From 16986ea4b0d83893735f42d428d0a979ea3265e2 Mon Sep 17 00:00:00 2001 From: Snuggle <^-^@snugg.ie> Date: Wed, 25 Sep 2024 19:33:31 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=8E=A8=20Standardise=20on=20tab=20indenta?= =?UTF-8?q?tion?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flake.nix | 112 +-- home-manager/home.nix | 540 +++++++------- hosts/-common/configuration.nix | 808 ++++++++++----------- hosts/cherry/configuration.nix | 16 +- hosts/pineapple/configuration.nix | 240 +++--- hosts/pineapple/hardware-configuration.nix | 84 +-- hosts/strawberry/darwin-configuration.nix | 176 ++--- 7 files changed, 987 insertions(+), 989 deletions(-) diff --git a/flake.nix b/flake.nix index af8868f..6d91799 100644 --- a/flake.nix +++ b/flake.nix @@ -1,63 +1,63 @@ { - description = "Your new nix config"; + description = "Your new nix config"; - inputs = { - # Nixpkgs - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; + inputs = { + # Nixpkgs + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; - # Home manager - home-manager.url = "github:nix-community/home-manager/release-24.05"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; - }; + # Home manager + home-manager.url = "github:nix-community/home-manager/release-24.05"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + }; - outputs = { - self, - nixpkgs, - home-manager, - ... - } @ inputs: let - inherit (self) outputs; - in { - # NixOS configuration entrypoint - # Available through 'nixos-rebuild --flake .#your-hostname' - nixosConfigurations = { - # FIXME replace with your hostname - cherry = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs outputs;}; - # > Our main nixos configuration file < - modules = [./hosts/cherry/configuration.nix]; - }; + outputs = { + self, + nixpkgs, + home-manager, + ... + } @ inputs: let + inherit (self) outputs; + in { + # NixOS configuration entrypoint + # Available through 'nixos-rebuild --flake .#your-hostname' + nixosConfigurations = { + # FIXME replace with your hostname + cherry = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs outputs;}; + # > Our main nixos configuration file < + modules = [./hosts/cherry/configuration.nix]; + }; - pineapple = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs outputs;}; - # > Our main nixos configuration file < - modules = [./hosts/pineapple/configuration.nix]; - }; - }; + pineapple = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs outputs;}; + # > Our main nixos configuration file < + modules = [./hosts/pineapple/configuration.nix]; + }; + }; - # Standalone home-manager configuration entrypoint - # Available through 'home-manager --flake .#your-username@your-hostname' - homeConfigurations = { - "snuggle@cherry" = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance - extraSpecialArgs = {inherit inputs outputs;}; - # > Our main home-manager configuration file < - modules = [ - ./home-manager/home.nix - ./config/dconf/dconf.nix - ./config/dconf/cherry.nix - ]; - }; - "snuggle@pineapple" = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance - extraSpecialArgs = {inherit inputs outputs;}; - # > Our main home-manager configuration file < - modules = [ - ./home-manager/home.nix - ./config/dconf/dconf.nix - ./config/dconf/pineapple.nix - ]; - }; - }; - }; + # Standalone home-manager configuration entrypoint + # Available through 'home-manager --flake .#your-username@your-hostname' + homeConfigurations = { + "snuggle@cherry" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + extraSpecialArgs = {inherit inputs outputs;}; + # > Our main home-manager configuration file < + modules = [ + ./home-manager/home.nix + ./config/dconf/dconf.nix + ./config/dconf/cherry.nix + ]; + }; + "snuggle@pineapple" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + extraSpecialArgs = {inherit inputs outputs;}; + # > Our main home-manager configuration file < + modules = [ + ./home-manager/home.nix + ./config/dconf/dconf.nix + ./config/dconf/pineapple.nix + ]; + }; + }; + }; } diff --git a/home-manager/home.nix b/home-manager/home.nix index 43fcd8f..9124ff4 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -1,108 +1,108 @@ # This is your home-manager configuration file # Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix) { - inputs, - lib, - config, - pkgs, - ... + inputs, + lib, + config, + pkgs, + ... }: { - # You can import other home-manager modules here - imports = [ - # If you want to use home-manager modules from other flakes (such as nix-colors): - # inputs.nix-colors.homeManagerModule - - # You can also split up your configuration and import pieces of it here: - # ./nvim.nix - ]; - - nixpkgs = { - # You can add overlays here - overlays = [ - # If you want to use overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - # Workaround for https://github.com/nix-community/home-manager/issues/2942 - allowUnfreePredicate = _: true; - }; - }; - - - # The home.packages option allows you to install Nix packages into your - # environment. - home.packages = [ - # # Adds the 'hello' command to your environment. It prints a friendly - # # "Hello, world!" when run. - # pkgs.hello - - # # It is sometimes useful to fine-tune packages, for example, by applying - # # overrides. You can do that directly here, just don't forget the - # # parentheses. Maybe you want to install Nerd Fonts with a limited number of - # # fonts? - # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) - - # # You can also create simple shell scripts directly inside your - # # configuration. For example, this adds a command 'my-hello' to your - # # environment: - # (pkgs.writeShellScriptBin "my-hello" '' - # echo "Hello, ${config.home.username}!" - # '') - ]; - - # Home Manager is pretty good at managing dotfiles. The primary way to manage - # plain files is through 'home.file'. - home.file = { - # # Building this configuration will create a copy of 'dotfiles/screenrc' in - # # the Nix store. Activating the configuration will then make '~/.screenrc' a - # # symlink to the Nix store copy. - # ".screenrc".source = dotfiles/screenrc; - - # # You can also set the file content immediately. - # ".gradle/gradle.properties".text = '' - # org.gradle.console=verbose - # org.gradle.daemon.idletimeout=3600000 - # ''; - }; - - home.file."Deck".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Deck"; - home.file."Desktop".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Desktop"; - home.file."Documents".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Documents"; - home.file."Downloads".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Downloads"; - home.file."Music".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Music"; - home.file."Notes".