unexplrd/nixos-blueprint
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

eldrid

Browse Source 
Signed-off-by: unexplrd <unexplrd@linerds.us>
This commit is contained in:
unexplrd
2025-03-26 00:10:37 +02:00
parent 9286d95f0a
commit d9df333e58
6 changed files with 122 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
hosts/eldrid/configuration.nix
View File

@ -1,8 +1,8 @@
# device-specific setup
{
pkgs,
inputs,
config,
inputs,
...
}: {
imports = with inputs; [
@ -10,28 +10,30 @@
lix.nixosModules.default
self.nixosModules.desktop
self.nixosModules.system
./hardware-conf.nix
./hardware.nix
./programs.nix
./stylix.nix
./users.nix
./sops.nix
];
desktop = {
hyprland.enable = true;
# cosmic.enable = true;
niri.enable = true;
};
nix = {
settings.experimental-features = ["nix-command" "flakes"];
channel.enable = false;
daemonCPUSchedPolicy = "idle";
settings = {
experimental-features = ["nix-command" "flakes"];
builders-use-substitutes = true;
};
distributedBuilds = true;
settings.builders-use-substitutes = true;
buildMachines = [
{
hostName = "dunamis";
sshUser = "remotebuild";
sshUser = "nix-ssh";
system = "x86_64-linux";
sshKey = config.sops.secrets."ssh-private-eldrid-rmbuild".path;
sshKey = config.sops.secrets."ssh-eldrid-user".path;
supportedFeatures = ["nixos-test" "big-parallel" "kvm" "benchmark"];
publicHostKey = builtins.readFile "${inputs.mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
}
@ -46,10 +48,8 @@
networking = {
networkmanager.enable = true;
hostName = "eldrid";
# required for syncthing
firewall = {
allowedTCPPorts = [22000];
allowedUDPPorts = [21027 22000];
hosts = {
"192.168.1.42" = ["dunamis"];
};
};
@ -75,6 +75,15 @@
flatpak.enable = true;
fstrim.enable = true;
openssh.enable = true;
syncthing.openDefaultPorts = true;
dnscrypt-proxy2 = {
enable = true;
settings = {
require_dnssec = true;
server_names = ["mullvad-doh"];
bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
};
};
};
services.scx = {
enable = true;

0
hosts/eldrid/hardware-conf.nix → hosts/eldrid/hardware.nix
View File

28
hosts/eldrid/sops.nix
View File

@ -14,17 +14,41 @@ in {
defaultSopsFile = "${secretsPath}/secrets.yaml";
secrets = {
"user-password-hashed".neededForUsers = true;
"ssh-private-eldrid-rmbuild" = {};
"ssh-config" = {
path = "/home/user/.ssh/config";
mode = "0400";
owner = "user";
};
"ssh-private-eldrid-user" = {
"ssh-eldrid-user" = {
path = "/home/user/.ssh/id_ed25519";
mode = "0400";
owner = "user";
};
"ssh-eldrid-user.pub" = {
path = "/home/user/.ssh/id_ed25519.pub";
mode = "0400";
owner = "user";
};
"ssh-unexplrd" = {
path = "/home/user/.ssh/id_unexplrd_ed25519";
mode = "0400";
owner = "user";
};
"ssh-unexplrd.pub" = {
path = "/home/user/.ssh/id_unexplrd_ed25519.pub";
mode = "0400";
owner = "user";
};
"ssh-uni" = {
path = "/home/user/.ssh/id_uni_ed25519";
mode = "0400";
owner = "user";
};
"ssh-uni.pub" = {
path = "/home/user/.ssh/id_uni_ed25519.pub";
mode = "0400";
owner = "user";
};
};
};
}

50
hosts/eldrid/stylix-light.nix Normal file
View File

@ -0,0 +1,50 @@
{
pkgs,
inputs,
config,
...
}: {
imports = with inputs; [
stylix.nixosModules.stylix
];
environment.systemPackages = with pkgs; [
nerd-fonts.iosevka
];
stylix = {
enable = true;
base16Scheme = "${pkgs.base16-schemes}/share/themes/nord-light.yaml";
polarity = "light";
cursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 24;
};
image = builtins.fetchurl {
url = "https://w.wallhaven.cc/full/e7/wallhaven-e7djlk.png";
name = "wallhaven-e7djlk.png";
sha256 = "1mwvnmflp0z1biyyhfz7mjn7i1nna94n7jyns3na2shbfkaq7i0h";
};
opacity.terminal = 0.9;
fonts = {
sizes = {
applications = 13;
desktop = 14;
popups = 13;
terminal = 15;
};
serif = {
package = pkgs.nerd-fonts.iosevka;
name = "Iosevka Nerd Font Propo";
};
sansSerif = config.stylix.fonts.serif;
monospace = {
package = pkgs.nerd-fonts.iosevka-term;
name = "IosevkaTerm Nerd Font Mono";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
};
};
}

