vegardbm/nix-config
1
1
Fork 0
Code Issues Pull Requests Releases Activity

structure for multiple hosts

Browse Source
This commit is contained in:
Vegard Bieker Matthey
2026-04-12 18:57:51 +02:00
parent 15333068fa
commit 6af16c7143
13 changed files with 329 additions and 299 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
base.nix Normal file
View File

@@ -0,0 +1,96 @@
{
pkgs,
...
}:
{
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.networkmanager.enable = true;
time.timeZone = "Europe/Oslo";
i18n.defaultLocale = "en_US.UTF-8";
console = {
keyMap = "no";
};
environment.systemPackages = with pkgs; [
git
];
nix.settings = {
pure-eval = true;
experimental-features = [
"nix-command"
"flakes"
];
use-xdg-base-directories = true;
trusted-users = [ "vbm" ];
substituters = [
"https://cache.nixos.org/"
"https://nix-community.cachix.org"
"https://nixpkgs-unfree.cachix.org"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
];
builders-use-substitutes = true;
};
services.keyd = {
enable = true;
keyboards = {
default = {
ids = [ "*" ];
settings = {
main = {
capslock = "esc";
esc = "capslock";
leftalt = "leftmeta";
leftmeta = "leftalt";
};
};
};
};
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
};
security.doas = {
enable = true;
extraRules = [
{
users = [ "vbm" ];
keepEnv = true;
persist = true;
}
];
};
security.sudo.enable = false;
security.polkit.enable = true;
users.users.vbm = {
isNormalUser = true;
extraGroups = [
"wheel"
];
shell = pkgs.nushell;
packages = with pkgs; [
ripgrep
fd
];
};
}

191
configuration.nix
View File

@@ -1,191 +0,0 @@
{
pkgs,
lib,
...
}:
{
imports = [
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "nixos-xenon";
networking.networkmanager.enable = true;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
time.timeZone = "Europe/Oslo";
i18n.defaultLocale = "en_US.UTF-8";
console = {
keyMap = "no";
};
nixpkgs.overlays = import ./overlays.nix;
environment.systemPackages = with pkgs; [
git
];
nix.settings = {
pure-eval = true;
experimental-features = [
"nix-command"
"flakes"
];
use-xdg-base-directories = true;
extra-platforms = [
"aarch64-linux"
"arm-linux"
];
trusted-users = [ "vbm" ];
substituters = [
"https://cache.nixos.org/"
"https://cuda-maintainers.cachix.org"
"https://nix-community.cachix.org"
"https://nixos-rocm.cachix.org"
"https://nixpkgs-unfree.cachix.org"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
];
};
nix.extraOptions = lib.mkDefault "builders-use-substitutes = true";
services.thermald.enable = true;
fonts.fontconfig.enable = true;
fonts.fontconfig.defaultFonts = {
monospace = [
"Hack"
];
sansSerif = [
"Notonoto Sans"
"Noto Sans"
];
serif = [
"Notonoto Serif"
"Noto Serif"
];
emoji = [
"Noto Color Emoji"
];
};
fonts.packages = with pkgs; [
hack-font
nerd-fonts.hack
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-color-emoji
];
services.pipewire = {
enable = true;
pulse.enable = true;
audio.enable = true;
};
services.libinput.enable = true;
services.postgresql.enable = true;
services.udisks2.enable = true;
services.keyd = {
enable = true;
keyboards = {
default = {
ids = [ "*" ];
settings = {
main = {
capslock = "esc";
esc = "capslock";
leftalt = "leftmeta";
leftmeta = "leftalt";
};
};
};
};
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
};
users.users.vbm = {
isNormalUser = true;
extraGroups = [
"wheel"
"video"
"input"
"wireshark"
];
shell = pkgs.nushell;
packages = with pkgs; [
(import ./dwls.nix { inherit pkgs lib; })
wmenu
dwl
tree
dust
eza
wl-clipboard
ripgrep
fd
keepassxc
btop
fluffychat
cargo
rustc
upx
gcc
nixfmt
imv
unzip
zip
qbittorrent
typst
calibre
signal-desktop
rustfmt
umu-launcher
cachix
grim
slurp
wireshark
brightnessctl
];
};
security.doas = {
enable = true;
extraRules = [
{
users = [ "vbm" ];
keepEnv = true;
persist = true;
}
];
};
security.sudo.enable = false;
security.polkit.enable = true;
security.rtkit.enable = true;
hardware.acpilight.enable = true;
# Necessary for gtk config, see: https://github.com/nix-community/home-manager/issues/3113
programs.dconf.enable = true;
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "25.05"; # Did you read the comment?
}

