Sun Aug 14 06:35:44 PM CEST 2022

backup/desktop.nix

@@ -0,0 +1,152 @@
+{ config, pkgs, lib, ... }:
+
+let
+  secrets = import ../configs/secrets.nix;
+  secrets-desktop = import ../configs/secrets-desktop.nix;
+  be = import ../configs/borg-exclude.nix;
+in
+{
+  imports =
+    [
+      /etc/nixos/hardware-configuration.nix
+      ../configs/gui.nix
+      ../configs/docker.nix
+      ../configs/libvirt.nix
+      ../configs/common.nix
+      ../configs/user-gui-applications.nix
+      ../configs/user-gui.nix
+      ../configs/user.nix
+      ../configs/bspwm.nix
+      #../configs/pantheon.nix
+    ];
+
+  fileSystems."/".options = [ "noatime" "discard" ];
+  fileSystems."/boot".options = [ "noatime" "discard" ];
+  fileSystems."/mnt/second" = {
+    device = "/dev/disk/by-uuid/49c04c91-752d-4dff-b4d9-40a0b9a7bf7c";
+    fsType = "ext4";
+    options = [ "noatime" "discard" ];
+  };
+
+  boot = {
+    loader = {
+      grub = {
+        enable = true;
+        version = 2;
+        device = "nodev";
+        efiSupport = true;
+        gfxmodeEfi = "1024x768";
+        configurationLimit = 5;
+      };
+
+      efi.canTouchEfiVariables = true;
+    };
+
+    initrd.kernelModules = [ "amdgpu" ];
+    plymouth.enable = true;
+    extraModulePackages = with pkgs.linuxPackages_lqx; [ it87 ];
+    kernelModules = [ "it87" "v4l2loopback" ];
+    kernelPackages = pkgs.linuxPackages_lqx;
+  };
+
+  networking = {
+    hostName = "desktop";
+    useDHCP = false;
+    wireguard.interfaces = {
+      wg0 = {
+        ips = [ "10.100.0.2/24" ];
+        privateKey = secrets-desktop.wireguard-private;
+
+        peers = [
+          {
+            publicKey = secrets.wireguard-vps-public;
+            presharedKey = secrets.wireguard-preshared;
+            allowedIPs = [ "10.100.0.0/24" ];
+            endpoint = "szczepan.ski:51820";
+            persistentKeepalive = 25;
+          }
+        ];
+      };
+    };
+  };
+
+  time.timeZone = "Europe/Berlin";
+
+  console = {
+    font = "latarcyrheb-sun32";
+    keyMap = "us";
+  };
+
+  hardware = {
+    cpu.amd.updateMicrocode = true;
+
+    opengl = {
+      driSupport = true;
+      driSupport32Bit = true;
+      extraPackages = with pkgs; [
+        rocm-opencl-icd
+        rocm-opencl-runtime
+        # amdvlk
+      ];
+      # extraPackages32 = with pkgs; [
+      #   driversi686Linux.amdvlk
+      # ];
+    };
+
+    fancontrol = {
+      enable = true;
+      config = ''
+        INTERVAL=10
+        DEVPATH=hwmon2=devices/platform/it87.656
+        DEVNAME=hwmon2=it8665
+        FCTEMPS=hwmon2/pwm3=hwmon2/temp1_input hwmon2/pwm2=hwmon2/temp1_input hwmon2/pwm1=hwmon2/temp1_input
+        FCFANS=hwmon2/pwm3=hwmon2/fan2_input hwmon2/pwm2=hwmon2/fan1_input hwmon2/pwm1=
+        MINTEMP=hwmon2/pwm3=60 hwmon2/pwm2=60 hwmon2/pwm1=60
+        MAXTEMP=hwmon2/pwm3=75 hwmon2/pwm2=75 hwmon2/pwm1=75
+        MINSTART=hwmon2/pwm3=51 hwmon2/pwm2=51 hwmon2/pwm1=51
+        MINSTOP=hwmon2/pwm3=51 hwmon2/pwm2=51 hwmon2/pwm1=51
+        MINPWM=hwmon2/pwm1=51 hwmon2/pwm2=51 hwmon2/pwm3=51
+        MAXPWM=hwmon2/pwm3=127 hwmon2/pwm2=204
+      '';
+    };
+
+    pulseaudio = {
+      enable = true;
+      support32Bit = true;
+    };
+  };
+
+  sound.enable = true;
+
+  services = {
+    netdata.enable = true;
+    printing.enable = true;
+    xserver.videoDrivers = [ "amdgpu" ];
+    xserver.deviceSection = ''
+      Option "TearFree" "true"
+    '';
+    # hardware.xow.enable = true;
+    borgbackup.jobs.home = rec {
+      compression = "auto,zstd";
+      encryption = {
+        mode = "repokey-blake2";
+        passphrase = secrets-desktop.borg-key;
+      };
+      extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";
+      environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa";
+      paths = "/home/alex";
+      repo = secrets-desktop.borg-repo;
+      startAt = "daily";
+      user = "alex";
+      prune.keep = {
+        daily = 7;
+        weekly = 4;
+        monthly = 6;
+      };
+      extraPruneArgs = "--save-space --list --stats";
+      exclude = map (x: paths + "/" + x) be.borg-exclude;
+    };
+  };
+
+  system.stateVersion = "21.11";
+}

