BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

some adjustments

Browse Source
This commit is contained in:
Alexander Szczepanski
2021-11-08 14:23:12 +01:00
parent 944acf586f
commit 2bdb4244b3
14 changed files with 215 additions and 225 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
configs/bspwm.nix
View File

@ -25,7 +25,6 @@ in
};
desktopManager = {
gnome.enable = true;
xfce = {
enable = true;
noDesktop = true;

27
configs/common.nix
View File

@ -18,10 +18,14 @@ in
nextdns = {
enable = true;
arguments = [
"-config" secrets.nextdnshash
"-cache-size" "10MB"
"-listen" "127.0.0.1:53"
"-forwarder" secrets.nextdnsforwarder
"-config"
secrets.nextdnshash
"-cache-size"
"10MB"
"-listen"
"127.0.0.1:53"
"-forwarder"
secrets.nextdnsforwarder
"-report-client-info"
];
};
@ -34,13 +38,14 @@ in
networking = {
nameservers = [ "127.0.0.1" "::1" ];
hosts = {
"2.56.97.114" = ["szczepan.ski"];
"10.100.0.1" = ["vps.wg"];
"10.100.0.2" = ["desktop.wg"];
"10.100.0.3" = ["mini.wg"];
"192.168.0.24" = ["mini.lan"];
"192.168.0.100" = ["homeserver.lan"];
"192.168.0.150" = ["desktop.lan"];
"2.56.97.114" = [ "old-vps" ];
"207.180.220.97" = [ "szczepan.ski" ];
"10.100.0.1" = [ "vps.wg" ];
"10.100.0.2" = [ "desktop.wg" ];
"10.100.0.3" = [ "mini.wg" ];
"192.168.0.24" = [ "mini.lan" ];
"192.168.0.100" = [ "homeserver.lan" ];
"192.168.0.150" = [ "desktop.lan" ];
};
# If using dhcpcd:
dhcpcd.extraConfig = "nohook resolv.conf";

4
configs/sway.nix
View File

@ -16,7 +16,7 @@ in
grim
slurp
wl-clipboard
(python38.withPackages(ps: with ps; [ i3pystatus keyring ]))
(python38.withPackages (ps: with ps; [ i3pystatus keyring ]))
];
extraSessionCommands = ''
export SDL_VIDEODRIVER=wayland
@ -40,7 +40,7 @@ in
description = "Kanshi output autoconfig ";
wantedBy = [ "graphical-session.target" ];
partOf = [ "graphical-session.target" ];
environment = { XDG_CONFIG_HOME="/home/alex/.config"; };
environment = { XDG_CONFIG_HOME = "/home/alex/.config"; };
serviceConfig = {
# kanshi doesn't have an option to specifiy config file yet, so it looks
# at .config/kanshi/config

4
configs/user-gui-applications.nix
View File

@ -21,13 +21,9 @@ in
gnome.cheese
homebank
insomnia
jellyfin-media-player
jellyfin-mpv-shim
kdenlive
keepassxc
libreoffice
lutris
lxrandr
mangohud
meld
obs-studio

44
configs/user-gui.nix
View File

@ -1,7 +1,8 @@
{ config, pkgs, lib, ... }:
let unstable = import <nixos-unstable> { config.allowUnfree = true; };
in {
in
{
imports = [ <home-manager/nixos> ];
home-manager.users.alex = { pkgs, ... }: {
@ -33,6 +34,12 @@ in {
};
};
services = {
syncthing = {
enable = true;
};
};
gtk = {
enable = true;
font = {
@ -75,42 +82,21 @@ in {
jnoortheen.nix-ide
brettm12345.nixfmt-vscode
];
# userSettings = {
# #"terminal.integrated.fontFamily" = "Hack";
# "workbench.colorTheme" = "Hyper Term Black";
# "window.titleBarStyle" = "custom";
# };
};
rofi = {
enable = true;
lines = 10;
borderWidth = 2;
scrollbar = false;
padding = 50;
font = "Liberation Sans Regular 20";
separator = "solid";
colors = {
window = {
background = "#dd000000";
border = "#a6a6a6";
separator = "#a6a6a6";
};
rows = {
normal = {
background = "#00000000";
foreground = "#a6a6a6";
backgroundAlt = "#00000000";
highlight = {
background = "#a6a6a6";
foreground = "#000000";
};
};
};
};
extraConfig = {
modi = "drun,window";
show-icons = true;
color-normal = "#00000000, #a6a6a6, #00000000, #a6a6a6, #000000";
color-window = "#dd000000, #a6a6a6, #a6a6a6";
separator-style = "solid";
padding = 50;
lines = 10;
borderWidth = 2;
hide-scrollbar = true;
};
};

