_ratio = 0.50;
gapless_monocle = true; borderless_monocle = true;
focus_follows_pointer = true; single_monocle = true;
pointer_follows_monitor = true; gapless_monocle = true;
pointer_follows_focus = false; focus_follows_pointer = true;
center_pseudo_tiled = true; pointer_follows_monitor = true;
automatic_scheme = "alternate"; pointer_follows_focus = false;
remove_unplugged_monitors = true; center_pseudo_tiled = true;
remove_disabled_monitors = true; automatic_scheme = "alternate";
normal_border_color = "#333333"; remove_unplugged_monitors = true;
focused_border_color = "#666666"; remove_disabled_monitors = true;
presel_feedback_color = "#000000"; normal_border_color = "#333333";
}; focused_border_color = "#666666";
}; presel_feedback_color = "#000000";
}; };
}; };
};
};
}; };
} }

27
configs/common.nix
View File

@ -18,10 +18,14 @@ in
nextdns = { nextdns = {
enable = true; enable = true;
arguments = [ arguments = [
"-config" secrets.nextdnshash "-config"
"-cache-size" "10MB" secrets.nextdnshash
"-listen" "127.0.0.1:53" "-cache-size"
"-forwarder" secrets.nextdnsforwarder "10MB"
"-listen"
"127.0.0.1:53"
"-forwarder"
secrets.nextdnsforwarder
"-report-client-info" "-report-client-info"
]; ];
}; };
@ -34,13 +38,14 @@ in
networking = { networking = {
nameservers = [ "127.0.0.1" "::1" ]; nameservers = [ "127.0.0.1" "::1" ];
hosts = { hosts = {
"2.56.97.114" = ["szczepan.ski"]; "2.56.97.114" = [ "old-vps" ];
"10.100.0.1" = ["vps.wg"]; "207.180.220.97" = [ "szczepan.ski" ];
"10.100.0.2" = ["desktop.wg"]; "10.100.0.1" = [ "vps.wg" ];
"10.100.0.3" = ["mini.wg"]; "10.100.0.2" = [ "desktop.wg" ];
"192.168.0.24" = ["mini.lan"]; "10.100.0.3" = [ "mini.wg" ];
"192.168.0.100" = ["homeserver.lan"]; "192.168.0.24" = [ "mini.lan" ];
"192.168.0.150" = ["desktop.lan"]; "192.168.0.100" = [ "homeserver.lan" ];
"192.168.0.150" = [ "desktop.lan" ];
}; };
# If using dhcpcd: # If using dhcpcd:
dhcpcd.extraConfig = "nohook resolv.conf"; dhcpcd.extraConfig = "nohook resolv.conf";

6
configs/gui.nix
View File

@ -70,9 +70,9 @@ in
"UrlKeyedAnonymizedDataCollectionEnabled" = false; "UrlKeyedAnonymizedDataCollectionEnabled" = false;
"SpellcheckEnabled" = true; "SpellcheckEnabled" = true;
"SpellcheckLanguage" = [ "SpellcheckLanguage" = [
"de" "de"
"en-US" "en-US"
]; ];
"CloudPrintSubmitEnabled" = false; "CloudPrintSubmitEnabled" = false;
}; };
}; };

6
configs/sway.nix
View File

@ -16,7 +16,7 @@ in
grim grim
slurp slurp
wl-clipboard wl-clipboard
(python38.withPackages(ps: with ps; [ i3pystatus keyring ])) (python38.withPackages (ps: with ps; [ i3pystatus keyring ]))
]; ];
extraSessionCommands = '' extraSessionCommands = ''
export SDL_VIDEODRIVER=wayland export SDL_VIDEODRIVER=wayland
@ -40,12 +40,12 @@ in
description = "Kanshi output autoconfig "; description = "Kanshi output autoconfig ";
wantedBy = [ "graphical-session.target" ]; wantedBy = [ "graphical-session.target" ];
partOf = [ "graphical-session.target" ]; partOf = [ "graphical-session.target" ];
environment = { XDG_CONFIG_HOME="/home/alex/.config"; }; environment = { XDG_CONFIG_HOME = "/home/alex/.config"; };
serviceConfig = { serviceConfig = {
# kanshi doesn't have an option to specifiy config file yet, so it looks # kanshi doesn't have an option to specifiy config file yet, so it looks
# at .config/kanshi/config # at .config/kanshi/config
ExecStart = '' ExecStart = ''
${pkgs.kanshi}/bin/kanshi ${pkgs.kanshi}/bin/kanshi
''; '';
RestartSec = 5; RestartSec = 5;
Restart = "always"; Restart = "always";