28
hosts/eldrid/stylix.nix
View File

@ -1,28 +1,28 @@
{
pkgs,
inputs,
config,
...
}: {
imports = [
inputs.stylix.nixosModules.stylix
imports = with inputs; [
stylix.nixosModules.stylix
];
environment.systemPackages = with pkgs; [
#papirus-icon-theme
nerd-fonts.iosevka
];
stylix = {
enable = true;
base16Scheme = "${pkgs.base16-schemes}/share/themes/tomorrow.yaml";
polarity = "light";
base16Scheme = "${pkgs.base16-schemes}/share/themes/nord.yaml";
polarity = "dark";
cursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
name = "Bibata-Modern-Classic";
size = 24;
};
image = builtins.fetchurl {
url = "https://w.wallhaven.cc/full/d6/wallhaven-d6163o.jpg";
name = "wallhaven-d6163o";
sha256 = "c6d298be1520546c0440d64d1073e33a356043e2481a8a67e940d5262c0c2e28";
url = "https://w.wallhaven.cc/full/l8/wallhaven-l8l9gq.png";
name = "wallhaven-l8l9gq.png";
sha256 = "0ypr44sg0fn55m1b52dgr1nnscpi2p6rfkjsm7vvrdqw7bafbx2z";
};
opacity.terminal = 0.9;
fonts = {
@ -36,15 +36,11 @@
package = pkgs.nerd-fonts.iosevka;
name = "Iosevka Nerd Font Propo";
};
sansSerif = {
package = pkgs.nerd-fonts.iosevka;
name = "Iosevka Nerd Font Propo";
};
sansSerif = config.stylix.fonts.serif;
monospace = {
package = pkgs.nerd-fonts.iosevka;
name = "Iosevka Nerd Font Mono";
package = pkgs.nerd-fonts.iosevka-term;
name = "IosevkaTerm Nerd Font Mono";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";

35
hosts/eldrid/users/user/flatpak.nix
View File

@ -1,9 +1,10 @@
{inputs, ...}: {
imports = [
inputs.nix-flatpak.homeManagerModules.nix-flatpak
imports = with inputs; [
nix-flatpak.homeManagerModules.nix-flatpak
];
services.flatpak = {
enable = true;
uninstallUnmanaged = true;
remotes = [
{
name = "flathub";
@ -16,17 +17,17 @@
];
packages = [
# misc
"io.github.zen_browser.zen"
"app.zen_browser.zen"
"net.mullvad.MullvadBrowser"
"com.obsproject.Studio"
"com.bitwarden.desktop"
"com.github.tchx84.Flatseal"
"de.haeckerfelix.Fragments"
"org.qbittorrent.qBittorrent"
# "com.transmissionbt.Transmission"
"com.usebottles.bottles"
"com.logseq.Logseq"
"io.github.martchus.syncthingtray"
# chatting
"org.signal.Signal"
@ -36,7 +37,7 @@
"org.mozilla.Thunderbird"
# media
"org.atheme.audacious"
"io.bassi.Amberol"
"io.freetubeapp.FreeTube"
#"io.github.celluloid_player.Celluloid"
# "io.mpv.Mpv"
@ -58,38 +59,29 @@
Context = {
sockets = ["wayland" "!x11" "!fallback-x11"];
filesystems = [
"!host"
"!home"
"!~/.ssh"
"xdg-run/pipewire-0"
"xdg-config/gtk-3.0:ro"
"xdg-config/gtk-4.0:ro"
# "~/.local/share/fonts:ro"
"~/.local/share/icons:ro"
# "~/.nix-profile/share/icons:ro"
# "~/.nix-profile/share/fonts:ro"
"/nix/store:ro"
];
};
Environment = {
XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons";
ELECTRON_OZONE_PLATFORM_HINT = "wayland";
#GTK_THEME = "adw-gtk3";
};
};
"io.github.martchus.syncthingtray".Context.filesystems = ["/storage/games/heroic/Factorio/game/saves"];
"org.octave.Octave".Context.sockets = ["x11"];
"org.octave.Octave".Environment = {QT_QPA_PLATFORM = "xcb";};
"com.valvesoftware.Steam" = {
Context = {
sockets = ["x11" "wayland"];
filesystems = ["/storage/games/steam"];
};
Environment = {
STEAM_FORCE_DESKTOPUI_SCALING = "1.3";
};
Environment.STEAM_FORCE_DESKTOPUI_SCALING = "1.3";
};
"org.signal.Signal" = {
Environment = {
SIGNAL_PASSWORD_STORE = "gnome-libsecret";
};
Environment.SIGNAL_PASSWORD_STORE = "gnome-libsecret";
};
"net.lutris.Lutris".Context = {
sockets = ["x11" "wayland"];
@ -100,10 +92,7 @@
filesystems = ["/storage/games/heroic" "~/games/heroic"];
};
"com.usebottles.Bottles" = {
Context = {
sockets = ["x11" "wayland"];
filesystems = ["/home/user/docs/nure/tex-template/assets/BridgeKSG"];
};
Context.sockets = ["x11" "wayland"];
};
};
};