mirror of
https://github.com/materusPL/nixos-config
synced 2026-07-04 13:26:42 +00:00
Compare commits
52 Commits
400dadba7f
..
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
b7086ad070
|
|||
|
506c6844a8
|
|||
|
80f1b5e177
|
|||
|
9fcfab613d
|
|||
|
fb653eb0f4
|
|||
|
29adb6e6b0
|
|||
|
0c8f567a7e
|
|||
|
f89ff639c7
|
|||
|
1aa560a248
|
|||
|
9b7da5e109
|
|||
|
1035825618
|
|||
|
f40403e725
|
|||
|
481bfdde77
|
|||
|
ac43221eec
|
|||
|
a485b83e49
|
|||
|
6197a64c4a
|
|||
|
38afb1aa4f
|
|||
|
5a7e4a5020
|
|||
|
e37d2bb716
|
|||
|
76b54b8800
|
|||
|
33dcdb8c61
|
|||
|
640907f9e1
|
|||
|
5440b8aaf2
|
|||
|
65f9c1bb9d
|
|||
|
71710a3aa0
|
|||
|
0c4725063c
|
|||
|
1401ddc71c
|
|||
|
bc3fa6788b
|
|||
|
9afcf62bf3
|
|||
|
c159b6dfdd
|
|||
|
5f753f2050
|
|||
|
791e88e8a5
|
|||
|
9cc357c618
|
|||
|
4d38367fdb
|
|||
|
8f3b2266d3
|
|||
|
9292f61a3f
|
|||
|
3afafba3ce
|
|||
|
d51b13294c
|
|||
|
32e6adb6e3
|
|||
|
e916b8ca78
|
|||
|
7a2647d5ae
|
|||
|
ec3cac1c98
|
|||
|
8eb8d54d93
|
|||
|
bf522e0b25
|
|||
|
6db3e9995c
|
|||
|
a0af6e0844
|
|||
|
7111005253
|
|||
|
1cecb465c2
|
|||
|
8b9b884bc3
|
|||
|
576b955023
|
|||
|
bd10321f19
|
|||
|
e31a724c4b
|
Binary file not shown.
@@ -1 +1,3 @@
|
||||
\#*\#
|
||||
.vscode
|
||||
.theia
|
||||
@@ -1,18 +0,0 @@
|
||||
# nixos-config
|
||||
My NixOS and home-manager configs.
|
||||
Dotfiles and helper scripts.
|
||||
|
||||
Not all config is here, some I keep in private flake.
|
||||
|
||||
## Hosts
|
||||
materusPC - my main PC
|
||||
|
||||
Old-materusPC - my old PC, barely used
|
||||
|
||||
flamaster - my laptop, used mostly as server for games.
|
||||
|
||||
valkyrie - VPS, my website and pleroma instance
|
||||
|
||||
waffentrager - raspberry pi4, home server
|
||||
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
MATERUS = {}
|
||||
require("materus")
|
||||
@@ -0,0 +1,32 @@
|
||||
vim.opt.number = true
|
||||
vim.opt.expandtab = true
|
||||
vim.opt.cursorline = true
|
||||
vim.opt.shiftwidth = 2
|
||||
vim.opt.softtabstop = 2
|
||||
vim.opt.tabstop = 2
|
||||
vim.opt.clipboard:append { 'unnamed', 'unnamedplus' }
|
||||
|
||||
|
||||
--vim.g.cord_defer_startup = true
|
||||
|
||||
vim.pack.add({
|
||||
"https://github.com/nvim-lua/plenary.nvim",
|
||||
"https://github.com/muniftanjim/nui.nvim",
|
||||
"https://github.com/nvim-tree/nvim-web-devicons",
|
||||
"https://github.com/lewis6991/gitsigns.nvim",
|
||||
"https://github.com/mofiqul/dracula.nvim",
|
||||
"https://github.com/hrsh7th/nvim-cmp",
|
||||
"https://github.com/neovim/nvim-lspconfig",
|
||||
"https://github.com/stevearc/oil.nvim",
|
||||
"https://github.com/nvim-mini/mini.icons",
|
||||
"https://github.com/nvim-neo-tree/neo-tree.nvim",
|
||||
"https://github.com/romgrk/barbar.nvim",
|
||||
"https://github.com/nvim-telescope/telescope.nvim",
|
||||
"https://github.com/lambdalisue/vim-suda",
|
||||
"https://github.com/dstein64/nvim-scrollview",
|
||||
"https://github.com/vyfor/cord.nvim"
|
||||
})
|
||||
vim.cmd.colorscheme("dracula")
|
||||
|
||||
if vim.fn.executable("tree-sitter") == 1 and MATERUS.NIXOS ~= 1 then
|
||||
end
|
||||
@@ -0,0 +1,6 @@
|
||||
__HOME_ZPROFILE_SOURCED=1
|
||||
[[ -f "$ZSH_DATA_DIR/nix_profile.sh" ]] && source "$ZSH_DATA_DIR/nix_profile.sh"
|
||||
[[ -f "/etc/profile" ]] && emulate sh -c "source /etc/profile"
|
||||
[[ -f "~/.profile" ]] && emulate sh -c "source ~/.profile"
|
||||
|
||||
|
||||
@@ -0,0 +1,141 @@
|
||||
__HOME_ZSHRC_SOURCED=1
|
||||
|
||||
if [[ -r "${XDG_CACHE_HOME:-$HOME/.cache}/p10k-instant-prompt-${(%):-%n}.zsh" ]]; then
|
||||
source "${XDG_CACHE_HOME:-$HOME/.cache}/p10k-instant-prompt-${(%):-%n}.zsh"
|
||||
fi
|
||||
|
||||
bindkey -e
|
||||
if [ -n "$EAT_SHELL_INTEGRATION_DIR" ]; then
|
||||
source "$EAT_SHELL_INTEGRATION_DIR/zsh";
|
||||
fi
|
||||
|
||||
#Check if terminal is fullcolor
|
||||
if zmodload zsh/terminfo && (( "$terminfo[colors]" >= "256" )); then
|
||||
__MATERUS_ZSH_256COLORS="${__MATERUS_ZSH_256COLORS:-1}"; else
|
||||
__MATERUS_ZSH_256COLORS="${__MATERUS_ZSH_256COLORS:-0}";
|
||||
fi
|
||||
|
||||
#MSYS
|
||||
if [[ "$(uname -s)" =~ ^MSYS_NT.* ]]; then
|
||||
#Use windows symlink instead copy
|
||||
MSYS=winsymlinks:nativestrict
|
||||
fi
|
||||
|
||||
|
||||
#region Plugins
|
||||
# Clone plugins if not exists
|
||||
[ -d $ZSH_DATA_DIR/plugins/powerlevel10k ] || git clone https://github.com/romkatv/powerlevel10k $ZSH_DATA_DIR/plugins/powerlevel10k
|
||||
[ -d $ZSH_DATA_DIR/plugins/zsh-syntax-highlighting ] || git clone https://github.com/zsh-users/zsh-syntax-highlighting.git $ZSH_DATA_DIR/plugins/zsh-syntax-highlighting
|
||||
[ -d $ZSH_DATA_DIR/plugins/zsh-history-substring-search ] || git clone https://github.com/zsh-users/zsh-history-substring-search.git $ZSH_DATA_DIR/plugins/zsh-history-substring-search
|
||||
[ -d $ZSH_DATA_DIR/plugins/zsh-autosuggestions ] || git clone https://github.com/zsh-users/zsh-autosuggestions $ZSH_DATA_DIR/plugins/zsh-autosuggestions
|
||||
|
||||
source ${ZSH_DATA_DIR}/plugins/powerlevel10k/powerlevel10k.zsh-theme
|
||||
|
||||
source ${ZSH_DATA_DIR}/plugins/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
|
||||
source ${ZSH_DATA_DIR}/plugins/zsh-history-substring-search/zsh-history-substring-search.zsh
|
||||
source ${ZSH_DATA_DIR}/plugins/zsh-autosuggestions/zsh-autosuggestions.zsh
|
||||
#endregion
|
||||
|
||||
#region SUBSTRING SEARCH
|
||||
history-substring-search-up-prefixed(){
|
||||
HISTORY_SUBSTRING_SEARCH_PREFIXED=1 history-substring-search-up
|
||||
}
|
||||
history-substring-search-down-prefixed(){
|
||||
HISTORY_SUBSTRING_SEARCH_PREFIXED=1 history-substring-search-down
|
||||
}
|
||||
|
||||
zle -N history-substring-search-up-prefixed
|
||||
zle -N history-substring-search-down-prefixed
|
||||
#endregion
|
||||
|
||||
#region Init Variables
|
||||
export SAVEHIST=100000
|
||||
export HISTSIZE=$SAVEHIST
|
||||
export ZSH_PRIVATE=${ZSH_PRIVATE:-0}
|
||||
|
||||
mkdir -p $ZSH_DATA_DIR
|
||||
mkdir -p $ZSH_DATA_DIR/plugins
|
||||
|
||||
# Load config generated by nix
|
||||
[[ -f "$ZSH_DATA_DIR/nix.sh" ]] && source "$ZSH_DATA_DIR/nix.sh"
|
||||
|
||||
setopt HIST_SAVE_NO_DUPS
|
||||
setopt HIST_IGNORE_SPACE
|
||||
setopt HIST_IGNORE_DUPS
|
||||
setopt HIST_IGNORE_ALL_DUPS
|
||||
setopt EXTENDED_HISTORY
|
||||
|
||||
# Private history mode
|
||||
if [[ $ZSH_PRIVATE == 1 ]] then
|
||||
export HISTFILE="/dev/null";
|
||||
unsetopt SHARE_HISTORY;
|
||||
else
|
||||
export HISTFILE="$ZSH_DATA_DIR/zsh_history";
|
||||
setopt SHARE_HISTORY;
|
||||
fi
|
||||
#endregion
|
||||
|
||||
|
||||
#region Bindings
|
||||
source ${ZSH_CONFIG_DIR}/extra/zinputrc
|
||||
|
||||
bindkey -r "^["
|
||||
bindkey "^[[1;5C" forward-word
|
||||
bindkey "^[[1;5D" backward-word
|
||||
bindkey "^[[1;5A" history-substring-search-up-prefixed
|
||||
bindkey "^[[1;5B" history-substring-search-down-prefixed
|
||||
bindkey "$key[Up]" history-substring-search-up
|
||||
bindkey "$key[Down]" history-substring-search-down
|
||||
bindkey '^[[3~' delete-char
|
||||
bindkey '^[[3;2~' delete-word
|
||||
#endregion
|
||||
|
||||
#region Completions
|
||||
ZSH_COMPDIR="${ZSH_COMPDIR:-${XDG_CACHE_HOME:-${HOME}/.cache}/zsh}"
|
||||
ZSH_COMPDUMP="${ZSH_COMPDUMP:-${ZSH_COMPDIR}/.zcompdump-${HOST}-${ZSH_VERSION}}"
|
||||
if [[ ! -d ${ZSH_COMPDIR} ]]; then
|
||||
command mkdir -p "${ZSH_COMPDIR}"
|
||||
fi
|
||||
autoload -U compinit && compinit -d $ZSH_COMPDUMP
|
||||
source ${ZSH_CONFIG_DIR}/extra/zshcompletion.zsh
|
||||
#endregion
|
||||
|
||||
#region Functions
|
||||
zsh-private() {
|
||||
ZSH_PRIVATE=1 zsh
|
||||
}
|
||||
|
||||
myip() {
|
||||
wget -qO- https://wtfismyip.com/text
|
||||
}
|
||||
|
||||
speedtest() {
|
||||
curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python3
|
||||
}
|
||||
#endregion
|
||||
|
||||
#region Aliases
|
||||
if [[ "$TERM" = "xterm-kitty" ]]; then
|
||||
alias ssh="kitty +kitten ssh"
|
||||
fi
|
||||
if [[ $(whence -p "nvim") ]]; then
|
||||
EDITOR="${EDITOR:-nvim}"
|
||||
alias vim="nvim"
|
||||
alias vi="nvim"
|
||||
alias vimdiff="nvim -d"
|
||||
fi
|
||||
if [[ $(whence -p "eza") ]]; then
|
||||
alias l="eza -lahg --color=auto --hyperlink"
|
||||
alias ll="eza -alF --color=auto --hyperlink"
|
||||
alias ls="eza --color=auto"
|
||||
else
|
||||
alias l="ls -lah --color=auto"
|
||||
alias ll="ls -alF --color=auto"
|
||||
alias ls="ls --color=auto"
|
||||
fi
|
||||
|
||||
#endregion
|
||||
|
||||
if [[ "$__MATERUS_ZSH_256COLORS" = "1" ]] ; then [[ ! -f ${ZSH_CONFIG_DIR}/p10kcfg/fullcolor.zsh ]] || source ${ZSH_CONFIG_DIR}/p10kcfg/fullcolor.zsh;
|
||||
else [[ ! -f ${ZSH_CONFIG_DIR}/p10kcfg/compatibility.zsh ]] || source ${ZSH_CONFIG_DIR}/p10kcfg/compatibility.zsh;
|
||||
fi
|
||||
@@ -140,12 +140,11 @@ function __zsh_compl () {
|
||||
# Some functions, like _apt and _dpkg, are very slow. We can use a cache in
|
||||
# order to speed things up
|
||||
if [[ ${__COMP_CACHING:-yes} == yes ]]; then
|
||||
__COMP_CACHE_DIR=${__COMP_CACHE_DIR:-${ZDOTDIR:-$HOME}/.cache}
|
||||
if [[ ! -d ${__COMP_CACHE_DIR} ]]; then
|
||||
command mkdir -p "${__COMP_CACHE_DIR}"
|
||||
if [[ ! -d ${ZSH_COMPDIR} ]]; then
|
||||
command mkdir -p "${ZSH_COMPDIR}"
|
||||
fi
|
||||
zstyle ':completion:*' use-cache yes
|
||||
zstyle ':completion:*:complete:*' cache-path "${__COMP_CACHE_DIR}"
|
||||
zstyle ':completion:*:complete:*' cache-path "${ZSH_COMPDIR}"
|
||||
fi
|
||||
|
||||
# host completion
|
||||
+1
-1
@@ -1577,7 +1577,7 @@
|
||||
p10k segment -f 2 -i '*' -t 'hello, %n'
|
||||
}
|
||||
function prompt_private() {
|
||||
if [ $__MATERUS_HM_ZSH_PRIVATE = "1" ]; then
|
||||
if [ $ZSH_PRIVATE = "1" ]; then
|
||||
p10k segment -f 5 -t 'PRIVATE'
|
||||
fi
|
||||
}
|
||||
+1
-1
@@ -1682,7 +1682,7 @@
|
||||
#
|
||||
# Type `p10k help segment` for documentation and a more sophisticated example.
|
||||
function prompt_private() {
|
||||
if [ $__MATERUS_HM_ZSH_PRIVATE = "1" ]; then
|
||||
if [ $ZSH_PRIVATE = "1" ]; then
|
||||
p10k segment -b 54 -f 11 -i '' -t 'PRIVATE'
|
||||
fi
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
#TODO: Set ZDOTDIR based on MKK_CONFIG_PATH
|
||||
__HOME_ZSHENV_SOURCED=1
|
||||
ZDOTDIR=${XDG_CONFIG_HOME:-"$HOME/.config"}/zsh/cfg
|
||||
ZSH_DATA_DIR="${XDG_CONFIG_HOME:-"$HOME/.config"}/zsh/data"
|
||||
ZSH_CONFIG_DIR="${XDG_CONFIG_HOME:-"$HOME/.config"}/zsh/cfg"
|
||||
setopt no_global_rcs
|
||||
@@ -0,0 +1,9 @@
|
||||
local wezterm = require 'wezterm'
|
||||
local config = wezterm.config_builder()
|
||||
|
||||
-- config.color_scheme = 'Duotone Dark'
|
||||
|
||||
config.enable_scroll_bar = true
|
||||
config.scrollback_lines = 50000
|
||||
|
||||
return config
|
||||
@@ -0,0 +1,12 @@
|
||||
set -g history-limit 50000
|
||||
set -g display-time 4000
|
||||
set -g status-interval 5
|
||||
set -g default-terminal "screen-256color"
|
||||
set -g status-keys emacs
|
||||
set -g focus-events on
|
||||
setw -g aggressive-resize on
|
||||
setw -g mouse on
|
||||
setw -g clock-mode-style 24
|
||||
|
||||
set -ga terminal-overrides ',xterm*:smcup@:rmcup@'
|
||||
set -g allow-passthrough on
|
||||
@@ -1,308 +0,0 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, materusArg, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
boot.supportedFilesystems = [ "ntfs" ];
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
nix.settings.auto-optimise-store = true;
|
||||
nix.settings.substituters = [
|
||||
"https://nix-community.cachix.org"
|
||||
"https://cache.nixos.org/"
|
||||
];
|
||||
nix.settings.trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
device = "nodev";
|
||||
gfxmodeEfi = "1920x1080";
|
||||
gfxmodeBios = "1920x1080";
|
||||
useOSProber = true;
|
||||
};
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
boot.kernelPackages = pkgs.linuxPackages_zen;
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
||||
services.flatpak.enable = true;
|
||||
services.gvfs.enable = true;
|
||||
|
||||
networking.hostName = "Old-materusPC"; # Define your hostname.
|
||||
# Pick only one of the below networking options.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Warsaw";
|
||||
|
||||
|
||||
services.fstrim = {
|
||||
enable = true;
|
||||
interval = "weekly";
|
||||
};
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "pl_PL.UTF-8";
|
||||
console = {
|
||||
font = "lat2-16";
|
||||
# keyMap = "pl";
|
||||
useXkbConfig = true; # use xkbOptions in tty.