4
configs/user-gui-applications.nix
View File

@ -21,13 +21,9 @@ in
gnome.cheese gnome.cheese
homebank homebank
insomnia insomnia
jellyfin-media-player
jellyfin-mpv-shim
kdenlive kdenlive
keepassxc
libreoffice libreoffice
lutris lutris
lxrandr
mangohud mangohud
meld meld
obs-studio obs-studio

44
configs/user-gui.nix
View File

@ -1,7 +1,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let unstable = import <nixos-unstable> { config.allowUnfree = true; }; let unstable = import <nixos-unstable> { config.allowUnfree = true; };
in { in
{
imports = [ <home-manager/nixos> ]; imports = [ <home-manager/nixos> ];
home-manager.users.alex = { pkgs, ... }: { home-manager.users.alex = { pkgs, ... }: {
@ -33,6 +34,12 @@ in {
}; };
}; };
services = {
syncthing = {
enable = true;
};
};
gtk = { gtk = {
enable = true; enable = true;
font = { font = {
@ -75,42 +82,21 @@ in {
jnoortheen.nix-ide jnoortheen.nix-ide
brettm12345.nixfmt-vscode brettm12345.nixfmt-vscode
]; ];
# userSettings = {
# #"terminal.integrated.fontFamily" = "Hack";
# "workbench.colorTheme" = "Hyper Term Black";
# "window.titleBarStyle" = "custom";
# };
}; };
rofi = { rofi = {
enable = true; enable = true;
lines = 10;
borderWidth = 2;
scrollbar = false;
padding = 50;
font = "Liberation Sans Regular 20"; font = "Liberation Sans Regular 20";
separator = "solid";
colors = {
window = {
background = "#dd000000";
border = "#a6a6a6";
separator = "#a6a6a6";
};
rows = {
normal = {
background = "#00000000";
foreground = "#a6a6a6";
backgroundAlt = "#00000000";
highlight = {
background = "#a6a6a6";
foreground = "#000000";
};
};
};
};
extraConfig = { extraConfig = {
modi = "drun,window"; modi = "drun,window";
show-icons = true; show-icons = true;
color-normal = "#00000000, #a6a6a6, #00000000, #a6a6a6, #000000";
color-window = "#dd000000, #a6a6a6, #a6a6a6";
separator-style = "solid";
padding = 50;
lines = 10;
borderWidth = 2;
hide-scrollbar = true;
}; };
}; };