backup/pantheon.nix

@@ -0,0 +1,23 @@
+{ config, pkgs, lib, ... }:
+
+{
+  programs.pantheon-tweaks.enable = true;
+  services = {
+    xserver = {
+      enable = true;
+      displayManager = {
+        lightdm = {
+          enable = true;
+          greeters.pantheon.enable = true;
+        };
+      };
+
+      desktopManager.pantheon.enable = true;
+      layout = "us";
+
+      # Enable touchpad support.
+      libinput.enable = true;
+      updateDbusEnvironment = true;
+    };
+  };
+}

backup/sway.nix

@@ -0,0 +1,54 @@
+{ config, pkgs, lib, ... }:
+
+let
+  unstable = import <nixos-unstable> { config.allowUnfree = true; };
+in
+{
+  programs = {
+    sway = {
+      enable = true;
+      extraPackages = with pkgs; [
+        wofi
+        swaylock
+        swayidle
+        xwayland
+        kanshi
+        grim
+        slurp
+        wl-clipboard
+        (python38.withPackages (ps: with ps; [ i3pystatus keyring ]))
+      ];
+      extraSessionCommands = ''
+        export SDL_VIDEODRIVER=wayland
+        export QT_QPA_PLATFORM=wayland
+        export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
+        export _JAVA_AWT_WM_NONREPARENTING=1
+        export MOZ_ENABLE_WAYLAND=1
+      '';
+    };
+  };
+
+  systemd.user.targets.sway-session = {
+    description = "Sway compositor session";
+    documentation = [ "man:systemd.special(7)" ];
+    bindsTo = [ "graphical-session.target" ];
+    wants = [ "graphical-session-pre.target" ];
+    after = [ "graphical-session-pre.target" ];
+  };
+
+  systemd.user.services.kanshi = {
+    description = "Kanshi output autoconfig ";
+    wantedBy = [ "graphical-session.target" ];
+    partOf = [ "graphical-session.target" ];
+    environment = { XDG_CONFIG_HOME = "/home/alex/.config"; };
+    serviceConfig = {
+      # kanshi doesn't have an option to specifiy config file yet, so it looks
+      # at .config/kanshi/config
+      ExecStart = ''
+        ${pkgs.kanshi}/bin/kanshi
+      '';
+      RestartSec = 5;
+      Restart = "always";
+    };
+  };
+}