|
||||
};
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.enable = true;
|
||||
|
||||
|
||||
hardware.opengl.enable = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
|
||||
materus.profile.steam.enable = true;
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver.layout = "pl";
|
||||
# services.xserver.xkbOptions = {
|
||||
# "eurosign:e";
|
||||
# "caps:escape" # map caps to escape.
|
||||
# };
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
services.printing.enable = true;
|
||||
|
||||
# Enable sound.
|
||||
sound.enable = true;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
# If you want to use JACK applications, uncomment this
|
||||
jack.enable = true;
|
||||
};
|
||||
hardware.pulseaudio.enable = false;
|
||||
|
||||
|
||||
|
||||
virtualisation.podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
dockerSocket.enable = true;
|
||||
};
|
||||
|
||||
|
||||
users.users.materus = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" "networkmanager" "kvm" "input" "libvirt" "libvirtd" "podman" ];
|
||||
shell = pkgs.zsh;
|
||||
description = "Mateusz Słodkowicz";
|
||||
|
||||
};
|
||||
environment.sessionVariables = rec {
|
||||
XDG_CACHE_HOME = "\${HOME}/.cache";
|
||||
XDG_CONFIG_HOME = "\${HOME}/.config";
|
||||
XDG_BIN_HOME = "\${HOME}/.local/bin";
|
||||
XDG_DATA_HOME = "\${HOME}/.local/share";
|
||||
|
||||
#SSH_ASKPASS_REQUIRE = "prefer";
|
||||
|
||||
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d";
|
||||
|
||||
MOZ_USE_XINPUT2 = "1";
|
||||
PATH = [
|
||||
"\${XDG_BIN_HOME}"
|
||||
];
|
||||
};
|
||||
environment.shellInit = ''
|
||||
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:root &> /dev/null; fi;
|
||||
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:$USER &> /dev/null; fi;
|
||||
'';
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
|
||||
|
||||
|
||||
|
||||
i18n.inputMethod.enabled = "fcitx5";
|
||||
i18n.inputMethod.fcitx5.addons = [ pkgs.fcitx5-configtool pkgs.fcitx5-lua pkgs.fcitx5-mozc pkgs.libsForQt5.fcitx5-qt ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
brave
|
||||
|
||||
glibc
|
||||
patchelf
|
||||
vim
|
||||
wget
|
||||
killall
|
||||
xorg.xkill
|
||||
xorg.xhost
|
||||
nix-top
|
||||
gitFull
|
||||
curl
|
||||
jdk
|
||||
nss_latest
|
||||
aspell
|
||||
aspellDicts.pl
|
||||
aspellDicts.en
|
||||
aspellDicts.en-computers
|
||||
distrobox
|
||||
p7zip
|
||||
unrar
|
||||
bzip2
|
||||
rar
|
||||
unzip
|
||||
zstd
|
||||
xz
|
||||
zip
|
||||
gzip
|
||||
|
||||
tree
|
||||
mc
|
||||
lf
|
||||
htop
|
||||
nmon
|
||||
iftop
|
||||
iptraf-ng
|
||||
mprocs
|
||||
|
||||
|
||||
|
||||
nix-du
|
||||
git-crypt
|
||||
|
||||
|
||||
wineWowPackages.stagingFull
|
||||
winetricks
|
||||
protontricks
|
||||
openal
|
||||
gnupg
|
||||
ncurses
|
||||
monkeysphere
|
||||
gparted
|
||||
|
||||
inkscape
|
||||
gimp
|
||||
|
||||
|
||||
|
||||
|
||||
virt-manager
|
||||
libguestfs
|
||||
|
||||
bubblewrap
|
||||
bindfs
|
||||
|
||||
pulseaudio
|
||||
|
||||
binutils
|
||||
|
||||
|
||||
];
|
||||
|
||||
fonts.fontDir.enable = true;
|
||||
fonts.enableDefaultFonts = true;
|
||||
fonts.fonts = with pkgs; [
|
||||
dejavu_fonts
|
||||
hack-font
|
||||
noto-fonts
|
||||
noto-fonts-extra
|
||||
noto-fonts-emoji
|
||||
noto-fonts-cjk-sans
|
||||
noto-fonts-cjk-serif
|
||||
ubuntu_font_family
|
||||
wqy_zenhei
|
||||
monocraft
|
||||
(nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "Meslo" "ProFont" ]; })
|
||||
];
|
||||
fonts.fontconfig.enable = true;
|
||||
fonts.fontconfig.cache32Bit = true;
|
||||
fonts.fontconfig.defaultFonts.sansSerif = [ "Noto Sans" "DejaVu Sans" "WenQuanYi Zen Hei" "Noto Color Emoji" ];
|
||||
fonts.fontconfig.defaultFonts.serif = [ "Noto Serif" "DejaVu Serif" "WenQuanYi Zen Hei" "Noto Color Emoji" ];
|
||||
fonts.fontconfig.defaultFonts.emoji = [ "Noto Color Emoji" "OpenMoji Color" ];
|
||||
fonts.fontconfig.defaultFonts.monospace = [ "Hack Nerd Font" "Noto Sans Mono" "WenQuanYi Zen Hei Mono" ];
|
||||
|
||||
|
||||
environment.enableAllTerminfo = true;
|
||||
environment.pathsToLink = [ "/share/zsh" ];
|
||||
environment.shells = with pkgs; [ zsh ];
|
||||
programs = {
|
||||
steam = {
|
||||
enable = true;
|
||||
dedicatedServer.openFirewall = true;
|
||||
remotePlay.openFirewall = true;
|
||||
};
|
||||
fish.enable = true;
|
||||
java.enable = true;
|
||||
command-not-found.enable = false;
|
||||
dconf.enable = true;
|
||||
};
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
services.pcscd.enable = true;
|
||||
|
||||
/*systemd.user.services.gpg-agent.serviceConfig.ExecStart = [
|
||||
""
|
||||
''
|
||||
${pkgs.gnupg}/bin/gpg-agent --supervised \
|
||||
--pinentry-program ${pkgs.kwalletcli}/bin/pinentry-kwallet
|
||||
''
|
||||
];*/
|
||||
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = false;
|
||||
enableBrowserSocket = true;
|
||||
};
|
||||
programs.ssh.startAgent = true;
|
||||
|
||||
# List services that you want to enable:
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656 ];
|
||||
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656 ];
|
||||
# Or disable the firewall altogether.
|
||||
networking.firewall.enable = true;
|
||||
|
||||
# Copy the NixOS configuration file and link it from the resulting system
|
||||
# (/run/current-system/configuration.nix). This is useful in case you
|
||||
# accidentally delete configuration.nix.
|
||||
system.copySystemConfiguration = false;
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.11"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
||||
@@ -1,13 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
./secrets
|
||||
./configuration.nix
|
||||
./nvidia.nix
|
||||
./plasma.nix
|
||||
];
|
||||
|
||||
|
||||
|
||||
}
|
||||
@@ -1,91 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" "vfio-pci" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.kernel.sysctl = { "vm.swappiness" = 10; };
|
||||
boot.kernelParams = [ "ibt=off" "intel_iommu=on" "iommu=pt" "pcie_acs_override=downstream,multifunction" ];
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" "noatime" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@boot" "ssd" ];
|
||||
};
|
||||
|
||||
fileSystems."/materus" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@materus" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
neededForBoot = true;
|
||||
|
||||
};
|
||||
|
||||
fileSystems."/nix" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@nix" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Home";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@home" "nossd" "noatime" "compress=zstd" "space_cache=v2" "autodefrag" ];
|
||||
};
|
||||
|
||||
fileSystems."/materus/data" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Home";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@data" "nossd" "noatime" "compress=zstd" "space_cache=v2" "autodefrag" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/A5C2-31D1";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[{ device = "/dev/disk/by-label/NixOS_Swap"; }];
|
||||
|
||||
fileSystems."/etc/nixos" =
|
||||
{
|
||||
device = "/materus/config/nixos-config";
|
||||
fsType = "none";
|
||||
options = [ "bind" ];
|
||||
depends = [ "/materus" ];
|
||||
};
|
||||
|
||||
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp6s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkForce true;
|
||||
}
|
||||
@@ -1,79 +0,0 @@
|
||||
{ config, pkgs, materusArg, lib, ... }:
|
||||
{
|
||||
home.stateVersion = "22.11";
|
||||
home.homeDirectory = "/home/materus";
|
||||
programs.wezterm.enable = true;
|
||||
programs.git = {
|
||||
userEmail = "materus@podkos.pl";
|
||||
userName = "materus";
|
||||
signing.signByDefault = true;
|
||||
signing.key = "${materusArg.cfg.path}/extraFiles/keys/ssh/materus.pub";
|
||||
extraConfig = {
|
||||
commit.gpgsign = true;
|
||||
gpg.format = "ssh";
|
||||
};
|
||||
};
|
||||
materus.profile = {
|
||||
fonts.enable = lib.mkDefault true;
|
||||
nixpkgs.enable = lib.mkDefault false;
|
||||
enableDesktop = lib.mkDefault true;
|
||||
enableTerminal = lib.mkDefault true;
|
||||
enableTerminalExtra = lib.mkDefault true;
|
||||
enableNixDevel = lib.mkDefault true;
|
||||
editor.code.fhs.enable = true;
|
||||
editor.code.fhs.packages = (ps: with ps; let llvmpkgs = llvmPackages_16; in [
|
||||
llvmpkgs.clang
|
||||
llvmpkgs.llvm
|
||||
llvmpkgs.bintools
|
||||
llvmpkgs.lld
|
||||
llvmpkgs.lldb
|
||||
llvmpkgs.libllvm
|
||||
llvmpkgs.libllvm.dev
|
||||
|
||||
|
||||
gcc
|
||||
gdb
|
||||
|
||||
cmake
|
||||
gnumake
|
||||
ninja
|
||||
binutils
|
||||
coreutils
|
||||
util-linux
|
||||
|
||||
dotnet-sdk_8
|
||||
mono
|
||||
mold
|
||||
python3
|
||||
lua
|
||||
gtk4.dev
|
||||
gtk4
|
||||
miniaudio
|
||||
SDL2.dev
|
||||
SDL2
|
||||
freeglut.dev
|
||||
freeglut
|
||||
boost.dev
|
||||
boost
|
||||
glew.dev
|
||||
libGL.dev
|
||||
libGLU.dev
|
||||
vulkan-loader.dev
|
||||
|
||||
jdk
|
||||
|
||||
|
||||
ldc
|
||||
dmd
|
||||
dub
|
||||
]);
|
||||
|
||||
editor.emacs.enable = false;
|
||||
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
pkgs.papirus-icon-theme
|
||||
];
|
||||
|
||||
}
|
||||
@@ -1,32 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
services.xserver.videoDrivers = [ "nvidia" ];
|
||||
hardware.nvidia = {
|
||||
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
modesetting.enable = true;
|
||||
nvidiaSettings = true;
|
||||
prime = {
|
||||
offload = {
|
||||
enable = true;
|
||||
enableOffloadCmd = true;
|
||||
};
|
||||
intelBusId = "PCI:0:2:0";
|
||||
nvidiaBusId = "PCI:1:0:0";
|
||||
};
|
||||
|
||||
};
|
||||
hardware.opengl.extraPackages = with pkgs; [
|
||||
vaapiVdpau
|
||||
nvidia-vaapi-driver
|
||||
libvdpau-va-gl
|
||||
];
|
||||
|
||||
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
|
||||
vaapiVdpau
|
||||
nvidia-vaapi-driver
|
||||
libvdpau-va-gl
|
||||
];
|
||||
materus.profile.steam.extraEnv = {
|
||||
VK_ICD_FILENAMES=''''$VK_ICD_FILENAMES:/run/opengl-driver/share/vulkan/icd.d/nvidia_icd.x86_64.json:/run/opengl-driver-32/share/vulkan/icd.d/nvidia_icd.i686.json'';
|
||||
};
|
||||
}
|
||||
@@ -1,27 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.xserver.displayManager.sddm.wayland.enable = true;
|
||||
services.xserver.displayManager.sddm.settings = {
|
||||
General = {
|
||||
InputMethod = "";
|
||||
};
|
||||
Theme = {
|
||||
CursorTheme = "breeze_cursors";
|
||||
CursorSize = "24";
|
||||
};
|
||||
};
|
||||
environment.variables = {
|
||||
QT_PLUGIN_PATH = [ "${pkgs.qt6.qtimageformats}/${pkgs.qt6.qtbase.qtPluginPrefix}" ];
|
||||
XCURSOR_THEME = "breeze_cursors";
|
||||
};
|
||||
services.desktopManager.plasma6.enable = true;
|
||||
services.desktopManager.plasma6.enableQt5Integration = true;
|
||||
environment.plasma6.excludePackages = with pkgs.kdePackages; [ kwallet kwalletmanager kwallet-pam ];
|
||||
environment.systemPackages = with pkgs.kdePackages; [
|
||||
ark
|
||||
kate
|
||||
];
|
||||
materus.profile.steam.extraPkgs = [ pkgs.kdePackages.breeze pkgs.kdePackages.breeze-gtk pkgs.kdePackages.dolphin ];
|
||||
}
|
||||
@@ -1,25 +0,0 @@
|
||||
{ config, pkgs, lib, materusCfg, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
|
||||
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
|
||||
|
||||
sops.age.generateKey = false;
|
||||
sops.gnupg.home = null;
|
||||
sops.gnupg.sshKeyPaths = [ ];
|
||||
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
|
||||
sops.secrets."wg-key" = { };
|
||||
services.openssh.hostKeys = [
|
||||
{
|
||||
bits = 4096;
|
||||
path = "/materus/root/ssh_host_rsa_key";
|
||||
type = "rsa";
|
||||
}
|
||||
{
|
||||
path = "/materus/root/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}
|
||||
];
|
||||
|
||||
}
|
||||
Binary file not shown.
@@ -1,33 +0,0 @@
|
||||
wg-key: ENC[AES256_GCM,data:+z+Xxq6A1h5ceCOZry9PSz871zVZpd9Y6vtqpfoAulHCN03DjzZ/PLmRvYQ=,iv:7hdjnUuaRk30hFJ8rv4zXxI8v42RWC1iQb64LMNgBnQ=,tag:eUSTVygR+u9ERPU9gfhYIw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1el7zhjxkrlravpt7hw36fuac0xfgd42qkjjkvxzqmyl28u8csasqkd4a40
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsT2w4SCt2ZGdLYktHckMw
|
||||
QVhza2tqU2M1Q3lsYnhld1dKcTdYUHcvSzFrCjMxT05yU01nUmFQK0FCUThUNDNN
|
||||
V2EyTUhoVUNjNlNwTU9FeTlGRkxvVDgKLS0tIDBFYys1TmI0T0x0RnE2N3JCWWpq
|
||||
VFVjMGUvRVBaY0JsR2lVcUFsdk4rYjQKEiiqEcTaQSVXSAm5c9uylaf2Tt/KJtPl
|
||||
GDp+2YSBHHnVYjtYf7k9WqsIEe5/0AifDp3YA8jNhOXuZwZdvk+fLw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-03-30T18:21:12Z"
|
||||
mac: ENC[AES256_GCM,data:0DMB+ukujc6PMU45n1QJGryGie25Bj2hXmia69QgYZNk2vgfO+nYmWSpmqK4Z00xXNtbsgejfDto5mrzU/OJ4FF3eOfwWfdIwxQLEQKoPF5U3niON3YO8FEA+JIn+/fNGF3fY1AgBfhberST5ikKnmff1Nwe5GOwQHSB3LU+CZE=,iv:V89EFUby3bwsoZKpoJRmJS9E/UheMBkKDq7j40IzBTA=,tag:aOJnFFGIuzQ3T7YrIFiWtw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-03-30T18:20:23Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hF4D5fSX77p80GYSAQdAnUVLGsgIKd3EtSAGTPyXqSlsz1T8RnDvAtBz/XaH0y0w
|
||||
pkp84zTe85FRZDnTO8a44WkpNIrUih0CYQSPPCZqSi/qnIxPWgx67HTC1bPAO9Iw
|
||||
1GgBCQIQNcrKr4YNKSP5XxJqMXOyZD7rZ4g02Xdw5XplZ/y34m9c83S44XRgHwg4
|
||||
0obXI1UlsqyHf/ZnTM1pbXO/kdTdFomWvWbfbuKDgDvyiJJ18mJ48GOsv/SBBJjJ
|
||||
3877O+Ia5I8Chg==
|
||||
=q58P
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 28D140BCA60B4FD1
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
Binary file not shown.
@@ -1,61 +0,0 @@
|
||||
{ inputs, materusFlake }:
|
||||
|
||||
let
|
||||
profiles = import ../profile;
|
||||
|
||||
makeSystem = { host, arch ? "x86_64-linux", extraModules ? [ ], stable ? true, hmAsModule ? true, hmUsers ? [ "materus" ] }:
|
||||
let
|
||||
nixosSystem = if stable then inputs.nixpkgs-stable.lib.nixosSystem else inputs.nixpkgs.lib.nixosSystem;
|
||||
hm = if stable then inputs.configInputs-stable.home-manager else inputs.configInputs.home-manager;
|
||||
materusCfg = {
|
||||
inherit stable;
|
||||
inherit materusFlake;
|
||||
inherit host;
|
||||
inherit hm;
|
||||
inherit hmAsModule;
|
||||
nixerus = if stable then inputs.configInputs-stable.nixerus else inputs.configInputs.nixerus;
|
||||
configInputs = if stable then inputs.configInputs-stable else inputs.configInputs;
|
||||
path = materusFlake.selfPath;
|
||||
hostPath = materusFlake.selfPath + "/configurations/host/${host}";
|
||||
isHm = false;
|
||||
};
|
||||
in
|
||||
(nixosSystem {
|
||||
specialArgs = { inherit materusCfg; };
|
||||
system = arch;
|
||||
modules = [
|
||||
./${host}
|
||||
profiles.osProfile
|
||||
materusCfg.configInputs.sops-nix.nixosModules.sops
|
||||
(if hmAsModule then hm.nixosModules.home-manager else { })
|
||||
(if hmAsModule then
|
||||
{
|
||||
|
||||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.useUserPackages = true;
|
||||
home-manager.users = (builtins.foldl' (a: b: a // b) { } (builtins.map
|
||||
(user: {
|
||||
${user} = ({ ... }:
|
||||
{
|
||||
imports = [
|
||||
(materusFlake.selfPath + "/configurations/shared/home/${user}")
|
||||
(materusFlake.selfPath + "/configurations/host/${host}/home/${user}")
|
||||
profiles.homeProfile
|
||||
];
|
||||
});
|
||||
})
|
||||
hmUsers));
|
||||
home-manager.extraSpecialArgs = { materusCfg = materusCfg // { isHm = true; }; };
|
||||
} else { })
|
||||
|
||||
] ++ extraModules;
|
||||
}) // { inherit materusCfg; };
|
||||
in
|
||||
{
|
||||
materusPC = makeSystem { host = "materusPC"; stable = false; };
|
||||
flamaster = makeSystem { host = "flamaster"; stable = true; };
|
||||
valkyrie = makeSystem { host = "valkyrie"; stable = true; };
|
||||
waffentrager = makeSystem { host = "waffentrager"; stable = true; arch = "aarch64-linux"; };
|
||||
|
||||
Old-materusPC = makeSystem { host = "Old-materusPC"; stable = false; };
|
||||
}
|
||||
@@ -1,192 +0,0 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, materusArg, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
networking.wireless.iwd.enable = true;
|
||||
services.logind.lidSwitch = "ignore";
|
||||
services.logind.lidSwitchExternalPower = "ignore";
|
||||
programs.steam = {
|
||||
enable = true;
|
||||
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
|
||||
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
|
||||
};
|
||||
|
||||
programs.tmux = {
|
||||
enable = true;
|
||||
clock24 = true;
|
||||
};
|
||||
programs.java = {
|
||||
enable = true;
|
||||
package = pkgs.graalvm-ce;
|
||||
binfmt = true;
|
||||
};
|
||||
# Bootloader.
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
device = "nodev";
|
||||
useOSProber = true;
|
||||
gfxmodeEfi = pkgs.lib.mkDefault "1920x1080";
|
||||
gfxmodeBios = pkgs.lib.mkDefault "1920x1080";
|
||||
#efiInstallAsRemovable = true;
|
||||
};
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
|
||||
networking.hostName = "flamaster"; # Define your hostname.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
networking.networkmanager.wifi.backend = "iwd";
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Warsaw";
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "pl_PL.utf8";
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.enable = true;
|
||||
|
||||
services.xserver.videoDrivers = [ "nvidia" ];
|
||||
hardware.opengl.enable = true;
|
||||
hardware.nvidia.prime = {
|
||||
offload.enable = true;
|
||||
|
||||
# Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA
|
||||
intelBusId = "PCI:0:2:0";
|
||||
|
||||
# Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA
|
||||
nvidiaBusId = "PCI:1:0:0";
|
||||
};
|
||||
|
||||
|
||||
# Enable the KDE Plasma Desktop Environment.
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.xserver.desktopManager.plasma5.enable = true;
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver = {
|
||||
layout = "pl";
|
||||
xkbVariant = "";
|
||||
};
|
||||
|
||||
# Configure console keymap
|
||||
console.keyMap = "pl2";
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
services.printing.enable = true;