64
configs/user.nix
View File

@ -11,7 +11,7 @@ in
users.alex = { users.alex = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "docker" "networkmanager" "libvirtd" "lp" "scanner" "adbusers" ]; extraGroups = [ "wheel" "docker" "networkmanager" "libvirtd" "kvm" "lp" "scanner" "adbusers" ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPSzeNjfkz7/B/18TcJxxmNFUhvTKoieBcexdzebWH7oncvyBXNRJp8vAqSIVFLzz5UUFQNFuilggs8/N48U84acmFOxlbUmxlkf8KZgeB/G6uQ8ncQh6M1HNNPH+9apTURgfctr7eEZe9seLIEBISQLXB2Sf3F1ogfDj25S8kH9RM4wM1/jDFK5IecWHScKxwQPmCoXeGE1LEJq6nkQLXMDsWhSihtWouaTxSR0p7/wp/Rqt/hzLEWj8e3+qLMc5JrrdaWksupUCysme7CnSfGSzNUv9RKiRCTFofYPT9tbRn5JzdpQ55v22S6OvmmXUHjST1MOzI8MpVPZCCqd/ZQ1E+gErFiMwjG4sn/xxdPK9/jbQaXMjLklbKtR+C5090Ew2u2kj78jqGk/8COhF1MXh/9qjcG+C51uD1AS9d410kfjPwkaUt4U2KktDMQ942nWywrvIWM0Gt2kgDLYotsy/70q/aTJ8bvaCoWoDOGmpWcyNNBalz4OYYGI2Z0WHrVTs0FpzSk/XeQz0OLkmueoh5GDGd8zrfO6Nf5LWI17aWGRePTpQP5mJIg6jC3j8/QVrthEP6QyIIkZsnfsmvSiMWVfXqEy1BxVlu3T6aLffaj679KCsxY+mx5mTH2hwd4ZdbSI4F0GCIt+WGaFhHs2V3ZQitoEZuraRPEc4HGw== alexander@szczepan.ski" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPSzeNjfkz7/B/18TcJxxmNFUhvTKoieBcexdzebWH7oncvyBXNRJp8vAqSIVFLzz5UUFQNFuilggs8/N48U84acmFOxlbUmxlkf8KZgeB/G6uQ8ncQh6M1HNNPH+9apTURgfctr7eEZe9seLIEBISQLXB2Sf3F1ogfDj25S8kH9RM4wM1/jDFK5IecWHScKxwQPmCoXeGE1LEJq6nkQLXMDsWhSihtWouaTxSR0p7/wp/Rqt/hzLEWj8e3+qLMc5JrrdaWksupUCysme7CnSfGSzNUv9RKiRCTFofYPT9tbRn5JzdpQ55v22S6OvmmXUHjST1MOzI8MpVPZCCqd/ZQ1E+gErFiMwjG4sn/xxdPK9/jbQaXMjLklbKtR+C5090Ew2u2kj78jqGk/8COhF1MXh/9qjcG+C51uD1AS9d410kfjPwkaUt4U2KktDMQ942nWywrvIWM0Gt2kgDLYotsy/70q/aTJ8bvaCoWoDOGmpWcyNNBalz4OYYGI2Z0WHrVTs0FpzSk/XeQz0OLkmueoh5GDGd8zrfO6Nf5LWI17aWGRePTpQP5mJIg6jC3j8/QVrthEP6QyIIkZsnfsmvSiMWVfXqEy1BxVlu3T6aLffaj679KCsxY+mx5mTH2hwd4ZdbSI4F0GCIt+WGaFhHs2V3ZQitoEZuraRPEc4HGw== alexander@szczepan.ski"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIsOYaj6+akcgTQPvm0/htYgO5z+PR1TJRxCnbRNI/ucqvcC6/eTzPU7tKG+UJtkfy30NSnwu/k9aENyb5zYLVoDHngOzH8DLl93B2nHgwUiLpv7kFXOhvD1jsA5RsryeumaL7YbtlePrso+FEJkUez8mncAjG4t9U/MifkTbujjS5AP35NONH01fQWKvivnqw4T0dq36e0J0YF/zcb1mQovt3dw7+NE0A6OwNGAElRNwVh619jL9g0TJBi3Ge8LASsHBildzTlNVHzIwdDzRdAvsoAXjYF42fjHSQXZJv5P5eJcT7JEt7x+yVWzTnk/K6/dtKi6kewbp/srUGSsVLP6x+o6QTQ5rYKoBRsM/3bfqG0PwijfDXEdn7bQn6+7PcnMhVi5wJppUeEOt0SbRBDSa3ewzTWjjESPW03b/oIlNrnDhk5UJmF5jlfxz9HHP73lqEpcNhEAiZMLbfvnwtufS/wYnZXz44i8rVEiNMfIOS2VIM74aNloPTvkq0Ek0GzTT6H4wQy7VbRgSOaW+XN5TSOEqtfZ0TpmYNrpskVx5yDrbOOArmULICGLlexed8fsFZX8P1ouTg96pM5Kr47HZsdEZzS8DKuDx8EP50ORYKbN6Kyb+f0FcMEfD1RQV+IECKnnFUyoozFjE0aV+ROjAKoDmyWdU2lpOPA8kRBw== alex@desktop" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIsOYaj6+akcgTQPvm0/htYgO5z+PR1TJRxCnbRNI/ucqvcC6/eTzPU7tKG+UJtkfy30NSnwu/k9aENyb5zYLVoDHngOzH8DLl93B2nHgwUiLpv7kFXOhvD1jsA5RsryeumaL7YbtlePrso+FEJkUez8mncAjG4t9U/MifkTbujjS5AP35NONH01fQWKvivnqw4T0dq36e0J0YF/zcb1mQovt3dw7+NE0A6OwNGAElRNwVh619jL9g0TJBi3Ge8LASsHBildzTlNVHzIwdDzRdAvsoAXjYF42fjHSQXZJv5P5eJcT7JEt7x+yVWzTnk/K6/dtKi6kewbp/srUGSsVLP6x+o6QTQ5rYKoBRsM/3bfqG0PwijfDXEdn7bQn6+7PcnMhVi5wJppUeEOt0SbRBDSa3ewzTWjjESPW03b/oIlNrnDhk5UJmF5jlfxz9HHP73lqEpcNhEAiZMLbfvnwtufS/wYnZXz44i8rVEiNMfIOS2VIM74aNloPTvkq0Ek0GzTT6H4wQy7VbRgSOaW+XN5TSOEqtfZ0TpmYNrpskVx5yDrbOOArmULICGLlexed8fsFZX8P1ouTg96pM5Kr47HZsdEZzS8DKuDx8EP50ORYKbN6Kyb+f0FcMEfD1RQV+IECKnnFUyoozFjE0aV+ROjAKoDmyWdU2lpOPA8kRBw== alex@desktop"
@ -50,12 +50,6 @@ in
]; ];
}; };
services = {
syncthing = {
enable = true;
};
};
programs = { programs = {
ssh = { ssh = {
enable = true; enable = true;
@ -63,34 +57,38 @@ in
serverAliveInterval = 60; serverAliveInterval = 60;
forwardAgent = true; forwardAgent = true;
matchBlocks."szczepan.ski" = { matchBlocks."old-vps" = {
hostname = "szczepan.ski"; hostname = "2.56.97.114";
localForwards = [ { localForwards = [{
bind.address = "127.0.0.1"; bind.address = "127.0.0.1";
bind.port = 8386; bind.port = 8386;
host.address = "127.0.0.1"; host.address = "127.0.0.1";
host.port = 8384; host.port = 8384;
} { }
bind.address = "127.0.0.1"; {
bind.port = 9092; bind.address = "127.0.0.1";
host.address = "127.0.0.1"; bind.port = 9092;
host.port = 9091; host.address = "127.0.0.1";
}]; host.port = 9091;
}];
}; };
matchBlocks."new-vps" = { matchBlocks."szczepan.ski" = {
hostname = "207.180.220.97"; hostname = "207.180.220.97";
localForwards = [ { localForwards = [
bind.address = "127.0.0.1"; {
bind.port = 8387; bind.address = "127.0.0.1";
host.address = "127.0.0.1"; bind.port = 8387;
host.port = 8384; host.address = "127.0.0.1";
} { host.port = 8384;
bind.address = "127.0.0.1"; }
bind.port = 9092; {
host.address = "127.0.0.1"; bind.address = "127.0.0.1";
host.port = 9091; bind.port = 9092;
}]; host.address = "127.0.0.1";
host.port = 9091;
}
];
}; };
matchBlocks."nixos-vm" = { matchBlocks."nixos-vm" = {
@ -112,28 +110,28 @@ in
matchBlocks."router" = { matchBlocks."router" = {
hostname = "192.168.1.1"; hostname = "192.168.1.1";
user = "root"; user = "root";
localForwards = [ { localForwards = [{
bind.address = "127.0.0.1"; bind.address = "127.0.0.1";
bind.port = 1337; bind.port = 1337;
host.address = "127.0.0.1"; host.address = "127.0.0.1";
host.port = 80; host.port = 80;
} ]; }];
}; };
matchBlocks."homeserver" = { matchBlocks."homeserver" = {
hostname = "192.168.0.100"; hostname = "192.168.0.100";
localForwards = [ { localForwards = [{
bind.address = "127.0.0.1"; bind.address = "127.0.0.1";
bind.port = 8385; bind.port = 8385;
host.address = "127.0.0.1"; host.address = "127.0.0.1";
host.port = 8384; host.port = 8384;
} ]; }];
}; };
}; };
git = { git = {
enable = true; enable = true;
userName = "Alexander Szczepanski"; userName = "Alexander Szczepanski";
userEmail = "alexander@szczepan.ski"; userEmail = "alexander@szczepan.ski";
extraConfig = { extraConfig = {
core = { autocrlf = false; }; core = { autocrlf = false; };

