unexplrd/nixos-blueprint
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: unexplrd:d3e4ee75f046d60164d60eb5ad95f05269cd84db
Branches Tags
unexplrd:main
...
compare: unexplrd:b7f95a14c3d2de1d14ddb770b93e7414022e1200
Branches Tags
unexplrd:main

3 Commits
d3e4ee75f0 ... b7f95a14c3

Author SHA1 Message Date
unexplrd
b7f95a14c3 hosts/eldrid/users/user/home-configuration.nix: home-manager state follows system 
modules/home/desktop/niri/default.nix: change evince to papers
modules/nixos/system/wireless/wifi.nix: simplify

Signed-off-by: unexplrd <unexplrd@linerds.us>
 2025-03-28 16:39:21 +02:00
unexplrd
08408c5602 break up into reusable modules 
Signed-off-by: unexplrd <unexplrd@linerds.us>
 2025-03-28 16:39:21 +02:00
unexplrd
28f935cfd0 hosts/dunamis/users/user/flatpak.nix: add ungoogled chromium 
Signed-off-by: unexplrd <unexplrd@linerds.us>
 2025-03-28 16:39:21 +02:00
11 changed files with 136 additions and 129 deletions
Expand all files Collapse all files

1
hosts/dunamis/users/user/flatpak.nix
View File

@ -19,6 +19,7 @@
# misc # misc
"app.zen_browser.zen" "app.zen_browser.zen"
"net.mullvad.MullvadBrowser" "net.mullvad.MullvadBrowser"
"io.github.ungoogled_software.ungoogled_chromium"
"com.obsproject.Studio" "com.obsproject.Studio"
"com.bitwarden.desktop" "com.bitwarden.desktop"
"com.github.tchx84.Flatseal" "com.github.tchx84.Flatseal"

35
hosts/eldrid/boot.nix Normal file
View File

@ -0,0 +1,35 @@
{
pkgs,
config,
inputs,
...
}: {
imports = with inputs; [
lanzaboote.nixosModules.lanzaboote
];
boot = {
# kernelPackages = pkgs.linuxPackages_latest;
kernelPackages = pkgs.linuxPackages_cachyos;
plymouth.enable = true;
loader.efi.canTouchEfiVariables = true;
loader.systemd-boot = {
enable = !config.boot.lanzaboote.enable;
consoleMode = "auto";
};
initrd = {
availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" "xe" "i915"];
kernelModules = [];
};
kernelModules = ["kvm-intel"];
extraModulePackages = [];
lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
};
console = {
earlySetup = true;
packages = [pkgs.terminus_font];
font = "${pkgs.terminus_font}/share/consolefonts/ter-c18n.psf.gz";
};
}

124
hosts/eldrid/configuration.nix
View File

@ -1,111 +1,45 @@
# device-specific setup {inputs, ...}: {
{
pkgs,
config,
inputs,
...
}: {
imports = with inputs; [ imports = with inputs; [
chaotic.nixosModules.default
lanzaboote.nixosModules.lanzaboote
lix.nixosModules.default
self.nixosModules.desktop self.nixosModules.desktop
self.nixosModules.system self.nixosModules.system
./hardware.nix ./boot.nix
./programs.nix
./stylix.nix
./disko.nix ./disko.nix
./users.nix ./hardware.nix
./networking.nix
./nix.nix
./programs.nix
./services.nix
./sops.nix ./sops.nix
./stylix.nix
./users.nix
]; ];
desktop = { desktop.niri.enable = true;
niri.enable = true;
};
nix = {
channel.enable = false;
daemonCPUSchedPolicy = "idle";
settings = {
experimental-features = ["nix-command" "flakes"];
builders-use-substitutes = true;
};
distributedBuilds = true;
buildMachines = [
{
hostName = "dunamis";
sshUser = "nix-ssh";
system = "x86_64-linux";
sshKey = config.sops.secrets."ssh-eldrid-user".path;
supportedFeatures = ["nixos-test" "big-parallel" "kvm" "benchmark"];
publicHostKey = builtins.readFile "${inputs.mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
}
];
};
system.stateVersion = "25.05";
time.timeZone = "Europe/Kyiv";
locale.ukrainian.enable = true; locale.ukrainian.enable = true;
networking = { opentabletdriver.enable = false;
networkmanager.enable = true;
hostName = "eldrid";
hosts = {
"192.168.1.42" = ["dunamis"];
};
};
boot = { qmk-vial.enable = true;
# kernelPackages = pkgs.linuxPackages_latest;
kernelPackages = pkgs.linuxPackages_cachyos;
plymouth.enable = true;
loader.efi.canTouchEfiVariables = true;
loader.systemd-boot = {
enable = !config.boot.lanzaboote.enable;
consoleMode = "auto";
};
lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
};
console = {
earlySetup = true;
packages = [pkgs.terminus_font];
font = "${pkgs.terminus_font}/share/consolefonts/ter-c18n.psf.gz";
};
services = {
power-profiles-daemon.enable = true;
flatpak.enable = true;
fstrim.enable = true;
openssh.enable = true;
syncthing.openDefaultPorts = true;
dnscrypt-proxy2 = {
enable = true;
settings = {
require_dnssec = true;
server_names = ["mullvad-doh"];
bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
};
};
};
services.scx = {
enable = true;
scheduler = "scx_flash";
};
security.basic.enable = true; security.basic.enable = true;
virtual = { system.stateVersion = "25.05";
libvirt.enable = true;
podman.enable = false;
};
wireless.bluetooth.enableBlueman = true; swapDevices = [
{
opentabletdriver.enable = false; device = "/swap/swapfile";
qmk-vial.enable = true; size = 8 * 1024; # eight gigs
}
];
time.timeZone = "Europe/Kyiv";
virtual.libvirt.enable = true;
wireless = {
wifi.enable = true;
bluetooth.enable = true;
bluetooth.enableBlueman = true;
};
} }