36
flake.lock generated
View File

@@ -8,11 +8,11 @@
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1774843378,
"narHash": "sha256-8QLbY8F7UdxeQaW0KUVgr1/YPIupe+1lGjS5joR+ZCw=",
"lastModified": 1775880170,
"narHash": "sha256-63PLZ7lspPAqpV/+d0oNtDHLCWQf1MVFRG2DOeDK+nU=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "0a31b668e3ebb599f95dc518076d709e8dddb57c",
"rev": "28b164d30b5ab6820ef7e17281ae55c539ae9ff5",
"type": "gitlab"
},
"original": {
@@ -30,11 +30,11 @@
]
},
"locked": {
"lastModified": 1769996383,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"lastModified": 1772408722,
"narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"type": "github"
},
"original": {
@@ -50,11 +50,11 @@
]
},
"locked": {
"lastModified": 1774007980,
"narHash": "sha256-FOnZjElEI8pqqCvB6K/1JRHTE8o4rer8driivTpq2uo=",
"lastModified": 1775900011,
"narHash": "sha256-QUGu6CJYFQ5AWVV0n3/FsJyV+1/gj7HSDx68/SX9pwM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "9670de2921812bc4e0452f6e3efd8c859696c183",
"rev": "b0569dc6ec1e6e7fefd8f6897184e4c191cd768e",
"type": "github"
},
"original": {
@@ -65,11 +65,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1773821835,
"narHash": "sha256-TJ3lSQtW0E2JrznGVm8hOQGVpXjJyXY2guAxku2O9A4=",
"lastModified": 1775710090,
"narHash": "sha256-ar3rofg+awPB8QXDaFJhJ2jJhu+KqN/PRCXeyuXR76E=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "b40629efe5d6ec48dd1efba650c797ddbd39ace0",
"rev": "4c1018dae018162ec878d42fec712642d214fdfa",
"type": "github"
},
"original": {
@@ -88,11 +88,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1772402258,
"narHash": "sha256-3DmCFOdmbkFML1/G9gj8Wb+rCCZFPOQtNoMCpqOF8SA=",
"lastModified": 1775837497,
"narHash": "sha256-L17VI03w/wVXvc1SK7EI1muLqHxD3+esYPPzgQvvdOE=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "21ae25e13b01d3b4cdc750b5f9e7bad68b150c10",
"rev": "a587a96a48c705609bfd2ad23f9ae5961eb0d373",
"type": "github"
},
"original": {
@@ -117,11 +117,11 @@
]
},
"locked": {
"lastModified": 1774303811,
"narHash": "sha256-fhG4JAcLgjKwt+XHbjs8brpWnyKUfU4LikLm3s0Q/ic=",
"lastModified": 1775682595,
"narHash": "sha256-0E9PohY/VuESLq0LR4doaH7hTag513sDDW5n5qmHd1Q=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "614e256310e0a4f8a9ccae3fa80c11844fba7042",
"rev": "d2e8438d5886e92bc5e7c40c035ab6cae0c41f76",
"type": "github"
},
"original": {

