mirror of
https://github.com/materusPL/nixos-config
synced 2026-07-02 12:46:42 +00:00
code: nixpkgs-fmt to format code
This commit is contained in:
@@ -136,8 +136,8 @@ in
|
||||
|
||||
services.fstrim = {
|
||||
enable = true;
|
||||
interval = "weekly";
|
||||
};
|
||||
interval = "weekly";
|
||||
};
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
@@ -163,12 +163,12 @@ in
|
||||
|
||||
hardware.opengl.enable = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
/* hardware.opengl.extraPackages = with pkgs; [
|
||||
/* hardware.opengl.extraPackages = with pkgs; [
|
||||
vaapiVdpau
|
||||
nvidia-vaapi-driver
|
||||
libvdpau-va-gl
|
||||
];
|
||||
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
|
||||
];
|
||||
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
|
||||
vaapiVdpau
|
||||
nvidia-vaapi-driver
|
||||
libvdpau-va-gl
|
||||
@@ -177,26 +177,26 @@ in
|
||||
#hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
|
||||
/*
|
||||
#GNOME
|
||||
services.xserver.displayManager.gdm.wayland = false;
|
||||
services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.desktopManager.gnome.enable = true;
|
||||
security.pam.services.gdm.enableGnomeKeyring = true;
|
||||
#GNOME
|
||||
services.xserver.displayManager.gdm.wayland = false;
|
||||
services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.desktopManager.gnome.enable = true;
|
||||
security.pam.services.gdm.enableGnomeKeyring = true;
|
||||
|
||||
|
||||
services.gnome.rygel.enable = true;
|
||||
services.gnome.sushi.enable = true;
|
||||
services.gnome.tracker.enable = true;
|
||||
services.gnome.gnome-online-accounts.enable = true;
|
||||
services.gnome.gnome-browser-connector.enable = true;
|
||||
services.gnome.gnome-settings-daemon.enable = true;
|
||||
services.gnome.core-utilities.enable = true;
|
||||
services.gnome.core-shell.enable = true;
|
||||
services.gnome.core-os-services.enable = true;
|
||||
services.gnome.rygel.enable = true;
|
||||
services.gnome.sushi.enable = true;
|
||||
services.gnome.tracker.enable = true;
|
||||
services.gnome.gnome-online-accounts.enable = true;
|
||||
services.gnome.gnome-browser-connector.enable = true;
|
||||
services.gnome.gnome-settings-daemon.enable = true;
|
||||
services.gnome.core-utilities.enable = true;
|
||||
services.gnome.core-shell.enable = true;
|
||||
services.gnome.core-os-services.enable = true;
|
||||
|
||||
programs.gnome-terminal.enable = true;
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon gnome2.GConf ];
|
||||
programs.gnome-terminal.enable = true;
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon gnome2.GConf ];
|
||||
*/
|
||||
|
||||
|
||||
@@ -215,7 +215,7 @@ in
|
||||
|
||||
# Enable the Plasma 5 Desktop Environment.
|
||||
|
||||
|
||||
|
||||
|
||||
security.pam.services.sddm.enableKwallet = true;
|
||||
|
||||
@@ -628,20 +628,20 @@ in
|
||||
|
||||
binutils
|
||||
/*
|
||||
gnome3.adwaita-icon-theme
|
||||
gnome3.gnome-tweaks
|
||||
gnome3.gnome-color-manager
|
||||
gnome3.gnome-shell-extensions
|
||||
gnome3.adwaita-icon-theme
|
||||
gnome3.gnome-tweaks
|
||||
gnome3.gnome-color-manager
|
||||
gnome3.gnome-shell-extensions
|
||||
|
||||
gnomeExtensions.appindicator
|
||||
gnomeExtensions.desktop-clock
|
||||
gnomeExtensions.gtk4-desktop-icons-ng-ding
|
||||
gnomeExtensions.compiz-windows-effect
|
||||
gnomeExtensions.burn-my-windows
|
||||
gnomeExtensions.user-themes
|
||||
gnomeExtensions.gsconnect
|
||||
gnomeExtensions.dash-to-panel
|
||||
gnomeExtensions.dash-to-dock
|
||||
gnomeExtensions.appindicator
|
||||
gnomeExtensions.desktop-clock
|
||||
gnomeExtensions.gtk4-desktop-icons-ng-ding
|
||||
gnomeExtensions.compiz-windows-effect
|
||||
gnomeExtensions.burn-my-windows
|
||||
gnomeExtensions.user-themes
|
||||
gnomeExtensions.gsconnect
|
||||
gnomeExtensions.dash-to-panel
|
||||
gnomeExtensions.dash-to-dock
|
||||
*/
|
||||
|
||||
|
||||
@@ -665,7 +665,7 @@ in
|
||||
fonts.fontconfig.enable = true;
|
||||
fonts.fontconfig.cache32Bit = true;
|
||||
fonts.fontconfig.defaultFonts.sansSerif = [ "Noto Sans" "DejaVu Sans" "WenQuanYi Zen Hei" "Noto Color Emoji" ];
|
||||
fonts.fontconfig.defaultFonts.serif = [ "Noto Serif" "DejaVu Serif" "WenQuanYi Zen Hei" "Noto Color Emoji"];
|
||||
fonts.fontconfig.defaultFonts.serif = [ "Noto Serif" "DejaVu Serif" "WenQuanYi Zen Hei" "Noto Color Emoji" ];
|
||||
fonts.fontconfig.defaultFonts.emoji = [ "Noto Color Emoji" "OpenMoji Color" ];
|
||||
fonts.fontconfig.defaultFonts.monospace = [ "FiraCode Nerd Font Mono" "Noto Sans Mono" "WenQuanYi Zen Hei Mono" ];
|
||||
|
||||
@@ -753,8 +753,8 @@ in
|
||||
};
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656];
|
||||
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656];
|
||||
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656 ];
|
||||
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656 ];
