diff --git a/base.nix b/base.nix new file mode 100644 index 0000000..fcb3d7a --- /dev/null +++ b/base.nix @@ -0,0 +1,96 @@ +{ + pkgs, + ... +}: +{ + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.networkmanager.enable = true; + + time.timeZone = "Europe/Oslo"; + + i18n.defaultLocale = "en_US.UTF-8"; + console = { + keyMap = "no"; + }; + + environment.systemPackages = with pkgs; [ + git + ]; + + nix.settings = { + pure-eval = true; + experimental-features = [ + "nix-command" + "flakes" + ]; + use-xdg-base-directories = true; + trusted-users = [ "vbm" ]; + substituters = [ + "https://cache.nixos.org/" + "https://nix-community.cachix.org" + "https://nixpkgs-unfree.cachix.org" + ]; + + trusted-public-keys = [ + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs=" + ]; + + builders-use-substitutes = true; + }; + + services.keyd = { + enable = true; + keyboards = { + default = { + ids = [ "*" ]; + settings = { + main = { + capslock = "esc"; + esc = "capslock"; + leftalt = "leftmeta"; + leftmeta = "leftalt"; + }; + }; + }; + }; + }; + + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + PermitRootLogin = "no"; + }; + }; + + security.doas = { + enable = true; + extraRules = [ + { + users = [ "vbm" ]; + keepEnv = true; + persist = true; + } + ]; + }; + security.sudo.enable = false; + security.polkit.enable = true; + + users.users.vbm = { + isNormalUser = true; + extraGroups = [ + "wheel" + ]; + shell = pkgs.nushell; + + packages = with pkgs; [ + ripgrep + fd + ]; + }; + +} diff --git a/configuration.nix b/configuration.nix deleted file mode 100644 index 414a77e..0000000 --- a/configuration.nix +++ /dev/null @@ -1,191 +0,0 @@ -{ - pkgs, - lib, - ... -}: -{ - imports = [ - ./hardware-configuration.nix - ]; - - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "nixos-xenon"; - networking.networkmanager.enable = true; - - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - - time.timeZone = "Europe/Oslo"; - - i18n.defaultLocale = "en_US.UTF-8"; - console = { - keyMap = "no"; - }; - - nixpkgs.overlays = import ./overlays.nix; - - environment.systemPackages = with pkgs; [ - git - ]; - - nix.settings = { - pure-eval = true; - experimental-features = [ - "nix-command" - "flakes" - ]; - use-xdg-base-directories = true; - extra-platforms = [ - "aarch64-linux" - "arm-linux" - ]; - trusted-users = [ "vbm" ]; - substituters = [ - "https://cache.nixos.org/" - "https://cuda-maintainers.cachix.org" - "https://nix-community.cachix.org" - "https://nixos-rocm.cachix.org" - "https://nixpkgs-unfree.cachix.org" - ]; - - trusted-public-keys = [ - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs=" - ]; - }; - - nix.extraOptions = lib.mkDefault "builders-use-substitutes = true"; - - services.thermald.enable = true; - - fonts.fontconfig.enable = true; - fonts.fontconfig.defaultFonts = { - monospace = [ - "Hack" - ]; - sansSerif = [ - "Notonoto Sans" - "Noto Sans" - ]; - serif = [ - "Notonoto Serif" - "Noto Serif" - ]; - emoji = [ - "Noto Color Emoji" - ]; - }; - fonts.packages = with pkgs; [ - hack-font - nerd-fonts.hack - noto-fonts - noto-fonts-cjk-sans - noto-fonts-cjk-serif - noto-fonts-color-emoji - ]; - - services.pipewire = { - enable = true; - pulse.enable = true; - audio.enable = true; - }; - - services.libinput.enable = true; - - services.postgresql.enable = true; - - services.udisks2.enable = true; - - services.keyd = { - enable = true; - keyboards = { - default = { - ids = [ "*" ]; - settings = { - main = { - capslock = "esc"; - esc = "capslock"; - leftalt = "leftmeta"; - leftmeta = "leftalt"; - }; - }; - }; - }; - }; - - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - KbdInteractiveAuthentication = false; - PermitRootLogin = "no"; - }; - }; - - users.users.vbm = { - isNormalUser = true; - extraGroups = [ - "wheel" - "video" - "input" - "wireshark" - ]; - shell = pkgs.nushell; - packages = with pkgs; [ - (import ./dwls.nix { inherit pkgs lib; }) - wmenu - dwl - tree - dust - eza - wl-clipboard - ripgrep - fd - keepassxc - btop - fluffychat - cargo - rustc - upx - gcc - nixfmt - imv - unzip - zip - qbittorrent - typst - calibre - signal-desktop - rustfmt - umu-launcher - cachix - grim - slurp - wireshark - brightnessctl - ]; - }; - - security.doas = { - enable = true; - extraRules = [ - { - users = [ "vbm" ]; - keepEnv = true; - persist = true; - } - ]; - }; - security.sudo.enable = false; - security.polkit.enable = true; - security.rtkit.enable = true; - - hardware.acpilight.enable = true; - - # Necessary for gtk config, see: https://github.com/nix-community/home-manager/issues/3113 - programs.dconf.enable = true; - - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? -} diff --git a/flake.lock b/flake.lock index 0af6e81..1a5c259 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1774843378, - "narHash": "sha256-8QLbY8F7UdxeQaW0KUVgr1/YPIupe+1lGjS5joR+ZCw=", + "lastModified": 1775880170, + "narHash": "sha256-63PLZ7lspPAqpV/+d0oNtDHLCWQf1MVFRG2DOeDK+nU=", "owner": "rycee", "repo": "nur-expressions", - "rev": "0a31b668e3ebb599f95dc518076d709e8dddb57c", + "rev": "28b164d30b5ab6820ef7e17281ae55c539ae9ff5", "type": "gitlab" }, "original": { @@ -30,11 +30,11 @@ ] }, "locked": { - "lastModified": 1769996383, - "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", + "lastModified": 1772408722, + "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", + "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3", "type": "github" }, "original": { @@ -50,11 +50,11 @@ ] }, "locked": { - "lastModified": 1774007980, - "narHash": "sha256-FOnZjElEI8pqqCvB6K/1JRHTE8o4rer8driivTpq2uo=", + "lastModified": 1775900011, + "narHash": "sha256-QUGu6CJYFQ5AWVV0n3/FsJyV+1/gj7HSDx68/SX9pwM=", "owner": "nix-community", "repo": "home-manager", - "rev": "9670de2921812bc4e0452f6e3efd8c859696c183", + "rev": "b0569dc6ec1e6e7fefd8f6897184e4c191cd768e", "type": "github" }, "original": { @@ -65,11 +65,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1773821835, - "narHash": "sha256-TJ3lSQtW0E2JrznGVm8hOQGVpXjJyXY2guAxku2O9A4=", + "lastModified": 1775710090, + "narHash": "sha256-ar3rofg+awPB8QXDaFJhJ2jJhu+KqN/PRCXeyuXR76E=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b40629efe5d6ec48dd1efba650c797ddbd39ace0", + "rev": "4c1018dae018162ec878d42fec712642d214fdfa", "type": "github" }, "original": { @@ -88,11 +88,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1772402258, - "narHash": "sha256-3DmCFOdmbkFML1/G9gj8Wb+rCCZFPOQtNoMCpqOF8SA=", + "lastModified": 1775837497, + "narHash": "sha256-L17VI03w/wVXvc1SK7EI1muLqHxD3+esYPPzgQvvdOE=", "owner": "nix-community", "repo": "nixvim", - "rev": "21ae25e13b01d3b4cdc750b5f9e7bad68b150c10", + "rev": "a587a96a48c705609bfd2ad23f9ae5961eb0d373", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1774303811, - "narHash": "sha256-fhG4JAcLgjKwt+XHbjs8brpWnyKUfU4LikLm3s0Q/ic=", + "lastModified": 1775682595, + "narHash": "sha256-0E9PohY/VuESLq0LR4doaH7hTag513sDDW5n5qmHd1Q=", "owner": "Mic92", "repo": "sops-nix", - "rev": "614e256310e0a4f8a9ccae3fa80c11844fba7042", + "rev": "d2e8438d5886e92bc5e7c40c035ab6cae0c41f76", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 766da78..4a0ec73 100644 --- a/flake.nix +++ b/flake.nix @@ -1,56 +1,62 @@ { description = "L config"; - inputs = - { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - home-manager = { - url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - nixvim = { - url = "github:nix-community/nixvim"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - sops-nix = { - url = "github:Mic92/sops-nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - firefox-addons = { - url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; }; + nixvim = { + url = "github:nix-community/nixvim"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + sops-nix = { + url = "github:Mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + firefox-addons = { + url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + outputs = inputs: let system = "x86_64-linux"; in { - nixosConfigurations = { - nixos-xenon = inputs.nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs system; - }; - modules = [ - ./configuration.nix - inputs.sops-nix.nixosModules.sops - inputs.home-manager.nixosModules.home-manager - { - home-manager.useUserPackages = true; - home-manager.users.vbm = ./home/home.nix; - home-manager.extraSpecialArgs = { inherit inputs system; }; - home-manager.sharedModules = [ - inputs.nixvim.homeModules.nixvim - inputs.sops-nix.homeManagerModules.sops + nixosConfigurations = + let + nixosSystem = + name: hostConfig: + inputs.nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs system; + }; + modules = [ + ./hosts/${name}/configuration.nix + inputs.sops-nix.nixosModules.sops + inputs.home-manager.nixosModules.home-manager + { + home-manager.useUserPackages = true; + home-manager.users.vbm = ./hosts/${name}/home.nix; + home-manager.extraSpecialArgs = { inherit inputs system; }; + home-manager.sharedModules = [ + inputs.nixvim.homeModules.nixvim + inputs.sops-nix.homeManagerModules.sops + ]; + } ]; - } - ]; + }; + in + + { + talos = nixosSystem "talos" { }; }; - }; }; } diff --git a/home/home.nix b/home/home.nix index 10459b9..80b15e4 100644 --- a/home/home.nix +++ b/home/home.nix @@ -7,14 +7,7 @@ { imports = [ - ./email.nix - ./programs/sway.nix - ./programs/neovim.nix - ./programs/retroarch.nix - ./programs/librewolf.nix ./programs/ssh.nix - ./programs/tofi.nix - ./programs/foot.nix ]; sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops_id_ed25519" ]; @@ -23,7 +16,6 @@ home = { username = "vbm"; homeDirectory = "/home/vbm"; - stateVersion = "25.11"; sessionVariables = { XDG_CACHE_HOME = "${config.xdg.cacheHome}"; XDG_CONFIG_HOME = "${config.xdg.configHome}"; @@ -37,22 +29,22 @@ HISTFILE = "${config.xdg.stateHome}/bash/history"; CARGO_HOME = "${config.xdg.dataHome}/cargo"; - BROWSER = "librewolf"; SCREENRC = "${config.xdg.configHome}/screen/screenrc"; SCREENDIR = "${config.xdg.stateHome}/screen"; GNUPGHOME = "${config.xdg.dataHome}/gnupg"; + + BROWSER = "librewolf"; }; }; - home.file.".ssh/allowed_signers".text = - "* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI0JYlUwTrHgvjvd4q03ZxDOmoQJ8rSAUDw0dlUMAXb vbm@nixos-xenon"; - nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) [ - "libretro-snes9x" - "libretro-fbneo" - ]; + builtins.elem (lib.getName pkg) ( + lib.optionals config.programs.retroarch.enable [ + "libretro-snes9x" + "libretro-fbneo" + ] + ); xdg = { enable = true; @@ -166,7 +158,7 @@ }; wayland.windowManager.river = { - enable = true; + enable = false; systemd.enable = true; settings = { map = { diff --git a/config_files/dwl/config.h b/hosts/talos/config_files/dwl/config.h similarity index 100% rename from config_files/dwl/config.h rename to hosts/talos/config_files/dwl/config.h diff --git a/config_files/slstatus/config.h b/hosts/talos/config_files/slstatus/config.h similarity index 100% rename from config_files/slstatus/config.h rename to hosts/talos/config_files/slstatus/config.h diff --git a/hosts/talos/configuration.nix b/hosts/talos/configuration.nix new file mode 100644 index 0000000..dca3c66 --- /dev/null +++ b/hosts/talos/configuration.nix @@ -0,0 +1,101 @@ +{ + pkgs, + lib, + ... +}: +{ + imports = [ + ./hardware-configuration.nix + ../../base.nix + ]; + + networking.hostName = "talos"; + + nixpkgs.overlays = import ../../overlays.nix ++ import ./overlays.nix; + + services.thermald.enable = true; + + fonts.fontconfig.enable = true; + fonts.fontconfig.defaultFonts = { + monospace = [ + "Hack" + ]; + sansSerif = [ + "Notonoto