commit b2b16729970f6c0a595dd63ef96c651e5d400ec8 Author: Cian Hughes Date: Wed Jan 22 12:46:17 2025 +0000 Fresh start to clean history after subtree experiments diff --git a/.github/workflows/submodule-sync.yaml b/.github/workflows/submodule-sync.yaml new file mode 100644 index 0000000..f184799 --- /dev/null +++ b/.github/workflows/submodule-sync.yaml @@ -0,0 +1,48 @@ +name: Submodule push + +on: + push: + branches: [ main ] + paths: + - "home-manager/core/dotfiles/**" + workflow_dispatch: # Allows manual triggering + +jobs: + sync-submodule: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: "recursive" + token: ${{ secrets.PUBLIC_REPO_SYNC_TOKEN }} + + - name: Configure Git + run: | + git config --global user.name "github-actions[bot]" + git config --global user.email "github-actions[bot]@users.noreply.github.com" + + - name: Push changes to subtree remotes + run: | + COMMIT_MSG="Sync from parent repo + + Parent commit: ${{ github.event.head_commit.message }} + SHA: ${{ github.sha }} + Author: ${{ github.event.head_commit.author.name }} + Workflow: ${{ github.workflow }} + " + + git submodule foreach ' + git add . && + git diff --staged --quiet || ( + git commit -m "$COMMIT_MSG" && + git push + )' + env: + GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_SYNC_TOKEN }} + + - name: Handle errors + if: failure() + run: | + echo "::error::Submodule sync failed. Manual intervention may be required." diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..34ef35a --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +nix.conf diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..f557669 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "home-manager/core/dotfiles"] + path = home-manager/core/dotfiles + url = https://github.com/Cian-H/dotfiles diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..baaf3dd --- /dev/null +++ b/flake.lock @@ -0,0 +1,136 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1735344290, + "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "613691f285dad87694c2ba1c9e6298d04736292d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, + "hyprcursor-phinger": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1733645462, + "narHash": "sha256-6ktkUyK1CAuAXRZLNcAvR7o9lduC/EX98wZaapi4Q5M=", + "owner": "jappie3", + "repo": "hyprcursor-phinger", + "rev": "2e244e3398a3f9bbece6d21d56c2353cd773a8e6", + "type": "github" + }, + "original": { + "owner": "jappie3", + "repo": "hyprcursor-phinger", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1728492678, + "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1736012469, + "narHash": "sha256-/qlNWm/IEVVH7GfgAIyP6EsVZI6zjAx1cV5zNyrs+rI=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "8f3e1f807051e32d8c95cd12b9b421623850a34d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1736061677, + "narHash": "sha256-DjkQPnkAfd7eB522PwnkGhOMuT9QVCZspDpJJYyOj60=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "cbd8ec4de4469333c82ff40d057350c30e9f7d36", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1734424634, + "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "hyprcursor-phinger": "hyprcursor-phinger", + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable", + "zen-browser": "zen-browser" + } + }, + "zen-browser": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1736167420, + "narHash": "sha256-6MtdfFKwq8tpgaKp7jv3befO8oNHWBg2HbYqaAcOE9k=", + "owner": "Cian-H", + "repo": "zen-browser-flake", + "rev": "0e8a95b3580acfbf303e6321bbed5f10430982d1", + "type": "github" + }, + "original": { + "owner": "Cian-H", + "repo": "zen-browser-flake", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..a781f46 --- /dev/null +++ b/flake.nix @@ -0,0 +1,130 @@ +{ + description = "Cian-H's nix config"; + + inputs = { + # Nixpkgs + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + # Nixpkgs-unstable + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + # Home manager + home-manager.url = "github:nix-community/home-manager/release-24.11"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + # add phinger hyprcursor flake + hyprcursor-phinger.url = "github:jappie3/hyprcursor-phinger"; + # add zen browser flake + zen-browser.url = "github:Cian-H/zen-browser-flake"; + }; + + outputs = { + self, + nixpkgs, + nixpkgs-unstable, + home-manager, + ... + } @ inputs: let + inherit (self) outputs; + in { + # NixOS configuration entrypoint + # Available through 'nixos-rebuild --flake .#your-hostname' + nixosConfigurations = { + worklaptop = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs; + unstablePkgs = inputs.nixpkgs-unstable.legacyPackages.x86_64-linux; + }; + modules = [ + ./nixos/worklaptop/configuration.nix + ]; + }; + homeserver = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs; + unstablePkgs = inputs.nixpkgs-unstable.legacyPackages.x86_64-linux; + }; + modules = [ + ./nixos/homeserver/configuration.nix + ]; + }; + }; + + # Standalone home-manager configuration entrypoint + # Available through 'home-manager --flake .