backup/thinkpad.nix

@@ -0,0 +1,224 @@
+{ config, pkgs, lib, ... }:
+let
+  nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
+    export __NV_PRIME_RENDER_OFFLOAD=1
+    export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
+    export __GLX_VENDOR_LIBRARY_NAME=nvidia
+    export __VK_LAYER_NV_optimus=NVIDIA_only
+    exec -a "$0" "$@"
+  '';
+  secrets-thinkpad = import ../configs/secrets-thinkpad.nix;
+  be = import ../configs/borg-exclude.nix;
+in
+{
+  imports =
+    [
+      <nixos-hardware/lenovo/thinkpad/x1-extreme>
+      /etc/nixos/hardware-configuration.nix
+      ../configs/gui.nix
+      ../configs/docker.nix
+      ../configs/libvirt.nix
+      ../configs/common.nix
+      ../configs/user.nix
+      ../configs/user-gui.nix
+      ../configs/user-gui-applications.nix
+      ../configs/bspwm.nix
+      # ../configs/pantheon.nix
+      <home-manager/nixos>
+    ];
+
+  boot = {
+    loader = {
+      grub = {
+        enable = true;
+        device = "nodev";
+        version = 2;
+        efiSupport = true;
+        enableCryptodisk = true;
+        gfxmodeEfi = "1024x768";
+      };
+      efi = {
+        canTouchEfiVariables = true;
+        efiSysMountPoint = "/boot/efi";
+      };
+    };
+    kernelPackages = pkgs.linuxPackages_lqx;
+    plymouth.enable = true;
+    initrd = {
+      luks.devices."root" = {
+        device = "/dev/disk/by-uuid/9e93feb7-8134-4b62-a05b-1aeade759880";
+        keyFile = "/keyfile0.bin";
+        allowDiscards = true;
+      };
+      secrets = {
+        "keyfile0.bin" = "/etc/secrets/initrd/keyfile0.bin";
+        "keyfile1.bin" = "/etc/secrets/initrd/keyfile1.bin";
+      };
+    };
+  };
+
+  # Data mount
+  fileSystems."/data" = {
+    device = "/dev/disk/by-uuid/33693f43-076d-41fc-a612-f49ab6870ccb"; # UUID for /dev/mapper/crypted-data
+    encrypted = {
+      enable = true;
+      label = "crypted-data";
+      blkDev = "/dev/disk/by-uuid/9bf1d00e-1edc-4de3-9d5e-71a6722ef193"; # UUID for /dev/sda1
+      keyFile = "/keyfile1.bin";
+    };
+  };
+
+  networking.hostName = "thinkpad"; # Define your hostname.
+  time.timeZone = "Europe/Berlin";
+
+  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+  # Per-interface useDHCP will be mandatory in the future, so this generated config
+  # replicates the default behaviour.
+  networking.useDHCP = false;
+
+  # Select internationalisation properties.
+  # i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "latarcyrheb-sun32";
+    keyMap = "us";
+  };
+
+  hardware.nvidia.prime = {
+    offload.enable = true;
+
+    # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA
+    intelBusId = "PCI:0:2:0";
+
+    # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA
+    nvidiaBusId = "PCI:1:0:0";
+  };
+
+  #  hardware.bumblebee = {
+  #    enable = true;
+  #    connectDisplay = true;
+  #  };
+
+  hardware.opengl = {
+    enable = true;
+    driSupport32Bit = true;
+    extraPackages = with pkgs; [
+      intel-media-driver # LIBVA_DRIVER_NAME=iHD
+      vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
+      vaapiVdpau