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Notes"; - home.file."Pictures".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Pictures"; - home.file."Public".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Public"; - home.file."Screenshots".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Screenshots"; - home.file."Talk".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Talk"; - home.file."Templates".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Templates"; - home.file."Temporary".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Temporary"; - home.file."Vault".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Vault"; - home.file."Videos".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Videos"; - - home.file.".face".source = builtins.fetchurl { - url = "https://github.com/snuggle.png"; - sha256 = "1x4ajji4ip6bw9dkwf7bykkw00avzw7wg21cn0w4kwbcv71h052c"; - }; - - home.file = { - ".config/home-manager/home.nix" = { - source = config.lib.file.mkOutOfStoreSymlink ../users/snuggle.nix; - }; - }; - - home.file.".ssh/authorized_keys" = { - source = builtins.fetchurl { + # You can import other home-manager modules here + imports = [ + # If you want to use home-manager modules from other flakes (such as nix-colors): + # inputs.nix-colors.homeManagerModule + + # You can also split up your configuration and import pieces of it here: + # ./nvim.nix + ]; + + nixpkgs = { + # You can add overlays here + overlays = [ + # If you want to use overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + # Workaround for https://github.com/nix-community/home-manager/issues/2942 + allowUnfreePredicate = _: true; + }; + }; + + + # The home.packages option allows you to install Nix packages into your + # environment. + home.packages = [ + # # Adds the 'hello' command to your environment. It prints a friendly + # # "Hello, world!" when run. + # pkgs.hello + + # # It is sometimes useful to fine-tune packages, for example, by applying + # # overrides. You can do that directly here, just don't forget the + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of + # # fonts? + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) + + # # You can also create simple shell scripts directly inside your + # # configuration. For example, this adds a command 'my-hello' to your + # # environment: + # (pkgs.writeShellScriptBin "my-hello" '' + # echo "Hello, ${config.home.username}!" + # '') + ]; + + # Home Manager is pretty good at managing dotfiles. The primary way to manage + # plain files is through 'home.file'. + home.file = { + # # Building this configuration will create a copy of 'dotfiles/screenrc' in + # # the Nix store. Activating the configuration will then make '~/.screenrc' a + # # symlink to the Nix store copy. + # ".screenrc".source = dotfiles/screenrc; + + # # You can also set the file content immediately. + # ".gradle/gradle.properties".text = '' + # org.gradle.console=verbose + # org.gradle.daemon.idletimeout=3600000 + # ''; + }; + + home.file."Deck".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Deck"; + home.file."Desktop".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Desktop"; + home.file."Documents".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Documents"; + home.file."Downloads".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Downloads"; + home.file."Music".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Music"; + home.file."Notes".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Notes"; + home.file."Pictures".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Pictures"; + home.file."Public".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Public"; + home.file."Screenshots".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Screenshots"; + home.file."Talk".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Talk"; + home.file."Templates".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Templates"; + home.file."Temporary".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Temporary"; + home.file."Vault".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Vault"; + home.file."Videos".source = config.lib.file.mkOutOfStoreSymlink "/mnt/homesweet/Videos"; + + home.file.".face".source = builtins.fetchurl { + url = "https://github.com/snuggle.png"; + sha256 = "1x4ajji4ip6bw9dkwf7bykkw00avzw7wg21cn0w4kwbcv71h052c"; + }; + + home.file = { + ".config/home-manager/home.nix" = { + source = config.lib.file.mkOutOfStoreSymlink ../users/snuggle.nix; + }; + }; + + home.file.".ssh/authorized_keys" = { + source = builtins.fetchurl { url = "https://github.com/${config.home.username}.keys"; sha256 = "1bvyxgb893q00nfbns7qghc25j7f5dnnnjfd0nbq0cllpjrqqfk6"; }; @@ -125,72 +125,71 @@ }; }; - #xdg.configFile."Nextcloud/nextcloud.cfg".source = config/Nextcloud/nextcloud.cfg; + #xdg.configFile."Nextcloud/nextcloud.cfg".source = config/Nextcloud/nextcloud.cfg; xdg.configFile."Yubico/u2f_keys".source = ../config/Yubico/u2f_keys; xdg.configFile."Nextcloud/sync-exclude.lst".source = ../config/Nextcloud/sync-exclude.lst; - # Home Manager can also manage your environment variables through - # 'home.sessionVariables'. These will be explicitly sourced when using a - # shell provided by Home Manager. If you don't want to manage your shell - # through Home Manager then you have to manually source 'hm-session-vars.sh' - # located at either - # - # ~/.nix-profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # /etc/profiles/per-user/snuggle/etc/profile.d/hm-session-vars.sh - # - home.sessionVariables = { - # EDITOR = "emacs"; - }; + # Home Manager can also manage your environment variables through + # 'home.sessionVariables'. These will be explicitly sourced when using a + # shell provided by Home Manager. If you don't want to manage your shell + # through Home Manager then you have to manually source 'hm-session-vars.sh' + # located at either + # + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # /etc/profiles/per-user/snuggle/etc/profile.d/hm-session-vars.sh + # + home.sessionVariables = { + # EDITOR = "emacs"; + }; programs = { firefox = { - enable = true; - - package = pkgs.firefox-wayland; + enable = true; - profiles.default = { - id = 0; - name = "Default"; - isDefault = true; - settings = { - "browser.startup.homepage" = "https://storage.snugg.ie"; - "services.sync.username" = "^-^@snugg.ie"; - "services.sync.engine.passwords" = false; - "font.name-list.emoji" = "Blobmoji"; - "font.default.x-western" = "sans-serif"; - "font.name.serif.x-western" = "Source Serif 4"; - "font.name.sans-serif.x-western" = "Source Sans 3"; - "font.name.monospace.x-western" = "Fantasque