10
machine/desktop.nix
View File

@ -7,7 +7,7 @@ let
in in
{ {
imports = imports =
[ # Include the results of the hardware scan. [
/etc/nixos/hardware-configuration.nix /etc/nixos/hardware-configuration.nix
../configs/gui.nix ../configs/gui.nix
../configs/docker.nix ../configs/docker.nix
@ -72,8 +72,8 @@ in
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
console = { console = {
font = "latarcyrheb-sun32"; font = "latarcyrheb-sun32";
keyMap = "us"; keyMap = "us";
}; };
hardware = { hardware = {
@ -121,13 +121,13 @@ in
printing.enable = true; printing.enable = true;
xserver.videoDrivers = [ "amdgpu" ]; xserver.videoDrivers = [ "amdgpu" ];
xserver.deviceSection = '' xserver.deviceSection = ''
Option "TearFree" "true" Option "TearFree" "true"
''; '';
hardware.xow.enable = true; hardware.xow.enable = true;
borgbackup.jobs.home = rec { borgbackup.jobs.home = rec {
compression = "auto,zstd"; compression = "auto,zstd";
encryption = { encryption = {
mode = "repokey-blake2" ; mode = "repokey-blake2";
passphrase = secrets-desktop.borg-key; passphrase = secrets-desktop.borg-key;
}; };
extraCreateArgs = "--checkpoint-interval 600 --exclude-caches"; extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";

27
machine/homeserver.nix
View File

@ -60,7 +60,7 @@
User = "alex"; User = "alex";
# ExecStart="/home/alex/snapraid-sync"; # ExecStart="/home/alex/snapraid-sync";
}; };
path = [pkgs.bash pkgs.snapraid pkgs.curl pkgs.smartmontools pkgs.hdparm]; path = [ pkgs.bash pkgs.snapraid pkgs.curl pkgs.smartmontools pkgs.hdparm ];
script = '' script = ''
/home/alex/snapraid-sync /home/alex/snapraid-sync
@ -69,7 +69,7 @@
timers.snapraid-sync = { timers.snapraid-sync = {
#enable = true; #enable = true;
wantedBy = ["timers.target"]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
OnCalendar = "Mon-Sun, 23:00"; OnCalendar = "Mon-Sun, 23:00";
# Unit = "snapraid-sync.service"; # Unit = "snapraid-sync.service";
@ -95,7 +95,7 @@
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
#intel-media-driver # LIBVA_DRIVER_NAME=iHD #intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau vaapiVdpau
libvdpau-va-gl libvdpau-va-gl
]; ];
@ -145,19 +145,20 @@
}; };
}; };
security.sudo.extraRules = [ { security.sudo.extraRules = [{
users = [ "alex" ]; users = [ "alex" ];
commands = [ { commands = [{
command = "${pkgs.hdparm}/bin/hdparm"; command = "${pkgs.hdparm}/bin/hdparm";
options = [ "SETENV" "NOPASSWD" ]; options = [ "SETENV" "NOPASSWD" ];
} ]; }];
} { }
users = [ "alex" ]; {
commands = [ { users = [ "alex" ];
command = "${pkgs.snapraid}/bin/snapraid"; commands = [{
options = [ "SETENV" "NOPASSWD" ]; command = "${pkgs.snapraid}/bin/snapraid";
} ]; options = [ "SETENV" "NOPASSWD" ];
}]; }];
}];
networking.firewall.enable = false; networking.firewall.enable = false;