|
||||
|
||||
# Enable sound with pipewire.
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
# If you want to use JACK applications, uncomment this
|
||||
jack.enable = true;
|
||||
|
||||
# use the example session manager (no others are packaged yet so this is enabled by default,
|
||||
# no need to redefine it in your config for now)
|
||||
#media-session.enable = true;
|
||||
};
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.materus = {
|
||||
isNormalUser = true;
|
||||
description = "Mateusz Słodkowicz";
|
||||
extraGroups = [ "networkmanager" "wheel" ];
|
||||
openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/materus.pub") ];
|
||||
packages = with pkgs; [
|
||||
kate
|
||||
];
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
|
||||
# Allow unfree packages
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||||
wget
|
||||
util-linux
|
||||
killall
|
||||
pciutils
|
||||
lshw
|
||||
steamcmd
|
||||
distrobox
|
||||
|
||||
|
||||
config.materus.profile.packages.firefox
|
||||
config.programs.java.package
|
||||
|
||||
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
# programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
# };
|
||||
|
||||
# List services that you want to enable:
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 22 27015 25565 24454 8123 ];
|
||||
networking.firewall.allowedTCPPortRanges = [{ from = 16262; to = 16272; }];
|
||||
networking.firewall.allowedUDPPorts = [ 22 16261 16262 8766 8767 25565 24454 8123 ];
|
||||
# Or disable the firewall altogether.
|
||||
networking.firewall.enable = true;
|
||||
|
||||
networking.networkmanager.extraConfig = lib.mkDefault ''
|
||||
[connectivity]
|
||||
uri=http://nmcheck.gnome.org/check_network_status.txt
|
||||
'';
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
|
||||
programs.neovim.enable = true;
|
||||
programs.neovim.vimAlias = true;
|
||||
programs.neovim.viAlias = true;
|
||||
|
||||
services.flatpak.enable = true;
|
||||
xdg.portal.enable = true;
|
||||
|
||||
virtualisation.podman.enable = true;
|
||||
virtualisation.podman.dockerCompat = true;
|
||||
virtualisation.podman.enableNvidia = true;
|
||||
virtualisation.podman.dockerSocket.enable = true;
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./configuration.nix
|
||||
];
|
||||
materus.profile.nix.enable = true;
|
||||
materus.profile.steam.enable = true;
|
||||
|
||||
|
||||
}
|
||||
@@ -1,67 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root_Laptop";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" "noatime" "ssd" "space_cache=v2" "compress=zstd" ];
|
||||
};
|
||||
fileSystems."/nix" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root_Laptop";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@nix" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root_Laptop";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@boot" "ssd" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_EFI_L";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
|
||||
fileSystems."/etc/nixos" =
|
||||
{
|
||||
device = "/materus/config/nixos-config";
|
||||
fsType = "none";
|
||||
options = [ "bind" ];
|
||||
};
|
||||
|
||||
swapDevices = [{
|
||||
device = "/var/.swapfile";
|
||||
size = 32 * 1024;
|
||||
}];
|
||||
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
||||
@@ -1,23 +0,0 @@
|
||||
{ config, pkgs, materusArg, lib, ... }:
|
||||
{
|
||||
home.stateVersion = "23.05";
|
||||
home.homeDirectory = "/home/materus";
|
||||
|
||||
materus.profile = {
|
||||
fonts.enable = lib.mkDefault true;
|
||||
nixpkgs.enable = lib.mkDefault false;
|
||||
enableDesktop = lib.mkDefault true;
|
||||
enableTerminal = lib.mkDefault true;
|
||||
enableTerminalExtra = lib.mkDefault true;
|
||||
enableNixDevel = lib.mkDefault true;
|
||||
|
||||
zsh.enable = true;
|
||||
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
pkgs.papirus-icon-theme
|
||||
(materusArg.pkgs.polymc.wrap { extraJDKs = [ pkgs.graalvm-ce ]; })
|
||||
];
|
||||
|
||||
}
|
||||
@@ -1,106 +0,0 @@
|
||||
{config, pkgs, materusArg, ...}:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
gamescope
|
||||
#(pkgs.lutris.override { extraLibraries = pkgs: with pkgs; [ pkgs.samba pkgs.jansson pkgs.tdb pkgs.libunwind pkgs.libusb1 pkgs.gnutls pkgs.gtk3 pkgs.pango ]; })
|
||||
materusArg.pkgs.amdgpu-pro-libs.prefixes
|
||||
(pkgs.bottles.override { extraPkgs = pkgs: [ pkgs.libsForQt5.breeze-qt5 pkgs.kdePackages.breeze-gtk pkgs.nss_latest ]; extraLibraries = pkgs: [ pkgs.samba pkgs.jansson pkgs.tdb pkgs.libunwind pkgs.libusb1 pkgs.gnutls pkgs.gtk3 pkgs.pango ]; })
|
||||
glibc
|
||||
glib
|
||||
gtk3
|
||||
gtk4
|
||||
gsettings-desktop-schemas
|
||||
kdePackages.dolphin
|
||||
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||||
|
||||
patchelf
|
||||
killall
|
||||
util-linux
|
||||
xorg.xhost
|
||||
nix-top
|
||||
|
||||
gitFull
|
||||
curl
|
||||
wget
|
||||
|
||||
config.programs.java.package
|
||||
|
||||
nss_latest
|
||||
|
||||
pciutils
|
||||
|
||||
aspell
|
||||
aspellDicts.pl
|
||||
aspellDicts.en
|
||||
aspellDicts.en-computers
|
||||
steamtinkerlaunch
|
||||
distrobox
|
||||
# WebP support
|
||||
libwebp
|
||||
webp-pixbuf-loader
|
||||
|
||||
# Compression
|
||||
p7zip
|
||||
unrar
|
||||
bzip2
|
||||
rar
|
||||
unzip
|
||||
zstd
|
||||
xz
|
||||
zip
|
||||
gzip
|
||||
|
||||
tree
|
||||
mc
|
||||
lf
|
||||
htop
|
||||
nmon
|
||||
iftop
|
||||
iptraf-ng
|
||||
mprocs
|
||||
tldr
|
||||
bat
|
||||
##config.materus.profile.packages.home-manager
|
||||
gcr
|
||||
# pgcli
|
||||
# litecli
|
||||
materusArg.pkgs.alvr
|
||||
#zenmonitor
|
||||
|
||||
nix-du
|
||||
|
||||
|
||||
kate
|
||||
krusader
|
||||
|
||||
wineWowPackages.stagingFull
|
||||
winetricks
|
||||
protontricks
|
||||
gnupg
|
||||
pinentry
|
||||
pinentry-gnome3
|
||||
pinentry-curses
|
||||
ncurses
|
||||
monkeysphere
|
||||
gparted
|
||||
|
||||
|
||||
|
||||
virt-viewer
|
||||
|
||||
inkscape
|
||||
gimp
|
||||
|
||||
|
||||
|
||||
git-crypt
|
||||
|
||||
bubblewrap
|
||||
bindfs
|
||||
|
||||
|
||||
|
||||
binutils
|
||||
|
||||
];
|
||||
}
|
||||
@@ -1,31 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
|
||||
./hardware
|
||||
./vm
|
||||
./secrets
|
||||
|
||||
./scripts.nix
|
||||
./tmp.nix
|
||||
./network.nix
|
||||
|
||||
./kde.nix
|
||||
|
||||
./audio.nix
|
||||
./apps.nix
|
||||
];
|
||||
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
system.copySystemConfiguration = false;
|
||||
system.stateVersion = "23.05";
|
||||
|
||||
|
||||
materus.profile.nix.enable = true;
|
||||
materus.profile.nixpkgs.enable = true;
|
||||
materus.profile.fonts.enable = true;
|
||||
materus.profile.steam.enable = true;
|
||||
|
||||
}
|
||||
@@ -1,44 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
|
||||
|
||||
|
||||
services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.displayManager.gdm.wayland = true;
|
||||
|
||||
|
||||
|
||||
services.xserver.desktopManager.gnome.enable = true;
|
||||
services.xserver.desktopManager.gnome.sessionPath = [ pkgs.gnome.gpaste ];
|
||||
|
||||
services.gnome.gnome-online-accounts.enable = true;
|
||||
services.gnome.gnome-browser-connector.enable = true;
|
||||
services.gnome.core-utilities.enable = true;
|
||||
services.gnome.core-shell.enable = true;
|
||||
services.gnome.core-os-services.enable = true;
|
||||
|
||||
programs.gnupg.agent.pinentryPackage = lib.mkForce pkgs.pinentry-gnome3;
|
||||
|
||||
|
||||
programs.gnome-terminal.enable = true;
|
||||
|
||||
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
|
||||
services.dbus.packages = with pkgs; [ gnome2.GConf ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
||||
gnome3.adwaita-icon-theme
|
||||
gnome3.gnome-tweaks
|
||||
gnome3.gnome-color-manager
|
||||
gnome3.gnome-shell-extensions
|
||||
|
||||
gnomeExtensions.appindicator
|
||||
gnomeExtensions.desktop-clock
|
||||
gnomeExtensions.gtk4-desktop-icons-ng-ding
|
||||
gnomeExtensions.compiz-windows-effect
|
||||
gnomeExtensions.burn-my-windows
|
||||
gnomeExtensions.user-themes
|
||||
gnomeExtensions.gsconnect
|
||||
|
||||
];
|
||||
}
|
||||
@@ -1,59 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
video = [
|
||||
|
||||
"video=HDMI-A-3:1920x1080@144"
|
||||
"video=DP-3:1920x1080@240"
|
||||
|
||||
|
||||
#"video=DP-1:1920x1080@240"
|
||||
#"video=DP-2:1920x1080@240"
|
||||
#"video=HDMI-A-1:1920x1080@240"
|
||||
#"video=HDMI-A-2:1920x1080@240"
|
||||
|
||||
|
||||
];
|
||||
in
|
||||
{
|
||||
#Kernel
|
||||
boot.kernelPackages = pkgs.linuxPackages_zen;
|
||||
boot.kernelParams = [ "rcu_nocbs=${materusArg.materusPC.vmCores}" "nohz_full=${materusArg.materusPC.vmCores}" "vfio_iommu_type1.allow_unsafe_interrupts=1" "pcie_acs_override=downstream,multifunction" /*"pci-stub.ids=1002:744c"*/ "nox2apic" "nvme_core.default_ps_max_latency_us=0" "nvme_core.io_timeout=255" "nvme_core.max_retries=10" "nvme_core.shutdown_timeout=10" "amd_iommu=on" "iommu=pt" ] ++ video;
|
||||
boot.kernelModules = [ "pci-stub" "amdgpu" "i2c_dev" "kvm_amd" "vfio" "vfio_iommu_type1" "vfio-pci" ];
|
||||
boot.extraModprobeConfig = ''
|
||||
options kvm_amd nested=1 avic=1 npt=1 sev=0
|
||||
options vfio_iommu_type1 allow_unsafe_interrupts=1
|
||||
'';
|
||||
boot.kernel.sysctl = {
|
||||
"vm.max_map_count" = 1000000;
|
||||
"vm.swappiness" = 10;
|
||||
};
|
||||
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ "amdgpu" ];
|
||||
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
|
||||
|
||||
|
||||
boot.supportedFilesystems = [ "ntfs" "btrfs" "vfat" "exfat" "ext4" ];
|
||||
|
||||
boot.tmp.useTmpfs = true;
|
||||
|
||||
|
||||
#bootloader
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
device = "nodev";
|
||||
gfxmodeEfi = pkgs.lib.mkDefault "1920x1080@240";
|
||||
gfxmodeBios = pkgs.lib.mkDefault "1920x1080@240";
|
||||
useOSProber = true;
|
||||
memtest86.enable = true;
|
||||
};
|
||||
|
||||
boot.plymouth.enable = true;
|
||||
|
||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||
}
|
||||
@@ -1,61 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
./filesystem.nix
|
||||
./boot.nix
|
||||
|
||||
];
|
||||
hardware.firmware = with pkgs; [
|
||||
materusArg.pkgs.amdgpu-pro-libs.firmware.vcn
|
||||
#materusArg.pkgs.amdgpu-pro-libs.firmware
|
||||
linux-firmware
|
||||
alsa-firmware
|
||||
sof-firmware
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
DISABLE_LAYER_AMD_SWITCHABLE_GRAPHICS_1 = "1";
|
||||
VK_ICD_FILENAMES = "${pkgs.mesa.drivers}/share/vulkan/icd.d/radeon_icd.x86_64.json:${pkgs.driversi686Linux.mesa.drivers}/share/vulkan/icd.d/radeon_icd.i686.json";
|
||||
AMD_VULKAN_ICD = "RADV";
|
||||
RADV_PERFTEST = "gpl,rt,sam";
|
||||
OCL_ICD_VENDORS = "${pkgs.rocmPackages.clr.icd}/etc/OpenCL/vendors/";
|
||||
};
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkForce true;
|
||||
|
||||
#extra
|
||||
hardware.wooting.enable = true;
|
||||
hardware.bluetooth.enable = true;
|
||||
#Graphics
|
||||
hardware.opengl.enable = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
hardware.opengl.extraPackages = with pkgs; [
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
amdvlk
|
||||
rocmPackages.clr.icd
|
||||
rocmPackages.clr
|
||||
materusArg.pkgs.amdgpu-pro-libs.vulkan
|
||||
materusArg.pkgs.amdgpu-pro-libs.amf
|
||||
];
|
||||
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
|
||||
vaapiVdpau
|
||||
pkgs.driversi686Linux.amdvlk
|
||||
materusArg.pkgs.i686Linux.amdgpu-pro-libs.vulkan
|
||||
libvdpau-va-gl
|
||||
];
|
||||
services.udev.extraRules = ''
|
||||
|
||||
#GPU bar size
|
||||
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x1002", ATTR{device}=="0x744c", ATTR{resource0_resize}="15"
|
||||
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x1002", ATTR{device}=="0x744c", ATTR{resource2_resize}="8"
|
||||
'';
|
||||
|
||||
|
||||
#Trim
|
||||
services.fstrim = {
|
||||
enable = true;
|
||||
interval = "weekly";
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,68 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
zramSwap = {
|
||||
enable = true;
|
||||
memoryPercent = 25;
|
||||
};
|
||||
|
||||
swapDevices = [
|
||||
{
|
||||
label = "NixOS_Swap";
|
||||
}
|
||||
];
|
||||
|
||||
|
||||
fileSystems."/etc/nixos" =
|
||||
{
|
||||
device = "/materus/config/nixos-config";
|
||||
fsType = "none";
|
||||
options = [ "bind" ];
|
||||
depends = [ "/materus" ];
|
||||
};
|
||||
|
||||
|
||||
fileSystems."/materus" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@materus" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
neededForBoot = true;
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@" "noatime" "ssd" "space_cache=v2" "compress=zstd" ];
|
||||
};
|
||||
|
||||
fileSystems."/nix" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@nix" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@home" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_Root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@boot" "ssd" ];
|
||||
};
|
||||
|
||||
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{
|
||||
device = "/dev/disk/by-label/NixOS_EFI";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,96 +0,0 @@
|
||||
{ pkgs, materusArg, lib, ... }:
|
||||
{
|
||||
home.stateVersion = "23.05";
|
||||
home.homeDirectory = "/home/materus";
|
||||
|
||||
programs.git.signing.signByDefault = true;
|
||||
|
||||
xdg.userDirs.enable = true;
|
||||
xdg.portal.enable = true;
|
||||
xdg.portal.xdgOpenUsePortal = true;
|
||||
xdg.portal.extraPortals = [ pkgs.kdePackages.xdg-desktop-portal-kde ];
|
||||
xdg.portal.configPackages = [ pkgs.kdePackages.xdg-desktop-portal-kde ];
|
||||
materus.profile = {
|
||||
fonts.enable = lib.mkDefault true;
|
||||
nixpkgs.enable = lib.mkDefault false;
|
||||
enableDesktop = lib.mkDefault true;
|
||||
enableTerminal = lib.mkDefault true;
|
||||
enableTerminalExtra = lib.mkDefault true;
|
||||
enableNixDevel = lib.mkDefault true;
|
||||
editor.code.fhs.enable = true;
|
||||
editor.code.fhs.packages = (ps: with ps; let llvmpkgs = llvmPackages_16; in [
|
||||
llvmpkgs.clang
|
||||
llvmpkgs.llvm
|
||||
llvmpkgs.bintools
|
||||
llvmpkgs.lld
|
||||
llvmpkgs.lldb
|
||||
llvmpkgs.libllvm
|
||||
llvmpkgs.libllvm.dev
|
||||
|
||||
raylib
|
||||
gcc
|
||||
gdb
|
||||
nil
|
||||
nixfmt
|
||||
nixpkgs-fmt
|
||||
cmake
|
||||
gnumake
|
||||
ninja
|
||||
binutils
|
||||
coreutils
|
||||
util-linux
|
||||
openssl
|
||||
openssl.dev
|
||||
pkg-config
|
||||
dotnet-sdk_8
|
||||
mono
|
||||
mold
|
||||
python3
|
||||
lua
|
||||
gtk4.dev
|
||||
gtk4
|
||||
miniaudio
|
||||
SDL2.dev
|
||||
SDL2
|
||||
freeglut.dev
|
||||
freeglut
|
||||
boost.dev
|
||||
boost
|
||||
glew.dev
|
||||
libGL.dev
|
||||
libGLU.dev
|
||||
vulkan-loader.dev
|
||||
xorg.xorgproto
|
||||
xorg.libX11.dev
|
||||
xorg.libXrandr.dev
|
||||
xorg.libXrender.dev
|
||||
rustup
|
||||
freetype.dev
|
||||
|
||||
fpc
|
||||
openjdk21
|
||||
bison
|
||||
flex
|
||||
|
||||
ldc
|
||||
dmd
|
||||
dub
|
||||
]);
|
||||
|
||||
editor.emacs.enable = false;
|
||||
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
pkgs.papirus-icon-theme
|
||||
materusArg.pkgs.ffmpeg6-amf-full
|
||||
(materusArg.pkgs.polymc.wrap { extraJDKs = [ pkgs.graalvm-ce ]; extraLibs = [ ]; })
|
||||
pkgs.git-crypt
|
||||
];
|
||||
|
||||
programs.obs-studio = {
|
||||
enable = false;
|
||||
plugins = with pkgs.obs-studio-plugins; [ wlrobs obs-vaapi obs-vkcapture obs-gstreamer input-overlay obs-multi-rtmp obs-pipewire-audio-capture ];
|
||||
package = materusArg.pkgs.obs-amf;
|
||||
};
|
||||
}
|
||||
@@ -1,73 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
westonSddm = let xcfg = config.services.xserver; in pkgs.writeText "weston.ini"
|
||||
''
|
||||
[core]
|
||||
xwayland=false
|
||||
shell=fullscreen-shell.so
|
||||
|
||||
[keyboard]
|
||||
keymap_model = ${builtins.toString xcfg.xkb.model};
|
||||
keymap_layout = ${builtins.toString xcfg.xkb.layout};
|
||||
keymap_variant = ${builtins.toString xcfg.xkb.variant};
|
||||
keymap_options = ${builtins.toString xcfg.xkb.options};
|
||||
|
||||
[libinput]
|
||||
enable-tap = ${builtins.toString xcfg.libinput.mouse.tapping};
|
||||
left-handed = ${builtins.toString xcfg.libinput.mouse.leftHanded};
|
||||
|
||||
[output]
|
||||
name=DP-3
|
||||
mode=1920x1080@240
|
||||
|
||||
[output]
|
||||
name=DP-2
|
||||
mode=off
|
||||
|
||||
[output]
|
||||
name=HDMI-A-3
|
||||
mode=off
|
||||
|
||||
'';
|
||||
in
|
||||
{
|
||||
services.displayManager.defaultSession = "plasma";
|
||||
services.displayManager.sddm.enable = true;
|
||||
services.displayManager.sddm.wayland.enable = true;
|
||||
services.displayManager.sddm.wayland.compositor = lib.mkForce "weston";
|
||||
services.displayManager.sddm.wayland.compositorCommand = lib.concatStringsSep " " [
|
||||
"${lib.getExe pkgs.weston}"
|
||||
"--shell=kiosk"
|
||||
"-c ${westonSddm}"
|
||||
];
|
||||
|
||||
services.displayManager.sddm.settings = {
|
||||
General = {
|
||||
InputMethod = "";
|
||||
};
|
||||
Theme = {
|
||||
CursorTheme = "breeze_cursors";
|
||||
CursorSize = "24";
|
||||
};
|
||||
};
|
||||
services.desktopManager.plasma6.enable = true;
|
||||
services.desktopManager.plasma6.enableQt5Integration = true;
|
||||
programs.gnupg.agent.pinentryPackage = lib.mkForce pkgs.pinentry-gnome3;
|
||||
environment.plasma6.excludePackages = with pkgs.kdePackages; [ kwallet kwalletmanager kwallet-pam ];
|
||||
|
||||
environment.variables = {
|
||||
# Old fix for black cursor on amdgpu, seems to work fine now
|
||||
#KWIN_DRM_NO_AMS = "1";
|
||||
|
||||
#Fix for amdgpu crashes
|
||||
KWIN_DRM_USE_MODIFIERS = "0";
|
||||
KWIN_DRM_NO_DIRECT_SCANOUT = "1";
|
||||
QT_PLUGIN_PATH = [ "${pkgs.qt6.qtimageformats}/${pkgs.qt6.qtbase.qtPluginPrefix}" ];
|
||||
XCURSOR_THEME = "breeze_cursors";
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
kdePackages.ark
|
||||
];
|
||||
|
||||
materus.profile.steam.extraPkgs = [ pkgs.kdePackages.breeze pkgs.kdePackages.breeze-gtk pkgs.kdePackages.dolphin ];
|
||||
}
|
||||
@@ -1,51 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
{
|
||||
sops.templates."networkmanager.env".content = ''
|
||||
WIREGUARD_PRIVATEKEY="${config.sops.placeholder.wireguard}"
|
||||
'';
|
||||
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
networking.hostName = "materusPC";
|
||||
networking.wireless.iwd.enable = true;
|
||||
networking.networkmanager.enable = true;
|
||||
#networking.networkmanager.wifi.backend = "iwd";
|
||||
networking.firewall.enable = true;
|
||||
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656 8080 9943 9944 ];
|
||||
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656 6000 9943 9944 ];