Sans Mono"; + package = pkgs.firefox-wayland; + + profiles.default = { + id = 0; + name = "Default"; + isDefault = true; + settings = { + "browser.startup.homepage" = "https://storage.snugg.ie"; + "services.sync.username" = "^-^@snugg.ie"; + "services.sync.engine.passwords" = false; + "font.name-list.emoji" = "Blobmoji"; + "font.default.x-western" = "sans-serif"; + "font.name.serif.x-western" = "Source Serif 4"; + "font.name.sans-serif.x-western" = "Source Sans 3"; + "font.name.monospace.x-western" = "Fantasque Sans Mono"; + }; + # PLEASE RE-ENABLE AFTER NEW NIXOS STABLE RELEASE + #extensions = + # with pkgs.nur.repos.rycee.firefox-addons; [ + # ublock-origin + # onepassword-password-manager + # firefox-color + # refined-github + # ]; }; - # PLEASE RE-ENABLE AFTER NEW NIXOS STABLE RELEASE - #extensions = - # with pkgs.nur.repos.rycee.firefox-addons; [ - # ublock-origin - # onepassword-password-manager - # firefox-color - # refined-github - # ]; - }; - }; git = { - enable = true; - userName = "Snuggle"; - userEmail = "^-^@snugg.ie"; - signing.signByDefault = false; - signing.key = "2D3825B49C6BCBE1AC337723877300954D1493E6"; - extraConfig = { - merge.conflictstyle = "diff3"; - }; + enable = true; + userName = "Snuggle"; + userEmail = "^-^@snugg.ie"; + signing.signByDefault = false; + signing.key = "2D3825B49C6BCBE1AC337723877300954D1493E6"; + extraConfig = { + merge.conflictstyle = "diff3"; + }; }; starship = { @@ -205,139 +204,138 @@ }; gpg = { - publicKeys = { - snuggle = { - source = [ (builtins.fetchurl { url = "https://github.com/${config.users.users.snuggle.name}.gpg"; sha256 = "06ncqgs3fn5bp6w8qdzd33a22ckym9ndpz7q7hqxf4wg2rjri77r"; }) ]; - # Doesn't seem to work, so I am using systemd instead. + publicKeys = { + snuggle = { + source = [ (builtins.fetchurl { url = "https://github.com/${config.users.users.snuggle.name}.gpg"; sha256 = "06ncqgs3fn5bp6w8qdzd33a22ckym9ndpz7q7hqxf4wg2rjri77r"; }) ]; + # Doesn't seem to work, so I am using systemd instead. + }; }; }; - }; bat = { - enable = true; - config.theme = "fairyfloss"; - themes = { - fairyfloss = builtins.readFile ( - pkgs.fetchFromGitHub - { - owner = "sailorhg"; - repo = "fairyfloss"; - rev = "982e64a9e36160350125c0a82a7981dca6200150"; - sha256 = "1gpbkmy8axj8il0s85ifn2adm987nla0dbk2slwc5zyp6m9ak3qq"; - } + "/fairyfloss.tmTheme" - ); - }; + enable = true; + config.theme = "fairyfloss"; + themes = { + fairyfloss = builtins.readFile ( + pkgs.fetchFromGitHub { + owner = "sailorhg"; + repo = "fairyfloss"; + rev = "982e64a9e36160350125c0a82a7981dca6200150"; + sha256 = "1gpbkmy8axj8il0s85ifn2adm987nla0dbk2slwc5zyp6m9ak3qq"; + } + "/fairyfloss.tmTheme" + ); + }; }; kitty = { - enable = true; - #theme = "fairyfloss"; - font = { - name = "Fantasque Sans Mono"; - package = pkgs.fantasque-sans-mono; - size = 14; - }; - settings = { - linux_display_server = "wayland"; - cursor_shape = "beam"; - background = "#5a5475"; - foreground = "#f8f8f0"; - cursor = "#ffb8d1"; - selection_foreground = "#ad5877"; - selection_background = "#ffb8d1"; - # Black - color0 = "#464258"; - color8 = "#c19fd8"; - # Red - color1 = "#ff857f"; - color9 = "#f44747"; - # Green - color2 = "#ad5877"; - color10 = "#ffb8d1"; - # Yellow - color3 = "#e6c000"; - color11 = "#ffea00"; - # Blue - color4 = "#6c71c4"; - color12 = "#6796e6"; - # Magenta - color5 = "#b267e6"; - color13 = "#c5a3ff"; - # Cyan - color6 = "#afecad"; - color14 = "#b2ffdd"; - # White - color7 = "#cccccc"; - color15 = "#f8f8f0"; - }; - }; - - alacritty = { - enable = true; - settings = { - cursor.style = { - shape = "beam"; - blinking = "on"; - }; + enable = true; + #theme = "fairyfloss"; font = { - size = 14; - normal = { - family = "Fantasque Sans Mono"; + name = "Fantasque Sans Mono"; + package = pkgs.fantasque-sans-mono; + size = 14; }; + settings = { + linux_display_server = "wayland"; + cursor_shape = "beam"; + background = "#5a5475"; + foreground = "#f8f8f0"; + cursor = "#ffb8d1"; + selection_foreground = "#ad5877"; + selection_background = "#ffb8d1"; + # Black + color0 = "#464258"; + color8 = "#c19fd8"; + # Red + color1 = "#ff857f"; + color9 = "#f44747"; + # Green + color2 = "#ad5877"; + color10 = "#ffb8d1"; + # Yellow + color3 = "#e6c000"; + color11 = "#ffea00"; + # Blue + color4 = "#6c71c4"; + color12 = "#6796e6"; + # Magenta + color5 = "#b267e6"; + color13 = "#c5a3ff"; + # Cyan + color6 = "#afecad"; + color14 = "#b2ffdd"; + # White + color7 = "#cccccc"; + color15 = "#f8f8f0"; }; - colors = { - # Theme based upon: Fairyfloss (FairyShell for Terminal) - # https://gist.github.com/crazy4pi314/c0874aef9a34e35f6ad07cc163662e51 - - # Default colors - primary = { - background = "0x5a5475"; - foreground = "0xf8f8f0"; - }; - - # Normal colors - normal = { - black = "0x464258"; - red = "0xff857f"; - green = "0xad5877"; - yellow = "0xe6c000"; - blue = "0x6c71c4"; - magenta = "0xb267e6"; - cyan = "0xafecad"; - white = "0xcccccc"; - }; + }; - # Bright colors - bright = { - black = "0xc19fd8"; - red = "0xf44747"; - green = "0xffb8d1"; - yellow = "0xffea00"; - blue = "0x6796e6"; - magenta = "0xc5a3ff"; - cyan = "0xb2ffdd"; - white = "0xf8f8f0"; - }; + alacritty = { + enable = true; + settings = { + cursor.style = { + shape = "beam"; + blinking = "on"; + }; + font = { + size = 14; + normal = { + family = "Fantasque Sans Mono"; + }; + }; + colors = { + # Theme based upon: Fairyfloss (FairyShell for Terminal) + # https://gist.github.com/crazy4pi314/c0874aef9a34e35f6ad07cc163662e51 + + # Default colors + primary = { + background = "0x5a5475"; + foreground = "0xf8f8f0"; + }; + + # Normal colors + normal = { + black = "0x464258"; + red = "0xff857f"; + green = "0xad5877"; + yellow = "0xe6c000"; + blue = "0x6c71c4"; + magenta = "0xb267e6"; + cyan = "0xafecad"; + white = "0xcccccc"; + }; + + # Bright colors + bright = { + black = "0xc19fd8"; + red = "0xf44747"; + green = "0xffb8d1"; + yellow = "0xffea00"; + blue = "0x6796e6"; + magenta = "0xc5a3ff"; + cyan = "0xb2ffdd"; + white = "0xf8f8f0"; + }; + }; }; }; - }; }; - home = { - username = "snuggle"; - homeDirectory = "/home/snuggle"; - }; + home = { + username = "snuggle"; + homeDirectory = "/home/snuggle"; + }; - # Add stuff for your user as you see fit: - # programs.neovim.enable = true; - # home.packages = with pkgs; [ steam ]; + # Add stuff for your user as you see fit: + # programs.neovim.enable = true; + # home.packages = with pkgs; [ steam ]; - # Enable home-manager - programs.home-manager.enable = true; + # Enable home-manager + programs.home-manager.enable = true; - # Nicely reload system units when changing configs - systemd.user.startServices = "sd-switch"; + # Nicely reload system units when