2
machine/nixos-vm.nix
View File

@ -5,7 +5,7 @@ let
in in
{ {
imports = imports =
[ # Include the results of the hardware scan. [
/etc/nixos/hardware-configuration.nix /etc/nixos/hardware-configuration.nix
../configs/gui.nix ../configs/gui.nix
../configs/common.nix ../configs/common.nix

22
machine/raspberrypi4.nix
View File

@ -1,13 +1,13 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
imports = imports =
[ [
# <nixos-hardware/common/cpu/intel> # <nixos-hardware/common/cpu/intel>
/etc/nixos/hardware-configuration.nix /etc/nixos/hardware-configuration.nix
#../configs/docker.nix #../configs/docker.nix
../configs/common.nix ../configs/common.nix
../configs/user.nix ../configs/user.nix
]; ];
# Boot # Boot
boot.loader.grub.enable = false; boot.loader.grub.enable = false;
@ -16,7 +16,7 @@
# Kernel configuration # Kernel configuration
boot.kernelPackages = pkgs.linuxPackages_rpi4; boot.kernelPackages = pkgs.linuxPackages_rpi4;
boot.kernelParams = ["cma=64M" "console=tty0"]; boot.kernelParams = [ "cma=64M" "console=tty0" ];
# Enable additional firmware (such as Wi-Fi drivers). # Enable additional firmware (such as Wi-Fi drivers).
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
@ -34,13 +34,15 @@
# }; # };
# }; # };
swapDevices = [ { device = "/swapfile"; size = 1024; } ]; swapDevices = [{ device = "/swapfile"; size = 1024; }];
networking.hostName = "raspberrypi4"; networking.hostName = "raspberrypi4";
# Packages # Packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
nano git htop nano
git
htop
]; ];
# Miscellaneous # Miscellaneous