88
flake.nix
View File

@@ -1,56 +1,62 @@
{
description = "L config";
inputs =
{
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nixvim = {
url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nixvim = {
url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
inputs:
let
system = "x86_64-linux";
in
{
nixosConfigurations = {
nixos-xenon = inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs system;
};
modules = [
./configuration.nix
inputs.sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.home-manager
{
home-manager.useUserPackages = true;
home-manager.users.vbm = ./home/home.nix;
home-manager.extraSpecialArgs = { inherit inputs system; };
home-manager.sharedModules = [
inputs.nixvim.homeModules.nixvim
inputs.sops-nix.homeManagerModules.sops
nixosConfigurations =
let
nixosSystem =
name: hostConfig:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs system;
};
modules = [
./hosts/${name}/configuration.nix
inputs.sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.home-manager
{
home-manager.useUserPackages = true;
home-manager.users.vbm = ./hosts/${name}/home.nix;
home-manager.extraSpecialArgs = { inherit inputs system; };
home-manager.sharedModules = [
inputs.nixvim.homeModules.nixvim
inputs.sops-nix.homeManagerModules.sops
];
}
];
}
];
};
in
{
talos = nixosSystem "talos" { };
};
};
};
}

26
home/home.nix
View File

@@ -7,14 +7,7 @@
{
imports = [
./email.nix
./programs/sway.nix
./programs/neovim.nix
./programs/retroarch.nix
./programs/librewolf.nix
./programs/ssh.nix
./programs/tofi.nix
./programs/foot.nix
];
sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops_id_ed25519" ];
@@ -23,7 +16,6 @@
home = {
username = "vbm";
homeDirectory = "/home/vbm";
stateVersion = "25.11";
sessionVariables = {
XDG_CACHE_HOME = "${config.xdg.cacheHome}";
XDG_CONFIG_HOME = "${config.xdg.configHome}";
@@ -37,22 +29,22 @@
HISTFILE = "${config.xdg.stateHome}/bash/history";
CARGO_HOME = "${config.xdg.dataHome}/cargo";
BROWSER = "librewolf";
SCREENRC = "${config.xdg.configHome}/screen/screenrc";
SCREENDIR = "${config.xdg.stateHome}/screen";
GNUPGHOME = "${config.xdg.dataHome}/gnupg";
BROWSER = "librewolf";
};
};
home.file.".ssh/allowed_signers".text =
"* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI0JYlUwTrHgvjvd4q03ZxDOmoQJ8rSAUDw0dlUMAXb vbm@nixos-xenon";
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"libretro-snes9x"
"libretro-fbneo"
];
builtins.elem (lib.getName pkg) (
lib.optionals config.programs.retroarch.enable [
"libretro-snes9x"
"libretro-fbneo"
]
);
xdg = {
enable = true;
@@ -166,7 +158,7 @@
};
wayland.windowManager.river = {
enable = true;
enable = false;
systemd.enable = true;
settings = {
map = {

0
config_files/dwl/config.h → hosts/talos/config_files/dwl/config.h
View File

0
config_files/slstatus/config.h → hosts/talos/config_files/slstatus/config.h
View File