#your-username@your-hostname' + homeConfigurations = { + "cianh@core" = home-manager.lib.homeManagerConfiguration { + pkgs = import nixpkgs { + # Home-manager requires 'pkgs' instance + system = "x86_64-linux"; + config = { + allowUnfree = true; + # Workaround for https://github.com/nix-community/home-manager/issues/2942 + allowUnfreePredicate = _: true; + }; + }; + extraSpecialArgs = { + inherit inputs outputs; + unstablePkgs = import nixpkgs-unstable { + # We also need to do the same for unstable + system = "x86_64-linux"; + config = { + allowUnfree = true; + allowUnfreePredicate = _: true; + }; + }; + }; + modules = [ + ./home-manager/core.nix + ]; + }; + "cianh@worklaptop" = home-manager.lib.homeManagerConfiguration { + pkgs = import nixpkgs { + # Home-manager requires 'pkgs' instance + system = "x86_64-linux"; + config = { + allowUnfree = true; + # Workaround for https://github.com/nix-community/home-manager/issues/2942 + allowUnfreePredicate = _: true; + }; + }; + extraSpecialArgs = { + inherit inputs outputs; + unstablePkgs = import nixpkgs-unstable { + # We also need to do the same for unstable + system = "x86_64-linux"; + config = { + allowUnfree = true; + allowUnfreePredicate = _: true; + }; + }; + }; + modules = [ + ./home-manager/worklaptop.nix + ]; + }; + "cianh@homeserver" = home-manager.lib.homeManagerConfiguration { + pkgs = import nixpkgs { + # Home-manager requires 'pkgs' instance + system = "x86_64-linux"; + config = { + allowUnfree = true; + # Workaround for https://github.com/nix-community/home-manager/issues/2942 + allowUnfreePredicate = _: true; + }; + }; + extraSpecialArgs = { + inherit inputs outputs; + unstablePkgs = import nixpkgs-unstable { + # We also need to do the same for unstable + system = "x86_64-linux"; + config = { + allowUnfree = true; + allowUnfreePredicate = _: true; + }; + }; + }; + modules = [ + ./home-manager/homeserver.nix + ]; + }; + }; + }; +} diff --git a/home-manager/core.nix b/home-manager/core.nix new file mode 100644 index 0000000..8860bee --- /dev/null +++ b/home-manager/core.nix @@ -0,0 +1,27 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + imports = [ + ./core/dotfiles.nix + ./core/user.nix + ./core/packages.nix + ./core/programs.nix + inputs.hyprcursor-phinger.homeManagerModules.hyprcursor-phinger + ]; + + nix = { + package = pkgs.nix; + settings.experimental-features = ["nix-command" "flakes"]; + }; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + home.stateVersion = "23.11"; + # Nicely reload system units when changing configs + systemd.user.startServices = "sd-switch"; +} diff --git a/home-manager/core/dotfiles b/home-manager/core/dotfiles new file mode 160000 index 0000000..ea6fde9 --- /dev/null +++ b/home-manager/core/dotfiles @@ -0,0 +1 @@ +Subproject commit ea6fde9eb1cc1dd9228729286a949ee63788daa5 diff --git a/home-manager/core/dotfiles.nix b/home-manager/core/dotfiles.nix new file mode 100644 index 0000000..d19eaf2 --- /dev/null +++ b/home-manager/core/dotfiles.nix @@ -0,0 +1,85 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: let + monaspaceFont = pkgs.callPackage ../../modules/monaspice_font.nix {}; +in { + home.file = { + ".bashrc" = lib.mkIf (!config.programs.bash.enable) { + source = ./dotfiles/dot_bashrc; + }; + "monaspice" = { + source = "${monaspaceFont}/share/fonts/"; + target = ".local/share/fonts/"; + recursive = true; + }; + "nushell" = { + source = ./dotfiles/dot_config/nushell; + target = ".config/nushell"; + recursive = true; + }; + "nvim" = { + source = ./dotfiles/dot_config/nvim; + target = ".config/nvim"; + recursive = true; + }; + "pypoetry" = { + source = ./dotfiles/dot_config/pypoetry; + target = ".config/pypoetry"; + recursive = true; + }; + "Thunar" = { + source = ./dotfiles/dot_config/Thunar; + target = ".config/Thunar"; + }; + "rye" = { + source = ./dotfiles/dot_config/.rye; + target = ".config/.rye"; + recursive = true; + }; + }; + + xdg.configFile = { + "bat".source = ./dotfiles/dot_config/bat; + "fastfetch".source = ./dotfiles/dot_config/fastfetch; + "helix".source = ./dotfiles/dot_config/helix; + "hypr" = { + source = ./dotfiles/dot_config/hypr; + recursive = true; + # Here, we use OnChange, because we don't want the config to be mutable but we do want it to + # manage modifiable state at runtime + onChange = '' + rm -f ${config.xdg.configHome}/hypr/inputs.conf + cp ${config.xdg.configHome}/hypr/HomeManagerInit_inputs.conf ${config.xdg.configHome}/hypr/inputs.conf + chmod u+w ${config.xdg.configHome}/hypr/inputs.conf + ''; + }; + "just".source = ./dotfiles/dot_config/just; + "kitty".source = ./dotfiles/dot_config/kitty; + "ghostty".source = ./dotfiles/dot_config/ghostty; + "micro".source = ./dotfiles/dot_config/micro; + "neovide".source = ./dotfiles/dot_config/neovide; + "glow".source = ./dotfiles/dot_config/glow; + "glamour".source = ./dotfiles/dot_config/glamour; + "starship.toml".source = ./dotfiles/dot_config/starship.toml; + "waybar".source = ./dotfiles/dot_config/waybar; + "euporie".source = ./dotfiles/dot_config/euporie; + "bottom".source = ./dotfiles/dot_config/bottom; + "swaync".source = ./dotfiles/dot_config/swaync; + "zellij".source = ./dotfiles/dot_config/zellij; + "git".source = ./dotfiles/dot_config/git; + "lazygit".source = ./dotfiles/dot_config/lazygit; + "wezterm".source = ./dotfiles/dot_config/wezterm; + "alacritty".source = ./dotfiles/dot_config/alacritty; + "hg".source = ./dotfiles/dot_config/hg; + "yazi".source = ./dotfiles/dot_config/yazi; + "stylua.toml".source = ./dotfiles/dot_config/stylua.toml; + "electron-flags.conf".source = ./dotfiles/dot_config/electron-flags.conf; + "Kvantum".source = ./dotfiles/dot_config/Kvantum; + }; +} diff --git a/home-manager/core/packages.nix b/home-manager/core/packages.nix new file mode 100644 index 0000000..08a4364 --- /dev/null +++ b/home-manager/core/packages.nix @@ -0,0 +1,30 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: let + monaspaceFont = pkgs.callPackage ../../modules/monaspice_font.nix {}; +in { + home.packages = + (with pkgs; [ + alejandra + git-extras + git-credential-manager + meld + unzip + ]) + ++ (with unstablePkgs; [ + devenv + lazygit + kitty-img + kitty-themes + nixd + ]) + ++ [ + monaspaceFont + ]; +} diff --git a/home-manager/core/programs.nix b/home-manager/core/programs.nix new file mode 100644 index 0000000..9479e60 --- /dev/null +++ b/home-manager/core/programs.nix @@ -0,0 +1,14 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + programs = { + home-manager.enable = true; + git.enable = true; + }; +} diff --git a/home-manager/core/user.nix b/home-manager/core/user.nix new file mode 100644 index 0000000..fe96010 --- /dev/null +++ b/home-manager/core/user.nix @@ -0,0 +1,14 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + home = { + username = "cianh"; + homeDirectory = "/home/cianh"; + }; +} diff --git a/home-manager/homeserver.nix b/home-manager/homeserver.nix new file mode 100644 index 0000000..e5fa334 --- /dev/null +++ b/home-manager/homeserver.nix @@ -0,0 +1,16 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + imports = [ + ./core.nix + ./homeserver/packages.nix + ./homeserver/programs.nix + ./homeserver/containers.nix + ]; +} diff --git a/home-manager/homeserver/containers.nix b/home-manager/homeserver/containers.nix new file mode 100644 index 0000000..af9f785 --- /dev/null +++ b/home-manager/homeserver/containers.nix @@ -0,0 +1,58 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + services.podman = { + enable = true; + enableTypeChecks = true; + autoUpdate.enable = true; + containers = { + grafana = { + image = "docker.io/grafana/grafana:latest"; + autoUpdate = "registry"; + ports = ["3000:3000"]; + }; + plex = { + image = "docker.io/plexinc/pms-docker:latest"; + autoUpdate = "registry"; + ports = [ + "32400:32400/tcp" + "3005:3005/tcp" + "8324:8324/tcp" + "32469:32469/tcp" + "1900:1900/udp" + "32410:32410/udp" + "32412:32412/udp" + "32413:32413/udp" + "32414:32414/udp" + ]; + environment = { + TZ = "Europe/Dublin"; + ADVERTISE_IP = "http://192.168.0.253:32400/"; + VERSION = "docker"; + }; + volumes = [ + "/home/cianh/TV_Archive/data:/data" + "/home/cianh/TV_Archive/config:/config" + "/home/cianh/TV_Archive/transcode:/transcode" + ]; + }; + jellyfin = { + image = "docker.io/jellyfin/jellyfin:latest"; + autoUpdate = "registry"; + ports = ["8096:8096/tcp"]; + volumes = [ + "/home/cianh/TV_Archive/data:/media:Z" + "/home/cianh/TV_Archive/jf_config:/config:Z" + "/home/cianh/TV_Archive/jf_cache:/cache:Z" + ]; + userNS = "keep-id"; + }; + }; + }; +} diff --git a/home-manager/homeserver/packages.nix b/home-manager/homeserver/packages.nix new file mode 100644 index 0000000..ba31a80 --- /dev/null +++ b/home-manager/homeserver/packages.nix @@ -0,0 +1,29 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + home.packages = + (with pkgs; [ + (python3.withPackages ( + python-pkgs: [ + python-pkgs.pip + python-pkgs.pkginfo + python-pkgs.python-lsp-server + python-pkgs.setuptools + ] + )) + lua54Packages.lua + luajitPackages.luarocks + nodejs-slim + stylua + ]) + ++ (with unstablePkgs; [ + podman-tui + vimPlugins.mason-lspconfig-nvim + ]); +} diff --git a/home-manager/homeserver/programs.nix b/home-manager/homeserver/programs.nix new file mode 100644 index 0000000..6769189 --- /dev/null +++ b/home-manager/homeserver/programs.nix @@ -0,0 +1,13 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + programs = { + bash.enable = true; + }; +} diff --git a/home-manager/worklaptop.nix b/home-manager/worklaptop.nix new file mode 100644 index 0000000..f54a8b8 --- /dev/null +++ b/home-manager/worklaptop.nix @@ -0,0 +1,18 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + imports = [ + ./core.nix + ./worklaptop/packages.nix + ./worklaptop/services.nix + ./worklaptop/programs.nix + ./worklaptop/defaultapps.nix + ./worklaptop/theming.nix + ]; +} diff --git a/home-manager/worklaptop/defaultapps.nix b/home-manager/worklaptop/defaultapps.nix new file mode 100644 index 0000000..dd0d2a8 --- /dev/null +++ b/home-manager/worklaptop/defaultapps.nix @@ -0,0 +1,19 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + xdg.mimeApps.defaultApplications = { + "inode/directory" = "thunar.desktop"; + "application/zip" = "xarchiver.desktop"; + "text/html" = "zen.desktop"; + "x-scheme-handler/http" = "zen.desktop"; + "x-scheme-handler/https" = "zen.desktop"; + "x-scheme-handler/about" = "zen.desktop"; + "x-scheme-handler/unknown" = "zen.desktop"; + }; +} diff --git a/home-manager/worklaptop/packages.nix b/home-manager/worklaptop/packages.nix new file mode 100644 index 0000000..a6ffbf3 --- /dev/null +++ b/home-manager/worklaptop/packages.nix @@ -0,0 +1,86 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + home.packages = + (with pkgs; [ + bitwarden + blueman + distrobox + ferdium + gimp-with-plugins + github-desktop + helix + hyperfine + imagemagick + inkscape-with-extensions + krita + lynx + neovide + nwg-look + obs-studio + pandoc + pavucontrol + podman-desktop + podman-tui + qimgv + slack + smile + spotify + vial + warpinator + zathura + zettlr + # theming + gtk-engine-murrine + gtk_engines + phinger-cursors + tokyonight-gtk-theme + # Python packages + (python3.withPackages ( + python-pkgs: [ + python-pkgs.pip + python-pkgs.pkginfo + python-pkgs.python-lsp-server + python-pkgs.setuptools + ] + )) + # Backend dev tools + go + lua54Packages.lua + luajitPackages.luarocks + mypy + php83 + poetry + poetryPlugins.poetry-plugin-up + poetryPlugins.poetry-plugin-export + poetryPlugins.poetry-audit-plugin + pre-commit + rustup + steam-run + stylua + tree-sitter + xarchiver + # Language Server Protocols + elixir-ls + fortls + nodePackages_latest.bash-language-server + lua-language-server + taplo + yaml-language-server + ]) + ++ (with unstablePkgs; [ + vimPlugins.mason-lspconfig-nvim + obsidian + zed-editor + zotero + ]) + ++ [ + inputs.zen-browser.packages.x86_64-linux.default + ]; +} diff --git a/home-manager/worklaptop/programs.nix b/home-manager/worklaptop/programs.nix new file mode 100644 index 0000000..17bffe8 --- /dev/null +++ b/home-manager/worklaptop/programs.nix @@ -0,0 +1,13 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + programs = { + hyprcursor-phinger.enable = true; + }; +} diff --git a/home-manager/worklaptop/services.nix b/home-manager/worklaptop/services.nix new file mode 100644 index 0000000..378fc2d --- /dev/null +++ b/home-manager/worklaptop/services.nix @@ -0,0 +1,11 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + services.swaync.enable = true; +} diff --git a/home-manager/worklaptop/theming.nix b/home-manager/worklaptop/theming.nix new file mode 100644 index 0000000..e6dea5e --- /dev/null +++ b/home-manager/worklaptop/theming.nix @@ -0,0 +1,50 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + # GTK theming + gtk = { + enable = true; + iconTheme = { + name = "Tokyonight-Light"; + package = pkgs.tokyonight-gtk-theme; + }; + theme = { + name = "Tokyonight-Dark"; + package = pkgs.tokyonight-gtk-theme; + }; + cursorTheme = { + name = "phinger-cursors-dark"; + package = pkgs.phinger-cursors; + }; + gtk2.extraConfig = '' + gtk-theme-name="Tokyonight-Dark" + gtk-icon-theme-name="Tokyonight-Light" + gtk-cursor-theme-name="phinger-cursors-dark" + ''; + gtk3.extraConfig = { + Settings = '' + gtk-application-prefer-dark-theme=1 + ''; + }; + gtk4.extraConfig = { + Settings = '' + gtk-application-prefer-dark-theme=1 + ''; + }; + }; + # dconf theming settings + dconf.settings = { + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + gtk-theme = "Tokyonight-Dark"; + icon-theme = "Tokyonight-Light"; + cursor-theme = "phinger-cursors-dark"; + }; + }; +} diff --git a/justfile b/justfile new file mode 100644 index 0000000..93d4e85 --- /dev/null +++ b/justfile @@ -0,0 +1,34 @@ +default: + @just --list + +prebuild: + #!/usr/bin/env bash + if `git status --short | /usr/bin/env grep \?\?`; then + git add . + fi + git pull + nix flake update + +_update-root: + if `/usr/bin/env grep -Rq "nixos" /etc/*-release`; then \ + sudo nixos-rebuild switch --flake .#$HOSTNAME; \ + fi + +update-root: prebuild _update-root + +install-home: + home-manager switch --flake .#$USER@core \ + --extra-experimental-features nix-command \ + --extra-experimental-features flakes + +_update-home: + home-manager switch --flake .#$USER@$HOSTNAME \ + || home-manager switch --flake .