Sans" + "Noto Sans" + ]; + serif = [ + "Notonoto Serif" + "Noto Serif" + ]; + emoji = [ + "Noto Color Emoji" + ]; + }; + fonts.packages = with pkgs; [ + hack-font + nerd-fonts.hack + noto-fonts + noto-fonts-cjk-sans + noto-fonts-cjk-serif + noto-fonts-color-emoji + ]; + + services.pipewire = { + enable = true; + pulse.enable = true; + audio.enable = true; + }; + + services.libinput.enable = true; + + services.postgresql.enable = true; + + services.udisks2.enable = true; + + users.users.vbm = { + packages = with pkgs; [ + (import ../../scripts/dwls.nix { inherit pkgs lib; }) + wmenu + dwl + tree + dust + eza + wl-clipboard + ripgrep + fd + keepassxc + btop + fluffychat + cargo + rustc + upx + gcc + nixfmt + imv + unzip + zip + qbittorrent + typst + calibre + signal-desktop + rustfmt + umu-launcher + cachix + grim + slurp + wireshark + brightnessctl + ]; + }; + + security.rtkit.enable = true; + + hardware.acpilight.enable = true; + + # Necessary for gtk config, see: https://github.com/nix-community/home-manager/issues/3113 + programs.dconf.enable = true; + + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hardware-configuration.nix b/hosts/talos/hardware-configuration.nix similarity index 100% rename from hardware-configuration.nix rename to hosts/talos/hardware-configuration.nix diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix new file mode 100644 index 0000000..53c371a --- /dev/null +++ b/hosts/talos/home.nix @@ -0,0 +1,21 @@ +{ + ... +}: +{ + + imports = [ + ../../home/home.nix + ../../home/email.nix + ../../home/programs/foot.nix + ../../home/programs/neovim.nix + ../../home/programs/retroarch.nix + ../../home/programs/librewolf.nix + ]; + + home = { + stateVersion = "25.11"; + }; + + home.file.".ssh/allowed_signers".text = + "* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI0JYlUwTrHgvjvd4q03ZxDOmoQJ8rSAUDw0dlUMAXb vbm@nixos-xenon"; +} diff --git a/hosts/talos/overlays.nix b/hosts/talos/overlays.nix new file mode 100644 index 0000000..74bf5a4 --- /dev/null +++ b/hosts/talos/overlays.nix @@ -0,0 +1,14 @@ +[ + (final: prev: { + dwl = ( + prev.dwl.override { + configH = ./config_files/dwl/config.h; + enableXWayland = true; + } + ); + }) + + (final: prev: { + slstatus = prev.slstatus.override { conf = ./config_files/slstatus/config.h; }; + }) +] diff --git a/overlays.nix b/overlays.nix index eae8cdb..961b676 100644 --- a/overlays.nix +++ b/overlays.nix @@ -1,33 +1,28 @@ [ (final: prev: { - dwl = - (prev.dwl.override { - configH = ./config_files/dwl/config.h; - enableXWayland = false; - }).overrideAttrs - ( - oldAttrs: - let - version = "0.8"; - in - { - inherit version; - src = prev.pkgs.fetchFromCodeberg { - owner = "dwl"; - repo = "dwl"; - rev = "v${version}"; - hash = "sha256-J76L5ZOCYgfcY08wH5cSLG+UdgDrv50lQyEnJNqDkXI="; - }; - buildInputs = prev.lib.lists.remove prev.pkgs.wlroots_0_18 oldAttrs.buildInputs ++ [ - prev.pkgs.libdrm - prev.pkgs.fcft - prev.pkgs.wlroots_0_19 - ]; - patches = oldAttrs.patches or [ ] ++ [ - ./patches/dwl/bar.patch - ]; - } - ); + dwl = prev.dwl.overrideAttrs ( + oldAttrs: + let + version = "0.8"; + in + { + inherit version; + src = prev.pkgs.fetchFromCodeberg { + owner = "dwl"; + repo = "dwl"; + rev = "v${version}"; + hash = "sha256-J76L5ZOCYgfcY08wH5cSLG+UdgDrv50lQyEnJNqDkXI="; + }; + buildInputs = prev.lib.lists.remove prev.pkgs.wlroots_0_18 oldAttrs.buildInputs ++ [ + prev.pkgs.libdrm + prev.pkgs.fcft + prev.pkgs.wlroots_0_19 + ]; + patches = oldAttrs.patches or [ ] ++ [ + ./patches/dwl/bar.patch + ]; + } + ); }) (final: prev: { @@ -38,8 +33,4 @@ buildInputs = oldAttrs.buildInputs ++ [ prev.pkgs.glib ]; }); }) - - (final: prev: { - slstatus = prev.slstatus.override { conf = ./config_files/slstatus/config.h; }; - }) ] diff --git a/dwls.nix b/scripts/dwls.nix similarity index 100% rename from dwls.nix rename to scripts/dwls.nix