changing configs + systemd.user.startServices = "sd-switch"; - # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - home.stateVersion = "23.05"; + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + home.stateVersion = "23.05"; } diff --git a/hosts/-common/configuration.nix b/hosts/-common/configuration.nix index daeae35..24a8df2 100644 --- a/hosts/-common/configuration.nix +++ b/hosts/-common/configuration.nix @@ -2,411 +2,411 @@ # Use this to configure your system environment (it replaces /etc/nixos/configuration.nix) # Based upon: https://github.com/Misterio77/nix-starter-configs { - inputs, - lib, - config, - pkgs, - ... + inputs, + lib, + config, + pkgs, + ... }: { - # You can import other NixOS modules here - imports = [ - # If you want to use modules from other flakes (such as nixos-hardware): - # inputs.hardware.nixosModules.common-cpu-amd - # inputs.hardware.nixosModules.common-ssd - - # You can also split up your configuration and import pieces of it here: - # ./users.nix - - # Import your generated (nixos-generate-config) hardware configuration - ./packages.nix - ]; - - nixpkgs = { - # You can add overlays here - overlays = [ - # If you want to use overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; - - nix = let - flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs; - in { - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Opinionated: disable global registry - flake-registry = ""; - # Workaround for https://github.com/NixOS/nix/issues/9574 - nix-path = config.nix.nixPath; - }; - # Opinionated: disable channels - channel.enable = false; - - # Opinionated: make flake registry and nix path match flake inputs - registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs; - nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs; - }; - - virtualisation.libvirtd.enable = true; - virtualisation.docker.enable = true; - # Use the systemd-boot EFI boot loader. - boot = { - loader.systemd-boot.enable = true; - loader.efi.canTouchEfiVariables = true; - loader.grub.configurationLimit = 10; - - extraModulePackages = [ - config.boot.kernelPackages.v4l2loopback - ]; - - # Register a v4l2loopback device at boot - kernelModules = [ - "v4l2loopback" - ]; - - kernelParams = [ "pci=assign-busses,hpbussize=0x33,realloc" ]; - }; - - - environment.gnome.excludePackages = [ pkgs.dejavu_fonts ]; - security = { - rtkit.enable = true; - pam = { - u2f = { - enable = true; - control = "sufficient"; - cue = true; - #cue = "🤔 Please tap your security key to confirm you are human…"; - #interactive = true; - }; - services = { - sudo.u2fAuth = true; - login.u2fAuth = true; - gbm.u2fAuth = true; - gnome-keyring.u2fAuth = true; - gdm.enableGnomeKeyring = true; - }; - }; - }; - - - - # Enable sound. - hardware.pulseaudio.enable = false; - - # Inspired by: https://github.com/divnix/digga/blob/4ebf259d11930774b3a13b370b955a8765bfcae6/configuration.nix#L30 - #nixpkgs.overlays = let - # overlays = map (name: import (./packages/overlays + "/${name}")) - # (builtins.attrNames (builtins.readDir ./packages/overlays)); - # in overlays; - - - systemd = { - services = { - # Don't take ~30s to boot - systemd-udev-settle.enable = false; - NetworkManager-wait-online.enable = true; - - # Set Papirus Folder Colours - #papirus-folders = { - # description = "papirus-folders"; - # path = [ pkgs.bash pkgs.stdenv pkgs.gawk pkgs.getent pkgs.gtk3 ]; - # serviceConfig = { - # Type = "oneshot"; - # ExecStartPre = "/run/current-system/sw/bin/sleep 10"; - # ExecStart = "${pkgs.fetchFromGitHub - # { - # owner = "PapirusDevelopmentTeam"; - # repo = "papirus-folders"; - # rev = "86c63fdd21182e5cc8444ba488042559951ca106"; - # sha256 = "sha256-ZZMEZCWO+qW76eqa+TgxWGVz69VkSCPcttLoCrH7ppY="; - # } + "/papirus-folders"} -t ${pkgs.papirus-icon-theme}/share/icons/Papirus --verbose --color yaru"; - # }; - # wantedBy = [ "graphical.target" ]; - # }; + # You can import other NixOS modules here + imports = [ + # If you want to use modules from other flakes (such as nixos-hardware): + # inputs.hardware.nixosModules.common-cpu-amd + # inputs.hardware.nixosModules.common-ssd + + # You can also split up your configuration and import pieces of it here: + # ./users.nix + + # Import your generated (nixos-generate-config) hardware configuration + ./packages.nix + ]; + + nixpkgs = { + # You can add overlays here + overlays = [ + # If you want to use overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; + + nix = let + flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs; + in { + settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + # Opinionated: disable global registry + flake-registry = ""; + # Workaround for https://github.com/NixOS/nix/issues/9574 + nix-path = config.nix.nixPath; + }; + # Opinionated: disable channels + channel.enable = false; + + # Opinionated: make flake registry and nix path match flake inputs + registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs; + nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs; + }; + + virtualisation.libvirtd.enable = true; + virtualisation.docker.enable = true; + # Use the systemd-boot EFI boot loader. + boot = { + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + loader.grub.configurationLimit = 10; + + extraModulePackages = [ + config.boot.kernelPackages.v4l2loopback + ]; + + # Register a v4l2loopback device at boot + kernelModules = [ + "v4l2loopback" + ]; + + kernelParams = [ "pci=assign-busses,hpbussize=0x33,realloc" ]; + }; + + + environment.gnome.excludePackages = [ pkgs.dejavu_fonts ]; + security = { + rtkit.enable = true; + pam = { + u2f = { + enable = true; + control = "sufficient"; + cue = true; + #cue = "🤔 Please tap your security key to confirm you are human…"; + #interactive = true; + }; + services = { + sudo.u2fAuth = true; + login.u2fAuth = true; + gbm.u2fAuth = true; + gnome-keyring.u2fAuth = true; + gdm.enableGnomeKeyring = true; + }; + }; + }; + + + + # Enable sound. + hardware.pulseaudio.enable = false; + + # Inspired by: https://github.com/divnix/digga/blob/4ebf259d11930774b3a13b370b955a8765bfcae6/configuration.nix#L30 + #nixpkgs.overlays = let + # overlays = map (name: import (./packages/overlays + "/${name}")) + # (builtins.attrNames (builtins.readDir ./packages/overlays)); + # in overlays; + + + systemd = { + services = { + # Don't take ~30s to boot + systemd-udev-settle.enable = false; + NetworkManager-wait-online.enable = true; + + # Set Papirus Folder Colours + #papirus-folders = { + # description = "papirus-folders"; + # path = [ pkgs.bash pkgs.stdenv pkgs.gawk pkgs.getent pkgs.gtk3 ]; + # serviceConfig = { + # Type = "oneshot"; + # ExecStartPre = "/run/current-system/sw/bin/sleep 10"; + # ExecStart = "${pkgs.fetchFromGitHub + # { + # owner = "PapirusDevelopmentTeam"; + # repo = "papirus-folders"; + # rev = "86c63fdd21182e5cc8444ba488042559951ca106"; + # sha256 = "sha256-ZZMEZCWO+qW76eqa+TgxWGVz69VkSCPcttLoCrH7ppY="; + # } + "/papirus-folders"} -t ${pkgs.papirus-icon-theme}/share/icons/Papirus --verbose --color yaru"; + # }; + # wantedBy = [ "graphical.target" ]; + # }; /* refind-theme = { - description = "Set rEFInd theme"; - path = [ pkgs.git pkgs.stdenv pkgs.toybox pkgs.busybox ]; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.toybox}/bin/toybox cp -RFv ${pkgs.fetchFromGitHub - { - owner = "bobafetthotmail"; - repo = "refind-theme-regular"; - rev = "508ff82526b76ead3a8cbd77cb90a91d4be871b9"; - sha256 = "sha256-HDs4RWCo6bi1tjpja7k3ex0JFGJExTcqbmikvM2xjnE="; - } + "/."