|
||||
#Fix warning
|
||||
networking.networkmanager.extraConfig = lib.mkDefault ''
|
||||
[connectivity]
|
||||
uri=http://nmcheck.gnome.org/check_network_status.txt
|
||||
'';
|
||||
|
||||
networking.networkmanager.ensureProfiles.environmentFiles = [
|
||||
config.sops.templates."networkmanager.env".path
|
||||
];
|
||||
networking.networkmanager.ensureProfiles.profiles = {
|
||||
wg0 = {
|
||||
connection = {
|
||||
id = "wg0";
|
||||
type = "wireguard";
|
||||
interface-name = "wg0";
|
||||
};
|
||||
wireguard = {
|
||||
private-key = "$WIREGUARD_PRIVATEKEY";
|
||||
};
|
||||
"wireguard-peer.${materusArg.wireguard.pubKeys.valkyrie}" = {
|
||||
endpoint = "${materusArg.ips.valkyrie}:${materusArg.wireguard.port}";
|
||||
allowed-ips = "${materusArg.ip-masks.wireguard.general};";
|
||||
};
|
||||
ipv4 = {
|
||||
address1 = "${materusArg.ips.wireguard.materusPC}/23";
|
||||
dns = "${materusArg.ips.wireguard.valkyrie};";
|
||||
method = "manual";
|
||||
never-default = "true";
|
||||
};
|
||||
ipv6 = {
|
||||
addr-gen-mode = "stable-privacy";
|
||||
method = "disabled";
|
||||
};
|
||||
proxy = { };
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -1,59 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
valkyrie-sync = pkgs.writeShellScriptBin "valkyrie-sync" ''
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@valkyrie:/materus/config/ && \
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/valkyrie materus@valkyrie:/materus/config/private
|
||||
'';
|
||||
|
||||
valkyrie-flakelock = pkgs.writeShellScriptBin "valkyrie-flakelock" ''
|
||||
${pkgs.openssh}/bin/ssh materus@valkyrie "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
|
||||
--override-input home-manager github:nix-community/home-manager/release-23.05 \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
|
||||
valkyrie-rebuild-boot = pkgs.writeShellScriptBin "valkyrie-rebuild-boot" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild boot --flake /materus/config/nixos-config#valkyrie \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
valkyrie-rebuild-switch = pkgs.writeShellScriptBin "valkyrie-rebuild-switch" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild switch --flake /materus/config/nixos-config#valkyrie \
|
||||
--override-input private /materus/config/private/valkyrie/flake"
|
||||
'';
|
||||
|
||||
|
||||
|
||||
flamaster-sync = pkgs.writeShellScriptBin "flamaster-sync" ''
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@flamaster:/materus/config/ && \
|
||||
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/flamaster materus@flamaster:/materus/config/private
|
||||
'';
|
||||
|
||||
flamaster-flakelock = pkgs.writeShellScriptBin "flamaster-flakelock" ''
|
||||
${pkgs.openssh}/bin/ssh materus@flamaster "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
|
||||
--override-input home-manager github:nix-community/home-manager/release-23.05 \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
|
||||
flamaster-rebuild-boot = pkgs.writeShellScriptBin "flamaster-rebuild-boot" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild boot --flake /materus/config/nixos-config#flamaster \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
flamaster-rebuild-switch = pkgs.writeShellScriptBin "flamaster-rebuild-switch" ''
|
||||
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild switch --flake /materus/config/nixos-config#flamaster \
|
||||
--override-input private /materus/config/private/flamaster/flake"
|
||||
'';
|
||||
|
||||
|
||||
in
|
||||
{
|
||||
environment.systemPackages = [
|
||||
valkyrie-rebuild-boot
|
||||
valkyrie-rebuild-switch
|
||||
valkyrie-sync
|
||||
valkyrie-flakelock
|
||||
|
||||
flamaster-rebuild-boot
|
||||
flamaster-rebuild-switch
|
||||
flamaster-sync
|
||||
flamaster-flakelock
|
||||
];
|
||||
}
|
||||
@@ -1,27 +0,0 @@
|
||||
{ config, pkgs, lib, materusCfg, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
|
||||
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
|
||||
|
||||
sops.age.generateKey = false;
|
||||
sops.gnupg.home = null;
|
||||
sops.gnupg.sshKeyPaths = [ ];
|
||||
sops.age.sshKeyPaths = [ "/materus/root/ssh_host_ed25519_key" ];
|
||||
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
|
||||
sops.secrets."users/materus" = { neededForUsers = true; };
|
||||
sops.secrets.wireguard = { };
|
||||
|
||||
services.openssh.hostKeys = [
|
||||
{
|
||||
bits = 4096;
|
||||
path = "/materus/root/ssh_host_rsa_key";
|
||||
type = "rsa";
|
||||
}
|
||||
{
|
||||
path = "/materus/root/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}
|
||||
];
|
||||
}
|
||||
Binary file not shown.
@@ -1,36 +0,0 @@
|
||||
users:
|
||||
materus: ENC[AES256_GCM,data:okqSgMvdFq1BMAg+Gs725zaNbeAQIpJKSPB2Sa83i3EYimphZNBtrJLen+gQEGNq4yeTyAc9Ih/hcnr+3z+Tea/g9ffh/UC4YA==,iv:OhKoWLREAqCbtmS3Rw9nE9+PtcBLwEHimJXcj4oejRA=,tag:Ht/SQSwumnQR6E45Pl47AQ==,type:str]
|
||||
root: ENC[AES256_GCM,data:vnPjK+xayk/Zk895rERYAeCzpjv5NJ7EAyK4MRDUzDbW++4Dy+UEI81v1v7w9dfpDeL+x5kOqUFO5zVVDUGfZ3yf/l8M8N8KcA==,iv:gGFGcy3K27nQxn0+7I/t0kg3nZyXeGWqysOl2auZJXo=,tag:N+LYhKpPCbI1EjEBwxuh1g==,type:str]
|
||||
wireguard: ENC[AES256_GCM,data:rBkftzBcdamhP0xZB3qxfLptL8bX1qc7SdcfPNpYV67TeQs6i79+5KB/da4=,iv:22J5SZbFtYco7iSHvD2GD1bcazfGWlyEJ2isa3Ab4bI=,tag:BeUn9Srl2vyoDgK5Xv0UCg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1fq9ckkwtgvm69w045rf9pgurnhch6ukdxejr8yxgrthn7j8vp48qvd9rkx
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEbHZZUVF1dVJSU1NvNXVk
|
||||
N3VtTm00ZHRWb082T0FkNXJncUxCU3haVmpVCk9FQkJBZnVJVFNLOThjZzlxNVF1
|
||||
b0phQ2daejRrdVhEZ2YvRHVRRU5BQlEKLS0tIGdQeDlOSzl4VDhGNURQditCWUFG
|
||||
dWVzbzUyakxXUGpTQjNsYzcyVG1aRDgKXVa8tIAbmggw1vSt3NJYRLgXhbagpNrX
|
||||
RNXyndPaeQXVPVXuJWmHgRCYbwPTcfAFpGwFlX2IxVLlmC914Zklhw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-19T15:58:46Z"
|
||||
mac: ENC[AES256_GCM,data:BLa0G3ci8EWH43UkLI2OoFJp2F9YeuKDrg6+2I/bq/lLi/YUitkJvBkA9VSIbvCyYWs/5SlEL5MayX8iiVdJ7r9bCiw+LVsWNAdaYDCafbZRW5F7KiHS5WXV3v4c201kFok7rmnRhEfKfdDxLlQ/mFHqOhupHU/qCNMTuUzJBiA=,iv:EPRoXHVMB6I16lTFJdFVAuSnMD/B55fPYtSBOQddutE=,tag:gohg+BdRlMPAQmNpRdk8sg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-03-02T22:10:50Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hF4D5fSX77p80GYSAQdAvGVUu56Pd2+DMHqgIcJokyh11952nQK2eVtQNj42CAUw
|
||||
NQfulNRUHX5BonsLyvXPx74bVku6Wxr80loIWoz049/xbFj4S7FyftkakY8rOUGu
|
||||
1GgBCQIQOoEFvTQB8qGbea/85fktuljXPou/WgUY6Mxd4n0dBz54f69B/NttnBGc
|
||||
7eUDKfe79Omr0o/0CVC/6SGKoiS38suV903QHeF1MXFPeOG72k4TvfF9lVlBgK8H
|
||||
k4DXtzC7wm3WWg==
|
||||
=eh7Z
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 28D140BCA60B4FD1
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
@@ -1,183 +0,0 @@
|
||||
{ config, pkgs, materusArg, ... }:
|
||||
|
||||
{
|
||||
virtualisation.lxc.enable = true;
|
||||
virtualisation.lxc.lxcfs.enable = true;
|
||||
virtualisation.lxd.enable = true;
|
||||
|
||||
programs.gamemode.enable = true;
|
||||
|
||||
|
||||
|
||||
|
||||
services.teamviewer.enable = true;
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}"
|
||||
];
|
||||
|
||||
services.flatpak.enable = true;
|
||||
services.gvfs.enable = true;
|
||||
|
||||
|
||||
services.xserver.xkb.layout = "pl";
|
||||
|
||||
|
||||
services.xserver.enable = true;
|
||||
services.xserver.videoDrivers = [ "amdgpu" ];
|
||||
services.dbus.enable = true;
|
||||
services.dbus.packages = [ pkgs.gcr ];
|
||||
|
||||
|
||||
|
||||
services.xserver.displayManager.startx.enable = false;
|
||||
|
||||
xdg.portal.enable = true;
|
||||
xdg.portal.wlr.enable = true;
|
||||
xdg.portal.xdgOpenUsePortal = true;
|
||||
|
||||
services.xserver.exportConfiguration = true;
|
||||
services.xserver.extraConfig = pkgs.lib.mkDefault ''
|
||||
Section "OutputClass"
|
||||
Identifier "amd-options"
|
||||
Option "TearFree" "True"
|
||||
Option "SWCursor" "True"
|
||||
Option "VariableRefresh" "true"
|
||||
Option "AsyncFlipSecondaries" "true"
|
||||
Option "DRI3" "1"
|
||||
MatchDriver "amdgpu"
|
||||
EndSection
|
||||
|
||||
'';
|
||||
|
||||
|
||||
|
||||
|
||||
services.printing.enable = true;
|
||||
|
||||
|
||||
|
||||
|
||||
services.xserver.libinput.enable = true;
|
||||
|
||||
virtualisation.waydroid.enable = false;
|
||||
virtualisation.podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
dockerSocket.enable = true;
|
||||
};
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
users.users.materus = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"video"
|
||||
"render"
|
||||
"pipewire"
|
||||
"wheel"
|
||||
"networkmanager"
|
||||
"input"
|
||||
"kvm"
|
||||
"libvirt-qemu"
|
||||
"libvirt"
|
||||
"libvirtd"
|
||||
"podman"
|
||||
"lxd"
|
||||
];
|
||||
shell = pkgs.zsh;
|
||||
description = "Mateusz Słodkowicz";
|
||||
};
|
||||
|
||||
environment.sessionVariables = {
|
||||
XDG_CACHE_HOME = "\${HOME}/.cache";
|
||||
XDG_CONFIG_HOME = "\${HOME}/.config";
|
||||
XDG_BIN_HOME = "\${HOME}/.local/bin";
|
||||
XDG_DATA_HOME = "\${HOME}/.local/share";
|
||||
QT_XKB_CONFIG_ROOT = "\${XKB_CONFIG_ROOT}";
|
||||
GTK_IM_MODULE = "fcitx";
|
||||
QT_IM_MODULE = "fcitx";
|
||||
XMODIFIERS = "@im=fcitx";
|
||||
SDL_IM_MODULE = "fcitx";
|
||||
|
||||
|
||||
MOZ_USE_XINPUT2 = "1";
|
||||
PATH = [
|
||||
"\${XDG_BIN_HOME}"
|
||||
];
|
||||
};
|
||||
environment.shellInit = ''
|
||||
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:root &> /dev/null; fi;
|
||||
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:$USER &> /dev/null; fi;
|
||||
'';
|
||||
|
||||
i18n.inputMethod.enabled = "fcitx5";
|
||||
i18n.inputMethod.fcitx5.addons = [ pkgs.kdePackages.fcitx5-configtool pkgs.fcitx5-lua pkgs.fcitx5-mozc pkgs.fcitx5-gtk pkgs.kdePackages.fcitx5-qt ];
|
||||
|
||||
|
||||
|
||||
services.pcscd.enable = true;
|
||||
|
||||
services.samba-wsdd.enable = true;
|
||||
services.samba-wsdd.openFirewall = true;
|
||||
services.samba = {
|
||||
enable = true;
|
||||
package = pkgs.sambaFull;
|
||||
securityType = "user";
|
||||
openFirewall = true;
|
||||
extraConfig = ''
|
||||
workgroup = WORKGROUP
|
||||
server string = smbmaterus
|
||||
netbios name = smbmaterus
|
||||
security = user
|
||||
hosts allow = 192.168.122. 127.0.0.1 localhost
|
||||
hosts deny = 0.0.0.0/0
|
||||
guest account = nobody
|
||||
map to guest = bad user
|
||||
'';
|
||||
shares = {
|
||||
windows = {
|
||||
path = "/materus/data/VM/windows_shared";
|
||||
browseable = "yes";
|
||||
"read only" = "no";
|
||||
"guest ok" = "no";
|
||||
"create mask" = "0644";
|
||||
"directory mask" = "0755";
|
||||
"force user" = "materus";
|
||||
"force group" = "users";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = false;
|
||||
enableBrowserSocket = true;
|
||||
|
||||
};
|
||||
programs.ssh.startAgent = true;
|
||||
services.openssh.enable = true;
|
||||
|
||||
environment.enableAllTerminfo = true;
|
||||
environment.pathsToLink = [ "/share/zsh" "/share/bash-completion" "/share/fish" ];
|
||||
environment.shells = with pkgs; [ zsh bashInteractive fish ];
|
||||
programs = {
|
||||
fish.enable = true;
|
||||
java.enable = true;
|
||||
java.package = pkgs.graalvm-ce;
|
||||
java.binfmt = true;
|
||||
command-not-found.enable = false;
|
||||
dconf.enable = true;
|
||||
};
|
||||
|
||||
materus.profile.browser.enable = true;
|
||||
|
||||
|
||||
services.davfs2.enable = true;
|
||||
|
||||
|
||||
|
||||
}
|
||||
@@ -1,173 +0,0 @@
|
||||
{ config, pkgs, materusArg, ... }:
|
||||
let
|
||||
VM_UUID = "ad2632db-0da0-4204-98b3-0592a185ebd0";
|
||||
|
||||
startedHook = ''
|
||||
QEMU_PID=$(ps aux | grep qemu-system-x86_64 | grep "${VM_UUID}" | tr -s ' ' | cut -d " " -f 2)
|
||||
|
||||
for pid in $(cat /sys/fs/cgroup/cpu/machine.slice/machine-qemu*$1.scope/libvirt/vcpu*/tasks); do
|
||||
renice -n "-15" -p "$pid";
|
||||
done
|
||||
renice -n "-10" -p "$QEMU_PID";
|
||||
|
||||
echo "${materusArg.materusPC.hostCoresMask}" > /proc/irq/default_smp_affinity
|
||||
for irq in /proc/irq/[0-9]*/smp_affinity; do
|
||||
if [ $(cat $irq) = "${materusArg.materusPC.allCoresMask}" ]; then
|
||||
echo "${materusArg.materusPC.hostCoresMask}" > $irq 2> /dev/null
|
||||
fi;
|
||||
done;
|
||||
for irq in $(cat /proc/interrupts | grep vfio | cut -d ":" -f 1); do
|
||||
echo "${materusArg.materusPC.vmCoresMask}" > /proc/irq/$irq/smp_affinity;
|
||||
done
|
||||
|
||||
|
||||
'';
|
||||
startHook = /*''
|
||||
|
||||
|
||||
# Debugging
|
||||
exec 19>/home/materus/startlogfile
|
||||
BASH_XTRACEFD=19
|
||||
set -x
|
||||
|
||||
exec 3>&1 4>&2
|
||||
trap 'exec 2>&4 1>&3' 0 1 2 3
|
||||
exec 1>/home/materus/startlogfile.out 2>&1
|
||||
''
|
||||
+*/
|
||||
''
|
||||
# Make sure nothing renders on gpu to prevent "sysfs: cannot create duplicate filename" after rebinding to amdgpu
|
||||
chmod 0 /dev/dri/renderD128
|
||||
fuser -k /dev/dri/renderD128
|
||||
|
||||
# Seems to fix reset bug for 7900 XTX
|
||||
echo "0" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/d3cold_allowed"
|
||||
|
||||
systemctl stop windows-share-mount.service
|
||||
|
||||
|
||||
echo ''$VIRSH_GPU_VIDEO > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/driver/unbind"
|
||||
echo ''$VIRSH_GPU_AUDIO > "/sys/bus/pci/devices/''${VIRSH_GPU_AUDIO}/driver/unbind"
|
||||
|
||||
sleep 1s
|
||||
|
||||
echo "15" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource0_resize"
|
||||
echo "8" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource2_resize"
|
||||
|
||||
sync
|
||||
echo "3" > /proc/sys/vm/drop_caches
|
||||
sync
|
||||
echo "1" > /proc/sys/vm/compact_memory
|
||||
|
||||
|
||||
|
||||
systemctl set-property --runtime -- user.slice AllowedCPUs=${materusArg.materusPC.hostCores}
|
||||
systemctl set-property --runtime -- system.slice AllowedCPUs=${materusArg.materusPC.hostCores}
|
||||
systemctl set-property --runtime -- init.scope AllowedCPUs=${materusArg.materusPC.hostCores}
|
||||
echo "${materusArg.materusPC.hostCoresMask}" > /sys/bus/workqueue/devices/writeback/cpumask
|
||||
echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
|
||||
|
||||
sysctl vm.stat_interval=120
|
||||
sysctl -w kernel.watchdog=0
|
||||
|
||||
|
||||
'';
|
||||
stopHook = ''
|
||||
|
||||
# Debugging
|
||||
# exec 19>/home/materus/stoplogfile
|
||||
# BASH_XTRACEFD=19
|
||||
# set -x
|
||||
|
||||
# exec 3>&1 4>&2
|
||||
# trap 'exec 2>&4 1>&3' 0 1 2 3
|
||||
# exec 1>/home/materus/stoplogfile.out 2>&1
|
||||
|
||||
|
||||
|
||||
sleep 1s
|
||||
echo ''$VIRSH_GPU_VIDEO > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/driver/unbind"
|
||||
echo ''$VIRSH_GPU_AUDIO > "/sys/bus/pci/devices/''${VIRSH_GPU_AUDIO}/driver/unbind"
|
||||
|
||||
|
||||
|
||||
|
||||
echo "15" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource0_resize"
|
||||
echo "8" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/resource2_resize"
|
||||
echo "1" > "/sys/bus/pci/devices/''${VIRSH_GPU_VIDEO}/d3cold_allowed"
|
||||
|
||||
|
||||
echo ''$VIRSH_GPU_VIDEO > /sys/bus/pci/drivers/amdgpu/bind
|
||||
echo ''$VIRSH_GPU_AUDIO > /sys/bus/pci/drivers/snd_hda_intel/bind
|
||||
|
||||
|
||||
systemctl start windows-share-mount.service
|
||||
|
||||
systemctl set-property --runtime -- user.slice AllowedCPUs=${materusArg.materusPC.allCores}
|
||||
systemctl set-property --runtime -- system.slice AllowedCPUs=${materusArg.materusPC.allCores}
|
||||
systemctl set-property --runtime -- init.scope AllowedCPUs=${materusArg.materusPC.allCores}
|
||||
echo "${materusArg.materusPC.allCoresMask}" > /sys/bus/workqueue/devices/writeback/cpumask
|
||||
echo powersave | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
|
||||
|
||||
sysctl vm.stat_interval=1
|
||||
sysctl -w kernel.watchdog=1
|
||||
echo "${materusArg.materusPC.allCoresMask}" > /proc/irq/default_smp_affinity
|
||||
for irq in /proc/irq/[0-9]*/smp_affinity; do
|
||||
if [ $(cat $irq) = "${materusArg.materusPC.hostCoresMask}" ] || [ $(cat $irq) = "${materusArg.materusPC.vmCoresMask}" ]; then
|
||||
echo "${materusArg.materusPC.allCoresMask}" > $irq 2> /dev/null
|
||||
fi;
|
||||
done;
|
||||
|
||||
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
virtualisation.libvirtd.hooks.qemu = {
|
||||
"win10" = pkgs.writeShellScript "win10.sh" ''
|
||||
VIRSH_GPU_VIDEO="0000:03:00.0"
|
||||
VIRSH_GPU_AUDIO="0000:03:00.1"
|
||||
VIRSH_USB1="0000:10:00.0"
|
||||
|
||||
if [ ''$1 = "win10" ] || [ ''$1 = "win11" ]; then
|
||||
if [ ''$2 = "prepare" ] && [ ''$3 = "begin" ]; then
|
||||
${startHook}
|
||||
fi
|
||||
|
||||
if [ ''$2 = "started" ] && [ ''$3 = "begin" ]; then
|
||||
${startedHook}
|
||||
fi
|
||||
|
||||
if [ ''$2 = "release" ] && [ ''$3 = "end" ]; then
|
||||
${stopHook}
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.services.windows-share-mount = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ config.virtualisation.libvirtd.qemu.package pkgs.util-linux pkgs.kmod pkgs.coreutils ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
script = ''
|
||||
|
||||
losetup -P /dev/loop6 /materus/data/VM/data.raw
|
||||
mount /dev/loop6p1 /materus/data/Windows -o uid=1000,gid=100
|
||||
'';
|
||||
preStop = ''
|
||||
umount -lf /materus/data/Windows
|
||||
losetup -d /dev/loop6
|
||||
'';
|
||||
};
|
||||
}
|
||||
@@ -1,17 +0,0 @@
|
||||
{ ... }:
|
||||
{
|
||||
home.stateVersion = "23.05";
|
||||
home.homeDirectory = "/home/materus";
|
||||
materus.profile = {
|
||||
fonts.enable = false;
|
||||
nixpkgs.enable = false;
|
||||
enableDesktop = false;
|
||||
enableTerminal = false;
|
||||
enableTerminalExtra = false;
|
||||
enableNixDevel = false;
|
||||
|
||||
fish.enable = false;
|
||||
bash.enable = true;
|
||||
zsh.enable = true;
|
||||
};
|
||||
}
|
||||
@@ -1,35 +0,0 @@
|
||||
{ materusCfg, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
|
||||
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
|
||||
|
||||
sops.age.generateKey = false;
|
||||
sops.gnupg.home = null;
|
||||
sops.gnupg.sshKeyPaths = [ ];
|
||||
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
|
||||
|
||||
sops.secrets.wireguard = { };
|
||||
sops.secrets.discord-token = {};
|
||||
sops.secrets.spotify-client-id = {};
|
||||
sops.secrets.spotify-client-secret = {};
|
||||
sops.secrets.youtube-api = {};
|
||||
sops.secrets.certs = {};
|
||||
sops.secrets.steamladder-api = {};
|
||||
sops.secrets.webarchive-accesskey = {};
|
||||
sops.secrets.webarchive-secretkey = {};
|
||||
|
||||
services.openssh.hostKeys = [
|
||||
{
|
||||
bits = 4096;
|
||||
path = "/materus/root/ssh_host_rsa_key";
|
||||
type = "rsa";
|
||||
}
|
||||
{
|
||||
path = "/materus/root/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}
|
||||
];
|
||||
|
||||
}
|
||||
Binary file not shown.