23
hosts/eldrid/hardware.nix
View File

@ -21,27 +21,6 @@
''; '';
}; };
in { in {
boot = {
initrd = {
availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" "xe" "i915"];
kernelModules = [];
};
kernelModules = ["kvm-intel"];
extraModulePackages = [];
};
swapDevices = [
{
device = "/swap/swapfile";
size = 8 * 1024; # eight gigs
}
];
wireless = {
wifi.enable = true;
bluetooth.enable = true;
};
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
@ -53,12 +32,12 @@ in {
# intel ax201 wifi card firmware # intel ax201 wifi card firmware
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
# physically broken touchscreen # physically broken touchscreen
services.udev.extraRules = "ACTION==\"add|change\", KERNELS==\"input[0-9]*\", SUBSYSTEMS==\"input\", ATTRS{id/vendor}==\"27c6\", ATTRS{id/product}==\"0e84\", ENV{LIBINPUT_IGNORE_DEVICE}=\"1\""; services.udev.extraRules = "ACTION==\"add|change\", KERNELS==\"input[0-9]*\", SUBSYSTEMS==\"input\", ATTRS{id/vendor}==\"27c6\", ATTRS{id/product}==\"0e84\", ENV{LIBINPUT_IGNORE_DEVICE}=\"1\"";
services.keyd = { services.keyd = {
enable = true; enable = true;
keyboards.internal = { keyboards.internal = {

9
hosts/eldrid/networking.nix Normal file
View File

@ -0,0 +1,9 @@
{
networking = {
networkmanager.enable = true;
hostName = "eldrid";
hosts = {
"192.168.1.42" = ["dunamis"];
};
};
}

28
hosts/eldrid/nix.nix Normal file
View File

@ -0,0 +1,28 @@
{
config,
inputs,
...
}: {
imports = with inputs; [
lix.nixosModules.default
];
nix = {
channel.enable = false;
daemonCPUSchedPolicy = "idle";
settings = {
experimental-features = ["nix-command" "flakes"];
builders-use-substitutes = true;
};
distributedBuilds = true;
buildMachines = [
{
hostName = "dunamis";
sshUser = "nix-ssh";
system = "x86_64-linux";
sshKey = config.sops.secrets."ssh-eldrid-user".path;
supportedFeatures = ["nixos-test" "big-parallel" "kvm" "benchmark"];
publicHostKey = builtins.readFile "${inputs.mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
}
];
};
}

21
hosts/eldrid/services.nix Normal file
View File

@ -0,0 +1,21 @@
{
services = {
flatpak.enable = true;
fstrim.enable = true;
openssh.enable = true;
power-profiles-daemon.enable = true;
syncthing.openDefaultPorts = true;
dnscrypt-proxy2 = {
enable = true;
settings = {
require_dnssec = true;
server_names = ["mullvad-doh"];
bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
};
};
scx = {
enable = true;
scheduler = "scx_flash";
};
};
}

4
hosts/eldrid/sops.nix
View File

@ -1,8 +1,8 @@
{inputs, ...}: let {inputs, ...}: let
secretsPath = builtins.toString inputs.mysecrets; secretsPath = builtins.toString inputs.mysecrets;
in { in {
imports = [ imports = with inputs; [
inputs.sops-nix.nixosModules.sops sops-nix.nixosModules.sops
]; ];
sops = { sops = {

8
hosts/eldrid/users/user/home-configuration.nix
View File

@ -1,4 +1,8 @@
{inputs, ...}: { {
inputs,
osConfig,
...
}: {
imports = with inputs; [ imports = with inputs; [
nix-index-database.hmModules.nix-index nix-index-database.hmModules.nix-index
self.homeModules.desktop self.homeModules.desktop
@ -8,7 +12,7 @@
]; ];
desktop.niri.enable = true; desktop.niri.enable = true;
home = { home = {
stateVersion = "25.05"; stateVersion = osConfig.system.stateVersion;
sessionPath = [ sessionPath = [
"$HOME/.local/bin" "$HOME/.local/bin"
]; ];

4
modules/home/desktop/niri/default.nix
View File

@ -1456,7 +1456,7 @@ in {
nautilus nautilus
helvum helvum
loupe loupe
evince papers
junction junction
celluloid celluloid
mission-center mission-center
@ -1497,7 +1497,7 @@ in {
web_browser = ["re.sonny.Junction.desktop"]; web_browser = ["re.sonny.Junction.desktop"];
image_viewer = ["org.gnome.Loupe.desktop"]; image_viewer = ["org.gnome.Loupe.desktop"];
video_player = ["io.github.celluloid_player.Celluloid.desktop"]; video_player = ["io.github.celluloid_player.Celluloid.desktop"];
pdf_reader = ["org.gnome.Evince.desktop"]; pdf_reader = ["org.gnome.Papers.desktop"];
in { in {
"inode/directory" = file_manager; "inode/directory" = file_manager;
"video/x-matroska" = video_player; "video/x-matroska" = video_player;

8
modules/nixos/system/wireless/wifi.nix
View File

@ -16,12 +16,8 @@ in {
wireless.iwd = { wireless.iwd = {
enable = true; enable = true;
settings = { settings = {
General = { General.AddressRandomization = "network";
AddressRandomization = "network"; Settings.AlwaysRandomizeAddress = true;
};
Settings = {
AlwaysRandomizeAddress = true;
};
}; };
}; };
}; };