} /boot/EFI/refind/themes/"; - ExecStartPost = "${pkgs.bash}/bin/bash -c '${pkgs.busybox}/bin/busybox cp -v ${config/rEFInd/theme.conf} /boot/EFI/refind/themes/theme.conf && ${pkgs.busybox}/bin/busybox cp -v ${config/rEFInd/refind.conf} /boot/EFI/refind/refind.conf'"; - }; - wantedBy = [ "default.target" ]; - }; */ - }; - - /* user.services = { - nextcloud-config-update = { - enable = true; - description = "Update Nextcloud Config"; - path = [ pkgs.bash pkgs.stdenv pkgs.toybox ]; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.toybox}/bin/toybox cp -n ${config/Nextcloud/nextcloud.cfg} ${config.users.users.snuggle.home}/.config/Nextcloud/nextcloud.cfg"; - ExecStartPost="${pkgs.toybox}/bin/toybox chmod +w ${config.users.users.snuggle.home}/.config/Nextcloud/nextcloud.cfg"; - }; - wantedBy = [ "default.target" ]; - }; - - # My own public GPG key must be imported otherwise you'll get the below error when trying to sign a git commit: - # error: gpg failed to sign the data fatal: failed to write commit object - gpg-import-keys = { - enable = true; - description = "Automatically import my public GPG keys"; - unitConfig = { - After = [ "gpg-agent.socket" ]; - }; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.bash}/bin/bash -c '${pkgs.gnupg}/bin/gpg --import ${ - builtins.fetchurl { - url = "https://github.com/${config.users.users.snuggle.name}.gpg"; - sha256 = "06ncqgs3fn5bp6w8qdzd33a22ckym9ndpz7q7hqxf4wg2rjri77r"; - }}'"; - }; - - wantedBy = [ "default.target" ]; - }; - }; */ - }; - - - # Set your time zone. - time.timeZone = "Europe/London"; - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - - networking = { - networkmanager.enable = true; - #useDHCP = true; - - extraHosts = '' - 10.0.1.6 hug - ''; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - firewall = { - allowedTCPPorts = [ 7777 ]; - allowedUDPPorts = [ 50 ]; - }; - }; - - nixpkgs.config = { - - permittedInsecurePackages = [ - "electron-13.6.9" - "electron-12.2.3" - "electron-114.2.9" - "electron-11.5.0" - "electron-18.1.0" - "electron-19.1.9" - "electron-25.9.0" - "python-2.7.18.6" - "openssl-1.1.1u" - "openssl-1.1.1w" - ]; - }; - - services = { - # Enable the X11 windowing system. - xserver.enable = true; - - openiscsi = { - enable = true; - name = "10.0.1.52"; - }; - - # Enable the GNOME 3 Desktop Environment. - xserver.displayManager.gdm.enable = true; - xserver.desktopManager.gnome.enable = true; - - displayManager.sddm.enable = false; - xserver.desktopManager.plasma5.enable = false; - - #services.dbus.packages = with pkgs; [ gnome3.dconf ]; - - gnome.gnome-keyring.enable = true; - flatpak.enable = true; - - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - - # Enable CUPS to print documents. - printing.enable = false; - printing.drivers = [ pkgs.brlaser pkgs.brscan4 ]; - - pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; - - hardware.bolt.enable = true; - - pcscd.enable = true; - udev.packages = with pkgs; [ pkgs.yubikey-personalization pkgs.libu2f-host ]; - udev.extraRules = '' - # Always authorize thunderbolt connections when they are plugged in. - # This is to make sure the USB hub of Thunderbolt is working. - ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1" - ''; - }; - - system = { - autoUpgrade.enable = true; - - /* activationScripts.setavatar.text = '' - accountServiceIcons="/var/lib/AccountsService/icons/snuggle" - accountServiceUsers="/var/lib/AccountsService/users/snuggle" - cp ${(builtins.fetchurl { - url = "https://github.com/snuggle.png"; - sha256 = "1x4ajji4ip6bw9dkwf7bykkw00avzw7wg21cn0w4kwbcv71h052c"; - })} "$accountServiceIcons" - - if ! grep -Fxq "Icon=$accountServiceIcons" "$accountServiceUsers"; then - echo "Icon=$accountServiceIcons" >> "$accountServiceUsers" - fi - ''; */ - - # Setup symlinks for NAS-based home directory - /* userActivationScripts.linktosharedfolder.text = '' - for location in \ - Desktop \ - Documents \ - Downloads \ - Pictures \ - Public \ - Screenshots \ - Templates \ - Temporary \ - Videos \ - Music - do - if [[ -d "${config.users.users.snuggle.home}/$location" ]]; then - find "${config.users.users.snuggle.home}/$location" -type d -empty -exec rm --dir --verbose {} \; - fi - if [[ -d "${config.users.users.snuggle.home}/$location" ]]; then - continue - fi - if [[ ! -L "${config.users.users.snuggle.home}/$location" ]]; then - ln --symbolic --no-target-directory --verbose "$(findmnt homesweet.server:/mnt/homesweet/users/snuggle --noheadings --first-only --output TARGET)/$location/" "${config.users.users.snuggle.home}/$location" - fi - done - ''; */ - }; - - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - - fonts = import ./fonts.nix pkgs; - - - environment.sessionVariables.TERMINAL = [ "kitty" ]; - environment.sessionVariables.VISUAL = [ "micro" ]; - environment.sessionVariables.EDITOR = [ "micro" ]; - environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Apply Wayland flags to Electron apps where necessary - environment.sessionVariables.MOZ_WAYLAND = "true"; - environment.variables.OSTYPE = [ "linux-toybox" ]; - - environment.shellInit = '' - export GPG_TTY="$(tty)" - gpg-connect-agent /bye - export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" - ''; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - programs = { - steam.enable = true; - adb.enable = true; - fish = { - enable = true; - promptInit = "starship init fish | source"; - #shellInit = builtins.readFile ./config/fish/colours.fish; - shellAbbrs = { - cat = "bat"; - ls = "exa --icons"; - nano = "micro"; - }; - }; - - ssh = { - startAgent = false; - extraConfig = '' - PubkeyAcceptedAlgorithms +ssh-rsa - HostkeyAlgorithms +ssh-rsa - ''; - }; - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - }; - - users.users = { - snuggle = { - # You can set an initial password for your user. - # If you do, you can skip setting a