Binary file not shown.
@@ -1,41 +0,0 @@
|
||||
wireguard: ENC[AES256_GCM,data:i98U0ugxbNqWNuKR8u+mdWoSMLViHXfsWRBS1lvjb+hgGxveyzjBcagBIeY=,iv:/hF9oH2R6NSeHT/UQTlbmtx+gPX/3CJOLPNnxrzsY/g=,tag:2ub5w8uH2O1B2hoku8Kowg==,type:str]
|
||||
discord-token: ENC[AES256_GCM,data:JQ/6MJvBlJpKzs/L0hFB1LPpQSfJvDdEB6YerVZyDqGo7plA0S5wORACgA88Dei1x1NGsXhYtiwT4vE9jjeCOlWXZdl1mA==,iv:BsDu1De0qLX/8VDiZ5co1q1LXxkz/Som9+hvm/67/xU=,tag:YO0wQNF3/AXbifpeAa935Q==,type:str]
|
||||
spotify-client-id: ENC[AES256_GCM,data:WK7CJGw6mtIG3Jfp59cWx3ool4z1P09TvHcpbOQ2JV0=,iv:EaJ5ecXdmx0Ky+43xZITM811IOo4EisvPSyogXrJXng=,tag:NYTI4vLsWGa695CJ+TIgbw==,type:str]
|
||||
spotify-client-secret: ENC[AES256_GCM,data:TnR+zLLklTfzMdR4woaZWuMVJQ9VIYsFM588GRO6WCY=,iv:cYiqw8ZdMgLeug4ptwPV3L+MeY6xIldfUBfiYg1mFD8=,tag:YDLh6BXFcBHnpdgM7e87wg==,type:str]
|
||||
youtube-api: ENC[AES256_GCM,data:qmpFlFvudS9rXQfN+Th/UrPWCW0mg5GkpMucS/01AmOnlChqtojC,iv:q3bKwI2I6BNa3L9ezKCE1fWT/vZLiJ8uzug1z2z+TWA=,tag:gKG3HTz8jp2LAFh8e8O6sg==,type:str]
|
||||
steamladder-api: ENC[AES256_GCM,data:m30o5atqugwqn/WbXGkUq5GvqiIKQT0kSRQCtHc1Gxk/dC3YcbDvMw==,iv:duLKl1NvysD0XMaUOkl/6nclMQB6seXcQYkGMrm7K7Y=,tag:9dw+UH10uAdca5fVdlw1Mg==,type:str]
|
||||
webarchive-accesskey: ENC[AES256_GCM,data:jdKlHsZq2Dkk1BcBfUVv5g==,iv:BXCgPb/2W57PYXxRktInz1LxSEwlw6m3xnQU4TOPMeY=,tag:kK4+InaH7K4D4n1hyGaR+w==,type:str]
|
||||
webarchive-secretkey: ENC[AES256_GCM,data:nuA9G5dNtrNfbcx0G/GUTg==,iv:RRuTm4kZr5dNjBt9Zvk/NVefHCZYODmRvWAqZizKGJY=,tag:J2V0Q3BzXNWifVVvAkwYyg==,type:str]
|
||||
certs: ENC[AES256_GCM,data:ttmSNTTx51a3L2HTC8RnSphDLHO2OSyIgXQ0YpZGySTdu69mgEyhaiSi+IAXg/1AHKRjpFJgE4fhsLAiW78pNYb+Zg7aDL47YtABO99sTZrZnBxZo6k6itpZ3oClDch2ZALzoXChLroc0tUbZKwsfOwGe3pw9lOJZJT34AhV+BVoXDDLQcpQoxz23Baa8oxklecT6wpJ1u1nW+aAHw33gm41Vw==,iv:b0aNZwaRKBg+ipe5+19BowyFbCjZt52S738om6emYGo=,tag:lUqtcc4vVWKx/fnc19vj7A==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1wscr6kv8393wv0fjaux8juplaxq55znlzrp62qyteq0fauu3yg0s7d7k98
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSRXNLdUZaVU13alNhVGgz
|
||||
aXdMb3IzNjNQcHJFV2JLNVM2SUVBa3VNZlRFCkxxd21CTWVDUkVXbzR6ZEkxbm5J
|
||||
VGorSkp6a2xSdHRHcFk5T3VYVlJJa0UKLS0tIE1WdHo5eTlpNEEyN25oSjk1KzdS
|
||||
d2dMUUh1RDB3UnpEdFJsNHpQRXFWemMKc41dlOapTsvH91QLNhdPbrzerPFakOiX
|
||||
J/uoZDMIhsmQxgQM7Fqxr05NywhI/ZjOtJS2bayp73O57xjjMYcyNQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-05T22:42:16Z"
|
||||
mac: ENC[AES256_GCM,data:KSRGzHipb58uNYaRYXAy3y+D9cBG53RGxZpNrx2gy+CHbGtkUW1SWc4PPrBwBhb6+TN0vb1zHuOB4HK4Bys/jqmvGgVkO2VKj15MTFMpF5n6w0blFM7d5bCDydHAhvXEZA/PFWq97DTI1Zxb+N/HWJlefKCzYOHHWj7i4leKNjk=,iv:88Ekp0sjEo5UTBLUyYSrkP+MbIFcCmegclJIK3+0jOQ=,tag:H/ESeQhC1PEF00RiDnamyw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-03-21T22:55:36Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hF4D5fSX77p80GYSAQdA667A9P/3ktuS2iEjxkv3aYMAGSu0oPGIX7dsC23VVgkw
|
||||
OmcwhXxBnipcG+izbtNylXz5VonyyKHwdR2QIgkt9FEuC8lI17GHVyogTCFiP7Dj
|
||||
1GgBCQIQN4EqFdiXqzJUeeE+PdOzVPs+1kStz+S1H22NjrJAFv67cbyIgwpItuXD
|
||||
Sfao+MU1HWDY4iKZrcfWArUgpQj/pvsmUeJ72iXD3bkTTrK61g3GZA+g9lFewl/B
|
||||
SORJMu9btS4GAw==
|
||||
=aBMP
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 28D140BCA60B4FD1
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
@@ -1,38 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
{
|
||||
options.valkyrieService.dcbot.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable dcbot";
|
||||
|
||||
|
||||
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.valkyrieService.dcbot;
|
||||
in
|
||||
lib.mkIf cfg.enable {
|
||||
sops.templates."dcbot.env".content = ''
|
||||
TOKEN=${config.sops.placeholder.discord-token}
|
||||
MAX_PLAYLIST_SIZE=100
|
||||
PRUNING=false
|
||||
LOCALE=pl
|
||||
DEFAULT_VOLUME=100
|
||||
STAY_TIME=30
|
||||
'';
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/lib/muse 0776 root root -"
|
||||
];
|
||||
|
||||
virtualisation.oci-containers.containers.dcbot = {
|
||||
image = "eritislami/evobot:latest";
|
||||
volumes = [
|
||||
];
|
||||
environmentFiles = [
|
||||
config.sops.templates."dcbot.env".path
|
||||
];
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
@@ -1,10 +0,0 @@
|
||||
{ config, pkgs, materusCfg, ... }:
|
||||
{
|
||||
|
||||
imports = [
|
||||
materusCfg.configInputs.nixos-hardware.nixosModules.raspberry-pi-4
|
||||
./configuration.nix
|
||||
./secrets
|
||||
./services
|
||||
];
|
||||
}
|
||||
@@ -1,17 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
home.stateVersion = "23.11";
|
||||
home.homeDirectory = "/home/materus";
|
||||
materus.profile = {
|
||||
fonts.enable = false;
|
||||
nixpkgs.enable = false;
|
||||
enableDesktop = false;
|
||||
enableTerminal = false;
|
||||
enableTerminalExtra = false;
|
||||
enableNixDevel = false;
|
||||
|
||||
fish.enable = false;
|
||||
bash.enable = true;
|
||||
zsh.enable = true;
|
||||
};
|
||||
}
|
||||
@@ -1,28 +0,0 @@
|
||||
{ materusCfg, ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
|
||||
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
|
||||
|
||||
sops.age.generateKey = false;
|
||||
sops.gnupg.home = null;
|
||||
sops.gnupg.sshKeyPaths = [ ];
|
||||
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
|
||||
|
||||
services.openssh.hostKeys = [
|
||||
{
|
||||
bits = 4096;
|
||||
path = "/materus/root/ssh_host_rsa_key";
|
||||
type = "rsa";
|
||||
}
|
||||
{
|
||||
path = "/materus/root/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}
|
||||
];
|
||||
sops.secrets.wireguard = { };
|
||||
sops.secrets."users/materus" = { neededForUsers = true; };
|
||||
sops.secrets.elements = { };
|
||||
sops.secrets.nextcloud-adminpass = { };
|
||||
}
|
||||
Binary file not shown.
@@ -1,37 +0,0 @@
|
||||
wireguard: ENC[AES256_GCM,data:QLngCAtEa6wfRRrZwywbARhsS1oGj9+hGTlC1QV6xnRmlZLorAoftGb8jTg=,iv:rNbE0tfJKTjo0pPwfw3oKxOZmSO9PGgW/xDo9zi8lCU=,tag:ZT4mfXaToiR6SjzOwSz4HA==,type:str]
|
||||
nextcloud-adminpass: ENC[AES256_GCM,data:5vohRPEcJJ8gIRro38O73ufSYYEp1DXpBgjCPdPnMcg=,iv:STh3k5wUwx3AfSDTPCXhuXbPb3d+Vi1cAaQN2a9eW1w=,tag:Ef/Z2Idvl6575Jvs2GDJ8A==,type:str]
|
||||
elements: ENC[AES256_GCM,data:Kh6ueReXpj9h5yQ3P0qY8X1ow4RRZD9zyXZLS6DUIIVuthgqgu9dPzBc7ojnz6nXoYTHt1I2LJJKLOGQYZC+iVxXOk+QADJMPwY4NCyeZ3prgvYMghlD,iv:WFA/UQ0XDFjpbgaDEacrBxkteLitXv3CJP54ANVSJHM=,tag:M+tTpTR0alvQxvUiP2MWlA==,type:str]
|
||||
users:
|
||||
materus: ENC[AES256_GCM,data:MhPrMJ4/0oxEsFZDUKcYb3WMUWLI2ZbRTgnh1fQZG1Ly2J781jcUWtA8vVAdMBedNfWky0mDq5+KEQ/2fJNGU4IkTBvLdAqnWw==,iv:Dpl+M+x1weNIVkEsf3I/uXpG0SM6bDz+d9w7AYwn/MY=,tag:yGc1D2ODp6Te/QAztOj7yA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1j34lqh0z6ak2c94n564wgyjeykn9srma34f5e5e7xvf498fwk3rqxvwx0l
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvejRrcGVwZHNkTVB5dkYr
|
||||
RnhVVjNEblFVd0xXSStqdjFhWVVNS3ljUTNZCnBFVmRRVVVENGhJUVg2L1lSM1NO
|
||||
dkQydVhOaFVxd0p0aFhVcmp6eXdGeVEKLS0tIFIvRDlvZDdsbm1USEZUZ3FYMmla
|
||||
eFN4VVdUMkVjcTVWNFdLM0xtbExLdncK6LYUufWzIcd2jFyEeZDypo0xkJQ4z91F
|
||||
ULyGxJLLWl6/inYXtxHNdxIIPfwW+5yppBAbXaOgvABi1E7tf1JZcA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-12T11:21:33Z"
|
||||
mac: ENC[AES256_GCM,data:TbWjHvrJAB55AjFsbOK/IPb7v4wzqL2JGLvnNTr+ah/c2brdlq6DWeAF2+HA3FpLRt2a0MajwMTCsconoe8hW6Am/WO0FJBoYlneLAl/RlAv7BYfyorTD/Vyp9am7ml5T3f2pdYdsw1k/5RSn1ulUg43vSgi5es5Co8CtzC5hPE=,iv:+V48Azrr9yArwqNi3POYh7QaRMfUreCf7Bmv7kjV9qo=,tag:HDcMMCnyfVQRHTQJZB0R3Q==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-03-21T18:15:00Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hF4D5fSX77p80GYSAQdAWetrf0jhs/b9qcQc4b21+PJUPdSjk372BjokfwJ2oXQw
|
||||
4LaIaNB3LRmY4FF3UOqk28NwkwBw6n0AzYKC/k1G4ntaNBMI9eDtFJ1c1+KkxSl2
|
||||
1GYBCQIQMCKcu2aBEMiIGOyG08vcRW2T23DUAfTQqQdRKD/SgSTqAZLSICVJ91xU
|
||||
TBsdiPBKO2cRDfPc7DlVLbPNe/SUqVUX9N4GTGPUocXc1s6lvgx3NBP5cGoSNx+A
|
||||
xCmXl373IDc=
|
||||
=uSyc
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 28D140BCA60B4FD1
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
@@ -1,63 +0,0 @@
|
||||
{ config, materusArg, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.waffentragerService.auth;
|
||||
in
|
||||
{
|
||||
options.waffentragerService.auth.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable auth";
|
||||
imports =
|
||||
[
|
||||
./samba.nix
|
||||
];
|
||||
config = lib.mkIf cfg.enable
|
||||
{
|
||||
waffentragerService.elements.enable = true;
|
||||
waffentragerService.nginx.enable = true;
|
||||
|
||||
|
||||
security.acme.defaults.credentialsFile = config.sops.secrets.certs.path;
|
||||
|
||||
systemd.services.resolvconf.enable = false;
|
||||
networking.hosts = {
|
||||
"${materusArg.ips.wireguard.waffentrager}" = [
|
||||
materusArg.waffentrager.samba.domain
|
||||
"${materusArg.waffentrager.samba.netbiosName}.${materusArg.waffentrager.samba.domain}"
|
||||
materusArg.waffentrager.samba.netbiosName
|
||||
];
|
||||
};
|
||||
environment.etc = {
|
||||
resolvconf = {
|
||||
text = ''
|
||||
search ${materusArg.waffentrager.samba.domain}
|
||||
nameserver ${materusArg.waffentrager.samba.dnsIp}
|
||||
nameserver 9.9.9.9
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
systemd.timers.rsync-acme = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnBootSec = "1min";
|
||||
OnUnitActiveSec = "1h";
|
||||
Unit = "rsync-acme.service";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.rsync-acme = {
|
||||
description = "Sync acme for samba";
|
||||
path = [ pkgs.rsync ];
|
||||
requires = [ "var-lib-mnt_acme.mount" ];
|
||||
after = [ "var-lib-mnt_acme.mount" ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = false;
|
||||
script = ''
|
||||
rsync -avzr --chmod=0600 --chown=root:root /var/lib/mnt_acme/${materusArg.waffentrager.samba.domain}/key.pem ${materusArg.waffentrager.samba.servicePath}/tls/
|
||||
rsync -avzr --chmod=0640 --chown=root:root /var/lib/mnt_acme/${materusArg.waffentrager.samba.domain}/chain.pem ${materusArg.waffentrager.samba.servicePath}/tls/
|
||||
rsync -avzr --chmod=0640 --chown=root:root /var/lib/mnt_acme/${materusArg.waffentrager.samba.domain}/fullchain.pem ${materusArg.waffentrager.samba.servicePath}/tls/
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
|
||||
};
|
||||
}
|
||||
@@ -1,91 +0,0 @@
|
||||
{ materusArg, config, lib, pkgs, ... }:
|
||||
{
|
||||
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.waffentragerService.auth;
|
||||
sambaCfg = config.services.samba;
|
||||
servicePath = materusArg.waffentrager.samba.servicePath;
|
||||
smbToString = x:
|
||||
if builtins.typeOf x == "bool"
|
||||
then lib.boolToString x
|
||||
else builtins.toString x;
|
||||
shareConfig = name:
|
||||
let share = lib.getAttr name cfg.shares; in
|
||||
"[${name}]\n " + (smbToString (
|
||||
map
|
||||
(key: "${key} = ${smbToString (lib.getAttr key share)}\n")
|
||||
(lib.attrNames share)
|
||||
));
|
||||
in
|
||||
lib.mkIf cfg.enable {
|
||||
|
||||
systemd.services.samba-smbd.enable = false;
|
||||
systemd.services.samba = {
|
||||
description = "Samba Service Daemon";
|
||||
requires = [ "rsync-acme.service" ];
|
||||
after = [ "rsync-acme.service" ];
|
||||
requiredBy = [ "samba.target" ];
|
||||
partOf = [ "samba.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.samba4Full}/sbin/samba --foreground --no-process-group";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
LimitNOFILE = 16384;
|
||||
PIDFile = "/run/samba.pid";
|
||||
Type = "notify";
|
||||
NotifyAccess = "all";
|
||||
};
|
||||
unitConfig.RequiresMountsFor = servicePath;
|
||||
};
|
||||
# https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage
|
||||
networking.firewall.allowedTCPPorts = [ 139 445 389 88 53 464 636 3268];
|
||||
networking.firewall.allowedUDPPorts = [ 135 137 138 389 88 53 123 464];
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${servicePath}/tls/ 0600 root 3000000 -"
|
||||
"d ${servicePath}/private/ 0600 root 3000000 -"
|
||||
"d ${servicePath}/lock/ 0600 root 3000000 -"
|
||||
"d ${servicePath}/cache/ 0600 root 3000000 -"
|
||||
];
|
||||
services.samba = {
|
||||
enable = true;
|
||||
enableNmbd = false;
|
||||
enableWinbindd = false;
|
||||
package = pkgs.samba4Full;
|
||||
configText = ''
|
||||
# Global parameters
|
||||
[global]
|
||||
dns forwarder = ${materusArg.waffentrager.samba.dnsIp}
|
||||
netbios name = ${materusArg.waffentrager.samba.netbiosName}
|
||||
realm = ${lib.toUpper materusArg.waffentrager.samba.domain}
|
||||
server role = active directory domain controller
|
||||
workgroup = ${materusArg.waffentrager.samba.workgroup}
|
||||
idmap_ldb:use rfc2307 = yes
|
||||
ldap server require strong auth = yes
|
||||
private dir = ${servicePath}/private
|
||||
lock dir = ${servicePath}/lock
|
||||
state directory = ${servicePath}/lock
|
||||
cache directory = ${servicePath}/cache
|
||||
tls enabled = yes
|
||||
tls keyfile = ${servicePath}/tls/key.pem
|
||||
tls certfile = ${servicePath}/tls/fullchain.pem
|
||||
tls cafile = ${servicePath}/tls/chain.pem
|
||||
|
||||
[sysvol]
|
||||
path = ${servicePath}/sysvol
|
||||
read only = No
|
||||
|
||||
[netlogon]
|
||||
path = ${servicePath}/sysvol/${materusArg.waffentrager.samba.domain}/scripts
|
||||
read only = No
|
||||
|
||||
|
||||
${sambaCfg.extraConfig}
|
||||
|
||||
${smbToString (map shareConfig (lib.attrNames sambaCfg.shares))}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,20 +0,0 @@
|
||||
{ ... }:
|
||||
{
|
||||
imports =
|
||||
[
|
||||
./elements.nix
|
||||
./postgresql.nix
|
||||
./mount-acme.nix
|
||||
./gitea.nix
|
||||
./nginx.nix
|
||||
./nextcloud.nix
|
||||
./auth
|
||||
];
|
||||
waffentragerService.elements.enable = true;
|
||||
waffentragerService.postgresql.enable = true;
|
||||
waffentragerService.mount-acme.enable = true;
|
||||
waffentragerService.gitea.enable = true;
|
||||
waffentragerService.nginx.enable = true;
|
||||
waffentragerService.nextcloud.enable = true;
|
||||
waffentragerService.auth.enable = true;
|
||||
}
|
||||
@@ -1,20 +0,0 @@
|
||||
{ materusArg, config, lib, pkgs, ... }:
|
||||
{
|
||||
options.waffentragerService.mount-acme.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable mount-acme";
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.waffentragerService.mount-acme;
|
||||
in
|
||||
lib.mkIf cfg.enable {
|
||||
environment.systemPackages = with pkgs; [ sshfs ];
|
||||
systemd.mounts = [{
|
||||
description = "Mount remote acme dir from valkyrie";
|
||||
what = "acme@valkyrie:/var/lib/acme";
|
||||
where = "/var/lib/mnt_acme";
|
||||
type = "fuse.sshfs";
|
||||