80
machine/thinkpad.nix
View File

@ -11,6 +11,9 @@ let
be = import ../configs/borg-exclude.nix; be = import ../configs/borg-exclude.nix;
in in
{ {
nixpkgs.config = {
allowUnfree = true;
};
imports = imports =
[ [
<nixos-hardware/lenovo/thinkpad/x1-extreme> <nixos-hardware/lenovo/thinkpad/x1-extreme>
@ -22,15 +25,16 @@ in
../configs/user.nix ../configs/user.nix
../configs/user-gui.nix ../configs/user-gui.nix
../configs/user-gui-applications.nix ../configs/user-gui-applications.nix
../configs/bspwm.nix
<home-manager/nixos> <home-manager/nixos>
]; ];
# boot.initrd.luks.devices = { # boot.initrd.luks.devices = {
# root = { # root = {
# preLVM = true; # preLVM = true;
# device = "/dev/disk/by-uuid/b59e9746-b9b4-4de1-94f6-84a387b9d72e"; # device = "/dev/disk/by-uuid/b59e9746-b9b4-4de1-94f6-84a387b9d72e";
# allowDiscards = true; # allowDiscards = true;
# }; # };
# }; # };
fileSystems."/".options = [ "noatime" "discard" ]; fileSystems."/".options = [ "noatime" "discard" ];
@ -45,7 +49,7 @@ in
grub.gfxmodeEfi = "1024x768"; grub.gfxmodeEfi = "1024x768";
}; };
kernelPackages = pkgs.linuxPackages_5_14; kernelPackages = pkgs.linuxPackages_5_14;
boot.plymouth.enable = true; plymouth.enable = true;
}; };
networking.hostName = "thinkpad"; # Define your hostname. networking.hostName = "thinkpad"; # Define your hostname.
@ -59,8 +63,8 @@ in
# Select internationalisation properties. # Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8"; # i18n.defaultLocale = "en_US.UTF-8";
console = { console = {
font = "latarcyrheb-sun32"; font = "latarcyrheb-sun32";
keyMap = "us"; keyMap = "us";
}; };
hardware.nvidia.prime = { hardware.nvidia.prime = {
@ -73,40 +77,40 @@ in
nvidiaBusId = "PCI:1:0:0"; nvidiaBusId = "PCI:1:0:0";
}; };
# hardware.bumblebee = { # hardware.bumblebee = {
# enable = true; # enable = true;
# connectDisplay = true; # connectDisplay = true;
# }; # };
hardware.opengl = { hardware.opengl = {
enable = true; enable = true;
driSupport32Bit = true; driSupport32Bit = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
intel-media-driver # LIBVA_DRIVER_NAME=iHD intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau vaapiVdpau
libvdpau-va-gl libvdpau-va-gl
]; ];
}; };
nixpkgs.config.packageOverrides = pkgs: rec { nixpkgs.config.packageOverrides = pkgs: rec {
# bumblebee = pkgs.bumblebee.override { # bumblebee = pkgs.bumblebee.override {
# extraNvidiaDeviceOptions = '' # extraNvidiaDeviceOptions = ''
# Option "ProbeAllGpus" "false" # Option "ProbeAllGpus" "false"
# Option "AllowEmptyInitialConfiguration" # Option "AllowEmptyInitialConfiguration"
# EndSection# # EndSection#
# Section "ServerLayout" # Section "ServerLayout"
# Identifier "Layout0" # Identifier "Layout0"
# Option "AutoAddDevices" "true" # Bumblebee defaults to false # Option "AutoAddDevices" "true" # Bumblebee defaults to false
# Option "AutoAddGPU" "false" # Option "AutoAddGPU" "false"
# EndSection # EndSection
# Section "Screen" # Add this section # Section "Screen" # Add this section
# Identifier "Screen0" # Identifier "Screen0"
# Device "DiscreteNvidia" # Device "DiscreteNvidia"
# ''; # '';
# }; # };
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
}; };
@ -120,7 +124,7 @@ in
avoid-resampling = "yes"; avoid-resampling = "yes";
}; };
}; };
configFile = pkgs.runCommand "default.pa" {} '' configFile = pkgs.runCommand "default.pa" { } ''
sed 's/module-udev-detect$/module-udev-detect tsched=0/' \ sed 's/module-udev-detect$/module-udev-detect tsched=0/' \
${pkgs.pulseaudio}/etc/pulse/default.pa > $out ${pkgs.pulseaudio}/etc/pulse/default.pa > $out
''; '';
@ -131,13 +135,13 @@ in
thinkfan = { thinkfan = {
enable = true; enable = true;
levels = [ levels = [
[0 0 67] [ 0 0 67 ]
[1 65 75] [ 1 65 75 ]
[2 73 80] [ 2 73 80 ]
[3 78 85] [ 3 78 85 ]
[4 83 90] [ 4 83 90 ]
[6 88 95] [ 6 88 95 ]
[7 93 32767] [ 7 93 32767 ]
]; ];
}; };
xserver = { xserver = {
@ -158,13 +162,13 @@ in
borgbackup.jobs.home = rec { borgbackup.jobs.home = rec {
compression = "auto,zstd"; compression = "auto,zstd";
encryption = { encryption = {
mode = "repokey-blake2" ; mode = "repokey-blake2";
passphrase = secrets-thinkpad.borg-key; passphrase = secrets-thinkpad.borg-key;
}; };
extraCreateArgs = "--list --stats --verbose --checkpoint-interval 600 --exclude-caches"; extraCreateArgs = "--list --stats --verbose --checkpoint-interval 600 --exclude-caches";
environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa"; environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa";
paths = "/home/alex"; paths = "/home/alex";
repo = secrets-thinkpad.borg-thinkpad-key; repo = secrets-thinkpad.borg-repo;
startAt = "daily"; startAt = "daily";
user = "alex"; user = "alex";
prune.keep = { prune.keep = {