root password by passing '--no-root-passwd' to nixos-install. - # Be sure to change it (using passwd) after rebooting! - # initialPassword = "correcthorsebatterystaple"; - isNormalUser = true; - shell = pkgs.fish; - openssh.authorizedKeys.keys = [ (builtins.fetchurl { - url = "https://github.com/${config.users.users.snuggle.name}.keys"; - sha256 = "1bvyxgb893q00nfbns7qghc25j7f5dnnnjfd0nbq0cllpjrqqfk6"; - }) ]; - extraGroups = [ "wheel" "libvirtd" "scanner" "lp" "adbusers" "docker" "networkmanager" ]; - }; - }; - - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - settings = { - # Opinionated: forbid root login through SSH. - PermitRootLogin = "no"; - # Opinionated: use keys only. - # Remove if you want to SSH using passwords - PasswordAuthentication = false; - }; - }; - - # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "24.05"; - + description = "Set rEFInd theme"; + path = [ pkgs.git pkgs.stdenv pkgs.toybox pkgs.busybox ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.toybox}/bin/toybox cp -RFv ${pkgs.fetchFromGitHub + { + owner = "bobafetthotmail"; + repo = "refind-theme-regular"; + rev = "508ff82526b76ead3a8cbd77cb90a91d4be871b9"; + sha256 = "sha256-HDs4RWCo6bi1tjpja7k3ex0JFGJExTcqbmikvM2xjnE="; + } + "/."} /boot/EFI/refind/themes/"; + ExecStartPost = "${pkgs.bash}/bin/bash -c '${pkgs.busybox}/bin/busybox cp -v ${config/rEFInd/theme.conf} /boot/EFI/refind/themes/theme.conf && ${pkgs.busybox}/bin/busybox cp -v ${config/rEFInd/refind.conf} /boot/EFI/refind/refind.conf'"; + }; + wantedBy = [ "default.target" ]; + }; */ + }; + + /* user.services = { + nextcloud-config-update = { + enable = true; + description = "Update Nextcloud Config"; + path = [ pkgs.bash pkgs.stdenv pkgs.toybox ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.toybox}/bin/toybox cp -n ${config/Nextcloud/nextcloud.cfg} ${config.users.users.snuggle.home}/.config/Nextcloud/nextcloud.cfg"; + ExecStartPost="${pkgs.toybox}/bin/toybox chmod +w ${config.users.users.snuggle.home}/.config/Nextcloud/nextcloud.cfg"; + }; + wantedBy = [ "default.target" ]; + }; + + # My own public GPG key must be imported otherwise you'll get the below error when trying to sign a git commit: + # error: gpg failed to sign the data fatal: failed to write commit object + gpg-import-keys = { + enable = true; + description = "Automatically import my public GPG keys"; + unitConfig = { + After = [ "gpg-agent.socket" ]; + }; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.bash}/bin/bash -c '${pkgs.gnupg}/bin/gpg --import ${ + builtins.fetchurl { + url = "https://github.com/${config.users.users.snuggle.name}.gpg"; + sha256 = "06ncqgs3fn5bp6w8qdzd33a22ckym9ndpz7q7hqxf4wg2rjri77r"; + }}'"; + }; + + wantedBy = [ "default.target" ]; + }; + }; */ + }; + + + # Set your time zone. + time.timeZone = "Europe/London"; + + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + + networking = { + networkmanager.enable = true; + #useDHCP = true; + + extraHosts = '' + 10.0.1.6 hug + ''; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + firewall = { + allowedTCPPorts = [ 7777 ]; + allowedUDPPorts = [ 50 ]; + }; + }; + + nixpkgs.config = { + + permittedInsecurePackages = [ + "electron-13.6.9" + "electron-12.2.3" + "electron-114.2.9" + "electron-11.5.0" + "electron-18.1.0" + "electron-19.1.9" + "electron-25.9.0" + "python-2.7.18.6" + "openssl-1.1.1u" + "openssl-1.1.1w" + ]; + }; + + services = { + # Enable the X11 windowing system. + xserver.enable = true; + + openiscsi = { + enable = true; + name = "10.0.1.52"; + }; + + # Enable the GNOME 3 Desktop Environment. + xserver.displayManager.gdm.enable = true; + xserver.desktopManager.gnome.enable = true; + + displayManager.sddm.enable = false; + xserver.desktopManager.plasma5.enable = false; + + #services.dbus.packages = with pkgs; [ gnome3.dconf ]; + + gnome.gnome-keyring.enable = true; + flatpak.enable = true; + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable CUPS to print documents. + printing.enable = false; + printing.drivers = [ pkgs.brlaser pkgs.brscan4 ]; + + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + hardware.bolt.enable = true; + + pcscd.enable = true; + udev.packages = with pkgs; [ pkgs.yubikey-personalization pkgs.libu2f-host ]; + udev.extraRules = '' + # Always authorize thunderbolt connections when they are plugged in. + # This is to make sure the USB hub of Thunderbolt is working. + ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1" + ''; + }; + + system = { + autoUpgrade.enable = true; + + /* activationScripts.setavatar.text = '' + accountServiceIcons="/var/lib/AccountsService/icons/snuggle" + accountServiceUsers="/var/lib/AccountsService/users/snuggle" + cp ${(builtins.fetchurl { + url = "https://github.com/snuggle.png"; + sha256 = "1x4ajji4ip6bw9dkwf7bykkw00avzw7wg21cn0w4kwbcv71h052c"; + })} "$accountServiceIcons" + + if ! grep -Fxq "Icon=$accountServiceIcons" "$accountServiceUsers"; then + echo "Icon=$accountServiceIcons" >> "$accountServiceUsers" + fi + ''; */ + + # Setup symlinks for NAS-based home directory + /* userActivationScripts.linktosharedfolder.text = '' + for location in \ + Desktop \ + Documents \ + Downloads \ + Pictures \ + Public \ + Screenshots \ + Templates \ + Temporary \ + Videos \ + Music + do + if [[ -d "${config.users.users.snuggle.home}/$location" ]]; then + find "${config.users.users.snuggle.home}/$location" -type d -empty -exec rm --dir --verbose {} \; + fi + if [[ -d "${config.users.users.snuggle.home}/$location" ]]; then + continue + fi + if [[ ! -L "${config.users.users.snuggle.home}/$location" ]]; then + ln --symbolic --no-target-directory --verbose "$(findmnt homesweet.server:/mnt/homesweet/users/snuggle --noheadings --first-only --output TARGET)/$location/" "${config.users.users.snuggle.home}/$location" + fi + done + ''; */ + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + fonts = import ./fonts.nix pkgs; + + + environment.sessionVariables.TERMINAL = [ "kitty" ]; + environment.sessionVariables.VISUAL = [ "micro" ]; + environment.sessionVariables.EDITOR = [ "micro" ]; + environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Apply Wayland flags to Electron apps where necessary + environment.sessionVariables.MOZ_WAYLAND = "true"; + environment.variables.OSTYPE = [ "linux-toybox" ]; + + environment.shellInit = '' + export GPG_TTY="$(tty)" + gpg-connect-agent /bye + export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" + ''; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + programs = { + steam.enable = true; + adb.enable = true; + fish = { + enable = true; + promptInit = "starship init fish | source"; + #shellInit = builtins.readFile ./config/fish/colours.fish; + shellAbbrs = { + cat = "bat"; + ls = "exa --icons"; + nano = "micro"; + }; + }; + + ssh = { + startAgent = false; + extraConfig = '' + PubkeyAcceptedAlgorithms +ssh-rsa + HostkeyAlgorithms +ssh-rsa + ''; + }; + gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + }; + + users.users = { + snuggle = { + # You can set an initial password for your user. + # If you do, you can skip setting a root password by passing '--no-root-passwd' to nixos-install. + # Be sure to change it (using passwd) after rebooting! + # initialPassword = "correcthorsebatterystaple"; + isNormalUser = true; + shell = pkgs.fish; + openssh.authorizedKeys.keys = [ (builtins.fetchurl { + url = "https://github.com/${config.users.users.snuggle.name}.keys"; + sha256 = "1bvyxgb893q00nfbns7qghc25j7f5dnnnjfd0nbq0cllpjrqqfk6"; + }) ]; + extraGroups = [ "wheel" "libvirtd" "scanner" "lp" "adbusers" "docker" "networkmanager" ]; + }; + }; + + # This setups a SSH server. Very important if you're setting up a headless system. + # Feel free to remove if you don't need it. + services.openssh = { + enable = true; + settings = { + # Opinionated: forbid root login through SSH. + PermitRootLogin = "no"; + # Opinionated: use keys only. + # Remove if you want to SSH using passwords + PasswordAuthentication = false; + }; + }; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + system.stateVersion = "24.05"; + } diff --git a/hosts/cherry/configuration.nix b/hosts/cherry/configuration.nix index 305d504..96190b6 100644 --- a/hosts/cherry/configuration.nix +++ b/hosts/cherry/configuration.nix @@ -5,15 +5,15 @@ { config, lib, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ../-common/configuration.nix - ]; + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ../-common/configuration.nix + ]; - networking.hostName = "cherry"; # Define your hostname. - - system.stateVersion = "24.05"; # Did you read the comment? + networking.hostName = "cherry"; # Define your hostname. + + system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/pineapple/configuration.nix b/hosts/pineapple/configuration.nix index 37e056b..62e0ebc 100644 --- a/hosts/pineapple/configuration.nix +++ b/hosts/pineapple/configuration.nix @@ -5,126 +5,126 @@ { config, lib, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ../-common/configuration.nix - ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - boot.kernelPackages = pkgs.linuxPackages_latest; - boot.kernelParams = [ "i915.enable_psr=0" ]; - - networking.hostName = "pineapple"; # Define your hostname. - # Pick only one of the below networking options. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. - - # Set your time zone. - # time.timeZone = "Europe/Amsterdam"; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. - # i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # useXkbConfig = true; # use xkb.options in tty. - # }; - - # Enable the X11 windowing system. - services.xserver.enable = true; - - - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - - - # Configure keymap in X11 - # services.xserver.xkb.layout = "us"; - # services.xserver.xkb.options = "eurosign:e,caps:escape"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # hardware.pulseaudio.enable = true; - # OR - # services.pipewire = { - # enable = true; - # pulse.enable = true; - # }; - - # Enable touchpad support (enabled default in most desktopManager). - services.libinput.enable = true; - services.libinput.touchpad.tapping = true; - services.fprintd.enable = true; - # Define a user account. Don't forget to set a password with ‘passwd’. - # users.users.alice = { - # isNormalUser = true; - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # packages = with pkgs; [ - # firefox - # tree - # ]; - # }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "24.05"; # Did you read the comment? + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ../-common/configuration.nix + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "i915.enable_psr=0" ]; + + networking.hostName = "pineapple"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # useXkbConfig = true; # use xkb.options in tty. + # }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + + + # Configure keymap in X11 + # services.xserver.xkb.layout = "us"; + # services.xserver.xkb.options = "eurosign:e,caps:escape"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # hardware.pulseaudio.enable = true; + # OR + # services.pipewire = { + # enable = true; + # pulse.enable = true; + # }; + + # Enable touchpad support (enabled default in most desktopManager). + services.libinput.enable = true; + services.libinput.touchpad.tapping = true; + services.fprintd.enable = true; + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.users.alice = { + # isNormalUser = true; + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # packages = with pkgs; [ + # firefox + # tree + # ]; + # }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how + # to actually do that. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/pineapple/hardware-configuration.nix b/hosts/pineapple/hardware-configuration.nix index 1b9b5df..f069748 100644 --- a/hosts/pineapple/hardware-configuration.nix +++ b/hosts/pineapple/hardware-configuration.nix @@ -7,46 +7,46 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "uas" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/e7e84b3d-410b-423f-900b-f15635809873"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/0868-7852"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - fileSystems."/run/media/snuggle/pineapple" = { - device = "/dev/disk/by-uuid/4cb0cd63-5cdb-4c44-a282-cd2fd4a8c9c0"; - fsType = "btrfs"; - options = [ # If you don't have this options attribute, it'll default to "defaults" - # boot options for fstab. Search up fstab mount options you can use - "nofail" # Prevents system from failing if this drive doesn't mount - "x-gvfs-show" - ]; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.docker0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp57s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "uas" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e7e84b3d-410b-423f-900b-f15635809873"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/0868-7852"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + fileSystems."