+      libvdpau-va-gl
+    ];
+  };
+
+  nixpkgs.config.packageOverrides = pkgs: rec {
+    #    bumblebee = pkgs.bumblebee.override {
+    #      extraNvidiaDeviceOptions = ''
+    #        Option "ProbeAllGpus" "false"
+    #        Option "AllowEmptyInitialConfiguration"
+    #      EndSection#
+
+    #      Section "ServerLayout"
+    #        Identifier  "Layout0"
+    #        Option      "AutoAddDevices" "true"     # Bumblebee defaults to false
+    #        Option      "AutoAddGPU" "false"
+    #      EndSection
+
+    #      Section "Screen"                            # Add this section
+    #        Identifier "Screen0"
+    #        Device "DiscreteNvidia"
+    #      '';
+    #    };
+    vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
+  };
+
+  # Enable sound.
+  sound.enable = true;
+  hardware.pulseaudio = {
+    enable = true;
+    support32Bit = true;
+    daemon = {
+      config = {
+        avoid-resampling = "yes";
+      };
+    };
+    configFile = pkgs.runCommand "default.pa" { } ''
+      sed 's/module-udev-detect$/module-udev-detect tsched=0/' \
+        ${pkgs.pulseaudio}/etc/pulse/default.pa > $out
+    '';
+  };
+  hardware.sane.enable = true;
+
+  services = {
+    thinkfan = {
+      enable = true;
+      levels = [
+        [ 0 0 67 ]
+        [ 1 65 75 ]
+        [ 2 73 80 ]
+        [ 3 78 85 ]
+        [ 4 83 90 ]
+        [ 6 88 95 ]
+        [ 7 93 32767 ]
+      ];
+    };
+    xserver = {
+      videoDrivers = [ "nvidia" ];
+      # deviceSection = ''BusID "PCI:0:2:0"'';
+      # deviceSection = ''
+      # Option "TearFree" "true"
+      # '';
+    };
+    power-profiles-daemon.enable = false;
+    auto-cpufreq.enable = true;
+    tlp.enable = false;
+    # tlp = {
+    #   enable = true;
+    #   settings = {
+    #     START_CHARGE_THRESH_BAT0 = 80;
+    #     STOP_CHARGE_THRESH_BAT0 = 90;
+    #   };
+    # };
+    borgbackup.jobs.home = rec {
+      compression = "auto,zstd";
+      encryption = {
+        mode = "repokey-blake2";
+        passphrase = secrets-thinkpad.borg-key;
+      };
+      extraCreateArgs = "--list --stats --verbose --checkpoint-interval 600 --exclude-caches";
+      environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa";
+      paths = "/home/alex";
+      repo = secrets-thinkpad.borg-repo;
+      startAt = "daily";
+      user = "alex";
+      prune.keep = {
+        daily = 7;
+        weekly = 4;
+        monthly = 6;
+      };
+      extraPruneArgs = "--save-space --list --stats";
+      exclude = map (x: paths + "/" + x) be.borg-exclude;
+    };
+  };
+
+  # home-manager.users.alex.services.barrier.client = {
+  #   enable = true;
+  #   enableCrypto = false;
+  #   name = "thinkpad";
+  #   server = "192.168.0.150:24800";
+  # };
+
+  systemd.extraConfig = ''
+    DefaultTimeoutStopSec=10s
+  '';
+
+  environment.systemPackages = with pkgs; [
+    nvidia-offload
+    # xorg.xf86videointel
+    intel-gpu-tools
+  ];
+
+  networking.firewall.enable = false;
+
+  powerManagement.powertop.enable = true;
+
+  system.stateVersion = "21.05";
+}