|
||||
# Or disable the firewall altogether.
|
||||
networking.firewall.enable = true;
|
||||
|
||||
|
||||
@@ -4,14 +4,14 @@
|
||||
home.homeDirectory = "/home/materus";
|
||||
|
||||
programs.git = {
|
||||
userEmail = "materus@podkos.pl";
|
||||
userName = "materus";
|
||||
signing.signByDefault = true;
|
||||
signing.key = "${materusArg.cfg.path}/extraFiles/keys/ssh/materus.pub";
|
||||
extraConfig = {
|
||||
commit.gpgsign = true;
|
||||
gpg.format = "ssh";
|
||||
};
|
||||
userEmail = "materus@podkos.pl";
|
||||
userName = "materus";
|
||||
signing.signByDefault = true;
|
||||
signing.key = "${materusArg.cfg.path}/extraFiles/keys/ssh/materus.pub";
|
||||
extraConfig = {
|
||||
commit.gpgsign = true;
|
||||
gpg.format = "ssh";
|
||||
};
|
||||
};
|
||||
materus.profile = {
|
||||
fonts.enable = lib.mkDefault true;
|
||||
@@ -21,7 +21,7 @@
|
||||
enableTerminalExtra = lib.mkDefault true;
|
||||
enableNixDevel = lib.mkDefault true;
|
||||
editor.code.fhs.enable = true;
|
||||
editor.code.fhs.packages = (ps: with ps; let llvmpkgs = llvmPackages_16; in[
|
||||
editor.code.fhs.packages = (ps: with ps; let llvmpkgs = llvmPackages_16; in [
|
||||
llvmpkgs.clang
|
||||
llvmpkgs.llvm
|
||||
llvmpkgs.bintools
|
||||
@@ -36,7 +36,7 @@
|
||||
|
||||
cmake
|
||||
gnumake
|
||||
ninja
|
||||
ninja
|
||||
binutils
|
||||
coreutils
|
||||
util-linux
|
||||
@@ -70,7 +70,7 @@
|
||||
]);
|
||||
|
||||
editor.emacs.enable = false;
|
||||
|
||||
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
|
||||
@@ -5,14 +5,15 @@
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.kernel.sysctl = {"vm.swappiness" = 10;};
|
||||
boot.kernel.sysctl = { "vm.swappiness" = 10; };
|
||||
swapDevices = [
|
||||
{
|
||||
device = "/swapfile";
|
||||
@@ -20,42 +21,49 @@
|
||||
}
|
||||
];
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-label/NixOS_Root";
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" "noatime" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
|
||||
fileSystems."/nix" =
|
||||
{ device = "/dev/disk/by-label/NixOS_Root";
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@nix" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
|
||||
fileSystems."/materus" =
|
||||
{ device = "/dev/disk/by-label/NixOS_Root";
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@materus" "noatime" "compress=zstd" "ssd" "space_cache=v2"];
|
||||
options = [ "subvol=@materus" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
|
||||
fileSystems."/etc/nixos" =
|
||||
{ device = "/materus/config/nixos-config";
|
||||
fileSystems."/etc/nixos" =
|
||||
{
|
||||
device = "/materus/config/nixos-config";
|
||||
fsType = "none";
|
||||
options = [ "bind" ];
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/disk/by-label/NixOS_Home";
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Home";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@home" "nossd" "noatime" "compress=zstd" "space_cache=v2" "autodefrag" ];
|
||||
};
|
||||
fileSystems."/materus/data" =
|
||||
{ device = "/dev/disk/by-label/NixOS_Home";
|
||||
fileSystems."/materus/data" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Home";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@data" "nossd" "noatime" "compress=zstd" "space_cache=v2" "autodefrag" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-label/NixOS_Root";
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@boot" "ssd" ];
|
||||
};
|
||||
@@ -63,7 +71,8 @@
|
||||
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{ device = "/dev/disk/by-label/NixOS_EFI";
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_EFI";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
|
||||
@@ -115,7 +115,7 @@
|
||||
isNormalUser = true;
|
||||
description = "Mateusz Słodkowicz";