options = "reconnect,gid=${builtins.toString config.ids.gids.nginx},_netdev,rw,nosuid,allow_other,default_permissions,follow_symlinks,idmap=user,compression=yes,identityfile=/materus/root/ssh_host_ed25519_key";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
}];
|
||||
};
|
||||
}
|
||||
@@ -1,26 +0,0 @@
|
||||
{ config, pkgs, lib, materusCfg, ... }:
|
||||
let
|
||||
materusArg = {
|
||||
pkgs = (import materusCfg.nixerus { inherit pkgs; }) //
|
||||
(if pkgs.system == "x86_64-linux" then { i686Linux = import materusCfg.nixerus { pkgs = pkgs.pkgsi686Linux; }; } else { });
|
||||
cfg = materusCfg;
|
||||
};
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./nixpkgs.nix
|
||||
./packages
|
||||
./private
|
||||
];
|
||||
options.materus.materusArg = lib.mkOption { default = { }; };
|
||||
config._module.args.materusArg = config.materus.materusArg // materusArg;
|
||||
config.assertions = [
|
||||
{
|
||||
assertion = materusCfg.materusFlake.decrypted;
|
||||
message = "Repository not decrypted, use crypt.sh to decrypt";
|
||||
}
|
||||
];
|
||||
|
||||
|
||||
|
||||
}
|
||||
@@ -1,91 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, materusCfg, ... }:
|
||||
let
|
||||
mkBoolOpt = default: description: lib.mkOption {
|
||||
inherit default;
|
||||
inherit description;
|
||||
type = lib.types.bool;
|
||||
example = true;
|
||||
};
|
||||
|
||||
cfg = config.materus.profile.nixpkgs;
|
||||
in
|
||||
{
|
||||
options.materus.profile.nixpkgs.enable = mkBoolOpt false "Enable materus nixpkgs config";
|
||||
options.materus.profile.nixpkgs.enableOverlays = mkBoolOpt (cfg.enable) "Enable materus overlays";
|
||||
options.materus.profile.nix.enableRegistry = mkBoolOpt (!materusCfg.isHm) "Enable materus nix registry";
|
||||
|
||||
config.nixpkgs.config = lib.mkIf cfg.enable {
|
||||
allowUnfree = lib.mkDefault true;
|
||||
joypixels.acceptLicense = lib.mkDefault true;
|
||||
};
|
||||
config.nixpkgs.overlays = lib.mkIf cfg.enableOverlays [ materusArg.cfg.configInputs.emacs-overlay.overlay ];
|
||||
|
||||
config.nix.package = lib.mkDefault pkgs.nixUnstable;
|
||||
config.nix.registry = lib.mkIf config.materus.profile.nix.enableRegistry {
|
||||
nixpkgs-stable = {
|
||||
from = { type = "indirect"; id = "nixpkgs-stable"; };
|
||||
flake = materusCfg.materusFlake.inputs.nixpkgs-stable;
|
||||
};
|
||||
nixpkgs-unstable = {
|
||||
from = { type = "indirect"; id = "nixpkgs-unstable"; };
|
||||
flake = materusCfg.materusFlake.inputs.nixpkgs;
|
||||
};
|
||||
|
||||
nixpkgs = {
|
||||
from = { type = "indirect"; id = "nixpkgs"; };
|
||||
flake = materusCfg.configInputs.nixpkgs;
|
||||
};
|
||||
|
||||
emacs-overlay = {
|
||||
from = { type = "indirect"; id = "emacs-overlay"; };
|
||||
flake = materusCfg.configInputs.emacs-overlay;
|
||||
};
|
||||
|
||||
flake-utils = {
|
||||
from = { type = "indirect"; id = "flake-utils"; };
|
||||
flake = materusCfg.configInputs.flake-utils;
|
||||
};
|
||||
|
||||
nixos-hardware = {
|
||||
from = { type = "indirect"; id = "nixos-hardware"; };
|
||||
flake = materusCfg.configInputs.nixos-hardware;
|
||||
};
|
||||
|
||||
nixerus = {
|
||||
from = { type = "indirect"; id = "nixerus"; };
|
||||
flake = materusCfg.configInputs.nixerus;
|
||||
};
|
||||
|
||||
devshell = {
|
||||
from = { type = "indirect"; id = "devshell"; };
|
||||
flake = materusCfg.configInputs.devshell;
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
from = { type = "indirect"; id = "home-manager"; };
|
||||
flake = materusCfg.configInputs.home-manager;
|
||||
};
|
||||
|
||||
sops-nix = {
|
||||
from = { type = "indirect"; id = "sops-nix"; };
|
||||
flake = materusCfg.configInputs.sops-nix;
|
||||
};
|
||||
|
||||
base16 = {
|
||||
from = { type = "indirect"; id = "base16"; };
|
||||
flake = materusCfg.configInputs.base16;
|
||||
};
|
||||
|
||||
git-agecrypt = {
|
||||
from = { type = "indirect"; id = "git-agecrypt"; };
|
||||
flake = materusCfg.configInputs.git-agecrypt;
|
||||
};
|
||||
|
||||
nur = {
|
||||
from = { type = "indirect"; id = "nur"; };
|
||||
flake = materusCfg.configInputs.nur;
|
||||
};
|
||||
|
||||
|
||||
};
|
||||
}
|
||||
@@ -1,53 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
with materusArg.pkgs.lib;
|
||||
{
|
||||
imports = [
|
||||
./fonts.nix
|
||||
];
|
||||
|
||||
#Single Packages
|
||||
options.materus.profile.packages.home-manager = mkPrivateVar materusArg.cfg.configInputs.home-manager.packages.${pkgs.system}.home-manager;
|
||||
options.materus.profile.packages.firefox = mkPrivateVar (pkgs.firefox.override {
|
||||
nativeMessagingHosts = [
|
||||
pkgs.plasma-browser-integration
|
||||
];
|
||||
});
|
||||
|
||||
#Package Lists
|
||||
options.materus.profile.packages.list.nixRelated = mkPrivateVar (with pkgs; [
|
||||
nix-prefetch
|
||||
nix-prefetch-scripts
|
||||
nix-prefetch-github
|
||||
nix-prefetch-docker
|
||||
nixfmt
|
||||
nix-top
|
||||
nix-tree
|
||||
nix-diff
|
||||
nix-ld
|
||||
nil
|
||||
nixpkgs-fmt
|
||||
nixpkgs-review
|
||||
]);
|
||||
|
||||
options.materus.profile.packages.list.desktopApps = mkPrivateVar (with pkgs; [
|
||||
(discord.override { nss = nss_latest; withOpenASAR = true; withTTS = true; })
|
||||
tdesktop
|
||||
mpv
|
||||
ani-cli
|
||||
obsidian
|
||||
nextcloud-client
|
||||
spotify
|
||||
thunderbird
|
||||
keepassxc
|
||||
(aspellWithDicts (ds: with ds; [ en en-computers en-science pl ]))
|
||||
onlyoffice-bin
|
||||
]);
|
||||
|
||||
options.materus.profile.packages.list.terminalApps = mkPrivateVar (with pkgs; [
|
||||
neofetch
|
||||
ripgrep
|
||||
fd
|
||||
]);
|
||||
|
||||
}
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
defaultFonts = [
|
||||
pkgs.dejavu_fonts
|
||||
pkgs.freefont_ttf
|
||||
pkgs.gyre-fonts
|
||||
pkgs.liberation_ttf
|
||||
pkgs.unifont
|
||||
];
|
||||
fonts = [
|
||||
pkgs.noto-fonts
|
||||
pkgs.noto-fonts-extra
|
||||
pkgs.noto-fonts-emoji
|
||||
pkgs.noto-fonts-cjk-sans
|
||||
pkgs.noto-fonts-cjk-serif
|
||||
pkgs.wqy_zenhei
|
||||
pkgs.corefonts
|
||||
pkgs.hack-font
|
||||
(pkgs.nerdfonts.override { fonts = [ "Hack" ]; })
|
||||
|
||||
] ++ defaultFonts;
|
||||
|
||||
moreFonts = [
|
||||
pkgs.ubuntu_font_family
|
||||
pkgs.monocraft
|
||||
(pkgs.nerdfonts.override { fonts = [ "DroidSansMono" "Meslo" "ProFont" "FiraCode"]; })
|
||||
];
|
||||
in
|
||||
{
|
||||
|
||||
options.materus.profile.packages.list.fonts = lib.mkOption { default = fonts; readOnly = true; visible = false; };
|
||||
options.materus.profile.packages.list.moreFonts = lib.mkOption { default = moreFonts; readOnly = true; visible = false; };
|
||||
|
||||
}
|
||||
Binary file not shown.
@@ -1,16 +0,0 @@
|
||||
{
|
||||
osProfile = {
|
||||
imports = [
|
||||
./os
|
||||
./common
|
||||
];
|
||||
};
|
||||
|
||||
homeProfile = {
|
||||
imports = [
|
||||
./common
|
||||
./home
|
||||
];
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,25 +0,0 @@
|
||||
{ config, lib, pkgs, materusArg, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.browser;
|
||||
osConfig = (if (builtins.hasAttr "osConfig" config._module.args) then config._module.args.osConfig else null);
|
||||
in
|
||||
{
|
||||
|
||||
options = let mkBoolOpt = materusArg.pkgs.lib.mkBoolOpt; in {
|
||||
materus.profile.browser.firefox.enable = mkBoolOpt false "Enable Firefox with materus cfg";
|
||||
materus.profile.browser.vivaldi.enable = mkBoolOpt false "Enable Vivaldi with materus cfg";
|
||||
materus.profile.browser.brave.enable = mkBoolOpt false "Enable Brave with materus cfg";
|
||||
|
||||
};
|
||||
#TODO: Make some config
|
||||
config = lib.mkMerge [{
|
||||
home.packages = [
|
||||
(lib.mkIf cfg.firefox.enable config.materus.profile.packages.firefox)
|
||||
(lib.mkIf cfg.vivaldi.enable pkgs.vivaldi)
|
||||
(lib.mkIf cfg.brave.enable pkgs.brave)
|
||||
] ++ [ (lib.mkIf (osConfig != null && osConfig.materus.profile.browser.enable) osConfig.materus.profile.browser.package)];
|
||||
}
|
||||
];
|
||||
|
||||
|
||||
}
|
||||
@@ -1,71 +0,0 @@
|
||||
{ config, lib, pkgs, materusArg, ... }:
|
||||
let
|
||||
packages = cfg.packages;
|
||||
cfg = config.materus.profile;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./fonts.nix
|
||||
./browser.nix
|
||||
./xdg.nix
|
||||
|
||||
./shell
|
||||
./editor
|
||||
./terminal
|
||||
|
||||
];
|
||||
options.materus.profile.enableDesktop = materusArg.pkgs.lib.mkBoolOpt false "Enable settings for desktop";
|
||||
options.materus.profile.enableTerminal = materusArg.pkgs.lib.mkBoolOpt true "Enable settings for terminal";
|
||||
options.materus.profile.enableTerminalExtra = materusArg.pkgs.lib.mkBoolOpt false "Enable extra settings for terminal";
|
||||
options.materus.profile.enableNixDevel = materusArg.pkgs.lib.mkBoolOpt false "Enable settings for nix devel";
|
||||
|
||||
config =
|
||||
{
|
||||
|
||||
home.packages = (if cfg.enableDesktop then packages.list.desktopApps else [ ]) ++
|
||||
(if cfg.enableNixDevel then packages.list.nixRelated else [ ]) ++
|
||||
(if cfg.enableTerminal then packages.list.terminalApps else [ ]);
|
||||
#Desktop
|
||||
programs.feh.enable = lib.mkDefault cfg.enableDesktop;
|
||||
|
||||
#Terminal
|
||||
programs.git = {
|
||||
enable = lib.mkDefault cfg.enableTerminal;
|
||||
package = lib.mkDefault pkgs.gitFull;
|
||||
delta.enable = lib.mkDefault cfg.enableTerminal;
|
||||
lfs.enable = lib.mkDefault cfg.enableTerminal;
|
||||
};
|
||||
programs.gitui.enable = cfg.enableTerminalExtra;
|
||||
|
||||
programs.nix-index = {
|
||||
enable = lib.mkDefault cfg.enableTerminal;
|
||||
enableBashIntegration = lib.mkDefault config.programs.bash.enable;
|
||||
enableFishIntegration = lib.mkDefault config.programs.fish.enable;
|
||||
enableZshIntegration = lib.mkDefault config.programs.zsh.enable;
|
||||
};
|
||||
|
||||
programs.direnv = {
|
||||
enable = lib.mkDefault (cfg.enableTerminalExtra || cfg.enableNixDevel);
|
||||
nix-direnv.enable = lib.mkDefault (cfg.enableNixDevel && (config.programs.direnv.enable == true));
|
||||
enableBashIntegration = lib.mkDefault config.programs.bash.enable;
|
||||
#enableFishIntegration = lib.mkDefault config.programs.fish.enable;
|
||||
enableZshIntegration = lib.mkDefault config.programs.zsh.enable;
|
||||
};
|
||||
|
||||
|
||||
|
||||
programs.fzf = {
|
||||
enable = lib.mkDefault cfg.enableTerminalExtra;
|
||||
enableBashIntegration = lib.mkDefault config.programs.bash.enable;
|
||||
enableFishIntegration = lib.mkDefault config.programs.fish.enable;
|
||||
enableZshIntegration = lib.mkDefault config.programs.zsh.enable;
|
||||
};
|
||||
|
||||
programs.eza.enable = lib.mkDefault cfg.enableTerminalExtra;
|
||||
|
||||
programs.yt-dlp.enable = lib.mkDefault cfg.enableTerminalExtra;
|
||||
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
@@ -1,17 +0,0 @@
|
||||
{ config, lib, pkgs, materusArg, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.editor.code;
|
||||
in
|
||||
{
|
||||
options.materus.profile.editor.code.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableDesktop "Enable VSCodium with materus cfg";
|
||||
options.materus.profile.editor.code.fhs.enable = materusArg.pkgs.lib.mkBoolOpt false "Use fhs vscodium";
|
||||
options.materus.profile.editor.code.fhs.packages = lib.mkOption { default = (ps: [ ]); };
|
||||
config = lib.mkIf cfg.enable {
|
||||
programs.vscode = {
|
||||
enable = lib.mkDefault true;
|
||||
package = lib.mkDefault (if (cfg.fhs.enable) then (pkgs.vscodium.fhsWithPackages cfg.fhs.packages) else pkgs.vscodium);
|
||||
mutableExtensionsDir = lib.mkDefault true;
|
||||
};
|
||||
materus.profile.fonts.enable = lib.mkDefault true;
|
||||
};
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
./code.nix
|
||||
./neovim.nix
|
||||
./emacs
|
||||
];
|
||||
}
|
||||
@@ -1,122 +0,0 @@
|
||||
{ config, lib, pkgs, materusArg, ... }:
|
||||
let
|
||||
configPath = "${materusArg.cfg.path}" + "/extraFiles/config/emacs/";
|
||||
|
||||
inits = import ./init.nix { path = configPath; inherit pkgs; };
|
||||
packages = epkgs: with epkgs; [
|
||||
load-relative
|
||||
elcord
|
||||
persp-mode
|
||||
dashboard
|
||||
magit
|
||||
helm
|
||||
avy
|
||||
corfu
|
||||
vterm
|
||||
centaur-tabs
|
||||
projectile
|
||||
company
|
||||
clipetty
|
||||
|
||||
treemacs
|
||||
treemacs-nerd-icons
|
||||
treemacs-perspective
|
||||
treemacs-icons-dired
|
||||
treemacs-magit
|
||||
treemacs-projectile
|
||||
tree-edit
|
||||
vertico
|
||||
nerd-icons
|
||||
nerd-icons-completion
|
||||
perspective
|
||||
minions
|
||||
telephone-line
|
||||
rainbow-delimiters
|
||||
use-package
|
||||
|
||||
cmake-mode
|
||||
lsp-mode
|
||||
lsp-java
|
||||
lsp-jedi
|
||||
lsp-haskell
|
||||
lsp-ui
|
||||
lsp-treemacs
|
||||
dap-mode
|
||||
d-mode
|
||||
multiple-cursors
|
||||
org
|
||||
org-rainbow-tags
|
||||
org-roam
|
||||
org-roam-ui
|
||||
org-review
|
||||
markdown-mode
|
||||
json-mode
|
||||
nix-mode
|
||||
|
||||
minimap
|
||||
|
||||
|
||||
moe-theme
|
||||
doom-themes
|
||||
];
|
||||
|
||||
|
||||
default-config = ''
|
||||
(defvar materus/nix-packages t)
|
||||
(defvar materus/init-from-home nil)
|
||||
(unless materus/init-from-home
|
||||
(message "Config loading not from homeDir, need \"materus/init-from-home\" variable in init.el")
|
||||
${setNixInit}
|
||||
${inits.initText}
|
||||
)
|
||||
'';
|
||||
|
||||
emacsPkgs = with pkgs;[
|
||||
python3
|
||||
lua
|
||||
multimarkdown
|
||||
git
|
||||
];
|
||||
|
||||
|
||||
cfg = config.materus.profile.editor.emacs;
|
||||
|
||||
|
||||
setNixInit = ''
|
||||
(setenv "PATH" (concat (getenv "PATH") ":${lib.makeBinPath emacsPkgs}"))
|
||||
${builtins.concatStringsSep "\n" (builtins.map (x: "(setq exec-path (append exec-path '(\""+x+"/bin\")))" ) emacsPkgs)}
|
||||
(call-process-shell-command "${pkgs.xorg.xmodmap}/bin/xmodmap -e \"keycode 66 = Hyper_L\" -e \"remove Mod4 = Hyper_L\" -e \"add Mod3 = Hyper_L\" &" nil 0)
|
||||
'';
|
||||
in
|
||||
{
|
||||
options.materus.profile.editor.emacs.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable emacs with materus cfg";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
home.activation.emacsCompile = lib.hm.dag.entryAfter [ "linkGeneration" ] ''
|
||||
run ${config.programs.emacs.finalPackage}/bin/emacs --batch \
|
||||
--eval '(setq warning-minimum-log-level :error)' \
|
||||
--eval '(byte-compile-file "${config.xdg.configHome}/emacs/early-init.el")' \
|
||||
--eval '(byte-compile-file "${config.xdg.configHome}/emacs/init.el")'
|
||||
'';
|
||||
xdg.configFile."emacs/init.el".text = ''
|
||||
(defvar materus/nix-packages nil)
|
||||
(defvar materus/init-from-home t)