backup/user-gui-applications.nix

@@ -0,0 +1,44 @@
+{ config, pkgs, lib, ... }:
+
+let
+  unstable = import <nixos-unstable> { config.allowUnfree = true; };
+in
+{
+  imports = [ <home-manager/nixos> ];
+
+  home-manager.users.alex = { pkgs, ... }: {
+    home = {
+      packages = with unstable.pkgs; [
+        bitwarden
+        cura
+        cypress
+        discord
+        etcher
+        firefox
+        font-manager
+        freecad
+        fslint
+        homebank
+        insomnia
+        kdenlive
+        libreoffice
+        lutris
+        # mangohud
+        meld
+        # obs-studio
+        pinta
+        prusa-slicer
+        rpi-imager
+        signal-desktop
+        solaar
+        spotify
+        steam
+        teams
+        virtmanager
+        vulkan-tools
+        wine
+        winetricks
+      ];
+    };
+  };
+}

backup/user-gui.nix

@@ -0,0 +1,135 @@
+{ config, pkgs, lib, ... }:
+
+with builtins; let
+  unstable = import <nixos-unstable> { config.allowUnfree = true; };
+  rofiPin = import
+    (pkgs.fetchFromGitHub {
+      owner = "NixOS";
+      repo = "nixpkgs";
+      rev = "42ded9d56bf0f56bebfcd49b4e942e7ffba4d5fc";
+      sha256 = "KK/LIcEIU4mKYuGxXSqyBRA/fVplsRs3gnmtdUCqKxU=";
+      fetchSubmodules = true;
+    })
+    { };
+in
+{
+  imports = [ <home-manager/nixos> ];
+
+  home-manager.users.alex = { pkgs, ... }: {
+    home = {
+      file = {
+        ".bin/rofi-default-sink.sh" = {
+          executable = true;
+          source = ../home/bin/rofi-default-sink.sh;
+        };
+      };
+      packages = with unstable.pkgs; [
+        baobab
+        barrier
+        keepassxc
+        ponymix #rofi-default
+        mullvad-vpn
+        dracula-theme
+        deadbeef
+        grsync
+      ];
+    };
+
+    xdg.desktopEntries = {
+      defaultSink = {
+        name = "Default Sink";
+        exec = "/home/alex/.bin/rofi-default-sink.sh";
+        terminal = false;
+      };
+    };
+
+    services = {
+      syncthing = {
+        enable = true;
+      };
+    };
+
+    programs = {
+      vscode = {
+        enable = true;
+        package = unstable.pkgs.vscode;
+        extensions = with unstable.pkgs.vscode-extensions; [
+          bbenoist.nix
+          eamodio.gitlens
+          editorconfig.editorconfig
+          ms-azuretools.vscode-docker
+          ms-vsliveshare.vsliveshare
+          ms-vscode.cpptools
+          mskelton.one-dark-theme
+          ms-kubernetes-tools.vscode-kubernetes-tools
+          ryu1kn.partial-diff
+          jnoortheen.nix-ide
+          brettm12345.nixfmt-vscode
+        ];
+      };
+
+      rofi = {
+        enable = true;
+        font = "Liberation Sans Regular 20";
+        package = rofiPin.rofi;
+        extraConfig = {
+          modi = "drun,window";
+          show-icons = true;
+          color-normal = "#00000000, #a6a6a6, #00000000, #a6a6a6, #000000";
+          color-window = "#dd000000, #a6a6a6, #a6a6a6";
+          separator-style = "solid";
+          padding = 50;
+          lines = 10;
+          borderWidth = 2;
+          hide-scrollbar = true;
+        };
+      };
+
+      mpv = {
+        enable = true;
+        config = {
+          hwdec = "auto-safe";
+          vo = "gpu";
+          profile = "gpu-hq";
+        };
+      };
+
+      git = {
+        extraConfig = {
+          credential.helper = "${
+              pkgs.git.override { withLibsecret = true; }
+            }/bin/git-credential-libsecret";
+        };
+      };
+
+      kitty = {
+        enable = true;
+        extraConfig = ''
+          enable_audio_bell false
+
+          background            #000000
+          foreground            #e9e9e9
+          cursor                #e9e9e9
+          selection_background  #424242
+          color0                #000000
+          color8                #000000
+          color1                #d44d53
+          color9                #d44d53
+          color2                #b9c949
+          color10               #b9c949
+          color3                #e6c446
+          color11               #e6c446
+          color4                #79a6da
+          color12               #79a6da
+          color5                #c396d7
+          color13               #c396d7
+          color6                #70c0b1
+          color14               #70c0b1
+          color7                #fffefe
+          color15               #fffefe
+          selection_foreground #000000
+        '';
+      };
+    };
+  };
+}