From 8e5f8e619f9ec9f30040796f837e25eaffbf9c0f Mon Sep 17 00:00:00 2001 From: Sneexy Date: Sun, 21 Apr 2024 12:59:57 -0500 Subject: [PATCH] chore: split default nix config --- config/desktop.nix | 78 +++++++++++ config/networking.nix | 47 +++++++ config/nixos.nix | 71 ++++++++++ config/packages.nix | 80 +++++++++++ machines/thonkpad/default.nix | 2 +- machines/thunkpad/default.nix | 2 +- nixos.nix | 253 ---------------------------------- 7 files changed, 278 insertions(+), 255 deletions(-) create mode 100644 config/desktop.nix create mode 100644 config/networking.nix create mode 100644 config/nixos.nix create mode 100644 config/packages.nix delete mode 100644 nixos.nix diff --git a/config/desktop.nix b/config/desktop.nix new file mode 100644 index 0000000..4764942 --- /dev/null +++ b/config/desktop.nix @@ -0,0 +1,78 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { + # so, funny thing i learned - "xserver" is basically the blanket term for all gui stuff in nixos. + # this really confuses me, because i'm trying to keep xorg out of this install and only wayland in. + # i may miss some spots though. + # see: https://www.reddit.com/r/NixOS/comments/17ia1g8/i_dont_understand_nixoss_wayland_setup/ + # EDIT: they changed it !!!! + + services.xserver.enable = true; + + # use sddm and only use its wayland session + services.displayManager.sddm.enable = true; + services.displayManager.sddm.wayland.enable = true; + # default to plasma wayland session + services.displayManager.defaultSession = "plasma"; + # gyattde rizzma 6 + services.desktopManager.plasma6 = { + enable = true; + }; + + programs.xwayland.enable = true; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "us"; + }; + + # don't install some of the default packages since i don't need them + environment.plasma6.excludePackages = with pkgs.kdePackages; [ + elisa + ]; + + environment.variables = { + # wayland related + NIXOS_OZONE_WL = "1"; + # custom sudo prompt for the xds + SUDO_PROMPT = "[sudo] stick out your gyatt for the rizzler: "; + }; + + fonts = { + fontDir.enable = true; + packages = with pkgs; [ + noto-fonts + lexend + liberation_ttf + unifont + (nerdfonts.override {fonts = ["JetBrainsMono" "Iosevka" "FiraCode" "DroidSansMono"];}) + noto-fonts-color-emoji + ]; + fontconfig = { + defaultFonts = { + emoji = ["Noto Color Emoji"]; + }; + }; + }; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # wireplumber exists so, lets *not* use the example session + wireplumber.enable = true; + }; +} diff --git a/config/networking.nix b/config/networking.nix new file mode 100644 index 0000000..764fe73 --- /dev/null +++ b/config/networking.nix @@ -0,0 +1,47 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { + # Enable networking + networking.networkmanager.enable = true; + + # we're using/prioritizing dnscrypt! + networking.nameservers = ["127.0.0.1" "::1"]; + # resolved and others conflicts with setting dns here + networking.resolvconf.enable = pkgs.lib.mkForce false; + networking.dhcpcd.extraConfig = "nohook resolv.conf"; + services.resolved.enable = false; + # also ensuring that networkmanager doesn't modify dns settings + networking.networkmanager.dns = "none"; + + # dnscrypt settings + services.dnscrypt-proxy2 = { + enable = true; + settings = { + ipv6_servers = true; + require_dnssec = true; + + sources.public-resolvers = { + # of course, sourcing from the main public lists + urls = [ + "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" + "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" + ]; + cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; + minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; + }; + + # You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md + # prioritize quad9, then adguard, and cloudflare as last resort + server_names = ["quad9-dnscrypt-ip4-filter-pri" "quad9-doh-ip4-port443-filter-pri" "quad9-doh-ip6-port443-filter-pri" "adguard-dns-doh" "adguard-dns-ipv6" "cloudflare" "cloudflare-ipv6"]; + }; + }; + + systemd.services.dnscrypt-proxy2.serviceConfig = { + StateDirectory = "dnscrypt-proxy"; + }; +} diff --git a/config/nixos.nix b/config/nixos.nix new file mode 100644 index 0000000..43cb474 --- /dev/null +++ b/config/nixos.nix @@ -0,0 +1,71 @@ +# This is your system's configuration file. +# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix) +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { + # You can import other NixOS modules here + imports = [ + # networking configuration + ./networking.nix + + # packages + ./packages.nix + + # desktop setup + ./desktop.nix + ]; + + # This will add each flake input as a