36
configs/user.nix
View File

@ -11,7 +11,7 @@ in
users.alex = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" "networkmanager" "libvirtd" "lp" "scanner" "adbusers" ];
extraGroups = [ "wheel" "docker" "networkmanager" "libvirtd" "kvm" "lp" "scanner" "adbusers" ];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPSzeNjfkz7/B/18TcJxxmNFUhvTKoieBcexdzebWH7oncvyBXNRJp8vAqSIVFLzz5UUFQNFuilggs8/N48U84acmFOxlbUmxlkf8KZgeB/G6uQ8ncQh6M1HNNPH+9apTURgfctr7eEZe9seLIEBISQLXB2Sf3F1ogfDj25S8kH9RM4wM1/jDFK5IecWHScKxwQPmCoXeGE1LEJq6nkQLXMDsWhSihtWouaTxSR0p7/wp/Rqt/hzLEWj8e3+qLMc5JrrdaWksupUCysme7CnSfGSzNUv9RKiRCTFofYPT9tbRn5JzdpQ55v22S6OvmmXUHjST1MOzI8MpVPZCCqd/ZQ1E+gErFiMwjG4sn/xxdPK9/jbQaXMjLklbKtR+C5090Ew2u2kj78jqGk/8COhF1MXh/9qjcG+C51uD1AS9d410kfjPwkaUt4U2KktDMQ942nWywrvIWM0Gt2kgDLYotsy/70q/aTJ8bvaCoWoDOGmpWcyNNBalz4OYYGI2Z0WHrVTs0FpzSk/XeQz0OLkmueoh5GDGd8zrfO6Nf5LWI17aWGRePTpQP5mJIg6jC3j8/QVrthEP6QyIIkZsnfsmvSiMWVfXqEy1BxVlu3T6aLffaj679KCsxY+mx5mTH2hwd4ZdbSI4F0GCIt+WGaFhHs2V3ZQitoEZuraRPEc4HGw== alexander@szczepan.ski"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIsOYaj6+akcgTQPvm0/htYgO5z+PR1TJRxCnbRNI/ucqvcC6/eTzPU7tKG+UJtkfy30NSnwu/k9aENyb5zYLVoDHngOzH8DLl93B2nHgwUiLpv7kFXOhvD1jsA5RsryeumaL7YbtlePrso+FEJkUez8mncAjG4t9U/MifkTbujjS5AP35NONH01fQWKvivnqw4T0dq36e0J0YF/zcb1mQovt3dw7+NE0A6OwNGAElRNwVh619jL9g0TJBi3Ge8LASsHBildzTlNVHzIwdDzRdAvsoAXjYF42fjHSQXZJv5P5eJcT7JEt7x+yVWzTnk/K6/dtKi6kewbp/srUGSsVLP6x+o6QTQ5rYKoBRsM/3bfqG0PwijfDXEdn7bQn6+7PcnMhVi5wJppUeEOt0SbRBDSa3ewzTWjjESPW03b/oIlNrnDhk5UJmF5jlfxz9HHP73lqEpcNhEAiZMLbfvnwtufS/wYnZXz44i8rVEiNMfIOS2VIM74aNloPTvkq0Ek0GzTT6H4wQy7VbRgSOaW+XN5TSOEqtfZ0TpmYNrpskVx5yDrbOOArmULICGLlexed8fsFZX8P1ouTg96pM5Kr47HZsdEZzS8DKuDx8EP50ORYKbN6Kyb+f0FcMEfD1RQV+IECKnnFUyoozFjE0aV+ROjAKoDmyWdU2lpOPA8kRBw== alex@desktop"
@ -50,12 +50,6 @@ in
];
};
services = {
syncthing = {
enable = true;
};
};
programs = {
ssh = {
enable = true;
@ -63,14 +57,15 @@ in
serverAliveInterval = 60;
forwardAgent = true;
matchBlocks."szczepan.ski" = {
hostname = "szczepan.ski";
localForwards = [ {
matchBlocks."old-vps" = {
hostname = "2.56.97.114";
localForwards = [{
bind.address = "127.0.0.1";
bind.port = 8386;
host.address = "127.0.0.1";
host.port = 8384;
} {
}
{
bind.address = "127.0.0.1";
bind.port = 9092;
host.address = "127.0.0.1";
@ -78,19 +73,22 @@ in
}];
};
matchBlocks."new-vps" = {
matchBlocks."szczepan.ski" = {
hostname = "207.180.220.97";
localForwards = [ {
localForwards = [
{
bind.address = "127.0.0.1";
bind.port = 8387;
host.address = "127.0.0.1";
host.port = 8384;
} {
}
{
bind.address = "127.0.0.1";
bind.port = 9092;
host.address = "127.0.0.1";
host.port = 9091;
}];
}
];
};
matchBlocks."nixos-vm" = {
@ -112,22 +110,22 @@ in
matchBlocks."router" = {
hostname = "192.168.1.1";
user = "root";
localForwards = [ {
localForwards = [{
bind.address = "127.0.0.1";
bind.port = 1337;
host.address = "127.0.0.1";
host.port = 80;
} ];
}];
};
matchBlocks."homeserver" = {
hostname = "192.168.0.100";
localForwards = [ {
localForwards = [{
bind.address = "127.0.0.1";
bind.port = 8385;
host.address = "127.0.0.1";
host.port = 8384;
} ];
}];
};
};

