willemml/dotfiles.nix
1
0
Fork 0
mirror of https://github.com/willemml/dotfiles.nix.git synced 2025-04-12 11:17:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Refactors profiles for gui, desktop and laptop

Browse source
This commit is contained in:
willemml 2024-02-06 16:28:28 -08:00
parent 550d37ad66
commit d0f1e9a09d
Signed by: willemml
GPG key ID: C3DE5DF6198DACBD
11 changed files with 126 additions and 308 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
common/hosts/zerotier
View file

@ -1,4 +1,6 @@
10.1.2.16 zeus
10.1.2.153 glassbox
10.1.2.28 voyager
10.1.2.134 bsdremote
10.1.2.152 thinkpad
10.1.2.171 pizero

11
nixos/hosts/glassbox.nix
View file

@ -5,15 +5,10 @@
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
../profiles/hyprland.nix
../profiles/default.nix
../users/willem/home/linux.nix
../modules/zerotier.nix
../profiles/desktop.nix
];
boot.initrd.availableKernelModules = ["vmd" "xhci_pci" "nvme" "ahci" "usbhid" "usb_storage" "sd_mod"];
@ -48,10 +43,6 @@
swapDevices = [];
networking.hostName = "glassbox";
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

224
nixos/hosts/nixbox.nix
View file

@ -2,206 +2,56 @@
config,
lib,
pkgs,
modulesPath,
...
}: let
torrent_group_id = 987;
in
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
../profiles/hyprland.nix
../profiles/default.nix
../users/willem/home/linux.nix
../modules/zerotier.nix
];
}: {
imports = [
../profiles/desktop.nix
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["amdgpu"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["amdgpu"];
boot.extraModulePackages = [];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = ["zfs"];
boot.zfs.forceImportRoot = false;
networking.hostId = "06818aaa";
boot.supportedFilesystems = ["zfs"];
boot.zfs.forceImportRoot = false;
networking.hostId = "06818aaa";
hardware.opengl.driSupport = true;
hardware.opengl.enable = true;
hardware.opengl.driSupport = true;
hardware.opengl.enable = true;
hardware.opengl.extraPackages = with pkgs; [
amdvlk
];
hardware.opengl.extraPackages = with pkgs; [
amdvlk
];
fileSystems."/" = {
device = "/dev/disk/by-uuid/24855432-019b-43d9-9b83-9135b9dc31a6";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/24855432-019b-43d9-9b83-9135b9dc31a6";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F2E9-F515";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F2E9-F515";
fsType = "vfat";
};
boot.zfs.extraPools = ["zpool"];
boot.zfs.extraPools = ["zpool"];
swapDevices = [{device = "/dev/disk/by-uuid/36bb51f0-f56d-4408-b61c-7905789a7304";}];
swapDevices = [{device = "/dev/disk/by-uuid/36bb51f0-f56d-4408-b61c-7905789a7304";}];
environment.systemPackages = [pkgs.zfs];
environment.systemPackages = [pkgs.zfs];
services.zfs.autoScrub.enable = true;
services.zfs.autoScrub.enable = true;
services.jellyfin.enable = true;
services.jellyfin.enable = true;
users.groups.torrent.gid = torrent_group_id;
users.groups.torrent.gid = torrent_group_id;
services.transmission = {
enable = false;
networking.hostName = "nixbox";
package = pkgs.transmission_4;
group = "torrent";
settings = rec {
download-dir = "/zpool/media/torrents";
incomplete-dir = "/zpool/media/torrents/.incomplete";
incomplete-dir-enabled = true;
peer-port = 51413;
rpc-enabled = true;
rpc-bind-address = "0.0.0.0";
rpc-whitelist-enabled = false;
rpc-whitelist = "10.1.2.*,127.0.0.*";
rpc-host-whitelist-enabled = false;
};
};
networking.nftables.enable = true;
networking.nftables.flushRuleset = true;
networking.nftables.tables."nixos-fw".content = lib.mkForce "";
networking.nftables.ruleset = ''
table inet filter {
chain input {
type filter hook input priority 0;
# accept all localhost and zerotier traffic
iifname lo accept
iifname "zt*" accept
# accept traffic sent by us
ct state {established, related} accept
# ICMP
# routers may also want: mld-listener-query, nd-router-solicit
ip protocol icmp icmp type { destination-unreachable, router-advertisement, time-exceeded, parameter-problem } accept
# allow "ping"
ip protocol icmp icmp type echo-request accept
# jellyfin
tcp dport 8096 accept
tcp dport 8920 accept
udp dport 1900 accept
udp dport 7359 accept
# transmission web ui
tcp dport 9091 accept
# zerotier
udp dport 9993 accept
tcp dport 9993 accept
# ssh
tcp dport 22 accept
iifname "tun0" tcp dport 51413 accept
iifname "tun0" udp dport 51413 accept
iifname {lo, "zt*"} tcp dport 9091 accept
iifname "tun0" skgid ${toString torrent_group_id} accept
# drop all other packets
counter drop
#accept
}
chain output {
type filter hook output priority 0;
tcp dport 53 accept
udp dport 53 accept
oifname {"lo", "zt*"} tcp sport 9091 accept
skgid ${toString torrent_group_id} oifname != "tun0" counter drop
# zerotier
oifname "zt*" accept
udp dport 9993 accept
tcp dport 9993 accept
accept
}
chain forward {
type filter hook forward priority 0;
accept
}
}
'';
networking.useDHCP = lib.mkDefault true;
networking.hostName = "nixbox";
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["vmd" "xhci_pci" "nvme" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/4e9a4d87-4b00-413b-84c0-62e737a012a9";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/1641-A38E";
fsType = "vfat";
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