|
||||
(setq-default materus/init-from-home t)
|
||||
|
||||
${setNixInit}
|
||||
${inits.initText}
|
||||
'';
|
||||
|
||||
xdg.configFile."emacs/early-init.el".text = ''
|
||||
${inits.earlyInitText}
|
||||
'';
|
||||
|
||||
programs.emacs = {
|
||||
enable = true;
|
||||
package = with pkgs; lib.mkDefault materusArg.pkgs.emacs-materus;
|
||||
extraPackages = epkgs: ((packages epkgs));
|
||||
extraConfig = default-config;
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
@@ -1,17 +0,0 @@
|
||||
{ path, pkgs }:
|
||||
{
|
||||
|
||||
earlyInitText = ''
|
||||
${builtins.readFile (path + "early-init.el")}
|
||||
'';
|
||||
initText = ''
|
||||
(defvar materus/init-from-home nil)
|
||||
(when materus/init-from-home
|
||||
(setq-default inhibit-defaul-init 1)
|
||||
)
|
||||
(setq-default materus/nix-packages (require 'doom-themes nil 'noerror))
|
||||
${builtins.readFile (path + "packages.el")}
|
||||
${builtins.readFile (path + "init.el")}
|
||||
'';
|
||||
|
||||
}
|
||||
@@ -1,35 +0,0 @@
|
||||
{ config, lib, pkgs, materusArg, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.editor.neovim;
|
||||
in
|
||||
{
|
||||
options.materus.profile.editor.neovim.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableTerminalExtra "Enable neovim with materus cfg";
|
||||
config = lib.mkIf cfg.enable {
|
||||
programs.neovim = {
|
||||
enable = true;
|
||||
coc.enable = true;
|
||||
viAlias = true;
|
||||
vimAlias = true;
|
||||
vimdiffAlias = true;
|
||||
|
||||
|
||||
extraConfig = ''
|
||||
set number
|
||||
'';
|
||||
|
||||
|
||||
plugins = with pkgs.vimPlugins;[
|
||||
syntastic
|
||||
|
||||
vim-fugitive
|
||||
vim-airline
|
||||
vim-nix
|
||||
|
||||
nvim-fzf
|
||||
nvim-treesitter.withAllGrammars
|
||||
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,13 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
packages = config.materus.profile.packages;
|
||||
cfg = config.materus.profile.fonts;
|
||||
in
|
||||
{
|
||||
options.materus.profile.fonts.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableDesktop "Enable materus font settings";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
fonts.fontconfig.enable = lib.mkDefault true;
|
||||
home.packages = packages.list.fonts;
|
||||
};
|
||||
}
|
||||
@@ -1,20 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.bash;
|
||||
in
|
||||
{
|
||||
options.materus.profile.bash.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableTerminal "Enable materus bash config";
|
||||
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
programs.bash = {
|
||||
enable = true;
|
||||
enableCompletion = lib.mkDefault true;
|
||||
enableVteIntegration = lib.mkDefault true;
|
||||
historyControl = lib.mkDefault [ "erasedups" "ignorespace" ];
|
||||
shellOptions = lib.mkDefault [ "autocd" "checkwinsize" "cmdhist" "expand_aliases" "extglob" "globstar" "checkjobs" "nocaseglob" ];
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,9 +0,0 @@
|
||||
{
|
||||
|
||||
imports = [
|
||||
./zsh.nix
|
||||
./bash.nix
|
||||
./fish.nix
|
||||
./starship.nix
|
||||
];
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.fish;
|
||||
in
|
||||
{
|
||||
options.materus.profile.fish.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableTerminalExtra "Enable materus fish config";
|
||||
config = lib.mkIf cfg.enable {
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -1,48 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
profile = config.materus.profile;
|
||||
cfg = config.materus.profile.starship;
|
||||
in
|
||||
{
|
||||
options.materus.profile.starship.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable materus starship config";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
programs.starship.enable = true;
|
||||
|
||||
programs.starship.settings = {
|
||||
|
||||
python = {
|
||||
symbol = " ";
|
||||
};
|
||||
|
||||
format = "$username@$hostname$all";
|
||||
right_format = "$cmd_duration $time";
|
||||
|
||||
time = {
|
||||
disabled = false;
|
||||
style = "bold bright-black";
|
||||
format = "[$time]($style)";
|
||||
};
|
||||
|
||||
line_break = { disabled = true; };
|
||||
shell = {
|
||||
disabled = false;
|
||||
fish_indicator = "fish";
|
||||
bash_indicator = "bash";
|
||||
zsh_indicator = "zsh";
|
||||
style = "blue bold";
|
||||
};
|
||||
|
||||
hostname = {
|
||||
ssh_only = false;
|
||||
};
|
||||
username = {
|
||||
disabled = false;
|
||||
show_always = true;
|
||||
format = "[$user]($style)";
|
||||
style_user = "white bold";
|
||||
style_root = "black bold";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -1,189 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
|
||||
relToDotDir = file: (lib.optionalString (config.programs.zsh.dotDir != null) (config.programs.zsh.dotDir + "/")) + file;
|
||||
pluginsDir =
|
||||
if config.programs.zsh.dotDir != null then
|
||||
relToDotDir "plugins" else "${config.home.homeDirectory}/.zsh/plugins";
|
||||
|
||||
|
||||
|
||||
p10kcfg = "${zshcfg}/p10kcfg";
|
||||
zshcfg = "${materusArg.cfg.path}" + "/extraFiles/config/zsh";
|
||||
cfg = config.materus.profile.zsh;
|
||||
|
||||
makeEnv = name: val: ''${name}=''${${name}:-"${val}"}'';
|
||||
makeIfVar = var: val: ret: ''
|
||||
if [[ "''$${var}" = "${val}" ]]; then
|
||||
${ret}
|
||||
fi
|
||||
'';
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
makePlugin = nameArg: fileArg: srcArg: rec {
|
||||
name = nameArg;
|
||||
src = srcArg;
|
||||
path = pluginsDir + "/" + name;
|
||||
file = fileArg;
|
||||
fullPath = path + "/" + file;
|
||||
};
|
||||
|
||||
extraPlugins = {
|
||||
powerlevel10k = makePlugin "powerlevel10k" "powerlevel10k.zsh-theme" (pkgs.fetchFromGitHub {
|
||||
owner = "romkatv";
|
||||
repo = "powerlevel10k";
|
||||
rev = "v1.20.0";
|
||||
sha256 = "sha256-ES5vJXHjAKw/VHjWs8Au/3R+/aotSbY7PWnWAMzCR8E=";
|
||||
});
|
||||
sudo = makePlugin "sudo" "sudo.plugin.zsh" "${pkgs.oh-my-zsh}/share/oh-my-zsh/plugins/sudo";
|
||||
extract = makePlugin "extract" "extract.plugin.zsh" "${pkgs.oh-my-zsh}/share/oh-my-zsh/plugins/extract";
|
||||
|
||||
|
||||
};
|
||||
in
|
||||
{
|
||||
options.materus.profile.zsh.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableTerminalExtra "Enable materus zsh config";
|
||||
options.materus.profile.zsh.prompt = lib.mkOption {
|
||||
type = lib.types.enum [ "p10k" ];
|
||||
example = "p10k";
|
||||
default = "p10k";
|
||||
};
|
||||
options.materus.profile.zsh.endConfig = lib.mkOption {
|
||||
default = "";
|
||||
description = "Zsh config after all of config";
|
||||
type = lib.types.lines;
|
||||
};
|
||||
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
home.packages = [
|
||||
pkgs.ripgrep
|
||||
];
|
||||
|
||||
home.file = lib.mkMerge [
|
||||
(builtins.foldl' (a: b: a // b) { } (builtins.map (plugin: { ${plugin.path}.source = plugin.src; }) (builtins.attrValues extraPlugins)))
|
||||
{ "${relToDotDir ".zshrc"}".text = lib.mkAfter cfg.endConfig; }
|
||||
];
|
||||
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
enableAutosuggestions = true;
|
||||
enableSyntaxHighlighting = true;
|
||||
enableVteIntegration = true;
|
||||
historySubstringSearch.enable = true;
|
||||
historySubstringSearch.searchUpKey = "$key[Up]";
|
||||
historySubstringSearch.searchDownKey = "$key[Down]";
|
||||
|
||||
|
||||
envExtra = ''
|
||||
${makeEnv "__MATERUS_HM_ZSH" "1"}
|
||||
${makeEnv "__MATERUS_HM_ZSH_PROMPT" cfg.prompt}
|
||||
${makeEnv "__MATERUS_HM_ZSH_PRIVATE" "0"}
|
||||
'';
|
||||
initExtraFirst = ''
|
||||
${makeIfVar "__MATERUS_HM_ZSH_PROMPT" "p10k" ''
|
||||
if [[ -r "''${XDG_CACHE_HOME:-$HOME/.cache}/p10k-instant-prompt-''${(%):-%n}.zsh" ]]; then
|
||||
source "''${XDG_CACHE_HOME:-$HOME/.cache}/p10k-instant-prompt-''${(%):-%n}.zsh"
|
||||
fi
|
||||
if [[ -f "${extraPlugins.powerlevel10k.fullPath}" ]]; then
|
||||
source "${extraPlugins.powerlevel10k.fullPath}"
|
||||
fi
|
||||
''
|
||||
}
|
||||
if zmodload zsh/terminfo && (( "$terminfo[colors]" >= "256" )); then
|
||||
__MATERUS_HM_ZSH_256COLORS="''${__MATERUS_HM_ZSH_256COLORS:-1}"; else
|
||||
__MATERUS_HM_ZSH_256COLORS="''${__MATERUS_HM_ZSH_256COLORS:-0}";
|
||||
fi
|
||||
|
||||
if [[ -f "${extraPlugins.sudo.fullPath}" ]]; then
|
||||
source "${extraPlugins.sudo.fullPath}"
|
||||
fi
|
||||
if [[ -f "${extraPlugins.extract.fullPath}" ]]; then
|
||||
source "${extraPlugins.extract.fullPath}"
|
||||
path+="${extraPlugins.extract.path}"
|
||||
fpath+="${extraPlugins.extract.path}"
|
||||
fi
|
||||
'';
|
||||
|
||||
|
||||
|
||||
plugins = [
|
||||
];
|
||||
|
||||
history = {
|
||||
extended = true;
|
||||
save = 100000;
|
||||
size = 100000;
|
||||
share = true;
|
||||
ignoreDups = true;
|
||||
ignoreAllDups = true;
|
||||
ignoreSpace = true;
|
||||
};
|
||||
|
||||
completionInit = ''
|
||||
ZSH_COMPDUMP="''${ZSH_COMPDUMP:-''${XDG_CACHE_HOME:-${config.home.homeDirectory}/.cache}/.zcompdump-''${HOST}-''${ZSH_VERSION}}"
|
||||
autoload -U compinit && compinit -d $ZSH_COMPDUMP
|
||||
'';
|
||||
initExtra = ''
|
||||
if [[ "$__ETC_ZSHRC_SOURCED" != "1" ]]; then
|
||||
. ${zshcfg}/zinputrc
|
||||
fi
|
||||
source ${zshcfg}/zshcompletion.zsh
|
||||
|
||||
history-substring-search-up-prefixed(){
|
||||
HISTORY_SUBSTRING_SEARCH_PREFIXED=1 history-substring-search-up
|
||||
}
|
||||
history-substring-search-down-prefixed(){
|
||||
HISTORY_SUBSTRING_SEARCH_PREFIXED=1 history-substring-search-down
|
||||
}
|
||||
|
||||
|
||||
zle -N history-substring-search-up-prefixed
|
||||
zle -N history-substring-search-down-prefixed
|
||||
|
||||
|
||||
bindkey -r "^["
|
||||
bindkey "^[[1;5C" forward-word
|
||||
bindkey "^[[1;5D" backward-word
|
||||
bindkey "^[[1;5A" history-substring-search-up-prefixed
|
||||
bindkey "^[[1;5B" history-substring-search-down-prefixed
|
||||
|
||||
zsh-private() {
|
||||
__MATERUS_HM_ZSH_PRIVATE=1 ${lib.getExe config.programs.zsh.package}
|
||||
}
|
||||
|
||||
myip() {
|
||||
${lib.getExe pkgs.wget} -qO- https://wtfismyip.com/text
|
||||
}
|
||||
|
||||
speedtest() {
|
||||
${lib.getExe pkgs.curl} -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | ${lib.getExe pkgs.python3}
|
||||
}
|
||||
|
||||
|
||||
'' +
|
||||
makeIfVar "__MATERUS_HM_ZSH_PROMPT" "p10k" ''
|
||||
if [[ "$__MATERUS_HM_ZSH_256COLORS" = "1" ]] ; then
|
||||
[[ ! -f ${p10kcfg}/fullcolor.zsh ]] || source ${p10kcfg}/fullcolor.zsh
|
||||
else
|
||||
[[ ! -f ${p10kcfg}/compatibility.zsh ]] || source ${p10kcfg}/compatibility.zsh
|
||||
fi
|
||||
'' + makeIfVar "__MATERUS_HM_ZSH_PRIVATE" "1" ''
|
||||
unset HISTFILE
|
||||
${lib.optionalString config.programs.zsh.history.share "unsetopt SHARE_HISTORY"}
|
||||
alias -- 'zsh'="__MATERUS_HM_ZSH_PRIVATE=0 zsh "
|
||||
''
|
||||
|
||||
;
|
||||
|
||||
};
|
||||
|
||||
programs.starship.enableZshIntegration = lib.mkDefault false;
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
@@ -1,9 +0,0 @@
|
||||
{...}:
|
||||
{
|
||||
|
||||
imports = [
|
||||
./wezterm.nix
|
||||
./tmux.nix
|
||||
];
|
||||
|
||||
}
|
||||
@@ -1,20 +0,0 @@
|
||||
{ materusArg, config, lib, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.tmux;
|
||||
in
|
||||
{
|
||||
options.materus.profile.tmux.enable = materusArg.pkgs.lib.mkBoolOpt true "Enable materus tmux config";
|
||||
config = lib.mkIf cfg.enable
|
||||
{
|
||||
programs.tmux = {
|
||||
enable = true;
|
||||
clock24 = lib.mkDefault true;
|
||||
aggressiveResize = lib.mkDefault true;
|
||||
escapeTime = lib.mkDefault 0;
|
||||
historyLimit = lib.mkDefault 10000;
|
||||
mouse = lib.mkDefault true;
|
||||
terminal = lib.mkDefault "tmux-256color";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
@@ -1,45 +0,0 @@
|
||||
{ config, lib, materusArg, pkgs, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.wezterm;
|
||||
zshCfg = ''
|
||||
source "${config.programs.wezterm.package}/etc/profile.d/wezterm.sh"
|
||||
'';
|
||||
in
|
||||
{
|
||||
options.materus.profile.wezterm.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableDesktop "Enable materus wezterm config";
|
||||
options.materus.profile.wezterm.enableHackFont = materusArg.pkgs.lib.mkBoolOpt true "Enable hack nerd font for wezterm";
|
||||
options.materus.profile.wezterm.enableWezcraft = materusArg.pkgs.lib.mkBoolOpt true "Enable alias to start wezcraft with monocraft font";
|
||||
options.materus.profile.wezterm.extraConfig = lib.mkOption {
|
||||
default = "";
|
||||
description = "Config for wezterm";
|
||||
type = lib.types.lines;
|
||||
};
|
||||
config = lib.mkIf cfg.enable
|
||||
{
|
||||
programs.wezterm.enable = true;
|
||||
programs.wezterm.colorSchemes = { };
|
||||
programs.wezterm.enableZshIntegration = false;
|
||||
programs.wezterm.extraConfig = ''
|
||||
|
||||
package.path = package.path .. ";${materusArg.cfg.path}/extraFiles/config/wezterm/?.lua"
|
||||
require("wezterm_config");
|
||||
local config = materus_wezterm_config();
|
||||
${lib.optionalString cfg.enableHackFont "config.font = wezterm.font 'Hack Nerd Font';"}
|
||||
${cfg.extraConfig}
|
||||
|
||||
return config;
|
||||
'';
|
||||
|
||||
home.packages = [
|
||||
(lib.mkIf cfg.enableHackFont (pkgs.nerdfonts.override {
|
||||
fonts = [ "Hack" ];
|
||||
}))
|
||||
(lib.mkIf cfg.enableWezcraft (pkgs.monocraft))
|
||||
(lib.mkIf cfg.enableWezcraft (pkgs.writeShellScriptBin "wezcraft" ''
|
||||
${lib.getExe config.programs.wezterm.package} --config font="wezterm.font 'Monocraft Nerd Font'" $@
|
||||
''))
|
||||
];
|
||||
|
||||
materus.profile.zsh.endConfig = lib.optionalString cfg.enableWezcraft zshCfg;
|
||||
};
|
||||
}
|
||||
@@ -1,40 +0,0 @@
|
||||
{ config, lib, materusArg, pkgs, ... }:
|
||||
{
|
||||
|
||||
options.materus.profile.xdg =
|
||||
{
|
||||
enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableDesktop "Enable xdg settings";
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.materus.profile.xdg;
|
||||
in
|
||||
lib.mkIf cfg.enable {
|
||||
xdg.enable = true;
|
||||
|
||||
xdg.userDirs.enable = lib.mkDefault true;
|
||||
xdg.userDirs.createDirectories = lib.mkDefault config.xdg.userDirs.enable;
|
||||
|
||||
xdg.userDirs.desktop = lib.mkDefault "${config.home.homeDirectory}/Pulpit";
|
||||
xdg.userDirs.documents = lib.mkDefault "${config.home.homeDirectory}/Dokumenty";
|
||||
xdg.userDirs.download = lib.mkDefault "${config.home.homeDirectory}/Pobrane";
|
||||
xdg.userDirs.music = lib.mkDefault "${config.xdg.userDirs.extraConfig.XDG_AUDIO_DIR}/Muzyka";
|
||||
xdg.userDirs.pictures = lib.mkDefault "${config.home.homeDirectory}/Obrazy";