registry + # To make nix3 commands consistent with your flake + nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs); + + # This will additionally add your inputs to the system's legacy channels + # Making legacy nix commands consistent as well, awesome! + nix.nixPath = ["/etc/nix/path"]; + environment.etc = + lib.mapAttrs' + (name: value: { + name = "nix/path/${name}"; + value.source = value.flake; + }) + config.nix.registry; + + nix.settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + # Deduplicate and optimize nix store + auto-optimise-store = true; + }; + + # use linux-cachy from the nyx repo. + # is this actually "required"? no, not really. but i can have it, so why not? + # see nyx: https://www.nyx.chaotic.cx/ + # see cachyos: https://github.com/CachyOS/linux-cachyos + boot.kernelPackages = pkgs.linuxPackages_cachyos; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # enable plymouth because it looks cool :))) + boot.plymouth = { + enable = true; + theme = "bgrt"; + }; + + # Enable CUPS to print documents. + services.printing = { + enable = true; + drivers = with pkgs; [canon-cups-ufr2]; + }; + services.avahi.enable = true; + services.avahi.nssmdns4 = true; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + system.stateVersion = "23.11"; +} diff --git a/config/packages.nix b/config/packages.nix new file mode 100644 index 0000000..21ec528 --- /dev/null +++ b/config/packages.nix @@ -0,0 +1,80 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { + nixpkgs = { + # You can add overlays here + overlays = [ + # Add overlays your own flake exports (from overlays and pkgs dir): + + # You can also add overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; + + # flatpaks for the one time i'll need them for some reason + services.flatpak.enable = true; + + # system packages + environment.systemPackages = with pkgs; [ + git + wget + fzf + curl + curlHTTP3 + virt-manager + pinentry-curses + kitty + wezterm + distrobox + ]; + + # firefox + programs.firefox.enable = true; + + # steam + programs.steam.enable = true; + + # android debugging tools + programs.adb.enable = true; + + # gnupg is basically required for everything i use + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # podmen + virtualisation.podman = { + enable = true; + dockerCompat = true; + dockerSocket.enable = true; + }; + + # virtualization stuff + virtualisation.libvirtd = { + enable = true; + #qemu.runAsRoot = false; + qemu.swtpm.enable = true; + }; + virtualisation.spiceUSBRedirection.enable = true; + + # waydroid + virtualisation.waydroid.enable = true; +} diff --git a/machines/thonkpad/default.nix b/machines/thonkpad/default.nix index 0d6bc71..178f556 100644 --- a/machines/thonkpad/default.nix +++ b/machines/thonkpad/default.nix @@ -10,7 +10,7 @@ # Include the results of the hardware scan. ./hardware-configuration.nix # use shared configuration - ../../nixos.nix + ../../config/nixos.nix ]; # who up thonking they diff --git a/machines/thunkpad/default.nix b/machines/thunkpad/default.nix index 6fc7a80..5b10764 100644 --- a/machines/thunkpad/default.nix +++ b/machines/thunkpad/default.nix @@ -10,7 +10,7 @@ # Include the results of the hardware scan. ./hardware-configuration.nix # use shared configuration - ../../nixos.nix + ../../config/nixos.nix ]; # who up thunking they diff --git a/nixos.nix b/nixos.nix deleted file mode 100644 index cd2a08c..0000000 --- a/nixos.nix +++ /dev/null @@ -1,253 +0,0 @@ -# This is your system's configuration file. -# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix) -{ - inputs, - outputs, - lib, - config, - pkgs, - ... -}: { - # You can import other NixOS modules here - imports = [ - # If you want to use modules your own flake exports (from modules/nixos): - # outputs.nixosModules.example - - # Or modules from other flakes (such as nixos-hardware): - # inputs.hardware.nixosModules.common-cpu-amd - # inputs.hardware.nixosModules.common-ssd - - # You can also split up your configuration and import pieces of it here: - # ./users.nix - ]; - - nixpkgs = { - # You can add overlays here - overlays = [ - # Add overlays your own flake exports (from overlays and pkgs dir): - - # You can also add overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; - - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs); - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nix.nixPath = ["/etc/nix/path"]; - environment.etc = - lib.mapAttrs' - (name: value: { - name = "nix/path/${name}"; - value.source = value.flake; - }) - config.nix.registry; - - nix.settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - }; - - # use