|
||||
extraGroups = [ "networkmanager" "wheel" ];
|
||||
openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/materus.pub") ];
|
||||
openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/materus.pub") ];
|
||||
packages = with pkgs; [
|
||||
kate
|
||||
];
|
||||
@@ -135,7 +135,7 @@
|
||||
lshw
|
||||
steamcmd
|
||||
distrobox
|
||||
|
||||
|
||||
|
||||
config.materus.profile.packages.firefox
|
||||
config.programs.java.package
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" "noatime" "ssd" "space_cache=v2" "compress=zstd" ];
|
||||
};
|
||||
fileSystems."/nix" =
|
||||
fileSystems."/nix" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root_Laptop";
|
||||
fsType = "btrfs";
|
||||
|
||||
@@ -14,34 +14,35 @@
|
||||
};
|
||||
hardware.pulseaudio.enable = false;
|
||||
|
||||
environment.sessionVariables = let
|
||||
makePluginPath = format:
|
||||
environment.sessionVariables =
|
||||
let
|
||||
makePluginPath = format:
|
||||
(lib.makeSearchPath format [
|
||||
"$HOME/.nix-profile/lib"
|
||||
"/run/current-system/sw/lib"
|
||||
"/etc/profiles/per-user/$USER/lib"
|
||||
])
|
||||
+ ":$HOME/.${format}";
|
||||
in
|
||||
{
|
||||
ALSOFT_DRIVERS = "pulse";
|
||||
in
|
||||
{
|
||||
ALSOFT_DRIVERS = "pulse";
|
||||
|
||||
DSSI_PATH = makePluginPath "dssi";
|
||||
LADSPA_PATH = makePluginPath "ladspa";
|
||||
LV2_PATH = makePluginPath "lv2";
|
||||
LXVST_PATH = makePluginPath "lxvst";
|
||||
VST_PATH = makePluginPath "vst";
|
||||
VST3_PATH = makePluginPath "vst3";
|
||||
DSSI_PATH = makePluginPath "dssi";
|
||||
LADSPA_PATH = makePluginPath "ladspa";
|
||||
LV2_PATH = makePluginPath "lv2";
|
||||
LXVST_PATH = makePluginPath "lxvst";
|
||||
VST_PATH = makePluginPath "vst";
|
||||
VST3_PATH = makePluginPath "vst3";
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
services.udev = {
|
||||
extraRules = ''
|
||||
KERNEL=="rtc0", GROUP="audio"
|
||||
KERNEL=="hpet", GROUP="audio"
|
||||
KERNEL=="rtc0", GROUP="audio"
|
||||
KERNEL=="hpet", GROUP="audio"
|
||||
'';
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
environment.systemPackages = with pkgs; [
|
||||
openal
|
||||
pulseaudio
|
||||
|
||||
@@ -59,4 +60,4 @@
|
||||
|
||||
];
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
|
||||
./audio.nix
|
||||
];
|
||||
|
||||
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
system.copySystemConfiguration = false;
|
||||
|
||||
@@ -30,7 +30,7 @@
|
||||
nixpkgs-fmt
|
||||
cmake
|
||||
gnumake
|
||||
ninja
|
||||
ninja
|
||||
binutils
|
||||
coreutils
|
||||
util-linux
|
||||
@@ -54,12 +54,12 @@
|
||||
libGLU.dev
|
||||
vulkan-loader.dev
|
||||
xorg.xorgproto
|
||||
xorg.libX11.dev
|
||||
xorg.libX11.dev
|
||||
xorg.libXrandr.dev
|
||||
xorg.libXrender.dev
|
||||
rustup
|
||||
freetype.dev
|
||||
|
||||
|
||||
fpc
|
||||
openjdk21
|
||||
bison
|
||||
@@ -71,7 +71,7 @@
|
||||
]);
|
||||
|
||||
editor.emacs.enable = false;
|
||||
|
||||
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
|
||||
{ config, pkgs, lib,... }:
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
|
||||
|
||||
@@ -19,27 +18,27 @@
|
||||
services.gnome.core-os-services.enable = true;
|
||||
|
||||
programs.gnupg.agent.pinentryFlavor = "gnome3";
|
||||
|
||||
|
||||
|
||||
programs.gnome-terminal.enable = true;
|
||||
|
||||
|
||||
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
|
||||
services.dbus.packages = with pkgs; [ gnome2.GConf ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
||||
gnome3.adwaita-icon-theme
|
||||
gnome3.gnome-tweaks
|
||||
gnome3.gnome-color-manager
|
||||
gnome3.gnome-shell-extensions
|
||||
gnome3.adwaita-icon-theme
|
||||
gnome3.gnome-tweaks
|
||||
gnome3.gnome-color-manager
|
||||
gnome3.gnome-shell-extensions
|
||||
|
||||
gnomeExtensions.appindicator