|
||||
xdg.userDirs.publicShare = lib.mkDefault "${config.home.homeDirectory}/Publiczny";
|
||||
xdg.userDirs.templates = lib.mkDefault "${config.home.homeDirectory}/Szablony";
|
||||
xdg.userDirs.videos = lib.mkDefault "${config.home.homeDirectory}/Wideo";
|
||||
xdg.userDirs.extraConfig = {
|
||||
XDG_MISC_DIR = lib.mkDefault "${config.home.homeDirectory}/Inne";
|
||||
XDG_PIC_SCREENSHOTS_DIR = lib.mkDefault "${config.xdg.userDirs.pictures}/Zrzuty ekranu";
|
||||
XDG_PIC_MEMES_DIR = lib.mkDefault "${config.xdg.userDirs.pictures}/Memy";
|
||||
XDG_PIC_MISC_DIR = lib.mkDefault "${config.xdg.userDirs.pictures}/Inne";
|
||||
XDG_PIC_PHOTOS_DIR = lib.mkDefault "${config.xdg.userDirs.pictures}/Zdjęcia";
|
||||
XDG_PIC_AVATARS_DIR = "${config.xdg.userDirs.pictures}/Avatar";
|
||||
XDG_AUDIO_DIR = lib.mkDefault "${config.home.homeDirectory}/Audio";
|
||||
XDG_KEYS_DIR = lib.mkDefault "${config.xdg.userDirs.documents}/Klucze";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
@@ -1,29 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
imports = [
|
||||
./nix.nix
|
||||
./fonts.nix
|
||||
|
||||
./shell
|
||||
./games
|
||||
./desktop
|
||||
];
|
||||
|
||||
time.timeZone = lib.mkDefault "Europe/Warsaw";
|
||||
i18n.defaultLocale = lib.mkDefault "pl_PL.UTF-8";
|
||||
|
||||
console = {
|
||||
enable = lib.mkDefault true;
|
||||
earlySetup = lib.mkDefault true;
|
||||
font = lib.mkDefault "LatArCyrHeb-16";
|
||||
keyMap = lib.mkDefault "pl";
|
||||
};
|
||||
|
||||
programs.tmux = {
|
||||
enable = lib.mkDefault true;
|
||||
clock24 = lib.mkDefault true;
|
||||
};
|
||||
environment.systemPackages = lib.mkIf config.programs.tmux.enable [ pkgs.tmux.terminfo ];
|
||||
|
||||
}
|
||||
|
||||
@@ -1,24 +0,0 @@
|
||||
{ materusArg, config, pkgs, lib, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.browser;
|
||||
in
|
||||
{
|
||||
options.materus.profile.browser.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable materus default browser config";
|
||||
options.materus.profile.browser.default = lib.mkOption {
|
||||
type = lib.types.enum [ "firefox" "brave" "vivaldi" ];
|
||||
example = "vivaldi";
|
||||
default = "brave";
|
||||
};
|
||||
options.materus.profile.browser.package = materusArg.pkgs.lib.mkPrivateVar
|
||||
(if (cfg.default == "firefox") then config.materus.profile.packages.firefox else
|
||||
if (cfg.default == "vivaldi") then pkgs.vivaldi else
|
||||
if (cfg.default == "brave") then pkgs.brave else { });
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [
|
||||
config.materus.profile.browser.package
|
||||
];
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
{
|
||||
|
||||
imports = [
|
||||
./browser.nix
|
||||
];
|
||||
}
|
||||
@@ -1,24 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
packages = config.materus.profile.packages;
|
||||
cfg = config.materus.profile.fonts;
|
||||
in
|
||||
{
|
||||
options.materus.profile.fonts.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable materus font settings for OS";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
fonts.packages = packages.list.fonts ++ packages.list.moreFonts;
|
||||
fonts.enableDefaultPackages = lib.mkDefault true;
|
||||
|
||||
fonts.fontconfig.enable = lib.mkDefault true;
|
||||
fonts.fontconfig.cache32Bit = lib.mkDefault true;
|
||||
|
||||
fonts.fontconfig.defaultFonts.sansSerif = [ "Noto Sans" "DejaVu Sans" "WenQuanYi Zen Hei" "Noto Color Emoji" ];
|
||||
fonts.fontconfig.defaultFonts.serif = [ "Noto Serif" "DejaVu Serif" "WenQuanYi Zen Hei" "Noto Color Emoji" ];
|
||||
fonts.fontconfig.defaultFonts.emoji = [ "Noto Color Emoji" "OpenMoji Color" ];
|
||||
fonts.fontconfig.defaultFonts.monospace = [ "Hack Nerd Font" "Noto Sans Mono" "WenQuanYi Zen Hei Mono" ];
|
||||
|
||||
fonts.fontDir.enable = lib.mkDefault true;
|
||||
};
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
./steam.nix
|
||||
];
|
||||
}
|
||||
@@ -1,115 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, inputs, ... }:
|
||||
let
|
||||
steamPkg = pkgs.steam.override {
|
||||
extraPkgs = pkgs: [
|
||||
pkgs.libdecor
|
||||
pkgs.obs-studio-plugins.obs-vkcapture
|
||||
pkgs.steamcmd
|
||||
pkgs.nss_latest
|
||||
pkgs.libstrangle
|
||||
pkgs.libkrb5
|
||||
pkgs.keyutils
|
||||
pkgs.libGL
|
||||
pkgs.libglvnd
|
||||
pkgs.gamescope
|
||||
pkgs.steamPackages.steam
|
||||
pkgs.libxcrypt
|
||||
pkgs.gnutls
|
||||
pkgs.xorg.libXcursor
|
||||
pkgs.xorg.libXi
|
||||
pkgs.xorg.libXinerama
|
||||
pkgs.xorg.libXScrnSaver
|
||||
pkgs.xorg.xinput
|
||||
pkgs.xorg.xcbutilwm
|
||||
pkgs.xorg.xcbutilimage
|
||||
pkgs.xorg.xcbutilkeysyms
|
||||
pkgs.xorg.xcbutilerrors
|
||||
pkgs.xorg.xcbutilrenderutil
|
||||
pkgs.xorg.xcbutil
|
||||
pkgs.xorg.xwininfo
|
||||
pkgs.yad
|
||||
pkgs.xdotool
|
||||
pkgs.libinput
|
||||
pkgs.openvdb
|
||||
pkgs.openssl
|
||||
pkgs.tbb
|
||||
pkgs.gtk4
|
||||
pkgs.gtk3
|
||||
pkgs.glib
|
||||
pkgs.gsettings-desktop-schemas
|
||||
pkgs.fuse
|
||||
pkgs.samba4Full
|
||||
pkgs.tdb
|
||||
pkgs.jbig2enc
|
||||
pkgs.jbig2dec
|
||||
pkgs.vivaldi
|
||||
pkgs.x264.lib
|
||||
pkgs.steamtinkerlaunch
|
||||
pkgs.pipewire
|
||||
pkgs.gitFull
|
||||
pkgs.git-lfs
|
||||
|
||||
] ++ config.materus.profile.packages.list.fonts ++ config.materus.profile.steam.extraPkgs;
|
||||
|
||||
extraLibraries = pkgs: [
|
||||
pkgs.libkrb5
|
||||
pkgs.keyutils
|
||||
pkgs.ncurses6
|
||||
pkgs.xorg.xinput
|
||||
pkgs.libinput
|
||||
pkgs.fontconfig
|
||||
pkgs.libxcrypt
|
||||
pkgs.gnutls
|
||||
pkgs.samba
|
||||
pkgs.tdb
|
||||
pkgs.jemalloc
|
||||
pkgs.gperftools
|
||||
] ++
|
||||
(with config.hardware.opengl; if pkgs.hostPlatform.is64bit
|
||||
then [ package ] ++ extraPackages
|
||||
else [ package32 ] ++ extraPackages32);
|
||||
|
||||
extraEnv = config.materus.profile.steam.extraEnv;
|
||||
|
||||
};
|
||||
|
||||
cfg = config.materus.profile.steam;
|
||||
in
|
||||
{
|
||||
options.materus.profile.steam.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable materus steam settings for OS";
|
||||
options.materus.profile.steam.package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = steamPkg;
|
||||
description = "Package used by steam";
|
||||
};
|
||||
options.materus.profile.steam.extraPkgs = lib.mkOption {
|
||||
default = [ ];
|
||||
description = "Extra packages for steam";
|
||||
};
|
||||
options.materus.profile.steam.extraEnv = lib.mkOption {
|
||||
default = { };
|
||||
description = "Extra Env for steam";
|
||||
};
|
||||
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
hardware.steam-hardware.enable = lib.mkDefault true;
|
||||
materus.profile.steam.extraEnv = {
|
||||
XDG_DATA_DIRS = "/usr/share:\${XDG_DATA_DIRS}";
|
||||
OBS_VKCAPTURE = "1";
|
||||
};
|
||||
programs.steam = {
|
||||
enable = lib.mkDefault true;
|
||||
dedicatedServer.openFirewall = lib.mkDefault true;
|
||||
remotePlay.openFirewall = lib.mkDefault true;
|
||||
};
|
||||
environment.sessionVariables = rec {
|
||||
STEAM_EXTRA_COMPAT_TOOLS_PATHS = lib.mkDefault "\${HOME}/.steam/root/compatibilitytools.d";
|
||||
};
|
||||
environment.systemPackages = [
|
||||
steamPkg
|
||||
steamPkg.run
|
||||
|
||||
];
|
||||
};
|
||||
}
|
||||
@@ -1,22 +0,0 @@
|
||||
{ config, pkgs, lib, materusArg, ... }:
|
||||
let
|
||||
cfg = config.materus.profile.nix;
|
||||
in
|
||||
{
|
||||
options.materus.profile.nix.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable materus nix settings";
|
||||
config.nix = lib.mkIf cfg.enable {
|
||||
|
||||
settings = {
|
||||
experimental-features = [ "nix-command" "flakes" "repl-flake" "no-url-literals" ];
|
||||
auto-optimise-store = true;
|
||||
trusted-users = [ "root" "@wheel" ];
|
||||
|
||||
substituters = [
|
||||
"https://nix-community.cachix.org"
|
||||
"https://cache.nixos.org/"
|
||||
"https://nixerus.cachix.org/"
|
||||
];
|
||||
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixerus.cachix.org-1:2x7sIG7y1vAoxc8BNRJwsfapZsiX4hIl4aTi9V5ZDdE=" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
{
|
||||
imports = [
|
||||
./zsh.nix
|
||||
];
|
||||
|
||||
|
||||
}
|
||||
@@ -1,22 +0,0 @@
|
||||
{materusArg, config, pkgs, lib, ...}:
|
||||
let
|
||||
cfg = config.materus.profile.zsh;
|
||||
in
|
||||
{
|
||||
options.materus.profile.zsh.enable = materusArg.pkgs.lib.mkBoolOpt true "Enable materus system zsh config";
|
||||
config = lib.mkIf cfg.enable {
|
||||
users.defaultUserShell = pkgs.zsh;
|
||||
environment.shells = [ pkgs.zsh ];
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
enableGlobalCompInit=false;
|
||||
interactiveShellInit = ''
|
||||
if [[ ''${__MATERUS_HM_ZSH:-0} == 0 ]]; then
|
||||
source ${pkgs.grml-zsh-config}/etc/zsh/zshrc
|
||||
fi
|
||||
'';
|
||||
promptInit = ''
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -1,5 +0,0 @@
|
||||
{ inputs, materusFlake, ... }:
|
||||
let
|
||||
genHomes = import ./genHomes.nix { inherit inputs; inherit materusFlake; };
|
||||
in
|
||||
genHomes "materus"
|
||||
@@ -1,56 +0,0 @@
|
||||
{ inputs, materusFlake, ... }:
|
||||
let
|
||||
profiles = import (materusFlake.selfPath + "/configurations/profile");
|
||||
|
||||
hosts = builtins.attrNames materusFlake.nixosConfigurations;
|
||||
genHomes = username:
|
||||
let
|
||||
#Make host specific user profile "username@host"
|
||||
_list = builtins.map (host: username + "@" + host) hosts;
|
||||
_for = i: (
|
||||
let len = builtins.length hosts; in
|
||||
([{
|
||||
name = builtins.elemAt _list i;
|
||||
value = let host = builtins.elemAt hosts i; in
|
||||
materusFlake.nixosConfigurations.${host}.materusCfg.hm.lib.homeManagerConfiguration {
|
||||
pkgs = materusFlake.nixosConfigurations.${host}.pkgs;
|
||||
extraSpecialArgs = { materusCfg = materusFlake.nixosConfigurations.${host}.materusCfg // { isHm = true; }; };
|
||||
modules = [
|
||||
(materusFlake.selfPath + "/configurations/shared/home/${username}")
|
||||
(materusFlake.selfPath + "/configurations/host/${host}/home/${username}")
|
||||
profiles.homeProfile
|
||||
materusFlake.nixosConfigurations.${host}.materusCfg.configInputs.sops-nix.homeManagerModules.sops
|
||||
];
|
||||
};
|
||||
}]
|
||||
++ (if ((i + 1) < len) then _for (i + 1) else [ ]))
|
||||
);
|
||||
in
|
||||
(builtins.listToAttrs (_for 0)) // {
|
||||
#Make generic x86_64-linux user profile "username"
|
||||
${username} =
|
||||
let
|
||||
materusCfg = {
|
||||
stable = false;
|
||||
inherit materusFlake;
|
||||
host = "Generic";
|
||||
hm = inputs.configInputs.home-manager;
|
||||
hmAsModule = false;
|
||||
nixerus = inputs.configInputs.nixerus;
|
||||
configInputs = inputs.configInputs;
|
||||
path = materusFlake.selfPath;
|
||||
isHm = true;
|
||||
};
|
||||
in
|
||||
inputs.configInputs.home-manager.lib.homeManagerConfiguration {
|
||||
pkgs = import inputs.nixpkgs { system = "x86_64-linux"; config = { allowUnfree = true; }; };
|
||||
extraSpecialArgs = { inherit materusCfg; };
|
||||
modules = [
|
||||
./${username}
|
||||
profiles.homeProfile
|
||||
materusCfg.configInputs.sops-nix.homeManagerModules.sops
|
||||
];
|
||||
};
|
||||
};
|
||||
in
|
||||
genHomes
|
||||
@@ -1,15 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
|
||||
home.username = "materus";
|
||||
home.packages = [ ];
|
||||
|
||||
programs.git.signing.key = lib.mkDefault "28D140BCA60B4FD1";
|
||||
programs.git.userEmail = lib.mkDefault "materus@podkos.pl";
|
||||
programs.git.userName = lib.mkDefault "materus";
|
||||
|
||||
home.stateVersion = lib.mkDefault "23.05";
|
||||
home.homeDirectory = lib.mkDefault "/home/materus";
|
||||
|
||||
programs.home-manager.enable = lib.mkDefault true;
|
||||
}
|
||||
@@ -1,63 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
|
||||
cd $SCRIPT_DIR
|
||||
|
||||
if [ $# = 0 ] || ( [ $# = 1 ] && [ $1 = "help" ] ); then
|
||||
echo "Use \"unlock\" to unlock with pgp"
|
||||
echo "Use \"unlock\" /path/to/key to unlock with symmetric key"
|
||||
echo "Use \"lock\": to lock repository"
|
||||
exit
|
||||
fi
|
||||
check_git () {
|
||||
if [ "$(git status --porcelain)" ]; then
|
||||
echo "Working directory not clean."
|
||||
echo "Please commit your changes or 'git stash' them before running this script"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
create_decrypt () {
|
||||
touch decrypted
|
||||
git add --intent-to-add decrypted
|
||||
git update-index --assume-unchanged decrypted
|
||||
}
|
||||
delete_decrypt () {
|
||||
rm decrypted
|
||||
git rm decrypted
|
||||
}
|
||||
|
||||
|
||||
if [ $# = 1 ]; then
|
||||
|
||||
if [ $1 = "unlock" ]; then
|
||||
check_git
|
||||
git-crypt unlock
|
||||
create_decrypt
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ $1 = "lock" ]; then
|
||||
check_git
|
||||
delete_decrypt
|
||||
git-crypt lock
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ $1 = "create_decrypt" ]; then
|
||||
create_decrypt
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ $1 = "delete_decrypt" ]; then
|
||||
delete_decrypt
|
||||
exit
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
if [ $# = 2 ] && [ $1 = "unlock" ]; then
|
||||
git-crypt unlock $2
|
||||
create_decrypt
|
||||
exit
|
||||
fi
|
||||
+22
@@ -0,0 +1,22 @@
|
||||
let
|
||||
flake-compatish = import (
|
||||
builtins.fetchTree {
|
||||
type = "github";
|
||||
owner = "lillecarl";
|
||||
repo = "flake-compatish";
|
||||
ref = "main";
|
||||
}
|
||||
);
|
||||
|
||||
flake = flake-compatish {
|
||||
source = ./.;
|
||||
overrides = {
|
||||
self = ./.;
|
||||
materus-inputs = ./nix-config/subflake;
|
||||
materus-inputs-unstable = ./nix-config/subflake;
|
||||
};
|
||||
};
|
||||
in
|
||||
flake.impure
|
||||
|
||||
# sudo -i nixos-rebuild switch --file . --attr nixosConfigurations.${HOSTNAME}
|
||||
@@ -0,0 +1,18 @@
|
||||
diff --git a/bubblewrap.c b/bubblewrap.c
|
||||
index f606257..4ccb199 100644
|
||||
--- a/bubblewrap.c
|
||||
+++ b/bubblewrap.c
|
||||
@@ -876,13 +876,6 @@ acquire_privs (void)
|
||||
/* Keep only the required capabilities for setup */
|
||||
set_required_caps ();
|
||||
}
|
||||
- else if (real_uid != 0 && has_caps ())
|
||||
- {
|
||||
- /* We have some capabilities in the non-setuid case, which should not happen.
|
||||
- Probably caused by the binary being setcap instead of setuid which we
|
||||
- don't support anymore */
|
||||
- die ("Unexpected capabilities but not setuid, old file caps config?");
|
||||
- }
|
||||
else if (real_uid == 0)
|
||||
{
|
||||
/* If our uid is 0, default to inheriting all caps; the caller
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user