#$USER@core + +update-home: prebuild _update-home + +update: prebuild _update-root _update-home + +cleanup: + nix-store --gc + nix-store --optimise diff --git a/modules/monaspice_font.nix b/modules/monaspice_font.nix new file mode 100644 index 0000000..78b7763 --- /dev/null +++ b/modules/monaspice_font.nix @@ -0,0 +1,22 @@ +{ + stdenv, + pkgs, +}: +stdenv.mkDerivation { + name = "monaspace-nerd-font"; + src = pkgs.fetchurl { + url = "https://github.com/ryanoasis/nerd-fonts/releases/latest/download/Monaspace.tar.xz"; + sha256 = "sha256-+uuQeCeioHrmTI+hpcpIzZ5gyQhKJMSNd5owz2vQaTo="; + }; + + unpackPhase = '' + mkdir -p $out/share/fonts/ + chmod +rw $out/share/fonts/ + tar -xf $src -C $out/share/fonts/ + ''; + + installPhase = '' + find $out/share/fonts -name '*.ttf' -exec mv {} $out/share/fonts/truetype/ \; + find $out/share/fonts -name '*.otf' -exec mv {} $out/share/fonts/opentype/ \; + ''; +} diff --git a/nixos/homeserver/configuration.nix b/nixos/homeserver/configuration.nix new file mode 100644 index 0000000..2faf8ca --- /dev/null +++ b/nixos/homeserver/configuration.nix @@ -0,0 +1,258 @@ +{ + inputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./filesystems.nix + ./firewall.nix + ]; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + + networking.hostName = "homeserver"; # Define your hostname. + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "Europe/Dublin"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_IE.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_IE.UTF-8"; + LC_IDENTIFICATION = "en_IE.UTF-8"; + LC_MEASUREMENT = "en_IE.UTF-8"; + LC_MONETARY = "en_IE.UTF-8"; + LC_NAME = "en_IE.UTF-8"; + LC_NUMERIC = "en_IE.UTF-8"; + LC_PAPER = "en_IE.UTF-8"; + LC_TELEPHONE = "en_IE.UTF-8"; + LC_TIME = "en_IE.UTF-8"; + }; + + nix = { + registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs); + nixPath = ["nixpkgs=${inputs.nixpkgs}"]; + settings = { + experimental-features = "nix-command flakes"; + auto-optimise-store = true; + }; + extraOptions = '' + trusted-users = root cianh + ''; + }; + + environment.etc = + lib.mapAttrs' + (name: value: { + name = "nix/path/${name}"; + value.source = value.flake; + }) + config.nix.registry + // { + "justfile" = { + text = '' + default: + @just -g --list + + update-root: + if `/usr/bin/env grep -Rq "nixos" /etc/*-release`; then \ + nixos-rebuild switch --flake /home/cianh/.config/nix/#$HOSTNAME; \ + fi + ''; + mode = "0644"; + }; + "root_gitconfig" = { + text = '' + [safe] + directory = /home/cianh/.config/nix + ''; + }; + }; + + system.activationScripts.linkRootJustfile = { + text = '' + ln -sf /etc/justfile /root/.justfile + mkdir -p /root/.config/git + ln -sf /etc/root_gitconfig /root/.config/git/config + ''; + deps = []; + }; + + # Configure console keymap + console.keyMap = "uk"; + + users.users = { + cianh = { + isNormalUser = true; + hashedPasswordFile = "/etc/hashedPasswordFile"; + description = "Cian Hughes"; + extraGroups = ["networkmanager" "wheel" "docker" "podman" "nixcfg"]; + shell = unstablePkgs.nushell; + openssh.authorizedKeys.keyFiles = [ + ./ssh/authorized_keys + ]; + }; + + root = { + shell = pkgs.bashInteractive; + openssh.authorizedKeys.keyFiles = [ + ./ssh/authorized_keys + ]; + extraGroups = ["docker" "podman" "nixcfg"]; + }; + }; + + # $ nix search wget + environment.systemPackages = + (with pkgs; [ + atuin + bat + bitwarden-cli + bottom + delta + du-dust + duf + fastfetch + fd + fzf + gh + git + git-extras + glab + glow + gnupg + hexyl + killall + less + libsecret + netcat-gnu + nix-index + openssl + ouch + pass + passh + pinentry-tty + pkg-config + podman-compose + powertop + pueue + ripgrep + rm-improved + starship + tealdeer + wget + wl-clipboard + xclip + xcp + zellij + zoxide + monaspace + nerdfonts + brotli + gcc + gnumake + micro + ]) + ++ (with unstablePkgs; [ + just + neovim + nushell + onefetch + serie + yazi + ]); + + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + withPython3 = true; + withNodeJs = true; + withRuby = true; + }; + + # Enable the OpenSSH daemon and other remote tools. + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + }; + extraConfig = "UsePAM yes"; + }; + # Modify the SSH service to prioritise because server is headless + systemd.services.sshd = { + requires = []; # Remove any non-essential dependencies + after = ["network.target"]; # Only need to wait for networking (obviously) + serviceConfig = { + # If SSH dies, we want to restart it asap + Restart = "always"; + RestartSec = "3"; + StartLimitIntervalSec = "0"; + # The CPU should never be too busy to respond to SSH + CPUSchedulingPolicy = "rr"; + CPUSchedulingPriority = "99"; + IOSchedulingClass = "realtime"; + IOSchedulingPriority = "0"; + # Finally, if the system hits an OOM, for the love of god dont kill SSH until last + OOMScoreAdjust = "-1000"; + }; + }; + + # Add custom services + systemd.services.pueued = { + enable = true; + description = "Pueue Daemon - CLI process scheduler and manager"; + wantedBy = ["default.target"]; + serviceConfig = { + Restart = "no"; + ExecStart = "${pkgs.pueue.outPath}/bin/pueued -vv"; + }; + }; + + # Enable