|
||||
gnomeExtensions.desktop-clock
|
||||
gnomeExtensions.gtk4-desktop-icons-ng-ding
|
||||
gnomeExtensions.compiz-windows-effect
|
||||
gnomeExtensions.burn-my-windows
|
||||
gnomeExtensions.user-themes
|
||||
gnomeExtensions.gsconnect
|
||||
|
||||
gnomeExtensions.appindicator
|
||||
gnomeExtensions.desktop-clock
|
||||
gnomeExtensions.gtk4-desktop-icons-ng-ding
|
||||
gnomeExtensions.compiz-windows-effect
|
||||
gnomeExtensions.burn-my-windows
|
||||
gnomeExtensions.user-themes
|
||||
gnomeExtensions.gsconnect
|
||||
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -29,7 +29,7 @@ in
|
||||
services.xserver.displayManager.sddm.settings = {
|
||||
General = {
|
||||
#DisplayServer = "wayland";
|
||||
InputMethod="";
|
||||
InputMethod = "";
|
||||
};
|
||||
Theme = {
|
||||
CursorTheme = "breeze_cursors";
|
||||
@@ -37,25 +37,25 @@ in
|
||||
};
|
||||
Wayland = {
|
||||
#CompositorCommand = "${pkgs.weston}/bin/weston -c ${westonSddm}";
|
||||
|
||||
|
||||
};
|
||||
};
|
||||
services.xserver.desktopManager.plasma6.enable = true;
|
||||
services.xserver.desktopManager.plasma6.enableQt5Integration = true;
|
||||
programs.gnupg.agent.pinentryFlavor = "gnome3";
|
||||
environment.plasma6.excludePackages = with pkgs.kdePackages; [ kwallet kwalletmanager kwallet-pam ];
|
||||
|
||||
|
||||
environment.variables = {
|
||||
# Old fix for black cursor on amdgpu, seems to work fine now
|
||||
#KWIN_DRM_NO_AMS = "1";
|
||||
|
||||
#Fix for amdgpu crashes
|
||||
KWIN_DRM_USE_MODIFIERS="0";
|
||||
KWIN_DRM_NO_DIRECT_SCANOUT="1";
|
||||
KWIN_DRM_USE_MODIFIERS = "0";
|
||||
KWIN_DRM_NO_DIRECT_SCANOUT = "1";
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
||||
];
|
||||
|
||||
materus.profile.steam.extraPkgs = [pkgs.kdePackages.breeze pkgs.kdePackages.breeze-gtk pkgs.kdePackages.dolphin];
|
||||
materus.profile.steam.extraPkgs = [ pkgs.kdePackages.breeze pkgs.kdePackages.breeze-gtk pkgs.kdePackages.dolphin ];
|
||||
}
|
||||
|
||||
@@ -6,8 +6,8 @@
|
||||
networking.networkmanager.enable = true;
|
||||
#networking.networkmanager.wifi.backend = "iwd";
|
||||
networking.firewall.enable = true;
|
||||
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656 8080 9943 9944];
|
||||
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656 6000 9943 9944];
|
||||
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656 8080 9943 9944 ];
|
||||
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656 6000 9943 9944 ];
|
||||
#Fix warning
|
||||
networking.networkmanager.extraConfig = lib.mkDefault ''
|
||||
[connectivity]
|
||||
|
||||
@@ -1,50 +1,50 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
valkyrie-sync = pkgs.writeShellScriptBin "valkyrie-sync" ''
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@valkyrie:/materus/config/ && \
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/valkyrie materus@valkyrie:/materus/config/private
|
||||
'';
|
||||
valkyrie-sync = pkgs.writeShellScriptBin "valkyrie-sync" ''
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@valkyrie:/materus/config/ && \
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/valkyrie materus@valkyrie:/materus/config/private
|
||||
'';
|
||||
|
||||
valkyrie-flakelock = pkgs.writeShellScriptBin "valkyrie-flakelock" ''
|
||||
${pkgs.openssh}/bin/ssh materus@valkyrie "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
|
||||
--override-input home-manager github:nix-community/home-manager/release-23.05 \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
valkyrie-flakelock = pkgs.writeShellScriptBin "valkyrie-flakelock" ''
|
||||
${pkgs.openssh}/bin/ssh materus@valkyrie "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
|
||||