39
machine/vps.nix
View File

@ -4,7 +4,7 @@ let
in in
{ {
imports = imports =
[ # Include the results of the hardware scan. [
/etc/nixos/hardware-configuration.nix /etc/nixos/hardware-configuration.nix
../configs/common.nix ../configs/common.nix
../configs/docker.nix ../configs/docker.nix
@ -38,11 +38,12 @@ in
publicKey = secrets.wireguard-desktop-public; publicKey = secrets.wireguard-desktop-public;
presharedKey = secrets.wireguard-preshared; presharedKey = secrets.wireguard-preshared;
allowedIPs = [ "10.100.0.2/32" ]; allowedIPs = [ "10.100.0.2/32" ];
}{ }
publicKey = secrets.wireguard-mini-public; {
presharedKey = secrets.wireguard-preshared; publicKey = secrets.wireguard-mini-public;
allowedIPs = [ "10.100.0.3/32" ]; presharedKey = secrets.wireguard-preshared;
}]; allowedIPs = [ "10.100.0.3/32" ];
}];
}; };
}; };
@ -57,10 +58,6 @@ in
}; };
}; };
# List packages installed in system profile. To search, run:
environment.systemPackages = with pkgs; [
];
programs.mtr.enable = true; programs.mtr.enable = true;
security.acme.email = "webmaster@szczepan.ski"; security.acme.email = "webmaster@szczepan.ski";
@ -91,10 +88,10 @@ in
''; '';
}; };
"/.well-known/carddav" = { "/.well-known/carddav" = {
return = "301 $scheme://$host/remote.php/dav"; return = "301 $scheme://$host/remote.php/dav";
}; };
"/.well-known/caldav" = { "/.well-known/caldav" = {
return = "301 $scheme://$host/remote.php/dav"; return = "301 $scheme://$host/remote.php/dav";
}; };
}; };
}; };
@ -114,17 +111,17 @@ in
enable = true; enable = true;
jails.DEFAULT = jails.DEFAULT =
'' ''
bantime = 7d bantime = 7d
''; '';
jails.sshd = jails.sshd =
'' ''
filter = sshd filter = sshd
maxretry = 4 maxretry = 4
action = iptables[name=ssh, port=ssh, protocol=tcp] action = iptables[name=ssh, port=ssh, protocol=tcp]
enabled = true enabled = true
''; '';
}; };
# Limit stack size to reduce memory usage # Limit stack size to reduce memory usage

8
packages/idasen.nix
View File

@ -1,6 +1,7 @@
with import <nixpkgs> {}; with import <nixpkgs> { };
( let (
let
idasen = pkgs.python3Packages.buildPythonPackage rec { idasen = pkgs.python3Packages.buildPythonPackage rec {
name = "idasen"; name = "idasen";
version = "v0.7.1"; version = "v0.7.1";
@ -20,7 +21,8 @@ with import <nixpkgs> {};
}; };
}; };
in pkgs.python3.buildEnv.override rec { in
pkgs.python3.buildEnv.override rec {
extraLibs = with pkgs.python3Packages; [ numpy toolz vpn-slice ]; extraLibs = with pkgs.python3Packages; [ numpy toolz vpn-slice ];
propagatedBuildInputs = with pkgs.python3Packages; [ setproctitle ]; propagatedBuildInputs = with pkgs.python3Packages; [ setproctitle ];
} }