101
hosts/talos/configuration.nix Normal file
View File

@@ -0,0 +1,101 @@
{
pkgs,
lib,
...
}:
{
imports = [
./hardware-configuration.nix
../../base.nix
];
networking.hostName = "talos";
nixpkgs.overlays = import ../../overlays.nix ++ import ./overlays.nix;
services.thermald.enable = true;
fonts.fontconfig.enable = true;
fonts.fontconfig.defaultFonts = {
monospace = [
"Hack"
];
sansSerif = [
"Notonoto Sans"
"Noto Sans"
];
serif = [
"Notonoto Serif"
"Noto Serif"
];
emoji = [
"Noto Color Emoji"
];
};
fonts.packages = with pkgs; [
hack-font
nerd-fonts.hack
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-color-emoji
];
services.pipewire = {
enable = true;
pulse.enable = true;
audio.enable = true;
};
services.libinput.enable = true;
services.postgresql.enable = true;
services.udisks2.enable = true;
users.users.vbm = {
packages = with pkgs; [
(import ../../scripts/dwls.nix { inherit pkgs lib; })
wmenu
dwl
tree
dust
eza
wl-clipboard
ripgrep
fd
keepassxc
btop
fluffychat
cargo
rustc
upx
gcc
nixfmt
imv
unzip
zip
qbittorrent
typst
calibre
signal-desktop
rustfmt
umu-launcher
cachix
grim
slurp
wireshark
brightnessctl
];
};
security.rtkit.enable = true;
hardware.acpilight.enable = true;
# Necessary for gtk config, see: https://github.com/nix-community/home-manager/issues/3113
programs.dconf.enable = true;
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "25.05"; # Did you read the comment?
}

0
hardware-configuration.nix → hosts/talos/hardware-configuration.nix
View File

21
hosts/talos/home.nix Normal file
View File

@@ -0,0 +1,21 @@
{
...
}:
{
imports = [
../../home/home.nix
../../home/email.nix
../../home/programs/foot.nix
../../home/programs/neovim.nix
../../home/programs/retroarch.nix
../../home/programs/librewolf.nix
];
home = {
stateVersion = "25.11";
};
home.file.".ssh/allowed_signers".text =
"* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI0JYlUwTrHgvjvd4q03ZxDOmoQJ8rSAUDw0dlUMAXb vbm@nixos-xenon";
}

14
hosts/talos/overlays.nix Normal file
View File

@@ -0,0 +1,14 @@
[
(final: prev: {
dwl = (
prev.dwl.override {
configH = ./config_files/dwl/config.h;
enableXWayland = true;
}
);
})
(final: prev: {
slstatus = prev.slstatus.override { conf = ./config_files/slstatus/config.h; };
})
]

55
overlays.nix
View File

@@ -1,33 +1,28 @@
[
(final: prev: {
dwl =
(prev.dwl.override {
configH = ./config_files/dwl/config.h;
enableXWayland = false;
}).overrideAttrs
(
oldAttrs:
let
version = "0.8";
in
{
inherit version;
src = prev.pkgs.fetchFromCodeberg {
owner = "dwl";
repo = "dwl";
rev = "v${version}";
hash = "sha256-J76L5ZOCYgfcY08wH5cSLG+UdgDrv50lQyEnJNqDkXI=";
};
buildInputs = prev.lib.lists.remove prev.pkgs.wlroots_0_18 oldAttrs.buildInputs ++ [
prev.pkgs.libdrm
prev.pkgs.fcft
prev.pkgs.wlroots_0_19
];
patches = oldAttrs.patches or [ ] ++ [
./patches/dwl/bar.patch
];
}
);
dwl = prev.dwl.overrideAttrs (
oldAttrs:
let
version = "0.8";
in
{
inherit version;
src = prev.pkgs.fetchFromCodeberg {
owner = "dwl";
repo = "dwl";
rev = "v${version}";
hash = "sha256-J76L5ZOCYgfcY08wH5cSLG+UdgDrv50lQyEnJNqDkXI=";
};
buildInputs = prev.lib.lists.remove prev.pkgs.wlroots_0_18 oldAttrs.buildInputs ++ [
prev.pkgs.libdrm
prev.pkgs.fcft
prev.pkgs.wlroots_0_19
];
patches = oldAttrs.patches or [ ] ++ [
./patches/dwl/bar.patch
];
}
);
})
(final: prev: {
@@ -38,8 +33,4 @@
buildInputs = oldAttrs.buildInputs ++ [ prev.pkgs.glib ];
});
})
(final: prev: {
slstatus = prev.slstatus.override { conf = ./config_files/slstatus/config.h; };
})
]

0
dwls.nix → scripts/dwls.nix
View File