--override-input home-manager github:nix-community/home-manager/release-23.05 \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
|
||||
valkyrie-rebuild-boot = pkgs.writeShellScriptBin "valkyrie-rebuild-boot" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild boot --flake /materus/config/nixos-config#valkyrie \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
valkyrie-rebuild-switch = pkgs.writeShellScriptBin "valkyrie-rebuild-switch" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild switch --flake /materus/config/nixos-config#valkyrie \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
valkyrie-rebuild-boot = pkgs.writeShellScriptBin "valkyrie-rebuild-boot" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild boot --flake /materus/config/nixos-config#valkyrie \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
valkyrie-rebuild-switch = pkgs.writeShellScriptBin "valkyrie-rebuild-switch" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild switch --flake /materus/config/nixos-config#valkyrie \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
|
||||
|
||||
|
||||
flamaster-sync = pkgs.writeShellScriptBin "flamaster-sync" ''
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@flamaster:/materus/config/ && \
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/flamaster materus@flamaster:/materus/config/private
|
||||
'';
|
||||
flamaster-sync = pkgs.writeShellScriptBin "flamaster-sync" ''
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@flamaster:/materus/config/ && \
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/flamaster materus@flamaster:/materus/config/private
|
||||
'';
|
||||
|
||||
flamaster-flakelock = pkgs.writeShellScriptBin "flamaster-flakelock" ''
|
||||
${pkgs.openssh}/bin/ssh materus@flamaster "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
|
||||
--override-input home-manager github:nix-community/home-manager/release-23.05 \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
flamaster-flakelock = pkgs.writeShellScriptBin "flamaster-flakelock" ''
|
||||
${pkgs.openssh}/bin/ssh materus@flamaster "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
|
||||
--override-input home-manager github:nix-community/home-manager/release-23.05 \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
|
||||
flamaster-rebuild-boot = pkgs.writeShellScriptBin "flamaster-rebuild-boot" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild boot --flake /materus/config/nixos-config#flamaster \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
flamaster-rebuild-switch = pkgs.writeShellScriptBin "flamaster-rebuild-switch" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild switch --flake /materus/config/nixos-config#flamaster \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
flamaster-rebuild-boot = pkgs.writeShellScriptBin "flamaster-rebuild-boot" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild boot --flake /materus/config/nixos-config#flamaster \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
flamaster-rebuild-switch = pkgs.writeShellScriptBin "flamaster-rebuild-switch" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild switch --flake /materus/config/nixos-config#flamaster \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
|
||||
|
||||
in
|
||||
{
|
||||
{
|
||||
environment.systemPackages = [
|
||||
valkyrie-rebuild-boot
|
||||
valkyrie-rebuild-switch
|
||||
@@ -55,5 +55,5 @@ in
|
||||
flamaster-rebuild-switch
|
||||
flamaster-sync
|
||||
flamaster-flakelock
|
||||
];
|
||||
];
|
||||
}
|
||||
|
||||
@@ -2,25 +2,25 @@
|
||||
{
|
||||
imports =
|
||||
[
|
||||
|
||||
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [] );
|
||||
|
||||
sops.age.generateKey = false;
|
||||
sops.gnupg.home = null;
|
||||
sops.gnupg.sshKeyPaths = [];
|
||||