8
nixos/hosts/thinkpad.nix
View file

@ -2,15 +2,10 @@
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
../profiles/hyprland.nix
../profiles/default.nix
../users/willem/home/linux.nix
../modules/zerotier.nix
../profiles/laptop.nix
];
boot.loader.systemd-boot.enable = true;
@ -42,7 +37,6 @@
settings.General.EnableNetworkConfiguration = true;
};
networking.useDHCP = lib.mkDefault true;
networking.hostName = "thinkpad";
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

25
nixos/hosts/voyager/default.nix
View file

@ -3,31 +3,14 @@
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
../../profiles/hyprland.nix
../../profiles/default.nix
../../users/willem/home/linux.nix
../../modules/zerotier.nix
../../profiles/laptop.nix
inputs.nixos-apple-silicon.nixosModules.apple-silicon-support
];
environment.sessionVariables.MOZ_GMP_PATH = ["${pkgs.widevine}/gmp-widevinecdm/system-installed"];
environment.systemPackages = [pkgs.powertop];
services.logind = {
extraConfig = ''
HandlePowerKey=suspend
HandleLidSwitchDocked=suspend
'';
lidSwitch = "suspend";
};
powerManagement.powertop.enable = true;
boot.initrd.availableKernelModules = ["usb_storage" "sdhci_pci"];
fileSystems."/" = {
@ -42,8 +25,6 @@
swapDevices = [];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
@ -71,10 +52,6 @@
};
hardware.opengl.enable = true;
networking.wireless.iwd = {
enable = true;
settings.General.EnableNetworkConfiguration = true;
};
networking.hostName = "voyager";
}

4
nixos/profiles/default.nix
View file

@ -3,6 +3,7 @@
overlays,
pkgs,
globals,
lib,
...
}: {
imports = [
@ -15,6 +16,9 @@
inputs.stylix.nixosModules.stylix
];
networking.useDHCP = lib.mkDefault true;
hardware.enableRedistributableFirmware = lib.mkDefault true;
programs.command-not-found.enable = false;
boot.tmp.useTmpfs = true;

57
nixos/profiles/desktop.nix
View file

@ -1,49 +1,10 @@
{
pkgs,
globals,
...
}: {
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
services.dbus = {
enable = true;
packages = [pkgs.dconf];
};
programs.dconf = {
enable = true;
};
services.printing.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.xserver = {
enable = true;
layout = globals.keyboard.layout;
xkbVariant = globals.keyboard.variant;
synaptics.enable = false;
displayManager.lightdm.enable = false;
libinput = {
enable = true;
touchpad.tapping = true;
touchpad.naturalScrolling = true;
touchpad.scrollMethod = "twofinger";
touchpad.disableWhileTyping = true;
touchpad.clickMethod = "clickfinger";
};
};
sound.enable = true;
{pkgs, ...}: {
imports = [
./hyprland.nix
./default.nix
../users/willem/home/linux.nix
../modules/zerotier.nix
];
powerManagement.cpuFreqGovernor = "performance";
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

31
nixos/profiles/gnome.nix
View file

@ -1,31 +0,0 @@
{pkgs, ...}: {
imports = [./desktop.nix];
environment.gnome.excludePackages =
(with pkgs; [
gnome-photos
gnome-tour
])
++ (with pkgs.gnome; [
gnome-music
evince # document viewer
gnome-characters
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
environment.systemPackages = with pkgs; [
pinentry-gnome
];
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
sound.enable = true;
}

49
nixos/profiles/gui.nix Normal file
View file

@ -0,0 +1,49 @@
{
pkgs,
globals,
...
}: {
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
services.dbus = {
enable = true;
packages = [pkgs.dconf];
};
programs.dconf = {
enable = true;
};
services.printing.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.xserver = {
enable = true;
layout = globals.keyboard.layout;
xkbVariant = globals.keyboard.variant;
synaptics.enable = false;
displayManager.lightdm.enable = false;
libinput = {
enable = true;
touchpad.tapping = true;
touchpad.naturalScrolling = true;
touchpad.scrollMethod = "twofinger";
touchpad.disableWhileTyping = true;
touchpad.clickMethod = "clickfinger";
};
};
sound.enable = true;
}

2
nixos/profiles/hyprland.nix
View file

@ -3,7 +3,7 @@
pkgs,
...
}: {
imports = [./desktop.nix];
imports = [./gui.nix];
programs.hyprland.enable = true;
programs.hyprland.package = inputs.hyprland.packages.${pkgs.system}.hyprland;

21
nixos/profiles/laptop.nix Normal file
View file

@ -0,0 +1,21 @@
{pkgs, ...}: {
imports = [
./hyprland.nix
./default.nix
../users/willem/home/linux.nix
../modules/zerotier.nix
];
environment.systemPackages = [pkgs.powertop];
services.logind = {
extraConfig = ''
HandlePowerKey=suspend
HandleLidSwitchDocked=suspend
'';
lidSwitch = "suspend";
};
powerManagement.powertop.enable = true;
networking.wireless.iwd = {
enable = true;
settings.General.EnableNetworkConfiguration = true;
};
}