4
machine/desktop.nix
View File

@ -7,7 +7,7 @@ let
in
{
imports =
[ # Include the results of the hardware scan.
[
/etc/nixos/hardware-configuration.nix
../configs/gui.nix
../configs/docker.nix
@ -127,7 +127,7 @@ in
borgbackup.jobs.home = rec {
compression = "auto,zstd";
encryption = {
mode = "repokey-blake2" ;
mode = "repokey-blake2";
passphrase = secrets-desktop.borg-key;
};
extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";

17
machine/homeserver.nix
View File

@ -60,7 +60,7 @@
User = "alex";
# ExecStart="/home/alex/snapraid-sync";
};
path = [pkgs.bash pkgs.snapraid pkgs.curl pkgs.smartmontools pkgs.hdparm];
path = [ pkgs.bash pkgs.snapraid pkgs.curl pkgs.smartmontools pkgs.hdparm ];
script = ''
/home/alex/snapraid-sync
@ -69,7 +69,7 @@
timers.snapraid-sync = {
#enable = true;
wantedBy = ["timers.target"];
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "Mon-Sun, 23:00";
# Unit = "snapraid-sync.service";
@ -145,18 +145,19 @@
};
};
security.sudo.extraRules = [ {
security.sudo.extraRules = [{
users = [ "alex" ];
commands = [ {
commands = [{
command = "${pkgs.hdparm}/bin/hdparm";
options = [ "SETENV" "NOPASSWD" ];
} ];
} {
}];
}
{
users = [ "alex" ];
commands = [ {
commands = [{
command = "${pkgs.snapraid}/bin/snapraid";
options = [ "SETENV" "NOPASSWD" ];
} ];
}];
}];
networking.firewall.enable = false;

2
machine/nixos-vm.nix
View File

@ -5,7 +5,7 @@ let
in
{
imports =
[ # Include the results of the hardware scan.
[
/etc/nixos/hardware-configuration.nix
../configs/gui.nix
../configs/common.nix

8
machine/raspberrypi4.nix
View File

@ -16,7 +16,7 @@
# Kernel configuration
boot.kernelPackages = pkgs.linuxPackages_rpi4;
boot.kernelParams = ["cma=64M" "console=tty0"];
boot.kernelParams = [ "cma=64M" "console=tty0" ];
# Enable additional firmware (such as Wi-Fi drivers).
hardware.enableRedistributableFirmware = true;
@ -34,13 +34,15 @@
# };
# };
swapDevices = [ { device = "/swapfile"; size = 1024; } ];
swapDevices = [{ device = "/swapfile"; size = 1024; }];
networking.hostName = "raspberrypi4";
# Packages
environment.systemPackages = with pkgs; [
nano git htop
nano
git
htop
];
# Miscellaneous