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
|
||||
sops.secrets."users/materus" = {};
|
||||
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
|
||||
|
||||
services.openssh.hostKeys = [
|
||||
{
|
||||
bits = 4096;
|
||||
path = "/materus/root/ssh_host_rsa_key";
|
||||
type = "rsa";
|
||||
}
|
||||
{
|
||||
path = "/materus/root/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}
|
||||
];
|
||||
sops.age.generateKey = false;
|
||||
sops.gnupg.home = null;
|
||||
sops.gnupg.sshKeyPaths = [ ];
|
||||
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
|
||||
sops.secrets."users/materus" = { };
|
||||
|
||||
services.openssh.hostKeys = [
|
||||
{
|
||||
bits = 4096;
|
||||
path = "/materus/root/ssh_host_rsa_key";
|
||||
type = "rsa";
|
||||
}
|
||||
{
|
||||
path = "/materus/root/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}
|
||||
];
|
||||
|
||||
}
|
||||
|
||||
@@ -103,10 +103,10 @@
|
||||
XDG_BIN_HOME = "\${HOME}/.local/bin";
|
||||
XDG_DATA_HOME = "\${HOME}/.local/share";
|
||||
QT_XKB_CONFIG_ROOT = "\${XKB_CONFIG_ROOT}";
|
||||
GTK_IM_MODULE="fcitx";
|
||||
QT_IM_MODULE="fcitx";
|
||||
XMODIFIERS="@im=fcitx";
|
||||
SDL_IM_MODULE="fcitx";
|
||||
GTK_IM_MODULE = "fcitx";
|
||||
QT_IM_MODULE = "fcitx";
|
||||
XMODIFIERS = "@im=fcitx";
|
||||
SDL_IM_MODULE = "fcitx";
|
||||
#SDL_AUDIODRIVER = "pipewire";
|
||||
|
||||
#SSH_ASKPASS_REQUIRE = "prefer";
|
||||
@@ -122,7 +122,7 @@
|
||||
'';
|
||||
|
||||
i18n.inputMethod.enabled = "fcitx5";
|
||||
i18n.inputMethod.fcitx5.addons = [ pkgs.fcitx5-configtool pkgs.fcitx5-lua pkgs.fcitx5-mozc pkgs.fcitx5-gtk pkgs.kdePackages.fcitx5-qt];
|
||||
i18n.inputMethod.fcitx5.addons = [ pkgs.fcitx5-configtool pkgs.fcitx5-lua pkgs.fcitx5-mozc pkgs.fcitx5-gtk pkgs.kdePackages.fcitx5-qt ];
|
||||
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
@@ -260,7 +260,7 @@
|
||||
monkeysphere
|
||||
gparted
|
||||
|
||||
|
||||
|
||||
|
||||
virt-viewer
|
||||
|
||||
@@ -274,7 +274,7 @@
|
||||
bubblewrap
|
||||
bindfs
|
||||
|
||||
|
||||
|
||||
|
||||
binutils
|
||||
config.materus.profile.packages.firefox
|
||||
|
||||
@@ -5,24 +5,27 @@
|
||||
];
|
||||
|
||||
systemd.mounts = [
|
||||
{ where = "/dev/hugepages";
|
||||
enable = false;
|
||||
}
|
||||
{ where = "/dev/hugepages/hugepages-2048kB";
|
||||
enable = true;
|
||||
what = "hugetlbfs";
|
||||
type = "hugetlbfs";
|
||||
options = "pagesize=2M";
|
||||
requiredBy = [ "basic.target" ];
|
||||
}
|
||||
{ where = "/dev/hugepages/hugepages-1048576kB";
|
||||
enable = true;
|
||||
what = "hugetlbfs";
|
||||
type = "hugetlbfs";
|
||||
options = "pagesize=1G";
|
||||
requiredBy = [ "basic.target" ];
|
||||
}
|
||||
];
|
||||
{
|
||||
where = "/dev/hugepages";
|
||||
enable = false;
|
||||
}
|
||||
{
|
||||
where = "/dev/hugepages/hugepages-2048kB";
|
||||
enable = true;
|
||||
what = "hugetlbfs";
|
||||
type = "hugetlbfs";
|
||||
options = "pagesize=2M";
|
||||
requiredBy = [ "basic.target" ];
|
||||
}
|
||||
{
|
||||
where = "/dev/hugepages/hugepages-1048576kB";
|
||||
enable = true;
|
||||
what = "hugetlbfs";
|
||||
type = "hugetlbfs";
|
||||
options = "pagesize=1G";
|
||||
requiredBy = [ "basic.target" ];
|
||||
}
|
||||
];
|
||||
|
||||
virtualisation.libvirtd = {
|
||||
enable = true;
|
||||
|
||||
@@ -14,36 +14,36 @@ let
|
||||
''
|
||||
+*/
|
||||
''
|
||||
# Make sure nothing renders on gpu to prevent "sysfs: cannot create duplicate filename" after rebinding to amdgpu
|
||||
chmod 0 /dev/dri/renderD128
|
||||
fuser -k /dev/dri/renderD128
|
||||
# Make sure nothing renders on gpu to prevent "sysfs: cannot create duplicate filename" after rebinding to amdgpu
|
||||
chmod 0 /dev/dri/renderD128
|
||||
fuser -k /dev/dri/renderD128
|
||||
|
||||
# Seems to fix reset bug for 7900 XTX
|
||||