/run/media/snuggle/pineapple" = { + device = "/dev/disk/by-uuid/4cb0cd63-5cdb-4c44-a282-cd2fd4a8c9c0"; + fsType = "btrfs"; + options = [ # If you don't have this options attribute, it'll default to "defaults" + # boot options for fstab. Search up fstab mount options you can use + "nofail" # Prevents system from failing if this drive doesn't mount + "x-gvfs-show" + ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.docker0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp57s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/strawberry/darwin-configuration.nix b/hosts/strawberry/darwin-configuration.nix index 903fe2f..242d49a 100644 --- a/hosts/strawberry/darwin-configuration.nix +++ b/hosts/strawberry/darwin-configuration.nix @@ -1,103 +1,103 @@ { config, pkgs, ... }: { - imports = [ - - ./macos/packages-darwin.nix - ]; + imports = [ + + ./macos/packages-darwin.nix + ]; - nixpkgs.config.allowUnfree = true; + nixpkgs.config.allowUnfree = true; - fonts = import ./macos/fonts-darwin.nix pkgs; + fonts = import ./macos/fonts-darwin.nix pkgs; - users.users.snuggle = { - name = "snuggle"; - description = "Evie Snuggle"; - home = "/Users/snuggle"; - shell = pkgs.fish; - }; + users.users.snuggle = { + name = "snuggle"; + description = "Evie Snuggle"; + home = "/Users/snuggle"; + shell = pkgs.fish; + }; - system.activationScripts.applications.text = pkgs.lib.mkForce ('' - echo "📦ℹ️ Wrapping application packages…" - find /Users/snuggle/Applications/ -maxdepth 1 -type l | while read file; do - base="$(basename "$file")" - foop="$(readlink -f "/Users/snuggle/Applications/$base")" - rm -vf "/Applications/$base" - echo "tell app \"Finder\" to make alias file at POSIX file \"/Applications/\" to POSIX file \"$foop\" with properties {name: \"$base\"}" - osascript -e "tell app \"Finder\" to make alias file at POSIX file \"/Applications/\" to POSIX file \"$foop\" with properties {name: \"$base\"}"; - done - sudo cp -fv ${./config/Nextcloud/sync-exclude.lst} /Applications/Nextcloud.app/Contents/Resources/sync-exclude.lst - echo "📦✅ Finished wrapping applications!" - echo "⛓ Importing GPG public keys…" - curl https://github.com/Snuggle.gpg | gpg --import - gpgconf --reload gpg-agent - ''); + system.activationScripts.applications.text = pkgs.lib.mkForce ('' + echo "📦ℹ️ Wrapping application packages…" + find /Users/snuggle/Applications/ -maxdepth 1 -type l | while read file; do + base="$(basename "$file")" + foop="$(readlink -f "/Users/snuggle/Applications/$base")" + rm -vf "/Applications/$base" + echo "tell app \"Finder\" to make alias file at POSIX file \"/Applications/\" to POSIX file \"$foop\" with properties {name: \"$base\"}" + osascript -e "tell app \"Finder\" to make alias file at POSIX file \"/Applications/\" to POSIX file \"$foop\" with properties {name: \"$base\"}"; + done + sudo cp -fv ${./config/Nextcloud/sync-exclude.lst} /Applications/Nextcloud.app/Contents/Resources/sync-exclude.lst + echo "📦✅ Finished wrapping applications!" + echo "⛓ Importing GPG public keys…" + curl https://github.com/Snuggle.gpg | gpg --import + gpgconf --reload gpg-agent + ''); - home-manager.users.snuggle = { pkgs, ... }: { - programs = { - fish = { - enable = true; - interactiveShellInit = "starship init fish | source"; - shellInit = builtins.readFile ./config/fish/init.fish; - shellAbbrs = { - cat = "bat"; - ls = "exa --icons"; - nano = "micro"; - ssh = "mosh"; - }; - }; + home-manager.users.snuggle = { pkgs, ... }: { + programs = { + fish = { + enable = true; + interactiveShellInit = "starship init fish | source"; + shellInit = builtins.readFile ./config/fish/init.fish; + shellAbbrs = { + cat = "bat"; + ls = "exa --icons"; + nano = "micro"; + ssh = "mosh"; + }; + }; - ssh = { - extraConfig = '' - PubkeyAcceptedAlgorithms +ssh-rsa - HostkeyAlgorithms +ssh-rsa - ''; - }; - git = { - enable = true; - userName = "Snuggle"; - userEmail = "^-^@snugg.ie"; - signing.signByDefault = true; - signing.key = "877300954D1493E6"; - - }; + ssh = { + extraConfig = '' + PubkeyAcceptedAlgorithms +ssh-rsa + HostkeyAlgorithms +ssh-rsa + ''; + }; + git = { + enable = true; + userName = "Snuggle"; + userEmail = "^-^@snugg.ie"; + signing.signByDefault = true; + signing.key = "877300954D1493E6"; + + }; - gpg = { - # Required on MacOS for GPG to recognise YubiKey. - # https://github.com/NixOS/nixpkgs/issues/155629 - scdaemonSettings = pkgs.lib.mkIf pkgs.stdenv.isDarwin { - disable-ccid = true; - }; - }; - }; + gpg = { + # Required on MacOS for GPG to recognise YubiKey. + # https://github.com/NixOS/nixpkgs/issues/155629 + scdaemonSettings = pkgs.lib.mkIf pkgs.stdenv.isDarwin { + disable-ccid = true; + }; + }; + }; - home.file.".ssh/authorized_keys" = { - source = builtins.fetchurl { - url = "https://github.com/${config.users.users.snuggle.name}.keys"; - sha256 = "1bvyxgb893q00nfbns7qghc25j7f5dnnnjfd0nbq0cllpjrqqfk6"; - }; - }; + home.file.".ssh/authorized_keys" = { + source = builtins.fetchurl { + url = "https://github.com/${config.users.users.snuggle.name}.keys"; + sha256 = "1bvyxgb893q00nfbns7qghc25j7f5dnnnjfd0nbq0cllpjrqqfk6"; + }; + }; - xdg.configFile."Yubico/u2f_keys".source = config/Yubico/u2f_keys; - home.file.".gnupg/gpg-agent.conf".source = config/gnupg/gpg-agent.conf; - home.file.".gnupg/scdaemon.conf".source = config/gnupg/scdaemon.conf; - home.stateVersion = "20.09"; - }; - # Use a custom configuration.nix location. - # $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix - # environment.darwinConfig = "$HOME/.config/nixpkgs/darwin/configuration.nix"; + xdg.configFile."Yubico/u2f_keys".source = config/Yubico/u2f_keys; + home.file.".gnupg/gpg-agent.conf".source = config/gnupg/gpg-agent.conf; + home.file.".gnupg/scdaemon.conf".source = config/gnupg/scdaemon.conf; + home.stateVersion = "20.09"; + }; + # Use a custom configuration.nix location. + # $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix + # environment.darwinConfig = "$HOME/.config/nixpkgs/darwin/configuration.nix"; - # Auto upgrade nix package and the daemon service. - services.nix-daemon.enable = true; - # nix.package = nix; - #programs.gpg.scdaemonSettings = { disable-ccid = true; }; - # Create /etc/bashrc that loads the nix-darwin environment. - programs.zsh.enable = true; # default shell on catalina - programs.fish.enable = true; - #services.pcscd.enable = true; - #hardware.gpgSmartcards.enable = true; - # Used for backwards compatibility, please read the changelog before changing. - # $ darwin-rebuild changelog - system.stateVersion = 4; + # Auto upgrade nix package and the daemon service. + services.nix-daemon.enable = true; + # nix.package = nix; + #programs.gpg.scdaemonSettings = { disable-ccid = true; }; + # Create /etc/bashrc that loads the nix-darwin environment. + programs.zsh.enable = true; # default shell on catalina + programs.fish.enable = true; + #services.pcscd.enable = true; + #hardware.gpgSmartcards.enable = true; + # Used for backwards compatibility, please read the changelog before changing. + # $ darwin-rebuild changelog + system.stateVersion = 4; }