linux-cachy from the nyx repo. - # is this actually "required"? no, not really. but i can have it, so why not? - # see nyx: https://www.nyx.chaotic.cx/ - # see cachyos: https://github.com/CachyOS/linux-cachyos - boot.kernelPackages = pkgs.linuxPackages_cachyos; - - # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - # Enable networking - networking.networkmanager.enable = true; - - # we're using/prioritizing dnscrypt! - networking.nameservers = ["127.0.0.1" "::1"]; - # resolved and others conflicts with setting dns here - networking.resolvconf.enable = pkgs.lib.mkForce false; - networking.dhcpcd.extraConfig = "nohook resolv.conf"; - services.resolved.enable = false; - # also ensuring that networkmanager doesn't modify dns settings - networking.networkmanager.dns = "none"; - - # dnscrypt settings - services.dnscrypt-proxy2 = { - enable = true; - settings = { - ipv6_servers = true; - require_dnssec = true; - - sources.public-resolvers = { - # of course, sourcing from the main public lists - urls = [ - "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" - "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" - ]; - cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; - minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; - }; - - # You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md - # prioritize quad9, then adguard, and cloudflare as last resort - server_names = ["quad9-dnscrypt-ip4-filter-pri" "quad9-doh-ip4-port443-filter-pri" "quad9-doh-ip6-port443-filter-pri" "adguard-dns-doh" "adguard-dns-ipv6" "cloudflare" "cloudflare-ipv6"]; - }; - }; - - systemd.services.dnscrypt-proxy2.serviceConfig = { - StateDirectory = "dnscrypt-proxy"; - }; - - # enable plymouth because it looks cool :))) - boot.plymouth = { - enable = true; - theme = "bgrt"; - }; - - # Enable CUPS to print documents. - services.printing = { - enable = true; - drivers = with pkgs; [canon-cups-ufr2]; - }; - services.avahi.enable = true; - services.avahi.nssmdns4 = true; - - # so, funny thing i learned - "xserver" is basically the blanket term for all gui stuff in nixos. - # this really confuses me, because i'm trying to keep xorg out of this install and only wayland in. - # i may miss some spots though. - # see: https://www.reddit.com/r/NixOS/comments/17ia1g8/i_dont_understand_nixoss_wayland_setup/ - # EDIT: they changed it !!!! - - services.xserver.enable = true; - - # use sddm and only use its wayland session - services.displayManager.sddm.enable = true; - services.displayManager.sddm.wayland.enable = true; - # default to plasma wayland session - services.displayManager.defaultSession = "plasma"; - # gyattde rizzma 6 - services.desktopManager.plasma6 = { - enable = true; - }; - - programs.xwayland.enable = true; - - # Configure keymap in X11 - services.xserver.xkb = { - layout = "us"; - }; - - # don't install some of the default packages since i don't need them - environment.plasma6.excludePackages = with pkgs.kdePackages; [ - elisa - ]; - - environment.variables = { - # wayland related - NIXOS_OZONE_WL = "1"; - # custom sudo prompt for the xds - SUDO_PROMPT = "[sudo] stick out your gyatt for the rizzler: "; - }; - - fonts = { - fontDir.enable = true; - packages = with pkgs; [ - noto-fonts - lexend - liberation_ttf - unifont - (nerdfonts.override {fonts = ["JetBrainsMono" "Iosevka" "FiraCode" "DroidSansMono"];}) - noto-fonts-color-emoji - ]; - fontconfig = { - defaultFonts = { - emoji = ["Noto Color Emoji"]; - }; - }; - }; - - # Enable sound with pipewire. - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # wireplumber exists so, lets *not* use the example session - wireplumber.enable = true; - }; - - # flatpaks for the one time i'll need them for some reason - services.flatpak.enable = true; - - # system packages - environment.systemPackages = with pkgs; [ - git - wget - fzf - curl - curlHTTP3 - virt-manager - pinentry-curses - kitty - wezterm - distrobox - ]; - - # firefox - programs.firefox.enable = true; - - # steam - programs.steam.enable = true; - - # android debugging tools - programs.adb.enable = true; - - # gnupg is basically required for everything i use - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - # podmen - virtualisation.podman = { - enable = true; - dockerCompat = true; - dockerSocket.enable = true; - }; - - # virtualization stuff - virtualisation.libvirtd = { - enable = true; - #qemu.runAsRoot = false; - qemu.swtpm.enable = true; - }; - virtualisation.spiceUSBRedirection.enable = true; - - # waydroid - virtualisation.waydroid.enable = true; - - # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "23.11"; -}