64
machine/thinkpad.nix
View File

@ -11,6 +11,9 @@ let
be = import ../configs/borg-exclude.nix;
in
{
nixpkgs.config = {
allowUnfree = true;
};
imports =
[
<nixos-hardware/lenovo/thinkpad/x1-extreme>
@ -22,6 +25,7 @@ in
../configs/user.nix
../configs/user-gui.nix
../configs/user-gui-applications.nix
../configs/bspwm.nix
<home-manager/nixos>
];
@ -45,7 +49,7 @@ in
grub.gfxmodeEfi = "1024x768";
};
kernelPackages = pkgs.linuxPackages_5_14;
boot.plymouth.enable = true;
plymouth.enable = true;
};
networking.hostName = "thinkpad"; # Define your hostname.
@ -73,10 +77,10 @@ in
nvidiaBusId = "PCI:1:0:0";
};
# hardware.bumblebee = {
# enable = true;
# connectDisplay = true;
# };
# hardware.bumblebee = {
# enable = true;
# connectDisplay = true;
# };
hardware.opengl = {
enable = true;
@ -90,23 +94,23 @@ in
};
nixpkgs.config.packageOverrides = pkgs: rec {
# bumblebee = pkgs.bumblebee.override {
# extraNvidiaDeviceOptions = ''
# Option "ProbeAllGpus" "false"
# Option "AllowEmptyInitialConfiguration"
# EndSection#
# bumblebee = pkgs.bumblebee.override {
# extraNvidiaDeviceOptions = ''
# Option "ProbeAllGpus" "false"
# Option "AllowEmptyInitialConfiguration"
# EndSection#
# Section "ServerLayout"
# Identifier "Layout0"
# Option "AutoAddDevices" "true" # Bumblebee defaults to false
# Option "AutoAddGPU" "false"
# EndSection
# Section "ServerLayout"
# Identifier "Layout0"
# Option "AutoAddDevices" "true" # Bumblebee defaults to false
# Option "AutoAddGPU" "false"
# EndSection
# Section "Screen" # Add this section
# Identifier "Screen0"
# Device "DiscreteNvidia"
# '';
# };
# Section "Screen" # Add this section
# Identifier "Screen0"
# Device "DiscreteNvidia"
# '';
# };
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
@ -120,7 +124,7 @@ in
avoid-resampling = "yes";
};
};
configFile = pkgs.runCommand "default.pa" {} ''
configFile = pkgs.runCommand "default.pa" { } ''
sed 's/module-udev-detect$/module-udev-detect tsched=0/' \
${pkgs.pulseaudio}/etc/pulse/default.pa > $out
'';
@ -131,13 +135,13 @@ in
thinkfan = {
enable = true;
levels = [
[0 0 67]
[1 65 75]
[2 73 80]
[3 78 85]
[4 83 90]
[6 88 95]
[7 93 32767]
[ 0 0 67 ]
[ 1 65 75 ]
[ 2 73 80 ]
[ 3 78 85 ]
[ 4 83 90 ]
[ 6 88 95 ]
[ 7 93 32767 ]
];
};
xserver = {
@ -158,13 +162,13 @@ in
borgbackup.jobs.home = rec {
compression = "auto,zstd";
encryption = {
mode = "repokey-blake2" ;
mode = "repokey-blake2";
passphrase = secrets-thinkpad.borg-key;
};
extraCreateArgs = "--list --stats --verbose --checkpoint-interval 600 --exclude-caches";
environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa";
paths = "/home/alex";
repo = secrets-thinkpad.borg-thinkpad-key;
repo = secrets-thinkpad.borg-repo;
startAt = "daily";
user = "alex";
prune.keep = {

9
machine/vps.nix
View File

@ -4,7 +4,7 @@ let
in
{
imports =
[ # Include the results of the hardware scan.
[
/etc/nixos/hardware-configuration.nix
../configs/common.nix
../configs/docker.nix
@ -38,7 +38,8 @@ in
publicKey = secrets.wireguard-desktop-public;
presharedKey = secrets.wireguard-preshared;
allowedIPs = [ "10.100.0.2/32" ];
}{
}
{
publicKey = secrets.wireguard-mini-public;
presharedKey = secrets.wireguard-preshared;
allowedIPs = [ "10.100.0.3/32" ];
@ -57,10 +58,6 @@ in
};
};
# List packages installed in system profile. To search, run:
environment.systemPackages = with pkgs; [
];
programs.mtr.enable = true;
security.acme.email = "webmaster@szczepan.ski";

8
packages/idasen.nix
View File

@ -1,6 +1,7 @@
with import <nixpkgs> {};
with import <nixpkgs> { };
( let
(
let
idasen = pkgs.python3Packages.buildPythonPackage rec {
name = "idasen";
version = "v0.7.1";
@ -20,7 +21,8 @@ with import <nixpkgs> {};
};
};
in pkgs.python3.buildEnv.override rec {
in
pkgs.python3.buildEnv.override rec {
extraLibs = with pkgs.python3Packages; [ numpy toolz vpn-slice ];
propagatedBuildInputs = with pkgs.python3Packages; [ setproctitle ];
}