GPG signing + services.pcscd.enable = true; + programs.gnupg.agent = { + enable = true; + pinentryPackage = pkgs.pinentry-tty; + enableSSHSupport = true; + }; + + virtualisation = { + containers.enable = true; + + podman = { + enable = true; + # Create a `docker` alias for podman, to use it as a drop-in replacement + dockerCompat = true; + dockerSocket.enable = true; + # Required for containers under podman-compose to be able to talk to each other. + defaultNetwork.settings.dns_enabled = true; + }; + }; + + system.stateVersion = "24.11"; # Did you read the comment? + system.autoUpgrade.enable = true; + + # Set user config settings + users.defaultUserShell = pkgs.nushell; + fonts = { + enableDefaultPackages = true; + fontDir.enable = true; + fontconfig.defaultFonts.monospace = ["MonaspiceArNerdFontMono"]; + }; +} diff --git a/nixos/homeserver/filesystems.nix b/nixos/homeserver/filesystems.nix new file mode 100644 index 0000000..21b9458 --- /dev/null +++ b/nixos/homeserver/filesystems.nix @@ -0,0 +1,21 @@ +{ + inputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + fileSystems = { + "/home/cianh/TV_Archive" = { + device = "/dev/disk/by-uuid/2ac3aa3e-91bf-4a98-9fb6-3c0235545be9"; + fsType = "ext4"; + options = ["nofail" "x-systemd.automount"]; + }; + "/home/cianh/Nextcloud" = { + device = "/dev/disk/by-uuid/10ebaf9a-f519-4990-b814-9d6825ad692f"; + fsType = "ext4"; + options = ["nofail" "x-systemd.automount"]; + }; + }; +} diff --git a/nixos/homeserver/firewall.nix b/nixos/homeserver/firewall.nix new file mode 100644 index 0000000..33dc053 --- /dev/null +++ b/nixos/homeserver/firewall.nix @@ -0,0 +1,29 @@ +{ + inputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + networking.firewall = { + enable = true; + allowedTCPPorts = [ + 22 # SSH + 80 # Webpage + 3000 # Grafana + 3005 # Plex + 8096 # Jellyfin + 8324 # Plex + 32400 # Plex + 32469 # Plex + ]; + allowedUDPPorts = [ + 1900 # Plex + 32410 # Plex + 32412 # Plex + 32413 # Plex + 32414 # Plex + ]; + }; +} diff --git a/nixos/homeserver/hardware-configuration.nix b/nixos/homeserver/hardware-configuration.nix new file mode 100644 index 0000000..2283dc5 --- /dev/null +++ b/nixos/homeserver/hardware-configuration.nix @@ -0,0 +1,42 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/b6757b17-330d-4820-a45f-bad5e7f06516"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/AAE3-7115"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/173de2f3-09e8-4175-9f52-c8b6ea970ad5"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/homeserver/ssh/authorized_keys b/nixos/homeserver/ssh/authorized_keys new file mode 100644 index 0000000..ea92ff6 --- /dev/null +++ b/nixos/homeserver/ssh/authorized_keys @@ -0,0 +1,4 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDasyiBOJEJvM0OsRJVqTdNzbVnv7sf8yFz8DGmb3Jl1YdCdDnH7GI6VA0Z0WyMsaKy0xSC0JDkjEoWWr2aLCRoYb49x/WDCVPM6Kj2C9c29YUDvA2binE6PTFQyXNJ/p/uAov9QSTGaVUH4eG91S/4LILXwlgUR6tMrhbit+UlAWAPRUa8H/dwWBxXKjCpolIiFpDE7nRqpG85js3zlde5BBH/xso5koeNaS7hpkzbuhpF+9WyscWKWqJzUhYWSdb1VsXM6lrRRgBdPwnwPc5rV0h3xQw3XxBuYAAxEAd4RygCNO1WO2Z6P2b7g/tJfdSqSOeVVFgMUYB0f/OT2X3uP4nm/sR9KQ3w8J9N7Kz7Ql6a/ZAyBLAaRRSfIbiXfYL2J3CT9/mQnlWFOlE2t09pMF0GeoxBKGDwZRKeMyZOSvjkHXqKXTWg7VUJs36ixl4G1liqKsVpLBPfh5vw1RCqi9ZnuTru8HOmJE39vEu2NrSrmsfq5l/WzBd59Ns3Mu0bEfuLj2JEsxa8Xg/fMERGXukaLLZcNuxLQsVgQtIBC6VH2MUpEXEUNHXcrDh4Nj6lTGqHxQxQToa9fEsUozVSSRIhLMk35NdlSbAX5YWG5lisf9A/hzxPzLrQ+9K6gaqrTdeS1DBdl6pz1a9lUv1tAsLvtqhnAJ1zc0XHRiDksw== +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQContOwJDn+AlqueILooXw3nyPG/J/gEHMXWYiZKHpXxupzWCXEMFUa/Mkg5HKIlPZ06SrNGL+IpnLesEX+5tMCv2B5oFXz/nr1GzxlZwPOO3l61uttKAL/4KJW27Pgha5c8Z6TJctYWCPWzHj6YYb8ni3SEr1chjJ5bHNihScN/whFSdZMADws92Z86h5Z7onWbTlSaHZVy2yZZX/bCLcr4fTp1hMcQozv0Rt0NWD7bOtX7ghKgwfN+p3Nt7xbRWyyRvhXotiD7YMcaZAwT4+i+9g4nvpFd4zw4KvxXg7wCId2nKaY6P75jvfADzXNZhEJWKXjtDYrCiPBd2kEgDgyRsPypEwZvmKyL+SNYTjv1j4AlFJMS4/EWziq3CA+0qeY9osSQCpCzUSZlhNtQafugR7xYdMx5wUeWc/g9qNGmUlLkSib3gBU/mCVgHYPjuTMby25zDpBMmlrXxRbA185y4hLuj1F/8YhNzj0fAzKeSJpsbivl/FTso/hGCNOntCts1nikbVldSftWVxx7Dz2o0YhVWPyoCUeVLc1DInyhxrv+uMJbn8nuC1u003fZPlm0HpvR+ZVLP1ZiWM33pShEbX7XsKkmlFtw73dGkROlbenMl+ulA+ERNkoWD7g0ZKhUN+TNU7VmmzlXUpuimZjpiE68bGY6MZHrLBX6gTE3w== homeserver|chughes000@gmail.com +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDle7kPrzRNiwiO4JOgzBFxLOil0k+qeQttv+2ofvkGLBCOS5N06E3/bx1ZJ1kuDPZvWZgEQ8SUycgQXk7h1jiHMzMl/TMHm2p2+mu4z59eTPe+XtQaZFbx+ChCUeBTgBoyf/kyUfyqLY9ml4UTSLjBH5RqoBcxS3EDIuKH4ePDVBfHUO2Q+MAtr28cu4niqrVf2A+h0Co5OQp0TP++1cHfaRJbOdNJmX8xKIIeVbeAZyNMfsx5yDITkYv2VnMCIupiXhopu83IgY7UPRxGU31FFYKx7gtWo+gj/lGwddxwi77vOg9M7ygNXs28zMoHpULkiRs6m8TNI4zD8lKr3vHFWbflPjjjVPH9GphHxHvQJI4Crca0+ayoJzNPuWeAEK0DykzHRzM5HvM8x3jQGZbwz6lTj+6VSdlOI1mKsKP9d4NiM6PQ6xLt2kktIIwDbvtPHwMhVwbh8QrKiH7/lXoBmUe/hCxVEsL78aatrpj/T4P1+28gVzKoSPeL6+kL0/j/5OU0l3Z3Pu9jVG9GyVV3a5hP4jQfJy0FsCQejHinsltpWraKM1d1At/Wb9KJcG47xw8MDaj/OQXduzcBPpfsbwosn5mLiDMfF6taRwxVqLjPksx81dQ7siXFOuulNJpEZ3S4evSkffpU7j2484uGbrqFeX2vFm1qiZC5/59z/w== cianh@Rainbow-Laptop +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCEbctM0NQsW+69JPrTm4LhaA7r1S+cnXaTKyKdJF1giKMPW3IxK/w/A6jQwKphdQRMyXuwqdF9OWfZJ5zYVUJJj8ktHYdi4NttGbgLJw5UqFP5o1/oLi06LvENZglpice6OccOo0gKT2y3uBZ91Ifzb6yGhEdZL4fORS4SsUpPeb5W8TJi6FHHcPRuSggscZfRCLp08iiXSVM46o8fmQBuO9XZsu9KSoKgSE2oqgIPa4upOYiFhD8b4e4nUpDGCFTkRc8nFcCPQVnN1z4+13iRAg/gTKuertqeGaD7wqGZfSJpgp9BjyL4QLdgUP+EUXREJeVHGw5EYMRE8gjg5NAzXXn+DIGULjhUDJ5SneZ8jbZJXkMThFMHdK/iUJ5XZOJFJxDMtClGMZ1e25N+HZbrtCokDFHD6BcH5tf2CJusYgvmY3dUTl1iOxkF4mFyjY9OqO6BwgWjRKTAWzQsUrzE1/Q4zeWqaxb4+GkbgniHu6gkjHlBm058DKJ1zM2GzwDlBcFyvtTg2e9bD84o6VQamhuexkG2YGR/RhCLQykmDT4WLUywukaBblbonJemk82RgVHKx2434osXKh7zplQIlyN63UUtn9JLgiaRklKNTL4wVbe+qBWn+od97EFRQAd5oQlUFDz7H5wt1cx0YeoADHwB/omMSQq+PSnxS8S3Q== cianh@raspberrypi diff --git a/nixos/worklaptop/configuration.nix b/nixos/worklaptop/configuration.nix new file mode 100644 index 0000000..7e9533b --- /dev/null +++ b/nixos/worklaptop/configuration.nix @@ -0,0 +1,367 @@ +{ + inputs, + lib, + config, + pkgs, + unstablePkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./theming.nix + ]; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + hardware.nvidia = { + # Modesetting is required. + modesetting.enable = true; + powerManagement.enable = false; + powerManagement.finegrained = false; + open = false; + nvidiaSettings = true; + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; + hardware.nvidia-container-toolkit.enable = true; + + # Bootloader. + boot = { + loader = { + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + useOSProber = true; + }; + efi = { + efiSysMountPoint = "/boot/efi"; + canTouchEfiVariables = true; + }; + }; + }; + + networking.hostName = "worklaptop"; # Define your hostname. + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "Europe/Dublin"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_IE.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_IE.UTF-8"; + LC_IDENTIFICATION = "en_IE.UTF-8"; + LC_MEASUREMENT = "en_IE.UTF-8"; + LC_MONETARY = "en_IE.UTF-8"; + LC_NAME = "en_IE.UTF-8"; + LC_NUMERIC = "en_IE.UTF-8"; + LC_PAPER = "en_IE.UTF-8"; + LC_TELEPHONE = "en_IE.UTF-8"; + LC_TIME = "en_IE.UTF-8"; + }; + + nix = { + registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs); + nixPath = ["nixpkgs=${inputs.nixpkgs}"]; + settings = { + experimental-features = "nix-command flakes"; + auto-optimise-store = true; + }; + extraOptions = '' + trusted-users = root cianh + ''; + }; + + environment.etc = + lib.mapAttrs' + (name: value: { + name = "nix/path/${name}"; + value.source = value.flake; + }) + config.nix.registry; + + # Load nvidia driver for Xorg and Wayland + services = { + xserver = { + videoDrivers = ["nvidia"]; # or "nvidiaLegacy470 etc. + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = false; + xkb = { + layout = "ie"; + variant = ""; + }; + }; + }; + + # Configure console keymap + console.keyMap = "ie"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound with pipewire. + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + users.users.cianh = { + isNormalUser = true; + hashedPasswordFile = "/etc/hashedPasswordFile"; + description = "Cian Hughes"; + extraGroups = ["networkmanager" "wheel" "libvirtd"]; + shell = unstablePkgs.nushell; + }; + # # The hack below sets the user profile image declaratively + system.activationScripts.script.text = '' + mkdir -p /var/lib/AccountsService/{icons,users} + cp /home/cianh/Pictures/face.png /var/lib/AccountsService/icons/cianh + echo "[User] + Session= + Icon=/var/lib/AccountsService/icons/cianh + SystemAccount=false" > /var/lib/AccountsService/users/cianh + chown root:root /var/lib/AccountsService/users/cianh + chmod 0600 /var/lib/AccountsService/users/cianh + chown root:root /var/lib/AccountsService/icons/cianh + chmod 0444 /var/lib/AccountsService/icons/cianh + ''; + + # $ nix search wget + environment.systemPackages = + (with pkgs; [ + # shell env programs + atuin + bat + bitwarden-cli + bottom + delta + du-dust + duf + fastfetch + fd + fzf + gdm + gh + git + git-extras + glab + glow + gnupg + grub2_efi + hexyl + killall + less + libsecret + mosh + netcat-gnu + nix-index + nix-ld + nmap + nodejs + openssl + ouch + pass + passh + phinger-cursors + pinentry-gnome3 + pkg-config + podman-compose + powertop + pueue + qmk + qmk-udev-rules + qmk_hid + ripgrep + rm-improved + seahorse + starship + tealdeer + wget + wl-clipboard + xclip + xcp + xfce.thunar + xfce.tumbler + zellij + zoxide + # package managers + flatpak + # back-end dev tools + brotli + gcc + gnumake + # front-end dev environment + micro + # DE and accompanying tools + wayland + wayland-utils + sway # More stable, backup DE + hyprland + hyprlock + hyprpaper + hyprpicker + hyprshot + xdg-desktop-portal-hyprland + xdg-desktop-portal-wlr + xdg-desktop-portal-gtk + xdg-desktop-portal-xapp + ]) + ++ (with unstablePkgs; [ + just + ghostty + kitty + libnotify + neovim + nushell + onefetch + ruff + serie + swaynotificationcenter + uv + waybar + wofi + yazi + ]); + + hardware.keyboard.qmk.enable = true; + + # Activate DEs + programs.hyprland = { + enable = true; + xwayland.enable = true; + }; + programs.sway = { + enable = true; + extraOptions = ["--unsupported-gpu"]; + }; + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + withPython3 = true; + withNodeJs = true; + withRuby = true; + }; + programs.waybar.enable = true; + environment.sessionVariables.NIXOS_OZONE_WL = "1"; + + # Enable my preferred DE utilities + programs.thunar.enable = true; + programs.thunar.plugins = with pkgs.xfce; [ + thunar-volman + thunar-archive-plugin + thunar-media-tags-plugin + ]; + services.gvfs.enable = true; + services.tumbler.enable = true; + programs.xfconf.enable = true; + xdg.portal = { + enable = true; + wlr.enable = true; + extraPortals = [ + pkgs.xdg-desktop-portal-hyprland + pkgs.xdg-desktop-portal-gtk + ]; + }; + + # Disable automatically activated programs i dont want + programs.foot.enable = false; + + # Lets also activate some handy devenv tools + programs.direnv.enable = true; + programs.direnv.nix-direnv.enable = true; + programs.nix-ld = { + enable = true; + libraries = with pkgs; [ + acl + alsa-lib + at-spi2-core + attr + bzip2 + curl + dbus + expat + glib + libsodium + libssh + libxml2 + nspr + nss + openssl + pango + stdenv.cc + systemd + util-linux + vulkan-loader + xz + zlib + zstd + ]; + }; + + # Enable flatpaks + services.flatpak.enable = true; + + # Enable the OpenSSH daemon and other remote tools. + services.openssh.enable = true; + programs.mosh.enable = true; + + # Add custom services + systemd.services.pueued = { + enable = true; + description = "Pueue Daemon - CLI process scheduler and manager"; + wantedBy = ["default.target"]; + serviceConfig = { + Restart = "no"; + ExecStart = "${pkgs.pueue.outPath}/bin/pueued -vv"; + }; + }; + + # Enable GPG signing + services.gnome.gnome-keyring.enable = true; + programs.seahorse.enable = true; # enable the graphical frontend + security.pam.services.gdm.enableGnomeKeyring = true; # load gnome-keyring at startup + services.pcscd.enable = true; + programs.gnupg.agent = { + enable = true; + pinentryPackage = pkgs.pinentry-gnome3; + enableSSHSupport = true; + }; + + virtualisation = { + containers.enable = true; + + podman = { + enable = true; + # Create a `docker` alias for podman, to use it as a drop-in replacement + dockerCompat = true; + dockerSocket.enable = true; + # Required for containers under podman-compose to be able to talk to each other. + defaultNetwork.settings.dns_enabled = true; + }; + + libvirtd.enable = true; + }; + programs.virt-manager.enable = true; + + system.stateVersion = "23.11"; # Did you read the comment? + system.autoUpgrade.enable = true; + + # Set user config settings + users.defaultUserShell = pkgs.nushell; +} diff --git a/nixos/worklaptop/hardware-configuration.nix b/nixos/worklaptop/hardware-configuration.nix new file mode 100644 index 0000000..70163e5 --- /dev/null +++ b/nixos/worklaptop/hardware-configuration.nix @@ -0,0 +1,57 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/1eec95dd-9663-4a46-8b6f-10f7754322fa"; + fsType = "ext4"; + }; + + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/056D-249D"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/92c16a05-22ad-436d-a6ca-37d5f0c2cc3d"; + fsType = "ext4"; + }; + + swapDevices = [ + { + device = "/var/lib/swapfile"; + size = 24 * 1024; + } + { + device = "/home/.swapfile"; + size = 64 * 1024; + } + ]; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno2.useDHCP = lib.mkDefault true; + # networking.interfaces.enp58s0u1u4.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/worklaptop/theming.nix b/nixos/worklaptop/theming.nix new file mode 100644 index 0000000..4a304c9 --- /dev/null +++ b/nixos/worklaptop/theming.nix @@ -0,0 +1,49 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + # GTK theming + environment.sessionVariables.GTK_THEME = "Tokyonight-Dark"; + + # Delegate QT theming to kvantum + environment.sessionVariables.QT_STYLE_OVERRIDE = "kvantum"; + + # Fonts + fonts = { + enableDefaultPackages = true; + fontDir.enable = true; + + fontconfig = { + defaultFonts = { + serif = ["NotoSerifNerdFont"]; + sansSerif = ["NotoSansNerdFont"]; + monospace = ["MonaspiceArNerdFontMono"]; + }; + }; + }; + + # Theming packages + environment.systemPackages = with pkgs; [ + # fonts + corefonts + liberation_ttf + monaspace + nerdfonts + nerd-font-patcher + noto-fonts + noto-fonts-color-emoji + vistafonts + winePackages.fonts + # Cursor + hyprcursor + # QT + libsForQt5.qtstyleplugin-kvantum + qt6Packages.qtstyleplugin-kvantum + # Adwaita (i love gnome, but god damn is adwaita annoying on other DEs) + adwaita-icon-theme + libadwaita + ]; +}