echo "0" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/d3cold_allowed"
|
||||
# Seems to fix reset bug for 7900 XTX
|
||||
echo "0" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/d3cold_allowed"
|
||||
|
||||
systemctl stop mountWin10Share.service
|
||||
systemctl stop mountWin10Share.service
|
||||
|
||||
|
||||
echo ''$VIRSH_GPU_VIDEO > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/driver/unbind"
|
||||
echo ''$VIRSH_GPU_AUDIO > "/sys/bus/pci/devices/''${VIRSH_GPU_AUDIO}/driver/unbind"
|
||||
echo ''$VIRSH_GPU_VIDEO > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/driver/unbind"
|
||||
echo ''$VIRSH_GPU_AUDIO > "/sys/bus/pci/devices/''${VIRSH_GPU_AUDIO}/driver/unbind"
|
||||
|
||||
sleep 1s
|
||||
sleep 1s
|
||||
|
||||
echo "10" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource0_resize"
|
||||
echo "8" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource2_resize"
|
||||
echo "10" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource0_resize"
|
||||
echo "8" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource2_resize"
|
||||
|
||||
echo "3" > /proc/sys/vm/drop_caches
|
||||
echo "1" > /proc/sys/vm/compact_memory
|
||||
#echo "8192" > /sys/devices/system/node/node1/hugepages/hugepages-2048kB/nr_hugepages
|
||||
echo "3" > /proc/sys/vm/drop_caches
|
||||
echo "1" > /proc/sys/vm/compact_memory
|
||||
#echo "8192" > /sys/devices/system/node/node1/hugepages/hugepages-2048kB/nr_hugepages
|
||||
|
||||
|
||||
|
||||
systemctl set-property --runtime -- user.slice AllowedCPUs=0-7,16-23
|
||||
systemctl set-property --runtime -- system.slice AllowedCPUs=0-7,16-23
|
||||
systemctl set-property --runtime -- init.scope AllowedCPUs=0-7,16-23
|
||||
systemctl set-property --runtime -- user.slice AllowedCPUs=0-7,16-23
|
||||
systemctl set-property --runtime -- system.slice AllowedCPUs=0-7,16-23
|
||||
systemctl set-property --runtime -- init.scope AllowedCPUs=0-7,16-23
|
||||
|
||||
|
||||
'';
|
||||
'';
|
||||
stopHook = ''
|
||||
|
||||
# Debugging
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./services
|
||||
];
|
||||
];
|
||||
|
||||
materus.profile.nix.enable = true;
|
||||
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports =
|
||||
imports =
|
||||
[
|
||||
./pleroma.nix
|
||||
./pihole.nix
|
||||
];
|
||||
services.adguardhome.enable = true;
|
||||
services.adguardhome.enable = true;
|
||||
|
||||
valkyrieService.pihole.enable = false;
|
||||
valkyrieService.pleroma.enable = true;
|
||||
valkyrieService.pihole.enable = false;
|
||||
valkyrieService.pleroma.enable = true;
|
||||
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,54 +1,56 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
{
|
||||
options.valkyrieService.pihole.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable pihole";
|
||||
options.valkyrieService.pihole.dnsIP = lib.mkOption { default = "127.0.0.1";};
|
||||
options.valkyrieService.pihole.webIP = lib.mkOption { default = "127.0.0.1";};
|
||||
options.valkyrieService.pihole.dnsIP = lib.mkOption { default = "127.0.0.1"; };
|
||||
options.valkyrieService.pihole.webIP = lib.mkOption { default = "127.0.0.1"; };
|
||||
|
||||
|
||||
|
||||
config = let
|
||||
cfg = config.valkyrieService.pihole;
|
||||
dnsmasqConf = pkgs.writeText "02-dnsmasq-custom.conf" ''
|
||||
no-hosts
|
||||
'';
|
||||
|
||||
in lib.mkIf config.valkyrieService.pihole.enable {
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/lib/dnsmasq.d 0776 root root -"
|
||||
"d /var/lib/pihole 0776 root root -"
|
||||
"L+ /var/lib/dnsmasq.d/02-dnsmasq-custom.conf 0776 root root - ${dnsmasqConf}"
|
||||
];
|
||||
config =
|
||||
let
|
||||
cfg = config.valkyrieService.pihole;
|
||||
dnsmasqConf = pkgs.writeText "02-dnsmasq-custom.conf" ''
|
||||
no-hosts
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers.pihole = {
|
||||
image = "pihole/pihole:latest";
|
||||
ports =
|
||||
[
|
||||
"${cfg.dnsIP}:53:53/tcp"
|
||||
"${cfg.dnsIP}:53:53/udp"
|
||||
"${cfg.webIP}:3000:80"
|
||||
];
|
||||
environment = {
|
||||
TZ = "Europe/Warsaw";
|
||||
FTLCONF_LOCAL_IPV4="127.0.0.1";
|
||||
DNSMASQ_USER="root";
|
||||
VIRTUAL_HOST="pi.hole";
|
||||
PROXY_LOCATION="pi.hole";
|
||||
};
|
||||
volumes = [
|
||||
"/var/lib/pihole/:/etc/pihole/"
|
||||
"/var/lib/dnsmasq.d:/etc/dnsmasq.d/"
|
||||
"/nix/store:/nix/store"
|
||||
in
|
||||
lib.mkIf config.valkyrieService.pihole.enable {
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/lib/dnsmasq.d 0776 root root -"
|
||||
"d /var/lib/pihole 0776 root root -"
|
||||
"L+ /var/lib/dnsmasq.d/02-dnsmasq-custom.conf 0776 root root - ${dnsmasqConf}"
|
||||
];
|
||||
extraOptions =
|
||||
[
|
||||
"--cap-add=NET_ADMIN"
|
||||
"--dns=127.0.0.1"
|
||||
"--dns=9.9.9.9"
|
||||
"--hostname=pi.hole"
|
||||
];
|
||||
};
|
||||
|
||||
};
|
||||
virtualisation.oci-containers.containers.pihole = {
|
||||
image = "pihole/pihole:latest";
|
||||
ports =
|
||||
[
|
||||
"${cfg.dnsIP}:53:53/tcp"
|
||||
"${cfg.dnsIP}:53:53/udp"
|
||||
"${cfg.webIP}:3000:80"
|
||||
];
|
||||
environment = {
|
||||
TZ = "Europe/Warsaw";
|
||||
FTLCONF_LOCAL_IPV4 = "127.0.0.1";
|
||||
DNSMASQ_USER = "root";
|
||||
VIRTUAL_HOST = "pi.hole";
|
||||
PROXY_LOCATION = "pi.hole";
|
||||
};
|
||||
volumes = [
|
||||
"/var/lib/pihole/:/etc/pihole/"
|
||||
"/var/lib/dnsmasq.d:/etc/dnsmasq.d/"
|
||||
"/nix/store:/nix/store"
|
||||
];
|
||||
extraOptions =
|
||||
[
|
||||
"--cap-add=NET_ADMIN"
|
||||
"--dns=127.0.0.1"
|
||||
"--dns=9.9.9.9"
|
||||
"--hostname=pi.hole"
|
||||
];
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -6,7 +6,8 @@
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
environment.systemPackages = with pkgs; [
|
||||
@@ -15,15 +16,15 @@
|
||||
git
|
||||
];
|
||||
sound.enable = false;
|
||||
boot.tmp.useTmpfs = true;
|
||||
services.xserver.enable = false;
|
||||
boot.tmp.useTmpfs = true;
|
||||
services.xserver.enable = false;
|
||||
networking.hostName = "waffentrager";
|
||||
services.openssh.enable = true;
|
||||
users.users.materus = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPEDY+H8Hc/RSLE064AAh8IojvqxPd8BE5gec2aOfYMh materus@podkos.pl"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPEDY+H8Hc/RSLE064AAh8IojvqxPd8BE5gec2aOfYMh materus@podkos.pl"
|
||||
];
|
||||
};
|
||||
|
||||
@@ -37,7 +38,7 @@
|
||||
"https://cache.nixos.org/"
|
||||
"https://nixerus.cachix.org/"
|
||||
];
|
||||
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixerus.cachix.org-1:2x7sIG7y1vAoxc8BNRJwsfapZsiX4hIl4aTi9V5ZDdE="];
|
||||
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixerus.cachix.org-1:2x7sIG7y1vAoxc8BNRJwsfapZsiX4hIl4aTi9V5ZDdE=" ];
|
||||
};
|
||||
};
|
||||
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
|
||||
@@ -69,7 +70,7 @@
|
||||
# services.xserver.enable = true;
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Configure keymap in X11
|
||||
# services.xserver.layout = "us";
|
||||
|
||||
@@ -5,4 +5,4 @@
|
||||
materusCfg.configInputs.nixos-hardware.nixosModules.raspberry-pi-4
|
||||
./configuration.nix
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,7 +5,8 @@
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
boot.kernelPackages = pkgs.linuxPackages_rpi4;
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "usb_storage" ];
|
||||
@@ -16,7 +17,8 @@
|
||||
"vm.swappiness" = 10;
|
||||
};
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
|
||||
{
|
||||
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/etc/nixos" =
|
||||
|
||||
Reference in New Issue
Block a user